| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2d198b1f309a5c7b44cfae80647148eb922050e7.camel@redhat.com>
Date: Tue, 02 May 2023 12:14:14 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: Vladimir Nikishkin <vladimir@...ishkin.pw>, netdev@...r.kernel.org
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
eng.alaamohamedsoliman.am@...il.com, gnault@...hat.com,
razor@...ckwall.org, idosch@...dia.com, liuhangbin@...il.com,
eyal.birger@...il.com, jtoppins@...hat.com, shuah@...nel.org,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH net-next v7 2/2] Add tests for vxlan nolocalbypass
option.
On Tue, 2023-05-02 at 00:25 +0800, Vladimir Nikishkin wrote:
> Add test to make sure that the localbypass option is on by default.
>
> Add test to change vxlan localbypass to nolocalbypass and check
> that packets are delivered to userspace.
>
> Signed-off-by: Vladimir Nikishkin <vladimir@...ishkin.pw>
> ---
> tools/testing/selftests/net/Makefile | 1 +
> .../selftests/net/test_vxlan_nolocalbypass.sh | 234 ++++++++++++++++++
> 2 files changed, 235 insertions(+)
> create mode 100755 tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
>
> diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile
> index c12df57d5539..7f3ab2a93ed6 100644
> --- a/tools/testing/selftests/net/Makefile
> +++ b/tools/testing/selftests/net/Makefile
> @@ -84,6 +84,7 @@ TEST_GEN_FILES += ip_local_port_range
> TEST_GEN_FILES += bind_wildcard
> TEST_PROGS += test_vxlan_mdb.sh
> TEST_PROGS += test_bridge_neigh_suppress.sh
> +TEST_PROGS += test_vxlan_nolocalbypass.sh
>
> TEST_FILES := settings
>
> diff --git a/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
> new file mode 100755
> index 000000000000..d8e48ab1e7e0
> --- /dev/null
> +++ b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
> @@ -0,0 +1,234 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +
> +# This file is testing that the [no]localbypass option for a vxlan device is
> +# working. With the nolocalbypass option, packets to a local destination, which
> +# have no corresponding vxlan in the kernel, will be delivered to userspace, for
> +# any userspace process to process. In this test tcpdump plays the role of such a
> +# process. This is what the test 1 is checking.
> +# The test 2 checks that without the nolocalbypass (which is equivalent to the
> +# localbypass option), the packets do not reach userspace.
> +
> +EXIT_SUCCESS=0
> +EXIT_FAIL=1
> +ksft_skip=4
> +nsuccess=0
> +nfail=0
> +
> +ret=0
> +
> +TESTS="
> +changelink_nolocalbypass_simple
> +"
> +VERBOSE=0
> +PAUSE_ON_FAIL=no
> +PAUSE=no
> +
> +
> +NETNS_NAME=vxlan_nolocalbypass_test
> +
> +################################################################################
> +# Utilities
> +
> +log_test()
> +{
> + local rc=$1
> + local expected=$2
> + local msg="$3"
> +
> + if [ ${rc} -eq ${expected} ]; then
> + printf "TEST: %-60s [ OK ]\n" "${msg}"
> + nsuccess=$((nsuccess+1))
> + else
> + ret=1
> + nfail=$((nfail+1))
> + printf "TEST: %-60s [FAIL]\n" "${msg}"
> + if [ "$VERBOSE" = "1" ]; then
> + echo " rc=$rc, expected $expected"
> + fi
> +
> + if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
> + echo
> + echo "hit enter to continue, 'q' to quit"
> + read a
> + [ "$a" = "q" ] && exit 1
> + fi
> + fi
> +
> + if [ "${PAUSE}" = "yes" ]; then
> + echo
> + echo "hit enter to continue, 'q' to quit"
> + read a
> + [ "$a" = "q" ] && exit 1
> + fi
> +
> + [ "$VERBOSE" = "1" ] && echo
> +}
> +
> +run_cmd()
> +{
> + local cmd="$1"
> + local out
> + local stderr="2>/dev/null"
> +
> + if [ "$VERBOSE" = "1" ]; then
> + printf "COMMAND: $cmd\n"
> + stderr=
> + fi
> +
> + out=$(eval $cmd $stderr)
> + rc=$?
> + if [ "$VERBOSE" = "1" -a -n "$out" ]; then
> + echo " $out"
> + fi
> +
> + return $rc
> +}
> +
> +socat_check_packets()
> +{
> + echo TODO
> + exit 1
Minor nit: please use a consistent number of spaces to indent e.g. 4
Note that net-next is currently close, you should submit the next
revision when net-next reopens after May 8th.
Cheers,
Paolo
Powered by blists - more mailing lists