lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2d198b1f309a5c7b44cfae80647148eb922050e7.camel@redhat.com> Date: Tue, 02 May 2023 12:14:14 +0200 From: Paolo Abeni <pabeni@...hat.com> To: Vladimir Nikishkin <vladimir@...ishkin.pw>, netdev@...r.kernel.org Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, eng.alaamohamedsoliman.am@...il.com, gnault@...hat.com, razor@...ckwall.org, idosch@...dia.com, liuhangbin@...il.com, eyal.birger@...il.com, jtoppins@...hat.com, shuah@...nel.org, linux-kselftest@...r.kernel.org Subject: Re: [PATCH net-next v7 2/2] Add tests for vxlan nolocalbypass option. On Tue, 2023-05-02 at 00:25 +0800, Vladimir Nikishkin wrote: > Add test to make sure that the localbypass option is on by default. > > Add test to change vxlan localbypass to nolocalbypass and check > that packets are delivered to userspace. > > Signed-off-by: Vladimir Nikishkin <vladimir@...ishkin.pw> > --- > tools/testing/selftests/net/Makefile | 1 + > .../selftests/net/test_vxlan_nolocalbypass.sh | 234 ++++++++++++++++++ > 2 files changed, 235 insertions(+) > create mode 100755 tools/testing/selftests/net/test_vxlan_nolocalbypass.sh > > diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile > index c12df57d5539..7f3ab2a93ed6 100644 > --- a/tools/testing/selftests/net/Makefile > +++ b/tools/testing/selftests/net/Makefile > @@ -84,6 +84,7 @@ TEST_GEN_FILES += ip_local_port_range > TEST_GEN_FILES += bind_wildcard > TEST_PROGS += test_vxlan_mdb.sh > TEST_PROGS += test_bridge_neigh_suppress.sh > +TEST_PROGS += test_vxlan_nolocalbypass.sh > > TEST_FILES := settings > > diff --git a/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh > new file mode 100755 > index 000000000000..d8e48ab1e7e0 > --- /dev/null > +++ b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh > @@ -0,0 +1,234 @@ > +#!/bin/bash > +# SPDX-License-Identifier: GPL-2.0 > + > +# This file is testing that the [no]localbypass option for a vxlan device is > +# working. With the nolocalbypass option, packets to a local destination, which > +# have no corresponding vxlan in the kernel, will be delivered to userspace, for > +# any userspace process to process. In this test tcpdump plays the role of such a > +# process. This is what the test 1 is checking. > +# The test 2 checks that without the nolocalbypass (which is equivalent to the > +# localbypass option), the packets do not reach userspace. > + > +EXIT_SUCCESS=0 > +EXIT_FAIL=1 > +ksft_skip=4 > +nsuccess=0 > +nfail=0 > + > +ret=0 > + > +TESTS=" > +changelink_nolocalbypass_simple > +" > +VERBOSE=0 > +PAUSE_ON_FAIL=no > +PAUSE=no > + > + > +NETNS_NAME=vxlan_nolocalbypass_test > + > +################################################################################ > +# Utilities > + > +log_test() > +{ > + local rc=$1 > + local expected=$2 > + local msg="$3" > + > + if [ ${rc} -eq ${expected} ]; then > + printf "TEST: %-60s [ OK ]\n" "${msg}" > + nsuccess=$((nsuccess+1)) > + else > + ret=1 > + nfail=$((nfail+1)) > + printf "TEST: %-60s [FAIL]\n" "${msg}" > + if [ "$VERBOSE" = "1" ]; then > + echo " rc=$rc, expected $expected" > + fi > + > + if [ "${PAUSE_ON_FAIL}" = "yes" ]; then > + echo > + echo "hit enter to continue, 'q' to quit" > + read a > + [ "$a" = "q" ] && exit 1 > + fi > + fi > + > + if [ "${PAUSE}" = "yes" ]; then > + echo > + echo "hit enter to continue, 'q' to quit" > + read a > + [ "$a" = "q" ] && exit 1 > + fi > + > + [ "$VERBOSE" = "1" ] && echo > +} > + > +run_cmd() > +{ > + local cmd="$1" > + local out > + local stderr="2>/dev/null" > + > + if [ "$VERBOSE" = "1" ]; then > + printf "COMMAND: $cmd\n" > + stderr= > + fi > + > + out=$(eval $cmd $stderr) > + rc=$? > + if [ "$VERBOSE" = "1" -a -n "$out" ]; then > + echo " $out" > + fi > + > + return $rc > +} > + > +socat_check_packets() > +{ > + echo TODO > + exit 1 Minor nit: please use a consistent number of spaces to indent e.g. 4 Note that net-next is currently close, you should submit the next revision when net-next reopens after May 8th. Cheers, Paolo
Powered by blists - more mailing lists