lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <239ca679597a10b6bc00245c66419f4bdedaff83.camel@redhat.com>
Date: Fri, 21 Jul 2023 09:14:16 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: Kui-Feng Lee <sinquersw@...il.com>, Kui-Feng Lee <thinker.li@...il.com>,
  dsahern@...nel.org, davem@...emloft.net, edumazet@...gle.com,
 kuba@...nel.org,  netdev@...r.kernel.org, martin.lau@...ux.dev,
 kernel-team@...a.com, yhs@...a.com
Cc: Kui-Feng Lee <kuifeng@...a.com>
Subject: Re: [PATCH net-next v2 2/2] selftests: fib_tests: Add a test case
 for IPv6 garbage collection

On Thu, 2023-07-20 at 14:36 -0700, Kui-Feng Lee wrote:
> 
> On 7/20/23 02:32, Paolo Abeni wrote:
> > On Tue, 2023-07-18 at 11:03 -0700, Kui-Feng Lee wrote:
> > > Add 10 IPv6 routes with expiration time.  Wait for a few seconds
> > > to make sure they are removed correctly.
> > > 
> > > Signed-off-by: Kui-Feng Lee <kuifeng@...a.com>
> > 
> > Same thing as the previous patch.
> > 
> > > ---
> > >   tools/testing/selftests/net/fib_tests.sh | 49 +++++++++++++++++++++++-
> > >   1 file changed, 48 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/tools/testing/selftests/net/fib_tests.sh b/tools/testing/selftests/net/fib_tests.sh
> > > index 35d89dfa6f11..55bc6897513a 100755
> > > --- a/tools/testing/selftests/net/fib_tests.sh
> > > +++ b/tools/testing/selftests/net/fib_tests.sh
> > > @@ -9,7 +9,7 @@ ret=0
> > >   ksft_skip=4
> > >   
> > >   # all tests in this script. Can be overridden with -t option
> > > -TESTS="unregister down carrier nexthop suppress ipv6_notify ipv4_notify ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr ipv4_mangle ipv6_mangle ipv4_bcast_neigh"
> > > +TESTS="unregister down carrier nexthop suppress ipv6_notify ipv4_notify ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr ipv4_mangle ipv6_mangle ipv4_bcast_neigh fib6_gc_test"
> > 
> > At this point is likely worthy splitting the above line in multiple
> > ones, something alike:
> > 
> > TESTS="unregister down carrier nexthop suppress ipv6_notify \
> > 	ipv4_notify ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric
> > \
> > 	ipv6_route_metrics ipv4_route_metrics ipv4_route_v6_gw \
> > 	rp_filter ipv4_del_addr ipv4_mangle ipv6_mangle ipv4_bcast_neigh \
> > 	fib6_gc_test"
> > 
> > >   
> > >   VERBOSE=0
> > >   PAUSE_ON_FAIL=no
> > > @@ -747,6 +747,52 @@ fib_notify_test()
> > >   	cleanup &> /dev/null
> > >   }
> > >   
> > > +fib6_gc_test()
> > > +{
> > > +	setup
> > > +
> > > +	echo
> > > +	echo "Fib6 garbage collection test"
> > > +	set -e
> > > +
> > > +	OLD_INTERVAL=$(sysctl -n net.ipv6.route.gc_interval)
> > > +	# Check expiration of routes every 3 seconds (GC)
> > > +	$NS_EXEC sysctl -wq net.ipv6.route.gc_interval=3
> > > +
> > > +	$IP link add dummy_10 type dummy
> > > +	$IP link set dev dummy_10 up
> > > +	$IP -6 address add 2001:10::1/64 dev dummy_10
> > > +
> > > +	for i in 0 1 2 3 4 5 6 7 8 9; do
> > 		$(seq 0 9)
> > 
> > > +	    # Expire route after 2 seconds
> > > +	    $IP -6 route add 2001:20::1$i \
> > > +		via 2001:10::2 dev dummy_10 expires 2
> > > +	done
> > > +	N_EXP=$($IP -6 route list |grep expires|wc -l)
> > > +	if [ $N_EXP -ne 10 ]; then
> > > +		echo "FAIL: expected 10 routes with expires, got $N_EXP"
> > > +		ret=1
> > > +	else
> > > +	    sleep 4
> > > +	    N_EXP_s20=$($IP -6 route list |grep expires|wc -l)
> > > +
> > > +	    if [ $N_EXP_s20 -ne 0 ]; then
> > > +		echo "FAIL: expected 0 routes with expires, got $N_EXP_s20"
> > > +		ret=1
> > > +	    else
> > > +		ret=0
> > > +	    fi
> > > +	fi
> > 
> > Possibly also worth trying with a few K of permanent routes, and dump
> > the time required in both cases?
> 
> I just realized that I don't know how to measure the time required to do 
> GC without providing additional APIs or exposing numbers to procfs or 
> sysfs. Do you have any idea about this?

Something like this should do the trick

sysctl -wq net.ipv6.route.flush=1

# add routes 
#...

# delete expired routes synchronously
sysctl -wq net.ipv6.route.flush=1

Note that the net.ipv6.route.flush handler uses the 'old' flush value.

Cheers,

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ