lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250217134109.311176-9-idosch@nvidia.com>
Date: Mon, 17 Feb 2025 15:41:09 +0200
From: Ido Schimmel <idosch@...dia.com>
To: <netdev@...r.kernel.org>
CC: <davem@...emloft.net>, <kuba@...nel.org>, <pabeni@...hat.com>,
	<edumazet@...gle.com>, <horms@...nel.org>, <donald.hunter@...il.com>,
	<dsahern@...nel.org>, <petrm@...dia.com>, <gnault@...hat.com>, Ido Schimmel
	<idosch@...dia.com>
Subject: [PATCH net-next 8/8] selftests: fib_rule_tests: Add port mask match tests

Add tests for FIB rules that match on source and destination ports with
a mask. Test both good and bad flows.

 # ./fib_rule_tests.sh
 IPv6 FIB rule tests
 [...]
    TEST: rule6 check: sport and dport redirect to table                [ OK ]
    TEST: rule6 check: sport and dport no redirect to table             [ OK ]
    TEST: rule6 del by pref: sport and dport redirect to table          [ OK ]
    TEST: rule6 check: sport and dport range redirect to table          [ OK ]
    TEST: rule6 check: sport and dport range no redirect to table       [ OK ]
    TEST: rule6 del by pref: sport and dport range redirect to table    [ OK ]
    TEST: rule6 check: sport and dport masked redirect to table         [ OK ]
    TEST: rule6 check: sport and dport masked no redirect to table      [ OK ]
    TEST: rule6 del by pref: sport and dport masked redirect to table   [ OK ]
 [...]

 Tests passed: 292
 Tests failed:   0

Reviewed-by: Petr Machata <petrm@...dia.com>
Signed-off-by: Ido Schimmel <idosch@...dia.com>
---
 tools/testing/selftests/net/fib_rule_tests.sh | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tools/testing/selftests/net/fib_rule_tests.sh b/tools/testing/selftests/net/fib_rule_tests.sh
index 12a6e219d683..06c51d7ceb4a 100755
--- a/tools/testing/selftests/net/fib_rule_tests.sh
+++ b/tools/testing/selftests/net/fib_rule_tests.sh
@@ -266,6 +266,16 @@ fib_rule6_test()
 			"sport and dport range no redirect to table"
 	fi
 
+	ip rule help 2>&1 | grep sport | grep -q MASK
+	if [ $? -eq 0 ]; then
+		match="sport 0x0f00/0xff00 dport 0x000f/0x00ff"
+		getmatch="sport 0x0f11 dport 0x220f"
+		getnomatch="sport 0x1f11 dport 0x221f"
+		fib_rule6_test_match_n_redirect "$match" "$getmatch" \
+			"$getnomatch" "sport and dport masked redirect to table" \
+			"sport and dport masked no redirect to table"
+	fi
+
 	fib_check_iproute_support "ipproto" "ipproto"
 	if [ $? -eq 0 ]; then
 		match="ipproto tcp"
@@ -543,6 +553,16 @@ fib_rule4_test()
 			"sport and dport range no redirect to table"
 	fi
 
+	ip rule help 2>&1 | grep sport | grep -q MASK
+	if [ $? -eq 0 ]; then
+		match="sport 0x0f00/0xff00 dport 0x000f/0x00ff"
+		getmatch="sport 0x0f11 dport 0x220f"
+		getnomatch="sport 0x1f11 dport 0x221f"
+		fib_rule4_test_match_n_redirect "$match" "$getmatch" \
+			"$getnomatch" "sport and dport masked redirect to table" \
+			"sport and dport masked no redirect to table"
+	fi
+
 	fib_check_iproute_support "ipproto" "ipproto"
 	if [ $? -eq 0 ]; then
 		match="ipproto tcp"
-- 
2.48.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ