lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <604c7b1d-f366-4faa-9abd-bae8ae73b561@kernel.org>
Date: Thu, 8 Jan 2026 08:20:48 -0700
From: David Ahern <dsahern@...nel.org>
To: Fernando Fernandez Mancera <fmancera@...e.de>, netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com,
 horms@...nel.org, shuah@...nel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH 2/2 net-next v2] selftests: ipv6_icmp: add tests for
 ICMPv6 handling

On 1/8/26 4:24 AM, Fernando Fernandez Mancera wrote:
> On 1/7/26 5:41 PM, David Ahern wrote:
>> On 1/7/26 8:38 AM, Fernando Fernandez Mancera wrote:
>>> +icmpv6_to_vrf_based_local_address()
>>> +{
>>> +    local rc
>>> +    local lldummy
>>> +
>>> +    echo
>>> +    echo "ICMPv6 to VRF based local address"
>>> +
>>> +    setup
>>> +
>>> +    lldummy=$(get_linklocal dummy0)
>>> +
>>> +    if [ -z "$lldummy" ]; then
>>> +        echo "Failed to get link local address for dummy0"
>>> +        return 1
>>> +    fi
>>> +
>>> +    run_cmd "$NS_EXEC sysctl -w net.ipv6.conf.all.keep_addr_on_down=1"
>>> +
>>> +    # create VRF and setup
>>> +    run_cmd "$IP link add vrf0 type vrf table 10"
>>> +    run_cmd "$IP link set vrf0 up"
>>> +    run_cmd "$IP link set dummy0 master vrf0"
>>
>> run_cmd "$IP -6 addr add ::1 dev vrf0 nodad"
>>
>> makes the VRF device the loopback.
>>
>>> +
>>> +    # route to reach 2001:db8::1/128 on VRF device and back to ::1
>>> +    run_cmd "$IP -6 route add 2001:db8:1::1/64 dev vrf0"
>>> +    run_cmd "$IP -6 route add ::1/128 dev vrf0 table 10"
>>
>> and then this route add should not be needed. This is how fcnal-test.sh
>> works.
>>
> 
> Oh neat! Thanks.
> 
>>> +
>>> +    # ping6 to link local address
>>> +    run_cmd "$NS_EXEC ${ping6} -c 3 $lldummy%dummy0"
>>> +    log_test $? 0 "Ping to link local address on VRF context"
>>> +
>>> +    # ping6 to link local address from localhost (::1)
>>> +    run_cmd "$NS_EXEC ${ping6} -c 3 -I ::1 $lldummy%dummy0"
>>
>> -I vrf0 should be needed for all VRF tests. I suspect your current
>> passing tests are because you have a single setup step and then run
>> non-VRF test followed by VRF test. Really you need to do the setup,
>> run_test, cleanup for each test.
>>
> 
> You are right here about the cleanup, although the tests are passing
> even if the cleanup is properly done or if `-t
> icmpv6_to_vrf_based_local_address`. I don't see why they should not pass.

Without ::1 on the vrf device there is no valid address. ie., ::1 is in
the default vrf and dummy0 is in the VRF so it should not be allowed.
Something is off.
> 
> I am changing them to use `-I vrf0` because it makes more sense.

I should have asked yesterday: how do these tests differ from what is
done in fcnal-test.sh - ipv4_ping and ipv6_ping? Those tests cover
loopback, linklocal address and global address combined with vrf and no vrf.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ