Commit eda0cf12 authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

selftests: nft_concat_range: add test for reload with no element add/del 



Add a specific test for the reload issue fixed with
commit 23c54263 ("netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone").

Add to set, then flush set content + restore without other add/remove in
the transaction.

On kernels before the fix, this test case fails:
  net,mac with reload    [FAIL]

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Reviewed-by: default avatarStefano Brivio <sbrivio@redhat.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent f459bfd4

tools/testing/selftests/netfilter/nft_concat_range.sh

+71 −1
Original line number Diff line number Diff line
@@ -27,7 +27,7 @@ TYPES="net_port port_net net6_port port_proto net6_port_mac net6_port_mac_proto 
       net6_port_net6_port net_port_mac_proto_net"



# Reported bugs, also described by TYPE_ variables below

BUGS="flush_remove_add"

BUGS="flush_remove_add reload"



# List of possible paths to pktgen script from kernel tree for performance tests

PKTGEN_SCRIPT_PATHS="
@@ -354,6 +354,23 @@ TYPE_flush_remove_add=" 
display		Add two elements, flush, re-add

"



TYPE_reload="

display		net,mac with reload

type_spec	ipv4_addr . ether_addr

chain_spec	ip daddr . ether saddr

dst		addr4

src		mac

start		1

count		1

src_delta	2000

tools		sendip nc bash

proto		udp



race_repeat	0



perf_duration	0

"



# Set template for all tests, types and rules are filled in depending on test

set_template='

flush ruleset
@@ -1473,6 +1490,59 @@ test_bug_flush_remove_add() { 
	nft flush ruleset

}



# - add ranged element, check that packets match it

# - reload the set, check packets still match

test_bug_reload() {

	setup veth send_"${proto}" set || return ${KSELFTEST_SKIP}

	rstart=${start}



	range_size=1

	for i in $(seq "${start}" $((start + count))); do

		end=$((start + range_size))



		# Avoid negative or zero-sized port ranges

		if [ $((end / 65534)) -gt $((start / 65534)) ]; then

			start=${end}

			end=$((end + 1))

		fi

		srcstart=$((start + src_delta))

		srcend=$((end + src_delta))



		add "$(format)" || return 1

		range_size=$((range_size + 1))

		start=$((end + range_size))

	done



	# check kernel does allocate pcpu sctrach map

	# for reload with no elemet add/delete

	( echo flush set inet filter test ;

	  nft list set inet filter test ) | nft -f -



	start=${rstart}

	range_size=1



	for i in $(seq "${start}" $((start + count))); do

		end=$((start + range_size))



		# Avoid negative or zero-sized port ranges

		if [ $((end / 65534)) -gt $((start / 65534)) ]; then

			start=${end}

			end=$((end + 1))

		fi

		srcstart=$((start + src_delta))

		srcend=$((end + src_delta))



		for j in $(seq ${start} $((range_size / 2 + 1)) ${end}); do

			send_match "${j}" $((j + src_delta)) || return 1

		done



		range_size=$((range_size + 1))

		start=$((end + range_size))

	done



	nft flush ruleset

}



test_reported_issues() {

	eval test_bug_"${subtest}"

}