selftests: netfilter: nft_concat_range.sh: add check for overlap detection bug

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

without 'netfilter: nft_set_pipapo: fix range overlap detection':

reject overlapping range on add 0s [FAIL]
Returned success for add { 1.2.3.4 . 1.2.4.1-1.2.4.2 } given set:
table inet filter {
[..]
elements = { 1.2.3.4 . 1.2.4.1 counter packets 0 bytes 0,
1.2.3.0-1.2.3.4 . 1.2.4.2 counter packets 0 bytes 0 }
}

The element collides with existing ones and was not added, but kernel
returned success to userspace.

Signed-off-by: Florian Westphal <fw@strlen.de>

Florian Westphal 3 months ago a675d1ca 7711f4bb

+44 -1

1 changed file

expand all

tools

testing

selftests

net

netfilter

nft_concat_range.sh

+44 -1

tools/testing/selftests/net/netfilter/nft_concat_range.sh

··· 29 29 net6_port_net6_port net_port_mac_proto_net" 30 30 31 31 # Reported bugs, also described by TYPE_ variables below 32 - BUGS="flush_remove_add reload net_port_proto_match avx2_mismatch doublecreate" 32 + BUGS="flush_remove_add reload net_port_proto_match avx2_mismatch doublecreate insert_overlap" 33 33 34 34 # List of possible paths to pktgen script from kernel tree for performance tests 35 35 PKTGEN_SCRIPT_PATHS=" ··· 410 410 411 411 TYPE_doublecreate=" 412 412 display cannot create same element twice 413 + type_spec ipv4_addr . ipv4_addr 414 + chain_spec ip saddr . ip daddr 415 + dst addr4 416 + proto icmp 417 + 418 + race_repeat 0 419 + 420 + perf_duration 0 421 + " 422 + 423 + TYPE_insert_overlap=" 424 + display reject overlapping range on add 413 425 type_spec ipv4_addr . ipv4_addr 414 426 chain_spec ip saddr . ip daddr 415 427 dst addr4 ··· 1962 1950 err "Could not flush and re-create element in one transaction" 1963 1951 return 1 1964 1952 fi 1953 + 1954 + return 0 1955 + } 1956 + 1957 + add_fail() 1958 + { 1959 + if nft add element inet filter test "$1" 2>/dev/null ; then 1960 + err "Returned success for add ${1} given set:" 1961 + err "$(nft -a list set inet filter test )" 1962 + return 1 1963 + fi 1964 + 1965 + return 0 1966 + } 1967 + 1968 + test_bug_insert_overlap() 1969 + { 1970 + local elements="1.2.3.4 . 1.2.4.1" 1971 + 1972 + setup veth send_"${proto}" set || return ${ksft_skip} 1973 + 1974 + add "{ $elements }" || return 1 1975 + 1976 + elements="1.2.3.0-1.2.3.4 . 1.2.4.1" 1977 + add_fail "{ $elements }" || return 1 1978 + 1979 + elements="1.2.3.0-1.2.3.4 . 1.2.4.2" 1980 + add "{ $elements }" || return 1 1981 + 1982 + elements="1.2.3.4 . 1.2.4.1-1.2.4.2" 1983 + add_fail "{ $elements }" || return 1 1965 1984 1966 1985 return 0 1967 1986 }