- Linux-kselftest-mirror - lists.linaro.org

[PATCH] selftests/bpf: Fix spelling mistake "unpriviledged" -> "unprivileged"

by Colin Ian King

There a couple of spelling mistakes, one in a literal string and one in a comment. Fix them. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/bpf/verifier/calls.c | 2 +- tools/testing/selftests/bpf/verifier/var_off.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/verifier/calls.c b/tools/testing/selftests/bpf/verifier/calls.c index 3fb4f69b1962..e1a937277b54 100644 --- a/tools/testing/selftests/bpf/verifier/calls.c +++ b/tools/testing/selftests/bpf/verifier/calls.c @@ -284,7 +284,7 @@ .result = ACCEPT, }, { - "calls: not on unpriviledged", + "calls: not on unprivileged", .insns = { BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 1, 0, 2), BPF_MOV64_IMM(BPF_REG_0, 1), diff --git a/tools/testing/selftests/bpf/verifier/var_off.c b/tools/testing/selftests/bpf/verifier/var_off.c index 187c6f6e32bc..d37f512fad16 100644 --- a/tools/testing/selftests/bpf/verifier/var_off.c +++ b/tools/testing/selftests/bpf/verifier/var_off.c @@ -121,7 +121,7 @@ BPF_EXIT_INSN(), }, .fixup_map_hash_8b = { 1 }, - /* The unpriviledged case is not too interesting; variable + /* The unprivileged case is not too interesting; variable * stack access is rejected. */ .errstr_unpriv = "R2 variable stack access prohibited for !root", -- 2.37.1

2 years, 9 months

3
2
0 0

[RFC][PATCH 0/3] bpf: Enforce map fd modes in verifier

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> === All credits of this patch set go to Lorenz Bauer <oss(a)lmb.io>, as he identified this issue and proposed a number of solutions. === Lorenz presented at the Linux Plumbers EU 2022 a talk with title 'Closing the BPF map permission loophole', where he reported that read-only fds can be used for map update operations, if they were provided to eBPF programs. This work initially started as PoC to reproduce the reported bug, and became the test for validating an idea on how to fix the bug. Patch 1 adds a dependency necessary for the tests. The actual fix, in patch 2, is relatively simple. It is based on an already existing enforcement mechanism in the eBPF verifier for map flags. As Lorenz mentioned, a problem would be backporting this fix to stable kernels which don't have that enforcement mechanism. However, backporting just the enforcement mechanism itself (without introducing the new map flags and allowing user space to use them) could meet the stable kernel criteria. Alternatively, a completely different fix can be developed for older stable kernels, like what Lorenz suggested, to refuse fds which are not read/write. Finally, patch 3 introduces the tests. Roberto Sassu (3): libbpf: Define bpf_get_fd_opts and introduce bpf_map_get_fd_by_id_opts() bpf: Enforce granted permissions in a map fd at verifier level selftests/bpf: Test enforcement of map fd permissions at verifier level include/linux/bpf.h | 13 + include/linux/bpf_verifier.h | 1 + kernel/bpf/verifier.c | 26 +- tools/lib/bpf/bpf.c | 12 +- tools/lib/bpf/bpf.h | 10 + tools/lib/bpf/libbpf.map | 3 +- .../selftests/bpf/prog_tests/map_fd_perm.c | 227 ++++++++++++++++++ 7 files changed, 288 insertions(+), 4 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/map_fd_perm.c -- 2.25.1

2 years, 9 months

2
4
0 0

Re: [PATCH -next v5 2/4] selftests/memory-hotplug: Restore memory before exit

by zhaogongyi

Hi! > > On 30.09.22 08:35, Zhao Gongyi wrote: > > Some momory will be left in offline state when calling > > offline_memory_expect_fail() failed. Restore it before exit. > > > > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com> > > --- > > .../memory-hotplug/mem-on-off-test.sh | 21 > ++++++++++++++----- > > 1 file changed, 16 insertions(+), 5 deletions(-) > > > > diff --git a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > index 1d87611a7d52..91a7457616bb 100755 > > --- a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > +++ b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > @@ -134,6 +134,16 @@ offline_memory_expect_fail() > > return 0 > > } > > > > +online_all_offline_memory() > > +{ > > + for memory in `hotpluggable_offline_memory`; do > > + if ! online_memory_expect_success $memory; then > > + echo "$FUNCNAME $memory: unexpected fail" >&2 > > Do we need that output? In my opinion, if online a memory node failed ,it should be a kernel bug catched, so, I think the output here is needed. Thanks! Gongyi

2 years, 9 months

2
1
0 0

[PATCH -next v5 0/4] Optimize and bugfix for memory-hotplug

by Zhao Gongyi

1. Add checking after online or offline 2. Restore memory before exit 3. Adjust log info for maintainability 4. Correct test's name Changes in v5: - Adjust log info for maintainability Changes in v4: - Remove redundant log information Changes in v3: - Remove 2 obselute patches Zhao Gongyi (4): selftests/memory-hotplug: Add checking after online or offline selftests/memory-hotplug: Restore memory before exit selftests/memory-hotplug: Adjust log info for maintainability docs: notifier-error-inject: Correct test's name .../fault-injection/notifier-error-inject.rst | 4 +-- .../memory-hotplug/mem-on-off-test.sh | 34 +++++++++++++++---- 2 files changed, 29 insertions(+), 9 deletions(-) -- 2.17.1

2 years, 9 months

2
7
0 0

[PATCH v2] Documentation: Kunit: Use full path to .kunitconfig

by Khalid Masum

The fourth list item on writing test cases instructs adding Kconfig fragments to .kunitconfig, which should have been full path to the file (.kunit/.kunitconfig). Cc: Sadiya Kazi <sadiyakazi(a)google.com> Cc: David Gow <davidgow(a)google.com> Suggested-by: Bagas Sanjaya <bagasdotme(a)gmail.com> Signed-off-by: Khalid Masum <khalid.masum.92(a)gmail.com> --- Changes since v1: - Update commit message - Make the instruction more descriptive Documentation/dev-tools/kunit/start.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst index 867a4bba6bf6..69361065cda6 100644 --- a/Documentation/dev-tools/kunit/start.rst +++ b/Documentation/dev-tools/kunit/start.rst @@ -217,7 +217,7 @@ Now we are ready to write the test cases. obj-$(CONFIG_MISC_EXAMPLE_TEST) += example_test.o -4. Add the following lines to ``.kunitconfig``: +4. Add following configuration fragments to ``.kunit/.kunitconfig``: .. code-block:: none -- 2.37.3

2 years, 9 months

3
2
0 0

[PATCH v5 net-next 0/6] Extend locked port feature with FDB locked flag (MAC-Auth/MAB)

by Hans Schultz

This patch set extends the locked port feature for devices that are behind a locked port, but do not have the ability to authorize themselves as a supplicant using IEEE 802.1X. Such devices can be printers, meters or anything related to fixed installations. Instead of 802.1X authorization, devices can get access based on their MAC addresses being whitelisted. For an authorization daemon to detect that a device is trying to get access through a locked port, the bridge will add the MAC address of the device to the FDB with a locked flag to it. Thus the authorization daemon can catch the FDB add event and check if the MAC address is in the whitelist and if so replace the FDB entry without the locked flag enabled, and thus open the port for the device. This feature is known as MAC-Auth or MAC Authentication Bypass (MAB) in Cisco terminology, where the full MAB concept involves additional Cisco infrastructure for authorization. There is no real authentication process, as the MAC address of the device is the only input the authorization daemon, in the general case, has to base the decision if to unlock the port or not. With this patch set, an implementation of the offloaded case is supplied for the mv88e6xxx driver. When a packet ingresses on a locked port, an ATU miss violation event will occur. When handling such ATU miss violation interrupts, the MAC address of the device is added to the FDB with a zero destination port vector (DPV) and the MAC address is communicated through the switchdev layer to the bridge, so that a FDB entry with the locked flag enabled can be added. Log: v3: Added timers and lists in the driver (mv88e6xxx) to keep track of and remove locked entries. v4: Leave out enforcing a limit to the number of locked entries in the bridge. Removed the timers in the driver and use the worker only. Add locked FDB flag to all drivers using port_fdb_add() from the dsa api and let all drivers ignore entries with this flag set. Change how to get the ageing timeout of locked entries. See global1_atu.c and switchdev.c. Use struct mv88e6xxx_port for locked entries variables instead of struct dsa_port. v5: Added 'mab' flag to enable MAB/MacAuth feature, in a similar way to the locked feature flag. In these implementations for the mv88e6xxx, the switchport must be configured with learning on. To tell userspace about the behavior of the locked entries in the driver, a 'blackhole' FDB flag has been added, which locked FDB entries coming from the driver gets. Also the 'sticky' flag comes with those locked entries, as the drivers locked entries cannot roam. Fixed issues with taking mutex locks, and added a function to read the fid, that supports all versions of the chipset family. Hans Schultz (6): net: bridge: add locked entry fdb flag to extend locked port feature net: switchdev: add support for offloading of fdb locked flag drivers: net: dsa: add locked fdb entry flag to drivers net: dsa: mv88e6xxx: allow reading FID when handling ATU violations net: dsa: mv88e6xxx: MacAuth/MAB implementation selftests: forwarding: add test of MAC-Auth Bypass to locked port tests drivers/net/dsa/b53/b53_common.c | 5 + drivers/net/dsa/b53/b53_priv.h | 1 + drivers/net/dsa/hirschmann/hellcreek.c | 5 + drivers/net/dsa/lan9303-core.c | 5 + drivers/net/dsa/lantiq_gswip.c | 5 + drivers/net/dsa/microchip/ksz_common.c | 5 + drivers/net/dsa/mt7530.c | 5 + drivers/net/dsa/mv88e6xxx/Makefile | 1 + drivers/net/dsa/mv88e6xxx/chip.c | 81 ++++- drivers/net/dsa/mv88e6xxx/chip.h | 19 ++ drivers/net/dsa/mv88e6xxx/global1.h | 1 + drivers/net/dsa/mv88e6xxx/global1_atu.c | 76 ++++- drivers/net/dsa/mv88e6xxx/port.c | 15 +- drivers/net/dsa/mv88e6xxx/port.h | 6 + drivers/net/dsa/mv88e6xxx/switchdev.c | 285 ++++++++++++++++++ drivers/net/dsa/mv88e6xxx/switchdev.h | 37 +++ drivers/net/dsa/ocelot/felix.c | 5 + drivers/net/dsa/qca/qca8k-common.c | 5 + drivers/net/dsa/qca/qca8k.h | 1 + drivers/net/dsa/sja1105/sja1105_main.c | 7 +- include/linux/if_bridge.h | 1 + include/net/dsa.h | 1 + include/net/switchdev.h | 3 + include/uapi/linux/if_link.h | 1 + include/uapi/linux/neighbour.h | 4 +- net/bridge/br.c | 5 +- net/bridge/br_fdb.c | 43 ++- net/bridge/br_input.c | 16 +- net/bridge/br_netlink.c | 9 +- net/bridge/br_private.h | 7 +- net/bridge/br_switchdev.c | 5 +- net/dsa/dsa_priv.h | 4 +- net/dsa/port.c | 7 +- net/dsa/slave.c | 4 +- net/dsa/switch.c | 10 +- .../net/forwarding/bridge_locked_port.sh | 107 ++++++- .../net/forwarding/bridge_sticky_fdb.sh | 21 +- 37 files changed, 768 insertions(+), 50 deletions(-) create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.c create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.h -- 2.30.2

2 years, 9 months

6
68
0 0

[PATCH v1 0/3] kselftest/arm64: fp-stress updates

by Mark Brown

A few small updates for fp-stress, improving the usability with signal handling a bit. Mark Brown (3): kselftest/arm64: Don't repeat termination handler for fp-stress kselftest/arm64: Flag fp-stress as exiting when we begin finishing up kselftest/arm64: Handle EINTR while reading data from children tools/testing/selftests/arm64/fp/fp-stress.c | 90 ++++++++++++-------- 1 file changed, 55 insertions(+), 35 deletions(-) base-commit: ea84edbf08025e592f58b0d9b282777a9ca9fb22 -- 2.30.2

2 years, 9 months

2
4
0 0

[PATCH] kselftest/arm64: Don't enable v8.5 for MTE selftest builds

by Mark Brown

Currently we set -march=armv8.5+memtag when building the MTE selftests, allowing the compiler to emit v8.5 and MTE instructions for anything it generates. This means that we may get code that will generate SIGILLs when run on older systems rather than skipping on non-MTE systems as should be the case. Most toolchains don't select any incompatible instructions but I have seen some reports which suggest that some may be appearing which do so. This is also potentially problematic in that if the compiler chooses to emit any MTE instructions for the C code it may interfere with the MTE usage we are trying to test. Since the only reason we are specifying this option is to allow us to assemble MTE instructions in mte_helper.S we can avoid these issues by moving to using a .arch directive there and adding the -march explicitly to the toolchain support check instead of the generic CFLAGS. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/arm64/mte/Makefile | 5 +---- tools/testing/selftests/arm64/mte/mte_helper.S | 2 ++ 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/arm64/mte/Makefile b/tools/testing/selftests/arm64/mte/Makefile index a5a0744423d8..037046f5784e 100644 --- a/tools/testing/selftests/arm64/mte/Makefile +++ b/tools/testing/selftests/arm64/mte/Makefile @@ -11,11 +11,8 @@ LDFLAGS += -pthread SRCS := $(filter-out mte_common_util.c,$(wildcard *.c)) PROGS := $(patsubst %.c,%,$(SRCS)) -#Add mte compiler option -CFLAGS += -march=armv8.5-a+memtag - #check if the compiler works well -mte_cc_support := $(shell if ($(CC) $(CFLAGS) -E -x c /dev/null -o /dev/null 2>&1) then echo "1"; fi) +mte_cc_support := $(shell if ($(CC) $(CFLAGS) -march=armv8.5-a+memtag -E -x c /dev/null -o /dev/null 2>&1) then echo "1"; fi) ifeq ($(mte_cc_support),1) # Generated binaries to be installed by top KSFT script diff --git a/tools/testing/selftests/arm64/mte/mte_helper.S b/tools/testing/selftests/arm64/mte/mte_helper.S index a02c04cd0aac..a55dbbc56ed1 100644 --- a/tools/testing/selftests/arm64/mte/mte_helper.S +++ b/tools/testing/selftests/arm64/mte/mte_helper.S @@ -3,6 +3,8 @@ #include "mte_def.h" +.arch armv8.5-a+memtag + #define ENTRY(name) \ .globl name ;\ .p2align 2;\ -- 2.30.2

2 years, 9 months

2
1
0 0

[PATCH v6 net-next 9/9] selftests: forwarding: add test of MAC-Auth Bypass to locked port tests

by Hans Schultz

From: "Hans J. Schultz" <netdev(a)kapio-technology.com> Verify that the MAC-Auth mechanism works by adding a FDB entry with the locked flag set, denying access until the FDB entry is replaced with a FDB entry without the locked flag set. Add test of blackhole fdb entries, verifying that there is no forwarding to a blackhole entry from any port, and that the blackhole entry can be replaced. Also add a test that verifies that sticky FDB entries cannot roam (this is not needed for now, but should in general be present anyhow for future applications). Signed-off-by: Hans J. Schultz <netdev(a)kapio-technology.com> --- .../net/forwarding/bridge_blackhole_fdb.sh | 102 +++++++++++++++++ .../net/forwarding/bridge_locked_port.sh | 106 +++++++++++++++++- .../net/forwarding/bridge_sticky_fdb.sh | 21 +++- tools/testing/selftests/net/forwarding/lib.sh | 18 +++ 4 files changed, 245 insertions(+), 2 deletions(-) create mode 100755 tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh diff --git a/tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh b/tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh new file mode 100755 index 000000000000..54b1a51e1ed6 --- /dev/null +++ b/tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh @@ -0,0 +1,102 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +ALL_TESTS="blackhole_fdb" +NUM_NETIFS=4 +source lib.sh + +switch_create() +{ + ip link add dev br0 type bridge + + ip link set dev $swp1 master br0 + ip link set dev $swp2 master br0 + + ip link set dev br0 up + ip link set dev $h1 up + ip link set dev $swp1 up + ip link set dev $h2 up + ip link set dev $swp2 up + + tc qdisc add dev $swp2 clsact +} + +switch_destroy() +{ + tc qdisc del dev $swp2 clsact + + ip link set dev $swp2 down + ip link set dev $h2 down + ip link set dev $swp1 down + ip link set dev $h1 down + + ip link del dev br0 +} + +setup_prepare() +{ + h1=${NETIFS[p1]} + swp1=${NETIFS[p2]} + h2=${NETIFS[p3]} + swp2=${NETIFS[p4]} + + switch_create +} + +cleanup() +{ + pre_cleanup + switch_destroy +} + +# Check that there is no egress with blackhole entry and that blackhole entries can be replaced +blackhole_fdb() +{ + RET=0 + + check_blackhole_fdb_support || return 0 + + tc filter add dev $swp2 egress protocol ip pref 1 handle 1 flower \ + dst_ip 192.0.2.2 ip_proto udp dst_port 12345 action pass + + $MZ $h1 -c 1 -p 128 -t udp "sp=54321,dp=12345" \ + -a own -b `mac_get $h2` -A 192.0.2.1 -B 192.0.2.2 -q + + tc_check_packets "dev $swp2 egress" 1 1 + check_err $? "Packet not seen on egress before adding blackhole entry" + + bridge fdb add `mac_get $h2` dev br0 blackhole + bridge fdb get `mac_get $h2` br br0 | grep -q blackhole + check_err $? "Blackhole entry not found" + + $MZ $h1 -c 1 -p 128 -t udp "sp=54321,dp=12345" \ + -a own -b `mac_get $h2` -A 192.0.2.1 -B 192.0.2.2 -q + + tc_check_packets "dev $swp2 egress" 1 1 + check_err $? "Packet seen on egress after adding blackhole entry" + + # Check blackhole entries can be replaced. + bridge fdb replace `mac_get $h2` dev $swp2 master static + bridge fdb get `mac_get $h2` br br0 | grep -q blackhole + check_fail $? "Blackhole entry found after replacement" + + $MZ $h1 -c 1 -p 128 -t udp "sp=54321,dp=12345" \ + -a own -b `mac_get $h2` -A 192.0.2.1 -B 192.0.2.2 -q + + tc_check_packets "dev $swp2 egress" 1 2 + check_err $? "Packet not seen on egress after replacing blackhole entry" + + bridge fdb del `mac_get $h2` dev $swp2 master static + tc filter del dev $swp2 egress protocol ip pref 1 handle 1 flower + + log_test "Blackhole FDB entry" +} + +trap cleanup EXIT + +setup_prepare +setup_wait + +tests_run + +exit $EXIT_STATUS diff --git a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh index 5b02b6b60ce7..59b8b7666eab 100755 --- a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh +++ b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh @@ -1,7 +1,15 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0 -ALL_TESTS="locked_port_ipv4 locked_port_ipv6 locked_port_vlan" +ALL_TESTS=" + locked_port_ipv4 + locked_port_ipv6 + locked_port_vlan + locked_port_mab + locked_port_station_move + locked_port_mab_station_move +" + NUM_NETIFS=4 CHECK_TC="no" source lib.sh @@ -166,6 +174,102 @@ locked_port_ipv6() log_test "Locked port ipv6" } +locked_port_mab() +{ + RET=0 + check_locked_port_support || return 0 + + ping_do $h1 192.0.2.2 + check_err $? "MAB: Ping did not work before locking port" + + bridge link set dev $swp1 locked on + check_port_mab_support $swp1 || return 0 + + ping_do $h1 192.0.2.2 + check_fail $? "MAB: Ping worked on locked port without FDB entry" + + bridge fdb show | grep `mac_get $h1` | grep -q "locked" + check_err $? "MAB: No locked fdb entry after ping on locked port" + + bridge fdb replace `mac_get $h1` dev $swp1 master static + + ping_do $h1 192.0.2.2 + check_err $? "MAB: Ping did not work with fdb entry without locked flag" + + bridge fdb del `mac_get $h1` dev $swp1 master + bridge link set dev $swp1 locked off mab off + + log_test "Locked port MAB" +} + +# No roaming allowed to a simple locked port +locked_port_station_move() +{ + local mac=a0:b0:c0:c0:b0:a0 + + RET=0 + check_locked_port_support || return 0 + + bridge link set dev $swp1 locked on + + $MZ $h1 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "master br0" + check_fail $? "Locked port station move: FDB entry on first injection" + + $MZ $h2 -q -t udp -a $mac -b rand + bridge fdb show dev $swp2 | grep "$mac vlan 1" | grep -q "master br0" + check_err $? "Locked port station move: Entry not found on unlocked port" + + $MZ $h1 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "master br0" + check_fail $? "Locked port station move: entry roamed to locked port" + + bridge link set dev $swp1 locked off + + log_test "Locked port station move" +} + +# Roaming to and from a MAB enabled port should work if sticky flag is not set +locked_port_mab_station_move() +{ + local mac=10:20:30:30:20:10 + + RET=0 + check_locked_port_support || return 0 + + bridge link set dev $swp1 locked on + + check_port_mab_support $swp1 || return 0 + + $MZ $h1 -q -t udp -a $mac -b rand + if bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "permanent"; then + echo "SKIP: Roaming not possible with local flag, skipping test..." + bridge link set dev $swp1 locked off mab off + return $ksft_skip + fi + + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "locked" + check_err $? "MAB station move: no locked entry on first injection" + + $MZ $h2 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "locked" + check_fail $? "MAB station move: locked entry did not move" + + bridge fdb show dev $swp2 | grep "$mac vlan 1" | grep -q "locked" + check_fail $? "MAB station move: roamed entry to unlocked port had locked flag on" + + bridge fdb show dev $swp2 | grep "$mac vlan 1" | grep -q "master br0" + check_err $? "MAB station move: roamed entry not found" + + $MZ $h1 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep "master br0" | grep -q "locked" + check_fail $? "MAB station move: entry roamed back to locked port" + + bridge link set dev $swp1 locked off mab off + + log_test "Locked port MAB station move" +} + trap cleanup EXIT setup_prepare diff --git a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh index 1f8ef0eff862..bca77bc3fe09 100755 --- a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh +++ b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh @@ -1,7 +1,7 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0 -ALL_TESTS="sticky" +ALL_TESTS="sticky sticky_no_roaming" NUM_NETIFS=4 TEST_MAC=de:ad:be:ef:13:37 source lib.sh @@ -59,6 +59,25 @@ sticky() log_test "Sticky fdb entry" } +# No roaming allowed with the sticky flag set +sticky_no_roaming() +{ + local mac=a8:b4:c2:c2:b4:a8 + + RET=0 + + bridge link set dev $swp2 learning on + bridge fdb add $mac dev $swp1 master static sticky + bridge fdb show dev $swp1 | grep "$mac master br0" | grep -q sticky + check_err $? "Sticky no roaming: No sticky FDB entry found after adding" + + $MZ $h2 -q -t udp -c 10 -d 100msec -a $mac -b rand + bridge fdb show dev $swp2 | grep "$mac master br0" | grep -q sticky + check_fail $? "Sticky no roaming: Sticky entry roamed" + + log_test "Sticky no roaming" +} + trap cleanup EXIT setup_prepare diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh index 3ffb9d6c0950..642fbf217c20 100755 --- a/tools/testing/selftests/net/forwarding/lib.sh +++ b/tools/testing/selftests/net/forwarding/lib.sh @@ -137,6 +137,24 @@ check_locked_port_support() fi } +check_port_mab_support() +{ + local dev=$1; + + if ! bridge link set dev $dev mab on 2>/dev/null; then + echo "SKIP: iproute2 too old; MacAuth feature not supported." + return $ksft_skip + fi +} + +check_blackhole_fdb_support() +{ + if ! bridge fdb help | grep -q "blackhole"; then + echo "SKIP: Blackhole fdb feature not supported." + return $ksft_skip + fi +} + if [[ "$(id -u)" -ne 0 ]]; then echo "SKIP: need root privileges" exit $ksft_skip -- 2.34.1

2 years, 9 months

3
3
0 0

selftest: arm64: missing install files

by Naresh Kamboju

While running kselftest arm64 tests the following list of tests were missing which means those test binaries not installed on to the rootfs. Not a part of "make install" do we need to fix Makefiles ? or am I missing something on the build machine ? We are building on the one machine and testing on multiple arm64 target devices. Please refer to build log [1] and test log [2]. # selftests: arm64: fp-stress # Warning: file fp-stress is missing! # selftests: arm64: sve-ptrace # Warning: file sve-ptrace is missing! # selftests: arm64: vec-syscfg # Warning: file vec-syscfg is missing! # selftests: arm64: za-ptrace # Warning: file za-ptrace is missing! # selftests: arm64: hwcap # Warning: file hwcap is missing! # selftests: arm64: ptrace # Warning: file ptrace is missing! # selftests: arm64: syscall-abi # Warning: file syscall-abi is missing! Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> [1] Build log: click on log.do_compile file link https://storage.lkft.org/rootfs-kselftest/oe-kirkstone/20220927-202538/juno/ [2] Test log: click on full log file link https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20220923/te… - Naresh

2 years, 9 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror