| Message ID | 20240411233624.8129-1-fw@strlen.de |
|---|---|
| Headers | show |
| Series | selftests: move netfilter tests to net | expand |
On Fri, 12 Apr 2024 01:36:05 +0200 Florian Westphal wrote: > First patch in this series moves selftests/netfilter/ > to selftests/net/netfilter/. > > Passing this via net-next rather than nf-next for this reason. Either tree works, FWIW. I presume we should add these to the netdev CI, right? Assuming yes - I need to set up the worker manually. A bit of a chicken and an egg problem there. The TARGET must exist when I start it otherwise worker will fail :) These missed the net-next-2024-04-12--00-00 branch, I'll start the worker first thing in the morning..
Jakub Kicinski <kuba@kernel.org> wrote: > > Passing this via net-next rather than nf-next for this reason. > > Either tree works, FWIW. > > I presume we should add these to the netdev CI, right? After all scripts have been updated it would be great if you could do that, yes. ATM too many nf tests barf for various reasons. > Assuming yes - I need to set up the worker manually. A bit of a chicken > and an egg problem there. The TARGET must exist when I start it > otherwise worker will fail :) These missed the > net-next-2024-04-12--00-00 branch, I'll start the worker first thing in > the morning.. Let me know how I can help.
On Fri, 12 Apr 2024 08:53:30 +0200 Florian Westphal wrote: > > Either tree works, FWIW. > > > > I presume we should add these to the netdev CI, right? > > After all scripts have been updated it would be great if you > could do that, yes. > > ATM too many nf tests barf for various reasons. > > > Assuming yes - I need to set up the worker manually. A bit of a chicken > > and an egg problem there. The TARGET must exist when I start it > > otherwise worker will fail :) These missed the > > net-next-2024-04-12--00-00 branch, I'll start the worker first thing in > > the morning.. > > Let me know how I can help. Alright, the workers are churning. For now I excluded this target from patchwork reporting, but they are running and showing up on the status page (in the ignored section). Looks like most of the tests skip: https://netdev.bots.linux.dev/contest.html?branch=net-next-2024-04-12--12-00&executor=vmksft-nf I looked at a few, they all said: # mnl_socket_open: Protocol not supported The resulting kernel config is here: https://netdev-3.bots.linux.dev/vmksft-nf/results/548802/config
Jakub Kicinski <kuba@kernel.org> wrote: > Alright, the workers are churning. For now I excluded this target from > patchwork reporting, but they are running and showing up on the status > page (in the ignored section). > > Looks like most of the tests skip: > https://netdev.bots.linux.dev/contest.html?branch=net-next-2024-04-12--12-00&executor=vmksft-nf > > I looked at a few, they all said: > # mnl_socket_open: Protocol not supported > > The resulting kernel config is here: > https://netdev-3.bots.linux.dev/vmksft-nf/results/548802/config CONFIG_NETFILTER=n I'll make sure that all tests skip in this case and will add it to the config file.
On Fri, 12 Apr 2024 01:36:05 +0200 Florian Westphal wrote:
> create mode 100644 tools/testing/selftests/net/netfilter/lib.sh
FWIW one of our checks points out this file should be listed under
TEST_INCLUDES so that ksft install vacuums it in.
Hello: This series was applied to netdev/net-next.git (main) by Jakub Kicinski <kuba@kernel.org>: On Fri, 12 Apr 2024 01:36:05 +0200 you wrote: > First patch in this series moves selftests/netfilter/ > to selftests/net/netfilter/. > > Passing this via net-next rather than nf-next for this reason. > > Main motivation is that a lot of these scripts only work on my old > development VM, I hope that placing this in net/ will get these > tests to get run in more regular intervals (and tests get more robust). > > [...] Here is the summary with links: - [net-next,01/15] selftests: netfilter: move to net subdir https://git.kernel.org/netdev/net-next/c/3f189349e52a - [net-next,02/15] selftests: netfilter: bridge_brouter.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/94831b130ded - [net-next,03/15] selftests: netfilter: br_netfilter.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/1286e106dd6f - [net-next,04/15] selftests: netfilter: conntrack_icmp_related.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/96f6c27371a9 - [net-next,05/15] selftests: netfilter: conntrack_tcp_unreplied.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/6f864d391b29 - [net-next,06/15] selftests: netfilter: conntrack_sctp_collision.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/9785517a2245 - [net-next,07/15] selftests: netfilter: conntrack_vrf.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/954398b4d837 - [net-next,08/15] selftests: netfilter: conntrack_ipip_mtu.sh" move to lib.sh infra https://git.kernel.org/netdev/net-next/c/0413156eec28 - [net-next,09/15] selftests: netfilter: place checktool helper in lib.sh https://git.kernel.org/netdev/net-next/c/10e2ed3fcdf4 - [net-next,10/15] selftests: netfilter: ipvs.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/87ce7d79075f - [net-next,11/15] selftests: netfilter: nf_nat_edemux.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/f51fe0256135 - [net-next,12/15] selftests: netfilter: nft_conntrack_helper.sh: test to lib.sh infra https://git.kernel.org/netdev/net-next/c/fa03bb7c8c01 - [net-next,13/15] selftests: netfilter: nft_fib.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/6bc0709bf111 - [net-next,14/15] selftests: netfilter: nft_flowtable.sh: move test to lib.sh infra https://git.kernel.org/netdev/net-next/c/53e9426204a0 - [net-next,15/15] selftests: netfilter: nft_nat.sh: move to lib.sh infra https://git.kernel.org/netdev/net-next/c/49af681bcab4 You are awesome, thank you!
First patch in this series moves selftests/netfilter/ to selftests/net/netfilter/. Passing this via net-next rather than nf-next for this reason. Main motivation is that a lot of these scripts only work on my old development VM, I hope that placing this in net/ will get these tests to get run in more regular intervals (and tests get more robust). Changes are: - make use of existing 'setup_ns' and 'busywait' helpers - fix shellcheck warnings - add more SKIP checks to avoid failures - get rid of netcat in favor of socat, too many test failures due to 'wrong' netcat flavor - do not assume rp_filter sysctl is off I have more patches that fix up the remaining test scripts, but the series was too large to send them at once (34 patches). After all scripts are fixed up, tests pass on both my Debian and Fedora test machines. If you want me to route this via a different tree, e.g. nf-next, please let me know. MAINTAINERS is updated to reflect that future updates should be handled via netfilter-devel@. Florian Westphal (15): selftests: netfilter: move to net subdir selftests: netfilter: bridge_brouter.sh: move to lib.sh infra selftests: netfilter: br_netfilter.sh: move to lib.sh infra selftests: netfilter: conntrack_icmp_related.sh: move to lib.sh infra selftests: netfilter: conntrack_tcp_unreplied.sh: move to lib.sh infra selftests: netfilter: conntrack_sctp_collision.sh: move to lib.sh infra selftests: netfilter: conntrack_vrf.sh: move to lib.sh infra selftests: netfilter: conntrack_ipip_mtu.sh" move to lib.sh infra selftests: netfilter: place checktool helper in lib.sh selftests: netfilter: ipvs.sh: move to lib.sh infra selftests: netfilter: nf_nat_edemux.sh: move to lib.sh infra selftests: netfilter: nft_conntrack_helper.sh: test to lib.sh infra selftests: netfilter: nft_fib.sh: move to lib.sh infra selftests: netfilter: nft_flowtable.sh: move test to lib.sh infra selftests: netfilter: nft_nat.sh: move to lib.sh infra MAINTAINERS | 1 + .../selftests/{ => net}/netfilter/.gitignore | 4 +- .../testing/selftests/net/netfilter/Makefile | 44 ++ .../{ => net}/netfilter/audit_logread.c | 0 .../selftests/net/netfilter/br_netfilter.sh | 163 ++++++ .../selftests/net/netfilter/bridge_brouter.sh | 122 +++++ tools/testing/selftests/net/netfilter/config | 37 ++ .../{ => net}/netfilter/connect_close.c | 0 .../netfilter/conntrack_dump_flush.c | 2 +- .../netfilter/conntrack_icmp_related.sh | 179 +++---- .../netfilter/conntrack_ipip_mtu.sh} | 44 +- .../net/netfilter/conntrack_sctp_collision.sh | 87 ++++ .../net/netfilter/conntrack_tcp_unreplied.sh | 153 ++++++ .../{ => net}/netfilter/conntrack_vrf.sh | 101 ++-- tools/testing/selftests/net/netfilter/ipvs.sh | 211 ++++++++ tools/testing/selftests/net/netfilter/lib.sh | 10 + .../selftests/net/netfilter/nf_nat_edemux.sh | 97 ++++ .../nf-queue.c => net/netfilter/nf_queue.c} | 0 .../{ => net}/netfilter/nft_audit.sh | 0 .../{ => net}/netfilter/nft_concat_range.sh | 0 .../net/netfilter/nft_conntrack_helper.sh | 171 +++++++ .../selftests/{ => net}/netfilter/nft_fib.sh | 71 +-- .../{ => net}/netfilter/nft_flowtable.sh | 108 ++-- .../selftests/{ => net}/netfilter/nft_meta.sh | 0 .../selftests/{ => net}/netfilter/nft_nat.sh | 480 ++++++++---------- .../{ => net}/netfilter/nft_nat_zones.sh | 0 .../{ => net}/netfilter/nft_queue.sh | 18 +- .../{ => net}/netfilter/nft_synproxy.sh | 0 .../{ => net}/netfilter/nft_zones_many.sh | 0 .../selftests/{ => net}/netfilter/rpath.sh | 0 .../{ => net}/netfilter/sctp_collision.c | 0 .../{ => net}/netfilter/xt_string.sh | 0 tools/testing/selftests/netfilter/Makefile | 21 - .../selftests/netfilter/bridge_brouter.sh | 146 ------ .../selftests/netfilter/bridge_netfilter.sh | 188 ------- tools/testing/selftests/netfilter/config | 9 - .../netfilter/conntrack_sctp_collision.sh | 89 ---- .../netfilter/conntrack_tcp_unreplied.sh | 167 ------ tools/testing/selftests/netfilter/ipvs.sh | 228 --------- .../selftests/netfilter/nf_nat_edemux.sh | 127 ----- .../netfilter/nft_conntrack_helper.sh | 197 ------- .../selftests/netfilter/nft_trans_stress.sh | 151 ------ tools/testing/selftests/netfilter/settings | 1 - 43 files changed, 1493 insertions(+), 1934 deletions(-) rename tools/testing/selftests/{ => net}/netfilter/.gitignore (92%) create mode 100644 tools/testing/selftests/net/netfilter/Makefile rename tools/testing/selftests/{ => net}/netfilter/audit_logread.c (100%) create mode 100755 tools/testing/selftests/net/netfilter/br_netfilter.sh create mode 100755 tools/testing/selftests/net/netfilter/bridge_brouter.sh create mode 100644 tools/testing/selftests/net/netfilter/config rename tools/testing/selftests/{ => net}/netfilter/connect_close.c (100%) rename tools/testing/selftests/{ => net}/netfilter/conntrack_dump_flush.c (99%) rename tools/testing/selftests/{ => net}/netfilter/conntrack_icmp_related.sh (52%) rename tools/testing/selftests/{netfilter/ipip-conntrack-mtu.sh => net/netfilter/conntrack_ipip_mtu.sh} (89%) create mode 100755 tools/testing/selftests/net/netfilter/conntrack_sctp_collision.sh create mode 100755 tools/testing/selftests/net/netfilter/conntrack_tcp_unreplied.sh rename tools/testing/selftests/{ => net}/netfilter/conntrack_vrf.sh (66%) create mode 100755 tools/testing/selftests/net/netfilter/ipvs.sh create mode 100644 tools/testing/selftests/net/netfilter/lib.sh create mode 100755 tools/testing/selftests/net/netfilter/nf_nat_edemux.sh rename tools/testing/selftests/{netfilter/nf-queue.c => net/netfilter/nf_queue.c} (100%) rename tools/testing/selftests/{ => net}/netfilter/nft_audit.sh (100%) rename tools/testing/selftests/{ => net}/netfilter/nft_concat_range.sh (100%) create mode 100755 tools/testing/selftests/net/netfilter/nft_conntrack_helper.sh rename tools/testing/selftests/{ => net}/netfilter/nft_fib.sh (78%) rename tools/testing/selftests/{ => net}/netfilter/nft_flowtable.sh (88%) rename tools/testing/selftests/{ => net}/netfilter/nft_meta.sh (100%) rename tools/testing/selftests/{ => net}/netfilter/nft_nat.sh (62%) rename tools/testing/selftests/{ => net}/netfilter/nft_nat_zones.sh (100%) rename tools/testing/selftests/{ => net}/netfilter/nft_queue.sh (95%) rename tools/testing/selftests/{ => net}/netfilter/nft_synproxy.sh (100%) rename tools/testing/selftests/{ => net}/netfilter/nft_zones_many.sh (100%) rename tools/testing/selftests/{ => net}/netfilter/rpath.sh (100%) rename tools/testing/selftests/{ => net}/netfilter/sctp_collision.c (100%) rename tools/testing/selftests/{ => net}/netfilter/xt_string.sh (100%) delete mode 100644 tools/testing/selftests/netfilter/Makefile delete mode 100755 tools/testing/selftests/netfilter/bridge_brouter.sh delete mode 100644 tools/testing/selftests/netfilter/bridge_netfilter.sh delete mode 100644 tools/testing/selftests/netfilter/config delete mode 100755 tools/testing/selftests/netfilter/conntrack_sctp_collision.sh delete mode 100755 tools/testing/selftests/netfilter/conntrack_tcp_unreplied.sh delete mode 100755 tools/testing/selftests/netfilter/ipvs.sh delete mode 100755 tools/testing/selftests/netfilter/nf_nat_edemux.sh delete mode 100755 tools/testing/selftests/netfilter/nft_conntrack_helper.sh delete mode 100755 tools/testing/selftests/netfilter/nft_trans_stress.sh delete mode 100644 tools/testing/selftests/netfilter/settings