From patchwork Thu Jun 21 10:41:03 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Darrell Ball <dlu998@gmail.com>
X-Patchwork-Id: 932676
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=openvswitch.org
	(client-ip=140.211.169.12; helo=mail.linuxfoundation.org;
	envelope-from=ovs-dev-bounces@openvswitch.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="ELqU5oIM"; dkim-atps=neutral
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 41BJGW23dJz9s2R
	for <incoming@patchwork.ozlabs.org>;
	Thu, 21 Jun 2018 20:44:03 +1000 (AEST)
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id DA22ECD5;
	Thu, 21 Jun 2018 10:43:22 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 13151CB1
	for <dev@openvswitch.org>; Thu, 21 Jun 2018 10:43:21 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pl0-f66.google.com (mail-pl0-f66.google.com
	[209.85.160.66])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 697048A
	for <dev@openvswitch.org>; Thu, 21 Jun 2018 10:43:20 +0000 (UTC)
Received: by mail-pl0-f66.google.com with SMTP id 30-v6so1465693pld.13
	for <dev@openvswitch.org>; Thu, 21 Jun 2018 03:43:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:subject:date:message-id:in-reply-to:references;
	bh=d73lxNUb5fnV/SIZHxjHG9YRiU/Wfke/1kADNqy8/pE=;
	b=ELqU5oIMO45J+JHcuM14VH9D5Gasq4cti9Mkm9yXprQA3y2dZc3dqJoazxnVNMFZv1
	gcuIJb12id5pcf/i5cPQB5pB5uXOmB7lE2zb3cqp16QfNgFb2A+9CxAmTCKS/7cEezWE
	iJrIu/dIhBa5KZOqAfHcGzykInoGFL9uNVP1Ehp7kD4cDPvShbJgJh5Psmn9kV3wWQlj
	qlRFKMM6SIBrvzJH9Ol2//X5jWbbFDSJDQQDKp8kgO2060fOW2S4P8NPkfpCoXCNP8w0
	F89ZlzfcnDIUbdbjiLwxdAs5OKLr0Wtexd/EcBT6+q7qeFOzk2TgyKESdp/An0+uDlYR
	6vEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=d73lxNUb5fnV/SIZHxjHG9YRiU/Wfke/1kADNqy8/pE=;
	b=YMmJs/3Wz9SYAmjg6dbImd8cEtLuarXDSIhV3gcoeFb1NfoZQx9Jk/CxBNo1F063QS
	PELGrTg/4Jvh/qF9YK457k3nGWWJgu5y5Ei7nc2CgHcXbIA4lvzXo9ekMXaeVs2pur8A
	yHrP/jzZjq8tEylqfzUUMAoyqK2aiPEILTnU6U0JrdRBPNWjo+lHEBnqKfH/LWVXHA2g
	/kH4o/kZGT55/oRFmwPnclTuTcFMQ87Xx6EAfJyVQX9/+QGPIz8/uoVLBetbh0vrVqzh
	7jazIlANhkoU6mybVtNzlH3ZpsOob6TFddpSl/NRr4LyNA1KsqRt11Fg1rS0s6MRNk1R
	fXzQ==
X-Gm-Message-State: APt69E0N0+wLiKU1ug/mxqc6daBiDmfNcLZQOBbH7Sn7Ee/d5OUhBlPM
	2tlyTEtVkr1HZcsrefoF/2s=
X-Google-Smtp-Source: 
 ADUXVKI6NUOriFD+C/tfNSVI9ChpWPpPAQtMRv/2/NXLpbCzhCqznTe/xA6owbLtlxL3HsYREWDDzg==
X-Received: by 2002:a17:902:56e:: with SMTP id
	101-v6mr27185030plf.25.1529577800070;
	Thu, 21 Jun 2018 03:43:20 -0700 (PDT)
Received: from ubuntu.localdomain (c-73-162-236-45.hsd1.ca.comcast.net.
	[73.162.236.45]) by smtp.gmail.com with ESMTPSA id
	v26-v6sm7105828pfn.105.2018.06.21.03.43.18
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Thu, 21 Jun 2018 03:43:18 -0700 (PDT)
From: Darrell Ball <dlu998@gmail.com>
To: dlu998@gmail.com,
	dev@openvswitch.org
Date: Thu, 21 Jun 2018 03:41:03 -0700
Message-Id: <1529577663-118182-2-git-send-email-dlu998@gmail.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1529577663-118182-1-git-send-email-dlu998@gmail.com>
References: <1529577663-118182-1-git-send-email-dlu998@gmail.com>
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [ovs-dev] [patch v1 2/2] tests: Add more fragmentation tests.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

Tests are added to cover out of order and overlapping fragments.

Signed-off-by: Darrell Ball <dlu998@gmail.com>
---
 tests/system-kmod-macros.at      |  8 ++++
 tests/system-traffic.at          | 96 ++++++++++++++++++++++++++++++++++++++++
 tests/system-userspace-macros.at |  8 ++++
 3 files changed, 112 insertions(+)

diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at
index 2b9b691..1fc59d0 100644
--- a/tests/system-kmod-macros.at
+++ b/tests/system-kmod-macros.at
@@ -91,6 +91,14 @@ m4_define([CHECK_CONNTRACK_FRAG])
 # needed.
 m4_define([CHECK_CONNTRACK_LOCAL_STACK])
 
+# CHECK_CONNTRACK_FRAG_OVERLAP()
+#
+# The kernel does not support overlapping fragments checking.
+m4_define([CHECK_CONNTRACK_FRAG_OVERLAP],
+[
+    AT_SKIP_IF([:])
+])
+
 # CHECK_CONNTRACK_NAT()
 #
 # Perform requirements checks for running conntrack NAT tests. The kernel
diff --git a/tests/system-traffic.at b/tests/system-traffic.at
index 61d8bc0..c40449a 100644
--- a/tests/system-traffic.at
+++ b/tests/system-traffic.at
@@ -2103,6 +2103,78 @@ udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=<cleared>,dport=<cleared>),reply=(src=
 OVS_TRAFFIC_VSWITCHD_STOP
 AT_CLEANUP
 
+AT_SETUP([conntrack - IPv4 fragmentation out of order])
+CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
+OVS_TRAFFIC_VSWITCHD_START()
+
+ADD_NAMESPACES(at_ns0, at_ns1)
+
+ADD_VETH(p0, at_ns0, br0, "10.1.1.1/24")
+ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24")
+
+AT_DATA([bundle.txt], [dnl
+packet-out in_port=1, packet=50540000000a505400000009080045000030000100320011a4860a0101010a01010200010002000800000010203040506070809000010203040506070809, actions=ct(commit)
+packet-out in_port=1, packet=50540000000a5054000000090800450001a400012000001183440a0101010a01010200010002000800000304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809,  actions=ct(commit)
+])
+
+AT_CHECK([ovs-ofctl bundle br0 bundle.txt])
+
+AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(10.1.1.2)], [0], [dnl
+udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=<cleared>,dport=<cleared>),reply=(src=10.1.1.2,dst=10.1.1.1,sport=<cleared>,dport=<cleared>)
+])
+
+OVS_TRAFFIC_VSWITCHD_STOP
+AT_CLEANUP
+
+AT_SETUP([conntrack - IPv4 fragmentation overlapping fragments by 1 byte])
+CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
+CHECK_CONNTRACK_FRAG_OVERLAP()
+OVS_TRAFFIC_VSWITCHD_START()
+
+ADD_NAMESPACES(at_ns0, at_ns1)
+
+ADD_VETH(p0, at_ns0, br0, "10.1.1.1/24")
+ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24")
+
+AT_DATA([bundle.txt], [dnl
+packet-out in_port=1, packet=50540000000a5054000000090800450001a400012000001183440a0101010a01010200010002000800000304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809,  actions=ct(commit)
+packet-out in_port=1, packet=50540000000a505400000009080045000030000100310011a4870a0101010a01010200010002000800000010203040506070809000010203040506070809, actions=ct(commit)
+])
+
+AT_CHECK([ovs-ofctl bundle br0 bundle.txt])
+# There is one byte of overlap, hence the no packet gets thru. conntrack.
+AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(10.1.1.2)], [0], [dnl
+])
+
+OVS_TRAFFIC_VSWITCHD_STOP
+AT_CLEANUP
+
+AT_SETUP([conntrack - IPv4 fragmentation overlapping fragments by 1 byte out of order])
+CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
+CHECK_CONNTRACK_FRAG_OVERLAP()
+OVS_TRAFFIC_VSWITCHD_START()
+
+ADD_NAMESPACES(at_ns0, at_ns1)
+
+ADD_VETH(p0, at_ns0, br0, "10.1.1.1/24")
+ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24")
+
+AT_DATA([bundle.txt], [dnl
+packet-out in_port=1, packet=50540000000a505400000009080045000030000100310011a4870a0101010a01010200010002000800000010203040506070809000010203040506070809, actions=ct(commit)
+packet-out in_port=1, packet=50540000000a5054000000090800450001a400012000001183440a0101010a01010200010002000800000304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809,  actions=ct(commit)
+])
+
+AT_CHECK([ovs-ofctl bundle br0 bundle.txt])
+# There is one byte of overlap, hence the no packet gets thru. conntrack.
+AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(10.1.1.2)], [0], [dnl
+])
+
+OVS_TRAFFIC_VSWITCHD_STOP
+AT_CLEANUP
+
 AT_SETUP([conntrack - IPv6 fragmentation])
 CHECK_CONNTRACK()
 CHECK_CONNTRACK_FRAG()
@@ -2327,6 +2399,30 @@ udp,orig=(src=fc00::1,dst=fc00::2,sport=<cleared>,dport=<cleared>),reply=(src=fc
 OVS_TRAFFIC_VSWITCHD_STOP
 AT_CLEANUP
 
+AT_SETUP([conntrack - IPv6 fragmentation out of order])
+CHECK_CONNTRACK()
+CHECK_CONNTRACK_FRAG()
+OVS_TRAFFIC_VSWITCHD_START()
+
+ADD_NAMESPACES(at_ns0, at_ns1)
+
+ADD_VETH(p0, at_ns0, br0, "fc00::1/96")
+ADD_VETH(p1, at_ns1, br0, "fc00::2/96")
+
+AT_DATA([bundle.txt], [dnl
+packet-out in_port=1, packet=50540000000a50540000000986dd6000000000242cfffc000000000000000000000000000001fc000000000000000000000000000002110005080000000100010002000800000001020304050607080900010203040506070809, actions=ct(commit)
+packet-out in_port=1, packet=50540000000a50540000000986dd6000000005102cfffc000000000000000000000000000001fc0000000000000000000000000000021100000100000001000100020008cdf30001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809
 00010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030
 4050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809,  actions=ct(commit)
+])
+
+AT_CHECK([ovs-ofctl bundle br0 bundle.txt])
+
+AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(fc00::2)], [0], [dnl
+udp,orig=(src=fc00::1,dst=fc00::2,sport=<cleared>,dport=<cleared>),reply=(src=fc00::2,dst=fc00::1,sport=<cleared>,dport=<cleared>)
+])
+
+OVS_TRAFFIC_VSWITCHD_STOP
+AT_CLEANUP
+
 AT_SETUP([conntrack - Fragmentation over vxlan])
 OVS_CHECK_VXLAN()
 CHECK_CONNTRACK()
diff --git a/tests/system-userspace-macros.at b/tests/system-userspace-macros.at
index 00e1f81..76d88a6 100644
--- a/tests/system-userspace-macros.at
+++ b/tests/system-userspace-macros.at
@@ -93,6 +93,14 @@ m4_define([CHECK_CONNTRACK_LOCAL_STACK],
     AT_SKIP_IF([:])
 ])
 
+# CHECK_CONNTRACK_FRAG_OVERLAP()
+#
+# The userspace datapath does not support fragments yet.
+m4_define([CHECK_CONNTRACK_FRAG_OVERLAP],
+[
+    AT_SKIP_IF([:])
+])
+
 # CHECK_CONNTRACK_NAT()
 #
 # Perform requirements checks for running conntrack NAT tests. The userspace