From patchwork Thu Sep 8 19:56:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Luke Nowakowski-Krijger X-Patchwork-Id: 1675827 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=DKdNCasS; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MNqf44RDZz1yp2 for ; Fri, 9 Sep 2022 05:57:15 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1oWNe7-0002kL-D7; Thu, 08 Sep 2022 19:57:07 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1oWNe5-0002iw-E3 for kernel-team@lists.ubuntu.com; Thu, 08 Sep 2022 19:57:05 +0000 Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com [209.85.214.199]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 328083F471 for ; Thu, 8 Sep 2022 19:57:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1662667025; bh=+ARAo/cq8zYY0IIK5Gtrzo6xiSMvFEp1heoD4XHj5qQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=DKdNCasSFwxGxRx8ygAsX8/W58tFTwoPtjL9M9zsUYu3fRUSIreomzDzjmF6ydj9h 92hTwb2rrNLGemP+zROJ01NcbkFFPrlvgJVFV+vMhuSut/PEQzpixVXohL4aeGAH1H i/Xf5d4DLvSUtynxogFYIDgqG/hJioA+rFRABbERQ9CjpeIVMk2RFLQ1FaExFBA+/y kn2Ibn7e8R9+TND/O/TM44PxUjGJgovw2y3+uQzAmvke5BTQDAMhQ+jth4TAbA4DOk tjGFTEKg7PUXe2cIHziz1ZxxviBtlzxchESeLwS8y+9G05p9gpr7CJjA6JR8jtJO7x lSmTuekCLiVOw== Received: by mail-pl1-f199.google.com with SMTP id c7-20020a170902d48700b00176be258f23so7113889plg.15 for ; Thu, 08 Sep 2022 12:57:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date; bh=+ARAo/cq8zYY0IIK5Gtrzo6xiSMvFEp1heoD4XHj5qQ=; b=EjhwwlndwQAcdk9AxtpamWMxaZ8uoFkIV39XL6uSVqtVpwi2KEbE25eQEby+47un2a asjNy0bQ4ibpLBFyNoZ1uhHuPWED+8LYhHjF1YB9aBQQ1IeR58r9F9KGAyHyDFRG15Tq LrQzk1fqeQ/zTbObUlTnNcvE2BdDZ+EjPMIoAvfeHIcGXzkVnz6G0m66ZpT3nm8m1/h7 Mjha24LCgYlf7j4vkaC1YfRXyvbZeEaI4GUbjX1Km8PpuSPFCeCjN0bXba1hTB5INhK2 FqzcynGTjumyz3xqn66XiAwJ64RaWdOKd/vAzuEAJriSxp4d2gRaL0H2UG0JVhtRfJPv 3VYg== X-Gm-Message-State: ACgBeo2jabscclXSDyO/dyuoVzGsOS0NWx+b0gB2APWWmSM2xJnzccLP izwMG5Eg7dluJy3ZZm+kAs3RpvnyzrvY+rObWa6H+cQqA7fuKuiSxKQyfq3RrG6J39BkryTeyiu LVCGT7BCOegYaNEDO5rqJNVNnCwCL+9S4OZqLbugY3g== X-Received: by 2002:a17:90a:ba01:b0:200:8769:1c34 with SMTP id s1-20020a17090aba0100b0020087691c34mr5893709pjr.0.1662667023362; Thu, 08 Sep 2022 12:57:03 -0700 (PDT) X-Google-Smtp-Source: AA6agR46QPj9PknW8Wg131befJx9fQrDjV97NnaOaHJJySPVtOlDJQ8K6xjiAhDXNDZwI66uK+k5+g== X-Received: by 2002:a17:90a:ba01:b0:200:8769:1c34 with SMTP id s1-20020a17090aba0100b0020087691c34mr5893693pjr.0.1662667023072; Thu, 08 Sep 2022 12:57:03 -0700 (PDT) Received: from luke-ubuntu.buildd (cpe-75-80-146-43.san.res.rr.com. [75.80.146.43]) by smtp.gmail.com with ESMTPSA id f9-20020a170902684900b00172f6726d8esm14863255pln.277.2022.09.08.12.57.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 08 Sep 2022 12:57:02 -0700 (PDT) From: Luke Nowakowski-Krijger To: kernel-team@lists.ubuntu.com, nicolas.dichtel@6wind.com Subject: [SRU][F][J][PATCH 1/3] ip: fix dflt addr selection for connected nexthop Date: Thu, 8 Sep 2022 12:56:20 -0700 Message-Id: <6da58a8a8b3f07050ca2348b376a43347fc7e5e6.1662666093.git.luke.nowakowskikrijger@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Edwin Brossette , stable@vger.kernel.org Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolas Dichtel BugLink: https://bugs.launchpad.net/bugs/1988809 When a nexthop is added, without a gw address, the default scope was set to 'host'. Thus, when a source address is selected, 127.0.0.1 may be chosen but rejected when the route is used. When using a route without a nexthop id, the scope can be configured in the route, thus the problem doesn't exist. To explain more deeply: when a user creates a nexthop, it cannot specify the scope. To create it, the function nh_create_ipv4() calls fib_check_nh() with scope set to 0. fib_check_nh() calls fib_check_nh_nongw() wich was setting scope to 'host'. Then, nh_create_ipv4() calls fib_info_update_nhc_saddr() with scope set to 'host'. The src addr is chosen before the route is inserted. When a 'standard' route (ie without a reference to a nexthop) is added, fib_create_info() calls fib_info_update_nhc_saddr() with the scope set by the user. iproute2 set the scope to 'link' by default. Here is a way to reproduce the problem: ip netns add foo ip -n foo link set lo up ip netns add bar ip -n bar link set lo up sleep 1 ip -n foo link add name eth0 type dummy ip -n foo link set eth0 up ip -n foo address add 192.168.0.1/24 dev eth0 ip -n foo link add name veth0 type veth peer name veth1 netns bar ip -n foo link set veth0 up ip -n bar link set veth1 up ip -n bar address add 192.168.1.1/32 dev veth1 ip -n bar route add default dev veth1 ip -n foo nexthop add id 1 dev veth0 ip -n foo route add 192.168.1.1 nhid 1 Try to get/use the route: > $ ip -n foo route get 192.168.1.1 > RTNETLINK answers: Invalid argument > $ ip netns exec foo ping -c1 192.168.1.1 > ping: connect: Invalid argument Try without nexthop group (iproute2 sets scope to 'link' by dflt): ip -n foo route del 192.168.1.1 ip -n foo route add 192.168.1.1 dev veth0 Try to get/use the route: > $ ip -n foo route get 192.168.1.1 > 192.168.1.1 dev veth0 src 192.168.0.1 uid 0 > cache > $ ip netns exec foo ping -c1 192.168.1.1 > PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. > 64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.039 ms > > --- 192.168.1.1 ping statistics --- > 1 packets transmitted, 1 received, 0% packet loss, time 0ms > rtt min/avg/max/mdev = 0.039/0.039/0.039/0.000 ms CC: stable@vger.kernel.org Fixes: 597cfe4fc339 ("nexthop: Add support for IPv4 nexthops") Reported-by: Edwin Brossette Signed-off-by: Nicolas Dichtel Link: https://lore.kernel.org/r/20220713114853.29406-1-nicolas.dichtel@6wind.com Signed-off-by: Paolo Abeni (backported from commit 747c14307214b55dbd8250e1ab44cad8305756f1) [lukenow: use dev_hold instead of dev_hold_track as dev_hold_track requires some debugging infastructure that we don't want to backport] Signed-off-by: Luke Nowakowski-Krijger --- net/ipv4/fib_semantics.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c index f99ad4a98907d..16fe034615635 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c @@ -1217,7 +1217,7 @@ static int fib_check_nh_nongw(struct net *net, struct fib_nh *nh, nh->fib_nh_dev = in_dev->dev; dev_hold(nh->fib_nh_dev); - nh->fib_nh_scope = RT_SCOPE_HOST; + nh->fib_nh_scope = RT_SCOPE_LINK; if (!netif_carrier_ok(nh->fib_nh_dev)) nh->fib_nh_flags |= RTNH_F_LINKDOWN; err = 0; From patchwork Thu Sep 8 19:56:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Luke Nowakowski-Krijger X-Patchwork-Id: 1675828 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=RQeDaC0V; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MNqf46Qgsz1yp4 for ; Fri, 9 Sep 2022 05:57:16 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1oWNeA-0002nB-Mv; Thu, 08 Sep 2022 19:57:10 +0000 Received: from smtp-relay-internal-0.internal ([10.131.114.225] helo=smtp-relay-internal-0.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1oWNe7-0002kF-Qu for kernel-team@lists.ubuntu.com; Thu, 08 Sep 2022 19:57:07 +0000 Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id A281F3F484 for ; Thu, 8 Sep 2022 19:57:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1662667026; bh=IjQUSsBxUbXPPJNFF22vbeme4Du9WUP3ITpWdiHo7LQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=RQeDaC0VncxSJJLZdWRFHhfX1FRyYDeO44KQGQGrI1E6VCxtfam61hO7afcRj4i+t abme7ctW4CncGXMR90vfBYaA0fXbT9/SH2fBvu5J59jN+7PGX4nf/4wN9oc9B+9R+0 8Z8eQM3vXDfzGdOS4X13TubXR9jrcrAvPfzr9XxW3RN1p9gO4oezrN3DOlNmZHWoEp mvgBCpaGd1Ggh7qAE05GwRW8og86Mni1XZLE026j139HGI7I4rA8v5nMnOcYMt9tRi fduUY7EFSHE5OqYEe/SfZ9zO8FUhN7uoANofP3EEu4WTWl/22nFu0TrLdjGaH0xgB2 DC0yznoRRcuTg== Received: by mail-pf1-f197.google.com with SMTP id g4-20020aa78184000000b0053e70e333c6so3298055pfi.2 for ; Thu, 08 Sep 2022 12:57:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date; bh=IjQUSsBxUbXPPJNFF22vbeme4Du9WUP3ITpWdiHo7LQ=; b=KCfylpLEZlcO8HRwFPKhh3WwrA0uxQ0ARVX77395S3RPxBZxmsIB2lRqYsuOUf5SuT mcaDnzDIfFVv/ZatF3sudzodrhAqenLuOUzhP/ndoXeXl8sHBQW0U5UYIdMwE8D27Cwp xM/D0AkYzbSyt/KM74s6jYIvMO2sYzSBw3NPv6Ya7KIRLnj4j7Aw3koiAC4WpsqGd7om ZTAQEYMaIls+vEcjfLbAmYu4omvYNZ9HkBtxMjODHg5CwLPUXJVIYarKSCeLT3bd2OaL 4xovGgsuJmoAErabdJcDc217k+oJvzib5O3CZMD9dJ9SQLfw9D+KItyW93jFGfO5koC+ FIUw== X-Gm-Message-State: ACgBeo3u3Iyqxn91Rv1O1tZ7HC3cW34e3nY52xpBYIDhM4xC723nV7DL tRpl+QrEiB0o6bG7qvexabJRi2w4rgA9mwGFfvq3mal3dXAGOh52KVVN8DbWBJHR1cl5ZI0kRAj ZIziTEhhYYT2SKWn5Gy1VDny5HQ5d/diIL0hAthPguA== X-Received: by 2002:a05:6a00:240f:b0:52e:f99d:1157 with SMTP id z15-20020a056a00240f00b0052ef99d1157mr10582690pfh.70.1662667024618; Thu, 08 Sep 2022 12:57:04 -0700 (PDT) X-Google-Smtp-Source: AA6agR7YTQwu3f3HJ09pUt9QA8K0CNoK2ivN2WNkdRX8POovQL8ka4MifEcHDoLIR+Cswp5vSmWV2Q== X-Received: by 2002:a05:6a00:240f:b0:52e:f99d:1157 with SMTP id z15-20020a056a00240f00b0052ef99d1157mr10582672pfh.70.1662667024360; Thu, 08 Sep 2022 12:57:04 -0700 (PDT) Received: from luke-ubuntu.buildd (cpe-75-80-146-43.san.res.rr.com. [75.80.146.43]) by smtp.gmail.com with ESMTPSA id f9-20020a170902684900b00172f6726d8esm14863255pln.277.2022.09.08.12.57.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 08 Sep 2022 12:57:03 -0700 (PDT) From: Luke Nowakowski-Krijger To: kernel-team@lists.ubuntu.com, nicolas.dichtel@6wind.com Subject: [SRU][F][J][PATCH 2/3] ip: fix triggering of 'icmp redirect' Date: Thu, 8 Sep 2022 12:56:21 -0700 Message-Id: <564805b92b9972181e66419e69bbcfb5359e3a5f.1662666093.git.luke.nowakowskikrijger@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Ahern , Heng Qi , kernel test robot , stable@vger.kernel.org Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolas Dichtel BugLink: https://bugs.launchpad.net/bugs/1988809 __mkroute_input() uses fib_validate_source() to trigger an icmp redirect. My understanding is that fib_validate_source() is used to know if the src address and the gateway address are on the same link. For that, fib_validate_source() returns 1 (same link) or 0 (not the same network). __mkroute_input() is the only user of these positive values, all other callers only look if the returned value is negative. Since the below patch, fib_validate_source() didn't return anymore 1 when both addresses are on the same network, because the route lookup returns RT_SCOPE_LINK instead of RT_SCOPE_HOST. But this is, in fact, right. Let's adapat the test to return 1 again when both addresses are on the same link. CC: stable@vger.kernel.org Fixes: 747c14307214 ("ip: fix dflt addr selection for connected nexthop") Reported-by: kernel test robot Reported-by: Heng Qi Signed-off-by: Nicolas Dichtel Reviewed-by: David Ahern Link: https://lore.kernel.org/r/20220829100121.3821-1-nicolas.dichtel@6wind.com Signed-off-by: Jakub Kicinski (cherry-picked from commit eb55dc09b5dd040232d5de32812cc83001a23da6) Signed-off-by: Luke Nowakowski-Krijger --- net/ipv4/fib_frontend.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index ef3e7a3e3a29e..d38c8ca93ba09 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -399,7 +399,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, dev_match = dev_match || (res.type == RTN_LOCAL && dev == net->loopback_dev); if (dev_match) { - ret = FIB_RES_NHC(res)->nhc_scope >= RT_SCOPE_HOST; + ret = FIB_RES_NHC(res)->nhc_scope >= RT_SCOPE_LINK; return ret; } if (no_addr) @@ -411,7 +411,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, ret = 0; if (fib_lookup(net, &fl4, &res, FIB_LOOKUP_IGNORE_LINKSTATE) == 0) { if (res.type == RTN_UNICAST) - ret = FIB_RES_NHC(res)->nhc_scope >= RT_SCOPE_HOST; + ret = FIB_RES_NHC(res)->nhc_scope >= RT_SCOPE_LINK; } return ret; From patchwork Thu Sep 8 19:56:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Luke Nowakowski-Krijger X-Patchwork-Id: 1675829 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=nKvuCuHw; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MNqfC168Sz1ynD for ; Fri, 9 Sep 2022 05:57:23 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1oWNeF-0002rz-1A; Thu, 08 Sep 2022 19:57:15 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1oWNe9-0002mO-Gp for kernel-team@lists.ubuntu.com; Thu, 08 Sep 2022 19:57:09 +0000 Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com [209.85.216.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id B70553F47A for ; Thu, 8 Sep 2022 19:57:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1662667028; bh=cdBcw1Glf5DtOpjq7e7Eb9qjZLK3l9SUGP+sqMNdlas=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=nKvuCuHw9IPxl8g6qAJZXMzKSG3Om3xuebkL4JGlBXLwLef5kAfaNL1bXtTbQNNEs wAuzN8usNyQfWP/jukqWezbO5OiwxXgQkEzvDIKWqTV7+DOo3Sw9SDj6iRrwCBZ3I+ 43nXi+BqOOwmzmLFT0Kmu5q1SU9dKaal4RGejX0+JUqhRc3IWVRuqRBpTe4DALjo2l PXXe8VAlZsnl0qjl4dKC3fPq7LPAkBu8Z3vEdKwjFxm85SA8WEbs1PTnHxCvR7faAs pIc8OatP8urtcxRWuYSTOW+Y+8M21JqvPrlGSu5umKw7IlezXsj5P2vLG6JDGnm3VP UKjsskhNp/Cmg== Received: by mail-pj1-f69.google.com with SMTP id my9-20020a17090b4c8900b002027721b2b0so808725pjb.6 for ; Thu, 08 Sep 2022 12:57:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date; bh=cdBcw1Glf5DtOpjq7e7Eb9qjZLK3l9SUGP+sqMNdlas=; b=WaAXFvHwC6hi7atyNr1zk4PLI7DiXGwtj93YHoDuqeiF0UB3JhmrKDpbaVt8r2sr9x KIKuUl/PXtPCMbRTWPL12hWvyEdjvJg2yHgOArTXPwq2Um9b0NCaVfn1L/uJzrbCrLY0 fSVOjl8bOkPjDGAXMIMsPoDRuX6swAxFFG4GmSala12xTm6YqyunixPLxwiOYzqf7dAT +ZBxbsGrJk/ejd/UdnoCcA5/yQf7ts6tQJFQjRBGTbfCXi0XJ50W9SUa1W8cDoy/iaf0 /3MKiJE3cw56tlNrYQsRBkjNA3/4jVUttvkx3zWWnH8kYANLc8EPwM7C4h4//DL1gY5i 0K2w== X-Gm-Message-State: ACgBeo03J7Q9TlDwgglqpp0pWYWZ9GqA46RgKdC0oUkNIItqv0sjaZNU 5vt9XMxrv7/nZqqX7VM2y0rIeZzb4h2wj82R3sc3YfxAUpd5S5wu/nXb+jXLrj4KF6p0D8XpLio yTDjjTSYkROFw5rtJVR9Op93PjRhdLQP3lA5iUOS/GA== X-Received: by 2002:a17:903:22c4:b0:16f:a93:9197 with SMTP id y4-20020a17090322c400b0016f0a939197mr10344341plg.134.1662667027105; Thu, 08 Sep 2022 12:57:07 -0700 (PDT) X-Google-Smtp-Source: AA6agR5mFbq+/imsXGm1EVP+jnoRhKxq6dT5c/BXA3XbJNLll4uGgCVzChP6elxBvCPwj0Z1v36+NQ== X-Received: by 2002:a17:903:22c4:b0:16f:a93:9197 with SMTP id y4-20020a17090322c400b0016f0a939197mr10344324plg.134.1662667026824; Thu, 08 Sep 2022 12:57:06 -0700 (PDT) Received: from luke-ubuntu.buildd (cpe-75-80-146-43.san.res.rr.com. [75.80.146.43]) by smtp.gmail.com with ESMTPSA id f9-20020a170902684900b00172f6726d8esm14863255pln.277.2022.09.08.12.57.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 08 Sep 2022 12:57:06 -0700 (PDT) From: Luke Nowakowski-Krijger To: kernel-team@lists.ubuntu.com, nicolas.dichtel@6wind.com Subject: [SRU][J][PATCH 3/3] selftests/net: test nexthop without gw Date: Thu, 8 Sep 2022 12:56:23 -0700 Message-Id: <1f2a154c6e88cbc8d64b6c2a366aeef332fbbc4b.1662666367.git.luke.nowakowskikrijger@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolas Dichtel BugLink: https://bugs.launchpad.net/bugs/1988809 This test implement the scenario described in the commit "ip: fix dflt addr selection for connected nexthop". The test configures a nexthop object with an output device only (no gateway address) and a route that uses this nexthop. The goal is to check if the kernel selects a valid source address. Link: https://lore.kernel.org/netdev/20220712095545.10947-1-nicolas.dichtel@6wind.com/ Signed-off-by: Nicolas Dichtel Link: https://lore.kernel.org/r/20220713114853.29406-2-nicolas.dichtel@6wind.com Signed-off-by: Paolo Abeni (cherry-picked from commit cd72e61bad145a0968df85193dcf1261cb66c4c6) Signed-off-by: Luke Nowakowski-Krijger --- tools/testing/selftests/net/Makefile | 2 +- .../selftests/net/fib_nexthop_nongw.sh | 119 ++++++++++++++++++ 2 files changed, 120 insertions(+), 1 deletion(-) create mode 100755 tools/testing/selftests/net/fib_nexthop_nongw.sh diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index 6a953ec793ce..93aad7188796 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -11,7 +11,7 @@ TEST_PROGS += udpgso_bench.sh fib_rule_tests.sh msg_zerocopy.sh psock_snd.sh TEST_PROGS += udpgro_bench.sh udpgro.sh test_vxlan_under_vrf.sh reuseport_addr_any.sh TEST_PROGS += test_vxlan_fdb_changelink.sh so_txtime.sh ipv6_flowlabel.sh TEST_PROGS += tcp_fastopen_backup_key.sh fcnal-test.sh l2tp.sh traceroute.sh -TEST_PROGS += fin_ack_lat.sh fib_nexthop_multiprefix.sh fib_nexthops.sh +TEST_PROGS += fin_ack_lat.sh fib_nexthop_multiprefix.sh fib_nexthops.sh fib_nexthop_nongw.sh TEST_PROGS += altnames.sh icmp.sh icmp_redirect.sh ip6_gre_headroom.sh TEST_PROGS += route_localnet.sh TEST_PROGS += reuseaddr_ports_exhausted.sh diff --git a/tools/testing/selftests/net/fib_nexthop_nongw.sh b/tools/testing/selftests/net/fib_nexthop_nongw.sh new file mode 100755 index 000000000000..b7b928b38ce4 --- /dev/null +++ b/tools/testing/selftests/net/fib_nexthop_nongw.sh @@ -0,0 +1,119 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 +# +# ns: h1 | ns: h2 +# 192.168.0.1/24 | +# eth0 | +# | 192.168.1.1/32 +# veth0 <---|---> veth1 +# Validate source address selection for route without gateway + +PAUSE_ON_FAIL=no +VERBOSE=0 +ret=0 + +################################################################################ +# helpers + +log_test() +{ + local rc=$1 + local expected=$2 + local msg="$3" + + if [ ${rc} -eq ${expected} ]; then + printf "TEST: %-60s [ OK ]\n" "${msg}" + nsuccess=$((nsuccess+1)) + else + ret=1 + nfail=$((nfail+1)) + printf "TEST: %-60s [FAIL]\n" "${msg}" + if [ "${PAUSE_ON_FAIL}" = "yes" ]; then + echo + echo "hit enter to continue, 'q' to quit" + read a + [ "$a" = "q" ] && exit 1 + fi + fi + + [ "$VERBOSE" = "1" ] && echo +} + +run_cmd() +{ + local cmd="$*" + local out + local rc + + if [ "$VERBOSE" = "1" ]; then + echo "COMMAND: $cmd" + fi + + out=$(eval $cmd 2>&1) + rc=$? + if [ "$VERBOSE" = "1" -a -n "$out" ]; then + echo "$out" + fi + + [ "$VERBOSE" = "1" ] && echo + + return $rc +} + +################################################################################ +# config +setup() +{ + ip netns add h1 + ip -n h1 link set lo up + ip netns add h2 + ip -n h2 link set lo up + + # Add a fake eth0 to support an ip address + ip -n h1 link add name eth0 type dummy + ip -n h1 link set eth0 up + ip -n h1 address add 192.168.0.1/24 dev eth0 + + # Configure veths (same @mac, arp off) + ip -n h1 link add name veth0 type veth peer name veth1 netns h2 + ip -n h1 link set veth0 up + + ip -n h2 link set veth1 up + + # Configure @IP in the peer netns + ip -n h2 address add 192.168.1.1/32 dev veth1 + ip -n h2 route add default dev veth1 + + # Add a nexthop without @gw and use it in a route + ip -n h1 nexthop add id 1 dev veth0 + ip -n h1 route add 192.168.1.1 nhid 1 +} + +cleanup() +{ + ip netns del h1 2>/dev/null + ip netns del h2 2>/dev/null +} + +trap cleanup EXIT + +################################################################################ +# main + +while getopts :pv o +do + case $o in + p) PAUSE_ON_FAIL=yes;; + v) VERBOSE=1;; + esac +done + +cleanup +setup + +run_cmd ip -netns h1 route get 192.168.1.1 +log_test $? 0 "nexthop: get route with nexthop without gw" +run_cmd ip netns exec h1 ping -c1 192.168.1.1 +log_test $? 0 "nexthop: ping through nexthop without gw" + +exit $ret