tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

selftests: netfilter: add IPV6_TUNNEL to config

The script now requires IPV6 tunnel support, enable this.
This should have caught by CI, but as the config option is missing,
the tunnel interface isn't added. This results in an error cascade
that ends with "route change default" failure.

That in turn means the "ipv6 tunnel" test re-uses the previous
test setup so the "ip6ip6" test passes and script returns 0.

Make sure to catch such bugs, set ret=1 if device cannot be added
and delete the old default route before installing the new one.

After this change, IPV6_TUNNEL=n kernel builds fail with the expected
FAIL: flow offload for ns1/ns2 with IP6IP6 tunnel

... while builds with IPV6_TUNNEL=m pass as before.

Fixes: 5e5180352193 ("selftests: netfilter: nft_flowtable.sh: Add IP6IP6 flowtable selftest")
Acked-by: Lorenzo Bianconi <lorenzo@kernel.org>
Signed-off-by: Florian Westphal <fw@strlen.de>

Florian Westphal 1d79ae50 2a441a9a

+14 -6
+1
tools/testing/selftests/net/netfilter/config
··· 29 29 CONFIG_IP_SCTP=m 30 30 CONFIG_IPV6=y 31 31 CONFIG_IPV6_MULTIPLE_TABLES=y 32 + CONFIG_IPV6_TUNNEL=m 32 33 CONFIG_IP_VS=m 33 34 CONFIG_IP_VS_PROTO_TCP=y 34 35 CONFIG_IP_VS_RR=m
+13 -6
tools/testing/selftests/net/netfilter/nft_flowtable.sh
··· 601 601 ip -net "$nsr2" addr add 192.168.100.2/24 dev tun0 602 602 ip netns exec "$nsr2" sysctl net.ipv4.conf.tun0.forwarding=1 > /dev/null 603 603 604 - ip -net "$nsr2" link add name tun6 type ip6tnl local fee1:2::2 remote fee1:2::1 604 + ip -net "$nsr2" link add name tun6 type ip6tnl local fee1:2::2 remote fee1:2::1 || ret=1 605 605 ip -net "$nsr2" link set tun6 up 606 606 ip -net "$nsr2" addr add fee1:3::2/64 dev tun6 nodad 607 607 608 608 ip -net "$nsr1" route change default via 192.168.100.2 609 609 ip -net "$nsr2" route change default via 192.168.100.1 610 - ip -6 -net "$nsr1" route change default via fee1:3::2 611 - ip -6 -net "$nsr2" route change default via fee1:3::1 610 + 611 + # do not use "route change" and delete old default so 612 + # socat fails to connect in case new default can't be added. 613 + ip -6 -net "$nsr1" route delete default 614 + ip -6 -net "$nsr1" route add default via fee1:3::2 615 + ip -6 -net "$nsr2" route delete default 616 + ip -6 -net "$nsr2" route add default via fee1:3::1 612 617 ip -net "$ns2" route add default via 10.0.2.1 613 618 ip -6 -net "$ns2" route add default via dead:2::1 614 619 ··· 654 649 ip -net "$nsr1" link add name tun6.10 type ip6tnl local fee1:4::1 remote fee1:4::2 655 650 ip -net "$nsr1" link set tun6.10 up 656 651 ip -net "$nsr1" addr add fee1:5::1/64 dev tun6.10 nodad 657 - ip -6 -net "$nsr1" route change default via fee1:5::2 652 + ip -6 -net "$nsr1" route delete default 653 + ip -6 -net "$nsr1" route add default via fee1:5::2 658 654 ip netns exec "$nsr1" nft -a insert rule inet filter forward 'meta oif tun6.10 accept' 659 655 660 656 ip -net "$nsr2" link add link veth0 name veth0.10 type vlan id 10 ··· 670 664 ip -net "$nsr2" route change default via 192.168.200.1 671 665 ip netns exec "$nsr2" sysctl net.ipv4.conf.tun0/10.forwarding=1 > /dev/null 672 666 673 - ip -net "$nsr2" link add name tun6.10 type ip6tnl local fee1:4::2 remote fee1:4::1 667 + ip -net "$nsr2" link add name tun6.10 type ip6tnl local fee1:4::2 remote fee1:4::1 || ret=1 674 668 ip -net "$nsr2" link set tun6.10 up 675 669 ip -net "$nsr2" addr add fee1:5::2/64 dev tun6.10 nodad 676 - ip -6 -net "$nsr2" route change default via fee1:5::1 670 + ip -6 -net "$nsr2" route delete default 671 + ip -6 -net "$nsr2" route add default via fee1:5::1 677 672 678 673 if ! test_tcp_forwarding_nat "$ns1" "$ns2" 1 "IPIP tunnel over vlan"; then 679 674 echo "FAIL: flow offload for ns1/ns2 with IPIP tunnel over vlan" 1>&2