mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-12-19 00:54:41 +08:00
ipv4: fix bind address validity regression tests
Commit8ff978b8b2
("ipv4/raw: support binding to nonlocal addresses") introduces support for binding to nonlocal addresses, as well as some basic test coverage for some of the related cases. Commitb4a028c4d0
("ipv4: ping: fix bind address validity check") fixes a regression which incorrectly removed some checks for bind address validation. In addition, it introduces regression tests for those specific checks. However, those regression tests are defective, in that they perform the tests using an incorrect combination of bind flags. As a result, those tests fail when they should succeed. This commit introduces additional regression tests for nonlocal binding and fixes the defective regression tests. It also introduces new set_sysctl calls for the ipv4_bind test group, as to perform the ICMP binding tests it is necessary to allow ICMP socket creation by setting the net.ipv4.ping_group_range knob. Fixes:b4a028c4d0
("ipv4: ping: fix bind address validity check") Reported-by: Riccardo Paolo Bestetti <pbl@bestov.io> Signed-off-by: Riccardo Paolo Bestetti <pbl@bestov.io> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
9926de7315
commit
313c502fa3
@ -1800,24 +1800,32 @@ ipv4_addr_bind_novrf()
|
||||
done
|
||||
|
||||
#
|
||||
# raw socket with nonlocal bind
|
||||
# tests for nonlocal bind
|
||||
#
|
||||
a=${NL_IP}
|
||||
log_start
|
||||
run_cmd nettest -s -R -P icmp -f -l ${a} -I ${NSA_DEV} -b
|
||||
log_test_addr ${a} $? 0 "Raw socket bind to nonlocal address after device bind"
|
||||
run_cmd nettest -s -R -f -l ${a} -b
|
||||
log_test_addr ${a} $? 0 "Raw socket bind to nonlocal address"
|
||||
|
||||
log_start
|
||||
run_cmd nettest -s -f -l ${a} -b
|
||||
log_test_addr ${a} $? 0 "TCP socket bind to nonlocal address"
|
||||
|
||||
log_start
|
||||
run_cmd nettest -s -D -P icmp -f -l ${a} -b
|
||||
log_test_addr ${a} $? 0 "ICMP socket bind to nonlocal address"
|
||||
|
||||
#
|
||||
# check that ICMP sockets cannot bind to broadcast and multicast addresses
|
||||
#
|
||||
a=${BCAST_IP}
|
||||
log_start
|
||||
run_cmd nettest -s -R -P icmp -l ${a} -b
|
||||
run_cmd nettest -s -D -P icmp -l ${a} -b
|
||||
log_test_addr ${a} $? 1 "ICMP socket bind to broadcast address"
|
||||
|
||||
a=${MCAST_IP}
|
||||
log_start
|
||||
run_cmd nettest -s -R -P icmp -f -l ${a} -b
|
||||
run_cmd nettest -s -D -P icmp -l ${a} -b
|
||||
log_test_addr ${a} $? 1 "ICMP socket bind to multicast address"
|
||||
|
||||
#
|
||||
@ -1870,24 +1878,32 @@ ipv4_addr_bind_vrf()
|
||||
log_test_addr ${a} $? 1 "Raw socket bind to out of scope address after VRF bind"
|
||||
|
||||
#
|
||||
# raw socket with nonlocal bind
|
||||
# tests for nonlocal bind
|
||||
#
|
||||
a=${NL_IP}
|
||||
log_start
|
||||
run_cmd nettest -s -R -P icmp -f -l ${a} -I ${VRF} -b
|
||||
run_cmd nettest -s -R -f -l ${a} -I ${VRF} -b
|
||||
log_test_addr ${a} $? 0 "Raw socket bind to nonlocal address after VRF bind"
|
||||
|
||||
log_start
|
||||
run_cmd nettest -s -f -l ${a} -I ${VRF} -b
|
||||
log_test_addr ${a} $? 0 "TCP socket bind to nonlocal address after VRF bind"
|
||||
|
||||
log_start
|
||||
run_cmd nettest -s -D -P icmp -f -l ${a} -I ${VRF} -b
|
||||
log_test_addr ${a} $? 0 "ICMP socket bind to nonlocal address after VRF bind"
|
||||
|
||||
#
|
||||
# check that ICMP sockets cannot bind to broadcast and multicast addresses
|
||||
#
|
||||
a=${BCAST_IP}
|
||||
log_start
|
||||
run_cmd nettest -s -R -P icmp -l ${a} -I ${VRF} -b
|
||||
run_cmd nettest -s -D -P icmp -l ${a} -I ${VRF} -b
|
||||
log_test_addr ${a} $? 1 "ICMP socket bind to broadcast address after VRF bind"
|
||||
|
||||
a=${MCAST_IP}
|
||||
log_start
|
||||
run_cmd nettest -s -R -P icmp -f -l ${a} -I ${VRF} -b
|
||||
run_cmd nettest -s -D -P icmp -l ${a} -I ${VRF} -b
|
||||
log_test_addr ${a} $? 1 "ICMP socket bind to multicast address after VRF bind"
|
||||
|
||||
#
|
||||
@ -1922,10 +1938,12 @@ ipv4_addr_bind()
|
||||
|
||||
log_subsection "No VRF"
|
||||
setup
|
||||
set_sysctl net.ipv4.ping_group_range='0 2147483647' 2>/dev/null
|
||||
ipv4_addr_bind_novrf
|
||||
|
||||
log_subsection "With VRF"
|
||||
setup "yes"
|
||||
set_sysctl net.ipv4.ping_group_range='0 2147483647' 2>/dev/null
|
||||
ipv4_addr_bind_vrf
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user