@@ -1800,24 +1800,33 @@ ipv4_addr_bind_novrf()
done
#
- # raw socket with nonlocal bind
+ # tests for nonlocal bind
#
a=${NL_IP}
log_start
- run_cmd nettest -s -R -P icmp -f -l ${a} -I ${NSA_DEV} -b
- log_test_addr ${a} $? 0 "Raw socket bind to nonlocal address after device bind"
+ run_cmd nettest -s -R -f -l ${a} -b
+ log_test_addr ${a} $? 0 "Raw socket bind to nonlocal address"
+
+ log_start
+ run_cmd nettest -s -f -l ${a} -b
+ log_test_addr ${a} $? 0 "TCP socket bind to nonlocal address"
+
+ # currently fails with ACCES
+ #log_start
+ #run_cmd nettest -s -D -P icmp -f -l ${a} -b
+ #log_test_addr ${a} $? 0 "ICMP socket bind to nonlocal address"
#
# check that ICMP sockets cannot bind to broadcast and multicast addresses
#
a=${BCAST_IP}
log_start
- run_cmd nettest -s -R -P icmp -l ${a} -b
+ run_cmd nettest -s -D -P icmp -l ${a} -b
log_test_addr ${a} $? 1 "ICMP socket bind to broadcast address"
a=${MCAST_IP}
log_start
- run_cmd nettest -s -R -P icmp -f -l ${a} -b
+ run_cmd nettest -s -D -P icmp -l ${a} -b
log_test_addr ${a} $? 1 "ICMP socket bind to multicast address"
#
@@ -1870,24 +1879,33 @@ ipv4_addr_bind_vrf()
log_test_addr ${a} $? 1 "Raw socket bind to out of scope address after VRF bind"
#
- # raw socket with nonlocal bind
+ # tests for nonlocal bind
#
a=${NL_IP}
log_start
- run_cmd nettest -s -R -P icmp -f -l ${a} -I ${VRF} -b
+ run_cmd nettest -s -R -f -l ${a} -I ${VRF} -b
log_test_addr ${a} $? 0 "Raw socket bind to nonlocal address after VRF bind"
+ log_start
+ run_cmd nettest -s -f -l ${a} -I ${VRF} -b
+ log_test_addr ${a} $? 0 "TCP socket bind to nonlocal address after VRF bind"
+
+ # currently fails with ACCES
+ #log_start
+ #run_cmd nettest -s -D -P icmp -f -l ${a} -I ${VRF} -b
+ #log_test_addr ${a} $? 0 "ICMP socket bind to nonlocal address after VRF bind"
+
#
# check that ICMP sockets cannot bind to broadcast and multicast addresses
#
a=${BCAST_IP}
log_start
- run_cmd nettest -s -R -P icmp -l ${a} -I ${VRF} -b
+ run_cmd nettest -s -D -P icmp -l ${a} -I ${VRF} -b
log_test_addr ${a} $? 1 "ICMP socket bind to broadcast address after VRF bind"
a=${MCAST_IP}
log_start
- run_cmd nettest -s -R -P icmp -f -l ${a} -I ${VRF} -b
+ run_cmd nettest -s -D -P icmp -l ${a} -I ${VRF} -b
log_test_addr ${a} $? 1 "ICMP socket bind to multicast address after VRF bind"
#
Commit 8ff978b8b222 ("ipv4/raw: support binding to nonlocal addresses") introduced support for binding to nonlocal addresses, as well as some basic test coverage for some of the cases. Commit b4a028c4d031 ("ipv4: ping: fix bind address validity check") fixes a regression which incorrectly removed some checks for bind address validation. In addition, it introduces regression tests for those specific checks. However, those regression tests are defective, in that they perform the tests using an incorrect combination of bind flags. As a result, those tests fail when they should succeed. This commit introduces additional regression tests for nonlocal binding and fixes the defective regression tests. PLEASE NOTE THAT THIS PATCH SHOULD NOT BE APPLIED AS-IS. The ICMP broadcast and multicast regression tests succeed, but they do so while returning the wrong error status. In particular, it isn't the bind that fails, but the socket creation. This is /not/ correct, and it must be investigated to have proper regression testing. Other instances where this happens are: 1) if the broadcast/multicast addresses are replace with an allowed (e.g. local) address (bind should work, but socket is never created in the first place); 2) the commented out tests (nonlocal bind should work but ditto.) Additionally, please note that when the test cases are manually (i.e. without the network namespace setup from fcnal-test.sh) ran, the expected/correct outcome is observed. The reason I'm submitting this patch for comments, is that I'm failing to understand where the issue lies. (Disclamer: might be something stupid/trivial that I'm plainly missing due to tunnel vision.) Signed-off-by: Riccardo Paolo Bestetti <pbl@bestov.io> --- tools/testing/selftests/net/fcnal-test.sh | 36 +++++++++++++++++------ 1 file changed, 27 insertions(+), 9 deletions(-)