diff options
author | Florian Westphal <fw@strlen.de> | 2022-02-25 12:01:23 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2022-03-01 11:48:58 +0100 |
commit | 2e78855d311c401083df9776aa450d32d716e83e (patch) | |
tree | 37255e2bd8e9ed9018cf2d984ca77b23687e0af7 /tools/testing/selftests/netfilter/nft_queue.sh | |
parent | netfilter: nf_queue: don't assume sk is full socket (diff) | |
download | wireguard-linux-2e78855d311c401083df9776aa450d32d716e83e.tar.xz wireguard-linux-2e78855d311c401083df9776aa450d32d716e83e.zip |
selftests: netfilter: add nfqueue TCP_NEW_SYN_RECV socket race test
causes:
BUG: KASAN: slab-out-of-bounds in sk_free+0x25/0x80
Write of size 4 at addr ffff888106df0284 by task nf-queue/1459
sk_free+0x25/0x80
nf_queue_entry_release_refs+0x143/0x1a0
nf_reinject+0x233/0x770
... without 'netfilter: nf_queue: don't assume sk is full socket'.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tools/testing/selftests/netfilter/nft_queue.sh')
-rwxr-xr-x | tools/testing/selftests/netfilter/nft_queue.sh | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/tools/testing/selftests/netfilter/nft_queue.sh b/tools/testing/selftests/netfilter/nft_queue.sh index 7d27f1f3bc01..e12729753351 100755 --- a/tools/testing/selftests/netfilter/nft_queue.sh +++ b/tools/testing/selftests/netfilter/nft_queue.sh @@ -113,6 +113,7 @@ table inet $name { chain output { type filter hook output priority $prio; policy accept; tcp dport 12345 queue num 3 + tcp sport 23456 queue num 3 jump nfq } chain post { @@ -296,6 +297,23 @@ test_tcp_localhost() wait 2>/dev/null } +test_tcp_localhost_connectclose() +{ + tmpfile=$(mktemp) || exit 1 + + ip netns exec ${nsrouter} ./connect_close -p 23456 -t $timeout & + + ip netns exec ${nsrouter} ./nf-queue -q 3 -t $timeout & + local nfqpid=$! + + sleep 1 + rm -f "$tmpfile" + + wait $rpid + [ $? -eq 0 ] && echo "PASS: tcp via loopback with connect/close" + wait 2>/dev/null +} + test_tcp_localhost_requeue() { ip netns exec ${nsrouter} nft -f /dev/stdin <<EOF @@ -424,6 +442,7 @@ test_queue 20 test_tcp_forward test_tcp_localhost +test_tcp_localhost_connectclose test_tcp_localhost_requeue test_icmp_vrf |