blob: b8a54ed7444d9bc44a51f2e9bd2664b2376e401a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
#!/bin/bash -e
# This wrapper wraps the invocation of the test. It is called by run-tests.sh,
# and already in the unshared namespace.
#
# For some printf debugging, you can also patch this file.
TEST="$1"
TESTBASE="$(basename "$TEST")"
TESTDIR="$(dirname "$TEST")"
CLEANUP_UMOUNT_RUN_NETNS=n
cleanup() {
if [ "$CLEANUP_UMOUNT_RUN_NETNS" = y ] ; then
umount "/var/run/netns" || :
fi
}
trap cleanup EXIT
printf '%s\n' "$TEST" > "$NFT_TEST_TESTTMPDIR/name"
read tainted_before < /proc/sys/kernel/tainted
if [ "$NFT_TEST_HAS_UNSHARED_MOUNT" = y ] ; then
# We have a private mount namespace. We will mount /run/netns as a tmpfs,
# this is useful because `ip netns add` wants to add files there.
#
# When running as rootless, this is necessary to get such tests to
# pass. When running rootful, it's still useful to not touch the
# "real" /var/run/netns of the system.
mkdir -p /var/run/netns
if mount -t tmpfs --make-private "/var/run/netns" ; then
CLEANUP_UMOUNT_RUN_NETNS=y
fi
fi
rc_test=0
"$TEST" &> "$NFT_TEST_TESTTMPDIR/testout.log" || rc_test=$?
$NFT list ruleset > "$NFT_TEST_TESTTMPDIR/ruleset-after"
read tainted_after < /proc/sys/kernel/tainted
DUMPPATH="$TESTDIR/dumps"
DUMPFILE="$DUMPPATH/$TESTBASE.nft"
dump_written=
rc_dump=
# The caller can request a re-geneating of the dumps, by setting
# DUMPGEN=y.
#
# This only will happen if the command completed with success.
#
# It also will only happen for tests, that have a "$DUMPPATH" directory. There
# might be tests, that don't want to have dumps created. The existence of the
# directory controls that.
if [ "$rc_test" -eq 0 -a "$DUMPGEN" = y -a -d "$DUMPPATH" ] ; then
dump_written=y
cat "$NFT_TEST_TESTTMPDIR/ruleset-after" > "$DUMPFILE"
fi
if [ "$rc_test" -ne 77 -a -f "$DUMPFILE" ] ; then
rc_dump=0
if [ "$dump_written" != y ] ; then
$DIFF -u "$DUMPFILE" "$NFT_TEST_TESTTMPDIR/ruleset-after" &> "$NFT_TEST_TESTTMPDIR/ruleset-diff" || rc_dump=$?
if [ "$rc_dump" -eq 0 ] ; then
rm -f "$NFT_TEST_TESTTMPDIR/ruleset-diff"
fi
fi
fi
if [ "$tainted_before" != "$tainted_after" ] ; then
echo "$tainted_after" > "$NFT_TEST_TESTTMPDIR/rc-failed-tainted"
fi
rc_exit="$rc_test"
if [ -n "$rc_dump" ] && [ "$rc_dump" -ne 0 ] ; then
echo "$DUMPFILE" > "$NFT_TEST_TESTTMPDIR/rc-failed-dump"
echo "$rc_test" > "$NFT_TEST_TESTTMPDIR/rc-failed"
if [ "$rc_exit" -eq 0 ] ; then
# Special exit code to indicate dump diff.
rc_exit=124
fi
elif [ "$rc_test" -eq 77 ] ; then
echo "$rc_test" > "$NFT_TEST_TESTTMPDIR/rc-skipped"
elif [ "$rc_test" -eq 0 -a "$tainted_before" = "$tainted_after" ] ; then
echo "$rc_test" > "$NFT_TEST_TESTTMPDIR/rc-ok"
else
echo "$rc_test" > "$NFT_TEST_TESTTMPDIR/rc-failed"
if [ "$rc_test" -eq 0 -a "$tainted_before" != "$tainted_after" ] ; then
# Special exit code to indicate tainted.
rc_exit=123
elif [ "$rc_test" -eq 124 -o "$rc_test" -eq 123 ] ; then
# These exit codes are reserved
rc_exit=125
fi
fi
exit "$rc_exit"
|
