On Tue, Jan 3, 2017 at 6:27 PM, Sowmini Varadhan <sowmini.varadhan@xxxxxxxxxx> wrote: > The bpf_prog used in sock_setfilter() only attempts to check for > ip pktlen, and verifies that the contents of the 80'th packet in 80th byte. > the ethernet frame is 'a' or 'b'. Offsets used for checking these > conditions are incorrectly computed. That's a bit strong. It's not incorrect, in that it just intended to match the packets as generated by the test -- which it does. > Thus many non-udp packets > could incorrectly pass through this filter and cause the test to > fail. Absolutely. The test has many potential false positives. Thanks for hardening it. I run these kinds of tests in network namespaces to rule out such flakiness from background traffic. > This commit tightens the conditions checked by the filter so > that only UDP/IPv4 packets with the matching length and test-character > will be permitted by the filter. The filter has been cleaned up > to explicitly use the BPF macros to make it more readable. > > Signed-off-by: Sowmini Varadhan <sowmini.varadhan@xxxxxxxxxx> The few comments about the commit wording are no reason for a v2. Thanks for improving the test. Acked-by: Willem de Bruijn <willemb@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-kselftest" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
