On Mon, Jun 10, 2024 at 11:51:53PM +0530, Harshit Mogalapalli wrote: > Hello netfilter developers, > > Do we have any tests that we could run before sending a stable backport in > netfilter/ subsystem to stable@vger ? > > Let us say we have a CVE fix which is only backported till 5.10.y but it is > needed is 5.4.y and 4.19.y, the backport might need to easy to make, just > fixing some conflicts due to contextual changes or missing commits. Which one in particular is missing? > One question that comes in my mind is did I test that particular code, often > testing that particular code is tough unless the reproducer is public. So I > thought it would be good to learn about any netfilter test suite(set of > tests) to run before sending a backport to stable kernel which might ensure > we don't introduce regressions. There is tests/shell under the nftables userspace tree, it also detected the features that are available in your kernel.
