On Tue, Nov 18, 2025 at 07:15:03PM +0100, Stefano Garzarella wrote:
On Mon, Nov 17, 2025 at 06:00:33PM -0800, Bobby Eshleman wrote:
From: Bobby Eshleman bobbyeshleman@meta.com
Add tests to validate namespace correctness using vsock_test and socat. The vsock_test tool is used to validate expected success tests, but socat is used for expected failure tests. socat is used to ensure that connections are rejected outright instead of failing due to some other socket behavior (as tested in vsock_test). Additionally, socat is already required for tunneling TCP traffic from vsock_test. Using only one of the vsock_test tests like 'test_stream_client_close_client' would have yielded a similar result, but doing so wouldn't remove the socat dependency.
Additionally, check for the dependency socat. socat needs special handling beyond just checking if it is on the path because it must be compiled with support for both vsock and unix. The function check_socat() checks that this support exists.
Add more padding to test name printf strings because the tests added in this patch would otherwise overflow.
Add vm_dmesg_start() and vm_dmesg_check() to encapsulate checking dmesg for oops and warnings.
Signed-off-by: Bobby Eshleman bobbyeshleman@meta.com
Changes in v10:
- add vm_dmesg_start() and vm_dmesg_check()
Changes in v9:
- consistent variable quoting
...
+test_ns_diff_global_host_connect_to_global_vm_ok() {
- local oops_before warn_before
- local pids pid pidfile
- local ns0 ns1 port
- declare -a pids
- local unixfile
- ns0="global0"
- ns1="global1"
- port=1234
- local rc
- init_namespaces
- pidfile="$(create_pidfile)"
- if ! vm_start "${pidfile}" "${ns0}"; then
return "${KSFT_FAIL}"- fi
- vm_wait_for_ssh "${ns0}"
- oops_before=$(vm_dmesg_oops_count "${ns0}")
- warn_before=$(vm_dmesg_warn_count "${ns0}")
- unixfile=$(mktemp -u /tmp/XXXX.sock)
Should we remove this file at the end of this test?
Conveniently, socat does both the create and destroy for us.
+test_ns_diff_global_host_connect_to_local_vm_fails() {
- local oops_before warn_before
- local ns0="global0"
- local ns1="local0"
- local port=12345
- local dmesg_rc
- local pidfile
- local result
- local pid
- init_namespaces
- outfile=$(mktemp)
- pidfile="$(create_pidfile)"
- if ! vm_start "${pidfile}" "${ns1}"; then
log_host "failed to start vm (cid=${VSOCK_CID}, ns=${ns0})"return "${KSFT_FAIL}"- fi
- vm_wait_for_ssh "${ns1}"
- oops_before=$(vm_dmesg_oops_count "${ns1}")
- warn_before=$(vm_dmesg_warn_count "${ns1}")
- vm_ssh "${ns1}" -- socat VSOCK-LISTEN:"${port}" STDOUT > "${outfile}" &
Should we wait for the listener here, like we do for TCP sockets? (also in other place where we use VSOCK-LISTEN)
Definitely, I didn't know ss could do this.
Best, Bobby