Description shanxifanshi 2023-01-11 16:46:14 UTC

[缺陷描述]：
kernel-selftests测试套netfilter目录下nft_concat_range.sh用例fail，ruleset is not matched

测试日志：
# selftests: netfilter: nft_concat_range.sh
# TEST: reported issues
#   Add two elements, flush, re-add                               [ OK ]
#   net,mac with reload                                           [FAIL]
# udp packet to:
#   10.0.0.6 
# from:
#   00:01:00:00:07:d1 
# should have matched ruleset:
# table inet filter { # handle 42
# 	counter test { # handle 2
# 		packets 0 bytes 0
# 	}
# 
# 	set test { # handle 3
# 		type ipv4_addr . ether_addr
# 		flags interval,timeout
# 		elements = { 10.0.0.6/31 . 00:01:00:00:07:d1-00:01:00:00:07:d2,
# 			     10.0.0.9-10.0.0.11 . 00:01:00:00:07:d4-00:01:00:00:07:d6 }
# 	}
# 
# 	chain input { # handle 1
# 		type filter hook prerouting priority filter; policy accept;
# 		meta nfproto ipv4 ip daddr . ether saddr @test counter name "test" # handle 4
# 	}
# }
# table netdev perf { # handle 43
# 	counter test { # handle 2
# 		packets 0 bytes 0
# 	}
# 
# 	counter match { # handle 3
# 		packets 0 bytes 0
# 	}
# 
# 	set test { # handle 4
# 		type ipv4_addr . ether_addr
# 		flags interval
# 	}
# 
# 	set norange { # handle 5
# 		type ipv4_addr . ether_addr
# 	}
# 
# 	set noconcat { # handle 6
# 		type ipv4_addr
# 		flags interval
# 	}
# 
# 	chain test { # handle 1
# 		type filter hook ingress device "veth_a" priority filter; policy accept;
# 	}
# }
not ok 7 selftests: netfilter: nft_concat_range.sh # exit=1

复现环境：
anck 5.10 x86物理机

复现概率：
必现

内核信息：
# uname -r
5.10.134-269.git.53f303a6c3fa.an8.x86_64

操作系统信息：
# cat /etc/os-release
NAME="Anolis OS"
VERSION="8.6"
ID="anolis"
ID_LIKE="rhel fedora centos"
VERSION_ID="8.6"
PLATFORM_ID="platform:an8"
PRETTY_NAME="Anolis OS 8.6"
ANSI_COLOR="0;31"
HOME_URL="https://openanolis.cn/"

cpu信息：
# lscpu
Architecture:        x86_64
CPU op-mode(s):      32-bit, 64-bit
Byte Order:          Little Endian
CPU(s):              4
On-line CPU(s) list: 0-3
Thread(s) per core:  2
Core(s) per socket:  2
Socket(s):           1
NUMA node(s):        1
Vendor ID:           GenuineIntel
BIOS Vendor ID:      Alibaba Cloud
CPU family:          6
Model:               106
Model name:          Intel(R) Xeon(R) Platinum 8369B CPU @ 2.70GHz
BIOS Model name:     pc-i440fx-2.1
Stepping:            6
CPU MHz:             2699.998
BogoMIPS:            5399.99
Hypervisor vendor:   KVM
Virtualization type: full
L1d cache:           48K
L1i cache:           32K
L2 cache:            1280K
L3 cache:            49152K
NUMA node0 CPU(s):   0-3
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid tsc_known_freq pni pclmulqdq monitor ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch cpuid_fault invpcid_single ibrs_enhanced fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid avx512f avx512dq rdseed adx smap avx512ifma clflushopt clwb avx512cd sha_ni avx512bw avx512vl xsaveopt xsavec xgetbv1 xsaves wbnoinvd arat avx512vbmi pku ospke avx512_vbmi2 gfni vaes vpclmulqdq avx512_vnni avx512_bitalg avx512_vpopcntdq rdpid fsrm arch_capabilitie

内存信息：
# free -h
              total        used        free      shared  buff/cache   available
Mem:           15Gi       355Mi        11Gi       1.0Mi       3.6Gi        14Gi
Swap:            0B          0B          0B

[复现步骤]：
下载当前内核对应的kernel源码包
rpm -ivh xxx.src.rpm  默认安装到/root下
yum-builddep -y rpmbuild/SPECS/kernel.spec   自动安装前置依赖包，需要yum-utils
rpmbuild -bp ./rpmbuild/SPECS/kernel.spec   # 这个步骤会打相关的patch， 解压缩tar包，生成BUILD目录
cd rpmbuild/BUILD/kernel-xxx/linux-xxx/  
cd  /tools/testing/selftests/netfilter
make

执行测试用例
./nft_concat_range.sh

[期望结果]：
用例pass

[实际结果]：
用例fail