tcindex01: Simplify test

The bug can be reproduced simply by adding, removing and adding again
the same tcindex traffic filter. If the bug is present, the attempt
to add the removed filter again will fail with EEXIST error.

Signed-off-by: Martin Doucha <[email protected]>
Reviewed-by: Cyril Hrubis <[email protected]>

testcases/cve/tcindex01.c

@@ -84,31 +84,26 @@ static void setup(void)
 
 static void run(void)
 {
-	unsigned int i;
-
-	for (i = 0; i < 100; i++) {
-		NETDEV_ADD_QDISC(DEVNAME, AF_UNSPEC, TC_H_ROOT, qd_handle,
-			"htb", qd_config);
-		NETDEV_ADD_TRAFFIC_CLASS(DEVNAME, qd_handle, clsid, "htb",
-			cls_config);
-		NETDEV_ADD_TRAFFIC_FILTER(DEVNAME, qd_handle, 10, ETH_P_IP, 1,
-			"tcindex", f_config);
-		NETDEV_REMOVE_TRAFFIC_FILTER(DEVNAME, qd_handle, 10, ETH_P_IP,
-			1, "tcindex");
-
-		/* Wait at least one jiffy for use-after-free */
-		usleep(10000);
-
-		NETDEV_REMOVE_QDISC(DEVNAME, AF_UNSPEC, TC_H_ROOT, qd_handle,
-			"htb");
-	}
-
-	if (tst_taint_check()) {
-		tst_res(TFAIL, "Kernel is vulnerable");
-		return;
-	}
-
-	tst_res(TPASS, "Nothing bad happened (yet)");
+	int ret;
+
+	NETDEV_ADD_QDISC(DEVNAME, AF_UNSPEC, TC_H_ROOT, qd_handle, "htb",
+		qd_config);
+	NETDEV_ADD_TRAFFIC_CLASS(DEVNAME, qd_handle, clsid, "htb", cls_config);
+	NETDEV_ADD_TRAFFIC_FILTER(DEVNAME, qd_handle, 10, ETH_P_IP, 1,
+		"tcindex", f_config);
+	NETDEV_REMOVE_TRAFFIC_FILTER(DEVNAME, qd_handle, 10, ETH_P_IP,
+		1, "tcindex");
+	ret = tst_netdev_add_traffic_filter(__FILE__, __LINE__, 0, DEVNAME,
+		qd_handle, 10, ETH_P_IP, 1, "tcindex", f_config);
+	TST_ERR = tst_rtnl_errno;
+	NETDEV_REMOVE_QDISC(DEVNAME, AF_UNSPEC, TC_H_ROOT, qd_handle, "htb");
+
+	if (ret)
+		tst_res(TPASS, "Removing tcindex filter works correctly");
+	else if (TST_ERR == EEXIST)
+		tst_res(TFAIL, "Kernel traffic filter list is corrupted");
+	else
+		tst_brk(TBROK | TTERRNO, "Unexpected rtnetlink error");
 }
 
 static void cleanup(void)