xref: /illumos-gate/usr/src/test/os-tests/tests/pf_key/15146.sh (revision 5c43f0bd385a568d23843a2fa79774668657d147)
1#!/usr/bin/ksh
2
3#
4# This file and its contents are supplied under the terms of the
5# Common Development and Distribution License ("CDDL"), version 1.0.
6# You may only use this file in accordance with the terms of version
7# 1.0 of the CDDL.
8#
9# A full copy of the text of the CDDL should have accompanied this
10# source.  A copy of the CDDL is also available via the Internet at
11# http://www.illumos.org/license/CDDL.
12#
13
14#
15# Copyright 2022 MNX Cloud, Inc.
16#
17
18# Clear and load SADB, logs.
19echo "Clearing and loading SADB"
20/usr/sbin/ipseckey flush || echo "PROBLEM: ipseckey flush failed" > /dev/stderr
21echo "add esp spi 0x2112 dst 127.0.0.1 encralg aes encrkey 1234567890abcdef1234567890abcdef" | /usr/sbin/ipseckey
22/usr/sbin/ipseckey dump || echo "PROBLEM: ipseckey dump failed" > /dev/stderr
23/bin/rm -f /tmp/15146-$$-del-*
24
25# Launch DTrace trap
26# I hope .5sec is enough chill()
27/usr/sbin/dtrace -wn 'sadb_delget_sa:entry { self->trace = 1; } get_ipsa_pair:return /self->trace == 1/ { if (arg1 == 0) chill(500000000); self->trace = 0; exit(0); }' &
28dtracepid=$!
29
30# sleep for 20sec to give DTrace time, and as a starting pistol...
31/usr/bin/sleep 20 &
32pistol=$!
33
34for a in 0 1 2 3 4 5 6 7 8 9; do
35        ( pwait $pistol ; \
36                /usr/sbin/ipseckey delete esp spi 0x2112 dst 127.0.0.1 \
37                2>&1 > /tmp/15146-$$-del-$a ) &
38done
39
40# All background jobs will finish; if they don't, let the test hang, which
41# clearly indicates a problem with IPsec or DTrace.
42wait
43
44# If we reach here we haven't panicked the kernel per illumos#15146.
45# Only way otherwise we "fail" is by not seeing the race.
46
47# Check that we did delete the SA...
48/usr/sbin/ipseckey get esp spi 0x2112 dst 127.0.0.1 2>&1 > /dev/null
49if [[ $? == 0 ]]; then
50	echo "10 delete processes didn't delete ESP(spi=0x2112, dst=127.0.0.1)" \
51		> /dev/stderr
52	exit 1
53fi
54
55# See that more than one of the above processes successfully peformed DELETE.
56count=$( grep Fatal /tmp/15146-$$-del-* | wc -l )
57if [[ $count > 8 ]]; then
58	echo "Only 1 or 0 ipseckey delete processes succeeded." > /dev/stderr
59	exit 1
60fi
61
62/bin/rm -f /tmp/15146-$$-del-*
63echo "15146 appears to not affect this kernel. Good."
64exit 0
65