xref: /linux/tools/testing/selftests/drivers/net/netdevsim/macsec-offload.sh (revision fcc79e1714e8c2b8e216dc3149812edd37884eef) 
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0-only
3
4source ethtool-common.sh
5
6NSIM_NETDEV=$(make_netdev)
7MACSEC_NETDEV=macsec_nsim
8
9set -o pipefail
10
11if ! ethtool -k $NSIM_NETDEV | grep -q 'macsec-hw-offload: on'; then
12    echo "SKIP: netdevsim doesn't support MACsec offload"
13    exit 4
14fi
15
16if ! ip link add link $NSIM_NETDEV $MACSEC_NETDEV type macsec offload mac 2>/dev/null; then
17    echo "SKIP: couldn't create macsec device"
18    exit 4
19fi
20ip link del $MACSEC_NETDEV
21
22#
23# test macsec offload API
24#
25
26ip link add link $NSIM_NETDEV "${MACSEC_NETDEV}" type macsec port 4 offload mac
27check $?
28
29ip link add link $NSIM_NETDEV "${MACSEC_NETDEV}2" type macsec address "aa:bb:cc:dd:ee:ff" port 5 offload mac
30check $?
31
32ip link add link $NSIM_NETDEV "${MACSEC_NETDEV}3" type macsec sci abbacdde01020304 offload mac
33check $?
34
35ip link add link $NSIM_NETDEV "${MACSEC_NETDEV}4" type macsec port 8 offload mac 2> /dev/null
36check $? '' '' 1
37
38ip macsec add "${MACSEC_NETDEV}" tx sa 0 pn 1024 on key 01 12345678901234567890123456789012
39check $?
40
41ip macsec add "${MACSEC_NETDEV}" rx port 1234 address "1c:ed:de:ad:be:ef"
42check $?
43
44ip macsec add "${MACSEC_NETDEV}" rx port 1234 address "1c:ed:de:ad:be:ef" sa 0 pn 1 on \
45    key 00 0123456789abcdef0123456789abcdef
46check $?
47
48ip macsec add "${MACSEC_NETDEV}" rx port 1235 address "1c:ed:de:ad:be:ef" 2> /dev/null
49check $? '' '' 1
50
51# can't disable macsec offload when SAs are configured
52ip link set "${MACSEC_NETDEV}" type macsec offload off 2> /dev/null
53check $? '' '' 1
54
55ip macsec offload "${MACSEC_NETDEV}" off 2> /dev/null
56check $? '' '' 1
57
58# toggle macsec offload via rtnetlink
59ip link set "${MACSEC_NETDEV}2" type macsec offload off
60check $?
61
62ip link set "${MACSEC_NETDEV}2" type macsec offload mac
63check $?
64
65# toggle macsec offload via genetlink
66ip macsec offload "${MACSEC_NETDEV}2" off
67check $?
68
69ip macsec offload "${MACSEC_NETDEV}2" mac
70check $?
71
72for dev in ${MACSEC_NETDEV}{,2,3} ; do
73    ip link del $dev
74    check $?
75done
76
77
78#
79# test ethtool features when toggling offload
80#
81
82ip link add link $NSIM_NETDEV $MACSEC_NETDEV type macsec offload mac
83TMP_FEATS_ON_1="$(ethtool -k $MACSEC_NETDEV)"
84
85ip link set $MACSEC_NETDEV type macsec offload off
86TMP_FEATS_OFF_1="$(ethtool -k $MACSEC_NETDEV)"
87
88ip link set $MACSEC_NETDEV type macsec offload mac
89TMP_FEATS_ON_2="$(ethtool -k $MACSEC_NETDEV)"
90
91[ "$TMP_FEATS_ON_1" = "$TMP_FEATS_ON_2" ]
92check $?
93
94ip link del $MACSEC_NETDEV
95
96ip link add link $NSIM_NETDEV $MACSEC_NETDEV type macsec
97check $?
98
99TMP_FEATS_OFF_2="$(ethtool -k $MACSEC_NETDEV)"
100[ "$TMP_FEATS_OFF_1" = "$TMP_FEATS_OFF_2" ]
101check $?
102
103ip link set $MACSEC_NETDEV type macsec offload mac
104check $?
105
106TMP_FEATS_ON_3="$(ethtool -k $MACSEC_NETDEV)"
107[ "$TMP_FEATS_ON_1" = "$TMP_FEATS_ON_3" ]
108check $?
109
110
111if [ $num_errors -eq 0 ]; then
112    echo "PASSED all $((num_passes)) checks"
113    exit 0
114else
115    echo "FAILED $num_errors/$((num_errors+num_passes)) checks"
116    exit 1
117fi
118