1#!/bin/bash 2# 3# This test is for checking rtnetlink callpaths, and get as much coverage as possible. 4# 5# set -e 6 7devdummy="test-dummy0" 8ret=0 9 10# Kselftest framework requirement - SKIP code is 4. 11ksft_skip=4 12 13# set global exit status, but never reset nonzero one. 14check_err() 15{ 16 if [ $ret -eq 0 ]; then 17 ret=$1 18 fi 19} 20 21# same but inverted -- used when command must fail for test to pass 22check_fail() 23{ 24 if [ $1 -eq 0 ]; then 25 ret=1 26 fi 27} 28 29kci_add_dummy() 30{ 31 ip link add name "$devdummy" type dummy 32 check_err $? 33 ip link set "$devdummy" up 34 check_err $? 35} 36 37kci_del_dummy() 38{ 39 ip link del dev "$devdummy" 40 check_err $? 41} 42 43kci_test_netconf() 44{ 45 dev="$1" 46 r=$ret 47 48 ip netconf show dev "$dev" > /dev/null 49 check_err $? 50 51 for f in 4 6; do 52 ip -$f netconf show dev "$dev" > /dev/null 53 check_err $? 54 done 55 56 if [ $ret -ne 0 ] ;then 57 echo "FAIL: ip netconf show $dev" 58 test $r -eq 0 && ret=0 59 return 1 60 fi 61} 62 63# add a bridge with vlans on top 64kci_test_bridge() 65{ 66 devbr="test-br0" 67 vlandev="testbr-vlan1" 68 69 ret=0 70 ip link add name "$devbr" type bridge 71 check_err $? 72 73 ip link set dev "$devdummy" master "$devbr" 74 check_err $? 75 76 ip link set "$devbr" up 77 check_err $? 78 79 ip link add link "$devbr" name "$vlandev" type vlan id 1 80 check_err $? 81 ip addr add dev "$vlandev" 10.200.7.23/30 82 check_err $? 83 ip -6 addr add dev "$vlandev" dead:42::1234/64 84 check_err $? 85 ip -d link > /dev/null 86 check_err $? 87 ip r s t all > /dev/null 88 check_err $? 89 90 for name in "$devbr" "$vlandev" "$devdummy" ; do 91 kci_test_netconf "$name" 92 done 93 94 ip -6 addr del dev "$vlandev" dead:42::1234/64 95 check_err $? 96 97 ip link del dev "$vlandev" 98 check_err $? 99 ip link del dev "$devbr" 100 check_err $? 101 102 if [ $ret -ne 0 ];then 103 echo "FAIL: bridge setup" 104 return 1 105 fi 106 echo "PASS: bridge setup" 107 108} 109 110kci_test_gre() 111{ 112 gredev=neta 113 rem=10.42.42.1 114 loc=10.0.0.1 115 116 ret=0 117 ip tunnel add $gredev mode gre remote $rem local $loc ttl 1 118 check_err $? 119 ip link set $gredev up 120 check_err $? 121 ip addr add 10.23.7.10 dev $gredev 122 check_err $? 123 ip route add 10.23.8.0/30 dev $gredev 124 check_err $? 125 ip addr add dev "$devdummy" 10.23.7.11/24 126 check_err $? 127 ip link > /dev/null 128 check_err $? 129 ip addr > /dev/null 130 check_err $? 131 132 kci_test_netconf "$gredev" 133 134 ip addr del dev "$devdummy" 10.23.7.11/24 135 check_err $? 136 137 ip link del $gredev 138 check_err $? 139 140 if [ $ret -ne 0 ];then 141 echo "FAIL: gre tunnel endpoint" 142 return 1 143 fi 144 echo "PASS: gre tunnel endpoint" 145} 146 147# tc uses rtnetlink too, for full tc testing 148# please see tools/testing/selftests/tc-testing. 149kci_test_tc() 150{ 151 dev=lo 152 ret=0 153 154 tc qdisc add dev "$dev" root handle 1: htb 155 check_err $? 156 tc class add dev "$dev" parent 1: classid 1:10 htb rate 1mbit 157 check_err $? 158 tc filter add dev "$dev" parent 1:0 prio 5 handle ffe: protocol ip u32 divisor 256 159 check_err $? 160 tc filter add dev "$dev" parent 1:0 prio 5 handle ffd: protocol ip u32 divisor 256 161 check_err $? 162 tc filter add dev "$dev" parent 1:0 prio 5 handle ffc: protocol ip u32 divisor 256 163 check_err $? 164 tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 ht ffe:2: match ip src 10.0.0.3 flowid 1:10 165 check_err $? 166 tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:2 u32 ht ffe:2: match ip src 10.0.0.2 flowid 1:10 167 check_err $? 168 tc filter show dev "$dev" parent 1:0 > /dev/null 169 check_err $? 170 tc filter del dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 171 check_err $? 172 tc filter show dev "$dev" parent 1:0 > /dev/null 173 check_err $? 174 tc qdisc del dev "$dev" root handle 1: htb 175 check_err $? 176 177 if [ $ret -ne 0 ];then 178 echo "FAIL: tc htb hierarchy" 179 return 1 180 fi 181 echo "PASS: tc htb hierarchy" 182 183} 184 185kci_test_polrouting() 186{ 187 ret=0 188 ip rule add fwmark 1 lookup 100 189 check_err $? 190 ip route add local 0.0.0.0/0 dev lo table 100 191 check_err $? 192 ip r s t all > /dev/null 193 check_err $? 194 ip rule del fwmark 1 lookup 100 195 check_err $? 196 ip route del local 0.0.0.0/0 dev lo table 100 197 check_err $? 198 199 if [ $ret -ne 0 ];then 200 echo "FAIL: policy route test" 201 return 1 202 fi 203 echo "PASS: policy routing" 204} 205 206kci_test_route_get() 207{ 208 ret=0 209 210 ip route get 127.0.0.1 > /dev/null 211 check_err $? 212 ip route get 127.0.0.1 dev "$devdummy" > /dev/null 213 check_err $? 214 ip route get ::1 > /dev/null 215 check_err $? 216 ip route get fe80::1 dev "$devdummy" > /dev/null 217 check_err $? 218 ip route get 127.0.0.1 from 127.0.0.1 oif lo tos 0x1 mark 0x1 > /dev/null 219 check_err $? 220 ip route get ::1 from ::1 iif lo oif lo tos 0x1 mark 0x1 > /dev/null 221 check_err $? 222 ip addr add dev "$devdummy" 10.23.7.11/24 223 check_err $? 224 ip route get 10.23.7.11 from 10.23.7.12 iif "$devdummy" > /dev/null 225 check_err $? 226 ip addr del dev "$devdummy" 10.23.7.11/24 227 check_err $? 228 229 if [ $ret -ne 0 ];then 230 echo "FAIL: route get" 231 return 1 232 fi 233 234 echo "PASS: route get" 235} 236 237kci_test_addrlabel() 238{ 239 ret=0 240 241 ip addrlabel add prefix dead::/64 dev lo label 1 242 check_err $? 243 244 ip addrlabel list |grep -q "prefix dead::/64 dev lo label 1" 245 check_err $? 246 247 ip addrlabel del prefix dead::/64 dev lo label 1 2> /dev/null 248 check_err $? 249 250 ip addrlabel add prefix dead::/64 label 1 2> /dev/null 251 check_err $? 252 253 ip addrlabel del prefix dead::/64 label 1 2> /dev/null 254 check_err $? 255 256 # concurrent add/delete 257 for i in $(seq 1 1000); do 258 ip addrlabel add prefix 1c3::/64 label 12345 2>/dev/null 259 done & 260 261 for i in $(seq 1 1000); do 262 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null 263 done 264 265 wait 266 267 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null 268 269 if [ $ret -ne 0 ];then 270 echo "FAIL: ipv6 addrlabel" 271 return 1 272 fi 273 274 echo "PASS: ipv6 addrlabel" 275} 276 277kci_test_ifalias() 278{ 279 ret=0 280 namewant=$(uuidgen) 281 syspathname="/sys/class/net/$devdummy/ifalias" 282 283 ip link set dev "$devdummy" alias "$namewant" 284 check_err $? 285 286 if [ $ret -ne 0 ]; then 287 echo "FAIL: cannot set interface alias of $devdummy to $namewant" 288 return 1 289 fi 290 291 ip link show "$devdummy" | grep -q "alias $namewant" 292 check_err $? 293 294 if [ -r "$syspathname" ] ; then 295 read namehave < "$syspathname" 296 if [ "$namewant" != "$namehave" ]; then 297 echo "FAIL: did set ifalias $namewant but got $namehave" 298 return 1 299 fi 300 301 namewant=$(uuidgen) 302 echo "$namewant" > "$syspathname" 303 ip link show "$devdummy" | grep -q "alias $namewant" 304 check_err $? 305 306 # sysfs interface allows to delete alias again 307 echo "" > "$syspathname" 308 309 ip link show "$devdummy" | grep -q "alias $namewant" 310 check_fail $? 311 312 for i in $(seq 1 100); do 313 uuidgen > "$syspathname" & 314 done 315 316 wait 317 318 # re-add the alias -- kernel should free mem when dummy dev is removed 319 ip link set dev "$devdummy" alias "$namewant" 320 check_err $? 321 fi 322 323 if [ $ret -ne 0 ]; then 324 echo "FAIL: set interface alias $devdummy to $namewant" 325 return 1 326 fi 327 328 echo "PASS: set ifalias $namewant for $devdummy" 329} 330 331kci_test_vrf() 332{ 333 vrfname="test-vrf" 334 ret=0 335 336 ip link show type vrf 2>/dev/null 337 if [ $? -ne 0 ]; then 338 echo "SKIP: vrf: iproute2 too old" 339 return $ksft_skip 340 fi 341 342 ip link add "$vrfname" type vrf table 10 343 check_err $? 344 if [ $ret -ne 0 ];then 345 echo "FAIL: can't add vrf interface, skipping test" 346 return 0 347 fi 348 349 ip -br link show type vrf | grep -q "$vrfname" 350 check_err $? 351 if [ $ret -ne 0 ];then 352 echo "FAIL: created vrf device not found" 353 return 1 354 fi 355 356 ip link set dev "$vrfname" up 357 check_err $? 358 359 ip link set dev "$devdummy" master "$vrfname" 360 check_err $? 361 ip link del dev "$vrfname" 362 check_err $? 363 364 if [ $ret -ne 0 ];then 365 echo "FAIL: vrf" 366 return 1 367 fi 368 369 echo "PASS: vrf" 370} 371 372kci_test_encap_vxlan() 373{ 374 ret=0 375 vxlan="test-vxlan0" 376 vlan="test-vlan0" 377 testns="$1" 378 379 ip netns exec "$testns" ip link add "$vxlan" type vxlan id 42 group 239.1.1.1 \ 380 dev "$devdummy" dstport 4789 2>/dev/null 381 if [ $? -ne 0 ]; then 382 echo "FAIL: can't add vxlan interface, skipping test" 383 return 0 384 fi 385 check_err $? 386 387 ip netns exec "$testns" ip addr add 10.2.11.49/24 dev "$vxlan" 388 check_err $? 389 390 ip netns exec "$testns" ip link set up dev "$vxlan" 391 check_err $? 392 393 ip netns exec "$testns" ip link add link "$vxlan" name "$vlan" type vlan id 1 394 check_err $? 395 396 ip netns exec "$testns" ip link del "$vxlan" 397 check_err $? 398 399 if [ $ret -ne 0 ]; then 400 echo "FAIL: vxlan" 401 return 1 402 fi 403 echo "PASS: vxlan" 404} 405 406kci_test_encap_fou() 407{ 408 ret=0 409 name="test-fou" 410 testns="$1" 411 412 ip fou help 2>&1 |grep -q 'Usage: ip fou' 413 if [ $? -ne 0 ];then 414 echo "SKIP: fou: iproute2 too old" 415 return $ksft_skip 416 fi 417 418 ip netns exec "$testns" ip fou add port 7777 ipproto 47 2>/dev/null 419 if [ $? -ne 0 ];then 420 echo "FAIL: can't add fou port 7777, skipping test" 421 return 1 422 fi 423 424 ip netns exec "$testns" ip fou add port 8888 ipproto 4 425 check_err $? 426 427 ip netns exec "$testns" ip fou del port 9999 2>/dev/null 428 check_fail $? 429 430 ip netns exec "$testns" ip fou del port 7777 431 check_err $? 432 433 if [ $ret -ne 0 ]; then 434 echo "FAIL: fou" 435 return 1 436 fi 437 438 echo "PASS: fou" 439} 440 441# test various encap methods, use netns to avoid unwanted interference 442kci_test_encap() 443{ 444 testns="testns" 445 ret=0 446 447 ip netns add "$testns" 448 if [ $? -ne 0 ]; then 449 echo "SKIP encap tests: cannot add net namespace $testns" 450 return $ksft_skip 451 fi 452 453 ip netns exec "$testns" ip link set lo up 454 check_err $? 455 456 ip netns exec "$testns" ip link add name "$devdummy" type dummy 457 check_err $? 458 ip netns exec "$testns" ip link set "$devdummy" up 459 check_err $? 460 461 kci_test_encap_vxlan "$testns" 462 kci_test_encap_fou "$testns" 463 464 ip netns del "$testns" 465} 466 467kci_test_macsec() 468{ 469 msname="test_macsec0" 470 ret=0 471 472 ip macsec help 2>&1 | grep -q "^Usage: ip macsec" 473 if [ $? -ne 0 ]; then 474 echo "SKIP: macsec: iproute2 too old" 475 return $ksft_skip 476 fi 477 478 ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on 479 check_err $? 480 if [ $ret -ne 0 ];then 481 echo "FAIL: can't add macsec interface, skipping test" 482 return 1 483 fi 484 485 ip macsec add "$msname" tx sa 0 pn 1024 on key 01 12345678901234567890123456789012 486 check_err $? 487 488 ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" 489 check_err $? 490 491 ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" sa 0 pn 1 on key 00 0123456789abcdef0123456789abcdef 492 check_err $? 493 494 ip macsec show > /dev/null 495 check_err $? 496 497 ip link del dev "$msname" 498 check_err $? 499 500 if [ $ret -ne 0 ];then 501 echo "FAIL: macsec" 502 return 1 503 fi 504 505 echo "PASS: macsec" 506} 507 508#------------------------------------------------------------------- 509# Example commands 510# ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \ 511# spi 0x07 mode transport reqid 0x07 replay-window 32 \ 512# aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \ 513# sel src 14.0.0.52/24 dst 14.0.0.70/24 514# ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \ 515# tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \ 516# spi 0x07 mode transport reqid 0x07 517# 518# Subcommands not tested 519# ip x s update 520# ip x s allocspi 521# ip x s deleteall 522# ip x p update 523# ip x p deleteall 524# ip x p set 525#------------------------------------------------------------------- 526kci_test_ipsec() 527{ 528 ret=0 529 algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128" 530 srcip=192.168.123.1 531 dstip=192.168.123.2 532 spi=7 533 534 ip addr add $srcip dev $devdummy 535 536 # flush to be sure there's nothing configured 537 ip x s flush ; ip x p flush 538 check_err $? 539 540 # start the monitor in the background 541 tmpfile=`mktemp /var/run/ipsectestXXX` 542 mpid=`(ip x m > $tmpfile & echo $!) 2>/dev/null` 543 sleep 0.2 544 545 ipsecid="proto esp src $srcip dst $dstip spi 0x07" 546 ip x s add $ipsecid \ 547 mode transport reqid 0x07 replay-window 32 \ 548 $algo sel src $srcip/24 dst $dstip/24 549 check_err $? 550 551 lines=`ip x s list | grep $srcip | grep $dstip | wc -l` 552 test $lines -eq 2 553 check_err $? 554 555 ip x s count | grep -q "SAD count 1" 556 check_err $? 557 558 lines=`ip x s get $ipsecid | grep $srcip | grep $dstip | wc -l` 559 test $lines -eq 2 560 check_err $? 561 562 ip x s delete $ipsecid 563 check_err $? 564 565 lines=`ip x s list | wc -l` 566 test $lines -eq 0 567 check_err $? 568 569 ipsecsel="dir out src $srcip/24 dst $dstip/24" 570 ip x p add $ipsecsel \ 571 tmpl proto esp src $srcip dst $dstip \ 572 spi 0x07 mode transport reqid 0x07 573 check_err $? 574 575 lines=`ip x p list | grep $srcip | grep $dstip | wc -l` 576 test $lines -eq 2 577 check_err $? 578 579 ip x p count | grep -q "SPD IN 0 OUT 1 FWD 0" 580 check_err $? 581 582 lines=`ip x p get $ipsecsel | grep $srcip | grep $dstip | wc -l` 583 test $lines -eq 2 584 check_err $? 585 586 ip x p delete $ipsecsel 587 check_err $? 588 589 lines=`ip x p list | wc -l` 590 test $lines -eq 0 591 check_err $? 592 593 # check the monitor results 594 kill $mpid 595 lines=`wc -l $tmpfile | cut "-d " -f1` 596 test $lines -eq 20 597 check_err $? 598 rm -rf $tmpfile 599 600 # clean up any leftovers 601 ip x s flush 602 check_err $? 603 ip x p flush 604 check_err $? 605 ip addr del $srcip/32 dev $devdummy 606 607 if [ $ret -ne 0 ]; then 608 echo "FAIL: ipsec" 609 return 1 610 fi 611 echo "PASS: ipsec" 612} 613 614#------------------------------------------------------------------- 615# Example commands 616# ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \ 617# spi 0x07 mode transport reqid 0x07 replay-window 32 \ 618# aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \ 619# sel src 14.0.0.52/24 dst 14.0.0.70/24 620# offload dev sim1 dir out 621# ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \ 622# tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \ 623# spi 0x07 mode transport reqid 0x07 624# 625#------------------------------------------------------------------- 626kci_test_ipsec_offload() 627{ 628 ret=0 629 algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128" 630 srcip=192.168.123.3 631 dstip=192.168.123.4 632 dev=simx1 633 sysfsd=/sys/kernel/debug/netdevsim/$dev 634 sysfsf=$sysfsd/ipsec 635 636 # setup netdevsim since dummydev doesn't have offload support 637 modprobe netdevsim 638 check_err $? 639 if [ $ret -ne 0 ]; then 640 echo "FAIL: ipsec_offload can't load netdevsim" 641 return 1 642 fi 643 644 ip link add $dev type netdevsim 645 ip addr add $srcip dev $dev 646 ip link set $dev up 647 if [ ! -d $sysfsd ] ; then 648 echo "FAIL: ipsec_offload can't create device $dev" 649 return 1 650 fi 651 if [ ! -f $sysfsf ] ; then 652 echo "FAIL: ipsec_offload netdevsim doesn't support IPsec offload" 653 return 1 654 fi 655 656 # flush to be sure there's nothing configured 657 ip x s flush ; ip x p flush 658 659 # create offloaded SAs, both in and out 660 ip x p add dir out src $srcip/24 dst $dstip/24 \ 661 tmpl proto esp src $srcip dst $dstip spi 9 \ 662 mode transport reqid 42 663 check_err $? 664 ip x p add dir out src $dstip/24 dst $srcip/24 \ 665 tmpl proto esp src $dstip dst $srcip spi 9 \ 666 mode transport reqid 42 667 check_err $? 668 669 ip x s add proto esp src $srcip dst $dstip spi 9 \ 670 mode transport reqid 42 $algo sel src $srcip/24 dst $dstip/24 \ 671 offload dev $dev dir out 672 check_err $? 673 ip x s add proto esp src $dstip dst $srcip spi 9 \ 674 mode transport reqid 42 $algo sel src $dstip/24 dst $srcip/24 \ 675 offload dev $dev dir in 676 check_err $? 677 if [ $ret -ne 0 ]; then 678 echo "FAIL: ipsec_offload can't create SA" 679 return 1 680 fi 681 682 # does offload show up in ip output 683 lines=`ip x s list | grep -c "crypto offload parameters: dev $dev dir"` 684 if [ $lines -ne 2 ] ; then 685 echo "FAIL: ipsec_offload SA offload missing from list output" 686 check_err 1 687 fi 688 689 # use ping to exercise the Tx path 690 ping -I $dev -c 3 -W 1 -i 0 $dstip >/dev/null 691 692 # does driver have correct offload info 693 diff $sysfsf - << EOF 694SA count=2 tx=3 695sa[0] tx ipaddr=0x00000000 00000000 00000000 00000000 696sa[0] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1 697sa[0] key=0x34333231 38373635 32313039 36353433 698sa[1] rx ipaddr=0x00000000 00000000 00000000 037ba8c0 699sa[1] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1 700sa[1] key=0x34333231 38373635 32313039 36353433 701EOF 702 if [ $? -ne 0 ] ; then 703 echo "FAIL: ipsec_offload incorrect driver data" 704 check_err 1 705 fi 706 707 # does offload get removed from driver 708 ip x s flush 709 ip x p flush 710 lines=`grep -c "SA count=0" $sysfsf` 711 if [ $lines -ne 1 ] ; then 712 echo "FAIL: ipsec_offload SA not removed from driver" 713 check_err 1 714 fi 715 716 # clean up any leftovers 717 ip link del $dev 718 rmmod netdevsim 719 720 if [ $ret -ne 0 ]; then 721 echo "FAIL: ipsec_offload" 722 return 1 723 fi 724 echo "PASS: ipsec_offload" 725} 726 727kci_test_gretap() 728{ 729 testns="testns" 730 DEV_NS=gretap00 731 ret=0 732 733 ip netns add "$testns" 734 if [ $? -ne 0 ]; then 735 echo "SKIP gretap tests: cannot add net namespace $testns" 736 return $ksft_skip 737 fi 738 739 ip link help gretap 2>&1 | grep -q "^Usage:" 740 if [ $? -ne 0 ];then 741 echo "SKIP: gretap: iproute2 too old" 742 ip netns del "$testns" 743 return $ksft_skip 744 fi 745 746 # test native tunnel 747 ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap seq \ 748 key 102 local 172.16.1.100 remote 172.16.1.200 749 check_err $? 750 751 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24 752 check_err $? 753 754 ip netns exec "$testns" ip link set dev $DEV_NS up 755 check_err $? 756 757 ip netns exec "$testns" ip link del "$DEV_NS" 758 check_err $? 759 760 # test external mode 761 ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap external 762 check_err $? 763 764 ip netns exec "$testns" ip link del "$DEV_NS" 765 check_err $? 766 767 if [ $ret -ne 0 ]; then 768 echo "FAIL: gretap" 769 ip netns del "$testns" 770 return 1 771 fi 772 echo "PASS: gretap" 773 774 ip netns del "$testns" 775} 776 777kci_test_ip6gretap() 778{ 779 testns="testns" 780 DEV_NS=ip6gretap00 781 ret=0 782 783 ip netns add "$testns" 784 if [ $? -ne 0 ]; then 785 echo "SKIP ip6gretap tests: cannot add net namespace $testns" 786 return $ksft_skip 787 fi 788 789 ip link help ip6gretap 2>&1 | grep -q "^Usage:" 790 if [ $? -ne 0 ];then 791 echo "SKIP: ip6gretap: iproute2 too old" 792 ip netns del "$testns" 793 return $ksft_skip 794 fi 795 796 # test native tunnel 797 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap seq \ 798 key 102 local fc00:100::1 remote fc00:100::2 799 check_err $? 800 801 ip netns exec "$testns" ip addr add dev "$DEV_NS" fc00:200::1/96 802 check_err $? 803 804 ip netns exec "$testns" ip link set dev $DEV_NS up 805 check_err $? 806 807 ip netns exec "$testns" ip link del "$DEV_NS" 808 check_err $? 809 810 # test external mode 811 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap external 812 check_err $? 813 814 ip netns exec "$testns" ip link del "$DEV_NS" 815 check_err $? 816 817 if [ $ret -ne 0 ]; then 818 echo "FAIL: ip6gretap" 819 ip netns del "$testns" 820 return 1 821 fi 822 echo "PASS: ip6gretap" 823 824 ip netns del "$testns" 825} 826 827kci_test_erspan() 828{ 829 testns="testns" 830 DEV_NS=erspan00 831 ret=0 832 833 ip link help erspan 2>&1 | grep -q "^Usage:" 834 if [ $? -ne 0 ];then 835 echo "SKIP: erspan: iproute2 too old" 836 return $ksft_skip 837 fi 838 839 ip netns add "$testns" 840 if [ $? -ne 0 ]; then 841 echo "SKIP erspan tests: cannot add net namespace $testns" 842 return $ksft_skip 843 fi 844 845 # test native tunnel erspan v1 846 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \ 847 key 102 local 172.16.1.100 remote 172.16.1.200 \ 848 erspan_ver 1 erspan 488 849 check_err $? 850 851 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24 852 check_err $? 853 854 ip netns exec "$testns" ip link set dev $DEV_NS up 855 check_err $? 856 857 ip netns exec "$testns" ip link del "$DEV_NS" 858 check_err $? 859 860 # test native tunnel erspan v2 861 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \ 862 key 102 local 172.16.1.100 remote 172.16.1.200 \ 863 erspan_ver 2 erspan_dir ingress erspan_hwid 7 864 check_err $? 865 866 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24 867 check_err $? 868 869 ip netns exec "$testns" ip link set dev $DEV_NS up 870 check_err $? 871 872 ip netns exec "$testns" ip link del "$DEV_NS" 873 check_err $? 874 875 # test external mode 876 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan external 877 check_err $? 878 879 ip netns exec "$testns" ip link del "$DEV_NS" 880 check_err $? 881 882 if [ $ret -ne 0 ]; then 883 echo "FAIL: erspan" 884 ip netns del "$testns" 885 return 1 886 fi 887 echo "PASS: erspan" 888 889 ip netns del "$testns" 890} 891 892kci_test_ip6erspan() 893{ 894 testns="testns" 895 DEV_NS=ip6erspan00 896 ret=0 897 898 ip link help ip6erspan 2>&1 | grep -q "^Usage:" 899 if [ $? -ne 0 ];then 900 echo "SKIP: ip6erspan: iproute2 too old" 901 return $ksft_skip 902 fi 903 904 ip netns add "$testns" 905 if [ $? -ne 0 ]; then 906 echo "SKIP ip6erspan tests: cannot add net namespace $testns" 907 return $ksft_skip 908 fi 909 910 # test native tunnel ip6erspan v1 911 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \ 912 key 102 local fc00:100::1 remote fc00:100::2 \ 913 erspan_ver 1 erspan 488 914 check_err $? 915 916 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24 917 check_err $? 918 919 ip netns exec "$testns" ip link set dev $DEV_NS up 920 check_err $? 921 922 ip netns exec "$testns" ip link del "$DEV_NS" 923 check_err $? 924 925 # test native tunnel ip6erspan v2 926 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \ 927 key 102 local fc00:100::1 remote fc00:100::2 \ 928 erspan_ver 2 erspan_dir ingress erspan_hwid 7 929 check_err $? 930 931 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24 932 check_err $? 933 934 ip netns exec "$testns" ip link set dev $DEV_NS up 935 check_err $? 936 937 ip netns exec "$testns" ip link del "$DEV_NS" 938 check_err $? 939 940 # test external mode 941 ip netns exec "$testns" ip link add dev "$DEV_NS" \ 942 type ip6erspan external 943 check_err $? 944 945 ip netns exec "$testns" ip link del "$DEV_NS" 946 check_err $? 947 948 if [ $ret -ne 0 ]; then 949 echo "FAIL: ip6erspan" 950 ip netns del "$testns" 951 return 1 952 fi 953 echo "PASS: ip6erspan" 954 955 ip netns del "$testns" 956} 957 958kci_test_rtnl() 959{ 960 kci_add_dummy 961 if [ $ret -ne 0 ];then 962 echo "FAIL: cannot add dummy interface" 963 return 1 964 fi 965 966 kci_test_polrouting 967 kci_test_route_get 968 kci_test_tc 969 kci_test_gre 970 kci_test_gretap 971 kci_test_ip6gretap 972 kci_test_erspan 973 kci_test_ip6erspan 974 kci_test_bridge 975 kci_test_addrlabel 976 kci_test_ifalias 977 kci_test_vrf 978 kci_test_encap 979 kci_test_macsec 980 kci_test_ipsec 981 kci_test_ipsec_offload 982 983 kci_del_dummy 984} 985 986#check for needed privileges 987if [ "$(id -u)" -ne 0 ];then 988 echo "SKIP: Need root privileges" 989 exit $ksft_skip 990fi 991 992for x in ip tc;do 993 $x -Version 2>/dev/null >/dev/null 994 if [ $? -ne 0 ];then 995 echo "SKIP: Could not run test without the $x tool" 996 exit $ksft_skip 997 fi 998done 999 1000kci_test_rtnl 1001 1002exit $ret 1003