1#!/bin/bash 2# 3# This test is for checking rtnetlink callpaths, and get as much coverage as possible. 4# 5# set -e 6 7ALL_TESTS=" 8 kci_test_polrouting 9 kci_test_route_get 10 kci_test_addrlft 11 kci_test_promote_secondaries 12 kci_test_tc 13 kci_test_gre 14 kci_test_gretap 15 kci_test_ip6gretap 16 kci_test_erspan 17 kci_test_ip6erspan 18 kci_test_bridge 19 kci_test_addrlabel 20 kci_test_ifalias 21 kci_test_vrf 22 kci_test_encap 23 kci_test_macsec 24 kci_test_macsec_vlan 25 kci_test_ipsec 26 kci_test_ipsec_offload 27 kci_test_fdb_get 28 kci_test_fdb_del 29 kci_test_neigh_get 30 kci_test_bridge_parent_id 31 kci_test_address_proto 32 kci_test_enslave_bonding 33 kci_test_mngtmpaddr 34 kci_test_operstate 35" 36 37devdummy="test-dummy0" 38VERBOSE=0 39PAUSE=no 40PAUSE_ON_FAIL=no 41 42source lib.sh 43 44# set global exit status, but never reset nonzero one. 45check_err() 46{ 47 if [ $ret -eq 0 ]; then 48 ret=$1 49 fi 50 [ -n "$2" ] && echo "$2" 51} 52 53# same but inverted -- used when command must fail for test to pass 54check_fail() 55{ 56 if [ $1 -eq 0 ]; then 57 ret=1 58 fi 59} 60 61run_cmd_common() 62{ 63 local cmd="$*" 64 local out 65 if [ "$VERBOSE" = "1" ]; then 66 echo "COMMAND: ${cmd}" 67 fi 68 out=$($cmd 2>&1) 69 rc=$? 70 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 71 echo " $out" 72 fi 73 return $rc 74} 75 76run_cmd() { 77 run_cmd_common "$@" 78 rc=$? 79 check_err $rc 80 return $rc 81} 82run_cmd_fail() 83{ 84 run_cmd_common "$@" 85 rc=$? 86 check_fail $rc 87 return $rc 88} 89 90run_cmd_grep_common() 91{ 92 local find="$1"; shift 93 local cmd="$*" 94 local out 95 if [ "$VERBOSE" = "1" ]; then 96 echo "COMMAND: ${cmd} 2>&1 | grep -q '${find}'" 97 fi 98 out=$($cmd 2>&1 | grep -q "${find}" 2>&1) 99 return $? 100} 101 102run_cmd_grep() { 103 run_cmd_grep_common "$@" 104 rc=$? 105 check_err $rc 106 return $rc 107} 108 109run_cmd_grep_fail() 110{ 111 run_cmd_grep_common "$@" 112 rc=$? 113 check_fail $rc 114 return $rc 115} 116 117end_test() 118{ 119 echo "$*" 120 [ "${VERBOSE}" = "1" ] && echo 121 122 if [[ $ret -ne 0 ]] && [[ "${PAUSE_ON_FAIL}" = "yes" ]]; then 123 echo "Hit enter to continue" 124 read a 125 fi; 126 127 if [ "${PAUSE}" = "yes" ]; then 128 echo "Hit enter to continue" 129 read a 130 fi 131 132} 133 134 135kci_add_dummy() 136{ 137 run_cmd ip link add name "$devdummy" type dummy 138 run_cmd ip link set "$devdummy" up 139} 140 141kci_del_dummy() 142{ 143 run_cmd ip link del dev "$devdummy" 144} 145 146kci_test_netconf() 147{ 148 dev="$1" 149 r=$ret 150 run_cmd ip netconf show dev "$dev" 151 for f in 4 6; do 152 run_cmd ip -$f netconf show dev "$dev" 153 done 154 155 if [ $ret -ne 0 ] ;then 156 end_test "FAIL: ip netconf show $dev" 157 test $r -eq 0 && ret=0 158 return 1 159 fi 160} 161 162# add a bridge with vlans on top 163kci_test_bridge() 164{ 165 devbr="test-br0" 166 vlandev="testbr-vlan1" 167 168 local ret=0 169 run_cmd ip link add name "$devbr" type bridge 170 run_cmd ip link set dev "$devdummy" master "$devbr" 171 run_cmd ip link set "$devbr" up 172 run_cmd ip link add link "$devbr" name "$vlandev" type vlan id 1 173 run_cmd ip addr add dev "$vlandev" 10.200.7.23/30 174 run_cmd ip -6 addr add dev "$vlandev" dead:42::1234/64 175 run_cmd ip -d link 176 run_cmd ip r s t all 177 178 for name in "$devbr" "$vlandev" "$devdummy" ; do 179 kci_test_netconf "$name" 180 done 181 run_cmd ip -6 addr del dev "$vlandev" dead:42::1234/64 182 run_cmd ip link del dev "$vlandev" 183 run_cmd ip link del dev "$devbr" 184 185 if [ $ret -ne 0 ];then 186 end_test "FAIL: bridge setup" 187 return 1 188 fi 189 end_test "PASS: bridge setup" 190 191} 192 193kci_test_gre() 194{ 195 gredev=neta 196 rem=10.42.42.1 197 loc=10.0.0.1 198 199 local ret=0 200 run_cmd ip tunnel add $gredev mode gre remote $rem local $loc ttl 1 201 run_cmd ip link set $gredev up 202 run_cmd ip addr add 10.23.7.10 dev $gredev 203 run_cmd ip route add 10.23.8.0/30 dev $gredev 204 run_cmd ip addr add dev "$devdummy" 10.23.7.11/24 205 run_cmd ip link 206 run_cmd ip addr 207 208 kci_test_netconf "$gredev" 209 run_cmd ip addr del dev "$devdummy" 10.23.7.11/24 210 run_cmd ip link del $gredev 211 212 if [ $ret -ne 0 ];then 213 end_test "FAIL: gre tunnel endpoint" 214 return 1 215 fi 216 end_test "PASS: gre tunnel endpoint" 217} 218 219# tc uses rtnetlink too, for full tc testing 220# please see tools/testing/selftests/tc-testing. 221kci_test_tc() 222{ 223 dev=lo 224 local ret=0 225 226 run_cmd tc qdisc add dev "$dev" root handle 1: htb 227 run_cmd tc class add dev "$dev" parent 1: classid 1:10 htb rate 1mbit 228 run_cmd tc filter add dev "$dev" parent 1:0 prio 5 handle ffe: protocol ip u32 divisor 256 229 run_cmd tc filter add dev "$dev" parent 1:0 prio 5 handle ffd: protocol ip u32 divisor 256 230 run_cmd tc filter add dev "$dev" parent 1:0 prio 5 handle ffc: protocol ip u32 divisor 256 231 run_cmd tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 ht ffe:2: match ip src 10.0.0.3 flowid 1:10 232 run_cmd tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:2 u32 ht ffe:2: match ip src 10.0.0.2 flowid 1:10 233 run_cmd tc filter show dev "$dev" parent 1:0 234 run_cmd tc filter del dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 235 run_cmd tc filter show dev "$dev" parent 1:0 236 run_cmd tc qdisc del dev "$dev" root handle 1: htb 237 238 if [ $ret -ne 0 ];then 239 end_test "FAIL: tc htb hierarchy" 240 return 1 241 fi 242 end_test "PASS: tc htb hierarchy" 243 244} 245 246kci_test_polrouting() 247{ 248 local ret=0 249 run_cmd ip rule add fwmark 1 lookup 100 250 run_cmd ip route add local 0.0.0.0/0 dev lo table 100 251 run_cmd ip r s t all 252 run_cmd ip rule del fwmark 1 lookup 100 253 run_cmd ip route del local 0.0.0.0/0 dev lo table 100 254 255 if [ $ret -ne 0 ];then 256 end_test "FAIL: policy route test" 257 return 1 258 fi 259 end_test "PASS: policy routing" 260} 261 262kci_test_route_get() 263{ 264 local hash_policy=$(sysctl -n net.ipv4.fib_multipath_hash_policy) 265 266 local ret=0 267 run_cmd ip route get 127.0.0.1 268 run_cmd ip route get 127.0.0.1 dev "$devdummy" 269 run_cmd ip route get ::1 270 run_cmd ip route get fe80::1 dev "$devdummy" 271 run_cmd ip route get 127.0.0.1 from 127.0.0.1 oif lo tos 0x10 mark 0x1 272 run_cmd ip route get ::1 from ::1 iif lo oif lo tos 0x10 mark 0x1 273 run_cmd ip addr add dev "$devdummy" 10.23.7.11/24 274 run_cmd ip route get 10.23.7.11 from 10.23.7.12 iif "$devdummy" 275 run_cmd ip route add 10.23.8.0/24 \ 276 nexthop via 10.23.7.13 dev "$devdummy" \ 277 nexthop via 10.23.7.14 dev "$devdummy" 278 279 sysctl -wq net.ipv4.fib_multipath_hash_policy=0 280 run_cmd ip route get 10.23.8.11 281 sysctl -wq net.ipv4.fib_multipath_hash_policy=1 282 run_cmd ip route get 10.23.8.11 283 sysctl -wq net.ipv4.fib_multipath_hash_policy="$hash_policy" 284 run_cmd ip route del 10.23.8.0/24 285 run_cmd ip addr del dev "$devdummy" 10.23.7.11/24 286 287 288 if [ $ret -ne 0 ];then 289 end_test "FAIL: route get" 290 return 1 291 fi 292 293 end_test "PASS: route get" 294} 295 296check_addr_not_exist() 297{ 298 dev=$1 299 addr=$2 300 if ip addr show dev $dev | grep -q $addr; then 301 return 1 302 else 303 return 0 304 fi 305} 306 307kci_test_addrlft() 308{ 309 for i in $(seq 10 100) ;do 310 lft=$(((RANDOM%3) + 1)) 311 run_cmd ip addr add 10.23.11.$i/32 dev "$devdummy" preferred_lft $lft valid_lft $((lft+1)) 312 done 313 314 slowwait 5 check_addr_not_exist "$devdummy" "10.23.11." 315 if [ $? -eq 1 ]; then 316 # troubleshoot the reason for our failure 317 run_cmd ip addr show dev "$devdummy" 318 check_err 1 319 end_test "FAIL: preferred_lft addresses remaining" 320 return 321 fi 322 323 end_test "PASS: preferred_lft addresses have expired" 324} 325 326kci_test_promote_secondaries() 327{ 328 promote=$(sysctl -n net.ipv4.conf.$devdummy.promote_secondaries) 329 330 sysctl -q net.ipv4.conf.$devdummy.promote_secondaries=1 331 332 for i in $(seq 2 254);do 333 IP="10.23.11.$i" 334 ip -f inet addr add $IP/16 brd + dev "$devdummy" 335 ifconfig "$devdummy" $IP netmask 255.255.0.0 336 done 337 338 ip addr flush dev "$devdummy" 339 340 [ $promote -eq 0 ] && sysctl -q net.ipv4.conf.$devdummy.promote_secondaries=0 341 342 end_test "PASS: promote_secondaries complete" 343} 344 345kci_test_addrlabel() 346{ 347 local ret=0 348 run_cmd ip addrlabel add prefix dead::/64 dev lo label 1 349 run_cmd_grep "prefix dead::/64 dev lo label 1" ip addrlabel list 350 run_cmd ip addrlabel del prefix dead::/64 dev lo label 1 351 run_cmd ip addrlabel add prefix dead::/64 label 1 352 run_cmd ip addrlabel del prefix dead::/64 label 1 353 354 # concurrent add/delete 355 for i in $(seq 1 1000); do 356 ip addrlabel add prefix 1c3::/64 label 12345 2>/dev/null 357 done & 358 359 for i in $(seq 1 1000); do 360 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null 361 done 362 363 wait 364 365 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null 366 367 if [ $ret -ne 0 ];then 368 end_test "FAIL: ipv6 addrlabel" 369 return 1 370 fi 371 372 end_test "PASS: ipv6 addrlabel" 373} 374 375kci_test_ifalias() 376{ 377 local ret=0 378 namewant=$(uuidgen) 379 syspathname="/sys/class/net/$devdummy/ifalias" 380 run_cmd ip link set dev "$devdummy" alias "$namewant" 381 382 if [ $ret -ne 0 ]; then 383 end_test "FAIL: cannot set interface alias of $devdummy to $namewant" 384 return 1 385 fi 386 run_cmd_grep "alias $namewant" ip link show "$devdummy" 387 388 if [ -r "$syspathname" ] ; then 389 read namehave < "$syspathname" 390 if [ "$namewant" != "$namehave" ]; then 391 end_test "FAIL: did set ifalias $namewant but got $namehave" 392 return 1 393 fi 394 395 namewant=$(uuidgen) 396 echo "$namewant" > "$syspathname" 397 run_cmd_grep "alias $namewant" ip link show "$devdummy" 398 399 # sysfs interface allows to delete alias again 400 echo "" > "$syspathname" 401 run_cmd_grep_fail "alias $namewant" ip link show "$devdummy" 402 403 for i in $(seq 1 100); do 404 uuidgen > "$syspathname" & 405 done 406 407 wait 408 409 # re-add the alias -- kernel should free mem when dummy dev is removed 410 run_cmd ip link set dev "$devdummy" alias "$namewant" 411 412 fi 413 414 if [ $ret -ne 0 ]; then 415 end_test "FAIL: set interface alias $devdummy to $namewant" 416 return 1 417 fi 418 419 end_test "PASS: set ifalias $namewant for $devdummy" 420} 421 422kci_test_vrf() 423{ 424 vrfname="test-vrf" 425 local ret=0 426 run_cmd ip link show type vrf 427 if [ $? -ne 0 ]; then 428 end_test "SKIP: vrf: iproute2 too old" 429 return $ksft_skip 430 fi 431 run_cmd ip link add "$vrfname" type vrf table 10 432 if [ $ret -ne 0 ];then 433 end_test "FAIL: can't add vrf interface, skipping test" 434 return 0 435 fi 436 run_cmd_grep "$vrfname" ip -br link show type vrf 437 if [ $ret -ne 0 ];then 438 end_test "FAIL: created vrf device not found" 439 return 1 440 fi 441 442 run_cmd ip link set dev "$vrfname" up 443 run_cmd ip link set dev "$devdummy" master "$vrfname" 444 run_cmd ip link del dev "$vrfname" 445 446 if [ $ret -ne 0 ];then 447 end_test "FAIL: vrf" 448 return 1 449 fi 450 451 end_test "PASS: vrf" 452} 453 454kci_test_encap_vxlan() 455{ 456 local ret=0 457 vxlan="test-vxlan0" 458 vlan="test-vlan0" 459 run_cmd ip -netns "$testns" link add "$vxlan" type vxlan id 42 group 239.1.1.1 \ 460 dev "$devdummy" dstport 4789 461 if [ $? -ne 0 ]; then 462 end_test "FAIL: can't add vxlan interface, skipping test" 463 return 0 464 fi 465 466 run_cmd ip -netns "$testns" addr add 10.2.11.49/24 dev "$vxlan" 467 run_cmd ip -netns "$testns" link set up dev "$vxlan" 468 run_cmd ip -netns "$testns" link add link "$vxlan" name "$vlan" type vlan id 1 469 470 # changelink testcases 471 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan vni 43 472 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan group ffe5::5 dev "$devdummy" 473 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan ttl inherit 474 475 run_cmd ip -netns "$testns" link set dev "$vxlan" type vxlan ttl 64 476 run_cmd ip -netns "$testns" link set dev "$vxlan" type vxlan nolearning 477 478 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan proxy 479 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan norsc 480 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan l2miss 481 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan l3miss 482 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan external 483 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan udpcsum 484 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan udp6zerocsumtx 485 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan udp6zerocsumrx 486 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan remcsumtx 487 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan remcsumrx 488 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan gbp 489 run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan gpe 490 run_cmd ip -netns "$testns" link del "$vxlan" 491 492 if [ $ret -ne 0 ]; then 493 end_test "FAIL: vxlan" 494 return 1 495 fi 496 end_test "PASS: vxlan" 497} 498 499kci_test_encap_fou() 500{ 501 local ret=0 502 name="test-fou" 503 run_cmd_grep 'Usage: ip fou' ip fou help 504 if [ $? -ne 0 ];then 505 end_test "SKIP: fou: iproute2 too old" 506 return $ksft_skip 507 fi 508 509 if ! /sbin/modprobe -q -n fou; then 510 end_test "SKIP: module fou is not found" 511 return $ksft_skip 512 fi 513 /sbin/modprobe -q fou 514 515 run_cmd ip -netns "$testns" fou add port 7777 ipproto 47 516 if [ $? -ne 0 ];then 517 end_test "FAIL: can't add fou port 7777, skipping test" 518 return 1 519 fi 520 run_cmd ip -netns "$testns" fou add port 8888 ipproto 4 521 run_cmd_fail ip -netns "$testns" fou del port 9999 522 run_cmd ip -netns "$testns" fou del port 7777 523 if [ $ret -ne 0 ]; then 524 end_test "FAIL: fou"s 525 return 1 526 fi 527 528 end_test "PASS: fou" 529} 530 531# test various encap methods, use netns to avoid unwanted interference 532kci_test_encap() 533{ 534 local ret=0 535 setup_ns testns 536 if [ $? -ne 0 ]; then 537 end_test "SKIP encap tests: cannot add net namespace $testns" 538 return $ksft_skip 539 fi 540 run_cmd ip -netns "$testns" link set lo up 541 run_cmd ip -netns "$testns" link add name "$devdummy" type dummy 542 run_cmd ip -netns "$testns" link set "$devdummy" up 543 run_cmd kci_test_encap_vxlan 544 run_cmd kci_test_encap_fou 545 546 ip netns del "$testns" 547 return $ret 548} 549 550kci_test_macsec() 551{ 552 msname="test_macsec0" 553 local ret=0 554 run_cmd_grep "^Usage: ip macsec" ip macsec help 555 if [ $? -ne 0 ]; then 556 end_test "SKIP: macsec: iproute2 too old" 557 return $ksft_skip 558 fi 559 run_cmd ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on 560 if [ $ret -ne 0 ];then 561 end_test "FAIL: can't add macsec interface, skipping test" 562 return 1 563 fi 564 run_cmd ip macsec add "$msname" tx sa 0 pn 1024 on key 01 12345678901234567890123456789012 565 run_cmd ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" 566 run_cmd ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" sa 0 pn 1 on key 00 0123456789abcdef0123456789abcdef 567 run_cmd ip macsec show 568 run_cmd ip link del dev "$msname" 569 570 if [ $ret -ne 0 ];then 571 end_test "FAIL: macsec" 572 return 1 573 fi 574 575 end_test "PASS: macsec" 576} 577 578# Test __dev_set_rx_mode call from dev_uc_add under addr_list_lock spinlock. 579# Make sure __dev_set_promiscuity is not grabbing (sleeping) netdev instance 580# lock. 581# https://lore.kernel.org/netdev/2aff4342b0f5b1539c02ffd8df4c7e58dd9746e7.camel@nvidia.com/ 582kci_test_macsec_vlan() 583{ 584 msname="test_macsec1" 585 vlanname="test_vlan1" 586 local ret=0 587 run_cmd_grep "^Usage: ip macsec" ip macsec help 588 if [ $? -ne 0 ]; then 589 end_test "SKIP: macsec: iproute2 too old" 590 return $ksft_skip 591 fi 592 run_cmd ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on 593 if [ $ret -ne 0 ];then 594 end_test "FAIL: can't add macsec interface, skipping test" 595 return 1 596 fi 597 598 run_cmd ip link set dev "$msname" up 599 ip link add link "$msname" name "$vlanname" type vlan id 1 600 ip link set dev "$vlanname" address 00:11:22:33:44:88 601 ip link set dev "$vlanname" up 602 run_cmd ip link del dev "$vlanname" 603 run_cmd ip link del dev "$msname" 604 605 if [ $ret -ne 0 ];then 606 end_test "FAIL: macsec_vlan" 607 return 1 608 fi 609 610 end_test "PASS: macsec_vlan" 611} 612 613#------------------------------------------------------------------- 614# Example commands 615# ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \ 616# spi 0x07 mode transport reqid 0x07 replay-window 32 \ 617# aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \ 618# sel src 14.0.0.52/24 dst 14.0.0.70/24 619# ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \ 620# tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \ 621# spi 0x07 mode transport reqid 0x07 622# 623# Subcommands not tested 624# ip x s update 625# ip x s allocspi 626# ip x s deleteall 627# ip x p update 628# ip x p deleteall 629# ip x p set 630#------------------------------------------------------------------- 631kci_test_ipsec() 632{ 633 local ret=0 634 algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128" 635 srcip=192.168.123.1 636 dstip=192.168.123.2 637 spi=7 638 639 ip addr add $srcip dev $devdummy 640 641 # flush to be sure there's nothing configured 642 run_cmd ip x s flush ; ip x p flush 643 644 # start the monitor in the background 645 tmpfile=`mktemp /var/run/ipsectestXXX` 646 mpid=`(ip x m > $tmpfile & echo $!) 2>/dev/null` 647 sleep 0.2 648 649 ipsecid="proto esp src $srcip dst $dstip spi 0x07" 650 run_cmd ip x s add $ipsecid \ 651 mode transport reqid 0x07 replay-window 32 \ 652 $algo sel src $srcip/24 dst $dstip/24 653 654 655 lines=`ip x s list | grep $srcip | grep $dstip | wc -l` 656 run_cmd test $lines -eq 2 657 run_cmd_grep "SAD count 1" ip x s count 658 659 lines=`ip x s get $ipsecid | grep $srcip | grep $dstip | wc -l` 660 run_cmd test $lines -eq 2 661 run_cmd ip x s delete $ipsecid 662 663 lines=`ip x s list | wc -l` 664 run_cmd test $lines -eq 0 665 666 ipsecsel="dir out src $srcip/24 dst $dstip/24" 667 run_cmd ip x p add $ipsecsel \ 668 tmpl proto esp src $srcip dst $dstip \ 669 spi 0x07 mode transport reqid 0x07 670 671 672 lines=`ip x p list | grep $srcip | grep $dstip | wc -l` 673 run_cmd test $lines -eq 2 674 675 run_cmd_grep "SPD IN 0 OUT 1 FWD 0" ip x p count 676 677 lines=`ip x p get $ipsecsel | grep $srcip | grep $dstip | wc -l` 678 run_cmd test $lines -eq 2 679 680 run_cmd ip x p delete $ipsecsel 681 682 lines=`ip x p list | wc -l` 683 run_cmd test $lines -eq 0 684 685 # check the monitor results 686 kill $mpid 687 lines=`wc -l $tmpfile | cut "-d " -f1` 688 run_cmd test $lines -eq 20 689 rm -rf $tmpfile 690 691 # clean up any leftovers 692 run_cmd ip x s flush 693 run_cmd ip x p flush 694 ip addr del $srcip/32 dev $devdummy 695 696 if [ $ret -ne 0 ]; then 697 end_test "FAIL: ipsec" 698 return 1 699 fi 700 end_test "PASS: ipsec" 701} 702 703#------------------------------------------------------------------- 704# Example commands 705# ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \ 706# spi 0x07 mode transport reqid 0x07 replay-window 32 \ 707# aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \ 708# sel src 14.0.0.52/24 dst 14.0.0.70/24 709# offload dev sim1 dir out 710# ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \ 711# tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \ 712# spi 0x07 mode transport reqid 0x07 713# 714#------------------------------------------------------------------- 715kci_test_ipsec_offload() 716{ 717 local ret=0 718 algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128" 719 srcip=192.168.123.3 720 dstip=192.168.123.4 721 sysfsd=/sys/kernel/debug/netdevsim/netdevsim0/ports/0/ 722 sysfsf=$sysfsd/ipsec 723 sysfsnet=/sys/bus/netdevsim/devices/netdevsim0/net/ 724 probed=false 725 esp4_offload_probed_default=false 726 727 if lsmod | grep -q esp4_offload; then 728 esp4_offload_probed_default=true 729 fi 730 731 if ! mount | grep -q debugfs; then 732 mount -t debugfs none /sys/kernel/debug/ &> /dev/null 733 fi 734 735 # setup netdevsim since dummydev doesn't have offload support 736 if [ ! -w /sys/bus/netdevsim/new_device ] ; then 737 run_cmd modprobe -q netdevsim 738 if [ $ret -ne 0 ]; then 739 end_test "SKIP: ipsec_offload can't load netdevsim" 740 return $ksft_skip 741 fi 742 probed=true 743 fi 744 745 echo "0" > /sys/bus/netdevsim/new_device 746 while [ ! -d $sysfsnet ] ; do :; done 747 udevadm settle 748 dev=`ls $sysfsnet` 749 750 ip addr add $srcip dev $dev 751 ip link set $dev up 752 if [ ! -d $sysfsd ] ; then 753 end_test "FAIL: ipsec_offload can't create device $dev" 754 return 1 755 fi 756 if [ ! -f $sysfsf ] ; then 757 end_test "FAIL: ipsec_offload netdevsim doesn't support IPsec offload" 758 return 1 759 fi 760 761 # flush to be sure there's nothing configured 762 ip x s flush ; ip x p flush 763 764 # create offloaded SAs, both in and out 765 run_cmd ip x p add dir out src $srcip/24 dst $dstip/24 \ 766 tmpl proto esp src $srcip dst $dstip spi 9 \ 767 mode transport reqid 42 768 769 run_cmd ip x p add dir in src $dstip/24 dst $srcip/24 \ 770 tmpl proto esp src $dstip dst $srcip spi 9 \ 771 mode transport reqid 42 772 773 run_cmd ip x s add proto esp src $srcip dst $dstip spi 9 \ 774 mode transport reqid 42 $algo sel src $srcip/24 dst $dstip/24 \ 775 offload dev $dev dir out 776 777 run_cmd ip x s add proto esp src $dstip dst $srcip spi 9 \ 778 mode transport reqid 42 $algo sel src $dstip/24 dst $srcip/24 \ 779 offload dev $dev dir in 780 781 if [ $ret -ne 0 ]; then 782 end_test "FAIL: ipsec_offload can't create SA" 783 return 1 784 fi 785 786 # does offload show up in ip output 787 lines=`ip x s list | grep -c "crypto offload parameters: dev $dev dir"` 788 if [ $lines -ne 2 ] ; then 789 check_err 1 790 end_test "FAIL: ipsec_offload SA offload missing from list output" 791 fi 792 793 # we didn't create a peer, make sure we can Tx 794 ip neigh add $dstip dev $dev lladdr 00:11:22:33:44:55 795 # use ping to exercise the Tx path 796 ping -I $dev -c 3 -W 1 -i 0 $dstip >/dev/null 797 798 # does driver have correct offload info 799 run_cmd diff $sysfsf - << EOF 800SA count=2 tx=3 801sa[0] tx ipaddr=$dstip 802sa[0] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1 803sa[0] key=0x34333231 38373635 32313039 36353433 804sa[1] rx ipaddr=$srcip 805sa[1] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1 806sa[1] key=0x34333231 38373635 32313039 36353433 807EOF 808 if [ $? -ne 0 ] ; then 809 end_test "FAIL: ipsec_offload incorrect driver data" 810 check_err 1 811 fi 812 813 # does offload get removed from driver 814 ip x s flush 815 ip x p flush 816 lines=`grep -c "SA count=0" $sysfsf` 817 if [ $lines -ne 1 ] ; then 818 check_err 1 819 end_test "FAIL: ipsec_offload SA not removed from driver" 820 fi 821 822 # clean up any leftovers 823 ! "$esp4_offload_probed_default" && lsmod | grep -q esp4_offload && rmmod esp4_offload 824 echo 0 > /sys/bus/netdevsim/del_device 825 $probed && rmmod netdevsim 826 827 if [ $ret -ne 0 ]; then 828 end_test "FAIL: ipsec_offload" 829 return 1 830 fi 831 end_test "PASS: ipsec_offload" 832} 833 834kci_test_gretap() 835{ 836 DEV_NS=gretap00 837 local ret=0 838 839 setup_ns testns 840 if [ $? -ne 0 ]; then 841 end_test "SKIP gretap tests: cannot add net namespace $testns" 842 return $ksft_skip 843 fi 844 845 run_cmd_grep "^Usage:" ip link help gretap 846 if [ $? -ne 0 ];then 847 end_test "SKIP: gretap: iproute2 too old" 848 ip netns del "$testns" 849 return $ksft_skip 850 fi 851 852 # test native tunnel 853 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type gretap seq \ 854 key 102 local 172.16.1.100 remote 172.16.1.200 855 856 857 run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24 858 run_cmd ip -netns "$testns" link set dev $DEV_NS up 859 run_cmd ip -netns "$testns" link del "$DEV_NS" 860 861 # test external mode 862 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type gretap external 863 run_cmd ip -netns "$testns" link del "$DEV_NS" 864 865 if [ $ret -ne 0 ]; then 866 end_test "FAIL: gretap" 867 ip netns del "$testns" 868 return 1 869 fi 870 end_test "PASS: gretap" 871 872 ip netns del "$testns" 873} 874 875kci_test_ip6gretap() 876{ 877 DEV_NS=ip6gretap00 878 local ret=0 879 880 setup_ns testns 881 if [ $? -ne 0 ]; then 882 end_test "SKIP ip6gretap tests: cannot add net namespace $testns" 883 return $ksft_skip 884 fi 885 886 run_cmd_grep "^Usage:" ip link help ip6gretap 887 if [ $? -ne 0 ];then 888 end_test "SKIP: ip6gretap: iproute2 too old" 889 ip netns del "$testns" 890 return $ksft_skip 891 fi 892 893 # test native tunnel 894 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6gretap seq \ 895 key 102 local fc00:100::1 remote fc00:100::2 896 897 898 run_cmd ip -netns "$testns" addr add dev "$DEV_NS" fc00:200::1/96 899 run_cmd ip -netns "$testns" link set dev $DEV_NS up 900 run_cmd ip -netns "$testns" link del "$DEV_NS" 901 902 # test external mode 903 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6gretap external 904 run_cmd ip -netns "$testns" link del "$DEV_NS" 905 906 if [ $ret -ne 0 ]; then 907 end_test "FAIL: ip6gretap" 908 ip netns del "$testns" 909 return 1 910 fi 911 end_test "PASS: ip6gretap" 912 913 ip netns del "$testns" 914} 915 916kci_test_erspan() 917{ 918 DEV_NS=erspan00 919 local ret=0 920 run_cmd_grep "^Usage:" ip link help erspan 921 if [ $? -ne 0 ];then 922 end_test "SKIP: erspan: iproute2 too old" 923 return $ksft_skip 924 fi 925 setup_ns testns 926 if [ $? -ne 0 ]; then 927 end_test "SKIP erspan tests: cannot add net namespace $testns" 928 return $ksft_skip 929 fi 930 931 # test native tunnel erspan v1 932 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type erspan seq \ 933 key 102 local 172.16.1.100 remote 172.16.1.200 \ 934 erspan_ver 1 erspan 488 935 936 937 run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24 938 run_cmd ip -netns "$testns" link set dev $DEV_NS up 939 run_cmd ip -netns "$testns" link del "$DEV_NS" 940 941 # test native tunnel erspan v2 942 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type erspan seq \ 943 key 102 local 172.16.1.100 remote 172.16.1.200 \ 944 erspan_ver 2 erspan_dir ingress erspan_hwid 7 945 946 947 run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24 948 run_cmd ip -netns "$testns" link set dev $DEV_NS up 949 run_cmd ip -netns "$testns" link del "$DEV_NS" 950 951 # test external mode 952 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type erspan external 953 run_cmd ip -netns "$testns" link del "$DEV_NS" 954 955 if [ $ret -ne 0 ]; then 956 end_test "FAIL: erspan" 957 ip netns del "$testns" 958 return 1 959 fi 960 end_test "PASS: erspan" 961 962 ip netns del "$testns" 963} 964 965kci_test_ip6erspan() 966{ 967 DEV_NS=ip6erspan00 968 local ret=0 969 run_cmd_grep "^Usage:" ip link help ip6erspan 970 if [ $? -ne 0 ];then 971 end_test "SKIP: ip6erspan: iproute2 too old" 972 return $ksft_skip 973 fi 974 setup_ns testns 975 if [ $? -ne 0 ]; then 976 end_test "SKIP ip6erspan tests: cannot add net namespace $testns" 977 return $ksft_skip 978 fi 979 980 # test native tunnel ip6erspan v1 981 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6erspan seq \ 982 key 102 local fc00:100::1 remote fc00:100::2 \ 983 erspan_ver 1 erspan 488 984 985 986 run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24 987 run_cmd ip -netns "$testns" link set dev $DEV_NS up 988 run_cmd ip -netns "$testns" link del "$DEV_NS" 989 990 # test native tunnel ip6erspan v2 991 run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6erspan seq \ 992 key 102 local fc00:100::1 remote fc00:100::2 \ 993 erspan_ver 2 erspan_dir ingress erspan_hwid 7 994 995 996 run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24 997 run_cmd ip -netns "$testns" link set dev $DEV_NS up 998 run_cmd ip -netns "$testns" link del "$DEV_NS" 999 1000 # test external mode 1001 run_cmd ip -netns "$testns" link add dev "$DEV_NS" \ 1002 type ip6erspan external 1003 1004 run_cmd ip -netns "$testns" link del "$DEV_NS" 1005 1006 if [ $ret -ne 0 ]; then 1007 end_test "FAIL: ip6erspan" 1008 ip netns del "$testns" 1009 return 1 1010 fi 1011 end_test "PASS: ip6erspan" 1012 1013 ip netns del "$testns" 1014} 1015 1016kci_test_fdb_get() 1017{ 1018 brdev="test-br0" 1019 vxlandev="vxlan10" 1020 test_mac=de:ad:be:ef:13:37 1021 localip="10.0.2.2" 1022 dstip="10.0.2.3" 1023 local ret=0 1024 1025 run_cmd_grep 'bridge fdb get' bridge fdb help 1026 if [ $? -ne 0 ];then 1027 end_test "SKIP: fdb get tests: iproute2 too old" 1028 return $ksft_skip 1029 fi 1030 1031 setup_ns testns 1032 if [ $? -ne 0 ]; then 1033 end_test "SKIP fdb get tests: cannot add net namespace $testns" 1034 return $ksft_skip 1035 fi 1036 IP="ip -netns $testns" 1037 BRIDGE="bridge -netns $testns" 1038 run_cmd $IP link add "$vxlandev" type vxlan id 10 local $localip \ 1039 dstport 4789 1040 run_cmd $IP link add name "$brdev" type bridge 1041 run_cmd $IP link set dev "$vxlandev" master "$brdev" 1042 run_cmd $BRIDGE fdb add $test_mac dev "$vxlandev" master 1043 run_cmd $BRIDGE fdb add $test_mac dev "$vxlandev" dst $dstip self 1044 run_cmd_grep "dev $vxlandev master $brdev" $BRIDGE fdb get $test_mac brport "$vxlandev" 1045 run_cmd_grep "dev $vxlandev master $brdev" $BRIDGE fdb get $test_mac br "$brdev" 1046 run_cmd_grep "dev $vxlandev dst $dstip" $BRIDGE fdb get $test_mac dev "$vxlandev" self 1047 1048 ip netns del $testns &>/dev/null 1049 1050 if [ $ret -ne 0 ]; then 1051 end_test "FAIL: bridge fdb get" 1052 return 1 1053 fi 1054 1055 end_test "PASS: bridge fdb get" 1056} 1057 1058kci_test_fdb_del() 1059{ 1060 local test_mac=de:ad:be:ef:13:37 1061 local dummydev="dummy1" 1062 local brdev="test-br0" 1063 local ret=0 1064 1065 run_cmd_grep 'bridge fdb get' bridge fdb help 1066 if [ $? -ne 0 ]; then 1067 end_test "SKIP: fdb del tests: iproute2 too old" 1068 return $ksft_skip 1069 fi 1070 1071 setup_ns testns 1072 if [ $? -ne 0 ]; then 1073 end_test "SKIP fdb del tests: cannot add net namespace $testns" 1074 return $ksft_skip 1075 fi 1076 IP="ip -netns $testns" 1077 BRIDGE="bridge -netns $testns" 1078 run_cmd $IP link add $dummydev type dummy 1079 run_cmd $IP link add name $brdev type bridge vlan_filtering 1 1080 run_cmd $IP link set dev $dummydev master $brdev 1081 run_cmd $BRIDGE fdb add $test_mac dev $dummydev master static vlan 1 1082 run_cmd $BRIDGE vlan del vid 1 dev $dummydev 1083 run_cmd $BRIDGE fdb get $test_mac br $brdev vlan 1 1084 run_cmd $BRIDGE fdb del $test_mac dev $dummydev master vlan 1 1085 run_cmd_fail $BRIDGE fdb get $test_mac br $brdev vlan 1 1086 1087 ip netns del $testns &>/dev/null 1088 1089 if [ $ret -ne 0 ]; then 1090 end_test "FAIL: bridge fdb del" 1091 return 1 1092 fi 1093 1094 end_test "PASS: bridge fdb del" 1095} 1096 1097kci_test_neigh_get() 1098{ 1099 dstmac=de:ad:be:ef:13:37 1100 dstip=10.0.2.4 1101 dstip6=dead::2 1102 local ret=0 1103 1104 run_cmd_grep 'ip neigh get' ip neigh help 1105 if [ $? -ne 0 ];then 1106 end_test "SKIP: fdb get tests: iproute2 too old" 1107 return $ksft_skip 1108 fi 1109 1110 # ipv4 1111 run_cmd ip neigh add $dstip lladdr $dstmac dev "$devdummy" 1112 run_cmd_grep "$dstmac" ip neigh get $dstip dev "$devdummy" 1113 run_cmd ip neigh del $dstip lladdr $dstmac dev "$devdummy" 1114 1115 # ipv4 proxy 1116 run_cmd ip neigh add proxy $dstip dev "$devdummy" 1117 run_cmd_grep "$dstip" ip neigh get proxy $dstip dev "$devdummy" 1118 run_cmd ip neigh del proxy $dstip dev "$devdummy" 1119 1120 # ipv6 1121 run_cmd ip neigh add $dstip6 lladdr $dstmac dev "$devdummy" 1122 run_cmd_grep "$dstmac" ip neigh get $dstip6 dev "$devdummy" 1123 run_cmd ip neigh del $dstip6 lladdr $dstmac dev "$devdummy" 1124 1125 # ipv6 proxy 1126 run_cmd ip neigh add proxy $dstip6 dev "$devdummy" 1127 run_cmd_grep "$dstip6" ip neigh get proxy $dstip6 dev "$devdummy" 1128 run_cmd ip neigh del proxy $dstip6 dev "$devdummy" 1129 1130 if [ $ret -ne 0 ];then 1131 end_test "FAIL: neigh get" 1132 return 1 1133 fi 1134 1135 end_test "PASS: neigh get" 1136} 1137 1138kci_test_bridge_parent_id() 1139{ 1140 local ret=0 1141 sysfsnet=/sys/bus/netdevsim/devices/netdevsim 1142 probed=false 1143 1144 if [ ! -w /sys/bus/netdevsim/new_device ] ; then 1145 run_cmd modprobe -q netdevsim 1146 if [ $ret -ne 0 ]; then 1147 end_test "SKIP: bridge_parent_id can't load netdevsim" 1148 return $ksft_skip 1149 fi 1150 probed=true 1151 fi 1152 1153 echo "10 1" > /sys/bus/netdevsim/new_device 1154 while [ ! -d ${sysfsnet}10 ] ; do :; done 1155 echo "20 1" > /sys/bus/netdevsim/new_device 1156 while [ ! -d ${sysfsnet}20 ] ; do :; done 1157 udevadm settle 1158 dev10=`ls ${sysfsnet}10/net/` 1159 dev20=`ls ${sysfsnet}20/net/` 1160 run_cmd ip link add name test-bond0 type bond mode 802.3ad 1161 run_cmd ip link set dev $dev10 master test-bond0 1162 run_cmd ip link set dev $dev20 master test-bond0 1163 run_cmd ip link add name test-br0 type bridge 1164 run_cmd ip link set dev test-bond0 master test-br0 1165 1166 # clean up any leftovers 1167 ip link del dev test-br0 1168 ip link del dev test-bond0 1169 echo 20 > /sys/bus/netdevsim/del_device 1170 echo 10 > /sys/bus/netdevsim/del_device 1171 $probed && rmmod netdevsim 1172 1173 if [ $ret -ne 0 ]; then 1174 end_test "FAIL: bridge_parent_id" 1175 return 1 1176 fi 1177 end_test "PASS: bridge_parent_id" 1178} 1179 1180address_get_proto() 1181{ 1182 local addr=$1; shift 1183 1184 ip -N -j address show dev "$devdummy" | 1185 jq -e -r --arg addr "${addr%/*}" \ 1186 '.[].addr_info[] | select(.local == $addr) | .protocol' 1187} 1188 1189address_count() 1190{ 1191 ip -N -j address show dev "$devdummy" "$@" | 1192 jq -e -r '[.[].addr_info[] | .local | select(. != null)] | length' 1193} 1194 1195do_test_address_proto() 1196{ 1197 local what=$1; shift 1198 local addr=$1; shift 1199 local addr2=${addr%/*}2/${addr#*/} 1200 local addr3=${addr%/*}3/${addr#*/} 1201 local proto 1202 local count 1203 local ret=0 1204 local err 1205 1206 ip address add dev "$devdummy" "$addr3" 1207 check_err $? 1208 proto=$(address_get_proto "$addr3") 1209 [[ "$proto" == null ]] 1210 check_err $? 1211 1212 ip address add dev "$devdummy" "$addr2" proto 0x99 1213 check_err $? 1214 proto=$(address_get_proto "$addr2") 1215 [[ "$proto" == 0x99 ]] 1216 check_err $? 1217 1218 ip address add dev "$devdummy" "$addr" proto 0xab 1219 check_err $? 1220 proto=$(address_get_proto "$addr") 1221 [[ "$proto" == 0xab ]] 1222 check_err $? 1223 1224 ip address replace dev "$devdummy" "$addr" proto 0x11 1225 proto=$(address_get_proto "$addr") 1226 check_err $? 1227 [[ "$proto" == 0x11 ]] 1228 check_err $? 1229 1230 count=$(address_count) 1231 check_err $? 1232 (( count >= 3 )) # $addr, $addr2 and $addr3 plus any kernel addresses 1233 check_err $? 1234 1235 count=$(address_count proto 0) 1236 check_err $? 1237 (( count == 1 )) # just $addr3 1238 check_err $? 1239 1240 count=$(address_count proto 0x11) 1241 check_err $? 1242 (( count == 2 )) # $addr and $addr3 1243 check_err $? 1244 1245 count=$(address_count proto 0xab) 1246 check_err $? 1247 (( count == 1 )) # just $addr3 1248 check_err $? 1249 1250 ip address del dev "$devdummy" "$addr" 1251 ip address del dev "$devdummy" "$addr2" 1252 ip address del dev "$devdummy" "$addr3" 1253 1254 if [ $ret -ne 0 ]; then 1255 end_test "FAIL: address proto $what" 1256 return 1 1257 fi 1258 end_test "PASS: address proto $what" 1259} 1260 1261kci_test_address_proto() 1262{ 1263 local ret=0 1264 1265 do_test_address_proto IPv4 192.0.2.1/28 1266 check_err $? 1267 1268 do_test_address_proto IPv6 2001:db8:1::1/64 1269 check_err $? 1270 1271 return $ret 1272} 1273 1274kci_test_enslave_bonding() 1275{ 1276 local bond="bond123" 1277 local ret=0 1278 1279 setup_ns testns 1280 if [ $? -ne 0 ]; then 1281 end_test "SKIP bonding tests: cannot add net namespace $testns" 1282 return $ksft_skip 1283 fi 1284 1285 run_cmd ip -netns $testns link add dev $bond type bond mode balance-rr 1286 run_cmd ip -netns $testns link add dev $devdummy type dummy 1287 run_cmd ip -netns $testns link set dev $devdummy up 1288 run_cmd ip -netns $testns link set dev $devdummy master $bond down 1289 if [ $ret -ne 0 ]; then 1290 end_test "FAIL: initially up interface added to a bond and set down" 1291 ip netns del "$testns" 1292 return 1 1293 fi 1294 1295 end_test "PASS: enslave interface in a bond" 1296 ip netns del "$testns" 1297} 1298 1299# Called to validate the addresses on $IFNAME: 1300# 1301# 1. Every `temporary` address must have a matching `mngtmpaddr` 1302# 2. Every `mngtmpaddr` address must have some un`deprecated` `temporary` 1303# 1304# If the mngtmpaddr or tempaddr checking failed, return 0 and stop slowwait 1305validate_mngtmpaddr() 1306{ 1307 local dev=$1 1308 local prefix="" 1309 local addr_list=$(ip -j -n $testns addr show dev ${dev}) 1310 local temp_addrs=$(echo ${addr_list} | \ 1311 jq -r '.[].addr_info[] | select(.temporary == true) | .local') 1312 local mng_prefixes=$(echo ${addr_list} | \ 1313 jq -r '.[].addr_info[] | select(.mngtmpaddr == true) | .local' | \ 1314 cut -d: -f1-4 | tr '\n' ' ') 1315 local undep_prefixes=$(echo ${addr_list} | \ 1316 jq -r '.[].addr_info[] | select(.temporary == true and .deprecated != true) | .local' | \ 1317 cut -d: -f1-4 | tr '\n' ' ') 1318 1319 # 1. All temporary addresses (temp and dep) must have a matching mngtmpaddr 1320 for address in ${temp_addrs}; do 1321 prefix=$(echo ${address} | cut -d: -f1-4) 1322 if [[ ! " ${mng_prefixes} " =~ " $prefix " ]]; then 1323 check_err 1 "FAIL: Temporary $address with no matching mngtmpaddr!"; 1324 return 0 1325 fi 1326 done 1327 1328 # 2. All mngtmpaddr addresses must have a temporary address (not dep) 1329 for prefix in ${mng_prefixes}; do 1330 if [[ ! " ${undep_prefixes} " =~ " $prefix " ]]; then 1331 check_err 1 "FAIL: No undeprecated temporary in $prefix!"; 1332 return 0 1333 fi 1334 done 1335 1336 return 1 1337} 1338 1339kci_test_mngtmpaddr() 1340{ 1341 local ret=0 1342 1343 setup_ns testns 1344 if [ $? -ne 0 ]; then 1345 end_test "SKIP mngtmpaddr tests: cannot add net namespace $testns" 1346 return $ksft_skip 1347 fi 1348 1349 # 1. Create a dummy Ethernet interface 1350 run_cmd ip -n $testns link add ${devdummy} type dummy 1351 run_cmd ip -n $testns link set ${devdummy} up 1352 run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.use_tempaddr=1 1353 run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.temp_prefered_lft=10 1354 run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.temp_valid_lft=25 1355 run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.max_desync_factor=1 1356 1357 # 2. Create several mngtmpaddr addresses on that interface. 1358 # with temp_*_lft configured to be pretty short (10 and 35 seconds 1359 # for prefer/valid respectively) 1360 for i in $(seq 1 9); do 1361 run_cmd ip -n $testns addr add 2001:db8:7e57:${i}::1/64 mngtmpaddr dev ${devdummy} 1362 done 1363 1364 # 3. Confirm that a preferred temporary address exists for each mngtmpaddr 1365 # address at all times, polling once per second for 30 seconds. 1366 slowwait 30 validate_mngtmpaddr ${devdummy} 1367 1368 # 4. Delete each mngtmpaddr address, one at a time (alternating between 1369 # deleting and merely un-mngtmpaddr-ing), and confirm that the other 1370 # mngtmpaddr addresses still have preferred temporaries. 1371 for i in $(seq 1 9); do 1372 (( $i % 4 == 0 )) && mng_flag="mngtmpaddr" || mng_flag="" 1373 if (( $i % 2 == 0 )); then 1374 run_cmd ip -n $testns addr del 2001:db8:7e57:${i}::1/64 $mng_flag dev ${devdummy} 1375 else 1376 run_cmd ip -n $testns addr change 2001:db8:7e57:${i}::1/64 dev ${devdummy} 1377 fi 1378 # the temp addr should be deleted 1379 validate_mngtmpaddr ${devdummy} 1380 done 1381 1382 if [ $ret -ne 0 ]; then 1383 end_test "FAIL: mngtmpaddr add/remove incorrect" 1384 else 1385 end_test "PASS: mngtmpaddr add/remove correctly" 1386 fi 1387 1388 ip netns del "$testns" 1389 return $ret 1390} 1391 1392kci_test_operstate() 1393{ 1394 local ret=0 1395 1396 # Check that it is possible to set operational state during device 1397 # creation and that it is preserved when the administrative state of 1398 # the device is toggled. 1399 run_cmd ip link add name vx0 up state up type vxlan id 10010 dstport 4789 1400 run_cmd_grep "state UP" ip link show dev vx0 1401 run_cmd ip link set dev vx0 down 1402 run_cmd_grep "state DOWN" ip link show dev vx0 1403 run_cmd ip link set dev vx0 up 1404 run_cmd_grep "state UP" ip link show dev vx0 1405 1406 run_cmd ip link del dev vx0 1407 1408 # Check that it is possible to set the operational state of the device 1409 # after creation. 1410 run_cmd ip link add name vx0 up type vxlan id 10010 dstport 4789 1411 run_cmd_grep "state UNKNOWN" ip link show dev vx0 1412 run_cmd ip link set dev vx0 state up 1413 run_cmd_grep "state UP" ip link show dev vx0 1414 1415 run_cmd ip link del dev vx0 1416 1417 if [ "$ret" -ne 0 ]; then 1418 end_test "FAIL: operstate" 1419 return 1 1420 fi 1421 1422 end_test "PASS: operstate" 1423} 1424 1425kci_test_rtnl() 1426{ 1427 local current_test 1428 local ret=0 1429 1430 kci_add_dummy 1431 if [ $ret -ne 0 ];then 1432 end_test "FAIL: cannot add dummy interface" 1433 return 1 1434 fi 1435 1436 for current_test in ${TESTS:-$ALL_TESTS}; do 1437 $current_test 1438 check_err $? 1439 done 1440 1441 kci_del_dummy 1442 return $ret 1443} 1444 1445usage() 1446{ 1447 cat <<EOF 1448usage: ${0##*/} OPTS 1449 1450 -t <test> Test(s) to run (default: all) 1451 (options: $(echo $ALL_TESTS)) 1452 -v Verbose mode (show commands and output) 1453 -P Pause after every test 1454 -p Pause after every failing test before cleanup (for debugging) 1455EOF 1456} 1457 1458#check for needed privileges 1459if [ "$(id -u)" -ne 0 ];then 1460 end_test "SKIP: Need root privileges" 1461 exit $ksft_skip 1462fi 1463 1464for x in ip tc;do 1465 $x -Version 2>/dev/null >/dev/null 1466 if [ $? -ne 0 ];then 1467 end_test "SKIP: Could not run test without the $x tool" 1468 exit $ksft_skip 1469 fi 1470done 1471 1472while getopts t:hvpP o; do 1473 case $o in 1474 t) TESTS=$OPTARG;; 1475 v) VERBOSE=1;; 1476 p) PAUSE_ON_FAIL=yes;; 1477 P) PAUSE=yes;; 1478 h) usage; exit 0;; 1479 *) usage; exit 1;; 1480 esac 1481done 1482 1483[ $PAUSE = "yes" ] && PAUSE_ON_FAIL="no" 1484 1485kci_test_rtnl 1486 1487exit $? 1488