rtnetlink.sh 40 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575
  1. #!/bin/bash
  2. #
  3. # This test is for checking rtnetlink callpaths, and get as much coverage as possible.
  4. #
  5. # set -e
  6. ALL_TESTS="
  7. kci_test_polrouting
  8. kci_test_route_get
  9. kci_test_addrlft
  10. kci_test_addrlft_route_cleanup
  11. kci_test_promote_secondaries
  12. kci_test_tc
  13. kci_test_gre
  14. kci_test_gretap
  15. kci_test_ip6gretap
  16. kci_test_erspan
  17. kci_test_ip6erspan
  18. kci_test_bridge
  19. kci_test_addrlabel
  20. kci_test_ifalias
  21. kci_test_vrf
  22. kci_test_encap
  23. kci_test_macsec
  24. kci_test_macsec_vlan
  25. kci_test_ipsec
  26. kci_test_ipsec_offload
  27. kci_test_fdb_get
  28. kci_test_fdb_del
  29. kci_test_neigh_get
  30. kci_test_neigh_update
  31. kci_test_bridge_parent_id
  32. kci_test_address_proto
  33. kci_test_enslave_bonding
  34. kci_test_mngtmpaddr
  35. kci_test_operstate
  36. "
  37. devdummy="test-dummy0"
  38. VERBOSE=0
  39. PAUSE=no
  40. PAUSE_ON_FAIL=no
  41. source lib.sh
  42. # set global exit status, but never reset nonzero one.
  43. check_err()
  44. {
  45. if [ $ret -eq 0 ]; then
  46. ret=$1
  47. fi
  48. [ -n "$2" ] && echo "$2"
  49. }
  50. # same but inverted -- used when command must fail for test to pass
  51. check_fail()
  52. {
  53. if [ $1 -eq 0 ]; then
  54. ret=1
  55. fi
  56. }
  57. run_cmd_common()
  58. {
  59. local cmd="$*"
  60. local out
  61. if [ "$VERBOSE" = "1" ]; then
  62. echo "COMMAND: ${cmd}"
  63. fi
  64. out=$($cmd 2>&1)
  65. rc=$?
  66. if [ "$VERBOSE" = "1" -a -n "$out" ]; then
  67. echo " $out"
  68. fi
  69. return $rc
  70. }
  71. run_cmd() {
  72. run_cmd_common "$@"
  73. rc=$?
  74. check_err $rc
  75. return $rc
  76. }
  77. run_cmd_fail()
  78. {
  79. run_cmd_common "$@"
  80. rc=$?
  81. check_fail $rc
  82. return $rc
  83. }
  84. run_cmd_grep_common()
  85. {
  86. local find="$1"; shift
  87. local cmd="$*"
  88. local out
  89. if [ "$VERBOSE" = "1" ]; then
  90. echo "COMMAND: ${cmd} 2>&1 | grep -q '${find}'"
  91. fi
  92. out=$($cmd 2>&1 | grep -q "${find}" 2>&1)
  93. return $?
  94. }
  95. run_cmd_grep() {
  96. run_cmd_grep_common "$@"
  97. rc=$?
  98. check_err $rc
  99. return $rc
  100. }
  101. run_cmd_grep_fail()
  102. {
  103. run_cmd_grep_common "$@"
  104. rc=$?
  105. check_fail $rc
  106. return $rc
  107. }
  108. end_test()
  109. {
  110. echo "$*"
  111. [ "${VERBOSE}" = "1" ] && echo
  112. if [[ $ret -ne 0 ]] && [[ "${PAUSE_ON_FAIL}" = "yes" ]]; then
  113. echo "Hit enter to continue"
  114. read a
  115. fi;
  116. if [ "${PAUSE}" = "yes" ]; then
  117. echo "Hit enter to continue"
  118. read a
  119. fi
  120. }
  121. kci_add_dummy()
  122. {
  123. run_cmd ip link add name "$devdummy" type dummy
  124. run_cmd ip link set "$devdummy" up
  125. }
  126. kci_del_dummy()
  127. {
  128. run_cmd ip link del dev "$devdummy"
  129. }
  130. kci_test_netconf()
  131. {
  132. dev="$1"
  133. r=$ret
  134. run_cmd ip netconf show dev "$dev"
  135. for f in 4 6; do
  136. run_cmd ip -$f netconf show dev "$dev"
  137. done
  138. if [ $ret -ne 0 ] ;then
  139. end_test "FAIL: ip netconf show $dev"
  140. test $r -eq 0 && ret=0
  141. return 1
  142. fi
  143. }
  144. # add a bridge with vlans on top
  145. kci_test_bridge()
  146. {
  147. devbr="test-br0"
  148. vlandev="testbr-vlan1"
  149. local ret=0
  150. run_cmd ip link add name "$devbr" type bridge
  151. run_cmd ip link set dev "$devdummy" master "$devbr"
  152. run_cmd ip link set "$devbr" up
  153. run_cmd ip link add link "$devbr" name "$vlandev" type vlan id 1
  154. run_cmd ip addr add dev "$vlandev" 10.200.7.23/30
  155. run_cmd ip -6 addr add dev "$vlandev" dead:42::1234/64
  156. run_cmd ip -d link
  157. run_cmd ip r s t all
  158. for name in "$devbr" "$vlandev" "$devdummy" ; do
  159. kci_test_netconf "$name"
  160. done
  161. run_cmd ip -6 addr del dev "$vlandev" dead:42::1234/64
  162. run_cmd ip link del dev "$vlandev"
  163. run_cmd ip link del dev "$devbr"
  164. if [ $ret -ne 0 ];then
  165. end_test "FAIL: bridge setup"
  166. return 1
  167. fi
  168. end_test "PASS: bridge setup"
  169. }
  170. kci_test_gre()
  171. {
  172. gredev=neta
  173. rem=10.42.42.1
  174. loc=10.0.0.1
  175. local ret=0
  176. run_cmd ip tunnel add $gredev mode gre remote $rem local $loc ttl 1
  177. run_cmd ip link set $gredev up
  178. run_cmd ip addr add 10.23.7.10 dev $gredev
  179. run_cmd ip route add 10.23.8.0/30 dev $gredev
  180. run_cmd ip addr add dev "$devdummy" 10.23.7.11/24
  181. run_cmd ip link
  182. run_cmd ip addr
  183. kci_test_netconf "$gredev"
  184. run_cmd ip addr del dev "$devdummy" 10.23.7.11/24
  185. run_cmd ip link del $gredev
  186. if [ $ret -ne 0 ];then
  187. end_test "FAIL: gre tunnel endpoint"
  188. return 1
  189. fi
  190. end_test "PASS: gre tunnel endpoint"
  191. }
  192. # tc uses rtnetlink too, for full tc testing
  193. # please see tools/testing/selftests/tc-testing.
  194. kci_test_tc()
  195. {
  196. dev=lo
  197. local ret=0
  198. run_cmd tc qdisc add dev "$dev" root handle 1: htb
  199. run_cmd tc class add dev "$dev" parent 1: classid 1:10 htb rate 1mbit
  200. run_cmd tc filter add dev "$dev" parent 1:0 prio 5 handle ffe: protocol ip u32 divisor 256
  201. run_cmd tc filter add dev "$dev" parent 1:0 prio 5 handle ffd: protocol ip u32 divisor 256
  202. run_cmd tc filter add dev "$dev" parent 1:0 prio 5 handle ffc: protocol ip u32 divisor 256
  203. run_cmd tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 ht ffe:2: match ip src 10.0.0.3 flowid 1:10
  204. run_cmd tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:2 u32 ht ffe:2: match ip src 10.0.0.2 flowid 1:10
  205. run_cmd tc filter show dev "$dev" parent 1:0
  206. run_cmd tc filter del dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32
  207. run_cmd tc filter show dev "$dev" parent 1:0
  208. run_cmd tc qdisc del dev "$dev" root handle 1: htb
  209. if [ $ret -ne 0 ];then
  210. end_test "FAIL: tc htb hierarchy"
  211. return 1
  212. fi
  213. end_test "PASS: tc htb hierarchy"
  214. }
  215. kci_test_polrouting()
  216. {
  217. local ret=0
  218. run_cmd ip rule add fwmark 1 lookup 100
  219. run_cmd ip route add local 0.0.0.0/0 dev lo table 100
  220. run_cmd ip r s t all
  221. run_cmd ip rule del fwmark 1 lookup 100
  222. run_cmd ip route del local 0.0.0.0/0 dev lo table 100
  223. if [ $ret -ne 0 ];then
  224. end_test "FAIL: policy route test"
  225. return 1
  226. fi
  227. end_test "PASS: policy routing"
  228. }
  229. kci_test_route_get()
  230. {
  231. local hash_policy=$(sysctl -n net.ipv4.fib_multipath_hash_policy)
  232. local ret=0
  233. run_cmd ip route get 127.0.0.1
  234. run_cmd ip route get 127.0.0.1 dev "$devdummy"
  235. run_cmd ip route get ::1
  236. run_cmd ip route get fe80::1 dev "$devdummy"
  237. run_cmd ip route get 127.0.0.1 from 127.0.0.1 oif lo tos 0x10 mark 0x1
  238. run_cmd ip route get ::1 from ::1 iif lo oif lo tos 0x10 mark 0x1
  239. run_cmd ip addr add dev "$devdummy" 10.23.7.11/24
  240. run_cmd ip route get 10.23.7.11 from 10.23.7.12 iif "$devdummy"
  241. run_cmd ip route add 10.23.8.0/24 \
  242. nexthop via 10.23.7.13 dev "$devdummy" \
  243. nexthop via 10.23.7.14 dev "$devdummy"
  244. sysctl -wq net.ipv4.fib_multipath_hash_policy=0
  245. run_cmd ip route get 10.23.8.11
  246. sysctl -wq net.ipv4.fib_multipath_hash_policy=1
  247. run_cmd ip route get 10.23.8.11
  248. sysctl -wq net.ipv4.fib_multipath_hash_policy="$hash_policy"
  249. run_cmd ip route del 10.23.8.0/24
  250. run_cmd ip addr del dev "$devdummy" 10.23.7.11/24
  251. if [ $ret -ne 0 ];then
  252. end_test "FAIL: route get"
  253. return 1
  254. fi
  255. end_test "PASS: route get"
  256. }
  257. check_addr_not_exist()
  258. {
  259. dev=$1
  260. addr=$2
  261. if ip addr show dev $dev | grep -q $addr; then
  262. return 1
  263. else
  264. return 0
  265. fi
  266. }
  267. kci_test_addrlft()
  268. {
  269. for i in $(seq 10 100) ;do
  270. lft=$(((RANDOM%3) + 1))
  271. run_cmd ip addr add 10.23.11.$i/32 dev "$devdummy" preferred_lft $lft valid_lft $((lft+1))
  272. done
  273. slowwait 5 check_addr_not_exist "$devdummy" "10.23.11."
  274. if [ $? -eq 1 ]; then
  275. # troubleshoot the reason for our failure
  276. run_cmd ip addr show dev "$devdummy"
  277. check_err 1
  278. end_test "FAIL: preferred_lft addresses remaining"
  279. return
  280. fi
  281. end_test "PASS: preferred_lft addresses have expired"
  282. }
  283. kci_test_addrlft_route_cleanup()
  284. {
  285. local ret=0
  286. local test_addr="2001:db8:99::1/64"
  287. local test_prefix="2001:db8:99::/64"
  288. run_cmd ip -6 addr add $test_addr dev "$devdummy" valid_lft 300 preferred_lft 300
  289. run_cmd_grep "$test_prefix proto kernel" ip -6 route show dev "$devdummy"
  290. run_cmd ip -6 addr del $test_addr dev "$devdummy"
  291. run_cmd_grep_fail "$test_prefix" ip -6 route show dev "$devdummy"
  292. if [ $ret -ne 0 ]; then
  293. end_test "FAIL: route not cleaned up when address with valid_lft deleted"
  294. return 1
  295. fi
  296. end_test "PASS: route cleaned up when address with valid_lft deleted"
  297. }
  298. kci_test_promote_secondaries()
  299. {
  300. run_cmd ifconfig "$devdummy"
  301. if [ $ret -ne 0 ]; then
  302. end_test "SKIP: ifconfig not installed"
  303. return $ksft_skip
  304. fi
  305. promote=$(sysctl -n net.ipv4.conf.$devdummy.promote_secondaries)
  306. sysctl -q net.ipv4.conf.$devdummy.promote_secondaries=1
  307. for i in $(seq 2 254);do
  308. IP="10.23.11.$i"
  309. ip -f inet addr add $IP/16 brd + dev "$devdummy"
  310. ifconfig "$devdummy" $IP netmask 255.255.0.0
  311. done
  312. ip addr flush dev "$devdummy"
  313. [ $promote -eq 0 ] && sysctl -q net.ipv4.conf.$devdummy.promote_secondaries=0
  314. end_test "PASS: promote_secondaries complete"
  315. }
  316. kci_test_addrlabel()
  317. {
  318. local ret=0
  319. run_cmd ip addrlabel add prefix dead::/64 dev lo label 1
  320. run_cmd_grep "prefix dead::/64 dev lo label 1" ip addrlabel list
  321. run_cmd ip addrlabel del prefix dead::/64 dev lo label 1
  322. run_cmd ip addrlabel add prefix dead::/64 label 1
  323. run_cmd ip addrlabel del prefix dead::/64 label 1
  324. # concurrent add/delete
  325. for i in $(seq 1 1000); do
  326. ip addrlabel add prefix 1c3::/64 label 12345 2>/dev/null
  327. done &
  328. for i in $(seq 1 1000); do
  329. ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
  330. done
  331. wait
  332. ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
  333. if [ $ret -ne 0 ];then
  334. end_test "FAIL: ipv6 addrlabel"
  335. return 1
  336. fi
  337. end_test "PASS: ipv6 addrlabel"
  338. }
  339. kci_test_ifalias()
  340. {
  341. local ret=0
  342. namewant=$(uuidgen)
  343. syspathname="/sys/class/net/$devdummy/ifalias"
  344. run_cmd ip link set dev "$devdummy" alias "$namewant"
  345. if [ $ret -ne 0 ]; then
  346. end_test "FAIL: cannot set interface alias of $devdummy to $namewant"
  347. return 1
  348. fi
  349. run_cmd_grep "alias $namewant" ip link show "$devdummy"
  350. if [ -r "$syspathname" ] ; then
  351. read namehave < "$syspathname"
  352. if [ "$namewant" != "$namehave" ]; then
  353. end_test "FAIL: did set ifalias $namewant but got $namehave"
  354. return 1
  355. fi
  356. namewant=$(uuidgen)
  357. echo "$namewant" > "$syspathname"
  358. run_cmd_grep "alias $namewant" ip link show "$devdummy"
  359. # sysfs interface allows to delete alias again
  360. echo "" > "$syspathname"
  361. run_cmd_grep_fail "alias $namewant" ip link show "$devdummy"
  362. for i in $(seq 1 100); do
  363. uuidgen > "$syspathname" &
  364. done
  365. wait
  366. # re-add the alias -- kernel should free mem when dummy dev is removed
  367. run_cmd ip link set dev "$devdummy" alias "$namewant"
  368. fi
  369. if [ $ret -ne 0 ]; then
  370. end_test "FAIL: set interface alias $devdummy to $namewant"
  371. return 1
  372. fi
  373. end_test "PASS: set ifalias $namewant for $devdummy"
  374. }
  375. kci_test_vrf()
  376. {
  377. vrfname="test-vrf"
  378. local ret=0
  379. run_cmd ip link show type vrf
  380. if [ $? -ne 0 ]; then
  381. end_test "SKIP: vrf: iproute2 too old"
  382. return $ksft_skip
  383. fi
  384. run_cmd ip link add "$vrfname" type vrf table 10
  385. if [ $ret -ne 0 ];then
  386. end_test "FAIL: can't add vrf interface, skipping test"
  387. return 0
  388. fi
  389. run_cmd_grep "$vrfname" ip -br link show type vrf
  390. if [ $ret -ne 0 ];then
  391. end_test "FAIL: created vrf device not found"
  392. return 1
  393. fi
  394. run_cmd ip link set dev "$vrfname" up
  395. run_cmd ip link set dev "$devdummy" master "$vrfname"
  396. run_cmd ip link del dev "$vrfname"
  397. if [ $ret -ne 0 ];then
  398. end_test "FAIL: vrf"
  399. return 1
  400. fi
  401. end_test "PASS: vrf"
  402. }
  403. kci_test_encap_vxlan()
  404. {
  405. local ret=0
  406. vxlan="test-vxlan0"
  407. vlan="test-vlan0"
  408. run_cmd ip -netns "$testns" link add "$vxlan" type vxlan id 42 group 239.1.1.1 \
  409. dev "$devdummy" dstport 4789
  410. if [ $? -ne 0 ]; then
  411. end_test "FAIL: can't add vxlan interface, skipping test"
  412. return 0
  413. fi
  414. run_cmd ip -netns "$testns" addr add 10.2.11.49/24 dev "$vxlan"
  415. run_cmd ip -netns "$testns" link set up dev "$vxlan"
  416. run_cmd ip -netns "$testns" link add link "$vxlan" name "$vlan" type vlan id 1
  417. # changelink testcases
  418. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan vni 43
  419. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan group ffe5::5 dev "$devdummy"
  420. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan ttl inherit
  421. run_cmd ip -netns "$testns" link set dev "$vxlan" type vxlan ttl 64
  422. run_cmd ip -netns "$testns" link set dev "$vxlan" type vxlan nolearning
  423. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan proxy
  424. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan norsc
  425. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan l2miss
  426. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan l3miss
  427. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan external
  428. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan udpcsum
  429. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan udp6zerocsumtx
  430. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan udp6zerocsumrx
  431. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan remcsumtx
  432. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan remcsumrx
  433. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan gbp
  434. run_cmd_fail ip -netns "$testns" link set dev "$vxlan" type vxlan gpe
  435. run_cmd ip -netns "$testns" link del "$vxlan"
  436. if [ $ret -ne 0 ]; then
  437. end_test "FAIL: vxlan"
  438. return 1
  439. fi
  440. end_test "PASS: vxlan"
  441. }
  442. kci_test_encap_fou()
  443. {
  444. local ret=0
  445. name="test-fou"
  446. run_cmd_grep 'Usage: ip fou' ip fou help
  447. if [ $? -ne 0 ];then
  448. end_test "SKIP: fou: iproute2 too old"
  449. return $ksft_skip
  450. fi
  451. if ! /sbin/modprobe -q -n fou; then
  452. end_test "SKIP: module fou is not found"
  453. return $ksft_skip
  454. fi
  455. /sbin/modprobe -q fou
  456. run_cmd ip -netns "$testns" fou add port 7777 ipproto 47
  457. if [ $? -ne 0 ];then
  458. end_test "FAIL: can't add fou port 7777, skipping test"
  459. return 1
  460. fi
  461. run_cmd ip -netns "$testns" fou add port 8888 ipproto 4
  462. run_cmd_fail ip -netns "$testns" fou del port 9999
  463. run_cmd ip -netns "$testns" fou del port 7777
  464. if [ $ret -ne 0 ]; then
  465. end_test "FAIL: fou"
  466. return 1
  467. fi
  468. end_test "PASS: fou"
  469. }
  470. # test various encap methods, use netns to avoid unwanted interference
  471. kci_test_encap()
  472. {
  473. local ret=0
  474. setup_ns testns
  475. if [ $? -ne 0 ]; then
  476. end_test "SKIP encap tests: cannot add net namespace $testns"
  477. return $ksft_skip
  478. fi
  479. run_cmd ip -netns "$testns" link set lo up
  480. run_cmd ip -netns "$testns" link add name "$devdummy" type dummy
  481. run_cmd ip -netns "$testns" link set "$devdummy" up
  482. run_cmd kci_test_encap_vxlan
  483. run_cmd kci_test_encap_fou
  484. ip netns del "$testns"
  485. return $ret
  486. }
  487. kci_test_macsec()
  488. {
  489. msname="test_macsec0"
  490. local ret=0
  491. run_cmd_grep "^Usage: ip macsec" ip macsec help
  492. if [ $? -ne 0 ]; then
  493. end_test "SKIP: macsec: iproute2 too old"
  494. return $ksft_skip
  495. fi
  496. run_cmd ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on
  497. if [ $ret -ne 0 ];then
  498. end_test "FAIL: can't add macsec interface, skipping test"
  499. return 1
  500. fi
  501. run_cmd ip macsec add "$msname" tx sa 0 pn 1024 on key 01 12345678901234567890123456789012
  502. run_cmd ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef"
  503. run_cmd ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" sa 0 pn 1 on key 00 0123456789abcdef0123456789abcdef
  504. run_cmd ip macsec show
  505. run_cmd ip link del dev "$msname"
  506. if [ $ret -ne 0 ];then
  507. end_test "FAIL: macsec"
  508. return 1
  509. fi
  510. end_test "PASS: macsec"
  511. }
  512. # Test __dev_set_rx_mode call from dev_uc_add under addr_list_lock spinlock.
  513. # Make sure __dev_set_promiscuity is not grabbing (sleeping) netdev instance
  514. # lock.
  515. # https://lore.kernel.org/netdev/2aff4342b0f5b1539c02ffd8df4c7e58dd9746e7.camel@nvidia.com/
  516. kci_test_macsec_vlan()
  517. {
  518. msname="test_macsec1"
  519. vlanname="test_vlan1"
  520. local ret=0
  521. run_cmd_grep "^Usage: ip macsec" ip macsec help
  522. if [ $? -ne 0 ]; then
  523. end_test "SKIP: macsec: iproute2 too old"
  524. return $ksft_skip
  525. fi
  526. run_cmd ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on
  527. if [ $ret -ne 0 ];then
  528. end_test "FAIL: can't add macsec interface, skipping test"
  529. return 1
  530. fi
  531. run_cmd ip link set dev "$msname" up
  532. ip link add link "$msname" name "$vlanname" type vlan id 1
  533. ip link set dev "$vlanname" address 00:11:22:33:44:88
  534. ip link set dev "$vlanname" up
  535. run_cmd ip link del dev "$vlanname"
  536. run_cmd ip link del dev "$msname"
  537. if [ $ret -ne 0 ];then
  538. end_test "FAIL: macsec_vlan"
  539. return 1
  540. fi
  541. end_test "PASS: macsec_vlan"
  542. }
  543. #-------------------------------------------------------------------
  544. # Example commands
  545. # ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \
  546. # spi 0x07 mode transport reqid 0x07 replay-window 32 \
  547. # aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \
  548. # sel src 14.0.0.52/24 dst 14.0.0.70/24
  549. # ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \
  550. # tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \
  551. # spi 0x07 mode transport reqid 0x07
  552. #
  553. # Subcommands not tested
  554. # ip x s update
  555. # ip x s allocspi
  556. # ip x s deleteall
  557. # ip x p update
  558. # ip x p deleteall
  559. # ip x p set
  560. #-------------------------------------------------------------------
  561. kci_test_ipsec()
  562. {
  563. local ret=0
  564. algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128"
  565. srcip=192.168.123.1
  566. dstip=192.168.123.2
  567. spi=7
  568. ip addr add $srcip dev $devdummy
  569. # flush to be sure there's nothing configured
  570. run_cmd ip x s flush ; ip x p flush
  571. # start the monitor in the background
  572. tmpfile=`mktemp /var/run/ipsectestXXX`
  573. mpid=`(ip x m > $tmpfile & echo $!) 2>/dev/null`
  574. sleep 0.2
  575. ipsecid="proto esp src $srcip dst $dstip spi 0x07"
  576. run_cmd ip x s add $ipsecid \
  577. mode transport reqid 0x07 replay-window 32 \
  578. $algo sel src $srcip/24 dst $dstip/24
  579. lines=`ip x s list | grep $srcip | grep $dstip | wc -l`
  580. run_cmd test $lines -eq 2
  581. run_cmd_grep "SAD count 1" ip x s count
  582. lines=`ip x s get $ipsecid | grep $srcip | grep $dstip | wc -l`
  583. run_cmd test $lines -eq 2
  584. run_cmd ip x s delete $ipsecid
  585. lines=`ip x s list | wc -l`
  586. run_cmd test $lines -eq 0
  587. ipsecsel="dir out src $srcip/24 dst $dstip/24"
  588. run_cmd ip x p add $ipsecsel \
  589. tmpl proto esp src $srcip dst $dstip \
  590. spi 0x07 mode transport reqid 0x07
  591. lines=`ip x p list | grep $srcip | grep $dstip | wc -l`
  592. run_cmd test $lines -eq 2
  593. run_cmd_grep "SPD IN 0 OUT 1 FWD 0" ip x p count
  594. lines=`ip x p get $ipsecsel | grep $srcip | grep $dstip | wc -l`
  595. run_cmd test $lines -eq 2
  596. run_cmd ip x p delete $ipsecsel
  597. lines=`ip x p list | wc -l`
  598. run_cmd test $lines -eq 0
  599. # check the monitor results
  600. kill $mpid
  601. lines=`wc -l $tmpfile | cut "-d " -f1`
  602. run_cmd test $lines -eq 20
  603. rm -rf $tmpfile
  604. # clean up any leftovers
  605. run_cmd ip x s flush
  606. run_cmd ip x p flush
  607. ip addr del $srcip/32 dev $devdummy
  608. if [ $ret -ne 0 ]; then
  609. end_test "FAIL: ipsec"
  610. return 1
  611. fi
  612. end_test "PASS: ipsec"
  613. }
  614. #-------------------------------------------------------------------
  615. # Example commands
  616. # ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \
  617. # spi 0x07 mode transport reqid 0x07 replay-window 32 \
  618. # aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \
  619. # sel src 14.0.0.52/24 dst 14.0.0.70/24
  620. # offload dev sim1 dir out
  621. # ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \
  622. # tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \
  623. # spi 0x07 mode transport reqid 0x07
  624. #
  625. #-------------------------------------------------------------------
  626. kci_test_ipsec_offload()
  627. {
  628. local ret=0
  629. algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128"
  630. srcip=192.168.123.3
  631. dstip=192.168.123.4
  632. sysfsd=/sys/kernel/debug/netdevsim/netdevsim0/ports/0/
  633. sysfsf=$sysfsd/ipsec
  634. sysfsnet=/sys/bus/netdevsim/devices/netdevsim0/net/
  635. probed=false
  636. esp4_offload_probed_default=false
  637. if lsmod | grep -q esp4_offload; then
  638. esp4_offload_probed_default=true
  639. fi
  640. if ! mount | grep -q debugfs; then
  641. mount -t debugfs none /sys/kernel/debug/ &> /dev/null
  642. fi
  643. # setup netdevsim since dummydev doesn't have offload support
  644. if [ ! -w /sys/bus/netdevsim/new_device ] ; then
  645. run_cmd modprobe -q netdevsim
  646. if [ $ret -ne 0 ]; then
  647. end_test "SKIP: ipsec_offload can't load netdevsim"
  648. return $ksft_skip
  649. fi
  650. probed=true
  651. fi
  652. echo "0" > /sys/bus/netdevsim/new_device
  653. while [ ! -d $sysfsnet ] ; do :; done
  654. udevadm settle
  655. dev=`ls $sysfsnet`
  656. ip addr add $srcip dev $dev
  657. ip link set $dev up
  658. if [ ! -d $sysfsd ] ; then
  659. end_test "FAIL: ipsec_offload can't create device $dev"
  660. return 1
  661. fi
  662. if [ ! -f $sysfsf ] ; then
  663. end_test "FAIL: ipsec_offload netdevsim doesn't support IPsec offload"
  664. return 1
  665. fi
  666. # flush to be sure there's nothing configured
  667. ip x s flush ; ip x p flush
  668. # create offloaded SAs, both in and out
  669. run_cmd ip x p add dir out src $srcip/24 dst $dstip/24 \
  670. tmpl proto esp src $srcip dst $dstip spi 9 \
  671. mode transport reqid 42
  672. run_cmd ip x p add dir in src $dstip/24 dst $srcip/24 \
  673. tmpl proto esp src $dstip dst $srcip spi 9 \
  674. mode transport reqid 42
  675. run_cmd ip x s add proto esp src $srcip dst $dstip spi 9 \
  676. mode transport reqid 42 $algo sel src $srcip/24 dst $dstip/24 \
  677. offload dev $dev dir out
  678. run_cmd ip x s add proto esp src $dstip dst $srcip spi 9 \
  679. mode transport reqid 42 $algo sel src $dstip/24 dst $srcip/24 \
  680. offload dev $dev dir in
  681. if [ $ret -ne 0 ]; then
  682. end_test "FAIL: ipsec_offload can't create SA"
  683. return 1
  684. fi
  685. # does offload show up in ip output
  686. lines=`ip x s list | grep -c "crypto offload parameters: dev $dev dir"`
  687. if [ $lines -ne 2 ] ; then
  688. check_err 1
  689. end_test "FAIL: ipsec_offload SA offload missing from list output"
  690. fi
  691. # we didn't create a peer, make sure we can Tx
  692. ip neigh add $dstip dev $dev lladdr 00:11:22:33:44:55
  693. # use ping to exercise the Tx path
  694. ping -I $dev -c 3 -W 1 -i 0 $dstip >/dev/null
  695. # does driver have correct offload info
  696. run_cmd diff $sysfsf - << EOF
  697. SA count=2 tx=3
  698. sa[0] tx ipaddr=$dstip
  699. sa[0] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1
  700. sa[0] key=0x34333231 38373635 32313039 36353433
  701. sa[1] rx ipaddr=$srcip
  702. sa[1] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1
  703. sa[1] key=0x34333231 38373635 32313039 36353433
  704. EOF
  705. if [ $? -ne 0 ] ; then
  706. end_test "FAIL: ipsec_offload incorrect driver data"
  707. check_err 1
  708. fi
  709. # does offload get removed from driver
  710. ip x s flush
  711. ip x p flush
  712. lines=`grep -c "SA count=0" $sysfsf`
  713. if [ $lines -ne 1 ] ; then
  714. check_err 1
  715. end_test "FAIL: ipsec_offload SA not removed from driver"
  716. fi
  717. # clean up any leftovers
  718. ! "$esp4_offload_probed_default" && lsmod | grep -q esp4_offload && rmmod esp4_offload
  719. echo 0 > /sys/bus/netdevsim/del_device
  720. $probed && rmmod netdevsim
  721. if [ $ret -ne 0 ]; then
  722. end_test "FAIL: ipsec_offload"
  723. return 1
  724. fi
  725. end_test "PASS: ipsec_offload"
  726. }
  727. kci_test_gretap()
  728. {
  729. DEV_NS=gretap00
  730. local ret=0
  731. setup_ns testns
  732. if [ $? -ne 0 ]; then
  733. end_test "SKIP gretap tests: cannot add net namespace $testns"
  734. return $ksft_skip
  735. fi
  736. run_cmd_grep "^Usage:" ip link help gretap
  737. if [ $? -ne 0 ];then
  738. end_test "SKIP: gretap: iproute2 too old"
  739. ip netns del "$testns"
  740. return $ksft_skip
  741. fi
  742. # test native tunnel
  743. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type gretap seq \
  744. key 102 local 172.16.1.100 remote 172.16.1.200
  745. run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24
  746. run_cmd ip -netns "$testns" link set dev $DEV_NS up
  747. run_cmd ip -netns "$testns" link del "$DEV_NS"
  748. # test external mode
  749. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type gretap external
  750. run_cmd ip -netns "$testns" link del "$DEV_NS"
  751. if [ $ret -ne 0 ]; then
  752. end_test "FAIL: gretap"
  753. ip netns del "$testns"
  754. return 1
  755. fi
  756. end_test "PASS: gretap"
  757. ip netns del "$testns"
  758. }
  759. kci_test_ip6gretap()
  760. {
  761. DEV_NS=ip6gretap00
  762. local ret=0
  763. setup_ns testns
  764. if [ $? -ne 0 ]; then
  765. end_test "SKIP ip6gretap tests: cannot add net namespace $testns"
  766. return $ksft_skip
  767. fi
  768. run_cmd_grep "^Usage:" ip link help ip6gretap
  769. if [ $? -ne 0 ];then
  770. end_test "SKIP: ip6gretap: iproute2 too old"
  771. ip netns del "$testns"
  772. return $ksft_skip
  773. fi
  774. # test native tunnel
  775. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6gretap seq \
  776. key 102 local fc00:100::1 remote fc00:100::2
  777. run_cmd ip -netns "$testns" addr add dev "$DEV_NS" fc00:200::1/96
  778. run_cmd ip -netns "$testns" link set dev $DEV_NS up
  779. run_cmd ip -netns "$testns" link del "$DEV_NS"
  780. # test external mode
  781. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6gretap external
  782. run_cmd ip -netns "$testns" link del "$DEV_NS"
  783. if [ $ret -ne 0 ]; then
  784. end_test "FAIL: ip6gretap"
  785. ip netns del "$testns"
  786. return 1
  787. fi
  788. end_test "PASS: ip6gretap"
  789. ip netns del "$testns"
  790. }
  791. kci_test_erspan()
  792. {
  793. DEV_NS=erspan00
  794. local ret=0
  795. run_cmd_grep "^Usage:" ip link help erspan
  796. if [ $? -ne 0 ];then
  797. end_test "SKIP: erspan: iproute2 too old"
  798. return $ksft_skip
  799. fi
  800. setup_ns testns
  801. if [ $? -ne 0 ]; then
  802. end_test "SKIP erspan tests: cannot add net namespace $testns"
  803. return $ksft_skip
  804. fi
  805. # test native tunnel erspan v1
  806. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type erspan seq \
  807. key 102 local 172.16.1.100 remote 172.16.1.200 \
  808. erspan_ver 1 erspan 488
  809. run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24
  810. run_cmd ip -netns "$testns" link set dev $DEV_NS up
  811. run_cmd ip -netns "$testns" link del "$DEV_NS"
  812. # test native tunnel erspan v2
  813. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type erspan seq \
  814. key 102 local 172.16.1.100 remote 172.16.1.200 \
  815. erspan_ver 2 erspan_dir ingress erspan_hwid 7
  816. run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24
  817. run_cmd ip -netns "$testns" link set dev $DEV_NS up
  818. run_cmd ip -netns "$testns" link del "$DEV_NS"
  819. # test external mode
  820. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type erspan external
  821. run_cmd ip -netns "$testns" link del "$DEV_NS"
  822. if [ $ret -ne 0 ]; then
  823. end_test "FAIL: erspan"
  824. ip netns del "$testns"
  825. return 1
  826. fi
  827. end_test "PASS: erspan"
  828. ip netns del "$testns"
  829. }
  830. kci_test_ip6erspan()
  831. {
  832. DEV_NS=ip6erspan00
  833. local ret=0
  834. run_cmd_grep "^Usage:" ip link help ip6erspan
  835. if [ $? -ne 0 ];then
  836. end_test "SKIP: ip6erspan: iproute2 too old"
  837. return $ksft_skip
  838. fi
  839. setup_ns testns
  840. if [ $? -ne 0 ]; then
  841. end_test "SKIP ip6erspan tests: cannot add net namespace $testns"
  842. return $ksft_skip
  843. fi
  844. # test native tunnel ip6erspan v1
  845. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6erspan seq \
  846. key 102 local fc00:100::1 remote fc00:100::2 \
  847. erspan_ver 1 erspan 488
  848. run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24
  849. run_cmd ip -netns "$testns" link set dev $DEV_NS up
  850. run_cmd ip -netns "$testns" link del "$DEV_NS"
  851. # test native tunnel ip6erspan v2
  852. run_cmd ip -netns "$testns" link add dev "$DEV_NS" type ip6erspan seq \
  853. key 102 local fc00:100::1 remote fc00:100::2 \
  854. erspan_ver 2 erspan_dir ingress erspan_hwid 7
  855. run_cmd ip -netns "$testns" addr add dev "$DEV_NS" 10.1.1.100/24
  856. run_cmd ip -netns "$testns" link set dev $DEV_NS up
  857. run_cmd ip -netns "$testns" link del "$DEV_NS"
  858. # test external mode
  859. run_cmd ip -netns "$testns" link add dev "$DEV_NS" \
  860. type ip6erspan external
  861. run_cmd ip -netns "$testns" link del "$DEV_NS"
  862. if [ $ret -ne 0 ]; then
  863. end_test "FAIL: ip6erspan"
  864. ip netns del "$testns"
  865. return 1
  866. fi
  867. end_test "PASS: ip6erspan"
  868. ip netns del "$testns"
  869. }
  870. kci_test_fdb_get()
  871. {
  872. brdev="test-br0"
  873. vxlandev="vxlan10"
  874. test_mac=de:ad:be:ef:13:37
  875. localip="10.0.2.2"
  876. dstip="10.0.2.3"
  877. local ret=0
  878. run_cmd_grep 'bridge fdb get' bridge fdb help
  879. if [ $? -ne 0 ];then
  880. end_test "SKIP: fdb get tests: iproute2 too old"
  881. return $ksft_skip
  882. fi
  883. setup_ns testns
  884. if [ $? -ne 0 ]; then
  885. end_test "SKIP fdb get tests: cannot add net namespace $testns"
  886. return $ksft_skip
  887. fi
  888. IP="ip -netns $testns"
  889. BRIDGE="bridge -netns $testns"
  890. run_cmd $IP link add "$vxlandev" type vxlan id 10 local $localip \
  891. dstport 4789
  892. run_cmd $IP link add name "$brdev" type bridge
  893. run_cmd $IP link set dev "$vxlandev" master "$brdev"
  894. run_cmd $BRIDGE fdb add $test_mac dev "$vxlandev" master
  895. run_cmd $BRIDGE fdb add $test_mac dev "$vxlandev" dst $dstip self
  896. run_cmd_grep "dev $vxlandev master $brdev" $BRIDGE fdb get $test_mac brport "$vxlandev"
  897. run_cmd_grep "dev $vxlandev master $brdev" $BRIDGE fdb get $test_mac br "$brdev"
  898. run_cmd_grep "dev $vxlandev dst $dstip" $BRIDGE fdb get $test_mac dev "$vxlandev" self
  899. ip netns del $testns &>/dev/null
  900. if [ $ret -ne 0 ]; then
  901. end_test "FAIL: bridge fdb get"
  902. return 1
  903. fi
  904. end_test "PASS: bridge fdb get"
  905. }
  906. kci_test_fdb_del()
  907. {
  908. local test_mac=de:ad:be:ef:13:37
  909. local dummydev="dummy1"
  910. local brdev="test-br0"
  911. local ret=0
  912. run_cmd_grep 'bridge fdb get' bridge fdb help
  913. if [ $? -ne 0 ]; then
  914. end_test "SKIP: fdb del tests: iproute2 too old"
  915. return $ksft_skip
  916. fi
  917. setup_ns testns
  918. if [ $? -ne 0 ]; then
  919. end_test "SKIP fdb del tests: cannot add net namespace $testns"
  920. return $ksft_skip
  921. fi
  922. IP="ip -netns $testns"
  923. BRIDGE="bridge -netns $testns"
  924. run_cmd $IP link add $dummydev type dummy
  925. run_cmd $IP link add name $brdev type bridge vlan_filtering 1
  926. run_cmd $IP link set dev $dummydev master $brdev
  927. run_cmd $BRIDGE fdb add $test_mac dev $dummydev master static vlan 1
  928. run_cmd $BRIDGE vlan del vid 1 dev $dummydev
  929. run_cmd $BRIDGE fdb get $test_mac br $brdev vlan 1
  930. run_cmd $BRIDGE fdb del $test_mac dev $dummydev master vlan 1
  931. run_cmd_fail $BRIDGE fdb get $test_mac br $brdev vlan 1
  932. ip netns del $testns &>/dev/null
  933. if [ $ret -ne 0 ]; then
  934. end_test "FAIL: bridge fdb del"
  935. return 1
  936. fi
  937. end_test "PASS: bridge fdb del"
  938. }
  939. kci_test_neigh_get()
  940. {
  941. dstmac=de:ad:be:ef:13:37
  942. dstip=10.0.2.4
  943. dstip6=dead::2
  944. local ret=0
  945. run_cmd_grep 'ip neigh get' ip neigh help
  946. if [ $? -ne 0 ];then
  947. end_test "SKIP: fdb get tests: iproute2 too old"
  948. return $ksft_skip
  949. fi
  950. # ipv4
  951. run_cmd ip neigh add $dstip lladdr $dstmac dev "$devdummy"
  952. run_cmd_grep "$dstmac" ip neigh get $dstip dev "$devdummy"
  953. run_cmd ip neigh del $dstip lladdr $dstmac dev "$devdummy"
  954. # ipv4 proxy
  955. run_cmd ip neigh add proxy $dstip dev "$devdummy"
  956. run_cmd_grep "$dstip" ip neigh get proxy $dstip dev "$devdummy"
  957. run_cmd ip neigh del proxy $dstip dev "$devdummy"
  958. # ipv6
  959. run_cmd ip neigh add $dstip6 lladdr $dstmac dev "$devdummy"
  960. run_cmd_grep "$dstmac" ip neigh get $dstip6 dev "$devdummy"
  961. run_cmd ip neigh del $dstip6 lladdr $dstmac dev "$devdummy"
  962. # ipv6 proxy
  963. run_cmd ip neigh add proxy $dstip6 dev "$devdummy"
  964. run_cmd_grep "$dstip6" ip neigh get proxy $dstip6 dev "$devdummy"
  965. run_cmd ip neigh del proxy $dstip6 dev "$devdummy"
  966. if [ $ret -ne 0 ];then
  967. end_test "FAIL: neigh get"
  968. return 1
  969. fi
  970. end_test "PASS: neigh get"
  971. }
  972. kci_test_neigh_update()
  973. {
  974. dstip=10.0.2.4
  975. dstmac=de:ad:be:ef:13:37
  976. local ret=0
  977. for proxy in "" "proxy" ; do
  978. # add a neighbour entry without any flags
  979. run_cmd ip neigh add $proxy $dstip dev "$devdummy" lladdr $dstmac nud permanent
  980. run_cmd_grep $dstip ip neigh show $proxy
  981. run_cmd_grep_fail "$dstip dev $devdummy .*\(managed\|use\|router\|extern\)" ip neigh show $proxy
  982. # set the extern_learn flag, but no other
  983. run_cmd ip neigh change $proxy $dstip dev "$devdummy" extern_learn
  984. run_cmd_grep "$dstip dev $devdummy .* extern_learn" ip neigh show $proxy
  985. run_cmd_grep_fail "$dstip dev $devdummy .* \(managed\|use\|router\)" ip neigh show $proxy
  986. # flags are reset when not provided
  987. run_cmd ip neigh change $proxy $dstip dev "$devdummy"
  988. run_cmd_grep $dstip ip neigh show $proxy
  989. run_cmd_grep_fail "$dstip dev $devdummy .* extern_learn" ip neigh show $proxy
  990. # add a protocol
  991. run_cmd ip neigh change $proxy $dstip dev "$devdummy" protocol boot
  992. run_cmd_grep "$dstip dev $devdummy .* proto boot" ip neigh show $proxy
  993. # protocol is retained when not provided
  994. run_cmd ip neigh change $proxy $dstip dev "$devdummy"
  995. run_cmd_grep "$dstip dev $devdummy .* proto boot" ip neigh show $proxy
  996. # change protocol
  997. run_cmd ip neigh change $proxy $dstip dev "$devdummy" protocol static
  998. run_cmd_grep "$dstip dev $devdummy .* proto static" ip neigh show $proxy
  999. # also check an extended flag for non-proxy neighs
  1000. if [ "$proxy" = "" ]; then
  1001. run_cmd ip neigh change $proxy $dstip dev "$devdummy" managed
  1002. run_cmd_grep "$dstip dev $devdummy managed" ip neigh show $proxy
  1003. run_cmd ip neigh change $proxy $dstip dev "$devdummy" lladdr $dstmac
  1004. run_cmd_grep_fail "$dstip dev $devdummy managed" ip neigh show $proxy
  1005. fi
  1006. run_cmd ip neigh del $proxy $dstip dev "$devdummy"
  1007. done
  1008. if [ $ret -ne 0 ];then
  1009. end_test "FAIL: neigh update"
  1010. return 1
  1011. fi
  1012. end_test "PASS: neigh update"
  1013. }
  1014. kci_test_bridge_parent_id()
  1015. {
  1016. local ret=0
  1017. sysfsnet=/sys/bus/netdevsim/devices/netdevsim
  1018. probed=false
  1019. if [ ! -w /sys/bus/netdevsim/new_device ] ; then
  1020. run_cmd modprobe -q netdevsim
  1021. if [ $ret -ne 0 ]; then
  1022. end_test "SKIP: bridge_parent_id can't load netdevsim"
  1023. return $ksft_skip
  1024. fi
  1025. probed=true
  1026. fi
  1027. echo "10 1" > /sys/bus/netdevsim/new_device
  1028. while [ ! -d ${sysfsnet}10 ] ; do :; done
  1029. echo "20 1" > /sys/bus/netdevsim/new_device
  1030. while [ ! -d ${sysfsnet}20 ] ; do :; done
  1031. udevadm settle
  1032. dev10=`ls ${sysfsnet}10/net/`
  1033. dev20=`ls ${sysfsnet}20/net/`
  1034. run_cmd ip link add name test-bond0 type bond mode 802.3ad
  1035. run_cmd ip link set dev $dev10 master test-bond0
  1036. run_cmd ip link set dev $dev20 master test-bond0
  1037. run_cmd ip link add name test-br0 type bridge
  1038. run_cmd ip link set dev test-bond0 master test-br0
  1039. # clean up any leftovers
  1040. ip link del dev test-br0
  1041. ip link del dev test-bond0
  1042. echo 20 > /sys/bus/netdevsim/del_device
  1043. echo 10 > /sys/bus/netdevsim/del_device
  1044. $probed && rmmod netdevsim
  1045. if [ $ret -ne 0 ]; then
  1046. end_test "FAIL: bridge_parent_id"
  1047. return 1
  1048. fi
  1049. end_test "PASS: bridge_parent_id"
  1050. }
  1051. address_get_proto()
  1052. {
  1053. local addr=$1; shift
  1054. ip -N -j address show dev "$devdummy" |
  1055. jq -e -r --arg addr "${addr%/*}" \
  1056. '.[].addr_info[] | select(.local == $addr) | .protocol'
  1057. }
  1058. address_count()
  1059. {
  1060. ip -N -j address show dev "$devdummy" "$@" |
  1061. jq -e -r '[.[].addr_info[] | .local | select(. != null)] | length'
  1062. }
  1063. do_test_address_proto()
  1064. {
  1065. local what=$1; shift
  1066. local addr=$1; shift
  1067. local addr2=${addr%/*}2/${addr#*/}
  1068. local addr3=${addr%/*}3/${addr#*/}
  1069. local proto
  1070. local count
  1071. local ret=0
  1072. local err
  1073. run_cmd_grep 'proto' ip address help
  1074. if [ $? -ne 0 ];then
  1075. end_test "SKIP: addr proto ${what}: iproute2 too old"
  1076. return $ksft_skip
  1077. fi
  1078. ip address add dev "$devdummy" "$addr3"
  1079. check_err $?
  1080. proto=$(address_get_proto "$addr3")
  1081. [[ "$proto" == null ]]
  1082. check_err $?
  1083. ip address add dev "$devdummy" "$addr2" proto 0x99
  1084. check_err $?
  1085. proto=$(address_get_proto "$addr2")
  1086. [[ "$proto" == 0x99 ]]
  1087. check_err $?
  1088. ip address add dev "$devdummy" "$addr" proto 0xab
  1089. check_err $?
  1090. proto=$(address_get_proto "$addr")
  1091. [[ "$proto" == 0xab ]]
  1092. check_err $?
  1093. ip address replace dev "$devdummy" "$addr" proto 0x11
  1094. proto=$(address_get_proto "$addr")
  1095. check_err $?
  1096. [[ "$proto" == 0x11 ]]
  1097. check_err $?
  1098. count=$(address_count)
  1099. check_err $?
  1100. (( count >= 3 )) # $addr, $addr2 and $addr3 plus any kernel addresses
  1101. check_err $?
  1102. count=$(address_count proto 0)
  1103. check_err $?
  1104. (( count == 1 )) # just $addr3
  1105. check_err $?
  1106. count=$(address_count proto 0x11)
  1107. check_err $?
  1108. (( count == 2 )) # $addr and $addr3
  1109. check_err $?
  1110. count=$(address_count proto 0xab)
  1111. check_err $?
  1112. (( count == 1 )) # just $addr3
  1113. check_err $?
  1114. ip address del dev "$devdummy" "$addr"
  1115. ip address del dev "$devdummy" "$addr2"
  1116. ip address del dev "$devdummy" "$addr3"
  1117. if [ $ret -ne 0 ]; then
  1118. end_test "FAIL: address proto $what"
  1119. return 1
  1120. fi
  1121. end_test "PASS: address proto $what"
  1122. }
  1123. kci_test_address_proto()
  1124. {
  1125. local ret=0
  1126. do_test_address_proto IPv4 192.0.2.1/28
  1127. check_err $?
  1128. do_test_address_proto IPv6 2001:db8:1::1/64
  1129. check_err $?
  1130. return $ret
  1131. }
  1132. kci_test_enslave_bonding()
  1133. {
  1134. local bond="bond123"
  1135. local ret=0
  1136. setup_ns testns
  1137. if [ $? -ne 0 ]; then
  1138. end_test "SKIP bonding tests: cannot add net namespace $testns"
  1139. return $ksft_skip
  1140. fi
  1141. run_cmd ip -netns $testns link add dev $bond type bond mode balance-rr
  1142. run_cmd ip -netns $testns link add dev $devdummy type dummy
  1143. run_cmd ip -netns $testns link set dev $devdummy up
  1144. run_cmd ip -netns $testns link set dev $devdummy master $bond down
  1145. if [ $ret -ne 0 ]; then
  1146. end_test "FAIL: initially up interface added to a bond and set down"
  1147. ip netns del "$testns"
  1148. return 1
  1149. fi
  1150. end_test "PASS: enslave interface in a bond"
  1151. ip netns del "$testns"
  1152. }
  1153. # Called to validate the addresses on $IFNAME:
  1154. #
  1155. # 1. Every `temporary` address must have a matching `mngtmpaddr`
  1156. # 2. Every `mngtmpaddr` address must have some un`deprecated` `temporary`
  1157. #
  1158. # If the mngtmpaddr or tempaddr checking failed, return 0 and stop slowwait
  1159. validate_mngtmpaddr()
  1160. {
  1161. local dev=$1
  1162. local prefix=""
  1163. local addr_list=$(ip -j -n $testns addr show dev ${dev})
  1164. local temp_addrs=$(echo ${addr_list} | \
  1165. jq -r '.[].addr_info[] | select(.temporary == true) | .local')
  1166. local mng_prefixes=$(echo ${addr_list} | \
  1167. jq -r '.[].addr_info[] | select(.mngtmpaddr == true) | .local' | \
  1168. cut -d: -f1-4 | tr '\n' ' ')
  1169. local undep_prefixes=$(echo ${addr_list} | \
  1170. jq -r '.[].addr_info[] | select(.temporary == true and .deprecated != true) | .local' | \
  1171. cut -d: -f1-4 | tr '\n' ' ')
  1172. # 1. All temporary addresses (temp and dep) must have a matching mngtmpaddr
  1173. for address in ${temp_addrs}; do
  1174. prefix=$(echo ${address} | cut -d: -f1-4)
  1175. if [[ ! " ${mng_prefixes} " =~ " $prefix " ]]; then
  1176. check_err 1 "FAIL: Temporary $address with no matching mngtmpaddr!";
  1177. return 0
  1178. fi
  1179. done
  1180. # 2. All mngtmpaddr addresses must have a temporary address (not dep)
  1181. for prefix in ${mng_prefixes}; do
  1182. if [[ ! " ${undep_prefixes} " =~ " $prefix " ]]; then
  1183. check_err 1 "FAIL: No undeprecated temporary in $prefix!";
  1184. return 0
  1185. fi
  1186. done
  1187. return 1
  1188. }
  1189. kci_test_mngtmpaddr()
  1190. {
  1191. local ret=0
  1192. setup_ns testns
  1193. if [ $? -ne 0 ]; then
  1194. end_test "SKIP mngtmpaddr tests: cannot add net namespace $testns"
  1195. return $ksft_skip
  1196. fi
  1197. # 1. Create a dummy Ethernet interface
  1198. run_cmd ip -n $testns link add ${devdummy} type dummy
  1199. run_cmd ip -n $testns link set ${devdummy} up
  1200. run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.use_tempaddr=1
  1201. run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.temp_prefered_lft=10
  1202. run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.temp_valid_lft=25
  1203. run_cmd ip netns exec $testns sysctl -w net.ipv6.conf.${devdummy}.max_desync_factor=1
  1204. # 2. Create several mngtmpaddr addresses on that interface.
  1205. # with temp_*_lft configured to be pretty short (10 and 35 seconds
  1206. # for prefer/valid respectively)
  1207. for i in $(seq 1 9); do
  1208. run_cmd ip -n $testns addr add 2001:db8:7e57:${i}::1/64 mngtmpaddr dev ${devdummy}
  1209. done
  1210. # 3. Confirm that a preferred temporary address exists for each mngtmpaddr
  1211. # address at all times, polling once per second for 30 seconds.
  1212. slowwait 30 validate_mngtmpaddr ${devdummy}
  1213. # 4. Delete each mngtmpaddr address, one at a time (alternating between
  1214. # deleting and merely un-mngtmpaddr-ing), and confirm that the other
  1215. # mngtmpaddr addresses still have preferred temporaries.
  1216. for i in $(seq 1 9); do
  1217. (( $i % 4 == 0 )) && mng_flag="mngtmpaddr" || mng_flag=""
  1218. if (( $i % 2 == 0 )); then
  1219. run_cmd ip -n $testns addr del 2001:db8:7e57:${i}::1/64 $mng_flag dev ${devdummy}
  1220. else
  1221. run_cmd ip -n $testns addr change 2001:db8:7e57:${i}::1/64 dev ${devdummy}
  1222. fi
  1223. # the temp addr should be deleted
  1224. validate_mngtmpaddr ${devdummy}
  1225. done
  1226. if [ $ret -ne 0 ]; then
  1227. end_test "FAIL: mngtmpaddr add/remove incorrect"
  1228. else
  1229. end_test "PASS: mngtmpaddr add/remove correctly"
  1230. fi
  1231. ip netns del "$testns"
  1232. return $ret
  1233. }
  1234. kci_test_operstate()
  1235. {
  1236. local ret=0
  1237. # Check that it is possible to set operational state during device
  1238. # creation and that it is preserved when the administrative state of
  1239. # the device is toggled.
  1240. run_cmd ip link add name vx0 up state up type vxlan id 10010 dstport 4789
  1241. run_cmd_grep "state UP" ip link show dev vx0
  1242. run_cmd ip link set dev vx0 down
  1243. run_cmd_grep "state DOWN" ip link show dev vx0
  1244. run_cmd ip link set dev vx0 up
  1245. run_cmd_grep "state UP" ip link show dev vx0
  1246. run_cmd ip link del dev vx0
  1247. # Check that it is possible to set the operational state of the device
  1248. # after creation.
  1249. run_cmd ip link add name vx0 up type vxlan id 10010 dstport 4789
  1250. run_cmd_grep "state UNKNOWN" ip link show dev vx0
  1251. run_cmd ip link set dev vx0 state up
  1252. run_cmd_grep "state UP" ip link show dev vx0
  1253. run_cmd ip link del dev vx0
  1254. if [ "$ret" -ne 0 ]; then
  1255. end_test "FAIL: operstate"
  1256. return 1
  1257. fi
  1258. end_test "PASS: operstate"
  1259. }
  1260. kci_test_rtnl()
  1261. {
  1262. local current_test
  1263. local ret=0
  1264. kci_add_dummy
  1265. if [ $ret -ne 0 ];then
  1266. end_test "FAIL: cannot add dummy interface"
  1267. return 1
  1268. fi
  1269. for current_test in ${TESTS:-$ALL_TESTS}; do
  1270. $current_test
  1271. check_err $?
  1272. done
  1273. kci_del_dummy
  1274. return $ret
  1275. }
  1276. usage()
  1277. {
  1278. cat <<EOF
  1279. usage: ${0##*/} OPTS
  1280. -t <test> Test(s) to run (default: all)
  1281. (options: $(echo $ALL_TESTS))
  1282. -v Verbose mode (show commands and output)
  1283. -P Pause after every test
  1284. -p Pause after every failing test before cleanup (for debugging)
  1285. EOF
  1286. }
  1287. require_command jq
  1288. #check for needed privileges
  1289. if [ "$(id -u)" -ne 0 ];then
  1290. end_test "SKIP: Need root privileges"
  1291. exit $ksft_skip
  1292. fi
  1293. for x in ip tc;do
  1294. $x -Version 2>/dev/null >/dev/null
  1295. if [ $? -ne 0 ];then
  1296. end_test "SKIP: Could not run test without the $x tool"
  1297. exit $ksft_skip
  1298. fi
  1299. done
  1300. while getopts t:hvpP o; do
  1301. case $o in
  1302. t) TESTS=$OPTARG;;
  1303. v) VERBOSE=1;;
  1304. p) PAUSE_ON_FAIL=yes;;
  1305. P) PAUSE=yes;;
  1306. h) usage; exit 0;;
  1307. *) usage; exit 1;;
  1308. esac
  1309. done
  1310. [ $PAUSE = "yes" ] && PAUSE_ON_FAIL="no"
  1311. kci_test_rtnl
  1312. exit $?