3 # This test is for checking rtnetlink callpaths, and get as much coverage as possible.
10 # Kselftest framework requirement - SKIP code is 4.
13 # set global exit status, but never reset nonzero one.
16 if [ $ret -eq 0 ]; then
21 # same but inverted -- used when command must fail for test to pass
31 ip link add name "$devdummy" type dummy
33 ip link set "$devdummy" up
39 ip link del dev "$devdummy"
48 ip netconf show dev "$dev" > /dev/null
52 ip -$f netconf show dev "$dev" > /dev/null
56 if [ $ret -ne 0 ] ;then
57 echo "FAIL: ip netconf show $dev"
58 test $r -eq 0 && ret=0
63 # add a bridge with vlans on top
67 vlandev="testbr-vlan1"
70 ip link add name "$devbr" type bridge
73 ip link set dev "$devdummy" master "$devbr"
76 ip link set "$devbr" up
79 ip link add link "$devbr" name "$vlandev" type vlan id 1
81 ip addr add dev "$vlandev" 10.200.7.23/30
83 ip -6 addr add dev "$vlandev" dead:42::1234/64
85 ip -d link > /dev/null
87 ip r s t all > /dev/null
90 for name in "$devbr" "$vlandev" "$devdummy" ; do
91 kci_test_netconf "$name"
94 ip -6 addr del dev "$vlandev" dead:42::1234/64
97 ip link del dev "$vlandev"
99 ip link del dev "$devbr"
102 if [ $ret -ne 0 ];then
103 echo "FAIL: bridge setup"
106 echo "PASS: bridge setup"
117 ip tunnel add $gredev mode gre remote $rem local $loc ttl 1
119 ip link set $gredev up
121 ip addr add 10.23.7.10 dev $gredev
123 ip route add 10.23.8.0/30 dev $gredev
125 ip addr add dev "$devdummy" 10.23.7.11/24
132 kci_test_netconf "$gredev"
134 ip addr del dev "$devdummy" 10.23.7.11/24
140 if [ $ret -ne 0 ];then
141 echo "FAIL: gre tunnel endpoint"
144 echo "PASS: gre tunnel endpoint"
147 # tc uses rtnetlink too, for full tc testing
148 # please see tools/testing/selftests/tc-testing.
154 tc qdisc add dev "$dev" root handle 1: htb
156 tc class add dev "$dev" parent 1: classid 1:10 htb rate 1mbit
158 tc filter add dev "$dev" parent 1:0 prio 5 handle ffe: protocol ip u32 divisor 256
160 tc filter add dev "$dev" parent 1:0 prio 5 handle ffd: protocol ip u32 divisor 256
162 tc filter add dev "$dev" parent 1:0 prio 5 handle ffc: protocol ip u32 divisor 256
164 tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 ht ffe:2: match ip src 10.0.0.3 flowid 1:10
166 tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:2 u32 ht ffe:2: match ip src 10.0.0.2 flowid 1:10
168 tc filter show dev "$dev" parent 1:0 > /dev/null
170 tc filter del dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32
172 tc filter show dev "$dev" parent 1:0 > /dev/null
174 tc qdisc del dev "$dev" root handle 1: htb
177 if [ $ret -ne 0 ];then
178 echo "FAIL: tc htb hierarchy"
181 echo "PASS: tc htb hierarchy"
185 kci_test_polrouting()
188 ip rule add fwmark 1 lookup 100
190 ip route add local 0.0.0.0/0 dev lo table 100
192 ip r s t all > /dev/null
194 ip rule del fwmark 1 lookup 100
196 ip route del local 0.0.0.0/0 dev lo table 100
199 if [ $ret -ne 0 ];then
200 echo "FAIL: policy route test"
203 echo "PASS: policy routing"
210 ip route get 127.0.0.1 > /dev/null
212 ip route get 127.0.0.1 dev "$devdummy" > /dev/null
214 ip route get ::1 > /dev/null
216 ip route get fe80::1 dev "$devdummy" > /dev/null
218 ip route get 127.0.0.1 from 127.0.0.1 oif lo tos 0x1 mark 0x1 > /dev/null
220 ip route get ::1 from ::1 iif lo oif lo tos 0x1 mark 0x1 > /dev/null
222 ip addr add dev "$devdummy" 10.23.7.11/24
224 ip route get 10.23.7.11 from 10.23.7.12 iif "$devdummy" > /dev/null
226 ip addr del dev "$devdummy" 10.23.7.11/24
229 if [ $ret -ne 0 ];then
230 echo "FAIL: route get"
234 echo "PASS: route get"
239 for i in $(seq 10 100) ;do
240 lft=$(((RANDOM%3) + 1))
241 ip addr add 10.23.11.$i/32 dev "$devdummy" preferred_lft $lft valid_lft $((lft+1))
247 ip addr show dev "$devdummy" | grep "10.23.11."
248 if [ $? -eq 0 ]; then
249 echo "FAIL: preferred_lft addresses remaining"
254 echo "PASS: preferred_lft addresses have expired"
261 ip addrlabel add prefix dead::/64 dev lo label 1
264 ip addrlabel list |grep -q "prefix dead::/64 dev lo label 1"
267 ip addrlabel del prefix dead::/64 dev lo label 1 2> /dev/null
270 ip addrlabel add prefix dead::/64 label 1 2> /dev/null
273 ip addrlabel del prefix dead::/64 label 1 2> /dev/null
276 # concurrent add/delete
277 for i in $(seq 1 1000); do
278 ip addrlabel add prefix 1c3::/64 label 12345 2>/dev/null
281 for i in $(seq 1 1000); do
282 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
287 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
289 if [ $ret -ne 0 ];then
290 echo "FAIL: ipv6 addrlabel"
294 echo "PASS: ipv6 addrlabel"
301 syspathname="/sys/class/net/$devdummy/ifalias"
303 ip link set dev "$devdummy" alias "$namewant"
306 if [ $ret -ne 0 ]; then
307 echo "FAIL: cannot set interface alias of $devdummy to $namewant"
311 ip link show "$devdummy" | grep -q "alias $namewant"
314 if [ -r "$syspathname" ] ; then
315 read namehave < "$syspathname"
316 if [ "$namewant" != "$namehave" ]; then
317 echo "FAIL: did set ifalias $namewant but got $namehave"
322 echo "$namewant" > "$syspathname"
323 ip link show "$devdummy" | grep -q "alias $namewant"
326 # sysfs interface allows to delete alias again
327 echo "" > "$syspathname"
329 ip link show "$devdummy" | grep -q "alias $namewant"
332 for i in $(seq 1 100); do
333 uuidgen > "$syspathname" &
338 # re-add the alias -- kernel should free mem when dummy dev is removed
339 ip link set dev "$devdummy" alias "$namewant"
343 if [ $ret -ne 0 ]; then
344 echo "FAIL: set interface alias $devdummy to $namewant"
348 echo "PASS: set ifalias $namewant for $devdummy"
356 ip link show type vrf 2>/dev/null
357 if [ $? -ne 0 ]; then
358 echo "SKIP: vrf: iproute2 too old"
362 ip link add "$vrfname" type vrf table 10
364 if [ $ret -ne 0 ];then
365 echo "FAIL: can't add vrf interface, skipping test"
369 ip -br link show type vrf | grep -q "$vrfname"
371 if [ $ret -ne 0 ];then
372 echo "FAIL: created vrf device not found"
376 ip link set dev "$vrfname" up
379 ip link set dev "$devdummy" master "$vrfname"
381 ip link del dev "$vrfname"
384 if [ $ret -ne 0 ];then
392 kci_test_encap_vxlan()
399 ip netns exec "$testns" ip link add "$vxlan" type vxlan id 42 group 239.1.1.1 \
400 dev "$devdummy" dstport 4789 2>/dev/null
401 if [ $? -ne 0 ]; then
402 echo "FAIL: can't add vxlan interface, skipping test"
407 ip netns exec "$testns" ip addr add 10.2.11.49/24 dev "$vxlan"
410 ip netns exec "$testns" ip link set up dev "$vxlan"
413 ip netns exec "$testns" ip link add link "$vxlan" name "$vlan" type vlan id 1
416 ip netns exec "$testns" ip link del "$vxlan"
419 if [ $ret -ne 0 ]; then
432 ip fou help 2>&1 |grep -q 'Usage: ip fou'
434 echo "SKIP: fou: iproute2 too old"
438 ip netns exec "$testns" ip fou add port 7777 ipproto 47 2>/dev/null
440 echo "FAIL: can't add fou port 7777, skipping test"
444 ip netns exec "$testns" ip fou add port 8888 ipproto 4
447 ip netns exec "$testns" ip fou del port 9999 2>/dev/null
450 ip netns exec "$testns" ip fou del port 7777
453 if [ $ret -ne 0 ]; then
461 # test various encap methods, use netns to avoid unwanted interference
467 ip netns add "$testns"
468 if [ $? -ne 0 ]; then
469 echo "SKIP encap tests: cannot add net namespace $testns"
473 ip netns exec "$testns" ip link set lo up
476 ip netns exec "$testns" ip link add name "$devdummy" type dummy
478 ip netns exec "$testns" ip link set "$devdummy" up
481 kci_test_encap_vxlan "$testns"
482 kci_test_encap_fou "$testns"
484 ip netns del "$testns"
489 msname="test_macsec0"
492 ip macsec help 2>&1 | grep -q "^Usage: ip macsec"
493 if [ $? -ne 0 ]; then
494 echo "SKIP: macsec: iproute2 too old"
498 ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on
500 if [ $ret -ne 0 ];then
501 echo "FAIL: can't add macsec interface, skipping test"
505 ip macsec add "$msname" tx sa 0 pn 1024 on key 01 12345678901234567890123456789012
508 ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef"
511 ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" sa 0 pn 1 on key 00 0123456789abcdef0123456789abcdef
514 ip macsec show > /dev/null
517 ip link del dev "$msname"
520 if [ $ret -ne 0 ];then
528 #-------------------------------------------------------------------
530 # ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \
531 # spi 0x07 mode transport reqid 0x07 replay-window 32 \
532 # aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \
533 # sel src 14.0.0.52/24 dst 14.0.0.70/24
534 # ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \
535 # tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \
536 # spi 0x07 mode transport reqid 0x07
538 # Subcommands not tested
545 #-------------------------------------------------------------------
549 algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128"
554 ip addr add $srcip dev $devdummy
556 # flush to be sure there's nothing configured
557 ip x s flush ; ip x p flush
560 # start the monitor in the background
561 tmpfile=`mktemp /var/run/ipsectestXXX`
562 mpid=`(ip x m > $tmpfile & echo $!) 2>/dev/null`
565 ipsecid="proto esp src $srcip dst $dstip spi 0x07"
566 ip x s add $ipsecid \
567 mode transport reqid 0x07 replay-window 32 \
568 $algo sel src $srcip/24 dst $dstip/24
571 lines=`ip x s list | grep $srcip | grep $dstip | wc -l`
575 ip x s count | grep -q "SAD count 1"
578 lines=`ip x s get $ipsecid | grep $srcip | grep $dstip | wc -l`
582 ip x s delete $ipsecid
585 lines=`ip x s list | wc -l`
589 ipsecsel="dir out src $srcip/24 dst $dstip/24"
590 ip x p add $ipsecsel \
591 tmpl proto esp src $srcip dst $dstip \
592 spi 0x07 mode transport reqid 0x07
595 lines=`ip x p list | grep $srcip | grep $dstip | wc -l`
599 ip x p count | grep -q "SPD IN 0 OUT 1 FWD 0"
602 lines=`ip x p get $ipsecsel | grep $srcip | grep $dstip | wc -l`
606 ip x p delete $ipsecsel
609 lines=`ip x p list | wc -l`
613 # check the monitor results
615 lines=`wc -l $tmpfile | cut "-d " -f1`
620 # clean up any leftovers
625 ip addr del $srcip/32 dev $devdummy
627 if [ $ret -ne 0 ]; then
634 #-------------------------------------------------------------------
636 # ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \
637 # spi 0x07 mode transport reqid 0x07 replay-window 32 \
638 # aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \
639 # sel src 14.0.0.52/24 dst 14.0.0.70/24
640 # offload dev sim1 dir out
641 # ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \
642 # tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \
643 # spi 0x07 mode transport reqid 0x07
645 #-------------------------------------------------------------------
646 kci_test_ipsec_offload()
649 algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128"
653 sysfsd=/sys/kernel/debug/netdevsim/$dev
656 # setup netdevsim since dummydev doesn't have offload support
659 if [ $ret -ne 0 ]; then
660 echo "FAIL: ipsec_offload can't load netdevsim"
664 ip link add $dev type netdevsim
665 ip addr add $srcip dev $dev
667 if [ ! -d $sysfsd ] ; then
668 echo "FAIL: ipsec_offload can't create device $dev"
671 if [ ! -f $sysfsf ] ; then
672 echo "FAIL: ipsec_offload netdevsim doesn't support IPsec offload"
676 # flush to be sure there's nothing configured
677 ip x s flush ; ip x p flush
679 # create offloaded SAs, both in and out
680 ip x p add dir out src $srcip/24 dst $dstip/24 \
681 tmpl proto esp src $srcip dst $dstip spi 9 \
682 mode transport reqid 42
684 ip x p add dir out src $dstip/24 dst $srcip/24 \
685 tmpl proto esp src $dstip dst $srcip spi 9 \
686 mode transport reqid 42
689 ip x s add proto esp src $srcip dst $dstip spi 9 \
690 mode transport reqid 42 $algo sel src $srcip/24 dst $dstip/24 \
691 offload dev $dev dir out
693 ip x s add proto esp src $dstip dst $srcip spi 9 \
694 mode transport reqid 42 $algo sel src $dstip/24 dst $srcip/24 \
695 offload dev $dev dir in
697 if [ $ret -ne 0 ]; then
698 echo "FAIL: ipsec_offload can't create SA"
702 # does offload show up in ip output
703 lines=`ip x s list | grep -c "crypto offload parameters: dev $dev dir"`
704 if [ $lines -ne 2 ] ; then
705 echo "FAIL: ipsec_offload SA offload missing from list output"
709 # use ping to exercise the Tx path
710 ping -I $dev -c 3 -W 1 -i 0 $dstip >/dev/null
712 # does driver have correct offload info
713 diff $sysfsf - << EOF
715 sa[0] tx ipaddr=0x00000000 00000000 00000000 00000000
716 sa[0] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1
717 sa[0] key=0x34333231 38373635 32313039 36353433
718 sa[1] rx ipaddr=0x00000000 00000000 00000000 037ba8c0
719 sa[1] spi=0x00000009 proto=0x32 salt=0x61626364 crypt=1
720 sa[1] key=0x34333231 38373635 32313039 36353433
722 if [ $? -ne 0 ] ; then
723 echo "FAIL: ipsec_offload incorrect driver data"
727 # does offload get removed from driver
730 lines=`grep -c "SA count=0" $sysfsf`
731 if [ $lines -ne 1 ] ; then
732 echo "FAIL: ipsec_offload SA not removed from driver"
736 # clean up any leftovers
740 if [ $ret -ne 0 ]; then
741 echo "FAIL: ipsec_offload"
744 echo "PASS: ipsec_offload"
753 ip netns add "$testns"
754 if [ $? -ne 0 ]; then
755 echo "SKIP gretap tests: cannot add net namespace $testns"
759 ip link help gretap 2>&1 | grep -q "^Usage:"
761 echo "SKIP: gretap: iproute2 too old"
762 ip netns del "$testns"
767 ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap seq \
768 key 102 local 172.16.1.100 remote 172.16.1.200
771 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
774 ip netns exec "$testns" ip link set dev $DEV_NS up
777 ip netns exec "$testns" ip link del "$DEV_NS"
781 ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap external
784 ip netns exec "$testns" ip link del "$DEV_NS"
787 if [ $ret -ne 0 ]; then
789 ip netns del "$testns"
794 ip netns del "$testns"
803 ip netns add "$testns"
804 if [ $? -ne 0 ]; then
805 echo "SKIP ip6gretap tests: cannot add net namespace $testns"
809 ip link help ip6gretap 2>&1 | grep -q "^Usage:"
811 echo "SKIP: ip6gretap: iproute2 too old"
812 ip netns del "$testns"
817 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap seq \
818 key 102 local fc00:100::1 remote fc00:100::2
821 ip netns exec "$testns" ip addr add dev "$DEV_NS" fc00:200::1/96
824 ip netns exec "$testns" ip link set dev $DEV_NS up
827 ip netns exec "$testns" ip link del "$DEV_NS"
831 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap external
834 ip netns exec "$testns" ip link del "$DEV_NS"
837 if [ $ret -ne 0 ]; then
838 echo "FAIL: ip6gretap"
839 ip netns del "$testns"
842 echo "PASS: ip6gretap"
844 ip netns del "$testns"
853 ip link help erspan 2>&1 | grep -q "^Usage:"
855 echo "SKIP: erspan: iproute2 too old"
859 ip netns add "$testns"
860 if [ $? -ne 0 ]; then
861 echo "SKIP erspan tests: cannot add net namespace $testns"
865 # test native tunnel erspan v1
866 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \
867 key 102 local 172.16.1.100 remote 172.16.1.200 \
868 erspan_ver 1 erspan 488
871 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
874 ip netns exec "$testns" ip link set dev $DEV_NS up
877 ip netns exec "$testns" ip link del "$DEV_NS"
880 # test native tunnel erspan v2
881 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \
882 key 102 local 172.16.1.100 remote 172.16.1.200 \
883 erspan_ver 2 erspan_dir ingress erspan_hwid 7
886 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
889 ip netns exec "$testns" ip link set dev $DEV_NS up
892 ip netns exec "$testns" ip link del "$DEV_NS"
896 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan external
899 ip netns exec "$testns" ip link del "$DEV_NS"
902 if [ $ret -ne 0 ]; then
904 ip netns del "$testns"
909 ip netns del "$testns"
918 ip link help ip6erspan 2>&1 | grep -q "^Usage:"
920 echo "SKIP: ip6erspan: iproute2 too old"
924 ip netns add "$testns"
925 if [ $? -ne 0 ]; then
926 echo "SKIP ip6erspan tests: cannot add net namespace $testns"
930 # test native tunnel ip6erspan v1
931 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \
932 key 102 local fc00:100::1 remote fc00:100::2 \
933 erspan_ver 1 erspan 488
936 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
939 ip netns exec "$testns" ip link set dev $DEV_NS up
942 ip netns exec "$testns" ip link del "$DEV_NS"
945 # test native tunnel ip6erspan v2
946 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \
947 key 102 local fc00:100::1 remote fc00:100::2 \
948 erspan_ver 2 erspan_dir ingress erspan_hwid 7
951 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
954 ip netns exec "$testns" ip link set dev $DEV_NS up
957 ip netns exec "$testns" ip link del "$DEV_NS"
961 ip netns exec "$testns" ip link add dev "$DEV_NS" \
962 type ip6erspan external
965 ip netns exec "$testns" ip link del "$DEV_NS"
968 if [ $ret -ne 0 ]; then
969 echo "FAIL: ip6erspan"
970 ip netns del "$testns"
973 echo "PASS: ip6erspan"
975 ip netns del "$testns"
981 if [ $ret -ne 0 ];then
982 echo "FAIL: cannot add dummy interface"
1002 kci_test_ipsec_offload
1007 #check for needed privileges
1008 if [ "$(id -u)" -ne 0 ];then
1009 echo "SKIP: Need root privileges"
1014 $x -Version 2>/dev/null >/dev/null
1015 if [ $? -ne 0 ];then
1016 echo "SKIP: Could not run test without the $x tool"