1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# End-to-end eBPF tunnel test suite
5#   The script tests BPF network tunnel implementation.
6#
7# Topology:
8# ---------
9#     root namespace   |     at_ns0 namespace
10#                      |
11#      -----------     |     -----------
12#      | tnl dev |     |     | tnl dev |  (overlay network)
13#      -----------     |     -----------
14#      metadata-mode   |     native-mode
15#       with bpf       |
16#                      |
17#      ----------      |     ----------
18#      |  veth1  | --------- |  veth0  |  (underlay network)
19#      ----------    peer    ----------
20#
21#
22# Device Configuration
23# --------------------
24# Root namespace with metadata-mode tunnel + BPF
25# Device names and addresses:
26# 	veth1 IP: 172.16.1.200, IPv6: 00::22 (underlay)
27# 	tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200, IPv6: 1::22 (overlay)
28#
29# Namespace at_ns0 with native tunnel
30# Device names and addresses:
31# 	veth0 IPv4: 172.16.1.100, IPv6: 00::11 (underlay)
32# 	tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100, IPv6: 1::11 (overlay)
33#
34#
35# End-to-end ping packet flow
36# ---------------------------
37# Most of the tests start by namespace creation, device configuration,
38# then ping the underlay and overlay network.  When doing 'ping 10.1.1.100'
39# from root namespace, the following operations happen:
40# 1) Route lookup shows 10.1.1.100/24 belongs to tnl dev, fwd to tnl dev.
41# 2) Tnl device's egress BPF program is triggered and set the tunnel metadata,
42#    with remote_ip=172.16.1.100 and others.
43# 3) Outer tunnel header is prepended and route the packet to veth1's egress
44# 4) veth0's ingress queue receive the tunneled packet at namespace at_ns0
45# 5) Tunnel protocol handler, ex: vxlan_rcv, decap the packet
46# 6) Forward the packet to the overlay tnl dev
47
48BPF_FILE="test_tunnel_kern.bpf.o"
49BPF_PIN_TUNNEL_DIR="/sys/fs/bpf/tc/tunnel"
50PING_ARG="-c 3 -w 10 -q"
51ret=0
52GREEN='\033[0;92m'
53RED='\033[0;31m'
54NC='\033[0m' # No Color
55
56config_device()
57{
58	ip netns add at_ns0
59	ip link add veth0 type veth peer name veth1
60	ip link set veth0 netns at_ns0
61	ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
62	ip netns exec at_ns0 ip link set dev veth0 up
63	ip link set dev veth1 up mtu 1500
64	ip addr add dev veth1 172.16.1.200/24
65}
66
67add_gre_tunnel()
68{
69	tun_key=
70	if [ -n "$1" ]; then
71		tun_key="key $1"
72	fi
73
74	# at_ns0 namespace
75	ip netns exec at_ns0 \
76        ip link add dev $DEV_NS type $TYPE seq $tun_key \
77		local 172.16.1.100 remote 172.16.1.200
78	ip netns exec at_ns0 ip link set dev $DEV_NS up
79	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
80
81	# root namespace
82	ip link add dev $DEV type $TYPE $tun_key external
83	ip link set dev $DEV up
84	ip addr add dev $DEV 10.1.1.200/24
85}
86
87add_ip6gretap_tunnel()
88{
89
90	# assign ipv6 address
91	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
92	ip netns exec at_ns0 ip link set dev veth0 up
93	ip addr add dev veth1 ::22/96
94	ip link set dev veth1 up
95
96	# at_ns0 namespace
97	ip netns exec at_ns0 \
98		ip link add dev $DEV_NS type $TYPE seq flowlabel 0xbcdef key 2 \
99		local ::11 remote ::22
100
101	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
102	ip netns exec at_ns0 ip addr add dev $DEV_NS fc80::100/96
103	ip netns exec at_ns0 ip link set dev $DEV_NS up
104
105	# root namespace
106	ip link add dev $DEV type $TYPE external
107	ip addr add dev $DEV 10.1.1.200/24
108	ip addr add dev $DEV fc80::200/24
109	ip link set dev $DEV up
110}
111
112add_erspan_tunnel()
113{
114	# at_ns0 namespace
115	if [ "$1" == "v1" ]; then
116		ip netns exec at_ns0 \
117		ip link add dev $DEV_NS type $TYPE seq key 2 \
118		local 172.16.1.100 remote 172.16.1.200 \
119		erspan_ver 1 erspan 123
120	else
121		ip netns exec at_ns0 \
122		ip link add dev $DEV_NS type $TYPE seq key 2 \
123		local 172.16.1.100 remote 172.16.1.200 \
124		erspan_ver 2 erspan_dir egress erspan_hwid 3
125	fi
126	ip netns exec at_ns0 ip link set dev $DEV_NS up
127	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
128
129	# root namespace
130	ip link add dev $DEV type $TYPE external
131	ip link set dev $DEV up
132	ip addr add dev $DEV 10.1.1.200/24
133}
134
135add_ip6erspan_tunnel()
136{
137
138	# assign ipv6 address
139	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
140	ip netns exec at_ns0 ip link set dev veth0 up
141	ip addr add dev veth1 ::22/96
142	ip link set dev veth1 up
143
144	# at_ns0 namespace
145	if [ "$1" == "v1" ]; then
146		ip netns exec at_ns0 \
147		ip link add dev $DEV_NS type $TYPE seq key 2 \
148		local ::11 remote ::22 \
149		erspan_ver 1 erspan 123
150	else
151		ip netns exec at_ns0 \
152		ip link add dev $DEV_NS type $TYPE seq key 2 \
153		local ::11 remote ::22 \
154		erspan_ver 2 erspan_dir egress erspan_hwid 7
155	fi
156	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
157	ip netns exec at_ns0 ip link set dev $DEV_NS up
158
159	# root namespace
160	ip link add dev $DEV type $TYPE external
161	ip addr add dev $DEV 10.1.1.200/24
162	ip link set dev $DEV up
163}
164
165add_geneve_tunnel()
166{
167	# at_ns0 namespace
168	ip netns exec at_ns0 \
169		ip link add dev $DEV_NS type $TYPE \
170		id 2 dstport 6081 remote 172.16.1.200
171	ip netns exec at_ns0 ip link set dev $DEV_NS up
172	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
173
174	# root namespace
175	ip link add dev $DEV type $TYPE dstport 6081 external
176	ip link set dev $DEV up
177	ip addr add dev $DEV 10.1.1.200/24
178}
179
180add_ip6geneve_tunnel()
181{
182	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
183	ip netns exec at_ns0 ip link set dev veth0 up
184	ip addr add dev veth1 ::22/96
185	ip link set dev veth1 up
186
187	# at_ns0 namespace
188	ip netns exec at_ns0 \
189		ip link add dev $DEV_NS type $TYPE id 22 \
190		remote ::22     # geneve has no local option
191	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
192	ip netns exec at_ns0 ip link set dev $DEV_NS up
193
194	# root namespace
195	ip link add dev $DEV type $TYPE external
196	ip addr add dev $DEV 10.1.1.200/24
197	ip link set dev $DEV up
198}
199
200add_ipip_tunnel()
201{
202	# at_ns0 namespace
203	ip netns exec at_ns0 \
204		ip link add dev $DEV_NS type $TYPE \
205		local 172.16.1.100 remote 172.16.1.200
206	ip netns exec at_ns0 ip link set dev $DEV_NS up
207	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
208
209	# root namespace
210	ip link add dev $DEV type $TYPE external
211	ip link set dev $DEV up
212	ip addr add dev $DEV 10.1.1.200/24
213}
214
215add_ip6tnl_tunnel()
216{
217	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
218	ip netns exec at_ns0 ip link set dev veth0 up
219	ip addr add dev veth1 ::22/96
220	ip link set dev veth1 up
221
222	# at_ns0 namespace
223	ip netns exec at_ns0 \
224		ip link add dev $DEV_NS type $TYPE \
225		local ::11 remote ::22
226	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
227	ip netns exec at_ns0 ip addr add dev $DEV_NS 1::11/96
228	ip netns exec at_ns0 ip link set dev $DEV_NS up
229
230	# root namespace
231	ip link add dev $DEV type $TYPE external
232	ip addr add dev $DEV 10.1.1.200/24
233	ip addr add dev $DEV 1::22/96
234	ip link set dev $DEV up
235}
236
237test_gre()
238{
239	TYPE=gretap
240	DEV_NS=gretap00
241	DEV=gretap11
242	ret=0
243
244	check $TYPE
245	config_device
246	add_gre_tunnel 2
247	attach_bpf $DEV gre_set_tunnel gre_get_tunnel
248	ping $PING_ARG 10.1.1.100
249	check_err $?
250	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
251	check_err $?
252	cleanup
253
254        if [ $ret -ne 0 ]; then
255                echo -e ${RED}"FAIL: $TYPE"${NC}
256                return 1
257        fi
258        echo -e ${GREEN}"PASS: $TYPE"${NC}
259}
260
261test_gre_no_tunnel_key()
262{
263	TYPE=gre
264	DEV_NS=gre00
265	DEV=gre11
266	ret=0
267
268	check $TYPE
269	config_device
270	add_gre_tunnel
271	attach_bpf $DEV gre_set_tunnel_no_key gre_get_tunnel
272	ping $PING_ARG 10.1.1.100
273	check_err $?
274	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
275	check_err $?
276	cleanup
277
278        if [ $ret -ne 0 ]; then
279                echo -e ${RED}"FAIL: $TYPE"${NC}
280                return 1
281        fi
282        echo -e ${GREEN}"PASS: $TYPE"${NC}
283}
284
285test_ip6gre()
286{
287	TYPE=ip6gre
288	DEV_NS=ip6gre00
289	DEV=ip6gre11
290	ret=0
291
292	check $TYPE
293	config_device
294	# reuse the ip6gretap function
295	add_ip6gretap_tunnel
296	attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
297	# underlay
298	ping6 $PING_ARG ::11
299	# overlay: ipv4 over ipv6
300	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
301	ping $PING_ARG 10.1.1.100
302	check_err $?
303	# overlay: ipv6 over ipv6
304	ip netns exec at_ns0 ping6 $PING_ARG fc80::200
305	check_err $?
306	cleanup
307
308        if [ $ret -ne 0 ]; then
309                echo -e ${RED}"FAIL: $TYPE"${NC}
310                return 1
311        fi
312        echo -e ${GREEN}"PASS: $TYPE"${NC}
313}
314
315test_ip6gretap()
316{
317	TYPE=ip6gretap
318	DEV_NS=ip6gretap00
319	DEV=ip6gretap11
320	ret=0
321
322	check $TYPE
323	config_device
324	add_ip6gretap_tunnel
325	attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
326	# underlay
327	ping6 $PING_ARG ::11
328	# overlay: ipv4 over ipv6
329	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
330	ping $PING_ARG 10.1.1.100
331	check_err $?
332	# overlay: ipv6 over ipv6
333	ip netns exec at_ns0 ping6 $PING_ARG fc80::200
334	check_err $?
335	cleanup
336
337	if [ $ret -ne 0 ]; then
338                echo -e ${RED}"FAIL: $TYPE"${NC}
339                return 1
340        fi
341        echo -e ${GREEN}"PASS: $TYPE"${NC}
342}
343
344test_erspan()
345{
346	TYPE=erspan
347	DEV_NS=erspan00
348	DEV=erspan11
349	ret=0
350
351	check $TYPE
352	config_device
353	add_erspan_tunnel $1
354	attach_bpf $DEV erspan_set_tunnel erspan_get_tunnel
355	ping $PING_ARG 10.1.1.100
356	check_err $?
357	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
358	check_err $?
359	cleanup
360
361	if [ $ret -ne 0 ]; then
362                echo -e ${RED}"FAIL: $TYPE"${NC}
363                return 1
364        fi
365        echo -e ${GREEN}"PASS: $TYPE"${NC}
366}
367
368test_ip6erspan()
369{
370	TYPE=ip6erspan
371	DEV_NS=ip6erspan00
372	DEV=ip6erspan11
373	ret=0
374
375	check $TYPE
376	config_device
377	add_ip6erspan_tunnel $1
378	attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel
379	ping6 $PING_ARG ::11
380	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
381	check_err $?
382	cleanup
383
384	if [ $ret -ne 0 ]; then
385                echo -e ${RED}"FAIL: $TYPE"${NC}
386                return 1
387        fi
388        echo -e ${GREEN}"PASS: $TYPE"${NC}
389}
390
391test_geneve()
392{
393	TYPE=geneve
394	DEV_NS=geneve00
395	DEV=geneve11
396	ret=0
397
398	check $TYPE
399	config_device
400	add_geneve_tunnel
401	attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
402	ping $PING_ARG 10.1.1.100
403	check_err $?
404	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
405	check_err $?
406	cleanup
407
408	if [ $ret -ne 0 ]; then
409                echo -e ${RED}"FAIL: $TYPE"${NC}
410                return 1
411        fi
412        echo -e ${GREEN}"PASS: $TYPE"${NC}
413}
414
415test_ip6geneve()
416{
417	TYPE=geneve
418	DEV_NS=ip6geneve00
419	DEV=ip6geneve11
420	ret=0
421
422	check $TYPE
423	config_device
424	add_ip6geneve_tunnel
425	attach_bpf $DEV ip6geneve_set_tunnel ip6geneve_get_tunnel
426	ping $PING_ARG 10.1.1.100
427	check_err $?
428	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
429	check_err $?
430	cleanup
431
432	if [ $ret -ne 0 ]; then
433                echo -e ${RED}"FAIL: ip6$TYPE"${NC}
434                return 1
435        fi
436        echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
437}
438
439test_ipip()
440{
441	TYPE=ipip
442	DEV_NS=ipip00
443	DEV=ipip11
444	ret=0
445
446	check $TYPE
447	config_device
448	add_ipip_tunnel
449	ip link set dev veth1 mtu 1500
450	attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
451	ping $PING_ARG 10.1.1.100
452	check_err $?
453	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
454	check_err $?
455	cleanup
456
457	if [ $ret -ne 0 ]; then
458                echo -e ${RED}"FAIL: $TYPE"${NC}
459                return 1
460        fi
461        echo -e ${GREEN}"PASS: $TYPE"${NC}
462}
463
464test_ipip6()
465{
466	TYPE=ip6tnl
467	DEV_NS=ipip6tnl00
468	DEV=ipip6tnl11
469	ret=0
470
471	check $TYPE
472	config_device
473	add_ip6tnl_tunnel
474	ip link set dev veth1 mtu 1500
475	attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
476	# underlay
477	ping6 $PING_ARG ::11
478	# ip4 over ip6
479	ping $PING_ARG 10.1.1.100
480	check_err $?
481	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
482	check_err $?
483	cleanup
484
485	if [ $ret -ne 0 ]; then
486                echo -e ${RED}"FAIL: $TYPE"${NC}
487                return 1
488        fi
489        echo -e ${GREEN}"PASS: $TYPE"${NC}
490}
491
492test_ip6ip6()
493{
494	TYPE=ip6tnl
495	DEV_NS=ip6ip6tnl00
496	DEV=ip6ip6tnl11
497	ret=0
498
499	check $TYPE
500	config_device
501	add_ip6tnl_tunnel
502	ip link set dev veth1 mtu 1500
503	attach_bpf $DEV ip6ip6_set_tunnel ip6ip6_get_tunnel
504	# underlay
505	ping6 $PING_ARG ::11
506	# ip6 over ip6
507	ping6 $PING_ARG 1::11
508	check_err $?
509	ip netns exec at_ns0 ping6 $PING_ARG 1::22
510	check_err $?
511	cleanup
512
513	if [ $ret -ne 0 ]; then
514                echo -e ${RED}"FAIL: ip6$TYPE"${NC}
515                return 1
516        fi
517        echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
518}
519
520setup_xfrm_tunnel()
521{
522	auth=0x$(printf '1%.0s' {1..40})
523	enc=0x$(printf '2%.0s' {1..32})
524	spi_in_to_out=0x1
525	spi_out_to_in=0x2
526	# at_ns0 namespace
527	# at_ns0 -> root
528	ip netns exec at_ns0 \
529		ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \
530			spi $spi_in_to_out reqid 1 mode tunnel \
531			auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
532	ip netns exec at_ns0 \
533		ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir out \
534		tmpl src 172.16.1.100 dst 172.16.1.200 proto esp reqid 1 \
535		mode tunnel
536	# root -> at_ns0
537	ip netns exec at_ns0 \
538		ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \
539			spi $spi_out_to_in reqid 2 mode tunnel \
540			auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
541	ip netns exec at_ns0 \
542		ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir in \
543		tmpl src 172.16.1.200 dst 172.16.1.100 proto esp reqid 2 \
544		mode tunnel
545	# address & route
546	ip netns exec at_ns0 \
547		ip addr add dev veth0 10.1.1.100/32
548	ip netns exec at_ns0 \
549		ip route add 10.1.1.200 dev veth0 via 172.16.1.200 \
550			src 10.1.1.100
551
552	# root namespace
553	# at_ns0 -> root
554	ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \
555		spi $spi_in_to_out reqid 1 mode tunnel \
556		auth-trunc 'hmac(sha1)' $auth 96  enc 'cbc(aes)' $enc
557	ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir in \
558		tmpl src 172.16.1.100 dst 172.16.1.200 proto esp reqid 1 \
559		mode tunnel
560	# root -> at_ns0
561	ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \
562		spi $spi_out_to_in reqid 2 mode tunnel \
563		auth-trunc 'hmac(sha1)' $auth 96  enc 'cbc(aes)' $enc
564	ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir out \
565		tmpl src 172.16.1.200 dst 172.16.1.100 proto esp reqid 2 \
566		mode tunnel
567	# address & route
568	ip addr add dev veth1 10.1.1.200/32
569	ip route add 10.1.1.100 dev veth1 via 172.16.1.100 src 10.1.1.200
570}
571
572test_xfrm_tunnel()
573{
574	config_device
575	> /sys/kernel/debug/tracing/trace
576	setup_xfrm_tunnel
577	mkdir -p ${BPF_PIN_TUNNEL_DIR}
578	bpftool prog loadall ${BPF_FILE} ${BPF_PIN_TUNNEL_DIR}
579	tc qdisc add dev veth1 clsact
580	tc filter add dev veth1 proto ip ingress bpf da object-pinned \
581		${BPF_PIN_TUNNEL_DIR}/xfrm_get_state
582	ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
583	sleep 1
584	grep "reqid 1" /sys/kernel/debug/tracing/trace
585	check_err $?
586	grep "spi 0x1" /sys/kernel/debug/tracing/trace
587	check_err $?
588	grep "remote ip 0xac100164" /sys/kernel/debug/tracing/trace
589	check_err $?
590	cleanup
591
592	if [ $ret -ne 0 ]; then
593		echo -e ${RED}"FAIL: xfrm tunnel"${NC}
594		return 1
595	fi
596	echo -e ${GREEN}"PASS: xfrm tunnel"${NC}
597}
598
599attach_bpf()
600{
601	DEV=$1
602	SET=$2
603	GET=$3
604	mkdir -p ${BPF_PIN_TUNNEL_DIR}
605	bpftool prog loadall ${BPF_FILE} ${BPF_PIN_TUNNEL_DIR}/
606	tc qdisc add dev $DEV clsact
607	tc filter add dev $DEV egress bpf da object-pinned ${BPF_PIN_TUNNEL_DIR}/$SET
608	tc filter add dev $DEV ingress bpf da object-pinned ${BPF_PIN_TUNNEL_DIR}/$GET
609}
610
611cleanup()
612{
613        rm -rf ${BPF_PIN_TUNNEL_DIR}
614
615	ip netns delete at_ns0 2> /dev/null
616	ip link del veth1 2> /dev/null
617	ip link del ipip11 2> /dev/null
618	ip link del ipip6tnl11 2> /dev/null
619	ip link del ip6ip6tnl11 2> /dev/null
620	ip link del gretap11 2> /dev/null
621	ip link del gre11 2> /dev/null
622	ip link del ip6gre11 2> /dev/null
623	ip link del ip6gretap11 2> /dev/null
624	ip link del geneve11 2> /dev/null
625	ip link del ip6geneve11 2> /dev/null
626	ip link del erspan11 2> /dev/null
627	ip link del ip6erspan11 2> /dev/null
628	ip xfrm policy delete dir out src 10.1.1.200/32 dst 10.1.1.100/32 2> /dev/null
629	ip xfrm policy delete dir in src 10.1.1.100/32 dst 10.1.1.200/32 2> /dev/null
630	ip xfrm state delete src 172.16.1.100 dst 172.16.1.200 proto esp spi 0x1 2> /dev/null
631	ip xfrm state delete src 172.16.1.200 dst 172.16.1.100 proto esp spi 0x2 2> /dev/null
632}
633
634cleanup_exit()
635{
636	echo "CATCH SIGKILL or SIGINT, cleanup and exit"
637	cleanup
638	exit 0
639}
640
641check()
642{
643	ip link help 2>&1 | grep -q "\s$1\s"
644	if [ $? -ne 0 ];then
645		echo "SKIP $1: iproute2 not support"
646	cleanup
647	return 1
648	fi
649}
650
651enable_debug()
652{
653	echo 'file ip_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
654	echo 'file ip6_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
655	echo 'file geneve.c +p' > /sys/kernel/debug/dynamic_debug/control
656	echo 'file ipip.c +p' > /sys/kernel/debug/dynamic_debug/control
657}
658
659check_err()
660{
661	if [ $ret -eq 0 ]; then
662		ret=$1
663	fi
664}
665
666bpf_tunnel_test()
667{
668	local errors=0
669
670	echo "Testing GRE tunnel..."
671	test_gre
672	errors=$(( $errors + $? ))
673
674	echo "Testing GRE tunnel (without tunnel keys)..."
675	test_gre_no_tunnel_key
676	errors=$(( $errors + $? ))
677
678	echo "Testing IP6GRE tunnel..."
679	test_ip6gre
680	errors=$(( $errors + $? ))
681
682	echo "Testing IP6GRETAP tunnel..."
683	test_ip6gretap
684	errors=$(( $errors + $? ))
685
686	echo "Testing ERSPAN tunnel..."
687	test_erspan v2
688	errors=$(( $errors + $? ))
689
690	echo "Testing IP6ERSPAN tunnel..."
691	test_ip6erspan v2
692	errors=$(( $errors + $? ))
693
694	echo "Testing GENEVE tunnel..."
695	test_geneve
696	errors=$(( $errors + $? ))
697
698	echo "Testing IP6GENEVE tunnel..."
699	test_ip6geneve
700	errors=$(( $errors + $? ))
701
702	echo "Testing IPIP tunnel..."
703	test_ipip
704	errors=$(( $errors + $? ))
705
706	echo "Testing IPIP6 tunnel..."
707	test_ipip6
708	errors=$(( $errors + $? ))
709
710	echo "Testing IP6IP6 tunnel..."
711	test_ip6ip6
712	errors=$(( $errors + $? ))
713
714	echo "Testing IPSec tunnel..."
715	test_xfrm_tunnel
716	errors=$(( $errors + $? ))
717
718	return $errors
719}
720
721trap cleanup 0 3 6
722trap cleanup_exit 2 9
723
724cleanup
725bpf_tunnel_test
726
727if [ $? -ne 0 ]; then
728	echo -e "$(basename $0): ${RED}FAIL${NC}"
729	exit 1
730fi
731echo -e "$(basename $0): ${GREEN}PASS${NC}"
732exit 0
733