xref: /openbmc/linux/tools/testing/selftests/net/rtnetlink.sh (revision bd329f028f1cd51c7623c326147af07c6d832193) 
1#!/bin/sh
2#
3# This test is for checking rtnetlink callpaths, and get as much coverage as possible.
4#
5# set -e
6
7devdummy="test-dummy0"
8ret=0
9
10# set global exit status, but never reset nonzero one.
11check_err()
12{
13	if [ $ret -eq 0 ]; then
14		ret=$1
15	fi
16}
17
18# same but inverted -- used when command must fail for test to pass
19check_fail()
20{
21	if [ $1 -eq 0 ]; then
22		ret=1
23	fi
24}
25
26kci_add_dummy()
27{
28	ip link add name "$devdummy" type dummy
29	check_err $?
30	ip link set "$devdummy" up
31	check_err $?
32}
33
34kci_del_dummy()
35{
36	ip link del dev "$devdummy"
37	check_err $?
38}
39
40kci_test_netconf()
41{
42	dev="$1"
43	r=$ret
44
45	ip netconf show dev "$dev" > /dev/null
46	check_err $?
47
48	for f in 4 6; do
49		ip -$f netconf show dev "$dev" > /dev/null
50		check_err $?
51	done
52
53	if [ $ret -ne 0 ] ;then
54		echo "FAIL: ip netconf show $dev"
55		test $r -eq 0 && ret=0
56		return 1
57	fi
58}
59
60# add a bridge with vlans on top
61kci_test_bridge()
62{
63	devbr="test-br0"
64	vlandev="testbr-vlan1"
65
66	ret=0
67	ip link add name "$devbr" type bridge
68	check_err $?
69
70	ip link set dev "$devdummy" master "$devbr"
71	check_err $?
72
73	ip link set "$devbr" up
74	check_err $?
75
76	ip link add link "$devbr" name "$vlandev" type vlan id 1
77	check_err $?
78	ip addr add dev "$vlandev" 10.200.7.23/30
79	check_err $?
80	ip -6 addr add dev "$vlandev" dead:42::1234/64
81	check_err $?
82	ip -d link > /dev/null
83	check_err $?
84	ip r s t all > /dev/null
85	check_err $?
86
87	for name in "$devbr" "$vlandev" "$devdummy" ; do
88		kci_test_netconf "$name"
89	done
90
91	ip -6 addr del dev "$vlandev" dead:42::1234/64
92	check_err $?
93
94	ip link del dev "$vlandev"
95	check_err $?
96	ip link del dev "$devbr"
97	check_err $?
98
99	if [ $ret -ne 0 ];then
100		echo "FAIL: bridge setup"
101		return 1
102	fi
103	echo "PASS: bridge setup"
104
105}
106
107kci_test_gre()
108{
109	gredev=neta
110	rem=10.42.42.1
111	loc=10.0.0.1
112
113	ret=0
114	ip tunnel add $gredev mode gre remote $rem local $loc ttl 1
115	check_err $?
116	ip link set $gredev up
117	check_err $?
118	ip addr add 10.23.7.10 dev $gredev
119	check_err $?
120	ip route add 10.23.8.0/30 dev $gredev
121	check_err $?
122	ip addr add dev "$devdummy" 10.23.7.11/24
123	check_err $?
124	ip link > /dev/null
125	check_err $?
126	ip addr > /dev/null
127	check_err $?
128
129	kci_test_netconf "$gredev"
130
131	ip addr del dev "$devdummy" 10.23.7.11/24
132	check_err $?
133
134	ip link del $gredev
135	check_err $?
136
137	if [ $ret -ne 0 ];then
138		echo "FAIL: gre tunnel endpoint"
139		return 1
140	fi
141	echo "PASS: gre tunnel endpoint"
142}
143
144# tc uses rtnetlink too, for full tc testing
145# please see tools/testing/selftests/tc-testing.
146kci_test_tc()
147{
148	dev=lo
149	ret=0
150
151	tc qdisc add dev "$dev" root handle 1: htb
152	check_err $?
153	tc class add dev "$dev" parent 1: classid 1:10 htb rate 1mbit
154	check_err $?
155	tc filter add dev "$dev" parent 1:0 prio 5 handle ffe: protocol ip u32 divisor 256
156	check_err $?
157	tc filter add dev "$dev" parent 1:0 prio 5 handle ffd: protocol ip u32 divisor 256
158	check_err $?
159	tc filter add dev "$dev" parent 1:0 prio 5 handle ffc: protocol ip u32 divisor 256
160	check_err $?
161	tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 ht ffe:2: match ip src 10.0.0.3 flowid 1:10
162	check_err $?
163	tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:2 u32 ht ffe:2: match ip src 10.0.0.2 flowid 1:10
164	check_err $?
165	tc filter show dev "$dev" parent  1:0 > /dev/null
166	check_err $?
167	tc filter del dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32
168	check_err $?
169	tc filter show dev "$dev" parent  1:0 > /dev/null
170	check_err $?
171	tc qdisc del dev "$dev" root handle 1: htb
172	check_err $?
173
174	if [ $ret -ne 0 ];then
175		echo "FAIL: tc htb hierarchy"
176		return 1
177	fi
178	echo "PASS: tc htb hierarchy"
179
180}
181
182kci_test_polrouting()
183{
184	ret=0
185	ip rule add fwmark 1 lookup 100
186	check_err $?
187	ip route add local 0.0.0.0/0 dev lo table 100
188	check_err $?
189	ip r s t all > /dev/null
190	check_err $?
191	ip rule del fwmark 1 lookup 100
192	check_err $?
193	ip route del local 0.0.0.0/0 dev lo table 100
194	check_err $?
195
196	if [ $ret -ne 0 ];then
197		echo "FAIL: policy route test"
198		return 1
199	fi
200	echo "PASS: policy routing"
201}
202
203kci_test_route_get()
204{
205	ret=0
206
207	ip route get 127.0.0.1 > /dev/null
208	check_err $?
209	ip route get 127.0.0.1 dev "$devdummy" > /dev/null
210	check_err $?
211	ip route get ::1 > /dev/null
212	check_err $?
213	ip route get fe80::1 dev "$devdummy" > /dev/null
214	check_err $?
215	ip route get 127.0.0.1 from 127.0.0.1 oif lo tos 0x1 mark 0x1 > /dev/null
216	check_err $?
217	ip route get ::1 from ::1 iif lo oif lo tos 0x1 mark 0x1 > /dev/null
218	check_err $?
219	ip addr add dev "$devdummy" 10.23.7.11/24
220	check_err $?
221	ip route get 10.23.7.11 from 10.23.7.12 iif "$devdummy" > /dev/null
222	check_err $?
223	ip addr del dev "$devdummy" 10.23.7.11/24
224	check_err $?
225
226	if [ $ret -ne 0 ];then
227		echo "FAIL: route get"
228		return 1
229	fi
230
231	echo "PASS: route get"
232}
233
234kci_test_addrlabel()
235{
236	ret=0
237
238	ip addrlabel add prefix dead::/64 dev lo label 1
239	check_err $?
240
241	ip addrlabel list |grep -q "prefix dead::/64 dev lo label 1"
242	check_err $?
243
244	ip addrlabel del prefix dead::/64 dev lo label 1 2> /dev/null
245	check_err $?
246
247	ip addrlabel add prefix dead::/64 label 1 2> /dev/null
248	check_err $?
249
250	ip addrlabel del prefix dead::/64 label 1 2> /dev/null
251	check_err $?
252
253	# concurrent add/delete
254	for i in $(seq 1 1000); do
255		ip addrlabel add prefix 1c3::/64 label 12345 2>/dev/null
256	done &
257
258	for i in $(seq 1 1000); do
259		ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
260	done
261
262	wait
263
264	ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
265
266	if [ $ret -ne 0 ];then
267		echo "FAIL: ipv6 addrlabel"
268		return 1
269	fi
270
271	echo "PASS: ipv6 addrlabel"
272}
273
274kci_test_ifalias()
275{
276	ret=0
277	namewant=$(uuidgen)
278	syspathname="/sys/class/net/$devdummy/ifalias"
279
280	ip link set dev "$devdummy" alias "$namewant"
281	check_err $?
282
283	if [ $ret -ne 0 ]; then
284		echo "FAIL: cannot set interface alias of $devdummy to $namewant"
285		return 1
286	fi
287
288	ip link show "$devdummy" | grep -q "alias $namewant"
289	check_err $?
290
291	if [ -r "$syspathname" ] ; then
292		read namehave < "$syspathname"
293		if [ "$namewant" != "$namehave" ]; then
294			echo "FAIL: did set ifalias $namewant but got $namehave"
295			return 1
296		fi
297
298		namewant=$(uuidgen)
299		echo "$namewant" > "$syspathname"
300	        ip link show "$devdummy" | grep -q "alias $namewant"
301		check_err $?
302
303		# sysfs interface allows to delete alias again
304		echo "" > "$syspathname"
305
306	        ip link show "$devdummy" | grep -q "alias $namewant"
307		check_fail $?
308
309		for i in $(seq 1 100); do
310			uuidgen > "$syspathname" &
311		done
312
313		wait
314
315		# re-add the alias -- kernel should free mem when dummy dev is removed
316		ip link set dev "$devdummy" alias "$namewant"
317		check_err $?
318	fi
319
320	if [ $ret -ne 0 ]; then
321		echo "FAIL: set interface alias $devdummy to $namewant"
322		return 1
323	fi
324
325	echo "PASS: set ifalias $namewant for $devdummy"
326}
327
328kci_test_vrf()
329{
330	vrfname="test-vrf"
331	ret=0
332
333	ip link show type vrf 2>/dev/null
334	if [ $? -ne 0 ]; then
335		echo "SKIP: vrf: iproute2 too old"
336		return 0
337	fi
338
339	ip link add "$vrfname" type vrf table 10
340	check_err $?
341	if [ $ret -ne 0 ];then
342		echo "FAIL: can't add vrf interface, skipping test"
343		return 0
344	fi
345
346	ip -br link show type vrf | grep -q "$vrfname"
347	check_err $?
348	if [ $ret -ne 0 ];then
349		echo "FAIL: created vrf device not found"
350		return 1
351	fi
352
353	ip link set dev "$vrfname" up
354	check_err $?
355
356	ip link set dev "$devdummy" master "$vrfname"
357	check_err $?
358	ip link del dev "$vrfname"
359	check_err $?
360
361	if [ $ret -ne 0 ];then
362		echo "FAIL: vrf"
363		return 1
364	fi
365
366	echo "PASS: vrf"
367}
368
369kci_test_encap_vxlan()
370{
371	ret=0
372	vxlan="test-vxlan0"
373	vlan="test-vlan0"
374	testns="$1"
375
376	ip netns exec "$testns" ip link add "$vxlan" type vxlan id 42 group 239.1.1.1 \
377		dev "$devdummy" dstport 4789 2>/dev/null
378	if [ $? -ne 0 ]; then
379		echo "FAIL: can't add vxlan interface, skipping test"
380		return 0
381	fi
382	check_err $?
383
384	ip netns exec "$testns" ip addr add 10.2.11.49/24 dev "$vxlan"
385	check_err $?
386
387	ip netns exec "$testns" ip link set up dev "$vxlan"
388	check_err $?
389
390	ip netns exec "$testns" ip link add link "$vxlan" name "$vlan" type vlan id 1
391	check_err $?
392
393	ip netns exec "$testns" ip link del "$vxlan"
394	check_err $?
395
396	if [ $ret -ne 0 ]; then
397		echo "FAIL: vxlan"
398		return 1
399	fi
400	echo "PASS: vxlan"
401}
402
403kci_test_encap_fou()
404{
405	ret=0
406	name="test-fou"
407	testns="$1"
408
409	ip fou help 2>&1 |grep -q 'Usage: ip fou'
410	if [ $? -ne 0 ];then
411		echo "SKIP: fou: iproute2 too old"
412		return 1
413	fi
414
415	ip netns exec "$testns" ip fou add port 7777 ipproto 47 2>/dev/null
416	if [ $? -ne 0 ];then
417		echo "FAIL: can't add fou port 7777, skipping test"
418		return 1
419	fi
420
421	ip netns exec "$testns" ip fou add port 8888 ipproto 4
422	check_err $?
423
424	ip netns exec "$testns" ip fou del port 9999 2>/dev/null
425	check_fail $?
426
427	ip netns exec "$testns" ip fou del port 7777
428	check_err $?
429
430	if [ $ret -ne 0 ]; then
431		echo "FAIL: fou"
432		return 1
433	fi
434
435	echo "PASS: fou"
436}
437
438# test various encap methods, use netns to avoid unwanted interference
439kci_test_encap()
440{
441	testns="testns"
442	ret=0
443
444	ip netns add "$testns"
445	if [ $? -ne 0 ]; then
446		echo "SKIP encap tests: cannot add net namespace $testns"
447		return 1
448	fi
449
450	ip netns exec "$testns" ip link set lo up
451	check_err $?
452
453	ip netns exec "$testns" ip link add name "$devdummy" type dummy
454	check_err $?
455	ip netns exec "$testns" ip link set "$devdummy" up
456	check_err $?
457
458	kci_test_encap_vxlan "$testns"
459	kci_test_encap_fou "$testns"
460
461	ip netns del "$testns"
462}
463
464kci_test_macsec()
465{
466	msname="test_macsec0"
467	ret=0
468
469	ip macsec help 2>&1 | grep -q "^Usage: ip macsec"
470	if [ $? -ne 0 ]; then
471		echo "SKIP: macsec: iproute2 too old"
472		return 0
473	fi
474
475	ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on
476	check_err $?
477	if [ $ret -ne 0 ];then
478		echo "FAIL: can't add macsec interface, skipping test"
479		return 1
480	fi
481
482	ip macsec add "$msname" tx sa 0 pn 1024 on key 01 12345678901234567890123456789012
483	check_err $?
484
485	ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef"
486	check_err $?
487
488	ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" sa 0 pn 1 on key 00 0123456789abcdef0123456789abcdef
489	check_err $?
490
491	ip macsec show > /dev/null
492	check_err $?
493
494	ip link del dev "$msname"
495	check_err $?
496
497	if [ $ret -ne 0 ];then
498		echo "FAIL: macsec"
499		return 1
500	fi
501
502	echo "PASS: macsec"
503}
504
505kci_test_gretap()
506{
507	testns="testns"
508	DEV_NS=gretap00
509	ret=0
510
511	ip netns add "$testns"
512	if [ $? -ne 0 ]; then
513		echo "SKIP gretap tests: cannot add net namespace $testns"
514		return 1
515	fi
516
517	ip link help gretap 2>&1 | grep -q "^Usage:"
518	if [ $? -ne 0 ];then
519		echo "SKIP: gretap: iproute2 too old"
520		return 1
521	fi
522
523	# test native tunnel
524	ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap seq \
525		key 102 local 172.16.1.100 remote 172.16.1.200
526	check_err $?
527
528	ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
529	check_err $?
530
531	ip netns exec "$testns" ip link set dev $DEV_NS up
532	check_err $?
533
534	ip netns exec "$testns" ip link del "$DEV_NS"
535	check_err $?
536
537	# test external mode
538	ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap external
539	check_err $?
540
541	ip netns exec "$testns" ip link del "$DEV_NS"
542	check_err $?
543
544	if [ $ret -ne 0 ]; then
545		echo "FAIL: gretap"
546		return 1
547	fi
548	echo "PASS: gretap"
549
550	ip netns del "$testns"
551}
552
553kci_test_ip6gretap()
554{
555	testns="testns"
556	DEV_NS=ip6gretap00
557	ret=0
558
559	ip netns add "$testns"
560	if [ $? -ne 0 ]; then
561		echo "SKIP ip6gretap tests: cannot add net namespace $testns"
562		return 1
563	fi
564
565	ip link help ip6gretap 2>&1 | grep -q "^Usage:"
566	if [ $? -ne 0 ];then
567		echo "SKIP: ip6gretap: iproute2 too old"
568		return 1
569	fi
570
571	# test native tunnel
572	ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap seq \
573		key 102 local fc00:100::1 remote fc00:100::2
574	check_err $?
575
576	ip netns exec "$testns" ip addr add dev "$DEV_NS" fc00:200::1/96
577	check_err $?
578
579	ip netns exec "$testns" ip link set dev $DEV_NS up
580	check_err $?
581
582	ip netns exec "$testns" ip link del "$DEV_NS"
583	check_err $?
584
585	# test external mode
586	ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap external
587	check_err $?
588
589	ip netns exec "$testns" ip link del "$DEV_NS"
590	check_err $?
591
592	if [ $ret -ne 0 ]; then
593		echo "FAIL: ip6gretap"
594		return 1
595	fi
596	echo "PASS: ip6gretap"
597
598	ip netns del "$testns"
599}
600
601kci_test_erspan()
602{
603	testns="testns"
604	DEV_NS=erspan00
605	ret=0
606
607	ip link help erspan 2>&1 | grep -q "^Usage:"
608	if [ $? -ne 0 ];then
609		echo "SKIP: erspan: iproute2 too old"
610		return 1
611	fi
612
613	ip netns add "$testns"
614	if [ $? -ne 0 ]; then
615		echo "SKIP erspan tests: cannot add net namespace $testns"
616		return 1
617	fi
618
619	# test native tunnel erspan v1
620	ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \
621		key 102 local 172.16.1.100 remote 172.16.1.200 \
622		erspan_ver 1 erspan 488
623	check_err $?
624
625	ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
626	check_err $?
627
628	ip netns exec "$testns" ip link set dev $DEV_NS up
629	check_err $?
630
631	ip netns exec "$testns" ip link del "$DEV_NS"
632	check_err $?
633
634	# test native tunnel erspan v2
635	ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \
636		key 102 local 172.16.1.100 remote 172.16.1.200 \
637		erspan_ver 2 erspan_dir ingress erspan_hwid 7
638	check_err $?
639
640	ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
641	check_err $?
642
643	ip netns exec "$testns" ip link set dev $DEV_NS up
644	check_err $?
645
646	ip netns exec "$testns" ip link del "$DEV_NS"
647	check_err $?
648
649	# test external mode
650	ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan external
651	check_err $?
652
653	ip netns exec "$testns" ip link del "$DEV_NS"
654	check_err $?
655
656	if [ $ret -ne 0 ]; then
657		echo "FAIL: erspan"
658		return 1
659	fi
660	echo "PASS: erspan"
661
662	ip netns del "$testns"
663}
664
665kci_test_ip6erspan()
666{
667	testns="testns"
668	DEV_NS=ip6erspan00
669	ret=0
670
671	ip link help ip6erspan 2>&1 | grep -q "^Usage:"
672	if [ $? -ne 0 ];then
673		echo "SKIP: ip6erspan: iproute2 too old"
674		return 1
675	fi
676
677	ip netns add "$testns"
678	if [ $? -ne 0 ]; then
679		echo "SKIP ip6erspan tests: cannot add net namespace $testns"
680		return 1
681	fi
682
683	# test native tunnel ip6erspan v1
684	ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \
685		key 102 local fc00:100::1 remote fc00:100::2 \
686		erspan_ver 1 erspan 488
687	check_err $?
688
689	ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
690	check_err $?
691
692	ip netns exec "$testns" ip link set dev $DEV_NS up
693	check_err $?
694
695	ip netns exec "$testns" ip link del "$DEV_NS"
696	check_err $?
697
698	# test native tunnel ip6erspan v2
699	ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \
700		key 102 local fc00:100::1 remote fc00:100::2 \
701		erspan_ver 2 erspan_dir ingress erspan_hwid 7
702	check_err $?
703
704	ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
705	check_err $?
706
707	ip netns exec "$testns" ip link set dev $DEV_NS up
708	check_err $?
709
710	ip netns exec "$testns" ip link del "$DEV_NS"
711	check_err $?
712
713	# test external mode
714	ip netns exec "$testns" ip link add dev "$DEV_NS" \
715		type ip6erspan external
716	check_err $?
717
718	ip netns exec "$testns" ip link del "$DEV_NS"
719	check_err $?
720
721	if [ $ret -ne 0 ]; then
722		echo "FAIL: ip6erspan"
723		return 1
724	fi
725	echo "PASS: ip6erspan"
726
727	ip netns del "$testns"
728}
729
730kci_test_rtnl()
731{
732	kci_add_dummy
733	if [ $ret -ne 0 ];then
734		echo "FAIL: cannot add dummy interface"
735		return 1
736	fi
737
738	kci_test_polrouting
739	kci_test_route_get
740	kci_test_tc
741	kci_test_gre
742	kci_test_gretap
743	kci_test_ip6gretap
744	kci_test_erspan
745	kci_test_ip6erspan
746	kci_test_bridge
747	kci_test_addrlabel
748	kci_test_ifalias
749	kci_test_vrf
750	kci_test_encap
751	kci_test_macsec
752
753	kci_del_dummy
754}
755
756#check for needed privileges
757if [ "$(id -u)" -ne 0 ];then
758	echo "SKIP: Need root privileges"
759	exit 0
760fi
761
762for x in ip tc;do
763	$x -Version 2>/dev/null >/dev/null
764	if [ $? -ne 0 ];then
765		echo "SKIP: Could not run test without the $x tool"
766		exit 0
767	fi
768done
769
770kci_test_rtnl
771
772exit $ret
773