tests: MACsec PSK with bridge interface

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2018-12-27 15:57:45 +02:00
parent 0d09bd0832
commit a2acadf605

View file

@ -296,6 +296,114 @@ def run_macsec_psk(dev, apdev, params, prefix, integ_only=False, port0=None,
for i in range(len(cmd)): for i in range(len(cmd)):
cmd[i].terminate() cmd[i].terminate()
def cleanup_macsec_br(count):
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
for i in range(count):
wpas.interface_remove("veth%d" % i)
subprocess.call(["ip", "link", "del", "veth%d" % i],
stderr=open('/dev/null', 'w'))
subprocess.call(["ip", "link", "set", "brveth", "down"])
subprocess.call(["brctl", "delbr", "brveth"])
def test_macsec_psk_br2(dev, apdev):
"""MACsec PSK (bridge; 2 devices)"""
try:
run_macsec_psk_br(dev, apdev, 2, [10, 20])
finally:
cleanup_macsec_br(count=2)
def test_macsec_psk_br2_same_prio(dev, apdev):
"""MACsec PSK (bridge; 2 devices, same mka_priority)"""
try:
run_macsec_psk_br(dev, apdev, 2, [None, None])
finally:
cleanup_macsec_br(count=2)
def test_macsec_psk_br3(dev, apdev):
"""MACsec PSK (bridge; 3 devices)"""
try:
run_macsec_psk_br(dev, apdev, 3, [10, 20, 30])
finally:
cleanup_macsec_br(count=3)
def test_macsec_psk_br3_same_prio(dev, apdev):
"""MACsec PSK (bridge; 3 devices, same mka_priority)"""
try:
run_macsec_psk_br(dev, apdev, 3, [None, None, None])
finally:
cleanup_macsec_br(count=3)
def run_macsec_psk_br(dev, apdev, count, mka_priority):
subprocess.check_call(["brctl", "addbr", "brveth"])
subprocess.call(["echo 8 > /sys/devices/virtual/net/brveth/bridge/group_fwd_mask"],
shell=True)
try:
for i in range(count):
subprocess.check_call([ "ip", "link", "add", "veth%d" % i,
"type", "veth",
"peer", "name", "vethbr%d" % i ])
subprocess.check_call(["ip", "link", "set", "vethbr%d" % i, "up"])
subprocess.check_call([ "brctl", "addif", "brveth",
"vethbr%d" % i ])
except subprocess.CalledProcessError:
raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")
subprocess.check_call(["ip", "link", "set", "brveth", "up"])
log_ip_link()
wpa = add_wpas_interfaces(count=count)
for i in range(count):
set_mka_psk_config(wpa[i], mka_priority=mka_priority[i])
wpa[i].dump_monitor()
wait_mka_done(wpa)
macsec_ifname = []
for i in range(count):
macsec_ifname.append(wpa[i].get_driver_status_field("parent_ifname"))
timeout = 2
max_tries = 2 if count > 2 else 1
success_seen = False
failure_seen = False
for i in range(1, count):
try:
hwsim_utils.test_connectivity(wpa[0], wpa[i],
ifname1=macsec_ifname[0],
ifname2=macsec_ifname[i],
send_len=1400,
timeout=timeout, max_tries=max_tries)
success_seen = True
logger.info("Traffic test %d<->%d success" % (0, i))
except:
failure_seen = True
logger.info("Traffic test %d<->%d failure" % (0, i))
for i in range(2, count):
try:
hwsim_utils.test_connectivity(wpa[1], wpa[i],
ifname1=macsec_ifname[1],
ifname2=macsec_ifname[i],
send_len=1400,
timeout=timeout, max_tries=max_tries)
success_seen = True
logger.info("Traffic test %d<->%d success" % (1, i))
except:
failure_seen = True
logger.info("Traffic test %d<->%d failure" % (1, i))
if not success_seen:
raise Exception("None of the data traffic tests succeeded")
# Something seems to be failing with three device tests semi-regularly, so
# do not report this as a failed test case until the real reason behind
# those failures have been determined.
if failure_seen:
if count < 3:
raise Exception("Data traffic test failed")
else:
logger.info("Data traffic test failed - ignore for now for >= 3 device cases")
def test_macsec_psk_ns(dev, apdev, params): def test_macsec_psk_ns(dev, apdev, params):
"""MACsec PSK (netns)""" """MACsec PSK (netns)"""
try: try: