aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2018-12-27 13:57:45 (GMT)
committerJouni Malinen <j@w1.fi>2018-12-29 10:26:52 (GMT)
commita2acadf605c1a3f49f4def81c1728f13cba362ad (patch)
tree37a86989e33f9680f31cd4b96143bfd8bd454d0a /tests
parent0d09bd083289348ddaceb3220c5633842630ced5 (diff)
downloadhostap-a2acadf605c1a3f49f4def81c1728f13cba362ad.zip
hostap-a2acadf605c1a3f49f4def81c1728f13cba362ad.tar.gz
hostap-a2acadf605c1a3f49f4def81c1728f13cba362ad.tar.bz2
tests: MACsec PSK with bridge interface
Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'tests')
-rw-r--r--tests/hwsim/test_macsec.py108
1 files changed, 108 insertions, 0 deletions
diff --git a/tests/hwsim/test_macsec.py b/tests/hwsim/test_macsec.py
index c24c472..67638f0 100644
--- a/tests/hwsim/test_macsec.py
+++ b/tests/hwsim/test_macsec.py
@@ -296,6 +296,114 @@ def run_macsec_psk(dev, apdev, params, prefix, integ_only=False, port0=None,
for i in range(len(cmd)):
cmd[i].terminate()
+def cleanup_macsec_br(count):
+ wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
+ for i in range(count):
+ wpas.interface_remove("veth%d" % i)
+ subprocess.call(["ip", "link", "del", "veth%d" % i],
+ stderr=open('/dev/null', 'w'))
+ subprocess.call(["ip", "link", "set", "brveth", "down"])
+ subprocess.call(["brctl", "delbr", "brveth"])
+
+def test_macsec_psk_br2(dev, apdev):
+ """MACsec PSK (bridge; 2 devices)"""
+ try:
+ run_macsec_psk_br(dev, apdev, 2, [10, 20])
+ finally:
+ cleanup_macsec_br(count=2)
+
+def test_macsec_psk_br2_same_prio(dev, apdev):
+ """MACsec PSK (bridge; 2 devices, same mka_priority)"""
+ try:
+ run_macsec_psk_br(dev, apdev, 2, [None, None])
+ finally:
+ cleanup_macsec_br(count=2)
+
+def test_macsec_psk_br3(dev, apdev):
+ """MACsec PSK (bridge; 3 devices)"""
+ try:
+ run_macsec_psk_br(dev, apdev, 3, [10, 20, 30])
+ finally:
+ cleanup_macsec_br(count=3)
+
+def test_macsec_psk_br3_same_prio(dev, apdev):
+ """MACsec PSK (bridge; 3 devices, same mka_priority)"""
+ try:
+ run_macsec_psk_br(dev, apdev, 3, [None, None, None])
+ finally:
+ cleanup_macsec_br(count=3)
+
+def run_macsec_psk_br(dev, apdev, count, mka_priority):
+ subprocess.check_call(["brctl", "addbr", "brveth"])
+ subprocess.call(["echo 8 > /sys/devices/virtual/net/brveth/bridge/group_fwd_mask"],
+ shell=True)
+
+ try:
+ for i in range(count):
+ subprocess.check_call([ "ip", "link", "add", "veth%d" % i,
+ "type", "veth",
+ "peer", "name", "vethbr%d" % i ])
+ subprocess.check_call(["ip", "link", "set", "vethbr%d" % i, "up"])
+ subprocess.check_call([ "brctl", "addif", "brveth",
+ "vethbr%d" % i ])
+ except subprocess.CalledProcessError:
+ raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")
+
+ subprocess.check_call(["ip", "link", "set", "brveth", "up"])
+
+ log_ip_link()
+
+ wpa = add_wpas_interfaces(count=count)
+ for i in range(count):
+ set_mka_psk_config(wpa[i], mka_priority=mka_priority[i])
+ wpa[i].dump_monitor()
+ wait_mka_done(wpa)
+
+ macsec_ifname = []
+ for i in range(count):
+ macsec_ifname.append(wpa[i].get_driver_status_field("parent_ifname"))
+
+ timeout = 2
+ max_tries = 2 if count > 2 else 1
+ success_seen = False
+ failure_seen = False
+ for i in range(1, count):
+ try:
+ hwsim_utils.test_connectivity(wpa[0], wpa[i],
+ ifname1=macsec_ifname[0],
+ ifname2=macsec_ifname[i],
+ send_len=1400,
+ timeout=timeout, max_tries=max_tries)
+ success_seen = True
+ logger.info("Traffic test %d<->%d success" % (0, i))
+ except:
+ failure_seen = True
+ logger.info("Traffic test %d<->%d failure" % (0, i))
+ for i in range(2, count):
+ try:
+ hwsim_utils.test_connectivity(wpa[1], wpa[i],
+ ifname1=macsec_ifname[1],
+ ifname2=macsec_ifname[i],
+ send_len=1400,
+ timeout=timeout, max_tries=max_tries)
+ success_seen = True
+ logger.info("Traffic test %d<->%d success" % (1, i))
+ except:
+ failure_seen = True
+ logger.info("Traffic test %d<->%d failure" % (1, i))
+
+ if not success_seen:
+ raise Exception("None of the data traffic tests succeeded")
+
+ # Something seems to be failing with three device tests semi-regularly, so
+ # do not report this as a failed test case until the real reason behind
+ # those failures have been determined.
+ if failure_seen:
+ if count < 3:
+ raise Exception("Data traffic test failed")
+ else:
+ logger.info("Data traffic test failed - ignore for now for >= 3 device cases")
+
def test_macsec_psk_ns(dev, apdev, params):
"""MACsec PSK (netns)"""
try: