• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/bin/sh
2# SPDX-License-Identifier: GPL-2.0-or-later
3# Copyright (c) 2020 Oracle and/or its affiliates. All Rights Reserved.
4
5TST_NEEDS_TMPDIR=1
6TST_NEEDS_CMDS="$TST_NEEDS_CMDS wg"
7TST_TESTFUNC=${TST_TESTFUNC:-virt_netperf_msg_sizes}
8TST_SETUP=${TST_SETUP:-wireguard_lib_setup}
9TST_CLEANUP=${TST_CLEANUP:-wireguard_lib_cleanup}
10TST_NEEDS_DRIVERS="wireguard"
11VIRT_PERF_THRESHOLD_MIN=${VIRT_PERF_THRESHOLD_MIN:-200}
12
13virt_type="wireguard"
14. virt_lib.sh
15
16# Usage: wireguard_lib_setup [TYPE]
17# TYPE: [ default | invalid_allowed_ips | invalid_pub_keys ]
18wireguard_lib_setup()
19{
20	local type="${1:-default}"
21	local pub_key0="$(wg genkey | tee wg0.key | wg pubkey)"
22	local pub_key1="$(wg genkey | tee wg1.key | wg pubkey)"
23
24	local port_loc="$(tst_get_unused_port ipv${TST_IPVER} dgram)"
25	local port_rmt=$(tst_rhost_run -c "tst_get_unused_port ipv${TST_IPVER} dgram")
26
27	# copy private key to remote host
28	tst_rhost_run -s -c "echo '$(cat wg1.key)' > wg1.key"
29
30	tst_res TINFO "setup wireguard UDPv${TST_IPVER} tunnel, port $port_loc/$port_rmt"
31	tst_res TINFO "lhost[$(tst_ipaddr)] <-> rhost[$(tst_ipaddr rhost)]"
32
33	virt_setup
34
35	local ka_opt="persistent-keepalive 1"
36	local allow_ip_loc="${ip_virt_local}/32,${ip6_virt_local}/128"
37	local allow_ip_rmt="${ip_virt_remote}/32,${ip6_virt_remote}/128"
38
39	case $type in
40	invalid_allowed_ips)
41		allow_ip_loc="${ip_virt_remote}/32,${ip6_virt_remote}/128"
42		allow_ip_rmt="${ip_virt_local}/32,${ip6_virt_local}/128"
43		tst_res TINFO "Allowed IPs are source IPs only"
44		;;
45	invalid_pub_keys)
46		pub_key0="$(wg genkey | wg pubkey)"
47		tst_res TINFO "Invalid peer public key of lhost"
48		;;
49	esac
50
51	ROD wg set ltp_v0 listen-port $port_loc private-key wg0.key
52	ROD wg set ltp_v0 peer $pub_key1 endpoint \
53		$(tst_ipaddr rhost):$port_rmt $ka_opt \
54		allowed-ips $allow_ip_rmt
55
56	tst_rhost_run -s -c \
57		"wg set ltp_v0 listen-port $port_rmt private-key wg1.key"
58	tst_rhost_run -s -c "wg set ltp_v0 peer $pub_key0 \
59		endpoint $(tst_ipaddr):$port_loc $ka_opt \
60		allowed-ips $allow_ip_loc"
61}
62
63wireguard_lib_cleanup()
64{
65	virt_cleanup
66}
67