Lines Matching +full:short +full:- +full:ping
1 // SPDX-License-Identifier: GPL-2.0
3 * ipsec.c - Check xfrm on veth inside a net-ns.
44 #define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2*!!(condition)]))
58 #define VETH_FMT "ktst-%d"
63 static int nsfd_parent = -1;
64 static int nsfd_childa = -1;
65 static int nsfd_childb = -1;
105 {"rfc4106(gcm(aes))-128", 160},
106 {"rfc4543(gcm(aes))-128", 160},
107 {"rfc4309(ccm(aes))-128", 152},
108 {"rfc4106(gcm(aes))-192", 224},
109 {"rfc4543(gcm(aes))-192", 224},
110 {"rfc4309(ccm(aes))-192", 216},
111 {"rfc4106(gcm(aes))-256", 288},
112 {"rfc4543(gcm(aes))-256", 288},
113 {"rfc4309(ccm(aes))-256", 280},
114 {"rfc7539(chacha20,poly1305)-128", 0}
126 while (words--) in randomize_buffer()
132 memcpy(buf + buflen - leftover, &tmp, leftover); in randomize_buffer()
145 return -1; in unshare_open()
151 return -1; in unshare_open()
161 return -1; in switch_ns()
168 * about cleanup on error-path.
174 return -1; in init_namespaces()
178 return -1; in init_namespaces()
181 return -1; in init_namespaces()
185 return -1; in init_namespaces()
188 return -1; in init_namespaces()
202 return -1; in netlink_sock()
212 return (struct rtattr *)((char *)(nh) + RTA_ALIGN((nh)->nlmsg_len)); in rtattr_hdr()
216 unsigned short rta_type, const void *payload, size_t size) in rtattr_pack()
220 size_t nl_size = RTA_ALIGN(nh->nlmsg_len) + RTA_LENGTH(size); in rtattr_pack()
224 return -1; in rtattr_pack()
226 nh->nlmsg_len = nl_size; in rtattr_pack()
228 attr->rta_len = RTA_LENGTH(size); in rtattr_pack()
229 attr->rta_type = rta_type; in rtattr_pack()
237 unsigned short rta_type, const void *payload, size_t size) in _rtattr_begin()
248 unsigned short rta_type) in rtattr_begin()
255 char *nlmsg_end = (char *)nh + nh->nlmsg_len; in rtattr_end()
257 attr->rta_len = nlmsg_end - (char *)attr; in rtattr_end()
272 return -1; in veth_pack_peerb()
275 return -1; in veth_pack_peerb()
278 return -1; in veth_pack_peerb()
295 return -1; in netlink_check_answer()
298 return -1; in netlink_check_answer()
301 answer.error, strerror(-answer.error)); in netlink_check_answer()
329 return -1; in veth_add()
332 return -1; in veth_add()
336 return -1; in veth_add()
339 return -1; in veth_add()
343 return -1; in veth_add()
346 return -1; in veth_add()
353 return -1; in veth_add()
381 strncpy(addr_str, inet_ntoa(addr), IPV4_STR_SZ - 1); in ip4_addr_set()
388 return -1; in ip4_addr_set()
391 return -1; in ip4_addr_set()
395 return -1; in ip4_addr_set()
421 return -1; in link_set_up()
449 return -1; in ip4_route_set()
452 return -1; in ip4_route_set()
455 return -1; in ip4_route_set()
459 return -1; in ip4_route_set()
471 return -1; in tunnel_set_route()
476 return -1; in tunnel_set_route()
487 int route_sock = -1, ret = -1; in init_child()
491 return -1; in init_child()
495 return -1; in init_child()
564 } ping; member
632 return -1; in udp_ping_init()
666 return -1; in udp_ping_init()
684 return -1; in udp_ping_send()
687 return -1; in udp_ping_send()
694 return -1; in udp_ping_send()
696 printk("EOF on reply to ping"); in udp_ping_send()
697 return -1; in udp_ping_send()
699 printk("ping reply packet is corrupted %zd/%zu", r_bytes, buf_len); in udp_ping_send()
700 return -1; in udp_ping_send()
722 return -1; in udp_ping_reply()
725 printk("EOF on reply to ping"); in udp_ping_reply()
726 return -1; in udp_ping_reply()
729 printk("ping reply packet is corrupted %zd/%zu", r_bytes, buf_len); in udp_ping_reply()
730 return -1; in udp_ping_reply()
736 return -1; in udp_ping_reply()
739 return -1; in udp_ping_reply()
756 printk("Failed to init ping"); in do_ping()
757 return -1; in do_ping()
762 msg.body.ping.port = s_port; in do_ping()
763 memcpy(&msg.body.ping.reply_ip, &from, sizeof(from)); in do_ping()
767 /* The other end sends ip to ping */ in do_ping()
770 return -1; in do_ping()
771 to = msg.body.ping.reply_ip; in do_ping()
772 d_port = msg.body.ping.port; in do_ping()
788 strncpy(to_str, inet_ntoa(*(struct in_addr *)&to), IPV4_STR_SZ - 1); in do_ping()
789 strncpy(from_str, inet_ntoa(from), IPV4_STR_SZ - 1); in do_ping()
792 printk("ping (%s) %s->%s failed %u/%u times", in do_ping()
794 ping_count - ping_succeeded, ping_count); in do_ping()
795 return -1; in do_ping()
799 printk("ping (%s) %s->%s succeeded %u/%u times", in do_ping()
818 printk("Can't pack a key - too big for buffer"); in xfrm_fill_key()
819 return -1; in xfrm_fill_key()
839 unsigned short type; in xfrm_state_pack_algo()
841 alen = strlen(desc->a_algo); in xfrm_state_pack_algo()
842 elen = strlen(desc->e_algo); in xfrm_state_pack_algo()
843 clen = strlen(desc->c_algo); in xfrm_state_pack_algo()
844 aelen = strlen(desc->ae_algo); in xfrm_state_pack_algo()
847 switch (desc->proto) { in xfrm_state_pack_algo()
851 return -1; in xfrm_state_pack_algo()
853 strncpy(alg.u.alg.alg_name, desc->a_algo, ALGO_LEN - 1); in xfrm_state_pack_algo()
854 if (xfrm_fill_key(desc->a_algo, alg.u.alg.alg_key, in xfrm_state_pack_algo()
856 return -1; in xfrm_state_pack_algo()
862 return -1; in xfrm_state_pack_algo()
864 strncpy(alg.u.alg.alg_name, desc->c_algo, ALGO_LEN - 1); in xfrm_state_pack_algo()
865 if (xfrm_fill_key(desc->c_algo, alg.u.alg.alg_key, in xfrm_state_pack_algo()
867 return -1; in xfrm_state_pack_algo()
873 return -1; in xfrm_state_pack_algo()
876 alg.u.aead.alg_icv_len = desc->icv_len; in xfrm_state_pack_algo()
877 strncpy(alg.u.aead.alg_name, desc->ae_algo, ALGO_LEN - 1); in xfrm_state_pack_algo()
878 if (xfrm_fill_key(desc->ae_algo, alg.u.aead.alg_key, in xfrm_state_pack_algo()
880 return -1; in xfrm_state_pack_algo()
884 strncpy(alg.u.alg.alg_name, desc->e_algo, ALGO_LEN - 1); in xfrm_state_pack_algo()
886 if (xfrm_fill_key(desc->e_algo, alg.u.alg.alg_key, in xfrm_state_pack_algo()
888 return -1; in xfrm_state_pack_algo()
890 return -1; in xfrm_state_pack_algo()
892 strncpy(alg.u.alg.alg_name, desc->a_algo, ALGO_LEN); in xfrm_state_pack_algo()
894 if (xfrm_fill_key(desc->a_algo, alg.u.alg.alg_key, in xfrm_state_pack_algo()
896 return -1; in xfrm_state_pack_algo()
901 return -1; in xfrm_state_pack_algo()
905 return -1; in xfrm_state_pack_algo()
940 /* Note: zero-spi cannot be deleted */ in xfrm_state_add()
942 req.info.id.proto = desc->proto; in xfrm_state_add()
956 return -1; in xfrm_state_add()
960 return -1; in xfrm_state_add()
970 if (memcmp(&info->sel.daddr, &dst, sizeof(dst))) in xfrm_usersa_found()
973 if (memcmp(&info->sel.saddr, &src, sizeof(src))) in xfrm_usersa_found()
976 if (info->sel.family != AF_INET || in xfrm_usersa_found()
977 info->sel.prefixlen_d != PREFIX_LEN || in xfrm_usersa_found()
978 info->sel.prefixlen_s != PREFIX_LEN) in xfrm_usersa_found()
981 if (info->id.spi != spi || info->id.proto != desc->proto) in xfrm_usersa_found()
984 if (memcmp(&info->id.daddr, &dst, sizeof(dst))) in xfrm_usersa_found()
987 if (memcmp(&info->saddr, &src, sizeof(src))) in xfrm_usersa_found()
990 if (info->lft.soft_byte_limit != XFRM_INF || in xfrm_usersa_found()
991 info->lft.hard_byte_limit != XFRM_INF || in xfrm_usersa_found()
992 info->lft.soft_packet_limit != XFRM_INF || in xfrm_usersa_found()
993 info->lft.hard_packet_limit != XFRM_INF) in xfrm_usersa_found()
996 if (info->family != AF_INET || info->mode != XFRM_MODE_TUNNEL) in xfrm_usersa_found()
1039 return -1; in xfrm_state_check()
1043 return -1; in xfrm_state_check()
1049 return -1; in xfrm_state_check()
1053 answer.error, strerror(-answer.error)); in xfrm_state_check()
1054 return -1; in xfrm_state_check()
1059 return -1; in xfrm_state_check()
1077 return -1; in xfrm_set()
1083 return -1; in xfrm_set()
1091 return -1; in xfrm_set()
1132 /* Note: zero-spi cannot be deleted */ in xfrm_policy_add()
1143 return -1; in xfrm_policy_add()
1147 return -1; in xfrm_policy_add()
1160 return -1; in xfrm_prepare()
1166 return -1; in xfrm_prepare()
1198 return -1; in xfrm_policy_del()
1211 return -1; in xfrm_cleanup()
1217 return -1; in xfrm_cleanup()
1242 /* Note: zero-spi cannot be deleted */ in xfrm_state_del()
1247 return -1; in xfrm_state_del()
1251 return -1; in xfrm_state_del()
1263 return -1; in xfrm_delete()
1268 return -1; in xfrm_delete()
1322 printk("NLMSG_ERROR: %d: %s", answer.error, strerror(-answer.error)); in xfrm_state_allocspi()
1330 int ret = -1; in netlink_sock_bind()
1337 return -1; in netlink_sock_bind()
1376 int xfrm_listen = -1, ret = KSFT_FAIL; in xfrm_monitor_acquire()
1412 printk("NLMSG_ERROR: %d: %s", req.error, strerror(-req.error)); in xfrm_monitor_acquire()
1446 int xfrm_listen = -1, ret = KSFT_FAIL; in xfrm_expire_state()
1468 req.expire.state.id.proto = desc->proto; in xfrm_expire_state()
1486 printk("NLMSG_ERROR: %d: %s", req.error, strerror(-req.error)); in xfrm_expire_state()
1518 int xfrm_listen = -1, ret = KSFT_FAIL; in xfrm_expire_policy()
1527 XFRM_POLICY_OUT, tunsrc, tundst, desc->proto)) { in xfrm_expire_policy()
1564 printk("NLMSG_ERROR: %d: %s", req.error, strerror(-req.error)); in xfrm_expire_policy()
1610 return -1; in xfrm_spdinfo_set_thresh()
1615 return -1; in xfrm_spdinfo_set_thresh()
1621 return -1; in xfrm_spdinfo_set_thresh()
1627 return -1; in xfrm_spdinfo_set_thresh()
1632 return -1; in xfrm_spdinfo_set_thresh()
1635 return -1; in xfrm_spdinfo_set_thresh()
1639 printk("NLMSG_ERROR: %d: %s", req.error, strerror(-req.error)); in xfrm_spdinfo_set_thresh()
1640 return -1; in xfrm_spdinfo_set_thresh()
1682 if (attr->rta_type == XFRMA_SPD_IPV4_HTHRESH) { in xfrm_spdinfo_attrs()
1686 if (t->lbits != 32 || t->rbits != 31) { in xfrm_spdinfo_attrs()
1688 t->lbits, t->rbits); in xfrm_spdinfo_attrs()
1692 if (attr->rta_type == XFRMA_SPD_IPV6_HTHRESH) { in xfrm_spdinfo_attrs()
1696 if (t->lbits != 120 || t->rbits != 16) { in xfrm_spdinfo_attrs()
1698 t->lbits, t->rbits); in xfrm_spdinfo_attrs()
1711 printk("NLMSG_ERROR: %d: %s", req.error, strerror(-req.error)); in xfrm_spdinfo_attrs()
1712 return -1; in xfrm_spdinfo_attrs()
1723 * implies NL_VALIDATE_LIBERAL - ignoring attributes with in xfrm_spdinfo_attrs()
1748 printk("ping failed before setting xfrm"); in child_serv()
1757 if (xfrm_prepare(xfrm_sock, seq, src, dst, tunsrc, tundst, desc->proto)) { in child_serv()
1774 printk("ping failed for xfrm"); in child_serv()
1786 if (xfrm_delete(xfrm_sock, seq, src, dst, tunsrc, tundst, desc->proto)) { in child_serv()
1787 printk("failed ping to remove xfrm"); in child_serv()
1797 printk("failed ping to cleanup xfrm"); in child_serv()
1807 int xfrm_sock = -1; in child_f()
1847 -1, desc.proto); in child_f()
1880 struct xfrm_desc *desc = &msg->body.xfrm_desc; in grand_child_serv()
1887 switch (msg->type) { in grand_child_serv()
1894 tun_reply = memcmp(&dst, &msg->body.ping.reply_ip, sizeof(in_addr_t)); in grand_child_serv()
1897 false, msg->body.ping.port, in grand_child_serv()
1898 msg->body.ping.reply_ip, udp_ping_reply)) { in grand_child_serv()
1899 printk("ping failed before setting xfrm"); in grand_child_serv()
1904 desc->proto)) { in grand_child_serv()
1917 desc->proto)) { in grand_child_serv()
1928 printk("got unknown msg type %d", msg->type); in grand_child_serv()
1935 int xfrm_sock = -1; in grand_child_f()
1962 return -1; in start_child()
1965 return -1; in start_child()
1970 return -1; in start_child()
1972 /* in parent - selftest */ in start_child()
1978 return -1; in start_child()
1983 MAP_SHARED | MAP_ANONYMOUS, -1, 0); in start_child()
1986 return -1; in start_child()
1993 return -1; in start_child()
1999 return -1; in start_child()
2003 return -1; in start_child()
2009 return -1; in start_child()
2031 return -1; in __write_desc()
2043 strncpy(desc.a_algo, a, ALGO_LEN - 1); in write_desc()
2045 strncpy(desc.e_algo, e, ALGO_LEN - 1); in write_desc()
2047 strncpy(desc.c_algo, c, ALGO_LEN - 1); in write_desc()
2049 strncpy(desc.ae_algo, ae, ALGO_LEN - 1); in write_desc()
2092 return -1; in write_proto_plan()
2098 return -1; in write_proto_plan()
2108 return -1; in write_proto_plan()
2113 return -1; in write_proto_plan()
2118 return -1; in write_proto_plan()
2126 * 64-bit and 32-bit ABI:
2128 * 32-bit UABI | 64-bit UABI
2129 * -------------------------------------|-------------------------------------
2148 strncpy(desc.a_algo, ah_list[0], ALGO_LEN - 1); in write_compat_struct_tests()
2151 return -1; in write_compat_struct_tests()
2155 return -1; in write_compat_struct_tests()
2159 return -1; in write_compat_struct_tests()
2163 return -1; in write_compat_struct_tests()
2167 return -1; in write_compat_struct_tests()
2180 return -1; in write_test_plan()
2258 desc_name[d->type], (unsigned int)d->proto, d->a_algo, in check_results()
2259 d->e_algo, d->c_algo, d->ae_algo, d->icv_len); in check_results()
2268 int route_sock = -1, ret = KSFT_SKIP; in main()