Ejemplo n.º 1
0
def run_macsec_psk_ns(dev, apdev, params):
    try:
        subprocess.check_call([
            "ip", "link", "add", "veth0", "type", "veth", "peer", "name",
            "veth1"
        ])
    except subprocess.CalledProcessError:
        raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")

    prefix = "macsec_psk_ns"
    conffile = os.path.join(params['logdir'], prefix + ".conf")
    pidfile = os.path.join(params['logdir'], prefix + ".pid")
    logfile0 = os.path.join(params['logdir'], prefix + ".veth0.log")
    logfile1 = os.path.join(params['logdir'], prefix + ".veth1.log")
    cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap")
    cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap")
    cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap")
    cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap")

    for i in range(2):
        try:
            subprocess.check_call(["ip", "netns", "add", "ns%d" % i])
        except subprocess.CalledProcessError:
            raise HwsimSkip(
                "network namespace not supported (kernel CONFIG_NAMESPACES, CONFIG_NET_NS)"
            )
        subprocess.check_call(
            ["ip", "link", "set",
             "veth%d" % i, "netns",
             "ns%d" % i])
        subprocess.check_call([
            "ip", "netns", "exec",
            "ns%d" % i, "ip", "link", "set", "dev",
            "veth%d" % i, "up"
        ])

    cmd = {}
    cmd[0] = WlantestCapture('veth0', cap_veth0, netns='ns0')
    cmd[1] = WlantestCapture('veth1', cap_veth1, netns='ns1')

    write_conf(conffile + '0')
    write_conf(conffile + '1', mka_priority=100)

    prg = os.path.join(params['logdir'],
                       'alt-wpa_supplicant/wpa_supplicant/wpa_supplicant')
    if not os.path.exists(prg):
        prg = '../../wpa_supplicant/wpa_supplicant'

    arg = [
        "ip", "netns", "exec", "ns0", prg, '-BdddtKW', '-P', pidfile + '0',
        '-f', logfile0, '-g', '/tmp/wpas-veth0', '-Dmacsec_linux', '-c',
        conffile + '0', '-i', "veth0"
    ]
    logger.info("Start wpa_supplicant: " + str(arg))
    try:
        subprocess.check_call(arg)
    except subprocess.CalledProcessError:
        raise HwsimSkip(
            "macsec supported (wpa_supplicant CONFIG_MACSEC, CONFIG_DRIVER_MACSEC_LINUX; kernel CONFIG_MACSEC)"
        )

    if os.path.exists("wpa_supplicant-macsec2"):
        logger.info(
            "Use alternative wpa_supplicant binary for one of the macsec devices"
        )
        prg = "wpa_supplicant-macsec2"

    arg = [
        "ip", "netns", "exec", "ns1", prg, '-BdddtKW', '-P', pidfile + '1',
        '-f', logfile1, '-g', '/tmp/wpas-veth1', '-Dmacsec_linux', '-c',
        conffile + '1', '-i', "veth1"
    ]
    logger.info("Start wpa_supplicant: " + str(arg))
    subprocess.check_call(arg)

    wpas0 = WpaSupplicant('veth0', '/tmp/wpas-veth0')
    wpas1 = WpaSupplicant('veth1', '/tmp/wpas-veth1')

    log_ip_macsec_ns()
    log_ip_link_ns()

    logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
    logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
    logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER"))
    logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER"))

    for i in range(10):
        macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname")
        macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname")
        if "Number of Keys" in wpas0.request("STATUS"):
            key_tx0 = int(wpas0.get_status_field("Number of Keys Distributed"))
            key_rx0 = int(wpas0.get_status_field("Number of Keys Received"))
        else:
            key_tx0 = 0
            key_rx0 = 0
        if "Number of Keys" in wpas1.request("STATUS"):
            key_tx1 = int(wpas1.get_status_field("Number of Keys Distributed"))
            key_rx1 = int(wpas1.get_status_field("Number of Keys Received"))
        else:
            key_tx1 = 0
            key_rx1 = 0
        if key_rx0 > 0 and key_tx1 > 0:
            break
        time.sleep(1)

    cmd[2] = WlantestCapture(macsec_ifname0, cap_macsec0, netns='ns0')
    cmd[3] = WlantestCapture(macsec_ifname1, cap_macsec1, netns='ns0')
    time.sleep(0.5)

    logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
    logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
    log_ip_macsec_ns()
    hwsim_utils.test_connectivity(wpas0,
                                  wpas1,
                                  ifname1=macsec_ifname0,
                                  ifname2=macsec_ifname1,
                                  send_len=1400)
    log_ip_macsec_ns()

    subprocess.check_call([
        'ip', 'netns', 'exec', 'ns0', 'ip', 'addr', 'add', '192.168.248.17/30',
        'dev', macsec_ifname0
    ])
    subprocess.check_call([
        'ip', 'netns', 'exec', 'ns1', 'ip', 'addr', 'add', '192.168.248.18/30',
        'dev', macsec_ifname1
    ])
    c = subprocess.Popen(
        ['ip', 'netns', 'exec', 'ns0', 'ping', '-c', '2', '192.168.248.18'],
        stdout=subprocess.PIPE)
    res = c.stdout.read().decode()
    c.stdout.close()
    logger.info("ping:\n" + res)
    if "2 packets transmitted, 2 received" not in res:
        raise Exception("ping did not work")

    wpas0.close_monitor()
    wpas0.request("TERMINATE")
    wpas0.close_control()
    del wpas0
    wpas1.close_monitor()
    wpas1.request("TERMINATE")
    wpas1.close_control()
    del wpas1

    time.sleep(1)
    for i in range(len(cmd)):
        cmd[i].close()
Ejemplo n.º 2
0
def test_grpform_cred_ready_timeout(dev, apdev, params):
    """P2P GO Negotiation wait for credentials to become ready [long]"""
    if not params['long']:
        raise HwsimSkip("Skip test case with long duration due to --long not specified")

    dev[1].p2p_listen()
    addr1 = dev[1].p2p_dev_addr()
    if not dev[0].discover_peer(addr1):
        raise Exception("Peer " + addr1 + " not found")
    if not dev[2].discover_peer(addr1):
        raise Exception("Peer " + addr1 + " not found(2)")

    start = os.times()[4]

    cmd = "P2P_CONNECT " + addr1 + " 12345670 display"
    if "OK" not in dev[0].global_request(cmd):
        raise Exception("Failed to initiate GO Neg")

    if "OK" not in dev[2].global_request(cmd):
        raise Exception("Failed to initiate GO Neg(2)")

    # First, check with p2p_find
    ev = dev[2].wait_global_event(["P2P-GO-NEG-FAILURE"], timeout=30)
    if ev is not None:
        raise Exception("Too early GO Negotiation timeout reported(2)")
    dev[2].dump_monitor()
    logger.info("Starting p2p_find to change state")
    dev[2].p2p_find()
    for i in range(10):
        ev = dev[2].wait_global_event(["P2P-GO-NEG-FAILURE"], timeout=10)
        if ev:
            break
        dev[2].dump_monitor(global_mon=False)
    if ev is None:
        raise Exception("GO Negotiation failure timed out(2)")
    dev[2].dump_monitor()
    end = os.times()[4]
    logger.info("GO Negotiation wait time: {} seconds(2)".format(end - start))
    if end - start < 120:
        raise Exception("Too short GO Negotiation wait time(2): {}".format(end - start))

    wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
    wpas.interface_add("wlan5")

    wpas.p2p_listen()
    ev = dev[2].wait_global_event(["P2P-DEVICE-FOUND"], timeout=10)
    if ev is None:
        raise Exception("Did not discover new device after GO Negotiation failure")
    if wpas.p2p_dev_addr() not in ev:
        raise Exception("Unexpected device found: " + ev)
    dev[2].p2p_stop_find()
    dev[2].dump_monitor()
    wpas.p2p_stop_find()
    wpas.close_monitor()
    del wpas

    # Finally, verify without p2p_find
    ev = dev[0].wait_global_event(["P2P-GO-NEG-FAILURE"], timeout=120)
    if ev is None:
        raise Exception("GO Negotiation failure timed out")
    end = os.times()[4]
    logger.info("GO Negotiation wait time: {} seconds".format(end - start))
    if end - start < 120:
        raise Exception("Too short GO Negotiation wait time: {}".format(end - start))
Ejemplo n.º 3
0
def test_grpform_cred_ready_timeout(dev, apdev, params):
    """P2P GO Negotiation wait for credentials to become ready [long]"""
    if not params['long']:
        raise HwsimSkip("Skip test case with long duration due to --long not specified")

    dev[1].p2p_listen()
    addr1 = dev[1].p2p_dev_addr()
    if not dev[0].discover_peer(addr1):
        raise Exception("Peer " + addr1 + " not found")
    if not dev[2].discover_peer(addr1):
        raise Exception("Peer " + addr1 + " not found(2)")

    start = os.times()[4]

    cmd = "P2P_CONNECT " + addr1 + " 12345670 display"
    if "OK" not in dev[0].global_request(cmd):
        raise Exception("Failed to initiate GO Neg")

    if "OK" not in dev[2].global_request(cmd):
        raise Exception("Failed to initiate GO Neg(2)")

    # First, check with p2p_find
    ev = dev[2].wait_global_event(["P2P-GO-NEG-FAILURE"], timeout=30)
    if ev is not None:
        raise Exception("Too early GO Negotiation timeout reported(2)")
    dev[2].dump_monitor()
    logger.info("Starting p2p_find to change state")
    dev[2].p2p_find()
    for i in range(10):
        ev = dev[2].wait_global_event(["P2P-GO-NEG-FAILURE"], timeout=10)
        if ev:
            break
        dev[2].dump_monitor(global_mon=False)
    if ev is None:
        raise Exception("GO Negotiation failure timed out(2)")
    dev[2].dump_monitor()
    end = os.times()[4]
    logger.info("GO Negotiation wait time: {} seconds(2)".format(end - start))
    if end - start < 120:
        raise Exception("Too short GO Negotiation wait time(2): {}".format(end - start))

    wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
    wpas.interface_add("wlan5")

    wpas.p2p_listen()
    ev = dev[2].wait_global_event(["P2P-DEVICE-FOUND"], timeout=10)
    if ev is None:
        raise Exception("Did not discover new device after GO Negotiation failure")
    if wpas.p2p_dev_addr() not in ev:
        raise Exception("Unexpected device found: " + ev)
    dev[2].p2p_stop_find()
    dev[2].dump_monitor()
    wpas.p2p_stop_find()
    wpas.close_monitor()
    del wpas

    # Finally, verify without p2p_find
    ev = dev[0].wait_global_event(["P2P-GO-NEG-FAILURE"], timeout=120)
    if ev is None:
        raise Exception("GO Negotiation failure timed out")
    end = os.times()[4]
    logger.info("GO Negotiation wait time: {} seconds".format(end - start))
    if end - start < 120:
        raise Exception("Too short GO Negotiation wait time: {}".format(end - start))
Ejemplo n.º 4
0
def run_macsec_psk_ns(dev, apdev, params):
    try:
        subprocess.check_call(["ip", "link", "add", "veth0", "type", "veth",
                               "peer", "name", "veth1"])
    except subprocess.CalledProcessError:
        raise HwsimSkip("veth not supported (kernel CONFIG_VETH)")

    prefix = "macsec_psk_ns"
    conffile = os.path.join(params['logdir'], prefix + ".conf")
    pidfile = os.path.join(params['logdir'], prefix + ".pid")
    logfile0 = os.path.join(params['logdir'], prefix + ".veth0.log")
    logfile1 = os.path.join(params['logdir'], prefix + ".veth1.log")
    cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap")
    cap_veth1 = os.path.join(params['logdir'], prefix + ".veth1.pcap")
    cap_macsec0 = os.path.join(params['logdir'], prefix + ".macsec0.pcap")
    cap_macsec1 = os.path.join(params['logdir'], prefix + ".macsec1.pcap")

    for i in range(2):
        try:
            subprocess.check_call(["ip", "netns", "add", "ns%d" % i])
        except subprocess.CalledProcessError:
            raise HwsimSkip("network namespace not supported (kernel CONFIG_NAMESPACES, CONFIG_NET_NS)")
        subprocess.check_call(["ip", "link", "set", "veth%d" % i,
                               "netns", "ns%d" %i])
        subprocess.check_call(["ip", "netns", "exec", "ns%d" % i,
                               "ip", "link", "set", "dev", "veth%d" % i,
                               "up"])

    cmd = {}
    cmd[0] = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
                               'tcpdump', '-p', '-U', '-i', 'veth0',
                               '-w', cap_veth0, '-s', '2000',
                               '--immediate-mode'],
                              stderr=open('/dev/null', 'w'))
    cmd[1] = subprocess.Popen(['ip', 'netns', 'exec', 'ns1',
                               'tcpdump', '-p', '-U', '-i', 'veth1',
                               '-w', cap_veth1, '-s', '2000',
                               '--immediate-mode'],
                              stderr=open('/dev/null', 'w'))

    write_conf(conffile + '0')
    write_conf(conffile + '1', mka_priority=100)

    prg = os.path.join(params['logdir'],
                       'alt-wpa_supplicant/wpa_supplicant/wpa_supplicant')
    if not os.path.exists(prg):
        prg = '../../wpa_supplicant/wpa_supplicant'

    arg = ["ip", "netns", "exec", "ns0",
           prg, '-BdddtKW', '-P', pidfile + '0', '-f', logfile0,
           '-g', '/tmp/wpas-veth0',
           '-Dmacsec_linux', '-c', conffile + '0', '-i', "veth0"]
    logger.info("Start wpa_supplicant: " + str(arg))
    try:
        subprocess.check_call(arg)
    except subprocess.CalledProcessError:
        raise HwsimSkip("macsec supported (wpa_supplicant CONFIG_MACSEC, CONFIG_DRIVER_MACSEC_LINUX; kernel CONFIG_MACSEC)")

    if os.path.exists("wpa_supplicant-macsec2"):
        logger.info("Use alternative wpa_supplicant binary for one of the macsec devices")
        prg = "wpa_supplicant-macsec2"

    arg = ["ip", "netns", "exec", "ns1",
           prg, '-BdddtKW', '-P', pidfile + '1', '-f', logfile1,
           '-g', '/tmp/wpas-veth1',
           '-Dmacsec_linux', '-c', conffile + '1', '-i', "veth1"]
    logger.info("Start wpa_supplicant: " + str(arg))
    subprocess.check_call(arg)

    wpas0 = WpaSupplicant('veth0', '/tmp/wpas-veth0')
    wpas1 = WpaSupplicant('veth1', '/tmp/wpas-veth1')

    log_ip_macsec_ns()
    log_ip_link_ns()

    logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
    logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
    logger.info("wpas0 STATUS-DRIVER:\n" + wpas0.request("STATUS-DRIVER"))
    logger.info("wpas1 STATUS-DRIVER:\n" + wpas1.request("STATUS-DRIVER"))
    macsec_ifname0 = wpas0.get_driver_status_field("parent_ifname")
    macsec_ifname1 = wpas1.get_driver_status_field("parent_ifname")

    for i in range(10):
        key_tx0 = int(wpas0.get_status_field("Number of Keys Distributed"))
        key_rx0 = int(wpas0.get_status_field("Number of Keys Received"))
        key_tx1 = int(wpas1.get_status_field("Number of Keys Distributed"))
        key_rx1 = int(wpas1.get_status_field("Number of Keys Received"))
        if key_rx0 > 0 and key_tx1 > 0:
            break
        time.sleep(1)

    cmd[2] = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
                               'tcpdump', '-p', '-U', '-i', macsec_ifname0,
                               '-w', cap_macsec0, '-s', '2000',
                               '--immediate-mode'],
                              stderr=open('/dev/null', 'w'))
    cmd[3] = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
                               'tcpdump', '-p', '-U', '-i', macsec_ifname1,
                               '-w', cap_macsec1, '-s', '2000',
                               '--immediate-mode'],
                              stderr=open('/dev/null', 'w'))
    time.sleep(0.5)

    logger.info("wpas0 STATUS:\n" + wpas0.request("STATUS"))
    logger.info("wpas1 STATUS:\n" + wpas1.request("STATUS"))
    log_ip_macsec_ns()
    hwsim_utils.test_connectivity(wpas0, wpas1,
                                  ifname1=macsec_ifname0,
                                  ifname2=macsec_ifname1,
                                  send_len=1400)
    log_ip_macsec_ns()

    subprocess.check_call(['ip', 'netns', 'exec', 'ns0',
                           'ip', 'addr', 'add', '192.168.248.17/30',
                           'dev', macsec_ifname0])
    subprocess.check_call(['ip', 'netns', 'exec', 'ns1',
                           'ip', 'addr', 'add', '192.168.248.18/30',
                           'dev', macsec_ifname1])
    c = subprocess.Popen(['ip', 'netns', 'exec', 'ns0',
                          'ping', '-c', '2', '192.168.248.18'],
                         stdout=subprocess.PIPE)
    res = c.stdout.read().decode()
    c.stdout.close()
    logger.info("ping:\n" + res)
    if "2 packets transmitted, 2 received" not in res:
        raise Exception("ping did not work")

    wpas0.close_monitor()
    wpas0.request("TERMINATE")
    wpas0.close_control()
    del wpas0
    wpas1.close_monitor()
    wpas1.request("TERMINATE")
    wpas1.close_control()
    del wpas1

    time.sleep(1)
    for i in range(len(cmd)):
        cmd[i].terminate()