| // SPDX-License-Identifier: GPL-2.0 |
| /* Check what features does the kernel support (where the selftest is running). |
| * Somewhat inspired by CRIU kerndat/kdat kernel features detector. |
| */ |
| #include <pthread.h> |
| #include "aolib.h" |
| |
| struct kconfig_t { |
| int _errno; /* the returned error if not supported */ |
| int (*check_kconfig)(int *error); |
| }; |
| |
| static int has_net_ns(int *err) |
| { |
| if (access("/proc/self/ns/net", F_OK) < 0) { |
| *err = errno; |
| if (errno == ENOENT) |
| return 0; |
| test_print("Unable to access /proc/self/ns/net: %m"); |
| return -errno; |
| } |
| return *err = errno = 0; |
| } |
| |
| static int has_veth(int *err) |
| { |
| int orig_netns, ns_a, ns_b; |
| |
| orig_netns = open_netns(); |
| ns_a = unshare_open_netns(); |
| ns_b = unshare_open_netns(); |
| |
| *err = add_veth("check_veth", ns_a, ns_b); |
| |
| switch_ns(orig_netns); |
| close(orig_netns); |
| close(ns_a); |
| close(ns_b); |
| return 0; |
| } |
| |
| static int has_tcp_ao(int *err) |
| { |
| struct sockaddr_in addr = { |
| .sin_family = test_family, |
| }; |
| struct tcp_ao_add tmp = {}; |
| const char *password = DEFAULT_TEST_PASSWORD; |
| int sk, ret = 0; |
| |
| sk = socket(test_family, SOCK_STREAM, IPPROTO_TCP); |
| if (sk < 0) { |
| test_print("socket(): %m"); |
| return -errno; |
| } |
| |
| tmp.sndid = 100; |
| tmp.rcvid = 100; |
| tmp.keylen = strlen(password); |
| memcpy(tmp.key, password, strlen(password)); |
| strcpy(tmp.alg_name, "hmac(sha1)"); |
| memcpy(&tmp.addr, &addr, sizeof(addr)); |
| *err = 0; |
| if (setsockopt(sk, IPPROTO_TCP, TCP_AO_ADD_KEY, &tmp, sizeof(tmp)) < 0) { |
| *err = errno; |
| if (errno != ENOPROTOOPT) |
| ret = -errno; |
| } |
| close(sk); |
| return ret; |
| } |
| |
| static int has_tcp_md5(int *err) |
| { |
| union tcp_addr addr_any = {}; |
| int sk, ret = 0; |
| |
| sk = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); |
| if (sk < 0) { |
| test_print("socket(): %m"); |
| return -errno; |
| } |
| |
| /* |
| * Under CONFIG_CRYPTO_FIPS=y it fails with ENOMEM, rather with |
| * anything more descriptive. Oh well. |
| */ |
| *err = 0; |
| if (test_set_md5(sk, addr_any, 0, -1, DEFAULT_TEST_PASSWORD)) { |
| *err = errno; |
| if (errno != ENOPROTOOPT && errno == ENOMEM) { |
| test_print("setsockopt(TCP_MD5SIG_EXT): %m"); |
| ret = -errno; |
| } |
| } |
| close(sk); |
| return ret; |
| } |
| |
| static int has_vrfs(int *err) |
| { |
| int orig_netns, ns_test, ret = 0; |
| |
| orig_netns = open_netns(); |
| ns_test = unshare_open_netns(); |
| |
| *err = add_vrf("ksft-check", 55, 101, ns_test); |
| if (*err && *err != -EOPNOTSUPP) { |
| test_print("Failed to add a VRF: %d", *err); |
| ret = *err; |
| } |
| |
| switch_ns(orig_netns); |
| close(orig_netns); |
| close(ns_test); |
| return ret; |
| } |
| |
| static pthread_mutex_t kconfig_lock = PTHREAD_MUTEX_INITIALIZER; |
| static struct kconfig_t kconfig[__KCONFIG_LAST__] = { |
| { -1, has_net_ns }, |
| { -1, has_veth }, |
| { -1, has_tcp_ao }, |
| { -1, has_tcp_md5 }, |
| { -1, has_vrfs }, |
| }; |
| |
| const char *tests_skip_reason[__KCONFIG_LAST__] = { |
| "Tests require network namespaces support (CONFIG_NET_NS)", |
| "Tests require veth support (CONFIG_VETH)", |
| "Tests require TCP-AO support (CONFIG_TCP_AO)", |
| "setsockopt(TCP_MD5SIG_EXT) is not supported (CONFIG_TCP_MD5)", |
| "VRFs are not supported (CONFIG_NET_VRF)", |
| }; |
| |
| bool kernel_config_has(enum test_needs_kconfig k) |
| { |
| bool ret; |
| |
| pthread_mutex_lock(&kconfig_lock); |
| if (kconfig[k]._errno == -1) { |
| if (kconfig[k].check_kconfig(&kconfig[k]._errno)) |
| test_error("Failed to initialize kconfig %u", k); |
| } |
| ret = kconfig[k]._errno == 0; |
| pthread_mutex_unlock(&kconfig_lock); |
| return ret; |
| } |