From bc2652b7ae1e1b85b5fbd3621c98a9c743ed89d6 Mon Sep 17 00:00:00 2001
From: Dmitry Safonov <dima@arista.com>
Date: Mon, 21 Sep 2020 15:36:57 +0100
Subject: selftest/net/xfrm: Add test for ipsec tunnel

It's an exhaustive testing for ipsec: covering all encryption/
authentication/compression algorithms. The tests are run in two
network namespaces, connected by veth interfaces. To make exhaustive
testing less time-consuming, the tests are run in parallel tasks,
specified by parameter to the selftest.

As the patches set adds support for xfrm in compatible tasks, there are
tests to check structures that differ in size between 64-bit and 32-bit
applications.
The selftest doesn't use libnl so that it can be easily compiled as
compatible application and don't require compatible .so.

Here is a diagram of the selftest:

                           ---------------
                           |  selftest   |
                           |  (parent)   |
                           ---------------
                              |        |
                              | (pipe) |
                              ----------
                             /   |  |   \
               /-------------   /    \   -------------\
               |          /-----      -----\          |
      ---------|----------|----------------|----------|---------
      |   ---------   ---------        ---------   ---------   |
      |   | child |   | child |  NS A  | child |   | child |   |
      |   ---------   ---------        ---------   ---------   |
      -------|------------|----------------|-------------|------
           veth0        veth1            veth2         vethN
    ---------|------------|----------------|-------------|----------
    | ------------  ------------       ------------   ------------ |
    | | gr.child |  | gr.child | NS B  | gr.child |   | gr.child | |
    | ------------  ------------       ------------   ------------ |
    ----------------------------------------------------------------

The parent sends the description of a test (xfrm parameters) to the
child, the child and grand child setup a tunnel over veth interface and
test it by sending udp packets.

Cc: Shuah Khan <shuah@kernel.org>
Cc: linux-kselftest@vger.kernel.org
Signed-off-by: Dmitry Safonov <dima@arista.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 MAINTAINERS | 1 +
 1 file changed, 1 insertion(+)

(limited to 'MAINTAINERS')

diff --git a/MAINTAINERS b/MAINTAINERS
index 9a545a631f0d..9f098c7d64fb 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -12145,6 +12145,7 @@ F:	net/ipv6/ipcomp6.c
 F:	net/ipv6/xfrm*
 F:	net/key/
 F:	net/xfrm/
+F:	tools/testing/selftests/net/ipsec.c
 
 NETWORKING [IPv4/IPv6]
 M:	"David S. Miller" <davem@davemloft.net>
-- 
cgit v1.2.3