From: Jakub Kicinski <kuba@kernel.org>
To: Dmitry Safonov <dima@arista.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>, Shuah Khan <shuah@kernel.org>,
Dmitry Safonov <0x7f454c46@gmail.com>,
Mohammad Nassiri <mnassiri@ciena.com>,
netdev@vger.kernel.org, linux-kselftest@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 0/3] selftests/net: A couple of typos fixes in key-management test
Date: Wed, 24 Jan 2024 11:04:31 -0800 [thread overview]
Message-ID: <20240124110431.3c3eba9a@kernel.org> (raw)
In-Reply-To: <1ad64e3d-5252-4aaf-82be-5162edd1e781@arista.com>
On Wed, 24 Jan 2024 17:46:10 +0000 Dmitry Safonov wrote:
> >> Thanks!
> >>
> >> I'll send a patch for it in version 2 (as I anyway need to address
> >> Simon's feedback).
> >
> > Hi Dmitry!
> >
> > I put TCP_AO and VETH in the config and the tests seem to fail with
>
> Thanks for wiring it up and for https://netdev.bots.linux.dev/status.html!
>
> > selftests: net/tcp_ao: rst_ipv4
> > not ok 1 # error 834[lib/kconfig.c:143] Failed to initialize kconfig 2: No such file or directory
> > # Planned tests != run tests (0 != 1)
> > # Totals: pass:0 fail:0 xfail:0 xpass:0 skip:0 error:1
>
> Hehe, yeah I wanted to detect kernels with !CONFIG_TCP_AO, to SKIP the
> test, rather than FAIL it, which this lib/kconfig.c does.
> But from a glance, I think it's failing in your run because there are
> checks with and without TCP_AO, but I didn't think of checking for
> the hashing algorithms support.
>
> I think what happens is has_tcp_ao():
> : strcpy(tmp.alg_name, "hmac(sha1)");
> ...
> : if (setsockopt(sk, IPPROTO_TCP, TCP_AO_ADD_KEY, &tmp, sizeof(tmp)) < 0)
>
> Could you check that what I suppose is failing, is actually failing?
> [dima@Mindolluin linux-master]$ grep -e '\<CONFIG_CRYPTO_SHA1\>' -e
> '\<CONFIG_CRYPTO_HMAC\>' .config
> CONFIG_CRYPTO_HMAC=y
> CONFIG_CRYPTO_SHA1=y
FWIW the config used is uploaded with the results. If you click on
the remote it should take you to a location like this:
https://netdev-2.bots.linux.dev/vmksft-tcp-ao/results/435369/
and there should be a config file in there.
> If that's the case, I'll add the detection for hashing algorithms to
> lib/kconfig.c (together with a patch for
> tools/testing/selftests/net/config).
> And also heads up for key-management.c - that tries a bunch of hashing
> algorithms to check that the work and that the key rotation between
> different algorithms works:
>
> : const char *test_algos[] = {
> : "cmac(aes128)",
> : "hmac(sha1)", "hmac(sha512)", "hmac(sha384)", "hmac(sha256)",
> : "hmac(sha224)", "hmac(sha3-512)",
> : /* only if !CONFIG_FIPS */
> : #define TEST_NON_FIPS_ALGOS 2
> : "hmac(rmd160)", "hmac(md5)"
> : };
I was stuck in a meeting and I started playing around with the options
for TCP-AO :) I added these options now:
CONFIG_CRYPTO_HMAC=y
CONFIG_CRYPTO_SHA1=y
CONFIG_CRYPTO_RMD160=y
CONFIG_IPV6=y
CONFIG_TCP_AO=y
CONFIG_TCP_MD5SIG=y
CONFIG_VETH=m
And it looks much better! There are still some failures:
https://netdev.bots.linux.dev/contest.html?branch=net-next-2024-01-24--18-00&executor=vmksft-tcp-ao
I added VRF so that should hopefully take care of the MD5 skips
on the next run. But the failures of the rst-ip* tests don't look
like an obvious config problem.
next prev parent reply other threads:[~2024-01-24 19:04 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-18 2:51 [PATCH 0/3] selftests/net: A couple of typos fixes in key-management test Dmitry Safonov
2024-01-18 2:51 ` [PATCH 1/3] selftests/net: Argument value mismatch when calling verify_counters() Dmitry Safonov
2024-01-19 16:26 ` Simon Horman
2024-01-19 18:35 ` Dmitry Safonov
2024-01-18 2:51 ` [PATCH 2/3] selftests/net: Rectify key counters checks Dmitry Safonov
2024-01-18 2:51 ` [PATCH 3/3] selftests/net: Clean-up double assignment Dmitry Safonov
2024-01-19 16:25 ` Simon Horman
2024-01-19 18:37 ` Dmitry Safonov
2024-01-19 20:44 ` Simon Horman
2024-01-18 16:51 ` [PATCH 0/3] selftests/net: A couple of typos fixes in key-management test Jakub Kicinski
2024-01-18 17:04 ` Dmitry Safonov
2024-01-18 17:13 ` Jakub Kicinski
2024-01-19 18:39 ` Dmitry Safonov
2024-01-24 15:12 ` Jakub Kicinski
2024-01-24 17:46 ` Dmitry Safonov
2024-01-24 19:04 ` Jakub Kicinski [this message]
2024-01-24 19:59 ` Dmitry Safonov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240124110431.3c3eba9a@kernel.org \
--to=kuba@kernel.org \
--cc=0x7f454c46@gmail.com \
--cc=davem@davemloft.net \
--cc=dima@arista.com \
--cc=edumazet@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mnassiri@ciena.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).