A TODO in net/ipsec.c asks to refactor the code in xfrm_fill_key() to
use set/map to avoid manually comparing each algorithm with the "name"
parameter passed to the function as an argument. This patch refactors
the code to create an array of structs where each struct contains the
algorithm name and its corresponding key length.
Signed-off-by: Gautam Menghani <[email protected]>
---
tools/testing/selftests/net/ipsec.c | 108 +++++++++++++---------------
1 file changed, 49 insertions(+), 59 deletions(-)
diff --git a/tools/testing/selftests/net/ipsec.c b/tools/testing/selftests/net/ipsec.c
index cc10c10c5ed9..82d3f9256b84 100644
--- a/tools/testing/selftests/net/ipsec.c
+++ b/tools/testing/selftests/net/ipsec.c
@@ -58,6 +58,8 @@
#define VETH_FMT "ktst-%d"
#define VETH_LEN 12
+#define XFRM_ALGO_NR_KEYS 29
+
static int nsfd_parent = -1;
static int nsfd_childa = -1;
static int nsfd_childb = -1;
@@ -75,6 +77,46 @@ const unsigned int ping_timeout = 300;
const unsigned int ping_count = 100;
const unsigned int ping_success = 80;
+static struct xfrm_key_entry {
+ char algo_name[35];
+ int key_len;
+};
+
+static struct xfrm_key_entry xfrm_key_entries[XFRM_ALGO_NR_KEYS];
+
+static void init_xfrm_algo_keys(void)
+{
+ xfrm_key_entries[0] = (struct xfrm_key_entry) {"digest_null", 0};
+ xfrm_key_entries[1] = (struct xfrm_key_entry) {"ecb(cipher_null)", 0};
+ xfrm_key_entries[2] = (struct xfrm_key_entry) {"cbc(des)", 64};
+ xfrm_key_entries[3] = (struct xfrm_key_entry) {"hmac(md5)", 128};
+ xfrm_key_entries[4] = (struct xfrm_key_entry) {"cmac(aes)", 128};
+ xfrm_key_entries[5] = (struct xfrm_key_entry) {"xcbc(aes)", 128};
+ xfrm_key_entries[6] = (struct xfrm_key_entry) {"cbc(cast5)", 128};
+ xfrm_key_entries[7] = (struct xfrm_key_entry) {"cbc(serpent)", 128};
+ xfrm_key_entries[8] = (struct xfrm_key_entry) {"hmac(sha1)", 160};
+ xfrm_key_entries[9] = (struct xfrm_key_entry) {"hmac(rmd160)", 160};
+ xfrm_key_entries[10] = (struct xfrm_key_entry) {"cbc(des3_ede)", 192};
+ xfrm_key_entries[11] = (struct xfrm_key_entry) {"hmac(sha256)", 256};
+ xfrm_key_entries[12] = (struct xfrm_key_entry) {"cbc(aes)", 256};
+ xfrm_key_entries[13] = (struct xfrm_key_entry) {"cbc(camellia)", 256};
+ xfrm_key_entries[14] = (struct xfrm_key_entry) {"cbc(twofish)", 256};
+ xfrm_key_entries[15] = (struct xfrm_key_entry) {"rfc3686(ctr(aes))", 288};
+ xfrm_key_entries[16] = (struct xfrm_key_entry) {"hmac(sha384)", 384};
+ xfrm_key_entries[17] = (struct xfrm_key_entry) {"cbc(blowfish)", 448};
+ xfrm_key_entries[18] = (struct xfrm_key_entry) {"hmac(sha512)", 512};
+ xfrm_key_entries[19] = (struct xfrm_key_entry) {"rfc4106(gcm(aes))-128", 160};
+ xfrm_key_entries[20] = (struct xfrm_key_entry) {"rfc4543(gcm(aes))-128", 160};
+ xfrm_key_entries[21] = (struct xfrm_key_entry) {"rfc4309(ccm(aes))-128", 152};
+ xfrm_key_entries[22] = (struct xfrm_key_entry) {"rfc4106(gcm(aes))-192", 224};
+ xfrm_key_entries[23] = (struct xfrm_key_entry) {"rfc4543(gcm(aes))-192", 224};
+ xfrm_key_entries[24] = (struct xfrm_key_entry) {"rfc4309(ccm(aes))-192", 216};
+ xfrm_key_entries[25] = (struct xfrm_key_entry) {"rfc4106(gcm(aes))-256", 288};
+ xfrm_key_entries[26] = (struct xfrm_key_entry) {"rfc4543(gcm(aes))-256", 288};
+ xfrm_key_entries[27] = (struct xfrm_key_entry) {"rfc4309(ccm(aes))-256", 280};
+ xfrm_key_entries[28] = (struct xfrm_key_entry) {"rfc7539(chacha20,poly1305)-128", 0};
+}
+
static void randomize_buffer(void *buf, size_t buflen)
{
int *p = (int *)buf;
@@ -767,65 +809,12 @@ static int do_ping(int cmd_fd, char *buf, size_t buf_len, struct in_addr from,
static int xfrm_fill_key(char *name, char *buf,
size_t buf_len, unsigned int *key_len)
{
- /* TODO: use set/map instead */
- if (strncmp(name, "digest_null", ALGO_LEN) == 0)
- *key_len = 0;
- else if (strncmp(name, "ecb(cipher_null)", ALGO_LEN) == 0)
- *key_len = 0;
- else if (strncmp(name, "cbc(des)", ALGO_LEN) == 0)
- *key_len = 64;
- else if (strncmp(name, "hmac(md5)", ALGO_LEN) == 0)
- *key_len = 128;
- else if (strncmp(name, "cmac(aes)", ALGO_LEN) == 0)
- *key_len = 128;
- else if (strncmp(name, "xcbc(aes)", ALGO_LEN) == 0)
- *key_len = 128;
- else if (strncmp(name, "cbc(cast5)", ALGO_LEN) == 0)
- *key_len = 128;
- else if (strncmp(name, "cbc(serpent)", ALGO_LEN) == 0)
- *key_len = 128;
- else if (strncmp(name, "hmac(sha1)", ALGO_LEN) == 0)
- *key_len = 160;
- else if (strncmp(name, "hmac(rmd160)", ALGO_LEN) == 0)
- *key_len = 160;
- else if (strncmp(name, "cbc(des3_ede)", ALGO_LEN) == 0)
- *key_len = 192;
- else if (strncmp(name, "hmac(sha256)", ALGO_LEN) == 0)
- *key_len = 256;
- else if (strncmp(name, "cbc(aes)", ALGO_LEN) == 0)
- *key_len = 256;
- else if (strncmp(name, "cbc(camellia)", ALGO_LEN) == 0)
- *key_len = 256;
- else if (strncmp(name, "cbc(twofish)", ALGO_LEN) == 0)
- *key_len = 256;
- else if (strncmp(name, "rfc3686(ctr(aes))", ALGO_LEN) == 0)
- *key_len = 288;
- else if (strncmp(name, "hmac(sha384)", ALGO_LEN) == 0)
- *key_len = 384;
- else if (strncmp(name, "cbc(blowfish)", ALGO_LEN) == 0)
- *key_len = 448;
- else if (strncmp(name, "hmac(sha512)", ALGO_LEN) == 0)
- *key_len = 512;
- else if (strncmp(name, "rfc4106(gcm(aes))-128", ALGO_LEN) == 0)
- *key_len = 160;
- else if (strncmp(name, "rfc4543(gcm(aes))-128", ALGO_LEN) == 0)
- *key_len = 160;
- else if (strncmp(name, "rfc4309(ccm(aes))-128", ALGO_LEN) == 0)
- *key_len = 152;
- else if (strncmp(name, "rfc4106(gcm(aes))-192", ALGO_LEN) == 0)
- *key_len = 224;
- else if (strncmp(name, "rfc4543(gcm(aes))-192", ALGO_LEN) == 0)
- *key_len = 224;
- else if (strncmp(name, "rfc4309(ccm(aes))-192", ALGO_LEN) == 0)
- *key_len = 216;
- else if (strncmp(name, "rfc4106(gcm(aes))-256", ALGO_LEN) == 0)
- *key_len = 288;
- else if (strncmp(name, "rfc4543(gcm(aes))-256", ALGO_LEN) == 0)
- *key_len = 288;
- else if (strncmp(name, "rfc4309(ccm(aes))-256", ALGO_LEN) == 0)
- *key_len = 280;
- else if (strncmp(name, "rfc7539(chacha20,poly1305)-128", ALGO_LEN) == 0)
- *key_len = 0;
+ int i = 0;
+
+ for (int i = 0; i < XFRM_ALGO_NR_KEYS; i++) {
+ if (strncmp(name, xfrm_key_entries[i].algo_name, ALGO_LEN) == 0)
+ *key_len = xfrm_key_entries[i].key_len;
+ }
if (*key_len > buf_len) {
printk("Can't pack a key - too big for buffer");
@@ -2305,6 +2294,7 @@ int main(int argc, char **argv)
}
}
+ init_xfrm_algo_keys();
srand(time(NULL));
page_size = sysconf(_SC_PAGESIZE);
if (page_size < 1)
--
2.34.1
Hi Gautam,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on klassert-ipsec-next/master]
[also build test WARNING on klassert-ipsec/master net-next/master net/master linus/master v5.19 next-20220728]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Gautam-Menghani/selftests-net-Refactor-xfrm_fill_key-to-use-array-of-structs/20220801-010446
base: https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git master
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
reproduce:
# https://github.com/intel-lab-lkp/linux/commit/deea0844458f9991c45aff2949b7180a95105752
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Gautam-Menghani/selftests-net-Refactor-xfrm_fill_key-to-use-array-of-structs/20220801-010446
git checkout deea0844458f9991c45aff2949b7180a95105752
make O=/tmp/kselftest headers
make O=/tmp/kselftest -C tools/testing/selftests
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <[email protected]>
All warnings (new ones prefixed by >>):
>> ipsec.c:83:1: warning: useless storage class specifier in empty declaration
83 | };
| ^
ipsec.c: In function 'xfrm_fill_key':
>> ipsec.c:812:13: warning: unused variable 'i' [-Wunused-variable]
812 | int i = 0;
| ^
--
0-DAY CI Kernel Test Service
https://01.org/lkp