xref: /spdk/test/keyring/linux.sh (revision 1b0cf447842d86bdb2cd118b7f52d51423f5acb9) 
1#!/usr/bin/env bash
2# SPDX-License-Identifier: BSD-3-Clause
3# Copyright (c) 2024 Intel Corporation.  All rights reserved.
4
5testdir=$(readlink -f "$(dirname "$0")")
6rootdir=$(readlink -f "$testdir/../..")
7
8source "$rootdir/test/common/autotest_common.sh"
9source "$testdir/common.sh"
10
11subnqn="nqn.2016-06.io.spdk:cnode0"
12hostnqn="nqn.2016-06.io.spdk:host0"
13key0="00112233445566778899aabbccddeeff"
14key1="112233445566778899aabbccddeeff00"
15
16get_keysn() { keyctl search @s user "$1"; }
17
18check_keys() {
19	local count=$1 name=$2
20	local sn
21
22	(($(bperf_cmd keyring_get_keys | jq 'length') == count))
23	((count == 0)) && return
24
25	sn=$(get_key "$name" | jq -r ".sn")
26	[[ $(get_keysn $name) == "$sn" ]]
27	[[ $(keyctl print "$sn") == "$(< /tmp/$name)" ]]
28}
29
30unlink_key() {
31	local name=$1 sn
32
33	sn=$(get_keysn ":spdk-test:$name")
34	keyctl unlink "$sn"
35}
36
37cleanup() {
38	for key in key0 key1; do
39		unlink_key $key || :
40	done
41	killprocess $bperfpid || :
42	killprocess $tgtpid || :
43}
44
45trap cleanup EXIT
46
47prep_key "key0" "$key0" 0 "/tmp/:spdk-test:key0"
48prep_key "key1" "$key1" 0 "/tmp/:spdk-test:key1"
49
50"$rootdir/build/bin/spdk_tgt" &
51tgtpid=$!
52
53waitforlisten $tgtpid
54rpc_cmd << CMD
55	nvmf_create_transport -t tcp
56	nvmf_create_subsystem $subnqn
57	bdev_null_create null0 100 4096
58	nvmf_subsystem_add_ns $subnqn null0
59	nvmf_subsystem_add_listener -t tcp -a 127.0.0.1 -s 4420 --secure-channel $subnqn
60	keyring_file_add_key key0 /tmp/:spdk-test:key0
61	nvmf_subsystem_add_host --psk key0 $subnqn $hostnqn
62CMD
63
64# Add a valid key to kernel's keyring and verify that it's possible to use it to establish TLS
65# connection
66keyctl add user ":spdk-test:key0" "$(< /tmp/:spdk-test:key0)" @s
67keyctl add user ":spdk-test:key1" "$(< /tmp/:spdk-test:key1)" @s
68"$rootdir/build/examples/bdevperf" -q 128 -o 4k -w randread -t 1 -m 2 \
69	-r "$bperfsock" -z --wait-for-rpc &
70bperfpid=$!
71
72waitforlisten $bperfpid "$bperfsock"
73bperf_cmd keyring_linux_set_options --enable
74bperf_cmd framework_start_init
75bperf_cmd bdev_nvme_attach_controller -b nvme0 -t tcp -a 127.0.0.1 -s 4420 -f ipv4 \
76	-n $subnqn -q $hostnqn --psk ":spdk-test:key0"
77check_keys 1 ":spdk-test:key0"
78
79"$rootdir/examples/bdev/bdevperf/bdevperf.py" -s "$bperfsock" perform_tests
80bperf_cmd bdev_nvme_detach_controller nvme0
81check_keys 0
82
83# Try to use wrong key
84NOT bperf_cmd bdev_nvme_attach_controller -b nvme0 -t tcp -a 127.0.0.1 -s 4420 -f ipv4 \
85	-n $subnqn -q $hostnqn --psk ":spdk-test:key1"
86