1#!/usr/bin/env bash 2# SPDX-License-Identifier: BSD-3-Clause 3# All rights reserved. 4# 5 6testdir=$(readlink -f $(dirname $0)) 7rootdir=$(readlink -f $testdir/../../..) 8 9source $rootdir/test/common/autotest_common.sh 10source $rootdir/test/nvmf/common.sh 11 12rpc_py="$rootdir/scripts/rpc.py" 13 14cleanup() { 15 process_shm --id $NVMF_APP_SHM_ID || true 16 killprocess $bdevperf_pid 17 nvmftestfini || true 18 rm -f $key_path $key_2_path $key_long_path 19} 20 21function run_bdevperf() { 22 local subnqn hostnqn psk 23 subnqn=$1 hostnqn=$2 psk=${3:+--psk $3} 24 25 bdevperf_rpc_sock=/var/tmp/bdevperf.sock 26 # use bdevperf to test "bdev_nvme_attach_controller" 27 $rootdir/build/examples/bdevperf -m 0x4 -z -r $bdevperf_rpc_sock -q 128 -o 4096 -w verify -t 10 "${NO_HUGE[@]}" & 28 bdevperf_pid=$! 29 30 trap 'cleanup; exit 1' SIGINT SIGTERM EXIT 31 waitforlisten $bdevperf_pid $bdevperf_rpc_sock 32 33 # send RPC 34 if ! $rpc_py -s $bdevperf_rpc_sock bdev_nvme_attach_controller -b TLSTEST -t $TEST_TRANSPORT \ 35 -a $NVMF_FIRST_TARGET_IP -s $NVMF_PORT -f ipv4 -n "$subnqn" -q "$hostnqn" $psk; then 36 killprocess $bdevperf_pid 37 return 1 38 fi 39 40 # run I/O and wait 41 $rootdir/examples/bdev/bdevperf/bdevperf.py -t 20 -s $bdevperf_rpc_sock perform_tests 42 43 # finish 44 trap 'nvmftestfini; exit 1' SIGINT SIGTERM EXIT 45 killprocess $bdevperf_pid 46} 47 48setup_nvmf_tgt() { 49 local key=$1 50 51 $rpc_py nvmf_create_transport $NVMF_TRANSPORT_OPTS 52 $rpc_py nvmf_create_subsystem nqn.2016-06.io.spdk:cnode1 -s SPDK00000000000001 -m 10 53 $rpc_py nvmf_subsystem_add_listener nqn.2016-06.io.spdk:cnode1 -t $TEST_TRANSPORT \ 54 -a $NVMF_FIRST_TARGET_IP -s $NVMF_PORT -k 55 $rpc_py bdev_malloc_create 32 4096 -b malloc0 56 $rpc_py nvmf_subsystem_add_ns nqn.2016-06.io.spdk:cnode1 malloc0 -n 1 57 58 $rpc_py nvmf_subsystem_add_host nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host1 \ 59 --psk $key 60} 61 62nvmftestinit 63nvmfappstart -m 0x2 --wait-for-rpc 64 65if [ "$TEST_TRANSPORT" != tcp ]; then 66 echo "Unsupported transport: $TEST_TRANSPORT" 67 exit 0 68fi 69 70$rpc_py sock_set_default_impl -i ssl 71 72# Check default TLS version 73version=$($rpc_py sock_impl_get_options -i ssl | jq -r .tls_version) 74if [[ "$version" != "0" ]]; then 75 echo "TLS version was not set correctly $version != 0" 76 exit 1 77fi 78 79# Check TLS version set to 13 80$rpc_py sock_impl_set_options -i ssl --tls-version 13 81version=$($rpc_py sock_impl_get_options -i ssl | jq -r .tls_version) 82if [[ "$version" != "13" ]]; then 83 echo "TLS version was not set correctly $version != 13" 84 exit 1 85fi 86 87# Check incorrect TLS version set to 7 88$rpc_py sock_impl_set_options -i ssl --tls-version 7 89version=$($rpc_py sock_impl_get_options -i ssl | jq -r .tls_version) 90if [[ "$version" != "7" ]]; then 91 echo "TLS version was not set correctly $version != 7" 92 exit 1 93fi 94 95# Check default KTLS is disabled 96ktls=$($rpc_py sock_impl_get_options -i ssl | jq -r .enable_ktls) 97if [[ "$ktls" != "false" ]]; then 98 echo "KTLS was not set correctly $ktls != false" 99 exit 1 100fi 101 102# Check KTLS enable 103$rpc_py sock_impl_set_options -i ssl --enable-ktls 104ktls=$($rpc_py sock_impl_get_options -i ssl | jq -r .enable_ktls) 105if [[ "$ktls" != "true" ]]; then 106 echo "KTLS was not set correctly $ktls != true" 107 exit 1 108fi 109 110# Check KTLS disable 111$rpc_py sock_impl_set_options -i ssl --disable-ktls 112ktls=$($rpc_py sock_impl_get_options -i ssl | jq -r .enable_ktls) 113if [[ "$ktls" != "false" ]]; then 114 echo "KTLS was not set correctly $ktls != false" 115 exit 1 116fi 117 118key=$(format_interchange_psk 00112233445566778899aabbccddeeff 1) 119key_2=$(format_interchange_psk ffeeddccbbaa99887766554433221100 1) 120 121key_path=$(mktemp) 122key_2_path=$(mktemp) 123 124echo -n "$key" > $key_path 125echo -n "$key_2" > $key_2_path 126 127chmod 0600 $key_path 128chmod 0600 $key_2_path 129 130$rpc_py sock_impl_set_options -i ssl --tls-version 13 131$rpc_py framework_start_init 132 133setup_nvmf_tgt $key_path 134 135# Test #1 - test connectivity with perf and bdevperf application 136# Check connectivity with nvmeperf" 137"${NVMF_TARGET_NS_CMD[@]}" $SPDK_BIN_DIR/spdk_nvme_perf -S ssl -q 64 -o 4096 -w randrw -M 30 -t 10 \ 138 -r "trtype:${TEST_TRANSPORT} adrfam:IPv4 traddr:${NVMF_FIRST_TARGET_IP} trsvcid:${NVMF_PORT} \ 139subnqn:nqn.2016-06.io.spdk:cnode1 hostnqn:nqn.2016-06.io.spdk:host1" \ 140 --psk-path $key_path "${NO_HUGE[@]}" 141 142# Check connectivity with bdevperf with 32 bytes long key 143run_bdevperf nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host1 "$key_path" 144 145# Test #2 - test if it is possible to connect with different PSK 146NOT run_bdevperf nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host1 "$key_2_path" 147 148# Test #3 - test if it is possible to connect with different hostnqn 149NOT run_bdevperf nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host2 "$key_path" 150 151# Test #4 - test if it is possible to connect with different subnqn 152NOT run_bdevperf nqn.2016-06.io.spdk:cnode2 nqn.2016-06.io.spdk:host1 "$key_path" 153 154# Test #5 - test if it is possible to connect with POSIX socket to SSL socket (no credentials provided) 155NOT run_bdevperf nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host1 "" 156 157# Test #6 - check connectivity with bdevperf, but with 48 bytes long key 158killprocess $nvmfpid 159key_long=$(format_interchange_psk 00112233445566778899aabbccddeeff0011223344556677 2) 160key_long_path=$(mktemp) 161echo -n "$key_long" > $key_long_path 162chmod 0600 $key_long_path 163nvmfappstart -m 0x2 164 165setup_nvmf_tgt $key_long_path 166 167run_bdevperf nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host1 "$key_long_path" 168 169# Test #7 - check if it is possible to connect with incorrect permissions 170chmod 0666 $key_long_path 171NOT run_bdevperf nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host1 "$key_long_path" 172 173# Test #8 - check if it is possible to setup nvmf_tgt with PSK with incorrect permissions 174killprocess $nvmfpid 175nvmfappstart -m 0x2 176 177NOT setup_nvmf_tgt $key_long_path 178 179# Test #9 - test saving/loading JSON configuration by connecting to bdevperf 180killprocess $nvmfpid 181chmod 0600 $key_long_path 182 183# Run both applications just to get their JSON configs 184nvmfappstart -m 0x2 185setup_nvmf_tgt $key_long_path 186 187$rootdir/build/examples/bdevperf -m 0x4 -z -r $bdevperf_rpc_sock -q 128 -o 4096 -w verify -t 10 "${NO_HUGE[@]}" & 188bdevperf_pid=$! 189 190trap 'cleanup; exit 1' SIGINT SIGTERM EXIT 191waitforlisten $bdevperf_pid $bdevperf_rpc_sock 192$rpc_py -s $bdevperf_rpc_sock bdev_nvme_attach_controller -b TLSTEST -t $TEST_TRANSPORT \ 193 -a $NVMF_FIRST_TARGET_IP -s $NVMF_PORT -f ipv4 -n nqn.2016-06.io.spdk:cnode1 \ 194 -q nqn.2016-06.io.spdk:host1 --psk $key_long_path 195 196tgtconf=$($rpc_py save_config) 197bdevperfconf=$($rpc_py -s $bdevperf_rpc_sock save_config) 198 199killprocess $bdevperf_pid 200killprocess $nvmfpid 201 202# Launch apps with configs 203nvmfappstart -m 0x2 -c <(echo "$tgtconf") 204$rootdir/build/examples/bdevperf -m 0x4 -z -r $bdevperf_rpc_sock -q 128 -o 4096 -w verify -t 10 \ 205 -c <(echo "$bdevperfconf") "${NO_HUGE[@]}" & 206 207bdevperf_pid=$! 208waitforlisten $bdevperf_pid $bdevperf_rpc_sock 209 210# Run I/O 211$rootdir/examples/bdev/bdevperf/bdevperf.py -t 20 -s $bdevperf_rpc_sock perform_tests 212 213trap 'nvmftestfini; exit 1' SIGINT SIGTERM EXIT 214killprocess $bdevperf_pid 215killprocess $nvmfpid 216 217# Load the keys using keyring 218nvmfappstart 219setup_nvmf_tgt "$key_long_path" 220"$rootdir/build/examples/bdevperf" -m 2 -z -r "$bdevperf_rpc_sock" \ 221 -q 128 -o 4k -w verify -t 1 "${NO_HUGE[@]}" & 222bdevperf_pid=$! 223 224trap 'cleanup; exit 1' SIGINT SIGTERM EXIT 225waitforlisten "$bdevperf_pid" "$bdevperf_rpc_sock" 226 227"$rpc_py" -s "$bdevperf_rpc_sock" keyring_file_add_key key0 "$key_long_path" 228"$rpc_py" -s "$bdevperf_rpc_sock" bdev_nvme_attach_controller -b nvme0 -t tcp \ 229 -a $NVMF_FIRST_TARGET_IP -s $NVMF_PORT -f ipv4 --psk key0 \ 230 -n "nqn.2016-06.io.spdk:cnode1" -q "nqn.2016-06.io.spdk:host1" 231 232"$rootdir/examples/bdev/bdevperf/bdevperf.py" -s "$bdevperf_rpc_sock" perform_tests 233 234killprocess $bdevperf_pid 235killprocess $nvmfpid 236 237# Check the same, but this time, use keyring on the target side too 238# Additionally, use '-S ssl' instead of '-k' when adding the listener 239# as they *should* be the same 240nvmfappstart 241rpc_cmd << CONFIG 242 nvmf_create_transport $NVMF_TRANSPORT_OPTS 243 bdev_malloc_create 32 4096 -b malloc0 244 nvmf_create_subsystem nqn.2016-06.io.spdk:cnode1 245 nvmf_subsystem_add_listener nqn.2016-06.io.spdk:cnode1 -t tcp \ 246 -a $NVMF_FIRST_TARGET_IP -s $NVMF_PORT -S ssl 247 nvmf_subsystem_add_ns nqn.2016-06.io.spdk:cnode1 malloc0 248 keyring_file_add_key key0 "$key_long_path" 249 nvmf_subsystem_add_host nqn.2016-06.io.spdk:cnode1 nqn.2016-06.io.spdk:host1 --psk key0 250CONFIG 251 252"$rootdir/build/examples/bdevperf" -m 2 -z -r "$bdevperf_rpc_sock" \ 253 -q 128 -o 4k -w verify -t 1 "${NO_HUGE[@]}" & 254bdevperf_pid=$! 255 256waitforlisten "$bdevperf_pid" "$bdevperf_rpc_sock" 257"$rpc_py" -s "$bdevperf_rpc_sock" keyring_file_add_key key0 "$key_long_path" 258"$rpc_py" -s "$bdevperf_rpc_sock" bdev_nvme_attach_controller -b nvme0 -t tcp \ 259 -a $NVMF_FIRST_TARGET_IP -s $NVMF_PORT -f ipv4 --psk key0 \ 260 -n "nqn.2016-06.io.spdk:cnode1" -q "nqn.2016-06.io.spdk:host1" 261 262"$rootdir/examples/bdev/bdevperf/bdevperf.py" -s "$bdevperf_rpc_sock" perform_tests 263 264# Check save/load config 265tgtcfg=$(rpc_cmd save_config) 266bperfcfg=$("$rpc_py" -s "$bdevperf_rpc_sock" save_config) 267 268killprocess $bdevperf_pid 269killprocess $nvmfpid 270 271nvmfappstart -c <(echo "$tgtcfg") 272"$rootdir/build/examples/bdevperf" -m 2 -z -r "$bdevperf_rpc_sock" \ 273 -q 128 -o 4k -w verify -t 1 "${NO_HUGE[@]}" -c <(echo "$bperfcfg") & 274bdevperf_pid=$! 275waitforlisten "$bdevperf_pid" "$bdevperf_rpc_sock" 276 277[[ $("$rpc_py" -s "$bdevperf_rpc_sock" bdev_nvme_get_controllers | jq -r '.[].name') == "nvme0" ]] 278"$rootdir/examples/bdev/bdevperf/bdevperf.py" -s "$bdevperf_rpc_sock" perform_tests 279 280trap - SIGINT SIGTERM EXIT 281cleanup 282