tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4source lib.sh
5
6timeout=4m
7ret=0
8tmp=$(mktemp)
9cleanup() {
10 cleanup_all_ns
11 rm -f "$tmp"
12}
13
14trap cleanup EXIT
15
16maxpolicies=100000
17[ "$KSFT_MACHINE_SLOW" = "yes" ] && maxpolicies=10000
18
19do_dummies4() {
20 local dir="$1"
21 local max="$2"
22
23 local policies
24 local pfx
25 pfx=30
26 policies=0
27
28 ip netns exec "$ns" ip xfrm policy flush
29
30 for i in $(seq 1 100);do
31 local s
32 local d
33 for j in $(seq 1 255);do
34 s=$((i+0))
35 d=$((i+100))
36
37 for a in $(seq 1 8 255); do
38 policies=$((policies+1))
39 [ "$policies" -gt "$max" ] && return
40 echo xfrm policy add src 10.$s.$j.0/30 dst 10.$d.$j.$a/$pfx dir $dir action block
41 done
42 for a in $(seq 1 8 255); do
43 policies=$((policies+1))
44 [ "$policies" -gt "$max" ] && return
45 echo xfrm policy add src 10.$s.$j.$a/30 dst 10.$d.$j.0/$pfx dir $dir action block
46 done
47 done
48 done
49}
50
51setup_ns ns
52
53do_bench()
54{
55 local max="$1"
56
57 start=$(date +%s%3N)
58 do_dummies4 "out" "$max" > "$tmp"
59 if ! timeout "$timeout" ip netns exec "$ns" ip -batch "$tmp";then
60 echo "WARNING: policy insertion cancelled after $timeout"
61 ret=1
62 fi
63 stop=$(date +%s%3N)
64
65 result=$((stop-start))
66
67 policies=$(wc -l < "$tmp")
68 printf "Inserted %-06s policies in $result ms\n" $policies
69
70 have=$(ip netns exec "$ns" ip xfrm policy show | grep "action block" | wc -l)
71 if [ "$have" -ne "$policies" ]; then
72 echo "WARNING: mismatch, have $have policies, expected $policies"
73 ret=1
74 fi
75}
76
77p=100
78while [ $p -le "$maxpolicies" ]; do
79 do_bench "$p"
80 p="${p}0"
81done
82
83exit $ret