[PATCH v2 03/25] selftests: Initial tcp_authopt test module

[Leonard Crestez <cdleonard@gmail.com>]

This test suite is written as a standalone python3 package using
dependencies such as scapy.

The run.sh script wrapper called from kselftest infrastructure uses
"pip" to generate an isolated virtual environment just for running these
tests. The run.sh wrapper can be called from anywhere and does not rely
on kselftest infrastructure.

Default output is in TAP format.

Signed-off-by: Leonard Crestez <cdleonard@gmail.com>
---
 tools/testing/selftests/tcp_authopt/Makefile  | 10 ++++
 .../testing/selftests/tcp_authopt/README.rst  | 18 ++++++++
 tools/testing/selftests/tcp_authopt/config    |  6 +++
 .../selftests/tcp_authopt/requirements.txt    | 46 +++++++++++++++++++
 tools/testing/selftests/tcp_authopt/run.sh    | 31 +++++++++++++
 tools/testing/selftests/tcp_authopt/settings  |  1 +
 tools/testing/selftests/tcp_authopt/setup.cfg | 35 ++++++++++++++
 tools/testing/selftests/tcp_authopt/setup.py  |  6 +++
 .../tcp_authopt/tcp_authopt_test/__init__.py  |  0
 9 files changed, 153 insertions(+)
 create mode 100644 tools/testing/selftests/tcp_authopt/Makefile
 create mode 100644 tools/testing/selftests/tcp_authopt/README.rst
 create mode 100644 tools/testing/selftests/tcp_authopt/config
 create mode 100644 tools/testing/selftests/tcp_authopt/requirements.txt
 create mode 100755 tools/testing/selftests/tcp_authopt/run.sh
 create mode 100644 tools/testing/selftests/tcp_authopt/settings
 create mode 100644 tools/testing/selftests/tcp_authopt/setup.cfg
 create mode 100644 tools/testing/selftests/tcp_authopt/setup.py
 create mode 100644 tools/testing/selftests/tcp_authopt/tcp_authopt_test/__init__.py

diff --git a/tools/testing/selftests/tcp_authopt/Makefile b/tools/testing/selftests/tcp_authopt/Makefile
new file mode 100644
index 000000000000..256ae2c16013
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/Makefile
@@ -0,0 +1,10 @@
+# SPDX-License-Identifier: GPL-2.0
+include ../lib.mk
+
+TEST_PROGS += ./run.sh
+TEST_FILES := \
+	requirements.txt \
+	settings \
+	setup.cfg \
+	setup.py \
+	tcp_authopt_test
diff --git a/tools/testing/selftests/tcp_authopt/README.rst b/tools/testing/selftests/tcp_authopt/README.rst
new file mode 100644
index 000000000000..e9548469c827
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/README.rst
@@ -0,0 +1,18 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+=========================================
+Tests for linux TCP Authentication Option
+=========================================
+
+Test suite is written in python3 using pytest and scapy. The test suite is
+mostly self-contained as a python package.
+
+The recommended way to run this is the included `run.sh` script as root, this
+will automatically create a virtual environment with the correct dependencies
+using `pip`. If not running under root it will automatically attempt to elevate
+using `sudo` after the virtualenv is created.
+
+An old separate version can be found here: https://github.com/cdleonard/tcp-authopt-test
+
+Integration with kselftest infrastructure is minimal: when in doubt just run
+this separately.
diff --git a/tools/testing/selftests/tcp_authopt/config b/tools/testing/selftests/tcp_authopt/config
new file mode 100644
index 000000000000..0d4e5d47fa72
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/config
@@ -0,0 +1,6 @@
+# RFC5925 TCP Authentication Option and all algorithms
+CONFIG_TCP_AUTHOPT=y
+CONFIG_CRYPTO_SHA1=M
+CONFIG_CRYPTO_HMAC=M
+CONFIG_CRYPTO_AES=M
+CONFIG_CRYPTO_CMAC=M
diff --git a/tools/testing/selftests/tcp_authopt/requirements.txt b/tools/testing/selftests/tcp_authopt/requirements.txt
new file mode 100644
index 000000000000..713d4d1b7a55
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/requirements.txt
@@ -0,0 +1,46 @@
+#
+# This file is autogenerated by pip-compile with python 3.8
+# To update, run:
+#
+#    pip-compile
+#
+argparse==1.4.0
+    # via nsenter
+attrs==21.2.0
+    # via pytest
+cffi==1.15.0
+    # via cryptography
+contextlib2==21.6.0
+    # via nsenter
+cryptography==35.0.0
+    # via tcp-authopt-test (setup.py)
+iniconfig==1.1.1
+    # via pytest
+nsenter==0.2
+    # via tcp-authopt-test (setup.py)
+packaging==21.0
+    # via pytest
+pathlib==1.0.1
+    # via nsenter
+pluggy==1.0.0
+    # via pytest
+py==1.10.0
+    # via pytest
+pycparser==2.20
+    # via cffi
+pyparsing==3.0.1
+    # via packaging
+pytest==6.2.5
+    # via
+    #   pytest-tap
+    #   tcp-authopt-test (setup.py)
+pytest-tap==3.3
+    # via tcp-authopt-test (setup.py)
+scapy==2.4.5
+    # via tcp-authopt-test (setup.py)
+tap.py==3.0
+    # via pytest-tap
+toml==0.10.2
+    # via pytest
+waiting==1.4.1
+    # via tcp-authopt-test (setup.py)
diff --git a/tools/testing/selftests/tcp_authopt/run.sh b/tools/testing/selftests/tcp_authopt/run.sh
new file mode 100755
index 000000000000..7aeb125706a4
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/run.sh
@@ -0,0 +1,31 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+# Create virtualenv using pip and run pytest
+# Accepts all args that pytest does
+#
+set -e
+cd "$(dirname "${BASH_SOURCE[0]}")"
+
+if [[ -d venv ]]; then
+	echo >&2 "Using existing $(readlink -f venv)"
+else
+	echo >&2 "Creating $(readlink -f venv)"
+	python3 -m venv venv
+	(
+		. venv/bin/activate
+		pip install wheel
+		pip install -r requirements.txt
+	)
+fi
+
+cmd=(pytest -s --log-cli-level=DEBUG --tap-stream "$@")
+if [[ $(id -u) -ne 0 ]]; then
+	echo >&2 "warning: running as non-root user, attempting sudo"
+	# sudo -E to use the virtualenv:
+	cmd=(sudo bash -c ". venv/bin/activate;$(printf " %q" "${cmd[@]}")")
+	exec "${cmd[@]}"
+else
+	. venv/bin/activate
+	exec "${cmd[@]}"
+fi
diff --git a/tools/testing/selftests/tcp_authopt/settings b/tools/testing/selftests/tcp_authopt/settings
new file mode 100644
index 000000000000..6091b45d226b
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/settings
@@ -0,0 +1 @@
+timeout=120
diff --git a/tools/testing/selftests/tcp_authopt/setup.cfg b/tools/testing/selftests/tcp_authopt/setup.cfg
new file mode 100644
index 000000000000..452083fec64b
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/setup.cfg
@@ -0,0 +1,35 @@
+[options]
+install_requires=
+    cryptography
+    nsenter
+    pytest
+    pytest-tap
+    scapy
+    waiting
+
+[options.extras_require]
+dev =
+    black
+    isort
+    mypy
+    pip-tools
+    pre-commit
+    tox
+
+[tox:tox]
+envlist = py3
+
+[testenv]
+commands = pytest {posargs}
+deps = -rrequirements.txt
+
+[metadata]
+name = tcp-authopt-test
+version = 0.1
+
+[mypy]
+ignore_missing_imports = true
+files = .
+
+[isort]
+profile = black
diff --git a/tools/testing/selftests/tcp_authopt/setup.py b/tools/testing/selftests/tcp_authopt/setup.py
new file mode 100644
index 000000000000..055b98132e26
--- /dev/null
+++ b/tools/testing/selftests/tcp_authopt/setup.py
@@ -0,0 +1,6 @@
+#! /usr/bin/env python3
+# SPDX-License-Identifier: GPL-2.0
+
+from setuptools import setup
+
+setup()
diff --git a/tools/testing/selftests/tcp_authopt/tcp_authopt_test/__init__.py b/tools/testing/selftests/tcp_authopt/tcp_authopt_test/__init__.py
new file mode 100644
index 000000000000..e69de29bb2d1
-- 
2.25.1