Introduce xfrm_interface tests #4155
Open
+200
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces comprehensive test coverage for the xfrm_interface kernel module, which is used for IPsec VPN tunnels. The tests validate that the CONFIG_XFRM_INTERFACE kernel configuration option is properly enabled and functional on Azure Linux VMs.
Key Changes:
- New test suite for XFRM interface functionality with two test cases
- Validates kernel module loading, interface creation, and module load/unload operations
- Includes proper cleanup and error handling for test isolation
LiliDeng
reviewed
Dec 16, 2025
LiliDeng
reviewed
Dec 16, 2025
LiliDeng
reviewed
Dec 17, 2025
| ) | ||
| def verify_xfrm_interface_load_unload(self, node: Node) -> None: | ||
| kernel_config = node.tools[KernelConfig] | ||
| modprobe = node.tools[Modprobe] |
LiliDeng
reviewed
Dec 17, 2025
| # Skip if built-in (can't unload built-in modules) | ||
| if kernel_config.is_built_in("CONFIG_XFRM_INTERFACE"): | ||
| raise SkippedException( | ||
| "CONFIG_XFRM_INTERFACE is built-in, " "cannot test module load/unload" |
Collaborator
There was a problem hiding this comment.
"CONFIG_XFRM_INTERFACE is built-in, cannot test module load/unload"
LiliDeng
reviewed
Dec 17, 2025
| ).is_false() | ||
|
|
||
| # Reload the module to leave system in working state | ||
| modprobe.load("xfrm_interface") |
Collaborator
There was a problem hiding this comment.
We need to keep the original state, and decide to unload or load it to restore it into original state.
Contributor
Author
There was a problem hiding this comment.
Done. Also updated in the verify_xfrm_interface function
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Introduce xfrm_interface tests. This is to validate the config option
CONFIG_XFRM_INTERFACESteps:
1. Check if CONFIG_XFRM_INTERFACE is enabled in kernel config. (will skip if not)
2. Load the xfrm_interface module if not already loaded.
3. Verify the module is loaded successfully.
4. Create a test xfrm interface (xfrm0).
ip link add xfrm0 type xfrm dev eth0 if_id 1005. Verify the interface was created.
ip link show6. Clean up the test interface.
sudo ip link del xfrm0