Wind River Support Network

HomeDefectsLIN1018-2441
Not to be fixed

LIN1018-2441 : [CUT] [lib32] STD.5.1 IPSec Major CGL Features fail

Created: Sep 17, 2018    Updated: Apr 29, 2021
Resolved Date: Apr 29, 2021
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

For lib32-wrlinux-image-glibc-cgl
boot
disable selinux

----------------------------------------
Start testcase  STD.5.1 IPSec Major CGL Features
----------------------------------------
14
PING 128.224.178.36 (128.224.178.36) 56(84) bytes of data.
64 bytes from 128.224.178.36: icmp_seq=1 ttl=64 time=0.550 ms
64 bytes from 128.224.178.36: icmp_seq=2 ttl=64 time=0.546 ms
64 bytes from 128.224.178.36: icmp_seq=3 ttl=64 time=0.536 ms

--- 128.224.178.36 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 39ms
rtt min/avg/max/mdev = 0.536/0.544/0.550/0.005 ms
spawn ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:wrhDzXx7XfgJcnDUUbhAkbemai1S+wcl/VpTahvsnlo root@lib32-sjiao
The key's randomart image is:
+---[RSA 2048]----+
|           .++.+.|
|           .o +  |
|          . .+ o |
|     *     o..* .|
|    o * S . +*.o.|
|   . . o ..+o+=oo|
|    o   ...+.+E=.|
|     .  ..= ..=. |
|         o oo+o  |
+----[SHA256]-----+
spawn ssh -o StrictHostKeyChecking no root@128.224.178.36 -- mkdir -p /root/.ssh
Warning: Permanently added '128.224.178.36' (ECDSA) to the list of known hosts.
spawn scp -o StrictHostKeyChecking no /root/.ssh/id_rsa.pub root@128.224.178.36:/root/.ssh/authorized_keys
id_rsa.pub                                    100%  398   317.4KB/s   00:00   
spawn ssh root@128.224.178.36 -- uname
Linux
/bin/systemctl
/bin/systemctl
/bin/systemctl
initiating IKE_SA toRemote[1] to 128.224.178.36
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 128.224.178.51[500] to 128.224.178.36[500] (768 bytes)
retransmit 1 of request with message ID 0
sending packet: from 128.224.178.51[500] to 128.224.178.36[500] (768 bytes)
received packet: from 128.224.178.36[500] to 128.224.178.51[500] (272 bytes)
parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
authentication of '128.224.178.51' (myself) with pre-shared key
establishing CHILD_SA toRemote{1}
allocating SPI failed: Operation not supported (95)
unable to get SPI
unable to allocate SPIs from kernel
establishing connection 'toRemote' failed
PING 128.224.178.36 (128.224.178.36) 56(84) bytes of data.
64 bytes from 128.224.178.36: icmp_seq=1 ttl=64 time=0.860 ms
64 bytes from 128.224.178.36: icmp_seq=2 ttl=64 time=0.555 ms
64 bytes from 128.224.178.36: icmp_seq=3 ttl=64 time=0.554 ms
64 bytes from 128.224.178.36: icmp_seq=4 ttl=64 time=0.536 ms
64 bytes from 128.224.178.36: icmp_seq=5 ttl=64 time=0.543 ms

--- 128.224.178.36 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 104ms
rtt min/avg/max/mdev = 0.536/0.609/0.860/0.128 ms
initiating IKE_SA toRemote[2] to 128.224.178.36
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 128.224.178.51[500] to 128.224.178.36[500] (768 bytes)
received packet: from 128.224.178.36[500] to 128.224.178.51[500] (272 bytes)
parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
authentication of '128.224.178.51' (myself) with pre-shared key
establishing CHILD_SA toRemote{2}
allocating SPI failed: Operation not supported (95)
unable to get SPI
unable to allocate SPIs from kernel
establishing connection 'toRemote' failed
PING 128.224.178.36 (128.224.178.36) 56(84) bytes of data.
64 bytes from 128.224.178.36: icmp_seq=1 ttl=64 time=0.534 ms
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 262144 bytes
64 bytes from 128.224.178.36: icmp_seq=2 ttl=64 time=0.570 ms
64 bytes from 128.224.178.36: icmp_seq=3 ttl=64 time=0.513 ms
64 bytes from 128.224.178.36: icmp_seq=4 ttl=64 time=0.531 ms
64 bytes from 128.224.178.36: icmp_seq=5 ttl=64 time=0.653 ms
64 bytes from 128.224.178.36: icmp_seq=6 ttl=64 time=0.590 ms
64 bytes from 128.224.178.36: icmp_seq=7 ttl=64 time=0.528 ms
64 bytes from 128.224.178.36: icmp_seq=8 ttl=64 time=0.530 ms
64 bytes from 128.224.178.36: icmp_seq=9 ttl=64 time=0.542 ms
64 bytes from 128.224.178.36: icmp_seq=10 ttl=64 time=0.526 ms

--- 128.224.178.36 ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 254ms
rtt min/avg/max/mdev = 0.513/0.551/0.653/0.048 ms
405 packets captured
449 packets received by filter
0 packets dropped by kernel
****************************************
NO ipsec packets seen when pinging.
----------------------------------------
****************************************
Error step : test failed
Test Result : [ FAILED ]
Finish
root@lib32-sjiao:/opt/cut#

Workaround

N/A

Steps to Reproduce

1) setup.sh
/lpg-build/cdc/fast_prod/WRL10_18/WRL10_18_GIT/wrlinux-10/setup.sh  --machine intel-x86-64 --templates  feature/cut  --dl-layers --distro wrlinux-cgl
2). ./oe-init-build-env  build_test
3) vim conf/local.conf
IMAGE_ROOTFS_EXTRA_SPACE = "5242880"
SELECTED_OPTIMIZATION = "${PROFILING_OPTIMIZATION}"
DEBUG_BUILD = "1"
EXTRA_IMAGE_FEATURES_append += " dbg-pkgs"
BB_NO_NETWORK_pn-lmbench = '0'
IMAGE_FSTYPES_remove += " wic wic.bmap live"
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-dev"

5) bitbake lib32-wrlinux-image-glibc-cgl
6) boot the target
7) cd /opt/cut
    ./cgl_test.sh -e std.5.1
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube