linux/tools/testing/selftests/net/xfrm_policy_add_speed.sh

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
#
source lib.sh

timeout=4m
ret=0
tmp=$(mktemp)
cleanup() {
	cleanup_all_ns
	rm -f "$tmp"
}

trap cleanup EXIT

maxpolicies=100000
[ "$KSFT_MACHINE_SLOW" = "yes" ] && maxpolicies=10000

do_dummies4() {
	local dir="$1"
	local max="$2"

	local policies
	local pfx
	pfx=30
	policies=0

	ip netns exec "$ns" ip xfrm policy flush

	for i in $(seq 1 100);do
		local s
		local d
		for j in $(seq 1 255);do
			s=$((i+0))
			d=$((i+100))

			for a in $(seq 1 8 255); do
				policies=$((policies+1))
				[ "$policies" -gt "$max" ] && return
				echo xfrm policy add src 10.$s.$j.0/30 dst 10.$d.$j.$a/$pfx dir $dir action block
			done
			for a in $(seq 1 8 255); do
				policies=$((policies+1))
				[ "$policies" -gt "$max" ] && return
				echo xfrm policy add src 10.$s.$j.$a/30 dst 10.$d.$j.0/$pfx dir $dir action block
			done
		done
	done
}

setup_ns ns

do_bench()
{
	local max="$1"

	start=$(date +%s%3N)
	do_dummies4 "out" "$max" > "$tmp"
	if ! timeout "$timeout" ip netns exec "$ns" ip -batch "$tmp";then
		echo "WARNING: policy insertion cancelled after $timeout"
		ret=1
	fi
	stop=$(date +%s%3N)

	result=$((stop-start))

	policies=$(wc -l < "$tmp")
	printf "Inserted %-06s policies in $result ms\n" $policies

	have=$(ip netns exec "$ns" ip xfrm policy show | grep "action block" | wc -l)
	if [ "$have" -ne "$policies" ]; then
		echo "WARNING: mismatch, have $have policies, expected $policies"
		ret=1
	fi
}

p=100
while [ $p -le "$maxpolicies" ]; do
	do_bench "$p"
	p="${p}0"
done

exit $ret