1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0
3 #
4 # Test devlink-trap tunnel exceptions functionality over mlxsw.
5 # Check all exception traps to make sure they are triggered under the right
6 # conditions.
7
8 # +-------------------------+
9 # | H1 |
10 # | $h1 + |
11 # | 192.0.2.1/28 | |
12 # +-------------------|-----+
13 # |
14 # +-------------------|-----+
15 # | SW1 | |
16 # | $swp1 + |
17 # | 192.0.2.2/28 |
18 # | |
19 # | + g1a (gre) |
20 # | loc=192.0.2.65 |
21 # | rem=192.0.2.66 |
22 # | tos=inherit |
23 # | |
24 # | + $rp1 |
25 # | | 198.51.100.1/28 |
26 # +--|----------------------+
27 # |
28 # +--|----------------------+
29 # | | VRF2 |
30 # | + $rp2 |
31 # | 198.51.100.2/28 |
32 # +-------------------------+
33
34 lib_dir=$(dirname $0)/../../../net/forwarding
35
36 ALL_TESTS="
37 decap_error_test
38 "
39
40 NUM_NETIFS=4
41 source $lib_dir/lib.sh
42 source $lib_dir/tc_common.sh
43 source $lib_dir/devlink_lib.sh
44
45 h1_create()
46 {
47 simple_if_init $h1 192.0.2.1/28
48 }
49
50 h1_destroy()
51 {
52 simple_if_fini $h1 192.0.2.1/28
53 }
54
55 vrf2_create()
56 {
57 simple_if_init $rp2 198.51.100.2/28
58 }
59
60 vrf2_destroy()
61 {
62 simple_if_fini $rp2 198.51.100.2/28
63 }
64
65 switch_create()
66 {
67 __addr_add_del $swp1 add 192.0.2.2/28
68 tc qdisc add dev $swp1 clsact
69 ip link set dev $swp1 up
70
71 tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit
72 __addr_add_del g1 add 192.0.2.65/32
73 ip link set dev g1 up
74
75 __addr_add_del $rp1 add 198.51.100.1/28
76 ip link set dev $rp1 up
77 }
78
79 switch_destroy()
80 {
81 ip link set dev $rp1 down
82 __addr_add_del $rp1 del 198.51.100.1/28
83
84 ip link set dev g1 down
85 __addr_add_del g1 del 192.0.2.65/32
86 tunnel_destroy g1
87
88 ip link set dev $swp1 down
89 tc qdisc del dev $swp1 clsact
90 __addr_add_del $swp1 del 192.0.2.2/28
91 }
92
93 setup_prepare()
94 {
95 h1=${NETIFS[p1]}
96 swp1=${NETIFS[p2]}
97
98 rp1=${NETIFS[p3]}
99 rp2=${NETIFS[p4]}
100
101 forwarding_enable
102 vrf_prepare
103 h1_create
104 switch_create
105 vrf2_create
106 }
107
108 cleanup()
109 {
110 pre_cleanup
111
112 vrf2_destroy
113 switch_destroy
114 h1_destroy
115 vrf_cleanup
116 forwarding_restore
117 }
118
119 ipip_payload_get()
120 {
121 local flags=$1; shift
122 local key=$1; shift
123
124 p=$(:
125 )"$flags"$( : GRE flags
126 )"0:00:"$( : Reserved + version
127 )"08:00:"$( : ETH protocol type
128 )"$key"$( : Key
129 )"4"$( : IP version
130 )"5:"$( : IHL
131 )"00:"$( : IP TOS
132 )"00:14:"$( : IP total length
133 )"00:00:"$( : IP identification
134 )"20:00:"$( : IP flags + frag off
135 )"30:"$( : IP TTL
136 )"01:"$( : IP proto
137 )"E7:E6:"$( : IP header csum
138 )"C0:00:01:01:"$( : IP saddr : 192.0.1.1
139 )"C0:00:02:01:"$( : IP daddr : 192.0.2.1
140 )
141 echo $p
142 }
143
144 ecn_payload_get()
145 {
146 echo $(ipip_payload_get "0")
147 }
148
149 ecn_decap_test()
150 {
151 local trap_name="decap_error"
152 local desc=$1; shift
153 local ecn_desc=$1; shift
154 local outer_tos=$1; shift
155 local mz_pid
156
157 RET=0
158
159 tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \
160 flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass
161
162 rp1_mac=$(mac_get $rp1)
163 rp2_mac=$(mac_get $rp2)
164 payload=$(ecn_payload_get)
165
166 ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \
167 -A 192.0.2.66 -B 192.0.2.65 -t ip \
168 len=48,tos=$outer_tos,proto=47,p=$payload -q &
169
170 mz_pid=$!
171
172 devlink_trap_exception_test $trap_name
173
174 tc_check_packets "dev $swp1 egress" 101 0
175 check_err $? "Packets were not dropped"
176
177 log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc"
178
179 kill $mz_pid && wait $mz_pid &> /dev/null
180 tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower
181 }
182
183 no_matching_tunnel_test()
184 {
185 local trap_name="decap_error"
186 local desc=$1; shift
187 local sip=$1; shift
188 local mz_pid
189
190 RET=0
191
192 tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \
193 flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass
194
195 rp1_mac=$(mac_get $rp1)
196 rp2_mac=$(mac_get $rp2)
197 payload=$(ipip_payload_get "$@")
198
199 ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \
200 -A $sip -B 192.0.2.65 -t ip len=48,proto=47,p=$payload -q &
201 mz_pid=$!
202
203 devlink_trap_exception_test $trap_name
204
205 tc_check_packets "dev $swp1 egress" 101 0
206 check_err $? "Packets were not dropped"
207
208 log_test "$desc"
209
210 kill $mz_pid && wait $mz_pid &> /dev/null
211 tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower
212 }
213
214 decap_error_test()
215 {
216 # Correct source IP - the remote address
217 local sip=192.0.2.66
218
219 ecn_decap_test "Decap error" "ECT(1)" 01
220 ecn_decap_test "Decap error" "ECT(0)" 02
221 ecn_decap_test "Decap error" "CE" 03
222
223 no_matching_tunnel_test "Decap error: Source IP check failed" \
224 192.0.2.68 "0"
225 no_matching_tunnel_test \
226 "Decap error: Key exists but was not expected" $sip "2" \
227 "00:00:00:E9:"
228
229 # Destroy the tunnel and create new one with key
230 __addr_add_del g1 del 192.0.2.65/32
231 tunnel_destroy g1
232
233 tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit key 233
234 __addr_add_del g1 add 192.0.2.65/32
235
236 no_matching_tunnel_test \
237 "Decap error: Key does not exist but was expected" $sip "0"
238 no_matching_tunnel_test \
239 "Decap error: Packet has a wrong key field" $sip "2" \
240 "00:00:00:E8:"
241 }
242
243 trap cleanup EXIT
244
245 setup_prepare
246 setup_wait
247 tests_run
248
249 exit $EXIT_STATUS
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.