1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0
3 #
4 # Test devlink-trap tunnel exceptions functionality over mlxsw.
5 # Check all exception traps to make sure they are triggered under the right
6 # conditions.
7
8 # +-------------------------+
9 # | H1 |
10 # | $h1 + |
11 # | 2001:db8:1::1/64 | |
12 # +-------------------|-----+
13 # |
14 # +-------------------|-----+
15 # | SW1 | |
16 # | $swp1 + |
17 # | 2001:db8:1::2/64 |
18 # | |
19 # | + g1 (ip6gre) |
20 # | loc=2001:db8:3::1 |
21 # | rem=2001:db8:3::2 |
22 # | tos=inherit |
23 # | |
24 # | + $rp1 |
25 # | | 2001:db8:10::1/64 |
26 # +--|----------------------+
27 # |
28 # +--|----------------------+
29 # | | VRF2 |
30 # | + $rp2 |
31 # | 2001:db8:10::2/64 |
32 # +-------------------------+
33
34 lib_dir=$(dirname $0)/../../../net/forwarding
35
36 ALL_TESTS="
37 decap_error_test
38 "
39
40 NUM_NETIFS=4
41 source $lib_dir/lib.sh
42 source $lib_dir/tc_common.sh
43 source $lib_dir/devlink_lib.sh
44
45 h1_create()
46 {
47 simple_if_init $h1 2001:db8:1::1/64
48 }
49
50 h1_destroy()
51 {
52 simple_if_fini $h1 2001:db8:1::1/64
53 }
54
55 vrf2_create()
56 {
57 simple_if_init $rp2 2001:db8:10::2/64
58 }
59
60 vrf2_destroy()
61 {
62 simple_if_fini $rp2 2001:db8:10::2/64
63 }
64
65 switch_create()
66 {
67 ip link set dev $swp1 up
68 __addr_add_del $swp1 add 2001:db8:1::2/64
69 tc qdisc add dev $swp1 clsact
70
71 tunnel_create g1 ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \
72 ttl inherit
73 ip link set dev g1 up
74 __addr_add_del g1 add 2001:db8:3::1/128
75
76 ip link set dev $rp1 up
77 __addr_add_del $rp1 add 2001:db8:10::1/64
78 }
79
80 switch_destroy()
81 {
82 __addr_add_del $rp1 del 2001:db8:10::1/64
83 ip link set dev $rp1 down
84
85 __addr_add_del g1 del 2001:db8:3::1/128
86 ip link set dev g1 down
87 tunnel_destroy g1
88
89 tc qdisc del dev $swp1 clsact
90 __addr_add_del $swp1 del 2001:db8:1::2/64
91 ip link set dev $swp1 down
92 }
93
94 setup_prepare()
95 {
96 h1=${NETIFS[p1]}
97 swp1=${NETIFS[p2]}
98
99 rp1=${NETIFS[p3]}
100 rp2=${NETIFS[p4]}
101
102 forwarding_enable
103 vrf_prepare
104 h1_create
105 switch_create
106 vrf2_create
107 }
108
109 cleanup()
110 {
111 pre_cleanup
112
113 vrf2_destroy
114 switch_destroy
115 h1_destroy
116 vrf_cleanup
117 forwarding_restore
118 }
119
120 ipip_payload_get()
121 {
122 local saddr="20:01:0d:b8:00:02:00:00:00:00:00:00:00:00:00:01"
123 local daddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:01"
124 local flags=$1; shift
125 local key=$1; shift
126
127 p=$(:
128 )"$flags"$( : GRE flags
129 )"0:00:"$( : Reserved + version
130 )"86:dd:"$( : ETH protocol type
131 )"$key"$( : Key
132 )"6"$( : IP version
133 )"0:0"$( : Traffic class
134 )"0:00:00:"$( : Flow label
135 )"00:00:"$( : Payload length
136 )"3a:"$( : Next header
137 )"04:"$( : Hop limit
138 )"$saddr:"$( : IP saddr
139 )"$daddr:"$( : IP daddr
140 )
141 echo $p
142 }
143
144 ecn_payload_get()
145 {
146 echo $(ipip_payload_get "0")
147 }
148
149 ecn_decap_test()
150 {
151 local trap_name="decap_error"
152 local desc=$1; shift
153 local ecn_desc=$1; shift
154 local outer_tos=$1; shift
155 local mz_pid
156
157 RET=0
158
159 tc filter add dev $swp1 egress protocol ipv6 pref 1 handle 101 \
160 flower src_ip 2001:db8:2::1 dst_ip 2001:db8:1::1 skip_sw \
161 action pass
162
163 rp1_mac=$(mac_get $rp1)
164 rp2_mac=$(mac_get $rp2)
165 payload=$(ecn_payload_get)
166
167 ip vrf exec v$rp2 $MZ -6 $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \
168 -A 2001:db8:3::2 -B 2001:db8:3::1 -t ip \
169 tos=$outer_tos,next=47,p=$payload -q &
170 mz_pid=$!
171
172 devlink_trap_exception_test $trap_name
173
174 tc_check_packets "dev $swp1 egress" 101 0
175 check_err $? "Packets were not dropped"
176
177 log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc"
178
179 kill $mz_pid && wait $mz_pid &> /dev/null
180 tc filter del dev $swp1 egress protocol ipv6 pref 1 handle 101 flower
181 }
182
183 no_matching_tunnel_test()
184 {
185 local trap_name="decap_error"
186 local desc=$1; shift
187 local sip=$1; shift
188 local mz_pid
189
190 RET=0
191
192 tc filter add dev $swp1 egress protocol ipv6 pref 1 handle 101 \
193 flower src_ip 2001:db8:2::1 dst_ip 2001:db8:1::1 action pass
194
195 rp1_mac=$(mac_get $rp1)
196 rp2_mac=$(mac_get $rp2)
197 payload=$(ipip_payload_get "$@")
198
199 ip vrf exec v$rp2 $MZ -6 $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \
200 -A $sip -B 2001:db8:3::1 -t ip next=47,p=$payload -q &
201 mz_pid=$!
202
203 devlink_trap_exception_test $trap_name
204
205 tc_check_packets "dev $swp1 egress" 101 0
206 check_err $? "Packets were not dropped"
207
208 log_test "$desc"
209
210 kill $mz_pid && wait $mz_pid &> /dev/null
211 tc filter del dev $swp1 egress protocol ipv6 pref 1 handle 101 flower
212 }
213
214 decap_error_test()
215 {
216 # Correct source IP - the remote address
217 local sip=2001:db8:3::2
218
219 ecn_decap_test "Decap error" "ECT(1)" 01
220 ecn_decap_test "Decap error" "ECT(0)" 02
221 ecn_decap_test "Decap error" "CE" 03
222
223 no_matching_tunnel_test "Decap error: Source IP check failed" \
224 2001:db8:4::2 "0"
225 no_matching_tunnel_test \
226 "Decap error: Key exists but was not expected" $sip "2" \
227 "00:00:00:E9:"
228
229 # Destroy the tunnel and create new one with key
230 __addr_add_del g1 del 2001:db8:3::1/128
231 tunnel_destroy g1
232
233 tunnel_create g1 ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \
234 ttl inherit key 233
235 __addr_add_del g1 add 2001:db8:3::1/128
236
237 no_matching_tunnel_test \
238 "Decap error: Key does not exist but was expected" $sip "0"
239 no_matching_tunnel_test \
240 "Decap error: Packet has a wrong key field" $sip "2" \
241 "00:00:00:E8:"
242 }
243
244 trap cleanup EXIT
245
246 setup_prepare
247 setup_wait
248 tests_run
249
250 exit $EXIT_STATUS
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.