1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# 4# Test devlink-trap tunnel exceptions functionality over mlxsw. 5# Check all exception traps to make sure they are triggered under the right 6# conditions. 7 8# +-------------------------+ 9# | H1 | 10# | $h1 + | 11# | 192.0.2.1/28 | | 12# +-------------------|-----+ 13# | 14# +-------------------|-----+ 15# | SW1 | | 16# | $swp1 + | 17# | 192.0.2.2/28 | 18# | | 19# | + g1a (gre) | 20# | loc=192.0.2.65 | 21# | rem=192.0.2.66 | 22# | tos=inherit | 23# | | 24# | + $rp1 | 25# | | 198.51.100.1/28 | 26# +--|----------------------+ 27# | 28# +--|----------------------+ 29# | | VRF2 | 30# | + $rp2 | 31# | 198.51.100.2/28 | 32# +-------------------------+ 33 34lib_dir=$(dirname $0)/../../../net/forwarding 35 36ALL_TESTS=" 37 decap_error_test 38" 39 40NUM_NETIFS=4 41source $lib_dir/lib.sh 42source $lib_dir/tc_common.sh 43source $lib_dir/devlink_lib.sh 44 45h1_create() 46{ 47 simple_if_init $h1 192.0.2.1/28 48} 49 50h1_destroy() 51{ 52 simple_if_fini $h1 192.0.2.1/28 53} 54 55vrf2_create() 56{ 57 simple_if_init $rp2 198.51.100.2/28 58} 59 60vrf2_destroy() 61{ 62 simple_if_fini $rp2 198.51.100.2/28 63} 64 65switch_create() 66{ 67 __addr_add_del $swp1 add 192.0.2.2/28 68 tc qdisc add dev $swp1 clsact 69 ip link set dev $swp1 up 70 71 tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit 72 __addr_add_del g1 add 192.0.2.65/32 73 ip link set dev g1 up 74 75 __addr_add_del $rp1 add 198.51.100.1/28 76 ip link set dev $rp1 up 77} 78 79switch_destroy() 80{ 81 ip link set dev $rp1 down 82 __addr_add_del $rp1 del 198.51.100.1/28 83 84 ip link set dev g1 down 85 __addr_add_del g1 del 192.0.2.65/32 86 tunnel_destroy g1 87 88 ip link set dev $swp1 down 89 tc qdisc del dev $swp1 clsact 90 __addr_add_del $swp1 del 192.0.2.2/28 91} 92 93setup_prepare() 94{ 95 h1=${NETIFS[p1]} 96 swp1=${NETIFS[p2]} 97 98 rp1=${NETIFS[p3]} 99 rp2=${NETIFS[p4]} 100 101 forwarding_enable 102 vrf_prepare 103 h1_create 104 switch_create 105 vrf2_create 106} 107 108cleanup() 109{ 110 pre_cleanup 111 112 vrf2_destroy 113 switch_destroy 114 h1_destroy 115 vrf_cleanup 116 forwarding_restore 117} 118 119ipip_payload_get() 120{ 121 local flags=$1; shift 122 local key=$1; shift 123 124 p=$(: 125 )"$flags"$( : GRE flags 126 )"0:00:"$( : Reserved + version 127 )"08:00:"$( : ETH protocol type 128 )"$key"$( : Key 129 )"4"$( : IP version 130 )"5:"$( : IHL 131 )"00:"$( : IP TOS 132 )"00:14:"$( : IP total length 133 )"00:00:"$( : IP identification 134 )"20:00:"$( : IP flags + frag off 135 )"30:"$( : IP TTL 136 )"01:"$( : IP proto 137 )"E7:E6:"$( : IP header csum 138 )"C0:00:01:01:"$( : IP saddr : 192.0.1.1 139 )"C0:00:02:01:"$( : IP daddr : 192.0.2.1 140 ) 141 echo $p 142} 143 144ecn_payload_get() 145{ 146 echo $(ipip_payload_get "0") 147} 148 149ecn_decap_test() 150{ 151 local trap_name="decap_error" 152 local desc=$1; shift 153 local ecn_desc=$1; shift 154 local outer_tos=$1; shift 155 local mz_pid 156 157 RET=0 158 159 tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \ 160 flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass 161 162 rp1_mac=$(mac_get $rp1) 163 rp2_mac=$(mac_get $rp2) 164 payload=$(ecn_payload_get) 165 166 ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ 167 -A 192.0.2.66 -B 192.0.2.65 -t ip \ 168 len=48,tos=$outer_tos,proto=47,p=$payload -q & 169 170 mz_pid=$! 171 172 devlink_trap_exception_test $trap_name 173 174 tc_check_packets "dev $swp1 egress" 101 0 175 check_err $? "Packets were not dropped" 176 177 log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc" 178 179 kill $mz_pid && wait $mz_pid &> /dev/null 180 tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower 181} 182 183no_matching_tunnel_test() 184{ 185 local trap_name="decap_error" 186 local desc=$1; shift 187 local sip=$1; shift 188 local mz_pid 189 190 RET=0 191 192 tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \ 193 flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass 194 195 rp1_mac=$(mac_get $rp1) 196 rp2_mac=$(mac_get $rp2) 197 payload=$(ipip_payload_get "$@") 198 199 ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ 200 -A $sip -B 192.0.2.65 -t ip len=48,proto=47,p=$payload -q & 201 mz_pid=$! 202 203 devlink_trap_exception_test $trap_name 204 205 tc_check_packets "dev $swp1 egress" 101 0 206 check_err $? "Packets were not dropped" 207 208 log_test "$desc" 209 210 kill $mz_pid && wait $mz_pid &> /dev/null 211 tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower 212} 213 214decap_error_test() 215{ 216 # Correct source IP - the remote address 217 local sip=192.0.2.66 218 219 ecn_decap_test "Decap error" "ECT(1)" 01 220 ecn_decap_test "Decap error" "ECT(0)" 02 221 ecn_decap_test "Decap error" "CE" 03 222 223 no_matching_tunnel_test "Decap error: Source IP check failed" \ 224 192.0.2.68 "0" 225 no_matching_tunnel_test \ 226 "Decap error: Key exists but was not expected" $sip "2" \ 227 "00:00:00:E9:" 228 229 # Destroy the tunnel and create new one with key 230 __addr_add_del g1 del 192.0.2.65/32 231 tunnel_destroy g1 232 233 tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit key 233 234 __addr_add_del g1 add 192.0.2.65/32 235 236 no_matching_tunnel_test \ 237 "Decap error: Key does not exist but was expected" $sip "0" 238 no_matching_tunnel_test \ 239 "Decap error: Packet has a wrong key field" $sip "2" \ 240 "00:00:00:E8:" 241} 242 243trap cleanup EXIT 244 245setup_prepare 246setup_wait 247tests_run 248 249exit $EXIT_STATUS 250