1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# 4# Test devlink-trap tunnel exceptions functionality over mlxsw. 5# Check all exception traps to make sure they are triggered under the right 6# conditions. 7 8# +-------------------------+ 9# | H1 | 10# | $h1 + | 11# | 2001:db8:1::1/64 | | 12# +-------------------|-----+ 13# | 14# +-------------------|-----+ 15# | SW1 | | 16# | $swp1 + | 17# | 2001:db8:1::2/64 | 18# | | 19# | + g1 (ip6gre) | 20# | loc=2001:db8:3::1 | 21# | rem=2001:db8:3::2 | 22# | tos=inherit | 23# | | 24# | + $rp1 | 25# | | 2001:db8:10::1/64 | 26# +--|----------------------+ 27# | 28# +--|----------------------+ 29# | | VRF2 | 30# | + $rp2 | 31# | 2001:db8:10::2/64 | 32# +-------------------------+ 33 34lib_dir=$(dirname $0)/../../../../net/forwarding 35 36ALL_TESTS=" 37 decap_error_test 38" 39 40NUM_NETIFS=4 41source $lib_dir/lib.sh 42source $lib_dir/tc_common.sh 43source $lib_dir/devlink_lib.sh 44 45h1_create() 46{ 47 simple_if_init $h1 2001:db8:1::1/64 48} 49 50h1_destroy() 51{ 52 simple_if_fini $h1 2001:db8:1::1/64 53} 54 55vrf2_create() 56{ 57 simple_if_init $rp2 2001:db8:10::2/64 58} 59 60vrf2_destroy() 61{ 62 simple_if_fini $rp2 2001:db8:10::2/64 63} 64 65switch_create() 66{ 67 ip link set dev $swp1 up 68 __addr_add_del $swp1 add 2001:db8:1::2/64 69 tc qdisc add dev $swp1 clsact 70 71 tunnel_create g1 ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \ 72 ttl inherit 73 ip link set dev g1 up 74 __addr_add_del g1 add 2001:db8:3::1/128 75 76 ip link set dev $rp1 up 77 __addr_add_del $rp1 add 2001:db8:10::1/64 78} 79 80switch_destroy() 81{ 82 __addr_add_del $rp1 del 2001:db8:10::1/64 83 ip link set dev $rp1 down 84 85 __addr_add_del g1 del 2001:db8:3::1/128 86 ip link set dev g1 down 87 tunnel_destroy g1 88 89 tc qdisc del dev $swp1 clsact 90 __addr_add_del $swp1 del 2001:db8:1::2/64 91 ip link set dev $swp1 down 92} 93 94setup_prepare() 95{ 96 h1=${NETIFS[p1]} 97 swp1=${NETIFS[p2]} 98 99 rp1=${NETIFS[p3]} 100 rp2=${NETIFS[p4]} 101 102 forwarding_enable 103 vrf_prepare 104 h1_create 105 switch_create 106 vrf2_create 107} 108 109cleanup() 110{ 111 pre_cleanup 112 113 vrf2_destroy 114 switch_destroy 115 h1_destroy 116 vrf_cleanup 117 forwarding_restore 118} 119 120ipip_payload_get() 121{ 122 local saddr="20:01:0d:b8:00:02:00:00:00:00:00:00:00:00:00:01" 123 local daddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:01" 124 local flags=$1; shift 125 local key=$1; shift 126 127 p=$(: 128 )"$flags"$( : GRE flags 129 )"0:00:"$( : Reserved + version 130 )"86:dd:"$( : ETH protocol type 131 )"$key"$( : Key 132 )"6"$( : IP version 133 )"0:0"$( : Traffic class 134 )"0:00:00:"$( : Flow label 135 )"00:00:"$( : Payload length 136 )"3a:"$( : Next header 137 )"04:"$( : Hop limit 138 )"$saddr:"$( : IP saddr 139 )"$daddr:"$( : IP daddr 140 ) 141 echo $p 142} 143 144ecn_payload_get() 145{ 146 echo $(ipip_payload_get "0") 147} 148 149ecn_decap_test() 150{ 151 local trap_name="decap_error" 152 local desc=$1; shift 153 local ecn_desc=$1; shift 154 local outer_tos=$1; shift 155 local mz_pid 156 157 RET=0 158 159 tc filter add dev $swp1 egress protocol ipv6 pref 1 handle 101 \ 160 flower src_ip 2001:db8:2::1 dst_ip 2001:db8:1::1 skip_sw \ 161 action pass 162 163 rp1_mac=$(mac_get $rp1) 164 rp2_mac=$(mac_get $rp2) 165 payload=$(ecn_payload_get) 166 167 ip vrf exec v$rp2 $MZ -6 $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ 168 -A 2001:db8:3::2 -B 2001:db8:3::1 -t ip \ 169 tos=$outer_tos,next=47,p=$payload -q & 170 mz_pid=$! 171 172 devlink_trap_exception_test $trap_name 173 174 tc_check_packets "dev $swp1 egress" 101 0 175 check_err $? "Packets were not dropped" 176 177 log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc" 178 179 kill $mz_pid && wait $mz_pid &> /dev/null 180 tc filter del dev $swp1 egress protocol ipv6 pref 1 handle 101 flower 181} 182 183no_matching_tunnel_test() 184{ 185 local trap_name="decap_error" 186 local desc=$1; shift 187 local sip=$1; shift 188 local mz_pid 189 190 RET=0 191 192 tc filter add dev $swp1 egress protocol ipv6 pref 1 handle 101 \ 193 flower src_ip 2001:db8:2::1 dst_ip 2001:db8:1::1 action pass 194 195 rp1_mac=$(mac_get $rp1) 196 rp2_mac=$(mac_get $rp2) 197 payload=$(ipip_payload_get "$@") 198 199 ip vrf exec v$rp2 $MZ -6 $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ 200 -A $sip -B 2001:db8:3::1 -t ip next=47,p=$payload -q & 201 mz_pid=$! 202 203 devlink_trap_exception_test $trap_name 204 205 tc_check_packets "dev $swp1 egress" 101 0 206 check_err $? "Packets were not dropped" 207 208 log_test "$desc" 209 210 kill $mz_pid && wait $mz_pid &> /dev/null 211 tc filter del dev $swp1 egress protocol ipv6 pref 1 handle 101 flower 212} 213 214decap_error_test() 215{ 216 # Correct source IP - the remote address 217 local sip=2001:db8:3::2 218 219 ecn_decap_test "Decap error" "ECT(1)" 01 220 ecn_decap_test "Decap error" "ECT(0)" 02 221 ecn_decap_test "Decap error" "CE" 03 222 223 no_matching_tunnel_test "Decap error: Source IP check failed" \ 224 2001:db8:4::2 "0" 225 no_matching_tunnel_test \ 226 "Decap error: Key exists but was not expected" $sip "2" \ 227 "00:00:00:E9:" 228 229 # Destroy the tunnel and create new one with key 230 __addr_add_del g1 del 2001:db8:3::1/128 231 tunnel_destroy g1 232 233 tunnel_create g1 ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \ 234 ttl inherit key 233 235 __addr_add_del g1 add 2001:db8:3::1/128 236 237 no_matching_tunnel_test \ 238 "Decap error: Key does not exist but was expected" $sip "0" 239 no_matching_tunnel_test \ 240 "Decap error: Packet has a wrong key field" $sip "2" \ 241 "00:00:00:E8:" 242} 243 244trap cleanup EXIT 245 246setup_prepare 247setup_wait 248tests_run 249 250exit $EXIT_STATUS 251