1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Test vetoing of FDB entries that mlxsw can not offload. This exercises several
5# different veto vectors to test various rollback scenarios in the vxlan driver.
6
7: ${LOCAL_IP:=198.51.100.1}
8export LOCAL_IP
9
10: ${REMOTE_IP_1:=198.51.100.2}
11export REMOTE_IP_1
12
13: ${REMOTE_IP_2:=198.51.100.3}
14export REMOTE_IP_2
15
16: ${UDPCSUM_FLAFS:=noudpcsum}
17export UDPCSUM_FLAFS
18
19: ${MC_IP:=224.0.0.1}
20export MC_IP
21
22lib_dir=$(dirname $0)/../../../net/forwarding
23
24ALL_TESTS="
25	fdb_create_veto_test
26	fdb_replace_veto_test
27	fdb_append_veto_test
28	fdb_changelink_veto_test
29"
30NUM_NETIFS=2
31source $lib_dir/lib.sh
32
33setup_prepare()
34{
35	swp1=${NETIFS[p1]}
36	swp2=${NETIFS[p2]}
37
38	ip link add dev br0 type bridge mcast_snooping 0
39
40	ip link set dev $swp1 up
41	ip link set dev $swp1 master br0
42	ip link set dev $swp2 up
43
44	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
45		ttl 20 tos inherit local $LOCAL_IP dstport 4789
46	ip link set dev vxlan0 master br0
47}
48
49cleanup()
50{
51	pre_cleanup
52
53	ip link set dev vxlan0 nomaster
54	ip link del dev vxlan0
55
56	ip link set dev $swp2 down
57	ip link set dev $swp1 nomaster
58	ip link set dev $swp1 down
59
60	ip link del dev br0
61}
62
63fdb_create_veto_test()
64{
65	RET=0
66
67	bridge fdb add 01:02:03:04:05:06 dev vxlan0 self static \
68	       dst $REMOTE_IP_1 2>/dev/null
69	check_fail $? "multicast MAC not rejected"
70
71	bridge fdb add 01:02:03:04:05:06 dev vxlan0 self static \
72	       dst $REMOTE_IP_1 2>&1 >/dev/null | grep -q mlxsw_spectrum
73	check_err $? "multicast MAC rejected without extack"
74
75	log_test "vxlan FDB veto - create"
76}
77
78fdb_replace_veto_test()
79{
80	RET=0
81
82	bridge fdb add 00:01:02:03:04:05 dev vxlan0 self static \
83	       dst $REMOTE_IP_1
84	check_err $? "valid FDB rejected"
85
86	bridge fdb replace 00:01:02:03:04:05 dev vxlan0 self static \
87	       dst $REMOTE_IP_1 port 1234 2>/dev/null
88	check_fail $? "FDB with an explicit port not rejected"
89
90	bridge fdb replace 00:01:02:03:04:05 dev vxlan0 self static \
91	       dst $REMOTE_IP_1 port 1234 2>&1 >/dev/null \
92	    | grep -q mlxsw_spectrum
93	check_err $? "FDB with an explicit port rejected without extack"
94
95	log_test "vxlan FDB veto - replace"
96}
97
98fdb_append_veto_test()
99{
100	RET=0
101
102	bridge fdb add 00:00:00:00:00:00 dev vxlan0 self static \
103	       dst $REMOTE_IP_1
104	check_err $? "valid FDB rejected"
105
106	bridge fdb append 00:00:00:00:00:00 dev vxlan0 self static \
107	       dst $REMOTE_IP_2 port 1234 2>/dev/null
108	check_fail $? "FDB with an explicit port not rejected"
109
110	bridge fdb append 00:00:00:00:00:00 dev vxlan0 self static \
111	       dst $REMOTE_IP_2 port 1234 2>&1 >/dev/null \
112	    | grep -q mlxsw_spectrum
113	check_err $? "FDB with an explicit port rejected without extack"
114
115	log_test "vxlan FDB veto - append"
116}
117
118fdb_changelink_veto_test()
119{
120	RET=0
121
122	ip link set dev vxlan0 type vxlan \
123	   group $MC_IP dev lo 2>/dev/null
124	check_fail $? "FDB with a multicast IP not rejected"
125
126	ip link set dev vxlan0 type vxlan \
127	   group $MC_IP dev lo 2>&1 >/dev/null \
128	    | grep -q mlxsw_spectrum
129	check_err $? "FDB with a multicast IP rejected without extack"
130
131	log_test "vxlan FDB veto - changelink"
132}
133
134trap cleanup EXIT
135
136setup_prepare
137setup_wait
138
139tests_run
140
141exit $EXIT_STATUS
142