q_in_q_veto.sh - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
q_in_q_veto.sh (7948B)
      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3
      4lib_dir=$(dirname $0)/../../../net/forwarding
      5
      6ALL_TESTS="
      7	create_8021ad_vlan_upper_on_top_front_panel_port
      8	create_8021ad_vlan_upper_on_top_bridge_port
      9	create_8021ad_vlan_upper_on_top_lag
     10	create_8021ad_vlan_upper_on_top_bridge
     11	create_8021ad_vlan_upper_on_top_8021ad_bridge
     12	create_vlan_upper_on_top_8021ad_bridge
     13	create_vlan_upper_on_top_front_panel_enslaved_to_8021ad_bridge
     14	create_vlan_upper_on_top_lag_enslaved_to_8021ad_bridge
     15	enslave_front_panel_with_vlan_upper_to_8021ad_bridge
     16	enslave_lag_with_vlan_upper_to_8021ad_bridge
     17	add_ip_address_to_8021ad_bridge
     18	switch_bridge_protocol_from_8021q_to_8021ad
     19"
     20NUM_NETIFS=2
     21source $lib_dir/lib.sh
     22
     23setup_prepare()
     24{
     25	swp1=${NETIFS[p1]}
     26	swp2=${NETIFS[p2]}
     27
     28	ip link set dev $swp1 up
     29	ip link set dev $swp2 up
     30
     31	sleep 10
     32}
     33
     34cleanup()
     35{
     36	pre_cleanup
     37
     38	ip link set dev $swp2 down
     39	ip link set dev $swp1 down
     40}
     41
     42create_vlan_upper_on_top_of_bridge()
     43{
     44	RET=0
     45
     46	local bridge_proto=$1; shift
     47	local netdev_proto=$1; shift
     48
     49	ip link add dev br0 type bridge vlan_filtering 1 \
     50		vlan_protocol $bridge_proto vlan_default_pvid 0 mcast_snooping 0
     51
     52	ip link set dev br0 up
     53	ip link set dev $swp1 master br0
     54
     55	ip link add name br0.100 link br0 type vlan \
     56		protocol $netdev_proto id 100 2>/dev/null
     57	check_fail $? "$netdev_proto vlan upper creation on top of an $bridge_proto bridge not rejected"
     58
     59	ip link add name br0.100 link br0 type vlan \
     60		protocol $netdev_proto id 100 2>&1 >/dev/null \
     61		| grep -q mlxsw_spectrum
     62	check_err $? "$netdev_proto vlan upper creation on top of an $bridge_proto bridge rejected without extack"
     63
     64	log_test "create $netdev_proto vlan upper on top $bridge_proto bridge"
     65
     66	ip link del dev br0
     67}
     68
     69create_8021ad_vlan_upper_on_top_front_panel_port()
     70{
     71	RET=0
     72
     73	ip link add name $swp1.100 link $swp1 type vlan \
     74		protocol 802.1ad id 100 2>/dev/null
     75	check_fail $? "802.1ad vlan upper creation on top of a front panel not rejected"
     76
     77	ip link add name $swp1.100 link $swp1 type vlan \
     78		protocol 802.1ad id 100 2>&1 >/dev/null \
     79		| grep -q mlxsw_spectrum
     80	check_err $? "802.1ad vlan upper creation on top of a front panel rejected without extack"
     81
     82	log_test "create 802.1ad vlan upper on top of a front panel"
     83}
     84
     85create_8021ad_vlan_upper_on_top_bridge_port()
     86{
     87	RET=0
     88
     89	ip link add dev br0 type bridge vlan_filtering 1 \
     90		vlan_default_pvid 0 mcast_snooping 0
     91
     92	ip link set dev $swp1 master br0
     93	ip link set dev br0 up
     94
     95	ip link add name $swp1.100 link $swp1 type vlan \
     96		protocol 802.1ad id 100 2>/dev/null
     97	check_fail $? "802.1ad vlan upper creation on top of a bridge port not rejected"
     98
     99	ip link add name $swp1.100 link $swp1 type vlan \
    100		protocol 802.1ad id 100 2>&1 >/dev/null \
    101		| grep -q mlxsw_spectrum
    102	check_err $? "802.1ad vlan upper creation on top of a bridge port rejected without extack"
    103
    104	log_test "create 802.1ad vlan upper on top of a bridge port"
    105
    106	ip link del dev br0
    107}
    108
    109create_8021ad_vlan_upper_on_top_lag()
    110{
    111	RET=0
    112
    113	ip link add name bond1 type bond mode 802.3ad
    114	ip link set dev $swp1 down
    115	ip link set dev $swp1 master bond1
    116
    117	ip link add name bond1.100 link bond1 type vlan \
    118		protocol 802.1ad id 100 2>/dev/null
    119	check_fail $? "802.1ad vlan upper creation on top of a lag not rejected"
    120
    121	ip link add name bond1.100 link bond1 type vlan \
    122		protocol 802.1ad id 100 2>&1 >/dev/null \
    123		| grep -q mlxsw_spectrum
    124	check_err $? "802.1ad vlan upper creation on top of a lag rejected without extack"
    125
    126	log_test "create 802.1ad vlan upper on top of a lag"
    127
    128	ip link del dev bond1
    129}
    130
    131create_8021ad_vlan_upper_on_top_bridge()
    132{
    133	RET=0
    134
    135	create_vlan_upper_on_top_of_bridge "802.1q" "802.1ad"
    136}
    137
    138create_8021ad_vlan_upper_on_top_8021ad_bridge()
    139{
    140	RET=0
    141
    142	create_vlan_upper_on_top_of_bridge "802.1ad" "802.1ad"
    143}
    144
    145create_vlan_upper_on_top_8021ad_bridge()
    146{
    147	RET=0
    148
    149	create_vlan_upper_on_top_of_bridge "802.1ad" "802.1q"
    150}
    151
    152create_vlan_upper_on_top_front_panel_enslaved_to_8021ad_bridge()
    153{
    154	RET=0
    155
    156	ip link add dev br0 type bridge vlan_filtering 1 \
    157		vlan_protocol 802.1ad vlan_default_pvid 0 mcast_snooping 0
    158	ip link set dev br0 up
    159
    160	ip link set dev $swp1 master br0
    161
    162	ip link add name $swp1.100 link $swp1 type vlan id 100 2>/dev/null
    163	check_fail $? "vlan upper creation on top of front panel enslaved to 802.1ad bridge not rejected"
    164
    165	ip link add name $swp1.100 link $swp1 type vlan id 100 2>&1 >/dev/null \
    166		| grep -q mlxsw_spectrum
    167	check_err $? "vlan upper creation on top of front panel enslaved to 802.1ad bridge rejected without extack"
    168
    169	log_test "create vlan upper on top of front panel enslaved to 802.1ad bridge"
    170
    171	ip link del dev br0
    172}
    173
    174create_vlan_upper_on_top_lag_enslaved_to_8021ad_bridge()
    175{
    176	RET=0
    177
    178	ip link add dev br0 type bridge vlan_filtering 1 \
    179		vlan_protocol 802.1ad vlan_default_pvid 0 mcast_snooping 0
    180	ip link set dev br0 up
    181
    182	ip link add name bond1 type bond mode 802.3ad
    183	ip link set dev $swp1 down
    184	ip link set dev $swp1 master bond1
    185	ip link set dev bond1 master br0
    186
    187	ip link add name bond1.100 link bond1 type vlan id 100 2>/dev/null
    188	check_fail $? "vlan upper creation on top of lag enslaved to 802.1ad bridge not rejected"
    189
    190	ip link add name bond1.100 link bond1 type vlan id 100 2>&1 >/dev/null \
    191		| grep -q mlxsw_spectrum
    192	check_err $? "vlan upper creation on top of lag enslaved to 802.1ad bridge rejected without extack"
    193
    194	log_test "create vlan upper on top of lag enslaved to 802.1ad bridge"
    195
    196	ip link del dev bond1
    197	ip link del dev br0
    198}
    199
    200enslave_front_panel_with_vlan_upper_to_8021ad_bridge()
    201{
    202	RET=0
    203
    204	ip link add dev br0 type bridge vlan_filtering 1 \
    205		vlan_protocol 802.1ad vlan_default_pvid 0 mcast_snooping 0
    206	ip link set dev br0 up
    207
    208	ip link add name $swp1.100 link $swp1 type vlan id 100
    209
    210	ip link set dev $swp1 master br0 2>/dev/null
    211	check_fail $? "front panel with vlan upper enslavemnt to 802.1ad bridge not rejected"
    212
    213	ip link set dev $swp1 master br0 2>&1 >/dev/null | grep -q mlxsw_spectrum
    214	check_err $? "front panel with vlan upper enslavemnt to 802.1ad bridge rejected without extack"
    215
    216	log_test "enslave front panel with vlan upper to 802.1ad bridge"
    217
    218	ip link del dev $swp1.100
    219	ip link del dev br0
    220}
    221
    222enslave_lag_with_vlan_upper_to_8021ad_bridge()
    223{
    224	RET=0
    225
    226	ip link add dev br0 type bridge vlan_filtering 1 \
    227		vlan_protocol 802.1ad vlan_default_pvid 0 mcast_snooping 0
    228	ip link set dev br0 up
    229
    230	ip link add name bond1 type bond mode 802.3ad
    231	ip link set dev $swp1 down
    232	ip link set dev $swp1 master bond1
    233	ip link add name bond1.100 link bond1 type vlan id 100
    234
    235	ip link set dev bond1 master br0 2>/dev/null
    236	check_fail $? "lag with vlan upper enslavemnt to 802.1ad bridge not rejected"
    237
    238	ip link set dev bond1 master br0 2>&1 >/dev/null \
    239		| grep -q mlxsw_spectrum
    240	check_err $? "lag with vlan upper enslavemnt to 802.1ad bridge rejected without extack"
    241
    242	log_test "enslave lag with vlan upper to 802.1ad bridge"
    243
    244	ip link del dev bond1
    245	ip link del dev br0
    246}
    247
    248
    249add_ip_address_to_8021ad_bridge()
    250{
    251	RET=0
    252
    253	ip link add dev br0 type bridge vlan_filtering 1 \
    254		vlan_protocol 802.1ad vlan_default_pvid 0 mcast_snooping 0
    255
    256	ip link set dev br0 up
    257	ip link set dev $swp1 master br0
    258
    259	ip addr add dev br0 192.0.2.17/28 2>/dev/null
    260	check_fail $? "IP address addition to 802.1ad bridge not rejected"
    261
    262	ip addr add dev br0 192.0.2.17/28 2>&1 >/dev/null | grep -q mlxsw_spectrum
    263	check_err $? "IP address addition to 802.1ad bridge rejected without extack"
    264
    265	log_test "IP address addition to 802.1ad bridge"
    266
    267	ip link del dev br0
    268}
    269
    270switch_bridge_protocol_from_8021q_to_8021ad()
    271{
    272	RET=0
    273
    274	ip link add dev br0 type bridge vlan_filtering 1 \
    275		vlan_protocol 802.1ad vlan_default_pvid 0 mcast_snooping 0
    276
    277	ip link set dev br0 up
    278	ip link set dev $swp1 master br0
    279
    280	ip link set dev br0 type bridge vlan_protocol 802.1q 2>/dev/null
    281	check_fail $? "switching bridge protocol from 802.1q to 802.1ad not rejected"
    282
    283	log_test "switch bridge protocol"
    284
    285	ip link del dev br0
    286}
    287
    288
    289trap cleanup EXIT
    290
    291setup_prepare
    292setup_wait
    293
    294tests_run
    295
    296exit $EXIT_STATUS