cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

qos_dscp_bridge.sh (4325B)

      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3
      4# Test for DSCP prioritization and rewrite. Packets ingress $swp1 with a DSCP
      5# tag and are prioritized according to the map at $swp1. They egress $swp2 and
      6# the DSCP value is updated to match the map at that interface. The updated DSCP
      7# tag is verified at $h2.
      8#
      9# ICMP responses are produced with the same DSCP tag that arrived at $h2. They
     10# go through prioritization at $swp2 and DSCP retagging at $swp1. The tag is
     11# verified at $h1--it should match the original tag.
     12#
     13# +----------------------+                             +----------------------+
     14# | H1                   |                             |                   H2 |
     15# |    + $h1             |                             |            $h2 +     |
     16# |    | 192.0.2.1/28    |                             |   192.0.2.2/28 |     |
     17# +----|-----------------+                             +----------------|-----+
     18#      |                                                                |
     19# +----|----------------------------------------------------------------|-----+
     20# | SW |                                                                |     |
     21# |  +-|----------------------------------------------------------------|-+   |
     22# |  | + $swp1                       BR                           $swp2 + |   |
     23# |  |   APP=0,5,10 .. 7,5,17                      APP=0,5,20 .. 7,5,27   |   |
     24# |  +--------------------------------------------------------------------+   |
     25# +---------------------------------------------------------------------------+
     26
     27ALL_TESTS="
     28	ping_ipv4
     29	test_dscp
     30"
     31
     32lib_dir=$(dirname $0)/../../../net/forwarding
     33
     34NUM_NETIFS=4
     35source $lib_dir/lib.sh
     36
     37h1_create()
     38{
     39	simple_if_init $h1 192.0.2.1/28
     40	tc qdisc add dev $h1 clsact
     41	dscp_capture_install $h1 10
     42}
     43
     44h1_destroy()
     45{
     46	dscp_capture_uninstall $h1 10
     47	tc qdisc del dev $h1 clsact
     48	simple_if_fini $h1 192.0.2.1/28
     49}
     50
     51h2_create()
     52{
     53	simple_if_init $h2 192.0.2.2/28
     54	tc qdisc add dev $h2 clsact
     55	dscp_capture_install $h2 20
     56}
     57
     58h2_destroy()
     59{
     60	dscp_capture_uninstall $h2 20
     61	tc qdisc del dev $h2 clsact
     62	simple_if_fini $h2 192.0.2.2/28
     63}
     64
     65dscp_map()
     66{
     67	local base=$1; shift
     68	local prio
     69
     70	for prio in {0..7}; do
     71		echo app=$prio,5,$((base + prio))
     72	done
     73}
     74
     75switch_create()
     76{
     77	ip link add name br1 type bridge vlan_filtering 1
     78	ip link set dev br1 up
     79	ip link set dev $swp1 master br1
     80	ip link set dev $swp1 up
     81	ip link set dev $swp2 master br1
     82	ip link set dev $swp2 up
     83
     84	lldptool -T -i $swp1 -V APP $(dscp_map 10) >/dev/null
     85	lldptool -T -i $swp2 -V APP $(dscp_map 20) >/dev/null
     86	lldpad_app_wait_set $swp1
     87	lldpad_app_wait_set $swp2
     88}
     89
     90switch_destroy()
     91{
     92	lldptool -T -i $swp2 -V APP -d $(dscp_map 20) >/dev/null
     93	lldptool -T -i $swp1 -V APP -d $(dscp_map 10) >/dev/null
     94	lldpad_app_wait_del
     95
     96	ip link set dev $swp2 down
     97	ip link set dev $swp2 nomaster
     98	ip link set dev $swp1 down
     99	ip link set dev $swp1 nomaster
    100	ip link del dev br1
    101}
    102
    103setup_prepare()
    104{
    105	h1=${NETIFS[p1]}
    106	swp1=${NETIFS[p2]}
    107
    108	swp2=${NETIFS[p3]}
    109	h2=${NETIFS[p4]}
    110
    111	vrf_prepare
    112
    113	h1_create
    114	h2_create
    115	switch_create
    116}
    117
    118cleanup()
    119{
    120	pre_cleanup
    121
    122	switch_destroy
    123	h2_destroy
    124	h1_destroy
    125
    126	vrf_cleanup
    127}
    128
    129ping_ipv4()
    130{
    131	ping_test $h1 192.0.2.2
    132}
    133
    134dscp_ping_test()
    135{
    136	local vrf_name=$1; shift
    137	local sip=$1; shift
    138	local dip=$1; shift
    139	local prio=$1; shift
    140	local dev_10=$1; shift
    141	local dev_20=$1; shift
    142	local key
    143
    144	local dscp_10=$(((prio + 10) << 2))
    145	local dscp_20=$(((prio + 20) << 2))
    146
    147	RET=0
    148
    149	local -A t0s
    150	eval "t0s=($(dscp_fetch_stats $dev_10 10)
    151		   $(dscp_fetch_stats $dev_20 20))"
    152
    153	local ping_timeout=$((PING_TIMEOUT * 5))
    154	ip vrf exec $vrf_name \
    155	   ${PING} -Q $dscp_10 ${sip:+-I $sip} $dip \
    156		   -c 10 -i 0.5 -w $ping_timeout &> /dev/null
    157
    158	local -A t1s
    159	eval "t1s=($(dscp_fetch_stats $dev_10 10)
    160		   $(dscp_fetch_stats $dev_20 20))"
    161
    162	for key in ${!t0s[@]}; do
    163		local expect
    164		if ((key == prio+10 || key == prio+20)); then
    165			expect=10
    166		else
    167			expect=0
    168		fi
    169
    170		local delta=$((t1s[$key] - t0s[$key]))
    171		((expect == delta))
    172		check_err $? "DSCP $key: Expected to capture $expect packets, got $delta."
    173	done
    174
    175	log_test "DSCP rewrite: $dscp_10-(prio $prio)-$dscp_20"
    176}
    177
    178test_dscp()
    179{
    180	local prio
    181
    182	for prio in {0..7}; do
    183		dscp_ping_test v$h1 192.0.2.1 192.0.2.2 $prio $h1 $h2
    184	done
    185}
    186
    187trap cleanup EXIT
    188
    189setup_prepare
    190setup_wait
    191
    192tests_run
    193
    194exit $EXIT_STATUS