cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

fib_nexthop_multiprefix.sh (5882B)

      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3#
      4# Validate cached routes in fib{6}_nh that is used by multiple prefixes.
      5# Validate a different # exception is generated in h0 for each remote host.
      6#
      7#               h1
      8#            /
      9#    h0 - r1 -  h2
     10#            \
     11#               h3
     12#
     13# routing in h0 to hN is done with nexthop objects.
     14
     15PAUSE_ON_FAIL=no
     16VERBOSE=0
     17
     18which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping)
     19
     20################################################################################
     21# helpers
     22
     23log_test()
     24{
     25	local rc=$1
     26	local expected=$2
     27	local msg="$3"
     28
     29	if [ ${rc} -eq ${expected} ]; then
     30		printf "TEST: %-60s  [ OK ]\n" "${msg}"
     31		nsuccess=$((nsuccess+1))
     32	else
     33		ret=1
     34		nfail=$((nfail+1))
     35		printf "TEST: %-60s  [FAIL]\n" "${msg}"
     36		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
     37			echo
     38			echo "hit enter to continue, 'q' to quit"
     39			read a
     40			[ "$a" = "q" ] && exit 1
     41		fi
     42	fi
     43
     44	[ "$VERBOSE" = "1" ] && echo
     45}
     46
     47run_cmd()
     48{
     49	local cmd="$*"
     50	local out
     51	local rc
     52
     53	if [ "$VERBOSE" = "1" ]; then
     54		echo "COMMAND: $cmd"
     55	fi
     56
     57	out=$(eval $cmd 2>&1)
     58	rc=$?
     59	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
     60		echo "$out"
     61	fi
     62
     63	[ "$VERBOSE" = "1" ] && echo
     64
     65	return $rc
     66}
     67
     68################################################################################
     69# config
     70
     71create_ns()
     72{
     73	local ns=${1}
     74
     75	ip netns del ${ns} 2>/dev/null
     76
     77	ip netns add ${ns}
     78	ip -netns ${ns} addr add 127.0.0.1/8 dev lo
     79	ip -netns ${ns} link set lo up
     80
     81	ip netns exec ${ns} sysctl -q -w net.ipv6.conf.all.keep_addr_on_down=1
     82	case ${ns} in
     83	h*)
     84		ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=0
     85		;;
     86	r*)
     87		ip netns exec $ns sysctl -q -w net.ipv4.ip_forward=1
     88		ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=1
     89		;;
     90	esac
     91}
     92
     93setup()
     94{
     95	local ns
     96	local i
     97
     98	#set -e
     99
    100	for ns in h0 r1 h1 h2 h3
    101	do
    102		create_ns ${ns}
    103	done
    104
    105	#
    106	# create interconnects
    107	#
    108
    109	for i in 0 1 2 3
    110	do
    111		ip -netns h${i} li add eth0 type veth peer name r1h${i}
    112		ip -netns h${i} li set eth0 up
    113		ip -netns h${i} li set r1h${i} netns r1 name eth${i} up
    114
    115		ip -netns h${i}    addr add dev eth0 172.16.10${i}.1/24
    116		ip -netns h${i} -6 addr add dev eth0 2001:db8:10${i}::1/64
    117		ip -netns r1    addr add dev eth${i} 172.16.10${i}.254/24
    118		ip -netns r1 -6 addr add dev eth${i} 2001:db8:10${i}::64/64
    119	done
    120
    121	ip -netns h0 nexthop add id 4 via 172.16.100.254 dev eth0
    122	ip -netns h0 nexthop add id 6 via 2001:db8:100::64 dev eth0
    123
    124	# routing from h0 to h1-h3 and back
    125	for i in 1 2 3
    126	do
    127		ip -netns h0    ro add 172.16.10${i}.0/24 nhid 4
    128		ip -netns h${i} ro add 172.16.100.0/24 via 172.16.10${i}.254
    129
    130		ip -netns h0    -6 ro add 2001:db8:10${i}::/64 nhid 6
    131		ip -netns h${i} -6 ro add 2001:db8:100::/64 via 2001:db8:10${i}::64
    132	done
    133
    134	if [ "$VERBOSE" = "1" ]; then
    135		echo
    136		echo "host 1 config"
    137		ip -netns h0 li sh
    138		ip -netns h0 ro sh
    139		ip -netns h0 -6 ro sh
    140	fi
    141
    142	#set +e
    143}
    144
    145cleanup()
    146{
    147	for n in h0 r1 h1 h2 h3
    148	do
    149		ip netns del ${n} 2>/dev/null
    150	done
    151}
    152
    153change_mtu()
    154{
    155	local hostid=$1
    156	local mtu=$2
    157
    158	run_cmd ip -netns h${hostid} li set eth0 mtu ${mtu}
    159	run_cmd ip -netns r1 li set eth${hostid} mtu ${mtu}
    160}
    161
    162################################################################################
    163# validate exceptions
    164
    165validate_v4_exception()
    166{
    167	local i=$1
    168	local mtu=$2
    169	local ping_sz=$3
    170	local dst="172.16.10${i}.1"
    171	local h0=172.16.100.1
    172	local r1=172.16.100.254
    173	local rc
    174
    175	if [ ${ping_sz} != "0" ]; then
    176		run_cmd ip netns exec h0 ping -s ${ping_sz} -c5 -w5 ${dst}
    177	fi
    178
    179	if [ "$VERBOSE" = "1" ]; then
    180		echo "Route get"
    181		ip -netns h0 ro get ${dst}
    182		echo "Searching for:"
    183		echo "    cache .* mtu ${mtu}"
    184		echo
    185	fi
    186
    187	ip -netns h0 ro get ${dst} | \
    188	grep -q "cache .* mtu ${mtu}"
    189	rc=$?
    190
    191	log_test $rc 0 "IPv4: host 0 to host ${i}, mtu ${mtu}"
    192}
    193
    194validate_v6_exception()
    195{
    196	local i=$1
    197	local mtu=$2
    198	local ping_sz=$3
    199	local dst="2001:db8:10${i}::1"
    200	local h0=2001:db8:100::1
    201	local r1=2001:db8:100::64
    202	local rc
    203
    204	if [ ${ping_sz} != "0" ]; then
    205		run_cmd ip netns exec h0 ${ping6} -s ${ping_sz} -c5 -w5 ${dst}
    206	fi
    207
    208	if [ "$VERBOSE" = "1" ]; then
    209		echo "Route get"
    210		ip -netns h0 -6 ro get ${dst}
    211		echo "Searching for:"
    212		echo "    ${dst} from :: via ${r1} dev eth0 src ${h0} .* mtu ${mtu}"
    213		echo
    214	fi
    215
    216	ip -netns h0 -6 ro get ${dst} | \
    217	grep -q "${dst} from :: via ${r1} dev eth0 src ${h0} .* mtu ${mtu}"
    218	rc=$?
    219
    220	log_test $rc 0 "IPv6: host 0 to host ${i}, mtu ${mtu}"
    221}
    222
    223################################################################################
    224# main
    225
    226while getopts :pv o
    227do
    228	case $o in
    229		p) PAUSE_ON_FAIL=yes;;
    230		v) VERBOSE=1;;
    231	esac
    232done
    233
    234cleanup
    235setup
    236sleep 2
    237
    238cpus=$(cat  /sys/devices/system/cpu/online)
    239cpus="$(seq ${cpus/-/ })"
    240ret=0
    241for i in 1 2 3
    242do
    243	# generate a cached route per-cpu
    244	for c in ${cpus}; do
    245		run_cmd taskset -c ${c} ip netns exec h0 ping -c1 -w1 172.16.10${i}.1
    246		[ $? -ne 0 ] && printf "\nERROR: ping to h${i} failed\n" && ret=1
    247
    248		run_cmd taskset -c ${c} ip netns exec h0 ${ping6} -c1 -w1 2001:db8:10${i}::1
    249		[ $? -ne 0 ] && printf "\nERROR: ping6 to h${i} failed\n" && ret=1
    250
    251		[ $ret -ne 0 ] && break
    252	done
    253	[ $ret -ne 0 ] && break
    254done
    255
    256if [ $ret -eq 0 ]; then
    257	# generate different exceptions in h0 for h1, h2 and h3
    258	change_mtu 1 1300
    259	validate_v4_exception 1 1300 1350
    260	validate_v6_exception 1 1300 1350
    261	echo
    262
    263	change_mtu 2 1350
    264	validate_v4_exception 2 1350 1400
    265	validate_v6_exception 2 1350 1400
    266	echo
    267
    268	change_mtu 3 1400
    269	validate_v4_exception 3 1400 1450
    270	validate_v6_exception 3 1400 1450
    271	echo
    272
    273	validate_v4_exception 1 1300 0
    274	validate_v6_exception 1 1300 0
    275	echo
    276
    277	validate_v4_exception 2 1350 0
    278	validate_v6_exception 2 1350 0
    279	echo
    280
    281	validate_v4_exception 3 1400 0
    282	validate_v6_exception 3 1400 0
    283
    284	# targeted deletes to trigger cleanup paths in kernel
    285	ip -netns h0 ro del 172.16.102.0/24 nhid 4
    286	ip -netns h0 -6 ro del 2001:db8:102::/64 nhid 6
    287
    288	ip -netns h0 nexthop del id 4
    289	ip -netns h0 nexthop del id 6
    290fi
    291
    292cleanup