cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

mirror_gre_bound.sh (5929B)

      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3
      4#   +---------------------+                             +---------------------+
      5#   | H1                  |                             |                  H2 |
      6#   |     + $h1           |                             |           $h2 +     |
      7#   |     | 192.0.2.1/28  |                             |  192.0.2.2/28 |     |
      8#   +-----|---------------+                             +---------------|-----+
      9#         |                                                             |
     10#   +-----|-------------------------------------------------------------|-----+
     11#   | SW  o--> mirror                                                   |     |
     12#   | +---|-------------------------------------------------------------|---+ |
     13#   | |   + $swp1                    BR                           $swp2 +   | |
     14#   | +---------------------------------------------------------------------+ |
     15#   |                                                                         |
     16#   | +---------------------------------------------------------------------+ |
     17#   | | OL                      + gt6 (ip6gretap)      + gt4 (gretap)       | |
     18#   | |                         : loc=2001:db8:2::1    : loc=192.0.2.129    | |
     19#   | |                         : rem=2001:db8:2::2    : rem=192.0.2.130    | |
     20#   | |                         : ttl=100              : ttl=100            | |
     21#   | |                         : tos=inherit          : tos=inherit        | |
     22#   | +-------------------------:--|-------------------:--|-----------------+ |
     23#   |                           :  |                   :  |                   |
     24#   | +-------------------------:--|-------------------:--|-----------------+ |
     25#   | | UL                      :  |,---------------------'                 | |
     26#   | |   + $swp3               :  ||                  :                    | |
     27#   | |   | 192.0.2.129/28      :  vv                  :                    | |
     28#   | |   | 2001:db8:2::1/64    :  + ul (dummy)        :                    | |
     29#   | +---|---------------------:----------------------:--------------------+ |
     30#   +-----|---------------------:----------------------:----------------------+
     31#         |                     :                      :
     32#   +-----|---------------------:----------------------:----------------------+
     33#   | H3  + $h3                 + h3-gt6 (ip6gretap)   + h3-gt4 (gretap)      |
     34#   |       192.0.2.130/28        loc=2001:db8:2::2      loc=192.0.2.130      |
     35#   |       2001:db8:2::2/64      rem=2001:db8:2::1      rem=192.0.2.129      |
     36#   |                             ttl=100                ttl=100              |
     37#   |                             tos=inherit            tos=inherit          |
     38#   |                                                                         |
     39#   +-------------------------------------------------------------------------+
     40#
     41# This tests mirroring to gretap and ip6gretap configured in an overlay /
     42# underlay manner, i.e. with a bound dummy device that marks underlay VRF where
     43# the encapsulated packed should be routed.
     44
     45ALL_TESTS="
     46	test_gretap
     47	test_ip6gretap
     48"
     49
     50NUM_NETIFS=6
     51source lib.sh
     52source mirror_lib.sh
     53source mirror_gre_lib.sh
     54
     55h1_create()
     56{
     57	simple_if_init $h1 192.0.2.1/28
     58}
     59
     60h1_destroy()
     61{
     62	simple_if_fini $h1 192.0.2.1/28
     63}
     64
     65h2_create()
     66{
     67	simple_if_init $h2 192.0.2.2/28
     68}
     69
     70h2_destroy()
     71{
     72	simple_if_fini $h2 192.0.2.2/28
     73}
     74
     75h3_create()
     76{
     77	simple_if_init $h3 192.0.2.130/28 2001:db8:2::2/64
     78
     79	tunnel_create h3-gt4 gretap 192.0.2.130 192.0.2.129
     80	ip link set h3-gt4 vrf v$h3
     81	matchall_sink_create h3-gt4
     82
     83	tunnel_create h3-gt6 ip6gretap 2001:db8:2::2 2001:db8:2::1
     84	ip link set h3-gt6 vrf v$h3
     85	matchall_sink_create h3-gt6
     86}
     87
     88h3_destroy()
     89{
     90	tunnel_destroy h3-gt6
     91	tunnel_destroy h3-gt4
     92
     93	simple_if_fini $h3 192.0.2.130/28 2001:db8:2::2/64
     94}
     95
     96switch_create()
     97{
     98	# Bridge between H1 and H2.
     99
    100	ip link add name br1 type bridge vlan_filtering 1
    101	ip link set dev br1 up
    102
    103	ip link set dev $swp1 master br1
    104	ip link set dev $swp1 up
    105
    106	ip link set dev $swp2 master br1
    107	ip link set dev $swp2 up
    108
    109	tc qdisc add dev $swp1 clsact
    110
    111	# Underlay.
    112
    113	simple_if_init $swp3 192.0.2.129/28 2001:db8:2::1/64
    114
    115	ip link add name ul type dummy
    116	ip link set dev ul master v$swp3
    117	ip link set dev ul up
    118
    119	# Overlay.
    120
    121	vrf_create vrf-ol
    122	ip link set dev vrf-ol up
    123
    124	tunnel_create gt4 gretap 192.0.2.129 192.0.2.130 \
    125		      ttl 100 tos inherit dev ul
    126	ip link set dev gt4 master vrf-ol
    127	ip link set dev gt4 up
    128
    129	tunnel_create gt6 ip6gretap 2001:db8:2::1 2001:db8:2::2 \
    130		      ttl 100 tos inherit dev ul allow-localremote
    131	ip link set dev gt6 master vrf-ol
    132	ip link set dev gt6 up
    133}
    134
    135switch_destroy()
    136{
    137	vrf_destroy vrf-ol
    138
    139	tunnel_destroy gt6
    140	tunnel_destroy gt4
    141
    142	simple_if_fini $swp3 192.0.2.129/28 2001:db8:2::1/64
    143
    144	ip link del dev ul
    145
    146	tc qdisc del dev $swp1 clsact
    147
    148	ip link set dev $swp1 down
    149	ip link set dev $swp2 down
    150	ip link del dev br1
    151}
    152
    153setup_prepare()
    154{
    155	h1=${NETIFS[p1]}
    156	swp1=${NETIFS[p2]}
    157
    158	swp2=${NETIFS[p3]}
    159	h2=${NETIFS[p4]}
    160
    161	swp3=${NETIFS[p5]}
    162	h3=${NETIFS[p6]}
    163
    164	vrf_prepare
    165
    166	h1_create
    167	h2_create
    168	h3_create
    169
    170	switch_create
    171}
    172
    173cleanup()
    174{
    175	pre_cleanup
    176
    177	switch_destroy
    178
    179	h3_destroy
    180	h2_destroy
    181	h1_destroy
    182
    183	vrf_cleanup
    184}
    185
    186test_gretap()
    187{
    188	full_test_span_gre_dir gt4 ingress 8 0 "mirror to gretap w/ UL"
    189	full_test_span_gre_dir gt4 egress  0 8 "mirror to gretap w/ UL"
    190}
    191
    192test_ip6gretap()
    193{
    194	full_test_span_gre_dir gt6 ingress 8 0 "mirror to ip6gretap w/ UL"
    195	full_test_span_gre_dir gt6 egress  0 8 "mirror to ip6gretap w/ UL"
    196}
    197
    198test_all()
    199{
    200	RET=0
    201
    202	slow_path_trap_install $swp1 ingress
    203	slow_path_trap_install $swp1 egress
    204
    205	tests_run
    206
    207	slow_path_trap_uninstall $swp1 egress
    208	slow_path_trap_uninstall $swp1 ingress
    209}
    210
    211trap cleanup EXIT
    212
    213setup_prepare
    214setup_wait
    215
    216tcflags="skip_hw"
    217test_all
    218
    219if ! tc_offload_check; then
    220	echo "WARN: Could not test offloaded functionality"
    221else
    222	tcflags="skip_sw"
    223	test_all
    224fi
    225
    226exit $EXIT_STATUS