mirror_gre_changes.sh - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
mirror_gre_changes.sh (5809B)
      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3
      4# This test uses standard topology for testing gretap. See
      5# mirror_gre_topo_lib.sh for more details.
      6#
      7# Test how mirrors to gretap and ip6gretap react to changes to relevant
      8# configuration.
      9
     10ALL_TESTS="
     11	test_ttl
     12	test_tun_up
     13	test_egress_up
     14	test_remote_ip
     15	test_tun_del
     16	test_route_del
     17"
     18
     19NUM_NETIFS=6
     20source lib.sh
     21source mirror_lib.sh
     22source mirror_gre_lib.sh
     23source mirror_gre_topo_lib.sh
     24
     25setup_prepare()
     26{
     27	h1=${NETIFS[p1]}
     28	swp1=${NETIFS[p2]}
     29
     30	swp2=${NETIFS[p3]}
     31	h2=${NETIFS[p4]}
     32
     33	swp3=${NETIFS[p5]}
     34	h3=${NETIFS[p6]}
     35
     36	vrf_prepare
     37	mirror_gre_topo_create
     38
     39	# This test downs $swp3, which deletes the configured IPv6 address
     40	# unless this sysctl is set.
     41	sysctl_set net.ipv6.conf.$swp3.keep_addr_on_down 1
     42
     43	ip address add dev $swp3 192.0.2.129/28
     44	ip address add dev $h3 192.0.2.130/28
     45
     46	ip address add dev $swp3 2001:db8:2::1/64
     47	ip address add dev $h3 2001:db8:2::2/64
     48}
     49
     50cleanup()
     51{
     52	pre_cleanup
     53
     54	ip address del dev $h3 2001:db8:2::2/64
     55	ip address del dev $swp3 2001:db8:2::1/64
     56
     57	ip address del dev $h3 192.0.2.130/28
     58	ip address del dev $swp3 192.0.2.129/28
     59
     60	sysctl_restore net.ipv6.conf.$swp3.keep_addr_on_down
     61
     62	mirror_gre_topo_destroy
     63	vrf_cleanup
     64}
     65
     66test_span_gre_ttl()
     67{
     68	local tundev=$1; shift
     69	local type=$1; shift
     70	local prot=$1; shift
     71	local what=$1; shift
     72
     73	RET=0
     74
     75	mirror_install $swp1 ingress $tundev "matchall $tcflags"
     76	tc filter add dev $h3 ingress pref 77 prot $prot \
     77		flower skip_hw ip_ttl 50 action pass
     78
     79	mirror_test v$h1 192.0.2.1 192.0.2.2 $h3 77 0
     80
     81	ip link set dev $tundev type $type ttl 50
     82	sleep 2
     83	mirror_test v$h1 192.0.2.1 192.0.2.2 $h3 77 10
     84
     85	ip link set dev $tundev type $type ttl 100
     86	tc filter del dev $h3 ingress pref 77
     87	mirror_uninstall $swp1 ingress
     88
     89	log_test "$what: TTL change ($tcflags)"
     90}
     91
     92test_span_gre_tun_up()
     93{
     94	local tundev=$1; shift
     95	local what=$1; shift
     96
     97	RET=0
     98
     99	ip link set dev $tundev down
    100	mirror_install $swp1 ingress $tundev "matchall $tcflags"
    101	fail_test_span_gre_dir $tundev ingress
    102
    103	ip link set dev $tundev up
    104
    105	quick_test_span_gre_dir $tundev ingress
    106	mirror_uninstall $swp1 ingress
    107
    108	log_test "$what: tunnel down/up ($tcflags)"
    109}
    110
    111test_span_gre_egress_up()
    112{
    113	local tundev=$1; shift
    114	local remote_ip=$1; shift
    115	local what=$1; shift
    116
    117	RET=0
    118
    119	ip link set dev $swp3 down
    120	mirror_install $swp1 ingress $tundev "matchall $tcflags"
    121	fail_test_span_gre_dir $tundev ingress
    122
    123	# After setting the device up, wait for neighbor to get resolved so that
    124	# we can expect mirroring to work.
    125	ip link set dev $swp3 up
    126	setup_wait_dev $swp3
    127	ping -c 1 -I $swp3 $remote_ip &>/dev/null
    128
    129	quick_test_span_gre_dir $tundev ingress
    130	mirror_uninstall $swp1 ingress
    131
    132	log_test "$what: egress down/up ($tcflags)"
    133}
    134
    135test_span_gre_remote_ip()
    136{
    137	local tundev=$1; shift
    138	local type=$1; shift
    139	local correct_ip=$1; shift
    140	local wrong_ip=$1; shift
    141	local what=$1; shift
    142
    143	RET=0
    144
    145	ip link set dev $tundev type $type remote $wrong_ip
    146	mirror_install $swp1 ingress $tundev "matchall $tcflags"
    147	fail_test_span_gre_dir $tundev ingress
    148
    149	ip link set dev $tundev type $type remote $correct_ip
    150	quick_test_span_gre_dir $tundev ingress
    151	mirror_uninstall $swp1 ingress
    152
    153	log_test "$what: remote address change ($tcflags)"
    154}
    155
    156test_span_gre_tun_del()
    157{
    158	local tundev=$1; shift
    159	local type=$1; shift
    160	local flags=$1; shift
    161	local local_ip=$1; shift
    162	local remote_ip=$1; shift
    163	local what=$1; shift
    164
    165	RET=0
    166
    167	mirror_install $swp1 ingress $tundev "matchall $tcflags"
    168	quick_test_span_gre_dir $tundev ingress
    169	ip link del dev $tundev
    170	fail_test_span_gre_dir $tundev ingress
    171
    172	tunnel_create $tundev $type $local_ip $remote_ip \
    173		      ttl 100 tos inherit $flags
    174
    175	# Recreating the tunnel doesn't reestablish mirroring, so reinstall it
    176	# and verify it works for the follow-up tests.
    177	mirror_uninstall $swp1 ingress
    178	mirror_install $swp1 ingress $tundev "matchall $tcflags"
    179	quick_test_span_gre_dir $tundev ingress
    180	mirror_uninstall $swp1 ingress
    181
    182	log_test "$what: tunnel deleted ($tcflags)"
    183}
    184
    185test_span_gre_route_del()
    186{
    187	local tundev=$1; shift
    188	local edev=$1; shift
    189	local route=$1; shift
    190	local what=$1; shift
    191
    192	RET=0
    193
    194	mirror_install $swp1 ingress $tundev "matchall $tcflags"
    195	quick_test_span_gre_dir $tundev ingress
    196
    197	ip route del $route dev $edev
    198	fail_test_span_gre_dir $tundev ingress
    199
    200	ip route add $route dev $edev
    201	quick_test_span_gre_dir $tundev ingress
    202
    203	mirror_uninstall $swp1 ingress
    204
    205	log_test "$what: underlay route removal ($tcflags)"
    206}
    207
    208test_ttl()
    209{
    210	test_span_gre_ttl gt4 gretap ip "mirror to gretap"
    211	test_span_gre_ttl gt6 ip6gretap ipv6 "mirror to ip6gretap"
    212}
    213
    214test_tun_up()
    215{
    216	test_span_gre_tun_up gt4 "mirror to gretap"
    217	test_span_gre_tun_up gt6 "mirror to ip6gretap"
    218}
    219
    220test_egress_up()
    221{
    222	test_span_gre_egress_up gt4 192.0.2.130 "mirror to gretap"
    223	test_span_gre_egress_up gt6 2001:db8:2::2 "mirror to ip6gretap"
    224}
    225
    226test_remote_ip()
    227{
    228	test_span_gre_remote_ip gt4 gretap 192.0.2.130 192.0.2.132 "mirror to gretap"
    229	test_span_gre_remote_ip gt6 ip6gretap 2001:db8:2::2 2001:db8:2::4 "mirror to ip6gretap"
    230}
    231
    232test_tun_del()
    233{
    234	test_span_gre_tun_del gt4 gretap "" \
    235			      192.0.2.129 192.0.2.130 "mirror to gretap"
    236	test_span_gre_tun_del gt6 ip6gretap allow-localremote \
    237			      2001:db8:2::1 2001:db8:2::2 "mirror to ip6gretap"
    238}
    239
    240test_route_del()
    241{
    242	test_span_gre_route_del gt4 $swp3 192.0.2.128/28 "mirror to gretap"
    243	test_span_gre_route_del gt6 $swp3 2001:db8:2::/64 "mirror to ip6gretap"
    244}
    245
    246test_all()
    247{
    248	slow_path_trap_install $swp1 ingress
    249	slow_path_trap_install $swp1 egress
    250
    251	tests_run
    252
    253	slow_path_trap_uninstall $swp1 egress
    254	slow_path_trap_uninstall $swp1 ingress
    255}
    256
    257trap cleanup EXIT
    258
    259setup_prepare
    260setup_wait
    261
    262tcflags="skip_hw"
    263test_all
    264
    265if ! tc_offload_check; then
    266	echo "WARN: Could not test offloaded functionality"
    267else
    268	tcflags="skip_sw"
    269	test_all
    270fi
    271
    272exit $EXIT_STATUS