cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

mirror_gre_nh.sh (2974B)

      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3
      4# This test uses standard topology for testing gretap. See
      5# mirror_gre_topo_lib.sh for more details.
      6#
      7# Test that gretap and ip6gretap mirroring works when the other tunnel endpoint
      8# is reachable through a next-hop route (as opposed to directly-attached route).
      9
     10ALL_TESTS="
     11	test_gretap
     12	test_ip6gretap
     13"
     14
     15NUM_NETIFS=6
     16source lib.sh
     17source mirror_lib.sh
     18source mirror_gre_lib.sh
     19source mirror_gre_topo_lib.sh
     20
     21setup_prepare()
     22{
     23	h1=${NETIFS[p1]}
     24	swp1=${NETIFS[p2]}
     25
     26	swp2=${NETIFS[p3]}
     27	h2=${NETIFS[p4]}
     28
     29	swp3=${NETIFS[p5]}
     30	h3=${NETIFS[p6]}
     31
     32	sysctl_set net.ipv4.conf.all.rp_filter 0
     33	sysctl_set net.ipv4.conf.$h3.rp_filter 0
     34
     35	vrf_prepare
     36	mirror_gre_topo_create
     37
     38	sysctl_set net.ipv4.conf.v$h3.rp_filter 0
     39
     40	ip address add dev $swp3 192.0.2.161/28
     41	ip address add dev $h3 192.0.2.162/28
     42	ip address add dev gt4 192.0.2.129/32
     43	ip address add dev h3-gt4 192.0.2.130/32
     44
     45	# IPv6 route can't be added after address. Such routes are rejected due
     46	# to the gateway address having been configured on the local system. It
     47	# works the other way around though.
     48	ip address add dev $swp3 2001:db8:4::1/64
     49	ip -6 route add 2001:db8:2::2/128 via 2001:db8:4::2
     50	ip address add dev $h3 2001:db8:4::2/64
     51	ip address add dev gt6 2001:db8:2::1
     52	ip address add dev h3-gt6 2001:db8:2::2
     53}
     54
     55cleanup()
     56{
     57	pre_cleanup
     58
     59	ip -6 route del 2001:db8:2::2/128 via 2001:db8:4::2
     60	ip address del dev $h3 2001:db8:4::2/64
     61	ip address del dev $swp3 2001:db8:4::1/64
     62
     63	ip address del dev $h3 192.0.2.162/28
     64	ip address del dev $swp3 192.0.2.161/28
     65
     66	sysctl_restore net.ipv4.conf.v$h3.rp_filter 0
     67
     68	mirror_gre_topo_destroy
     69	vrf_cleanup
     70
     71	sysctl_restore net.ipv4.conf.$h3.rp_filter
     72	sysctl_restore net.ipv4.conf.all.rp_filter
     73}
     74
     75test_gretap()
     76{
     77	RET=0
     78	mirror_install $swp1 ingress gt4 "matchall $tcflags"
     79
     80	# For IPv4, test that there's no mirroring without the route directing
     81	# the traffic to tunnel remote address. Then add it and test that
     82	# mirroring starts. For IPv6 we can't test this due to the limitation
     83	# that routes for locally-specified IPv6 addresses can't be added.
     84	fail_test_span_gre_dir gt4 ingress
     85
     86	ip route add 192.0.2.130/32 via 192.0.2.162
     87	quick_test_span_gre_dir gt4 ingress
     88	ip route del 192.0.2.130/32 via 192.0.2.162
     89
     90	mirror_uninstall $swp1 ingress
     91	log_test "mirror to gre with next-hop remote ($tcflags)"
     92}
     93
     94test_ip6gretap()
     95{
     96	RET=0
     97
     98	mirror_install $swp1 ingress gt6 "matchall $tcflags"
     99	quick_test_span_gre_dir gt6 ingress
    100	mirror_uninstall $swp1 ingress
    101
    102	log_test "mirror to ip6gre with next-hop remote ($tcflags)"
    103}
    104
    105test_all()
    106{
    107	slow_path_trap_install $swp1 ingress
    108	slow_path_trap_install $swp1 egress
    109
    110	tests_run
    111
    112	slow_path_trap_uninstall $swp1 egress
    113	slow_path_trap_uninstall $swp1 ingress
    114}
    115
    116trap cleanup EXIT
    117
    118setup_prepare
    119setup_wait
    120
    121tcflags="skip_hw"
    122test_all
    123
    124if ! tc_offload_check; then
    125	echo "WARN: Could not test offloaded functionality"
    126else
    127	tcflags="skip_sw"
    128	test_all
    129fi
    130
    131exit $EXIT_STATUS