| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251201102817.301552-4-jonas.gorski@gmail.com>
Date: Mon, 1 Dec 2025 11:28:15 +0100
From: Jonas Gorski <jonas.gorski@...il.com>
To: Andrew Lunn <andrew@...n.ch>,
Vladimir Oltean <olteanv@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Simon Horman <horms@...nel.org>,
Shuah Khan <shuah@...nel.org>,
Florian Fainelli <f.fainelli@...il.com>
Cc: Vladimir Oltean <vladimir.oltean@....com>,
netdev@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-kselftest@...r.kernel.org
Subject: [PATCH RFC/RFT net-next v2 3/5] selftests: no_forwarding: test VLAN uppers on VLAN aware bridged ports
Add a test (mainly for switchdev implementors) to test that multiple
VLAN uppers on a VLAN aware bridge for the same VLAN do not enable
forwarding of that VLAN between those ports.
Since we are testing VLAN uppers, skip checking untagged traffic in
those cases.
Disallowing VLAN uppers on bridge ports is a valid choice for switchdev
drivers, so test if we can create them first and skip the tests if not.
Signed-off-by: Jonas Gorski <jonas.gorski@...il.com>
---
v1 -> v2:
* new patch
.../selftests/net/forwarding/no_forwarding.sh | 89 ++++++++++++++-----
1 file changed, 67 insertions(+), 22 deletions(-)
diff --git a/tools/testing/selftests/net/forwarding/no_forwarding.sh b/tools/testing/selftests/net/forwarding/no_forwarding.sh
index 694ece9ba3a7..c8adf04e1328 100755
--- a/tools/testing/selftests/net/forwarding/no_forwarding.sh
+++ b/tools/testing/selftests/net/forwarding/no_forwarding.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
-ALL_TESTS="standalone two_bridges one_bridge_two_pvids"
+ALL_TESTS="standalone two_bridges one_bridge_two_pvids bridge_aware_vlan_uppers"
NUM_NETIFS=4
source lib.sh
@@ -90,6 +90,7 @@ check_rcv()
run_test()
{
local test_name="$1"
+ local swp_uppers=${2:0}
local smac=$(mac_get $h1)
local dmac=$(mac_get $h2)
local h1_ipv6_lladdr=$(ipv6_lladdr_get $h1)
@@ -99,16 +100,24 @@ run_test()
tcpdump_start $h2
- send_non_ip $h1 $smac $dmac
- send_non_ip $h1 $smac $NON_IP_MC
- send_non_ip $h1 $smac $BC
- send_uc_ipv4 $h1 $dmac
- send_mc_ipv4 $h1
- send_uc_ipv6 $h1 $dmac
- send_mc_ipv6 $h1
+ if [ "$swp_uppers" -eq 0 ]; then
+ send_non_ip $h1 $smac $dmac
+ send_non_ip $h1 $smac $NON_IP_MC
+ send_non_ip $h1 $smac $BC
+ send_uc_ipv4 $h1 $dmac
+ send_mc_ipv4 $h1
+ send_uc_ipv6 $h1 $dmac
+ send_mc_ipv6 $h1
+ fi
for vid in "${vids[@]}"; do
vlan_create $h1 $vid
+ if [ "$swp_uppers" -ge 1 ]; then
+ vlan_create $swp1 $vid
+ fi
+ if [ "$swp_uppers" -ge 2 ]; then
+ vlan_create $swp2 $vid
+ fi
simple_if_init $h1.$vid $H1_IPV4/24 $H1_IPV6/64
send_non_ip $h1.$vid $smac $dmac
@@ -120,6 +129,12 @@ run_test()
send_mc_ipv6 $h1.$vid
simple_if_fini $h1.$vid $H1_IPV4/24 $H1_IPV6/64
+ if [ "$swp_uppers" -ge 2 ]; then
+ vlan_destroy $swp2 $vid
+ fi
+ if [ "$swp_uppers" -ge 1 ]; then
+ vlan_destroy $swp1 $vid
+ fi
vlan_destroy $h1 $vid
done
@@ -129,26 +144,28 @@ run_test()
tcpdump_stop $h2
- check_rcv $h2 "$test_name: Unicast non-IP untagged" \
- "$smac > $dmac, 802.3, length 4:"
+ if [ "$swp_uppers" -eq 0 ]; then
+ check_rcv $h2 "$test_name: Unicast non-IP untagged" \
+ "$smac > $dmac, 802.3, length 4:"
- check_rcv $h2 "$test_name: Multicast non-IP untagged" \
- "$smac > $NON_IP_MC, 802.3, length 4:"
+ check_rcv $h2 "$test_name: Multicast non-IP untagged" \
+ "$smac > $NON_IP_MC, 802.3, length 4:"
- check_rcv $h2 "$test_name: Broadcast non-IP untagged" \
- "$smac > $BC, 802.3, length 4:"
+ check_rcv $h2 "$test_name: Broadcast non-IP untagged" \
+ "$smac > $BC, 802.3, length 4:"
- check_rcv $h2 "$test_name: Unicast IPv4 untagged" \
- "$smac > $dmac, ethertype IPv4 (0x0800)"
+ check_rcv $h2 "$test_name: Unicast IPv4 untagged" \
+ "$smac > $dmac, ethertype IPv4 (0x0800)"
- check_rcv $h2 "$test_name: Multicast IPv4 untagged" \
- "$smac > $MACV4_ALLNODES, ethertype IPv4 (0x0800).*: $H1_IPV4 > $IPV4_ALLNODES"
+ check_rcv $h2 "$test_name: Multicast IPv4 untagged" \
+ "$smac > $MACV4_ALLNODES, ethertype IPv4 (0x0800).*: $H1_IPV4 > $IPV4_ALLNODES"
- check_rcv $h2 "$test_name: Unicast IPv6 untagged" \
- "$smac > $dmac, ethertype IPv6 (0x86dd).*8: $H1_IPV6 > $H2_IPV6"
+ check_rcv $h2 "$test_name: Unicast IPv6 untagged" \
+ "$smac > $dmac, ethertype IPv6 (0x86dd).*8: $H1_IPV6 > $H2_IPV6"
- check_rcv $h2 "$test_name: Multicast IPv6 untagged" \
- "$smac > $MACV6_ALLNODES, ethertype IPv6 (0x86dd).*: $h1_ipv6_lladdr > $IPV6_ALLNODES"
+ check_rcv $h2 "$test_name: Multicast IPv6 untagged" \
+ "$smac > $MACV6_ALLNODES, ethertype IPv6 (0x86dd).*: $h1_ipv6_lladdr > $IPV6_ALLNODES"
+ fi
for vid in "${vids[@]}"; do
check_rcv $h2 "$test_name: Unicast non-IP VID $vid" \
@@ -209,6 +226,34 @@ one_bridge_two_pvids()
ip link del br0
}
+bridge_aware_vlan_uppers()
+{
+ ip link add br0 type bridge vlan_filtering 1 vlan_default_pvid 0
+ ip link set br0 up
+ ip link set $swp1 master br0
+ ip link set $swp2 master br0
+
+ if ! ip link add name $swp1.10 link $swp1 type vlan id 10 2>/dev/null; then
+ ip link del br0
+ echo "SKIP: vlan-aware bridge does not allow vlan uppers on bridge ports"
+ exit "$ksft_skip"
+ fi
+
+ if ! ip link add name $swp2.10 link $swp2 type vlan id 10 2>/dev/null; then
+ vlan_destroy $swp1 10
+ ip link del br0
+ echo "SKIP: vlan-aware bridge does not allow multiple vlan uppers per VLAN on bridge ports"
+ exit "$ksft_skip"
+ fi
+
+ vlan_destroy $swp1 10
+ vlan_destroy $swp2 10
+
+ run_test "Switch ports in VLAN-aware bridge with VLAN uppers" 2
+
+ ip link del br0
+}
+
h1_create()
{
simple_if_init $h1 $H1_IPV4/24 $H1_IPV6/64
--
2.43.0
Powered by blists - more mailing lists