| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Jul 2023 18:15:32 +0200
From: Petr Machata <petrm@...dia.com>
To: "David S. Miller" <davem@...emloft.net>, Eric Dumazet
<edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni
<pabeni@...hat.com>, <netdev@...r.kernel.org>
CC: Ido Schimmel <idosch@...dia.com>, Petr Machata <petrm@...dia.com>,
Danielle Ratson <danieller@...dia.com>, <mlxsw@...dia.com>
Subject: [PATCH net-next 09/11] selftests: router_bridge_vlan: Add PVID change test
Add an alternative path involving VLAN 777 instead of the current 555. Then
add tests that verify that marking 777 as PVID makes the 555 path not work,
and the 777 path work.
Signed-off-by: Petr Machata <petrm@...dia.com>
Reviewed-by: Danielle Ratson <danieller@...dia.com>
---
.../net/forwarding/router_bridge_vlan.sh | 100 +++++++++++++++---
1 file changed, 85 insertions(+), 15 deletions(-)
diff --git a/tools/testing/selftests/net/forwarding/router_bridge_vlan.sh b/tools/testing/selftests/net/forwarding/router_bridge_vlan.sh
index de2b2d5480dd..b76a4a707a5b 100755
--- a/tools/testing/selftests/net/forwarding/router_bridge_vlan.sh
+++ b/tools/testing/selftests/net/forwarding/router_bridge_vlan.sh
@@ -1,25 +1,28 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
-# +------------------------+ +----------------------+
-# | H1 (vrf) | | H2 (vrf) |
-# | + $h1.555 | | + $h2 |
-# | | 192.0.2.1/28 | | | 192.0.2.130/28 |
-# | | 2001:db8:1::1/64 | | | 2001:db8:2::2/64 |
-# | | | | | |
-# | + $h1 | | | |
-# +----|-------------------+ +--|-------------------+
+# +------------------------------------------------+ +----------------------+
+# | H1 (vrf) | | H2 (vrf) |
+# | + $h1.555 + $h1.777 | | + $h2 |
+# | | 192.0.2.1/28 | 192.0.2.17/28 | | | 192.0.2.130/28 |
+# | | 2001:db8:1::1/64 | 2001:db8:3::1/64 | | | 192.0.2.146/28 |
+# | | .-----------------' | | | 2001:db8:2::2/64 |
+# | |/ | | | 2001:db8:4::2/64 |
+# | + $h1 | | | |
+# +----|-------------------------------------------+ +--|-------------------+
# | |
# +----|--------------------------------------------------|-------------------+
# | SW | | |
# | +--|-------------------------------+ + $swp2 |
# | | + $swp1 | 192.0.2.129/28 |
-# | | vid 555 | 2001:db8:2::1/64 |
-# | | | |
-# | | + BR1 (802.1q) | |
+# | | vid 555 777 | 192.0.2.145/28 |
+# | | | 2001:db8:2::1/64 |
+# | | + BR1 (802.1q) | 2001:db8:4::1/64 |
# | | vid 555 pvid untagged | |
# | | 192.0.2.2/28 | |
+# | | 192.0.2.18/28 | |
# | | 2001:db8:1::2/64 | |
+# | | 2001:db8:3::2/64 | |
# | +----------------------------------+ |
# +---------------------------------------------------------------------------+
@@ -27,6 +30,14 @@ ALL_TESTS="
ping_ipv4
ping_ipv6
vlan
+ config_777
+ ping_ipv4_fails
+ ping_ipv6_fails
+ ping_ipv4_777
+ ping_ipv6_777
+ config_555
+ ping_ipv4
+ ping_ipv6
"
NUM_NETIFS=4
source lib.sh
@@ -34,31 +45,47 @@ source lib.sh
h1_create()
{
simple_if_init $h1
+
vlan_create $h1 555 v$h1 192.0.2.1/28 2001:db8:1::1/64
ip -4 route add 192.0.2.128/28 vrf v$h1 nexthop via 192.0.2.2
ip -6 route add 2001:db8:2::/64 vrf v$h1 nexthop via 2001:db8:1::2
+
+ vlan_create $h1 777 v$h1 192.0.2.17/28 2001:db8:3::1/64
+ ip -4 route add 192.0.2.144/28 vrf v$h1 nexthop via 192.0.2.18
+ ip -6 route add 2001:db8:4::/64 vrf v$h1 nexthop via 2001:db8:3::2
}
h1_destroy()
{
+ ip -6 route del 2001:db8:4::/64 vrf v$h1
+ ip -4 route del 192.0.2.144/28 vrf v$h1
+ vlan_destroy $h1 777
+
ip -6 route del 2001:db8:2::/64 vrf v$h1
ip -4 route del 192.0.2.128/28 vrf v$h1
vlan_destroy $h1 555
+
simple_if_fini $h1
}
h2_create()
{
- simple_if_init $h2 192.0.2.130/28 2001:db8:2::2/64
+ simple_if_init $h2 192.0.2.130/28 2001:db8:2::2/64 \
+ 192.0.2.146/28 2001:db8:4::2/64
ip -4 route add 192.0.2.0/28 vrf v$h2 nexthop via 192.0.2.129
+ ip -4 route add 192.0.2.16/28 vrf v$h2 nexthop via 192.0.2.145
ip -6 route add 2001:db8:1::/64 vrf v$h2 nexthop via 2001:db8:2::1
+ ip -6 route add 2001:db8:3::/64 vrf v$h2 nexthop via 2001:db8:4::1
}
h2_destroy()
{
+ ip -6 route del 2001:db8:3::/64 vrf v$h2
ip -6 route del 2001:db8:1::/64 vrf v$h2
+ ip -4 route del 192.0.2.16/28 vrf v$h2
ip -4 route del 192.0.2.0/28 vrf v$h2
- simple_if_fini $h2 192.0.2.130/28 2001:db8:2::2/64
+ simple_if_fini $h2 192.0.2.146/28 2001:db8:4::2/64 \
+ 192.0.2.130/28 2001:db8:2::2/64
}
router_create()
@@ -71,18 +98,23 @@ router_create()
bridge vlan add dev br1 vid 555 self pvid untagged
bridge vlan add dev $swp1 vid 555
+ bridge vlan add dev $swp1 vid 777
__addr_add_del br1 add 192.0.2.2/28 2001:db8:1::2/64
+ __addr_add_del br1 add 192.0.2.18/28 2001:db8:3::2/64
ip link set dev $swp2 up
__addr_add_del $swp2 add 192.0.2.129/28 2001:db8:2::1/64
+ __addr_add_del $swp2 add 192.0.2.145/28 2001:db8:4::1/64
}
router_destroy()
{
+ __addr_add_del $swp2 del 192.0.2.145/28 2001:db8:4::1/64
__addr_add_del $swp2 del 192.0.2.129/28 2001:db8:2::1/64
ip link set dev $swp2 down
+ __addr_add_del br1 del 192.0.2.18/28 2001:db8:3::2/64
__addr_add_del br1 del 192.0.2.2/28 2001:db8:1::2/64
ip link set dev $swp1 down
ip link set dev $swp1 nomaster
@@ -108,6 +140,24 @@ setup_prepare()
forwarding_enable
}
+config_555()
+{
+ log_info "Configure VLAN 555 as PVID"
+
+ bridge vlan add dev br1 vid 555 self pvid untagged
+ bridge vlan del dev br1 vid 777 self
+ sleep 2
+}
+
+config_777()
+{
+ log_info "Configure VLAN 777 as PVID"
+
+ bridge vlan add dev br1 vid 777 self pvid untagged
+ bridge vlan del dev br1 vid 555 self
+ sleep 2
+}
+
cleanup()
{
pre_cleanup
@@ -136,12 +186,32 @@ vlan()
ping_ipv4()
{
- ping_test $h1 192.0.2.130
+ ping_test $h1.555 192.0.2.130
}
ping_ipv6()
{
- ping6_test $h1 2001:db8:2::2
+ ping6_test $h1.555 2001:db8:2::2
+}
+
+ping_ipv4_fails()
+{
+ ping_test_fails $h1.555 192.0.2.130 ": via 555"
+}
+
+ping_ipv6_fails()
+{
+ ping6_test_fails $h1.555 2001:db8:2::2 ": via 555"
+}
+
+ping_ipv4_777()
+{
+ ping_test $h1.777 192.0.2.146 ": via 777"
+}
+
+ping_ipv6_777()
+{
+ ping6_test $h1.777 2001:db8:4::2 ": via 777"
}
trap cleanup EXIT
--
2.40.1
Powered by blists - more mailing lists