tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / tools / testing / selftests / drivers / net / mlxsw / tc_restrictions.sh
at v5.11 394 lines 11 kB view raw
1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3 4lib_dir=$(dirname $0)/../../../net/forwarding 5 6ALL_TESTS=" 7 shared_block_drop_test 8 egress_redirect_test 9 multi_mirror_test 10 matchall_sample_egress_test 11 matchall_mirror_behind_flower_ingress_test 12 matchall_sample_behind_flower_ingress_test 13 matchall_mirror_behind_flower_egress_test 14 police_limits_test 15 multi_police_test 16" 17NUM_NETIFS=2 18 19source $lib_dir/tc_common.sh 20source $lib_dir/lib.sh 21 22switch_create() 23{ 24 simple_if_init $swp1 192.0.2.1/24 25 simple_if_init $swp2 192.0.2.2/24 26} 27 28switch_destroy() 29{ 30 simple_if_fini $swp2 192.0.2.2/24 31 simple_if_fini $swp1 192.0.2.1/24 32} 33 34shared_block_drop_test() 35{ 36 RET=0 37 38 # It is forbidden in mlxsw driver to have mixed-bound 39 # shared block with a drop rule. 40 41 tc qdisc add dev $swp1 ingress_block 22 clsact 42 check_err $? "Failed to create clsact with ingress block" 43 44 tc filter add block 22 protocol ip pref 1 handle 101 flower \ 45 skip_sw dst_ip 192.0.2.2 action drop 46 check_err $? "Failed to add drop rule to ingress bound block" 47 48 tc qdisc add dev $swp2 ingress_block 22 clsact 49 check_err $? "Failed to create another clsact with ingress shared block" 50 51 tc qdisc del dev $swp2 clsact 52 53 tc qdisc add dev $swp2 egress_block 22 clsact 54 check_fail $? "Incorrect success to create another clsact with egress shared block" 55 56 tc filter del block 22 protocol ip pref 1 handle 101 flower 57 58 tc qdisc add dev $swp2 egress_block 22 clsact 59 check_err $? "Failed to create another clsact with egress shared block after blocker drop rule removed" 60 61 tc filter add block 22 protocol ip pref 1 handle 101 flower \ 62 skip_sw dst_ip 192.0.2.2 action drop 63 check_fail $? "Incorrect success to add drop rule to mixed bound block" 64 65 tc qdisc del dev $swp1 clsact 66 67 tc qdisc add dev $swp1 egress_block 22 clsact 68 check_err $? "Failed to create another clsact with egress shared block" 69 70 tc filter add block 22 protocol ip pref 1 handle 101 flower \ 71 skip_sw dst_ip 192.0.2.2 action drop 72 check_err $? "Failed to add drop rule to egress bound shared block" 73 74 tc filter del block 22 protocol ip pref 1 handle 101 flower 75 76 tc qdisc del dev $swp2 clsact 77 tc qdisc del dev $swp1 clsact 78 79 log_test "shared block drop" 80} 81 82egress_redirect_test() 83{ 84 RET=0 85 86 # It is forbidden in mlxsw driver to have mirred redirect on 87 # egress-bound block. 88 89 tc qdisc add dev $swp1 ingress_block 22 clsact 90 check_err $? "Failed to create clsact with ingress block" 91 92 tc filter add block 22 protocol ip pref 1 handle 101 flower \ 93 skip_sw dst_ip 192.0.2.2 \ 94 action mirred egress redirect dev $swp2 95 check_err $? "Failed to add redirect rule to ingress bound block" 96 97 tc qdisc add dev $swp2 ingress_block 22 clsact 98 check_err $? "Failed to create another clsact with ingress shared block" 99 100 tc qdisc del dev $swp2 clsact 101 102 tc qdisc add dev $swp2 egress_block 22 clsact 103 check_fail $? "Incorrect success to create another clsact with egress shared block" 104 105 tc filter del block 22 protocol ip pref 1 handle 101 flower 106 107 tc qdisc add dev $swp2 egress_block 22 clsact 108 check_err $? "Failed to create another clsact with egress shared block after blocker redirect rule removed" 109 110 tc filter add block 22 protocol ip pref 1 handle 101 flower \ 111 skip_sw dst_ip 192.0.2.2 \ 112 action mirred egress redirect dev $swp2 113 check_fail $? "Incorrect success to add redirect rule to mixed bound block" 114 115 tc qdisc del dev $swp1 clsact 116 117 tc qdisc add dev $swp1 egress_block 22 clsact 118 check_err $? "Failed to create another clsact with egress shared block" 119 120 tc filter add block 22 protocol ip pref 1 handle 101 flower \ 121 skip_sw dst_ip 192.0.2.2 \ 122 action mirred egress redirect dev $swp2 123 check_fail $? "Incorrect success to add redirect rule to egress bound shared block" 124 125 tc qdisc del dev $swp2 clsact 126 127 tc filter add block 22 protocol ip pref 1 handle 101 flower \ 128 skip_sw dst_ip 192.0.2.2 \ 129 action mirred egress redirect dev $swp2 130 check_fail $? "Incorrect success to add redirect rule to egress bound block" 131 132 tc qdisc del dev $swp1 clsact 133 134 log_test "shared block drop" 135} 136 137multi_mirror_test() 138{ 139 RET=0 140 141 # It is forbidden in mlxsw driver to have multiple mirror 142 # actions in a single rule. 143 144 tc qdisc add dev $swp1 clsact 145 146 tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 flower \ 147 skip_sw dst_ip 192.0.2.2 \ 148 action mirred egress mirror dev $swp2 149 check_err $? "Failed to add rule with single mirror action" 150 151 tc filter del dev $swp1 ingress protocol ip pref 1 handle 101 flower 152 153 tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 flower \ 154 skip_sw dst_ip 192.0.2.2 \ 155 action mirred egress mirror dev $swp2 \ 156 action mirred egress mirror dev $swp1 157 check_fail $? "Incorrect success to add rule with two mirror actions" 158 159 tc qdisc del dev $swp1 clsact 160 161 log_test "multi mirror" 162} 163 164matchall_sample_egress_test() 165{ 166 RET=0 167 168 # It is forbidden in mlxsw driver to have matchall with sample action 169 # bound on egress 170 171 tc qdisc add dev $swp1 clsact 172 173 tc filter add dev $swp1 ingress protocol all pref 1 handle 101 \ 174 matchall skip_sw action sample rate 100 group 1 175 check_err $? "Failed to add rule with sample action on ingress" 176 177 tc filter del dev $swp1 ingress protocol all pref 1 handle 101 matchall 178 179 tc filter add dev $swp1 egress protocol all pref 1 handle 101 \ 180 matchall skip_sw action sample rate 100 group 1 181 check_fail $? "Incorrect success to add rule with sample action on egress" 182 183 tc qdisc del dev $swp1 clsact 184 185 log_test "matchall sample egress" 186} 187 188matchall_behind_flower_ingress_test() 189{ 190 local action=$1 191 local action_args=$2 192 193 RET=0 194 195 # On ingress, all matchall-mirror and matchall-sample 196 # rules have to be in front of the flower rules 197 198 tc qdisc add dev $swp1 clsact 199 200 tc filter add dev $swp1 ingress protocol ip pref 10 handle 101 flower \ 201 skip_sw dst_ip 192.0.2.2 action drop 202 203 tc filter add dev $swp1 ingress protocol all pref 9 handle 102 \ 204 matchall skip_sw action $action_args 205 check_err $? "Failed to add matchall rule in front of a flower rule" 206 207 tc filter del dev $swp1 ingress protocol all pref 9 handle 102 matchall 208 209 tc filter add dev $swp1 ingress protocol all pref 11 handle 102 \ 210 matchall skip_sw action $action_args 211 check_fail $? "Incorrect success to add matchall rule behind a flower rule" 212 213 tc filter del dev $swp1 ingress protocol ip pref 10 handle 101 flower 214 215 tc filter add dev $swp1 ingress protocol all pref 9 handle 102 \ 216 matchall skip_sw action $action_args 217 218 tc filter add dev $swp1 ingress protocol ip pref 10 handle 101 flower \ 219 skip_sw dst_ip 192.0.2.2 action drop 220 check_err $? "Failed to add flower rule behind a matchall rule" 221 222 tc filter del dev $swp1 ingress protocol ip pref 10 handle 101 flower 223 224 tc filter add dev $swp1 ingress protocol ip pref 8 handle 101 flower \ 225 skip_sw dst_ip 192.0.2.2 action drop 226 check_fail $? "Incorrect success to add flower rule in front of a matchall rule" 227 228 tc qdisc del dev $swp1 clsact 229 230 log_test "matchall $action flower ingress" 231} 232 233matchall_mirror_behind_flower_ingress_test() 234{ 235 matchall_behind_flower_ingress_test "mirror" "mirred egress mirror dev $swp2" 236} 237 238matchall_sample_behind_flower_ingress_test() 239{ 240 matchall_behind_flower_ingress_test "sample" "sample rate 100 group 1" 241} 242 243matchall_behind_flower_egress_test() 244{ 245 local action=$1 246 local action_args=$2 247 248 RET=0 249 250 # On egress, all matchall-mirror rules have to be behind the flower rules 251 252 tc qdisc add dev $swp1 clsact 253 254 tc filter add dev $swp1 egress protocol ip pref 10 handle 101 flower \ 255 skip_sw dst_ip 192.0.2.2 action drop 256 257 tc filter add dev $swp1 egress protocol all pref 11 handle 102 \ 258 matchall skip_sw action $action_args 259 check_err $? "Failed to add matchall rule in front of a flower rule" 260 261 tc filter del dev $swp1 egress protocol all pref 11 handle 102 matchall 262 263 tc filter add dev $swp1 egress protocol all pref 9 handle 102 \ 264 matchall skip_sw action $action_args 265 check_fail $? "Incorrect success to add matchall rule behind a flower rule" 266 267 tc filter del dev $swp1 egress protocol ip pref 10 handle 101 flower 268 269 tc filter add dev $swp1 egress protocol all pref 11 handle 102 \ 270 matchall skip_sw action $action_args 271 272 tc filter add dev $swp1 egress protocol ip pref 10 handle 101 flower \ 273 skip_sw dst_ip 192.0.2.2 action drop 274 check_err $? "Failed to add flower rule behind a matchall rule" 275 276 tc filter del dev $swp1 egress protocol ip pref 10 handle 101 flower 277 278 tc filter add dev $swp1 egress protocol ip pref 12 handle 101 flower \ 279 skip_sw dst_ip 192.0.2.2 action drop 280 check_fail $? "Incorrect success to add flower rule in front of a matchall rule" 281 282 tc qdisc del dev $swp1 clsact 283 284 log_test "matchall $action flower egress" 285} 286 287matchall_mirror_behind_flower_egress_test() 288{ 289 matchall_behind_flower_egress_test "mirror" "mirred egress mirror dev $swp2" 290} 291 292police_limits_test() 293{ 294 RET=0 295 296 tc qdisc add dev $swp1 clsact 297 298 tc filter add dev $swp1 ingress pref 1 proto ip handle 101 \ 299 flower skip_sw \ 300 action police rate 0.5kbit burst 1m conform-exceed drop/ok 301 check_fail $? "Incorrect success to add police action with too low rate" 302 303 tc filter add dev $swp1 ingress pref 1 proto ip handle 101 \ 304 flower skip_sw \ 305 action police rate 2.5tbit burst 1g conform-exceed drop/ok 306 check_fail $? "Incorrect success to add police action with too high rate" 307 308 tc filter add dev $swp1 ingress pref 1 proto ip handle 101 \ 309 flower skip_sw \ 310 action police rate 1.5kbit burst 1m conform-exceed drop/ok 311 check_err $? "Failed to add police action with low rate" 312 313 tc filter del dev $swp1 ingress protocol ip pref 1 handle 101 flower 314 315 tc filter add dev $swp1 ingress pref 1 proto ip handle 101 \ 316 flower skip_sw \ 317 action police rate 1.9tbit burst 1g conform-exceed drop/ok 318 check_err $? "Failed to add police action with high rate" 319 320 tc filter del dev $swp1 ingress protocol ip pref 1 handle 101 flower 321 322 tc filter add dev $swp1 ingress pref 1 proto ip handle 101 \ 323 flower skip_sw \ 324 action police rate 1.5kbit burst 512b conform-exceed drop/ok 325 check_fail $? "Incorrect success to add police action with too low burst size" 326 327 tc filter add dev $swp1 ingress pref 1 proto ip handle 101 \ 328 flower skip_sw \ 329 action police rate 1.5kbit burst 2k conform-exceed drop/ok 330 check_err $? "Failed to add police action with low burst size" 331 332 tc filter del dev $swp1 ingress protocol ip pref 1 handle 101 flower 333 334 tc qdisc del dev $swp1 clsact 335 336 log_test "police rate and burst limits" 337} 338 339multi_police_test() 340{ 341 RET=0 342 343 # It is forbidden in mlxsw driver to have multiple police 344 # actions in a single rule. 345 346 tc qdisc add dev $swp1 clsact 347 348 tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 \ 349 flower skip_sw \ 350 action police rate 100mbit burst 100k conform-exceed drop/ok 351 check_err $? "Failed to add rule with single police action" 352 353 tc filter del dev $swp1 ingress protocol ip pref 1 handle 101 flower 354 355 tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 \ 356 flower skip_sw \ 357 action police rate 100mbit burst 100k conform-exceed drop/pipe \ 358 action police rate 200mbit burst 200k conform-exceed drop/ok 359 check_fail $? "Incorrect success to add rule with two police actions" 360 361 tc qdisc del dev $swp1 clsact 362 363 log_test "multi police" 364} 365 366setup_prepare() 367{ 368 swp1=${NETIFS[p1]} 369 swp2=${NETIFS[p2]} 370 371 vrf_prepare 372 373 switch_create 374} 375 376cleanup() 377{ 378 pre_cleanup 379 380 switch_destroy 381 382 vrf_cleanup 383} 384 385check_tc_shblock_support 386 387trap cleanup EXIT 388 389setup_prepare 390setup_wait 391 392tests_run 393 394exit $EXIT_STATUS