tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4ALL_TESTS="locked_port_ipv4 locked_port_ipv6 locked_port_vlan"
5NUM_NETIFS=4
6CHECK_TC="no"
7source lib.sh
8
9h1_create()
10{
11 simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64
12 vlan_create $h1 100 v$h1 198.51.100.1/24
13}
14
15h1_destroy()
16{
17 vlan_destroy $h1 100
18 simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64
19}
20
21h2_create()
22{
23 simple_if_init $h2 192.0.2.2/24 2001:db8:1::2/64
24 vlan_create $h2 100 v$h2 198.51.100.2/24
25}
26
27h2_destroy()
28{
29 vlan_destroy $h2 100
30 simple_if_fini $h2 192.0.2.2/24 2001:db8:1::2/64
31}
32
33switch_create()
34{
35 ip link add dev br0 type bridge vlan_filtering 1
36
37 ip link set dev $swp1 master br0
38 ip link set dev $swp2 master br0
39
40 bridge link set dev $swp1 learning off
41
42 ip link set dev br0 up
43 ip link set dev $swp1 up
44 ip link set dev $swp2 up
45}
46
47switch_destroy()
48{
49 ip link set dev $swp2 down
50 ip link set dev $swp1 down
51
52 ip link del dev br0
53}
54
55setup_prepare()
56{
57 h1=${NETIFS[p1]}
58 swp1=${NETIFS[p2]}
59
60 swp2=${NETIFS[p3]}
61 h2=${NETIFS[p4]}
62
63 vrf_prepare
64
65 h1_create
66 h2_create
67
68 switch_create
69}
70
71cleanup()
72{
73 pre_cleanup
74
75 switch_destroy
76
77 h2_destroy
78 h1_destroy
79
80 vrf_cleanup
81}
82
83locked_port_ipv4()
84{
85 RET=0
86
87 check_locked_port_support || return 0
88
89 ping_do $h1 192.0.2.2
90 check_err $? "Ping did not work before locking port"
91
92 bridge link set dev $swp1 locked on
93
94 ping_do $h1 192.0.2.2
95 check_fail $? "Ping worked after locking port, but before adding FDB entry"
96
97 bridge fdb add `mac_get $h1` dev $swp1 master static
98
99 ping_do $h1 192.0.2.2
100 check_err $? "Ping did not work after locking port and adding FDB entry"
101
102 bridge link set dev $swp1 locked off
103 bridge fdb del `mac_get $h1` dev $swp1 master static
104
105 ping_do $h1 192.0.2.2
106 check_err $? "Ping did not work after unlocking port and removing FDB entry."
107
108 log_test "Locked port ipv4"
109}
110
111locked_port_vlan()
112{
113 RET=0
114
115 check_locked_port_support || return 0
116
117 bridge vlan add vid 100 dev $swp1
118 bridge vlan add vid 100 dev $swp2
119
120 ping_do $h1.100 198.51.100.2
121 check_err $? "Ping through vlan did not work before locking port"
122
123 bridge link set dev $swp1 locked on
124 ping_do $h1.100 198.51.100.2
125 check_fail $? "Ping through vlan worked after locking port, but before adding FDB entry"
126
127 bridge fdb add `mac_get $h1` dev $swp1 vlan 100 master static
128
129 ping_do $h1.100 198.51.100.2
130 check_err $? "Ping through vlan did not work after locking port and adding FDB entry"
131
132 bridge link set dev $swp1 locked off
133 bridge fdb del `mac_get $h1` dev $swp1 vlan 100 master static
134
135 ping_do $h1.100 198.51.100.2
136 check_err $? "Ping through vlan did not work after unlocking port and removing FDB entry"
137
138 bridge vlan del vid 100 dev $swp1
139 bridge vlan del vid 100 dev $swp2
140 log_test "Locked port vlan"
141}
142
143locked_port_ipv6()
144{
145 RET=0
146 check_locked_port_support || return 0
147
148 ping6_do $h1 2001:db8:1::2
149 check_err $? "Ping6 did not work before locking port"
150
151 bridge link set dev $swp1 locked on
152
153 ping6_do $h1 2001:db8:1::2
154 check_fail $? "Ping6 worked after locking port, but before adding FDB entry"
155
156 bridge fdb add `mac_get $h1` dev $swp1 master static
157 ping6_do $h1 2001:db8:1::2
158 check_err $? "Ping6 did not work after locking port and adding FDB entry"
159
160 bridge link set dev $swp1 locked off
161 bridge fdb del `mac_get $h1` dev $swp1 master static
162
163 ping6_do $h1 2001:db8:1::2
164 check_err $? "Ping6 did not work after unlocking port and removing FDB entry"
165
166 log_test "Locked port ipv6"
167}
168
169trap cleanup EXIT
170
171setup_prepare
172setup_wait
173
174tests_run
175
176exit $EXIT_STATUS