From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=PwF/=QN=vger.kernel.org=netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-9.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,
	SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 439D4C169C4
	for <netdev@archiver.kernel.org>; Wed,  6 Feb 2019 19:42:15 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id F41BC218D9
	for <netdev@archiver.kernel.org>; Wed,  6 Feb 2019 19:42:14 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=Mellanox.com header.i=@Mellanox.com header.b="UAmIZuYK"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727141AbfBFTmN (ORCPT <rfc822;netdev@archiver.kernel.org>);
        Wed, 6 Feb 2019 14:42:13 -0500
Received: from mail-eopbgr10078.outbound.protection.outlook.com ([40.107.1.78]:52096
        "EHLO EUR02-HE1-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1726861AbfBFTmM (ORCPT <rfc822;netdev@vger.kernel.org>);
        Wed, 6 Feb 2019 14:42:12 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Mellanox.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=SVIyUEcThflLNoxvFCr7z8iz2vQ2En3yIMd4WRR6wl8=;
 b=UAmIZuYKPAIhJEdQNc9+QbcxLr4hKgC1gFs2LtpaFL8OoCIppV3+S0r60bY45tqpQ32vgvpzztsBvO4Skum2p5iDDPJJVSGVSuCFFdbdR0WT+OLy5EwD8+z0rn0Eqp6062BCJk3fz4zYMvYYh+TU0O5UDPvf7BzrIGmicIr1lZk=
Received: from AM6PR05MB5240.eurprd05.prod.outlook.com (20.177.196.214) by
 AM6PR05MB4376.eurprd05.prod.outlook.com (52.135.162.29) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.1601.19; Wed, 6 Feb 2019 19:42:03 +0000
Received: from AM6PR05MB5240.eurprd05.prod.outlook.com
 ([fe80::3542:889c:3a85:3866]) by AM6PR05MB5240.eurprd05.prod.outlook.com
 ([fe80::3542:889c:3a85:3866%5]) with mapi id 15.20.1601.016; Wed, 6 Feb 2019
 19:42:03 +0000
From:   Ido Schimmel <idosch@mellanox.com>
To:     "netdev@vger.kernel.org" <netdev@vger.kernel.org>
CC:     "davem@davemloft.net" <davem@davemloft.net>,
        Jiri Pirko <jiri@mellanox.com>,
        Alexander Petrovskiy <alexpe@mellanox.com>,
        "dsahern@gmail.com" <dsahern@gmail.com>,
        mlxsw <mlxsw@mellanox.com>, Ido Schimmel <idosch@mellanox.com>
Subject: [PATCH net-next 2/2] selftests: mlxsw: Add a test for blackhole
 routes
Thread-Topic: [PATCH net-next 2/2] selftests: mlxsw: Add a test for blackhole
 routes
Thread-Index: AQHUvlQI5XbBz24Cbki+6ZHG8ckeHw==
Date:   Wed, 6 Feb 2019 19:42:03 +0000
Message-ID: <20190206194140.18606-3-idosch@mellanox.com>
References: <20190206194140.18606-1-idosch@mellanox.com>
In-Reply-To: <20190206194140.18606-1-idosch@mellanox.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: AM5PR0601CA0030.eurprd06.prod.outlook.com
 (2603:10a6:203:68::16) To AM6PR05MB5240.eurprd05.prod.outlook.com
 (2603:10a6:20b:64::22)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=idosch@mellanox.com; 
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.20.1
x-originating-ip: [37.142.229.58]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1;AM6PR05MB4376;6:TU4Lqw4VR+HtY0xdlQ5lDV7lFi8vMtVSdSO4vMvBT3hwoIafHlrsW2fMDmc6jiihMIufMm3JqmAO6Gk8P3LLXQSBxycQcAvsxW57+hi2YiX4VS+CgJfvQuL0N4yJSBiWRINtJ6SCnQMKYfHLYwfKfAUQciwRFwC7Mq5SNNXYmnxcwS2wR3sF4qKg5garZ/gK0jlOODSXk2DK7K9yhfeDa2jbmoyyQZDTyoY+yqhgipdQzkHrzXkOCgZc/kLHOFCNxREd5hoPDv4LfFmG7snl3Kuf/a+rWcci7dB6TOVWyVlLg5XknBzJl0siAW1f5p1itWvLjihDun+nXUNICibLyR6f9ATtBREKMUC6yPM2K4OlBxW/BNsUGa5DAnNs5oaUgfvjxzqzjk10kz6cdXqVHmXsisYChD4oHdOB4ZI5DK3Ysv2oTo+lqmConKm8EBjuFkZBC4y0jt+WFyPSSHCELA==;5:1QhbdF6sJKqh6sgAna1rAACEpyP6P1E8AgqTXNMW+y2E+jKIjxAhVqUwzIFLZ5CIMpmIHXPrDvVG+kDTHmaGHjM0xMRrCAtKZ3Cb/qGqHNfiWc1FgOHfH/sFnMjPLA4PNWxgKmT6MEzH61bUcZgpyLNrMyTUuoZvr7pO8s/Byjs8GsVJSmvOVxFVzKhLiG5KA+HBafhAZg/RBBmJ+kN05g==;7:08B+vNNqF9dvfJ4D2AodgnvXLkWwsZbQj9hQZuLlaDeufZJFJpB6uMbYvqr1TzGg/3Q/jeTPGLPTbnA0TtHUOuFIQE6e9HDxykBxUmBzvEZ0tRqbDVcN42FzalkAGVXYTG7dOPjDD1LfVTHDEIKWow==
x-ms-office365-filtering-correlation-id: ece5127b-d2aa-4153-5be0-08d68c6b2ad2
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4618075)(2017052603328)(7153060)(7193020);SRVR:AM6PR05MB4376;
x-ms-traffictypediagnostic: AM6PR05MB4376:
x-microsoft-antispam-prvs: <AM6PR05MB4376D821ED4DD360D6919EC9BF6F0@AM6PR05MB4376.eurprd05.prod.outlook.com>
x-forefront-prvs: 0940A19703
x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(366004)(396003)(136003)(376002)(346002)(39860400002)(189003)(199004)(8936002)(476003)(54906003)(11346002)(446003)(53936002)(2616005)(105586002)(99286004)(305945005)(107886003)(486006)(316002)(386003)(6506007)(2906002)(6916009)(97736004)(52116002)(2501003)(76176011)(36756003)(14444005)(256004)(106356001)(6436002)(7736002)(26005)(14454004)(186003)(50226002)(3846002)(102836004)(6116002)(86362001)(81156014)(81166006)(1730700003)(25786009)(8676002)(68736007)(5640700003)(478600001)(6486002)(66066001)(6512007)(66574012)(1076003)(71200400001)(71190400001)(2351001)(4326008);DIR:OUT;SFP:1101;SCL:1;SRVR:AM6PR05MB4376;H:AM6PR05MB5240.eurprd05.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1;
received-spf: None (protection.outlook.com: mellanox.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Xkz1TOTIY/ehFrsrPjkp6nX1rbrPoWWzYmgedBGwSnoymmXY+AmR5sFLTR+/Zq5zlFq5B+gJKgk/mm/jW9I2iwY9iQtcNPBKvlU5iiAoWqIz5expRJxeDfRgeUdM5HCmZng26ZeJUURSyVyuhitdITN71d2Qa3KF+Px9bR1AmQ3zFdX8uJHF8fF7fceaUbFw5oxXzetpandLcCo/UXb9lmbinvp5si5Zb0DTWA8YrCOZiZHbNd7nkMnLCfyBfFl3SOsEvFK202LORuI9zZ4/brNLeyVcC3tXq0222lqZhnNWXP098iiRodBEv5TAsFyDbHIWpmmaozMwdD88RWJFWjSoRn6K/+HQH3lWZcsh6WAQDdDEuAJO+DUgraERV0tahRCAY35EMsY7uLay2NlXA1/6EufKP5Rl9jJKC0WJU6w=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: Mellanox.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ece5127b-d2aa-4153-5be0-08d68c6b2ad2
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Feb 2019 19:42:02.0677
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-id: a652971c-7d2e-4d9b-a6a4-d149256f461b
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR05MB4376
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Use a simple topology consisting of two hosts directly connected to a
router. Make sure IPv4/IPv6 ping works and then add blackhole routes.
Test that ping fails and that the routes are marked as offloaded. Use a
simple tc filter to test that packets were dropped by the ASIC and not
trapped to the CPU.

Signed-off-by: Ido Schimmel <idosch@mellanox.com>
---
 .../drivers/net/mlxsw/blackhole_routes.sh     | 200 ++++++++++++++++++
 1 file changed, 200 insertions(+)
 create mode 100755 tools/testing/selftests/drivers/net/mlxsw/blackhole_rou=
tes.sh

diff --git a/tools/testing/selftests/drivers/net/mlxsw/blackhole_routes.sh =
b/tools/testing/selftests/drivers/net/mlxsw/blackhole_routes.sh
new file mode 100755
index 000000000000..5ba5bef44d5b
--- /dev/null
+++ b/tools/testing/selftests/drivers/net/mlxsw/blackhole_routes.sh
@@ -0,0 +1,200 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+# Test that blackhole routes are marked as offloaded and that packets hitt=
ing
+# them are dropped by the ASIC and not by the kernel.
+#
+# +---------------------------------+
+# | H1 (vrf)                        |
+# |    + $h1                        |
+# |    | 192.0.2.1/24               |
+# |    | 2001:db8:1::1/64           |
+# |    |                            |
+# |    |  default via 192.0.2.2     |
+# |    |  default via 2001:db8:1::2 |
+# +----|----------------------------+
+#      |
+# +----|------------------------------------------------------------------=
----+
+# | SW |                                                                  =
    |
+# |    + $rp1                                                             =
    |
+# |        192.0.2.2/24                                                   =
    |
+# |        2001:db8:1::2/64                                               =
    |
+# |                                                                       =
    |
+# |        2001:db8:2::2/64                                               =
    |
+# |        198.51.100.2/24                                                =
    |
+# |    + $rp2                                                             =
    |
+# |    |                                                                  =
    |
+# +----|------------------------------------------------------------------=
----+
+#      |
+# +----|----------------------------+
+# |    |  default via 198.51.100.2  |
+# |    |  default via 2001:db8:2::2 |
+# |    |                            |
+# |    | 2001:db8:2::1/64           |
+# |    | 198.51.100.1/24            |
+# |    + $h2                        |
+# | H2 (vrf)                        |
+# +---------------------------------+
+
+lib_dir=3D$(dirname $0)/../../../net/forwarding
+
+ALL_TESTS=3D"
+	ping_ipv4
+	ping_ipv6
+	blackhole_ipv4
+	blackhole_ipv6
+"
+NUM_NETIFS=3D4
+source $lib_dir/tc_common.sh
+source $lib_dir/lib.sh
+
+h1_create()
+{
+	simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64
+
+	ip -4 route add default vrf v$h1 nexthop via 192.0.2.2
+	ip -6 route add default vrf v$h1 nexthop via 2001:db8:1::2
+}
+
+h1_destroy()
+{
+	ip -6 route del default vrf v$h1 nexthop via 2001:db8:1::2
+	ip -4 route del default vrf v$h1 nexthop via 192.0.2.2
+
+	simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64
+}
+
+h2_create()
+{
+	simple_if_init $h2 198.51.100.1/24 2001:db8:2::1/64
+
+	ip -4 route add default vrf v$h2 nexthop via 198.51.100.2
+	ip -6 route add default vrf v$h2 nexthop via 2001:db8:2::2
+}
+
+h2_destroy()
+{
+	ip -6 route del default vrf v$h2 nexthop via 2001:db8:2::2
+	ip -4 route del default vrf v$h2 nexthop via 198.51.100.2
+
+	simple_if_fini $h2 198.51.100.1/24 2001:db8:2::1/64
+}
+
+router_create()
+{
+	ip link set dev $rp1 up
+	ip link set dev $rp2 up
+
+	tc qdisc add dev $rp1 clsact
+
+	__addr_add_del $rp1 add 192.0.2.2/24 2001:db8:1::2/64
+	__addr_add_del $rp2 add 198.51.100.2/24 2001:db8:2::2/64
+}
+
+router_destroy()
+{
+	__addr_add_del $rp2 del 198.51.100.2/24 2001:db8:2::2/64
+	__addr_add_del $rp1 del 192.0.2.2/24 2001:db8:1::2/64
+
+	tc qdisc del dev $rp1 clsact
+
+	ip link set dev $rp2 down
+	ip link set dev $rp1 down
+}
+
+ping_ipv4()
+{
+	ping_test $h1 198.51.100.1 ": h1->h2"
+}
+
+ping_ipv6()
+{
+	ping6_test $h1 2001:db8:2::1 ": h1->h2"
+}
+
+blackhole_ipv4()
+{
+	# Transmit packets from H1 to H2 and make sure they are dropped by the
+	# ASIC and not by the kernel
+	RET=3D0
+
+	ip -4 route add blackhole 198.51.100.0/30
+	tc filter add dev $rp1 ingress protocol ip pref 1 handle 101 flower \
+		skip_hw dst_ip 198.51.100.1 src_ip 192.0.2.1 ip_proto icmp \
+		action pass
+
+	ip -4 route show 198.51.100.0/30 | grep -q offload
+	check_err $? "route not marked as offloaded when should"
+
+	ping_do $h1 198.51.100.1
+	check_fail $? "ping passed when should not"
+
+	tc_check_packets "dev $rp1 ingress" 101 0
+	check_err $? "packets trapped and not dropped by ASIC"
+
+	log_test "IPv4 blackhole route"
+
+	tc filter del dev $rp1 ingress protocol ip pref 1 handle 101 flower
+	ip -4 route del blackhole 198.51.100.0/30
+}
+
+blackhole_ipv6()
+{
+	RET=3D0
+
+	ip -6 route add blackhole 2001:db8:2::/120
+	tc filter add dev $rp1 ingress protocol ipv6 pref 1 handle 101 flower \
+		skip_hw dst_ip 2001:db8:2::1 src_ip 2001:db8:1::1 \
+		ip_proto icmpv6 action pass
+
+	ip -6 route show 2001:db8:2::/120 | grep -q offload
+	check_err $? "route not marked as offloaded when should"
+
+	ping6_do $h1 2001:db8:2::1
+	check_fail $? "ping passed when should not"
+
+	tc_check_packets "dev $rp1 ingress" 101 0
+	check_err $? "packets trapped and not dropped by ASIC"
+
+	log_test "IPv6 blackhole route"
+
+	tc filter del dev $rp1 ingress protocol ipv6 pref 1 handle 101 flower
+	ip -6 route del blackhole 2001:db8:2::/120
+}
+
+setup_prepare()
+{
+	h1=3D${NETIFS[p1]}
+	rp1=3D${NETIFS[p2]}
+
+	rp2=3D${NETIFS[p3]}
+	h2=3D${NETIFS[p4]}
+
+	vrf_prepare
+	forwarding_enable
+
+	h1_create
+	h2_create
+	router_create
+}
+
+cleanup()
+{
+	pre_cleanup
+
+	router_destroy
+	h2_destroy
+	h1_destroy
+
+	forwarding_restore
+	vrf_cleanup
+}
+
+trap cleanup EXIT
+
+setup_prepare
+setup_wait
+
+tests_run
+
+exit $EXIT_STATUS
--=20
2.20.1