selftests: forwarding: bridge_mdb: Fix failing test with old libnet

[platform/kernel/linux-starfive.git] / tools / testing / selftests / net / forwarding / bridge_mdb.sh

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0

# +-----------------------+                          +------------------------+
# | H1 (vrf)              |                          | H2 (vrf)               |
# | + $h1.10              |                          | + $h2.10               |
# | | 192.0.2.1/28        |                          | | 192.0.2.2/28         |
# | | 2001:db8:1::1/64    |                          | | 2001:db8:1::2/64     |
# | |                     |                          | |                      |
# | |  + $h1.20           |                          | |  + $h2.20            |
# | \  | 198.51.100.1/24  |                          | \  | 198.51.100.2/24   |
# |  \ | 2001:db8:2::1/64 |                          |  \ | 2001:db8:2::2/64  |
# |   \|                  |                          |   \|                   |
# |    + $h1              |                          |    + $h2               |
# +----|------------------+                          +----|-------------------+
#      |                                                  |
# +----|--------------------------------------------------|-------------------+
# | SW |                                                  |                   |
# | +--|--------------------------------------------------|-----------------+ |
# | |  + $swp1                   BR0 (802.1q)             + $swp2           | |
# | |     vid 10                                             vid 10         | |
# | |     vid 20                                             vid 20         | |
# | |                                                                       | |
# | +-----------------------------------------------------------------------+ |
# +---------------------------------------------------------------------------+

ALL_TESTS="
        cfg_test
        fwd_test
        ctrl_test
"

NUM_NETIFS=4
source lib.sh
source tc_common.sh

h1_create()
{
        simple_if_init $h1
        vlan_create $h1 10 v$h1 192.0.2.1/28 2001:db8:1::1/64
        vlan_create $h1 20 v$h1 198.51.100.1/24 2001:db8:2::1/64
}

h1_destroy()
{
        vlan_destroy $h1 20
        vlan_destroy $h1 10
        simple_if_fini $h1
}

h2_create()
{
        simple_if_init $h2
        vlan_create $h2 10 v$h2 192.0.2.2/28
        vlan_create $h2 20 v$h2 198.51.100.2/24
}

h2_destroy()
{
        vlan_destroy $h2 20
        vlan_destroy $h2 10
        simple_if_fini $h2
}

switch_create()
{
        ip link add name br0 type bridge vlan_filtering 1 vlan_default_pvid 0 \
                mcast_snooping 1 mcast_igmp_version 3 mcast_mld_version 2
        bridge vlan add vid 10 dev br0 self
        bridge vlan add vid 20 dev br0 self
        ip link set dev br0 up

        ip link set dev $swp1 master br0
        ip link set dev $swp1 up
        bridge vlan add vid 10 dev $swp1
        bridge vlan add vid 20 dev $swp1

        ip link set dev $swp2 master br0
        ip link set dev $swp2 up
        bridge vlan add vid 10 dev $swp2
        bridge vlan add vid 20 dev $swp2

        tc qdisc add dev br0 clsact
        tc qdisc add dev $h2 clsact
}

switch_destroy()
{
        tc qdisc del dev $h2 clsact
        tc qdisc del dev br0 clsact

        bridge vlan del vid 20 dev $swp2
        bridge vlan del vid 10 dev $swp2
        ip link set dev $swp2 down
        ip link set dev $swp2 nomaster

        bridge vlan del vid 20 dev $swp1
        bridge vlan del vid 10 dev $swp1
        ip link set dev $swp1 down
        ip link set dev $swp1 nomaster

        ip link set dev br0 down
        bridge vlan del vid 20 dev br0 self
        bridge vlan del vid 10 dev br0 self
        ip link del dev br0
}

setup_prepare()
{
        h1=${NETIFS[p1]}
        swp1=${NETIFS[p2]}

        swp2=${NETIFS[p3]}
        h2=${NETIFS[p4]}

        vrf_prepare
        forwarding_enable

        h1_create
        h2_create
        switch_create
}

cleanup()
{
        pre_cleanup

        switch_destroy
        h2_destroy
        h1_destroy

        forwarding_restore
        vrf_cleanup
}

cfg_test_host_common()
{
        local name=$1; shift
        local grp=$1; shift
        local src=$1; shift
        local state=$1; shift
        local invalid_state=$1; shift

        RET=0

        # Check basic add, replace and delete behavior.
        bridge mdb add dev br0 port br0 grp $grp $state vid 10
        bridge mdb show dev br0 vid 10 | grep -q "$grp"
        check_err $? "Failed to add $name host entry"

        bridge mdb replace dev br0 port br0 grp $grp $state vid 10 &> /dev/null
        check_fail $? "Managed to replace $name host entry"

        bridge mdb del dev br0 port br0 grp $grp $state vid 10
        bridge mdb show dev br0 vid 10 | grep -q "$grp"
        check_fail $? "Failed to delete $name host entry"

        # Check error cases.
        bridge mdb add dev br0 port br0 grp $grp $invalid_state vid 10 \
                &> /dev/null
        check_fail $? "Managed to add $name host entry with a $invalid_state state"

        bridge mdb add dev br0 port br0 grp $grp src $src $state vid 10 \
                &> /dev/null
        check_fail $? "Managed to add $name host entry with a source"

        bridge mdb add dev br0 port br0 grp $grp $state vid 10 \
                filter_mode exclude &> /dev/null
        check_fail $? "Managed to add $name host entry with a filter mode"

        bridge mdb add dev br0 port br0 grp $grp $state vid 10 \
                source_list $src &> /dev/null
        check_fail $? "Managed to add $name host entry with a source list"

        bridge mdb add dev br0 port br0 grp $grp $state vid 10 \
                proto 123 &> /dev/null
        check_fail $? "Managed to add $name host entry with a protocol"

        log_test "Common host entries configuration tests ($name)"
}

# Check configuration of host entries from all types.
cfg_test_host()
{
        echo
        log_info "# Host entries configuration tests"

        cfg_test_host_common "IPv4" "239.1.1.1" "192.0.2.1" "temp" "permanent"
        cfg_test_host_common "IPv6" "ff0e::1" "2001:db8:1::1" "temp" "permanent"
        cfg_test_host_common "L2" "01:02:03:04:05:06" "00:00:00:00:00:01" \
                "permanent" "temp"
}

cfg_test_port_common()
{
        local name=$1;shift
        local grp_key=$1; shift

        RET=0

        # Check basic add, replace and delete behavior.
        bridge mdb add dev br0 port $swp1 $grp_key permanent vid 10
        bridge mdb show dev br0 vid 10 | grep -q "$grp_key"
        check_err $? "Failed to add $name entry"

        bridge mdb replace dev br0 port $swp1 $grp_key permanent vid 10 \
                &> /dev/null
        check_err $? "Failed to replace $name entry"

        bridge mdb del dev br0 port $swp1 $grp_key permanent vid 10
        bridge mdb show dev br0 vid 10 | grep -q "$grp_key"
        check_fail $? "Failed to delete $name entry"

        # Check default protocol and replacement.
        bridge mdb add dev br0 port $swp1 $grp_key permanent vid 10
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | grep -q "static"
        check_err $? "$name entry not added with default \"static\" protocol"

        bridge mdb replace dev br0 port $swp1 $grp_key permanent vid 10 \
                proto 123
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | grep -q "123"
        check_err $? "Failed to replace protocol of $name entry"
        bridge mdb del dev br0 port $swp1 $grp_key permanent vid 10

        # Check behavior when VLAN is not specified.
        bridge mdb add dev br0 port $swp1 $grp_key permanent
        bridge mdb show dev br0 vid 10 | grep -q "$grp_key"
        check_err $? "$name entry with VLAN 10 not added when VLAN was not specified"
        bridge mdb show dev br0 vid 20 | grep -q "$grp_key"
        check_err $? "$name entry with VLAN 20 not added when VLAN was not specified"

        bridge mdb del dev br0 port $swp1 $grp_key permanent
        bridge mdb show dev br0 vid 10 | grep -q "$grp_key"
        check_fail $? "$name entry with VLAN 10 not deleted when VLAN was not specified"
        bridge mdb show dev br0 vid 20 | grep -q "$grp_key"
        check_fail $? "$name entry with VLAN 20 not deleted when VLAN was not specified"

        # Check behavior when bridge port is down.
        ip link set dev $swp1 down

        bridge mdb add dev br0 port $swp1 $grp_key permanent vid 10
        check_err $? "Failed to add $name permanent entry when bridge port is down"

        bridge mdb del dev br0 port $swp1 $grp_key permanent vid 10

        bridge mdb add dev br0 port $swp1 $grp_key temp vid 10 &> /dev/null
        check_fail $? "Managed to add $name temporary entry when bridge port is down"

        ip link set dev $swp1 up
        setup_wait_dev $swp1

        # Check error cases.
        ip link set dev br0 down
        bridge mdb add dev br0 port $swp1 $grp_key permanent vid 10 \
                &> /dev/null
        check_fail $? "Managed to add $name entry when bridge is down"
        ip link set dev br0 up

        ip link set dev br0 type bridge mcast_snooping 0
        bridge mdb add dev br0 port $swp1 $grp_key permanent vid \
                10 &> /dev/null
        check_fail $? "Managed to add $name entry when multicast snooping is disabled"
        ip link set dev br0 type bridge mcast_snooping 1

        bridge mdb add dev br0 port $swp1 $grp_key permanent vid 5000 \
                &> /dev/null
        check_fail $? "Managed to add $name entry with an invalid VLAN"

        log_test "Common port group entries configuration tests ($name)"
}

src_list_create()
{
        local src_prefix=$1; shift
        local num_srcs=$1; shift
        local src_list
        local i

        for i in $(seq 1 $num_srcs); do
                src_list=${src_list},${src_prefix}${i}
        done

        echo $src_list | cut -c 2-
}

__cfg_test_port_ip_star_g()
{
        local name=$1; shift
        local grp=$1; shift
        local invalid_grp=$1; shift
        local src_prefix=$1; shift
        local src1=${src_prefix}1
        local src2=${src_prefix}2
        local src3=${src_prefix}3
        local max_srcs=31
        local num_srcs

        RET=0

        bridge mdb add dev br0 port $swp1 grp $grp vid 10
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "exclude"
        check_err $? "Default filter mode is not \"exclude\""
        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check basic add and delete behavior.
        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode exclude \
                source_list $src1
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q -v "src"
        check_err $? "(*, G) entry not created"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src1"
        check_err $? "(S, G) entry not created"
        bridge mdb del dev br0 port $swp1 grp $grp vid 10
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q -v "src"
        check_fail $? "(*, G) entry not deleted"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src1"
        check_fail $? "(S, G) entry not deleted"

        ## State (permanent / temp) tests.

        # Check that group and source timer are not set for permanent entries.
        bridge mdb add dev br0 port $swp1 grp $grp permanent vid 10 \
                filter_mode exclude source_list $src1

        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "permanent"
        check_err $? "(*, G) entry not added as \"permanent\" when should"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "permanent"
        check_err $? "(S, G) entry not added as \"permanent\" when should"

        bridge -d -s mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q " 0.00"
        check_err $? "(*, G) \"permanent\" entry has a pending group timer"
        bridge -d -s mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "\/0.00"
        check_err $? "\"permanent\" source entry has a pending source timer"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check that group timer is set for temporary (*, G) EXCLUDE, but not
        # the source timer.
        bridge mdb add dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1

        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "temp"
        check_err $? "(*, G) EXCLUDE entry not added as \"temp\" when should"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "temp"
        check_err $? "(S, G) \"blocked\" entry not added as \"temp\" when should"

        bridge -d -s mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q " 0.00"
        check_fail $? "(*, G) EXCLUDE entry does not have a pending group timer"
        bridge -d -s mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "\/0.00"
        check_err $? "\"blocked\" source entry has a pending source timer"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check that group timer is not set for temporary (*, G) INCLUDE, but
        # that the source timer is set.
        bridge mdb add dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode include source_list $src1

        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "temp"
        check_err $? "(*, G) INCLUDE entry not added as \"temp\" when should"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "temp"
        check_err $? "(S, G) entry not added as \"temp\" when should"

        bridge -d -s mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q " 0.00"
        check_err $? "(*, G) INCLUDE entry has a pending group timer"
        bridge -d -s mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "\/0.00"
        check_fail $? "Source entry does not have a pending source timer"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check that group timer is never set for (S, G) entries.
        bridge mdb add dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode include source_list $src1

        bridge -d -s mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q " 0.00"
        check_err $? "(S, G) entry has a pending group timer"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        ## Filter mode (include / exclude) tests.

        # Check that (*, G) INCLUDE entries are added with correct filter mode
        # and that (S, G) entries are not marked as "blocked".
        bridge mdb add dev br0 port $swp1 grp $grp vid 10 \
                filter_mode include source_list $src1

        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "include"
        check_err $? "(*, G) INCLUDE not added with \"include\" filter mode"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "blocked"
        check_fail $? "(S, G) entry marked as \"blocked\" when should not"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check that (*, G) EXCLUDE entries are added with correct filter mode
        # and that (S, G) entries are marked as "blocked".
        bridge mdb add dev br0 port $swp1 grp $grp vid 10 \
                filter_mode exclude source_list $src1

        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "exclude"
        check_err $? "(*, G) EXCLUDE not added with \"exclude\" filter mode"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "blocked"
        check_err $? "(S, G) entry not marked as \"blocked\" when should"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        ## Protocol tests.

        # Check that (*, G) and (S, G) entries are added with the specified
        # protocol.
        bridge mdb add dev br0 port $swp1 grp $grp vid 10 \
                filter_mode exclude source_list $src1 proto zebra

        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "zebra"
        check_err $? "(*, G) entry not added with \"zebra\" protocol"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "zebra"
        check_err $? "(S, G) entry not marked added with \"zebra\" protocol"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        ## Replace tests.

        # Check that state can be modified.
        bridge mdb add dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1

        bridge mdb replace dev br0 port $swp1 grp $grp permanent vid 10 \
                filter_mode exclude source_list $src1
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "permanent"
        check_err $? "(*, G) entry not marked as \"permanent\" after replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "permanent"
        check_err $? "(S, G) entry not marked as \"permanent\" after replace"

        bridge mdb replace dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "temp"
        check_err $? "(*, G) entry not marked as \"temp\" after replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "temp"
        check_err $? "(S, G) entry not marked as \"temp\" after replace"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check that filter mode can be modified.
        bridge mdb add dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1

        bridge mdb replace dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode include source_list $src1
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "include"
        check_err $? "(*, G) not marked with \"include\" filter mode after replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "blocked"
        check_fail $? "(S, G) marked as \"blocked\" after replace"

        bridge mdb replace dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "exclude"
        check_err $? "(*, G) not marked with \"exclude\" filter mode after replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "blocked"
        check_err $? "(S, G) not marked as \"blocked\" after replace"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check that sources can be added to and removed from the source list.
        bridge mdb add dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1

        bridge mdb replace dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1,$src2,$src3
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src1"
        check_err $? "(S, G) entry for source $src1 not created after replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src2"
        check_err $? "(S, G) entry for source $src2 not created after replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src3"
        check_err $? "(S, G) entry for source $src3 not created after replace"

        bridge mdb replace dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1,$src3
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src1"
        check_err $? "(S, G) entry for source $src1 not created after second replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src2"
        check_fail $? "(S, G) entry for source $src2 created after second replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -q "src $src3"
        check_err $? "(S, G) entry for source $src3 not created after second replace"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        # Check that protocol can be modified.
        bridge mdb add dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1 proto zebra

        bridge mdb replace dev br0 port $swp1 grp $grp temp vid 10 \
                filter_mode exclude source_list $src1 proto bgp
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep -v "src" | \
                grep -q "bgp"
        check_err $? "(*, G) protocol not changed to \"bgp\" after replace"
        bridge -d mdb show dev br0 vid 10 | grep "$grp" | grep "src" | \
                grep -q "bgp"
        check_err $? "(S, G) protocol not changed to \"bgp\" after replace"

        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        ## Star exclude tests.

        # Check star exclude functionality. When adding a new EXCLUDE (*, G),
        # it needs to be also added to all (S, G) entries for proper
        # replication.
        bridge mdb add dev br0 port $swp2 grp $grp vid 10 \
                filter_mode include source_list $src1
        bridge mdb add dev br0 port $swp1 grp $grp vid 10
        bridge -d mdb show dev br0 vid 10 | grep "$swp1" | grep "$grp" | \
                grep "$src1" | grep -q "added_by_star_ex"
        check_err $? "\"added_by_star_ex\" entry not created after adding (*, G) entry"
        bridge mdb del dev br0 port $swp1 grp $grp vid 10
        bridge mdb del dev br0 port $swp2 grp $grp src $src1 vid 10

        ## Error cases tests.

        bridge mdb add dev br0 port $swp1 grp $invalid_grp vid 10 &> /dev/null
        check_fail $? "Managed to add an entry with an invalid group"

        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode include \
                &> /dev/null
        check_fail $? "Managed to add an INCLUDE entry with an empty source list"

        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode include \
                source_list $grp &> /dev/null
        check_fail $? "Managed to add an entry with an invalid source in source list"

        bridge mdb add dev br0 port $swp1 grp $grp vid 10 \
                source_list $src &> /dev/null
        check_fail $? "Managed to add an entry with a source list and no filter mode"

        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode include \
                source_list $src1
        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode exclude \
                source_list $src1 &> /dev/null
        check_fail $? "Managed to replace an entry without using replace"
        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        bridge mdb add dev br0 port $swp1 grp $grp src $src2 vid 10
        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode include \
                source_list $src1,$src2,$src3 &> /dev/null
        check_fail $? "Managed to add a source that already has a forwarding entry"
        bridge mdb del dev br0 port $swp1 grp $grp src $src2 vid 10

        # Check maximum number of sources.
        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode exclude \
                source_list $(src_list_create $src_prefix $max_srcs)
        num_srcs=$(bridge -d mdb show dev br0 vid 10 | grep "$grp" | \
                grep "src" | wc -l)
        [[ $num_srcs -eq $max_srcs ]]
        check_err $? "Failed to configure maximum number of sources ($max_srcs)"
        bridge mdb del dev br0 port $swp1 grp $grp vid 10

        bridge mdb add dev br0 port $swp1 grp $grp vid 10 filter_mode exclude \
                source_list $(src_list_create $src_prefix $((max_srcs + 1))) \
                &> /dev/null
        check_fail $? "Managed to exceed maximum number of sources ($max_srcs)"

        log_test "$name (*, G) port group entries configuration tests"
}

cfg_test_port_ip_star_g()
{
        echo
        log_info "# Port group entries configuration tests - (*, G)"

        cfg_test_port_common "IPv4 (*, G)" "grp 239.1.1.1"
        cfg_test_port_common "IPv6 (*, G)" "grp ff0e::1"
        __cfg_test_port_ip_star_g "IPv4" "239.1.1.1" "224.0.0.1" "192.0.2."
        __cfg_test_port_ip_star_g "IPv6" "ff0e::1" "ff02::1" "2001:db8:1::"
}

__cfg_test_port_ip_sg()
{
        local name=$1; shift
        local grp=$1; shift
        local src=$1; shift
        local grp_key="grp $grp src $src"

        RET=0

        bridge mdb add dev br0 port $swp1 $grp_key vid 10
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | grep -q "include"
        check_err $? "Default filter mode is not \"include\""
        bridge mdb del dev br0 port $swp1 $grp_key vid 10

        # Check that entries can be added as both permanent and temp and that
        # group timer is set correctly.
        bridge mdb add dev br0 port $swp1 $grp_key permanent vid 10
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "permanent"
        check_err $? "Entry not added as \"permanent\" when should"
        bridge -d -s mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "0.00"
        check_err $? "\"permanent\" entry has a pending group timer"
        bridge mdb del dev br0 port $swp1 $grp_key vid 10

        bridge mdb add dev br0 port $swp1 $grp_key temp vid 10
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "temp"
        check_err $? "Entry not added as \"temp\" when should"
        bridge -d -s mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "0.00"
        check_fail $? "\"temp\" entry has an unpending group timer"
        bridge mdb del dev br0 port $swp1 $grp_key vid 10

        # Check error cases.
        bridge mdb add dev br0 port $swp1 $grp_key vid 10 \
                filter_mode include &> /dev/null
        check_fail $? "Managed to add an entry with a filter mode"

        bridge mdb add dev br0 port $swp1 $grp_key vid 10 \
                filter_mode include source_list $src &> /dev/null
        check_fail $? "Managed to add an entry with a source list"

        bridge mdb add dev br0 port $swp1 grp $grp src $grp vid 10 &> /dev/null
        check_fail $? "Managed to add an entry with an invalid source"

        bridge mdb add dev br0 port $swp1 $grp_key vid 10 temp
        bridge mdb add dev br0 port $swp1 $grp_key vid 10 permanent &> /dev/null
        check_fail $? "Managed to replace an entry without using replace"
        bridge mdb del dev br0 port $swp1 $grp_key vid 10

        # Check that we can replace available attributes.
        bridge mdb add dev br0 port $swp1 $grp_key vid 10 proto 123
        bridge mdb replace dev br0 port $swp1 $grp_key vid 10 proto 111
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "111"
        check_err $? "Failed to replace protocol"

        bridge mdb replace dev br0 port $swp1 $grp_key vid 10 permanent
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "permanent"
        check_err $? "Entry not marked as \"permanent\" after replace"
        bridge -d -s mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "0.00"
        check_err $? "Entry has a pending group timer after replace"

        bridge mdb replace dev br0 port $swp1 $grp_key vid 10 temp
        bridge -d mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "temp"
        check_err $? "Entry not marked as \"temp\" after replace"
        bridge -d -s mdb show dev br0 vid 10 | grep "$grp_key" | \
                grep -q "0.00"
        check_fail $? "Entry has an unpending group timer after replace"
        bridge mdb del dev br0 port $swp1 $grp_key vid 10

        # Check star exclude functionality. When adding a (S, G), all matching
        # (*, G) ports need to be added to it.
        bridge mdb add dev br0 port $swp2 grp $grp vid 10
        bridge mdb add dev br0 port $swp1 $grp_key vid 10
        bridge mdb show dev br0 vid 10 | grep "$grp_key" | grep $swp2 | \
                grep -q "added_by_star_ex"
        check_err $? "\"added_by_star_ex\" entry not created after adding (S, G) entry"
        bridge mdb del dev br0 port $swp1 $grp_key vid 10
        bridge mdb del dev br0 port $swp2 grp $grp vid 10

        log_test "$name (S, G) port group entries configuration tests"
}

cfg_test_port_ip_sg()
{
        echo
        log_info "# Port group entries configuration tests - (S, G)"

        cfg_test_port_common "IPv4 (S, G)" "grp 239.1.1.1 src 192.0.2.1"
        cfg_test_port_common "IPv6 (S, G)" "grp ff0e::1 src 2001:db8:1::1"
        __cfg_test_port_ip_sg "IPv4" "239.1.1.1" "192.0.2.1"
        __cfg_test_port_ip_sg "IPv6" "ff0e::1" "2001:db8:1::1"
}

cfg_test_port_ip()
{
        cfg_test_port_ip_star_g
        cfg_test_port_ip_sg
}

__cfg_test_port_l2()
{
        local grp="01:02:03:04:05:06"

        RET=0

        bridge meb add dev br0 port $swp grp 00:01:02:03:04:05 \
                permanent vid 10 &> /dev/null
        check_fail $? "Managed to add an entry with unicast MAC"

        bridge mdb add dev br0 port $swp grp $grp src 00:01:02:03:04:05 \
                permanent vid 10 &> /dev/null
        check_fail $? "Managed to add an entry with a source"

        bridge mdb add dev br0 port $swp1 grp $grp permanent vid 10 \
                filter_mode include &> /dev/null
        check_fail $? "Managed to add an entry with a filter mode"

        bridge mdb add dev br0 port $swp1 grp $grp permanent vid 10 \
                source_list 00:01:02:03:04:05 &> /dev/null
        check_fail $? "Managed to add an entry with a source list"

        log_test "L2 (*, G) port group entries configuration tests"
}

cfg_test_port_l2()
{
        echo
        log_info "# Port group entries configuration tests - L2"

        cfg_test_port_common "L2 (*, G)" "grp 01:02:03:04:05:06"
        __cfg_test_port_l2
}

# Check configuration of regular (port) entries of all types.
cfg_test_port()
{
        cfg_test_port_ip
        cfg_test_port_l2
}

ipv4_grps_get()
{
        local max_grps=$1; shift
        local i

        for i in $(seq 0 $((max_grps - 1))); do
                echo "239.1.1.$i"
        done
}

ipv6_grps_get()
{
        local max_grps=$1; shift
        local i

        for i in $(seq 0 $((max_grps - 1))); do
                echo "ff0e::$(printf %x $i)"
        done
}

l2_grps_get()
{
        local max_grps=$1; shift
        local i

        for i in $(seq 0 $((max_grps - 1))); do
                echo "01:00:00:00:00:$(printf %02x $i)"
        done
}

cfg_test_dump_common()
{
        local name=$1; shift
        local fn=$1; shift
        local max_bridges=2
        local max_grps=256
        local max_ports=32
        local num_entries
        local batch_file
        local grp
        local i j

        RET=0

        # Create net devices.
        for i in $(seq 1 $max_bridges); do
                ip link add name br-test${i} up type bridge vlan_filtering 1 \
                        mcast_snooping 1
                for j in $(seq 1 $max_ports); do
                        ip link add name br-test${i}-du${j} up \
                                master br-test${i} type dummy
                done
        done

        # Create batch file with MDB entries.
        batch_file=$(mktemp)
        for i in $(seq 1 $max_bridges); do
                for j in $(seq 1 $max_ports); do
                        for grp in $($fn $max_grps); do
                                echo "mdb add dev br-test${i} \
                                        port br-test${i}-du${j} grp $grp \
                                        permanent vid 1" >> $batch_file
                        done
                done
        done

        # Program the batch file and check for expected number of entries.
        bridge -b $batch_file
        for i in $(seq 1 $max_bridges); do
                num_entries=$(bridge mdb show dev br-test${i} | \
                        grep "permanent" | wc -l)
                [[ $num_entries -eq $((max_grps * max_ports)) ]]
                check_err $? "Wrong number of entries in br-test${i}"
        done

        # Cleanup.
        rm $batch_file
        for i in $(seq 1 $max_bridges); do
                ip link del dev br-test${i}
                for j in $(seq $max_ports); do
                        ip link del dev br-test${i}-du${j}
                done
        done

        log_test "$name large scale dump tests"
}

# Check large scale dump.
cfg_test_dump()
{
        echo
        log_info "# Large scale dump tests"

        cfg_test_dump_common "IPv4" ipv4_grps_get
        cfg_test_dump_common "IPv6" ipv6_grps_get
        cfg_test_dump_common "L2" l2_grps_get
}

cfg_test()
{
        cfg_test_host
        cfg_test_port
        cfg_test_dump
}

__fwd_test_host_ip()
{
        local grp=$1; shift
        local dmac=$1; shift
        local src=$1; shift
        local mode=$1; shift
        local name
        local eth_type

        RET=0

        if [[ $mode == "-4" ]]; then
                name="IPv4"
                eth_type="ipv4"
        else
                name="IPv6"
                eth_type="ipv6"
        fi

        tc filter add dev br0 ingress protocol 802.1q pref 1 handle 1 flower \
                vlan_ethtype $eth_type vlan_id 10 dst_ip $grp src_ip $src \
                action drop

        # Packet should only be flooded to multicast router ports when there is
        # no matching MDB entry. The bridge is not configured as a multicast
        # router port.
        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q
        tc_check_packets "dev br0 ingress" 1 0
        check_err $? "Packet locally received after flood"

        # Install a regular port group entry and expect the packet to not be
        # locally received.
        bridge mdb add dev br0 port $swp2 grp $grp temp vid 10
        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q
        tc_check_packets "dev br0 ingress" 1 0
        check_err $? "Packet locally received after installing a regular entry"

        # Add a host entry and expect the packet to be locally received.
        bridge mdb add dev br0 port br0 grp $grp temp vid 10
        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q
        tc_check_packets "dev br0 ingress" 1 1
        check_err $? "Packet not locally received after adding a host entry"

        # Remove the host entry and expect the packet to not be locally
        # received.
        bridge mdb del dev br0 port br0 grp $grp vid 10
        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q
        tc_check_packets "dev br0 ingress" 1 1
        check_err $? "Packet locally received after removing a host entry"

        bridge mdb del dev br0 port $swp2 grp $grp vid 10

        tc filter del dev br0 ingress protocol 802.1q pref 1 handle 1 flower

        log_test "$name host entries forwarding tests"
}

fwd_test_host_ip()
{
        __fwd_test_host_ip "239.1.1.1" "01:00:5e:01:01:01" "192.0.2.1" "-4"
        __fwd_test_host_ip "ff0e::1" "33:33:00:00:00:01" "2001:db8:1::1" "-6"
}

fwd_test_host_l2()
{
        local dmac=01:02:03:04:05:06

        RET=0

        tc filter add dev br0 ingress protocol all pref 1 handle 1 flower \
                dst_mac $dmac action drop

        # Packet should be flooded and locally received when there is no
        # matching MDB entry.
        $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q
        tc_check_packets "dev br0 ingress" 1 1
        check_err $? "Packet not locally received after flood"

        # Install a regular port group entry and expect the packet to not be
        # locally received.
        bridge mdb add dev br0 port $swp2 grp $dmac permanent vid 10
        $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q
        tc_check_packets "dev br0 ingress" 1 1
        check_err $? "Packet locally received after installing a regular entry"

        # Add a host entry and expect the packet to be locally received.
        bridge mdb add dev br0 port br0 grp $dmac permanent vid 10
        $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q
        tc_check_packets "dev br0 ingress" 1 2
        check_err $? "Packet not locally received after adding a host entry"

        # Remove the host entry and expect the packet to not be locally
        # received.
        bridge mdb del dev br0 port br0 grp $dmac permanent vid 10
        $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q
        tc_check_packets "dev br0 ingress" 1 2
        check_err $? "Packet locally received after removing a host entry"

        bridge mdb del dev br0 port $swp2 grp $dmac permanent vid 10

        tc filter del dev br0 ingress protocol all pref 1 handle 1 flower

        log_test "L2 host entries forwarding tests"
}

fwd_test_host()
{
        # Disable multicast router on the bridge to ensure that packets are
        # only locally received when a matching host entry is present.
        ip link set dev br0 type bridge mcast_router 0

        fwd_test_host_ip
        fwd_test_host_l2

        ip link set dev br0 type bridge mcast_router 1
}

__fwd_test_port_ip()
{
        local grp=$1; shift
        local dmac=$1; shift
        local valid_src=$1; shift
        local invalid_src=$1; shift
        local mode=$1; shift
        local filter_mode=$1; shift
        local name
        local eth_type
        local src_list

        RET=0

        if [[ $mode == "-4" ]]; then
                name="IPv4"
                eth_type="ipv4"
        else
                name="IPv6"
                eth_type="ipv6"
        fi

        # The valid source is the one we expect to get packets from after
        # adding the entry.
        if [[ $filter_mode == "include" ]]; then
                src_list=$valid_src
        else
                src_list=$invalid_src
        fi

        tc filter add dev $h2 ingress protocol 802.1q pref 1 handle 1 flower \
                vlan_ethtype $eth_type vlan_id 10 dst_ip $grp \
                src_ip $valid_src action drop
        tc filter add dev $h2 ingress protocol 802.1q pref 1 handle 2 flower \
                vlan_ethtype $eth_type vlan_id 10 dst_ip $grp \
                src_ip $invalid_src action drop

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 1 0
        check_err $? "Packet from valid source received on H2 before adding entry"

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 2 0
        check_err $? "Packet from invalid source received on H2 before adding entry"

        bridge mdb add dev br0 port $swp2 grp $grp vid 10 \
                filter_mode $filter_mode source_list $src_list

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 1 1
        check_err $? "Packet from valid source not received on H2 after adding entry"

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 2 0
        check_err $? "Packet from invalid source received on H2 after adding entry"

        bridge mdb replace dev br0 port $swp2 grp $grp vid 10 \
                filter_mode exclude

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 1 2
        check_err $? "Packet from valid source not received on H2 after allowing all sources"

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 2 1
        check_err $? "Packet from invalid source not received on H2 after allowing all sources"

        bridge mdb del dev br0 port $swp2 grp $grp vid 10

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 1 2
        check_err $? "Packet from valid source received on H2 after deleting entry"

        $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q
        tc_check_packets "dev $h2 ingress" 2 1
        check_err $? "Packet from invalid source received on H2 after deleting entry"

        tc filter del dev $h2 ingress protocol 802.1q pref 1 handle 2 flower
        tc filter del dev $h2 ingress protocol 802.1q pref 1 handle 1 flower

        log_test "$name port group \"$filter_mode\" entries forwarding tests"
}

fwd_test_port_ip()
{
        __fwd_test_port_ip "239.1.1.1" "01:00:5e:01:01:01" "192.0.2.1" "192.0.2.2" "-4" "exclude"
        __fwd_test_port_ip "ff0e::1" "33:33:00:00:00:01" "2001:db8:1::1" "2001:db8:1::2" "-6" \
                "exclude"
        __fwd_test_port_ip "239.1.1.1" "01:00:5e:01:01:01" "192.0.2.1" "192.0.2.2" "-4" "include"
        __fwd_test_port_ip "ff0e::1" "33:33:00:00:00:01" "2001:db8:1::1" "2001:db8:1::2" "-6" \
                "include"
}

fwd_test_port_l2()
{
        local dmac=01:02:03:04:05:06

        RET=0

        tc filter add dev $h2 ingress protocol all pref 1 handle 1 flower \
                dst_mac $dmac action drop

        $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q
        tc_check_packets "dev $h2 ingress" 1 0
        check_err $? "Packet received on H2 before adding entry"

        bridge mdb add dev br0 port $swp2 grp $dmac permanent vid 10
        $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q
        tc_check_packets "dev $h2 ingress" 1 1
        check_err $? "Packet not received on H2 after adding entry"

        bridge mdb del dev br0 port $swp2 grp $dmac permanent vid 10
        $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q
        tc_check_packets "dev $h2 ingress" 1 1
        check_err $? "Packet received on H2 after deleting entry"

        tc filter del dev $h2 ingress protocol all pref 1 handle 1 flower

        log_test "L2 port entries forwarding tests"
}

fwd_test_port()
{
        # Disable multicast flooding to ensure that packets are only forwarded
        # out of a port when a matching port group entry is present.
        bridge link set dev $swp2 mcast_flood off

        fwd_test_port_ip
        fwd_test_port_l2

        bridge link set dev $swp2 mcast_flood on
}

fwd_test()
{
        echo
        log_info "# Forwarding tests"

        # Forwarding according to MDB entries only takes place when the bridge
        # detects that there is a valid querier in the network. Set the bridge
        # as the querier and assign it a valid IPv6 link-local address to be
        # used as the source address for MLD queries.
        ip -6 address add fe80::1/64 nodad dev br0
        ip link set dev br0 type bridge mcast_querier 1
        # Wait the default Query Response Interval (10 seconds) for the bridge
        # to determine that there are no other queriers in the network.
        sleep 10

        fwd_test_host
        fwd_test_port

        ip link set dev br0 type bridge mcast_querier 0
        ip -6 address del fe80::1/64 dev br0
}

ctrl_igmpv3_is_in_test()
{
        RET=0

        # Add a permanent entry and check that it is not affected by the
        # received IGMP packet.
        bridge mdb add dev br0 port $swp1 grp 239.1.1.1 permanent vid 10 \
                filter_mode include source_list 192.0.2.1

        # IS_IN ( 192.0.2.2 )
        $MZ $h1.10 -c 1 -a own -b 01:00:5e:01:01:01 -A 192.0.2.1 -B 239.1.1.1 \
                -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q

        bridge -d mdb show dev br0 vid 10 | grep 239.1.1.1 | grep -q 192.0.2.2
        check_fail $? "Permanent entry affected by IGMP packet"

        # Replace the permanent entry with a temporary one and check that after
        # processing the IGMP packet, a new source is added to the list along
        # with a new forwarding entry.
        bridge mdb replace dev br0 port $swp1 grp 239.1.1.1 temp vid 10 \
                filter_mode include source_list 192.0.2.1

        # IS_IN ( 192.0.2.2 )
        $MZ $h1.10 -a own -b 01:00:5e:01:01:01 -c 1 -A 192.0.2.1 -B 239.1.1.1 \
                -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q

        bridge -d mdb show dev br0 vid 10 | grep 239.1.1.1 | grep -v "src" | \
                grep -q 192.0.2.2
        check_err $? "Source not add to source list"

        bridge -d mdb show dev br0 vid 10 | grep 239.1.1.1 | \
                grep -q "src 192.0.2.2"
        check_err $? "(S, G) entry not created for new source"

        bridge mdb del dev br0 port $swp1 grp 239.1.1.1 vid 10

        log_test "IGMPv3 MODE_IS_INCLUDE tests"
}

ctrl_mldv2_is_in_test()
{
        RET=0

        # Add a permanent entry and check that it is not affected by the
        # received MLD packet.
        bridge mdb add dev br0 port $swp1 grp ff0e::1 permanent vid 10 \
                filter_mode include source_list 2001:db8:1::1

        # IS_IN ( 2001:db8:1::2 )
        local p=$(mldv2_is_in_get fe80::1 ff0e::1 2001:db8:1::2)
        $MZ -6 $h1.10 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \
                -t ip hop=1,next=0,p="$p" -q

        bridge -d mdb show dev br0 vid 10 | grep ff0e::1 | \
                grep -q 2001:db8:1::2
        check_fail $? "Permanent entry affected by MLD packet"

        # Replace the permanent entry with a temporary one and check that after
        # processing the MLD packet, a new source is added to the list along
        # with a new forwarding entry.
        bridge mdb replace dev br0 port $swp1 grp ff0e::1 temp vid 10 \
                filter_mode include source_list 2001:db8:1::1

        # IS_IN ( 2001:db8:1::2 )
        $MZ -6 $h1.10 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \
                -t ip hop=1,next=0,p="$p" -q

        bridge -d mdb show dev br0 vid 10 | grep ff0e::1 | grep -v "src" | \
                grep -q 2001:db8:1::2
        check_err $? "Source not add to source list"

        bridge -d mdb show dev br0 vid 10 | grep ff0e::1 | \
                grep -q "src 2001:db8:1::2"
        check_err $? "(S, G) entry not created for new source"

        bridge mdb del dev br0 port $swp1 grp ff0e::1 vid 10

        log_test "MLDv2 MODE_IS_INCLUDE tests"
}

ctrl_test()
{
        echo
        log_info "# Control packets tests"

        ctrl_igmpv3_is_in_test
        ctrl_mldv2_is_in_test
}

if ! bridge mdb help 2>&1 | grep -q "replace"; then
        echo "SKIP: iproute2 too old, missing bridge mdb replace support"
        exit $ksft_skip
fi

trap cleanup EXIT

setup_prepare
setup_wait
tests_run

exit $EXIT_STATUS