1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Testing For SCTP COLLISION SCENARIO as Below:
5#
6#   14:35:47.655279 IP CLIENT_IP.PORT > SERVER_IP.PORT: sctp (1) [INIT] [init tag: 2017837359]
7#   14:35:48.353250 IP SERVER_IP.PORT > CLIENT_IP.PORT: sctp (1) [INIT] [init tag: 1187206187]
8#   14:35:48.353275 IP CLIENT_IP.PORT > SERVER_IP.PORT: sctp (1) [INIT ACK] [init tag: 2017837359]
9#   14:35:48.353283 IP SERVER_IP.PORT > CLIENT_IP.PORT: sctp (1) [COOKIE ECHO]
10#   14:35:48.353977 IP CLIENT_IP.PORT > SERVER_IP.PORT: sctp (1) [COOKIE ACK]
11#   14:35:48.855335 IP SERVER_IP.PORT > CLIENT_IP.PORT: sctp (1) [INIT ACK] [init tag: 164579970]
12#
13# TOPO: SERVER_NS (link0)<--->(link1) ROUTER_NS (link2)<--->(link3) CLIENT_NS
14
15source lib.sh
16
17CLIENT_IP="198.51.200.1"
18CLIENT_PORT=1234
19
20SERVER_IP="198.51.100.1"
21SERVER_PORT=1234
22
23CLIENT_GW="198.51.200.2"
24SERVER_GW="198.51.100.2"
25
26# setup the topo
27setup() {
28	setup_ns CLIENT_NS SERVER_NS ROUTER_NS
29	ip -n "$SERVER_NS" link add link0 type veth peer name link1 netns "$ROUTER_NS"
30	ip -n "$CLIENT_NS" link add link3 type veth peer name link2 netns "$ROUTER_NS"
31
32	ip -n "$SERVER_NS" link set link0 up
33	ip -n "$SERVER_NS" addr add $SERVER_IP/24 dev link0
34	ip -n "$SERVER_NS" route add $CLIENT_IP dev link0 via $SERVER_GW
35
36	ip -n "$ROUTER_NS" link set link1 up
37	ip -n "$ROUTER_NS" link set link2 up
38	ip -n "$ROUTER_NS" addr add $SERVER_GW/24 dev link1
39	ip -n "$ROUTER_NS" addr add $CLIENT_GW/24 dev link2
40	ip net exec "$ROUTER_NS" sysctl -wq net.ipv4.ip_forward=1
41
42	ip -n "$CLIENT_NS" link set link3 up
43	ip -n "$CLIENT_NS" addr add $CLIENT_IP/24 dev link3
44	ip -n "$CLIENT_NS" route add $SERVER_IP dev link3 via $CLIENT_GW
45
46	# simulate the delay on OVS upcall by setting up a delay for INIT_ACK with
47	# tc on $SERVER_NS side
48	tc -n "$SERVER_NS" qdisc add dev link0 root handle 1: htb r2q 64
49	tc -n "$SERVER_NS" class add dev link0 parent 1: classid 1:1 htb rate 100mbit
50	tc -n "$SERVER_NS" filter add dev link0 parent 1: protocol ip u32 match ip protocol 132 \
51		0xff match u8 2 0xff at 32 flowid 1:1
52	if ! tc -n "$SERVER_NS" qdisc add dev link0 parent 1:1 handle 10: netem delay 1200ms; then
53		echo "SKIP: Cannot add netem qdisc"
54		exit $ksft_skip
55	fi
56
57	# simulate the ctstate check on OVS nf_conntrack
58	ip net exec "$ROUTER_NS" iptables -A FORWARD -m state --state INVALID,UNTRACKED -j DROP
59	ip net exec "$ROUTER_NS" iptables -A INPUT -p sctp -j DROP
60
61	# use a smaller number for assoc's max_retrans to reproduce the issue
62	modprobe -q sctp
63	ip net exec "$CLIENT_NS" sysctl -wq net.sctp.association_max_retrans=3
64}
65
66cleanup() {
67	ip net exec "$CLIENT_NS" pkill sctp_collision >/dev/null 2>&1
68	ip net exec "$SERVER_NS" pkill sctp_collision >/dev/null 2>&1
69	cleanup_all_ns
70}
71
72do_test() {
73	ip net exec "$SERVER_NS" ./sctp_collision server \
74		$SERVER_IP $SERVER_PORT $CLIENT_IP $CLIENT_PORT &
75	ip net exec "$CLIENT_NS" ./sctp_collision client \
76		$CLIENT_IP $CLIENT_PORT $SERVER_IP $SERVER_PORT
77}
78
79# NOTE: one way to work around the issue is set a smaller hb_interval
80# ip net exec $CLIENT_NS sysctl -wq net.sctp.hb_interval=3500
81
82# run the test case
83trap cleanup EXIT
84setup && \
85echo "Test for SCTP Collision in nf_conntrack:" && \
86do_test && echo "PASS!"
87exit $?
88