GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-03-17 20:54:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'Remove unused test_ipip.sh test and add missed'

Browse source 
Hangbin Liu says:

====================

In comment 173ca26e9b ("samples/bpf: add comprehensive ipip, ipip6,
ip6ip6 test") we added some bpf tunnel tests. In commit 933a741e3b
("selftests/bpf: bpf tunnel test.") when we moved it to the current
folder, we missed some points:

1. ip6ip6 test is not added
2. forgot to remove test_ipip.sh in sample folder
3. TCP test code is not removed in test_tunnel_kern.c

In this patch set I add back ip6ip6 test and remove unused code. I'm not sure
if this should be net or net-next, so just set to net.

Here is the test result:
```
Testing IP6IP6 tunnel...
PING ::11(::11) 56 data bytes

--- ::11 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 63ms
rtt min/avg/max/mdev = 0.014/1028.308/2060.906/841.361 ms, pipe 2
PING 1::11(1::11) 56 data bytes

--- 1::11 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 48ms
rtt min/avg/max/mdev = 0.026/0.029/0.036/0.006 ms
PING 1::22(1::22) 56 data bytes

--- 1::22 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 47ms
rtt min/avg/max/mdev = 0.030/0.048/0.067/0.016 ms
PASS: ip6ip6tnl
```

v3:
Add back ICMP check as Martin suggested.

v2: Keep ip6ip6 section in test_tunnel_kern.c.
====================

Acked-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
This commit is contained in:
Alexei Starovoitov 2020-11-10 15:37:45 -08:00
commit 9600d623db
3 changed files with 46 additions and 218 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

179
samples/bpf/test_ipip.sh
View file

@ -1,179 +0,0 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
function config_device {
ip netns add at_ns0
ip netns add at_ns1
ip netns add at_ns2
ip link add veth0 type veth peer name veth0b
ip link add veth1 type veth peer name veth1b
ip link add veth2 type veth peer name veth2b
ip link set veth0b up
ip link set veth1b up
ip link set veth2b up
ip link set dev veth0b mtu 1500
ip link set dev veth1b mtu 1500
ip link set dev veth2b mtu 1500
ip link set veth0 netns at_ns0
ip link set veth1 netns at_ns1
ip link set veth2 netns at_ns2
ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
ip netns exec at_ns0 ip addr add 2401:db00::1/64 dev veth0 nodad
ip netns exec at_ns0 ip link set dev veth0 up
ip netns exec at_ns1 ip addr add 172.16.1.101/24 dev veth1
ip netns exec at_ns1 ip addr add 2401:db00::2/64 dev veth1 nodad
ip netns exec at_ns1 ip link set dev veth1 up
ip netns exec at_ns2 ip addr add 172.16.1.200/24 dev veth2
ip netns exec at_ns2 ip addr add 2401:db00::3/64 dev veth2 nodad
ip netns exec at_ns2 ip link set dev veth2 up
ip link add br0 type bridge
ip link set br0 up
ip link set dev br0 mtu 1500
ip link set veth0b master br0
ip link set veth1b master br0
ip link set veth2b master br0
}
function add_ipip_tunnel {
ip netns exec at_ns0 \
ip link add dev $DEV_NS type ipip local 172.16.1.100 remote 172.16.1.200
ip netns exec at_ns0 ip link set dev $DEV_NS up
ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
ip netns exec at_ns1 \
ip link add dev $DEV_NS type ipip local 172.16.1.101 remote 172.16.1.200
ip netns exec at_ns1 ip link set dev $DEV_NS up
# same inner IP address in at_ns0 and at_ns1
ip netns exec at_ns1 ip addr add dev $DEV_NS 10.1.1.100/24
ip netns exec at_ns2 ip link add dev $DEV type ipip external
ip netns exec at_ns2 ip link set dev $DEV up
ip netns exec at_ns2 ip addr add dev $DEV 10.1.1.200/24
}
function add_ipip6_tunnel {
ip netns exec at_ns0 \
ip link add dev $DEV_NS type ip6tnl mode ipip6 local 2401:db00::1/64 remote 2401:db00::3/64
ip netns exec at_ns0 ip link set dev $DEV_NS up
ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
ip netns exec at_ns1 \
ip link add dev $DEV_NS type ip6tnl mode ipip6 local 2401:db00::2/64 remote 2401:db00::3/64
ip netns exec at_ns1 ip link set dev $DEV_NS up
# same inner IP address in at_ns0 and at_ns1
ip netns exec at_ns1 ip addr add dev $DEV_NS 10.1.1.100/24
ip netns exec at_ns2 ip link add dev $DEV type ip6tnl mode ipip6 external
ip netns exec at_ns2 ip link set dev $DEV up
ip netns exec at_ns2 ip addr add dev $DEV 10.1.1.200/24
}
function add_ip6ip6_tunnel {
ip netns exec at_ns0 \
ip link add dev $DEV_NS type ip6tnl mode ip6ip6 local 2401:db00::1/64 remote 2401:db00::3/64
ip netns exec at_ns0 ip link set dev $DEV_NS up
ip netns exec at_ns0 ip addr add dev $DEV_NS 2601:646::1/64
ip netns exec at_ns1 \
ip link add dev $DEV_NS type ip6tnl mode ip6ip6 local 2401:db00::2/64 remote 2401:db00::3/64
ip netns exec at_ns1 ip link set dev $DEV_NS up
# same inner IP address in at_ns0 and at_ns1
ip netns exec at_ns1 ip addr add dev $DEV_NS 2601:646::1/64
ip netns exec at_ns2 ip link add dev $DEV type ip6tnl mode ip6ip6 external
ip netns exec at_ns2 ip link set dev $DEV up
ip netns exec at_ns2 ip addr add dev $DEV 2601:646::2/64
}
function attach_bpf {
DEV=$1
SET_TUNNEL=$2
GET_TUNNEL=$3
ip netns exec at_ns2 tc qdisc add dev $DEV clsact
ip netns exec at_ns2 tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
ip netns exec at_ns2 tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
}
function test_ipip {
DEV_NS=ipip_std
DEV=ipip_bpf
config_device
# tcpdump -nei br0 &
cat /sys/kernel/debug/tracing/trace_pipe &
add_ipip_tunnel
attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
ip netns exec at_ns0 ping -c 1 10.1.1.200
ip netns exec at_ns2 ping -c 1 10.1.1.100
ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
ip netns exec at_ns1 iperf -sD -p 5201 > /dev/null
sleep 0.2
# tcp check _same_ IP over different tunnels
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5200
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5201
cleanup
}
# IPv4 over IPv6 tunnel
function test_ipip6 {
DEV_NS=ipip_std
DEV=ipip_bpf
config_device
# tcpdump -nei br0 &
cat /sys/kernel/debug/tracing/trace_pipe &
add_ipip6_tunnel
attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
ip netns exec at_ns0 ping -c 1 10.1.1.200
ip netns exec at_ns2 ping -c 1 10.1.1.100
ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
ip netns exec at_ns1 iperf -sD -p 5201 > /dev/null
sleep 0.2
# tcp check _same_ IP over different tunnels
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5200
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5201
cleanup
}
# IPv6 over IPv6 tunnel
function test_ip6ip6 {
DEV_NS=ipip_std
DEV=ipip_bpf
config_device
# tcpdump -nei br0 &
cat /sys/kernel/debug/tracing/trace_pipe &
add_ip6ip6_tunnel
attach_bpf $DEV ip6ip6_set_tunnel ip6ip6_get_tunnel
ip netns exec at_ns0 ping -6 -c 1 2601:646::2
ip netns exec at_ns2 ping -6 -c 1 2601:646::1
ip netns exec at_ns0 iperf -6sD -p 5200 > /dev/null
ip netns exec at_ns1 iperf -6sD -p 5201 > /dev/null
sleep 0.2
# tcp check _same_ IP over different tunnels
ip netns exec at_ns2 iperf -6c 2601:646::1 -n 5k -p 5200
ip netns exec at_ns2 iperf -6c 2601:646::1 -n 5k -p 5201
cleanup
}
function cleanup {
set +ex
pkill iperf
ip netns delete at_ns0
ip netns delete at_ns1
ip netns delete at_ns2
ip link del veth0
ip link del veth1
ip link del veth2
ip link del br0
pkill tcpdump
pkill cat
set -ex
}
cleanup
echo "Testing IP tunnels..."
test_ipip
test_ipip6
test_ip6ip6
echo "*** PASS ***"

42
tools/testing/selftests/bpf/progs/test_tunnel_kern.c
View file

@ -15,7 +15,6 @@
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <linux/types.h>
#include <linux/tcp.h>
#include <linux/socket.h>
#include <linux/pkt_cls.h>
#include <linux/erspan.h>
@ -528,12 +527,11 @@ int _ipip_set_tunnel(struct __sk_buff *skb)
struct bpf_tunnel_key key = {};
void *data = (void *)(long)skb->data;
struct iphdr *iph = data;
struct tcphdr *tcp = data + sizeof(*iph);
void *data_end = (void *)(long)skb->data_end;
int ret;
/* single length check */
if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
if (data + sizeof(*iph) > data_end) {
ERROR(1);
return TC_ACT_SHOT;
}
@ -541,16 +539,6 @@ int _ipip_set_tunnel(struct __sk_buff *skb)
key.tunnel_ttl = 64;
if (iph->protocol == IPPROTO_ICMP) {
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
} else {
if (iph->protocol != IPPROTO_TCP || iph->ihl != 5)
return TC_ACT_SHOT;
if (tcp->dest == bpf_htons(5200))
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
else if (tcp->dest == bpf_htons(5201))
key.remote_ipv4 = 0xac100165; /* 172.16.1.101 */
else
return TC_ACT_SHOT;
}
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0);
@ -585,19 +573,20 @@ int _ipip6_set_tunnel(struct __sk_buff *skb)
struct bpf_tunnel_key key = {};
void *data = (void *)(long)skb->data;
struct iphdr *iph = data;
struct tcphdr *tcp = data + sizeof(*iph);
void *data_end = (void *)(long)skb->data_end;
int ret;
/* single length check */
if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
if (data + sizeof(*iph) > data_end) {
ERROR(1);
return TC_ACT_SHOT;
}
__builtin_memset(&key, 0x0, sizeof(key));
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
key.tunnel_ttl = 64;
if (iph->protocol == IPPROTO_ICMP) {
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
}
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
BPF_F_TUNINFO_IPV6);
@ -634,35 +623,18 @@ int _ip6ip6_set_tunnel(struct __sk_buff *skb)
struct bpf_tunnel_key key = {};
void *data = (void *)(long)skb->data;
struct ipv6hdr *iph = data;
struct tcphdr *tcp = data + sizeof(*iph);
void *data_end = (void *)(long)skb->data_end;
int ret;
/* single length check */
if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
if (data + sizeof(*iph) > data_end) {
ERROR(1);
return TC_ACT_SHOT;
}
key.remote_ipv6[0] = bpf_htonl(0x2401db00);
key.tunnel_ttl = 64;
if (iph->nexthdr == 58 /* NEXTHDR_ICMP */) {
key.remote_ipv6[3] = bpf_htonl(1);
} else {
if (iph->nexthdr != 6 /* NEXTHDR_TCP */) {
ERROR(iph->nexthdr);
return TC_ACT_SHOT;
}
if (tcp->dest == bpf_htons(5200)) {
key.remote_ipv6[3] = bpf_htonl(1);
} else if (tcp->dest == bpf_htons(5201)) {
key.remote_ipv6[3] = bpf_htonl(2);
} else {
ERROR(tcp->dest);
return TC_ACT_SHOT;
}
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
}
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),

43
tools/testing/selftests/bpf/test_tunnel.sh
View file

@ -24,12 +24,12 @@
# Root namespace with metadata-mode tunnel + BPF
# Device names and addresses:
# veth1 IP: 172.16.1.200, IPv6: 00::22 (underlay)
# tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200 (overlay)
# tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200, IPv6: 1::22 (overlay)
#
# Namespace at_ns0 with native tunnel
# Device names and addresses:
# veth0 IPv4: 172.16.1.100, IPv6: 00::11 (underlay)
# tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100 (overlay)
# tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100, IPv6: 1::11 (overlay)
#
#
# End-to-end ping packet flow
@ -250,7 +250,7 @@ add_ipip_tunnel()
ip addr add dev $DEV 10.1.1.200/24
}
add_ipip6tnl_tunnel()
add_ip6tnl_tunnel()
{
ip netns exec at_ns0 ip addr add ::11/96 dev veth0
ip netns exec at_ns0 ip link set dev veth0 up
@ -262,11 +262,13 @@ add_ipip6tnl_tunnel()
ip link add dev $DEV_NS type $TYPE \
local ::11 remote ::22
ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
ip netns exec at_ns0 ip addr add dev $DEV_NS 1::11/96
ip netns exec at_ns0 ip link set dev $DEV_NS up
# root namespace
ip link add dev $DEV type $TYPE external
ip addr add dev $DEV 10.1.1.200/24
ip addr add dev $DEV 1::22/96
ip link set dev $DEV up
}
@ -534,7 +536,7 @@ test_ipip6()
check $TYPE
config_device
add_ipip6tnl_tunnel
add_ip6tnl_tunnel
ip link set dev veth1 mtu 1500
attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
# underlay
@ -553,6 +555,34 @@ test_ipip6()
echo -e ${GREEN}"PASS: $TYPE"${NC}
}
test_ip6ip6()
{
TYPE=ip6tnl
DEV_NS=ip6ip6tnl00
DEV=ip6ip6tnl11
ret=0
check $TYPE
config_device
add_ip6tnl_tunnel
ip link set dev veth1 mtu 1500
attach_bpf $DEV ip6ip6_set_tunnel ip6ip6_get_tunnel
# underlay
ping6 $PING_ARG ::11
# ip6 over ip6
ping6 $PING_ARG 1::11
check_err $?
ip netns exec at_ns0 ping6 $PING_ARG 1::22
check_err $?
cleanup
if [ $ret -ne 0 ]; then
echo -e ${RED}"FAIL: ip6$TYPE"${NC}
return 1
fi
echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
}
setup_xfrm_tunnel()
{
auth=0x$(printf '1%.0s' {1..40})
@ -646,6 +676,7 @@ cleanup()
ip link del veth1 2> /dev/null
ip link del ipip11 2> /dev/null
ip link del ipip6tnl11 2> /dev/null
ip link del ip6ip6tnl11 2> /dev/null
ip link del gretap11 2> /dev/null
ip link del ip6gre11 2> /dev/null
ip link del ip6gretap11 2> /dev/null
@ -742,6 +773,10 @@ bpf_tunnel_test()
test_ipip6
errors=$(( $errors + $? ))
echo "Testing IP6IP6 tunnel..."
test_ip6ip6
errors=$(( $errors + $? ))
echo "Testing IPSec tunnel..."
test_xfrm_tunnel
errors=$(( $errors + $? ))