From patchwork Wed Dec  8 14:54:57 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tonghao Zhang <xiangxia.m.yue@gmail.com>
X-Patchwork-Id: 12664571
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6F4FCC433EF
	for <netdev@archiver.kernel.org>; Wed,  8 Dec 2021 14:55:14 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235569AbhLHO6p (ORCPT <rfc822;netdev@archiver.kernel.org>);
        Wed, 8 Dec 2021 09:58:45 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47648 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235568AbhLHO6o (ORCPT
        <rfc822;netdev@vger.kernel.org>); Wed, 8 Dec 2021 09:58:44 -0500
Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com
 [IPv6:2607:f8b0:4864:20::431])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 17CF3C0617A1
        for <netdev@vger.kernel.org>; Wed,  8 Dec 2021 06:55:13 -0800 (PST)
Received: by mail-pf1-x431.google.com with SMTP id u80so2643586pfc.9
        for <netdev@vger.kernel.org>; Wed, 08 Dec 2021 06:55:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=8mApNYIlmyYDE92hmrIu9j0ZnkBUvjBpogxont+LFMc=;
        b=RMiUZbtMdh/V5CLz4eAW/XZHW0PJIvmuEld2vi1BpqEIRmNd46xx8qYbSJQuunI69W
         6vhHvnPCXBBKhg4x/U4AJKs2MkDkGKDRqSCTQcA399xhJ2r37rOPZHxTMkf4L5bGZKp6
         iStAd1+7iRiVRsBFVws8XHtc0lRRMfpXjUGO2wm4IWBGb+dAHUNZ0AKRnB8DTeFBTkxi
         lpFsbx2EYumXBqo6NCNv+qjOsokUO9UdeAddF/h4L6dBWK0kDe2lHIbsKsAeBOjKnIPi
         ugin9k2fU64N9SOSXmHLtaky2q+x4HIlvxWODmNykAX9yBqBaERWv2/lKLXyyxr+sztc
         416Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=8mApNYIlmyYDE92hmrIu9j0ZnkBUvjBpogxont+LFMc=;
        b=Gfm6igu0nncTwI25KuLNCvnNAXwGD4LFQAhJUmqcfVHKv3eNJZMrDP5w1fkLRSDDrx
         2XVqfiBQ6Iuorp5f3CfczScUC+v8O6AFDErKRwOCuWEg4Ty1RKeWH38vN3+qmnEDVK0Q
         SiVGDpBsURd+AnI2G7kFd8Ylz4fQL+zGDp+oepLRnIqa3kHSzM5cd+ovgOLxKfc+w0YM
         HES8GHJhHr/2WUOI9JtZs3xNU2n2oD2pL5e+5Fxuty3bG2rjN/tV5MX9rwHl7O4gb6DE
         wcUGxLBfXYZfRX/0wocPE4WPXQuGxVfIW40IxSaEw6THxPZ3Uija6OjMDtOM/GnX6Z+v
         b1qA==
X-Gm-Message-State: AOAM530GIBJM6hv3JYHNp5kJT2tRzxBu41AaoRdaCZfZMpr8wZe/T05c
        Auh3UVLbB34mxbyRHMoPPJI6KvCh3H0Lxw==
X-Google-Smtp-Source: 
 ABdhPJzJf/7Kacd+7pwUGZwnNyperw2jdp6/iImZxWPwphOcEq2Es/Xcm8KP1abWxEIvwrzPUDynkA==
X-Received: by 2002:a63:5906:: with SMTP id n6mr28622380pgb.563.1638975312349;
        Wed, 08 Dec 2021 06:55:12 -0800 (PST)
Received: from bogon.xiaojukeji.com ([111.201.150.233])
        by smtp.gmail.com with ESMTPSA id
 kk7sm7562763pjb.19.2021.12.08.06.55.08
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 08 Dec 2021 06:55:11 -0800 (PST)
From: xiangxia.m.yue@gmail.com
To: netdev@vger.kernel.org
Cc: Tonghao Zhang <xiangxia.m.yue@gmail.com>,
        "David S. Miller" <davem@davemloft.net>,
        Jakub Kicinski <kuba@kernel.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Andrii Nakryiko <andrii@kernel.org>,
        Martin KaFai Lau <kafai@fb.com>,
        Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
        John Fastabend <john.fastabend@gmail.com>,
        KP Singh <kpsingh@kernel.org>,
        Eric Dumazet <edumazet@google.com>,
        Antoine Tenart <atenart@kernel.org>,
        Alexander Lobakin <alexandr.lobakin@intel.com>,
        Wei Wang <weiwan@google.com>, Arnd Bergmann <arnd@arndb.de>
Subject: [net v5 1/3] net: core: set skb useful vars in __bpf_tx_skb
Date: Wed,  8 Dec 2021 22:54:57 +0800
Message-Id: <20211208145459.9590-2-xiangxia.m.yue@gmail.com>
X-Mailer: git-send-email 2.30.1 (Apple Git-130)
In-Reply-To: <20211208145459.9590-1-xiangxia.m.yue@gmail.com>
References: <20211208145459.9590-1-xiangxia.m.yue@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org
X-Patchwork-Delegate: kuba@kernel.org

From: Tonghao Zhang <xiangxia.m.yue@gmail.com>

We may use bpf_redirect to redirect the packets to other
netdevice (e.g. ifb) in ingress or egress path.

The target netdevice may check the *skb_iif, *redirected
and *from_ingress. For example, if skb_iif or redirected
is 0, ifb will drop the packets.

bpf_redirect may be invoked in ingress or egress path, so
we set the *skb_iif unconditionally.

Fixes: a70b506efe89 ("bpf: enforce recursion limit on redirects")
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Andrii Nakryiko <andrii@kernel.org>
Cc: Martin KaFai Lau <kafai@fb.com>
Cc: Song Liu <songliubraving@fb.com>
Cc: Yonghong Song <yhs@fb.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: KP Singh <kpsingh@kernel.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Antoine Tenart <atenart@kernel.org>
Cc: Alexander Lobakin <alexandr.lobakin@intel.com>
Cc: Wei Wang <weiwan@google.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com>
---
 net/core/filter.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/net/core/filter.c b/net/core/filter.c
index 8271624a19aa..bcfdce9e99f4 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -2107,9 +2107,19 @@ static inline int __bpf_tx_skb(struct net_device *dev, struct sk_buff *skb)
 		return -ENETDOWN;
 	}
 
-	skb->dev = dev;
+	/* The target netdevice (e.g. ifb) may use the:
+	 * - skb_iif, bpf_redirect invoked in ingress or egress path.
+	 * - redirected
+	 * - from_ingress
+	 */
+	skb->skb_iif = skb->dev->ifindex;
+#ifdef CONFIG_NET_CLS_ACT
+	skb_set_redirected(skb, skb->tc_at_ingress);
+#else
 	skb->tstamp = 0;
+#endif
 
+	skb->dev = dev;
 	dev_xmit_recursion_inc();
 	ret = dev_queue_xmit(skb);
 	dev_xmit_recursion_dec();

From patchwork Wed Dec  8 14:54:58 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tonghao Zhang <xiangxia.m.yue@gmail.com>
X-Patchwork-Id: 12664573
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C6ADEC433EF
	for <netdev@archiver.kernel.org>; Wed,  8 Dec 2021 14:55:18 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235571AbhLHO6t (ORCPT <rfc822;netdev@archiver.kernel.org>);
        Wed, 8 Dec 2021 09:58:49 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47666 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235568AbhLHO6t (ORCPT
        <rfc822;netdev@vger.kernel.org>); Wed, 8 Dec 2021 09:58:49 -0500
Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com
 [IPv6:2607:f8b0:4864:20::535])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79D6BC061746
        for <netdev@vger.kernel.org>; Wed,  8 Dec 2021 06:55:17 -0800 (PST)
Received: by mail-pg1-x535.google.com with SMTP id r5so2266334pgi.6
        for <netdev@vger.kernel.org>; Wed, 08 Dec 2021 06:55:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=TepUL+oYncu3pNffxE3UV5HQ+Dtz5mhJODp0jU3UZ/M=;
        b=gCBtvAK+o5GnNdcr9rqAwgPX0nCkZl7albeFKt3gfC1NSYtjTfW2uCpqCEbpmZ474r
         U1eHytKRGKFjWzvZpuNuRWtg3sYTXcALO4u9pENf6WlxeE07IW5kC1hvsswq8ynACG8f
         FP/ArFVXrQov2NefeZSkbrFCPObJz0h5I/8rDJ+8++SAgSP33Vb9ykC8Ryk/JugM7DOI
         XM3UTgFRxs4dR820gSJl3doT+WYLUE1AChPviF42ww0qFl980qyoKo63HmICmtyuMCdq
         f6BYXMb6jrGumia+y2Q00IbBEy1JNFxcXWCHPRSH4SslE28lzitJYX5InP6QcLcHjIjZ
         M8Ig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=TepUL+oYncu3pNffxE3UV5HQ+Dtz5mhJODp0jU3UZ/M=;
        b=0nZQJ3ORms6UB1wbbH9kwbKJYfKkVqiPDvQI5QGtHDhPCKYq7k7n2IgSbGPzzg/yxi
         68oIAyPyh/LV3KKYFW3Ys2Kfvwu55ErHUoFEGUfFxBrgz1S6Zv8mSmyclXzAIYMMHida
         Knm+lpX59WvyStr9HdWPetrMwZwXWfXk75B9vkGxye0oeFd4L3GWeLs0o4iwYaa02hJc
         JCPUj9IuwWRL+Xk5KELhSlR1JxeToGE7DrxN7MJgW9OqjZkeYT1i5ewClF/27kjEH7kf
         +XCdSeYNyHZchWZD5FaRkfb6Zj4l+skVTBE0XVErmEpRFv0eRm6Zz8oTMPGvPjdynkYs
         d93g==
X-Gm-Message-State: AOAM530PCSwN5a4XjFlj6cL9/8hdif5qqW8MRBTfhLrf9SH8JIxrqYnt
        KwVXQtukG/Nsb2X53+GJeT84FVU91qSXHA==
X-Google-Smtp-Source: 
 ABdhPJzBQ5O5IYI1XNTCWeB/MR6/TfPtGY01A1j8AjlArT+AILmc++2GvGyAocJmROu9N+fGnZiaqA==
X-Received: by 2002:a63:4c09:: with SMTP id z9mr28850108pga.561.1638975316699;
        Wed, 08 Dec 2021 06:55:16 -0800 (PST)
Received: from bogon.xiaojukeji.com ([111.201.150.233])
        by smtp.gmail.com with ESMTPSA id
 kk7sm7562763pjb.19.2021.12.08.06.55.12
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 08 Dec 2021 06:55:16 -0800 (PST)
From: xiangxia.m.yue@gmail.com
To: netdev@vger.kernel.org
Cc: Tonghao Zhang <xiangxia.m.yue@gmail.com>,
        "David S. Miller" <davem@davemloft.net>,
        Jakub Kicinski <kuba@kernel.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Andrii Nakryiko <andrii@kernel.org>,
        Martin KaFai Lau <kafai@fb.com>,
        Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
        John Fastabend <john.fastabend@gmail.com>,
        KP Singh <kpsingh@kernel.org>,
        Eric Dumazet <edumazet@google.com>,
        Antoine Tenart <atenart@kernel.org>,
        Alexander Lobakin <alexandr.lobakin@intel.com>,
        Wei Wang <weiwan@google.com>, Arnd Bergmann <arnd@arndb.de>
Subject: [net v5 2/3] net: sched: add check tc_skip_classify in sch egress
Date: Wed,  8 Dec 2021 22:54:58 +0800
Message-Id: <20211208145459.9590-3-xiangxia.m.yue@gmail.com>
X-Mailer: git-send-email 2.30.1 (Apple Git-130)
In-Reply-To: <20211208145459.9590-1-xiangxia.m.yue@gmail.com>
References: <20211208145459.9590-1-xiangxia.m.yue@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org
X-Patchwork-Delegate: kuba@kernel.org

From: Tonghao Zhang <xiangxia.m.yue@gmail.com>

Try to resolve the issues as below:
* We look up and then check tc_skip_classify flag in net
  sched layer, even though skb don't want to be classified.
  That case may consume a lot of cpu cycles. This patch
  is useful when there are a lot of filters with different
  prio. There is ~5 prio in in production, ~1% improvement.

  Rules as below:
  $ for id in $(seq 1 5); do
  $       tc filter add ... egress prio $id ... action mirred egress redirect dev ifb0
  $ done

* bpf_redirect may be invoked in egress path. If we don't
  check the flags and then return immediately, the packets
  will loopback.

  $ tc filter add dev eth0 egress bpf direct-action obj ifb.o sec ifb

Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Andrii Nakryiko <andrii@kernel.org>
Cc: Martin KaFai Lau <kafai@fb.com>
Cc: Song Liu <songliubraving@fb.com>
Cc: Yonghong Song <yhs@fb.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: KP Singh <kpsingh@kernel.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Antoine Tenart <atenart@kernel.org>
Cc: Alexander Lobakin <alexandr.lobakin@intel.com>
Cc: Wei Wang <weiwan@google.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com>
---
 net/core/dev.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/core/dev.c b/net/core/dev.c
index a64297a4cc89..81ad415b78f9 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -3823,6 +3823,9 @@ sch_handle_egress(struct sk_buff *skb, int *ret, struct net_device *dev)
 	if (!miniq)
 		return skb;
 
+	if (skb_skip_tc_classify(skb))
+		return skb;
+
 	/* qdisc_skb_cb(skb)->pkt_len was already set by the caller. */
 	qdisc_skb_cb(skb)->mru = 0;
 	qdisc_skb_cb(skb)->post_ct = false;

From patchwork Wed Dec  8 14:54:59 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tonghao Zhang <xiangxia.m.yue@gmail.com>
X-Patchwork-Id: 12664575
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 25941C433EF
	for <netdev@archiver.kernel.org>; Wed,  8 Dec 2021 14:55:26 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235568AbhLHO65 (ORCPT <rfc822;netdev@archiver.kernel.org>);
        Wed, 8 Dec 2021 09:58:57 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47688 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235578AbhLHO6x (ORCPT
        <rfc822;netdev@vger.kernel.org>); Wed, 8 Dec 2021 09:58:53 -0500
Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com
 [IPv6:2607:f8b0:4864:20::1030])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C4E5BC061A32
        for <netdev@vger.kernel.org>; Wed,  8 Dec 2021 06:55:21 -0800 (PST)
Received: by mail-pj1-x1030.google.com with SMTP id h24so2100392pjq.2
        for <netdev@vger.kernel.org>; Wed, 08 Dec 2021 06:55:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=TrstKECFk8gOGCbVkweAHPFWowtjG3x57DhZCA+QU+4=;
        b=dscF9LHcUsVaElCp7PtcObKJnL8j27bCpZl9ft2I7PmfBmRFubgfqZ4L5+4Sxer5Gu
         P1Pq367OAvl6JU7F6WwZ2WUnPXCw+ZKuVa3/NVlom3s9E3W6ysB2HS9DwIrCD39JmkUp
         pkVcd7G1nvtHaYu1X/9q5ofE4n/hTkd3qvSe9DT73gsgalpjcQA7BfakC0E1cwe5TKZG
         gh8tTupj5P5+KdAZcmf7VWpc11O3lSyymk4PaFJFpnOtGqyRDsSlryPgdI0ZqDOfK7La
         LNqPCA24m0lmLobRLB4B+cn4WgOo89jz3ZvYAkU054nl06kcmgHhmhkG1QDI0+337ksi
         vSUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=TrstKECFk8gOGCbVkweAHPFWowtjG3x57DhZCA+QU+4=;
        b=b5+Zig0ad/uH2sHRTh2S5m3iCyLw1mZjU9smvO7Aeonn4vGs6gqXGtI9npCMZwhFLp
         fMC7mT8O6GA7CtdHGn5q1DAcirciy1gwRhOxP1GFnB2UcNoi2w8IR+wGExoLJWkTQ0FU
         /5p/UbZLUInjD6XFcz9CNyIChhPJlk3N4JjzLVpx3DglSPCwHkjdN1Rqn24NNHMLA6rB
         p2eqMH1Nx1E3uN7bCWJHEF4OoL81WjB9NJGtveTBc7IdMvHRwddQsbR1CEYp/D+flzvl
         IhMxBMmUaHWQADXvJbatIYnzbRunbsIDow14hLqFeM6ahjj9Rqjt3JitgKtmmBq4ULaA
         Iymg==
X-Gm-Message-State: AOAM533MxoNCq6QBcq+QnfIEXOdeR7r3TV/y17fm4UhNOxuoZ9Gj+yX6
        OFAZUQCJAg5rE/wRpyITKL77clt9bD+DVA==
X-Google-Smtp-Source: 
 ABdhPJwmeDWpGZAnbSJuVIms8oErJt8T0/jXa+u5MSMMsNohPxEbGFQxh0fUutbR5Zwy/CKhjNRYHA==
X-Received: by 2002:a17:903:22c4:b0:141:deda:a744 with SMTP id
 y4-20020a17090322c400b00141dedaa744mr60416374plg.25.1638975321023;
        Wed, 08 Dec 2021 06:55:21 -0800 (PST)
Received: from bogon.xiaojukeji.com ([111.201.150.233])
        by smtp.gmail.com with ESMTPSA id
 kk7sm7562763pjb.19.2021.12.08.06.55.16
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 08 Dec 2021 06:55:20 -0800 (PST)
From: xiangxia.m.yue@gmail.com
To: netdev@vger.kernel.org
Cc: Tonghao Zhang <xiangxia.m.yue@gmail.com>,
        "David S. Miller" <davem@davemloft.net>,
        Jakub Kicinski <kuba@kernel.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Andrii Nakryiko <andrii@kernel.org>,
        Martin KaFai Lau <kafai@fb.com>,
        Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
        John Fastabend <john.fastabend@gmail.com>,
        KP Singh <kpsingh@kernel.org>,
        Eric Dumazet <edumazet@google.com>,
        Antoine Tenart <atenart@kernel.org>,
        Alexander Lobakin <alexandr.lobakin@intel.com>,
        Wei Wang <weiwan@google.com>, Arnd Bergmann <arnd@arndb.de>
Subject: [net v5 3/3] selftests: bpf: add bpf_redirect to ifb
Date: Wed,  8 Dec 2021 22:54:59 +0800
Message-Id: <20211208145459.9590-4-xiangxia.m.yue@gmail.com>
X-Mailer: git-send-email 2.30.1 (Apple Git-130)
In-Reply-To: <20211208145459.9590-1-xiangxia.m.yue@gmail.com>
References: <20211208145459.9590-1-xiangxia.m.yue@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org
X-Patchwork-Delegate: kuba@kernel.org

From: Tonghao Zhang <xiangxia.m.yue@gmail.com>

ifb netdev is used for queueing incoming traffic for shaping.
we may run bpf progs in tc cls hook(ingress or egress), to
redirect the packets to ifb.

This patch adds this test, for bpf.

Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Andrii Nakryiko <andrii@kernel.org>
Cc: Martin KaFai Lau <kafai@fb.com>
Cc: Song Liu <songliubraving@fb.com>
Cc: Yonghong Song <yhs@fb.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: KP Singh <kpsingh@kernel.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Antoine Tenart <atenart@kernel.org>
Cc: Alexander Lobakin <alexandr.lobakin@intel.com>
Cc: Wei Wang <weiwan@google.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com>
---
 tools/testing/selftests/bpf/Makefile          |  1 +
 .../bpf/progs/test_bpf_redirect_ifb.c         | 13 ++++
 .../selftests/bpf/test_bpf_redirect_ifb.sh    | 73 +++++++++++++++++++
 3 files changed, 87 insertions(+)
 create mode 100644 tools/testing/selftests/bpf/progs/test_bpf_redirect_ifb.c
 create mode 100755 tools/testing/selftests/bpf/test_bpf_redirect_ifb.sh

diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile
index 5d42db2e129a..6ec8b97af0ea 100644
--- a/tools/testing/selftests/bpf/Makefile
+++ b/tools/testing/selftests/bpf/Makefile
@@ -65,6 +65,7 @@ TEST_PROGS := test_kmod.sh \
 	test_xdp_vlan_mode_native.sh \
 	test_lwt_ip_encap.sh \
 	test_tcp_check_syncookie.sh \
+	test_bpf_redirect_ifb.sh \
 	test_tc_tunnel.sh \
 	test_tc_edt.sh \
 	test_xdping.sh \
diff --git a/tools/testing/selftests/bpf/progs/test_bpf_redirect_ifb.c b/tools/testing/selftests/bpf/progs/test_bpf_redirect_ifb.c
new file mode 100644
index 000000000000..8b960cd8786b
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/test_bpf_redirect_ifb.c
@@ -0,0 +1,13 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright (c) 2021 DiDi Global */
+
+#include <linux/bpf.h>
+#include <bpf/bpf_helpers.h>
+
+SEC("redirect_ifb")
+int redirect(struct __sk_buff *skb)
+{
+	return bpf_redirect(skb->ifindex + 1 /* ifbX */, 0);
+}
+
+char __license[] SEC("license") = "GPL";
diff --git a/tools/testing/selftests/bpf/test_bpf_redirect_ifb.sh b/tools/testing/selftests/bpf/test_bpf_redirect_ifb.sh
new file mode 100755
index 000000000000..0933439696ab
--- /dev/null
+++ b/tools/testing/selftests/bpf/test_bpf_redirect_ifb.sh
@@ -0,0 +1,73 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+
+# Topology:
+# ---------
+#      n1 namespace    |     n2 namespace
+#                      |
+#      -----------     |     ----------------
+#      |  veth0  | --------- |  veth1, ifb1 |
+#      -----------   peer    ----------------
+#
+
+readonly prefix="ns-$$-"
+readonly ns1="${prefix}1"
+readonly ns2="${prefix}2"
+readonly ns1_addr=192.168.1.1
+readonly ns2_addr=192.168.1.2
+
+setup() {
+	echo "Load ifb module"
+	if ! /sbin/modprobe -q -n ifb; then
+		echo "test_bpf_redirect ifb: module ifb is not found [SKIP]"
+		exit 4
+	fi
+
+	modprobe -q ifb numifbs=0
+
+	ip netns add "${ns1}"
+	ip netns add "${ns2}"
+
+	ip link add dev veth0 mtu 1500 netns "${ns1}" type veth \
+	      peer name veth1 mtu 1500 netns "${ns2}"
+	# ifb1 created after veth1
+	ip link add dev ifb1 mtu 1500 netns "${ns2}" type ifb
+
+	ip -netns "${ns1}" link set veth0 up
+	ip -netns "${ns2}" link set veth1 up
+	ip -netns "${ns2}" link set ifb1 up
+	ip -netns "${ns1}" -4 addr add "${ns1_addr}/24" dev veth0
+	ip -netns "${ns2}" -4 addr add "${ns2_addr}/24" dev veth1
+
+	ip netns exec "${ns2}" tc qdisc add dev veth1 clsact
+}
+
+cleanup() {
+	ip netns del "${ns2}" &>/dev/null
+	ip netns del "${ns1}" &>/dev/null
+	modprobe -r ifb
+}
+
+trap cleanup EXIT
+
+setup
+
+ip netns exec "${ns2}" tc filter add dev veth1 \
+	ingress bpf direct-action obj test_bpf_redirect_ifb.o sec redirect_ifb
+ip netns exec "${ns1}" ping -W 2 -c 2 -i 0.2 -q "${ns2_addr}" &>/dev/null
+if [ $? -ne 0 ]; then
+	echo "bpf redirect to ifb on ingress path [FAILED]"
+	exit 1
+fi
+
+ip netns exec "${ns2}" tc filter del dev veth1 ingress
+ip netns exec "${ns2}" tc filter add dev veth1 \
+	egress bpf direct-action obj test_bpf_redirect_ifb.o sec redirect_ifb
+ip netns exec "${ns1}" ping -W 2 -c 2 -i 0.2 -q "${ns2_addr}" &>/dev/null
+if [ $? -ne 0 ]; then
+	echo "bpf redirect to ifb on egress path [FAILED]"
+	exit 1
+fi
+
+echo OK