From patchwork Tue Mar 22 15:42:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kaixi Fan X-Patchwork-Id: 12788712 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7B71C433EF for ; Tue, 22 Mar 2022 15:43:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238680AbiCVPoj (ORCPT ); Tue, 22 Mar 2022 11:44:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53076 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238636AbiCVPoi (ORCPT ); Tue, 22 Mar 2022 11:44:38 -0400 Received: from mail-pf1-x42a.google.com (mail-pf1-x42a.google.com [IPv6:2607:f8b0:4864:20::42a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BADAE8C7EE for ; Tue, 22 Mar 2022 08:43:10 -0700 (PDT) Received: by mail-pf1-x42a.google.com with SMTP id a5so18541804pfv.2 for ; Tue, 22 Mar 2022 08:43:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=HP0YNW+0u96Ia8rwBJd6p/ML7EekNHcaKnhFQtsT8es=; b=Gv4k9Ya4xq/SQucppejn/mKJfTf66S0KPCH+iuOBFNb3raeIzQENeLH6VsFOL2pZtv QD/irS+ye5vWw6eJYyaQxByL4iI678tLbFH4HAYuTV7rY/uF06yTLM0dYqQIPHnHgXWz fbMepNHWsajrF+iaUU/0AU5nRCpUEvC+u0u3EWAGe6sZPSD4I4/GGd9wQ4nKOagRHZeB qjS5RMHrv8+1XkN0KMBDvAr3l9EMaqMOIVIDuSDHoZddOMo432nk6I8Tdmi5nfOmFnOM vNLookYWlSRn4GcVQ3OYBZJYthyShFTw35WRH1drfJE+PNu42HzBGZaYDvqFvmZtP9ZP th3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HP0YNW+0u96Ia8rwBJd6p/ML7EekNHcaKnhFQtsT8es=; b=1SMjYXfmpAU3WSBVrkUTUABqrN0JxXvgevzaUseNkUDAkADwAhRiP52vg/btAyxq0h dSpDTN4i1YU53nXbxPaA1HG9JwqADut2n1Pf3VEoxU7iT8FQpEZA3vju7xTxmC3DjnDy CZIWoDsb2vbw8wobaUGS5RPDFupaDRgZCY+/8/Gwvs0DonGh+YLzgcg/hJQU5WFjdEZY sZvXTu3xyegiirWSD7FroKuThiyca1XBTm25g+pOBGuF7vEcaZnmck4DPZ+NLchTJoHu c//VgX1HbAu5XYfJQg8JC+1kuwdpSB+cF0DEt30RXYuotE/jzGKlhNjVJd9+lhurl1rz TWoQ== X-Gm-Message-State: AOAM531LGYsuKvSDyr7qfCjUtbIGKJLpMkKcyVNRX9IGd86EW05B9awp CyJ9gscuol6iaRthsK1hQUpCOw== X-Google-Smtp-Source: ABdhPJzChtBCH+rfC3qu7y3C6AlqxCPDV6F4ydl/WWBoWGxkiUfOipM+wz8Pp2oZQBi9EzQOxumjkQ== X-Received: by 2002:a05:6a02:184:b0:373:a24e:5ab with SMTP id bj4-20020a056a02018400b00373a24e05abmr22317679pgb.400.1647963790299; Tue, 22 Mar 2022 08:43:10 -0700 (PDT) Received: from localhost.localdomain ([2409:8a20:483a:72c0:3435:f390:36c7:be7a]) by smtp.gmail.com with ESMTPSA id d14-20020a056a0024ce00b004f7281cda21sm24719158pfv.167.2022.03.22.08.43.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Mar 2022 08:43:09 -0700 (PDT) From: fankaixi.li@bytedance.com To: kafai@fb.com, songliubraving@fb.com, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, bpf@vger.kernel.org Cc: shuah@kernel.org, ast@kernel.org, andrii@kernel.org, "kaixi.fan" Subject: [External] [PATCH bpf-next v2 1/3] bpf: Add source ip in "struct bpf_tunnel_key" Date: Tue, 22 Mar 2022 23:42:29 +0800 Message-Id: <20220322154231.55044-2-fankaixi.li@bytedance.com> X-Mailer: git-send-email 2.24.3 (Apple Git-128) In-Reply-To: <20220322154231.55044-1-fankaixi.li@bytedance.com> References: <20220322154231.55044-1-fankaixi.li@bytedance.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net From: "kaixi.fan" Add tunnel source ip field in "struct bpf_tunnel_key". Add code in "bpf_skb_set_tunnel_key" and "bpf_skb_get_tunnel_key" to set and get this field based on the tunnel key from "struct ip_tunnel_info". Signed-off-by: kaixi.fan --- include/uapi/linux/bpf.h | 4 ++++ net/core/filter.c | 9 +++++++++ tools/include/uapi/linux/bpf.h | 4 ++++ 3 files changed, 17 insertions(+) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index 4eebea830613..3007d3bc1f7a 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -5562,6 +5562,10 @@ struct bpf_tunnel_key { __u8 tunnel_ttl; __u16 tunnel_ext; /* Padding, future use. */ __u32 tunnel_label; + union { + __u32 local_ipv4; + __u32 local_ipv6[4]; + }; }; /* user accessible mirror of in-kernel xfrm_state. diff --git a/net/core/filter.c b/net/core/filter.c index 88767f7da150..cbd8471f4db4 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -4498,6 +4498,7 @@ BPF_CALL_4(bpf_skb_get_tunnel_key, struct sk_buff *, skb, struct bpf_tunnel_key if (unlikely(size != sizeof(struct bpf_tunnel_key))) { err = -EINVAL; switch (size) { + case offsetof(struct bpf_tunnel_key, local_ipv6[0]): case offsetof(struct bpf_tunnel_key, tunnel_label): case offsetof(struct bpf_tunnel_key, tunnel_ext): goto set_compat; @@ -4523,10 +4524,14 @@ BPF_CALL_4(bpf_skb_get_tunnel_key, struct sk_buff *, skb, struct bpf_tunnel_key if (flags & BPF_F_TUNINFO_IPV6) { memcpy(to->remote_ipv6, &info->key.u.ipv6.src, sizeof(to->remote_ipv6)); + memcpy(to->local_ipv6, &info->key.u.ipv6.dst, + sizeof(to->local_ipv6)); to->tunnel_label = be32_to_cpu(info->key.label); } else { to->remote_ipv4 = be32_to_cpu(info->key.u.ipv4.src); memset(&to->remote_ipv6[1], 0, sizeof(__u32) * 3); + to->local_ipv4 = be32_to_cpu(info->key.u.ipv4.dst); + memset(&to->local_ipv6[1], 0, sizeof(__u32) * 3); to->tunnel_label = 0; } @@ -4597,6 +4602,7 @@ BPF_CALL_4(bpf_skb_set_tunnel_key, struct sk_buff *, skb, return -EINVAL; if (unlikely(size != sizeof(struct bpf_tunnel_key))) { switch (size) { + case offsetof(struct bpf_tunnel_key, local_ipv6[0]): case offsetof(struct bpf_tunnel_key, tunnel_label): case offsetof(struct bpf_tunnel_key, tunnel_ext): case offsetof(struct bpf_tunnel_key, remote_ipv6[1]): @@ -4639,10 +4645,13 @@ BPF_CALL_4(bpf_skb_set_tunnel_key, struct sk_buff *, skb, info->mode |= IP_TUNNEL_INFO_IPV6; memcpy(&info->key.u.ipv6.dst, from->remote_ipv6, sizeof(from->remote_ipv6)); + memcpy(&info->key.u.ipv6.src, from->local_ipv6, + sizeof(from->local_ipv6)); info->key.label = cpu_to_be32(from->tunnel_label) & IPV6_FLOWLABEL_MASK; } else { info->key.u.ipv4.dst = cpu_to_be32(from->remote_ipv4); + info->key.u.ipv4.src = cpu_to_be32(from->local_ipv4); } return 0; diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index 4eebea830613..3007d3bc1f7a 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -5562,6 +5562,10 @@ struct bpf_tunnel_key { __u8 tunnel_ttl; __u16 tunnel_ext; /* Padding, future use. */ __u32 tunnel_label; + union { + __u32 local_ipv4; + __u32 local_ipv6[4]; + }; }; /* user accessible mirror of in-kernel xfrm_state. From patchwork Tue Mar 22 15:42:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kaixi Fan X-Patchwork-Id: 12788713 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 106F0C433F5 for ; Tue, 22 Mar 2022 15:43:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238636AbiCVPon (ORCPT ); Tue, 22 Mar 2022 11:44:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238704AbiCVPom (ORCPT ); Tue, 22 Mar 2022 11:44:42 -0400 Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com [IPv6:2607:f8b0:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AAFA18C7EA for ; Tue, 22 Mar 2022 08:43:14 -0700 (PDT) Received: by mail-pl1-x62e.google.com with SMTP id c23so4698101plo.0 for ; Tue, 22 Mar 2022 08:43:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=/Gf4PFN+q2sI9J4U8Vm/W7BrTxMyTJ2z0eZIbeg7XTY=; b=hJs7H6DzCc+L7VOuv4znwiD64iHm7U02s/EXSDHe1xn/6LlyCDiT0LXvM+V81Cj5bg Hp0zqWk1SgK4AdiObde4cqKdryAvJVLja7YS2UAkZVO70J4Ege0bmqqAFN3UaC4g8sc4 KCEK/EebsEihKZw9GOLzRUWCN75aJvlTmaLnbFY74s+j65U/Jc9PMMVgiyTIm6otdhop JheVFbPa5xbpJg4SZAXxoliAbbp5fQ2sHBIWrW0RMPHpU4A93iX0PFs9it7mhdo6TGSh LgTkm0IXxZk93+huhDC2DzTX3mC7/h+p7Vq8F6e4K4NLh9s/sOiUxJdNFoGwhdVd5vFZ qDfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/Gf4PFN+q2sI9J4U8Vm/W7BrTxMyTJ2z0eZIbeg7XTY=; b=YEFaJKlsnrdsnD1fLOIYUTl3tcNHNIGcEcXuA1/kghVac0/YIr4DZr7NtTi/vc52Li jSasIzZIKP1bTiblVmPutCrXkOHPZgc/webufTWAvtReT7Gw7f9Wst1TjsUxvipzJ+rj GUUYUyPzwTc2wSpfr7K7ShLtbAu06yEi90y3wGSo6ZJ5MUG95DtQYX79LHFHdW0fmI4b 9catS0IygrbU5M1Q1Cfz5Nz1fKY2v3uEa0B//sjzJtrGjNylgsFgDNKRgWmVEOm74oHO px5rPhKzxUIPsxGEhm1mZEXiZi5VpEPgIPlwrqtBWAKxeJ4Y1j2poajPbJAR/3owReru F86w== X-Gm-Message-State: AOAM530R3dtunSrJqE6th5QC4UTBNRUfX9Kw5LU34Vi2OMmRJr1WCh4k y//qDwsNq1B0cMiLO2Hrr3VQm/KV2wDJNg== X-Google-Smtp-Source: ABdhPJyUO3IPPiKHS6l52Vrb6XaYeyT9/pjnujVNDOyzxurlL0Df1CeYFiLacc4hJBquBzdfYh2tXA== X-Received: by 2002:a17:903:2348:b0:154:dd0:aba8 with SMTP id c8-20020a170903234800b001540dd0aba8mr19330499plh.51.1647963794166; Tue, 22 Mar 2022 08:43:14 -0700 (PDT) Received: from localhost.localdomain ([2409:8a20:483a:72c0:3435:f390:36c7:be7a]) by smtp.gmail.com with ESMTPSA id d14-20020a056a0024ce00b004f7281cda21sm24719158pfv.167.2022.03.22.08.43.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Mar 2022 08:43:13 -0700 (PDT) From: fankaixi.li@bytedance.com To: kafai@fb.com, songliubraving@fb.com, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, bpf@vger.kernel.org Cc: shuah@kernel.org, ast@kernel.org, andrii@kernel.org, "kaixi.fan" Subject: [External] [PATCH bpf-next v2 2/3] selftests/bpf: add ipv4 vxlan tunnel source testcase Date: Tue, 22 Mar 2022 23:42:30 +0800 Message-Id: <20220322154231.55044-3-fankaixi.li@bytedance.com> X-Mailer: git-send-email 2.24.3 (Apple Git-128) In-Reply-To: <20220322154231.55044-1-fankaixi.li@bytedance.com> References: <20220322154231.55044-1-fankaixi.li@bytedance.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net From: "kaixi.fan" Vxlan tunnel is chosen to test bpf code could configure tunnel source ipv4 address. It's sufficient to prove that other types tunnels could also do it. In the vxlan tunnel testcase, two underlay ipv4 addresses are configured on veth device in root namespace. Test bpf kernel code would configure the secondary ipv4 address as the tunnel source ip. Signed-off-by: kaixi.fan --- .../selftests/bpf/progs/test_tunnel_kern.c | 64 +++++++++++++++++++ tools/testing/selftests/bpf/test_tunnel.sh | 37 ++++++++++- 2 files changed, 99 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c index ef0dde83b85a..ab635c55ae9b 100644 --- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c +++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c @@ -676,4 +676,68 @@ int _xfrm_get_state(struct __sk_buff *skb) return TC_ACT_OK; } +SEC("vxlan_set_tunnel_src") +int _vxlan_set_tunnel_src(struct __sk_buff *skb) +{ + int ret; + struct bpf_tunnel_key key; + struct vxlan_metadata md; + + __builtin_memset(&key, 0x0, sizeof(key)); + key.local_ipv4 = 0xac100114; /* 172.16.1.20 */ + key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */ + key.tunnel_id = 2; + key.tunnel_tos = 0; + key.tunnel_ttl = 64; + + ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), + BPF_F_ZERO_CSUM_TX); + if (ret < 0) { + ERROR(ret); + return TC_ACT_SHOT; + } + + md.gbp = 0x800FF; /* Set VXLAN Group Policy extension */ + ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md)); + if (ret < 0) { + ERROR(ret); + return TC_ACT_SHOT; + } + + return TC_ACT_OK; +} + +SEC("vxlan_get_tunnel_src") +int _vxlan_get_tunnel_src(struct __sk_buff *skb) +{ + int ret; + struct bpf_tunnel_key key; + struct vxlan_metadata md; + char fmt[] = "key %d remote ip 0x%x source ip 0x%x\n"; + char fmt2[] = "vxlan gbp 0x%x\n"; + + ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0); + if (ret < 0) { + ERROR(ret); + return TC_ACT_SHOT; + } + + ret = bpf_skb_get_tunnel_opt(skb, &md, sizeof(md)); + if (ret < 0) { + ERROR(ret); + return TC_ACT_SHOT; + } + + bpf_trace_printk(fmt, sizeof(fmt), + key.tunnel_id, key.remote_ipv4, key.local_ipv4); + bpf_trace_printk(fmt2, sizeof(fmt2), + md.gbp); + + if (key.local_ipv4 != 0xac100114) { + ERROR(ret); + return TC_ACT_SHOT; + } + return TC_ACT_OK; +} + char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_tunnel.sh b/tools/testing/selftests/bpf/test_tunnel.sh index ca1372924023..b6923392bf16 100755 --- a/tools/testing/selftests/bpf/test_tunnel.sh +++ b/tools/testing/selftests/bpf/test_tunnel.sh @@ -161,10 +161,15 @@ add_vxlan_tunnel() # on L3 packet, as a result not applying to ARP packets, # causing errors at get_tunnel_{key/opt}. + # add a secondary ip + if [ "$2" == "2" ]; then + ip addr add dev veth1 172.16.1.20/24 + fi + # at_ns0 namespace ip netns exec at_ns0 \ ip link add dev $DEV_NS type $TYPE \ - id 2 dstport 4789 gbp remote 172.16.1.200 + id 2 dstport 4789 gbp remote $1 ip netns exec at_ns0 \ ip link set dev $DEV_NS address 52:54:00:d9:01:00 up ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24 @@ -412,7 +417,7 @@ test_vxlan() check $TYPE config_device - add_vxlan_tunnel + add_vxlan_tunnel 172.16.1.200 1 attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel ping $PING_ARG 10.1.1.100 check_err $? @@ -661,6 +666,30 @@ test_xfrm_tunnel() echo -e ${GREEN}"PASS: xfrm tunnel"${NC} } +test_vxlan_tunsrc() +{ + TYPE=vxlan + DEV_NS=vxlan00 + DEV=vxlan11 + ret=0 + + check $TYPE + config_device + add_vxlan_tunnel 172.16.1.20 2 + attach_bpf $DEV vxlan_set_tunnel_src vxlan_get_tunnel_src + ping $PING_ARG 10.1.1.100 + check_err $? + ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 + check_err $? + cleanup + + if [ $ret -ne 0 ]; then + echo -e ${RED}"FAIL: ${TYPE}_tunsrc"${NC} + return 1 + fi + echo -e ${GREEN}"PASS: ${TYPE}_tunsrc"${NC} +} + attach_bpf() { DEV=$1 @@ -782,6 +811,10 @@ bpf_tunnel_test() test_xfrm_tunnel errors=$(( $errors + $? )) + echo "Testing VXLAN tunnel source..." + test_vxlan_tunsrc + errors=$(( $errors + $? )) + return $errors } From patchwork Tue Mar 22 15:42:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kaixi Fan X-Patchwork-Id: 12788714 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D1DCCC433EF for ; Tue, 22 Mar 2022 15:43:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238704AbiCVPos (ORCPT ); Tue, 22 Mar 2022 11:44:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53580 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238724AbiCVPor (ORCPT ); Tue, 22 Mar 2022 11:44:47 -0400 Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9FB905E14C for ; Tue, 22 Mar 2022 08:43:18 -0700 (PDT) Received: by mail-pg1-x52b.google.com with SMTP id o8so12905202pgf.9 for ; Tue, 22 Mar 2022 08:43:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=siDI8QW4Z3Xr8UOvjjEK4iOqz9aVw8LFlSZ2bLQHLtg=; b=I3LwXSoepaR7L51Ecrh+JF/wVt4erJSiMtDDQ9lRBOOKYZsIVHICl37+eVEyF4j3kG BwpVyETrWmypEB5JulWBzm42HoaaoaT44sldtsWAUzhLK9+VshENBI+NvWlZuhyXHRfj enaXN7iMu0NM0E6+8y4vc2SDVzOyOfj3TVRzpohDCGjCQIVg+WldwWgkaVBpee89TXw7 tDUJDTvHfUCoKlvZ9pvzaA+gNb6xsamY1HDz2NfSbdpyBfTmXG/EiJ4oRZ2z5SeY5zZz D9qokiXaciLJfz/b0OA3cp2WmvfvJP8vJdLq/P+doemB86ODbkyB6WG9tCiIBpGWoBAw COuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=siDI8QW4Z3Xr8UOvjjEK4iOqz9aVw8LFlSZ2bLQHLtg=; b=kcEfnlNoBvATZPnEN5pdMkrnFF3MeKibIwBiz69784x1TXrf9M0xsz+5dpv8zNvpzA xnfp7EUh1ZpalefSsVjYq/yjlQ4fksZf38OIseqPRNYxZ8WgliiHvG6ZT6DgbaOObkwV wpZi6wYWKGIhyKTEdrGX3z8veuoEhDuVK6Fbdyuyxr6xduK5VDb758ISGHNF1gb8vsMO qe9Z40iVgr0ZWD0cTfXrbWYwA8JH+ptLpSWBDzVZxtmxRRycRoRqVrW4fQJSPhPsdgDZ mYECdlzr4MrWzhyTk0FiLheY96rUj0PfTUr0InhToYju/7bqn6xXnsBbMpWZCimGSNJK +haw== X-Gm-Message-State: AOAM531Q4Wskb7qQTUiRgSjXvYHFe3oN+3PU7t5StoyZZJ5Nep48FYlT VfekQ3+C39oFMWTtuvUH6yPt+A== X-Google-Smtp-Source: ABdhPJz7L7r5MMGh6g68DdpR0SwM2Saqb37LYmqypUCUQgP8CJyzXi9Ajx+8hbRj43e753a2kBBFBA== X-Received: by 2002:a63:1918:0:b0:382:1cfa:eefa with SMTP id z24-20020a631918000000b003821cfaeefamr19478274pgl.510.1647963798079; Tue, 22 Mar 2022 08:43:18 -0700 (PDT) Received: from localhost.localdomain ([2409:8a20:483a:72c0:3435:f390:36c7:be7a]) by smtp.gmail.com with ESMTPSA id d14-20020a056a0024ce00b004f7281cda21sm24719158pfv.167.2022.03.22.08.43.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Mar 2022 08:43:17 -0700 (PDT) From: fankaixi.li@bytedance.com To: kafai@fb.com, songliubraving@fb.com, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, bpf@vger.kernel.org Cc: shuah@kernel.org, ast@kernel.org, andrii@kernel.org, "kaixi.fan" Subject: [External] [PATCH bpf-next v2 3/3] selftests/bpf: add ipv6 vxlan tunnel source testcase Date: Tue, 22 Mar 2022 23:42:31 +0800 Message-Id: <20220322154231.55044-4-fankaixi.li@bytedance.com> X-Mailer: git-send-email 2.24.3 (Apple Git-128) In-Reply-To: <20220322154231.55044-1-fankaixi.li@bytedance.com> References: <20220322154231.55044-1-fankaixi.li@bytedance.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net From: "kaixi.fan" Add two ipv6 address on underlay nic interface, and use bpf code to configure the secondary ipv6 address as the vxlan tunnel source ip. Then check ping6 result and log contains the correct tunnel source ip. Signed-off-by: kaixi.fan --- .../selftests/bpf/progs/test_tunnel_kern.c | 51 +++++++++++++++++++ tools/testing/selftests/bpf/test_tunnel.sh | 43 ++++++++++++++-- 2 files changed, 90 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c index ab635c55ae9b..56e1aee0ba5a 100644 --- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c +++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c @@ -740,4 +740,55 @@ int _vxlan_get_tunnel_src(struct __sk_buff *skb) return TC_ACT_OK; } +SEC("ip6vxlan_set_tunnel_src") +int _ip6vxlan_set_tunnel_src(struct __sk_buff *skb) +{ + struct bpf_tunnel_key key; + int ret; + + __builtin_memset(&key, 0x0, sizeof(key)); + key.local_ipv6[3] = bpf_htonl(0xbb); /* ::bb */ + key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */ + key.tunnel_id = 22; + key.tunnel_tos = 0; + key.tunnel_ttl = 64; + + ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), + BPF_F_TUNINFO_IPV6); + if (ret < 0) { + ERROR(ret); + return TC_ACT_SHOT; + } + + return TC_ACT_OK; +} + +SEC("ip6vxlan_get_tunnel_src") +int _ip6vxlan_get_tunnel_src(struct __sk_buff *skb) +{ + char fmt[] = "key %d remote ip6 ::%x source ip6 ::%x\n"; + char fmt2[] = "label %x\n"; + struct bpf_tunnel_key key; + int ret; + + ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), + BPF_F_TUNINFO_IPV6); + if (ret < 0) { + ERROR(ret); + return TC_ACT_SHOT; + } + + bpf_trace_printk(fmt, sizeof(fmt), + key.tunnel_id, key.remote_ipv6[3], key.local_ipv6[3]); + bpf_trace_printk(fmt2, sizeof(fmt2), + key.tunnel_label); + + if (bpf_ntohl(key.local_ipv6[3]) != 0xbb) { + ERROR(ret); + return TC_ACT_SHOT; + } + + return TC_ACT_OK; +} + char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_tunnel.sh b/tools/testing/selftests/bpf/test_tunnel.sh index b6923392bf16..4b7bf9c7bbe1 100755 --- a/tools/testing/selftests/bpf/test_tunnel.sh +++ b/tools/testing/selftests/bpf/test_tunnel.sh @@ -191,12 +191,15 @@ add_ip6vxlan_tunnel() ip netns exec at_ns0 ip link set dev veth0 up #ip -4 addr del 172.16.1.200 dev veth1 ip -6 addr add dev veth1 ::22/96 + if [ "$2" == "2" ]; then + ip -6 addr add dev veth1 ::bb/96 + fi ip link set dev veth1 up # at_ns0 namespace ip netns exec at_ns0 \ ip link add dev $DEV_NS type $TYPE id 22 dstport 4789 \ - local ::11 remote ::22 + local ::11 remote $1 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24 ip netns exec at_ns0 ip link set dev $DEV_NS up @@ -231,7 +234,7 @@ add_ip6geneve_tunnel() # at_ns0 namespace ip netns exec at_ns0 \ ip link add dev $DEV_NS type $TYPE id 22 \ - remote ::22 # geneve has no local option + remote ::22 # geneve has no local option ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24 ip netns exec at_ns0 ip link set dev $DEV_NS up @@ -394,7 +397,7 @@ test_ip6erspan() check $TYPE config_device - add_ip6erspan_tunnel $1 + add_ip6erspan_tunnel attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel ping6 $PING_ARG ::11 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 @@ -441,7 +444,7 @@ test_ip6vxlan() check $TYPE config_device - add_ip6vxlan_tunnel + add_ip6vxlan_tunnel ::22 1 ip link set dev veth1 mtu 1500 attach_bpf $DEV ip6vxlan_set_tunnel ip6vxlan_get_tunnel # underlay @@ -690,6 +693,34 @@ test_vxlan_tunsrc() echo -e ${GREEN}"PASS: ${TYPE}_tunsrc"${NC} } +test_ip6vxlan_tunsrc() +{ + TYPE=vxlan + DEV_NS=ip6vxlan00 + DEV=ip6vxlan11 + ret=0 + + check $TYPE + config_device + add_ip6vxlan_tunnel ::bb 2 + ip link set dev veth1 mtu 1500 + attach_bpf $DEV ip6vxlan_set_tunnel_src ip6vxlan_get_tunnel_src + # underlay + ping6 $PING_ARG ::11 + # ip4 over ip6 + ping $PING_ARG 10.1.1.100 + check_err $? + ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 + check_err $? + cleanup + + if [ $ret -ne 0 ]; then + echo -e ${RED}"FAIL: ip6${TYPE}_tunsrc"${NC} + return 1 + fi + echo -e ${GREEN}"PASS: ip6${TYPE}_tunsrc"${NC} +} + attach_bpf() { DEV=$1 @@ -815,6 +846,10 @@ bpf_tunnel_test() test_vxlan_tunsrc errors=$(( $errors + $? )) + echo "Testing IP6VXLAN tunnel source..." + test_ip6vxlan_tunsrc + errors=$(( $errors + $? )) + return $errors }