lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 25 Nov 2020 22:44:34 -0800
From:   Yonghong Song <yhs@...com>
To:     Weqaar Janjua <weqaar.janjua@...il.com>, <bpf@...r.kernel.org>,
        <netdev@...r.kernel.org>, <daniel@...earbox.net>, <ast@...nel.org>,
        <magnus.karlsson@...il.com>, <bjorn.topel@...el.com>
CC:     Weqaar Janjua <weqaar.a.janjua@...el.com>, <shuah@...nel.org>,
        <skhan@...uxfoundation.org>, <linux-kselftest@...r.kernel.org>,
        <anders.roxell@...aro.org>, <jonathan.lemon@...il.com>
Subject: Re: [PATCH bpf-next v3 1/5] selftests/bpf: xsk selftests framework



On 11/25/20 10:37 AM, Weqaar Janjua wrote:
> This patch adds AF_XDP selftests framework under selftests/bpf.
> 
> Topology:
> ---------
>       -----------           -----------
>       |  xskX   | --------- |  xskY   |
>       -----------     |     -----------
>            |          |          |
>       -----------     |     ----------
>       |  vethX  | --------- |  vethY |
>       -----------   peer    ----------
>            |          |          |
>       namespaceX      |     namespaceY
> 
> Prerequisites setup by script test_xsk.sh:
> 
>     Set up veth interfaces as per the topology shown ^^:
>     * setup two veth interfaces and one namespace
>     ** veth<xxxx> in root namespace
>     ** veth<yyyy> in af_xdp<xxxx> namespace
>     ** namespace af_xdp<xxxx>
>     * create a spec file veth.spec that includes this run-time configuration
>     *** xxxx and yyyy are randomly generated 4 digit numbers used to avoid
>         conflict with any existing interface
>     * tests the veth and xsk layers of the topology
> 
> Signed-off-by: Weqaar Janjua <weqaar.a.janjua@...el.com>
> ---
>   tools/testing/selftests/bpf/Makefile       |   5 +-
>   tools/testing/selftests/bpf/test_xsk.sh    | 146 +++++++++++++++++++++
>   tools/testing/selftests/bpf/xsk_env.sh     |  11 ++
>   tools/testing/selftests/bpf/xsk_prereqs.sh | 119 +++++++++++++++++
>   4 files changed, 280 insertions(+), 1 deletion(-)
>   create mode 100755 tools/testing/selftests/bpf/test_xsk.sh
>   create mode 100755 tools/testing/selftests/bpf/xsk_env.sh
>   create mode 100755 tools/testing/selftests/bpf/xsk_prereqs.sh
> 
> diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile
> index 3d5940cd110d..596ee5c27906 100644
> --- a/tools/testing/selftests/bpf/Makefile
> +++ b/tools/testing/selftests/bpf/Makefile
> @@ -46,7 +46,9 @@ endif
>   
>   TEST_GEN_FILES =
>   TEST_FILES = test_lwt_ip_encap.o \
> -	test_tc_edt.o
> +	test_tc_edt.o \
> +	xsk_prereqs.sh \
> +	xsk_env.sh
>   
>   # Order correspond to 'make run_tests' order
>   TEST_PROGS := test_kmod.sh \
> @@ -70,6 +72,7 @@ TEST_PROGS := test_kmod.sh \
>   	test_bpftool_build.sh \
>   	test_bpftool.sh \
>   	test_bpftool_metadata.sh \
> +	test_xsk.sh
>   
>   TEST_PROGS_EXTENDED := with_addr.sh \
>   	with_tunnels.sh \
> diff --git a/tools/testing/selftests/bpf/test_xsk.sh b/tools/testing/selftests/bpf/test_xsk.sh
> new file mode 100755
> index 000000000000..1836f2d2f617
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/test_xsk.sh
> @@ -0,0 +1,146 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright(c) 2020 Intel Corporation, Weqaar Janjua <weqaar.a.janjua@...el.com>
> +
> +# AF_XDP selftests based on veth
> +#
> +# End-to-end AF_XDP over Veth test
> +#
> +# Topology:
> +# ---------
> +#      -----------           -----------
> +#      |  xskX   | --------- |  xskY   |
> +#      -----------     |     -----------
> +#           |          |          |
> +#      -----------     |     ----------
> +#      |  vethX  | --------- |  vethY |
> +#      -----------   peer    ----------
> +#           |          |          |
> +#      namespaceX      |     namespaceY
> +#
> +# AF_XDP is an address family optimized for high performance packet processing,
> +# it is XDP’s user-space interface.
> +#
> +# An AF_XDP socket is linked to a single UMEM which is a region of virtual
> +# contiguous memory, divided into equal-sized frames.
> +#
> +# Refer to AF_XDP Kernel Documentation for detailed information:
> +# https://www.kernel.org/doc/html/latest/networking/af_xdp.html
> +#
> +# Prerequisites setup by script:
> +#
> +#   Set up veth interfaces as per the topology shown ^^:
> +#   * setup two veth interfaces and one namespace
> +#   ** veth<xxxx> in root namespace
> +#   ** veth<yyyy> in af_xdp<xxxx> namespace
> +#   ** namespace af_xdp<xxxx>
> +#   * create a spec file veth.spec that includes this run-time configuration
> +#   *** xxxx and yyyy are randomly generated 4 digit numbers used to avoid
> +#       conflict with any existing interface
> +#   * tests the veth and xsk layers of the topology
> +#
> +# Kernel configuration:
> +# ---------------------
> +# See "config" file for recommended kernel config options.
> +#
> +# Turn on XDP sockets and veth support when compiling i.e.
> +# 	Networking support -->
> +# 		Networking options -->
> +# 			[ * ] XDP sockets
> +#
> +# Executing Tests:
> +# ----------------
> +# Must run with CAP_NET_ADMIN capability.
> +#
> +# Run (summary only):
> +#  sudo make summary=1 run_tests
> +#
> +# Run (full color-coded output):
> +#   sudo make colorconsole=1 run_tests
> +#
> +# Run (full output without color-coding):
> +#   sudo make run_tests
> +#
> +# Clean:
> +#  sudo make clean

Can I just run test_xsk.sh at tools/testing/selftests/bpf/ directory?
This will be easier than the above for bpf developers. If it does not 
work, I would like to recommend to make it work.

I did that and there are some test failures.

root@...h-fb-vm1:~/net-next/net-next/tools/testing/selftests/bpf 
./test_xsk.sh
[ 3857.572549] ip (2547) used greatest stack depth: 11864 bytes left 

setting up ve1417: root: 192.168.222.1/30 

setting up ve6185: af_xdp6185: 192.168.222.2/30 

[ 3857.673408] IPv6: ADDRCONF(NETDEV_CHANGE): ve6185: link becomes ready 

Spec file created: veth.spec 

PREREQUISITES: [ PASS ] 

# Interface found: ve1417 

# Interface found: ve6185 

# NS switched: af_xdp6185 

1..1 

# Interface [ve6185] vector [Rx] 

# Interface [ve1417] vector [Tx] 

# Sending 10000 packets on interface ve1417 

not ok 1 ERROR: [worker_pkt_validate] prev_pkt [0], payloadseqnum [0] 

# Totals: pass:0 fail:1 xfail:0 xpass:0 skip:0 error:0 

SKB NOPOLL: [ FAIL ] 

# Interface found: ve1417 

# Interface found: ve6185 

# NS switched: af_xdp6185 

1..1 

# Interface [ve6185] vector [Rx] 

# Interface [ve1417] vector [Tx] 

# Sending 10000 packets on interface ve1417 

# End-of-tranmission frame received: PASS 

# Received 10000 packets on interface ve6185
ok 1 PASS: SKB POLL
# Totals: pass:1 fail:0 xfail:0 xpass:0 skip:0 error:0
SKB POLL: [ PASS ]
# Interface found: ve1417
# Interface found: ve6185
# NS switched: af_xdp6185
1..1
# Interface [ve6185] vector [Rx]
# Interface [ve1417] vector [Tx]
# Sending 10000 packets on interface ve1417
not ok 1 ERROR: [worker_pkt_validate] prev_pkt [95], payloadseqnum [0]
# Totals: pass:0 fail:1 xfail:0 xpass:0 skip:0 error:0
DRV NOPOLL: [ FAIL ]
# Interface found: ve1417
# Interface found: ve6185
# NS switched: af_xdp6185
1..1
# Interface [ve6185] vector [Rx]
# Interface [ve1417] vector [Tx]
# Sending 10000 packets on interface ve1417
# End-of-tranmission frame received: PASS
# Received 10000 packets on interface ve6185
ok 1 PASS: DRV POLL
# Totals: pass:1 fail:0 xfail:0 xpass:0 skip:0 error:0
DRV POLL: [ PASS ]
# Interface found: ve1417
# Interface found: ve6185
# NS switched: af_xdp6185
1..1
# Creating socket
# Interface [ve6185] vector [Rx]
# Interface [ve1417] vector [Tx]
# Sending 10000 packets on interface ve1417
not ok 1 ERROR: [worker_pkt_validate] prev_pkt [29], payloadseqnum [0]
# Totals: pass:0 fail:1 xfail:0 xpass:0 skip:0 error:0
SKB SOCKET TEARDOWN: [ FAIL ]
# Interface found: ve1417
# Interface found: ve6185
# NS switched: af_xdp6185
1..1
# Creating socket
# Interface [ve6185] vector [Rx]
# Interface [ve1417] vector [Tx]
# Sending 10000 packets on interface ve1417
not ok 1 ERROR: [worker_pkt_validate] prev_pkt [23], payloadseqnum [0]
# Totals: pass:0 fail:1 xfail:0 xpass:0 skip:0 error:0
DRV SOCKET TEARDOWN: [ FAIL ]
# Interface found: ve1417
# Interface found: ve6185
# NS switched: af_xdp6185
1..1
# Creating socket
# Interface [ve6185] vector [Rx]
# Interface [ve1417] vector [Tx]
# Sending 10000 packets on interface ve1417
not ok 1 ERROR: [worker_pkt_validate] prev_pkt [88], payloadseqnum [0]
# Totals: pass:0 fail:1 xfail:0 xpass:0 skip:0 error:0
SKB BIDIRECTIONAL SOCKETS: [ FAIL ]
# Interface found: ve1417
# Interface found: ve6185
# NS switched: af_xdp6185
1..1
# Creating socket
# Interface [ve6185] vector [Rx]
# Interface [ve1417] vector [Tx]
# Sending 10000 packets on interface ve1417
not ok 1 ERROR: [worker_pkt_validate] prev_pkt [1], payloadseqnum [0]
# Totals: pass:0 fail:1 xfail:0 xpass:0 skip:0 error:0
DRV BIDIRECTIONAL SOCKETS: [ FAIL ]
cleaning up...
removing link ve6185
removing ns af_xdp6185
removing spec file: veth.spec
root@...h-fb-vm1:~/net-next/net-next/tools/testing/selftests/bpf

I do have the following
    CONFIG_VETH=y
    CONFIG_XDP_SOCKETS=y

What other configures I am missing?

BTW, I cherry-picked the following pick from bpf tree in this experiment.
   commit e7f4a5919bf66e530e08ff352d9b78ed89574e6b (HEAD -> xsk)
   Author: Björn Töpel <bjorn.topel@...el.com>
   Date:   Mon Nov 23 18:56:00 2020 +0100

       net, xsk: Avoid taking multiple skbuff references

> +
> +. xsk_prereqs.sh
> +
> +TEST_NAME="PREREQUISITES"
> +
> +URANDOM=/dev/urandom
> +[ ! -e "${URANDOM}" ] && { echo "${URANDOM} not found. Skipping tests."; test_exit 1 1; }
> +
> +VETH0_POSTFIX=$(cat ${URANDOM} | tr -dc '0-9' | fold -w 256 | head -n 1 | head --bytes 4)
> +VETH0=ve${VETH0_POSTFIX}
> +VETH1_POSTFIX=$(cat ${URANDOM} | tr -dc '0-9' | fold -w 256 | head -n 1 | head --bytes 4)
> +VETH1=ve${VETH1_POSTFIX}
> +NS1=af_xdp${VETH1_POSTFIX}
> +IPADDR_VETH0=192.168.222.1/30
> +IPADDR_VETH1=192.168.222.2/30
> +MTU=1500
> +
> +setup_vethPairs() {
> +	echo "setting up ${VETH0}: root: ${IPADDR_VETH0}"
> +	ip netns add ${NS1}
> +	ip link add ${VETH0} type veth peer name ${VETH1}
> +	ip addr add dev ${VETH0} ${IPADDR_VETH0}
> +	echo "setting up ${VETH1}: ${NS1}: ${IPADDR_VETH1}"
> +	ip link set ${VETH1} netns ${NS1}
> +	ip netns exec ${NS1} ip addr add dev ${VETH1} ${IPADDR_VETH1}
> +	ip netns exec ${NS1} ip link set ${VETH1} mtu ${MTU}
> +	ip netns exec ${NS1} ip link set ${VETH1} up
> +	ip link set ${VETH0} mtu ${MTU}
> +	ip link set ${VETH0} up
> +}
> +
> +validate_root_exec
> +validate_veth_support ${VETH0}
> +validate_configs
> +setup_vethPairs
> +
> +retval=$?
> +if [ $retval -ne 0 ]; then
> +	test_status $retval "${TEST_NAME}"
> +	cleanup_exit ${VETH0} ${VETH1} ${NS1}
> +	exit $retval
> +fi
> +
> +echo "${VETH0}:${VETH1},${NS1}" > ${SPECFILE}
> +
> +echo "Spec file created: ${SPECFILE}"
> +
> +test_status $retval "${TEST_NAME}"
> +
> +## START TESTS
> +
> +statusList=()
> +
> +### TEST 1
> +TEST_NAME="XSK FRAMEWORK"
> +
> +echo "Switching interfaces [${VETH0}, ${VETH1}] to XDP Generic mode"
> +vethXDPgeneric ${VETH0} ${VETH1} ${NS1}
> +
> +retval=$?
> +if [ $retval -eq 0 ]; then
> +	echo "Switching interfaces [${VETH0}, ${VETH1}] to XDP Native mode"
> +	vethXDPnative ${VETH0} ${VETH1} ${NS1}
> +fi
> +
> +retval=$?
> +test_status $retval "${TEST_NAME}"
> +statusList+=($retval)
> +
> +## END TESTS
> +
> +cleanup_exit ${VETH0} ${VETH1} ${NS1}
> +
> +for _status in "${statusList[@]}"
> +do
> +	if [ $_status -ne 0 ]; then
> +		test_exit $ksft_fail 0
> +	fi
> +done
> +
> +test_exit $ksft_pass 0
> diff --git a/tools/testing/selftests/bpf/xsk_env.sh b/tools/testing/selftests/bpf/xsk_env.sh
> new file mode 100755
> index 000000000000..2c41b4284cae
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/xsk_env.sh
> @@ -0,0 +1,11 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright(c) 2020 Intel Corporation.
> +
> +. xsk_prereqs.sh
> +
> +validate_veth_spec_file
> +
> +VETH0=$(cat ${SPECFILE} | cut -d':' -f 1)
> +VETH1=$(cat ${SPECFILE} | cut -d':' -f 2 | cut -d',' -f 1)
> +NS1=$(cat ${SPECFILE} | cut -d':' -f 2 | cut -d',' -f 2)
> diff --git a/tools/testing/selftests/bpf/xsk_prereqs.sh b/tools/testing/selftests/bpf/xsk_prereqs.sh
> new file mode 100755
> index 000000000000..694c5f5ab5e3
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/xsk_prereqs.sh
> @@ -0,0 +1,119 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright(c) 2020 Intel Corporation.
> +
> +ksft_pass=0
> +ksft_fail=1
> +ksft_xfail=2
> +ksft_xpass=3
> +ksft_skip=4
> +
> +GREEN='\033[0;92m'
> +YELLOW='\033[0;93m'
> +RED='\033[0;31m'
> +NC='\033[0m'
> +STACK_LIM=131072
> +SPECFILE=veth.spec
> +
> +validate_root_exec()
> +{
> +	msg="skip all tests:"
> +	if [ $UID != 0 ]; then
> +		echo $msg must be run as root >&2
> +		test_exit $ksft_fail 2
> +	else
> +		return $ksft_pass
> +	fi
> +}
> +
> +validate_veth_support()
> +{
> +	msg="skip all tests:"
> +	if [ $(ip link add $1 type veth 2>/dev/null; echo $?;) != 0 ]; then
> +		echo $msg veth kernel support not available >&2
> +		test_exit $ksft_skip 1
> +	else
> +		ip link del $1
> +		return $ksft_pass
> +	fi
> +}
> +
> +validate_veth_spec_file()
> +{
> +	if [ ! -f ${SPECFILE} ]; then
> +		test_exit $ksft_skip 1
> +	fi
> +}
> +
> +test_status()
> +{
> +	statusval=$1
> +	if [ -n "${colorconsole+set}" ]; then
> +		if [ $statusval -eq 2 ]; then
> +			echo -e "${YELLOW}$2${NC}: [ ${RED}FAIL${NC} ]"
> +		elif [ $statusval -eq 1 ]; then
> +			echo -e "${YELLOW}$2${NC}: [ ${RED}SKIPPED${NC} ]"
> +		elif [ $statusval -eq 0 ]; then
> +			echo -e "${YELLOW}$2${NC}: [ ${GREEN}PASS${NC} ]"
> +		fi
> +	else
> +		if [ $statusval -eq 2 ]; then
> +			echo -e "$2: [ FAIL ]"
> +		elif [ $statusval -eq 1 ]; then
> +			echo -e "$2: [ SKIPPED ]"
> +		elif [ $statusval -eq 0 ]; then
> +			echo -e "$2: [ PASS ]"
> +		fi
> +	fi
> +}
> +
> +test_exit()
> +{
> +	retval=$1
> +	if [ $2 -ne 0 ]; then
> +		test_status $2 $(basename $0)
> +	fi
> +	exit $retval
> +}
> +
> +clear_configs()
> +{
> +	if [ $(ip netns show | grep $3 &>/dev/null; echo $?;) == 0 ]; then
> +		[ $(ip netns exec $3 ip link show $2 &>/dev/null; echo $?;) == 0 ] &&
> +			{ echo "removing link $2"; ip netns exec $3 ip link del $2; }
> +		echo "removing ns $3"
> +		ip netns del $3
> +	fi
> +	#Once we delete a veth pair node, the entire veth pair is removed,
> +	#this is just to be cautious just incase the NS does not exist then
> +	#veth node inside NS won't get removed so we explicitly remove it
> +	[ $(ip link show $1 &>/dev/null; echo $?;) == 0 ] &&
> +		{ echo "removing link $1"; ip link del $1; }
> +	if [ -f ${SPECFILE} ]; then
> +		echo "removing spec file:" ${SPECFILE}
> +		rm -f ${SPECFILE}
> +	fi
> +}
> +
> +cleanup_exit()
> +{
> +	echo "cleaning up..."
> +	clear_configs $1 $2 $3
> +}
> +
> +validate_configs()
> +{
> +	[ ! $(type -P ip) ] && { echo "'ip' not found. Skipping tests."; test_exit $ksft_skip 1; }
> +}
> +
> +vethXDPgeneric()
> +{
> +	ip link set dev $1 xdpdrv off
> +	ip netns exec $3 ip link set dev $2 xdpdrv off
> +}
> +
> +vethXDPnative()
> +{
> +	ip link set dev $1 xdpgeneric off
> +	ip netns exec $3 ip link set dev $2 xdpgeneric off
> +}
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ