lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y9q+EZKMHOh78dFK@google.com>
Date:   Wed, 1 Feb 2023 11:31:29 -0800
From:   Stanislav Fomichev <sdf@...gle.com>
To:     Lorenzo Bianconi <lorenzo@...nel.org>
Cc:     bpf@...r.kernel.org, netdev@...r.kernel.org, ast@...nel.org,
        daniel@...earbox.net, andrii@...nel.org, davem@...emloft.net,
        kuba@...nel.org, pabeni@...hat.com, edumazet@...gle.com,
        hawk@...nel.org, toke@...hat.com, memxor@...il.com,
        alardam@...il.com, saeedm@...dia.com, anthony.l.nguyen@...el.com,
        gospo@...adcom.com, vladimir.oltean@....com, nbd@....name,
        john@...ozen.org, leon@...nel.org, simon.horman@...igine.com,
        aelior@...vell.com, christophe.jaillet@...adoo.fr,
        ecree.xilinx@...il.com, mst@...hat.com, bjorn@...nel.org,
        magnus.karlsson@...el.com, maciej.fijalkowski@...el.com,
        intel-wired-lan@...ts.osuosl.org, lorenzo.bianconi@...hat.com,
        martin.lau@...ux.dev, gerhard@...leder-embedded.com
Subject: Re: [PATCH v5 bpf-next 8/8] selftests/bpf: introduce XDP compliance
 test tool

On 02/01, Lorenzo Bianconi wrote:
> Introduce xdp_features tool in order to test XDP features supported by
> the NIC and match them against advertised ones.
> In order to test supported/advertised XDP features, xdp_features must
> run on the Device Under Test (DUT) and on a Tester device.
> xdp_features opens a control TCP channel between DUT and Tester devices
> to send control commands from Tester to the DUT and a UDP data channel
> where the Tester sends UDP 'echo' packets and the DUT is expected to
> reply back with the same packet. DUT installs multiple XDP programs on the
> NIC to test XDP capabilities and reports back to the Tester some XDP  
> stats.
> Currently xdp_features supports the following XDP features:
> - XDP_DROP
> - XDP_ABORTED
> - XDP_PASS
> - XDP_TX
> - XDP_REDIRECT
> - XDP_NDO_XMIT

> Co-developed-by: Kumar Kartikeya Dwivedi <memxor@...il.com>
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@...il.com>
> Signed-off-by: Lorenzo Bianconi <lorenzo@...nel.org>

Thank you for doing the changes!

Acked-by: Stanislav Fomichev <sdf@...gle.com>

> ---
>   tools/testing/selftests/bpf/.gitignore        |   1 +
>   tools/testing/selftests/bpf/Makefile          |  11 +-
>   .../selftests/bpf/progs/xdp_features.c        | 269 +++++++
>   .../selftests/bpf/test_xdp_features.sh        | 107 +++
>   tools/testing/selftests/bpf/xdp_features.c    | 699 ++++++++++++++++++
>   tools/testing/selftests/bpf/xdp_features.h    |  20 +
>   6 files changed, 1105 insertions(+), 2 deletions(-)
>   create mode 100644 tools/testing/selftests/bpf/progs/xdp_features.c
>   create mode 100755 tools/testing/selftests/bpf/test_xdp_features.sh
>   create mode 100644 tools/testing/selftests/bpf/xdp_features.c
>   create mode 100644 tools/testing/selftests/bpf/xdp_features.h

> diff --git a/tools/testing/selftests/bpf/.gitignore  
> b/tools/testing/selftests/bpf/.gitignore
> index 4aa5bba956ff..116fecf80ca1 100644
> --- a/tools/testing/selftests/bpf/.gitignore
> +++ b/tools/testing/selftests/bpf/.gitignore
> @@ -48,3 +48,4 @@ xskxceiver
>   xdp_redirect_multi
>   xdp_synproxy
>   xdp_hw_metadata
> +xdp_features
> diff --git a/tools/testing/selftests/bpf/Makefile  
> b/tools/testing/selftests/bpf/Makefile
> index e79039726173..b2eb3201b85a 100644
> --- a/tools/testing/selftests/bpf/Makefile
> +++ b/tools/testing/selftests/bpf/Makefile
> @@ -73,7 +73,8 @@ TEST_PROGS := test_kmod.sh \
>   	test_bpftool.sh \
>   	test_bpftool_metadata.sh \
>   	test_doc_build.sh \
> -	test_xsk.sh
> +	test_xsk.sh \
> +	test_xdp_features.sh

>   TEST_PROGS_EXTENDED := with_addr.sh \
>   	with_tunnels.sh ima_setup.sh verify_sig_setup.sh \
> @@ -83,7 +84,8 @@ TEST_PROGS_EXTENDED := with_addr.sh \
>   TEST_GEN_PROGS_EXTENDED = test_sock_addr test_skb_cgroup_id_user \
>   	flow_dissector_load test_flow_dissector test_tcp_check_syncookie_user \
>   	test_lirc_mode2_user xdping test_cpp runqslower bench bpf_testmod.ko \
> -	xskxceiver xdp_redirect_multi xdp_synproxy veristat xdp_hw_metadata
> +	xskxceiver xdp_redirect_multi xdp_synproxy veristat xdp_hw_metadata \
> +	xdp_features

>   TEST_CUSTOM_PROGS = $(OUTPUT)/urandom_read $(OUTPUT)/sign-file
>   TEST_GEN_FILES += liburandom_read.so
> @@ -385,6 +387,7 @@ test_subskeleton_lib.skel.h-deps :=  
> test_subskeleton_lib2.bpf.o test_subskeleton
>   test_usdt.skel.h-deps := test_usdt.bpf.o test_usdt_multispec.bpf.o
>   xsk_xdp_progs.skel.h-deps := xsk_xdp_progs.bpf.o
>   xdp_hw_metadata.skel.h-deps := xdp_hw_metadata.bpf.o
> +xdp_features.skel.h-deps := xdp_features.bpf.o

>   LINKED_BPF_SRCS := $(patsubst %.bpf.o,%.c,$(foreach  
> skel,$(LINKED_SKELS),$($(skel)-deps)))

> @@ -587,6 +590,10 @@ $(OUTPUT)/xdp_hw_metadata: xdp_hw_metadata.c  
> $(OUTPUT)/network_helpers.o $(OUTPU
>   	$(call msg,BINARY,,$@)
>   	$(Q)$(CC) $(CFLAGS) $(filter %.a %.o %.c,$^) $(LDLIBS) -o $@

> +$(OUTPUT)/xdp_features: xdp_features.c $(OUTPUT)/network_helpers.o  
> $(OUTPUT)/xdp_features.skel.h | $(OUTPUT)
> +	$(call msg,BINARY,,$@)
> +	$(Q)$(CC) $(CFLAGS) $(filter %.a %.o %.c,$^) $(LDLIBS) -o $@
> +
>   # Make sure we are able to include and link libbpf against c++.
>   $(OUTPUT)/test_cpp: test_cpp.cpp $(OUTPUT)/test_core_extern.skel.h  
> $(BPFOBJ)
>   	$(call msg,CXX,,$@)
> diff --git a/tools/testing/selftests/bpf/progs/xdp_features.c  
> b/tools/testing/selftests/bpf/progs/xdp_features.c
> new file mode 100644
> index 000000000000..87c247d56f72
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/progs/xdp_features.c
> @@ -0,0 +1,269 @@
> +// SPDX-License-Identifier: GPL-2.0
> +
> +#include <stdbool.h>
> +#include <linux/bpf.h>
> +#include <linux/netdev.h>
> +#include <bpf/bpf_helpers.h>
> +#include <bpf/bpf_endian.h>
> +#include <bpf/bpf_tracing.h>
> +#include <linux/if_ether.h>
> +#include <linux/ip.h>
> +#include <linux/ipv6.h>
> +#include <linux/in.h>
> +#include <linux/in6.h>
> +#include <linux/udp.h>
> +#include <asm-generic/errno-base.h>
> +
> +#include "xdp_features.h"
> +
> +#define ipv6_addr_equal(a, b)	((a).s6_addr32[0] == (b).s6_addr32[0] &&	\
> +				 (a).s6_addr32[1] == (b).s6_addr32[1] &&	\
> +				 (a).s6_addr32[2] == (b).s6_addr32[2] &&	\
> +				 (a).s6_addr32[3] == (b).s6_addr32[3])
> +
> +struct net_device;
> +struct bpf_prog;
> +
> +struct xdp_cpumap_stats {
> +	unsigned int redirect;
> +	unsigned int pass;
> +	unsigned int drop;
> +};
> +
> +struct {
> +	__uint(type, BPF_MAP_TYPE_ARRAY);
> +	__type(key, __u32);
> +	__type(value, __u32);
> +	__uint(max_entries, 1);
> +} stats SEC(".maps");
> +
> +struct {
> +	__uint(type, BPF_MAP_TYPE_ARRAY);
> +	__type(key, __u32);
> +	__type(value, __u32);
> +	__uint(max_entries, 1);
> +} dut_stats SEC(".maps");
> +
> +struct {
> +	__uint(type, BPF_MAP_TYPE_CPUMAP);
> +	__uint(key_size, sizeof(__u32));
> +	__uint(value_size, sizeof(struct bpf_cpumap_val));
> +	__uint(max_entries, 1);
> +} cpu_map SEC(".maps");
> +
> +struct {
> +	__uint(type, BPF_MAP_TYPE_DEVMAP);
> +	__uint(key_size, sizeof(__u32));
> +	__uint(value_size, sizeof(struct bpf_devmap_val));
> +	__uint(max_entries, 1);
> +} dev_map SEC(".maps");
> +
> +const volatile struct in6_addr tester_addr;
> +const volatile struct in6_addr dut_addr;
> +
> +static __always_inline int
> +xdp_process_echo_packet(struct xdp_md *xdp, bool dut)
> +{
> +	void *data_end = (void *)(long)xdp->data_end;
> +	void *data = (void *)(long)xdp->data;
> +	struct ethhdr *eh = data;
> +	struct tlv_hdr *tlv;
> +	struct udphdr *uh;
> +	__be16 port;
> +	__u8 *cmd;
> +
> +	if (eh + 1 > (struct ethhdr *)data_end)
> +		return -EINVAL;
> +
> +	if (eh->h_proto == bpf_htons(ETH_P_IP)) {
> +		struct iphdr *ih = (struct iphdr *)(eh + 1);
> +		__be32 saddr = dut ? tester_addr.s6_addr32[3]
> +				   : dut_addr.s6_addr32[3];
> +		__be32 daddr = dut ? dut_addr.s6_addr32[3]
> +				   : tester_addr.s6_addr32[3];
> +
> +		ih = (struct iphdr *)(eh + 1);
> +		if (ih + 1 > (struct iphdr *)data_end)
> +			return -EINVAL;
> +
> +		if (saddr != ih->saddr)
> +			return -EINVAL;
> +
> +		if (daddr != ih->daddr)
> +			return -EINVAL;
> +
> +		if (ih->protocol != IPPROTO_UDP)
> +			return -EINVAL;
> +
> +		uh = (struct udphdr *)(ih + 1);
> +	} else if (eh->h_proto == bpf_htons(ETH_P_IPV6)) {
> +		struct in6_addr saddr = dut ? tester_addr : dut_addr;
> +		struct in6_addr daddr = dut ? dut_addr : tester_addr;
> +		struct ipv6hdr *ih6 = (struct ipv6hdr *)(eh + 1);
> +
> +		if (ih6 + 1 > (struct ipv6hdr *)data_end)
> +			return -EINVAL;
> +
> +		if (!ipv6_addr_equal(saddr, ih6->saddr))
> +			return -EINVAL;
> +
> +		if (!ipv6_addr_equal(daddr, ih6->daddr))
> +			return -EINVAL;
> +
> +		if (ih6->nexthdr != IPPROTO_UDP)
> +			return -EINVAL;
> +
> +		uh = (struct udphdr *)(ih6 + 1);
> +	} else {
> +		return -EINVAL;
> +	}
> +
> +	if (uh + 1 > (struct udphdr *)data_end)
> +		return -EINVAL;
> +
> +	port = dut ? uh->dest : uh->source;
> +	if (port != bpf_htons(DUT_ECHO_PORT))
> +		return -EINVAL;
> +
> +	tlv = (struct tlv_hdr *)(uh + 1);
> +	if (tlv + 1 > data_end)
> +		return -EINVAL;
> +
> +	return bpf_htons(tlv->type) == CMD_ECHO ? 0 : -EINVAL;
> +}
> +
> +static __always_inline int
> +xdp_update_stats(struct xdp_md *xdp, bool tx, bool dut)
> +{
> +	__u32 *val, key = 0;
> +
> +	if (xdp_process_echo_packet(xdp, tx))
> +		return -EINVAL;
> +
> +	if (dut)
> +		val = bpf_map_lookup_elem(&dut_stats, &key);
> +	else
> +		val = bpf_map_lookup_elem(&stats, &key);
> +
> +	if (val)
> +		__sync_add_and_fetch(val, 1);
> +
> +	return 0;
> +}
> +
> +/* Tester */
> +
> +SEC("xdp")
> +int xdp_tester_check_tx(struct xdp_md *xdp)
> +{
> +	xdp_update_stats(xdp, true, false);
> +
> +	return XDP_PASS;
> +}
> +
> +SEC("xdp")
> +int xdp_tester_check_rx(struct xdp_md *xdp)
> +{
> +	xdp_update_stats(xdp, false, false);
> +
> +	return XDP_PASS;
> +}
> +
> +/* DUT */
> +
> +SEC("xdp")
> +int xdp_do_pass(struct xdp_md *xdp)
> +{
> +	xdp_update_stats(xdp, true, true);
> +
> +	return XDP_PASS;
> +}
> +
> +SEC("xdp")
> +int xdp_do_drop(struct xdp_md *xdp)
> +{
> +	if (xdp_update_stats(xdp, true, true))
> +		return XDP_PASS;
> +
> +	return XDP_DROP;
> +}
> +
> +SEC("xdp")
> +int xdp_do_aborted(struct xdp_md *xdp)
> +{
> +	if (xdp_process_echo_packet(xdp, true))
> +		return XDP_PASS;
> +
> +	return XDP_ABORTED;
> +}
> +
> +SEC("xdp")
> +int xdp_do_tx(struct xdp_md *xdp)
> +{
> +	void *data = (void *)(long)xdp->data;
> +	struct ethhdr *eh = data;
> +	__u8 tmp_mac[ETH_ALEN];
> +
> +	if (xdp_update_stats(xdp, true, true))
> +		return XDP_PASS;
> +
> +	__builtin_memcpy(tmp_mac, eh->h_source, ETH_ALEN);
> +	__builtin_memcpy(eh->h_source, eh->h_dest, ETH_ALEN);
> +	__builtin_memcpy(eh->h_dest, tmp_mac, ETH_ALEN);
> +
> +	return XDP_TX;
> +}
> +
> +SEC("xdp")
> +int xdp_do_redirect(struct xdp_md *xdp)
> +{
> +	if (xdp_process_echo_packet(xdp, true))
> +		return XDP_PASS;
> +
> +	return bpf_redirect_map(&cpu_map, 0, 0);
> +}
> +
> +SEC("tp_btf/xdp_exception")
> +int BPF_PROG(xdp_exception, const struct net_device *dev,
> +	     const struct bpf_prog *xdp, __u32 act)
> +{
> +	__u32 *val, key = 0;
> +
> +	val = bpf_map_lookup_elem(&dut_stats, &key);
> +	if (val)
> +		__sync_add_and_fetch(val, 1);
> +
> +	return 0;
> +}
> +
> +SEC("tp_btf/xdp_cpumap_kthread")
> +int BPF_PROG(tp_xdp_cpumap_kthread, int map_id, unsigned int processed,
> +	     unsigned int drops, int sched, struct xdp_cpumap_stats *xdp_stats)
> +{
> +	__u32 *val, key = 0;
> +
> +	val = bpf_map_lookup_elem(&dut_stats, &key);
> +	if (val)
> +		__sync_add_and_fetch(val, 1);
> +
> +	return 0;
> +}
> +
> +SEC("xdp/cpumap")
> +int xdp_do_redirect_cpumap(struct xdp_md *xdp)
> +{
> +	void *data = (void *)(long)xdp->data;
> +	struct ethhdr *eh = data;
> +	__u8 tmp_mac[ETH_ALEN];
> +
> +	if (xdp_process_echo_packet(xdp, true))
> +		return XDP_PASS;
> +
> +	__builtin_memcpy(tmp_mac, eh->h_source, ETH_ALEN);
> +	__builtin_memcpy(eh->h_source, eh->h_dest, ETH_ALEN);
> +	__builtin_memcpy(eh->h_dest, tmp_mac, ETH_ALEN);
> +
> +	return bpf_redirect_map(&dev_map, 0, 0);
> +}
> +
> +char _license[] SEC("license") = "GPL";
> diff --git a/tools/testing/selftests/bpf/test_xdp_features.sh  
> b/tools/testing/selftests/bpf/test_xdp_features.sh
> new file mode 100755
> index 000000000000..0aa71c4455c0
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/test_xdp_features.sh
> @@ -0,0 +1,107 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +
> +readonly NS="ns1-$(mktemp -u XXXXXX)"
> +readonly V0_IP4=10.10.0.11
> +readonly V1_IP4=10.10.0.1
> +readonly V0_IP6=2001:db8::11
> +readonly V1_IP6=2001:db8::1
> +
> +ret=1
> +
> +setup() {
> +	{
> +		ip netns add ${NS}
> +
> +		ip link add v1 type veth peer name v0 netns ${NS}
> +
> +		ip link set v1 up
> +		ip addr add $V1_IP4/24 dev v1
> +		ip addr add $V1_IP6/64 nodad dev v1
> +		ip -n ${NS} link set dev v0 up
> +		ip -n ${NS} addr add $V0_IP4/24 dev v0
> +		ip -n ${NS} addr add $V0_IP6/64 nodad dev v0
> +
> +		# Enable XDP mode and disable checksum offload
> +		ethtool -K v1 gro on
> +		ethtool -K v1 tx-checksumming off
> +		ip netns exec ${NS} ethtool -K v0 gro on
> +		ip netns exec ${NS} ethtool -K v0 tx-checksumming off
> +	} > /dev/null 2>&1
> +}
> +
> +cleanup() {
> +	ip link del v1 2> /dev/null
> +	ip netns del ${NS} 2> /dev/null
> +	[ "$(pidof xdp_features)" = "" ] || kill $(pidof xdp_features) 2>  
> /dev/null
> +}
> +
> +wait_for_dut_server() {
> +	while sleep 1; do
> +		ss -tlp | grep -q xdp_features
> +		[ $? -eq 0 ] && break
> +	done
> +}
> +
> +test_xdp_features() {
> +	setup
> +
> +	## XDP_PASS
> +	./xdp_features -f XDP_PASS -D $V1_IP6 -T $V0_IP6 v1 &
> +	wait_for_dut_server
> +	ip netns exec ${NS} ./xdp_features -t -f XDP_PASS \
> +					   -D $V1_IP6 -C $V1_IP6 \
> +					   -T $V0_IP6 v0
> +	[ $? -ne 0 ] && exit
> +
> +	## XDP_DROP
> +	./xdp_features -f XDP_DROP -D ::ffff:$V1_IP4 -T ::ffff:$V0_IP4 v1 &
> +	wait_for_dut_server
> +	ip netns exec ${NS} ./xdp_features -t -f XDP_DROP \
> +					   -D ::ffff:$V1_IP4 \
> +					   -C ::ffff:$V1_IP4 \
> +					   -T ::ffff:$V0_IP4 v0
> +	[ $? -ne 0 ] && exit
> +
> +	## XDP_ABORTED
> +	./xdp_features -f XDP_ABORTED -D $V1_IP6 -T $V0_IP6 v1 &
> +	wait_for_dut_server
> +	ip netns exec ${NS} ./xdp_features -t -f XDP_ABORTED \
> +					   -D $V1_IP6 -C $V1_IP6 \
> +					   -T $V0_IP6 v0
> +	[ $? -ne 0 ] && exit
> +
> +	## XDP_TX
> +	./xdp_features -f XDP_TX -D ::ffff:$V1_IP4 -T ::ffff:$V0_IP4 v1 &
> +	wait_for_dut_server
> +	ip netns exec ${NS} ./xdp_features -t -f XDP_TX \
> +					   -D ::ffff:$V1_IP4 \
> +					   -C ::ffff:$V1_IP4 \
> +					   -T ::ffff:$V0_IP4 v0
> +	[ $? -ne 0 ] && exit
> +
> +	## XDP_REDIRECT
> +	./xdp_features -f XDP_REDIRECT -D $V1_IP6 -T $V0_IP6 v1 &
> +	wait_for_dut_server
> +	ip netns exec ${NS} ./xdp_features -t -f XDP_REDIRECT \
> +					   -D $V1_IP6 -C $V1_IP6 \
> +					   -T $V0_IP6 v0
> +	[ $? -ne 0 ] && exit
> +
> +	## XDP_NDO_XMIT
> +	./xdp_features -f XDP_NDO_XMIT -D ::ffff:$V1_IP4 -T ::ffff:$V0_IP4 v1 &
> +	wait_for_dut_server
> +	ip netns exec ${NS} ./xdp_features -t -f XDP_NDO_XMIT \
> +					   -D ::ffff:$V1_IP4 \
> +					   -C ::ffff:$V1_IP4 \
> +					   -T ::ffff:$V0_IP4 v0
> +	ret=$?
> +	cleanup
> +}
> +
> +set -e
> +trap cleanup 2 3 6 9
> +
> +test_xdp_features
> +
> +exit $ret
> diff --git a/tools/testing/selftests/bpf/xdp_features.c  
> b/tools/testing/selftests/bpf/xdp_features.c
> new file mode 100644
> index 000000000000..10fad1243573
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/xdp_features.c
> @@ -0,0 +1,699 @@
> +// SPDX-License-Identifier: GPL-2.0
> +#include <uapi/linux/bpf.h>
> +#include <uapi/linux/netdev.h>
> +#include <linux/if_link.h>
> +#include <signal.h>
> +#include <argp.h>
> +#include <net/if.h>
> +#include <sys/socket.h>
> +#include <netinet/in.h>
> +#include <netinet/tcp.h>
> +#include <unistd.h>
> +#include <arpa/inet.h>
> +#include <bpf/bpf.h>
> +#include <bpf/libbpf.h>
> +#include <pthread.h>
> +
> +#include <network_helpers.h>
> +
> +#include "xdp_features.skel.h"
> +#include "xdp_features.h"
> +
> +#define RED(str)	"\033[0;31m" str "\033[0m"
> +#define GREEN(str)	"\033[0;32m" str "\033[0m"
> +#define YELLOW(str)	"\033[0;33m" str "\033[0m"
> +
> +static struct env {
> +	bool verbosity;
> +	int ifindex;
> +	bool is_tester;
> +	struct {
> +		enum netdev_xdp_act drv_feature;
> +		enum xdp_action action;
> +	} feature;
> +	struct sockaddr_storage dut_ctrl_addr;
> +	struct sockaddr_storage dut_addr;
> +	struct sockaddr_storage tester_addr;
> +} env;
> +
> +#define BUFSIZE		128
> +
> +void test__fail(void) { /* for network_helpers.c */ }
> +
> +static int libbpf_print_fn(enum libbpf_print_level level,
> +			   const char *format, va_list args)
> +{
> +	if (level == LIBBPF_DEBUG && !env.verbosity)
> +		return 0;
> +	return vfprintf(stderr, format, args);
> +}
> +
> +static volatile bool exiting;
> +
> +static void sig_handler(int sig)
> +{
> +	exiting = true;
> +}
> +
> +const char *argp_program_version = "xdp-features 0.0";
> +const char argp_program_doc[] =
> +"XDP features detecion application.\n"
> +"\n"
> +"XDP features application checks the XDP advertised features match  
> detected ones.\n"
> +"\n"
> +"USAGE: ./xdp-features [-vt] [-f <xdp-feature>] [-D <dut-data-ip>] [-T  
> <tester-data-ip>] [-C <dut-ctrl-ip>] <iface-name>\n"
> +"\n"
> +"dut-data-ip, tester-data-ip, dut-ctrl-ip: IPv6 or IPv4-mapped-IPv6  
> addresses;\n"
> +"\n"
> +"XDP features\n:"
> +"- XDP_PASS\n"
> +"- XDP_DROP\n"
> +"- XDP_ABORTED\n"
> +"- XDP_REDIRECT\n"
> +"- XDP_NDO_XMIT\n"
> +"- XDP_TX\n";
> +
> +static const struct argp_option opts[] = {
> +	{ "verbose", 'v', NULL, 0, "Verbose debug output" },
> +	{ "tester", 't', NULL, 0, "Tester mode" },
> +	{ "feature", 'f', "XDP-FEATURE", 0, "XDP feature to test" },
> +	{ "dut_data_ip", 'D', "DUT-DATA-IP", 0, "DUT IP data channel" },
> +	{ "dut_ctrl_ip", 'C', "DUT-CTRL-IP", 0, "DUT IP control channel" },
> +	{ "tester_data_ip", 'T', "TESTER-DATA-IP", 0, "Tester IP data channel"  
> },
> +	{},
> +};
> +
> +static int get_xdp_feature(const char *arg)
> +{
> +	if (!strcmp(arg, "XDP_PASS")) {
> +		env.feature.action = XDP_PASS;
> +		env.feature.drv_feature = NETDEV_XDP_ACT_BASIC;
> +	} else if (!strcmp(arg, "XDP_DROP")) {
> +		env.feature.drv_feature = NETDEV_XDP_ACT_BASIC;
> +		env.feature.action = XDP_DROP;
> +	} else if (!strcmp(arg, "XDP_ABORTED")) {
> +		env.feature.drv_feature = NETDEV_XDP_ACT_BASIC;
> +		env.feature.action = XDP_ABORTED;
> +	} else if (!strcmp(arg, "XDP_TX")) {
> +		env.feature.drv_feature = NETDEV_XDP_ACT_BASIC;
> +		env.feature.action = XDP_TX;
> +	} else if (!strcmp(arg, "XDP_REDIRECT")) {
> +		env.feature.drv_feature = NETDEV_XDP_ACT_REDIRECT;
> +		env.feature.action = XDP_REDIRECT;
> +	} else if (!strcmp(arg, "XDP_NDO_XMIT")) {
> +		env.feature.drv_feature = NETDEV_XDP_ACT_NDO_XMIT;
> +	} else {
> +		return -EINVAL;
> +	}
> +
> +	return 0;
> +}
> +
> +static char *get_xdp_feature_str(void)
> +{
> +	switch (env.feature.action) {
> +	case XDP_PASS:
> +		return YELLOW("XDP_PASS");
> +	case XDP_DROP:
> +		return YELLOW("XDP_DROP");
> +	case XDP_ABORTED:
> +		return YELLOW("XDP_ABORTED");
> +	case XDP_TX:
> +		return YELLOW("XDP_TX");
> +	case XDP_REDIRECT:
> +		return YELLOW("XDP_REDIRECT");
> +	default:
> +		break;
> +	}
> +
> +	if (env.feature.drv_feature == NETDEV_XDP_ACT_NDO_XMIT)
> +		return YELLOW("XDP_NDO_XMIT");
> +
> +	return "";
> +}
> +
> +static error_t parse_arg(int key, char *arg, struct argp_state *state)
> +{
> +	switch (key) {
> +	case 'v':
> +		env.verbosity = true;
> +		break;
> +	case 't':
> +		env.is_tester = true;
> +		break;
> +	case 'f':
> +		if (get_xdp_feature(arg) < 0) {
> +			fprintf(stderr, "Invalid xdp feature: %s\n", arg);
> +			argp_usage(state);
> +			return ARGP_ERR_UNKNOWN;
> +		}
> +		break;
> +	case 'D':
> +		if (make_sockaddr(AF_INET6, arg, DUT_ECHO_PORT,
> +				  &env.dut_addr, NULL)) {
> +			fprintf(stderr, "Invalid DUT address: %s\n", arg);
> +			return ARGP_ERR_UNKNOWN;
> +		}
> +		break;
> +	case 'C':
> +		if (make_sockaddr(AF_INET6, arg, DUT_CTRL_PORT,
> +				  &env.dut_ctrl_addr, NULL)) {
> +			fprintf(stderr, "Invalid DUT CTRL address: %s\n", arg);
> +			return ARGP_ERR_UNKNOWN;
> +		}
> +		break;
> +	case 'T':
> +		if (make_sockaddr(AF_INET6, arg, 0, &env.tester_addr, NULL)) {
> +			fprintf(stderr, "Invalid Tester address: %s\n", arg);
> +			return ARGP_ERR_UNKNOWN;
> +		}
> +		break;
> +	case ARGP_KEY_ARG:
> +		errno = 0;
> +		if (strlen(arg) >= IF_NAMESIZE) {
> +			fprintf(stderr, "Invalid device name: %s\n", arg);
> +			argp_usage(state);
> +			return ARGP_ERR_UNKNOWN;
> +		}
> +
> +		env.ifindex = if_nametoindex(arg);
> +		if (!env.ifindex)
> +			env.ifindex = strtoul(arg, NULL, 0);
> +		if (!env.ifindex) {
> +			fprintf(stderr,
> +				"Bad interface index or name (%d): %s\n",
> +				errno, strerror(errno));
> +			argp_usage(state);
> +			return ARGP_ERR_UNKNOWN;
> +		}
> +		break;
> +	default:
> +		return ARGP_ERR_UNKNOWN;
> +	}
> +
> +	return 0;
> +}
> +
> +static const struct argp argp = {
> +	.options = opts,
> +	.parser = parse_arg,
> +	.doc = argp_program_doc,
> +};
> +
> +static void set_env_default(void)
> +{
> +	env.feature.drv_feature = NETDEV_XDP_ACT_NDO_XMIT;
> +	env.feature.action = -EINVAL;
> +	env.ifindex = -ENODEV;
> +	make_sockaddr(AF_INET6, "::ffff:127.0.0.1", DUT_CTRL_PORT,
> +		      &env.dut_ctrl_addr, NULL);
> +	make_sockaddr(AF_INET6, "::ffff:127.0.0.1", DUT_ECHO_PORT,
> +		      &env.dut_addr, NULL);
> +	make_sockaddr(AF_INET6, "::ffff:127.0.0.1", 0, &env.tester_addr, NULL);
> +}
> +
> +static void *dut_echo_thread(void *arg)
> +{
> +	unsigned char buf[sizeof(struct tlv_hdr)];
> +	int sockfd = *(int *)arg;
> +
> +	while (!exiting) {
> +		struct tlv_hdr *tlv = (struct tlv_hdr *)buf;
> +		struct sockaddr_storage addr;
> +		socklen_t addrlen;
> +		size_t n;
> +
> +		n = recvfrom(sockfd, buf, sizeof(buf), MSG_WAITALL,
> +			     (struct sockaddr *)&addr, &addrlen);
> +		if (n != ntohs(tlv->len))
> +			continue;
> +
> +		if (ntohs(tlv->type) != CMD_ECHO)
> +			continue;
> +
> +		sendto(sockfd, buf, sizeof(buf), MSG_NOSIGNAL | MSG_CONFIRM,
> +		       (struct sockaddr *)&addr, addrlen);
> +	}
> +
> +	pthread_exit((void *)0);
> +	close(sockfd);
> +
> +	return NULL;
> +}
> +
> +static int dut_run_echo_thread(pthread_t *t, int *sockfd)
> +{
> +	int err;
> +
> +	sockfd = start_reuseport_server(AF_INET6, SOCK_DGRAM, NULL,
> +					DUT_ECHO_PORT, 0, 1);
> +	if (!sockfd) {
> +		fprintf(stderr, "Failed to create echo socket\n");
> +		return -errno;
> +	}
> +
> +	/* start echo channel */
> +	err = pthread_create(t, NULL, dut_echo_thread, sockfd);
> +	if (err) {
> +		fprintf(stderr, "Failed creating dut_echo thread: %s\n",
> +			strerror(-err));
> +		free_fds(sockfd, 1);
> +		return -EINVAL;
> +	}
> +
> +	return 0;
> +}
> +
> +static int dut_attach_xdp_prog(struct xdp_features *skel, int flags)
> +{
> +	enum xdp_action action = env.feature.action;
> +	struct bpf_program *prog;
> +	unsigned int key = 0;
> +	int err, fd = 0;
> +
> +	if (env.feature.drv_feature == NETDEV_XDP_ACT_NDO_XMIT) {
> +		struct bpf_devmap_val entry = {
> +			.ifindex = env.ifindex,
> +		};
> +
> +		err = bpf_map__update_elem(skel->maps.dev_map,
> +					   &key, sizeof(key),
> +					   &entry, sizeof(entry), 0);
> +		if (err < 0)
> +			return err;
> +
> +		fd = bpf_program__fd(skel->progs.xdp_do_redirect_cpumap);
> +		action = XDP_REDIRECT;
> +	}
> +
> +	switch (action) {
> +	case XDP_TX:
> +		prog = skel->progs.xdp_do_tx;
> +		break;
> +	case XDP_DROP:
> +		prog = skel->progs.xdp_do_drop;
> +		break;
> +	case XDP_ABORTED:
> +		prog = skel->progs.xdp_do_aborted;
> +		break;
> +	case XDP_PASS:
> +		prog = skel->progs.xdp_do_pass;
> +		break;
> +	case XDP_REDIRECT: {
> +		struct bpf_cpumap_val entry = {
> +			.qsize = 2048,
> +			.bpf_prog.fd = fd,
> +		};
> +
> +		err = bpf_map__update_elem(skel->maps.cpu_map,
> +					   &key, sizeof(key),
> +					   &entry, sizeof(entry), 0);
> +		if (err < 0)
> +			return err;
> +
> +		prog = skel->progs.xdp_do_redirect;
> +		break;
> +	}
> +	default:
> +		return -EINVAL;
> +	}
> +
> +	err = bpf_xdp_attach(env.ifindex, bpf_program__fd(prog), flags, NULL);
> +	if (err)
> +		fprintf(stderr,
> +			"Failed to attach XDP program to ifindex %d\n",
> +			env.ifindex);
> +	return err;
> +}
> +
> +static int recv_msg(int sockfd, void *buf, size_t bufsize, void *val,
> +		    size_t val_size)
> +{
> +	struct tlv_hdr *tlv = (struct tlv_hdr *)buf;
> +	size_t len;
> +
> +	len = recv(sockfd, buf, bufsize, 0);
> +	if (len != ntohs(tlv->len) || len < sizeof(*tlv))
> +		return -EINVAL;
> +
> +	if (val) {
> +		len -= sizeof(*tlv);
> +		if (len > val_size)
> +			return -ENOMEM;
> +
> +		memcpy(val, tlv->data, len);
> +	}
> +
> +	return 0;
> +}
> +
> +static int dut_run(struct xdp_features *skel)
> +{
> +	int flags = XDP_FLAGS_UPDATE_IF_NOEXIST | XDP_FLAGS_DRV_MODE;
> +	int state, err, *sockfd, ctrl_sockfd, echo_sockfd;
> +	struct sockaddr_storage ctrl_addr;
> +	pthread_t dut_thread;
> +	socklen_t addrlen;
> +
> +	sockfd = start_reuseport_server(AF_INET6, SOCK_STREAM, NULL,
> +					DUT_CTRL_PORT, 0, 1);
> +	if (!sockfd) {
> +		fprintf(stderr, "Failed to create DUT socket\n");
> +		return -errno;
> +	}
> +
> +	ctrl_sockfd = accept(*sockfd, (struct sockaddr *)&ctrl_addr, &addrlen);
> +	if (ctrl_sockfd < 0) {
> +		fprintf(stderr, "Failed to accept connection on DUT socket\n");
> +		free_fds(sockfd, 1);
> +		return -errno;
> +	}
> +
> +	/* CTRL loop */
> +	while (!exiting) {
> +		unsigned char buf[BUFSIZE] = {};
> +		struct tlv_hdr *tlv = (struct tlv_hdr *)buf;
> +
> +		err = recv_msg(ctrl_sockfd, buf, BUFSIZE, NULL, 0);
> +		if (err)
> +			continue;
> +
> +		switch (ntohs(tlv->type)) {
> +		case CMD_START: {
> +			if (state == CMD_START)
> +				continue;
> +
> +			state = CMD_START;
> +			/* Load the XDP program on the DUT */
> +			err = dut_attach_xdp_prog(skel, flags);
> +			if (err)
> +				goto out;
> +
> +			err = dut_run_echo_thread(&dut_thread, &echo_sockfd);
> +			if (err < 0)
> +				goto out;
> +
> +			tlv->type = htons(CMD_ACK);
> +			tlv->len = htons(sizeof(*tlv));
> +			err = send(ctrl_sockfd, buf, sizeof(*tlv), 0);
> +			if (err < 0)
> +				goto end_thread;
> +			break;
> +		}
> +		case CMD_STOP:
> +			if (state != CMD_START)
> +				break;
> +
> +			state = CMD_STOP;
> +
> +			exiting = true;
> +			bpf_xdp_detach(env.ifindex, flags, NULL);
> +
> +			tlv->type = htons(CMD_ACK);
> +			tlv->len = htons(sizeof(*tlv));
> +			err = send(ctrl_sockfd, buf, sizeof(*tlv), 0);
> +			goto end_thread;
> +		case CMD_GET_XDP_CAP: {
> +			LIBBPF_OPTS(bpf_xdp_query_opts, opts);
> +			unsigned long long val;
> +			size_t n;
> +
> +			err = bpf_xdp_query(env.ifindex, XDP_FLAGS_DRV_MODE,
> +					    &opts);
> +			if (err) {
> +				fprintf(stderr,
> +					"Failed to query XDP cap for ifindex %d\n",
> +					env.ifindex);
> +				goto end_thread;
> +			}
> +
> +			tlv->type = htons(CMD_ACK);
> +			n = sizeof(*tlv) + sizeof(opts.feature_flags);
> +			tlv->len = htons(n);
> +
> +			val = htobe64(opts.feature_flags);
> +			memcpy(tlv->data, &val, sizeof(val));
> +
> +			err = send(ctrl_sockfd, buf, n, 0);
> +			if (err < 0)
> +				goto end_thread;
> +			break;
> +		}
> +		case CMD_GET_STATS: {
> +			unsigned int key = 0, val;
> +			size_t n;
> +
> +			err = bpf_map__lookup_elem(skel->maps.dut_stats,
> +						   &key, sizeof(key),
> +						   &val, sizeof(val), 0);
> +			if (err) {
> +				fprintf(stderr, "bpf_map_lookup_elem failed\n");
> +				goto end_thread;
> +			}
> +
> +			tlv->type = htons(CMD_ACK);
> +			n = sizeof(*tlv) + sizeof(val);
> +			tlv->len = htons(n);
> +
> +			val = htonl(val);
> +			memcpy(tlv->data, &val, sizeof(val));
> +
> +			err = send(ctrl_sockfd, buf, n, 0);
> +			if (err < 0)
> +				goto end_thread;
> +			break;
> +		}
> +		default:
> +			break;
> +		}
> +	}
> +
> +end_thread:
> +	pthread_join(dut_thread, NULL);
> +out:
> +	bpf_xdp_detach(env.ifindex, flags, NULL);
> +	close(ctrl_sockfd);
> +	free_fds(sockfd, 1);
> +
> +	return err;
> +}
> +
> +static bool tester_collect_detected_cap(struct xdp_features *skel,
> +					unsigned int dut_stats)
> +{
> +	unsigned int err, key = 0, val;
> +
> +	if (!dut_stats)
> +		return false;
> +
> +	err = bpf_map__lookup_elem(skel->maps.stats, &key, sizeof(key),
> +				   &val, sizeof(val), 0);
> +	if (err) {
> +		fprintf(stderr, "bpf_map_lookup_elem failed\n");
> +		return false;
> +	}
> +
> +	switch (env.feature.action) {
> +	case XDP_PASS:
> +	case XDP_TX:
> +	case XDP_REDIRECT:
> +		return val > 0;
> +	case XDP_DROP:
> +	case XDP_ABORTED:
> +		return val == 0;
> +	default:
> +		break;
> +	}
> +
> +	if (env.feature.drv_feature == NETDEV_XDP_ACT_NDO_XMIT)
> +		return val > 0;
> +
> +	return false;
> +}
> +
> +static int send_and_recv_msg(int sockfd, enum test_commands cmd, void  
> *val,
> +			     size_t val_size)
> +{
> +	unsigned char buf[BUFSIZE] = {};
> +	struct tlv_hdr *tlv = (struct tlv_hdr *)buf;
> +	int err;
> +
> +	tlv->type = htons(cmd);
> +	tlv->len = htons(sizeof(*tlv));
> +
> +	err = send(sockfd, buf, sizeof(*tlv), 0);
> +	if (err < 0)
> +		return err;
> +
> +	err = recv_msg(sockfd, buf, BUFSIZE, val, val_size);
> +	if (err < 0)
> +		return err;
> +
> +	return ntohs(tlv->type) == CMD_ACK ? 0 : -EINVAL;
> +}
> +
> +static int send_echo_msg(void)
> +{
> +	unsigned char buf[sizeof(struct tlv_hdr)];
> +	struct tlv_hdr *tlv = (struct tlv_hdr *)buf;
> +	int sockfd, n;
> +
> +	sockfd = socket(AF_INET6, SOCK_DGRAM, 0);
> +	if (sockfd < 0) {
> +		fprintf(stderr, "Failed to create echo socket\n");
> +		return -errno;
> +	}
> +
> +	tlv->type = htons(CMD_ECHO);
> +	tlv->len = htons(sizeof(*tlv));
> +
> +	n = sendto(sockfd, buf, sizeof(*tlv), MSG_NOSIGNAL | MSG_CONFIRM,
> +		   (struct sockaddr *)&env.dut_addr, sizeof(env.dut_addr));
> +	close(sockfd);
> +
> +	return n == ntohs(tlv->len) ? 0 : -EINVAL;
> +}
> +
> +static int tester_run(struct xdp_features *skel)
> +{
> +	int flags = XDP_FLAGS_UPDATE_IF_NOEXIST | XDP_FLAGS_DRV_MODE;
> +	unsigned long long advertised_feature;
> +	struct bpf_program *prog;
> +	unsigned int stats;
> +	int i, err, sockfd;
> +	bool detected_cap;
> +
> +	sockfd = socket(AF_INET6, SOCK_STREAM, 0);
> +	if (sockfd < 0) {
> +		fprintf(stderr, "Failed to create tester socket\n");
> +		return -errno;
> +	}
> +
> +	if (settimeo(sockfd, 1000) < 0)
> +		return -EINVAL;
> +
> +	err = connect(sockfd, (struct sockaddr *)&env.dut_ctrl_addr,
> +		      sizeof(env.dut_ctrl_addr));
> +	if (err) {
> +		fprintf(stderr, "Failed to connect to the DUT\n");
> +		return -errno;
> +	}
> +
> +	err = send_and_recv_msg(sockfd, CMD_GET_XDP_CAP, &advertised_feature,
> +				sizeof(advertised_feature));
> +	if (err < 0) {
> +		close(sockfd);
> +		return err;
> +	}
> +
> +	advertised_feature = be64toh(advertised_feature);
> +
> +	if (env.feature.drv_feature == NETDEV_XDP_ACT_NDO_XMIT ||
> +	    env.feature.action == XDP_TX)
> +		prog = skel->progs.xdp_tester_check_tx;
> +	else
> +		prog = skel->progs.xdp_tester_check_rx;
> +
> +	err = bpf_xdp_attach(env.ifindex, bpf_program__fd(prog), flags, NULL);
> +	if (err) {
> +		fprintf(stderr, "Failed to attach XDP program to ifindex %d\n",
> +			env.ifindex);
> +		goto out;
> +	}
> +
> +	err = send_and_recv_msg(sockfd, CMD_START, NULL, 0);
> +	if (err)
> +		goto out;
> +
> +	for (i = 0; i < 10 && !exiting; i++) {
> +		err = send_echo_msg();
> +		if (err < 0)
> +			goto out;
> +
> +		sleep(1);
> +	}
> +
> +	err = send_and_recv_msg(sockfd, CMD_GET_STATS, &stats, sizeof(stats));
> +	if (err)
> +		goto out;
> +
> +	/* stop the test */
> +	err = send_and_recv_msg(sockfd, CMD_STOP, NULL, 0);
> +	/* send a new echo message to wake echo thread of the dut */
> +	send_echo_msg();
> +
> +	detected_cap = tester_collect_detected_cap(skel, ntohl(stats));
> +
> +	fprintf(stdout, "Feature %s: [%s][%s]\n", get_xdp_feature_str(),
> +		detected_cap ? GREEN("DETECTED") : RED("NOT DETECTED"),
> +		env.feature.drv_feature & advertised_feature ? GREEN("ADVERTISED")
> +							     : RED("NOT ADVERTISED"));
> +out:
> +	bpf_xdp_detach(env.ifindex, flags, NULL);
> +	close(sockfd);
> +	return err < 0 ? err : 0;
> +}
> +
> +int main(int argc, char **argv)
> +{
> +	struct xdp_features *skel;
> +	int err;
> +
> +	libbpf_set_strict_mode(LIBBPF_STRICT_ALL);
> +	libbpf_set_print(libbpf_print_fn);
> +
> +	signal(SIGINT, sig_handler);
> +	signal(SIGTERM, sig_handler);
> +
> +	set_env_default();
> +
> +	/* Parse command line arguments */
> +	err = argp_parse(&argp, argc, argv, 0, NULL, NULL);
> +	if (err)
> +		return err;
> +
> +	if (env.ifindex < 0) {
> +		fprintf(stderr, "Invalid ifindex\n");
> +		return -ENODEV;
> +	}
> +
> +	/* Load and verify BPF application */
> +	skel = xdp_features__open();
> +	if (!skel) {
> +		fprintf(stderr, "Failed to open and load BPF skeleton\n");
> +		return -EINVAL;
> +	}
> +
> +	skel->rodata->tester_addr =
> +		((struct sockaddr_in6 *)&env.tester_addr)->sin6_addr;
> +	skel->rodata->dut_addr =
> +		((struct sockaddr_in6 *)&env.dut_addr)->sin6_addr;
> +
> +	/* Load & verify BPF programs */
> +	err = xdp_features__load(skel);
> +	if (err) {
> +		fprintf(stderr, "Failed to load and verify BPF skeleton\n");
> +		goto cleanup;
> +	}
> +
> +	err = xdp_features__attach(skel);
> +	if (err) {
> +		fprintf(stderr, "Failed to attach BPF skeleton\n");
> +		goto cleanup;
> +	}
> +
> +	if (env.is_tester) {
> +		/* Tester */
> +		fprintf(stdout, "Starting tester on device %d\n", env.ifindex);
> +		err = tester_run(skel);
> +	} else {
> +		/* DUT */
> +		fprintf(stdout, "Starting DUT on device %d\n", env.ifindex);
> +		err = dut_run(skel);
> +	}
> +
> +cleanup:
> +	xdp_features__destroy(skel);
> +
> +	return err < 0 ? -err : 0;
> +}
> diff --git a/tools/testing/selftests/bpf/xdp_features.h  
> b/tools/testing/selftests/bpf/xdp_features.h
> new file mode 100644
> index 000000000000..2670c541713b
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/xdp_features.h
> @@ -0,0 +1,20 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +
> +/* test commands */
> +enum test_commands {
> +	CMD_STOP,		/* CMD */
> +	CMD_START,		/* CMD */
> +	CMD_ECHO,		/* CMD */
> +	CMD_ACK,		/* CMD + data */
> +	CMD_GET_XDP_CAP,	/* CMD */
> +	CMD_GET_STATS,		/* CMD */
> +};
> +
> +#define DUT_CTRL_PORT	12345
> +#define DUT_ECHO_PORT	12346
> +
> +struct tlv_hdr {
> +	__be16 type;
> +	__be16 len;
> +	__u8 data[];
> +};
> --
> 2.39.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ