lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8501fbbb7c61b62844c2f7e7fa5d7be3ee3aa259.1718138187.git.zhuyifei@google.com>
Date: Tue, 11 Jun 2024 20:42:47 +0000
From: YiFei Zhu <zhuyifei@...gle.com>
To: netdev@...r.kernel.org, bpf@...r.kernel.org
Cc: "Björn Töpel" <bjorn@...nel.org>, Magnus Karlsson <magnus.karlsson@...el.com>, 
	Maciej Fijalkowski <maciej.fijalkowski@...el.com>, Jonathan Lemon <jonathan.lemon@...il.com>, 
	Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, 
	"David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, 
	Jesper Dangaard Brouer <hawk@...nel.org>, John Fastabend <john.fastabend@...il.com>, 
	Andrii Nakryiko <andrii@...nel.org>, Stanislav Fomichev <sdf@...gle.com>, 
	Willem de Bruijn <willemb@...gle.com>
Subject: [RFC PATCH net-next 3/3] selftests: drv-net: Add xsk_hw AF_XDP
 functionality test

Run tools/testing/selftest/bpf/xsk_hw.c as part of drv-net.

A matrix of TX/RX, copy/zerocopy, and driver mode / skb mode, are
tested. Additionally, it tests some edge cases such as:
- Zerocopy TX with and without attaching an XDP prog.
- Zerocopy RX where binding happens before fillq gets filled.

TX and RX are tested separately, and the remote side always runs
the basic AF_PACKET handler rather than AF_XDP, in order to
isolate potential causes of test failures.

Currently the next-hop MAC address of each side must be manually
specified via LOCAL_NEXTHOP_MAC & REMOTE_NEXTHOP_MAC. It's probably
doable to detect these addresses automatically, but it's future work,
and probably library code since it is also applicable to csum.py.

Signed-off-by: YiFei Zhu <zhuyifei@...gle.com>
---
 .../testing/selftests/drivers/net/hw/Makefile |   1 +
 .../selftests/drivers/net/hw/xsk_hw.py        | 133 ++++++++++++++++++
 2 files changed, 134 insertions(+)
 create mode 100755 tools/testing/selftests/drivers/net/hw/xsk_hw.py

diff --git a/tools/testing/selftests/drivers/net/hw/Makefile b/tools/testing/selftests/drivers/net/hw/Makefile
index 4933d045ab66..e4647ba126a1 100644
--- a/tools/testing/selftests/drivers/net/hw/Makefile
+++ b/tools/testing/selftests/drivers/net/hw/Makefile
@@ -11,6 +11,7 @@ TEST_PROGS = \
 	hw_stats_l3_gre.sh \
 	loopback.sh \
 	pp_alloc_fail.py \
+	xsk_hw.py \
 	#
 
 TEST_FILES := \
diff --git a/tools/testing/selftests/drivers/net/hw/xsk_hw.py b/tools/testing/selftests/drivers/net/hw/xsk_hw.py
new file mode 100755
index 000000000000..f8ccbb0134b9
--- /dev/null
+++ b/tools/testing/selftests/drivers/net/hw/xsk_hw.py
@@ -0,0 +1,133 @@
+#!/usr/bin/env python3
+# SPDX-License-Identifier: GPL-2.0
+
+"""Run the tools/testing/selftests/net/xsk_hw testsuite."""
+
+from os import path
+
+from lib.py import ksft_run, ksft_exit, KsftSkipEx
+from lib.py import NetdevFamily, NetDrvEpEnv
+from lib.py import bkg, cmd, ip, wait_port_listen
+
+
+def build_shared_args(cfg, ipv4):
+    """Build common arguments between test cases."""
+    if ipv4:
+        proto, local_addr, remote_addr = "-4", cfg.v4, cfg.remote_v4
+    else:
+        proto, local_addr, remote_addr = "-6", cfg.v6, cfg.remote_v6
+
+    local_args = (f"{proto} -i {cfg.ifname} -S {local_addr} -D {remote_addr} "
+                     f"-m ${cfg.mac_local} -M ${cfg.mac_nexthop_local}")
+    remote_args = (f"{proto} -i {cfg.ifname} -S {remote_addr} -D {local_addr} "
+                      f"-m ${cfg.mac_remote} -M ${cfg.mac_nexthop_remote}")
+
+    return local_args, remote_args
+
+
+def test_receive(cfg, ipv4, extra_args):
+    """Test local XSK receive. Remote host sends crafted packets."""
+    local_args, remote_args = build_shared_args(cfg, ipv4)
+
+    rx_cmd = f"{cfg.bin_local} -h {local_args} {extra_args}"
+    tx_cmd = f"{cfg.bin_remote} {remote_args}"
+
+    with bkg(rx_cmd, exit_wait=True, fail=True):
+        wait_port_listen(8000, proto="udp")
+        cmd(tx_cmd, host=cfg.remote)
+
+
+def test_transmit(cfg, ipv4, extra_args):
+    """Test local XSK transmit. Remote host verifies packets."""
+    local_args, remote_args = build_shared_args(cfg, ipv4)
+
+    rx_cmd = f"{cfg.bin_remote} -h -i {cfg.ifname} {remote_args}"
+    tx_cmd = f"{cfg.bin_local} -i {cfg.ifname} {local_args} {extra_args}"
+
+    with bkg(rx_cmd, host=cfg.remote, exit_wait=True, fail=True):
+        wait_port_listen(8000, proto="udp", host=cfg.remote)
+        cmd(tx_cmd)
+
+
+def test_builder(name, cfg, ipv4, tx, extra_args="", required_features=()):
+    """Construct specific tests from the common template.
+
+       Most tests follow the same basic pattern, differing only in
+       the direction of the test, the required XDP features, and
+       flags passed to xsk_hw."""
+    def f(cfg):
+        if ipv4:
+            cfg.require_v4()
+        else:
+            cfg.require_v6()
+
+        if not cfg.have_xdp_features.issuperset(required_features):
+            raise KsftSkipEx(f"Test requires XDP features {required_features}, "
+                             f"got: {cfg.have_xdp_features}")
+
+        if tx:
+            test_transmit(cfg, ipv4, extra_args)
+        else:
+            test_receive(cfg, ipv4, extra_args)
+
+    if ipv4:
+        f.__name__ = "ipv4_" + name
+    else:
+        f.__name__ = "ipv6_" + name
+    return f
+
+
+def check_nic_features(cfg) -> None:
+    """Populate device supported XDP features from netdev netlink.
+
+       If the device does not support any of the required features, then skip
+       the relevant tests."""
+    features = NetdevFamily().dev_get({"ifindex": cfg.ifindex})
+    cfg.have_xdp_features = features["xdp-features"]
+
+
+def main() -> None:
+    with NetDrvEpEnv(__file__, nsim_test=False) as cfg:
+        check_nic_features(cfg)
+
+        cfg.bin_local = path.abspath(path.dirname(__file__) + "/../../../bpf/xsk_hw")
+        cfg.bin_remote = cfg.remote.deploy(cfg.bin_local)
+
+        cfg.mac_local = cfg.dev["address"]
+        cfg.mac_remote = ip(f"link show dev {cfg.ifname}",
+                            host=cfg.remote, json=True)[0]["address"]
+
+        cfg.mac_nexthop_local = cfg.env["LOCAL_NEXTHOP_MAC"]
+        cfg.mac_nexthop_remote = cfg.env["REMOTE_NEXTHOP_MAC"]
+
+        cases = []
+        for ipv4 in [True, False]:
+            # Basic test with AF_PACKET on both ends
+            cases.append(test_builder("basic", cfg, ipv4, False))
+
+            cases.append(test_builder("tx_skb_copy", cfg, ipv4, True, "-T -s -c"))
+            cases.append(test_builder("tx_skb_copy_force_attach", cfg, ipv4, True, "-TT -s -c"))
+            cases.append(test_builder("rx_skb_copy", cfg, ipv4, False, "-R -s -c"))
+
+            cases.append(test_builder("tx_drv_copy", cfg, ipv4, True, "-T -d -c",
+                                      {"basic", "ndo-xmit"}))
+            cases.append(test_builder("tx_drv_copy_force_attach", cfg, ipv4, True, "-TT -d -c",
+                                      {"basic", "ndo-xmit"}))
+            cases.append(test_builder("rx_drv_copy", cfg, ipv4, False, "-R -d -c",
+                                      {"basic", "redirect"}))
+
+            cases.append(test_builder("tx_drv_zerocopy", cfg, ipv4, True, "-T -d -z",
+                                      {"basic", "xsk-zerocopy", "ndo-xmit"}))
+            cases.append(test_builder("tx_drv_zerocopy_force_attach", cfg, ipv4, True, "-TT -d -z",
+                                      {"basic", "xsk-zerocopy", "ndo-xmit"}))
+            cases.append(test_builder("rx_drv_zerocopy", cfg, ipv4, False, "-R -d -z",
+                                      {"basic", "xsk-zerocopy", "redirect"}))
+            cases.append(test_builder("rx_drv_zerocopy_fill_after_bind", cfg, ipv4, False, "-R -d -z -f",
+                                      {"basic", "xsk-zerocopy", "redirect"}))
+
+        ksft_run(cases=cases, args=(cfg, ))
+    ksft_exit()
+
+
+if __name__ == "__main__":
+    main()
-- 
2.45.2.505.gda0bf45e8d-goog


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ