diff mbox series

[2/3] selftests/bpf: Migrate test_xdp_redirect.sh to xdp_do_redirect.c

Message ID 20250103-xdp_redirect-v1-2-e93099f59069@bootlin.com
State New
Headers show
Series selftests: bpf: Migrate test_xdp_redirect.sh to test_progs | expand

Commit Message

Bastien Curutchet (eBPF Foundation) Jan. 3, 2025, 10:10 a.m. UTC
test_xdp_redirect.sh can't be used by the BPF CI.

Migrate test_xdp_redirect.sh into two new test cases in
xdp_do_redirect.c. They use the same network topology and the same BPF
programs located in progs/test_xdp_redirect.c and progs/xdp_dummy.c.
Remove test_xdp_redirect.sh and its Makefile entry.

Signed-off-by: Bastien Curutchet (eBPF Foundation) <bastien.curutchet@bootlin.com>
---
 tools/testing/selftests/bpf/Makefile               |   1 -
 .../selftests/bpf/prog_tests/xdp_do_redirect.c     | 193 +++++++++++++++++++++
 tools/testing/selftests/bpf/test_xdp_redirect.sh   |  79 ---------
 3 files changed, 193 insertions(+), 80 deletions(-)

Comments

Bastien Curutchet (eBPF Foundation) Jan. 6, 2025, 7:54 a.m. UTC | #1
Hi Alexis,

On 1/3/25 1:54 PM, Alexis Lothoré wrote:
> Hi Bastien,
> 
> On 1/3/25 11:10, Bastien Curutchet (eBPF Foundation) wrote:
> 
> [...]
> 
>> +		SYS(fail, "ip link add veth%d index %d%d%d type veth peer name veth0 netns %s",
>> +		    i, i, i, i, ns_name);
> 
> nit: since you have to run an ip command through SYS anyway, you can reduce the
> open ns/run command/close ns dance (and all the resulting error checks) by
> running directly `SYS("ip netns exec %s ip link add [...]", NS0, [...])`
> 
> [...]
> 

True, thanks.

>> +	ret = bpf_xdp_attach(if_nametoindex("veth2"),
>> +			     bpf_program__fd(prog_to_111),
>> +			     data->xdp_flags, NULL);
> 
> nit: since we are setting static if index at veth creation (which looks needed
> for this test), the if_nametoindex could be replaced by the corresponding index,
> which could be directly a define
> 

Also true, thanks.

>> +	if (!ASSERT_GE(ret, 0, "bpf_xdp_attach"))
>> +		goto close;
>> +
>> +	ret = bpf_xdp_attach(if_nametoindex("veth1"),
>> +			     bpf_program__fd(prog_to_222),
>> +			     data->xdp_flags, NULL);
>> +	if (!ASSERT_GE(ret, 0, "bpf_xdp_attach"))
>> +		goto close;
>> +
>> +	close_netns(nstoken);
>> +
>> +	nstoken = open_netns(NS1);
>> +	if (!ASSERT_OK_PTR(nstoken, "open NS1"))
>> +		goto close;
>> +
>> +	SYS(close, "ping -c 1 %s.2", IPV4_NETWORK);
>> +
>> +	close_netns(nstoken);
>> +
>> +	nstoken = open_netns(NS2);
>> +	if (!ASSERT_OK_PTR(nstoken, "open NS2"))
>> +		goto close;
>> +
>> +	SYS(close, "ping -c 1 %s.1", IPV4_NETWORK);
> 
> Is it really useful to check ping originating from both interfaces, isn´t a
> single ping able to stimulate programs attached to both veth0 ?
> 

Indeed, I think a single ping would be enough, I just wanted to stick 
with what test_xdp_redirect.sh does.

> Aside from those minor points, LGTM :)
> 

Best regards,
Bastien
Bastien Curutchet (eBPF Foundation) Jan. 6, 2025, 8:24 a.m. UTC | #2
Hi again,

On 1/3/25 2:17 PM, Alexis Lothoré wrote:
> On 1/3/25 11:10, Bastien Curutchet (eBPF Foundation) wrote:
>> test_xdp_redirect.sh can't be used by the BPF CI.
> 
>> +	dummy_prog = bpf_object__find_program_by_name(skel_dummy->obj, "xdp_dummy_prog");
> Also missed this one: why not using directly skel_dummy->progs.xdp_dummy_prog ?
> (same for all progs below)
> 

Indeed, that would be more straightforward

Thanks,
Bastien
Martin KaFai Lau Jan. 7, 2025, 7:48 p.m. UTC | #3
On 1/3/25 2:10 AM, Bastien Curutchet (eBPF Foundation) wrote:
> +static int ping_setup(struct test_data *data)
> +{
> +	struct nstoken *nstoken = NULL;
> +	int i;
> +
> +	data->ns[0] = netns_new(NS0, false);
> +	if (!ASSERT_OK_PTR(data->ns[0], "create ns"))
> +		return -1;
> +
> +	for (i = 1; i < NS_NB; i++) {
> +		char ns_name[4] = {};
> +
> +		snprintf(ns_name, 4, "NS%d", i);
> +		data->ns[i] = netns_new(ns_name, false);
> +		if (!ASSERT_OK_PTR(data->ns[i], "create ns"))
> +			goto fail;
> +
> +		nstoken = open_netns(NS0);
> +		if (!ASSERT_OK_PTR(nstoken, "open NS0"))
> +			goto fail;
> +
> +		SYS(fail, "ip link add veth%d index %d%d%d type veth peer name veth0 netns %s",
> +		    i, i, i, i, ns_name);
> +		SYS(fail, "ip link set veth%d up", i);
> +		close_netns(nstoken);
> +
> +		nstoken = open_netns(ns_name);
> +		if (!ASSERT_OK_PTR(nstoken, "open ns"))
> +			goto fail;
> +
> +		SYS(fail, "ip addr add %s.%d/24 dev veth0", IPV4_NETWORK, i);
> +		SYS(fail, "ip link set veth0 up");
> +		close_netns(nstoken);

		nstoken = NULL;

Otherwise, the other "goto fail;" of this loop will close and free the already 
closed nstoken again.

Some of the other close_netns(nstoken) in this patch may have similar issue.

> +	}
> +
> +	return 0;
> +
> +fail:
> +	close_netns(nstoken);
> +	cleanup(data);
> +	return -1;
> +}
diff mbox series

Patch

diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile
index 9e870e519c30e4a241ce05491743e1784af2bd8b..3cf571ccbde6e13535c1d199759221804710b9ff 100644
--- a/tools/testing/selftests/bpf/Makefile
+++ b/tools/testing/selftests/bpf/Makefile
@@ -127,7 +127,6 @@  TEST_FILES = xsk_prereqs.sh $(wildcard progs/btf_dump_test_case_*.c)
 
 # Order correspond to 'make run_tests' order
 TEST_PROGS := test_kmod.sh \
-	test_xdp_redirect.sh \
 	test_xdp_redirect_multi.sh \
 	test_xdp_meta.sh \
 	test_tunnel.sh \
diff --git a/tools/testing/selftests/bpf/prog_tests/xdp_do_redirect.c b/tools/testing/selftests/bpf/prog_tests/xdp_do_redirect.c
index d12f926b4b8b1fcbc2a88ef7e3bd20ef2cbbd72c..47b0ea84ae57b2c6ba3388ba865bfdf4bbe2146c 100644
--- a/tools/testing/selftests/bpf/prog_tests/xdp_do_redirect.c
+++ b/tools/testing/selftests/bpf/prog_tests/xdp_do_redirect.c
@@ -11,6 +11,8 @@ 
 #include <bpf/bpf_endian.h>
 #include <uapi/linux/netdev.h>
 #include "test_xdp_do_redirect.skel.h"
+#include "test_xdp_redirect.skel.h"
+#include "xdp_dummy.skel.h"
 
 struct udp_packet {
 	struct ethhdr eth;
@@ -246,3 +248,194 @@  void test_xdp_do_redirect(void)
 	SYS_NOFAIL("ip netns del testns");
 	test_xdp_do_redirect__destroy(skel);
 }
+
+#define NS_NB		3
+#define NS0		"NS0"
+#define NS1		"NS1"
+#define NS2		"NS2"
+#define IPV4_NETWORK	"10.1.1"
+
+struct test_data {
+	struct netns_obj *ns[NS_NB];
+	u32 xdp_flags;
+};
+
+static void cleanup(struct test_data *data)
+{
+	int i;
+
+	for (i = 0; i < NS_NB; i++)
+		netns_free(data->ns[i]);
+}
+
+/**
+ * ping_setup -
+ * Create two veth peers and forward packets in-between using XDP
+ *
+ *    ------------           ------------
+ *    |    NS1   |           |    NS2   |
+ *    |   veth0  |           |   veth0  |
+ *    | 10.1.1.1 |           | 10.1.1.2 |
+ *    -----|------           ------|-----
+ *         |                       |
+ *         |                       |
+ *    -----|-----------------------|-------
+ *    |  veth1                   veth2    |
+ *    | (id:111)                (id:222)  |
+ *    |    |                        |     |
+ *    |    ----- xdp forwarding -----     |
+ *    |                                   |
+ *    |               NS0                 |
+ *    -------------------------------------
+ */
+static int ping_setup(struct test_data *data)
+{
+	struct nstoken *nstoken = NULL;
+	int i;
+
+	data->ns[0] = netns_new(NS0, false);
+	if (!ASSERT_OK_PTR(data->ns[0], "create ns"))
+		return -1;
+
+	for (i = 1; i < NS_NB; i++) {
+		char ns_name[4] = {};
+
+		snprintf(ns_name, 4, "NS%d", i);
+		data->ns[i] = netns_new(ns_name, false);
+		if (!ASSERT_OK_PTR(data->ns[i], "create ns"))
+			goto fail;
+
+		nstoken = open_netns(NS0);
+		if (!ASSERT_OK_PTR(nstoken, "open NS0"))
+			goto fail;
+
+		SYS(fail, "ip link add veth%d index %d%d%d type veth peer name veth0 netns %s",
+		    i, i, i, i, ns_name);
+		SYS(fail, "ip link set veth%d up", i);
+		close_netns(nstoken);
+
+		nstoken = open_netns(ns_name);
+		if (!ASSERT_OK_PTR(nstoken, "open ns"))
+			goto fail;
+
+		SYS(fail, "ip addr add %s.%d/24 dev veth0", IPV4_NETWORK, i);
+		SYS(fail, "ip link set veth0 up");
+		close_netns(nstoken);
+	}
+
+	return 0;
+
+fail:
+	close_netns(nstoken);
+	cleanup(data);
+	return -1;
+}
+
+static void ping_test(struct test_data *data)
+{
+	struct bpf_program *prog_to_111, *prog_to_222, *dummy_prog;
+	struct test_xdp_redirect *skel = NULL;
+	struct xdp_dummy *skel_dummy = NULL;
+	struct nstoken *nstoken = NULL;
+	int i, ret;
+
+	skel_dummy = xdp_dummy__open_and_load();
+	if (!ASSERT_OK_PTR(skel_dummy, "open and load xdp_dummy skeleton"))
+		goto close;
+
+	dummy_prog = bpf_object__find_program_by_name(skel_dummy->obj, "xdp_dummy_prog");
+	if (!ASSERT_OK_PTR(dummy_prog, "get dummy_prog"))
+		goto close;
+
+	for (i = 1; i < NS_NB; i++) {
+		char ns_name[4] = {};
+
+		snprintf(ns_name, 4, "NS%d", i);
+		nstoken = open_netns(ns_name);
+		if (!ASSERT_OK_PTR(nstoken, "open ns"))
+			goto close;
+
+		ret = bpf_xdp_attach(if_nametoindex("veth0"),
+				     bpf_program__fd(dummy_prog),
+				     data->xdp_flags, NULL);
+		if (!ASSERT_GE(ret, 0, "bpf_xdp_attach dummy_prog"))
+			goto close;
+
+		close_netns(nstoken);
+	}
+
+	skel = test_xdp_redirect__open_and_load();
+	if (!ASSERT_OK_PTR(skel, "open and load skeleton"))
+		goto close;
+
+	prog_to_111 = bpf_object__find_program_by_name(skel->obj, "xdp_redirect_to_111");
+	if (!ASSERT_OK_PTR(prog_to_111, "get redirect_to_111 prog"))
+		goto close;
+
+	prog_to_222 = bpf_object__find_program_by_name(skel->obj, "xdp_redirect_to_222");
+	if (!ASSERT_OK_PTR(prog_to_222, "get redirect_to_222 prog"))
+		goto close;
+
+	nstoken = open_netns(NS0);
+	if (!ASSERT_OK_PTR(nstoken, "open NS0"))
+		goto close;
+
+	ret = bpf_xdp_attach(if_nametoindex("veth2"),
+			     bpf_program__fd(prog_to_111),
+			     data->xdp_flags, NULL);
+	if (!ASSERT_GE(ret, 0, "bpf_xdp_attach"))
+		goto close;
+
+	ret = bpf_xdp_attach(if_nametoindex("veth1"),
+			     bpf_program__fd(prog_to_222),
+			     data->xdp_flags, NULL);
+	if (!ASSERT_GE(ret, 0, "bpf_xdp_attach"))
+		goto close;
+
+	close_netns(nstoken);
+
+	nstoken = open_netns(NS1);
+	if (!ASSERT_OK_PTR(nstoken, "open NS1"))
+		goto close;
+
+	SYS(close, "ping -c 1 %s.2", IPV4_NETWORK);
+
+	close_netns(nstoken);
+
+	nstoken = open_netns(NS2);
+	if (!ASSERT_OK_PTR(nstoken, "open NS2"))
+		goto close;
+
+	SYS(close, "ping -c 1 %s.1", IPV4_NETWORK);
+
+close:
+	close_netns(nstoken);
+	xdp_dummy__destroy(skel_dummy);
+	test_xdp_redirect__destroy(skel);
+}
+
+
+void test_xdp_generic_redirect_ping(void)
+{
+	struct test_data data = {};
+
+	if (ping_setup(&data) < 0)
+		return;
+
+	data.xdp_flags = XDP_FLAGS_SKB_MODE;
+	ping_test(&data);
+	cleanup(&data);
+}
+
+void test_xdp_drv_redirect_ping(void)
+{
+	struct test_data data = {};
+
+	if (ping_setup(&data) < 0)
+		return;
+
+	data.xdp_flags = XDP_FLAGS_DRV_MODE;
+	ping_test(&data);
+	cleanup(&data);
+}
+
diff --git a/tools/testing/selftests/bpf/test_xdp_redirect.sh b/tools/testing/selftests/bpf/test_xdp_redirect.sh
deleted file mode 100755
index 3c61a1c22b084aa5ca824ec5e8057aa2fee12b71..0000000000000000000000000000000000000000
--- a/tools/testing/selftests/bpf/test_xdp_redirect.sh
+++ /dev/null
@@ -1,79 +0,0 @@ 
-#!/bin/bash
-# Create 2 namespaces with two veth peers, and
-# forward packets in-between using generic XDP
-#
-# NS1(veth11)     NS2(veth22)
-#     |               |
-#     |               |
-#   (veth1, ------ (veth2,
-#   id:111)         id:222)
-#     | xdp forwarding |
-#     ------------------
-
-readonly NS1="ns1-$(mktemp -u XXXXXX)"
-readonly NS2="ns2-$(mktemp -u XXXXXX)"
-ret=0
-
-setup()
-{
-
-	local xdpmode=$1
-
-	ip netns add ${NS1}
-	ip netns add ${NS2}
-
-	ip link add veth1 index 111 type veth peer name veth11 netns ${NS1}
-	ip link add veth2 index 222 type veth peer name veth22 netns ${NS2}
-
-	ip link set veth1 up
-	ip link set veth2 up
-	ip -n ${NS1} link set dev veth11 up
-	ip -n ${NS2} link set dev veth22 up
-
-	ip -n ${NS1} addr add 10.1.1.11/24 dev veth11
-	ip -n ${NS2} addr add 10.1.1.22/24 dev veth22
-}
-
-cleanup()
-{
-	ip link del veth1 2> /dev/null
-	ip link del veth2 2> /dev/null
-	ip netns del ${NS1} 2> /dev/null
-	ip netns del ${NS2} 2> /dev/null
-}
-
-test_xdp_redirect()
-{
-	local xdpmode=$1
-
-	setup
-
-	ip link set dev veth1 $xdpmode off &> /dev/null
-	if [ $? -ne 0 ];then
-		echo "selftests: test_xdp_redirect $xdpmode [SKIP]"
-		return 0
-	fi
-
-	ip -n ${NS1} link set veth11 $xdpmode obj xdp_dummy.bpf.o sec xdp &> /dev/null
-	ip -n ${NS2} link set veth22 $xdpmode obj xdp_dummy.bpf.o sec xdp &> /dev/null
-	ip link set dev veth1 $xdpmode obj test_xdp_redirect.bpf.o program xdp_redirect_to_222 &> /dev/null
-	ip link set dev veth2 $xdpmode obj test_xdp_redirect.bpf.o program xdp_redirect_to_111 &> /dev/null
-
-	if ip netns exec ${NS1} ping -c 1 10.1.1.22 &> /dev/null &&
-	   ip netns exec ${NS2} ping -c 1 10.1.1.11 &> /dev/null; then
-		echo "selftests: test_xdp_redirect $xdpmode [PASS]";
-	else
-		ret=1
-		echo "selftests: test_xdp_redirect $xdpmode [FAILED]";
-	fi
-
-	cleanup
-}
-
-set -e
-trap cleanup 2 3 6 9
-
-test_xdp_redirect xdpgeneric
-test_xdp_redirect xdpdrv
-
-exit $ret