From patchwork Sun Dec 18 05:17:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Ehrig X-Patchwork-Id: 34297 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:e747:0:0:0:0:0 with SMTP id c7csp1805801wrn; Sat, 17 Dec 2022 22:22:21 -0800 (PST) X-Google-Smtp-Source: AA0mqf7waQE1K0XsJYAMSWhDL3/A8ZuundqPVKOJv0L6FISJDO/ECpHGR8fBoGLDrl/cAl92I9UJ X-Received: by 2002:a17:902:ea11:b0:189:adf6:7713 with SMTP id s17-20020a170902ea1100b00189adf67713mr50773169plg.65.1671344541101; Sat, 17 Dec 2022 22:22:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671344541; cv=none; d=google.com; s=arc-20160816; b=S0pQxPOzqi6nuhzR9l4C9oqcgUOZF5xDt9PKkjd+GxHONJywcnMGMg2LMi4Q2Uyt3X vLZdWTkJ3KU0PNVkCpJNuE6kt0RuqRsnW3bm3gfwxJt3bMzM2gLsIWZABcDXGKJCMpYq sh4lSqb493zof55K2IrU08PvOhq00jxx0uEhB/7L844wtq4FsJpZR3M0Aza84Z5ZyWhR 6HGV2bEaq/l3/5mZikCXHEstDiPK00SS/MV02yNLmzQ0lHu1m0/mX606Sq5EdB7kYRoO mWvqbOFaQZkRF9FkVVoc2WN3qVriniNS8WcdvB2RBsHQ7fRUhu0hxRTKVanI4NkyPQZd ybTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VZjrql4GzJFHQJkJaKmcf2NkEXsxLrfG96nTce813zM=; b=FfviLNfVmxlEfYreIjTgg8zGVkuur5eHuiFamlIUQ6U/D6M6cPH0Lihv3+Zcr9ySEm OKJpERBsga+59F6M9JpbDJvOIBSiyvQynF249BYfnolIiR0GRjzHkDW3yU99XYUxHsZ/ Dv6sWplbzncR1bcZeEfnjdv2a3zI7L29xRSWupoAlYpJMMaDlb77nDFNP4ga+hG/5Z8U Lp6UWpAxKGa/OBzz8MmLJ796SGhY16N3G9Atdi52QtLdbC0/eTmEGRWMUtWgZ7Q5xCpN 73d/W5EnHzLxsBNRosK1E2riKO6DE765s4ToTcOJgkXYvB0XmaNFwPWYBhr0Z3ZRXzou YEhw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@cloudflare.com header.s=google header.b=q9j+E6sC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=cloudflare.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t19-20020a170902d15300b0018965245cbesi6725225plt.339.2022.12.17.22.22.08; Sat, 17 Dec 2022 22:22:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@cloudflare.com header.s=google header.b=q9j+E6sC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=cloudflare.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230388AbiLRFSb (ORCPT + 99 others); Sun, 18 Dec 2022 00:18:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54374 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230252AbiLRFSO (ORCPT ); Sun, 18 Dec 2022 00:18:14 -0500 Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BE229F31 for ; Sat, 17 Dec 2022 21:18:12 -0800 (PST) Received: by mail-wm1-x32f.google.com with SMTP id bi26-20020a05600c3d9a00b003d3404a89faso3144475wmb.1 for ; Sat, 17 Dec 2022 21:18:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VZjrql4GzJFHQJkJaKmcf2NkEXsxLrfG96nTce813zM=; b=q9j+E6sC/Mv5x8/TehXbtRXdQiQqqENXX7LLpqFkYiBa55+8Ym66+zW4pq4VTXeHWl XZr7HRd5XthTvqPx42b23iS0OD7LaAtKz2N0BA+hLNO8iCmYfCxo2bGU3/dePc/hYCAo zv5jSj5r3eaI8nCWSLh179yoY1FpO9pdnwRNU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VZjrql4GzJFHQJkJaKmcf2NkEXsxLrfG96nTce813zM=; b=cVgbTCQfNZEYfbDLAX9JM8iYmykzd23r3ZtGr91X/CkXeQT2rDky6ALinSReVShvWX cIHbJjffOVuzesj1OUGWmM5GarWUu7fwsI+LE+oncMrKExWjHc/F71la2twmCQBjbGyL QLePnOWBHTxdkjUP50WLNXgqYz5n0X6oY7DXV6pkEVDwfwe4F+1HJUKb4gOXf+8352AR Cyx0X18eDOL+v/B/GXTFCVmVuTdMWF/5qTUMWKZTrU6IJ3VMPj9Xz8R/XtUyABvfmO/9 oftt4Ba20gAvZwCdGduX4HPNSs/hxpYxrTlbglQFEr3g8KOoHtAy4zaFjWLb6l/J6yOK 0HuA== X-Gm-Message-State: ANoB5plbJLtHZVYu/krIrCrI44WtTLsaQeMllcbbJ0ezpNBy31O2xm4G wQpw5nu3x5P5WaOFHIhK6qlYAQ== X-Received: by 2002:a7b:cbd1:0:b0:3d1:ed41:57c0 with SMTP id n17-20020a7bcbd1000000b003d1ed4157c0mr28766562wmi.30.1671340691305; Sat, 17 Dec 2022 21:18:11 -0800 (PST) Received: from workstation.ehrig.io (tmo-122-74.customers.d1-online.com. [80.187.122.74]) by smtp.gmail.com with ESMTPSA id k62-20020a1ca141000000b003cf894dbc4fsm7805231wme.25.2022.12.17.21.18.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 17 Dec 2022 21:18:10 -0800 (PST) From: Christian Ehrig To: bpf@vger.kernel.org Cc: cehrig@cloudflare.com, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Mykola Lysenko , Shuah Khan , Joanne Koong , Kui-Feng Lee , Kumar Kartikeya Dwivedi , Maxim Mikityanskiy , Kaixi Fan , Paul Chaignon , Shmulik Ladkani , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org Subject: [PATCH bpf-next 2/2] selftests/bpf: Add BPF_F_NO_TUNNEL_KEY test Date: Sun, 18 Dec 2022 06:17:32 +0100 Message-Id: <20221218051734.31411-2-cehrig@cloudflare.com> X-Mailer: git-send-email 2.37.4 In-Reply-To: <20221218051734.31411-1-cehrig@cloudflare.com> References: <20221218051734.31411-1-cehrig@cloudflare.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1752531773259051568?= X-GMAIL-MSGID: =?utf-8?q?1752531773259051568?= This patch adds a selftest simulating a GRE sender and receiver using tunnel headers without tunnel keys. It validates if packets encapsulated using BPF_F_NO_TUNNEL_KEY are decapsulated by a GRE receiver not configured with tunnel keys. Signed-off-by: Christian Ehrig Acked-by: Stanislav Fomichev Reviewed-by: Jakub Sitnicki --- .../selftests/bpf/progs/test_tunnel_kern.c | 21 ++++++++++ tools/testing/selftests/bpf/test_tunnel.sh | 40 +++++++++++++++++-- 2 files changed, 58 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c index 98af55f0bcd3..508da4a23c4f 100644 --- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c +++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c @@ -81,6 +81,27 @@ int gre_set_tunnel(struct __sk_buff *skb) return TC_ACT_OK; } +SEC("tc") +int gre_set_tunnel_no_key(struct __sk_buff *skb) +{ + int ret; + struct bpf_tunnel_key key; + + __builtin_memset(&key, 0x0, sizeof(key)); + key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */ + key.tunnel_ttl = 64; + + ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), + BPF_F_ZERO_CSUM_TX | BPF_F_SEQ_NUMBER | + BPF_F_NO_TUNNEL_KEY); + if (ret < 0) { + log_err(ret); + return TC_ACT_SHOT; + } + + return TC_ACT_OK; +} + SEC("tc") int gre_get_tunnel(struct __sk_buff *skb) { diff --git a/tools/testing/selftests/bpf/test_tunnel.sh b/tools/testing/selftests/bpf/test_tunnel.sh index 2eaedc1d9ed3..06857b689c11 100755 --- a/tools/testing/selftests/bpf/test_tunnel.sh +++ b/tools/testing/selftests/bpf/test_tunnel.sh @@ -66,15 +66,20 @@ config_device() add_gre_tunnel() { + tun_key= + if [ -n "$1" ]; then + tun_key="key $1" + fi + # at_ns0 namespace ip netns exec at_ns0 \ - ip link add dev $DEV_NS type $TYPE seq key 2 \ + ip link add dev $DEV_NS type $TYPE seq $tun_key \ local 172.16.1.100 remote 172.16.1.200 ip netns exec at_ns0 ip link set dev $DEV_NS up ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24 # root namespace - ip link add dev $DEV type $TYPE key 2 external + ip link add dev $DEV type $TYPE $tun_key external ip link set dev $DEV up ip addr add dev $DEV 10.1.1.200/24 } @@ -238,7 +243,7 @@ test_gre() check $TYPE config_device - add_gre_tunnel + add_gre_tunnel 2 attach_bpf $DEV gre_set_tunnel gre_get_tunnel ping $PING_ARG 10.1.1.100 check_err $? @@ -253,6 +258,30 @@ test_gre() echo -e ${GREEN}"PASS: $TYPE"${NC} } +test_gre_no_tunnel_key() +{ + TYPE=gre + DEV_NS=gre00 + DEV=gre11 + ret=0 + + check $TYPE + config_device + add_gre_tunnel + attach_bpf $DEV gre_set_tunnel_no_key gre_get_tunnel + ping $PING_ARG 10.1.1.100 + check_err $? + ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 + check_err $? + cleanup + + if [ $ret -ne 0 ]; then + echo -e ${RED}"FAIL: $TYPE"${NC} + return 1 + fi + echo -e ${GREEN}"PASS: $TYPE"${NC} +} + test_ip6gre() { TYPE=ip6gre @@ -589,6 +618,7 @@ cleanup() ip link del ipip6tnl11 2> /dev/null ip link del ip6ip6tnl11 2> /dev/null ip link del gretap11 2> /dev/null + ip link del gre11 2> /dev/null ip link del ip6gre11 2> /dev/null ip link del ip6gretap11 2> /dev/null ip link del geneve11 2> /dev/null @@ -641,6 +671,10 @@ bpf_tunnel_test() test_gre errors=$(( $errors + $? )) + echo "Testing GRE tunnel (without tunnel keys)..." + test_gre_no_tunnel_key + errors=$(( $errors + $? )) + echo "Testing IP6GRE tunnel..." test_ip6gre errors=$(( $errors + $? ))