Check if TC flow offloading to XDP works. Signed-off-by: Toshiaki Makita <toshiaki.makita1@xxxxxxxxx> --- tools/testing/selftests/bpf/Makefile | 1 + tools/testing/selftests/bpf/test_xdp_flow.sh | 106 +++++++++++++++++++++++++++ 2 files changed, 107 insertions(+) create mode 100755 tools/testing/selftests/bpf/test_xdp_flow.sh diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile index 00d05c5..3db9819 100644 --- a/tools/testing/selftests/bpf/Makefile +++ b/tools/testing/selftests/bpf/Makefile @@ -55,6 +55,7 @@ TEST_PROGS := test_kmod.sh \ test_xdp_redirect.sh \ test_xdp_meta.sh \ test_xdp_veth.sh \ + test_xdp_flow.sh \ test_offload.py \ test_sock_addr.sh \ test_tunnel.sh \ diff --git a/tools/testing/selftests/bpf/test_xdp_flow.sh b/tools/testing/selftests/bpf/test_xdp_flow.sh new file mode 100755 index 0000000..6937454 --- /dev/null +++ b/tools/testing/selftests/bpf/test_xdp_flow.sh @@ -0,0 +1,106 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# +# Create 2 namespaces with 2 veth peers, and +# forward packets in-between using xdp_flow +# +# NS1(veth11) NS2(veth22) +# | | +# | | +# (veth1) (veth2) +# ^ ^ +# | xdp_flow | +# -------------------- + +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +TESTNAME=xdp_flow + +_cleanup() +{ + set +e + ip link del veth1 2> /dev/null + ip link del veth2 2> /dev/null + ip netns del ns1 2> /dev/null + ip netns del ns2 2> /dev/null +} + +cleanup_skip() +{ + echo "selftests: $TESTNAME [SKIP]" + _cleanup + + exit $ksft_skip +} + +cleanup() +{ + if [ "$?" = 0 ]; then + echo "selftests: $TESTNAME [PASS]" + else + echo "selftests: $TESTNAME [FAILED]" + fi + _cleanup +} + +if [ $(id -u) -ne 0 ]; then + echo "selftests: $TESTNAME [SKIP] Need root privileges" + exit $ksft_skip +fi + +if ! ip link set dev lo xdp off > /dev/null 2>&1; then + echo "selftests: $TESTNAME [SKIP] Could not run test without the ip xdp support" + exit $ksft_skip +fi + +set -e + +trap cleanup_skip EXIT + +ip netns add ns1 +ip netns add ns2 + +ip link add veth1 type veth peer name veth11 netns ns1 +ip link add veth2 type veth peer name veth22 netns ns2 + +ip link set veth1 up +ip link set veth2 up + +ip -n ns1 addr add 10.1.1.11/24 dev veth11 +ip -n ns2 addr add 10.1.1.22/24 dev veth22 + +ip -n ns1 link set dev veth11 up +ip -n ns2 link set dev veth22 up + +ip -n ns1 link set dev veth11 xdp obj xdp_dummy.o sec xdp_dummy +ip -n ns2 link set dev veth22 xdp obj xdp_dummy.o sec xdp_dummy + +ethtool -K veth1 flow-offload-xdp on +ethtool -K veth2 flow-offload-xdp on + +trap cleanup EXIT + +# Adding clsact or ingress will trigger loading bpf prog in UMH +tc qdisc add dev veth1 clsact +tc qdisc add dev veth2 clsact + +# Adding filter will have UMH populate flow table map +tc filter add dev veth1 ingress protocol ip flower \ + dst_ip 10.1.1.0/24 action mirred egress redirect dev veth2 +tc filter add dev veth2 ingress protocol ip flower \ + dst_ip 10.1.1.0/24 action mirred egress redirect dev veth1 + +# flows should be offloaded when 'flow-offload-xdp' is enabled on veth +tc filter show dev veth1 ingress | grep -q not_in_hw && false +tc filter show dev veth2 ingress | grep -q not_in_hw && false + +# ARP is not supported so add filters after in_hw check +tc filter add dev veth1 ingress protocol arp flower \ + arp_tip 10.1.1.0/24 action mirred egress redirect dev veth2 +tc filter add dev veth2 ingress protocol arp flower \ + arp_sip 10.1.1.0/24 action mirred egress redirect dev veth1 + +ip netns exec ns1 ping -c 1 -W 1 10.1.1.22 + +exit 0 -- 1.8.3.1