From: "kaixi.fan" <fankaixi.li@xxxxxxxxxxxxx>
Vxlan tunnel is chosen to test bpf code could configure tunnel
source ipv4 address. It's sufficient to prove that other types
tunnels could also do it.
In the vxlan tunnel testcase, two underlay ipv4 addresses
are configured on veth device in root namespace. Test bpf kernel
code would configure the secondary ipv4 address as the tunnel
source ip.
Signed-off-by: kaixi.fan <fankaixi.li@xxxxxxxxxxxxx>
---
.../selftests/bpf/progs/test_tunnel_kern.c | 64 +++++++++++++++++++
tools/testing/selftests/bpf/test_tunnel.sh | 37 ++++++++++-
2 files changed, 99 insertions(+), 2 deletions(-)
diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c
index ef0dde83b85a..ab635c55ae9b 100644
--- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c
+++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c
@@ -676,4 +676,68 @@ int _xfrm_get_state(struct __sk_buff *skb)
return TC_ACT_OK;
}
+SEC("vxlan_set_tunnel_src")
+int _vxlan_set_tunnel_src(struct __sk_buff *skb)
+{
+ int ret;
+ struct bpf_tunnel_key key;
+ struct vxlan_metadata md;
+
+ __builtin_memset(&key, 0x0, sizeof(key));
+ key.local_ipv4 = 0xac100114; /* 172.16.1.20 */
+ key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
+ key.tunnel_id = 2;
+ key.tunnel_tos = 0;
+ key.tunnel_ttl = 64;
+
+ ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
+ BPF_F_ZERO_CSUM_TX);
+ if (ret < 0) {
+ ERROR(ret);
+ return TC_ACT_SHOT;
+ }
+
+ md.gbp = 0x800FF; /* Set VXLAN Group Policy extension */
+ ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md));
+ if (ret < 0) {
+ ERROR(ret);
+ return TC_ACT_SHOT;
+ }
+
+ return TC_ACT_OK;
+}
+
+SEC("vxlan_get_tunnel_src")
+int _vxlan_get_tunnel_src(struct __sk_buff *skb)
+{
+ int ret;
+ struct bpf_tunnel_key key;
+ struct vxlan_metadata md;
+ char fmt[] = "key %d remote ip 0x%x source ip 0x%x\n";
+ char fmt2[] = "vxlan gbp 0x%x\n";
+
+ ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
+ if (ret < 0) {
+ ERROR(ret);
+ return TC_ACT_SHOT;
+ }
+
+ ret = bpf_skb_get_tunnel_opt(skb, &md, sizeof(md));
+ if (ret < 0) {
+ ERROR(ret);
+ return TC_ACT_SHOT;
+ }
+
+ bpf_trace_printk(fmt, sizeof(fmt),
+ key.tunnel_id, key.remote_ipv4, key.local_ipv4);
+ bpf_trace_printk(fmt2, sizeof(fmt2),
+ md.gbp);
+
+ if (key.local_ipv4 != 0xac100114) {
+ ERROR(ret);
+ return TC_ACT_SHOT;
+ }
+ return TC_ACT_OK;
+}
+
char _license[] SEC("license") = "GPL";
diff --git a/tools/testing/selftests/bpf/test_tunnel.sh b/tools/testing/selftests/bpf/test_tunnel.sh
index ca1372924023..b6923392bf16 100755
--- a/tools/testing/selftests/bpf/test_tunnel.sh
+++ b/tools/testing/selftests/bpf/test_tunnel.sh
@@ -161,10 +161,15 @@ add_vxlan_tunnel()
# on L3 packet, as a result not applying to ARP packets,
# causing errors at get_tunnel_{key/opt}.
+ # add a secondary ip
+ if [ "$2" == "2" ]; then
+ ip addr add dev veth1 172.16.1.20/24
+ fi
+
# at_ns0 namespace
ip netns exec at_ns0 \
ip link add dev $DEV_NS type $TYPE \
- id 2 dstport 4789 gbp remote 172.16.1.200
+ id 2 dstport 4789 gbp remote $1
ip netns exec at_ns0 \
ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
@@ -412,7 +417,7 @@ test_vxlan()
check $TYPE
config_device
- add_vxlan_tunnel
+ add_vxlan_tunnel 172.16.1.200 1
attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
ping $PING_ARG 10.1.1.100
check_err $?
@@ -661,6 +666,30 @@ test_xfrm_tunnel()
echo -e ${GREEN}"PASS: xfrm tunnel"${NC}
}
+test_vxlan_tunsrc()
+{
+ TYPE=vxlan
+ DEV_NS=vxlan00
+ DEV=vxlan11
+ ret=0
+
+ check $TYPE
+ config_device
+ add_vxlan_tunnel 172.16.1.20 2
+ attach_bpf $DEV vxlan_set_tunnel_src vxlan_get_tunnel_src
+ ping $PING_ARG 10.1.1.100
+ check_err $?
+ ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
+ check_err $?
+ cleanup
+
+ if [ $ret -ne 0 ]; then
+ echo -e ${RED}"FAIL: ${TYPE}_tunsrc"${NC}
+ return 1
+ fi
+ echo -e ${GREEN}"PASS: ${TYPE}_tunsrc"${NC}
+}
+
attach_bpf()
{
DEV=$1
@@ -782,6 +811,10 @@ bpf_tunnel_test()
test_xfrm_tunnel
errors=$(( $errors + $? ))
+ echo "Testing VXLAN tunnel source..."
+ test_vxlan_tunsrc
+ errors=$(( $errors + $? ))
+
return $errors
}
--
2.24.3 (Apple Git-128)
