Hi Bastien,
On 1/3/25 11:10, Bastien Curutchet (eBPF Foundation) wrote:
[...]
> + SYS(fail, "ip link add veth%d index %d%d%d type veth peer name veth0 netns %s",
> + i, i, i, i, ns_name);
nit: since you have to run an ip command through SYS anyway, you can reduce the
open ns/run command/close ns dance (and all the resulting error checks) by
running directly `SYS("ip netns exec %s ip link add [...]", NS0, [...])`
[...]
> + ret = bpf_xdp_attach(if_nametoindex("veth2"),
> + bpf_program__fd(prog_to_111),
> + data->xdp_flags, NULL);
nit: since we are setting static if index at veth creation (which looks needed
for this test), the if_nametoindex could be replaced by the corresponding index,
which could be directly a define
> + if (!ASSERT_GE(ret, 0, "bpf_xdp_attach"))
> + goto close;
> +
> + ret = bpf_xdp_attach(if_nametoindex("veth1"),
> + bpf_program__fd(prog_to_222),
> + data->xdp_flags, NULL);
> + if (!ASSERT_GE(ret, 0, "bpf_xdp_attach"))
> + goto close;
> +
> + close_netns(nstoken);
> +
> + nstoken = open_netns(NS1);
> + if (!ASSERT_OK_PTR(nstoken, "open NS1"))
> + goto close;
> +
> + SYS(close, "ping -c 1 %s.2", IPV4_NETWORK);
> +
> + close_netns(nstoken);
> +
> + nstoken = open_netns(NS2);
> + if (!ASSERT_OK_PTR(nstoken, "open NS2"))
> + goto close;
> +
> + SYS(close, "ping -c 1 %s.1", IPV4_NETWORK);
Is it really useful to check ping originating from both interfaces, isn´t a
single ping able to stimulate programs attached to both veth0 ?
Aside from those minor points, LGTM :)
--
Alexis Lothoré, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
