Received: by 2002:a05:6358:f14:b0:e5:3b68:ec04 with SMTP id b20csp2975558rwj; Mon, 19 Dec 2022 11:10:30 -0800 (PST) X-Google-Smtp-Source: AA0mqf6xvjLGSxCW1Ijm8D0i7iC9JZBmNdlOI7XAkqjNKQFFxM9JJOkMM4bvxoN3u0Ymuy+/RVGh X-Received: by 2002:a05:6a20:8c06:b0:ad:aaac:d40b with SMTP id j6-20020a056a208c0600b000adaaacd40bmr33820000pzh.45.1671477030442; Mon, 19 Dec 2022 11:10:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671477030; cv=none; d=google.com; s=arc-20160816; b=mpiI8twal35RNcXfuZ25Qo10ei+ZOsfbchSlKIXhyCYT8/MRsh/LBgNMHta3cQEgfR fwk1M3BEa0goj6APnfGouZLJKpnG+X5vHHtknCg/sYKFaOfKxba20v0ibUPIlCu4K+pF AO+LLbgxB3sPh2vRDGi2k8sfJYl0pRNMGd89N1Dqf9JWcS2NQNiT2x113dzysB4++G16 A1Dr517I/79dUeVDFSlmafZLuatfnJtKDpqxacgiXcN3tG0/2fWXhv0ihmo02nMidg9N u1br5c2qvguDvhNSYPfCAezW0ZxYeTe3KFibDR/zqcm21ZXHI21/ThXbu0OVulmi5WBo ZfpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=lUe/HAilA5uQeCY16YFaRupilsMtPutRzDO3+Pp/Z1I=; b=h2wjELt0Q4xzmwfSs56a4fVUmLxsSLZCW1XbhCWImxOzLJzGrP4FHUVydlyzShAA/t qS9kezxiv/hTOTCm+TJnym85IWpmb8ZgdP13Yff8IFDDS/Jtm/E+REQGoKWrftWjWWsP GmSZJib2+i41HslU4s1SBaf+UfbB4Wj8gBKwnCT4PQNNmOYFqsTawPJQhfBdZgbCkw5p 93ualkeqvSBY6aagppk611QBrJlA/E1GU3KlRNPsGKMqLzV+LzBDjSvdH++Xu0e5KLSH VtwXC65r7EsFtJATb9wfwhbTCwMVPAMmO9ZsyJ+Kv8t0Pfb19xi7811VBrnQ3jnGimfH BwGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=VTq+9e6l; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x17-20020a633111000000b00476f59d84a6si12498686pgx.214.2022.12.19.11.10.21; Mon, 19 Dec 2022 11:10:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=VTq+9e6l; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232464AbiLSSmN (ORCPT + 71 others); Mon, 19 Dec 2022 13:42:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54530 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232574AbiLSSmA (ORCPT ); Mon, 19 Dec 2022 13:42:00 -0500 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6687612AAB for ; Mon, 19 Dec 2022 10:41:53 -0800 (PST) Received: by mail-pg1-x54a.google.com with SMTP id e7-20020a636907000000b00486a75ac49dso4507327pgc.19 for ; Mon, 19 Dec 2022 10:41:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=lUe/HAilA5uQeCY16YFaRupilsMtPutRzDO3+Pp/Z1I=; b=VTq+9e6lK/+M/Nv1j25mTFqCS9fuVM/WZbUbgu9tZwrcHrGxG6PntyfRkU+FvADdee L0xvjCh8ckvZGB6cpfeUe4IQ+bLunDiizoaASo0ZdeouOvfyC8sCV83I4xOMAH3E6WU7 Aj+J1oFcyo4meAB3Bb46FiIEDj9uk0KT6FDP1rRDVb3xXMWE9BG6l8Ns3MWoI+MpdxXQ TskENOsmgZE4LMzu47cNdQOiUNZGML+2W/luhO9bnIQhrLYcSJ8J0GBJIcCLgpGqEWsn 95p/WYoGDRcovc4hNTHXLYcyx5cyylfxnAxPf3ukjrC4zFee3ni1ji4qK1wkaqsU+T+U SREA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=lUe/HAilA5uQeCY16YFaRupilsMtPutRzDO3+Pp/Z1I=; b=V+jSBaUTwvvpxBwEXtTnmWjNgf7k/GILSzXjOdd8R8+NXixDk4v/d9cTbj28c0TnUq 1lTRB0GDNdgfWeltx2u8jAmwYfifn1y7wIXis45MnVVpDkREEpdnW59aGb/RpjUibi6h hHBPxF9PqfOyKID7YsyXuQmqCtoP/THlt0nIu/dYMLif/IMQuTZC4QP3/HEXUJQ98OYN FBkoHVB3q094LdQ/UCoYWUFzsGl8a9JPDFI62ZSzSpV1Y97Hzb5KY2fjbaHF+vg1G+5U x9HHPnMxjiJzopX6M2Mlw+gX9+3tm0e/HUTh4hUuugf3wlKIGiQo3+MFYDAPpEn2yp+S Hoew== X-Gm-Message-State: AFqh2koCC+BeGi0lGb0Li/50jx9TvSq6Wb7ghP2lYlVD1W6mn9PrwsxZ TcfKcD46YIBjO4rJRrGlYb3zqJA= X-Received: from sdf.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5935]) (user=sdf job=sendgmr) by 2002:a17:90a:fe08:b0:218:770c:9a40 with SMTP id ck8-20020a17090afe0800b00218770c9a40mr2448017pjb.158.1671475312904; Mon, 19 Dec 2022 10:41:52 -0800 (PST) Date: Mon, 19 Dec 2022 10:41:51 -0800 In-Reply-To: <20221218051734.31411-2-cehrig@cloudflare.com> Mime-Version: 1.0 References: <20221218051734.31411-1-cehrig@cloudflare.com> <20221218051734.31411-2-cehrig@cloudflare.com> Message-ID: Subject: Re: [PATCH bpf-next 2/2] selftests/bpf: Add BPF_F_NO_TUNNEL_KEY test From: sdf@google.com To: Christian Ehrig Cc: bpf@vger.kernel.org, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Hao Luo , Jiri Olsa , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Mykola Lysenko , Shuah Khan , Joanne Koong , Kui-Feng Lee , Kumar Kartikeya Dwivedi , Maxim Mikityanskiy , Kaixi Fan , Paul Chaignon , Shmulik Ladkani , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12/18, Christian Ehrig wrote: > This patch adds a selftest simulating a GRE sender and receiver using > tunnel headers without tunnel keys. It validates if packets encapsulated > using BPF_F_NO_TUNNEL_KEY are decapsulated by a GRE receiver not > configured with tunnel keys. > Signed-off-by: Christian Ehrig Acked-by: Stanislav Fomichev > --- > .../selftests/bpf/progs/test_tunnel_kern.c | 21 ++++++++++ > tools/testing/selftests/bpf/test_tunnel.sh | 40 +++++++++++++++++-- > 2 files changed, 58 insertions(+), 3 deletions(-) > diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c > b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c > index 98af55f0bcd3..508da4a23c4f 100644 > --- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c > +++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c > @@ -81,6 +81,27 @@ int gre_set_tunnel(struct __sk_buff *skb) > return TC_ACT_OK; > } > +SEC("tc") > +int gre_set_tunnel_no_key(struct __sk_buff *skb) > +{ > + int ret; > + struct bpf_tunnel_key key; > + > + __builtin_memset(&key, 0x0, sizeof(key)); > + key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */ > + key.tunnel_ttl = 64; > + > + ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), > + BPF_F_ZERO_CSUM_TX | BPF_F_SEQ_NUMBER | > + BPF_F_NO_TUNNEL_KEY); > + if (ret < 0) { > + log_err(ret); > + return TC_ACT_SHOT; > + } > + > + return TC_ACT_OK; > +} > + > SEC("tc") > int gre_get_tunnel(struct __sk_buff *skb) > { > diff --git a/tools/testing/selftests/bpf/test_tunnel.sh > b/tools/testing/selftests/bpf/test_tunnel.sh > index 2eaedc1d9ed3..06857b689c11 100755 > --- a/tools/testing/selftests/bpf/test_tunnel.sh > +++ b/tools/testing/selftests/bpf/test_tunnel.sh > @@ -66,15 +66,20 @@ config_device() > add_gre_tunnel() > { > + tun_key= > + if [ -n "$1" ]; then > + tun_key="key $1" > + fi > + > # at_ns0 namespace > ip netns exec at_ns0 \ > - ip link add dev $DEV_NS type $TYPE seq key 2 \ > + ip link add dev $DEV_NS type $TYPE seq $tun_key \ > local 172.16.1.100 remote 172.16.1.200 > ip netns exec at_ns0 ip link set dev $DEV_NS up > ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24 > # root namespace > - ip link add dev $DEV type $TYPE key 2 external > + ip link add dev $DEV type $TYPE $tun_key external > ip link set dev $DEV up > ip addr add dev $DEV 10.1.1.200/24 > } > @@ -238,7 +243,7 @@ test_gre() > check $TYPE > config_device > - add_gre_tunnel > + add_gre_tunnel 2 > attach_bpf $DEV gre_set_tunnel gre_get_tunnel > ping $PING_ARG 10.1.1.100 > check_err $? > @@ -253,6 +258,30 @@ test_gre() > echo -e ${GREEN}"PASS: $TYPE"${NC} > } > +test_gre_no_tunnel_key() > +{ > + TYPE=gre > + DEV_NS=gre00 > + DEV=gre11 > + ret=0 > + > + check $TYPE > + config_device > + add_gre_tunnel > + attach_bpf $DEV gre_set_tunnel_no_key gre_get_tunnel > + ping $PING_ARG 10.1.1.100 > + check_err $? > + ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 > + check_err $? > + cleanup > + > + if [ $ret -ne 0 ]; then > + echo -e ${RED}"FAIL: $TYPE"${NC} > + return 1 > + fi > + echo -e ${GREEN}"PASS: $TYPE"${NC} > +} > + > test_ip6gre() > { > TYPE=ip6gre > @@ -589,6 +618,7 @@ cleanup() > ip link del ipip6tnl11 2> /dev/null > ip link del ip6ip6tnl11 2> /dev/null > ip link del gretap11 2> /dev/null > + ip link del gre11 2> /dev/null > ip link del ip6gre11 2> /dev/null > ip link del ip6gretap11 2> /dev/null > ip link del geneve11 2> /dev/null > @@ -641,6 +671,10 @@ bpf_tunnel_test() > test_gre > errors=$(( $errors + $? )) > + echo "Testing GRE tunnel (without tunnel keys)..." > + test_gre_no_tunnel_key > + errors=$(( $errors + $? )) > + > echo "Testing IP6GRE tunnel..." > test_ip6gre > errors=$(( $errors + $? )) > -- > 2.37.4