1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (c) 2023 Isovalent */
3 #include <uapi/linux/if_link.h>
5 #include <test_progs.h>
7 #define netkit_peer "nk0"
8 #define netkit_name "nk1"
10 #define ping_addr_neigh 0x0a000002 /* 10.0.0.2 */
11 #define ping_addr_noneigh 0x0a000003 /* 10.0.0.3 */
13 #include "test_tc_link.skel.h"
14 #include "netlink_helpers.h"
15 #include "tc_helpers.h"
37 static int create_netkit(int mode, int policy, int peer_policy, int *ifindex,
38 bool same_netns, int scrub, int peer_scrub)
40 struct rtnl_handle rth = { .fd = -1 };
41 struct iplink_req req = {};
42 struct rtattr *linkinfo, *data;
43 const char *type = "netkit";
46 err = rtnl_open(&rth, 0);
47 if (!ASSERT_OK(err, "open_rtnetlink"))
50 memset(&req, 0, sizeof(req));
51 req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
52 req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
53 req.n.nlmsg_type = RTM_NEWLINK;
54 req.i.ifi_family = AF_UNSPEC;
56 addattr_l(&req.n, sizeof(req), IFLA_IFNAME, netkit_name,
58 linkinfo = addattr_nest(&req.n, sizeof(req), IFLA_LINKINFO);
59 addattr_l(&req.n, sizeof(req), IFLA_INFO_KIND, type, strlen(type));
60 data = addattr_nest(&req.n, sizeof(req), IFLA_INFO_DATA);
61 addattr32(&req.n, sizeof(req), IFLA_NETKIT_POLICY, policy);
62 addattr32(&req.n, sizeof(req), IFLA_NETKIT_PEER_POLICY, peer_policy);
63 addattr32(&req.n, sizeof(req), IFLA_NETKIT_SCRUB, scrub);
64 addattr32(&req.n, sizeof(req), IFLA_NETKIT_PEER_SCRUB, peer_scrub);
65 addattr32(&req.n, sizeof(req), IFLA_NETKIT_MODE, mode);
66 addattr_nest_end(&req.n, data);
67 addattr_nest_end(&req.n, linkinfo);
69 err = rtnl_talk(&rth, &req.n, NULL);
70 ASSERT_OK(err, "talk_rtnetlink");
72 *ifindex = if_nametoindex(netkit_name);
74 ASSERT_GT(*ifindex, 0, "retrieve_ifindex");
75 ASSERT_OK(system("ip netns add foo"), "create netns");
76 ASSERT_OK(system("ip link set dev " netkit_name " up"),
78 ASSERT_OK(system("ip addr add dev " netkit_name " 10.0.0.1/24"),
81 if (mode == NETKIT_L3) {
82 ASSERT_EQ(system("ip link set dev " netkit_name
83 " addr ee:ff:bb:cc:aa:dd 2> /dev/null"), 512,
86 ASSERT_OK(system("ip link set dev " netkit_name
87 " addr ee:ff:bb:cc:aa:dd"),
91 ASSERT_OK(system("ip link set dev " netkit_peer " up"),
93 ASSERT_OK(system("ip addr add dev " netkit_peer " 10.0.0.2/24"),
96 ASSERT_OK(system("ip link set " netkit_peer " netns foo"),
98 ASSERT_OK(system("ip netns exec foo ip link set dev "
99 netkit_peer " up"), "up peer");
100 ASSERT_OK(system("ip netns exec foo ip addr add dev "
101 netkit_peer " 10.0.0.2/24"), "addr peer");
106 static void move_netkit(void)
108 ASSERT_OK(system("ip link set " netkit_peer " netns foo"),
110 ASSERT_OK(system("ip netns exec foo ip link set dev "
111 netkit_peer " up"), "up peer");
112 ASSERT_OK(system("ip netns exec foo ip addr add dev "
113 netkit_peer " 10.0.0.2/24"), "addr peer");
116 static void destroy_netkit(void)
118 ASSERT_OK(system("ip link del dev " netkit_name), "del primary");
119 ASSERT_OK(system("ip netns del foo"), "delete netns");
120 ASSERT_EQ(if_nametoindex(netkit_name), 0, netkit_name "_ifindex");
123 static int __send_icmp(__u32 dest)
125 int sock, ret, mark = MARK, prio = PRIO;
126 struct sockaddr_in addr;
129 ret = write_sysctl("/proc/sys/net/ipv4/ping_group_range", "0 0");
130 if (!ASSERT_OK(ret, "write_sysctl(net.ipv4.ping_group_range)"))
133 sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP);
134 if (!ASSERT_GE(sock, 0, "icmp_socket"))
137 ret = setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE,
138 netkit_name, strlen(netkit_name) + 1);
139 if (!ASSERT_OK(ret, "setsockopt(SO_BINDTODEVICE)"))
142 ret = setsockopt(sock, SOL_SOCKET, SO_MARK, &mark, sizeof(mark));
143 if (!ASSERT_OK(ret, "setsockopt(SO_MARK)"))
146 ret = setsockopt(sock, SOL_SOCKET, SO_PRIORITY,
147 &prio, sizeof(prio));
148 if (!ASSERT_OK(ret, "setsockopt(SO_PRIORITY)"))
151 memset(&addr, 0, sizeof(addr));
152 addr.sin_family = AF_INET;
153 addr.sin_addr.s_addr = htonl(dest);
155 memset(&icmp, 0, sizeof(icmp));
156 icmp.type = ICMP_ECHO;
158 icmp.echo.sequence = 1;
160 ret = sendto(sock, &icmp, sizeof(icmp), 0,
161 (struct sockaddr *)&addr, sizeof(addr));
162 if (!ASSERT_GE(ret, 0, "icmp_sendto"))
171 static int send_icmp(void)
173 return __send_icmp(ping_addr_neigh);
176 void serial_test_tc_netkit_basic(void)
178 LIBBPF_OPTS(bpf_prog_query_opts, optq);
179 LIBBPF_OPTS(bpf_netkit_opts, optl);
180 __u32 prog_ids[2], link_ids[2];
181 __u32 pid1, pid2, lid1, lid2;
182 struct test_tc_link *skel;
183 struct bpf_link *link;
186 err = create_netkit(NETKIT_L2, NETKIT_PASS, NETKIT_PASS,
187 &ifindex, false, NETKIT_SCRUB_DEFAULT,
188 NETKIT_SCRUB_DEFAULT);
192 skel = test_tc_link__open();
193 if (!ASSERT_OK_PTR(skel, "skel_open"))
196 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc1,
197 BPF_NETKIT_PRIMARY), 0, "tc1_attach_type");
198 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc2,
199 BPF_NETKIT_PEER), 0, "tc2_attach_type");
201 err = test_tc_link__load(skel);
202 if (!ASSERT_OK(err, "skel_load"))
205 pid1 = id_from_prog_fd(bpf_program__fd(skel->progs.tc1));
206 pid2 = id_from_prog_fd(bpf_program__fd(skel->progs.tc2));
208 ASSERT_NEQ(pid1, pid2, "prog_ids_1_2");
210 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
211 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
213 ASSERT_EQ(skel->bss->seen_tc1, false, "seen_tc1");
214 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
216 link = bpf_program__attach_netkit(skel->progs.tc1, ifindex, &optl);
217 if (!ASSERT_OK_PTR(link, "link_attach"))
220 skel->links.tc1 = link;
222 lid1 = id_from_link_fd(bpf_link__fd(skel->links.tc1));
224 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 1);
225 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
227 optq.prog_ids = prog_ids;
228 optq.link_ids = link_ids;
230 memset(prog_ids, 0, sizeof(prog_ids));
231 memset(link_ids, 0, sizeof(link_ids));
232 optq.count = ARRAY_SIZE(prog_ids);
234 err = bpf_prog_query_opts(ifindex, BPF_NETKIT_PRIMARY, &optq);
235 if (!ASSERT_OK(err, "prog_query"))
238 ASSERT_EQ(optq.count, 1, "count");
239 ASSERT_EQ(optq.revision, 2, "revision");
240 ASSERT_EQ(optq.prog_ids[0], pid1, "prog_ids[0]");
241 ASSERT_EQ(optq.link_ids[0], lid1, "link_ids[0]");
242 ASSERT_EQ(optq.prog_ids[1], 0, "prog_ids[1]");
243 ASSERT_EQ(optq.link_ids[1], 0, "link_ids[1]");
245 tc_skel_reset_all_seen(skel);
246 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
248 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
249 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
251 link = bpf_program__attach_netkit(skel->progs.tc2, ifindex, &optl);
252 if (!ASSERT_OK_PTR(link, "link_attach"))
255 skel->links.tc2 = link;
257 lid2 = id_from_link_fd(bpf_link__fd(skel->links.tc2));
258 ASSERT_NEQ(lid1, lid2, "link_ids_1_2");
260 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 1);
261 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 1);
263 memset(prog_ids, 0, sizeof(prog_ids));
264 memset(link_ids, 0, sizeof(link_ids));
265 optq.count = ARRAY_SIZE(prog_ids);
267 err = bpf_prog_query_opts(ifindex, BPF_NETKIT_PEER, &optq);
268 if (!ASSERT_OK(err, "prog_query"))
271 ASSERT_EQ(optq.count, 1, "count");
272 ASSERT_EQ(optq.revision, 2, "revision");
273 ASSERT_EQ(optq.prog_ids[0], pid2, "prog_ids[0]");
274 ASSERT_EQ(optq.link_ids[0], lid2, "link_ids[0]");
275 ASSERT_EQ(optq.prog_ids[1], 0, "prog_ids[1]");
276 ASSERT_EQ(optq.link_ids[1], 0, "link_ids[1]");
278 tc_skel_reset_all_seen(skel);
279 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
281 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
282 ASSERT_EQ(skel->bss->seen_tc2, true, "seen_tc2");
284 test_tc_link__destroy(skel);
286 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
287 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
291 static void serial_test_tc_netkit_multi_links_target(int mode, int target)
293 LIBBPF_OPTS(bpf_prog_query_opts, optq);
294 LIBBPF_OPTS(bpf_netkit_opts, optl);
295 __u32 prog_ids[3], link_ids[3];
296 __u32 pid1, pid2, lid1, lid2;
297 struct test_tc_link *skel;
298 struct bpf_link *link;
301 err = create_netkit(mode, NETKIT_PASS, NETKIT_PASS,
302 &ifindex, false, NETKIT_SCRUB_DEFAULT,
303 NETKIT_SCRUB_DEFAULT);
307 skel = test_tc_link__open();
308 if (!ASSERT_OK_PTR(skel, "skel_open"))
311 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc1,
312 target), 0, "tc1_attach_type");
313 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc2,
314 target), 0, "tc2_attach_type");
316 err = test_tc_link__load(skel);
317 if (!ASSERT_OK(err, "skel_load"))
320 pid1 = id_from_prog_fd(bpf_program__fd(skel->progs.tc1));
321 pid2 = id_from_prog_fd(bpf_program__fd(skel->progs.tc2));
323 ASSERT_NEQ(pid1, pid2, "prog_ids_1_2");
325 assert_mprog_count_ifindex(ifindex, target, 0);
327 ASSERT_EQ(skel->bss->seen_tc1, false, "seen_tc1");
328 ASSERT_EQ(skel->bss->seen_eth, false, "seen_eth");
329 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
331 link = bpf_program__attach_netkit(skel->progs.tc1, ifindex, &optl);
332 if (!ASSERT_OK_PTR(link, "link_attach"))
335 skel->links.tc1 = link;
337 lid1 = id_from_link_fd(bpf_link__fd(skel->links.tc1));
339 assert_mprog_count_ifindex(ifindex, target, 1);
341 optq.prog_ids = prog_ids;
342 optq.link_ids = link_ids;
344 memset(prog_ids, 0, sizeof(prog_ids));
345 memset(link_ids, 0, sizeof(link_ids));
346 optq.count = ARRAY_SIZE(prog_ids);
348 err = bpf_prog_query_opts(ifindex, target, &optq);
349 if (!ASSERT_OK(err, "prog_query"))
352 ASSERT_EQ(optq.count, 1, "count");
353 ASSERT_EQ(optq.revision, 2, "revision");
354 ASSERT_EQ(optq.prog_ids[0], pid1, "prog_ids[0]");
355 ASSERT_EQ(optq.link_ids[0], lid1, "link_ids[0]");
356 ASSERT_EQ(optq.prog_ids[1], 0, "prog_ids[1]");
357 ASSERT_EQ(optq.link_ids[1], 0, "link_ids[1]");
359 tc_skel_reset_all_seen(skel);
360 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
362 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
363 ASSERT_EQ(skel->bss->seen_eth, true, "seen_eth");
364 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
366 LIBBPF_OPTS_RESET(optl,
367 .flags = BPF_F_BEFORE,
368 .relative_fd = bpf_program__fd(skel->progs.tc1),
371 link = bpf_program__attach_netkit(skel->progs.tc2, ifindex, &optl);
372 if (!ASSERT_OK_PTR(link, "link_attach"))
375 skel->links.tc2 = link;
377 lid2 = id_from_link_fd(bpf_link__fd(skel->links.tc2));
378 ASSERT_NEQ(lid1, lid2, "link_ids_1_2");
380 assert_mprog_count_ifindex(ifindex, target, 2);
382 memset(prog_ids, 0, sizeof(prog_ids));
383 memset(link_ids, 0, sizeof(link_ids));
384 optq.count = ARRAY_SIZE(prog_ids);
386 err = bpf_prog_query_opts(ifindex, target, &optq);
387 if (!ASSERT_OK(err, "prog_query"))
390 ASSERT_EQ(optq.count, 2, "count");
391 ASSERT_EQ(optq.revision, 3, "revision");
392 ASSERT_EQ(optq.prog_ids[0], pid2, "prog_ids[0]");
393 ASSERT_EQ(optq.link_ids[0], lid2, "link_ids[0]");
394 ASSERT_EQ(optq.prog_ids[1], pid1, "prog_ids[1]");
395 ASSERT_EQ(optq.link_ids[1], lid1, "link_ids[1]");
396 ASSERT_EQ(optq.prog_ids[2], 0, "prog_ids[2]");
397 ASSERT_EQ(optq.link_ids[2], 0, "link_ids[2]");
399 tc_skel_reset_all_seen(skel);
400 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
402 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
403 ASSERT_EQ(skel->bss->seen_eth, true, "seen_eth");
404 ASSERT_EQ(skel->bss->seen_tc2, true, "seen_tc2");
406 test_tc_link__destroy(skel);
408 assert_mprog_count_ifindex(ifindex, target, 0);
412 void serial_test_tc_netkit_multi_links(void)
414 serial_test_tc_netkit_multi_links_target(NETKIT_L2, BPF_NETKIT_PRIMARY);
415 serial_test_tc_netkit_multi_links_target(NETKIT_L3, BPF_NETKIT_PRIMARY);
416 serial_test_tc_netkit_multi_links_target(NETKIT_L2, BPF_NETKIT_PEER);
417 serial_test_tc_netkit_multi_links_target(NETKIT_L3, BPF_NETKIT_PEER);
420 static void serial_test_tc_netkit_multi_opts_target(int mode, int target)
422 LIBBPF_OPTS(bpf_prog_attach_opts, opta);
423 LIBBPF_OPTS(bpf_prog_detach_opts, optd);
424 LIBBPF_OPTS(bpf_prog_query_opts, optq);
425 __u32 pid1, pid2, fd1, fd2;
427 struct test_tc_link *skel;
430 err = create_netkit(mode, NETKIT_PASS, NETKIT_PASS,
431 &ifindex, false, NETKIT_SCRUB_DEFAULT,
432 NETKIT_SCRUB_DEFAULT);
436 skel = test_tc_link__open_and_load();
437 if (!ASSERT_OK_PTR(skel, "skel_load"))
440 fd1 = bpf_program__fd(skel->progs.tc1);
441 fd2 = bpf_program__fd(skel->progs.tc2);
443 pid1 = id_from_prog_fd(fd1);
444 pid2 = id_from_prog_fd(fd2);
446 ASSERT_NEQ(pid1, pid2, "prog_ids_1_2");
448 assert_mprog_count_ifindex(ifindex, target, 0);
450 ASSERT_EQ(skel->bss->seen_tc1, false, "seen_tc1");
451 ASSERT_EQ(skel->bss->seen_eth, false, "seen_eth");
452 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
454 err = bpf_prog_attach_opts(fd1, ifindex, target, &opta);
455 if (!ASSERT_EQ(err, 0, "prog_attach"))
458 assert_mprog_count_ifindex(ifindex, target, 1);
460 optq.prog_ids = prog_ids;
462 memset(prog_ids, 0, sizeof(prog_ids));
463 optq.count = ARRAY_SIZE(prog_ids);
465 err = bpf_prog_query_opts(ifindex, target, &optq);
466 if (!ASSERT_OK(err, "prog_query"))
469 ASSERT_EQ(optq.count, 1, "count");
470 ASSERT_EQ(optq.revision, 2, "revision");
471 ASSERT_EQ(optq.prog_ids[0], pid1, "prog_ids[0]");
472 ASSERT_EQ(optq.prog_ids[1], 0, "prog_ids[1]");
474 tc_skel_reset_all_seen(skel);
475 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
477 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
478 ASSERT_EQ(skel->bss->seen_eth, true, "seen_eth");
479 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
481 LIBBPF_OPTS_RESET(opta,
482 .flags = BPF_F_BEFORE,
486 err = bpf_prog_attach_opts(fd2, ifindex, target, &opta);
487 if (!ASSERT_EQ(err, 0, "prog_attach"))
490 assert_mprog_count_ifindex(ifindex, target, 2);
492 memset(prog_ids, 0, sizeof(prog_ids));
493 optq.count = ARRAY_SIZE(prog_ids);
495 err = bpf_prog_query_opts(ifindex, target, &optq);
496 if (!ASSERT_OK(err, "prog_query"))
499 ASSERT_EQ(optq.count, 2, "count");
500 ASSERT_EQ(optq.revision, 3, "revision");
501 ASSERT_EQ(optq.prog_ids[0], pid2, "prog_ids[0]");
502 ASSERT_EQ(optq.prog_ids[1], pid1, "prog_ids[1]");
503 ASSERT_EQ(optq.prog_ids[2], 0, "prog_ids[2]");
505 tc_skel_reset_all_seen(skel);
506 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
508 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
509 ASSERT_EQ(skel->bss->seen_eth, true, "seen_eth");
510 ASSERT_EQ(skel->bss->seen_tc2, true, "seen_tc2");
513 err = bpf_prog_detach_opts(fd2, ifindex, target, &optd);
514 ASSERT_OK(err, "prog_detach");
515 assert_mprog_count_ifindex(ifindex, target, 1);
517 err = bpf_prog_detach_opts(fd1, ifindex, target, &optd);
518 ASSERT_OK(err, "prog_detach");
519 assert_mprog_count_ifindex(ifindex, target, 0);
521 test_tc_link__destroy(skel);
523 assert_mprog_count_ifindex(ifindex, target, 0);
527 void serial_test_tc_netkit_multi_opts(void)
529 serial_test_tc_netkit_multi_opts_target(NETKIT_L2, BPF_NETKIT_PRIMARY);
530 serial_test_tc_netkit_multi_opts_target(NETKIT_L3, BPF_NETKIT_PRIMARY);
531 serial_test_tc_netkit_multi_opts_target(NETKIT_L2, BPF_NETKIT_PEER);
532 serial_test_tc_netkit_multi_opts_target(NETKIT_L3, BPF_NETKIT_PEER);
535 void serial_test_tc_netkit_device(void)
537 LIBBPF_OPTS(bpf_prog_query_opts, optq);
538 LIBBPF_OPTS(bpf_netkit_opts, optl);
539 __u32 prog_ids[2], link_ids[2];
540 __u32 pid1, pid2, lid1;
541 struct test_tc_link *skel;
542 struct bpf_link *link;
543 int err, ifindex, ifindex2;
545 err = create_netkit(NETKIT_L3, NETKIT_PASS, NETKIT_PASS,
546 &ifindex, true, NETKIT_SCRUB_DEFAULT,
547 NETKIT_SCRUB_DEFAULT);
551 ifindex2 = if_nametoindex(netkit_peer);
552 ASSERT_NEQ(ifindex, ifindex2, "ifindex_1_2");
554 skel = test_tc_link__open();
555 if (!ASSERT_OK_PTR(skel, "skel_open"))
558 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc1,
559 BPF_NETKIT_PRIMARY), 0, "tc1_attach_type");
560 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc2,
561 BPF_NETKIT_PEER), 0, "tc2_attach_type");
562 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc3,
563 BPF_NETKIT_PRIMARY), 0, "tc3_attach_type");
565 err = test_tc_link__load(skel);
566 if (!ASSERT_OK(err, "skel_load"))
569 pid1 = id_from_prog_fd(bpf_program__fd(skel->progs.tc1));
570 pid2 = id_from_prog_fd(bpf_program__fd(skel->progs.tc2));
572 ASSERT_NEQ(pid1, pid2, "prog_ids_1_2");
574 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
575 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
577 ASSERT_EQ(skel->bss->seen_tc1, false, "seen_tc1");
578 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
580 link = bpf_program__attach_netkit(skel->progs.tc1, ifindex, &optl);
581 if (!ASSERT_OK_PTR(link, "link_attach"))
584 skel->links.tc1 = link;
586 lid1 = id_from_link_fd(bpf_link__fd(skel->links.tc1));
588 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 1);
589 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
591 optq.prog_ids = prog_ids;
592 optq.link_ids = link_ids;
594 memset(prog_ids, 0, sizeof(prog_ids));
595 memset(link_ids, 0, sizeof(link_ids));
596 optq.count = ARRAY_SIZE(prog_ids);
598 err = bpf_prog_query_opts(ifindex, BPF_NETKIT_PRIMARY, &optq);
599 if (!ASSERT_OK(err, "prog_query"))
602 ASSERT_EQ(optq.count, 1, "count");
603 ASSERT_EQ(optq.revision, 2, "revision");
604 ASSERT_EQ(optq.prog_ids[0], pid1, "prog_ids[0]");
605 ASSERT_EQ(optq.link_ids[0], lid1, "link_ids[0]");
606 ASSERT_EQ(optq.prog_ids[1], 0, "prog_ids[1]");
607 ASSERT_EQ(optq.link_ids[1], 0, "link_ids[1]");
609 tc_skel_reset_all_seen(skel);
610 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
612 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
613 ASSERT_EQ(skel->bss->seen_tc2, false, "seen_tc2");
615 memset(prog_ids, 0, sizeof(prog_ids));
616 memset(link_ids, 0, sizeof(link_ids));
617 optq.count = ARRAY_SIZE(prog_ids);
619 err = bpf_prog_query_opts(ifindex2, BPF_NETKIT_PRIMARY, &optq);
620 ASSERT_EQ(err, -EACCES, "prog_query_should_fail");
622 err = bpf_prog_query_opts(ifindex2, BPF_NETKIT_PEER, &optq);
623 ASSERT_EQ(err, -EACCES, "prog_query_should_fail");
625 link = bpf_program__attach_netkit(skel->progs.tc2, ifindex2, &optl);
626 if (!ASSERT_ERR_PTR(link, "link_attach_should_fail")) {
627 bpf_link__destroy(link);
631 link = bpf_program__attach_netkit(skel->progs.tc3, ifindex2, &optl);
632 if (!ASSERT_ERR_PTR(link, "link_attach_should_fail")) {
633 bpf_link__destroy(link);
637 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 1);
638 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
640 test_tc_link__destroy(skel);
642 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
643 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
647 static void serial_test_tc_netkit_neigh_links_target(int mode, int target)
649 LIBBPF_OPTS(bpf_prog_query_opts, optq);
650 LIBBPF_OPTS(bpf_netkit_opts, optl);
651 __u32 prog_ids[2], link_ids[2];
653 struct test_tc_link *skel;
654 struct bpf_link *link;
657 err = create_netkit(mode, NETKIT_PASS, NETKIT_PASS,
658 &ifindex, false, NETKIT_SCRUB_DEFAULT,
659 NETKIT_SCRUB_DEFAULT);
663 skel = test_tc_link__open();
664 if (!ASSERT_OK_PTR(skel, "skel_open"))
667 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc1,
668 BPF_NETKIT_PRIMARY), 0, "tc1_attach_type");
670 err = test_tc_link__load(skel);
671 if (!ASSERT_OK(err, "skel_load"))
674 pid1 = id_from_prog_fd(bpf_program__fd(skel->progs.tc1));
676 assert_mprog_count_ifindex(ifindex, target, 0);
678 ASSERT_EQ(skel->bss->seen_tc1, false, "seen_tc1");
679 ASSERT_EQ(skel->bss->seen_eth, false, "seen_eth");
681 link = bpf_program__attach_netkit(skel->progs.tc1, ifindex, &optl);
682 if (!ASSERT_OK_PTR(link, "link_attach"))
685 skel->links.tc1 = link;
687 lid1 = id_from_link_fd(bpf_link__fd(skel->links.tc1));
689 assert_mprog_count_ifindex(ifindex, target, 1);
691 optq.prog_ids = prog_ids;
692 optq.link_ids = link_ids;
694 memset(prog_ids, 0, sizeof(prog_ids));
695 memset(link_ids, 0, sizeof(link_ids));
696 optq.count = ARRAY_SIZE(prog_ids);
698 err = bpf_prog_query_opts(ifindex, target, &optq);
699 if (!ASSERT_OK(err, "prog_query"))
702 ASSERT_EQ(optq.count, 1, "count");
703 ASSERT_EQ(optq.revision, 2, "revision");
704 ASSERT_EQ(optq.prog_ids[0], pid1, "prog_ids[0]");
705 ASSERT_EQ(optq.link_ids[0], lid1, "link_ids[0]");
706 ASSERT_EQ(optq.prog_ids[1], 0, "prog_ids[1]");
707 ASSERT_EQ(optq.link_ids[1], 0, "link_ids[1]");
709 tc_skel_reset_all_seen(skel);
710 ASSERT_EQ(__send_icmp(ping_addr_noneigh), 0, "icmp_pkt");
712 ASSERT_EQ(skel->bss->seen_tc1, true /* L2: ARP */, "seen_tc1");
713 ASSERT_EQ(skel->bss->seen_eth, mode == NETKIT_L3, "seen_eth");
715 test_tc_link__destroy(skel);
717 assert_mprog_count_ifindex(ifindex, target, 0);
721 void serial_test_tc_netkit_neigh_links(void)
723 serial_test_tc_netkit_neigh_links_target(NETKIT_L2, BPF_NETKIT_PRIMARY);
724 serial_test_tc_netkit_neigh_links_target(NETKIT_L3, BPF_NETKIT_PRIMARY);
727 static void serial_test_tc_netkit_pkt_type_mode(int mode)
729 LIBBPF_OPTS(bpf_netkit_opts, optl_nk);
730 LIBBPF_OPTS(bpf_tcx_opts, optl_tcx);
731 int err, ifindex, ifindex2;
732 struct test_tc_link *skel;
733 struct bpf_link *link;
735 err = create_netkit(mode, NETKIT_PASS, NETKIT_PASS,
736 &ifindex, true, NETKIT_SCRUB_DEFAULT,
737 NETKIT_SCRUB_DEFAULT);
741 ifindex2 = if_nametoindex(netkit_peer);
742 ASSERT_NEQ(ifindex, ifindex2, "ifindex_1_2");
744 skel = test_tc_link__open();
745 if (!ASSERT_OK_PTR(skel, "skel_open"))
748 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc1,
749 BPF_NETKIT_PRIMARY), 0, "tc1_attach_type");
750 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc7,
751 BPF_TCX_INGRESS), 0, "tc7_attach_type");
753 err = test_tc_link__load(skel);
754 if (!ASSERT_OK(err, "skel_load"))
757 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
758 assert_mprog_count_ifindex(ifindex2, BPF_TCX_INGRESS, 0);
760 link = bpf_program__attach_netkit(skel->progs.tc1, ifindex, &optl_nk);
761 if (!ASSERT_OK_PTR(link, "link_attach"))
764 skel->links.tc1 = link;
766 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 1);
767 assert_mprog_count_ifindex(ifindex2, BPF_TCX_INGRESS, 0);
769 link = bpf_program__attach_tcx(skel->progs.tc7, ifindex2, &optl_tcx);
770 if (!ASSERT_OK_PTR(link, "link_attach"))
773 skel->links.tc7 = link;
775 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 1);
776 assert_mprog_count_ifindex(ifindex2, BPF_TCX_INGRESS, 1);
780 tc_skel_reset_all_seen(skel);
781 skel->bss->set_type = true;
782 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
784 ASSERT_EQ(skel->bss->seen_tc1, true, "seen_tc1");
785 ASSERT_EQ(skel->bss->seen_tc7, true, "seen_tc7");
787 ASSERT_EQ(skel->bss->seen_host, true, "seen_host");
788 ASSERT_EQ(skel->bss->seen_mcast, true, "seen_mcast");
790 test_tc_link__destroy(skel);
792 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
796 void serial_test_tc_netkit_pkt_type(void)
798 serial_test_tc_netkit_pkt_type_mode(NETKIT_L2);
799 serial_test_tc_netkit_pkt_type_mode(NETKIT_L3);
802 static void serial_test_tc_netkit_scrub_type(int scrub)
804 LIBBPF_OPTS(bpf_netkit_opts, optl);
805 struct test_tc_link *skel;
806 struct bpf_link *link;
809 err = create_netkit(NETKIT_L2, NETKIT_PASS, NETKIT_PASS,
810 &ifindex, false, scrub, scrub);
814 skel = test_tc_link__open();
815 if (!ASSERT_OK_PTR(skel, "skel_open"))
818 ASSERT_EQ(bpf_program__set_expected_attach_type(skel->progs.tc8,
819 BPF_NETKIT_PRIMARY), 0, "tc8_attach_type");
821 err = test_tc_link__load(skel);
822 if (!ASSERT_OK(err, "skel_load"))
825 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
826 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
828 ASSERT_EQ(skel->bss->seen_tc8, false, "seen_tc8");
830 link = bpf_program__attach_netkit(skel->progs.tc8, ifindex, &optl);
831 if (!ASSERT_OK_PTR(link, "link_attach"))
834 skel->links.tc8 = link;
836 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 1);
837 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
839 tc_skel_reset_all_seen(skel);
840 ASSERT_EQ(send_icmp(), 0, "icmp_pkt");
842 ASSERT_EQ(skel->bss->seen_tc8, true, "seen_tc8");
843 ASSERT_EQ(skel->bss->mark, scrub == NETKIT_SCRUB_NONE ? MARK : 0, "mark");
844 ASSERT_EQ(skel->bss->prio, scrub == NETKIT_SCRUB_NONE ? PRIO : 0, "prio");
846 test_tc_link__destroy(skel);
848 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PRIMARY, 0);
849 assert_mprog_count_ifindex(ifindex, BPF_NETKIT_PEER, 0);
853 void serial_test_tc_netkit_scrub(void)
855 serial_test_tc_netkit_scrub_type(NETKIT_SCRUB_DEFAULT);
856 serial_test_tc_netkit_scrub_type(NETKIT_SCRUB_NONE);
projects / J-linux.git / blob