1. 26 Apr, 2018 7 commits
    • Daniel Borkmann's avatar
      Merge branch 'bpf-tunnel-metadata-selftests' · 3f13de6d
      Daniel Borkmann authored
      William Tu says:
      
      ====================
      The patch series provide end-to-end eBPF tunnel testsute.  A common topology
      is created below for all types of tunnels:
      
      Topology:
      ---------
           root namespace   |     at_ns0 namespace
                            |
            -----------     |     -----------
            | tnl dev |     |     | tnl dev |  (overlay network)
            -----------     |     -----------
            metadata-mode   |     native-mode
             with bpf       |
                            |
            ----------      |     ----------
            |  veth1  | --------- |  veth0  |  (underlay network)
            ----------    peer    ----------
      
      Device Configuration
      --------------------
       Root namespace with metadata-mode tunnel + BPF
       Device names and addresses:
             veth1 IP: 172.16.1.200, IPv6: 00::22 (underlay)
             tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200 (overlay)
      
       Namespace at_ns0 with native tunnel
       Device names and addresses:
             veth0 IPv4: 172.16.1.100, IPv6: 00::11 (underlay)
             tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100 (overlay)
      
      End-to-end ping packet flow
      ---------------------------
       Most of the tests start by namespace creation, device configuration,
       then ping the underlay and overlay network.  When doing 'ping 10.1.1.100'
       from root namespace, the following operations happen:
       1) Route lookup shows 10.1.1.100/24 belongs to tnl dev, fwd to tnl dev.
       2) Tnl device's egress BPF program is triggered and set the tunnel metadata,
          with remote_ip=172.16.1.200 and others.
       3) Outer tunnel header is prepended and route the packet to veth1's egress
       4) veth0's ingress queue receive the tunneled packet at namespace at_ns0
       5) Tunnel protocol handler, ex: vxlan_rcv, decap the packet
       6) Forward the packet to the overlay tnl dev
      
      Test Cases
      -----------------------------
       Tunnel Type |  BPF Programs
      -----------------------------
       GRE:          gre_set_tunnel, gre_get_tunnel
       IP6GRE:       ip6gretap_set_tunnel, ip6gretap_get_tunnel
       ERSPAN:       erspan_set_tunnel, erspan_get_tunnel
       IP6ERSPAN:    ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
       VXLAN:        vxlan_set_tunnel, vxlan_get_tunnel
       IP6VXLAN:     ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
       GENEVE:       geneve_set_tunnel, geneve_get_tunnel
       IP6GENEVE:    ip6geneve_set_tunnel, ip6geneve_get_tunnel
       IPIP:         ipip_set_tunnel, ipip_get_tunnel
       IP6IP:        ipip6_set_tunnel, ipip6_get_tunnel,
                     ip6ip6_set_tunnel, ip6ip6_get_tunnel
       XFRM:         xfrm_get_state
      ====================
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      3f13de6d
    • William Tu's avatar
      samples/bpf: remove the bpf tunnel testsuite. · b05cd740
      William Tu authored
      Move the testsuite to
      selftests/bpf/{test_tunnel_kern.c, test_tunnel.sh}
      Signed-off-by: default avatarWilliam Tu <u9012063@gmail.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      b05cd740
    • William Tu's avatar
      selftests/bpf: bpf tunnel test. · 933a741e
      William Tu authored
      The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
      and samples/bpf/test_tunnel_bpf.sh to selftests.  There are a couple
      changes from the original:
          1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
          2) simplify the original ipip tests (remove iperf tests)
          3) improve documentation
          4) use bpf_ntoh* and bpf_hton* api
      
      In summary, 'test_tunnel_kern.o' contains the following bpf program:
        GRE: gre_set_tunnel, gre_get_tunnel
        IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
        ERSPAN: erspan_set_tunnel, erspan_get_tunnel
        IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
        VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
        IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
        GENEVE: geneve_set_tunnel, geneve_get_tunnel
        IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
        IPIP: ipip_set_tunnel, ipip_get_tunnel
        IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
               ip6ip6_set_tunnel, ip6ip6_get_tunnel
        XFRM: xfrm_get_state
      Signed-off-by: default avatarWilliam Tu <u9012063@gmail.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      933a741e
    • Nikita V. Shirokov's avatar
      bpf: fix xdp_generic for bpf_adjust_tail usecase · f7613120
      Nikita V. Shirokov authored
      When bpf_adjust_tail was introduced for generic xdp, it changed skb's tail
      pointer, so it was pointing to the new "end of the packet". However skb's
      len field wasn't properly modified, so on the wire ethernet frame had
      original (or even bigger, if adjust_head was used) size. This diff is
      fixing this.
      
      Fixes: 198d83bb (" bpf: make generic xdp compatible w/ bpf_xdp_adjust_tail")
      Signed-off-by: default avatarNikita V. Shirokov <tehnerd@tehnerd.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      f7613120
    • Jiri Olsa's avatar
      tools, bpftool: Display license GPL compatible in prog show/list · 9b984a20
      Jiri Olsa authored
      Display the license "gpl" string in bpftool prog command, like:
      
        # bpftool prog list
        5: tracepoint  name func  tag 57cd311f2e27366b  gpl
                loaded_at Apr 26/09:37  uid 0
                xlated 16B  not jited  memlock 4096B
      
        # bpftool --json --pretty prog show
        [{
                "id": 5,
                "type": "tracepoint",
                "name": "func",
                "tag": "57cd311f2e27366b",
                "gpl_compatible": true,
                "loaded_at": "Apr 26/09:37",
                "uid": 0,
                "bytes_xlated": 16,
                "jited": false,
                "bytes_memlock": 4096
            }
        ]
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      9b984a20
    • Jiri Olsa's avatar
      tools, bpf: Sync bpf.h uapi header · fb6ef42b
      Jiri Olsa authored
      Syncing the bpf.h uapi header with tools.
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      fb6ef42b
    • Jiri Olsa's avatar
      bpf: Add gpl_compatible flag to struct bpf_prog_info · b85fab0e
      Jiri Olsa authored
      Adding gpl_compatible flag to struct bpf_prog_info
      so it can be dumped via bpf_prog_get_info_by_fd and
      displayed via bpftool progs dump.
      
      Alexei noticed 4-byte hole in struct bpf_prog_info,
      so we put the u32 flags field in there, and we can
      keep adding bit fields in there without breaking
      user space.
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      b85fab0e
  2. 25 Apr, 2018 6 commits
  3. 24 Apr, 2018 13 commits
  4. 23 Apr, 2018 3 commits
  5. 21 Apr, 2018 10 commits
  6. 20 Apr, 2018 1 commit