selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
|
/* Copyright (c) 2016 VMware
|
|
|
|
|
* Copyright (c) 2016 Facebook
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of version 2 of the GNU General Public
|
|
|
|
|
* License as published by the Free Software Foundation.
|
|
|
|
|
*/
|
2023-12-14 15:49:04 -07:00
|
|
|
#include "vmlinux.h"
|
|
|
|
|
#include <bpf/bpf_core_read.h>
|
2020-01-20 14:06:45 +01:00
|
|
|
#include <bpf/bpf_helpers.h>
|
|
|
|
|
#include <bpf/bpf_endian.h>
|
2023-12-14 15:49:04 -07:00
|
|
|
#include "bpf_kfuncs.h"
|
|
|
|
|
#include "bpf_tracing_net.h"
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
#define log_err(__ret) bpf_printk("ERROR line:%d ret:%d\n", __LINE__, __ret)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
2023-12-14 15:49:04 -07:00
|
|
|
#define VXLAN_UDP_PORT 4789
|
|
|
|
|
#define ETH_P_IP 0x0800
|
|
|
|
|
#define PACKET_HOST 0
|
|
|
|
|
#define TUNNEL_CSUM bpf_htons(0x01)
|
|
|
|
|
#define TUNNEL_KEY bpf_htons(0x04)
|
2022-07-25 16:32:53 +02:00
|
|
|
|
|
|
|
|
/* Only IPv4 address assigned to veth1.
|
|
|
|
|
* 172.16.1.200
|
|
|
|
|
*/
|
|
|
|
|
#define ASSIGNED_ADDR_VETH1 0xac1001c8
|
|
|
|
|
|
2023-04-07 15:38:55 +02:00
|
|
|
int bpf_skb_set_fou_encap(struct __sk_buff *skb_ctx,
|
|
|
|
|
struct bpf_fou_encap *encap, int type) __ksym;
|
|
|
|
|
int bpf_skb_get_fou_encap(struct __sk_buff *skb_ctx,
|
|
|
|
|
struct bpf_fou_encap *encap) __ksym;
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
struct {
|
|
|
|
|
__uint(type, BPF_MAP_TYPE_ARRAY);
|
|
|
|
|
__uint(max_entries, 1);
|
|
|
|
|
__type(key, __u32);
|
|
|
|
|
__type(value, __u32);
|
|
|
|
|
} local_ip_map SEC(".maps");
|
|
|
|
|
|
|
|
|
|
SEC("tc")
|
|
|
|
|
int gre_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
key.tunnel_id = 2;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_ZERO_CSUM_TX | BPF_F_SEQ_NUMBER);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-18 06:17:32 +01:00
|
|
|
SEC("tc")
|
|
|
|
|
int gre_set_tunnel_no_key(struct __sk_buff *skb)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_ZERO_CSUM_TX | BPF_F_SEQ_NUMBER |
|
|
|
|
|
BPF_F_NO_TUNNEL_KEY);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int gre_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("key %d remote ip 0x%x\n", key.tunnel_id, key.remote_ipv4);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6gretap_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
|
|
|
|
key.tunnel_id = 2;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
key.tunnel_label = 0xabcde;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6 | BPF_F_ZERO_CSUM_TX |
|
|
|
|
|
BPF_F_SEQ_NUMBER);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6gretap_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("key %d remote ip6 ::%x label %x\n",
|
|
|
|
|
key.tunnel_id, key.remote_ipv6[3], key.tunnel_label);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int erspan_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct erspan_metadata md;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
key.tunnel_id = 2;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_ZERO_CSUM_TX);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&md, 0, sizeof(md));
|
|
|
|
|
#ifdef ERSPAN_V1
|
|
|
|
|
md.version = 1;
|
|
|
|
|
md.u.index = bpf_htonl(123);
|
|
|
|
|
#else
|
|
|
|
|
__u8 direction = 1;
|
|
|
|
|
__u8 hwid = 7;
|
|
|
|
|
|
|
|
|
|
md.version = 2;
|
2023-12-14 15:49:04 -07:00
|
|
|
BPF_CORE_WRITE_BITFIELD(&md.u.md2, dir, direction);
|
|
|
|
|
BPF_CORE_WRITE_BITFIELD(&md.u.md2, hwid, (hwid & 0xf));
|
|
|
|
|
BPF_CORE_WRITE_BITFIELD(&md.u.md2, hwid_upper, (hwid >> 4) & 0x3);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int erspan_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct erspan_metadata md;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_opt(skb, &md, sizeof(md));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("key %d remote ip 0x%x erspan version %d\n",
|
|
|
|
|
key.tunnel_id, key.remote_ipv4, md.version);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
#ifdef ERSPAN_V1
|
|
|
|
|
index = bpf_ntohl(md.u.index);
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("\tindex %x\n", index);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
#else
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("\tdirection %d hwid %x timestamp %u\n",
|
2023-12-14 15:49:04 -07:00
|
|
|
BPF_CORE_READ_BITFIELD(&md.u.md2, dir),
|
|
|
|
|
(BPF_CORE_READ_BITFIELD(&md.u.md2, hwid_upper) << 4) +
|
|
|
|
|
BPF_CORE_READ_BITFIELD(&md.u.md2, hwid),
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_ntohl(md.u.md2.timestamp));
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip4ip6erspan_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct erspan_metadata md;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.remote_ipv6[3] = bpf_htonl(0x11);
|
|
|
|
|
key.tunnel_id = 2;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&md, 0, sizeof(md));
|
|
|
|
|
|
|
|
|
|
#ifdef ERSPAN_V1
|
|
|
|
|
md.u.index = bpf_htonl(123);
|
|
|
|
|
md.version = 1;
|
|
|
|
|
#else
|
|
|
|
|
__u8 direction = 0;
|
|
|
|
|
__u8 hwid = 17;
|
|
|
|
|
|
|
|
|
|
md.version = 2;
|
2023-12-14 15:49:04 -07:00
|
|
|
BPF_CORE_WRITE_BITFIELD(&md.u.md2, dir, direction);
|
|
|
|
|
BPF_CORE_WRITE_BITFIELD(&md.u.md2, hwid, (hwid & 0xf));
|
|
|
|
|
BPF_CORE_WRITE_BITFIELD(&md.u.md2, hwid_upper, (hwid >> 4) & 0x3);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip4ip6erspan_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct erspan_metadata md;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_opt(skb, &md, sizeof(md));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("ip6erspan get key %d remote ip6 ::%x erspan version %d\n",
|
|
|
|
|
key.tunnel_id, key.remote_ipv4, md.version);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
#ifdef ERSPAN_V1
|
|
|
|
|
index = bpf_ntohl(md.u.index);
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("\tindex %x\n", index);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
#else
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("\tdirection %d hwid %x timestamp %u\n",
|
2023-12-14 15:49:04 -07:00
|
|
|
BPF_CORE_READ_BITFIELD(&md.u.md2, dir),
|
|
|
|
|
(BPF_CORE_READ_BITFIELD(&md.u.md2, hwid_upper) << 4) +
|
|
|
|
|
BPF_CORE_READ_BITFIELD(&md.u.md2, hwid),
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_ntohl(md.u.md2.timestamp));
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int vxlan_set_tunnel_dst(struct __sk_buff *skb)
|
|
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct vxlan_metadata md;
|
|
|
|
|
__u32 index = 0;
|
|
|
|
|
__u32 *local_ip = NULL;
|
selftests/bpf: Add -Wuninitialized flag to bpf prog flags
Per C99 standard [0], Section 6.7.8, Paragraph 10:
If an object that has automatic storage duration is not initialized
explicitly, its value is indeterminate.
And in the same document, in appendix "J.2 Undefined behavior":
The behavior is undefined in the following circumstances:
[...]
The value of an object with automatic storage duration is used while
it is indeterminate (6.2.4, 6.7.8, 6.8).
This means that use of an uninitialized stack variable is undefined
behavior, and therefore that clang can choose to do a variety of scary
things, such as not generating bytecode for "bunch of useful code" in
the below example:
void some_func()
{
int i;
if (!i)
return;
// bunch of useful code
}
To add insult to injury, if some_func above is a helper function for
some BPF program, clang can choose to not generate an "exit" insn,
causing verifier to fail with "last insn is not an exit or jmp". Going
from that verification failure to the root cause of uninitialized use
is certain to be frustrating.
This patch adds -Wuninitialized to the cflags for selftest BPF progs and
fixes up existing instances of uninitialized use.
[0]: https://www.open-std.org/jtc1/sc22/WG14/www/docs/n1256.pdf
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Cc: David Vernet <void@manifault.com>
Cc: Tejun Heo <tj@kernel.org>
Acked-by: David Vernet <void@manifault.com>
Link: https://lore.kernel.org/r/20230303005500.1614874-1-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2023-03-02 16:55:00 -08:00
|
|
|
int ret = 0;
|
2022-04-30 15:48:43 +08:00
|
|
|
|
|
|
|
|
local_ip = bpf_map_lookup_elem(&local_ip_map, &index);
|
|
|
|
|
if (!local_ip) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.local_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
key.remote_ipv4 = *local_ip;
|
|
|
|
|
key.tunnel_id = 2;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_ZERO_CSUM_TX);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
md.gbp = 0x800FF; /* Set VXLAN Group Policy extension */
|
|
|
|
|
ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md));
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SEC("tc")
|
|
|
|
|
int vxlan_set_tunnel_src(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct vxlan_metadata md;
|
2022-04-30 15:48:43 +08:00
|
|
|
__u32 index = 0;
|
|
|
|
|
__u32 *local_ip = NULL;
|
selftests/bpf: Add -Wuninitialized flag to bpf prog flags
Per C99 standard [0], Section 6.7.8, Paragraph 10:
If an object that has automatic storage duration is not initialized
explicitly, its value is indeterminate.
And in the same document, in appendix "J.2 Undefined behavior":
The behavior is undefined in the following circumstances:
[...]
The value of an object with automatic storage duration is used while
it is indeterminate (6.2.4, 6.7.8, 6.8).
This means that use of an uninitialized stack variable is undefined
behavior, and therefore that clang can choose to do a variety of scary
things, such as not generating bytecode for "bunch of useful code" in
the below example:
void some_func()
{
int i;
if (!i)
return;
// bunch of useful code
}
To add insult to injury, if some_func above is a helper function for
some BPF program, clang can choose to not generate an "exit" insn,
causing verifier to fail with "last insn is not an exit or jmp". Going
from that verification failure to the root cause of uninitialized use
is certain to be frustrating.
This patch adds -Wuninitialized to the cflags for selftest BPF progs and
fixes up existing instances of uninitialized use.
[0]: https://www.open-std.org/jtc1/sc22/WG14/www/docs/n1256.pdf
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Cc: David Vernet <void@manifault.com>
Cc: Tejun Heo <tj@kernel.org>
Acked-by: David Vernet <void@manifault.com>
Link: https://lore.kernel.org/r/20230303005500.1614874-1-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2023-03-02 16:55:00 -08:00
|
|
|
int ret = 0;
|
2022-04-30 15:48:43 +08:00
|
|
|
|
|
|
|
|
local_ip = bpf_map_lookup_elem(&local_ip_map, &index);
|
|
|
|
|
if (!local_ip) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
2022-04-30 15:48:43 +08:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
2022-04-30 15:48:43 +08:00
|
|
|
key.local_ipv4 = *local_ip;
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
key.tunnel_id = 2;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_ZERO_CSUM_TX);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
md.gbp = 0x800FF; /* Set VXLAN Group Policy extension */
|
|
|
|
|
ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int vxlan_get_tunnel_src(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct vxlan_metadata md;
|
|
|
|
|
|
2022-08-31 17:40:10 +03:00
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_FLAGS);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_opt(skb, &md, sizeof(md));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-31 17:40:10 +03:00
|
|
|
if (key.local_ipv4 != ASSIGNED_ADDR_VETH1 || md.gbp != 0x800FF ||
|
|
|
|
|
!(key.tunnel_flags & TUNNEL_KEY) ||
|
|
|
|
|
(key.tunnel_flags & TUNNEL_CSUM)) {
|
|
|
|
|
bpf_printk("vxlan key %d local ip 0x%x remote ip 0x%x gbp 0x%x flags 0x%x\n",
|
2022-04-30 15:48:43 +08:00
|
|
|
key.tunnel_id, key.local_ipv4,
|
2022-08-31 17:40:10 +03:00
|
|
|
key.remote_ipv4, md.gbp,
|
|
|
|
|
bpf_ntohs(key.tunnel_flags));
|
2022-04-30 15:48:43 +08:00
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-25 16:32:53 +02:00
|
|
|
SEC("tc")
|
|
|
|
|
int veth_set_outer_dst(struct __sk_buff *skb)
|
|
|
|
|
{
|
|
|
|
|
struct ethhdr *eth = (struct ethhdr *)(long)skb->data;
|
|
|
|
|
__u32 assigned_ip = bpf_htonl(ASSIGNED_ADDR_VETH1);
|
|
|
|
|
void *data_end = (void *)(long)skb->data_end;
|
|
|
|
|
struct udphdr *udph;
|
|
|
|
|
struct iphdr *iph;
|
|
|
|
|
int ret = 0;
|
|
|
|
|
__s64 csum;
|
|
|
|
|
|
|
|
|
|
if ((void *)eth + sizeof(*eth) > data_end) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (eth->h_proto != bpf_htons(ETH_P_IP))
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
|
|
|
|
|
iph = (struct iphdr *)(eth + 1);
|
|
|
|
|
if ((void *)iph + sizeof(*iph) > data_end) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
if (iph->protocol != IPPROTO_UDP)
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
|
|
|
|
|
udph = (struct udphdr *)(iph + 1);
|
|
|
|
|
if ((void *)udph + sizeof(*udph) > data_end) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
if (udph->dest != bpf_htons(VXLAN_UDP_PORT))
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
|
|
|
|
|
if (iph->daddr != assigned_ip) {
|
|
|
|
|
csum = bpf_csum_diff(&iph->daddr, sizeof(__u32), &assigned_ip,
|
|
|
|
|
sizeof(__u32), 0);
|
|
|
|
|
if (bpf_skb_store_bytes(skb, ETH_HLEN + offsetof(struct iphdr, daddr),
|
|
|
|
|
&assigned_ip, sizeof(__u32), 0) < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
if (bpf_l3_csum_replace(skb, ETH_HLEN + offsetof(struct iphdr, check),
|
|
|
|
|
0, csum, 0) < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
bpf_skb_change_type(skb, PACKET_HOST);
|
|
|
|
|
}
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6vxlan_set_tunnel_dst(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
2022-04-30 15:48:43 +08:00
|
|
|
__u32 index = 0;
|
|
|
|
|
__u32 *local_ip;
|
selftests/bpf: Add -Wuninitialized flag to bpf prog flags
Per C99 standard [0], Section 6.7.8, Paragraph 10:
If an object that has automatic storage duration is not initialized
explicitly, its value is indeterminate.
And in the same document, in appendix "J.2 Undefined behavior":
The behavior is undefined in the following circumstances:
[...]
The value of an object with automatic storage duration is used while
it is indeterminate (6.2.4, 6.7.8, 6.8).
This means that use of an uninitialized stack variable is undefined
behavior, and therefore that clang can choose to do a variety of scary
things, such as not generating bytecode for "bunch of useful code" in
the below example:
void some_func()
{
int i;
if (!i)
return;
// bunch of useful code
}
To add insult to injury, if some_func above is a helper function for
some BPF program, clang can choose to not generate an "exit" insn,
causing verifier to fail with "last insn is not an exit or jmp". Going
from that verification failure to the root cause of uninitialized use
is certain to be frustrating.
This patch adds -Wuninitialized to the cflags for selftest BPF progs and
fixes up existing instances of uninitialized use.
[0]: https://www.open-std.org/jtc1/sc22/WG14/www/docs/n1256.pdf
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Cc: David Vernet <void@manifault.com>
Cc: Tejun Heo <tj@kernel.org>
Acked-by: David Vernet <void@manifault.com>
Link: https://lore.kernel.org/r/20230303005500.1614874-1-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2023-03-02 16:55:00 -08:00
|
|
|
int ret = 0;
|
2022-04-30 15:48:43 +08:00
|
|
|
|
|
|
|
|
local_ip = bpf_map_lookup_elem(&local_ip_map, &index);
|
|
|
|
|
if (!local_ip) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
2022-04-30 15:48:43 +08:00
|
|
|
key.local_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
|
|
|
|
key.remote_ipv6[3] = bpf_htonl(*local_ip);
|
|
|
|
|
key.tunnel_id = 22;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SEC("tc")
|
|
|
|
|
int ip6vxlan_set_tunnel_src(struct __sk_buff *skb)
|
|
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
__u32 index = 0;
|
|
|
|
|
__u32 *local_ip;
|
selftests/bpf: Add -Wuninitialized flag to bpf prog flags
Per C99 standard [0], Section 6.7.8, Paragraph 10:
If an object that has automatic storage duration is not initialized
explicitly, its value is indeterminate.
And in the same document, in appendix "J.2 Undefined behavior":
The behavior is undefined in the following circumstances:
[...]
The value of an object with automatic storage duration is used while
it is indeterminate (6.2.4, 6.7.8, 6.8).
This means that use of an uninitialized stack variable is undefined
behavior, and therefore that clang can choose to do a variety of scary
things, such as not generating bytecode for "bunch of useful code" in
the below example:
void some_func()
{
int i;
if (!i)
return;
// bunch of useful code
}
To add insult to injury, if some_func above is a helper function for
some BPF program, clang can choose to not generate an "exit" insn,
causing verifier to fail with "last insn is not an exit or jmp". Going
from that verification failure to the root cause of uninitialized use
is certain to be frustrating.
This patch adds -Wuninitialized to the cflags for selftest BPF progs and
fixes up existing instances of uninitialized use.
[0]: https://www.open-std.org/jtc1/sc22/WG14/www/docs/n1256.pdf
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Cc: David Vernet <void@manifault.com>
Cc: Tejun Heo <tj@kernel.org>
Acked-by: David Vernet <void@manifault.com>
Link: https://lore.kernel.org/r/20230303005500.1614874-1-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2023-03-02 16:55:00 -08:00
|
|
|
int ret = 0;
|
2022-04-30 15:48:43 +08:00
|
|
|
|
|
|
|
|
local_ip = bpf_map_lookup_elem(&local_ip_map, &index);
|
|
|
|
|
if (!local_ip) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
2022-04-30 15:48:43 +08:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.local_ipv6[3] = bpf_htonl(*local_ip);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
|
|
|
|
key.tunnel_id = 22;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6vxlan_get_tunnel_src(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
2022-04-30 15:48:43 +08:00
|
|
|
__u32 index = 0;
|
|
|
|
|
__u32 *local_ip;
|
selftests/bpf: Add -Wuninitialized flag to bpf prog flags
Per C99 standard [0], Section 6.7.8, Paragraph 10:
If an object that has automatic storage duration is not initialized
explicitly, its value is indeterminate.
And in the same document, in appendix "J.2 Undefined behavior":
The behavior is undefined in the following circumstances:
[...]
The value of an object with automatic storage duration is used while
it is indeterminate (6.2.4, 6.7.8, 6.8).
This means that use of an uninitialized stack variable is undefined
behavior, and therefore that clang can choose to do a variety of scary
things, such as not generating bytecode for "bunch of useful code" in
the below example:
void some_func()
{
int i;
if (!i)
return;
// bunch of useful code
}
To add insult to injury, if some_func above is a helper function for
some BPF program, clang can choose to not generate an "exit" insn,
causing verifier to fail with "last insn is not an exit or jmp". Going
from that verification failure to the root cause of uninitialized use
is certain to be frustrating.
This patch adds -Wuninitialized to the cflags for selftest BPF progs and
fixes up existing instances of uninitialized use.
[0]: https://www.open-std.org/jtc1/sc22/WG14/www/docs/n1256.pdf
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Cc: David Vernet <void@manifault.com>
Cc: Tejun Heo <tj@kernel.org>
Acked-by: David Vernet <void@manifault.com>
Link: https://lore.kernel.org/r/20230303005500.1614874-1-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2023-03-02 16:55:00 -08:00
|
|
|
int ret = 0;
|
2022-04-30 15:48:43 +08:00
|
|
|
|
|
|
|
|
local_ip = bpf_map_lookup_elem(&local_ip_map, &index);
|
|
|
|
|
if (!local_ip) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
2022-04-30 15:48:43 +08:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
|
2022-08-31 17:40:10 +03:00
|
|
|
BPF_F_TUNINFO_IPV6 | BPF_F_TUNINFO_FLAGS);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-31 17:40:10 +03:00
|
|
|
if (bpf_ntohl(key.local_ipv6[3]) != *local_ip ||
|
|
|
|
|
!(key.tunnel_flags & TUNNEL_KEY) ||
|
|
|
|
|
!(key.tunnel_flags & TUNNEL_CSUM)) {
|
|
|
|
|
bpf_printk("ip6vxlan key %d local ip6 ::%x remote ip6 ::%x label 0x%x flags 0x%x\n",
|
2022-04-30 15:48:44 +08:00
|
|
|
key.tunnel_id, bpf_ntohl(key.local_ipv6[3]),
|
2022-08-31 17:40:10 +03:00
|
|
|
bpf_ntohl(key.remote_ipv6[3]), key.tunnel_label,
|
|
|
|
|
bpf_ntohs(key.tunnel_flags));
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("local_ip 0x%x\n", *local_ip);
|
|
|
|
|
log_err(ret);
|
2022-04-30 15:48:43 +08:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int geneve_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
2021-04-14 22:16:39 +08:00
|
|
|
int ret;
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct geneve_opt gopt;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
key.tunnel_id = 2;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&gopt, 0x0, sizeof(gopt));
|
|
|
|
|
gopt.opt_class = bpf_htons(0x102); /* Open Virtual Networking (OVN) */
|
|
|
|
|
gopt.type = 0x08;
|
|
|
|
|
gopt.r1 = 0;
|
|
|
|
|
gopt.r2 = 0;
|
|
|
|
|
gopt.r3 = 0;
|
|
|
|
|
gopt.length = 2; /* 4-byte multiple */
|
|
|
|
|
*(int *) &gopt.opt_data = bpf_htonl(0xdeadbeef);
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_ZERO_CSUM_TX);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_opt(skb, &gopt, sizeof(gopt));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int geneve_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct geneve_opt gopt;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_opt(skb, &gopt, sizeof(gopt));
|
2021-02-24 16:14:03 +08:00
|
|
|
if (ret < 0)
|
|
|
|
|
gopt.opt_class = 0;
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("key %d remote ip 0x%x geneve class 0x%x\n",
|
|
|
|
|
key.tunnel_id, key.remote_ipv4, gopt.opt_class);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6geneve_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct geneve_opt gopt;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
|
|
|
|
key.tunnel_id = 22;
|
|
|
|
|
key.tunnel_tos = 0;
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&gopt, 0x0, sizeof(gopt));
|
|
|
|
|
gopt.opt_class = bpf_htons(0x102); /* Open Virtual Networking (OVN) */
|
|
|
|
|
gopt.type = 0x08;
|
|
|
|
|
gopt.r1 = 0;
|
|
|
|
|
gopt.r2 = 0;
|
|
|
|
|
gopt.r3 = 0;
|
|
|
|
|
gopt.length = 2; /* 4-byte multiple */
|
|
|
|
|
*(int *) &gopt.opt_data = bpf_htonl(0xfeedbeef);
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_opt(skb, &gopt, sizeof(gopt));
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6geneve_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
struct geneve_opt gopt;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_opt(skb, &gopt, sizeof(gopt));
|
2021-03-09 11:22:14 +08:00
|
|
|
if (ret < 0)
|
|
|
|
|
gopt.opt_class = 0;
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("key %d remote ip 0x%x geneve class 0x%x\n",
|
|
|
|
|
key.tunnel_id, key.remote_ipv4, gopt.opt_class);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ipip_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key = {};
|
|
|
|
|
void *data = (void *)(long)skb->data;
|
|
|
|
|
struct iphdr *iph = data;
|
|
|
|
|
void *data_end = (void *)(long)skb->data_end;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
/* single length check */
|
2020-11-10 09:50:12 +08:00
|
|
|
if (data + sizeof(*iph) > data_end) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(1);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
if (iph->protocol == IPPROTO_ICMP) {
|
|
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ipip_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("remote ip 0x%x\n", key.remote_ipv4);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-07 15:38:55 +02:00
|
|
|
SEC("tc")
|
|
|
|
|
int ipip_gue_set_tunnel(struct __sk_buff *skb)
|
|
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key = {};
|
|
|
|
|
struct bpf_fou_encap encap = {};
|
|
|
|
|
void *data = (void *)(long)skb->data;
|
|
|
|
|
struct iphdr *iph = data;
|
|
|
|
|
void *data_end = (void *)(long)skb->data_end;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
if (data + sizeof(*iph) > data_end) {
|
|
|
|
|
log_err(1);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
if (iph->protocol == IPPROTO_ICMP)
|
|
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
encap.sport = 0;
|
|
|
|
|
encap.dport = bpf_htons(5555);
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_fou_encap(skb, &encap, FOU_BPF_ENCAP_GUE);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SEC("tc")
|
|
|
|
|
int ipip_fou_set_tunnel(struct __sk_buff *skb)
|
|
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key = {};
|
|
|
|
|
struct bpf_fou_encap encap = {};
|
|
|
|
|
void *data = (void *)(long)skb->data;
|
|
|
|
|
struct iphdr *iph = data;
|
|
|
|
|
void *data_end = (void *)(long)skb->data_end;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
if (data + sizeof(*iph) > data_end) {
|
|
|
|
|
log_err(1);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
if (iph->protocol == IPPROTO_ICMP)
|
|
|
|
|
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
encap.sport = 0;
|
|
|
|
|
encap.dport = bpf_htons(5555);
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_fou_encap(skb, &encap, FOU_BPF_ENCAP_FOU);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SEC("tc")
|
|
|
|
|
int ipip_encap_get_tunnel(struct __sk_buff *skb)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key = {};
|
|
|
|
|
struct bpf_fou_encap encap = {};
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_fou_encap(skb, &encap);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
log_err(ret);
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (bpf_ntohs(encap.dport) != 5555)
|
|
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
|
|
|
|
|
bpf_printk("%d remote ip 0x%x, sport %d, dport %d\n", ret,
|
|
|
|
|
key.remote_ipv4, bpf_ntohs(encap.sport),
|
|
|
|
|
bpf_ntohs(encap.dport));
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ipip6_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key = {};
|
|
|
|
|
void *data = (void *)(long)skb->data;
|
|
|
|
|
struct iphdr *iph = data;
|
|
|
|
|
void *data_end = (void *)(long)skb->data_end;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
/* single length check */
|
2020-11-10 09:50:12 +08:00
|
|
|
if (data + sizeof(*iph) > data_end) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(1);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__builtin_memset(&key, 0x0, sizeof(key));
|
|
|
|
|
key.tunnel_ttl = 64;
|
2020-11-10 09:50:12 +08:00
|
|
|
if (iph->protocol == IPPROTO_ICMP) {
|
|
|
|
|
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
|
|
|
|
}
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ipip6_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("remote ip6 %x::%x\n", bpf_htonl(key.remote_ipv6[0]),
|
|
|
|
|
bpf_htonl(key.remote_ipv6[3]));
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6ip6_set_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_tunnel_key key = {};
|
|
|
|
|
void *data = (void *)(long)skb->data;
|
|
|
|
|
struct ipv6hdr *iph = data;
|
|
|
|
|
void *data_end = (void *)(long)skb->data_end;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
/* single length check */
|
2020-11-10 09:50:12 +08:00
|
|
|
if (data + sizeof(*iph) > data_end) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(1);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
key.tunnel_ttl = 64;
|
|
|
|
|
if (iph->nexthdr == 58 /* NEXTHDR_ICMP */) {
|
2020-11-10 09:50:12 +08:00
|
|
|
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int ip6ip6_get_tunnel(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bpf_tunnel_key key;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
|
|
|
|
|
BPF_F_TUNINFO_IPV6);
|
|
|
|
|
if (ret < 0) {
|
2022-04-30 15:48:44 +08:00
|
|
|
log_err(ret);
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_SHOT;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("remote ip6 %x::%x\n", bpf_htonl(key.remote_ipv6[0]),
|
|
|
|
|
bpf_htonl(key.remote_ipv6[3]));
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 15:48:43 +08:00
|
|
|
SEC("tc")
|
|
|
|
|
int xfrm_get_state(struct __sk_buff *skb)
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
{
|
|
|
|
|
struct bpf_xfrm_state x;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
ret = bpf_skb_get_xfrm_state(skb, 0, &x, sizeof(x), 0);
|
|
|
|
|
if (ret < 0)
|
|
|
|
|
return TC_ACT_OK;
|
|
|
|
|
|
2022-04-30 15:48:44 +08:00
|
|
|
bpf_printk("reqid %d spi 0x%x remote ip 0x%x\n",
|
|
|
|
|
x.reqid, bpf_ntohl(x.spi),
|
|
|
|
|
bpf_ntohl(x.remote_ipv4));
|
selftests/bpf: bpf tunnel test.
The patch migrates the original tests at samples/bpf/tcbpf2_kern.c
and samples/bpf/test_tunnel_bpf.sh to selftests. There are a couple
changes from the original:
1) add ipv6 vxlan, ipv6 geneve, ipv6 ipip tests
2) simplify the original ipip tests (remove iperf tests)
3) improve documentation
4) use bpf_ntoh* and bpf_hton* api
In summary, 'test_tunnel_kern.o' contains the following bpf program:
GRE: gre_set_tunnel, gre_get_tunnel
IP6GRE: ip6gretap_set_tunnel, ip6gretap_get_tunnel
ERSPAN: erspan_set_tunnel, erspan_get_tunnel
IP6ERSPAN: ip4ip6erspan_set_tunnel, ip4ip6erspan_get_tunnel
VXLAN: vxlan_set_tunnel, vxlan_get_tunnel
IP6VXLAN: ip6vxlan_set_tunnel, ip6vxlan_get_tunnel
GENEVE: geneve_set_tunnel, geneve_get_tunnel
IP6GENEVE: ip6geneve_set_tunnel, ip6geneve_get_tunnel
IPIP: ipip_set_tunnel, ipip_get_tunnel
IP6IP: ipip6_set_tunnel, ipip6_get_tunnel,
ip6ip6_set_tunnel, ip6ip6_get_tunnel
XFRM: xfrm_get_state
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-04-26 14:01:39 -07:00
|
|
|
return TC_ACT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char _license[] SEC("license") = "GPL";
|