^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) #!/bin/bash
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) # SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) MY_DIR=$(dirname $0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) # Details on the bpf prog
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) BPF_CGRP2_ARRAY_NAME='test_cgrp2_array_pin'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) BPF_PROG="$MY_DIR/test_cgrp2_tc_kern.o"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) BPF_SECTION='filter'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) [ -z "$TC" ] && TC='tc'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) [ -z "$IP" ] && IP='ip'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) # Names of the veth interface, net namespace...etc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) HOST_IFC='ve'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) NS_IFC='vens'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) NS='ns'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) find_mnt() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) cat /proc/mounts | \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) awk '{ if ($3 == "'$1'" && mnt == "") { mnt = $2 }} END { print mnt }'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) # Init cgroup2 vars
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) init_cgrp2_vars() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) CGRP2_ROOT=$(find_mnt cgroup2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) if [ -z "$CGRP2_ROOT" ]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) CGRP2_ROOT='/mnt/cgroup2'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) MOUNT_CGRP2="yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) CGRP2_TC="$CGRP2_ROOT/tc"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) CGRP2_TC_LEAF="$CGRP2_TC/leaf"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) # Init bpf fs vars
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) init_bpf_fs_vars() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) local bpf_fs_root=$(find_mnt bpf)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) [ -n "$bpf_fs_root" ] || return -1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) BPF_FS_TC_SHARE="$bpf_fs_root/tc/globals"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) setup_cgrp2() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) case $1 in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) start)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) if [ "$MOUNT_CGRP2" == 'yes' ]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) [ -d $CGRP2_ROOT ] || mkdir -p $CGRP2_ROOT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) mount -t cgroup2 none $CGRP2_ROOT || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) mkdir -p $CGRP2_TC_LEAF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) *)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) rmdir $CGRP2_TC_LEAF && rmdir $CGRP2_TC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) [ "$MOUNT_CGRP2" == 'yes' ] && umount $CGRP2_ROOT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) esac
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) setup_bpf_cgrp2_array() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) local bpf_cgrp2_array="$BPF_FS_TC_SHARE/$BPF_CGRP2_ARRAY_NAME"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) case $1 in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) start)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) $MY_DIR/test_cgrp2_array_pin -U $bpf_cgrp2_array -v $CGRP2_TC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) *)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) [ -d "$BPF_FS_TC_SHARE" ] && rm -f $bpf_cgrp2_array
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) esac
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) setup_net() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) case $1 in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) start)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) $IP link add $HOST_IFC type veth peer name $NS_IFC || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) $IP link set dev $HOST_IFC up || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) sysctl -q net.ipv6.conf.$HOST_IFC.accept_dad=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) $IP netns add ns || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) $IP link set dev $NS_IFC netns ns || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) $IP -n $NS link set dev $NS_IFC up || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) $IP netns exec $NS sysctl -q net.ipv6.conf.$NS_IFC.accept_dad=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) $TC qdisc add dev $HOST_IFC clsact || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) $TC filter add dev $HOST_IFC egress bpf da obj $BPF_PROG sec $BPF_SECTION || return $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) *)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) $IP netns del $NS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) $IP link del $HOST_IFC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) esac
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) run_in_cgrp() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) # Fork another bash and move it under the specified cgroup.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) # It makes the cgroup cleanup easier at the end of the test.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) cmd='echo $$ > '
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) cmd="$cmd $1/cgroup.procs; exec $2"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) bash -c "$cmd"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) do_test() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) run_in_cgrp $CGRP2_TC_LEAF "ping -6 -c3 ff02::1%$HOST_IFC >& /dev/null"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) local dropped=$($TC -s qdisc show dev $HOST_IFC | tail -3 | \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) awk '/drop/{print substr($7, 0, index($7, ",")-1)}')
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) if [[ $dropped -eq 0 ]]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) echo "FAIL"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) return 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) echo "Successfully filtered $dropped packets"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) return 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) do_exit() {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) if [ "$DEBUG" == "yes" ] && [ "$MODE" != 'cleanuponly' ]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) echo "------ DEBUG ------"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) echo "mount: "; mount | egrep '(cgroup2|bpf)'; echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) echo "$CGRP2_TC_LEAF: "; ls -l $CGRP2_TC_LEAF; echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) if [ -d "$BPF_FS_TC_SHARE" ]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) echo "$BPF_FS_TC_SHARE: "; ls -l $BPF_FS_TC_SHARE; echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) echo "Host net:"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) $IP netns
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) $IP link show dev $HOST_IFC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) $IP -6 a show dev $HOST_IFC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) $TC -s qdisc show dev $HOST_IFC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) echo "$NS net:"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) $IP -n $NS link show dev $NS_IFC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) $IP -n $NS -6 link show dev $NS_IFC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) echo "------ DEBUG ------"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) if [ "$MODE" != 'nocleanup' ]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) setup_net stop
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) setup_bpf_cgrp2_array stop
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) setup_cgrp2 stop
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) init_cgrp2_vars
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) init_bpf_fs_vars
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) while [[ $# -ge 1 ]]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) a="$1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) case $a in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) debug)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) DEBUG='yes'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) shift 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) cleanup-only)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) MODE='cleanuponly'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) shift 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) no-cleanup)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) MODE='nocleanup'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) shift 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) *)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) echo "test_cgrp2_tc [debug] [cleanup-only | no-cleanup]"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) echo " debug: Print cgrp and network setup details at the end of the test"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) echo " cleanup-only: Try to cleanup things from last test. No test will be run"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) echo " no-cleanup: Run the test but don't do cleanup at the end"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) echo "[Note: If no arg is given, it will run the test and do cleanup at the end]"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) exit -1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) ;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) esac
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) trap do_exit 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) [ "$MODE" == 'cleanuponly' ] && exit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) setup_cgrp2 start || exit $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) setup_net start || exit $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) init_bpf_fs_vars || exit $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) setup_bpf_cgrp2_array start || exit $?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) do_test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) echo
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags