selftests/bpf: Add checks in tc_tunnel when entering net namespaces

+85 -43

1 changed file

expand all

tools

testing

selftests

bpf

prog_tests

test_tc_tunnel.c

+85 -43

tools/testing/selftests/bpf/prog_tests/test_tc_tunnel.c

··· 133 133 134 134 static int run_server(struct subtest_cfg *cfg) 135 135 { 136 - struct nstoken *nstoken = open_netns(SERVER_NS); 137 136 int family = cfg->ipproto == 6 ? AF_INET6 : AF_INET; 137 + struct nstoken *nstoken; 138 + 139 + nstoken = open_netns(SERVER_NS); 140 + if (!ASSERT_OK_PTR(nstoken, "open server ns")) 141 + return -1; 138 142 139 143 cfg->server_fd = start_reuseport_server(family, SOCK_STREAM, 140 144 cfg->server_addr, TEST_PORT, ··· 323 319 static int configure_kernel_decapsulation(struct subtest_cfg *cfg) 324 320 { 325 321 struct nstoken *nstoken = open_netns(SERVER_NS); 322 + int ret = -1; 323 + 324 + if (!ASSERT_OK_PTR(nstoken, "open server ns")) 325 + return ret; 326 326 327 327 if (cfg->configure_fou_rx_port && 328 328 !ASSERT_OK(add_fou_rx_port(cfg), "configure FOU RX port")) ··· 345 337 SYS(fail, "sysctl -qw net.ipv4.conf.all.rp_filter=0"); 346 338 SYS(fail, "sysctl -qw net.ipv4.conf.testtun0.rp_filter=0"); 347 339 SYS(fail, "ip link set dev testtun0 up"); 348 - close_netns(nstoken); 349 - return 0; 340 + 341 + ret = 0; 350 342 fail: 351 343 close_netns(nstoken); 352 - return -1; 344 + return ret; 353 345 } 354 346 355 347 static void remove_kernel_decapsulation(struct subtest_cfg *cfg) ··· 364 356 static int configure_ebpf_decapsulation(struct subtest_cfg *cfg) 365 357 { 366 358 struct nstoken *nstoken = open_netns(SERVER_NS); 359 + int ret = -1; 360 + 361 + if (!ASSERT_OK_PTR(nstoken, "open server ns")) 362 + return ret; 367 363 368 364 if (!cfg->expect_kern_decap_failure) 369 365 SYS(fail, "ip link del testtun0"); ··· 375 363 if (!ASSERT_OK(tc_prog_attach("veth2", cfg->server_ingress_prog_fd, -1), 376 364 "attach_program")) 377 365 goto fail; 378 - close_netns(nstoken); 379 - return 0; 366 + 367 + ret = 0; 380 368 fail: 381 369 close_netns(nstoken); 382 - return -1; 370 + return ret; 383 371 } 384 372 385 373 static void run_test(struct subtest_cfg *cfg) 386 374 { 387 375 struct nstoken *nstoken = open_netns(CLIENT_NS); 376 + 377 + if (!ASSERT_OK_PTR(nstoken, "open client ns")) 378 + return; 388 379 389 380 if (!ASSERT_OK(run_server(cfg), "run server")) 390 381 goto fail; ··· 422 407 423 408 static int setup(void) 424 409 { 425 - struct nstoken *nstoken = NULL; 410 + struct nstoken *nstoken_client, *nstoken_server; 426 411 int fd, err; 427 412 428 413 fd = open("/dev/urandom", O_RDONLY); ··· 439 424 !ASSERT_OK(make_netns(SERVER_NS), "create server ns")) 440 425 goto fail; 441 426 442 - nstoken = open_netns(CLIENT_NS); 443 - SYS(fail, "ip link add %s type veth peer name %s", 427 + nstoken_client = open_netns(CLIENT_NS); 428 + if (!ASSERT_OK_PTR(nstoken_client, "open client ns")) 429 + goto fail_delete_ns; 430 + SYS(fail_close_ns_client, "ip link add %s type veth peer name %s", 444 431 "veth1 mtu 1500 netns " CLIENT_NS " address " MAC_ADDR_VETH1, 445 432 "veth2 mtu 1500 netns " SERVER_NS " address " MAC_ADDR_VETH2); 446 - SYS(fail, "ethtool -K veth1 tso off"); 447 - SYS(fail, "ip link set veth1 up"); 448 - close_netns(nstoken); 449 - nstoken = open_netns(SERVER_NS); 450 - SYS(fail, "ip link set veth2 up"); 451 - close_netns(nstoken); 433 + SYS(fail_close_ns_client, "ethtool -K veth1 tso off"); 434 + SYS(fail_close_ns_client, "ip link set veth1 up"); 435 + nstoken_server = open_netns(SERVER_NS); 436 + if (!ASSERT_OK_PTR(nstoken_server, "open server ns")) 437 + goto fail_close_ns_client; 438 + SYS(fail_close_ns_server, "ip link set veth2 up"); 452 439 440 + close_netns(nstoken_server); 441 + close_netns(nstoken_client); 453 442 return 0; 443 + 444 + fail_close_ns_server: 445 + close_netns(nstoken_server); 446 + fail_close_ns_client: 447 + close_netns(nstoken_client); 448 + fail_delete_ns: 449 + SYS_NOFAIL("ip netns del " CLIENT_NS); 450 + SYS_NOFAIL("ip netns del " SERVER_NS); 454 451 fail: 455 - close_netns(nstoken); 456 - return 1; 452 + return -1; 457 453 } 458 454 459 455 static int subtest_setup(struct test_tc_tunnel *skel, struct subtest_cfg *cfg) 460 456 { 461 - struct nstoken *nstoken; 457 + struct nstoken *nstoken_client, *nstoken_server; 458 + int ret = -1; 462 459 463 460 set_subtest_addresses(cfg); 464 461 if (!ASSERT_OK(set_subtest_progs(cfg, skel), 465 462 "find subtest progs")) 466 - return -1; 463 + goto fail; 467 464 if (cfg->extra_decap_mod_args_cb) 468 465 cfg->extra_decap_mod_args_cb(cfg, cfg->extra_decap_mod_args); 469 466 470 - nstoken = open_netns(CLIENT_NS); 471 - SYS(fail, "ip -4 addr add " IP4_ADDR_VETH1 "/24 dev veth1"); 472 - SYS(fail, "ip -4 route flush table main"); 473 - SYS(fail, "ip -4 route add " IP4_ADDR_VETH2 " mtu 1450 dev veth1"); 474 - SYS(fail, "ip -6 addr add " IP6_ADDR_VETH1 "/64 dev veth1 nodad"); 475 - SYS(fail, "ip -6 route flush table main"); 476 - SYS(fail, "ip -6 route add " IP6_ADDR_VETH2 " mtu 1430 dev veth1"); 477 - close_netns(nstoken); 467 + nstoken_client = open_netns(CLIENT_NS); 468 + if (!ASSERT_OK_PTR(nstoken_client, "open client ns")) 469 + goto fail; 470 + SYS(fail_close_client_ns, 471 + "ip -4 addr add " IP4_ADDR_VETH1 "/24 dev veth1"); 472 + SYS(fail_close_client_ns, "ip -4 route flush table main"); 473 + SYS(fail_close_client_ns, 474 + "ip -4 route add " IP4_ADDR_VETH2 " mtu 1450 dev veth1"); 475 + SYS(fail_close_client_ns, 476 + "ip -6 addr add " IP6_ADDR_VETH1 "/64 dev veth1 nodad"); 477 + SYS(fail_close_client_ns, "ip -6 route flush table main"); 478 + SYS(fail_close_client_ns, 479 + "ip -6 route add " IP6_ADDR_VETH2 " mtu 1430 dev veth1"); 480 + nstoken_server = open_netns(SERVER_NS); 481 + if (!ASSERT_OK_PTR(nstoken_server, "open server ns")) 482 + goto fail_close_client_ns; 483 + SYS(fail_close_server_ns, 484 + "ip -4 addr add " IP4_ADDR_VETH2 "/24 dev veth2"); 485 + SYS(fail_close_server_ns, 486 + "ip -6 addr add " IP6_ADDR_VETH2 "/64 dev veth2 nodad"); 478 487 479 - nstoken = open_netns(SERVER_NS); 480 - SYS(fail, "ip -4 addr add " IP4_ADDR_VETH2 "/24 dev veth2"); 481 - SYS(fail, "ip -6 addr add " IP6_ADDR_VETH2 "/64 dev veth2 nodad"); 482 - close_netns(nstoken); 488 + ret = 0; 483 489 484 - return 0; 490 + fail_close_server_ns: 491 + close_netns(nstoken_server); 492 + fail_close_client_ns: 493 + close_netns(nstoken_client); 485 494 fail: 486 - close_netns(nstoken); 487 - return -1; 495 + return ret; 488 496 } 489 497 490 498 ··· 516 478 struct nstoken *nstoken; 517 479 518 480 nstoken = open_netns(CLIENT_NS); 519 - SYS_NOFAIL("tc qdisc delete dev veth1 parent ffff:fff1"); 520 - SYS_NOFAIL("ip a flush veth1"); 521 - close_netns(nstoken); 481 + if (ASSERT_OK_PTR(nstoken, "open clien ns")) { 482 + SYS_NOFAIL("tc qdisc delete dev veth1 parent ffff:fff1"); 483 + SYS_NOFAIL("ip a flush veth1"); 484 + close_netns(nstoken); 485 + } 522 486 nstoken = open_netns(SERVER_NS); 523 - SYS_NOFAIL("tc qdisc delete dev veth2 parent ffff:fff1"); 524 - SYS_NOFAIL("ip a flush veth2"); 525 - if (!cfg->expect_kern_decap_failure) 526 - remove_kernel_decapsulation(cfg); 527 - close_netns(nstoken); 487 + if (ASSERT_OK_PTR(nstoken, "open clien ns")) { 488 + SYS_NOFAIL("tc qdisc delete dev veth2 parent ffff:fff1"); 489 + SYS_NOFAIL("ip a flush veth2"); 490 + if (!cfg->expect_kern_decap_failure) 491 + remove_kernel_decapsulation(cfg); 492 + close_netns(nstoken); 493 + } 528 494 } 529 495 530 496 static void cleanup(void)

Configure Feed

Configure Feed