From owner-dev-commits-src-branches@freebsd.org Tue Sep 7 21:12:55 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 30EA766C78D; Tue, 7 Sep 2021 21:12:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4H3yfD4t8Hz4VjD; Tue, 7 Sep 2021 21:12:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 61A1319BB9; Tue, 7 Sep 2021 21:12:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 187LCqDV024009; Tue, 7 Sep 2021 21:12:52 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 187LCqJ2024008; Tue, 7 Sep 2021 21:12:52 GMT (envelope-from git) Date: Tue, 7 Sep 2021 21:12:52 GMT Message-Id: <202109072112.187LCqJ2024008@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: "Alexander V. Chernikov" Subject: git: b17ecfd3a7e7 - stable/13 - routing: add IPv6 fib validation procedure. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: melifaro X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: b17ecfd3a7e7945fe27d1f57abf2825450e78a60 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Sep 2021 21:12:55 -0000 The branch stable/13 has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=b17ecfd3a7e7945fe27d1f57abf2825450e78a60 commit b17ecfd3a7e7945fe27d1f57abf2825450e78a60 Author: Alexander V. Chernikov AuthorDate: 2021-08-16 23:02:29 +0000 Commit: Alexander V. Chernikov CommitDate: 2021-09-07 21:02:58 +0000 routing: add IPv6 fib validation procedure. Allow consistency validation of the inet6 fib based on rib data. Validation can be kicked off by loading test_lookup module and running sysctl net.route.test.run_inet6_scan=1 (cherry picked from commit cbfba56c45ab77303a3e25a82cf750043849760b) --- sys/tests/fib_lookup/fib_lookup.c | 232 +++++++++++++++++++++++++++++++++++++- 1 file changed, 231 insertions(+), 1 deletion(-) diff --git a/sys/tests/fib_lookup/fib_lookup.c b/sys/tests/fib_lookup/fib_lookup.c index 55d2f3d4a4df..975644607409 100644 --- a/sys/tests/fib_lookup/fib_lookup.c +++ b/sys/tests/fib_lookup/fib_lookup.c @@ -319,7 +319,44 @@ cmp_dst(uint32_t fibnum, struct in_addr a) printf("[RT BUG] lookup for %s: RIB: %s/%d,nh=%u FIB: nh=%u\n", key_str, dst_str, plen, nhop_get_idx(nhop_select(rnd.rnd_nhop, 0)), - nhop_get_idx(nh_fib)); + nh_fib ? nhop_get_idx(nh_fib) : 0); + } + + return (false); +} + +static bool +cmp_dst6(uint32_t fibnum, const struct in6_addr *a) +{ + struct nhop_object *nh_fib; + struct rtentry *rt; + struct route_nhop_data rnd = {}; + + nh_fib = fib6_lookup(fibnum, a, 0, NHR_NONE, 0); + rt = fib6_lookup_rt(fibnum, a, 0, NHR_NONE, &rnd); + + if (nh_fib == NULL && rt == NULL) { + return (true); + } else if (nh_fib == nhop_select(rnd.rnd_nhop, 0)) { + return (true); + } + + struct in6_addr dst; + int plen; + uint32_t scopeid; + char key_str[INET6_ADDRSTRLEN], dst_str[INET6_ADDRSTRLEN]; + + inet_ntop(AF_INET6, a, key_str, sizeof(key_str)); + if (rnd.rnd_nhop == NULL) { + printf("[RT BUG] lookup for %s: RIB: ENOENT FIB: nh=%u\n", + key_str, nhop_get_idx(nh_fib)); + } else { + rt_get_inet6_prefix_plen(rt, &dst, &plen, &scopeid); + inet_ntop(AF_INET6, &dst, dst_str, sizeof(dst_str)); + printf("[RT BUG] lookup for %s: RIB: %s/%d,nh=%u FIB: nh=%u\n", + key_str, dst_str, plen, + nhop_get_idx(nhop_select(rnd.rnd_nhop, 0)), + nh_fib ? nhop_get_idx(nh_fib) : 0); } return (false); @@ -519,6 +556,199 @@ SYSCTL_PROC(_net_route_test, OID_AUTO, run_inet_scan, CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 0, run_test_inet_scan, "I", "Execute fib4_lookup scan tests"); +struct inet6_array { + uint32_t alloc_items; + uint32_t num_items; + uint32_t rnh_prefixes; + int error; + struct in6_addr *arr; +}; + +static bool +safe_add(uint32_t *v, uint32_t inc) +{ + if (*v < (UINT32_MAX - inc)) { + *v += inc; + return (true); + } else { + *v -= (UINT32_MAX - inc + 1); + return (false); + } +} + +static bool +safe_dec(uint32_t *v, uint32_t inc) +{ + if (*v >= inc) { + *v -= inc; + return (true); + } else { + *v += (UINT32_MAX - inc + 1); + return (false); + } +} + +static void +inc_prefix6(struct in6_addr *addr, int inc) +{ + for (int i = 0; i < 4; i++) { + uint32_t v = ntohl(addr->s6_addr32[3 - i]); + bool ret = safe_add(&v, inc); + addr->s6_addr32[3 - i] = htonl(v); + if (ret) + return; + inc = 1; + } +} + +static void +dec_prefix6(struct in6_addr *addr, int dec) +{ + for (int i = 0; i < 4; i++) { + uint32_t v = ntohl(addr->s6_addr32[3 - i]); + bool ret = safe_dec(&v, dec); + addr->s6_addr32[3 - i] = htonl(v); + if (ret) + return; + dec = 1; + } +} + +static void +ipv6_writemask(struct in6_addr *addr6, uint8_t mask) +{ + uint32_t *cp; + + for (cp = (uint32_t *)addr6; mask >= 32; mask -= 32) + *cp++ = 0xFFFFFFFF; + if (mask > 0) + *cp = htonl(mask ? ~((1 << (32 - mask)) - 1) : 0); +} + +/* + * For each prefix, add the following records to the lookup array: + * * prefix-1, prefix, prefix + 1, prefix_end, prefix_end + 1 + */ +static int +add_prefix6(struct rtentry *rt, void *_data) +{ + struct inet6_array *pa = (struct inet6_array *)_data; + struct in6_addr addr, naddr; + int plen; + uint32_t scopeid; + + pa->rnh_prefixes++; + + if (pa->num_items + 5 >= pa->alloc_items) { + if (pa->error == 0) + pa->error = ENOSPC; + return (0); + } + + rt_get_inet6_prefix_plen(rt, &addr, &plen, &scopeid); + + pa->arr[pa->num_items++] = addr; + if (!IN6_ARE_ADDR_EQUAL(&addr, &in6addr_any)) { + naddr = addr; + dec_prefix6(&naddr, 1); + pa->arr[pa->num_items++] = naddr; + naddr = addr; + inc_prefix6(&naddr, 1); + pa->arr[pa->num_items++] = naddr; + + /* assume mask != 0 */ + struct in6_addr mask6; + ipv6_writemask(&mask6, plen); + naddr = addr; + for (int i = 0; i < 3; i++) + naddr.s6_addr32[i] = htonl(ntohl(naddr.s6_addr32[i]) | ~ntohl(mask6.s6_addr32[i])); + + pa->arr[pa->num_items++] = naddr; + inc_prefix6(&naddr, 1); + pa->arr[pa->num_items++] = naddr; + } + + return (0); +} + +static bool +prepare_list6(uint32_t fibnum, struct inet6_array *pa) +{ + struct rib_head *rh; + + rh = rt_tables_get_rnh(fibnum, AF_INET6); + + uint32_t num_prefixes = rh->rnh_prefixes; + bzero(pa, sizeof(struct inet6_array)); + pa->alloc_items = (num_prefixes + 10) * 5; + pa->arr = mallocarray(pa->alloc_items, sizeof(struct in6_addr), + M_TEMP, M_ZERO | M_WAITOK); + + rib_walk(fibnum, AF_INET6, false, add_prefix6, pa); + + if (pa->error != 0) { + printf("prefixes: old: %u, current: %u, walked: %u, allocated: %u\n", + num_prefixes, rh->rnh_prefixes, pa->rnh_prefixes, pa->alloc_items); + } + + return (pa->error == 0); +} + +static int +run_test_inet6_scan(SYSCTL_HANDLER_ARGS) +{ + struct epoch_tracker et; + + int count = 0; + int error = sysctl_handle_int(oidp, &count, 0, req); + if (error != 0) + return (error); + + if (count == 0) + return (0); + + struct inet6_array pa = {}; + uint32_t fibnum = curthread->td_proc->p_fibnum; + + if (!prepare_list6(fibnum, &pa)) + return (pa.error); + + struct timespec ts_pre, ts_post; + int64_t total_diff = 1; + uint64_t total_packets = 0; + int failure_count = 0; + + NET_EPOCH_ENTER(et); + nanouptime(&ts_pre); + for (int i = 0; i < pa.num_items; i++) { + if (!cmp_dst6(fibnum, &pa.arr[i])) { + failure_count++; + } + total_packets++; + } + nanouptime(&ts_post); + NET_EPOCH_EXIT(et); + + if (pa.arr != NULL) + free(pa.arr, M_TEMP); + + /* Signal error to userland */ + if (failure_count > 0) { + printf("[RT ERROR] total failures: %d\n", failure_count); + return (EINVAL); + } + + total_diff = (ts_post.tv_sec - ts_pre.tv_sec) * 1000000000 + + (ts_post.tv_nsec - ts_pre.tv_nsec); + printf("%zu packets in %zu nanoseconds, %zu pps\n", + total_packets, total_diff, total_packets * 1000000000 / total_diff); + + return (0); +} +SYSCTL_PROC(_net_route_test, OID_AUTO, run_inet6_scan, + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + 0, 0, run_test_inet6_scan, "I", "Execute fib6_lookup scan tests"); + #define LPS_SEQ 0x1 #define LPS_ANN 0x2 #define LPS_REP 0x4