#!/usr/bin/env python3 import binascii import random import socket import os import threading import struct import copy import fcntl import time from struct import unpack, unpack_from try: import unittest2 as unittest except ImportError: import unittest from util import ppp, ppc from re import compile import scapy.compat from scapy.packet import Raw from scapy.layers.l2 import Ether from scapy.layers.inet import IP, UDP, ICMP from scapy.layers.ipsec import ESP import scapy.layers.inet6 as inet6 from scapy.layers.inet6 import IPv6, ICMPv6DestUnreach from scapy.contrib.ospf import OSPF_Hdr, OSPFv3_Hello from framework import VppTestCase, VppTestRunner from vpp_ip import DpoProto from vpp_ip_route import VppIpRoute, VppRoutePath from vpp_papi import VppEnum from vpp_ipsec_tun_interface import VppIpsecTunInterface NUM_PKTS = 67 class serverSocketThread(threading.Thread): """ Socket server thread""" def __init__(self, threadID, sockName): threading.Thread.__init__(self) self.threadID = threadID self.sockName = sockName self.sock = None self.rx_pkts = [] self.keep_running = True def rx_packets(self): # Wait for some packets on socket while self.keep_running: try: data = self.sock.recv(65536) # punt socket metadata # packet_desc = data[0:8] # Ethernet self.rx_pkts.append(Ether(data[8:])) except IOError as e: if e.errno == 11: # nothing to receive, sleep a little time.sleep(0.1) pass else: raise def run(self): self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM) try: os.unlink(self.sockName) except: pass self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 65536) self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 65536) fcntl.fcntl(self.sock, fcntl.F_SETFL, os.O_NONBLOCK) self.sock.bind(self.sockName) self.rx_packets() def close(self): self.sock.close() self.keep_running = False return self.rx_pkts class TestPuntSocket(VppTestCase): """ Punt Socket """ ports = [1111, 2222, 3333, 4444] sock_servers = list() # FIXME: nr_packets > 3 results in failure # nr_packets = 3 makes the test unstable nr_packets = 2 @classmethod def setUpClass(cls): super(TestPuntSocket, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestPuntSocket, cls).tearDownClass() @classmethod def setUpConstants(cls): cls.extra_vpp_punt_config = [ "punt", "{", "socket", cls.tempdir+"/socket_punt", "}"] super(TestPuntSocket, cls).setUpConstants() def setUp(self): super(TestPuntSocket, self).setUp() random.seed() self.create_pg_interfaces(range(2)) for i in self.pg_interfaces: i.admin_up() def tearDown(self): del self.sock_servers[:] super(TestPuntSocket, self).tearDown() def socket_client_create(self, sock_name, id=None): thread = serverSocketThread(id, sock_name) self.sock_servers.append(thread) thread.start() return thread def socket_client_close(self): rx_pkts = [] for thread in self.sock_servers: rx_pkts += thread.close() thread.join() return rx_pkts def verify_port(self, pr, vpr): self.assertEqual(vpr.punt.type, pr['type']) self.assertEqual(vpr.punt.punt.l4.port, pr['punt']['l4']['port']) self.assertEqual(vpr.punt.punt.l4.protocol, pr['punt']['l4']['protocol']) self.assertEqual(vpr.punt.punt.l4.af, pr['punt']['l4']['af']) def verify_exception(self, pr, vpr): self.assertEqual(vpr.punt.type, pr['type']) self.assertEqual(vpr.punt.punt.exception.id, pr['punt']['exception']['id']) def verify_ip_proto(self, pr, vpr): self.assertEqual(vpr.punt.type, pr['type']) self.assertEqual(vpr.punt.punt.ip_proto.af, pr['punt']['ip_proto']['af']) self.assertEqual(vpr.punt.punt.ip_proto.protocol, pr['punt']['ip_proto']['protocol']) def verify_udp_pkts(self, rxs, n_rx, port): n_match = 0 for rx in rxs: self.assertTrue(rx.haslayer(UDP)) if rx[UDP].dport == port: n_match += 1 self.assertEqual(n_match, n_rx) def set_port(pr, port): pr['punt']['l4']['port'] = port return pr def set_reason(pr, reason): pr['punt']['exception']['id'] = reason return pr def mk_vpp_cfg4(): pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip4 = VppEnum.vl_api_address_family_t.ADDRESS_IP4 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP punt_l4 = { 'type': pt_l4, 'punt': { 'l4': { 'af': af_ip4, 'protocol': udp_proto } } } return punt_l4 def mk_vpp_cfg6(): pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip6 = VppEnum.vl_api_address_family_t.ADDRESS_IP6 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP punt_l4 = { 'type': pt_l4, 'punt': { 'l4': { 'af': af_ip6, 'protocol': udp_proto } } } return punt_l4 class TestIP4PuntSocket(TestPuntSocket): """ Punt Socket for IPv4 UDP """ @classmethod def setUpClass(cls): super(TestIP4PuntSocket, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIP4PuntSocket, cls).tearDownClass() def setUp(self): super(TestIP4PuntSocket, self).setUp() for i in self.pg_interfaces: i.config_ip4() i.resolve_arp() def tearDown(self): super(TestIP4PuntSocket, self).tearDown() for i in self.pg_interfaces: i.unconfig_ip4() i.admin_down() def test_punt_socket_dump(self): """ Punt socket registration/deregistration""" pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip4 = VppEnum.vl_api_address_family_t.ADDRESS_IP4 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) # # configure a punt socket # punt_l4 = mk_vpp_cfg4() self.vapi.punt_socket_register(set_port(punt_l4, 1111), "%s/socket_punt_1111" % self.tempdir) self.vapi.punt_socket_register(set_port(punt_l4, 2222), "%s/socket_punt_2222" % self.tempdir) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 2) self.verify_port(set_port(punt_l4, 1111), punts[0]) self.verify_port(set_port(punt_l4, 2222), punts[1]) # # deregister a punt socket # self.vapi.punt_socket_deregister(set_port(punt_l4, 1111)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 1) # # configure a punt socket again # self.vapi.punt_socket_register(set_port(punt_l4, 1111), "%s/socket_punt_1111" % self.tempdir) self.vapi.punt_socket_register(set_port(punt_l4, 3333), "%
# Copyright (c) 2018 Cisco and/or its affiliates.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

##############################################################################
# Cache line size detection
##############################################################################
if(CMAKE_CROSSCOMPILING)
  message(STATUS "Cross-compiling - cache line size detection disabled")
  set(VPP_LOG2_CACHE_LINE_SIZE 6)
elseif(DEFINED VPP_LOG2_CACHE_LINE_SIZE)
  # Cache line size assigned via cmake args
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "^(aarch64.*|AARCH64.*)")
  file(READ "/proc/cpuinfo" cpuinfo)
  string(REPLACE "\n" ";" cpuinfo ${cpuinfo})
  foreach(l ${cpuinfo})
    string(REPLACE ":" ";" l ${l})
    list(GET l 0 name)
    list(GET l 1 value)
    string(STRIP ${name} name)
    string(STRIP ${value} value)
    if(${name} STREQUAL "CPU implementer")
      set(CPU_IMPLEMENTER ${value})
    endif()
    if(${name} STREQUAL "CPU part")
      set(CPU_PART ${value})
    endif()
  endforeach()
  # Implementer 0x43 - Cavium
  #  Part 0x0af - ThunderX2 is 64B, rest all are 128B
  if (${CPU_IMPLEMENTER} STREQUAL "0x43")
    if (${CPU_PART} STREQUAL "0x0af")
      set(VPP_LOG2_CACHE_LINE_SIZE 6)
    else()
      set(VPP_LOG2_CACHE_LINE_SIZE 7)
    endif()
  else()
      set(VPP_LOG2_CACHE_LINE_SIZE 6)
  endif()
  math(EXPR VPP_CACHE_LINE_SIZE "1 << ${VPP_LOG2_CACHE_LINE_SIZE}")
  message(STATUS "ARM AArch64 CPU implementer ${CPU_IMPLEMENTER} part ${CPU_PART} cacheline size ${VPP_CACHE_LINE_SIZE}")
else()
  set(VPP_LOG2_CACHE_LINE_SIZE 6)
endif()

set(VPP_LOG2_CACHE_LINE_SIZE ${VPP_LOG2_CACHE_LINE_SIZE}
    CACHE STRING "Target CPU cache line size (power of 2)")

##############################################################################
# CPU optimizations and multiarch support
##############################################################################
if(CMAKE_SYSTEM_PROCESSOR MATCHES "amd64.*|x86_64.*|AMD64.*")
  set(CMAKE_C_FLAGS "-march=corei7 -mtune=corei7-avx ${CMAKE_C_FLAGS}")
  check_c_compiler_flag("-march=core-avx2" compiler_flag_march_core_avx2)
  if(compiler_flag_march_core_avx2)
    list(APPEND MARCH_VARIANTS "avx2\;-march=core-avx2 -mtune=core-avx2")
  endif()
  check_c_compiler_flag("-march=skylake-avx512" compiler_flag_march_skylake_avx512)
  if(compiler_flag_march_skylake_avx512)
    list(APPEND MARCH_VARIANTS "avx512\;-march=skylake-avx512 -mtune=skylake-avx512")
  endif()
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "^(aarch64.*|AARCH64.*)")
  set(CMAKE_C_FLAGS "-march=armv8-a+crc ${CMAKE_C_FLAGS}")
  check_c_compiler_flag("-march=armv8-a+crc+crypto -mtune=qdf24xx" compiler_flag_march_core_qdf24xx)
  if(compiler_flag_march_core_qdf24xx)
    list(APPEND MARCH_VARIANTS "qdf24xx\;-march=armv8-a+crc+crypto -DCLIB_N_PREFETCHES=8")
  endif()
  check_c_compiler_flag("-march=armv8.1-a+crc+crypto -mtune=thunderx2t99" compiler_flag_march_thunderx2t99)
  if(compiler_flag_march_thunderx2t99)
    if (CMAKE_C_COMPILER_VERSION VERSION_GREATER 7.3)
      list(APPEND MARCH_VARIANTS "thunderx2t99\;-march=armv8.1-a+crc+crypto -mtune=thunderx2t99 -DCLIB_N_PREFETCHES=8")
    else()
      list(APPEND MARCH_VARIANTS "thunderx2t99\;-march=armv8.1-a+crc+crypto -DCLIB_N_PREFETCHES=8")
    endif()
  endif()
  check_c_compiler_flag("-march=armv8-a+crc+crypto -mtune=cortex-a72" compiler_flag_march_cortexa72)
  if(compiler_flag_march_cortexa72)
    list(APPEND MARCH_VARIANTS "cortexa72\;-march=armv8-a+crc+crypto -mtune=cortex-a72 -DCLIB_N_PREFETCHES=6")
  endif()
endif()

macro(vpp_library_set_multiarch_sources lib)
  foreach(V ${MARCH_VARIANTS})
    list(GET V 0 VARIANT)
    list(GET V 1 VARIANT_FLAGS)
    set(l ${lib}_${VARIANT})
    add_library(${l} OBJECT ${ARGN})
    set_target_properties(${l} PROPERTIES POSITION_INDEPENDENT_CODE ON)
    target_compile_options(${l} PUBLIC "-DCLIB_MARCH_VARIANT=${VARIANT}" -Wall -fno-common)
    separate_arguments(VARIANT_FLAGS)
    target_compile_options(${l} PUBLIC ${VARIANT_FLAGS})
    target_sources(${lib} PRIVATE $<TARGET_OBJECTS:${l}>)
  endforeach()
endmacro()
_socket_deregister(punt_ospf) punts = self.vapi.punt_socket_dump(type=pt_ip) self.assertEqual(len(punts), 0) def verify_ospf_pkts(self, rxs, n_sent): self.assertEqual(len(rxs), n_sent) for rx in rxs: self.assertTrue(rx.haslayer(OSPF_Hdr)) def test_traffic(self): """ Punt socket traffic """ af_ip4 = VppEnum.vl_api_address_family_t.ADDRESS_IP4 pt_ip = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_IP_PROTO proto_ospf = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_OSPF # # configure a punt socket to capture OSPF packets # punt_ospf = { 'type': pt_ip, 'punt': { 'ip_proto': { 'af': af_ip4, 'protocol': proto_ospf } } } # # create packet streams and configure a punt sockets # pkt = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) / OSPF_Hdr() / OSPFv3_Hello()) pkts = pkt * 7 sock = self.socket_client_create("%s/socket_1" % self.tempdir) self.vapi.punt_socket_register( punt_ospf, "%s/socket_1" % self.tempdir) # # send packets for each SPI we expect to be punted # self.send_and_assert_no_replies(self.pg0, pkts) # # verify the punted packets arrived on the associated socket # rx = sock.close() self.verify_ospf_pkts(rx, len(pkts)) self.vapi.punt_socket_deregister(punt_ospf) class TestPunt(VppTestCase): """ Exception Punt Test Case """ @classmethod def setUpClass(cls): super(TestPunt, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestPunt, cls).tearDownClass() def setUp(self): super(TestPunt, self).setUp() self.create_pg_interfaces(range(4)) for i in self.pg_interfaces: i.admin_up() i.config_ip4() i.resolve_arp() i.config_ip6() i.resolve_ndp() def tearDown(self): for i in self.pg_interfaces: i.unconfig_ip4() i.unconfig_ip6() i.admin_down() super(TestPunt, self).tearDown() def test_punt(self): """ Exception Path testing """ # # dump the punt registered reasons # search for a few we know should be there # rs = self.vapi.punt_reason_dump() reasons = ["ipsec6-no-such-tunnel", "ipsec4-no-such-tunnel", "ipsec4-spi-o-udp-0"] for reason in reasons: found = False for r in rs: if r.reason.name == reason: found = True break self.assertTrue(found) # # Using the test CLI we will hook in a exception path to # send ACL deny packets out of pg0 and pg1. # the ACL is src,dst = 1.1.1.1,1.1.1.2 # ip_1_1_1_2 = VppIpRoute(self, "1.1.1.2", 32, [VppRoutePath(self.pg3.remote_ip4, self.pg3.sw_if_index)]) ip_1_1_1_2.add_vpp_config() ip_1_2 = VppIpRoute(self, "1::2", 128, [VppRoutePath(self.pg3.remote_ip6, self.pg3.sw_if_index, proto=DpoProto.DPO_PROTO_IP6)]) ip_1_2.add_vpp_config() p4 = (Ether(src=self.pg2.remote_mac, dst=self.pg2.local_mac) / IP(src="1.1.1.1", dst="1.1.1.2") / UDP(sport=1234, dport=1234) / Raw(b'\xa5' * 100)) p6 = (Ether(src=self.pg2.remote_mac, dst=self.pg2.local_mac) / IPv6(src="1::1", dst="1::2") / UDP(sport=1234, dport=1234) / Raw(b'\xa5' * 100)) self.send_and_expect(self.pg2, p4*1, self.pg3) self.send_and_expect(self.pg2, p6*1, self.pg3) # # apply the punting features # self.vapi.cli("test punt pg2") # # dump the punt reasons to learn the IDs assigned # rs = self.vapi.punt_reason_dump(reason={'name': "reason-v4"}) r4 = rs[0].reason.id rs = self.vapi.punt_reason_dump(reason={'name': "reason-v6"}) r6 = rs[0].reason.id # # pkts now dropped # self.send_and_assert_no_replies(self.pg2, p4*NUM_PKTS) self.send_and_assert_no_replies(self.pg2, p6*NUM_PKTS) # # Check state: # 1 - node error counters # 2 - per-reason counters # 2, 3 are the index of the assigned punt reason # stats = self.statistics.get_err_counter( "/err/punt-dispatch/No registrations") self.assertEqual(stats, 2*NUM_PKTS) stats = self.statistics.get_counter("/net/punt") self.assertEqual(stats[0][r4]['packets'], NUM_PKTS) self.assertEqual(stats[0][r6]['packets'], NUM_PKTS) # # use the test CLI to test a client that punts exception # packets out of pg0 # self.vapi.cli("test punt pg0 %s" % self.pg0.remote_ip4) self.vapi.cli("test punt pg0 %s" % self.pg0.remote_ip6) rx4s = self.send_and_expect(self.pg2, p4*NUM_PKTS, self.pg0) rx6s = self.send_and_expect(self.pg2, p6*NUM_PKTS, self.pg0) # # check the packets come out IP unmodified but destined to pg0 host # for rx in rx4s: self.assertEqual(rx[Ether].dst, self.pg0.remote_mac) self.assertEqual(rx[Ether].src, self.pg0.local_mac) self.assertEqual(p4[IP].dst, rx[IP].dst) self.assertEqual(p4[IP].ttl, rx[IP].ttl) for rx in rx6s: self.assertEqual(rx[Ether].dst, self.pg0.remote_mac) self.assertEqual(rx[Ether].src, self.pg0.local_mac) self.assertEqual(p6[IPv6].dst, rx[IPv6].dst) self.assertEqual(p6[IPv6].hlim, rx[IPv6].hlim) stats = self.statistics.get_counter("/net/punt") self.assertEqual(stats[0][r4]['packets'], 2*NUM_PKTS) self.assertEqual(stats[0][r6]['packets'], 2*NUM_PKTS) # # add another registration for the same reason to send packets # out of pg1 # self.vapi.cli("test punt pg1 %s" % self.pg1.remote_ip4) self.vapi.cli("test punt pg1 %s" % self.pg1.remote_ip6) self.vapi.cli("clear trace") self.pg2.add_stream(p4 * NUM_PKTS) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rxd = self.pg0.get_capture(NUM_PKTS) for rx in rxd: self.assertEqual(rx[Ether].dst, self.pg0.remote_mac) self.assertEqual(rx[Ether].src, self.pg0.local_mac) self.assertEqual(p4[IP].dst, rx[IP].dst) self.assertEqual(p4[IP].ttl, rx[IP].ttl) rxd = self.pg1.get_capture(NUM_PKTS) for rx in rxd: self.assertEqual(rx[Ether].dst, self.pg1.remote_mac) self.assertEqual(rx[Ether].src, self.pg1.local_mac) self.assertEqual(p4[IP].dst, rx[IP].dst) self.assertEqual(p4[IP].ttl, rx[IP].ttl) self.vapi.cli("clear trace") self.pg2.add_stream(p6 * NUM_PKTS) self.pg_enable_capture(self.pg_interfaces) self.pg_start() rxd = self.pg0.get_capture(NUM_PKTS) for rx in rxd: self.assertEqual(rx[Ether].dst, self.pg0.remote_mac) self.assertEqual(rx[Ether].src, self.pg0.local_mac) self.assertEqual(p6[IPv6].dst, rx[IPv6].dst) self.assertEqual(p6[IPv6].hlim, rx[IPv6].hlim) rxd = self.pg1.get_capture(NUM_PKTS) for rx in rxd: self.assertEqual(rx[Ether].dst, self.pg1.remote_mac) self.assertEqual(rx[Ether].src, self.pg1.local_mac) self.assertEqual(p6[IPv6].dst, rx[IPv6].dst) self.assertEqual(p6[IPv6].hlim, rx[IPv6].hlim) stats = self.statistics.get_counter("/net/punt") self.assertEqual(stats[0][r4]['packets'], 3*NUM_PKTS) self.assertEqual(stats[0][r6]['packets'], 3*NUM_PKTS) self.logger.info(self.vapi.cli("show vlib graph punt-dispatch")) self.logger.info(self.vapi.cli("show punt client")) self.logger.info(self.vapi.cli("show punt reason")) self.logger.info(self.vapi.cli("show punt stats")) self.logger.info(self.vapi.cli("show punt db")) if __name__ == '__main__': unittest.main(testRunner=VppTestRunner)