1
0
mirror of https://passt.top/passt synced 2025-01-05 12:25:23 +00:00
Commit Graph

223 Commits

Author SHA1 Message Date
Stefano Brivio
ee58f37db0 test: Add Podman system test with bats for pasta
Ugly as hell, but we keep breaking things otherwise, and I keep
forgetting to run this manually (as long as it's based on my local
Podman setup, that's the only alternative).

We need to clone the Podman repository as distribution packages don't
contain test scripts, typically. While at it, build the latest
version which is what really matters.

As we're planning anyway to revamp the test framework, I'd be
inclined to just add this without too many thoughts, and have it as
a nice-to-have requirement reminder for the new framework.

Link: https://github.com/containers/podman/pull/19699
Suggested-by: Paul Holzinger <pholzing@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2023-09-07 11:25:41 +02:00
David Gibson
e3b19530e4 test/nstool: Fix fd leak in accept() loop
nstool loops on accept(), but failed to close the accepted socket fds
before continuing on.  So, with repeated commands it would eventually die
with an EMFILE.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-05-23 17:06:32 +02:00
David Gibson
527c822a3b test/nstool: Provide useful error if given a path that's too long
Normal filesystem paths can be very long (PATH_MAX is around 8k), however
Unix domain sockets can only use relatively short paths (UNIX_PATH_MAX is
108 on Linux).  Currently nstool will simply truncate paths that are too
long, leading to difficult to understand failures.

Make such failures clearer, with an explicit error message if given a path
that's too long.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-05-23 17:06:29 +02:00
David Gibson
1a3ade9037 nstool: Enter holder's cwd when changing mount ns with nstool exec
If we enter a mount namespace with nstool exec our working directory will
be changed to / in the new mount ns.  This is surprising if we haven't
actually altered any mounts yet in the new ns.  Instead, change the working
directory to match that of the holder process in this situation.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:12:12 +02:00
David Gibson
98031bee73 nstool: Advertise the holder's cwd (in its mountns) across the socket
This is possible useful in nstool info and has further uses for nstool
exec.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:12:10 +02:00
David Gibson
469b69aaa1 test: Use "nstool exec" to slightly simplify tests
Using this, rather than using "nstool info" to get the pid then manually
connecting with nsenter makes things a little simpler.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:12:08 +02:00
David Gibson
3372cd0902 test: Initialise ${TRACE} properly
Unlike ${DEBUG} we don't initialize ${TRACE} to 0 if not set, which cases
failures when testing it later.  That failure acts as though it is false,
however it emits spurious errors in script.log, which can make it harder to
spot real errors.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:12:05 +02:00
David Gibson
329149d51a nstool: Add --keep-caps option to nstool exec
This allows you to run commands within a user namespace with the
privilege that comes from owning that userns.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:12:03 +02:00
David Gibson
0b66944648 nstool: Add nstool exec command to execute commands in an nstool namespace
This combines nstool info -pw <sock> with nsenter with various options for
a more convenient and less verbose of entering existing nstool managed
namespaces.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:12:01 +02:00
David Gibson
3bcbca5db8 nstool: Helpers to iterate through namespace types
Will make things a bit less verbose in future.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:59 +02:00
David Gibson
f6a9ea3af5 nstool: Add magic number to advertized information
So that we'll probably give a better error if you point it at something
that's not an nstool hold control socket.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:57 +02:00
David Gibson
4311066bdb nstool: Detect what namespaces target is in
Give nstool the ability to detect what namespaces the target process is in,
relative to where it's called.  That is, those namespace types for which
the target is not in the same namespace as the caller.  For now, just
print this information with "info", which can be useful for debugging.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:55 +02:00
David Gibson
fd4a752e92 nstool: Replace "pid" subcommand with "info" subcommand
The new subcommand gives more information about the holder process and its
namespace, and may be further extended in future.  Add some options which
give the old behaviour for existing scripts.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:52 +02:00
David Gibson
a4b017d91c nstool: Split some command line parsing and socket setup to subcommands
This will make it easier to differentiate the options to those commands
further in future.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:50 +02:00
David Gibson
42fb218347 nstool: Move description of its operation modes from comment to usage
Easier to see it there.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:48 +02:00
David Gibson
2884ccd2e7 nstool: Reverse parameters to nstool
Having the "subcommand" first is more conventional and will make it more
natural for future extensions I have planned.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:43 +02:00
David Gibson
4914fce77b nstool: Rename nsholder to nstool
In preparation for extending what it does.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:41 +02:00
David Gibson
55bbe3dbcb test: Remove race between commands run in the same context
context_run() has a race condition if two commands are run in close
proximity (generally involving at least one in the background).  Because we
always use the same name for the temporary fifo files, if another command
is issued while the fifos for the first still exist, mkfifo will fail,
typically causing the entire test script to jam.

Create unique names for the temporary fifos to avoid this problem.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-08 01:11:36 +02:00
Stefano Brivio
ca2749e1bd passt: Relicense to GPL 2.0, or any later version
In practical terms, passt doesn't benefit from the additional
protection offered by the AGPL over the GPL, because it's not
suitable to be executed over a computer network.

Further, restricting the distribution under the version 3 of the GPL
wouldn't provide any practical advantage either, as long as the passt
codebase is concerned, and might cause unnecessary compatibility
dilemmas.

Change licensing terms to the GNU General Public License Version 2,
or any later version, with written permission from all current and
past contributors, namely: myself, David Gibson, Laine Stump, Andrea
Bolognani, Paul Holzinger, Richard W.M. Jones, Chris Kuhn, Florian
Weimer, Giuseppe Scrivano, Stefan Hajnoczi, and Vasiliy Ulyanov.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-06 18:00:33 +02:00
David Gibson
dccc2ff774 test: Fedora 32-35 have moved to the archives
Fedora 32-35 are now old enough that they're not on all mirrors.  Fetch
them from the archive server instead.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-02-14 17:25:20 +01:00
David Gibson
64325a0dac test: Update location for Debian ppc64 images
The current debian cloud images no longer include ppc64.  Change to using
the latest snapshot which does include ppc64.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-02-14 17:25:17 +01:00
Stefano Brivio
67920b8820 test/pasta_options: Ignore failures on shell 'exit'
On shell 'exit' commands, running shells from pasta, we might get:

  Cannot set tty process group (No such process)

as some TTY devices might be unaccessible. This is harmless, but
after commit "pasta: propagate exit code from child command", we'll
get test failures there, at least with dash.

Ignore those explicitly with a ugly workaround: we can't simply do
something like:

	exit || :

because the failure is reported by the shell itself once it exits,
regardless of the command evaluation.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-02-13 00:05:48 +01:00
Stefano Brivio
c196953f1e test/perf/pasta_tcp: Add host to namespace cases for traffic via tap
Similarly to UDP cases, these were missing as it wasn't clear, when
the other tests were introduced, if using the global address of a
namespace, from the host, should have resulted in connections being
routed via the tap interface.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2023-01-05 15:08:11 +01:00
Stefano Brivio
08c01f5b4e test/perf/pasta_udp: Add host to namespace cases for traffic via tap
These were missing as it wasn't clear, when the other tests were
introduced, if using the global address of a namespace, from the
host, should have resulted in traffic being routed via the tap
interface (as opposed to the loopback interface). We now clarified
that's actually the case.

Use same values and thresholds as the tests for loopback traffic, as
throughput figures currently indicate there isn't much difference.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2023-01-05 15:07:54 +01:00
Stefano Brivio
7d8c2fb916 test/lib/test: Clean up iperf3 JSON files before starting the server
...instead of doing it after the test. Now that we have pre-built
guest images, we might also have old JSON files from previous,
interrupted test runs.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-11-16 15:11:25 +01:00
Stefano Brivio
e308018bbe test/memory/passt: Change passt.avx2 path to /bin in test itself
Now that we install the binary in /bin, and we have a link from
/usr/bin, change the path in the test itself as well. Otherwise
it works with bash but not with dash for some reason.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-11-04 12:04:32 +01:00
Stefano Brivio
6c1697764c test/perf: Finally drop workaround for virtio_net TX stall
Now that we require 13c6be96618c ("net: stream: add unix socket")
in qemu to run the tests, we can also assume that commit df8d07081718
("virtio-net: fix bottom-half packet TX on asynchronous completion")
is present, as it was merged before that one.

This fixes the issue we attempted to work around in passt TCP and
UDP performance tests: finally drop that stuff.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-11-04 12:04:32 +01:00
Stefano Brivio
667397db11 test: Switch to qemu -netdev stream option instead of using qrap
qemu commit 13c6be96618c ("net: stream: add unix socket") introduces
support for native AF_UNIX support, finally making qrap useless.

We can't quite drop that yet until a qemu release includes it, and
then we'll need to wait a while for users to switch anyway, but at
least for tests, we can use that support.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-11-04 12:04:32 +01:00
Stefano Brivio
1401962a37 test: Wait for network before starting passt in two_guests setup
As pasta now configures that target network namespace with
--config-net, we need to wait for addresses and routes to be actually
present. Just sending netlink messages doesn't mean this is done
synchronously.

A more elegant alternative, which probably makes sense regardless of
this test setup, would be to query, from pasta, addresses and routes
we added, and wait until they're there, before proceeding.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-11-04 12:04:32 +01:00
Stefano Brivio
40fc9e6e7b test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.

This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).

passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.

We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.

Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-11-04 12:01:27 +01:00
Stefano Brivio
ce2a0a5bb4 test/lib: Add "td" directive, handled by table_value()
This can be used for generic cell values with an arbitrary scale.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-11-04 12:01:18 +01:00
Stefano Brivio
bfd311aec7 test/lib/perf_report: Use own flag to track initialisation
Instead of just disabling performance reports if running in demo
mode. This allows us to use table functions outside of performance
reports.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-11-04 12:01:17 +01:00
Stefano Brivio
e76e65a36e test/lib: Move screen-scraping setup and layout functions to _ugly files
I'm going to add yet another one of those, for which I have no quick
solution. It's a regression in some sense, but at least if we make
this regression more observable and defined, it should be easier to
find a comprehensive solution later, within this or another testing
framework.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-11-04 12:01:05 +01:00
Stefano Brivio
e4df8b0844 test/run: Temporarily disable distribution tests
They're too slow to cope with current release cycles, and they
haven't found bugs in months, also because clang-tidy and cppcheck
would find most of them earlier.

Disable them for the moment. We should pre-install gcc and make in
non-x86 images, as those run on my test machine with qemu TCG, and
that's the real slow-down here. Then we can re-enable them.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-10-26 07:03:56 +02:00
Stefano Brivio
d472476caa test: Add log file tests for pasta plus corresponding layout and setup
To test log files on a tmpfs mount, we need to unshare the mount
namespace, which means using a context for the passt pane is not
really practical at the moment, as we can't open a shell there, so
we would have to encapsulate all the commands under 'unshare -rUm',
plus the "inner" pasta command, running in turn a tcp_rr server.

It might be worth fixing this by e.g. detecting we are trying to
spawn an interactive shell and adding a special path in the context
setup with some form of stdin redirection -- I'm not sure it's doable
though.

For this reason, add a new layout, using a context only for the host
pane, while keeping the old command dispatch mechanism for the passt
pane.

We also need a new setup function that doesn't start pasta: we want
to start and restart it with different options.

Further, we need a 'pint' directive, to send an interrupt to the
passt pane: add that in lib/test.

All the tests before the one involving tmpfs and a detached mount
namespace were also tested with the context mechanism. To make an
eventual conversion easier, pass tcp_crr directly as a command on
pasta's command line where feasible.

While at it, fix the comment to the teardown_pasta() function.

The new test set can be semi-conveniently run as:

  ./run pasta_options/log_to_file

and it checks basic log creation, size of the log file after flooding
it with debug entries, rotations, and basic consistency after
rotations, on both an existing filesystem and a tmpfs, chosen as
it doesn't support collapsing data ranges via fallocate(), hence
triggering the fall-back mechanism for logging rotation.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-10-26 06:28:41 +02:00
David Gibson
f99e9a3338 test: Move slower tests to end of test run
The distro and performance tests are by far the slowest part of the passt
testsuite.  Move them to the end of the testsuite run, so that it's easier
to do a quick test during development by letting the other tests run then
interrupting the test runner.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-10-15 02:10:36 +02:00
Stefano Brivio
c4101334e1 test: Add rudimentary support to run selected tests only
To keep this simple, only support tests that have corresponding setup
and teardown functions implied by their path. For example:

  ./run passt/ndp

will trigger the 'passt' setup and teardown functions.

This is not really elegant, but it looks robust, and while David is
considering proper alternatives, it should be quite useful.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-14 17:38:24 +02:00
David Gibson
df74984c52 Stricter checking for nsholder.c
Add the -Wextra -pedantic and -std=c99 flags when compiling the nsholder
test helper to get extra compiler checks, like we already use for the
main source code.

While we're there, fix some %d (signed) printf descriptors being used
for unsigned values (uid_t and gid_t).  Pointed out by cppcheck.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-29 12:22:10 +02:00
David Gibson
dc3f200a0b test: Remove unneccessary pane naming from layout_two_guests
This loop goes through and gives a numeric label to each pane, even though
we name the panes properly shortly thereafter.  Looks like a leftover from
some earlier version.  Remove it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-29 12:21:23 +02:00
David Gibson
feb8946ff5 test: Simplify data handling for transfer tests
Many of our tests are based around performing transfers of sample data
across passt/pasta created links.  The data flow here can be a bit
hard to follow since, e.g. we create a file transfer it to the guest,
then transfer it back to the host across several different tests.
This also means that the test cases aren't independent of each other.

Because we don't have the original file available at both ends in some
cases, we compare them by generating md5sums at each end and comparing
them, which is a bit complicated.

Make a number of changes to simplify this:
  1. Pre-generate the sample data files as a test asset, rather than
     building them on the fly during the tests proper
  2. Include the sample data files in the mbuto guest image
  3. Because we have good copies of the original data available in all
     contexts, we can now simply use 'cmp' to check if the transfer
     has worked, avoiding md5sum complications.
  4. Similarly we can always use the original copy of the sample data
     on the send side of each transfer, meaning that the tests become
     more independent of each other.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-29 12:21:19 +02:00
David Gibson
0a15b467d4 test: Use --config-net for namespace setup
The setup functions for passt_in_ns and two_guests perform some fairly slow
dhclient calls to configure the network in the namespace before starting
the guest.  This isn't really part of the tests, just necessary for the
operations later.

We can simplify and speed this up a bit by using pasta's '--config-net'
option to configure the networking for us.  As a bonus this means we have
at least a minimal test of the --config-net option itself.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-29 12:21:13 +02:00
David Gibson
5b899dce7a test: More robust wait for pasta/passt to be ready
When we start passt or pasta, it may take a short time to be ready to
handle packets, especially if running under valgrind.  We have a
number of semi-arbitrary fixed sleeps to account for this.

We can do this more robustly by exploiting the fact that pasta/passt
doesn't write its pidfile until it's ready to go, so if we wait for
the pidfile to be created, we can proceed with confidence.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-29 12:21:07 +02:00
David Gibson
33983de46b test: Remove unnecessary sleeps from shutdown tests
These are hangovers from older ways of shutting down the pasta/passt
processes and no longer serve any purpose.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-29 12:21:01 +02:00
David Gibson
05a2c7ae3c test: Add wait_for() shell helper
Add a shell helper function to wait for some command to succeed - typically
a test for something to be done by a background process.  Use it in the
context code which waits for the guest to respond to ssh-over-vsock
connections.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-29 12:20:44 +02:00
Stefano Brivio
e0f415c025 test/lib: Don't try to write to perf.js when running demos
...it doesn't actually exist, and this error now causes the demo to
stop.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-24 00:11:10 +02:00
Stefano Brivio
2e93cb6ed8 test/lib: Drop perf_report_append() from perf_report
It's not used anymore. While at it, fix the function name in the
comment to perf_report_append_js().

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-24 00:09:23 +02:00
Stefano Brivio
b3549093f7 test/demo: Avoid using port 5201 on the host
That's the default port for iperf3, which also means that it's quite
likely in use on my test machine. Use different port numbers: recycle
the scheme we use in tests for passt and pasta's demo, use 5221-5224
(a bit shorter) for the slirp4netns container in Podman's demo.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-24 00:07:18 +02:00
Stefano Brivio
6d08bfc3e0 test/demo: Use relative paths to change directories when possible
A cd to __STATEDIR__ results in a rather long command, that's not
very readable. Jump between directories using .. and relative paths,
once we're there.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-24 00:05:20 +02:00
Stefano Brivio
85de88ff31 test/passt.mbuto: Don't fail on missing guest public key
We won't necessarily run mbuto as part of regular tests: it can also
be used for demos or out-of-tree tests.

To keep the profile simple, leave the whole sshd setup there, which
is otherwise harmless, but don't fail if guest-key.pub is missing in
the current directory.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-23 17:55:10 +02:00
Stefano Brivio
d6f865a40a test/distro: Update workarounds for Ubuntu 22.04 on s390x
If we use dhclient without creating a complete network configuration,
systemd-resolved will stop working after a while, and this sometimes
happens while we're still installing packages.

Disable it, together with systemd-networkd, while taking care of
removing the dhclient hook that prevents overriding /etc/resolv.conf.

While at it, it looks like removing snapd and needrestart actually
takes more time than keeping them: drop that line.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-09-23 02:46:24 +02:00