diff options
Diffstat (limited to 'ci')
-rw-r--r-- | ci/diffs/.keep | 0 | ||||
-rwxr-xr-x | ci/managers/debian.sh | 95 | ||||
-rwxr-xr-x | ci/managers/test_compile.sh | 15 | ||||
-rw-r--r-- | ci/managers/travis_wait.bash | 61 | ||||
-rwxr-xr-x | ci/managers/ubuntu.sh | 24 | ||||
-rw-r--r-- | ci/vmtest/configs/ALLOWLIST-4.9.0 | 8 | ||||
-rw-r--r-- | ci/vmtest/configs/ALLOWLIST-5.5.0 | 55 | ||||
-rw-r--r-- | ci/vmtest/configs/DENYLIST-5.5.0 | 118 | ||||
-rw-r--r-- | ci/vmtest/configs/DENYLIST-latest | 0 | ||||
-rw-r--r-- | ci/vmtest/configs/DENYLIST-latest.s390x | 3 | ||||
-rwxr-xr-x | ci/vmtest/helpers.sh | 38 | ||||
-rwxr-xr-x | ci/vmtest/run_selftests.sh | 87 |
12 files changed, 504 insertions, 0 deletions
diff --git a/ci/diffs/.keep b/ci/diffs/.keep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/ci/diffs/.keep diff --git a/ci/managers/debian.sh b/ci/managers/debian.sh new file mode 100755 index 0000000..3d3f860 --- /dev/null +++ b/ci/managers/debian.sh @@ -0,0 +1,95 @@ +#!/bin/bash + +PHASES=(${@:-SETUP RUN RUN_ASAN CLEANUP}) +DEBIAN_RELEASE="${DEBIAN_RELEASE:-testing}" +CONT_NAME="${CONT_NAME:-libbpf-debian-$DEBIAN_RELEASE}" +ENV_VARS="${ENV_VARS:-}" +DOCKER_RUN="${DOCKER_RUN:-docker run}" +REPO_ROOT="${REPO_ROOT:-$PWD}" +ADDITIONAL_DEPS=(pkgconf) +EXTRA_CFLAGS="" +EXTRA_LDFLAGS="" + +function info() { + echo -e "\033[33;1m$1\033[0m" +} + +function error() { + echo -e "\033[31;1m$1\033[0m" +} + +function docker_exec() { + docker exec $ENV_VARS $CONT_NAME "$@" +} + +set -eu + +source "$(dirname $0)/travis_wait.bash" + +for phase in "${PHASES[@]}"; do + case $phase in + SETUP) + info "Setup phase" + info "Using Debian $DEBIAN_RELEASE" + + docker --version + + docker pull debian:$DEBIAN_RELEASE + info "Starting container $CONT_NAME" + $DOCKER_RUN -v $REPO_ROOT:/build:rw \ + -w /build --privileged=true --name $CONT_NAME \ + -dit --net=host debian:$DEBIAN_RELEASE /bin/bash + echo -e "::group::Build Env Setup" + docker_exec bash -c "echo deb-src http://deb.debian.org/debian $DEBIAN_RELEASE main >>/etc/apt/sources.list" + docker_exec apt-get -y update + docker_exec apt-get -y install aptitude + docker_exec aptitude -y install make libz-dev libelf-dev + docker_exec aptitude -y install "${ADDITIONAL_DEPS[@]}" + echo -e "::endgroup::" + ;; + RUN|RUN_CLANG|RUN_CLANG14|RUN_CLANG15|RUN_CLANG16|RUN_GCC10|RUN_GCC11|RUN_GCC12|RUN_ASAN|RUN_CLANG_ASAN|RUN_GCC10_ASAN) + CC="cc" + if [[ "$phase" =~ "RUN_CLANG(\d+)(_ASAN)?" ]]; then + ENV_VARS="-e CC=clang-${BASH_REMATCH[1]} -e CXX=clang++-${BASH_REMATCH[1]}" + CC="clang-${BASH_REMATCH[1]}" + elif [[ "$phase" = *"CLANG"* ]]; then + ENV_VARS="-e CC=clang -e CXX=clang++" + CC="clang" + elif [[ "$phase" =~ "RUN_GCC(\d+)(_ASAN)?" ]]; then + ENV_VARS="-e CC=gcc-${BASH_REMATCH[1]} -e CXX=g++-${BASH_REMATCH[1]}" + CC="gcc-${BASH_REMATCH[1]}" + fi + if [[ "$phase" = *"ASAN"* ]]; then + EXTRA_CFLAGS="${EXTRA_CFLAGS} -fsanitize=address,undefined" + EXTRA_LDFLAGS="${EXTRA_LDFLAGS} -fsanitize=address,undefined" + fi + if [[ "$CC" != "cc" ]]; then + docker_exec aptitude -y install "$CC" + else + docker_exec aptitude -y install gcc + fi + docker_exec mkdir build install + docker_exec ${CC} --version + info "build" + docker_exec make -j$((4*$(nproc))) EXTRA_CFLAGS="${EXTRA_CFLAGS}" EXTRA_LDFLAGS="${EXTRA_LDFLAGS}" -C ./src -B OBJDIR=../build + info "ldd build/libbpf.so:" + docker_exec ldd build/libbpf.so + if ! docker_exec ldd build/libbpf.so | grep -q libelf; then + error "No reference to libelf.so in libbpf.so!" + exit 1 + fi + info "install" + docker_exec make -j$((4*$(nproc))) -C src OBJDIR=../build DESTDIR=../install install + info "link binary" + docker_exec bash -c "EXTRA_CFLAGS=\"${EXTRA_CFLAGS}\" EXTRA_LDFLAGS=\"${EXTRA_LDFLAGS}\" ./ci/managers/test_compile.sh" + ;; + CLEANUP) + info "Cleanup phase" + docker stop $CONT_NAME + docker rm -f $CONT_NAME + ;; + *) + echo >&2 "Unknown phase '$phase'" + exit 1 + esac +done diff --git a/ci/managers/test_compile.sh b/ci/managers/test_compile.sh new file mode 100755 index 0000000..094ba3e --- /dev/null +++ b/ci/managers/test_compile.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -euox pipefail + +EXTRA_CFLAGS=${EXTRA_CFLAGS:-} +EXTRA_LDFLAGS=${EXTRA_LDFLAGS:-} + +cat << EOF > main.c +#include <bpf/libbpf.h> +int main() { + return bpf_object__open(0) < 0; +} +EOF + +# static linking +${CC:-cc} ${EXTRA_CFLAGS} ${EXTRA_LDFLAGS} -o main -I./include/uapi -I./install/usr/include main.c ./build/libbpf.a -lelf -lz diff --git a/ci/managers/travis_wait.bash b/ci/managers/travis_wait.bash new file mode 100644 index 0000000..acf6ad1 --- /dev/null +++ b/ci/managers/travis_wait.bash @@ -0,0 +1,61 @@ +# This was borrowed from https://github.com/travis-ci/travis-build/tree/master/lib/travis/build/bash +# to get around https://github.com/travis-ci/travis-ci/issues/9979. It should probably be removed +# as soon as Travis CI has started to provide an easy way to export the functions to bash scripts. + +travis_jigger() { + local cmd_pid="${1}" + shift + local timeout="${1}" + shift + local count=0 + + echo -e "\\n" + + while [[ "${count}" -lt "${timeout}" ]]; do + count="$((count + 1))" + echo -ne "Still running (${count} of ${timeout}): ${*}\\r" + sleep 60 + done + + echo -e "\\n${ANSI_RED}Timeout (${timeout} minutes) reached. Terminating \"${*}\"${ANSI_RESET}\\n" + kill -9 "${cmd_pid}" +} + +travis_wait() { + local timeout="${1}" + + if [[ "${timeout}" =~ ^[0-9]+$ ]]; then + shift + else + timeout=20 + fi + + local cmd=("${@}") + local log_file="travis_wait_${$}.log" + + "${cmd[@]}" &>"${log_file}" & + local cmd_pid="${!}" + + travis_jigger "${!}" "${timeout}" "${cmd[@]}" & + local jigger_pid="${!}" + local result + + { + set +e + wait "${cmd_pid}" 2>/dev/null + result="${?}" + ps -p"${jigger_pid}" &>/dev/null && kill "${jigger_pid}" + set -e + } + + if [[ "${result}" -eq 0 ]]; then + echo -e "\\n${ANSI_GREEN}The command ${cmd[*]} exited with ${result}.${ANSI_RESET}" + else + echo -e "\\n${ANSI_RED}The command ${cmd[*]} exited with ${result}.${ANSI_RESET}" + fi + + echo -e "\\n${ANSI_GREEN}Log:${ANSI_RESET}\\n" + cat "${log_file}" + + return "${result}" +} diff --git a/ci/managers/ubuntu.sh b/ci/managers/ubuntu.sh new file mode 100755 index 0000000..7fe1b3f --- /dev/null +++ b/ci/managers/ubuntu.sh @@ -0,0 +1,24 @@ +#!/bin/bash +set -eux + +RELEASE="focal" + +apt-get update +apt-get install -y pkg-config + +source "$(dirname $0)/travis_wait.bash" + +cd $REPO_ROOT + +EXTRA_CFLAGS="-Werror -Wall -fsanitize=address,undefined" +EXTRA_LDFLAGS="-Werror -Wall -fsanitize=address,undefined" +mkdir build install +cc --version +make -j$((4*$(nproc))) EXTRA_CFLAGS="${EXTRA_CFLAGS}" EXTRA_LDFLAGS="${EXTRA_LDFLAGS}" -C ./src -B OBJDIR=../build +ldd build/libbpf.so +if ! ldd build/libbpf.so | grep -q libelf; then + echo "FAIL: No reference to libelf.so in libbpf.so!" + exit 1 +fi +make -j$((4*$(nproc))) -C src OBJDIR=../build DESTDIR=../install install +EXTRA_CFLAGS=${EXTRA_CFLAGS} EXTRA_LDFLAGS=${EXTRA_LDFLAGS} $(dirname $0)/test_compile.sh diff --git a/ci/vmtest/configs/ALLOWLIST-4.9.0 b/ci/vmtest/configs/ALLOWLIST-4.9.0 new file mode 100644 index 0000000..ee0d3db --- /dev/null +++ b/ci/vmtest/configs/ALLOWLIST-4.9.0 @@ -0,0 +1,8 @@ +# btf_dump -- need to disable data dump sub-tests +core_retro +cpu_mask +hashmap +legacy_printk +perf_buffer +section_names + diff --git a/ci/vmtest/configs/ALLOWLIST-5.5.0 b/ci/vmtest/configs/ALLOWLIST-5.5.0 new file mode 100644 index 0000000..87f72f9 --- /dev/null +++ b/ci/vmtest/configs/ALLOWLIST-5.5.0 @@ -0,0 +1,55 @@ +# attach_probe +autoload +bpf_verif_scale +cgroup_attach_autodetach +cgroup_attach_override +core_autosize +core_extern +core_read_macros +core_reloc +core_retro +cpu_mask +endian +get_branch_snapshot +get_stackid_cannot_attach +global_data +global_data_init +global_func_args +hashmap +l4lb_all +legacy_printk +linked_funcs +linked_maps +map_lock +obj_name +perf_buffer +perf_event_stackmap +pinning +pkt_md_access +probe_user +queue_stack_map +raw_tp_writable_reject_nbd_invalid +raw_tp_writable_test_run +rdonly_maps +section_names +signal_pending +skeleton +sockmap_ktls +sockopt +sockopt_inherit +sockopt_multi +spinlock +stacktrace_map +stacktrace_map_raw_tp +static_linked +task_fd_query_rawtp +task_fd_query_tp +tc_bpf +tcp_estats +tcp_rtt +tp_attach_query +usdt/urand_pid_attach +xdp +xdp_info +xdp_noinline +xdp_perf diff --git a/ci/vmtest/configs/DENYLIST-5.5.0 b/ci/vmtest/configs/DENYLIST-5.5.0 new file mode 100644 index 0000000..d732bed --- /dev/null +++ b/ci/vmtest/configs/DENYLIST-5.5.0 @@ -0,0 +1,118 @@ +# This file is not used and is there for historic purposes only. +# See ALLOWLIST-5.5.0 instead. + +# PERMANENTLY DISABLED +align # verifier output format changed +atomics # new atomic operations (v5.12+) +atomic_bounds # new atomic operations (v5.12+) +bind_perm # changed semantics of return values (v5.12+) +bpf_cookie # 5.15+ +bpf_iter # bpf_iter support is missing +bpf_obj_id # bpf_link support missing for GET_OBJ_INFO, GET_FD_BY_ID, etc +bpf_tcp_ca # STRUCT_OPS is missing +btf_map_in_map # inner map leak fixed in 5.8 +btf_skc_cls_ingress # v5.10+ functionality +cg_storage_multi # v5.9+ functionality +cgroup_attach_multi # BPF_F_REPLACE_PROG missing +cgroup_link # LINK_CREATE is missing +cgroup_skb_sk_lookup # bpf_sk_lookup_tcp() helper is missing +check_mtu # missing BPF helper (v5.12+) +cls_redirect # bpf_csum_level() helper is missing +connect_force_port # cgroup/get{peer,sock}name{4,6} support is missing +d_path # v5.10+ feature +enable_stats # BPF_ENABLE_STATS support is missing +fentry_fexit # bpf_prog_test_tracing missing +fentry_test # bpf_prog_test_tracing missing +fexit_bpf2bpf # freplace is missing +fexit_sleep # relies on bpf_trampoline fix in 5.12+ +fexit_test # bpf_prog_test_tracing missing +flow_dissector # bpf_link-based flow dissector is in 5.8+ +flow_dissector_reattach +for_each # v5.12+ +get_func_ip_test # v5.15+ +get_stack_raw_tp # exercising BPF verifier bug causing infinite loop +hash_large_key # v5.11+ +ima # v5.11+ +kfree_skb # 32-bit pointer arith in test_pkt_access +ksyms # __start_BTF has different name +kfunc_call # v5.13+ +link_pinning # bpf_link is missing +linked_vars # v5.13+ +load_bytes_relative # new functionality in 5.8 +lookup_and_delete # v5.14+ +map_init # per-CPU LRU missing +map_ptr # test uses BPF_MAP_TYPE_RINGBUF, added in 5.8 +metadata # v5.10+ +migrate_reuseport # v5.14+ +mmap # 5.5 kernel is too permissive with re-mmaping +modify_return # fmod_ret support is missing +module_attach # module BTF support missing (v5.11+) +netcnt +netns_cookie # v5.15+ +ns_current_pid_tgid # bpf_get_ns_current_pid_tgid() helper is missing +pe_preserve_elems # v5.10+ +perf_branches # bpf_read_branch_records() helper is missing +perf_link # v5.15+ +pkt_access # 32-bit pointer arith in test_pkt_access +probe_read_user_str # kernel bug with garbage bytes at the end +prog_run_xattr # 32-bit pointer arith in test_pkt_access +raw_tp_test_run # v5.10+ +recursion # v5.12+ +ringbuf # BPF_MAP_TYPE_RINGBUF is supported in 5.8+ + +# bug in verifier w/ tracking references +#reference_tracking/classifier/sk_lookup_success +reference_tracking + +select_reuseport # UDP support is missing +send_signal # bpf_send_signal_thread() helper is missing +sk_assign # bpf_sk_assign helper missing +sk_lookup # v5.9+ +sk_storage_tracing # missing bpf_sk_storage_get() helper +skb_ctx # ctx_{size, }_{in, out} in BPF_PROG_TEST_RUN is missing +skb_helpers # helpers added in 5.8+ +skeleton # creates too big ARRAY map +snprintf # v5.13+ +snprintf_btf # v5.10+ +sock_fields # v5.10+ +socket_cookie # v5.12+ +sockmap_basic # uses new socket fields, 5.8+ +sockmap_listen # no listen socket supportin SOCKMAP +sockopt_sk +sockopt_qos_to_cc # v5.15+ +stacktrace_build_id # v5.9+ +stack_var_off # v5.12+ +syscall # v5.14+ +task_local_storage # v5.12+ +task_pt_regs # v5.15+ +tcp_hdr_options # v5.10+, new TCP header options feature in BPF +tcpbpf_user # LINK_CREATE is missing +tc_redirect # v5.14+ +test_bpffs # v5.10+, new CONFIG_BPF_PRELOAD=y and CONFIG_BPF_PRELOAD_UMG=y|m +test_bprm_opts # v5.11+ +test_global_funcs # kernel doesn't support BTF linkage=global on FUNCs +test_local_storage # v5.10+ feature +test_lsm # no BPF_LSM support +test_overhead # no fmod_ret support +test_profiler # needs verifier logic improvements from v5.10+ +test_skb_pkt_end # v5.11+ +timer # v5.15+ +timer_mim # v5.15+ +trace_ext # v5.10+ +trace_printk # v5.14+ +trampoline_count # v5.12+ have lower allowed limits +udp_limit # no cgroup/sock_release BPF program type (5.9+) +varlen # verifier bug fixed in later kernels +vmlinux # hrtimer_nanosleep() signature changed incompatibly +xdp_adjust_tail # new XDP functionality added in 5.8 +xdp_attach # IFLA_XDP_EXPECTED_FD support is missing +xdp_bonding # v5.15+ +xdp_bpf2bpf # freplace is missing +xdp_context_test_run # v5.15+ +xdp_cpumap_attach # v5.9+ +xdp_devmap_attach # new feature in 5.8 +xdp_link # v5.9+ + +# SUBTESTS FAILING (block entire test until blocking subtests works properly) +btf # "size check test", "func (Non zero vlen)" +tailcalls # tailcall_bpf2bpf_1, tailcall_bpf2bpf_2, tailcall_bpf2bpf_3 diff --git a/ci/vmtest/configs/DENYLIST-latest b/ci/vmtest/configs/DENYLIST-latest new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/ci/vmtest/configs/DENYLIST-latest diff --git a/ci/vmtest/configs/DENYLIST-latest.s390x b/ci/vmtest/configs/DENYLIST-latest.s390x new file mode 100644 index 0000000..3684f49 --- /dev/null +++ b/ci/vmtest/configs/DENYLIST-latest.s390x @@ -0,0 +1,3 @@ +# TEMPORARY +usdt/basic # failing verifier due to bounds check after LLVM update +usdt/multispec # same as above diff --git a/ci/vmtest/helpers.sh b/ci/vmtest/helpers.sh new file mode 100755 index 0000000..c44d098 --- /dev/null +++ b/ci/vmtest/helpers.sh @@ -0,0 +1,38 @@ +# shellcheck shell=bash + +# $1 - start or end +# $2 - fold identifier, no spaces +# $3 - fold section description +foldable() { + local YELLOW='\033[1;33m' + local NOCOLOR='\033[0m' + if [ $1 = "start" ]; then + line="::group::$2" + if [ ! -z "${3:-}" ]; then + line="$line - ${YELLOW}$3${NOCOLOR}" + fi + else + line="::endgroup::" + fi + echo -e "$line" +} + +__print() { + local TITLE="" + if [[ -n $2 ]]; then + TITLE=" title=$2" + fi + echo "::$1${TITLE}::$3" +} + +# $1 - title +# $2 - message +print_error() { + __print error $1 $2 +} + +# $1 - title +# $2 - message +print_notice() { + __print notice $1 $2 +} diff --git a/ci/vmtest/run_selftests.sh b/ci/vmtest/run_selftests.sh new file mode 100755 index 0000000..1dcde76 --- /dev/null +++ b/ci/vmtest/run_selftests.sh @@ -0,0 +1,87 @@ +#!/bin/bash + +set -euo pipefail + +source $(cd $(dirname $0) && pwd)/helpers.sh + +ARCH=$(uname -m) + +STATUS_FILE=/exitstatus + +read_lists() { + (for path in "$@"; do + if [[ -s "$path" ]]; then + cat "$path" + fi; + done) | cut -d'#' -f1 | tr -s ' \t\n' ',' +} + +test_progs() { + if [[ "${KERNEL}" != '4.9.0' ]]; then + foldable start test_progs "Testing test_progs" + # "&& true" does not change the return code (it is not executed + # if the Python script fails), but it prevents exiting on a + # failure due to the "set -e". + ./test_progs ${DENYLIST:+-d$DENYLIST} ${ALLOWLIST:+-a$ALLOWLIST} && true + echo "test_progs:$?" >> "${STATUS_FILE}" + foldable end test_progs + fi +} + +test_progs_no_alu32() { + foldable start test_progs-no_alu32 "Testing test_progs-no_alu32" + ./test_progs-no_alu32 ${DENYLIST:+-d$DENYLIST} ${ALLOWLIST:+-a$ALLOWLIST} && true + echo "test_progs-no_alu32:$?" >> "${STATUS_FILE}" + foldable end test_progs-no_alu32 +} + +test_maps() { + if [[ "${KERNEL}" == 'latest' ]]; then + foldable start test_maps "Testing test_maps" + ./test_maps && true + echo "test_maps:$?" >> "${STATUS_FILE}" + foldable end test_maps + fi +} + +test_verifier() { + if [[ "${KERNEL}" == 'latest' ]]; then + foldable start test_verifier "Testing test_verifier" + ./test_verifier && true + echo "test_verifier:$?" >> "${STATUS_FILE}" + foldable end test_verifier + fi +} + +foldable end vm_init + +configs_path=/${PROJECT_NAME}/selftests/bpf +local_configs_path=${PROJECT_NAME}/vmtest/configs +DENYLIST=$(read_lists \ + "$configs_path/DENYLIST" \ + "$configs_path/DENYLIST.${ARCH}" \ + "$local_configs_path/DENYLIST-${KERNEL}" \ + "$local_configs_path/DENYLIST-${KERNEL}.${ARCH}" \ +) +ALLOWLIST=$(read_lists \ + "$configs_path/ALLOWLIST" \ + "$configs_path/ALLOWLIST.${ARCH}" \ + "$local_configs_path/ALLOWLIST-${KERNEL}" \ + "$local_configs_path/ALLOWLIST-${KERNEL}.${ARCH}" \ +) + +echo "DENYLIST: ${DENYLIST}" +echo "ALLOWLIST: ${ALLOWLIST}" + +cd ${PROJECT_NAME}/selftests/bpf + +if [ $# -eq 0 ]; then + test_progs + test_progs_no_alu32 + # test_maps + test_verifier +else + for test_name in "$@"; do + "${test_name}" + done +fi |