From 90bbe6ab1f77e5d316158d28b770b737a59036f2 Mon Sep 17 00:00:00 2001 From: Yuan Liu Date: Tue, 2 Aug 2016 20:19:38 -0700 Subject: [PATCH] lkl: add ipv6 support Add a list ot utilities to config ipv6 in lkl. Signed-off-by: Yuan Liu --- Documentation/lkl.txt | 6 +- tools/lkl/include/lkl.h | 23 +++- tools/lkl/lib/hijack/init.c | 59 +++++++-- tools/lkl/lib/net.c | 225 ++++++++++++++++++++++++++++----- tools/lkl/tests/hijack-test.sh | 25 +++- 5 files changed, 287 insertions(+), 51 deletions(-) diff --git a/Documentation/lkl.txt b/Documentation/lkl.txt index c0cbaf09573b57..c9258d22395d26 100644 --- a/Documentation/lkl.txt +++ b/Documentation/lkl.txt @@ -189,11 +189,11 @@ are the list of those variable for your environment. ``` $ LKL_HIJACK_NET_MTU=1280 lkl-hijack.sh ip address show ``` -* LKL_HIJACK_NET_ARP +* LKL_HIJACK_NET_NEIGHBOR - Add a list of arp permanent entries in the form of "ip|mac;ip|mac;..." + Add a list of permanent neighbor entries in the form of "ip|mac;ip|mac;...". ipv6 are supported ``` - $ LKL_HIJACK_NET_ARP="192.168.13.100|12:34:56:78:9a:bc;192.168.13.101|12:34:56:78:9a:be" + $ LKL_HIJACK_NET_NEIGHBOR="192.168.13.100|12:34:56:78:9a:bc;2001:db8:0:f101::3|12:34:56:78:9a:be" lkl-hijack.sh ip neighbor show ``` * LKL_HIJACK_DEBUG diff --git a/tools/lkl/include/lkl.h b/tools/lkl/include/lkl.h index 2310a28700e294..0725eb603cecff 100644 --- a/tools/lkl/include/lkl.h +++ b/tools/lkl/include/lkl.h @@ -222,6 +222,24 @@ int lkl_if_set_ipv4(int ifindex, unsigned int addr, unsigned int netmask_len); */ int lkl_set_ipv4_gateway(unsigned int addr); +/** + * lkl_if_set_ipv6 - set IPv6 address on interface + * + * @ifindex - the ifindex of the interface + * @addr - 16-byte IPv6 address (i.e., struct in6_addr) + * @netprefix_len - prefix length of the @addr + * @returns - return 0 if no error: otherwise negative value returns + */ +int lkl_if_set_ipv6(int ifindex, void* addr, unsigned int netprefix_len); + +/** + * lkl_set_ipv6_gateway - add an IPv6 default route + * + * @addr - 16-byte IPv6 address of the gateway (i.e., struct in6_addr) + * @returns - return 0 if no error: otherwise negative value returns + */ +int lkl_set_ipv6_gateway(void* addr); + /** * lkl_netdev - host network device handle, defined in lkl_host.h. */ @@ -321,12 +339,13 @@ struct lkl_netdev *lkl_netdev_raw_create(const char *ifname); void lkl_register_dbg_handler(); /** - * lkl_add_arp_entry - add a permanent arp entry + * lkl_add_neighbor - add a permanent arp entry * @ifindex - the ifindex of the interface + * @af - adress family of the ip address. Must be LKL_AF_INET or LKL_AF_INET6 * @ip - ip address of the entry in network byte order * @mac - mac address of the entry */ -int lkl_add_arp_entry(int ifindex, unsigned int ip, void* mac); +int lkl_add_neighbor(int ifindex, int af, void* addr, void* mac); #ifdef __cplusplus } diff --git a/tools/lkl/lib/hijack/init.c b/tools/lkl/lib/hijack/init.c index 9307977e77ace0..b4c8d65c3dc74e 100644 --- a/tools/lkl/lib/hijack/init.c +++ b/tools/lkl/lib/hijack/init.c @@ -65,13 +65,14 @@ int parse_mac_str(char *mac_str, __lkl__u8 mac[LKL_ETH_ALEN]) return 1; } -/* Add permanent arp entries in the form of "ip|mac;ip|mac;..." */ -static void add_arp(int ifindex, char* entries) { +/* Add permanent neighbor entries in the form of "ip|mac;ip|mac;..." */ +static void add_neighbor(int ifindex, char* entries) { char *saveptr = NULL, *token = NULL; char *ip = NULL, *mac_str = NULL; int ret = 0; __lkl__u8 mac[LKL_ETH_ALEN]; - unsigned int ip_addr; + char ip_addr[16]; + int af; for (token = strtok_r(entries, ";", &saveptr); token; token = strtok_r(NULL, ";", &saveptr)) { @@ -80,15 +81,25 @@ static void add_arp(int ifindex, char* entries) { if (ip == NULL || mac_str == NULL || strtok(NULL, "|") != NULL) { return; } - ip_addr = inet_addr(ip); + af = LKL_AF_INET; + ret = inet_pton(AF_INET, ip, ip_addr); + if (ret == 0) { + ret = inet_pton(AF_INET6, ip, ip_addr); + af = LKL_AF_INET6; + } + if (ret != 1) { + fprintf(stderr, "Bad ip address: %s\n", ip); + return; + } + ret = parse_mac_str(mac_str, mac); if (ret != 1) { fprintf(stderr, "Failed to parse mac: %s\n", mac_str); return; } - ret = lkl_add_arp_entry(ifindex, ip_addr, mac); + ret = lkl_add_neighbor(ifindex, af, ip_addr, mac); if (ret) { - fprintf(stderr, "Failed to add arp entry: %s\n", lkl_strerror(ret)); + fprintf(stderr, "Failed to add neighbor entry: %s\n", lkl_strerror(ret)); return; } } @@ -215,13 +226,16 @@ hijack_init(void) char *mtu_str = getenv("LKL_HIJACK_NET_MTU"); __lkl__u8 mac[LKL_ETH_ALEN] = {0}; char *ip = getenv("LKL_HIJACK_NET_IP"); + char *ipv6 = getenv("LKL_HIJACK_NET_IPV6"); char *mac_str = getenv("LKL_HIJACK_NET_MAC"); char *netmask_len = getenv("LKL_HIJACK_NET_NETMASK_LEN"); + char *netmask6_len = getenv("LKL_HIJACK_NET_NETMASK6_LEN"); char *gateway = getenv("LKL_HIJACK_NET_GATEWAY"); + char *gateway6 = getenv("LKL_HIJACK_NET_GATEWAY6"); char *debug = getenv("LKL_HIJACK_DEBUG"); char *mount = getenv("LKL_HIJACK_MOUNT"); struct lkl_netdev *nd = NULL; - char *arp_entries = getenv("LKL_HIJACK_NET_ARP"); + char *neigh_entries = getenv("LKL_HIJACK_NET_NEIGHBOR"); /* single_cpu mode: * 0: Don't pin to single CPU (default). * 1: Pin only LKL kernel threads to single CPU. @@ -393,11 +407,38 @@ hijack_init(void) } } + if (nd_ifindex >= 0 && ipv6 && netmask6_len) { + char addr[16]; + unsigned int pflen = atoi(netmask6_len); + + if (inet_pton(AF_INET6, ipv6, addr) != 1) { + fprintf(stderr, "Invalid ipv6 addr: %s\n", ipv6); + } else { + ret = lkl_if_set_ipv6(nd_ifindex, addr, pflen); + if (ret < 0) + fprintf(stderr, "failed to set IPv6address: %s\n", + lkl_strerror(ret)); + } + } + + if (nd_ifindex >= 0 && gateway6) { + char gw[16]; + + if (inet_pton(AF_INET6, gateway6, gw) != 1) { + fprintf(stderr, "Invalid ipv6 gateway: %s\n", gateway6); + } else { + ret = lkl_set_ipv6_gateway(gw); + if (ret< 0) + fprintf(stderr, "failed to set IPv6 gateway: %s\n", + lkl_strerror(ret)); + } + } + if (mount) mount_cmds_exec(mount, mount_fs); - if (nd_ifindex >=0 && arp_entries) - add_arp(nd_ifindex, arp_entries); + if (nd_ifindex >=0 && neigh_entries) + add_neighbor(nd_ifindex, neigh_entries); } void __attribute__((destructor)) diff --git a/tools/lkl/lib/net.c b/tools/lkl/lib/net.c index 64121a3739ac59..0b11c80d78afee 100644 --- a/tools/lkl/lib/net.c +++ b/tools/lkl/lib/net.c @@ -143,6 +143,44 @@ int lkl_set_ipv4_gateway(unsigned int addr) return err; } +int lkl_if_set_ipv6(int ifindex, void* addr, unsigned int netprefix_len) +{ + struct lkl_in6_ifreq ifr6; + int err, sock; + + if (netprefix_len >= 128) + return -LKL_EINVAL; + + sock = lkl_sys_socket(LKL_AF_INET6, LKL_SOCK_DGRAM, 0); + if (sock < 0) + return sock; + + memcpy(&ifr6.ifr6_addr.lkl_s6_addr, addr, sizeof(struct lkl_in6_addr)); + ifr6.ifr6_ifindex = ifindex; + ifr6.ifr6_prefixlen = netprefix_len; + + err = lkl_sys_ioctl(sock, LKL_SIOCSIFADDR, (long)&ifr6); + lkl_sys_close(sock); + return err; +} + +int lkl_set_ipv6_gateway(void* addr) +{ + int err, sock; + struct lkl_in6_rtmsg route; + + sock = lkl_sys_socket(LKL_AF_INET6, LKL_SOCK_DGRAM, 0); + if (sock < 0) + return sock; + memset(&route, 0, sizeof(route)); + memcpy(&route.rtmsg_gateway, addr, sizeof(struct lkl_in6_addr)); + route.rtmsg_flags = LKL_RTF_UP | LKL_RTF_GATEWAY; + + err = lkl_sys_ioctl(sock, LKL_SIOCADDRT, (long)&route); + lkl_sys_close(sock); + return err; +} + int lkl_netdev_get_ifindex(int id) { struct lkl_ifreq ifr; @@ -159,44 +197,165 @@ int lkl_netdev_get_ifindex(int id) return ret < 0 ? ret : ifr.lkl_ifr_ifindex; } -struct lkl_arpreq { - struct lkl_sockaddr arp_pa; /* protocol address */ - struct lkl_sockaddr arp_ha; /* hardware address */ - int arp_flags; /* flags */ - struct lkl_sockaddr arp_netmask; /* netmask of protocol address */ - char arp_dev[LKL_IFNAMSIZ]; -}; +#define LKL_MSG_TRUNC 0x20 -#define LKL_ATF_PERM 0x04 -#define LKL_ATF_COM 0x02 +// Copied from iproute2/lib/libnetlink.c +static unsigned int seq = 0; +static int rtnl_talk(int fd, struct lkl_nlmsghdr *n) +{ + int status; + struct lkl_nlmsghdr *h; + struct lkl_sockaddr_nl nladdr = {.nl_family = LKL_AF_NETLINK}; + struct lkl_iovec iov = {.iov_base = (void *)n, .iov_len = n->nlmsg_len}; + struct lkl_user_msghdr msg = { + .msg_name = &nladdr, + .msg_namelen = sizeof(nladdr), + .msg_iov = &iov, + .msg_iovlen = 1, + }; + char buf[32768] = {}; + + n->nlmsg_seq = seq; + n->nlmsg_flags |= LKL_NLM_F_ACK; + + status = lkl_sys_sendmsg(fd, &msg, 0); + if (status < 0) { + lkl_perror("Cannot talk to rtnetlink", status); + return -1; + } -int lkl_add_arp_entry(int ifindex, unsigned int ip, void* mac) { - struct lkl_arpreq req; - int ret = 0; - struct lkl_ifreq ifr; - struct lkl_sockaddr_in* sin = (struct lkl_sockaddr_in*)&req.arp_pa; - int sock; + iov.iov_base = buf; + while (1) { + iov.iov_len = sizeof(buf); + status = lkl_sys_recvmsg(fd, &msg, 0); - bzero(&req, sizeof(req)); - sin->sin_family = LKL_AF_INET; - sin->sin_addr.lkl_s_addr = ip; - memcpy(req.arp_ha.sa_data, mac, LKL_ETH_ALEN); - - sock = lkl_sys_socket(LKL_AF_INET, LKL_SOCK_DGRAM, 0); - if (sock < 0) { - return sock; - } + if (status < 0) { + if (status == -LKL_EINTR || status == -LKL_EAGAIN) + continue; + lkl_perror("netlink receive error \n", status); + return status; + } + if (status == 0) { + fprintf(stderr, "EOF on netlink\n"); + return -1; + } + if (msg.msg_namelen != sizeof(nladdr)) { + fprintf(stderr, "sender address length == %d\n", + msg.msg_namelen); + return -1; + } + for (h = (struct lkl_nlmsghdr *)buf; status >= (int)sizeof(*h);) { + int len = h->nlmsg_len; + int l = len - sizeof(*h); + + if (l < 0 || len > status) { + if (msg.msg_flags & LKL_MSG_TRUNC) { + fprintf(stderr, "Truncated message\n"); + return -1; + } + fprintf(stderr, "!!!malformed message: len=%d\n", + len); + return -1; + } + if (nladdr.nl_pid != 0 || h->nlmsg_seq != seq++) { + /* Don't forget to skip that message. */ + status -= LKL_NLMSG_ALIGN(len); + h = (struct lkl_nlmsghdr *)((char *)h + + LKL_NLMSG_ALIGN(len)); + continue; + } + + if (h->nlmsg_type == LKL_NLMSG_ERROR) { + struct lkl_nlmsgerr *err = + (struct lkl_nlmsgerr *)LKL_NLMSG_DATA(h); + if (l < (int)sizeof(struct lkl_nlmsgerr)) { + fprintf(stderr, "ERROR truncated\n"); + } else if (!err->error) { + return 0; + } + fprintf(stderr, "RTNETLINK answers: %s\n", + strerror(-err->error)); + return -1; + } + + fprintf(stderr, "Unexpected reply!!!\n"); + + status -= LKL_NLMSG_ALIGN(len); + h = (struct lkl_nlmsghdr *)((char *)h + + LKL_NLMSG_ALIGN(len)); + } - req.arp_flags = LKL_ATF_PERM | LKL_ATF_COM; + if (msg.msg_flags & LKL_MSG_TRUNC) { + fprintf(stderr, "Message truncated\n"); + continue; + } - ret = ifindex_to_name(sock, &ifr, ifindex); - if (ret < 0) { - lkl_sys_close(sock); - return ret; + if (status) { + fprintf(stderr, "!!!Remnant of size %d\n", status); + return -1; + } } - strcpy(req.arp_dev, ifr.ifr_ifrn.ifrn_name); +} - ret = lkl_sys_ioctl(sock, LKL_SIOCSARP, (long)(&req)); - lkl_sys_close(sock); - return ret; +int lkl_add_neighbor(int ifindex, int af, void* ip, void* mac) +{ + struct lkl_sockaddr_nl la; + struct { + struct lkl_nlmsghdr n; + struct lkl_ndmsg r; + char buf[1024]; + } req2; + int err, addr_sz, fd; + int ndmsglen = LKL_NLMSG_LENGTH(sizeof(struct lkl_ndmsg)); + struct lkl_rtattr *dstattr; + + if (af == LKL_AF_INET) + addr_sz = 4; + else if (af == LKL_AF_INET6) + addr_sz = 16; + else { + fprintf(stderr, "Bad address family: %d\n", af); + return -1; + } + fd = lkl_sys_socket(LKL_AF_NETLINK, LKL_SOCK_DGRAM, LKL_NETLINK_ROUTE); + if (fd < 0) + return fd; + + memset(&la, 0, sizeof(la)); + la.nl_family = LKL_AF_NETLINK; + err = lkl_sys_bind(fd, (struct lkl_sockaddr *)&la, sizeof(la)); + if (err < 0) goto exit; + + memset(&req2, 0, sizeof(req2)); + + // create the IP attribute + dstattr = (struct lkl_rtattr *)req2.buf; + dstattr->rta_type = LKL_NDA_DST; + dstattr->rta_len = sizeof(struct lkl_rtattr) + addr_sz; + memcpy(((char *)dstattr) + sizeof(struct lkl_rtattr), ip, addr_sz); + ndmsglen += dstattr->rta_len; + + // create the MAC attribute + dstattr = (struct lkl_rtattr *)(req2.buf + dstattr->rta_len); + dstattr->rta_type = LKL_NDA_LLADDR; + dstattr->rta_len = sizeof(struct lkl_rtattr) + 6; + memcpy(((char *)dstattr) + sizeof(struct lkl_rtattr), mac, 6); + ndmsglen += dstattr->rta_len; + + // fill in the netlink message header + req2.n.nlmsg_len = ndmsglen; + req2.n.nlmsg_type = LKL_RTM_NEWNEIGH; + req2.n.nlmsg_flags = + LKL_NLM_F_REQUEST | LKL_NLM_F_CREATE | LKL_NLM_F_REPLACE; + + // fill in the netlink message NEWNEIGH + req2.r.ndm_family = af; + req2.r.ndm_ifindex = ifindex; + req2.r.ndm_state = LKL_NUD_PERMANENT; + + err = rtnl_talk(fd, &req2.n); + +exit: + close(fd); + return err; } diff --git a/tools/lkl/tests/hijack-test.sh b/tools/lkl/tests/hijack-test.sh index 9d98e8ca70673c..deb61de2807041 100755 --- a/tools/lkl/tests/hijack-test.sh +++ b/tools/lkl/tests/hijack-test.sh @@ -67,12 +67,17 @@ export LKL_HIJACK_NET_IFTYPE=tap export LKL_HIJACK_NET_IFPARAMS=lkl_ptt0 export LKL_HIJACK_NET_IP=192.168.13.2 export LKL_HIJACK_NET_NETMASK_LEN=24 +export LKL_HIJACK_NET_GATEWAY=192.168.13.1 +export LKL_HIJACK_NET_IPV6=2001:db8:0:f102::2 +export LKL_HIJACK_NET_NETMASK6_LEN=64 +export LKL_HIJACK_NET_GATEWAY6=2001:db8:0:f102::1 # Set up the TAP device we'd like to use sudo ip tuntap del dev lkl_ptt0 mode tap || true sudo ip tuntap add dev lkl_ptt0 mode tap user $USER sudo ip link set dev lkl_ptt0 up sudo ip addr add dev lkl_ptt0 192.168.13.1/24 +sudo ip -6 addr add dev lkl_ptt0 2001:db8:0:f102::1/64 # Make sure our device has the addresses we expect addr=$(LKL_HIJACK_DEBUG=1\ @@ -80,26 +85,38 @@ addr=$(LKL_HIJACK_DEBUG=1\ echo "$addr" | grep eth0 echo "$addr" | grep 192.168.13.2 echo "$addr" | grep "aa:bb:cc:dd:ee:ff" +echo "$addr" | grep "2001:db8:0:f102::2" ! echo "$addr" | grep "WARN: failed to free" # Copy ping so we're allowed to run it under LKL cp `which ping` . +cp `which ping6` . # Make sure we can ping the host from inside LKL ${hijack_script} ./ping 192.168.13.1 -c 1 -rm ./ping +${hijack_script} ./ping6 2001:db8:0:f102::1 -c 10 +rm ./ping ./ping6 # Now let's check that the host can see LKL. -sudo arp -d 192.168.13.2 +sudo ip -6 neigh del 2001:db8:0:f102::2 dev lkl_ptt0 +sudo ip neigh del 192.168.13.2 dev lkl_ptt0 sudo ping -i 0.01 -c 65 192.168.13.2 & +sudo ping6 -i 0.01 -c 65 2001:db8:0:f102::2 & ${hijack_script} sleep 3 -# add arp entries -ans=$(LKL_HIJACK_NET_ARP="192.168.13.100|12:34:56:78:9a:bc;192.168.13.101|12:34:56:78:9a:be"\ +# add neighbor entries +ans=$(LKL_HIJACK_NET_NEIGHBOR="192.168.13.100|12:34:56:78:9a:bc;2001:db8:0:f102::100|12:34:56:78:9a:be"\ ${hijack_script} ip neighbor show) || true echo "$ans" | tail -n 15 | grep "12:34:56:78:9a:bc" echo "$ans" | tail -n 15 | grep "12:34:56:78:9a:be" +# gateway +ans=$(${hijack_script} ip route show) || true +echo "$ans" | tail -n 15 | grep "192.168.13.1" + +# gateway v6 +ans=$(${hijack_script} ip -6 route show) || true +echo "$ans" | tail -n 15 | grep "2001:db8:0:f102::1" sh ${script_dir}/run_netperf.sh 192.168.13.1 1 0 TCP_STREAM sh ${script_dir}/run_netperf.sh 192.168.13.1 1 0 TCP_RR