samples/bpf: ensure ipv6 is enabled before running tests

Currently, a few of BPF tests use ipv6 functionality. The problem here
is that if ipv6 is disabled, these tests will fail, and even if the
test fails, it will not tell you why it failed.

    $ sudo ./test_cgrp2_sock2.sh
    RTNETLINK answers: Permission denied

In order to fix this, this commit ensures ipv6 is enabled prior to
running tests.

Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230115071613.125791-2-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

diff --git a/samples/bpf/tc_l2_redirect.sh b/samples/bpf/tc_l2_redirect.sh
index 37d95ef3c20fe1f7d0945924658521d132111519..a28a8fc99dbeda42833ad73f2e780372e19e3637 100755 (executable)
--- a/samples/bpf/tc_l2_redirect.sh
+++ b/samples/bpf/tc_l2_redirect.sh
@@ -8,6 +8,7 @@ REDIRECT_USER='./tc_l2_redirect'
 REDIRECT_BPF='./tc_l2_redirect_kern.o'
 
 RP_FILTER=$(< /proc/sys/net/ipv4/conf/all/rp_filter)
+IPV6_DISABLED=$(< /proc/sys/net/ipv6/conf/all/disable_ipv6)
 IPV6_FORWARDING=$(< /proc/sys/net/ipv6/conf/all/forwarding)
 
 function config_common {
@@ -64,6 +65,7 @@ function config_common {
 
        sysctl -q -w net.ipv4.conf.all.rp_filter=0
        sysctl -q -w net.ipv6.conf.all.forwarding=1
+       sysctl -q -w net.ipv6.conf.all.disable_ipv6=0
 }
 
 function cleanup {
@@ -77,6 +79,7 @@ function cleanup {
        $IP link del ip6t >& /dev/null
        sysctl -q -w net.ipv4.conf.all.rp_filter=$RP_FILTER
        sysctl -q -w net.ipv6.conf.all.forwarding=$IPV6_FORWARDING
+       sysctl -q -w net.ipv6.conf.all.disable_ipv6=$IPV6_DISABLED
        rm -f /sys/fs/bpf/tc/globals/tun_iface
        [[ -z $DEBUG ]] || set -x
        set -e

diff --git a/samples/bpf/test_cgrp2_sock2.sh b/samples/bpf/test_cgrp2_sock2.sh
index 6a3dbe642b2bd66440a60726ba0705622663a1dc..ac45828ed2bd75c3f35ddb1e54d5dc023df62d90 100755 (executable)
--- a/samples/bpf/test_cgrp2_sock2.sh
+++ b/samples/bpf/test_cgrp2_sock2.sh
@@ -7,13 +7,15 @@ LINK_PIN=$BPFFS/test_cgrp2_sock2
 function config_device {
        ip netns add at_ns0
        ip link add veth0 type veth peer name veth0b
-       ip link set veth0b up
        ip link set veth0 netns at_ns0
+       ip netns exec at_ns0 sysctl -q net.ipv6.conf.veth0.disable_ipv6=0
        ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
        ip netns exec at_ns0 ip addr add 2401:db00::1/64 dev veth0 nodad
        ip netns exec at_ns0 ip link set dev veth0 up
+       sysctl -q net.ipv6.conf.veth0b.disable_ipv6=0
        ip addr add 172.16.1.101/24 dev veth0b
        ip addr add 2401:db00::2/64 dev veth0b nodad
+       ip link set veth0b up
 }
 
 function config_cgroup {

diff --git a/samples/bpf/test_cgrp2_tc.sh b/samples/bpf/test_cgrp2_tc.sh
index 395573be6ae8b64c5aa0e2aac3475f498d3a2787..a6f1ed03ddf6e0151225262d0c6b728cc3631b9c 100755 (executable)
--- a/samples/bpf/test_cgrp2_tc.sh
+++ b/samples/bpf/test_cgrp2_tc.sh
@@ -73,11 +73,13 @@ setup_net() {
        start)
            $IP link add $HOST_IFC type veth peer name $NS_IFC || return $?
            $IP link set dev $HOST_IFC up || return $?
+           sysctl -q net.ipv6.conf.$HOST_IFC.disable_ipv6=0
            sysctl -q net.ipv6.conf.$HOST_IFC.accept_dad=0
 
            $IP netns add ns || return $?
            $IP link set dev $NS_IFC netns ns || return $?
            $IP -n $NS link set dev $NS_IFC up || return $?
+           $IP netns exec $NS sysctl -q net.ipv6.conf.$NS_IFC.disable_ipv6=0
            $IP netns exec $NS sysctl -q net.ipv6.conf.$NS_IFC.accept_dad=0
            $TC qdisc add dev $HOST_IFC clsact || return $?
            $TC filter add dev $HOST_IFC egress bpf da obj $BPF_PROG sec $BPF_SECTION || return $?