From: David Wei <dw@davidwei.uk>
To: Bobby Eshleman <bobbyeshleman@gmail.com>, Wei Wang <weibunny@fb.com>
Cc: netdev@vger.kernel.org, Jakub Kicinski <kuba@kernel.org>,
Daniel Zahka <daniel.zahka@gmail.com>,
Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
Andrew Lunn <andrew+netdev@lunn.ch>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Daniel Borkmann <daniel@iogearbox.net>
Subject: Re: [PATCH net-next 3/9] selftests/net: Add env for container based tests
Date: Sat, 28 Feb 2026 20:18:30 -0800 [thread overview]
Message-ID: <eda2e2da-6f22-4c8e-9b63-837bc349599e@davidwei.uk> (raw)
In-Reply-To: <aZ3pl177Q6+uJCCN@devvm11784.nha0.facebook.com>
On 2026-02-24 10:10, Bobby Eshleman wrote:
> On Mon, Feb 23, 2026 at 04:24:03PM -0800, Wei Wang wrote:
>> From: David Wei <dw@davidwei.uk>
>>
>> Add an env NetDrvContEnv for container based selftests. This automates
>> the setup of a netns, netkit pair with one inside the netns, and a BPF
>> program that forwards skbs from the NETIF host inside the container.
>>
>> Currently only netkit is used, but other virtual netdevs e.g. veth can
>> be used too.
>>
>> Expect netkit container datapath selftests to have a publicly routable
>> IP prefix to assign to netkit in a container, such that packets will
>> land on eth0. The BPF skb forward program will then forward such packets
>> from the host netns to the container netns.
>>
>> Signed-off-by: David Wei <dw@davidwei.uk>
>> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
>> ---
>> .../testing/selftests/drivers/net/README.rst | 19 ++
>> .../drivers/net/hw/lib/py/__init__.py | 7 +-
>> .../selftests/drivers/net/lib/py/__init__.py | 7 +-
>> .../selftests/drivers/net/lib/py/env.py | 163 ++++++++++++++++++
>> 4 files changed, 190 insertions(+), 6 deletions(-)
>>
>> diff --git a/tools/testing/selftests/drivers/net/README.rst b/tools/testing/selftests/drivers/net/README.rst
>> index eb838ae94844..39370a83f238 100644
>> --- a/tools/testing/selftests/drivers/net/README.rst
>> +++ b/tools/testing/selftests/drivers/net/README.rst
>> @@ -62,6 +62,25 @@ LOCAL_V4, LOCAL_V6, REMOTE_V4, REMOTE_V6
>>
>> Local and remote endpoint IP addresses.
>>
>> +LOCAL_PREFIX_V4, LOCAL_PREFIX_V6
>> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Still not sure we want LOCAL_PREFIX_V4 here, since it is not supported?
Thanks, I'll remove LOCAL_PREFIX_V4.
>
>> +
>> +Local IP prefix/subnet which can be used to allocate extra IP addresses (for
>> +network name spaces behind macvlan, veth, netkit devices). DUT must be
>> +reachable using these addresses from the endpoint.
>> +
>> + +-------------+ +----------------------------+
>> + | INIT NS | | TEST NS |
>> + | +---------+ | | +------------------------+ |
>> + | | NETIF | | bpf | | Netkit | |
>> + | | |-|--------|>| nk_guest | |
>> + | +---------+ | | | {LOCAL_PREFIX_V6}::2:2 | |
>> + | +---------+ | | +------------------------+ |
>> + | | Netkit | | +----------------------------+
>> + | | nk_host | |
>> + | +---------+ |
>> + +-------------+
>> +
>
> One thing I noticed when I tested this was the flow broke down when
> NETIF's address happened to match LOCAL_PREFIX_V6. I didn't fully reason
> through why this was the case, but maybe it's worth mentioning in the
> docs here?
If NETIF's address matches LOCAL_PREFIX_V6, the installed bpf prog is
going to forward _all_ packets to Netkit in the netns. That's likely why
it doesn't work.
I'll mention that NETIF must not match LOCAL_PREFIX_V6 in the kdocs and
the diagram, then assert that in NetDrvContEnv as well. Thanks.
>
>> REMOTE_TYPE
>> ~~~~~~~~~~~
>>
[...]
>> diff --git a/tools/testing/selftests/drivers/net/lib/py/env.py b/tools/testing/selftests/drivers/net/lib/py/env.py
>> index 41cc248ac848..857ae0f37516 100644
>> --- a/tools/testing/selftests/drivers/net/lib/py/env.py
>> +++ b/tools/testing/selftests/drivers/net/lib/py/env.py
[...]
>> @@ -289,3 +292,163 @@ class NetDrvEpEnv(NetDrvEnvBase):
>> data.get('stats-block-usecs', 0) / 1000 / 1000
>>
>> time.sleep(self._stats_settle_time)
>> +
>> +
>> +class NetDrvContEnv(NetDrvEpEnv):
>> + """
>> + Class for an environment with a netkit pair setup for forwarding traffic
>> + between the physical interface and a network namespace.
>> + +-------------+ +----------------------------+
>> + | INIT NS | | TEST NS |
>> + | +---------+ | | +------------------------+ |
>> + | | NETIF | | bpf | | Netkit | |
>> + | | |-|--------|>| nk_guest | |
>> + | +---------+ | | | {LOCAL_PREFIX_V6}::2:2 | |
>> + | +---------+ | | +------------------------+ |
>> + | | Netkit | | +----------------------------+
>> + | | nk_host | |
>> + | +---------+ |
>> + +-------------+
>> + """
>> +
>> + def __init__(self, src_path, rxqueues=1, **kwargs):
>> + super().__init__(src_path, **kwargs)
>> +
>> + self.netns = None
>> + self._nk_host_ifname = None
>> + self._nk_guest_ifname = None
>> + self._tc_clsact_added = False
>> + self._tc_attached = False
>> + self._bpf_prog_pref = None
>> + self._bpf_prog_id = None
>> + self._init_ns_attached = False
>
> One problem with these attrs is that if super().__init__() fails
> (NetDrvEpEnv.__init__()) then these will raise attribute errors in
> __del__().
>
> This can happen if NetDrvEpEnv.remote_remote_ifc() (for example) throws
> an exception because it couldn't find the address the user configured.
>
> One alternative to getattr() is moving these assignments before
> super().__init__()?
Sounds good, I'll move it above super().__init__().
>
> Best,
> Bobby
>
next prev parent reply other threads:[~2026-03-01 4:18 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-24 0:24 [PATCH net-next 0/9] psp: Add support for dev-assoc/disassoc Wei Wang
2026-02-24 0:24 ` [PATCH net-next 2/9] selftests/net: Export Netlink class via lib.py Wei Wang
2026-02-24 0:24 ` [PATCH net-next 3/9] selftests/net: Add env for container based tests Wei Wang
2026-02-24 18:10 ` Bobby Eshleman
2026-02-28 2:30 ` Jakub Kicinski
2026-03-01 4:15 ` David Wei
2026-03-01 4:17 ` David Wei
2026-03-01 4:18 ` David Wei [this message]
2026-02-24 0:24 ` [PATCH net-next 4/9] selftests/net: Add netkit container ping test Wei Wang
2026-02-24 0:24 ` [PATCH net-next 5/9] psp: add unprivileged version of psp_device_get_locked Wei Wang
2026-02-24 0:24 ` [PATCH net-next 6/9] psp: Add new netlink cmd for dev-assoc and dev-disassoc Wei Wang
2026-02-24 0:24 ` [PATCH net-next 7/9] psp: add a new netdev event for dev unregister Wei Wang
2026-02-24 0:24 ` [PATCH net-next 8/9] selftests/net: Add bpf skb forwarding program Wei Wang
2026-02-24 18:56 ` Bobby Eshleman
2026-02-24 0:24 ` [PATCH net-next 9/9] selftest/net: psp: Add test for dev-assoc/disassoc Wei Wang
2026-02-28 2:33 ` Jakub Kicinski
[not found] ` <20260224002410.1553838-2-weibunny@fb.com>
2026-02-28 2:34 ` [PATCH net-next 1/9] selftests/net: Add bpf skb forwarding program Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=eda2e2da-6f22-4c8e-9b63-837bc349599e@davidwei.uk \
--to=dw@davidwei.uk \
--cc=andrew+netdev@lunn.ch \
--cc=bobbyeshleman@gmail.com \
--cc=daniel.zahka@gmail.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=weibunny@fb.com \
--cc=willemdebruijn.kernel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox