passt: Relicense to GPL 2.0, or any later version
In practical terms, passt doesn't benefit from the additional
protection offered by the AGPL over the GPL, because it's not
suitable to be executed over a computer network.
Further, restricting the distribution under the version 3 of the GPL
wouldn't provide any practical advantage either, as long as the passt
codebase is concerned, and might cause unnecessary compatibility
dilemmas.
Change licensing terms to the GNU General Public License Version 2,
or any later version, with written permission from all current and
past contributors, namely: myself, David Gibson, Laine Stump, Andrea
Bolognani, Paul Holzinger, Richard W.M. Jones, Chris Kuhn, Florian
Weimer, Giuseppe Scrivano, Stefan Hajnoczi, and Vasiliy Ulyanov.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-05 20:11:44 +02:00
|
|
|
# SPDX-License-Identifier: GPL-2.0-or-later
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
#
|
|
|
|
# PASST - Plug A Simple Socket Transport
|
|
|
|
# for qemu/UNIX domain socket mode
|
|
|
|
#
|
|
|
|
# PASTA - Pack A Subtle Tap Abstraction
|
|
|
|
# for network namespace/tap device mode
|
|
|
|
#
|
|
|
|
# test/memory/passt - Show memory usage of passt in kernel and userspace
|
|
|
|
#
|
|
|
|
# Copyright (c) 2022 Red Hat GmbH
|
|
|
|
# Author: Stefano Brivio <sbrivio@redhat.com>
|
|
|
|
|
|
|
|
gtools sed cat diff nm sort kill tee head tail chroot unshare mount mkdir cp
|
|
|
|
|
|
|
|
def meminfo_row
|
|
|
|
gout DIFF meminfo_diff /tmp/meminfo.before /tmp/meminfo.after __WHAT__
|
|
|
|
tl __NAME__
|
|
|
|
td __DIFF__ 3 0 0
|
|
|
|
endef
|
|
|
|
|
|
|
|
def meminfo_reverse_row
|
|
|
|
gout DIFF meminfo_diff /tmp/meminfo.after /tmp/meminfo.before __WHAT__
|
|
|
|
tl __NAME__
|
|
|
|
td __DIFF__ 3 0 0
|
|
|
|
endef
|
|
|
|
|
|
|
|
def nm_row
|
|
|
|
gout SIZE nm_size /tmp/nm.size __WHAT__
|
|
|
|
tl __WHAT__
|
|
|
|
td __SIZE__ 6 0 0
|
|
|
|
endef
|
|
|
|
|
|
|
|
def slab_row
|
|
|
|
gout COUNT slab_diff_count /tmp/slabinfo.before /tmp/slabinfo.after __WHAT__
|
|
|
|
gout SIZE slab_size /tmp/slabinfo.before __WHAT__
|
|
|
|
gout DIFF slab_diff_size /tmp/slabinfo.before /tmp/slabinfo.after __WHAT__
|
|
|
|
tl __WHAT__
|
|
|
|
td __COUNT__ 0 0 0
|
|
|
|
td __SIZE__ 0 0 0
|
|
|
|
td __DIFF__ 6 0 0
|
|
|
|
endef
|
|
|
|
|
|
|
|
def start_stop_diff
|
|
|
|
guest sed /proc/slabinfo -ne 's/^\([^ ]* *[^ ]* *[^ ]* *[^ ]*\).*/\\\1/p' > /tmp/slabinfo.before
|
|
|
|
guest cat /proc/meminfo > /tmp/meminfo.before
|
test: Fix memory/passt tests, --netns-only is not a valid option for passt
This used to work on my setup as I kept reusing an old mbuto
(initramfs) image, but since commit 65923ba79877 ("conf: Accept
duplicate and conflicting options, the last one wins"), --netns-only
is, as originally intended, a pasta-only option.
I had used --netns-only, here, to prevent passt from trying to detach
its own user namespace, which is not permitted as we're in a chroot,
see unshare(2). In turn, we need the chroot because passt can't pivot
root directly into its own empty filesystem using an initramfs.
Use switch_root into the tmpfs mountpoint instead of chroot, so that
we can still detach user namespaces.
Note that in the mbuto images, we can't switch to nobody as we have
no password entries at all, so we need to detach a further user
namespace before starting passt, to trick passt into running as UID
0.
Given the new sequence, it's now more convenient to directly switch
to a detached network namespace as well, which means we need to move
the initialisation of the dummy network from the init script into the
test script.
Reported-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: David Gibson <david@gibson.dropbear.id.au>
2024-07-24 20:13:35 +02:00
|
|
|
guest /bin/passt.avx2 -l /tmp/log -s /tmp/sock -P /tmp/pid __OPTS__
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
sleep 2
|
|
|
|
guest cat /proc/meminfo > /tmp/meminfo.after
|
|
|
|
guest sed /proc/slabinfo -ne 's/^\([^ ]* *[^ ]* *[^ ]* *[^ ]*\).*/\\\1/p' > /tmp/slabinfo.after
|
|
|
|
guest kill \$(cat /tmp/pid)
|
|
|
|
guest diff -y --suppress-common-lines /tmp/meminfo.before /tmp/meminfo.after || :
|
2022-11-04 11:51:30 +01:00
|
|
|
guest nm -td -Sr --size-sort -P /bin/passt.avx2 | head -30 | tee /tmp/nm.size
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
guest sed /proc/slabinfo -ne 's/\(.*<objsize>\).*$/\1/p' | tail -1; (diff -y --suppress-common-lines /tmp/slabinfo.before /tmp/slabinfo.after | sort -grk8)
|
|
|
|
endef
|
|
|
|
|
|
|
|
def summary
|
|
|
|
info Memory usage summary
|
|
|
|
info
|
|
|
|
th type MiB
|
|
|
|
set WHAT MemFree
|
|
|
|
set NAME used
|
|
|
|
meminfo_reverse_row
|
|
|
|
set WHAT AnonPages
|
|
|
|
set NAME userspace
|
|
|
|
meminfo_row
|
|
|
|
set WHAT Slab
|
|
|
|
set NAME kernel
|
|
|
|
meminfo_row
|
|
|
|
te
|
|
|
|
endef
|
|
|
|
|
|
|
|
|
|
|
|
guest mkdir /test
|
|
|
|
guest mount -t tmpfs none /test
|
|
|
|
guest mkdir /test/proc /test/dev /test/tmp
|
|
|
|
guest mount -o bind /proc /test/proc
|
|
|
|
guest mount -o bind /dev /test/dev
|
|
|
|
guest cp -Lr /bin /lib /lib64 /usr /sbin /test/
|
|
|
|
|
test: Fix memory/passt tests, --netns-only is not a valid option for passt
This used to work on my setup as I kept reusing an old mbuto
(initramfs) image, but since commit 65923ba79877 ("conf: Accept
duplicate and conflicting options, the last one wins"), --netns-only
is, as originally intended, a pasta-only option.
I had used --netns-only, here, to prevent passt from trying to detach
its own user namespace, which is not permitted as we're in a chroot,
see unshare(2). In turn, we need the chroot because passt can't pivot
root directly into its own empty filesystem using an initramfs.
Use switch_root into the tmpfs mountpoint instead of chroot, so that
we can still detach user namespaces.
Note that in the mbuto images, we can't switch to nobody as we have
no password entries at all, so we need to detach a further user
namespace before starting passt, to trick passt into running as UID
0.
Given the new sequence, it's now more convenient to directly switch
to a detached network namespace as well, which means we need to move
the initialisation of the dummy network from the init script into the
test script.
Reported-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: David Gibson <david@gibson.dropbear.id.au>
2024-07-24 20:13:35 +02:00
|
|
|
guest exec switch_root /test /bin/sh
|
|
|
|
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
guest ulimit -Hn 300000
|
test: Fix memory/passt tests, --netns-only is not a valid option for passt
This used to work on my setup as I kept reusing an old mbuto
(initramfs) image, but since commit 65923ba79877 ("conf: Accept
duplicate and conflicting options, the last one wins"), --netns-only
is, as originally intended, a pasta-only option.
I had used --netns-only, here, to prevent passt from trying to detach
its own user namespace, which is not permitted as we're in a chroot,
see unshare(2). In turn, we need the chroot because passt can't pivot
root directly into its own empty filesystem using an initramfs.
Use switch_root into the tmpfs mountpoint instead of chroot, so that
we can still detach user namespaces.
Note that in the mbuto images, we can't switch to nobody as we have
no password entries at all, so we need to detach a further user
namespace before starting passt, to trick passt into running as UID
0.
Given the new sequence, it's now more convenient to directly switch
to a detached network namespace as well, which means we need to move
the initialisation of the dummy network from the init script into the
test script.
Reported-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: David Gibson <david@gibson.dropbear.id.au>
2024-07-24 20:13:35 +02:00
|
|
|
guest unshare -rUn
|
|
|
|
guest ip link add eth0 type dummy
|
|
|
|
guest ip link set eth0 up
|
|
|
|
guest ip address add 192.0.2.2/24 dev eth0
|
|
|
|
guest ip address add 2001:db8::2/64 dev eth0
|
|
|
|
guest ip route add default via 192.0.2.1
|
|
|
|
guest ip -6 route add default via 2001:db8::1 dev eth0
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
|
|
|
|
guest meminfo_size() { grep "^$2:" $1 | tr -s ' ' | cut -f2 -d ' '; }
|
|
|
|
guest meminfo_diff() { echo $(( $(meminfo_size $2 $3) - $(meminfo_size $1 $3) )); }
|
|
|
|
|
|
|
|
guest nm_size() { grep -m1 "^$2 " $1 | cut -f4 -d ' '; }
|
|
|
|
|
|
|
|
guest slab_count() { grep "^$2 " $1 | tr -s ' ' | cut -f3 -d ' '; }
|
|
|
|
guest slab_size() { grep "^$2 " $1 | tr -s ' ' | cut -f4 -d ' '; }
|
|
|
|
guest slab_diff_count() { echo $(( $(slab_count $2 $3) - $(slab_count $1 $3) )); }
|
|
|
|
guest slab_diff_size() { echo $(( $(slab_count $2 $3) * $(slab_size $2 $3) - $(slab_count $1 $3) * $(slab_size $1 $3) )); }
|
|
|
|
|
|
|
|
|
|
|
|
test Memory usage: all TCP and UDP ports forwarded, IPv4 and IPv6
|
|
|
|
set OPTS -t all -u all
|
|
|
|
start_stop_diff
|
|
|
|
summary
|
|
|
|
|
|
|
|
info Userspace memory detail
|
|
|
|
info
|
|
|
|
th symbol MiB
|
|
|
|
set WHAT tcp_buf_discard
|
|
|
|
nm_row
|
2024-07-24 20:33:48 +02:00
|
|
|
set WHAT flowtab
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
nm_row
|
2024-07-24 20:33:48 +02:00
|
|
|
set WHAT tcp6_payload
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
nm_row
|
2024-07-24 20:33:48 +02:00
|
|
|
set WHAT tcp4_payload
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
nm_row
|
|
|
|
set WHAT pkt_buf
|
|
|
|
nm_row
|
2024-07-24 20:33:48 +02:00
|
|
|
set WHAT udp_payload
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
nm_row
|
2024-07-24 20:33:48 +02:00
|
|
|
set WHAT flow_hashtab
|
test: Add memory/passt test cases
These show a summary of memory usage in kernel and userspace with
different port forwarding configurations, details of userspace usage
using 'nm' (passt only uses statically allocated memory), and details
of kernel memory from slab reporting facilities.
This adds a new test image, mbuto.mem.img, with harcoded IPv4 and
IPv6 addresses and routes, and just the tools we need to start and
stop passt, to report from /proc/slabinfo, /proc/meminfo, and to
print and parse symbol sizes using nm(1).
passt can't pivot_root() for sandboxing purposes on ramfs, so we need
to create another filesystem and chroot into it, first.
We don't want to use pane context functions, as we're checking memory
usage for sockets: resort to screen-scraping.
Configure a dummy interface to provide passt with an appearance of
working IPv4 and IPv6 connectivity, contributed by David.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2022-10-31 12:20:59 +01:00
|
|
|
nm_row
|
|
|
|
set WHAT pool_tap6_storage
|
|
|
|
nm_row
|
|
|
|
set WHAT pool_tap4_storage
|
|
|
|
nm_row
|
|
|
|
set WHAT tap6_l4
|
|
|
|
nm_row
|
|
|
|
set WHAT tap4_l4
|
|
|
|
nm_row
|
|
|
|
te
|
|
|
|
|
|
|
|
info Kernel memory detail
|
|
|
|
info
|
|
|
|
th objects count size MiB
|
|
|
|
set WHAT pid
|
|
|
|
slab_row
|
|
|
|
set WHAT dentry
|
|
|
|
slab_row
|
|
|
|
set WHAT kmalloc-64
|
|
|
|
slab_row
|
|
|
|
set WHAT kmalloc-32
|
|
|
|
slab_row
|
|
|
|
set WHAT lsm_file_cache
|
|
|
|
slab_row
|
|
|
|
set WHAT filp
|
|
|
|
slab_row
|
|
|
|
set WHAT anon_vma_chain
|
|
|
|
slab_row
|
|
|
|
set WHAT ep_head
|
|
|
|
slab_row
|
|
|
|
set WHAT sock_inode_cache
|
|
|
|
slab_row
|
|
|
|
set WHAT signal_cache
|
|
|
|
slab_row
|
|
|
|
set WHAT TCPv6
|
|
|
|
slab_row
|
|
|
|
set WHAT TCP
|
|
|
|
slab_row
|
|
|
|
set WHAT UDPv6
|
|
|
|
slab_row
|
|
|
|
te
|
|
|
|
|
|
|
|
|
|
|
|
test Memory usage: all TCP ports forwarded, IPv4
|
|
|
|
set OPTS -t all -4
|
|
|
|
start_stop_diff
|
|
|
|
summary
|
|
|
|
|
|
|
|
|
|
|
|
test Memory usage: all TCP and UDP ports forwarded, IPv4
|
|
|
|
set OPTS -t all -u all -4
|
|
|
|
start_stop_diff
|
|
|
|
summary
|
|
|
|
|
|
|
|
|
|
|
|
test Memory usage: no ports forwarded
|
|
|
|
set OPTS -t none -u none
|
|
|
|
start_stop_diff
|
|
|
|
summary
|