Skip to content

Commit 9c5b6d4

Browse files
Florian Westphalklassert
authored andcommitted
selftests: add xfrm policy insertion speed test script
Nothing special, just test how long insertion of x policies takes. This should ideally show linear insertion speeds. Do not run this by default, it has little value, but it can be useful to check for insertion speed chahnges when altering the xfrm policy db implementation. Signed-off-by: Florian Westphal <[email protected]> Signed-off-by: Steffen Klassert <[email protected]>
1 parent 54f2f78 commit 9c5b6d4

File tree

2 files changed

+84
-1
lines changed

2 files changed

+84
-1
lines changed

tools/testing/selftests/net/Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ TEST_PROGS += ip_local_port_range.sh
5656
TEST_PROGS += rps_default_mask.sh
5757
TEST_PROGS += big_tcp.sh
5858
TEST_PROGS += netns-sysctl.sh
59-
TEST_PROGS_EXTENDED := toeplitz_client.sh toeplitz.sh
59+
TEST_PROGS_EXTENDED := toeplitz_client.sh toeplitz.sh xfrm_policy_add_speed.sh
6060
TEST_GEN_FILES = socket nettest
6161
TEST_GEN_FILES += psock_fanout psock_tpacket msg_zerocopy reuseport_addr_any
6262
TEST_GEN_FILES += tcp_mmap tcp_inq psock_snd txring_overwrite
Lines changed: 83 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,83 @@
1+
#!/bin/bash
2+
# SPDX-License-Identifier: GPL-2.0
3+
#
4+
source lib.sh
5+
6+
timeout=4m
7+
ret=0
8+
tmp=$(mktemp)
9+
cleanup() {
10+
cleanup_all_ns
11+
rm -f "$tmp"
12+
}
13+
14+
trap cleanup EXIT
15+
16+
maxpolicies=100000
17+
[ "$KSFT_MACHINE_SLOW" = "yes" ] && maxpolicies=10000
18+
19+
do_dummies4() {
20+
local dir="$1"
21+
local max="$2"
22+
23+
local policies
24+
local pfx
25+
pfx=30
26+
policies=0
27+
28+
ip netns exec "$ns" ip xfrm policy flush
29+
30+
for i in $(seq 1 100);do
31+
local s
32+
local d
33+
for j in $(seq 1 255);do
34+
s=$((i+0))
35+
d=$((i+100))
36+
37+
for a in $(seq 1 8 255); do
38+
policies=$((policies+1))
39+
[ "$policies" -gt "$max" ] && return
40+
echo xfrm policy add src 10.$s.$j.0/30 dst 10.$d.$j.$a/$pfx dir $dir action block
41+
done
42+
for a in $(seq 1 8 255); do
43+
policies=$((policies+1))
44+
[ "$policies" -gt "$max" ] && return
45+
echo xfrm policy add src 10.$s.$j.$a/30 dst 10.$d.$j.0/$pfx dir $dir action block
46+
done
47+
done
48+
done
49+
}
50+
51+
setup_ns ns
52+
53+
do_bench()
54+
{
55+
local max="$1"
56+
57+
start=$(date +%s%3N)
58+
do_dummies4 "out" "$max" > "$tmp"
59+
if ! timeout "$timeout" ip netns exec "$ns" ip -batch "$tmp";then
60+
echo "WARNING: policy insertion cancelled after $timeout"
61+
ret=1
62+
fi
63+
stop=$(date +%s%3N)
64+
65+
result=$((stop-start))
66+
67+
policies=$(wc -l < "$tmp")
68+
printf "Inserted %-06s policies in $result ms\n" $policies
69+
70+
have=$(ip netns exec "$ns" ip xfrm policy show | grep "action block" | wc -l)
71+
if [ "$have" -ne "$policies" ]; then
72+
echo "WARNING: mismatch, have $have policies, expected $policies"
73+
ret=1
74+
fi
75+
}
76+
77+
p=100
78+
while [ $p -le "$maxpolicies" ]; do
79+
do_bench "$p"
80+
p="${p}0"
81+
done
82+
83+
exit $ret

0 commit comments

Comments
 (0)