diff mbox series

[meta-networking] nftables: Fix ptest runs

Message ID 20240410225321.2353966-1-raj.khem@gmail.com
State New
Headers show
Series [meta-networking] nftables: Fix ptest runs | expand

Commit Message

Khem Raj April 10, 2024, 10:53 p.m. UTC 
It gets OOMs with memory < 2G on x86_64 qemu
Export NFT variable in run-ptest script its used by few tests
Add required runtime dependencies for ptests to pass

This also requires changes to kernel config
features/nf_tables/nft_test.scc and CONFIG_VETH

Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 .../images/meta-networking-image-ptest.bb     |  1 +
 .../nftables/nftables/run-ptest               |  1 +
 .../recipes-filter/nftables/nftables_1.0.9.bb | 26 ++++++++++++++++---
 3 files changed, 25 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/meta-networking/recipes-core/images/meta-networking-image-ptest.bb b/meta-networking/recipes-core/images/meta-networking-image-ptest.bb
index f458b761f2..295da982ec 100644
--- a/meta-networking/recipes-core/images/meta-networking-image-ptest.bb
+++ b/meta-networking/recipes-core/images/meta-networking-image-ptest.bb
@@ -27,6 +27,7 @@  IMAGE_ROOTFS_EXTRA_SPACE = "324288"
 QB_MEM = "-m 1024"
 # If a particular ptest needs more memroy, it can be customized:
 #QB_MEM:virtclass-mcextend-<pn> = "-m 4096"
+QB_MEM:virtclass-mcextend-nftables = "-m 2048"
 
 TEST_SUITES = "ping ssh parselogs ptest"
 
diff --git a/meta-networking/recipes-filter/nftables/nftables/run-ptest b/meta-networking/recipes-filter/nftables/nftables/run-ptest
index 363a1ee25a..32ddf9f455 100644
--- a/meta-networking/recipes-filter/nftables/nftables/run-ptest
+++ b/meta-networking/recipes-filter/nftables/nftables/run-ptest
@@ -4,6 +4,7 @@  NFTABLESLIB=@libdir@/nftables
 cd ${NFTABLESLIB}/ptest || exit 1
 
 LOG="${NFTABLESLIB}/ptest/nftables_ptest_$(date +%Y%m%d-%H%M%S).log"
+NFT=nft
 tests/shell/run-tests.sh -v | sed -E '/I: \[OK\]/ s/^/PASS: / ; /W: \[(CHK DUMP|VALGRIND|TAINTED|DUMP FAIL|FAILED)\]/ s/^/FAIL: /' | sed "s,\x1B\[[0-9;]*[a-zA-Z],,g" | tee -a "${LOG}"
 
 passed=$(grep -c PASS: "${LOG}")
diff --git a/meta-networking/recipes-filter/nftables/nftables_1.0.9.bb b/meta-networking/recipes-filter/nftables/nftables_1.0.9.bb
index ad99a80a6d..7718922742 100644
--- a/meta-networking/recipes-filter/nftables/nftables_1.0.9.bb
+++ b/meta-networking/recipes-filter/nftables/nftables_1.0.9.bb
@@ -37,8 +37,6 @@  SETUPTOOLS_SETUP_PATH = "${S}/py"
 
 inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'setuptools3', '', d)}
 
-RRECOMMENDS:${PN} += "kernel-module-nf-tables"
-
 PACKAGES =+ "${PN}-python"
 FILES:${PN}-python = "${PYTHON_SITEPACKAGES_DIR}"
 RDEPENDS:${PN}-python = "python3-core python3-json ${PN}"
@@ -66,7 +64,29 @@  do_install() {
     fi
 }
 
-RDEPENDS:${PN}-ptest += " ${PN}-python bash make iproute2 iputils-ping procps python3-core python3-ctypes python3-json python3-misc sed util-linux"
+RDEPENDS:${PN}-ptest += " ${PN}-python bash coreutils make iproute2 iputils-ping procps python3-core python3-ctypes python3-json python3-misc sed util-linux"
+
+RRECOMMENDS:${PN}-ptest += "\
+kernel-module-nft-chain-nat     kernel-module-nft-queue \
+kernel-module-nft-compat        kernel-module-nft-quota \
+kernel-module-nft-connlimit     kernel-module-nft-redir \
+kernel-module-nft-ct            kernel-module-nft-reject \
+kernel-module-nft-flow-offload  kernel-module-nft-reject-inet \
+kernel-module-nft-hash          kernel-module-nft-reject-ipv4 \
+kernel-module-nft-limit         kernel-module-nft-reject-ipv6 \
+kernel-module-nft-log           kernel-module-nft-socket \
+kernel-module-nft-masq          kernel-module-nft-synproxy \
+kernel-module-nft-nat           kernel-module-nft-tunnel \
+kernel-module-nft-numgen        kernel-module-nft-xfrm \
+kernel-module-nft-osf \
+kernel-module-nf-flow-table \
+kernel-module-nf-flow-table-inet \
+kernel-module-nf-nat \
+kernel-module-nf-log-syslog \
+kernel-module-nf-nat-ftp \
+kernel-module-nf-nat-sip \
+kernel-module-8021q \
+kernel-module-dummy"
 
 TESTDIR = "tests"