Skip to content
Push actions

feat: mark clang >= 20 unsupported on Linux 6.1 #553

Sign in to view logs

feat: mark clang >= 20 unsupported on Linux 6.1

feat: mark clang >= 20 unsupported on Linux 6.1 #553

Workflow file for this run

.github/workflows/push.yml at 09f766b
name: Push actions
on:
push:
pull_request:
workflow_dispatch:
jobs:
test:
name: Run tests with ${{ matrix.flags.flags }} ${{ matrix.flags.args }}
runs-on: ${{ matrix.arch == 'arm64' && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
strategy:
fail-fast: false
matrix:
arch: [amd64] # TODO: arm64 (bpftool not working)
flags:
- flags: CHECKSUM_HACK=kfunc
args: ""
desc: kfunc
- flags: CHECKSUM_HACK=kfunc USE_LIBXDP=0
args: ""
desc: kfunc-no-libxdp
- flags: CHECKSUM_HACK=kfunc USE_LIBXDP=1
args: ""
desc: kfunc-libxdp-use-libbpf
- flags: CHECKSUM_HACK=kfunc USE_LIBXDP=1
args: --use-libxdp
desc: kfunc-libxdp-use-libxdp
- flags: CHECKSUM_HACK=kprobe STRIP_BTF_EXT=1
args: ""
desc: kprobe-strip-btf-ext
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install dependencies
run: |
sudo apt update
sudo apt install python3 clang-15 llvm pahole \
linux-tools-common linux-tools-$(uname -r) linux-cloud-tools-$(uname -r) \
libbpf-dev libffi-dev libelf-dev libxdp-dev \
bats bc conntrack ethtool iperf3 jq socat tshark wireguard-tools
- name: Build & Test
run: |
export BPF_CC=clang-15
sudo cp /sys/kernel/btf/vmlinux /lib/modules/$(uname -r)/build
make -j ${{ matrix.flags.flags }}
sudo nft delete table filter # Docker's nftables rule drops IPv4 packets in tests
sudo nft list ruleset
sudo insmod out/mimic.ko
sudo env MIMIC_TEST_EXTRA_ARGS="${{ matrix.flags.args }}" make test ${{ matrix.flags.flags }}
- name: Upload captured packets
uses: actions/upload-artifact@v4
if: always()
with:
name: pcap-${{ matrix.flags.desc }}
path: out/*.pcapng
build-deb:
name: Build .deb packages for ${{ matrix.distro.name }}
runs-on: ${{ matrix.arch == 'arm64' && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
strategy:
fail-fast: false
matrix:
arch: [amd64, arm64]
distro:
- name: Debian 12
codename: bookworm
image: debian:bookworm-slim
extra-repos: |
deb http://deb.debian.org/debian bookworm-backports main
extra-cmd: |
sed -i 's/clang/clang-16/' debian/control
sed -i 's/BPF_CC=clang/BPF_CC=clang-16 COMPAT_LINUX_6_1=1/' debian/rules
- name: Debian 13
codename: trixie
image: debian:trixie-slim
- name: Debian 14 (testing)
codename: forky
image: debian:forky-slim
- name: Debian sid
codename: sid
image: debian:sid-slim
- name: Ubuntu 24.04
codename: noble
image: ubuntu:noble
extra-repos-amd64: |
deb http://archive.ubuntu.com/ubuntu noble-backports main restricted universe multiverse
extra-repos-arm64: |
deb http://ports.ubuntu.com/ubuntu-ports noble-backports main restricted universe multiverse
extra-cmd: |
sed -i 's/clang,/clang, llvm,/' debian/control
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Run pre-building script
run: |
${{ matrix.distro.extra-cmd }}
${{ matrix.arch == 'arm64' && matrix.distro.extra-cmd-arm64 || matrix.distro.extra-cmd-amd64 }}
- name: Build
uses: jtdor/build-deb-action@v1
with:
buildpackage-opts: -b -us -uc
docker-image: ${{ matrix.distro.image }}
extra-repos: |
${{ matrix.distro.extra-repos }}
${{ matrix.arch == 'arm64' && matrix.distro.extra-repos-arm64 || matrix.distro.extra-repos-amd64 }}
- name: Upload
uses: actions/upload-artifact@v4
with:
name: packages-${{ matrix.distro.codename }}-${{ matrix.arch }}
path: |
debian/artifacts/*.deb
debian/artifacts/*.ddeb
test-deb-install:
name: Test .deb installation
needs: build-deb
runs-on: ${{ matrix.arch == 'arm64' && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
strategy:
fail-fast: false
matrix:
arch: [amd64] # TODO: arm64 (no BTF blob found)
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: packages-noble-${{ matrix.arch }}
path: packages-noble-${{ matrix.arch }}
- name: Test Install
run: |
sudo apt install ./packages-noble-${{ matrix.arch }}/*.deb linux-headers-`uname -r`
sudo modprobe mimic
- name: Upload log
if: always()
uses: actions/upload-artifact@v4
with:
name: dkms-make-log
path: /var/lib/dkms/mimic/*/build/make.log
build-exe:
name: Build Mimic CLI executable
runs-on: ${{ matrix.arch == 'arm64' && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
strategy:
fail-fast: false
matrix:
arch: [amd64] # TODO: arm64 (bpftool not working)
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Add LLVM apt repository
shell: bash
run: |
wget https://apt.llvm.org/llvm.sh
chmod +x llvm.sh
# Ubuntu 24.04 officially packages LLVM 15 and 16
for _clang_version in {17..21}; do
sudo ./llvm.sh $_clang_version
done
sudo apt update
- name: Install dependencies
shell: bash
run: |
sudo apt install clang-{15..21} pahole \
linux-tools-common linux-tools-$(uname -r) linux-cloud-tools-$(uname -r) \
libbpf-dev libffi-dev libelf-dev libxdp-dev
- name: Build CLI
shell: bash
run: |
flags_name=(generic compat-6.1 compat-6.6)
flags=("" "COMPAT_LINUX_6_1=1" "COMPAT_LINUX_6_6=1")
for _i in {0..2}; do
for _clang_version in {15..21}; do
if [ $_clang_version -ge 20 ] && [ "${flags_name[$_i]}" == "compat-6.1" ]; then
continue
fi
export BPF_CC=clang-$_clang_version
make build-cli -j ${flags[$_i]}
mv out/mimic out/mimic-${flags_name[$_i]}-clang-$_clang_version
done
done
cd out
- name: Upload executable
uses: actions/upload-artifact@v4
with:
name: mimic-${{ matrix.arch }}
path: |
out/mimic-*
out/expect-fail/mimic-*
test-lvh:
name: Test LVH
needs: build-exe
runs-on: ubuntu-24.04
env:
lvh-version: v0.0.28
root-image-version: 20251113.115124-sid
strategy:
fail-fast: false
matrix:
arch: [amd64] # TODO: arm64 (see build-exe)
kernel:
- name: "6.1"
variant: compat-6.1
- name: "6.6"
variant: compat-6.6
- name: "6.12"
variant: generic
- name: bpf-next
variant: generic
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: mimic-${{ matrix.arch }}
path: out
- name: Install LVH CLI
uses: ./.github/actions/lvh-install-cli
with:
lvh-version: ${{ env.lvh-version }}
arch: ${{ matrix.arch }}
- name: Fetch cached root image
id: fetch-cached-root-image
uses: actions/cache/restore@v4
with:
path: lvh-image.qcow2
key: mimic-lvh-root-image-${{ matrix.arch }}-${{ env.root-image-version }}
- name: Fetch root image
if: steps.fetch-cached-root-image.outputs.cache-hit != 'true'
run: |
lvh images pull quay.io/lvh-images/root-images:${{ env.root-image-version }}
cp _data/images/kind.qcow2 lvh-image.qcow2
- name: Save root image to cache
if: steps.fetch-cached-root-image.outputs.cache-hit != 'true'
uses: actions/cache/save@v4
with:
path: lvh-image.qcow2
key: mimic-lvh-root-image-${{ matrix.arch }}-${{ env.root-image-version }}
- name: Install pahole
run: |
sudo apt update
sudo apt install pahole
- name: Prepare LVH kernel tree metadata
id: prepare-kernel-tree-metadata
run: |
mkdir -p _data/kernels
wget -O _data/kernels.json https://raw.githubusercontent.com/cilium/little-vm-helper-images/c19813941658d998100cf7caaeaf6670763c8e2c/_data/kernels.json
sed -i 's/\?depth=1/?depth=128/g' _data/kernels.json
git_url_with_branch="$(jq -r '.kernels.[] | select(.name=="${{ matrix.kernel.name }}") | .url' < _data/kernels.json | sed -E 's/\?depth=[0-9]+//')"
git_url="$(echo $git_url_with_branch | sed 's/#.*//')"
git_branch="$(echo $git_url_with_branch | sed -n 's/.*#\(.*\)/\1/p')"
if [ -z "$git_branch" ]; then
git_branch=HEAD
else
git_branch="refs/heads/$git_branch"
fi
echo lvh_kernel_rev=$(git ls-remote "$git_url" | grep "$git_branch" | awk '{print $1}') >> $GITHUB_OUTPUT
- name: Fetch cached LVH kernel
id: fetch-cached-kernel
uses: actions/cache@v4
with:
path: |
lvh-kernel
lvh-kernel-tree
key: mimic-lvh-kernel-${{ matrix.arch }}-${{ matrix.kernel.name }}-${{ steps.prepare-kernel-tree-metadata.outputs.lvh_kernel_rev }}
- name: Build LVH kernel
if: steps.fetch-cached-kernel.outputs.cache-hit != 'true'
run: |
sudo apt update
sudo apt install libncurses-dev gawk flex bison openssl libssl-dev dkms libelf-dev libudev-dev libpci-dev libiberty-dev autoconf llvm
if [ "${{ matrix.arch }}" == "arm64" ]; then
sudo apt install gcc-aarch64-linux-gnu
fi
lvh kernels --dir _data fetch ${{ matrix.kernel.name }}
cd _data/kernels/${{ matrix.kernel.name }}
git checkout ${{ steps.prepare-kernel-tree-metadata.outputs.lvh_kernel_rev }}
cd ${{ github.workspace }}
lvh kernels --dir _data build ${{ matrix.kernel.name }}
cd _data/kernels/${{ matrix.kernel.name }}/tar-install/boot
mv vmlinuz-* vmlinuz
cd ../..
make -C tools/bpf/resolve_btfids -j$(nproc)
rm -rf drivers/gpu arch/*/boot tools/perf .git *.tar Documentation vmlinux.unstripped .tmp*
find . -type f -name '*.o' -delete
cd ${{ github.workspace }}
cp _data/kernels/${{ matrix.kernel.name }}/tar-install/boot/vmlinuz lvh-kernel
rm -r _data/kernels/${{ matrix.kernel.name }}/tar-install
mv _data/kernels/${{ matrix.kernel.name }} lvh-kernel-tree
- name: Build mimic.ko
run: |
cd kmod
if [ "${{ matrix.arch }}" == "arm64" ]; then
export ARCH=arm64
export CROSS_COMPILE=aarch64-linux-gnu-
fi
make SYSTEM_BUILD_DIR=../lvh-kernel-tree
- name: Provision LVH VMs
uses: ./.github/actions/lvh-run
with:
lvh-version: ${{ env.lvh-version }}
mem: 4G
cpu: 2
cpu-kind: ""
test-name: mimic-test
image-path: lvh-image.qcow2
kernel-path: lvh-kernel
arch: ${{ matrix.arch }}
install-dependencies: true
host-mount: ./
cmd: |
cd /host/lvh-kernel-tree
make modules_install
uname -a
cd /host
insmod kmod/mimic.ko
cd out
chmod +x mimic-*
for _mimic in ./mimic-${{ matrix.kernel.variant }}-*; do
echo Checking \$_mimic
\$_mimic run lo --check
done
- name: Extract kernel log
if: always()
uses: ./.github/actions/lvh-run
with:
provision: "false"
cmd: |
dmesg > /host/dmesg.log
- name: Upload kernel log
if: always()
uses: actions/upload-artifact@v4
with:
name: dmesg-${{ matrix.arch }}-${{ matrix.kernel.name }}.log
path: dmesg.log