| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Nov 2022 23:16:43 +0800
From: Rong Tao <rtoax@...mail.com>
To: andrii.nakryiko@...il.com
Cc: andrii@...nel.org, ast@...nel.org, bpf@...r.kernel.org,
daniel@...earbox.net, dxu@...uu.xyz, haoluo@...gle.com,
john.fastabend@...il.com, jolsa@...nel.org, kpsingh@...nel.org,
linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org,
lkp@...el.com, lorenzo@...nel.org, martin.lau@...ux.dev,
memxor@...il.com, mykolal@...com, rongtao@...tc.cn,
rtoax@...mail.com, sdf@...gle.com, shuah@...nel.org,
song@...nel.org, yhs@...com
Subject: [PATCH bpf-next v2] selftests/bpf: Fix error: undeclared identifier 'NF_NAT_MANIP_SRC'
From: Rong Tao <rongtao@...tc.cn>
commit 472caa69183f("netfilter: nat: un-export nf_nat_used_tuple")
introduce NF_NAT_MANIP_SRC/DST enum in include/net/netfilter/nf_nat.h,
and commit b06b45e82b59("selftests/bpf: add tests for bpf_ct_set_nat_info
kfunc") use NF_NAT_MANIP_SRC/DST in test_bpf_nf.c.
In bpf kself-test config (tools/testing/selftests/bpf/config) nf_nat
is compiled as built-in, this issue occurs just if it is compiled as
module. We could use BPF CO-RE and ___suffix rule to avoid this.
How to reproduce the error:
$ make -C tools/testing/selftests/bpf/
...
CLNG-BPF [test_maps] test_bpf_nf.bpf.o
error: use of undeclared identifier 'NF_NAT_MANIP_SRC'
bpf_ct_set_nat_info(ct, &saddr, sport, NF_NAT_MANIP_SRC);
^
error: use of undeclared identifier 'NF_NAT_MANIP_DST'
bpf_ct_set_nat_info(ct, &daddr, dport, NF_NAT_MANIP_DST);
^
2 errors generated.
Signed-off-by: Rong Tao <rongtao@...tc.cn>
---
v2: use BPF CO-RE and ___suffix rule to avoid this error.
v1: https://lore.kernel.org/lkml/tencent_29D7ABD1744417031AA1B52C914B61158E07@qq.com/
---
.../testing/selftests/bpf/progs/test_bpf_nf.c | 30 +++++++++++++++++--
1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/tools/testing/selftests/bpf/progs/test_bpf_nf.c b/tools/testing/selftests/bpf/progs/test_bpf_nf.c
index 227e85e85dda..1706984e1a6a 100644
--- a/tools/testing/selftests/bpf/progs/test_bpf_nf.c
+++ b/tools/testing/selftests/bpf/progs/test_bpf_nf.c
@@ -2,6 +2,7 @@
#include <vmlinux.h>
#include <bpf/bpf_helpers.h>
#include <bpf/bpf_endian.h>
+#include <bpf/bpf_core_read.h>
#define EAFNOSUPPORT 97
#define EPROTO 71
@@ -11,6 +12,11 @@
extern unsigned long CONFIG_HZ __kconfig;
+enum nf_nat_manip_type___x {
+ NF_NAT_MANIP_SRC___x,
+ NF_NAT_MANIP_DST___x,
+};
+
int test_einval_bpf_tuple = 0;
int test_einval_reserved = 0;
int test_einval_netns_id = 0;
@@ -58,7 +64,7 @@ int bpf_ct_change_timeout(struct nf_conn *, u32) __ksym;
int bpf_ct_set_status(struct nf_conn *, u32) __ksym;
int bpf_ct_change_status(struct nf_conn *, u32) __ksym;
int bpf_ct_set_nat_info(struct nf_conn *, union nf_inet_addr *,
- int port, enum nf_nat_manip_type) __ksym;
+ int port, int type) __ksym;
static __always_inline void
nf_ct_test(struct nf_conn *(*lookup_fn)(void *, struct bpf_sock_tuple *, u32,
@@ -151,16 +157,34 @@ nf_ct_test(struct nf_conn *(*lookup_fn)(void *, struct bpf_sock_tuple *, u32,
union nf_inet_addr saddr = {};
union nf_inet_addr daddr = {};
struct nf_conn *ct_ins;
+ int manip_src;
+ int manip_dst;
+ enum nf_nat_manip_type___x mapip_type_x;
+
+ if (!bpf_core_type_exists(enum nf_nat_manip_type)) {
+ bpf_printk("enum nf_nat_manip_type not exist.\n");
+ return;
+ }
+
+ if (bpf_core_enum_value_exists(mapip_type_x, NF_NAT_MANIP_SRC___x))
+ manip_src = bpf_core_enum_value(mapip_type_x, NF_NAT_MANIP_SRC___x);
+ else
+ return;
+
+ if (bpf_core_enum_value_exists(mapip_type_x, NF_NAT_MANIP_DST___x))
+ manip_dst = bpf_core_enum_value(mapip_type_x, NF_NAT_MANIP_DST___x);
+ else
+ return;
bpf_ct_set_timeout(ct, 10000);
ct->mark = 77;
/* snat */
saddr.ip = bpf_get_prandom_u32();
- bpf_ct_set_nat_info(ct, &saddr, sport, NF_NAT_MANIP_SRC);
+ bpf_ct_set_nat_info(ct, &saddr, sport, manip_src);
/* dnat */
daddr.ip = bpf_get_prandom_u32();
- bpf_ct_set_nat_info(ct, &daddr, dport, NF_NAT_MANIP_DST);
+ bpf_ct_set_nat_info(ct, &daddr, dport, manip_dst);
ct_ins = bpf_ct_insert_entry(ct);
if (ct_ins) {
--
2.31.1
Powered by blists - more mailing lists