lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250210134550.3189616-3-zhangmingyi5@huawei.com>
Date: Mon, 10 Feb 2025 21:45:50 +0800
From: zhangmingyi <zhangmingyi5@...wei.com>
To: <ast@...nel.org>, <daniel@...earbox.net>, <andrii@...nel.org>,
	<martin.lau@...ux.dev>, <song@...nel.org>, <yhs@...com>,
	<john.fastabend@...il.com>, <kpsingh@...nel.org>, <sdf@...gle.com>,
	<haoluo@...gle.com>, <jolsa@...nel.org>
CC: <bpf@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <yanan@...wei.com>,
	<wuchangye@...wei.com>, <xiesongyang@...wei.com>, <liuxin350@...wei.com>,
	<liwei883@...wei.com>, <tianmuyang@...wei.com>, <zhangmingyi5@...wei.com>
Subject: [PATCH v2 2/2] bpf-next: selftest for TCP_ULP in bpf_setsockopt

From: Mingyi Zhang <zhangmingyi5@...wei.com>

We try to use bpf_set/getsockopt to set/get TCP_ULP in sockops, and "tls"
need connect is established.To avoid impacting other test cases, I have
written a separate test case file.

Signed-off-by: Mingyi Zhang <zhangmingyi5@...wei.com>
Signed-off-by: Xin Liu <liuxin350@...wei.com>
---
 .../bpf/prog_tests/setget_sockopt_tcp_ulp.c   | 78 +++++++++++++++++++
 .../bpf/progs/setget_sockopt_tcp_ulp.c        | 33 ++++++++
 2 files changed, 111 insertions(+)
 create mode 100644 tools/testing/selftests/bpf/prog_tests/setget_sockopt_tcp_ulp.c
 create mode 100644 tools/testing/selftests/bpf/progs/setget_sockopt_tcp_ulp.c

diff --git a/tools/testing/selftests/bpf/prog_tests/setget_sockopt_tcp_ulp.c b/tools/testing/selftests/bpf/prog_tests/setget_sockopt_tcp_ulp.c
new file mode 100644
index 000000000000..748da2c7d255
--- /dev/null
+++ b/tools/testing/selftests/bpf/prog_tests/setget_sockopt_tcp_ulp.c
@@ -0,0 +1,78 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright (c) Meta Platforms, Inc. and affiliates. */
+
+#define _GNU_SOURCE
+#include <net/if.h>
+
+#include "test_progs.h"
+#include "network_helpers.h"
+
+#include "setget_sockopt_tcp_ulp.skel.h"
+
+#define CG_NAME "/setget-sockopt-tcp-ulp-test"
+
+static const char addr4_str[] = "127.0.0.1";
+static const char addr6_str[] = "::1";
+static struct setget_sockopt_tcp_ulp *skel;
+static int cg_fd;
+
+static int create_netns(void)
+{
+	if (!ASSERT_OK(unshare(CLONE_NEWNET), "create netns"))
+		return -1;
+	if (!ASSERT_OK(system("ip link set dev lo up"), "set lo up"))
+		return -1;
+	return 0;
+}
+
+static int modprobe_tls(void)
+{
+	if (!ASSERT_OK(system("modprobe tls"), "tls modprobe failed"))
+		return -1;
+	return 0;
+}
+
+static void test_tcp_ulp(int family)
+{
+	struct setget_sockopt_tcp_ulp__bss *bss = skel->bss;
+	int sfd, cfd;
+
+	memset(bss, 0, sizeof(*bss));
+	sfd = start_server(family, SOCK_STREAM,
+			   family == AF_INET6 ? addr6_str : addr4_str, 0, 0);
+	if (!ASSERT_GE(sfd, 0, "start_server"))
+		return;
+
+	cfd = connect_to_fd(sfd, 0);
+	if (!ASSERT_GE(cfd, 0, "connect_to_fd_server")) {
+		close(sfd);
+		return;
+	}
+	close(sfd);
+	close(cfd);
+
+	ASSERT_EQ(bss->nr_tcp_ulp, 3, "nr_tcp_ulp");
+}
+
+void test_setget_sockopt_tcp_ulp(void)
+{
+	cg_fd = test__join_cgroup(CG_NAME);
+	if (cg_fd < 0)
+		return;
+	if (create_netns() && modprobe_tls())
+		goto done;
+	skel = setget_sockopt_tcp_ulp__open();
+	if (!ASSERT_OK_PTR(skel, "open skel"))
+		goto done;
+	if (!ASSERT_OK(setget_sockopt_tcp_ulp__load(skel), "load skel"))
+		goto done;
+	skel->links.skops_sockopt_tcp_ulp =
+		bpf_program__attach_cgroup(skel->progs.skops_sockopt_tcp_ulp, cg_fd);
+	if (!ASSERT_OK_PTR(skel->links.skops_sockopt_tcp_ulp, "attach_cgroup"))
+		goto done;
+	test_tcp_ulp(AF_INET);
+	test_tcp_ulp(AF_INET6);
+done:
+	setget_sockopt_tcp_ulp__destroy(skel);
+	close(cg_fd);
+}
diff --git a/tools/testing/selftests/bpf/progs/setget_sockopt_tcp_ulp.c b/tools/testing/selftests/bpf/progs/setget_sockopt_tcp_ulp.c
new file mode 100644
index 000000000000..bd1009766463
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/setget_sockopt_tcp_ulp.c
@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright (c) Meta Platforms, Inc. and affiliates. */
+
+#include "vmlinux.h"
+#include "bpf_tracing_net.h"
+#include <bpf/bpf_helpers.h>
+
+int nr_tcp_ulp;
+
+SEC("sockops")
+int skops_sockopt_tcp_ulp(struct bpf_sock_ops *skops)
+{
+	static const char target_ulp[] = "tls";
+	char verify_ulp[sizeof(target_ulp)];
+
+	switch (skops->op) {
+	case BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB:
+		if (bpf_setsockopt(skops, IPPROTO_TCP, TCP_ULP, (void *)target_ulp,
+							sizeof(target_ulp)) != 0)
+			return 1;
+		nr_tcp_ulp++;
+		if (bpf_getsockopt(skops, IPPROTO_TCP, TCP_ULP, verify_ulp,
+							sizeof(verify_ulp)) != 0)
+			return 1;
+		nr_tcp_ulp++;
+		if (bpf_strncmp(verify_ulp, sizeof(target_ulp), "tls") != 0)
+			return 1;
+		nr_tcp_ulp++;
+	}
+	return 1;
+}
+
+char _license[] SEC("license") = "GPL";
\ No newline at end of file
-- 
2.43.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ