lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 7 Aug 2018 15:44:59 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Mauricio Vasquez B <mauricio.vasquez@...ito.it>,
        Alexei Starovoitov <ast@...nel.org>
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH bpf-next 3/3] bpf: add sample for BPF_MAP_TYPE_QUEUE

On 08/06/2018 03:58 PM, Mauricio Vasquez B wrote:
> The example is made by two parts, a eBPF program that consumes elements
> from a FIFO queue and prints them in the screen and a user space
> application that inserts new elements into the queue each time this is
> executed.
> 
> Signed-off-by: Mauricio Vasquez B <mauricio.vasquez@...ito.it>
> ---
>  samples/bpf/.gitignore             |    1 +
>  samples/bpf/Makefile               |    3 ++
>  samples/bpf/test_map_in_map_user.c |    9 +-----
>  samples/bpf/test_queuemap.sh       |   37 +++++++++++++++++++++++++
>  samples/bpf/test_queuemap_kern.c   |   51 +++++++++++++++++++++++++++++++++++
>  samples/bpf/test_queuemap_user.c   |   53 ++++++++++++++++++++++++++++++++++++
>  6 files changed, 147 insertions(+), 7 deletions(-)
>  create mode 100755 samples/bpf/test_queuemap.sh
>  create mode 100644 samples/bpf/test_queuemap_kern.c
>  create mode 100644 samples/bpf/test_queuemap_user.c
> 
> diff --git a/samples/bpf/.gitignore b/samples/bpf/.gitignore
> index 8ae4940025f8..d7e518c1b3ed 100644
> --- a/samples/bpf/.gitignore
> +++ b/samples/bpf/.gitignore
> @@ -26,6 +26,7 @@ test_lru_dist
>  test_map_in_map
>  test_overhead
>  test_probe_write_user
> +test_queuemap
>  trace_event
>  trace_output
>  tracex1
> diff --git a/samples/bpf/Makefile b/samples/bpf/Makefile
> index f88d5683d6ee..624f4f4b81db 100644
> --- a/samples/bpf/Makefile
> +++ b/samples/bpf/Makefile
> @@ -53,6 +53,7 @@ hostprogs-y += xdpsock
>  hostprogs-y += xdp_fwd
>  hostprogs-y += task_fd_query
>  hostprogs-y += xdp_sample_pkts
> +hostprogs-y += test_queuemap
>  
>  # Libbpf dependencies
>  LIBBPF = $(TOOLS_PATH)/lib/bpf/libbpf.a
> @@ -109,6 +110,7 @@ xdpsock-objs := xdpsock_user.o
>  xdp_fwd-objs := xdp_fwd_user.o
>  task_fd_query-objs := bpf_load.o task_fd_query_user.o $(TRACE_HELPERS)
>  xdp_sample_pkts-objs := xdp_sample_pkts_user.o $(TRACE_HELPERS)
> +test_queuemap-objs := bpf_load.o test_queuemap_user.o
>  
>  # Tell kbuild to always build the programs
>  always := $(hostprogs-y)
> @@ -166,6 +168,7 @@ always += xdpsock_kern.o
>  always += xdp_fwd_kern.o
>  always += task_fd_query_kern.o
>  always += xdp_sample_pkts_kern.o
> +always += test_queuemap_kern.o
>  
>  HOSTCFLAGS += -I$(objtree)/usr/include
>  HOSTCFLAGS += -I$(srctree)/tools/lib/
> diff --git a/samples/bpf/test_map_in_map_user.c b/samples/bpf/test_map_in_map_user.c
> index e308858f7bcf..28edac94234e 100644
> --- a/samples/bpf/test_map_in_map_user.c
> +++ b/samples/bpf/test_map_in_map_user.c
> @@ -1,10 +1,5 @@
> -/*
> - * Copyright (c) 2017 Facebook
> - *
> - * This program is free software; you can redistribute it and/or
> - * modify it under the terms of version 2 of the GNU General Public
> - * License as published by the Free Software Foundation.
> - */
> +// SPDX-License-Identifier: GPL-2.0
> +/* Copyright (c) 2018 Politecnico di Torino */

I don't think you can remove above Copyright and replace it with a different one. ;)

>  #include <sys/resource.h>
>  #include <sys/socket.h>
>  #include <arpa/inet.h>
> diff --git a/samples/bpf/test_queuemap.sh b/samples/bpf/test_queuemap.sh
> new file mode 100755
> index 000000000000..ed08c1fa8c2c
> --- /dev/null
> +++ b/samples/bpf/test_queuemap.sh
> @@ -0,0 +1,37 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +
> +[[ -z $TC ]] && TC='tc'
> +[[ -z $IP ]] && IP='ip'
> +
> +TEST_QUEUE_USER='./test_queuemap'
> +TEST_QUEUE_BPF='./test_queuemap_kern.o'
> +
> +function config {
> +	$IP netns add ns1
> +	$IP link add ve1 type veth peer name vens1
> +	$IP link set dev ve1 up
> +	$IP link set dev ve1 mtu 1500
> +	$IP link set dev vens1 netns ns1
> +
> +	$IP -n ns1 link set dev lo up
> +	$IP -n ns1 link set dev vens1 up
> +	$IP -n ns1 addr add 10.1.1.101/24 dev vens1
> +
> +	$IP addr add 10.1.1.1/24 dev ve1
> +	$TC qdisc add dev ve1 clsact
> +	$TC filter add dev ve1 ingress bpf da obj $TEST_QUEUE_BPF sec test_queue
> +}
> +
> +function cleanup {
> +	set +e
> +	[[ -z $DEBUG ]] || set +x
> +	$IP netns delete ns1 >& /dev/null
> +	$IP link del ve1 >& /dev/null
> +	rm -f /sys/fs/bpf/tc/globals/queue
> +	[[ -z $DEBUG ]] || set -x
> +	set -e
> +}
> +
> +cleanup
> +config
> diff --git a/samples/bpf/test_queuemap_kern.c b/samples/bpf/test_queuemap_kern.c
> new file mode 100644
> index 000000000000..2b496dafaffd
> --- /dev/null
> +++ b/samples/bpf/test_queuemap_kern.c
> @@ -0,0 +1,51 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/* Copyright (c) 2018 Politecnico di Torino */
> +#define KBUILD_MODNAME "foo"
> +#include <linux/ptrace.h>
> +#include <linux/version.h>
> +#include <uapi/linux/bpf.h>
> +#include <uapi/linux/in6.h>
> +#include <uapi/linux/pkt_cls.h>
> +#include "bpf_helpers.h"
> +
> +#define PIN_GLOBAL_NS		2
> +
> +struct bpf_elf_map {
> +	__u32 type;
> +	__u32 key_size;
> +	__u32 value_size;
> +	__u32 max_entries;
> +	__u32 flags;
> +	__u32 id;
> +	__u32 pinning;
> +};
> +
> +/* map #0 */
> +struct bpf_elf_map SEC("maps") queue = {
> +	.type = BPF_MAP_TYPE_QUEUE,
> +	.key_size = 0,
> +	.value_size = sizeof(u32),
> +	.flags = BPF_F_QUEUE_FIFO,
> +	.max_entries = 1024,
> +	.pinning = PIN_GLOBAL_NS,
> +};
> +
> +SEC("test_queue")
> +int _test_queue(struct __sk_buff *skb)
> +{
> +	char msg[] = "element is %u\n";
> +	char msg_no[] = "there are not elements\n";
> +
> +	u32 *val = bpf_map_lookup_elem(&queue, NULL);
> +
> +	if (!val) {
> +		bpf_trace_printk(msg_no, sizeof(msg_no));
> +		return TC_ACT_OK;
> +	}
> +
> +	bpf_trace_printk(msg, sizeof(msg), *val);

Could we add a more elaborate example? In cover letter and patch 1 which
implements the map, you mention SNAT, perhaps it would be useful to make
it a minimal sample app.

> +	return TC_ACT_OK;
> +}
> +
> +char _license[] SEC("license") = "GPL";
> +u32 _version SEC("version") = LINUX_VERSION_CODE;
> diff --git a/samples/bpf/test_queuemap_user.c b/samples/bpf/test_queuemap_user.c
> new file mode 100644
> index 000000000000..68f9a5d54596
> --- /dev/null
> +++ b/samples/bpf/test_queuemap_user.c
> @@ -0,0 +1,53 @@
> +/*
> + * Copyright (c) 2018 Politecnico di Torino
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of version 2 of the GNU General Public
> + * License as published by the Free Software Foundation.
> + */
> +#include <sys/resource.h>
> +#include <sys/socket.h>
> +#include <arpa/inet.h>
> +#include <stdint.h>
> +#include <assert.h>
> +#include <errno.h>
> +#include <stdlib.h>
> +#include <stdio.h>
> +#include <bpf/bpf.h>
> +#include "bpf_load.h"
> +
> +int queue_map;
> +
> +static void test_queue_map(void)
> +{
> +	int ret;
> +	uint32_t i;
> +
> +	queue_map = bpf_obj_get("/sys/fs/bpf/tc/globals/queue");
> +	if (queue_map < 0) {
> +		fprintf(stderr, "error getting map");
> +		return;
> +	}
> +
> +	for (i = 0; i < 256; i++) {
> +		uint32_t v = 1000 - i*3;
> +
> +		ret = bpf_map_update_elem(queue_map, NULL, &v, 0);
> +		if (ret)
> +			fprintf(stderr, "ret is %d\n", ret);
> +	}
> +}
> +
> +int main(int argc, char **argv)
> +{
> +	struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY};
> +	char filename[256];
> +
> +	assert(!setrlimit(RLIMIT_MEMLOCK, &r));
> +
> +	snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
> +
> +	test_queue_map();
> +
> +	return 0;
> +}
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ