lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 24 Jan 2020 11:45:24 -0800
From:   John Fastabend <john.fastabend@...il.com>
To:     Lorenz Bauer <lmb@...udflare.com>, Shuah Khan <shuah@...nel.org>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>
Cc:     Lorenz Bauer <lmb@...udflare.com>, linux-kselftest@...r.kernel.org,
        netdev@...r.kernel.org, bpf@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: RE: [PATCH bpf 2/4] selftests: bpf: ignore RST packets for reuseport
 tests

Lorenz Bauer wrote:
> The reuseport tests currently suffer from a race condition: RST
> packets count towards DROP_ERR_SKB_DATA, since they don't contain
> a valid struct cmd. Tests will spuriously fail depending on whether
> check_results is called before or after the RST is processed.
> 
> Exit the BPF program early if FIN is set.
> 
> Signed-off-by: Lorenz Bauer <lmb@...udflare.com>
> ---
>  .../selftests/bpf/progs/test_select_reuseport_kern.c        | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/tools/testing/selftests/bpf/progs/test_select_reuseport_kern.c b/tools/testing/selftests/bpf/progs/test_select_reuseport_kern.c
> index d69a1f2bbbfd..26e77dcc7e91 100644
> --- a/tools/testing/selftests/bpf/progs/test_select_reuseport_kern.c
> +++ b/tools/testing/selftests/bpf/progs/test_select_reuseport_kern.c
> @@ -113,6 +113,12 @@ int _select_by_skb_data(struct sk_reuseport_md *reuse_md)
>  		data_check.skb_ports[0] = th->source;
>  		data_check.skb_ports[1] = th->dest;
>  
> +		if (th->fin)
> +			/* The connection is being torn down at the end of a
> +			 * test. It can't contain a cmd, so return early.
> +			 */
> +			return SK_PASS;
> +
>  		if ((th->doff << 2) + sizeof(*cmd) > data_check.len)
>  			GOTO_DONE(DROP_ERR_SKB_DATA);
>  		if (bpf_skb_load_bytes(reuse_md, th->doff << 2, &cmd_copy,
> -- 
> 2.20.1
> 

Acked-by: John Fastabend <john.fastabend@...il.com>

Powered by blists - more mailing lists