lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 17 Mar 2020 13:56:12 -0700
From:   Joe Stringer <joe@...d.net.nz>
To:     Martin KaFai Lau <kafai@...com>
Cc:     Joe Stringer <joe@...d.net.nz>, bpf@...r.kernel.org,
        Lorenz Bauer <lmb@...udflare.com>,
        netdev <netdev@...r.kernel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Alexei Starovoitov <ast@...nel.org>,
        Eric Dumazet <eric.dumazet@...il.com>
Subject: Re: [PATCH bpf-next 5/7] selftests: bpf: add test for sk_assign

On Tue, Mar 17, 2020 at 12:31 AM Martin KaFai Lau <kafai@...com> wrote:
>
> On Thu, Mar 12, 2020 at 04:36:46PM -0700, Joe Stringer wrote:
> > From: Lorenz Bauer <lmb@...udflare.com>
> >
> > Attach a tc direct-action classifier to lo in a fresh network
> > namespace, and rewrite all connection attempts to localhost:4321
> > to localhost:1234.
> >
> > Keep in mind that both client to server and server to client traffic
> > passes the classifier.
> >
> > Signed-off-by: Lorenz Bauer <lmb@...udflare.com>
> > Signed-off-by: Joe Stringer <joe@...d.net.nz>
> > ---
> >  tools/testing/selftests/bpf/.gitignore        |   1 +
> >  tools/testing/selftests/bpf/Makefile          |   3 +-
> >  .../selftests/bpf/progs/test_sk_assign.c      | 127 +++++++++++++
> >  tools/testing/selftests/bpf/test_sk_assign.c  | 176 ++++++++++++++++++
> Can this test be put under the test_progs.c framework?

I'm not sure, how does the test_progs.c framework handle the logic in
"tools/testing/selftests/bpf/test_sk_assign.sh"?

Specifically I'm looking for:
* Unique netns to avoid messing with host networking stack configuration
* Control over routes
* Attaching loaded bpf programs to ingress qdisc of a device

These are each trivial one-liners in the supplied shell script
(admittedly building on existing shell infrastructure in the tests dir
and iproute2 package). Seems like maybe the netns parts aren't so bad
looking at flow_dissector_reattach.c but anything involving netlink
configuration would either require pulling in a netlink library
dependency somewhere or shelling out to the existing binaries. At that
point I wonder if we're trying to achieve integration of this test
into some automated prog runner, is there a simpler way like a place I
can just add a one-liner to run the test_sk_assign.sh script?

> >  tools/testing/selftests/bpf/test_sk_assign.sh |  19 ++

Powered by blists - more mailing lists