| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5ec6d090627d0_75322ab85d4a45bcf6@john-XPS-13-9370.notmuch>
Date: Thu, 21 May 2020 12:03:44 -0700
From: John Fastabend <john.fastabend@...il.com>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>,
John Fastabend <john.fastabend@...il.com>
Cc: Yonghong Song <yhs@...com>, Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Lorenz Bauer <lmb@...udflare.com>, bpf <bpf@...r.kernel.org>,
Jakub Sitnicki <jakub@...udflare.com>,
Networking <netdev@...r.kernel.org>
Subject: Re: [bpf-next PATCH v3 4/5] bpf: selftests, add sk_msg helpers load
and attach test
Andrii Nakryiko wrote:
> On Thu, May 21, 2020 at 7:36 AM John Fastabend <john.fastabend@...il.com> wrote:
> >
> > The test itself is not particularly useful but it encodes a common
> > pattern we have.
> >
> > Namely do a sk storage lookup then depending on data here decide if
> > we need to do more work or alternatively allow packet to PASS. Then
> > if we need to do more work consult task_struct for more information
> > about the running task. Finally based on this additional information
> > drop or pass the data. In this case the suspicious check is not so
> > realisitic but it encodes the general pattern and uses the helpers
> > so we test the workflow.
> >
> > This is a load test to ensure verifier correctly handles this case.
> >
> > Signed-off-by: John Fastabend <john.fastabend@...il.com>
> > ---
> > .../selftests/bpf/prog_tests/sockmap_basic.c | 57 ++++++++++++++++++++
> > .../selftests/bpf/progs/test_skmsg_load_helpers.c | 48 +++++++++++++++++
> > 2 files changed, 105 insertions(+)
> > create mode 100644 tools/testing/selftests/bpf/progs/test_skmsg_load_helpers.c
> >
> > diff --git a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
> > index aa43e0b..cacb4ad 100644
> > --- a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
> > +++ b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
> > @@ -1,13 +1,46 @@
> > // SPDX-License-Identifier: GPL-2.0
> > // Copyright (c) 2020 Cloudflare
> > +#include <error.h>
> >
> > #include "test_progs.h"
> > +#include "test_skmsg_load_helpers.skel.h"
> >
> > #define TCP_REPAIR 19 /* TCP sock is under repair right now */
> >
> > #define TCP_REPAIR_ON 1
> > #define TCP_REPAIR_OFF_NO_WP -1 /* Turn off without window probes */
> >
> > +#define _FAIL(errnum, fmt...) \
> > + ({ \
> > + error_at_line(0, (errnum), __func__, __LINE__, fmt); \
> > + CHECK_FAIL(true); \
> > + })
> > +#define FAIL(fmt...) _FAIL(0, fmt)
> > +#define FAIL_ERRNO(fmt...) _FAIL(errno, fmt)
> > +#define FAIL_LIBBPF(err, msg) \
> > + ({ \
> > + char __buf[MAX_STRERR_LEN]; \
> > + libbpf_strerror((err), __buf, sizeof(__buf)); \
> > + FAIL("%s: %s", (msg), __buf); \
> > + })
> > +
> > +#define xbpf_prog_attach(prog, target, type, flags) \
> > + ({ \
> > + int __ret = \
> > + bpf_prog_attach((prog), (target), (type), (flags)); \
> > + if (__ret == -1) \
> > + FAIL_ERRNO("prog_attach(" #type ")"); \
> > + __ret; \
> > + })
> > +
> > +#define xbpf_prog_detach2(prog, target, type) \
> > + ({ \
> > + int __ret = bpf_prog_detach2((prog), (target), (type)); \
> > + if (__ret == -1) \
> > + FAIL_ERRNO("prog_detach2(" #type ")"); \
> > + __ret; \
> > + })
>
> I'm not convinced we need these macro, can you please just use CHECKs?
> I'd rather not learn each specific test's custom macros.
Will just remove the entire block above.
>
> > +
> > static int connected_socket_v4(void)
> > {
> > struct sockaddr_in addr = {
> > @@ -70,10 +103,34 @@ static void test_sockmap_create_update_free(enum bpf_map_type map_type)
> > close(s);
> > }
> >
> > +static void test_skmsg_helpers(enum bpf_map_type map_type)
> > +{
> > + struct test_skmsg_load_helpers *skel;
> > + int err, map, verdict;
> > +
> > + skel = test_skmsg_load_helpers__open_and_load();
> > + if (!skel) {
> > + FAIL("skeleton open/load failed");
> > + return;
> > + }
> > +
> > + verdict = bpf_program__fd(skel->progs.prog_msg_verdict);
> > + map = bpf_map__fd(skel->maps.sock_map);
> > +
> > + err = xbpf_prog_attach(verdict, map, BPF_SK_MSG_VERDICT, 0);
> > + if (err)
> > + return;
> > + xbpf_prog_detach2(verdict, map, BPF_SK_MSG_VERDICT);
>
> no cleanup in this test, at all
Guess we need __destroy(skel) here.
As an aside how come if the program closes and refcnt drops the entire
thing isn't destroyed. I didn't think there was any pinning happening
in the __open_and_load piece.
>
> > +}
> > +
>
> [...]
>
> > +
> > +int _version SEC("version") = 1;
>
> version not needed
>
> > +char _license[] SEC("license") = "GPL";
> >
Powered by blists - more mailing lists