| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Jul 2020 19:19:39 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Jakub Sitnicki <jakub@...udflare.com>
Cc: bpf <bpf@...r.kernel.org>, Networking <netdev@...r.kernel.org>,
kernel-team <kernel-team@...udflare.com>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>
Subject: Re: [PATCH bpf-next v4 16/16] selftests/bpf: Tests for BPF_SK_LOOKUP
attach point
On Mon, Jul 13, 2020 at 10:48 AM Jakub Sitnicki <jakub@...udflare.com> wrote:
>
> Add tests to test_progs that exercise:
>
> - attaching/detaching/querying programs to BPF_SK_LOOKUP hook,
> - redirecting socket lookup to a socket selected by BPF program,
> - failing a socket lookup on BPF program's request,
> - error scenarios for selecting a socket from BPF program,
> - accessing BPF program context,
> - attaching and running multiple BPF programs.
>
> Run log:
>
> # ./test_progs -n 69
> #69/1 query lookup prog:OK
> #69/2 TCP IPv4 redir port:OK
[...]
> #69/42 multi prog - drop, redir:OK
> #69/43 multi prog - redir, drop:OK
> #69/44 multi prog - redir, redir:OK
> #69 sk_lookup:OK
> Summary: 1/44 PASSED, 0 SKIPPED, 0 FAILED
>
> Signed-off-by: Jakub Sitnicki <jakub@...udflare.com>
> ---
>
nit: It's not universal, unfortunately, but the typical naming pattern
for selftest are: progs/test_<something>.c for BPF part, and
prog_tests/<something>.c for user-space part. Just FYI for the future.
But looks good to me either way.
Acked-by: Andrii Nakryiko <andriin@...com>
> Notes:
> v4:
> - Remove system("bpftool ...") call left over from debugging. (Lorenz)
> - Dedup BPF code that selects a socket. (Lorenz)
> - Switch from CHECK_FAIL to CHECK macro. (Andrii)
> - Extract a network_helper that wraps inet_pton.
> - Don't restore netns now that test_progs does it.
> - Cover bpf_sk_assign(ctx, NULL) in tests.
> - Cover narrow loads in tests.
> - Cover NULL ctx->sk access attempts in tests.
> - Cover accessing IPv6 ctx fields on IPv4 lookup.
>
> v3:
> - Extend tests to cover new functionality in v3:
> - multi-prog attachments (query, running, verdict precedence)
> - socket selecting for the second time with bpf_sk_assign
> - skipping over reuseport load-balancing
>
> v2:
> - Adjust for fields renames in struct bpf_sk_lookup.
>
> tools/testing/selftests/bpf/network_helpers.c | 58 +-
> tools/testing/selftests/bpf/network_helpers.h | 2 +
> .../selftests/bpf/prog_tests/sk_lookup.c | 1282 +++++++++++++++++
> .../selftests/bpf/progs/test_sk_lookup_kern.c | 639 ++++++++
> 4 files changed, 1958 insertions(+), 23 deletions(-)
> create mode 100644 tools/testing/selftests/bpf/prog_tests/sk_lookup.c
> create mode 100644 tools/testing/selftests/bpf/progs/test_sk_lookup_kern.c
>
[...]
Powered by blists - more mailing lists