| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Jul 2020 21:42:36 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: Dmitry Yakunin <zeil@...dex-team.ru>, alexei.starovoitov@...il.com,
netdev@...r.kernel.org, bpf@...r.kernel.org
Cc: sdf@...gle.com
Subject: Re: [PATCH bpf-next v3 2/4] bpf: allow to specify ifindex for skb in
bpf_prog_test_run_skb
On 7/15/20 9:51 PM, Dmitry Yakunin wrote:
> Now skb->dev is unconditionally set to the loopback device in current net
> namespace. But if we want to test bpf program which contains code branch
> based on ifindex condition (eg filters out localhost packets) it is useful
> to allow specifying of ifindex from userspace. This patch adds such option
> through ctx_in (__sk_buff) parameter.
>
> Signed-off-by: Dmitry Yakunin <zeil@...dex-team.ru>
> ---
> net/bpf/test_run.c | 22 ++++++++++++++++++++--
> tools/testing/selftests/bpf/prog_tests/skb_ctx.c | 5 +++++
> 2 files changed, 25 insertions(+), 2 deletions(-)
>
> diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c
> index 0c3283d..0e92973 100644
> --- a/net/bpf/test_run.c
> +++ b/net/bpf/test_run.c
> @@ -310,6 +310,12 @@ static int convert___skb_to_skb(struct sk_buff *skb, struct __sk_buff *__skb)
> /* priority is allowed */
>
> if (!range_is_zero(__skb, offsetofend(struct __sk_buff, priority),
> + offsetof(struct __sk_buff, ifindex)))
> + return -EINVAL;
> +
> + /* ifindex is allowed */
> +
> + if (!range_is_zero(__skb, offsetofend(struct __sk_buff, ifindex),
> offsetof(struct __sk_buff, cb)))
> return -EINVAL;
>
> @@ -364,6 +370,7 @@ static void convert_skb_to___skb(struct sk_buff *skb, struct __sk_buff *__skb)
>
> __skb->mark = skb->mark;
> __skb->priority = skb->priority;
> + __skb->ifindex = skb->dev->ifindex;
> __skb->tstamp = skb->tstamp;
> memcpy(__skb->cb, &cb->data, QDISC_CB_PRIV_LEN);
> __skb->wire_len = cb->pkt_len;
> @@ -374,6 +381,8 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr,
> union bpf_attr __user *uattr)
> {
> bool is_l2 = false, is_direct_pkt_access = false;
> + struct net *net = current->nsproxy->net_ns;
> + struct net_device *dev = net->loopback_dev;
> u32 size = kattr->test.data_size_in;
> u32 repeat = kattr->test.repeat;
> struct __sk_buff *ctx = NULL;
> @@ -415,7 +424,7 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr,
> kfree(ctx);
> return -ENOMEM;
> }
> - sock_net_set(sk, current->nsproxy->net_ns);
> + sock_net_set(sk, net);
> sock_init_data(NULL, sk);
>
> skb = build_skb(data, 0);
> @@ -429,7 +438,14 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr,
>
> skb_reserve(skb, NET_SKB_PAD + NET_IP_ALIGN);
> __skb_put(skb, size);
> - skb->protocol = eth_type_trans(skb, current->nsproxy->net_ns->loopback_dev);
> + if (ctx && ctx->ifindex > 1) {
> + dev = dev_get_by_index(net, ctx->ifindex);
> + if (!dev) {
> + ret = -ENODEV;
> + goto out;
> + }
> + }
> + skb->protocol = eth_type_trans(skb, dev);
> skb_reset_network_header(skb);
>
> switch (skb->protocol) {
> @@ -481,6 +497,8 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr,
> ret = bpf_ctx_finish(kattr, uattr, ctx,
> sizeof(struct __sk_buff));
> out:
Overall this looks good. One small note is that dev_get_by_index() will hold the device
for the entire test duration preventing to release it from user side, but I think in this
context it's an acceptable trade-off.
> + if (dev && dev != net->loopback_dev)
> + dev_put(dev);
> kfree_skb(skb);
> bpf_sk_storage_free(sk);
> kfree(sk);
Powered by blists - more mailing lists