| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <60134aa5cd92d_f9c120823@john-XPS-13-9370.notmuch>
Date: Thu, 28 Jan 2021 15:37:09 -0800
From: John Fastabend <john.fastabend@...il.com>
To: Hangbin Liu <liuhangbin@...il.com>, bpf@...r.kernel.org
Cc: netdev@...r.kernel.org,
Toke Høiland-Jørgensen <toke@...hat.com>,
Jiri Benc <jbenc@...hat.com>,
Jesper Dangaard Brouer <brouer@...hat.com>,
Eelco Chaudron <echaudro@...hat.com>, ast@...nel.org,
Daniel Borkmann <daniel@...earbox.net>,
Lorenzo Bianconi <lorenzo.bianconi@...hat.com>,
David Ahern <dsahern@...il.com>,
Andrii Nakryiko <andrii.nakryiko@...il.com>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
John Fastabend <john.fastabend@...il.com>,
Maciej Fijalkowski <maciej.fijalkowski@...el.com>,
Hangbin Liu <liuhangbin@...il.com>
Subject: RE: [PATCHv17 bpf-next 6/6] selftests/bpf: add xdp_redirect_multi
test
Hangbin Liu wrote:
> Add a bpf selftest for new helper xdp_redirect_map_multi(). In this
> test we have 3 forward groups and 1 exclude group. The test will
> redirect each interface's packets to all the interfaces in the forward
> group, and exclude the interface in exclude map. We will also test both
> DEVMAP and DEVMAP_HASH with xdp generic and drv.
>
> For more test details, you can find it in the test script. Here is
> the test result.
> ]# ./test_xdp_redirect_multi.sh
> Pass: xdpgeneric arp ns1-2
> Pass: xdpgeneric arp ns1-3
> Pass: xdpgeneric arp ns1-4
> Pass: xdpgeneric ping ns1-2
> Pass: xdpgeneric ping ns1-3
> Pass: xdpgeneric ping ns1-4
> Pass: xdpgeneric ping6 ns2-1
> Pass: xdpgeneric ping6 ns2-3
> Pass: xdpgeneric ping6 ns2-4
> Pass: xdpdrv arp ns1-2
> Pass: xdpdrv arp ns1-3
> Pass: xdpdrv arp ns1-4
> Pass: xdpdrv ping ns1-2
> Pass: xdpdrv ping ns1-3
> Pass: xdpdrv ping ns1-4
> Pass: xdpdrv ping6 ns2-1
> Pass: xdpdrv ping6 ns2-3
> Pass: xdpdrv ping6 ns2-4
> Pass: xdpegress mac ns1-2
> Pass: xdpegress mac ns1-3
> Pass: xdpegress mac ns1-4
> Pass: xdpegress ping ns1-2
> Pass: xdpegress ping ns1-3
> Pass: xdpegress ping ns1-4
> Summary: PASS 24, FAIL 0
>
> Acked-by: Toke Høiland-Jørgensen <toke@...hat.com>
> Signed-off-by: Hangbin Liu <liuhangbin@...il.com>
>
> ---
> v16-v17: no update
> v15: use bpf_object__find_program_by_name instead of
> bpf_object__find_program_by_title
> v14: no update, only rebase the code
> v13: remove setrlimit
> v12: add devmap prog test on egress
> v9: use NULL directly for arg2 and redefine the maps with btf format
> ---
[...]
> +SEC("xdp_devmap/map_prog")
> +int xdp_devmap_prog(struct xdp_md *ctx)
> +{
> + void *data_end = (void *)(long)ctx->data_end;
> + void *data = (void *)(long)ctx->data;
> + __u32 key = ctx->egress_ifindex;
> + struct ethhdr *eth = data;
> + __u64 nh_off;
> + __be64 *mac;
> +
> + nh_off = sizeof(*eth);
> + if (data + nh_off > data_end)
> + return XDP_DROP;
> +
> + mac = bpf_map_lookup_elem(&mac_map, &key);
> + if (mac)
> + __builtin_memcpy(eth->h_source, mac, ETH_ALEN);
> +
> + return XDP_PASS;
> +}
Might be nice to also have a test for XDP_DROP. I guess the
above 'data + nh_off > data' case should not happen.
Otherwise, its not the most elegant, but testing XDP at the moment
doesn't fit into the normal test framework very well either.
Acked-by: John Fastabend <john.fastabend@...il.com>
Powered by blists - more mailing lists