| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Feb 2022 10:14:16 -0800
From: Yonghong Song <yhs@...com>
To: Lorenzo Bianconi <lorenzo.bianconi@...hat.com>
CC: Lorenzo Bianconi <lorenzo@...nel.org>, <bpf@...r.kernel.org>,
<ast@...nel.org>, <daniel@...earbox.net>, <brouer@...hat.com>,
<toke@...hat.com>, <andrii@...nel.org>, <netdev@...r.kernel.org>
Subject: Re: [PATCH bpf-next] selftest/bpf: check invalid length in
test_xdp_update_frags
On 2/4/22 9:52 AM, Lorenzo Bianconi wrote:
>>
>>
>> On 2/4/22 5:58 AM, Lorenzo Bianconi wrote:
>>> Update test_xdp_update_frags adding a test for a buffer size
>>> set to (MAX_SKB_FRAGS + 2) * PAGE_SIZE. The kernel is supposed
>>> to return -ENOMEM.
>>>
>>> Signed-off-by: Lorenzo Bianconi <lorenzo@...nel.org>
>>> ---
>>> .../bpf/prog_tests/xdp_adjust_frags.c | 37 ++++++++++++++++++-
>>> 1 file changed, 36 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/tools/testing/selftests/bpf/prog_tests/xdp_adjust_frags.c b/tools/testing/selftests/bpf/prog_tests/xdp_adjust_frags.c
>>> index 134d0ac32f59..61d5b585eb15 100644
>>> --- a/tools/testing/selftests/bpf/prog_tests/xdp_adjust_frags.c
>>> +++ b/tools/testing/selftests/bpf/prog_tests/xdp_adjust_frags.c
>>> @@ -5,11 +5,12 @@
>>> void test_xdp_update_frags(void)
>>> {
>>> const char *file = "./test_xdp_update_frags.o";
>>> + int err, prog_fd, max_skb_frags, buf_size, num;
>>> struct bpf_program *prog;
>>> struct bpf_object *obj;
>>> - int err, prog_fd;
>>> __u32 *offset;
>>> __u8 *buf;
>>> + FILE *f;
>>> LIBBPF_OPTS(bpf_test_run_opts, topts);
>>> obj = bpf_object__open(file);
>>> @@ -99,6 +100,40 @@ void test_xdp_update_frags(void)
>>> ASSERT_EQ(buf[7621], 0xbb, "xdp_update_frag buf[7621]");
>>> free(buf);
>>> +
>>> + /* test_xdp_update_frags: unsupported buffer size */
>>> + f = fopen("/proc/sys/net/core/max_skb_frags", "r");
>>> + if (!ASSERT_OK_PTR(f, "max_skb_frag file pointer"))
>>> + goto out;
>>
>> In kernel, the nr_frags checking is against MAX_SKB_FRAGS,
>> but if /proc/sys/net/core/max_skb_flags is 2 or more less
>> than MAX_SKB_FRAGS, the test won't fail, right?
>
> yes, you are right. Should we use the same definition used in
> include/linux/skbuff.h instead? Something like:
>
> if (65536 / page_size + 1 < 16)
> max_skb_flags = 16;
> else
> max_skb_flags = 65536/page_size + 1;
The maximum packet size limit 64KB won't change anytime soon.
So the above should work. Some comments to explain why using
the above formula will be good.
>
> Regards,
> Lorenzo
>
>>
>>> +
>>> + num = fscanf(f, "%d", &max_skb_frags);
>>> + fclose(f);
>>> +
>>> + if (!ASSERT_EQ(num, 1, "max_skb_frags read failed"))
>>> + goto out;
>>> +
>>> + /* xdp_buff linear area size is always set to 4096 in the
>>> + * bpf_prog_test_run_xdp routine.
>>> + */
>>> + buf_size = 4096 + (max_skb_frags + 1) * sysconf(_SC_PAGE_SIZE);
>>> + buf = malloc(buf_size);
>>> + if (!ASSERT_OK_PTR(buf, "alloc buf"))
>>> + goto out;
>>> +
>>> + memset(buf, 0, buf_size);
>>> + offset = (__u32 *)buf;
>>> + *offset = 16;
>>> + buf[*offset] = 0xaa;
>>> + buf[*offset + 15] = 0xaa;
>>> +
>>> + topts.data_in = buf;
>>> + topts.data_out = buf;
>>> + topts.data_size_in = buf_size;
>>> + topts.data_size_out = buf_size;
>>> +
>>> + err = bpf_prog_test_run_opts(prog_fd, &topts);
>>> + ASSERT_EQ(err, -ENOMEM, "unsupported buffer size");
>>> + free(buf);
>>> out:
>>> bpf_object__close(obj);
>>> }
>>
Powered by blists - more mailing lists