lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <62b3fd46af42c_70b1d2086a@john.notmuch>
Date:   Wed, 22 Jun 2022 22:42:30 -0700
From:   John Fastabend <john.fastabend@...il.com>
To:     Jakub Sitnicki <jakub@...udflare.com>, netdev@...r.kernel.org
Cc:     john.fastabend@...il.com, jakub@...udflare.com,
        yoshfuji@...ux-ipv6.org, dsahern@...nel.org, ast@...nel.org,
        daniel@...earbox.net, andrii@...nel.org, kafai@...com,
        songliubraving@...com, yhs@...com, kpsingh@...nel.org,
        borisp@...dia.com, cong.wang@...edance.com, bpf@...r.kernel.org
Subject: RE: [PATCH net] selftests/bpf: Test sockmap update when socket has
 ULP

Jakub Sitnicki wrote:
> Cover the scenario when we cannot insert a socket into the sockmap, because
> it has it is using ULP. Failed insert should not have any effect on the ULP
> state. This is a regression test.
> 
> Signed-off-by: Jakub Sitnicki <jakub@...udflare.com>
> ---

Thanks, looks good. One small nit.

>  
> +#include <netinet/tcp.h>
>  #include "test_progs.h"
>  
>  #define MAX_TEST_NAME 80
> @@ -92,9 +93,78 @@ static void test_sockmap_ktls_disconnect_after_delete(int family, int map)
>  	close(srv);
>  }
>  
> +static void test_sockmap_ktls_update_fails_when_sock_has_ulp(int family, int map)
> +{
> +	struct sockaddr_storage addr = {};
> +	socklen_t len = sizeof(addr);
> +	struct sockaddr_in6 *v6;
> +	struct sockaddr_in *v4;
> +	int err, s, zero = 0;
> +
> +	s = socket(family, SOCK_STREAM, 0);
> +	if (!ASSERT_GE(s, 0, "socket"))
> +		return;
> +
> +	switch (family) {
> +	case AF_INET:
> +		v4 = (struct sockaddr_in *)&addr;
> +		v4->sin_family = AF_INET;
> +		break;
> +	case AF_INET6:
> +		v6 = (struct sockaddr_in6 *)&addr;
> +		v6->sin6_family = AF_INET6;
>k+		break;
> +	default:
> +		PRINT_FAIL("unsupported socket family %d", family);

Probably want goto close here right?

> +		return;
> +	}
> +
> +	err = bind(s, (struct sockaddr *)&addr, len);
> +	if (!ASSERT_OK(err, "bind"))
> +		goto close;
> +
> +	err = getsockname(s, (struct sockaddr *)&addr, &len);
> +	if (!ASSERT_OK(err, "getsockname"))
> +		goto close;
> +
> +	err = connect(s, (struct sockaddr *)&addr, len);
> +	if (!ASSERT_OK(err, "connect"))
> +		goto close;
> +
> +	/* save sk->sk_prot and set it to tls_prots */
> +	err = setsockopt(s, IPPROTO_TCP, TCP_ULP, "tls", strlen("tls"));
> +	if (!ASSERT_OK(err, "setsockopt(TCP_ULP)"))
> +		goto close;
> +
> +	/* sockmap update should not affect saved sk_prot */
> +	err = bpf_map_update_elem(map, &zero, &s, BPF_ANY);
> +	if (!ASSERT_ERR(err, "sockmap update elem"))
> +		goto close;
> +
> +	/* call sk->sk_prot->setsockopt to dispatch to saved sk_prot */
> +	err = setsockopt(s, IPPROTO_TCP, TCP_NODELAY, &zero, sizeof(zero));
> +	ASSERT_OK(err, "setsockopt(TCP_NODELAY)");
> +
> +close:
> +	close(s);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ