lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Dec 2022 10:07:15 -0800 From: Yonghong Song <yhs@...a.com> To: Toke Høiland-Jørgensen <toke@...hat.com>, Andrii Nakryiko <andrii@...nel.org>, Mykola Lysenko <mykolal@...com>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Martin KaFai Lau <martin.lau@...ux.dev>, Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>, John Fastabend <john.fastabend@...il.com>, KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...gle.com>, Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>, "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Jesper Dangaard Brouer <hawk@...nel.org> Cc: Shuah Khan <shuah@...nel.org>, bpf@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH bpf v2 2/2] selftests/bpf: Add a test for using a cpumap from an freplace-to-XDP program On 12/9/22 6:26 AM, Toke Høiland-Jørgensen wrote: > This adds a simple test for inserting an XDP program into a cpumap that is > "owned" by an XDP program that was loaded as PROG_TYPE_EXT (as libxdp > does). Prior to the kernel fix this would fail because the map type > ownership would be set to PROG_TYPE_EXT instead of being resolved to > PROG_TYPE_XDP. > > Signed-off-by: Toke Høiland-Jørgensen <toke@...hat.com> LGTM with a small nit below. Acked-by: Yonghong Song <yhs@...com> > --- > .../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 53 +++++++++++++++++++ > .../selftests/bpf/progs/freplace_progmap.c | 24 +++++++++ > tools/testing/selftests/bpf/testing_helpers.c | 24 ++++++++- > tools/testing/selftests/bpf/testing_helpers.h | 2 + > 4 files changed, 101 insertions(+), 2 deletions(-) > create mode 100644 tools/testing/selftests/bpf/progs/freplace_progmap.c > > diff --git a/tools/testing/selftests/bpf/prog_tests/fexit_bpf2bpf.c b/tools/testing/selftests/bpf/prog_tests/fexit_bpf2bpf.c > index d1e32e792536..dac088217f0f 100644 > --- a/tools/testing/selftests/bpf/prog_tests/fexit_bpf2bpf.c > +++ b/tools/testing/selftests/bpf/prog_tests/fexit_bpf2bpf.c > @@ -500,6 +500,57 @@ static void test_fentry_to_cgroup_bpf(void) > bind4_prog__destroy(skel); > } > > +static void test_func_replace_progmap(void) > +{ > + struct bpf_cpumap_val value = { .qsize = 1 }; > + struct bpf_object *obj, *tgt_obj = NULL; > + struct bpf_program *drop, *redirect; > + struct bpf_map *cpumap; > + int err, tgt_fd; > + __u32 key = 0; > + > + err = bpf_prog_test_open("freplace_progmap.bpf.o", BPF_PROG_TYPE_UNSPEC, &obj); > + if (!ASSERT_OK(err, "prog_open")) > + return; > + > + err = bpf_prog_test_load("xdp_dummy.bpf.o", BPF_PROG_TYPE_UNSPEC, &tgt_obj, &tgt_fd); > + if (!ASSERT_OK(err, "tgt_prog_load")) > + goto out; > + > + drop = bpf_object__find_program_by_name(obj, "xdp_drop_prog"); > + redirect = bpf_object__find_program_by_name(obj, "xdp_cpumap_prog"); > + cpumap = bpf_object__find_map_by_name(obj, "cpu_map"); > + > + if (!ASSERT_OK_PTR(drop, "drop") || !ASSERT_OK_PTR(redirect, "redirect") || > + !ASSERT_OK_PTR(cpumap, "cpumap")) > + goto out; > + > + /* Change the 'redirect' program type to be a PROG_TYPE_EXT > + * with an XDP target > + */ > + bpf_program__set_type(redirect, BPF_PROG_TYPE_EXT); > + bpf_program__set_expected_attach_type(redirect, 0); > + err = bpf_program__set_attach_target(redirect, tgt_fd, "xdp_dummy_prog"); > + if (!ASSERT_OK(err, "set_attach_target")) > + goto out; > + > + err = bpf_object__load(obj); > + if (!ASSERT_OK(err, "obj_load")) > + goto out; > + > + /* This will fail if the map is "owned" by a PROG_TYPE_EXT program, > + * which, prior to fixing the kernel, it will be since the map is used > + * from the 'redirect' prog above > + */ The comment is confusing like 'which, prior to fixing the kernel, it will be'. IIUC, the verifier expects the map 'owner' program type is PROG_TYPE_EXT, but it is XDP without this patch. Hence, the test will fail without the patch 1. > + value.bpf_prog.fd = bpf_program__fd(drop); > + err = bpf_map_update_elem(bpf_map__fd(cpumap), &key, &value, 0); > + ASSERT_OK(err, "map_update"); > + > +out: > + bpf_object__close(tgt_obj); > + bpf_object__close(obj); > +} > + > /* NOTE: affect other tests, must run in serial mode */ > void serial_test_fexit_bpf2bpf(void) > { > @@ -525,4 +576,6 @@ void serial_test_fexit_bpf2bpf(void) > test_func_replace_global_func(); > if (test__start_subtest("fentry_to_cgroup_bpf")) > test_fentry_to_cgroup_bpf(); > + if (test__start_subtest("func_replace_progmap")) > + test_func_replace_progmap(); > } [...]
Powered by blists - more mailing lists