lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87h6scfl3w.fsf@cloudflare.com>
Date: Tue, 16 May 2023 15:41:05 +0200
From: Jakub Sitnicki <jakub@...udflare.com>
To: John Fastabend <john.fastabend@...il.com>
Cc: daniel@...earbox.net, lmb@...valent.com, edumazet@...gle.com,
 bpf@...r.kernel.org, netdev@...r.kernel.org, ast@...nel.org,
 andrii@...nel.org, will@...valent.com
Subject: Re: [PATCH bpf v7 11/13] bpf: sockmap, test shutdown() correctly
 exits epoll and recv()=0

On Mon, May 15, 2023 at 06:51 PM -07, John Fastabend wrote:
> Jakub Sitnicki wrote:
>> On Tue, May 02, 2023 at 08:51 AM -07, John Fastabend wrote:
>> > When session gracefully shutdowns epoll needs to wake up and any recv()
>> > readers should return 0 not the -EAGAIN they previously returned.
>> >
>> > Note we use epoll instead of select to test the epoll wake on shutdown
>> > event as well.
>> >
>> > Signed-off-by: John Fastabend <john.fastabend@...il.com>
>> > ---
>> >  .../selftests/bpf/prog_tests/sockmap_basic.c  | 68 +++++++++++++++++++
>> >  .../bpf/progs/test_sockmap_pass_prog.c        | 32 +++++++++
>> >  2 files changed, 100 insertions(+)
>> >  create mode 100644 tools/testing/selftests/bpf/progs/test_sockmap_pass_prog.c
>> >
>> > diff --git a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
>> > index 0ce25a967481..f9f611618e45 100644
>> > --- a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
>> > +++ b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
>> > @@ -2,6 +2,7 @@
>> >  // Copyright (c) 2020 Cloudflare
>> >  #include <error.h>
>> >  #include <netinet/tcp.h>
>> > +#include <sys/epoll.h>
>> >  
>> >  #include "test_progs.h"
>> >  #include "test_skmsg_load_helpers.skel.h"
>> > @@ -9,8 +10,11 @@
>> >  #include "test_sockmap_invalid_update.skel.h"
>> >  #include "test_sockmap_skb_verdict_attach.skel.h"
>> >  #include "test_sockmap_progs_query.skel.h"
>> > +#include "test_sockmap_pass_prog.skel.h"
>> >  #include "bpf_iter_sockmap.skel.h"
>> >  
>> > +#include "sockmap_helpers.h"
>> > +
>> >  #define TCP_REPAIR		19	/* TCP sock is under repair right now */
>> >  
>> >  #define TCP_REPAIR_ON		1
>> > @@ -350,6 +354,68 @@ static void test_sockmap_progs_query(enum bpf_attach_type attach_type)
>> >  	test_sockmap_progs_query__destroy(skel);
>> >  }
>> >  
>> > +#define MAX_EVENTS 10
>> > +static void test_sockmap_skb_verdict_shutdown(void)
>> > +{
>> > +	int n, err, map, verdict, s, c0, c1, p0, p1;
>> > +	struct epoll_event ev, events[MAX_EVENTS];
>> > +	struct test_sockmap_pass_prog *skel;
>> > +	int epollfd;
>> > +	int zero = 0;
>> > +	char b;
>> > +
>> > +	skel = test_sockmap_pass_prog__open_and_load();
>> > +	if (!ASSERT_OK_PTR(skel, "open_and_load"))
>> > +		return;
>> > +
>> > +	verdict = bpf_program__fd(skel->progs.prog_skb_verdict);
>> > +	map = bpf_map__fd(skel->maps.sock_map_rx);
>> > +
>> > +	err = bpf_prog_attach(verdict, map, BPF_SK_SKB_STREAM_VERDICT, 0);
>> > +	if (!ASSERT_OK(err, "bpf_prog_attach"))
>> > +		goto out;
>> > +
>> > +	s = socket_loopback(AF_INET, SOCK_STREAM);
>> > +	if (s < 0)
>> > +		goto out;
>> > +	err = create_socket_pairs(s, AF_INET, SOCK_STREAM, &c0, &c1, &p0, &p1);
>> > +	if (err < 0)
>> > +		goto out;
>> > +
>> > +	err = bpf_map_update_elem(map, &zero, &c1, BPF_NOEXIST);
>> > +	if (err < 0)
>> > +		goto out_close;
>> > +
>> > +	shutdown(c0, SHUT_RDWR);
>> > +	shutdown(p1, SHUT_WR);
>> > +
>> > +	ev.events = EPOLLIN;
>> > +	ev.data.fd = c1;
>> > +
>> > +	epollfd = epoll_create1(0);
>> > +	if (!ASSERT_GT(epollfd, -1, "epoll_create(0)"))
>> > +		goto out_close;
>> > +	err = epoll_ctl(epollfd, EPOLL_CTL_ADD, c1, &ev);
>> > +	if (!ASSERT_OK(err, "epoll_ctl(EPOLL_CTL_ADD)"))
>> > +		goto out_close;
>> > +	err = epoll_wait(epollfd, events, MAX_EVENTS, -1);
>> > +	if (!ASSERT_EQ(err, 1, "epoll_wait(fd)"))
>> > +		goto out_close;
>> > +
>> > +	n = recv(c1, &b, 1, SOCK_NONBLOCK);
>> > +	ASSERT_EQ(n, 0, "recv_timeout(fin)");
>> > +	n = recv(p0, &b, 1, SOCK_NONBLOCK);
>> > +	ASSERT_EQ(n, 0, "recv_timeout(fin)");
>> > +
>> > +out_close:
>> > +	close(c0);
>> > +	close(p0);
>> > +	close(c1);
>> > +	close(p1);
>> > +out:
>> > +	test_sockmap_pass_prog__destroy(skel);
>> > +}
>> > +
>> 
>> This test has me scratching my head. I don't grasp what we're testing
>> with (c0, p0) socket pair, since c0 is not in any sockmap?
>
> Yeah the test is on (c1,p1) I was just lazy and using the API as is
> I can fix the API to allow single set c1,p1.

It's not an issue that one pair is unused, IMO. I was just surprised
that you operated on (c0, p0) rather than closing them immediately.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ