| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jun 2024 23:29:06 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: Lorenzo Bianconi <lorenzo@...nel.org>, bpf@...r.kernel.org
Cc: pablo@...filter.org, kadlec@...filter.org, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
netfilter-devel@...r.kernel.org, netdev@...r.kernel.org, ast@...nel.org,
andrii@...nel.org, martin.lau@...ux.dev, eddyz87@...il.com,
lorenzo.bianconi@...hat.com, toke@...hat.com, fw@...len.de, hawk@...nel.org,
horms@...nel.org, donhunte@...hat.com, memxor@...il.com
Subject: Re: [PATCH v5 bpf-next 3/3] selftests/bpf: Add selftest for
bpf_xdp_flow_lookup kfunc
On 6/14/24 5:40 PM, Lorenzo Bianconi wrote:
[...]
> +void test_xdp_flowtable(void)
> +{
> + struct xdp_flowtable *skel = NULL;
> + struct nstoken *tok = NULL;
> + int iifindex, stats_fd;
> + __u32 value, key = 0;
> + struct bpf_link *link;
> +
> + if (SYS_NOFAIL("nft -v")) {
> + fprintf(stdout, "Missing required nft tool\n");
> + test__skip();
> + return;
Bit unfortunate that upstream CI skips the test case at the moment:
#542/2 xdp_devmap_attach/DEVMAP with frags programs in entries:OK
#542/3 xdp_devmap_attach/Verifier check of DEVMAP programs:OK
#542 xdp_devmap_attach:OK
#543 xdp_do_redirect:OK
#544 xdp_flowtable:SKIP
[...]
> +out:
> + xdp_flowtable__destroy(skel);
> + if (tok)
> + close_netns(tok);
> + SYS_NOFAIL("ip netns del " TX_NETNS_NAME);
> + SYS_NOFAIL("ip netns del " RX_NETNS_NAME);
> +}
> diff --git a/tools/testing/selftests/bpf/progs/xdp_flowtable.c b/tools/testing/selftests/bpf/progs/xdp_flowtable.c
> new file mode 100644
> index 0000000000000..8297b30b0764b
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/progs/xdp_flowtable.c
> @@ -0,0 +1,146 @@
> +// SPDX-License-Identifier: GPL-2.0
> +#define BPF_NO_KFUNC_PROTOTYPES
> +#include <vmlinux.h>
> +#include <bpf/bpf_helpers.h>
> +#include <bpf/bpf_endian.h>
> +
> +#define MAX_ERRNO 4095
nit: unused?
> +#define ETH_P_IP 0x0800
> +#define ETH_P_IPV6 0x86dd
> +#define IP_MF 0x2000 /* "More Fragments" */
> +#define IP_OFFSET 0x1fff /* "Fragment Offset" */
> +#define AF_INET 2
> +#define AF_INET6 10
> +
> +struct bpf_flowtable_opts___local {
> + s32 error;
> +};
> +
> +struct flow_offload_tuple_rhash *
> +bpf_xdp_flow_lookup(struct xdp_md *, struct bpf_fib_lookup *,
> + struct bpf_flowtable_opts___local *, u32) __ksym;
> +
> +struct {
> + __uint(type, BPF_MAP_TYPE_ARRAY);
> + __type(key, __u32);
> + __type(value, __u32);
> + __uint(max_entries, 1);
> +} stats SEC(".maps");
> +
[...]
Powered by blists - more mailing lists