lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241109150305.141759-3-mrpre@163.com>
Date: Sat,  9 Nov 2024 23:03:05 +0800
From: Jiayuan Chen <mrpre@....com>
To: martin.lau@...ux.dev,
	edumazet@...gle.com,
	jakub@...udflare.com,
	davem@...emloft.net,
	dsahern@...nel.org,
	kuba@...nel.org,
	pabeni@...hat.com,
	netdev@...r.kernel.org,
	bpf@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	horms@...nel.org,
	daniel@...earbox.net
Cc: Jiayuan Chen <mrpre@....com>
Subject: [PATCH bpf v2 2/2] selftests/bpf: Add some tests with sockmap SK_PASS

1. Add a new tests in sockmap_basic.c to test SK_PASS for sockmap
2. The return value of 'sk_skb/stream_parser' is used as a length, but
   the current eBPF program returns SK_PASS, which is semantically
   incorrect. This change modifies it to return skb->len. All tests
   related to this eBPF program have been tested
   (currently only in sockmap_basic.c).

All tests are passed.

Signed-off-by: Jiayuan Chen <mrpre@....com>
---
test result
310/1   sockmap_basic/sockmap create_update_free:OK
310/2   sockmap_basic/sockhash create_update_free:OK
310/3   sockmap_basic/sockmap sk_msg load helpers:OK
310/4   sockmap_basic/sockhash sk_msg load helpers:OK
310/5   sockmap_basic/sockmap update:OK
310/6   sockmap_basic/sockhash update:OK
310/7   sockmap_basic/sockmap update in unsafe context:OK
310/8   sockmap_basic/sockmap copy:OK
310/9   sockmap_basic/sockhash copy:OK
310/10  sockmap_basic/sockmap skb_verdict attach:OK
310/11  sockmap_basic/sockmap skb_verdict attach_with_link:OK
310/12  sockmap_basic/sockmap msg_verdict progs query:OK
310/13  sockmap_basic/sockmap stream_parser progs query:OK
310/14  sockmap_basic/sockmap stream_verdict progs query:OK
310/15  sockmap_basic/sockmap skb_verdict progs query:OK
310/16  sockmap_basic/sockmap skb_verdict shutdown:OK
310/17  sockmap_basic/sockmap stream_parser and stream_verdict pass:OK
310/18  sockmap_basic/sockmap skb_verdict fionread:OK
310/19  sockmap_basic/sockmap skb_verdict fionread on drop:OK
310/20  sockmap_basic/sockmap skb_verdict msg_f_peek:OK
310/21  sockmap_basic/sockmap skb_verdict msg_f_peek with link:OK
310/22  sockmap_basic/sockmap unconnected af_unix:OK
310/23  sockmap_basic/sockmap one socket to many map entries:OK
310/24  sockmap_basic/sockmap one socket to many maps:OK
310/25  sockmap_basic/sockmap same socket replace:OK
310/26  sockmap_basic/sockmap sk_msg attach sockmap helpers with link:OK
310/27  sockmap_basic/sockhash sk_msg attach sockhash helpers with link:OK
310     sockmap_basic:OK
---
 .../selftests/bpf/prog_tests/sockmap_basic.c  | 53 +++++++++++++++++++
 .../bpf/progs/test_sockmap_pass_prog.c        |  2 +-
 2 files changed, 54 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
index 82bfb266741c..03af463265ef 100644
--- a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
+++ b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
@@ -501,6 +501,57 @@ static void test_sockmap_skb_verdict_shutdown(void)
 	test_sockmap_pass_prog__destroy(skel);
 }
 
+static void test_sockmap_stream_pass(void)
+{
+	int zero = 0, sent, recvd;
+	int verdict, parser;
+	int err, map;
+	int c = -1, p = -1;
+	struct test_sockmap_pass_prog *pass = NULL;
+	char snd[256] = "0123456789";
+	char rcv[256] = "0";
+
+	pass = test_sockmap_pass_prog__open_and_load();
+	verdict = bpf_program__fd(pass->progs.prog_skb_verdict);
+	parser = bpf_program__fd(pass->progs.prog_skb_parser);
+	map = bpf_map__fd(pass->maps.sock_map_rx);
+
+	err = bpf_prog_attach(parser, map, BPF_SK_SKB_STREAM_PARSER, 0);
+	if (!ASSERT_OK(err, "bpf_prog_attach stream parser"))
+		goto out;
+
+	err = bpf_prog_attach(verdict, map, BPF_SK_SKB_STREAM_VERDICT, 0);
+	if (!ASSERT_OK(err, "bpf_prog_attach stream verdict"))
+		goto out;
+
+	err = create_pair(AF_INET, SOCK_STREAM, &c, &p);
+	if (err)
+		goto out;
+
+	/* sk_data_ready of 'p' will be replaced by strparser handler */
+	err = bpf_map_update_elem(map, &zero, &p, BPF_NOEXIST);
+	if (!ASSERT_OK(err, "bpf_map_update_elem(p)"))
+		goto out_close;
+
+	/*
+	 * as 'prog_skb_parser' return the original skb len and
+	 * 'prog_skb_verdict' return SK_PASS, the kernel will just
+	 * pass it through to original socket 'p'
+	 */
+	sent = xsend(c, snd, sizeof(snd), 0);
+	ASSERT_EQ(sent, sizeof(snd), "xsend(c)");
+
+	recvd = recv_timeout(p, rcv, sizeof(rcv), SOCK_NONBLOCK, IO_TIMEOUT_SEC);
+	ASSERT_EQ(recvd, sizeof(rcv), "recv_timeout(p)");
+
+out_close:
+	close(c);
+	close(p);
+
+out:
+	test_sockmap_pass_prog__destroy(pass);
+}
+
 static void test_sockmap_skb_verdict_fionread(bool pass_prog)
 {
 	int err, map, verdict, c0 = -1, c1 = -1, p0 = -1, p1 = -1;
@@ -923,6 +974,8 @@ void test_sockmap_basic(void)
 		test_sockmap_progs_query(BPF_SK_SKB_VERDICT);
 	if (test__start_subtest("sockmap skb_verdict shutdown"))
 		test_sockmap_skb_verdict_shutdown();
+	if (test__start_subtest("sockmap stream_parser and stream_verdict pass"))
+		test_sockmap_stream_pass();
 	if (test__start_subtest("sockmap skb_verdict fionread"))
 		test_sockmap_skb_verdict_fionread(true);
 	if (test__start_subtest("sockmap skb_verdict fionread on drop"))
diff --git a/tools/testing/selftests/bpf/progs/test_sockmap_pass_prog.c b/tools/testing/selftests/bpf/progs/test_sockmap_pass_prog.c
index 69aacc96db36..515a3869e56c 100644
--- a/tools/testing/selftests/bpf/progs/test_sockmap_pass_prog.c
+++ b/tools/testing/selftests/bpf/progs/test_sockmap_pass_prog.c
@@ -41,7 +41,7 @@ int prog_skb_verdict_clone(struct __sk_buff *skb)
 SEC("sk_skb/stream_parser")
 int prog_skb_parser(struct __sk_buff *skb)
 {
-	return SK_PASS;
+	return skb->len;
 }
 
 char _license[] SEC("license") = "GPL";
-- 
2.43.5


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ