lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <904c1ffb-107e-4f14-89b7-d42ac9a5aa14@linux.dev>
Date: Tue, 2 Sep 2025 13:26:40 -0700
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: Kuniyuki Iwashima <kuniyu@...gle.com>
Cc: Alexei Starovoitov <ast@...nel.org>, Andrii Nakryiko <andrii@...nel.org>,
 Daniel Borkmann <daniel@...earbox.net>,
 John Fastabend <john.fastabend@...il.com>,
 Stanislav Fomichev <sdf@...ichev.me>, Johannes Weiner <hannes@...xchg.org>,
 Michal Hocko <mhocko@...nel.org>, Roman Gushchin <roman.gushchin@...ux.dev>,
 Shakeel Butt <shakeel.butt@...ux.dev>, "David S. Miller"
 <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
 Neal Cardwell <ncardwell@...gle.com>, Willem de Bruijn <willemb@...gle.com>,
 Mina Almasry <almasrymina@...gle.com>, Kuniyuki Iwashima
 <kuni1840@...il.com>, bpf@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH v4 bpf-next/net 5/5] selftest: bpf: Add test for
 SK_BPF_MEMCG_SOCK_ISOLATED.

On 8/28/25 6:00 PM, Kuniyuki Iwashima wrote:
> The test does the following for IPv4/IPv6 x TCP/UDP sockets
> with/without BPF prog.
> 
>    1. Create socket pairs
>    2. Send a bunch of data that requires more than 256 pages
>    3. Read memory_allocated from the 3rd column in /proc/net/protocols
>    4. Check if unread data is charged to memory_allocated
> 
> If BPF prog is attached, memory_allocated should not be changed,
> but we allow a small error (up to 10 pages) in case other processes
> on the host use some amounts of TCP/UDP memory.
> 
> At 2., the test actually sends more than 1024 pages because the sysctl
> net.core.mem_pcpu_rsv is 256 is by default, which means 256 pages are
> buffered per cpu before reporting to sk->sk_prot->memory_allocated.
> 
>    BUF_SINGLE (1024) * NR_SEND (64) * NR_SOCKETS (64) / 4096
>    = 1024 pages
> 
> When I reduced it to 512 pages, the following assertion for the
> non-isolated case got flaky.
> 
>    ASSERT_GT(memory_allocated[1], memory_allocated[0] + 256, ...)
> 
> Another contributor to slowness is 150ms sleep to make sure 1 RCU
> grace period passes because UDP recv queue is destroyed after that.

There is a kern_sync_rcu() in testing_helpers.c.

> 
>    # time ./test_progs -t sk_memcg
>    #370/1   sk_memcg/TCP       :OK
>    #370/2   sk_memcg/UDP       :OK
>    #370/3   sk_memcg/TCPv6     :OK
>    #370/4   sk_memcg/UDPv6     :OK
>    #370     sk_memcg:OK
>    Summary: 1/4 PASSED, 0 SKIPPED, 0 FAILED
> 
>    real	0m1.214s
>    user	0m0.014s
>    sys	0m0.318s

Thanks. It finished much faster in my setup also comparing with the earlier 
revision. However, it is a bit flaky when I run it in a loop:

check_isolated:FAIL:not isolated unexpected not isolated: actual 861 <= expected 861

I usually can hit this at ~40-th iteration.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ