All of lore.kernel.org
 help / color / mirror / Atom feed
From: Daniel Borkmann <daniel@iogearbox.net>
To: Jussi Maki <joamaki@gmail.com>, bpf@vger.kernel.org
Cc: andrii.nakryiko@gmail.com
Subject: Re: [PATCH bpf v3 2/2] selftests/bpf: Add test for l3 use of bpf_redirect_peer
Date: Wed, 19 May 2021 17:33:59 +0200	[thread overview]
Message-ID: <2dc37982-9889-c2e8-9fb4-17ba26c28da9@iogearbox.net> (raw)
In-Reply-To: <20210518142356.1852779-3-joamaki@gmail.com>

On 5/18/21 4:23 PM, Jussi Maki wrote:
> Add a test case for using bpf_skb_change_head in combination with
> bpf_redirect_peer to redirect a packet from a L3 device to veth and back.
> 
> The test uses a BPF program that adds L2 headers to the packet coming
> from a L3 device and then calls bpf_redirect_peer to redirect the packet
> to a veth device. The test fails as skb->mac_len is not set properly and
> thus the ethernet headers are not properly skb_pull'd in cls_bpf_classify,
> causing tcp_v4_rcv to point the TCP header into middle of the IP header.
> 
> Signed-off-by: Jussi Maki <joamaki@gmail.com>
[...]
>   
>   /**
> - * setns_by_name() - Set networks namespace by name
> + * open_netns() - Switch to specified network namespace by name.
> + *
> + * Returns token with which to restore the original namespace
> + * using close_netns().
>    */
> -static int setns_by_name(const char *name)
> +static struct nstoken *open_netns(const char *name)
>   {
>   	int nsfd;
>   	char nspath[PATH_MAX];
>   	int err;
> +	struct nstoken *token;
> +
> +	token = malloc(sizeof(struct nstoken));
> +	if (!ASSERT_OK_PTR(token, "malloc token"))
> +		return NULL;
> +
> +	token->orig_netns_fd = open("/proc/self/ns/net", O_RDONLY);
> +	if (!ASSERT_GE(token->orig_netns_fd, 0, "open /proc/self/ns/net"))
> +		goto fail;
>   
>   	snprintf(nspath, sizeof(nspath), "%s/%s", "/var/run/netns", name);
>   	nsfd = open(nspath, O_RDONLY | O_CLOEXEC);
> -	if (nsfd < 0)
> -		return nsfd;
> +	if (!ASSERT_GE(nsfd, 0, "open netns fd"))
> +		goto fail;
>   
> -	err = setns(nsfd, CLONE_NEWNET);
> -	close(nsfd);
> +	err = setns_by_fd(nsfd);
> +	if (!ASSERT_OK(err, "setns_by_fd"))
> +		goto fail;
>   
> -	return err;
> +	return token;
> +fail:
> +	free(token);
> +	return NULL;
>   }

As discussed earlier, the selftest seems to be causing issues in the bpf CI [0] likely
due to the setns() interaction/cleanup. Pls investigate and resubmit once fixed. Thanks
a lot, Jussi!

Cheers,
Daniel

   [0] https://travis-ci.com/github/kernel-patches/bpf/builds/226213040

  reply	other threads:[~2021-05-19 15:34 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-27 13:55 [PATCH bpf 1/2] bpf: Set mac_len in bpf_skb_change_head Jussi Maki
2021-04-27 13:55 ` [PATCH bpf 2/2] selftests/bpf: Add test for bpf_skb_change_head Jussi Maki
2021-04-27 21:41   ` Andrii Nakryiko
2021-04-28 10:39     ` Jussi Maki
2021-04-28 10:49       ` Daniel Borkmann
2021-04-28 13:39         ` Jussi Maki
2021-05-17 10:11 ` [PATCH bpf v2 0/2] bpf: Fix l3 to l2 use of bpf_skb_change_head Jussi Maki
2021-05-17 10:11   ` [PATCH bpf v2 1/2] selftests/bpf: Add test for l3 use of bpf_redirect_peer Jussi Maki
2021-05-17 10:11   ` [PATCH bpf v2 2/2] bpf: Set mac_len in bpf_skb_change_head Jussi Maki
2021-05-18 14:23 ` [PATCH bpf v3 0/2] bpf: Fix l3 to l2 use of bpf_skb_change_head Jussi Maki
2021-05-18 14:23   ` [PATCH bpf v3 1/2] bpf: Set mac_len in bpf_skb_change_head Jussi Maki
2021-05-18 14:23   ` [PATCH bpf v3 2/2] selftests/bpf: Add test for l3 use of bpf_redirect_peer Jussi Maki
2021-05-19 15:33     ` Daniel Borkmann [this message]
2021-05-19 15:47 ` [PATCH bpf v4 0/2] bpf: Fix l3 to l2 use of bpf_skb_change_head Jussi Maki
2021-05-19 15:47   ` [PATCH bpf v4 1/2] bpf: Set mac_len in bpf_skb_change_head Jussi Maki
2021-05-20 22:07     ` Daniel Borkmann
2021-05-25 10:22       ` [PATCH bpf v5] selftests/bpf: Add test for l3 use of bpf_redirect_peer Jussi Maki
2021-05-19 15:47   ` [PATCH bpf v4 2/2] " Jussi Maki
2021-05-25 10:29 ` [PATCH bpf v5] " Jussi Maki
2021-05-25 16:03   ` Daniel Borkmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2dc37982-9889-c2e8-9fb4-17ba26c28da9@iogearbox.net \
    --to=daniel@iogearbox.net \
    --cc=andrii.nakryiko@gmail.com \
    --cc=bpf@vger.kernel.org \
    --cc=joamaki@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.