bpf.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Yonghong Song <yhs@fb.com>
To: John Fastabend <john.fastabend@gmail.com>, <ast@kernel.org>,
	<daniel@iogearbox.net>
Cc: <lmb@cloudflare.com>, <bpf@vger.kernel.org>,
	<jakub@cloudflare.com>, <netdev@vger.kernel.org>
Subject: Re: [bpf-next PATCH v3 4/5] bpf: selftests, add sk_msg helpers load and attach test
Date: Thu, 21 May 2020 11:23:12 -0700	[thread overview]
Message-ID: <16a158b4-5e85-8ad3-3389-7687add809d1@fb.com> (raw)
In-Reply-To: <159007175735.10695.9639519610473734809.stgit@john-Precision-5820-Tower>



On 5/21/20 7:35 AM, John Fastabend wrote:
> The test itself is not particularly useful but it encodes a common
> pattern we have.
> 
> Namely do a sk storage lookup then depending on data here decide if
> we need to do more work or alternatively allow packet to PASS. Then
> if we need to do more work consult task_struct for more information
> about the running task. Finally based on this additional information
> drop or pass the data. In this case the suspicious check is not so
> realisitic but it encodes the general pattern and uses the helpers
> so we test the workflow.
> 
> This is a load test to ensure verifier correctly handles this case.
> 
> Signed-off-by: John Fastabend <john.fastabend@gmail.com>
> ---
>   .../selftests/bpf/prog_tests/sockmap_basic.c       |   57 ++++++++++++++++++++
>   .../selftests/bpf/progs/test_skmsg_load_helpers.c  |   48 +++++++++++++++++
>   2 files changed, 105 insertions(+)
>   create mode 100644 tools/testing/selftests/bpf/progs/test_skmsg_load_helpers.c
> 
> diff --git a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
> index aa43e0b..cacb4ad 100644
> --- a/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
> +++ b/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c
> @@ -1,13 +1,46 @@
>   // SPDX-License-Identifier: GPL-2.0
>   // Copyright (c) 2020 Cloudflare
> +#include <error.h>
>   
>   #include "test_progs.h"
> +#include "test_skmsg_load_helpers.skel.h"
>   
>   #define TCP_REPAIR		19	/* TCP sock is under repair right now */
>   
>   #define TCP_REPAIR_ON		1
>   #define TCP_REPAIR_OFF_NO_WP	-1	/* Turn off without window probes */
>   
> +#define _FAIL(errnum, fmt...)                                                  \
> +	({                                                                     \
> +		error_at_line(0, (errnum), __func__, __LINE__, fmt);           \
> +		CHECK_FAIL(true);                                              \
> +	})
> +#define FAIL(fmt...) _FAIL(0, fmt)
> +#define FAIL_ERRNO(fmt...) _FAIL(errno, fmt)
> +#define FAIL_LIBBPF(err, msg)                                                  \
> +	({                                                                     \
> +		char __buf[MAX_STRERR_LEN];                                    \
> +		libbpf_strerror((err), __buf, sizeof(__buf));                  \
> +		FAIL("%s: %s", (msg), __buf);                                  \
> +	})

Can we use existing macros in test_progs.h?
This will be consistent with other test_progs selftests.

> +
> +#define xbpf_prog_attach(prog, target, type, flags)                            \
> +	({                                                                     \
> +		int __ret =                                                    \
> +			bpf_prog_attach((prog), (target), (type), (flags));    \
> +		if (__ret == -1)                                               \
> +			FAIL_ERRNO("prog_attach(" #type ")");                  \
> +		__ret;                                                         \
> +	})
> +
> +#define xbpf_prog_detach2(prog, target, type)                                  \
> +	({                                                                     \
> +		int __ret = bpf_prog_detach2((prog), (target), (type));        \
> +		if (__ret == -1)                                               \
> +			FAIL_ERRNO("prog_detach2(" #type ")");                 \
> +		__ret;                                                         \
> +	})

The above xbpf_prog_attach() and xbpf_prog_detach2()
are only called once, maybe fold into the calling function itself?

> +
>   static int connected_socket_v4(void)
>   {
>   	struct sockaddr_in addr = {
> @@ -70,10 +103,34 @@ static void test_sockmap_create_update_free(enum bpf_map_type map_type)
>   	close(s);
>   }
>   
> +static void test_skmsg_helpers(enum bpf_map_type map_type)
> +{
> +	struct test_skmsg_load_helpers *skel;
> +	int err, map, verdict;
> +
> +	skel = test_skmsg_load_helpers__open_and_load();
> +	if (!skel) {
> +		FAIL("skeleton open/load failed");
> +		return;
> +	}
> +
> +	verdict = bpf_program__fd(skel->progs.prog_msg_verdict);
> +	map = bpf_map__fd(skel->maps.sock_map);
> +
> +	err = xbpf_prog_attach(verdict, map, BPF_SK_MSG_VERDICT, 0);
> +	if (err)
> +		return;
> +	xbpf_prog_detach2(verdict, map, BPF_SK_MSG_VERDICT);
> +}
> +
>   void test_sockmap_basic(void)
>   {
>   	if (test__start_subtest("sockmap create_update_free"))
>   		test_sockmap_create_update_free(BPF_MAP_TYPE_SOCKMAP);
>   	if (test__start_subtest("sockhash create_update_free"))
>   		test_sockmap_create_update_free(BPF_MAP_TYPE_SOCKHASH);
> +	if (test__start_subtest("sockmap sk_msg load helpers"))
> +		test_skmsg_helpers(BPF_MAP_TYPE_SOCKMAP);
> +	if (test__start_subtest("sockhash sk_msg load helpers"))
> +		test_skmsg_helpers(BPF_MAP_TYPE_SOCKHASH);
>   }
> diff --git a/tools/testing/selftests/bpf/progs/test_skmsg_load_helpers.c b/tools/testing/selftests/bpf/progs/test_skmsg_load_helpers.c
> new file mode 100644
> index 0000000..b68eb6c
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/progs/test_skmsg_load_helpers.c
> @@ -0,0 +1,48 @@
> +// SPDX-License-Identifier: GPL-2.0
> +// Copyright (c) 2020 Isovalent, Inc.
> +#include "vmlinux.h"
> +#include <bpf/bpf_helpers.h>
> +
> +struct {
> +	__uint(type, BPF_MAP_TYPE_SOCKMAP);
> +	__uint(max_entries, 2);
> +	__type(key, __u32);
> +	__type(value, __u64);
> +} sock_map SEC(".maps");
> +
> +struct {
> +	__uint(type, BPF_MAP_TYPE_SOCKHASH);
> +	__uint(max_entries, 2);
> +	__type(key, __u32);
> +	__type(value, __u64);
> +} sock_hash SEC(".maps");
> +
> +struct {
> +	__uint(type, BPF_MAP_TYPE_SK_STORAGE);
> +	__uint(map_flags, BPF_F_NO_PREALLOC);
> +	__type(key, __u32);
> +	__type(value, __u64);
> +} socket_storage SEC(".maps");
> +
> +SEC("sk_msg")
> +int prog_msg_verdict(struct sk_msg_md *msg)
> +{
> +	struct task_struct *task = (struct task_struct *)bpf_get_current_task();
> +	int verdict = SK_PASS;
> +	__u32 pid, tpid;
> +	__u64 *sk_stg;
> +
> +	pid = bpf_get_current_pid_tgid() >> 32;
> +	sk_stg = bpf_sk_storage_get(&socket_storage, msg->sk, 0, BPF_SK_STORAGE_GET_F_CREATE);
> +	if (!sk_stg)
> +		return SK_DROP;
> +	*sk_stg = pid;
> +	bpf_probe_read_kernel(&tpid , sizeof(tpid), &task->tgid);
> +	if (pid != tpid)
> +		verdict = SK_DROP;
> +	bpf_sk_storage_delete(&socket_storage, (void *)msg->sk);
> +	return verdict;
> +}
> +
> +int _version SEC("version") = 1;
> +char _license[] SEC("license") = "GPL";
> 

  reply	other threads:[~2020-05-21 18:23 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-21 14:34 [bpf-next PATCH v3 0/5] bpf: Add sk_msg and networking helpers John Fastabend
2020-05-21 14:34 ` [bpf-next PATCH v3 1/5] bpf: sk_msg add some generic helpers that may be useful from sk_msg John Fastabend
2020-05-21 14:35 ` [bpf-next PATCH v3 2/5] bpf: extend bpf_base_func_proto helpers with probe_* and *current_task* John Fastabend
2020-05-21 14:35 ` [bpf-next PATCH v3 3/5] bpf: sk_msg add get socket storage helpers John Fastabend
2020-05-21 14:35 ` [bpf-next PATCH v3 4/5] bpf: selftests, add sk_msg helpers load and attach test John Fastabend
2020-05-21 18:23   ` Yonghong Song [this message]
2020-05-21 18:51     ` John Fastabend
2020-05-21 18:51   ` Andrii Nakryiko
2020-05-21 19:03     ` John Fastabend
2020-05-21 19:09       ` John Fastabend
2020-05-21 19:12         ` Andrii Nakryiko
2020-05-21 14:36 ` [bpf-next PATCH v3 5/5] bpf: selftests, test probe_* helpers from SCHED_CLS John Fastabend
2020-05-21 18:32   ` Yonghong Song
2020-05-21 18:47   ` Andrii Nakryiko
2020-05-21 19:11     ` John Fastabend

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=16a158b4-5e85-8ad3-3389-7687add809d1@fb.com \
    --to=yhs@fb.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=jakub@cloudflare.com \
    --cc=john.fastabend@gmail.com \
    --cc=lmb@cloudflare.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).