* [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs @ 2020-11-26 17:02 Florent Revest 2020-11-26 17:02 ` [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie Florent Revest 2020-11-27 8:08 ` [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs Yonghong Song 0 siblings, 2 replies; 6+ messages in thread From: Florent Revest @ 2020-11-26 17:02 UTC (permalink / raw) To: bpf; +Cc: ast, daniel, andrii, kpsingh, revest, linux-kernel This creates a new helper proto because the existing bpf_get_socket_cookie_sock_proto has a ARG_PTR_TO_CTX argument and only works for BPF programs where the context is a sock. This helper could also be useful to other BPF program types such as LSM. Signed-off-by: Florent Revest <revest@google.com> --- kernel/trace/bpf_trace.c | 4 ++++ net/core/filter.c | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index d255bc9b2bfa..14ad96579813 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -1725,6 +1725,8 @@ raw_tp_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) } } +extern const struct bpf_func_proto bpf_get_socket_cookie_sock_tracing_proto; + const struct bpf_func_proto * tracing_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) { @@ -1748,6 +1750,8 @@ tracing_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) return &bpf_sk_storage_get_tracing_proto; case BPF_FUNC_sk_storage_delete: return &bpf_sk_storage_delete_tracing_proto; + case BPF_FUNC_get_socket_cookie: + return &bpf_get_socket_cookie_sock_tracing_proto; #endif case BPF_FUNC_seq_printf: return prog->expected_attach_type == BPF_TRACE_ITER ? diff --git a/net/core/filter.c b/net/core/filter.c index 2ca5eecebacf..177c4e5e529d 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -4631,6 +4631,13 @@ static const struct bpf_func_proto bpf_get_socket_cookie_sock_proto = { .arg1_type = ARG_PTR_TO_CTX, }; +const struct bpf_func_proto bpf_get_socket_cookie_sock_tracing_proto = { + .func = bpf_get_socket_cookie_sock, + .gpl_only = false, + .ret_type = RET_INTEGER, + .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, +}; + BPF_CALL_1(bpf_get_socket_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx) { return __sock_gen_cookie(ctx->sk); -- 2.29.2.454.gaff20da3a2-goog ^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie 2020-11-26 17:02 [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs Florent Revest @ 2020-11-26 17:02 ` Florent Revest 2020-11-27 7:56 ` Yonghong Song 2020-12-02 1:01 ` Andrii Nakryiko 2020-11-27 8:08 ` [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs Yonghong Song 1 sibling, 2 replies; 6+ messages in thread From: Florent Revest @ 2020-11-26 17:02 UTC (permalink / raw) To: bpf; +Cc: ast, daniel, andrii, kpsingh, revest, linux-kernel This builds up on the existing socket cookie test which checks whether the bpf_get_socket_cookie helpers provide the same value in cgroup/connect6 and sockops programs for a socket created by the userspace part of the test. Adding a tracing program to the existing objects requires a different attachment strategy and different headers. Signed-off-by: Florent Revest <revest@google.com> --- .../selftests/bpf/progs/socket_cookie_prog.c | 41 ++++++++++++++++--- .../selftests/bpf/test_socket_cookie.c | 18 +++++--- 2 files changed, 49 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c index 0cb5656a22b0..a11026aeaaf1 100644 --- a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c +++ b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c @@ -1,11 +1,13 @@ // SPDX-License-Identifier: GPL-2.0 // Copyright (c) 2018 Facebook -#include <linux/bpf.h> -#include <sys/socket.h> +#include "vmlinux.h" #include <bpf/bpf_helpers.h> #include <bpf/bpf_endian.h> +#include <bpf/bpf_tracing.h> + +#define AF_INET6 10 struct socket_cookie { __u64 cookie_key; @@ -19,6 +21,14 @@ struct { __type(value, struct socket_cookie); } socket_cookies SEC(".maps"); +/* + * These three programs get executed in a row on connect() syscalls. The + * userspace side of the test creates a client socket, issues a connect() on it + * and then checks that the local storage associated with this socket has: + * cookie_value == local_port << 8 | 0xFF + * The different parts of this cookie_value are appended by those hooks if they + * all agree on the output of bpf_get_socket_cookie(). + */ SEC("cgroup/connect6") int set_cookie(struct bpf_sock_addr *ctx) { @@ -32,14 +42,14 @@ int set_cookie(struct bpf_sock_addr *ctx) if (!p) return 1; - p->cookie_value = 0xFF; + p->cookie_value = 0xF; p->cookie_key = bpf_get_socket_cookie(ctx); return 1; } SEC("sockops") -int update_cookie(struct bpf_sock_ops *ctx) +int update_cookie_sockops(struct bpf_sock_ops *ctx) { struct bpf_sock *sk; struct socket_cookie *p; @@ -60,11 +70,32 @@ int update_cookie(struct bpf_sock_ops *ctx) if (p->cookie_key != bpf_get_socket_cookie(ctx)) return 1; - p->cookie_value = (ctx->local_port << 8) | p->cookie_value; + p->cookie_value |= (ctx->local_port << 8); return 1; } +SEC("fexit/inet_stream_connect") +int BPF_PROG(update_cookie_tracing, struct socket *sock, + struct sockaddr *uaddr, int addr_len, int flags) +{ + struct socket_cookie *p; + + if (uaddr->sa_family != AF_INET6) + return 0; + + p = bpf_sk_storage_get(&socket_cookies, sock->sk, 0, 0); + if (!p) + return 0; + + if (p->cookie_key != bpf_get_socket_cookie(sock->sk)) + return 0; + + p->cookie_value |= 0xF0; + + return 0; +} + int _version SEC("version") = 1; char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_socket_cookie.c b/tools/testing/selftests/bpf/test_socket_cookie.c index ca7ca87e91aa..0d955c65a4f8 100644 --- a/tools/testing/selftests/bpf/test_socket_cookie.c +++ b/tools/testing/selftests/bpf/test_socket_cookie.c @@ -133,6 +133,7 @@ static int run_test(int cgfd) struct bpf_prog_load_attr attr; struct bpf_program *prog; struct bpf_object *pobj; + struct bpf_link *link; const char *prog_name; int server_fd = -1; int client_fd = -1; @@ -153,11 +154,18 @@ static int run_test(int cgfd) bpf_object__for_each_program(prog, pobj) { prog_name = bpf_program__section_name(prog); - if (libbpf_attach_type_by_name(prog_name, &attach_type)) - goto err; - - err = bpf_prog_attach(bpf_program__fd(prog), cgfd, attach_type, - BPF_F_ALLOW_OVERRIDE); + if (bpf_program__is_tracing(prog)) { + link = bpf_program__attach(prog); + err = !link; + continue; + } else { + if (libbpf_attach_type_by_name(prog_name, &attach_type)) + goto err; + + err = bpf_prog_attach(bpf_program__fd(prog), cgfd, + attach_type, + BPF_F_ALLOW_OVERRIDE); + } if (err) { log_err("Failed to attach prog %s", prog_name); goto out; -- 2.29.2.454.gaff20da3a2-goog ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie 2020-11-26 17:02 ` [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie Florent Revest @ 2020-11-27 7:56 ` Yonghong Song 2020-11-27 9:17 ` Florent Revest 2020-12-02 1:01 ` Andrii Nakryiko 1 sibling, 1 reply; 6+ messages in thread From: Yonghong Song @ 2020-11-27 7:56 UTC (permalink / raw) To: Florent Revest, bpf; +Cc: ast, daniel, andrii, kpsingh, revest, linux-kernel On 11/26/20 9:02 AM, Florent Revest wrote: > This builds up on the existing socket cookie test which checks whether > the bpf_get_socket_cookie helpers provide the same value in > cgroup/connect6 and sockops programs for a socket created by the > userspace part of the test. > > Adding a tracing program to the existing objects requires a different > attachment strategy and different headers. > > Signed-off-by: Florent Revest <revest@google.com> > --- > .../selftests/bpf/progs/socket_cookie_prog.c | 41 ++++++++++++++++--- > .../selftests/bpf/test_socket_cookie.c | 18 +++++--- Do you think it is possible to migrate test_socket_cookie.c to selftests/bpf/prog_tests so it can be part of test_progs so it will be regularly exercised? > 2 files changed, 49 insertions(+), 10 deletions(-) > > diff --git a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > index 0cb5656a22b0..a11026aeaaf1 100644 > --- a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > +++ b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > @@ -1,11 +1,13 @@ > // SPDX-License-Identifier: GPL-2.0 > // Copyright (c) 2018 Facebook > [...] > diff --git a/tools/testing/selftests/bpf/test_socket_cookie.c b/tools/testing/selftests/bpf/test_socket_cookie.c > index ca7ca87e91aa..0d955c65a4f8 100644 > --- a/tools/testing/selftests/bpf/test_socket_cookie.c > +++ b/tools/testing/selftests/bpf/test_socket_cookie.c > @@ -133,6 +133,7 @@ static int run_test(int cgfd) > struct bpf_prog_load_attr attr; > struct bpf_program *prog; > struct bpf_object *pobj; > + struct bpf_link *link; > const char *prog_name; > int server_fd = -1; > int client_fd = -1; > @@ -153,11 +154,18 @@ static int run_test(int cgfd) > bpf_object__for_each_program(prog, pobj) { > prog_name = bpf_program__section_name(prog); > > - if (libbpf_attach_type_by_name(prog_name, &attach_type)) > - goto err; > - > - err = bpf_prog_attach(bpf_program__fd(prog), cgfd, attach_type, > - BPF_F_ALLOW_OVERRIDE); > + if (bpf_program__is_tracing(prog)) { > + link = bpf_program__attach(prog); > + err = !link; > + continue; > + } else { > + if (libbpf_attach_type_by_name(prog_name, &attach_type)) > + goto err; > + > + err = bpf_prog_attach(bpf_program__fd(prog), cgfd, > + attach_type, > + BPF_F_ALLOW_OVERRIDE); > + } > if (err) { > log_err("Failed to attach prog %s", prog_name); > goto out; > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie 2020-11-27 7:56 ` Yonghong Song @ 2020-11-27 9:17 ` Florent Revest 0 siblings, 0 replies; 6+ messages in thread From: Florent Revest @ 2020-11-27 9:17 UTC (permalink / raw) To: Yonghong Song, bpf; +Cc: ast, daniel, andrii, kpsingh, revest, linux-kernel On Thu, 2020-11-26 at 23:56 -0800, Yonghong Song wrote: > > On 11/26/20 9:02 AM, Florent Revest wrote: > > This builds up on the existing socket cookie test which checks > > whether > > the bpf_get_socket_cookie helpers provide the same value in > > cgroup/connect6 and sockops programs for a socket created by the > > userspace part of the test. > > > > Adding a tracing program to the existing objects requires a > > different > > attachment strategy and different headers. > > > > Signed-off-by: Florent Revest <revest@google.com> > > --- > > .../selftests/bpf/progs/socket_cookie_prog.c | 41 > > ++++++++++++++++--- > > .../selftests/bpf/test_socket_cookie.c | 18 +++++--- > > Do you think it is possible to migrate test_socket_cookie.c to > selftests/bpf/prog_tests so it can be part of test_progs so > it will be regularly exercised? I suppose it's possible, I can give it a try :) ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie 2020-11-26 17:02 ` [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie Florent Revest 2020-11-27 7:56 ` Yonghong Song @ 2020-12-02 1:01 ` Andrii Nakryiko 1 sibling, 0 replies; 6+ messages in thread From: Andrii Nakryiko @ 2020-12-02 1:01 UTC (permalink / raw) To: Florent Revest Cc: bpf, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, KP Singh, Florent Revest, open list On Thu, Nov 26, 2020 at 9:02 AM Florent Revest <revest@chromium.org> wrote: > > This builds up on the existing socket cookie test which checks whether > the bpf_get_socket_cookie helpers provide the same value in > cgroup/connect6 and sockops programs for a socket created by the > userspace part of the test. > > Adding a tracing program to the existing objects requires a different > attachment strategy and different headers. > > Signed-off-by: Florent Revest <revest@google.com> > --- > .../selftests/bpf/progs/socket_cookie_prog.c | 41 ++++++++++++++++--- > .../selftests/bpf/test_socket_cookie.c | 18 +++++--- > 2 files changed, 49 insertions(+), 10 deletions(-) > > diff --git a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > index 0cb5656a22b0..a11026aeaaf1 100644 > --- a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > +++ b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > @@ -1,11 +1,13 @@ > // SPDX-License-Identifier: GPL-2.0 > // Copyright (c) 2018 Facebook > > -#include <linux/bpf.h> > -#include <sys/socket.h> > +#include "vmlinux.h" > > #include <bpf/bpf_helpers.h> > #include <bpf/bpf_endian.h> > +#include <bpf/bpf_tracing.h> > + > +#define AF_INET6 10 > > struct socket_cookie { > __u64 cookie_key; > @@ -19,6 +21,14 @@ struct { > __type(value, struct socket_cookie); > } socket_cookies SEC(".maps"); > > +/* > + * These three programs get executed in a row on connect() syscalls. The > + * userspace side of the test creates a client socket, issues a connect() on it > + * and then checks that the local storage associated with this socket has: > + * cookie_value == local_port << 8 | 0xFF > + * The different parts of this cookie_value are appended by those hooks if they > + * all agree on the output of bpf_get_socket_cookie(). > + */ > SEC("cgroup/connect6") > int set_cookie(struct bpf_sock_addr *ctx) > { > @@ -32,14 +42,14 @@ int set_cookie(struct bpf_sock_addr *ctx) > if (!p) > return 1; > > - p->cookie_value = 0xFF; > + p->cookie_value = 0xF; > p->cookie_key = bpf_get_socket_cookie(ctx); > > return 1; > } > > SEC("sockops") > -int update_cookie(struct bpf_sock_ops *ctx) > +int update_cookie_sockops(struct bpf_sock_ops *ctx) > { > struct bpf_sock *sk; > struct socket_cookie *p; > @@ -60,11 +70,32 @@ int update_cookie(struct bpf_sock_ops *ctx) > if (p->cookie_key != bpf_get_socket_cookie(ctx)) > return 1; > > - p->cookie_value = (ctx->local_port << 8) | p->cookie_value; > + p->cookie_value |= (ctx->local_port << 8); > > return 1; > } > > +SEC("fexit/inet_stream_connect") > +int BPF_PROG(update_cookie_tracing, struct socket *sock, > + struct sockaddr *uaddr, int addr_len, int flags) > +{ > + struct socket_cookie *p; > + > + if (uaddr->sa_family != AF_INET6) > + return 0; > + > + p = bpf_sk_storage_get(&socket_cookies, sock->sk, 0, 0); > + if (!p) > + return 0; > + > + if (p->cookie_key != bpf_get_socket_cookie(sock->sk)) > + return 0; > + > + p->cookie_value |= 0xF0; > + > + return 0; > +} > + > int _version SEC("version") = 1; please remove this, while you are at it > > char _license[] SEC("license") = "GPL"; > diff --git a/tools/testing/selftests/bpf/test_socket_cookie.c b/tools/testing/selftests/bpf/test_socket_cookie.c > index ca7ca87e91aa..0d955c65a4f8 100644 > --- a/tools/testing/selftests/bpf/test_socket_cookie.c > +++ b/tools/testing/selftests/bpf/test_socket_cookie.c > @@ -133,6 +133,7 @@ static int run_test(int cgfd) > struct bpf_prog_load_attr attr; > struct bpf_program *prog; > struct bpf_object *pobj; > + struct bpf_link *link; > const char *prog_name; > int server_fd = -1; > int client_fd = -1; > @@ -153,11 +154,18 @@ static int run_test(int cgfd) > bpf_object__for_each_program(prog, pobj) { > prog_name = bpf_program__section_name(prog); > > - if (libbpf_attach_type_by_name(prog_name, &attach_type)) > - goto err; > - > - err = bpf_prog_attach(bpf_program__fd(prog), cgfd, attach_type, > - BPF_F_ALLOW_OVERRIDE); > + if (bpf_program__is_tracing(prog)) { > + link = bpf_program__attach(prog); > + err = !link; link is a pointer, so use libbpf_get_error() > + continue; > + } else { else branch is not really necessary, just adds indentation unnecessarily > + if (libbpf_attach_type_by_name(prog_name, &attach_type)) > + goto err; > + > + err = bpf_prog_attach(bpf_program__fd(prog), cgfd, > + attach_type, > + BPF_F_ALLOW_OVERRIDE); > + } > if (err) { > log_err("Failed to attach prog %s", prog_name); > goto out; > -- > 2.29.2.454.gaff20da3a2-goog > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs 2020-11-26 17:02 [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs Florent Revest 2020-11-26 17:02 ` [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie Florent Revest @ 2020-11-27 8:08 ` Yonghong Song 1 sibling, 0 replies; 6+ messages in thread From: Yonghong Song @ 2020-11-27 8:08 UTC (permalink / raw) To: Florent Revest, bpf; +Cc: ast, daniel, andrii, kpsingh, revest, linux-kernel On 11/26/20 9:02 AM, Florent Revest wrote: > This creates a new helper proto because the existing > bpf_get_socket_cookie_sock_proto has a ARG_PTR_TO_CTX argument and only > works for BPF programs where the context is a sock. > > This helper could also be useful to other BPF program types such as LSM. > > Signed-off-by: Florent Revest <revest@google.com> > --- > kernel/trace/bpf_trace.c | 4 ++++ > net/core/filter.c | 7 +++++++ > 2 files changed, 11 insertions(+) > > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > index d255bc9b2bfa..14ad96579813 100644 > --- a/kernel/trace/bpf_trace.c > +++ b/kernel/trace/bpf_trace.c > @@ -1725,6 +1725,8 @@ raw_tp_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > } > } > > +extern const struct bpf_func_proto bpf_get_socket_cookie_sock_tracing_proto; > + > const struct bpf_func_proto * > tracing_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > { > @@ -1748,6 +1750,8 @@ tracing_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > return &bpf_sk_storage_get_tracing_proto; > case BPF_FUNC_sk_storage_delete: > return &bpf_sk_storage_delete_tracing_proto; > + case BPF_FUNC_get_socket_cookie: > + return &bpf_get_socket_cookie_sock_tracing_proto; > #endif > case BPF_FUNC_seq_printf: > return prog->expected_attach_type == BPF_TRACE_ITER ? > diff --git a/net/core/filter.c b/net/core/filter.c > index 2ca5eecebacf..177c4e5e529d 100644 > --- a/net/core/filter.c > +++ b/net/core/filter.c > @@ -4631,6 +4631,13 @@ static const struct bpf_func_proto bpf_get_socket_cookie_sock_proto = { > .arg1_type = ARG_PTR_TO_CTX, > }; > > +const struct bpf_func_proto bpf_get_socket_cookie_sock_tracing_proto = { > + .func = bpf_get_socket_cookie_sock, > + .gpl_only = false, > + .ret_type = RET_INTEGER, > + .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, > +}; This seems correct to me. Could you add another helper description in uapi bpf.h? Currently we already have: u64 bpf_get_socket_cookie(struct sk_buff *skb) u64 bpf_get_socket_cookie(struct bpf_sock_addr *ctx) u64 bpf_get_socket_cookie(struct bpf_sock_ops *ctx) The btf-id based helper will be something like below u64 bpf_get_socket_cookie(void *sk) > + > BPF_CALL_1(bpf_get_socket_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx) > { > return __sock_gen_cookie(ctx->sk); > ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-12-02 1:02 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-11-26 17:02 [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs Florent Revest 2020-11-26 17:02 ` [PATCH bpf-next 2/2] bpf: Add a selftest for the tracing bpf_get_socket_cookie Florent Revest 2020-11-27 7:56 ` Yonghong Song 2020-11-27 9:17 ` Florent Revest 2020-12-02 1:01 ` Andrii Nakryiko 2020-11-27 8:08 ` [PATCH bpf-next 1/2] bpf: Expose bpf_get_socket_cookie to tracing programs Yonghong Song
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).