| Message ID | 20201126170212.1749137-2-revest@google.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | BPF |
| Headers | show |
| Series | [bpf-next,1/2] bpf: Expose bpf_get_socket_cookie to tracing programs | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | success | Link |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for bpf-next |
| netdev/subject_prefix | success | Link |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 0 this patch: 0 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | warning | WARNING: From:/Signed-off-by: email address mismatch: 'From: Florent Revest <revest@chromium.org>' != 'Signed-off-by: Florent Revest <revest@google.com>' |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 0 this patch: 0 |
| netdev/header_inline | success | Link |
| netdev/stable | success | Stable not CCed |
On 11/26/20 9:02 AM, Florent Revest wrote: > This builds up on the existing socket cookie test which checks whether > the bpf_get_socket_cookie helpers provide the same value in > cgroup/connect6 and sockops programs for a socket created by the > userspace part of the test. > > Adding a tracing program to the existing objects requires a different > attachment strategy and different headers. > > Signed-off-by: Florent Revest <revest@google.com> > --- > .../selftests/bpf/progs/socket_cookie_prog.c | 41 ++++++++++++++++--- > .../selftests/bpf/test_socket_cookie.c | 18 +++++--- Do you think it is possible to migrate test_socket_cookie.c to selftests/bpf/prog_tests so it can be part of test_progs so it will be regularly exercised? > 2 files changed, 49 insertions(+), 10 deletions(-) > > diff --git a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > index 0cb5656a22b0..a11026aeaaf1 100644 > --- a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > +++ b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > @@ -1,11 +1,13 @@ > // SPDX-License-Identifier: GPL-2.0 > // Copyright (c) 2018 Facebook > [...] > diff --git a/tools/testing/selftests/bpf/test_socket_cookie.c b/tools/testing/selftests/bpf/test_socket_cookie.c > index ca7ca87e91aa..0d955c65a4f8 100644 > --- a/tools/testing/selftests/bpf/test_socket_cookie.c > +++ b/tools/testing/selftests/bpf/test_socket_cookie.c > @@ -133,6 +133,7 @@ static int run_test(int cgfd) > struct bpf_prog_load_attr attr; > struct bpf_program *prog; > struct bpf_object *pobj; > + struct bpf_link *link; > const char *prog_name; > int server_fd = -1; > int client_fd = -1; > @@ -153,11 +154,18 @@ static int run_test(int cgfd) > bpf_object__for_each_program(prog, pobj) { > prog_name = bpf_program__section_name(prog); > > - if (libbpf_attach_type_by_name(prog_name, &attach_type)) > - goto err; > - > - err = bpf_prog_attach(bpf_program__fd(prog), cgfd, attach_type, > - BPF_F_ALLOW_OVERRIDE); > + if (bpf_program__is_tracing(prog)) { > + link = bpf_program__attach(prog); > + err = !link; > + continue; > + } else { > + if (libbpf_attach_type_by_name(prog_name, &attach_type)) > + goto err; > + > + err = bpf_prog_attach(bpf_program__fd(prog), cgfd, > + attach_type, > + BPF_F_ALLOW_OVERRIDE); > + } > if (err) { > log_err("Failed to attach prog %s", prog_name); > goto out; >
On Thu, 2020-11-26 at 23:56 -0800, Yonghong Song wrote: > > On 11/26/20 9:02 AM, Florent Revest wrote: > > This builds up on the existing socket cookie test which checks > > whether > > the bpf_get_socket_cookie helpers provide the same value in > > cgroup/connect6 and sockops programs for a socket created by the > > userspace part of the test. > > > > Adding a tracing program to the existing objects requires a > > different > > attachment strategy and different headers. > > > > Signed-off-by: Florent Revest <revest@google.com> > > --- > > .../selftests/bpf/progs/socket_cookie_prog.c | 41 > > ++++++++++++++++--- > > .../selftests/bpf/test_socket_cookie.c | 18 +++++--- > > Do you think it is possible to migrate test_socket_cookie.c to > selftests/bpf/prog_tests so it can be part of test_progs so > it will be regularly exercised? I suppose it's possible, I can give it a try :)
On Thu, Nov 26, 2020 at 9:02 AM Florent Revest <revest@chromium.org> wrote: > > This builds up on the existing socket cookie test which checks whether > the bpf_get_socket_cookie helpers provide the same value in > cgroup/connect6 and sockops programs for a socket created by the > userspace part of the test. > > Adding a tracing program to the existing objects requires a different > attachment strategy and different headers. > > Signed-off-by: Florent Revest <revest@google.com> > --- > .../selftests/bpf/progs/socket_cookie_prog.c | 41 ++++++++++++++++--- > .../selftests/bpf/test_socket_cookie.c | 18 +++++--- > 2 files changed, 49 insertions(+), 10 deletions(-) > > diff --git a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > index 0cb5656a22b0..a11026aeaaf1 100644 > --- a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > +++ b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c > @@ -1,11 +1,13 @@ > // SPDX-License-Identifier: GPL-2.0 > // Copyright (c) 2018 Facebook > > -#include <linux/bpf.h> > -#include <sys/socket.h> > +#include "vmlinux.h" > > #include <bpf/bpf_helpers.h> > #include <bpf/bpf_endian.h> > +#include <bpf/bpf_tracing.h> > + > +#define AF_INET6 10 > > struct socket_cookie { > __u64 cookie_key; > @@ -19,6 +21,14 @@ struct { > __type(value, struct socket_cookie); > } socket_cookies SEC(".maps"); > > +/* > + * These three programs get executed in a row on connect() syscalls. The > + * userspace side of the test creates a client socket, issues a connect() on it > + * and then checks that the local storage associated with this socket has: > + * cookie_value == local_port << 8 | 0xFF > + * The different parts of this cookie_value are appended by those hooks if they > + * all agree on the output of bpf_get_socket_cookie(). > + */ > SEC("cgroup/connect6") > int set_cookie(struct bpf_sock_addr *ctx) > { > @@ -32,14 +42,14 @@ int set_cookie(struct bpf_sock_addr *ctx) > if (!p) > return 1; > > - p->cookie_value = 0xFF; > + p->cookie_value = 0xF; > p->cookie_key = bpf_get_socket_cookie(ctx); > > return 1; > } > > SEC("sockops") > -int update_cookie(struct bpf_sock_ops *ctx) > +int update_cookie_sockops(struct bpf_sock_ops *ctx) > { > struct bpf_sock *sk; > struct socket_cookie *p; > @@ -60,11 +70,32 @@ int update_cookie(struct bpf_sock_ops *ctx) > if (p->cookie_key != bpf_get_socket_cookie(ctx)) > return 1; > > - p->cookie_value = (ctx->local_port << 8) | p->cookie_value; > + p->cookie_value |= (ctx->local_port << 8); > > return 1; > } > > +SEC("fexit/inet_stream_connect") > +int BPF_PROG(update_cookie_tracing, struct socket *sock, > + struct sockaddr *uaddr, int addr_len, int flags) > +{ > + struct socket_cookie *p; > + > + if (uaddr->sa_family != AF_INET6) > + return 0; > + > + p = bpf_sk_storage_get(&socket_cookies, sock->sk, 0, 0); > + if (!p) > + return 0; > + > + if (p->cookie_key != bpf_get_socket_cookie(sock->sk)) > + return 0; > + > + p->cookie_value |= 0xF0; > + > + return 0; > +} > + > int _version SEC("version") = 1; please remove this, while you are at it > > char _license[] SEC("license") = "GPL"; > diff --git a/tools/testing/selftests/bpf/test_socket_cookie.c b/tools/testing/selftests/bpf/test_socket_cookie.c > index ca7ca87e91aa..0d955c65a4f8 100644 > --- a/tools/testing/selftests/bpf/test_socket_cookie.c > +++ b/tools/testing/selftests/bpf/test_socket_cookie.c > @@ -133,6 +133,7 @@ static int run_test(int cgfd) > struct bpf_prog_load_attr attr; > struct bpf_program *prog; > struct bpf_object *pobj; > + struct bpf_link *link; > const char *prog_name; > int server_fd = -1; > int client_fd = -1; > @@ -153,11 +154,18 @@ static int run_test(int cgfd) > bpf_object__for_each_program(prog, pobj) { > prog_name = bpf_program__section_name(prog); > > - if (libbpf_attach_type_by_name(prog_name, &attach_type)) > - goto err; > - > - err = bpf_prog_attach(bpf_program__fd(prog), cgfd, attach_type, > - BPF_F_ALLOW_OVERRIDE); > + if (bpf_program__is_tracing(prog)) { > + link = bpf_program__attach(prog); > + err = !link; link is a pointer, so use libbpf_get_error() > + continue; > + } else { else branch is not really necessary, just adds indentation unnecessarily > + if (libbpf_attach_type_by_name(prog_name, &attach_type)) > + goto err; > + > + err = bpf_prog_attach(bpf_program__fd(prog), cgfd, > + attach_type, > + BPF_F_ALLOW_OVERRIDE); > + } > if (err) { > log_err("Failed to attach prog %s", prog_name); > goto out; > -- > 2.29.2.454.gaff20da3a2-goog >
diff --git a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c index 0cb5656a22b0..a11026aeaaf1 100644 --- a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c +++ b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c @@ -1,11 +1,13 @@ // SPDX-License-Identifier: GPL-2.0 // Copyright (c) 2018 Facebook -#include <linux/bpf.h> -#include <sys/socket.h> +#include "vmlinux.h" #include <bpf/bpf_helpers.h> #include <bpf/bpf_endian.h> +#include <bpf/bpf_tracing.h> + +#define AF_INET6 10 struct socket_cookie { __u64 cookie_key; @@ -19,6 +21,14 @@ struct { __type(value, struct socket_cookie); } socket_cookies SEC(".maps"); +/* + * These three programs get executed in a row on connect() syscalls. The + * userspace side of the test creates a client socket, issues a connect() on it + * and then checks that the local storage associated with this socket has: + * cookie_value == local_port << 8 | 0xFF + * The different parts of this cookie_value are appended by those hooks if they + * all agree on the output of bpf_get_socket_cookie(). + */ SEC("cgroup/connect6") int set_cookie(struct bpf_sock_addr *ctx) { @@ -32,14 +42,14 @@ int set_cookie(struct bpf_sock_addr *ctx) if (!p) return 1; - p->cookie_value = 0xFF; + p->cookie_value = 0xF; p->cookie_key = bpf_get_socket_cookie(ctx); return 1; } SEC("sockops") -int update_cookie(struct bpf_sock_ops *ctx) +int update_cookie_sockops(struct bpf_sock_ops *ctx) { struct bpf_sock *sk; struct socket_cookie *p; @@ -60,11 +70,32 @@ int update_cookie(struct bpf_sock_ops *ctx) if (p->cookie_key != bpf_get_socket_cookie(ctx)) return 1; - p->cookie_value = (ctx->local_port << 8) | p->cookie_value; + p->cookie_value |= (ctx->local_port << 8); return 1; } +SEC("fexit/inet_stream_connect") +int BPF_PROG(update_cookie_tracing, struct socket *sock, + struct sockaddr *uaddr, int addr_len, int flags) +{ + struct socket_cookie *p; + + if (uaddr->sa_family != AF_INET6) + return 0; + + p = bpf_sk_storage_get(&socket_cookies, sock->sk, 0, 0); + if (!p) + return 0; + + if (p->cookie_key != bpf_get_socket_cookie(sock->sk)) + return 0; + + p->cookie_value |= 0xF0; + + return 0; +} + int _version SEC("version") = 1; char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_socket_cookie.c b/tools/testing/selftests/bpf/test_socket_cookie.c index ca7ca87e91aa..0d955c65a4f8 100644 --- a/tools/testing/selftests/bpf/test_socket_cookie.c +++ b/tools/testing/selftests/bpf/test_socket_cookie.c @@ -133,6 +133,7 @@ static int run_test(int cgfd) struct bpf_prog_load_attr attr; struct bpf_program *prog; struct bpf_object *pobj; + struct bpf_link *link; const char *prog_name; int server_fd = -1; int client_fd = -1; @@ -153,11 +154,18 @@ static int run_test(int cgfd) bpf_object__for_each_program(prog, pobj) { prog_name = bpf_program__section_name(prog); - if (libbpf_attach_type_by_name(prog_name, &attach_type)) - goto err; - - err = bpf_prog_attach(bpf_program__fd(prog), cgfd, attach_type, - BPF_F_ALLOW_OVERRIDE); + if (bpf_program__is_tracing(prog)) { + link = bpf_program__attach(prog); + err = !link; + continue; + } else { + if (libbpf_attach_type_by_name(prog_name, &attach_type)) + goto err; + + err = bpf_prog_attach(bpf_program__fd(prog), cgfd, + attach_type, + BPF_F_ALLOW_OVERRIDE); + } if (err) { log_err("Failed to attach prog %s", prog_name); goto out;
This builds up on the existing socket cookie test which checks whether the bpf_get_socket_cookie helpers provide the same value in cgroup/connect6 and sockops programs for a socket created by the userspace part of the test. Adding a tracing program to the existing objects requires a different attachment strategy and different headers. Signed-off-by: Florent Revest <revest@google.com> --- .../selftests/bpf/progs/socket_cookie_prog.c | 41 ++++++++++++++++--- .../selftests/bpf/test_socket_cookie.c | 18 +++++--- 2 files changed, 49 insertions(+), 10 deletions(-)