From patchwork Wed Jun 16 22:47:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12326095 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0B7C3C48BE5 for ; Wed, 16 Jun 2021 22:47:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D6EA3613DF for ; Wed, 16 Jun 2021 22:47:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234144AbhFPWtr (ORCPT ); Wed, 16 Jun 2021 18:49:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51726 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233919AbhFPWtr (ORCPT ); Wed, 16 Jun 2021 18:49:47 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7173C061574 for ; Wed, 16 Jun 2021 15:47:40 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id u18so1924461plc.0 for ; Wed, 16 Jun 2021 15:47:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=fkT/h0nuo62m1KMVklUTthfLbE7X2XqIRgu5xra2CTQ=; b=Ajd7j0BP8feN3kJpY/X3pZvzjZgKZqdf3b2SGM1cUnTcfFZ242liBu4ELVIrXy1ACo SCf/9EcWrKsN5mWgUKQVcdpo+KZjDg6wHA0h83BMEsLU4wyUV0PkHwqQYENjruwr9YIA cGmeScG2Vf6tl8dZuC5iCLAfEGp3No1rpmbHo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=fkT/h0nuo62m1KMVklUTthfLbE7X2XqIRgu5xra2CTQ=; b=nIfFny6LK/IeEzUAPLEV/z09lO3Dje0XGtB13AGr1/HN+xgIulxs9H56KNDNwA4pkp U9RERHog50/Jcs8+3X3VOTYafDsR6KI/yQaSVQo5Xwt8SqMHgLOUBhNeXoQCvreKXCXM TESrNEX03sxA9QpDivuIv53FKR8FRRqDdbPt68j77Pq4pYpzGFW6a1eo2NFfu1bpAE0E bx7bA5+MtOTprevot5RbSp8WBJFwE20+JE30NR6l48Y3ydxZC92shqNKvZ7S0Enkxw7e +AGX+uFSg20lnOLGGYVUQnGSJueXvysuUgo/nM5r3crkK55tMCkH/b3+e16sDeg3pBBk 6S9w== X-Gm-Message-State: AOAM533cwxjyNjEXaCiz4BIzRmAN2FDIEay6j0WbgqkOxIpKZ9s3xczr yx95UcdWfWwFggEY3mTSIjhlQ8NBnpr3yg== X-Google-Smtp-Source: ABdhPJwHQxrkd60kP2fMwWcAm0fN3bD6WWvpgG05AW1bRqBF9vMEawvXp5L9RE8Jgq7LIY70lajx9A== X-Received: by 2002:a17:90a:fa04:: with SMTP id cm4mr13112483pjb.111.1623883659973; Wed, 16 Jun 2021 15:47:39 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id p6sm6278672pjk.34.2021.06.16.15.47.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Jun 2021 15:47:39 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v5 1/4] bpf: add function for XDP meta data length check Date: Wed, 16 Jun 2021 22:47:09 +0000 Message-Id: <20210616224712.3243-2-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210616224712.3243-1-zeffron@riotgames.com> References: <20210616224712.3243-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net This commit prepares to use the XDP meta data length check in multiple places by making it into a defined macro instead of a literal. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron --- include/net/xdp.h | 5 +++++ net/core/filter.c | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/include/net/xdp.h b/include/net/xdp.h index 5533f0ab2afc..8bfd21bfeddc 100644 --- a/include/net/xdp.h +++ b/include/net/xdp.h @@ -276,6 +276,11 @@ xdp_data_meta_unsupported(const struct xdp_buff *xdp) return unlikely(xdp->data_meta > xdp->data); } +static __always_inline int +xdp_metalen_valid(unsigned long metalen) { + return (metalen & (sizeof(__u32) - 1)) || (metalen > 32); +} + struct xdp_attachment_info { struct bpf_prog *prog; u32 flags; diff --git a/net/core/filter.c b/net/core/filter.c index 5b86e47ef079..b4a64a07de88 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -77,6 +77,7 @@ #include #include #include +#include static const struct bpf_func_proto * bpf_sk_base_func_proto(enum bpf_func_id func_id); @@ -3905,8 +3906,7 @@ BPF_CALL_2(bpf_xdp_adjust_meta, struct xdp_buff *, xdp, int, offset) if (unlikely(meta < xdp_frame_end || meta > xdp->data)) return -EINVAL; - if (unlikely((metalen & (sizeof(__u32) - 1)) || - (metalen > 32))) + if (unlikely(xdp_metalen_valid(metalen))) return -EACCES; xdp->data_meta = meta; From patchwork Wed Jun 16 22:47:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12326097 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2036C48BE6 for ; Wed, 16 Jun 2021 22:47:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A09C8613EA for ; Wed, 16 Jun 2021 22:47:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233919AbhFPWuB (ORCPT ); Wed, 16 Jun 2021 18:50:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51774 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233244AbhFPWuA (ORCPT ); Wed, 16 Jun 2021 18:50:00 -0400 Received: from mail-pj1-x1036.google.com (mail-pj1-x1036.google.com [IPv6:2607:f8b0:4864:20::1036]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 390B0C061574 for ; Wed, 16 Jun 2021 15:47:54 -0700 (PDT) Received: by mail-pj1-x1036.google.com with SMTP id o10-20020a17090aac0ab029016e92770073so2673911pjq.5 for ; Wed, 16 Jun 2021 15:47:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Yqd2+TGlNCTaTOesLNWXqVsKjy5vPLLzil4CutQO7ks=; b=JyjqoYv+Oc0/aY0fgss8+neMGuvX/ceqNlrVBenkZwmcLP2HQZoNktsX7jBMcvcG6I pK/JpQS7L0JWlSAv4UfqFNJuVZeyJzOIfMshaOH3BipDX4XXcoIuBFJkxLpml94UI+WJ NMLhq/e9si1mtwef4OQJFVt+b3jG2NPsPp2Rc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Yqd2+TGlNCTaTOesLNWXqVsKjy5vPLLzil4CutQO7ks=; b=FsxtVdXgmIaDnwEZPm4ijtc6OE+cCTEYoiWcbBclhp618Yfbut8dsqGobFF8clHpB3 42thxipVi3VsLn4bOwnw+v+yg/nmPqRFXHyOxPCkJePiOMP4LNxJYW7U2ikrIAxbSjbi h1X9TV6svOyM6hwYgr98Qwl1eHwYMAXoZd8wxGUFSSc4jaqFiNwRlppARVD+3KzbWH8Y 1V6Wv15bvYJVIsUo9pk/xCHnpCY06YuESb/q9U/L2UbkRyOyiAEjqa4Xj4I2wHZc9NJ6 mHb6nGNpnQSjWfzWMtyVvay2om4v1ISmRM/LnzdJOIDW0aS6nDWbqhsX+yDum/DBtyBO 8x/Q== X-Gm-Message-State: AOAM532go19RjV1dLqIqWsBWrYZ9YtI/llw5EM8cWmlrubjrKms10w5d UZKeVE1JwnnCoEO4XvwAmNsiKNFP+72nFQ== X-Google-Smtp-Source: ABdhPJw15B+cApHEpRbXQzjLSnUMSRm9MoPMw3Ppm8E9Z2shz85y16bdKruxxJ+6rfFLkt8TyL8L0A== X-Received: by 2002:a17:90a:fe18:: with SMTP id ck24mr13756281pjb.158.1623883673475; Wed, 16 Jun 2021 15:47:53 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id p6sm6278672pjk.34.2021.06.16.15.47.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Jun 2021 15:47:52 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v5 2/4] bpf: support input xdp_md context in BPF_PROG_TEST_RUN Date: Wed, 16 Jun 2021 22:47:10 +0000 Message-Id: <20210616224712.3243-3-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210616224712.3243-1-zeffron@riotgames.com> References: <20210616224712.3243-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Support passing a xdp_md via ctx_in/ctx_out in bpf_attr for BPF_PROG_TEST_RUN. The intended use case is to pass some XDP meta data to the test runs of XDP programs that are used as tail calls. For programs that use bpf_prog_test_run_xdp, support xdp_md input and output. Unlike with an actual xdp_md during a non-test run, data_meta must be 0 because it must point to the start of the provided user data. From the initial xdp_md, use data and data_end to adjust the pointers in the generated xdp_buff. All other non-zero fields are prohibited (with EINVAL). If the user has set ctx_out/ctx_size_out, copy the (potentially different) xdp_md back to the userspace. We require all fields of input xdp_md except the ones we explicitly support to be set to zero. The expectation is that in the future we might add support for more fields and we want to fail explicitly if the user runs the program on the kernel where we don't yet support them. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron --- include/uapi/linux/bpf.h | 3 -- net/bpf/test_run.c | 68 ++++++++++++++++++++++++++++++++++++---- 2 files changed, 62 insertions(+), 9 deletions(-) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index bf9252c7381e..b46a383e8db7 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -324,9 +324,6 @@ union bpf_iter_link_info { * **BPF_PROG_TYPE_SK_LOOKUP** * *data_in* and *data_out* must be NULL. * - * **BPF_PROG_TYPE_XDP** - * *ctx_in* and *ctx_out* must be NULL. - * * **BPF_PROG_TYPE_RAW_TRACEPOINT**, * **BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE** * diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c index aa47af349ba8..f3054f25409c 100644 --- a/net/bpf/test_run.c +++ b/net/bpf/test_run.c @@ -15,6 +15,7 @@ #include #include #include +#include #define CREATE_TRACE_POINTS #include @@ -687,6 +688,22 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr, return ret; } +static int xdp_convert_md_to_buff(struct xdp_md *xdp_md, struct xdp_buff *xdp) +{ + if (!xdp_md) + return 0; + + if (xdp_md->egress_ifindex != 0) + return -EINVAL; + + if (xdp_md->ingress_ifindex != 0 || xdp_md->rx_queue_index != 0) + return -EINVAL; + + xdp->data = xdp->data_meta + xdp_md->data; + + return 0; +} + int bpf_prog_test_run_xdp(struct bpf_prog *prog, const union bpf_attr *kattr, union bpf_attr __user *uattr) { @@ -697,35 +714,74 @@ int bpf_prog_test_run_xdp(struct bpf_prog *prog, const union bpf_attr *kattr, struct netdev_rx_queue *rxqueue; struct xdp_buff xdp = {}; u32 retval, duration; + struct xdp_md *ctx; u32 max_data_sz; void *data; int ret; - if (kattr->test.ctx_in || kattr->test.ctx_out) - return -EINVAL; + ctx = bpf_ctx_init(kattr, sizeof(struct xdp_md)); + if (IS_ERR(ctx)) + return PTR_ERR(ctx); + + if (ctx) { + /* There can't be user provided data before the meta data */ + if (ctx->data_meta) + return -EINVAL; + if (ctx->data_end != size) + return -EINVAL; + if (ctx->data > ctx->data_end) + return -EINVAL; + if (unlikely(xdp_metalen_valid(ctx->data))) + return -EINVAL; + /* Meta data is allocated from the headroom */ + headroom -= ctx->data; + } /* XDP have extra tailroom as (most) drivers use full page */ max_data_sz = 4096 - headroom - tailroom; data = bpf_test_init(kattr, max_data_sz, headroom, tailroom); - if (IS_ERR(data)) + if (IS_ERR(data)) { + kfree(ctx); return PTR_ERR(data); + } rxqueue = __netif_get_rx_queue(current->nsproxy->net_ns->loopback_dev, 0); xdp_init_buff(&xdp, headroom + max_data_sz + tailroom, &rxqueue->xdp_rxq); xdp_prepare_buff(&xdp, data, headroom, size, true); + ret = xdp_convert_md_to_buff(ctx, &xdp); + if (ret) { + kfree(data); + kfree(ctx); + return ret; + } + bpf_prog_change_xdp(NULL, prog); ret = bpf_test_run(prog, &xdp, repeat, &retval, &duration, true); if (ret) goto out; - if (xdp.data != data + headroom || xdp.data_end != xdp.data + size) - size = xdp.data_end - xdp.data; - ret = bpf_test_finish(kattr, uattr, xdp.data, size, retval, duration); + + if (xdp.data_meta != data + headroom || + xdp.data_end != xdp.data_meta + size) + size = xdp.data_end - xdp.data_meta; + + if (ctx) { + ctx->data = xdp.data - xdp.data_meta; + ctx->data_end = xdp.data_end - xdp.data_meta; + } + + ret = bpf_test_finish(kattr, uattr, xdp.data_meta, size, retval, + duration); + if (!ret) + ret = bpf_ctx_finish(kattr, uattr, ctx, + sizeof(struct xdp_md)); + out: bpf_prog_change_xdp(prog, NULL); kfree(data); + kfree(ctx); return ret; } From patchwork Wed Jun 16 22:47:11 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12326099 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8E58C48BE5 for ; Wed, 16 Jun 2021 22:47:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C3669613E2 for ; Wed, 16 Jun 2021 22:47:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234171AbhFPWuF (ORCPT ); Wed, 16 Jun 2021 18:50:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51794 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233244AbhFPWuF (ORCPT ); Wed, 16 Jun 2021 18:50:05 -0400 Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B6217C061574 for ; Wed, 16 Jun 2021 15:47:58 -0700 (PDT) Received: by mail-pf1-x42c.google.com with SMTP id a127so3373312pfa.10 for ; Wed, 16 Jun 2021 15:47:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Vm1rgkGYVhn5FNENBNBrdvQi/uPkb+1AYTaDLPKVBsQ=; b=lP8XCu2U6xN4XTNDasxK7u0oYbQeTomU7lXQLxrqSOHq3tctcs6eSVbiUaCSApBI8E psE0sol+HsxyWmGaJZh07P3PQjOWIRdgu4/vYLz5tYHVxnaOkMuINW+Ir8Rm74LjahQB CJnY42UqlTSyz8Ipg0iwwzGaLKX7gMETtPZ84= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Vm1rgkGYVhn5FNENBNBrdvQi/uPkb+1AYTaDLPKVBsQ=; b=BgeMdTm7PQJLDLYB2bHQKHv82FQltkEiPaXZeHhW5mR1lKz+KJn1ED4t2yK0QHfEAk +dq7y9DpIf0A25ZF0QuTTPggJlss6IdtthncqTzEvdHmGbkSoUwKqe8AviAPIVFDcZec Zz8+HdONYuxSpLrgyuDNnSbGihUOXCERz0V1VzsmI04M1BfMLU0yxmTOpjkDuWEahU4i /x5tdy4hre4zhCzOuB6C9smQWKiQFq0sol47/wjWY5nog+MmOEBzds9bOw5D1I/kU2On psWwytl14C2KGnJQcTLxjmsCYh9T3caQwOi/N7iG28kd4z0LpF8exI/thzXwtNUrk+qu 32Sw== X-Gm-Message-State: AOAM533zKM6deVMoHz0Z1PYn+u5rkNM1jwI6QY/a9vXTtgXV0CL8znJY 2BbpH481jy218bvdedWirMIM3kqe/GcC6g== X-Google-Smtp-Source: ABdhPJxXAt1YfkUrHZNwC4hf9yPppQfrLhNAPuRvaV20MKbBI7bZz9jiLQ6bO/XflVPzNtaGTQT4DQ== X-Received: by 2002:a65:6a12:: with SMTP id m18mr1890730pgu.229.1623883677999; Wed, 16 Jun 2021 15:47:57 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id p6sm6278672pjk.34.2021.06.16.15.47.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Jun 2021 15:47:57 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v5 3/4] bpf: support specifying ingress via xdp_md context in BPF_PROG_TEST_RUN Date: Wed, 16 Jun 2021 22:47:11 +0000 Message-Id: <20210616224712.3243-4-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210616224712.3243-1-zeffron@riotgames.com> References: <20210616224712.3243-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Support specifying the ingress_ifindex and rx_queue_index of xdp_md contexts for BPF_PROG_TEST_RUN. The intended use case is to allow testing XDP programs that make decisions based on the ingress interface or RX queue. If ingress_ifindex is specified, look up the device by the provided index in the current namespace and use its xdp_rxq for the xdp_buff. If the rx_queue_index is out of range, or is non-zero when the ingress_ifindex is 0, return EINVAL. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron --- net/bpf/test_run.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c index f3054f25409c..0183fefd165c 100644 --- a/net/bpf/test_run.c +++ b/net/bpf/test_run.c @@ -690,15 +690,36 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr, static int xdp_convert_md_to_buff(struct xdp_md *xdp_md, struct xdp_buff *xdp) { + unsigned int ingress_ifindex; + unsigned int rx_queue_index; + struct netdev_rx_queue *rxqueue; + struct net_device *device; + if (!xdp_md) return 0; if (xdp_md->egress_ifindex != 0) return -EINVAL; - if (xdp_md->ingress_ifindex != 0 || xdp_md->rx_queue_index != 0) + ingress_ifindex = xdp_md->ingress_ifindex; + rx_queue_index = xdp_md->rx_queue_index; + + if (!ingress_ifindex && rx_queue_index) return -EINVAL; + if (ingress_ifindex) { + device = dev_get_by_index(current->nsproxy->net_ns, + ingress_ifindex); + if (!device) + return -EINVAL; + + if (rx_queue_index >= device->real_num_rx_queues) + return -EINVAL; + + rxqueue = __netif_get_rx_queue(device, rx_queue_index); + xdp->rxq = &rxqueue->xdp_rxq; + } + xdp->data = xdp->data_meta + xdp_md->data; return 0; From patchwork Wed Jun 16 22:47:12 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12326101 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26563C48BE6 for ; Wed, 16 Jun 2021 22:48:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F3A2B613E7 for ; Wed, 16 Jun 2021 22:48:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234172AbhFPWuK (ORCPT ); Wed, 16 Jun 2021 18:50:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51810 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233244AbhFPWuK (ORCPT ); Wed, 16 Jun 2021 18:50:10 -0400 Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A06FFC061574 for ; Wed, 16 Jun 2021 15:48:02 -0700 (PDT) Received: by mail-pj1-x102b.google.com with SMTP id p4-20020a17090a9304b029016f3020d867so601122pjo.3 for ; Wed, 16 Jun 2021 15:48:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=o5/qlnaXYtIYuxCnblUfWqnO2CDncm/sfccdmaG9BME=; b=LSNiq6KmosASZvJftz5QG91oZw+RxD5at4aFSbrb/6n69Lxv+vIghQunWHRi1VGlEr 0mKyYOwaLnbnE6nr1yIfS/LRnI8ripOhL1Z2ODlx/Vc7GzKGFufWZdFLqci/YfOv9cWu g6qqg99Kw1XC9wYCLnJGo+lHBBQWjzanaxfjw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=o5/qlnaXYtIYuxCnblUfWqnO2CDncm/sfccdmaG9BME=; b=ffaU9CTUwVl0yF36Uy9atd60Y2KPHl2jyNgfPjm8zP4gF3LvfcirwkxKsYpLmkNwbc U5KYzKnNr1A2YMnYxcxkWXss/XWXCouH8NvlMQgWCnSB4A+Zuz/m34ntVgYmlFos46Oh Eih+Egs3TjwRy5F0XE4X7VTc5Jbvdwaflx2MMRp5cCUz80aXdWZxGGe6tUqRkfp5uvT7 K5KPotrtNhN0npq3wpjLcbuKGFVTt+NgMdjYwGpdxrpz7fO63nWgm0CXHjYdjIMy8Ns4 aWmY5lDjbFK1mU3UMeh95QIjAX4FU5aCUCjnTGedUOAVn9Ohrorh/jHRUBbtFYFwP6ZX gZsw== X-Gm-Message-State: AOAM5326vdJmWgelnA2HROkmWyZnqU4irLDKUvNTuDBicq1S394WKgj2 P6XfOdq1LHhSbVQ6CaSxQ8NsiY5SUGH8hA== X-Google-Smtp-Source: ABdhPJwl9UuUjTi8OqJekbdWEjMDfPFCsYsXF3wLc/0MPD7GdioGGW7QUfEyr2HCK3YbcvECNaPS8w== X-Received: by 2002:a17:90a:fc88:: with SMTP id ci8mr13303231pjb.13.1623883681936; Wed, 16 Jun 2021 15:48:01 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id p6sm6278672pjk.34.2021.06.16.15.48.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Jun 2021 15:48:01 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v5 4/4] selftests/bpf: Add test for xdp_md context in BPF_PROG_TEST_RUN Date: Wed, 16 Jun 2021 22:47:12 +0000 Message-Id: <20210616224712.3243-5-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210616224712.3243-1-zeffron@riotgames.com> References: <20210616224712.3243-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Add a test for using xdp_md as a context to BPF_PROG_TEST_RUN for XDP programs. The test uses a BPF program that takes in a return value from XDP meta data, then reduces the size of the XDP meta data by 4 bytes. Test cases validate the possible failure cases for passing in invalid xdp_md contexts, that the return value is successfully passed in, and that the adjusted meta data is successfully copied out. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron Acked-by: Yonghong Song --- .../bpf/prog_tests/xdp_context_test_run.c | 105 ++++++++++++++++++ .../bpf/progs/test_xdp_context_test_run.c | 20 ++++ 2 files changed, 125 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c create mode 100644 tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c diff --git a/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c b/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c new file mode 100644 index 000000000000..4fdb991482cb --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c @@ -0,0 +1,105 @@ +// SPDX-License-Identifier: GPL-2.0 +#include +#include +#include "test_xdp_context_test_run.skel.h" + +void test_xdp_context_error(int prog_fd, struct bpf_test_run_opts opts, + __u32 data_meta, __u32 data, __u32 data_end, + __u32 ingress_ifindex, __u32 rx_queue_index, + __u32 egress_ifindex) +{ + struct xdp_md ctx = { + .data = data, + .data_end = data_end, + .data_meta = data_meta, + .ingress_ifindex = ingress_ifindex, + .rx_queue_index = rx_queue_index, + .egress_ifindex = egress_ifindex, + }; + int err; + + opts.ctx_in = &ctx; + opts.ctx_size_in = sizeof(ctx); + err = bpf_prog_test_run_opts(prog_fd, &opts); + ASSERT_EQ(errno, EINVAL, "errno-EINVAL"); + ASSERT_ERR(err, "bpf_prog_test_run"); +} + +void test_xdp_context_test_run(void) +{ + struct test_xdp_context_test_run *skel = NULL; + char data[sizeof(pkt_v4) + sizeof(__u32)]; + char bad_ctx[sizeof(struct xdp_md) + 1]; + struct xdp_md ctx_in, ctx_out; + DECLARE_LIBBPF_OPTS(bpf_test_run_opts, opts, + .data_in = &data, + .data_size_in = sizeof(data), + .ctx_out = &ctx_out, + .ctx_size_out = sizeof(ctx_out), + .repeat = 1, + ); + int err, prog_fd; + + skel = test_xdp_context_test_run__open_and_load(); + if (!ASSERT_OK_PTR(skel, "skel")) + return; + prog_fd = bpf_program__fd(skel->progs.xdp_context); + + /* Data past the end of the kernel's struct xdp_md must be 0 */ + bad_ctx[sizeof(bad_ctx) - 1] = 1; + opts.ctx_in = bad_ctx; + opts.ctx_size_in = sizeof(bad_ctx); + err = bpf_prog_test_run_opts(prog_fd, &opts); + ASSERT_EQ(errno, E2BIG, "extradata-errno"); + ASSERT_ERR(err, "bpf_prog_test_run(extradata)"); + + *(__u32 *)data = XDP_PASS; + *(struct ipv4_packet *)(data + sizeof(__u32)) = pkt_v4; + opts.ctx_in = &ctx_in; + opts.ctx_size_in = sizeof(ctx_in); + memset(&ctx_in, 0, sizeof(ctx_in)); + ctx_in.data_meta = 0; + ctx_in.data = sizeof(__u32); + ctx_in.data_end = ctx_in.data + sizeof(pkt_v4); + err = bpf_prog_test_run_opts(prog_fd, &opts); + ASSERT_OK(err, "bpf_prog_test_run(valid)"); + ASSERT_EQ(opts.retval, XDP_PASS, "valid-retval"); + ASSERT_EQ(opts.data_size_out, sizeof(pkt_v4), "valid-datasize"); + ASSERT_EQ(opts.ctx_size_out, opts.ctx_size_in, "valid-ctxsize"); + ASSERT_EQ(ctx_out.data_meta, 0, "valid-datameta"); + ASSERT_EQ(ctx_out.data, 0, "valid-data"); + ASSERT_EQ(ctx_out.data_end, sizeof(pkt_v4), "valid-dataend"); + + /* Meta data's size must be a multiple of 4 */ + test_xdp_context_error(prog_fd, opts, 0, 1, sizeof(data), 0, 0, 0); + + /* data_meta must reference the start of data */ + test_xdp_context_error(prog_fd, opts, 4, sizeof(__u32), sizeof(data), + 0, 0, 0); + + /* Meta data must be 32 bytes or smaller */ + test_xdp_context_error(prog_fd, opts, 0, 36, sizeof(data), 0, 0, 0); + + /* Total size of data must match data_end - data_meta */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), + sizeof(data) - 1, 0, 0, 0); + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), + sizeof(data) + 1, 0, 0, 0); + + /* RX queue cannot be specified without specifying an ingress */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), sizeof(data), + 0, 1, 0); + + /* Interface 1 is always the loopback interface which always has only + * one RX queue (index 0). This makes index 1 an invalid index for + * interface 1. + */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), sizeof(data), + 1, 1, 0); + + /* The egress cannot be specified */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), sizeof(data), + 0, 0, 1); + + test_xdp_context_test_run__destroy(skel); +} diff --git a/tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c b/tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c new file mode 100644 index 000000000000..d7b88cd05afd --- /dev/null +++ b/tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: GPL-2.0 +#include +#include + +SEC("xdp") +int xdp_context(struct xdp_md *xdp) +{ + void *data = (void *)(long)xdp->data; + __u32 *metadata = (void *)(long)xdp->data_meta; + __u32 ret; + + if (metadata + 1 > data) + return XDP_ABORTED; + ret = *metadata; + if (bpf_xdp_adjust_meta(xdp, 4)) + return XDP_ABORTED; + return ret; +} + +char _license[] SEC("license") = "GPL";