From patchwork Thu Jun 17 23:29:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12329735 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2614DC49EA2 for ; Thu, 17 Jun 2021 23:29:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F10E06117A for ; Thu, 17 Jun 2021 23:29:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232148AbhFQXbc (ORCPT ); Thu, 17 Jun 2021 19:31:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43200 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232424AbhFQXba (ORCPT ); Thu, 17 Jun 2021 19:31:30 -0400 Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7B756C06175F for ; Thu, 17 Jun 2021 16:29:20 -0700 (PDT) Received: by mail-pg1-x52a.google.com with SMTP id e20so6272628pgg.0 for ; Thu, 17 Jun 2021 16:29:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Xjpoa61ZTxipIDKq4XajXOdTT5GeGdioeudpYkrdJnY=; b=Bof9ApXBy9tbESBu0GRdsqA9hKi3bRaOSDSdSljzDJr33Ya3Zcl0MSNF2hJEJlMBhm QTSqa6LWOdTV4pPQfm3YJeWvrvL7G9tVHfesEE7TDzwOmLwaOt6cAkq4Rzw7PvqJ5Cqv xYQHgudK2wry2C8HuE4jJqEZFVW4U0aXYDLSM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Xjpoa61ZTxipIDKq4XajXOdTT5GeGdioeudpYkrdJnY=; b=JcpxYg8G4OeVVKaUcdg7IR6k3wkvXwKYkIwQrKOXfpRp/miNunsthK0rT7b9E4laU2 F2J0NOqRHC08t1kTNeduIkK4ELNnguSB3zGLr3iXzjUnICPEWXz3/ClEgSYj34zeJwaL e4STZKPVllxRm0F+SAEgGmgT7Wkhjxs+Xubp1KY5rT701WdEGQThWhT6H9GmgGbY4zgl I0VYNOzwbRikweSJX2uHTyTX/FcqmQpYIIyZwCUN/Mo6WtEPaMWwELJPCCRWPVf/9MjL DPVdf8omERGIuz0GT7rih8/ty+h1qtD+Fquzs7msb958g9Rl3TKncqyssr0xY1TmzBiy kJ0Q== X-Gm-Message-State: AOAM533ic5ym2TrZaOGUup+DNtCfRp1mhcOwQCLCB435pzyPouxusx/M IfvrIeHY7Qie+w3VLv6sD9tEG6kJD40VsQ== X-Google-Smtp-Source: ABdhPJwceMLr0fbPxEZYuvZmziSd6wcLMwaZGbNO4+x/lCBxE0HWZjTBNt7OVNS3VpmP6Xd3KhWSbw== X-Received: by 2002:a63:f4b:: with SMTP id 11mr7189407pgp.250.1623972559595; Thu, 17 Jun 2021 16:29:19 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id a21sm6217241pfg.188.2021.06.17.16.29.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Jun 2021 16:29:19 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v6 1/4] bpf: add function for XDP meta data length check Date: Thu, 17 Jun 2021 23:29:01 +0000 Message-Id: <20210617232904.1899-2-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210617232904.1899-1-zeffron@riotgames.com> References: <20210617232904.1899-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net This commit prepares to use the XDP meta data length check in multiple places by making it into a static inline function instead of a literal. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron Acked-by: Yonghong Song --- include/net/xdp.h | 5 +++++ net/core/filter.c | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/include/net/xdp.h b/include/net/xdp.h index 5533f0ab2afc..ad5b02dcb6f4 100644 --- a/include/net/xdp.h +++ b/include/net/xdp.h @@ -276,6 +276,11 @@ xdp_data_meta_unsupported(const struct xdp_buff *xdp) return unlikely(xdp->data_meta > xdp->data); } +static inline bool xdp_metalen_invalid(unsigned long metalen) +{ + return (metalen & (sizeof(__u32) - 1)) || (metalen > 32); +} + struct xdp_attachment_info { struct bpf_prog *prog; u32 flags; diff --git a/net/core/filter.c b/net/core/filter.c index 0b13d8157a8f..118158d6e883 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -77,6 +77,7 @@ #include #include #include +#include static const struct bpf_func_proto * bpf_sk_base_func_proto(enum bpf_func_id func_id); @@ -3906,8 +3907,7 @@ BPF_CALL_2(bpf_xdp_adjust_meta, struct xdp_buff *, xdp, int, offset) if (unlikely(meta < xdp_frame_end || meta > xdp->data)) return -EINVAL; - if (unlikely((metalen & (sizeof(__u32) - 1)) || - (metalen > 32))) + if (unlikely(xdp_metalen_invalid(metalen))) return -EACCES; xdp->data_meta = meta; From patchwork Thu Jun 17 23:29:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12329733 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0DE07C48BE5 for ; Thu, 17 Jun 2021 23:29:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E502F6113E for ; Thu, 17 Jun 2021 23:29:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231983AbhFQXbb (ORCPT ); Thu, 17 Jun 2021 19:31:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43202 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232148AbhFQXba (ORCPT ); Thu, 17 Jun 2021 19:31:30 -0400 Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A5EB0C061760 for ; Thu, 17 Jun 2021 16:29:21 -0700 (PDT) Received: by mail-pg1-x529.google.com with SMTP id v7so6246892pgl.2 for ; Thu, 17 Jun 2021 16:29:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=W7Usuqd/qVCG+v+T1wtul7Op66b92HNR5x5cFUS3vEg=; b=i4ZySBMXHuJSFlGROT6JYLt/Ldcs//W0sXle1DrZEj++tO4pVS1Rzl6AsPYxR/z4Cp 2DcRB5xIK94LrxNzsw9ZmTDpaKJpBiGuG7v9Np6P1f2AQ9EsEmkYLmCSMXgOvxbGT4zX yg/ls2xhgPcWtvC9/JhXrFgnXndWfNBWwbqLU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=W7Usuqd/qVCG+v+T1wtul7Op66b92HNR5x5cFUS3vEg=; b=F4JTJZihoDUv/znvUvjVzcJIQIHgI9/FcgYhVi0UrPMIctTejvpGN81cV6cYotH4yb uSxtQm3byHFDiY8TB5lFundoeDRS2a6jRAPIFG8xZGtbc36GGTL3JBTVBJ5fhtqGnoyW CJQ1iXJuRiakKAOSEWcFbGIlhgr5MAVxs+lY5lWctvSHRVSmOYDMqTt6oaVJv710FVao ioxX18jtrpNzy3e778h0NhC2HAwJjCr1dyiK7gjbhCgd/obasxUQjmynB9I4PfczYyBT HFXsk2nwHNwMILfTUht0S8FyJRGJJJylOBKfzkFYa42OHCi2BIm/cXJx7MHtDwkGRTdZ ESDw== X-Gm-Message-State: AOAM533dUIXKoELn60999F394p4NqEC+Uq/BueuLfOvgGuDih53y/eRd UW/J7ywmBNo2psTLaTFrHrusCTCGz5uCvg== X-Google-Smtp-Source: ABdhPJyoK+Kuet+tH7oNgy3zhNfuLBHenwAA0qn79DvaAUdI3Wjm9Zcwfs2wgavqEDRM/uBqF+Lp2A== X-Received: by 2002:a63:1a4f:: with SMTP id a15mr7031189pgm.313.1623972560903; Thu, 17 Jun 2021 16:29:20 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id a21sm6217241pfg.188.2021.06.17.16.29.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Jun 2021 16:29:20 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v6 2/4] bpf: support input xdp_md context in BPF_PROG_TEST_RUN Date: Thu, 17 Jun 2021 23:29:02 +0000 Message-Id: <20210617232904.1899-3-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210617232904.1899-1-zeffron@riotgames.com> References: <20210617232904.1899-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Support passing a xdp_md via ctx_in/ctx_out in bpf_attr for BPF_PROG_TEST_RUN. The intended use case is to pass some XDP meta data to the test runs of XDP programs that are used as tail calls. For programs that use bpf_prog_test_run_xdp, support xdp_md input and output. Unlike with an actual xdp_md during a non-test run, data_meta must be 0 because it must point to the start of the provided user data. From the initial xdp_md, use data and data_end to adjust the pointers in the generated xdp_buff. All other non-zero fields are prohibited (with EINVAL). If the user has set ctx_out/ctx_size_out, copy the (potentially different) xdp_md back to the userspace. We require all fields of input xdp_md except the ones we explicitly support to be set to zero. The expectation is that in the future we might add support for more fields and we want to fail explicitly if the user runs the program on the kernel where we don't yet support them. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron Acked-by: Yonghong Song --- include/uapi/linux/bpf.h | 3 -- net/bpf/test_run.c | 67 +++++++++++++++++++++++++++++++++++----- 2 files changed, 59 insertions(+), 11 deletions(-) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index bf9252c7381e..b46a383e8db7 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -324,9 +324,6 @@ union bpf_iter_link_info { * **BPF_PROG_TYPE_SK_LOOKUP** * *data_in* and *data_out* must be NULL. * - * **BPF_PROG_TYPE_XDP** - * *ctx_in* and *ctx_out* must be NULL. - * * **BPF_PROG_TYPE_RAW_TRACEPOINT**, * **BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE** * diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c index aa47af349ba8..229c5deb813c 100644 --- a/net/bpf/test_run.c +++ b/net/bpf/test_run.c @@ -15,6 +15,7 @@ #include #include #include +#include #define CREATE_TRACE_POINTS #include @@ -687,6 +688,22 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr, return ret; } +static int xdp_convert_md_to_buff(struct xdp_md *xdp_md, struct xdp_buff *xdp) +{ + if (!xdp_md) + return 0; + + if (xdp_md->egress_ifindex != 0) + return -EINVAL; + + if (xdp_md->ingress_ifindex != 0 || xdp_md->rx_queue_index != 0) + return -EINVAL; + + xdp->data = xdp->data_meta + xdp_md->data; + + return 0; +} + int bpf_prog_test_run_xdp(struct bpf_prog *prog, const union bpf_attr *kattr, union bpf_attr __user *uattr) { @@ -697,35 +714,69 @@ int bpf_prog_test_run_xdp(struct bpf_prog *prog, const union bpf_attr *kattr, struct netdev_rx_queue *rxqueue; struct xdp_buff xdp = {}; u32 retval, duration; + struct xdp_md *ctx; u32 max_data_sz; void *data; - int ret; + int ret = -EINVAL; - if (kattr->test.ctx_in || kattr->test.ctx_out) - return -EINVAL; + ctx = bpf_ctx_init(kattr, sizeof(struct xdp_md)); + if (IS_ERR(ctx)) + return PTR_ERR(ctx); + + if (ctx) { + /* There can't be user provided data before the meta data */ + if (ctx->data_meta || ctx->data_end != size || + ctx->data > ctx->data_end || + unlikely(xdp_metalen_invalid(ctx->data))) + goto free_ctx; + /* Meta data is allocated from the headroom */ + headroom -= ctx->data; + } /* XDP have extra tailroom as (most) drivers use full page */ max_data_sz = 4096 - headroom - tailroom; data = bpf_test_init(kattr, max_data_sz, headroom, tailroom); - if (IS_ERR(data)) - return PTR_ERR(data); + if (IS_ERR(data)) { + ret = PTR_ERR(data); + goto free_ctx; + } rxqueue = __netif_get_rx_queue(current->nsproxy->net_ns->loopback_dev, 0); xdp_init_buff(&xdp, headroom + max_data_sz + tailroom, &rxqueue->xdp_rxq); xdp_prepare_buff(&xdp, data, headroom, size, true); + ret = xdp_convert_md_to_buff(ctx, &xdp); + if (ret) + goto free_data; + bpf_prog_change_xdp(NULL, prog); ret = bpf_test_run(prog, &xdp, repeat, &retval, &duration, true); if (ret) goto out; - if (xdp.data != data + headroom || xdp.data_end != xdp.data + size) - size = xdp.data_end - xdp.data; - ret = bpf_test_finish(kattr, uattr, xdp.data, size, retval, duration); + + if (xdp.data_meta != data + headroom || + xdp.data_end != xdp.data_meta + size) + size = xdp.data_end - xdp.data_meta; + + if (ctx) { + ctx->data = xdp.data - xdp.data_meta; + ctx->data_end = xdp.data_end - xdp.data_meta; + } + + ret = bpf_test_finish(kattr, uattr, xdp.data_meta, size, retval, + duration); + if (!ret) + ret = bpf_ctx_finish(kattr, uattr, ctx, + sizeof(struct xdp_md)); + out: bpf_prog_change_xdp(prog, NULL); +free_data: kfree(data); +free_ctx: + kfree(ctx); return ret; } From patchwork Thu Jun 17 23:29:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12329731 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 237D4C2B9F4 for ; Thu, 17 Jun 2021 23:29:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 08DCF61184 for ; Thu, 17 Jun 2021 23:29:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232951AbhFQXbd (ORCPT ); Thu, 17 Jun 2021 19:31:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43208 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231690AbhFQXbb (ORCPT ); Thu, 17 Jun 2021 19:31:31 -0400 Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com [IPv6:2607:f8b0:4864:20::1029]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFFECC061574 for ; Thu, 17 Jun 2021 16:29:22 -0700 (PDT) Received: by mail-pj1-x1029.google.com with SMTP id h16so4691788pjv.2 for ; Thu, 17 Jun 2021 16:29:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=7g3i1IqAr0/dMa5B6qI4JmB64MJpjUEjJxft3fhpn/k=; b=QfGdwmjJAc3faWLUF0uPu/kZP9gNnCXEwC+/pp2PFV0BWBHPhH262MOe2pgMz9GuzN gKb7mii8DvxuMoK4NFmyjHohhkg8xXH8yd7C8jNKGHnPiXgGRwEs+0yTIIuylXEB3bPh 1ccNnVMC4hXNaA2glmrvp/zm09Xuz7BWytQFw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7g3i1IqAr0/dMa5B6qI4JmB64MJpjUEjJxft3fhpn/k=; b=t8B/UhXlmPPr5h78Tc+W5+aMK4ysDZMRpRK0uFgTm2kh43QQYe/k5S8LKu+MmldQy4 g7XduXQZGMHyyF3xDdlEBlpYjDoW0QeTCrWAa5FSNUhM3oIZQb5NKtHinQyVBHeEZqQq ea1QwBn6UjVdq1F359YdQVFHAgn1S4DRnEeEzJZ9lCvG7OTG0ZmKSuhrtS6CEm8B2lJc 7OTx0mQ27D/n/dK1nJDugRQwTjxpVLmSrLjEJUMW42CzfNf5qttgURSGuAYlG1f6ORs0 PBTUvT63pc8cyM8tmBIAI3nJ8bx5GEKxHaEiGJ0hFlj6Yl9Abxlc5Cuj3VQAAloWuHA7 jdSw== X-Gm-Message-State: AOAM530Z8k6g7pqTi5hePjkZTfZ5+6+YCb1E3+qwZHtaDHSXTmm60tMc uiPWBKKYGJgAuXKd10mZkLJukBQfJdlAyQ== X-Google-Smtp-Source: ABdhPJzWsHT0MUBk0ooDYK54n1sp48IDhMX5GYZ1i5qFkorqJ948mhifY3wJ387DyZUnCNbCibpHiw== X-Received: by 2002:a17:902:e546:b029:114:6677:ec2d with SMTP id n6-20020a170902e546b02901146677ec2dmr1989199plf.72.1623972561919; Thu, 17 Jun 2021 16:29:21 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id a21sm6217241pfg.188.2021.06.17.16.29.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Jun 2021 16:29:21 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v6 3/4] bpf: support specifying ingress via xdp_md context in BPF_PROG_TEST_RUN Date: Thu, 17 Jun 2021 23:29:03 +0000 Message-Id: <20210617232904.1899-4-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210617232904.1899-1-zeffron@riotgames.com> References: <20210617232904.1899-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Support specifying the ingress_ifindex and rx_queue_index of xdp_md contexts for BPF_PROG_TEST_RUN. The intended use case is to allow testing XDP programs that make decisions based on the ingress interface or RX queue. If ingress_ifindex is specified, look up the device by the provided index in the current namespace and use its xdp_rxq for the xdp_buff. If the rx_queue_index is out of range, or is non-zero when the ingress_ifindex is 0, return -EINVAL. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron Acked-by: Yonghong Song --- net/bpf/test_run.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c index 229c5deb813c..1ba15c741517 100644 --- a/net/bpf/test_run.c +++ b/net/bpf/test_run.c @@ -690,15 +690,35 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr, static int xdp_convert_md_to_buff(struct xdp_md *xdp_md, struct xdp_buff *xdp) { + unsigned int ingress_ifindex, rx_queue_index; + struct netdev_rx_queue *rxqueue; + struct net_device *device; + if (!xdp_md) return 0; if (xdp_md->egress_ifindex != 0) return -EINVAL; - if (xdp_md->ingress_ifindex != 0 || xdp_md->rx_queue_index != 0) + ingress_ifindex = xdp_md->ingress_ifindex; + rx_queue_index = xdp_md->rx_queue_index; + + if (!ingress_ifindex && rx_queue_index) return -EINVAL; + if (ingress_ifindex) { + device = dev_get_by_index(current->nsproxy->net_ns, + ingress_ifindex); + if (!device) + return -EINVAL; + + if (rx_queue_index >= device->real_num_rx_queues) + return -EINVAL; + + rxqueue = __netif_get_rx_queue(device, rx_queue_index); + xdp->rxq = &rxqueue->xdp_rxq; + } + xdp->data = xdp->data_meta + xdp_md->data; return 0; From patchwork Thu Jun 17 23:29:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zvi Effron X-Patchwork-Id: 12329737 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46AD8C49361 for ; Thu, 17 Jun 2021 23:29:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2E48E6113E for ; Thu, 17 Jun 2021 23:29:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232993AbhFQXbe (ORCPT ); Thu, 17 Jun 2021 19:31:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43212 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232424AbhFQXbd (ORCPT ); Thu, 17 Jun 2021 19:31:33 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C6CC2C06175F for ; Thu, 17 Jun 2021 16:29:23 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id f10so1616064plg.0 for ; Thu, 17 Jun 2021 16:29:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=riotgames.com; s=riotgames; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=6kQNc+OgJA7JuR9DHF0EobAt8uT5PPO5DDD7n2mi7nQ=; b=nGz17Nm02oYGweYXSBXMIjNV2S/V7k1HJThLH1gq5nsHxrOAH45ZCsKWOzu7NYqFkr lN5nM93LNgmNUmmRhVZ2oS9A8Z4e50zZVG4ZUNJpAjcVg/5rGxxVmtjYB7FFW12HcDYx eSsqie47AGrsRja7eUpOT74Ermw8ReCOyHfts= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6kQNc+OgJA7JuR9DHF0EobAt8uT5PPO5DDD7n2mi7nQ=; b=qBV/5kXa9OKBwoGqG32CQBKNL0patPJ/4X3KNSW+jRPNJK6F1OzVeh+74haxiZ/GIN b6nd1AzJ444Cjfd323uMcaIO5wxDbDDS8FCilR2bJNqNTiYw4F57IZCsgdgnndgAFihv IXurP3gnMOH/3sGcOjsvT68CdlAHbcK/XXmkx2VAVP+XU2sAOwpLAbv4fXQxistXjh50 eamI1Ta9sS6207bRtVFcydNGyf8GxsiWgnPJfcS572fLVf1FebCRLzPzI5hDHLwepY+B FZILvIY5fMnPBxOD5+AHwm6JPrZiPB7PlcNLlQ8SQ5aKKtFhTxK5e20Os6A7/8nJtoDE hlkw== X-Gm-Message-State: AOAM530nTUwc2F7/jx9G08GP9Q8z2VktYbnYNzs20n6fKtfZeRqO4ipH wgYBMrpHSlVl/p3LEgi8YHNm5BuF9iGaaQ== X-Google-Smtp-Source: ABdhPJw9D0d3qTyK80pYrVwbn+bGKJl+RWwWa/Gd1NYPspeKSMWLgPbrRzK4t+JvDbDRTi6rvOEs7g== X-Received: by 2002:a17:902:ab88:b029:11d:20fa:8ca6 with SMTP id f8-20020a170902ab88b029011d20fa8ca6mr1984030plr.67.1623972562990; Thu, 17 Jun 2021 16:29:22 -0700 (PDT) Received: from ip-10-184-182-114.us-west-2.compute.internal (ec2-54-191-147-77.us-west-2.compute.amazonaws.com. [54.191.147.77]) by smtp.gmail.com with ESMTPSA id a21sm6217241pfg.188.2021.06.17.16.29.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Jun 2021 16:29:22 -0700 (PDT) From: Zvi Effron To: bpf@vger.kernel.org Cc: Alexei Starovoitov , "David S. Miller" , Daniel Borkmann , Jesper Dangaard Brouer , Andrii Nakryiko , Maciej Fijalkowski , Martin KaFai Lau , Yonghong Song , Zvi Effron , Cody Haas , Lisa Watanabe Subject: [PATCH bpf-next v6 4/4] selftests/bpf: Add test for xdp_md context in BPF_PROG_TEST_RUN Date: Thu, 17 Jun 2021 23:29:04 +0000 Message-Id: <20210617232904.1899-5-zeffron@riotgames.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210617232904.1899-1-zeffron@riotgames.com> References: <20210617232904.1899-1-zeffron@riotgames.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Add a test for using xdp_md as a context to BPF_PROG_TEST_RUN for XDP programs. The test uses a BPF program that takes in a return value from XDP meta data, then reduces the size of the XDP meta data by 4 bytes. Test cases validate the possible failure cases for passing in invalid xdp_md contexts, that the return value is successfully passed in, and that the adjusted meta data is successfully copied out. Co-developed-by: Cody Haas Signed-off-by: Cody Haas Co-developed-by: Lisa Watanabe Signed-off-by: Lisa Watanabe Signed-off-by: Zvi Effron Acked-by: Yonghong Song --- .../bpf/prog_tests/xdp_context_test_run.c | 105 ++++++++++++++++++ .../bpf/progs/test_xdp_context_test_run.c | 20 ++++ 2 files changed, 125 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c create mode 100644 tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c diff --git a/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c b/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c new file mode 100644 index 000000000000..4fdb991482cb --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c @@ -0,0 +1,105 @@ +// SPDX-License-Identifier: GPL-2.0 +#include +#include +#include "test_xdp_context_test_run.skel.h" + +void test_xdp_context_error(int prog_fd, struct bpf_test_run_opts opts, + __u32 data_meta, __u32 data, __u32 data_end, + __u32 ingress_ifindex, __u32 rx_queue_index, + __u32 egress_ifindex) +{ + struct xdp_md ctx = { + .data = data, + .data_end = data_end, + .data_meta = data_meta, + .ingress_ifindex = ingress_ifindex, + .rx_queue_index = rx_queue_index, + .egress_ifindex = egress_ifindex, + }; + int err; + + opts.ctx_in = &ctx; + opts.ctx_size_in = sizeof(ctx); + err = bpf_prog_test_run_opts(prog_fd, &opts); + ASSERT_EQ(errno, EINVAL, "errno-EINVAL"); + ASSERT_ERR(err, "bpf_prog_test_run"); +} + +void test_xdp_context_test_run(void) +{ + struct test_xdp_context_test_run *skel = NULL; + char data[sizeof(pkt_v4) + sizeof(__u32)]; + char bad_ctx[sizeof(struct xdp_md) + 1]; + struct xdp_md ctx_in, ctx_out; + DECLARE_LIBBPF_OPTS(bpf_test_run_opts, opts, + .data_in = &data, + .data_size_in = sizeof(data), + .ctx_out = &ctx_out, + .ctx_size_out = sizeof(ctx_out), + .repeat = 1, + ); + int err, prog_fd; + + skel = test_xdp_context_test_run__open_and_load(); + if (!ASSERT_OK_PTR(skel, "skel")) + return; + prog_fd = bpf_program__fd(skel->progs.xdp_context); + + /* Data past the end of the kernel's struct xdp_md must be 0 */ + bad_ctx[sizeof(bad_ctx) - 1] = 1; + opts.ctx_in = bad_ctx; + opts.ctx_size_in = sizeof(bad_ctx); + err = bpf_prog_test_run_opts(prog_fd, &opts); + ASSERT_EQ(errno, E2BIG, "extradata-errno"); + ASSERT_ERR(err, "bpf_prog_test_run(extradata)"); + + *(__u32 *)data = XDP_PASS; + *(struct ipv4_packet *)(data + sizeof(__u32)) = pkt_v4; + opts.ctx_in = &ctx_in; + opts.ctx_size_in = sizeof(ctx_in); + memset(&ctx_in, 0, sizeof(ctx_in)); + ctx_in.data_meta = 0; + ctx_in.data = sizeof(__u32); + ctx_in.data_end = ctx_in.data + sizeof(pkt_v4); + err = bpf_prog_test_run_opts(prog_fd, &opts); + ASSERT_OK(err, "bpf_prog_test_run(valid)"); + ASSERT_EQ(opts.retval, XDP_PASS, "valid-retval"); + ASSERT_EQ(opts.data_size_out, sizeof(pkt_v4), "valid-datasize"); + ASSERT_EQ(opts.ctx_size_out, opts.ctx_size_in, "valid-ctxsize"); + ASSERT_EQ(ctx_out.data_meta, 0, "valid-datameta"); + ASSERT_EQ(ctx_out.data, 0, "valid-data"); + ASSERT_EQ(ctx_out.data_end, sizeof(pkt_v4), "valid-dataend"); + + /* Meta data's size must be a multiple of 4 */ + test_xdp_context_error(prog_fd, opts, 0, 1, sizeof(data), 0, 0, 0); + + /* data_meta must reference the start of data */ + test_xdp_context_error(prog_fd, opts, 4, sizeof(__u32), sizeof(data), + 0, 0, 0); + + /* Meta data must be 32 bytes or smaller */ + test_xdp_context_error(prog_fd, opts, 0, 36, sizeof(data), 0, 0, 0); + + /* Total size of data must match data_end - data_meta */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), + sizeof(data) - 1, 0, 0, 0); + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), + sizeof(data) + 1, 0, 0, 0); + + /* RX queue cannot be specified without specifying an ingress */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), sizeof(data), + 0, 1, 0); + + /* Interface 1 is always the loopback interface which always has only + * one RX queue (index 0). This makes index 1 an invalid index for + * interface 1. + */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), sizeof(data), + 1, 1, 0); + + /* The egress cannot be specified */ + test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), sizeof(data), + 0, 0, 1); + + test_xdp_context_test_run__destroy(skel); +} diff --git a/tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c b/tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c new file mode 100644 index 000000000000..d7b88cd05afd --- /dev/null +++ b/tools/testing/selftests/bpf/progs/test_xdp_context_test_run.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: GPL-2.0 +#include +#include + +SEC("xdp") +int xdp_context(struct xdp_md *xdp) +{ + void *data = (void *)(long)xdp->data; + __u32 *metadata = (void *)(long)xdp->data_meta; + __u32 ret; + + if (metadata + 1 > data) + return XDP_ABORTED; + ret = *metadata; + if (bpf_xdp_adjust_meta(xdp, 4)) + return XDP_ABORTED; + return ret; +} + +char _license[] SEC("license") = "GPL";