From patchwork Wed Nov 1 21:57:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Xu X-Patchwork-Id: 13443087 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2F03C1BDE6; Wed, 1 Nov 2023 21:58:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dxuuu.xyz header.i=@dxuuu.xyz header.b="qP0+u1Gw"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="TeBHo38G" Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 091E7121; Wed, 1 Nov 2023 14:58:36 -0700 (PDT) Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id 4953732009EA; Wed, 1 Nov 2023 17:58:34 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Wed, 01 Nov 2023 17:58:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1698875913; x= 1698962313; bh=ANBKhwQmdDIDOHgpgq3kljDlQpc0eJVFRKcOW0tgGg8=; b=q P0+u1GwV2LZ/wnlWqYM1ULYjTAs0aKKFhcg/zx9xjyNFbsWew6+65IWTvnhxxkWU n14WjYsB13OxXJEOJpb+iOYfcF7d+bA9cYx7saVViohSOYUWujrZqPRntbdUELHn T/ozf/5kYySNcw+/ya/IlfdW/aPODV4WtqQezbqMzgm3m6gqM1ck5e9Dj+A/llGm 0uYGP5pxn39zYdhcHZuSUo1ZEMqq1umBoLSCR9dsNTPZjnKWXgaHPAsuZ1c3r00Z vkREsBHd8x9mvC/Ofo2S7V65KXp42ECjwd+bf4ZftIZYAuOF6HHBbm2jE5bklFhB hVSmoDb5jKeSOccKoXbbA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1698875913; x= 1698962313; bh=ANBKhwQmdDIDOHgpgq3kljDlQpc0eJVFRKcOW0tgGg8=; b=T eBHo38Gav81MAd5aVgFIKKgosxPLuS4Z9fiC4KE8ionboCVqoidmRKX3gTJcS8Ns 6WjiEM9+HL2RjqPQfa50aZBLlrRFObXBXDKTC6CzLb1wBbsKIjPC3w4/8w3J4WNL eM9IxaYMv1Lm3RiGE1rRuyy2iQxZzbDYDE7XbuOFajsluSgtavsWK4cCVHZ6GUNw ix1YiSZJ499JVzf7LBhrcik6lilVH7UCVNqsANJcOdJEt/X/kBvCDBKcVcjmx5ol bNAfB7IpyleUVpw4ME0N7w0uvBlX7FNQkQ1knnJ36qddU4WvTakU05QDoh0Ipwmf sWs2lSNmbCYnWQVG+nXNA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddtgedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enfghrlhcuvffnffculdefhedmnecujfgurhephffvvefufffkofgjfhgggfestdekredt redttdenucfhrhhomhepffgrnhhivghlucgiuhcuoegugihusegugihuuhhurdighiiiqe enucggtffrrghtthgvrhhnpefgfefggeejhfduieekvdeuteffleeifeeuvdfhheejleej jeekgfffgefhtddtteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpegugihusegugihuuhhurdighiii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 1 Nov 2023 17:58:30 -0400 (EDT) From: Daniel Xu To: kuba@kernel.org, hawk@kernel.org, edumazet@google.com, steffen.klassert@secunet.com, daniel@iogearbox.net, Herbert Xu , ast@kernel.org, john.fastabend@gmail.com, pabeni@redhat.com, davem@davemloft.net, antony.antony@secunet.com Cc: linux-kernel@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, devel@linux-ipsec.org Subject: [RFCv2 bpf-next 1/7] bpf: xfrm: Add bpf_xdp_get_xfrm_state() kfunc Date: Wed, 1 Nov 2023 14:57:45 -0700 Message-ID: <0a5dc090a098b911bdd19ed0e63c7e466f7054f6.1698875025.git.dxu@dxuuu.xyz> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC This commit adds an unstable kfunc helper to access internal xfrm_state associated with an SA. This is intended to be used for the upcoming IPsec pcpu work to assign special pcpu SAs to a particular CPU. In other words: for custom software RSS. That being said, the function that this kfunc wraps is fairly generic and used for a lot of xfrm tasks. I'm sure people will find uses elsewhere over time. Co-developed-by: Antony Antony Signed-off-by: Antony Antony Signed-off-by: Daniel Xu --- include/net/xfrm.h | 9 ++++ net/xfrm/Makefile | 1 + net/xfrm/xfrm_policy.c | 2 + net/xfrm/xfrm_state_bpf.c | 105 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 117 insertions(+) create mode 100644 net/xfrm/xfrm_state_bpf.c diff --git a/include/net/xfrm.h b/include/net/xfrm.h index c9bb0f892f55..1d107241b901 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -2190,4 +2190,13 @@ static inline int register_xfrm_interface_bpf(void) #endif +#if IS_ENABLED(CONFIG_DEBUG_INFO_BTF) +int register_xfrm_state_bpf(void); +#else +static inline int register_xfrm_state_bpf(void) +{ + return 0; +} +#endif + #endif /* _NET_XFRM_H */ diff --git a/net/xfrm/Makefile b/net/xfrm/Makefile index cd47f88921f5..547cec77ba03 100644 --- a/net/xfrm/Makefile +++ b/net/xfrm/Makefile @@ -21,3 +21,4 @@ obj-$(CONFIG_XFRM_USER_COMPAT) += xfrm_compat.o obj-$(CONFIG_XFRM_IPCOMP) += xfrm_ipcomp.o obj-$(CONFIG_XFRM_INTERFACE) += xfrm_interface.o obj-$(CONFIG_XFRM_ESPINTCP) += espintcp.o +obj-$(CONFIG_DEBUG_INFO_BTF) += xfrm_state_bpf.o diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index c13dc3ef7910..1b7e75159727 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -4218,6 +4218,8 @@ void __init xfrm_init(void) #ifdef CONFIG_XFRM_ESPINTCP espintcp_init(); #endif + + register_xfrm_state_bpf(); } #ifdef CONFIG_AUDITSYSCALL diff --git a/net/xfrm/xfrm_state_bpf.c b/net/xfrm/xfrm_state_bpf.c new file mode 100644 index 000000000000..4aaac134b97a --- /dev/null +++ b/net/xfrm/xfrm_state_bpf.c @@ -0,0 +1,105 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* Unstable XFRM state BPF helpers. + * + * Note that it is allowed to break compatibility for these functions since the + * interface they are exposed through to BPF programs is explicitly unstable. + */ + +#include +#include +#include +#include + +/* bpf_xfrm_state_opts - Options for XFRM state lookup helpers + * + * Members: + * @error - Out parameter, set for any errors encountered + * Values: + * -EINVAL - netns_id is less than -1 + * -EINVAL - Passed NULL for opts + * -EINVAL - opts__sz isn't BPF_XFRM_STATE_OPTS_SZ + * -ENONET - No network namespace found for netns_id + * @netns_id - Specify the network namespace for lookup + * Values: + * BPF_F_CURRENT_NETNS (-1) + * Use namespace associated with ctx + * [0, S32_MAX] + * Network Namespace ID + * @mark - XFRM mark to match on + * @daddr - Destination address to match on + * @spi - Security parameter index to match on + * @proto - L3 protocol to match on + * @family - L3 protocol family to match on + */ +struct bpf_xfrm_state_opts { + s32 error; + s32 netns_id; + u32 mark; + xfrm_address_t daddr; + __be32 spi; + u8 proto; + u16 family; +}; + +enum { + BPF_XFRM_STATE_OPTS_SZ = sizeof(struct bpf_xfrm_state_opts), +}; + +__diag_push(); +__diag_ignore_all("-Wmissing-prototypes", + "Global functions as their definitions will be in xfrm_state BTF"); + +/* bpf_xdp_get_xfrm_state - Get XFRM state + * + * Parameters: + * @ctx - Pointer to ctx (xdp_md) in XDP program + * Cannot be NULL + * @opts - Options for lookup (documented above) + * Cannot be NULL + * @opts__sz - Length of the bpf_xfrm_state_opts structure + * Must be BPF_XFRM_STATE_OPTS_SZ + */ +__bpf_kfunc struct xfrm_state * +bpf_xdp_get_xfrm_state(struct xdp_md *ctx, struct bpf_xfrm_state_opts *opts, u32 opts__sz) +{ + struct xdp_buff *xdp = (struct xdp_buff *)ctx; + struct net *net = dev_net(xdp->rxq->dev); + + if (!opts || opts__sz != BPF_XFRM_STATE_OPTS_SZ) { + opts->error = -EINVAL; + return NULL; + } + + if (unlikely(opts->netns_id < BPF_F_CURRENT_NETNS)) { + opts->error = -EINVAL; + return NULL; + } + + if (opts->netns_id >= 0) { + net = get_net_ns_by_id(net, opts->netns_id); + if (unlikely(!net)) { + opts->error = -ENONET; + return NULL; + } + } + + return xfrm_state_lookup(net, opts->mark, &opts->daddr, opts->spi, + opts->proto, opts->family); +} + +__diag_pop() + +BTF_SET8_START(xfrm_state_kfunc_set) +BTF_ID_FLAGS(func, bpf_xdp_get_xfrm_state, KF_RET_NULL | KF_ACQUIRE) +BTF_SET8_END(xfrm_state_kfunc_set) + +static const struct btf_kfunc_id_set xfrm_state_xdp_kfunc_set = { + .owner = THIS_MODULE, + .set = &xfrm_state_kfunc_set, +}; + +int __init register_xfrm_state_bpf(void) +{ + return register_btf_kfunc_id_set(BPF_PROG_TYPE_XDP, + &xfrm_state_xdp_kfunc_set); +} From patchwork Wed Nov 1 21:57:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Xu X-Patchwork-Id: 13443086 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9949D1BDEB; Wed, 1 Nov 2023 21:58:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dxuuu.xyz header.i=@dxuuu.xyz header.b="Bpxqexu3"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="p9MYrB4b" Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7993C122; Wed, 1 Nov 2023 14:58:40 -0700 (PDT) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id A075632009F1; Wed, 1 Nov 2023 17:58:38 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 01 Nov 2023 17:58:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1698875918; x= 1698962318; bh=BGnv0m4XviszG3KfpaWG6wdMA/qgxN6Pjaog3JfQZ6k=; b=B pxqexu3qJEC6HOvfCQgPzRi+zq5VoTjmwFJ7zfr93kUfZrVT3Sc0nl3t/BW7RfOg DNAYHbhKwUA0lCJ6/uwvnMffosnIHPguKjkSReLlKj0CvAWybx59SYBsVmYSnh79 gCFpdHwifcsTEDBYUFm1LUG8HT4ToRIH7KshYRRK9OWAK5oSGwi4LhKT1VznamrG KpidjXZ6h4xe17T4uvYDl4WaOs2SGY974PLhFqPXa20+k1Y9dMEQVPfxZIEO9Y08 j0GhAT0N1CkeDXuTuaikvQneyG3Z5NqlH9p8sfG1Ut+mgmTc7A/xFjr8uLXXUX6T ltcxBf/e3Y92Tlqigg8Eg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1698875918; x= 1698962318; bh=BGnv0m4XviszG3KfpaWG6wdMA/qgxN6Pjaog3JfQZ6k=; b=p 9MYrB4bRqz5zbpP8TPkvOqrQAH+hjXcWp0OQOfIhcuKY1U+Ez6DJx4SwS3orMEir OpMZJiB15qVz/k1Gxxnly2kF5mDiVAFpa2Jbe2JjBUyQrJrxdODcj4v3Jp8tCCY5 Q5SEh7DCUpcw3aA91Kvwmu229li7u7sLsla/NRASyCzDHoNAXJmpyr848/bOEKFt NqADwApeBi68oqA4BcH6km0IoXfKnNwpZlWTtSO7pMwvbpH3Crl51fzsLYk0/V// qOPlhddyX/NPfsRfHHZKSSaCz9F1Fbrp9dQQAwFoSuFxjk7a97LOnbQCUNKIBhk0 d8vABaQrUMjXJxxEmxVdg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddtgedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enfghrlhcuvffnffculdefhedmnecujfgurhephffvvefufffkofgjfhgggfestdekredt redttdenucfhrhhomhepffgrnhhivghlucgiuhcuoegugihusegugihuuhhurdighiiiqe enucggtffrrghtthgvrhhnpefgfefggeejhfduieekvdeuteffleeifeeuvdfhheejleej jeekgfffgefhtddtteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpegugihusegugihuuhhurdighiii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 1 Nov 2023 17:58:35 -0400 (EDT) From: Daniel Xu To: kuba@kernel.org, hawk@kernel.org, edumazet@google.com, steffen.klassert@secunet.com, daniel@iogearbox.net, Herbert Xu , ast@kernel.org, john.fastabend@gmail.com, pabeni@redhat.com, davem@davemloft.net, antony.antony@secunet.com Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, bpf@vger.kernel.org, devel@linux-ipsec.org Subject: [RFCv2 bpf-next 2/7] bpf: xfrm: Add bpf_xdp_xfrm_state_release() kfunc Date: Wed, 1 Nov 2023 14:57:46 -0700 Message-ID: <9f43e62bedf3aa0a230db607fee8bd650ab84649.1698875025.git.dxu@dxuuu.xyz> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC This kfunc releases a previously acquired xfrm_state from bpf_xdp_get_xfrm_state(). Co-developed-by: Antony Antony Signed-off-by: Antony Antony Signed-off-by: Daniel Xu --- net/xfrm/xfrm_state_bpf.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/net/xfrm/xfrm_state_bpf.c b/net/xfrm/xfrm_state_bpf.c index 4aaac134b97a..386167c86767 100644 --- a/net/xfrm/xfrm_state_bpf.c +++ b/net/xfrm/xfrm_state_bpf.c @@ -87,10 +87,26 @@ bpf_xdp_get_xfrm_state(struct xdp_md *ctx, struct bpf_xfrm_state_opts *opts, u32 opts->proto, opts->family); } +/* bpf_xdp_xfrm_state_release - Release acquired xfrm_state object + * + * This must be invoked for referenced PTR_TO_BTF_ID, and the verifier rejects + * the program if any references remain in the program in all of the explored + * states. + * + * Parameters: + * @x - Pointer to referenced xfrm_state object, obtained using + * bpf_xdp_get_xfrm_state. + */ +__bpf_kfunc void bpf_xdp_xfrm_state_release(struct xfrm_state *x) +{ + xfrm_state_put(x); +} + __diag_pop() BTF_SET8_START(xfrm_state_kfunc_set) BTF_ID_FLAGS(func, bpf_xdp_get_xfrm_state, KF_RET_NULL | KF_ACQUIRE) +BTF_ID_FLAGS(func, bpf_xdp_xfrm_state_release, KF_RELEASE) BTF_SET8_END(xfrm_state_kfunc_set) static const struct btf_kfunc_id_set xfrm_state_xdp_kfunc_set = { From patchwork Wed Nov 1 21:57:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Xu X-Patchwork-Id: 13443088 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5FB011C29B for ; Wed, 1 Nov 2023 21:58:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dxuuu.xyz header.i=@dxuuu.xyz header.b="iTweySaL"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="XTVXXA6w" Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DE78B110; Wed, 1 Nov 2023 14:58:45 -0700 (PDT) Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailout.west.internal (Postfix) with ESMTP id C47643200A00; Wed, 1 Nov 2023 17:58:43 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Wed, 01 Nov 2023 17:58:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1698875923; x= 1698962323; bh=gWSN/HD6jkDzCgr6AOl1OtKUYd5UCibpC8lpxwnriyM=; b=i TweySaLixGEkTOpoi6207D1OlbfZhRLRNcttugAZEq7yDPWrVlGN2GLChPRkeaPO eq5Xz8F861iun5+bY6blXPu+7vUTuQlVeKQs6cgyMZyzqsiXbc6kE88TcKPjqwma aXFAZCuc3h+HsxzGcjfcqqC7UlcKtdDMNlLnRXSV5rKRXNaKtAX89eL0/mdzL8z4 3JpxU85+T0jsfdUnS7Ihlcdpc0/e9/5VCS1tdfG/LPnwmzyJol3riygHbKty/Wjw MT/isjY1Qn7ikBG9mhYaXMxSc/DFwYI7tZ6/lhgb8TE5p1W+S6dUchy22aFWVp+G 1c4yjVgqzRmTrFAVbFUfQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1698875923; x= 1698962323; bh=gWSN/HD6jkDzCgr6AOl1OtKUYd5UCibpC8lpxwnriyM=; b=X TVXXA6wV3K0lVqQys+T2pC7AtVSNXXW4Q6EYZrDNlj48r0BzXcEwDjRvjwHwmMnB v3PEO5Yqe2I+2Om8M5rcMP5lMyysgYbahDPS7peR5a5lhm7Vp5dhJBwlaRPNaV69 7+a3s7DxtTuHB+IEw2daNQSLxSFB0Z/k0fhpZu7jHEWOyO+eYoWFfwTVF6XX9aux E8nKmvZOHjuyj/pc7eox9Y7IVpilFO2oXiAFVO2ReU1INIFtnb7k3UMUc2LXD9Vn 8NgPTg/qp2sNQSe0ejiDQhpMlEKvGRdvmoe8r4CEc881L62pk4sIV7UH1tFSoCIi 9iep0L7nJjtGQ5Cz0DjLw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddtgedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdefhedmnecujfgurhephf fvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgrnhhivghlucgiuhcu oegugihusegugihuuhhurdighiiiqeenucggtffrrghtthgvrhhnpeevtdekjeffkefgfe fhvefffeetgfeuueeutdetjeduudehheeiffdvgefhhfevhfenucffohhmrghinhepghhi thhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepugiguhesugiguhhuuhdrgiihii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 1 Nov 2023 17:58:40 -0400 (EDT) From: Daniel Xu To: daniel@iogearbox.net, shuah@kernel.org, ast@kernel.org, andrii@kernel.org, steffen.klassert@secunet.com, antony.antony@secunet.com Cc: mykolal@fb.com, martin.lau@linux.dev, song@kernel.org, yonghong.song@linux.dev, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, devel@linux-ipsec.org Subject: [RFCv2 bpf-next 3/7] bpf: selftests: test_tunnel: Use ping -6 over ping6 Date: Wed, 1 Nov 2023 14:57:47 -0700 Message-ID: <50d62fb4fd7838d158ccd59460f0b021b34cecd0.1698875025.git.dxu@dxuuu.xyz> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC The ping6 binary went away over 7 years ago [0]. [0]: https://github.com/iputils/iputils/commit/ebad35fee3de851b809c7b72ccc654a72b6af61d Co-developed-by: Antony Antony Signed-off-by: Antony Antony Signed-off-by: Daniel Xu --- tools/testing/selftests/bpf/test_tunnel.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/bpf/test_tunnel.sh b/tools/testing/selftests/bpf/test_tunnel.sh index 2dec7dbf29a2..85ba39992461 100755 --- a/tools/testing/selftests/bpf/test_tunnel.sh +++ b/tools/testing/selftests/bpf/test_tunnel.sh @@ -295,13 +295,13 @@ test_ip6gre() add_ip6gretap_tunnel attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel # underlay - ping6 $PING_ARG ::11 + ping -6 $PING_ARG ::11 # overlay: ipv4 over ipv6 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 ping $PING_ARG 10.1.1.100 check_err $? # overlay: ipv6 over ipv6 - ip netns exec at_ns0 ping6 $PING_ARG fc80::200 + ip netns exec at_ns0 ping -6 $PING_ARG fc80::200 check_err $? cleanup @@ -324,13 +324,13 @@ test_ip6gretap() add_ip6gretap_tunnel attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel # underlay - ping6 $PING_ARG ::11 + ping -6 $PING_ARG ::11 # overlay: ipv4 over ipv6 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 ping $PING_ARG 10.1.1.100 check_err $? # overlay: ipv6 over ipv6 - ip netns exec at_ns0 ping6 $PING_ARG fc80::200 + ip netns exec at_ns0 ping -6 $PING_ARG fc80::200 check_err $? cleanup @@ -376,7 +376,7 @@ test_ip6erspan() config_device add_ip6erspan_tunnel $1 attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel - ping6 $PING_ARG ::11 + ping -6 $PING_ARG ::11 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 check_err $? cleanup @@ -474,7 +474,7 @@ test_ipip6() ip link set dev veth1 mtu 1500 attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel # underlay - ping6 $PING_ARG ::11 + ping -6 $PING_ARG ::11 # ip4 over ip6 ping $PING_ARG 10.1.1.100 check_err $? @@ -502,11 +502,11 @@ test_ip6ip6() ip link set dev veth1 mtu 1500 attach_bpf $DEV ip6ip6_set_tunnel ip6ip6_get_tunnel # underlay - ping6 $PING_ARG ::11 + ping -6 $PING_ARG ::11 # ip6 over ip6 - ping6 $PING_ARG 1::11 + ping -6 $PING_ARG 1::11 check_err $? - ip netns exec at_ns0 ping6 $PING_ARG 1::22 + ip netns exec at_ns0 ping -6 $PING_ARG 1::22 check_err $? cleanup From patchwork Wed Nov 1 21:57:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Xu X-Patchwork-Id: 13443089 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 691051BDDB for ; Wed, 1 Nov 2023 21:58:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dxuuu.xyz header.i=@dxuuu.xyz header.b="tHW7gfux"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="bQlYJBO5" Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BC72C123; Wed, 1 Nov 2023 14:58:50 -0700 (PDT) Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id A09A332009F2; Wed, 1 Nov 2023 17:58:48 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Wed, 01 Nov 2023 17:58:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1698875928; x= 1698962328; bh=eqg8kBzUlhFAqzjLUQUYk852zJUL1hnwyHqIYJEQJ4I=; b=t HW7gfuxZt2IpsigFNSAGtFkaGWlkD254uWlaLOiW9/LOiVGNzNiW+cW6Rqm52OwX dq8xsC8bg20X7xsd9O03oaw7JmiIwJo9+b2DQypjhW9imeI1q+A0/jaSd6+8o2Hl x+0DbvAUDSMySwNc3qxFG1xRldECa3OQmZJoAVYq1XW3DE8glYgsJJ/kidLaexGj +k6DYT2p2FQGSN4YoDzqM5W52iNKRVpMxYpx1igNjEBX/61+5TIi96E/vIUhzrxS BdsrgX2ohDcdXa6jVlZBheHzvHByMmt8RPsco8gSpiXVOzpJc0UzaxzxxB8mPE9+ JOV5+Iw++UVRqbD2htMDg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1698875928; x= 1698962328; bh=eqg8kBzUlhFAqzjLUQUYk852zJUL1hnwyHqIYJEQJ4I=; b=b QlYJBO5IjDycz76FiSSPN46yeluUZXirjwykHwIei3GYGDCpQHD1tr3DMutw6Zpi eTPBPasqlntUVzSuRapk6Dbb1oMiLMV7mSwjgzgB8tbm0GWDhr/V8ZhmRb7mjKKC fDxDnwSB8XI1B3jgRL82diEEP1Pd3iimjCHQjAyIeRGepEinE15tnLykKTUX8Inl ExdGu6twDEdBn38DqUWU72zzx0bqswN4iN0faSmwbKhQKD9Zk06QxgpYtmdfBlEB 1kIoxNeevT42a3bm2PRGxWy7YVV1YssaHoavl2FckOEM9turNE5+CYcAzFu6bhZH ROMjTtlElJpf1esv/3ejQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddtgedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdefhedmnecujfgurhephf fvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgrnhhivghlucgiuhcu oegugihusegugihuuhhurdighiiiqeenucggtffrrghtthgvrhhnpefgfefggeejhfduie ekvdeuteffleeifeeuvdfhheejleejjeekgfffgefhtddtteenucevlhhushhtvghrufhi iigvpedunecurfgrrhgrmhepmhgrihhlfhhrohhmpegugihusegugihuuhhurdighiii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 1 Nov 2023 17:58:45 -0400 (EDT) From: Daniel Xu To: daniel@iogearbox.net, shuah@kernel.org, ast@kernel.org, andrii@kernel.org, steffen.klassert@secunet.com, antony.antony@secunet.com Cc: mykolal@fb.com, martin.lau@linux.dev, song@kernel.org, yonghong.song@linux.dev, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, devel@linux-ipsec.org Subject: [RFCv2 bpf-next 4/7] bpf: selftests: test_tunnel: Mount bpffs if necessary Date: Wed, 1 Nov 2023 14:57:48 -0700 Message-ID: X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC Previously, if bpffs was not already mounted, then the test suite would fail during object file pinning steps. Fix by mounting bpffs if necessary. Co-developed-by: Antony Antony Signed-off-by: Antony Antony Signed-off-by: Daniel Xu --- tools/testing/selftests/bpf/test_tunnel.sh | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/bpf/test_tunnel.sh b/tools/testing/selftests/bpf/test_tunnel.sh index 85ba39992461..dd3c79129e87 100755 --- a/tools/testing/selftests/bpf/test_tunnel.sh +++ b/tools/testing/selftests/bpf/test_tunnel.sh @@ -46,7 +46,8 @@ # 6) Forward the packet to the overlay tnl dev BPF_FILE="test_tunnel_kern.bpf.o" -BPF_PIN_TUNNEL_DIR="/sys/fs/bpf/tc/tunnel" +BPF_FS="/sys/fs/bpf" +BPF_PIN_TUNNEL_DIR="${BPF_FS}/tc/tunnel" PING_ARG="-c 3 -w 10 -q" ret=0 GREEN='\033[0;92m' @@ -668,10 +669,20 @@ check_err() fi } +mount_bpffs() +{ + if ! mount | grep "bpf on /sys/fs/bpf" &>/dev/null; then + mount -t bpf bpf "$BPF_FS" + fi +} + bpf_tunnel_test() { local errors=0 + echo "Mounting bpffs..." + mount_bpffs + echo "Testing GRE tunnel..." test_gre errors=$(( $errors + $? )) From patchwork Wed Nov 1 21:57:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Xu X-Patchwork-Id: 13443090 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B6E51B295 for ; Wed, 1 Nov 2023 21:59:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dxuuu.xyz header.i=@dxuuu.xyz header.b="F599aGqx"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="FXgVsGpL" Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5861A12D; Wed, 1 Nov 2023 14:58:56 -0700 (PDT) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id 2F7323200A03; Wed, 1 Nov 2023 17:58:54 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Wed, 01 Nov 2023 17:58:55 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1698875933; x= 1698962333; bh=4K3+7JUL823xP8yUd0IsPnXRHUkyr4JkEUzAeBc61hI=; b=F 599aGqxz5n1C3mdf4uxnJbPlrYY5aAqCyJRrQWKd5GWYHX2wNAQuYpr+7cirXkN2 7nk7NLS9vAwUdAlzq7sCRpabbP/bCxM+5QRygryOwAlie3s1J4haLpVpoB387XAG NuvKN5s2wffsWRrWVgdQmvbi4BirjeyeztR1Xtx43wFZFbeHdSocVYXyDHol2JeK K4UbldVqNyhN4H4mv2XOfOwKHttUlusOsFsCk6D8K6RfXatCMukQPPr9ri84AMwQ +DyPL/iYMNnnXt8V+h1P2IxU7WMyRsC2JMxIOXK2dttd8Q3iWtNIdjrPs0p1YouK LFZJOdvRQVXw5F4tLq/xw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1698875933; x= 1698962333; bh=4K3+7JUL823xP8yUd0IsPnXRHUkyr4JkEUzAeBc61hI=; b=F XgVsGpLPwRVgSFCZC+WPzUUlGsuI5m1+H0o8OaxdGj5rC9WlVi73Zmn13dIdZ0Le 95nYDfN9Ekmgfm0lmup5+8kO22fTP8LYkM7wMlG7+31nCOvUlfKG69BNkaHvx0A3 YPZPJegFnq/SQfknQXNAabLn8eR3pTQ9kjtp2ro1t5Ra+hqaiw/30LnC6xf9Zka4 FcFeNUNWkAvl5S5mDgye4JtVu/YTnlXWC8Rb9K8pvBKrICvATvHe7mQRWR/lZhQ5 cSsS0fz6we8bOPDmAXO0NF2/SD06ICpDOfXE5hZiOHS3J2Y77DzQ/uXfpN2E2c1N CcoNJKsG+8ADQf6JhbSgA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddtgedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdefhedmnecujfgurhephf fvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgrnhhivghlucgiuhcu oegugihusegugihuuhhurdighiiiqeenucggtffrrghtthgvrhhnpefgfefggeejhfduie ekvdeuteffleeifeeuvdfhheejleejjeekgfffgefhtddtteenucevlhhushhtvghrufhi iigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegugihusegugihuuhhurdighiii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 1 Nov 2023 17:58:50 -0400 (EDT) From: Daniel Xu To: daniel@iogearbox.net, shuah@kernel.org, ast@kernel.org, andrii@kernel.org, steffen.klassert@secunet.com, antony.antony@secunet.com Cc: martin.lau@linux.dev, song@kernel.org, yonghong.song@linux.dev, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, mykolal@fb.com, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, devel@linux-ipsec.org Subject: [RFCv2 bpf-next 5/7] bpf: selftests: test_tunnel: Use vmlinux.h declarations Date: Wed, 1 Nov 2023 14:57:49 -0700 Message-ID: <6c85ae9dab941364fa593168c0811f3ee4682de8.1698875025.git.dxu@dxuuu.xyz> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC vmlinux.h declarations are more ergnomic, especially when working with kfuncs. The uapi headers are often incomplete for kfunc definitions. Co-developed-by: Antony Antony Signed-off-by: Antony Antony Signed-off-by: Daniel Xu --- .../selftests/bpf/progs/bpf_tracing_net.h | 1 + .../selftests/bpf/progs/test_tunnel_kern.c | 48 ++++--------------- 2 files changed, 9 insertions(+), 40 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h index 0b793a102791..1bdc680b0e0e 100644 --- a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h +++ b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h @@ -26,6 +26,7 @@ #define IPV6_AUTOFLOWLABEL 70 #define TC_ACT_UNSPEC (-1) +#define TC_ACT_OK 0 #define TC_ACT_SHOT 2 #define SOL_TCP 6 diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c index f66af753bbbb..3065a716544d 100644 --- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c +++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c @@ -6,62 +6,30 @@ * modify it under the terms of version 2 of the GNU General Public * License as published by the Free Software Foundation. */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include +#include "vmlinux.h" #include #include +#include "bpf_kfuncs.h" +#include "bpf_tracing_net.h" #define log_err(__ret) bpf_printk("ERROR line:%d ret:%d\n", __LINE__, __ret) -#define VXLAN_UDP_PORT 4789 +#define VXLAN_UDP_PORT 4789 +#define ETH_P_IP 0x0800 +#define PACKET_HOST 0 +#define TUNNEL_CSUM bpf_htons(0x01) +#define TUNNEL_KEY bpf_htons(0x04) /* Only IPv4 address assigned to veth1. * 172.16.1.200 */ #define ASSIGNED_ADDR_VETH1 0xac1001c8 -struct geneve_opt { - __be16 opt_class; - __u8 type; - __u8 length:5; - __u8 r3:1; - __u8 r2:1; - __u8 r1:1; - __u8 opt_data[8]; /* hard-coded to 8 byte */ -}; - struct vxlanhdr { __be32 vx_flags; __be32 vx_vni; } __attribute__((packed)); -struct vxlan_metadata { - __u32 gbp; -}; - -struct bpf_fou_encap { - __be16 sport; - __be16 dport; -}; - -enum bpf_fou_encap_type { - FOU_BPF_ENCAP_FOU, - FOU_BPF_ENCAP_GUE, -}; - int bpf_skb_set_fou_encap(struct __sk_buff *skb_ctx, struct bpf_fou_encap *encap, int type) __ksym; int bpf_skb_get_fou_encap(struct __sk_buff *skb_ctx, From patchwork Wed Nov 1 21:57:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Xu X-Patchwork-Id: 13443091 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 25A8515E83 for ; Wed, 1 Nov 2023 21:59:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dxuuu.xyz header.i=@dxuuu.xyz header.b="pDAgC1L3"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="vGFIV5Se" Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0B04F139; Wed, 1 Nov 2023 14:59:00 -0700 (PDT) Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailout.west.internal (Postfix) with ESMTP id C83773200A06; Wed, 1 Nov 2023 17:58:58 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Wed, 01 Nov 2023 17:59:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1698875938; x= 1698962338; bh=KK2MSw+ePMRXTZH/SbfDOSqSIdpqVExAhBHLCe+DNog=; b=p DAgC1L3836BlhtLQ49NyWQ+xJShuybBQ7p+n+FS21GYJhH3f+dI3f4MSSA7HNm4T yT8VGaYjiTSORJMRABLFi0/E+zuD8fyxVEyuA9nJIPBKFSxydSFKlB/VF4YSdT4m Vj+FyVPQuLKwCckqT3btm5KfgFCHzKuwhkJqy5sfrwVO2cUTsMqM6t2dfcoykB6r pph3/sdcM/nOUwVzZGIByIK2VWz0lQvCuttUakqpqcvjoQS6nO3VbHxmmWxCr9GW E/7FH4hThH8VwSPGeSmzv3ZcD0PiiZjo5KQkLrskCld1RzuHBYY8mXUc0L+z/LxY d6+KObZJlNapQi8G3eZMw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1698875938; x= 1698962338; bh=KK2MSw+ePMRXTZH/SbfDOSqSIdpqVExAhBHLCe+DNog=; b=v GFIV5SeOc3k6inxUYPJJ00tbyKmDypjYzC4TRLecv7gdUkUYx9WAXGRDy77gOVM+ 1xCJw6YREQD8O/qTxkhwns8Dn7FtBT707X6cR3+/lfRCJclWBGUMr4QklbfJvzwg AhIl2R77V1ECcGfqBGG+3q1HDwswd8Le9SFxbf8fe9GlaJuGFgQswwo5EPNoCMCu se4FKziEYkqKMpnme2jgpGS1Wky3SSUkU46X9blYpsxkTRYfOciBvaq5fG0xhPWd xTltTsC0e9ugXvvkNScZuwPAtRIMLcExAAimOAxElMrzFytL2sau69yeIEaA8t+L T5oACAP579HTRoLJ57Dzw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddtgedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdefhedmnecujfgurhephf fvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgrnhhivghlucgiuhcu oegugihusegugihuuhhurdighiiiqeenucggtffrrghtthgvrhhnpefgfefggeejhfduie ekvdeuteffleeifeeuvdfhheejleejjeekgfffgefhtddtteenucevlhhushhtvghrufhi iigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegugihusegugihuuhhurdighiii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 1 Nov 2023 17:58:56 -0400 (EDT) From: Daniel Xu To: daniel@iogearbox.net, shuah@kernel.org, ast@kernel.org, andrii@kernel.org, steffen.klassert@secunet.com, antony.antony@secunet.com Cc: mykolal@fb.com, martin.lau@linux.dev, song@kernel.org, yonghong.song@linux.dev, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, devel@linux-ipsec.org Subject: [RFCv2 bpf-next 6/7] bpf: selftests: test_tunnel: Disable CO-RE relocations Date: Wed, 1 Nov 2023 14:57:50 -0700 Message-ID: <8f31cf3c28b1e69d872e51614dce548a12a54b94.1698875025.git.dxu@dxuuu.xyz> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC Switching to vmlinux.h definitions seems to make the verifier very unhappy with bitfield accesses. The error is: ; md.u.md2.dir = direction; 33: (69) r1 = *(u16 *)(r2 +11) misaligned stack access off (0x0; 0x0)+-64+11 size 2 It looks like disabling CO-RE relocations seem to make the error go away. Co-developed-by: Antony Antony Signed-off-by: Antony Antony Signed-off-by: Daniel Xu --- tools/testing/selftests/bpf/progs/test_tunnel_kern.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c index 3065a716544d..ec7e04e012ae 100644 --- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c +++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c @@ -6,6 +6,7 @@ * modify it under the terms of version 2 of the GNU General Public * License as published by the Free Software Foundation. */ +#define BPF_NO_PRESERVE_ACCESS_INDEX #include "vmlinux.h" #include #include From patchwork Wed Nov 1 21:57:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Xu X-Patchwork-Id: 13443093 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E84FC1B274; Wed, 1 Nov 2023 22:05:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dxuuu.xyz header.i=@dxuuu.xyz header.b="rvTYON17"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="jqyJXlVW" X-Greylist: delayed 402 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Wed, 01 Nov 2023 15:05:48 PDT Received: from wnew3-smtp.messagingengine.com (wnew3-smtp.messagingengine.com [64.147.123.17]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B899B110; Wed, 1 Nov 2023 15:05:48 -0700 (PDT) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailnew.west.internal (Postfix) with ESMTP id 045D92B0024C; Wed, 1 Nov 2023 17:59:03 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 01 Nov 2023 17:59:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1698875943; x= 1698883143; bh=JDI0BTQjsxNjFfs3ZXUNBrkfEpISd91lLxe7rf7aIlc=; b=r vTYON17JSY0S452ml5IiBSCl0tjiF9U/2kCRCRNEBnmImPQ1fPablp9yJWGc1XjC XhuqLtfwa3EBMQgYpdpkSszRti0XUjz5u2TXHCqyvc7H9+wwGvOu9nbr3nUjFe+P P6Ck1bU+nKPPIB/OaRTrAq07aCjOnxVyOetjtYavVzGapluuW2a47KJnBD0bLJeI zknD0qg3KN5HDGjo1pLQWzVyArxyFxrc/VOupMK2FwkHdx91HxKUaEQ9he0TMy2l DFdCktW0xZGEiXhRH4F+G1kSVa1dyEZNXUNdgehOFSKbdc14WrXpkKKN+dX4ntLQ Lr7LPo7nfNicGOr9xfLuA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1698875943; x= 1698883143; bh=JDI0BTQjsxNjFfs3ZXUNBrkfEpISd91lLxe7rf7aIlc=; b=j qyJXlVWSQlkH5fL2R5I/hiblO0azHwx7SyII3c/xdkWqooNa5IwI4Ou1fRii+Jn9 IgUpRy7/w3PVmFG2NFdJ27LPh20xJskt+NH572lyp5X1484mlJf2rmFhlmwMNWDW FNNS+xZ4XDgy/1HLZiv2HX+VE1Bs1KuHhz4rVk8SWdYFdDz79dV0l6mnKrQ3Iuuh WKb+41wU5Dw8tBIsNjcH96MDC6lq/QyLdtj/yk5XZlSZmx7XY6D8othAviZW4TRS 0rQtjUvMsG3UBv/hZ9Q1tW9yeoo1kmbnP3aJsoISNPPaVnN5rxHW4bMAIY3k2z42 tIbsi+3dgSXYbOxMu5xkQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddtgedgudehgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdefhedmnecujfgurhephf fvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgrnhhivghlucgiuhcu oegugihusegugihuuhhurdighiiiqeenucggtffrrghtthgvrhhnpefgfefggeejhfduie ekvdeuteffleeifeeuvdfhheejleejjeekgfffgefhtddtteenucevlhhushhtvghrufhi iigvpedunecurfgrrhgrmhepmhgrihhlfhhrohhmpegugihusegugihuuhhurdighiii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 1 Nov 2023 17:59:00 -0400 (EDT) From: Daniel Xu To: shuah@kernel.org, kuba@kernel.org, hawk@kernel.org, daniel@iogearbox.net, ast@kernel.org, andrii@kernel.org, john.fastabend@gmail.com, davem@davemloft.net, steffen.klassert@secunet.com, antony.antony@secunet.com Cc: martin.lau@linux.dev, song@kernel.org, yonghong.song@linux.dev, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, mykolal@fb.com, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, devel@linux-ipsec.org Subject: [RFCv2 bpf-next 7/7] bpf: xfrm: Add selftest for bpf_xdp_get_xfrm_state() Date: Wed, 1 Nov 2023 14:57:51 -0700 Message-ID: <707a94d00b622e73c4b28bc059d4dabe7635b678.1698875025.git.dxu@dxuuu.xyz> X-Mailer: git-send-email 2.42.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC This commit extends test_tunnel selftest to test the new XDP xfrm state lookup kfunc. Co-developed-by: Antony Antony Signed-off-by: Antony Antony Signed-off-by: Daniel Xu --- .../selftests/bpf/progs/test_tunnel_kern.c | 49 +++++++++++++++++++ tools/testing/selftests/bpf/test_tunnel.sh | 12 +++-- 2 files changed, 57 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c index ec7e04e012ae..17bf9ce28460 100644 --- a/tools/testing/selftests/bpf/progs/test_tunnel_kern.c +++ b/tools/testing/selftests/bpf/progs/test_tunnel_kern.c @@ -35,6 +35,10 @@ int bpf_skb_set_fou_encap(struct __sk_buff *skb_ctx, struct bpf_fou_encap *encap, int type) __ksym; int bpf_skb_get_fou_encap(struct __sk_buff *skb_ctx, struct bpf_fou_encap *encap) __ksym; +struct xfrm_state * +bpf_xdp_get_xfrm_state(struct xdp_md *ctx, struct bpf_xfrm_state_opts *opts, + u32 opts__sz) __ksym; +void bpf_xdp_xfrm_state_release(struct xfrm_state *x) __ksym; struct { __uint(type, BPF_MAP_TYPE_ARRAY); @@ -948,4 +952,49 @@ int xfrm_get_state(struct __sk_buff *skb) return TC_ACT_OK; } +SEC("xdp") +int xfrm_get_state_xdp(struct xdp_md *xdp) +{ + struct bpf_xfrm_state_opts opts = {}; + struct xfrm_state *x = NULL; + struct ip_esp_hdr *esph; + struct bpf_dynptr ptr; + u8 esph_buf[8] = {}; + u8 iph_buf[20] = {}; + struct iphdr *iph; + u32 off; + + if (bpf_dynptr_from_xdp(xdp, 0, &ptr)) + goto out; + + off = sizeof(struct ethhdr); + iph = bpf_dynptr_slice(&ptr, off, iph_buf, sizeof(iph_buf)); + if (!iph || iph->protocol != IPPROTO_ESP) + goto out; + + off += sizeof(struct iphdr); + esph = bpf_dynptr_slice(&ptr, off, esph_buf, sizeof(esph_buf)); + if (!esph) + goto out; + + opts.netns_id = BPF_F_CURRENT_NETNS, + opts.daddr.a4 = iph->daddr; + opts.spi = esph->spi; + opts.proto = IPPROTO_ESP; + opts.family = AF_INET; + + x = bpf_xdp_get_xfrm_state(xdp, &opts, sizeof(opts)); + if (!x || opts.error) + goto out; + + if (!x->replay_esn) + goto out; + + bpf_printk("replay-window %d\n", x->replay_esn->replay_window); +out: + if (x) + bpf_xdp_xfrm_state_release(x); + return XDP_PASS; +} + char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_tunnel.sh b/tools/testing/selftests/bpf/test_tunnel.sh index dd3c79129e87..17d263681c71 100755 --- a/tools/testing/selftests/bpf/test_tunnel.sh +++ b/tools/testing/selftests/bpf/test_tunnel.sh @@ -528,7 +528,7 @@ setup_xfrm_tunnel() # at_ns0 -> root ip netns exec at_ns0 \ ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \ - spi $spi_in_to_out reqid 1 mode tunnel \ + spi $spi_in_to_out reqid 1 mode tunnel replay-window 42 \ auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc ip netns exec at_ns0 \ ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir out \ @@ -537,7 +537,7 @@ setup_xfrm_tunnel() # root -> at_ns0 ip netns exec at_ns0 \ ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \ - spi $spi_out_to_in reqid 2 mode tunnel \ + spi $spi_out_to_in reqid 2 mode tunnel replay-window 42 \ auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc ip netns exec at_ns0 \ ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir in \ @@ -553,14 +553,14 @@ setup_xfrm_tunnel() # root namespace # at_ns0 -> root ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \ - spi $spi_in_to_out reqid 1 mode tunnel \ + spi $spi_in_to_out reqid 1 mode tunnel replay-window 42 \ auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir in \ tmpl src 172.16.1.100 dst 172.16.1.200 proto esp reqid 1 \ mode tunnel # root -> at_ns0 ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \ - spi $spi_out_to_in reqid 2 mode tunnel \ + spi $spi_out_to_in reqid 2 mode tunnel replay-window 42 \ auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir out \ tmpl src 172.16.1.200 dst 172.16.1.100 proto esp reqid 2 \ @@ -585,6 +585,8 @@ test_xfrm_tunnel() tc qdisc add dev veth1 clsact tc filter add dev veth1 proto ip ingress bpf da object-pinned \ ${BPF_PIN_TUNNEL_DIR}/xfrm_get_state + ip link set dev veth1 xdpdrv pinned \ + ${BPF_PIN_TUNNEL_DIR}/xfrm_get_state_xdp ip netns exec at_ns0 ping $PING_ARG 10.1.1.200 sleep 1 grep "reqid 1" ${TRACE} @@ -593,6 +595,8 @@ test_xfrm_tunnel() check_err $? grep "remote ip 0xac100164" ${TRACE} check_err $? + grep "replay-window 42" ${TRACE} + check_err $? cleanup if [ $ret -ne 0 ]; then