From: Jordan Rife <jrife@google.com>
To: bpf@vger.kernel.org
Cc: Jordan Rife <jrife@google.com>,
linux-kselftest@vger.kernel.org, netdev@vger.kernel.org,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <martin.lau@linux.dev>,
Eduard Zingerman <eddyz87@gmail.com>, Song Liu <song@kernel.org>,
Yonghong Song <yonghong.song@linux.dev>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>,
Stanislav Fomichev <sdf@google.com>, Hao Luo <haoluo@google.com>,
Jiri Olsa <jolsa@kernel.org>, Mykola Lysenko <mykolal@fb.com>,
Shuah Khan <shuah@kernel.org>,
Kui-Feng Lee <thinker.li@gmail.com>,
Artem Savkov <asavkov@redhat.com>,
Dave Marchevsky <davemarchevsky@fb.com>,
Menglong Dong <imagedong@tencent.com>, Daniel Xu <dxu@dxuuu.xyz>,
David Vernet <void@manifault.com>,
Daan De Meyer <daan.j.demeyer@gmail.com>,
Benjamin Tissoires <bentiss@kernel.org>,
Hou Tao <houtao1@huawei.com>,
Willem de Bruijn <willemdebruijn.kernel@gmail.com>
Subject: [PATCH v3 bpf-next 0/6] selftests/bpf: Add sockaddr tests for kernel networking
Date: Mon, 29 Apr 2024 16:45:17 -0500 [thread overview]
Message-ID: <20240429214529.2644801-1-jrife@google.com> (raw)
This patch series adds test coverage for BPF sockaddr hooks and their
interactions with kernel socket functions (i.e. kernel_bind(),
kernel_connect(), kernel_sendmsg(), sock_sendmsg(),
kernel_getpeername(), and kernel_getsockname()) while also rounding out
IPv4 and IPv6 sockaddr hook coverage in prog_tests/sock_addr.c.
As with v1 of this patch series, we add regression coverage for the
issues addressed by these patches,
- commit 0bdf399342c5("net: Avoid address overwrite in kernel_connect")
- commit 86a7e0b69bd5("net: prevent rewrite of msg_name in sock_sendmsg()")
- commit c889a99a21bf("net: prevent address rewrite in kernel_bind()")
- commit 01b2885d9415("net: Save and restore msg_namelen in sock_sendmsg")
but broaden the focus a bit.
In order to extend prog_tests/sock_addr.c to test these kernel
functions, we add a set of new kfuncs that wrap individual socket
operations to bpf_testmod and invoke them through set of corresponding
SYSCALL programs (progs/sock_addr_kern.c). Each test case can be
configured to use a different set of "sock_ops" depending on whether it
is testing kernel calls (kernel_bind(), kernel_connect(), etc.) or
system calls (bind(), connect(), etc.).
=======
Patches
=======
* Patch 1 fixes the sock_addr bind test program to work for big endian
architectures such as s390x.
* Patch 2 introduces the new kfuncs to bpf_testmod.
* Patch 3 introduces the BPF program which allows us to invoke these
kfuncs invividually from the test program.
* Patch 4 lays the groundwork for IPv4 and IPv6 sockaddr hook coverage
by migrating much of the environment setup logic from
bpf/test_sock_addr.sh into prog_tests/sock_addr.c and moves test cases
to cover bind4/6, connect4/6, sendmsg4/6 and recvmsg4/6 hooks.
* Patch 5 makes the set of socket operations for each test case
configurable, laying the groundwork for Patch 6.
* Patch 6 introduces two sets of sock_ops that invoke the kernel
equivalents of connect(), bind(), etc. and uses these to add coverage
for the kernel socket functions.
=======
Changes
=======
v2->v3
------
* Renamed bind helpers. Dropped "_ntoh" suffix.
* Added guards to kfuncs to make sure addrlen and msglen do not exceed
the buffer capacity.
* Added KF_SLEEPABLE flag to kfuncs.
* Added a mutex (sock_lock) to kfuncs to serialize access to sock.
* Added NULL check for sock to each kfunc.
* Use the "sock_addr" networking namespace for all network interface
setup and testing.
* Use "nodad" when calling "ip -6 addr add" during interface setup to
avoid delays and remove ping loop.
* Removed test cases from test_sock_addr.c to make it clear what remains
to be migrated.
* Removed unused parameter (expect_change) from sock_addr_op().
Link: https://lore.kernel.org/bpf/20240412165230.2009746-1-jrife@google.com/T/#u
v1->v2
------
* Dropped test_progs/sock_addr_kern.c and the sock_addr_kern test module
in favor of simply expanding bpf_testmod and test_progs/sock_addr.c.
* Migrated environment setup logic from bpf/test_sock_addr.sh into
prog_tests/sock_addr.c rather than invoking the script from the test
program.
* Added kfuncs to bpf_testmod as well as the sock_addr_kern BPF program
to enable us to invoke kernel socket functions from
test_progs/sock_addr.c.
* Added test coverage for kernel socket functions to
test_progs/sock_addr.c.
Link: https://lore.kernel.org/bpf/20240329191907.1808635-1-jrife@google.com/T/#u
Jordan Rife (6):
selftests/bpf: Fix bind program for big endian systems
selftests/bpf: Implement socket kfuncs for bpf_testmod
selftests/bpf: Implement BPF programs for kernel socket operations
selftests/bpf: Move IPv4 and IPv6 sockaddr test cases
selftests/bpf: Make sock configurable for each test case
selftests/bpf: Add kernel socket operation tests
.../selftests/bpf/bpf_testmod/bpf_testmod.c | 255 +++++
.../bpf/bpf_testmod/bpf_testmod_kfunc.h | 27 +
.../selftests/bpf/prog_tests/sock_addr.c | 939 +++++++++++++++---
.../testing/selftests/bpf/progs/bind4_prog.c | 18 +-
.../testing/selftests/bpf/progs/bind6_prog.c | 18 +-
tools/testing/selftests/bpf/progs/bind_prog.h | 19 +
.../selftests/bpf/progs/sock_addr_kern.c | 65 ++
tools/testing/selftests/bpf/test_sock_addr.c | 192 ----
8 files changed, 1192 insertions(+), 341 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/bind_prog.h
create mode 100644 tools/testing/selftests/bpf/progs/sock_addr_kern.c
--
2.44.0.769.g3c40516874-goog
next reply other threads:[~2024-04-29 21:45 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-29 21:45 Jordan Rife [this message]
2024-04-29 21:45 ` [PATCH v3 bpf-next 1/6] selftests/bpf: Fix bind program for big endian systems Jordan Rife
2024-04-29 21:45 ` [PATCH v3 bpf-next 2/6] selftests/bpf: Implement socket kfuncs for bpf_testmod Jordan Rife
2024-04-29 21:45 ` [PATCH v3 bpf-next 3/6] selftests/bpf: Implement BPF programs for kernel socket operations Jordan Rife
2024-04-29 21:45 ` [PATCH v3 bpf-next 4/6] selftests/bpf: Move IPv4 and IPv6 sockaddr test cases Jordan Rife
2024-04-29 21:45 ` [PATCH v3 bpf-next 5/6] selftests/bpf: Make sock configurable for each test case Jordan Rife
2024-04-29 21:45 ` [PATCH v3 bpf-next 6/6] selftests/bpf: Add kernel socket operation tests Jordan Rife
2024-05-02 22:30 ` [PATCH v3 bpf-next 0/6] selftests/bpf: Add sockaddr tests for kernel networking patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240429214529.2644801-1-jrife@google.com \
--to=jrife@google.com \
--cc=andrii@kernel.org \
--cc=asavkov@redhat.com \
--cc=ast@kernel.org \
--cc=bentiss@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daan.j.demeyer@gmail.com \
--cc=daniel@iogearbox.net \
--cc=davemarchevsky@fb.com \
--cc=dxu@dxuuu.xyz \
--cc=eddyz87@gmail.com \
--cc=haoluo@google.com \
--cc=houtao1@huawei.com \
--cc=imagedong@tencent.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=mykolal@fb.com \
--cc=netdev@vger.kernel.org \
--cc=sdf@google.com \
--cc=shuah@kernel.org \
--cc=song@kernel.org \
--cc=thinker.li@gmail.com \
--cc=void@manifault.com \
--cc=willemdebruijn.kernel@gmail.com \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).