From patchwork Sun Oct 11 05:09:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Fastabend X-Patchwork-Id: 270147 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C741DC43457 for ; Sun, 11 Oct 2020 05:09:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8A991221FE for ; Sun, 11 Oct 2020 05:09:33 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="HZztZDs5" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726348AbgJKFJc (ORCPT ); Sun, 11 Oct 2020 01:09:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42190 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725882AbgJKFJc (ORCPT ); Sun, 11 Oct 2020 01:09:32 -0400 Received: from mail-il1-x144.google.com (mail-il1-x144.google.com [IPv6:2607:f8b0:4864:20::144]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2DBAC0613CE; Sat, 10 Oct 2020 22:09:30 -0700 (PDT) Received: by mail-il1-x144.google.com with SMTP id p16so4476851ilq.5; Sat, 10 Oct 2020 22:09:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=M0bAWQd0WTnt0/w1exFU5fB4VtkL954BS24rcnrY8NQ=; b=HZztZDs5YcwNqU2bB3eVr5AFfuZ4Pt1OcvT0Nz3SoyeybuJ5iy6Iw0Fr5RT2Bs2a13 BAWo86bb94BymR3ofGsINIbf4AJea6wVekvsnlstXebkaCSLuFNVG5IKlgL3aObQ/rX+ JbOV9VCi1OaCJ5vuuTNVymtSKfX0ySUkRo57a5Nn5JfgKdhPT3AgL795LSYv8Fi7UNsA jCphRMSBM7wcGu71pnWkdRk07MhwjL34VCo53DGmEZc3YJLXbRmJO4L2sj4xEQ6bvk5G HSaGQexB40npYOY7+hlKJ8BX6xdS4Y4EF8KbN+8hLJHleoqf3rP87x6Sqx+1on8L806C YIAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=M0bAWQd0WTnt0/w1exFU5fB4VtkL954BS24rcnrY8NQ=; b=GOtagEq8afdHCId4ZKrrKdrSc75PJINuTMfWb8csb90V1AxfedY1loHTkVvJS2qYVz plfX206mVrTkI35RWxTriNJk+nQm/6EDmC9uUTtyTwjp3njC9tXHjdkUgQFcqg1GNj/Z wCWiOC2g1M2gKvcP2UE4pIWI1tUQbBN9BxMAPv75rVeIvOwJwYm+/ETu3lph8+W5V6Br /+Z/sZCNNPshM5accyjPriKegUbIxw8YFGtBRorHeo9fDtyEDIY7XaCrGQtC51DrOErY cZhmGe5kL9m4tUFgjzefIagB7ldEfBG/yK8z139MVygtZlRAFx4upyqScX1a3TEmmfPM yuIA== X-Gm-Message-State: AOAM530hqJlupD/Bhi8B5tfcm4fJ+XCnM+J0ZANnUkZn7SvFVeMc9foe GdI4Qw642LDZY7imteaQtKI= X-Google-Smtp-Source: ABdhPJxFLLqI5JpScDfdY8gJPJHbdEt33oizOFZdqj3joaQoEmIjcPluZhWjgEy/kHsse5sC9mObhA== X-Received: by 2002:a92:6a06:: with SMTP id f6mr14759022ilc.53.1602392970406; Sat, 10 Oct 2020 22:09:30 -0700 (PDT) Received: from [127.0.1.1] ([184.63.162.180]) by smtp.gmail.com with ESMTPSA id e15sm6712209ili.75.2020.10.10.22.09.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 10 Oct 2020 22:09:29 -0700 (PDT) Subject: [bpf-next PATCH 1/4] bpf, sockmap: check skb_verdict and skb_parser programs explicitly From: John Fastabend To: john.fastabend@gmail.com, alexei.starovoitov@gmail.com, daniel@iogearbox.net Cc: netdev@vger.kernel.org, bpf@vger.kernel.org, jakub@cloudflare.com, lmb@cloudflare.com Date: Sat, 10 Oct 2020 22:09:07 -0700 Message-ID: <160239294756.8495.5796595770890272219.stgit@john-Precision-5820-Tower> In-Reply-To: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> References: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org We are about to allow skb_verdict to run without skb_parser programs as a first step change code to check each program type specifically. This should be a mechanical change without any impact to actual result. Signed-off-by: John Fastabend --- net/core/sock_map.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/net/core/sock_map.c b/net/core/sock_map.c index e83a80e8f13b..a2ed5b6223b9 100644 --- a/net/core/sock_map.c +++ b/net/core/sock_map.c @@ -230,16 +230,16 @@ static int sock_map_link(struct bpf_map *map, struct sk_psock_progs *progs, { struct bpf_prog *msg_parser, *skb_parser, *skb_verdict; struct sk_psock *psock; - bool skb_progs; int ret; skb_verdict = READ_ONCE(progs->skb_verdict); skb_parser = READ_ONCE(progs->skb_parser); - skb_progs = skb_parser && skb_verdict; - if (skb_progs) { + if (skb_verdict) { skb_verdict = bpf_prog_inc_not_zero(skb_verdict); if (IS_ERR(skb_verdict)) return PTR_ERR(skb_verdict); + } + if (skb_parser) { skb_parser = bpf_prog_inc_not_zero(skb_parser); if (IS_ERR(skb_parser)) { bpf_prog_put(skb_verdict); @@ -264,7 +264,8 @@ static int sock_map_link(struct bpf_map *map, struct sk_psock_progs *progs, if (psock) { if ((msg_parser && READ_ONCE(psock->progs.msg_parser)) || - (skb_progs && READ_ONCE(psock->progs.skb_parser))) { + (skb_parser && READ_ONCE(psock->progs.skb_parser)) || + (skb_verdict && READ_ONCE(psock->progs.skb_verdict))) { sk_psock_put(sk, psock); ret = -EBUSY; goto out_progs; @@ -285,7 +286,7 @@ static int sock_map_link(struct bpf_map *map, struct sk_psock_progs *progs, goto out_drop; write_lock_bh(&sk->sk_callback_lock); - if (skb_progs && !psock->parser.enabled) { + if (skb_parser && skb_verdict && !psock->parser.enabled) { ret = sk_psock_init_strp(sk, psock); if (ret) { write_unlock_bh(&sk->sk_callback_lock); @@ -303,10 +304,10 @@ static int sock_map_link(struct bpf_map *map, struct sk_psock_progs *progs, if (msg_parser) bpf_prog_put(msg_parser); out: - if (skb_progs) { + if (skb_verdict) bpf_prog_put(skb_verdict); + if (skb_parser) bpf_prog_put(skb_parser); - } return ret; } From patchwork Sun Oct 11 05:09:38 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Fastabend X-Patchwork-Id: 288620 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0CDA5C433DF for ; Sun, 11 Oct 2020 05:09:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CD9B2221FF for ; Sun, 11 Oct 2020 05:09:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="OL/74TFW" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726413AbgJKFJ5 (ORCPT ); Sun, 11 Oct 2020 01:09:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725882AbgJKFJ4 (ORCPT ); Sun, 11 Oct 2020 01:09:56 -0400 Received: from mail-il1-x144.google.com (mail-il1-x144.google.com [IPv6:2607:f8b0:4864:20::144]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C157BC0613CE; Sat, 10 Oct 2020 22:09:56 -0700 (PDT) Received: by mail-il1-x144.google.com with SMTP id y16so8796768ila.7; Sat, 10 Oct 2020 22:09:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=V6mwX+muNcv/XcHDj8h7DFbbHyZjF4hrggVn+CX0LZg=; b=OL/74TFWs8ziv8y7nebcDjRG1NLXeARdkHEzOsiHb2W1PsuActmOK18eAcxKmQsB1m stLTuoClc6xyig4LmwA7Oe2dQcRppl/nMAkQadQLtf9jQ28X6lDI3CqttbAT6qb6iQjx 22+S+Clv2UljLD4T4CSOc8v/QuGHcklwoVRfjFI9XVzycUZ7mrF6zsFxAPbU6Wae49q1 sTf0/eysrepXgMobPYxPtaExtpkDbzvXVw+ZQwbEyEN6IO+XFO8VNpN8aHkAhDurAS5w ToiOcbCp436lGldldy0wyCtVqblxQrx/yK/oxlglnGawBjQGm04aMXEpa5PiYgobfnPS 85aA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=V6mwX+muNcv/XcHDj8h7DFbbHyZjF4hrggVn+CX0LZg=; b=d0LI9Gc2GO0EBi21Quk7WerF5XKrvyuqR5sH+ql3GKUYJa+J7jwygpQyNSLbxDhzNf XAenfLXnkhvJTwTUAmZuY/wQUKw8kaKykK9Wwn3NxEuykMDrN2u5L38MowAaFZPgPvzi tWmd3zTW8jyAbw7+5JFk5XynENqQPGbKcGYtkcM5rxkB1Et6q0qBNf+AiW+1SAYQpW8J vbd5HPjx3KEAxX1wmgbTDhX5wLhGqaKBqCjNx7iqpG5A5x9F6ZS4gO+NeoGTH1/EmjuA d9J4ZMYonUjVqRBLEL7vvdtoTvvD9pJe09bbGXQKX1UdRv+0JCofRgd02NhnNtzS3SZ4 4B8g== X-Gm-Message-State: AOAM5318RSVli1xKwDXhwYT8EaQiYPgf/s2RRaH6yg6HFBVvayRMnHIY kuuQD/Wo3mcWiWFy5yXVR8MvQo1wEYo= X-Google-Smtp-Source: ABdhPJwBItcvFsUdlTLWxqAcjC0R81eS9BflMgjm/x2bdVLVrDPpQR349Z25hRDcM+KS17lfFc96Tg== X-Received: by 2002:a92:484e:: with SMTP id v75mr15418023ila.293.1602392995992; Sat, 10 Oct 2020 22:09:55 -0700 (PDT) Received: from [127.0.1.1] ([184.63.162.180]) by smtp.gmail.com with ESMTPSA id y12sm7030578ilk.56.2020.10.10.22.09.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 10 Oct 2020 22:09:55 -0700 (PDT) Subject: [bpf-next PATCH 2/4] bpf, sockmap: Allow skipping sk_skb parser program From: John Fastabend To: john.fastabend@gmail.com, alexei.starovoitov@gmail.com, daniel@iogearbox.net Cc: netdev@vger.kernel.org, bpf@vger.kernel.org, jakub@cloudflare.com, lmb@cloudflare.com Date: Sat, 10 Oct 2020 22:09:38 -0700 Message-ID: <160239297866.8495.13345662302749219672.stgit@john-Precision-5820-Tower> In-Reply-To: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> References: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Currently, we often run with a nop parser namely one that just does this, 'return skb->len'. This happens when either our verdict program can handle streaming data or it is only looking at socket data such as IP addresses and other metadata associated with the flow. The second case is common for a L3/L4 proxy for instance. So lets allow loading programs without the parser then we can skip the stream parser logic and avoid having to add a BPF program that is effectively a nop. Signed-off-by: John Fastabend --- include/linux/skmsg.h | 2 + net/core/skmsg.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ net/core/sock_map.c | 22 +++++++++----- 3 files changed, 95 insertions(+), 7 deletions(-) diff --git a/include/linux/skmsg.h b/include/linux/skmsg.h index 3119928fc103..fec0c5ac1c4f 100644 --- a/include/linux/skmsg.h +++ b/include/linux/skmsg.h @@ -308,6 +308,8 @@ struct sk_psock *sk_psock_init(struct sock *sk, int node); int sk_psock_init_strp(struct sock *sk, struct sk_psock *psock); void sk_psock_start_strp(struct sock *sk, struct sk_psock *psock); void sk_psock_stop_strp(struct sock *sk, struct sk_psock *psock); +void sk_psock_start_verdict(struct sock *sk, struct sk_psock *psock); +void sk_psock_stop_verdict(struct sock *sk, struct sk_psock *psock); int sk_psock_msg_verdict(struct sock *sk, struct sk_psock *psock, struct sk_msg *msg); diff --git a/net/core/skmsg.c b/net/core/skmsg.c index 881a5b290946..654182ecf87b 100644 --- a/net/core/skmsg.c +++ b/net/core/skmsg.c @@ -627,6 +627,8 @@ void sk_psock_drop(struct sock *sk, struct sk_psock *psock) rcu_assign_sk_user_data(sk, NULL); if (psock->progs.skb_parser) sk_psock_stop_strp(sk, psock); + else if (psock->progs.skb_verdict) + sk_psock_stop_verdict(sk, psock); write_unlock_bh(&sk->sk_callback_lock); sk_psock_clear_state(psock, SK_PSOCK_TX_ENABLED); @@ -871,6 +873,57 @@ static void sk_psock_strp_data_ready(struct sock *sk) rcu_read_unlock(); } +static int sk_psock_verdict_recv(read_descriptor_t *desc, struct sk_buff *skb, + unsigned int offset, size_t orig_len) +{ + struct sock *sk = (struct sock *)desc->arg.data; + struct sk_psock *psock; + struct bpf_prog *prog; + int ret = __SK_DROP; + int len = skb->len; + + /* clone here so sk_eat_skb() in tcp_read_sock does not drop our data */ + skb = skb_clone(skb, GFP_ATOMIC); + if (!skb) { + desc->error = -ENOMEM; + return 0; + } + + rcu_read_lock(); + psock = sk_psock(sk); + if (unlikely(!psock)) { + len = 0; + kfree_skb(skb); + goto out; + } + skb_set_owner_r(skb, sk); + prog = READ_ONCE(psock->progs.skb_verdict); + if (likely(prog)) { + tcp_skb_bpf_redirect_clear(skb); + ret = sk_psock_bpf_run(psock, prog, skb); + ret = sk_psock_map_verd(ret, tcp_skb_bpf_redirect_fetch(skb)); + } + sk_psock_verdict_apply(psock, skb, ret); +out: + rcu_read_unlock(); + return len; +} + +static void sk_psock_verdict_data_ready(struct sock *sk) +{ + struct socket *sock = sk->sk_socket; + read_descriptor_t desc; + + if (unlikely(!sock || !sock->ops || !sock->ops->read_sock)) + return; + + desc.arg.data = sk; + desc.error = 0; + desc.count = 1; + + sock->ops->read_sock(sk, &desc, sk_psock_verdict_recv); +} + static void sk_psock_write_space(struct sock *sk) { struct sk_psock *psock; @@ -900,6 +953,19 @@ int sk_psock_init_strp(struct sock *sk, struct sk_psock *psock) return strp_init(&psock->parser.strp, sk, &cb); } +void sk_psock_start_verdict(struct sock *sk, struct sk_psock *psock) +{ + struct sk_psock_parser *parser = &psock->parser; + + if (parser->enabled) + return; + + parser->saved_data_ready = sk->sk_data_ready; + sk->sk_data_ready = sk_psock_verdict_data_ready; + sk->sk_write_space = sk_psock_write_space; + parser->enabled = true; +} + void sk_psock_start_strp(struct sock *sk, struct sk_psock *psock) { struct sk_psock_parser *parser = &psock->parser; @@ -925,3 +991,15 @@ void sk_psock_stop_strp(struct sock *sk, struct sk_psock *psock) strp_stop(&parser->strp); parser->enabled = false; } + +void sk_psock_stop_verdict(struct sock *sk, struct sk_psock *psock) +{ + struct sk_psock_parser *parser = &psock->parser; + + if (!parser->enabled) + return; + + sk->sk_data_ready = parser->saved_data_ready; + parser->saved_data_ready = NULL; + parser->enabled = false; +} diff --git a/net/core/sock_map.c b/net/core/sock_map.c index a2ed5b6223b9..df09c39a4dd2 100644 --- a/net/core/sock_map.c +++ b/net/core/sock_map.c @@ -148,8 +148,8 @@ static void sock_map_add_link(struct sk_psock *psock, static void sock_map_del_link(struct sock *sk, struct sk_psock *psock, void *link_raw) { + bool strp_stop = false, verdict_stop = false; struct sk_psock_link *link, *tmp; - bool strp_stop = false; spin_lock_bh(&psock->link_lock); list_for_each_entry_safe(link, tmp, &psock->link, list) { @@ -159,14 +159,19 @@ static void sock_map_del_link(struct sock *sk, map); if (psock->parser.enabled && stab->progs.skb_parser) strp_stop = true; + if (psock->parser.enabled && stab->progs.skb_verdict) + verdict_stop = true; list_del(&link->list); sk_psock_free_link(link); } } spin_unlock_bh(&psock->link_lock); - if (strp_stop) { + if (strp_stop || verdict_stop) { write_lock_bh(&sk->sk_callback_lock); - sk_psock_stop_strp(sk, psock); + if (strp_stop) + sk_psock_stop_strp(sk, psock); + else + sk_psock_stop_verdict(sk, psock); write_unlock_bh(&sk->sk_callback_lock); } } @@ -288,16 +293,19 @@ static int sock_map_link(struct bpf_map *map, struct sk_psock_progs *progs, write_lock_bh(&sk->sk_callback_lock); if (skb_parser && skb_verdict && !psock->parser.enabled) { ret = sk_psock_init_strp(sk, psock); - if (ret) { - write_unlock_bh(&sk->sk_callback_lock); - goto out_drop; - } + if (ret) + goto out_unlock_drop; psock_set_prog(&psock->progs.skb_verdict, skb_verdict); psock_set_prog(&psock->progs.skb_parser, skb_parser); sk_psock_start_strp(sk, psock); + } else if (!skb_parser && skb_verdict && !psock->parser.enabled) { + psock_set_prog(&psock->progs.skb_verdict, skb_verdict); + sk_psock_start_verdict(sk,psock); } write_unlock_bh(&sk->sk_callback_lock); return 0; +out_unlock_drop: + write_unlock_bh(&sk->sk_callback_lock); out_drop: sk_psock_put(sk, psock); out_progs: From patchwork Sun Oct 11 05:10:04 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Fastabend X-Patchwork-Id: 270146 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 74FCEC433DF for ; Sun, 11 Oct 2020 05:10:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2A05422202 for ; Sun, 11 Oct 2020 05:10:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="MA/ICLmJ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726437AbgJKFKU (ORCPT ); Sun, 11 Oct 2020 01:10:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42322 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725882AbgJKFKU (ORCPT ); Sun, 11 Oct 2020 01:10:20 -0400 Received: from mail-io1-xd42.google.com (mail-io1-xd42.google.com [IPv6:2607:f8b0:4864:20::d42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08DE1C0613CE; Sat, 10 Oct 2020 22:10:20 -0700 (PDT) Received: by mail-io1-xd42.google.com with SMTP id u19so14415824ion.3; Sat, 10 Oct 2020 22:10:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=GhAxcO6z0s97SRWhKk0j8JILvo+IQBleeMoKI7214+M=; b=MA/ICLmJHTK8G9TqQ2oWkerJqaoxVq4lBKO4mYAzKX7zRHUYRtxpSoA7dbKPrXpray tYnRUW4syRNgdujNdykC9X8ujExEC/zJBrKH/XIQ8ZkdtwfCZ2ZoOOxrGvOlmUd2PkGA T/7MYHlawknpstr0GSYI5Oa9KeVMRzqSZazOoPwknzFfJsIzmwEWUzH6xA0/FZ1HsftE l2lXZYP1nH/zs86OLb3MAU0DO9duW55cAl2qByYL/ZyTwdTLggjuQK76M4Cbvu/ThZaD /aCnZP8cxXMdjuxJyAOxNa2sOc1bfdhKmQTn+90GfDspHVg9jE0NGtdkfhGtPvsdGPps yiEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=GhAxcO6z0s97SRWhKk0j8JILvo+IQBleeMoKI7214+M=; b=eGrfaTuQ3LbXoDvT0iq3m9s2Upf8RhjLKVB9X62NeIUvnlq+OueiDm1YdaL5oe99yu 7AFG9r80Asicjq3vhJEmn64fqBpXitvI7h+BVPhElmE/n6WlGnMPde1HbWRCm0Rzv+XR TuOvJJxhcfomCllhkxX7VF8Pc+XXtbNB7fDf66PLzOZWK71mlOcMDzK458YagZ2WElvu KGKvddEAoSaN1hujyC3nf1FQ7eBEW6uq1uMBTpSOpOnXk0MNtWkZ+PgmlGawP3E0d5d4 HQToEh1LwMbwMq8gP4L5KO2q4OreiTXWYn23TohHTL7Wp84NezjLeLnS4pnrrB85Nxcm ei5g== X-Gm-Message-State: AOAM533p2EGrZiVJJSXthr1z1OZAyfBZqnUxzOlkmG6lp6DDC8hWUit1 GgOgSs9z66nFMVuoEJWVTOE= X-Google-Smtp-Source: ABdhPJyq2qTp7As2UKUFnU2dtV1gAHeL6RsW1NavcP44dEZgEwEjBvbx+sPRpoV2u9X2+pOUTLcBUQ== X-Received: by 2002:a6b:8e4b:: with SMTP id q72mr13146947iod.104.1602393019352; Sat, 10 Oct 2020 22:10:19 -0700 (PDT) Received: from [127.0.1.1] ([184.63.162.180]) by smtp.gmail.com with ESMTPSA id l7sm6884339ili.82.2020.10.10.22.10.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 10 Oct 2020 22:10:18 -0700 (PDT) Subject: [bpf-next PATCH 3/4] bpf, selftests: Add option to test_sockmap to omit adding parser program From: John Fastabend To: john.fastabend@gmail.com, alexei.starovoitov@gmail.com, daniel@iogearbox.net Cc: netdev@vger.kernel.org, bpf@vger.kernel.org, jakub@cloudflare.com, lmb@cloudflare.com Date: Sat, 10 Oct 2020 22:10:04 -0700 Message-ID: <160239300387.8495.11908295143121563076.stgit@john-Precision-5820-Tower> In-Reply-To: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> References: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Add option to allow running without a parser program in place. To test with ping/pong program use, # test_sockmap -t ping --txmsg_omit_skb_parser this will send packets between two socket bouncing through a proxy socket that does not use a parser program. (ping) (pong) sender proxy_recv proxy_send recv | | | | verdict -----+ | | | | | +----------------+ +------------+ Signed-off-by: John Fastabend --- tools/testing/selftests/bpf/test_sockmap.c | 35 +++++++++++++++++----------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/tools/testing/selftests/bpf/test_sockmap.c b/tools/testing/selftests/bpf/test_sockmap.c index 5cf45455de42..419c0b010d14 100644 --- a/tools/testing/selftests/bpf/test_sockmap.c +++ b/tools/testing/selftests/bpf/test_sockmap.c @@ -86,6 +86,7 @@ int txmsg_ktls_skb_redir; int ktls; int peek_flag; int skb_use_parser; +int txmsg_omit_skb_parser; static const struct option long_options[] = { {"help", no_argument, NULL, 'h' }, @@ -111,6 +112,7 @@ static const struct option long_options[] = { {"txmsg_redir_skb", no_argument, &txmsg_redir_skb, 1 }, {"ktls", no_argument, &ktls, 1 }, {"peek", no_argument, &peek_flag, 1 }, + {"txmsg_omit_skb_parser", no_argument, &txmsg_omit_skb_parser, 1}, {"whitelist", required_argument, NULL, 'n' }, {"blacklist", required_argument, NULL, 'b' }, {0, 0, NULL, 0 } @@ -175,6 +177,7 @@ static void test_reset(void) txmsg_apply = txmsg_cork = 0; txmsg_ingress = txmsg_redir_skb = 0; txmsg_ktls_skb = txmsg_ktls_skb_drop = txmsg_ktls_skb_redir = 0; + txmsg_omit_skb_parser = 0; skb_use_parser = 0; } @@ -912,13 +915,15 @@ static int run_options(struct sockmap_options *options, int cg_fd, int test) goto run; /* Attach programs to sockmap */ - err = bpf_prog_attach(prog_fd[0], map_fd[0], - BPF_SK_SKB_STREAM_PARSER, 0); - if (err) { - fprintf(stderr, - "ERROR: bpf_prog_attach (sockmap %i->%i): %d (%s)\n", - prog_fd[0], map_fd[0], err, strerror(errno)); - return err; + if (!txmsg_omit_skb_parser) { + err = bpf_prog_attach(prog_fd[0], map_fd[0], + BPF_SK_SKB_STREAM_PARSER, 0); + if (err) { + fprintf(stderr, + "ERROR: bpf_prog_attach (sockmap %i->%i): %d (%s)\n", + prog_fd[0], map_fd[0], err, strerror(errno)); + return err; + } } err = bpf_prog_attach(prog_fd[1], map_fd[0], @@ -931,13 +936,15 @@ static int run_options(struct sockmap_options *options, int cg_fd, int test) /* Attach programs to TLS sockmap */ if (txmsg_ktls_skb) { - err = bpf_prog_attach(prog_fd[0], map_fd[8], - BPF_SK_SKB_STREAM_PARSER, 0); - if (err) { - fprintf(stderr, - "ERROR: bpf_prog_attach (TLS sockmap %i->%i): %d (%s)\n", - prog_fd[0], map_fd[8], err, strerror(errno)); - return err; + if (!txmsg_omit_skb_parser) { + err = bpf_prog_attach(prog_fd[0], map_fd[8], + BPF_SK_SKB_STREAM_PARSER, 0); + if (err) { + fprintf(stderr, + "ERROR: bpf_prog_attach (TLS sockmap %i->%i): %d (%s)\n", + prog_fd[0], map_fd[8], err, strerror(errno)); + return err; + } } err = bpf_prog_attach(prog_fd[2], map_fd[8], From patchwork Sun Oct 11 05:10:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Fastabend X-Patchwork-Id: 288619 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC47EC433E7 for ; Sun, 11 Oct 2020 05:10:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 809FF22202 for ; Sun, 11 Oct 2020 05:10:42 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="IihVsWv3" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726468AbgJKFKm (ORCPT ); Sun, 11 Oct 2020 01:10:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42374 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725882AbgJKFKl (ORCPT ); Sun, 11 Oct 2020 01:10:41 -0400 Received: from mail-il1-x143.google.com (mail-il1-x143.google.com [IPv6:2607:f8b0:4864:20::143]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F33FAC0613CE; Sat, 10 Oct 2020 22:10:40 -0700 (PDT) Received: by mail-il1-x143.google.com with SMTP id t7so11681757ilf.10; Sat, 10 Oct 2020 22:10:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=6GQXG/Xg0mzB1f3ty4h1Dthp1etZqLKCAen1W821BOI=; b=IihVsWv3SFcB4WAYD7rsLTsC2Q67Pw7xqKWWOH6rwgORU5EUafzqroC595jVi2oUSW 3ZF+4g8p70luAiKRLZOFhyviF/EY5pqGSFAXyjJQCTjWo3t0wcT/FyHkIZV4XPYX2syy bYMKA548bLE7wMS4XQJSGk1dgvOQtDzDhZNnBVDmTK8jVZuZkrMHfu9aVrTbEdnZZT6F XuNPByhJAmSzUG9ZeW6DGVgb3eOINhuHb15bhcE7pzSqd7O/nSQS+Re+pbefprfAkMy4 dW1VYae5EjFqSQm/TKePb2FWdBREAoxzQ9ydGWU9M0bAoCKQutmGxDdhkrxr9ytBYoj/ I6iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=6GQXG/Xg0mzB1f3ty4h1Dthp1etZqLKCAen1W821BOI=; b=duZW0TQxAufHT1Me1qAnpKRPCA5L3dMHQGAM9VbJrFs9/tMRglQ4gmQxqlQHF8Ib7q cM4aQ+BsweYiaN65Lau3e8Vimn+a2RkQp1F8m8PEJXr/wY0Iw1odhRtVegYPasK8zvPh +R5NnAMkR+ryHEjtPQxnU1GmQv0DW1mjKjQZXsny0L5YgZ5o/unBX97CFEUXp6Yarrwh jKz+W3xEPLWeysbnk+i6eJNAnvjnzMHerxfWy+K5Wnbnj2KPN71UdkfmULypzz4gu2VY kD6jP6qw93ZDN5OGX7UrRZGIluQmQa4mG1AUbRCdoW3piWlJYJOeIvCDBQR4H1ns5sRO Ke9g== X-Gm-Message-State: AOAM530Io5ZoKG7ADYt8l//gPKuDqPUtIKZnWRPuRP2k0TJ4XFtpyX+C J8hcOY41NemfQ8veGJcAc6A= X-Google-Smtp-Source: ABdhPJw4tq8xRk+P0BoVto05tqpC/nC9+8jPSeu7N8l2HvGtnclbWasNBcd9Adek138VPUccm2OBYw== X-Received: by 2002:a92:ddcb:: with SMTP id d11mr16049768ilr.228.1602393040292; Sat, 10 Oct 2020 22:10:40 -0700 (PDT) Received: from [127.0.1.1] ([184.63.162.180]) by smtp.gmail.com with ESMTPSA id t64sm7159708ild.10.2020.10.10.22.10.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 10 Oct 2020 22:10:39 -0700 (PDT) Subject: [bpf-next PATCH 4/4] bpf, selftests: Add three new sockmap tests for verdict only programs From: John Fastabend To: john.fastabend@gmail.com, alexei.starovoitov@gmail.com, daniel@iogearbox.net Cc: netdev@vger.kernel.org, bpf@vger.kernel.org, jakub@cloudflare.com, lmb@cloudflare.com Date: Sat, 10 Oct 2020 22:10:26 -0700 Message-ID: <160239302638.8495.17125996694402793471.stgit@john-Precision-5820-Tower> In-Reply-To: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> References: <160239226775.8495.15389345509643354423.stgit@john-Precision-5820-Tower> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Here we add three new tests for sockmap to test having a verdict program without setting the parser program. The first test covers the most simply case, sender proxy_recv proxy_send recv | | | | verdict -----+ | | | | | +----------------+ +------------+ We load the verdict program on the proxy_recv socket without a parser program. It then does a redirect into the send path of the proxy_send socket using sendpage_locked(). Next we test the drop case to ensure if we kfree_skb as a result of the verdict program everything behaves as expected. Next we test the same configuration above, but with ktls and a redirect into socket ingress queue. Shown here tls tls sender proxy_recv proxy_send recv | | | | verdict ------------------+ | | redirect_ingress +----------------+ Also to set up ping/pong test Signed-off-by: John Fastabend --- tools/testing/selftests/bpf/test_sockmap.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/bpf/test_sockmap.c b/tools/testing/selftests/bpf/test_sockmap.c index 419c0b010d14..0fa1e421c3d7 100644 --- a/tools/testing/selftests/bpf/test_sockmap.c +++ b/tools/testing/selftests/bpf/test_sockmap.c @@ -1472,12 +1472,29 @@ static void test_txmsg_skb(int cgrp, struct sockmap_options *opt) txmsg_ktls_skb_drop = 0; txmsg_ktls_skb_redir = 1; test_exec(cgrp, opt); + txmsg_ktls_skb_redir = 0; + + /* Tests that omit skb_parser */ + txmsg_omit_skb_parser = 1; + ktls = 0; + txmsg_ktls_skb = 0; + test_exec(cgrp, opt); + + txmsg_ktls_skb_drop = 1; + test_exec(cgrp, opt); + txmsg_ktls_skb_drop = 0; + + txmsg_ktls_skb_redir = 1; + test_exec(cgrp, opt); + + ktls = 1; + test_exec(cgrp, opt); + txmsg_omit_skb_parser = 0; opt->data_test = data; ktls = k; } - /* Test cork with hung data. This tests poor usage patterns where * cork can leave data on the ring if user program is buggy and * doesn't flush them somehow. They do take some time however