selftests: bpf: crypto: add benchmark for crypto functions

$(OUTPUT)/bench_local_storage_create.o: $(OUTPUT)/bench_local_storage_create.skel.h

$(OUTPUT)/bench_bpf_hashmap_lookup.o: $(OUTPUT)/bpf_hashmap_lookup.skel.h

$(OUTPUT)/bench_htab_mem.o: $(OUTPUT)/htab_mem_bench.skel.h

$(OUTPUT)/bench_bpf_crypto.o: $(OUTPUT)/crypto_bench.skel.h

$(OUTPUT)/bench.o: bench.h testing_helpers.h $(BPFOBJ)

$(OUTPUT)/bench: LDLIBS += -lm

$(OUTPUT)/bench: $(OUTPUT)/bench.o \

		 $(OUTPUT)/bench_bpf_hashmap_lookup.o \

		 $(OUTPUT)/bench_local_storage_create.o \

		 $(OUTPUT)/bench_htab_mem.o \

		 $(OUTPUT)/bench_bpf_crypto.o \

		 #

	$(call msg,BINARY,,$@)

	$(Q)$(CC) $(CFLAGS) $(LDFLAGS) $(filter %.a %.o,$^) $(LDLIBS) -o $@

extern struct argp bench_local_storage_create_argp;

extern struct argp bench_htab_mem_argp;

extern struct argp bench_trigger_batch_argp;

extern struct argp bench_crypto_argp;

static const struct argp_child bench_parsers[] = {

	{ &bench_ringbufs_argp, 0, "Ring buffers benchmark", 0 },

	{ &bench_local_storage_create_argp, 0, "local-storage-create benchmark", 0 },

	{ &bench_htab_mem_argp, 0, "hash map memory benchmark", 0 },

	{ &bench_trigger_batch_argp, 0, "BPF triggering benchmark", 0 },

	{ &bench_crypto_argp, 0, "bpf crypto benchmark", 0 },

	{},

};

extern const struct bench bench_bpf_hashmap_lookup;

extern const struct bench bench_local_storage_create;

extern const struct bench bench_htab_mem;

extern const struct bench bench_crypto_encrypt;

extern const struct bench bench_crypto_decrypt;

static const struct bench *benchs[] = {

	&bench_count_global,

	&bench_bpf_hashmap_lookup,

	&bench_local_storage_create,

	&bench_htab_mem,

	&bench_crypto_encrypt,

	&bench_crypto_decrypt,

};

static void find_benchmark(void)

// SPDX-License-Identifier: GPL-2.0

/* Copyright (c) 2024 Meta Platforms, Inc. and affiliates. */

#include <argp.h>

#include "bench.h"

#include "crypto_bench.skel.h"

#define MAX_CIPHER_LEN 32

static char *input;

static struct crypto_ctx {

	struct crypto_bench *skel;

	int pfd;

} ctx;

static struct crypto_args {

	u32 crypto_len;

	char *crypto_cipher;

} args = {

	.crypto_len = 16,

	.crypto_cipher = "ecb(aes)",

};

enum {

	ARG_CRYPTO_LEN = 5000,

	ARG_CRYPTO_CIPHER = 5001,

};

static const struct argp_option opts[] = {

	{ "crypto-len", ARG_CRYPTO_LEN, "CRYPTO_LEN", 0,

	  "Set the length of crypto buffer" },

	{ "crypto-cipher", ARG_CRYPTO_CIPHER, "CRYPTO_CIPHER", 0,

	  "Set the cipher to use (default:ecb(aes))" },

	{},

};

static error_t crypto_parse_arg(int key, char *arg, struct argp_state *state)

{

	switch (key) {

	case ARG_CRYPTO_LEN:

		args.crypto_len = strtoul(arg, NULL, 10);

		if (!args.crypto_len ||

		    args.crypto_len > sizeof(ctx.skel->bss->dst)) {

			fprintf(stderr, "Invalid crypto buffer len (limit %zu)\n",

				sizeof(ctx.skel->bss->dst));

			argp_usage(state);

		}

		break;

	case ARG_CRYPTO_CIPHER:

		args.crypto_cipher = strdup(arg);

		if (!strlen(args.crypto_cipher) ||

		    strlen(args.crypto_cipher) > MAX_CIPHER_LEN) {

			fprintf(stderr, "Invalid crypto cipher len (limit %d)\n",

				MAX_CIPHER_LEN);

			argp_usage(state);

		}

		break;

	default:

		return ARGP_ERR_UNKNOWN;

	}

	return 0;

}

const struct argp bench_crypto_argp = {

	.options = opts,

	.parser = crypto_parse_arg,

};

static void crypto_validate(void)

{

	if (env.consumer_cnt != 0) {

		fprintf(stderr, "bpf crypto benchmark doesn't support consumer!\n");

		exit(1);

	}

}

static void crypto_setup(void)

{

	LIBBPF_OPTS(bpf_test_run_opts, opts);

	int err, pfd;

	size_t i, sz;

	sz = args.crypto_len;

	if (!sz || sz > sizeof(ctx.skel->bss->dst)) {

		fprintf(stderr, "invalid encrypt buffer size (source %zu, target %zu)\n",

			sz, sizeof(ctx.skel->bss->dst));

		exit(1);

	}

	setup_libbpf();

	ctx.skel = crypto_bench__open();

	if (!ctx.skel) {

		fprintf(stderr, "failed to open skeleton\n");

		exit(1);

	}

	snprintf(ctx.skel->bss->cipher, 128, "%s", args.crypto_cipher);

	memcpy(ctx.skel->bss->key, "12345678testtest", 16);

	ctx.skel->bss->key_len = 16;

	ctx.skel->bss->authsize = 0;

	srandom(time(NULL));

	input = malloc(sz);

	for (i = 0; i < sz - 1; i++)

		input[i] = '1' + random() % 9;

	input[sz - 1] = '\0';

	ctx.skel->rodata->len = args.crypto_len;

	err = crypto_bench__load(ctx.skel);

	if (err) {

		fprintf(stderr, "failed to load skeleton\n");

		crypto_bench__destroy(ctx.skel);

		exit(1);

	}

	pfd = bpf_program__fd(ctx.skel->progs.crypto_setup);

	if (pfd < 0) {

		fprintf(stderr, "failed to get fd for setup prog\n");

		crypto_bench__destroy(ctx.skel);

		exit(1);

	}

	err = bpf_prog_test_run_opts(pfd, &opts);

	if (err || ctx.skel->bss->status) {

		fprintf(stderr, "failed to run setup prog: err %d, status %d\n",

			err, ctx.skel->bss->status);

		crypto_bench__destroy(ctx.skel);

		exit(1);

	}

}

static void crypto_encrypt_setup(void)

{

	crypto_setup();

	ctx.pfd = bpf_program__fd(ctx.skel->progs.crypto_encrypt);

}

static void crypto_decrypt_setup(void)

{

	crypto_setup();

	ctx.pfd = bpf_program__fd(ctx.skel->progs.crypto_decrypt);

}

static void crypto_measure(struct bench_res *res)

{

	res->hits = atomic_swap(&ctx.skel->bss->hits, 0);

}

static void *crypto_producer(void *unused)

{

	LIBBPF_OPTS(bpf_test_run_opts, opts,

		.repeat = 64,

		.data_in = input,

		.data_size_in = args.crypto_len,

	);

	while (true)

		(void)bpf_prog_test_run_opts(ctx.pfd, &opts);

	return NULL;

}

const struct bench bench_crypto_encrypt = {

	.name = "crypto-encrypt",

	.argp = &bench_crypto_argp,

	.validate = crypto_validate,

	.setup = crypto_encrypt_setup,

	.producer_thread = crypto_producer,

	.measure = crypto_measure,

	.report_progress = hits_drops_report_progress,

	.report_final = hits_drops_report_final,

};

const struct bench bench_crypto_decrypt = {

	.name = "crypto-decrypt",

	.argp = &bench_crypto_argp,

	.validate = crypto_validate,

	.setup = crypto_decrypt_setup,

	.producer_thread = crypto_producer,

	.measure = crypto_measure,

	.report_progress = hits_drops_report_progress,

	.report_final = hits_drops_report_final,

};

// SPDX-License-Identifier: GPL-2.0

/* Copyright (c) 2024 Meta Platforms, Inc. and affiliates. */

#include "vmlinux.h"

#include "bpf_tracing_net.h"

#include <bpf/bpf_helpers.h>

#include <bpf/bpf_endian.h>

#include <bpf/bpf_tracing.h>

#include "bpf_misc.h"

#include "bpf_kfuncs.h"

#include "crypto_common.h"

const volatile unsigned int len = 16;

char cipher[128] = {};

u32 key_len, authsize;

char dst[256] = {};

u8 key[256] = {};

long hits = 0;

int status;

SEC("syscall")

int crypto_setup(void *args)

{

	struct bpf_crypto_ctx *cctx;

	struct bpf_crypto_params params = {

		.type = "skcipher",

		.key_len = key_len,

		.authsize = authsize,

	};

	int err = 0;

	status = 0;

	if (!cipher[0] || !key_len || key_len > 256) {

		status = -EINVAL;

		return 0;

	}

	__builtin_memcpy(&params.algo, cipher, sizeof(cipher));

	__builtin_memcpy(&params.key, key, sizeof(key));

	cctx = bpf_crypto_ctx_create(&params, sizeof(params), &err);

	if (!cctx) {

		status = err;

		return 0;

	}

	err = crypto_ctx_insert(cctx);

	if (err && err != -EEXIST)

		status = err;

	return 0;

}

SEC("tc")

int crypto_encrypt(struct __sk_buff *skb)

{

	struct __crypto_ctx_value *v;

	struct bpf_crypto_ctx *ctx;

	struct bpf_dynptr psrc, pdst, iv;

	v = crypto_ctx_value_lookup();

	if (!v) {

		status = -ENOENT;

		return 0;

	}

	ctx = v->ctx;

	if (!ctx) {

		status = -ENOENT;

		return 0;

	}

	bpf_dynptr_from_skb(skb, 0, &psrc);

	bpf_dynptr_from_mem(dst, len, 0, &pdst);

	bpf_dynptr_from_mem(dst, 0, 0, &iv);

	status = bpf_crypto_encrypt(ctx, &psrc, &pdst, &iv);

	__sync_add_and_fetch(&hits, 1);

	return 0;

}

SEC("tc")

int crypto_decrypt(struct __sk_buff *skb)

{

	struct bpf_dynptr psrc, pdst, iv;

	struct __crypto_ctx_value *v;

	struct bpf_crypto_ctx *ctx;

	v = crypto_ctx_value_lookup();

	if (!v)

		return -ENOENT;

	ctx = v->ctx;

	if (!ctx)

		return -ENOENT;

	bpf_dynptr_from_skb(skb, 0, &psrc);

	bpf_dynptr_from_mem(dst, len, 0, &pdst);

	bpf_dynptr_from_mem(dst, 0, 0, &iv);

	status = bpf_crypto_decrypt(ctx, &psrc, &pdst, &iv);

	__sync_add_and_fetch(&hits, 1);

	return 0;

}

char __license[] SEC("license") = "GPL";