selftests/bpf: Verify skb metadata in BPF instead of userspace (967534e5) · Commits · git / linux-net

tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c

+13 −39

Original line number	Diff line number	Diff line
		@@ -171,33 +171,6 @@ static int write_test_packet(int tap_fd)
		return 0;
		}

		static void assert_test_result(const struct bpf_map *result_map)
		{
		int err;
		__u32 map_key = 0;
		__u8 map_value[TEST_PAYLOAD_LEN];

		err = bpf_map__lookup_elem(result_map, &map_key, sizeof(map_key),
		&map_value, TEST_PAYLOAD_LEN, BPF_ANY);
		if (!ASSERT_OK(err, "lookup test_result"))
		return;

		ASSERT_MEMEQ(&map_value, &test_payload, TEST_PAYLOAD_LEN,
		"test_result map contains test payload");
		}

		static bool clear_test_result(struct bpf_map *result_map)
		{
		const __u8 v[sizeof(test_payload)] = {};
		const __u32 k = 0;
		int err;

		err = bpf_map__update_elem(result_map, &k, sizeof(k), v, sizeof(v), BPF_ANY);
		ASSERT_OK(err, "update test_result");

		return err == 0;
		}

		void test_xdp_context_veth(void)
		{
		LIBBPF_OPTS(bpf_tc_hook, tc_hook, .attach_point = BPF_TC_INGRESS);
		@@ -270,11 +243,13 @@ void test_xdp_context_veth(void)
		if (!ASSERT_GE(tx_ifindex, 0, "if_nametoindex tx"))
		goto close;

		skel->bss->test_pass = false;

		ret = send_test_packet(tx_ifindex);
		if (!ASSERT_OK(ret, "send_test_packet"))
		goto close;

		assert_test_result(skel->maps.test_result);
		ASSERT_TRUE(skel->bss->test_pass, "test_pass");

		close:
		close_netns(nstoken);
		@@ -286,7 +261,7 @@ void test_xdp_context_veth(void)
		static void test_tuntap(struct bpf_program *xdp_prog,
		struct bpf_program *tc_prio_1_prog,
		struct bpf_program *tc_prio_2_prog,
		struct bpf_map *result_map)
		bool *test_pass)
		{
		LIBBPF_OPTS(bpf_tc_hook, tc_hook, .attach_point = BPF_TC_INGRESS);
		LIBBPF_OPTS(bpf_tc_opts, tc_opts, .handle = 1, .priority = 1);
		@@ -295,8 +270,7 @@ static void test_tuntap(struct bpf_program *xdp_prog,
		int tap_ifindex;
		int ret;

		if (!clear_test_result(result_map))
		return;
		*test_pass = false;

		ns = netns_new(TAP_NETNS, true);
		if (!ASSERT_OK_PTR(ns, "create and open ns"))
		@@ -340,7 +314,7 @@ static void test_tuntap(struct bpf_program *xdp_prog,
		if (!ASSERT_OK(ret, "write_test_packet"))
		goto close;

		assert_test_result(result_map);
		ASSERT_TRUE(*test_pass, "test_pass");

		close:
		if (tap_fd >= 0)
		@@ -431,37 +405,37 @@ void test_xdp_context_tuntap(void)
		test_tuntap(skel->progs.ing_xdp,
		skel->progs.ing_cls,
		NULL, /* tc prio 2 */
		skel->maps.test_result);
		&skel->bss->test_pass);
		if (test__start_subtest("dynptr_read"))
		test_tuntap(skel->progs.ing_xdp,
		skel->progs.ing_cls_dynptr_read,
		NULL, /* tc prio 2 */
		skel->maps.test_result);
		&skel->bss->test_pass);
		if (test__start_subtest("dynptr_slice"))
		test_tuntap(skel->progs.ing_xdp,
		skel->progs.ing_cls_dynptr_slice,
		NULL, /* tc prio 2 */
		skel->maps.test_result);
		&skel->bss->test_pass);
		if (test__start_subtest("dynptr_write"))
		test_tuntap(skel->progs.ing_xdp_zalloc_meta,
		skel->progs.ing_cls_dynptr_write,
		skel->progs.ing_cls_dynptr_read,
		skel->maps.test_result);
		&skel->bss->test_pass);
		if (test__start_subtest("dynptr_slice_rdwr"))
		test_tuntap(skel->progs.ing_xdp_zalloc_meta,
		skel->progs.ing_cls_dynptr_slice_rdwr,
		skel->progs.ing_cls_dynptr_slice,
		skel->maps.test_result);
		&skel->bss->test_pass);
		if (test__start_subtest("dynptr_offset"))
		test_tuntap(skel->progs.ing_xdp_zalloc_meta,
		skel->progs.ing_cls_dynptr_offset_wr,
		skel->progs.ing_cls_dynptr_offset_rd,
		skel->maps.test_result);
		&skel->bss->test_pass);
		if (test__start_subtest("dynptr_offset_oob"))
		test_tuntap(skel->progs.ing_xdp,
		skel->progs.ing_cls_dynptr_offset_oob,
		skel->progs.ing_cls,
		skel->maps.test_result);
		&skel->bss->test_pass);
		if (test__start_subtest("clone_data_meta_empty_on_data_write"))
		test_tuntap_mirred(skel->progs.ing_xdp,
		skel->progs.clone_data_meta_empty_on_data_write,

tools/testing/selftests/bpf/progs/test_xdp_meta.c

+44 −44

Original line number	Diff line number	Diff line
		@@ -11,37 +11,36 @@

		#define ctx_ptr(ctx, mem) (void *)(unsigned long)ctx->mem

		/* Demonstrates how metadata can be passed from an XDP program to a TC program
		* using bpf_xdp_adjust_meta.
		* For the sake of testing the metadata support in drivers, the XDP program uses
		* a fixed-size payload after the Ethernet header as metadata. The TC program
		* copies the metadata it receives into a map so it can be checked from
		* userspace.
		/* Demonstrate passing metadata from XDP to TC using bpf_xdp_adjust_meta.
		*
		* The XDP program extracts a fixed-size payload following the Ethernet header
		* and stores it as packet metadata to test the driver's metadata support. The
		* TC program then verifies if the passed metadata is correct.
		*/

		struct {
		__uint(type, BPF_MAP_TYPE_ARRAY);
		__uint(max_entries, 1);
		__type(key, __u32);
		__uint(value_size, META_SIZE);
		} test_result SEC(".maps");

		bool test_pass;

		static const __u8 meta_want[META_SIZE] = {
		0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
		0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
		0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
		0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
		};

		SEC("tc")
		int ing_cls(struct __sk_buff *ctx)
		{
		__u8 data, data_meta;
		__u32 key = 0;

		data_meta = ctx_ptr(ctx, data_meta);
		data = ctx_ptr(ctx, data);
		__u8 *meta_have = ctx_ptr(ctx, data_meta);
		__u8 *data = ctx_ptr(ctx, data);

		if (data_meta + META_SIZE > data)
		return TC_ACT_SHOT;
		if (meta_have + META_SIZE > data)
		goto out;

		bpf_map_update_elem(&test_result, &key, data_meta, BPF_ANY);
		if (__builtin_memcmp(meta_want, meta_have, META_SIZE))
		goto out;

		test_pass = true;
		out:
		return TC_ACT_SHOT;
		}

		@@ -49,17 +48,17 @@ int ing_cls(struct __sk_buff *ctx)
		SEC("tc")
		int ing_cls_dynptr_read(struct __sk_buff *ctx)
		{
		__u8 meta_have[META_SIZE];
		struct bpf_dynptr meta;
		const __u32 zero = 0;
		__u8 *dst;

		dst = bpf_map_lookup_elem(&test_result, &zero);
		if (!dst)
		return TC_ACT_SHOT;

		bpf_dynptr_from_skb_meta(ctx, 0, &meta);
		bpf_dynptr_read(dst, META_SIZE, &meta, 0, 0);
		bpf_dynptr_read(meta_have, META_SIZE, &meta, 0, 0);

		if (__builtin_memcmp(meta_want, meta_have, META_SIZE))
		goto out;

		test_pass = true;
		out:
		return TC_ACT_SHOT;
		}

		@@ -86,20 +85,18 @@ SEC("tc")
		int ing_cls_dynptr_slice(struct __sk_buff *ctx)
		{
		struct bpf_dynptr meta;
		const __u32 zero = 0;
		__u8 dst, src;

		dst = bpf_map_lookup_elem(&test_result, &zero);
		if (!dst)
		return TC_ACT_SHOT;
		__u8 *meta_have;

		bpf_dynptr_from_skb_meta(ctx, 0, &meta);
		src = bpf_dynptr_slice(&meta, 0, NULL, META_SIZE);
		if (!src)
		return TC_ACT_SHOT;
		meta_have = bpf_dynptr_slice(&meta, 0, NULL, META_SIZE);
		if (!meta_have)
		goto out;

		__builtin_memcpy(dst, src, META_SIZE);
		if (__builtin_memcmp(meta_want, meta_have, META_SIZE))
		goto out;

		test_pass = true;
		out:
		return TC_ACT_SHOT;
		}

		@@ -129,14 +126,12 @@ int ing_cls_dynptr_slice_rdwr(struct __sk_buff *ctx)
		SEC("tc")
		int ing_cls_dynptr_offset_rd(struct __sk_buff *ctx)
		{
		struct bpf_dynptr meta;
		const __u32 chunk_len = META_SIZE / 4;
		const __u32 zero = 0;
		__u8 meta_have[META_SIZE];
		struct bpf_dynptr meta;
		__u8 dst, src;

		dst = bpf_map_lookup_elem(&test_result, &zero);
		if (!dst)
		return TC_ACT_SHOT;
		dst = meta_have;

		/* 1. Regular read */
		bpf_dynptr_from_skb_meta(ctx, 0, &meta);
		@@ -155,9 +150,14 @@ int ing_cls_dynptr_offset_rd(struct __sk_buff *ctx)
		/* 4. Read from a slice starting at an offset */
		src = bpf_dynptr_slice(&meta, 2 * chunk_len, NULL, chunk_len);
		if (!src)
		return TC_ACT_SHOT;
		goto out;
		__builtin_memcpy(dst, src, chunk_len);

		if (__builtin_memcmp(meta_want, meta_have, META_SIZE))
		goto out;

		test_pass = true;
		out:
		return TC_ACT_SHOT;
		}