Commit 24bdfdd2 authored by Maxim Mikityanskiy's avatar Maxim Mikityanskiy Committed by Andrii Nakryiko
Browse files

selftests/bpf: Fix xdp_synproxy build failure if CONFIG_NF_CONNTRACK=m/n 



When CONFIG_NF_CONNTRACK=m, struct bpf_ct_opts and enum member
BPF_F_CURRENT_NETNS are not exposed. This commit allows building the
xdp_synproxy selftest in such cases. Note that nf_conntrack must be
loaded before running the test if it's compiled as a module.

This commit also allows this selftest to be successfully compiled when
CONFIG_NF_CONNTRACK is disabled.

One unused local variable of type struct bpf_ct_opts is also removed.

Fixes: fb5cd0ce ("selftests/bpf: Add selftests for raw syncookie helpers")
Reported-by: default avatarYauheni Kaliuta <ykaliuta@redhat.com>
Signed-off-by: default avatarMaxim Mikityanskiy <maximmi@nvidia.com>
Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20220708130319.1016294-1-maximmi@nvidia.com
parent 06cd4e9d

tools/testing/selftests/bpf/progs/xdp_synproxy_kern.c

+17 −7
Original line number Diff line number Diff line
@@ -77,16 +77,30 @@ struct { 
	__uint(max_entries, MAX_ALLOWED_PORTS);

} allowed_ports SEC(".maps");



/* Some symbols defined in net/netfilter/nf_conntrack_bpf.c are unavailable in

 * vmlinux.h if CONFIG_NF_CONNTRACK=m, so they are redefined locally.

 */



struct bpf_ct_opts___local {

	s32 netns_id;

	s32 error;

	u8 l4proto;

	u8 dir;

	u8 reserved[2];

} __attribute__((preserve_access_index));



#define BPF_F_CURRENT_NETNS (-1)



extern struct nf_conn *bpf_xdp_ct_lookup(struct xdp_md *xdp_ctx,

					 struct bpf_sock_tuple *bpf_tuple,

					 __u32 len_tuple,

					 struct bpf_ct_opts *opts,

					 struct bpf_ct_opts___local *opts,

					 __u32 len_opts) __ksym;



extern struct nf_conn *bpf_skb_ct_lookup(struct __sk_buff *skb_ctx,

					 struct bpf_sock_tuple *bpf_tuple,

					 u32 len_tuple,

					 struct bpf_ct_opts *opts,

					 struct bpf_ct_opts___local *opts,

					 u32 len_opts) __ksym;



extern void bpf_ct_release(struct nf_conn *ct) __ksym;
@@ -393,7 +407,7 @@ static __always_inline int tcp_dissect(void *data, void *data_end, 


static __always_inline int tcp_lookup(void *ctx, struct header_pointers *hdr, bool xdp)

{

	struct bpf_ct_opts ct_lookup_opts = {

	struct bpf_ct_opts___local ct_lookup_opts = {

		.netns_id = BPF_F_CURRENT_NETNS,

		.l4proto = IPPROTO_TCP,

	};
@@ -714,10 +728,6 @@ static __always_inline int syncookie_handle_ack(struct header_pointers *hdr) 
static __always_inline int syncookie_part1(void *ctx, void *data, void *data_end,

					   struct header_pointers *hdr, bool xdp)

{

	struct bpf_ct_opts ct_lookup_opts = {

		.netns_id = BPF_F_CURRENT_NETNS,

		.l4proto = IPPROTO_TCP,

	};

	int ret;



	ret = tcp_dissect(data, data_end, hdr);