Commit b62eba56 authored by Jesper Dangaard Brouer's avatar Jesper Dangaard Brouer Committed by Daniel Borkmann
Browse files

selftests/bpf: Tests using bpf_check_mtu BPF-helper 



Adding selftest for BPF-helper bpf_check_mtu(). Making sure
it can be used from both XDP and TC.

V16:
 - Fix 'void' function definition

V11:
 - Addresse nitpicks from Andrii Nakryiko

V10:
 - Remove errno non-zero test in CHECK_ATTR()
 - Addresse comments from Andrii Nakryiko

Signed-off-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Acked-by: default avatarAndrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/161287791989.790810.13612620012522164562.stgit@firesoul
parent 6b8838be

tools/testing/selftests/bpf/prog_tests/check_mtu.c

0 → 100644
+216 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0

/* Copyright (c) 2020 Jesper Dangaard Brouer */



#include <linux/if_link.h> /* before test_progs.h, avoid bpf_util.h redefines */

#include <test_progs.h>

#include "test_check_mtu.skel.h"

#include "network_helpers.h"



#include <stdlib.h>

#include <inttypes.h>



#define IFINDEX_LO 1



static __u32 duration; /* Hint: needed for CHECK macro */



static int read_mtu_device_lo(void)

{

	const char *filename = "/sys/class/net/lo/mtu";

	char buf[11] = {};

	int value, n, fd;



	fd = open(filename, 0, O_RDONLY);

	if (fd == -1)

		return -1;



	n = read(fd, buf, sizeof(buf));

	close(fd);



	if (n == -1)

		return -2;



	value = strtoimax(buf, NULL, 10);

	if (errno == ERANGE)

		return -3;



	return value;

}



static void test_check_mtu_xdp_attach(void)

{

	struct bpf_link_info link_info;

	__u32 link_info_len = sizeof(link_info);

	struct test_check_mtu *skel;

	struct bpf_program *prog;

	struct bpf_link *link;

	int err = 0;

	int fd;



	skel = test_check_mtu__open_and_load();

	if (CHECK(!skel, "open and load skel", "failed"))

		return; /* Exit if e.g. helper unknown to kernel */



	prog = skel->progs.xdp_use_helper_basic;



	link = bpf_program__attach_xdp(prog, IFINDEX_LO);

	if (CHECK(IS_ERR(link), "link_attach", "failed: %ld\n", PTR_ERR(link)))

		goto out;

	skel->links.xdp_use_helper_basic = link;



	memset(&link_info, 0, sizeof(link_info));

	fd = bpf_link__fd(link);

	err = bpf_obj_get_info_by_fd(fd, &link_info, &link_info_len);

	if (CHECK(err, "link_info", "failed: %d\n", err))

		goto out;



	CHECK(link_info.type != BPF_LINK_TYPE_XDP, "link_type",

	      "got %u != exp %u\n", link_info.type, BPF_LINK_TYPE_XDP);

	CHECK(link_info.xdp.ifindex != IFINDEX_LO, "link_ifindex",

	      "got %u != exp %u\n", link_info.xdp.ifindex, IFINDEX_LO);



	err = bpf_link__detach(link);

	CHECK(err, "link_detach", "failed %d\n", err);



out:

	test_check_mtu__destroy(skel);

}



static void test_check_mtu_run_xdp(struct test_check_mtu *skel,

				   struct bpf_program *prog,

				   __u32 mtu_expect)

{

	const char *prog_name = bpf_program__name(prog);

	int retval_expect = XDP_PASS;

	__u32 mtu_result = 0;

	char buf[256] = {};

	int err;

	struct bpf_prog_test_run_attr tattr = {

		.repeat = 1,

		.data_in = &pkt_v4,

		.data_size_in = sizeof(pkt_v4),

		.data_out = buf,

		.data_size_out = sizeof(buf),

		.prog_fd = bpf_program__fd(prog),

	};



	err = bpf_prog_test_run_xattr(&tattr);

	CHECK_ATTR(err != 0, "bpf_prog_test_run",

		   "prog_name:%s (err %d errno %d retval %d)\n",

		   prog_name, err, errno, tattr.retval);



	CHECK(tattr.retval != retval_expect, "retval",

	      "progname:%s unexpected retval=%d expected=%d\n",

	      prog_name, tattr.retval, retval_expect);



	/* Extract MTU that BPF-prog got */

	mtu_result = skel->bss->global_bpf_mtu_xdp;

	ASSERT_EQ(mtu_result, mtu_expect, "MTU-compare-user");

}





static void test_check_mtu_xdp(__u32 mtu, __u32 ifindex)

{

	struct test_check_mtu *skel;

	int err;



	skel = test_check_mtu__open();

	if (CHECK(!skel, "skel_open", "failed"))

		return;



	/* Update "constants" in BPF-prog *BEFORE* libbpf load */

	skel->rodata->GLOBAL_USER_MTU = mtu;

	skel->rodata->GLOBAL_USER_IFINDEX = ifindex;



	err = test_check_mtu__load(skel);

	if (CHECK(err, "skel_load", "failed: %d\n", err))

		goto cleanup;



	test_check_mtu_run_xdp(skel, skel->progs.xdp_use_helper, mtu);

	test_check_mtu_run_xdp(skel, skel->progs.xdp_exceed_mtu, mtu);

	test_check_mtu_run_xdp(skel, skel->progs.xdp_minus_delta, mtu);



cleanup:

	test_check_mtu__destroy(skel);

}



static void test_check_mtu_run_tc(struct test_check_mtu *skel,

				  struct bpf_program *prog,

				  __u32 mtu_expect)

{

	const char *prog_name = bpf_program__name(prog);

	int retval_expect = BPF_OK;

	__u32 mtu_result = 0;

	char buf[256] = {};

	int err;

	struct bpf_prog_test_run_attr tattr = {

		.repeat = 1,

		.data_in = &pkt_v4,

		.data_size_in = sizeof(pkt_v4),

		.data_out = buf,

		.data_size_out = sizeof(buf),

		.prog_fd = bpf_program__fd(prog),

	};



	err = bpf_prog_test_run_xattr(&tattr);

	CHECK_ATTR(err != 0, "bpf_prog_test_run",

		   "prog_name:%s (err %d errno %d retval %d)\n",

		   prog_name, err, errno, tattr.retval);



	CHECK(tattr.retval != retval_expect, "retval",

	      "progname:%s unexpected retval=%d expected=%d\n",

	      prog_name, tattr.retval, retval_expect);



	/* Extract MTU that BPF-prog got */

	mtu_result = skel->bss->global_bpf_mtu_tc;

	ASSERT_EQ(mtu_result, mtu_expect, "MTU-compare-user");

}





static void test_check_mtu_tc(__u32 mtu, __u32 ifindex)

{

	struct test_check_mtu *skel;

	int err;



	skel = test_check_mtu__open();

	if (CHECK(!skel, "skel_open", "failed"))

		return;



	/* Update "constants" in BPF-prog *BEFORE* libbpf load */

	skel->rodata->GLOBAL_USER_MTU = mtu;

	skel->rodata->GLOBAL_USER_IFINDEX = ifindex;



	err = test_check_mtu__load(skel);

	if (CHECK(err, "skel_load", "failed: %d\n", err))

		goto cleanup;



	test_check_mtu_run_tc(skel, skel->progs.tc_use_helper, mtu);

	test_check_mtu_run_tc(skel, skel->progs.tc_exceed_mtu, mtu);

	test_check_mtu_run_tc(skel, skel->progs.tc_exceed_mtu_da, mtu);

	test_check_mtu_run_tc(skel, skel->progs.tc_minus_delta, mtu);

cleanup:

	test_check_mtu__destroy(skel);

}



void test_check_mtu(void)

{

	__u32 mtu_lo;



	if (test__start_subtest("bpf_check_mtu XDP-attach"))

		test_check_mtu_xdp_attach();



	mtu_lo = read_mtu_device_lo();

	if (CHECK(mtu_lo < 0, "reading MTU value", "failed (err:%d)", mtu_lo))

		return;



	if (test__start_subtest("bpf_check_mtu XDP-run"))

		test_check_mtu_xdp(mtu_lo, 0);



	if (test__start_subtest("bpf_check_mtu XDP-run ifindex-lookup"))

		test_check_mtu_xdp(mtu_lo, IFINDEX_LO);



	if (test__start_subtest("bpf_check_mtu TC-run"))

		test_check_mtu_tc(mtu_lo, 0);



	if (test__start_subtest("bpf_check_mtu TC-run ifindex-lookup"))

		test_check_mtu_tc(mtu_lo, IFINDEX_LO);

}

tools/testing/selftests/bpf/progs/test_check_mtu.c

0 → 100644
+198 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0

/* Copyright (c) 2020 Jesper Dangaard Brouer */



#include <linux/bpf.h>

#include <bpf/bpf_helpers.h>

#include <linux/if_ether.h>



#include <stddef.h>

#include <stdint.h>



char _license[] SEC("license") = "GPL";



/* Userspace will update with MTU it can see on device */

static volatile const int GLOBAL_USER_MTU;

static volatile const __u32 GLOBAL_USER_IFINDEX;



/* BPF-prog will update these with MTU values it can see */

__u32 global_bpf_mtu_xdp = 0;

__u32 global_bpf_mtu_tc  = 0;



SEC("xdp")

int xdp_use_helper_basic(struct xdp_md *ctx)

{

	__u32 mtu_len = 0;



	if (bpf_check_mtu(ctx, 0, &mtu_len, 0, 0))

		return XDP_ABORTED;



	return XDP_PASS;

}



SEC("xdp")

int xdp_use_helper(struct xdp_md *ctx)

{

	int retval = XDP_PASS; /* Expected retval on successful test */

	__u32 mtu_len = 0;

	__u32 ifindex = 0;

	int delta = 0;



	/* When ifindex is zero, save net_device lookup and use ctx netdev */

	if (GLOBAL_USER_IFINDEX > 0)

		ifindex = GLOBAL_USER_IFINDEX;



	if (bpf_check_mtu(ctx, ifindex, &mtu_len, delta, 0)) {

		/* mtu_len is also valid when check fail */

		retval = XDP_ABORTED;

		goto out;

	}



	if (mtu_len != GLOBAL_USER_MTU)

		retval = XDP_DROP;



out:

	global_bpf_mtu_xdp = mtu_len;

	return retval;

}



SEC("xdp")

int xdp_exceed_mtu(struct xdp_md *ctx)

{

	void *data_end = (void *)(long)ctx->data_end;

	void *data = (void *)(long)ctx->data;

	__u32 ifindex = GLOBAL_USER_IFINDEX;

	__u32 data_len = data_end - data;

	int retval = XDP_ABORTED; /* Fail */

	__u32 mtu_len = 0;

	int delta;

	int err;



	/* Exceed MTU with 1 via delta adjust */

	delta = GLOBAL_USER_MTU - (data_len - ETH_HLEN) + 1;



	err = bpf_check_mtu(ctx, ifindex, &mtu_len, delta, 0);

	if (err) {

		retval = XDP_PASS; /* Success in exceeding MTU check */

		if (err != BPF_MTU_CHK_RET_FRAG_NEEDED)

			retval = XDP_DROP;

	}



	global_bpf_mtu_xdp = mtu_len;

	return retval;

}



SEC("xdp")

int xdp_minus_delta(struct xdp_md *ctx)

{

	int retval = XDP_PASS; /* Expected retval on successful test */

	void *data_end = (void *)(long)ctx->data_end;

	void *data = (void *)(long)ctx->data;

	__u32 ifindex = GLOBAL_USER_IFINDEX;

	__u32 data_len = data_end - data;

	__u32 mtu_len = 0;

	int delta;



	/* Borderline test case: Minus delta exceeding packet length allowed */

	delta = -((data_len - ETH_HLEN) + 1);



	/* Minus length (adjusted via delta) still pass MTU check, other helpers

	 * are responsible for catching this, when doing actual size adjust

	 */

	if (bpf_check_mtu(ctx, ifindex, &mtu_len, delta, 0))

		retval = XDP_ABORTED;



	global_bpf_mtu_xdp = mtu_len;

	return retval;

}



SEC("classifier")

int tc_use_helper(struct __sk_buff *ctx)

{

	int retval = BPF_OK; /* Expected retval on successful test */

	__u32 mtu_len = 0;

	int delta = 0;



	if (bpf_check_mtu(ctx, 0, &mtu_len, delta, 0)) {

		retval = BPF_DROP;

		goto out;

	}



	if (mtu_len != GLOBAL_USER_MTU)

		retval = BPF_REDIRECT;

out:

	global_bpf_mtu_tc = mtu_len;

	return retval;

}



SEC("classifier")

int tc_exceed_mtu(struct __sk_buff *ctx)

{

	__u32 ifindex = GLOBAL_USER_IFINDEX;

	int retval = BPF_DROP; /* Fail */

	__u32 skb_len = ctx->len;

	__u32 mtu_len = 0;

	int delta;

	int err;



	/* Exceed MTU with 1 via delta adjust */

	delta = GLOBAL_USER_MTU - (skb_len - ETH_HLEN) + 1;



	err = bpf_check_mtu(ctx, ifindex, &mtu_len, delta, 0);

	if (err) {

		retval = BPF_OK; /* Success in exceeding MTU check */

		if (err != BPF_MTU_CHK_RET_FRAG_NEEDED)

			retval = BPF_DROP;

	}



	global_bpf_mtu_tc = mtu_len;

	return retval;

}



SEC("classifier")

int tc_exceed_mtu_da(struct __sk_buff *ctx)

{

	/* SKB Direct-Access variant */

	void *data_end = (void *)(long)ctx->data_end;

	void *data = (void *)(long)ctx->data;

	__u32 ifindex = GLOBAL_USER_IFINDEX;

	__u32 data_len = data_end - data;

	int retval = BPF_DROP; /* Fail */

	__u32 mtu_len = 0;

	int delta;

	int err;



	/* Exceed MTU with 1 via delta adjust */

	delta = GLOBAL_USER_MTU - (data_len - ETH_HLEN) + 1;



	err = bpf_check_mtu(ctx, ifindex, &mtu_len, delta, 0);

	if (err) {

		retval = BPF_OK; /* Success in exceeding MTU check */

		if (err != BPF_MTU_CHK_RET_FRAG_NEEDED)

			retval = BPF_DROP;

	}



	global_bpf_mtu_tc = mtu_len;

	return retval;

}



SEC("classifier")

int tc_minus_delta(struct __sk_buff *ctx)

{

	int retval = BPF_OK; /* Expected retval on successful test */

	__u32 ifindex = GLOBAL_USER_IFINDEX;

	__u32 skb_len = ctx->len;

	__u32 mtu_len = 0;

	int delta;



	/* Borderline test case: Minus delta exceeding packet length allowed */

	delta = -((skb_len - ETH_HLEN) + 1);



	/* Minus length (adjusted via delta) still pass MTU check, other helpers

	 * are responsible for catching this, when doing actual size adjust

	 */

	if (bpf_check_mtu(ctx, ifindex, &mtu_len, delta, 0))

		retval = BPF_DROP;



	global_bpf_mtu_xdp = mtu_len;

	return retval;

}