Message ID | 20201118001742.85005-4-sdf@google.com (mailing list archive) |
---|---|
State | New, archived |
Delegated to: | BPF |
Headers | show |
Series | bpf: expose bpf_{s,g}etsockopt helpers to bind{4,6} hooks | expand |
Context | Check | Description |
---|---|---|
netdev/cover_letter | success | Link |
netdev/fixes_present | success | Link |
netdev/patch_count | success | Link |
netdev/tree_selection | success | Clearly marked for bpf-next |
netdev/subject_prefix | success | Link |
netdev/source_inline | success | Was 0 now: 0 |
netdev/verify_signedoff | success | Link |
netdev/module_param | success | Was 0 now: 0 |
netdev/build_32bit | success | Errors and warnings before: 0 this patch: 0 |
netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
netdev/verify_fixes | success | Link |
netdev/checkpatch | warning | CHECK: Alignment should match open parenthesis WARNING: plain inline is preferred over __inline |
netdev/build_allmodconfig_warn | success | Errors and warnings before: 0 this patch: 0 |
netdev/header_inline | success | Link |
netdev/stable | success | Stable not CCed |
On Tue, Nov 17, 2020 at 4:20 PM Stanislav Fomichev <sdf@google.com> wrote: > > To make sure it doesn't trigger sock_owned_by_me splat. > > Signed-off-by: Stanislav Fomichev <sdf@google.com> > --- Acked-by: Andrii Nakryiko <andrii@kernel.org> > .../testing/selftests/bpf/progs/bind4_prog.c | 31 +++++++++++++++++++ > .../testing/selftests/bpf/progs/bind6_prog.c | 31 +++++++++++++++++++ > 2 files changed, 62 insertions(+) > > diff --git a/tools/testing/selftests/bpf/progs/bind4_prog.c b/tools/testing/selftests/bpf/progs/bind4_prog.c > index ff3def2ee6f9..9d1d8d642edc 100644 > --- a/tools/testing/selftests/bpf/progs/bind4_prog.c > +++ b/tools/testing/selftests/bpf/progs/bind4_prog.c > @@ -19,8 +19,35 @@ > #define SERV4_REWRITE_IP 0x7f000001U /* 127.0.0.1 */ > #define SERV4_REWRITE_PORT 4444 > > +#ifndef IFNAMSIZ > +#define IFNAMSIZ 16 > +#endif > + > int _version SEC("version") = 1; nit: would be nice to drop this anachronism > [...] > diff --git a/tools/testing/selftests/bpf/progs/bind6_prog.c b/tools/testing/selftests/bpf/progs/bind6_prog.c > index 97686baaae65..a443927dae53 100644 > --- a/tools/testing/selftests/bpf/progs/bind6_prog.c > +++ b/tools/testing/selftests/bpf/progs/bind6_prog.c > @@ -25,8 +25,35 @@ > #define SERV6_REWRITE_IP_3 0x00000001 > #define SERV6_REWRITE_PORT 6666 > > +#ifndef IFNAMSIZ > +#define IFNAMSIZ 16 > +#endif > + > int _version SEC("version") = 1; nit: same > [...]
diff --git a/tools/testing/selftests/bpf/progs/bind4_prog.c b/tools/testing/selftests/bpf/progs/bind4_prog.c index ff3def2ee6f9..9d1d8d642edc 100644 --- a/tools/testing/selftests/bpf/progs/bind4_prog.c +++ b/tools/testing/selftests/bpf/progs/bind4_prog.c @@ -19,8 +19,35 @@ #define SERV4_REWRITE_IP 0x7f000001U /* 127.0.0.1 */ #define SERV4_REWRITE_PORT 4444 +#ifndef IFNAMSIZ +#define IFNAMSIZ 16 +#endif + int _version SEC("version") = 1; +static __inline int bind_to_device(struct bpf_sock_addr *ctx) +{ + char veth1[IFNAMSIZ] = "test_sock_addr1"; + char veth2[IFNAMSIZ] = "test_sock_addr2"; + char missing[IFNAMSIZ] = "nonexistent_dev"; + char del_bind[IFNAMSIZ] = ""; + + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &veth1, sizeof(veth1))) + return 1; + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &veth2, sizeof(veth2))) + return 1; + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &missing, sizeof(missing)) != -ENODEV) + return 1; + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &del_bind, sizeof(del_bind))) + return 1; + + return 0; +} + SEC("cgroup/bind4") int bind_v4_prog(struct bpf_sock_addr *ctx) { @@ -64,6 +91,10 @@ int bind_v4_prog(struct bpf_sock_addr *ctx) if (ctx->user_ip4 != user_ip4) return 0; + /* Bind to device and unbind it. */ + if (bind_to_device(ctx)) + return 0; + ctx->user_ip4 = bpf_htonl(SERV4_REWRITE_IP); ctx->user_port = bpf_htons(SERV4_REWRITE_PORT); diff --git a/tools/testing/selftests/bpf/progs/bind6_prog.c b/tools/testing/selftests/bpf/progs/bind6_prog.c index 97686baaae65..a443927dae53 100644 --- a/tools/testing/selftests/bpf/progs/bind6_prog.c +++ b/tools/testing/selftests/bpf/progs/bind6_prog.c @@ -25,8 +25,35 @@ #define SERV6_REWRITE_IP_3 0x00000001 #define SERV6_REWRITE_PORT 6666 +#ifndef IFNAMSIZ +#define IFNAMSIZ 16 +#endif + int _version SEC("version") = 1; +static __inline int bind_to_device(struct bpf_sock_addr *ctx) +{ + char veth1[IFNAMSIZ] = "test_sock_addr1"; + char veth2[IFNAMSIZ] = "test_sock_addr2"; + char missing[IFNAMSIZ] = "nonexistent_dev"; + char del_bind[IFNAMSIZ] = ""; + + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &veth1, sizeof(veth1))) + return 1; + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &veth2, sizeof(veth2))) + return 1; + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &missing, sizeof(missing)) != -ENODEV) + return 1; + if (bpf_setsockopt(ctx, SOL_SOCKET, SO_BINDTODEVICE, + &del_bind, sizeof(del_bind))) + return 1; + + return 0; +} + SEC("cgroup/bind6") int bind_v6_prog(struct bpf_sock_addr *ctx) { @@ -78,6 +105,10 @@ int bind_v6_prog(struct bpf_sock_addr *ctx) return 0; } + /* Bind to device and unbind it. */ + if (bind_to_device(ctx)) + return 0; + ctx->user_ip6[0] = bpf_htonl(SERV6_REWRITE_IP_0); ctx->user_ip6[1] = bpf_htonl(SERV6_REWRITE_IP_1); ctx->user_ip6[2] = bpf_htonl(SERV6_REWRITE_IP_2);
To make sure it doesn't trigger sock_owned_by_me splat. Signed-off-by: Stanislav Fomichev <sdf@google.com> --- .../testing/selftests/bpf/progs/bind4_prog.c | 31 +++++++++++++++++++ .../testing/selftests/bpf/progs/bind6_prog.c | 31 +++++++++++++++++++ 2 files changed, 62 insertions(+)