mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-27 16:25:32 +08:00
0ab5539f85
Add tests to test_progs that exercise: - attaching/detaching/querying programs to BPF_SK_LOOKUP hook, - redirecting socket lookup to a socket selected by BPF program, - failing a socket lookup on BPF program's request, - error scenarios for selecting a socket from BPF program, - accessing BPF program context, - attaching and running multiple BPF programs. Run log: bash-5.0# ./test_progs -n 70 #70/1 query lookup prog:OK #70/2 TCP IPv4 redir port:OK #70/3 TCP IPv4 redir addr:OK #70/4 TCP IPv4 redir with reuseport:OK #70/5 TCP IPv4 redir skip reuseport:OK #70/6 TCP IPv6 redir port:OK #70/7 TCP IPv6 redir addr:OK #70/8 TCP IPv4->IPv6 redir port:OK #70/9 TCP IPv6 redir with reuseport:OK #70/10 TCP IPv6 redir skip reuseport:OK #70/11 UDP IPv4 redir port:OK #70/12 UDP IPv4 redir addr:OK #70/13 UDP IPv4 redir with reuseport:OK #70/14 UDP IPv4 redir skip reuseport:OK #70/15 UDP IPv6 redir port:OK #70/16 UDP IPv6 redir addr:OK #70/17 UDP IPv4->IPv6 redir port:OK #70/18 UDP IPv6 redir and reuseport:OK #70/19 UDP IPv6 redir skip reuseport:OK #70/20 TCP IPv4 drop on lookup:OK #70/21 TCP IPv6 drop on lookup:OK #70/22 UDP IPv4 drop on lookup:OK #70/23 UDP IPv6 drop on lookup:OK #70/24 TCP IPv4 drop on reuseport:OK #70/25 TCP IPv6 drop on reuseport:OK #70/26 UDP IPv4 drop on reuseport:OK #70/27 TCP IPv6 drop on reuseport:OK #70/28 sk_assign returns EEXIST:OK #70/29 sk_assign honors F_REPLACE:OK #70/30 sk_assign accepts NULL socket:OK #70/31 access ctx->sk:OK #70/32 narrow access to ctx v4:OK #70/33 narrow access to ctx v6:OK #70/34 sk_assign rejects TCP established:OK #70/35 sk_assign rejects UDP connected:OK #70/36 multi prog - pass, pass:OK #70/37 multi prog - drop, drop:OK #70/38 multi prog - pass, drop:OK #70/39 multi prog - drop, pass:OK #70/40 multi prog - pass, redir:OK #70/41 multi prog - redir, pass:OK #70/42 multi prog - drop, redir:OK #70/43 multi prog - redir, drop:OK #70/44 multi prog - redir, redir:OK #70 sk_lookup:OK Summary: 1/44 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20200717103536.397595-16-jakub@cloudflare.com
209 lines
4.4 KiB
C
209 lines
4.4 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
#include <errno.h>
|
|
#include <stdbool.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <unistd.h>
|
|
|
|
#include <arpa/inet.h>
|
|
|
|
#include <linux/err.h>
|
|
#include <linux/in.h>
|
|
#include <linux/in6.h>
|
|
|
|
#include "bpf_util.h"
|
|
#include "network_helpers.h"
|
|
|
|
#define clean_errno() (errno == 0 ? "None" : strerror(errno))
|
|
#define log_err(MSG, ...) ({ \
|
|
int __save = errno; \
|
|
fprintf(stderr, "(%s:%d: errno: %s) " MSG "\n", \
|
|
__FILE__, __LINE__, clean_errno(), \
|
|
##__VA_ARGS__); \
|
|
errno = __save; \
|
|
})
|
|
|
|
struct ipv4_packet pkt_v4 = {
|
|
.eth.h_proto = __bpf_constant_htons(ETH_P_IP),
|
|
.iph.ihl = 5,
|
|
.iph.protocol = IPPROTO_TCP,
|
|
.iph.tot_len = __bpf_constant_htons(MAGIC_BYTES),
|
|
.tcp.urg_ptr = 123,
|
|
.tcp.doff = 5,
|
|
};
|
|
|
|
struct ipv6_packet pkt_v6 = {
|
|
.eth.h_proto = __bpf_constant_htons(ETH_P_IPV6),
|
|
.iph.nexthdr = IPPROTO_TCP,
|
|
.iph.payload_len = __bpf_constant_htons(MAGIC_BYTES),
|
|
.tcp.urg_ptr = 123,
|
|
.tcp.doff = 5,
|
|
};
|
|
|
|
static int settimeo(int fd, int timeout_ms)
|
|
{
|
|
struct timeval timeout = { .tv_sec = 3 };
|
|
|
|
if (timeout_ms > 0) {
|
|
timeout.tv_sec = timeout_ms / 1000;
|
|
timeout.tv_usec = (timeout_ms % 1000) * 1000;
|
|
}
|
|
|
|
if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &timeout,
|
|
sizeof(timeout))) {
|
|
log_err("Failed to set SO_RCVTIMEO");
|
|
return -1;
|
|
}
|
|
|
|
if (setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &timeout,
|
|
sizeof(timeout))) {
|
|
log_err("Failed to set SO_SNDTIMEO");
|
|
return -1;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
#define save_errno_close(fd) ({ int __save = errno; close(fd); errno = __save; })
|
|
|
|
int start_server(int family, int type, const char *addr_str, __u16 port,
|
|
int timeout_ms)
|
|
{
|
|
struct sockaddr_storage addr = {};
|
|
socklen_t len;
|
|
int fd;
|
|
|
|
if (make_sockaddr(family, addr_str, port, &addr, &len))
|
|
return -1;
|
|
|
|
fd = socket(family, type, 0);
|
|
if (fd < 0) {
|
|
log_err("Failed to create server socket");
|
|
return -1;
|
|
}
|
|
|
|
if (settimeo(fd, timeout_ms))
|
|
goto error_close;
|
|
|
|
if (bind(fd, (const struct sockaddr *)&addr, len) < 0) {
|
|
log_err("Failed to bind socket");
|
|
goto error_close;
|
|
}
|
|
|
|
if (type == SOCK_STREAM) {
|
|
if (listen(fd, 1) < 0) {
|
|
log_err("Failed to listed on socket");
|
|
goto error_close;
|
|
}
|
|
}
|
|
|
|
return fd;
|
|
|
|
error_close:
|
|
save_errno_close(fd);
|
|
return -1;
|
|
}
|
|
|
|
static int connect_fd_to_addr(int fd,
|
|
const struct sockaddr_storage *addr,
|
|
socklen_t addrlen)
|
|
{
|
|
if (connect(fd, (const struct sockaddr *)addr, addrlen)) {
|
|
log_err("Failed to connect to server");
|
|
return -1;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
int connect_to_fd(int server_fd, int timeout_ms)
|
|
{
|
|
struct sockaddr_storage addr;
|
|
struct sockaddr_in *addr_in;
|
|
socklen_t addrlen, optlen;
|
|
int fd, type;
|
|
|
|
optlen = sizeof(type);
|
|
if (getsockopt(server_fd, SOL_SOCKET, SO_TYPE, &type, &optlen)) {
|
|
log_err("getsockopt(SOL_TYPE)");
|
|
return -1;
|
|
}
|
|
|
|
addrlen = sizeof(addr);
|
|
if (getsockname(server_fd, (struct sockaddr *)&addr, &addrlen)) {
|
|
log_err("Failed to get server addr");
|
|
return -1;
|
|
}
|
|
|
|
addr_in = (struct sockaddr_in *)&addr;
|
|
fd = socket(addr_in->sin_family, type, 0);
|
|
if (fd < 0) {
|
|
log_err("Failed to create client socket");
|
|
return -1;
|
|
}
|
|
|
|
if (settimeo(fd, timeout_ms))
|
|
goto error_close;
|
|
|
|
if (connect_fd_to_addr(fd, &addr, addrlen))
|
|
goto error_close;
|
|
|
|
return fd;
|
|
|
|
error_close:
|
|
save_errno_close(fd);
|
|
return -1;
|
|
}
|
|
|
|
int connect_fd_to_fd(int client_fd, int server_fd, int timeout_ms)
|
|
{
|
|
struct sockaddr_storage addr;
|
|
socklen_t len = sizeof(addr);
|
|
|
|
if (settimeo(client_fd, timeout_ms))
|
|
return -1;
|
|
|
|
if (getsockname(server_fd, (struct sockaddr *)&addr, &len)) {
|
|
log_err("Failed to get server addr");
|
|
return -1;
|
|
}
|
|
|
|
if (connect_fd_to_addr(client_fd, &addr, len))
|
|
return -1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
int make_sockaddr(int family, const char *addr_str, __u16 port,
|
|
struct sockaddr_storage *addr, socklen_t *len)
|
|
{
|
|
if (family == AF_INET) {
|
|
struct sockaddr_in *sin = (void *)addr;
|
|
|
|
sin->sin_family = AF_INET;
|
|
sin->sin_port = htons(port);
|
|
if (addr_str &&
|
|
inet_pton(AF_INET, addr_str, &sin->sin_addr) != 1) {
|
|
log_err("inet_pton(AF_INET, %s)", addr_str);
|
|
return -1;
|
|
}
|
|
if (len)
|
|
*len = sizeof(*sin);
|
|
return 0;
|
|
} else if (family == AF_INET6) {
|
|
struct sockaddr_in6 *sin6 = (void *)addr;
|
|
|
|
sin6->sin6_family = AF_INET6;
|
|
sin6->sin6_port = htons(port);
|
|
if (addr_str &&
|
|
inet_pton(AF_INET6, addr_str, &sin6->sin6_addr) != 1) {
|
|
log_err("inet_pton(AF_INET6, %s)", addr_str);
|
|
return -1;
|
|
}
|
|
if (len)
|
|
*len = sizeof(*sin6);
|
|
return 0;
|
|
}
|
|
return -1;
|
|
}
|