• Joanne Koong's avatar
    selftests/bpf: tests for using dynptrs to parse skb and xdp buffers · cfa7b011
    Joanne Koong authored
    Test skb and xdp dynptr functionality in the following ways:
    
    1) progs/test_cls_redirect_dynptr.c
       * Rewrite "progs/test_cls_redirect.c" test to use dynptrs to parse
         skb data
    
       * This is a great example of how dynptrs can be used to simplify a
         lot of the parsing logic for non-statically known values.
    
         When measuring the user + system time between the original version
         vs. using dynptrs, and averaging the time for 10 runs (using
         "time ./test_progs -t cls_redirect"):
             original version: 0.092 sec
             with dynptrs: 0.078 sec
    
    2) progs/test_xdp_dynptr.c
       * Rewrite "progs/test_xdp.c" test to use dynptrs to parse xdp data
    
         When measuring the user + system time between the original version
         vs. using dynptrs, and averaging the time for 10 runs (using
         "time ./test_progs -t xdp_attach"):
             original version: 0.118 sec
             with dynptrs: 0.094 sec
    
    3) progs/test_l4lb_noinline_dynptr.c
       * Rewrite "progs/test_l4lb_noinline.c" test to use dynptrs to parse
         skb data
    
         When measuring the user + system time between the original version
         vs. using dynptrs, and averaging the time for 10 runs (using
         "time ./test_progs -t l4lb_all"):
             original version: 0.062 sec
             with dynptrs: 0.081 sec
    
         For number of processed verifier instructions:
             original version: 6268 insns
             with dynptrs: 2588 insns
    
    4) progs/test_parse_tcp_hdr_opt_dynptr.c
       * Add sample code for parsing tcp hdr opt lookup using dynptrs.
         This logic is lifted from a real-world use case of packet parsing
         in katran [0], a layer 4 load balancer. The original version
         "progs/test_parse_tcp_hdr_opt.c" (not using dynptrs) is included
         here as well, for comparison.
    
         When measuring the user + system time between the original version
         vs. using dynptrs, and averaging the time for 10 runs (using
         "time ./test_progs -t parse_tcp_hdr_opt"):
             original version: 0.031 sec
             with dynptrs: 0.045 sec
    
    5) progs/dynptr_success.c
       * Add test case "test_skb_readonly" for testing attempts at writes
         on a prog type with read-only skb ctx.
       * Add "test_dynptr_skb_data" for testing that bpf_dynptr_data isn't
         supported for skb progs.
    
    6) progs/dynptr_fail.c
       * Add test cases "skb_invalid_data_slice{1,2,3,4}" and
         "xdp_invalid_data_slice{1,2}" for testing that helpers that modify the
         underlying packet buffer automatically invalidate the associated
         data slice.
       * Add test cases "skb_invalid_ctx" and "xdp_invalid_ctx" for testing
         that prog types that do not support bpf_dynptr_from_skb/xdp don't
         have access to the API.
       * Add test case "dynptr_slice_var_len{1,2}" for testing that
         variable-sized len can't be passed in to bpf_dynptr_slice
       * Add test case "skb_invalid_slice_write" for testing that writes to a
         read-only data slice are rejected by the verifier.
       * Add test case "data_slice_out_of_bounds_skb" for testing that
         writes to an area outside the slice are rejected.
       * Add test case "invalid_slice_rdwr_rdonly" for testing that prog
         types that don't allow writes to packet data don't accept any calls
         to bpf_dynptr_slice_rdwr.
    
    [0] https://github.com/facebookincubator/katran/blob/main/katran/lib/bpf/pckt_parsing.hSigned-off-by: default avatarJoanne Koong <joannelkoong@gmail.com>
    Acked-by: default avatarAndrii Nakryiko <andrii@kernel.org>
    Link: https://lore.kernel.org/r/20230301154953.641654-11-joannelkoong@gmail.comSigned-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    cfa7b011
xdp_attach.c 2.54 KB