1// SPDX-License-Identifier: GPL-2.0
2/* Copyright (c) 2020 Facebook */
3
4#define _GNU_SOURCE
5#include <netinet/in.h>
6#include <arpa/inet.h>
7#include <unistd.h>
8#include <stdlib.h>
9#include <string.h>
10#include <errno.h>
11#include <sched.h>
12#include <net/if.h>
13#include <linux/compiler.h>
14#include <bpf/libbpf.h>
15
16#include "network_helpers.h"
17#include "test_progs.h"
18#include "test_btf_skc_cls_ingress.skel.h"
19
20static struct test_btf_skc_cls_ingress *skel;
21static struct sockaddr_in6 srv_sa6;
22static __u32 duration;
23
24static int prepare_netns(void)
25{
26 LIBBPF_OPTS(bpf_tc_hook, qdisc_lo, .attach_point = BPF_TC_INGRESS);
27 LIBBPF_OPTS(bpf_tc_opts, tc_attach,
28 .prog_fd = bpf_program__fd(skel->progs.cls_ingress));
29
30 if (CHECK(unshare(CLONE_NEWNET), "create netns",
31 "unshare(CLONE_NEWNET): %s (%d)",
32 strerror(errno), errno))
33 return -1;
34
35 if (CHECK(system("ip link set dev lo up"),
36 "ip link set dev lo up", "failed\n"))
37 return -1;
38
39 qdisc_lo.ifindex = if_nametoindex("lo");
40 if (!ASSERT_OK(bpf_tc_hook_create(&qdisc_lo), "qdisc add dev lo clsact"))
41 return -1;
42
43 if (!ASSERT_OK(bpf_tc_attach(&qdisc_lo, &tc_attach),
44 "filter add dev lo ingress"))
45 return -1;
46
47 /* Ensure 20 bytes options (i.e. in total 40 bytes tcp header) for the
48 * bpf_tcp_gen_syncookie() helper.
49 */
50 if (write_sysctl("/proc/sys/net/ipv4/tcp_window_scaling", "1") ||
51 write_sysctl("/proc/sys/net/ipv4/tcp_timestamps", "1") ||
52 write_sysctl("/proc/sys/net/ipv4/tcp_sack", "1"))
53 return -1;
54
55 return 0;
56}
57
58static void reset_test(void)
59{
60 memset(&skel->bss->srv_sa6, 0, sizeof(skel->bss->srv_sa6));
61 skel->bss->listen_tp_sport = 0;
62 skel->bss->req_sk_sport = 0;
63 skel->bss->recv_cookie = 0;
64 skel->bss->gen_cookie = 0;
65 skel->bss->linum = 0;
66}
67
68static void print_err_line(void)
69{
70 if (skel->bss->linum)
71 printf("bpf prog error at line %u\n", skel->bss->linum);
72}
73
74static void test_conn(void)
75{
76 int listen_fd = -1, cli_fd = -1, srv_fd = -1, err;
77 socklen_t addrlen = sizeof(srv_sa6);
78 int srv_port;
79
80 if (write_sysctl("/proc/sys/net/ipv4/tcp_syncookies", "1"))
81 return;
82
83 listen_fd = start_server(AF_INET6, SOCK_STREAM, "::1", 0, 0);
84 if (CHECK_FAIL(listen_fd == -1))
85 return;
86
87 err = getsockname(listen_fd, (struct sockaddr *)&srv_sa6, &addrlen);
88 if (CHECK(err, "getsockname(listen_fd)", "err:%d errno:%d\n", err,
89 errno))
90 goto done;
91 memcpy(&skel->bss->srv_sa6, &srv_sa6, sizeof(srv_sa6));
92 srv_port = ntohs(srv_sa6.sin6_port);
93
94 cli_fd = connect_to_fd(listen_fd, 0);
95 if (CHECK_FAIL(cli_fd == -1))
96 goto done;
97
98 srv_fd = accept(listen_fd, NULL, NULL);
99 if (CHECK_FAIL(srv_fd == -1))
100 goto done;
101
102 if (CHECK(skel->bss->listen_tp_sport != srv_port ||
103 skel->bss->req_sk_sport != srv_port,
104 "Unexpected sk src port",
105 "listen_tp_sport:%u req_sk_sport:%u expected:%u\n",
106 skel->bss->listen_tp_sport, skel->bss->req_sk_sport,
107 srv_port))
108 goto done;
109
110 if (CHECK(skel->bss->gen_cookie || skel->bss->recv_cookie,
111 "Unexpected syncookie states",
112 "gen_cookie:%u recv_cookie:%u\n",
113 skel->bss->gen_cookie, skel->bss->recv_cookie))
114 goto done;
115
116 CHECK(skel->bss->linum, "bpf prog detected error", "at line %u\n",
117 skel->bss->linum);
118
119done:
120 if (listen_fd != -1)
121 close(listen_fd);
122 if (cli_fd != -1)
123 close(cli_fd);
124 if (srv_fd != -1)
125 close(srv_fd);
126}
127
128static void test_syncookie(void)
129{
130 int listen_fd = -1, cli_fd = -1, srv_fd = -1, err;
131 socklen_t addrlen = sizeof(srv_sa6);
132 int srv_port;
133
134 /* Enforce syncookie mode */
135 if (write_sysctl("/proc/sys/net/ipv4/tcp_syncookies", "2"))
136 return;
137
138 listen_fd = start_server(AF_INET6, SOCK_STREAM, "::1", 0, 0);
139 if (CHECK_FAIL(listen_fd == -1))
140 return;
141
142 err = getsockname(listen_fd, (struct sockaddr *)&srv_sa6, &addrlen);
143 if (CHECK(err, "getsockname(listen_fd)", "err:%d errno:%d\n", err,
144 errno))
145 goto done;
146 memcpy(&skel->bss->srv_sa6, &srv_sa6, sizeof(srv_sa6));
147 srv_port = ntohs(srv_sa6.sin6_port);
148
149 cli_fd = connect_to_fd(listen_fd, 0);
150 if (CHECK_FAIL(cli_fd == -1))
151 goto done;
152
153 srv_fd = accept(listen_fd, NULL, NULL);
154 if (CHECK_FAIL(srv_fd == -1))
155 goto done;
156
157 if (CHECK(skel->bss->listen_tp_sport != srv_port,
158 "Unexpected tp src port",
159 "listen_tp_sport:%u expected:%u\n",
160 skel->bss->listen_tp_sport, srv_port))
161 goto done;
162
163 if (CHECK(skel->bss->req_sk_sport,
164 "Unexpected req_sk src port",
165 "req_sk_sport:%u expected:0\n",
166 skel->bss->req_sk_sport))
167 goto done;
168
169 if (CHECK(!skel->bss->gen_cookie ||
170 skel->bss->gen_cookie != skel->bss->recv_cookie,
171 "Unexpected syncookie states",
172 "gen_cookie:%u recv_cookie:%u\n",
173 skel->bss->gen_cookie, skel->bss->recv_cookie))
174 goto done;
175
176 CHECK(skel->bss->linum, "bpf prog detected error", "at line %u\n",
177 skel->bss->linum);
178
179done:
180 if (listen_fd != -1)
181 close(listen_fd);
182 if (cli_fd != -1)
183 close(cli_fd);
184 if (srv_fd != -1)
185 close(srv_fd);
186}
187
188struct test {
189 const char *desc;
190 void (*run)(void);
191};
192
193#define DEF_TEST(name) { #name, test_##name }
194static struct test tests[] = {
195 DEF_TEST(conn),
196 DEF_TEST(syncookie),
197};
198
199void test_btf_skc_cls_ingress(void)
200{
201 int i;
202
203 skel = test_btf_skc_cls_ingress__open_and_load();
204 if (CHECK(!skel, "test_btf_skc_cls_ingress__open_and_load", "failed\n"))
205 return;
206
207 for (i = 0; i < ARRAY_SIZE(tests); i++) {
208 if (!test__start_subtest(tests[i].desc))
209 continue;
210
211 if (prepare_netns())
212 break;
213
214 tests[i].run();
215
216 print_err_line();
217 reset_test();
218 }
219
220 test_btf_skc_cls_ingress__destroy(skel);
221}
222

source code of linux/tools/testing/selftests/bpf/prog_tests/btf_skc_cls_ingress.c