tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

selftests/bpf: Add tests for writing to nf_conn:mark

Add a simple extension to the existing selftest to write to
nf_conn:mark. Also add a failure test for writing to unsupported field.

Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
Link: https://lore.kernel.org/r/f78966b81b9349d2b8ebb4cee2caf15cb6b38ee2.1662568410.git.dxu@dxuuu.xyz
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

authored by

Daniel Xu and committed by
Alexei Starovoitov e2d75e95 864b656f

+23 -2
+2
tools/testing/selftests/bpf/prog_tests/bpf_nf.c
··· 17 17 { "set_status_after_insert", "kernel function bpf_ct_set_status args#0 expected pointer to STRUCT nf_conn___init but" }, 18 18 { "change_timeout_after_alloc", "kernel function bpf_ct_change_timeout args#0 expected pointer to STRUCT nf_conn but" }, 19 19 { "change_status_after_alloc", "kernel function bpf_ct_change_status args#0 expected pointer to STRUCT nf_conn but" }, 20 + { "write_not_allowlisted_field", "no write support to nf_conn at off" }, 20 21 }; 21 22 22 23 enum { ··· 114 113 ASSERT_LE(skel->bss->test_delta_timeout, 10, "Test for max ct timeout update"); 115 114 /* expected status is IPS_SEEN_REPLY */ 116 115 ASSERT_EQ(skel->bss->test_status, 2, "Test for ct status update "); 116 + ASSERT_EQ(skel->bss->test_insert_lookup_mark, 77, "Test for insert and lookup mark value"); 117 117 ASSERT_EQ(skel->data->test_exist_lookup, 0, "Test existing connection lookup"); 118 118 ASSERT_EQ(skel->bss->test_exist_lookup_mark, 43, "Test existing connection lookup ctmark"); 119 119 end:
+7 -2
tools/testing/selftests/bpf/progs/test_bpf_nf.c
··· 23 23 int test_succ_lookup = -ENOENT; 24 24 u32 test_delta_timeout = 0; 25 25 u32 test_status = 0; 26 + u32 test_insert_lookup_mark = 0; 26 27 __be32 saddr = 0; 27 28 __be16 sport = 0; 28 29 __be32 daddr = 0; ··· 145 144 146 145 bpf_ct_set_timeout(ct, 10000); 147 146 bpf_ct_set_status(ct, IPS_CONFIRMED); 147 + ct->mark = 77; 148 148 149 149 ct_ins = bpf_ct_insert_entry(ct); 150 150 if (ct_ins) { ··· 159 157 test_delta_timeout = ct_lk->timeout - bpf_jiffies64(); 160 158 test_delta_timeout /= CONFIG_HZ; 161 159 test_status = IPS_SEEN_REPLY; 160 + test_insert_lookup_mark = ct_lk->mark; 162 161 bpf_ct_change_status(ct_lk, IPS_SEEN_REPLY); 163 162 bpf_ct_release(ct_lk); 164 163 test_succ_lookup = 0; ··· 178 175 sizeof(opts_def)); 179 176 if (ct) { 180 177 test_exist_lookup = 0; 181 - if (ct->mark == 42) 182 - test_exist_lookup_mark = 43; 178 + if (ct->mark == 42) { 179 + ct->mark++; 180 + test_exist_lookup_mark = ct->mark; 181 + } 183 182 bpf_ct_release(ct); 184 183 } else { 185 184 test_exist_lookup = opts_def.error;
+14
tools/testing/selftests/bpf/progs/test_bpf_nf_fail.c
··· 70 70 } 71 71 72 72 SEC("?tc") 73 + int write_not_allowlisted_field(struct __sk_buff *ctx) 74 + { 75 + struct bpf_ct_opts___local opts = {}; 76 + struct bpf_sock_tuple tup = {}; 77 + struct nf_conn *ct; 78 + 79 + ct = bpf_skb_ct_lookup(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 80 + if (!ct) 81 + return 0; 82 + ct->status = 0xF00; 83 + return 0; 84 + } 85 + 86 + SEC("?tc") 73 87 int set_timeout_after_insert(struct __sk_buff *ctx) 74 88 { 75 89 struct bpf_ct_opts___local opts = {};