-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sys/linux: ingress UDP coverage #1594
Comments
The referenced commit contains few tests I used. The one with syz_emit_ethernet does not work yet. |
Even without IFF_NAPI_FRAGS, all packets we inject get rejected on the following check:
Somehow we need to get something other than PACKET_OTHERHOST... |
I've managed to create a packet that reaches wg_receive, that is:
Had to enumerate all possible combinations of local/remote mac, However, this is only without IFF_NAPI_FRAGS. With IFF_NAPI_FRAGS it
|
Fix the packet injection in udp test. Now we know how to do it! And without IFF_NAPI_FRAGS it actually reaches the socket. Update #1594
See discussion on #1590 for some context.
It's important to cover network ingress paths, but it's unclear if we are doing good job there.
For example, we don't seem to cover even udp_unicast_rcv_skb in net/ipv4/udp.c which is required to cover both UDP stack and, for example, wireguard (which should be reached via udp_queue_rcv_one_skb->encap_rcv).
Maybe these parts are only executed in background threads? But most likely there is something else. Either way we need to understand what exactly is it and if it's async paths, if it's possible to cover them with the remote coverage facility.
Another observation is that IFF_NAPI_FRAGS for tun diverges execution to completely different paths (something called gso). But it's unclear if it affects our ability to cover udp stack or not. Without IFF_NAPI_FRAGS I seem to get more coverage overall, but still no coverage of udp_unicast_rcv_skb.
If we remove IFF_NAPI_FRAGS, most likely we also need to remove IFF_NAPI (this actually affects our current fallback for failed IFF_NAPI_FRAGS). IFF_NAPI without IFF_NAPI_FRAGS leads to async receive path, which is bad for us.
The text was updated successfully, but these errors were encountered: