[LTP] [PATCH 0/2] [RFC] BPF testing
Cyril Hrubis
chrubis@suse.cz
Thu Jul 25 16:23:40 CEST 2019
Hi!
> This patch set introduces a very basic test which kicks the tires of the bpf
> system call. It doesn't actually load a eBPF program, I will create another
> test for that. However I have some concerns which I will discuss while doing
> that.
>
> There are already extensive BPF tests in the kernel selftests. These appear to
> be quite complex and test a variety of functionality. They also are far less
> structured than LTP's modern tests and are tied to the kernel tree which makes
> using them in QA a pain. There are also some tests in the BCC project, which
> may test the kernel as a byproduct.
>
> So there are a number of options which are not necessarily mutually exclusive:
>
> 1) Port (some of) the selftests to the LTP.
> 2) Port the LTP library to the selftests.
> 3) Focus the LTP's BPF tests on reproducing specific high impact bugs.
The option 3 sounds good, just FYI there are CVEs some with POCs for BPF,
just by googling "ebpf CVE" you got some:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7308
Also cloudfare blog seems to be very relevant:
https://blog.cloudflare.com/ebpf-cant-count/
And there are some test stuffed in linux/samples/bpf/ as well.
--
Cyril Hrubis
chrubis@suse.cz
More information about the ltp
mailing list