Skip to content

Commit 740a3d6

Browse files
musamaanjumKernel Patches Daemon
musamaanjum
authored and
Kernel Patches Daemon
committed
selftests/bpf: Move test_dev_cgroup to prog_tests
Move test_dev_cgroup.c to prog_tests/dev_cgroup.c to be able to run it with test_progs. Replace dev_cgroup.bpf.o with skel header file, dev_cgroup.skel.h and load program from it accourdingly. ./test_progs -t test_dev_cgroup mknod: /tmp/test_dev_cgroup_null: Operation not permitted 64+0 records in 64+0 records out 32768 bytes (33 kB, 32 KiB) copied, 0.000856684 s, 38.2 MB/s dd: failed to open '/dev/full': Operation not permitted dd: failed to open '/dev/random': Operation not permitted #365 test_dev_cgroup:OK Summary: 1/0 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Muhammad Usama Anjum <[email protected]>
1 parent e281ca8 commit 740a3d6

File tree

2 files changed

+58
-85
lines changed

2 files changed

+58
-85
lines changed

tools/testing/selftests/bpf/prog_tests/dev_cgroup.c

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
// SPDX-License-Identifier: GPL-2.0-only
2+
/* Copyright (c) 2017 Facebook
3+
*/
4+
5+
#include <test_progs.h>
6+
#include <time.h>
7+
#include "cgroup_helpers.h"
8+
#include "dev_cgroup.skel.h"
9+
10+
#define TEST_CGROUP "/test-bpf-based-device-cgroup/"
11+
12+
void test_dev_cgroup(void)
13+
{
14+
struct dev_cgroup *skel;
15+
int cgroup_fd, err;
16+
__u32 prog_cnt;
17+
18+
skel = dev_cgroup__open_and_load();
19+
if (!ASSERT_OK_PTR(skel, "skel_open_and_load"))
20+
goto cleanup;
21+
22+
cgroup_fd = cgroup_setup_and_join(TEST_CGROUP);
23+
if (!ASSERT_GT(cgroup_fd, 0, "cgroup_setup_and_join"))
24+
goto cleanup;
25+
26+
err = bpf_prog_attach(bpf_program__fd(skel->progs.bpf_prog1), cgroup_fd,
27+
BPF_CGROUP_DEVICE, 0);
28+
if (!ASSERT_EQ(err, 0, "bpf_attach"))
29+
goto cleanup;
30+
31+
err = bpf_prog_query(cgroup_fd, BPF_CGROUP_DEVICE, 0, NULL, NULL, &prog_cnt);
32+
if (!ASSERT_EQ(err, 0, "bpf_query") || (!ASSERT_EQ(prog_cnt, 1, "bpf_query")))
33+
goto cleanup;
34+
35+
/* All operations with /dev/zero and /dev/urandom are allowed,
36+
* everything else is forbidden.
37+
*/
38+
ASSERT_EQ(system("rm -f /tmp/test_dev_cgroup_null"), 0, "rm");
39+
ASSERT_NEQ(system("mknod /tmp/test_dev_cgroup_null c 1 3"), 0, "mknod");
40+
ASSERT_EQ(system("rm -f /tmp/test_dev_cgroup_null"), 0, "rm");
41+
42+
/* /dev/zero is whitelisted */
43+
ASSERT_EQ(system("rm -f /tmp/test_dev_cgroup_zero"), 0, "rm");
44+
ASSERT_EQ(system("mknod /tmp/test_dev_cgroup_zero c 1 5"), 0, "mknod");
45+
ASSERT_EQ(system("rm -f /tmp/test_dev_cgroup_zero"), 0, "rm");
46+
47+
ASSERT_EQ(system("dd if=/dev/urandom of=/dev/zero count=64"), 0, "dd");
48+
49+
/* src is allowed, target is forbidden */
50+
ASSERT_NEQ(system("dd if=/dev/urandom of=/dev/full count=64"), 0, "dd");
51+
52+
/* src is forbidden, target is allowed */
53+
ASSERT_NEQ(system("dd if=/dev/random of=/dev/zero count=64"), 0, "dd");
54+
55+
cleanup:
56+
cleanup_cgroup_environment();
57+
dev_cgroup__destroy(skel);
58+
}

tools/testing/selftests/bpf/test_dev_cgroup.c

Lines changed: 0 additions & 85 deletions
This file was deleted.

0 commit comments

Comments
 (0)