forked from kernel-patches/bpf
-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
selftests/bpf: Add selftests for cgroup1 hierarchy
Add selftests for cgroup1 hierarchy. The result as follows, $ tools/testing/selftests/bpf/test_progs --name=cgroup1_hierarchy #36/1 cgroup1_hierarchy/test_cgroup1_hierarchy:OK #36/2 cgroup1_hierarchy/test_root_cgid:OK #36/3 cgroup1_hierarchy/test_invalid_level:OK #36/4 cgroup1_hierarchy/test_invalid_cgid:OK #36/5 cgroup1_hierarchy/test_invalid_hid:OK #36/6 cgroup1_hierarchy/test_invalid_cgrp_name:OK #36/7 cgroup1_hierarchy/test_invalid_cgrp_name2:OK #36/8 cgroup1_hierarchy/test_sleepable_prog:OK #36 cgroup1_hierarchy:OK Summary: 1/8 PASSED, 0 SKIPPED, 0 FAILED Besides, I also did some stress test similar to the patch #2 in this series, as follows (with CONFIG_PROVE_RCU_LIST enabled): - Continuously mounting and unmounting named cgroups in some tasks, for example: cgrp_name=$1 while true do mount -t cgroup -o none,name=$cgrp_name none /$cgrp_name umount /$cgrp_name done - Continuously run this selftest concurrently, while true; do ./test_progs --name=cgroup1_hierarchy; done They can ran successfully without any RCU warnings in dmesg. Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
- Loading branch information
Showing
2 changed files
with
231 additions
and
0 deletions.
There are no files selected for viewing
159 changes: 159 additions & 0 deletions
159
tools/testing/selftests/bpf/prog_tests/cgroup1_hierarchy.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,159 @@ | ||
// SPDX-License-Identifier: GPL-2.0 | ||
/* Copyright (C) 2023 Yafang Shao <laoar.shao@gmail.com> */ | ||
|
||
#include <sys/types.h> | ||
#include <unistd.h> | ||
#include <test_progs.h> | ||
#include "cgroup_helpers.h" | ||
#include "test_cgroup1_hierarchy.skel.h" | ||
|
||
static void bpf_cgroup1(struct test_cgroup1_hierarchy *skel) | ||
{ | ||
int err; | ||
|
||
/* Attach LSM prog first */ | ||
skel->links.lsm_run = bpf_program__attach_lsm(skel->progs.lsm_run); | ||
if (!ASSERT_OK_PTR(skel->links.lsm_run, "lsm_attach")) | ||
return; | ||
|
||
/* LSM prog will be triggered when attaching fentry */ | ||
skel->links.fentry_run = bpf_program__attach_trace(skel->progs.fentry_run); | ||
ASSERT_NULL(skel->links.fentry_run, "fentry_attach_fail"); | ||
|
||
err = bpf_link__destroy(skel->links.lsm_run); | ||
ASSERT_OK(err, "destroy_lsm"); | ||
skel->links.lsm_run = NULL; | ||
} | ||
|
||
static void bpf_cgroup1_sleepable(struct test_cgroup1_hierarchy *skel) | ||
{ | ||
int err; | ||
|
||
/* Attach LSM prog first */ | ||
skel->links.lsm_s_run = bpf_program__attach_lsm(skel->progs.lsm_s_run); | ||
if (!ASSERT_OK_PTR(skel->links.lsm_s_run, "lsm_attach")) | ||
return; | ||
|
||
/* LSM prog will be triggered when attaching fentry */ | ||
skel->links.fentry_run = bpf_program__attach_trace(skel->progs.fentry_run); | ||
ASSERT_NULL(skel->links.fentry_run, "fentry_attach_fail"); | ||
|
||
err = bpf_link__destroy(skel->links.lsm_s_run); | ||
ASSERT_OK(err, "destroy_lsm"); | ||
skel->links.lsm_s_run = NULL; | ||
} | ||
|
||
static void bpf_cgroup1_invalid_id(struct test_cgroup1_hierarchy *skel) | ||
{ | ||
int err; | ||
|
||
/* Attach LSM prog first */ | ||
skel->links.lsm_run = bpf_program__attach_lsm(skel->progs.lsm_run); | ||
if (!ASSERT_OK_PTR(skel->links.lsm_run, "lsm_attach")) | ||
return; | ||
|
||
/* LSM prog will be triggered when attaching fentry */ | ||
skel->links.fentry_run = bpf_program__attach_trace(skel->progs.fentry_run); | ||
if (!ASSERT_OK_PTR(skel->links.fentry_run, "fentry_attach_success")) | ||
goto cleanup; | ||
|
||
err = bpf_link__destroy(skel->links.lsm_run); | ||
ASSERT_OK(err, "destroy_lsm"); | ||
skel->links.lsm_run = NULL; | ||
|
||
cleanup: | ||
err = bpf_link__destroy(skel->links.fentry_run); | ||
ASSERT_OK(err, "destroy_fentry"); | ||
skel->links.fentry_run = NULL; | ||
} | ||
|
||
void test_cgroup1_hierarchy(void) | ||
{ | ||
struct test_cgroup1_hierarchy *skel; | ||
__u64 current_cgid; | ||
int hid, err; | ||
|
||
skel = test_cgroup1_hierarchy__open(); | ||
if (!ASSERT_OK_PTR(skel, "open")) | ||
return; | ||
|
||
skel->bss->target_pid = getpid(); | ||
|
||
err = bpf_program__set_attach_target(skel->progs.fentry_run, 0, "bpf_fentry_test1"); | ||
if (!ASSERT_OK(err, "fentry_set_target")) | ||
goto destroy; | ||
|
||
err = test_cgroup1_hierarchy__load(skel); | ||
if (!ASSERT_OK(err, "load")) | ||
goto destroy; | ||
|
||
/* Setup cgroup1 hierarchy */ | ||
err = setup_classid_environment(); | ||
if (!ASSERT_OK(err, "setup_classid_environment")) | ||
goto destroy; | ||
|
||
err = join_classid(); | ||
if (!ASSERT_OK(err, "join_cgroup1")) | ||
goto cleanup; | ||
|
||
current_cgid = get_classid_cgroup_id(); | ||
if (!ASSERT_GE(current_cgid, 0, "cgroup1 id")) | ||
goto cleanup; | ||
|
||
hid = get_cgroup1_hierarchy_id("net_cls"); | ||
if (!ASSERT_GE(hid, 0, "cgroup1 id")) | ||
goto cleanup; | ||
skel->bss->target_hid = hid; | ||
|
||
if (test__start_subtest("test_cgroup1_hierarchy")) { | ||
skel->bss->target_ancestor_cgid = current_cgid; | ||
bpf_cgroup1(skel); | ||
} | ||
|
||
if (test__start_subtest("test_root_cgid")) { | ||
skel->bss->target_ancestor_cgid = 1; | ||
skel->bss->target_ancestor_level = 0; | ||
bpf_cgroup1(skel); | ||
} | ||
|
||
if (test__start_subtest("test_invalid_level")) { | ||
skel->bss->target_ancestor_cgid = 1; | ||
skel->bss->target_ancestor_level = 1; | ||
bpf_cgroup1_invalid_id(skel); | ||
} | ||
|
||
if (test__start_subtest("test_invalid_cgid")) { | ||
skel->bss->target_ancestor_cgid = 0; | ||
bpf_cgroup1_invalid_id(skel); | ||
} | ||
|
||
if (test__start_subtest("test_invalid_hid")) { | ||
skel->bss->target_ancestor_cgid = 1; | ||
skel->bss->target_ancestor_level = 0; | ||
skel->bss->target_hid = -1; | ||
bpf_cgroup1_invalid_id(skel); | ||
} | ||
|
||
if (test__start_subtest("test_invalid_cgrp_name")) { | ||
skel->bss->target_hid = get_cgroup1_hierarchy_id("net_cl"); | ||
skel->bss->target_ancestor_cgid = current_cgid; | ||
bpf_cgroup1_invalid_id(skel); | ||
} | ||
|
||
if (test__start_subtest("test_invalid_cgrp_name2")) { | ||
skel->bss->target_hid = get_cgroup1_hierarchy_id("net_cls,"); | ||
skel->bss->target_ancestor_cgid = current_cgid; | ||
bpf_cgroup1_invalid_id(skel); | ||
} | ||
|
||
if (test__start_subtest("test_sleepable_prog")) { | ||
skel->bss->target_hid = hid; | ||
skel->bss->target_ancestor_cgid = current_cgid; | ||
bpf_cgroup1_sleepable(skel); | ||
} | ||
|
||
cleanup: | ||
cleanup_classid_environment(); | ||
destroy: | ||
test_cgroup1_hierarchy__destroy(skel); | ||
} |
72 changes: 72 additions & 0 deletions
72
tools/testing/selftests/bpf/progs/test_cgroup1_hierarchy.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
// SPDX-License-Identifier: GPL-2.0 | ||
//#endif | ||
/* Copyright (C) 2023 Yafang Shao <laoar.shao@gmail.com> */ | ||
|
||
#include "vmlinux.h" | ||
#include <bpf/bpf_helpers.h> | ||
#include <bpf/bpf_tracing.h> | ||
#include <bpf/bpf_core_read.h> | ||
|
||
__u32 target_ancestor_level; | ||
__u64 target_ancestor_cgid; | ||
int target_pid, target_hid; | ||
|
||
struct cgroup *bpf_task_get_cgroup1(struct task_struct *task, int hierarchy_id) __ksym; | ||
struct cgroup *bpf_cgroup_ancestor(struct cgroup *cgrp, int level) __ksym; | ||
void bpf_cgroup_release(struct cgroup *cgrp) __ksym; | ||
|
||
static int bpf_link_create_verify(int cmd) | ||
{ | ||
struct cgroup *cgrp, *ancestor; | ||
struct task_struct *task; | ||
int ret = 0; | ||
|
||
if (cmd != BPF_LINK_CREATE) | ||
return 0; | ||
|
||
task = bpf_get_current_task_btf(); | ||
|
||
/* Then it can run in parallel with others */ | ||
if (task->pid != target_pid) | ||
return 0; | ||
|
||
cgrp = bpf_task_get_cgroup1(task, target_hid); | ||
if (!cgrp) | ||
return 0; | ||
|
||
/* Refuse it if its cgid or its ancestor's cgid is the target cgid */ | ||
if (cgrp->kn->id == target_ancestor_cgid) | ||
ret = -1; | ||
|
||
ancestor = bpf_cgroup_ancestor(cgrp, target_ancestor_level); | ||
if (!ancestor) | ||
goto out; | ||
|
||
if (ancestor->kn->id == target_ancestor_cgid) | ||
ret = -1; | ||
bpf_cgroup_release(ancestor); | ||
|
||
out: | ||
bpf_cgroup_release(cgrp); | ||
return ret; | ||
} | ||
|
||
SEC("lsm/bpf") | ||
int BPF_PROG(lsm_run, int cmd, union bpf_attr *attr, unsigned int size) | ||
{ | ||
return bpf_link_create_verify(cmd); | ||
} | ||
|
||
SEC("lsm.s/bpf") | ||
int BPF_PROG(lsm_s_run, int cmd, union bpf_attr *attr, unsigned int size) | ||
{ | ||
return bpf_link_create_verify(cmd); | ||
} | ||
|
||
SEC("fentry") | ||
int BPF_PROG(fentry_run) | ||
{ | ||
return 0; | ||
} | ||
|
||
char _license[] SEC("license") = "GPL"; |