Adding new prog_tests for sysctl BPF handlers, first version with a single test to validate bpf_sysctl_set_new_value call Signed-off-by: Raman Shukhau <ramasha@xxxxxxxx> --- .../selftests/bpf/prog_tests/cgrp_sysctl.c | 106 ++++++++++++++++++ .../testing/selftests/bpf/progs/cgrp_sysctl.c | 51 +++++++++ 2 files changed, 157 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/cgrp_sysctl.c create mode 100644 tools/testing/selftests/bpf/progs/cgrp_sysctl.c diff --git a/tools/testing/selftests/bpf/prog_tests/cgrp_sysctl.c b/tools/testing/selftests/bpf/prog_tests/cgrp_sysctl.c new file mode 100644 index 000000000000..dad847d397de --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/cgrp_sysctl.c @@ -0,0 +1,106 @@ +// SPDX-License-Identifier: GPL-2.0-only + +/* + * Copyright 2022 Google LLC. + */ + +#define SYSCTL_ROOT_PATH "/proc/sys/" +#define SYSCTL_NAME_LEN 128 +#define RESERVED_PORTS_SYSCTL_NAME "net/ipv4/ip_local_reserved_ports" +#define RESERVED_PORTS_OVERRIDE_VALUE "31337" + +#define _GNU_SOURCE +#include <unistd.h> +#include <string.h> +#include <fcntl.h> + +#include <sys/mount.h> + +#include "test_progs.h" +#include "cgrp_sysctl.skel.h" + +struct sysctl_test { + const char *sysctl; + int open_flags; + const char *newval; + const char *updval; +}; + +static void subtest(int cgroup_fd, struct cgrp_sysctl *skel, struct sysctl_test *test_data) +{ + int fd; + + fd = open(SYSCTL_ROOT_PATH RESERVED_PORTS_SYSCTL_NAME, test_data->open_flags | O_CLOEXEC); + if (!ASSERT_GT(fd, 0, "sysctl-open")) + return; + + if (test_data->open_flags == O_RDWR) { + int wr_ret; + + wr_ret = write(fd, test_data->newval, strlen(test_data->newval)); + if (!ASSERT_GT(wr_ret, 0, "sysctl-write")) + goto out; + + char buf[SYSCTL_NAME_LEN]; + char updval[SYSCTL_NAME_LEN]; + + sprintf(updval, "%s\n", test_data->updval); + if (!ASSERT_OK(lseek(fd, 0, SEEK_SET), "sysctl-seek")) + goto out; + if (!ASSERT_GT(read(fd, buf, sizeof(buf)), 0, "sysctl-read")) + goto out; + if (!ASSERT_OK(strncmp(buf, updval, strlen(updval)), "sysctl-updval")) + goto out; + } + +out: + close(fd); +} + +void test_cgrp_sysctl(void) +{ + struct cgrp_sysctl *skel; + int cgroup_fd; + + cgroup_fd = test__join_cgroup("/cgrp_sysctl"); + if (!ASSERT_GE(cgroup_fd, 0, "cg-create")) + return; + + skel = cgrp_sysctl__open(); + if (!ASSERT_OK_PTR(skel, "skel-open")) + goto close_cgroup; + + struct sysctl_test test_data; + + if (test__start_subtest("overwrite_success")) { + test_data = (struct sysctl_test){ + .sysctl = RESERVED_PORTS_SYSCTL_NAME, + .open_flags = O_RDWR, + .newval = "22222", + .updval = RESERVED_PORTS_OVERRIDE_VALUE, + }; + memcpy(skel->rodata->sysctl_name, RESERVED_PORTS_SYSCTL_NAME, + sizeof(RESERVED_PORTS_SYSCTL_NAME)); + skel->rodata->name_len = sizeof(RESERVED_PORTS_SYSCTL_NAME); + memcpy(skel->rodata->sysctl_updval, RESERVED_PORTS_OVERRIDE_VALUE, + sizeof(RESERVED_PORTS_OVERRIDE_VALUE)); + skel->rodata->updval_len = sizeof(RESERVED_PORTS_OVERRIDE_VALUE); + } + + if (!ASSERT_OK(cgrp_sysctl__load(skel), "skel-load")) + goto close_cgroup; + + skel->links.cgrp_sysctl_overwrite = + bpf_program__attach_cgroup(skel->progs.cgrp_sysctl_overwrite, cgroup_fd); + if (!ASSERT_OK_PTR(skel->links.cgrp_sysctl_overwrite, "cg-attach-sysctl")) + goto skel_destroy; + + subtest(cgroup_fd, skel, &test_data); + goto skel_destroy; + +skel_destroy: + cgrp_sysctl__destroy(skel); + +close_cgroup: + close(cgroup_fd); +} diff --git a/tools/testing/selftests/bpf/progs/cgrp_sysctl.c b/tools/testing/selftests/bpf/progs/cgrp_sysctl.c new file mode 100644 index 000000000000..99b202835f85 --- /dev/null +++ b/tools/testing/selftests/bpf/progs/cgrp_sysctl.c @@ -0,0 +1,51 @@ +// SPDX-License-Identifier: GPL-2.0 +// Copyright (c) 2019 Facebook + +#include <string.h> +#include <stdbool.h> + +#include <linux/bpf.h> + +#include <bpf/bpf_helpers.h> + +#include "bpf_compiler.h" + +#define SYSCTL_VALUE_LEN 16 +#define SYSCTL_NAME_LEN 128 + +#define SUCCESS 1 +#define FAILURE 0 + +const char sysctl_updval[SYSCTL_VALUE_LEN]; +volatile const unsigned int updval_len; +const char sysctl_name[SYSCTL_NAME_LEN]; +volatile const unsigned int name_len; + +static __always_inline bool is_expected_name(struct bpf_sysctl *ctx) +{ + char name[SYSCTL_NAME_LEN]; + int size; + + memset(name, 0, sizeof(name)); + size = bpf_sysctl_get_name(ctx, name, sizeof(name), 0); + if (size <= 0 || size != name_len - 1) + return 1; + + return bpf_strncmp(name, size, (const char *)sysctl_name) == 0; +} + +SEC("cgroup/sysctl") +int cgrp_sysctl_overwrite(struct bpf_sysctl *ctx) +{ + if (!ctx->write) + return SUCCESS; + + if (!is_expected_name(ctx)) + return SUCCESS; + + if (bpf_sysctl_set_new_value(ctx, (char *)sysctl_updval, updval_len) == 0) + return SUCCESS; + return FAILURE; +} + +char _license[] SEC("license") = "GPL"; -- 2.43.0