On 07/29, Alexis Lothoré (eBPF Foundation) wrote: > Hello, > this small series aims to integrate test_dev_cgroup in test_progs so it > could be run automatically in CI. The new version brings a few differences > with the current one: > - test now uses directly syscalls instead of wrapping commandline tools > into system() calls > - test_progs manipulates /dev/null (eg: redirecting test logs into it), so > disabling access to it in the bpf program confuses the tests. To fix this, > the first commit modifies the bpf program to allow access to char devices > 1:3 (/dev/null), and disable access to char devices 1:5 (/dev/zero) > - once test is converted, add a small subtest to also check for device type > interpretation (char or block) > - paths used in mknod tests are now in /dev instead of /tmp: due to the CI > runner organisation and mountpoints manipulations, trying to create nodes > in /tmp leads to errors unrelated to the test (ie, mknod calls refused by > kernel, not the bpf program). I don't understand exactly the root cause > at the deepest point (all I see in CI is an -ENXIO error on mknod when trying to > create the node in tmp, and I can not make sense out of it neither > replicate it locally), so I would gladly take inputs from anyone more > educated than me about this. > > The new test_progs part has been tested in a local qemu environment as well > as in upstream CI: > > ./test_progs -a cgroup_dev > 47/1 cgroup_dev/deny-mknod:OK > 47/2 cgroup_dev/allow-mknod:OK > 47/3 cgroup_dev/deny-mknod-wrong-type:OK > 47/4 cgroup_dev/allow-read:OK > 47/5 cgroup_dev/allow-write:OK > 47/6 cgroup_dev/deny-read:OK > 47/7 cgroup_dev/deny-write:OK > 47 cgroup_dev:OK > Summary: 1/7 PASSED, 0 SKIPPED, 0 FAILED > > --- > Changes in v2: > - directly pass expected ret code to subtests instead of boolean pass/not > pass > - fix faulty fd check in subtest expected to fail on open > - fix wrong subtest name > - pass test buffer and corresponding size to read/write subtests > - use correct series prefix > - Link to v1: https://lore.kernel.org/r/20240725-convert_dev_cgroup-v1-0-2c8cbd487c44@xxxxxxxxxxx For the next respin (after addressing Alan's comment about bpf_program__attach_cgroup): Acked-by: Stanislav Fomichev <sdf@xxxxxxxxxxx>
