97 lines
2.5 KiB
C
97 lines
2.5 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
#include <test_progs.h>
|
|
#include "cgroup_helpers.h"
|
|
#include "network_helpers.h"
|
|
#include "cgroup_storage.skel.h"
|
|
|
|
#define TEST_CGROUP "/test-bpf-cgroup-storage-buf/"
|
|
#define TEST_NS "cgroup_storage_ns"
|
|
#define PING_CMD "ping localhost -c 1 -W 1 -q"
|
|
|
|
static int setup_network(struct nstoken **token)
|
|
{
|
|
SYS(fail, "ip netns add %s", TEST_NS);
|
|
*token = open_netns(TEST_NS);
|
|
if (!ASSERT_OK_PTR(*token, "open netns"))
|
|
goto cleanup_ns;
|
|
SYS(cleanup_ns, "ip link set lo up");
|
|
|
|
return 0;
|
|
|
|
cleanup_ns:
|
|
SYS_NOFAIL("ip netns del %s", TEST_NS);
|
|
fail:
|
|
return -1;
|
|
}
|
|
|
|
static void cleanup_network(struct nstoken *ns)
|
|
{
|
|
close_netns(ns);
|
|
SYS_NOFAIL("ip netns del %s", TEST_NS);
|
|
}
|
|
|
|
void test_cgroup_storage(void)
|
|
{
|
|
struct bpf_cgroup_storage_key key;
|
|
struct cgroup_storage *skel;
|
|
struct nstoken *ns = NULL;
|
|
unsigned long long value;
|
|
int cgroup_fd;
|
|
int err;
|
|
|
|
cgroup_fd = cgroup_setup_and_join(TEST_CGROUP);
|
|
if (!ASSERT_OK_FD(cgroup_fd, "create cgroup"))
|
|
return;
|
|
|
|
if (!ASSERT_OK(setup_network(&ns), "setup network"))
|
|
goto cleanup_cgroup;
|
|
|
|
skel = cgroup_storage__open_and_load();
|
|
if (!ASSERT_OK_PTR(skel, "load program"))
|
|
goto cleanup_network;
|
|
|
|
skel->links.bpf_prog =
|
|
bpf_program__attach_cgroup(skel->progs.bpf_prog, cgroup_fd);
|
|
if (!ASSERT_OK_PTR(skel->links.bpf_prog, "attach program"))
|
|
goto cleanup_progs;
|
|
|
|
/* Check that one out of every two packets is dropped */
|
|
err = SYS_NOFAIL(PING_CMD);
|
|
ASSERT_OK(err, "first ping");
|
|
err = SYS_NOFAIL(PING_CMD);
|
|
ASSERT_NEQ(err, 0, "second ping");
|
|
err = SYS_NOFAIL(PING_CMD);
|
|
ASSERT_OK(err, "third ping");
|
|
|
|
err = bpf_map__get_next_key(skel->maps.cgroup_storage, NULL, &key,
|
|
sizeof(key));
|
|
if (!ASSERT_OK(err, "get first key"))
|
|
goto cleanup_progs;
|
|
err = bpf_map__lookup_elem(skel->maps.cgroup_storage, &key, sizeof(key),
|
|
&value, sizeof(value), 0);
|
|
if (!ASSERT_OK(err, "first packet count read"))
|
|
goto cleanup_progs;
|
|
|
|
/* Add one to the packet counter, check again packet filtering */
|
|
value++;
|
|
err = bpf_map__update_elem(skel->maps.cgroup_storage, &key, sizeof(key),
|
|
&value, sizeof(value), 0);
|
|
if (!ASSERT_OK(err, "increment packet counter"))
|
|
goto cleanup_progs;
|
|
err = SYS_NOFAIL(PING_CMD);
|
|
ASSERT_OK(err, "fourth ping");
|
|
err = SYS_NOFAIL(PING_CMD);
|
|
ASSERT_NEQ(err, 0, "fifth ping");
|
|
err = SYS_NOFAIL(PING_CMD);
|
|
ASSERT_OK(err, "sixth ping");
|
|
|
|
cleanup_progs:
|
|
cgroup_storage__destroy(skel);
|
|
cleanup_network:
|
|
cleanup_network(ns);
|
|
cleanup_cgroup:
|
|
close(cgroup_fd);
|
|
cleanup_cgroup_environment();
|
|
}
|