Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp1246427rdb; Fri, 16 Feb 2024 09:26:21 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVIGanU87OjGO1cpqqSDTGui35oXhPjqsN0Kejp3SoM3VyfmTFdaUxr36u+bXv4y/ibDTKV7kOsVwQK1JtJ7AuH4Q6o/lUPnEWim2eErw== X-Google-Smtp-Source: AGHT+IEtDor4tnQN1j9Hz6fEUvUKjBZoElRy4hV85shhzjQ6GH/80hys61lRlM9pQ14xmQGCsnZB X-Received: by 2002:a05:6a20:e198:b0:19c:a8a8:5c7b with SMTP id ks24-20020a056a20e19800b0019ca8a85c7bmr6430711pzb.56.1708104381039; Fri, 16 Feb 2024 09:26:21 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708104381; cv=pass; d=google.com; s=arc-20160816; b=WZRoY3ioE9Q2zcPNjFTr1oLZY5yixsI53VlUqXOno1KSzkPB1WxkARBAE/KSJB2L7U I5AdD3laShC4/ZX+AcsyfkGR+P5Q0KLgtkvFPTimueYJ+AhqwdgIyD5uH/JCwFti3xaE O4CRgapsWQ9uMiLlUWrc3yRQ7R6UEvD6zGfZ3gN2vmO190L4xV72so7bN3pDMpWQSEOo OEFp8jiAxo7nTrhW9CVVB6AF2egP48uuDvS5AMDxwdjoD/NxIrM2HVlQKDQcYOYYjPuv 5505GdDzhgnkdNu6Nj3lYIktj3NYyhMHNf28H/PI841VkQQ87Wl4rVgAEOds/H7NVGGu A7Ww== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=jTSYqgmQXnfMlKM2Ji03sz4Up9QOJAvMc8kMEp5l0Tk=; fh=KIlP2vkGj6j1AVSJB4G7iC1/yOda1ZB/nkb1xD3o7Qo=; b=XOPnWgbJNNa7rbE4Z9NkTEhKe9lHs2lSuYW6PDMvyAeQImX17cJh9PGIuxwtlRlRp0 wi8nd/jznlstqXPcTzqtSumi8IEICBdei/1L9SjEyvy8GBNZVkYbQi+IWxfpMcFLSN4R JXD9eBpu0PWe9bocvr8VIKdsHXkB5RXkCBCyLsIEDLUpxFaF6yaINizcTDYjGYgXDaP7 NXc7EVDBU12QBxj60aTE/T9vowmqIDVqVeKMTKZW3Ivgkuw3+btjYD1RUygTVvWmdKxw xmzOE18G3IhRSyJevFHHjP9eAHvrttRFPguRvwZCHCzZ4PfC3uK//T1pXI81X+mnNMEZ oDgQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@iogearbox.net header.s=default2302 header.b=d0Ilkjcx; arc=pass (i=1 spf=pass spfdomain=iogearbox.net dkim=pass dkdomain=iogearbox.net dmarc=pass fromdomain=iogearbox.net); spf=pass (google.com: domain of linux-kernel+bounces-69069-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69069-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=iogearbox.net Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id a38-20020a630b66000000b005dc916d9df0si187301pgl.85.2024.02.16.09.26.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Feb 2024 09:26:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-69069-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@iogearbox.net header.s=default2302 header.b=d0Ilkjcx; arc=pass (i=1 spf=pass spfdomain=iogearbox.net dkim=pass dkdomain=iogearbox.net dmarc=pass fromdomain=iogearbox.net); spf=pass (google.com: domain of linux-kernel+bounces-69069-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69069-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=iogearbox.net Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id B3D002858A5 for ; Fri, 16 Feb 2024 17:26:20 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2CEF7131E52; Fri, 16 Feb 2024 17:26:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=iogearbox.net header.i=@iogearbox.net header.b="d0Ilkjcx" Received: from www62.your-server.de (www62.your-server.de [213.133.104.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0EEEE130ACF; Fri, 16 Feb 2024 17:26:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=213.133.104.62 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708104371; cv=none; b=ArBRaWh7lrMSID62IPL1s02kMCm8fFxFHQpI3iBpmM96pXnR+klU3RZzUOaEuzov/O2+5J4I8Bw7aDJUENvL9c7CNp77YTIT4smHcfvDzy/MLnkxEV725stiW8g7mQy1Kkr3osjOLUVHEM01FDWJAGjt3v4EVYBeSaJeHtj3lT4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708104371; c=relaxed/simple; bh=EnAGvR0/eYsnsKTWDYoVaXsElSFy9rLg/H5Yxus1K5g=; h=Subject:To:Cc:References:From:Message-ID:Date:MIME-Version: In-Reply-To:Content-Type; b=uT/nRp5ItRRVPYYKBbjMNXfXYoG0oryUj70oXPX1bbEFs+2KqXCdJ1qpJyQfFhhADVkbkkWNEyk8sL+WFsVa6udsaL6GUunnK8jQOf2iDRD5hff9NMaWCYxjLI+mBHJvvW01UPEgQtDLba/CQOe2jY+FoUB41XseuooeqBUcbgc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=iogearbox.net; spf=pass smtp.mailfrom=iogearbox.net; dkim=pass (2048-bit key) header.d=iogearbox.net header.i=@iogearbox.net header.b=d0Ilkjcx; arc=none smtp.client-ip=213.133.104.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=iogearbox.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=iogearbox.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=iogearbox.net; s=default2302; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To:Subject:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID; bh=jTSYqgmQXnfMlKM2Ji03sz4Up9QOJAvMc8kMEp5l0Tk=; b=d0IlkjcxkeGzt/6AyHiyJ4HT9f wgavh6aRLrUJkNNeMzcLwNsXjLpHeW9CIAsxy7GZVHbQUHWuaqXeILNogFYsZMkuttHv2mBN2cZFo qEpl0xtohs2yIdRGVCDPZUv974awl5z4cfkjOm860EAcZwnJxXr26j5u+RyB4lmCWuveQd1x8+PZF GtLtpixdcna9FGE32n2SMHrO+UeFG7wKsblrkTsXPw7NXdUWkhG2hsCfDgbL0LtDdcPQmPli+K0Go Y/AsD+c07dnHiFsPWO3yiRFNqETOJ7hDuoPlcEaE3kkLBXUSACKD4jkVAQur3BWZqs0339gk+UhVe 1NyL+WcQ==; Received: from sslproxy02.your-server.de ([78.47.166.47]) by www62.your-server.de with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rb1y6-000HMl-AI; Fri, 16 Feb 2024 18:25:46 +0100 Received: from [178.197.249.30] (helo=linux.home) by sslproxy02.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1rb1y4-000IZc-ND; Fri, 16 Feb 2024 18:25:44 +0100 Subject: Re: [PATCH] selftests/bpf: Move test_dev_cgroup to prog_tests To: Muhammad Usama Anjum , Alexei Starovoitov , Andrii Nakryiko , Martin KaFai Lau , Eduard Zingerman , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Mykola Lysenko , Shuah Khan Cc: kernel@collabora.com, linux-kernel@vger.kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org References: <20240215120233.308986-1-usama.anjum@collabora.com> From: Daniel Borkmann Message-ID: Date: Fri, 16 Feb 2024 18:25:43 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In-Reply-To: <20240215120233.308986-1-usama.anjum@collabora.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.103.10/27187/Fri Feb 16 10:23:45 2024) Hi Muhammad, Small nit, pls use $subj: [PATCH bpf-next] On 2/15/24 1:01 PM, Muhammad Usama Anjum wrote: > Move test_dev_cgroup to prog_tests to be able to run it with test_progs. > Replace dev_cgroup.bpf.o with skel header file, dev_cgroup.skel.h and > load program from it accourdingly. > > ./test_progs -t test_dev_cgroup > mknod: /tmp/test_dev_cgroup_null: Operation not permitted > 64+0 records in > 64+0 records out > 32768 bytes (33 kB, 32 KiB) copied, 0.000856684 s, 38.2 MB/s > dd: failed to open '/dev/full': Operation not permitted > dd: failed to open '/dev/random': Operation not permitted > #365 test_dev_cgroup:OK > Summary: 1/0 PASSED, 0 SKIPPED, 0 FAILED > > Signed-off-by: Muhammad Usama Anjum BPF CI currently fails this with : https://github.com/kernel-patches/bpf/actions/runs/7924507406/job/21636353124 [...] All error logs: test_test_dev_cgroup:PASS:skel_open_and_load 0 nsec test_test_dev_cgroup:PASS:cgroup_setup_and_join 0 nsec test_test_dev_cgroup:PASS:bpf_attach 0 nsec test_test_dev_cgroup:PASS:bpf_query 0 nsec test_test_dev_cgroup:PASS:rm 0 nsec test_test_dev_cgroup:PASS:mknod 0 nsec test_test_dev_cgroup:PASS:rm 0 nsec test_test_dev_cgroup:PASS:rm 0 nsec test_test_dev_cgroup:FAIL:mknod unexpected mknod on _zero test_test_dev_cgroup:PASS:rm 0 nsec test_test_dev_cgroup:PASS:dd 0 nsec test_test_dev_cgroup:PASS:dd 0 nsec test_test_dev_cgroup:PASS:dd 0 nsec (cgroup_helpers.c:353: errno: Device or resource busy) umount cgroup2 #366 test_dev_cgroup:FAIL Summary: 517/3837 PASSED, 53 SKIPPED, 1 FAILED You can also use vmtest.sh tool to check locally : # ./vmtest.sh -- ./test_progs -t test_dev_cgroup > diff --git a/tools/testing/selftests/bpf/prog_tests/test_dev_cgroup.c b/tools/testing/selftests/bpf/prog_tests/test_dev_cgroup.c > new file mode 100644 > index 0000000000000..ee37ce52dec9f > --- /dev/null > +++ b/tools/testing/selftests/bpf/prog_tests/test_dev_cgroup.c > @@ -0,0 +1,67 @@ > +// SPDX-License-Identifier: GPL-2.0-only > +/* Copyright (c) 2017 Facebook > + */ > + > +#include > +#include > +#include "cgroup_helpers.h" > +#include "dev_cgroup.skel.h" > + > +#define TEST_CGROUP "/test-bpf-based-device-cgroup/" > + > +void test_test_dev_cgroup(void) nit: test_dev_cgroup ? > +{ > + int cgroup_fd, err, duration = 0; > + struct dev_cgroup *skel; > + __u32 prog_cnt; > + > + skel = dev_cgroup__open_and_load(); > + if (CHECK(!skel, "skel_open_and_load", "failed\n")) > + goto cleanup; Nit: please use ASSERT_* macros everywhere, the CHECK() is deprecated. > + cgroup_fd = cgroup_setup_and_join(TEST_CGROUP); > + if (CHECK(cgroup_fd < 0, "cgroup_setup_and_join", "failed: %d\n", cgroup_fd)) > + goto cleanup; > + > + err = bpf_prog_attach(bpf_program__fd(skel->progs.bpf_prog1), cgroup_fd, > + BPF_CGROUP_DEVICE, 0); > + if (CHECK(err, "bpf_attach", "failed: %d\n", err)) > + goto cleanup; > + > + err = bpf_prog_query(cgroup_fd, BPF_CGROUP_DEVICE, 0, NULL, NULL, &prog_cnt); > + if (CHECK(err || prog_cnt != 1, "bpf_query", "failed: %d %d\n", err, prog_cnt)) > + goto cleanup; > + > + /* All operations with /dev/zero and /dev/urandom are allowed, > + * everything else is forbidden. > + */ > + CHECK(system("rm -f /tmp/test_dev_cgroup_null"), "rm", > + "unexpected rm on _null\n"); > + CHECK(!system("mknod /tmp/test_dev_cgroup_null c 1 3"), > + "mknod", "unexpected mknod on _null\n"); > + CHECK(system("rm -f /tmp/test_dev_cgroup_null"), "rm", > + "unexpected rm on _null\n"); > + > + /* /dev/zero is whitelisted */ > + CHECK(system("rm -f /tmp/test_dev_cgroup_zero"), "rm", > + "unexpected rm on _zero\n"); > + CHECK(system("mknod /tmp/test_dev_cgroup_zero c 1 5"), > + "mknod", "unexpected mknod on _zero\n"); > + CHECK(system("rm -f /tmp/test_dev_cgroup_zero"), "rm", > + "unexpected rm on _zero\n"); > + > + CHECK(system("dd if=/dev/urandom of=/dev/zero count=64"), "dd", > + "unexpected dd on /dev/zero\n"); > + > + /* src is allowed, target is forbidden */ > + CHECK(!system("dd if=/dev/urandom of=/dev/full count=64"), "dd", > + "unexpected dd on /dev/full\n"); > + > + /* src is forbidden, target is allowed */ > + CHECK(!system("dd if=/dev/random of=/dev/zero count=64"), "dd", > + "unexpected dd on /dev/zero\n"); > + > +cleanup: > + cleanup_cgroup_environment(); > + dev_cgroup__destroy(skel); > +} Thanks, Daniel