| // SPDX-License-Identifier: GPL-2.0 |
| |
| #include <test_progs.h> |
| #include "cgroup_helpers.h" |
| #include "network_helpers.h" |
| #include "cgroup_storage.skel.h" |
| |
| #define TEST_CGROUP "/test-bpf-cgroup-storage-buf/" |
| #define TEST_NS "cgroup_storage_ns" |
| #define PING_CMD "ping localhost -c 1 -W 1 -q" |
| |
| static int setup_network(struct nstoken **token) |
| { |
| SYS(fail, "ip netns add %s", TEST_NS); |
| *token = open_netns(TEST_NS); |
| if (!ASSERT_OK_PTR(*token, "open netns")) |
| goto cleanup_ns; |
| SYS(cleanup_ns, "ip link set lo up"); |
| |
| return 0; |
| |
| cleanup_ns: |
| SYS_NOFAIL("ip netns del %s", TEST_NS); |
| fail: |
| return -1; |
| } |
| |
| static void cleanup_network(struct nstoken *ns) |
| { |
| close_netns(ns); |
| SYS_NOFAIL("ip netns del %s", TEST_NS); |
| } |
| |
| void test_cgroup_storage(void) |
| { |
| struct bpf_cgroup_storage_key key; |
| struct cgroup_storage *skel; |
| struct nstoken *ns = NULL; |
| unsigned long long value; |
| int cgroup_fd; |
| int err; |
| |
| cgroup_fd = cgroup_setup_and_join(TEST_CGROUP); |
| if (!ASSERT_OK_FD(cgroup_fd, "create cgroup")) |
| return; |
| |
| if (!ASSERT_OK(setup_network(&ns), "setup network")) |
| goto cleanup_cgroup; |
| |
| skel = cgroup_storage__open_and_load(); |
| if (!ASSERT_OK_PTR(skel, "load program")) |
| goto cleanup_network; |
| |
| skel->links.bpf_prog = |
| bpf_program__attach_cgroup(skel->progs.bpf_prog, cgroup_fd); |
| if (!ASSERT_OK_PTR(skel->links.bpf_prog, "attach program")) |
| goto cleanup_progs; |
| |
| /* Check that one out of every two packets is dropped */ |
| err = SYS_NOFAIL(PING_CMD); |
| ASSERT_OK(err, "first ping"); |
| err = SYS_NOFAIL(PING_CMD); |
| ASSERT_NEQ(err, 0, "second ping"); |
| err = SYS_NOFAIL(PING_CMD); |
| ASSERT_OK(err, "third ping"); |
| |
| err = bpf_map__get_next_key(skel->maps.cgroup_storage, NULL, &key, |
| sizeof(key)); |
| if (!ASSERT_OK(err, "get first key")) |
| goto cleanup_progs; |
| err = bpf_map__lookup_elem(skel->maps.cgroup_storage, &key, sizeof(key), |
| &value, sizeof(value), 0); |
| if (!ASSERT_OK(err, "first packet count read")) |
| goto cleanup_progs; |
| |
| /* Add one to the packet counter, check again packet filtering */ |
| value++; |
| err = bpf_map__update_elem(skel->maps.cgroup_storage, &key, sizeof(key), |
| &value, sizeof(value), 0); |
| if (!ASSERT_OK(err, "increment packet counter")) |
| goto cleanup_progs; |
| err = SYS_NOFAIL(PING_CMD); |
| ASSERT_OK(err, "fourth ping"); |
| err = SYS_NOFAIL(PING_CMD); |
| ASSERT_NEQ(err, 0, "fifth ping"); |
| err = SYS_NOFAIL(PING_CMD); |
| ASSERT_OK(err, "sixth ping"); |
| |
| cleanup_progs: |
| cgroup_storage__destroy(skel); |
| cleanup_network: |
| cleanup_network(ns); |
| cleanup_cgroup: |
| close(cgroup_fd); |
| cleanup_cgroup_environment(); |
| } |