1 // SPDX-License-Identifier: GPL-2.0
2
3 #include <test_progs.h>
4 #include "cgroup_helpers.h"
5 #include "network_helpers.h"
6 #include "cgroup_storage.skel.h"
7
8 #define TEST_CGROUP "/test-bpf-cgroup-storage-buf/"
9 #define TEST_NS "cgroup_storage_ns"
10 #define PING_CMD "ping localhost -c 1 -W 1 -q"
11
setup_network(struct nstoken ** token)12 static int setup_network(struct nstoken **token)
13 {
14 SYS(fail, "ip netns add %s", TEST_NS);
15 *token = open_netns(TEST_NS);
16 if (!ASSERT_OK_PTR(*token, "open netns"))
17 goto cleanup_ns;
18 SYS(cleanup_ns, "ip link set lo up");
19
20 return 0;
21
22 cleanup_ns:
23 SYS_NOFAIL("ip netns del %s", TEST_NS);
24 fail:
25 return -1;
26 }
27
cleanup_network(struct nstoken * ns)28 static void cleanup_network(struct nstoken *ns)
29 {
30 close_netns(ns);
31 SYS_NOFAIL("ip netns del %s", TEST_NS);
32 }
33
test_cgroup_storage(void)34 void test_cgroup_storage(void)
35 {
36 struct bpf_cgroup_storage_key key;
37 struct cgroup_storage *skel;
38 struct nstoken *ns = NULL;
39 unsigned long long value;
40 int cgroup_fd;
41 int err;
42
43 cgroup_fd = cgroup_setup_and_join(TEST_CGROUP);
44 if (!ASSERT_OK_FD(cgroup_fd, "create cgroup"))
45 return;
46
47 if (!ASSERT_OK(setup_network(&ns), "setup network"))
48 goto cleanup_cgroup;
49
50 skel = cgroup_storage__open_and_load();
51 if (!ASSERT_OK_PTR(skel, "load program"))
52 goto cleanup_network;
53
54 skel->links.bpf_prog =
55 bpf_program__attach_cgroup(skel->progs.bpf_prog, cgroup_fd);
56 if (!ASSERT_OK_PTR(skel->links.bpf_prog, "attach program"))
57 goto cleanup_progs;
58
59 /* Check that one out of every two packets is dropped */
60 err = SYS_NOFAIL(PING_CMD);
61 ASSERT_OK(err, "first ping");
62 err = SYS_NOFAIL(PING_CMD);
63 ASSERT_NEQ(err, 0, "second ping");
64 err = SYS_NOFAIL(PING_CMD);
65 ASSERT_OK(err, "third ping");
66
67 err = bpf_map__get_next_key(skel->maps.cgroup_storage, NULL, &key,
68 sizeof(key));
69 if (!ASSERT_OK(err, "get first key"))
70 goto cleanup_progs;
71 err = bpf_map__lookup_elem(skel->maps.cgroup_storage, &key, sizeof(key),
72 &value, sizeof(value), 0);
73 if (!ASSERT_OK(err, "first packet count read"))
74 goto cleanup_progs;
75
76 /* Add one to the packet counter, check again packet filtering */
77 value++;
78 err = bpf_map__update_elem(skel->maps.cgroup_storage, &key, sizeof(key),
79 &value, sizeof(value), 0);
80 if (!ASSERT_OK(err, "increment packet counter"))
81 goto cleanup_progs;
82 err = SYS_NOFAIL(PING_CMD);
83 ASSERT_OK(err, "fourth ping");
84 err = SYS_NOFAIL(PING_CMD);
85 ASSERT_NEQ(err, 0, "fifth ping");
86 err = SYS_NOFAIL(PING_CMD);
87 ASSERT_OK(err, "sixth ping");
88
89 cleanup_progs:
90 cgroup_storage__destroy(skel);
91 cleanup_network:
92 cleanup_network(ns);
93 cleanup_cgroup:
94 close(cgroup_fd);
95 cleanup_cgroup_environment();
96 }
97