review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Andrey Ignatov <rdna@fb.com>
	Thu, 14 May 2020 20:03:49 +0000 (13:03 -0700)
committer	Alexei Starovoitov <ast@kernel.org>
	Fri, 15 May 2020 01:41:08 +0000 (18:41 -0700)
commit	68e916bc8d3211ffe0b4c418184ab1b57398200c
tree	2aedd112ac4556c8f07b2c00bec1b8d657bbbc4a	tree \| snapshot
parent	383724e17ab02d8e440def7792c4e151b13ef4d4	commit \| diff

selftests/bpf: Test for sk helpers in cgroup skb

Test bpf_sk_lookup_tcp, bpf_sk_release, bpf_sk_cgroup_id and
bpf_sk_ancestor_cgroup_id helpers from cgroup skb program.

The test creates a testing cgroup, starts a TCPv6 server inside the
cgroup and creates two client sockets: one inside testing cgroup and one
outside.

Then it attaches cgroup skb program to the cgroup that checks all TCP
segments coming to the server and allows only those coming from the
cgroup of the server. If a segment comes from a peer outside of the
cgroup, it'll be dropped.

Finally the test checks that client from inside testing cgroup can
successfully connect to the server, but client outside the cgroup fails
to connect by timeout.

The main goal of the test is to check newly introduced
bpf_sk_{,ancestor_}cgroup_id helpers.

It also checks a couple of socket lookup helpers (tcp & release), but
lookup helpers were introduced much earlier and covered by other tests.
Here it's mostly checked that they can be called from cgroup skb.

Signed-off-by: Andrey Ignatov <rdna@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/bpf/171f4c5d75e8ff4fe1c4e8c1c12288b5240a4549.1589486450.git.rdna@fb.com

tools/testing/selftests/bpf/prog_tests/cgroup_skb_sk_lookup.c	[new file with mode: 0644]	blob
tools/testing/selftests/bpf/progs/cgroup_skb_sk_lookup_kern.c	[new file with mode: 0644]	blob