Merge tag 'vfs-6.13-rc7.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs

[J-linux.git] / tools / testing / selftests / bpf / prog_tests / cgroup_dev.c

// SPDX-License-Identifier: GPL-2.0

#include <sys/stat.h>
#include <sys/sysmacros.h>
#include <errno.h>
#include "test_progs.h"
#include "cgroup_helpers.h"
#include "dev_cgroup.skel.h"

#define TEST_CGROUP "/test-bpf-based-device-cgroup/"
#define TEST_BUFFER_SIZE 64

static void test_mknod(const char *path, mode_t mode, int dev_major,
                       int dev_minor, int expected_ret, int expected_errno)
{
        int ret;

        unlink(path);
        ret = mknod(path, mode, makedev(dev_major, dev_minor));
        ASSERT_EQ(ret, expected_ret, "mknod");
        if (expected_ret)
                ASSERT_EQ(errno, expected_errno, "mknod errno");
        else
                unlink(path);
}

static void test_read(const char *path, char *buf, int buf_size,
                      int expected_ret, int expected_errno)
{
        int ret, fd;

        fd = open(path, O_RDONLY);

        /* A bare open on unauthorized device should fail */
        if (expected_ret < 0) {
                ASSERT_EQ(fd, expected_ret, "open ret for read");
                ASSERT_EQ(errno, expected_errno, "open errno for read");
                if (fd >= 0)
                        close(fd);
                return;
        }

        if (!ASSERT_OK_FD(fd, "open ret for read"))
                return;

        ret = read(fd, buf, buf_size);
        ASSERT_EQ(ret, expected_ret, "read");

        close(fd);
}

static void test_write(const char *path, char *buf, int buf_size,
                       int expected_ret, int expected_errno)
{
        int ret, fd;

        fd = open(path, O_WRONLY);

        /* A bare open on unauthorized device should fail */
        if (expected_ret < 0) {
                ASSERT_EQ(fd, expected_ret, "open ret for write");
                ASSERT_EQ(errno, expected_errno, "open errno for write");
                if (fd >= 0)
                        close(fd);
                return;
        }

        if (!ASSERT_OK_FD(fd, "open ret for write"))
                return;

        ret = write(fd, buf, buf_size);
        ASSERT_EQ(ret, expected_ret, "write");

        close(fd);
}

void test_cgroup_dev(void)
{
        char buf[TEST_BUFFER_SIZE] = "some random test data";
        struct dev_cgroup *skel;
        int cgroup_fd;

        cgroup_fd = cgroup_setup_and_join(TEST_CGROUP);
        if (!ASSERT_OK_FD(cgroup_fd, "cgroup switch"))
                return;

        skel = dev_cgroup__open_and_load();
        if (!ASSERT_OK_PTR(skel, "load program"))
                goto cleanup_cgroup;

        skel->links.bpf_prog1 =
                bpf_program__attach_cgroup(skel->progs.bpf_prog1, cgroup_fd);
        if (!ASSERT_OK_PTR(skel->links.bpf_prog1, "attach_program"))
                goto cleanup_progs;

        if (test__start_subtest("allow-mknod"))
                test_mknod("/dev/test_dev_cgroup_null", S_IFCHR, 1, 3, 0, 0);

        if (test__start_subtest("allow-read"))
                test_read("/dev/urandom", buf, TEST_BUFFER_SIZE,
                          TEST_BUFFER_SIZE, 0);

        if (test__start_subtest("allow-write"))
                test_write("/dev/null", buf, TEST_BUFFER_SIZE,
                           TEST_BUFFER_SIZE, 0);

        if (test__start_subtest("deny-mknod"))
                test_mknod("/dev/test_dev_cgroup_zero", S_IFCHR, 1, 5, -1,
                           EPERM);

        if (test__start_subtest("deny-read"))
                test_read("/dev/random", buf, TEST_BUFFER_SIZE, -1, EPERM);

        if (test__start_subtest("deny-write"))
                test_write("/dev/zero", buf, TEST_BUFFER_SIZE, -1, EPERM);

        if (test__start_subtest("deny-mknod-wrong-type"))
                test_mknod("/dev/test_dev_cgroup_block", S_IFBLK, 1, 3, -1,
                           EPERM);

cleanup_progs:
        dev_cgroup__destroy(skel);
cleanup_cgroup:
        cleanup_cgroup_environment();
}