cgroup_v1v2.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt

cgroup_v1v2.c (1947B)

      1// SPDX-License-Identifier: GPL-2.0
      2
      3#include <test_progs.h>
      4
      5#include "connect4_dropper.skel.h"
      6
      7#include "cgroup_helpers.h"
      8#include "network_helpers.h"
      9
     10static int run_test(int cgroup_fd, int server_fd, bool classid)
     11{
     12	struct network_helper_opts opts = {
     13		.must_fail = true,
     14	};
     15	struct connect4_dropper *skel;
     16	int fd, err = 0;
     17
     18	skel = connect4_dropper__open_and_load();
     19	if (!ASSERT_OK_PTR(skel, "skel_open"))
     20		return -1;
     21
     22	skel->links.connect_v4_dropper =
     23		bpf_program__attach_cgroup(skel->progs.connect_v4_dropper,
     24					   cgroup_fd);
     25	if (!ASSERT_OK_PTR(skel->links.connect_v4_dropper, "prog_attach")) {
     26		err = -1;
     27		goto out;
     28	}
     29
     30	if (classid && !ASSERT_OK(join_classid(), "join_classid")) {
     31		err = -1;
     32		goto out;
     33	}
     34
     35	fd = connect_to_fd_opts(server_fd, &opts);
     36	if (fd < 0)
     37		err = -1;
     38	else
     39		close(fd);
     40out:
     41	connect4_dropper__destroy(skel);
     42	return err;
     43}
     44
     45void test_cgroup_v1v2(void)
     46{
     47	struct network_helper_opts opts = {};
     48	int server_fd, client_fd, cgroup_fd;
     49	static const int port = 60120;
     50
     51	/* Step 1: Check base connectivity works without any BPF. */
     52	server_fd = start_server(AF_INET, SOCK_STREAM, NULL, port, 0);
     53	if (!ASSERT_GE(server_fd, 0, "server_fd"))
     54		return;
     55	client_fd = connect_to_fd_opts(server_fd, &opts);
     56	if (!ASSERT_GE(client_fd, 0, "client_fd")) {
     57		close(server_fd);
     58		return;
     59	}
     60	close(client_fd);
     61	close(server_fd);
     62
     63	/* Step 2: Check BPF policy prog attached to cgroups drops connectivity. */
     64	cgroup_fd = test__join_cgroup("/connect_dropper");
     65	if (!ASSERT_GE(cgroup_fd, 0, "cgroup_fd"))
     66		return;
     67	server_fd = start_server(AF_INET, SOCK_STREAM, NULL, port, 0);
     68	if (!ASSERT_GE(server_fd, 0, "server_fd")) {
     69		close(cgroup_fd);
     70		return;
     71	}
     72	ASSERT_OK(run_test(cgroup_fd, server_fd, false), "cgroup-v2-only");
     73	setup_classid_environment();
     74	set_classid(42);
     75	ASSERT_OK(run_test(cgroup_fd, server_fd, true), "cgroup-v1v2");
     76	cleanup_classid_environment();
     77	close(server_fd);
     78	close(cgroup_fd);
     79}