From: Alexei Starovoitov <alexei.starovoitov@gmail.com>
To: Sargun Dhillon <sargun@sargun.me>
Cc: netdev@vger.kernel.org, daniel@iogearbox.net, tj@kernel.org
Subject: Re: [PATCH net-next v5 3/3] samples/bpf: Add test_current_task_under_cgroup test
Date: Fri, 12 Aug 2016 09:10:08 -0700 [thread overview]
Message-ID: <20160812161006.GA43887@ast-mbp.thefacebook.com> (raw)
In-Reply-To: <20160812155703.GA12893@ircssh.c.rugged-nimbus-611.internal>
On Fri, Aug 12, 2016 at 08:57:04AM -0700, Sargun Dhillon wrote:
> This test has a BPF program which writes the last known pid to call the
> sync syscall within a given cgroup to a map.
>
> The user mode program creates its own mount namespace, and mounts the
> cgroupsv2 hierarchy in there, as on all current test systems
> (Ubuntu 16.04, Debian), the cgroupsv2 vfs is unmounted by default.
> Once it does this, it proceeds to test.
>
> The test checks for positive and negative condition. It ensures that
> when it's part of a given cgroup, its pid is captured in the map,
> and that when it leaves the cgroup, this doesn't happen.
>
> It populate a cgroups arraymap prior to execution in userspace. This means
> that the program must be run in the same cgroups namespace as the programs
> that are being traced.
>
> Signed-off-by: Sargun Dhillon <sargun@sargun.me>
> Cc: Alexei Starovoitov <ast@kernel.org>
> Cc: Daniel Borkmann <daniel@iogearbox.net>
> Cc: Tejun Heo <tj@kernel.org>
I don't think there is much value explicitly adding 'cc:' to commit log.
> + if (join_cgroup("/mnt/my-cgroup")) {
> + log_err("Leaving target cgroup");
> + goto cleanup_cgroup_err;
> + }
> +
> + /*
> + * The installed helper program catched the sync call, and should
> + * write it to the map.
> + */
> +
> + sync();
> + bpf_lookup_elem(map_fd[1], &idx, &remote_pid);
> +
> + if (local_pid != remote_pid) {
> + fprintf(stderr,
> + "BPF Helper didn't write correct PID to map, but: %d\n",
> + remote_pid);
> + goto leave_cgroup_err;
> + }
> +
> + /* Verify the negative scenario; leave the cgroup */
> + if (join_cgroup(CGROUP_MOUNT_PATH))
> + goto leave_cgroup_err;
> +
> + remote_pid = 0;
> + bpf_update_elem(map_fd[1], &idx, &remote_pid, BPF_ANY);
> +
> + sync();
> + bpf_lookup_elem(map_fd[1], &idx, &remote_pid);
> +
> + if (local_pid == remote_pid) {
> + fprintf(stderr, "BPF cgroup negative test did not work\n");
> + goto cleanup_cgroup_err;
> + }
> +
> + rmdir(CGROUP_PATH);
> + return 0;
Nice test. Thanks
Acked-by: Alexei Starovoitov <ast@kernel.org>
prev parent reply other threads:[~2016-08-12 16:10 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-12 15:57 [PATCH net-next v5 3/3] samples/bpf: Add test_current_task_under_cgroup test Sargun Dhillon
2016-08-12 16:10 ` Alexei Starovoitov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160812161006.GA43887@ast-mbp.thefacebook.com \
--to=alexei.starovoitov@gmail.com \
--cc=daniel@iogearbox.net \
--cc=netdev@vger.kernel.org \
--cc=sargun@sargun.me \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox