Re: [PATCH net-next v5 3/3] samples/bpf: Add test_current_task_under_cgroup test

2016-08-12 Thread Alexei Starovoitov 
On Fri, Aug 12, 2016 at 08:57:04AM -0700, Sargun Dhillon wrote:
> This test has a BPF program which writes the last known pid to call the
> sync syscall within a given cgroup to a map.
> 
> The user mode program creates its own mount namespace, and mounts the
> cgroupsv2  hierarchy in there, as on all current test systems
> (Ubuntu 16.04, Debian), the cgroupsv2 vfs is unmounted by default.
> Once it does this, it proceeds to test.
> 
> The test checks for positive and negative condition. It ensures that
> when it's part of a given cgroup, its pid is captured in the map,
> and that when it leaves the cgroup, this doesn't happen.
> 
> It populate a cgroups arraymap prior to execution in userspace. This means
> that the program must be run in the same cgroups namespace as the programs
> that are being traced.
> 
> Signed-off-by: Sargun Dhillon 
> Cc: Alexei Starovoitov 
> Cc: Daniel Borkmann 
> Cc: Tejun Heo 

I don't think there is much value explicitly adding 'cc:' to commit log.

> + if (join_cgroup("/mnt/my-cgroup")) {
> + log_err("Leaving target cgroup");
> + goto cleanup_cgroup_err;
> + }
> +
> + /*
> +  * The installed helper program catched the sync call, and should
> +  * write it to the map.
> +  */
> +
> + sync();
> + bpf_lookup_elem(map_fd[1], &idx, &remote_pid);
> +
> + if (local_pid != remote_pid) {
> + fprintf(stderr,
> + "BPF Helper didn't write correct PID to map, but: %d\n",
> + remote_pid);
> + goto leave_cgroup_err;
> + }
> +
> + /* Verify the negative scenario; leave the cgroup */
> + if (join_cgroup(CGROUP_MOUNT_PATH))
> + goto leave_cgroup_err;
> +
> + remote_pid = 0;
> + bpf_update_elem(map_fd[1], &idx, &remote_pid, BPF_ANY);
> +
> + sync();
> + bpf_lookup_elem(map_fd[1], &idx, &remote_pid);
> +
> + if (local_pid == remote_pid) {
> + fprintf(stderr, "BPF cgroup negative test did not work\n");
> + goto cleanup_cgroup_err;
> + }
> +
> + rmdir(CGROUP_PATH);
> + return 0;

Nice test. Thanks
Acked-by: Alexei Starovoitov

[PATCH net-next v5 3/3] samples/bpf: Add test_current_task_under_cgroup test

2016-08-12 Thread Sargun Dhillon 
This test has a BPF program which writes the last known pid to call the
sync syscall within a given cgroup to a map.

The user mode program creates its own mount namespace, and mounts the
cgroupsv2  hierarchy in there, as on all current test systems
(Ubuntu 16.04, Debian), the cgroupsv2 vfs is unmounted by default.
Once it does this, it proceeds to test.

The test checks for positive and negative condition. It ensures that
when it's part of a given cgroup, its pid is captured in the map,
and that when it leaves the cgroup, this doesn't happen.

It populate a cgroups arraymap prior to execution in userspace. This means
that the program must be run in the same cgroups namespace as the programs
that are being traced.

Signed-off-by: Sargun Dhillon 
Cc: Alexei Starovoitov 
Cc: Daniel Borkmann 
Cc: Tejun Heo 
---
 samples/bpf/Makefile  |   5 +
 samples/bpf/bpf_helpers.h |   2 +
 samples/bpf/test_current_task_under_cgroup_kern.c |  43 +++
 samples/bpf/test_current_task_under_cgroup_user.c | 145 ++
 4 files changed, 195 insertions(+)
 create mode 100644 samples/bpf/test_current_task_under_cgroup_kern.c
 create mode 100644 samples/bpf/test_current_task_under_cgroup_user.c

diff --git a/samples/bpf/Makefile b/samples/bpf/Makefile
index 90ebf7d..eb582c6 100644
--- a/samples/bpf/Makefile
+++ b/samples/bpf/Makefile
@@ -24,6 +24,7 @@ hostprogs-y += test_overhead
 hostprogs-y += test_cgrp2_array_pin
 hostprogs-y += xdp1
 hostprogs-y += xdp2
+hostprogs-y += test_current_task_under_cgroup
 
 test_verifier-objs := test_verifier.o libbpf.o
 test_maps-objs := test_maps.o libbpf.o
@@ -49,6 +50,8 @@ test_cgrp2_array_pin-objs := libbpf.o test_cgrp2_array_pin.o
 xdp1-objs := bpf_load.o libbpf.o xdp1_user.o
 # reuse xdp1 source intentionally
 xdp2-objs := bpf_load.o libbpf.o xdp1_user.o
+test_current_task_under_cgroup-objs := bpf_load.o libbpf.o \
+  test_current_task_under_cgroup_user.o
 
 # Tell kbuild to always build the programs
 always := $(hostprogs-y)
@@ -74,6 +77,7 @@ always += parse_varlen.o parse_simple.o parse_ldabs.o
 always += test_cgrp2_tc_kern.o
 always += xdp1_kern.o
 always += xdp2_kern.o
+always += test_current_task_under_cgroup_kern.o
 
 HOSTCFLAGS += -I$(objtree)/usr/include
 
@@ -97,6 +101,7 @@ HOSTLOADLIBES_map_perf_test += -lelf -lrt
 HOSTLOADLIBES_test_overhead += -lelf -lrt
 HOSTLOADLIBES_xdp1 += -lelf
 HOSTLOADLIBES_xdp2 += -lelf
+HOSTLOADLIBES_test_current_task_under_cgroup += -lelf
 
 # Allows pointing LLC/CLANG to a LLVM backend with bpf support, redefine on 
cmdline:
 #  make samples/bpf/ LLC=~/git/llvm/build/bin/llc 
CLANG=~/git/llvm/build/bin/clang
diff --git a/samples/bpf/bpf_helpers.h b/samples/bpf/bpf_helpers.h
index cbc52df..5e4c41e 100644
--- a/samples/bpf/bpf_helpers.h
+++ b/samples/bpf/bpf_helpers.h
@@ -45,6 +45,8 @@ static int (*bpf_get_stackid)(void *ctx, void *map, int 
flags) =
(void *) BPF_FUNC_get_stackid;
 static int (*bpf_probe_write_user)(void *dst, void *src, int size) =
(void *) BPF_FUNC_probe_write_user;
+static int (*bpf_current_task_under_cgroup)(void *map, int index) =
+   (void *) BPF_FUNC_current_task_under_cgroup;
 
 /* llvm builtin functions that eBPF C program may use to
  * emit BPF_LD_ABS and BPF_LD_IND instructions
diff --git a/samples/bpf/test_current_task_under_cgroup_kern.c 
b/samples/bpf/test_current_task_under_cgroup_kern.c
new file mode 100644
index 000..86b28d7
--- /dev/null
+++ b/samples/bpf/test_current_task_under_cgroup_kern.c
@@ -0,0 +1,43 @@
+/* Copyright (c) 2016 Sargun Dhillon 
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of version 2 of the GNU General Public
+ * License as published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include "bpf_helpers.h"
+#include 
+
+struct bpf_map_def SEC("maps") cgroup_map = {
+   .type   = BPF_MAP_TYPE_CGROUP_ARRAY,
+   .key_size   = sizeof(u32),
+   .value_size = sizeof(u32),
+   .max_entries= 1,
+};
+
+struct bpf_map_def SEC("maps") perf_map = {
+   .type   = BPF_MAP_TYPE_ARRAY,
+   .key_size   = sizeof(u32),
+   .value_size = sizeof(u64),
+   .max_entries= 1,
+};
+
+/* Writes the last PID that called sync to a map at index 0 */
+SEC("kprobe/sys_sync")
+int bpf_prog1(struct pt_regs *ctx)
+{
+   u64 pid = bpf_get_current_pid_tgid();
+   int idx = 0;
+
+   if (!bpf_current_task_under_cgroup(&cgroup_map, 0))
+   return 0;
+
+   bpf_map_update_elem(&perf_map, &idx, &pid, BPF_ANY);
+   return 0;
+}
+
+char _license[] SEC("license") = "GPL";
+u32 _version SEC("version") = LINUX_VERSION_CODE;
diff --git a/samples/bpf/test_current_task_under_cgroup_user.c 
b/samples/bpf/test_current_task_under_cgroup_user.c
new file mode 100644
index 000..30b0bce
--- /dev/