From b6cd37e38acccec1421055549f46948d667f0e60 Mon Sep 17 00:00:00 2001
From: Cheng-Min Chiang <chmnchiang@gmail.com>
Date: Wed, 2 Dec 2020 22:58:40 +0800
Subject: sys/linux/test: add a test for bpf_cgroup_sysctl

- Add a test for BPF_PROG_TYPE_CGROUP_SYSCTL. This could be used as a
corpus.
- Remove an unnecessary file sys/linux/bpf_lsm.txt.const.
---
 sys/linux/bpf_lsm.txt.const |  9 ---------
 sys/linux/test/bpf_cgroup   | 25 +++++++++++++++++++++++++
 2 files changed, 25 insertions(+), 9 deletions(-)
 delete mode 100644 sys/linux/bpf_lsm.txt.const
 create mode 100644 sys/linux/test/bpf_cgroup

(limited to 'sys/linux')

diff --git a/sys/linux/bpf_lsm.txt.const b/sys/linux/bpf_lsm.txt.const
deleted file mode 100644
index d6df381b9..000000000
--- a/sys/linux/bpf_lsm.txt.const
+++ /dev/null
@@ -1,9 +0,0 @@
-# Code generated by syz-sysgen. DO NOT EDIT.
-arches = 386, amd64, arm, arm64, mips64le, ppc64le, riscv64, s390x
-BPF_LSM_MAC = 27
-BPF_PROG_LOAD = 5
-BPF_PROG_TYPE_LSM = 29
-BPF_PROG_TYPE_RAW_TRACEPOINT = 17
-BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 24
-BPF_RAW_TRACEPOINT_OPEN = 17
-__NR_bpf = 280, 386:357, amd64:321, arm:386, mips64le:5315, ppc64le:361, s390x:351
diff --git a/sys/linux/test/bpf_cgroup b/sys/linux/test/bpf_cgroup
new file mode 100644
index 000000000..026470f3d
--- /dev/null
+++ b/sys/linux/test/bpf_cgroup
@@ -0,0 +1,25 @@
+# First, write to an entry of /proc/sys. It should work fine.
+
+r0 = openat$tcp_congestion(AUTO, &AUTO='/proc/sys/net/ipv4/tcp_congestion_control', AUTO, AUTO)
+
+r1 = write$tcp_congestion(r0, &AUTO='reno\x00', AUTO)
+
+# Now, load a BPF_PROG_TYPE_CGROUP_SYSCTL that simply returns 0, which will block all writes to /proc/sys
+
+r2 = bpf$PROG_LOAD(AUTO, &AUTO={0x17, AUTO, &AUTO=@framed={{AUTO, AUTO, AUTO, AUTO, 0x0, AUTO, AUTO, AUTO, 0x0}, [], {AUTO, AUTO, AUTO, AUTO}}, &AUTO='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x78)
+
+r3 = openat(0xffffffffffffff9c, &AUTO='./cgroup\x00', 0x0, 0x0)
+
+r4 = bpf$BPF_PROG_ATTACH(AUTO, &AUTO={@cgroup=r3, r2, 0x12, 0x0, 0x0}, AUTO)
+
+# It should fail now.
+
+r5 = write$tcp_congestion(r0, &AUTO='reno\x00', AUTO) # EPERM
+
+# Detach the BPF program.
+
+r6 = bpf$BPF_PROG_DETACH(AUTO, &AUTO={@cgroup=r3, r2, 0x12, 0x0}, AUTO)
+
+# It should work again.
+
+r7 = write$tcp_congestion(r0, &AUTO='reno\x00', AUTO)
-- 
cgit mrf-deployment