Commit f2d0ffee authored Dec 14, 2023 by Andrii Nakryiko Committed by Alexei Starovoitov Dec 14, 2023

selftests/bpf: utilize string values for delegate_xxx mount options



Use both hex-based and string-based way to specify delegate mount
options for BPF FS.

Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/r/20231214225016.1209867-3-andrii@kernel.org


Signed-off-by: Alexei Starovoitov <ast@kernel.org>

parent c5707b21

tools/testing/selftests/bpf/prog_tests/token.c

+32 −20

Original line number	Diff line number	Diff line
		@@ -66,14 +66,22 @@ static int restore_priv_caps(__u64 old_caps)
		return cap_enable_effective(old_caps, NULL);
		}

		static int set_delegate_mask(int fs_fd, const char *key, __u64 mask)
		static int set_delegate_mask(int fs_fd, const char key, __u64 mask, const char mask_str)
		{
		char buf[32];
		int err;

		if (!mask_str) {
		if (mask == ~0ULL) {
		mask_str = "any";
		} else {
		snprintf(buf, sizeof(buf), "0x%llx", (unsigned long long)mask);
		mask_str = buf;
		}
		}

		err = sys_fsconfig(fs_fd, FSCONFIG_SET_STRING, key,
		mask == ~0ULL ? "any" : buf, 0);
		mask_str, 0);
		if (err < 0)
		err = -errno;
		return err;
		@@ -86,6 +94,10 @@ struct bpffs_opts {
		__u64 maps;
		__u64 progs;
		__u64 attachs;
		const char *cmds_str;
		const char *maps_str;
		const char *progs_str;
		const char *attachs_str;
		};

		static int create_bpffs_fd(void)
		@@ -104,16 +116,16 @@ static int materialize_bpffs_fd(int fs_fd, struct bpffs_opts *opts)
		int mnt_fd, err;

		/* set up token delegation mount options */
		err = set_delegate_mask(fs_fd, "delegate_cmds", opts->cmds);
		err = set_delegate_mask(fs_fd, "delegate_cmds", opts->cmds, opts->cmds_str);
		if (!ASSERT_OK(err, "fs_cfg_cmds"))
		return err;
		err = set_delegate_mask(fs_fd, "delegate_maps", opts->maps);
		err = set_delegate_mask(fs_fd, "delegate_maps", opts->maps, opts->maps_str);
		if (!ASSERT_OK(err, "fs_cfg_maps"))
		return err;
		err = set_delegate_mask(fs_fd, "delegate_progs", opts->progs);
		err = set_delegate_mask(fs_fd, "delegate_progs", opts->progs, opts->progs_str);
		if (!ASSERT_OK(err, "fs_cfg_progs"))
		return err;
		err = set_delegate_mask(fs_fd, "delegate_attachs", opts->attachs);
		err = set_delegate_mask(fs_fd, "delegate_attachs", opts->attachs, opts->attachs_str);
		if (!ASSERT_OK(err, "fs_cfg_attachs"))
		return err;

		@@ -295,13 +307,13 @@ static void child(int sock_fd, struct bpffs_opts *opts, child_callback_fn callba
		}

		/* ensure unprivileged child cannot set delegation options */
		err = set_delegate_mask(fs_fd, "delegate_cmds", 0x1);
		err = set_delegate_mask(fs_fd, "delegate_cmds", 0x1, NULL);
		ASSERT_EQ(err, -EPERM, "delegate_cmd_eperm");
		err = set_delegate_mask(fs_fd, "delegate_maps", 0x1);
		err = set_delegate_mask(fs_fd, "delegate_maps", 0x1, NULL);
		ASSERT_EQ(err, -EPERM, "delegate_maps_eperm");
		err = set_delegate_mask(fs_fd, "delegate_progs", 0x1);
		err = set_delegate_mask(fs_fd, "delegate_progs", 0x1, NULL);
		ASSERT_EQ(err, -EPERM, "delegate_progs_eperm");
		err = set_delegate_mask(fs_fd, "delegate_attachs", 0x1);
		err = set_delegate_mask(fs_fd, "delegate_attachs", 0x1, NULL);
		ASSERT_EQ(err, -EPERM, "delegate_attachs_eperm");

		/* pass BPF FS context object to parent */
		@@ -325,22 +337,22 @@ static void child(int sock_fd, struct bpffs_opts *opts, child_callback_fn callba
		}

		/* ensure unprivileged child cannot reconfigure to set delegation options */
		err = set_delegate_mask(fs_fd, "delegate_cmds", ~0ULL);
		err = set_delegate_mask(fs_fd, "delegate_cmds", 0, "any");
		if (!ASSERT_EQ(err, -EPERM, "delegate_cmd_eperm_reconfig")) {
		err = -EINVAL;
		goto cleanup;
		}
		err = set_delegate_mask(fs_fd, "delegate_maps", ~0ULL);
		err = set_delegate_mask(fs_fd, "delegate_maps", 0, "any");
		if (!ASSERT_EQ(err, -EPERM, "delegate_maps_eperm_reconfig")) {
		err = -EINVAL;
		goto cleanup;
		}
		err = set_delegate_mask(fs_fd, "delegate_progs", ~0ULL);
		err = set_delegate_mask(fs_fd, "delegate_progs", 0, "any");
		if (!ASSERT_EQ(err, -EPERM, "delegate_progs_eperm_reconfig")) {
		err = -EINVAL;
		goto cleanup;
		}
		err = set_delegate_mask(fs_fd, "delegate_attachs", ~0ULL);
		err = set_delegate_mask(fs_fd, "delegate_attachs", 0, "any");
		if (!ASSERT_EQ(err, -EPERM, "delegate_attachs_eperm_reconfig")) {
		err = -EINVAL;
		goto cleanup;
		@@ -933,8 +945,8 @@ void test_token(void)
		{
		if (test__start_subtest("map_token")) {
		struct bpffs_opts opts = {
		.cmds = 1ULL << BPF_MAP_CREATE,
		.maps = 1ULL << BPF_MAP_TYPE_STACK,
		.cmds_str = "map_create",
		.maps_str = "stack",
		};

		subtest_userns(&opts, userns_map_create);
		@@ -948,9 +960,9 @@ void test_token(void)
		}
		if (test__start_subtest("prog_token")) {
		struct bpffs_opts opts = {
		.cmds = 1ULL << BPF_PROG_LOAD,
		.progs = 1ULL << BPF_PROG_TYPE_XDP,
		.attachs = 1ULL << BPF_XDP,
		.cmds_str = "PROG_LOAD",
		.progs_str = "XDP",
		.attachs_str = "xdp",
		};

		subtest_userns(&opts, userns_prog_load);