| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d9716ac8-b6b1-4524-8c94-2f7261f9b5cf@linux.dev>
Date: Wed, 16 Jul 2025 13:28:32 +0800
From: Tao Chen <chen.dylane@...ux.dev>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
martin.lau@...ux.dev, eddyz87@...il.com, song@...nel.org,
yonghong.song@...ux.dev, john.fastabend@...il.com, kpsingh@...nel.org,
sdf@...ichev.me, haoluo@...gle.com, jolsa@...nel.org, willemb@...gle.com,
kerneljasonxing@...il.com, bpf@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v2 2/2] bpf/selftests: Add selftests for token
info
在 2025/7/16 05:51, Andrii Nakryiko 写道:
> On Mon, Jul 14, 2025 at 8:59 PM Tao Chen <chen.dylane@...ux.dev> wrote:
>>
>> A previous change added bpf_token_info to get token info with
>> bpf_get_obj_info_by_fd, this patch adds a new test for token info.
>>
>> #461/12 token/bpf_token_info:OK
>>
>> Signed-off-by: Tao Chen <chen.dylane@...ux.dev>
>> ---
>> .../testing/selftests/bpf/prog_tests/token.c | 39 +++++++++++++++++++
>> 1 file changed, 39 insertions(+)
>>
>> diff --git a/tools/testing/selftests/bpf/prog_tests/token.c b/tools/testing/selftests/bpf/prog_tests/token.c
>> index cfc032b910c..a16f25bdd4c 100644
>> --- a/tools/testing/selftests/bpf/prog_tests/token.c
>> +++ b/tools/testing/selftests/bpf/prog_tests/token.c
>> @@ -1047,6 +1047,36 @@ static int userns_obj_priv_implicit_token_envvar(int mnt_fd, struct token_lsm *l
>>
>> #define bit(n) (1ULL << (n))
>>
>> +static int userns_bpf_token_info(int mnt_fd, struct token_lsm *lsm_skel)
>> +{
>> + int err, token_fd = -1;
>> + struct bpf_token_info info;
>> + u32 len = sizeof(struct bpf_token_info);
>> +
>> + /* create BPF token from BPF FS mount */
>> + token_fd = bpf_token_create(mnt_fd, NULL);
>> + if (!ASSERT_GT(token_fd, 0, "token_create")) {
>> + err = -EINVAL;
>> + goto cleanup;
>> + }
>> +
>> + memset(&info, 0, len);
>> + err = bpf_obj_get_info_by_fd(token_fd, &info, &len);
>> + if (!ASSERT_ERR(err, "bpf_obj_get_token_info"))
>> + goto cleanup;
>> + if (!ASSERT_EQ(info.allowed_cmds, bit(BPF_MAP_CREATE), "token_info_cmds_map_create"))
>> + goto cleanup;
>> + if (!ASSERT_EQ(info.allowed_progs, bit(BPF_PROG_TYPE_XDP), "token_info_progs_xdp"))
>> + goto cleanup;
>
> nit: there is no harm in just doing a few ASSERT_EQ() checks
> unconditionally, it's cleaner and more succinct (and either way you
> return err == 0 in this case)
>
It seems necessary to assign the err when ASSERT_EQ fails, will fix it
in v3, thanks.
>> +
>> + /* The BPF_PROG_TYPE_EXT is not set in token */
>> + ASSERT_EQ(info.allowed_progs, bit(BPF_PROG_TYPE_EXT), "token_info_progs_ext");
>> +
>> +cleanup:
>> + zclose(token_fd);
>> + return err;
>> +}
>> +
>> void test_token(void)
>> {
>> if (test__start_subtest("map_token")) {
>> @@ -1150,4 +1180,13 @@ void test_token(void)
>>
>> subtest_userns(&opts, userns_obj_priv_implicit_token_envvar);
>> }
>> + if (test__start_subtest("bpf_token_info")) {
>> + struct bpffs_opts opts = {
>> + .cmds = bit(BPF_MAP_CREATE),
>> + .progs = bit(BPF_PROG_TYPE_XDP),
>> + .attachs = ~0ULL,
>> + };
>> +
>> + subtest_userns(&opts, userns_bpf_token_info);
>> + }
>> }
>> --
>> 2.48.1
>>
--
Best Regards
Tao Chen
Powered by blists - more mailing lists