• Roman Gushchin's avatar
    selftests/bpf: add a test for device cgroup controller · 37f1ba09
    Roman Gushchin authored
    Add a test for device cgroup controller.
    
    The test loads a simple bpf program which logs all
    device access attempts using trace_printk() and forbids
    all operations except operations with /dev/zero and
    /dev/urandom.
    
    Then the test creates and joins a test cgroup, and attaches
    the bpf program to it.
    
    Then it tries to perform some simple device operations
    and checks the result:
    
      create /dev/null (should fail)
      create /dev/zero (should pass)
      copy data from /dev/urandom to /dev/zero (should pass)
      copy data from /dev/urandom to /dev/full (should fail)
      copy data from /dev/random to /dev/zero (should fail)
    Signed-off-by: default avatarRoman Gushchin <guro@fb.com>
    Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
    Acked-by: default avatarTejun Heo <tj@kernel.org>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    37f1ba09
dev_cgroup.c 1.2 KB