1 // SPDX-License-Identifier: GPL-2.0
2 #include <sys/un.h>
3
4 #include "test_progs.h"
5
6 #include "sock_addr_kern.skel.h"
7 #include "bind4_prog.skel.h"
8 #include "bind6_prog.skel.h"
9 #include "connect_unix_prog.skel.h"
10 #include "connect4_prog.skel.h"
11 #include "connect6_prog.skel.h"
12 #include "sendmsg4_prog.skel.h"
13 #include "sendmsg6_prog.skel.h"
14 #include "recvmsg4_prog.skel.h"
15 #include "recvmsg6_prog.skel.h"
16 #include "sendmsg_unix_prog.skel.h"
17 #include "recvmsg_unix_prog.skel.h"
18 #include "getsockname4_prog.skel.h"
19 #include "getsockname6_prog.skel.h"
20 #include "getsockname_unix_prog.skel.h"
21 #include "getpeername4_prog.skel.h"
22 #include "getpeername6_prog.skel.h"
23 #include "getpeername_unix_prog.skel.h"
24 #include "network_helpers.h"
25
26 #ifndef ENOTSUPP
27 # define ENOTSUPP 524
28 #endif
29
30 #define TEST_NS "sock_addr"
31 #define TEST_IF_PREFIX "test_sock_addr"
32 #define TEST_IPV4 "127.0.0.4"
33 #define TEST_IPV6 "::6"
34
35 #define SERV4_IP "192.168.1.254"
36 #define SERV4_REWRITE_IP "127.0.0.1"
37 #define SRC4_IP "172.16.0.1"
38 #define SRC4_REWRITE_IP TEST_IPV4
39 #define SERV4_PORT 4040
40 #define SERV4_REWRITE_PORT 4444
41
42 #define SERV6_IP "face:b00c:1234:5678::abcd"
43 #define SERV6_REWRITE_IP "::1"
44 #define SERV6_V4MAPPED_IP "::ffff:192.168.0.4"
45 #define SRC6_IP "::1"
46 #define SRC6_REWRITE_IP TEST_IPV6
47 #define WILDCARD6_IP "::"
48 #define SERV6_PORT 6060
49 #define SERV6_REWRITE_PORT 6666
50
51 #define SERVUN_ADDRESS "bpf_cgroup_unix_test"
52 #define SERVUN_REWRITE_ADDRESS "bpf_cgroup_unix_test_rewrite"
53 #define SRCUN_ADDRESS "bpf_cgroup_unix_test_src"
54
55 #define save_errno_do(op) ({ int __save = errno; op; errno = __save; })
56
57 enum sock_addr_test_type {
58 SOCK_ADDR_TEST_BIND,
59 SOCK_ADDR_TEST_CONNECT,
60 SOCK_ADDR_TEST_SENDMSG,
61 SOCK_ADDR_TEST_RECVMSG,
62 SOCK_ADDR_TEST_GETSOCKNAME,
63 SOCK_ADDR_TEST_GETPEERNAME,
64 };
65
66 typedef void *(*load_fn)(int cgroup_fd,
67 enum bpf_attach_type attach_type,
68 bool expect_reject);
69 typedef void (*destroy_fn)(void *skel);
70
71 static int cmp_addr(const struct sockaddr_storage *addr1, socklen_t addr1_len,
72 const struct sockaddr_storage *addr2, socklen_t addr2_len,
73 bool cmp_port);
74
75 struct init_sock_args {
76 int af;
77 int type;
78 };
79
80 struct addr_args {
81 char addr[sizeof(struct sockaddr_storage)];
82 int addrlen;
83 };
84
85 struct sendmsg_args {
86 struct addr_args addr;
87 char msg[10];
88 int msglen;
89 };
90
91 static struct sock_addr_kern *skel;
92
run_bpf_prog(const char * prog_name,void * ctx,int ctx_size)93 static int run_bpf_prog(const char *prog_name, void *ctx, int ctx_size)
94 {
95 LIBBPF_OPTS(bpf_test_run_opts, topts);
96 struct bpf_program *prog;
97 int prog_fd, err;
98
99 topts.ctx_in = ctx;
100 topts.ctx_size_in = ctx_size;
101
102 prog = bpf_object__find_program_by_name(skel->obj, prog_name);
103 if (!ASSERT_OK_PTR(prog, "bpf_object__find_program_by_name"))
104 goto err;
105
106 prog_fd = bpf_program__fd(prog);
107 err = bpf_prog_test_run_opts(prog_fd, &topts);
108 if (!ASSERT_OK(err, prog_name))
109 goto err;
110
111 err = topts.retval;
112 errno = -topts.retval;
113 goto out;
114 err:
115 err = -1;
116 out:
117 return err;
118 }
119
kernel_init_sock(int af,int type,int protocol)120 static int kernel_init_sock(int af, int type, int protocol)
121 {
122 struct init_sock_args args = {
123 .af = af,
124 .type = type,
125 };
126
127 return run_bpf_prog("init_sock", &args, sizeof(args));
128 }
129
kernel_close_sock(int fd)130 static int kernel_close_sock(int fd)
131 {
132 return run_bpf_prog("close_sock", NULL, 0);
133 }
134
sock_addr_op(const char * name,struct sockaddr * addr,socklen_t * addrlen,bool expect_change)135 static int sock_addr_op(const char *name, struct sockaddr *addr,
136 socklen_t *addrlen, bool expect_change)
137 {
138 struct addr_args args;
139 int err;
140
141 if (addrlen)
142 args.addrlen = *addrlen;
143
144 if (addr)
145 memcpy(&args.addr, addr, *addrlen);
146
147 err = run_bpf_prog(name, &args, sizeof(args));
148
149 if (!expect_change && addr)
150 if (!ASSERT_EQ(cmp_addr((struct sockaddr_storage *)addr,
151 *addrlen,
152 (struct sockaddr_storage *)&args.addr,
153 args.addrlen, 1),
154 0, "address_param_modified"))
155 return -1;
156
157 if (addrlen)
158 *addrlen = args.addrlen;
159
160 if (addr)
161 memcpy(addr, &args.addr, *addrlen);
162
163 return err;
164 }
165
send_msg_op(const char * name,struct sockaddr * addr,socklen_t addrlen,const char * msg,int msglen)166 static int send_msg_op(const char *name, struct sockaddr *addr,
167 socklen_t addrlen, const char *msg, int msglen)
168 {
169 struct sendmsg_args args;
170 int err;
171
172 memset(&args, 0, sizeof(args));
173 memcpy(&args.addr.addr, addr, addrlen);
174 args.addr.addrlen = addrlen;
175 memcpy(args.msg, msg, msglen);
176 args.msglen = msglen;
177
178 err = run_bpf_prog(name, &args, sizeof(args));
179
180 if (!ASSERT_EQ(cmp_addr((struct sockaddr_storage *)addr,
181 addrlen,
182 (struct sockaddr_storage *)&args.addr.addr,
183 args.addr.addrlen, 1),
184 0, "address_param_modified"))
185 return -1;
186
187 return err;
188 }
189
kernel_connect(struct sockaddr * addr,socklen_t addrlen)190 static int kernel_connect(struct sockaddr *addr, socklen_t addrlen)
191 {
192 return sock_addr_op("kernel_connect", addr, &addrlen, false);
193 }
194
kernel_bind(int fd,struct sockaddr * addr,socklen_t addrlen)195 static int kernel_bind(int fd, struct sockaddr *addr, socklen_t addrlen)
196 {
197 return sock_addr_op("kernel_bind", addr, &addrlen, false);
198 }
199
kernel_listen(void)200 static int kernel_listen(void)
201 {
202 return sock_addr_op("kernel_listen", NULL, NULL, false);
203 }
204
kernel_sendmsg(int fd,struct sockaddr * addr,socklen_t addrlen,char * msg,int msglen)205 static int kernel_sendmsg(int fd, struct sockaddr *addr, socklen_t addrlen,
206 char *msg, int msglen)
207 {
208 return send_msg_op("kernel_sendmsg", addr, addrlen, msg, msglen);
209 }
210
sock_sendmsg(int fd,struct sockaddr * addr,socklen_t addrlen,char * msg,int msglen)211 static int sock_sendmsg(int fd, struct sockaddr *addr, socklen_t addrlen,
212 char *msg, int msglen)
213 {
214 return send_msg_op("sock_sendmsg", addr, addrlen, msg, msglen);
215 }
216
kernel_getsockname(int fd,struct sockaddr * addr,socklen_t * addrlen)217 static int kernel_getsockname(int fd, struct sockaddr *addr, socklen_t *addrlen)
218 {
219 return sock_addr_op("kernel_getsockname", addr, addrlen, true);
220 }
221
kernel_getpeername(int fd,struct sockaddr * addr,socklen_t * addrlen)222 static int kernel_getpeername(int fd, struct sockaddr *addr, socklen_t *addrlen)
223 {
224 return sock_addr_op("kernel_getpeername", addr, addrlen, true);
225 }
226
kernel_connect_to_addr(int type,const struct sockaddr_storage * addr,socklen_t addrlen,const struct network_helper_opts * opts)227 int kernel_connect_to_addr(int type, const struct sockaddr_storage *addr, socklen_t addrlen,
228 const struct network_helper_opts *opts)
229 {
230 int err;
231
232 if (!ASSERT_OK(kernel_init_sock(addr->ss_family, type, 0),
233 "kernel_init_sock"))
234 goto err;
235
236 if (kernel_connect((struct sockaddr *)addr, addrlen) < 0)
237 goto err;
238
239 /* Test code expects a "file descriptor" on success. */
240 err = 1;
241 goto out;
242 err:
243 err = -1;
244 save_errno_do(ASSERT_OK(kernel_close_sock(0), "kernel_close_sock"));
245 out:
246 return err;
247 }
248
kernel_start_server(int family,int type,const char * addr_str,__u16 port,int timeout_ms)249 int kernel_start_server(int family, int type, const char *addr_str, __u16 port,
250 int timeout_ms)
251 {
252 struct sockaddr_storage addr;
253 socklen_t addrlen;
254 int err;
255
256 if (!ASSERT_OK(kernel_init_sock(family, type, 0), "kernel_init_sock"))
257 goto err;
258
259 if (make_sockaddr(family, addr_str, port, &addr, &addrlen))
260 goto err;
261
262 if (kernel_bind(0, (struct sockaddr *)&addr, addrlen) < 0)
263 goto err;
264
265 if (type == SOCK_STREAM) {
266 if (!ASSERT_OK(kernel_listen(), "kernel_listen"))
267 goto err;
268 }
269
270 /* Test code expects a "file descriptor" on success. */
271 err = 1;
272 goto out;
273 err:
274 err = -1;
275 save_errno_do(ASSERT_OK(kernel_close_sock(0), "kernel_close_sock"));
276 out:
277 return err;
278 }
279
280 struct sock_ops {
281 int (*connect_to_addr)(int type, const struct sockaddr_storage *addr,
282 socklen_t addrlen,
283 const struct network_helper_opts *opts);
284 int (*start_server)(int family, int type, const char *addr_str,
285 __u16 port, int timeout_ms);
286 int (*socket)(int famil, int type, int protocol);
287 int (*bind)(int fd, struct sockaddr *addr, socklen_t addrlen);
288 int (*getsockname)(int fd, struct sockaddr *addr, socklen_t *addrlen);
289 int (*getpeername)(int fd, struct sockaddr *addr, socklen_t *addrlen);
290 int (*sendmsg)(int fd, struct sockaddr *addr, socklen_t addrlen,
291 char *msg, int msglen);
292 int (*close)(int fd);
293 };
294
user_sendmsg(int fd,struct sockaddr * addr,socklen_t addrlen,char * msg,int msglen)295 static int user_sendmsg(int fd, struct sockaddr *addr, socklen_t addrlen,
296 char *msg, int msglen)
297 {
298 struct msghdr hdr;
299 struct iovec iov;
300
301 memset(&iov, 0, sizeof(iov));
302 iov.iov_base = msg;
303 iov.iov_len = msglen;
304
305 memset(&hdr, 0, sizeof(hdr));
306 hdr.msg_name = (void *)addr;
307 hdr.msg_namelen = addrlen;
308 hdr.msg_iov = &iov;
309 hdr.msg_iovlen = 1;
310
311 return sendmsg(fd, &hdr, 0);
312 }
313
user_bind(int fd,struct sockaddr * addr,socklen_t addrlen)314 static int user_bind(int fd, struct sockaddr *addr, socklen_t addrlen)
315 {
316 return bind(fd, (const struct sockaddr *)addr, addrlen);
317 }
318
319 struct sock_ops user_ops = {
320 .connect_to_addr = connect_to_addr,
321 .start_server = start_server,
322 .socket = socket,
323 .bind = user_bind,
324 .getsockname = getsockname,
325 .getpeername = getpeername,
326 .sendmsg = user_sendmsg,
327 .close = close,
328 };
329
330 struct sock_ops kern_ops_sock_sendmsg = {
331 .connect_to_addr = kernel_connect_to_addr,
332 .start_server = kernel_start_server,
333 .socket = kernel_init_sock,
334 .bind = kernel_bind,
335 .getsockname = kernel_getsockname,
336 .getpeername = kernel_getpeername,
337 .sendmsg = sock_sendmsg,
338 .close = kernel_close_sock,
339 };
340
341 struct sock_ops kern_ops_kernel_sendmsg = {
342 .connect_to_addr = kernel_connect_to_addr,
343 .start_server = kernel_start_server,
344 .socket = kernel_init_sock,
345 .bind = kernel_bind,
346 .getsockname = kernel_getsockname,
347 .getpeername = kernel_getpeername,
348 .sendmsg = kernel_sendmsg,
349 .close = kernel_close_sock,
350 };
351
352 struct sock_addr_test {
353 enum sock_addr_test_type type;
354 const char *name;
355 /* BPF prog properties */
356 load_fn loadfn;
357 destroy_fn destroyfn;
358 enum bpf_attach_type attach_type;
359 /* Socket operations */
360 struct sock_ops *ops;
361 /* Socket properties */
362 int socket_family;
363 int socket_type;
364 /* IP:port pairs for BPF prog to override */
365 const char *requested_addr;
366 unsigned short requested_port;
367 const char *expected_addr;
368 unsigned short expected_port;
369 const char *expected_src_addr;
370 /* Expected test result */
371 enum {
372 LOAD_REJECT,
373 ATTACH_REJECT,
374 SYSCALL_EPERM,
375 SYSCALL_ENOTSUPP,
376 SUCCESS,
377 } expected_result;
378 };
379
380 #define BPF_SKEL_FUNCS_RAW(skel_name, prog_name) \
381 static void *prog_name##_load_raw(int cgroup_fd, \
382 enum bpf_attach_type attach_type, \
383 bool expect_reject) \
384 { \
385 struct skel_name *skel = skel_name##__open(); \
386 int prog_fd = -1; \
387 if (!ASSERT_OK_PTR(skel, "skel_open")) \
388 goto cleanup; \
389 if (!ASSERT_OK(skel_name##__load(skel), "load")) \
390 goto cleanup; \
391 prog_fd = bpf_program__fd(skel->progs.prog_name); \
392 if (!ASSERT_GT(prog_fd, 0, "prog_fd")) \
393 goto cleanup; \
394 if (bpf_prog_attach(prog_fd, cgroup_fd, attach_type, \
395 BPF_F_ALLOW_OVERRIDE), "bpf_prog_attach") { \
396 ASSERT_TRUE(expect_reject, "unexpected rejection"); \
397 goto cleanup; \
398 } \
399 if (!ASSERT_FALSE(expect_reject, "expected rejection")) \
400 goto cleanup; \
401 cleanup: \
402 if (prog_fd > 0) \
403 bpf_prog_detach(cgroup_fd, attach_type); \
404 skel_name##__destroy(skel); \
405 return NULL; \
406 } \
407 static void prog_name##_destroy_raw(void *progfd) \
408 { \
409 /* No-op. *_load_raw does all cleanup. */ \
410 } \
411
412 #define BPF_SKEL_FUNCS(skel_name, prog_name) \
413 static void *prog_name##_load(int cgroup_fd, \
414 enum bpf_attach_type attach_type, \
415 bool expect_reject) \
416 { \
417 struct skel_name *skel = skel_name##__open(); \
418 if (!ASSERT_OK_PTR(skel, "skel_open")) \
419 goto cleanup; \
420 if (!ASSERT_OK(bpf_program__set_expected_attach_type(skel->progs.prog_name, \
421 attach_type), \
422 "set_expected_attach_type")) \
423 goto cleanup; \
424 if (skel_name##__load(skel)) { \
425 ASSERT_TRUE(expect_reject, "unexpected rejection"); \
426 goto cleanup; \
427 } \
428 if (!ASSERT_FALSE(expect_reject, "expected rejection")) \
429 goto cleanup; \
430 skel->links.prog_name = bpf_program__attach_cgroup( \
431 skel->progs.prog_name, cgroup_fd); \
432 if (!ASSERT_OK_PTR(skel->links.prog_name, "prog_attach")) \
433 goto cleanup; \
434 return skel; \
435 cleanup: \
436 skel_name##__destroy(skel); \
437 return NULL; \
438 } \
439 static void prog_name##_destroy(void *skel) \
440 { \
441 skel_name##__destroy(skel); \
442 }
443
444 BPF_SKEL_FUNCS(bind4_prog, bind_v4_prog);
445 BPF_SKEL_FUNCS_RAW(bind4_prog, bind_v4_prog);
446 BPF_SKEL_FUNCS(bind4_prog, bind_v4_deny_prog);
447 BPF_SKEL_FUNCS(bind6_prog, bind_v6_prog);
448 BPF_SKEL_FUNCS_RAW(bind6_prog, bind_v6_prog);
449 BPF_SKEL_FUNCS(bind6_prog, bind_v6_deny_prog);
450 BPF_SKEL_FUNCS(connect4_prog, connect_v4_prog);
451 BPF_SKEL_FUNCS_RAW(connect4_prog, connect_v4_prog);
452 BPF_SKEL_FUNCS(connect4_prog, connect_v4_deny_prog);
453 BPF_SKEL_FUNCS(connect6_prog, connect_v6_prog);
454 BPF_SKEL_FUNCS_RAW(connect6_prog, connect_v6_prog);
455 BPF_SKEL_FUNCS(connect6_prog, connect_v6_deny_prog);
456 BPF_SKEL_FUNCS(connect_unix_prog, connect_unix_prog);
457 BPF_SKEL_FUNCS_RAW(connect_unix_prog, connect_unix_prog);
458 BPF_SKEL_FUNCS(connect_unix_prog, connect_unix_deny_prog);
459 BPF_SKEL_FUNCS(sendmsg4_prog, sendmsg_v4_prog);
460 BPF_SKEL_FUNCS_RAW(sendmsg4_prog, sendmsg_v4_prog);
461 BPF_SKEL_FUNCS(sendmsg4_prog, sendmsg_v4_deny_prog);
462 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_prog);
463 BPF_SKEL_FUNCS_RAW(sendmsg6_prog, sendmsg_v6_prog);
464 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_deny_prog);
465 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_preserve_dst_prog);
466 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_v4mapped_prog);
467 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_wildcard_prog);
468 BPF_SKEL_FUNCS(sendmsg_unix_prog, sendmsg_unix_prog);
469 BPF_SKEL_FUNCS_RAW(sendmsg_unix_prog, sendmsg_unix_prog);
470 BPF_SKEL_FUNCS(sendmsg_unix_prog, sendmsg_unix_deny_prog);
471 BPF_SKEL_FUNCS(recvmsg4_prog, recvmsg4_prog);
472 BPF_SKEL_FUNCS_RAW(recvmsg4_prog, recvmsg4_prog);
473 BPF_SKEL_FUNCS(recvmsg6_prog, recvmsg6_prog);
474 BPF_SKEL_FUNCS_RAW(recvmsg6_prog, recvmsg6_prog);
475 BPF_SKEL_FUNCS(recvmsg_unix_prog, recvmsg_unix_prog);
476 BPF_SKEL_FUNCS_RAW(recvmsg_unix_prog, recvmsg_unix_prog);
477 BPF_SKEL_FUNCS(getsockname_unix_prog, getsockname_unix_prog);
478 BPF_SKEL_FUNCS_RAW(getsockname_unix_prog, getsockname_unix_prog);
479 BPF_SKEL_FUNCS(getsockname4_prog, getsockname_v4_prog);
480 BPF_SKEL_FUNCS_RAW(getsockname4_prog, getsockname_v4_prog);
481 BPF_SKEL_FUNCS(getsockname6_prog, getsockname_v6_prog);
482 BPF_SKEL_FUNCS_RAW(getsockname6_prog, getsockname_v6_prog);
483 BPF_SKEL_FUNCS(getpeername_unix_prog, getpeername_unix_prog);
484 BPF_SKEL_FUNCS_RAW(getpeername_unix_prog, getpeername_unix_prog);
485 BPF_SKEL_FUNCS(getpeername4_prog, getpeername_v4_prog);
486 BPF_SKEL_FUNCS_RAW(getpeername4_prog, getpeername_v4_prog);
487 BPF_SKEL_FUNCS(getpeername6_prog, getpeername_v6_prog);
488 BPF_SKEL_FUNCS_RAW(getpeername6_prog, getpeername_v6_prog);
489
490 static struct sock_addr_test tests[] = {
491 /* bind - system calls */
492 {
493 SOCK_ADDR_TEST_BIND,
494 "bind4: bind (stream)",
495 bind_v4_prog_load,
496 bind_v4_prog_destroy,
497 BPF_CGROUP_INET4_BIND,
498 &user_ops,
499 AF_INET,
500 SOCK_STREAM,
501 SERV4_IP,
502 SERV4_PORT,
503 SERV4_REWRITE_IP,
504 SERV4_REWRITE_PORT,
505 NULL,
506 SUCCESS,
507 },
508 {
509 SOCK_ADDR_TEST_BIND,
510 "bind4: bind deny (stream)",
511 bind_v4_deny_prog_load,
512 bind_v4_deny_prog_destroy,
513 BPF_CGROUP_INET4_BIND,
514 &user_ops,
515 AF_INET,
516 SOCK_STREAM,
517 SERV4_IP,
518 SERV4_PORT,
519 SERV4_REWRITE_IP,
520 SERV4_REWRITE_PORT,
521 NULL,
522 SYSCALL_EPERM,
523 },
524 {
525 SOCK_ADDR_TEST_BIND,
526 "bind4: bind (dgram)",
527 bind_v4_prog_load,
528 bind_v4_prog_destroy,
529 BPF_CGROUP_INET4_BIND,
530 &user_ops,
531 AF_INET,
532 SOCK_DGRAM,
533 SERV4_IP,
534 SERV4_PORT,
535 SERV4_REWRITE_IP,
536 SERV4_REWRITE_PORT,
537 NULL,
538 SUCCESS,
539 },
540 {
541 SOCK_ADDR_TEST_BIND,
542 "bind4: bind deny (dgram)",
543 bind_v4_deny_prog_load,
544 bind_v4_deny_prog_destroy,
545 BPF_CGROUP_INET4_BIND,
546 &user_ops,
547 AF_INET,
548 SOCK_DGRAM,
549 SERV4_IP,
550 SERV4_PORT,
551 SERV4_REWRITE_IP,
552 SERV4_REWRITE_PORT,
553 NULL,
554 SYSCALL_EPERM,
555 },
556 {
557 SOCK_ADDR_TEST_BIND,
558 "bind4: load prog with wrong expected attach type",
559 bind_v4_prog_load,
560 bind_v4_prog_destroy,
561 BPF_CGROUP_INET6_BIND,
562 &user_ops,
563 AF_INET,
564 SOCK_STREAM,
565 NULL,
566 0,
567 NULL,
568 0,
569 NULL,
570 LOAD_REJECT,
571 },
572 {
573 SOCK_ADDR_TEST_BIND,
574 "bind4: attach prog with wrong attach type",
575 bind_v4_prog_load_raw,
576 bind_v4_prog_destroy_raw,
577 BPF_CGROUP_INET6_BIND,
578 &user_ops,
579 AF_INET,
580 SOCK_STREAM,
581 NULL,
582 0,
583 NULL,
584 0,
585 NULL,
586 ATTACH_REJECT,
587 },
588 {
589 SOCK_ADDR_TEST_BIND,
590 "bind6: bind (stream)",
591 bind_v6_prog_load,
592 bind_v6_prog_destroy,
593 BPF_CGROUP_INET6_BIND,
594 &user_ops,
595 AF_INET6,
596 SOCK_STREAM,
597 SERV6_IP,
598 SERV6_PORT,
599 SERV6_REWRITE_IP,
600 SERV6_REWRITE_PORT,
601 NULL,
602 SUCCESS,
603 },
604 {
605 SOCK_ADDR_TEST_BIND,
606 "bind6: bind deny (stream)",
607 bind_v6_deny_prog_load,
608 bind_v6_deny_prog_destroy,
609 BPF_CGROUP_INET6_BIND,
610 &user_ops,
611 AF_INET6,
612 SOCK_STREAM,
613 SERV6_IP,
614 SERV6_PORT,
615 SERV6_REWRITE_IP,
616 SERV6_REWRITE_PORT,
617 NULL,
618 SYSCALL_EPERM,
619 },
620 {
621 SOCK_ADDR_TEST_BIND,
622 "bind6: bind (dgram)",
623 bind_v6_prog_load,
624 bind_v6_prog_destroy,
625 BPF_CGROUP_INET6_BIND,
626 &user_ops,
627 AF_INET6,
628 SOCK_DGRAM,
629 SERV6_IP,
630 SERV6_PORT,
631 SERV6_REWRITE_IP,
632 SERV6_REWRITE_PORT,
633 NULL,
634 SUCCESS,
635 },
636 {
637 SOCK_ADDR_TEST_BIND,
638 "bind6: bind deny (dgram)",
639 bind_v6_deny_prog_load,
640 bind_v6_deny_prog_destroy,
641 BPF_CGROUP_INET6_BIND,
642 &user_ops,
643 AF_INET6,
644 SOCK_DGRAM,
645 SERV6_IP,
646 SERV6_PORT,
647 SERV6_REWRITE_IP,
648 SERV6_REWRITE_PORT,
649 NULL,
650 SYSCALL_EPERM,
651 },
652 {
653 SOCK_ADDR_TEST_BIND,
654 "bind6: load prog with wrong expected attach type",
655 bind_v6_prog_load,
656 bind_v6_prog_destroy,
657 BPF_CGROUP_INET4_BIND,
658 &user_ops,
659 AF_INET6,
660 SOCK_STREAM,
661 NULL,
662 0,
663 NULL,
664 0,
665 NULL,
666 LOAD_REJECT,
667 },
668 {
669 SOCK_ADDR_TEST_BIND,
670 "bind6: attach prog with wrong attach type",
671 bind_v6_prog_load_raw,
672 bind_v6_prog_destroy_raw,
673 BPF_CGROUP_INET4_BIND,
674 &user_ops,
675 AF_INET,
676 SOCK_STREAM,
677 NULL,
678 0,
679 NULL,
680 0,
681 NULL,
682 ATTACH_REJECT,
683 },
684
685 /* bind - kernel calls */
686 {
687 SOCK_ADDR_TEST_BIND,
688 "bind4: kernel_bind (stream)",
689 bind_v4_prog_load,
690 bind_v4_prog_destroy,
691 BPF_CGROUP_INET4_BIND,
692 &kern_ops_sock_sendmsg,
693 AF_INET,
694 SOCK_STREAM,
695 SERV4_IP,
696 SERV4_PORT,
697 SERV4_REWRITE_IP,
698 SERV4_REWRITE_PORT,
699 NULL,
700 SUCCESS,
701 },
702 {
703 SOCK_ADDR_TEST_BIND,
704 "bind4: kernel_bind deny (stream)",
705 bind_v4_deny_prog_load,
706 bind_v4_deny_prog_destroy,
707 BPF_CGROUP_INET4_BIND,
708 &kern_ops_sock_sendmsg,
709 AF_INET,
710 SOCK_STREAM,
711 SERV4_IP,
712 SERV4_PORT,
713 SERV4_REWRITE_IP,
714 SERV4_REWRITE_PORT,
715 NULL,
716 SYSCALL_EPERM,
717 },
718 {
719 SOCK_ADDR_TEST_BIND,
720 "bind4: kernel_bind (dgram)",
721 bind_v4_prog_load,
722 bind_v4_prog_destroy,
723 BPF_CGROUP_INET4_BIND,
724 &kern_ops_sock_sendmsg,
725 AF_INET,
726 SOCK_DGRAM,
727 SERV4_IP,
728 SERV4_PORT,
729 SERV4_REWRITE_IP,
730 SERV4_REWRITE_PORT,
731 NULL,
732 SUCCESS,
733 },
734 {
735 SOCK_ADDR_TEST_BIND,
736 "bind4: kernel_bind deny (dgram)",
737 bind_v4_deny_prog_load,
738 bind_v4_deny_prog_destroy,
739 BPF_CGROUP_INET4_BIND,
740 &kern_ops_sock_sendmsg,
741 AF_INET,
742 SOCK_DGRAM,
743 SERV4_IP,
744 SERV4_PORT,
745 SERV4_REWRITE_IP,
746 SERV4_REWRITE_PORT,
747 NULL,
748 SYSCALL_EPERM,
749 },
750 {
751 SOCK_ADDR_TEST_BIND,
752 "bind6: kernel_bind (stream)",
753 bind_v6_prog_load,
754 bind_v6_prog_destroy,
755 BPF_CGROUP_INET6_BIND,
756 &kern_ops_sock_sendmsg,
757 AF_INET6,
758 SOCK_STREAM,
759 SERV6_IP,
760 SERV6_PORT,
761 SERV6_REWRITE_IP,
762 SERV6_REWRITE_PORT,
763 NULL,
764 SUCCESS,
765 },
766 {
767 SOCK_ADDR_TEST_BIND,
768 "bind6: kernel_bind deny (stream)",
769 bind_v6_deny_prog_load,
770 bind_v6_deny_prog_destroy,
771 BPF_CGROUP_INET6_BIND,
772 &kern_ops_sock_sendmsg,
773 AF_INET6,
774 SOCK_STREAM,
775 SERV6_IP,
776 SERV6_PORT,
777 SERV6_REWRITE_IP,
778 SERV6_REWRITE_PORT,
779 NULL,
780 SYSCALL_EPERM,
781 },
782 {
783 SOCK_ADDR_TEST_BIND,
784 "bind6: kernel_bind (dgram)",
785 bind_v6_prog_load,
786 bind_v6_prog_destroy,
787 BPF_CGROUP_INET6_BIND,
788 &kern_ops_sock_sendmsg,
789 AF_INET6,
790 SOCK_DGRAM,
791 SERV6_IP,
792 SERV6_PORT,
793 SERV6_REWRITE_IP,
794 SERV6_REWRITE_PORT,
795 NULL,
796 SUCCESS,
797 },
798 {
799 SOCK_ADDR_TEST_BIND,
800 "bind6: kernel_bind deny (dgram)",
801 bind_v6_deny_prog_load,
802 bind_v6_deny_prog_destroy,
803 BPF_CGROUP_INET6_BIND,
804 &kern_ops_sock_sendmsg,
805 AF_INET6,
806 SOCK_DGRAM,
807 SERV6_IP,
808 SERV6_PORT,
809 SERV6_REWRITE_IP,
810 SERV6_REWRITE_PORT,
811 NULL,
812 SYSCALL_EPERM,
813 },
814
815 /* connect - system calls */
816 {
817 SOCK_ADDR_TEST_CONNECT,
818 "connect4: connect (stream)",
819 connect_v4_prog_load,
820 connect_v4_prog_destroy,
821 BPF_CGROUP_INET4_CONNECT,
822 &user_ops,
823 AF_INET,
824 SOCK_STREAM,
825 SERV4_IP,
826 SERV4_PORT,
827 SERV4_REWRITE_IP,
828 SERV4_REWRITE_PORT,
829 SRC4_REWRITE_IP,
830 SUCCESS,
831 },
832 {
833 SOCK_ADDR_TEST_CONNECT,
834 "connect4: connect deny (stream)",
835 connect_v4_deny_prog_load,
836 connect_v4_deny_prog_destroy,
837 BPF_CGROUP_INET4_CONNECT,
838 &user_ops,
839 AF_INET,
840 SOCK_STREAM,
841 SERV4_IP,
842 SERV4_PORT,
843 SERV4_REWRITE_IP,
844 SERV4_REWRITE_PORT,
845 SRC4_REWRITE_IP,
846 SYSCALL_EPERM,
847 },
848 {
849 SOCK_ADDR_TEST_CONNECT,
850 "connect4: connect (dgram)",
851 connect_v4_prog_load,
852 connect_v4_prog_destroy,
853 BPF_CGROUP_INET4_CONNECT,
854 &user_ops,
855 AF_INET,
856 SOCK_DGRAM,
857 SERV4_IP,
858 SERV4_PORT,
859 SERV4_REWRITE_IP,
860 SERV4_REWRITE_PORT,
861 SRC4_REWRITE_IP,
862 SUCCESS,
863 },
864 {
865 SOCK_ADDR_TEST_CONNECT,
866 "connect4: connect deny (dgram)",
867 connect_v4_deny_prog_load,
868 connect_v4_deny_prog_destroy,
869 BPF_CGROUP_INET4_CONNECT,
870 &user_ops,
871 AF_INET,
872 SOCK_DGRAM,
873 SERV4_IP,
874 SERV4_PORT,
875 SERV4_REWRITE_IP,
876 SERV4_REWRITE_PORT,
877 SRC4_REWRITE_IP,
878 SYSCALL_EPERM,
879 },
880 {
881 SOCK_ADDR_TEST_CONNECT,
882 "connect4: load prog with wrong expected attach type",
883 connect_v4_prog_load,
884 connect_v4_prog_destroy,
885 BPF_CGROUP_INET6_CONNECT,
886 &user_ops,
887 AF_INET,
888 SOCK_STREAM,
889 NULL,
890 0,
891 NULL,
892 0,
893 NULL,
894 LOAD_REJECT,
895 },
896 {
897 SOCK_ADDR_TEST_CONNECT,
898 "connect4: attach prog with wrong attach type",
899 connect_v4_prog_load_raw,
900 connect_v4_prog_destroy_raw,
901 BPF_CGROUP_INET6_CONNECT,
902 &user_ops,
903 AF_INET,
904 SOCK_STREAM,
905 NULL,
906 0,
907 NULL,
908 0,
909 NULL,
910 ATTACH_REJECT,
911 },
912 {
913 SOCK_ADDR_TEST_CONNECT,
914 "connect6: connect (stream)",
915 connect_v6_prog_load,
916 connect_v6_prog_destroy,
917 BPF_CGROUP_INET6_CONNECT,
918 &user_ops,
919 AF_INET6,
920 SOCK_STREAM,
921 SERV6_IP,
922 SERV6_PORT,
923 SERV6_REWRITE_IP,
924 SERV6_REWRITE_PORT,
925 SRC6_REWRITE_IP,
926 SUCCESS,
927 },
928 {
929 SOCK_ADDR_TEST_CONNECT,
930 "connect6: connect deny (stream)",
931 connect_v6_deny_prog_load,
932 connect_v6_deny_prog_destroy,
933 BPF_CGROUP_INET6_CONNECT,
934 &user_ops,
935 AF_INET6,
936 SOCK_STREAM,
937 SERV6_IP,
938 SERV6_PORT,
939 SERV6_REWRITE_IP,
940 SERV6_REWRITE_PORT,
941 SRC6_REWRITE_IP,
942 SYSCALL_EPERM,
943 },
944 {
945 SOCK_ADDR_TEST_CONNECT,
946 "connect6: connect (dgram)",
947 connect_v6_prog_load,
948 connect_v6_prog_destroy,
949 BPF_CGROUP_INET6_CONNECT,
950 &user_ops,
951 AF_INET6,
952 SOCK_DGRAM,
953 SERV6_IP,
954 SERV6_PORT,
955 SERV6_REWRITE_IP,
956 SERV6_REWRITE_PORT,
957 SRC6_REWRITE_IP,
958 SUCCESS,
959 },
960 {
961 SOCK_ADDR_TEST_CONNECT,
962 "connect6: connect deny (dgram)",
963 connect_v6_deny_prog_load,
964 connect_v6_deny_prog_destroy,
965 BPF_CGROUP_INET6_CONNECT,
966 &user_ops,
967 AF_INET6,
968 SOCK_DGRAM,
969 SERV6_IP,
970 SERV6_PORT,
971 SERV6_REWRITE_IP,
972 SERV6_REWRITE_PORT,
973 SRC6_REWRITE_IP,
974 SYSCALL_EPERM,
975 },
976 {
977 SOCK_ADDR_TEST_CONNECT,
978 "connect6: load prog with wrong expected attach type",
979 connect_v6_prog_load,
980 connect_v6_prog_destroy,
981 BPF_CGROUP_INET4_CONNECT,
982 &user_ops,
983 AF_INET6,
984 SOCK_STREAM,
985 NULL,
986 0,
987 NULL,
988 0,
989 NULL,
990 LOAD_REJECT,
991 },
992 {
993 SOCK_ADDR_TEST_CONNECT,
994 "connect6: attach prog with wrong attach type",
995 connect_v6_prog_load_raw,
996 connect_v6_prog_destroy_raw,
997 BPF_CGROUP_INET4_CONNECT,
998 &user_ops,
999 AF_INET,
1000 SOCK_STREAM,
1001 NULL,
1002 0,
1003 NULL,
1004 0,
1005 NULL,
1006 ATTACH_REJECT,
1007 },
1008 {
1009 SOCK_ADDR_TEST_CONNECT,
1010 "connect_unix: connect (stream)",
1011 connect_unix_prog_load,
1012 connect_unix_prog_destroy,
1013 BPF_CGROUP_UNIX_CONNECT,
1014 &user_ops,
1015 AF_UNIX,
1016 SOCK_STREAM,
1017 SERVUN_ADDRESS,
1018 0,
1019 SERVUN_REWRITE_ADDRESS,
1020 0,
1021 NULL,
1022 SUCCESS,
1023 },
1024 {
1025 SOCK_ADDR_TEST_CONNECT,
1026 "connect_unix: connect deny (stream)",
1027 connect_unix_deny_prog_load,
1028 connect_unix_deny_prog_destroy,
1029 BPF_CGROUP_UNIX_CONNECT,
1030 &user_ops,
1031 AF_UNIX,
1032 SOCK_STREAM,
1033 SERVUN_ADDRESS,
1034 0,
1035 SERVUN_REWRITE_ADDRESS,
1036 0,
1037 NULL,
1038 SYSCALL_EPERM,
1039 },
1040 {
1041 SOCK_ADDR_TEST_CONNECT,
1042 "connect_unix: attach prog with wrong attach type",
1043 connect_unix_prog_load_raw,
1044 connect_unix_prog_destroy_raw,
1045 BPF_CGROUP_INET4_CONNECT,
1046 &user_ops,
1047 AF_UNIX,
1048 SOCK_STREAM,
1049 SERVUN_ADDRESS,
1050 0,
1051 SERVUN_REWRITE_ADDRESS,
1052 0,
1053 NULL,
1054 ATTACH_REJECT,
1055 },
1056
1057 /* connect - kernel calls */
1058 {
1059 SOCK_ADDR_TEST_CONNECT,
1060 "connect4: kernel_connect (stream)",
1061 connect_v4_prog_load,
1062 connect_v4_prog_destroy,
1063 BPF_CGROUP_INET4_CONNECT,
1064 &kern_ops_sock_sendmsg,
1065 AF_INET,
1066 SOCK_STREAM,
1067 SERV4_IP,
1068 SERV4_PORT,
1069 SERV4_REWRITE_IP,
1070 SERV4_REWRITE_PORT,
1071 SRC4_REWRITE_IP,
1072 SUCCESS,
1073 },
1074 {
1075 SOCK_ADDR_TEST_CONNECT,
1076 "connect4: kernel_connect deny (stream)",
1077 connect_v4_deny_prog_load,
1078 connect_v4_deny_prog_destroy,
1079 BPF_CGROUP_INET4_CONNECT,
1080 &kern_ops_sock_sendmsg,
1081 AF_INET,
1082 SOCK_STREAM,
1083 SERV4_IP,
1084 SERV4_PORT,
1085 SERV4_REWRITE_IP,
1086 SERV4_REWRITE_PORT,
1087 SRC4_REWRITE_IP,
1088 SYSCALL_EPERM,
1089 },
1090 {
1091 SOCK_ADDR_TEST_CONNECT,
1092 "connect4: kernel_connect (dgram)",
1093 connect_v4_prog_load,
1094 connect_v4_prog_destroy,
1095 BPF_CGROUP_INET4_CONNECT,
1096 &kern_ops_sock_sendmsg,
1097 AF_INET,
1098 SOCK_DGRAM,
1099 SERV4_IP,
1100 SERV4_PORT,
1101 SERV4_REWRITE_IP,
1102 SERV4_REWRITE_PORT,
1103 SRC4_REWRITE_IP,
1104 SUCCESS,
1105 },
1106 {
1107 SOCK_ADDR_TEST_CONNECT,
1108 "connect4: kernel_connect deny (dgram)",
1109 connect_v4_deny_prog_load,
1110 connect_v4_deny_prog_destroy,
1111 BPF_CGROUP_INET4_CONNECT,
1112 &kern_ops_sock_sendmsg,
1113 AF_INET,
1114 SOCK_DGRAM,
1115 SERV4_IP,
1116 SERV4_PORT,
1117 SERV4_REWRITE_IP,
1118 SERV4_REWRITE_PORT,
1119 SRC4_REWRITE_IP,
1120 SYSCALL_EPERM,
1121 },
1122 {
1123 SOCK_ADDR_TEST_CONNECT,
1124 "connect6: kernel_connect (stream)",
1125 connect_v6_prog_load,
1126 connect_v6_prog_destroy,
1127 BPF_CGROUP_INET6_CONNECT,
1128 &kern_ops_sock_sendmsg,
1129 AF_INET6,
1130 SOCK_STREAM,
1131 SERV6_IP,
1132 SERV6_PORT,
1133 SERV6_REWRITE_IP,
1134 SERV6_REWRITE_PORT,
1135 SRC6_REWRITE_IP,
1136 SUCCESS,
1137 },
1138 {
1139 SOCK_ADDR_TEST_CONNECT,
1140 "connect6: kernel_connect deny (stream)",
1141 connect_v6_deny_prog_load,
1142 connect_v6_deny_prog_destroy,
1143 BPF_CGROUP_INET6_CONNECT,
1144 &kern_ops_sock_sendmsg,
1145 AF_INET6,
1146 SOCK_STREAM,
1147 SERV6_IP,
1148 SERV6_PORT,
1149 SERV6_REWRITE_IP,
1150 SERV6_REWRITE_PORT,
1151 SRC6_REWRITE_IP,
1152 SYSCALL_EPERM,
1153 },
1154 {
1155 SOCK_ADDR_TEST_CONNECT,
1156 "connect6: kernel_connect (dgram)",
1157 connect_v6_prog_load,
1158 connect_v6_prog_destroy,
1159 BPF_CGROUP_INET6_CONNECT,
1160 &kern_ops_sock_sendmsg,
1161 AF_INET6,
1162 SOCK_DGRAM,
1163 SERV6_IP,
1164 SERV6_PORT,
1165 SERV6_REWRITE_IP,
1166 SERV6_REWRITE_PORT,
1167 SRC6_REWRITE_IP,
1168 SUCCESS,
1169 },
1170 {
1171 SOCK_ADDR_TEST_CONNECT,
1172 "connect6: kernel_connect deny (dgram)",
1173 connect_v6_deny_prog_load,
1174 connect_v6_deny_prog_destroy,
1175 BPF_CGROUP_INET6_CONNECT,
1176 &kern_ops_sock_sendmsg,
1177 AF_INET6,
1178 SOCK_DGRAM,
1179 SERV6_IP,
1180 SERV6_PORT,
1181 SERV6_REWRITE_IP,
1182 SERV6_REWRITE_PORT,
1183 SRC6_REWRITE_IP,
1184 SYSCALL_EPERM,
1185 },
1186 {
1187 SOCK_ADDR_TEST_CONNECT,
1188 "connect_unix: kernel_connect (dgram)",
1189 connect_unix_prog_load,
1190 connect_unix_prog_destroy,
1191 BPF_CGROUP_UNIX_CONNECT,
1192 &kern_ops_sock_sendmsg,
1193 AF_UNIX,
1194 SOCK_STREAM,
1195 SERVUN_ADDRESS,
1196 0,
1197 SERVUN_REWRITE_ADDRESS,
1198 0,
1199 NULL,
1200 SUCCESS,
1201 },
1202 {
1203 SOCK_ADDR_TEST_CONNECT,
1204 "connect_unix: kernel_connect deny (dgram)",
1205 connect_unix_deny_prog_load,
1206 connect_unix_deny_prog_destroy,
1207 BPF_CGROUP_UNIX_CONNECT,
1208 &kern_ops_sock_sendmsg,
1209 AF_UNIX,
1210 SOCK_STREAM,
1211 SERVUN_ADDRESS,
1212 0,
1213 SERVUN_REWRITE_ADDRESS,
1214 0,
1215 NULL,
1216 SYSCALL_EPERM,
1217 },
1218
1219 /* sendmsg - system calls */
1220 {
1221 SOCK_ADDR_TEST_SENDMSG,
1222 "sendmsg4: sendmsg (dgram)",
1223 sendmsg_v4_prog_load,
1224 sendmsg_v4_prog_destroy,
1225 BPF_CGROUP_UDP4_SENDMSG,
1226 &user_ops,
1227 AF_INET,
1228 SOCK_DGRAM,
1229 SERV4_IP,
1230 SERV4_PORT,
1231 SERV4_REWRITE_IP,
1232 SERV4_REWRITE_PORT,
1233 SRC4_REWRITE_IP,
1234 SUCCESS,
1235 },
1236 {
1237 SOCK_ADDR_TEST_SENDMSG,
1238 "sendmsg4: sendmsg deny (dgram)",
1239 sendmsg_v4_deny_prog_load,
1240 sendmsg_v4_deny_prog_destroy,
1241 BPF_CGROUP_UDP4_SENDMSG,
1242 &user_ops,
1243 AF_INET,
1244 SOCK_DGRAM,
1245 SERV4_IP,
1246 SERV4_PORT,
1247 SERV4_REWRITE_IP,
1248 SERV4_REWRITE_PORT,
1249 SRC4_REWRITE_IP,
1250 SYSCALL_EPERM,
1251 },
1252 {
1253 SOCK_ADDR_TEST_SENDMSG,
1254 "sendmsg4: load prog with wrong expected attach type",
1255 sendmsg_v4_prog_load,
1256 sendmsg_v4_prog_destroy,
1257 BPF_CGROUP_UDP6_SENDMSG,
1258 &user_ops,
1259 AF_INET,
1260 SOCK_DGRAM,
1261 NULL,
1262 0,
1263 NULL,
1264 0,
1265 NULL,
1266 LOAD_REJECT,
1267 },
1268 {
1269 SOCK_ADDR_TEST_SENDMSG,
1270 "sendmsg4: attach prog with wrong attach type",
1271 sendmsg_v4_prog_load_raw,
1272 sendmsg_v4_prog_destroy_raw,
1273 BPF_CGROUP_UDP6_SENDMSG,
1274 &user_ops,
1275 AF_INET,
1276 SOCK_DGRAM,
1277 NULL,
1278 0,
1279 NULL,
1280 0,
1281 NULL,
1282 ATTACH_REJECT,
1283 },
1284 {
1285 SOCK_ADDR_TEST_SENDMSG,
1286 "sendmsg6: sendmsg (dgram)",
1287 sendmsg_v6_prog_load,
1288 sendmsg_v6_prog_destroy,
1289 BPF_CGROUP_UDP6_SENDMSG,
1290 &user_ops,
1291 AF_INET6,
1292 SOCK_DGRAM,
1293 SERV6_IP,
1294 SERV6_PORT,
1295 SERV6_REWRITE_IP,
1296 SERV6_REWRITE_PORT,
1297 SRC6_REWRITE_IP,
1298 SUCCESS,
1299 },
1300 {
1301 SOCK_ADDR_TEST_SENDMSG,
1302 "sendmsg6: sendmsg [::] (BSD'ism) (dgram)",
1303 sendmsg_v6_preserve_dst_prog_load,
1304 sendmsg_v6_preserve_dst_prog_destroy,
1305 BPF_CGROUP_UDP6_SENDMSG,
1306 &user_ops,
1307 AF_INET6,
1308 SOCK_DGRAM,
1309 WILDCARD6_IP,
1310 SERV6_PORT,
1311 SERV6_REWRITE_IP,
1312 SERV6_PORT,
1313 SRC6_IP,
1314 SUCCESS,
1315 },
1316 {
1317 SOCK_ADDR_TEST_SENDMSG,
1318 "sendmsg6: sendmsg deny (dgram)",
1319 sendmsg_v6_deny_prog_load,
1320 sendmsg_v6_deny_prog_destroy,
1321 BPF_CGROUP_UDP6_SENDMSG,
1322 &user_ops,
1323 AF_INET6,
1324 SOCK_DGRAM,
1325 SERV6_IP,
1326 SERV6_PORT,
1327 SERV6_REWRITE_IP,
1328 SERV6_REWRITE_PORT,
1329 SRC6_REWRITE_IP,
1330 SYSCALL_EPERM,
1331 },
1332 {
1333 SOCK_ADDR_TEST_SENDMSG,
1334 "sendmsg6: sendmsg IPv4-mapped IPv6 (dgram)",
1335 sendmsg_v6_v4mapped_prog_load,
1336 sendmsg_v6_v4mapped_prog_destroy,
1337 BPF_CGROUP_UDP6_SENDMSG,
1338 &user_ops,
1339 AF_INET6,
1340 SOCK_DGRAM,
1341 SERV6_IP,
1342 SERV6_PORT,
1343 SERV6_REWRITE_IP,
1344 SERV6_REWRITE_PORT,
1345 SRC6_REWRITE_IP,
1346 SYSCALL_ENOTSUPP,
1347 },
1348 {
1349 SOCK_ADDR_TEST_SENDMSG,
1350 "sendmsg6: sendmsg dst IP = [::] (BSD'ism) (dgram)",
1351 sendmsg_v6_wildcard_prog_load,
1352 sendmsg_v6_wildcard_prog_destroy,
1353 BPF_CGROUP_UDP6_SENDMSG,
1354 &user_ops,
1355 AF_INET6,
1356 SOCK_DGRAM,
1357 SERV6_IP,
1358 SERV6_PORT,
1359 SERV6_REWRITE_IP,
1360 SERV6_REWRITE_PORT,
1361 SRC6_REWRITE_IP,
1362 SUCCESS,
1363 },
1364 {
1365 SOCK_ADDR_TEST_SENDMSG,
1366 "sendmsg6: load prog with wrong expected attach type",
1367 sendmsg_v6_prog_load,
1368 sendmsg_v6_prog_destroy,
1369 BPF_CGROUP_UDP4_SENDMSG,
1370 &user_ops,
1371 AF_INET6,
1372 SOCK_DGRAM,
1373 NULL,
1374 0,
1375 NULL,
1376 0,
1377 NULL,
1378 LOAD_REJECT,
1379 },
1380 {
1381 SOCK_ADDR_TEST_SENDMSG,
1382 "sendmsg6: attach prog with wrong attach type",
1383 sendmsg_v6_prog_load_raw,
1384 sendmsg_v6_prog_destroy_raw,
1385 BPF_CGROUP_UDP4_SENDMSG,
1386 &user_ops,
1387 AF_INET6,
1388 SOCK_DGRAM,
1389 NULL,
1390 0,
1391 NULL,
1392 0,
1393 NULL,
1394 ATTACH_REJECT,
1395 },
1396 {
1397 SOCK_ADDR_TEST_SENDMSG,
1398 "sendmsg_unix: sendmsg (dgram)",
1399 sendmsg_unix_prog_load,
1400 sendmsg_unix_prog_destroy,
1401 BPF_CGROUP_UNIX_SENDMSG,
1402 &user_ops,
1403 AF_UNIX,
1404 SOCK_DGRAM,
1405 SERVUN_ADDRESS,
1406 0,
1407 SERVUN_REWRITE_ADDRESS,
1408 0,
1409 NULL,
1410 SUCCESS,
1411 },
1412 {
1413 SOCK_ADDR_TEST_SENDMSG,
1414 "sendmsg_unix: sendmsg deny (dgram)",
1415 sendmsg_unix_deny_prog_load,
1416 sendmsg_unix_deny_prog_destroy,
1417 BPF_CGROUP_UNIX_SENDMSG,
1418 &user_ops,
1419 AF_UNIX,
1420 SOCK_DGRAM,
1421 SERVUN_ADDRESS,
1422 0,
1423 SERVUN_REWRITE_ADDRESS,
1424 0,
1425 NULL,
1426 SYSCALL_EPERM,
1427 },
1428 {
1429 SOCK_ADDR_TEST_SENDMSG,
1430 "sendmsg_unix: attach prog with wrong attach type",
1431 sendmsg_unix_prog_load_raw,
1432 sendmsg_unix_prog_destroy_raw,
1433 BPF_CGROUP_UDP4_SENDMSG,
1434 &user_ops,
1435 AF_UNIX,
1436 SOCK_DGRAM,
1437 SERVUN_ADDRESS,
1438 0,
1439 SERVUN_REWRITE_ADDRESS,
1440 0,
1441 NULL,
1442 ATTACH_REJECT,
1443 },
1444
1445 /* sendmsg - kernel calls (sock_sendmsg) */
1446 {
1447 SOCK_ADDR_TEST_SENDMSG,
1448 "sendmsg4: sock_sendmsg (dgram)",
1449 sendmsg_v4_prog_load,
1450 sendmsg_v4_prog_destroy,
1451 BPF_CGROUP_UDP4_SENDMSG,
1452 &kern_ops_sock_sendmsg,
1453 AF_INET,
1454 SOCK_DGRAM,
1455 SERV4_IP,
1456 SERV4_PORT,
1457 SERV4_REWRITE_IP,
1458 SERV4_REWRITE_PORT,
1459 SRC4_REWRITE_IP,
1460 SUCCESS,
1461 },
1462 {
1463 SOCK_ADDR_TEST_SENDMSG,
1464 "sendmsg4: sock_sendmsg deny (dgram)",
1465 sendmsg_v4_deny_prog_load,
1466 sendmsg_v4_deny_prog_destroy,
1467 BPF_CGROUP_UDP4_SENDMSG,
1468 &kern_ops_sock_sendmsg,
1469 AF_INET,
1470 SOCK_DGRAM,
1471 SERV4_IP,
1472 SERV4_PORT,
1473 SERV4_REWRITE_IP,
1474 SERV4_REWRITE_PORT,
1475 SRC4_REWRITE_IP,
1476 SYSCALL_EPERM,
1477 },
1478 {
1479 SOCK_ADDR_TEST_SENDMSG,
1480 "sendmsg6: sock_sendmsg (dgram)",
1481 sendmsg_v6_prog_load,
1482 sendmsg_v6_prog_destroy,
1483 BPF_CGROUP_UDP6_SENDMSG,
1484 &kern_ops_sock_sendmsg,
1485 AF_INET6,
1486 SOCK_DGRAM,
1487 SERV6_IP,
1488 SERV6_PORT,
1489 SERV6_REWRITE_IP,
1490 SERV6_REWRITE_PORT,
1491 SRC6_REWRITE_IP,
1492 SUCCESS,
1493 },
1494 {
1495 SOCK_ADDR_TEST_SENDMSG,
1496 "sendmsg6: sock_sendmsg [::] (BSD'ism) (dgram)",
1497 sendmsg_v6_preserve_dst_prog_load,
1498 sendmsg_v6_preserve_dst_prog_destroy,
1499 BPF_CGROUP_UDP6_SENDMSG,
1500 &kern_ops_sock_sendmsg,
1501 AF_INET6,
1502 SOCK_DGRAM,
1503 WILDCARD6_IP,
1504 SERV6_PORT,
1505 SERV6_REWRITE_IP,
1506 SERV6_PORT,
1507 SRC6_IP,
1508 SUCCESS,
1509 },
1510 {
1511 SOCK_ADDR_TEST_SENDMSG,
1512 "sendmsg6: sock_sendmsg deny (dgram)",
1513 sendmsg_v6_deny_prog_load,
1514 sendmsg_v6_deny_prog_destroy,
1515 BPF_CGROUP_UDP6_SENDMSG,
1516 &kern_ops_sock_sendmsg,
1517 AF_INET6,
1518 SOCK_DGRAM,
1519 SERV6_IP,
1520 SERV6_PORT,
1521 SERV6_REWRITE_IP,
1522 SERV6_REWRITE_PORT,
1523 SRC6_REWRITE_IP,
1524 SYSCALL_EPERM,
1525 },
1526 {
1527 SOCK_ADDR_TEST_SENDMSG,
1528 "sendmsg_unix: sock_sendmsg (dgram)",
1529 sendmsg_unix_prog_load,
1530 sendmsg_unix_prog_destroy,
1531 BPF_CGROUP_UNIX_SENDMSG,
1532 &kern_ops_sock_sendmsg,
1533 AF_UNIX,
1534 SOCK_DGRAM,
1535 SERVUN_ADDRESS,
1536 0,
1537 SERVUN_REWRITE_ADDRESS,
1538 0,
1539 NULL,
1540 SUCCESS,
1541 },
1542 {
1543 SOCK_ADDR_TEST_SENDMSG,
1544 "sendmsg_unix: sock_sendmsg deny (dgram)",
1545 sendmsg_unix_deny_prog_load,
1546 sendmsg_unix_deny_prog_destroy,
1547 BPF_CGROUP_UNIX_SENDMSG,
1548 &kern_ops_sock_sendmsg,
1549 AF_UNIX,
1550 SOCK_DGRAM,
1551 SERVUN_ADDRESS,
1552 0,
1553 SERVUN_REWRITE_ADDRESS,
1554 0,
1555 NULL,
1556 SYSCALL_EPERM,
1557 },
1558
1559 /* sendmsg - kernel calls (kernel_sendmsg) */
1560 {
1561 SOCK_ADDR_TEST_SENDMSG,
1562 "sendmsg4: kernel_sendmsg (dgram)",
1563 sendmsg_v4_prog_load,
1564 sendmsg_v4_prog_destroy,
1565 BPF_CGROUP_UDP4_SENDMSG,
1566 &kern_ops_kernel_sendmsg,
1567 AF_INET,
1568 SOCK_DGRAM,
1569 SERV4_IP,
1570 SERV4_PORT,
1571 SERV4_REWRITE_IP,
1572 SERV4_REWRITE_PORT,
1573 SRC4_REWRITE_IP,
1574 SUCCESS,
1575 },
1576 {
1577 SOCK_ADDR_TEST_SENDMSG,
1578 "sendmsg4: kernel_sendmsg deny (dgram)",
1579 sendmsg_v4_deny_prog_load,
1580 sendmsg_v4_deny_prog_destroy,
1581 BPF_CGROUP_UDP4_SENDMSG,
1582 &kern_ops_kernel_sendmsg,
1583 AF_INET,
1584 SOCK_DGRAM,
1585 SERV4_IP,
1586 SERV4_PORT,
1587 SERV4_REWRITE_IP,
1588 SERV4_REWRITE_PORT,
1589 SRC4_REWRITE_IP,
1590 SYSCALL_EPERM,
1591 },
1592 {
1593 SOCK_ADDR_TEST_SENDMSG,
1594 "sendmsg6: kernel_sendmsg (dgram)",
1595 sendmsg_v6_prog_load,
1596 sendmsg_v6_prog_destroy,
1597 BPF_CGROUP_UDP6_SENDMSG,
1598 &kern_ops_kernel_sendmsg,
1599 AF_INET6,
1600 SOCK_DGRAM,
1601 SERV6_IP,
1602 SERV6_PORT,
1603 SERV6_REWRITE_IP,
1604 SERV6_REWRITE_PORT,
1605 SRC6_REWRITE_IP,
1606 SUCCESS,
1607 },
1608 {
1609 SOCK_ADDR_TEST_SENDMSG,
1610 "sendmsg6: kernel_sendmsg [::] (BSD'ism) (dgram)",
1611 sendmsg_v6_preserve_dst_prog_load,
1612 sendmsg_v6_preserve_dst_prog_destroy,
1613 BPF_CGROUP_UDP6_SENDMSG,
1614 &kern_ops_kernel_sendmsg,
1615 AF_INET6,
1616 SOCK_DGRAM,
1617 WILDCARD6_IP,
1618 SERV6_PORT,
1619 SERV6_REWRITE_IP,
1620 SERV6_PORT,
1621 SRC6_IP,
1622 SUCCESS,
1623 },
1624 {
1625 SOCK_ADDR_TEST_SENDMSG,
1626 "sendmsg6: kernel_sendmsg deny (dgram)",
1627 sendmsg_v6_deny_prog_load,
1628 sendmsg_v6_deny_prog_destroy,
1629 BPF_CGROUP_UDP6_SENDMSG,
1630 &kern_ops_kernel_sendmsg,
1631 AF_INET6,
1632 SOCK_DGRAM,
1633 SERV6_IP,
1634 SERV6_PORT,
1635 SERV6_REWRITE_IP,
1636 SERV6_REWRITE_PORT,
1637 SRC6_REWRITE_IP,
1638 SYSCALL_EPERM,
1639 },
1640 {
1641 SOCK_ADDR_TEST_SENDMSG,
1642 "sendmsg_unix: sock_sendmsg (dgram)",
1643 sendmsg_unix_prog_load,
1644 sendmsg_unix_prog_destroy,
1645 BPF_CGROUP_UNIX_SENDMSG,
1646 &kern_ops_kernel_sendmsg,
1647 AF_UNIX,
1648 SOCK_DGRAM,
1649 SERVUN_ADDRESS,
1650 0,
1651 SERVUN_REWRITE_ADDRESS,
1652 0,
1653 NULL,
1654 SUCCESS,
1655 },
1656 {
1657 SOCK_ADDR_TEST_SENDMSG,
1658 "sendmsg_unix: kernel_sendmsg deny (dgram)",
1659 sendmsg_unix_deny_prog_load,
1660 sendmsg_unix_deny_prog_destroy,
1661 BPF_CGROUP_UNIX_SENDMSG,
1662 &kern_ops_kernel_sendmsg,
1663 AF_UNIX,
1664 SOCK_DGRAM,
1665 SERVUN_ADDRESS,
1666 0,
1667 SERVUN_REWRITE_ADDRESS,
1668 0,
1669 NULL,
1670 SYSCALL_EPERM,
1671 },
1672
1673 /* recvmsg - system calls */
1674 {
1675 SOCK_ADDR_TEST_RECVMSG,
1676 "recvmsg4: recvfrom (dgram)",
1677 recvmsg4_prog_load,
1678 recvmsg4_prog_destroy,
1679 BPF_CGROUP_UDP4_RECVMSG,
1680 &user_ops,
1681 AF_INET,
1682 SOCK_DGRAM,
1683 SERV4_REWRITE_IP,
1684 SERV4_REWRITE_PORT,
1685 SERV4_REWRITE_IP,
1686 SERV4_REWRITE_PORT,
1687 SERV4_IP,
1688 SUCCESS,
1689 },
1690 {
1691 SOCK_ADDR_TEST_RECVMSG,
1692 "recvmsg4: attach prog with wrong attach type",
1693 recvmsg4_prog_load_raw,
1694 recvmsg4_prog_destroy_raw,
1695 BPF_CGROUP_UDP6_RECVMSG,
1696 &user_ops,
1697 AF_INET,
1698 SOCK_DGRAM,
1699 SERV4_REWRITE_IP,
1700 SERV4_REWRITE_PORT,
1701 SERV4_REWRITE_IP,
1702 SERV4_REWRITE_PORT,
1703 SERV4_IP,
1704 ATTACH_REJECT,
1705 },
1706 {
1707 SOCK_ADDR_TEST_RECVMSG,
1708 "recvmsg6: recvfrom (dgram)",
1709 recvmsg6_prog_load,
1710 recvmsg6_prog_destroy,
1711 BPF_CGROUP_UDP6_RECVMSG,
1712 &user_ops,
1713 AF_INET6,
1714 SOCK_DGRAM,
1715 SERV6_REWRITE_IP,
1716 SERV6_REWRITE_PORT,
1717 SERV6_REWRITE_IP,
1718 SERV6_REWRITE_PORT,
1719 SERV6_IP,
1720 SUCCESS,
1721 },
1722 {
1723 SOCK_ADDR_TEST_RECVMSG,
1724 "recvmsg6: attach prog with wrong attach type",
1725 recvmsg6_prog_load_raw,
1726 recvmsg6_prog_destroy_raw,
1727 BPF_CGROUP_UDP4_RECVMSG,
1728 &user_ops,
1729 AF_INET6,
1730 SOCK_DGRAM,
1731 SERV6_REWRITE_IP,
1732 SERV6_REWRITE_PORT,
1733 SERV6_REWRITE_IP,
1734 SERV6_REWRITE_PORT,
1735 SERV6_IP,
1736 ATTACH_REJECT,
1737 },
1738 {
1739 SOCK_ADDR_TEST_RECVMSG,
1740 "recvmsg_unix: recvfrom (dgram)",
1741 recvmsg_unix_prog_load,
1742 recvmsg_unix_prog_destroy,
1743 BPF_CGROUP_UNIX_RECVMSG,
1744 &user_ops,
1745 AF_UNIX,
1746 SOCK_DGRAM,
1747 SERVUN_REWRITE_ADDRESS,
1748 0,
1749 SERVUN_REWRITE_ADDRESS,
1750 0,
1751 SERVUN_ADDRESS,
1752 SUCCESS,
1753 },
1754 {
1755 SOCK_ADDR_TEST_RECVMSG,
1756 "recvmsg_unix: recvfrom (stream)",
1757 recvmsg_unix_prog_load,
1758 recvmsg_unix_prog_destroy,
1759 BPF_CGROUP_UNIX_RECVMSG,
1760 &user_ops,
1761 AF_UNIX,
1762 SOCK_STREAM,
1763 SERVUN_REWRITE_ADDRESS,
1764 0,
1765 SERVUN_REWRITE_ADDRESS,
1766 0,
1767 SERVUN_ADDRESS,
1768 SUCCESS,
1769 },
1770 {
1771 SOCK_ADDR_TEST_RECVMSG,
1772 "recvmsg_unix: attach prog with wrong attach type",
1773 recvmsg_unix_prog_load_raw,
1774 recvmsg_unix_prog_destroy_raw,
1775 BPF_CGROUP_UDP4_RECVMSG,
1776 &user_ops,
1777 AF_INET6,
1778 SOCK_STREAM,
1779 SERVUN_REWRITE_ADDRESS,
1780 0,
1781 SERVUN_REWRITE_ADDRESS,
1782 0,
1783 SERVUN_ADDRESS,
1784 ATTACH_REJECT,
1785 },
1786
1787 /* getsockname - system calls */
1788 {
1789 SOCK_ADDR_TEST_GETSOCKNAME,
1790 "getsockname4: getsockname (stream)",
1791 getsockname_v4_prog_load,
1792 getsockname_v4_prog_destroy,
1793 BPF_CGROUP_INET4_GETSOCKNAME,
1794 &user_ops,
1795 AF_INET,
1796 SOCK_STREAM,
1797 SERV4_REWRITE_IP,
1798 SERV4_REWRITE_PORT,
1799 SERV4_IP,
1800 SERV4_PORT,
1801 NULL,
1802 SUCCESS,
1803 },
1804 {
1805 SOCK_ADDR_TEST_GETSOCKNAME,
1806 "getsockname4: getsockname (dgram)",
1807 getsockname_v4_prog_load,
1808 getsockname_v4_prog_destroy,
1809 BPF_CGROUP_INET4_GETSOCKNAME,
1810 &user_ops,
1811 AF_INET,
1812 SOCK_DGRAM,
1813 SERV4_REWRITE_IP,
1814 SERV4_REWRITE_PORT,
1815 SERV4_IP,
1816 SERV4_PORT,
1817 NULL,
1818 SUCCESS,
1819 },
1820 {
1821 SOCK_ADDR_TEST_GETSOCKNAME,
1822 "getsockname4: attach prog with wrong attach type",
1823 getsockname_v4_prog_load_raw,
1824 getsockname_v4_prog_destroy_raw,
1825 BPF_CGROUP_INET6_GETSOCKNAME,
1826 &user_ops,
1827 AF_INET,
1828 SOCK_DGRAM,
1829 SERV4_REWRITE_IP,
1830 SERV4_REWRITE_PORT,
1831 SERV4_IP,
1832 SERV4_PORT,
1833 NULL,
1834 ATTACH_REJECT,
1835 },
1836 {
1837 SOCK_ADDR_TEST_GETSOCKNAME,
1838 "getsockname6: getsockname (stream)",
1839 getsockname_v6_prog_load,
1840 getsockname_v6_prog_destroy,
1841 BPF_CGROUP_INET6_GETSOCKNAME,
1842 &user_ops,
1843 AF_INET6,
1844 SOCK_STREAM,
1845 SERV6_REWRITE_IP,
1846 SERV6_REWRITE_PORT,
1847 SERV6_IP,
1848 SERV6_PORT,
1849 NULL,
1850 SUCCESS,
1851 },
1852 {
1853 SOCK_ADDR_TEST_GETSOCKNAME,
1854 "getsockname6: getsockname (dgram)",
1855 getsockname_v6_prog_load,
1856 getsockname_v6_prog_destroy,
1857 BPF_CGROUP_INET6_GETSOCKNAME,
1858 &user_ops,
1859 AF_INET6,
1860 SOCK_DGRAM,
1861 SERV6_REWRITE_IP,
1862 SERV6_REWRITE_PORT,
1863 SERV6_IP,
1864 SERV6_PORT,
1865 NULL,
1866 SUCCESS,
1867 },
1868 {
1869 SOCK_ADDR_TEST_GETSOCKNAME,
1870 "getsockname6: attach prog with wrong attach type",
1871 getsockname_v6_prog_load_raw,
1872 getsockname_v6_prog_destroy_raw,
1873 BPF_CGROUP_INET4_GETSOCKNAME,
1874 &user_ops,
1875 AF_INET6,
1876 SOCK_DGRAM,
1877 SERV6_REWRITE_IP,
1878 SERV6_REWRITE_PORT,
1879 SERV6_IP,
1880 SERV6_PORT,
1881 NULL,
1882 ATTACH_REJECT,
1883 },
1884 {
1885 SOCK_ADDR_TEST_GETSOCKNAME,
1886 "getsockname_unix: getsockname",
1887 getsockname_unix_prog_load,
1888 getsockname_unix_prog_destroy,
1889 BPF_CGROUP_UNIX_GETSOCKNAME,
1890 &user_ops,
1891 AF_UNIX,
1892 SOCK_STREAM,
1893 SERVUN_ADDRESS,
1894 0,
1895 SERVUN_REWRITE_ADDRESS,
1896 0,
1897 NULL,
1898 SUCCESS,
1899 },
1900 {
1901 SOCK_ADDR_TEST_GETSOCKNAME,
1902 "getsockname_unix: attach prog with wrong attach type",
1903 getsockname_unix_prog_load_raw,
1904 getsockname_unix_prog_destroy_raw,
1905 BPF_CGROUP_INET4_GETSOCKNAME,
1906 &user_ops,
1907 AF_UNIX,
1908 SOCK_STREAM,
1909 SERVUN_ADDRESS,
1910 0,
1911 SERVUN_REWRITE_ADDRESS,
1912 0,
1913 NULL,
1914 ATTACH_REJECT,
1915 },
1916
1917 /* getsockname - kernel calls */
1918 {
1919 SOCK_ADDR_TEST_GETSOCKNAME,
1920 "getsockname4: kernel_getsockname (stream)",
1921 getsockname_v4_prog_load,
1922 getsockname_v4_prog_destroy,
1923 BPF_CGROUP_INET4_GETSOCKNAME,
1924 &kern_ops_kernel_sendmsg,
1925 AF_INET,
1926 SOCK_STREAM,
1927 SERV4_REWRITE_IP,
1928 SERV4_REWRITE_PORT,
1929 SERV4_IP,
1930 SERV4_PORT,
1931 NULL,
1932 SUCCESS,
1933 },
1934 {
1935 SOCK_ADDR_TEST_GETSOCKNAME,
1936 "getsockname4: kernel_getsockname (dgram)",
1937 getsockname_v4_prog_load,
1938 getsockname_v4_prog_destroy,
1939 BPF_CGROUP_INET4_GETSOCKNAME,
1940 &kern_ops_kernel_sendmsg,
1941 AF_INET,
1942 SOCK_DGRAM,
1943 SERV4_REWRITE_IP,
1944 SERV4_REWRITE_PORT,
1945 SERV4_IP,
1946 SERV4_PORT,
1947 NULL,
1948 SUCCESS,
1949 },
1950 {
1951 SOCK_ADDR_TEST_GETSOCKNAME,
1952 "getsockname6: kernel_getsockname (stream)",
1953 getsockname_v6_prog_load,
1954 getsockname_v6_prog_destroy,
1955 BPF_CGROUP_INET6_GETSOCKNAME,
1956 &kern_ops_kernel_sendmsg,
1957 AF_INET6,
1958 SOCK_STREAM,
1959 SERV6_REWRITE_IP,
1960 SERV6_REWRITE_PORT,
1961 SERV6_IP,
1962 SERV6_PORT,
1963 NULL,
1964 SUCCESS,
1965 },
1966 {
1967 SOCK_ADDR_TEST_GETSOCKNAME,
1968 "getsockname6: kernel_getsockname (dgram)",
1969 getsockname_v6_prog_load,
1970 getsockname_v6_prog_destroy,
1971 BPF_CGROUP_INET6_GETSOCKNAME,
1972 &kern_ops_kernel_sendmsg,
1973 AF_INET6,
1974 SOCK_DGRAM,
1975 SERV6_REWRITE_IP,
1976 SERV6_REWRITE_PORT,
1977 SERV6_IP,
1978 SERV6_PORT,
1979 NULL,
1980 SUCCESS,
1981 },
1982 {
1983 SOCK_ADDR_TEST_GETSOCKNAME,
1984 "getsockname_unix: kernel_getsockname",
1985 getsockname_unix_prog_load,
1986 getsockname_unix_prog_destroy,
1987 BPF_CGROUP_UNIX_GETSOCKNAME,
1988 &kern_ops_kernel_sendmsg,
1989 AF_UNIX,
1990 SOCK_STREAM,
1991 SERVUN_ADDRESS,
1992 0,
1993 SERVUN_REWRITE_ADDRESS,
1994 0,
1995 NULL,
1996 SUCCESS,
1997 },
1998
1999 /* getpeername - system calls */
2000 {
2001 SOCK_ADDR_TEST_GETPEERNAME,
2002 "getpeername4: getpeername (stream)",
2003 getpeername_v4_prog_load,
2004 getpeername_v4_prog_destroy,
2005 BPF_CGROUP_INET4_GETPEERNAME,
2006 &user_ops,
2007 AF_INET,
2008 SOCK_STREAM,
2009 SERV4_REWRITE_IP,
2010 SERV4_REWRITE_PORT,
2011 SERV4_IP,
2012 SERV4_PORT,
2013 NULL,
2014 SUCCESS,
2015 },
2016 {
2017 SOCK_ADDR_TEST_GETPEERNAME,
2018 "getpeername4: getpeername (dgram)",
2019 getpeername_v4_prog_load,
2020 getpeername_v4_prog_destroy,
2021 BPF_CGROUP_INET4_GETPEERNAME,
2022 &user_ops,
2023 AF_INET,
2024 SOCK_DGRAM,
2025 SERV4_REWRITE_IP,
2026 SERV4_REWRITE_PORT,
2027 SERV4_IP,
2028 SERV4_PORT,
2029 NULL,
2030 SUCCESS,
2031 },
2032 {
2033 SOCK_ADDR_TEST_GETPEERNAME,
2034 "getpeername4: attach prog with wrong attach type",
2035 getpeername_v4_prog_load_raw,
2036 getpeername_v4_prog_destroy_raw,
2037 BPF_CGROUP_INET6_GETSOCKNAME,
2038 &user_ops,
2039 AF_UNIX,
2040 SOCK_DGRAM,
2041 SERV4_REWRITE_IP,
2042 SERV4_REWRITE_PORT,
2043 SERV4_IP,
2044 SERV4_PORT,
2045 NULL,
2046 ATTACH_REJECT,
2047 },
2048 {
2049 SOCK_ADDR_TEST_GETPEERNAME,
2050 "getpeername6: getpeername (stream)",
2051 getpeername_v6_prog_load,
2052 getpeername_v6_prog_destroy,
2053 BPF_CGROUP_INET6_GETPEERNAME,
2054 &user_ops,
2055 AF_INET6,
2056 SOCK_STREAM,
2057 SERV6_REWRITE_IP,
2058 SERV6_REWRITE_PORT,
2059 SERV6_IP,
2060 SERV6_PORT,
2061 NULL,
2062 SUCCESS,
2063 },
2064 {
2065 SOCK_ADDR_TEST_GETPEERNAME,
2066 "getpeername6: getpeername (dgram)",
2067 getpeername_v6_prog_load,
2068 getpeername_v6_prog_destroy,
2069 BPF_CGROUP_INET6_GETPEERNAME,
2070 &user_ops,
2071 AF_INET6,
2072 SOCK_DGRAM,
2073 SERV6_REWRITE_IP,
2074 SERV6_REWRITE_PORT,
2075 SERV6_IP,
2076 SERV6_PORT,
2077 NULL,
2078 SUCCESS,
2079 },
2080 {
2081 SOCK_ADDR_TEST_GETPEERNAME,
2082 "getpeername6: attach prog with wrong attach type",
2083 getpeername_v6_prog_load_raw,
2084 getpeername_v6_prog_destroy_raw,
2085 BPF_CGROUP_INET4_GETSOCKNAME,
2086 &user_ops,
2087 AF_INET6,
2088 SOCK_DGRAM,
2089 SERV6_REWRITE_IP,
2090 SERV6_REWRITE_PORT,
2091 SERV6_IP,
2092 SERV6_PORT,
2093 NULL,
2094 ATTACH_REJECT,
2095 },
2096 {
2097 SOCK_ADDR_TEST_GETPEERNAME,
2098 "getpeername_unix: getpeername",
2099 getpeername_unix_prog_load,
2100 getpeername_unix_prog_destroy,
2101 BPF_CGROUP_UNIX_GETPEERNAME,
2102 &user_ops,
2103 AF_UNIX,
2104 SOCK_STREAM,
2105 SERVUN_ADDRESS,
2106 0,
2107 SERVUN_REWRITE_ADDRESS,
2108 0,
2109 NULL,
2110 SUCCESS,
2111 },
2112 {
2113 SOCK_ADDR_TEST_GETPEERNAME,
2114 "getpeername_unix: attach prog with wrong attach type",
2115 getpeername_unix_prog_load_raw,
2116 getpeername_unix_prog_destroy_raw,
2117 BPF_CGROUP_INET4_GETSOCKNAME,
2118 &user_ops,
2119 AF_UNIX,
2120 SOCK_STREAM,
2121 SERVUN_ADDRESS,
2122 0,
2123 SERVUN_REWRITE_ADDRESS,
2124 0,
2125 NULL,
2126 ATTACH_REJECT,
2127 },
2128
2129 /* getpeername - kernel calls */
2130 {
2131 SOCK_ADDR_TEST_GETPEERNAME,
2132 "getpeername4: kernel_getpeername (stream)",
2133 getpeername_v4_prog_load,
2134 getpeername_v4_prog_destroy,
2135 BPF_CGROUP_INET4_GETPEERNAME,
2136 &kern_ops_kernel_sendmsg,
2137 AF_INET,
2138 SOCK_STREAM,
2139 SERV4_REWRITE_IP,
2140 SERV4_REWRITE_PORT,
2141 SERV4_IP,
2142 SERV4_PORT,
2143 NULL,
2144 SUCCESS,
2145 },
2146 {
2147 SOCK_ADDR_TEST_GETPEERNAME,
2148 "getpeername4: kernel_getpeername (dgram)",
2149 getpeername_v4_prog_load,
2150 getpeername_v4_prog_destroy,
2151 BPF_CGROUP_INET4_GETPEERNAME,
2152 &kern_ops_kernel_sendmsg,
2153 AF_INET,
2154 SOCK_DGRAM,
2155 SERV4_REWRITE_IP,
2156 SERV4_REWRITE_PORT,
2157 SERV4_IP,
2158 SERV4_PORT,
2159 NULL,
2160 SUCCESS,
2161 },
2162 {
2163 SOCK_ADDR_TEST_GETPEERNAME,
2164 "getpeername6: kernel_getpeername (stream)",
2165 getpeername_v6_prog_load,
2166 getpeername_v6_prog_destroy,
2167 BPF_CGROUP_INET6_GETPEERNAME,
2168 &kern_ops_kernel_sendmsg,
2169 AF_INET6,
2170 SOCK_STREAM,
2171 SERV6_REWRITE_IP,
2172 SERV6_REWRITE_PORT,
2173 SERV6_IP,
2174 SERV6_PORT,
2175 NULL,
2176 SUCCESS,
2177 },
2178 {
2179 SOCK_ADDR_TEST_GETPEERNAME,
2180 "getpeername6: kernel_getpeername (dgram)",
2181 getpeername_v6_prog_load,
2182 getpeername_v6_prog_destroy,
2183 BPF_CGROUP_INET6_GETPEERNAME,
2184 &kern_ops_kernel_sendmsg,
2185 AF_INET6,
2186 SOCK_DGRAM,
2187 SERV6_REWRITE_IP,
2188 SERV6_REWRITE_PORT,
2189 SERV6_IP,
2190 SERV6_PORT,
2191 NULL,
2192 SUCCESS,
2193 },
2194 {
2195 SOCK_ADDR_TEST_GETPEERNAME,
2196 "getpeername_unix: kernel_getpeername",
2197 getpeername_unix_prog_load,
2198 getpeername_unix_prog_destroy,
2199 BPF_CGROUP_UNIX_GETPEERNAME,
2200 &kern_ops_kernel_sendmsg,
2201 AF_UNIX,
2202 SOCK_STREAM,
2203 SERVUN_ADDRESS,
2204 0,
2205 SERVUN_REWRITE_ADDRESS,
2206 0,
2207 NULL,
2208 SUCCESS,
2209 },
2210 };
2211
2212 typedef int (*info_fn)(int, struct sockaddr *, socklen_t *);
2213
cmp_addr(const struct sockaddr_storage * addr1,socklen_t addr1_len,const struct sockaddr_storage * addr2,socklen_t addr2_len,bool cmp_port)2214 static int cmp_addr(const struct sockaddr_storage *addr1, socklen_t addr1_len,
2215 const struct sockaddr_storage *addr2, socklen_t addr2_len,
2216 bool cmp_port)
2217 {
2218 const struct sockaddr_in *four1, *four2;
2219 const struct sockaddr_in6 *six1, *six2;
2220 const struct sockaddr_un *un1, *un2;
2221
2222 if (addr1->ss_family != addr2->ss_family)
2223 return -1;
2224
2225 if (addr1_len != addr2_len)
2226 return -1;
2227
2228 if (addr1->ss_family == AF_INET) {
2229 four1 = (const struct sockaddr_in *)addr1;
2230 four2 = (const struct sockaddr_in *)addr2;
2231 return !((four1->sin_port == four2->sin_port || !cmp_port) &&
2232 four1->sin_addr.s_addr == four2->sin_addr.s_addr);
2233 } else if (addr1->ss_family == AF_INET6) {
2234 six1 = (const struct sockaddr_in6 *)addr1;
2235 six2 = (const struct sockaddr_in6 *)addr2;
2236 return !((six1->sin6_port == six2->sin6_port || !cmp_port) &&
2237 !memcmp(&six1->sin6_addr, &six2->sin6_addr,
2238 sizeof(struct in6_addr)));
2239 } else if (addr1->ss_family == AF_UNIX) {
2240 un1 = (const struct sockaddr_un *)addr1;
2241 un2 = (const struct sockaddr_un *)addr2;
2242 return memcmp(un1, un2, addr1_len);
2243 }
2244
2245 return -1;
2246 }
2247
cmp_sock_addr(info_fn fn,int sock1,const struct sockaddr_storage * addr2,socklen_t addr2_len,bool cmp_port)2248 static int cmp_sock_addr(info_fn fn, int sock1,
2249 const struct sockaddr_storage *addr2,
2250 socklen_t addr2_len, bool cmp_port)
2251 {
2252 struct sockaddr_storage addr1;
2253 socklen_t len1 = sizeof(addr1);
2254
2255 memset(&addr1, 0, len1);
2256 if (fn(sock1, (struct sockaddr *)&addr1, (socklen_t *)&len1) != 0)
2257 return -1;
2258
2259 return cmp_addr(&addr1, len1, addr2, addr2_len, cmp_port);
2260 }
2261
load_sock_addr_kern(void)2262 static int load_sock_addr_kern(void)
2263 {
2264 int err;
2265
2266 skel = sock_addr_kern__open_and_load();
2267 if (!ASSERT_OK_PTR(skel, "skel"))
2268 goto err;
2269
2270 err = 0;
2271 goto out;
2272 err:
2273 err = -1;
2274 out:
2275 return err;
2276 }
2277
unload_sock_addr_kern(void)2278 static void unload_sock_addr_kern(void)
2279 {
2280 sock_addr_kern__destroy(skel);
2281 }
2282
test_bind(struct sock_addr_test * test)2283 static int test_bind(struct sock_addr_test *test)
2284 {
2285 struct sockaddr_storage expected_addr;
2286 socklen_t expected_addr_len = sizeof(struct sockaddr_storage);
2287 int serv = -1, client = -1, err;
2288
2289 serv = test->ops->start_server(test->socket_family, test->socket_type,
2290 test->requested_addr,
2291 test->requested_port, 0);
2292 if (serv < 0) {
2293 err = errno;
2294 goto err;
2295 }
2296
2297 err = make_sockaddr(test->socket_family,
2298 test->expected_addr, test->expected_port,
2299 &expected_addr, &expected_addr_len);
2300 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2301 goto cleanup;
2302
2303 err = cmp_sock_addr(test->ops->getsockname, serv, &expected_addr,
2304 expected_addr_len, true);
2305 if (!ASSERT_EQ(err, 0, "cmp_local_addr"))
2306 goto cleanup;
2307
2308 /* Try to connect to server just in case */
2309 client = connect_to_addr(test->socket_type, &expected_addr, expected_addr_len, NULL);
2310 if (!ASSERT_GE(client, 0, "connect_to_addr"))
2311 goto cleanup;
2312
2313 cleanup:
2314 err = 0;
2315 err:
2316 if (client != -1)
2317 close(client);
2318 if (serv != -1)
2319 test->ops->close(serv);
2320
2321 return err;
2322 }
2323
test_connect(struct sock_addr_test * test)2324 static int test_connect(struct sock_addr_test *test)
2325 {
2326 struct sockaddr_storage addr, expected_addr, expected_src_addr;
2327 socklen_t addr_len = sizeof(struct sockaddr_storage),
2328 expected_addr_len = sizeof(struct sockaddr_storage),
2329 expected_src_addr_len = sizeof(struct sockaddr_storage);
2330 int serv = -1, client = -1, err;
2331
2332 serv = start_server(test->socket_family, test->socket_type,
2333 test->expected_addr, test->expected_port, 0);
2334 if (!ASSERT_GE(serv, 0, "start_server"))
2335 goto cleanup;
2336
2337 err = make_sockaddr(test->socket_family, test->requested_addr, test->requested_port,
2338 &addr, &addr_len);
2339 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2340 goto cleanup;
2341
2342 client = test->ops->connect_to_addr(test->socket_type, &addr, addr_len,
2343 NULL);
2344 if (client < 0) {
2345 err = errno;
2346 goto err;
2347 }
2348
2349 err = make_sockaddr(test->socket_family, test->expected_addr, test->expected_port,
2350 &expected_addr, &expected_addr_len);
2351 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2352 goto cleanup;
2353
2354 if (test->expected_src_addr) {
2355 err = make_sockaddr(test->socket_family, test->expected_src_addr, 0,
2356 &expected_src_addr, &expected_src_addr_len);
2357 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2358 goto cleanup;
2359 }
2360
2361 err = cmp_sock_addr(test->ops->getpeername, client, &expected_addr,
2362 expected_addr_len, true);
2363 if (!ASSERT_EQ(err, 0, "cmp_peer_addr"))
2364 goto cleanup;
2365
2366 if (test->expected_src_addr) {
2367 err = cmp_sock_addr(test->ops->getsockname, client,
2368 &expected_src_addr, expected_src_addr_len,
2369 false);
2370 if (!ASSERT_EQ(err, 0, "cmp_local_addr"))
2371 goto cleanup;
2372 }
2373 cleanup:
2374 err = 0;
2375 err:
2376 if (client != -1)
2377 test->ops->close(client);
2378 if (serv != -1)
2379 close(serv);
2380
2381 return err;
2382 }
2383
test_xmsg(struct sock_addr_test * test)2384 static int test_xmsg(struct sock_addr_test *test)
2385 {
2386 struct sockaddr_storage addr, src_addr;
2387 socklen_t addr_len = sizeof(struct sockaddr_storage),
2388 src_addr_len = sizeof(struct sockaddr_storage);
2389 char data = 'a';
2390 int serv = -1, client = -1, err;
2391
2392 /* Unlike the other tests, here we test that we can rewrite the src addr
2393 * with a recvmsg() hook.
2394 */
2395
2396 serv = start_server(test->socket_family, test->socket_type,
2397 test->expected_addr, test->expected_port, 0);
2398 if (!ASSERT_GE(serv, 0, "start_server"))
2399 goto cleanup;
2400
2401 client = test->ops->socket(test->socket_family, test->socket_type, 0);
2402 if (!ASSERT_GE(client, 0, "socket"))
2403 goto cleanup;
2404
2405 /* AF_UNIX sockets have to be bound to something to trigger the recvmsg bpf program. */
2406 if (test->socket_family == AF_UNIX) {
2407 err = make_sockaddr(AF_UNIX, SRCUN_ADDRESS, 0, &src_addr, &src_addr_len);
2408 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2409 goto cleanup;
2410
2411 err = test->ops->bind(client, (struct sockaddr *)&src_addr,
2412 src_addr_len);
2413 if (!ASSERT_OK(err, "bind"))
2414 goto cleanup;
2415 }
2416
2417 err = make_sockaddr(test->socket_family, test->requested_addr, test->requested_port,
2418 &addr, &addr_len);
2419 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2420 goto cleanup;
2421
2422 if (test->socket_type == SOCK_DGRAM) {
2423 err = test->ops->sendmsg(client, (struct sockaddr *)&addr,
2424 addr_len, &data, sizeof(data));
2425 if (err < 0) {
2426 err = errno;
2427 goto err;
2428 }
2429
2430 if (!ASSERT_EQ(err, sizeof(data), "sendmsg"))
2431 goto cleanup;
2432 } else {
2433 /* Testing with connection-oriented sockets is only valid for
2434 * recvmsg() tests.
2435 */
2436 if (!ASSERT_EQ(test->type, SOCK_ADDR_TEST_RECVMSG, "recvmsg"))
2437 goto cleanup;
2438
2439 err = connect(client, (const struct sockaddr *)&addr, addr_len);
2440 if (!ASSERT_OK(err, "connect"))
2441 goto cleanup;
2442
2443 err = send(client, &data, sizeof(data), 0);
2444 if (!ASSERT_EQ(err, sizeof(data), "send"))
2445 goto cleanup;
2446
2447 err = listen(serv, 0);
2448 if (!ASSERT_OK(err, "listen"))
2449 goto cleanup;
2450
2451 err = accept(serv, NULL, NULL);
2452 if (!ASSERT_GE(err, 0, "accept"))
2453 goto cleanup;
2454
2455 close(serv);
2456 serv = err;
2457 }
2458
2459 addr_len = src_addr_len = sizeof(struct sockaddr_storage);
2460
2461 err = recvfrom(serv, &data, sizeof(data), 0, (struct sockaddr *) &src_addr, &src_addr_len);
2462 if (!ASSERT_EQ(err, sizeof(data), "recvfrom"))
2463 goto cleanup;
2464
2465 ASSERT_EQ(data, 'a', "data mismatch");
2466
2467 if (test->expected_src_addr) {
2468 err = make_sockaddr(test->socket_family, test->expected_src_addr, 0,
2469 &addr, &addr_len);
2470 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2471 goto cleanup;
2472
2473 err = cmp_addr(&src_addr, src_addr_len, &addr, addr_len, false);
2474 if (!ASSERT_EQ(err, 0, "cmp_addr"))
2475 goto cleanup;
2476 }
2477
2478 cleanup:
2479 err = 0;
2480 err:
2481 if (client != -1)
2482 test->ops->close(client);
2483 if (serv != -1)
2484 close(serv);
2485
2486 return err;
2487 }
2488
test_getsockname(struct sock_addr_test * test)2489 static int test_getsockname(struct sock_addr_test *test)
2490 {
2491 struct sockaddr_storage expected_addr;
2492 socklen_t expected_addr_len = sizeof(struct sockaddr_storage);
2493 int serv = -1, err;
2494
2495 serv = test->ops->start_server(test->socket_family, test->socket_type,
2496 test->requested_addr, test->requested_port, 0);
2497 if (!ASSERT_GE(serv, 0, "start_server"))
2498 goto cleanup;
2499
2500 err = make_sockaddr(test->socket_family,
2501 test->expected_addr, test->expected_port,
2502 &expected_addr, &expected_addr_len);
2503 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2504 goto cleanup;
2505
2506 err = cmp_sock_addr(test->ops->getsockname, serv, &expected_addr, expected_addr_len, true);
2507 if (!ASSERT_EQ(err, 0, "cmp_local_addr"))
2508 goto cleanup;
2509
2510 cleanup:
2511 if (serv != -1)
2512 test->ops->close(serv);
2513
2514 return 0;
2515 }
2516
test_getpeername(struct sock_addr_test * test)2517 static int test_getpeername(struct sock_addr_test *test)
2518 {
2519 struct sockaddr_storage addr, expected_addr;
2520 socklen_t addr_len = sizeof(struct sockaddr_storage),
2521 expected_addr_len = sizeof(struct sockaddr_storage);
2522 int serv = -1, client = -1, err;
2523
2524 serv = start_server(test->socket_family, test->socket_type,
2525 test->requested_addr, test->requested_port, 0);
2526 if (!ASSERT_GE(serv, 0, "start_server"))
2527 goto cleanup;
2528
2529 err = make_sockaddr(test->socket_family, test->requested_addr, test->requested_port,
2530 &addr, &addr_len);
2531 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2532 goto cleanup;
2533
2534 client = test->ops->connect_to_addr(test->socket_type, &addr, addr_len,
2535 NULL);
2536 if (!ASSERT_GE(client, 0, "connect_to_addr"))
2537 goto cleanup;
2538
2539 err = make_sockaddr(test->socket_family, test->expected_addr, test->expected_port,
2540 &expected_addr, &expected_addr_len);
2541 if (!ASSERT_EQ(err, 0, "make_sockaddr"))
2542 goto cleanup;
2543
2544 err = cmp_sock_addr(test->ops->getpeername, client, &expected_addr,
2545 expected_addr_len, true);
2546 if (!ASSERT_EQ(err, 0, "cmp_peer_addr"))
2547 goto cleanup;
2548
2549 cleanup:
2550 if (client != -1)
2551 test->ops->close(client);
2552 if (serv != -1)
2553 close(serv);
2554
2555 return 0;
2556 }
2557
setup_test_env(struct nstoken ** tok)2558 static int setup_test_env(struct nstoken **tok)
2559 {
2560 int err;
2561
2562 SYS_NOFAIL("ip netns delete %s", TEST_NS);
2563 SYS(fail, "ip netns add %s", TEST_NS);
2564 *tok = open_netns(TEST_NS);
2565 if (!ASSERT_OK_PTR(*tok, "netns token"))
2566 goto fail;
2567
2568 SYS(fail, "ip link add dev %s1 type veth peer name %s2", TEST_IF_PREFIX,
2569 TEST_IF_PREFIX);
2570 SYS(fail, "ip link set lo up");
2571 SYS(fail, "ip link set %s1 up", TEST_IF_PREFIX);
2572 SYS(fail, "ip link set %s2 up", TEST_IF_PREFIX);
2573 SYS(fail, "ip -4 addr add %s/8 dev %s1", TEST_IPV4, TEST_IF_PREFIX);
2574 SYS(fail, "ip -6 addr add %s/128 nodad dev %s1", TEST_IPV6, TEST_IF_PREFIX);
2575
2576 err = 0;
2577 goto out;
2578 fail:
2579 err = -1;
2580 close_netns(*tok);
2581 *tok = NULL;
2582 SYS_NOFAIL("ip netns delete %s", TEST_NS);
2583 out:
2584 return err;
2585 }
2586
cleanup_test_env(struct nstoken * tok)2587 static void cleanup_test_env(struct nstoken *tok)
2588 {
2589 close_netns(tok);
2590 SYS_NOFAIL("ip netns delete %s", TEST_NS);
2591 }
2592
test_sock_addr(void)2593 void test_sock_addr(void)
2594 {
2595 struct nstoken *tok = NULL;
2596 int cgroup_fd = -1;
2597 void *skel;
2598
2599 cgroup_fd = test__join_cgroup("/sock_addr");
2600 if (!ASSERT_GE(cgroup_fd, 0, "join_cgroup"))
2601 goto cleanup;
2602
2603 if (!ASSERT_OK(setup_test_env(&tok), "setup_test_env"))
2604 goto cleanup;
2605
2606 if (!ASSERT_OK(load_sock_addr_kern(), "load_sock_addr_kern"))
2607 goto cleanup;
2608
2609 for (size_t i = 0; i < ARRAY_SIZE(tests); ++i) {
2610 struct sock_addr_test *test = &tests[i];
2611 int err;
2612
2613 if (!test__start_subtest(test->name))
2614 continue;
2615
2616 skel = test->loadfn(cgroup_fd, test->attach_type,
2617 test->expected_result == LOAD_REJECT ||
2618 test->expected_result == ATTACH_REJECT);
2619 if (!skel)
2620 continue;
2621
2622 switch (test->type) {
2623 /* Not exercised yet but we leave this code here for when the
2624 * INET and INET6 sockaddr tests are migrated to this file in
2625 * the future.
2626 */
2627 case SOCK_ADDR_TEST_BIND:
2628 err = test_bind(test);
2629 break;
2630 case SOCK_ADDR_TEST_CONNECT:
2631 err = test_connect(test);
2632 break;
2633 case SOCK_ADDR_TEST_SENDMSG:
2634 case SOCK_ADDR_TEST_RECVMSG:
2635 err = test_xmsg(test);
2636 break;
2637 case SOCK_ADDR_TEST_GETSOCKNAME:
2638 err = test_getsockname(test);
2639 break;
2640 case SOCK_ADDR_TEST_GETPEERNAME:
2641 err = test_getpeername(test);
2642 break;
2643 default:
2644 ASSERT_TRUE(false, "Unknown sock addr test type");
2645 err = -EINVAL;
2646 break;
2647 }
2648
2649 if (test->expected_result == SYSCALL_EPERM)
2650 ASSERT_EQ(err, EPERM, "socket operation returns EPERM");
2651 else if (test->expected_result == SYSCALL_ENOTSUPP)
2652 ASSERT_EQ(err, ENOTSUPP, "socket operation returns ENOTSUPP");
2653 else if (test->expected_result == SUCCESS)
2654 ASSERT_OK(err, "socket operation succeeds");
2655
2656 test->destroyfn(skel);
2657 }
2658
2659 cleanup:
2660 unload_sock_addr_kern();
2661 cleanup_test_env(tok);
2662 if (cgroup_fd >= 0)
2663 close(cgroup_fd);
2664 }
2665