1 // SPDX-License-Identifier: GPL-2.0 2 #include <sys/un.h> 3 4 #include "test_progs.h" 5 6 #include "sock_addr_kern.skel.h" 7 #include "bind4_prog.skel.h" 8 #include "bind6_prog.skel.h" 9 #include "connect_unix_prog.skel.h" 10 #include "connect4_prog.skel.h" 11 #include "connect6_prog.skel.h" 12 #include "sendmsg4_prog.skel.h" 13 #include "sendmsg6_prog.skel.h" 14 #include "recvmsg4_prog.skel.h" 15 #include "recvmsg6_prog.skel.h" 16 #include "sendmsg_unix_prog.skel.h" 17 #include "recvmsg_unix_prog.skel.h" 18 #include "getsockname4_prog.skel.h" 19 #include "getsockname6_prog.skel.h" 20 #include "getsockname_unix_prog.skel.h" 21 #include "getpeername4_prog.skel.h" 22 #include "getpeername6_prog.skel.h" 23 #include "getpeername_unix_prog.skel.h" 24 #include "network_helpers.h" 25 26 #ifndef ENOTSUPP 27 # define ENOTSUPP 524 28 #endif 29 30 #define TEST_NS "sock_addr" 31 #define TEST_IF_PREFIX "test_sock_addr" 32 #define TEST_IPV4 "127.0.0.4" 33 #define TEST_IPV6 "::6" 34 35 #define SERV4_IP "192.168.1.254" 36 #define SERV4_REWRITE_IP "127.0.0.1" 37 #define SRC4_IP "172.16.0.1" 38 #define SRC4_REWRITE_IP TEST_IPV4 39 #define SERV4_PORT 4040 40 #define SERV4_REWRITE_PORT 4444 41 42 #define SERV6_IP "face:b00c:1234:5678::abcd" 43 #define SERV6_REWRITE_IP "::1" 44 #define SERV6_V4MAPPED_IP "::ffff:192.168.0.4" 45 #define SRC6_IP "::1" 46 #define SRC6_REWRITE_IP TEST_IPV6 47 #define WILDCARD6_IP "::" 48 #define SERV6_PORT 6060 49 #define SERV6_REWRITE_PORT 6666 50 51 #define SERVUN_ADDRESS "bpf_cgroup_unix_test" 52 #define SERVUN_REWRITE_ADDRESS "bpf_cgroup_unix_test_rewrite" 53 #define SRCUN_ADDRESS "bpf_cgroup_unix_test_src" 54 55 #define save_errno_do(op) ({ int __save = errno; op; errno = __save; }) 56 57 enum sock_addr_test_type { 58 SOCK_ADDR_TEST_BIND, 59 SOCK_ADDR_TEST_CONNECT, 60 SOCK_ADDR_TEST_SENDMSG, 61 SOCK_ADDR_TEST_RECVMSG, 62 SOCK_ADDR_TEST_GETSOCKNAME, 63 SOCK_ADDR_TEST_GETPEERNAME, 64 }; 65 66 typedef void *(*load_fn)(int cgroup_fd, 67 enum bpf_attach_type attach_type, 68 bool expect_reject); 69 typedef void (*destroy_fn)(void *skel); 70 71 static int cmp_addr(const struct sockaddr_storage *addr1, socklen_t addr1_len, 72 const struct sockaddr_storage *addr2, socklen_t addr2_len, 73 bool cmp_port); 74 75 struct init_sock_args { 76 int af; 77 int type; 78 }; 79 80 struct addr_args { 81 char addr[sizeof(struct sockaddr_storage)]; 82 int addrlen; 83 }; 84 85 struct sendmsg_args { 86 struct addr_args addr; 87 char msg[10]; 88 int msglen; 89 }; 90 91 static struct sock_addr_kern *skel; 92 93 static int run_bpf_prog(const char *prog_name, void *ctx, int ctx_size) 94 { 95 LIBBPF_OPTS(bpf_test_run_opts, topts); 96 struct bpf_program *prog; 97 int prog_fd, err; 98 99 topts.ctx_in = ctx; 100 topts.ctx_size_in = ctx_size; 101 102 prog = bpf_object__find_program_by_name(skel->obj, prog_name); 103 if (!ASSERT_OK_PTR(prog, "bpf_object__find_program_by_name")) 104 goto err; 105 106 prog_fd = bpf_program__fd(prog); 107 err = bpf_prog_test_run_opts(prog_fd, &topts); 108 if (!ASSERT_OK(err, prog_name)) 109 goto err; 110 111 err = topts.retval; 112 errno = -topts.retval; 113 goto out; 114 err: 115 err = -1; 116 out: 117 return err; 118 } 119 120 static int kernel_init_sock(int af, int type, int protocol) 121 { 122 struct init_sock_args args = { 123 .af = af, 124 .type = type, 125 }; 126 127 return run_bpf_prog("init_sock", &args, sizeof(args)); 128 } 129 130 static int kernel_close_sock(int fd) 131 { 132 return run_bpf_prog("close_sock", NULL, 0); 133 } 134 135 static int sock_addr_op(const char *name, struct sockaddr *addr, 136 socklen_t *addrlen, bool expect_change) 137 { 138 struct addr_args args; 139 int err; 140 141 if (addrlen) 142 args.addrlen = *addrlen; 143 144 if (addr) 145 memcpy(&args.addr, addr, *addrlen); 146 147 err = run_bpf_prog(name, &args, sizeof(args)); 148 149 if (!expect_change && addr) 150 if (!ASSERT_EQ(cmp_addr((struct sockaddr_storage *)addr, 151 *addrlen, 152 (struct sockaddr_storage *)&args.addr, 153 args.addrlen, 1), 154 0, "address_param_modified")) 155 return -1; 156 157 if (addrlen) 158 *addrlen = args.addrlen; 159 160 if (addr) 161 memcpy(addr, &args.addr, *addrlen); 162 163 return err; 164 } 165 166 static int send_msg_op(const char *name, struct sockaddr *addr, 167 socklen_t addrlen, const char *msg, int msglen) 168 { 169 struct sendmsg_args args; 170 int err; 171 172 memset(&args, 0, sizeof(args)); 173 memcpy(&args.addr.addr, addr, addrlen); 174 args.addr.addrlen = addrlen; 175 memcpy(args.msg, msg, msglen); 176 args.msglen = msglen; 177 178 err = run_bpf_prog(name, &args, sizeof(args)); 179 180 if (!ASSERT_EQ(cmp_addr((struct sockaddr_storage *)addr, 181 addrlen, 182 (struct sockaddr_storage *)&args.addr.addr, 183 args.addr.addrlen, 1), 184 0, "address_param_modified")) 185 return -1; 186 187 return err; 188 } 189 190 static int kernel_connect(struct sockaddr *addr, socklen_t addrlen) 191 { 192 return sock_addr_op("kernel_connect", addr, &addrlen, false); 193 } 194 195 static int kernel_bind(int fd, struct sockaddr *addr, socklen_t addrlen) 196 { 197 return sock_addr_op("kernel_bind", addr, &addrlen, false); 198 } 199 200 static int kernel_listen(void) 201 { 202 return sock_addr_op("kernel_listen", NULL, NULL, false); 203 } 204 205 static int kernel_sendmsg(int fd, struct sockaddr *addr, socklen_t addrlen, 206 char *msg, int msglen) 207 { 208 return send_msg_op("kernel_sendmsg", addr, addrlen, msg, msglen); 209 } 210 211 static int sock_sendmsg(int fd, struct sockaddr *addr, socklen_t addrlen, 212 char *msg, int msglen) 213 { 214 return send_msg_op("sock_sendmsg", addr, addrlen, msg, msglen); 215 } 216 217 static int kernel_getsockname(int fd, struct sockaddr *addr, socklen_t *addrlen) 218 { 219 return sock_addr_op("kernel_getsockname", addr, addrlen, true); 220 } 221 222 static int kernel_getpeername(int fd, struct sockaddr *addr, socklen_t *addrlen) 223 { 224 return sock_addr_op("kernel_getpeername", addr, addrlen, true); 225 } 226 227 int kernel_connect_to_addr(int type, const struct sockaddr_storage *addr, socklen_t addrlen, 228 const struct network_helper_opts *opts) 229 { 230 int err; 231 232 if (!ASSERT_OK(kernel_init_sock(addr->ss_family, type, 0), 233 "kernel_init_sock")) 234 goto err; 235 236 if (kernel_connect((struct sockaddr *)addr, addrlen) < 0) 237 goto err; 238 239 /* Test code expects a "file descriptor" on success. */ 240 err = 1; 241 goto out; 242 err: 243 err = -1; 244 save_errno_do(ASSERT_OK(kernel_close_sock(0), "kernel_close_sock")); 245 out: 246 return err; 247 } 248 249 int kernel_start_server(int family, int type, const char *addr_str, __u16 port, 250 int timeout_ms) 251 { 252 struct sockaddr_storage addr; 253 socklen_t addrlen; 254 int err; 255 256 if (!ASSERT_OK(kernel_init_sock(family, type, 0), "kernel_init_sock")) 257 goto err; 258 259 if (make_sockaddr(family, addr_str, port, &addr, &addrlen)) 260 goto err; 261 262 if (kernel_bind(0, (struct sockaddr *)&addr, addrlen) < 0) 263 goto err; 264 265 if (type == SOCK_STREAM) { 266 if (!ASSERT_OK(kernel_listen(), "kernel_listen")) 267 goto err; 268 } 269 270 /* Test code expects a "file descriptor" on success. */ 271 err = 1; 272 goto out; 273 err: 274 err = -1; 275 save_errno_do(ASSERT_OK(kernel_close_sock(0), "kernel_close_sock")); 276 out: 277 return err; 278 } 279 280 struct sock_ops { 281 int (*connect_to_addr)(int type, const struct sockaddr_storage *addr, 282 socklen_t addrlen, 283 const struct network_helper_opts *opts); 284 int (*start_server)(int family, int type, const char *addr_str, 285 __u16 port, int timeout_ms); 286 int (*socket)(int famil, int type, int protocol); 287 int (*bind)(int fd, struct sockaddr *addr, socklen_t addrlen); 288 int (*getsockname)(int fd, struct sockaddr *addr, socklen_t *addrlen); 289 int (*getpeername)(int fd, struct sockaddr *addr, socklen_t *addrlen); 290 int (*sendmsg)(int fd, struct sockaddr *addr, socklen_t addrlen, 291 char *msg, int msglen); 292 int (*close)(int fd); 293 }; 294 295 static int user_sendmsg(int fd, struct sockaddr *addr, socklen_t addrlen, 296 char *msg, int msglen) 297 { 298 struct msghdr hdr; 299 struct iovec iov; 300 301 memset(&iov, 0, sizeof(iov)); 302 iov.iov_base = msg; 303 iov.iov_len = msglen; 304 305 memset(&hdr, 0, sizeof(hdr)); 306 hdr.msg_name = (void *)addr; 307 hdr.msg_namelen = addrlen; 308 hdr.msg_iov = &iov; 309 hdr.msg_iovlen = 1; 310 311 return sendmsg(fd, &hdr, 0); 312 } 313 314 static int user_bind(int fd, struct sockaddr *addr, socklen_t addrlen) 315 { 316 return bind(fd, (const struct sockaddr *)addr, addrlen); 317 } 318 319 struct sock_ops user_ops = { 320 .connect_to_addr = connect_to_addr, 321 .start_server = start_server, 322 .socket = socket, 323 .bind = user_bind, 324 .getsockname = getsockname, 325 .getpeername = getpeername, 326 .sendmsg = user_sendmsg, 327 .close = close, 328 }; 329 330 struct sock_ops kern_ops_sock_sendmsg = { 331 .connect_to_addr = kernel_connect_to_addr, 332 .start_server = kernel_start_server, 333 .socket = kernel_init_sock, 334 .bind = kernel_bind, 335 .getsockname = kernel_getsockname, 336 .getpeername = kernel_getpeername, 337 .sendmsg = sock_sendmsg, 338 .close = kernel_close_sock, 339 }; 340 341 struct sock_ops kern_ops_kernel_sendmsg = { 342 .connect_to_addr = kernel_connect_to_addr, 343 .start_server = kernel_start_server, 344 .socket = kernel_init_sock, 345 .bind = kernel_bind, 346 .getsockname = kernel_getsockname, 347 .getpeername = kernel_getpeername, 348 .sendmsg = kernel_sendmsg, 349 .close = kernel_close_sock, 350 }; 351 352 struct sock_addr_test { 353 enum sock_addr_test_type type; 354 const char *name; 355 /* BPF prog properties */ 356 load_fn loadfn; 357 destroy_fn destroyfn; 358 enum bpf_attach_type attach_type; 359 /* Socket operations */ 360 struct sock_ops *ops; 361 /* Socket properties */ 362 int socket_family; 363 int socket_type; 364 /* IP:port pairs for BPF prog to override */ 365 const char *requested_addr; 366 unsigned short requested_port; 367 const char *expected_addr; 368 unsigned short expected_port; 369 const char *expected_src_addr; 370 /* Expected test result */ 371 enum { 372 LOAD_REJECT, 373 ATTACH_REJECT, 374 SYSCALL_EPERM, 375 SYSCALL_ENOTSUPP, 376 SUCCESS, 377 } expected_result; 378 }; 379 380 #define BPF_SKEL_FUNCS_RAW(skel_name, prog_name) \ 381 static void *prog_name##_load_raw(int cgroup_fd, \ 382 enum bpf_attach_type attach_type, \ 383 bool expect_reject) \ 384 { \ 385 struct skel_name *skel = skel_name##__open(); \ 386 int prog_fd = -1; \ 387 if (!ASSERT_OK_PTR(skel, "skel_open")) \ 388 goto cleanup; \ 389 if (!ASSERT_OK(skel_name##__load(skel), "load")) \ 390 goto cleanup; \ 391 prog_fd = bpf_program__fd(skel->progs.prog_name); \ 392 if (!ASSERT_GT(prog_fd, 0, "prog_fd")) \ 393 goto cleanup; \ 394 if (bpf_prog_attach(prog_fd, cgroup_fd, attach_type, \ 395 BPF_F_ALLOW_OVERRIDE), "bpf_prog_attach") { \ 396 ASSERT_TRUE(expect_reject, "unexpected rejection"); \ 397 goto cleanup; \ 398 } \ 399 if (!ASSERT_FALSE(expect_reject, "expected rejection")) \ 400 goto cleanup; \ 401 cleanup: \ 402 if (prog_fd > 0) \ 403 bpf_prog_detach(cgroup_fd, attach_type); \ 404 skel_name##__destroy(skel); \ 405 return NULL; \ 406 } \ 407 static void prog_name##_destroy_raw(void *progfd) \ 408 { \ 409 /* No-op. *_load_raw does all cleanup. */ \ 410 } \ 411 412 #define BPF_SKEL_FUNCS(skel_name, prog_name) \ 413 static void *prog_name##_load(int cgroup_fd, \ 414 enum bpf_attach_type attach_type, \ 415 bool expect_reject) \ 416 { \ 417 struct skel_name *skel = skel_name##__open(); \ 418 if (!ASSERT_OK_PTR(skel, "skel_open")) \ 419 goto cleanup; \ 420 if (!ASSERT_OK(bpf_program__set_expected_attach_type(skel->progs.prog_name, \ 421 attach_type), \ 422 "set_expected_attach_type")) \ 423 goto cleanup; \ 424 if (skel_name##__load(skel)) { \ 425 ASSERT_TRUE(expect_reject, "unexpected rejection"); \ 426 goto cleanup; \ 427 } \ 428 if (!ASSERT_FALSE(expect_reject, "expected rejection")) \ 429 goto cleanup; \ 430 skel->links.prog_name = bpf_program__attach_cgroup( \ 431 skel->progs.prog_name, cgroup_fd); \ 432 if (!ASSERT_OK_PTR(skel->links.prog_name, "prog_attach")) \ 433 goto cleanup; \ 434 return skel; \ 435 cleanup: \ 436 skel_name##__destroy(skel); \ 437 return NULL; \ 438 } \ 439 static void prog_name##_destroy(void *skel) \ 440 { \ 441 skel_name##__destroy(skel); \ 442 } 443 444 BPF_SKEL_FUNCS(bind4_prog, bind_v4_prog); 445 BPF_SKEL_FUNCS_RAW(bind4_prog, bind_v4_prog); 446 BPF_SKEL_FUNCS(bind4_prog, bind_v4_deny_prog); 447 BPF_SKEL_FUNCS(bind6_prog, bind_v6_prog); 448 BPF_SKEL_FUNCS_RAW(bind6_prog, bind_v6_prog); 449 BPF_SKEL_FUNCS(bind6_prog, bind_v6_deny_prog); 450 BPF_SKEL_FUNCS(connect4_prog, connect_v4_prog); 451 BPF_SKEL_FUNCS_RAW(connect4_prog, connect_v4_prog); 452 BPF_SKEL_FUNCS(connect4_prog, connect_v4_deny_prog); 453 BPF_SKEL_FUNCS(connect6_prog, connect_v6_prog); 454 BPF_SKEL_FUNCS_RAW(connect6_prog, connect_v6_prog); 455 BPF_SKEL_FUNCS(connect6_prog, connect_v6_deny_prog); 456 BPF_SKEL_FUNCS(connect_unix_prog, connect_unix_prog); 457 BPF_SKEL_FUNCS_RAW(connect_unix_prog, connect_unix_prog); 458 BPF_SKEL_FUNCS(connect_unix_prog, connect_unix_deny_prog); 459 BPF_SKEL_FUNCS(sendmsg4_prog, sendmsg_v4_prog); 460 BPF_SKEL_FUNCS_RAW(sendmsg4_prog, sendmsg_v4_prog); 461 BPF_SKEL_FUNCS(sendmsg4_prog, sendmsg_v4_deny_prog); 462 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_prog); 463 BPF_SKEL_FUNCS_RAW(sendmsg6_prog, sendmsg_v6_prog); 464 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_deny_prog); 465 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_preserve_dst_prog); 466 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_v4mapped_prog); 467 BPF_SKEL_FUNCS(sendmsg6_prog, sendmsg_v6_wildcard_prog); 468 BPF_SKEL_FUNCS(sendmsg_unix_prog, sendmsg_unix_prog); 469 BPF_SKEL_FUNCS_RAW(sendmsg_unix_prog, sendmsg_unix_prog); 470 BPF_SKEL_FUNCS(sendmsg_unix_prog, sendmsg_unix_deny_prog); 471 BPF_SKEL_FUNCS(recvmsg4_prog, recvmsg4_prog); 472 BPF_SKEL_FUNCS_RAW(recvmsg4_prog, recvmsg4_prog); 473 BPF_SKEL_FUNCS(recvmsg6_prog, recvmsg6_prog); 474 BPF_SKEL_FUNCS_RAW(recvmsg6_prog, recvmsg6_prog); 475 BPF_SKEL_FUNCS(recvmsg_unix_prog, recvmsg_unix_prog); 476 BPF_SKEL_FUNCS_RAW(recvmsg_unix_prog, recvmsg_unix_prog); 477 BPF_SKEL_FUNCS(getsockname_unix_prog, getsockname_unix_prog); 478 BPF_SKEL_FUNCS_RAW(getsockname_unix_prog, getsockname_unix_prog); 479 BPF_SKEL_FUNCS(getsockname4_prog, getsockname_v4_prog); 480 BPF_SKEL_FUNCS_RAW(getsockname4_prog, getsockname_v4_prog); 481 BPF_SKEL_FUNCS(getsockname6_prog, getsockname_v6_prog); 482 BPF_SKEL_FUNCS_RAW(getsockname6_prog, getsockname_v6_prog); 483 BPF_SKEL_FUNCS(getpeername_unix_prog, getpeername_unix_prog); 484 BPF_SKEL_FUNCS_RAW(getpeername_unix_prog, getpeername_unix_prog); 485 BPF_SKEL_FUNCS(getpeername4_prog, getpeername_v4_prog); 486 BPF_SKEL_FUNCS_RAW(getpeername4_prog, getpeername_v4_prog); 487 BPF_SKEL_FUNCS(getpeername6_prog, getpeername_v6_prog); 488 BPF_SKEL_FUNCS_RAW(getpeername6_prog, getpeername_v6_prog); 489 490 static struct sock_addr_test tests[] = { 491 /* bind - system calls */ 492 { 493 SOCK_ADDR_TEST_BIND, 494 "bind4: bind (stream)", 495 bind_v4_prog_load, 496 bind_v4_prog_destroy, 497 BPF_CGROUP_INET4_BIND, 498 &user_ops, 499 AF_INET, 500 SOCK_STREAM, 501 SERV4_IP, 502 SERV4_PORT, 503 SERV4_REWRITE_IP, 504 SERV4_REWRITE_PORT, 505 NULL, 506 SUCCESS, 507 }, 508 { 509 SOCK_ADDR_TEST_BIND, 510 "bind4: bind deny (stream)", 511 bind_v4_deny_prog_load, 512 bind_v4_deny_prog_destroy, 513 BPF_CGROUP_INET4_BIND, 514 &user_ops, 515 AF_INET, 516 SOCK_STREAM, 517 SERV4_IP, 518 SERV4_PORT, 519 SERV4_REWRITE_IP, 520 SERV4_REWRITE_PORT, 521 NULL, 522 SYSCALL_EPERM, 523 }, 524 { 525 SOCK_ADDR_TEST_BIND, 526 "bind4: bind (dgram)", 527 bind_v4_prog_load, 528 bind_v4_prog_destroy, 529 BPF_CGROUP_INET4_BIND, 530 &user_ops, 531 AF_INET, 532 SOCK_DGRAM, 533 SERV4_IP, 534 SERV4_PORT, 535 SERV4_REWRITE_IP, 536 SERV4_REWRITE_PORT, 537 NULL, 538 SUCCESS, 539 }, 540 { 541 SOCK_ADDR_TEST_BIND, 542 "bind4: bind deny (dgram)", 543 bind_v4_deny_prog_load, 544 bind_v4_deny_prog_destroy, 545 BPF_CGROUP_INET4_BIND, 546 &user_ops, 547 AF_INET, 548 SOCK_DGRAM, 549 SERV4_IP, 550 SERV4_PORT, 551 SERV4_REWRITE_IP, 552 SERV4_REWRITE_PORT, 553 NULL, 554 SYSCALL_EPERM, 555 }, 556 { 557 SOCK_ADDR_TEST_BIND, 558 "bind4: load prog with wrong expected attach type", 559 bind_v4_prog_load, 560 bind_v4_prog_destroy, 561 BPF_CGROUP_INET6_BIND, 562 &user_ops, 563 AF_INET, 564 SOCK_STREAM, 565 NULL, 566 0, 567 NULL, 568 0, 569 NULL, 570 LOAD_REJECT, 571 }, 572 { 573 SOCK_ADDR_TEST_BIND, 574 "bind4: attach prog with wrong attach type", 575 bind_v4_prog_load_raw, 576 bind_v4_prog_destroy_raw, 577 BPF_CGROUP_INET6_BIND, 578 &user_ops, 579 AF_INET, 580 SOCK_STREAM, 581 NULL, 582 0, 583 NULL, 584 0, 585 NULL, 586 ATTACH_REJECT, 587 }, 588 { 589 SOCK_ADDR_TEST_BIND, 590 "bind6: bind (stream)", 591 bind_v6_prog_load, 592 bind_v6_prog_destroy, 593 BPF_CGROUP_INET6_BIND, 594 &user_ops, 595 AF_INET6, 596 SOCK_STREAM, 597 SERV6_IP, 598 SERV6_PORT, 599 SERV6_REWRITE_IP, 600 SERV6_REWRITE_PORT, 601 NULL, 602 SUCCESS, 603 }, 604 { 605 SOCK_ADDR_TEST_BIND, 606 "bind6: bind deny (stream)", 607 bind_v6_deny_prog_load, 608 bind_v6_deny_prog_destroy, 609 BPF_CGROUP_INET6_BIND, 610 &user_ops, 611 AF_INET6, 612 SOCK_STREAM, 613 SERV6_IP, 614 SERV6_PORT, 615 SERV6_REWRITE_IP, 616 SERV6_REWRITE_PORT, 617 NULL, 618 SYSCALL_EPERM, 619 }, 620 { 621 SOCK_ADDR_TEST_BIND, 622 "bind6: bind (dgram)", 623 bind_v6_prog_load, 624 bind_v6_prog_destroy, 625 BPF_CGROUP_INET6_BIND, 626 &user_ops, 627 AF_INET6, 628 SOCK_DGRAM, 629 SERV6_IP, 630 SERV6_PORT, 631 SERV6_REWRITE_IP, 632 SERV6_REWRITE_PORT, 633 NULL, 634 SUCCESS, 635 }, 636 { 637 SOCK_ADDR_TEST_BIND, 638 "bind6: bind deny (dgram)", 639 bind_v6_deny_prog_load, 640 bind_v6_deny_prog_destroy, 641 BPF_CGROUP_INET6_BIND, 642 &user_ops, 643 AF_INET6, 644 SOCK_DGRAM, 645 SERV6_IP, 646 SERV6_PORT, 647 SERV6_REWRITE_IP, 648 SERV6_REWRITE_PORT, 649 NULL, 650 SYSCALL_EPERM, 651 }, 652 { 653 SOCK_ADDR_TEST_BIND, 654 "bind6: load prog with wrong expected attach type", 655 bind_v6_prog_load, 656 bind_v6_prog_destroy, 657 BPF_CGROUP_INET4_BIND, 658 &user_ops, 659 AF_INET6, 660 SOCK_STREAM, 661 NULL, 662 0, 663 NULL, 664 0, 665 NULL, 666 LOAD_REJECT, 667 }, 668 { 669 SOCK_ADDR_TEST_BIND, 670 "bind6: attach prog with wrong attach type", 671 bind_v6_prog_load_raw, 672 bind_v6_prog_destroy_raw, 673 BPF_CGROUP_INET4_BIND, 674 &user_ops, 675 AF_INET, 676 SOCK_STREAM, 677 NULL, 678 0, 679 NULL, 680 0, 681 NULL, 682 ATTACH_REJECT, 683 }, 684 685 /* bind - kernel calls */ 686 { 687 SOCK_ADDR_TEST_BIND, 688 "bind4: kernel_bind (stream)", 689 bind_v4_prog_load, 690 bind_v4_prog_destroy, 691 BPF_CGROUP_INET4_BIND, 692 &kern_ops_sock_sendmsg, 693 AF_INET, 694 SOCK_STREAM, 695 SERV4_IP, 696 SERV4_PORT, 697 SERV4_REWRITE_IP, 698 SERV4_REWRITE_PORT, 699 NULL, 700 SUCCESS, 701 }, 702 { 703 SOCK_ADDR_TEST_BIND, 704 "bind4: kernel_bind deny (stream)", 705 bind_v4_deny_prog_load, 706 bind_v4_deny_prog_destroy, 707 BPF_CGROUP_INET4_BIND, 708 &kern_ops_sock_sendmsg, 709 AF_INET, 710 SOCK_STREAM, 711 SERV4_IP, 712 SERV4_PORT, 713 SERV4_REWRITE_IP, 714 SERV4_REWRITE_PORT, 715 NULL, 716 SYSCALL_EPERM, 717 }, 718 { 719 SOCK_ADDR_TEST_BIND, 720 "bind4: kernel_bind (dgram)", 721 bind_v4_prog_load, 722 bind_v4_prog_destroy, 723 BPF_CGROUP_INET4_BIND, 724 &kern_ops_sock_sendmsg, 725 AF_INET, 726 SOCK_DGRAM, 727 SERV4_IP, 728 SERV4_PORT, 729 SERV4_REWRITE_IP, 730 SERV4_REWRITE_PORT, 731 NULL, 732 SUCCESS, 733 }, 734 { 735 SOCK_ADDR_TEST_BIND, 736 "bind4: kernel_bind deny (dgram)", 737 bind_v4_deny_prog_load, 738 bind_v4_deny_prog_destroy, 739 BPF_CGROUP_INET4_BIND, 740 &kern_ops_sock_sendmsg, 741 AF_INET, 742 SOCK_DGRAM, 743 SERV4_IP, 744 SERV4_PORT, 745 SERV4_REWRITE_IP, 746 SERV4_REWRITE_PORT, 747 NULL, 748 SYSCALL_EPERM, 749 }, 750 { 751 SOCK_ADDR_TEST_BIND, 752 "bind6: kernel_bind (stream)", 753 bind_v6_prog_load, 754 bind_v6_prog_destroy, 755 BPF_CGROUP_INET6_BIND, 756 &kern_ops_sock_sendmsg, 757 AF_INET6, 758 SOCK_STREAM, 759 SERV6_IP, 760 SERV6_PORT, 761 SERV6_REWRITE_IP, 762 SERV6_REWRITE_PORT, 763 NULL, 764 SUCCESS, 765 }, 766 { 767 SOCK_ADDR_TEST_BIND, 768 "bind6: kernel_bind deny (stream)", 769 bind_v6_deny_prog_load, 770 bind_v6_deny_prog_destroy, 771 BPF_CGROUP_INET6_BIND, 772 &kern_ops_sock_sendmsg, 773 AF_INET6, 774 SOCK_STREAM, 775 SERV6_IP, 776 SERV6_PORT, 777 SERV6_REWRITE_IP, 778 SERV6_REWRITE_PORT, 779 NULL, 780 SYSCALL_EPERM, 781 }, 782 { 783 SOCK_ADDR_TEST_BIND, 784 "bind6: kernel_bind (dgram)", 785 bind_v6_prog_load, 786 bind_v6_prog_destroy, 787 BPF_CGROUP_INET6_BIND, 788 &kern_ops_sock_sendmsg, 789 AF_INET6, 790 SOCK_DGRAM, 791 SERV6_IP, 792 SERV6_PORT, 793 SERV6_REWRITE_IP, 794 SERV6_REWRITE_PORT, 795 NULL, 796 SUCCESS, 797 }, 798 { 799 SOCK_ADDR_TEST_BIND, 800 "bind6: kernel_bind deny (dgram)", 801 bind_v6_deny_prog_load, 802 bind_v6_deny_prog_destroy, 803 BPF_CGROUP_INET6_BIND, 804 &kern_ops_sock_sendmsg, 805 AF_INET6, 806 SOCK_DGRAM, 807 SERV6_IP, 808 SERV6_PORT, 809 SERV6_REWRITE_IP, 810 SERV6_REWRITE_PORT, 811 NULL, 812 SYSCALL_EPERM, 813 }, 814 815 /* connect - system calls */ 816 { 817 SOCK_ADDR_TEST_CONNECT, 818 "connect4: connect (stream)", 819 connect_v4_prog_load, 820 connect_v4_prog_destroy, 821 BPF_CGROUP_INET4_CONNECT, 822 &user_ops, 823 AF_INET, 824 SOCK_STREAM, 825 SERV4_IP, 826 SERV4_PORT, 827 SERV4_REWRITE_IP, 828 SERV4_REWRITE_PORT, 829 SRC4_REWRITE_IP, 830 SUCCESS, 831 }, 832 { 833 SOCK_ADDR_TEST_CONNECT, 834 "connect4: connect deny (stream)", 835 connect_v4_deny_prog_load, 836 connect_v4_deny_prog_destroy, 837 BPF_CGROUP_INET4_CONNECT, 838 &user_ops, 839 AF_INET, 840 SOCK_STREAM, 841 SERV4_IP, 842 SERV4_PORT, 843 SERV4_REWRITE_IP, 844 SERV4_REWRITE_PORT, 845 SRC4_REWRITE_IP, 846 SYSCALL_EPERM, 847 }, 848 { 849 SOCK_ADDR_TEST_CONNECT, 850 "connect4: connect (dgram)", 851 connect_v4_prog_load, 852 connect_v4_prog_destroy, 853 BPF_CGROUP_INET4_CONNECT, 854 &user_ops, 855 AF_INET, 856 SOCK_DGRAM, 857 SERV4_IP, 858 SERV4_PORT, 859 SERV4_REWRITE_IP, 860 SERV4_REWRITE_PORT, 861 SRC4_REWRITE_IP, 862 SUCCESS, 863 }, 864 { 865 SOCK_ADDR_TEST_CONNECT, 866 "connect4: connect deny (dgram)", 867 connect_v4_deny_prog_load, 868 connect_v4_deny_prog_destroy, 869 BPF_CGROUP_INET4_CONNECT, 870 &user_ops, 871 AF_INET, 872 SOCK_DGRAM, 873 SERV4_IP, 874 SERV4_PORT, 875 SERV4_REWRITE_IP, 876 SERV4_REWRITE_PORT, 877 SRC4_REWRITE_IP, 878 SYSCALL_EPERM, 879 }, 880 { 881 SOCK_ADDR_TEST_CONNECT, 882 "connect4: load prog with wrong expected attach type", 883 connect_v4_prog_load, 884 connect_v4_prog_destroy, 885 BPF_CGROUP_INET6_CONNECT, 886 &user_ops, 887 AF_INET, 888 SOCK_STREAM, 889 NULL, 890 0, 891 NULL, 892 0, 893 NULL, 894 LOAD_REJECT, 895 }, 896 { 897 SOCK_ADDR_TEST_CONNECT, 898 "connect4: attach prog with wrong attach type", 899 connect_v4_prog_load_raw, 900 connect_v4_prog_destroy_raw, 901 BPF_CGROUP_INET6_CONNECT, 902 &user_ops, 903 AF_INET, 904 SOCK_STREAM, 905 NULL, 906 0, 907 NULL, 908 0, 909 NULL, 910 ATTACH_REJECT, 911 }, 912 { 913 SOCK_ADDR_TEST_CONNECT, 914 "connect6: connect (stream)", 915 connect_v6_prog_load, 916 connect_v6_prog_destroy, 917 BPF_CGROUP_INET6_CONNECT, 918 &user_ops, 919 AF_INET6, 920 SOCK_STREAM, 921 SERV6_IP, 922 SERV6_PORT, 923 SERV6_REWRITE_IP, 924 SERV6_REWRITE_PORT, 925 SRC6_REWRITE_IP, 926 SUCCESS, 927 }, 928 { 929 SOCK_ADDR_TEST_CONNECT, 930 "connect6: connect deny (stream)", 931 connect_v6_deny_prog_load, 932 connect_v6_deny_prog_destroy, 933 BPF_CGROUP_INET6_CONNECT, 934 &user_ops, 935 AF_INET6, 936 SOCK_STREAM, 937 SERV6_IP, 938 SERV6_PORT, 939 SERV6_REWRITE_IP, 940 SERV6_REWRITE_PORT, 941 SRC6_REWRITE_IP, 942 SYSCALL_EPERM, 943 }, 944 { 945 SOCK_ADDR_TEST_CONNECT, 946 "connect6: connect (dgram)", 947 connect_v6_prog_load, 948 connect_v6_prog_destroy, 949 BPF_CGROUP_INET6_CONNECT, 950 &user_ops, 951 AF_INET6, 952 SOCK_DGRAM, 953 SERV6_IP, 954 SERV6_PORT, 955 SERV6_REWRITE_IP, 956 SERV6_REWRITE_PORT, 957 SRC6_REWRITE_IP, 958 SUCCESS, 959 }, 960 { 961 SOCK_ADDR_TEST_CONNECT, 962 "connect6: connect deny (dgram)", 963 connect_v6_deny_prog_load, 964 connect_v6_deny_prog_destroy, 965 BPF_CGROUP_INET6_CONNECT, 966 &user_ops, 967 AF_INET6, 968 SOCK_DGRAM, 969 SERV6_IP, 970 SERV6_PORT, 971 SERV6_REWRITE_IP, 972 SERV6_REWRITE_PORT, 973 SRC6_REWRITE_IP, 974 SYSCALL_EPERM, 975 }, 976 { 977 SOCK_ADDR_TEST_CONNECT, 978 "connect6: load prog with wrong expected attach type", 979 connect_v6_prog_load, 980 connect_v6_prog_destroy, 981 BPF_CGROUP_INET4_CONNECT, 982 &user_ops, 983 AF_INET6, 984 SOCK_STREAM, 985 NULL, 986 0, 987 NULL, 988 0, 989 NULL, 990 LOAD_REJECT, 991 }, 992 { 993 SOCK_ADDR_TEST_CONNECT, 994 "connect6: attach prog with wrong attach type", 995 connect_v6_prog_load_raw, 996 connect_v6_prog_destroy_raw, 997 BPF_CGROUP_INET4_CONNECT, 998 &user_ops, 999 AF_INET, 1000 SOCK_STREAM, 1001 NULL, 1002 0, 1003 NULL, 1004 0, 1005 NULL, 1006 ATTACH_REJECT, 1007 }, 1008 { 1009 SOCK_ADDR_TEST_CONNECT, 1010 "connect_unix: connect (stream)", 1011 connect_unix_prog_load, 1012 connect_unix_prog_destroy, 1013 BPF_CGROUP_UNIX_CONNECT, 1014 &user_ops, 1015 AF_UNIX, 1016 SOCK_STREAM, 1017 SERVUN_ADDRESS, 1018 0, 1019 SERVUN_REWRITE_ADDRESS, 1020 0, 1021 NULL, 1022 SUCCESS, 1023 }, 1024 { 1025 SOCK_ADDR_TEST_CONNECT, 1026 "connect_unix: connect deny (stream)", 1027 connect_unix_deny_prog_load, 1028 connect_unix_deny_prog_destroy, 1029 BPF_CGROUP_UNIX_CONNECT, 1030 &user_ops, 1031 AF_UNIX, 1032 SOCK_STREAM, 1033 SERVUN_ADDRESS, 1034 0, 1035 SERVUN_REWRITE_ADDRESS, 1036 0, 1037 NULL, 1038 SYSCALL_EPERM, 1039 }, 1040 { 1041 SOCK_ADDR_TEST_CONNECT, 1042 "connect_unix: attach prog with wrong attach type", 1043 connect_unix_prog_load_raw, 1044 connect_unix_prog_destroy_raw, 1045 BPF_CGROUP_INET4_CONNECT, 1046 &user_ops, 1047 AF_UNIX, 1048 SOCK_STREAM, 1049 SERVUN_ADDRESS, 1050 0, 1051 SERVUN_REWRITE_ADDRESS, 1052 0, 1053 NULL, 1054 ATTACH_REJECT, 1055 }, 1056 1057 /* connect - kernel calls */ 1058 { 1059 SOCK_ADDR_TEST_CONNECT, 1060 "connect4: kernel_connect (stream)", 1061 connect_v4_prog_load, 1062 connect_v4_prog_destroy, 1063 BPF_CGROUP_INET4_CONNECT, 1064 &kern_ops_sock_sendmsg, 1065 AF_INET, 1066 SOCK_STREAM, 1067 SERV4_IP, 1068 SERV4_PORT, 1069 SERV4_REWRITE_IP, 1070 SERV4_REWRITE_PORT, 1071 SRC4_REWRITE_IP, 1072 SUCCESS, 1073 }, 1074 { 1075 SOCK_ADDR_TEST_CONNECT, 1076 "connect4: kernel_connect deny (stream)", 1077 connect_v4_deny_prog_load, 1078 connect_v4_deny_prog_destroy, 1079 BPF_CGROUP_INET4_CONNECT, 1080 &kern_ops_sock_sendmsg, 1081 AF_INET, 1082 SOCK_STREAM, 1083 SERV4_IP, 1084 SERV4_PORT, 1085 SERV4_REWRITE_IP, 1086 SERV4_REWRITE_PORT, 1087 SRC4_REWRITE_IP, 1088 SYSCALL_EPERM, 1089 }, 1090 { 1091 SOCK_ADDR_TEST_CONNECT, 1092 "connect4: kernel_connect (dgram)", 1093 connect_v4_prog_load, 1094 connect_v4_prog_destroy, 1095 BPF_CGROUP_INET4_CONNECT, 1096 &kern_ops_sock_sendmsg, 1097 AF_INET, 1098 SOCK_DGRAM, 1099 SERV4_IP, 1100 SERV4_PORT, 1101 SERV4_REWRITE_IP, 1102 SERV4_REWRITE_PORT, 1103 SRC4_REWRITE_IP, 1104 SUCCESS, 1105 }, 1106 { 1107 SOCK_ADDR_TEST_CONNECT, 1108 "connect4: kernel_connect deny (dgram)", 1109 connect_v4_deny_prog_load, 1110 connect_v4_deny_prog_destroy, 1111 BPF_CGROUP_INET4_CONNECT, 1112 &kern_ops_sock_sendmsg, 1113 AF_INET, 1114 SOCK_DGRAM, 1115 SERV4_IP, 1116 SERV4_PORT, 1117 SERV4_REWRITE_IP, 1118 SERV4_REWRITE_PORT, 1119 SRC4_REWRITE_IP, 1120 SYSCALL_EPERM, 1121 }, 1122 { 1123 SOCK_ADDR_TEST_CONNECT, 1124 "connect6: kernel_connect (stream)", 1125 connect_v6_prog_load, 1126 connect_v6_prog_destroy, 1127 BPF_CGROUP_INET6_CONNECT, 1128 &kern_ops_sock_sendmsg, 1129 AF_INET6, 1130 SOCK_STREAM, 1131 SERV6_IP, 1132 SERV6_PORT, 1133 SERV6_REWRITE_IP, 1134 SERV6_REWRITE_PORT, 1135 SRC6_REWRITE_IP, 1136 SUCCESS, 1137 }, 1138 { 1139 SOCK_ADDR_TEST_CONNECT, 1140 "connect6: kernel_connect deny (stream)", 1141 connect_v6_deny_prog_load, 1142 connect_v6_deny_prog_destroy, 1143 BPF_CGROUP_INET6_CONNECT, 1144 &kern_ops_sock_sendmsg, 1145 AF_INET6, 1146 SOCK_STREAM, 1147 SERV6_IP, 1148 SERV6_PORT, 1149 SERV6_REWRITE_IP, 1150 SERV6_REWRITE_PORT, 1151 SRC6_REWRITE_IP, 1152 SYSCALL_EPERM, 1153 }, 1154 { 1155 SOCK_ADDR_TEST_CONNECT, 1156 "connect6: kernel_connect (dgram)", 1157 connect_v6_prog_load, 1158 connect_v6_prog_destroy, 1159 BPF_CGROUP_INET6_CONNECT, 1160 &kern_ops_sock_sendmsg, 1161 AF_INET6, 1162 SOCK_DGRAM, 1163 SERV6_IP, 1164 SERV6_PORT, 1165 SERV6_REWRITE_IP, 1166 SERV6_REWRITE_PORT, 1167 SRC6_REWRITE_IP, 1168 SUCCESS, 1169 }, 1170 { 1171 SOCK_ADDR_TEST_CONNECT, 1172 "connect6: kernel_connect deny (dgram)", 1173 connect_v6_deny_prog_load, 1174 connect_v6_deny_prog_destroy, 1175 BPF_CGROUP_INET6_CONNECT, 1176 &kern_ops_sock_sendmsg, 1177 AF_INET6, 1178 SOCK_DGRAM, 1179 SERV6_IP, 1180 SERV6_PORT, 1181 SERV6_REWRITE_IP, 1182 SERV6_REWRITE_PORT, 1183 SRC6_REWRITE_IP, 1184 SYSCALL_EPERM, 1185 }, 1186 { 1187 SOCK_ADDR_TEST_CONNECT, 1188 "connect_unix: kernel_connect (dgram)", 1189 connect_unix_prog_load, 1190 connect_unix_prog_destroy, 1191 BPF_CGROUP_UNIX_CONNECT, 1192 &kern_ops_sock_sendmsg, 1193 AF_UNIX, 1194 SOCK_STREAM, 1195 SERVUN_ADDRESS, 1196 0, 1197 SERVUN_REWRITE_ADDRESS, 1198 0, 1199 NULL, 1200 SUCCESS, 1201 }, 1202 { 1203 SOCK_ADDR_TEST_CONNECT, 1204 "connect_unix: kernel_connect deny (dgram)", 1205 connect_unix_deny_prog_load, 1206 connect_unix_deny_prog_destroy, 1207 BPF_CGROUP_UNIX_CONNECT, 1208 &kern_ops_sock_sendmsg, 1209 AF_UNIX, 1210 SOCK_STREAM, 1211 SERVUN_ADDRESS, 1212 0, 1213 SERVUN_REWRITE_ADDRESS, 1214 0, 1215 NULL, 1216 SYSCALL_EPERM, 1217 }, 1218 1219 /* sendmsg - system calls */ 1220 { 1221 SOCK_ADDR_TEST_SENDMSG, 1222 "sendmsg4: sendmsg (dgram)", 1223 sendmsg_v4_prog_load, 1224 sendmsg_v4_prog_destroy, 1225 BPF_CGROUP_UDP4_SENDMSG, 1226 &user_ops, 1227 AF_INET, 1228 SOCK_DGRAM, 1229 SERV4_IP, 1230 SERV4_PORT, 1231 SERV4_REWRITE_IP, 1232 SERV4_REWRITE_PORT, 1233 SRC4_REWRITE_IP, 1234 SUCCESS, 1235 }, 1236 { 1237 SOCK_ADDR_TEST_SENDMSG, 1238 "sendmsg4: sendmsg deny (dgram)", 1239 sendmsg_v4_deny_prog_load, 1240 sendmsg_v4_deny_prog_destroy, 1241 BPF_CGROUP_UDP4_SENDMSG, 1242 &user_ops, 1243 AF_INET, 1244 SOCK_DGRAM, 1245 SERV4_IP, 1246 SERV4_PORT, 1247 SERV4_REWRITE_IP, 1248 SERV4_REWRITE_PORT, 1249 SRC4_REWRITE_IP, 1250 SYSCALL_EPERM, 1251 }, 1252 { 1253 SOCK_ADDR_TEST_SENDMSG, 1254 "sendmsg4: load prog with wrong expected attach type", 1255 sendmsg_v4_prog_load, 1256 sendmsg_v4_prog_destroy, 1257 BPF_CGROUP_UDP6_SENDMSG, 1258 &user_ops, 1259 AF_INET, 1260 SOCK_DGRAM, 1261 NULL, 1262 0, 1263 NULL, 1264 0, 1265 NULL, 1266 LOAD_REJECT, 1267 }, 1268 { 1269 SOCK_ADDR_TEST_SENDMSG, 1270 "sendmsg4: attach prog with wrong attach type", 1271 sendmsg_v4_prog_load_raw, 1272 sendmsg_v4_prog_destroy_raw, 1273 BPF_CGROUP_UDP6_SENDMSG, 1274 &user_ops, 1275 AF_INET, 1276 SOCK_DGRAM, 1277 NULL, 1278 0, 1279 NULL, 1280 0, 1281 NULL, 1282 ATTACH_REJECT, 1283 }, 1284 { 1285 SOCK_ADDR_TEST_SENDMSG, 1286 "sendmsg6: sendmsg (dgram)", 1287 sendmsg_v6_prog_load, 1288 sendmsg_v6_prog_destroy, 1289 BPF_CGROUP_UDP6_SENDMSG, 1290 &user_ops, 1291 AF_INET6, 1292 SOCK_DGRAM, 1293 SERV6_IP, 1294 SERV6_PORT, 1295 SERV6_REWRITE_IP, 1296 SERV6_REWRITE_PORT, 1297 SRC6_REWRITE_IP, 1298 SUCCESS, 1299 }, 1300 { 1301 SOCK_ADDR_TEST_SENDMSG, 1302 "sendmsg6: sendmsg [::] (BSD'ism) (dgram)", 1303 sendmsg_v6_preserve_dst_prog_load, 1304 sendmsg_v6_preserve_dst_prog_destroy, 1305 BPF_CGROUP_UDP6_SENDMSG, 1306 &user_ops, 1307 AF_INET6, 1308 SOCK_DGRAM, 1309 WILDCARD6_IP, 1310 SERV6_PORT, 1311 SERV6_REWRITE_IP, 1312 SERV6_PORT, 1313 SRC6_IP, 1314 SUCCESS, 1315 }, 1316 { 1317 SOCK_ADDR_TEST_SENDMSG, 1318 "sendmsg6: sendmsg deny (dgram)", 1319 sendmsg_v6_deny_prog_load, 1320 sendmsg_v6_deny_prog_destroy, 1321 BPF_CGROUP_UDP6_SENDMSG, 1322 &user_ops, 1323 AF_INET6, 1324 SOCK_DGRAM, 1325 SERV6_IP, 1326 SERV6_PORT, 1327 SERV6_REWRITE_IP, 1328 SERV6_REWRITE_PORT, 1329 SRC6_REWRITE_IP, 1330 SYSCALL_EPERM, 1331 }, 1332 { 1333 SOCK_ADDR_TEST_SENDMSG, 1334 "sendmsg6: sendmsg IPv4-mapped IPv6 (dgram)", 1335 sendmsg_v6_v4mapped_prog_load, 1336 sendmsg_v6_v4mapped_prog_destroy, 1337 BPF_CGROUP_UDP6_SENDMSG, 1338 &user_ops, 1339 AF_INET6, 1340 SOCK_DGRAM, 1341 SERV6_IP, 1342 SERV6_PORT, 1343 SERV6_REWRITE_IP, 1344 SERV6_REWRITE_PORT, 1345 SRC6_REWRITE_IP, 1346 SYSCALL_ENOTSUPP, 1347 }, 1348 { 1349 SOCK_ADDR_TEST_SENDMSG, 1350 "sendmsg6: sendmsg dst IP = [::] (BSD'ism) (dgram)", 1351 sendmsg_v6_wildcard_prog_load, 1352 sendmsg_v6_wildcard_prog_destroy, 1353 BPF_CGROUP_UDP6_SENDMSG, 1354 &user_ops, 1355 AF_INET6, 1356 SOCK_DGRAM, 1357 SERV6_IP, 1358 SERV6_PORT, 1359 SERV6_REWRITE_IP, 1360 SERV6_REWRITE_PORT, 1361 SRC6_REWRITE_IP, 1362 SUCCESS, 1363 }, 1364 { 1365 SOCK_ADDR_TEST_SENDMSG, 1366 "sendmsg6: load prog with wrong expected attach type", 1367 sendmsg_v6_prog_load, 1368 sendmsg_v6_prog_destroy, 1369 BPF_CGROUP_UDP4_SENDMSG, 1370 &user_ops, 1371 AF_INET6, 1372 SOCK_DGRAM, 1373 NULL, 1374 0, 1375 NULL, 1376 0, 1377 NULL, 1378 LOAD_REJECT, 1379 }, 1380 { 1381 SOCK_ADDR_TEST_SENDMSG, 1382 "sendmsg6: attach prog with wrong attach type", 1383 sendmsg_v6_prog_load_raw, 1384 sendmsg_v6_prog_destroy_raw, 1385 BPF_CGROUP_UDP4_SENDMSG, 1386 &user_ops, 1387 AF_INET6, 1388 SOCK_DGRAM, 1389 NULL, 1390 0, 1391 NULL, 1392 0, 1393 NULL, 1394 ATTACH_REJECT, 1395 }, 1396 { 1397 SOCK_ADDR_TEST_SENDMSG, 1398 "sendmsg_unix: sendmsg (dgram)", 1399 sendmsg_unix_prog_load, 1400 sendmsg_unix_prog_destroy, 1401 BPF_CGROUP_UNIX_SENDMSG, 1402 &user_ops, 1403 AF_UNIX, 1404 SOCK_DGRAM, 1405 SERVUN_ADDRESS, 1406 0, 1407 SERVUN_REWRITE_ADDRESS, 1408 0, 1409 NULL, 1410 SUCCESS, 1411 }, 1412 { 1413 SOCK_ADDR_TEST_SENDMSG, 1414 "sendmsg_unix: sendmsg deny (dgram)", 1415 sendmsg_unix_deny_prog_load, 1416 sendmsg_unix_deny_prog_destroy, 1417 BPF_CGROUP_UNIX_SENDMSG, 1418 &user_ops, 1419 AF_UNIX, 1420 SOCK_DGRAM, 1421 SERVUN_ADDRESS, 1422 0, 1423 SERVUN_REWRITE_ADDRESS, 1424 0, 1425 NULL, 1426 SYSCALL_EPERM, 1427 }, 1428 { 1429 SOCK_ADDR_TEST_SENDMSG, 1430 "sendmsg_unix: attach prog with wrong attach type", 1431 sendmsg_unix_prog_load_raw, 1432 sendmsg_unix_prog_destroy_raw, 1433 BPF_CGROUP_UDP4_SENDMSG, 1434 &user_ops, 1435 AF_UNIX, 1436 SOCK_DGRAM, 1437 SERVUN_ADDRESS, 1438 0, 1439 SERVUN_REWRITE_ADDRESS, 1440 0, 1441 NULL, 1442 ATTACH_REJECT, 1443 }, 1444 1445 /* sendmsg - kernel calls (sock_sendmsg) */ 1446 { 1447 SOCK_ADDR_TEST_SENDMSG, 1448 "sendmsg4: sock_sendmsg (dgram)", 1449 sendmsg_v4_prog_load, 1450 sendmsg_v4_prog_destroy, 1451 BPF_CGROUP_UDP4_SENDMSG, 1452 &kern_ops_sock_sendmsg, 1453 AF_INET, 1454 SOCK_DGRAM, 1455 SERV4_IP, 1456 SERV4_PORT, 1457 SERV4_REWRITE_IP, 1458 SERV4_REWRITE_PORT, 1459 SRC4_REWRITE_IP, 1460 SUCCESS, 1461 }, 1462 { 1463 SOCK_ADDR_TEST_SENDMSG, 1464 "sendmsg4: sock_sendmsg deny (dgram)", 1465 sendmsg_v4_deny_prog_load, 1466 sendmsg_v4_deny_prog_destroy, 1467 BPF_CGROUP_UDP4_SENDMSG, 1468 &kern_ops_sock_sendmsg, 1469 AF_INET, 1470 SOCK_DGRAM, 1471 SERV4_IP, 1472 SERV4_PORT, 1473 SERV4_REWRITE_IP, 1474 SERV4_REWRITE_PORT, 1475 SRC4_REWRITE_IP, 1476 SYSCALL_EPERM, 1477 }, 1478 { 1479 SOCK_ADDR_TEST_SENDMSG, 1480 "sendmsg6: sock_sendmsg (dgram)", 1481 sendmsg_v6_prog_load, 1482 sendmsg_v6_prog_destroy, 1483 BPF_CGROUP_UDP6_SENDMSG, 1484 &kern_ops_sock_sendmsg, 1485 AF_INET6, 1486 SOCK_DGRAM, 1487 SERV6_IP, 1488 SERV6_PORT, 1489 SERV6_REWRITE_IP, 1490 SERV6_REWRITE_PORT, 1491 SRC6_REWRITE_IP, 1492 SUCCESS, 1493 }, 1494 { 1495 SOCK_ADDR_TEST_SENDMSG, 1496 "sendmsg6: sock_sendmsg [::] (BSD'ism) (dgram)", 1497 sendmsg_v6_preserve_dst_prog_load, 1498 sendmsg_v6_preserve_dst_prog_destroy, 1499 BPF_CGROUP_UDP6_SENDMSG, 1500 &kern_ops_sock_sendmsg, 1501 AF_INET6, 1502 SOCK_DGRAM, 1503 WILDCARD6_IP, 1504 SERV6_PORT, 1505 SERV6_REWRITE_IP, 1506 SERV6_PORT, 1507 SRC6_IP, 1508 SUCCESS, 1509 }, 1510 { 1511 SOCK_ADDR_TEST_SENDMSG, 1512 "sendmsg6: sock_sendmsg deny (dgram)", 1513 sendmsg_v6_deny_prog_load, 1514 sendmsg_v6_deny_prog_destroy, 1515 BPF_CGROUP_UDP6_SENDMSG, 1516 &kern_ops_sock_sendmsg, 1517 AF_INET6, 1518 SOCK_DGRAM, 1519 SERV6_IP, 1520 SERV6_PORT, 1521 SERV6_REWRITE_IP, 1522 SERV6_REWRITE_PORT, 1523 SRC6_REWRITE_IP, 1524 SYSCALL_EPERM, 1525 }, 1526 { 1527 SOCK_ADDR_TEST_SENDMSG, 1528 "sendmsg_unix: sock_sendmsg (dgram)", 1529 sendmsg_unix_prog_load, 1530 sendmsg_unix_prog_destroy, 1531 BPF_CGROUP_UNIX_SENDMSG, 1532 &kern_ops_sock_sendmsg, 1533 AF_UNIX, 1534 SOCK_DGRAM, 1535 SERVUN_ADDRESS, 1536 0, 1537 SERVUN_REWRITE_ADDRESS, 1538 0, 1539 NULL, 1540 SUCCESS, 1541 }, 1542 { 1543 SOCK_ADDR_TEST_SENDMSG, 1544 "sendmsg_unix: sock_sendmsg deny (dgram)", 1545 sendmsg_unix_deny_prog_load, 1546 sendmsg_unix_deny_prog_destroy, 1547 BPF_CGROUP_UNIX_SENDMSG, 1548 &kern_ops_sock_sendmsg, 1549 AF_UNIX, 1550 SOCK_DGRAM, 1551 SERVUN_ADDRESS, 1552 0, 1553 SERVUN_REWRITE_ADDRESS, 1554 0, 1555 NULL, 1556 SYSCALL_EPERM, 1557 }, 1558 1559 /* sendmsg - kernel calls (kernel_sendmsg) */ 1560 { 1561 SOCK_ADDR_TEST_SENDMSG, 1562 "sendmsg4: kernel_sendmsg (dgram)", 1563 sendmsg_v4_prog_load, 1564 sendmsg_v4_prog_destroy, 1565 BPF_CGROUP_UDP4_SENDMSG, 1566 &kern_ops_kernel_sendmsg, 1567 AF_INET, 1568 SOCK_DGRAM, 1569 SERV4_IP, 1570 SERV4_PORT, 1571 SERV4_REWRITE_IP, 1572 SERV4_REWRITE_PORT, 1573 SRC4_REWRITE_IP, 1574 SUCCESS, 1575 }, 1576 { 1577 SOCK_ADDR_TEST_SENDMSG, 1578 "sendmsg4: kernel_sendmsg deny (dgram)", 1579 sendmsg_v4_deny_prog_load, 1580 sendmsg_v4_deny_prog_destroy, 1581 BPF_CGROUP_UDP4_SENDMSG, 1582 &kern_ops_kernel_sendmsg, 1583 AF_INET, 1584 SOCK_DGRAM, 1585 SERV4_IP, 1586 SERV4_PORT, 1587 SERV4_REWRITE_IP, 1588 SERV4_REWRITE_PORT, 1589 SRC4_REWRITE_IP, 1590 SYSCALL_EPERM, 1591 }, 1592 { 1593 SOCK_ADDR_TEST_SENDMSG, 1594 "sendmsg6: kernel_sendmsg (dgram)", 1595 sendmsg_v6_prog_load, 1596 sendmsg_v6_prog_destroy, 1597 BPF_CGROUP_UDP6_SENDMSG, 1598 &kern_ops_kernel_sendmsg, 1599 AF_INET6, 1600 SOCK_DGRAM, 1601 SERV6_IP, 1602 SERV6_PORT, 1603 SERV6_REWRITE_IP, 1604 SERV6_REWRITE_PORT, 1605 SRC6_REWRITE_IP, 1606 SUCCESS, 1607 }, 1608 { 1609 SOCK_ADDR_TEST_SENDMSG, 1610 "sendmsg6: kernel_sendmsg [::] (BSD'ism) (dgram)", 1611 sendmsg_v6_preserve_dst_prog_load, 1612 sendmsg_v6_preserve_dst_prog_destroy, 1613 BPF_CGROUP_UDP6_SENDMSG, 1614 &kern_ops_kernel_sendmsg, 1615 AF_INET6, 1616 SOCK_DGRAM, 1617 WILDCARD6_IP, 1618 SERV6_PORT, 1619 SERV6_REWRITE_IP, 1620 SERV6_PORT, 1621 SRC6_IP, 1622 SUCCESS, 1623 }, 1624 { 1625 SOCK_ADDR_TEST_SENDMSG, 1626 "sendmsg6: kernel_sendmsg deny (dgram)", 1627 sendmsg_v6_deny_prog_load, 1628 sendmsg_v6_deny_prog_destroy, 1629 BPF_CGROUP_UDP6_SENDMSG, 1630 &kern_ops_kernel_sendmsg, 1631 AF_INET6, 1632 SOCK_DGRAM, 1633 SERV6_IP, 1634 SERV6_PORT, 1635 SERV6_REWRITE_IP, 1636 SERV6_REWRITE_PORT, 1637 SRC6_REWRITE_IP, 1638 SYSCALL_EPERM, 1639 }, 1640 { 1641 SOCK_ADDR_TEST_SENDMSG, 1642 "sendmsg_unix: sock_sendmsg (dgram)", 1643 sendmsg_unix_prog_load, 1644 sendmsg_unix_prog_destroy, 1645 BPF_CGROUP_UNIX_SENDMSG, 1646 &kern_ops_kernel_sendmsg, 1647 AF_UNIX, 1648 SOCK_DGRAM, 1649 SERVUN_ADDRESS, 1650 0, 1651 SERVUN_REWRITE_ADDRESS, 1652 0, 1653 NULL, 1654 SUCCESS, 1655 }, 1656 { 1657 SOCK_ADDR_TEST_SENDMSG, 1658 "sendmsg_unix: kernel_sendmsg deny (dgram)", 1659 sendmsg_unix_deny_prog_load, 1660 sendmsg_unix_deny_prog_destroy, 1661 BPF_CGROUP_UNIX_SENDMSG, 1662 &kern_ops_kernel_sendmsg, 1663 AF_UNIX, 1664 SOCK_DGRAM, 1665 SERVUN_ADDRESS, 1666 0, 1667 SERVUN_REWRITE_ADDRESS, 1668 0, 1669 NULL, 1670 SYSCALL_EPERM, 1671 }, 1672 1673 /* recvmsg - system calls */ 1674 { 1675 SOCK_ADDR_TEST_RECVMSG, 1676 "recvmsg4: recvfrom (dgram)", 1677 recvmsg4_prog_load, 1678 recvmsg4_prog_destroy, 1679 BPF_CGROUP_UDP4_RECVMSG, 1680 &user_ops, 1681 AF_INET, 1682 SOCK_DGRAM, 1683 SERV4_REWRITE_IP, 1684 SERV4_REWRITE_PORT, 1685 SERV4_REWRITE_IP, 1686 SERV4_REWRITE_PORT, 1687 SERV4_IP, 1688 SUCCESS, 1689 }, 1690 { 1691 SOCK_ADDR_TEST_RECVMSG, 1692 "recvmsg4: attach prog with wrong attach type", 1693 recvmsg4_prog_load_raw, 1694 recvmsg4_prog_destroy_raw, 1695 BPF_CGROUP_UDP6_RECVMSG, 1696 &user_ops, 1697 AF_INET, 1698 SOCK_DGRAM, 1699 SERV4_REWRITE_IP, 1700 SERV4_REWRITE_PORT, 1701 SERV4_REWRITE_IP, 1702 SERV4_REWRITE_PORT, 1703 SERV4_IP, 1704 ATTACH_REJECT, 1705 }, 1706 { 1707 SOCK_ADDR_TEST_RECVMSG, 1708 "recvmsg6: recvfrom (dgram)", 1709 recvmsg6_prog_load, 1710 recvmsg6_prog_destroy, 1711 BPF_CGROUP_UDP6_RECVMSG, 1712 &user_ops, 1713 AF_INET6, 1714 SOCK_DGRAM, 1715 SERV6_REWRITE_IP, 1716 SERV6_REWRITE_PORT, 1717 SERV6_REWRITE_IP, 1718 SERV6_REWRITE_PORT, 1719 SERV6_IP, 1720 SUCCESS, 1721 }, 1722 { 1723 SOCK_ADDR_TEST_RECVMSG, 1724 "recvmsg6: attach prog with wrong attach type", 1725 recvmsg6_prog_load_raw, 1726 recvmsg6_prog_destroy_raw, 1727 BPF_CGROUP_UDP4_RECVMSG, 1728 &user_ops, 1729 AF_INET6, 1730 SOCK_DGRAM, 1731 SERV6_REWRITE_IP, 1732 SERV6_REWRITE_PORT, 1733 SERV6_REWRITE_IP, 1734 SERV6_REWRITE_PORT, 1735 SERV6_IP, 1736 ATTACH_REJECT, 1737 }, 1738 { 1739 SOCK_ADDR_TEST_RECVMSG, 1740 "recvmsg_unix: recvfrom (dgram)", 1741 recvmsg_unix_prog_load, 1742 recvmsg_unix_prog_destroy, 1743 BPF_CGROUP_UNIX_RECVMSG, 1744 &user_ops, 1745 AF_UNIX, 1746 SOCK_DGRAM, 1747 SERVUN_REWRITE_ADDRESS, 1748 0, 1749 SERVUN_REWRITE_ADDRESS, 1750 0, 1751 SERVUN_ADDRESS, 1752 SUCCESS, 1753 }, 1754 { 1755 SOCK_ADDR_TEST_RECVMSG, 1756 "recvmsg_unix: recvfrom (stream)", 1757 recvmsg_unix_prog_load, 1758 recvmsg_unix_prog_destroy, 1759 BPF_CGROUP_UNIX_RECVMSG, 1760 &user_ops, 1761 AF_UNIX, 1762 SOCK_STREAM, 1763 SERVUN_REWRITE_ADDRESS, 1764 0, 1765 SERVUN_REWRITE_ADDRESS, 1766 0, 1767 SERVUN_ADDRESS, 1768 SUCCESS, 1769 }, 1770 { 1771 SOCK_ADDR_TEST_RECVMSG, 1772 "recvmsg_unix: attach prog with wrong attach type", 1773 recvmsg_unix_prog_load_raw, 1774 recvmsg_unix_prog_destroy_raw, 1775 BPF_CGROUP_UDP4_RECVMSG, 1776 &user_ops, 1777 AF_INET6, 1778 SOCK_STREAM, 1779 SERVUN_REWRITE_ADDRESS, 1780 0, 1781 SERVUN_REWRITE_ADDRESS, 1782 0, 1783 SERVUN_ADDRESS, 1784 ATTACH_REJECT, 1785 }, 1786 1787 /* getsockname - system calls */ 1788 { 1789 SOCK_ADDR_TEST_GETSOCKNAME, 1790 "getsockname4: getsockname (stream)", 1791 getsockname_v4_prog_load, 1792 getsockname_v4_prog_destroy, 1793 BPF_CGROUP_INET4_GETSOCKNAME, 1794 &user_ops, 1795 AF_INET, 1796 SOCK_STREAM, 1797 SERV4_REWRITE_IP, 1798 SERV4_REWRITE_PORT, 1799 SERV4_IP, 1800 SERV4_PORT, 1801 NULL, 1802 SUCCESS, 1803 }, 1804 { 1805 SOCK_ADDR_TEST_GETSOCKNAME, 1806 "getsockname4: getsockname (dgram)", 1807 getsockname_v4_prog_load, 1808 getsockname_v4_prog_destroy, 1809 BPF_CGROUP_INET4_GETSOCKNAME, 1810 &user_ops, 1811 AF_INET, 1812 SOCK_DGRAM, 1813 SERV4_REWRITE_IP, 1814 SERV4_REWRITE_PORT, 1815 SERV4_IP, 1816 SERV4_PORT, 1817 NULL, 1818 SUCCESS, 1819 }, 1820 { 1821 SOCK_ADDR_TEST_GETSOCKNAME, 1822 "getsockname4: attach prog with wrong attach type", 1823 getsockname_v4_prog_load_raw, 1824 getsockname_v4_prog_destroy_raw, 1825 BPF_CGROUP_INET6_GETSOCKNAME, 1826 &user_ops, 1827 AF_INET, 1828 SOCK_DGRAM, 1829 SERV4_REWRITE_IP, 1830 SERV4_REWRITE_PORT, 1831 SERV4_IP, 1832 SERV4_PORT, 1833 NULL, 1834 ATTACH_REJECT, 1835 }, 1836 { 1837 SOCK_ADDR_TEST_GETSOCKNAME, 1838 "getsockname6: getsockname (stream)", 1839 getsockname_v6_prog_load, 1840 getsockname_v6_prog_destroy, 1841 BPF_CGROUP_INET6_GETSOCKNAME, 1842 &user_ops, 1843 AF_INET6, 1844 SOCK_STREAM, 1845 SERV6_REWRITE_IP, 1846 SERV6_REWRITE_PORT, 1847 SERV6_IP, 1848 SERV6_PORT, 1849 NULL, 1850 SUCCESS, 1851 }, 1852 { 1853 SOCK_ADDR_TEST_GETSOCKNAME, 1854 "getsockname6: getsockname (dgram)", 1855 getsockname_v6_prog_load, 1856 getsockname_v6_prog_destroy, 1857 BPF_CGROUP_INET6_GETSOCKNAME, 1858 &user_ops, 1859 AF_INET6, 1860 SOCK_DGRAM, 1861 SERV6_REWRITE_IP, 1862 SERV6_REWRITE_PORT, 1863 SERV6_IP, 1864 SERV6_PORT, 1865 NULL, 1866 SUCCESS, 1867 }, 1868 { 1869 SOCK_ADDR_TEST_GETSOCKNAME, 1870 "getsockname6: attach prog with wrong attach type", 1871 getsockname_v6_prog_load_raw, 1872 getsockname_v6_prog_destroy_raw, 1873 BPF_CGROUP_INET4_GETSOCKNAME, 1874 &user_ops, 1875 AF_INET6, 1876 SOCK_DGRAM, 1877 SERV6_REWRITE_IP, 1878 SERV6_REWRITE_PORT, 1879 SERV6_IP, 1880 SERV6_PORT, 1881 NULL, 1882 ATTACH_REJECT, 1883 }, 1884 { 1885 SOCK_ADDR_TEST_GETSOCKNAME, 1886 "getsockname_unix: getsockname", 1887 getsockname_unix_prog_load, 1888 getsockname_unix_prog_destroy, 1889 BPF_CGROUP_UNIX_GETSOCKNAME, 1890 &user_ops, 1891 AF_UNIX, 1892 SOCK_STREAM, 1893 SERVUN_ADDRESS, 1894 0, 1895 SERVUN_REWRITE_ADDRESS, 1896 0, 1897 NULL, 1898 SUCCESS, 1899 }, 1900 { 1901 SOCK_ADDR_TEST_GETSOCKNAME, 1902 "getsockname_unix: attach prog with wrong attach type", 1903 getsockname_unix_prog_load_raw, 1904 getsockname_unix_prog_destroy_raw, 1905 BPF_CGROUP_INET4_GETSOCKNAME, 1906 &user_ops, 1907 AF_UNIX, 1908 SOCK_STREAM, 1909 SERVUN_ADDRESS, 1910 0, 1911 SERVUN_REWRITE_ADDRESS, 1912 0, 1913 NULL, 1914 ATTACH_REJECT, 1915 }, 1916 1917 /* getsockname - kernel calls */ 1918 { 1919 SOCK_ADDR_TEST_GETSOCKNAME, 1920 "getsockname4: kernel_getsockname (stream)", 1921 getsockname_v4_prog_load, 1922 getsockname_v4_prog_destroy, 1923 BPF_CGROUP_INET4_GETSOCKNAME, 1924 &kern_ops_kernel_sendmsg, 1925 AF_INET, 1926 SOCK_STREAM, 1927 SERV4_REWRITE_IP, 1928 SERV4_REWRITE_PORT, 1929 SERV4_IP, 1930 SERV4_PORT, 1931 NULL, 1932 SUCCESS, 1933 }, 1934 { 1935 SOCK_ADDR_TEST_GETSOCKNAME, 1936 "getsockname4: kernel_getsockname (dgram)", 1937 getsockname_v4_prog_load, 1938 getsockname_v4_prog_destroy, 1939 BPF_CGROUP_INET4_GETSOCKNAME, 1940 &kern_ops_kernel_sendmsg, 1941 AF_INET, 1942 SOCK_DGRAM, 1943 SERV4_REWRITE_IP, 1944 SERV4_REWRITE_PORT, 1945 SERV4_IP, 1946 SERV4_PORT, 1947 NULL, 1948 SUCCESS, 1949 }, 1950 { 1951 SOCK_ADDR_TEST_GETSOCKNAME, 1952 "getsockname6: kernel_getsockname (stream)", 1953 getsockname_v6_prog_load, 1954 getsockname_v6_prog_destroy, 1955 BPF_CGROUP_INET6_GETSOCKNAME, 1956 &kern_ops_kernel_sendmsg, 1957 AF_INET6, 1958 SOCK_STREAM, 1959 SERV6_REWRITE_IP, 1960 SERV6_REWRITE_PORT, 1961 SERV6_IP, 1962 SERV6_PORT, 1963 NULL, 1964 SUCCESS, 1965 }, 1966 { 1967 SOCK_ADDR_TEST_GETSOCKNAME, 1968 "getsockname6: kernel_getsockname (dgram)", 1969 getsockname_v6_prog_load, 1970 getsockname_v6_prog_destroy, 1971 BPF_CGROUP_INET6_GETSOCKNAME, 1972 &kern_ops_kernel_sendmsg, 1973 AF_INET6, 1974 SOCK_DGRAM, 1975 SERV6_REWRITE_IP, 1976 SERV6_REWRITE_PORT, 1977 SERV6_IP, 1978 SERV6_PORT, 1979 NULL, 1980 SUCCESS, 1981 }, 1982 { 1983 SOCK_ADDR_TEST_GETSOCKNAME, 1984 "getsockname_unix: kernel_getsockname", 1985 getsockname_unix_prog_load, 1986 getsockname_unix_prog_destroy, 1987 BPF_CGROUP_UNIX_GETSOCKNAME, 1988 &kern_ops_kernel_sendmsg, 1989 AF_UNIX, 1990 SOCK_STREAM, 1991 SERVUN_ADDRESS, 1992 0, 1993 SERVUN_REWRITE_ADDRESS, 1994 0, 1995 NULL, 1996 SUCCESS, 1997 }, 1998 1999 /* getpeername - system calls */ 2000 { 2001 SOCK_ADDR_TEST_GETPEERNAME, 2002 "getpeername4: getpeername (stream)", 2003 getpeername_v4_prog_load, 2004 getpeername_v4_prog_destroy, 2005 BPF_CGROUP_INET4_GETPEERNAME, 2006 &user_ops, 2007 AF_INET, 2008 SOCK_STREAM, 2009 SERV4_REWRITE_IP, 2010 SERV4_REWRITE_PORT, 2011 SERV4_IP, 2012 SERV4_PORT, 2013 NULL, 2014 SUCCESS, 2015 }, 2016 { 2017 SOCK_ADDR_TEST_GETPEERNAME, 2018 "getpeername4: getpeername (dgram)", 2019 getpeername_v4_prog_load, 2020 getpeername_v4_prog_destroy, 2021 BPF_CGROUP_INET4_GETPEERNAME, 2022 &user_ops, 2023 AF_INET, 2024 SOCK_DGRAM, 2025 SERV4_REWRITE_IP, 2026 SERV4_REWRITE_PORT, 2027 SERV4_IP, 2028 SERV4_PORT, 2029 NULL, 2030 SUCCESS, 2031 }, 2032 { 2033 SOCK_ADDR_TEST_GETPEERNAME, 2034 "getpeername4: attach prog with wrong attach type", 2035 getpeername_v4_prog_load_raw, 2036 getpeername_v4_prog_destroy_raw, 2037 BPF_CGROUP_INET6_GETSOCKNAME, 2038 &user_ops, 2039 AF_UNIX, 2040 SOCK_DGRAM, 2041 SERV4_REWRITE_IP, 2042 SERV4_REWRITE_PORT, 2043 SERV4_IP, 2044 SERV4_PORT, 2045 NULL, 2046 ATTACH_REJECT, 2047 }, 2048 { 2049 SOCK_ADDR_TEST_GETPEERNAME, 2050 "getpeername6: getpeername (stream)", 2051 getpeername_v6_prog_load, 2052 getpeername_v6_prog_destroy, 2053 BPF_CGROUP_INET6_GETPEERNAME, 2054 &user_ops, 2055 AF_INET6, 2056 SOCK_STREAM, 2057 SERV6_REWRITE_IP, 2058 SERV6_REWRITE_PORT, 2059 SERV6_IP, 2060 SERV6_PORT, 2061 NULL, 2062 SUCCESS, 2063 }, 2064 { 2065 SOCK_ADDR_TEST_GETPEERNAME, 2066 "getpeername6: getpeername (dgram)", 2067 getpeername_v6_prog_load, 2068 getpeername_v6_prog_destroy, 2069 BPF_CGROUP_INET6_GETPEERNAME, 2070 &user_ops, 2071 AF_INET6, 2072 SOCK_DGRAM, 2073 SERV6_REWRITE_IP, 2074 SERV6_REWRITE_PORT, 2075 SERV6_IP, 2076 SERV6_PORT, 2077 NULL, 2078 SUCCESS, 2079 }, 2080 { 2081 SOCK_ADDR_TEST_GETPEERNAME, 2082 "getpeername6: attach prog with wrong attach type", 2083 getpeername_v6_prog_load_raw, 2084 getpeername_v6_prog_destroy_raw, 2085 BPF_CGROUP_INET4_GETSOCKNAME, 2086 &user_ops, 2087 AF_INET6, 2088 SOCK_DGRAM, 2089 SERV6_REWRITE_IP, 2090 SERV6_REWRITE_PORT, 2091 SERV6_IP, 2092 SERV6_PORT, 2093 NULL, 2094 ATTACH_REJECT, 2095 }, 2096 { 2097 SOCK_ADDR_TEST_GETPEERNAME, 2098 "getpeername_unix: getpeername", 2099 getpeername_unix_prog_load, 2100 getpeername_unix_prog_destroy, 2101 BPF_CGROUP_UNIX_GETPEERNAME, 2102 &user_ops, 2103 AF_UNIX, 2104 SOCK_STREAM, 2105 SERVUN_ADDRESS, 2106 0, 2107 SERVUN_REWRITE_ADDRESS, 2108 0, 2109 NULL, 2110 SUCCESS, 2111 }, 2112 { 2113 SOCK_ADDR_TEST_GETPEERNAME, 2114 "getpeername_unix: attach prog with wrong attach type", 2115 getpeername_unix_prog_load_raw, 2116 getpeername_unix_prog_destroy_raw, 2117 BPF_CGROUP_INET4_GETSOCKNAME, 2118 &user_ops, 2119 AF_UNIX, 2120 SOCK_STREAM, 2121 SERVUN_ADDRESS, 2122 0, 2123 SERVUN_REWRITE_ADDRESS, 2124 0, 2125 NULL, 2126 ATTACH_REJECT, 2127 }, 2128 2129 /* getpeername - kernel calls */ 2130 { 2131 SOCK_ADDR_TEST_GETPEERNAME, 2132 "getpeername4: kernel_getpeername (stream)", 2133 getpeername_v4_prog_load, 2134 getpeername_v4_prog_destroy, 2135 BPF_CGROUP_INET4_GETPEERNAME, 2136 &kern_ops_kernel_sendmsg, 2137 AF_INET, 2138 SOCK_STREAM, 2139 SERV4_REWRITE_IP, 2140 SERV4_REWRITE_PORT, 2141 SERV4_IP, 2142 SERV4_PORT, 2143 NULL, 2144 SUCCESS, 2145 }, 2146 { 2147 SOCK_ADDR_TEST_GETPEERNAME, 2148 "getpeername4: kernel_getpeername (dgram)", 2149 getpeername_v4_prog_load, 2150 getpeername_v4_prog_destroy, 2151 BPF_CGROUP_INET4_GETPEERNAME, 2152 &kern_ops_kernel_sendmsg, 2153 AF_INET, 2154 SOCK_DGRAM, 2155 SERV4_REWRITE_IP, 2156 SERV4_REWRITE_PORT, 2157 SERV4_IP, 2158 SERV4_PORT, 2159 NULL, 2160 SUCCESS, 2161 }, 2162 { 2163 SOCK_ADDR_TEST_GETPEERNAME, 2164 "getpeername6: kernel_getpeername (stream)", 2165 getpeername_v6_prog_load, 2166 getpeername_v6_prog_destroy, 2167 BPF_CGROUP_INET6_GETPEERNAME, 2168 &kern_ops_kernel_sendmsg, 2169 AF_INET6, 2170 SOCK_STREAM, 2171 SERV6_REWRITE_IP, 2172 SERV6_REWRITE_PORT, 2173 SERV6_IP, 2174 SERV6_PORT, 2175 NULL, 2176 SUCCESS, 2177 }, 2178 { 2179 SOCK_ADDR_TEST_GETPEERNAME, 2180 "getpeername6: kernel_getpeername (dgram)", 2181 getpeername_v6_prog_load, 2182 getpeername_v6_prog_destroy, 2183 BPF_CGROUP_INET6_GETPEERNAME, 2184 &kern_ops_kernel_sendmsg, 2185 AF_INET6, 2186 SOCK_DGRAM, 2187 SERV6_REWRITE_IP, 2188 SERV6_REWRITE_PORT, 2189 SERV6_IP, 2190 SERV6_PORT, 2191 NULL, 2192 SUCCESS, 2193 }, 2194 { 2195 SOCK_ADDR_TEST_GETPEERNAME, 2196 "getpeername_unix: kernel_getpeername", 2197 getpeername_unix_prog_load, 2198 getpeername_unix_prog_destroy, 2199 BPF_CGROUP_UNIX_GETPEERNAME, 2200 &kern_ops_kernel_sendmsg, 2201 AF_UNIX, 2202 SOCK_STREAM, 2203 SERVUN_ADDRESS, 2204 0, 2205 SERVUN_REWRITE_ADDRESS, 2206 0, 2207 NULL, 2208 SUCCESS, 2209 }, 2210 }; 2211 2212 typedef int (*info_fn)(int, struct sockaddr *, socklen_t *); 2213 2214 static int cmp_addr(const struct sockaddr_storage *addr1, socklen_t addr1_len, 2215 const struct sockaddr_storage *addr2, socklen_t addr2_len, 2216 bool cmp_port) 2217 { 2218 const struct sockaddr_in *four1, *four2; 2219 const struct sockaddr_in6 *six1, *six2; 2220 const struct sockaddr_un *un1, *un2; 2221 2222 if (addr1->ss_family != addr2->ss_family) 2223 return -1; 2224 2225 if (addr1_len != addr2_len) 2226 return -1; 2227 2228 if (addr1->ss_family == AF_INET) { 2229 four1 = (const struct sockaddr_in *)addr1; 2230 four2 = (const struct sockaddr_in *)addr2; 2231 return !((four1->sin_port == four2->sin_port || !cmp_port) && 2232 four1->sin_addr.s_addr == four2->sin_addr.s_addr); 2233 } else if (addr1->ss_family == AF_INET6) { 2234 six1 = (const struct sockaddr_in6 *)addr1; 2235 six2 = (const struct sockaddr_in6 *)addr2; 2236 return !((six1->sin6_port == six2->sin6_port || !cmp_port) && 2237 !memcmp(&six1->sin6_addr, &six2->sin6_addr, 2238 sizeof(struct in6_addr))); 2239 } else if (addr1->ss_family == AF_UNIX) { 2240 un1 = (const struct sockaddr_un *)addr1; 2241 un2 = (const struct sockaddr_un *)addr2; 2242 return memcmp(un1, un2, addr1_len); 2243 } 2244 2245 return -1; 2246 } 2247 2248 static int cmp_sock_addr(info_fn fn, int sock1, 2249 const struct sockaddr_storage *addr2, 2250 socklen_t addr2_len, bool cmp_port) 2251 { 2252 struct sockaddr_storage addr1; 2253 socklen_t len1 = sizeof(addr1); 2254 2255 memset(&addr1, 0, len1); 2256 if (fn(sock1, (struct sockaddr *)&addr1, (socklen_t *)&len1) != 0) 2257 return -1; 2258 2259 return cmp_addr(&addr1, len1, addr2, addr2_len, cmp_port); 2260 } 2261 2262 static int load_sock_addr_kern(void) 2263 { 2264 int err; 2265 2266 skel = sock_addr_kern__open_and_load(); 2267 if (!ASSERT_OK_PTR(skel, "skel")) 2268 goto err; 2269 2270 err = 0; 2271 goto out; 2272 err: 2273 err = -1; 2274 out: 2275 return err; 2276 } 2277 2278 static void unload_sock_addr_kern(void) 2279 { 2280 sock_addr_kern__destroy(skel); 2281 } 2282 2283 static int test_bind(struct sock_addr_test *test) 2284 { 2285 struct sockaddr_storage expected_addr; 2286 socklen_t expected_addr_len = sizeof(struct sockaddr_storage); 2287 int serv = -1, client = -1, err; 2288 2289 serv = test->ops->start_server(test->socket_family, test->socket_type, 2290 test->requested_addr, 2291 test->requested_port, 0); 2292 if (serv < 0) { 2293 err = errno; 2294 goto err; 2295 } 2296 2297 err = make_sockaddr(test->socket_family, 2298 test->expected_addr, test->expected_port, 2299 &expected_addr, &expected_addr_len); 2300 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2301 goto cleanup; 2302 2303 err = cmp_sock_addr(test->ops->getsockname, serv, &expected_addr, 2304 expected_addr_len, true); 2305 if (!ASSERT_EQ(err, 0, "cmp_local_addr")) 2306 goto cleanup; 2307 2308 /* Try to connect to server just in case */ 2309 client = connect_to_addr(test->socket_type, &expected_addr, expected_addr_len, NULL); 2310 if (!ASSERT_GE(client, 0, "connect_to_addr")) 2311 goto cleanup; 2312 2313 cleanup: 2314 err = 0; 2315 err: 2316 if (client != -1) 2317 close(client); 2318 if (serv != -1) 2319 test->ops->close(serv); 2320 2321 return err; 2322 } 2323 2324 static int test_connect(struct sock_addr_test *test) 2325 { 2326 struct sockaddr_storage addr, expected_addr, expected_src_addr; 2327 socklen_t addr_len = sizeof(struct sockaddr_storage), 2328 expected_addr_len = sizeof(struct sockaddr_storage), 2329 expected_src_addr_len = sizeof(struct sockaddr_storage); 2330 int serv = -1, client = -1, err; 2331 2332 serv = start_server(test->socket_family, test->socket_type, 2333 test->expected_addr, test->expected_port, 0); 2334 if (!ASSERT_GE(serv, 0, "start_server")) 2335 goto cleanup; 2336 2337 err = make_sockaddr(test->socket_family, test->requested_addr, test->requested_port, 2338 &addr, &addr_len); 2339 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2340 goto cleanup; 2341 2342 client = test->ops->connect_to_addr(test->socket_type, &addr, addr_len, 2343 NULL); 2344 if (client < 0) { 2345 err = errno; 2346 goto err; 2347 } 2348 2349 err = make_sockaddr(test->socket_family, test->expected_addr, test->expected_port, 2350 &expected_addr, &expected_addr_len); 2351 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2352 goto cleanup; 2353 2354 if (test->expected_src_addr) { 2355 err = make_sockaddr(test->socket_family, test->expected_src_addr, 0, 2356 &expected_src_addr, &expected_src_addr_len); 2357 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2358 goto cleanup; 2359 } 2360 2361 err = cmp_sock_addr(test->ops->getpeername, client, &expected_addr, 2362 expected_addr_len, true); 2363 if (!ASSERT_EQ(err, 0, "cmp_peer_addr")) 2364 goto cleanup; 2365 2366 if (test->expected_src_addr) { 2367 err = cmp_sock_addr(test->ops->getsockname, client, 2368 &expected_src_addr, expected_src_addr_len, 2369 false); 2370 if (!ASSERT_EQ(err, 0, "cmp_local_addr")) 2371 goto cleanup; 2372 } 2373 cleanup: 2374 err = 0; 2375 err: 2376 if (client != -1) 2377 test->ops->close(client); 2378 if (serv != -1) 2379 close(serv); 2380 2381 return err; 2382 } 2383 2384 static int test_xmsg(struct sock_addr_test *test) 2385 { 2386 struct sockaddr_storage addr, src_addr; 2387 socklen_t addr_len = sizeof(struct sockaddr_storage), 2388 src_addr_len = sizeof(struct sockaddr_storage); 2389 char data = 'a'; 2390 int serv = -1, client = -1, err; 2391 2392 /* Unlike the other tests, here we test that we can rewrite the src addr 2393 * with a recvmsg() hook. 2394 */ 2395 2396 serv = start_server(test->socket_family, test->socket_type, 2397 test->expected_addr, test->expected_port, 0); 2398 if (!ASSERT_GE(serv, 0, "start_server")) 2399 goto cleanup; 2400 2401 client = test->ops->socket(test->socket_family, test->socket_type, 0); 2402 if (!ASSERT_GE(client, 0, "socket")) 2403 goto cleanup; 2404 2405 /* AF_UNIX sockets have to be bound to something to trigger the recvmsg bpf program. */ 2406 if (test->socket_family == AF_UNIX) { 2407 err = make_sockaddr(AF_UNIX, SRCUN_ADDRESS, 0, &src_addr, &src_addr_len); 2408 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2409 goto cleanup; 2410 2411 err = test->ops->bind(client, (struct sockaddr *)&src_addr, 2412 src_addr_len); 2413 if (!ASSERT_OK(err, "bind")) 2414 goto cleanup; 2415 } 2416 2417 err = make_sockaddr(test->socket_family, test->requested_addr, test->requested_port, 2418 &addr, &addr_len); 2419 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2420 goto cleanup; 2421 2422 if (test->socket_type == SOCK_DGRAM) { 2423 err = test->ops->sendmsg(client, (struct sockaddr *)&addr, 2424 addr_len, &data, sizeof(data)); 2425 if (err < 0) { 2426 err = errno; 2427 goto err; 2428 } 2429 2430 if (!ASSERT_EQ(err, sizeof(data), "sendmsg")) 2431 goto cleanup; 2432 } else { 2433 /* Testing with connection-oriented sockets is only valid for 2434 * recvmsg() tests. 2435 */ 2436 if (!ASSERT_EQ(test->type, SOCK_ADDR_TEST_RECVMSG, "recvmsg")) 2437 goto cleanup; 2438 2439 err = connect(client, (const struct sockaddr *)&addr, addr_len); 2440 if (!ASSERT_OK(err, "connect")) 2441 goto cleanup; 2442 2443 err = send(client, &data, sizeof(data), 0); 2444 if (!ASSERT_EQ(err, sizeof(data), "send")) 2445 goto cleanup; 2446 2447 err = listen(serv, 0); 2448 if (!ASSERT_OK(err, "listen")) 2449 goto cleanup; 2450 2451 err = accept(serv, NULL, NULL); 2452 if (!ASSERT_GE(err, 0, "accept")) 2453 goto cleanup; 2454 2455 close(serv); 2456 serv = err; 2457 } 2458 2459 addr_len = src_addr_len = sizeof(struct sockaddr_storage); 2460 2461 err = recvfrom(serv, &data, sizeof(data), 0, (struct sockaddr *) &src_addr, &src_addr_len); 2462 if (!ASSERT_EQ(err, sizeof(data), "recvfrom")) 2463 goto cleanup; 2464 2465 ASSERT_EQ(data, 'a', "data mismatch"); 2466 2467 if (test->expected_src_addr) { 2468 err = make_sockaddr(test->socket_family, test->expected_src_addr, 0, 2469 &addr, &addr_len); 2470 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2471 goto cleanup; 2472 2473 err = cmp_addr(&src_addr, src_addr_len, &addr, addr_len, false); 2474 if (!ASSERT_EQ(err, 0, "cmp_addr")) 2475 goto cleanup; 2476 } 2477 2478 cleanup: 2479 err = 0; 2480 err: 2481 if (client != -1) 2482 test->ops->close(client); 2483 if (serv != -1) 2484 close(serv); 2485 2486 return err; 2487 } 2488 2489 static int test_getsockname(struct sock_addr_test *test) 2490 { 2491 struct sockaddr_storage expected_addr; 2492 socklen_t expected_addr_len = sizeof(struct sockaddr_storage); 2493 int serv = -1, err; 2494 2495 serv = test->ops->start_server(test->socket_family, test->socket_type, 2496 test->requested_addr, test->requested_port, 0); 2497 if (!ASSERT_GE(serv, 0, "start_server")) 2498 goto cleanup; 2499 2500 err = make_sockaddr(test->socket_family, 2501 test->expected_addr, test->expected_port, 2502 &expected_addr, &expected_addr_len); 2503 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2504 goto cleanup; 2505 2506 err = cmp_sock_addr(test->ops->getsockname, serv, &expected_addr, expected_addr_len, true); 2507 if (!ASSERT_EQ(err, 0, "cmp_local_addr")) 2508 goto cleanup; 2509 2510 cleanup: 2511 if (serv != -1) 2512 test->ops->close(serv); 2513 2514 return 0; 2515 } 2516 2517 static int test_getpeername(struct sock_addr_test *test) 2518 { 2519 struct sockaddr_storage addr, expected_addr; 2520 socklen_t addr_len = sizeof(struct sockaddr_storage), 2521 expected_addr_len = sizeof(struct sockaddr_storage); 2522 int serv = -1, client = -1, err; 2523 2524 serv = start_server(test->socket_family, test->socket_type, 2525 test->requested_addr, test->requested_port, 0); 2526 if (!ASSERT_GE(serv, 0, "start_server")) 2527 goto cleanup; 2528 2529 err = make_sockaddr(test->socket_family, test->requested_addr, test->requested_port, 2530 &addr, &addr_len); 2531 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2532 goto cleanup; 2533 2534 client = test->ops->connect_to_addr(test->socket_type, &addr, addr_len, 2535 NULL); 2536 if (!ASSERT_GE(client, 0, "connect_to_addr")) 2537 goto cleanup; 2538 2539 err = make_sockaddr(test->socket_family, test->expected_addr, test->expected_port, 2540 &expected_addr, &expected_addr_len); 2541 if (!ASSERT_EQ(err, 0, "make_sockaddr")) 2542 goto cleanup; 2543 2544 err = cmp_sock_addr(test->ops->getpeername, client, &expected_addr, 2545 expected_addr_len, true); 2546 if (!ASSERT_EQ(err, 0, "cmp_peer_addr")) 2547 goto cleanup; 2548 2549 cleanup: 2550 if (client != -1) 2551 test->ops->close(client); 2552 if (serv != -1) 2553 close(serv); 2554 2555 return 0; 2556 } 2557 2558 static int setup_test_env(struct nstoken **tok) 2559 { 2560 int err; 2561 2562 SYS_NOFAIL("ip netns delete %s", TEST_NS); 2563 SYS(fail, "ip netns add %s", TEST_NS); 2564 *tok = open_netns(TEST_NS); 2565 if (!ASSERT_OK_PTR(*tok, "netns token")) 2566 goto fail; 2567 2568 SYS(fail, "ip link add dev %s1 type veth peer name %s2", TEST_IF_PREFIX, 2569 TEST_IF_PREFIX); 2570 SYS(fail, "ip link set lo up"); 2571 SYS(fail, "ip link set %s1 up", TEST_IF_PREFIX); 2572 SYS(fail, "ip link set %s2 up", TEST_IF_PREFIX); 2573 SYS(fail, "ip -4 addr add %s/8 dev %s1", TEST_IPV4, TEST_IF_PREFIX); 2574 SYS(fail, "ip -6 addr add %s/128 nodad dev %s1", TEST_IPV6, TEST_IF_PREFIX); 2575 2576 err = 0; 2577 goto out; 2578 fail: 2579 err = -1; 2580 close_netns(*tok); 2581 *tok = NULL; 2582 SYS_NOFAIL("ip netns delete %s", TEST_NS); 2583 out: 2584 return err; 2585 } 2586 2587 static void cleanup_test_env(struct nstoken *tok) 2588 { 2589 close_netns(tok); 2590 SYS_NOFAIL("ip netns delete %s", TEST_NS); 2591 } 2592 2593 void test_sock_addr(void) 2594 { 2595 struct nstoken *tok = NULL; 2596 int cgroup_fd = -1; 2597 void *skel; 2598 2599 cgroup_fd = test__join_cgroup("/sock_addr"); 2600 if (!ASSERT_GE(cgroup_fd, 0, "join_cgroup")) 2601 goto cleanup; 2602 2603 if (!ASSERT_OK(setup_test_env(&tok), "setup_test_env")) 2604 goto cleanup; 2605 2606 if (!ASSERT_OK(load_sock_addr_kern(), "load_sock_addr_kern")) 2607 goto cleanup; 2608 2609 for (size_t i = 0; i < ARRAY_SIZE(tests); ++i) { 2610 struct sock_addr_test *test = &tests[i]; 2611 int err; 2612 2613 if (!test__start_subtest(test->name)) 2614 continue; 2615 2616 skel = test->loadfn(cgroup_fd, test->attach_type, 2617 test->expected_result == LOAD_REJECT || 2618 test->expected_result == ATTACH_REJECT); 2619 if (!skel) 2620 continue; 2621 2622 switch (test->type) { 2623 /* Not exercised yet but we leave this code here for when the 2624 * INET and INET6 sockaddr tests are migrated to this file in 2625 * the future. 2626 */ 2627 case SOCK_ADDR_TEST_BIND: 2628 err = test_bind(test); 2629 break; 2630 case SOCK_ADDR_TEST_CONNECT: 2631 err = test_connect(test); 2632 break; 2633 case SOCK_ADDR_TEST_SENDMSG: 2634 case SOCK_ADDR_TEST_RECVMSG: 2635 err = test_xmsg(test); 2636 break; 2637 case SOCK_ADDR_TEST_GETSOCKNAME: 2638 err = test_getsockname(test); 2639 break; 2640 case SOCK_ADDR_TEST_GETPEERNAME: 2641 err = test_getpeername(test); 2642 break; 2643 default: 2644 ASSERT_TRUE(false, "Unknown sock addr test type"); 2645 err = -EINVAL; 2646 break; 2647 } 2648 2649 if (test->expected_result == SYSCALL_EPERM) 2650 ASSERT_EQ(err, EPERM, "socket operation returns EPERM"); 2651 else if (test->expected_result == SYSCALL_ENOTSUPP) 2652 ASSERT_EQ(err, ENOTSUPP, "socket operation returns ENOTSUPP"); 2653 else if (test->expected_result == SUCCESS) 2654 ASSERT_OK(err, "socket operation succeeds"); 2655 2656 test->destroyfn(skel); 2657 } 2658 2659 cleanup: 2660 unload_sock_addr_kern(); 2661 cleanup_test_env(tok); 2662 if (cgroup_fd >= 0) 2663 close(cgroup_fd); 2664 } 2665