| Message ID | 20210119155953.803818-3-revest@chromium.org (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | BPF |
| Headers | show |
| Series | [bpf-next,v5,1/4] bpf: Be less specific about socket cookies guarantees | expand |
On Tue, Jan 19, 2021 at 5:00 PM Florent Revest <revest@chromium.org> wrote: > > Currently, the selftest for the BPF socket_cookie helpers is built and > run independently from test_progs. It's easy to forget and hard to > maintain. > > This patch moves the socket cookies test into prog_tests/ and vastly > simplifies its logic by: > - rewriting the loading code with BPF skeletons > - rewriting the server/client code with network helpers > - rewriting the cgroup code with test__join_cgroup > - rewriting the error handling code with CHECKs > > Signed-off-by: Florent Revest <revest@chromium.org> Acked-by: KP Singh <kpsingh@kernel.org>
On Tue, Jan 19, 2021 at 8:00 AM Florent Revest <revest@chromium.org> wrote: > > Currently, the selftest for the BPF socket_cookie helpers is built and > run independently from test_progs. It's easy to forget and hard to > maintain. > > This patch moves the socket cookies test into prog_tests/ and vastly > simplifies its logic by: > - rewriting the loading code with BPF skeletons > - rewriting the server/client code with network helpers > - rewriting the cgroup code with test__join_cgroup > - rewriting the error handling code with CHECKs > > Signed-off-by: Florent Revest <revest@chromium.org> > --- Few nits below regarding skeleton and ASSERT_xxx usage. > tools/testing/selftests/bpf/Makefile | 3 +- > .../selftests/bpf/prog_tests/socket_cookie.c | 82 +++++++ > .../selftests/bpf/progs/socket_cookie_prog.c | 2 - > .../selftests/bpf/test_socket_cookie.c | 208 ------------------ please also update .gitignore > 4 files changed, 83 insertions(+), 212 deletions(-) > create mode 100644 tools/testing/selftests/bpf/prog_tests/socket_cookie.c > delete mode 100644 tools/testing/selftests/bpf/test_socket_cookie.c > [...] > + > + skel = socket_cookie_prog__open_and_load(); > + if (CHECK(!skel, "socket_cookie_prog__open_and_load", > + "skeleton open_and_load failed\n")) nit: ASSERT_PTR_OK > + return; > + > + cgroup_fd = test__join_cgroup("/socket_cookie"); > + if (CHECK(cgroup_fd < 0, "join_cgroup", "cgroup creation failed\n")) > + goto destroy_skel; > + > + set_link = bpf_program__attach_cgroup(skel->progs.set_cookie, > + cgroup_fd); you can use skel->links->set_cookie here and it will be auto-destroyed when the whole skeleton is destroyed. More simplification. > + if (CHECK(IS_ERR(set_link), "set-link-cg-attach", "err %ld\n", > + PTR_ERR(set_link))) > + goto close_cgroup_fd; > + > + update_link = bpf_program__attach_cgroup(skel->progs.update_cookie, > + cgroup_fd); same as above, no need to maintain your link outside of skeleton > + if (CHECK(IS_ERR(update_link), "update-link-cg-attach", "err %ld\n", > + PTR_ERR(update_link))) > + goto free_set_link; > + > + server_fd = start_server(AF_INET6, SOCK_STREAM, "::1", 0, 0); > + if (CHECK(server_fd < 0, "start_server", "errno %d\n", errno)) > + goto free_update_link; > + > + client_fd = connect_to_fd(server_fd, 0); > + if (CHECK(client_fd < 0, "connect_to_fd", "errno %d\n", errno)) > + goto close_server_fd; nit: ASSERT_OK is nicer (here and in few other places) > + > + err = bpf_map_lookup_elem(bpf_map__fd(skel->maps.socket_cookies), > + &client_fd, &val); > + if (CHECK(err, "map_lookup", "err %d errno %d\n", err, errno)) > + goto close_client_fd; > + > + err = getsockname(client_fd, (struct sockaddr *)&addr, &addr_len); > + if (CHECK(err, "getsockname", "Can't get client local addr\n")) > + goto close_client_fd; > + > + cookie_expected_value = (ntohs(addr.sin6_port) << 8) | 0xFF; > + CHECK(val.cookie_value != cookie_expected_value, "", > + "Unexpected value in map: %x != %x\n", val.cookie_value, > + cookie_expected_value); nit: ASSERT_NEQ is nicer > + > +close_client_fd: > + close(client_fd); > +close_server_fd: > + close(server_fd); > +free_update_link: > + bpf_link__destroy(update_link); > +free_set_link: > + bpf_link__destroy(set_link); > +close_cgroup_fd: > + close(cgroup_fd); > +destroy_skel: > + socket_cookie_prog__destroy(skel); > +} [...]
On Thu, Jan 21, 2021 at 8:55 AM Andrii Nakryiko <andrii.nakryiko@gmail.com> wrote: > > On Tue, Jan 19, 2021 at 8:00 AM Florent Revest <revest@chromium.org> wrote: > > > > Currently, the selftest for the BPF socket_cookie helpers is built and > > run independently from test_progs. It's easy to forget and hard to > > maintain. > > > > This patch moves the socket cookies test into prog_tests/ and vastly > > simplifies its logic by: > > - rewriting the loading code with BPF skeletons > > - rewriting the server/client code with network helpers > > - rewriting the cgroup code with test__join_cgroup > > - rewriting the error handling code with CHECKs > > > > Signed-off-by: Florent Revest <revest@chromium.org> > > --- > > Few nits below regarding skeleton and ASSERT_xxx usage. > > > tools/testing/selftests/bpf/Makefile | 3 +- > > .../selftests/bpf/prog_tests/socket_cookie.c | 82 +++++++ > > .../selftests/bpf/progs/socket_cookie_prog.c | 2 - > > .../selftests/bpf/test_socket_cookie.c | 208 ------------------ > > please also update .gitignore Good catch! > > 4 files changed, 83 insertions(+), 212 deletions(-) > > create mode 100644 tools/testing/selftests/bpf/prog_tests/socket_cookie.c > > delete mode 100644 tools/testing/selftests/bpf/test_socket_cookie.c > > > > [...] > > > + > > + skel = socket_cookie_prog__open_and_load(); > > + if (CHECK(!skel, "socket_cookie_prog__open_and_load", > > + "skeleton open_and_load failed\n")) > > nit: ASSERT_PTR_OK Ah great, I find the ASSERT semantic much easier to follow than CHECKs. > > + return; > > + > > + cgroup_fd = test__join_cgroup("/socket_cookie"); > > + if (CHECK(cgroup_fd < 0, "join_cgroup", "cgroup creation failed\n")) > > + goto destroy_skel; > > + > > + set_link = bpf_program__attach_cgroup(skel->progs.set_cookie, > > + cgroup_fd); > > you can use skel->links->set_cookie here and it will be auto-destroyed > when the whole skeleton is destroyed. More simplification. Sick. :) > > + if (CHECK(IS_ERR(set_link), "set-link-cg-attach", "err %ld\n", > > + PTR_ERR(set_link))) > > + goto close_cgroup_fd; > > + > > + update_link = bpf_program__attach_cgroup(skel->progs.update_cookie, > > + cgroup_fd); > > same as above, no need to maintain your link outside of skeleton > > > > + if (CHECK(IS_ERR(update_link), "update-link-cg-attach", "err %ld\n", > > + PTR_ERR(update_link))) > > + goto free_set_link; > > + > > + server_fd = start_server(AF_INET6, SOCK_STREAM, "::1", 0, 0); > > + if (CHECK(server_fd < 0, "start_server", "errno %d\n", errno)) > > + goto free_update_link; > > + > > + client_fd = connect_to_fd(server_fd, 0); > > + if (CHECK(client_fd < 0, "connect_to_fd", "errno %d\n", errno)) > > + goto close_server_fd; > > nit: ASSERT_OK is nicer (here and in few other places) Did you mean ASSERT_OK for the two following err checks ? ASSERT_OK does not seem right for a fd check where we want fd to be positive. ASSERT_OK does: "bool ___ok = ___res == 0;" I will keep my "CHECK(fd < 0" but maybe there could be an ASSERT_POSITIVE that does "bool ___ok = ___res >= 0;" > > + > > + err = bpf_map_lookup_elem(bpf_map__fd(skel->maps.socket_cookies), > > + &client_fd, &val); > > + if (CHECK(err, "map_lookup", "err %d errno %d\n", err, errno)) > > + goto close_client_fd; > > + > > + err = getsockname(client_fd, (struct sockaddr *)&addr, &addr_len); > > + if (CHECK(err, "getsockname", "Can't get client local addr\n")) > > + goto close_client_fd; > > + > > + cookie_expected_value = (ntohs(addr.sin6_port) << 8) | 0xFF; > > + CHECK(val.cookie_value != cookie_expected_value, "", > > + "Unexpected value in map: %x != %x\n", val.cookie_value, > > + cookie_expected_value); > > nit: ASSERT_NEQ is nicer Indeed. > > + > > +close_client_fd: > > + close(client_fd); > > +close_server_fd: > > + close(server_fd); > > +free_update_link: > > + bpf_link__destroy(update_link); > > +free_set_link: > > + bpf_link__destroy(set_link); > > +close_cgroup_fd: > > + close(cgroup_fd); > > +destroy_skel: > > + socket_cookie_prog__destroy(skel); > > +} > > [...]
On Fri, Jan 22, 2021 at 6:35 AM Florent Revest <revest@chromium.org> wrote: > > On Thu, Jan 21, 2021 at 8:55 AM Andrii Nakryiko > <andrii.nakryiko@gmail.com> wrote: > > > > On Tue, Jan 19, 2021 at 8:00 AM Florent Revest <revest@chromium.org> wrote: > > > > > > Currently, the selftest for the BPF socket_cookie helpers is built and > > > run independently from test_progs. It's easy to forget and hard to > > > maintain. > > > > > > This patch moves the socket cookies test into prog_tests/ and vastly > > > simplifies its logic by: > > > - rewriting the loading code with BPF skeletons > > > - rewriting the server/client code with network helpers > > > - rewriting the cgroup code with test__join_cgroup > > > - rewriting the error handling code with CHECKs > > > > > > Signed-off-by: Florent Revest <revest@chromium.org> > > > --- > > > > Few nits below regarding skeleton and ASSERT_xxx usage. > > > > > tools/testing/selftests/bpf/Makefile | 3 +- > > > .../selftests/bpf/prog_tests/socket_cookie.c | 82 +++++++ > > > .../selftests/bpf/progs/socket_cookie_prog.c | 2 - > > > .../selftests/bpf/test_socket_cookie.c | 208 ------------------ > > > > please also update .gitignore > > Good catch! > > > > 4 files changed, 83 insertions(+), 212 deletions(-) > > > create mode 100644 tools/testing/selftests/bpf/prog_tests/socket_cookie.c > > > delete mode 100644 tools/testing/selftests/bpf/test_socket_cookie.c > > > > > > > [...] > > > > > + > > > + skel = socket_cookie_prog__open_and_load(); > > > + if (CHECK(!skel, "socket_cookie_prog__open_and_load", > > > + "skeleton open_and_load failed\n")) > > > > nit: ASSERT_PTR_OK > > Ah great, I find the ASSERT semantic much easier to follow than CHECKs. > > > > + return; > > > + > > > + cgroup_fd = test__join_cgroup("/socket_cookie"); > > > + if (CHECK(cgroup_fd < 0, "join_cgroup", "cgroup creation failed\n")) > > > + goto destroy_skel; > > > + > > > + set_link = bpf_program__attach_cgroup(skel->progs.set_cookie, > > > + cgroup_fd); > > > > you can use skel->links->set_cookie here and it will be auto-destroyed > > when the whole skeleton is destroyed. More simplification. > > Sick. :) > > > > + if (CHECK(IS_ERR(set_link), "set-link-cg-attach", "err %ld\n", > > > + PTR_ERR(set_link))) > > > + goto close_cgroup_fd; > > > + > > > + update_link = bpf_program__attach_cgroup(skel->progs.update_cookie, > > > + cgroup_fd); > > > > same as above, no need to maintain your link outside of skeleton > > > > > > > + if (CHECK(IS_ERR(update_link), "update-link-cg-attach", "err %ld\n", > > > + PTR_ERR(update_link))) > > > + goto free_set_link; > > > + > > > + server_fd = start_server(AF_INET6, SOCK_STREAM, "::1", 0, 0); > > > + if (CHECK(server_fd < 0, "start_server", "errno %d\n", errno)) > > > + goto free_update_link; > > > + > > > + client_fd = connect_to_fd(server_fd, 0); > > > + if (CHECK(client_fd < 0, "connect_to_fd", "errno %d\n", errno)) > > > + goto close_server_fd; > > > > nit: ASSERT_OK is nicer (here and in few other places) > > Did you mean ASSERT_OK for the two following err checks ? > > ASSERT_OK does not seem right for a fd check where we want fd to be > positive. ASSERT_OK does: "bool ___ok = ___res == 0;" > > I will keep my "CHECK(fd < 0" but maybe there could be an > ASSERT_POSITIVE that does "bool ___ok = ___res >= 0;" Ah, I missed that it's returning FD, sorry. For FD we'd have to add the ASSERT_GEQ(fd, 0, "blah") variant. So yeah, stick to CHECK for now. > > > > + > > > + err = bpf_map_lookup_elem(bpf_map__fd(skel->maps.socket_cookies), > > > + &client_fd, &val); > > > + if (CHECK(err, "map_lookup", "err %d errno %d\n", err, errno)) > > > + goto close_client_fd; > > > + > > > + err = getsockname(client_fd, (struct sockaddr *)&addr, &addr_len); > > > + if (CHECK(err, "getsockname", "Can't get client local addr\n")) > > > + goto close_client_fd; > > > + > > > + cookie_expected_value = (ntohs(addr.sin6_port) << 8) | 0xFF; > > > + CHECK(val.cookie_value != cookie_expected_value, "", > > > + "Unexpected value in map: %x != %x\n", val.cookie_value, > > > + cookie_expected_value); > > > > nit: ASSERT_NEQ is nicer > > Indeed. > > > > + > > > +close_client_fd: > > > + close(client_fd); > > > +close_server_fd: > > > + close(server_fd); > > > +free_update_link: > > > + bpf_link__destroy(update_link); > > > +free_set_link: > > > + bpf_link__destroy(set_link); > > > +close_cgroup_fd: > > > + close(cgroup_fd); > > > +destroy_skel: > > > + socket_cookie_prog__destroy(skel); > > > +} > > > > [...]
diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile index 63d6288e419c..af00fe3b7fb9 100644 --- a/tools/testing/selftests/bpf/Makefile +++ b/tools/testing/selftests/bpf/Makefile @@ -33,7 +33,7 @@ LDLIBS += -lcap -lelf -lz -lrt -lpthread # Order correspond to 'make run_tests' order TEST_GEN_PROGS = test_verifier test_tag test_maps test_lru_map test_lpm_map test_progs \ test_verifier_log test_dev_cgroup \ - test_sock test_sockmap get_cgroup_id_user test_socket_cookie \ + test_sock test_sockmap get_cgroup_id_user \ test_cgroup_storage \ test_netcnt test_tcpnotify_user test_sysctl \ test_progs-no_alu32 @@ -187,7 +187,6 @@ $(OUTPUT)/test_dev_cgroup: cgroup_helpers.c $(OUTPUT)/test_skb_cgroup_id_user: cgroup_helpers.c $(OUTPUT)/test_sock: cgroup_helpers.c $(OUTPUT)/test_sock_addr: cgroup_helpers.c -$(OUTPUT)/test_socket_cookie: cgroup_helpers.c $(OUTPUT)/test_sockmap: cgroup_helpers.c $(OUTPUT)/test_tcpnotify_user: cgroup_helpers.c trace_helpers.c $(OUTPUT)/get_cgroup_id_user: cgroup_helpers.c diff --git a/tools/testing/selftests/bpf/prog_tests/socket_cookie.c b/tools/testing/selftests/bpf/prog_tests/socket_cookie.c new file mode 100644 index 000000000000..53d0c44e7907 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/socket_cookie.c @@ -0,0 +1,82 @@ +// SPDX-License-Identifier: GPL-2.0 +// Copyright (c) 2020 Google LLC. +// Copyright (c) 2018 Facebook + +#include <test_progs.h> +#include "socket_cookie_prog.skel.h" +#include "network_helpers.h" + +static int duration; + +struct socket_cookie { + __u64 cookie_key; + __u32 cookie_value; +}; + +void test_socket_cookie(void) +{ + socklen_t addr_len = sizeof(struct sockaddr_in6); + struct bpf_link *set_link, *update_link; + int server_fd, client_fd, cgroup_fd; + struct socket_cookie_prog *skel; + __u32 cookie_expected_value; + struct sockaddr_in6 addr; + struct socket_cookie val; + int err = 0; + + skel = socket_cookie_prog__open_and_load(); + if (CHECK(!skel, "socket_cookie_prog__open_and_load", + "skeleton open_and_load failed\n")) + return; + + cgroup_fd = test__join_cgroup("/socket_cookie"); + if (CHECK(cgroup_fd < 0, "join_cgroup", "cgroup creation failed\n")) + goto destroy_skel; + + set_link = bpf_program__attach_cgroup(skel->progs.set_cookie, + cgroup_fd); + if (CHECK(IS_ERR(set_link), "set-link-cg-attach", "err %ld\n", + PTR_ERR(set_link))) + goto close_cgroup_fd; + + update_link = bpf_program__attach_cgroup(skel->progs.update_cookie, + cgroup_fd); + if (CHECK(IS_ERR(update_link), "update-link-cg-attach", "err %ld\n", + PTR_ERR(update_link))) + goto free_set_link; + + server_fd = start_server(AF_INET6, SOCK_STREAM, "::1", 0, 0); + if (CHECK(server_fd < 0, "start_server", "errno %d\n", errno)) + goto free_update_link; + + client_fd = connect_to_fd(server_fd, 0); + if (CHECK(client_fd < 0, "connect_to_fd", "errno %d\n", errno)) + goto close_server_fd; + + err = bpf_map_lookup_elem(bpf_map__fd(skel->maps.socket_cookies), + &client_fd, &val); + if (CHECK(err, "map_lookup", "err %d errno %d\n", err, errno)) + goto close_client_fd; + + err = getsockname(client_fd, (struct sockaddr *)&addr, &addr_len); + if (CHECK(err, "getsockname", "Can't get client local addr\n")) + goto close_client_fd; + + cookie_expected_value = (ntohs(addr.sin6_port) << 8) | 0xFF; + CHECK(val.cookie_value != cookie_expected_value, "", + "Unexpected value in map: %x != %x\n", val.cookie_value, + cookie_expected_value); + +close_client_fd: + close(client_fd); +close_server_fd: + close(server_fd); +free_update_link: + bpf_link__destroy(update_link); +free_set_link: + bpf_link__destroy(set_link); +close_cgroup_fd: + close(cgroup_fd); +destroy_skel: + socket_cookie_prog__destroy(skel); +} diff --git a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c index 0cb5656a22b0..81e84be6f86d 100644 --- a/tools/testing/selftests/bpf/progs/socket_cookie_prog.c +++ b/tools/testing/selftests/bpf/progs/socket_cookie_prog.c @@ -65,6 +65,4 @@ int update_cookie(struct bpf_sock_ops *ctx) return 1; } -int _version SEC("version") = 1; - char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_socket_cookie.c b/tools/testing/selftests/bpf/test_socket_cookie.c deleted file mode 100644 index ca7ca87e91aa..000000000000 --- a/tools/testing/selftests/bpf/test_socket_cookie.c +++ /dev/null @@ -1,208 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0 -// Copyright (c) 2018 Facebook - -#include <string.h> -#include <unistd.h> - -#include <arpa/inet.h> -#include <netinet/in.h> -#include <sys/types.h> -#include <sys/socket.h> - -#include <bpf/bpf.h> -#include <bpf/libbpf.h> - -#include "bpf_rlimit.h" -#include "cgroup_helpers.h" - -#define CG_PATH "/foo" -#define SOCKET_COOKIE_PROG "./socket_cookie_prog.o" - -struct socket_cookie { - __u64 cookie_key; - __u32 cookie_value; -}; - -static int start_server(void) -{ - struct sockaddr_in6 addr; - int fd; - - fd = socket(AF_INET6, SOCK_STREAM, 0); - if (fd == -1) { - log_err("Failed to create server socket"); - goto out; - } - - memset(&addr, 0, sizeof(addr)); - addr.sin6_family = AF_INET6; - addr.sin6_addr = in6addr_loopback; - addr.sin6_port = 0; - - if (bind(fd, (const struct sockaddr *)&addr, sizeof(addr)) == -1) { - log_err("Failed to bind server socket"); - goto close_out; - } - - if (listen(fd, 128) == -1) { - log_err("Failed to listen on server socket"); - goto close_out; - } - - goto out; - -close_out: - close(fd); - fd = -1; -out: - return fd; -} - -static int connect_to_server(int server_fd) -{ - struct sockaddr_storage addr; - socklen_t len = sizeof(addr); - int fd; - - fd = socket(AF_INET6, SOCK_STREAM, 0); - if (fd == -1) { - log_err("Failed to create client socket"); - goto out; - } - - if (getsockname(server_fd, (struct sockaddr *)&addr, &len)) { - log_err("Failed to get server addr"); - goto close_out; - } - - if (connect(fd, (const struct sockaddr *)&addr, len) == -1) { - log_err("Fail to connect to server"); - goto close_out; - } - - goto out; - -close_out: - close(fd); - fd = -1; -out: - return fd; -} - -static int validate_map(struct bpf_map *map, int client_fd) -{ - __u32 cookie_expected_value; - struct sockaddr_in6 addr; - socklen_t len = sizeof(addr); - struct socket_cookie val; - int err = 0; - int map_fd; - - if (!map) { - log_err("Map not found in BPF object"); - goto err; - } - - map_fd = bpf_map__fd(map); - - err = bpf_map_lookup_elem(map_fd, &client_fd, &val); - - err = getsockname(client_fd, (struct sockaddr *)&addr, &len); - if (err) { - log_err("Can't get client local addr"); - goto out; - } - - cookie_expected_value = (ntohs(addr.sin6_port) << 8) | 0xFF; - if (val.cookie_value != cookie_expected_value) { - log_err("Unexpected value in map: %x != %x", val.cookie_value, - cookie_expected_value); - goto err; - } - - goto out; -err: - err = -1; -out: - return err; -} - -static int run_test(int cgfd) -{ - enum bpf_attach_type attach_type; - struct bpf_prog_load_attr attr; - struct bpf_program *prog; - struct bpf_object *pobj; - const char *prog_name; - int server_fd = -1; - int client_fd = -1; - int prog_fd = -1; - int err = 0; - - memset(&attr, 0, sizeof(attr)); - attr.file = SOCKET_COOKIE_PROG; - attr.prog_type = BPF_PROG_TYPE_UNSPEC; - attr.prog_flags = BPF_F_TEST_RND_HI32; - - err = bpf_prog_load_xattr(&attr, &pobj, &prog_fd); - if (err) { - log_err("Failed to load %s", attr.file); - goto out; - } - - bpf_object__for_each_program(prog, pobj) { - prog_name = bpf_program__section_name(prog); - - if (libbpf_attach_type_by_name(prog_name, &attach_type)) - goto err; - - err = bpf_prog_attach(bpf_program__fd(prog), cgfd, attach_type, - BPF_F_ALLOW_OVERRIDE); - if (err) { - log_err("Failed to attach prog %s", prog_name); - goto out; - } - } - - server_fd = start_server(); - if (server_fd == -1) - goto err; - - client_fd = connect_to_server(server_fd); - if (client_fd == -1) - goto err; - - if (validate_map(bpf_map__next(NULL, pobj), client_fd)) - goto err; - - goto out; -err: - err = -1; -out: - close(client_fd); - close(server_fd); - bpf_object__close(pobj); - printf("%s\n", err ? "FAILED" : "PASSED"); - return err; -} - -int main(int argc, char **argv) -{ - int cgfd = -1; - int err = 0; - - cgfd = cgroup_setup_and_join(CG_PATH); - if (cgfd < 0) - goto err; - - if (run_test(cgfd)) - goto err; - - goto out; -err: - err = -1; -out: - close(cgfd); - cleanup_cgroup_environment(); - return err; -}
Currently, the selftest for the BPF socket_cookie helpers is built and run independently from test_progs. It's easy to forget and hard to maintain. This patch moves the socket cookies test into prog_tests/ and vastly simplifies its logic by: - rewriting the loading code with BPF skeletons - rewriting the server/client code with network helpers - rewriting the cgroup code with test__join_cgroup - rewriting the error handling code with CHECKs Signed-off-by: Florent Revest <revest@chromium.org> --- tools/testing/selftests/bpf/Makefile | 3 +- .../selftests/bpf/prog_tests/socket_cookie.c | 82 +++++++ .../selftests/bpf/progs/socket_cookie_prog.c | 2 - .../selftests/bpf/test_socket_cookie.c | 208 ------------------ 4 files changed, 83 insertions(+), 212 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/socket_cookie.c delete mode 100644 tools/testing/selftests/bpf/test_socket_cookie.c