Add Go tests for memfd and friends (#186)

* Add Go tests for all new probes * Skip test_bins from clang-format Those are partially imported source files that are best to leave unchanged. * Remove repeated line Co-authored-by: Nicholas Berlin <[email protected]> * Remove rebase artifact * Fix redefine warnings * Address review comments * Fix memfd includes * wrapping up * try tinkering with machine type * change machine type * figure out what machines we can use * use correct machine command * tinkering * tinkering * still tinkering * tinker with fork test * fix ForkExec * fix ForkExec * fix ForkExec * remove kernel tests --------- Co-authored-by: Nicholas Berlin <[email protected]> Co-authored-by: fearful-symmetry <[email protected]>
elastic · Jan 22, 2025 · 6794fb8 · 6794fb8
1 parent c16e7ef
commit 6794fb8
Show file tree

Hide file tree

Showing 17 changed files with 127,247 additions and 29 deletions.
diff --git a/Makefile b/Makefile
@@ -55,7 +55,7 @@ ifdef DEBUG
 endif
 
 # Directories to search recursively for c/cpp source files to clang-format
-FORMAT_DIRS = GPL/ non-GPL/ testing/test_bins
+FORMAT_DIRS = GPL/ non-GPL/
 
 .PHONY = build package clean container format test-format release-container update-kims kip
 

diff --git a/non-GPL/Events/EventsTrace/EventsTrace.c b/non-GPL/Events/EventsTrace/EventsTrace.c
@@ -837,8 +837,8 @@ static void out_process_exec(struct ebpf_process_exec_event *evt)
     out_comma();
     out_bool("is_memfd", evt->flags & EXEC_F_MEMFD);
     out_comma();
-    unsigned int nlinks = evt->inode_nlink;
-    out_uint("inode_nlinks", nlinks);
+    unsigned int nlink = evt->inode_nlink;
+    out_uint("inode_nlink", nlink);
 
     struct ebpf_varlen_field *field;
     FOR_EACH_VARLEN_FIELD(evt->vl_fields, field)

diff --git a/testing/README.md b/testing/README.md
@@ -25,6 +25,8 @@ process is repeated on several different kernels run in QEMU.
 Before running tests, you will need to have built all artifacts in the repo
 with `make build ARCH=<arch>`, then package them with `make package`.
 
+You'll also need to compile the test binaries, with `make testbins`.
+
 To run tests, you will need to have a directory containing all the kernel
 images you want to test. Then invoke:
 
@@ -61,7 +63,8 @@ This test framework leverages the go stdlib test suite, so all ebpf tests can
 be run as normal go tests, outside of the bluebox VMs:
 
 ```
-#compile the test in advance, so we don't need root to have a go environment
+# compile the test in advance, so we don't need root to have a go environment
+cd testing/testrunner
 go test -c
 # run all tests
 sudo ./testrunner.test

diff --git a/testing/kernel_builder/Dockerfile.new → testing/kernel_builder/Dockerfile b/testing/kernel_builder/Dockerfile.new → testing/kernel_builder/Dockerfile
@@ -4,8 +4,8 @@ RUN dpkg --add-architecture arm64
 RUN apt-get -y update
 RUN apt-get -y install \
         git gcc make libssl-dev bison flex bc libelf-dev python3 \
-        gcc-aarch64-linux-gnu curl xz-utils dwarves \
-        cmake zlib1g libdw1 libdw-dev
+        gcc-aarch64-linux-gnu curl dwarves xz-utils \
+        cmake zlib1g libdw1 libdw-dev rsync
 
 RUN git clone https://git.kernel.org/pub/scm/devel/pahole/pahole.git /pahole
 WORKDIR /pahole

diff --git a/testing/kernel_builder/Dockerfile.old b/testing/kernel_builder/Dockerfile.old
diff --git a/testing/kernel_builder/Makefile b/testing/kernel_builder/Makefile
@@ -4,9 +4,7 @@ IMAGE=kernel-builder-local
 TAG=latest
 
 all:
-	${CONTAINER_ENGINE} run -v ${PWD}:/work ${IMAGE}-old:${TAG}
 	${CONTAINER_ENGINE} run -v ${PWD}:/work ${IMAGE}-new:${TAG}
 
 image:
-	${CONTAINER_ENGINE} build -f Dockerfile.old -t ${IMAGE}-old:${TAG}
-	${CONTAINER_ENGINE} build -f Dockerfile.new -t ${IMAGE}-new:${TAG}
+	${CONTAINER_ENGINE} build -f Dockerfile -t ${IMAGE}-new:${TAG} .
diff --git a/testing/kernel_builder/build.sh b/testing/kernel_builder/build.sh
@@ -53,6 +53,7 @@ build_kernel() {
     local arch=$1
     local src_dir=$2
     local dest=$3
+    local version=$4
 
     local make_arch
     local make_cc
@@ -77,7 +78,11 @@ build_kernel() {
     ARCH=${make_arch} make defconfig
     cat $customconfig >> .config
     yes | ARCH=${make_arch} make olddefconfig
+    yes | ARCH=${make_arch} CROSS_COMPILE=${make_cc} make -j$(nproc)
     yes | ARCH=${make_arch} CROSS_COMPILE=${make_cc} make ${make_target} -j$(nproc)
+    yes | ARCH=${make_arch} CROSS_COMPILE=${make_cc} make modules_prepare -j$(nproc)
+    yes | ARCH=${make_arch} CROSS_COMPILE=${make_cc} make vmlinux -j$(nproc)
+    yes | ARCH=${make_arch} CROSS_COMPILE=${make_cc} make headers_install -j$(nproc) INSTALL_HDR_PATH=linux-headers-${version}-${make_arch}
     popd
 
     mv ${src_dir}/${output_file} ${dest}
@@ -99,7 +104,8 @@ fetch_and_build() {
         build_kernel \
             ${arch} \
             ${KERNEL_OUTPUT_DIR}/src/linux-${version} \
-            ${KERNEL_OUTPUT_DIR}/bin/${arch}/linux-${arch}-${version}
+            ${KERNEL_OUTPUT_DIR}/bin/${arch}/linux-${arch}-${version} \
+            ${version}
     done
 }
 

diff --git a/testing/kernel_builder/config.custom b/testing/kernel_builder/config.custom
@@ -53,3 +53,8 @@ CONFIG_IPV6=y
 # Enable taskstats (not on by default in aarch64 pre-5.18). This
 # will create a taskstats_exit function (which we hook)
 CONFIG_TASKSTATS=y
+
+
+# Modules support
+CONFIG_MODULES=y
+CONFIG_MODULE_UNLOAD=y
diff --git a/testing/scripts/invoke_qemu.sh b/testing/scripts/invoke_qemu.sh
@@ -96,9 +96,10 @@ main() {
     elif [[ $arch == "x86_64" ]]; then
         # x86_64 uses ttyS0 for the first serial port
         bootparams+=" console=ttyS0"
+        extra_args+=" -machine accel=kvm"
     fi
 
-    qemu-system-${arch} \
+    sudo qemu-system-${arch} \
         -nographic -m 1G \
         -smp 8 \
         -kernel $kernel \

diff --git a/testing/test_bins/fork_exec.c b/testing/test_bins/fork_exec.c
@@ -7,6 +7,8 @@
  * License 2.0.
  */
 
+#define _GNU_SOURCE
+
 #include <stdio.h>
 #include <sys/types.h>
 #include <unistd.h>
@@ -32,9 +34,22 @@ int main()
         int wstatus;
         wait(&wstatus);
 
+        uid_t ruid, euid, suid;
+        gid_t rgid, egid, sgid;
+
+        if (getresuid(&ruid, &euid, &suid) == -1) {
+            perror("getresuid failed");
+            return 1;
+        }
+
+        if (getresgid(&rgid, &egid, &sgid) == -1) {
+            perror("getresgid failed");
+            return 1;
+        }
+
         char pid_info[8192];
         gen_pid_info_json(pid_info, sizeof(pid_info));
-        printf("{ \"parent_info\": %s, \"child_pid\": %d}\n", pid_info, pid);
+        printf("{ \"parent_info\": %s, \"child_pid\": %d, \"is_setuid\": false, \"is_setgid\": false, \"is_memfd\": false, \"ruid\": %u, \"euid\": %u, \"suid\": %u, \"rgid\": %u, \"egid\": %u, \"sgid\": %u }\n", pid_info, pid, ruid, euid, suid, rgid, egid, sgid);
     } else {
         char *env_list[] = {"TEST_ENV_KEY1=TEST_ENV_VAL1", "TEST_ENV_KEY2=TEST_ENV_VAL2", NULL};
         CHECK(execle("./do_nothing", "./do_nothing", NULL, env_list), -1);