1#!/bin/bash
 2# SPDX-License-Identifier: GPL-2.0
 3
 4BPFFS=/sys/fs/bpf
 5LINK_PIN=$BPFFS/test_cgrp2_sock2
 6
 7function config_device {
 8	ip netns add at_ns0
 9	ip link add veth0 type veth peer name veth0b
10	ip link set veth0b up
11	ip link set veth0 netns at_ns0
12	ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
13	ip netns exec at_ns0 ip addr add 2401:db00::1/64 dev veth0 nodad
14	ip netns exec at_ns0 ip link set dev veth0 up
15	ip addr add 172.16.1.101/24 dev veth0b
16	ip addr add 2401:db00::2/64 dev veth0b nodad
17}
18
19function config_cgroup {
20	rm -rf /tmp/cgroupv2
21	mkdir -p /tmp/cgroupv2
22	mount -t cgroup2 none /tmp/cgroupv2
23	mkdir -p /tmp/cgroupv2/foo
24	echo $$ >> /tmp/cgroupv2/foo/cgroup.procs
25}
26
27function config_bpffs {
28	if mount | grep $BPFFS > /dev/null; then
29		echo "bpffs already mounted"
30	else
31		echo "bpffs not mounted. Mounting..."
32		mount -t bpf none $BPFFS
33	fi
34}
35
36function attach_bpf {
37	./test_cgrp2_sock2 /tmp/cgroupv2/foo sock_flags_kern.o $1
38	[ $? -ne 0 ] && exit 1
39}
40
41function cleanup {
42	rm -rf $LINK_PIN
43	ip link del veth0b
44	ip netns delete at_ns0
45	umount /tmp/cgroupv2
46	rm -rf /tmp/cgroupv2
47}
48
49cleanup 2>/dev/null
50
51set -e
52config_device
53config_cgroup
54config_bpffs
55set +e
56
57#
58# Test 1 - fail ping6
59#
60attach_bpf 0
61ping -c1 -w1 172.16.1.100
62if [ $? -ne 0 ]; then
63	echo "ping failed when it should succeed"
64	cleanup
65	exit 1
66fi
67
68ping6 -c1 -w1 2401:db00::1
69if [ $? -eq 0 ]; then
70	echo "ping6 succeeded when it should not"
71	cleanup
72	exit 1
73fi
74
75rm -rf $LINK_PIN
76sleep 1                 # Wait for link detach
77
78#
79# Test 2 - fail ping
80#
81attach_bpf 1
82ping6 -c1 -w1 2401:db00::1
83if [ $? -ne 0 ]; then
84	echo "ping6 failed when it should succeed"
85	cleanup
86	exit 1
87fi
88
89ping -c1 -w1 172.16.1.100
90if [ $? -eq 0 ]; then
91	echo "ping succeeded when it should not"
92	cleanup
93	exit 1
94fi
95
96cleanup
97echo
98echo "*** PASS ***"

 1#!/bin/bash
 
 
 
 
 2
 3function config_device {
 4	ip netns add at_ns0
 5	ip link add veth0 type veth peer name veth0b
 6	ip link set veth0b up
 7	ip link set veth0 netns at_ns0
 8	ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
 9	ip netns exec at_ns0 ip addr add 2401:db00::1/64 dev veth0 nodad
10	ip netns exec at_ns0 ip link set dev veth0 up
11	ip addr add 172.16.1.101/24 dev veth0b
12	ip addr add 2401:db00::2/64 dev veth0b nodad
13}
14
15function config_cgroup {
16	rm -rf /tmp/cgroupv2
17	mkdir -p /tmp/cgroupv2
18	mount -t cgroup2 none /tmp/cgroupv2
19	mkdir -p /tmp/cgroupv2/foo
20	echo $$ >> /tmp/cgroupv2/foo/cgroup.procs
21}
22
 
 
 
 
 
 
 
 
23
24function attach_bpf {
25	test_cgrp2_sock2 /tmp/cgroupv2/foo sock_flags_kern.o $1
26	[ $? -ne 0 ] && exit 1
27}
28
29function cleanup {
 
30	ip link del veth0b
31	ip netns delete at_ns0
32	umount /tmp/cgroupv2
33	rm -rf /tmp/cgroupv2
34}
35
36cleanup 2>/dev/null
37
38set -e
39config_device
40config_cgroup
 
41set +e
42
43#
44# Test 1 - fail ping6
45#
46attach_bpf 0
47ping -c1 -w1 172.16.1.100
48if [ $? -ne 0 ]; then
49	echo "ping failed when it should succeed"
50	cleanup
51	exit 1
52fi
53
54ping6 -c1 -w1 2401:db00::1
55if [ $? -eq 0 ]; then
56	echo "ping6 succeeded when it should not"
57	cleanup
58	exit 1
59fi
 
 
 
60
61#
62# Test 2 - fail ping
63#
64attach_bpf 1
65ping6 -c1 -w1 2401:db00::1
66if [ $? -ne 0 ]; then
67	echo "ping6 failed when it should succeed"
68	cleanup
69	exit 1
70fi
71
72ping -c1 -w1 172.16.1.100
73if [ $? -eq 0 ]; then
74	echo "ping succeeded when it should not"
75	cleanup
76	exit 1
77fi
78
79cleanup
80echo
81echo "*** PASS ***"