Skip to content

Commit 3529d28

Browse files
tixxdztixxdz
committed
tests:cgroups: ensure that we get cgroup mkdir and rmdir events
This test ensure that we get bpf events when cgroup mkdir and rmdir happen, also it includes extended logic to track if the cgroup data is correct inside bpf map and if it was removed from the same cgroup tracking map after cgroup_rmmdir. Signed-off-by: Djalal Harouni <[email protected]> (cherry picked from commit e0a2feb)
1 parent e5fd61a commit 3529d28

File tree

1 file changed

+113
-0
lines changed

1 file changed

+113
-0
lines changed

pkg/sensors/exec/cgroups_test.go

Lines changed: 113 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import (
1111
"time"
1212

1313
"github.com/cilium/tetragon/pkg/api/ops"
14+
"github.com/cilium/tetragon/pkg/api/processapi"
1415
"github.com/cilium/tetragon/pkg/cgroups"
1516
grpcexec "github.com/cilium/tetragon/pkg/grpc/exec"
1617
"github.com/cilium/tetragon/pkg/sensors"
@@ -20,6 +21,7 @@ import (
2021
"github.com/cilium/tetragon/pkg/observer"
2122
"github.com/cilium/tetragon/pkg/option"
2223
"github.com/cilium/tetragon/pkg/sensors/base"
24+
"github.com/cilium/tetragon/pkg/sensors/cgroup/cgrouptrackmap"
2325
testsensor "github.com/cilium/tetragon/pkg/sensors/test"
2426
"github.com/cilium/tetragon/pkg/testutils"
2527
"github.com/cilium/tetragon/pkg/testutils/perfring"
@@ -204,3 +206,114 @@ func TestCgroupNoEvents(t *testing.T) {
204206
}
205207
}
206208
}
209+
210+
// Ensure that we get cgroup_{mkdir|rmdir} events
211+
func TestCgroupEventMkdirRmdir(t *testing.T) {
212+
testutils.CaptureLog(t, logger.GetLogger().(*logrus.Logger))
213+
ctx, cancel := context.WithTimeout(context.Background(), defaultTimeout)
214+
defer cancel()
215+
216+
option.Config.HubbleLib = tus.Conf().TetragonLib
217+
option.Config.Verbosity = 5
218+
219+
_, err := observer.GetDefaultObserver(t, ctx, tus.Conf().TetragonLib)
220+
if err != nil {
221+
t.Fatalf("GetDefaultObserver error: %s", err)
222+
}
223+
224+
testManager := tus.StartTestSensorManager(ctx, t)
225+
observer.SensorManager = testManager.Manager
226+
227+
testManager.EnableSensors(ctx, t, loadedSensors)
228+
229+
// Set Tracking level to 3 so we receive notifcations about
230+
// /sys/fs/cgroup/$1/$2/$3 all cgroups that are at level <=3
231+
trackingCgrpLevel := uint32(3)
232+
setupTgRuntimeConf(t, trackingCgrpLevel, uint32(logrus.TraceLevel))
233+
234+
cgroupFSPath := cgroups.GetCgroupFSPath()
235+
assert.NotEmpty(t, cgroupFSPath)
236+
237+
dir, hierarchy := getTestCgroupDirAndHierarchy(t)
238+
cgroupRmdir(t, cgroupFSPath, hierarchy, tetragonCgrpRoot)
239+
240+
matchedPath := dir
241+
finalPath := filepath.Join(cgroupFSPath, hierarchy, dir)
242+
_, err = os.Stat(finalPath)
243+
if err == nil {
244+
t.Fatalf("Test %s failed cgroup test hierarchy should not exist '%s'", t.Name(), finalPath)
245+
}
246+
247+
t.Cleanup(func() {
248+
cgroupRmdir(t, cgroupFSPath, hierarchy, dir)
249+
})
250+
251+
trigger := func() {
252+
err = cgroupMkdir(t, cgroupFSPath, hierarchy, dir)
253+
assert.NoError(t, err)
254+
255+
err = cgroupRmdir(t, cgroupFSPath, hierarchy, dir)
256+
assert.NoError(t, err)
257+
}
258+
259+
mkdir := false
260+
rmdir := false
261+
cgrpMap := testsensor.GetCgroupsTrackingMap()
262+
cgrpMapPath := filepath.Join(bpf.MapPrefixPath(), cgrpMap.Name)
263+
cgrpTrackingId := uint64(0)
264+
events := perfring.RunTestEvents(t, ctx, trigger)
265+
for _, ev := range events {
266+
if msg, ok := ev.(*grpcexec.MsgCgroupEventUnix); ok {
267+
if msg.Common.Op == ops.MSG_OP_CGROUP {
268+
cgrpPath := cgroups.CgroupNameFromCStr(msg.Path[:processapi.CGROUP_PATH_LENGTH])
269+
op := ops.CgroupOpCode(msg.CgrpOp)
270+
st := ops.CgroupState(msg.CgrpData.State).String()
271+
logger.GetLogger().WithFields(logrus.Fields{
272+
"cgroup.event": op.String(),
273+
"PID": msg.PID,
274+
"NSPID": msg.NSPID,
275+
"cgroup.IDTracker": msg.CgrpidTracker,
276+
"cgroup.ID": msg.Cgrpid,
277+
"cgroup.state": st,
278+
"cgroup.level": msg.CgrpData.Level,
279+
"cgroup.path": cgrpPath,
280+
}).Info("Received Cgroup event")
281+
282+
assert.NotZero(t, msg.PID)
283+
assert.NotZero(t, msg.Cgrpid)
284+
assert.NotZero(t, msg.CgrpidTracker)
285+
assert.NotEqualValues(t, msg.CgrpData.State, ops.CGROUP_UNTRACKED)
286+
assert.NotZero(t, msg.CgrpData.Level)
287+
288+
switch op {
289+
case ops.MSG_OP_CGROUP_MKDIR:
290+
assert.EqualValues(t, ops.CGROUP_NEW, msg.CgrpData.State)
291+
// Match only our test
292+
if cgrpPath == matchedPath {
293+
cgrpName := cgroups.CgroupNameFromCStr(msg.CgrpData.Name[:processapi.CGROUP_NAME_LENGTH])
294+
assert.EqualValues(t, t.Name(), cgrpName)
295+
296+
mkdir = true
297+
cgrpTrackingId = msg.CgrpidTracker
298+
}
299+
case ops.MSG_OP_CGROUP_RMDIR:
300+
// Match only our test
301+
if cgrpPath == matchedPath {
302+
cgrpName := cgroups.CgroupNameFromCStr(msg.CgrpData.Name[:processapi.CGROUP_NAME_LENGTH])
303+
assert.EqualValues(t, t.Name(), cgrpName)
304+
rmdir = true
305+
}
306+
}
307+
}
308+
}
309+
}
310+
311+
// Ensure that we received proper events
312+
assert.Equal(t, true, mkdir)
313+
assert.Equal(t, true, rmdir)
314+
assert.NotZero(t, true, cgrpTrackingId)
315+
316+
// Should be removed from the tracking map
317+
_, err = cgrouptrackmap.LookupTrackingCgroup(cgrpMapPath, cgrpTrackingId)
318+
assert.Error(t, err)
319+
}

0 commit comments

Comments
 (0)