Re: [PATCH v7 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook

[Song Liu]

On Mon, Mar 10, 2025 at 3:18 PM Blaise Boscaccy
<bboscaccy@xxxxxxxxxxxxxxxxxxx> wrote:
>
> This test exercises the kernel flag added to security_bpf by
> effectively blocking light-skeletons from loading while allowing
> normal skeletons to function as-is. Since this should work with any
> arbitrary BPF program, an existing program from LSKELS_EXTRA was
> used as a test payload.
>
> Signed-off-by: Blaise Boscaccy <bboscaccy@xxxxxxxxxxxxxxxxxxx>
[...]
> +
> +       /* Test with skel. This should pass the gatekeeper */
> +       skel = kfunc_call_test__open_and_load();
> +       if (!ASSERT_OK_PTR(skel, "skel"))
> +               goto close_prog;
> +
> +       /* Test with lskel. This should fail due to blocking kernel-based bpf() invocations */
> +       lskel = kfunc_call_test_lskel__open_and_load();
> +       if (!ASSERT_ERR_PTR(lskel, "lskel"))
> +               goto close_prog;

This goto is not necessary. But I don't think we need v8 just for this.

Acked-by: Song Liu <song@xxxxxxxxxx>

> +
> +close_prog:
> +       if (skel)
> +               kfunc_call_test__destroy(skel);
> +       if (lskel)
> +               kfunc_call_test_lskel__destroy(lskel);

[...]