From 39b09033d140c9e77e5de50a1ef54c9dc21e095e Mon Sep 17 00:00:00 2001
From: Andrei Fedotov <anfedotoff@yandex-team.ru>
Date: Mon, 12 Aug 2024 15:46:31 +0300
Subject: [PATCH] tetragon: Update tests for KprobeMatchBinaries

Adding tests for Postix and NotPostfix operators in
TestKprobeMatchBinaries and TestKprobeMatchBinariesPerfring.

Signed-off-by: Andrei Fedotov <anfedotoff@yandex-team.ru>
---
 pkg/sensors/tracing/kprobe_test.go | 88 ++++++++++++++++++++----------
 1 file changed, 58 insertions(+), 30 deletions(-)

diff --git a/pkg/sensors/tracing/kprobe_test.go b/pkg/sensors/tracing/kprobe_test.go
index 385484d3ca3..3b9542de014 100644
--- a/pkg/sensors/tracing/kprobe_test.go
+++ b/pkg/sensors/tracing/kprobe_test.go
@@ -3867,7 +3867,7 @@ func matchBinariesTest(t *testing.T, operator string, values []string, kpChecker
 	assert.NoError(t, err)
 }
 
-const skipMatchBinariesPrefix = "kernels without large progs do not support matchBinaries Prefix/NotPrefix"
+const skipMatchBinaries = "kernels without large progs do not support matchBinaries Prefix/NotPrefix/Postfix/NotPostfix"
 
 func TestKprobeMatchBinaries(t *testing.T) {
 	t.Run("In", func(t *testing.T) {
@@ -3878,40 +3878,31 @@ func TestKprobeMatchBinaries(t *testing.T) {
 	})
 	t.Run("Prefix", func(t *testing.T) {
 		if !kernels.EnableLargeProgs() {
-			t.Skip(skipMatchBinariesPrefix)
+			t.Skip(skipMatchBinaries)
 		}
 		matchBinariesTest(t, "Prefix", []string{"/usr/bin/t"}, createBinariesChecker("/usr/bin/tail", "/etc/passwd"))
 	})
 	t.Run("NotPrefix", func(t *testing.T) {
 		if !kernels.EnableLargeProgs() {
-			t.Skip(skipMatchBinariesPrefix)
+			t.Skip(skipMatchBinaries)
 		}
 		matchBinariesTest(t, "NotPrefix", []string{"/usr/bin/t"}, createBinariesChecker("/usr/bin/head", "/etc/passwd"))
 	})
+	t.Run("Postfix", func(t *testing.T) {
+		if !kernels.EnableLargeProgs() {
+			t.Skip(skipMatchBinaries)
+		}
+		matchBinariesTest(t, "Postfix", []string{"bin/tail"}, createBinariesChecker("/usr/bin/tail", "/etc/passwd"))
+	})
+	t.Run("NotPostfix", func(t *testing.T) {
+		if !kernels.EnableLargeProgs() {
+			t.Skip(skipMatchBinaries)
+		}
+		matchBinariesTest(t, "NotPostfix", []string{"bin/tail"}, createBinariesChecker("/usr/bin/head", "/etc/passwd"))
+	})
 }
 
-func TestKprobeMatchBinariesPrefixLargePath(t *testing.T) {
-	if !kernels.EnableLargeProgs() {
-		t.Skip()
-	}
-
-	// create a large temporary directory path
-	tmpDir := t.TempDir()
-	targetBinLargePath := tmpDir
-	// add (255 + 1) * 15 = 3840 chars to the path
-	// max is 4096 and we want to leave some space for the tmpdir + others
-	for range 15 {
-		targetBinLargePath += "/" + strings.Repeat("a", unix.NAME_MAX)
-	}
-	err := os.MkdirAll(targetBinLargePath, 0755)
-	require.NoError(t, err)
-
-	// copy the binary into it
-	targetBinLargePath += "/true"
-	fileExec, err := exec.LookPath("true")
-	require.NoError(t, err)
-	err = exec.Command("cp", fileExec, targetBinLargePath).Run()
-	require.NoError(t, err)
+func matchBinariesLargePathTest(t *testing.T, operator string, values []string, binary string) {
 
 	var doneWG, readyWG sync.WaitGroup
 	defer doneWG.Wait()
@@ -3919,7 +3910,7 @@ func TestKprobeMatchBinariesPrefixLargePath(t *testing.T) {
 	ctx, cancel := context.WithTimeout(context.Background(), tus.Conf().CmdWaitTime)
 	defer cancel()
 
-	createCrdFile(t, getMatchBinariesCrd("Prefix", []string{tmpDir}))
+	createCrdFile(t, getMatchBinariesCrd(operator, values))
 
 	obs, err := observertesthelper.GetDefaultObserverWithFile(t, ctx, testConfigFile, tus.Conf().TetragonLib, observertesthelper.WithMyPid())
 	if err != nil {
@@ -3928,15 +3919,46 @@ func TestKprobeMatchBinariesPrefixLargePath(t *testing.T) {
 	observertesthelper.LoopEvents(ctx, t, &doneWG, &readyWG, obs)
 	readyWG.Wait()
 
-	if err := exec.Command(targetBinLargePath).Run(); err != nil {
+	if err := exec.Command(binary).Run(); err != nil {
 		t.Fatalf("failed to run true: %s", err)
 	}
 
 	checker := ec.NewUnorderedEventChecker(ec.NewProcessKprobeChecker("").
-		WithProcess(ec.NewProcessChecker().WithBinary(sm.Full(targetBinLargePath))).
+		WithProcess(ec.NewProcessChecker().WithBinary(sm.Full(binary))).
 		WithFunctionName(sm.Full("fd_install")))
 	err = jsonchecker.JsonTestCheck(t, checker)
 	assert.NoError(t, err)
+
+}
+func TestKprobeMatchBinariesLargePath(t *testing.T) {
+	if !kernels.EnableLargeProgs() {
+		t.Skip()
+	}
+
+	// create a large temporary directory path
+	tmpDir := t.TempDir()
+	targetBinLargePath := tmpDir
+	// add (255 + 1) * 15 = 3840 chars to the path
+	// max is 4096 and we want to leave some space for the tmpdir + others
+	for range 15 {
+		targetBinLargePath += "/" + strings.Repeat("a", unix.NAME_MAX)
+	}
+	err := os.MkdirAll(targetBinLargePath, 0755)
+	require.NoError(t, err)
+
+	// copy the binary into it
+	targetBinLargePath += "/true"
+	fileExec, err := exec.LookPath("true")
+	require.NoError(t, err)
+	err = exec.Command("cp", fileExec, targetBinLargePath).Run()
+	require.NoError(t, err)
+
+	t.Run("Prefix", func(t *testing.T) {
+		matchBinariesLargePathTest(t, "Prefix", []string{tmpDir}, targetBinLargePath)
+	})
+	t.Run("Postfix", func(t *testing.T) {
+		matchBinariesLargePathTest(t, "Postfix", []string{"/true"}, targetBinLargePath)
+	})
 }
 
 // matchBinariesPerfringTest checks that the matchBinaries do correctly
@@ -4024,10 +4046,16 @@ func TestKprobeMatchBinariesPerfring(t *testing.T) {
 	})
 	t.Run("Prefix", func(t *testing.T) {
 		if !kernels.EnableLargeProgs() {
-			t.Skip(skipMatchBinariesPrefix)
+			t.Skip(skipMatchBinaries)
 		}
 		matchBinariesPerfringTest(t, "Prefix", []string{"/usr/bin/t"})
 	})
+	t.Run("Postfix", func(t *testing.T) {
+		if !kernels.EnableLargeProgs() {
+			t.Skip(skipMatchBinaries)
+		}
+		matchBinariesPerfringTest(t, "Postfix", []string{"tail"})
+	})
 }
 
 // TestKprobeMatchBinariesEarlyExec checks that the matchBinaries can filter
@@ -4106,7 +4134,7 @@ func TestKprobeMatchBinariesEarlyExec(t *testing.T) {
 // of its machinery.
 func TestKprobeMatchBinariesPrefixMatchArgs(t *testing.T) {
 	if !kernels.EnableLargeProgs() {
-		t.Skip(skipMatchBinariesPrefix)
+		t.Skip(skipMatchBinaries)
 	}
 
 	testutils.CaptureLog(t, logger.GetLogger().(*logrus.Logger))