Skip to content

Commit

Permalink
tetragon: Add cgroup rate throttle test for kprobe
Browse files Browse the repository at this point in the history
Signed-off-by: Jiri Olsa <[email protected]>
  • Loading branch information
olsajiri committed Jul 29, 2024
1 parent de33dca commit 94eb337
Show file tree
Hide file tree
Showing 3 changed files with 70 additions and 0 deletions.
1 change: 1 addition & 0 deletions pkg/observer/observertesthelper/observer_test_helper.go
Original file line number Diff line number Diff line change
Expand Up @@ -414,6 +414,7 @@ func loadExporter(tb testing.TB, ctx context.Context, obs *observer.Observer, op
})

cgrouprate.NewCgroupRate(ctx, processManager, base.CgroupRateMap, &option.Config.CgroupRate)
base.ConfigCgroupRate(&option.Config.CgroupRate)
return nil
}

Expand Down
1 change: 1 addition & 0 deletions pkg/sensors/load.go
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,7 @@ func (s *Sensor) loadMaps(bpfDir string) error {
"sensor": s.Name,
"map": m.Name,
"path": pinPath,
"max": m.Entries,
}).Info("tetragon, map loaded.")
}

Expand Down
68 changes: 68 additions & 0 deletions pkg/sensors/tracing/kprobe_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6808,3 +6808,71 @@ spec:
err = jsonchecker.JsonTestCheck(t, checker)
assert.NoError(t, err)
}

func testKprobeThrottle(t *testing.T) {
var doneWG, readyWG sync.WaitGroup
defer doneWG.Wait()

tracingPolicy := `
apiVersion: cilium.io/v1alpha1
kind: TracingPolicy
metadata:
name: "privileges-raise"
annotations:
description: "Detects privileges change operations"
spec:
kprobes:
- call: "sys_prctl"
syscall: true
args:
- index: 0
type: "int"
`

createCrdFile(t, tracingPolicy)

throttleStartChecker := ec.NewProcessThrottleChecker("THROTTLE").
WithType(tetragon.ThrottleType_THROTTLE_START)

throttleStopChecker := ec.NewProcessThrottleChecker("THROTTLE").
WithType(tetragon.ThrottleType_THROTTLE_STOP)

checker := ec.NewUnorderedEventChecker(throttleStartChecker, throttleStopChecker)

ctx, cancel := context.WithTimeout(context.Background(), tus.Conf().CmdWaitTime)
defer cancel()

option.Config.CgroupRate = option.ParseCgroupRate("10,2s")
t.Cleanup(func() {
option.Config.CgroupRate = option.CgroupRate{}
})

obs, err := observertesthelper.GetDefaultObserverWithFile(t, ctx, testConfigFile, tus.Conf().TetragonLib)
if err != nil {
t.Fatalf("GetDefaultObserverWithFile error: %s", err)
}
observertesthelper.LoopEvents(ctx, t, &doneWG, &readyWG, obs)
readyWG.Wait()

// create the load 40 fork/exec per sec for 4 seconds
// to get THROTTLE START
for cnt := 0; cnt < 2000; cnt++ {
unix.Prctl(99999, 99999, 99999, 99999, 99999)
time.Sleep(time.Millisecond)
}

// and calm down to get THROTTLE STOP
time.Sleep(8 * time.Second)

err = jsonchecker.JsonTestCheck(t, checker)
assert.NoError(t, err)
}

func TestKprobeThrottle1(t *testing.T) {
testKprobeThrottle(t)
}

// Run throttle twice to test the CgroupRate setup code
func TestKprobeThrottle2(t *testing.T) {
testKprobeThrottle(t)
}

0 comments on commit 94eb337

Please sign in to comment.