From 1cbfba4aa6d13ac2af7fa65b9ec000a7e64878a1 Mon Sep 17 00:00:00 2001 From: sat0ken <15720506+sat0ken@users.noreply.github.com> Date: Thu, 21 Nov 2024 20:28:21 +0900 Subject: [PATCH 1/2] add test code linux_cgroups_devices Signed-off-by: sat0ken <15720506+sat0ken@users.noreply.github.com> --- tests/contest/contest/src/main.rs | 2 + .../contest/src/tests/cgroups/devices.rs | 83 +++++++++++++++++++ .../contest/contest/src/tests/cgroups/mod.rs | 1 + 3 files changed, 86 insertions(+) create mode 100644 tests/contest/contest/src/tests/cgroups/devices.rs diff --git a/tests/contest/contest/src/main.rs b/tests/contest/contest/src/main.rs index d4d2dbac2..336f62aa7 100644 --- a/tests/contest/contest/src/main.rs +++ b/tests/contest/contest/src/main.rs @@ -103,6 +103,7 @@ fn main() -> Result<()> { let cgroup_v1_pids = cgroups::pids::get_test_group(); let cgroup_v1_cpu = cgroups::cpu::v1::get_test_group(); let cgroup_v2_cpu = cgroups::cpu::v2::get_test_group(); + let cgroup_v1_device = cgroups::devices::get_test_group(); let cgroup_v1_memory = cgroups::memory::get_test_group(); let cgroup_v1_network = cgroups::network::get_test_group(); let cgroup_v1_blkio = cgroups::blkio::get_test_group(); @@ -131,6 +132,7 @@ fn main() -> Result<()> { tm.add_test_group(Box::new(cgroup_v1_pids)); tm.add_test_group(Box::new(cgroup_v1_cpu)); tm.add_test_group(Box::new(cgroup_v2_cpu)); + tm.add_test_group(Box::new(cgroup_v1_device)); tm.add_test_group(Box::new(cgroup_v1_memory)); tm.add_test_group(Box::new(cgroup_v1_network)); tm.add_test_group(Box::new(cgroup_v1_blkio)); diff --git a/tests/contest/contest/src/tests/cgroups/devices.rs b/tests/contest/contest/src/tests/cgroups/devices.rs new file mode 100644 index 000000000..dd09f534f --- /dev/null +++ b/tests/contest/contest/src/tests/cgroups/devices.rs @@ -0,0 +1,83 @@ +use std::path::Path; + +use crate::utils::test_outside_container; +use crate::utils::test_utils::check_container_created; +use anyhow::Context; +use oci_spec::runtime::{ + LinuxBuilder, LinuxDeviceCgroup, LinuxDeviceCgroupBuilder, LinuxDeviceType, + LinuxResourcesBuilder, Spec, SpecBuilder, +}; +use test_framework::{test_result, ConditionalTest, TestGroup, TestResult}; + +fn can_run() -> bool { + Path::new("/sys/fs/cgroup/devices").exists() +} + +fn linux_device_build( + allow: bool, + dev_type: LinuxDeviceType, + major: i64, + minor: i64, + access: String, +) -> LinuxDeviceCgroup { + LinuxDeviceCgroupBuilder::default() + .access(allow.to_string()) + .typ(dev_type) + .major(major) + .minor(minor) + .access(access) + .build() + .unwrap() +} + +fn create_spec(cgroup_name: &str, devices: Vec) -> anyhow::Result { + let spec = SpecBuilder::default() + .linux( + LinuxBuilder::default() + .cgroups_path(Path::new("/runtime-test").join(cgroup_name)) + .resources( + LinuxResourcesBuilder::default() + .devices(devices) + .build() + .context("failed to build resource spec")?, + ) + .build() + .context("failed to build linux spec")?, + ) + .build() + .context("failed to build spec")?; + + Ok(spec) +} + +fn test_devices_cgroups() -> TestResult { + let cgroup_name = "test_devices_cgroups"; + let linux_devices = vec![ + linux_device_build(true, LinuxDeviceType::C, 10, 229, "rwm".to_string()), + linux_device_build(true, LinuxDeviceType::B, 8, 20, "rw".to_string()), + linux_device_build(true, LinuxDeviceType::B, 10, 200, "r".to_string()), + ]; + let spec = test_result!(create_spec(cgroup_name, linux_devices)); + + let test_result = test_outside_container(spec, &|data| { + test_result!(check_container_created(&data)); + TestResult::Passed + }); + if let TestResult::Failed(_) = test_result { + return test_result; + } + test_result +} + +pub fn get_test_group() -> TestGroup { + let mut test_group = TestGroup::new("cgroup_v1_devices"); + let linux_cgroups_devices = ConditionalTest::new( + "test_linux_cgroups_devices", + Box::new(can_run), + Box::new(crate::tests::cgroups::devices::test_devices_cgroups), + ); + + test_group.add(vec![Box::new(linux_cgroups_devices)]); + + test_group +} diff --git a/tests/contest/contest/src/tests/cgroups/mod.rs b/tests/contest/contest/src/tests/cgroups/mod.rs index 51f467d5c..cc9ee06bd 100644 --- a/tests/contest/contest/src/tests/cgroups/mod.rs +++ b/tests/contest/contest/src/tests/cgroups/mod.rs @@ -6,6 +6,7 @@ use anyhow::{Context, Result}; use procfs::process::Process; pub mod blkio; pub mod cpu; +pub mod devices; pub mod memory; pub mod network; pub mod pids; From f19119dcd86ac8d1cf389eb1707d5f7cf0f69bdf Mon Sep 17 00:00:00 2001 From: sat0ken <15720506+sat0ken@users.noreply.github.com> Date: Fri, 22 Nov 2024 07:51:43 +0900 Subject: [PATCH 2/2] fix format err Signed-off-by: sat0ken <15720506+sat0ken@users.noreply.github.com> --- tests/contest/contest/src/tests/cgroups/devices.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/contest/contest/src/tests/cgroups/devices.rs b/tests/contest/contest/src/tests/cgroups/devices.rs index dd09f534f..6f224579c 100644 --- a/tests/contest/contest/src/tests/cgroups/devices.rs +++ b/tests/contest/contest/src/tests/cgroups/devices.rs @@ -1,7 +1,5 @@ use std::path::Path; -use crate::utils::test_outside_container; -use crate::utils::test_utils::check_container_created; use anyhow::Context; use oci_spec::runtime::{ LinuxBuilder, LinuxDeviceCgroup, LinuxDeviceCgroupBuilder, LinuxDeviceType, @@ -9,6 +7,9 @@ use oci_spec::runtime::{ }; use test_framework::{test_result, ConditionalTest, TestGroup, TestResult}; +use crate::utils::test_outside_container; +use crate::utils::test_utils::check_container_created; + fn can_run() -> bool { Path::new("/sys/fs/cgroup/devices").exists() }