Re: [PATCH bpf-next v4 2/2] selftests/bpf: Add test for bpftool access to read-only protected maps

2025-06-21 01:18 UTC+1000 ~ Slava Imameev slava.imameev@crowdstrike.com

Add selftest cases that validate bpftool's expected behavior when accessing maps protected from modification via security_bpf_map.

The test includes a BPF program attached to security_bpf_map with two maps:

• A protected map that only allows read-only access
• An unprotected map that allows full access

The test script attaches the BPF program to security_bpf_map and verifies that for the bpftool map command:

• Read access works on both maps
• Write access fails on the protected map
• Write access succeeds on the unprotected map
• These behaviors remain consistent when the maps are pinned

Signed-off-by: Slava Imameev slava.imameev@crowdstrike.com

Reviewed-by: Quentin Monnet qmo@kernel.org