Commit d2284d68 authored by Yafang Shao's avatar Yafang Shao Committed by Alexei Starovoitov

selftests/bpf: Add selftests for nested_trust

Add selftests for nested_strust to check whehter PTR_UNTRUSTED is cleared
as expected, the result as follows:

 #141/1   nested_trust/test_read_cpumask:OK
 #141/2   nested_trust/test_skb_field:OK                    <<<<
 #141/3   nested_trust/test_invalid_nested_user_cpus:OK
 #141/4   nested_trust/test_invalid_nested_offset:OK
 #141/5   nested_trust/test_invalid_skb_field:OK            <<<<
 #141     nested_trust:OK

The #141/2 and #141/5 are newly added.
Signed-off-by: default avatarYafang Shao <laoar.shao@gmail.com>
Link: https://lore.kernel.org/r/20230713025642.27477-3-laoar.shao@gmail.comSigned-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parent 7ce4dc3e
...@@ -10,6 +10,13 @@ ...@@ -10,6 +10,13 @@
char _license[] SEC("license") = "GPL"; char _license[] SEC("license") = "GPL";
struct {
__uint(type, BPF_MAP_TYPE_SK_STORAGE);
__uint(map_flags, BPF_F_NO_PREALLOC);
__type(key, int);
__type(value, u64);
} sk_storage_map SEC(".maps");
/* Prototype for all of the program trace events below: /* Prototype for all of the program trace events below:
* *
* TRACE_EVENT(task_newtask, * TRACE_EVENT(task_newtask,
...@@ -31,3 +38,12 @@ int BPF_PROG(test_invalid_nested_offset, struct task_struct *task, u64 clone_fla ...@@ -31,3 +38,12 @@ int BPF_PROG(test_invalid_nested_offset, struct task_struct *task, u64 clone_fla
bpf_cpumask_first_zero(&task->cpus_mask); bpf_cpumask_first_zero(&task->cpus_mask);
return 0; return 0;
} }
/* Although R2 is of type sk_buff but sock_common is expected, we will hit untrusted ptr first. */
SEC("tp_btf/tcp_probe")
__failure __msg("R2 type=untrusted_ptr_ expected=ptr_, trusted_ptr_, rcu_ptr_")
int BPF_PROG(test_invalid_skb_field, struct sock *sk, struct sk_buff *skb)
{
bpf_sk_storage_get(&sk_storage_map, skb->next, 0, 0);
return 0;
}
...@@ -10,6 +10,13 @@ ...@@ -10,6 +10,13 @@
char _license[] SEC("license") = "GPL"; char _license[] SEC("license") = "GPL";
struct {
__uint(type, BPF_MAP_TYPE_SK_STORAGE);
__uint(map_flags, BPF_F_NO_PREALLOC);
__type(key, int);
__type(value, u64);
} sk_storage_map SEC(".maps");
SEC("tp_btf/task_newtask") SEC("tp_btf/task_newtask")
__success __success
int BPF_PROG(test_read_cpumask, struct task_struct *task, u64 clone_flags) int BPF_PROG(test_read_cpumask, struct task_struct *task, u64 clone_flags)
...@@ -17,3 +24,11 @@ int BPF_PROG(test_read_cpumask, struct task_struct *task, u64 clone_flags) ...@@ -17,3 +24,11 @@ int BPF_PROG(test_read_cpumask, struct task_struct *task, u64 clone_flags)
bpf_cpumask_test_cpu(0, task->cpus_ptr); bpf_cpumask_test_cpu(0, task->cpus_ptr);
return 0; return 0;
} }
SEC("tp_btf/tcp_probe")
__success
int BPF_PROG(test_skb_field, struct sock *sk, struct sk_buff *skb)
{
bpf_sk_storage_get(&sk_storage_map, skb->sk, 0, 0);
return 0;
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment