selftests/bpf: verifier/direct_stack_access_wraparound.c converted to inline assembly (84988478) · Commits · jan.koester / Linux

tools/testing/selftests/bpf/prog_tests/verifier.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -14,6 +14,7 @@
		#include "verifier_cgroup_storage.skel.h"
		#include "verifier_const_or.skel.h"
		#include "verifier_ctx_sk_msg.skel.h"
		#include "verifier_direct_stack_access_wraparound.skel.h"

		__maybe_unused
		static void run_tests_aux(const char *skel_name, skel_elf_bytes_fn elf_bytes_factory)
		@@ -50,3 +51,4 @@ void test_verifier_cgroup_skb(void) { RUN(verifier_cgroup_skb); }
		void test_verifier_cgroup_storage(void) { RUN(verifier_cgroup_storage); }
		void test_verifier_const_or(void) { RUN(verifier_const_or); }
		void test_verifier_ctx_sk_msg(void) { RUN(verifier_ctx_sk_msg); }
		void test_verifier_direct_stack_access_wraparound(void) { RUN(verifier_direct_stack_access_wraparound); }

0 → 100644

+56 −0

Original line number	Diff line number	Diff line
		// SPDX-License-Identifier: GPL-2.0
		/* Converted from tools/testing/selftests/bpf/verifier/direct_stack_access_wraparound.c */

		#include <linux/bpf.h>
		#include <bpf/bpf_helpers.h>
		#include "bpf_misc.h"

		SEC("socket")
		__description("direct stack access with 32-bit wraparound. test1")
		__failure __msg("fp pointer and 2147483647")
		__failure_unpriv
		__naked void with_32_bit_wraparound_test1(void)
		{
		asm volatile (" \
		r1 = r10; \
		r1 += 0x7fffffff; \
		r1 += 0x7fffffff; \
		w0 = 0; \
		(u8)(r1 + 0) = r0; \
		exit; \
		" ::: __clobber_all);
		}

		SEC("socket")
		__description("direct stack access with 32-bit wraparound. test2")
		__failure __msg("fp pointer and 1073741823")
		__failure_unpriv
		__naked void with_32_bit_wraparound_test2(void)
		{
		asm volatile (" \
		r1 = r10; \
		r1 += 0x3fffffff; \
		r1 += 0x3fffffff; \
		w0 = 0; \
		(u8)(r1 + 0) = r0; \
		exit; \
		" ::: __clobber_all);
		}

		SEC("socket")
		__description("direct stack access with 32-bit wraparound. test3")
		__failure __msg("fp pointer offset 1073741822")
		__msg_unpriv("R1 stack pointer arithmetic goes out of range")
		__naked void with_32_bit_wraparound_test3(void)
		{
		asm volatile (" \
		r1 = r10; \
		r1 += 0x1fffffff; \
		r1 += 0x1fffffff; \
		w0 = 0; \
		(u8)(r1 + 0) = r0; \
		exit; \
		" ::: __clobber_all);
		}

		char _license[] SEC("license") = "GPL";

deleted100644 → 0

+0 −40

Original line number	Diff line number	Diff line
		{
		"direct stack access with 32-bit wraparound. test1",
		.insns = {
		BPF_MOV64_REG(BPF_REG_1, BPF_REG_10),
		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, 0x7fffffff),
		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, 0x7fffffff),
		BPF_MOV32_IMM(BPF_REG_0, 0),
		BPF_STX_MEM(BPF_B, BPF_REG_1, BPF_REG_0, 0),
		BPF_EXIT_INSN(),
		},
		.errstr = "fp pointer and 2147483647",
		.result = REJECT
		},
		{
		"direct stack access with 32-bit wraparound. test2",
		.insns = {
		BPF_MOV64_REG(BPF_REG_1, BPF_REG_10),
		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, 0x3fffffff),
		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, 0x3fffffff),
		BPF_MOV32_IMM(BPF_REG_0, 0),
		BPF_STX_MEM(BPF_B, BPF_REG_1, BPF_REG_0, 0),
		BPF_EXIT_INSN(),
		},
		.errstr = "fp pointer and 1073741823",
		.result = REJECT
		},
		{
		"direct stack access with 32-bit wraparound. test3",
		.insns = {
		BPF_MOV64_REG(BPF_REG_1, BPF_REG_10),
		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, 0x1fffffff),
		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, 0x1fffffff),
		BPF_MOV32_IMM(BPF_REG_0, 0),
		BPF_STX_MEM(BPF_B, BPF_REG_1, BPF_REG_0, 0),
		BPF_EXIT_INSN(),
		},
		.errstr = "fp pointer offset 1073741822",
		.errstr_unpriv = "R1 stack pointer arithmetic goes out of range",
		.result = REJECT
		},