Commit d3e15189 authored by Benjamin Tissoires's avatar Benjamin Tissoires
Browse files

selftests/hid: add an infinite loop test for hid_bpf_try_input_report 

We don't want this call to allow an infinite loop in HID-BPF, so let's
have some tests.

Link: https://patch.msgid.link/20240626-hid_hw_req_bpf-v2-13-cfd60fb6c79f@kernel.org


Acked-by: default avatarJiri Kosina <jkosina@suse.com>
Signed-off-by: default avatarBenjamin Tissoires <bentiss@kernel.org>
parent 62f2e1a0

tools/testing/selftests/hid/hid_bpf.c

+41 −0
Original line number Diff line number Diff line
@@ -1204,6 +1204,47 @@ TEST_F(hid_bpf, test_multiply_events) 
	ASSERT_EQ(buf[1], 52);

}



/*

 * Call hid_bpf_input_report against the given uhid device,

 * check that the program is not making infinite loops.

 */

TEST_F(hid_bpf, test_hid_infinite_loop_input_report_call)

{

	const struct test_program progs[] = {

		{ .name = "hid_test_infinite_loop_input_report" },

	};

	__u8 buf[10] = {0};

	int err;



	LOAD_PROGRAMS(progs);



	/* emit hid_hw_output_report from hidraw */

	buf[0] = 1; /* report ID */

	buf[1] = 2;

	buf[2] = 42;



	uhid_send_event(_metadata, self->uhid_fd, buf, 6);



	/* read the data from hidraw */

	memset(buf, 0, sizeof(buf));

	err = read(self->hidraw_fd, buf, sizeof(buf));

	ASSERT_EQ(err, 6) TH_LOG("read_hidraw");

	ASSERT_EQ(buf[0], 1);

	ASSERT_EQ(buf[1], 3);



	/* read the data from hidraw: hid_bpf_try_input_report should work exactly one time */

	memset(buf, 0, sizeof(buf));

	err = read(self->hidraw_fd, buf, sizeof(buf));

	ASSERT_EQ(err, 6) TH_LOG("read_hidraw");

	ASSERT_EQ(buf[0], 1);

	ASSERT_EQ(buf[1], 4);



	/* read the data from hidraw: there should be none */

	memset(buf, 0, sizeof(buf));

	err = read(self->hidraw_fd, buf, sizeof(buf));

	ASSERT_EQ(err, -1) TH_LOG("read_hidraw");

}



/*

 * Attach hid_insert{0,1,2} to the given uhid device,

 * retrieve and open the matching hidraw node,

tools/testing/selftests/hid/progs/hid.c

+37 −0
Original line number Diff line number Diff line
@@ -561,3 +561,40 @@ SEC(".struct_ops.link") 
struct hid_bpf_ops test_multiply_events = {

	.hid_device_event = (void *)hid_test_multiply_events,

};



SEC("?struct_ops/hid_device_event")

int BPF_PROG(hid_test_infinite_loop_input_report, struct hid_bpf_ctx *hctx,

	     enum hid_report_type report_type, __u64 source)

{

	__u8 *data = hid_bpf_get_data(hctx, 0 /* offset */, 6 /* size */);

	__u8 buf[6];



	if (!data)

		return 0; /* EPERM check */



	/*

	 * we have to use an intermediate buffer as hid_bpf_input_report

	 * will memset data to \0

	 */

	__builtin_memcpy(buf, data, sizeof(buf));



	/* always forward the request as-is to the device, hid-bpf should prevent

	 * infinite loops.

	 * the return value is ignored so the event is passing to userspace.

	 */



	hid_bpf_try_input_report(hctx, report_type, buf, sizeof(buf));



	/* each time we process the event, we increment by one data[1]:

	 * after each successful call to hid_bpf_try_input_report, buf

	 * has been memcopied into data by the kernel.

	 */

	data[1] += 1;



	return 0;

}



SEC(".struct_ops.link")

struct hid_bpf_ops test_infinite_loop_input_report = {

	.hid_device_event = (void *)hid_test_infinite_loop_input_report,

};