Commit d8d2d9d1 authored by Paul Chaignon's avatar Paul Chaignon Committed by Alexei Starovoitov
Browse files

selftests/bpf: Test for unaligned flow_dissector ctx access 



This patch adds tests for two context fields where unaligned accesses
were not properly rejected.

Note the new macro is similar to the existing narrow_load macro, but we
need a different description and access offset. Combining the two
macros into one is probably doable but I don't think it would help
readability.

vmlinux.h is included in place of bpf.h so we have the definition of
struct bpf_nf_ctx.

Signed-off-by: default avatarPaul Chaignon <paul.chaignon@gmail.com>
Tested-by: default avatarEduard Zingerman <eddyz87@gmail.com>
Acked-by: default avatarYonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/bf014046ddcf41677fb8b98d150c14027e9fddba.1754039605.git.paul.chaignon@gmail.com


Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parent f914876e

tools/testing/selftests/bpf/progs/verifier_ctx.c

+22 −1
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0

/* Converted from tools/testing/selftests/bpf/verifier/ctx.c */



#include <linux/bpf.h>

#include "vmlinux.h"

#include <bpf/bpf_helpers.h>

#include "bpf_misc.h"



#define sizeof_field(TYPE, MEMBER) sizeof((((TYPE *)0)->MEMBER))



SEC("tc")

__description("context stores via BPF_ATOMIC")

__failure __msg("BPF_ATOMIC stores into R1 ctx is not allowed")
@@ -243,4 +245,23 @@ narrow_load("sockops", bpf_sock_ops, skb_data); 
narrow_load("sockops", bpf_sock_ops, skb_data_end);

narrow_load("sockops", bpf_sock_ops, skb_hwtstamp);



#define unaligned_access(type, ctx, field)					\

	SEC(type)								\

	__description("unaligned access on field " #field " of " #ctx)		\

	__failure __msg("invalid bpf_context access")				\

	__naked void unaligned_ctx_access_##ctx##field(void)			\

	{									\

		asm volatile ("							\

		r1 = *(u%[size] *)(r1 + %[off]);				\

		r0 = 0;								\

		exit;"								\

		:								\

		: __imm_const(size, sizeof_field(struct ctx, field) * 8),	\

		  __imm_const(off, offsetof(struct ctx, field) + 1)		\

		: __clobber_all);						\

	}



unaligned_access("flow_dissector", __sk_buff, data);

unaligned_access("netfilter", bpf_nf_ctx, skb);



char _license[] SEC("license") = "GPL";