mirror of
https://github.com/torvalds/linux
synced 2024-11-05 18:23:50 +00:00
bf5088773f
Add new tests samples/bpf/test_verifier:
unpriv: return pointer
checks that pointer cannot be returned from the eBPF program
unpriv: add const to pointer
unpriv: add pointer to pointer
unpriv: neg pointer
checks that pointer arithmetic is disallowed
unpriv: cmp pointer with const
unpriv: cmp pointer with pointer
checks that comparison of pointers is disallowed
Only one case allowed 'void *value = bpf_map_lookup_elem(..); if (value == 0) ...'
unpriv: check that printk is disallowed
since bpf_trace_printk is not available to unprivileged
unpriv: pass pointer to helper function
checks that pointers cannot be passed to functions that expect integers
If function expects a pointer the verifier allows only that type of pointer.
Like 1st argument of bpf_map_lookup_elem() must be pointer to map.
(applies to non-root as well)
unpriv: indirectly pass pointer on stack to helper function
checks that pointer stored into stack cannot be used as part of key
passed into bpf_map_lookup_elem()
unpriv: mangle pointer on stack 1
unpriv: mangle pointer on stack 2
checks that writing into stack slot that already contains a pointer
is disallowed
unpriv: read pointer from stack in small chunks
checks that < 8 byte read from stack slot that contains a pointer is
disallowed
unpriv: write pointer into ctx
checks that storing pointers into skb->fields is disallowed
unpriv: write pointer into map elem value
checks that storing pointers into element values is disallowed
For example:
int bpf_prog(struct __sk_buff *skb)
{
u32 key = 0;
u64 *value = bpf_map_lookup_elem(&map, &key);
if (value)
*value = (u64) skb;
}
will be rejected.
unpriv: partial copy of pointer
checks that doing 32-bit register mov from register containing
a pointer is disallowed
unpriv: pass pointer to tail_call
checks that passing pointer as an index into bpf_tail_call
is disallowed
unpriv: cmp map pointer with zero
checks that comparing map pointer with constant is disallowed
unpriv: write into frame pointer
checks that frame pointer is read-only (applies to root too)
unpriv: cmp of frame pointer
checks that R10 cannot be using in comparison
unpriv: cmp of stack pointer
checks that Rx = R10 - imm is ok, but comparing Rx is not
unpriv: obfuscate stack pointer
checks that Rx = R10 - imm is ok, but Rx -= imm is not
Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||
|---|---|---|
| .. | ||
| bpf_helpers.h | ||
| bpf_load.c | ||
| bpf_load.h | ||
| lathist_kern.c | ||
| lathist_user.c | ||
| libbpf.c | ||
| libbpf.h | ||
| Makefile | ||
| sock_example.c | ||
| sockex1_kern.c | ||
| sockex1_user.c | ||
| sockex2_kern.c | ||
| sockex2_user.c | ||
| sockex3_kern.c | ||
| sockex3_user.c | ||
| tcbpf1_kern.c | ||
| test_maps.c | ||
| test_verifier.c | ||
| tracex1_kern.c | ||
| tracex1_user.c | ||
| tracex2_kern.c | ||
| tracex2_user.c | ||
| tracex3_kern.c | ||
| tracex3_user.c | ||
| tracex4_kern.c | ||
| tracex4_user.c | ||
| tracex5_kern.c | ||
| tracex5_user.c | ||
| tracex6_kern.c | ||
| tracex6_user.c | ||