diff mbox series

[bpf-next,2/2] bpf: selftest: verifier test on refill from a smaller spill

Message ID 20211102064541.316414-1-kafai@fb.com (mailing list archive)
State Accepted
Commit c08455dec5acf4668f5d1eb099f7fedb29f2de5f
Delegated to: BPF
Headers show
Series bpf: Allow doing stack read with size larger than the earlier spilled reg | expand

Checks

Context Check Description
bpf/vmtest-bpf-next-PR success PR summary
netdev/cover_letter success Series has a cover letter
netdev/fixes_present success Fixes tag not required for -next series
netdev/patch_count success Link
netdev/tree_selection success Clearly marked for bpf-next
netdev/subject_prefix success Link
netdev/cc_maintainers warning 7 maintainers not CCed: john.fastabend@gmail.com linux-kselftest@vger.kernel.org netdev@vger.kernel.org songliubraving@fb.com kpsingh@kernel.org shuah@kernel.org gilad.reti@gmail.com
netdev/source_inline success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/module_param success Was 0 now: 0
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/verify_fixes success No Fixes tag
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 20 lines checked
netdev/build_allmodconfig_warn success Errors and warnings before: 0 this patch: 0
netdev/header_inline success No static functions without inline keyword in header files
bpf/vmtest-bpf-next success VM_Test

Commit Message

Martin KaFai Lau Nov. 2, 2021, 6:45 a.m. UTC 
This patch adds a verifier test to ensure the verifier
can read 8 bytes from the stack after two 32bit write at
fp-4 and fp-8.  The test is similar to the reported case from bcc [0].

[0]: https://github.com/iovisor/bcc/pull/3683

Signed-off-by: Martin KaFai Lau <kafai@fb.com>
---
 .../testing/selftests/bpf/verifier/spill_fill.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

Comments

Yonghong Song Nov. 2, 2021, 3:59 p.m. UTC | #1 
On 11/1/21 11:45 PM, Martin KaFai Lau wrote:
> This patch adds a verifier test to ensure the verifier
> can read 8 bytes from the stack after two 32bit write at
> fp-4 and fp-8.  The test is similar to the reported case from bcc [0].
> 
> [0]: https://github.com/iovisor/bcc/pull/3683
> 
> Signed-off-by: Martin KaFai Lau <kafai@fb.com>

Acked-by: Yonghong Song <yhs@fb.com>
diff mbox series

Patch

diff --git a/tools/testing/selftests/bpf/verifier/spill_fill.c b/tools/testing/selftests/bpf/verifier/spill_fill.c
index c9991c3f3bd2..7ab3de108761 100644
--- a/tools/testing/selftests/bpf/verifier/spill_fill.c
+++ b/tools/testing/selftests/bpf/verifier/spill_fill.c
@@ -265,3 +265,20 @@ 
 	.result = ACCEPT,
 	.prog_type = BPF_PROG_TYPE_SCHED_CLS,
 },
+{
+	"Spill a u32 scalar at fp-4 and then at fp-8",
+	.insns = {
+	/* r4 = 4321 */
+	BPF_MOV32_IMM(BPF_REG_4, 4321),
+	/* *(u32 *)(r10 -4) = r4 */
+	BPF_STX_MEM(BPF_W, BPF_REG_10, BPF_REG_4, -4),
+	/* *(u32 *)(r10 -8) = r4 */
+	BPF_STX_MEM(BPF_W, BPF_REG_10, BPF_REG_4, -8),
+	/* r4 = *(u64 *)(r10 -8) */
+	BPF_LDX_MEM(BPF_DW, BPF_REG_4, BPF_REG_10, -8),
+	BPF_MOV64_IMM(BPF_REG_0, 0),
+	BPF_EXIT_INSN(),
+	},
+	.result = ACCEPT,
+	.prog_type = BPF_PROG_TYPE_SCHED_CLS,
+},