diff mbox series

[v5,4/5] selftests/bpf: Add test for unreleased key references

Message ID 20220621163757.760304-5-roberto.sassu@huawei.com (mailing list archive)
State Superseded
Delegated to: BPF
Headers show
Series bpf: Add bpf_verify_pkcs7_signature() helper | expand

Checks

Context Check Description
bpf/vmtest-bpf-next-VM_Test-1 success Logs for Kernel LATEST on ubuntu-latest with gcc
bpf/vmtest-bpf-next-VM_Test-2 success Logs for Kernel LATEST on ubuntu-latest with llvm-15
bpf/vmtest-bpf-next-PR fail PR summary
bpf/vmtest-bpf-next-VM_Test-3 fail Logs for Kernel LATEST on z15 with gcc
netdev/tree_selection success Guessing tree name failed - patch did not apply, async

Commit Message

Roberto Sassu June 21, 2022, 4:37 p.m. UTC
Ensure that the verifier detects the attempt of acquiring a reference of a
key through the helper bpf_lookup_user_key(), without releasing that
reference with bpf_key_put(), and refuses to load the program.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
 .../prog_tests/lookup_user_key_norelease.c    | 52 +++++++++++++++++++
 .../progs/test_lookup_user_key_norelease.c    | 24 +++++++++
 2 files changed, 76 insertions(+)
 create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c
 create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c

Comments

John Fastabend June 21, 2022, 10:35 p.m. UTC | #1
Roberto Sassu wrote:
> Ensure that the verifier detects the attempt of acquiring a reference of a
> key through the helper bpf_lookup_user_key(), without releasing that
> reference with bpf_key_put(), and refuses to load the program.
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> ---

Any reason not to add these to ./verifier/ref_tracking.c tests? Seems it
might be easier to follow there and test both good/bad cases.
Roberto Sassu June 22, 2022, 7:14 a.m. UTC | #2
> From: John Fastabend [mailto:john.fastabend@gmail.com]
> Sent: Wednesday, June 22, 2022 12:36 AM
> Roberto Sassu wrote:
> > Ensure that the verifier detects the attempt of acquiring a reference of a
> > key through the helper bpf_lookup_user_key(), without releasing that
> > reference with bpf_key_put(), and refuses to load the program.
> >
> > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > ---
> 
> Any reason not to add these to ./verifier/ref_tracking.c tests? Seems it
> might be easier to follow there and test both good/bad cases.

Oh, I didn't know about it. Will move the test.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Yang Xi, Li He
diff mbox series

Patch

diff --git a/tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c b/tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c
new file mode 100644
index 000000000000..6753c4f591e3
--- /dev/null
+++ b/tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c
@@ -0,0 +1,52 @@ 
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright (C) 2022 Huawei Technologies Duesseldorf GmbH
+ *
+ * Author: Roberto Sassu <roberto.sassu@huawei.com>
+ */
+
+#include <test_progs.h>
+
+#include "test_lookup_user_key_norelease.skel.h"
+
+#define LOG_BUF_SIZE 16384
+
+void test_lookup_user_key_norelease(void)
+{
+	char *buf = NULL, *result;
+	struct test_lookup_user_key_norelease *skel = NULL;
+	int ret;
+
+	LIBBPF_OPTS(bpf_object_open_opts, opts);
+
+	buf = malloc(LOG_BUF_SIZE);
+	if (!ASSERT_OK_PTR(buf, "malloc"))
+		goto close_prog;
+
+	opts.kernel_log_buf = buf;
+	opts.kernel_log_size = LOG_BUF_SIZE;
+	opts.kernel_log_level = 1;
+
+	skel = test_lookup_user_key_norelease__open_opts(&opts);
+	if (!ASSERT_OK_PTR(skel, "test_lookup_user_key_norelease__open_opts"))
+		goto close_prog;
+
+	ret = test_lookup_user_key_norelease__load(skel);
+	if (!ASSERT_LT(ret, 0, "test_lookup_user_key_norelease__load\n"))
+		goto close_prog;
+
+	if (strstr(buf, "unknown func bpf_lookup_user_key")) {
+		printf("%s:SKIP:bpf_lookup_user_key() helper not supported\n",
+		       __func__);
+		test__skip();
+		goto close_prog;
+	}
+
+	result = strstr(buf, "Unreleased reference");
+	ASSERT_OK_PTR(result, "Error message not found");
+
+close_prog:
+	free(buf);
+	test_lookup_user_key_norelease__destroy(skel);
+}
diff --git a/tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c b/tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c
new file mode 100644
index 000000000000..cfe474c77886
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c
@@ -0,0 +1,24 @@ 
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright (C) 2022 Huawei Technologies Duesseldorf GmbH
+ *
+ * Author: Roberto Sassu <roberto.sassu@huawei.com>
+ */
+
+#include <errno.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <linux/bpf.h>
+#include <linux/keyctl.h>
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+
+char _license[] SEC("license") = "GPL";
+
+SEC("lsm.s/bpf")
+int BPF_PROG(bpf, int cmd, union bpf_attr *attr, unsigned int size)
+{
+	bpf_lookup_user_key(KEY_SPEC_SESSION_KEYRING, 0);
+	return 0;
+}