From patchwork Thu Aug 29 10:44:48 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Juntong Deng <juntong.deng@outlook.com>
X-Patchwork-Id: 13783005
X-Patchwork-Delegate: bpf@iogearbox.net
Received: from EUR03-DBA-obe.outbound.protection.outlook.com
 (mail-dbaeur03olkn2040.outbound.protection.outlook.com [40.92.58.40])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 559E818C939;
	Thu, 29 Aug 2024 10:45:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.92.58.40
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1724928345; cv=fail;
 b=X2ZudPebi75/sx2JIYz41dhjgD5htoZ/H/h24F2TGFXeZ8coQ10ZGEoRH9UhKh+oeEnqLuh1kYxA0ehBToPCH+2xPo1N7IYOZwUyw1NB8MxLw4BH1aJ62+nl7DX7hLG8BjZXmYWwHv20J3uXIunDGVCaMwEZJ9rUg+NGU4l6rT0=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1724928345; c=relaxed/simple;
	bh=SsU5TiSazmIsIGTL502aPX8RKWwfURI4jhsLqsNlafs=;
	h=From:To:Cc:Subject:Date:Message-ID:Content-Type:MIME-Version;
 b=H46TXMAuHiki1svMUPHGBlH4z7i4wtlYe1KUXPT8SXJXyUI+LyCcY6ROnzs07PWHm7KkSyj1TjcGgSIGXBBfyV9IRF8Qij+6MjULnYOCqjo8D1aBwXqfPope7VWjwpwbr+dna0d2MoTjDNyvt/pIZtGpT6AHy4qEjpceoNMkTkE=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=outlook.com;
 spf=pass smtp.mailfrom=outlook.com;
 dkim=pass (2048-bit key) header.d=outlook.com header.i=@outlook.com
 header.b=Qtb05jqg; arc=fail smtp.client-ip=40.92.58.40
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=outlook.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=outlook.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=outlook.com header.i=@outlook.com
 header.b="Qtb05jqg"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=ZzfOdVYcH6vyyWRjL4h7D4by+IpfGN/PmaEndhRv9t1ex2IVBo+0lDbM1V304DYihLGp7o37H9Ag9PeDW7Ln1PkLVYo467Dgy/e1jETx+fDSnvjg8bK7jPd5x0hZPV/RJKtuXUBQBDpnJYtxh7Eu8A7Oz7CWfINmzEpQicOxjyhgUoK7ZHjR2akxC3ooHCAVaoIBywtGjSAllyIDYAtBK2C8rXEvTT/3jEfnBgJJW4FPiLB0IAzyaUO0r9EJJkohqDBwEz5e0bhU+ZJBsUEfwSPoym7aYTy4nxKi5zXDIHf79qOxT3QM7n94C2/O0Lx3oZww1PNyVr0Gnfr5H/dzsA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=XKtAnvN5Q8nw1TcGbnd42A7HAqg+l0BRyJgDP1K2ivs=;
 b=rWdw4sPmSRSqBAxALwuvFyf7SPGprIZL967nZvvfVc0Ho16MtvnEKiQ2iZFEp0JxVtk/O3BnACngvfjjbeOZeYLBopRdO13cs30sl2aI7qqM73+Sw4GkMLvQHm6GzGGg5qgMktOWLh1RHCsY8DvcDJGqZAk0iAa7hqVWNT7uweh/PIYLsur5qABha3sVL0A2zXo4bJGbG29/FWz8qnbpQwfORHiXnniStOg7m26kw1Wq13DERj4/UGrtfwTfcc+bhCyKiJ7U7jgB7lPvNIXxxCK07q+2B0rgdAOuRDSKsr26uE+cqKlJ2OyriXpdJlWne24j5ppIbKZyGDmOfF+wSA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
 dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=XKtAnvN5Q8nw1TcGbnd42A7HAqg+l0BRyJgDP1K2ivs=;
 b=Qtb05jqgQIbM1qyKs0DSg24uimhSgQbZV+/vtyEQAAlYas4XnWQ985ZTrTNIaCJzWR4rJM9FXFxCMXDjaxDzOML6IOjIHVEQGSlkf/8FaVFmhyI1ebchBcf77RZtrDLfHMISSFQXAIvKobMaujMnXI2XgVNnwdN0lNhoF/aYgNZ169kpO7qJ0hBx6m9RvVR6eFjGkEsPR021Qh/i8G3kLO/pCR3vqYQvrdl+veisCmyUV564AY6GEHAj5FsI9So9rJiHW9vLi+s14wbh35ZKpXDvo7x/VjX8rmu2+l20yGnh4fPXPaALa54S6USugGl5RCp4BK0M3TETGp5uZZ7/tQ==
Received: from AM6PR03MB5848.eurprd03.prod.outlook.com (2603:10a6:20b:e4::10)
 by DU0PR03MB9125.eurprd03.prod.outlook.com (2603:10a6:10:464::10) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7897.27; Thu, 29 Aug
 2024 10:45:40 +0000
Received: from AM6PR03MB5848.eurprd03.prod.outlook.com
 ([fe80::4b97:bbdb:e0ac:6f7]) by AM6PR03MB5848.eurprd03.prod.outlook.com
 ([fe80::4b97:bbdb:e0ac:6f7%4]) with mapi id 15.20.7897.021; Thu, 29 Aug 2024
 10:45:40 +0000
From: Juntong Deng <juntong.deng@outlook.com>
To: ast@kernel.org,
	daniel@iogearbox.net,
	john.fastabend@gmail.com,
	andrii@kernel.org,
	martin.lau@linux.dev,
	eddyz87@gmail.com,
	song@kernel.org,
	yonghong.song@linux.dev,
	kpsingh@kernel.org,
	sdf@fomichev.me,
	haoluo@google.com,
	jolsa@kernel.org,
	memxor@gmail.com,
	snorcht@gmail.com
Cc: bpf@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH bpf-next v3 1/2] bpf: Make the pointer returned by iter next
 method valid
Date: Thu, 29 Aug 2024 11:44:48 +0100
Message-ID: 
 <AM6PR03MB58482E9A154910D06A9E58B499962@AM6PR03MB5848.eurprd03.prod.outlook.com>
X-Mailer: git-send-email 2.39.2
X-TMN: [aSHynv4Qu2AjAaYQrRnDG2vKLmEasP5m]
X-ClientProxiedBy: LO2P265CA0494.GBRP265.PROD.OUTLOOK.COM
 (2603:10a6:600:13a::19) To AM6PR03MB5848.eurprd03.prod.outlook.com
 (2603:10a6:20b:e4::10)
X-Microsoft-Original-Message-ID: 
 <20240829104448.10473-1-juntong.deng@outlook.com>
Precedence: bulk
X-Mailing-List: bpf@vger.kernel.org
List-Id: <bpf.vger.kernel.org>
List-Subscribe: <mailto:bpf+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:bpf+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: AM6PR03MB5848:EE_|DU0PR03MB9125:EE_
X-MS-Office365-Filtering-Correlation-Id: ad212cb0-a006-4917-95a0-08dcc817b854
X-Microsoft-Antispam: 
	BCL:0;ARA:14566002|8060799006|19110799003|15080799006|5072599009|461199028|440099028|3412199025;
X-Microsoft-Antispam-Message-Info: 
	q7KEb6zTffpZXbrJkmL/IZG943dCEF154brD3SM/AB7JWzdtIwahEEREfwxWniB7SU0IZU3NTGZhQAFzI7e0GmSgQVROGxIWc9cJ8lgrGroAXg4MxEnrcMX23cyvWqk4RDhu1PLi731+Z/nFYCaQuSb+ZotGXXIsP6xem+hvJLHLli+jLpY07befeYGli3iENngU5zl9jfEmXMvr7ah91TKYuCoWmYIZ0iR4Q5iYsdwY1628IqWTFx1oiCkBCcFDeZUObfCDisAQarqsz4xPFKHszuAOtK0I1Phd4cWAYsmAY+ZCs/pjqtMAIKuY9FjxuS+Pi6UFa99BGkp5e3L8nhlH3XY3pMOijTsj2S/qgMxpl2X9hlzSCr+Z3YoIEMz6vqqiZRF3+VweVsnON2qtyhyIbh+7JfTOVPvZMtZAZ+CIDuAf7CbfikN/sf2oKK8dROKAZwyoC3uojd1I53PO5JGOAA0s0cPWneIa1ADtLBERxm30etBSWQRJifc6x4yqsXJfbjGBnNXBScbbR4JFz7+jxUX2/oLZiU2z4yz2L+R+itYNybk785MjyUHM33L0Pez9kZkTahAW1Xp27p1/sQATiBDVdXkfJY+Dzqz7iHNHQWVbnU/keMRHS3ZbowmiVJF9m63DUZV91mqmxFdJXj3FazNFPPQfHxINoRKIvXKsUpiMI4GFDyFh2RSW+OybpcuDcUGa68+mcGSaCiTWlw==
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 mn5LEr/iYeznO07AzrBYVYnZlBWhBd0WO6q6hSC6aBPdC9KjJogPlO5v+PQa5jNC9TMKI25znhtP0AklORq01k91baX17s8xmjk7KZiU9XSNmyZmGE5X667HrR5gvLaKLBmG3eTlGpUPkhtODua8U8V+EKvZp1ZU2rRB6J8sJdKkn05OieCQX4KbbRqguaGBDEf4MfprjvH3xX2ABvsvWkCdV1DpPQVLAKoleltL6xF4YqOK9AS51dwF2AQdLzPSu2p2r282mBNl1IJo5u3OSEgXJFRnujBNUYTXB3kHjBJNb8FPqE0JkecFmBFJZCS5lgscUcP0WYsrPETFfTG/G3Y/w10lFdNCgL/yXss9tKOp4xjcRJW2ZwP+WqKEVjcneLNq3gfSfB864OXahXGPfPWzGvcWdiTJNM6nJ6ctgzo+9Mc1GCjHB+nGNYxxf+cqUZG0jO7Pj1m8Vx3pk91cF93bAhhA/gRTWnOXRc27PsOb44v4c34JUhr0c7MeBZRqaEfbHV04D/q0Ho82O9dm0oT1yvW/DzkBwWMCTCPrrD9NlKbUfIePy76TRc2pcS7wrYQ6ukwe2efoL/o124PyvUZGwOeTYEmA06rm5tHa73Gm+63OVWX7CMSw/k318mnLc6/VsMF/hRFyem9YCASHQM00D6lAee5bv53w8F1OcT7pssNHyIhhPIecwr38sun5CdaaPoZeC6NB7BZMSjc5jDH19bzQUi2nWFikNCBqD1n7yMmIaz/X26IG4qDxq3AmBc1X0LaebKCILO64wciIqc9nPoaBawJ9TNzaxwJi8to4DY6LCMpycK56haJIk4tHfgOz1DU6Mke63oViyl7qcqE7mgcv7+VSnIpCBsb2NsCPOh7HuFEuAPlmJGZJHYVGcX43lB+Xu/XCZAS42vm1YU265rvKczWxjb5iRWHfKxN+8fPssA8g4gZ8Fmxkyj5bhcahyBTdJ03y6jg5zK70fEN0kvWozvH3e2ipfy99nuakvNmr5KDJCsze27CwjgEmz4uiczKd0WgQUkaNiFUJCNJ6ngIVXYQ+WzFg3V/HfzXFjgEkKJ+sRhlkfO6Imjrakizy2FORC+K/F5cDZAOnTfy8Hx+XESZVI5LufmFYtjaRM/ew4E6HrrfzA8wbV23cEG2L6LeX4K+O8bUi4HHFDUeBij3Ujl8l7MPqcdqsafii6zSQ0HZ4LUsRYKWY+mpyj+cpBnWk20jXk/1b4f4bTNmPFJe+Q+zYQC4GZmDRnj+w5/IEKrkDHBP7ttnsZ+wu
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ad212cb0-a006-4917-95a0-08dcc817b854
X-MS-Exchange-CrossTenant-AuthSource: AM6PR03MB5848.eurprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Aug 2024 10:45:40.3641
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 
	00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR03MB9125
X-Patchwork-Delegate: bpf@iogearbox.net

Currently we cannot pass the pointer returned by iter next method as
argument to KF_TRUSTED_ARGS or KF_RCU kfuncs, because the pointer
returned by iter next method is not "valid".

This patch sets the pointer returned by iter next method to be valid.

This is based on the fact that if the iterator is implemented correctly,
then the pointer returned from the iter next method should be valid.

This does not make NULL pointer valid. If the iter next method has
KF_RET_NULL flag, then the verifier will ask the ebpf program to
check NULL pointer.

KF_RCU_PROTECTED iterator is a special case, the pointer returned by
iter next method should only be valid within RCU critical section,
so it should be with MEM_RCU, not PTR_TRUSTED.

Another special case is bpf_iter_num_next, which returns a pointer with
base type PTR_TO_MEM. PTR_TO_MEM should not be combined with type flag
PTR_TRUSTED (PTR_TO_MEM already means the pointer is valid).

The pointer returned by iter next method of other types of iterators
is with PTR_TRUSTED.

In addition, this patch adds get_iter_from_state to help us get the
current iterator from the current state.

Signed-off-by: Juntong Deng <juntong.deng@outlook.com>
---
v2 -> v3: Move modifications to check_kfunc_call. Handle PTR_TO_MEM case
and add corresponding test case. Add get_iter_from_state.

v1 -> v2: Handle KF_RCU_PROTECTED case and add corresponding test cases

 kernel/bpf/verifier.c | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index f32e3b9bb4e5..bc146671742c 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -8148,6 +8148,15 @@ static int widen_imprecise_scalars(struct bpf_verifier_env *env,
 	return 0;
 }
 
+static struct bpf_reg_state *get_iter_from_state(struct bpf_verifier_state *cur_st,
+						 struct bpf_kfunc_call_arg_meta *meta)
+{
+	int iter_frameno = meta->iter.frameno;
+	int iter_spi = meta->iter.spi;
+
+	return &cur_st->frame[iter_frameno]->stack[iter_spi].spilled_ptr;
+}
+
 /* process_iter_next_call() is called when verifier gets to iterator's next
  * "method" (e.g., bpf_iter_num_next() for numbers iterator) call. We'll refer
  * to it as just "iter_next()" in comments below.
@@ -8232,12 +8241,10 @@ static int process_iter_next_call(struct bpf_verifier_env *env, int insn_idx,
 	struct bpf_verifier_state *cur_st = env->cur_state, *queued_st, *prev_st;
 	struct bpf_func_state *cur_fr = cur_st->frame[cur_st->curframe], *queued_fr;
 	struct bpf_reg_state *cur_iter, *queued_iter;
-	int iter_frameno = meta->iter.frameno;
-	int iter_spi = meta->iter.spi;
 
 	BTF_TYPE_EMIT(struct bpf_iter);
 
-	cur_iter = &env->cur_state->frame[iter_frameno]->stack[iter_spi].spilled_ptr;
+	cur_iter = get_iter_from_state(cur_st, meta);
 
 	if (cur_iter->iter.state != BPF_ITER_STATE_ACTIVE &&
 	    cur_iter->iter.state != BPF_ITER_STATE_DRAINED) {
@@ -8265,7 +8272,7 @@ static int process_iter_next_call(struct bpf_verifier_env *env, int insn_idx,
 		if (!queued_st)
 			return -ENOMEM;
 
-		queued_iter = &queued_st->frame[iter_frameno]->stack[iter_spi].spilled_ptr;
+		queued_iter = get_iter_from_state(queued_st, meta);
 		queued_iter->iter.state = BPF_ITER_STATE_ACTIVE;
 		queued_iter->iter.depth++;
 		if (prev_st)
@@ -12860,6 +12867,16 @@ static int check_kfunc_call(struct bpf_verifier_env *env, struct bpf_insn *insn,
 			/* For mark_ptr_or_null_reg, see 93c230e3f5bd6 */
 			regs[BPF_REG_0].id = ++env->id_gen;
 		}
+
+		if (is_iter_next_kfunc(&meta) && base_type(regs[BPF_REG_0].type) != PTR_TO_MEM) {
+			struct bpf_reg_state *cur_iter = get_iter_from_state(env->cur_state, &meta);
+
+			if (cur_iter->type & MEM_RCU) /* KF_RCU_PROTECTED */
+				regs[BPF_REG_0].type |= MEM_RCU;
+			else
+				regs[BPF_REG_0].type |= PTR_TRUSTED;
+		}
+
 		mark_btf_func_reg_size(env, BPF_REG_0, sizeof(void *));
 		if (is_kfunc_acquire(&meta)) {
 			int id = acquire_reference_state(env, insn_idx);

From patchwork Thu Aug 29 10:46:55 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Juntong Deng <juntong.deng@outlook.com>
X-Patchwork-Id: 13783010
X-Patchwork-Delegate: bpf@iogearbox.net
Received: from EUR02-AM0-obe.outbound.protection.outlook.com
 (mail-am0eur02olkn2096.outbound.protection.outlook.com [40.92.49.96])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6CDF115AD9E;
	Thu, 29 Aug 2024 10:47:45 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.92.49.96
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1724928467; cv=fail;
 b=sE9fGT5jP4lwxv28EBJIKwnVscGfF1fdM6EtOK26FEoCyd9FuzVB1fYiaOYxj+ype5kOHalYeEW3woiHzSUw3friOWTTRNJMD+0HkuFbx7Qw8Vdy2EjLSmaZC7Myautr0yZsE1+6TkWbykqp4wxeGvjG0HGng53vKkxdEVS2Lok=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1724928467; c=relaxed/simple;
	bh=A5V5/XbGEc5SroLnclBlFbsD0EJltvVJew9pg2zeQgc=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 Content-Type:MIME-Version;
 b=B1Lf/sFHGu8IFhP6xKAh+3swZkzQXGCsehWZuA99v4ttLnVhTS2esrDEKi7uupeQ4jaaeTrTaAPGSWPn5BNEfkXEPXg8ul/+G1i2rSSC3n4ipoJCWxc7eTTthZ5aKJAHnRuPqh7o0Y63QcNeIBfb2t7FrphRlEH0W5Mj5ezhLTM=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=outlook.com;
 spf=pass smtp.mailfrom=outlook.com;
 dkim=pass (2048-bit key) header.d=outlook.com header.i=@outlook.com
 header.b=pfOkudcI; arc=fail smtp.client-ip=40.92.49.96
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=outlook.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=outlook.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=outlook.com header.i=@outlook.com
 header.b="pfOkudcI"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=nfK3dp9+pZ+OdlNI1x77S9Zr0dtM5nS08h1r5y3BIPkdRJOG9wVR+o7tKn3TbAfjG4VOY4IoqUAxgnoyeWwySGe+9dwWhRzqySFlXoz4c3yg8oayLako29GUP+KEAqjmAYBYK6+Z4QaHig1sXbcnHhH4bLhE1MEsUHcgI3erJFZLN4k1l06QuKYUm6hGZHXjxa03SjpUkl0aZfYkOd+yLWQRDsdPbZCrCG7gYpCYhTq6xMTKX3D4anU89nNkYS3eXOQo1rm0GqD7FJfY3eLcFVml+0Mt2pKK1STv7CeQr1VM3ZJMxROaU1gOEgSmYDOnTu1d0O71Ovx28eKb/U0h0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=50/Qrmy96M9zZnlXy21WkpIVBslH/oeNbAqqpwnyWxE=;
 b=jbG9hoU9TYfFSW2wSb5xkMCFyDB9TiCyeyzs3q0Oq88OeMyi1dnquRlcaGiytMGau7zFmkBpbpvzDAQu9ef0+A49pjAf/hy9iq0JL1ImzvTiu5t1+8Qn798ozjHt2pFhQSe8ccZYvjIrIAxOn5iAc1M2nmg8LLhQEf0OsLWPWWhLnaKVvaVjeNPi7bT/sVJYc1Xx3QvoEqwaMz62uCxU7KZHaKm7iI4CnTVj670IKP6hi6tDHKcqHlHqB/Cno67sPooGWB6SYZLuteQrrL1pkTgKlJDGaX+z/uvKXPU4OP1YkJ4dwaMwQS3EylzNZVsDl92jEVvqfSaooWuf9raXOw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
 dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=50/Qrmy96M9zZnlXy21WkpIVBslH/oeNbAqqpwnyWxE=;
 b=pfOkudcIbNhbx1F/JvYeftzLsTexM5Lyxuu9RCJwNSqqpG8Gjq/VYso7abxahKZFsmmQnwHUOv3qUv0etiLc5orOO9IDljVDCgkLnjQamNq99x8oWGoEfzD6IwnyVmsNY+9x1/xJtjK13+7giWXLoeqh4JaMWkWzeK/9MZB4yXRhovzqgqPayU/G01/MKWILQGF9Chd6qkGzJfeOh08AmCHLJig9LVClW3iRo+jrUE3qA8F46QIt8tZDlZx+9kX+r4kE0ViWpr/42HMA1N7TMR7OyXW6TeV19Gv4QgDkdGJ3YBcwftnk8iYcpjbty8M5Hur951DCrQMspkq3YGGFUA==
Received: from AM6PR03MB5848.eurprd03.prod.outlook.com (2603:10a6:20b:e4::10)
 by DU0PR03MB9125.eurprd03.prod.outlook.com (2603:10a6:10:464::10) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7897.27; Thu, 29 Aug
 2024 10:47:42 +0000
Received: from AM6PR03MB5848.eurprd03.prod.outlook.com
 ([fe80::4b97:bbdb:e0ac:6f7]) by AM6PR03MB5848.eurprd03.prod.outlook.com
 ([fe80::4b97:bbdb:e0ac:6f7%4]) with mapi id 15.20.7897.021; Thu, 29 Aug 2024
 10:47:42 +0000
From: Juntong Deng <juntong.deng@outlook.com>
To: ast@kernel.org,
	daniel@iogearbox.net,
	john.fastabend@gmail.com,
	andrii@kernel.org,
	martin.lau@linux.dev,
	eddyz87@gmail.com,
	song@kernel.org,
	yonghong.song@linux.dev,
	kpsingh@kernel.org,
	sdf@fomichev.me,
	haoluo@google.com,
	jolsa@kernel.org,
	memxor@gmail.com,
	snorcht@gmail.com
Cc: bpf@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH bpf-next v3 2/2] selftests/bpf: Add tests for iter next method
 returning valid pointer
Date: Thu, 29 Aug 2024 11:46:55 +0100
Message-ID: 
 <AM6PR03MB5848706D6E610747C4BB6F9999962@AM6PR03MB5848.eurprd03.prod.outlook.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: 
 <AM6PR03MB58482E9A154910D06A9E58B499962@AM6PR03MB5848.eurprd03.prod.outlook.com>
References: 
 <AM6PR03MB58482E9A154910D06A9E58B499962@AM6PR03MB5848.eurprd03.prod.outlook.com>
X-TMN: [ycbscVG2HeRMY2yf47tHAQCVd5riZ8Wl]
X-ClientProxiedBy: LO2P123CA0097.GBRP123.PROD.OUTLOOK.COM
 (2603:10a6:600:139::12) To AM6PR03MB5848.eurprd03.prod.outlook.com
 (2603:10a6:20b:e4::10)
X-Microsoft-Original-Message-ID: 
 <20240829104655.10791-1-juntong.deng@outlook.com>
Precedence: bulk
X-Mailing-List: bpf@vger.kernel.org
List-Id: <bpf.vger.kernel.org>
List-Subscribe: <mailto:bpf+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:bpf+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: AM6PR03MB5848:EE_|DU0PR03MB9125:EE_
X-MS-Office365-Filtering-Correlation-Id: 86f67f2b-edb1-4ace-3abc-08dcc818021a
X-Microsoft-Antispam: 
	BCL:0;ARA:14566002|8060799006|19110799003|15080799006|5072599009|461199028|440099028|3412199025;
X-Microsoft-Antispam-Message-Info: 
	BweUasXYzkyNqMBRKUKGNpjo6JxBqYDk38XJaQeu3zVETgGe09+NpjYX5nslVjlhNdzoeSuBgNe5qfLfzwhA9CMl3K0k+G/2glH+Vq0ZjVXtEjc+GE4hLH+bqU/FPm38nq+3ZYz/SYoV6lVgnisOWkheXujOQpBRfb6wjXekUj6jIp1rF5u6Sod2bgpUh2sF2Xnhh5yrJ2SaeZcx8QCz1nwRwTwM2At+Hpu5S9XOtPLkshqAKYr6AmWkem5j6i/MQU7+XAUL6von2PRuQPwhN3h8PS+ZPlF0OvCqCxLAhOa0GQsz0/h3VxVvjx/RwnhCnD1i/Ie3oaSxcD2UHHyBFXTXIN0qEDXayiuYzy83ifgxvLePjeOmNeMANvR2HovkG/AFcxjA5LbKCh0zEjciCMVA9GY4CoDdUtmrmUBNUa1ytJOhTF5OkSSZDgmxqp0fvNt24sQ1HuUoJ1C1SHuZ+u2Vv8i73/J/ty8sa56Df3WfQdosCXe7C8r+qsxFNrLQlPvMs/hwcKUP271BYuTX/ivzCf98Quxm2a9TyGMXNHTNZncztzFijF16xp+Y/EEe0Vsob79jo26LzseiM6OOL3BHMT7BJGfSslox7yC03Ahgs6bZXX5u6fEpeFffmsod1IAhrQiZq/7yVUZKJxG+JxMJ8wqNhVY4KksCF+o+09+uA1i2++pYXS56iCjeSec84C3ZTEP6yfnYPayn7llOig==
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 dk+h7mnZaGXop2fVvIAxuXsamRsIJXFXZRU0Z+kkZcJFndsyU9JkOybT8UhAzJILXGebBfZ2bNN+ZdsK+i/6OA/uBf4V0qCCl43rBu15T0V2+exeGaEJN01I7LEu1IzoYDzHXa80MSP3TmITEzXAUQSJkWVY0qLAtLfEYn2DyNACfT5DnX4Zaz3tg+0BVwona0o/c2aW51l+CmX031yT+8YIQ9YvFvvwiNPyYvuBLD6tQZpsAmDUlfPMO6MyNgr9y5NOEIjefWSzn+e8ZBDBcRA0B1JoJwwUmf9LyB95DJqjq72crWAuBs0CuKo7nEslzofDvE1NUwh7KLTR2on+TGJiPCCTf6stWwqoLl9WPOPjs+CAR5vhZTEP95sU+vqK/a2sgec/tgIfSToRt0LMO4FubqcE45W2qfsC191ydQLjamoyIF8eoCJLThAESijtfwUMr42JbzkAQBfoKaeXcfrHu3OkQ9fWET5m6PbB4pE2RsmKVrKtME8e707HST+dOdxaWN9vKOAKLoiJH1EMdhKvdZ/DmhwEEhsATcI31af7ug1BO/21wN1JGYJ6iacawRn8q1sGC6bqKSf/VXpn3LCJjLkHwQXcD+l6K7eQuNHYfK289MrJm4ivzSCxIMYM0IrrLAirCCqCo6mTZnHaG/iF0pFPXS9Gwk/eJg8tC0jUJaKEjBp7MGCVghRagbqyvz1Aam6z82YT+6Ik+JiY4fk90jdIWBy2FKXec/gWFAcxV70hiH+ZXGuneYmh/PhzofHgQRTRbwMpNRs57jcVBvsPyOQcWWrsIZ+jy8Ndjfv/m10iGpfGCpJnDJ3LbAqdF8YDI2Fk3ifDVLVYhmGFl0a69RApurwMsqsI+eE62b8Zwh+AA6e0t3sUb1wlzpJu2Ed99YhzlEHYD+y+7neJcCR/v9OGv6HQ2lV+IwCdHc7SSxsig1ur3rKP+UYtCaxkI4Ov+lcpPFHthgKqBcm/nhirxkcPrxDHyaH/ExS4rDQH8G2rECft3qH6ejPIDIvOjLGPfxnWJDK8q39tzxIT2N276kAjQw+blQ4BfoWBwoZDuv9KlteKYMuxKN+4Ec97M2j7fZnVchVvRQrH2vh6efGQyCfG2dy5Gv6A5SAziBbg2mkcYb3JfOxmU8YAQDXDMR8C6WenXoaVZK5nqNGO2DeWNS4HcNOfXpRn4T9nwEq5fkRQKUgSvgzrhUlq+wIH3REdsR0rwQevWvuu+WlsdAOidtyHUveRQxcTl2wiIfD/0aOqm5gIJWOLEtOZZ6HP
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 86f67f2b-edb1-4ace-3abc-08dcc818021a
X-MS-Exchange-CrossTenant-AuthSource: AM6PR03MB5848.eurprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Aug 2024 10:47:42.3893
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 
	00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR03MB9125
X-Patchwork-Delegate: bpf@iogearbox.net

This patch adds test cases for iter next method returning valid
pointer, which can also used as usage examples.

Currently iter next method should return valid pointer.

iter_next_trusted is the correct usage and test if iter next method
return valid pointer. bpf_iter_task_vma_next has KF_RET_NULL flag,
so the returned pointer may be NULL. We need to check if the pointer
is NULL before using it.

iter_next_trusted_or_null is the incorrect usage. There is no checking
before using the pointer, so it will be rejected by the verifier.

iter_next_rcu and iter_next_rcu_or_null are similar test cases for
KF_RCU_PROTECTED iterators.

iter_next_rcu_not_trusted is used to test that the pointer returned by
iter next method of KF_RCU_PROTECTED iterator cannot be passed in
KF_TRUSTED_ARGS kfuncs.

iter_next_ptr_mem_not_trusted is used to test that base type
PTR_TO_MEM should not be combined with type flag PTR_TRUSTED.

Signed-off-by: Juntong Deng <juntong.deng@outlook.com>
---
 .../selftests/bpf/bpf_testmod/bpf_testmod.c   |  20 +++
 .../bpf/bpf_testmod/bpf_testmod_kfunc.h       |   5 +
 .../testing/selftests/bpf/prog_tests/iters.c  |   5 +-
 .../selftests/bpf/progs/iters_testmod.c       | 125 ++++++++++++++++++
 4 files changed, 154 insertions(+), 1 deletion(-)
 create mode 100644 tools/testing/selftests/bpf/progs/iters_testmod.c

diff --git a/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod.c b/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod.c
index 8a71a91b752d..9cbcf1b06d6f 100644
--- a/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod.c
+++ b/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod.c
@@ -197,6 +197,22 @@ __bpf_kfunc void bpf_kfunc_nested_release_test(struct sk_buff *ptr)
 {
 }
 
+__bpf_kfunc void bpf_kfunc_trusted_vma_test(struct vm_area_struct *ptr)
+{
+}
+
+__bpf_kfunc void bpf_kfunc_trusted_task_test(struct task_struct *ptr)
+{
+}
+
+__bpf_kfunc void bpf_kfunc_trusted_num_test(int *ptr)
+{
+}
+
+__bpf_kfunc void bpf_kfunc_rcu_task_test(struct task_struct *ptr)
+{
+}
+
 __bpf_kfunc struct bpf_testmod_ctx *
 bpf_testmod_ctx_create(int *err)
 {
@@ -558,6 +574,10 @@ BTF_ID_FLAGS(func, bpf_kfunc_dynptr_test)
 BTF_ID_FLAGS(func, bpf_kfunc_nested_acquire_nonzero_offset_test, KF_ACQUIRE)
 BTF_ID_FLAGS(func, bpf_kfunc_nested_acquire_zero_offset_test, KF_ACQUIRE)
 BTF_ID_FLAGS(func, bpf_kfunc_nested_release_test, KF_RELEASE)
+BTF_ID_FLAGS(func, bpf_kfunc_trusted_vma_test, KF_TRUSTED_ARGS)
+BTF_ID_FLAGS(func, bpf_kfunc_trusted_task_test, KF_TRUSTED_ARGS)
+BTF_ID_FLAGS(func, bpf_kfunc_trusted_num_test, KF_TRUSTED_ARGS)
+BTF_ID_FLAGS(func, bpf_kfunc_rcu_task_test, KF_RCU)
 BTF_ID_FLAGS(func, bpf_testmod_ctx_create, KF_ACQUIRE | KF_RET_NULL)
 BTF_ID_FLAGS(func, bpf_testmod_ctx_release, KF_RELEASE)
 BTF_KFUNCS_END(bpf_testmod_common_kfunc_ids)
diff --git a/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod_kfunc.h b/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod_kfunc.h
index c6c314965bb1..8f58a6f94bef 100644
--- a/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod_kfunc.h
+++ b/tools/testing/selftests/bpf/bpf_testmod/bpf_testmod_kfunc.h
@@ -148,4 +148,9 @@ struct sk_buff *bpf_kfunc_nested_acquire_nonzero_offset_test(struct sk_buff_head
 struct sk_buff *bpf_kfunc_nested_acquire_zero_offset_test(struct sock_common *ptr) __ksym;
 void bpf_kfunc_nested_release_test(struct sk_buff *ptr) __ksym;
 
+void bpf_kfunc_trusted_vma_test(struct vm_area_struct *ptr) __ksym;
+void bpf_kfunc_trusted_task_test(struct task_struct *ptr) __ksym;
+void bpf_kfunc_trusted_num_test(int *ptr) __ksym;
+void bpf_kfunc_rcu_task_test(struct task_struct *ptr) __ksym;
+
 #endif /* _BPF_TESTMOD_KFUNC_H */
diff --git a/tools/testing/selftests/bpf/prog_tests/iters.c b/tools/testing/selftests/bpf/prog_tests/iters.c
index 3c440370c1f0..89ff23c4a8bc 100644
--- a/tools/testing/selftests/bpf/prog_tests/iters.c
+++ b/tools/testing/selftests/bpf/prog_tests/iters.c
@@ -14,6 +14,7 @@
 #include "iters_state_safety.skel.h"
 #include "iters_looping.skel.h"
 #include "iters_num.skel.h"
+#include "iters_testmod.skel.h"
 #include "iters_testmod_seq.skel.h"
 #include "iters_task_vma.skel.h"
 #include "iters_task.skel.h"
@@ -297,8 +298,10 @@ void test_iters(void)
 	RUN_TESTS(iters);
 	RUN_TESTS(iters_css_task);
 
-	if (env.has_testmod)
+	if (env.has_testmod) {
+		RUN_TESTS(iters_testmod);
 		RUN_TESTS(iters_testmod_seq);
+	}
 
 	if (test__start_subtest("num"))
 		subtest_num_iters();
diff --git a/tools/testing/selftests/bpf/progs/iters_testmod.c b/tools/testing/selftests/bpf/progs/iters_testmod.c
new file mode 100644
index 000000000000..df1d3db60b1b
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/iters_testmod.c
@@ -0,0 +1,125 @@
+// SPDX-License-Identifier: GPL-2.0
+
+#include "vmlinux.h"
+#include "bpf_experimental.h"
+#include <bpf/bpf_helpers.h>
+#include "bpf_misc.h"
+#include "../bpf_testmod/bpf_testmod_kfunc.h"
+
+char _license[] SEC("license") = "GPL";
+
+SEC("raw_tp/sys_enter")
+__success
+int iter_next_trusted(const void *ctx)
+{
+	struct task_struct *cur_task = bpf_get_current_task_btf();
+	struct bpf_iter_task_vma vma_it;
+	struct vm_area_struct *vma_ptr;
+
+	bpf_iter_task_vma_new(&vma_it, cur_task, 0);
+
+	vma_ptr = bpf_iter_task_vma_next(&vma_it);
+	if (vma_ptr == NULL)
+		goto out;
+
+	bpf_kfunc_trusted_vma_test(vma_ptr);
+out:
+	bpf_iter_task_vma_destroy(&vma_it);
+	return 0;
+}
+
+SEC("raw_tp/sys_enter")
+__failure __msg("Possibly NULL pointer passed to trusted arg0")
+int iter_next_trusted_or_null(const void *ctx)
+{
+	struct task_struct *cur_task = bpf_get_current_task_btf();
+	struct bpf_iter_task_vma vma_it;
+	struct vm_area_struct *vma_ptr;
+
+	bpf_iter_task_vma_new(&vma_it, cur_task, 0);
+
+	vma_ptr = bpf_iter_task_vma_next(&vma_it);
+
+	bpf_kfunc_trusted_vma_test(vma_ptr);
+
+	bpf_iter_task_vma_destroy(&vma_it);
+	return 0;
+}
+
+SEC("raw_tp/sys_enter")
+__success
+int iter_next_rcu(const void *ctx)
+{
+	struct task_struct *cur_task = bpf_get_current_task_btf();
+	struct bpf_iter_task task_it;
+	struct task_struct *task_ptr;
+
+	bpf_iter_task_new(&task_it, cur_task, 0);
+
+	task_ptr = bpf_iter_task_next(&task_it);
+	if (task_ptr == NULL)
+		goto out;
+
+	bpf_kfunc_rcu_task_test(task_ptr);
+out:
+	bpf_iter_task_destroy(&task_it);
+	return 0;
+}
+
+SEC("raw_tp/sys_enter")
+__failure __msg("Possibly NULL pointer passed to trusted arg0")
+int iter_next_rcu_or_null(const void *ctx)
+{
+	struct task_struct *cur_task = bpf_get_current_task_btf();
+	struct bpf_iter_task task_it;
+	struct task_struct *task_ptr;
+
+	bpf_iter_task_new(&task_it, cur_task, 0);
+
+	task_ptr = bpf_iter_task_next(&task_it);
+
+	bpf_kfunc_rcu_task_test(task_ptr);
+
+	bpf_iter_task_destroy(&task_it);
+	return 0;
+}
+
+SEC("raw_tp/sys_enter")
+__failure __msg("R1 must be referenced or trusted")
+int iter_next_rcu_not_trusted(const void *ctx)
+{
+	struct task_struct *cur_task = bpf_get_current_task_btf();
+	struct bpf_iter_task task_it;
+	struct task_struct *task_ptr;
+
+	bpf_iter_task_new(&task_it, cur_task, 0);
+
+	task_ptr = bpf_iter_task_next(&task_it);
+	if (task_ptr == NULL)
+		goto out;
+
+	bpf_kfunc_trusted_task_test(task_ptr);
+out:
+	bpf_iter_task_destroy(&task_it);
+	return 0;
+}
+
+SEC("raw_tp/sys_enter")
+__failure __msg("R1 cannot write into rdonly_mem")
+/* Message should not be 'R1 cannot write into rdonly_trusted_mem' */
+int iter_next_ptr_mem_not_trusted(const void *ctx)
+{
+	struct bpf_iter_num num_it;
+	int *num_ptr;
+
+	bpf_iter_num_new(&num_it, 0, 10);
+
+	num_ptr = bpf_iter_num_next(&num_it);
+	if (num_ptr == NULL)
+		goto out;
+
+	bpf_kfunc_trusted_num_test(num_ptr);
+out:
+	bpf_iter_num_destroy(&num_it);
+	return 0;
+}