From patchwork Wed Nov 27 18:51:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kumar Kartikeya Dwivedi X-Patchwork-Id: 13887300 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wr1-f67.google.com (mail-wr1-f67.google.com [209.85.221.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A0CDE20309 for ; Wed, 27 Nov 2024 18:51:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.67 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733502; cv=none; b=Y/EsA7iLMeJL2+Cq27O3CNpJKUEsVVm93Woj3UD5KAaCPjaqwRLTwiCp5dZOkrNIUK7D0Kuk9SOfjSlNdxBQjDcfDmuO+703LOlj8CBYBE+bd0AgBrwKr7vgh6wjLbcBVmWQhP1FLH8rgzypnDKUGgu/XHsQggLWPwRqkKkTLFw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733502; c=relaxed/simple; bh=h0LqxQ42MMPent3wsGT2YYH2dwg3a/IXfXT3SKw5gT0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=j0jVcbvAyQlu41hfqQ70gbf0kj8NvK30dvn7EhJLb7jOe5XQ/agdFhVU4k8lzfynCuZ2JwNqkpUW6osWreAt4XJjmczGNI6MbZhMVzQW30PrZMeda4ZssHl0oJ7MP3Viy9k85U7KJpm1w4u94g1LD/812HiEkbmjnmTkyuGUw74= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=WIqWiWTJ; arc=none smtp.client-ip=209.85.221.67 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="WIqWiWTJ" Received: by mail-wr1-f67.google.com with SMTP id ffacd0b85a97d-3823e45339bso52953f8f.0 for ; Wed, 27 Nov 2024 10:51:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732733499; x=1733338299; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=xzSfLUWRBNvo0A0RH4lHABmogu7i2Nws7BjZvmN/WVs=; b=WIqWiWTJc8Y8PlSpL80uHZxnqkDt+Rd1wzZps1HD6uxLd0yCCNh65lIN3+iPajYhY4 XorjSJ2GKMe0XLCslgUZifu8P/MHdgfC4tmKMCo6AHWmGF7vQqfxPJlZoSG/Z3Xh6FEN DPHwQSbf+EpvOXVNp1DgmjX5m/0PeH3e8BiN2OudWFWkFGBSf6e/6Eg9+zB50migLgsX 2s9Vlz+CvC7PIgKei0Atowt3q3gMmQ8oaYE8U7XIf2Z8wWbBw+cgqwaurvwWN0pvE/yv 5OVWqDkUP3/FPn/g9FtP/d0Ct4UYnXbue/lA4nZw0JthP9IuE51eOvFlPUnJUB3hIkgk lN9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732733499; x=1733338299; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xzSfLUWRBNvo0A0RH4lHABmogu7i2Nws7BjZvmN/WVs=; b=bYk9fcINCUPtauob6bw24fQ1yQaFaC++WyQWZiURuHqgviMpKy4s4oXHXylkpk4IY6 MhyUAMqjR6SP4qZ02g+VrZiEDC2dnwCDbC6LiNhLRi8r2VJlQCGpO2PaX/rDnQirLlZa M4HLsZL2eKkFyLCed/YiZ9/F307G5mri4YNcnHcxb87w72jSU0lHAFsH+wMO0RRox7lz UtW+Yrmo2cuwkkTcmdNJnNuCJ6zPBO0EXzrmz0MrIncFxplcFtOpAcPuTteXITNUQl+j a6BTinfWUCfUjRQq5Hhv9keNGcdGVf8rz4QFdYlIMTvYrrweCPsz2QEZXpY4fd86GfyC 18NQ== X-Gm-Message-State: AOJu0YxRk5FCxvgMNODA4VA2VZH/zLlgOgvnH2X7Zd8uC06PJfqS67VM 2A8lKiXODpbjLKF+3irXMqaUOqyHxQxWuWZKuNRvFFAJqexFbctfr2cSXrJsTeA= X-Gm-Gg: ASbGncspCoX+WhrXuIoOUsUYZzXTPjrFU2EClGXnvhjeljAXoa49vvBRTYCXy2xEfyX Ygl+iBvZLNiuF6yJYWj7HL39ZiXaW/KhKkytv/xDM8QT6VQlnHaFFCnPWc9jsHkqsAIqqk7yVR1 /6Jc8pD7K5T3r5DWnJpRpYyQrnYyAE7PSiOM9KidAPemZ7216ylYq0c4ZSd0R/8DBh8GoZSID17 21wcpnrbiyCCLhQtIwxcCB/rdVFDlWffEuDAJccfpN2515JeQbFNTIjO9DIVzOAm8yxNKXg1Dsy X-Google-Smtp-Source: AGHT+IE3q3GkTlK5NjGckLWwlUskkDfySbJYz8W6jHAIgWLPNOlE06cTu0lCZf+ABGKnb/E67CAs1A== X-Received: by 2002:a5d:5888:0:b0:382:4378:4652 with SMTP id ffacd0b85a97d-385c6edd47bmr3165333f8f.45.1732733498523; Wed, 27 Nov 2024 10:51:38 -0800 (PST) Received: from localhost (fwdproxy-cln-006.fbsv.net. [2a03:2880:31ff:6::face:b00c]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3825fad5f59sm16858250f8f.10.2024.11.27.10.51.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Nov 2024 10:51:37 -0800 (PST) From: Kumar Kartikeya Dwivedi To: bpf@vger.kernel.org Cc: Tao Lyu , Alexei Starovoitov , Andrii Nakryiko , Daniel Borkmann , Martin KaFai Lau , Eduard Zingerman , Mathias Payer , Meng Xu , Sanidhya Kashyap Subject: [PATCH bpf-next v1 1/4] bpf: Don't relax STACK_INVALID to STACK_MISC when not allow_ptr_leaks Date: Wed, 27 Nov 2024 10:51:32 -0800 Message-ID: <20241127185135.2753982-2-memxor@gmail.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20241127185135.2753982-1-memxor@gmail.com> References: <20241127185135.2753982-1-memxor@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5054; h=from:subject; bh=h0LqxQ42MMPent3wsGT2YYH2dwg3a/IXfXT3SKw5gT0=; b=owEBbQKS/ZANAwAIAUzgyIZIvxHKAcsmYgBnR2oxyJfFnazCRwF4JiIVisRfB6Wd8z4HFB/tOrX5 XLQm6WyJAjMEAAEIAB0WIQRLvip+Buz51YI8YRFM4MiGSL8RygUCZ0dqMQAKCRBM4MiGSL8Ryvt0D/ 9HDcOX9Rdnjsa11Adus6V37AKuJql1hrAoYRCNMEfkMULzZNCKxuObcnXKfHAdnvi5JPslEebTI/Jl T5fg7LGjBzriGwJuauYgzxdE6/+GprOw0JRHC2g3cJOWRAzas87y6UBoqv3YtkgBGlU7iThol/aTi4 T+AwtusSm//6aSgFsZTafYY37CjfiEikNO8BFfUQYUmoBppq6H5XC3YLfIQ8QyDdt6Z1Teg3hj2MW/ BWhFY7Itov6+r6+ZxBRgUKBYAGtwlm73Ycd0hZ4YCNgj+Aipae3wVnAgyl++C2EsYGhSX/gREIdvow vwvx/eO/eww0SDX3l9GCItDOZdWh4hRR4tUwefv8ECw+NIuZKAEvMNbH228sLzHnPGlmdKplF1fqXt w6XzSqVi7Z0LrGIyGkp0OEhvBORjimeJDL11UoJAJ4kkUw/ESZGiOuPV3lfelXA3TgaGU2e3BRUJ2c WhGzfgtL0ntnalmZqR+dRcopRIAfSGOzaurNsTjF7P948nu5UtxqBSxedQ41JA8Z3Q8SPosIUpDl3o ZIOJqk9Oxs+u09nJ13VGlw238uLpV5QK6LJcIYkTyxAXw+XOXPE3h6Gevfkkp5dmI0ZQBQuuBjsRy7 6dlsgy/a7cTyepqcKoWzvdWUdZ4NQaDyUoApceN+etlI5c71UuF7AyUobTIQ== X-Developer-Key: i=memxor@gmail.com; a=openpgp; fpr=4BBE2A7E06ECF9D5823C61114CE0C88648BF11CA X-Patchwork-Delegate: bpf@iogearbox.net Inside mark_stack_slot_misc, we should not upgrade STACK_INVALID to STACK_MISC when allow_ptr_leaks is false, since invalid contents shouldn't be read unless the program has the relevant capabilities. The relaxation only makes sense when env->allow_ptr_leaks is true. Currently, the condition is inverted (i.e. checking for true instead of false), simply invert it to restore correct behavior. Update error strings of selftests relying on current behavior's verifier output. Fixes: eaf18febd6eb ("bpf: preserve STACK_ZERO slots on partial reg spills") Reported-by: Tao Lyu Signed-off-by: Kumar Kartikeya Dwivedi --- kernel/bpf/verifier.c | 2 +- .../selftests/bpf/progs/verifier_spill_fill.c | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 1c4ebb326785..f9791a001e25 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -1209,7 +1209,7 @@ static void mark_stack_slot_misc(struct bpf_verifier_env *env, u8 *stype) { if (*stype == STACK_ZERO) return; - if (env->allow_ptr_leaks && *stype == STACK_INVALID) + if (!env->allow_ptr_leaks && *stype == STACK_INVALID) return; *stype = STACK_MISC; } diff --git a/tools/testing/selftests/bpf/progs/verifier_spill_fill.c b/tools/testing/selftests/bpf/progs/verifier_spill_fill.c index 671d9f415dbf..f52f10dbc91d 100644 --- a/tools/testing/selftests/bpf/progs/verifier_spill_fill.c +++ b/tools/testing/selftests/bpf/progs/verifier_spill_fill.c @@ -464,9 +464,9 @@ l0_%=: r1 >>= 16; \ SEC("raw_tp") __log_level(2) __success -__msg("fp-8=0m??scalar()") -__msg("fp-16=00mm??scalar()") -__msg("fp-24=00mm???scalar()") +__msg("fp-8=0mmmscalar()") +__msg("fp-16=00mmmmscalar()") +__msg("fp-24=00mmmmmscalar()") __naked void spill_subregs_preserve_stack_zero(void) { asm volatile ( @@ -717,16 +717,16 @@ SEC("raw_tp") __log_level(2) __flag(BPF_F_TEST_STATE_FREQ) __success /* make sure fp-8 is 32-bit FAKE subregister spill */ -__msg("3: (62) *(u32 *)(r10 -8) = 1 ; R10=fp0 fp-8=????1") +__msg("3: (62) *(u32 *)(r10 -8) = 1 ; R10=fp0 fp-8=mmmm1") /* but fp-16 is spilled IMPRECISE zero const reg */ -__msg("5: (63) *(u32 *)(r10 -16) = r0 ; R0_w=1 R10=fp0 fp-16=????1") +__msg("5: (63) *(u32 *)(r10 -16) = r0 ; R0_w=1 R10=fp0 fp-16=mmmm1") /* validate load from fp-8, which was initialized using BPF_ST_MEM */ -__msg("8: (61) r2 = *(u32 *)(r10 -8) ; R2_w=1 R10=fp0 fp-8=????1") +__msg("8: (61) r2 = *(u32 *)(r10 -8) ; R2_w=1 R10=fp0 fp-8=mmmm1") __msg("9: (0f) r1 += r2") __msg("mark_precise: frame0: last_idx 9 first_idx 7 subseq_idx -1") __msg("mark_precise: frame0: regs=r2 stack= before 8: (61) r2 = *(u32 *)(r10 -8)") __msg("mark_precise: frame0: regs= stack=-8 before 7: (bf) r1 = r6") -__msg("mark_precise: frame0: parent state regs= stack=-8: R0_w=1 R1=ctx() R6_r=map_value(map=.data.two_byte_,ks=4,vs=2) R10=fp0 fp-8_r=????P1 fp-16=????1") +__msg("mark_precise: frame0: parent state regs= stack=-8: R0_w=1 R1=ctx() R6_r=map_value(map=.data.two_byte_,ks=4,vs=2) R10=fp0 fp-8_r=mmmmP1 fp-16=mmmm1") __msg("mark_precise: frame0: last_idx 6 first_idx 3 subseq_idx 7") __msg("mark_precise: frame0: regs= stack=-8 before 6: (05) goto pc+0") __msg("mark_precise: frame0: regs= stack=-8 before 5: (63) *(u32 *)(r10 -16) = r0") @@ -734,7 +734,7 @@ __msg("mark_precise: frame0: regs= stack=-8 before 4: (b7) r0 = 1") __msg("mark_precise: frame0: regs= stack=-8 before 3: (62) *(u32 *)(r10 -8) = 1") __msg("10: R1_w=map_value(map=.data.two_byte_,ks=4,vs=2,off=1) R2_w=1") /* validate load from fp-16, which was initialized using BPF_STX_MEM */ -__msg("12: (61) r2 = *(u32 *)(r10 -16) ; R2_w=1 R10=fp0 fp-16=????1") +__msg("12: (61) r2 = *(u32 *)(r10 -16) ; R2_w=1 R10=fp0 fp-16=mmmm1") __msg("13: (0f) r1 += r2") __msg("mark_precise: frame0: last_idx 13 first_idx 7 subseq_idx -1") __msg("mark_precise: frame0: regs=r2 stack= before 12: (61) r2 = *(u32 *)(r10 -16)") @@ -743,7 +743,7 @@ __msg("mark_precise: frame0: regs= stack=-16 before 10: (73) *(u8 *)(r1 +0) = r2 __msg("mark_precise: frame0: regs= stack=-16 before 9: (0f) r1 += r2") __msg("mark_precise: frame0: regs= stack=-16 before 8: (61) r2 = *(u32 *)(r10 -8)") __msg("mark_precise: frame0: regs= stack=-16 before 7: (bf) r1 = r6") -__msg("mark_precise: frame0: parent state regs= stack=-16: R0_w=1 R1=ctx() R6_r=map_value(map=.data.two_byte_,ks=4,vs=2) R10=fp0 fp-8_r=????P1 fp-16_r=????P1") +__msg("mark_precise: frame0: parent state regs= stack=-16: R0_w=1 R1=ctx() R6_r=map_value(map=.data.two_byte_,ks=4,vs=2) R10=fp0 fp-8_r=mmmmP1 fp-16_r=mmmmP1") __msg("mark_precise: frame0: last_idx 6 first_idx 3 subseq_idx 7") __msg("mark_precise: frame0: regs= stack=-16 before 6: (05) goto pc+0") __msg("mark_precise: frame0: regs= stack=-16 before 5: (63) *(u32 *)(r10 -16) = r0") From patchwork Wed Nov 27 18:51:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kumar Kartikeya Dwivedi X-Patchwork-Id: 13887301 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wm1-f68.google.com (mail-wm1-f68.google.com [209.85.128.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C168201113 for ; Wed, 27 Nov 2024 18:51:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.68 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733504; cv=none; b=AxZsr/vEvZyOd1JSn7Y8IK/ZEJFITJcimLMlCH+OSit6k3qUuZ3ufngq0aMAi2dapRuRq/zNLP3+TN0j3g5vaLY9dMp8gpJzothHelya6hMlfJlI7G/h4PQQWdS4P17S/CJKAymL4J+4NolML+/LCxTwICwj3A5XII3eE+SzY0s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733504; c=relaxed/simple; bh=74rzKpRwL/eGKHdxgXp12BarXCS0xTMFX5QgJJZavQM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=CS0x8YrGNTe6h1Hum7kkI7qtgLKbWlyuntg5kLsVxXTN5SZWpUY154g2Dw8YFOghLmsiAKr/QPwtEhL7yUqvA2xwuDhZvue4f5iSVMsvStfE44hbPyR2OEcgQE2TKwXB/fLyOjIZDRmNIJ+0WcAQGvYG8YkMJ3tmA7X0k4khp/M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LEdhIAew; arc=none smtp.client-ip=209.85.128.68 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LEdhIAew" Received: by mail-wm1-f68.google.com with SMTP id 5b1f17b1804b1-4349e1467fbso32689425e9.1 for ; Wed, 27 Nov 2024 10:51:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732733500; x=1733338300; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=C6PTl9q6lRBH3tqDgsxX3DlWVqzehzzOiqJYZ44e9sQ=; b=LEdhIAewyg8COquEhf6DLIyZL9sXesIZ2uRQtGly4Kjya486iaegiSiCC+172wNC7L zgJe1sP0cB7ZhZ+kPqHNv8dkYMPT8qIGJGInKsssAbBSvsOUFiEBHOawjoCUORn6x0nz JA2ZpBQrMjHMFVDlshyVoljUSbBvKcxEyGL3CnymGC8El7aYuTEMiDRfly7nlpRHvoYI r7fR/rU2bKAsxZ+MgF9OMTIKc9xL9MHNvMoDnk9Bjk3AGR2tatTdA3TVQBx49BALGuy7 8NGayRd8IPEo6acOvF0sJqRSekG9oVS7zjkxcEEKfq4nOh8g+HV5FdXg9r3eJIes3z9N QsMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732733500; x=1733338300; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=C6PTl9q6lRBH3tqDgsxX3DlWVqzehzzOiqJYZ44e9sQ=; b=sUVTlxWNupbX0TpFz6Fsn5T9D5YdgLEoCKSVih1kQetStKKcQrYd7hNfGn8ZK8PnsY YCfAq9+KnY2vl6xN9zatj2a8MdtPq96GPKj0qRy848NyFCib2vXsNjE6CgnC9IzZVEys nCtUvQvADsclGLJYSP4f/tDUrnonHHFCs/bh+1RMS9yajxEJd8uRCmTMf5FW1Fc+ZogV ZtxqLQQRUO0CefMKFJMQB5+OEel4xT02Ykk9ZzjjNxu0yKMcfAb6OQi83nNt7oIwv05z qml9WUdEAiP2fuKfXdHQQ0y7tiThms4VIHYSvYJt+ytkkDrHyRkBbEZst0XRvtk2mfen g/KA== X-Gm-Message-State: AOJu0YwVJdy233+ULFPYYdiVLrU4qLoMw07mtQvrUywUH4qu4iEiLgma DI1a+lRz1CpMtEE9aTLL1csu5GtOxMzG2ZXHA7AtAH3rxGd+cpow1efGJjEZYew= X-Gm-Gg: ASbGncuNqN16pjOd7Irq9CbroY91mefDSUhq0N2FxYTHw/AIwCRnUZb8/XeY55D340D uCIz5SEKSfZfqa/trc+XoVD7UAWKiGAoVQ3YrVkwrs73QqAxtfpPFOD7EcMxgsALW5IVlnighGc TXlxQ9j4gtfOq2KgoRvNLfgjXOfeelEtVip+FpoK/dotwzAkW3SbgAYdSm2kqejto1Hy3e2Chpz ubUEdaKR5GOQLME7/snCiOyvrC1ai8lrx3TUOzxr/AdrozrPFJd03ubQ2jSEv42Du+3IxJyFd+4 X-Google-Smtp-Source: AGHT+IHWPwASK72zHfxe8uUWcapsOIUcUPeaw3jyZm7yn8boZiMukJKXSnIgWNAmjBGrhET23UV02g== X-Received: by 2002:a05:600c:4587:b0:434:9e17:18e4 with SMTP id 5b1f17b1804b1-434a9d4926dmr41708335e9.0.1732733499991; Wed, 27 Nov 2024 10:51:39 -0800 (PST) Received: from localhost (fwdproxy-cln-007.fbsv.net. [2a03:2880:31ff:7::face:b00c]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-434aa7b7917sm29386335e9.13.2024.11.27.10.51.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Nov 2024 10:51:39 -0800 (PST) From: Kumar Kartikeya Dwivedi To: bpf@vger.kernel.org Cc: Tao Lyu , Alexei Starovoitov , Andrii Nakryiko , Daniel Borkmann , Martin KaFai Lau , Eduard Zingerman , Mathias Payer , Meng Xu , Sanidhya Kashyap Subject: [PATCH bpf-next v1 2/4] bpf: Fix narrow scalar spill onto 64-bit spilled scalar slots Date: Wed, 27 Nov 2024 10:51:33 -0800 Message-ID: <20241127185135.2753982-3-memxor@gmail.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20241127185135.2753982-1-memxor@gmail.com> References: <20241127185135.2753982-1-memxor@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1823; i=memxor@gmail.com; h=from:subject; bh=VSaG2aEiYQUl4a9ZAUYAxytzW7sudkJfqBWXv3xLgKE=; b=owEBbQKS/ZANAwAIAUzgyIZIvxHKAcsmYgBnR2oy93ZwHlbiqdt8rLpZ2/Jb2u1TW6xfu9IN4Tm8 QtS3QOGJAjMEAAEIAB0WIQRLvip+Buz51YI8YRFM4MiGSL8RygUCZ0dqMgAKCRBM4MiGSL8RykSyEA CK9ZSH5qAK6RFBvYOmB47H9KstRIy5eoYQKSFjRCME0lSpe9Gt0e64FrhF9MJcqE/nTvXOyxYGRbP7 wjiroGHczyxdyNfzGdD5iobg5F63V2tAj4GwnPNVr5cimHwRqAOv0D7iz7X01C4AAhznS28Q6Z0HyZ /rP3YhML7zq2/r8iuEdstHi2njSjMS+Q6dGIAAGIJbpocOxMbno41eHJr4WhtF6GVB/903FH6EyHZt +GmTmZCHY4Z/KOF+FQHGxZamXIb4jlugxMB3I6JC0+fbHbBQK3HbmkOtgxEhMADVoO8kf+hSnIuoV6 4a2MGRCA3Vmh+HsmoaSUe507drkVKVNtcUOS0HP28TBX+jzi89rv11bZCamMboP34l2XrB/BZxM90z FZKQi72WNLOLmxdjCQXIdxlKHxkLqPNGgc8kcwUVIzfjpPjCpRdhKjI+QqEzGogwaFRva4TDB9xOWH kjjOpV6qJtpEXfG/DPgExTe66s6VxaQNE7VheWO86qpYmGo+6QXWXKHIHxC+P8vZhfYW7iXuf/sbkI l+dqVffh74HZLz/3C07wp8iEYU66JDdUXRB+ZNj/Xcp89JrJ4lDJebylkYnKSUWvmIosoAHrnDHzzN Q55cvuVXozTyMelOVvDSDL9U5N5ZeqDUh+GUrKdDGtA/bFz35nEBx0R84ONg== X-Developer-Key: i=memxor@gmail.com; a=openpgp; fpr=4BBE2A7E06ECF9D5823C61114CE0C88648BF11CA X-Patchwork-Delegate: bpf@iogearbox.net From: Tao Lyu When CAP_PERFMON and CAP_SYS_ADMIN (allow_ptr_leaks) are disabled, the verifier aims to reject partial overwrite on an 8-byte stack slot that contains a spilled pointer. However, in such a scenario, it rejects all partial stack overwrites as long as the targeted stack slot is a spilled register, because it does not check if the stack slot is a spilled pointer. Incomplete checks will result in the rejection of valid programs, which spill narrower scalar values onto scalar slots, as shown below. 0: R1=ctx() R10=fp0 ; asm volatile ( @ repro.bpf.c:679 0: (7a) *(u64 *)(r10 -8) = 1 ; R10=fp0 fp-8_w=1 1: (62) *(u32 *)(r10 -8) = 1 attempt to corrupt spilled pointer on stack processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0. Fix this by expanding the check to not consider spilled scalar registers when rejecting the write into the stack. Previous discussion on this patch is at link [0]. [0]: https://lore.kernel.org/bpf/20240403202409.2615469-1-tao.lyu@epfl.ch Fixes: ab125ed3ec1c ("bpf: fix check for attempt to corrupt spilled pointer") Signed-off-by: Tao Lyu Signed-off-by: Kumar Kartikeya Dwivedi --- kernel/bpf/verifier.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index f9791a001e25..7fb3aa6561f5 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -4700,6 +4700,7 @@ static int check_stack_write_fixed_off(struct bpf_verifier_env *env, */ if (!env->allow_ptr_leaks && is_spilled_reg(&state->stack[spi]) && + !is_spilled_scalar_reg(&state->stack[spi]) && size != BPF_REG_SIZE) { verbose(env, "attempt to corrupt spilled pointer on stack\n"); return -EACCES; From patchwork Wed Nov 27 18:51:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kumar Kartikeya Dwivedi X-Patchwork-Id: 13887302 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wr1-f66.google.com (mail-wr1-f66.google.com [209.85.221.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AFFF72010FF for ; Wed, 27 Nov 2024 18:51:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.66 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733505; cv=none; b=pAeXLs50A/yAgcRhAFlocH9+NiAxjxZMSsteRETRB8g2zsdhJICXvQJHAXwzSueQnAicibLJccF4XkXunzgf1Js0KzrOqpHXo9vdFKMdxSVdL3Do1mmzXDPZXMROBhi5twSYPjmGwdTlgsONtL4a+QSeJzxbH9ASIMyqCPYQgXU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733505; c=relaxed/simple; bh=tvGcCg9wXHUdXfXGLZyEpOIxvEX19bauCQBSJn54EQA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=OP09u/EzBKUwY+djNUTfEU9KsbXCu3/hn92SkNpRP/4jQC79qd3qIU5AQ0o/YO85ZDDTDT4hTqrG37gRqo+PplAq0PhG4T9TcXN8NMUz0wK52A3mmbxxZ7xP4rmQYy3j/rDAxdCeFB6QL9Cz0FPeiv+0MpfCQmvV+dX8P4uCvqg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Wwr/KJ/X; arc=none smtp.client-ip=209.85.221.66 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Wwr/KJ/X" Received: by mail-wr1-f66.google.com with SMTP id ffacd0b85a97d-382411ea5eeso70027f8f.0 for ; Wed, 27 Nov 2024 10:51:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732733502; x=1733338302; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=P6xUjyAmVSqUk1j9DziwbvTTczoV8UVWym2vkF6YOIk=; b=Wwr/KJ/XZcemXwpBjReBNQiQihD6pSu9U4XW0v2l4zbJnCsc9U4E6LHDvdCgddJirJ 8uPd7050iKg4rj96NrhpCFpNjozbxClLPIj8WzYwOinVoATNiTy+FfSR7/qI2EwVESur wuDwJPMhgRBsFSHSDBkcJOABEECQM3MsJoXOwYMKNNHWGh00kxrvGlAUehaz4Xct7/wE shdZgx44zVyORpTXbxfz38kjbn3221C/My5EKymCWibHrIlFzmhCySplos371DN8judt 7QFRcEbpL34aU3eh9RCA4Twclf0QPSellSCtSB1XX//5sbPj0AJEM7l1K1QhIcV4mzkd VRjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732733502; x=1733338302; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=P6xUjyAmVSqUk1j9DziwbvTTczoV8UVWym2vkF6YOIk=; b=ZYGvmWZMrJSt9SLc5hNunMpR/Lo7d5PvWbTyobUpd4szC1Vf4mnJhJSzlDajOwq5ZC 27jodkbjSyhj/nj0zXrY/wJdgWdxfaFogmQab1y0kREgXhI3Ky9xUvrizu8yQ8AoT7wX BpDAlG6o3pu11zVqzIi6Ru291NL1uz26S9n8JddlqQfHsbFnjbUzdHaNOm9+3ByAz8qD dwrGbbH/ZXAYQt1ddFmoTsaJCDJOPX/7UXL6SypDLTFuCRL2M1Oxvggvrv/6BB0jqMVE c6AK3xSEUTXrzNx1ja4aRLB9hV+uBzrNG9/oAiwZVK7zMJjupUgu9G5xnKHmLaXmtm7O qHMQ== X-Gm-Message-State: AOJu0YwPEApyoPT17V+9+TxnO2b2IgsZUo/HzZ+QzT95cNh6fHpF8+ja 76B2QJIdre11pSFUqvOwLEhrAlqUUi75uqEz7Hg73Yk2vCivfx3NuYPGpxTBzSY= X-Gm-Gg: ASbGncuveQaiQux8MVQVwYRQkBpUJtL9sfVC2YwbHcjdt3T7em7APfy4Ucc/9pXEzMH pjUI2XRoog2Sh3juR8PSu17oNqe/0O8CFGaHluBtQLLe5eB3K805lGYnR0cJtLYy1Tl8PLWp+jp UVMveXoWktQ74oAtT7nU7MfE/DgrSYfztl54QSmuWHwT7lwO5CTBoI5aT45K9CpiWxVU3kFtFm9 NhEUY6DsEzp4y10k/D5twXB9OgReBjzhGwzfzu79AzFTK9KTIQyiFjtirIXnAlXdlRZT4Vm2zIm hQ== X-Google-Smtp-Source: AGHT+IFcgFntEO+srj0g4wVSF5V8cpXEatTV6SFWIdY6BK2GjpaPdTqLdPqlu5hojqK5m7n4zS/T7w== X-Received: by 2002:a05:6000:2a2:b0:37c:fdc8:77ab with SMTP id ffacd0b85a97d-385cbd7367emr470073f8f.7.1732733501594; Wed, 27 Nov 2024 10:51:41 -0800 (PST) Received: from localhost (fwdproxy-cln-037.fbsv.net. [2a03:2880:31ff:25::face:b00c]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-434aa74f1e6sm29775865e9.9.2024.11.27.10.51.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Nov 2024 10:51:40 -0800 (PST) From: Kumar Kartikeya Dwivedi To: bpf@vger.kernel.org Cc: Alexei Starovoitov , Andrii Nakryiko , Daniel Borkmann , Martin KaFai Lau , Eduard Zingerman , Tao Lyu , Mathias Payer , Meng Xu , Sanidhya Kashyap Subject: [PATCH bpf-next v1 3/4] selftests/bpf: Add test for reading from STACK_INVALID slots Date: Wed, 27 Nov 2024 10:51:34 -0800 Message-ID: <20241127185135.2753982-4-memxor@gmail.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20241127185135.2753982-1-memxor@gmail.com> References: <20241127185135.2753982-1-memxor@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3736; h=from:subject; bh=tvGcCg9wXHUdXfXGLZyEpOIxvEX19bauCQBSJn54EQA=; b=owEBbQKS/ZANAwAIAUzgyIZIvxHKAcsmYgBnR2oyFAsP+TR7VQRx6S91V8avBnOH+pFhvad3dIfV nQuUe1WJAjMEAAEIAB0WIQRLvip+Buz51YI8YRFM4MiGSL8RygUCZ0dqMgAKCRBM4MiGSL8Rys/rD/ 9IVcf1uKJKt/yXZEA4XPAkWGguuuXg5uDM/vuMTIoqkpr0ecMNr17VRad0XJXVuybbVz12JRNhzTmz t+u6ef6M+BibT45/pdbZ0cibtGeJgH6VcbAgtYK2tRxTbO960yDiS8FhBObWJaujrYSihtdNbElK2M hK8l0fI5/QxPvvMdczZzjk1lAZjdlV8Pq7Hm+8KXxvhcZM2pqGmxlBy6FO+/DLnDHHZW8S/j5hZnx3 Qhj3E2elnYo+KRFzTtO7WlyMBO3QAHaM1sFV5wyUlsFDmQ+ncAf33K+QHaWpKz7YIYwUcfjDpGAkOV n4bxzSHG05cJfgvFXKxg0IlrPuFBMhvTValnYpldFEN9Y8m4jClsPdUA9kEuq1X5rCaz+8mILLH/2r G+zB9dOIOva2uSXfSfALWFxNKz+Tv30ABfDpwj1x/vebTOE8GesCdPF3MlEfLCJjuYESMYKbxGqFdQ 0Bl5+kNGrWbiy2ne15BaqnVneyaqPSsTn/biQmkFfZFKTxkCnsjEfYdpbqD4BzDzYHbVroe3bEKLtX 17JswUDr/8kJ6Fw/7kElZ/rKn7Kxjt9QdVudXRAfpUPP4QWZf/ZgFQ7bjGbGihcQLRttiuNcSD+ShX K55dawjSWxKchXxEP7UYoBsWDb/3EjOEgm6xLiRILVsoTPcha4o+8UjqULgw== X-Developer-Key: i=memxor@gmail.com; a=openpgp; fpr=4BBE2A7E06ECF9D5823C61114CE0C88648BF11CA X-Patchwork-Delegate: bpf@iogearbox.net Ensure that when CAP_PERFMON is dropped, and the verifier sees allow_ptr_leaks as false, we are not permitted to read from a STACK_INVALID slot. Without the fix, the test will report unexpected success in loading. Since we need to control the capabilities when loading this test to only retain CAP_BPF, refactor support added to do the same for test_verifier_mtu and reuse it for this selftest to avoid copy-paste. Signed-off-by: Kumar Kartikeya Dwivedi --- .../selftests/bpf/prog_tests/verifier.c | 41 ++++++++++++++++--- .../bpf/progs/verifier_stack_noperfmon.c | 21 ++++++++++ 2 files changed, 56 insertions(+), 6 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c diff --git a/tools/testing/selftests/bpf/prog_tests/verifier.c b/tools/testing/selftests/bpf/prog_tests/verifier.c index d9f65adb456b..aaf4324e8ef0 100644 --- a/tools/testing/selftests/bpf/prog_tests/verifier.c +++ b/tools/testing/selftests/bpf/prog_tests/verifier.c @@ -63,6 +63,7 @@ #include "verifier_prevent_map_lookup.skel.h" #include "verifier_private_stack.skel.h" #include "verifier_raw_stack.skel.h" +#include "verifier_stack_noperfmon.skel.h" #include "verifier_raw_tp_writable.skel.h" #include "verifier_reg_equal.skel.h" #include "verifier_ref_tracking.skel.h" @@ -226,22 +227,50 @@ void test_verifier_xdp_direct_packet_access(void) { RUN(verifier_xdp_direct_pack void test_verifier_bits_iter(void) { RUN(verifier_bits_iter); } void test_verifier_lsm(void) { RUN(verifier_lsm); } -void test_verifier_mtu(void) +static int test_verifier_disable_caps(__u64 *caps) { - __u64 caps = 0; int ret; /* In case CAP_BPF and CAP_PERFMON is not set */ - ret = cap_enable_effective(1ULL << CAP_BPF | 1ULL << CAP_NET_ADMIN, &caps); + ret = cap_enable_effective(1ULL << CAP_BPF | 1ULL << CAP_NET_ADMIN, caps); if (!ASSERT_OK(ret, "set_cap_bpf_cap_net_admin")) - return; + return -EINVAL; ret = cap_disable_effective(1ULL << CAP_SYS_ADMIN | 1ULL << CAP_PERFMON, NULL); if (!ASSERT_OK(ret, "disable_cap_sys_admin")) + return -EINVAL; + return 0; +} + +static void test_verifier_enable_caps(__u64 caps) +{ + if (caps) + cap_enable_effective(caps, NULL); +} + +void test_verifier_mtu(void) +{ + __u64 caps = 0; + int ret; + + ret = test_verifier_disable_caps(&caps); + if (ret) goto restore_cap; RUN(verifier_mtu); restore_cap: - if (caps) - cap_enable_effective(caps, NULL); + test_verifier_enable_caps(caps); +} + +void test_verifier_stack_noperfmon(void) +{ + __u64 caps = 0; + int ret; + + ret = test_verifier_disable_caps(&caps); + if (ret) + goto restore_cap; + RUN(verifier_stack_noperfmon); +restore_cap: + test_verifier_enable_caps(caps); } static int init_test_val_map(struct bpf_object *obj, char *map_name) diff --git a/tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c b/tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c new file mode 100644 index 000000000000..52da836d47a6 --- /dev/null +++ b/tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include +#include "bpf_misc.h" + +SEC("tc") +__description("stack_noperfmon: reject read of invalid slots") +__failure __msg("invalid read from stack off -8+1 size 8") +__naked void stack_noperfmon_rejecte_invalid_read(void) +{ + asm volatile (" \ + r2 = 1; \ + r6 = r10; \ + r6 += -8; \ + *(u8 *)(r6 + 0) = r2; \ + r2 = *(u64 *)(r6 + 0); \ + r0 = 0; \ + exit; \ +" ::: __clobber_all); +} From patchwork Wed Nov 27 18:51:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kumar Kartikeya Dwivedi X-Patchwork-Id: 13887303 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wr1-f66.google.com (mail-wr1-f66.google.com [209.85.221.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA3C5201245 for ; Wed, 27 Nov 2024 18:51:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.66 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733506; cv=none; b=D5ZU0Un7OrlVupDKHhbYMfj1vWN+nUsrr8EsrPrn/H5lMq8ezIk5WqI4DZDLCywDmio3wKoY9JipFanGiiZAcZp8Q9DIanhetq8/VtVc+l/WN/bBlbcyu6k0KWSThgvJrJDrsqAsyhfITuTPqBo8MOgMuXh6RG00jgBuwPdgxw8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732733506; c=relaxed/simple; bh=2FOS0xjqxxsi/1gBQ1MbMP4C8VFEzjd8RBAbMWCi588=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=OgeZzfNWm4elkpU6wA/GF29fLcloQZBUv0pOY1bw6iZzjBzCCp9IQn3qUufo047UZe4FeGEHcxtef4OeBKwGOm/QPf1gjTDhdPDtcFGPmp1YofPJbJuR6MYzdhlrRdb5gHuVHk+MtsHAbpmxdr/IoRFhCCLD1QnAmXew/8lsMA0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=B7usNwen; arc=none smtp.client-ip=209.85.221.66 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="B7usNwen" Received: by mail-wr1-f66.google.com with SMTP id ffacd0b85a97d-3823eb7ba72so50702f8f.0 for ; Wed, 27 Nov 2024 10:51:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732733503; x=1733338303; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yRpbv9js8KCoCZabbKH2/W39iYnr0jK4lGEDrMimA70=; b=B7usNwentRzrp5fdDwHu8Ib61mrILHt1kScI/QIJUjKxhsq7PbzeAQQVKDRDAqaggJ avYa/sYVQnTad2B3pcMxAfw2XUQpiVND9YCjMREnGJ5iFgJpIDKmSWumGnA6vE/g4QAr niWJNvpe6CTm2cahmHDTY5BSEDHJOxvjiGqdqHhJ7EKYmOQhQojnSX+APFUOUPAd3YMJ irgbFf3sqSPYGNJ+YgetLMvZLMfa8uEIc6wK4SubkkGcZ+t0KR7p910qxBuzGMQVQwM6 G/hbNUsGqZpKj/AXfIO1qqWGlQSJKllE3KTBjHEPIXN42K95A1LbdSSTvlJ1hqYK1w4H 9pWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732733503; x=1733338303; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yRpbv9js8KCoCZabbKH2/W39iYnr0jK4lGEDrMimA70=; b=RXnDaAM06o4WnFjLTzjoZyeYLgRInMB/9tIBht504TndwT4jOcuXX1G4DzWf3iY3bP vea4k/UomSrLlwLLbOFuaFtKVM9NuTZAYCBJBuUL/cHaPJ9DWGKRUx0t90vTzmRGMCyM i55fE6J1Q7p9Uw6AJM10KQSRNpM9Au1tVMQGk4Rc2gHezqfnNQBRMmhQ3iGrM7XQ8sF7 8hEWQQeWsgMQjCwpx5bB47NR+n7tb2bWPQbjPZUzmI7c0WI1Cao+UXeNXl0QeaZVnVvq Rvit1JumS/YJMQ2Kn2jFlfzX4GyvG2KpAtxCZfZGJ8z8tuI+b4aJfrC9yi2NKjNEtiul wuPA== X-Gm-Message-State: AOJu0Yx1ZCynnwAzy9TWJr99Oca1K1gTX6p9xY+e6yPpaCmbA25Aqrtz tc8Edcr7jc+xEpoxm818mnV+0FQnZ4ZvMeslPwYPX+2/BQ8rEh9OzjoMvgnMi0Y= X-Gm-Gg: ASbGnctGUtUAFPeVa2P8bp50QMeJiGkkzExZDadC+bAN3MDByme8WWGMbrMPY4KgL4L V0wRUicvlbwJyl35Dn8MKj5SIHpsj1x/W4tKuS8fuoeOgtSd4+19p2socm3IhOJCXeMgeBSN6sK Ahm/wJDWsxkifds8P0NHUceY9Lv1I4BJ47Zvh8V0iu4mUuDfzH1eZiv44aHqYfPXc3XGBEO4/hk GnEDNMVHTagfMFrMQZAAhixynNBP90ERWGYqBvRYyK9LW5Df385/nowuG+09ofejWDaDStGUFcU X-Google-Smtp-Source: AGHT+IG5Dl0z/ltjfQh9ZQu2s3EW4FtjjDs3zC72vwq55BrqT3w0olAj3bIpeT4g271BgzuiDU7Ghw== X-Received: by 2002:a05:6000:1f85:b0:382:2492:3218 with SMTP id ffacd0b85a97d-385c6edda02mr2960274f8f.47.1732733502879; Wed, 27 Nov 2024 10:51:42 -0800 (PST) Received: from localhost (fwdproxy-cln-008.fbsv.net. [2a03:2880:31ff:8::face:b00c]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3825fbc34bdsm17481480f8f.78.2024.11.27.10.51.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Nov 2024 10:51:42 -0800 (PST) From: Kumar Kartikeya Dwivedi To: bpf@vger.kernel.org Cc: Alexei Starovoitov , Andrii Nakryiko , Daniel Borkmann , Martin KaFai Lau , Eduard Zingerman , Tao Lyu , Mathias Payer , Meng Xu , Sanidhya Kashyap Subject: [PATCH bpf-next v1 4/4] selftests/bpf: Add test for narrow spill into 64-bit spilled scalar Date: Wed, 27 Nov 2024 10:51:35 -0800 Message-ID: <20241127185135.2753982-5-memxor@gmail.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20241127185135.2753982-1-memxor@gmail.com> References: <20241127185135.2753982-1-memxor@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1084; h=from:subject; bh=2FOS0xjqxxsi/1gBQ1MbMP4C8VFEzjd8RBAbMWCi588=; b=owEBbQKS/ZANAwAIAUzgyIZIvxHKAcsmYgBnR2oyVYLS78CFW9bds7B7rpERenIUzbd3hsoUrkrN zCmjbCWJAjMEAAEIAB0WIQRLvip+Buz51YI8YRFM4MiGSL8RygUCZ0dqMgAKCRBM4MiGSL8RyqVqD/ 93leyq/VL+vKqBiy4+QkAUgd/p+gm83wuFd6vAjMWBY36GvDZfiZCHxJyRQsnoHuHuNuOhwq3ZZ0O+ LnS99m807CjZcObdSFZUCfOYT7E7uU8lHKk9djBvdhjFs3/J3riUqIVedU7qkX4vqebgmXgm6BIm9l CuKvLqJhbXqfK01p5Z73Z8OfGM5wLNW+SpmMB3CSZOtZk5bCzQvmyOWFu4JiFn41IlIsccRYCSCkCO QiSpPWFKmiwH6eFlCML4vsU8cUjYOpiohNDu4hZJZmJPugvsC+5DDgAREBMiHhCBwxaXcioe7hwdse nEmTJB9I1794D2jMhsQkv8JaDlP6nkeip3My2CMLlYp0AAgwEu/PDv1uwSsxzrzHB2IFTfjSnQKpT+ oAXyZ9RD6JgB/47qDDPnVHYBC9s145SS0oC4RtmqGTmaEQBf7oHISAkeydP+2i7zf/Rj08UGWLI6My 4sUO1ilp561D6i8N/Mlwb4a9MPLyH7jZUSPS8ZrnnPWEp5BwKjXgDq+3JYV/+ycXznbaoXR5jqPQs/ /sAIa8yTzjYB9Ndf9N6KWurwkZRV+v3RrsA30wLXyTyCg+WLipt9pW3WzoCKP8DlO2VCAnOkvJaJbH gQ7nvBDdrf91EIMXLDOGdWZxn6IUpUZHATbQPHBhCdOIJIx9Q3I2JMPrMZ/g== X-Developer-Key: i=memxor@gmail.com; a=openpgp; fpr=4BBE2A7E06ECF9D5823C61114CE0C88648BF11CA X-Patchwork-Delegate: bpf@iogearbox.net Add a test case to verify that without CAP_PERFMON, the test now succeeds instead of failing due to a verification error. Signed-off-by: Kumar Kartikeya Dwivedi --- .../bpf/progs/verifier_stack_noperfmon.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c b/tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c index 52da836d47a6..f6d5fa76c90c 100644 --- a/tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c +++ b/tools/testing/selftests/bpf/progs/verifier_stack_noperfmon.c @@ -19,3 +19,18 @@ __naked void stack_noperfmon_rejecte_invalid_read(void) exit; \ " ::: __clobber_all); } + +SEC("socket") +__description("stack_noperfmon: narrow spill onto 64-bit scalar spilled slots") +__success +__naked void stack_noperfmon_spill_32bit_onto_64bit_slot(void) +{ + asm volatile(" \ + *(u64*)(r10 - 8) = 1; \ + *(u32*)(r10 - 8) = 1; \ + r0 = 0; \ + exit; \ +" : + : + : __clobber_all); +}