From patchwork Fri Dec 20 19:10:51 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jordan Rome <linux@jordanrome.com>
X-Patchwork-Id: 13917249
X-Patchwork-Delegate: bpf@iogearbox.net
Received: from mout.perfora.net (mout.perfora.net [74.208.4.197])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B43D215717
	for <bpf@vger.kernel.org>; Fri, 20 Dec 2024 19:11:36 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=74.208.4.197
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1734721898; cv=none;
 b=D9h1WZxkb1tbNKL8oDF8LjhNbUEn2lM0FJOVZRV7ljowj+ydUwFfv2mr9MsvTW8otrdhdD876AyF0auPkbMpjAu3s+G2R21D/k+ILVGbXljMeSZULydz8BLxVThvMOmlX7jBQWx0N08NXmoUnar8247Y8RVB19P6l1nbKXGeV2g=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1734721898; c=relaxed/simple;
	bh=8xbiRdHBPO3jUfbkoLzQyxJEc5n28WhLyIkdJ/pSSBY=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
 b=IMtujfqzQI7Rhgyvd+MoCeWkT/EMpeRQ+w+bYH+byZJV22QqJzVO0++u3i2Do75hSr3c55HI4r4ijtkcjc6QVmM7TxNKyQuEd/2DpzssX/xULN9D15nQjOJI4MznGyv9Nq5qX+SKdc/J/MiMs47q2omjztVivCMpb3yxOXYQfnM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=jordanrome.com;
 spf=pass smtp.mailfrom=jordanrome.com;
 dkim=pass (2048-bit key) header.d=jordanrome.com
 header.i=linux@jordanrome.com header.b=FrmTCBmQ;
 arc=none smtp.client-ip=74.208.4.197
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=jordanrome.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=jordanrome.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=jordanrome.com
 header.i=linux@jordanrome.com header.b="FrmTCBmQ"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jordanrome.com;
	s=s1-ionos; t=1734721863; x=1735326663; i=linux@jordanrome.com;
	bh=uKIcLe53DhKAw/KOsMpnBW86/EMOplkL0jIHNB21QpA=;
	h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID:
	 MIME-Version:Content-Transfer-Encoding:cc:
	 content-transfer-encoding:content-type:date:from:message-id:
	 mime-version:reply-to:subject:to;
	b=FrmTCBmQ7gTAk0gl0+7IB8CVzfiEufEsCkHf7yKKG6iqw01Cl+x8IfUqrV2wPIhg
	 i9/PC7oj0oGjTP1V0/BNeyWAFhWJYQQUtvwV6ksy9YbEbLI5pY5hzCDvDjO1wAvey
	 QTivll9F86A7khfO242G1w8HZCYeH/A1lV8sQYnS0BWEVXq2955fvWdMmD2Y+Lv6K
	 fO49YczphF0OjqFD0wy1+qDONC6jDBh6Tq7WF1GU+fAKlWT61s58hyVjgLSjb18ZJ
	 Ov0svZeC9bejOMOsTHYnEyjd02eH9Vpn4355RAJFJNXksC3NF8Prlb+XfFBvbi1aQ
	 gOEbQejxFHlU7tAkIA==
X-UI-Sender-Class: 55c96926-9e95-11ee-ae09-1f7a4046a0f6
Received: from localhost ([69.171.251.10]) by mrelay.perfora.net (mreueus004
 [74.208.5.2]) with ESMTPSA (Nemesis) id 1MC3TF-1tGmr40wgP-00Gt6E; Fri, 20 Dec
 2024 20:11:03 +0100
From: Jordan Rome <linux@jordanrome.com>
To: bpf@vger.kernel.org
Cc: linux-mm@kvack.org,
	Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Andrii Nakryiko <andrii@kernel.org>,
	Kernel Team <kernel-team@fb.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Shakeel Butt <shakeel.butt@linux.dev>
Subject: [bpf-next v1 1/2] bpf: Add bpf_copy_from_user_task_str kfunc
Date: Fri, 20 Dec 2024 11:10:51 -0800
Message-ID: <20241220191052.1066250-1-linux@jordanrome.com>
X-Mailer: git-send-email 2.43.5
Precedence: bulk
X-Mailing-List: bpf@vger.kernel.org
List-Id: <bpf.vger.kernel.org>
List-Subscribe: <mailto:bpf+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:bpf+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Provags-ID: V03:K1:ygL+D53aP6CjmjpYKb3lsGMRfJ7rpbvqBKBq2UMu7vza1RtNh+L
 ZoscTPfN1lT99zYSqx+l5HMceWHimnW2ZRhON1DMG17KLDyb31/VXx9igWFWvGg1XaGcbTk
 VgSnNzbNpwfNefJAFpOAU69wvWZRBXX3mNPXqJJxmxbcJuYVLCAbs19DIn1pHiBnRGlXKVU
 VPsVGh8W7le5jrJi7ZJaA==
X-Spam-Flag: NO
UI-OutboundReport: notjunk:1;M01:P0:mpnEO13JNJ8=;plfr7tEJ3gadeUzZwYVfSteOOkZ
 tSL7lKXAiyWdlsMBEEmssoBi3UUFSWkc+3Y+69hvb1olvNo1yu+D7riUXGFA7C8aczJ/zrKYo
 eXmtMFMXrqSJ8e2IW4xpsMvCWlAHGc9TvdckPA4FUgz2QogJQYVnYInF19fb14fNIEdqu38Vw
 UIyeHc+OennsJJtQq0YqiF6A/j7GIo/FV8aMR6Awi1WLUjkz2TDk8LO9Q96VjZ2ICUXOpucDJ
 W3ix1ryGQLiFOCW5U01QXWanIJRzsTwb8F/5ss8cZkd60ZsCFbSb4DLREz8/5XkjWnmUI0jzJ
 xJSLXiy3KB4pVVH+edn+N17PyKGeQXa2VZAVYXLHq1Naq3PVH3fRloyAj25tOJNYvS8Nmhpjh
 8Diq4x1g4b7b4za32+AoBbusrKY1OFbD2+d84t2t0EL0LNke5+5NCBQ9Q6BKRVhu7L1Txd7Tt
 Vv/AeCfqoN/+aPVrGpn/LO00/gdINEWB5Lt/YyxoBvUUUdsHZdDq6WrDzqIwR1TKsNtLt9vOa
 dWuUFvmUIFIAjd8xcwOcYdGqUzqCMc6ZuB/AHXX2fMpI0q5H0sJTzGCph0ZDUB+ql3/20zRhs
 AnUDw7Q9FnBNVqBWlY2tAE6i3LwDOqmqSXyP2KJm90TEgl0rv7+Os2T3CAeZ1j7TvaJBMR+eb
 Vgj96ja0yS6gPHPU72EFtluOARvYx9z9MiDFowk+QT2x2qMDyCI+TqWIgQLtJyNHm7QGI8Tvp
 3L9sCklbWmsSOgc7sQciMvnrXX2v+3kIkTuWyLr8P0MQ8IKENCqyc++y6lBrIGaDaszsvpWh+
 K1RoSuhFkXqPT8N+GTZV9Of1GVN2gJ+GFib559iJ1d2HxNBQ4ippnPmTFjVDFs/cB/mz2Tunl
 Cdn21oBaMBR9OqtME7ky1EnYTqWexQRch2OghUy6zfLtMpFZxHcao607a1YQVc203L1n+LEaM
 TNzDaaDCruTxL93eodLvw6+UPHILpLu7wTmr0meTPrDRIFiu4u5exarGOilY9mjz8mhlV18sB
 5cNQzxXSK88lNgXrBXUWd/BX1VJamdQzXFZr8vQ
X-Patchwork-Delegate: bpf@iogearbox.net

This new kfunc will be able to copy a string
from another process's/task's address space.
This is similar to `bpf_copy_from_user_str`
but accepts a `struct task_struct*` argument.

This required adding an additional function
in memory.c, namely `copy_str_from_process_vm`,
which works similar to `access_process_vm`
but utilizes the `strncpy_from_user` helper
and only supports reading/copying and not writing.

Signed-off-by: Jordan Rome <linux@jordanrome.com>
---
 include/linux/mm.h   |   3 ++
 kernel/bpf/helpers.c |  46 ++++++++++++++++++++
 mm/memory.c          | 101 +++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 150 insertions(+)

--
2.43.5

diff --git a/include/linux/mm.h b/include/linux/mm.h
index c39c4945946c..52b304b20630 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -2484,6 +2484,9 @@ extern int access_process_vm(struct task_struct *tsk, unsigned long addr,
 extern int access_remote_vm(struct mm_struct *mm, unsigned long addr,
 		void *buf, int len, unsigned int gup_flags);

+extern int copy_str_from_process_vm(struct task_struct *tsk, unsigned long addr,
+		void *buf, int len, unsigned int gup_flags);
+
 long get_user_pages_remote(struct mm_struct *mm,
 			   unsigned long start, unsigned long nr_pages,
 			   unsigned int gup_flags, struct page **pages,
diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
index 751c150f9e1c..b282dd6aa95f 100644
--- a/kernel/bpf/helpers.c
+++ b/kernel/bpf/helpers.c
@@ -3057,6 +3057,51 @@ __bpf_kfunc int bpf_copy_from_user_str(void *dst, u32 dst__sz, const void __user
 	return ret + 1;
 }

+/**
+ * bpf_copy_from_user_task_str() - Copy a string from an task's address space
+ * @dst:             Destination address, in kernel space.  This buffer must be
+ *                   at least @dst__sz bytes long.
+ * @dst__sz:         Maximum number of bytes to copy, includes the trailing NUL.
+ * @unsafe_ptr__ign: Source address in the task's address space.
+ * @tsk:             The task whose address space will be used
+ * @flags:           The only supported flag is BPF_F_PAD_ZEROS
+ *
+ * Copies a NULL-terminated string from a task's address space to BPF space.
+ * If user string is too long this will still ensure zero termination in the
+ * dst buffer unless buffer size is 0.
+ *
+ * If BPF_F_PAD_ZEROS flag is set, memset the tail of @dst to 0 on success and
+ * memset all of @dst on failure.
+ */
+__bpf_kfunc int bpf_copy_from_user_task_str(void *dst, u32 dst__sz, const void __user *unsafe_ptr__ign, struct task_struct *tsk, u64 flags)
+{
+	int count = dst__sz - 1;
+	int ret = 0;
+
+	if (unlikely(flags & ~BPF_F_PAD_ZEROS))
+		return -EINVAL;
+
+	if (unlikely(!dst__sz))
+		return 0;
+
+	ret = copy_str_from_process_vm(tsk, (unsigned long)unsafe_ptr__ign, dst, count, 0);
+
+	if (ret <= 0) {
+		if (flags & BPF_F_PAD_ZEROS)
+			memset((char *)dst, 0, dst__sz);
+		return ret;
+	}
+
+	if (ret < count) {
+		if (flags & BPF_F_PAD_ZEROS)
+			memset((char *)dst + ret, 0, dst__sz - ret);
+	} else {
+		((char *)dst)[count] = '\0';
+	}
+
+	return ret + 1;
+}
+
 __bpf_kfunc_end_defs();

 BTF_KFUNCS_START(generic_btf_ids)
@@ -3145,6 +3190,7 @@ BTF_ID_FLAGS(func, bpf_iter_bits_new, KF_ITER_NEW)
 BTF_ID_FLAGS(func, bpf_iter_bits_next, KF_ITER_NEXT | KF_RET_NULL)
 BTF_ID_FLAGS(func, bpf_iter_bits_destroy, KF_ITER_DESTROY)
 BTF_ID_FLAGS(func, bpf_copy_from_user_str, KF_SLEEPABLE)
+BTF_ID_FLAGS(func, bpf_copy_from_user_task_str, KF_SLEEPABLE)
 BTF_ID_FLAGS(func, bpf_get_kmem_cache)
 BTF_ID_FLAGS(func, bpf_iter_kmem_cache_new, KF_ITER_NEW | KF_SLEEPABLE)
 BTF_ID_FLAGS(func, bpf_iter_kmem_cache_next, KF_ITER_NEXT | KF_RET_NULL | KF_SLEEPABLE)
diff --git a/mm/memory.c b/mm/memory.c
index 75c2dfd04f72..514490bd7d6d 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -6673,6 +6673,75 @@ static int __access_remote_vm(struct mm_struct *mm, unsigned long addr,
 	return buf - old_buf;
 }

+/*
+ * Copy a string from another process's address space as given in mm.
+ * Don't return partial results. If there is any error return -EFAULT.
+ */
+static int __copy_str_from_remote_vm(struct mm_struct *mm, unsigned long addr,
+			      void *buf, int len, unsigned int gup_flags)
+{
+	void *old_buf = buf;
+	int err = 0;
+
+	if (mmap_read_lock_killable(mm))
+		return -EFAULT;
+
+	/* Untag the address before looking up the VMA */
+	addr = untagged_addr_remote(mm, addr);
+
+	/* Avoid triggering the temporary warning in __get_user_pages */
+	if (!vma_lookup(mm, addr)) {
+		mmap_read_unlock(mm);
+		return -EFAULT;
+	}
+
+	while (len) {
+		int bytes, offset, retval;
+		void *maddr;
+		struct vm_area_struct *vma = NULL;
+		struct page *page = get_user_page_vma_remote(mm, addr,
+							     gup_flags, &vma);
+
+		if (IS_ERR(page)) {
+			/*
+			 * Treat as a total failure for now until we decide how
+			 * to handle the CONFIG_HAVE_IOREMAP_PROT case and
+			 * stack expansion.
+			 */
+			err = -EFAULT;
+			break;
+		}
+
+		bytes = len;
+		offset = addr & (PAGE_SIZE - 1);
+		if (bytes > PAGE_SIZE - offset)
+			bytes = PAGE_SIZE - offset;
+
+		maddr = kmap_local_page(page);
+		retval = strncpy_from_user(buf, (const char __user *)addr, bytes);
+		unmap_and_put_page(page, maddr);
+
+		if (retval < 0) {
+			err = retval;
+			break;
+		}
+
+		len -= retval;
+		buf += retval;
+		addr += retval;
+
+		/* Found the end of the string */
+		if (retval < bytes)
+			break;
+	}
+	mmap_read_unlock(mm);
+
+	if (err)
+		return err;
+
+	return buf - old_buf;
+}
+
 /**
  * access_remote_vm - access another process' address space
  * @mm:		the mm_struct of the target address space
@@ -6714,6 +6783,38 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr,
 }
 EXPORT_SYMBOL_GPL(access_process_vm);

+/**
+ * copy_str_from_process_vm - copy a string from another process's address space.
+ * @tsk:	the task of the target address space
+ * @addr:	start address to access
+ * @buf:	source or destination buffer
+ * @len:	number of bytes to transfer
+ * @gup_flags:	flags modifying lookup behaviour
+ *
+ * The caller must hold a reference on @mm.
+ *
+ * Return: number of bytes copied from source to destination. If the string
+ * is shorter than @len then return the length of the string.
+ * On any error, return -EFAULT.
+ */
+int copy_str_from_process_vm(struct task_struct *tsk, unsigned long addr,
+		void *buf, int len, unsigned int gup_flags)
+{
+	struct mm_struct *mm;
+	int ret;
+
+	mm = get_task_mm(tsk);
+	if (!mm)
+		return -EFAULT;
+
+	ret = __copy_str_from_remote_vm(mm, addr, buf, len, gup_flags);
+
+	mmput(mm);
+
+	return ret;
+}
+EXPORT_SYMBOL_GPL(copy_str_from_process_vm);
+
 /*
  * Print the name of a VMA.
  */

From patchwork Fri Dec 20 19:10:52 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jordan Rome <linux@jordanrome.com>
X-Patchwork-Id: 13917250
X-Patchwork-Delegate: bpf@iogearbox.net
Received: from mout.perfora.net (mout.perfora.net [74.208.4.197])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E435621E087
	for <bpf@vger.kernel.org>; Fri, 20 Dec 2024 19:11:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=74.208.4.197
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1734721901; cv=none;
 b=CXqE6dLIgNRSBAmRHVsilCHUgfBIXEFFvS9wypWKwNacFtMlXEfz+vm7BsL+uXt71mDUV+CHcnGmQgTZEeEbD8oeqJiya5oo9dYZpMC4Shnhguh8kGG1cfPGfFbrQC6uiDjUUi8e58pCkawUVx3f0Sjw+DIQDr8HIGYzVWtGU5Y=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1734721901; c=relaxed/simple;
	bh=ZDx92FCNvaaNTqkZp0+dbn9tgRERr2CZHcmu8V5PG4s=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=Vn9/faW9xMdBKHZW2MB5mUEoFDi/vbn/R9jKhP26YZX80UgJRZnT8Zes74tzL4EM7XfpW2WjywyCJwUL6njv/5O0mOcJKfg6WqeK+Oym53ZRbhUOOVA9cE2qwLFODwOqT3lHgbxoiPNuuiig4oGbHIax+bhfmfGuyJaPhMGfHGg=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=jordanrome.com;
 spf=pass smtp.mailfrom=jordanrome.com;
 dkim=pass (2048-bit key) header.d=jordanrome.com
 header.i=linux@jordanrome.com header.b=CC4DnTE1;
 arc=none smtp.client-ip=74.208.4.197
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=jordanrome.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=jordanrome.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=jordanrome.com
 header.i=linux@jordanrome.com header.b="CC4DnTE1"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jordanrome.com;
	s=s1-ionos; t=1734721867; x=1735326667; i=linux@jordanrome.com;
	bh=bFV8AAWE7WB5PNv7bnDePrI5cbphl4Nbhj6dGOr7osY=;
	h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID:In-Reply-To:
	 References:MIME-Version:Content-Transfer-Encoding:cc:
	 content-transfer-encoding:content-type:date:from:message-id:
	 mime-version:reply-to:subject:to;
	b=CC4DnTE1mM2LbQBIQhERFew8CVlNAxULDVF+pQaFgIZryJhuemZrhYMqHDa3tMY0
	 9z3HLZ9fCM2ktP16slBwbFMHReL7+6kqofQrWiWThmL8wBexYRpiWiC/xQcTfC8Qj
	 SeytwB1a+wGEW4eDj2TpFURu+TqLS8DCtiGt5cMbTYOLpjDVcGz9URm38NyvzBQ5F
	 PK6c5FcS3hXR0j9/FoFaUrTdUmF0/vUimctiO0PeG22ymmITr9V3GRt+qg5y7FK3o
	 wxJeTwXO+HE3VAt+NlrVu3Zu8/J80uTCt3j/ziLsHTNUNz5raRs6ZVxsLYhhfvnhF
	 Eiaug/a8krf1K2qTGA==
X-UI-Sender-Class: 55c96926-9e95-11ee-ae09-1f7a4046a0f6
Received: from localhost ([69.171.251.17]) by mrelay.perfora.net (mreueus004
 [74.208.5.2]) with ESMTPSA (Nemesis) id 1Ma1LU-1t1bUV2Q0S-00RY6U; Fri, 20 Dec
 2024 20:11:07 +0100
From: Jordan Rome <linux@jordanrome.com>
To: bpf@vger.kernel.org
Cc: linux-mm@kvack.org,
	Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Andrii Nakryiko <andrii@kernel.org>,
	Kernel Team <kernel-team@fb.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Shakeel Butt <shakeel.butt@linux.dev>
Subject: [bpf-next v1 2/2] selftests/bpf: Add tests for
 bpf_copy_from_user_task_str
Date: Fri, 20 Dec 2024 11:10:52 -0800
Message-ID: <20241220191052.1066250-2-linux@jordanrome.com>
X-Mailer: git-send-email 2.43.5
In-Reply-To: <20241220191052.1066250-1-linux@jordanrome.com>
References: <20241220191052.1066250-1-linux@jordanrome.com>
Precedence: bulk
X-Mailing-List: bpf@vger.kernel.org
List-Id: <bpf.vger.kernel.org>
List-Subscribe: <mailto:bpf+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:bpf+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Provags-ID: V03:K1:3YPzK3zH6uRLIxMDY+gj/1+UrBpP5upetgT6hfo4xmcWEzocgo/
 tslmhoR9p1bjy2bffimY5c2GKXLEGscp8XhmjJ+IyxDjCO0i2D7pz//XtQ9i6IpaFG5Dhzr
 vehsUzjvzHlX+e1ALeAaiB47s+NP8BDb4OetI10lpBEw8iOtvb2Sk/JatRB6gn/3FjpB8Us
 ZPy46vdJE8hDZ6q7Tv7KQ==
X-Spam-Flag: NO
UI-OutboundReport: notjunk:1;M01:P0:sdbn4NDl3Bc=;BI4Ci9PneXHWXw40oIXSJlsmzmF
 oiJC9L4yCxSEVlTvUJ42fVmANeyRZdfI/qmtHdFNbTrFDKna4QKhOn98E8ijN86yeL7bEZs5j
 YXVuCe65pywYtxBf2oWKyznDJD++1FCmB6JjDAnB1Tmueiu6DvFV2YFFeu+x5eY7gZLfgD5fP
 38lh5idbTWwLjRJ75s37rSdjZcIcdyg7A83RmAIwQYaEquFRU6L/jCycCb+V41tYwEj+QDcM/
 XAzV1HK6wNJN+h5VK7+RotKVn0H8T8Kb93w4g8BvIMOz0yoe/nmUM0/yYpjnkW8BZj+b2d4ze
 JhT7cgUs0XcjopZfK/RBErTWDbFRIcUFsCtrpgzJQP8Gf8R1dtlwaSg38CN5RSVy4psEMw3RV
 MFGEsIgxbXYfy4AptS3NCTGcyzAieM6yPXiDXLlmeEg3KhNyIHVfuXEKecW14yQVZKC+/HtzJ
 rqp6a9QQPpQzh6XqX+SIbMdJzCQ/H0Rf2B8dOQ20hby9uunOqu7c1tPyPMzK5y0Tsq9gB9dz1
 7kZgOJhLfOqxD36bJX2sQX+QU/P3AsYomkpYd6pvPd4NMMw3jsYlBvre73Mg7EhkN3yvuiJBg
 a9E7TOZdxrLlygBj6iPWVOEH1JSuHClCG2a8EKTLJT1jMTOYF+b9CByRuBUZpElR1YRD0t4Px
 OMQ0lZyNl9/1sfCURcumh8PiKOaxS0ncZHFQC/PlTNYvLD9wwgUQzjuqcMW8YacAR18fsSvhP
 s9IBpsl1NVa2BHf4dxhf/hKBW4+DKKCWCGEag5UKyTwIBkrMkWXamm439EYtjV9WiRnJTubXz
 0v3dDABBFjpIFgR23gMAhjEX2fFbN49A+8aYFBYOtRNdM6AjHzsgDePa0LqG/MBb4+TfrqqUT
 bMAyZmqGNkKUfk9CxiDEgwAKQrglS7mhhqGLIf61KxAjBFMsJ1Mo9QQI3OGR2GifqeXye6rOu
 QufN0RtuMMU6VCGvyGobsQgZT0Z6r3V1GD/XZWBFhhxBBafIO0s8bukTzAOZiqwyTo0aq3NmG
 /0/tWnKUzRFK+WjeIZg00zxJ9Gp7VT8WSeRhX1X
X-Patchwork-Delegate: bpf@iogearbox.net

This adds tests for both the happy path and the
error path (with and without the BPF_F_PAD_ZEROS flag).

Signed-off-by: Jordan Rome <linux@jordanrome.com>
---
 .../selftests/bpf/prog_tests/bpf_iter.c       |  7 +++
 .../selftests/bpf/prog_tests/read_vsyscall.c  |  1 +
 .../selftests/bpf/progs/bpf_iter_tasks.c      | 55 +++++++++++++++++++
 .../selftests/bpf/progs/read_vsyscall.c       |  6 +-
 4 files changed, 67 insertions(+), 2 deletions(-)

--
2.43.5

diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c
index 6f1bfacd7375..8ed864793bd1 100644
--- a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c
+++ b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c
@@ -34,6 +34,8 @@
 #include "bpf_iter_ksym.skel.h"
 #include "bpf_iter_sockmap.skel.h"

+static char test_data[] = "test_data";
+
 static void test_btf_id_or_null(void)
 {
 	struct bpf_iter_test_kern3 *skel;
@@ -328,12 +330,17 @@ static void test_task_sleepable(void)
 	if (!ASSERT_OK_PTR(skel, "bpf_iter_tasks__open_and_load"))
 		return;

+	skel->bss->user_ptr = test_data;
 	do_dummy_read(skel->progs.dump_task_sleepable);

 	ASSERT_GT(skel->bss->num_expected_failure_copy_from_user_task, 0,
 		  "num_expected_failure_copy_from_user_task");
 	ASSERT_GT(skel->bss->num_success_copy_from_user_task, 0,
 		  "num_success_copy_from_user_task");
+	ASSERT_GT(skel->bss->num_expected_failure_copy_from_user_task_str, 0,
+		  "num_expected_failure_copy_from_user_task_str");
+	ASSERT_GT(skel->bss->num_success_copy_from_user_task_str, 0,
+		  "num_success_copy_from_user_task_str");

 	bpf_iter_tasks__destroy(skel);
 }
diff --git a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c
index c7b9ba8b1d06..a8d1eaa67020 100644
--- a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c
+++ b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c
@@ -24,6 +24,7 @@ struct read_ret_desc {
 	{ .name = "copy_from_user", .ret = -EFAULT },
 	{ .name = "copy_from_user_task", .ret = -EFAULT },
 	{ .name = "copy_from_user_str", .ret = -EFAULT },
+	{ .name = "copy_from_user_task_str", .ret = -EFAULT },
 };

 void test_read_vsyscall(void)
diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c b/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c
index bc10c4e4b4fa..90691e34b915 100644
--- a/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c
+++ b/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c
@@ -9,6 +9,7 @@ char _license[] SEC("license") = "GPL";
 uint32_t tid = 0;
 int num_unknown_tid = 0;
 int num_known_tid = 0;
+void *user_ptr = 0;

 SEC("iter/task")
 int dump_task(struct bpf_iter__task *ctx)
@@ -35,7 +36,9 @@ int dump_task(struct bpf_iter__task *ctx)
 }

 int num_expected_failure_copy_from_user_task = 0;
+int num_expected_failure_copy_from_user_task_str = 0;
 int num_success_copy_from_user_task = 0;
+int num_success_copy_from_user_task_str = 0;

 SEC("iter.s/task")
 int dump_task_sleepable(struct bpf_iter__task *ctx)
@@ -44,6 +47,9 @@ int dump_task_sleepable(struct bpf_iter__task *ctx)
 	struct task_struct *task = ctx->task;
 	static const char info[] = "    === END ===";
 	struct pt_regs *regs;
+	char task_str1[10] = "aaaaaaaaaa";
+	char task_str2[10], task_str3[10];
+	char task_str4[20] = "aaaaaaaaaaaaaaaaaaaa";
 	void *ptr;
 	uint32_t user_data = 0;
 	int ret;
@@ -78,8 +84,57 @@ int dump_task_sleepable(struct bpf_iter__task *ctx)
 		BPF_SEQ_PRINTF(seq, "%s\n", info);
 		return 0;
 	}
+
 	++num_success_copy_from_user_task;

+	/* Read an invalid pointer and ensure we get an error */
+	ptr = NULL;
+	ret = bpf_copy_from_user_task_str((char *)task_str1, sizeof(task_str1), ptr, task, 0);
+	if (ret >= 0 || task_str1[9] != 'a') {
+		BPF_SEQ_PRINTF(seq, "%s\n", info);
+		return 0;
+	}
+
+	/* Read an invalid pointer and ensure we get error with pad zeros flag */
+	ptr = NULL;
+	ret = bpf_copy_from_user_task_str((char *)task_str1, sizeof(task_str1), ptr, task, BPF_F_PAD_ZEROS);
+	if (ret >= 0 || task_str1[9] != '\0') {
+		BPF_SEQ_PRINTF(seq, "%s\n", info);
+		return 0;
+	}
+
+	++num_expected_failure_copy_from_user_task_str;
+
+	/* Same length as the string */
+	ret = bpf_copy_from_user_task_str((char *)task_str2, 10, user_ptr, task, 0);
+	if (bpf_strncmp(task_str2, 10, "test_data\0") != 0 || ret != 10) {
+		BPF_SEQ_PRINTF(seq, "%s\n", info);
+		return 0;
+	}
+
+	/* Shorter length than the string */
+	ret = bpf_copy_from_user_task_str((char *)task_str3, 9, user_ptr, task, 0);
+	if (bpf_strncmp(task_str3, 9, "test_dat\0") != 0 || ret != 9) {
+		BPF_SEQ_PRINTF(seq, "%s\n", info);
+		return 0;
+	}
+
+	/* Longer length than the string */
+	ret = bpf_copy_from_user_task_str((char *)task_str4, 20, user_ptr, task, 0);
+	if (bpf_strncmp(task_str4, 10, "test_data\0") != 0 || ret != 10 || task_str4[sizeof(task_str4) - 1] != 'a') {
+		BPF_SEQ_PRINTF(seq, "%s\n", info);
+		return 0;
+	}
+
+	/* Longer length than the string with pad zeros flag */
+	ret = bpf_copy_from_user_task_str((char *)task_str4, 20, user_ptr, task, BPF_F_PAD_ZEROS);
+	if (bpf_strncmp(task_str4, 10, "test_data\0") != 0 || ret != 10 || task_str4[sizeof(task_str4) - 1] != '\0') {
+		BPF_SEQ_PRINTF(seq, "%s\n", info);
+		return 0;
+	}
+
+	++num_success_copy_from_user_task_str;
+
 	if (ctx->meta->seq_num == 0)
 		BPF_SEQ_PRINTF(seq, "    tgid      gid     data\n");

diff --git a/tools/testing/selftests/bpf/progs/read_vsyscall.c b/tools/testing/selftests/bpf/progs/read_vsyscall.c
index 39ebef430059..623c1c5bd2d0 100644
--- a/tools/testing/selftests/bpf/progs/read_vsyscall.c
+++ b/tools/testing/selftests/bpf/progs/read_vsyscall.c
@@ -8,14 +8,15 @@

 int target_pid = 0;
 void *user_ptr = 0;
-int read_ret[9];
+int read_ret[10];

 char _license[] SEC("license") = "GPL";

 /*
- * This is the only kfunc, the others are helpers
+ * These are the kfuncs, the others are helpers
  */
 int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym;
+int bpf_copy_from_user_task_str(void *dst, u32, const void *, struct task_struct *, u64) __weak __ksym;

 SEC("fentry/" SYS_PREFIX "sys_nanosleep")
 int do_probe_read(void *ctx)
@@ -47,6 +48,7 @@ int do_copy_from_user(void *ctx)
 	read_ret[7] = bpf_copy_from_user_task(buf, sizeof(buf), user_ptr,
 					      bpf_get_current_task_btf(), 0);
 	read_ret[8] = bpf_copy_from_user_str((char *)buf, sizeof(buf), user_ptr, 0);
+	read_ret[9] = bpf_copy_from_user_task_str((char *)buf, sizeof(buf), user_ptr, bpf_get_current_task_btf(), 0);

 	return 0;
 }