Skip to content

Commit d2db08c

Browse files
jrfastabAlexei Starovoitov
jrfastab
authored and
Alexei Starovoitov
committed
bpf: Test_progs, add test to catch retval refine error handling
Before this series the verifier would clamp return bounds of bpf_get_stack() to [0, X] and this led the verifier to believe that a JMP_JSLT 0 would be false and so would prune that path. The result is anything hidden behind that JSLT would be unverified. Add a test to catch this case by hiding an goto pc-1 behind the check which will cause an infinite loop if not rejected. Signed-off-by: John Fastabend <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/158560423908.10843.11783152347709008373.stgit@john-Precision-5820-Tower
1 parent fa123ac commit d2db08c

File tree

2 files changed

+31
-0
lines changed

2 files changed

+31
-0
lines changed

tools/testing/selftests/bpf/prog_tests/get_stack_raw_tp.c

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,7 @@ static void get_stack_print_output(void *ctx, int cpu, void *data, __u32 size)
8282
void test_get_stack_raw_tp(void)
8383
{
8484
const char *file = "./test_get_stack_rawtp.o";
85+
const char *file_err = "./test_get_stack_rawtp_err.o";
8586
const char *prog_name = "raw_tracepoint/sys_enter";
8687
int i, err, prog_fd, exp_cnt = MAX_CNT_RAWTP;
8788
struct perf_buffer_opts pb_opts = {};
@@ -93,6 +94,10 @@ void test_get_stack_raw_tp(void)
9394
struct bpf_map *map;
9495
cpu_set_t cpu_set;
9596

97+
err = bpf_prog_load(file_err, BPF_PROG_TYPE_RAW_TRACEPOINT, &obj, &prog_fd);
98+
if (CHECK(err >= 0, "prog_load raw tp", "err %d errno %d\n", err, errno))
99+
return;
100+
96101
err = bpf_prog_load(file, BPF_PROG_TYPE_RAW_TRACEPOINT, &obj, &prog_fd);
97102
if (CHECK(err, "prog_load raw tp", "err %d errno %d\n", err, errno))
98103
return;

tools/testing/selftests/bpf/progs/test_get_stack_rawtp_err.c

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
// SPDX-License-Identifier: GPL-2.0
2+
3+
#include <linux/bpf.h>
4+
#include <bpf/bpf_helpers.h>
5+
6+
#define MAX_STACK_RAWTP 10
7+
8+
SEC("raw_tracepoint/sys_enter")
9+
int bpf_prog2(void *ctx)
10+
{
11+
__u64 stack[MAX_STACK_RAWTP];
12+
int error;
13+
14+
/* set all the flags which should return -EINVAL */
15+
error = bpf_get_stack(ctx, stack, 0, -1);
16+
if (error < 0)
17+
goto loop;
18+
19+
return error;
20+
loop:
21+
while (1) {
22+
error++;
23+
}
24+
}
25+
26+
char _license[] SEC("license") = "GPL";

0 commit comments

Comments
 (0)