From patchwork Tue Aug 31 09:10:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Palethorpe X-Patchwork-Id: 1522500 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=2001:1418:10:5::2; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.com header.i=@suse.com header.a=rsa-sha256 header.s=susede1 header.b=sPvV4lo2; dkim-atps=neutral Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GzLy11YHjz9s5R for ; Tue, 31 Aug 2021 19:10:33 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 90A073C9A40 for ; Tue, 31 Aug 2021 11:10:30 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-6.smtp.seeweb.it (in-6.smtp.seeweb.it [217.194.8.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id 7F0503C2A3D for ; Tue, 31 Aug 2021 11:10:19 +0200 (CEST) Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-6.smtp.seeweb.it (Postfix) with ESMTPS id 9AF751400176 for ; Tue, 31 Aug 2021 11:10:18 +0200 (CEST) Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id ED5841FE51; Tue, 31 Aug 2021 09:10:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1630401017; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xeNQ/MbTXU8ItX0KHTt5PIsuWo9QGYbToKdoFhjVCD4=; b=sPvV4lo2c1pTiSAHaElWwYSWpjvZUOVdoGLYbGbPTZ7Ba+1hXKNXHJsJP/BICnfXJuJY+M 1rh+a+k4nGT9dmRAoIfGXfC5id5JM7IcIPl50oFAS9Pmpgw8d1uqFLnbu0YIyPqG5JX6qP R7L28+EB/xQnDjgkFI/CVHAeKSNB4NE= Received: from g78.suse.de (unknown [10.163.24.38]) by relay2.suse.de (Postfix) with ESMTP id BB751A3BA1; Tue, 31 Aug 2021 09:10:17 +0000 (UTC) To: ltp@lists.linux.it Date: Tue, 31 Aug 2021 10:10:02 +0100 Message-Id: <20210831091005.25361-1-rpalethorpe@suse.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-6.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-6.smtp.seeweb.it Subject: [LTP] [PATCH v2 1/4] API: Add tst_printf to avoid specifying the output FD in tests X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Richard Palethorpe via ltp From: Richard Palethorpe Reply-To: Richard Palethorpe Cc: Richard Palethorpe Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" In bpf_common.h we have to print the verifier log with dprintf(STDERR_FILENO, ...) because it is usually too large for tst_{res,brk}(). As these functions use sprintf() and write() to allow printing in signal handlers. We can hide the STDERR_FILENO part in the library. Just incase we want to change the fileno at some point. Signed-off-by: Richard Palethorpe --- V2: Add this patch and use tst_printf include/tst_test.h | 3 +++ lib/tst_test.c | 9 +++++++++ 2 files changed, 12 insertions(+) diff --git a/include/tst_test.h b/include/tst_test.h index 27ebed94e..5e3619698 100644 --- a/include/tst_test.h +++ b/include/tst_test.h @@ -79,6 +79,9 @@ void tst_brk_(const char *file, const int lineno, int ttype, tst_brk_(__FILE__, __LINE__, (ttype), (arg_fmt), ##__VA_ARGS__);\ }) +void tst_printf(const char *const fmt, ...) + __attribute__((nonnull(1), format (printf, 1, 2))); + /* flush stderr and stdout */ void tst_flush(void); diff --git a/lib/tst_test.c b/lib/tst_test.c index b61aa8b03..4224353da 100644 --- a/lib/tst_test.c +++ b/lib/tst_test.c @@ -360,6 +360,15 @@ void tst_brk_(const char *file, const int lineno, int ttype, va_end(va); } +void tst_printf(const char *const fmt, ...) +{ + va_list va; + + va_start(va, fmt); + vdprintf(STDERR_FILENO, fmt, va); + va_end(va); +} + static void check_child_status(pid_t pid, int status) { int ret; From patchwork Tue Aug 31 09:10:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Palethorpe X-Patchwork-Id: 1522499 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=2001:1418:10:5::2; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.com header.i=@suse.com header.a=rsa-sha256 header.s=susede1 header.b=c00mR2/M; dkim-atps=neutral Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GzLxq6PFxz9s5R for ; Tue, 31 Aug 2021 19:10:23 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 56DFA3C4D5E for ; Tue, 31 Aug 2021 11:10:21 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-3.smtp.seeweb.it (in-3.smtp.seeweb.it [217.194.8.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id 619D03C2A0B for ; Tue, 31 Aug 2021 11:10:19 +0200 (CEST) Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-3.smtp.seeweb.it (Postfix) with ESMTPS id D00B21A00162 for ; Tue, 31 Aug 2021 11:10:18 +0200 (CEST) Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id 494232200C; Tue, 31 Aug 2021 09:10:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1630401018; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Jrcar/bR5Kxl1HxCeLU/dAGjaOyGWJfhcKqdwDo75Kk=; b=c00mR2/MIRehf3wb3GU4r0Fvyr9P5823F9Rq4n/26dgknIApYClw+gK5jl15cDT8N1DTz9 Lc390I7OjwH1o5uVj5yaQD/AG0VTYALbuz+SZQEZjblLIPynBOR0VZbiggHbOPhv9mwDU/ cYQ9alPP7/oxYwWqm+RLOSWIL1edwNg= Received: from g78.suse.de (unknown [10.163.24.38]) by relay2.suse.de (Postfix) with ESMTP id 0C6DAA3B98; Tue, 31 Aug 2021 09:10:18 +0000 (UTC) To: ltp@lists.linux.it Date: Tue, 31 Aug 2021 10:10:03 +0100 Message-Id: <20210831091005.25361-2-rpalethorpe@suse.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210831091005.25361-1-rpalethorpe@suse.com> References: <20210831091005.25361-1-rpalethorpe@suse.com> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-3.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-3.smtp.seeweb.it Subject: [LTP] [PATCH v2 2/4] bpf: Print full verification log X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Richard Palethorpe via ltp From: Richard Palethorpe Reply-To: Richard Palethorpe Cc: Richard Palethorpe Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" The log never falls within the 1024 byte limit imposed by format string buffer. So print it separately with dprintf. Signed-off-by: Richard Palethorpe --- testcases/kernel/syscalls/bpf/bpf_common.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/testcases/kernel/syscalls/bpf/bpf_common.c b/testcases/kernel/syscalls/bpf/bpf_common.c index ba0829a75..aac235cac 100644 --- a/testcases/kernel/syscalls/bpf/bpf_common.c +++ b/testcases/kernel/syscalls/bpf/bpf_common.c @@ -3,6 +3,8 @@ * Copyright (c) 2019-2020 Linux Test Project */ +#include + #define TST_NO_DEFAULT_MAIN #include "tst_test.h" #include "bpf_common.h" @@ -118,8 +120,10 @@ int bpf_load_prog(union bpf_attr *const attr, const char *const log) if (ret != -1) tst_brk(TBROK, "Invalid bpf() return value: %d", ret); - if (log[0] != 0) - tst_brk(TBROK | TERRNO, "Failed verification: %s", log); + if (log[0] != 0) { + tst_printf("%s\n", log); + tst_brk(TBROK | TERRNO, "Failed verification"); + } tst_brk(TBROK | TERRNO, "Failed to load program"); return ret; From patchwork Tue Aug 31 09:10:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Palethorpe X-Patchwork-Id: 1522501 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.com header.i=@suse.com header.a=rsa-sha256 header.s=susede1 header.b=ZSDzH/Xm; dkim-atps=neutral Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GzLyB5tWdz9sRN for ; Tue, 31 Aug 2021 19:10:42 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 9B6563C4CD2 for ; Tue, 31 Aug 2021 11:10:40 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-7.smtp.seeweb.it (in-7.smtp.seeweb.it [217.194.8.7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id AD1983C2A3D for ; Tue, 31 Aug 2021 11:10:19 +0200 (CEST) Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-7.smtp.seeweb.it (Postfix) with ESMTPS id E40182001AB for ; Tue, 31 Aug 2021 11:10:18 +0200 (CEST) Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id 8BCA722136; Tue, 31 Aug 2021 09:10:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1630401018; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fQs6bIRxYdSWYR/aqU5tV4cZAY/l0lh8asfkXZohVd8=; b=ZSDzH/XmamiJg7MqLURfHn6ojj76V00x9hpQlqposIBtSjoh+YPZm+8M9lc09Jgoy/5AOp bPr4NB6SlKx/XeHlmuKPwW40l++j+nG/Wpk+ipfGyfLW/bPTJFrLNhaiNQlR1KfhdODtKm 9W0u/MApVhKepUpR3TtJDPZHq76jbl0= Received: from g78.suse.de (unknown [10.163.24.38]) by relay2.suse.de (Postfix) with ESMTP id 5A9CCA3B98; Tue, 31 Aug 2021 09:10:18 +0000 (UTC) To: ltp@lists.linux.it Date: Tue, 31 Aug 2021 10:10:04 +0100 Message-Id: <20210831091005.25361-3-rpalethorpe@suse.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210831091005.25361-1-rpalethorpe@suse.com> References: <20210831091005.25361-1-rpalethorpe@suse.com> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-7.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-7.smtp.seeweb.it Subject: [LTP] [PATCH v2 3/4] bpf: Mention CAP_BPF in required privs and add fallback definition X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Richard Palethorpe via ltp From: Richard Palethorpe Reply-To: Richard Palethorpe Cc: Richard Palethorpe Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" We don't need CAP_SYS_ADMIN most of the time. bpf() can be called with only CAP_BPF even when unprivileged_bpf_disable > 0. When unprivileged_bpf_disable == 0, CAP_BPF also allows more features Vs. no privileges at all. Signed-off-by: Richard Palethorpe --- include/lapi/capability.h | 4 ++++ testcases/kernel/syscalls/bpf/bpf_common.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/include/lapi/capability.h b/include/lapi/capability.h index c6470f389..8cabd0f28 100644 --- a/include/lapi/capability.h +++ b/include/lapi/capability.h @@ -44,6 +44,10 @@ # define CAP_SYS_RESOURCE 24 #endif +#ifndef CAP_BPF +# define CAP_BPF 39 +#endif + #ifndef CAP_TO_INDEX # define CAP_TO_INDEX(x) ((x) >> 5) #endif diff --git a/testcases/kernel/syscalls/bpf/bpf_common.c b/testcases/kernel/syscalls/bpf/bpf_common.c index aac235cac..3afa6c51e 100644 --- a/testcases/kernel/syscalls/bpf/bpf_common.c +++ b/testcases/kernel/syscalls/bpf/bpf_common.c @@ -40,7 +40,7 @@ int bpf_map_create(union bpf_attr *const attr) if (errno == EPERM) { tst_res(TCONF, "Hint: check also /proc/sys/kernel/unprivileged_bpf_disabled"); tst_brk(TCONF | TERRNO, - "bpf() requires CAP_SYS_ADMIN on this system"); + "bpf() requires CAP_SYS_ADMIN or CAP_BPF on this system"); } else { tst_brk(TBROK | TERRNO, "Failed to create array map"); } From patchwork Tue Aug 31 09:10:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Palethorpe X-Patchwork-Id: 1522502 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.com header.i=@suse.com header.a=rsa-sha256 header.s=susede1 header.b=Gqttr/8j; dkim-atps=neutral Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GzLyM3DyYz9s5R for ; Tue, 31 Aug 2021 19:10:51 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 4E8293C9A45 for ; Tue, 31 Aug 2021 11:10:49 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-3.smtp.seeweb.it (in-3.smtp.seeweb.it [IPv6:2001:4b78:1:20::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id AA3873C2A0B for ; Tue, 31 Aug 2021 11:10:19 +0200 (CEST) Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-3.smtp.seeweb.it (Postfix) with ESMTPS id 3FDD71A00A3C for ; Tue, 31 Aug 2021 11:10:19 +0200 (CEST) Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id CF5A91FE60; Tue, 31 Aug 2021 09:10:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1630401018; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=iiloIT9z/mwhJnCqLOkvS7DjpxKKZ2sMgZXJ0NJO8uY=; b=Gqttr/8jtxAN0OchoGFNXS9jBZdDJwXcRf+FdAnJuAYw6oiZXDc+S066rZfJeuNYLDsVHm wMLQP8Yg2i7NxH6LoHGCXKoH2mf++6rWNNoU2McdRSps4llOM7WIgCF1vRJ9+u+RKD6V5f ay7OfEDOxaajRRtR0IakP5mDU/WQ5ho= Received: from g78.suse.de (unknown [10.163.24.38]) by relay2.suse.de (Postfix) with ESMTP id 9E1C1A3B98; Tue, 31 Aug 2021 09:10:18 +0000 (UTC) To: ltp@lists.linux.it Date: Tue, 31 Aug 2021 10:10:05 +0100 Message-Id: <20210831091005.25361-4-rpalethorpe@suse.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210831091005.25361-1-rpalethorpe@suse.com> References: <20210831091005.25361-1-rpalethorpe@suse.com> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-3.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-3.smtp.seeweb.it Subject: [LTP] [PATCH v2 4/4] bpf_prog05: Drop CAP_BPF and check if ptr arithmetic is allowed X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Richard Palethorpe via ltp From: Richard Palethorpe Reply-To: Richard Palethorpe Cc: Richard Palethorpe Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" On older kernels pointer arithmetic requires CAP_BPF. They also lack the ability to call BPF subprogs. This makes it difficult to exploit the div/mod behavior. Older kernels leave div/mod by zero undefined. This causes the test to fail and backporting the new behavior is difficult. So when we find that pointer arithmetic is not possible without CAP_BPF we can return TCONF. Because in this case, we know the test will fail, the risk is limited and there is little that can be done about it. Signed-off-by: Richard Palethorpe --- include/lapi/bpf.h | 1 + testcases/kernel/syscalls/bpf/bpf_prog05.c | 44 +++++++++++++++++++++- 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/include/lapi/bpf.h b/include/lapi/bpf.h index 0e4527b8b..f9e50c6b7 100644 --- a/include/lapi/bpf.h +++ b/include/lapi/bpf.h @@ -27,6 +27,7 @@ #define BPF_JNE 0x50 /* jump != */ #define BPF_SIZE(code) ((code) & 0x18) +#define BPF_B 0x10 /* 8-bit */ #define BPF_W 0x00 /* 32-bit */ #define BPF_DW 0x18 /* double word (64-bit) */ diff --git a/testcases/kernel/syscalls/bpf/bpf_prog05.c b/testcases/kernel/syscalls/bpf/bpf_prog05.c index b2792c505..2be5a2cc9 100644 --- a/testcases/kernel/syscalls/bpf/bpf_prog05.c +++ b/testcases/kernel/syscalls/bpf/bpf_prog05.c @@ -63,6 +63,45 @@ static uint64_t *val; static char *log; static union bpf_attr *attr; +static void ensure_ptr_arithmetic(void) +{ + const struct bpf_insn prog_insn[] = { + /* r2 = r10 + * r3 = -1 + * r2 += r3 + * *(char *)r2 = 0 + */ + BPF_MOV64_REG(BPF_REG_2, BPF_REG_10), + BPF_MOV64_IMM(BPF_REG_3, -1), + BPF_ALU64_REG(BPF_ADD, BPF_REG_2, BPF_REG_3), + BPF_ST_MEM(BPF_B, BPF_REG_2, 0, 0), + + /* exit(0) */ + BPF_MOV64_IMM(BPF_REG_0, 0), + BPF_EXIT_INSN() + }; + int ret; + + bpf_init_prog_attr(attr, prog_insn, sizeof(prog_insn), log, BUFSIZE); + + ret = TST_RETRY_FUNC(bpf(BPF_PROG_LOAD, attr, sizeof(*attr)), + TST_RETVAL_GE0); + + if (ret >= 0) { + tst_res(TINFO, "Have pointer arithmetic"); + SAFE_CLOSE(ret); + return; + } + + if (ret != -1) + tst_brk(TBROK, "Invalid bpf() return value: %d", ret); + + if (log[0] != 0) + tst_brk(TCONF | TERRNO, "No pointer arithmetic:\n %s", log); + + tst_brk(TBROK | TERRNO, "Failed to load program"); +} + static int load_prog(void) { const struct bpf_insn prog_insn[] = { @@ -132,7 +171,9 @@ static void run(void) { int prog_fd; - map_fd = bpf_map_array_create(4); + map_fd = bpf_map_array_create(8); + + ensure_ptr_arithmetic(); prog_fd = load_prog(); bpf_run_prog(prog_fd, msg, sizeof(MSG)); SAFE_CLOSE(prog_fd); @@ -157,6 +198,7 @@ static struct tst_test test = { .taint_check = TST_TAINT_W | TST_TAINT_D, .caps = (struct tst_cap []) { TST_CAP(TST_CAP_DROP, CAP_SYS_ADMIN), + TST_CAP(TST_CAP_DROP, CAP_BPF), {} }, .bufs = (struct tst_buffers []) {