selftests/bpf: Add verifier tests for bpf_sk_lookup context access
Exercise verifier access checks for bpf_sk_lookup context fields. Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20200717103536.397595-15-jakub@cloudflare.com
This commit is contained in:
Родитель
93a3545d81
Коммит
f7726cbea4
|
@ -0,0 +1,492 @@
|
||||||
|
{
|
||||||
|
"valid 1,2,4,8-byte reads from bpf_sk_lookup",
|
||||||
|
.insns = {
|
||||||
|
/* 1-byte read from family field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family) + 3),
|
||||||
|
/* 2-byte read from family field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family) + 2),
|
||||||
|
/* 4-byte read from family field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family)),
|
||||||
|
|
||||||
|
/* 1-byte read from protocol field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol) + 3),
|
||||||
|
/* 2-byte read from protocol field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol) + 2),
|
||||||
|
/* 4-byte read from protocol field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol)),
|
||||||
|
|
||||||
|
/* 1-byte read from remote_ip4 field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4) + 3),
|
||||||
|
/* 2-byte read from remote_ip4 field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4) + 2),
|
||||||
|
/* 4-byte read from remote_ip4 field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4)),
|
||||||
|
|
||||||
|
/* 1-byte read from remote_ip6 field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 3),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 4),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 5),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 6),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 7),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 8),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 9),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 10),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 11),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 12),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 13),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 14),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 15),
|
||||||
|
/* 2-byte read from remote_ip6 field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 4),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 6),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 8),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 10),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 12),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 14),
|
||||||
|
/* 4-byte read from remote_ip6 field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6)),
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 4),
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 8),
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6) + 12),
|
||||||
|
|
||||||
|
/* 1-byte read from remote_port field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port) + 3),
|
||||||
|
/* 2-byte read from remote_port field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port) + 2),
|
||||||
|
/* 4-byte read from remote_port field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port)),
|
||||||
|
|
||||||
|
/* 1-byte read from local_ip4 field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4) + 3),
|
||||||
|
/* 2-byte read from local_ip4 field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4) + 2),
|
||||||
|
/* 4-byte read from local_ip4 field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4)),
|
||||||
|
|
||||||
|
/* 1-byte read from local_ip6 field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 3),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 4),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 5),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 6),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 7),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 8),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 9),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 10),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 11),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 12),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 13),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 14),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 15),
|
||||||
|
/* 2-byte read from local_ip6 field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 4),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 6),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 8),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 10),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 12),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 14),
|
||||||
|
/* 4-byte read from local_ip6 field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6)),
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 4),
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 8),
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6) + 12),
|
||||||
|
|
||||||
|
/* 1-byte read from local_port field */
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port)),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port) + 1),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port) + 2),
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port) + 3),
|
||||||
|
/* 2-byte read from local_port field */
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port)),
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port) + 2),
|
||||||
|
/* 4-byte read from local_port field */
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port)),
|
||||||
|
|
||||||
|
/* 8-byte read from sk field */
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, sk)),
|
||||||
|
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.result = ACCEPT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
/* invalid 8-byte reads from a 4-byte fields in bpf_sk_lookup */
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup family field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, family)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup protocol field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, protocol)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup remote_ip4 field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip4)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup remote_ip6 field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_ip6)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup remote_port field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, remote_port)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup local_ip4 field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip4)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup local_ip6 field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_ip6)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 8-byte read from bpf_sk_lookup local_port field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, local_port)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
/* invalid 1,2,4-byte reads from 8-byte fields in bpf_sk_lookup */
|
||||||
|
{
|
||||||
|
"invalid 4-byte read from bpf_sk_lookup sk field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, sk)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 2-byte read from bpf_sk_lookup sk field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, sk)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 1-byte read from bpf_sk_lookup sk field",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
|
||||||
|
offsetof(struct bpf_sk_lookup, sk)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
/* out of bounds and unaligned reads from bpf_sk_lookup */
|
||||||
|
{
|
||||||
|
"invalid 4-byte read past end of bpf_sk_lookup",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
|
||||||
|
sizeof(struct bpf_sk_lookup)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 4-byte unaligned read from bpf_sk_lookup at odd offset",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 1),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 4-byte unaligned read from bpf_sk_lookup at even offset",
|
||||||
|
.insns = {
|
||||||
|
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 2),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
/* in-bound and out-of-bound writes to bpf_sk_lookup */
|
||||||
|
{
|
||||||
|
"invalid 8-byte write to bpf_sk_lookup",
|
||||||
|
.insns = {
|
||||||
|
BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
|
||||||
|
BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_0, 0),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 4-byte write to bpf_sk_lookup",
|
||||||
|
.insns = {
|
||||||
|
BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
|
||||||
|
BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_0, 0),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 2-byte write to bpf_sk_lookup",
|
||||||
|
.insns = {
|
||||||
|
BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
|
||||||
|
BPF_STX_MEM(BPF_H, BPF_REG_1, BPF_REG_0, 0),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 1-byte write to bpf_sk_lookup",
|
||||||
|
.insns = {
|
||||||
|
BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
|
||||||
|
BPF_STX_MEM(BPF_B, BPF_REG_1, BPF_REG_0, 0),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"invalid 4-byte write past end of bpf_sk_lookup",
|
||||||
|
.insns = {
|
||||||
|
BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
|
||||||
|
BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_0,
|
||||||
|
sizeof(struct bpf_sk_lookup)),
|
||||||
|
BPF_MOV32_IMM(BPF_REG_0, 0),
|
||||||
|
BPF_EXIT_INSN(),
|
||||||
|
},
|
||||||
|
.errstr = "invalid bpf_context access",
|
||||||
|
.result = REJECT,
|
||||||
|
.prog_type = BPF_PROG_TYPE_SK_LOOKUP,
|
||||||
|
.expected_attach_type = BPF_SK_LOOKUP,
|
||||||
|
},
|
Загрузка…
Ссылка в новой задаче