* [bpf-next v9 1/2] bpf: Add bpf_copy_from_user_str kfunc @ 2024-08-23 18:48 Jordan Rome 2024-08-23 18:48 ` [bpf-next v9 2/2] bpf: Add tests for " Jordan Rome 0 siblings, 1 reply; 6+ messages in thread From: Jordan Rome @ 2024-08-23 18:48 UTC (permalink / raw) To: bpf Cc: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Kernel Team, sinquersw This adds a kfunc wrapper around strncpy_from_user, which can be called from sleepable BPF programs. This matches the non-sleepable 'bpf_probe_read_user_str' helper except it includes an additional 'flags' param, which allows consumers to clear the entire destination buffer on success or failure. Signed-off-by: Jordan Rome <linux@jordanrome.com> --- include/uapi/linux/bpf.h | 9 ++++++++ kernel/bpf/helpers.c | 42 ++++++++++++++++++++++++++++++++++ tools/include/uapi/linux/bpf.h | 9 ++++++++ 3 files changed, 60 insertions(+) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index e05b39e39c3f..d015fdcdad3a 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -7513,4 +7513,13 @@ struct bpf_iter_num { __u64 __opaque[1]; } __attribute__((aligned(8))); +/* + * Flags to control bpf_copy_from_user_str() behaviour. + * - BPF_F_PAD_ZEROS: Pad destination buffer with zeros. (See the respective + * helper documentation for details.) + */ +enum bpf_kfunc_flags { + BPF_F_PAD_ZEROS = (1ULL << 0), +}; + #endif /* _UAPI__LINUX_BPF_H__ */ diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index d02ae323996b..5f065804c096 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -2939,6 +2939,47 @@ __bpf_kfunc void bpf_iter_bits_destroy(struct bpf_iter_bits *it) bpf_mem_free(&bpf_global_ma, kit->bits); } +/** + * bpf_copy_from_user_str() - Copy a string from an unsafe user address + * @dst: Destination address, in kernel space. This buffer must be at + * least @dst__sz bytes long. + * @dst__sz: Maximum number of bytes to copy, including the trailing NUL. + * @unsafe_ptr__ign: Source address, in user space. + * @flags: The only supported flag is BPF_F_PAD_ZEROS + * + * Copies a NUL-terminated string from userspace to BPF space. If user string is + * too long this will still ensure zero termination in the dst buffer unless + * buffer size is 0. + * + * If BPF_F_PAD_ZEROS flag is set, memset the tail of @dst to 0 on success and + * memset all of @dst on failure. + */ +__bpf_kfunc int bpf_copy_from_user_str(void *dst, u32 dst__sz, const void __user *unsafe_ptr__ign, u64 flags) +{ + int ret; + + if (unlikely(flags & ~BPF_F_PAD_ZEROS)) + return -EINVAL; + + if (unlikely(!dst__sz)) + return 0; + + ret = strncpy_from_user(dst, unsafe_ptr__ign, dst__sz - 1); + if (ret < 0) { + if (flags & BPF_F_PAD_ZEROS) + memset((char *)dst, 0, dst__sz); + + return ret; + } + + if (flags & BPF_F_PAD_ZEROS) + memset((char *)dst + ret, 0, dst__sz - ret); + else + ((char *)dst)[ret] = '\0'; + + return ret + 1; +} + __bpf_kfunc_end_defs(); BTF_KFUNCS_START(generic_btf_ids) @@ -3024,6 +3065,7 @@ BTF_ID_FLAGS(func, bpf_preempt_enable) BTF_ID_FLAGS(func, bpf_iter_bits_new, KF_ITER_NEW) BTF_ID_FLAGS(func, bpf_iter_bits_next, KF_ITER_NEXT | KF_RET_NULL) BTF_ID_FLAGS(func, bpf_iter_bits_destroy, KF_ITER_DESTROY) +BTF_ID_FLAGS(func, bpf_copy_from_user_str, KF_SLEEPABLE) BTF_KFUNCS_END(common_btf_ids) static const struct btf_kfunc_id_set common_kfunc_set = { diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index e05b39e39c3f..d015fdcdad3a 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -7513,4 +7513,13 @@ struct bpf_iter_num { __u64 __opaque[1]; } __attribute__((aligned(8))); +/* + * Flags to control bpf_copy_from_user_str() behaviour. + * - BPF_F_PAD_ZEROS: Pad destination buffer with zeros. (See the respective + * helper documentation for details.) + */ +enum bpf_kfunc_flags { + BPF_F_PAD_ZEROS = (1ULL << 0), +}; + #endif /* _UAPI__LINUX_BPF_H__ */ -- 2.43.5 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* [bpf-next v9 2/2] bpf: Add tests for bpf_copy_from_user_str kfunc 2024-08-23 18:48 [bpf-next v9 1/2] bpf: Add bpf_copy_from_user_str kfunc Jordan Rome @ 2024-08-23 18:48 ` Jordan Rome 2024-08-23 18:52 ` Alexei Starovoitov 2024-08-23 18:59 ` Andrii Nakryiko 0 siblings, 2 replies; 6+ messages in thread From: Jordan Rome @ 2024-08-23 18:48 UTC (permalink / raw) To: bpf Cc: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Kernel Team, sinquersw This adds tests for both the happy path and the error path. Signed-off-by: Jordan Rome <linux@jordanrome.com> --- .../selftests/bpf/prog_tests/attach_probe.c | 8 ++- .../selftests/bpf/prog_tests/read_vsyscall.c | 1 + .../selftests/bpf/progs/read_vsyscall.c | 9 ++- .../selftests/bpf/progs/test_attach_probe.c | 64 ++++++++++++++++++- 4 files changed, 75 insertions(+), 7 deletions(-) diff --git a/tools/testing/selftests/bpf/prog_tests/attach_probe.c b/tools/testing/selftests/bpf/prog_tests/attach_probe.c index 7175af39134f..329c7862b52d 100644 --- a/tools/testing/selftests/bpf/prog_tests/attach_probe.c +++ b/tools/testing/selftests/bpf/prog_tests/attach_probe.c @@ -283,9 +283,11 @@ static void test_uprobe_sleepable(struct test_attach_probe *skel) trigger_func3(); ASSERT_EQ(skel->bss->uprobe_byname3_sleepable_res, 9, "check_uprobe_byname3_sleepable_res"); - ASSERT_EQ(skel->bss->uprobe_byname3_res, 10, "check_uprobe_byname3_res"); - ASSERT_EQ(skel->bss->uretprobe_byname3_sleepable_res, 11, "check_uretprobe_byname3_sleepable_res"); - ASSERT_EQ(skel->bss->uretprobe_byname3_res, 12, "check_uretprobe_byname3_res"); + ASSERT_EQ(skel->bss->uprobe_byname3_str_sleepable_res, 10, "check_uprobe_byname3_str_sleepable_res"); + ASSERT_EQ(skel->bss->uprobe_byname3_res, 11, "check_uprobe_byname3_res"); + ASSERT_EQ(skel->bss->uretprobe_byname3_sleepable_res, 12, "check_uretprobe_byname3_sleepable_res"); + ASSERT_EQ(skel->bss->uretprobe_byname3_str_sleepable_res, 13, "check_uretprobe_byname3_str_sleepable_res"); + ASSERT_EQ(skel->bss->uretprobe_byname3_res, 14, "check_uretprobe_byname3_res"); } void test_attach_probe(void) diff --git a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c index 3405923fe4e6..c7b9ba8b1d06 100644 --- a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c +++ b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c @@ -23,6 +23,7 @@ struct read_ret_desc { { .name = "probe_read_user_str", .ret = -EFAULT }, { .name = "copy_from_user", .ret = -EFAULT }, { .name = "copy_from_user_task", .ret = -EFAULT }, + { .name = "copy_from_user_str", .ret = -EFAULT }, }; void test_read_vsyscall(void) diff --git a/tools/testing/selftests/bpf/progs/read_vsyscall.c b/tools/testing/selftests/bpf/progs/read_vsyscall.c index 986f96687ae1..39ebef430059 100644 --- a/tools/testing/selftests/bpf/progs/read_vsyscall.c +++ b/tools/testing/selftests/bpf/progs/read_vsyscall.c @@ -1,5 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (C) 2024. Huawei Technologies Co., Ltd */ +#include "vmlinux.h" #include <linux/types.h> #include <bpf/bpf_helpers.h> @@ -7,10 +8,15 @@ int target_pid = 0; void *user_ptr = 0; -int read_ret[8]; +int read_ret[9]; char _license[] SEC("license") = "GPL"; +/* + * This is the only kfunc, the others are helpers + */ +int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym; + SEC("fentry/" SYS_PREFIX "sys_nanosleep") int do_probe_read(void *ctx) { @@ -40,6 +46,7 @@ int do_copy_from_user(void *ctx) read_ret[6] = bpf_copy_from_user(buf, sizeof(buf), user_ptr); read_ret[7] = bpf_copy_from_user_task(buf, sizeof(buf), user_ptr, bpf_get_current_task_btf(), 0); + read_ret[8] = bpf_copy_from_user_str((char *)buf, sizeof(buf), user_ptr, 0); return 0; } diff --git a/tools/testing/selftests/bpf/progs/test_attach_probe.c b/tools/testing/selftests/bpf/progs/test_attach_probe.c index 68466a6ad18c..0b16502726f8 100644 --- a/tools/testing/selftests/bpf/progs/test_attach_probe.c +++ b/tools/testing/selftests/bpf/progs/test_attach_probe.c @@ -5,6 +5,7 @@ #include <bpf/bpf_helpers.h> #include <bpf/bpf_tracing.h> #include <bpf/bpf_core_read.h> +#include <errno.h> #include "bpf_misc.h" int kprobe2_res = 0; @@ -14,10 +15,15 @@ int uretprobe_byname_res = 0; int uprobe_byname2_res = 0; int uretprobe_byname2_res = 0; int uprobe_byname3_sleepable_res = 0; +int uprobe_byname3_str_sleepable_res = 0; int uprobe_byname3_res = 0; int uretprobe_byname3_sleepable_res = 0; +int uretprobe_byname3_str_sleepable_res = 0; int uretprobe_byname3_res = 0; void *user_ptr = 0; +u32 dynamic_sz = 1; + +int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym; SEC("ksyscall/nanosleep") int BPF_KSYSCALL(handle_kprobe_auto, struct __kernel_timespec *req, struct __kernel_timespec *rem) @@ -87,11 +93,61 @@ static __always_inline bool verify_sleepable_user_copy(void) return bpf_strncmp(data, sizeof(data), "test_data") == 0; } +static __always_inline bool verify_sleepable_user_copy_str(void) +{ + int ret; + char data_long[20]; + char data_long_pad[20]; + char data_long_err[20]; + char data_short[4]; + char data_short_pad[4]; + + ret = bpf_copy_from_user_str(data_short, sizeof(data_short), user_ptr, 0); + + if (bpf_strncmp(data_short, 4, "tes\0") != 0 || ret != 4) + return false; + + ret = bpf_copy_from_user_str(data_short_pad, sizeof(data_short_pad), user_ptr, BPF_F_PAD_ZEROS); + + if (bpf_strncmp(data_short, 4, "tes\0") != 0 || ret != 4) + return false; + + // Make sure this passes the verifier + ret = bpf_copy_from_user_str(data_long, dynamic_sz &= sizeof(data_long), user_ptr, 0); + + if (ret != 0) + return false; + + ret = bpf_copy_from_user_str(data_long, sizeof(data_long), user_ptr, 0); + + if (bpf_strncmp(data_long, 10, "test_data\0") != 0 || ret != 10) + return false; + + ret = bpf_copy_from_user_str(data_long_pad, sizeof(data_long_pad), user_ptr, BPF_F_PAD_ZEROS); + + if (bpf_strncmp(data_long_pad, 10, "test_data\0") != 0 || ret != 10 || data_long_pad[19] != '\0') + return false; + + ret = bpf_copy_from_user_str(data_long_err, sizeof(data_long_err), (void *)data_long, BPF_F_PAD_ZEROS); + + if (ret > 0 || data_long_err[19] != '\0') + return false; + + ret = bpf_copy_from_user_str(data_long, sizeof(data_long), user_ptr, 2); + + if (ret != -EINVAL) + return false; + + return true; +} + SEC("uprobe.s//proc/self/exe:trigger_func3") int handle_uprobe_byname3_sleepable(struct pt_regs *ctx) { if (verify_sleepable_user_copy()) uprobe_byname3_sleepable_res = 9; + if (verify_sleepable_user_copy_str()) + uprobe_byname3_str_sleepable_res = 10; return 0; } @@ -102,7 +158,7 @@ int handle_uprobe_byname3_sleepable(struct pt_regs *ctx) SEC("uprobe//proc/self/exe:trigger_func3") int handle_uprobe_byname3(struct pt_regs *ctx) { - uprobe_byname3_res = 10; + uprobe_byname3_res = 11; return 0; } @@ -110,14 +166,16 @@ SEC("uretprobe.s//proc/self/exe:trigger_func3") int handle_uretprobe_byname3_sleepable(struct pt_regs *ctx) { if (verify_sleepable_user_copy()) - uretprobe_byname3_sleepable_res = 11; + uretprobe_byname3_sleepable_res = 12; + if (verify_sleepable_user_copy_str()) + uretprobe_byname3_str_sleepable_res = 13; return 0; } SEC("uretprobe//proc/self/exe:trigger_func3") int handle_uretprobe_byname3(struct pt_regs *ctx) { - uretprobe_byname3_res = 12; + uretprobe_byname3_res = 14; return 0; } -- 2.43.5 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [bpf-next v9 2/2] bpf: Add tests for bpf_copy_from_user_str kfunc 2024-08-23 18:48 ` [bpf-next v9 2/2] bpf: Add tests for " Jordan Rome @ 2024-08-23 18:52 ` Alexei Starovoitov 2024-08-23 18:55 ` Jordan Rome 2024-08-23 18:59 ` Andrii Nakryiko 1 sibling, 1 reply; 6+ messages in thread From: Alexei Starovoitov @ 2024-08-23 18:52 UTC (permalink / raw) To: Jordan Rome Cc: bpf, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Kernel Team, Kui-Feng Lee On Fri, Aug 23, 2024 at 11:49 AM Jordan Rome <linux@jordanrome.com> wrote: > > +u32 dynamic_sz = 1; .. > + > + // Make sure this passes the verifier > + ret = bpf_copy_from_user_str(data_long, dynamic_sz &= sizeof(data_long), user_ptr, 0); Did you really mean to &= into the global variable while passing it as an argument? And the compiler didn't warn? ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [bpf-next v9 2/2] bpf: Add tests for bpf_copy_from_user_str kfunc 2024-08-23 18:52 ` Alexei Starovoitov @ 2024-08-23 18:55 ` Jordan Rome 0 siblings, 0 replies; 6+ messages in thread From: Jordan Rome @ 2024-08-23 18:55 UTC (permalink / raw) To: Alexei Starovoitov Cc: bpf, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Kernel Team, Kui-Feng Lee On Fri, Aug 23, 2024 at 2:52 PM Alexei Starovoitov <alexei.starovoitov@gmail.com> wrote: > > On Fri, Aug 23, 2024 at 11:49 AM Jordan Rome <linux@jordanrome.com> wrote: > > > > +u32 dynamic_sz = 1; > > .. > > > + > > + // Make sure this passes the verifier > > + ret = bpf_copy_from_user_str(data_long, dynamic_sz &= sizeof(data_long), user_ptr, 0); > > Did you really mean to &= into the global variable while passing it as > an argument? > > And the compiler didn't warn? The compiler didn't warn but no, I meant to do just '&' - here comes v10! ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [bpf-next v9 2/2] bpf: Add tests for bpf_copy_from_user_str kfunc 2024-08-23 18:48 ` [bpf-next v9 2/2] bpf: Add tests for " Jordan Rome 2024-08-23 18:52 ` Alexei Starovoitov @ 2024-08-23 18:59 ` Andrii Nakryiko 2024-08-23 19:05 ` Jordan Rome 1 sibling, 1 reply; 6+ messages in thread From: Andrii Nakryiko @ 2024-08-23 18:59 UTC (permalink / raw) To: Jordan Rome Cc: bpf, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Kernel Team, sinquersw On Fri, Aug 23, 2024 at 11:49 AM Jordan Rome <linux@jordanrome.com> wrote: > > This adds tests for both the happy path and > the error path. > > Signed-off-by: Jordan Rome <linux@jordanrome.com> > --- > .../selftests/bpf/prog_tests/attach_probe.c | 8 ++- > .../selftests/bpf/prog_tests/read_vsyscall.c | 1 + > .../selftests/bpf/progs/read_vsyscall.c | 9 ++- > .../selftests/bpf/progs/test_attach_probe.c | 64 ++++++++++++++++++- > 4 files changed, 75 insertions(+), 7 deletions(-) > > diff --git a/tools/testing/selftests/bpf/prog_tests/attach_probe.c b/tools/testing/selftests/bpf/prog_tests/attach_probe.c > index 7175af39134f..329c7862b52d 100644 > --- a/tools/testing/selftests/bpf/prog_tests/attach_probe.c > +++ b/tools/testing/selftests/bpf/prog_tests/attach_probe.c > @@ -283,9 +283,11 @@ static void test_uprobe_sleepable(struct test_attach_probe *skel) > trigger_func3(); > > ASSERT_EQ(skel->bss->uprobe_byname3_sleepable_res, 9, "check_uprobe_byname3_sleepable_res"); > - ASSERT_EQ(skel->bss->uprobe_byname3_res, 10, "check_uprobe_byname3_res"); > - ASSERT_EQ(skel->bss->uretprobe_byname3_sleepable_res, 11, "check_uretprobe_byname3_sleepable_res"); > - ASSERT_EQ(skel->bss->uretprobe_byname3_res, 12, "check_uretprobe_byname3_res"); > + ASSERT_EQ(skel->bss->uprobe_byname3_str_sleepable_res, 10, "check_uprobe_byname3_str_sleepable_res"); > + ASSERT_EQ(skel->bss->uprobe_byname3_res, 11, "check_uprobe_byname3_res"); > + ASSERT_EQ(skel->bss->uretprobe_byname3_sleepable_res, 12, "check_uretprobe_byname3_sleepable_res"); > + ASSERT_EQ(skel->bss->uretprobe_byname3_str_sleepable_res, 13, "check_uretprobe_byname3_str_sleepable_res"); > + ASSERT_EQ(skel->bss->uretprobe_byname3_res, 14, "check_uretprobe_byname3_res"); > } > > void test_attach_probe(void) > diff --git a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c > index 3405923fe4e6..c7b9ba8b1d06 100644 > --- a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c > +++ b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c > @@ -23,6 +23,7 @@ struct read_ret_desc { > { .name = "probe_read_user_str", .ret = -EFAULT }, > { .name = "copy_from_user", .ret = -EFAULT }, > { .name = "copy_from_user_task", .ret = -EFAULT }, > + { .name = "copy_from_user_str", .ret = -EFAULT }, > }; > > void test_read_vsyscall(void) > diff --git a/tools/testing/selftests/bpf/progs/read_vsyscall.c b/tools/testing/selftests/bpf/progs/read_vsyscall.c > index 986f96687ae1..39ebef430059 100644 > --- a/tools/testing/selftests/bpf/progs/read_vsyscall.c > +++ b/tools/testing/selftests/bpf/progs/read_vsyscall.c > @@ -1,5 +1,6 @@ > // SPDX-License-Identifier: GPL-2.0 > /* Copyright (C) 2024. Huawei Technologies Co., Ltd */ > +#include "vmlinux.h" > #include <linux/types.h> > #include <bpf/bpf_helpers.h> > > @@ -7,10 +8,15 @@ > > int target_pid = 0; > void *user_ptr = 0; > -int read_ret[8]; > +int read_ret[9]; > > char _license[] SEC("license") = "GPL"; > > +/* > + * This is the only kfunc, the others are helpers > + */ > +int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym; > + > SEC("fentry/" SYS_PREFIX "sys_nanosleep") > int do_probe_read(void *ctx) > { > @@ -40,6 +46,7 @@ int do_copy_from_user(void *ctx) > read_ret[6] = bpf_copy_from_user(buf, sizeof(buf), user_ptr); > read_ret[7] = bpf_copy_from_user_task(buf, sizeof(buf), user_ptr, > bpf_get_current_task_btf(), 0); > + read_ret[8] = bpf_copy_from_user_str((char *)buf, sizeof(buf), user_ptr, 0); > > return 0; > } > diff --git a/tools/testing/selftests/bpf/progs/test_attach_probe.c b/tools/testing/selftests/bpf/progs/test_attach_probe.c > index 68466a6ad18c..0b16502726f8 100644 > --- a/tools/testing/selftests/bpf/progs/test_attach_probe.c > +++ b/tools/testing/selftests/bpf/progs/test_attach_probe.c > @@ -5,6 +5,7 @@ > #include <bpf/bpf_helpers.h> > #include <bpf/bpf_tracing.h> > #include <bpf/bpf_core_read.h> > +#include <errno.h> > #include "bpf_misc.h" > > int kprobe2_res = 0; > @@ -14,10 +15,15 @@ int uretprobe_byname_res = 0; > int uprobe_byname2_res = 0; > int uretprobe_byname2_res = 0; > int uprobe_byname3_sleepable_res = 0; > +int uprobe_byname3_str_sleepable_res = 0; > int uprobe_byname3_res = 0; > int uretprobe_byname3_sleepable_res = 0; > +int uretprobe_byname3_str_sleepable_res = 0; > int uretprobe_byname3_res = 0; > void *user_ptr = 0; > +u32 dynamic_sz = 1; > + > +int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym; > > SEC("ksyscall/nanosleep") > int BPF_KSYSCALL(handle_kprobe_auto, struct __kernel_timespec *req, struct __kernel_timespec *rem) > @@ -87,11 +93,61 @@ static __always_inline bool verify_sleepable_user_copy(void) > return bpf_strncmp(data, sizeof(data), "test_data") == 0; > } > > +static __always_inline bool verify_sleepable_user_copy_str(void) > +{ > + int ret; > + char data_long[20]; > + char data_long_pad[20]; > + char data_long_err[20]; > + char data_short[4]; > + char data_short_pad[4]; > + > + ret = bpf_copy_from_user_str(data_short, sizeof(data_short), user_ptr, 0); > + > + if (bpf_strncmp(data_short, 4, "tes\0") != 0 || ret != 4) > + return false; > + > + ret = bpf_copy_from_user_str(data_short_pad, sizeof(data_short_pad), user_ptr, BPF_F_PAD_ZEROS); > + > + if (bpf_strncmp(data_short, 4, "tes\0") != 0 || ret != 4) > + return false; > + > + // Make sure this passes the verifier also please don't use C++-style comments > + ret = bpf_copy_from_user_str(data_long, dynamic_sz &= sizeof(data_long), user_ptr, 0); > + > + if (ret != 0) > + return false; > + > + ret = bpf_copy_from_user_str(data_long, sizeof(data_long), user_ptr, 0); > + > + if (bpf_strncmp(data_long, 10, "test_data\0") != 0 || ret != 10) > + return false; > + > + ret = bpf_copy_from_user_str(data_long_pad, sizeof(data_long_pad), user_ptr, BPF_F_PAD_ZEROS); > + > + if (bpf_strncmp(data_long_pad, 10, "test_data\0") != 0 || ret != 10 || data_long_pad[19] != '\0') > + return false; > + > + ret = bpf_copy_from_user_str(data_long_err, sizeof(data_long_err), (void *)data_long, BPF_F_PAD_ZEROS); > + > + if (ret > 0 || data_long_err[19] != '\0') > + return false; > + > + ret = bpf_copy_from_user_str(data_long, sizeof(data_long), user_ptr, 2); > + > + if (ret != -EINVAL) > + return false; > + > + return true; > +} > + > SEC("uprobe.s//proc/self/exe:trigger_func3") > int handle_uprobe_byname3_sleepable(struct pt_regs *ctx) > { > if (verify_sleepable_user_copy()) > uprobe_byname3_sleepable_res = 9; > + if (verify_sleepable_user_copy_str()) > + uprobe_byname3_str_sleepable_res = 10; > return 0; > } > > @@ -102,7 +158,7 @@ int handle_uprobe_byname3_sleepable(struct pt_regs *ctx) > SEC("uprobe//proc/self/exe:trigger_func3") > int handle_uprobe_byname3(struct pt_regs *ctx) > { > - uprobe_byname3_res = 10; > + uprobe_byname3_res = 11; > return 0; > } > > @@ -110,14 +166,16 @@ SEC("uretprobe.s//proc/self/exe:trigger_func3") > int handle_uretprobe_byname3_sleepable(struct pt_regs *ctx) > { > if (verify_sleepable_user_copy()) > - uretprobe_byname3_sleepable_res = 11; > + uretprobe_byname3_sleepable_res = 12; > + if (verify_sleepable_user_copy_str()) > + uretprobe_byname3_str_sleepable_res = 13; > return 0; > } > > SEC("uretprobe//proc/self/exe:trigger_func3") > int handle_uretprobe_byname3(struct pt_regs *ctx) > { > - uretprobe_byname3_res = 12; > + uretprobe_byname3_res = 14; > return 0; > } > > -- > 2.43.5 > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [bpf-next v9 2/2] bpf: Add tests for bpf_copy_from_user_str kfunc 2024-08-23 18:59 ` Andrii Nakryiko @ 2024-08-23 19:05 ` Jordan Rome 0 siblings, 0 replies; 6+ messages in thread From: Jordan Rome @ 2024-08-23 19:05 UTC (permalink / raw) To: Andrii Nakryiko Cc: bpf, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Kernel Team, sinquersw On Fri, Aug 23, 2024 at 3:00 PM Andrii Nakryiko <andrii.nakryiko@gmail.com> wrote: > > On Fri, Aug 23, 2024 at 11:49 AM Jordan Rome <linux@jordanrome.com> wrote: > > > > This adds tests for both the happy path and > > the error path. > > > > Signed-off-by: Jordan Rome <linux@jordanrome.com> > > --- > > .../selftests/bpf/prog_tests/attach_probe.c | 8 ++- > > .../selftests/bpf/prog_tests/read_vsyscall.c | 1 + > > .../selftests/bpf/progs/read_vsyscall.c | 9 ++- > > .../selftests/bpf/progs/test_attach_probe.c | 64 ++++++++++++++++++- > > 4 files changed, 75 insertions(+), 7 deletions(-) > > > > diff --git a/tools/testing/selftests/bpf/prog_tests/attach_probe.c b/tools/testing/selftests/bpf/prog_tests/attach_probe.c > > index 7175af39134f..329c7862b52d 100644 > > --- a/tools/testing/selftests/bpf/prog_tests/attach_probe.c > > +++ b/tools/testing/selftests/bpf/prog_tests/attach_probe.c > > @@ -283,9 +283,11 @@ static void test_uprobe_sleepable(struct test_attach_probe *skel) > > trigger_func3(); > > > > ASSERT_EQ(skel->bss->uprobe_byname3_sleepable_res, 9, "check_uprobe_byname3_sleepable_res"); > > - ASSERT_EQ(skel->bss->uprobe_byname3_res, 10, "check_uprobe_byname3_res"); > > - ASSERT_EQ(skel->bss->uretprobe_byname3_sleepable_res, 11, "check_uretprobe_byname3_sleepable_res"); > > - ASSERT_EQ(skel->bss->uretprobe_byname3_res, 12, "check_uretprobe_byname3_res"); > > + ASSERT_EQ(skel->bss->uprobe_byname3_str_sleepable_res, 10, "check_uprobe_byname3_str_sleepable_res"); > > + ASSERT_EQ(skel->bss->uprobe_byname3_res, 11, "check_uprobe_byname3_res"); > > + ASSERT_EQ(skel->bss->uretprobe_byname3_sleepable_res, 12, "check_uretprobe_byname3_sleepable_res"); > > + ASSERT_EQ(skel->bss->uretprobe_byname3_str_sleepable_res, 13, "check_uretprobe_byname3_str_sleepable_res"); > > + ASSERT_EQ(skel->bss->uretprobe_byname3_res, 14, "check_uretprobe_byname3_res"); > > } > > > > void test_attach_probe(void) > > diff --git a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c > > index 3405923fe4e6..c7b9ba8b1d06 100644 > > --- a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c > > +++ b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c > > @@ -23,6 +23,7 @@ struct read_ret_desc { > > { .name = "probe_read_user_str", .ret = -EFAULT }, > > { .name = "copy_from_user", .ret = -EFAULT }, > > { .name = "copy_from_user_task", .ret = -EFAULT }, > > + { .name = "copy_from_user_str", .ret = -EFAULT }, > > }; > > > > void test_read_vsyscall(void) > > diff --git a/tools/testing/selftests/bpf/progs/read_vsyscall.c b/tools/testing/selftests/bpf/progs/read_vsyscall.c > > index 986f96687ae1..39ebef430059 100644 > > --- a/tools/testing/selftests/bpf/progs/read_vsyscall.c > > +++ b/tools/testing/selftests/bpf/progs/read_vsyscall.c > > @@ -1,5 +1,6 @@ > > // SPDX-License-Identifier: GPL-2.0 > > /* Copyright (C) 2024. Huawei Technologies Co., Ltd */ > > +#include "vmlinux.h" > > #include <linux/types.h> > > #include <bpf/bpf_helpers.h> > > > > @@ -7,10 +8,15 @@ > > > > int target_pid = 0; > > void *user_ptr = 0; > > -int read_ret[8]; > > +int read_ret[9]; > > > > char _license[] SEC("license") = "GPL"; > > > > +/* > > + * This is the only kfunc, the others are helpers > > + */ > > +int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym; > > + > > SEC("fentry/" SYS_PREFIX "sys_nanosleep") > > int do_probe_read(void *ctx) > > { > > @@ -40,6 +46,7 @@ int do_copy_from_user(void *ctx) > > read_ret[6] = bpf_copy_from_user(buf, sizeof(buf), user_ptr); > > read_ret[7] = bpf_copy_from_user_task(buf, sizeof(buf), user_ptr, > > bpf_get_current_task_btf(), 0); > > + read_ret[8] = bpf_copy_from_user_str((char *)buf, sizeof(buf), user_ptr, 0); > > > > return 0; > > } > > diff --git a/tools/testing/selftests/bpf/progs/test_attach_probe.c b/tools/testing/selftests/bpf/progs/test_attach_probe.c > > index 68466a6ad18c..0b16502726f8 100644 > > --- a/tools/testing/selftests/bpf/progs/test_attach_probe.c > > +++ b/tools/testing/selftests/bpf/progs/test_attach_probe.c > > @@ -5,6 +5,7 @@ > > #include <bpf/bpf_helpers.h> > > #include <bpf/bpf_tracing.h> > > #include <bpf/bpf_core_read.h> > > +#include <errno.h> > > #include "bpf_misc.h" > > > > int kprobe2_res = 0; > > @@ -14,10 +15,15 @@ int uretprobe_byname_res = 0; > > int uprobe_byname2_res = 0; > > int uretprobe_byname2_res = 0; > > int uprobe_byname3_sleepable_res = 0; > > +int uprobe_byname3_str_sleepable_res = 0; > > int uprobe_byname3_res = 0; > > int uretprobe_byname3_sleepable_res = 0; > > +int uretprobe_byname3_str_sleepable_res = 0; > > int uretprobe_byname3_res = 0; > > void *user_ptr = 0; > > +u32 dynamic_sz = 1; > > + > > +int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym; > > > > SEC("ksyscall/nanosleep") > > int BPF_KSYSCALL(handle_kprobe_auto, struct __kernel_timespec *req, struct __kernel_timespec *rem) > > @@ -87,11 +93,61 @@ static __always_inline bool verify_sleepable_user_copy(void) > > return bpf_strncmp(data, sizeof(data), "test_data") == 0; > > } > > > > +static __always_inline bool verify_sleepable_user_copy_str(void) > > +{ > > + int ret; > > + char data_long[20]; > > + char data_long_pad[20]; > > + char data_long_err[20]; > > + char data_short[4]; > > + char data_short_pad[4]; > > + > > + ret = bpf_copy_from_user_str(data_short, sizeof(data_short), user_ptr, 0); > > + > > + if (bpf_strncmp(data_short, 4, "tes\0") != 0 || ret != 4) > > + return false; > > + > > + ret = bpf_copy_from_user_str(data_short_pad, sizeof(data_short_pad), user_ptr, BPF_F_PAD_ZEROS); > > + > > + if (bpf_strncmp(data_short, 4, "tes\0") != 0 || ret != 4) > > + return false; > > + > > + // Make sure this passes the verifier > > also please don't use C++-style comments > Good catch. Will fix. > > + ret = bpf_copy_from_user_str(data_long, dynamic_sz &= sizeof(data_long), user_ptr, 0); > > + > > + if (ret != 0) > > + return false; > > + > > + ret = bpf_copy_from_user_str(data_long, sizeof(data_long), user_ptr, 0); > > + > > + if (bpf_strncmp(data_long, 10, "test_data\0") != 0 || ret != 10) > > + return false; > > + > > + ret = bpf_copy_from_user_str(data_long_pad, sizeof(data_long_pad), user_ptr, BPF_F_PAD_ZEROS); > > + > > + if (bpf_strncmp(data_long_pad, 10, "test_data\0") != 0 || ret != 10 || data_long_pad[19] != '\0') > > + return false; > > + > > + ret = bpf_copy_from_user_str(data_long_err, sizeof(data_long_err), (void *)data_long, BPF_F_PAD_ZEROS); > > + > > + if (ret > 0 || data_long_err[19] != '\0') > > + return false; > > + > > + ret = bpf_copy_from_user_str(data_long, sizeof(data_long), user_ptr, 2); > > + > > + if (ret != -EINVAL) > > + return false; > > + > > + return true; > > +} > > + > > SEC("uprobe.s//proc/self/exe:trigger_func3") > > int handle_uprobe_byname3_sleepable(struct pt_regs *ctx) > > { > > if (verify_sleepable_user_copy()) > > uprobe_byname3_sleepable_res = 9; > > + if (verify_sleepable_user_copy_str()) > > + uprobe_byname3_str_sleepable_res = 10; > > return 0; > > } > > > > @@ -102,7 +158,7 @@ int handle_uprobe_byname3_sleepable(struct pt_regs *ctx) > > SEC("uprobe//proc/self/exe:trigger_func3") > > int handle_uprobe_byname3(struct pt_regs *ctx) > > { > > - uprobe_byname3_res = 10; > > + uprobe_byname3_res = 11; > > return 0; > > } > > > > @@ -110,14 +166,16 @@ SEC("uretprobe.s//proc/self/exe:trigger_func3") > > int handle_uretprobe_byname3_sleepable(struct pt_regs *ctx) > > { > > if (verify_sleepable_user_copy()) > > - uretprobe_byname3_sleepable_res = 11; > > + uretprobe_byname3_sleepable_res = 12; > > + if (verify_sleepable_user_copy_str()) > > + uretprobe_byname3_str_sleepable_res = 13; > > return 0; > > } > > > > SEC("uretprobe//proc/self/exe:trigger_func3") > > int handle_uretprobe_byname3(struct pt_regs *ctx) > > { > > - uretprobe_byname3_res = 12; > > + uretprobe_byname3_res = 14; > > return 0; > > } > > > > -- > > 2.43.5 > > ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-08-23 19:05 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2024-08-23 18:48 [bpf-next v9 1/2] bpf: Add bpf_copy_from_user_str kfunc Jordan Rome 2024-08-23 18:48 ` [bpf-next v9 2/2] bpf: Add tests for " Jordan Rome 2024-08-23 18:52 ` Alexei Starovoitov 2024-08-23 18:55 ` Jordan Rome 2024-08-23 18:59 ` Andrii Nakryiko 2024-08-23 19:05 ` Jordan Rome
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox