mirror of
https://github.com/torvalds/linux.git
synced 2026-04-24 01:25:49 -04:00
79e247d660
Add a regression test for bpf_d_path() to cover incorrect verifier assumptions caused by an incorrect function prototype. The test attaches to the fallocate hook, calls bpf_d_path() and verifies that a simple prefix comparison on the returned pathname behaves correctly after the fix in patch 1. It ensures the verifier does not assume the buffer remains unwritten. Co-developed-by: Zesen Liu <ftyg@live.com> Signed-off-by: Zesen Liu <ftyg@live.com> Co-developed-by: Peili Gao <gplhust955@gmail.com> Signed-off-by: Peili Gao <gplhust955@gmail.com> Co-developed-by: Haoran Ni <haoran.ni.cs@gmail.com> Signed-off-by: Haoran Ni <haoran.ni.cs@gmail.com> Signed-off-by: Shuran Liu <electronlsr@gmail.com> Link: https://lore.kernel.org/r/20251206141210.3148-3-electronlsr@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
89 lines
1.7 KiB
C
89 lines
1.7 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
#include "vmlinux.h"
|
|
#include <bpf/bpf_helpers.h>
|
|
#include <bpf/bpf_tracing.h>
|
|
|
|
#define MAX_PATH_LEN 128
|
|
#define MAX_FILES 7
|
|
|
|
pid_t my_pid = 0;
|
|
__u32 cnt_stat = 0;
|
|
__u32 cnt_close = 0;
|
|
char paths_stat[MAX_FILES][MAX_PATH_LEN] = {};
|
|
char paths_close[MAX_FILES][MAX_PATH_LEN] = {};
|
|
int rets_stat[MAX_FILES] = {};
|
|
int rets_close[MAX_FILES] = {};
|
|
|
|
int called_stat = 0;
|
|
int called_close = 0;
|
|
int path_match_fallocate = 0;
|
|
|
|
SEC("fentry/security_inode_getattr")
|
|
int BPF_PROG(prog_stat, struct path *path, struct kstat *stat,
|
|
__u32 request_mask, unsigned int query_flags)
|
|
{
|
|
pid_t pid = bpf_get_current_pid_tgid() >> 32;
|
|
__u32 cnt = cnt_stat;
|
|
int ret;
|
|
|
|
called_stat = 1;
|
|
|
|
if (pid != my_pid)
|
|
return 0;
|
|
|
|
if (cnt >= MAX_FILES)
|
|
return 0;
|
|
ret = bpf_d_path(path, paths_stat[cnt], MAX_PATH_LEN);
|
|
|
|
rets_stat[cnt] = ret;
|
|
cnt_stat++;
|
|
return 0;
|
|
}
|
|
|
|
SEC("fentry/filp_close")
|
|
int BPF_PROG(prog_close, struct file *file, void *id)
|
|
{
|
|
pid_t pid = bpf_get_current_pid_tgid() >> 32;
|
|
__u32 cnt = cnt_close;
|
|
int ret;
|
|
|
|
called_close = 1;
|
|
|
|
if (pid != my_pid)
|
|
return 0;
|
|
|
|
if (cnt >= MAX_FILES)
|
|
return 0;
|
|
ret = bpf_d_path(&file->f_path,
|
|
paths_close[cnt], MAX_PATH_LEN);
|
|
|
|
rets_close[cnt] = ret;
|
|
cnt_close++;
|
|
return 0;
|
|
}
|
|
|
|
SEC("fentry/vfs_fallocate")
|
|
int BPF_PROG(prog_fallocate, struct file *file, int mode, loff_t offset, loff_t len)
|
|
{
|
|
pid_t pid = bpf_get_current_pid_tgid() >> 32;
|
|
int ret = 0;
|
|
char path_fallocate[MAX_PATH_LEN] = {};
|
|
|
|
if (pid != my_pid)
|
|
return 0;
|
|
|
|
ret = bpf_d_path(&file->f_path,
|
|
path_fallocate, MAX_PATH_LEN);
|
|
if (ret < 0)
|
|
return 0;
|
|
|
|
if (!path_fallocate[0])
|
|
return 0;
|
|
|
|
path_match_fallocate = 1;
|
|
return 0;
|
|
}
|
|
|
|
char _license[] SEC("license") = "GPL";
|