Skip to content

Commit 41bc94f

Browse files
jrfastabdavem330
jrfastab
authored and
davem330
committed
bpf: selftests: add tests for new __sk_buff members
This adds tests to access new __sk_buff members from sk skb program type. Signed-off-by: John Fastabend <[email protected]> Signed-off-by: David S. Miller <[email protected]>
1 parent 69e8cc1 commit 41bc94f

File tree

1 file changed

+152
-0
lines changed

1 file changed

+152
-0
lines changed

tools/testing/selftests/bpf/test_verifier.c

Lines changed: 152 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -966,6 +966,158 @@ static struct bpf_test tests[] = {
966966
.errstr_unpriv = "R1 pointer comparison",
967967
.result = REJECT,
968968
},
969+
{
970+
"invalid access __sk_buff family",
971+
.insns = {
972+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
973+
offsetof(struct __sk_buff, family)),
974+
BPF_EXIT_INSN(),
975+
},
976+
.errstr = "invalid bpf_context access",
977+
.result = REJECT,
978+
},
979+
{
980+
"invalid access __sk_buff remote_ip4",
981+
.insns = {
982+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
983+
offsetof(struct __sk_buff, remote_ip4)),
984+
BPF_EXIT_INSN(),
985+
},
986+
.errstr = "invalid bpf_context access",
987+
.result = REJECT,
988+
},
989+
{
990+
"invalid access __sk_buff local_ip4",
991+
.insns = {
992+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
993+
offsetof(struct __sk_buff, local_ip4)),
994+
BPF_EXIT_INSN(),
995+
},
996+
.errstr = "invalid bpf_context access",
997+
.result = REJECT,
998+
},
999+
{
1000+
"invalid access __sk_buff remote_ip6",
1001+
.insns = {
1002+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1003+
offsetof(struct __sk_buff, remote_ip6)),
1004+
BPF_EXIT_INSN(),
1005+
},
1006+
.errstr = "invalid bpf_context access",
1007+
.result = REJECT,
1008+
},
1009+
{
1010+
"invalid access __sk_buff local_ip6",
1011+
.insns = {
1012+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1013+
offsetof(struct __sk_buff, local_ip6)),
1014+
BPF_EXIT_INSN(),
1015+
},
1016+
.errstr = "invalid bpf_context access",
1017+
.result = REJECT,
1018+
},
1019+
{
1020+
"invalid access __sk_buff remote_port",
1021+
.insns = {
1022+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1023+
offsetof(struct __sk_buff, remote_port)),
1024+
BPF_EXIT_INSN(),
1025+
},
1026+
.errstr = "invalid bpf_context access",
1027+
.result = REJECT,
1028+
},
1029+
{
1030+
"invalid access __sk_buff remote_port",
1031+
.insns = {
1032+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1033+
offsetof(struct __sk_buff, local_port)),
1034+
BPF_EXIT_INSN(),
1035+
},
1036+
.errstr = "invalid bpf_context access",
1037+
.result = REJECT,
1038+
},
1039+
{
1040+
"valid access __sk_buff family",
1041+
.insns = {
1042+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1043+
offsetof(struct __sk_buff, family)),
1044+
BPF_EXIT_INSN(),
1045+
},
1046+
.result = ACCEPT,
1047+
.prog_type = BPF_PROG_TYPE_SK_SKB,
1048+
},
1049+
{
1050+
"valid access __sk_buff remote_ip4",
1051+
.insns = {
1052+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1053+
offsetof(struct __sk_buff, remote_ip4)),
1054+
BPF_EXIT_INSN(),
1055+
},
1056+
.result = ACCEPT,
1057+
.prog_type = BPF_PROG_TYPE_SK_SKB,
1058+
},
1059+
{
1060+
"valid access __sk_buff local_ip4",
1061+
.insns = {
1062+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1063+
offsetof(struct __sk_buff, local_ip4)),
1064+
BPF_EXIT_INSN(),
1065+
},
1066+
.result = ACCEPT,
1067+
.prog_type = BPF_PROG_TYPE_SK_SKB,
1068+
},
1069+
{
1070+
"valid access __sk_buff remote_ip6",
1071+
.insns = {
1072+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1073+
offsetof(struct __sk_buff, remote_ip6[0])),
1074+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1075+
offsetof(struct __sk_buff, remote_ip6[1])),
1076+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1077+
offsetof(struct __sk_buff, remote_ip6[2])),
1078+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1079+
offsetof(struct __sk_buff, remote_ip6[3])),
1080+
BPF_EXIT_INSN(),
1081+
},
1082+
.result = ACCEPT,
1083+
.prog_type = BPF_PROG_TYPE_SK_SKB,
1084+
},
1085+
{
1086+
"valid access __sk_buff local_ip6",
1087+
.insns = {
1088+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1089+
offsetof(struct __sk_buff, local_ip6[0])),
1090+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1091+
offsetof(struct __sk_buff, local_ip6[1])),
1092+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1093+
offsetof(struct __sk_buff, local_ip6[2])),
1094+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1095+
offsetof(struct __sk_buff, local_ip6[3])),
1096+
BPF_EXIT_INSN(),
1097+
},
1098+
.result = ACCEPT,
1099+
.prog_type = BPF_PROG_TYPE_SK_SKB,
1100+
},
1101+
{
1102+
"valid access __sk_buff remote_port",
1103+
.insns = {
1104+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1105+
offsetof(struct __sk_buff, remote_port)),
1106+
BPF_EXIT_INSN(),
1107+
},
1108+
.result = ACCEPT,
1109+
.prog_type = BPF_PROG_TYPE_SK_SKB,
1110+
},
1111+
{
1112+
"valid access __sk_buff remote_port",
1113+
.insns = {
1114+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
1115+
offsetof(struct __sk_buff, local_port)),
1116+
BPF_EXIT_INSN(),
1117+
},
1118+
.result = ACCEPT,
1119+
.prog_type = BPF_PROG_TYPE_SK_SKB,
1120+
},
9691121
{
9701122
"check skb->mark is not writeable by sockets",
9711123
.insns = {

0 commit comments

Comments
 (0)