tests: add union bpf_attr.query.prog_ids field decoding checks

* tests/bpf-success-v.c: New file.
* tests/bpf-success.c: Likewise.
* tests/bpf-success-v.test: New test.
* tests/bpf-success.test: Likewise.
* tests/.gitignore: Add bpf-success and bpf-success-v.
* tests/Makefile.am (check_PROGRAMS): Likewise.
(DECODER_TESTS): Add bpf-success.test and bpf-success-v.test.
* tests/bpf.c [INJECT_RETVAL] (sys_bpf): Check that retuned value
is equivalent to the injected one; append "(INJECTED)" string to errstr.
(prog_load_ids, prog_load_ids_ptr): New variables.
(init_BPF_PROG_QUERY_attr4, print_BPF_PROG_QUERY_attr4,
init_BPF_PROG_QUERY_attr5, print_BPF_PROG_QUERY_attr5): New functions.
(BPF_PROG_QUERY_checks): Drop "const" qualifier, add new checks.

diff --git a/tests/.gitignore b/tests/.gitignore
index 2167bcaebcc4992f2e3c7067af56bc9d069def2e..13fa77b78f1cbf5afb3506eb9cb4adb6828ae40c 100644 (file)
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -21,6 +21,8 @@ attach-p-cmd-p
 block_reset_raise_run
 bpf
 bpf-v
+bpf-success
+bpf-success-v
 brk
 btrfs
 caps

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 99c8ec9f30bd84ff2645dfa8ee7c34b095472a96..8a1ba9d6195247f9f34899d88010baac689da4f2 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -93,6 +93,8 @@ check_PROGRAMS = $(PURE_EXECUTABLES) \
        attach-p-cmd-cmd \
        attach-p-cmd-p \
        block_reset_raise_run \
+       bpf-success \
+       bpf-success-v \
        caps-abbrev \
        check_sigblock \
        check_sigign \
@@ -217,6 +219,8 @@ STACKTRACE_TESTS =
 endif
 
 DECODER_TESTS = \
+       bpf-success.test \
+       bpf-success-v.test \
        brk.test \
        btrfs-v.test \
        btrfs-vw.test \

diff --git a/tests/bpf-success-v.c b/tests/bpf-success-v.c
new file mode 100644 (file)
index 0000000..48c2a16
--- /dev/null
+++ b/tests/bpf-success-v.c
@@ -0,0 +1,2 @@
+#define INJECT_RETVAL 42
+#include "bpf-v.c"

diff --git a/tests/bpf-success-v.test b/tests/bpf-success-v.test
new file mode 100755 (executable)
index 0000000..819afbb
--- /dev/null
+++ b/tests/bpf-success-v.test
@@ -0,0 +1,6 @@
+#!/bin/sh -efu
+
+. "${srcdir=.}/scno_tampering.sh"
+
+run_strace -a20 -v -e trace=bpf -e inject=bpf:retval=42 ../bpf-success-v > "$EXP"
+match_diff "$LOG" "$EXP"

diff --git a/tests/bpf-success.c b/tests/bpf-success.c
new file mode 100644 (file)
index 0000000..06f4695
--- /dev/null
+++ b/tests/bpf-success.c
@@ -0,0 +1,2 @@
+#define INJECT_RETVAL 42
+#include "bpf.c"

diff --git a/tests/bpf-success.test b/tests/bpf-success.test
new file mode 100755 (executable)
index 0000000..3cdfd35
--- /dev/null
+++ b/tests/bpf-success.test
@@ -0,0 +1,6 @@
+#!/bin/sh -efu
+
+. "${srcdir=.}/scno_tampering.sh"
+
+run_strace -a20 -e trace=bpf -e inject=bpf:retval=42 ../bpf-success > "$EXP"
+match_diff "$LOG" "$EXP"

diff --git a/tests/bpf.c b/tests/bpf.c
index 96f68b341e478b6d992050711b41fc7357aaa4fd..36ee1f9193cc159f2d5e4cca98b50f0bd79c978b 100644 (file)
--- a/tests/bpf.c
+++ b/tests/bpf.c
@@ -120,7 +120,20 @@ static long
 sys_bpf(kernel_ulong_t cmd, kernel_ulong_t attr, kernel_ulong_t size)
 {
        long rc = syscall(__NR_bpf, cmd, attr, size);
+
        errstr = sprintrc(rc);
+
+#ifdef INJECT_RETVAL
+       if (rc != INJECT_RETVAL)
+               error_msg_and_fail("Got a return value of %ld != %d",
+                                  rc, INJECT_RETVAL);
+
+       static char inj_errstr[4096];
+
+       snprintf(inj_errstr, sizeof(inj_errstr), "%s (INJECTED)", errstr);
+       errstr = inj_errstr;
+#endif
+
        return rc;
 }
 
@@ -853,8 +866,67 @@ static const struct bpf_attr_check BPF_OBJ_GET_INFO_BY_FD_checks[] = {
 };
 
 
-/* TODO: This is a read/write cmd and we do not check exiting path yet */
-static const struct bpf_attr_check BPF_PROG_QUERY_checks[] = {
+static uint32_t prog_load_ids[] = { 0, 1, 0xffffffff, 2718281828, };
+uint32_t *prog_load_ids_ptr;
+
+static void
+init_BPF_PROG_QUERY_attr4(struct bpf_attr_check *check)
+{
+       struct BPF_PROG_QUERY_struct *attr = &check->data.BPF_PROG_QUERY_data;
+
+       if (!prog_load_ids_ptr)
+               prog_load_ids_ptr = tail_memdup(prog_load_ids,
+                                               sizeof(prog_load_ids));
+
+       attr->prog_ids = (uintptr_t) prog_load_ids_ptr;
+       attr->prog_cnt = ARRAY_SIZE(prog_load_ids);
+}
+
+static void
+print_BPF_PROG_QUERY_attr4(const struct bpf_attr_check *check, unsigned long addr)
+{
+       printf("query={target_fd=-1153374643"
+              ", attach_type=0xfeedface /* BPF_??? */"
+              ", query_flags=BPF_F_QUERY_EFFECTIVE|0xdeadf00c"
+              ", attach_flags=BPF_F_ALLOW_MULTI|0xbeefcafc"
+#if defined(INJECT_RETVAL) && INJECT_RETVAL > 0
+              ", prog_ids=[0, 1, 4294967295, 2718281828], prog_cnt=4}"
+#else
+              ", prog_ids=%p, prog_cnt=4}", prog_load_ids_ptr
+#endif
+              );
+}
+
+static void
+init_BPF_PROG_QUERY_attr5(struct bpf_attr_check *check)
+{
+       struct BPF_PROG_QUERY_struct *attr = &check->data.BPF_PROG_QUERY_data;
+
+       if (!prog_load_ids_ptr)
+               prog_load_ids_ptr = tail_memdup(prog_load_ids,
+                                               sizeof(prog_load_ids));
+
+       attr->prog_ids = (uintptr_t) prog_load_ids_ptr;
+       attr->prog_cnt = ARRAY_SIZE(prog_load_ids) + 1;
+}
+
+static void
+print_BPF_PROG_QUERY_attr5(const struct bpf_attr_check *check, unsigned long addr)
+{
+       printf("query={target_fd=-1153374643"
+              ", attach_type=0xfeedface /* BPF_??? */"
+              ", query_flags=BPF_F_QUERY_EFFECTIVE|0xdeadf00c"
+              ", attach_flags=BPF_F_ALLOW_MULTI|0xbeefcafc"
+#if defined(INJECT_RETVAL) && INJECT_RETVAL > 0
+              ", prog_ids=[0, 1, 4294967295, 2718281828, %p], prog_cnt=5}",
+              prog_load_ids_ptr + ARRAY_SIZE(prog_load_ids)
+#else
+              ", prog_ids=%p, prog_cnt=5}", prog_load_ids_ptr
+#endif
+              );
+}
+
+static struct bpf_attr_check BPF_PROG_QUERY_checks[] = {
        {
                .data = { .BPF_PROG_QUERY_data = { .target_fd = -1 } },
                .size = offsetofend(struct BPF_PROG_QUERY_struct, target_fd),
@@ -911,6 +983,28 @@ static const struct bpf_attr_check BPF_PROG_QUERY_checks[] = {
                       ", prog_ids=" BIG_ADDR_MAYBE("0xffffffffffffffff") "[]"
                       ", prog_cnt=0}",
        },
+       { /* 4 */
+               .data = { .BPF_PROG_QUERY_data = {
+                       .target_fd = 3141592653U,
+                       .attach_type = 0xfeedface,
+                       .query_flags = 0xdeadf00d,
+                       .attach_flags = 0xbeefcafe,
+               } },
+               .size = offsetofend(struct BPF_PROG_QUERY_struct, prog_cnt),
+               .init_fn = init_BPF_PROG_QUERY_attr4,
+               .print_fn = print_BPF_PROG_QUERY_attr4,
+       },
+       { /* 5 */
+               .data = { .BPF_PROG_QUERY_data = {
+                       .target_fd = 3141592653U,
+                       .attach_type = 0xfeedface,
+                       .query_flags = 0xdeadf00d,
+                       .attach_flags = 0xbeefcafe,
+               } },
+               .size = offsetofend(struct BPF_PROG_QUERY_struct, prog_cnt),
+               .init_fn = init_BPF_PROG_QUERY_attr5,
+               .print_fn = print_BPF_PROG_QUERY_attr5,
+       },
 };