From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org,
martin.lau@linux.dev, song@kernel.org, yhs@fb.com,
john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com,
haoluo@google.com, jolsa@kernel.org, revest@chromium.org,
jackmanb@chromium.org, mykolal@fb.com, paul@paul-moore.com,
jmorris@namei.org, serge@hallyn.com, shuah@kernel.org
Cc: bpf@vger.kernel.org, linux-security-module@vger.kernel.org,
linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: [RFC][PATCH v2 6/7] selftests/bpf: Prevent positive ret values in test_lsm and verify_pkcs7_sig
Date: Wed, 7 Dec 2022 18:24:33 +0100 [thread overview]
Message-ID: <20221207172434.435893-7-roberto.sassu@huaweicloud.com> (raw)
In-Reply-To: <20221207172434.435893-1-roberto.sassu@huaweicloud.com>
From: Roberto Sassu <roberto.sassu@huawei.com>
Modify test_lsm and verify_pkcs7_sig to ensure that they don't return
positive values.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
tools/testing/selftests/bpf/progs/lsm.c | 4 ++++
.../selftests/bpf/progs/test_verify_pkcs7_sig.c | 11 +++++++++--
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/tools/testing/selftests/bpf/progs/lsm.c b/tools/testing/selftests/bpf/progs/lsm.c
index d8d8af623bc2..42252750d866 100644
--- a/tools/testing/selftests/bpf/progs/lsm.c
+++ b/tools/testing/selftests/bpf/progs/lsm.c
@@ -88,6 +88,10 @@ SEC("lsm/file_mprotect")
int BPF_PROG(test_int_hook, struct vm_area_struct *vma,
unsigned long reqprot, unsigned long prot, int ret)
{
+ /* file_mprotect hook must return zero or negative values. */
+ if (ret > 0)
+ ret = -EINVAL;
+
if (ret != 0)
return ret;
diff --git a/tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c b/tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c
index ce419304ff1f..d3cab4370f29 100644
--- a/tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c
+++ b/tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c
@@ -42,14 +42,14 @@ struct {
char _license[] SEC("license") = "GPL";
SEC("lsm.s/bpf")
-int BPF_PROG(bpf, int cmd, union bpf_attr *attr, unsigned int size)
+s64 BPF_PROG(bpf, int cmd, union bpf_attr *attr, unsigned int size)
{
struct bpf_dynptr data_ptr, sig_ptr;
struct data *data_val;
struct bpf_key *trusted_keyring;
__u32 pid;
__u64 value;
- int ret, zero = 0;
+ s64 ret, zero = 0;
pid = bpf_get_current_pid_tgid() >> 32;
if (pid != monitored_pid)
@@ -86,5 +86,12 @@ int BPF_PROG(bpf, int cmd, union bpf_attr *attr, unsigned int size)
bpf_key_put(trusted_keyring);
+ /*
+ * bpf hook must return zero or negative values, use s64 to propagate
+ * the bounds to R0.
+ */
+ if (ret > 0)
+ return -EINVAL;
+
return ret;
}
--
2.25.1
next prev parent reply other threads:[~2022-12-07 17:27 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-07 17:24 [RFC][PATCH v2 0/7] bpf-lsm: Check return values of security modules Roberto Sassu
2022-12-07 17:24 ` [RFC][PATCH v2 1/7] bpf: Remove superfluous btf_id_set_contains() declaration Roberto Sassu
2022-12-07 17:24 ` [RFC][PATCH v2 2/7] bpf: Mark ALU32 operations in bpf_reg_state structure Roberto Sassu
2022-12-11 2:28 ` Alexei Starovoitov
2022-12-12 12:44 ` Roberto Sassu
2022-12-12 17:04 ` Alexei Starovoitov
2022-12-12 18:10 ` Roberto Sassu
2022-12-07 17:24 ` [RFC][PATCH v2 3/7] lsm: Redefine LSM_HOOK() macro to add return value flags as argument Roberto Sassu
2022-12-07 17:24 ` [RFC][PATCH v2 4/7] bpf-lsm: Enforce return value limitations on security modules Roberto Sassu
2022-12-07 17:24 ` [RFC][PATCH v2 5/7] selftests/bpf: Check if return values of LSM programs are allowed Roberto Sassu
2022-12-07 17:24 ` Roberto Sassu [this message]
2022-12-07 17:24 ` [RFC][PATCH v2 7/7] selftests/bpf: Change return value in test_libbpf_get_fd_by_id_opts.c Roberto Sassu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221207172434.435893-7-roberto.sassu@huaweicloud.com \
--to=roberto.sassu@huaweicloud.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=haoluo@google.com \
--cc=jackmanb@chromium.org \
--cc=jmorris@namei.org \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=mykolal@fb.com \
--cc=paul@paul-moore.com \
--cc=revest@chromium.org \
--cc=roberto.sassu@huawei.com \
--cc=sdf@google.com \
--cc=serge@hallyn.com \
--cc=shuah@kernel.org \
--cc=song@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).