All of lore.kernel.org
 help / color / mirror / Atom feed
From: Andrii Nakryiko <andrii@kernel.org>
To: bpf@vger.kernel.org, netdev@vger.kernel.org, paul@paul-moore.com,
	brauner@kernel.org
Cc: torvalds@linux-foundation.org, linux-fsdevel@vger.kernel.org,
	linux-security-module@vger.kernel.org, kernel-team@meta.com
Subject: [PATCH v2 bpf-next 29/30] selftests/bpf: add tests for LIBBPF_BPF_TOKEN_PATH envvar
Date: Tue, 23 Jan 2024 18:21:26 -0800	[thread overview]
Message-ID: <20240124022127.2379740-30-andrii@kernel.org> (raw)
In-Reply-To: <20240124022127.2379740-1-andrii@kernel.org>

Add new subtest validating LIBBPF_BPF_TOKEN_PATH envvar semantics.
Extend existing test to validate that LIBBPF_BPF_TOKEN_PATH allows to
disable implicit BPF token creation by setting envvar to empty string.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
---
 .../testing/selftests/bpf/prog_tests/token.c  | 98 +++++++++++++++++++
 1 file changed, 98 insertions(+)

diff --git a/tools/testing/selftests/bpf/prog_tests/token.c b/tools/testing/selftests/bpf/prog_tests/token.c
index 003f7c208f4c..1f6aa685e6f7 100644
--- a/tools/testing/selftests/bpf/prog_tests/token.c
+++ b/tools/testing/selftests/bpf/prog_tests/token.c
@@ -773,6 +773,9 @@ static int userns_obj_priv_btf_success(int mnt_fd)
 	return validate_struct_ops_load(mnt_fd, true /* should succeed */);
 }
 
+#define TOKEN_ENVVAR "LIBBPF_BPF_TOKEN_PATH"
+#define TOKEN_BPFFS_CUSTOM "/bpf-token-fs"
+
 static int userns_obj_priv_implicit_token(int mnt_fd)
 {
 	LIBBPF_OPTS(bpf_object_open_opts, opts);
@@ -795,6 +798,20 @@ static int userns_obj_priv_implicit_token(int mnt_fd)
 	if (!ASSERT_OK(err, "move_mount_bpffs"))
 		return -EINVAL;
 
+	/* disable implicit BPF token creation by setting
+	 * LIBBPF_BPF_TOKEN_PATH envvar to empty value, load should fail
+	 */
+	err = setenv(TOKEN_ENVVAR, "", 1 /*overwrite*/);
+	if (!ASSERT_OK(err, "setenv_token_path"))
+		return -EINVAL;
+	skel = dummy_st_ops_success__open_and_load();
+	if (!ASSERT_ERR_PTR(skel, "obj_token_envvar_disabled_load")) {
+		unsetenv(TOKEN_ENVVAR);
+		dummy_st_ops_success__destroy(skel);
+		return -EINVAL;
+	}
+	unsetenv(TOKEN_ENVVAR);
+
 	/* now the same struct_ops skeleton should succeed thanks to libppf
 	 * creating BPF token from /sys/fs/bpf mount point
 	 */
@@ -818,6 +835,76 @@ static int userns_obj_priv_implicit_token(int mnt_fd)
 	return 0;
 }
 
+static int userns_obj_priv_implicit_token_envvar(int mnt_fd)
+{
+	LIBBPF_OPTS(bpf_object_open_opts, opts);
+	struct dummy_st_ops_success *skel;
+	int err;
+
+	/* before we mount BPF FS with token delegation, struct_ops skeleton
+	 * should fail to load
+	 */
+	skel = dummy_st_ops_success__open_and_load();
+	if (!ASSERT_ERR_PTR(skel, "obj_tokenless_load")) {
+		dummy_st_ops_success__destroy(skel);
+		return -EINVAL;
+	}
+
+	/* mount custom BPF FS over custom location, so libbpf can't create
+	 * BPF token implicitly, unless pointed to it through
+	 * LIBBPF_BPF_TOKEN_PATH envvar
+	 */
+	rmdir(TOKEN_BPFFS_CUSTOM);
+	if (!ASSERT_OK(mkdir(TOKEN_BPFFS_CUSTOM, 0777), "mkdir_bpffs_custom"))
+		goto err_out;
+	err = sys_move_mount(mnt_fd, "", AT_FDCWD, TOKEN_BPFFS_CUSTOM, MOVE_MOUNT_F_EMPTY_PATH);
+	if (!ASSERT_OK(err, "move_mount_bpffs"))
+		goto err_out;
+
+	/* even though we have BPF FS with delegation, it's not at default
+	 * /sys/fs/bpf location, so we still fail to load until envvar is set up
+	 */
+	skel = dummy_st_ops_success__open_and_load();
+	if (!ASSERT_ERR_PTR(skel, "obj_tokenless_load2")) {
+		dummy_st_ops_success__destroy(skel);
+		goto err_out;
+	}
+
+	err = setenv(TOKEN_ENVVAR, TOKEN_BPFFS_CUSTOM, 1 /*overwrite*/);
+	if (!ASSERT_OK(err, "setenv_token_path"))
+		goto err_out;
+
+	/* now the same struct_ops skeleton should succeed thanks to libppf
+	 * creating BPF token from custom mount point
+	 */
+	skel = dummy_st_ops_success__open_and_load();
+	if (!ASSERT_OK_PTR(skel, "obj_implicit_token_load"))
+		goto err_out;
+
+	dummy_st_ops_success__destroy(skel);
+
+	/* now disable implicit token through empty bpf_token_path, envvar
+	 * will be ignored, should fail
+	 */
+	opts.bpf_token_path = "";
+	skel = dummy_st_ops_success__open_opts(&opts);
+	if (!ASSERT_OK_PTR(skel, "obj_empty_token_path_open"))
+		goto err_out;
+
+	err = dummy_st_ops_success__load(skel);
+	dummy_st_ops_success__destroy(skel);
+	if (!ASSERT_ERR(err, "obj_empty_token_path_load"))
+		goto err_out;
+
+	rmdir(TOKEN_BPFFS_CUSTOM);
+	unsetenv(TOKEN_ENVVAR);
+	return 0;
+err_out:
+	rmdir(TOKEN_BPFFS_CUSTOM);
+	unsetenv(TOKEN_ENVVAR);
+	return -EINVAL;
+}
+
 #define bit(n) (1ULL << (n))
 
 void test_token(void)
@@ -896,4 +983,15 @@ void test_token(void)
 
 		subtest_userns(&opts, userns_obj_priv_implicit_token);
 	}
+	if (test__start_subtest("obj_priv_implicit_token_envvar")) {
+		struct bpffs_opts opts = {
+			/* allow BTF loading */
+			.cmds = bit(BPF_BTF_LOAD) | bit(BPF_MAP_CREATE) | bit(BPF_PROG_LOAD),
+			.maps = bit(BPF_MAP_TYPE_STRUCT_OPS),
+			.progs = bit(BPF_PROG_TYPE_STRUCT_OPS),
+			.attachs = ~0ULL,
+		};
+
+		subtest_userns(&opts, userns_obj_priv_implicit_token_envvar);
+	}
 }
-- 
2.34.1


  parent reply	other threads:[~2024-01-24  2:23 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-01-24  2:20 [PATCH v2 bpf-next 00/30] BPF token Andrii Nakryiko
2024-01-24  2:20 ` [PATCH v2 bpf-next 01/30] bpf: align CAP_NET_ADMIN checks with bpf_capable() approach Andrii Nakryiko
2024-01-24  2:20 ` [PATCH v2 bpf-next 02/30] bpf: add BPF token delegation mount options to BPF FS Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 03/30] bpf: introduce BPF token object Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 04/30] bpf: add BPF token support to BPF_MAP_CREATE command Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 05/30] bpf: add BPF token support to BPF_BTF_LOAD command Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 06/30] bpf: add BPF token support to BPF_PROG_LOAD command Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 07/30] bpf: take into account BPF token when fetching helper protos Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 08/30] bpf: consistently use BPF token throughout BPF verifier logic Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 09/30] bpf,lsm: refactor bpf_prog_alloc/bpf_prog_free LSM hooks Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 10/30] bpf,lsm: refactor bpf_map_alloc/bpf_map_free " Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 11/30] bpf,lsm: add BPF token " Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 12/30] libbpf: add bpf_token_create() API Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 13/30] libbpf: add BPF token support to bpf_map_create() API Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 14/30] libbpf: add BPF token support to bpf_btf_load() API Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 15/30] libbpf: add BPF token support to bpf_prog_load() API Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 16/30] selftests/bpf: add BPF token-enabled tests Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 17/30] bpf,selinux: allocate bpf_security_struct per BPF token Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 18/30] bpf: fail BPF_TOKEN_CREATE if no delegation option was set on BPF FS Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 19/30] bpf: support symbolic BPF FS delegation mount options Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 20/30] selftests/bpf: utilize string values for delegate_xxx " Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 21/30] libbpf: split feature detectors definitions from cached results Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 22/30] libbpf: further decouple feature checking logic from bpf_object Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 23/30] libbpf: move feature detection code into its own file Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 24/30] libbpf: wire up token_fd into feature probing logic Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 25/30] libbpf: wire up BPF token support at BPF object level Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 26/30] selftests/bpf: add BPF object loading tests with explicit token passing Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 27/30] selftests/bpf: add tests for BPF object load with implicit token Andrii Nakryiko
2024-01-24  2:21 ` [PATCH v2 bpf-next 28/30] libbpf: support BPF token path setting through LIBBPF_BPF_TOKEN_PATH envvar Andrii Nakryiko
2024-01-24  2:21 ` Andrii Nakryiko [this message]
2024-01-24  2:21 ` [PATCH v2 bpf-next 30/30] selftests/bpf: incorporate LSM policy to token-based tests Andrii Nakryiko
2024-01-25  0:10 ` [PATCH v2 bpf-next 00/30] BPF token patchwork-bot+netdevbpf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240124022127.2379740-30-andrii@kernel.org \
    --to=andrii@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=brauner@kernel.org \
    --cc=kernel-team@meta.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.