Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp3257794pxa; Tue, 25 Aug 2020 16:23:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzWf0/tv2fCpkdpRXSmFsEU1aYdMANQ8xD0OpEa2hQRu+8nFjtTdL4tSmQiyB9JVrtErk6E X-Received: by 2002:a50:f40a:: with SMTP id r10mr2412215edm.137.1598397820426; Tue, 25 Aug 2020 16:23:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598397820; cv=none; d=google.com; s=arc-20160816; b=l+HgSc581x/vQgJY2cckcKyhNxc6GUhOplhOyFHr/Y4FRuCn2NkynXZ3l2Feve2Sm+ grzDfn4CqY/sMCVyZV8eE138QbfYNuxhf8nn+3CVqC4kVTLZNHWa2kQ+92qLQbd1zWMw rAYOkS8B3+9LQwCkCEM+Qs7shQcrrKUaWCPNHiZhD7RBkQknov/0f1DCJ/P0RYZPUmA9 BJ8KhL7lFqrm3mXoChbGvtYMpLpjrT0I0wMHTwwExZXG6ikj09KK29FCSdtlJVxcc53A 7jrsz5SytdC+UbcOL3dTXPYaP/bfmZaXl3yztRgG14ROyccW5676h57fg3/OLg8FOX7B MiXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:smtp-origin-cluster:cc:to :smtp-origin-hostname:from:smtp-origin-hostprefix:dkim-signature; bh=7vFPxfbUZkYxWAD0+nMscJ1pZa6+fxgsolX0ujeyhgk=; b=Cy1eAJN9ug3h9uzOAtveUlNY2gxyOJnFAszjJFYtreZmM9rKWiGJ7U0FYVBIdppXT2 IVBnjnTAmIDnKS+O+3yaITYkk/z/sD0yAPgQHfe1Wf5OoEJu6YPeNfB/s/IeDM/dKqjD Fj4Q9vpK0em65hQELvgHFervG58MOS7fp59NvJnfTwmy/ngZTF/JMnVgdCvl8jnuZP7T 783DPB4lA0JCprvq1glIFlh9QKNMNfnBVPJwA9RCo+qUw9S59WMf02JPCbivwT4HZoLp 4CBDx7c9+R7Y0dOX0f0WjKZd/Xa/0n7eQfopYrVpzUsBH75A6+sk5tlkoDKzq2zRujXZ rYfg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@fb.com header.s=facebook header.b=NHsqbFmK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=fb.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c1si241665edq.576.2020.08.25.16.23.18; Tue, 25 Aug 2020 16:23:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@fb.com header.s=facebook header.b=NHsqbFmK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=fb.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726809AbgHYXU6 (ORCPT + 99 others); Tue, 25 Aug 2020 19:20:58 -0400 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:41312 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726779AbgHYXUx (ORCPT ); Tue, 25 Aug 2020 19:20:53 -0400 Received: from pps.filterd (m0044012.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 07PNFm3Y017393 for ; Tue, 25 Aug 2020 16:20:53 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=facebook; bh=7vFPxfbUZkYxWAD0+nMscJ1pZa6+fxgsolX0ujeyhgk=; b=NHsqbFmKZntSF0WU0EKbv/Zb7124/L7ItbUD/UTTDypokd8KuFN491uW2VxLjuF7eJE/ z7vzhdyh2C3xNhIqWNVMPHdIPNS3Mn2GT2WOAZEPA+1WuKCAwjfl+aKnZwBLyC8YIkCi OLWtNzHLXcFXlM0JsUHerrvTLFWZCu5QsfQ= Received: from maileast.thefacebook.com ([163.114.130.16]) by mx0a-00082601.pphosted.com with ESMTP id 333ke6nv0q-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Tue, 25 Aug 2020 16:20:52 -0700 Received: from intmgw004.08.frc2.facebook.com (2620:10d:c0a8:1b::d) by mail.thefacebook.com (2620:10d:c0a8:83::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Tue, 25 Aug 2020 16:20:39 -0700 Received: by devbig218.frc2.facebook.com (Postfix, from userid 116055) id A08A4207586; Tue, 25 Aug 2020 16:20:35 -0700 (PDT) Smtp-Origin-Hostprefix: devbig From: Udip Pant Smtp-Origin-Hostname: devbig218.frc2.facebook.com To: Udip Pant , Alexei Starovoitov , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , "David S . Miller" CC: , , Smtp-Origin-Cluster: frc2c02 Subject: [PATCH bpf-next v3 0/4] bpf: verifier: use target program's type for access verifications Date: Tue, 25 Aug 2020 16:19:59 -0700 Message-ID: <20200825232003.2877030-1-udippant@fb.com> X-Mailer: git-send-email 2.24.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-FB-Internal: Safe Content-Type: text/plain X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235,18.0.687 definitions=2020-08-25_10:2020-08-25,2020-08-25 signatures=0 X-Proofpoint-Spam-Details: rule=fb_default_notspam policy=fb_default score=0 spamscore=0 mlxscore=0 bulkscore=0 lowpriorityscore=0 phishscore=0 malwarescore=0 adultscore=0 priorityscore=1501 suspectscore=0 impostorscore=0 clxscore=1015 mlxlogscore=994 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2008250173 X-FB-Internal: deliver Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch series adds changes in verifier to make decisions such as gran= ting of read / write access or enforcement of return code status based on the program type of the target program while using dynamic program extension (of type BPF_PROG_TYPE_EXT). The BPF_PROG_TYPE_EXT type can be used to extend types such as XDP, SKB and others. Since the BPF_PROG_TYPE_EXT program type on itself is just a placeholder for those, we need this extended check for those extended programs to actually work with proper access, while using this option. Patch #1 includes changes in the verifier. Patch #2 adds selftests to verify write access on a packet for a valid=20 extension program type Patch #3 adds selftests to verify proper check for the return code Patch #4 adds selftests to ensure access permissions and restrictions=20 for some map types such sockmap. Changelogs: v2 -> v3: * more comprehensive resolution of the program type in the verifier based on the target program (and not just for the packet access) * selftests for checking return code and map access * Also moved this patch to 'bpf-next' from 'bpf' tree v1 -> v2: * extraction of the logic to resolve prog type into a separate method * selftests to check for packet access for a valid freplace prog Udip Pant (4): bpf: verifier: use target program's type for access verifications selftests/bpf: add test for freplace program with write access selftests/bpf: test for checking return code for the extended prog selftests/bpf: test for map update access from within EXT programs kernel/bpf/verifier.c | 32 ++++++--- .../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 68 +++++++++++++++++++ .../selftests/bpf/progs/fexit_bpf2bpf.c | 27 ++++++++ .../bpf/progs/freplace_attach_probe.c | 40 +++++++++++ .../bpf/progs/freplace_cls_redirect.c | 34 ++++++++++ .../bpf/progs/freplace_connect_v4_prog.c | 19 ++++++ .../selftests/bpf/progs/test_pkt_access.c | 20 ++++++ 7 files changed, 229 insertions(+), 11 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/freplace_attach_pro= be.c create mode 100644 tools/testing/selftests/bpf/progs/freplace_cls_redire= ct.c create mode 100644 tools/testing/selftests/bpf/progs/freplace_connect_v4= _prog.c --=20 2.24.1