Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp2994230lqo; Tue, 21 May 2024 03:50:19 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUs180rZOSzBKkG28wRNA80nqWd1Z8zjdN+Pk7KUlmoWOzwqopwO27wKxpCwRew3hbQT8Ds2Z2hlRbgMYwPR2h1ZzLEhHgB0jWqLqWSTQ== X-Google-Smtp-Source: AGHT+IHfk3jm99y3U85PoBeNZ6Pmwg6bp314F7ZLIUcnDJPqiBL3W9/akiqBVvqv1U6pys/6ABi7 X-Received: by 2002:a05:6870:3288:b0:24c:5094:fb92 with SMTP id 586e51a60fabf-24c5095021amr1382437fac.35.1716288618758; Tue, 21 May 2024 03:50:18 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716288618; cv=pass; d=google.com; s=arc-20160816; b=DYM+eR+xJkD0bRellilEV3JmZIc/3avHRaI+ekFR3CDekpBCrZpsBzGgwufBNk2uFf 8KzD42a4POwLNPQjHjeAMnyJLDJfIEOcd6f+qirJuXr5skvl1d9amWy0+nD/l2xMcK3j bqLco6XGBo8EXgFS8HQ2XgotmJaNhCaNr/9+tthSGXD8eiG67dSnuxh3TC8+ZWueIWUz x0XfROFwo3/IBwpSgAQS1ubkBH247fiH//13fbpH3+t15WxLJ3lF5McdylpFkjyx4vrC owideRGQFXCKJkjd3nzGdd/gQ9Nc8z0AxpYZ09hfRv/xjm8FkSnpR8XcnLt6yYBJXocy txpA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=ujF/cP+h82SMOSjarC3kykpWo0NmJ7jQihSyWJtnQ98=; fh=nmDo0evxWwTAvBlxNELHY/fYZbxD4K9pluaUjPt1MrQ=; b=xrIgRDtzf+udOOWGc1pRcc9zUzqVFK6U3Z3jble2tDS15Jgp+WfG/QoTDK+3nwHeuU zdikoQ8yY+v7CBzlri+lsPzB1vlurp3UsNZ26kpTk0l/VVHfCc5E26diDLDO26Hr6YVQ bO7ldYD6JgUtyZTIdtr7rioBMQ4b8Ruls73S2HLEgKO2i6vkO9ktm/6HxybCpiePzDzj I7/6ou/cqphRcre7R0Os6Uh7DwFX51ezFFCv91yBOeYcIRlquQI/6F6agOf8rZfBMNzV SMltZKQKsI3XQDLRZJjBz3EYpcKi2uMfOEHtXzmKIDL2e/Q74Woi1CZXhjnv4IMXTn0e PLCQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="FVc8/R1L"; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-184825-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-184825-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id d2e1a72fcca58-6f4d2a72bafsi24109484b3a.63.2024.05.21.03.50.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 May 2024 03:50:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-184825-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="FVc8/R1L"; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-184825-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-184825-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 5E043282564 for ; Tue, 21 May 2024 10:50:18 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 616FB763F0; Tue, 21 May 2024 10:49:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="FVc8/R1L" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 536FF6F086; Tue, 21 May 2024 10:49:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716288575; cv=none; b=byUjrFjwXFIcy9zFHCfw1b41i0r4pJKj7QphtE3YfbrsHXO7FPR0SqAIOlSDqkBB2kEUrc7PzyQxfHDta2qBoZk0pmyUWxQqwFkfF3ioI3fRCuR0+seDREDJL4QtrAjslHm361ojNPm4IL9/c+a0Lo0vqUXmWXtg81SJJ0FHjj8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716288575; c=relaxed/simple; bh=lW/3gzi9X62qpxx+XfjSgU8B5H9BM2eiM14Ks29Hm10=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=CbdTmaxIU4INWE8yOGJoTLyScYJwAe9Az4anLmZ9plUZxAU+ClvscVfcwTACmE0yWWphYXw1rwfbf5sT1QZ5p2Lo457sO4Oojaf4h/9Kj3x2YIhjvyVCDZyK0sEUK/LL7xQzG8ZJQzpapg3UetgdLzgf5diIensCIncAbaFnwvA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=FVc8/R1L; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 66D0BC4AF0E; Tue, 21 May 2024 10:49:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1716288575; bh=lW/3gzi9X62qpxx+XfjSgU8B5H9BM2eiM14Ks29Hm10=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FVc8/R1L53KFJ48iZ2iLycmDxu2dE/vQ1Rvh3NzcIN7CKenZYw1e3JV0c/1YeyywX leHFIQl+Fx6M2GM7FPiI7eH3cW9fvW4ihrWK4WoyAYr+Ser7ZcEO3a8oMoM/O3jFqu UD3i4ITyufjg80zLH0O9CJ/Zvrcw1BftjhfPIxcjnWHkl9sgrb56pjSFaGO9u8GsK6 WiW8K4bAKNPjLJa9Jpjarv6b7TUVYLmpkbi+ru6uRs7zhgMtHiXrYTZA1QFdCimkdR qRPfB1SAbBWNc1IoiXpDL7jOByIKNPFk5aAhACPmrpKEIaTUCdLBDhOopclEyxcboV qWfDbKlVWzF8Q== From: Jiri Olsa To: Steven Rostedt , Masami Hiramatsu , Oleg Nesterov , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko Cc: linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, linux-api@vger.kernel.org, linux-man@vger.kernel.org, x86@kernel.org, bpf@vger.kernel.org, Song Liu , Yonghong Song , John Fastabend , Peter Zijlstra , Thomas Gleixner , "Borislav Petkov (AMD)" , Ingo Molnar , Andy Lutomirski , "Edgecombe, Rick P" , Deepak Gupta Subject: [PATCHv6 bpf-next 5/9] selftests/bpf: Add uretprobe syscall test for regs integrity Date: Tue, 21 May 2024 12:48:21 +0200 Message-ID: <20240521104825.1060966-6-jolsa@kernel.org> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240521104825.1060966-1-jolsa@kernel.org> References: <20240521104825.1060966-1-jolsa@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Add uretprobe syscall test that compares register values before and after the uretprobe is hit. It also compares the register values seen from attached bpf program. Acked-by: Andrii Nakryiko Reviewed-by: Masami Hiramatsu (Google) Signed-off-by: Jiri Olsa --- tools/include/linux/compiler.h | 4 + .../selftests/bpf/prog_tests/uprobe_syscall.c | 163 ++++++++++++++++++ .../selftests/bpf/progs/uprobe_syscall.c | 15 ++ 3 files changed, 182 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/uprobe_syscall.c create mode 100644 tools/testing/selftests/bpf/progs/uprobe_syscall.c diff --git a/tools/include/linux/compiler.h b/tools/include/linux/compiler.h index 8a63a9913495..6f7f22ac9da5 100644 --- a/tools/include/linux/compiler.h +++ b/tools/include/linux/compiler.h @@ -62,6 +62,10 @@ #define __nocf_check __attribute__((nocf_check)) #endif +#ifndef __naked +#define __naked __attribute__((__naked__)) +#endif + /* Are two types/vars the same type (ignoring qualifiers)? */ #ifndef __same_type # define __same_type(a, b) __builtin_types_compatible_p(typeof(a), typeof(b)) diff --git a/tools/testing/selftests/bpf/prog_tests/uprobe_syscall.c b/tools/testing/selftests/bpf/prog_tests/uprobe_syscall.c new file mode 100644 index 000000000000..311ac19d8992 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/uprobe_syscall.c @@ -0,0 +1,163 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include + +#ifdef __x86_64__ + +#include +#include +#include +#include "uprobe_syscall.skel.h" + +__naked unsigned long uretprobe_regs_trigger(void) +{ + asm volatile ( + "movq $0xdeadbeef, %rax\n" + "ret\n" + ); +} + +__naked void uretprobe_regs(struct pt_regs *before, struct pt_regs *after) +{ + asm volatile ( + "movq %r15, 0(%rdi)\n" + "movq %r14, 8(%rdi)\n" + "movq %r13, 16(%rdi)\n" + "movq %r12, 24(%rdi)\n" + "movq %rbp, 32(%rdi)\n" + "movq %rbx, 40(%rdi)\n" + "movq %r11, 48(%rdi)\n" + "movq %r10, 56(%rdi)\n" + "movq %r9, 64(%rdi)\n" + "movq %r8, 72(%rdi)\n" + "movq %rax, 80(%rdi)\n" + "movq %rcx, 88(%rdi)\n" + "movq %rdx, 96(%rdi)\n" + "movq %rsi, 104(%rdi)\n" + "movq %rdi, 112(%rdi)\n" + "movq $0, 120(%rdi)\n" /* orig_rax */ + "movq $0, 128(%rdi)\n" /* rip */ + "movq $0, 136(%rdi)\n" /* cs */ + "pushf\n" + "pop %rax\n" + "movq %rax, 144(%rdi)\n" /* eflags */ + "movq %rsp, 152(%rdi)\n" /* rsp */ + "movq $0, 160(%rdi)\n" /* ss */ + + /* save 2nd argument */ + "pushq %rsi\n" + "call uretprobe_regs_trigger\n" + + /* save return value and load 2nd argument pointer to rax */ + "pushq %rax\n" + "movq 8(%rsp), %rax\n" + + "movq %r15, 0(%rax)\n" + "movq %r14, 8(%rax)\n" + "movq %r13, 16(%rax)\n" + "movq %r12, 24(%rax)\n" + "movq %rbp, 32(%rax)\n" + "movq %rbx, 40(%rax)\n" + "movq %r11, 48(%rax)\n" + "movq %r10, 56(%rax)\n" + "movq %r9, 64(%rax)\n" + "movq %r8, 72(%rax)\n" + "movq %rcx, 88(%rax)\n" + "movq %rdx, 96(%rax)\n" + "movq %rsi, 104(%rax)\n" + "movq %rdi, 112(%rax)\n" + "movq $0, 120(%rax)\n" /* orig_rax */ + "movq $0, 128(%rax)\n" /* rip */ + "movq $0, 136(%rax)\n" /* cs */ + + /* restore return value and 2nd argument */ + "pop %rax\n" + "pop %rsi\n" + + "movq %rax, 80(%rsi)\n" + + "pushf\n" + "pop %rax\n" + + "movq %rax, 144(%rsi)\n" /* eflags */ + "movq %rsp, 152(%rsi)\n" /* rsp */ + "movq $0, 160(%rsi)\n" /* ss */ + "ret\n" +); +} + +static void test_uretprobe_regs_equal(void) +{ + struct uprobe_syscall *skel = NULL; + struct pt_regs before = {}, after = {}; + unsigned long *pb = (unsigned long *) &before; + unsigned long *pa = (unsigned long *) &after; + unsigned long *pp; + unsigned int i, cnt; + int err; + + skel = uprobe_syscall__open_and_load(); + if (!ASSERT_OK_PTR(skel, "uprobe_syscall__open_and_load")) + goto cleanup; + + err = uprobe_syscall__attach(skel); + if (!ASSERT_OK(err, "uprobe_syscall__attach")) + goto cleanup; + + uretprobe_regs(&before, &after); + + pp = (unsigned long *) &skel->bss->regs; + cnt = sizeof(before)/sizeof(*pb); + + for (i = 0; i < cnt; i++) { + unsigned int offset = i * sizeof(unsigned long); + + /* + * Check register before and after uretprobe_regs_trigger call + * that triggers the uretprobe. + */ + switch (offset) { + case offsetof(struct pt_regs, rax): + ASSERT_EQ(pa[i], 0xdeadbeef, "return value"); + break; + default: + if (!ASSERT_EQ(pb[i], pa[i], "register before-after value check")) + fprintf(stdout, "failed register offset %u\n", offset); + } + + /* + * Check register seen from bpf program and register after + * uretprobe_regs_trigger call + */ + switch (offset) { + /* + * These values will be different (not set in uretprobe_regs), + * we don't care. + */ + case offsetof(struct pt_regs, orig_rax): + case offsetof(struct pt_regs, rip): + case offsetof(struct pt_regs, cs): + case offsetof(struct pt_regs, rsp): + case offsetof(struct pt_regs, ss): + break; + default: + if (!ASSERT_EQ(pp[i], pa[i], "register prog-after value check")) + fprintf(stdout, "failed register offset %u\n", offset); + } + } + +cleanup: + uprobe_syscall__destroy(skel); +} +#else +static void test_uretprobe_regs_equal(void) +{ + test__skip(); +} +#endif + +void test_uprobe_syscall(void) +{ + if (test__start_subtest("uretprobe_regs_equal")) + test_uretprobe_regs_equal(); +} diff --git a/tools/testing/selftests/bpf/progs/uprobe_syscall.c b/tools/testing/selftests/bpf/progs/uprobe_syscall.c new file mode 100644 index 000000000000..8a4fa6c7ef59 --- /dev/null +++ b/tools/testing/selftests/bpf/progs/uprobe_syscall.c @@ -0,0 +1,15 @@ +// SPDX-License-Identifier: GPL-2.0 +#include "vmlinux.h" +#include +#include + +struct pt_regs regs; + +char _license[] SEC("license") = "GPL"; + +SEC("uretprobe//proc/self/exe:uretprobe_regs_trigger") +int uretprobe(struct pt_regs *ctx) +{ + __builtin_memcpy(®s, ctx, sizeof(regs)); + return 0; +} -- 2.45.0