1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
3
4 #include <vmlinux.h>
5 #include <bpf/bpf_tracing.h>
6 #include <bpf/bpf_helpers.h>
7 #include "bpf_misc.h"
8
9 #include "nested_trust_common.h"
10
11 char _license[] SEC("license") = "GPL";
12
13 struct {
14 __uint(type, BPF_MAP_TYPE_SK_STORAGE);
15 __uint(map_flags, BPF_F_NO_PREALLOC);
16 __type(key, int);
17 __type(value, u64);
18 } sk_storage_map SEC(".maps");
19
20 /* Prototype for all of the program trace events below:
21 *
22 * TRACE_EVENT(task_newtask,
23 * TP_PROTO(struct task_struct *p, u64 clone_flags)
24 */
25
26 SEC("tp_btf/task_newtask")
27 __failure __msg("R2 must be")
BPF_PROG(test_invalid_nested_user_cpus,struct task_struct * task,u64 clone_flags)28 int BPF_PROG(test_invalid_nested_user_cpus, struct task_struct *task, u64 clone_flags)
29 {
30 bpf_cpumask_test_cpu(0, task->user_cpus_ptr);
31 return 0;
32 }
33
34 SEC("tp_btf/task_newtask")
35 __failure __msg("R1 must have zero offset when passed to release func or trusted arg to kfunc")
BPF_PROG(test_invalid_nested_offset,struct task_struct * task,u64 clone_flags)36 int BPF_PROG(test_invalid_nested_offset, struct task_struct *task, u64 clone_flags)
37 {
38 bpf_cpumask_first_zero(&task->cpus_mask);
39 return 0;
40 }
41
42 /* Although R2 is of type sk_buff but sock_common is expected, we will hit untrusted ptr first. */
43 SEC("tp_btf/tcp_probe")
44 __failure __msg("R2 type=untrusted_ptr_ expected=ptr_, trusted_ptr_, rcu_ptr_")
BPF_PROG(test_invalid_skb_field,struct sock * sk,struct sk_buff * skb)45 int BPF_PROG(test_invalid_skb_field, struct sock *sk, struct sk_buff *skb)
46 {
47 bpf_sk_storage_get(&sk_storage_map, skb->next, 0, 0);
48 return 0;
49 }
50