1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */ 3 4 #include <vmlinux.h> 5 #include <bpf/bpf_tracing.h> 6 #include <bpf/bpf_helpers.h> 7 #include "bpf_misc.h" 8 9 #include "nested_trust_common.h" 10 11 char _license[] SEC("license") = "GPL"; 12 13 struct { 14 __uint(type, BPF_MAP_TYPE_SK_STORAGE); 15 __uint(map_flags, BPF_F_NO_PREALLOC); 16 __type(key, int); 17 __type(value, u64); 18 } sk_storage_map SEC(".maps"); 19 20 /* Prototype for all of the program trace events below: 21 * 22 * TRACE_EVENT(task_newtask, 23 * TP_PROTO(struct task_struct *p, u64 clone_flags) 24 */ 25 26 SEC("tp_btf/task_newtask") 27 __failure __msg("R2 must be") 28 int BPF_PROG(test_invalid_nested_user_cpus, struct task_struct *task, u64 clone_flags) 29 { 30 bpf_cpumask_test_cpu(0, task->user_cpus_ptr); 31 return 0; 32 } 33 34 SEC("tp_btf/task_newtask") 35 __failure __msg("R1 must have zero offset when passed to release func or trusted arg to kfunc") 36 int BPF_PROG(test_invalid_nested_offset, struct task_struct *task, u64 clone_flags) 37 { 38 bpf_cpumask_first_zero(&task->cpus_mask); 39 return 0; 40 } 41 42 /* Although R2 is of type sk_buff but sock_common is expected, we will hit untrusted ptr first. */ 43 SEC("tp_btf/tcp_probe") 44 __failure __msg("R2 type=untrusted_ptr_ expected=ptr_, trusted_ptr_, rcu_ptr_") 45 int BPF_PROG(test_invalid_skb_field, struct sock *sk, struct sk_buff *skb) 46 { 47 bpf_sk_storage_get(&sk_storage_map, skb->next, 0, 0); 48 return 0; 49 } 50