1 { 2 "valid 1,2,4,8-byte reads from bpf_sk_lookup", 3 .insns = { 4 /* 1-byte read from family field */ 5 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 6 offsetof(struct bpf_sk_lookup, family)), 7 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 8 offsetof(struct bpf_sk_lookup, family) + 1), 9 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 10 offsetof(struct bpf_sk_lookup, family) + 2), 11 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 12 offsetof(struct bpf_sk_lookup, family) + 3), 13 /* 2-byte read from family field */ 14 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 15 offsetof(struct bpf_sk_lookup, family)), 16 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 17 offsetof(struct bpf_sk_lookup, family) + 2), 18 /* 4-byte read from family field */ 19 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 20 offsetof(struct bpf_sk_lookup, family)), 21 22 /* 1-byte read from protocol field */ 23 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 24 offsetof(struct bpf_sk_lookup, protocol)), 25 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 26 offsetof(struct bpf_sk_lookup, protocol) + 1), 27 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 28 offsetof(struct bpf_sk_lookup, protocol) + 2), 29 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 30 offsetof(struct bpf_sk_lookup, protocol) + 3), 31 /* 2-byte read from protocol field */ 32 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 33 offsetof(struct bpf_sk_lookup, protocol)), 34 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 35 offsetof(struct bpf_sk_lookup, protocol) + 2), 36 /* 4-byte read from protocol field */ 37 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 38 offsetof(struct bpf_sk_lookup, protocol)), 39 40 /* 1-byte read from remote_ip4 field */ 41 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 42 offsetof(struct bpf_sk_lookup, remote_ip4)), 43 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 44 offsetof(struct bpf_sk_lookup, remote_ip4) + 1), 45 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 46 offsetof(struct bpf_sk_lookup, remote_ip4) + 2), 47 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 48 offsetof(struct bpf_sk_lookup, remote_ip4) + 3), 49 /* 2-byte read from remote_ip4 field */ 50 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 51 offsetof(struct bpf_sk_lookup, remote_ip4)), 52 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 53 offsetof(struct bpf_sk_lookup, remote_ip4) + 2), 54 /* 4-byte read from remote_ip4 field */ 55 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 56 offsetof(struct bpf_sk_lookup, remote_ip4)), 57 58 /* 1-byte read from remote_ip6 field */ 59 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 60 offsetof(struct bpf_sk_lookup, remote_ip6)), 61 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 62 offsetof(struct bpf_sk_lookup, remote_ip6) + 1), 63 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 64 offsetof(struct bpf_sk_lookup, remote_ip6) + 2), 65 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 66 offsetof(struct bpf_sk_lookup, remote_ip6) + 3), 67 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 68 offsetof(struct bpf_sk_lookup, remote_ip6) + 4), 69 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 70 offsetof(struct bpf_sk_lookup, remote_ip6) + 5), 71 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 72 offsetof(struct bpf_sk_lookup, remote_ip6) + 6), 73 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 74 offsetof(struct bpf_sk_lookup, remote_ip6) + 7), 75 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 76 offsetof(struct bpf_sk_lookup, remote_ip6) + 8), 77 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 78 offsetof(struct bpf_sk_lookup, remote_ip6) + 9), 79 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 80 offsetof(struct bpf_sk_lookup, remote_ip6) + 10), 81 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 82 offsetof(struct bpf_sk_lookup, remote_ip6) + 11), 83 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 84 offsetof(struct bpf_sk_lookup, remote_ip6) + 12), 85 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 86 offsetof(struct bpf_sk_lookup, remote_ip6) + 13), 87 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 88 offsetof(struct bpf_sk_lookup, remote_ip6) + 14), 89 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 90 offsetof(struct bpf_sk_lookup, remote_ip6) + 15), 91 /* 2-byte read from remote_ip6 field */ 92 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 93 offsetof(struct bpf_sk_lookup, remote_ip6)), 94 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 95 offsetof(struct bpf_sk_lookup, remote_ip6) + 2), 96 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 97 offsetof(struct bpf_sk_lookup, remote_ip6) + 4), 98 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 99 offsetof(struct bpf_sk_lookup, remote_ip6) + 6), 100 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 101 offsetof(struct bpf_sk_lookup, remote_ip6) + 8), 102 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 103 offsetof(struct bpf_sk_lookup, remote_ip6) + 10), 104 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 105 offsetof(struct bpf_sk_lookup, remote_ip6) + 12), 106 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 107 offsetof(struct bpf_sk_lookup, remote_ip6) + 14), 108 /* 4-byte read from remote_ip6 field */ 109 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 110 offsetof(struct bpf_sk_lookup, remote_ip6)), 111 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 112 offsetof(struct bpf_sk_lookup, remote_ip6) + 4), 113 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 114 offsetof(struct bpf_sk_lookup, remote_ip6) + 8), 115 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 116 offsetof(struct bpf_sk_lookup, remote_ip6) + 12), 117 118 /* 1-byte read from remote_port field */ 119 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 120 offsetof(struct bpf_sk_lookup, remote_port)), 121 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 122 offsetof(struct bpf_sk_lookup, remote_port) + 1), 123 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 124 offsetof(struct bpf_sk_lookup, remote_port) + 2), 125 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 126 offsetof(struct bpf_sk_lookup, remote_port) + 3), 127 /* 2-byte read from remote_port field */ 128 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 129 offsetof(struct bpf_sk_lookup, remote_port)), 130 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 131 offsetof(struct bpf_sk_lookup, remote_port) + 2), 132 /* 4-byte read from remote_port field */ 133 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 134 offsetof(struct bpf_sk_lookup, remote_port)), 135 136 /* 1-byte read from local_ip4 field */ 137 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 138 offsetof(struct bpf_sk_lookup, local_ip4)), 139 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 140 offsetof(struct bpf_sk_lookup, local_ip4) + 1), 141 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 142 offsetof(struct bpf_sk_lookup, local_ip4) + 2), 143 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 144 offsetof(struct bpf_sk_lookup, local_ip4) + 3), 145 /* 2-byte read from local_ip4 field */ 146 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 147 offsetof(struct bpf_sk_lookup, local_ip4)), 148 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 149 offsetof(struct bpf_sk_lookup, local_ip4) + 2), 150 /* 4-byte read from local_ip4 field */ 151 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 152 offsetof(struct bpf_sk_lookup, local_ip4)), 153 154 /* 1-byte read from local_ip6 field */ 155 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 156 offsetof(struct bpf_sk_lookup, local_ip6)), 157 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 158 offsetof(struct bpf_sk_lookup, local_ip6) + 1), 159 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 160 offsetof(struct bpf_sk_lookup, local_ip6) + 2), 161 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 162 offsetof(struct bpf_sk_lookup, local_ip6) + 3), 163 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 164 offsetof(struct bpf_sk_lookup, local_ip6) + 4), 165 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 166 offsetof(struct bpf_sk_lookup, local_ip6) + 5), 167 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 168 offsetof(struct bpf_sk_lookup, local_ip6) + 6), 169 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 170 offsetof(struct bpf_sk_lookup, local_ip6) + 7), 171 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 172 offsetof(struct bpf_sk_lookup, local_ip6) + 8), 173 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 174 offsetof(struct bpf_sk_lookup, local_ip6) + 9), 175 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 176 offsetof(struct bpf_sk_lookup, local_ip6) + 10), 177 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 178 offsetof(struct bpf_sk_lookup, local_ip6) + 11), 179 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 180 offsetof(struct bpf_sk_lookup, local_ip6) + 12), 181 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 182 offsetof(struct bpf_sk_lookup, local_ip6) + 13), 183 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 184 offsetof(struct bpf_sk_lookup, local_ip6) + 14), 185 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 186 offsetof(struct bpf_sk_lookup, local_ip6) + 15), 187 /* 2-byte read from local_ip6 field */ 188 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 189 offsetof(struct bpf_sk_lookup, local_ip6)), 190 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 191 offsetof(struct bpf_sk_lookup, local_ip6) + 2), 192 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 193 offsetof(struct bpf_sk_lookup, local_ip6) + 4), 194 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 195 offsetof(struct bpf_sk_lookup, local_ip6) + 6), 196 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 197 offsetof(struct bpf_sk_lookup, local_ip6) + 8), 198 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 199 offsetof(struct bpf_sk_lookup, local_ip6) + 10), 200 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 201 offsetof(struct bpf_sk_lookup, local_ip6) + 12), 202 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 203 offsetof(struct bpf_sk_lookup, local_ip6) + 14), 204 /* 4-byte read from local_ip6 field */ 205 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 206 offsetof(struct bpf_sk_lookup, local_ip6)), 207 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 208 offsetof(struct bpf_sk_lookup, local_ip6) + 4), 209 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 210 offsetof(struct bpf_sk_lookup, local_ip6) + 8), 211 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 212 offsetof(struct bpf_sk_lookup, local_ip6) + 12), 213 214 /* 1-byte read from local_port field */ 215 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 216 offsetof(struct bpf_sk_lookup, local_port)), 217 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 218 offsetof(struct bpf_sk_lookup, local_port) + 1), 219 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 220 offsetof(struct bpf_sk_lookup, local_port) + 2), 221 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 222 offsetof(struct bpf_sk_lookup, local_port) + 3), 223 /* 2-byte read from local_port field */ 224 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 225 offsetof(struct bpf_sk_lookup, local_port)), 226 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 227 offsetof(struct bpf_sk_lookup, local_port) + 2), 228 /* 4-byte read from local_port field */ 229 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 230 offsetof(struct bpf_sk_lookup, local_port)), 231 232 /* 8-byte read from sk field */ 233 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 234 offsetof(struct bpf_sk_lookup, sk)), 235 236 BPF_MOV32_IMM(BPF_REG_0, 0), 237 BPF_EXIT_INSN(), 238 }, 239 .result = ACCEPT, 240 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 241 .expected_attach_type = BPF_SK_LOOKUP, 242 }, 243 /* invalid 8-byte reads from a 4-byte fields in bpf_sk_lookup */ 244 { 245 "invalid 8-byte read from bpf_sk_lookup family field", 246 .insns = { 247 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 248 offsetof(struct bpf_sk_lookup, family)), 249 BPF_MOV32_IMM(BPF_REG_0, 0), 250 BPF_EXIT_INSN(), 251 }, 252 .errstr = "invalid bpf_context access", 253 .result = REJECT, 254 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 255 .expected_attach_type = BPF_SK_LOOKUP, 256 }, 257 { 258 "invalid 8-byte read from bpf_sk_lookup protocol field", 259 .insns = { 260 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 261 offsetof(struct bpf_sk_lookup, protocol)), 262 BPF_MOV32_IMM(BPF_REG_0, 0), 263 BPF_EXIT_INSN(), 264 }, 265 .errstr = "invalid bpf_context access", 266 .result = REJECT, 267 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 268 .expected_attach_type = BPF_SK_LOOKUP, 269 }, 270 { 271 "invalid 8-byte read from bpf_sk_lookup remote_ip4 field", 272 .insns = { 273 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 274 offsetof(struct bpf_sk_lookup, remote_ip4)), 275 BPF_MOV32_IMM(BPF_REG_0, 0), 276 BPF_EXIT_INSN(), 277 }, 278 .errstr = "invalid bpf_context access", 279 .result = REJECT, 280 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 281 .expected_attach_type = BPF_SK_LOOKUP, 282 }, 283 { 284 "invalid 8-byte read from bpf_sk_lookup remote_ip6 field", 285 .insns = { 286 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 287 offsetof(struct bpf_sk_lookup, remote_ip6)), 288 BPF_MOV32_IMM(BPF_REG_0, 0), 289 BPF_EXIT_INSN(), 290 }, 291 .errstr = "invalid bpf_context access", 292 .result = REJECT, 293 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 294 .expected_attach_type = BPF_SK_LOOKUP, 295 }, 296 { 297 "invalid 8-byte read from bpf_sk_lookup remote_port field", 298 .insns = { 299 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 300 offsetof(struct bpf_sk_lookup, remote_port)), 301 BPF_MOV32_IMM(BPF_REG_0, 0), 302 BPF_EXIT_INSN(), 303 }, 304 .errstr = "invalid bpf_context access", 305 .result = REJECT, 306 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 307 .expected_attach_type = BPF_SK_LOOKUP, 308 }, 309 { 310 "invalid 8-byte read from bpf_sk_lookup local_ip4 field", 311 .insns = { 312 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 313 offsetof(struct bpf_sk_lookup, local_ip4)), 314 BPF_MOV32_IMM(BPF_REG_0, 0), 315 BPF_EXIT_INSN(), 316 }, 317 .errstr = "invalid bpf_context access", 318 .result = REJECT, 319 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 320 .expected_attach_type = BPF_SK_LOOKUP, 321 }, 322 { 323 "invalid 8-byte read from bpf_sk_lookup local_ip6 field", 324 .insns = { 325 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 326 offsetof(struct bpf_sk_lookup, local_ip6)), 327 BPF_MOV32_IMM(BPF_REG_0, 0), 328 BPF_EXIT_INSN(), 329 }, 330 .errstr = "invalid bpf_context access", 331 .result = REJECT, 332 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 333 .expected_attach_type = BPF_SK_LOOKUP, 334 }, 335 { 336 "invalid 8-byte read from bpf_sk_lookup local_port field", 337 .insns = { 338 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1, 339 offsetof(struct bpf_sk_lookup, local_port)), 340 BPF_MOV32_IMM(BPF_REG_0, 0), 341 BPF_EXIT_INSN(), 342 }, 343 .errstr = "invalid bpf_context access", 344 .result = REJECT, 345 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 346 .expected_attach_type = BPF_SK_LOOKUP, 347 }, 348 /* invalid 1,2,4-byte reads from 8-byte fields in bpf_sk_lookup */ 349 { 350 "invalid 4-byte read from bpf_sk_lookup sk field", 351 .insns = { 352 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 353 offsetof(struct bpf_sk_lookup, sk)), 354 BPF_MOV32_IMM(BPF_REG_0, 0), 355 BPF_EXIT_INSN(), 356 }, 357 .errstr = "invalid bpf_context access", 358 .result = REJECT, 359 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 360 .expected_attach_type = BPF_SK_LOOKUP, 361 }, 362 { 363 "invalid 2-byte read from bpf_sk_lookup sk field", 364 .insns = { 365 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1, 366 offsetof(struct bpf_sk_lookup, sk)), 367 BPF_MOV32_IMM(BPF_REG_0, 0), 368 BPF_EXIT_INSN(), 369 }, 370 .errstr = "invalid bpf_context access", 371 .result = REJECT, 372 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 373 .expected_attach_type = BPF_SK_LOOKUP, 374 }, 375 { 376 "invalid 1-byte read from bpf_sk_lookup sk field", 377 .insns = { 378 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1, 379 offsetof(struct bpf_sk_lookup, sk)), 380 BPF_MOV32_IMM(BPF_REG_0, 0), 381 BPF_EXIT_INSN(), 382 }, 383 .errstr = "invalid bpf_context access", 384 .result = REJECT, 385 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 386 .expected_attach_type = BPF_SK_LOOKUP, 387 }, 388 /* out of bounds and unaligned reads from bpf_sk_lookup */ 389 { 390 "invalid 4-byte read past end of bpf_sk_lookup", 391 .insns = { 392 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 393 sizeof(struct bpf_sk_lookup)), 394 BPF_MOV32_IMM(BPF_REG_0, 0), 395 BPF_EXIT_INSN(), 396 }, 397 .errstr = "invalid bpf_context access", 398 .result = REJECT, 399 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 400 .expected_attach_type = BPF_SK_LOOKUP, 401 }, 402 { 403 "invalid 4-byte unaligned read from bpf_sk_lookup at odd offset", 404 .insns = { 405 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 1), 406 BPF_MOV32_IMM(BPF_REG_0, 0), 407 BPF_EXIT_INSN(), 408 }, 409 .errstr = "invalid bpf_context access", 410 .result = REJECT, 411 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 412 .expected_attach_type = BPF_SK_LOOKUP, 413 }, 414 { 415 "invalid 4-byte unaligned read from bpf_sk_lookup at even offset", 416 .insns = { 417 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 2), 418 BPF_MOV32_IMM(BPF_REG_0, 0), 419 BPF_EXIT_INSN(), 420 }, 421 .errstr = "invalid bpf_context access", 422 .result = REJECT, 423 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 424 .expected_attach_type = BPF_SK_LOOKUP, 425 }, 426 /* in-bound and out-of-bound writes to bpf_sk_lookup */ 427 { 428 "invalid 8-byte write to bpf_sk_lookup", 429 .insns = { 430 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U), 431 BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_0, 0), 432 BPF_MOV32_IMM(BPF_REG_0, 0), 433 BPF_EXIT_INSN(), 434 }, 435 .errstr = "invalid bpf_context access", 436 .result = REJECT, 437 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 438 .expected_attach_type = BPF_SK_LOOKUP, 439 }, 440 { 441 "invalid 4-byte write to bpf_sk_lookup", 442 .insns = { 443 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U), 444 BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_0, 0), 445 BPF_MOV32_IMM(BPF_REG_0, 0), 446 BPF_EXIT_INSN(), 447 }, 448 .errstr = "invalid bpf_context access", 449 .result = REJECT, 450 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 451 .expected_attach_type = BPF_SK_LOOKUP, 452 }, 453 { 454 "invalid 2-byte write to bpf_sk_lookup", 455 .insns = { 456 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U), 457 BPF_STX_MEM(BPF_H, BPF_REG_1, BPF_REG_0, 0), 458 BPF_MOV32_IMM(BPF_REG_0, 0), 459 BPF_EXIT_INSN(), 460 }, 461 .errstr = "invalid bpf_context access", 462 .result = REJECT, 463 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 464 .expected_attach_type = BPF_SK_LOOKUP, 465 }, 466 { 467 "invalid 1-byte write to bpf_sk_lookup", 468 .insns = { 469 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U), 470 BPF_STX_MEM(BPF_B, BPF_REG_1, BPF_REG_0, 0), 471 BPF_MOV32_IMM(BPF_REG_0, 0), 472 BPF_EXIT_INSN(), 473 }, 474 .errstr = "invalid bpf_context access", 475 .result = REJECT, 476 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 477 .expected_attach_type = BPF_SK_LOOKUP, 478 }, 479 { 480 "invalid 4-byte write past end of bpf_sk_lookup", 481 .insns = { 482 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U), 483 BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_0, 484 sizeof(struct bpf_sk_lookup)), 485 BPF_MOV32_IMM(BPF_REG_0, 0), 486 BPF_EXIT_INSN(), 487 }, 488 .errstr = "invalid bpf_context access", 489 .result = REJECT, 490 .prog_type = BPF_PROG_TYPE_SK_LOOKUP, 491 .expected_attach_type = BPF_SK_LOOKUP, 492 }, 493