selftests/bpf: Add selftest for may_goto

Added test cases to ensure that programs with stack sizes exceeding 512
bytes are restricted in non-JITed mode, and can be executed normally in
JITed mode, even with stack sizes exceeding 512 bytes due to the presence
of may_goto instructions.

Test result:
echo "0" > /proc/sys/net/core/bpf_jit_enable
./test_progs -t verifier_stack_ptr
...
stack size 512 with may_goto with jit:SKIP
stack size 512 with may_goto without jit:OK
...
Summary: 1/27 PASSED, 25 SKIPPED, 0 FAILED

echo "1" > /proc/sys/net/core/bpf_jit_enable
./test_progs -t verifier_stack_ptr
...
stack size 512 with may_goto with jit:OK
stack size 512 with may_goto without jit:SKIP
...
Summary: 1/27 PASSED, 25 SKIPPED, 0 FAILED

Signed-off-by: Jiayuan Chen <mrpre@163.com>
Link: https://lore.kernel.org/r/20250214091823.46042-4-mrpre@163.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

diff --git a/tools/testing/selftests/bpf/progs/verifier_stack_ptr.c b/tools/testing/selftests/bpf/progs/verifier_stack_ptr.c
index 417c61cd4b19015103cf808e99da29a2f3a06673..24aabc6083fd9698ba22bf93f07db76c99bdd9ee 100644 (file)
--- a/tools/testing/selftests/bpf/progs/verifier_stack_ptr.c
+++ b/tools/testing/selftests/bpf/progs/verifier_stack_ptr.c
@@ -481,4 +481,56 @@ l1_%=:     r0 = 42;                                        \
        : __clobber_all);
 }
 
+SEC("socket")
+__description("PTR_TO_STACK stack size > 512")
+__failure __msg("invalid write to stack R1 off=-520 size=8")
+__naked void stack_check_size_gt_512(void)
+{
+       asm volatile ("                                 \
+       r1 = r10;                                       \
+       r1 += -520;                                     \
+       r0 = 42;                                        \
+       *(u64*)(r1 + 0) = r0;                           \
+       exit;                                           \
+"      ::: __clobber_all);
+}
+
+#ifdef __BPF_FEATURE_MAY_GOTO
+SEC("socket")
+__description("PTR_TO_STACK stack size 512 with may_goto with jit")
+__load_if_JITed()
+__success __retval(42)
+__naked void stack_check_size_512_with_may_goto_jit(void)
+{
+       asm volatile ("                                 \
+       r1 = r10;                                       \
+       r1 += -512;                                     \
+       r0 = 42;                                        \
+       *(u32*)(r1 + 0) = r0;                           \
+       may_goto l0_%=;                                 \
+       r2 = 100;                                       \
+       l0_%=:                                          \
+       exit;                                           \
+"      ::: __clobber_all);
+}
+
+SEC("socket")
+__description("PTR_TO_STACK stack size 512 with may_goto without jit")
+__load_if_no_JITed()
+__failure __msg("stack size 520(extra 8) is too large")
+__naked void stack_check_size_512_with_may_goto(void)
+{
+       asm volatile ("                                 \
+       r1 = r10;                                       \
+       r1 += -512;                                     \
+       r0 = 42;                                        \
+       *(u32*)(r1 + 0) = r0;                           \
+       may_goto l0_%=;                                 \
+       r2 = 100;                                       \
+       l0_%=:                                          \
+       exit;                                           \
+"      ::: __clobber_all);
+}
+#endif
+
 char _license[] SEC("license") = "GPL";