selftests/bpf: Add tests for bpf_get_dentry_xattr

author Song Liu <song@kernel.org>

Tue, 6 Aug 2024 23:09:04 +0000 (16:09 -0700)

committer Alexei Starovoitov <ast@kernel.org>

Wed, 7 Aug 2024 18:28:04 +0000 (11:28 -0700)
author Song Liu <song@kernel.org>
Tue, 6 Aug 2024 23:09:04 +0000 (16:09 -0700)
committer Alexei Starovoitov <ast@kernel.org>
Wed, 7 Aug 2024 18:28:04 +0000 (11:28 -0700)
diff --git a/tools/testing/selftests/bpf/bpf_kfuncs.h b/tools/testing/selftests/bpf/bpf_kfuncs.h

index 3b6675ab40861037a031e2f22c671d5098c68936..2eb3483f2fb0e83e8b9cf42cb79e617f20c3291e 100644 (file)
--- a/tools/testing/selftests/bpf/bpf_kfuncs.h
+++ b/tools/testing/selftests/bpf/bpf_kfuncs.h
@@ -45,7 +45,7 @@ extern int bpf_dynptr_clone(const struct bpf_dynptr *ptr, struct bpf_dynptr *clo
  
  /* Description
   *  Modify the address of a AF_UNIX sockaddr.
- * Returns__bpf_kfunc
+ * Returns
   *  -EINVAL if the address size is too big or, 0 if the sockaddr was successfully modified.
   */
  extern int bpf_sock_addr_set_sun_path(struct bpf_sock_addr_kern *sa_kern,
@@ -78,4 +78,13 @@ extern int bpf_verify_pkcs7_signature(struct bpf_dynptr *data_ptr,
  
  extern bool bpf_session_is_return(void) __ksym __weak;
  extern __u64 *bpf_session_cookie(void) __ksym __weak;
+
+struct dentry;
+/* Description
+ *  Returns xattr of a dentry
+ * Returns
+ *  Error code
+ */
+extern int bpf_get_dentry_xattr(struct dentry *dentry, const char *name,
+                             struct bpf_dynptr *value_ptr) __ksym __weak;
  #endif
diff --git a/tools/testing/selftests/bpf/prog_tests/fs_kfuncs.c b/tools/testing/selftests/bpf/prog_tests/fs_kfuncs.c

index 37056ba738474314397258ed937588dacf3e3f90..5a0b51157451dc92e079f8a5a55920a14ba984a4 100644 (file)
--- a/tools/testing/selftests/bpf/prog_tests/fs_kfuncs.c
+++ b/tools/testing/selftests/bpf/prog_tests/fs_kfuncs.c
@@ -16,6 +16,7 @@ static void test_xattr(void)
  {
         struct test_get_xattr *skel = NULL;
         int fd = -1, err;
+       int v[32];
  
         fd = open(testfile, O_CREAT | O_RDONLY, 0644);
         if (!ASSERT_GE(fd, 0, "create_file"))
@@ -50,7 +51,13 @@ static void test_xattr(void)
         if (!ASSERT_GE(fd, 0, "open_file"))
                 goto out;
  
-       ASSERT_EQ(skel->bss->found_xattr, 1, "found_xattr");
+       ASSERT_EQ(skel->bss->found_xattr_from_file, 1, "found_xattr_from_file");
+
+       /* Trigger security_inode_getxattr */
+       err = getxattr(testfile, "user.kfuncs", v, sizeof(v));
+       ASSERT_EQ(err, -1, "getxattr_return");
+       ASSERT_EQ(errno, EINVAL, "getxattr_errno");
+       ASSERT_EQ(skel->bss->found_xattr_from_dentry, 1, "found_xattr_from_dentry");
  
  out:
         close(fd);
diff --git a/tools/testing/selftests/bpf/progs/test_get_xattr.c b/tools/testing/selftests/bpf/progs/test_get_xattr.c

index 7eb2a4e5a3e5768d221b9a6aaefc398a647b3c61..66e737720f7c6b93762abf09de632bd89d448cbe 100644 (file)
--- a/tools/testing/selftests/bpf/progs/test_get_xattr.c
+++ b/tools/testing/selftests/bpf/progs/test_get_xattr.c
@@ -2,6 +2,7 @@
  /* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
  
  #include "vmlinux.h"
+#include <errno.h>
  #include <bpf/bpf_helpers.h>
  #include <bpf/bpf_tracing.h>
  #include "bpf_kfuncs.h"
@@ -9,10 +10,12 @@
  char _license[] SEC("license") = "GPL";
  
  __u32 monitored_pid;
-__u32 found_xattr;
+__u32 found_xattr_from_file;
+__u32 found_xattr_from_dentry;
  
  static const char expected_value[] = "hello";
-char value[32];
+char value1[32];
+char value2[32];
  
  SEC("lsm.s/file_open")
  int BPF_PROG(test_file_open, struct file *f)
@@ -25,13 +28,37 @@ int BPF_PROG(test_file_open, struct file *f)
         if (pid != monitored_pid)
                 return 0;
  
-       bpf_dynptr_from_mem(value, sizeof(value), 0, &value_ptr);
+       bpf_dynptr_from_mem(value1, sizeof(value1), 0, &value_ptr);
  
         ret = bpf_get_file_xattr(f, "user.kfuncs", &value_ptr);
         if (ret != sizeof(expected_value))
                 return 0;
-       if (bpf_strncmp(value, ret, expected_value))
+       if (bpf_strncmp(value1, ret, expected_value))
                 return 0;
-       found_xattr = 1;
+       found_xattr_from_file = 1;
         return 0;
  }
+
+SEC("lsm.s/inode_getxattr")
+int BPF_PROG(test_inode_getxattr, struct dentry *dentry, char *name)
+{
+       struct bpf_dynptr value_ptr;
+       __u32 pid;
+       int ret;
+
+       pid = bpf_get_current_pid_tgid() >> 32;
+       if (pid != monitored_pid)
+               return 0;
+
+       bpf_dynptr_from_mem(value2, sizeof(value2), 0, &value_ptr);
+
+       ret = bpf_get_dentry_xattr(dentry, "user.kfuncs", &value_ptr);
+       if (ret != sizeof(expected_value))
+               return 0;
+       if (bpf_strncmp(value2, ret, expected_value))
+               return 0;
+       found_xattr_from_dentry = 1;
+
+       /* return non-zero to fail getxattr from user space */
+       return -EINVAL;
+}
author	Song Liu <song@kernel.org>
	Tue, 6 Aug 2024 23:09:04 +0000 (16:09 -0700)
committer	Alexei Starovoitov <ast@kernel.org>
	Wed, 7 Aug 2024 18:28:04 +0000 (11:28 -0700)
tools/testing/selftests/bpf/bpf_kfuncs.h		patch \| blob \| blame \| history
tools/testing/selftests/bpf/prog_tests/fs_kfuncs.c		patch \| blob \| blame \| history
tools/testing/selftests/bpf/progs/test_get_xattr.c		patch \| blob \| blame \| history