From 20256c8ca07ca18b4ac60a0bce26c36f192dbda3 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 8 Jun 2021 16:48:05 +0200 Subject: [PATCH] 4.19-stable patches added patches: bpf-add-bpf_f_any_alignment.patch bpf-adjust-f_needs_efficient_unaligned_access-handling-in-test_verifier.c.patch bpf-apply-f_needs_efficient_unaligned_access-to-more-accept-test-cases.patch bpf-fix-test-suite-to-enable-all-unpriv-program-types.patch bpf-make-more-use-of-any-alignment-in-test_verifier.c.patch bpf-test-make-sure-to-run-unpriv-test-cases-in-test_verifier.patch selftests-bpf-add-any-alignment-annotation-for-some-tests.patch selftests-bpf-avoid-running-unprivileged-tests-with-alignment-requirements.patch selftests-bpf-generalize-dummy-program-types.patch --- queue-4.19/bpf-add-bpf_f_any_alignment.patch | 179 +++++++++ ...d_access-handling-in-test_verifier.c.patch | 122 ++++++ ...ned_access-to-more-accept-test-cases.patch | 157 ++++++++ ...e-to-enable-all-unpriv-program-types.patch | 63 ++++ ...-of-any-alignment-in-test_verifier.c.patch | 353 ++++++++++++++++++ ...n-unpriv-test-cases-in-test_verifier.patch | 154 ++++++++ ...-alignment-annotation-for-some-tests.patch | 51 +++ ...ed-tests-with-alignment-requirements.patch | 55 +++ ...s-bpf-generalize-dummy-program-types.patch | 120 ++++++ queue-4.19/series | 9 + 10 files changed, 1263 insertions(+) create mode 100644 queue-4.19/bpf-add-bpf_f_any_alignment.patch create mode 100644 queue-4.19/bpf-adjust-f_needs_efficient_unaligned_access-handling-in-test_verifier.c.patch create mode 100644 queue-4.19/bpf-apply-f_needs_efficient_unaligned_access-to-more-accept-test-cases.patch create mode 100644 queue-4.19/bpf-fix-test-suite-to-enable-all-unpriv-program-types.patch create mode 100644 queue-4.19/bpf-make-more-use-of-any-alignment-in-test_verifier.c.patch create mode 100644 queue-4.19/bpf-test-make-sure-to-run-unpriv-test-cases-in-test_verifier.patch create mode 100644 queue-4.19/selftests-bpf-add-any-alignment-annotation-for-some-tests.patch create mode 100644 queue-4.19/selftests-bpf-avoid-running-unprivileged-tests-with-alignment-requirements.patch create mode 100644 queue-4.19/selftests-bpf-generalize-dummy-program-types.patch diff --git a/queue-4.19/bpf-add-bpf_f_any_alignment.patch b/queue-4.19/bpf-add-bpf_f_any_alignment.patch new file mode 100644 index 00000000000..18042a88f74 --- /dev/null +++ b/queue-4.19/bpf-add-bpf_f_any_alignment.patch @@ -0,0 +1,179 @@ +From foo@baz Tue Jun 8 04:42:32 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:48 +0800 +Subject: bpf: Add BPF_F_ANY_ALIGNMENT. +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, "David S. Miller" , Alexei Starovoitov +Message-ID: <1622604473-781-5-git-send-email-yangtiezhu@loongson.cn> + +From: "David S. Miller" + +commit e9ee9efc0d176512cdce9d27ff8549d7ffa2bfcd upstream + +Often we want to write tests cases that check things like bad context +offset accesses. And one way to do this is to use an odd offset on, +for example, a 32-bit load. + +This unfortunately triggers the alignment checks first on platforms +that do not set CONFIG_EFFICIENT_UNALIGNED_ACCESS. So the test +case see the alignment failure rather than what it was testing for. + +It is often not completely possible to respect the original intention +of the test, or even test the same exact thing, while solving the +alignment issue. + +Another option could have been to check the alignment after the +context and other validations are performed by the verifier, but +that is a non-trivial change to the verifier. + +Signed-off-by: David S. Miller +Signed-off-by: Alexei Starovoitov +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + include/uapi/linux/bpf.h | 14 ++++++++++++++ + kernel/bpf/syscall.c | 7 ++++++- + kernel/bpf/verifier.c | 3 +++ + tools/include/uapi/linux/bpf.h | 14 ++++++++++++++ + tools/lib/bpf/bpf.c | 8 ++++---- + tools/lib/bpf/bpf.h | 2 +- + tools/testing/selftests/bpf/test_align.c | 4 ++-- + tools/testing/selftests/bpf/test_verifier.c | 3 ++- + 8 files changed, 46 insertions(+), 9 deletions(-) + +--- a/include/uapi/linux/bpf.h ++++ b/include/uapi/linux/bpf.h +@@ -228,6 +228,20 @@ enum bpf_attach_type { + */ + #define BPF_F_STRICT_ALIGNMENT (1U << 0) + ++/* If BPF_F_ANY_ALIGNMENT is used in BPF_PROF_LOAD command, the ++ * verifier will allow any alignment whatsoever. On platforms ++ * with strict alignment requirements for loads ands stores (such ++ * as sparc and mips) the verifier validates that all loads and ++ * stores provably follow this requirement. This flag turns that ++ * checking and enforcement off. ++ * ++ * It is mostly used for testing when we want to validate the ++ * context and memory access aspects of the verifier, but because ++ * of an unaligned access the alignment check would trigger before ++ * the one we are interested in. ++ */ ++#define BPF_F_ANY_ALIGNMENT (1U << 1) ++ + /* when bpf_ldimm64->src_reg == BPF_PSEUDO_MAP_FD, bpf_ldimm64->imm == fd */ + #define BPF_PSEUDO_MAP_FD 1 + +--- a/kernel/bpf/syscall.c ++++ b/kernel/bpf/syscall.c +@@ -1367,9 +1367,14 @@ static int bpf_prog_load(union bpf_attr + if (CHECK_ATTR(BPF_PROG_LOAD)) + return -EINVAL; + +- if (attr->prog_flags & ~BPF_F_STRICT_ALIGNMENT) ++ if (attr->prog_flags & ~(BPF_F_STRICT_ALIGNMENT | BPF_F_ANY_ALIGNMENT)) + return -EINVAL; + ++ if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && ++ (attr->prog_flags & BPF_F_ANY_ALIGNMENT) && ++ !capable(CAP_SYS_ADMIN)) ++ return -EPERM; ++ + /* copy eBPF program license from user space */ + if (strncpy_from_user(license, u64_to_user_ptr(attr->license), + sizeof(license) - 1) < 0) +--- a/kernel/bpf/verifier.c ++++ b/kernel/bpf/verifier.c +@@ -6440,6 +6440,9 @@ int bpf_check(struct bpf_prog **prog, un + if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)) + env->strict_alignment = true; + ++ if (attr->prog_flags & BPF_F_ANY_ALIGNMENT) ++ env->strict_alignment = false; ++ + ret = replace_map_fd_with_map_ptr(env); + if (ret < 0) + goto skip_full_check; +--- a/tools/include/uapi/linux/bpf.h ++++ b/tools/include/uapi/linux/bpf.h +@@ -226,6 +226,20 @@ enum bpf_attach_type { + */ + #define BPF_F_STRICT_ALIGNMENT (1U << 0) + ++/* If BPF_F_ANY_ALIGNMENT is used in BPF_PROF_LOAD command, the ++ * verifier will allow any alignment whatsoever. On platforms ++ * with strict alignment requirements for loads ands stores (such ++ * as sparc and mips) the verifier validates that all loads and ++ * stores provably follow this requirement. This flag turns that ++ * checking and enforcement off. ++ * ++ * It is mostly used for testing when we want to validate the ++ * context and memory access aspects of the verifier, but because ++ * of an unaligned access the alignment check would trigger before ++ * the one we are interested in. ++ */ ++#define BPF_F_ANY_ALIGNMENT (1U << 1) ++ + /* when bpf_ldimm64->src_reg == BPF_PSEUDO_MAP_FD, bpf_ldimm64->imm == fd */ + #define BPF_PSEUDO_MAP_FD 1 + +--- a/tools/lib/bpf/bpf.c ++++ b/tools/lib/bpf/bpf.c +@@ -261,9 +261,9 @@ int bpf_load_program(enum bpf_prog_type + } + + int bpf_verify_program(enum bpf_prog_type type, const struct bpf_insn *insns, +- size_t insns_cnt, int strict_alignment, +- const char *license, __u32 kern_version, +- char *log_buf, size_t log_buf_sz, int log_level) ++ size_t insns_cnt, __u32 prog_flags, const char *license, ++ __u32 kern_version, char *log_buf, size_t log_buf_sz, ++ int log_level) + { + union bpf_attr attr; + +@@ -277,7 +277,7 @@ int bpf_verify_program(enum bpf_prog_typ + attr.log_level = log_level; + log_buf[0] = 0; + attr.kern_version = kern_version; +- attr.prog_flags = strict_alignment ? BPF_F_STRICT_ALIGNMENT : 0; ++ attr.prog_flags = prog_flags; + + return sys_bpf_prog_load(&attr, sizeof(attr)); + } +--- a/tools/lib/bpf/bpf.h ++++ b/tools/lib/bpf/bpf.h +@@ -79,7 +79,7 @@ int bpf_load_program(enum bpf_prog_type + __u32 kern_version, char *log_buf, + size_t log_buf_sz); + int bpf_verify_program(enum bpf_prog_type type, const struct bpf_insn *insns, +- size_t insns_cnt, int strict_alignment, ++ size_t insns_cnt, __u32 prog_flags, + const char *license, __u32 kern_version, + char *log_buf, size_t log_buf_sz, int log_level); + +--- a/tools/testing/selftests/bpf/test_align.c ++++ b/tools/testing/selftests/bpf/test_align.c +@@ -620,8 +620,8 @@ static int do_test_single(struct bpf_ali + + prog_len = probe_filter_length(prog); + fd_prog = bpf_verify_program(prog_type ? : BPF_PROG_TYPE_SOCKET_FILTER, +- prog, prog_len, 1, "GPL", 0, +- bpf_vlog, sizeof(bpf_vlog), 2); ++ prog, prog_len, BPF_F_STRICT_ALIGNMENT, ++ "GPL", 0, bpf_vlog, sizeof(bpf_vlog), 2); + if (fd_prog < 0 && test->result != REJECT) { + printf("Failed to load program.\n"); + printf("%s", bpf_vlog); +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -12862,7 +12862,8 @@ static void do_test_single(struct bpf_te + prog_len = probe_filter_length(prog); + + fd_prog = bpf_verify_program(prog_type, prog, prog_len, +- test->flags & F_LOAD_WITH_STRICT_ALIGNMENT, ++ test->flags & F_LOAD_WITH_STRICT_ALIGNMENT ? ++ BPF_F_STRICT_ALIGNMENT : 0, + "GPL", 0, bpf_vlog, sizeof(bpf_vlog), 1); + + expected_ret = unpriv && test->result_unpriv != UNDEF ? diff --git a/queue-4.19/bpf-adjust-f_needs_efficient_unaligned_access-handling-in-test_verifier.c.patch b/queue-4.19/bpf-adjust-f_needs_efficient_unaligned_access-handling-in-test_verifier.c.patch new file mode 100644 index 00000000000..0d7c9005fc5 --- /dev/null +++ b/queue-4.19/bpf-adjust-f_needs_efficient_unaligned_access-handling-in-test_verifier.c.patch @@ -0,0 +1,122 @@ +From foo@baz Tue Jun 8 04:42:32 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:49 +0800 +Subject: bpf: Adjust F_NEEDS_EFFICIENT_UNALIGNED_ACCESS handling in test_verifier.c +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, "David S. Miller" , Alexei Starovoitov +Message-ID: <1622604473-781-6-git-send-email-yangtiezhu@loongson.cn> + +From: "David S. Miller" + +commit c7665702d3208b77b8e00f0699b6b88241b04360 upstream + +Make it set the flag argument to bpf_verify_program() which will relax +the alignment restrictions. + +Now all such test cases will go properly through the verifier even on +inefficient unaligned access architectures. + +On inefficient unaligned access architectures do not try to run such +programs, instead mark the test case as passing but annotate the +result similarly to how it is done now in the presence of this flag. + +So, we get complete full coverage for all REJECT test cases, and at +least verifier level coverage for ACCEPT test cases. + +Signed-off-by: David S. Miller +Signed-off-by: Alexei Starovoitov +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 42 ++++++++++++++++------------ + 1 file changed, 24 insertions(+), 18 deletions(-) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -12844,13 +12844,14 @@ out: + static void do_test_single(struct bpf_test *test, bool unpriv, + int *passes, int *errors) + { +- int fd_prog, expected_ret, reject_from_alignment; ++ int fd_prog, expected_ret, alignment_prevented_execution; + int prog_len, prog_type = test->prog_type; + struct bpf_insn *prog = test->insns; + int map_fds[MAX_NR_MAPS]; + const char *expected_err; + uint32_t expected_val; + uint32_t retval; ++ __u32 pflags; + int i, err; + + for (i = 0; i < MAX_NR_MAPS; i++) +@@ -12861,9 +12862,12 @@ static void do_test_single(struct bpf_te + do_test_fixup(test, prog_type, prog, map_fds); + prog_len = probe_filter_length(prog); + +- fd_prog = bpf_verify_program(prog_type, prog, prog_len, +- test->flags & F_LOAD_WITH_STRICT_ALIGNMENT ? +- BPF_F_STRICT_ALIGNMENT : 0, ++ pflags = 0; ++ if (test->flags & F_LOAD_WITH_STRICT_ALIGNMENT) ++ pflags |= BPF_F_STRICT_ALIGNMENT; ++ if (test->flags & F_NEEDS_EFFICIENT_UNALIGNED_ACCESS) ++ pflags |= BPF_F_ANY_ALIGNMENT; ++ fd_prog = bpf_verify_program(prog_type, prog, prog_len, pflags, + "GPL", 0, bpf_vlog, sizeof(bpf_vlog), 1); + + expected_ret = unpriv && test->result_unpriv != UNDEF ? +@@ -12873,28 +12877,27 @@ static void do_test_single(struct bpf_te + expected_val = unpriv && test->retval_unpriv ? + test->retval_unpriv : test->retval; + +- reject_from_alignment = fd_prog < 0 && +- (test->flags & F_NEEDS_EFFICIENT_UNALIGNED_ACCESS) && +- strstr(bpf_vlog, "misaligned"); +-#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS +- if (reject_from_alignment) { +- printf("FAIL\nFailed due to alignment despite having efficient unaligned access: '%s'!\n", +- strerror(errno)); +- goto fail_log; +- } +-#endif ++ alignment_prevented_execution = 0; ++ + if (expected_ret == ACCEPT) { +- if (fd_prog < 0 && !reject_from_alignment) { ++ if (fd_prog < 0) { + printf("FAIL\nFailed to load prog '%s'!\n", + strerror(errno)); + goto fail_log; + } ++#ifndef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS ++ if (fd_prog >= 0 && ++ (test->flags & F_NEEDS_EFFICIENT_UNALIGNED_ACCESS)) { ++ alignment_prevented_execution = 1; ++ goto test_ok; ++ } ++#endif + } else { + if (fd_prog >= 0) { + printf("FAIL\nUnexpected success to load!\n"); + goto fail_log; + } +- if (!strstr(bpf_vlog, expected_err) && !reject_from_alignment) { ++ if (!strstr(bpf_vlog, expected_err)) { + printf("FAIL\nUnexpected error message!\n\tEXP: %s\n\tRES: %s\n", + expected_err, bpf_vlog); + goto fail_log; +@@ -12922,9 +12925,12 @@ static void do_test_single(struct bpf_te + goto fail_log; + } + } ++#ifndef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS ++test_ok: ++#endif + (*passes)++; +- printf("OK%s\n", reject_from_alignment ? +- " (NOTE: reject due to unknown alignment)" : ""); ++ printf("OK%s\n", alignment_prevented_execution ? ++ " (NOTE: not executed due to unknown alignment)" : ""); + close_fds: + close(fd_prog); + for (i = 0; i < MAX_NR_MAPS; i++) diff --git a/queue-4.19/bpf-apply-f_needs_efficient_unaligned_access-to-more-accept-test-cases.patch b/queue-4.19/bpf-apply-f_needs_efficient_unaligned_access-to-more-accept-test-cases.patch new file mode 100644 index 00000000000..5c46bd114a7 --- /dev/null +++ b/queue-4.19/bpf-apply-f_needs_efficient_unaligned_access-to-more-accept-test-cases.patch @@ -0,0 +1,157 @@ +From foo@baz Tue Jun 8 04:42:32 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:51 +0800 +Subject: bpf: Apply F_NEEDS_EFFICIENT_UNALIGNED_ACCESS to more ACCEPT test cases. +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, "David S. Miller" , Alexei Starovoitov +Message-ID: <1622604473-781-8-git-send-email-yangtiezhu@loongson.cn> + +From: "David S. Miller" + +commit 0a68632488aa0129ed530af9ae9e8573f5650812 upstream + +If a testcase has alignment problems but is expected to be ACCEPT, +verify it using F_NEEDS_EFFICIENT_UNALIGNED_ACCESS too. + +Maybe in the future if we add some architecture specific code to elide +the unaligned memory access warnings during the test, we can execute +these as well. + +Signed-off-by: David S. Miller +Signed-off-by: Alexei Starovoitov +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 16 ++++++++++++++++ + 1 file changed, 16 insertions(+) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -3787,6 +3787,7 @@ static struct bpf_test tests[] = { + }, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = ACCEPT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "direct packet access: test21 (x += pkt_ptr, 2)", +@@ -3812,6 +3813,7 @@ static struct bpf_test tests[] = { + }, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = ACCEPT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "direct packet access: test22 (x += pkt_ptr, 3)", +@@ -3842,6 +3844,7 @@ static struct bpf_test tests[] = { + }, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = ACCEPT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "direct packet access: test23 (x += pkt_ptr, 4)", +@@ -3894,6 +3897,7 @@ static struct bpf_test tests[] = { + }, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = ACCEPT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "direct packet access: test25 (marking on <, good access)", +@@ -6957,6 +6961,7 @@ static struct bpf_test tests[] = { + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .retval = 0 /* csum_diff of 64-byte packet */, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "helper access to variable memory: size = 0 not allowed on NULL (!ARG_PTR_TO_MEM_OR_NULL)", +@@ -8923,6 +8928,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data' > pkt_end, bad access 1", +@@ -9094,6 +9100,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_end < pkt_data', bad access 1", +@@ -9206,6 +9213,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_end >= pkt_data', bad access 1", +@@ -9263,6 +9271,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data' <= pkt_end, bad access 1", +@@ -9375,6 +9384,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_meta' > pkt_data, bad access 1", +@@ -9546,6 +9556,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data < pkt_meta', bad access 1", +@@ -9658,6 +9669,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data >= pkt_meta', bad access 1", +@@ -9715,6 +9727,7 @@ static struct bpf_test tests[] = { + }, + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_meta' <= pkt_data, bad access 1", +@@ -11646,6 +11659,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = ACCEPT, + .retval = 1, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 4", +@@ -11680,6 +11694,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = ACCEPT, + .retval = 1, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 5", +@@ -11825,6 +11840,7 @@ static struct bpf_test tests[] = { + }, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = ACCEPT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 9", diff --git a/queue-4.19/bpf-fix-test-suite-to-enable-all-unpriv-program-types.patch b/queue-4.19/bpf-fix-test-suite-to-enable-all-unpriv-program-types.patch new file mode 100644 index 00000000000..7405ef81540 --- /dev/null +++ b/queue-4.19/bpf-fix-test-suite-to-enable-all-unpriv-program-types.patch @@ -0,0 +1,63 @@ +From foo@baz Tue Jun 8 04:42:31 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:45 +0800 +Subject: bpf: fix test suite to enable all unpriv program types +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, Daniel Borkmann , Alexei Starovoitov +Message-ID: <1622604473-781-2-git-send-email-yangtiezhu@loongson.cn> + +From: Daniel Borkmann + +commit 36641ad61db5ce9befd5eb0071abb36eaff16cfc upstream + +Given BPF_PROG_TYPE_CGROUP_SKB program types are also valid in an +unprivileged setting, lets not omit these tests and potentially +have issues fall through the cracks. Make this more obvious by +adding a small test_as_unpriv() helper. + +Signed-off-by: Daniel Borkmann +Acked-by: Alexei Starovoitov +Signed-off-by: Alexei Starovoitov +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -4798,6 +4798,7 @@ static struct bpf_test tests[] = { + .fixup_cgroup_storage = { 1 }, + .result = REJECT, + .errstr = "get_local_storage() doesn't support non-zero flags", ++ .errstr_unpriv = "R2 leaks addr into helper function", + .prog_type = BPF_PROG_TYPE_CGROUP_SKB, + }, + { +@@ -12963,6 +12964,13 @@ static void get_unpriv_disabled() + fclose(fd); + } + ++static bool test_as_unpriv(struct bpf_test *test) ++{ ++ return !test->prog_type || ++ test->prog_type == BPF_PROG_TYPE_SOCKET_FILTER || ++ test->prog_type == BPF_PROG_TYPE_CGROUP_SKB; ++} ++ + static int do_test(bool unpriv, unsigned int from, unsigned int to) + { + int i, passes = 0, errors = 0, skips = 0; +@@ -12973,10 +12981,10 @@ static int do_test(bool unpriv, unsigned + /* Program types that are not supported by non-root we + * skip right away. + */ +- if (!test->prog_type && unpriv_disabled) { ++ if (test_as_unpriv(test) && unpriv_disabled) { + printf("#%d/u %s SKIP\n", i, test->descr); + skips++; +- } else if (!test->prog_type) { ++ } else if (test_as_unpriv(test)) { + if (!unpriv) + set_admin(false); + printf("#%d/u %s ", i, test->descr); diff --git a/queue-4.19/bpf-make-more-use-of-any-alignment-in-test_verifier.c.patch b/queue-4.19/bpf-make-more-use-of-any-alignment-in-test_verifier.c.patch new file mode 100644 index 00000000000..32bf4892827 --- /dev/null +++ b/queue-4.19/bpf-make-more-use-of-any-alignment-in-test_verifier.c.patch @@ -0,0 +1,353 @@ +From foo@baz Tue Jun 8 04:42:32 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:50 +0800 +Subject: bpf: Make more use of 'any' alignment in test_verifier.c +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, "David S. Miller" , Alexei Starovoitov +Message-ID: <1622604473-781-7-git-send-email-yangtiezhu@loongson.cn> + +From: "David S. Miller" + +commit 2acc5fd5b8c25df0de7f3c8b8e385f5c6f8202ec upstream + +Use F_NEEDS_EFFICIENT_UNALIGNED_ACCESS in more tests where the +expected result is REJECT. + +Signed-off-by: David S. Miller +Signed-off-by: Alexei Starovoitov +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 41 ++++++++++++++++++++++++++++ + 1 file changed, 41 insertions(+) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -1799,6 +1799,7 @@ static struct bpf_test tests[] = { + .errstr = "invalid bpf_context access", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_SK_MSG, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "direct packet read for SK_MSG", +@@ -2191,6 +2192,7 @@ static struct bpf_test tests[] = { + }, + .errstr = "invalid bpf_context access", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "check cb access: half, wrong type", +@@ -3151,6 +3153,7 @@ static struct bpf_test tests[] = { + .result = REJECT, + .errstr = "R0 invalid mem access 'inv'", + .prog_type = BPF_PROG_TYPE_SCHED_CLS, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "raw_stack: skb_load_bytes, spilled regs corruption 2", +@@ -3181,6 +3184,7 @@ static struct bpf_test tests[] = { + .result = REJECT, + .errstr = "R3 invalid mem access 'inv'", + .prog_type = BPF_PROG_TYPE_SCHED_CLS, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "raw_stack: skb_load_bytes, spilled regs + data", +@@ -3680,6 +3684,7 @@ static struct bpf_test tests[] = { + .errstr = "R2 invalid mem access 'inv'", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "direct packet access: test16 (arith on data_end)", +@@ -3863,6 +3868,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .result = REJECT, + .errstr = "invalid access to packet, off=0 size=8, R5(id=1,off=0,r=0)", ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "direct packet access: test24 (x += pkt_ptr, 5)", +@@ -4767,6 +4773,7 @@ static struct bpf_test tests[] = { + .result = REJECT, + .errstr = "invalid access to map value, value_size=64 off=-2 size=4", + .prog_type = BPF_PROG_TYPE_CGROUP_SKB, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "invalid cgroup storage access 5", +@@ -6433,6 +6440,7 @@ static struct bpf_test tests[] = { + .errstr = "invalid mem access 'inv'", + .result = REJECT, + .result_unpriv = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "map element value illegal alu op, 5", +@@ -6455,6 +6463,7 @@ static struct bpf_test tests[] = { + .fixup_map2 = { 3 }, + .errstr = "R0 invalid mem access 'inv'", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "map element value is preserved across register spilling", +@@ -8951,6 +8960,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_end > pkt_data', good access", +@@ -8989,6 +8999,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_end > pkt_data', bad access 2", +@@ -9007,6 +9018,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data' < pkt_end, good access", +@@ -9045,6 +9057,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data' < pkt_end, bad access 2", +@@ -9063,6 +9076,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_end < pkt_data', good access", +@@ -9117,6 +9131,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data' >= pkt_end, good access", +@@ -9153,6 +9168,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data' >= pkt_end, bad access 2", +@@ -9228,6 +9244,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data' <= pkt_end, good access", +@@ -9284,6 +9301,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_end <= pkt_data', good access", +@@ -9320,6 +9338,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_end <= pkt_data', bad access 2", +@@ -9393,6 +9412,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data > pkt_meta', good access", +@@ -9431,6 +9451,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data > pkt_meta', bad access 2", +@@ -9449,6 +9470,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_meta' < pkt_data, good access", +@@ -9487,6 +9509,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_meta' < pkt_data, bad access 2", +@@ -9505,6 +9528,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data < pkt_meta', good access", +@@ -9559,6 +9583,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_meta' >= pkt_data, good access", +@@ -9595,6 +9620,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_meta' >= pkt_data, bad access 2", +@@ -9670,6 +9696,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_meta' <= pkt_data, good access", +@@ -9726,6 +9753,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data <= pkt_meta', good access", +@@ -9762,6 +9790,7 @@ static struct bpf_test tests[] = { + .errstr = "R1 offset is outside of the packet", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "XDP pkt read, pkt_data <= pkt_meta', bad access 2", +@@ -9876,6 +9905,7 @@ static struct bpf_test tests[] = { + .errstr_unpriv = "R1 has pointer with unsupported alu operation", + .errstr = "dereference of modified ctx ptr", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "check deducing bounds from const, 8", +@@ -9890,6 +9920,7 @@ static struct bpf_test tests[] = { + .errstr_unpriv = "R1 has pointer with unsupported alu operation", + .errstr = "dereference of modified ctx ptr", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "check deducing bounds from const, 9", +@@ -10365,6 +10396,7 @@ static struct bpf_test tests[] = { + .result = REJECT, + .errstr = "R6 invalid mem access 'inv'", + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: two calls with args", +@@ -11230,6 +11262,7 @@ static struct bpf_test tests[] = { + .fixup_map1 = { 12, 22 }, + .result = REJECT, + .errstr = "invalid access to map value, value_size=8 off=2 size=8", ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: two calls that receive map_value via arg=ptr_stack_of_caller. test2", +@@ -11373,6 +11406,7 @@ static struct bpf_test tests[] = { + .fixup_map1 = { 12, 22 }, + .result = REJECT, + .errstr = "invalid access to map value, value_size=8 off=2 size=8", ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: two calls that receive map_value_ptr_or_null via arg. test1", +@@ -11544,6 +11578,7 @@ static struct bpf_test tests[] = { + .result = ACCEPT, + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .retval = POINTER_VALUE, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 2", +@@ -11575,6 +11610,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .errstr = "invalid access to packet", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 3", +@@ -11677,6 +11713,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .errstr = "same insn cannot be used with different", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 6", +@@ -11712,6 +11749,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .errstr = "R4 invalid mem access", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 7", +@@ -11746,6 +11784,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .errstr = "R4 invalid mem access", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: pkt_ptr spill into caller stack 8", +@@ -11827,6 +11866,7 @@ static struct bpf_test tests[] = { + .prog_type = BPF_PROG_TYPE_SCHED_CLS, + .errstr = "invalid access to packet", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "calls: caller stack init to zero or map_value_or_null", +@@ -12192,6 +12232,7 @@ static struct bpf_test tests[] = { + .result = REJECT, + .errstr = "BPF_XADD stores into R2 packet", + .prog_type = BPF_PROG_TYPE_XDP, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "xadd/w check whether src/dst got mangled, 1", diff --git a/queue-4.19/bpf-test-make-sure-to-run-unpriv-test-cases-in-test_verifier.patch b/queue-4.19/bpf-test-make-sure-to-run-unpriv-test-cases-in-test_verifier.patch new file mode 100644 index 00000000000..90607689e21 --- /dev/null +++ b/queue-4.19/bpf-test-make-sure-to-run-unpriv-test-cases-in-test_verifier.patch @@ -0,0 +1,154 @@ +From foo@baz Tue Jun 8 04:42:31 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:46 +0800 +Subject: bpf: test make sure to run unpriv test cases in test_verifier +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, Daniel Borkmann , Alexei Starovoitov +Message-ID: <1622604473-781-3-git-send-email-yangtiezhu@loongson.cn> + +From: Daniel Borkmann + +commit 832c6f2c29ec519b766923937f4f93fb1008b47d upstream + +Right now unprivileged tests are never executed as a BPF test run, +only loaded. Allow for running them as well so that we can check +the outcome and probe for regressions. + +Signed-off-by: Daniel Borkmann +Acked-by: Alexei Starovoitov +Signed-off-by: Alexei Starovoitov +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 71 +++++++++++++++------------- + 1 file changed, 40 insertions(+), 31 deletions(-) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -70,7 +70,7 @@ struct bpf_test { + int fixup_cgroup_storage[MAX_FIXUPS]; + const char *errstr; + const char *errstr_unpriv; +- uint32_t retval; ++ uint32_t retval, retval_unpriv; + enum { + UNDEF, + ACCEPT, +@@ -2986,6 +2986,8 @@ static struct bpf_test tests[] = { + .fixup_prog1 = { 2 }, + .result = ACCEPT, + .retval = 42, ++ /* Verifier rewrite for unpriv skips tail call here. */ ++ .retval_unpriv = 2, + }, + { + "stack pointer arithmetic", +@@ -12811,6 +12813,33 @@ static void do_test_fixup(struct bpf_tes + } + } + ++static int set_admin(bool admin) ++{ ++ cap_t caps; ++ const cap_value_t cap_val = CAP_SYS_ADMIN; ++ int ret = -1; ++ ++ caps = cap_get_proc(); ++ if (!caps) { ++ perror("cap_get_proc"); ++ return -1; ++ } ++ if (cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap_val, ++ admin ? CAP_SET : CAP_CLEAR)) { ++ perror("cap_set_flag"); ++ goto out; ++ } ++ if (cap_set_proc(caps)) { ++ perror("cap_set_proc"); ++ goto out; ++ } ++ ret = 0; ++out: ++ if (cap_free(caps)) ++ perror("cap_free"); ++ return ret; ++} ++ + static void do_test_single(struct bpf_test *test, bool unpriv, + int *passes, int *errors) + { +@@ -12819,6 +12848,7 @@ static void do_test_single(struct bpf_te + struct bpf_insn *prog = test->insns; + int map_fds[MAX_NR_MAPS]; + const char *expected_err; ++ uint32_t expected_val; + uint32_t retval; + int i, err; + +@@ -12836,6 +12866,8 @@ static void do_test_single(struct bpf_te + test->result_unpriv : test->result; + expected_err = unpriv && test->errstr_unpriv ? + test->errstr_unpriv : test->errstr; ++ expected_val = unpriv && test->retval_unpriv ? ++ test->retval_unpriv : test->retval; + + reject_from_alignment = fd_prog < 0 && + (test->flags & F_NEEDS_EFFICIENT_UNALIGNED_ACCESS) && +@@ -12869,16 +12901,20 @@ static void do_test_single(struct bpf_te + __u8 tmp[TEST_DATA_LEN << 2]; + __u32 size_tmp = sizeof(tmp); + ++ if (unpriv) ++ set_admin(true); + err = bpf_prog_test_run(fd_prog, 1, test->data, + sizeof(test->data), tmp, &size_tmp, + &retval, NULL); ++ if (unpriv) ++ set_admin(false); + if (err && errno != 524/*ENOTSUPP*/ && errno != EPERM) { + printf("Unexpected bpf_prog_test_run error\n"); + goto fail_log; + } +- if (!err && retval != test->retval && +- test->retval != POINTER_VALUE) { +- printf("FAIL retval %d != %d\n", retval, test->retval); ++ if (!err && retval != expected_val && ++ expected_val != POINTER_VALUE) { ++ printf("FAIL retval %d != %d\n", retval, expected_val); + goto fail_log; + } + } +@@ -12921,33 +12957,6 @@ static bool is_admin(void) + return (sysadmin == CAP_SET); + } + +-static int set_admin(bool admin) +-{ +- cap_t caps; +- const cap_value_t cap_val = CAP_SYS_ADMIN; +- int ret = -1; +- +- caps = cap_get_proc(); +- if (!caps) { +- perror("cap_get_proc"); +- return -1; +- } +- if (cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap_val, +- admin ? CAP_SET : CAP_CLEAR)) { +- perror("cap_set_flag"); +- goto out; +- } +- if (cap_set_proc(caps)) { +- perror("cap_set_proc"); +- goto out; +- } +- ret = 0; +-out: +- if (cap_free(caps)) +- perror("cap_free"); +- return ret; +-} +- + static void get_unpriv_disabled() + { + char buf[2]; diff --git a/queue-4.19/selftests-bpf-add-any-alignment-annotation-for-some-tests.patch b/queue-4.19/selftests-bpf-add-any-alignment-annotation-for-some-tests.patch new file mode 100644 index 00000000000..8444b4a00b8 --- /dev/null +++ b/queue-4.19/selftests-bpf-add-any-alignment-annotation-for-some-tests.patch @@ -0,0 +1,51 @@ +From foo@baz Tue Jun 8 04:42:32 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:52 +0800 +Subject: selftests/bpf: add "any alignment" annotation for some tests +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, "Bjrn Tpel" , "Daniel Borkmann" +Message-ID: <1622604473-781-9-git-send-email-yangtiezhu@loongson.cn> + +From: Björn Töpel + +commit e2c6f50e48849298bed694de03cceb537d95cdc4 upstream + +RISC-V does, in-general, not have "efficient unaligned access". When +testing the RISC-V BPF JIT, some selftests failed in the verification +due to misaligned access. Annotate these tests with the +F_NEEDS_EFFICIENT_UNALIGNED_ACCESS flag. + +Signed-off-by: Björn Töpel +Signed-off-by: Daniel Borkmann +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -963,6 +963,7 @@ static struct bpf_test tests[] = { + .errstr_unpriv = "attempt to corrupt spilled", + .errstr = "corrupted spill", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "invalid src register in STX", +@@ -1777,6 +1778,7 @@ static struct bpf_test tests[] = { + .errstr = "invalid bpf_context access", + .result = REJECT, + .prog_type = BPF_PROG_TYPE_SK_MSG, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "invalid read past end of SK_MSG", +@@ -2176,6 +2178,7 @@ static struct bpf_test tests[] = { + }, + .errstr = "invalid bpf_context access", + .result = REJECT, ++ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS, + }, + { + "check skb->hash half load not permitted, unaligned 3", diff --git a/queue-4.19/selftests-bpf-avoid-running-unprivileged-tests-with-alignment-requirements.patch b/queue-4.19/selftests-bpf-avoid-running-unprivileged-tests-with-alignment-requirements.patch new file mode 100644 index 00000000000..59c953cc9e8 --- /dev/null +++ b/queue-4.19/selftests-bpf-avoid-running-unprivileged-tests-with-alignment-requirements.patch @@ -0,0 +1,55 @@ +From foo@baz Tue Jun 8 04:42:32 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:53 +0800 +Subject: selftests/bpf: Avoid running unprivileged tests with alignment requirements +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, "Bjrn Tpel" , "Andrii Nakryiko" +Message-ID: <1622604473-781-10-git-send-email-yangtiezhu@loongson.cn> + +From: Björn Töpel + +commit c77b0589ca29ad1859fe7d7c1ecd63c0632379fa upstream + +Some architectures have strict alignment requirements. In that case, +the BPF verifier detects if a program has unaligned accesses and +rejects them. A user can pass BPF_F_ANY_ALIGNMENT to a program to +override this check. That, however, will only work when a privileged +user loads a program. An unprivileged user loading a program with this +flag will be rejected prior entering the verifier. + +Hence, it does not make sense to load unprivileged programs without +strict alignment when testing the verifier. This patch avoids exactly +that. + +Signed-off-by: Björn Töpel +Signed-off-by: Andrii Nakryiko +Acked-by: Luke Nelson +Link: https://lore.kernel.org/bpf/20201118071640.83773-3-bjorn.topel@gmail.com +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -13045,6 +13045,19 @@ static void get_unpriv_disabled() + + static bool test_as_unpriv(struct bpf_test *test) + { ++#ifndef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS ++ /* Some architectures have strict alignment requirements. In ++ * that case, the BPF verifier detects if a program has ++ * unaligned accesses and rejects them. A user can pass ++ * BPF_F_ANY_ALIGNMENT to a program to override this ++ * check. That, however, will only work when a privileged user ++ * loads a program. An unprivileged user loading a program ++ * with this flag will be rejected prior entering the ++ * verifier. ++ */ ++ if (test->flags & F_NEEDS_EFFICIENT_UNALIGNED_ACCESS) ++ return false; ++#endif + return !test->prog_type || + test->prog_type == BPF_PROG_TYPE_SOCKET_FILTER || + test->prog_type == BPF_PROG_TYPE_CGROUP_SKB; diff --git a/queue-4.19/selftests-bpf-generalize-dummy-program-types.patch b/queue-4.19/selftests-bpf-generalize-dummy-program-types.patch new file mode 100644 index 00000000000..b7df95414c1 --- /dev/null +++ b/queue-4.19/selftests-bpf-generalize-dummy-program-types.patch @@ -0,0 +1,120 @@ +From foo@baz Tue Jun 8 04:42:31 PM CEST 2021 +From: Tiezhu Yang +Date: Wed, 2 Jun 2021 11:27:47 +0800 +Subject: selftests/bpf: Generalize dummy program types +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, bpf@vger.kernel.org, Joe Stringer , Daniel Borkmann +Message-ID: <1622604473-781-4-git-send-email-yangtiezhu@loongson.cn> + +From: Joe Stringer + +commit 0c586079f852187d19fea60c9a4981ad29e22ba8 upstream + +Don't hardcode the dummy program types to SOCKET_FILTER type, as this +prevents testing bpf_tail_call in conjunction with other program types. +Instead, use the program type specified in the test case. + +Signed-off-by: Joe Stringer +Signed-off-by: Daniel Borkmann +Signed-off-by: Tiezhu Yang +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/bpf/test_verifier.c | 31 +++++++++++++++------------- + 1 file changed, 17 insertions(+), 14 deletions(-) + +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -12631,18 +12631,18 @@ static int create_map(uint32_t type, uin + return fd; + } + +-static int create_prog_dummy1(void) ++static int create_prog_dummy1(enum bpf_map_type prog_type) + { + struct bpf_insn prog[] = { + BPF_MOV64_IMM(BPF_REG_0, 42), + BPF_EXIT_INSN(), + }; + +- return bpf_load_program(BPF_PROG_TYPE_SOCKET_FILTER, prog, ++ return bpf_load_program(prog_type, prog, + ARRAY_SIZE(prog), "GPL", 0, NULL, 0); + } + +-static int create_prog_dummy2(int mfd, int idx) ++static int create_prog_dummy2(enum bpf_map_type prog_type, int mfd, int idx) + { + struct bpf_insn prog[] = { + BPF_MOV64_IMM(BPF_REG_3, idx), +@@ -12653,11 +12653,12 @@ static int create_prog_dummy2(int mfd, i + BPF_EXIT_INSN(), + }; + +- return bpf_load_program(BPF_PROG_TYPE_SOCKET_FILTER, prog, ++ return bpf_load_program(prog_type, prog, + ARRAY_SIZE(prog), "GPL", 0, NULL, 0); + } + +-static int create_prog_array(uint32_t max_elem, int p1key) ++static int create_prog_array(enum bpf_map_type prog_type, uint32_t max_elem, ++ int p1key) + { + int p2key = 1; + int mfd, p1fd, p2fd; +@@ -12669,8 +12670,8 @@ static int create_prog_array(uint32_t ma + return -1; + } + +- p1fd = create_prog_dummy1(); +- p2fd = create_prog_dummy2(mfd, p2key); ++ p1fd = create_prog_dummy1(prog_type); ++ p2fd = create_prog_dummy2(prog_type, mfd, p2key); + if (p1fd < 0 || p2fd < 0) + goto out; + if (bpf_map_update_elem(mfd, &p1key, &p1fd, BPF_ANY) < 0) +@@ -12725,8 +12726,8 @@ static int create_cgroup_storage(void) + + static char bpf_vlog[UINT_MAX >> 8]; + +-static void do_test_fixup(struct bpf_test *test, struct bpf_insn *prog, +- int *map_fds) ++static void do_test_fixup(struct bpf_test *test, enum bpf_map_type prog_type, ++ struct bpf_insn *prog, int *map_fds) + { + int *fixup_map1 = test->fixup_map1; + int *fixup_map2 = test->fixup_map2; +@@ -12781,7 +12782,7 @@ static void do_test_fixup(struct bpf_tes + } + + if (*fixup_prog1) { +- map_fds[4] = create_prog_array(4, 0); ++ map_fds[4] = create_prog_array(prog_type, 4, 0); + do { + prog[*fixup_prog1].imm = map_fds[4]; + fixup_prog1++; +@@ -12789,7 +12790,7 @@ static void do_test_fixup(struct bpf_tes + } + + if (*fixup_prog2) { +- map_fds[5] = create_prog_array(8, 7); ++ map_fds[5] = create_prog_array(prog_type, 8, 7); + do { + prog[*fixup_prog2].imm = map_fds[5]; + fixup_prog2++; +@@ -12855,11 +12856,13 @@ static void do_test_single(struct bpf_te + for (i = 0; i < MAX_NR_MAPS; i++) + map_fds[i] = -1; + +- do_test_fixup(test, prog, map_fds); ++ if (!prog_type) ++ prog_type = BPF_PROG_TYPE_SOCKET_FILTER; ++ do_test_fixup(test, prog_type, prog, map_fds); + prog_len = probe_filter_length(prog); + +- fd_prog = bpf_verify_program(prog_type ? : BPF_PROG_TYPE_SOCKET_FILTER, +- prog, prog_len, test->flags & F_LOAD_WITH_STRICT_ALIGNMENT, ++ fd_prog = bpf_verify_program(prog_type, prog, prog_len, ++ test->flags & F_LOAD_WITH_STRICT_ALIGNMENT, + "GPL", 0, bpf_vlog, sizeof(bpf_vlog), 1); + + expected_ret = unpriv && test->result_unpriv != UNDEF ? diff --git a/queue-4.19/series b/queue-4.19/series index badbb493958..bfeef500599 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -37,3 +37,12 @@ btrfs-fix-error-handling-in-btrfs_del_csums.patch btrfs-return-errors-from-btrfs_del_csums-in-cleanup_ref_head.patch btrfs-fixup-error-handling-in-fixup_inode_link_counts.patch mm-hugetlb-fix-simple-resv_huge_pages-underflow-on-u.patch +bpf-fix-test-suite-to-enable-all-unpriv-program-types.patch +bpf-test-make-sure-to-run-unpriv-test-cases-in-test_verifier.patch +selftests-bpf-generalize-dummy-program-types.patch +bpf-add-bpf_f_any_alignment.patch +bpf-adjust-f_needs_efficient_unaligned_access-handling-in-test_verifier.c.patch +bpf-make-more-use-of-any-alignment-in-test_verifier.c.patch +bpf-apply-f_needs_efficient_unaligned_access-to-more-accept-test-cases.patch +selftests-bpf-add-any-alignment-annotation-for-some-tests.patch +selftests-bpf-avoid-running-unprivileged-tests-with-alignment-requirements.patch -- 2.47.3