git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Leon Hwang <leon.hwang@linux.dev>
	Tue, 31 Mar 2026 14:53:53 +0000 (22:53 +0800)
committer	Alexei Starovoitov <ast@kernel.org>
	Thu, 2 Apr 2026 16:29:49 +0000 (09:29 -0700)
commit	da77f3a9aa55575cdc74aa5736f31ce6b4091cf7
tree	7e9a61b4b79417a7ed507c9b3f905010604b544e	tree \| snapshot
parent	611fe4b79af72d00d80f2223354284447daafae9	commit \| diff

selftests/bpf: Add test to verify the fix of kprobe_write_ctx abuse

Add a test to verify the issue: kprobe_write_ctx can be abused to modify
struct pt_regs of kernel functions via kprobe_write_ctx=true freplace
progs.

Without the fix, the issue is verified:

kprobe_write_ctx=true freplace prog is allowed to attach to
kprobe_write_ctx=false kprobe prog. Then, the first arg of
bpf_fentry_test1 will be set as 0, and bpf_prog_test_run_opts() gets
-EFAULT instead of 0.

With the fix, the issue is rejected at attach time.

Acked-by: Jiri Olsa <jolsa@kernel.org>
Signed-off-by: Leon Hwang <leon.hwang@linux.dev>
Link: https://lore.kernel.org/r/20260331145353.87606-3-leon.hwang@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

tools/testing/selftests/bpf/prog_tests/attach_probe.c		diff \| blob \| blame \| history
tools/testing/selftests/bpf/progs/kprobe_write_ctx.c		diff \| blob \| blame \| history