| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220621163757.760304-5-roberto.sassu@huawei.com>
Date: Tue, 21 Jun 2022 18:37:56 +0200
From: Roberto Sassu <roberto.sassu@...wei.com>
To: <ast@...nel.org>, <daniel@...earbox.net>, <andrii@...nel.org>,
<kpsingh@...nel.org>, <john.fastabend@...il.com>,
<songliubraving@...com>, <kafai@...com>, <yhs@...com>
CC: <dhowells@...hat.com>, <keyrings@...r.kernel.org>,
<bpf@...r.kernel.org>, <netdev@...r.kernel.org>,
<linux-kselftest@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
Roberto Sassu <roberto.sassu@...wei.com>
Subject: [PATCH v5 4/5] selftests/bpf: Add test for unreleased key references
Ensure that the verifier detects the attempt of acquiring a reference of a
key through the helper bpf_lookup_user_key(), without releasing that
reference with bpf_key_put(), and refuses to load the program.
Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com>
---
.../prog_tests/lookup_user_key_norelease.c | 52 +++++++++++++++++++
.../progs/test_lookup_user_key_norelease.c | 24 +++++++++
2 files changed, 76 insertions(+)
create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c
create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c
diff --git a/tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c b/tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c
new file mode 100644
index 000000000000..6753c4f591e3
--- /dev/null
+++ b/tools/testing/selftests/bpf/prog_tests/lookup_user_key_norelease.c
@@ -0,0 +1,52 @@
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright (C) 2022 Huawei Technologies Duesseldorf GmbH
+ *
+ * Author: Roberto Sassu <roberto.sassu@...wei.com>
+ */
+
+#include <test_progs.h>
+
+#include "test_lookup_user_key_norelease.skel.h"
+
+#define LOG_BUF_SIZE 16384
+
+void test_lookup_user_key_norelease(void)
+{
+ char *buf = NULL, *result;
+ struct test_lookup_user_key_norelease *skel = NULL;
+ int ret;
+
+ LIBBPF_OPTS(bpf_object_open_opts, opts);
+
+ buf = malloc(LOG_BUF_SIZE);
+ if (!ASSERT_OK_PTR(buf, "malloc"))
+ goto close_prog;
+
+ opts.kernel_log_buf = buf;
+ opts.kernel_log_size = LOG_BUF_SIZE;
+ opts.kernel_log_level = 1;
+
+ skel = test_lookup_user_key_norelease__open_opts(&opts);
+ if (!ASSERT_OK_PTR(skel, "test_lookup_user_key_norelease__open_opts"))
+ goto close_prog;
+
+ ret = test_lookup_user_key_norelease__load(skel);
+ if (!ASSERT_LT(ret, 0, "test_lookup_user_key_norelease__load\n"))
+ goto close_prog;
+
+ if (strstr(buf, "unknown func bpf_lookup_user_key")) {
+ printf("%s:SKIP:bpf_lookup_user_key() helper not supported\n",
+ __func__);
+ test__skip();
+ goto close_prog;
+ }
+
+ result = strstr(buf, "Unreleased reference");
+ ASSERT_OK_PTR(result, "Error message not found");
+
+close_prog:
+ free(buf);
+ test_lookup_user_key_norelease__destroy(skel);
+}
diff --git a/tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c b/tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c
new file mode 100644
index 000000000000..cfe474c77886
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/test_lookup_user_key_norelease.c
@@ -0,0 +1,24 @@
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright (C) 2022 Huawei Technologies Duesseldorf GmbH
+ *
+ * Author: Roberto Sassu <roberto.sassu@...wei.com>
+ */
+
+#include <errno.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <linux/bpf.h>
+#include <linux/keyctl.h>
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+
+char _license[] SEC("license") = "GPL";
+
+SEC("lsm.s/bpf")
+int BPF_PROG(bpf, int cmd, union bpf_attr *attr, unsigned int size)
+{
+ bpf_lookup_user_key(KEY_SPEC_SESSION_KEYRING, 0);
+ return 0;
+}
--
2.25.1
Powered by blists - more mailing lists