| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Sep 2023 12:25:15 +0000
From: Luis Gerhorst <gerhorst@...zon.de>
To: <alexei.starovoitov@...il.com>
CC: <andrii@...nel.org>, <ast@...nel.org>, <bpf@...r.kernel.org>,
<daniel@...earbox.net>, <haoluo@...gle.com>,
<john.fastabend@...il.com>, <jolsa@...nel.org>,
<kpsingh@...nel.org>, <laoar.shao@...il.com>,
<martin.lau@...ux.dev>, <sdf@...gle.com>, <song@...nel.org>,
<yonghong.song@...ux.dev>, <mykolal@...com>, <shuah@...nel.org>,
<gerhorst@...zon.de>, <iii@...ux.ibm.com>,
<linux-kselftest@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
Luis Gerhorst <gerhorst@...fau.de>
Subject: [PATCH 1/3] Revert "selftests/bpf: Add selftest for allow_ptr_leaks"
This reverts commit 0072e3624b463636c842ad8e261f1dc91deb8c78.
The test tests behavior which can not be permitted because of Spectre
v1. See the following commit
Revert "bpf: Fix issue in verifying allow_ptr_leaks"
which reverts commit d75e30dddf73449bc2d10bb8e2f1a2c446bc67a2 for a
detailed description of the issue.
Reported-by: Daniel Borkmann <daniel@...earbox.net>
Signed-off-by: Luis Gerhorst <gerhorst@...zon.de>
Signed-off-by: Luis Gerhorst <gerhorst@...fau.de>
---
.../testing/selftests/bpf/prog_tests/tc_bpf.c | 36 +------------------
.../testing/selftests/bpf/progs/test_tc_bpf.c | 13 -------
2 files changed, 1 insertion(+), 48 deletions(-)
diff --git a/tools/testing/selftests/bpf/prog_tests/tc_bpf.c b/tools/testing/selftests/bpf/prog_tests/tc_bpf.c
index 48b55539331e..e873766276d1 100644
--- a/tools/testing/selftests/bpf/prog_tests/tc_bpf.c
+++ b/tools/testing/selftests/bpf/prog_tests/tc_bpf.c
@@ -3,7 +3,6 @@
#include <test_progs.h>
#include <linux/pkt_cls.h>
-#include "cap_helpers.h"
#include "test_tc_bpf.skel.h"
#define LO_IFINDEX 1
@@ -328,7 +327,7 @@ static int test_tc_bpf_api(struct bpf_tc_hook *hook, int fd)
return 0;
}
-void tc_bpf_root(void)
+void test_tc_bpf(void)
{
DECLARE_LIBBPF_OPTS(bpf_tc_hook, hook, .ifindex = LO_IFINDEX,
.attach_point = BPF_TC_INGRESS);
@@ -394,36 +393,3 @@ void tc_bpf_root(void)
}
test_tc_bpf__destroy(skel);
}
-
-void tc_bpf_non_root(void)
-{
- struct test_tc_bpf *skel = NULL;
- __u64 caps = 0;
- int ret;
-
- /* In case CAP_BPF and CAP_PERFMON is not set */
- ret = cap_enable_effective(1ULL << CAP_BPF | 1ULL << CAP_NET_ADMIN, &caps);
- if (!ASSERT_OK(ret, "set_cap_bpf_cap_net_admin"))
- return;
- ret = cap_disable_effective(1ULL << CAP_SYS_ADMIN | 1ULL << CAP_PERFMON, NULL);
- if (!ASSERT_OK(ret, "disable_cap_sys_admin"))
- goto restore_cap;
-
- skel = test_tc_bpf__open_and_load();
- if (!ASSERT_OK_PTR(skel, "test_tc_bpf__open_and_load"))
- goto restore_cap;
-
- test_tc_bpf__destroy(skel);
-
-restore_cap:
- if (caps)
- cap_enable_effective(caps, NULL);
-}
-
-void test_tc_bpf(void)
-{
- if (test__start_subtest("tc_bpf_root"))
- tc_bpf_root();
- if (test__start_subtest("tc_bpf_non_root"))
- tc_bpf_non_root();
-}
diff --git a/tools/testing/selftests/bpf/progs/test_tc_bpf.c b/tools/testing/selftests/bpf/progs/test_tc_bpf.c
index ef7da419632a..d28ca8d1f3d0 100644
--- a/tools/testing/selftests/bpf/progs/test_tc_bpf.c
+++ b/tools/testing/selftests/bpf/progs/test_tc_bpf.c
@@ -2,8 +2,6 @@
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>
-#include <linux/if_ether.h>
-#include <linux/ip.h>
/* Dummy prog to test TC-BPF API */
@@ -12,14 +10,3 @@ int cls(struct __sk_buff *skb)
{
return 0;
}
-
-/* Prog to verify tc-bpf without cap_sys_admin and cap_perfmon */
-SEC("tcx/ingress")
-int pkt_ptr(struct __sk_buff *skb)
-{
- struct iphdr *iph = (void *)(long)skb->data + sizeof(struct ethhdr);
-
- if ((long)(iph + 1) > (long)skb->data_end)
- return 1;
- return 0;
-}
--
2.40.1
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
Powered by blists - more mailing lists