| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240829194505.402807-3-jolsa@kernel.org>
Date: Thu, 29 Aug 2024 21:45:05 +0200
From: Jiri Olsa <jolsa@...nel.org>
To: Oleg Nesterov <oleg@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Andrii Nakryiko <andrii@...nel.org>,
Tianyi Liu <i.pear@...look.com>,
Masami Hiramatsu <mhiramat@...nel.org>
Cc: bpf@...r.kernel.org,
Steven Rostedt <rostedt@...dmis.org>,
linux-kernel@...r.kernel.org,
linux-trace-kernel@...r.kernel.org
Subject: [PATCH bpf-next 2/2] selftests/bpf: Add uprobe pid filter test for multiple processes
The idea is to create and monitor 3 uprobes, each trigered in separate
process and make sure the bpf program gets executed just for the proper
PID specified via pid filter.
Signed-off-by: Jiri Olsa <jolsa@...nel.org>
---
.../bpf/prog_tests/uprobe_multi_test.c | 103 ++++++++++++++++++
.../bpf/progs/uprobe_multi_pid_filter.c | 61 +++++++++++
2 files changed, 164 insertions(+)
create mode 100644 tools/testing/selftests/bpf/progs/uprobe_multi_pid_filter.c
diff --git a/tools/testing/selftests/bpf/prog_tests/uprobe_multi_test.c b/tools/testing/selftests/bpf/prog_tests/uprobe_multi_test.c
index 250eb47c68f9..59c460675af9 100644
--- a/tools/testing/selftests/bpf/prog_tests/uprobe_multi_test.c
+++ b/tools/testing/selftests/bpf/prog_tests/uprobe_multi_test.c
@@ -7,6 +7,7 @@
#include "uprobe_multi_bench.skel.h"
#include "uprobe_multi_usdt.skel.h"
#include "uprobe_multi_consumers.skel.h"
+#include "uprobe_multi_pid_filter.skel.h"
#include "bpf/libbpf_internal.h"
#include "testing_helpers.h"
#include "../sdt.h"
@@ -935,6 +936,106 @@ static void test_consumers(void)
uprobe_multi_consumers__destroy(skel);
}
+typedef struct bpf_link *(create_link_t)(struct uprobe_multi_pid_filter *, int, int, bool);
+
+static struct bpf_program *uprobe_program(struct uprobe_multi_pid_filter *skel, int idx)
+{
+ switch (idx) {
+ case 0: return skel->progs.uprobe_0;
+ case 1: return skel->progs.uprobe_1;
+ case 2: return skel->progs.uprobe_2;
+ }
+ return NULL;
+}
+
+static struct bpf_link *create_link_uprobe(struct uprobe_multi_pid_filter *skel,
+ int idx, int pid, bool retprobe)
+{
+ LIBBPF_OPTS(bpf_uprobe_opts, opts,
+ .retprobe = retprobe,
+ .func_name = "uprobe_multi_func_1",
+ );
+
+ return bpf_program__attach_uprobe_opts(uprobe_program(skel, idx), pid,
+ "/proc/self/exe", 0, &opts);
+}
+
+static struct bpf_program *uprobe_multi_program(struct uprobe_multi_pid_filter *skel, int idx)
+{
+ switch (idx) {
+ case 0: return skel->progs.uprobe_multi_0;
+ case 1: return skel->progs.uprobe_multi_1;
+ case 2: return skel->progs.uprobe_multi_2;
+ }
+ return NULL;
+}
+
+static struct bpf_link *create_link_uprobe_multi(struct uprobe_multi_pid_filter *skel,
+ int idx, int pid, bool retprobe)
+{
+ LIBBPF_OPTS(bpf_uprobe_multi_opts, opts, .retprobe = retprobe);
+
+ return bpf_program__attach_uprobe_multi(uprobe_multi_program(skel, idx), pid,
+ "/proc/self/exe", "uprobe_multi_func_1", &opts);
+}
+
+#define TASKS 3
+
+static void run_pid_filter(struct uprobe_multi_pid_filter *skel,
+ create_link_t create_link, bool retprobe)
+{
+ struct bpf_link *link[TASKS] = {};
+ struct child child[TASKS] = {};
+ int i;
+
+ printf("%s retprobe %d\n", create_link == create_link_uprobe ? "uprobe" : "uprobe_multi",
+ retprobe);
+
+ memset(skel->bss->test, 0, sizeof(skel->bss->test));
+
+ for (i = 0; i < TASKS; i++) {
+ if (!ASSERT_OK(spawn_child(&child[i]), "spawn_child"))
+ goto cleanup;
+ skel->bss->pids[i] = child[i].pid;
+ }
+
+ for (i = 0; i < TASKS; i++) {
+ link[i] = create_link(skel, i, child[i].pid, retprobe);
+ if (!ASSERT_OK_PTR(link[i], "create_link"))
+ goto cleanup;
+ }
+
+ for (i = 0; i < TASKS; i++)
+ kick_child(&child[i]);
+
+ for (i = 0; i < TASKS; i++) {
+ ASSERT_EQ(skel->bss->test[i][0], 1, "pid");
+ ASSERT_EQ(skel->bss->test[i][1], 0, "unknown");
+ }
+
+cleanup:
+ for (i = 0; i < TASKS; i++)
+ bpf_link__destroy(link[i]);
+ for (i = 0; i < TASKS; i++)
+ release_child(&child[i]);
+}
+
+static void test_pid_filter_process(void)
+{
+ struct uprobe_multi_pid_filter *skel;
+
+ skel = uprobe_multi_pid_filter__open_and_load();
+ if (!ASSERT_OK_PTR(skel, "uprobe_multi_pid_filter__open_and_load"))
+ return;
+
+ run_pid_filter(skel, create_link_uprobe, false);
+ run_pid_filter(skel, create_link_uprobe, true);
+ run_pid_filter(skel, create_link_uprobe_multi, false);
+ run_pid_filter(skel, create_link_uprobe_multi, true);
+
+ uprobe_multi_pid_filter__destroy(skel);
+}
+
static void test_bench_attach_uprobe(void)
{
long attach_start_ns = 0, attach_end_ns = 0;
@@ -1027,4 +1128,6 @@ void test_uprobe_multi_test(void)
test_attach_uprobe_fails();
if (test__start_subtest("consumers"))
test_consumers();
+ if (test__start_subtest("filter_process"))
+ test_pid_filter_process();
}
diff --git a/tools/testing/selftests/bpf/progs/uprobe_multi_pid_filter.c b/tools/testing/selftests/bpf/progs/uprobe_multi_pid_filter.c
new file mode 100644
index 000000000000..260d46406e47
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/uprobe_multi_pid_filter.c
@@ -0,0 +1,61 @@
+// SPDX-License-Identifier: GPL-2.0
+#include "vmlinux.h"
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+
+char _license[] SEC("license") = "GPL";
+
+__u32 pids[3];
+__u32 test[3][2];
+
+static void update_pid(int idx)
+{
+ __u32 pid = bpf_get_current_pid_tgid() >> 32;
+
+ if (pid == pids[idx])
+ test[idx][0]++;
+ else
+ test[idx][1]++;
+}
+
+SEC("uprobe.multi")
+int uprobe_multi_0(struct pt_regs *ctx)
+{
+ update_pid(0);
+ return 0;
+}
+
+SEC("uprobe.multi")
+int uprobe_multi_1(struct pt_regs *ctx)
+{
+ update_pid(1);
+ return 0;
+}
+
+SEC("uprobe.multi")
+int uprobe_multi_2(struct pt_regs *ctx)
+{
+ update_pid(2);
+ return 0;
+}
+
+SEC("uprobe")
+int uprobe_0(struct pt_regs *ctx)
+{
+ update_pid(0);
+ return 0;
+}
+
+SEC("uprobe")
+int uprobe_1(struct pt_regs *ctx)
+{
+ update_pid(1);
+ return 0;
+}
+
+SEC("uprobe")
+int uprobe_2(struct pt_regs *ctx)
+{
+ update_pid(2);
+ return 0;
+}
--
2.46.0
Powered by blists - more mailing lists