On Fri, Sep 6, 2024 at 6:56 AM Daniel Borkmann <daniel@xxxxxxxxxxxxx> wrote:
>
> The assumption of 'in privileged mode reads from uninitialized stack locations
> are permitted' is not quite correct since the verifier was probing for read
> access rather than write access. Both tests need to be annotated as __success
> for privileged and unprivileged.
>
> Signed-off-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
> ---
> tools/testing/selftests/bpf/progs/verifier_int_ptr.c | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
Acked-by: Andrii Nakryiko <andrii@xxxxxxxxxx>
> diff --git a/tools/testing/selftests/bpf/progs/verifier_int_ptr.c b/tools/testing/selftests/bpf/progs/verifier_int_ptr.c
> index 9fc3fae5cd83..87206803c025 100644
> --- a/tools/testing/selftests/bpf/progs/verifier_int_ptr.c
> +++ b/tools/testing/selftests/bpf/progs/verifier_int_ptr.c
> @@ -8,7 +8,6 @@
> SEC("socket")
> __description("ARG_PTR_TO_LONG uninitialized")
> __success
> -__failure_unpriv __msg_unpriv("invalid indirect read from stack R4 off -16+0 size 8")
> __naked void arg_ptr_to_long_uninitialized(void)
> {
> asm volatile (" \
> @@ -36,9 +35,7 @@ __naked void arg_ptr_to_long_uninitialized(void)
>
> SEC("socket")
> __description("ARG_PTR_TO_LONG half-uninitialized")
> -/* in privileged mode reads from uninitialized stack locations are permitted */
> -__success __failure_unpriv
> -__msg_unpriv("invalid indirect read from stack R4 off -16+4 size 8")
> +__success
> __retval(0)
> __naked void ptr_to_long_half_uninitialized(void)
> {
> --
> 2.43.0
>
