On Mon, 21 Oct 2024 at 17:28, Daniel Borkmann <daniel@xxxxxxxxxxxxx> wrote: > > Add a small test to write a (verification-time) fixed vs unknown but > bounded-sized buffer into .rodata BPF map and assert that both get > rejected. > > # ./vmtest.sh -- ./test_progs -t verifier_const > [...] > ./test_progs -t verifier_const > [ 1.418717] tsc: Refined TSC clocksource calibration: 3407.994 MHz > [ 1.419113] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x311fcde90a1, max_idle_ns: 440795222066 ns > [ 1.419972] clocksource: Switched to clocksource tsc > [ 1.449596] bpf_testmod: loading out-of-tree module taints kernel. > [ 1.449958] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel > #475/1 verifier_const/rodata/strtol: write rejected:OK > #475/2 verifier_const/bss/strtol: write accepted:OK > #475/3 verifier_const/data/strtol: write accepted:OK > #475/4 verifier_const/rodata/mtu: write rejected:OK > #475/5 verifier_const/bss/mtu: write accepted:OK > #475/6 verifier_const/data/mtu: write accepted:OK > #475/7 verifier_const/rodata/mark: write with unknown reg rejected:OK > #475/8 verifier_const/rodata/mark: write with unknown reg rejected:OK > #475 verifier_const:OK > #476/1 verifier_const_or/constant register |= constant should keep constant type:OK > #476/2 verifier_const_or/constant register |= constant should not bypass stack boundary checks:OK > #476/3 verifier_const_or/constant register |= constant register should keep constant type:OK > #476/4 verifier_const_or/constant register |= constant register should not bypass stack boundary checks:OK > #476 verifier_const_or:OK > Summary: 2/12 PASSED, 0 SKIPPED, 0 FAILED > > Signed-off-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx> > --- Acked-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
