On Mon, Dec 2, 2024 at 12:38 AM Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx> wrote: > > Ensure that when CAP_PERFMON is dropped, and the verifier sees > allow_ptr_leaks as false, we are not permitted to read from a > STACK_INVALID slot. Without the fix, the test will report unexpected > success in loading. > > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx> > --- > .../selftests/bpf/progs/verifier_spill_fill.c | 17 +++++++++++++++++ > 1 file changed, 17 insertions(+) > > diff --git a/tools/testing/selftests/bpf/progs/verifier_spill_fill.c b/tools/testing/selftests/bpf/progs/verifier_spill_fill.c > index 671d9f415dbf..f5cd21326811 100644 > --- a/tools/testing/selftests/bpf/progs/verifier_spill_fill.c > +++ b/tools/testing/selftests/bpf/progs/verifier_spill_fill.c > @@ -1244,4 +1244,21 @@ __naked void old_stack_misc_vs_cur_ctx_ptr(void) > : __clobber_all); > } > > +SEC("tc") > +__description("stack_noperfmon: reject read of invalid slots") > +__success __failure_unpriv __msg_unpriv("invalid read from stack off -8+1 size 8") > +__caps_unpriv(CAP_BPF) same styling nit about __success staying on a separate line I'd actually do it this way to make it a bit more explicit that we have custom unpriv caps: __success __caps_unpriv(CAP_BPF) __failure_unpriv __msg_unpriv("...") but it's minor > +__naked void stack_noperfmon_reject_invalid_read(void) > +{ > + asm volatile (" \ > + r2 = 1; \ > + r6 = r10; \ > + r6 += -8; \ > + *(u8 *)(r6 + 0) = r2; \ > + r2 = *(u64 *)(r6 + 0); \ > + r0 = 0; \ > + exit; \ > +" ::: __clobber_all); > +} > + > char _license[] SEC("license") = "GPL"; > -- > 2.43.5 >