Re: [PATCH bpf-next 4/5] selftests/bpf: add a selftest with __user tag

Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> · Sun, 19 Dec 2021 17:51:10 -0800

On Thu, Dec 09, 2021 at 09:35:59AM -0800, Yonghong Song wrote:
> Added a selftest with two __user usages: a __user pointer-type argument
> and a __user pointer-type struct member. In both cases,
> directly accessing the user memory will result verification failure.
...
> diff --git a/tools/testing/selftests/bpf/progs/btf_type_tag_user.c b/tools/testing/selftests/bpf/progs/btf_type_tag_user.c
> new file mode 100644
> index 000000000000..e149854f42dd
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/progs/btf_type_tag_user.c
> @@ -0,0 +1,29 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/* Copyright (c) 2021 Facebook */
> +#include "vmlinux.h"
> +#include <bpf/bpf_helpers.h>
> +#include <bpf/bpf_tracing.h>
> +
> +struct bpf_testmod_btf_type_tag_1 {
> +	int a;
> +};
> +
> +struct bpf_testmod_btf_type_tag_2 {
> +	struct bpf_testmod_btf_type_tag_1 *p;
> +};
> +
> +int g;
> +
> +SEC("fentry/bpf_testmod_test_btf_type_tag_user_1")
> +int BPF_PROG(test_user1, struct bpf_testmod_btf_type_tag_1 *arg)
> +{
> +	g = arg->a;
> +	return 0;
> +}
> +
> +SEC("fentry/bpf_testmod_test_btf_type_tag_user_2")
> +int BPF_PROG(test_user2, struct bpf_testmod_btf_type_tag_2 *arg)
> +{
> +	g = arg->p->a;
> +	return 0;
> +}

This is a targeted synthetic test. Great, but can you add one
that probes real kernel function like:
getsockname(int fd, struct sockaddr __user *usockaddr
or
getpeername(int fd, struct sockaddr __user *usockaddr
and the bpf prog tries to deref usockaddr ?