Re: [PATCH bpf-next v4 2/2] selftests/bpf: check whether s32 is sufficient for kfunc offset

[Yonghong Song <yhs@xxxxxx>]

On 2/5/22 8:31 PM, Hou Tao wrote:
> In add_kfunc_call(), bpf_kfunc_desc->imm with type s32 is used to
> represent the offset of called kfunc from __bpf_call_base, so
> add a test to ensure that the offset will not be overflowed.
>
> Signed-off-by: Hou Tao <houtao1@xxxxxxxxxx>
> ---
>   .../selftests/bpf/prog_tests/ksyms_module.c   | 42 +++++++++++++++++++
>   1 file changed, 42 insertions(+)
>
> diff --git a/tools/testing/selftests/bpf/prog_tests/ksyms_module.c b/tools/testing/selftests/bpf/prog_tests/ksyms_module.c
> index a1ebac70ec29..8055fbbf720b 100644
> --- a/tools/testing/selftests/bpf/prog_tests/ksyms_module.c
> +++ b/tools/testing/selftests/bpf/prog_tests/ksyms_module.c
> @@ -3,9 +3,49 @@
>   
>   #include <test_progs.h>
>   #include <network_helpers.h>
> +#include <trace_helpers.h>
>   #include "test_ksyms_module.lskel.h"
>   #include "test_ksyms_module.skel.h"
>   
> +/*
> + * Check whether or not s32 in bpf_kfunc_desc is sufficient
> + * to represent the offset between bpf_testmod_test_mod_kfunc
> + * and __bpf_call_base.
> + */
> +static void test_ksyms_module_valid_offset(void)
> +{
> +	struct test_ksyms_module *skel;
> +	unsigned long long kfunc_addr;
> +	unsigned long long base_addr;
> +	long long actual_offset;
> +	int used_offset;
> +	int err;
> +
> +	if (!env.has_testmod) {
> +		test__skip();
> +		return;
> +	}
> +
> +	/* Ensure kfunc call is supported */
> +	skel = test_ksyms_module__open_and_load();
> +	if (!ASSERT_OK_PTR(skel, "test_ksyms_module__open"))
> +		return;
> +
> +	err = kallsyms_find("bpf_testmod_test_mod_kfunc", &kfunc_addr);
> +	if (!ASSERT_OK(err, "find kfunc addr"))
> +		goto cleanup;
> +
> +	err = kallsyms_find("__bpf_call_base", &base_addr);
> +	if (!ASSERT_OK(err, "find base addr"))
> +		goto cleanup;
> +
> +	used_offset = kfunc_addr - base_addr;
> +	actual_offset = kfunc_addr - base_addr;
> +	ASSERT_EQ((long long)used_offset, actual_offset, "kfunc offset overflowed");

I am a little bit confused about motivation here. Maybe I missed 
something. If we indeed have kfunc offset overflow,
should kernel verifier just reject the program? Specially,
we should make the above test_ksyms_module__open_and_load()
fail?

> +cleanup:
> +	test_ksyms_module__destroy(skel);
> +}
> +
>   static void test_ksyms_module_lskel(void)
>   {
>   	struct test_ksyms_module_lskel *skel;
> @@ -62,6 +102,8 @@ static void test_ksyms_module_libbpf(void)
>   
>   void test_ksyms_module(void)
>   {
> +	if (test__start_subtest("valid_offset"))
> +		test_ksyms_module_valid_offset();
>   	if (test__start_subtest("lskel"))
>   		test_ksyms_module_lskel();
>   	if (test__start_subtest("libbpf"))