A simple test that adds an xattr on a copied /bin/ls and reads it back when the copied ls is executed. Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx> --- .../testing/selftests/bpf/prog_tests/xattr.c | 58 +++++++++++++++++++ tools/testing/selftests/bpf/progs/xattr.c | 37 ++++++++++++ 2 files changed, 95 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/xattr.c create mode 100644 tools/testing/selftests/bpf/progs/xattr.c diff --git a/tools/testing/selftests/bpf/prog_tests/xattr.c b/tools/testing/selftests/bpf/prog_tests/xattr.c new file mode 100644 index 000000000000..442b6c1aed0e --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/xattr.c @@ -0,0 +1,58 @@ +// SPDX-License-Identifier: GPL-2.0 + +/* + * Copyright 2022 Google LLC. + */ + +#include <test_progs.h> +#include <sys/xattr.h> +#include "xattr.skel.h" + +#define XATTR_NAME "security.bpf" +#define XATTR_VALUE "test_progs" + +static unsigned int duration; + +void test_xattr(void) +{ + struct xattr *skel = NULL; + char tmp_dir_path[] = "/tmp/xattrXXXXXX"; + char tmp_exec_path[64]; + char cmd[256]; + int err; + + if (CHECK(!mkdtemp(tmp_dir_path), "mkdtemp", + "unable to create tmpdir: %d\n", errno)) + goto close_prog; + + snprintf(tmp_exec_path, sizeof(tmp_exec_path), "%s/copy_of_ls", + tmp_dir_path); + snprintf(cmd, sizeof(cmd), "cp /bin/ls %s", tmp_exec_path); + if (CHECK_FAIL(system(cmd))) + goto close_prog_rmdir; + + if (CHECK(setxattr(tmp_exec_path, XATTR_NAME, XATTR_VALUE, + sizeof(XATTR_VALUE), 0), + "setxattr", "unable to setxattr: %d", errno)) + goto close_prog_rmdir; + + skel = xattr__open_and_load(); + if (!ASSERT_OK_PTR(skel, "skel_load")) + goto close_prog_rmdir; + + err = xattr__attach(skel); + if (!ASSERT_OK(err, "xattr__attach failed")) + goto close_prog_rmdir; + + snprintf(cmd, sizeof(cmd), "%s -l", tmp_exec_path); + if (CHECK_FAIL(system(cmd))) + goto close_prog_rmdir; + + ASSERT_EQ(skel->bss->result, 1, "xattr result"); + +close_prog_rmdir: + snprintf(cmd, sizeof(cmd), "rm -rf %s", tmp_dir_path); + system(cmd); +close_prog: + xattr__destroy(skel); +} diff --git a/tools/testing/selftests/bpf/progs/xattr.c b/tools/testing/selftests/bpf/progs/xattr.c new file mode 100644 index 000000000000..ccc078fb8ebd --- /dev/null +++ b/tools/testing/selftests/bpf/progs/xattr.c @@ -0,0 +1,37 @@ +// SPDX-License-Identifier: GPL-2.0 + +/* + * Copyright 2022 Google LLC. + */ + +#include "vmlinux.h" +#include <bpf/bpf_helpers.h> +#include <bpf/bpf_tracing.h> + +char _license[] SEC("license") = "GPL"; + +#define XATTR_NAME "security.bpf" +#define XATTR_VALUE "test_progs" + +__u64 result = 0; + +extern ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *value, int size) __ksym; + +SEC("lsm.s/bprm_committed_creds") +void BPF_PROG(bprm_cc, struct linux_binprm *bprm) +{ + struct task_struct *current = bpf_get_current_task_btf(); + char dir_xattr_value[64] = {0}; + int xattr_sz = 0; + + xattr_sz = bpf_getxattr(bprm->file->f_path.dentry, + bprm->file->f_path.dentry->d_inode, XATTR_NAME, + dir_xattr_value, 64); + + if (xattr_sz <= 0) + return; + + if (!bpf_strncmp(dir_xattr_value, sizeof(XATTR_VALUE), XATTR_VALUE)) + result = 1; +} -- 2.37.0.rc0.104.g0611611a94-goog