A simple test that adds an xattr on a copied /bin/ls and reads it back
when the copied ls is executed.
Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx>
---
.../testing/selftests/bpf/prog_tests/xattr.c | 54 +++++++++++++++++++
tools/testing/selftests/bpf/progs/xattr.c | 37 +++++++++++++
2 files changed, 91 insertions(+)
create mode 100644 tools/testing/selftests/bpf/prog_tests/xattr.c
create mode 100644 tools/testing/selftests/bpf/progs/xattr.c
diff --git a/tools/testing/selftests/bpf/prog_tests/xattr.c b/tools/testing/selftests/bpf/prog_tests/xattr.c
new file mode 100644
index 000000000000..ef07fa8a1763
--- /dev/null
+++ b/tools/testing/selftests/bpf/prog_tests/xattr.c
@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright 2022 Google LLC.
+ */
+
+#include <test_progs.h>
+#include <sys/xattr.h>
+#include "xattr.skel.h"
+
+#define XATTR_NAME "security.bpf"
+#define XATTR_VALUE "test_progs"
+
+void test_xattr(void)
+{
+ struct xattr *skel = NULL;
+ char tmp_dir_path[] = "/tmp/xattrXXXXXX";
+ char tmp_exec_path[64];
+ char cmd[256];
+ int err;
+
+ if (CHECK_FAIL(!mkdtemp(tmp_dir_path)))
+ goto close_prog;
+
+ snprintf(tmp_exec_path, sizeof(tmp_exec_path), "%s/copy_of_ls",
+ tmp_dir_path);
+ snprintf(cmd, sizeof(cmd), "cp /bin/ls %s", tmp_exec_path);
+ if (CHECK_FAIL(system(cmd)))
+ goto close_prog_rmdir;
+
+ if (CHECK_FAIL(setxattr(tmp_exec_path, XATTR_NAME, XATTR_VALUE,
+ sizeof(XATTR_VALUE), 0)))
+ goto close_prog_rmdir;
+
+ skel = xattr__open_and_load();
+ if (!ASSERT_OK_PTR(skel, "skel_load"))
+ goto close_prog_rmdir;
+
+ err = xattr__attach(skel);
+ if (!ASSERT_OK(err, "xattr__attach failed"))
+ goto close_prog_rmdir;
+
+ snprintf(cmd, sizeof(cmd), "%s -l", tmp_exec_path);
+ if (CHECK_FAIL(system(cmd)))
+ goto close_prog_rmdir;
+
+ ASSERT_EQ(skel->bss->result, 1, "xattr result");
+
+close_prog_rmdir:
+ snprintf(cmd, sizeof(cmd), "rm -rf %s", tmp_dir_path);
+ system(cmd);
+close_prog:
+ xattr__destroy(skel);
+}
diff --git a/tools/testing/selftests/bpf/progs/xattr.c b/tools/testing/selftests/bpf/progs/xattr.c
new file mode 100644
index 000000000000..ccc078fb8ebd
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/xattr.c
@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright 2022 Google LLC.
+ */
+
+#include "vmlinux.h"
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+
+char _license[] SEC("license") = "GPL";
+
+#define XATTR_NAME "security.bpf"
+#define XATTR_VALUE "test_progs"
+
+__u64 result = 0;
+
+extern ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
+ const char *name, void *value, int size) __ksym;
+
+SEC("lsm.s/bprm_committed_creds")
+void BPF_PROG(bprm_cc, struct linux_binprm *bprm)
+{
+ struct task_struct *current = bpf_get_current_task_btf();
+ char dir_xattr_value[64] = {0};
+ int xattr_sz = 0;
+
+ xattr_sz = bpf_getxattr(bprm->file->f_path.dentry,
+ bprm->file->f_path.dentry->d_inode, XATTR_NAME,
+ dir_xattr_value, 64);
+
+ if (xattr_sz <= 0)
+ return;
+
+ if (!bpf_strncmp(dir_xattr_value, sizeof(XATTR_VALUE), XATTR_VALUE))
+ result = 1;
+}
--
2.37.0.rc0.161.g10f37bed90-goog
