selftests/bpf: Verifier test on refill from a smaller spill

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This patch adds a verifier test to ensure the verifier can read 8 bytes
from the stack after two 32bit write at fp-4 and fp-8. The test is similar
to the reported case from bcc [0].

[0] https://github.com/iovisor/bcc/pull/3683

Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/bpf/20211102064541.316414-1-kafai@fb.com

authored by

Martin KaFai Lau and committed by

Daniel Borkmann 4 years ago c08455de f30d4968

+17

1 changed file

expand all

tools

testing

selftests

bpf

verifier

spill_fill.c

+17

tools/testing/selftests/bpf/verifier/spill_fill.c

··· 265 265 .result = ACCEPT, 266 266 .prog_type = BPF_PROG_TYPE_SCHED_CLS, 267 267 }, 268 + { 269 + "Spill a u32 scalar at fp-4 and then at fp-8", 270 + .insns = { 271 + /* r4 = 4321 */ 272 + BPF_MOV32_IMM(BPF_REG_4, 4321), 273 + /* *(u32 *)(r10 -4) = r4 */ 274 + BPF_STX_MEM(BPF_W, BPF_REG_10, BPF_REG_4, -4), 275 + /* *(u32 *)(r10 -8) = r4 */ 276 + BPF_STX_MEM(BPF_W, BPF_REG_10, BPF_REG_4, -8), 277 + /* r4 = *(u64 *)(r10 -8) */ 278 + BPF_LDX_MEM(BPF_DW, BPF_REG_4, BPF_REG_10, -8), 279 + BPF_MOV64_IMM(BPF_REG_0, 0), 280 + BPF_EXIT_INSN(), 281 + }, 282 + .result = ACCEPT, 283 + .prog_type = BPF_PROG_TYPE_SCHED_CLS, 284 + },