tools/testing/selftests/bpf/progs/lsm.c at master

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / tools / testing / selftests / bpf / progs / lsm.c
at master 183 lines 4.1 kB view raw
wrap content
  1// SPDX-License-Identifier: GPL-2.0
  2
  3/*
  4 * Copyright 2020 Google LLC.
  5 */
  6
  7#include "vmlinux.h"
  8#include <errno.h>
  9#include <bpf/bpf_core_read.h>
 10#include <bpf/bpf_helpers.h>
 11#include <bpf/bpf_tracing.h>
 12#include "bpf_misc.h"
 13
 14struct {
 15	__uint(type, BPF_MAP_TYPE_ARRAY);
 16	__uint(max_entries, 1);
 17	__type(key, __u32);
 18	__type(value, __u64);
 19} array SEC(".maps");
 20
 21struct {
 22	__uint(type, BPF_MAP_TYPE_HASH);
 23	__uint(max_entries, 1);
 24	__type(key, __u32);
 25	__type(value, __u64);
 26} hash SEC(".maps");
 27
 28struct {
 29	__uint(type, BPF_MAP_TYPE_LRU_HASH);
 30	__uint(max_entries, 1);
 31	__type(key, __u32);
 32	__type(value, __u64);
 33} lru_hash SEC(".maps");
 34
 35struct {
 36	__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
 37	__uint(max_entries, 1);
 38	__type(key, __u32);
 39	__type(value, __u64);
 40} percpu_array SEC(".maps");
 41
 42struct {
 43	__uint(type, BPF_MAP_TYPE_PERCPU_HASH);
 44	__uint(max_entries, 1);
 45	__type(key, __u32);
 46	__type(value, __u64);
 47} percpu_hash SEC(".maps");
 48
 49struct {
 50	__uint(type, BPF_MAP_TYPE_LRU_PERCPU_HASH);
 51	__uint(max_entries, 1);
 52	__type(key, __u32);
 53	__type(value, __u64);
 54} lru_percpu_hash SEC(".maps");
 55
 56struct inner_map {
 57	__uint(type, BPF_MAP_TYPE_ARRAY);
 58	__uint(max_entries, 1);
 59	__type(key, int);
 60	__type(value, __u64);
 61} inner_map SEC(".maps");
 62
 63struct outer_arr {
 64	__uint(type, BPF_MAP_TYPE_ARRAY_OF_MAPS);
 65	__uint(max_entries, 1);
 66	__uint(key_size, sizeof(int));
 67	__uint(value_size, sizeof(int));
 68	__array(values, struct inner_map);
 69} outer_arr SEC(".maps") = {
 70	.values = { [0] = &inner_map },
 71};
 72
 73struct outer_hash {
 74	__uint(type, BPF_MAP_TYPE_HASH_OF_MAPS);
 75	__uint(max_entries, 1);
 76	__uint(key_size, sizeof(int));
 77	__array(values, struct inner_map);
 78} outer_hash SEC(".maps") = {
 79	.values = { [0] = &inner_map },
 80};
 81
 82char _license[] SEC("license") = "GPL";
 83
 84int monitored_pid = 0;
 85int mprotect_count = 0;
 86int bprm_count = 0;
 87
 88SEC("lsm/file_mprotect")
 89int BPF_PROG(test_int_hook, struct vm_area_struct *vma,
 90	     unsigned long reqprot, unsigned long prot, int ret)
 91{
 92	struct mm_struct *mm = vma->vm_mm;
 93
 94	if (ret != 0 || !mm)
 95		return ret;
 96
 97	__s32 pid = bpf_get_current_pid_tgid() >> 32;
 98	int is_stack = 0;
 99
100	is_stack = (vma->vm_start <= mm->start_stack &&
101		    vma->vm_end >= mm->start_stack);
102
103	if (is_stack && monitored_pid == pid) {
104		mprotect_count++;
105		ret = -EPERM;
106	}
107
108	return ret;
109}
110
111SEC("lsm.s/bprm_committed_creds")
112int BPF_PROG(test_void_hook, struct linux_binprm *bprm)
113{
114	__u32 pid = bpf_get_current_pid_tgid() >> 32;
115	struct inner_map *inner_map;
116	char args[64];
117	__u32 key = 0;
118	__u64 *value;
119
120	if (monitored_pid == pid)
121		bprm_count++;
122
123	bpf_copy_from_user(args, sizeof(args), (void *)bprm->vma->vm_mm->arg_start);
124	bpf_copy_from_user(args, sizeof(args), (void *)bprm->mm->arg_start);
125
126	value = bpf_map_lookup_elem(&array, &key);
127	if (value)
128		*value = 0;
129	value = bpf_map_lookup_elem(&hash, &key);
130	if (value)
131		*value = 0;
132	value = bpf_map_lookup_elem(&lru_hash, &key);
133	if (value)
134		*value = 0;
135	value = bpf_map_lookup_elem(&percpu_array, &key);
136	if (value)
137		*value = 0;
138	value = bpf_map_lookup_elem(&percpu_hash, &key);
139	if (value)
140		*value = 0;
141	value = bpf_map_lookup_elem(&lru_percpu_hash, &key);
142	if (value)
143		*value = 0;
144	inner_map = bpf_map_lookup_elem(&outer_arr, &key);
145	if (inner_map) {
146		value = bpf_map_lookup_elem(inner_map, &key);
147		if (value)
148			*value = 0;
149	}
150	inner_map = bpf_map_lookup_elem(&outer_hash, &key);
151	if (inner_map) {
152		value = bpf_map_lookup_elem(inner_map, &key);
153		if (value)
154			*value = 0;
155	}
156
157	return 0;
158}
159SEC("lsm/task_free") /* lsm/ is ok, lsm.s/ fails */
160int BPF_PROG(test_task_free, struct task_struct *task)
161{
162	return 0;
163}
164
165int copy_test = 0;
166
167SEC("fentry.s/" SYS_PREFIX "sys_setdomainname")
168int BPF_PROG(test_sys_setdomainname, struct pt_regs *regs)
169{
170	void *ptr = (void *)PT_REGS_PARM1_SYSCALL(regs);
171	int len = PT_REGS_PARM2_SYSCALL(regs);
172	int buf = 0;
173	long ret;
174
175	ret = bpf_copy_from_user(&buf, sizeof(buf), ptr);
176	if (len == -2 && ret == 0 && buf == 1234)
177		copy_test++;
178	if (len == -3 && ret == -EFAULT)
179		copy_test++;
180	if (len == -4 && ret == -EFAULT)
181		copy_test++;
182	return 0;
183}
Configure Feed

Configure Feed
