From nobody Fri Dec 19 20:10:16 2025 Received: from mail-yx1-f41.google.com (mail-yx1-f41.google.com [74.125.224.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5F6102FFFAB for ; Thu, 4 Dec 2025 07:47:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.125.224.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764834438; cv=none; b=UO6kU9E2KE9oNeVEuo3c81FdnOZyLTA2Dn/6d7xVrQghu+XksfS9HB3WxiCCloKtyTMBkss6+AJKxg1rKqvj7Gsi4ogcuRvBglnCOSKry27g0BDaB+QeZuJTCQkZMGNVW3ulUQ6ox5Ie3dwLVLSulU6Fyquz3BH2x5m9glrqjBk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764834438; c=relaxed/simple; bh=qdhWcqd9hT93rtUBAlBAvb3lgGVFKACqYB4PFwedTe4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=GwlaAfGTBYnLi3AMkL3qJB47RGvfUs/DmICeN28pt2MjpI6bDTLJZA/Q5FzaHFvwNaA6eR0tQxNbnGla0r8ibrQyHXaQqgVAKLkmRWgRbUvYg5pbASNbrgJIsCQtKAITFL8aZp/c6ccx2KnQ8GB8Umkq9NmNeRrz76YV1nh+V78= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=W7dSRs1t; arc=none smtp.client-ip=74.125.224.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="W7dSRs1t" Received: by mail-yx1-f41.google.com with SMTP id 956f58d0204a3-63f97ab5cfcso458352d50.0 for ; Wed, 03 Dec 2025 23:47:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1764834435; x=1765439235; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=gIKIbTcJdT1eJhgdOyO7DT2bXa3Lo/jwod4ftd3kt6E=; b=W7dSRs1teUFKL6dJVz8GhSZuMsoI1xlV46siXhpcARXWRoubEmIEXdyhg5ggSbje+b lzSdTrYNkFOcxDJlEGNWjyZrRaQtsM4KmdyRpOW2pheoJcCKG/A2E59biy46CULBL/tW tN+0+h9KuFATru5N2suLpJQsyAYeGuzRjUPoFLrvCVry0E3kMRUk4cT6AS7DpyL5CvMA 9RtTAUXFNHJ/8/WKZeicwAVd9+I9D2PCxmqTKj1+/s2HZt8p+r+qvCySkdrH39MiCCZN 5T0i5ybKV73D32dA0Scb3W+49EaEOW6WM43675FJR/spdtz4drDsXJPVOKK7+dFIckIK ktsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764834435; x=1765439235; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=gIKIbTcJdT1eJhgdOyO7DT2bXa3Lo/jwod4ftd3kt6E=; b=oGboz2Iz+9c0edjZe2EJgQi5s5qMxXAEYMC02pIs7BIj1u2eZB52kJpBM60fCcP9ht DlGpQbWiAztQ+SREHf4O2fHrU9LrzxRw/JACB7BOtpZwVv4H04/PQTYW4yGcLk6WrlND rNANV3J89gzcObD0Gj+2zxNcZ9Eck3rN9cIaqtcYbTcOSsX9t1OjeQ67MgkWXnB0lEWD PU/edPTDxR35Eugc3UU3orb+FmRb5Uw7fQgZFnHgcoCUtSCzeDTQtgsQQD1QN4j7ZWTJ P5mlaknBbwbdx5Cm8Z6okWmc/sYl+vNCbgrcN1D2dW+gdz+gkDAoY62NGKsEDM+FSmlO 0mbw== X-Forwarded-Encrypted: i=1; AJvYcCXD+fxC7Y+FXWfi2/oXFu3xAlsgYJY04F0HQ1vEowevvDqejcIidKWmH0sDY3Iad5tzyDyaZiT+TPyqrJg=@vger.kernel.org X-Gm-Message-State: AOJu0YyEd0mTdgIvLOkskUL9rRzmQf/t36j4/xrskHtHtooTzdoxWm0O krcEul9Jtv7TPuqhdm3U6y7S02yzRLjx48/xCmcxPU6yHNSYsUryzXff X-Gm-Gg: ASbGncucXYIl6z8l7jgsGb/c88pt6ccnHR91g3GYQgmgz+uMYAqasVg3aHJH4nfR/sM d9s5h47udMjw2a1RM7so/QUAi/33WzVFr4QVHovroCfHPLILo2iGd8pGMXD1na/d3p6iuNTknxx 2mv9wpM8r9CdvwUM49GdobfxS98mgyMbhEbVuol95i24rEDKB7CwGoCQz5LDalRfVQGWgZml8JG r7LmOTdLmePsMzv/TLxkvpDvIBYUug3Mn6BwgA/iGszPuV0MEC7BK472xWmioGbQQ2HcA2pYqeW etqRa1b0usNrgibGsDr7pC1vVUqEwbp0q2oWP4+y4UQib34y4bpkBuh5OsjuKjHtNkHCZk/xFZB oASLgwRUrY+u2wLqKybukC8jUtlZMCrvltlcz3RuEUQuBw/7yGCAcNWo52LqcOYAC1kv3sLSYdn yIg2GX045/wltc9G4V1VQeih4njsLRGDKlfbSLcg96AtQTPGuAy8Y= X-Google-Smtp-Source: AGHT+IFirMTbIE/Mz7SxmZusKuVHpn4JgrMCYE3NcUS/x+ulC6+n3iKo4YojdR5CaekHTbK8K19xlQ== X-Received: by 2002:a05:690e:16a0:b0:641:f5bc:68d5 with SMTP id 956f58d0204a3-6443d961614mr1540601d50.82.1764834435301; Wed, 03 Dec 2025 23:47:15 -0800 (PST) Received: from localhost.localdomain (45.62.117.175.16clouds.com. [45.62.117.175]) by smtp.gmail.com with ESMTPSA id 956f58d0204a3-6443f5bcbbesm364495d50.23.2025.12.03.23.47.09 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Wed, 03 Dec 2025 23:47:15 -0800 (PST) From: Shuran Liu To: song@kernel.org, mattbobrowski@google.com, bpf@vger.kernel.org Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, martin.lau@linux.dev, eddyz87@gmail.com, yonghong.song@linux.dev, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@fomichev.me, haoluo@google.com, jolsa@kernel.org, rostedt@goodmis.org, mhiramat@kernel.org, mathieu.desnoyers@efficios.com, linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, dxu@dxuuu.xyz, linux-kselftest@vger.kernel.org, shuah@kernel.org, electronlsr@gmail.com, Zesen Liu , Peili Gao , Haoran Ni Subject: [PATCH bpf v4 2/2] selftests/bpf: add regression test for bpf_d_path() Date: Thu, 4 Dec 2025 15:46:32 +0800 Message-ID: <20251204074632.8562-3-electronlsr@gmail.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20251204074632.8562-1-electronlsr@gmail.com> References: <20251204074632.8562-1-electronlsr@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a regression test for bpf_d_path() to cover incorrect verifier assumptions caused by an incorrect function prototype. The test attaches to the fallocate hook, calls bpf_d_path() and verifies that a simple prefix comparison on the returned pathname behaves correctly after the fix in patch 1. It ensures the verifier does not assume the buffer remains unwritten. Co-developed-by: Zesen Liu Signed-off-by: Zesen Liu Co-developed-by: Peili Gao Signed-off-by: Peili Gao Co-developed-by: Haoran Ni Signed-off-by: Haoran Ni Signed-off-by: Shuran Liu --- .../testing/selftests/bpf/prog_tests/d_path.c | 90 +++++++++++++++---- .../testing/selftests/bpf/progs/test_d_path.c | 23 +++++ 2 files changed, 95 insertions(+), 18 deletions(-) diff --git a/tools/testing/selftests/bpf/prog_tests/d_path.c b/tools/testin= g/selftests/bpf/prog_tests/d_path.c index ccc768592e66..c725d5258e65 100644 --- a/tools/testing/selftests/bpf/prog_tests/d_path.c +++ b/tools/testing/selftests/bpf/prog_tests/d_path.c @@ -38,6 +38,14 @@ static int set_pathname(int fd, pid_t pid) return readlink(buf, src.paths[src.cnt++], MAX_PATH_LEN); } =20 +static inline long syscall_close(int fd) +{ + return syscall(__NR_close_range, + (unsigned int)fd, + (unsigned int)fd, + 0u); +} + static int trigger_fstat_events(pid_t pid) { int sockfd =3D -1, procfd =3D -1, devfd =3D -1; @@ -104,36 +112,47 @@ static int trigger_fstat_events(pid_t pid) /* sys_close no longer triggers filp_close, but we can * call sys_close_range instead which still does */ -#define close(fd) syscall(__NR_close_range, fd, fd, 0) - - close(pipefd[0]); - close(pipefd[1]); - close(sockfd); - close(procfd); - close(devfd); - close(localfd); - close(indicatorfd); - -#undef close + syscall_close(pipefd[0]); + syscall_close(pipefd[1]); + syscall_close(sockfd); + syscall_close(procfd); + syscall_close(devfd); + syscall_close(localfd); + syscall_close(indicatorfd); return ret; } =20 +static void attach_and_load(struct test_d_path **skel) +{ + int err; + + *skel =3D test_d_path__open_and_load(); + if (CHECK(!*skel, "setup", "d_path skeleton failed\n")) + goto cleanup; + + err =3D test_d_path__attach(*skel); + if (CHECK(err, "setup", "attach failed: %d\n", err)) + goto cleanup; + + (*skel)->bss->my_pid =3D getpid(); + return; + +cleanup: + test_d_path__destroy(*skel); + *skel =3D NULL; +} + static void test_d_path_basic(void) { struct test_d_path__bss *bss; struct test_d_path *skel; int err; =20 - skel =3D test_d_path__open_and_load(); - if (CHECK(!skel, "setup", "d_path skeleton failed\n")) - goto cleanup; - - err =3D test_d_path__attach(skel); - if (CHECK(err, "setup", "attach failed: %d\n", err)) + attach_and_load(&skel); + if (!skel) goto cleanup; =20 bss =3D skel->bss; - bss->my_pid =3D getpid(); =20 err =3D trigger_fstat_events(bss->my_pid); if (err < 0) @@ -195,6 +214,38 @@ static void test_d_path_check_types(void) test_d_path_check_types__destroy(skel); } =20 +/* Check if the verifier correctly generates code for + * accessing the memory modified by d_path helper. + */ +static void test_d_path_mem_access(void) +{ + int localfd =3D -1; + struct test_d_path__bss *bss; + struct test_d_path *skel; + + attach_and_load(&skel); + if (!skel) + goto cleanup; + + bss =3D skel->bss; + + localfd =3D open("/tmp/d_path_loadgen.txt", O_CREAT | O_RDWR, 0644); + if (CHECK(localfd < 0, "trigger", "open /tmp/d_path_loadgen.txt failed\n"= )) + goto cleanup; + + if (CHECK(fallocate(localfd, 0, 0, 1024) < 0, "trigger", "fallocate faile= d\n")) + goto cleanup; + remove("/tmp/d_path_loadgen.txt"); + + if (CHECK(!bss->path_match_fallocate, "check", + "failed to match actual opened path")) + goto cleanup; + +cleanup: + syscall_close(localfd); + test_d_path__destroy(skel); +} + void test_d_path(void) { if (test__start_subtest("basic")) @@ -205,4 +256,7 @@ void test_d_path(void) =20 if (test__start_subtest("check_alloc_mem")) test_d_path_check_types(); + + if (test__start_subtest("check_mem_access")) + test_d_path_mem_access(); } diff --git a/tools/testing/selftests/bpf/progs/test_d_path.c b/tools/testin= g/selftests/bpf/progs/test_d_path.c index 84e1f883f97b..2f9b4cb67931 100644 --- a/tools/testing/selftests/bpf/progs/test_d_path.c +++ b/tools/testing/selftests/bpf/progs/test_d_path.c @@ -17,6 +17,7 @@ int rets_close[MAX_FILES] =3D {}; =20 int called_stat =3D 0; int called_close =3D 0; +int path_match_fallocate =3D 0; =20 SEC("fentry/security_inode_getattr") int BPF_PROG(prog_stat, struct path *path, struct kstat *stat, @@ -62,4 +63,26 @@ int BPF_PROG(prog_close, struct file *file, void *id) return 0; } =20 +SEC("fentry/vfs_fallocate") +int BPF_PROG(prog_fallocate, struct file *file, int mode, loff_t offset, l= off_t len) +{ + pid_t pid =3D bpf_get_current_pid_tgid() >> 32; + int ret =3D 0; + char path_fallocate[MAX_PATH_LEN] =3D {}; + + if (pid !=3D my_pid) + return 0; + + ret =3D bpf_d_path(&file->f_path, + path_fallocate, MAX_PATH_LEN); + if (ret < 0) + return 0; + + if (path_fallocate[0] !=3D '/') + return 0; + + path_match_fallocate =3D 1; + return 0; +} + char _license[] SEC("license") =3D "GPL"; --=20 2.52.0