From nobody Fri Dec 19 15:00:19 2025 Received: from mail-yx1-f44.google.com (mail-yx1-f44.google.com [74.125.224.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C1042DA75F for ; Sat, 6 Dec 2025 14:12:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.125.224.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1765030367; cv=none; b=Dyy4ZVeI4IyzoY2YJqlm9IuOVxLI5IKoj0dgqJhRsVrlBqcxOQRgMzEMnwzJngQDz/YMK2Zr/oL9At0Nl5Dj1ImgLfOlibKdVqaa2Wu4nbg59c3CnOa/GNgvktjyotaXJOtlE7AjF0L6bxJd8Ibm0xGVx6oahKaiaR/1lOJ0LfY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1765030367; c=relaxed/simple; bh=RyLNc6tGR9TNg64jOPUj6Yspxw5JjeAQPkK81wia8Pk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=BK29yPO2TL7tP97QeAjoGFLson7UcLRyW7eKS/UvbNgUAuXAiwUzFTfzIQd1MD6Pq/RbMU28GqJr9hbGznG1QL0t0NaiWvKkt0zY5skAJdUXec8eJUlPnuzzLSctou0vPUQKbPSBGCyH8rnAlMVo7Bk73qY2OsQ8M/obST1Ai7Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=SROky8ix; arc=none smtp.client-ip=74.125.224.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="SROky8ix" Received: by mail-yx1-f44.google.com with SMTP id 956f58d0204a3-64308342458so2772201d50.0 for ; Sat, 06 Dec 2025 06:12:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765030365; x=1765635165; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jQZxjdZr1JFznsMXvmLRudCv2FwHA4P8i6Bo9rkQABI=; b=SROky8ixQmsBP6UyEbIMRkrKLJAZnHUgL+m8L6zePEYFs80Nuu8zweBXh8wKmOHXDf Nnt9nl06b6PCQxyrMQeMN7W+9g0nCw/vc9w32H4DgC8A0f7pD2HsnQb2SKbgY0qya/57 LlMH+FMNRmll/XzfECV+uwtKHm9+yKSB11+70K0EKX7VdxhZRz87C2aR1l2cdvT88I4g g6VyRwowMoIScb7z0INkpongiXXGn7NowLna4cWHWpaFOZnngbsccJQRXnnJggRDf2GX OrJ+veVJcfBWG9slXmftQesbYTZLSTKt3O045my3O4JoRNH6mO83vm+DP7lGMmoX28s+ A8cg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1765030365; x=1765635165; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=jQZxjdZr1JFznsMXvmLRudCv2FwHA4P8i6Bo9rkQABI=; b=cc03hYhyQS8BUH1GcV7o95FZLFelrt3MPltkqacqQWVRlrEsG1Uv21gW9n+WE9LG+G al13lxwELGeqce59wyRTg9Tp4uwAK2vY9ZMIqf2lEN5SFuL34c//UbsH6Ku8/M/kopAT Nzm78B/MVsNNxfTsI8bJkk/nMETZRgHJzK+GdSR0ucs3KzRl/Oh5+FcFksFpIR+c+O45 uj8eDXbCdQ+7Y0vPfYAh0xw5fgXyAQB9x+WKylNQxjmss4DsOs7jFN66SyqL4nhBOB5M nr8QjrHsGrrhxlVqcb0qZ0kTUKFk/67U+BkGznnr3FGeN12hCjWXn+cUp6dheimC5mj5 f8cg== X-Forwarded-Encrypted: i=1; AJvYcCXZMgT7SuVpgSi/kTK0g/UcR5kEYbT6ZNmb46kHDXAaO4mVJf+5HVuVMeg+m1EhxwBATx5OOrtP8sryXKI=@vger.kernel.org X-Gm-Message-State: AOJu0Yynd3Expkah3MtKv+jloPt6AK6UQPkXXm/Av3sLl4bx5o+6FDnY sTEfSDT55fD/Gr1BW6r97ZRC1MiKYc8glB/X996YuINgc2LXFzwNx3Ag X-Gm-Gg: ASbGncvxz8BBa0Rd3gYS2312iZ343Yl1iHCZdM8uPC63jKkZvlM79klQCBTJc35+1Hf 9nQHo6Hdekbfu+ciciZRDPxo7VUunOhl/hBit+WKYZG3ca5NVcBk0noNTQbJOMrRcH7UXv8hWN/ RJNcdQOgOqLOmMM/NMEjBfiHyBa7zM4OvlH7xJ7c2Mjbz8BYneSSplpBFWsq7gh7UEWG/TfIccY r0Y1rV7PDDz34mfHrB45FogltRueJp+4IHcBV/c81i9FRDtN8dQKhWuILlFC9GrHQYD88GU51ot bJUpSdp4EOGdLPNyR/3qB6QP6/w5FMwbyYZlFxHZZ9WKUA6iSR1V6EAWLBc1Ti5FhReVjA5FlLw l6mwTlWoqr9tSapFxZApxI2HAF6WOSWSD+p5nOb3e7A4kkDr6FrwuUT2CNVxmNjS9aQaO5ukxZE lO2DAe5Rx/6hrq/O3CpSQo6wQD8bHN4MZMf5JrC06F+iV9Gmd+qMU= X-Google-Smtp-Source: AGHT+IHR9Zx/p3K68sJ975Kv+S2nxQ3ATWRfBJAUvnr4+LZUE0dZ7nv8fk2XnB0qEp03jLan5S47PA== X-Received: by 2002:a05:690c:4512:b0:78c:2edf:5860 with SMTP id 00721157ae682-78c33afd090mr19846137b3.13.1765030364909; Sat, 06 Dec 2025 06:12:44 -0800 (PST) Received: from localhost.localdomain (45.62.117.175.16clouds.com. [45.62.117.175]) by smtp.gmail.com with ESMTPSA id 00721157ae682-78c1b4ae534sm28038027b3.3.2025.12.06.06.12.39 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Sat, 06 Dec 2025 06:12:44 -0800 (PST) From: Shuran Liu To: song@kernel.org, mattbobrowski@google.com, bpf@vger.kernel.org Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, martin.lau@linux.dev, eddyz87@gmail.com, yonghong.song@linux.dev, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@fomichev.me, haoluo@google.com, jolsa@kernel.org, rostedt@goodmis.org, mhiramat@kernel.org, mathieu.desnoyers@efficios.com, linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, dxu@dxuuu.xyz, linux-kselftest@vger.kernel.org, shuah@kernel.org, electronlsr@gmail.com, Zesen Liu , Peili Gao , Haoran Ni Subject: [PATCH bpf v5 2/2] selftests/bpf: add regression test for bpf_d_path() Date: Sat, 6 Dec 2025 22:12:10 +0800 Message-ID: <20251206141210.3148-3-electronlsr@gmail.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20251206141210.3148-1-electronlsr@gmail.com> References: <20251206141210.3148-1-electronlsr@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a regression test for bpf_d_path() to cover incorrect verifier assumptions caused by an incorrect function prototype. The test attaches to the fallocate hook, calls bpf_d_path() and verifies that a simple prefix comparison on the returned pathname behaves correctly after the fix in patch 1. It ensures the verifier does not assume the buffer remains unwritten. Co-developed-by: Zesen Liu Signed-off-by: Zesen Liu Co-developed-by: Peili Gao Signed-off-by: Peili Gao Co-developed-by: Haoran Ni Signed-off-by: Haoran Ni Signed-off-by: Shuran Liu --- .../testing/selftests/bpf/prog_tests/d_path.c | 91 +++++++++++++++---- .../testing/selftests/bpf/progs/test_d_path.c | 23 +++++ 2 files changed, 96 insertions(+), 18 deletions(-) diff --git a/tools/testing/selftests/bpf/prog_tests/d_path.c b/tools/testin= g/selftests/bpf/prog_tests/d_path.c index ccc768592e66..1a2a2f1abf03 100644 --- a/tools/testing/selftests/bpf/prog_tests/d_path.c +++ b/tools/testing/selftests/bpf/prog_tests/d_path.c @@ -38,6 +38,14 @@ static int set_pathname(int fd, pid_t pid) return readlink(buf, src.paths[src.cnt++], MAX_PATH_LEN); } =20 +static inline long syscall_close(int fd) +{ + return syscall(__NR_close_range, + (unsigned int)fd, + (unsigned int)fd, + 0u); +} + static int trigger_fstat_events(pid_t pid) { int sockfd =3D -1, procfd =3D -1, devfd =3D -1; @@ -104,36 +112,47 @@ static int trigger_fstat_events(pid_t pid) /* sys_close no longer triggers filp_close, but we can * call sys_close_range instead which still does */ -#define close(fd) syscall(__NR_close_range, fd, fd, 0) - - close(pipefd[0]); - close(pipefd[1]); - close(sockfd); - close(procfd); - close(devfd); - close(localfd); - close(indicatorfd); - -#undef close + syscall_close(pipefd[0]); + syscall_close(pipefd[1]); + syscall_close(sockfd); + syscall_close(procfd); + syscall_close(devfd); + syscall_close(localfd); + syscall_close(indicatorfd); return ret; } =20 +static void attach_and_load(struct test_d_path **skel) +{ + int err; + + *skel =3D test_d_path__open_and_load(); + if (CHECK(!*skel, "setup", "d_path skeleton failed\n")) + goto cleanup; + + err =3D test_d_path__attach(*skel); + if (CHECK(err, "setup", "attach failed: %d\n", err)) + goto cleanup; + + (*skel)->bss->my_pid =3D getpid(); + return; + +cleanup: + test_d_path__destroy(*skel); + *skel =3D NULL; +} + static void test_d_path_basic(void) { struct test_d_path__bss *bss; struct test_d_path *skel; int err; =20 - skel =3D test_d_path__open_and_load(); - if (CHECK(!skel, "setup", "d_path skeleton failed\n")) - goto cleanup; - - err =3D test_d_path__attach(skel); - if (CHECK(err, "setup", "attach failed: %d\n", err)) + attach_and_load(&skel); + if (!skel) goto cleanup; =20 bss =3D skel->bss; - bss->my_pid =3D getpid(); =20 err =3D trigger_fstat_events(bss->my_pid); if (err < 0) @@ -195,6 +214,39 @@ static void test_d_path_check_types(void) test_d_path_check_types__destroy(skel); } =20 +/* Check if the verifier correctly generates code for + * accessing the memory modified by d_path helper. + */ +static void test_d_path_mem_access(void) +{ + int localfd =3D -1; + char path_template[] =3D "/dev/shm/d_path_loadgen.XXXXXX"; + struct test_d_path__bss *bss; + struct test_d_path *skel; + + attach_and_load(&skel); + if (!skel) + goto cleanup; + + bss =3D skel->bss; + + localfd =3D mkstemp(path_template); + if (CHECK(localfd < 0, "trigger", "mkstemp failed\n")) + goto cleanup; + + if (CHECK(fallocate(localfd, 0, 0, 1024) < 0, "trigger", "fallocate faile= d\n")) + goto cleanup; + remove(path_template); + + if (CHECK(!bss->path_match_fallocate, "check", + "failed to read fallocate path")) + goto cleanup; + +cleanup: + syscall_close(localfd); + test_d_path__destroy(skel); +} + void test_d_path(void) { if (test__start_subtest("basic")) @@ -205,4 +257,7 @@ void test_d_path(void) =20 if (test__start_subtest("check_alloc_mem")) test_d_path_check_types(); + + if (test__start_subtest("check_mem_access")) + test_d_path_mem_access(); } diff --git a/tools/testing/selftests/bpf/progs/test_d_path.c b/tools/testin= g/selftests/bpf/progs/test_d_path.c index 84e1f883f97b..561b2f861808 100644 --- a/tools/testing/selftests/bpf/progs/test_d_path.c +++ b/tools/testing/selftests/bpf/progs/test_d_path.c @@ -17,6 +17,7 @@ int rets_close[MAX_FILES] =3D {}; =20 int called_stat =3D 0; int called_close =3D 0; +int path_match_fallocate =3D 0; =20 SEC("fentry/security_inode_getattr") int BPF_PROG(prog_stat, struct path *path, struct kstat *stat, @@ -62,4 +63,26 @@ int BPF_PROG(prog_close, struct file *file, void *id) return 0; } =20 +SEC("fentry/vfs_fallocate") +int BPF_PROG(prog_fallocate, struct file *file, int mode, loff_t offset, l= off_t len) +{ + pid_t pid =3D bpf_get_current_pid_tgid() >> 32; + int ret =3D 0; + char path_fallocate[MAX_PATH_LEN] =3D {}; + + if (pid !=3D my_pid) + return 0; + + ret =3D bpf_d_path(&file->f_path, + path_fallocate, MAX_PATH_LEN); + if (ret < 0) + return 0; + + if (!path_fallocate[0]) + return 0; + + path_match_fallocate =3D 1; + return 0; +} + char _license[] SEC("license") =3D "GPL"; --=20 2.52.0