xref: /linux/tools/testing/selftests/bpf/progs/lsm.c (revision 84318277d6334c6981ab326d4acc87c6a6ddc9b8) 
1 // SPDX-License-Identifier: GPL-2.0
2 
3 /*
4  * Copyright 2020 Google LLC.
5  */
6 
7 #include "vmlinux.h"
8 #include <errno.h>
9 #include <bpf/bpf_core_read.h>
10 #include <bpf/bpf_helpers.h>
11 #include <bpf/bpf_tracing.h>
12 #include "bpf_misc.h"
13 
14 struct {
15 	__uint(type, BPF_MAP_TYPE_ARRAY);
16 	__uint(max_entries, 1);
17 	__type(key, __u32);
18 	__type(value, __u64);
19 } array SEC(".maps");
20 
21 struct {
22 	__uint(type, BPF_MAP_TYPE_HASH);
23 	__uint(max_entries, 1);
24 	__type(key, __u32);
25 	__type(value, __u64);
26 } hash SEC(".maps");
27 
28 struct {
29 	__uint(type, BPF_MAP_TYPE_LRU_HASH);
30 	__uint(max_entries, 1);
31 	__type(key, __u32);
32 	__type(value, __u64);
33 } lru_hash SEC(".maps");
34 
35 struct {
36 	__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
37 	__uint(max_entries, 1);
38 	__type(key, __u32);
39 	__type(value, __u64);
40 } percpu_array SEC(".maps");
41 
42 struct {
43 	__uint(type, BPF_MAP_TYPE_PERCPU_HASH);
44 	__uint(max_entries, 1);
45 	__type(key, __u32);
46 	__type(value, __u64);
47 } percpu_hash SEC(".maps");
48 
49 struct {
50 	__uint(type, BPF_MAP_TYPE_LRU_PERCPU_HASH);
51 	__uint(max_entries, 1);
52 	__type(key, __u32);
53 	__type(value, __u64);
54 } lru_percpu_hash SEC(".maps");
55 
56 struct inner_map {
57 	__uint(type, BPF_MAP_TYPE_ARRAY);
58 	__uint(max_entries, 1);
59 	__type(key, int);
60 	__type(value, __u64);
61 } inner_map SEC(".maps");
62 
63 struct outer_arr {
64 	__uint(type, BPF_MAP_TYPE_ARRAY_OF_MAPS);
65 	__uint(max_entries, 1);
66 	__uint(key_size, sizeof(int));
67 	__uint(value_size, sizeof(int));
68 	__array(values, struct inner_map);
69 } outer_arr SEC(".maps") = {
70 	.values = { [0] = &inner_map },
71 };
72 
73 struct outer_hash {
74 	__uint(type, BPF_MAP_TYPE_HASH_OF_MAPS);
75 	__uint(max_entries, 1);
76 	__uint(key_size, sizeof(int));
77 	__array(values, struct inner_map);
78 } outer_hash SEC(".maps") = {
79 	.values = { [0] = &inner_map },
80 };
81 
82 char _license[] SEC("license") = "GPL";
83 
84 int monitored_pid = 0;
85 int mprotect_count = 0;
86 int bprm_count = 0;
87 
88 SEC("lsm/file_mprotect")
89 int BPF_PROG(test_int_hook, struct vm_area_struct *vma,
90 	     unsigned long reqprot, unsigned long prot, int ret)
91 {
92 	struct mm_struct *mm = vma->vm_mm;
93 
94 	if (ret != 0 || !mm)
95 		return ret;
96 
97 	__s32 pid = bpf_get_current_pid_tgid() >> 32;
98 	int is_stack = 0;
99 
100 	is_stack = (vma->vm_start <= mm->start_stack &&
101 		    vma->vm_end >= mm->start_stack);
102 
103 	if (is_stack && monitored_pid == pid) {
104 		mprotect_count++;
105 		ret = -EPERM;
106 	}
107 
108 	return ret;
109 }
110 
111 SEC("lsm.s/bprm_committed_creds")
112 int BPF_PROG(test_void_hook, struct linux_binprm *bprm)
113 {
114 	__u32 pid = bpf_get_current_pid_tgid() >> 32;
115 	struct inner_map *inner_map;
116 	char args[64];
117 	__u32 key = 0;
118 	__u64 *value;
119 
120 	if (monitored_pid == pid)
121 		bprm_count++;
122 
123 	bpf_copy_from_user(args, sizeof(args), (void *)bprm->vma->vm_mm->arg_start);
124 	bpf_copy_from_user(args, sizeof(args), (void *)bprm->mm->arg_start);
125 
126 	value = bpf_map_lookup_elem(&array, &key);
127 	if (value)
128 		*value = 0;
129 	value = bpf_map_lookup_elem(&hash, &key);
130 	if (value)
131 		*value = 0;
132 	value = bpf_map_lookup_elem(&lru_hash, &key);
133 	if (value)
134 		*value = 0;
135 	value = bpf_map_lookup_elem(&percpu_array, &key);
136 	if (value)
137 		*value = 0;
138 	value = bpf_map_lookup_elem(&percpu_hash, &key);
139 	if (value)
140 		*value = 0;
141 	value = bpf_map_lookup_elem(&lru_percpu_hash, &key);
142 	if (value)
143 		*value = 0;
144 	inner_map = bpf_map_lookup_elem(&outer_arr, &key);
145 	if (inner_map) {
146 		value = bpf_map_lookup_elem(inner_map, &key);
147 		if (value)
148 			*value = 0;
149 	}
150 	inner_map = bpf_map_lookup_elem(&outer_hash, &key);
151 	if (inner_map) {
152 		value = bpf_map_lookup_elem(inner_map, &key);
153 		if (value)
154 			*value = 0;
155 	}
156 
157 	return 0;
158 }
159 SEC("lsm/task_free") /* lsm/ is ok, lsm.s/ fails */
160 int BPF_PROG(test_task_free, struct task_struct *task)
161 {
162 	return 0;
163 }
164 
165 int copy_test = 0;
166 
167 SEC("fentry.s/" SYS_PREFIX "sys_setdomainname")
168 int BPF_PROG(test_sys_setdomainname, struct pt_regs *regs)
169 {
170 	void *ptr = (void *)PT_REGS_PARM1_SYSCALL(regs);
171 	int len = PT_REGS_PARM2_SYSCALL(regs);
172 	int buf = 0;
173 	long ret;
174 
175 	ret = bpf_copy_from_user(&buf, sizeof(buf), ptr);
176 	if (len == -2 && ret == 0 && buf == 1234)
177 		copy_test++;
178 	if (len == -3 && ret == -EFAULT)
179 		copy_test++;
180 	if (len == -4 && ret == -EFAULT)
181 		copy_test++;
182 	return 0;
183 }
184