xref: /linux/tools/testing/selftests/bpf/progs/task_kfunc_success.c (revision 0a670e151a71434765de69590944e18c08ee08cf)
1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (c) 2022 Meta Platforms, Inc. and affiliates. */
3 
4 #include <vmlinux.h>
5 #include <bpf/bpf_tracing.h>
6 #include <bpf/bpf_helpers.h>
7 
8 #include "../bpf_experimental.h"
9 #include "task_kfunc_common.h"
10 
11 char _license[] SEC("license") = "GPL";
12 
13 int err, pid;
14 
15 /* Prototype for all of the program trace events below:
16  *
17  * TRACE_EVENT(task_newtask,
18  *         TP_PROTO(struct task_struct *p, u64 clone_flags)
19  */
20 
21 struct task_struct *bpf_task_acquire(struct task_struct *p) __ksym __weak;
22 
23 struct task_struct *bpf_task_acquire___one(struct task_struct *task) __ksym __weak;
24 /* The two-param bpf_task_acquire doesn't exist */
25 struct task_struct *bpf_task_acquire___two(struct task_struct *p, void *ctx) __ksym __weak;
26 /* Incorrect type for first param */
27 struct task_struct *bpf_task_acquire___three(void *ctx) __ksym __weak;
28 
29 void invalid_kfunc(void) __ksym __weak;
30 void bpf_testmod_test_mod_kfunc(int i) __ksym __weak;
31 
32 static bool is_test_kfunc_task(void)
33 {
34 	int cur_pid = bpf_get_current_pid_tgid() >> 32;
35 
36 	return pid == cur_pid;
37 }
38 
39 static int test_acquire_release(struct task_struct *task)
40 {
41 	struct task_struct *acquired = NULL;
42 
43 	if (!bpf_ksym_exists(bpf_task_acquire)) {
44 		err = 3;
45 		return 0;
46 	}
47 	if (!bpf_ksym_exists(bpf_testmod_test_mod_kfunc)) {
48 		err = 4;
49 		return 0;
50 	}
51 	if (bpf_ksym_exists(invalid_kfunc)) {
52 		/* the verifier's dead code elimination should remove this */
53 		err = 5;
54 		asm volatile ("goto -1"); /* for (;;); */
55 	}
56 
57 	acquired = bpf_task_acquire(task);
58 	if (acquired)
59 		bpf_task_release(acquired);
60 	else
61 		err = 6;
62 
63 	return 0;
64 }
65 
66 SEC("tp_btf/task_newtask")
67 int BPF_PROG(test_task_kfunc_flavor_relo, struct task_struct *task, u64 clone_flags)
68 {
69 	struct task_struct *acquired = NULL;
70 	int fake_ctx = 42;
71 
72 	if (bpf_ksym_exists(bpf_task_acquire___one)) {
73 		acquired = bpf_task_acquire___one(task);
74 	} else if (bpf_ksym_exists(bpf_task_acquire___two)) {
75 		/* Here, bpf_object__resolve_ksym_func_btf_id's find_ksym_btf_id
76 		 * call will find vmlinux's bpf_task_acquire, but subsequent
77 		 * bpf_core_types_are_compat will fail
78 		 */
79 		acquired = bpf_task_acquire___two(task, &fake_ctx);
80 		err = 3;
81 		return 0;
82 	} else if (bpf_ksym_exists(bpf_task_acquire___three)) {
83 		/* bpf_core_types_are_compat will fail similarly to above case */
84 		acquired = bpf_task_acquire___three(&fake_ctx);
85 		err = 4;
86 		return 0;
87 	}
88 
89 	if (acquired)
90 		bpf_task_release(acquired);
91 	else
92 		err = 5;
93 	return 0;
94 }
95 
96 SEC("tp_btf/task_newtask")
97 int BPF_PROG(test_task_kfunc_flavor_relo_not_found, struct task_struct *task, u64 clone_flags)
98 {
99 	/* Neither symbol should successfully resolve.
100 	 * Success or failure of one ___flavor should not affect others
101 	 */
102 	if (bpf_ksym_exists(bpf_task_acquire___two))
103 		err = 1;
104 	else if (bpf_ksym_exists(bpf_task_acquire___three))
105 		err = 2;
106 
107 	return 0;
108 }
109 
110 SEC("tp_btf/task_newtask")
111 int BPF_PROG(test_task_acquire_release_argument, struct task_struct *task, u64 clone_flags)
112 {
113 	if (!is_test_kfunc_task())
114 		return 0;
115 
116 	return test_acquire_release(task);
117 }
118 
119 SEC("tp_btf/task_newtask")
120 int BPF_PROG(test_task_acquire_release_current, struct task_struct *task, u64 clone_flags)
121 {
122 	if (!is_test_kfunc_task())
123 		return 0;
124 
125 	return test_acquire_release(bpf_get_current_task_btf());
126 }
127 
128 SEC("tp_btf/task_newtask")
129 int BPF_PROG(test_task_acquire_leave_in_map, struct task_struct *task, u64 clone_flags)
130 {
131 	long status;
132 
133 	if (!is_test_kfunc_task())
134 		return 0;
135 
136 	status = tasks_kfunc_map_insert(task);
137 	if (status)
138 		err = 1;
139 
140 	return 0;
141 }
142 
143 SEC("tp_btf/task_newtask")
144 int BPF_PROG(test_task_xchg_release, struct task_struct *task, u64 clone_flags)
145 {
146 	struct task_struct *kptr, *acquired;
147 	struct __tasks_kfunc_map_value *v, *local;
148 	int refcnt, refcnt_after_drop;
149 	long status;
150 
151 	if (!is_test_kfunc_task())
152 		return 0;
153 
154 	status = tasks_kfunc_map_insert(task);
155 	if (status) {
156 		err = 1;
157 		return 0;
158 	}
159 
160 	v = tasks_kfunc_map_value_lookup(task);
161 	if (!v) {
162 		err = 2;
163 		return 0;
164 	}
165 
166 	kptr = bpf_kptr_xchg(&v->task, NULL);
167 	if (!kptr) {
168 		err = 3;
169 		return 0;
170 	}
171 
172 	local = bpf_obj_new(typeof(*local));
173 	if (!local) {
174 		err = 4;
175 		bpf_task_release(kptr);
176 		return 0;
177 	}
178 
179 	kptr = bpf_kptr_xchg(&local->task, kptr);
180 	if (kptr) {
181 		err = 5;
182 		bpf_obj_drop(local);
183 		bpf_task_release(kptr);
184 		return 0;
185 	}
186 
187 	kptr = bpf_kptr_xchg(&local->task, NULL);
188 	if (!kptr) {
189 		err = 6;
190 		bpf_obj_drop(local);
191 		return 0;
192 	}
193 
194 	/* Stash a copy into local kptr and check if it is released recursively */
195 	acquired = bpf_task_acquire(kptr);
196 	if (!acquired) {
197 		err = 7;
198 		bpf_obj_drop(local);
199 		bpf_task_release(kptr);
200 		return 0;
201 	}
202 	bpf_probe_read_kernel(&refcnt, sizeof(refcnt), &acquired->rcu_users);
203 
204 	acquired = bpf_kptr_xchg(&local->task, acquired);
205 	if (acquired) {
206 		err = 8;
207 		bpf_obj_drop(local);
208 		bpf_task_release(kptr);
209 		bpf_task_release(acquired);
210 		return 0;
211 	}
212 
213 	bpf_obj_drop(local);
214 
215 	bpf_probe_read_kernel(&refcnt_after_drop, sizeof(refcnt_after_drop), &kptr->rcu_users);
216 	if (refcnt != refcnt_after_drop + 1) {
217 		err = 9;
218 		bpf_task_release(kptr);
219 		return 0;
220 	}
221 
222 	bpf_task_release(kptr);
223 
224 	return 0;
225 }
226 
227 SEC("tp_btf/task_newtask")
228 int BPF_PROG(test_task_map_acquire_release, struct task_struct *task, u64 clone_flags)
229 {
230 	struct task_struct *kptr;
231 	struct __tasks_kfunc_map_value *v;
232 	long status;
233 
234 	if (!is_test_kfunc_task())
235 		return 0;
236 
237 	status = tasks_kfunc_map_insert(task);
238 	if (status) {
239 		err = 1;
240 		return 0;
241 	}
242 
243 	v = tasks_kfunc_map_value_lookup(task);
244 	if (!v) {
245 		err = 2;
246 		return 0;
247 	}
248 
249 	bpf_rcu_read_lock();
250 	kptr = v->task;
251 	if (!kptr) {
252 		err = 3;
253 	} else {
254 		kptr = bpf_task_acquire(kptr);
255 		if (!kptr)
256 			err = 4;
257 		else
258 			bpf_task_release(kptr);
259 	}
260 	bpf_rcu_read_unlock();
261 
262 	return 0;
263 }
264 
265 SEC("tp_btf/task_newtask")
266 int BPF_PROG(test_task_current_acquire_release, struct task_struct *task, u64 clone_flags)
267 {
268 	struct task_struct *current, *acquired;
269 
270 	if (!is_test_kfunc_task())
271 		return 0;
272 
273 	current = bpf_get_current_task_btf();
274 	acquired = bpf_task_acquire(current);
275 	if (acquired)
276 		bpf_task_release(acquired);
277 	else
278 		err = 1;
279 
280 	return 0;
281 }
282 
283 static void lookup_compare_pid(const struct task_struct *p)
284 {
285 	struct task_struct *acquired;
286 
287 	acquired = bpf_task_from_pid(p->pid);
288 	if (!acquired) {
289 		err = 1;
290 		return;
291 	}
292 
293 	if (acquired->pid != p->pid)
294 		err = 2;
295 	bpf_task_release(acquired);
296 }
297 
298 SEC("tp_btf/task_newtask")
299 int BPF_PROG(test_task_from_pid_arg, struct task_struct *task, u64 clone_flags)
300 {
301 	if (!is_test_kfunc_task())
302 		return 0;
303 
304 	lookup_compare_pid(task);
305 	return 0;
306 }
307 
308 SEC("tp_btf/task_newtask")
309 int BPF_PROG(test_task_from_pid_current, struct task_struct *task, u64 clone_flags)
310 {
311 	if (!is_test_kfunc_task())
312 		return 0;
313 
314 	lookup_compare_pid(bpf_get_current_task_btf());
315 	return 0;
316 }
317 
318 static int is_pid_lookup_valid(s32 pid)
319 {
320 	struct task_struct *acquired;
321 
322 	acquired = bpf_task_from_pid(pid);
323 	if (acquired) {
324 		bpf_task_release(acquired);
325 		return 1;
326 	}
327 
328 	return 0;
329 }
330 
331 SEC("tp_btf/task_newtask")
332 int BPF_PROG(test_task_from_pid_invalid, struct task_struct *task, u64 clone_flags)
333 {
334 	if (!is_test_kfunc_task())
335 		return 0;
336 
337 	bpf_strncmp(task->comm, 12, "foo");
338 	bpf_strncmp(task->comm, 16, "foo");
339 	bpf_strncmp(&task->comm[8], 4, "foo");
340 
341 	if (is_pid_lookup_valid(-1)) {
342 		err = 1;
343 		return 0;
344 	}
345 
346 	if (is_pid_lookup_valid(0xcafef00d)) {
347 		err = 2;
348 		return 0;
349 	}
350 
351 	return 0;
352 }
353 
354 SEC("tp_btf/task_newtask")
355 int BPF_PROG(task_kfunc_acquire_trusted_walked, struct task_struct *task, u64 clone_flags)
356 {
357 	struct task_struct *acquired;
358 
359 	/* task->group_leader is listed as a trusted, non-NULL field of task struct. */
360 	acquired = bpf_task_acquire(task->group_leader);
361 	if (acquired)
362 		bpf_task_release(acquired);
363 	else
364 		err = 1;
365 
366 
367 	return 0;
368 }
369 
370 SEC("syscall")
371 int test_task_from_vpid_current(const void *ctx)
372 {
373 	struct task_struct *current, *v_task;
374 
375 	v_task = bpf_task_from_vpid(1);
376 	if (!v_task) {
377 		err = 1;
378 		return 0;
379 	}
380 
381 	current = bpf_get_current_task_btf();
382 
383 	/* The current process should be the init process (pid 1) in the new pid namespace. */
384 	if (current != v_task)
385 		err = 2;
386 
387 	bpf_task_release(v_task);
388 	return 0;
389 }
390 
391 SEC("syscall")
392 int test_task_from_vpid_invalid(const void *ctx)
393 {
394 	struct task_struct *v_task;
395 
396 	v_task = bpf_task_from_vpid(-1);
397 	if (v_task) {
398 		err = 1;
399 		goto err;
400 	}
401 
402 	/* There should be only one process (current process) in the new pid namespace. */
403 	v_task = bpf_task_from_vpid(2);
404 	if (v_task) {
405 		err = 2;
406 		goto err;
407 	}
408 
409 	v_task = bpf_task_from_vpid(9999);
410 	if (v_task) {
411 		err = 3;
412 		goto err;
413 	}
414 
415 	return 0;
416 err:
417 	bpf_task_release(v_task);
418 	return 0;
419 }
420