1 {
2 "valid 1,2,4,8-byte reads from bpf_sk_lookup",
3 .insns = {
4 /* 1-byte read from family field */
5 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
6 offsetof(struct bpf_sk_lookup, family)),
7 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
8 offsetof(struct bpf_sk_lookup, family) + 1),
9 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
10 offsetof(struct bpf_sk_lookup, family) + 2),
11 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
12 offsetof(struct bpf_sk_lookup, family) + 3),
13 /* 2-byte read from family field */
14 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
15 offsetof(struct bpf_sk_lookup, family)),
16 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
17 offsetof(struct bpf_sk_lookup, family) + 2),
18 /* 4-byte read from family field */
19 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
20 offsetof(struct bpf_sk_lookup, family)),
21
22 /* 1-byte read from protocol field */
23 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
24 offsetof(struct bpf_sk_lookup, protocol)),
25 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
26 offsetof(struct bpf_sk_lookup, protocol) + 1),
27 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
28 offsetof(struct bpf_sk_lookup, protocol) + 2),
29 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
30 offsetof(struct bpf_sk_lookup, protocol) + 3),
31 /* 2-byte read from protocol field */
32 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
33 offsetof(struct bpf_sk_lookup, protocol)),
34 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
35 offsetof(struct bpf_sk_lookup, protocol) + 2),
36 /* 4-byte read from protocol field */
37 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
38 offsetof(struct bpf_sk_lookup, protocol)),
39
40 /* 1-byte read from remote_ip4 field */
41 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
42 offsetof(struct bpf_sk_lookup, remote_ip4)),
43 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
44 offsetof(struct bpf_sk_lookup, remote_ip4) + 1),
45 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
46 offsetof(struct bpf_sk_lookup, remote_ip4) + 2),
47 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
48 offsetof(struct bpf_sk_lookup, remote_ip4) + 3),
49 /* 2-byte read from remote_ip4 field */
50 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
51 offsetof(struct bpf_sk_lookup, remote_ip4)),
52 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
53 offsetof(struct bpf_sk_lookup, remote_ip4) + 2),
54 /* 4-byte read from remote_ip4 field */
55 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
56 offsetof(struct bpf_sk_lookup, remote_ip4)),
57
58 /* 1-byte read from remote_ip6 field */
59 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
60 offsetof(struct bpf_sk_lookup, remote_ip6)),
61 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
62 offsetof(struct bpf_sk_lookup, remote_ip6) + 1),
63 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
64 offsetof(struct bpf_sk_lookup, remote_ip6) + 2),
65 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
66 offsetof(struct bpf_sk_lookup, remote_ip6) + 3),
67 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
68 offsetof(struct bpf_sk_lookup, remote_ip6) + 4),
69 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
70 offsetof(struct bpf_sk_lookup, remote_ip6) + 5),
71 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
72 offsetof(struct bpf_sk_lookup, remote_ip6) + 6),
73 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
74 offsetof(struct bpf_sk_lookup, remote_ip6) + 7),
75 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
76 offsetof(struct bpf_sk_lookup, remote_ip6) + 8),
77 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
78 offsetof(struct bpf_sk_lookup, remote_ip6) + 9),
79 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
80 offsetof(struct bpf_sk_lookup, remote_ip6) + 10),
81 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
82 offsetof(struct bpf_sk_lookup, remote_ip6) + 11),
83 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
84 offsetof(struct bpf_sk_lookup, remote_ip6) + 12),
85 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
86 offsetof(struct bpf_sk_lookup, remote_ip6) + 13),
87 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
88 offsetof(struct bpf_sk_lookup, remote_ip6) + 14),
89 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
90 offsetof(struct bpf_sk_lookup, remote_ip6) + 15),
91 /* 2-byte read from remote_ip6 field */
92 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
93 offsetof(struct bpf_sk_lookup, remote_ip6)),
94 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
95 offsetof(struct bpf_sk_lookup, remote_ip6) + 2),
96 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
97 offsetof(struct bpf_sk_lookup, remote_ip6) + 4),
98 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
99 offsetof(struct bpf_sk_lookup, remote_ip6) + 6),
100 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
101 offsetof(struct bpf_sk_lookup, remote_ip6) + 8),
102 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
103 offsetof(struct bpf_sk_lookup, remote_ip6) + 10),
104 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
105 offsetof(struct bpf_sk_lookup, remote_ip6) + 12),
106 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
107 offsetof(struct bpf_sk_lookup, remote_ip6) + 14),
108 /* 4-byte read from remote_ip6 field */
109 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
110 offsetof(struct bpf_sk_lookup, remote_ip6)),
111 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
112 offsetof(struct bpf_sk_lookup, remote_ip6) + 4),
113 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
114 offsetof(struct bpf_sk_lookup, remote_ip6) + 8),
115 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
116 offsetof(struct bpf_sk_lookup, remote_ip6) + 12),
117
118 /* 1-byte read from remote_port field */
119 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
120 offsetof(struct bpf_sk_lookup, remote_port)),
121 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
122 offsetof(struct bpf_sk_lookup, remote_port) + 1),
123 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
124 offsetof(struct bpf_sk_lookup, remote_port) + 2),
125 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
126 offsetof(struct bpf_sk_lookup, remote_port) + 3),
127 /* 2-byte read from remote_port field */
128 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
129 offsetof(struct bpf_sk_lookup, remote_port)),
130 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
131 offsetof(struct bpf_sk_lookup, remote_port) + 2),
132 /* 4-byte read from remote_port field */
133 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
134 offsetof(struct bpf_sk_lookup, remote_port)),
135
136 /* 1-byte read from local_ip4 field */
137 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
138 offsetof(struct bpf_sk_lookup, local_ip4)),
139 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
140 offsetof(struct bpf_sk_lookup, local_ip4) + 1),
141 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
142 offsetof(struct bpf_sk_lookup, local_ip4) + 2),
143 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
144 offsetof(struct bpf_sk_lookup, local_ip4) + 3),
145 /* 2-byte read from local_ip4 field */
146 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
147 offsetof(struct bpf_sk_lookup, local_ip4)),
148 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
149 offsetof(struct bpf_sk_lookup, local_ip4) + 2),
150 /* 4-byte read from local_ip4 field */
151 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
152 offsetof(struct bpf_sk_lookup, local_ip4)),
153
154 /* 1-byte read from local_ip6 field */
155 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
156 offsetof(struct bpf_sk_lookup, local_ip6)),
157 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
158 offsetof(struct bpf_sk_lookup, local_ip6) + 1),
159 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
160 offsetof(struct bpf_sk_lookup, local_ip6) + 2),
161 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
162 offsetof(struct bpf_sk_lookup, local_ip6) + 3),
163 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
164 offsetof(struct bpf_sk_lookup, local_ip6) + 4),
165 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
166 offsetof(struct bpf_sk_lookup, local_ip6) + 5),
167 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
168 offsetof(struct bpf_sk_lookup, local_ip6) + 6),
169 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
170 offsetof(struct bpf_sk_lookup, local_ip6) + 7),
171 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
172 offsetof(struct bpf_sk_lookup, local_ip6) + 8),
173 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
174 offsetof(struct bpf_sk_lookup, local_ip6) + 9),
175 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
176 offsetof(struct bpf_sk_lookup, local_ip6) + 10),
177 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
178 offsetof(struct bpf_sk_lookup, local_ip6) + 11),
179 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
180 offsetof(struct bpf_sk_lookup, local_ip6) + 12),
181 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
182 offsetof(struct bpf_sk_lookup, local_ip6) + 13),
183 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
184 offsetof(struct bpf_sk_lookup, local_ip6) + 14),
185 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
186 offsetof(struct bpf_sk_lookup, local_ip6) + 15),
187 /* 2-byte read from local_ip6 field */
188 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
189 offsetof(struct bpf_sk_lookup, local_ip6)),
190 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
191 offsetof(struct bpf_sk_lookup, local_ip6) + 2),
192 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
193 offsetof(struct bpf_sk_lookup, local_ip6) + 4),
194 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
195 offsetof(struct bpf_sk_lookup, local_ip6) + 6),
196 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
197 offsetof(struct bpf_sk_lookup, local_ip6) + 8),
198 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
199 offsetof(struct bpf_sk_lookup, local_ip6) + 10),
200 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
201 offsetof(struct bpf_sk_lookup, local_ip6) + 12),
202 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
203 offsetof(struct bpf_sk_lookup, local_ip6) + 14),
204 /* 4-byte read from local_ip6 field */
205 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
206 offsetof(struct bpf_sk_lookup, local_ip6)),
207 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
208 offsetof(struct bpf_sk_lookup, local_ip6) + 4),
209 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
210 offsetof(struct bpf_sk_lookup, local_ip6) + 8),
211 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
212 offsetof(struct bpf_sk_lookup, local_ip6) + 12),
213
214 /* 1-byte read from local_port field */
215 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
216 offsetof(struct bpf_sk_lookup, local_port)),
217 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
218 offsetof(struct bpf_sk_lookup, local_port) + 1),
219 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
220 offsetof(struct bpf_sk_lookup, local_port) + 2),
221 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
222 offsetof(struct bpf_sk_lookup, local_port) + 3),
223 /* 2-byte read from local_port field */
224 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
225 offsetof(struct bpf_sk_lookup, local_port)),
226 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
227 offsetof(struct bpf_sk_lookup, local_port) + 2),
228 /* 4-byte read from local_port field */
229 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
230 offsetof(struct bpf_sk_lookup, local_port)),
231
232 /* 1-byte read from ingress_ifindex field */
233 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
234 offsetof(struct bpf_sk_lookup, ingress_ifindex)),
235 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
236 offsetof(struct bpf_sk_lookup, ingress_ifindex) + 1),
237 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
238 offsetof(struct bpf_sk_lookup, ingress_ifindex) + 2),
239 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
240 offsetof(struct bpf_sk_lookup, ingress_ifindex) + 3),
241 /* 2-byte read from ingress_ifindex field */
242 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
243 offsetof(struct bpf_sk_lookup, ingress_ifindex)),
244 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
245 offsetof(struct bpf_sk_lookup, ingress_ifindex) + 2),
246 /* 4-byte read from ingress_ifindex field */
247 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
248 offsetof(struct bpf_sk_lookup, ingress_ifindex)),
249
250 /* 8-byte read from sk field */
251 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
252 offsetof(struct bpf_sk_lookup, sk)),
253
254 BPF_MOV32_IMM(BPF_REG_0, 0),
255 BPF_EXIT_INSN(),
256 },
257 .result = ACCEPT,
258 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
259 .expected_attach_type = BPF_SK_LOOKUP,
260 .runs = -1,
261 },
262 /* invalid 8-byte reads from a 4-byte fields in bpf_sk_lookup */
263 {
264 "invalid 8-byte read from bpf_sk_lookup family field",
265 .insns = {
266 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
267 offsetof(struct bpf_sk_lookup, family)),
268 BPF_MOV32_IMM(BPF_REG_0, 0),
269 BPF_EXIT_INSN(),
270 },
271 .errstr = "invalid bpf_context access",
272 .result = REJECT,
273 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
274 .expected_attach_type = BPF_SK_LOOKUP,
275 },
276 {
277 "invalid 8-byte read from bpf_sk_lookup protocol field",
278 .insns = {
279 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
280 offsetof(struct bpf_sk_lookup, protocol)),
281 BPF_MOV32_IMM(BPF_REG_0, 0),
282 BPF_EXIT_INSN(),
283 },
284 .errstr = "invalid bpf_context access",
285 .result = REJECT,
286 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
287 .expected_attach_type = BPF_SK_LOOKUP,
288 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
289 },
290 {
291 "invalid 8-byte read from bpf_sk_lookup remote_ip4 field",
292 .insns = {
293 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
294 offsetof(struct bpf_sk_lookup, remote_ip4)),
295 BPF_MOV32_IMM(BPF_REG_0, 0),
296 BPF_EXIT_INSN(),
297 },
298 .errstr = "invalid bpf_context access",
299 .result = REJECT,
300 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
301 .expected_attach_type = BPF_SK_LOOKUP,
302 },
303 {
304 "invalid 8-byte read from bpf_sk_lookup remote_ip6 field",
305 .insns = {
306 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
307 offsetof(struct bpf_sk_lookup, remote_ip6)),
308 BPF_MOV32_IMM(BPF_REG_0, 0),
309 BPF_EXIT_INSN(),
310 },
311 .errstr = "invalid bpf_context access",
312 .result = REJECT,
313 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
314 .expected_attach_type = BPF_SK_LOOKUP,
315 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
316 },
317 {
318 "invalid 8-byte read from bpf_sk_lookup remote_port field",
319 .insns = {
320 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
321 offsetof(struct bpf_sk_lookup, remote_port)),
322 BPF_MOV32_IMM(BPF_REG_0, 0),
323 BPF_EXIT_INSN(),
324 },
325 .errstr = "invalid bpf_context access",
326 .result = REJECT,
327 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
328 .expected_attach_type = BPF_SK_LOOKUP,
329 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
330 },
331 {
332 "invalid 8-byte read from bpf_sk_lookup local_ip4 field",
333 .insns = {
334 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
335 offsetof(struct bpf_sk_lookup, local_ip4)),
336 BPF_MOV32_IMM(BPF_REG_0, 0),
337 BPF_EXIT_INSN(),
338 },
339 .errstr = "invalid bpf_context access",
340 .result = REJECT,
341 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
342 .expected_attach_type = BPF_SK_LOOKUP,
343 },
344 {
345 "invalid 8-byte read from bpf_sk_lookup local_ip6 field",
346 .insns = {
347 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
348 offsetof(struct bpf_sk_lookup, local_ip6)),
349 BPF_MOV32_IMM(BPF_REG_0, 0),
350 BPF_EXIT_INSN(),
351 },
352 .errstr = "invalid bpf_context access",
353 .result = REJECT,
354 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
355 .expected_attach_type = BPF_SK_LOOKUP,
356 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
357 },
358 {
359 "invalid 8-byte read from bpf_sk_lookup local_port field",
360 .insns = {
361 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
362 offsetof(struct bpf_sk_lookup, local_port)),
363 BPF_MOV32_IMM(BPF_REG_0, 0),
364 BPF_EXIT_INSN(),
365 },
366 .errstr = "invalid bpf_context access",
367 .result = REJECT,
368 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
369 .expected_attach_type = BPF_SK_LOOKUP,
370 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
371 },
372 {
373 "invalid 8-byte read from bpf_sk_lookup ingress_ifindex field",
374 .insns = {
375 BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
376 offsetof(struct bpf_sk_lookup, ingress_ifindex)),
377 BPF_MOV32_IMM(BPF_REG_0, 0),
378 BPF_EXIT_INSN(),
379 },
380 .errstr = "invalid bpf_context access",
381 .result = REJECT,
382 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
383 .expected_attach_type = BPF_SK_LOOKUP,
384 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
385 },
386 /* invalid 1,2,4-byte reads from 8-byte fields in bpf_sk_lookup */
387 {
388 "invalid 4-byte read from bpf_sk_lookup sk field",
389 .insns = {
390 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
391 offsetof(struct bpf_sk_lookup, sk)),
392 BPF_MOV32_IMM(BPF_REG_0, 0),
393 BPF_EXIT_INSN(),
394 },
395 .errstr = "invalid bpf_context access",
396 .result = REJECT,
397 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
398 .expected_attach_type = BPF_SK_LOOKUP,
399 },
400 {
401 "invalid 2-byte read from bpf_sk_lookup sk field",
402 .insns = {
403 BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_1,
404 offsetof(struct bpf_sk_lookup, sk)),
405 BPF_MOV32_IMM(BPF_REG_0, 0),
406 BPF_EXIT_INSN(),
407 },
408 .errstr = "invalid bpf_context access",
409 .result = REJECT,
410 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
411 .expected_attach_type = BPF_SK_LOOKUP,
412 },
413 {
414 "invalid 1-byte read from bpf_sk_lookup sk field",
415 .insns = {
416 BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_1,
417 offsetof(struct bpf_sk_lookup, sk)),
418 BPF_MOV32_IMM(BPF_REG_0, 0),
419 BPF_EXIT_INSN(),
420 },
421 .errstr = "invalid bpf_context access",
422 .result = REJECT,
423 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
424 .expected_attach_type = BPF_SK_LOOKUP,
425 },
426 /* out of bounds and unaligned reads from bpf_sk_lookup */
427 {
428 "invalid 4-byte read past end of bpf_sk_lookup",
429 .insns = {
430 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
431 sizeof(struct bpf_sk_lookup)),
432 BPF_MOV32_IMM(BPF_REG_0, 0),
433 BPF_EXIT_INSN(),
434 },
435 .errstr = "invalid bpf_context access",
436 .result = REJECT,
437 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
438 .expected_attach_type = BPF_SK_LOOKUP,
439 },
440 {
441 "invalid 4-byte unaligned read from bpf_sk_lookup at odd offset",
442 .insns = {
443 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 1),
444 BPF_MOV32_IMM(BPF_REG_0, 0),
445 BPF_EXIT_INSN(),
446 },
447 .errstr = "invalid bpf_context access",
448 .result = REJECT,
449 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
450 .expected_attach_type = BPF_SK_LOOKUP,
451 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
452 },
453 {
454 "invalid 4-byte unaligned read from bpf_sk_lookup at even offset",
455 .insns = {
456 BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1, 2),
457 BPF_MOV32_IMM(BPF_REG_0, 0),
458 BPF_EXIT_INSN(),
459 },
460 .errstr = "invalid bpf_context access",
461 .result = REJECT,
462 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
463 .expected_attach_type = BPF_SK_LOOKUP,
464 .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
465 },
466 /* in-bound and out-of-bound writes to bpf_sk_lookup */
467 {
468 "invalid 8-byte write to bpf_sk_lookup",
469 .insns = {
470 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
471 BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_0, 0),
472 BPF_MOV32_IMM(BPF_REG_0, 0),
473 BPF_EXIT_INSN(),
474 },
475 .errstr = "invalid bpf_context access",
476 .result = REJECT,
477 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
478 .expected_attach_type = BPF_SK_LOOKUP,
479 },
480 {
481 "invalid 4-byte write to bpf_sk_lookup",
482 .insns = {
483 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
484 BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_0, 0),
485 BPF_MOV32_IMM(BPF_REG_0, 0),
486 BPF_EXIT_INSN(),
487 },
488 .errstr = "invalid bpf_context access",
489 .result = REJECT,
490 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
491 .expected_attach_type = BPF_SK_LOOKUP,
492 },
493 {
494 "invalid 2-byte write to bpf_sk_lookup",
495 .insns = {
496 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
497 BPF_STX_MEM(BPF_H, BPF_REG_1, BPF_REG_0, 0),
498 BPF_MOV32_IMM(BPF_REG_0, 0),
499 BPF_EXIT_INSN(),
500 },
501 .errstr = "invalid bpf_context access",
502 .result = REJECT,
503 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
504 .expected_attach_type = BPF_SK_LOOKUP,
505 },
506 {
507 "invalid 1-byte write to bpf_sk_lookup",
508 .insns = {
509 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
510 BPF_STX_MEM(BPF_B, BPF_REG_1, BPF_REG_0, 0),
511 BPF_MOV32_IMM(BPF_REG_0, 0),
512 BPF_EXIT_INSN(),
513 },
514 .errstr = "invalid bpf_context access",
515 .result = REJECT,
516 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
517 .expected_attach_type = BPF_SK_LOOKUP,
518 },
519 {
520 "invalid 4-byte write past end of bpf_sk_lookup",
521 .insns = {
522 BPF_MOV64_IMM(BPF_REG_0, 0xcafe4a11U),
523 BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_0,
524 sizeof(struct bpf_sk_lookup)),
525 BPF_MOV32_IMM(BPF_REG_0, 0),
526 BPF_EXIT_INSN(),
527 },
528 .errstr = "invalid bpf_context access",
529 .result = REJECT,
530 .prog_type = BPF_PROG_TYPE_SK_LOOKUP,
531 .expected_attach_type = BPF_SK_LOOKUP,
532 },
533
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.