diff mbox series

[v4,5/5] selftests/bpf: Add selftests for set_mempolicy with a lsm prog

Message ID 20231208090622.4309-6-laoar.shao@gmail.com (mailing list archive)
State Superseded
Delegated to: Paul Moore
Headers show
Series mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf | expand

Commit Message

Yafang Shao Dec. 8, 2023, 9:06 a.m. UTC 
The result as follows,
  #263/1   set_mempolicy/MPOL_BIND_without_lsm:OK
  #263/2   set_mempolicy/MPOL_DEFAULT_without_lsm:OK
  #263/3   set_mempolicy/MPOL_BIND_with_lsm:OK
  #263/4   set_mempolicy/MPOL_DEFAULT_with_lsm:OK
  #263     set_mempolicy:OK
  Summary: 1/4 PASSED, 0 SKIPPED, 0 FAILED

Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
---
 .../selftests/bpf/prog_tests/set_mempolicy.c       | 81 ++++++++++++++++++++++
 .../selftests/bpf/progs/test_set_mempolicy.c       | 28 ++++++++
 2 files changed, 109 insertions(+)
 create mode 100644 tools/testing/selftests/bpf/prog_tests/set_mempolicy.c
 create mode 100644 tools/testing/selftests/bpf/progs/test_set_mempolicy.c

Comments

KP Singh Dec. 12, 2023, 7:22 p.m. UTC | #1 
On Fri, Dec 8, 2023 at 10:06 AM Yafang Shao <laoar.shao@gmail.com> wrote:
>
> The result as follows,
>   #263/1   set_mempolicy/MPOL_BIND_without_lsm:OK
>   #263/2   set_mempolicy/MPOL_DEFAULT_without_lsm:OK
>   #263/3   set_mempolicy/MPOL_BIND_with_lsm:OK
>   #263/4   set_mempolicy/MPOL_DEFAULT_with_lsm:OK
>   #263     set_mempolicy:OK
>   Summary: 1/4 PASSED, 0 SKIPPED, 0 FAILED

Please write a commit description on what the test actually does. I
even think of something simple that mentions a BPF LSM program that
denies all mbind with the mode MPOL_BIND and checks whether the
corresponding syscall is denied when the program is loaded.


>
> Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
> ---
>  .../selftests/bpf/prog_tests/set_mempolicy.c       | 81 ++++++++++++++++++++++
>  .../selftests/bpf/progs/test_set_mempolicy.c       | 28 ++++++++
>  2 files changed, 109 insertions(+)
>  create mode 100644 tools/testing/selftests/bpf/prog_tests/set_mempolicy.c
>  create mode 100644 tools/testing/selftests/bpf/progs/test_set_mempolicy.c
>
> diff --git a/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c
> new file mode 100644
> index 0000000..736b5e3
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c
> @@ -0,0 +1,81 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/* Copyright (C) 2023 Yafang Shao <laoar.shao@gmail.com> */
> +
> +#include <unistd.h>
> +#include <sys/types.h>
> +#include <sys/mman.h>
> +#include <linux/mempolicy.h>
> +#include <test_progs.h>
> +#include "test_set_mempolicy.skel.h"
> +
> +#define SIZE 4096
> +
> +static void mempolicy_bind(bool success)
> +{
> +       unsigned long mask = 1;
> +       char *addr;
> +       int err;
> +
> +       addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
> +       if (!ASSERT_OK_PTR(addr, "mmap"))
> +               return;
> +
> +       /* -lnuma is required by mbind(2), so use __NR_mbind to avoid the dependency. */
> +       err = syscall(__NR_mbind, addr, SIZE, MPOL_BIND, &mask, sizeof(mask), 0);
> +       if (success)
> +               ASSERT_OK(err, "mbind_success");
> +       else
> +               ASSERT_ERR(err, "mbind_fail");
> +
> +       munmap(addr, SIZE);
> +}
> +
> +static void mempolicy_default(void)
> +{
> +       char *addr;
> +       int err;
> +
> +       addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
> +       if (!ASSERT_OK_PTR(addr, "mmap"))
> +               return;
> +
> +       err = syscall(__NR_mbind, addr, SIZE, MPOL_DEFAULT, NULL, 0, 0);
> +       ASSERT_OK(err, "mbind_success");
> +
> +       munmap(addr, SIZE);
> +}
> +
> +void test_set_mempolicy(void)
> +{
> +       struct test_set_mempolicy *skel;
> +       int err;
> +
> +       skel = test_set_mempolicy__open();
> +       if (!ASSERT_OK_PTR(skel, "open"))
> +               return;
> +
> +       skel->bss->target_pid = getpid();
> +
> +       err = test_set_mempolicy__load(skel);
> +       if (!ASSERT_OK(err, "load"))
> +               goto destroy;
> +
> +       if (test__start_subtest("MPOL_BIND_without_lsm"))
> +               mempolicy_bind(true);
> +       if (test__start_subtest("MPOL_DEFAULT_without_lsm"))
> +               mempolicy_default();
> +
> +       /* Attach LSM prog first */
> +       err = test_set_mempolicy__attach(skel);
> +       if (!ASSERT_OK(err, "attach"))
> +               goto destroy;
> +
> +       /* syscall to adjust memory policy */
> +       if (test__start_subtest("MPOL_BIND_with_lsm"))
> +               mempolicy_bind(false);
> +       if (test__start_subtest("MPOL_DEFAULT_with_lsm"))
> +               mempolicy_default();
> +
> +destroy:
> +       test_set_mempolicy__destroy(skel);
> +}
> diff --git a/tools/testing/selftests/bpf/progs/test_set_mempolicy.c b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c
> new file mode 100644
> index 0000000..b5356d5
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c
> @@ -0,0 +1,28 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/* Copyright (C) 2023 Yafang Shao <laoar.shao@gmail.com> */
> +
> +#include "vmlinux.h"
> +#include <bpf/bpf_helpers.h>
> +#include <bpf/bpf_tracing.h>
> +
> +int target_pid;
> +
> +static int mem_policy_adjustment(u64 mode)
> +{
> +       struct task_struct *task = bpf_get_current_task_btf();
> +
> +       if (task->pid != target_pid)
> +               return 0;
> +
> +       if (mode != MPOL_BIND)
> +               return 0;
> +       return -1;
> +}
> +
> +SEC("lsm/set_mempolicy")
> +int BPF_PROG(setmempolicy, u64 mode, u16 mode_flags, nodemask_t *nmask, u32 flags)
> +{
> +       return mem_policy_adjustment(mode);
> +}
> +
> +char _license[] SEC("license") = "GPL";
> --
> 1.8.3.1
>
>
Yafang Shao Dec. 13, 2023, 3:08 a.m. UTC | #2 
On Wed, Dec 13, 2023 at 3:22 AM KP Singh <kpsingh@kernel.org> wrote:
>
> On Fri, Dec 8, 2023 at 10:06 AM Yafang Shao <laoar.shao@gmail.com> wrote:
> >
> > The result as follows,
> >   #263/1   set_mempolicy/MPOL_BIND_without_lsm:OK
> >   #263/2   set_mempolicy/MPOL_DEFAULT_without_lsm:OK
> >   #263/3   set_mempolicy/MPOL_BIND_with_lsm:OK
> >   #263/4   set_mempolicy/MPOL_DEFAULT_with_lsm:OK
> >   #263     set_mempolicy:OK
> >   Summary: 1/4 PASSED, 0 SKIPPED, 0 FAILED
>
> Please write a commit description on what the test actually does. I

will do it.

> even think of something simple that mentions a BPF LSM program that
> denies all mbind with the mode MPOL_BIND and checks whether the
> corresponding syscall is denied when the program is loaded.

It does. Additionally, it verifies whether the mbind syscall is denied
with different modes, such as MPOL_DEFAULT."
diff mbox series

Patch

diff --git a/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c
new file mode 100644
index 0000000..736b5e3
--- /dev/null
+++ b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c
@@ -0,0 +1,81 @@ 
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright (C) 2023 Yafang Shao <laoar.shao@gmail.com> */
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/mman.h>
+#include <linux/mempolicy.h>
+#include <test_progs.h>
+#include "test_set_mempolicy.skel.h"
+
+#define SIZE 4096
+
+static void mempolicy_bind(bool success)
+{
+	unsigned long mask = 1;
+	char *addr;
+	int err;
+
+	addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+	if (!ASSERT_OK_PTR(addr, "mmap"))
+		return;
+
+	/* -lnuma is required by mbind(2), so use __NR_mbind to avoid the dependency. */
+	err = syscall(__NR_mbind, addr, SIZE, MPOL_BIND, &mask, sizeof(mask), 0);
+	if (success)
+		ASSERT_OK(err, "mbind_success");
+	else
+		ASSERT_ERR(err, "mbind_fail");
+
+	munmap(addr, SIZE);
+}
+
+static void mempolicy_default(void)
+{
+	char *addr;
+	int err;
+
+	addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+	if (!ASSERT_OK_PTR(addr, "mmap"))
+		return;
+
+	err = syscall(__NR_mbind, addr, SIZE, MPOL_DEFAULT, NULL, 0, 0);
+	ASSERT_OK(err, "mbind_success");
+
+	munmap(addr, SIZE);
+}
+
+void test_set_mempolicy(void)
+{
+	struct test_set_mempolicy *skel;
+	int err;
+
+	skel = test_set_mempolicy__open();
+	if (!ASSERT_OK_PTR(skel, "open"))
+		return;
+
+	skel->bss->target_pid = getpid();
+
+	err = test_set_mempolicy__load(skel);
+	if (!ASSERT_OK(err, "load"))
+		goto destroy;
+
+	if (test__start_subtest("MPOL_BIND_without_lsm"))
+		mempolicy_bind(true);
+	if (test__start_subtest("MPOL_DEFAULT_without_lsm"))
+		mempolicy_default();
+
+	/* Attach LSM prog first */
+	err = test_set_mempolicy__attach(skel);
+	if (!ASSERT_OK(err, "attach"))
+		goto destroy;
+
+	/* syscall to adjust memory policy */
+	if (test__start_subtest("MPOL_BIND_with_lsm"))
+		mempolicy_bind(false);
+	if (test__start_subtest("MPOL_DEFAULT_with_lsm"))
+		mempolicy_default();
+
+destroy:
+	test_set_mempolicy__destroy(skel);
+}
diff --git a/tools/testing/selftests/bpf/progs/test_set_mempolicy.c b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c
new file mode 100644
index 0000000..b5356d5
--- /dev/null
+++ b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c
@@ -0,0 +1,28 @@ 
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright (C) 2023 Yafang Shao <laoar.shao@gmail.com> */
+
+#include "vmlinux.h"
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+
+int target_pid;
+
+static int mem_policy_adjustment(u64 mode)
+{
+	struct task_struct *task = bpf_get_current_task_btf();
+
+	if (task->pid != target_pid)
+		return 0;
+
+	if (mode != MPOL_BIND)
+		return 0;
+	return -1;
+}
+
+SEC("lsm/set_mempolicy")
+int BPF_PROG(setmempolicy, u64 mode, u16 mode_flags, nodemask_t *nmask, u32 flags)
+{
+	return mem_policy_adjustment(mode);
+}
+
+char _license[] SEC("license") = "GPL";