• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Testsuite for eBPF verifier
4  *
5  * Copyright (c) 2014 PLUMgrid, http://plumgrid.com
6  * Copyright (c) 2017 Facebook
7  * Copyright (c) 2018 Covalent IO, Inc. http://covalent.io
8  */
9 
10 #include <endian.h>
11 #include <asm/types.h>
12 #include <linux/types.h>
13 #include <stdint.h>
14 #include <stdio.h>
15 #include <stdlib.h>
16 #include <unistd.h>
17 #include <errno.h>
18 #include <string.h>
19 #include <stddef.h>
20 #include <stdbool.h>
21 #include <sched.h>
22 #include <limits.h>
23 #include <assert.h>
24 
25 #include <sys/capability.h>
26 
27 #include <linux/unistd.h>
28 #include <linux/filter.h>
29 #include <linux/bpf_perf_event.h>
30 #include <linux/bpf.h>
31 #include <linux/if_ether.h>
32 #include <linux/btf.h>
33 
34 #include <bpf/bpf.h>
35 #include <bpf/libbpf.h>
36 
37 #ifdef HAVE_GENHDR
38 # include "autoconf.h"
39 #else
40 # if defined(__i386) || defined(__x86_64) || defined(__s390x__) || defined(__aarch64__)
41 #  define CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS 1
42 # endif
43 #endif
44 #include "bpf_rlimit.h"
45 #include "bpf_rand.h"
46 #include "bpf_util.h"
47 #include "test_btf.h"
48 #include "../../../include/linux/filter.h"
49 
50 #define MAX_INSNS	BPF_MAXINSNS
51 #define MAX_TEST_INSNS	1000000
52 #define MAX_FIXUPS	8
53 #define MAX_NR_MAPS	19
54 #define MAX_TEST_RUNS	8
55 #define POINTER_VALUE	0xcafe4all
56 #define TEST_DATA_LEN	64
57 
58 #define F_NEEDS_EFFICIENT_UNALIGNED_ACCESS	(1 << 0)
59 #define F_LOAD_WITH_STRICT_ALIGNMENT		(1 << 1)
60 
61 #define UNPRIV_SYSCTL "kernel/unprivileged_bpf_disabled"
62 static bool unpriv_disabled = false;
63 static int skips;
64 static bool verbose = false;
65 
66 struct bpf_test {
67 	const char *descr;
68 	struct bpf_insn	insns[MAX_INSNS];
69 	struct bpf_insn	*fill_insns;
70 	int fixup_map_hash_8b[MAX_FIXUPS];
71 	int fixup_map_hash_48b[MAX_FIXUPS];
72 	int fixup_map_hash_16b[MAX_FIXUPS];
73 	int fixup_map_array_48b[MAX_FIXUPS];
74 	int fixup_map_sockmap[MAX_FIXUPS];
75 	int fixup_map_sockhash[MAX_FIXUPS];
76 	int fixup_map_xskmap[MAX_FIXUPS];
77 	int fixup_map_stacktrace[MAX_FIXUPS];
78 	int fixup_prog1[MAX_FIXUPS];
79 	int fixup_prog2[MAX_FIXUPS];
80 	int fixup_map_in_map[MAX_FIXUPS];
81 	int fixup_cgroup_storage[MAX_FIXUPS];
82 	int fixup_percpu_cgroup_storage[MAX_FIXUPS];
83 	int fixup_map_spin_lock[MAX_FIXUPS];
84 	int fixup_map_array_ro[MAX_FIXUPS];
85 	int fixup_map_array_wo[MAX_FIXUPS];
86 	int fixup_map_array_small[MAX_FIXUPS];
87 	int fixup_sk_storage_map[MAX_FIXUPS];
88 	int fixup_map_event_output[MAX_FIXUPS];
89 	const char *errstr;
90 	const char *errstr_unpriv;
91 	uint32_t insn_processed;
92 	int prog_len;
93 	enum {
94 		UNDEF,
95 		ACCEPT,
96 		REJECT,
97 		VERBOSE_ACCEPT,
98 	} result, result_unpriv;
99 	enum bpf_prog_type prog_type;
100 	uint8_t flags;
101 	void (*fill_helper)(struct bpf_test *self);
102 	uint8_t runs;
103 #define bpf_testdata_struct_t					\
104 	struct {						\
105 		uint32_t retval, retval_unpriv;			\
106 		union {						\
107 			__u8 data[TEST_DATA_LEN];		\
108 			__u64 data64[TEST_DATA_LEN / 8];	\
109 		};						\
110 	}
111 	union {
112 		bpf_testdata_struct_t;
113 		bpf_testdata_struct_t retvals[MAX_TEST_RUNS];
114 	};
115 	enum bpf_attach_type expected_attach_type;
116 };
117 
118 /* Note we want this to be 64 bit aligned so that the end of our array is
119  * actually the end of the structure.
120  */
121 #define MAX_ENTRIES 11
122 
123 struct test_val {
124 	unsigned int index;
125 	int foo[MAX_ENTRIES];
126 };
127 
128 struct other_val {
129 	long long foo;
130 	long long bar;
131 };
132 
bpf_fill_ld_abs_vlan_push_pop(struct bpf_test * self)133 static void bpf_fill_ld_abs_vlan_push_pop(struct bpf_test *self)
134 {
135 	/* test: {skb->data[0], vlan_push} x 51 + {skb->data[0], vlan_pop} x 51 */
136 #define PUSH_CNT 51
137 	/* jump range is limited to 16 bit. PUSH_CNT of ld_abs needs room */
138 	unsigned int len = (1 << 15) - PUSH_CNT * 2 * 5 * 6;
139 	struct bpf_insn *insn = self->fill_insns;
140 	int i = 0, j, k = 0;
141 
142 	insn[i++] = BPF_MOV64_REG(BPF_REG_6, BPF_REG_1);
143 loop:
144 	for (j = 0; j < PUSH_CNT; j++) {
145 		insn[i++] = BPF_LD_ABS(BPF_B, 0);
146 		/* jump to error label */
147 		insn[i] = BPF_JMP32_IMM(BPF_JNE, BPF_REG_0, 0x34, len - i - 3);
148 		i++;
149 		insn[i++] = BPF_MOV64_REG(BPF_REG_1, BPF_REG_6);
150 		insn[i++] = BPF_MOV64_IMM(BPF_REG_2, 1);
151 		insn[i++] = BPF_MOV64_IMM(BPF_REG_3, 2);
152 		insn[i++] = BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
153 					 BPF_FUNC_skb_vlan_push),
154 		insn[i] = BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, len - i - 3);
155 		i++;
156 	}
157 
158 	for (j = 0; j < PUSH_CNT; j++) {
159 		insn[i++] = BPF_LD_ABS(BPF_B, 0);
160 		insn[i] = BPF_JMP32_IMM(BPF_JNE, BPF_REG_0, 0x34, len - i - 3);
161 		i++;
162 		insn[i++] = BPF_MOV64_REG(BPF_REG_1, BPF_REG_6);
163 		insn[i++] = BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
164 					 BPF_FUNC_skb_vlan_pop),
165 		insn[i] = BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, len - i - 3);
166 		i++;
167 	}
168 	if (++k < 5)
169 		goto loop;
170 
171 	for (; i < len - 3; i++)
172 		insn[i] = BPF_ALU64_IMM(BPF_MOV, BPF_REG_0, 0xbef);
173 	insn[len - 3] = BPF_JMP_A(1);
174 	/* error label */
175 	insn[len - 2] = BPF_MOV32_IMM(BPF_REG_0, 0);
176 	insn[len - 1] = BPF_EXIT_INSN();
177 	self->prog_len = len;
178 }
179 
bpf_fill_jump_around_ld_abs(struct bpf_test * self)180 static void bpf_fill_jump_around_ld_abs(struct bpf_test *self)
181 {
182 	struct bpf_insn *insn = self->fill_insns;
183 	/* jump range is limited to 16 bit. every ld_abs is replaced by 6 insns,
184 	 * but on arches like arm, ppc etc, there will be one BPF_ZEXT inserted
185 	 * to extend the error value of the inlined ld_abs sequence which then
186 	 * contains 7 insns. so, set the dividend to 7 so the testcase could
187 	 * work on all arches.
188 	 */
189 	unsigned int len = (1 << 15) / 7;
190 	int i = 0;
191 
192 	insn[i++] = BPF_MOV64_REG(BPF_REG_6, BPF_REG_1);
193 	insn[i++] = BPF_LD_ABS(BPF_B, 0);
194 	insn[i] = BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 10, len - i - 2);
195 	i++;
196 	while (i < len - 1)
197 		insn[i++] = BPF_LD_ABS(BPF_B, 1);
198 	insn[i] = BPF_EXIT_INSN();
199 	self->prog_len = i + 1;
200 }
201 
bpf_fill_rand_ld_dw(struct bpf_test * self)202 static void bpf_fill_rand_ld_dw(struct bpf_test *self)
203 {
204 	struct bpf_insn *insn = self->fill_insns;
205 	uint64_t res = 0;
206 	int i = 0;
207 
208 	insn[i++] = BPF_MOV32_IMM(BPF_REG_0, 0);
209 	while (i < self->retval) {
210 		uint64_t val = bpf_semi_rand_get();
211 		struct bpf_insn tmp[2] = { BPF_LD_IMM64(BPF_REG_1, val) };
212 
213 		res ^= val;
214 		insn[i++] = tmp[0];
215 		insn[i++] = tmp[1];
216 		insn[i++] = BPF_ALU64_REG(BPF_XOR, BPF_REG_0, BPF_REG_1);
217 	}
218 	insn[i++] = BPF_MOV64_REG(BPF_REG_1, BPF_REG_0);
219 	insn[i++] = BPF_ALU64_IMM(BPF_RSH, BPF_REG_1, 32);
220 	insn[i++] = BPF_ALU64_REG(BPF_XOR, BPF_REG_0, BPF_REG_1);
221 	insn[i] = BPF_EXIT_INSN();
222 	self->prog_len = i + 1;
223 	res ^= (res >> 32);
224 	self->retval = (uint32_t)res;
225 }
226 
227 #define MAX_JMP_SEQ 8192
228 
229 /* test the sequence of 8k jumps */
bpf_fill_scale1(struct bpf_test * self)230 static void bpf_fill_scale1(struct bpf_test *self)
231 {
232 	struct bpf_insn *insn = self->fill_insns;
233 	int i = 0, k = 0;
234 
235 	insn[i++] = BPF_MOV64_REG(BPF_REG_6, BPF_REG_1);
236 	/* test to check that the long sequence of jumps is acceptable */
237 	while (k++ < MAX_JMP_SEQ) {
238 		insn[i++] = BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
239 					 BPF_FUNC_get_prandom_u32);
240 		insn[i++] = BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, bpf_semi_rand_get(), 2);
241 		insn[i++] = BPF_MOV64_REG(BPF_REG_1, BPF_REG_10);
242 		insn[i++] = BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_6,
243 					-8 * (k % 64 + 1));
244 	}
245 	/* is_state_visited() doesn't allocate state for pruning for every jump.
246 	 * Hence multiply jmps by 4 to accommodate that heuristic
247 	 */
248 	while (i < MAX_TEST_INSNS - MAX_JMP_SEQ * 4)
249 		insn[i++] = BPF_ALU64_IMM(BPF_MOV, BPF_REG_0, 42);
250 	insn[i] = BPF_EXIT_INSN();
251 	self->prog_len = i + 1;
252 	self->retval = 42;
253 }
254 
255 /* test the sequence of 8k jumps in inner most function (function depth 8)*/
bpf_fill_scale2(struct bpf_test * self)256 static void bpf_fill_scale2(struct bpf_test *self)
257 {
258 	struct bpf_insn *insn = self->fill_insns;
259 	int i = 0, k = 0;
260 
261 #define FUNC_NEST 7
262 	for (k = 0; k < FUNC_NEST; k++) {
263 		insn[i++] = BPF_CALL_REL(1);
264 		insn[i++] = BPF_EXIT_INSN();
265 	}
266 	insn[i++] = BPF_MOV64_REG(BPF_REG_6, BPF_REG_1);
267 	/* test to check that the long sequence of jumps is acceptable */
268 	k = 0;
269 	while (k++ < MAX_JMP_SEQ) {
270 		insn[i++] = BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
271 					 BPF_FUNC_get_prandom_u32);
272 		insn[i++] = BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, bpf_semi_rand_get(), 2);
273 		insn[i++] = BPF_MOV64_REG(BPF_REG_1, BPF_REG_10);
274 		insn[i++] = BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_6,
275 					-8 * (k % (64 - 4 * FUNC_NEST) + 1));
276 	}
277 	while (i < MAX_TEST_INSNS - MAX_JMP_SEQ * 4)
278 		insn[i++] = BPF_ALU64_IMM(BPF_MOV, BPF_REG_0, 42);
279 	insn[i] = BPF_EXIT_INSN();
280 	self->prog_len = i + 1;
281 	self->retval = 42;
282 }
283 
bpf_fill_scale(struct bpf_test * self)284 static void bpf_fill_scale(struct bpf_test *self)
285 {
286 	switch (self->retval) {
287 	case 1:
288 		return bpf_fill_scale1(self);
289 	case 2:
290 		return bpf_fill_scale2(self);
291 	default:
292 		self->prog_len = 0;
293 		break;
294 	}
295 }
296 
297 /* BPF_SK_LOOKUP contains 13 instructions, if you need to fix up maps */
298 #define BPF_SK_LOOKUP(func)						\
299 	/* struct bpf_sock_tuple tuple = {} */				\
300 	BPF_MOV64_IMM(BPF_REG_2, 0),					\
301 	BPF_STX_MEM(BPF_W, BPF_REG_10, BPF_REG_2, -8),			\
302 	BPF_STX_MEM(BPF_DW, BPF_REG_10, BPF_REG_2, -16),		\
303 	BPF_STX_MEM(BPF_DW, BPF_REG_10, BPF_REG_2, -24),		\
304 	BPF_STX_MEM(BPF_DW, BPF_REG_10, BPF_REG_2, -32),		\
305 	BPF_STX_MEM(BPF_DW, BPF_REG_10, BPF_REG_2, -40),		\
306 	BPF_STX_MEM(BPF_DW, BPF_REG_10, BPF_REG_2, -48),		\
307 	/* sk = func(ctx, &tuple, sizeof tuple, 0, 0) */		\
308 	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),				\
309 	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -48),				\
310 	BPF_MOV64_IMM(BPF_REG_3, sizeof(struct bpf_sock_tuple)),	\
311 	BPF_MOV64_IMM(BPF_REG_4, 0),					\
312 	BPF_MOV64_IMM(BPF_REG_5, 0),					\
313 	BPF_EMIT_CALL(BPF_FUNC_ ## func)
314 
315 /* BPF_DIRECT_PKT_R2 contains 7 instructions, it initializes default return
316  * value into 0 and does necessary preparation for direct packet access
317  * through r2. The allowed access range is 8 bytes.
318  */
319 #define BPF_DIRECT_PKT_R2						\
320 	BPF_MOV64_IMM(BPF_REG_0, 0),					\
321 	BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1,			\
322 		    offsetof(struct __sk_buff, data)),			\
323 	BPF_LDX_MEM(BPF_W, BPF_REG_3, BPF_REG_1,			\
324 		    offsetof(struct __sk_buff, data_end)),		\
325 	BPF_MOV64_REG(BPF_REG_4, BPF_REG_2),				\
326 	BPF_ALU64_IMM(BPF_ADD, BPF_REG_4, 8),				\
327 	BPF_JMP_REG(BPF_JLE, BPF_REG_4, BPF_REG_3, 1),			\
328 	BPF_EXIT_INSN()
329 
330 /* BPF_RAND_UEXT_R7 contains 4 instructions, it initializes R7 into a random
331  * positive u32, and zero-extend it into 64-bit.
332  */
333 #define BPF_RAND_UEXT_R7						\
334 	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,			\
335 		     BPF_FUNC_get_prandom_u32),				\
336 	BPF_MOV64_REG(BPF_REG_7, BPF_REG_0),				\
337 	BPF_ALU64_IMM(BPF_LSH, BPF_REG_7, 33),				\
338 	BPF_ALU64_IMM(BPF_RSH, BPF_REG_7, 33)
339 
340 /* BPF_RAND_SEXT_R7 contains 5 instructions, it initializes R7 into a random
341  * negative u32, and sign-extend it into 64-bit.
342  */
343 #define BPF_RAND_SEXT_R7						\
344 	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,			\
345 		     BPF_FUNC_get_prandom_u32),				\
346 	BPF_MOV64_REG(BPF_REG_7, BPF_REG_0),				\
347 	BPF_ALU64_IMM(BPF_OR, BPF_REG_7, 0x80000000),			\
348 	BPF_ALU64_IMM(BPF_LSH, BPF_REG_7, 32),				\
349 	BPF_ALU64_IMM(BPF_ARSH, BPF_REG_7, 32)
350 
351 static struct bpf_test tests[] = {
352 #define FILL_ARRAY
353 #include <verifier/tests.h>
354 #undef FILL_ARRAY
355 };
356 
probe_filter_length(const struct bpf_insn * fp)357 static int probe_filter_length(const struct bpf_insn *fp)
358 {
359 	int len;
360 
361 	for (len = MAX_INSNS - 1; len > 0; --len)
362 		if (fp[len].code != 0 || fp[len].imm != 0)
363 			break;
364 	return len + 1;
365 }
366 
skip_unsupported_map(enum bpf_map_type map_type)367 static bool skip_unsupported_map(enum bpf_map_type map_type)
368 {
369 	if (!bpf_probe_map_type(map_type, 0)) {
370 		printf("SKIP (unsupported map type %d)\n", map_type);
371 		skips++;
372 		return true;
373 	}
374 	return false;
375 }
376 
__create_map(uint32_t type,uint32_t size_key,uint32_t size_value,uint32_t max_elem,uint32_t extra_flags)377 static int __create_map(uint32_t type, uint32_t size_key,
378 			uint32_t size_value, uint32_t max_elem,
379 			uint32_t extra_flags)
380 {
381 	int fd;
382 
383 	fd = bpf_create_map(type, size_key, size_value, max_elem,
384 			    (type == BPF_MAP_TYPE_HASH ?
385 			     BPF_F_NO_PREALLOC : 0) | extra_flags);
386 	if (fd < 0) {
387 		if (skip_unsupported_map(type))
388 			return -1;
389 		printf("Failed to create hash map '%s'!\n", strerror(errno));
390 	}
391 
392 	return fd;
393 }
394 
create_map(uint32_t type,uint32_t size_key,uint32_t size_value,uint32_t max_elem)395 static int create_map(uint32_t type, uint32_t size_key,
396 		      uint32_t size_value, uint32_t max_elem)
397 {
398 	return __create_map(type, size_key, size_value, max_elem, 0);
399 }
400 
update_map(int fd,int index)401 static void update_map(int fd, int index)
402 {
403 	struct test_val value = {
404 		.index = (6 + 1) * sizeof(int),
405 		.foo[6] = 0xabcdef12,
406 	};
407 
408 	assert(!bpf_map_update_elem(fd, &index, &value, 0));
409 }
410 
create_prog_dummy_simple(enum bpf_prog_type prog_type,int ret)411 static int create_prog_dummy_simple(enum bpf_prog_type prog_type, int ret)
412 {
413 	struct bpf_insn prog[] = {
414 		BPF_MOV64_IMM(BPF_REG_0, ret),
415 		BPF_EXIT_INSN(),
416 	};
417 
418 	return bpf_load_program(prog_type, prog,
419 				ARRAY_SIZE(prog), "GPL", 0, NULL, 0);
420 }
421 
create_prog_dummy_loop(enum bpf_prog_type prog_type,int mfd,int idx,int ret)422 static int create_prog_dummy_loop(enum bpf_prog_type prog_type, int mfd,
423 				  int idx, int ret)
424 {
425 	struct bpf_insn prog[] = {
426 		BPF_MOV64_IMM(BPF_REG_3, idx),
427 		BPF_LD_MAP_FD(BPF_REG_2, mfd),
428 		BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
429 			     BPF_FUNC_tail_call),
430 		BPF_MOV64_IMM(BPF_REG_0, ret),
431 		BPF_EXIT_INSN(),
432 	};
433 
434 	return bpf_load_program(prog_type, prog,
435 				ARRAY_SIZE(prog), "GPL", 0, NULL, 0);
436 }
437 
create_prog_array(enum bpf_prog_type prog_type,uint32_t max_elem,int p1key,int p2key,int p3key)438 static int create_prog_array(enum bpf_prog_type prog_type, uint32_t max_elem,
439 			     int p1key, int p2key, int p3key)
440 {
441 	int mfd, p1fd, p2fd, p3fd;
442 
443 	mfd = bpf_create_map(BPF_MAP_TYPE_PROG_ARRAY, sizeof(int),
444 			     sizeof(int), max_elem, 0);
445 	if (mfd < 0) {
446 		if (skip_unsupported_map(BPF_MAP_TYPE_PROG_ARRAY))
447 			return -1;
448 		printf("Failed to create prog array '%s'!\n", strerror(errno));
449 		return -1;
450 	}
451 
452 	p1fd = create_prog_dummy_simple(prog_type, 42);
453 	p2fd = create_prog_dummy_loop(prog_type, mfd, p2key, 41);
454 	p3fd = create_prog_dummy_simple(prog_type, 24);
455 	if (p1fd < 0 || p2fd < 0 || p3fd < 0)
456 		goto err;
457 	if (bpf_map_update_elem(mfd, &p1key, &p1fd, BPF_ANY) < 0)
458 		goto err;
459 	if (bpf_map_update_elem(mfd, &p2key, &p2fd, BPF_ANY) < 0)
460 		goto err;
461 	if (bpf_map_update_elem(mfd, &p3key, &p3fd, BPF_ANY) < 0) {
462 err:
463 		close(mfd);
464 		mfd = -1;
465 	}
466 	close(p3fd);
467 	close(p2fd);
468 	close(p1fd);
469 	return mfd;
470 }
471 
create_map_in_map(void)472 static int create_map_in_map(void)
473 {
474 	int inner_map_fd, outer_map_fd;
475 
476 	inner_map_fd = bpf_create_map(BPF_MAP_TYPE_ARRAY, sizeof(int),
477 				      sizeof(int), 1, 0);
478 	if (inner_map_fd < 0) {
479 		if (skip_unsupported_map(BPF_MAP_TYPE_ARRAY))
480 			return -1;
481 		printf("Failed to create array '%s'!\n", strerror(errno));
482 		return inner_map_fd;
483 	}
484 
485 	outer_map_fd = bpf_create_map_in_map(BPF_MAP_TYPE_ARRAY_OF_MAPS, NULL,
486 					     sizeof(int), inner_map_fd, 1, 0);
487 	if (outer_map_fd < 0) {
488 		if (skip_unsupported_map(BPF_MAP_TYPE_ARRAY_OF_MAPS))
489 			return -1;
490 		printf("Failed to create array of maps '%s'!\n",
491 		       strerror(errno));
492 	}
493 
494 	close(inner_map_fd);
495 
496 	return outer_map_fd;
497 }
498 
create_cgroup_storage(bool percpu)499 static int create_cgroup_storage(bool percpu)
500 {
501 	enum bpf_map_type type = percpu ? BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE :
502 		BPF_MAP_TYPE_CGROUP_STORAGE;
503 	int fd;
504 
505 	fd = bpf_create_map(type, sizeof(struct bpf_cgroup_storage_key),
506 			    TEST_DATA_LEN, 0, 0);
507 	if (fd < 0) {
508 		if (skip_unsupported_map(type))
509 			return -1;
510 		printf("Failed to create cgroup storage '%s'!\n",
511 		       strerror(errno));
512 	}
513 
514 	return fd;
515 }
516 
517 /* struct bpf_spin_lock {
518  *   int val;
519  * };
520  * struct val {
521  *   int cnt;
522  *   struct bpf_spin_lock l;
523  * };
524  */
525 static const char btf_str_sec[] = "\0bpf_spin_lock\0val\0cnt\0l";
526 static __u32 btf_raw_types[] = {
527 	/* int */
528 	BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
529 	/* struct bpf_spin_lock */                      /* [2] */
530 	BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_STRUCT, 0, 1), 4),
531 	BTF_MEMBER_ENC(15, 1, 0), /* int val; */
532 	/* struct val */                                /* [3] */
533 	BTF_TYPE_ENC(15, BTF_INFO_ENC(BTF_KIND_STRUCT, 0, 2), 8),
534 	BTF_MEMBER_ENC(19, 1, 0), /* int cnt; */
535 	BTF_MEMBER_ENC(23, 2, 32),/* struct bpf_spin_lock l; */
536 };
537 
load_btf(void)538 static int load_btf(void)
539 {
540 	struct btf_header hdr = {
541 		.magic = BTF_MAGIC,
542 		.version = BTF_VERSION,
543 		.hdr_len = sizeof(struct btf_header),
544 		.type_len = sizeof(btf_raw_types),
545 		.str_off = sizeof(btf_raw_types),
546 		.str_len = sizeof(btf_str_sec),
547 	};
548 	void *ptr, *raw_btf;
549 	int btf_fd;
550 
551 	ptr = raw_btf = malloc(sizeof(hdr) + sizeof(btf_raw_types) +
552 			       sizeof(btf_str_sec));
553 
554 	memcpy(ptr, &hdr, sizeof(hdr));
555 	ptr += sizeof(hdr);
556 	memcpy(ptr, btf_raw_types, hdr.type_len);
557 	ptr += hdr.type_len;
558 	memcpy(ptr, btf_str_sec, hdr.str_len);
559 	ptr += hdr.str_len;
560 
561 	btf_fd = bpf_load_btf(raw_btf, ptr - raw_btf, 0, 0, 0);
562 	free(raw_btf);
563 	if (btf_fd < 0)
564 		return -1;
565 	return btf_fd;
566 }
567 
create_map_spin_lock(void)568 static int create_map_spin_lock(void)
569 {
570 	struct bpf_create_map_attr attr = {
571 		.name = "test_map",
572 		.map_type = BPF_MAP_TYPE_ARRAY,
573 		.key_size = 4,
574 		.value_size = 8,
575 		.max_entries = 1,
576 		.btf_key_type_id = 1,
577 		.btf_value_type_id = 3,
578 	};
579 	int fd, btf_fd;
580 
581 	btf_fd = load_btf();
582 	if (btf_fd < 0)
583 		return -1;
584 	attr.btf_fd = btf_fd;
585 	fd = bpf_create_map_xattr(&attr);
586 	if (fd < 0)
587 		printf("Failed to create map with spin_lock\n");
588 	return fd;
589 }
590 
create_sk_storage_map(void)591 static int create_sk_storage_map(void)
592 {
593 	struct bpf_create_map_attr attr = {
594 		.name = "test_map",
595 		.map_type = BPF_MAP_TYPE_SK_STORAGE,
596 		.key_size = 4,
597 		.value_size = 8,
598 		.max_entries = 0,
599 		.map_flags = BPF_F_NO_PREALLOC,
600 		.btf_key_type_id = 1,
601 		.btf_value_type_id = 3,
602 	};
603 	int fd, btf_fd;
604 
605 	btf_fd = load_btf();
606 	if (btf_fd < 0)
607 		return -1;
608 	attr.btf_fd = btf_fd;
609 	fd = bpf_create_map_xattr(&attr);
610 	close(attr.btf_fd);
611 	if (fd < 0)
612 		printf("Failed to create sk_storage_map\n");
613 	return fd;
614 }
615 
616 static char bpf_vlog[UINT_MAX >> 8];
617 
do_test_fixup(struct bpf_test * test,enum bpf_prog_type prog_type,struct bpf_insn * prog,int * map_fds)618 static void do_test_fixup(struct bpf_test *test, enum bpf_prog_type prog_type,
619 			  struct bpf_insn *prog, int *map_fds)
620 {
621 	int *fixup_map_hash_8b = test->fixup_map_hash_8b;
622 	int *fixup_map_hash_48b = test->fixup_map_hash_48b;
623 	int *fixup_map_hash_16b = test->fixup_map_hash_16b;
624 	int *fixup_map_array_48b = test->fixup_map_array_48b;
625 	int *fixup_map_sockmap = test->fixup_map_sockmap;
626 	int *fixup_map_sockhash = test->fixup_map_sockhash;
627 	int *fixup_map_xskmap = test->fixup_map_xskmap;
628 	int *fixup_map_stacktrace = test->fixup_map_stacktrace;
629 	int *fixup_prog1 = test->fixup_prog1;
630 	int *fixup_prog2 = test->fixup_prog2;
631 	int *fixup_map_in_map = test->fixup_map_in_map;
632 	int *fixup_cgroup_storage = test->fixup_cgroup_storage;
633 	int *fixup_percpu_cgroup_storage = test->fixup_percpu_cgroup_storage;
634 	int *fixup_map_spin_lock = test->fixup_map_spin_lock;
635 	int *fixup_map_array_ro = test->fixup_map_array_ro;
636 	int *fixup_map_array_wo = test->fixup_map_array_wo;
637 	int *fixup_map_array_small = test->fixup_map_array_small;
638 	int *fixup_sk_storage_map = test->fixup_sk_storage_map;
639 	int *fixup_map_event_output = test->fixup_map_event_output;
640 
641 	if (test->fill_helper) {
642 		test->fill_insns = calloc(MAX_TEST_INSNS, sizeof(struct bpf_insn));
643 		test->fill_helper(test);
644 	}
645 
646 	/* Allocating HTs with 1 elem is fine here, since we only test
647 	 * for verifier and not do a runtime lookup, so the only thing
648 	 * that really matters is value size in this case.
649 	 */
650 	if (*fixup_map_hash_8b) {
651 		map_fds[0] = create_map(BPF_MAP_TYPE_HASH, sizeof(long long),
652 					sizeof(long long), 1);
653 		do {
654 			prog[*fixup_map_hash_8b].imm = map_fds[0];
655 			fixup_map_hash_8b++;
656 		} while (*fixup_map_hash_8b);
657 	}
658 
659 	if (*fixup_map_hash_48b) {
660 		map_fds[1] = create_map(BPF_MAP_TYPE_HASH, sizeof(long long),
661 					sizeof(struct test_val), 1);
662 		do {
663 			prog[*fixup_map_hash_48b].imm = map_fds[1];
664 			fixup_map_hash_48b++;
665 		} while (*fixup_map_hash_48b);
666 	}
667 
668 	if (*fixup_map_hash_16b) {
669 		map_fds[2] = create_map(BPF_MAP_TYPE_HASH, sizeof(long long),
670 					sizeof(struct other_val), 1);
671 		do {
672 			prog[*fixup_map_hash_16b].imm = map_fds[2];
673 			fixup_map_hash_16b++;
674 		} while (*fixup_map_hash_16b);
675 	}
676 
677 	if (*fixup_map_array_48b) {
678 		map_fds[3] = create_map(BPF_MAP_TYPE_ARRAY, sizeof(int),
679 					sizeof(struct test_val), 1);
680 		update_map(map_fds[3], 0);
681 		do {
682 			prog[*fixup_map_array_48b].imm = map_fds[3];
683 			fixup_map_array_48b++;
684 		} while (*fixup_map_array_48b);
685 	}
686 
687 	if (*fixup_prog1) {
688 		map_fds[4] = create_prog_array(prog_type, 4, 0, 1, 2);
689 		do {
690 			prog[*fixup_prog1].imm = map_fds[4];
691 			fixup_prog1++;
692 		} while (*fixup_prog1);
693 	}
694 
695 	if (*fixup_prog2) {
696 		map_fds[5] = create_prog_array(prog_type, 8, 7, 1, 2);
697 		do {
698 			prog[*fixup_prog2].imm = map_fds[5];
699 			fixup_prog2++;
700 		} while (*fixup_prog2);
701 	}
702 
703 	if (*fixup_map_in_map) {
704 		map_fds[6] = create_map_in_map();
705 		do {
706 			prog[*fixup_map_in_map].imm = map_fds[6];
707 			fixup_map_in_map++;
708 		} while (*fixup_map_in_map);
709 	}
710 
711 	if (*fixup_cgroup_storage) {
712 		map_fds[7] = create_cgroup_storage(false);
713 		do {
714 			prog[*fixup_cgroup_storage].imm = map_fds[7];
715 			fixup_cgroup_storage++;
716 		} while (*fixup_cgroup_storage);
717 	}
718 
719 	if (*fixup_percpu_cgroup_storage) {
720 		map_fds[8] = create_cgroup_storage(true);
721 		do {
722 			prog[*fixup_percpu_cgroup_storage].imm = map_fds[8];
723 			fixup_percpu_cgroup_storage++;
724 		} while (*fixup_percpu_cgroup_storage);
725 	}
726 	if (*fixup_map_sockmap) {
727 		map_fds[9] = create_map(BPF_MAP_TYPE_SOCKMAP, sizeof(int),
728 					sizeof(int), 1);
729 		do {
730 			prog[*fixup_map_sockmap].imm = map_fds[9];
731 			fixup_map_sockmap++;
732 		} while (*fixup_map_sockmap);
733 	}
734 	if (*fixup_map_sockhash) {
735 		map_fds[10] = create_map(BPF_MAP_TYPE_SOCKHASH, sizeof(int),
736 					sizeof(int), 1);
737 		do {
738 			prog[*fixup_map_sockhash].imm = map_fds[10];
739 			fixup_map_sockhash++;
740 		} while (*fixup_map_sockhash);
741 	}
742 	if (*fixup_map_xskmap) {
743 		map_fds[11] = create_map(BPF_MAP_TYPE_XSKMAP, sizeof(int),
744 					sizeof(int), 1);
745 		do {
746 			prog[*fixup_map_xskmap].imm = map_fds[11];
747 			fixup_map_xskmap++;
748 		} while (*fixup_map_xskmap);
749 	}
750 	if (*fixup_map_stacktrace) {
751 		map_fds[12] = create_map(BPF_MAP_TYPE_STACK_TRACE, sizeof(u32),
752 					 sizeof(u64), 1);
753 		do {
754 			prog[*fixup_map_stacktrace].imm = map_fds[12];
755 			fixup_map_stacktrace++;
756 		} while (*fixup_map_stacktrace);
757 	}
758 	if (*fixup_map_spin_lock) {
759 		map_fds[13] = create_map_spin_lock();
760 		do {
761 			prog[*fixup_map_spin_lock].imm = map_fds[13];
762 			fixup_map_spin_lock++;
763 		} while (*fixup_map_spin_lock);
764 	}
765 	if (*fixup_map_array_ro) {
766 		map_fds[14] = __create_map(BPF_MAP_TYPE_ARRAY, sizeof(int),
767 					   sizeof(struct test_val), 1,
768 					   BPF_F_RDONLY_PROG);
769 		update_map(map_fds[14], 0);
770 		do {
771 			prog[*fixup_map_array_ro].imm = map_fds[14];
772 			fixup_map_array_ro++;
773 		} while (*fixup_map_array_ro);
774 	}
775 	if (*fixup_map_array_wo) {
776 		map_fds[15] = __create_map(BPF_MAP_TYPE_ARRAY, sizeof(int),
777 					   sizeof(struct test_val), 1,
778 					   BPF_F_WRONLY_PROG);
779 		update_map(map_fds[15], 0);
780 		do {
781 			prog[*fixup_map_array_wo].imm = map_fds[15];
782 			fixup_map_array_wo++;
783 		} while (*fixup_map_array_wo);
784 	}
785 	if (*fixup_map_array_small) {
786 		map_fds[16] = __create_map(BPF_MAP_TYPE_ARRAY, sizeof(int),
787 					   1, 1, 0);
788 		update_map(map_fds[16], 0);
789 		do {
790 			prog[*fixup_map_array_small].imm = map_fds[16];
791 			fixup_map_array_small++;
792 		} while (*fixup_map_array_small);
793 	}
794 	if (*fixup_sk_storage_map) {
795 		map_fds[17] = create_sk_storage_map();
796 		do {
797 			prog[*fixup_sk_storage_map].imm = map_fds[17];
798 			fixup_sk_storage_map++;
799 		} while (*fixup_sk_storage_map);
800 	}
801 	if (*fixup_map_event_output) {
802 		map_fds[18] = __create_map(BPF_MAP_TYPE_PERF_EVENT_ARRAY,
803 					   sizeof(int), sizeof(int), 1, 0);
804 		do {
805 			prog[*fixup_map_event_output].imm = map_fds[18];
806 			fixup_map_event_output++;
807 		} while (*fixup_map_event_output);
808 	}
809 }
810 
set_admin(bool admin)811 static int set_admin(bool admin)
812 {
813 	cap_t caps;
814 	const cap_value_t cap_val = CAP_SYS_ADMIN;
815 	int ret = -1;
816 
817 	caps = cap_get_proc();
818 	if (!caps) {
819 		perror("cap_get_proc");
820 		return -1;
821 	}
822 	if (cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap_val,
823 				admin ? CAP_SET : CAP_CLEAR)) {
824 		perror("cap_set_flag");
825 		goto out;
826 	}
827 	if (cap_set_proc(caps)) {
828 		perror("cap_set_proc");
829 		goto out;
830 	}
831 	ret = 0;
832 out:
833 	if (cap_free(caps))
834 		perror("cap_free");
835 	return ret;
836 }
837 
do_prog_test_run(int fd_prog,bool unpriv,uint32_t expected_val,void * data,size_t size_data)838 static int do_prog_test_run(int fd_prog, bool unpriv, uint32_t expected_val,
839 			    void *data, size_t size_data)
840 {
841 	__u8 tmp[TEST_DATA_LEN << 2];
842 	__u32 size_tmp = sizeof(tmp);
843 	uint32_t retval;
844 	int err;
845 
846 	if (unpriv)
847 		set_admin(true);
848 	err = bpf_prog_test_run(fd_prog, 1, data, size_data,
849 				tmp, &size_tmp, &retval, NULL);
850 	if (unpriv)
851 		set_admin(false);
852 	if (err && errno != 524/*ENOTSUPP*/ && errno != EPERM) {
853 		printf("Unexpected bpf_prog_test_run error ");
854 		return err;
855 	}
856 	if (!err && retval != expected_val &&
857 	    expected_val != POINTER_VALUE) {
858 		printf("FAIL retval %d != %d ", retval, expected_val);
859 		return 1;
860 	}
861 
862 	return 0;
863 }
864 
cmp_str_seq(const char * log,const char * exp)865 static bool cmp_str_seq(const char *log, const char *exp)
866 {
867 	char needle[80];
868 	const char *p, *q;
869 	int len;
870 
871 	do {
872 		p = strchr(exp, '\t');
873 		if (!p)
874 			p = exp + strlen(exp);
875 
876 		len = p - exp;
877 		if (len >= sizeof(needle) || !len) {
878 			printf("FAIL\nTestcase bug\n");
879 			return false;
880 		}
881 		strncpy(needle, exp, len);
882 		needle[len] = 0;
883 		q = strstr(log, needle);
884 		if (!q) {
885 			printf("FAIL\nUnexpected verifier log in successful load!\n"
886 			       "EXP: %s\nRES:\n", needle);
887 			return false;
888 		}
889 		log = q + len;
890 		exp = p + 1;
891 	} while (*p);
892 	return true;
893 }
894 
do_test_single(struct bpf_test * test,bool unpriv,int * passes,int * errors)895 static void do_test_single(struct bpf_test *test, bool unpriv,
896 			   int *passes, int *errors)
897 {
898 	int fd_prog, expected_ret, alignment_prevented_execution;
899 	int prog_len, prog_type = test->prog_type;
900 	struct bpf_insn *prog = test->insns;
901 	struct bpf_load_program_attr attr;
902 	int run_errs, run_successes;
903 	int map_fds[MAX_NR_MAPS];
904 	const char *expected_err;
905 	int fixup_skips;
906 	__u32 pflags;
907 	int i, err;
908 
909 	for (i = 0; i < MAX_NR_MAPS; i++)
910 		map_fds[i] = -1;
911 
912 	if (!prog_type)
913 		prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
914 	fixup_skips = skips;
915 	do_test_fixup(test, prog_type, prog, map_fds);
916 	if (test->fill_insns) {
917 		prog = test->fill_insns;
918 		prog_len = test->prog_len;
919 	} else {
920 		prog_len = probe_filter_length(prog);
921 	}
922 	/* If there were some map skips during fixup due to missing bpf
923 	 * features, skip this test.
924 	 */
925 	if (fixup_skips != skips)
926 		return;
927 
928 	pflags = BPF_F_TEST_RND_HI32;
929 	if (test->flags & F_LOAD_WITH_STRICT_ALIGNMENT)
930 		pflags |= BPF_F_STRICT_ALIGNMENT;
931 	if (test->flags & F_NEEDS_EFFICIENT_UNALIGNED_ACCESS)
932 		pflags |= BPF_F_ANY_ALIGNMENT;
933 	if (test->flags & ~3)
934 		pflags |= test->flags;
935 
936 	expected_ret = unpriv && test->result_unpriv != UNDEF ?
937 		       test->result_unpriv : test->result;
938 	expected_err = unpriv && test->errstr_unpriv ?
939 		       test->errstr_unpriv : test->errstr;
940 	memset(&attr, 0, sizeof(attr));
941 	attr.prog_type = prog_type;
942 	attr.expected_attach_type = test->expected_attach_type;
943 	attr.insns = prog;
944 	attr.insns_cnt = prog_len;
945 	attr.license = "GPL";
946 	attr.log_level = verbose || expected_ret == VERBOSE_ACCEPT ? 1 : 4;
947 	attr.prog_flags = pflags;
948 
949 	fd_prog = bpf_load_program_xattr(&attr, bpf_vlog, sizeof(bpf_vlog));
950 	if (fd_prog < 0 && !bpf_probe_prog_type(prog_type, 0)) {
951 		printf("SKIP (unsupported program type %d)\n", prog_type);
952 		skips++;
953 		goto close_fds;
954 	}
955 
956 	alignment_prevented_execution = 0;
957 
958 	if (expected_ret == ACCEPT || expected_ret == VERBOSE_ACCEPT) {
959 		if (fd_prog < 0) {
960 			printf("FAIL\nFailed to load prog '%s'!\n",
961 			       strerror(errno));
962 			goto fail_log;
963 		}
964 #ifndef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
965 		if (fd_prog >= 0 &&
966 		    (test->flags & F_NEEDS_EFFICIENT_UNALIGNED_ACCESS))
967 			alignment_prevented_execution = 1;
968 #endif
969 		if (expected_ret == VERBOSE_ACCEPT && !cmp_str_seq(bpf_vlog, expected_err)) {
970 			goto fail_log;
971 		}
972 	} else {
973 		if (fd_prog >= 0) {
974 			printf("FAIL\nUnexpected success to load!\n");
975 			goto fail_log;
976 		}
977 		if (!expected_err || !strstr(bpf_vlog, expected_err)) {
978 			printf("FAIL\nUnexpected error message!\n\tEXP: %s\n\tRES: %s\n",
979 			      expected_err, bpf_vlog);
980 			goto fail_log;
981 		}
982 	}
983 
984 	if (test->insn_processed) {
985 		uint32_t insn_processed;
986 		char *proc;
987 
988 		proc = strstr(bpf_vlog, "processed ");
989 		insn_processed = atoi(proc + 10);
990 		if (test->insn_processed != insn_processed) {
991 			printf("FAIL\nUnexpected insn_processed %u vs %u\n",
992 			       insn_processed, test->insn_processed);
993 			goto fail_log;
994 		}
995 	}
996 
997 	if (verbose)
998 		printf(", verifier log:\n%s", bpf_vlog);
999 
1000 	run_errs = 0;
1001 	run_successes = 0;
1002 	if (!alignment_prevented_execution && fd_prog >= 0) {
1003 		uint32_t expected_val;
1004 		int i;
1005 
1006 		if (!test->runs)
1007 			test->runs = 1;
1008 
1009 		for (i = 0; i < test->runs; i++) {
1010 			if (unpriv && test->retvals[i].retval_unpriv)
1011 				expected_val = test->retvals[i].retval_unpriv;
1012 			else
1013 				expected_val = test->retvals[i].retval;
1014 
1015 			err = do_prog_test_run(fd_prog, unpriv, expected_val,
1016 					       test->retvals[i].data,
1017 					       sizeof(test->retvals[i].data));
1018 			if (err) {
1019 				printf("(run %d/%d) ", i + 1, test->runs);
1020 				run_errs++;
1021 			} else {
1022 				run_successes++;
1023 			}
1024 		}
1025 	}
1026 
1027 	if (!run_errs) {
1028 		(*passes)++;
1029 		if (run_successes > 1)
1030 			printf("%d cases ", run_successes);
1031 		printf("OK");
1032 		if (alignment_prevented_execution)
1033 			printf(" (NOTE: not executed due to unknown alignment)");
1034 		printf("\n");
1035 	} else {
1036 		printf("\n");
1037 		goto fail_log;
1038 	}
1039 close_fds:
1040 	if (test->fill_insns)
1041 		free(test->fill_insns);
1042 	close(fd_prog);
1043 	for (i = 0; i < MAX_NR_MAPS; i++)
1044 		close(map_fds[i]);
1045 	sched_yield();
1046 	return;
1047 fail_log:
1048 	(*errors)++;
1049 	printf("%s", bpf_vlog);
1050 	goto close_fds;
1051 }
1052 
is_admin(void)1053 static bool is_admin(void)
1054 {
1055 	cap_t caps;
1056 	cap_flag_value_t sysadmin = CAP_CLEAR;
1057 	const cap_value_t cap_val = CAP_SYS_ADMIN;
1058 
1059 #ifdef CAP_IS_SUPPORTED
1060 	if (!CAP_IS_SUPPORTED(CAP_SETFCAP)) {
1061 		perror("cap_get_flag");
1062 		return false;
1063 	}
1064 #endif
1065 	caps = cap_get_proc();
1066 	if (!caps) {
1067 		perror("cap_get_proc");
1068 		return false;
1069 	}
1070 	if (cap_get_flag(caps, cap_val, CAP_EFFECTIVE, &sysadmin))
1071 		perror("cap_get_flag");
1072 	if (cap_free(caps))
1073 		perror("cap_free");
1074 	return (sysadmin == CAP_SET);
1075 }
1076 
get_unpriv_disabled()1077 static void get_unpriv_disabled()
1078 {
1079 	char buf[2];
1080 	FILE *fd;
1081 
1082 	fd = fopen("/proc/sys/"UNPRIV_SYSCTL, "r");
1083 	if (!fd) {
1084 		perror("fopen /proc/sys/"UNPRIV_SYSCTL);
1085 		unpriv_disabled = true;
1086 		return;
1087 	}
1088 	if (fgets(buf, 2, fd) == buf && atoi(buf))
1089 		unpriv_disabled = true;
1090 	fclose(fd);
1091 }
1092 
test_as_unpriv(struct bpf_test * test)1093 static bool test_as_unpriv(struct bpf_test *test)
1094 {
1095 	return !test->prog_type ||
1096 	       test->prog_type == BPF_PROG_TYPE_SOCKET_FILTER ||
1097 	       test->prog_type == BPF_PROG_TYPE_CGROUP_SKB;
1098 }
1099 
do_test(bool unpriv,unsigned int from,unsigned int to)1100 static int do_test(bool unpriv, unsigned int from, unsigned int to)
1101 {
1102 	int i, passes = 0, errors = 0;
1103 
1104 	for (i = from; i < to; i++) {
1105 		struct bpf_test *test = &tests[i];
1106 
1107 		/* Program types that are not supported by non-root we
1108 		 * skip right away.
1109 		 */
1110 		if (test_as_unpriv(test) && unpriv_disabled) {
1111 			printf("#%d/u %s SKIP\n", i, test->descr);
1112 			skips++;
1113 		} else if (test_as_unpriv(test)) {
1114 			if (!unpriv)
1115 				set_admin(false);
1116 			printf("#%d/u %s ", i, test->descr);
1117 			do_test_single(test, true, &passes, &errors);
1118 			if (!unpriv)
1119 				set_admin(true);
1120 		}
1121 
1122 		if (unpriv) {
1123 			printf("#%d/p %s SKIP\n", i, test->descr);
1124 			skips++;
1125 		} else {
1126 			printf("#%d/p %s ", i, test->descr);
1127 			do_test_single(test, false, &passes, &errors);
1128 		}
1129 	}
1130 
1131 	printf("Summary: %d PASSED, %d SKIPPED, %d FAILED\n", passes,
1132 	       skips, errors);
1133 	return errors ? EXIT_FAILURE : EXIT_SUCCESS;
1134 }
1135 
main(int argc,char ** argv)1136 int main(int argc, char **argv)
1137 {
1138 	unsigned int from = 0, to = ARRAY_SIZE(tests);
1139 	bool unpriv = !is_admin();
1140 	int arg = 1;
1141 
1142 	if (argc > 1 && strcmp(argv[1], "-v") == 0) {
1143 		arg++;
1144 		verbose = true;
1145 		argc--;
1146 	}
1147 
1148 	if (argc == 3) {
1149 		unsigned int l = atoi(argv[arg]);
1150 		unsigned int u = atoi(argv[arg + 1]);
1151 
1152 		if (l < to && u < to) {
1153 			from = l;
1154 			to   = u + 1;
1155 		}
1156 	} else if (argc == 2) {
1157 		unsigned int t = atoi(argv[arg]);
1158 
1159 		if (t < to) {
1160 			from = t;
1161 			to   = t + 1;
1162 		}
1163 	}
1164 
1165 	get_unpriv_disabled();
1166 	if (unpriv && unpriv_disabled) {
1167 		printf("Cannot run as unprivileged user with sysctl %s.\n",
1168 		       UNPRIV_SYSCTL);
1169 		return EXIT_FAILURE;
1170 	}
1171 
1172 	bpf_semi_rand_init();
1173 	return do_test(unpriv, from, to);
1174 }
1175