bpf: fix test suite to enable all unpriv program types

Given BPF_PROG_TYPE_CGROUP_SKB program types are also valid in an unprivileged setting, lets not omit these tests and potentially have issues fall through the cracks. Make this more obvious by adding a small test_as_unpriv() helper. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
author: Daniel Borkmann <daniel@iogearbox.net> 2018-10-24 16:05:43 -0400
committer: Alexei Starovoitov <ast@kernel.org> 2018-10-25 20:02:05 -0400
commit: 36641ad61db5ce9befd5eb0071abb36eaff16cfc (patch)
tree: 750b0afb983007773bc86776adeb0bfc9be1a43c /tools/testing
parent: 4a6998aff82a20a1aece86a186d8e5263f8b2315 (diff)
1 files changed, 13 insertions, 2 deletions
diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
index 769d68a48f30..8e1a79d2792c 100644
--- a/tools/testing/selftests/bpf/test_verifier.c
+++ b/tools/testing/selftests/bpf/test_verifier.c
@@ -4891,6 +4891,8 @@ static struct bpf_test tests[] = {
                        BPF_EXIT_INSN(),
                },
                .result = ACCEPT,
+                .result_unpriv = REJECT,
+                .errstr_unpriv = "R3 pointer comparison prohibited",
                .prog_type = BPF_PROG_TYPE_CGROUP_SKB,
        },
        {
@@ -5146,6 +5148,7 @@ static struct bpf_test tests[] = {
                .fixup_cgroup_storage = { 1 },
                .result = REJECT,
                .errstr = "get_local_storage() doesn't support non-zero flags",
+                .errstr_unpriv = "R2 leaks addr into helper function",
                .prog_type = BPF_PROG_TYPE_CGROUP_SKB,
        },
        {
@@ -5261,6 +5264,7 @@ static struct bpf_test tests[] = {
                .fixup_percpu_cgroup_storage = { 1 },
                .result = REJECT,
                .errstr = "get_local_storage() doesn't support non-zero flags",
+                .errstr_unpriv = "R2 leaks addr into helper function",
                .prog_type = BPF_PROG_TYPE_CGROUP_SKB,
        },
        {
@@ -14050,6 +14054,13 @@ static void get_unpriv_disabled()
        fclose(fd);
 }
+static bool test_as_unpriv(struct bpf_test *test)
+{
+        return !test->prog_type ||
+               test->prog_type == BPF_PROG_TYPE_SOCKET_FILTER ||
+               test->prog_type == BPF_PROG_TYPE_CGROUP_SKB;
+}
 static int do_test(bool unpriv, unsigned int from, unsigned int to)
 {
        int i, passes = 0, errors = 0, skips = 0;
@@ -14060,10 +14071,10 @@ static int do_test(bool unpriv, unsigned int from, unsigned int to)
                /* Program types that are not supported by non-root we
                 * skip right away.
                 */
-                if (!test->prog_type && unpriv_disabled) {
+                if (test_as_unpriv(test) && unpriv_disabled) {
                        printf("#%d/u %s SKIP\n", i, test->descr);
                        skips++;
-                } else if (!test->prog_type) {
+                } else if (test_as_unpriv(test)) {
                        if (!unpriv)
                                set_admin(false);
                        printf("#%d/u %s ", i, test->descr);
author	Daniel Borkmann <daniel@iogearbox.net>	2018-10-24 16:05:43 -0400
committer	Alexei Starovoitov <ast@kernel.org>	2018-10-25 20:02:05 -0400
commit	36641ad61db5ce9befd5eb0071abb36eaff16cfc (patch)
tree	750b0afb983007773bc86776adeb0bfc9be1a43c /tools/testing
parent	4a6998aff82a20a1aece86a186d8e5263f8b2315 (diff)