yanguangshaonian
/
aya
mirror of https://github.com/aya-rs/aya
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
pr/Billy99/974
linker-bindep
fix-verifier-blixt
revert-461-main
gh-pages
ci
perf-event
aya-log-ebpf-v0.1.0
aya-log-ebpf-macros-v0.1.0
aya-log-parser-v0.1.13
aya-ebpf-v0.1.0
aya-ebpf-macros-v0.1.0
aya-ebpf-bindings-v0.1.0
aya-ebpf-cty-v0.2.1
aya-log-v0.2.0
aya-log-common-v0.1.14
aya-v0.12.0
aya-obj-v0.1.0
aya-log-common-v0.1.13
aya-log-v0.1.13
aya-log-common-v0.1.11
aya-log-v0.1.11
aya-log-common-v0.1.10
aya-log-v0.1.10
aya-v0.11.0
aya-log-common-v0.1.9
aya-log-v0.1.9
aya-v0.10.7
aya-v0.10.6
aya-log-v0.1.1
aya-v0.10.5
aya-v0.10.4
aya-v0.10.3
aya-v0.10.2
aya-v0.10.1
aya-v0.10.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2f9c67c735'
${ noResults }
aya/test/integration-ebpf/src/bpf_probe_read.rs

97 lines
2.4 KiB
Rust
Raw Normal View History Unescape Escape

bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
#![no_std]
#![no_main]
use aya_bpf::{
helpers::{bpf_probe_read_kernel_str_bytes, bpf_probe_read_user_str_bytes},
macros::{map, uprobe},
maps::Array,
programs::ProbeContext,
};
const RESULT_BUF_LEN: usize = 1024;
macro_rules! read_str_bytes {
($fun:ident, $ptr:expr, $len:expr $(,)?) => {
Clippy over tests and integration-ebpf Replace all `assert!(matches!(..))` with `assert_matches!(..)`. Remove the now-unused build-integration-test xtask command whose logic doesn't match that of the build-and-run command.
1 year ago
let Some(ptr) = RESULT.get_ptr_mut(0) else {
return;
bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
};
Clippy over tests and integration-ebpf Replace all `assert!(matches!(..))` with `assert_matches!(..)`. Remove the now-unused build-integration-test xtask command whose logic doesn't match that of the build-and-run command.
1 year ago
let TestResult {
did_error,
len,
buf,
} = unsafe { &mut *ptr };
bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
Clippy over tests and integration-ebpf Replace all `assert!(matches!(..))` with `assert_matches!(..)`. Remove the now-unused build-integration-test xtask command whose logic doesn't match that of the build-and-run command.
1 year ago
// $len comes from ctx.arg(1) so it's dynamic and the verifier
// doesn't see any bounds. We do $len.min(RESULT_BUF_LEN) here to
// ensure that the verifier can see the upper bound, or you get:
//
// 18: (79) r7 = *(u64 *)(r7 +8) ; R7_w=scalar()
// [snip]
// 27: (bf) r2 = r7 ;
// R2_w=scalar(id=2,umax=9223372036854775807,var_off=(0x0; 0x7fffffffffffffff)) [snip]
// 28: (85) call bpf_probe_read_user_str#114
// R2 unbounded memory access, use 'var &= const' or 'if (var < const)'
let Some(buf) = buf.get_mut(..$len) else {
return;
bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
};
Clippy over tests and integration-ebpf Replace all `assert!(matches!(..))` with `assert_matches!(..)`. Remove the now-unused build-integration-test xtask command whose logic doesn't match that of the build-and-run command.
1 year ago
match unsafe { $fun($ptr, buf) } {
Ok(s) => {
*len = s.len();
}
Err(_) => {
*did_error = 1;
}
}
bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
};
}
#[repr(C)]
struct TestResult {
did_error: u64,
len: usize,
buf: [u8; RESULT_BUF_LEN],
}
#[map]
static RESULT: Array<TestResult> = Array::with_max_entries(1, 0);
#[map]
Clippy over tests and integration-ebpf Replace all `assert!(matches!(..))` with `assert_matches!(..)`. Remove the now-unused build-integration-test xtask command whose logic doesn't match that of the build-and-run command.
1 year ago
static KERNEL_BUFFER: Array<[u8; RESULT_BUF_LEN]> = Array::with_max_entries(1, 0);
bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
#[uprobe]
pub fn test_bpf_probe_read_user_str_bytes(ctx: ProbeContext) {
read_str_bytes!(
bpf_probe_read_user_str_bytes,
match ctx.arg::<*const u8>(0) {
Some(p) => p,
_ => return,
},
match ctx.arg::<usize>(1) {
Some(p) => p,
_ => return,
},
);
}
#[uprobe]
pub fn test_bpf_probe_read_kernel_str_bytes(ctx: ProbeContext) {
read_str_bytes!(
bpf_probe_read_kernel_str_bytes,
match KERNEL_BUFFER.get_ptr(0) {
Some(p) => p as *const u8,
_ => return,
},
match ctx.arg::<usize>(0) {
Some(p) => p,
_ => return,
},
);
}
Clippy over tests and integration-ebpf Replace all `assert!(matches!(..))` with `assert_matches!(..)`. Remove the now-unused build-integration-test xtask command whose logic doesn't match that of the build-and-run command.
1 year ago
#[cfg(not(test))]
bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
#[panic_handler]
fn panic(_info: &core::panic::PanicInfo) -> ! {
Clippy over tests and integration-ebpf Replace all `assert!(matches!(..))` with `assert_matches!(..)`. Remove the now-unused build-integration-test xtask command whose logic doesn't match that of the build-and-run command.
1 year ago
loop {}
bpf: improve bpf_probe_read_kernel_str_bytes and bpf_probe_read_user_str_bytes This change does a few things: - it fixes a bug in the wrappers, where we were expecting the kernel to return len=1 for b"\0" where it instead returns 0 and doesn't write out the NULL terminator - it makes the helpers more robust by hardcoding bound checks in assembly so that LLVM optimizations can't transform the checks in a way that the verifier can't understand. - it adds integration tests
1 year ago
}