/* * Check decoding of socket filters. * * Copyright (c) 2017 Dmitry V. Levin * Copyright (c) 2017-2018 The strace developers. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "tests.h" #include #include #include #include #include /* SO_GET_FILTER was introduced by Linux commit v3.8-rc1~139^2~518 */ #ifndef SO_GET_FILTER # define SO_GET_FILTER SO_ATTACH_FILTER #endif #define HEX_FMT "%#x" #if XLAT_RAW # define XLAT_FMT HEX_FMT # define XLAT_ARGS(a_) (a_) #elif XLAT_VERBOSE # define XLAT_FMT HEX_FMT " /* %s */" # define XLAT_ARGS(a_) (a_), #a_ #else # define XLAT_FMT "%s" # define XLAT_ARGS(a_) #a_ #endif #define PRINT_STMT(pfx, code_fmt, k_fmt, ...) \ printf("%sBPF_STMT(" code_fmt ", " k_fmt ")", pfx, __VA_ARGS__) #define PRINT_JUMP(pfx, code_fmt, k, jt, jf, ...) \ printf("%sBPF_JUMP(" code_fmt ", %#x, %#x, %#x)", \ pfx, __VA_ARGS__, k, jt, jf) static const struct sock_filter bpf_filter[] = { BPF_STMT(BPF_LD|BPF_B|BPF_ABS, SKF_LL_OFF+4), BPF_STMT(BPF_LD|BPF_B|BPF_ABS, SKF_NET_OFF+8), BPF_STMT(BPF_LD|BPF_B|BPF_ABS, SKF_AD_OFF+SKF_AD_PROTOCOL), BPF_JUMP(BPF_JMP|BPF_K|BPF_JEQ, IPPROTO_UDP, 0, 5), BPF_STMT(BPF_LD|BPF_W|BPF_LEN, 0), BPF_JUMP(BPF_JMP|BPF_K|BPF_JGE, 100, 0, 3), BPF_STMT(BPF_LD|BPF_B|BPF_ABS, 42), BPF_JUMP(BPF_JMP|BPF_K|BPF_JEQ, 'a', 0, 1), BPF_STMT(BPF_RET|BPF_K, -1U), BPF_STMT(BPF_RET|BPF_K, 0) }; static void print_filter(void) { PRINT_STMT("[", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, XLAT_FMT "+4", XLAT_ARGS(BPF_LD), XLAT_ARGS(BPF_B), XLAT_ARGS(BPF_ABS), XLAT_ARGS(SKF_LL_OFF)); PRINT_STMT(", ", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, XLAT_FMT "+8", XLAT_ARGS(BPF_LD), XLAT_ARGS(BPF_B), XLAT_ARGS(BPF_ABS), XLAT_ARGS(SKF_NET_OFF)); PRINT_STMT(", ", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, XLAT_FMT "+" XLAT_FMT, XLAT_ARGS(BPF_LD), XLAT_ARGS(BPF_B), XLAT_ARGS(BPF_ABS), XLAT_ARGS(SKF_AD_OFF), XLAT_ARGS(SKF_AD_PROTOCOL)); PRINT_JUMP(", ", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, IPPROTO_UDP, 0, 5, XLAT_ARGS(BPF_JMP), XLAT_ARGS(BPF_K), XLAT_ARGS(BPF_JEQ)); PRINT_STMT(", ", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, HEX_FMT, XLAT_ARGS(BPF_LD), XLAT_ARGS(BPF_W), XLAT_ARGS(BPF_LEN), 0); PRINT_JUMP(", ", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, 100, 0, 3, XLAT_ARGS(BPF_JMP), XLAT_ARGS(BPF_K), XLAT_ARGS(BPF_JGE)); PRINT_STMT(", ", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, HEX_FMT, XLAT_ARGS(BPF_LD), XLAT_ARGS(BPF_B), XLAT_ARGS(BPF_ABS), 42); PRINT_JUMP(", ", XLAT_FMT "|" XLAT_FMT "|" XLAT_FMT, 'a', 0, 1, XLAT_ARGS(BPF_JMP), XLAT_ARGS(BPF_K), XLAT_ARGS(BPF_JEQ)); PRINT_STMT(", ", XLAT_FMT "|" XLAT_FMT, HEX_FMT, XLAT_ARGS(BPF_RET), XLAT_ARGS(BPF_K), -1U); PRINT_STMT(", ", XLAT_FMT "|" XLAT_FMT, HEX_FMT, XLAT_ARGS(BPF_RET), XLAT_ARGS(BPF_K), 0); putchar(']'); } static const char *errstr; static int get_filter(int fd, void *val, socklen_t *len) { int rc = getsockopt(fd, SOL_SOCKET, SO_GET_FILTER, val, len); errstr = sprintrc(rc); return rc; } static int set_filter(int fd, void *val, socklen_t len) { int rc = setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, val, len); errstr = sprintrc(rc); return rc; } int main(void) { int rc; struct sock_filter *const filter = tail_memdup(bpf_filter, sizeof(bpf_filter)); void *const efault = filter + ARRAY_SIZE(bpf_filter); TAIL_ALLOC_OBJECT_CONST_PTR(struct sock_fprog, prog); TAIL_ALLOC_OBJECT_CONST_PTR(socklen_t, len); prog->len = ARRAY_SIZE(bpf_filter); prog->filter = filter; int fd = socket(AF_INET, SOCK_DGRAM, 0); if (fd < 0) perror_msg_and_skip("socket AF_INET SOCK_DGRAM"); /* query sock_filter program length -> 0 */ *len = BPF_MAXINSNS; rc = get_filter(fd, NULL, len); if (rc) perror_msg_and_skip("getsockopt SOL_SOCKET SO_GET_FILTER"); printf("getsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", NULL, [%u->0]) " "= 0\n", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_GET_FILTER), BPF_MAXINSNS); /* getsockopt NULL optlen - EFAULT */ rc = get_filter(fd, NULL, NULL); printf("getsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", NULL, NULL) " "= %s\n", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_GET_FILTER), errstr); /* attach a filter */ rc = set_filter(fd, prog, sizeof(*prog)); if (rc) perror_msg_and_skip("setsockopt SOL_SOCKET SO_ATTACH_FILTER"); printf("setsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", {len=%u, filter=", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_ATTACH_FILTER), prog->len); print_filter(); printf("}, %u) = 0\n", (unsigned int) sizeof(*prog)); /* setsockopt optlen is too small - EINVAL */ rc = set_filter(fd, prog, sizeof(*prog) - 4); printf("setsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", %p, %u) = %s\n", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_ATTACH_FILTER), prog, (unsigned int) sizeof(*prog) - 4, errstr); #ifdef SO_ATTACH_REUSEPORT_CBPF rc = setsockopt(fd, SOL_SOCKET, SO_ATTACH_REUSEPORT_CBPF, prog, sizeof(*prog)); errstr = sprintrc(rc); printf("setsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", {len=%u, filter=", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_ATTACH_REUSEPORT_CBPF), prog->len); print_filter(); printf("}, %u) = %s\n", (unsigned int) sizeof(*prog), errstr); #endif /* query sock_filter program length -> ARRAY_SIZE(bpf_filter) */ *len = 0; rc = get_filter(fd, efault, len); printf("getsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", %p, [0->%u]) " "= %s\n", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_GET_FILTER), efault, (unsigned int) ARRAY_SIZE(bpf_filter), errstr); /* getsockopt optlen is too small - EINVAL */ *len = ARRAY_SIZE(bpf_filter) - 1; rc = get_filter(fd, efault, len); printf("getsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", %p, [%u]) = %s\n", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_GET_FILTER), efault, (unsigned int) ARRAY_SIZE(bpf_filter) - 1, errstr); /* getsockopt optval EFAULT */ *len = ARRAY_SIZE(bpf_filter); rc = get_filter(fd, filter + 1, len); printf("getsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", %p, [%u]) = %s\n", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_GET_FILTER), filter + 1, (unsigned int) ARRAY_SIZE(bpf_filter), errstr); /* getsockopt optlen is too large - truncated */ *len = ARRAY_SIZE(bpf_filter) + 1; rc = get_filter(fd, filter, len); printf("getsockopt(%d, " XLAT_FMT ", " XLAT_FMT ", ", fd, XLAT_ARGS(SOL_SOCKET), XLAT_ARGS(SO_GET_FILTER)); print_filter(); printf(", [%u->%d]) = %s\n", (unsigned int) ARRAY_SIZE(bpf_filter) + 1, *len, errstr); puts("+++ exited with 0 +++"); return 0; }