1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
// SPDX-License-Identifier: GPL-2.0
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>
int probe_res;
char input[4] = {};
int test_pid;
SEC("tracepoint/syscalls/sys_enter_nanosleep")
int probe(void *ctx)
{
/* This BPF program performs variable-offset reads and writes on a
* stack-allocated buffer.
*/
char stack_buf[16];
unsigned long len;
unsigned long last;
if ((bpf_get_current_pid_tgid() >> 32) != test_pid)
return 0;
/* Copy the input to the stack. */
__builtin_memcpy(stack_buf, input, 4);
/* The first byte in the buffer indicates the length. */
len = stack_buf[0] & 0xf;
last = (len - 1) & 0xf;
/* Append something to the buffer. The offset where we write is not
* statically known; this is a variable-offset stack write.
*/
stack_buf[len] = 42;
/* Index into the buffer at an unknown offset. This is a
* variable-offset stack read.
*
* Note that if it wasn't for the preceding variable-offset write, this
* read would be rejected because the stack slot cannot be verified as
* being initialized. With the preceding variable-offset write, the
* stack slot still cannot be verified, but the write inhibits the
* respective check on the reasoning that, if there was a
* variable-offset to a higher-or-equal spot, we're probably reading
* what we just wrote.
*/
probe_res = stack_buf[last];
return 0;
}
char _license[] SEC("license") = "GPL";
|
