Back to home page

OSCL-LXR
 
 

     

0001 // SPDX-License-Identifier: GPL-2.0
0002 
0003 /*
0004  * Copyright 2020 Google LLC.
0005  */
0006 
0007 #include "vmlinux.h"
0008 #include <bpf/bpf_helpers.h>
0009 #include <bpf/bpf_tracing.h>
0010 #include  <errno.h>
0011 
0012 struct {
0013     __uint(type, BPF_MAP_TYPE_ARRAY);
0014     __uint(max_entries, 1);
0015     __type(key, __u32);
0016     __type(value, __u64);
0017 } array SEC(".maps");
0018 
0019 struct {
0020     __uint(type, BPF_MAP_TYPE_HASH);
0021     __uint(max_entries, 1);
0022     __type(key, __u32);
0023     __type(value, __u64);
0024 } hash SEC(".maps");
0025 
0026 struct {
0027     __uint(type, BPF_MAP_TYPE_LRU_HASH);
0028     __uint(max_entries, 1);
0029     __type(key, __u32);
0030     __type(value, __u64);
0031 } lru_hash SEC(".maps");
0032 
0033 struct {
0034     __uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
0035     __uint(max_entries, 1);
0036     __type(key, __u32);
0037     __type(value, __u64);
0038 } percpu_array SEC(".maps");
0039 
0040 struct {
0041     __uint(type, BPF_MAP_TYPE_PERCPU_HASH);
0042     __uint(max_entries, 1);
0043     __type(key, __u32);
0044     __type(value, __u64);
0045 } percpu_hash SEC(".maps");
0046 
0047 struct {
0048     __uint(type, BPF_MAP_TYPE_LRU_PERCPU_HASH);
0049     __uint(max_entries, 1);
0050     __type(key, __u32);
0051     __type(value, __u64);
0052 } lru_percpu_hash SEC(".maps");
0053 
0054 struct inner_map {
0055     __uint(type, BPF_MAP_TYPE_ARRAY);
0056     __uint(max_entries, 1);
0057     __type(key, int);
0058     __type(value, __u64);
0059 } inner_map SEC(".maps");
0060 
0061 struct outer_arr {
0062     __uint(type, BPF_MAP_TYPE_ARRAY_OF_MAPS);
0063     __uint(max_entries, 1);
0064     __uint(key_size, sizeof(int));
0065     __uint(value_size, sizeof(int));
0066     __array(values, struct inner_map);
0067 } outer_arr SEC(".maps") = {
0068     .values = { [0] = &inner_map },
0069 };
0070 
0071 struct outer_hash {
0072     __uint(type, BPF_MAP_TYPE_HASH_OF_MAPS);
0073     __uint(max_entries, 1);
0074     __uint(key_size, sizeof(int));
0075     __array(values, struct inner_map);
0076 } outer_hash SEC(".maps") = {
0077     .values = { [0] = &inner_map },
0078 };
0079 
0080 char _license[] SEC("license") = "GPL";
0081 
0082 int monitored_pid = 0;
0083 int mprotect_count = 0;
0084 int bprm_count = 0;
0085 
0086 SEC("lsm/file_mprotect")
0087 int BPF_PROG(test_int_hook, struct vm_area_struct *vma,
0088          unsigned long reqprot, unsigned long prot, int ret)
0089 {
0090     if (ret != 0)
0091         return ret;
0092 
0093     __u32 pid = bpf_get_current_pid_tgid() >> 32;
0094     int is_stack = 0;
0095 
0096     is_stack = (vma->vm_start <= vma->vm_mm->start_stack &&
0097             vma->vm_end >= vma->vm_mm->start_stack);
0098 
0099     if (is_stack && monitored_pid == pid) {
0100         mprotect_count++;
0101         ret = -EPERM;
0102     }
0103 
0104     return ret;
0105 }
0106 
0107 SEC("lsm.s/bprm_committed_creds")
0108 int BPF_PROG(test_void_hook, struct linux_binprm *bprm)
0109 {
0110     __u32 pid = bpf_get_current_pid_tgid() >> 32;
0111     struct inner_map *inner_map;
0112     char args[64];
0113     __u32 key = 0;
0114     __u64 *value;
0115 
0116     if (monitored_pid == pid)
0117         bprm_count++;
0118 
0119     bpf_copy_from_user(args, sizeof(args), (void *)bprm->vma->vm_mm->arg_start);
0120     bpf_copy_from_user(args, sizeof(args), (void *)bprm->mm->arg_start);
0121 
0122     value = bpf_map_lookup_elem(&array, &key);
0123     if (value)
0124         *value = 0;
0125     value = bpf_map_lookup_elem(&hash, &key);
0126     if (value)
0127         *value = 0;
0128     value = bpf_map_lookup_elem(&lru_hash, &key);
0129     if (value)
0130         *value = 0;
0131     value = bpf_map_lookup_elem(&percpu_array, &key);
0132     if (value)
0133         *value = 0;
0134     value = bpf_map_lookup_elem(&percpu_hash, &key);
0135     if (value)
0136         *value = 0;
0137     value = bpf_map_lookup_elem(&lru_percpu_hash, &key);
0138     if (value)
0139         *value = 0;
0140     inner_map = bpf_map_lookup_elem(&outer_arr, &key);
0141     if (inner_map) {
0142         value = bpf_map_lookup_elem(inner_map, &key);
0143         if (value)
0144             *value = 0;
0145     }
0146     inner_map = bpf_map_lookup_elem(&outer_hash, &key);
0147     if (inner_map) {
0148         value = bpf_map_lookup_elem(inner_map, &key);
0149         if (value)
0150             *value = 0;
0151     }
0152 
0153     return 0;
0154 }
0155 SEC("lsm/task_free") /* lsm/ is ok, lsm.s/ fails */
0156 int BPF_PROG(test_task_free, struct task_struct *task)
0157 {
0158     return 0;
0159 }
0160 
0161 int copy_test = 0;
0162 
0163 SEC("fentry.s/__x64_sys_setdomainname")
0164 int BPF_PROG(test_sys_setdomainname, struct pt_regs *regs)
0165 {
0166     void *ptr = (void *)PT_REGS_PARM1(regs);
0167     int len = PT_REGS_PARM2(regs);
0168     int buf = 0;
0169     long ret;
0170 
0171     ret = bpf_copy_from_user(&buf, sizeof(buf), ptr);
0172     if (len == -2 && ret == 0 && buf == 1234)
0173         copy_test++;
0174     if (len == -3 && ret == -EFAULT)
0175         copy_test++;
0176     if (len == -4 && ret == -EFAULT)
0177         copy_test++;
0178     return 0;
0179 }
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!