52 lines
1.4 KiB
C
52 lines
1.4 KiB
C
|
// SPDX-License-Identifier: GPL-2.0
|
||
|
|
|
||
|
|
#include <linux/bpf.h>
|
||
|
|
#include <bpf/bpf_helpers.h>
|
||
|
|
|
||
|
|
int probe_res;
|
||
|
|
|
||
|
|
char input[4] = {};
|
||
|
|
int test_pid;
|
||
|
|
|
||
|
|
SEC("tracepoint/syscalls/sys_enter_nanosleep")
|
||
|
|
int probe(void *ctx)
|
||
|
|
{
|
||
|
|
/* This BPF program performs variable-offset reads and writes on a
|
||
|
|
* stack-allocated buffer.
|
||
|
|
*/
|
||
|
|
char stack_buf[16];
|
||
|
|
unsigned long len;
|
||
|
|
unsigned long last;
|
||
|
|
|
||
|
|
if ((bpf_get_current_pid_tgid() >> 32) != test_pid)
|
||
|
|
return 0;
|
||
|
|
|
||
|
|
/* Copy the input to the stack. */
|
||
|
|
__builtin_memcpy(stack_buf, input, 4);
|
||
|
|
|
||
|
|
/* The first byte in the buffer indicates the length. */
|
||
|
|
len = stack_buf[0] & 0xf;
|
||
|
|
last = (len - 1) & 0xf;
|
||
|
|
|
||
|
|
/* Append something to the buffer. The offset where we write is not
|
||
|
|
* statically known; this is a variable-offset stack write.
|
||
|
|
*/
|
||
|
|
stack_buf[len] = 42;
|
||
|
|
|
||
|
|
/* Index into the buffer at an unknown offset. This is a
|
||
|
|
* variable-offset stack read.
|
||
|
|
*
|
||
|
|
* Note that if it wasn't for the preceding variable-offset write, this
|
||
|
|
* read would be rejected because the stack slot cannot be verified as
|
||
|
|
* being initialized. With the preceding variable-offset write, the
|
||
|
|
* stack slot still cannot be verified, but the write inhibits the
|
||
|
|
* respective check on the reasoning that, if there was a
|
||
|
|
* variable-offset to a higher-or-equal spot, we're probably reading
|
||
|
|
* what we just wrote.
|
||
|
|
*/
|
||
|
|
probe_res = stack_buf[last];
|
||
|
|
return 0;
|
||
|
|
}
|
||
|
|
|
||
|
|
char _license[] SEC("license") = "GPL";
|