cgroup_skb.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
cgroup_skb.c (6357B)
      1{
      2	"direct packet read test#1 for CGROUP_SKB",
      3	.insns = {
      4	BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1,
      5		    offsetof(struct __sk_buff, data)),
      6	BPF_LDX_MEM(BPF_W, BPF_REG_3, BPF_REG_1,
      7		    offsetof(struct __sk_buff, data_end)),
      8	BPF_LDX_MEM(BPF_W, BPF_REG_4, BPF_REG_1,
      9		    offsetof(struct __sk_buff, len)),
     10	BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_1,
     11		    offsetof(struct __sk_buff, pkt_type)),
     12	BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
     13		    offsetof(struct __sk_buff, mark)),
     14	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_6,
     15		    offsetof(struct __sk_buff, mark)),
     16	BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_1,
     17		    offsetof(struct __sk_buff, queue_mapping)),
     18	BPF_LDX_MEM(BPF_W, BPF_REG_8, BPF_REG_1,
     19		    offsetof(struct __sk_buff, protocol)),
     20	BPF_LDX_MEM(BPF_W, BPF_REG_9, BPF_REG_1,
     21		    offsetof(struct __sk_buff, vlan_present)),
     22	BPF_MOV64_REG(BPF_REG_0, BPF_REG_2),
     23	BPF_ALU64_IMM(BPF_ADD, BPF_REG_0, 8),
     24	BPF_JMP_REG(BPF_JGT, BPF_REG_0, BPF_REG_3, 1),
     25	BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_2, 0),
     26	BPF_MOV64_IMM(BPF_REG_0, 0),
     27	BPF_EXIT_INSN(),
     28	},
     29	.result = ACCEPT,
     30	.result_unpriv = REJECT,
     31	.errstr_unpriv = "invalid bpf_context access off=76 size=4",
     32	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
     33},
     34{
     35	"direct packet read test#2 for CGROUP_SKB",
     36	.insns = {
     37	BPF_LDX_MEM(BPF_W, BPF_REG_4, BPF_REG_1,
     38		    offsetof(struct __sk_buff, vlan_tci)),
     39	BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_1,
     40		    offsetof(struct __sk_buff, vlan_proto)),
     41	BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
     42		    offsetof(struct __sk_buff, priority)),
     43	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_6,
     44		    offsetof(struct __sk_buff, priority)),
     45	BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_1,
     46		    offsetof(struct __sk_buff, ingress_ifindex)),
     47	BPF_LDX_MEM(BPF_W, BPF_REG_8, BPF_REG_1,
     48		    offsetof(struct __sk_buff, tc_index)),
     49	BPF_LDX_MEM(BPF_W, BPF_REG_9, BPF_REG_1,
     50		    offsetof(struct __sk_buff, hash)),
     51	BPF_MOV64_IMM(BPF_REG_0, 0),
     52	BPF_EXIT_INSN(),
     53	},
     54	.result = ACCEPT,
     55	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
     56},
     57{
     58	"direct packet read test#3 for CGROUP_SKB",
     59	.insns = {
     60	BPF_LDX_MEM(BPF_W, BPF_REG_4, BPF_REG_1,
     61		    offsetof(struct __sk_buff, cb[0])),
     62	BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_1,
     63		    offsetof(struct __sk_buff, cb[1])),
     64	BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
     65		    offsetof(struct __sk_buff, cb[2])),
     66	BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_1,
     67		    offsetof(struct __sk_buff, cb[3])),
     68	BPF_LDX_MEM(BPF_W, BPF_REG_8, BPF_REG_1,
     69		    offsetof(struct __sk_buff, cb[4])),
     70	BPF_LDX_MEM(BPF_W, BPF_REG_9, BPF_REG_1,
     71		    offsetof(struct __sk_buff, napi_id)),
     72	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_4,
     73		    offsetof(struct __sk_buff, cb[0])),
     74	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_5,
     75		    offsetof(struct __sk_buff, cb[1])),
     76	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_6,
     77		    offsetof(struct __sk_buff, cb[2])),
     78	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_7,
     79		    offsetof(struct __sk_buff, cb[3])),
     80	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_8,
     81		    offsetof(struct __sk_buff, cb[4])),
     82	BPF_MOV64_IMM(BPF_REG_0, 0),
     83	BPF_EXIT_INSN(),
     84	},
     85	.result = ACCEPT,
     86	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
     87},
     88{
     89	"direct packet read test#4 for CGROUP_SKB",
     90	.insns = {
     91	BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1,
     92		    offsetof(struct __sk_buff, family)),
     93	BPF_LDX_MEM(BPF_W, BPF_REG_3, BPF_REG_1,
     94		    offsetof(struct __sk_buff, remote_ip4)),
     95	BPF_LDX_MEM(BPF_W, BPF_REG_4, BPF_REG_1,
     96		    offsetof(struct __sk_buff, local_ip4)),
     97	BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_1,
     98		    offsetof(struct __sk_buff, remote_ip6[0])),
     99	BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_1,
    100		    offsetof(struct __sk_buff, remote_ip6[1])),
    101	BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_1,
    102		    offsetof(struct __sk_buff, remote_ip6[2])),
    103	BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_1,
    104		    offsetof(struct __sk_buff, remote_ip6[3])),
    105	BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
    106		    offsetof(struct __sk_buff, local_ip6[0])),
    107	BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
    108		    offsetof(struct __sk_buff, local_ip6[1])),
    109	BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
    110		    offsetof(struct __sk_buff, local_ip6[2])),
    111	BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
    112		    offsetof(struct __sk_buff, local_ip6[3])),
    113	BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_1,
    114		    offsetof(struct __sk_buff, remote_port)),
    115	BPF_LDX_MEM(BPF_W, BPF_REG_8, BPF_REG_1,
    116		    offsetof(struct __sk_buff, local_port)),
    117	BPF_MOV64_IMM(BPF_REG_0, 0),
    118	BPF_EXIT_INSN(),
    119	},
    120	.result = ACCEPT,
    121	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
    122},
    123{
    124	"invalid access of tc_classid for CGROUP_SKB",
    125	.insns = {
    126	BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
    127		    offsetof(struct __sk_buff, tc_classid)),
    128	BPF_MOV64_IMM(BPF_REG_0, 0),
    129	BPF_EXIT_INSN(),
    130	},
    131	.result = REJECT,
    132	.errstr = "invalid bpf_context access",
    133	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
    134},
    135{
    136	"invalid access of data_meta for CGROUP_SKB",
    137	.insns = {
    138	BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
    139		    offsetof(struct __sk_buff, data_meta)),
    140	BPF_MOV64_IMM(BPF_REG_0, 0),
    141	BPF_EXIT_INSN(),
    142	},
    143	.result = REJECT,
    144	.errstr = "invalid bpf_context access",
    145	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
    146},
    147{
    148	"invalid access of flow_keys for CGROUP_SKB",
    149	.insns = {
    150	BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
    151		    offsetof(struct __sk_buff, flow_keys)),
    152	BPF_MOV64_IMM(BPF_REG_0, 0),
    153	BPF_EXIT_INSN(),
    154	},
    155	.result = REJECT,
    156	.errstr = "invalid bpf_context access",
    157	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
    158},
    159{
    160	"invalid write access to napi_id for CGROUP_SKB",
    161	.insns = {
    162	BPF_LDX_MEM(BPF_W, BPF_REG_9, BPF_REG_1,
    163		    offsetof(struct __sk_buff, napi_id)),
    164	BPF_STX_MEM(BPF_W, BPF_REG_1, BPF_REG_9,
    165		    offsetof(struct __sk_buff, napi_id)),
    166	BPF_MOV64_IMM(BPF_REG_0, 0),
    167	BPF_EXIT_INSN(),
    168	},
    169	.result = REJECT,
    170	.errstr = "invalid bpf_context access",
    171	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
    172},
    173{
    174	"write tstamp from CGROUP_SKB",
    175	.insns = {
    176	BPF_MOV64_IMM(BPF_REG_0, 0),
    177	BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_0,
    178		    offsetof(struct __sk_buff, tstamp)),
    179	BPF_MOV64_IMM(BPF_REG_0, 0),
    180	BPF_EXIT_INSN(),
    181	},
    182	.result = ACCEPT,
    183	.result_unpriv = REJECT,
    184	.errstr_unpriv = "invalid bpf_context access off=152 size=8",
    185	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
    186},
    187{
    188	"read tstamp from CGROUP_SKB",
    189	.insns = {
    190	BPF_LDX_MEM(BPF_DW, BPF_REG_0, BPF_REG_1,
    191		    offsetof(struct __sk_buff, tstamp)),
    192	BPF_MOV64_IMM(BPF_REG_0, 0),
    193	BPF_EXIT_INSN(),
    194	},
    195	.result = ACCEPT,
    196	.prog_type = BPF_PROG_TYPE_CGROUP_SKB,
    197},