cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

helper_restricted.c (6132B)

      1{
      2	"bpf_ktime_get_coarse_ns is forbidden in BPF_PROG_TYPE_KPROBE",
      3	.insns = {
      4		BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_ktime_get_coarse_ns),
      5		BPF_MOV64_IMM(BPF_REG_0, 0),
      6		BPF_EXIT_INSN(),
      7	},
      8	.errstr = "unknown func bpf_ktime_get_coarse_ns",
      9	.result = REJECT,
     10	.prog_type = BPF_PROG_TYPE_KPROBE,
     11},
     12{
     13	"bpf_ktime_get_coarse_ns is forbidden in BPF_PROG_TYPE_TRACEPOINT",
     14	.insns = {
     15		BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_ktime_get_coarse_ns),
     16		BPF_MOV64_IMM(BPF_REG_0, 0),
     17		BPF_EXIT_INSN(),
     18	},
     19	.errstr = "unknown func bpf_ktime_get_coarse_ns",
     20	.result = REJECT,
     21	.prog_type = BPF_PROG_TYPE_TRACEPOINT,
     22},
     23{
     24	"bpf_ktime_get_coarse_ns is forbidden in BPF_PROG_TYPE_PERF_EVENT",
     25	.insns = {
     26	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_ktime_get_coarse_ns),
     27	BPF_MOV64_IMM(BPF_REG_0, 0),
     28	BPF_EXIT_INSN(),
     29	},
     30	.errstr = "unknown func bpf_ktime_get_coarse_ns",
     31	.result = REJECT,
     32	.prog_type = BPF_PROG_TYPE_PERF_EVENT,
     33},
     34{
     35	"bpf_ktime_get_coarse_ns is forbidden in BPF_PROG_TYPE_RAW_TRACEPOINT",
     36	.insns = {
     37	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_ktime_get_coarse_ns),
     38	BPF_MOV64_IMM(BPF_REG_0, 0),
     39	BPF_EXIT_INSN(),
     40	},
     41	.errstr = "unknown func bpf_ktime_get_coarse_ns",
     42	.result = REJECT,
     43	.prog_type = BPF_PROG_TYPE_RAW_TRACEPOINT,
     44},
     45{
     46	"bpf_timer_init isn restricted in BPF_PROG_TYPE_KPROBE",
     47	.insns = {
     48	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
     49	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
     50	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
     51	BPF_LD_MAP_FD(BPF_REG_1, 0),
     52	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
     53	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 4),
     54	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
     55	BPF_LD_MAP_FD(BPF_REG_2, 0),
     56	BPF_MOV64_IMM(BPF_REG_3, 1),
     57	BPF_EMIT_CALL(BPF_FUNC_timer_init),
     58	BPF_EXIT_INSN(),
     59	},
     60	.fixup_map_timer = { 3, 8 },
     61	.errstr = "tracing progs cannot use bpf_timer yet",
     62	.result = REJECT,
     63	.prog_type = BPF_PROG_TYPE_KPROBE,
     64},
     65{
     66	"bpf_timer_init is forbidden in BPF_PROG_TYPE_PERF_EVENT",
     67	.insns = {
     68	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
     69	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
     70	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
     71	BPF_LD_MAP_FD(BPF_REG_1, 0),
     72	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
     73	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 4),
     74	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
     75	BPF_LD_MAP_FD(BPF_REG_2, 0),
     76	BPF_MOV64_IMM(BPF_REG_3, 1),
     77	BPF_EMIT_CALL(BPF_FUNC_timer_init),
     78	BPF_EXIT_INSN(),
     79	},
     80	.fixup_map_timer = { 3, 8 },
     81	.errstr = "tracing progs cannot use bpf_timer yet",
     82	.result = REJECT,
     83	.prog_type = BPF_PROG_TYPE_PERF_EVENT,
     84},
     85{
     86	"bpf_timer_init is forbidden in BPF_PROG_TYPE_TRACEPOINT",
     87	.insns = {
     88	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
     89	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
     90	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
     91	BPF_LD_MAP_FD(BPF_REG_1, 0),
     92	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
     93	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 4),
     94	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
     95	BPF_LD_MAP_FD(BPF_REG_2, 0),
     96	BPF_MOV64_IMM(BPF_REG_3, 1),
     97	BPF_EMIT_CALL(BPF_FUNC_timer_init),
     98	BPF_EXIT_INSN(),
     99	},
    100	.fixup_map_timer = { 3, 8 },
    101	.errstr = "tracing progs cannot use bpf_timer yet",
    102	.result = REJECT,
    103	.prog_type = BPF_PROG_TYPE_TRACEPOINT,
    104},
    105{
    106	"bpf_timer_init is forbidden in BPF_PROG_TYPE_RAW_TRACEPOINT",
    107	.insns = {
    108	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
    109	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
    110	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
    111	BPF_LD_MAP_FD(BPF_REG_1, 0),
    112	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
    113	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 4),
    114	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
    115	BPF_LD_MAP_FD(BPF_REG_2, 0),
    116	BPF_MOV64_IMM(BPF_REG_3, 1),
    117	BPF_EMIT_CALL(BPF_FUNC_timer_init),
    118	BPF_EXIT_INSN(),
    119	},
    120	.fixup_map_timer = { 3, 8 },
    121	.errstr = "tracing progs cannot use bpf_timer yet",
    122	.result = REJECT,
    123	.prog_type = BPF_PROG_TYPE_RAW_TRACEPOINT,
    124},
    125{
    126	"bpf_spin_lock is forbidden in BPF_PROG_TYPE_KPROBE",
    127	.insns = {
    128	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
    129	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
    130	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
    131	BPF_LD_MAP_FD(BPF_REG_1, 0),
    132	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
    133	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 2),
    134	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
    135	BPF_EMIT_CALL(BPF_FUNC_spin_lock),
    136	BPF_EXIT_INSN(),
    137	},
    138	.fixup_map_spin_lock = { 3 },
    139	.errstr = "tracing progs cannot use bpf_spin_lock yet",
    140	.result = REJECT,
    141	.prog_type = BPF_PROG_TYPE_KPROBE,
    142},
    143{
    144	"bpf_spin_lock is forbidden in BPF_PROG_TYPE_TRACEPOINT",
    145	.insns = {
    146	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
    147	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
    148	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
    149	BPF_LD_MAP_FD(BPF_REG_1, 0),
    150	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
    151	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 2),
    152	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
    153	BPF_EMIT_CALL(BPF_FUNC_spin_lock),
    154	BPF_EXIT_INSN(),
    155	},
    156	.fixup_map_spin_lock = { 3 },
    157	.errstr = "tracing progs cannot use bpf_spin_lock yet",
    158	.result = REJECT,
    159	.prog_type = BPF_PROG_TYPE_TRACEPOINT,
    160},
    161{
    162	"bpf_spin_lock is forbidden in BPF_PROG_TYPE_PERF_EVENT",
    163	.insns = {
    164	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
    165	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
    166	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
    167	BPF_LD_MAP_FD(BPF_REG_1, 0),
    168	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
    169	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 2),
    170	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
    171	BPF_EMIT_CALL(BPF_FUNC_spin_lock),
    172	BPF_EXIT_INSN(),
    173	},
    174	.fixup_map_spin_lock = { 3 },
    175	.errstr = "tracing progs cannot use bpf_spin_lock yet",
    176	.result = REJECT,
    177	.prog_type = BPF_PROG_TYPE_PERF_EVENT,
    178},
    179{
    180	"bpf_spin_lock is forbidden in BPF_PROG_TYPE_RAW_TRACEPOINT",
    181	.insns = {
    182	BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
    183	BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
    184	BPF_ST_MEM(BPF_DW, BPF_REG_2, 0, 0),
    185	BPF_LD_MAP_FD(BPF_REG_1, 0),
    186	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem),
    187	BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 2),
    188	BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
    189	BPF_EMIT_CALL(BPF_FUNC_spin_lock),
    190	BPF_EXIT_INSN(),
    191	},
    192	.fixup_map_spin_lock = { 3 },
    193	.errstr = "tracing progs cannot use bpf_spin_lock yet",
    194	.result = REJECT,
    195	.prog_type = BPF_PROG_TYPE_RAW_TRACEPOINT,
    196},