1 // SPDX-License-Identifier: GPL-2.0 2 3 #include <linux/bpf.h> 4 #include <bpf/bpf_helpers.h> 5 6 int probe_res; 7 8 char input[4] = {}; 9 int test_pid; 10 11 SEC("tracepoint/syscalls/sys_enter_nanosleep") 12 int probe(void *ctx) 13 { 14 /* This BPF program performs variable-offset reads and writes on a 15 * stack-allocated buffer. 16 */ 17 char stack_buf[16]; 18 unsigned long len; 19 unsigned long last; 20 21 if ((bpf_get_current_pid_tgid() >> 32) != test_pid) 22 return 0; 23 24 /* Copy the input to the stack. */ 25 __builtin_memcpy(stack_buf, input, 4); 26 27 /* The first byte in the buffer indicates the length. */ 28 len = stack_buf[0] & 0xf; 29 last = (len - 1) & 0xf; 30 31 /* Append something to the buffer. The offset where we write is not 32 * statically known; this is a variable-offset stack write. 33 */ 34 stack_buf[len] = 42; 35 36 /* Index into the buffer at an unknown offset. This is a 37 * variable-offset stack read. 38 * 39 * Note that if it wasn't for the preceding variable-offset write, this 40 * read would be rejected because the stack slot cannot be verified as 41 * being initialized. With the preceding variable-offset write, the 42 * stack slot still cannot be verified, but the write inhibits the 43 * respective check on the reasoning that, if there was a 44 * variable-offset to a higher-or-equal spot, we're probably reading 45 * what we just wrote. 46 */ 47 probe_res = stack_buf[last]; 48 return 0; 49 } 50 51 char _license[] SEC("license") = "GPL"; 52