Add a verifier test for the fixed-offset stack write case where two 4-byte stores initialize opposite halves of the same stack slot.
The test runs through the unprivileged loader lane and expects both half-slot writes to emit nospec in the translated program. Acked-by: Luis Gerhorst <[email protected]> Signed-off-by: Nuoqi Gui <[email protected]> --- .../testing/selftests/bpf/progs/verifier_unpriv.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/tools/testing/selftests/bpf/progs/verifier_unpriv.c b/tools/testing/selftests/bpf/progs/verifier_unpriv.c index c16f8382cf17d..d54e5b59e62e5 100644 --- a/tools/testing/selftests/bpf/progs/verifier_unpriv.c +++ b/tools/testing/selftests/bpf/progs/verifier_unpriv.c @@ -976,4 +976,26 @@ l0_%=: exit; \ : __clobber_all); } +SEC("socket") +__description("unpriv: Spectre v4 stack write slot index") +__success __success_unpriv +__retval(0) +#ifdef SPEC_V4 +__xlated_unpriv("r0 = 0") +__xlated_unpriv("*(u32 *)(r10 - 4) = r0") +__xlated_unpriv("nospec") +__xlated_unpriv("*(u32 *)(r10 - 8) = r0") +__xlated_unpriv("nospec") +__xlated_unpriv("exit") +#endif +__naked void stack_write_nospec_slot_index(void) +{ + asm volatile (" \ + r0 = 0; \ + *(u32 *)(r10 - 4) = r0; \ + *(u32 *)(r10 - 8) = r0; \ + exit; \ +" ::: __clobber_all); +} + char _license[] SEC("license") = "GPL"; -- 2.34.1
