selftests/bpf: Improve portability of bpf_syscall_macro test

guidosarducci · guidosarducci · commit 63a2168ba1cb · 2025-10-26T23:37:06.000-07:00
Part of the test does non-CORE param reads using bpf_probe_read_kernel() and fixed 8-bytes reads, which breaks on 32-bit arm: root@qemu-armhf:/usr/libexec/kselftests-bpf# ./test_progs -v -w 0 -a bpf_syscall_macro bpf_testmod.ko is already unloaded. Loading bpf_testmod.ko... Successfully loaded bpf_testmod.ko. test_bpf_syscall_macro:PASS:bpf_syscall_macro__open 0 nsec test_bpf_syscall_macro:PASS:bpf_syscall_macro__load 0 nsec test_bpf_syscall_macro:PASS:bpf_syscall_macro__attach 0 nsec test_bpf_syscall_macro:FAIL:syscall_arg1 unexpected syscall_arg1: actual 0 != expected 1001 test_bpf_syscall_macro:FAIL:syscall_arg2 unexpected syscall_arg2: actual 0 != expected 12 test_bpf_syscall_macro:FAIL:syscall_arg3 unexpected syscall_arg3: actual 0 != expected 13 test_bpf_syscall_macro:FAIL:syscall_arg4_from_cx unexpected syscall_arg4_from_cx: actual 0 != expected 14 test_bpf_syscall_macro:FAIL:syscall_arg4 unexpected syscall_arg4: actual 0 != expected 14 test_bpf_syscall_macro:FAIL:syscall_arg5 unexpected syscall_arg5: actual 0 != expected 15 test_bpf_syscall_macro:FAIL:syscall_arg1_core_variant unexpected syscall_arg1_core_variant: actual 0 != expected 1001 test_bpf_syscall_macro:FAIL:syscall_arg2_core_variant unexpected syscall_arg2_core_variant: actual 0 != expected 12 test_bpf_syscall_macro:FAIL:syscall_arg3_core_variant unexpected syscall_arg3_core_variant: actual 0 != expected 13 test_bpf_syscall_macro:FAIL:syscall_arg4_from_cx_core_variant unexpected syscall_arg4_from_cx_core_variant: actual 0 != expected 14 test_bpf_syscall_macro:FAIL:syscall_arg4_core_variant unexpected syscall_arg4_core_variant: actual 0 != expected 14 test_bpf_syscall_macro:FAIL:syscall_arg5_core_variant unexpected syscall_arg5_core_variant: actual 0 != expected 15 test_bpf_syscall_macro:PASS:BPF_KPROBE_SYSCALL_option 0 nsec test_bpf_syscall_macro:PASS:BPF_KPROBE_SYSCALL_arg2 0 nsec test_bpf_syscall_macro:PASS:BPF_KPROBE_SYSCALL_arg3 0 nsec test_bpf_syscall_macro:PASS:BPF_KPROBE_SYSCALL_arg4 0 nsec test_bpf_syscall_macro:PASS:BPF_KPROBE_SYSCALL_arg5 0 nsec test_bpf_syscall_macro:PASS:splice_res 0 nsec test_bpf_syscall_macro:PASS:splice_err 0 nsec test_bpf_syscall_macro:PASS:splice_arg1 0 nsec test_bpf_syscall_macro:PASS:splice_arg2 0 nsec test_bpf_syscall_macro:PASS:splice_arg3 0 nsec test_bpf_syscall_macro:PASS:splice_arg4 0 nsec test_bpf_syscall_macro:PASS:splice_arg5 0 nsec test_bpf_syscall_macro:PASS:splice_arg6 0 nsec torvalds#26 bpf_syscall_macro:FAIL Summary: 0/0 PASSED, 0 SKIPPED, 1 FAILED Fix non-CORE reads by sizing data based on a struct pt_regs elem. FIXME: the CORE read errors are fixed by previous patch to bpf_tracing.h which fixes unselected ARCH_HAS_SYSCALL_WRAPPER. Signed-off-by: Tony Ambardar <tony.ambardar@gmail.com>
diff --git a/tools/testing/selftests/bpf/progs/bpf_syscall_macro.c b/tools/testing/selftests/bpf/progs/bpf_syscall_macro.c
@@ -32,24 +32,33 @@ const volatile pid_t filter_pid = 0;
 SEC("kprobe/" SYS_PREFIX "sys_prctl")
 int BPF_KPROBE(handle_sys_prctl)
 {
-	struct pt_regs *real_regs;
-	pid_t pid = bpf_get_current_pid_tgid() >> 32;
-	unsigned long tmp = 0;
-
+	struct pt_regs *real_regs = PT_REGS_SYSCALL_REGS(ctx);
+	/* Declare tmp vars of pt_regs elem type w/o const qualifier. Blech.*/
+	typeof(__builtin_choose_expr(
+		      __builtin_types_compatible_p(
+			      typeof(PT_REGS_PARM1(real_regs)),
+			      __u32),
+		      (__u32)0,
+		      (__u64)0)) tmp1, tmp2, tmp3, tmp4, tmp4_cx, tmp5;
+	pid_t pid;
+
+	pid = bpf_get_current_pid_tgid() >> 32;
 	if (pid != filter_pid)
 		return 0;
 
-	real_regs = PT_REGS_SYSCALL_REGS(ctx);
-
 	/* test for PT_REGS_PARM */
-
-	bpf_probe_read_kernel(&tmp, sizeof(tmp), &PT_REGS_PARM1_SYSCALL(real_regs));
-	arg1 = tmp;
-	bpf_probe_read_kernel(&arg2, sizeof(arg2), &PT_REGS_PARM2_SYSCALL(real_regs));
-	bpf_probe_read_kernel(&arg3, sizeof(arg3), &PT_REGS_PARM3_SYSCALL(real_regs));
-	bpf_probe_read_kernel(&arg4_cx, sizeof(arg4_cx), &PT_REGS_PARM4(real_regs));
-	bpf_probe_read_kernel(&arg4, sizeof(arg4), &PT_REGS_PARM4_SYSCALL(real_regs));
-	bpf_probe_read_kernel(&arg5, sizeof(arg5), &PT_REGS_PARM5_SYSCALL(real_regs));
+	bpf_probe_read_kernel(&tmp1, sizeof(tmp1),&PT_REGS_PARM1_SYSCALL(real_regs));
+	bpf_probe_read_kernel(&tmp2, sizeof(tmp2), &PT_REGS_PARM2_SYSCALL(real_regs));
+	bpf_probe_read_kernel(&tmp3, sizeof(tmp3), &PT_REGS_PARM3_SYSCALL(real_regs));
+	bpf_probe_read_kernel(&tmp4_cx, sizeof(tmp4_cx), &PT_REGS_PARM4(real_regs));
+	bpf_probe_read_kernel(&tmp4, sizeof(tmp4), &PT_REGS_PARM4_SYSCALL(real_regs));
+	bpf_probe_read_kernel(&tmp5, sizeof(tmp5), &PT_REGS_PARM5_SYSCALL(real_regs));
+	arg1 = tmp1;
+	arg2 = tmp2;
+	arg3 = tmp3;
+	arg4 = tmp4;
+	arg4_cx = tmp4_cx;
+	arg5 = tmp5;
 
 	/* test for the CORE variant of PT_REGS_PARM */
 	arg1_core = PT_REGS_PARM1_CORE_SYSCALL(real_regs);
