+/* Test for stack corruption in multiple function calls */
+static const struct ebpf_insn test_call4_prog[] = {
+ {
+ .code = (BPF_ST | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_10,
+ .off = -4,
+ .imm = 1,
+ },
+ {
+ .code = (BPF_ST | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_10,
+ .off = -3,
+ .imm = 2,
+ },
+ {
+ .code = (BPF_ST | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_10,
+ .off = -2,
+ .imm = 3,
+ },
+ {
+ .code = (BPF_ST | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_10,
+ .off = -1,
+ .imm = 4,
+ },
+ {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_10,
+ },
+ {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_K),
+ .dst_reg = EBPF_REG_2,
+ .imm = 4,
+ },
+ {
+ .code = (EBPF_ALU64 | BPF_SUB | BPF_X),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_2,
+ },
+ {
+ .code = (BPF_JMP | EBPF_CALL),
+ .imm = 0,
+ },
+ {
+ .code = (BPF_LDX | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_10,
+ .off = -4,
+ },
+ {
+ .code = (BPF_LDX | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_2,
+ .src_reg = EBPF_REG_10,
+ .off = -3,
+ },
+ {
+ .code = (BPF_LDX | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_3,
+ .src_reg = EBPF_REG_10,
+ .off = -2,
+ },
+ {
+ .code = (BPF_LDX | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_4,
+ .src_reg = EBPF_REG_10,
+ .off = -1,
+ },
+ {
+ .code = (BPF_JMP | EBPF_CALL),
+ .imm = 1,
+ },
+ {
+ .code = (EBPF_ALU64 | BPF_XOR | BPF_K),
+ .dst_reg = EBPF_REG_0,
+ .imm = TEST_MEMFROB,
+ },
+ {
+ .code = (BPF_JMP | EBPF_EXIT),
+ },
+};
+
+/* Gathering the bytes together */
+static uint32_t
+dummy_func4_1(uint8_t a, uint8_t b, uint8_t c, uint8_t d)
+{
+ return (a << 24) | (b << 16) | (c << 8) | (d << 0);
+}
+
+/* Implementation of memfrob */
+static uint32_t
+dummy_func4_0(uint32_t *s, uint8_t n)
+{
+ char *p = (char *) s;
+ while (n-- > 0)
+ *p++ ^= 42;
+ return *s;
+}
+
+
+static int
+test_call4_check(uint64_t rc, const void *arg)
+{
+ uint8_t a[4] = {1, 2, 3, 4};
+ uint32_t s, v = 0;
+
+ RTE_SET_USED(arg);
+
+ s = dummy_func4_0((uint32_t *)a, 4);
+
+ s = dummy_func4_1(a[0], a[1], a[2], a[3]);
+
+ v = s ^ TEST_MEMFROB;
+
+ return cmp_res(__func__, v, rc, &v, &rc, sizeof(v));
+}
+
+static const struct rte_bpf_xsym test_call4_xsym[] = {
+ [0] = {
+ .name = RTE_STR(dummy_func4_0),
+ .type = RTE_BPF_XTYPE_FUNC,
+ .func = {
+ .val = (void *)dummy_func4_0,
+ .nb_args = 2,
+ .args = {
+ [0] = {
+ .type = RTE_BPF_ARG_PTR,
+ .size = 4 * sizeof(uint8_t),
+ },
+ [1] = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint8_t),
+ },
+ },
+ .ret = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint32_t),
+ },
+ },
+ },
+ [1] = {
+ .name = RTE_STR(dummy_func4_1),
+ .type = RTE_BPF_XTYPE_FUNC,
+ .func = {
+ .val = (void *)dummy_func4_1,
+ .nb_args = 4,
+ .args = {
+ [0] = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint8_t),
+ },
+ [1] = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint8_t),
+ },
+ [2] = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint8_t),
+ },
+ [3] = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint8_t),
+ },
+ },
+ .ret = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint32_t),
+ },
+ },
+ },
+};
+
+/* string compare test case */
+static const struct ebpf_insn test_call5_prog[] = {
+
+ [0] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = STRING_GEEK,
+ },
+ [1] = {
+ .code = (BPF_STX | BPF_MEM | BPF_W),
+ .dst_reg = EBPF_REG_10,
+ .src_reg = EBPF_REG_1,
+ .off = -8,
+ },
+ [2] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_K),
+ .dst_reg = EBPF_REG_6,
+ .imm = 0,
+ },
+ [3] = {
+ .code = (BPF_STX | BPF_MEM | BPF_B),
+ .dst_reg = EBPF_REG_10,
+ .src_reg = EBPF_REG_6,
+ .off = -4,
+ },
+ [4] = {
+ .code = (BPF_STX | BPF_MEM | BPF_W),
+ .dst_reg = EBPF_REG_10,
+ .src_reg = EBPF_REG_6,
+ .off = -12,
+ },
+ [5] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = STRING_WEEK,
+ },
+ [6] = {
+ .code = (BPF_STX | BPF_MEM | BPF_W),
+ .dst_reg = EBPF_REG_10,
+ .src_reg = EBPF_REG_1,
+ .off = -16,
+ },
+ [7] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_10,
+ },
+ [8] = {
+ .code = (EBPF_ALU64 | BPF_ADD | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = -8,
+ },
+ [9] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_2,
+ .src_reg = EBPF_REG_1,
+ },
+ [10] = {
+ .code = (BPF_JMP | EBPF_CALL),
+ .imm = 0,
+ },
+ [11] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_0,
+ },
+ [12] = {
+ .code = (BPF_ALU | EBPF_MOV | BPF_K),
+ .dst_reg = EBPF_REG_0,
+ .imm = -1,
+ },
+ [13] = {
+ .code = (EBPF_ALU64 | BPF_LSH | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = 0x20,
+ },
+ [14] = {
+ .code = (EBPF_ALU64 | BPF_RSH | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = 0x20,
+ },
+ [15] = {
+ .code = (BPF_JMP | EBPF_JNE | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .off = 11,
+ .imm = 0,
+ },
+ [16] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_10,
+ },
+ [17] = {
+ .code = (EBPF_ALU64 | BPF_ADD | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = -8,
+ },
+ [18] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_2,
+ .src_reg = EBPF_REG_10,
+ },
+ [19] = {
+ .code = (EBPF_ALU64 | BPF_ADD | BPF_K),
+ .dst_reg = EBPF_REG_2,
+ .imm = -16,
+ },
+ [20] = {
+ .code = (BPF_JMP | EBPF_CALL),
+ .imm = 0,
+ },
+ [21] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_0,
+ },
+ [22] = {
+ .code = (EBPF_ALU64 | BPF_LSH | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = 0x20,
+ },
+ [23] = {
+ .code = (EBPF_ALU64 | BPF_RSH | BPF_K),
+ .dst_reg = EBPF_REG_1,
+ .imm = 0x20,
+ },
+ [24] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_X),
+ .dst_reg = EBPF_REG_0,
+ .src_reg = EBPF_REG_1,
+ },
+ [25] = {
+ .code = (BPF_JMP | BPF_JEQ | BPF_X),
+ .dst_reg = EBPF_REG_1,
+ .src_reg = EBPF_REG_6,
+ .off = 1,
+ },
+ [26] = {
+ .code = (EBPF_ALU64 | EBPF_MOV | BPF_K),
+ .dst_reg = EBPF_REG_0,
+ .imm = 0,
+ },
+ [27] = {
+ .code = (BPF_JMP | EBPF_EXIT),
+ },
+};
+
+/* String comparision impelementation, return 0 if equal else difference */
+static uint32_t
+dummy_func5(const char *s1, const char *s2)
+{
+ while (*s1 && (*s1 == *s2)) {
+ s1++;
+ s2++;
+ }
+ return *(const unsigned char *)s1 - *(const unsigned char *)s2;
+}
+
+static int
+test_call5_check(uint64_t rc, const void *arg)
+{
+ char a[] = "geek";
+ char b[] = "week";
+ uint32_t v;
+
+ RTE_SET_USED(arg);
+
+ v = dummy_func5(a, a);
+ if (v != 0) {
+ v = -1;
+ goto fail;
+ }
+
+ v = dummy_func5(a, b);
+ if (v == 0)
+ goto fail;
+
+ v = 0;
+
+fail:
+
+ return cmp_res(__func__, v, rc, &v, &rc, sizeof(v));
+}
+
+static const struct rte_bpf_xsym test_call5_xsym[] = {
+ [0] = {
+ .name = RTE_STR(dummy_func5),
+ .type = RTE_BPF_XTYPE_FUNC,
+ .func = {
+ .val = (void *)dummy_func5,
+ .nb_args = 2,
+ .args = {
+ [0] = {
+ .type = RTE_BPF_ARG_PTR,
+ .size = sizeof(char),
+ },
+ [1] = {
+ .type = RTE_BPF_ARG_PTR,
+ .size = sizeof(char),
+ },
+ },
+ .ret = {
+ .type = RTE_BPF_ARG_RAW,
+ .size = sizeof(uint32_t),
+ },
+ },
+ },
+};
+