fix: always initialize peer_address in the kmod

Signed-off-by: Andrea Terzolo <[email protected]>

driver/bpf/filler_helpers.h

@@ -425,14 +425,7 @@ static __always_inline bool bpf_getsockname(struct socket *sock,
 
 		u = (struct unix_sock *)sk;
 		addr = _READ(u->addr);
-		if(!addr) {
-			sunaddr->sun_family = AF_UNIX;
-			sunaddr->sun_path[0] = 0;
-			// The first byte to 0 can be confused with an `abstract socket address` for this reason
-			// we put also the second byte to 0 to comunicate to the caller that the address is not
-			// valid.
-			sunaddr->sun_path[1] = 0;
-		} else {
+		if(u && addr) {
 			unsigned int len = _READ(addr->len);
 
 			if(len > sizeof(struct sockaddr_storage))
@@ -444,6 +437,13 @@ static __always_inline bool bpf_getsockname(struct socket *sock,
 #else
 			bpf_probe_read_kernel(sunaddr, len, addr->name);
 #endif
+		} else {
+			sunaddr->sun_family = AF_UNIX;
+			sunaddr->sun_path[0] = 0;
+			// The first byte to 0 can be confused with an `abstract socket address` for this reason
+			// we put also the second byte to 0 to comunicate to the caller that the address is not
+			// valid.
+			sunaddr->sun_path[1] = 0;
 		}
 
 		break;

driver/ppm_events.c

@@ -233,30 +233,24 @@ inline int sock_getname(struct socket *sock, struct sockaddr *sock_address, int
 	case AF_UNIX: {
 		struct sockaddr_un *sunaddr = (struct sockaddr_un *)sock_address;
 		struct unix_sock *u;
-		struct unix_address *u_addr = NULL;
 
-		if(peer) {
+		if(peer)
 			sk = ((struct unix_sock *)sk)->peer;
-			if(!sk) {
-				return -ENOTCONN;
-			}
-		}
 
 		u = (struct unix_sock *)sk;
-		u_addr = u->addr;
-		if(!u_addr) {
+		if(u && u->addr) {
+			unsigned int len = u->addr->len;
+			if(unlikely(len > sizeof(struct sockaddr_storage))) {
+				len = sizeof(struct sockaddr_storage);
+			}
+			memcpy(sunaddr, u->addr->name, len);
+		} else {
 			sunaddr->sun_family = AF_UNIX;
 			sunaddr->sun_path[0] = 0;
 			// The first byte to 0 can be confused with an `abstract socket address` for this reason
 			// we put also the second byte to 0 to comunicate to the caller that the address is not
 			// valid.
 			sunaddr->sun_path[1] = 0;
-		} else {
-			unsigned int len = u_addr->len;
-			if(unlikely(len > sizeof(struct sockaddr_storage))) {
-				len = sizeof(struct sockaddr_storage);
-			}
-			memcpy(sunaddr, u_addr->name, len);
 		}
 		break;
 	}
@@ -1004,8 +998,8 @@ uint16_t fd_to_socktuple(int fd,
 	struct sockaddr_in *usrsockaddr_in;
 	struct sockaddr_in6 *usrsockaddr_in6;
 	uint16_t size;
-	struct sockaddr_storage sock_address;
-	struct sockaddr_storage peer_address;
+	struct sockaddr_storage sock_address = {};
+	struct sockaddr_storage peer_address = {};
 	struct socket *sock;
 	char *dest;
 	struct unix_sock *us;

test/drivers/test_suites/syscall_enter_suite/sendto_e.cpp

@@ -97,6 +97,82 @@ TEST(SyscallEnter, sendtoE_ipv4_tcp_NULL_sockaddr) {
 
 /*=============================== UDP ===========================*/
 
+TEST(SyscallEnter, sendtoE_unix_udp) {
+	auto evt_test = get_syscall_event_test(__NR_sendto, ENTER_EVENT);
+
+	evt_test->enable_capture();
+
+	/*=============================== TRIGGER SYSCALL  ===========================*/
+
+	int32_t server_socket_fd = syscall(__NR_socket, AF_UNIX, SOCK_DGRAM, 0);
+	assert_syscall_state(SYSCALL_SUCCESS, "socket", server_socket_fd, NOT_EQUAL, -1);
+	evt_test->server_reuse_address_port(server_socket_fd);
+	sockaddr_un server_addr = {};
+	evt_test->server_fill_sockaddr_un(&server_addr);
+	assert_syscall_state(SYSCALL_SUCCESS,
+	                     "bind (server)",
+	                     syscall(__NR_bind, server_socket_fd, &server_addr, sizeof(server_addr)),
+	                     NOT_EQUAL,
+	                     -1);
+
+	int32_t client_socket_fd = syscall(__NR_socket, AF_UNIX, SOCK_DGRAM, 0);
+	assert_syscall_state(SYSCALL_SUCCESS, "socket", client_socket_fd, NOT_EQUAL, -1);
+	evt_test->client_reuse_address_port(client_socket_fd);
+	sockaddr_un client_addr = {};
+	evt_test->client_fill_sockaddr_un(&client_addr);
+	assert_syscall_state(SYSCALL_SUCCESS,
+	                     "bind (client)",
+	                     syscall(__NR_bind, client_socket_fd, &client_addr, sizeof(client_addr)),
+	                     NOT_EQUAL,
+	                     -1);
+
+	const void* sent_data = (const void*)SHORT_MESSAGE;
+	size_t sent_data_len = SHORT_MESSAGE_LEN;
+	uint32_t sendto_flags = 0;
+
+	int64_t sent_bytes = syscall(__NR_sendto,
+	                             client_socket_fd,
+	                             sent_data,
+	                             sent_data_len,
+	                             sendto_flags,
+	                             &server_addr,
+	                             sizeof(server_addr));
+	assert_syscall_state(SYSCALL_SUCCESS, "sendto (client)", sent_bytes, NOT_EQUAL, -1);
+
+	syscall(__NR_shutdown, server_socket_fd, 2);
+	syscall(__NR_shutdown, client_socket_fd, 2);
+	close(client_socket_fd);
+	close(server_socket_fd);
+	syscall(__NR_unlinkat, 0, UNIX_CLIENT, 0);
+	syscall(__NR_unlinkat, 0, UNIX_SERVER, 0);
+
+	/*=============================== TRIGGER SYSCALL ===========================*/
+
+	evt_test->disable_capture();
+
+	evt_test->assert_event_presence();
+
+	if(HasFatalFailure()) {
+		return;
+	}
+
+	evt_test->parse_event();
+
+	evt_test->assert_header();
+
+	/*=============================== ASSERT PARAMETERS  ===========================*/
+
+	/* Parameter 2: size (type: PT_UINT32)*/
+	evt_test->assert_numeric_param(2, (uint32_t)SHORT_MESSAGE_LEN);
+
+	/* Parameter 3: tuple (type: PT_SOCKTUPLE)*/
+	evt_test->assert_tuple_unix_param(3, PPM_AF_UNIX, UNIX_SERVER);
+
+	/*=============================== ASSERT PARAMETERS  ===========================*/
+
+	evt_test->assert_num_params_pushed(3);
+}
+
 TEST(SyscallEnter, sendtoE_ipv4_udp) {
 	auto evt_test = get_syscall_event_test(__NR_sendto, ENTER_EVENT);