The following issues were found

tools/testing/selftests/bpf/prog_tests/task_local_storage.c
1 issues
system - This causes a new program to execute and is difficult to use safely
Security

Line: 53 Column: 17 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available 

              		goto out;

	/* trigger at least one exit_creds() */
	if (CHECK_FAIL(system("ls > /dev/null")))
		goto out;

	/* sync rcu to make sure exit_creds() is called for "ls" */
	kern_sync_rcu();
	ASSERT_EQ(skel->bss->valid_ptr_count, 0, "valid_ptr_count");

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/tcp_rtt.c
1 issues
usleep - This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified
Security

Line: 39 Column: 3 CWE codes: 676
Suggestion: Use nanosleep(2) or setitimer(2) instead 

              		if (info.tcpi_unacked == 0)
			return 0;

		usleep(10);
	}

	log_err("Did not receive ACK");
	return -1;
}

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/tcpbpf_user.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 54 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              static void run_test(struct tcpbpf_globals *result)
{
	int listen_fd = -1, cli_fd = -1, accept_fd = -1;
	char buf[1000];
	int err = -1;
	int i, rv;

	listen_fd = start_server(AF_INET6, SOCK_STREAM, LO_ADDR6, 0, 0);
	if (CHECK(listen_fd == -1, "start_server", "listen_fd:%d errno:%d\n",

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/test_lsm.c
1 issues
execvp - This causes a new program to execute and is difficult to use safely
Security

Line: 44 Column: 3 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available 

              	child_pid = fork();
	if (child_pid == 0) {
		*monitored_pid = getpid();
		execvp(CMD_ARGS[0], CMD_ARGS);
		return -EINVAL;
	} else if (child_pid > 0) {
		waitpid(child_pid, &child_status, 0);
		return child_status;
	}

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/trace_ext.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 25 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	struct test_trace_ext__bss *bss_ext;
	int err, pkt_fd, ext_fd;
	struct bpf_program *prog;
	char buf[100];
	__u32 retval;
	__u64 len;

	/* open/load/attach test_pkt_md_access */
	skel_pkt = test_pkt_md_access__open_and_load();

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/xdp.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 13 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	struct iptnl_info value6 = {.family = AF_INET6};
	const char *file = "./test_xdp.o";
	struct bpf_object *obj;
	char buf[128];
	struct ipv6hdr *iph6 = (void *)buf + sizeof(struct ethhdr);
	struct iphdr *iph = (void *)buf + sizeof(struct ethhdr);
	__u32 duration, retval, size;
	int err, prog_fd, map_fd;

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/xdp_bpf2bpf.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 42 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              void test_xdp_bpf2bpf(void)
{
	__u32 duration = 0, retval, size;
	char buf[128];
	int err, pkt_fd, map_fd;
	bool passed = false;
	struct iphdr *iph = (void *)buf + sizeof(struct ethhdr);
	struct iptnl_info value4 = {.family = AF_INET};
	struct test_xdp *pkt_skel = NULL;

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/xdp_noinline.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 31 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	__u32 duration = 0, retval, size;
	int err, i;
	__u64 bytes = 0, pkts = 0;
	char buf[128];
	u32 *magic = (u32 *)buf;

	skel = test_xdp_noinline__open_and_load();
	if (CHECK(!skel, "skel_open_and_load", "failed\n"))
		return;

Reported by FlawFinder.

tools/testing/selftests/bpf/prog_tests/xdp_perf.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 9 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              	const char *file = "./xdp_dummy.o";
	__u32 duration, retval, size;
	struct bpf_object *obj;
	char in[128], out[128];
	int err, prog_fd;

	err = bpf_prog_load(file, BPF_PROG_TYPE_XDP, &obj, &prog_fd);
	if (CHECK_FAIL(err))
		return;

Reported by FlawFinder.

tools/testing/selftests/bpf/progs/bpf_dctcp.c
1 issues
There is an unknown macro here somewhere. Configuration is required. If SEC is a macro then please configure it.
Error

Line: 73 

              	dctcp_reset(tp, ca);
}

SEC("struct_ops/dctcp_ssthresh")
__u32 BPF_PROG(dctcp_ssthresh, struct sock *sk)
{
	struct dctcp *ca = inet_csk_ca(sk);
	struct tcp_sock *tp = tcp_sk(sk);

Reported by Cppcheck.