March 2019 - Linux-kselftest-mirror

[PATCH v3 0/7] selftests/ima: add kexec and kernel module tests

by Mimi Zohar

The kernel can be configured to require kexec kernel images and kernel modules are signed. An IMA policy can be specified on the boot command line or a custom IMA policy loaded requiring the kexec kernel image and kernel modules be signed. In addition, systems booted in secure boot mode with the IMA architecture specific policy enabled, require validly signed kexec kernel images and kernel modules. In addition to two methods of signing kernel images and two methods of signing kernel modules, there are two syscalls for each. kernel image: PE signature, IMA signature kexec syscalls: kexec_load, kexec_file_load Both the PE and IMA kernel image signature can only be verified when loaded via the kexec_file_load syscall. kernel moodule: appended signature, IMA signature kernel module syscalls: init_module, finit_module The appended kernel module signature can be verified when the kernel module is loaded via either syscall. The IMA kernel module signature can only be verified when the kernel module is loaded via the finit_module syscall. The selftests in this patch set verify that only signed kernel images and kernel modules are loaded as required, based on the kernel config, the secure boot mode, and the IMA runtime policy. Loading a kernel image or kernel module requires root privileges. To run just the IMA selftests: sudo make TARGETS=ima kselftest Changelog: - Updated tests based on Petr's review, including the defining a common test to check for root privileges. - Modified config, removing the CONFIG_KEXEC_VERIFY_SIG requirement. - Updated the SPDX license to GPL-2.0 based on Shuah's review. - Updated the secureboot mode test to check the SetupMode as well, based on David Young's review. Mimi Zohar (6): selftests/ima: cleanup the kexec selftest selftests/ima: define a set of common functions selftests/ima: define common logging functions kselftest/ima: define "require_root_privileges" selftests/ima: kexec_file_load syscall test selftests/ima: loading kernel modules Petr Vorel (1): selftests/ima: Add missing '=y' to config options tools/testing/selftests/ima/Makefile | 3 +- tools/testing/selftests/ima/config | 7 +- tools/testing/selftests/ima/ima_common_lib.sh | 173 +++++++++++++++++++ tools/testing/selftests/ima/test_kernel_module.sh | 93 ++++++++++ .../testing/selftests/ima/test_kexec_file_load.sh | 190 +++++++++++++++++++++ tools/testing/selftests/ima/test_kexec_load.sh | 53 ++---- 6 files changed, 476 insertions(+), 43 deletions(-) create mode 100755 tools/testing/selftests/ima/ima_common_lib.sh create mode 100755 tools/testing/selftests/ima/test_kernel_module.sh create mode 100755 tools/testing/selftests/ima/test_kexec_file_load.sh -- 2.7.5

5 years, 1 month

3
13
0 0

[PATCH v2] selftests: kmod: worked on errors which breaks the overall execution of the test script. i have manually edited for v2 of the patch by changing the date and also commit log.

by Jeffrin Jose T

The kmod.sh script breaks because an array is passed as input instead of a single element input.This patch takes elements one at a time and passed as input to the condition statement which in turn fixes the error.There was an issue which had the need for passing a single digit to the condition statement which is fixed using regular expression. Distribution: Debian GNU/Linux buster/sid Bash Version: 5.0.0(1)-release Signed-off-by: Jeffrin Jose T <jeffrin(a)rajagiritech.edu.in> --- tools/testing/selftests/kmod/kmod.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kmod/kmod.sh b/tools/testing/selftests/kmod/kmod.sh index 0a76314b4414..49b273c3646e 100755 --- a/tools/testing/selftests/kmod/kmod.sh +++ b/tools/testing/selftests/kmod/kmod.sh @@ -526,9 +526,12 @@ function run_all_tests() TEST_ID=${i%:*:*} ENABLED=$(get_test_enabled $TEST_ID) TEST_COUNT=$(get_test_count $TEST_ID) - if [[ $ENABLED -eq "1" ]]; then - test_case $TEST_ID $TEST_COUNT - fi + for j in $ENABLED ; do + CHECK=${j#*:*:} + if [[ $CHECK -eq "1" ]]; then + test_case $TEST_ID $TEST_COUNT + fi + done done } -- 2.20.1

5 years, 1 month

3
3
0 0

[PATCH AUTOSEL 4.19 48/48] selftests: fib_tests: sleep after changing carrier. again.

by Sasha Levin

From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> [ Upstream commit af548a27b158d548d41e56255e6eaca1658cc3be ] Just like commit e2ba732a1681 ("selftests: fib_tests: sleep after changing carrier"), wait one second to allow linkwatch to propagate the carrier change to the stack. There are two sets of carrier tests. The first slept after the carrier was set to off, and when the second set ran, it was likely that the linkwatch would be able to run again without much delay, reducing the likelihood of a race. However, if you run 'fib_tests.sh -t carrier' on a loop, you will quickly notice the failures. Sleeping on the second set of tests make the failures go away. Cc: David Ahern <dsahern(a)gmail.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Reviewed-by: David Ahern <dsahern(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/net/fib_tests.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/net/fib_tests.sh b/tools/testing/selftests/net/fib_tests.sh index 0f45633bd634..a4ccde0e473b 100755 --- a/tools/testing/selftests/net/fib_tests.sh +++ b/tools/testing/selftests/net/fib_tests.sh @@ -385,6 +385,7 @@ fib_carrier_unicast_test() set -e $IP link set dev dummy0 carrier off + sleep 1 set +e echo " Carrier down" -- 2.19.1

5 years, 1 month

1
0
0 0

[PATCH AUTOSEL 4.19 39/48] bpf, lpm: fix lookup bug in map_delete_elem

by Sasha Levin

From: Alban Crequy <alban(a)kinvolk.io> [ Upstream commit 7c0cdf0b3940f63d9777c3fcf250a2f83859ca54 ] trie_delete_elem() was deleting an entry even though it was not matching if the prefixlen was correct. This patch adds a check on matchlen. Reproducer: $ sudo bpftool map create /sys/fs/bpf/mylpm type lpm_trie key 8 value 1 entries 128 name mylpm flags 1 $ sudo bpftool map update pinned /sys/fs/bpf/mylpm key hex 10 00 00 00 aa bb cc dd value hex 01 $ sudo bpftool map dump pinned /sys/fs/bpf/mylpm key: 10 00 00 00 aa bb cc dd value: 01 Found 1 element $ sudo bpftool map delete pinned /sys/fs/bpf/mylpm key hex 10 00 00 00 ff ff ff ff $ echo $? 0 $ sudo bpftool map dump pinned /sys/fs/bpf/mylpm Found 0 elements A similar reproducer is added in the selftests. Without the patch: $ sudo ./tools/testing/selftests/bpf/test_lpm_map test_lpm_map: test_lpm_map.c:485: test_lpm_delete: Assertion `bpf_map_delete_elem(map_fd, key) == -1 && errno == ENOENT' failed. Aborted With the patch: test_lpm_map runs without errors. Fixes: e454cf595853 ("bpf: Implement map_delete_elem for BPF_MAP_TYPE_LPM_TRIE") Cc: Craig Gallek <kraig(a)google.com> Signed-off-by: Alban Crequy <alban(a)kinvolk.io> Acked-by: Craig Gallek <kraig(a)google.com> Signed-off-by: Daniel Borkmann <daniel(a)iogearbox.net> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/bpf/lpm_trie.c | 1 + tools/testing/selftests/bpf/test_lpm_map.c | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/kernel/bpf/lpm_trie.c b/kernel/bpf/lpm_trie.c index 9058317ba9de..4f3138e6ecb2 100644 --- a/kernel/bpf/lpm_trie.c +++ b/kernel/bpf/lpm_trie.c @@ -432,6 +432,7 @@ static int trie_delete_elem(struct bpf_map *map, void *_key) } if (!node || node->prefixlen != key->prefixlen || + node->prefixlen != matchlen || (node->flags & LPM_TREE_NODE_FLAG_IM)) { ret = -ENOENT; goto out; diff --git a/tools/testing/selftests/bpf/test_lpm_map.c b/tools/testing/selftests/bpf/test_lpm_map.c index 147e34cfceb7..02d7c871862a 100644 --- a/tools/testing/selftests/bpf/test_lpm_map.c +++ b/tools/testing/selftests/bpf/test_lpm_map.c @@ -474,6 +474,16 @@ static void test_lpm_delete(void) assert(bpf_map_lookup_elem(map_fd, key, &value) == -1 && errno == ENOENT); + key->prefixlen = 30; // unused prefix so far + inet_pton(AF_INET, "192.255.0.0", key->data); + assert(bpf_map_delete_elem(map_fd, key) == -1 && + errno == ENOENT); + + key->prefixlen = 16; // same prefix as the root node + inet_pton(AF_INET, "192.255.0.0", key->data); + assert(bpf_map_delete_elem(map_fd, key) == -1 && + errno == ENOENT); + /* assert initial lookup */ key->prefixlen = 32; inet_pton(AF_INET, "192.168.0.1", key->data); -- 2.19.1

5 years, 1 month

1
0
0 0

[PATCH AUTOSEL 4.20 60/60] selftests: fib_tests: sleep after changing carrier. again.

by Sasha Levin

From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> [ Upstream commit af548a27b158d548d41e56255e6eaca1658cc3be ] Just like commit e2ba732a1681 ("selftests: fib_tests: sleep after changing carrier"), wait one second to allow linkwatch to propagate the carrier change to the stack. There are two sets of carrier tests. The first slept after the carrier was set to off, and when the second set ran, it was likely that the linkwatch would be able to run again without much delay, reducing the likelihood of a race. However, if you run 'fib_tests.sh -t carrier' on a loop, you will quickly notice the failures. Sleeping on the second set of tests make the failures go away. Cc: David Ahern <dsahern(a)gmail.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Reviewed-by: David Ahern <dsahern(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/net/fib_tests.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/net/fib_tests.sh b/tools/testing/selftests/net/fib_tests.sh index 802b4af18729..1080ff55a788 100755 --- a/tools/testing/selftests/net/fib_tests.sh +++ b/tools/testing/selftests/net/fib_tests.sh @@ -388,6 +388,7 @@ fib_carrier_unicast_test() set -e $IP link set dev dummy0 carrier off + sleep 1 set +e echo " Carrier down" -- 2.19.1

5 years, 1 month

1
0
0 0

[PATCH AUTOSEL 4.20 51/60] bpf, lpm: fix lookup bug in map_delete_elem

by Sasha Levin

From: Alban Crequy <alban(a)kinvolk.io> [ Upstream commit 7c0cdf0b3940f63d9777c3fcf250a2f83859ca54 ] trie_delete_elem() was deleting an entry even though it was not matching if the prefixlen was correct. This patch adds a check on matchlen. Reproducer: $ sudo bpftool map create /sys/fs/bpf/mylpm type lpm_trie key 8 value 1 entries 128 name mylpm flags 1 $ sudo bpftool map update pinned /sys/fs/bpf/mylpm key hex 10 00 00 00 aa bb cc dd value hex 01 $ sudo bpftool map dump pinned /sys/fs/bpf/mylpm key: 10 00 00 00 aa bb cc dd value: 01 Found 1 element $ sudo bpftool map delete pinned /sys/fs/bpf/mylpm key hex 10 00 00 00 ff ff ff ff $ echo $? 0 $ sudo bpftool map dump pinned /sys/fs/bpf/mylpm Found 0 elements A similar reproducer is added in the selftests. Without the patch: $ sudo ./tools/testing/selftests/bpf/test_lpm_map test_lpm_map: test_lpm_map.c:485: test_lpm_delete: Assertion `bpf_map_delete_elem(map_fd, key) == -1 && errno == ENOENT' failed. Aborted With the patch: test_lpm_map runs without errors. Fixes: e454cf595853 ("bpf: Implement map_delete_elem for BPF_MAP_TYPE_LPM_TRIE") Cc: Craig Gallek <kraig(a)google.com> Signed-off-by: Alban Crequy <alban(a)kinvolk.io> Acked-by: Craig Gallek <kraig(a)google.com> Signed-off-by: Daniel Borkmann <daniel(a)iogearbox.net> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/bpf/lpm_trie.c | 1 + tools/testing/selftests/bpf/test_lpm_map.c | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/kernel/bpf/lpm_trie.c b/kernel/bpf/lpm_trie.c index 9058317ba9de..4f3138e6ecb2 100644 --- a/kernel/bpf/lpm_trie.c +++ b/kernel/bpf/lpm_trie.c @@ -432,6 +432,7 @@ static int trie_delete_elem(struct bpf_map *map, void *_key) } if (!node || node->prefixlen != key->prefixlen || + node->prefixlen != matchlen || (node->flags & LPM_TREE_NODE_FLAG_IM)) { ret = -ENOENT; goto out; diff --git a/tools/testing/selftests/bpf/test_lpm_map.c b/tools/testing/selftests/bpf/test_lpm_map.c index 147e34cfceb7..02d7c871862a 100644 --- a/tools/testing/selftests/bpf/test_lpm_map.c +++ b/tools/testing/selftests/bpf/test_lpm_map.c @@ -474,6 +474,16 @@ static void test_lpm_delete(void) assert(bpf_map_lookup_elem(map_fd, key, &value) == -1 && errno == ENOENT); + key->prefixlen = 30; // unused prefix so far + inet_pton(AF_INET, "192.255.0.0", key->data); + assert(bpf_map_delete_elem(map_fd, key) == -1 && + errno == ENOENT); + + key->prefixlen = 16; // same prefix as the root node + inet_pton(AF_INET, "192.255.0.0", key->data); + assert(bpf_map_delete_elem(map_fd, key) == -1 && + errno == ENOENT); + /* assert initial lookup */ key->prefixlen = 32; inet_pton(AF_INET, "192.168.0.1", key->data); -- 2.19.1

5 years, 1 month

1
0
0 0

[PATCH v2 00/12] Support using MSI interrupts in ntb_transport

by Logan Gunthorpe

Note: this version will likely trivially conflict with some cleanup patches I sent to Bjorn. So this is meant for review purposes only. If there are no objections, I'd like to look at getting it merged in the next cycle through the NTB tree. -- Changes in v2: * Cleaned up the changes in intel_irq_remapping.c to make them less confusing and add a comment. (Per discussion with Jacob and Joerg) * Fixed a nit from Bjorn and collected his Ack * Added a Kconfig dependancy on CONFIG_PCI_MSI for CONFIG_NTB_MSI as the Kbuild robot hit a random config that didn't build without it. * Worked in a callback for when the MSI descriptor changes so that the clients can resend the new address and data values to the peer. On my test system this was never necessary, but there may be other platforms where this can occur. I tested this by hacking in a path to rewrite the MSI descriptor when I change the cpu affinity of an IRQ. There's a bit of uncertainty over the latency of the change, but without hardware this can acctually occur on we can't test this. This was the result of a discussion with Dave. -- This patch series adds optional support for using MSI interrupts instead of NTB doorbells in ntb_transport. This is desirable seeing doorbells on current hardware are quite slow and therefore switching to MSI interrupts provides a significant performance gain. On switchtec hardware, a simple apples-to-apples comparison shows ntb_netdev/iperf numbers going from 3.88Gb/s to 14.1Gb/s when switching to MSI interrupts. To do this, a couple changes are required outside of the NTB tree: 1) The IOMMU must know to accept MSI requests from aliased bused numbers seeing NTB hardware typically sends proxied request IDs through additional requester IDs. The first patch in this series adds support for the Intel IOMMU. A quirk to add these aliases for switchtec hardware was already accepted. See commit ad281ecf1c7d ("PCI: Add DMA alias quirk for Microsemi Switchtec NTB") for a description of NTB proxy IDs and why this is necessary. 2) NTB transport (and other clients) may often need more MSI interrupts than the NTB hardware actually advertises support for. However, seeing these interrupts will not be triggered by the hardware but through an NTB memory window, the hardware does not actually need support or need to know about them. Therefore we add the concept of Virtual MSI interrupts which are allocated just like any other MSI interrupt but are not programmed into the hardware's MSI table. This is done in Patch 2 and then made use of in Patch 3. The remaining patches in this series add a library for dealing with MSI interrupts, a test client and finally support in ntb_transport. The series is based off of v5.0-rc4 and I've tested it on top of a of the patches I've already sent to the NTB tree (though they are independent changes). A git repo is available here: https://github.com/sbates130272/linux-p2pmem/ ntb_transport_msi_v2 Thanks, Logan -- Logan Gunthorpe (12): iommu/vt-d: Implement dma_[un]map_resource() NTB: ntb_transport: Ensure the destination buffer is mapped for TX DMA iommu/vt-d: Add helper to set an IRTE to verify only the bus number iommu/vt-d: Allow interrupts from the entire bus for aliased devices PCI/MSI: Support allocating virtual MSI interrupts PCI/switchtec: Add module parameter to request more interrupts NTB: Introduce functions to calculate multi-port resource index NTB: Rename ntb.c to support multiple source files in the module NTB: Introduce MSI library NTB: Introduce NTB MSI Test Client NTB: Add ntb_msi_test support to ntb_test NTB: Add MSI interrupt support to ntb_transport drivers/iommu/intel-iommu.c | 23 +- drivers/iommu/intel_irq_remapping.c | 32 +- drivers/ntb/Kconfig | 11 + drivers/ntb/Makefile | 3 + drivers/ntb/{ntb.c => core.c} | 0 drivers/ntb/msi.c | 415 +++++++++++++++++++++++ drivers/ntb/ntb_transport.c | 197 ++++++++++- drivers/ntb/test/Kconfig | 9 + drivers/ntb/test/Makefile | 1 + drivers/ntb/test/ntb_msi_test.c | 433 ++++++++++++++++++++++++ drivers/pci/msi.c | 55 ++- drivers/pci/switch/switchtec.c | 12 +- include/linux/msi.h | 8 + include/linux/ntb.h | 143 ++++++++ include/linux/pci.h | 9 + tools/testing/selftests/ntb/ntb_test.sh | 54 ++- 16 files changed, 1379 insertions(+), 26 deletions(-) rename drivers/ntb/{ntb.c => core.c} (100%) create mode 100644 drivers/ntb/msi.c create mode 100644 drivers/ntb/test/ntb_msi_test.c -- 2.19.0

5 years, 1 month

3
26
0 0

[PATCH] selftests: cpu-hotplug: check hotplug dir for the CONFIG_HOTPLUG_CPU

by Po-Hsu Lin

When the CONFIG_HOTPLUG_CPU is not set, there won't be a "hotplug" directory in /sys/devices/system/cpu/. Make use of this fact to check if we need to skip this test. Signed-off-by: Po-Hsu Lin <po-hsu.lin(a)canonical.com> --- tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh b/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh index 0d26b5e..27275a1 100755 --- a/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh +++ b/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh @@ -23,6 +23,11 @@ prerequisite() exit $ksft_skip fi + if [ ! -d $SYSFS/devices/system/cpu/hotplug/ ]; then + echo $msg CONFIG_HOTPLUG_CPU needs to be enabled >&2 + exit $ksft_skip + fi + if ! ls $SYSFS/devices/system/cpu/cpu* > /dev/null 2>&1; then echo $msg cpu hotplug is not supported >&2 exit $ksft_skip -- 2.7.4

5 years, 1 month

1
0
0 0

[PATCH v2 0/5] selftests/ima: add kexec and kernel module tests

by Mimi Zohar

The kernel can be configured to require kexec kernel images and kernel modules are signed. An IMA policy can be specified on the boot command line or a custom IMA policy loaded requiring the kexec kernel image and kernel modules be signed. In addition, systems booted in secure boot mode with the IMA architecture specific policy enabled, require validly signed kexec kernel images and kernel modules. There are two methods of signing kernel images and two methods of signing kernel modules. In addition, there are two syscalls for each. kernel image: PE signature, IMA signature kexec syscalls: kexec_load, kexec_file_load Both the PE and IMA kernel image signature can only be verified when loaded via the kexec_file_load syscall. kernel moodule: appended signature, IMA signature kernel module syscalls: init_module, finit_module The appended kernel module signature can be verified when the kernel module is loaded via either syscall. The IMA kernel module signature can only be verified when the kernel module is loaded via the finit_module syscall. The selftests in this patch set verify that only signed kernel images and kernel modules are loaded as required, based on the kernel config, the secure boot mode, and the IMA runtime policy. Loading a kernel image or kernel module requires root privileges. To run just the IMA selftests: sudo make TARGETS=ima kselftest Mimi Zohar (5): selftests/ima: cleanup the kexec selftest selftests/ima: define a set of common functions selftests/ima: define common logging functions selftests/ima: kexec_file_load syscall test selftests/ima: loading kernel modules tools/testing/selftests/ima/Makefile | 3 +- tools/testing/selftests/ima/common_lib.sh | 154 ++++++++++++++++ tools/testing/selftests/ima/test_kernel_module.sh | 96 ++++++++++ .../testing/selftests/ima/test_kexec_file_load.sh | 195 +++++++++++++++++++++ tools/testing/selftests/ima/test_kexec_load.sh | 53 ++---- 5 files changed, 463 insertions(+), 38 deletions(-) create mode 100755 tools/testing/selftests/ima/common_lib.sh create mode 100755 tools/testing/selftests/ima/test_kernel_module.sh create mode 100755 tools/testing/selftests/ima/test_kexec_file_load.sh -- 2.7.5

5 years, 1 month

3
24
0 0

[PATCH] selftests/ima: Add missing '=y' to config options

by Petr Vorel

so the file can be used as kernel config snippet. Signed-off-by: Petr Vorel <pvorel(a)suse.cz> --- tools/testing/selftests/ima/config | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/ima/config b/tools/testing/selftests/ima/config index 6bc86d4d9bb4..9b968cd55199 100644 --- a/tools/testing/selftests/ima/config +++ b/tools/testing/selftests/ima/config @@ -1,4 +1,4 @@ -CONFIG_IMA_APPRAISE -CONFIG_IMA_ARCH_POLICY -CONFIG_SECURITYFS -CONFIG_KEXEC_VERIFY_SIG +CONFIG_IMA_APPRAISE=y +CONFIG_IMA_ARCH_POLICY=y +CONFIG_SECURITYFS=y +CONFIG_KEXEC_VERIFY_SIG=y -- 2.20.1

5 years, 1 month

2
1
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror March 2019