October 2020 - Linux-kselftest-mirror

[PATCH v3 00/21] Miscellaneous fixes for resctrl selftests

by Fenghua Yu

This patch set has several miscellaneous fixes to resctrl selftest tool that are easily visible to user. V1 had fixes to CAT test and CMT test but they were dropped in V2 because having them here made the patchset humongous. So, changes to CAT test and CMT test will be posted in another patchset. Change Log: v3: Address various comments (commit messages, return value on test failure, print failure info on test failure etc) from Reinette and Tony. [v2: https://lore.kernel.org/linux-kselftest/cover.1589835155.git.sai.praneeth.p…] v2: 1. Dropped changes to CAT test and CMT test as they will be posted in a later series. 2. Added several other fixes [v1: https://lore.kernel.org/linux-kselftest/cover.1583657204.git.sai.praneeth.p…] Fenghua Yu (18): selftests/resctrl: Rename CQM test as CMT test selftests/resctrl: Declare global variables as extern selftests/resctrl: Return if resctrl file system is not supported selftests/resctrl: Check for resctrl mount point only if resctrl FS is supported selftests/resctrl: Use resctrl/info for feature detection selftests/resctrl: Fix missing options "-n" and "-p" selftests/resctrl: Fix MBA/MBM results reporting format selftests/resctrl: Abort running tests if not root user selftests/resctrl: Enable gcc checks to detect buffer overflows selftests/resctrl: Don't hard code value of "no_of_bits" variable selftests/resctrl: Modularize resctrl test suite main() function selftests/resctrl: Skip the test if requested resctrl feature is not supported selftests/resctrl: Umount resctrl FS only if mounted selftests/resctrl: Unmount resctrl FS after running all tests selftests/resctrl: Fix incorrect parsing of iMC counters selftests/resctrl: Fix checking for < 0 for unsigned values selftests/resctrl: Fix unnecessary usage of global variables selftests/resctrl: Don't use global variable for capacity bitmask (CBM) Reinette Chatre (3): selftests/resctrl: Fix typo selftests/resctrl: Fix typo in help text selftests/resctrl: Ensure sibling CPU is not same as original CPU tools/testing/selftests/resctrl/Makefile | 2 +- tools/testing/selftests/resctrl/README | 4 +- tools/testing/selftests/resctrl/cache.c | 4 +- tools/testing/selftests/resctrl/cat_test.c | 20 +-- .../resctrl/{cqm_test.c => cmt_test.c} | 34 ++-- tools/testing/selftests/resctrl/mba_test.c | 23 ++- tools/testing/selftests/resctrl/mbm_test.c | 16 +- tools/testing/selftests/resctrl/resctrl.h | 20 ++- .../testing/selftests/resctrl/resctrl_tests.c | 156 ++++++++++++------ tools/testing/selftests/resctrl/resctrl_val.c | 75 ++++++--- tools/testing/selftests/resctrl/resctrlfs.c | 79 ++++++--- 11 files changed, 272 insertions(+), 161 deletions(-) rename tools/testing/selftests/resctrl/{cqm_test.c => cmt_test.c} (85%) -- 2.29.0

3 years, 6 months

2
26
0 0

[PATCH] openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT

by Aleksa Sarai

This was an oversight in the original implementation, as it makes no sense to specify both scoping flags to the same openat2(2) invocation (before this patch, the result of such an invocation was equivalent to RESOLVE_IN_ROOT being ignored). This is a userspace-visible ABI change, but the only user of openat2(2) at the moment is LXC which doesn't specify both flags and so no userspace programs will break as a result. Cc: <stable(a)vger.kernel.org> # v5.6+ Fixes: fddb5d430ad9 ("open: introduce openat2(2) syscall") Acked-by: Christian Brauner <christian.brauner(a)ubuntu.com> Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com> --- fs/open.c | 4 ++++ tools/testing/selftests/openat2/openat2_test.c | 8 +++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/fs/open.c b/fs/open.c index 9af548fb841b..4d7537ae59df 100644 --- a/fs/open.c +++ b/fs/open.c @@ -1010,6 +1010,10 @@ inline int build_open_flags(const struct open_how *how, struct open_flags *op) if (how->resolve & ~VALID_RESOLVE_FLAGS) return -EINVAL; + /* Scoping flags are mutually exclusive. */ + if ((how->resolve & RESOLVE_BENEATH) && (how->resolve & RESOLVE_IN_ROOT)) + return -EINVAL; + /* Deal with the mode. */ if (WILL_CREATE(flags)) { if (how->mode & ~S_IALLUGO) diff --git a/tools/testing/selftests/openat2/openat2_test.c b/tools/testing/selftests/openat2/openat2_test.c index b386367c606b..381d874cce99 100644 --- a/tools/testing/selftests/openat2/openat2_test.c +++ b/tools/testing/selftests/openat2/openat2_test.c @@ -155,7 +155,7 @@ struct flag_test { int err; }; -#define NUM_OPENAT2_FLAG_TESTS 23 +#define NUM_OPENAT2_FLAG_TESTS 24 void test_openat2_flags(void) { @@ -210,6 +210,12 @@ void test_openat2_flags(void) .how.flags = O_TMPFILE | O_RDWR, .how.mode = 0x0000A00000000000ULL, .err = -EINVAL }, + /* ->resolve flags must not conflict. */ + { .name = "incompatible resolve flags (BENEATH | IN_ROOT)", + .how.flags = O_RDONLY, + .how.resolve = RESOLVE_BENEATH | RESOLVE_IN_ROOT, + .err = -EINVAL }, + /* ->resolve must only contain RESOLVE_* flags. */ { .name = "invalid how.resolve and O_RDONLY", .how.flags = O_RDONLY, -- 2.28.0

3 years, 6 months

3
2
0 0

[PATCH][V2] selftests/ftrace: check for do_sys_openat2 in user-memory test

by Colin King

From: Colin Ian King <colin.king(a)canonical.com> More recent libc implementations are now using openat/openat2 system calls so also add do_sys_openat2 to the tracing so that the test passes on these systems because do_sys_open may not be called. Thanks to Masami Hiramatsu for the help on getting this fix to work correctly. Signed-off-by: Colin Ian King <colin.king(a)canonical.com> --- V2: write myevent2 using >> rather than >, also enable and disable myevent2 --- .../selftests/ftrace/test.d/kprobe/kprobe_args_user.tc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc b/tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc index a30a9c07290d..d25d01a19778 100644 --- a/tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc +++ b/tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc @@ -9,12 +9,16 @@ grep -A10 "fetcharg:" README | grep -q '\[u\]<offset>' || exit_unsupported :;: "user-memory access syntax and ustring working on user memory";: echo 'p:myevent do_sys_open path=+0($arg2):ustring path2=+u0($arg2):string' \ > kprobe_events +echo 'p:myevent2 do_sys_openat2 path=+0($arg2):ustring path2=+u0($arg2):string' \ + >> kprobe_events grep myevent kprobe_events | \ grep -q 'path=+0($arg2):ustring path2=+u0($arg2):string' echo 1 > events/kprobes/myevent/enable +echo 1 > events/kprobes/myevent2/enable echo > /dev/null echo 0 > events/kprobes/myevent/enable +echo 0 > events/kprobes/myevent2/enable grep myevent trace | grep -q 'path="/dev/null" path2="/dev/null"' -- 2.27.0

3 years, 6 months

4
3
0 0

[PATCH v3 1/2] kunit: Support for Parameterized Testing

by Arpitha Raghunandan

Implementation of support for parameterized testing in KUnit. This approach requires the creation of a test case using the KUNIT_CASE_PARAM macro that accepts a generator function as input. This generator function should return the next parameter given the previous parameter in parameterized tests. It also provides a macro to generate common-case generators. Signed-off-by: Arpitha Raghunandan <98.arpi(a)gmail.com> Co-developed-by: Marco Elver <elver(a)google.com> Signed-off-by: Marco Elver <elver(a)google.com> --- Changes v2->v3: - Modifictaion of generator macro and method Changes v1->v2: - Use of a generator method to access test case parameters include/kunit/test.h | 32 ++++++++++++++++++++++++++++++++ lib/kunit/test.c | 20 +++++++++++++++++++- 2 files changed, 51 insertions(+), 1 deletion(-) diff --git a/include/kunit/test.h b/include/kunit/test.h index a423fffefea0..16bf9f334e2c 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -142,6 +142,12 @@ struct kunit_case { void (*run_case)(struct kunit *test); const char *name; + /* + * Pointer to test parameter generator function. + * Used only for parameterized tests. + */ + void* (*generate_params)(void *prev); + /* private: internal use only. */ bool success; char *log; @@ -162,6 +168,9 @@ static inline char *kunit_status_to_string(bool status) * &struct kunit_case for an example on how to use it. */ #define KUNIT_CASE(test_name) { .run_case = test_name, .name = #test_name } +#define KUNIT_CASE_PARAM(test_name, gen_params) \ + { .run_case = test_name, .name = #test_name, \ + .generate_params = gen_params } /** * struct kunit_suite - describes a related collection of &struct kunit_case @@ -208,6 +217,15 @@ struct kunit { const char *name; /* Read only after initialization! */ char *log; /* Points at case log after initialization */ struct kunit_try_catch try_catch; + /* param_values points to test case parameters in parameterized tests */ + void *param_values; + /* + * current_param stores the index of the parameter in + * the array of parameters in parameterized tests. + * current_param + 1 is printed to indicate the parameter + * that causes the test to fail in case of test failure. + */ + int current_param; /* * success starts as true, and may only be set to false during a * test case; thus, it is safe to update this across multiple @@ -1742,4 +1760,18 @@ do { \ fmt, \ ##__VA_ARGS__) +/** + * KUNIT_PARAM_GENERATOR() - Helper method for test parameter generators + * required in parameterized tests. + * @name: prefix of the name for the test parameter generator function. + * @prev: a pointer to the previous test parameter, NULL for first parameter. + * @array: a user-supplied pointer to an array of test parameters. + */ +#define KUNIT_PARAM_GENERATOR(name, array) \ + static void *name##_gen_params(void *prev) \ + { \ + typeof((array)[0]) * __next = prev ? ((typeof(__next)) prev) + 1 : (array); \ + return __next - (array) < ARRAY_SIZE((array)) ? __next : NULL; \ + } + #endif /* _KUNIT_TEST_H */ diff --git a/lib/kunit/test.c b/lib/kunit/test.c index 750704abe89a..b70ab9b12f3b 100644 --- a/lib/kunit/test.c +++ b/lib/kunit/test.c @@ -127,6 +127,11 @@ unsigned int kunit_test_case_num(struct kunit_suite *suite, } EXPORT_SYMBOL_GPL(kunit_test_case_num); +static void kunit_print_failed_param(struct kunit *test) +{ + kunit_err(test, "\n\tTest failed at parameter: %d\n", test->current_param + 1); +} + static void kunit_print_string_stream(struct kunit *test, struct string_stream *stream) { @@ -168,6 +173,8 @@ static void kunit_fail(struct kunit *test, struct kunit_assert *assert) assert->format(assert, stream); kunit_print_string_stream(test, stream); + if (test->param_values) + kunit_print_failed_param(test); WARN_ON(string_stream_destroy(stream)); } @@ -239,7 +246,18 @@ static void kunit_run_case_internal(struct kunit *test, } } - test_case->run_case(test); + if (!test_case->generate_params) { + test_case->run_case(test); + } else { + test->param_values = test_case->generate_params(NULL); + test->current_param = 0; + + while (test->param_values) { + test_case->run_case(test); + test->param_values = test_case->generate_params(test->param_values); + test->current_param++; + } + } } static void kunit_case_internal_cleanup(struct kunit *test) -- 2.25.1

3 years, 6 months

4
10
0 0

[PATCH 00/10] PKS: Add Protection Keys Supervisor (PKS) support

by ira.weiny＠intel.com

From: Ira Weiny <ira.weiny(a)intel.com> Changes from RFC V3[3] Rebase to TIP master Update test error output Standardize on 'irq_state' for state variables From Dave Hansen Update commit messages Add/clean up comments Add X86_FEATURE_PKS to disabled-features.h and remove some explicit CONFIG checks Move saved_pkrs member of thread_struct Remove superfluous preempt_disable() s/irq_save_pks/irq_save_set_pks/ Ensure PKRS is not seen in faults if not configured or not supported s/pks_mknoaccess/pks_mk_noaccess/ s/pks_mkread/pks_mk_readonly/ s/pks_mkrdwr/pks_mk_readwrite/ Change pks_key_alloc return to -EOPNOTSUPP when not supported From Peter Zijlstra Clean up Attribution Remove superfluous preempt_disable() Add union to differentiate exit_rcu/lockdep use in irqentry_state_t From Thomas Gleixner Add preliminary clean up patch and adjust series as needed Introduce a new page protection mechanism for supervisor pages, Protection Key Supervisor (PKS). 2 use cases for PKS are being developed, trusted keys and PMEM. Trusted keys is a newer use case which is still being explored. PMEM was submitted as part of the RFC (v2) series[1]. However, since then it was found that some callers of kmap() require a global implementation of PKS. Specifically some users of kmap() expect mappings to be available to all kernel threads. While global use of PKS is rare it needs to be included for correctness. Unfortunately the kmap() updates required a large patch series to make the needed changes at the various kmap() call sites so that patch set has been split out. Because the global PKS feature is only required for that use case it will be deferred to that set as well.[2] This patch set is being submitted as a precursor to both of the use cases. For an overview of the entire PKS ecosystem, a git tree including this series and 2 proposed use cases can be found here: https://lore.kernel.org/lkml/20201009195033.3208459-1-ira.weiny@intel.com/ https://lore.kernel.org/lkml/20201009201410.3209180-1-ira.weiny@intel.com/ PKS enables protections on 'domains' of supervisor pages to limit supervisor mode access to those pages beyond the normal paging protections. PKS works in a similar fashion to user space pkeys, PKU. As with PKU, supervisor pkeys are checked in addition to normal paging protections and Access or Writes can be disabled via a MSR update without TLB flushes when permissions change. Also like PKU, a page mapping is assigned to a domain by setting pkey bits in the page table entry for that mapping. Access is controlled through a PKRS register which is updated via WRMSR/RDMSR. XSAVE is not supported for the PKRS MSR. Therefore the implementation saves/restores the MSR across context switches and during exceptions. Nested exceptions are supported by each exception getting a new PKS state. For consistent behavior with current paging protections, pkey 0 is reserved and configured to allow full access via the pkey mechanism, thus preserving the default paging protections on mappings with the default pkey value of 0. Other keys, (1-15) are allocated by an allocator which prepares us for key contention from day one. Kernel users should be prepared for the allocator to fail either because of key exhaustion or due to PKS not being supported on the arch and/or CPU instance. The following are key attributes of PKS. 1) Fast switching of permissions 1a) Prevents access without page table manipulations 1b) No TLB flushes required 2) Works on a per thread basis PKS is available with 4 and 5 level paging. Like PKRU it consumes 4 bits from the PTE to store the pkey within the entry. [1] https://lore.kernel.org/lkml/20200717072056.73134-1-ira.weiny@intel.com/ [2] https://lore.kernel.org/lkml/20201009195033.3208459-2-ira.weiny@intel.com/ [3] https://lore.kernel.org/lkml/20201009194258.3207172-1-ira.weiny@intel.com/ Fenghua Yu (2): x86/pks: Enable Protection Keys Supervisor (PKS) x86/pks: Add PKS kernel API Ira Weiny (7): x86/pkeys: Create pkeys_common.h x86/fpu: Refactor arch_set_user_pkey_access() for PKS support x86/pks: Preserve the PKRS MSR on context switch x86/entry: Pass irqentry_state_t by reference x86/entry: Preserve PKRS MSR across exceptions x86/fault: Report the PKRS state on fault x86/pks: Add PKS test code Thomas Gleixner (1): x86/entry: Move nmi entry/exit into common code Documentation/core-api/protection-keys.rst | 102 ++- arch/x86/Kconfig | 1 + arch/x86/entry/common.c | 65 +- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/disabled-features.h | 8 +- arch/x86/include/asm/idtentry.h | 28 +- arch/x86/include/asm/msr-index.h | 1 + arch/x86/include/asm/pgtable.h | 13 +- arch/x86/include/asm/pgtable_types.h | 12 + arch/x86/include/asm/pkeys.h | 15 + arch/x86/include/asm/pkeys_common.h | 40 ++ arch/x86/include/asm/processor.h | 14 + arch/x86/include/uapi/asm/processor-flags.h | 2 + arch/x86/kernel/cpu/common.c | 15 + arch/x86/kernel/cpu/mce/core.c | 6 +- arch/x86/kernel/fpu/xstate.c | 22 +- arch/x86/kernel/kvm.c | 6 +- arch/x86/kernel/nmi.c | 6 +- arch/x86/kernel/process.c | 26 + arch/x86/kernel/traps.c | 24 +- arch/x86/mm/fault.c | 87 ++- arch/x86/mm/pkeys.c | 191 +++++- include/linux/entry-common.h | 46 +- include/linux/pgtable.h | 4 + include/linux/pkeys.h | 22 + kernel/entry/common.c | 62 +- lib/Kconfig.debug | 12 + lib/Makefile | 3 + lib/pks/Makefile | 3 + lib/pks/pks_test.c | 691 ++++++++++++++++++++ mm/Kconfig | 2 + tools/testing/selftests/x86/Makefile | 3 +- tools/testing/selftests/x86/test_pks.c | 66 ++ 33 files changed, 1441 insertions(+), 158 deletions(-) create mode 100644 arch/x86/include/asm/pkeys_common.h create mode 100644 lib/pks/Makefile create mode 100644 lib/pks/pks_test.c create mode 100644 tools/testing/selftests/x86/test_pks.c -- 2.28.0.rc0.12.gb6a658bd00c9

3 years, 6 months

3
15
0 0

[PATCH 5.8 211/633] selftests/lkdtm: Use "comm" instead of "diff" for dmesg

by Greg Kroah-Hartman

From: Kees Cook <keescook(a)chromium.org> [ Upstream commit d00451c8118f8f7ab8e057bc6ee2f8b7d70b6a1c ] Instead of full GNU diff (which smaller boot environments may not have), use "comm" which is more available. Reported-by: Naresh Kamboju <naresh.kamboju(a)linaro.org> Cc: linux-kselftest(a)vger.kernel.org Fixes: f131d9edc29d ("selftests/lkdtm: Don't clear dmesg when running tests") Signed-off-by: Kees Cook <keescook(a)chromium.org> Acked-by: Shuah Khan <skhan(a)linuxfoundation.org> Link: https://lore.kernel.org/r/20200909211700.2399399-1-keescook@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/lkdtm/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/lkdtm/run.sh b/tools/testing/selftests/lkdtm/run.sh index 8383eb89d88a9..bb7a1775307b8 100755 --- a/tools/testing/selftests/lkdtm/run.sh +++ b/tools/testing/selftests/lkdtm/run.sh @@ -82,7 +82,7 @@ dmesg > "$DMESG" ($SHELL -c 'cat <(echo '"$test"') >'"$TRIGGER" 2>/dev/null) || true # Record and dump the results -dmesg | diff --changed-group-format='%>' --unchanged-group-format='' "$DMESG" - > "$LOG" || true +dmesg | comm --nocheck-order -13 "$DMESG" - > "$LOG" || true cat "$LOG" # Check for expected output -- 2.25.1

3 years, 6 months

1
0
0 0

[PATCH 5.9 251/757] selftests/lkdtm: Use "comm" instead of "diff" for dmesg

by Greg Kroah-Hartman

From: Kees Cook <keescook(a)chromium.org> [ Upstream commit d00451c8118f8f7ab8e057bc6ee2f8b7d70b6a1c ] Instead of full GNU diff (which smaller boot environments may not have), use "comm" which is more available. Reported-by: Naresh Kamboju <naresh.kamboju(a)linaro.org> Cc: linux-kselftest(a)vger.kernel.org Fixes: f131d9edc29d ("selftests/lkdtm: Don't clear dmesg when running tests") Signed-off-by: Kees Cook <keescook(a)chromium.org> Acked-by: Shuah Khan <skhan(a)linuxfoundation.org> Link: https://lore.kernel.org/r/20200909211700.2399399-1-keescook@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/lkdtm/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/lkdtm/run.sh b/tools/testing/selftests/lkdtm/run.sh index 8383eb89d88a9..bb7a1775307b8 100755 --- a/tools/testing/selftests/lkdtm/run.sh +++ b/tools/testing/selftests/lkdtm/run.sh @@ -82,7 +82,7 @@ dmesg > "$DMESG" ($SHELL -c 'cat <(echo '"$test"') >'"$TRIGGER" 2>/dev/null) || true # Record and dump the results -dmesg | diff --changed-group-format='%>' --unchanged-group-format='' "$DMESG" - > "$LOG" || true +dmesg | comm --nocheck-order -13 "$DMESG" - > "$LOG" || true cat "$LOG" # Check for expected output -- 2.25.1

3 years, 6 months

1
0
0 0

[PATCH v3 29/32] selftests: kselftest_harness.h: fix kernel-doc markups

by Mauro Carvalho Chehab

The kernel-doc markups there is violating the expected syntax, causing it to not parse the name of the markup identifier properly, preventing it to check if the kernel-doc matches the #define below each markup. Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> --- tools/testing/selftests/kselftest_harness.h | 44 ++++++++++----------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/tools/testing/selftests/kselftest_harness.h b/tools/testing/selftests/kselftest_harness.h index f19804df244c..d747d6b1da1a 100644 --- a/tools/testing/selftests/kselftest_harness.h +++ b/tools/testing/selftests/kselftest_harness.h @@ -432,7 +432,7 @@ */ /** - * ASSERT_EQ(expected, seen) + * ASSERT_EQ() * * @expected: expected value * @seen: measured value @@ -443,7 +443,7 @@ __EXPECT(expected, #expected, seen, #seen, ==, 1) /** - * ASSERT_NE(expected, seen) + * ASSERT_NE() * * @expected: expected value * @seen: measured value @@ -454,7 +454,7 @@ __EXPECT(expected, #expected, seen, #seen, !=, 1) /** - * ASSERT_LT(expected, seen) + * ASSERT_LT() * * @expected: expected value * @seen: measured value @@ -465,7 +465,7 @@ __EXPECT(expected, #expected, seen, #seen, <, 1) /** - * ASSERT_LE(expected, seen) + * ASSERT_LE() * * @expected: expected value * @seen: measured value @@ -476,7 +476,7 @@ __EXPECT(expected, #expected, seen, #seen, <=, 1) /** - * ASSERT_GT(expected, seen) + * ASSERT_GT() * * @expected: expected value * @seen: measured value @@ -487,7 +487,7 @@ __EXPECT(expected, #expected, seen, #seen, >, 1) /** - * ASSERT_GE(expected, seen) + * ASSERT_GE() * * @expected: expected value * @seen: measured value @@ -498,7 +498,7 @@ __EXPECT(expected, #expected, seen, #seen, >=, 1) /** - * ASSERT_NULL(seen) + * ASSERT_NULL() * * @seen: measured value * @@ -508,7 +508,7 @@ __EXPECT(NULL, "NULL", seen, #seen, ==, 1) /** - * ASSERT_TRUE(seen) + * ASSERT_TRUE() * * @seen: measured value * @@ -518,7 +518,7 @@ __EXPECT(0, "0", seen, #seen, !=, 1) /** - * ASSERT_FALSE(seen) + * ASSERT_FALSE() * * @seen: measured value * @@ -528,7 +528,7 @@ __EXPECT(0, "0", seen, #seen, ==, 1) /** - * ASSERT_STREQ(expected, seen) + * ASSERT_STREQ() * * @expected: expected value * @seen: measured value @@ -539,7 +539,7 @@ __EXPECT_STR(expected, seen, ==, 1) /** - * ASSERT_STRNE(expected, seen) + * ASSERT_STRNE() * * @expected: expected value * @seen: measured value @@ -550,7 +550,7 @@ __EXPECT_STR(expected, seen, !=, 1) /** - * EXPECT_EQ(expected, seen) + * EXPECT_EQ() * * @expected: expected value * @seen: measured value @@ -561,7 +561,7 @@ __EXPECT(expected, #expected, seen, #seen, ==, 0) /** - * EXPECT_NE(expected, seen) + * EXPECT_NE() * * @expected: expected value * @seen: measured value @@ -572,7 +572,7 @@ __EXPECT(expected, #expected, seen, #seen, !=, 0) /** - * EXPECT_LT(expected, seen) + * EXPECT_LT() * * @expected: expected value * @seen: measured value @@ -583,7 +583,7 @@ __EXPECT(expected, #expected, seen, #seen, <, 0) /** - * EXPECT_LE(expected, seen) + * EXPECT_LE() * * @expected: expected value * @seen: measured value @@ -594,7 +594,7 @@ __EXPECT(expected, #expected, seen, #seen, <=, 0) /** - * EXPECT_GT(expected, seen) + * EXPECT_GT() * * @expected: expected value * @seen: measured value @@ -605,7 +605,7 @@ __EXPECT(expected, #expected, seen, #seen, >, 0) /** - * EXPECT_GE(expected, seen) + * EXPECT_GE() * * @expected: expected value * @seen: measured value @@ -616,7 +616,7 @@ __EXPECT(expected, #expected, seen, #seen, >=, 0) /** - * EXPECT_NULL(seen) + * EXPECT_NULL() * * @seen: measured value * @@ -626,7 +626,7 @@ __EXPECT(NULL, "NULL", seen, #seen, ==, 0) /** - * EXPECT_TRUE(seen) + * EXPECT_TRUE() * * @seen: measured value * @@ -636,7 +636,7 @@ __EXPECT(0, "0", seen, #seen, !=, 0) /** - * EXPECT_FALSE(seen) + * EXPECT_FALSE() * * @seen: measured value * @@ -646,7 +646,7 @@ __EXPECT(0, "0", seen, #seen, ==, 0) /** - * EXPECT_STREQ(expected, seen) + * EXPECT_STREQ() * * @expected: expected value * @seen: measured value @@ -657,7 +657,7 @@ __EXPECT_STR(expected, seen, ==, 0) /** - * EXPECT_STRNE(expected, seen) + * EXPECT_STRNE() * * @expected: expected value * @seen: measured value -- 2.26.2

3 years, 6 months

1
0
0 0

[PATCH v7 0/7] mm: introduce memfd_secret system call to create "secret" memory areas

by Mike Rapoport

From: Mike Rapoport <rppt(a)linux.ibm.com> Hi, This is an implementation of "secret" mappings backed by a file descriptor. The file descriptor backing secret memory mappings is created using a dedicated memfd_secret system call The desired protection mode for the memory is configured using flags parameter of the system call. The mmap() of the file descriptor created with memfd_secret() will create a "secret" memory mapping. The pages in that mapping will be marked as not present in the direct map and will have desired protection bits set in the user page table. For instance, current implementation allows uncached mappings. Although normally Linux userspace mappings are protected from other users, such secret mappings are useful for environments where a hostile tenant is trying to trick the kernel into giving them access to other tenants mappings. Additionally, in the future the secret mappings may be used as a mean to protect guest memory in a virtual machine host. For demonstration of secret memory usage we've created a userspace library https://git.kernel.org/pub/scm/linux/kernel/git/jejb/secret-memory-preloade… that does two things: the first is act as a preloader for openssl to redirect all the OPENSSL_malloc calls to secret memory meaning any secret keys get automatically protected this way and the other thing it does is expose the API to the user who needs it. We anticipate that a lot of the use cases would be like the openssl one: many toolkits that deal with secret keys already have special handling for the memory to try to give them greater protection, so this would simply be pluggable into the toolkits without any need for user application modification. Hiding secret memory mappings behind an anonymous file allows (ab)use of the page cache for tracking pages allocated for the "secret" mappings as well as using address_space_operations for e.g. page migration callbacks. The anonymous file may be also used implicitly, like hugetlb files, to implement mmap(MAP_SECRET) and use the secret memory areas with "native" mm ABIs in the future. To limit fragmentation of the direct map to splitting only PUD-size pages, I've added an amortizing cache of PMD-size pages to each file descriptor that is used as an allocation pool for the secret memory areas. It is easy to add boot time reservation of the memory for secretmem needs. There was an implementation in earlier version of this set, but I've dropped it for now as there is no consensus whether the boot time reservation should be done from memblock or from CMA. I beleive we can have this discussion after straightening out the basic implementation. v7: * Use set_direct_map() instead of __kernel_map_pages() to ensure error handling in case the direct map update fails * Add accounting of large pages used to reduce the direct map fragmentation * Teach get_user_pages() and frieds to refuse get/pin secretmem pages v6: https://lore.kernel.org/lkml/20200924132904.1391-1-rppt@kernel.org * Silence the warning about missing syscall, thanks to Qian Cai * Replace spaces with tabs in Kconfig additions, per Randy * Add a selftest. v5: https://lore.kernel.org/lkml/20200916073539.3552-1-rppt@kernel.org * rebase on v5.9-rc5 * drop boot time memory reservation patch v4: https://lore.kernel.org/lkml/20200818141554.13945-1-rppt@kernel.org * rebase on v5.9-rc1 * Do not redefine PMD_PAGE_ORDER in fs/dax.c, thanks Kirill * Make secret mappings exclusive by default and only require flags to memfd_secret() system call for uncached mappings, thanks again Kirill :) v3: https://lore.kernel.org/lkml/20200804095035.18778-1-rppt@kernel.org * Squash kernel-parameters.txt update into the commit that added the command line option. * Make uncached mode explicitly selectable by architectures. For now enable it only on x86. v2: https://lore.kernel.org/lkml/20200727162935.31714-1-rppt@kernel.org * Follow Michael's suggestion and name the new system call 'memfd_secret' * Add kernel-parameters documentation about the boot option * Fix i386-tinyconfig regression reported by the kbuild bot. CONFIG_SECRETMEM now depends on !EMBEDDED to disable it on small systems from one side and still make it available unconditionally on architectures that support SET_DIRECT_MAP. v1: https://lore.kernel.org/lkml/20200720092435.17469-1-rppt@kernel.org Mike Rapoport (8): mm: add definition of PMD_PAGE_ORDER mmap: make mlock_future_check() global set_memory: allow set_direct_map_*_noflush() for multiple pages mm: introduce memfd_secret system call to create "secret" memory areas arch, mm: wire up memfd_secret system call were relevant mm: secretmem: use PMD-size pages to amortize direct map fragmentation secretmem: test: add basic selftest for memfd_secret(2) mm: secretmem: add ability to reserve memory at boot arch/Kconfig | 7 + arch/arm64/include/asm/cacheflush.h | 4 +- arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 2 + arch/arm64/include/uapi/asm/unistd.h | 1 + arch/arm64/mm/pageattr.c | 10 +- arch/riscv/include/asm/set_memory.h | 4 +- arch/riscv/include/asm/unistd.h | 1 + arch/riscv/mm/pageattr.c | 8 +- arch/x86/Kconfig | 1 + arch/x86/entry/syscalls/syscall_32.tbl | 1 + arch/x86/entry/syscalls/syscall_64.tbl | 1 + arch/x86/include/asm/set_memory.h | 4 +- arch/x86/mm/pat/set_memory.c | 8 +- fs/dax.c | 11 +- include/linux/pgtable.h | 3 + include/linux/set_memory.h | 4 +- include/linux/syscalls.h | 1 + include/uapi/asm-generic/unistd.h | 7 +- include/uapi/linux/magic.h | 1 + include/uapi/linux/secretmem.h | 8 + kernel/sys_ni.c | 2 + mm/Kconfig | 4 + mm/Makefile | 1 + mm/gup.c | 10 + mm/internal.h | 3 + mm/mmap.c | 5 +- mm/secretmem.c | 487 ++++++++++++++++++++++ mm/vmalloc.c | 5 +- scripts/checksyscalls.sh | 4 + tools/testing/selftests/vm/.gitignore | 1 + tools/testing/selftests/vm/Makefile | 3 +- tools/testing/selftests/vm/memfd_secret.c | 296 +++++++++++++ tools/testing/selftests/vm/run_vmtests | 17 + 34 files changed, 892 insertions(+), 35 deletions(-) create mode 100644 include/uapi/linux/secretmem.h create mode 100644 mm/secretmem.c create mode 100644 tools/testing/selftests/vm/memfd_secret.c -- 2.28.0

3 years, 6 months

3
11
0 0

[PATCH 1/2] kunit: tool: Fix LinuxSourceTree's missed handling of 'build_dir'

by SeongJae Park

From: SeongJae Park <sjpark(a)amazon.de> Because commit d43c7fb05765 ("kunit: tool: fix improper treatment of file location") removed 'kunit_kernel.kunitconfig_path' modification for the '--builddir' argument, running kunit with '--build_dir' now fails with below error message: Traceback (most recent call last): File "./tools/testing/kunit/kunit.py", line 325, in <module> main(sys.argv[1:]) File "./tools/testing/kunit/kunit.py", line 245, in main linux = kunit_kernel.LinuxSourceTree() File "/home/sjpark/linux/tools/testing/kunit/kunit_kernel.py", line 109, in __init__ self._kconfig.read_from_file(kunitconfig_path) File "/home/sjpark/linux/tools/testing/kunit/kunit_config.py", line 88, in read_from_file with open(path, 'r') as f: FileNotFoundError: [Errno 2] No such file or directory: '.kunitconfig' As simply reverting the change now make the 'kunit_tool_test' fails again, this commit fixes the problem by passing the 'build_dir' argument to 'LinuxSourceTree' constructor. Fixes: d43c7fb05765 ("kunit: tool: fix improper treatment of file location") Signed-off-by: SeongJae Park <sjpark(a)amazon.de> --- tools/testing/kunit/kunit.py | 8 ++++---- tools/testing/kunit/kunit_kernel.py | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/testing/kunit/kunit.py b/tools/testing/kunit/kunit.py index 425ef40067e7..611c23e178f8 100755 --- a/tools/testing/kunit/kunit.py +++ b/tools/testing/kunit/kunit.py @@ -242,7 +242,7 @@ def main(argv, linux=None): os.mkdir(cli_args.build_dir) if not linux: - linux = kunit_kernel.LinuxSourceTree() + linux = kunit_kernel.LinuxSourceTree(cli_args.build_dir) request = KunitRequest(cli_args.raw_output, cli_args.timeout, @@ -259,7 +259,7 @@ def main(argv, linux=None): os.mkdir(cli_args.build_dir) if not linux: - linux = kunit_kernel.LinuxSourceTree() + linux = kunit_kernel.LinuxSourceTree(cli_args.build_dir) request = KunitConfigRequest(cli_args.build_dir, cli_args.make_options) @@ -275,7 +275,7 @@ def main(argv, linux=None): os.mkdir(cli_args.build_dir) if not linux: - linux = kunit_kernel.LinuxSourceTree() + linux = kunit_kernel.LinuxSourceTree(cli_args.build_dir) request = KunitBuildRequest(cli_args.jobs, cli_args.build_dir, @@ -293,7 +293,7 @@ def main(argv, linux=None): os.mkdir(cli_args.build_dir) if not linux: - linux = kunit_kernel.LinuxSourceTree() + linux = kunit_kernel.LinuxSourceTree(cli_args.build_dir) exec_request = KunitExecRequest(cli_args.timeout, cli_args.build_dir, diff --git a/tools/testing/kunit/kunit_kernel.py b/tools/testing/kunit/kunit_kernel.py index e20e2056cb38..16a997504317 100644 --- a/tools/testing/kunit/kunit_kernel.py +++ b/tools/testing/kunit/kunit_kernel.py @@ -104,9 +104,9 @@ def get_kconfig_path(build_dir): class LinuxSourceTree(object): """Represents a Linux kernel source tree with KUnit tests.""" - def __init__(self): + def __init__(self, build_dir): self._kconfig = kunit_config.Kconfig() - self._kconfig.read_from_file(kunitconfig_path) + self._kconfig.read_from_file(os.path.join(build_dir, kunitconfig_path)) self._ops = LinuxSourceTreeOperations() signal.signal(signal.SIGINT, self.signal_handler) -- 2.17.1

3 years, 6 months

3
7
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror October 2020