July 2022 - Linux-kselftest-mirror

[PATCH 0/4] mm/memfd: MFD_NOEXEC for memfd_create

by Daniel Verkamp

The default file permissions on a memfd include execute bits, which means that such a memfd can be filled with a executable and passed to the exec() family of functions. This is undesirable on systems where all code is verified and all filesystems are intended to be mounted noexec, since an attacker may be able to use a memfd to load unverified code and execute it. Additionally, execution via memfd is a common way to avoid scrutiny for malicious code, since it allows execution of a program without a file ever appearing on disk. This attack vector is not totally mitigated with this new flag, since the default memfd file permissions must remain executable to avoid breaking existing legitimate uses, but it should be possible to use other security mechanisms to prevent memfd_create calls without MFD_NOEXEC on systems where it is known that executable memfds are not necessary. This patch series adds a new MFD_NOEXEC flag for memfd_create(), which allows creation of non-executable memfds, and as part of the implementation of this new flag, it also adds a new F_SEAL_EXEC seal, which will prevent modification of any of the execute bits of a sealed memfd. I am not sure if this is the best way to implement the desired behavior (for example, the F_SEAL_EXEC seal is really more of an implementation detail and feels a bit clunky to expose), so suggestions are welcome for alternate approaches. Daniel Verkamp (4): mm/memfd: add F_SEAL_EXEC mm/memfd: add MFD_NOEXEC flag to memfd_create selftests/memfd: add tests for F_SEAL_EXEC selftests/memfd: add tests for MFD_NOEXEC include/uapi/linux/fcntl.h | 1 + include/uapi/linux/memfd.h | 1 + mm/memfd.c | 12 ++- mm/shmem.c | 6 ++ tools/testing/selftests/memfd/memfd_test.c | 114 +++++++++++++++++++++ 5 files changed, 133 insertions(+), 1 deletion(-) -- 2.35.1.1094.g7c7d902a7c-goog

1 year, 9 months

3
10
0 0

[PATCH v2] drm/tests: Split up test cases in igt_check_drm_format_min_pitch

by Maíra Canal

The igt_check_drm_format_min_pitch() function had a lot of KUNIT_EXPECT_* calls, all of which ended up allocating and initializing various test assertion structures on the stack. This behavior was producing -Wframe-larger-than warnings on PowerPC, i386, and MIPS architectures, such as: drivers/gpu/drm/tests/drm_format_test.c: In function 'igt_check_drm_format_min_pitch': drivers/gpu/drm/tests/drm_format_test.c:271:1: error: the frame size of 3712 bytes is larger than 2048 bytes So, the igt_check_drm_format_min_pitch() test case was split into three smaller functions: one testing single plane formats, one testing multi-planar formats, and the other testing tiled formats. Fixes: 0421bb0baa84 ("drm: selftest: convert drm_format selftest to KUnit") Reported-by: kernel test robot <lkp(a)intel.com> Reported-by: Guenter Roeck <linux(a)roeck-us.net> Signed-off-by: Maíra Canal <mairacanal(a)riseup.net> Tested-by: Guenter Roeck <linux(a)roeck-us.net> Reviewed-by: André Almeida <andrealmeid(a)igalia.com> --- v1 -> v2: - Add Guenter's Tested-by tag. - Add André's Reviewed-by tag. - Replace "multiple planes" for "multi-planar" (André Almeida). - Add Fixes tag (Melissa Wen). --- drivers/gpu/drm/tests/drm_format_test.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/tests/drm_format_test.c b/drivers/gpu/drm/tests/drm_format_test.c index 056cb8599d6d..afb4bca72187 100644 --- a/drivers/gpu/drm/tests/drm_format_test.c +++ b/drivers/gpu/drm/tests/drm_format_test.c @@ -91,7 +91,7 @@ static void igt_check_drm_format_block_height(struct kunit *test) KUNIT_EXPECT_FALSE(test, drm_format_info_block_height(info, -1)); } -static void igt_check_drm_format_min_pitch(struct kunit *test) +static void igt_check_drm_format_min_pitch_for_single_plane(struct kunit *test) { const struct drm_format_info *info = NULL; @@ -175,6 +175,11 @@ static void igt_check_drm_format_min_pitch(struct kunit *test) (uint64_t)UINT_MAX * 4); KUNIT_EXPECT_EQ(test, drm_format_info_min_pitch(info, 0, (UINT_MAX - 1)), (uint64_t)(UINT_MAX - 1) * 4); +} + +static void igt_check_drm_format_min_pitch_for_multi_planar(struct kunit *test) +{ + const struct drm_format_info *info = NULL; /* Test 2 planes format */ info = drm_format_info(DRM_FORMAT_NV12); @@ -249,6 +254,11 @@ static void igt_check_drm_format_min_pitch(struct kunit *test) (uint64_t)(UINT_MAX - 1) / 2); KUNIT_EXPECT_EQ(test, drm_format_info_min_pitch(info, 2, (UINT_MAX - 1) / 2), (uint64_t)(UINT_MAX - 1) / 2); +} + +static void igt_check_drm_format_min_pitch_for_tiled_format(struct kunit *test) +{ + const struct drm_format_info *info = NULL; /* Test tiled format */ info = drm_format_info(DRM_FORMAT_X0L2); @@ -273,7 +283,9 @@ static void igt_check_drm_format_min_pitch(struct kunit *test) static struct kunit_case drm_format_tests[] = { KUNIT_CASE(igt_check_drm_format_block_width), KUNIT_CASE(igt_check_drm_format_block_height), - KUNIT_CASE(igt_check_drm_format_min_pitch), + KUNIT_CASE(igt_check_drm_format_min_pitch_for_single_plane), + KUNIT_CASE(igt_check_drm_format_min_pitch_for_multi_planar), + KUNIT_CASE(igt_check_drm_format_min_pitch_for_tiled_format), { } }; -- 2.37.1

1 year, 9 months

2
1
0 0

[net-next v5 0/4] seg6: add support for SRv6 Headend Reduced

by Andrea Mayer

This patchset adds support for SRv6 Headend behavior with Reduced Encapsulation. It introduces the H.Encaps.Red and H.L2Encaps.Red versions of the SRv6 H.Encaps and H.L2Encaps behaviors, according to RFC 8986 [1]. In details, the patchset is made of: - patch 1/4: add support for SRv6 H.Encaps.Red behavior; - Patch 2/4: add support for SRv6 H.L2Encaps.Red behavior; - patch 2/4: add selftest for SRv6 H.Encaps.Red behavior; - patch 3/4: add selftest for SRv6 H.L2Encaps.Red behavior. The corresponding iproute2 patch for supporting SRv6 H.Encaps.Red and H.L2Encaps.Red behaviors is provided in a separated patchset. [1] - https://datatracker.ietf.org/doc/html/rfc8986 V4 -> v5: - Fix skb checksum for SRH Reduced encapsulation/insertion; - Improve selftests by: i) adding a random suffix to network namespaces; ii) creating net devices directly into network namespaces; iii) using trap EXIT command to properly clean up selftest networks. Thanks to Paolo Abeni. v3 -> v4: - Add selftests to the Makefile, thanks to Jakub Kicinski. v2 -> v3: - Keep SRH when HMAC TLV is present; - Split the support for H.Encaps.Red and H.L2Encaps.Red behaviors in two patches (respectively, patch 1/4 and patch 2/4); - Add selftests for SRv6 H.Encaps.Red and H.L2Encaps.Red. v1 -> v2: - Fixed sparse warnings; - memset now uses sizeof() instead of hardcoded value; - Removed EXPORT_SYMBOL_GPL. Andrea Mayer (4): seg6: add support for SRv6 H.Encaps.Red behavior seg6: add support for SRv6 H.L2Encaps.Red behavior selftests: seg6: add selftest for SRv6 H.Encaps.Red behavior selftests: seg6: add selftest for SRv6 H.L2Encaps.Red behavior include/uapi/linux/seg6_iptunnel.h | 2 + net/ipv6/seg6_iptunnel.c | 140 ++- tools/testing/selftests/net/Makefile | 2 + .../net/srv6_hencap_red_l3vpn_test.sh | 879 ++++++++++++++++++ .../net/srv6_hl2encap_red_l2vpn_test.sh | 821 ++++++++++++++++ 5 files changed, 1842 insertions(+), 2 deletions(-) create mode 100755 tools/testing/selftests/net/srv6_hencap_red_l3vpn_test.sh create mode 100755 tools/testing/selftests/net/srv6_hl2encap_red_l2vpn_test.sh -- 2.20.1

1 year, 9 months

2
5
0 0

[PATCH net-next v1] selftests: net: dsa: Add a Makefile which installs the selftests

by Martin Blumenstingl

Add a Makefile which takes care of installing the selftests in tools/testing/selftests/drivers/net/dsa. This can be used to install all DSA specific selftests and forwarding.config using the same approach as for the selftests in tools/testing/selftests/net/forwarding. Signed-off-by: Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> --- .../testing/selftests/drivers/net/dsa/Makefile | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 tools/testing/selftests/drivers/net/dsa/Makefile diff --git a/tools/testing/selftests/drivers/net/dsa/Makefile b/tools/testing/selftests/drivers/net/dsa/Makefile new file mode 100644 index 000000000000..2a731d5c6d85 --- /dev/null +++ b/tools/testing/selftests/drivers/net/dsa/Makefile @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: GPL-2.0+ OR MIT + +TEST_PROGS = bridge_locked_port.sh \ + bridge_mdb.sh \ + bridge_mld.sh \ + bridge_vlan_aware.sh \ + bridge_vlan_mcast.sh \ + bridge_vlan_unaware.sh \ + local_termination.sh \ + no_forwarding.sh \ + test_bridge_fdb_stress.sh + +TEST_PROGS_EXTENDED := lib.sh + +TEST_FILES := forwarding.config + +include ../../../lib.mk -- 2.37.1

1 year, 9 months

3
2
0 0

Re: [PATCH net-next v1 1/1] net: bridge: ensure that link-local traffic cannot unlock a locked port

by Ido Schimmel

On Thu, Jun 30, 2022 at 01:16:34PM +0200, Hans Schultz wrote: > This patch is related to the patch set > "Add support for locked bridge ports (for 802.1X)" > Link: https://lore.kernel.org/netdev/20220223101650.1212814-1-schultz.hans+netdev… > > This patch makes the locked port feature work with learning turned on, > which is enabled with the command: > > bridge link set dev DEV learning on > > Without this patch, link local traffic (01:80:c2) like EAPOL packets will > create a fdb entry when ingressing on a locked port with learning turned > on, thus unintentionally opening up the port for traffic for the said MAC. > > Some switchcore features like Mac-Auth and refreshing of FDB entries, > require learning enables on some switchcores, f.ex. the mv88e6xxx family. > Other features may apply too. > > Since many switchcores trap or mirror various multicast packets to the > CPU, link local traffic will unintentionally unlock the port for the > SA mac in question unless prevented by this patch. Why not just teach hostapd to do: echo 1 > /sys/class/net/br0/bridge/no_linklocal_learn ?

1 year, 9 months

3
21
0 0

[PATCH] drm/tests: Split up test cases in igt_check_drm_format_min_pitch

by Maíra Canal

The igt_check_drm_format_min_pitch() function had a lot of KUNIT_EXPECT_* calls, all of which ended up allocating and initializing various test assertion structures on the stack. This behavior was producing -Wframe-larger-than warnings on PowerPC, i386, and MIPS architectures, such as: drivers/gpu/drm/tests/drm_format_test.c: In function 'igt_check_drm_format_min_pitch': drivers/gpu/drm/tests/drm_format_test.c:271:1: error: the frame size of 3712 bytes is larger than 2048 bytes So, the igt_check_drm_format_min_pitch() test case was split into three smaller functions: one testing single plane formats, one testing multiple planes formats, and the other testing tiled formats. Reported-by: kernel test robot <lkp(a)intel.com> Reported-by: Guenter Roeck <linux(a)roeck-us.net> Signed-off-by: Maíra Canal <mairacanal(a)riseup.net> --- drivers/gpu/drm/tests/drm_format_test.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/tests/drm_format_test.c b/drivers/gpu/drm/tests/drm_format_test.c index 056cb8599d6d..28f2b8f88818 100644 --- a/drivers/gpu/drm/tests/drm_format_test.c +++ b/drivers/gpu/drm/tests/drm_format_test.c @@ -91,7 +91,7 @@ static void igt_check_drm_format_block_height(struct kunit *test) KUNIT_EXPECT_FALSE(test, drm_format_info_block_height(info, -1)); } -static void igt_check_drm_format_min_pitch(struct kunit *test) +static void igt_check_drm_format_min_pitch_for_single_plane(struct kunit *test) { const struct drm_format_info *info = NULL; @@ -175,6 +175,11 @@ static void igt_check_drm_format_min_pitch(struct kunit *test) (uint64_t)UINT_MAX * 4); KUNIT_EXPECT_EQ(test, drm_format_info_min_pitch(info, 0, (UINT_MAX - 1)), (uint64_t)(UINT_MAX - 1) * 4); +} + +static void igt_check_drm_format_min_pitch_for_multiple_planes(struct kunit *test) +{ + const struct drm_format_info *info = NULL; /* Test 2 planes format */ info = drm_format_info(DRM_FORMAT_NV12); @@ -249,6 +254,11 @@ static void igt_check_drm_format_min_pitch(struct kunit *test) (uint64_t)(UINT_MAX - 1) / 2); KUNIT_EXPECT_EQ(test, drm_format_info_min_pitch(info, 2, (UINT_MAX - 1) / 2), (uint64_t)(UINT_MAX - 1) / 2); +} + +static void igt_check_drm_format_min_pitch_for_tiled_format(struct kunit *test) +{ + const struct drm_format_info *info = NULL; /* Test tiled format */ info = drm_format_info(DRM_FORMAT_X0L2); @@ -273,7 +283,9 @@ static void igt_check_drm_format_min_pitch(struct kunit *test) static struct kunit_case drm_format_tests[] = { KUNIT_CASE(igt_check_drm_format_block_width), KUNIT_CASE(igt_check_drm_format_block_height), - KUNIT_CASE(igt_check_drm_format_min_pitch), + KUNIT_CASE(igt_check_drm_format_min_pitch_for_single_plane), + KUNIT_CASE(igt_check_drm_format_min_pitch_for_multiple_planes), + KUNIT_CASE(igt_check_drm_format_min_pitch_for_tiled_format), { } }; -- 2.36.1

1 year, 9 months

4
4
0 0

[PATCH] selftests/sgx: Ignore OpenSSL 3.0 deprecated functions warning

by Kristen Carlson Accardi

OpenSSL 3.0 deprecates some of the functions used in the SGX selftests, causing build errors on new distros. For now ignore the warnings until support for the functions is no longer available. Signed-off-by: Kristen Carlson Accardi <kristen(a)linux.intel.com> --- tools/testing/selftests/sgx/sigstruct.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index 50c5ab1aa6fa..bb191b70141a 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -17,6 +17,9 @@ #include "defines.h" #include "main.h" +/* OpenSSL 3.0 has deprecated some functions. For now just ignore the warnings. */ +#pragma GCC diagnostic ignored "-Wdeprecated-declarations" + struct q1q2_ctx { BN_CTX *bn_ctx; BIGNUM *m; -- 2.36.1

1 year, 9 months

3
4
0 0

[PATCH] selftests: net: fix IOAM test skip return code

by Kleber Sacilotto de Souza

The ioam6.sh test script exits with an error code (1) when tests are skipped due to lack of support from userspace/kernel or not enough permissions. It should return the kselftests SKIP code instead. Signed-off-by: Kleber Sacilotto de Souza <kleber.souza(a)canonical.com> --- tools/testing/selftests/net/ioam6.sh | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/net/ioam6.sh b/tools/testing/selftests/net/ioam6.sh index a2b9fad5a9a6..4ceb401da1bf 100755 --- a/tools/testing/selftests/net/ioam6.sh +++ b/tools/testing/selftests/net/ioam6.sh @@ -117,6 +117,8 @@ # | Schema Data | | # +-----------------------------------------------------------+ +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 ################################################################################ # # @@ -211,7 +213,7 @@ check_kernel_compatibility() echo "SKIP: kernel version probably too old, missing ioam support" ip link del veth0 2>/dev/null || true ip netns del ioam-tmp-node || true - exit 1 + exit $ksft_skip fi ip -netns ioam-tmp-node route add db02::/64 encap ioam6 mode inline \ @@ -227,7 +229,7 @@ check_kernel_compatibility() "without CONFIG_IPV6_IOAM6_LWTUNNEL?" ip link del veth0 2>/dev/null || true ip netns del ioam-tmp-node || true - exit 1 + exit $ksft_skip fi ip link del veth0 2>/dev/null || true @@ -752,20 +754,20 @@ nfailed=0 if [ "$(id -u)" -ne 0 ] then echo "SKIP: Need root privileges" - exit 1 + exit $ksft_skip fi if [ ! -x "$(command -v ip)" ] then echo "SKIP: Could not run test without ip tool" - exit 1 + exit $ksft_skip fi ip ioam &>/dev/null if [ $? = 1 ] then echo "SKIP: iproute2 too old, missing ioam command" - exit 1 + exit $ksft_skip fi check_kernel_compatibility -- 2.34.1

1 year, 9 months

3
2
0 0

[PATCH v6 00/26] tcp: Initial support for RFC5925 auth option

by Leonard Crestez

This is similar to TCP-MD5 in functionality but it's sufficiently different that packet formats and interfaces are incompatible. Compared to TCP-MD5 more algorithms are supported and multiple keys can be used on the same connection but there is still no negotiation mechanism. Expected use-case is protecting long-duration BGP/LDP connections between routers using pre-shared keys. The goal of this series is to allow routers using the Linux TCP stack to interoperate with vendors such as Cisco and Juniper. The current code is largely feature complete and well-tested and changes are relatively small compared to previous version. I should have reposted this series earlier but was distracted by other things. I'd welcome any advice for how to push this upstream. Only up to patch 13 is required for a minimal implementation, the rest are additional features and tests. Maybe I could try posting reduced versions? I've recently been talking with Phillip Paeps who is working on an BSD implementation of the same standard and he suggested sharing ABI in order to make userspace compatibility easier. The current ABI is entirely made up by me alone. One option would be to use PF_KEY because in FreeBSD PF_KEY is also used for MD5, in a somewhat convoluted way. I'm not very familiar with PF_KEY but perhaps a shim could be implemented inside linux PF_KEY support to make some keys be handled in an entirely different way, using tcp_authopt instead of xfrm. Does this make sense to anyone else? A key difference versus MD5 is that keys are global rather than per-socket. Older versions had per-socket keys but in practice applications want to always use a consistent set of keys for communication with a specific peer and keeping those keys in sync from userspace is difficult and prone to races. Other vendors supporting TCP-AO implement a notion of a "key chain" roughly similar to what is described in RFC8177. The current ABI is sufficient to do the same but it requires a bunch of userspace work to add and delete keys at the appropriate time or mark them as "NOSEND" and "NORECV". Userspace also has to insert a "dummy" key when all other keys are expired in order to prevent unsigned traffic going through. This feature might be considerably easier to use from userspace if validity times were added in the kernel for each key. Here are some known flaws and limitations: * Crypto API is used with buffers on the stack and inside struct sock, this might not work on all arches. I'm currently only testing x64 VMs * Interaction with FASTOPEN not tested and unlikely to work because sequence number assumptions for syn/ack. * No way to limit keys on a per-port basis (used to be implicit with per-socket keys). * Not clear if crypto_ahash_setkey might sleep. If some implementation do that then maybe they could be excluded through alloc flags. * Traffic key is not cached (reducing performance) * No caching or hashing for key lookups so this will scale poorly with many keys * Overlaping MKTs can be configured despite what RFC5925 says * Current key can be deleted. RFC says this shouldn't be allowed but enforcing this belongs at an admin shell rather than in the kernel. * If multiple keys are valid for a destination the kernel picks one in an unpredictable manner (this can be overridden). There is relatively little code sharing with the TCP_MD5SIG feature and earlier versions shared even less. Unlike MD5 the AO feature is kept separate from the rest of the TCP code and reusing code would require many unrelated cleanup changes. I'm not convinced that "authopt" is particularly good naming convention, this name is a personal invention that does not appear anywhere else. The RFC calls this "tcp-ao". Perhaps TCP_AOSIG would be a better name and it would also make the close connection to TCP_MD5SIG more visible? Some testing support is included in nettest and fcnal-test.sh, similar to the current level of tcp-md5 testing. A more elaborate test suite using pytest and scapy is available out of tree: https://github.com/cdleonard/tcp-authopt-test There is an automatic system that runs that test suite in vagrant in gitlab-ci: https://gitlab.com/cdleonard/vagrantcpao Changes for frr (obsolete): https://github.com/FRRouting/frr/pull/9442 That PR was made early for ABI feedback, it has many issues. Changes for yabgp (obsolete): https://github.com/cdleonard/yabgp/commits/tcp_authopt This was used for interoperability testing with cisco. Changes since PATCH v5: * Rebased on recent net-next, including recent changes refactoring md5 * Use to skb_drop_reason * Fix using sock_kmalloc for key alloc but regular kfree for free. Use kmalloc because keys are global * Fix mentioning non-existent copy_from_sockopt in doc for _copy_from_sockptr_tolerant * If no valid keys are available for a destination then report a socket error instead of sending unsigned traffic * Remove several noop implementations which are always called from ifdef * Fix build issues in all scenarios, including -Werror at every point. * Split "tcp: Refactor tcp_inbound_md5_hash into tcp_inbound_sig_hash" into a separate commit. * Add TCP_AUTHOPT_FLAG_ACTIVE to distinguish between "keys configured for socket" and "connection authenticated". A listen socket with authentication enabled will return other sockets with authentication enabled on accept() but if no key is configured for the peer then authentication will be inactive. * Add support for TCP_REPAIR_AUTHOPT new sockopts which loads/saves the AO-specific information. Link: https://lore.kernel.org/netdev/cover.1643026076.git.cdleonard@gmail.com/ Changes since PATCH v4: * Move the traffic_key context_bytes header to stack. If it's a constant string then ahash can fail unexpectedly. * Fix allowing unsigned traffic if all keys are marked norecv. * Fix crashing in __tcp_authopt_alg_init on failure. * Try to respect the rnextkeyid from SYN on SYNACK (new patch) * Fix incorrect check for TCP_AUTHOPT_KEY_DEL in __tcp_authopt_select_key * Improve docs on __tcp_authopt_select_key * Fix build with CONFIG_PROC_FS=n (kernel build robot) * Fix build with CONFIG_IPV6=n (kernel build robot) Link: https://lore.kernel.org/netdev/cover.1640273966.git.cdleonard@gmail.com/ Changes since PATCH v3: * Made keys global (per-netns rather than per-sock). * Add /proc/net/tcp_authopt with a table of keys (not sockets). * Fix part of the shash/ahash conversion having slipped from patch 3 to patch 5 * Fix tcp_parse_sig_options assigning NULL incorrectly when both MD5 and AO are disabled (kernel build robot) * Fix sparse endianness warnings in prefix match (kernel build robot) * Fix several incorrect RCU annotations reported by sparse (kernel build robot) Link: https://lore.kernel.org/netdev/cover.1638962992.git.cdleonard@gmail.com/ Changes since PATCH v2: * Protect tcp_authopt_alg_get/put_tfm with local_bh_disable instead of preempt_disable. This caused signature corruption when send path executing with BH enabled was interrupted by recv. * Fix accepted keyids not configured locally as "unexpected". If any key is configured that matches the peer then traffic MUST be signed. * Fix issues related to sne rollover during handshake itself. (Francesco) * Implement and test prefixlen (David) * Replace shash with ahash and reuse some of the MD5 code (Dmitry) * Parse md5+ao options only once in the same function (Dmitry) * Pass tcp_authopt_info into inbound check path, this avoids second rcu dereference for same packet. * Pass tcp_request_socket into inbound check path instead of just listen socket. This is required for SNE rollover during handshake and clearifies ISN handling. * Do not allow disabling via sysctl after enabling once, this is difficult to support well (David) * Verbose check for sysctl_tcp_authopt (Dmitry) * Use netif_index_is_l3_master (David) * Cleanup ipvx_addr_match (David) * Add a #define tcp_authopt_needed to wrap static key usage because it looks nicer. * Replace rcu_read_lock with rcu_dereference_protected in SNE updates (Eric) * Remove test suite Link: https://lore.kernel.org/netdev/cover.1635784253.git.cdleonard@gmail.com/ Changes since PATCH v1: * Implement Sequence Number Extension * Implement l3index for vrf: TCP_AUTHOPT_KEY_IFINDEX as equivalent of TCP_MD5SIG_FLAG_IFINDEX * Expand TCP-AO tests in fcnal-test.sh to near-parity with md5. * Show addr/port on failure similar to md5 * Remove tox dependency from test suite (create venv directly) * Switch default pytest output format to TAP (kselftest standard) * Fix _copy_from_sockptr_tolerant stack corruption on short sockopts. This was covered in test but error was invisible without STACKPROTECTOR=y * Fix sysctl_tcp_authopt check in tcp_get_authopt_val before memset. This was harmless because error code is checked in getsockopt anyway. * Fix dropping md5 packets on all sockets with AO enabled * Fix checking (key->recv_id & TCP_AUTHOPT_KEY_ADDR_BIND) instead of key->flags in tcp_authopt_key_match_exact * Fix PATCH 1/19 not compiling due to missing "int err" declaration * Add ratelimited message for AO and MD5 both present * Export all symbols required by CONFIG_IPV6=m (again) * Fix compilation with CONFIG_TCP_AUTHOPT=y CONFIG_TCP_MD5SIG=n * Fix checkpatch issues * Pass -rrequirements.txt to tox to avoid dependency variation. Link: https://lore.kernel.org/netdev/cover.1632240523.git.cdleonard@gmail.com/ Changes since RFCv3: * Implement TCP_AUTHOPT handling for timewait and reset replies. Write tests to execute these paths by injecting packets with scapy * Handle combining md5 and authopt: if both are configured use authopt. * Fix locking issues around send_key, introduced in on of the later patches. * Handle IPv4-mapped-IPv6 addresses: it used to be that an ipv4 SYN sent to an ipv6 socket with TCP-AO triggered WARN * Implement un-namespaced sysctl disabled this feature by default * Allocate new key before removing any old one in setsockopt (Dmitry) * Remove tcp_authopt_key_info.local_id because it's no longer used (Dmitry) * Propagate errors from TCP_AUTHOPT getsockopt (Dmitry) * Fix no-longer-correct TCP_AUTHOPT_KEY_DEL docs (Dmitry) * Simplify crypto allocation (Eric) * Use kzmalloc instead of __GFP_ZERO (Eric) * Add static_key_false tcp_authopt_needed (Eric) * Clear authopt_info copied from oldsk in __tcp_authopt_openreq (Eric) * Replace memcmp in ipv4 and ipv6 addr comparisons (Eric) * Export symbols for CONFIG_IPV6=m (kernel test robot) * Mark more functions static (kernel test robot) * Fix build with CONFIG_PROVE_RCU_LIST=y (kernel test robot) Link: https://lore.kernel.org/netdev/cover.1629840814.git.cdleonard@gmail.com/ Changes since RFCv2: * Removed local_id from ABI and match on send_id/recv_id/addr * Add all relevant out-of-tree tests to tools/testing/selftests * Return an error instead of ignoring unknown flags, hopefully this makes it easier to extend. * Check sk_family before __tcp_authopt_info_get_or_create in tcp_set_authopt_key * Use sock_owned_by_me instead of WARN_ON(!lockdep_sock_is_held(sk)) * Fix some intermediate build failures reported by kbuild robot * Improve documentation Link: https://lore.kernel.org/netdev/cover.1628544649.git.cdleonard@gmail.com/ Changes since RFC: * Split into per-topic commits for ease of review. The intermediate commits compile with a few "unused function" warnings and don't do anything useful by themselves. * Add ABI documention including kernel-doc on uapi * Fix lockdep warnings from crypto by creating pools with one shash for each cpu * Accept short options to setsockopt by padding with zeros; this approach allows increasing the size of the structs in the future. * Support for aes-128-cmac-96 * Support for binding addresses to keys in a way similar to old tcp_md5 * Add support for retrieving received keyid/rnextkeyid and controling the keyid/rnextkeyid being sent. Link: https://lore.kernel.org/netdev/01383a8751e97ef826ef2adf93bfde3a08195a43.162… Leonard Crestez (26): tcp: authopt: Initial support and key management tcp: authopt: Remove more unused noops docs: Add user documentation for tcp_authopt tcp: authopt: Add crypto initialization tcp: Refactor tcp_sig_hash_skb_data for AO tcp: authopt: Compute packet signatures tcp: Refactor tcp_inbound_md5_hash into tcp_inbound_sig_hash tcp: authopt: Hook into tcp core tcp: authopt: Disable via sysctl by default tcp: authopt: Implement Sequence Number Extension tcp: ipv6: Add AO signing for tcp_v6_send_response tcp: authopt: Add support for signing skb-less replies tcp: ipv4: Add AO signing for skb-less replies tcp: authopt: Add key selection controls tcp: authopt: Add initial l3index support tcp: authopt: Add NOSEND/NORECV flags tcp: authopt: Add prefixlen support tcp: authopt: Add /proc/net/tcp_authopt listing all keys selftests: nettest: Rename md5_prefix to key_addr_prefix selftests: nettest: Initial tcp_authopt support selftests: net/fcnal: Initial tcp_authopt support tcp: authopt: Try to respect rnextkeyid from SYN on SYNACK tcp: authopt: tcp_authopt_lookup_send: Add anykey output param tcp: authopt: Initial support for TCP_AUTHOPT_FLAG_ACTIVE tcp: authopt: If no keys are valid for send report an error tcp: authopt: Initial implementation of TCP_REPAIR_AUTHOPT Documentation/networking/index.rst | 1 + Documentation/networking/ip-sysctl.rst | 6 + Documentation/networking/tcp_authopt.rst | 88 + include/linux/tcp.h | 15 + include/net/dropreason.h | 16 + include/net/net_namespace.h | 4 + include/net/netns/tcp_authopt.h | 12 + include/net/tcp.h | 55 +- include/net/tcp_authopt.h | 264 +++ include/uapi/linux/snmp.h | 1 + include/uapi/linux/tcp.h | 165 ++ net/ipv4/Kconfig | 14 + net/ipv4/Makefile | 1 + net/ipv4/proc.c | 1 + net/ipv4/sysctl_net_ipv4.c | 39 + net/ipv4/tcp.c | 126 +- net/ipv4/tcp_authopt.c | 1952 +++++++++++++++++++++ net/ipv4/tcp_input.c | 53 +- net/ipv4/tcp_ipv4.c | 100 +- net/ipv4/tcp_minisocks.c | 12 + net/ipv4/tcp_output.c | 106 +- net/ipv6/tcp_ipv6.c | 70 +- tools/testing/selftests/net/fcnal-test.sh | 329 +++- tools/testing/selftests/net/nettest.c | 204 ++- 24 files changed, 3546 insertions(+), 88 deletions(-) create mode 100644 Documentation/networking/tcp_authopt.rst create mode 100644 include/net/netns/tcp_authopt.h create mode 100644 include/net/tcp_authopt.h create mode 100644 net/ipv4/tcp_authopt.c -- 2.25.1

1 year, 9 months

3
32
0 0

[PATCH] clk: explicitly disable CONFIG_UML_PCI_OVER_VIRTIO in .kunitconfig

by Daniel Latypov

CONFIG_UML_PCI_OVER_VIRTIO=y is needed to enable CONFIG_PCI=y on UML. However, this causes test failures when running the clk tests, i.e. $ ./tools/testing/kunit/kunit.py run --kunitconfig=drivers/clk A snippet of the particular error is: > ok 1 - clk_gate_test_parent_rate > ------------[ cut here ]------------ > WARNING: CPU: 0 PID: 45 at lib/logic_iomem.c:141 __raw_readl+0x9f/0xd0 This is triggered by this cast in the test: 143 ctx->fake_mem = (void __force __iomem *)&ctx->fake_reg; this seems to work except when logic iomem is enabled, i.e. CONFIG_INDIRECT_IOMEM=y. As a short-term fix, explicitly disable CONFIG_UML_PCI_OVER_VIRTIO in drivers/clk/.kunitconfig so we can enable it for everyone else by default in kunit.py. The long-term fix probably requires something more complicated, like #ifdef CONFIG_INDIRECT_IOMEM logic_iomem_add_region(...); #endif Signed-off-by: Daniel Latypov <dlatypov(a)google.com> Reported-by: Maxime Ripard <maxime(a)cerno.tech> Tested-by: Maxime Ripard <maxime(a)cerno.tech> --- Note: this targeting the -kselftest kunit branch. There's a commit that triggers this by enabling logic iomem by default [1] and there's also a commit that lets disable it via kunitconfig file [2], which this fix relies on. [1] https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git/c… [2] https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git/c… --- drivers/clk/.kunitconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/clk/.kunitconfig b/drivers/clk/.kunitconfig index cdbc7d7deba9..2fbeb71316f8 100644 --- a/drivers/clk/.kunitconfig +++ b/drivers/clk/.kunitconfig @@ -2,3 +2,4 @@ CONFIG_KUNIT=y CONFIG_COMMON_CLK=y CONFIG_CLK_KUNIT_TEST=y CONFIG_CLK_GATE_KUNIT_TEST=y +CONFIG_UML_PCI_OVER_VIRTIO=n base-commit: 7635778bac7e46458392c1261e3916e8e9e86860 -- 2.37.0.rc0.161.g10f37bed90-goog

1 year, 9 months

4
8
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror July 2022