September 2022 - Linux-kselftest-mirror

[PATCH v2 2/4] selftests/x86/mxcsr: Test the MXCSR state write via ptrace

by Chang S. Bae

The ptrace buffer is in the non-compacted format. The MXCSR state should be written to the target thread when either SSE or AVX component is enabled. Write an MXCSR value to the target and read back. Then it is validated with the XRSTOR/XSAVE result on the current. Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Cc: x86(a)kernel.org Cc: linux-kernel(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org --- If this is acceptable, I will also follow up to move some of the helper functions to a .h file from this and other test cases because duplicating what is shareable should be avoided. --- tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mxcsr.c | 200 +++++++++++++++++++++++++++ 2 files changed, 201 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/x86/mxcsr.c diff --git a/tools/testing/selftests/x86/Makefile b/tools/testing/selftests/x86/Makefile index 0388c4d60af0..621c47960be3 100644 --- a/tools/testing/selftests/x86/Makefile +++ b/tools/testing/selftests/x86/Makefile @@ -13,7 +13,7 @@ CAN_BUILD_WITH_NOPIE := $(shell ./check_cc.sh "$(CC)" trivial_program.c -no-pie) TARGETS_C_BOTHBITS := single_step_syscall sysret_ss_attrs syscall_nt test_mremap_vdso \ check_initial_reg_state sigreturn iopl ioperm \ test_vsyscall mov_ss_trap \ - syscall_arg_fault fsgsbase_restore sigaltstack + syscall_arg_fault fsgsbase_restore sigaltstack mxcsr TARGETS_C_32BIT_ONLY := entry_from_vm86 test_syscall_vdso unwind_vdso \ test_FCMOV test_FCOMI test_FISTTP \ vdso_restorer diff --git a/tools/testing/selftests/x86/mxcsr.c b/tools/testing/selftests/x86/mxcsr.c new file mode 100644 index 000000000000..7c318c48b4be --- /dev/null +++ b/tools/testing/selftests/x86/mxcsr.c @@ -0,0 +1,200 @@ +// SPDX-License-Identifier: GPL-2.0 + +#define _GNU_SOURCE +#include <err.h> +#include <elf.h> +#include <stdbool.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <x86intrin.h> + +#include <sys/ptrace.h> +#include <sys/syscall.h> +#include <sys/wait.h> +#include <sys/uio.h> + +#include "../kselftest.h" /* For __cpuid_count() */ + +#define LEGACY_STATE_SIZE 24 +#define MXCSR_SIZE 8 +#define STSTATE_SIZE 8*16 +#define XMM_SIZE 16*16 +#define PADDING_SIZE 96 +#define XSAVE_HDR_SIZE 64 + +struct xsave_buffer { + uint8_t legacy_state[LEGACY_STATE_SIZE]; + uint8_t mxcsr[MXCSR_SIZE]; + uint8_t st_state[STSTATE_SIZE]; + uint8_t xmm_state[XMM_SIZE]; + uint8_t padding[PADDING_SIZE]; + uint8_t header[XSAVE_HDR_SIZE]; + uint8_t extended[0]; +}; + +#ifdef __x86_64__ +#define REX_PREFIX "0x48, " +#else +#define REX_PREFIX +#endif + +#define XSAVE ".byte " REX_PREFIX "0x0f,0xae,0x27" +#define XRSTOR ".byte " REX_PREFIX "0x0f,0xae,0x2f" + +static inline uint64_t xgetbv(uint32_t index) +{ + uint32_t eax, edx; + + asm volatile("xgetbv" + : "=a" (eax), "=d" (edx) + : "c" (index)); + return eax + ((uint64_t)edx << 32); +} + +static inline void xsave(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XSAVE :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi) : "memory"); +} + +static inline void xrstor(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XRSTOR :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi)); +} + +static inline void clear_xstate_header(struct xsave_buffer *xbuf) +{ + memset(&xbuf->header, 0, sizeof(xbuf->header)); +} + +static inline uint32_t get_mxcsr(struct xsave_buffer *xbuf) +{ + return *((uint32_t *)xbuf->mxcsr); +} + +static inline void set_mxcsr(struct xsave_buffer *xbuf, uint32_t val) +{ + *((uint32_t *)xbuf->mxcsr) = val; +} + +#define XFEATURE_MASK_SSE 0x2 +#define XFEATURE_MASK_YMM 0x4 + +#define CPUID_LEAF1_ECX_XSAVE_MASK (1 << 26) +#define CPUID_LEAF1_ECX_OSXSAVE_MASK (1 << 27) +#define CPUID_LEAF_XSTATE 0xd +#define CPUID_SUBLEAF_XSTATE_USER 0x0 +#define CPUID_SUBLEAF_XSTATE_EXT 0x1 + +static bool xsave_availability(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(1, 0, eax, ebx, ecx, edx); + if (!(ecx & CPUID_LEAF1_ECX_XSAVE_MASK)) + return false; + if (!(ecx & CPUID_LEAF1_ECX_OSXSAVE_MASK)) + return false; + return true; +} + +static uint32_t get_xbuf_size(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(CPUID_LEAF_XSTATE, CPUID_SUBLEAF_XSTATE_USER, + eax, ebx, ecx, edx); + return ebx; +} + +static void ptrace_get(pid_t pid, struct iovec *iov) +{ + memset(iov->iov_base, 0, iov->iov_len); + + if (ptrace(PTRACE_GETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_GETREGSET"); +} + +static void ptrace_set(pid_t pid, struct iovec *iov) +{ + if (ptrace(PTRACE_SETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_SETREGSET"); +} + +int main(void) +{ + struct xsave_buffer *xbuf; + uint32_t xbuf_size; + struct iovec iov; + uint32_t mxcsr; + pid_t child; + int status; + + if (!xsave_availability()) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + xbuf_size = get_xbuf_size(); + if (!xbuf_size) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + if (!(xgetbv(0) & (XFEATURE_MASK_SSE | XFEATURE_MASK_YMM))) + printf("[SKIP]\tSkip as SSE state not available.\n"); + + xbuf = aligned_alloc(64, xbuf_size); + if (!xbuf) + err(1, "aligned_alloc()"); + + iov.iov_base = xbuf; + iov.iov_len = xbuf_size; + + child = fork(); + if (child < 0) { + err(1, "fork()"); + } else if (!child) { + if (ptrace(PTRACE_TRACEME, 0, NULL, NULL)) + err(1, "PTRACE_TRACEME"); + + raise(SIGTRAP); + _exit(0); + } + + wait(&status); + + if (WSTOPSIG(status) != SIGTRAP) + err(1, "raise(SIGTRAP)"); + + printf("[RUN]\tTest the MXCSR state write via ptrace().\n"); + + /* Set a benign value */ + set_mxcsr(xbuf, 0xabc); + /* The MXCSR state should be loaded regardless of XSTATE_BV */ + clear_xstate_header(xbuf); + + /* Write the MXCSR state both locally and remotely. */ + xrstor(xbuf, XFEATURE_MASK_SSE); + ptrace_set(child, &iov); + + /* Read the MXCSR state back for both */ + xsave(xbuf, XFEATURE_MASK_SSE); + mxcsr = get_mxcsr(xbuf); + ptrace_get(child, &iov); + + /* Cross-check with each other */ + if (mxcsr == get_mxcsr(xbuf)) + printf("[OK]\tThe written state was read back correctly.\n"); + else + printf("[FAIL]\tThe write (or read) was incorrect.\n"); + + ptrace(PTRACE_DETACH, child, NULL, NULL); + wait(&status); + if (!WIFEXITED(status) || WEXITSTATUS(status)) + err(1, "PTRACE_DETACH"); + + free(xbuf); +} -- 2.17.1

2 years, 3 months

1
0
0 0

[PATCH v4 0/4] arm64/sme: ptrace support for TPIDR2_EL0

by Mark Brown

When SME was initially merged we did not add support for TPIDR2_EL0 to the ptrace interface, creating difficulties for debuggers in accessing lazy save state for ZA. This series implements that support, extending the existing NT_ARM_TLS regset to support the register when available, and adds kselftest coverage for the existing and new NT_ARM_TLS functionality. Existing programs that query the size of the register set will be able to observe the increased size of the register set. Programs that assume the register set is single register will see no change. On systems that do not support SME TPIDR2_EL0 will read as 0 and writes will be ignored, support for SME should be queried via hwcaps as normal. v4: - Rebase onto v6.0-rc3. v3: - Fix copyright date on test program. v2: - Rebase onto v6.0-rc1. Mark Brown (4): kselftest/arm64: Add test coverage for NT_ARM_TLS arm64/ptrace: Document extension of NT_ARM_TLS to cover TPIDR2_EL0 arm64/ptrace: Support access to TPIDR2_EL0 kselftest/arm64: Add coverage of TPIDR2_EL0 ptrace interface Documentation/arm64/sme.rst | 3 + arch/arm64/kernel/ptrace.c | 25 +- tools/testing/selftests/arm64/abi/.gitignore | 1 + tools/testing/selftests/arm64/abi/Makefile | 2 +- tools/testing/selftests/arm64/abi/ptrace.c | 241 +++++++++++++++++++ 5 files changed, 266 insertions(+), 6 deletions(-) create mode 100644 tools/testing/selftests/arm64/abi/ptrace.c base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

2 years, 3 months

3
9
0 0

[PATCH linux-next] kunit: tool: use absolute path for wget

by cgel.zte＠gmail.com

From: Xu Panda <xu.panda(a)zte.com.cn> Not using absolute path when invoking wget can lead to serious security issues. Reported-by: Zeal Robot <zealci(a)zte.com.cn> Signed-off-by: Xu Panda <xu.panda(a)zte.com.cn> --- tools/testing/kunit/qemu_configs/riscv.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/kunit/qemu_configs/riscv.py b/tools/testing/kunit/qemu_configs/riscv.py index 6207be146d26..c3dcd654ca15 100644 --- a/tools/testing/kunit/qemu_configs/riscv.py +++ b/tools/testing/kunit/qemu_configs/riscv.py @@ -11,7 +11,7 @@ if not os.path.isfile(OPENSBI_FILE): 'Would you like me to download it for you from:\n' + GITHUB_OPENSBI_URL + ' ?\n') response = input('yes/[no]: ') if response.strip() == 'yes': - os.system('wget ' + GITHUB_OPENSBI_URL) + os.system('/usr/bin/wget ' + GITHUB_OPENSBI_URL) else: sys.exit() -- 2.15.2

2 years, 3 months

3
4
0 0

[PATCH 0/3] fix error when writing negative value to simple attribute files

by Akinobu Mita

The simple attribute files do not accept a negative value since the commit 488dac0c9237 ("libfs: fix error cast of negative value in simple_attr_write()"), but some attribute files want to accept a negative value. Akinobu Mita (3): libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value lib/notifier-error-inject: fix error when writing -errno to debugfs file debugfs: fix error when writing negative value to atomic_t debugfs file .../fault-injection/fault-injection.rst | 10 +++---- fs/debugfs/file.c | 28 +++++++++++++++---- fs/libfs.c | 22 +++++++++++++-- include/linux/debugfs.h | 19 +++++++++++-- include/linux/fs.h | 12 ++++++-- lib/notifier-error-inject.c | 2 +- 6 files changed, 73 insertions(+), 20 deletions(-) -- 2.34.1

2 years, 3 months

4
8
0 0

[PATCH v18 00/13] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 exports the bpf_dynptr definition through BTF. Patch 3 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 4 allows dynamic pointers to be used as kfunc parameters. Patch 5 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 6 makes available for new eBPF kfuncs and programs some key-related definitions. Patch 7 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 8 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 9 changes the testing kernel configuration to compile everything as built-in. Finally, patches 10-13 introduce the tests. Changelog v17: - Remove unnecessary typedefs in test_verify_pkcs7_sig.c (suggested by KP) - Add patch to export bpf_dynptr through BTF (reported by KP) - Rename u{8,16,32,64} variables to __u{8,16,32,64} in the tests, for consistency with other eBPF programs (suggested by Yonghong) v16: - Remove comments in include/linux/key.h for KEY_LOOKUP_* - Change kmalloc() flag from GFP_ATOMIC to GFP_KERNEL in bpf_lookup_user_key(), as the kfunc needs anyway to be sleepable (suggested by Kumar) - Test passing a dynamic pointer with NULL data to bpf_verify_pkcs7_signature() (suggested by Kumar) v15: - Add kfunc_dynptr_param test to deny list for s390x v14: - Explain that is_dynptr_type_expected() will be useful also for BTF (suggested by Joanne) - Rename KEY_LOOKUP_FLAGS_ALL to KEY_LOOKUP_ALL (suggested by Jarkko) - Swap declaration of spi and dynptr_type in is_dynptr_type_expected() (suggested by Joanne) - Reimplement kfunc dynptr tests with a regular eBPF program instead of executing them with test_verifier (suggested by Joanne) - Make key lookup flags as enum so that they are automatically exported through BTF (suggested by Alexei) v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (12): btf: Export bpf_dynptr definition bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 6 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 4 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 3 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../bpf/prog_tests/kfunc_dynptr_param.c | 164 +++++++ .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../bpf/progs/test_kfunc_dynptr_param.c | 94 +++++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 90 ++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 24 files changed, 1466 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 3 months

3
15
0 0

[PATCH v17 00/12] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 3 allows dynamic pointers to be used as kfunc parameters. Patch 4 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 5 makes available for new eBPF kfuncs and programs some key-related definitions. Patch 6 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 7 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 8 changes the testing kernel configuration to compile everything as built-in. Finally, patches 9-12 introduce the tests. Changelog v16: - Remove comments in include/linux/key.h for KEY_LOOKUP_* - Change kmalloc() flag from GFP_ATOMIC to GFP_KERNEL in bpf_lookup_user_key(), as the kfunc needs anyway to be sleepable (suggested by Kumar) - Test passing a dynamic pointer with NULL data to bpf_verify_pkcs7_signature() (suggested by Kumar) v15: - Add kfunc_dynptr_param test to deny list for s390x v14: - Explain that is_dynptr_type_expected() will be useful also for BTF (suggested by Joanne) - Rename KEY_LOOKUP_FLAGS_ALL to KEY_LOOKUP_ALL (suggested by Jarkko) - Swap declaration of spi and dynptr_type in is_dynptr_type_expected() (suggested by Joanne) - Reimplement kfunc dynptr tests with a regular eBPF program instead of executing them with test_verifier (suggested by Joanne) - Make key lookup flags as enum so that they are automatically exported through BTF (suggested by Alexei) v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (11): bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 6 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 3 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../bpf/prog_tests/kfunc_dynptr_param.c | 164 +++++++ .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../bpf/progs/test_kfunc_dynptr_param.c | 99 +++++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 24 files changed, 1479 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 3 months

6
24
0 0

[PATCH v2] selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle

by Stefan Berger

The following output can bee seen when the test is executed: test_flush_context (tpm2_tests.SpaceTest) ... \ /usr/lib64/python3.6/unittest/case.py:605: ResourceWarning: \ unclosed file <_io.FileIO name='/dev/tpmrm0' mode='rb+' closefd=True> An instance of Client does not implicitly close /dev/tpm* handle, once it gets destroyed. Close the file handle in the class destructor Client.__del__(). Fixes: 6ea3dfe1e0732 ("selftests: add TPM 2.0 tests") Cc: Shuah Khan <shuah(a)kernel.org> Cc: linux-kselftest(a)vger.kernel.org Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Stefan Berger <stefanb(a)linux.ibm.com> --- tools/testing/selftests/tpm2/tpm2.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/tpm2/tpm2.py b/tools/testing/selftests/tpm2/tpm2.py index 057a4f49c79d..c7363c6764fc 100644 --- a/tools/testing/selftests/tpm2/tpm2.py +++ b/tools/testing/selftests/tpm2/tpm2.py @@ -371,6 +371,10 @@ class Client: fcntl.fcntl(self.tpm, fcntl.F_SETFL, flags) self.tpm_poll = select.poll() + def __del__(self): + if self.tpm: + self.tpm.close() + def close(self): self.tpm.close() -- 2.36.1

2 years, 3 months

2
1
0 0

BUG: sleeping function called from invalid context at arch/arm64/mm/fault.c:593

by Naresh Kamboju

[Please ignore this email if it is already reported] Following kernel warning and BUG have been found while running kselftests gpio test case on arm64 Raspberry Pi 4 Model B device running 6.0.0-rc5. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> crash log: [ 53.796405] kselftest: Running tests in gpio TAP version 13 1..2 # selftests: gpio: gpio-mockup.sh # 1. Module load tests # 1.1. dynamic allocation of gpio [ 55.416786] [ 55.418311] ============================= [ 55.422371] WARNING: suspicious RCU usage [ 55.426431] 6.0.0-rc5 #1 Not tainted [ 55.430052] ----------------------------- [ 55.434112] kernel/sched/core.c:9854 Illegal context switch in RCU-bh read-side critical section! [ 55.443108] [ 55.443108] other info that might help us debug this: [ 55.443108] [ 55.451222] [ 55.451222] rcu_scheduler_active = 2, debug_locks = 1 [ 55.457839] 1 lock held by modprobe/563: [ 55.461812] #0: ffff00004cf450f8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x50/0x290 [ 55.471632] [ 55.471632] stack backtrace: [ 55.476046] CPU: 2 PID: 563 Comm: modprobe Not tainted 6.0.0-rc5 #1 [ 55.482401] Hardware name: Raspberry Pi 4 Model B (DT) [ 55.487607] Call trace: [ 55.490079] dump_backtrace+0xe4/0x130 [ 55.493879] show_stack+0x30/0x70 [ 55.497235] dump_stack_lvl+0x8c/0xb8 [ 55.500947] dump_stack+0x18/0x34 [ 55.504303] lockdep_rcu_suspicious+0xf8/0x10c [ 55.508806] __might_resched+0xd0/0x240 [ 55.512694] __might_sleep+0x58/0xb0 [ 55.516316] do_page_fault+0x244/0x4d0 [ 55.520116] do_translation_fault+0xd8/0x100 [ 55.524443] do_mem_abort+0x58/0xb0 [ 55.527979] el1_abort+0x44/0x70 [ 55.531248] el1h_64_sync_handler+0xa4/0xd0 [ 55.535487] el1h_64_sync+0x64/0x68 [ 55.539020] __lock_acquire+0x53c/0x2040 [ 55.542995] lock_acquire.part.0+0xe8/0x24c [ 55.547233] lock_acquire+0x84/0xa0 [ 55.550766] down_write+0x60/0xc4 [ 55.554123] simple_recursive_removal+0x58/0x290 [ 55.558803] debugfs_remove+0x5c/0x80 [ 55.562516] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 55.568614] devm_action_release+0x24/0x3c [ 55.572764] release_nodes+0x64/0x9c [ 55.576384] devres_release_all+0x94/0xec [ 55.580447] device_unbind_cleanup+0x24/0x74 [ 55.584773] device_release_driver_internal+0x240/0x290 [ 55.590070] driver_detach+0x5c/0xf0 [ 55.593691] bus_remove_driver+0x6c/0x10c [ 55.597753] driver_unregister+0x38/0x6c [ 55.601728] platform_driver_unregister+0x24/0x34 [ 55.606497] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 55.611707] __arm64_sys_delete_module+0x184/0x2f0 [ 55.616562] invoke_syscall+0x8c/0x120 [ 55.620362] el0_svc_common.constprop.0+0x104/0x124 [ 55.625307] do_el0_svc+0x44/0xc0 [ 55.628664] el0_svc+0x48/0xc0 [ 55.631757] el0t_64_sync_handler+0xbc/0x140 [ 55.636084] el0t_64_sync+0x18c/0x190 [ 55.639793] [ 55.641298] ============================= [ 55.645356] WARNING: suspicious RCU usage [ 55.649417] 6.0.0-rc5 #1 Not tainted [ 55.653037] ----------------------------- [ 55.657096] kernel/sched/core.c:9854 Illegal context switch in RCU-sched read-side critical section! [ 55.666356] [ 55.666356] other info that might help us debug this: [ 55.666356] [ 55.674469] [ 55.674469] rcu_scheduler_active = 2, debug_locks = 1 [ 55.681084] 1 lock held by modprobe/563: [ 55.685057] #0: ffff00004cf450f8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x50/0x290 [ 55.694863] [ 55.694863] stack backtrace: [ 55.699275] CPU: 2 PID: 563 Comm: modprobe Not tainted 6.0.0-rc5 #1 [ 55.705628] Hardware name: Raspberry Pi 4 Model B (DT) [ 55.710834] Call trace: [ 55.713306] dump_backtrace+0xe4/0x130 [ 55.717103] show_stack+0x30/0x70 [ 55.720459] dump_stack_lvl+0x8c/0xb8 [ 55.724170] dump_stack+0x18/0x34 [ 55.727526] lockdep_rcu_suspicious+0xf8/0x10c [ 55.732029] __might_resched+0x214/0x240 [ 55.736003] __might_sleep+0x58/0xb0 [ 55.739625] do_page_fault+0x244/0x4d0 [ 55.743424] do_translation_fault+0xd8/0x100 [ 55.747751] do_mem_abort+0x58/0xb0 [ 55.751286] el1_abort+0x44/0x70 [ 55.754556] el1h_64_sync_handler+0xa4/0xd0 [ 55.758794] el1h_64_sync+0x64/0x68 [ 55.762326] __lock_acquire+0x53c/0x2040 [ 55.766301] lock_acquire.part.0+0xe8/0x24c [ 55.770538] lock_acquire+0x84/0xa0 [ 55.774072] down_write+0x60/0xc4 [ 55.777428] simple_recursive_removal+0x58/0x290 [ 55.782107] debugfs_remove+0x5c/0x80 [ 55.785818] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 55.791911] devm_action_release+0x24/0x3c [ 55.796061] release_nodes+0x64/0x9c [ 55.799682] devres_release_all+0x94/0xec [ 55.803743] device_unbind_cleanup+0x24/0x74 [ 55.808070] device_release_driver_internal+0x240/0x290 [ 55.813367] driver_detach+0x5c/0xf0 [ 55.816988] bus_remove_driver+0x6c/0x10c [ 55.821050] driver_unregister+0x38/0x6c [ 55.825025] platform_driver_unregister+0x24/0x34 [ 55.829793] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 55.835002] __arm64_sys_delete_module+0x184/0x2f0 [ 55.839858] invoke_syscall+0x8c/0x120 [ 55.843657] el0_svc_common.constprop.0+0x104/0x124 [ 55.848602] do_el0_svc+0x44/0xc0 [ 55.851958] el0_svc+0x48/0xc0 [ 55.855051] el0t_64_sync_handler+0xbc/0x140 [ 55.859378] el0t_64_sync+0x18c/0x190 [ 55.863087] BUG: sleeping function called from invalid context at arch/arm64/mm/fault.c:593 [ 55.871554] in_atomic(): 0, irqs_disabled(): 128, non_block: 0, pid: 563, name: modprobe [ 55.879757] preempt_count: 0, expected: 0 [ 55.883816] RCU nest depth: 0, expected: 0 [ 55.887965] 1 lock held by modprobe/563: [ 55.891936] #0: ffff00004cf450f8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x50/0x290 [ 55.901743] irq event stamp: 10213 [ 55.905185] hardirqs last enabled at (10213): [<ffff8000096e2e74>] _raw_spin_unlock_irqrestore+0x84/0xa0 [ 55.914888] hardirqs last disabled at (10212): [<ffff8000096e3314>] _raw_spin_lock_irqsave+0xa4/0xb0 [ 55.924151] softirqs last enabled at (9742): [<ffff800008010be4>] __do_softirq+0x514/0x62c [ 55.932618] softirqs last disabled at (9737): [<ffff8000080b4768>] __irq_exit_rcu+0x164/0x19c [ 55.941265] CPU: 2 PID: 563 Comm: modprobe Not tainted 6.0.0-rc5 #1 [ 55.947618] Hardware name: Raspberry Pi 4 Model B (DT) [ 55.952823] Call trace: [ 55.955296] dump_backtrace+0xe4/0x130 [ 55.959093] show_stack+0x30/0x70 [ 55.962448] dump_stack_lvl+0x8c/0xb8 [ 55.966159] dump_stack+0x18/0x34 [ 55.969515] __might_resched+0x1c4/0x240 [ 55.973490] __might_sleep+0x58/0xb0 [ 55.977111] do_page_fault+0x244/0x4d0 [ 55.980910] do_translation_fault+0xd8/0x100 [ 55.985238] do_mem_abort+0x58/0xb0 [ 55.988774] el1_abort+0x44/0x70 [ 55.992043] el1h_64_sync_handler+0xa4/0xd0 [ 55.996281] el1h_64_sync+0x64/0x68 [ 55.999814] __lock_acquire+0x53c/0x2040 [ 56.003789] lock_acquire.part.0+0xe8/0x24c [ 56.008028] lock_acquire+0x84/0xa0 [ 56.011560] down_write+0x60/0xc4 [ 56.014916] simple_recursive_removal+0x58/0x290 [ 56.019594] debugfs_remove+0x5c/0x80 [ 56.023306] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 56.029400] devm_action_release+0x24/0x3c [ 56.033549] release_nodes+0x64/0x9c [ 56.037170] devres_release_all+0x94/0xec [ 56.041232] device_unbind_cleanup+0x24/0x74 [ 56.045559] device_release_driver_internal+0x240/0x290 [ 56.050855] driver_detach+0x5c/0xf0 [ 56.054477] bus_remove_driver+0x6c/0x10c [ 56.058539] driver_unregister+0x38/0x6c [ 56.062513] platform_driver_unregister+0x24/0x34 [ 56.067281] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 56.072490] __arm64_sys_delete_module+0x184/0x2f0 [ 56.077346] invoke_syscall+0x8c/0x120 [ 56.081145] el0_svc_common.constprop.0+0x104/0x124 [ 56.086089] do_el0_svc+0x44/0xc0 [ 56.089446] el0_svc+0x48/0xc0 [ 56.092539] el0t_64_sync_handler+0xbc/0x140 [ 56.096866] el0t_64_sync+0x18c/0x190 [ 56.100584] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000150 [ 56.109495] Mem abort info: [ 56.112320] ESR = 0x0000000096000006 [ 56.116116] EC = 0x25: DABT (current EL), IL = 32 bits [ 56.121499] SET = 0, FnV = 0 [ 56.124589] EA = 0, S1PTW = 0 [ 56.127767] FSC = 0x06: level 2 translation fault [ 56.132708] Data abort info: [ 56.135622] ISV = 0, ISS = 0x00000006 [ 56.139505] CM = 0, WnR = 0 [ 56.142506] user pgtable: 4k pages, 48-bit VAs, pgdp=000000004adb5000 [ 56.149035] [0000000000000150] pgd=08000000469d2003, p4d=08000000469d2003, pud=0800000046b70003, pmd=0000000000000000 [ 56.159807] Internal error: Oops: 96000006 [#1] PREEMPT SMP [ 56.165455] Modules linked in: gpio_mockup(-) algif_hash aes_neon_bs aes_neon_blk xhci_pci raspberrypi_cpufreq snd_soc_hdmi_codec xhci_pci_renesas brcmfmac brcmutil hci_uart btqca btbcm cfg80211 bluetooth reset_raspberrypi crct10dif_ce clk_raspberrypi raspberrypi_hwmon rfkill iproc_rng200 pwm_bcm2835 v3d rng_core i2c_bcm2835 drm_shmem_helper vc4 bcm2711_thermal cec drm_display_helper drm_cma_helper gpu_sched pcie_brcmstb drm_kms_helper fuse drm [ 56.205467] CPU: 2 PID: 563 Comm: modprobe Tainted: G W 6.0.0-rc5 #1 [ 56.213318] Hardware name: Raspberry Pi 4 Model B (DT) [ 56.218523] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 56.225582] pc : __lock_acquire+0x53c/0x2040 [ 56.229910] lr : lock_acquire.part.0+0xe8/0x24c [ 56.234499] sp : ffff80000d03b8a0 [ 56.237852] x29: ffff80000d03b8a0 x28: ffff800008456678 x27: 0000000000000000 [ 56.245091] x26: ffff800008456678 x25: 0000000000000150 x24: 0000000000000000 [ 56.252329] x23: ffff00004c200040 x22: 0000000000000000 x21: 0000000000000001 [ 56.259567] x20: 0000000000000000 x19: 0000000000000000 x18: 0000000000000000 [ 56.266804] x17: ffff800008b93ed0 x16: 0000000000000000 x15: 0000000000000028 [ 56.274041] x14: 000000000004ffff x13: ffff80000b40dd00 x12: ffff80000802cff8 [ 56.281279] x11: ffff80000b40d840 x10: ffff80000802cdfc x9 : 0000000100000000 [ 56.288517] x8 : ffff00004c200040 x7 : ffff800008456678 x6 : 0000000000000000 [ 56.295755] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000 [ 56.302992] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff80000aeb6000 [ 56.310230] Call trace: [ 56.312701] __lock_acquire+0x53c/0x2040 [ 56.316674] lock_acquire.part.0+0xe8/0x24c [ 56.320911] lock_acquire+0x84/0xa0 [ 56.324444] down_write+0x60/0xc4 [ 56.327799] simple_recursive_removal+0x58/0x290 [ 56.332477] debugfs_remove+0x5c/0x80 [ 56.336186] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 56.342276] devm_action_release+0x24/0x3c [ 56.346425] release_nodes+0x64/0x9c [ 56.350043] devres_release_all+0x94/0xec [ 56.354104] device_unbind_cleanup+0x24/0x74 [ 56.358430] device_release_driver_internal+0x240/0x290 [ 56.363725] driver_detach+0x5c/0xf0 [ 56.367346] bus_remove_driver+0x6c/0x10c [ 56.371407] driver_unregister+0x38/0x6c [ 56.375380] platform_driver_unregister+0x24/0x34 [ 56.380147] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 56.385356] __arm64_sys_delete_module+0x184/0x2f0 [ 56.390211] invoke_syscall+0x8c/0x120 [ 56.394009] el0_svc_common.constprop.0+0x104/0x124 [ 56.398952] do_el0_svc+0x44/0xc0 [ 56.402308] el0_svc+0x48/0xc0 [ 56.405400] el0t_64_sync_handler+0xbc/0x140 [ 56.409725] el0t_64_sync+0x18c/0x190 [ 56.413435] Code: 6b01001f 54002668 a94573fb 1400003d (f9400321) [ 56.419613] ---[ end trace 0000000000000000 ]--- Full test log, https://lkft.validation.linaro.org/scheduler/job/5528616#L1360 metadata: git_ref: master git_repo: https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline git_sha: 3245cb65fd91cd514801bf91f5a3066d562f0ac4 git_describe: v6.0-rc5-25-g3245cb65fd91 kernel_version: 6.0.0-rc5 kernel-config: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv/config vmlinux.xz: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv/vmlinux.xz System.map: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv/System.map build-url: https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline/-/pipelines/… artifact-location: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv toolchain: gcc-11 -- Linaro LKFT https://lkft.linaro.org

2 years, 3 months

2
1
0 0

[PATCH net-next,v3 01/18] net/sched: sch_api: add helper for tc qdisc walker stats dump

by Zhengchao Shao

The walk implementation of most qdisc class modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So we can reconstruct them. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- include/net/pkt_sched.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/net/pkt_sched.h b/include/net/pkt_sched.h index 29f65632ebc5..2ff80cd04c5c 100644 --- a/include/net/pkt_sched.h +++ b/include/net/pkt_sched.h @@ -222,4 +222,17 @@ static inline struct tc_skb_cb *tc_skb_cb(const struct sk_buff *skb) return cb; } +static inline bool tc_qdisc_stats_dump(struct Qdisc *sch, + unsigned long cl, + struct qdisc_walker *arg) +{ + if (arg->count >= arg->skip && arg->fn(sch, cl, arg) < 0) { + arg->stop = 1; + return false; + } + + arg->count++; + return true; +} + #endif -- 2.17.1

2 years, 3 months

2
1
0 0

[PATCH net-next,v3 02/18] net/sched: use tc_qdisc_stats_dump() in qdisc

by Zhengchao Shao

use tc_qdisc_stats_dump() in qdisc. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- net/sched/sch_atm.c | 6 +----- net/sched/sch_cake.c | 9 +++------ net/sched/sch_cbq.c | 9 +-------- net/sched/sch_cbs.c | 8 +------- net/sched/sch_drr.c | 9 +-------- net/sched/sch_dsmark.c | 14 +++++--------- net/sched/sch_ets.c | 9 +-------- net/sched/sch_fq_codel.c | 8 ++------ net/sched/sch_hfsc.c | 9 +-------- net/sched/sch_htb.c | 9 +-------- net/sched/sch_mq.c | 5 +---- net/sched/sch_mqprio.c | 5 +---- net/sched/sch_multiq.c | 9 +-------- net/sched/sch_netem.c | 8 ++------ net/sched/sch_prio.c | 9 +-------- net/sched/sch_qfq.c | 9 +-------- net/sched/sch_red.c | 7 +------ net/sched/sch_sfb.c | 7 +------ net/sched/sch_sfq.c | 8 ++------ net/sched/sch_skbprio.c | 9 +-------- net/sched/sch_taprio.c | 5 +---- net/sched/sch_tbf.c | 7 +------ 22 files changed, 31 insertions(+), 147 deletions(-) diff --git a/net/sched/sch_atm.c b/net/sched/sch_atm.c index 816fd0d7ba38..f52255fea652 100644 --- a/net/sched/sch_atm.c +++ b/net/sched/sch_atm.c @@ -354,12 +354,8 @@ static void atm_tc_walk(struct Qdisc *sch, struct qdisc_walker *walker) if (walker->stop) return; list_for_each_entry(flow, &p->flows, list) { - if (walker->count >= walker->skip && - walker->fn(sch, (unsigned long)flow, walker) < 0) { - walker->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)flow, walker)) break; - } - walker->count++; } } diff --git a/net/sched/sch_cake.c b/net/sched/sch_cake.c index 36acc95d611e..55c6879d2c7e 100644 --- a/net/sched/sch_cake.c +++ b/net/sched/sch_cake.c @@ -3061,16 +3061,13 @@ static void cake_walk(struct Qdisc *sch, struct qdisc_walker *arg) struct cake_tin_data *b = &q->tins[q->tin_order[i]]; for (j = 0; j < CAKE_QUEUES; j++) { - if (list_empty(&b->flows[j].flowchain) || - arg->count < arg->skip) { + if (list_empty(&b->flows[j].flowchain)) { arg->count++; continue; } - if (arg->fn(sch, i * CAKE_QUEUES + j + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i * CAKE_QUEUES + j + 1, + arg)) break; - } - arg->count++; } } } diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c index ba99ce05cd52..6568e17c4c63 100644 --- a/net/sched/sch_cbq.c +++ b/net/sched/sch_cbq.c @@ -1676,15 +1676,8 @@ static void cbq_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (h = 0; h < q->clhash.hashsize; h++) { hlist_for_each_entry(cl, &q->clhash.hash[h], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_cbs.c b/net/sched/sch_cbs.c index 459cc240eda9..cac870eb7897 100644 --- a/net/sched/sch_cbs.c +++ b/net/sched/sch_cbs.c @@ -520,13 +520,7 @@ static unsigned long cbs_find(struct Qdisc *sch, u32 classid) static void cbs_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) { - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } diff --git a/net/sched/sch_drr.c b/net/sched/sch_drr.c index 4e5b1cf11b85..e35a4e90f4e6 100644 --- a/net/sched/sch_drr.c +++ b/net/sched/sch_drr.c @@ -284,15 +284,8 @@ static void drr_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_dsmark.c b/net/sched/sch_dsmark.c index 7da6dc38a382..401ffaf87d62 100644 --- a/net/sched/sch_dsmark.c +++ b/net/sched/sch_dsmark.c @@ -176,16 +176,12 @@ static void dsmark_walk(struct Qdisc *sch, struct qdisc_walker *walker) return; for (i = 0; i < p->indices; i++) { - if (p->mv[i].mask == 0xff && !p->mv[i].value) - goto ignore; - if (walker->count >= walker->skip) { - if (walker->fn(sch, i + 1, walker) < 0) { - walker->stop = 1; - break; - } + if (p->mv[i].mask == 0xff && !p->mv[i].value) { + walker->count++; + continue; } -ignore: - walker->count++; + if (!tc_qdisc_stats_dump(sch, i + 1, walker)) + break; } } diff --git a/net/sched/sch_ets.c b/net/sched/sch_ets.c index a3aea22ef09d..b10efeaf0629 100644 --- a/net/sched/sch_ets.c +++ b/net/sched/sch_ets.c @@ -341,15 +341,8 @@ static void ets_qdisc_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->nbands; i++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_fq_codel.c b/net/sched/sch_fq_codel.c index eeea8c6d54e2..99d318b60568 100644 --- a/net/sched/sch_fq_codel.c +++ b/net/sched/sch_fq_codel.c @@ -673,16 +673,12 @@ static void fq_codel_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->flows_cnt; i++) { - if (list_empty(&q->flows[i].flowchain) || - arg->count < arg->skip) { + if (list_empty(&q->flows[i].flowchain)) { arg->count++; continue; } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_hfsc.c b/net/sched/sch_hfsc.c index c8bef923c79c..70b0c5873d32 100644 --- a/net/sched/sch_hfsc.c +++ b/net/sched/sch_hfsc.c @@ -1349,15 +1349,8 @@ hfsc_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], cl_common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_htb.c b/net/sched/sch_htb.c index 78d0c7549c74..e5b4bbf3ce3d 100644 --- a/net/sched/sch_htb.c +++ b/net/sched/sch_htb.c @@ -2119,15 +2119,8 @@ static void htb_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_mq.c b/net/sched/sch_mq.c index 83d2e54bf303..d0bc660d7401 100644 --- a/net/sched/sch_mq.c +++ b/net/sched/sch_mq.c @@ -247,11 +247,8 @@ static void mq_walk(struct Qdisc *sch, struct qdisc_walker *arg) arg->count = arg->skip; for (ntx = arg->skip; ntx < dev->num_tx_queues; ntx++) { - if (arg->fn(sch, ntx + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, ntx + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_mqprio.c b/net/sched/sch_mqprio.c index b29f3453c6ea..4c68abaa289b 100644 --- a/net/sched/sch_mqprio.c +++ b/net/sched/sch_mqprio.c @@ -558,11 +558,8 @@ static void mqprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) /* Walk hierarchy with a virtual class per tc */ arg->count = arg->skip; for (ntx = arg->skip; ntx < netdev_get_num_tc(dev); ntx++) { - if (arg->fn(sch, ntx + TC_H_MIN_PRIORITY, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, ntx + TC_H_MIN_PRIORITY, arg)) return; - } - arg->count++; } /* Pad the values and skip over unused traffic classes */ diff --git a/net/sched/sch_multiq.c b/net/sched/sch_multiq.c index f28050c7f12d..75c9c860182b 100644 --- a/net/sched/sch_multiq.c +++ b/net/sched/sch_multiq.c @@ -353,15 +353,8 @@ static void multiq_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (band = 0; band < q->bands; band++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, band + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, band + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c index b70ac04110dd..18f4273a835b 100644 --- a/net/sched/sch_netem.c +++ b/net/sched/sch_netem.c @@ -1251,12 +1251,8 @@ static unsigned long netem_find(struct Qdisc *sch, u32 classid) static void netem_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + if (!tc_qdisc_stats_dump(sch, 1, walker)) + return; } } diff --git a/net/sched/sch_prio.c b/net/sched/sch_prio.c index 298794c04836..fdc5ef52c3ee 100644 --- a/net/sched/sch_prio.c +++ b/net/sched/sch_prio.c @@ -376,15 +376,8 @@ static void prio_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (prio = 0; prio < q->bands; prio++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, prio + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, prio + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_qfq.c b/net/sched/sch_qfq.c index 13246a9dc5c1..cf5ebe43b3b4 100644 --- a/net/sched/sch_qfq.c +++ b/net/sched/sch_qfq.c @@ -659,15 +659,8 @@ static void qfq_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_red.c b/net/sched/sch_red.c index 4952406f70b9..a5a401f93c1a 100644 --- a/net/sched/sch_red.c +++ b/net/sched/sch_red.c @@ -516,12 +516,7 @@ static unsigned long red_find(struct Qdisc *sch, u32 classid) static void red_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } diff --git a/net/sched/sch_sfb.c b/net/sched/sch_sfb.c index 1be8d04d69dc..e2389fa3cff8 100644 --- a/net/sched/sch_sfb.c +++ b/net/sched/sch_sfb.c @@ -659,12 +659,7 @@ static int sfb_delete(struct Qdisc *sch, unsigned long cl, static void sfb_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c index f8e569f79f13..abd436307d6a 100644 --- a/net/sched/sch_sfq.c +++ b/net/sched/sch_sfq.c @@ -888,16 +888,12 @@ static void sfq_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->divisor; i++) { - if (q->ht[i] == SFQ_EMPTY_SLOT || - arg->count < arg->skip) { + if (q->ht[i] == SFQ_EMPTY_SLOT) { arg->count++; continue; } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_skbprio.c b/net/sched/sch_skbprio.c index df72fb83d9c7..5df2dacb7b1a 100644 --- a/net/sched/sch_skbprio.c +++ b/net/sched/sch_skbprio.c @@ -265,15 +265,8 @@ static void skbprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < SKBPRIO_MAX_PRIORITY; i++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_taprio.c b/net/sched/sch_taprio.c index db88a692ef81..bddc1ed0c56b 100644 --- a/net/sched/sch_taprio.c +++ b/net/sched/sch_taprio.c @@ -2000,11 +2000,8 @@ static void taprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) arg->count = arg->skip; for (ntx = arg->skip; ntx < dev->num_tx_queues; ntx++) { - if (arg->fn(sch, ntx + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, ntx + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_tbf.c b/net/sched/sch_tbf.c index e031c1a41ea6..277ad11f4d61 100644 --- a/net/sched/sch_tbf.c +++ b/net/sched/sch_tbf.c @@ -580,12 +580,7 @@ static unsigned long tbf_find(struct Qdisc *sch, u32 classid) static void tbf_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } -- 2.17.1

2 years, 3 months

2
1
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror September 2022