September 2022 - Linux-kselftest-mirror

[PATCH 0/7] bpf: Add fd modes check for map iter and extend libbpf

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> Add a missing fd modes check in map iterators, potentially causing unauthorized map writes by eBPF programs attached to the iterator. Use this patch set as an opportunity to start a discussion with the cgroup developers about whether a security check is missing or not for their iterator. Also, extend libbpf with the _opts variant of bpf_*_get_fd_by_id(). Only bpf_map_get_fd_by_id_opts() is really useful in this patch set, to ensure that the creation of a map iterator fails with a read-only fd. Add all variants in this patch set for symmetry with bpf_map_get_fd_by_id_opts(), and because all the variants share the same opts structure. Also, add all the variants here, to shrink the patch set fixing map permissions requested by bpftool, so that the remaining patches are only about the latter. Finally, extend the bpf_iter test with the read-only fd check, and test each _opts variant of bpf_*_get_fd_by_id(). Roberto Sassu (7): bpf: Add missing fd modes check for map iterators libbpf: Define bpf_get_fd_opts and introduce bpf_map_get_fd_by_id_opts() libbpf: Introduce bpf_prog_get_fd_by_id_opts() libbpf: Introduce bpf_btf_get_fd_by_id_opts() libbpf: Introduce bpf_link_get_fd_by_id_opts() selftests/bpf: Ensure fd modes are checked for map iters and destroy links selftests/bpf: Add tests for _opts variants of libbpf include/linux/bpf.h | 2 +- kernel/bpf/inode.c | 2 +- kernel/bpf/map_iter.c | 3 +- kernel/bpf/syscall.c | 8 +- net/core/bpf_sk_storage.c | 3 +- net/core/sock_map.c | 3 +- tools/lib/bpf/bpf.c | 47 +++++- tools/lib/bpf/bpf.h | 16 ++ tools/lib/bpf/libbpf.map | 10 +- tools/lib/bpf/libbpf_version.h | 2 +- .../selftests/bpf/prog_tests/bpf_iter.c | 34 +++- .../bpf/prog_tests/libbpf_get_fd_opts.c | 145 ++++++++++++++++++ .../bpf/progs/test_libbpf_get_fd_opts.c | 49 ++++++ 13 files changed, 309 insertions(+), 15 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/libbpf_get_fd_opts.c create mode 100644 tools/testing/selftests/bpf/progs/test_libbpf_get_fd_opts.c -- 2.25.1

1 year, 8 months

2
12
0 0

[PATCH] selftests/cgroup: fix repeated words in comments

by wangjianli

Delete the redundant word 'in'. Signed-off-by: wangjianli <wangjianli(a)cdjrlc.com> --- tools/testing/selftests/cgroup/test_freezer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/cgroup/test_freezer.c b/tools/testing/selftests/cgroup/test_freezer.c index ff519029f6f4..b479434e87b7 100644 --- a/tools/testing/selftests/cgroup/test_freezer.c +++ b/tools/testing/selftests/cgroup/test_freezer.c @@ -740,7 +740,7 @@ static int test_cgfreezer_ptraced(const char *root) /* * cg_check_frozen(cgroup, true) will fail here, - * because the task in in the TRACEd state. + * because the task in the TRACEd state. */ if (cg_freeze_wait(cgroup, false)) goto cleanup; -- 2.36.1

1 year, 8 months

3
2
0 0

[PATCH] selftests/kexec: fix build for ARCH=x86_64

by Ricardo Cañuelo

Handle the scenario where the build is launched with the ARCH envvar defined as x86_64. Signed-off-by: Ricardo Cañuelo <ricardo.canuelo(a)collabora.com> --- tools/testing/selftests/kexec/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kexec/Makefile b/tools/testing/selftests/kexec/Makefile index 806a150648c3..67fe7a46cb62 100644 --- a/tools/testing/selftests/kexec/Makefile +++ b/tools/testing/selftests/kexec/Makefile @@ -1,10 +1,10 @@ # SPDX-License-Identifier: GPL-2.0-only # Makefile for kexec tests -uname_M := $(shell uname -m 2>/dev/null || echo not) -ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/) +ARCH ?= $(shell uname -m 2>/dev/null || echo not) +ARCH_PROCESSED := $(shell echo $(ARCH) | sed -e s/i.86/x86/ -e s/x86_64/x86/) -ifeq ($(ARCH),$(filter $(ARCH),x86 ppc64le)) +ifeq ($(ARCH_PROCESSED),$(filter $(ARCH_PROCESSED),x86 ppc64le)) TEST_PROGS := test_kexec_load.sh test_kexec_file_load.sh TEST_FILES := kexec_common_lib.sh -- 2.25.1

1 year, 8 months

1
0
0 0

kselftest/next kselftest-lkdtm: 5 runs, 1 regressions (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761)

by kernelci.org bot

kselftest/next kselftest-lkdtm: 5 runs, 1 regressions (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/job/kselftest/branch/next/kernel/linux-kselftest-… Test: kselftest-lkdtm Tree: kselftest Branch: next Describe: linux-kselftest-next-6.0-rc2-11-g144eeb2fc761 URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git SHA: 144eeb2fc761f966f71ab8b4b7d2a2198ecc400f Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/6319235877d2cc81a935564f Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-1… HTML log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-1… Rootfs: http://storage.kernelci.org/images/rootfs/debian/bullseye-kselftest/2022082… * kselftest-lkdtm.login: https://kernelci.org/test/case/id/6319235877d2cc81a9355650 failing since 15 days (last pass: v6.0-rc1-1-gf1227dc7d0411, first fail: linux-kselftest-next-6.0-rc2-1-gab7039dbcc61)

1 year, 8 months

1
0
0 0

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761)

by kernelci.org bot

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761) Full Build Summary: https://kernelci.org/build/kselftest/branch/next/kernel/linux-kselftest-nex… Tree: kselftest Branch: next Git Describe: linux-kselftest-next-6.0-rc2-11-g144eeb2fc761 Git Commit: 144eeb2fc761f966f71ab8b4b7d2a2198ecc400f Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git Built: 4 unique architectures ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- defconfig+kselftest (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig+kselftest (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+kselftest (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

1 year, 8 months

1
0
0 0

[PATCH -next v3 0/5] Optimize and bugfix for cpu-on-off-test.sh

by Zhao Gongyi

1. Correct log info 2. Replace exit with return to make the test exit gracefully 3. Delete fault injection related code 4. Reserve one cpu online when the test offline all cpus 5. Add log info when run full test successfully Changes in v3: - Remove config file for patch 2 - Update information of cover letter Changes in v2: - Update change log of patch 2 - Update exiting value to avoid incorrect report for patch 2 - Keep online_cpu_expect_fail() and offline_cpu_expect_fail() for patch 3 Zhao Gongyi (5): selftests/cpu-hotplug: Correct log info selftests/cpu-hotplug: Use return instead of exit selftests/cpu-hotplug: Delete fault injection related code selftests/cpu-hotplug: Reserve one cpu online at least selftests/cpu-hotplug: Add log info when test success tools/testing/selftests/cpu-hotplug/Makefile | 2 +- tools/testing/selftests/cpu-hotplug/config | 1 - .../selftests/cpu-hotplug/cpu-on-off-test.sh | 140 +++++------------- 3 files changed, 37 insertions(+), 106 deletions(-) delete mode 100644 tools/testing/selftests/cpu-hotplug/config -- 2.17.1

1 year, 8 months

2
6
0 0

[PATCH bpf-next v11 0/7] bpf-core changes for preparation of

by Benjamin Tissoires

Hi, well, given that the HID changes haven't moved a lot in the past revisions and that I am cc-ing a bunch of people, I have dropped them while we focus on the last 2 requirements in bpf-core changes. I'll submit a HID targeted series when we get these in tree, which would make things a lore more independent. For reference, the whole reasons for these 2 main changes are at https://lore.kernel.org/bpf/20220902132938.2409206-1-benjamin.tissoires@red… Compared to v10 (in addition of dropping the HID changes), I have changed the selftests so we can test both light skeletons and libbbpf calls. Cheers, Benjamin Benjamin Tissoires (7): selftests/bpf: regroup and declare similar kfuncs selftests in an array bpf: split btf_check_subprog_arg_match in two bpf/verifier: allow all functions to read user provided context selftests/bpf: add test for accessing ctx from syscall program type bpf/btf: bump BTF_KFUNC_SET_MAX_CNT bpf/verifier: allow kfunc to return an allocated mem selftests/bpf: Add tests for kfunc returning a memory pointer include/linux/bpf.h | 11 +- include/linux/bpf_verifier.h | 2 + include/linux/btf.h | 10 + kernel/bpf/btf.c | 149 ++++++++++-- kernel/bpf/verifier.c | 66 +++-- net/bpf/test_run.c | 37 +++ tools/testing/selftests/bpf/Makefile | 5 +- .../selftests/bpf/prog_tests/kfunc_call.c | 227 ++++++++++++++++-- .../selftests/bpf/progs/kfunc_call_fail.c | 160 ++++++++++++ .../selftests/bpf/progs/kfunc_call_test.c | 71 ++++++ 10 files changed, 678 insertions(+), 60 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/kfunc_call_fail.c -- 2.36.1

1 year, 8 months

4
15
0 0

[PATCH][next] kselftest/arm64: Fix spelling misakes of signal names

by Colin Ian King

There are a couple of spelling mistakes of signame names. Fix them. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/arm64/fp/fp-stress.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fp-stress.c b/tools/testing/selftests/arm64/fp/fp-stress.c index 01cef1962ab5..a5c0ebef2419 100644 --- a/tools/testing/selftests/arm64/fp/fp-stress.c +++ b/tools/testing/selftests/arm64/fp/fp-stress.c @@ -247,7 +247,7 @@ static void handle_child_signal(int sig, siginfo_t *info, void *context) } if (!found) - ksft_print_msg("SIGCHILD for unknown PID %d with status %d\n", + ksft_print_msg("SIGCHLD for unknown PID %d with status %d\n", info->si_pid, info->si_status); } @@ -457,7 +457,7 @@ int main(int argc, char **argv) strerror(errno), errno); ret = sigaction(SIGTERM, &sa, NULL); if (ret < 0) - ksft_print_msg("Failed to install SIGTEM handler: %s (%d)\n", + ksft_print_msg("Failed to install SIGTERM handler: %s (%d)\n", strerror(errno), errno); sa.sa_sigaction = handle_child_signal; ret = sigaction(SIGCHLD, &sa, NULL); -- 2.37.1

1 year, 8 months

2
1
0 0

[PATCH] kselftest/arm64: Install signal handlers before output in FP stress tests

by Mark Brown

To interface more robustly with other processes install the signal handers in the floating point stress tests before we produce any output, this means that a parent process can know that if it has seen any output from the test then the test is ready to handle incoming signals. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Resending with signoff added, was missed on previous postings. .../testing/selftests/arm64/fp/fpsimd-test.S | 48 +++++++++---------- tools/testing/selftests/arm64/fp/sve-test.S | 48 +++++++++---------- tools/testing/selftests/arm64/fp/za-test.S | 48 +++++++++---------- 3 files changed, 72 insertions(+), 72 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fpsimd-test.S b/tools/testing/selftests/arm64/fp/fpsimd-test.S index f0f92192351a..918d04885a33 100644 --- a/tools/testing/selftests/arm64/fp/fpsimd-test.S +++ b/tools/testing/selftests/arm64/fp/fpsimd-test.S @@ -216,6 +216,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + // Sanity-check and report the vector length mov x19, #128 @@ -246,30 +270,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - mov x22, #0 // generation number, increments per iteration .Ltest_loop: diff --git a/tools/testing/selftests/arm64/fp/sve-test.S b/tools/testing/selftests/arm64/fp/sve-test.S index 79c56e6c5b23..2a18cb4c528c 100644 --- a/tools/testing/selftests/arm64/fp/sve-test.S +++ b/tools/testing/selftests/arm64/fp/sve-test.S @@ -379,6 +379,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // Irritation signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + #ifdef SSVE puts "Streaming mode " smstart_sm @@ -414,30 +438,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - #ifdef SSVE smstart_sm // syscalls will have exited streaming mode #endif diff --git a/tools/testing/selftests/arm64/fp/za-test.S b/tools/testing/selftests/arm64/fp/za-test.S index 901839107205..53c54af65704 100644 --- a/tools/testing/selftests/arm64/fp/za-test.S +++ b/tools/testing/selftests/arm64/fp/za-test.S @@ -232,6 +232,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + puts "Streaming mode " smstart_za @@ -264,30 +288,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - mov x22, #0 // generation number, increments per iteration .Ltest_loop: rdsvl 0, 8 -- 2.30.2

1 year, 8 months

2
1
0 0

[net-next v3 0/6] net: support QUIC crypto

by Adel Abouchaev

QUIC requires end to end encryption of the data. The application usually prepares the data in clear text, encrypts and calls send() which implies multiple copies of the data before the packets hit the networking stack. Similar to kTLS, QUIC kernel offload of cryptography reduces the memory pressure by reducing the number of copies. The scope of kernel support is limited to the symmetric cryptography, leaving the handshake to the user space library. For QUIC in particular, the application packets that require symmetric cryptography are the 1RTT packets with short headers. Kernel will encrypt the application packets on transmission and decrypt on receive. This series implements Tx only, because in QUIC server applications Tx outweighs Rx by orders of magnitude. Supporting the combination of QUIC and GSO requires the application to correctly place the data and the kernel to correctly slice it. The encryption process appends an arbitrary number of bytes (tag) to the end of the message to authenticate it. The GSO value should include this overhead, the offload would then subtract the tag size to parse the input on Tx before chunking and encrypting it. With the kernel cryptography, the buffer copy operation is conjoined with the encryption operation. The memory bandwidth is reduced by 5-8%. When devices supporting QUIC encryption in hardware come to the market, we will be able to free further 7% of CPU utilization which is used today for crypto operations. Adel Abouchaev (6): Documentation on QUIC kernel Tx crypto. Define QUIC specific constants, control and data plane structures Add UDP ULP operations, initialization and handling prototype functions. Implement QUIC offload functions Add flow counters and Tx processing error counter Add self tests for ULP operations, flow setup and crypto tests Documentation/networking/index.rst | 1 + Documentation/networking/quic.rst | 211 ++++ include/net/inet_sock.h | 2 + include/net/netns/mib.h | 3 + include/net/quic.h | 63 + include/net/snmp.h | 6 + include/net/udp.h | 33 + include/uapi/linux/quic.h | 66 + include/uapi/linux/snmp.h | 9 + include/uapi/linux/udp.h | 4 + net/Kconfig | 1 + net/Makefile | 1 + net/ipv4/Makefile | 3 +- net/ipv4/udp.c | 15 + net/ipv4/udp_ulp.c | 192 +++ net/quic/Kconfig | 16 + net/quic/Makefile | 8 + net/quic/quic_main.c | 1533 ++++++++++++++++++++++++ net/quic/quic_proc.c | 45 + tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 3 +- tools/testing/selftests/net/quic.c | 1370 +++++++++++++++++++++ tools/testing/selftests/net/quic.sh | 46 + 23 files changed, 3630 insertions(+), 2 deletions(-) create mode 100644 Documentation/networking/quic.rst create mode 100644 include/net/quic.h create mode 100644 include/uapi/linux/quic.h create mode 100644 net/ipv4/udp_ulp.c create mode 100644 net/quic/Kconfig create mode 100644 net/quic/Makefile create mode 100644 net/quic/quic_main.c create mode 100644 net/quic/quic_proc.c create mode 100644 tools/testing/selftests/net/quic.c create mode 100755 tools/testing/selftests/net/quic.sh -- 2.30.2

1 year, 8 months

2
8
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror September 2022