July 2023 - Linux-kselftest-mirror

[PATCH] selftests/nolibc: avoid buffer underrun in space printing

by Thomas Weißschuh

If the test description is longer than the status alignment the parameter 'n' to putcharn() would lead to a signed underflow that then gets converted to a very large unsigned value. This in turn leads out-of-bound writes in memset() crashing the application. The failure case of EXPECT_PTRER() used in "mmap_bad" exhibits this exact behavior. Fixes: 8a27526f49f9 ("selftests/nolibc: add EXPECT_PTREQ, EXPECT_PTRNE and EXPECT_PTRER") Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net> --- tools/testing/selftests/nolibc/nolibc-test.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index 03b1d30f5507..9b76603e4ce3 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -151,7 +151,8 @@ static void result(int llen, enum RESULT r) else msg = "[FAIL]"; - putcharn(' ', 64 - llen); + if (llen < 64) + putcharn(' ', 64 - llen); puts(msg); } --- base-commit: dfef4fc45d5713eb23d87f0863aff9c33bd4bfaf change-id: 20230726-nolibc-result-width-1f4b0b4f3ca0 Best regards, -- Thomas Weißschuh <linux(a)weissschuh.net>

1 year, 4 months

2
1
0 0

[PATCH v2] selftests:connector: Fix input argument error paths to skip

by Shuah Khan

Fix input argument parsing paths to skip from their error legs. This fix helps to avoid false test failure reports without running the test. Signed-off-by: Shuah Khan <skhan(a)linuxfoundation.org> --- v2: Removed root check based on Anjali's review comments. tools/testing/selftests/connector/proc_filter.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/connector/proc_filter.c b/tools/testing/selftests/connector/proc_filter.c index 4fe8c6763fd8..4a825b997666 100644 --- a/tools/testing/selftests/connector/proc_filter.c +++ b/tools/testing/selftests/connector/proc_filter.c @@ -248,7 +248,7 @@ int main(int argc, char *argv[]) if (argc > 2) { printf("Expected 0(assume no-filter) or 1 argument(-f)\n"); - exit(1); + exit(KSFT_SKIP); } if (argc == 2) { @@ -256,7 +256,7 @@ int main(int argc, char *argv[]) filter = 1; } else { printf("Valid option : -f (for filter feature)\n"); - exit(1); + exit(KSFT_SKIP); } } -- 2.39.2

1 year, 4 months

2
4
0 0

[PATCH bpf-next v6 0/5] Support defragmenting IPv(4|6) packets in BPF

by Daniel Xu

=== Context === In the context of a middlebox, fragmented packets are tricky to handle. The full 5-tuple of a packet is often only available in the first fragment which makes enforcing consistent policy difficult. There are really only two stateless options, neither of which are very nice: 1. Enforce policy on first fragment and accept all subsequent fragments. This works but may let in certain attacks or allow data exfiltration. 2. Enforce policy on first fragment and drop all subsequent fragments. This does not really work b/c some protocols may rely on fragmentation. For example, DNS may rely on oversized UDP packets for large responses. So stateful tracking is the only sane option. RFC 8900 [0] calls this out as well in section 6.3: Middleboxes [...] should process IP fragments in a manner that is consistent with [RFC0791] and [RFC8200]. In many cases, middleboxes must maintain state in order to achieve this goal. === BPF related bits === Policy has traditionally been enforced from XDP/TC hooks. Both hooks run before kernel reassembly facilities. However, with the new BPF_PROG_TYPE_NETFILTER, we can rather easily hook into existing netfilter reassembly infra. The basic idea is we bump a refcnt on the netfilter defrag module and then run the bpf prog after the defrag module runs. This allows bpf progs to transparently see full, reassembled packets. The nice thing about this is that progs don't have to carry around logic to detect fragments. === Changelog === Changes from v5: * Fix defrag disable codepaths Changes from v4: * Refactor module handling code to not sleep in rcu_read_lock() * Also unify the v4 and v6 hook structs so they can share codepaths * Fixed some checkpatch.pl formatting warnings Changes from v3: * Correctly initialize `addrlen` stack var for recvmsg() Changes from v2: * module_put() if ->enable() fails * Fix CI build errors Changes from v1: * Drop bpf_program__attach_netfilter() patches * static -> static const where appropriate * Fix callback assignment order during registration * Only request_module() if callbacks are missing * Fix retval when modprobe fails in userspace * Fix v6 defrag module name (nf_defrag_ipv6_hooks -> nf_defrag_ipv6) * Simplify priority checking code * Add warning if module doesn't assign callbacks in the future * Take refcnt on module while defrag link is active [0]: https://datatracker.ietf.org/doc/html/rfc8900 Daniel Xu (5): netfilter: defrag: Add glue hooks for enabling/disabling defrag netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link bpf: selftests: Support not connecting client socket bpf: selftests: Support custom type and proto for client sockets bpf: selftests: Add defrag selftests include/linux/netfilter.h | 10 + include/uapi/linux/bpf.h | 5 + net/ipv4/netfilter/nf_defrag_ipv4.c | 17 +- net/ipv6/netfilter/nf_defrag_ipv6_hooks.c | 11 + net/netfilter/core.c | 6 + net/netfilter/nf_bpf_link.c | 123 +++++++- tools/include/uapi/linux/bpf.h | 5 + tools/testing/selftests/bpf/Makefile | 4 +- .../selftests/bpf/generate_udp_fragments.py | 90 ++++++ .../selftests/bpf/ip_check_defrag_frags.h | 57 ++++ tools/testing/selftests/bpf/network_helpers.c | 26 +- tools/testing/selftests/bpf/network_helpers.h | 3 + .../bpf/prog_tests/ip_check_defrag.c | 283 ++++++++++++++++++ .../selftests/bpf/progs/ip_check_defrag.c | 104 +++++++ 14 files changed, 718 insertions(+), 26 deletions(-) create mode 100755 tools/testing/selftests/bpf/generate_udp_fragments.py create mode 100644 tools/testing/selftests/bpf/ip_check_defrag_frags.h create mode 100644 tools/testing/selftests/bpf/prog_tests/ip_check_defrag.c create mode 100644 tools/testing/selftests/bpf/progs/ip_check_defrag.c -- 2.41.0

1 year, 4 months

2
4
0 0

[RFC PATCH 00/13] Extedn DAMOS filters for address ranges and

by SeongJae Park

There are use cases that need to apply DAMOS schemes to specific address ranges or DAMON monitoring targets. NUMA nodes in the physical address space, special memory objects in the virtual address space, and monitoring target specific efficient monitoring results snapshot retrieval could be examples of such use cases. This patchset extends DAMOS filters feature for such cases, by implementing two more filter types, namely address ranges and DAMON monitoring types. Patches sequence ---------------- The first seven patches are for the address ranges based DAMOS filter. The first patch implements the filter feature and expose it via DAMON kernel API. The second patch further expose the feature to users via DAMON sysfs interface. The third and fourth patches implement unit tests and selftests for the feature. Three patches (fifth to seventh) updating the documents follow. The following six patches are for the DAMON monitoring target based DAMOS filter. The eighth patch implements the feature in the core layer and expose it via DAMON's kernel API. The ninth patch further expose it to users via DAMON sysfs interface. Tenth patch add a selftest, and two patches (eleventh and twelfth) update documents. SeongJae Park (13): mm/damon/core: introduce address range type damos filter mm/damon/sysfs-schemes: support address range type DAMOS filter mm/damon/core-test: add a unit test for __damos_filter_out() selftests/damon/sysfs: test address range damos filter Docs/mm/damon/design: update for address range filters Docs/ABI/damon: update for address range DAMOS filter Docs/admin-guide/mm/damon/usage: update for address range type DAMOS filter mm/damon/core: implement target type damos filter mm/damon/sysfs-schemes: support target damos filter selftests/damon/sysfs: test damon_target filter Docs/mm/damon/design: update for DAMON monitoring target type DAMOS filter Docs/ABI/damon: update for DAMON monitoring target type DAMOS filter Docs/admin-guide/mm/damon/usage: update for DAMON monitoring target type DAMOS filter .../ABI/testing/sysfs-kernel-mm-damon | 27 +++++- Documentation/admin-guide/mm/damon/usage.rst | 34 +++++--- Documentation/mm/damon/design.rst | 24 ++++-- include/linux/damon.h | 28 +++++-- mm/damon/core-test.h | 61 ++++++++++++++ mm/damon/core.c | 62 ++++++++++++++ mm/damon/sysfs-schemes.c | 83 +++++++++++++++++++ tools/testing/selftests/damon/sysfs.sh | 5 ++ 8 files changed, 299 insertions(+), 25 deletions(-) -- 2.25.1

1 year, 4 months

1
3
0 0

[RFC PATCH 0/5] mm/damon/sysfs: add a file for efficiently get total size of DAMOS tried regions

by SeongJae Park

The tried_regions directory of DAMON sysfs interface is useful for retrieving monitoring results snapshot or DAMOS debugging. However, for common use case that need to monitor only the total size of the scheme tried regions (e.g., monitoring working set size), the kernel overhead for directory construction and user overhead for reading the content could be high if the number of monitoring region is not small. This patchset implements DAMON sysfs files for efficient support of the use case. The first patch implements the sysfs file to reduce the user space overhead, and the second patch implements a command for reducing the kernel space overhead. The third patch adds a selftest for the new file, and following two patches update documents. SeongJae Park (5): mm/damon/sysfs-schemes: implement DAMOS tried total bytes file mm/damon/sysfs: implement a command for updating only schemes tried total bytes selftests/damon/sysfs: test tried_regions/total_bytes file Docs/ABI/damon: update for tried_regions/total_bytes Docs/admin-guide/mm/damon/usage: update for tried_regions/total_bytes .../ABI/testing/sysfs-kernel-mm-damon | 13 +++++- Documentation/admin-guide/mm/damon/usage.rst | 42 ++++++++++++------- mm/damon/sysfs-common.h | 2 +- mm/damon/sysfs-schemes.c | 24 ++++++++++- mm/damon/sysfs.c | 26 +++++++++--- tools/testing/selftests/damon/sysfs.sh | 1 + 6 files changed, 83 insertions(+), 25 deletions(-) -- 2.25.1

1 year, 4 months

1
1
0 0

[PATCH v6 00/10] tracing: introducing eventfs

by Ajay Kaher

Events Tracing infrastructure contains lot of files, directories (internally in terms of inodes, dentries). And ends up by consuming memory in MBs. We can have multiple events of Events Tracing, which further requires more memory. Instead of creating inodes/dentries, eventfs could keep meta-data and skip the creation of inodes/dentries. As and when require, eventfs will create the inodes/dentries only for required files/directories. Also eventfs would delete the inodes/dentries once no more requires but preserve the meta data. Tracing events took ~9MB, with this approach it took ~4.5MB for ~10K files/dir. Diff from v5: Patch 02: removed TRACEFS_EVENT_INODE enum. Patch 04: added TRACEFS_EVENT_INODE enum. Patch 06: removed WARN_ON_ONCE in eventfs_set_ef_status_free() Patch 07: added WARN_ON_ONCE in create_dentry() moved declaration of following to internal.h: eventfs_start_creating() eventfs_failed_creating() eventfs_end_creating() Patch 08: added WARN_ON_ONCE in eventfs_set_ef_status_free() Diff from v4: Patch 02: moved from v4 08/10 added fs/tracefs/internal.h Patch 03: moved from v4 02/10 removed fs/tracefs/internal.h Patch 04: moved from v4 03/10 moved out changes of fs/tracefs/internal.h Patch 05: moved from v4 04/10 renamed eventfs_add_top_file() -> eventfs_add_events_file() Patch 06: moved from v4 07/10 implemented create_dentry() helper function added create_file(), create_dir() stub function Patch 07: moved from v4 06/10 Patch 08: moved from v4 05/10 improved eventfs remove functionality Patch 09: removed unwanted if conditions Patch 10: added available_filter_functions check Diff from v3: Patch 3,4,5,7,9: removed all the eventfs_rwsem code and replaced it with an srcu lock for the readers, and a mutex to synchronize the writers of the list. Patch 2: moved 'tracefs_inode' and 'get_tracefs()' to v4 03/10 Patch 3: moved the struct eventfs_file and eventfs_inode into event_inode.c as it really should not be exposed to all users. Patch 5: added a recursion check to eventfs_remove_rec() as it is really dangerous to have unchecked recursion in the kernel (we do have a fixed size stack). have the free use srcu callbacks. After the srcu grace periods are done, it adds the eventfs_file onto a llist (lockless link list) and wakes up a work queue. Then the work queue does the freeing (this needs to be done in task/workqueue context, as srcu callbacks are done in softirq context). Patch 6: renamed: eventfs_create_file() -> create_file() eventfs_create_dir() -> create_dir() Diff from v2: Patch 01: new patch:'Require all trace events to have a TRACE_SYSTEM' Patch 02: moved from v1 1/9 Patch 03: moved from v1 2/9 As suggested by Zheng Yejian, introduced eventfs_prepare_ef() helper function to add files or directories to eventfs fix WARNING reported by kernel test robot in v1 8/9 Patch 04: moved from v1 3/9 used eventfs_prepare_ef() to add files fix WARNING reported by kernel test robot in v1 8/9 Patch 05: moved from v1 4/9 fix compiling warning reported by kernel test robot in v1 4/9 Patch 06: moved from v1 5/9 Patch 07: moved from v1 6/9 Patch 08: moved from v1 7/9 Patch 09: moved from v1 8/9 rebased because of v3 01/10 Patch 10: moved from v1 9/9 Diff from v1: Patch 1: add header file Patch 2: resolved kernel test robot issues protecting eventfs lists using nested eventfs_rwsem Patch 3: protecting eventfs lists using nested eventfs_rwsem Patch 4: improve events cleanup code to fix crashes Patch 5: resolved kernel test robot issues removed d_instantiate_anon() calls Patch 6: resolved kernel test robot issues fix kprobe test in eventfs_root_lookup() protecting eventfs lists using nested eventfs_rwsem Patch 7: remove header file Patch 8: pass eventfs_rwsem as argument to eventfs functions called eventfs_remove_events_dir() instead of tracefs_remove() from event_trace_del_tracer() Patch 9: new patch to fix kprobe test case fs/tracefs/Makefile | 1 + fs/tracefs/event_inode.c | 801 ++++++++++++++++++ fs/tracefs/inode.c | 151 +++- fs/tracefs/internal.h | 29 + include/linux/trace_events.h | 1 + include/linux/tracefs.h | 23 + kernel/trace/trace.h | 2 +- kernel/trace/trace_events.c | 76 +- .../ftrace/test.d/kprobe/kprobe_args_char.tc | 9 +- .../test.d/kprobe/kprobe_args_string.tc | 9 +- 10 files changed, 1050 insertions(+), 52 deletions(-) create mode 100644 fs/tracefs/event_inode.c create mode 100644 fs/tracefs/internal.h -- 2.39.0

1 year, 4 months

1
10
0 0

selftests: connector: proc_filter.c:48:20: error: invalid application of 'sizeof' to an incomplete type 'struct proc_input'

by Naresh Kamboju

selftests: connector: proc_filter build failed with clang-16 due to below warnings / errors on Linux next-20230725. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> clang --target=aarch64-linux-gnu -fintegrated-as -Werror=unknown-warning-option -Werror=ignored-optimization-argument -Werror=option-ignored -Werror=unused-command-line-argument --target=aarch64-linux-gnu -fintegrated-as -Wall proc_filter.c -o /home/tuxbuild/.cache/tuxmake/builds/1/build/kselftest/connector/proc_filter proc_filter.c:42:12: error: invalid application of 'sizeof' to an incomplete type 'struct proc_input' char buff[NL_MESSAGE_SIZE]; ^~~~~~~~~~~~~~~ proc_filter.c:22:5: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ ~~~~~~~~~~~~~~~~~~~ proc_filter.c:42:12: note: forward declaration of 'struct proc_input' proc_filter.c:22:19: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ proc_filter.c:48:20: error: invalid application of 'sizeof' to an incomplete type 'struct proc_input' hdr->nlmsg_len = NL_MESSAGE_SIZE; ^~~~~~~~~~~~~~~ proc_filter.c:22:5: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ ~~~~~~~~~~~~~~~~~~~ proc_filter.c:42:12: note: forward declaration of 'struct proc_input' char buff[NL_MESSAGE_SIZE]; ^ proc_filter.c:22:19: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ proc_filter.c:64:14: error: invalid application of 'sizeof' to an incomplete type 'struct proc_input' msg->len = sizeof(struct proc_input); ^ ~~~~~~~~~~~~~~~~~~~ proc_filter.c:42:12: note: forward declaration of 'struct proc_input' char buff[NL_MESSAGE_SIZE]; ^ proc_filter.c:22:19: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ proc_filter.c:65:35: error: incomplete definition of type 'struct proc_input' ((struct proc_input *)msg->data)->mcast_op = ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^ proc_filter.c:42:12: note: forward declaration of 'struct proc_input' char buff[NL_MESSAGE_SIZE]; ^ proc_filter.c:22:19: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ proc_filter.c:66:31: error: incomplete definition of type 'struct proc_input' ((struct proc_input *)pinp)->mcast_op; ~~~~~~~~~~~~~~~~~~~~~~~~~~~^ proc_filter.c:42:12: note: forward declaration of 'struct proc_input' char buff[NL_MESSAGE_SIZE]; ^ proc_filter.c:22:19: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ proc_filter.c:67:35: error: incomplete definition of type 'struct proc_input' ((struct proc_input *)msg->data)->event_type = ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^ proc_filter.c:42:12: note: forward declaration of 'struct proc_input' char buff[NL_MESSAGE_SIZE]; ^ proc_filter.c:22:19: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ proc_filter.c:68:31: error: incomplete definition of type 'struct proc_input' ((struct proc_input *)pinp)->event_type; ~~~~~~~~~~~~~~~~~~~~~~~~~~~^ proc_filter.c:42:12: note: forward declaration of 'struct proc_input' char buff[NL_MESSAGE_SIZE]; ^ proc_filter.c:22:19: note: expanded from macro 'NL_MESSAGE_SIZE' sizeof(struct proc_input)) ^ proc_filter.c:245:20: error: variable has incomplete type 'struct proc_input' struct proc_input input; ^ proc_filter.c:245:9: note: forward declaration of 'struct proc_input' struct proc_input input; ^ proc_filter.c:264:22: error: use of undeclared identifier 'PROC_EVENT_NONZERO_EXIT' input.event_type = PROC_EVENT_NONZERO_EXIT; ^ 9 errors generated. make[4]: Leaving directory '/builds/linux/tools/testing/selftests/connector' Links: - https://storage.tuxsuite.com/public/linaro/lkft/builds/2T3676HpK243gMBLYJCp… steps to reproduce: - https://storage.tuxsuite.com/public/linaro/lkft/builds/2T3676HpK243gMBLYJCp… -- Linaro LKFT https://lkft.linaro.org

1 year, 4 months

4
10
0 0

[RFC bpf-next v6] bpf: Force to MPTCP

by Geliang Tang

As is described in the "How to use MPTCP?" section in MPTCP wiki [1]: "Your app can create sockets with IPPROTO_MPTCP as the proto: ( socket(AF_INET, SOCK_STREAM, IPPROTO_MPTCP); ). Legacy apps can be forced to create and use MPTCP sockets instead of TCP ones via the mptcpize command bundled with the mptcpd daemon." But the mptcpize (LD_PRELOAD technique) command has some limitations [2]: - it doesn't work if the application is not using libc (e.g. GoLang apps) - in some envs, it might not be easy to set env vars / change the way apps are launched, e.g. on Android - mptcpize needs to be launched with all apps that want MPTCP: we could have more control from BPF to enable MPTCP only for some apps or all the ones of a netns or a cgroup, etc. - it is not in BPF, we cannot talk about it at netdev conf. So this patchset attempts to use BPF to implement functions similer to mptcpize. The main idea is add a hook in sys_socket() to change the protocol id from IPPROTO_TCP (or 0) to IPPROTO_MPTCP. [1] https://github.com/multipath-tcp/mptcp_net-next/wiki [2] https://github.com/multipath-tcp/mptcp_net-next/issues/79 v6: - add update_socket_protocol. v5: - add bpf_mptcpify helper. v4: - use lsm_cgroup/socket_create v3: - patch 8: char cmd[128]; -> char cmd[256]; v2: - Fix build selftests errors reported by CI Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/79 Signed-off-by: Geliang Tang <geliang.tang(a)suse.com> --- net/mptcp/bpf.c | 17 +++ net/socket.c | 6 + .../testing/selftests/bpf/prog_tests/mptcp.c | 126 ++++++++++++++++-- tools/testing/selftests/bpf/progs/mptcpify.c | 26 ++++ 4 files changed, 166 insertions(+), 9 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/mptcpify.c diff --git a/net/mptcp/bpf.c b/net/mptcp/bpf.c index 5a0a84ad94af..c43aee31014d 100644 --- a/net/mptcp/bpf.c +++ b/net/mptcp/bpf.c @@ -12,6 +12,23 @@ #include <linux/bpf.h> #include "protocol.h" +#ifdef CONFIG_BPF_JIT +BTF_SET8_START(bpf_mptcp_fmodret_ids) +BTF_ID_FLAGS(func, update_socket_protocol) +BTF_SET8_END(bpf_mptcp_fmodret_ids) + +static const struct btf_kfunc_id_set bpf_mptcp_fmodret_set = { + .owner = THIS_MODULE, + .set = &bpf_mptcp_fmodret_ids, +}; + +static int __init bpf_mptcp_kfunc_init(void) +{ + return register_btf_fmodret_id_set(&bpf_mptcp_fmodret_set); +} +late_initcall(bpf_mptcp_kfunc_init); +#endif /* CONFIG_BPF_JIT */ + struct mptcp_sock *bpf_mptcp_sock_from_subflow(struct sock *sk) { if (sk && sk_fullsock(sk) && sk->sk_protocol == IPPROTO_TCP && sk_is_mptcp(sk)) diff --git a/net/socket.c b/net/socket.c index 2b0e54b2405c..4c7b2ff711f0 100644 --- a/net/socket.c +++ b/net/socket.c @@ -1644,11 +1644,17 @@ struct file *__sys_socket_file(int family, int type, int protocol) return sock_alloc_file(sock, flags, NULL); } +noinline int update_socket_protocol(int family, int type, int protocol) +{ + return protocol; +} + int __sys_socket(int family, int type, int protocol) { struct socket *sock; int flags; + protocol = update_socket_protocol(family, type, protocol); sock = __sys_socket_create(family, type, protocol); if (IS_ERR(sock)) return PTR_ERR(sock); diff --git a/tools/testing/selftests/bpf/prog_tests/mptcp.c b/tools/testing/selftests/bpf/prog_tests/mptcp.c index cd0c42fff7c0..ffa98d5c46af 100644 --- a/tools/testing/selftests/bpf/prog_tests/mptcp.c +++ b/tools/testing/selftests/bpf/prog_tests/mptcp.c @@ -6,8 +6,9 @@ #include "cgroup_helpers.h" #include "network_helpers.h" #include "mptcp_sock.skel.h" +#include "mptcpify.skel.h" -#define NS_TEST "mptcp_ns" +char NS_TEST[32]; #ifndef TCP_CA_NAME_MAX #define TCP_CA_NAME_MAX 16 @@ -22,6 +23,26 @@ struct mptcp_storage { char ca_name[TCP_CA_NAME_MAX]; }; +static struct nstoken *create_netns(void) +{ + srand(time(NULL)); + snprintf(NS_TEST, sizeof(NS_TEST), "mptcp_ns_%d", rand()); + SYS(fail, "ip netns add %s", NS_TEST); + SYS(fail, "ip -net %s link set dev lo up", NS_TEST); + + return open_netns(NS_TEST); +fail: + return NULL; +} + +static void cleanup_netns(struct nstoken *nstoken) +{ + if (nstoken) + close_netns(nstoken); + + SYS_NOFAIL("ip netns del %s &> /dev/null", NS_TEST); +} + static int verify_tsk(int map_fd, int client_fd) { int err, cfd = client_fd; @@ -147,11 +168,8 @@ static void test_base(void) if (!ASSERT_GE(cgroup_fd, 0, "test__join_cgroup")) return; - SYS(fail, "ip netns add %s", NS_TEST); - SYS(fail, "ip -net %s link set dev lo up", NS_TEST); - - nstoken = open_netns(NS_TEST); - if (!ASSERT_OK_PTR(nstoken, "open_netns")) + nstoken = create_netns(); + if (!ASSERT_OK_PTR(nstoken, "create_netns")) goto fail; /* without MPTCP */ @@ -174,11 +192,99 @@ static void test_base(void) close(server_fd); fail: - if (nstoken) - close_netns(nstoken); + cleanup_netns(nstoken); - SYS_NOFAIL("ip netns del " NS_TEST " &> /dev/null"); + close(cgroup_fd); +} + +static void send_byte(int fd) +{ + char b = 0x55; + + ASSERT_EQ(write(fd, &b, sizeof(b)), 1, "send single byte"); +} + +static int verify_mptcpify(void) +{ + char cmd[256]; + int err = 0; + + snprintf(cmd, sizeof(cmd), + "ip netns exec %s ss -tOni | grep -q '%s'", + NS_TEST, "tcp-ulp-mptcp"); + if (!ASSERT_OK(system(cmd), "No tcp-ulp-mptcp found!")) + err++; + + snprintf(cmd, sizeof(cmd), + "ip netns exec %s nstat -asz %s | awk '%s' | grep -q '%s'", + NS_TEST, "MPTcpExtMPCapableSYNACKRX", + "NR==1 {next} {print $2}", "1"); + if (!ASSERT_OK(system(cmd), "No MPTcpExtMPCapableSYNACKRX found!")) + err++; + + return err; +} + +static int run_mptcpify(int cgroup_fd) +{ + int server_fd, client_fd, prog_fd, err = 0; + struct mptcpify *mptcpify_skel; + + mptcpify_skel = mptcpify__open_and_load(); + if (!ASSERT_OK_PTR(mptcpify_skel, "skel_open_load")) + return -EIO; + err = mptcpify__attach(mptcpify_skel); + if (!ASSERT_OK(err, "skel_attach")) + goto out; + + prog_fd = bpf_program__fd(mptcpify_skel->progs.mptcpify); + if (!ASSERT_GE(prog_fd, 0, "bpf_program__fd")) { + err = -EIO; + goto out; + } + + /* without MPTCP */ + server_fd = start_server(AF_INET, SOCK_STREAM, NULL, 0, 0); + if (!ASSERT_GE(server_fd, 0, "start_server")) { + err = -EIO; + goto out; + } + + client_fd = connect_to_fd(server_fd, 0); + if (!ASSERT_GE(client_fd, 0, "connect to fd")) { + err = -EIO; + goto close_server; + } + + send_byte(client_fd); + err += verify_mptcpify(); + + close(client_fd); +close_server: + close(server_fd); +out: + mptcpify__destroy(mptcpify_skel); + return err; +} + +static void test_mptcpify(void) +{ + struct nstoken *nstoken = NULL; + int cgroup_fd; + + cgroup_fd = test__join_cgroup("/mptcpify"); + if (!ASSERT_GE(cgroup_fd, 0, "test__join_cgroup")) + return; + + nstoken = create_netns(); + if (!ASSERT_OK_PTR(nstoken, "create_netns")) + goto fail; + + ASSERT_OK(run_mptcpify(cgroup_fd), "run_mptcpify"); + +fail: + cleanup_netns(nstoken); close(cgroup_fd); } @@ -186,4 +292,6 @@ void test_mptcp(void) { if (test__start_subtest("base")) test_base(); + if (test__start_subtest("mptcpify")) + test_mptcpify(); } diff --git a/tools/testing/selftests/bpf/progs/mptcpify.c b/tools/testing/selftests/bpf/progs/mptcpify.c new file mode 100644 index 000000000000..c5e5b27ac3df --- /dev/null +++ b/tools/testing/selftests/bpf/progs/mptcpify.c @@ -0,0 +1,26 @@ +// SPDX-License-Identifier: GPL-2.0 +/* Copyright (c) 2023, SUSE. */ + +#include <linux/bpf.h> +#include <bpf/bpf_helpers.h> +#include "bpf_tcp_helpers.h" + +char _license[] SEC("license") = "GPL"; + +#define AF_INET 2 +#define AF_INET6 10 +#define SOCK_STREAM 1 +#define IPPROTO_TCP 6 +#define IPPROTO_MPTCP 262 + +SEC("fmod_ret/update_socket_protocol") +int BPF_PROG(mptcpify, int family, int type, int protocol) +{ + if ((family == AF_INET || family == AF_INET6) && + type == SOCK_STREAM && + (!protocol || protocol == IPPROTO_TCP)) { + return IPPROTO_MPTCP; + } + + return protocol; +} -- 2.35.3

1 year, 4 months

2
1
0 0

[PATCH v11 0/7] Add IO page table replacement support

by Nicolin Chen

[ This series depends on the VFIO device cdev series ] Changelog v11: * Added Reviewed-by from Kevin * Dropped 'rc' in iommufd_access_detach() * Dropped a duplicated IS_ERR check at new_ioas * Separate into a new patch the change in iommufd_access_destroy_object v10: https://lore.kernel.org/all/cover.1690488745.git.nicolinc@nvidia.com/ * Added Reviewed-by from Jason * Replaced the iommufd_ref_to_user call with refcount_inc * Added a wrapper iommufd_access_change_ioas_id and used it in the iommufd_access_attach() and iommufd_access_replace() APIs v9: https://lore.kernel.org/all/cover.1690440730.git.nicolinc@nvidia.com/ * Rebased on top of Jason's iommufd for-next tree * Added Reviewed-by from Jason and Alex * Reworked the replace API patches * Added a new patch allowing passing in to iopt_remove_access * Added a new patch of a helper function following Jason's design, mainly by blocking any concurrent detach/replace and keeping the refcount_dec at the end of the function * Added a call of the new helper in iommufd_access_destroy_object() to reduce race condition * Simplified the replace API patch v8: https://lore.kernel.org/all/cover.1690226015.git.nicolinc@nvidia.com/ * Rebased on top of Jason's iommufd_hwpt series and then cdev v15 series: https://lore.kernel.org/all/0-v8-6659224517ea+532-iommufd_alloc_jgg@nvidia.… https://lore.kernel.org/kvm/20230718135551.6592-1-yi.l.liu@intel.com/ * Changed the order of detach() and attach() in replace(), to fix a bug v7: https://lore.kernel.org/all/cover.1683593831.git.nicolinc@nvidia.com/ * Rebased on top of v6.4-rc1 and cdev v11 candidate * Fixed a wrong file in replace() API patch * Added Kevin's "Reviewed-by" to replace() API patch v6: https://lore.kernel.org/all/cover.1679939952.git.nicolinc@nvidia.com/ * Rebased on top of cdev v8 series https://lore.kernel.org/kvm/20230327094047.47215-1-yi.l.liu@intel.com/ * Added "Reviewed-by" from Kevin to PATCH-4 * Squashed access->ioas updating lines into iommufd_access_change_pt(), and changed function return type accordingly for simplification. v5: https://lore.kernel.org/all/cover.1679559476.git.nicolinc@nvidia.com/ * Kept the cmd->id in the iommufd_test_create_access() so the access can be created with an ioas by default. Then, renamed the previous ioctl IOMMU_TEST_OP_ACCESS_SET_IOAS to IOMMU_TEST_OP_ACCESS_REPLACE_IOAS, so it would be used to replace an access->ioas pointer. * Added iommufd_access_replace() API after the introductions of the other two APIs iommufd_access_attach() and iommufd_access_detach(). * Since vdev->iommufd_attached is also set in emulated pathway too, call iommufd_access_update(), similar to the physical pathway. v4: https://lore.kernel.org/all/cover.1678284812.git.nicolinc@nvidia.com/ * Rebased on top of Jason's series adding replace() and hwpt_alloc() https://lore.kernel.org/all/0-v2-51b9896e7862+8a8c-iommufd_alloc_jgg@nvidia… * Rebased on top of cdev series v6 https://lore.kernel.org/kvm/20230308132903.465159-1-yi.l.liu@intel.com/ * Dropped the patch that's moved to cdev series. * Added unmap function pointer sanity before calling it. * Added "Reviewed-by" from Kevin and Yi. * Added back the VFIO change updating the ATTACH uAPI. v3: https://lore.kernel.org/all/cover.1677288789.git.nicolinc@nvidia.com/ * Rebased on top of Jason's iommufd_hwpt branch: https://lore.kernel.org/all/0-v2-406f7ac07936+6a-iommufd_hwpt_jgg@nvidia.co… * Dropped patches from this series accordingly. There were a couple of VFIO patches that will be submitted after the VFIO cdev series. Also, renamed the series to be "emulated". * Moved dma_unmap sanity patch to the first in the series. * Moved dma_unmap sanity to cover both VFIO and IOMMUFD pathways. * Added Kevin's "Reviewed-by" to two of the patches. * Fixed a NULL pointer bug in vfio_iommufd_emulated_bind(). * Moved unmap() call to the common place in iommufd_access_set_ioas(). v2: https://lore.kernel.org/all/cover.1675802050.git.nicolinc@nvidia.com/ * Rebased on top of vfio_device cdev v2 series. * Update the kdoc and commit message of iommu_group_replace_domain(). * Dropped revert-to-core-domain part in iommu_group_replace_domain(). * Dropped !ops->dma_unmap check in vfio_iommufd_emulated_attach_ioas(). * Added missing rc value in vfio_iommufd_emulated_attach_ioas() from the iommufd_access_set_ioas() call. * Added a new patch in vfio_main to deny vfio_pin/unpin_pages() calls if vdev->ops->dma_unmap is not implemented. * Added a __iommmufd_device_detach helper and let the replace routine do a partial detach(). * Added restriction on auto_domains to use the replace feature. * Added the patch "iommufd/device: Make hwpt_list list_add/del symmetric" from the has_group removal series. v1: https://lore.kernel.org/all/cover.1675320212.git.nicolinc@nvidia.com/ Hi all, The existing IOMMU APIs provide a pair of functions: iommu_attach_group() for callers to attach a device from the default_domain (NULL if not being supported) to a given iommu domain, and iommu_detach_group() for callers to detach a device from a given domain to the default_domain. Internally, the detach_dev op is deprecated for the newer drivers with default_domain. This means that those drivers likely can switch an attaching domain to another one, without stagging the device at a blocking or default domain, for use cases such as: 1) vPASID mode, when a guest wants to replace a single pasid (PASID=0) table with a larger table (PASID=N) 2) Nesting mode, when switching the attaching device from an S2 domain to an S1 domain, or when switching between relevant S1 domains. This series is rebased on top of Jason Gunthorpe's series that introduces iommu_group_replace_domain API and IOMMUFD infrastructure for the IOMMUFD "physical" devices. The IOMMUFD "emulated" deivces will need some extra steps to replace the access->ioas object and its iopt pointer. You can also find this series on Github: https://github.com/nicolinc/iommufd/commits/iommu_group_replace_domain-v11 Thank you Nicolin Chen Nicolin Chen (7): vfio: Do not allow !ops->dma_unmap in vfio_pin/unpin_pages() iommufd: Allow passing in iopt_access_list_id to iopt_remove_access() iommufd: Add iommufd_access_change_ioas(_id) helpers iommufd: Use iommufd_access_change_ioas in iommufd_access_destroy_object iommufd: Add iommufd_access_replace() API iommufd/selftest: Add IOMMU_TEST_OP_ACCESS_REPLACE_IOAS coverage vfio: Support IO page table replacement drivers/iommu/iommufd/device.c | 128 ++++++++++++------ drivers/iommu/iommufd/io_pagetable.c | 6 +- drivers/iommu/iommufd/iommufd_private.h | 3 +- drivers/iommu/iommufd/iommufd_test.h | 4 + drivers/iommu/iommufd/selftest.c | 19 +++ drivers/vfio/iommufd.c | 11 +- drivers/vfio/vfio_main.c | 4 + include/linux/iommufd.h | 1 + include/uapi/linux/vfio.h | 6 + tools/testing/selftests/iommu/iommufd.c | 29 +++- tools/testing/selftests/iommu/iommufd_utils.h | 19 +++ 11 files changed, 179 insertions(+), 51 deletions(-) -- 2.41.0

1 year, 4 months

2
10
0 0

[PATCH v2 2/2] selftests: mm: add KSM_MERGE_TIME tests

by Ayush Jain

add KSM_MERGE_TIME and KSM_MERGE_TIME_HUGE_PAGES tests with size of 100. ./run_vmtests.sh -t ksm ----------------------------- running ./ksm_tests -H -s 100 ----------------------------- Number of normal pages: 0 Number of huge pages: 50 Total size: 100 MiB Total time: 0.399844662 s Average speed: 250.097 MiB/s [PASS] ----------------------------- running ./ksm_tests -P -s 100 ----------------------------- Total size: 100 MiB Total time: 0.451931496 s Average speed: 221.272 MiB/s [PASS] Signed-off-by: Ayush Jain <ayush.jain3(a)amd.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> --- v1 -> v2 collect Reviewed-by from David tools/testing/selftests/mm/run_vmtests.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/mm/run_vmtests.sh b/tools/testing/selftests/mm/run_vmtests.sh index 3f26f6e15b2a..ca3738e042c2 100755 --- a/tools/testing/selftests/mm/run_vmtests.sh +++ b/tools/testing/selftests/mm/run_vmtests.sh @@ -262,6 +262,10 @@ CATEGORY="madv_populate" run_test ./madv_populate CATEGORY="memfd_secret" run_test ./memfd_secret +# KSM KSM_MERGE_TIME_HUGE_PAGES test with size of 100 +CATEGORY="ksm" run_test ./ksm_tests -H -s 100 +# KSM KSM_MERGE_TIME test with size of 100 +CATEGORY="ksm" run_test ./ksm_tests -P -s 100 # KSM MADV_MERGEABLE test with 10 identical pages CATEGORY="ksm" run_test ./ksm_tests -M -p 10 # KSM unmerge test -- 2.34.1

1 year, 4 months

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror July 2023