July 2023 - Linux-kselftest-mirror

[PATCH v3 00/17] iommufd: Add nesting infrastructure

by Yi Liu

Nested translation is a hardware feature that is supported by many modern IOMMU hardwares. It has two stages (stage-1, stage-2) address translation to get access to the physical address. stage-1 translation table is owned by userspace (e.g. by a guest OS), while stage-2 is owned by kernel. Changes to stage-1 translation table should be followed by an IOTLB invalidation. Take Intel VT-d as an example, the stage-1 translation table is I/O page table. As the below diagram shows, guest I/O page table pointer in GPA (guest physical address) is passed to host and be used to perform the stage-1 address translation. Along with it, modifications to present mappings in the guest I/O page table should be followed with an IOTLB invalidation. .-------------. .---------------------------. | vIOMMU | | Guest I/O page table | | | '---------------------------' .----------------/ | PASID Entry |--- PASID cache flush --+ '-------------' | | | V | | I/O page table pointer in GPA '-------------' Guest ------| Shadow |---------------------------|-------- v v v Host .-------------. .------------------------. | pIOMMU | | FS for GIOVA->GPA | | | '------------------------' .----------------/ | | PASID Entry | V (Nested xlate) '----------------\.----------------------------------. | | | SS for GPA->HPA, unmanaged domain| | | '----------------------------------' '-------------' Where: - FS = First stage page tables - SS = Second stage page tables <Intel VT-d Nested translation> In IOMMUFD, all the translation tables are tracked by hw_pagetable (hwpt) and each has an iommu_domain allocated from iommu driver. So in this series hw_pagetable and iommu_domain means the same thing if no special note. IOMMUFD has already supported allocating hw_pagetable that is linked with an IOAS. However, nesting requires IOMMUFD to allow allocating hw_pagetable with driver specific parameters and interface to sync stage-1 IOTLB as user owns the stage-1 translation table. This series is based on the iommu hw info reporting series [1]. It first introduces new iommu op for allocating domains with user data and the op for invalidate stage-1 IOTLB, and then extend the IOMMUFD internal infrastructure to accept user_data and parent hwpt, then relay the data to iommu core to allocate user iommu_domain. After it, extends the ioctl IOMMU_HWPT_ALLOC to accept user data and stage-2 hwpt ID to allocate hwpt. Along with it, ioctl IOMMU_HWPT_INVALIDATE is added to invalidate stage-1 IOTLB. This is needed for user-managed hwpts. Selftest is added as well to cover the new ioctls. Complete code can be found in [2], QEMU could can be found in [3]. At last, this is a team work together with Nicolin Chen, Lu Baolu. Thanks them for the help. ^_^. Look forward to your feedbacks. [1] https://lore.kernel.org/linux-iommu/20230724105936.107042-1-yi.l.liu@intel.… [2] https://github.com/yiliu1765/iommufd/tree/iommufd_nesting [3] https://github.com/yiliu1765/qemu/tree/wip/iommufd_rfcv4_nesting Change log: v3: - Add new uAPI things in alphabetical order - Pass in "enum iommu_hwpt_type hwpt_type" to op->domain_alloc_user for sanity, replacing the previous op->domain_alloc_user_data_len solution - Return ERR_PTR from domain_alloc_user instead of NULL - Only add IOMMU_RESV_SW_MSI to kernel-managed HWPT in nested translation (Kevin) - Add IOMMU_RESV_IOVA_RANGES to report resv iova ranges to userspace hence userspace is able to exclude the ranges in the stage-1 HWPT (e.g. guest I/O page table). (Kevin) - Add selftest coverage for the new IOMMU_RESV_IOVA_RANGES ioctl - Minor changes per Kevin's inputs v2: https://lore.kernel.org/linux-iommu/20230511143844.22693-1-yi.l.liu@intel.c… - Add union iommu_domain_user_data to include all user data structures to avoid passing void * in kernel APIs. - Add iommu op to return user data length for user domain allocation - Rename struct iommu_hwpt_alloc::data_type to be hwpt_type - Store the invalidation data length in iommu_domain_ops::cache_invalidate_user_data_len - Convert cache_invalidate_user op to be int instead of void - Remove @data_type in struct iommu_hwpt_invalidate - Remove out_hwpt_type_bitmap in struct iommu_hw_info hence drop patch 08 of v1 v1: https://lore.kernel.org/linux-iommu/20230309080910.607396-1-yi.l.liu@intel.… Thanks, Yi Liu Lu Baolu (2): iommu: Add new iommu op to create domains owned by userspace iommu: Add nested domain support Nicolin Chen (6): iommufd/hw_pagetable: Do not populate user-managed hw_pagetables iommufd: Only enforce IOMMU_RESV_SW_MSI when attaching user-managed HWPT iommufd/selftest: Add domain_alloc_user() support in iommu mock iommufd/selftest: Add coverage for IOMMU_HWPT_ALLOC with user data iommufd/selftest: Add IOMMU_TEST_OP_MD_CHECK_IOTLB test op iommufd/selftest: Add coverage for IOMMU_HWPT_INVALIDATE ioctl Yi Liu (9): iommufd/hw_pagetable: Use domain_alloc_user op for domain allocation iommufd: Pass in hwpt_type/parent/user_data to iommufd_hw_pagetable_alloc() iommufd: Add IOMMU_RESV_IOVA_RANGES iommufd: IOMMU_HWPT_ALLOC allocation with user data iommufd: Add IOMMU_HWPT_INVALIDATE iommufd/selftest: Add a helper to get test device iommufd/selftest: Add IOMMU_TEST_OP_DEV_[ADD|DEL]_RESERVED to add/del reserved regions to selftest device iommufd/selftest: Add .get_resv_regions() for mock_dev iommufd/selftest: Add coverage for IOMMU_RESV_IOVA_RANGES drivers/iommu/iommufd/device.c | 9 +- drivers/iommu/iommufd/hw_pagetable.c | 181 +++++++++++- drivers/iommu/iommufd/io_pagetable.c | 5 +- drivers/iommu/iommufd/iommufd_private.h | 20 +- drivers/iommu/iommufd/iommufd_test.h | 36 +++ drivers/iommu/iommufd/main.c | 59 +++- drivers/iommu/iommufd/selftest.c | 266 ++++++++++++++++-- include/linux/iommu.h | 34 +++ include/uapi/linux/iommufd.h | 96 ++++++- tools/testing/selftests/iommu/iommufd.c | 224 ++++++++++++++- tools/testing/selftests/iommu/iommufd_utils.h | 70 +++++ 11 files changed, 958 insertions(+), 42 deletions(-) -- 2.34.1

1 year, 2 months

5
65
0 0

[PATCH] selftests: riscv: Fix compilation error with vstate_exec_nolibc.c

by Alexandre Ghiti

The following error happens: In file included from vstate_exec_nolibc.c:2: /usr/include/riscv64-linux-gnu/sys/prctl.h:42:12: error: conflicting types for ‘prctl’; h ave ‘int(int, ...)’ 42 | extern int prctl (int __option, ...) __THROW; | ^~~~~ In file included from ./../../../../include/nolibc/nolibc.h:99, from <command-line>: ./../../../../include/nolibc/sys.h:892:5: note: previous definition of ‘prctl’ with type ‘int(int, long unsigned int, long unsigned int, long unsigned int, long unsigned int) ’ 892 | int prctl(int option, unsigned long arg2, unsigned long arg3, | ^~~~~ Fix this by not including <sys/prctl.h>, which is not needed here since prctl syscall is directly called using its number. Fixes: 7cf6198ce22d ("selftests: Test RISC-V Vector prctl interface") Signed-off-by: Alexandre Ghiti <alexghiti(a)rivosinc.com> --- tools/testing/selftests/riscv/vector/vstate_exec_nolibc.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/tools/testing/selftests/riscv/vector/vstate_exec_nolibc.c b/tools/testing/selftests/riscv/vector/vstate_exec_nolibc.c index 5cbc392944a6..2c0d2b1126c1 100644 --- a/tools/testing/selftests/riscv/vector/vstate_exec_nolibc.c +++ b/tools/testing/selftests/riscv/vector/vstate_exec_nolibc.c @@ -1,6 +1,4 @@ // SPDX-License-Identifier: GPL-2.0-only -#include <sys/prctl.h> - #define THIS_PROGRAM "./vstate_exec_nolibc" int main(int argc, char **argv) -- 2.39.2

1 year, 2 months

3
2
0 0

[RFC PATCH 0/3] memfd: cleanups for vm.memfd_noexec

by Aleksa Sarai

It seems that the most critical issue with vm.memfd_noexec=2 (the fact that passing MFD_EXEC would bypass it entirely[1]) has been fixed in Andrew's tree[2], but there are still some outstanding issues that need to be addressed: * The dmesg warnings are pr_warn_once, which on most systems means that they will be used up by systemd or some other boot process and userspace developers will never see it. The original patch posted to the ML used pr_warn_ratelimited but the merged patch had it changed (with a comment about it being "per review"), but given that the current warnings are useless, pr_warn_ratelimited makes far more sense. * vm.memfd_noexec=2 shouldn't reject old-style memfd_create(2) syscalls because it will make it far to difficult to ever migrate. Instead it should imply MFD_EXEC. * The racheting mechanism for vm.memfd_noexec doesn't make sense as a security mechanism because a CAP_SYS_ADMIN capable user can create executable binaries in a hidden tmpfs very easily, not to mention the many other things they can do. * The memfd selftests would not exit with a non-zero error code when certain tests that ran in a forked process (specifically the ones related to MFD_EXEC and MFD_NOEXEC_SEAL) failed. (This patchset is based on top of Jeff Xu's patches[2] fixing the MFD_EXEC bug in vm.memfd_noexec=2.) [1]: https://lore.kernel.org/all/ZJwcsU0vI-nzgOB_@codewreck.org/ [2]: https://lore.kernel.org/all/20230705063315.3680666-1-jeffxu@google.com/ Aleksa Sarai (3): memfd: cleanups for vm.memfd_noexec handling memfd: remove racheting feature from vm.memfd_noexec selftests: memfd: error out test process when child test fails include/linux/pid_namespace.h | 16 +++------ kernel/pid_sysctl.h | 7 ---- mm/memfd.c | 32 +++++++---------- tools/testing/selftests/memfd/memfd_test.c | 41 ++++++++++++++++++---- 4 files changed, 51 insertions(+), 45 deletions(-) -- 2.41.0

1 year, 2 months

3
17
0 0

[RFC bpf-next v7 0/6] bpf: Force to MPTCP

by Geliang Tang

As is described in the "How to use MPTCP?" section in MPTCP wiki [1]: "Your app should create sockets with IPPROTO_MPTCP as the proto: ( socket(AF_INET, SOCK_STREAM, IPPROTO_MPTCP); ). Legacy apps can be forced to create and use MPTCP sockets instead of TCP ones via the mptcpize command bundled with the mptcpd daemon." But the mptcpize (LD_PRELOAD technique) command has some limitations [2]: - it doesn't work if the application is not using libc (e.g. GoLang apps) - in some envs, it might not be easy to set env vars / change the way apps are launched, e.g. on Android - mptcpize needs to be launched with all apps that want MPTCP: we could have more control from BPF to enable MPTCP only for some apps or all the ones of a netns or a cgroup, etc. - it is not in BPF, we cannot talk about it at netdev conf. So this patchset attempts to use BPF to implement functions similer to mptcpize. The main idea is to add a hook in sys_socket() to change the protocol id from IPPROTO_TCP (or 0) to IPPROTO_MPTCP. [1] https://github.com/multipath-tcp/mptcp_net-next/wiki [2] https://github.com/multipath-tcp/mptcp_net-next/issues/79 v7: - add __weak and __diag_* for update_socket_protocol. v6: - add update_socket_protocol. v5: - add bpf_mptcpify helper. v4: - use lsm_cgroup/socket_create v3: - patch 8: char cmd[128]; -> char cmd[256]; v2: - Fix build selftests errors reported by CI Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/79 Geliang Tang (6): net: socket: add update_socket_protocol hook bpf: Register mptcp modret set selftests/bpf: Add mptcpify program selftests/bpf: use random netns name for mptcp selftests/bpf: add two mptcp netns helpers selftests/bpf: Add mptcpify selftest net/mptcp/bpf.c | 17 +++ net/socket.c | 26 ++++ .../testing/selftests/bpf/prog_tests/mptcp.c | 125 ++++++++++++++++-- tools/testing/selftests/bpf/progs/mptcpify.c | 25 ++++ 4 files changed, 184 insertions(+), 9 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/mptcpify.c -- 2.35.3

1 year, 2 months

4
11
0 0

[PATCH 0/4] Use TAP in some more x86 KVM selftests

by Thomas Huth

Here's a follow-up from my RFC series last year: https://lore.kernel.org/lkml/20221004093131.40392-1-thuth@redhat.com/T/ Basic idea of this series is now to use the kselftest_harness.h framework to get TAP output in the tests, so that it is easier for the user to see what is going on, and e.g. to be able to detect whether a certain test is part of the test binary or not (which is useful when tests get extended in the course of time). Thomas Huth (4): KVM: selftests: Rename the ASSERT_EQ macro KVM: selftests: x86: Use TAP interface in the sync_regs test KVM: selftests: x86: Use TAP interface in the fix_hypercall test KVM: selftests: x86: Use TAP interface in the userspace_msr_exit test .../selftests/kvm/aarch64/aarch32_id_regs.c | 8 +- .../selftests/kvm/aarch64/page_fault_test.c | 10 +- .../testing/selftests/kvm/include/test_util.h | 4 +- tools/testing/selftests/kvm/lib/kvm_util.c | 2 +- .../selftests/kvm/max_guest_memory_test.c | 2 +- tools/testing/selftests/kvm/s390x/cmma_test.c | 62 +++++----- tools/testing/selftests/kvm/s390x/memop.c | 6 +- tools/testing/selftests/kvm/s390x/tprot.c | 4 +- .../x86_64/dirty_log_page_splitting_test.c | 18 +-- .../x86_64/exit_on_emulation_failure_test.c | 2 +- .../selftests/kvm/x86_64/fix_hypercall_test.c | 16 ++- .../kvm/x86_64/nested_exceptions_test.c | 12 +- .../kvm/x86_64/recalc_apic_map_test.c | 6 +- .../selftests/kvm/x86_64/sync_regs_test.c | 113 +++++++++++++++--- .../selftests/kvm/x86_64/tsc_msrs_test.c | 32 ++--- .../kvm/x86_64/userspace_msr_exit_test.c | 19 +-- .../vmx_exception_with_invalid_guest_state.c | 2 +- .../selftests/kvm/x86_64/vmx_pmu_caps_test.c | 3 +- .../selftests/kvm/x86_64/xapic_state_test.c | 8 +- .../selftests/kvm/x86_64/xen_vmcall_test.c | 20 ++-- 20 files changed, 218 insertions(+), 131 deletions(-) -- 2.39.3

1 year, 2 months

3
11
0 0

[PATCH v1] tools: remove duplicate assignment

by Minjie Du

Fix: make 'nodep' remove duplicate assignment Signed-off-by: Minjie Du <duminjie(a)vivo.com> --- tools/testing/selftests/kvm/lib/sparsebit.c | 1 - 1 file changed, 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/sparsebit.c b/tools/testing/selftests/kvm/lib/sparsebit.c index 50e0cf41a..88cb6b84e 100644 --- a/tools/testing/selftests/kvm/lib/sparsebit.c +++ b/tools/testing/selftests/kvm/lib/sparsebit.c @@ -634,7 +634,6 @@ static void node_reduce(struct sparsebit *s, struct node *nodep) tmp = node_prev(s, nodep); node_rm(s, nodep); - nodep = NULL; nodep = tmp; reduction_performed = true; -- 2.39.0

1 year, 2 months

2
1
0 0

[PATCH] KVM: selftests: use unified time type for comparison

by Bibo Mao

With test case kvm_page_table_test, start time is acquired with time type CLOCK_MONOTONIC_RAW, however end time in function timespec_elapsed is acquired with time type CLOCK_MONOTONIC. This will cause inaccurate elapsed time calculation on some platform such as LoongArch. This patch modified test case kvm_page_table_test, and uses unified time type CLOCK_MONOTONIC for start time. Signed-off-by: Bibo Mao <maobibo(a)loongson.cn> --- tools/testing/selftests/kvm/kvm_page_table_test.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/kvm/kvm_page_table_test.c b/tools/testing/selftests/kvm/kvm_page_table_test.c index b3b00be1ef82..69f26d80c821 100644 --- a/tools/testing/selftests/kvm/kvm_page_table_test.c +++ b/tools/testing/selftests/kvm/kvm_page_table_test.c @@ -200,7 +200,7 @@ static void *vcpu_worker(void *data) if (READ_ONCE(host_quit)) return NULL; - clock_gettime(CLOCK_MONOTONIC_RAW, &start); + clock_gettime(CLOCK_MONOTONIC, &start); ret = _vcpu_run(vcpu); ts_diff = timespec_elapsed(start); @@ -367,7 +367,7 @@ static void run_test(enum vm_guest_mode mode, void *arg) /* Test the stage of KVM creating mappings */ *current_stage = KVM_CREATE_MAPPINGS; - clock_gettime(CLOCK_MONOTONIC_RAW, &start); + clock_gettime(CLOCK_MONOTONIC, &start); vcpus_complete_new_stage(*current_stage); ts_diff = timespec_elapsed(start); @@ -380,7 +380,7 @@ static void run_test(enum vm_guest_mode mode, void *arg) *current_stage = KVM_UPDATE_MAPPINGS; - clock_gettime(CLOCK_MONOTONIC_RAW, &start); + clock_gettime(CLOCK_MONOTONIC, &start); vcpus_complete_new_stage(*current_stage); ts_diff = timespec_elapsed(start); @@ -392,7 +392,7 @@ static void run_test(enum vm_guest_mode mode, void *arg) *current_stage = KVM_ADJUST_MAPPINGS; - clock_gettime(CLOCK_MONOTONIC_RAW, &start); + clock_gettime(CLOCK_MONOTONIC, &start); vcpus_complete_new_stage(*current_stage); ts_diff = timespec_elapsed(start); -- 2.27.0

1 year, 2 months

3
3
0 0

[PATCH v1 01/11] selftests: forwarding: custom_multipath_hash.sh: add cleanup for SIGTERM sent by timeout

by Mirsad Todorovac

Add trap and cleanup for SIGTERM sent by timeout and SIGINT from keyboard, for the test times out and leaves incoherent network stack. Fixes: 511e8db54036c ("selftests: forwarding: Add test for custom multipath hash") Cc: Ido Schimmel <idosch(a)nvidia.com> Cc: netdev(a)vger.kernel.org --- tools/testing/selftests/net/forwarding/custom_multipath_hash.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh b/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh index 56eb83d1a3bd..c7ab883d2515 100755 --- a/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh +++ b/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh @@ -363,7 +363,7 @@ custom_hash() custom_hash_v6 } -trap cleanup EXIT +trap cleanup INT TERM EXIT setup_prepare setup_wait -- 2.34.1

1 year, 2 months

3
36
0 0

[PATCH v4 0/4] kernel.h: Split out a couple of macros to args.h

by Andy Shevchenko

There are macros in kernel.h that can be used outside of that header. Split them to args.h and replace open coded variants. Test compiled with `make allmodconfig` for x86_64. Test cross-compiled with `make multi_v7_defconfig` for arm. (Note that positive diff statistics is due to documentation being updated.) In v4: - fixed compilation error on arm (LKP, Stephen) In v3: - split to a series of patches - fixed build issue on `make allmodconfig` for x86_64 (Andrew) In v2: - converted existing users at the same time (Andrew, Rasmus) - documented how it does work (Andrew, Rasmus) Andy Shevchenko (4): kernel.h: Split out COUNT_ARGS() and CONCATENATE() to args.h x86/asm: Replace custom COUNT_ARGS() & CONCATENATE() implementations arm64: smccc: Replace custom COUNT_ARGS() & CONCATENATE() implementations genetlink: Replace custom CONCATENATE() implementation arch/x86/include/asm/rmwcc.h | 11 ++--- include/kunit/test.h | 1 + include/linux/args.h | 28 +++++++++++++ include/linux/arm-smccc.h | 69 ++++++++++++++----------------- include/linux/genl_magic_func.h | 27 ++++++------ include/linux/genl_magic_struct.h | 8 ++-- include/linux/kernel.h | 7 ---- include/linux/pci.h | 2 +- include/trace/bpf_probe.h | 2 + 9 files changed, 84 insertions(+), 71 deletions(-) create mode 100644 include/linux/args.h -- 2.40.0.1.gaa8946217a0b

1 year, 2 months

3
7
0 0

[PATCH v4 bpf 0/2] bpf: return proper error codes for lwt redirect

by Yan Zhai

lwt xmit hook does not expect positive return values in function ip_finish_output2 and ip6_finish_output2. However, BPF redirect programs can return positive values such like NET_XMIT_DROP, NET_RX_DROP, and etc as errors. Such return values can panic the kernel unexpectedly: https://gist.github.com/zhaiyan920/8fbac245b261fe316a7ef04c9b1eba48 This patch fixes the return values from BPF redirect, so the error handling would be consistent at xmit hook. It also adds a few test cases to prevent future regressions. v3: https://lore.kernel.org/bpf/cover.1690255889.git.yan@cloudflare.com/ v2: https://lore.kernel.org/netdev/ZLdY6JkWRccunvu0@debian.debian/ v1: https://lore.kernel.org/bpf/ZLbYdpWC8zt9EJtq@debian.debian/ changes since v3: * minor change in commit message and changelogs * tested by Jakub Sitnicki changes since v2: * subject name changed * also covered redirect to ingress case * added selftests changes since v1: * minor code style changes Yan Zhai (2): bpf: fix skb_do_redirect return values bpf: selftests: add lwt redirect regression test cases include/linux/netdevice.h | 2 + net/core/filter.c | 9 +- tools/testing/selftests/bpf/Makefile | 1 + .../selftests/bpf/progs/test_lwt_redirect.c | 66 +++++++ .../selftests/bpf/test_lwt_redirect.sh | 174 ++++++++++++++++++ 5 files changed, 250 insertions(+), 2 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/test_lwt_redirect.c create mode 100755 tools/testing/selftests/bpf/test_lwt_redirect.sh -- 2.30.2

1 year, 2 months

5
19
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror July 2023