December 2024 - Linux-kselftest-mirror

by Stanislav Kinsburskii

The new option controls tests run on boot or module load. With the new debugfs "run" dentry allowing to run tests on demand, an ability to disable automatic tests run becomes a useful option in case of intrusive tests. The option is set to true by default to preserve the existent behavior. It can be overridden by either the corresponding module option or by the corresponding config build option. Signed-off-by: Stanislav Kinsburskii <skinsburskii(a)linux.microsoft.com> --- include/kunit/test.h | 4 +++- lib/kunit/Kconfig | 12 ++++++++++++ lib/kunit/debugfs.c | 2 +- lib/kunit/executor.c | 18 +++++++++++++++++- lib/kunit/test.c | 6 ++++-- 5 files changed, 37 insertions(+), 5 deletions(-) diff --git a/include/kunit/test.h b/include/kunit/test.h index 34b71e42fb10..58dbab60f853 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -312,6 +312,7 @@ static inline void kunit_set_failure(struct kunit *test) } bool kunit_enabled(void); +bool kunit_autorun(void); const char *kunit_action(void); const char *kunit_filter_glob(void); char *kunit_filter(void); @@ -334,7 +335,8 @@ kunit_filter_suites(const struct kunit_suite_set *suite_set, int *err); void kunit_free_suite_set(struct kunit_suite_set suite_set); -int __kunit_test_suites_init(struct kunit_suite * const * const suites, int num_suites); +int __kunit_test_suites_init(struct kunit_suite * const * const suites, int num_suites, + bool run_tests); void __kunit_test_suites_exit(struct kunit_suite **suites, int num_suites); diff --git a/lib/kunit/Kconfig b/lib/kunit/Kconfig index 34d7242d526d..a97897edd964 100644 --- a/lib/kunit/Kconfig +++ b/lib/kunit/Kconfig @@ -81,4 +81,16 @@ config KUNIT_DEFAULT_ENABLED In most cases this should be left as Y. Only if additional opt-in behavior is needed should this be set to N. +config KUNIT_AUTORUN_ENABLED + bool "Default value of kunit.autorun" + default y + help + Sets the default value of kunit.autorun. If set to N then KUnit + tests will not run after initialization unless kunit.autorun=1 is + passed to the kernel command line. The test can still be run manually + via debugfs interface. + + In most cases this should be left as Y. Only if additional opt-in + behavior is needed should this be set to N. + endif # KUNIT diff --git a/lib/kunit/debugfs.c b/lib/kunit/debugfs.c index d548750a325a..9df064f40d98 100644 --- a/lib/kunit/debugfs.c +++ b/lib/kunit/debugfs.c @@ -145,7 +145,7 @@ static ssize_t debugfs_run(struct file *file, struct inode *f_inode = file->f_inode; struct kunit_suite *suite = (struct kunit_suite *) f_inode->i_private; - __kunit_test_suites_init(&suite, 1); + __kunit_test_suites_init(&suite, 1, true); return count; } diff --git a/lib/kunit/executor.c b/lib/kunit/executor.c index 34b7b6833df3..340723571b0f 100644 --- a/lib/kunit/executor.c +++ b/lib/kunit/executor.c @@ -29,6 +29,22 @@ const char *kunit_action(void) return action_param; } +/* + * Run KUnit tests after initialization + */ +#ifdef CONFIG_KUNIT_AUTORUN_ENABLED +static bool autorun_param = true; +#else +static bool autorun_param; +#endif +module_param_named(autorun, autorun_param, bool, 0); +MODULE_PARM_DESC(autorun, "Run KUnit tests after initialization"); + +bool kunit_autorun(void) +{ + return autorun_param; +} + static char *filter_glob_param; static char *filter_param; static char *filter_action_param; @@ -266,7 +282,7 @@ void kunit_exec_run_tests(struct kunit_suite_set *suite_set, bool builtin) pr_info("1..%zu\n", num_suites); } - __kunit_test_suites_init(suite_set->start, num_suites); + __kunit_test_suites_init(suite_set->start, num_suites, kunit_autorun()); } void kunit_exec_list_tests(struct kunit_suite_set *suite_set, bool include_attr) diff --git a/lib/kunit/test.c b/lib/kunit/test.c index 089c832e3cdb..146d1b48a096 100644 --- a/lib/kunit/test.c +++ b/lib/kunit/test.c @@ -708,7 +708,8 @@ bool kunit_enabled(void) return enable_param; } -int __kunit_test_suites_init(struct kunit_suite * const * const suites, int num_suites) +int __kunit_test_suites_init(struct kunit_suite * const * const suites, int num_suites, + bool run_tests) { unsigned int i; @@ -731,7 +732,8 @@ int __kunit_test_suites_init(struct kunit_suite * const * const suites, int num_ for (i = 0; i < num_suites; i++) { kunit_init_suite(suites[i]); - kunit_run_tests(suites[i]); + if (run_tests) + kunit_run_tests(suites[i]); } static_branch_dec(&kunit_running);

5 months, 4 weeks

2
3
0 0

selftests: core: unshare_test: WARNING: at mm/util.c:671 __kvmalloc_node_noprof

by Naresh Kamboju

The following kernel warning is noticed on all arch and all devices while running selftests: core: unshare_test on Linux next-20240823 and next-20240826. First seen on next-20240823. Good: next-20240822 BAD: next-20240823 and next-20240826 Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> Crash log: -------- # selftests: core: unshare_test <4>[ 61.084149] ------------[ cut here ]------------ <4>[ 61.085175] WARNING: CPU: 0 PID: 477 at mm/util.c:671 __kvmalloc_node_noprof (mm/util.c:671 (discriminator 1)) <4>[ 61.088958] Modules linked in: crct10dif_ce sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 drm fuse backlight dm_mod ip_tables x_tables <4>[ 61.093141] CPU: 0 UID: 0 PID: 477 Comm: unshare_test Not tainted 6.11.0-rc5-next-20240826 #1 <4>[ 61.094558] Hardware name: linux,dummy-virt (DT) <4>[ 61.096763] pstate: 23400009 (nzCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) <4>[ 61.097841] pc : __kvmalloc_node_noprof (mm/util.c:671 (discriminator 1)) <4>[ 61.099701] lr : __kvmalloc_node_noprof (mm/util.c:661) <4>[ 61.100448] sp : ffff800080abbce0 <4>[ 61.100819] x29: ffff800080abbcf0 x28: fff0000004549280 x27: 0000000000000000 <4>[ 61.101744] x26: 0000000000000000 x25: 0000000000000000 x24: fff0000003615e40 <4>[ 61.102512] x23: fff0000003615ec0 x22: bfafa45863b285c8 x21: 0000000200002000 <4>[ 61.103232] x20: 00000000ffffffff x19: 0000000000400cc0 x18: 0000000000000000 <4>[ 61.104053] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 <4>[ 61.104927] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 <4>[ 61.105752] x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 <4>[ 61.106606] x8 : 0000000000000001 x7 : 0000000000000001 x6 : 0000000000000005 <4>[ 61.107377] x5 : 0000000000000000 x4 : fff0000004549280 x3 : 0000000000000000 <4>[ 61.108207] x2 : 0000000000000000 x1 : 000000007fffffff x0 : 0000000000000000 <4>[ 61.109262] Call trace: <4>[ 61.109619] __kvmalloc_node_noprof (mm/util.c:671 (discriminator 1)) <4>[ 61.110248] alloc_fdtable (fs/file.c:133) <4>[ 61.110751] expand_files (include/linux/atomic/atomic-arch-fallback.h:457 include/linux/atomic/atomic-instrumented.h:33 fs/file.c:177 fs/file.c:238) <4>[ 61.111171] ksys_dup3 (fs/file.c:1337) <4>[ 61.111596] __arm64_sys_dup3 (fs/file.c:1355) <4>[ 61.112006] invoke_syscall (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/syscall.c:54) <4>[ 61.112480] el0_svc_common.constprop.0 (include/linux/thread_info.h:127 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2)) <4>[ 61.112955] do_el0_svc (arch/arm64/kernel/syscall.c:152) <4>[ 61.113384] el0_svc (arch/arm64/include/asm/irqflags.h:55 arch/arm64/include/asm/irqflags.h:76 arch/arm64/kernel/entry-common.c:165 arch/arm64/kernel/entry-common.c:178 arch/arm64/kernel/entry-common.c:713) <4>[ 61.113742] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:731) <4>[ 61.115181] el0t_64_sync (arch/arm64/kernel/entry.S:598) <4>[ 61.115709] ---[ end trace 0000000000000000 ]--- Crash Log links, -------- - https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20240826/te… Crash failed comparison: ---------- - https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20240826/te… metadata: ---- git describe: next-20240823 and next-20240826 git repo: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next git sha: c79c85875f1af04040fe4492ed94ce37ad729c4d kernel config: https://storage.tuxsuite.com/public/linaro/lkft/builds/2l2pZRzhgRkPgXIKLJCI… artifact location: https://storage.tuxsuite.com/public/linaro/lkft/builds/2l2pZRzhgRkPgXIKLJCI… build url: https://storage.tuxsuite.com/public/linaro/lkft/builds/2l2pZRzhgRkPgXIKLJCI… toolchain: clang-18 and gcc-13 Steps to reproduce: --------- - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2l2paZVYTl… - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2l2paZVYTl… Please let me know if you need more information. -- Linaro LKFT https://lkft.linaro.org

6 months

2
2
0 0

[RFC PATCH v2 0/2] Add file seal to prevent future exec mappings

by Isaac J. Manjarres

Android uses the ashmem driver [1] for creating shared memory regions between processes. The ashmem driver exposes an ioctl command for processes to restrict the permissions an ashmem buffer can be mapped with. Buffers are created with the ability to be mapped as readable, writable, and executable. Processes remove the ability to map some ashmem buffers as executable to ensure that those buffers cannot be used to inject malicious code for another process to run. Other buffers retain their ability to be mapped as executable, as these buffers can be used for just-in-time (JIT) compilation. So there is a need to be able to remove the ability to map a buffer as executable on a per-buffer basis. Android is currently trying to migrate towards replacing its ashmem driver usage with memfd. Part of the transition involved introducing a library that serves to abstract away how shared memory regions are allocated (i.e. ashmem vs memfd). This allows clients to use a single interface for restricting how a buffer can be mapped without having to worry about how it is handled for ashmem (through the ioctl command mentioned earlier) or memfd (through file seals). While memfd has support for preventing buffers from being mapped as writable beyond a certain point in time (thanks to F_SEAL_FUTURE_WRITE), it does not have a similar interface to prevent buffers from being mapped as executable beyond a certain point. However, that could be implemented as a file seal (F_SEAL_FUTURE_EXEC) which works similarly to F_SEAL_FUTURE_WRITE. F_SEAL_FUTURE_WRITE was chosen as a template for how this new seal should behave, instead of F_SEAL_WRITE, for the following reasons: 1. Having the new seal behave like F_SEAL_FUTURE_WRITE matches the behavior that was present with ashmem. This aids in seamlessly transitioning clients away from ashmem to memfd. 2. Making the new seal behave like F_SEAL_WRITE would mean that no mappings that could become executable in the future (i.e. via mprotect()) can exist when the seal is applied. However, there are known cases (e.g. CursorWindow [2]) where restrictions are applied on how a buffer can be mapped after a mapping has already been made. That mapping may have VM_MAYEXEC set, which would not allow the seal to be applied successfully. Therefore, the F_SEAL_FUTURE_EXEC seal was designed to have the same semantics as F_SEAL_FUTURE_WRITE. Note: this series depends on Lorenzo's work [3], [4], [5] from Andrew Morton's mm-unstable branch [6], which reworks memfd's file seal checks, allowing for newer file seals to be implemented in a cleaner fashion. Changes from v1 ==> v2: - Changed the return code to be -EPERM instead of -EACCES when attempting to map an exec sealed file with PROT_EXEC to align to mmap()'s man page. Thank you Kalesh Singh for spotting this! - Rebased on top of Lorenzo's work to cleanup memfd file seal checks in mmap() ([3], [4], and [5]). Thank you for this Lorenzo! - Changed to deny PROT_EXEC mappings only if the mapping is shared, instead of for both shared and private mappings, after discussing this with Lorenzo. Opens: - Lorenzo brought up that this patch may negatively impact the usage of MFD_NOEXEC_SCOPE_NOEXEC_ENFORCED [7]. However, it is not clear to me why that is the case. At the moment, my intent is for the executable permissions of the file to be disjoint from the ability to create executable mappings. Links: [1] https://cs.android.com/android/kernel/superproject/+/common-android-mainlin… [2] https://developer.android.com/reference/android/database/CursorWindow [3] https://lore.kernel.org/all/cover.1732804776.git.lorenzo.stoakes@oracle.com/ [4] https://lkml.kernel.org/r/20241206212846.210835-1-lorenzo.stoakes@oracle.com [5] https://lkml.kernel.org/r/7dee6c5d-480b-4c24-b98e-6fa47dbd8a23@lucifer.local [6] https://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git/tree/?h=mm-unst… [7] https://lore.kernel.org/all/3a53b154-1e46-45fb-a559-65afa7a8a788@lucifer.lo… Links to previous versions: v1: https://lore.kernel.org/all/20241206010930.3871336-1-isaacmanjarres@google.… Isaac J. Manjarres (2): mm/memfd: Add support for F_SEAL_FUTURE_EXEC to memfd selftests/memfd: Add tests for F_SEAL_FUTURE_EXEC include/uapi/linux/fcntl.h | 1 + mm/memfd.c | 39 ++++++++++- tools/testing/selftests/memfd/memfd_test.c | 79 ++++++++++++++++++++++ 3 files changed, 118 insertions(+), 1 deletion(-) -- 2.47.1.613.gc27f4b7a9f-goog

6 months

2
3
0 0

[PATCH] landlock: ptrace_test: remove unused macros

by Ba Jing

After reviewing the code, it was found that these macros are never referenced in the code. Just remove them. Signed-off-by: Ba Jing <bajing(a)cmss.chinamobile.com> --- tools/testing/selftests/landlock/ptrace_test.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/tools/testing/selftests/landlock/ptrace_test.c b/tools/testing/selftests/landlock/ptrace_test.c index a19db4d0b3bd..8f31b673ff2d 100644 --- a/tools/testing/selftests/landlock/ptrace_test.c +++ b/tools/testing/selftests/landlock/ptrace_test.c @@ -22,8 +22,6 @@ /* Copied from security/yama/yama_lsm.c */ #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 -#define YAMA_SCOPE_CAPABILITY 2 -#define YAMA_SCOPE_NO_ATTACH 3 static void create_domain(struct __test_metadata *const _metadata) { -- 2.33.0

6 months

2
1
0 0

[PATCH 0/2] selftest: fix riscv/vector tests

by Yong-Xuan Wang

Add test counts and pass message to remove warning of riscv/vector tests. Yong-Xuan Wang (2): tools: selftests: riscv: Add pass message for v_initval_nolibc tools: selftests: riscv: Add test count for vstate_prctl tools/testing/selftests/riscv/vector/v_initval_nolibc.c | 4 ++++ tools/testing/selftests/riscv/vector/vstate_prctl.c | 2 ++ 2 files changed, 6 insertions(+) -- 2.17.1

6 months

5
6
0 0

[PATCH bpf-next v6 0/5] Support eliding map lookup nullness

by Daniel Xu

This patch allows progs to elide a null check on statically known map lookup keys. In other words, if the verifier can statically prove that the lookup will be in-bounds, allow the prog to drop the null check. This is useful for two reasons: 1. Large numbers of nullness checks (especially when they cannot fail) unnecessarily pushes prog towards BPF_COMPLEXITY_LIMIT_JMP_SEQ. 2. It forms a tighter contract between programmer and verifier. For (1), bpftrace is starting to make heavier use of percpu scratch maps. As a result, for user scripts with large number of unrolled loops, we are starting to hit jump complexity verification errors. These percpu lookups cannot fail anyways, as we only use static key values. Eliding nullness probably results in less work for verifier as well. For (2), percpu scratch maps are often used as a larger stack, as the currrent stack is limited to 512 bytes. In these situations, it is desirable for the programmer to express: "this lookup should never fail, and if it does, it means I messed up the code". By omitting the null check, the programmer can "ask" the verifier to double check the logic. === Changelog === Changes in v6: * Use is_spilled_scalar_reg() helper and remove unnecessary comment * Add back deleted selftest with different helper to dirty dst buffer * Check size of spill is exactly key_size and update selftests * Read slot_type from correct offset into the spi * Rewrite selftests in C where possible * Mark constant map keys as precise Changes in v5: * Dropped all acks * Use s64 instead of long for const_map_key * Ensure stack slot contains spilled reg before accessing spilled_ptr * Ensure spilled reg is a scalar before accessing tnum const value * Fix verifier selftest for 32-bit write to write at 8 byte alignment to ensure spill is tracked * Introduce more precise tracking of helper stack accesses * Do constant map key extraction as part of helper argument processing and then remove duplicated stack checks * Use ret_flag instead of regs[BPF_REG_0].type * Handle STACK_ZERO * Fix bug in bpf_load_hdr_opt() arg annotation Changes in v4: * Only allow for CAP_BPF * Add test for stack growing upwards * Improve comment about stack growing upwards Changes in v3: * Check if stack is (erroneously) growing upwards * Mention in commit message why existing tests needed change Changes in v2: * Added a check for when R2 is not a ptr to stack * Added a check for when stack is uninitialized (no stack slot yet) * Updated existing tests to account for null elision * Added test case for when R2 can be both const and non-const Daniel Xu (5): bpf: verifier: Add missing newline on verbose() call bpf: tcp: Mark bpf_load_hdr_opt() arg2 as read-write bpf: verifier: Refactor helper access type tracking bpf: verifier: Support eliding map lookup nullness bpf: selftests: verifier: Add nullness elision tests kernel/bpf/verifier.c | 139 +++++++++++---- net/core/filter.c | 2 +- .../testing/selftests/bpf/progs/dynptr_fail.c | 6 +- tools/testing/selftests/bpf/progs/iters.c | 14 +- .../selftests/bpf/progs/map_kptr_fail.c | 2 +- .../selftests/bpf/progs/test_global_func10.c | 2 +- .../selftests/bpf/progs/uninit_stack.c | 5 +- .../bpf/progs/verifier_array_access.c | 168 ++++++++++++++++++ .../bpf/progs/verifier_basic_stack.c | 2 +- .../selftests/bpf/progs/verifier_const_or.c | 4 +- .../progs/verifier_helper_access_var_len.c | 12 +- .../selftests/bpf/progs/verifier_int_ptr.c | 2 +- .../selftests/bpf/progs/verifier_map_in_map.c | 2 +- .../selftests/bpf/progs/verifier_mtu.c | 2 +- .../selftests/bpf/progs/verifier_raw_stack.c | 4 +- .../selftests/bpf/progs/verifier_unpriv.c | 2 +- .../selftests/bpf/progs/verifier_var_off.c | 8 +- tools/testing/selftests/bpf/verifier/calls.c | 2 +- .../testing/selftests/bpf/verifier/map_kptr.c | 2 +- 19 files changed, 311 insertions(+), 69 deletions(-) -- 2.47.1

6 months

2
6
0 0

[PATCH v2 0/2] KVM: x86: read the PML log in the same order it was written

by Maxim Levitsky

Reverse the order in which the PML log is read to align more closely to the hardware. It should not affect regular users of the dirty logging but it fixes a unit test specific assumption in the dirty_log_test dirty-ring mode. Best regards, Maxim Levitsky Maxim Levitsky (2): KVM: VMX: refactor PML terminology KVM: VMX: read the PML log in the same order as it was written arch/x86/kvm/vmx/main.c | 2 +- arch/x86/kvm/vmx/nested.c | 2 +- arch/x86/kvm/vmx/vmx.c | 32 ++++++++++++++++++++------------ arch/x86/kvm/vmx/vmx.h | 5 ++++- 4 files changed, 26 insertions(+), 15 deletions(-) -- 2.26.3

6 months

2
3
0 0

[PATCH] KVM: selftests: Add printf attribute to _no_printf()

by Reinette Chatre

From: Isaku Yamahata <isaku.yamahata(a)intel.com> Annotate the KVM selftests' _no_printf() with the printf format attribute so that the compiler can help check parameters provided to pr_debug() and pr_info() irrespective of DEBUG and QUIET being defined. [reinette: move attribute right after storage class, rework changelog] Signed-off-by: Isaku Yamahata <isaku.yamahata(a)intel.com> Signed-off-by: Reinette Chatre <reinette.chatre(a)intel.com> --- tools/testing/selftests/kvm/include/test_util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/include/test_util.h b/tools/testing/selftests/kvm/include/test_util.h index 3e473058849f..77d13d7920cb 100644 --- a/tools/testing/selftests/kvm/include/test_util.h +++ b/tools/testing/selftests/kvm/include/test_util.h @@ -22,7 +22,7 @@ #define msecs_to_usecs(msec) ((msec) * 1000ULL) -static inline int _no_printf(const char *format, ...) { return 0; } +static inline __printf(1, 2) int _no_printf(const char *format, ...) { return 0; } #ifdef DEBUG #define pr_debug(...) printf(__VA_ARGS__) -- 2.47.1

6 months

2
1
0 0

[PATCH] KVM: selftests: Remove unneeded semicolon

by Chen Ni

Remove unnecessary semicolons reported by Coccinelle/coccicheck and the semantic patch at scripts/coccinelle/misc/semicolon.cocci. Signed-off-by: Chen Ni <nichen(a)iscas.ac.cn> --- tools/testing/selftests/kvm/access_tracking_perf_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/access_tracking_perf_test.c b/tools/testing/selftests/kvm/access_tracking_perf_test.c index 3c7defd34f56..447e619cf856 100644 --- a/tools/testing/selftests/kvm/access_tracking_perf_test.c +++ b/tools/testing/selftests/kvm/access_tracking_perf_test.c @@ -239,7 +239,7 @@ static void vcpu_thread_main(struct memstress_vcpu_args *vcpu_args) case ITERATION_MARK_IDLE: mark_vcpu_memory_idle(vm, vcpu_args); break; - }; + } vcpu_last_completed_iteration[vcpu_idx] = current_iteration; } -- 2.25.1

6 months

2
1
0 0

[PATCH net-next v16 00/26] Introducing OpenVPN Data Channel Offload

by Antonio Quartulli

Notable changes since v15: * added IPV6 hack in Kconfig * switched doc '|' operator to '>-' in yaml netlink spec * added ovpn-mode doc to rt_link.yaml * implemented rtnl_link_ops.fill_info * removed ovpn_socket_detach() function because UDP and TCP detachment is now happening in different moments * reworked ovpn_socket lifetime: ** introduced ovpn_socket_release() that depending on transport proto will take the right step towards releasing the socket (check large comment on top of function for greater details) ** extended comments on various ovpn_socket* functions to ensure socket lifecycle is clear ** implemented kref_put_lock() to allow UDP sockets to be detached while holding socket lock ** acquired socket lock in ovpn_socket_new() to avoid race with detach (point above) ** socket is now released upon peer removal (not upon peer free!) * added convenient define OVPN_AAD_SIZE * renamed AUTH_TAG_SIZE to OVPN_AUTH_TAG_SIZE * s/dev_core_stats_rx_dropped_inc/dev_core_stats_tx_dropped_inc where needed * fixed some typos * moved tcp_close() call outside of rcu_read_lock area * moved ovpn_socket creation from ovpn_nl_peer_modify() to ovpn_nl_peer_new_doit() to make smatch happy (ovpn_socket_new() may have been called under spinlock, but it may sleep) * added support for MSG_NOSIGNAL flag in TCP calls (required extending the skb API) * improved TCP proto/ops customization (required exporting inet6_stream_ops) * changed kselftest tool (ovpn-cli.c) to pass MSG_NOSIGNAL to TCP send/recv calls. The ovpn_socket lifecycle changes above address the race conditions previously reported by Sabrina. Hopefully all though nuts have been cracked at this point. Please note that some patches were already reviewed by Andre Lunn, Donald Hunter and Shuah Khan. They have retained the Reviewed-by tag since no major code modification has happened since the review. The latest code can also be found at: https://github.com/OpenVPN/linux-kernel-ovpn Thanks a lot! Best Regards, Antonio Quartulli OpenVPN Inc. --- Antonio Quartulli (26): net: introduce OpenVPN Data Channel Offload (ovpn) ovpn: add basic netlink support ovpn: add basic interface creation/destruction/management routines ovpn: keep carrier always on for MP interfaces ovpn: introduce the ovpn_peer object kref/refcount: implement kref_put_sock() ovpn: introduce the ovpn_socket object ovpn: implement basic TX path (UDP) ovpn: implement basic RX path (UDP) ovpn: implement packet processing ovpn: store tunnel and transport statistics ipv6: export inet6_stream_ops via EXPORT_SYMBOL_GPL ovpn: implement TCP transport skb: implement skb_send_sock_locked_with_flags() ovpn: add support for MSG_NOSIGNAL in tcp_sendmsg ovpn: implement multi-peer support ovpn: implement peer lookup logic ovpn: implement keepalive mechanism ovpn: add support for updating local UDP endpoint ovpn: add support for peer floating ovpn: implement peer add/get/dump/delete via netlink ovpn: implement key add/get/del/swap via netlink ovpn: kill key and notify userspace in case of IV exhaustion ovpn: notify userspace when a peer is deleted ovpn: add basic ethtool support testing/selftests: add test tool and scripts for ovpn module Documentation/netlink/specs/ovpn.yaml | 372 +++ Documentation/netlink/specs/rt_link.yaml | 16 + MAINTAINERS | 11 + drivers/net/Kconfig | 15 + drivers/net/Makefile | 1 + drivers/net/ovpn/Makefile | 22 + drivers/net/ovpn/bind.c | 55 + drivers/net/ovpn/bind.h | 101 + drivers/net/ovpn/crypto.c | 211 ++ drivers/net/ovpn/crypto.h | 145 ++ drivers/net/ovpn/crypto_aead.c | 382 ++++ drivers/net/ovpn/crypto_aead.h | 33 + drivers/net/ovpn/io.c | 446 ++++ drivers/net/ovpn/io.h | 34 + drivers/net/ovpn/main.c | 350 +++ drivers/net/ovpn/main.h | 14 + drivers/net/ovpn/netlink-gen.c | 213 ++ drivers/net/ovpn/netlink-gen.h | 41 + drivers/net/ovpn/netlink.c | 1178 ++++++++++ drivers/net/ovpn/netlink.h | 18 + drivers/net/ovpn/ovpnstruct.h | 57 + drivers/net/ovpn/peer.c | 1256 +++++++++++ drivers/net/ovpn/peer.h | 159 ++ drivers/net/ovpn/pktid.c | 129 ++ drivers/net/ovpn/pktid.h | 87 + drivers/net/ovpn/proto.h | 118 + drivers/net/ovpn/skb.h | 60 + drivers/net/ovpn/socket.c | 237 ++ drivers/net/ovpn/socket.h | 45 + drivers/net/ovpn/stats.c | 21 + drivers/net/ovpn/stats.h | 47 + drivers/net/ovpn/tcp.c | 567 +++++ drivers/net/ovpn/tcp.h | 33 + drivers/net/ovpn/udp.c | 392 ++++ drivers/net/ovpn/udp.h | 23 + include/linux/kref.h | 11 + include/linux/refcount.h | 3 + include/linux/skbuff.h | 2 + include/uapi/linux/if_link.h | 15 + include/uapi/linux/ovpn.h | 111 + include/uapi/linux/udp.h | 1 + lib/refcount.c | 32 + net/core/skbuff.c | 18 +- net/ipv6/af_inet6.c | 1 + tools/testing/selftests/Makefile | 1 + tools/testing/selftests/net/ovpn/.gitignore | 2 + tools/testing/selftests/net/ovpn/Makefile | 17 + tools/testing/selftests/net/ovpn/config | 10 + tools/testing/selftests/net/ovpn/data64.key | 5 + tools/testing/selftests/net/ovpn/ovpn-cli.c | 2366 ++++++++++++++++++++ tools/testing/selftests/net/ovpn/tcp_peers.txt | 5 + .../testing/selftests/net/ovpn/test-chachapoly.sh | 9 + tools/testing/selftests/net/ovpn/test-float.sh | 9 + tools/testing/selftests/net/ovpn/test-tcp.sh | 9 + tools/testing/selftests/net/ovpn/test.sh | 182 ++ tools/testing/selftests/net/ovpn/udp_peers.txt | 5 + 56 files changed, 9698 insertions(+), 5 deletions(-) --- base-commit: 4b252f2dab2ebb654eebbb2aee980ab8373b2295 change-id: 20241002-b4-ovpn-eeee35c694a2 Best regards, -- Antonio Quartulli <antonio(a)openvpn.net>

6 months

5
36
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror December 2024