Linux-kselftest-mirror June 2024

linux-kselftest-mirror@lists.linaro.org

205 participants
324 discussions

[PATCH v2 0/4] Introduce user namespace capabilities

by Jonathan Calmels

This patch series introduces a new user namespace capability set, as well as some plumbing around it (i.e. sysctl, secbit, lsm support). First patch goes over the motivations for this as well as prior art. In summary, while user namespaces are a great success today in that they avoid running a lot of code as root, they also expand the attack surface of the kernel substantially which is often abused by attackers. Methods exist to limit the creation of such namespaces [1], however, application developers often need to assume that user namespaces are available for various tasks such as sandboxing. Thus, instead of restricting the creation of user namespaces, we offer ways for userspace to limit the capabilities granted to them. Why a new capability set and not something specific to the userns (e.g. ioctl_ns)? 1. We can't really expect userspace to patch every single callsite and opt-in this new security mechanism. 2. We don't necessarily want policies enforced at said callsites. For example a service like systemd-machined or a PAM session need to be able to place restrictions on any namespace spawned under it. 3. We would need to come up with inheritance rules, querying capabilities, etc. At this point we're just reinventing capability sets. 4. We can easily define interactions between capability sets, thus helping with adoption (patch 2 is an example of this) Some examples of how this could be leveraged in userspace: - Prevent user from getting CAP_NET_ADMIN in user namespaces under SSH: echo "auth optional pam_cap.so" >> /etc/pam.d/sshd echo "!cap_net_admin $USER" >> /etc/security/capability.conf capsh --secbits=$((1 << 8)) -- -c /usr/sbin/sshd - Prevent containers from ever getting CAP_DAC_OVERRIDE: systemd-run -p CapabilityBoundingSet=~CAP_DAC_OVERRIDE \ -p SecureBits=userns-strict-caps \ /usr/bin/dockerd systemd-run -p UserNSCapabilities=~CAP_DAC_OVERRIDE \ /usr/bin/incusd - Kernel could be vulnerable to CAP_SYS_RAWIO exploits, prevent it: sysctl -w cap_bound_userns_mask=0x1fffffdffff - Drop CAP_SYS_ADMIN for this shell and all the user namespaces below it: bwrap --unshare-user --cap-drop CAP_SYS_ADMIN /bin/sh [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… --- Changes since v1: - Add documentation - Change commit wording - Cleanup various aspects of the code based on feedback - Add new CAP_SYS_CONTROL capability for sysctl check - Add BPF-LSM support for modifying userns capabilities --- Jonathan Calmels (4): capabilities: Add user namespace capabilities capabilities: Add securebit to restrict userns caps capabilities: Add sysctl to mask off userns caps bpf,lsm: Allow editing capabilities in BPF-LSM hooks Documentation/filesystems/proc.rst | 1 + Documentation/security/credentials.rst | 6 ++ fs/proc/array.c | 9 +++ include/linux/cred.h | 3 + include/linux/lsm_hook_defs.h | 2 +- include/linux/securebits.h | 1 + include/linux/security.h | 4 +- include/linux/user_namespace.h | 7 ++ include/uapi/linux/capability.h | 6 +- include/uapi/linux/prctl.h | 7 ++ include/uapi/linux/securebits.h | 11 ++- kernel/bpf/bpf_lsm.c | 55 +++++++++++++ kernel/cred.c | 3 + kernel/sysctl.c | 10 +++ kernel/umh.c | 15 ++++ kernel/user_namespace.c | 80 +++++++++++++++++-- security/apparmor/lsm.c | 2 +- security/commoncap.c | 62 +++++++++++++- security/keys/process_keys.c | 3 + security/security.c | 6 +- security/selinux/hooks.c | 2 +- security/selinux/include/classmap.h | 5 +- .../selftests/bpf/prog_tests/deny_namespace.c | 12 ++- .../selftests/bpf/progs/test_deny_namespace.c | 7 +- 24 files changed, 291 insertions(+), 28 deletions(-) -- 2.45.2

1 year, 6 months

[PATCH v1] selftests/harness: Fix tests timeout and race condition

by Mickaël Salaün

We cannot use CLONE_VFORK because we also need to wait for the timeout signal. Restore tests timeout by using the original fork() call in __run_test() but also in __TEST_F_IMPL(). Also fix a race condition when waiting for the test child process. Because test metadata are shared between test processes, only the parent process must set the test PID (child). Otherwise, t->pid may be set to zero, leading to inconsistent error cases: # RUN layout1.rule_on_mountpoint ... # rule_on_mountpoint: Test ended in some other way [127] # OK layout1.rule_on_mountpoint ok 20 layout1.rule_on_mountpoint As safeguards, initialize the "status" variable with a valid exit code, and handle unknown test exits as errors. The use of fork() introduces a new race condition in landlock/fs_test.c which seems to be specific to hostfs bind mounts, but I haven't found the root cause and it's difficult to trigger. I'll try to fix it with another patch. Cc: Christian Brauner <brauner(a)kernel.org> Cc: Günther Noack <gnoack(a)google.com> Cc: Jakub Kicinski <kuba(a)kernel.org> Cc: Kees Cook <keescook(a)chromium.org> Cc: Mark Brown <broonie(a)kernel.org> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Will Drewry <wad(a)chromium.org> Cc: stable(a)vger.kernel.org Closes: https://lore.kernel.org/r/9341d4db-5e21-418c-bf9e-9ae2da7877e1@sirena.org.uk Fixes: a86f18903db9 ("selftests/harness: Fix interleaved scheduling leading to race conditions") Fixes: 24cf65a62266 ("selftests/harness: Share _metadata between forked processes") Signed-off-by: Mickaël Salaün <mic(a)digikod.net> Link: https://lore.kernel.org/r/20240621180605.834676-1-mic@digikod.net --- tools/testing/selftests/kselftest_harness.h | 43 ++++++++++++--------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/tools/testing/selftests/kselftest_harness.h b/tools/testing/selftests/kselftest_harness.h index b634969cbb6f..40723a6a083f 100644 --- a/tools/testing/selftests/kselftest_harness.h +++ b/tools/testing/selftests/kselftest_harness.h @@ -66,8 +66,6 @@ #include <sys/wait.h> #include <unistd.h> #include <setjmp.h> -#include <syscall.h> -#include <linux/sched.h> #include "kselftest.h" @@ -82,17 +80,6 @@ # define TH_LOG_ENABLED 1 #endif -/* Wait for the child process to end but without sharing memory mapping. */ -static inline pid_t clone3_vfork(void) -{ - struct clone_args args = { - .flags = CLONE_VFORK, - .exit_signal = SIGCHLD, - }; - - return syscall(__NR_clone3, &args, sizeof(args)); -} - /** * TH_LOG() * @@ -437,7 +424,7 @@ static inline pid_t clone3_vfork(void) } \ if (setjmp(_metadata->env) == 0) { \ /* _metadata and potentially self are shared with all forks. */ \ - child = clone3_vfork(); \ + child = fork(); \ if (child == 0) { \ fixture_name##_setup(_metadata, self, variant->data); \ /* Let setup failure terminate early. */ \ @@ -1016,7 +1003,14 @@ void __wait_for_test(struct __test_metadata *t) .sa_flags = SA_SIGINFO, }; struct sigaction saved_action; - int status; + /* + * Sets status so that WIFEXITED(status) returns true and + * WEXITSTATUS(status) returns KSFT_FAIL. This safe default value + * should never be evaluated because of the waitpid(2) check and + * SIGALRM handling. + */ + int status = KSFT_FAIL << 8; + int child; if (sigaction(SIGALRM, &action, &saved_action)) { t->exit_code = KSFT_FAIL; @@ -1028,7 +1022,15 @@ void __wait_for_test(struct __test_metadata *t) __active_test = t; t->timed_out = false; alarm(t->timeout); - waitpid(t->pid, &status, 0); + child = waitpid(t->pid, &status, 0); + if (child == -1 && errno != EINTR) { + t->exit_code = KSFT_FAIL; + fprintf(TH_LOG_STREAM, + "# %s: Failed to wait for PID %d (errno: %d)\n", + t->name, t->pid, errno); + return; + } + alarm(0); if (sigaction(SIGALRM, &saved_action, NULL)) { t->exit_code = KSFT_FAIL; @@ -1083,6 +1085,7 @@ void __wait_for_test(struct __test_metadata *t) WTERMSIG(status)); } } else { + t->exit_code = KSFT_FAIL; fprintf(TH_LOG_STREAM, "# %s: Test ended in some other way [%u]\n", t->name, @@ -1218,6 +1221,7 @@ void __run_test(struct __fixture_metadata *f, struct __test_xfail *xfail; char test_name[1024]; const char *diagnostic; + int child; /* reset test struct */ t->exit_code = KSFT_PASS; @@ -1236,15 +1240,16 @@ void __run_test(struct __fixture_metadata *f, fflush(stdout); fflush(stderr); - t->pid = clone3_vfork(); - if (t->pid < 0) { + child = fork(); + if (child < 0) { ksft_print_msg("ERROR SPAWNING TEST CHILD\n"); t->exit_code = KSFT_FAIL; - } else if (t->pid == 0) { + } else if (child == 0) { setpgrp(); t->fn(t, variant); _exit(t->exit_code); } else { + t->pid = child; __wait_for_test(t); } ksft_print_msg(" %4s %s\n", base-commit: 83a7eefedc9b56fe7bfeff13b6c7356688ffa670 -- 2.45.2

1 year, 6 months

[PATCH net-next 00/12] selftest: Clean-up and stabilize mirroring tests

by Petr Machata

The mirroring selftests work by sending ICMP traffic between two hosts. Along the way, this traffic is mirrored to a gretap netdevice, and counter taps are then installed strategically along the path of the mirrored traffic to verify the mirroring took place. The problem with this is that besides mirroring the primary traffic, any other service traffic is mirrored as well. At the same time, because the tests need to work in HW-offloaded scenarios, the ability of the device to do arbitrary packet inspection should not be taken for granted. Most tests therefore simply use matchall, one uses flower to match on IP address. As a result, the selftests are noisy. mirror_test() accommodated this noisiness by giving the counters an allowance of several packets. But that only works up to a point, and on busy systems won't be always enough. In this patch set, clean up and stabilize the mirroring selftests. The original intention was to port the tests over to UDP, but the logic of ICMP ends up being so entangled in the mirroring selftests that the changes feel overly invasive. Instead, ICMP is kept, but where possible, we match on ICMP message type, thus filtering out hits by other ICMP messages. Where this is not practical (where the counter tap is put on a device that carries encapsulated packets), switch the counter condition to _at least_ X observed packets. This is less robust, but barely so -- probably the only scenario that this would not catch is something like erroneous packet duplication, which would hopefully get caught by the numerous other tests in this extensive suite. - Patches #1 to #3 clean up parameters at various helpers. - Patches #4 to #6 stabilize the mirroring selftests as described above. - Mirroring tests currently allow testing SW datapath even on HW netdevices by trapping traffic to the SW datapath. This complicates the tests a bit without a good reason: to test SW datapath, just run the selftests on the veth topology. Thus in patch #7, drop support for this dual SW/HW testing. - At this point, some cleanups were either made possible by the previous patches, or were always possible. In patches #8 to #11, realize these cleanups. - In patch #12, fix mlxsw mirror_gre selftest to respect setting TESTS. Petr Machata (12): selftests: libs: Expand "$@" where possible selftests: mirror: Drop direction argument from several functions selftests: lib: tc_rule_stats_get(): Move default to argument definition selftests: mirror_gre_lag_lacp: Check counters at tunnel selftests: mirror: do_test_span_dir_ips(): Install accurate taps selftests: mirror: mirror_test(): Allow exact count of packets selftests: mirror: Drop dual SW/HW testing selftests: mlxsw: mirror_gre: Simplify selftests: mirror_gre_lag_lacp: Drop unnecessary code selftests: libs: Drop slow_path_trap_install()/_uninstall() selftests: libs: Drop unused functions selftests: mlxsw: mirror_gre: Obey TESTS .../selftests/drivers/net/mlxsw/mirror_gre.sh | 71 ++++++--------- .../drivers/net/mlxsw/mirror_gre_scale.sh | 18 +--- tools/testing/selftests/net/forwarding/lib.sh | 83 +++++++++++------ .../selftests/net/forwarding/mirror_gre.sh | 45 +++------- .../net/forwarding/mirror_gre_bound.sh | 23 +---- .../net/forwarding/mirror_gre_bridge_1d.sh | 21 +---- .../forwarding/mirror_gre_bridge_1d_vlan.sh | 21 +---- .../net/forwarding/mirror_gre_bridge_1q.sh | 21 +---- .../forwarding/mirror_gre_bridge_1q_lag.sh | 29 ++---- .../net/forwarding/mirror_gre_changes.sh | 73 ++++++--------- .../net/forwarding/mirror_gre_flower.sh | 43 ++++----- .../net/forwarding/mirror_gre_lag_lacp.sh | 65 ++++++-------- .../net/forwarding/mirror_gre_lib.sh | 90 ++++++++++++++----- .../net/forwarding/mirror_gre_neigh.sh | 39 +++----- .../selftests/net/forwarding/mirror_gre_nh.sh | 35 ++------ .../net/forwarding/mirror_gre_vlan.sh | 21 +---- .../forwarding/mirror_gre_vlan_bridge_1q.sh | 69 ++++++-------- .../selftests/net/forwarding/mirror_lib.sh | 79 +++++++++++----- .../selftests/net/forwarding/mirror_vlan.sh | 43 +++------ tools/testing/selftests/net/lib.sh | 4 +- 20 files changed, 355 insertions(+), 538 deletions(-) -- 2.45.0

1 year, 6 months

[PATCH v6 4/4] KVM: riscv: selftests: Add Svade and Svadu Extension to get-reg-list test

by Yong-Xuan Wang

Update the get-reg-list test to test the Svade and Svadu Extensions are available for guest OS. Signed-off-by: Yong-Xuan Wang <yongxuan.wang(a)sifive.com> Reviewed-by: Andrew Jones <ajones(a)ventanamicro.com> --- tools/testing/selftests/kvm/riscv/get-reg-list.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tools/testing/selftests/kvm/riscv/get-reg-list.c b/tools/testing/selftests/kvm/riscv/get-reg-list.c index 222198dd6d04..1d32351ad55e 100644 --- a/tools/testing/selftests/kvm/riscv/get-reg-list.c +++ b/tools/testing/selftests/kvm/riscv/get-reg-list.c @@ -45,6 +45,8 @@ bool filter_reg(__u64 reg) case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SSAIA: case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SSCOFPMF: case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SSTC: + case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SVADE: + case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SVADU: case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SVINVAL: case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SVNAPOT: case KVM_REG_RISCV_ISA_EXT | KVM_REG_RISCV_ISA_SINGLE | KVM_RISCV_ISA_EXT_SVPBMT: @@ -411,6 +413,8 @@ static const char *isa_ext_single_id_to_str(__u64 reg_off) KVM_ISA_EXT_ARR(SSAIA), KVM_ISA_EXT_ARR(SSCOFPMF), KVM_ISA_EXT_ARR(SSTC), + KVM_ISA_EXT_ARR(SVADE), + KVM_ISA_EXT_ARR(SVADU), KVM_ISA_EXT_ARR(SVINVAL), KVM_ISA_EXT_ARR(SVNAPOT), KVM_ISA_EXT_ARR(SVPBMT), @@ -935,6 +939,8 @@ KVM_ISA_EXT_SIMPLE_CONFIG(h, H); KVM_ISA_EXT_SUBLIST_CONFIG(smstateen, SMSTATEEN); KVM_ISA_EXT_SIMPLE_CONFIG(sscofpmf, SSCOFPMF); KVM_ISA_EXT_SIMPLE_CONFIG(sstc, SSTC); +KVM_ISA_EXT_SIMPLE_CONFIG(svade, SVADE); +KVM_ISA_EXT_SIMPLE_CONFIG(svadu, SVADU); KVM_ISA_EXT_SIMPLE_CONFIG(svinval, SVINVAL); KVM_ISA_EXT_SIMPLE_CONFIG(svnapot, SVNAPOT); KVM_ISA_EXT_SIMPLE_CONFIG(svpbmt, SVPBMT); @@ -991,6 +997,8 @@ struct vcpu_reg_list *vcpu_configs[] = { &config_smstateen, &config_sscofpmf, &config_sstc, + &config_svade, + &config_svadu, &config_svinval, &config_svnapot, &config_svpbmt, -- 2.17.1

1 year, 6 months

Testing Quality Call notes - 2024-06-27

by Laura Nao

Hello, KernelCI is hosting a bi-weekly call on Thursday to discuss improvements to existing upstream tests, the development of new tests to increase kernel testing coverage, and the enablement of these tests in KernelCI. In recent months, we at Collabora have focused on various kernel areas, assessing the tests already available upstream and contributing patches to make them easily runnable in CIs. Below is a list of the tests we've been working on and their latest status updates, as discussed in the last meeting held on 2024-06-27: *USB/PCI devices kselftest* - Upstream test to detect unprobed devices on discoverable buses: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… - Kernel patches to allow running the test on more platforms on KernelCI were merged: https://lore.kernel.org/all/20240613-kselftest-discoverable-probe-mt8195-kc… - Waiting for KernelCI PRs to be merged: https://github.com/kernelci/kernelci-core/pull/2577 and https://github.com/kernelci/kernelci-pipeline/pull/642 *Error log test* - Proposing new kselftest to report device log errors: https://lore.kernel.org/all/20240423-dev-err-log-selftest-v1-0-690c1741d68b… - Currently fixing test failures in KernelCI *Suspend/resume in cpufreq kselftest* - Enabling suspend/resume test within the cpufreq kselftest in KernelCI - Parameter support for running subtests in a kselftest was merged: https://github.com/Linaro/test-definitions/pull/511 - Added rtcwake support in the test to enable automated resume, currently testing/debugging solution *Boot time test* - Investigating possibility of adding new test upstream to measure the kernel boot time and detect regressions - Currently looking into boot tracing with ftrace events and kprobes (see: https://www.kernel.org/doc/html/latest/trace/boottime-trace.html) - Idea for potential kselftest: insert explicit tracepoints in strategic places, let the user configure which times to measure. The test could provide a bootconfig file and a fragment to enable the required configs. This could be an alternative to using external tools (e.g. grabserial w/ early serial port init). - Need a list of functions to track in order to measure key metrics (e.g. device tree overhead, probe overhead, module load overhead) - Identify key drivers that need to be loaded early, for potentially supporting a two-phase boot: (1) time-critical, and (2) rest of the system *Other interesting updates* - Flaky serial on sc7180 was recently fixed: https://github.com/kernelci/kernelci-project/issues/380 and https://lore.kernel.org/all/20240610222515.3023730-1-dianders@chromium.org/… *Strategy for test enablement in KernelCI* - Guidance on test quality: KernelCI should set the standard for test quality, providing guidance on which tests to enable from various projects (e.g., kselftest, LTP). By doing so, KernelCI can serve as a model for other CI systems. - Develop mechanisms to automatically detect which tests should run on a specific platform - Embed metadata in the test themselves to facilitate the test selection process - Leverage device tree info to determine the appropriate tests for each platform Please reply to this thread if you'd like to join the call or discuss any of the topics further. We look forward to collaborating with the community to improve upstream tests and expand coverage to more areas of interest within the kernel. Best regards, Laura Nao

1 year, 6 months

[PATCH v2 0/2] selftests/resctrl: SNC kernel support discovery

by Maciej Wieczor-Retman

Changes v2: - Removed patches 2 and 3 since now this part will be supported by the kernel. Sub-Numa Clustering (SNC) allows splitting CPU cores, caches and memory into multiple NUMA nodes. When enabled, NUMA-aware applications can achieve better performance on bigger server platforms. SNC support in the kernel is currently in review [1]. With SNC enabled and kernel support in place all the tests will function normally. There might be a problem when SNC is enabled but the system is still using an older kernel version without SNC support. Currently the only message displayed in that situation is a guess that SNC might be enabled and is causing issues. That message also is displayed whenever the test fails on an Intel platform. Add a mechanism to discover kernel support for SNC which will add more meaning and certainty to the error message. Series was tested on Ice Lake server platforms with SNC disabled, SNC-2 and SNC-4. The tests were also ran with and without kernel support for SNC. Series applies cleanly on kselftest/next. [1] https://lore.kernel.org/all/20240503203325.21512-1-tony.luck@intel.com/ Previous versions of this series: [v1] https://lore.kernel.org/all/cover.1709721159.git.maciej.wieczor-retman@inte… Maciej Wieczor-Retman (2): selftests/resctrl: Adjust effective L3 cache size with SNC enabled selftests/resctrl: Adjust SNC support messages tools/testing/selftests/resctrl/cat_test.c | 2 +- tools/testing/selftests/resctrl/cmt_test.c | 6 +- tools/testing/selftests/resctrl/mba_test.c | 2 + tools/testing/selftests/resctrl/mbm_test.c | 4 +- tools/testing/selftests/resctrl/resctrl.h | 8 +- tools/testing/selftests/resctrl/resctrlfs.c | 131 +++++++++++++++++++- 6 files changed, 144 insertions(+), 9 deletions(-) -- 2.45.0

1 year, 6 months

[PATCH v3 0/2] Allow userspace to change ID_AA64PFR1_EL1

by Shaoqin Huang

Allow userspace to change the guest-visible value of the register with some severe limitation: - No changes to features not virtualized by KVM (MPAM_frac, RAS_frac, SME, RNDP_trap). - No changes to features (CSV2_frac, NMI, MTE_frac, GCS, THE, MTEX, DF2, PFAR) which haven't been added into the ftr_id_aa64pfr1[]. Because the struct arm64_ftr_bits definition for each feature in the ftr_id_aa64pfr1[] is used by arm64_check_features. If they're not existing in the ftr_id_aa64pfr1[], the for loop won't check the if the new_val is safe for those features. For the question why can't those fields be hidden depending on the VM configuration? I don't find there is the related VM configuration, maybe we should add the new VM configuration? I'm not sure I'm right, so if there're any problems please help to point out and I will fix them. Also add the selftest for it. Changelog: ---------- v2 -> v3: * Give more description about why only part of the fields can be writable. * Updated the writable mask by referring the latest ARM spec. v1 -> v2: * Tackling the full register instead of single field. * Changing the patch title and commit message. RFCv1 -> v1: * Fix the compilation error. * Delete the machine specific information and make the description more generable. RFCv1: https://lore.kernel.org/all/20240612023553.127813-1-shahuang@redhat.com/ v1: https://lore.kernel.org/all/20240617075131.1006173-1-shahuang@redhat.com/ v2: https://lore.kernel.org/all/20240618063808.1040085-1-shahuang@redhat.com/ Shaoqin Huang (2): KVM: arm64: Allow userspace to change ID_AA64PFR1_EL1 KVM: selftests: aarch64: Add writable test for ID_AA64PFR1_EL1 arch/arm64/kvm/sys_regs.c | 4 +++- tools/testing/selftests/kvm/aarch64/set_id_regs.c | 8 ++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) -- 2.40.1

1 year, 6 months

selftests/ftrace kprobe_eventname test fails on s390x QEMU (KVM/Linux)

by Yunseong Kim

Hi all, In my s390x archtecture, kprobe_eventname selftest have always failed because of rcu_sched stalls. My environment is QEMU Ubuntu 24.04 KVM Machine Linux version 6.8.0-36-generic (buildd@bos01-s390x-012) (s390x-linux-gnu-gcc-13 (Ubuntu 13.2.0-23ubuntu4) 13.2.0, GNU ld (GNU Binutils for Ubuntu) 2.42) #36 1 configured CPUs, Linux is running under KVM in 64-bit mode qemu-system-s390x -no-reboot -name auto-inst-test -nographic -m 4096 \ -drive file=disk-image.qcow2,format=qcow2,cache=none,if=virtio \ -netdev user,id=enc0,hostfwd=tcp::10000-:22 \ -device virtio-net-ccw,netdev=enc0 \ -qmp tcp:localhost:4444,server,nowait Currently, This failure can be always reproduced by this kselftests script: # tools/testing/selftests/ftrace/ftracetest tools/testing/selftests/ftrace/test.d/kprobe/kprobe_eventname.tc I've investigating cause of line, then I find this line. for i in `seq 0 255`; do echo p $FUNCTION_FORK+${i} >> kprobe_events || continue done cat kprobe_events >> $testlog echo 1 > events/kprobes/enable # <<< This line makes "rcu_sched detected stalls" log and stall the system. [ 7825.578940] rcu: INFO: rcu_sched detected stalls on CPUs/tasks: After this line, the test doesn't go any further. This test was added in the patch below. ("selftests/ftrace: Add new test case which adds multiple consecutive probes in a function") Link: https://lore.kernel.org/linux-trace-kernel/20230428163842.95118-2-akanksha@… I've attached a link to a compressed version of vmcore, vmlinux and config files that I dumped from my environment. https://drive.google.com/file/d/1O2bCKrRbyJ-yP4zTz_sAd_qM80nHnCGr/view?usp=… I used QEMU QMP to dump the vmcore. $ telnet localhost 4444 {"execute": "qmp_capabilities"} {"execute":"dump-guest-memory","arguments": {"paging":false,"protocol":"file:/home/paran/vmcore1.img"}} rcu: INFO: rcu_sched detected stalls on CPUs/tasks:s: rcu: (detected by 0, t=6002 jiffies, g=24353, q=1 ncpus=1)1) rcu: All QSes seen, last rcu_sched kthread activity 6002 (4294978930-4294972928), jiffies_till_next_fqs=1, root ->qsmask 0x0x0 rcu: rcu_sched kthread starved for 6002 jiffies! g24353 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0=0 rcu: Unless rcu_sched kthread gets sufficient CPU time, OOM is now expected behavior.r. rcu: RCU grace-period kthread stack dump:p: task:rcu_sched state:R running task stack:0 pid:16 tgid:16 ppid:2 flags:0x0000000000 Call Trace:e: __schedule+0x346/0x8b8 8 schedule+0x36/0x148 8 schedule_timeout+0x8e/0x148 8 rcu_gp_fqs_loop+0x444/0x548 8 rcu_gp_kthread+0x146/0x198 8 kthread+0x124/0x128 8 __ret_from_fork+0x40/0x58 8 ret_from_fork+0xa/0x30 0 rcu: Stack dump where RCU GP kthread last ran:n: CPU: 0 PID: 1077 Comm: ftracetest Not tainted 6.8.0-36-generic #36-Ubuntu Hardware name: QEMU 8561 QEMU (KVM/Linux) Krnl PSW : 0704f00180000000 0000000000121d32 kprobe_exceptions_notify (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/kprobes.c:519 (discriminator 1)) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:3 PM:0 RI:0 EA:3:3 Krnl GPRS: 0000000000000000 0000000000000000 0000000000008001 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000001956720 ffffffffffffffff 0000000000121c98 0000000001958d40 00000380000cfbd8 000003ff938dbc78 00000380000cfab8 0000000000121d1c 00000380000cf980 Krnl Code: 0000000000121d26: 9103b008 Code starting with the faulting instruction =========================================== 8(%r11),3 0000000000121d2a: a7840004 8,0000000000121d32 #0000000000121d2e: ad03f0a0 stosm 160(%r15),3 >0000000000121d32: b9140022 lgfr %r2,%r2 0000000000121d36: ebbff0a80004 %r11,%r15,168(%r15) 0000000000121d3c: a7190000 lghi %r1,0 0000000000121d40: a7390000 lghi %r3,0 0000000000121d44: a7490000 lghi %r4,0 Call Trace: kprobe_exceptions_notify (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/kprobes.c:519 (discriminator 1)) kprobe_exceptions_notify (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/kprobes.c:504 (discriminator 1)) notifier_call_chain (/build/linux-3nCxw2/linux-6.8.0/kernel/notifier.c:93) notify_die (/build/linux-3nCxw2/linux-6.8.0/kernel/notifier.c:597) do_per_trap (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/traps.c:75 (discriminator 1)) __do_pgm_check (/build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/irqflags.h:47 (discriminator 1) /build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/irqflags.h:52 (discriminator 1) /build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/traps.c:356 (discriminator 1)) pgm_check_handler (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/entry.S:383) kernel_clone (/build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/uaccess.h:119 (discriminator 1) /build/linux-3nCxw2/linux-6.8.0/kernel/fork.c:2927 (discriminator 1)) __do_sys_clone (/build/linux-3nCxw2/linux-6.8.0/kernel/fork.c:3055) __s390x_sys_clone (/build/linux-3nCxw2/linux-6.8.0/kernel/fork.c:3027) __do_syscall (/build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/ptrace.h:195 (discriminator 3) /build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/ptrace.h:200 (discriminator 3) /build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/syscall.c:145 (discriminator 3) /build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/syscall.c:168 (discriminator 3)) system_call (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/entry.S:309) Last Breaking-Event-Address: 0xfdf5045050 ?rcu: INFO: rcu_sched detected stalls on CPUs/tasks:s: @rcu: (detected by 0, t=24007 jiffies, g=24353, q=1 ncpus=1) rcu: All QSes seen, last rcu_sched kthread activity 24007 (4294996935-4294972928), jiffies_till_next_fqs=1, root ->qsmask 0x0x0 rcu: rcu_sched kthread starved for 24007 jiffies! g24353 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0=0 rcu: Unless rcu_sched kthread gets sufficient CPU time, OOM is now expected behavior.r. rcu: RCU grace-period kthread stack dump:p: task:rcu_sched state:R running task stack:0 pid:16 tgid:16 ppid:2 flags:0x0000000000 Call Trace:e: __schedule+0x346/0x8b8 8 schedule+0x36/0x148 8 schedule_timeout+0x8e/0x148 8 rcu_gp_fqs_loop+0x444/0x548 8 rcu_gp_kthread+0x146/0x198 8 kthread+0x124/0x128 8 __ret_from_fork+0x40/0x58 8 ret_from_fork+0xa/0x30 0 rcu: Stack dump where RCU GP kthread last ran:n: CPU: 0 PID: 1077 Comm: ftracetest Not tainted 6.8.0-36-generic #36-Ubuntu Hardware name: QEMU 8561 QEMU (KVM/Linux) Krnl PSW : 0704d00180000000 0000000000ebe0b2 __do_pgm_check (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/traps.c:353) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0 RI:0 EA:3:3 Krnl GPRS: 0704c00180000000 0000000000000000 00000380000cfb97 0000000000000000 0000000000000000 0704c00180000000 0000000000000000 0000000000000000 0704c00180000000 00000000001a8388 0000000000000000 00000380000cfbd8 000003ff938dbc78 0000000000ed1c6c 0000000000ebe024 00000380000cfaf0 Krnl Code: 0000000000ebe0a4: a504bfff Code starting with the faulting instruction =========================================== nihh %r0,49151 0000000000ebe0a8: e300f0a80024 %r0,168(%r15) #0000000000ebe0ae: 8000f0a8 168(%r15) >0000000000ebe0b2: 5850b0a0 %r5,160(%r11) 0000000000ebe0b6: c05b0000007f nilf %r5,127 0000000000ebe0bc: a7840012 8,0000000000ebe0e0 0000000000ebe0c0: b91600e5 llgfr %r14,%r5 0000000000ebe0c4: c0400051121e larl %r4,00000000018e0500 Call Trace: __do_pgm_check (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/traps.c:353) __do_pgm_check (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/traps.c:318) pgm_check_handler (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/entry.S:383) kernel_clone (/build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/uaccess.h:119 (discriminator 1) /build/linux-3nCxw2/linux-6.8.0/kernel/fork.c:2927 (discriminator 1)) __do_sys_clone (/build/linux-3nCxw2/linux-6.8.0/kernel/fork.c:3055) __s390x_sys_clone (/build/linux-3nCxw2/linux-6.8.0/kernel/fork.c:3027) __do_syscall (/build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/ptrace.h:195 (discriminator 3) /build/linux-3nCxw2/linux-6.8.0/arch/s390/include/asm/ptrace.h:200 (discriminator 3) /build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/syscall.c:145 (discriminator 3) /build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/syscall.c:168 (discriminator 3)) system_call (/build/linux-3nCxw2/linux-6.8.0/arch/s390/kernel/entry.S:309) Last Breaking-Event-Address: 0x4404c0018000000000 It's not easy for me to resolve this issue. If advice or guidance can be provided on how to resolve this issue, I'll try sending a patch! Warm regards, Yunseong Kim

1 year, 6 months

[PATCH v2 0/5] Reorganize string-stream and assert tests

by Ivan Orlov

Currently, we can run string-stream and assertion tests only when they are built into the kernel (with config options = y), since some of the symbols (string-stream functions and functions from assert.c) are not exported into any of the namespaces, therefore they are not accessible for the modules. This patch series exports the required symbols into the KUnit namespace. Also, it makes the string-stream test a separate module and removes the log test stub from kunit-test since now we can access the string-stream symbols even if the test which uses it is built as a module. Additionally, this patch series merges the assertion test suite into the kunit-test, since assert.c (and all of the assertion formatting functions in it) is a part of the KUnit core. V1 -> V2: - Patch which exports the non-static assert.c functions is replaced with the patch which prepares assert_test.c to be merged into kunit-test.c - Also, David Gow <davidgow(a)google.com> suggested merging 4th and 5th patches together, but since now the 4th patch does more than it used to do, I send it separately Ivan Orlov (5): kunit: string-stream: export non-static functions kunit: kunit-test: Remove stub for log tests kunit: string-stream-test: Make it a separate module kunit: assert_test: Prepare to be merged into kunit-test.c kunit: Merge assertion test into kunit-test.c include/kunit/assert.h | 4 +- lib/kunit/Kconfig | 8 + lib/kunit/Makefile | 7 +- lib/kunit/assert.c | 19 +- lib/kunit/assert_test.c | 388 -------------------------------- lib/kunit/kunit-test.c | 397 +++++++++++++++++++++++++++++++-- lib/kunit/string-stream-test.c | 2 + lib/kunit/string-stream.c | 12 +- 8 files changed, 416 insertions(+), 421 deletions(-) delete mode 100644 lib/kunit/assert_test.c -- 2.34.1

1 year, 6 months

[PATCH net-next v14 00/13] Device Memory TCP

by Mina Almasry

v14: https://patchwork.kernel.org/project/netdevbpf/list/?series=865135&archive=… ==== No material changes in this version. Only rebase and re-verification on top of net-next. v13, I think, raced with commit ebad6d0334793 ("net/ipv4: Use nested-BH locking for ipv4_tcp_sk.") being merged to net-next that caused a patchwork failure to apply. This series should apply cleanly on commit c4532232fa2a4 ("selftests: net: remove unneeded IP_GRE config"). I did not wait the customary 24hr as Jakub said it's OK to repost as soon as I build test the rebased version: https://lore.kernel.org/netdev/20240625075926.146d769d@kernel.org/ v13: https://patchwork.kernel.org/project/netdevbpf/list/?series=861406&archive=… ==== Major changes: -------------- This iteration addresses Pavel's review comments, applies his reviewed-by's, and seeks to fix the patchwork build error (sorry!). As usual, the full devmem TCP changes including the full GVE driver implementation is here: https://github.com/mina/linux/commits/tcpdevmem-v13/ v12: https://patchwork.kernel.org/project/netdevbpf/list/?series=859747&state=* ==== Major changes: -------------- This iteration only addresses one minor comment from Pavel with regards to the trace printing of netmem, and the patchwork build error introduced in v11 because I missed doing an allmodconfig build, sorry. Other than that v11, AFAICT, received no feedback. There is one discussion about how the specifics of plugging io uring memory through the page pool, but not relevant to content in this particular patchset, AFAICT. As usual, the full devmem TCP changes including the full GVE driver implementation is here: https://github.com/mina/linux/commits/tcpdevmem-v12/ v11: https://patchwork.kernel.org/project/netdevbpf/list/?series=857457&state=* ==== Major Changes: -------------- v11 addresses feedback received in v10. The major change is the removal of the memory provider ops as requested by Christoph. We still accomplish the same thing, but utilizing direct function calls with if statements rather than generic ops. Additionally address sparse warnings, bugs and review comments from folks that reviewed. As usual, the full devmem TCP changes including the full GVE driver implementation is here: https://github.com/mina/linux/commits/tcpdevmem-v11/ Detailed changelog: ------------------- - Fixes in netdev_rx_queue_restart() from Pavel & David. - Remove commit e650e8c3a36f5 ("net: page_pool: create hooks for custom page providers") from the series to address Christoph's feedback and rebased other patches on the series on this change. - Fixed build errors with CONFIG_DMA_SHARED_BUFFER && !CONFIG_GENERIC_ALLOCATOR build. - Fixed sparse warnings pointed out by Paolo. - Drop unnecessary gro_pull_from_frag0 checks. - Added Bagas reviewed-by to docs. Cc: Bagas Sanjaya <bagasdotme(a)gmail.com> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Christoph Hellwig <hch(a)infradead.org> Cc: Nikolay Aleksandrov <razor(a)blackwall.org> v10: https://patchwork.kernel.org/project/netdevbpf/list/?series=852422&state=* ==== Major Changes: -------------- v9 was sent right before the merge window closed (sorry!). v10 is almost a re-send of the series now that the merge window re-opened. Only rebased to latest net-next and addressed some minor iterative comments received on v9. As usual, the full devmem TCP changes including the full GVE driver implementation is here: https://github.com/mina/linux/commits/tcpdevmem-v10/ Detailed changelog: ------------------- - Fixed tokens leaking in DONTNEED setsockopt (Nikolay). - Moved net_iov_dma_addr() to devmem.c and made it a devmem specific helpers (David). - Rename hook alloc_pages to alloc_netmems as alloc_pages is now preprocessor macro defined and causes a build error. v9: === Major Changes: -------------- GVE queue API has been merged. Submitting this version as non-RFC after rebasing on top of the merged API, and dropped the out of tree queue API I was carrying on github. Addressed the little feedback v8 has received. Detailed changelog: ------------------ - Added new patch from David Wei to this series for netdev_rx_queue_restart() - Fixed sparse error. - Removed CONFIG_ checks in netmem_is_net_iov() - Flipped skb->readable to skb->unreadable - Minor fixes to selftests & docs. RFC v8: ======= Major Changes: -------------- - Fixed build error generated by patch-by-patch build. - Applied docs suggestions from Randy. RFC v7: ======= Major Changes: -------------- This revision largely rebases on top of net-next and addresses the feedback RFCv6 received from folks, namely Jakub, Yunsheng, Arnd, David, & Pavel. The series remains in RFC because the queue-API ndos defined in this series are not yet implemented. I have a GVE implementation I carry out of tree for my testing. A upstreamable GVE implementation is in the works. Aside from that, in my estimation all the patches are ready for review/merge. Please do take a look. As usual the full devmem TCP changes including the full GVE driver implementation is here: https://github.com/mina/linux/commits/tcpdevmem-v7/ Detailed changelog: - Use admin-perm in netlink API. - Addressed feedback from Jakub with regards to netlink API implementation. - Renamed devmem.c functions to something more appropriate for that file. - Improve the performance seen through the page_pool benchmark. - Fix the value definition of all the SO_DEVMEM_* uapi. - Various fixes to documentation. Perf - page-pool benchmark: --------------------------- Improved performance of bench_page_pool_simple.ko tests compared to v6: https://pastebin.com/raw/v5dYRg8L net-next base: 8 cycle fast path. RFC v6: 10 cycle fast path. RFC v7: 9 cycle fast path. RFC v7 with CONFIG_DMA_SHARED_BUFFER disabled: 8 cycle fast path, same as baseline. Perf - Devmem TCP benchmark: --------------------- Perf is about the same regardless of the changes in v7, namely the removal of the static_branch_unlikely to improve the page_pool benchmark performance: 189/200gbps bi-directional throughput with RX devmem TCP and regular TCP TX i.e. ~95% line rate. RFC v6: ======= Major Changes: -------------- This revision largely rebases on top of net-next and addresses the little feedback RFCv5 received. The series remains in RFC because the queue-API ndos defined in this series are not yet implemented. I have a GVE implementation I carry out of tree for my testing. A upstreamable GVE implementation is in the works. Aside from that, in my estimation all the patches are ready for review/merge. Please do take a look. As usual the full devmem TCP changes including the full GVE driver implementation is here: https://github.com/mina/linux/commits/tcpdevmem-v6/ This version also comes with some performance data recorded in the cover letter (see below changelog). Detailed changelog: - Rebased on top of the merged netmem_ref changes. - Converted skb->dmabuf to skb->readable (Pavel). Pavel's original suggestion was to remove the skb->dmabuf flag entirely, but when I looked into it closely, I found the issue that if we remove the flag we have to dereference the shinfo(skb) pointer to obtain the first frag to tell whether an skb is readable or not. This can cause a performance regression if it dirties the cache line when the shinfo(skb) was not really needed. Instead, I converted the skb->dmabuf flag into a generic skb->readable flag which can be re-used by io_uring 0-copy RX. - Squashed a few locking optimizations from Eric Dumazet in the RX path and the DEVMEM_DONTNEED setsockopt. - Expanded the tests a bit. Added validation for invalid scenarios and added some more coverage. Perf - page-pool benchmark: --------------------------- bench_page_pool_simple.ko tests with and without these changes: https://pastebin.com/raw/ncHDwAbn AFAIK the number that really matters in the perf tests is the 'tasklet_page_pool01_fast_path Per elem'. This one measures at about 8 cycles without the changes but there is some 1 cycle noise in some results. With the patches this regresses to 9 cycles with the changes but there is 1 cycle noise occasionally running this test repeatedly. Lastly I tried disable the static_branch_unlikely() in netmem_is_net_iov() check. To my surprise disabling the static_branch_unlikely() check reduces the fast path back to 8 cycles, but the 1 cycle noise remains. Perf - Devmem TCP benchmark: --------------------- 189/200gbps bi-directional throughput with RX devmem TCP and regular TCP TX i.e. ~95% line rate. Major changes in RFC v5: ======================== 1. Rebased on top of 'Abstract page from net stack' series and used the new netmem type to refer to LSB set pointers instead of re-using struct page. 2. Downgraded this series back to RFC and called it RFC v5. This is because this series is now dependent on 'Abstract page from net stack'[1] and the queue API. Both are removed from the series to reduce the patch # and those bits are fairly independent or pre-requisite work. 3. Reworked the page_pool devmem support to use netmem and for some more unified handling. 4. Reworked the reference counting of net_iov (renamed from page_pool_iov) to use pp_ref_count for refcounting. The full changes including the dependent series and GVE page pool support is here: https://github.com/mina/linux/commits/tcpdevmem-rfcv5/ [1] https://patchwork.kernel.org/project/netdevbpf/list/?series=810774 Major changes in v1: ==================== 1. Implemented MVP queue API ndos to remove the userspace-visible driver reset. 2. Fixed issues in the napi_pp_put_page() devmem frag unref path. 3. Removed RFC tag. Many smaller addressed comments across all the patches (patches have individual change log). Full tree including the rest of the GVE driver changes: https://github.com/mina/linux/commits/tcpdevmem-v1 Changes in RFC v3: ================== 1. Pulled in the memory-provider dependency from Jakub's RFC[1] to make the series reviewable and mergeable. 2. Implemented multi-rx-queue binding which was a todo in v2. 3. Fix to cmsg handling. The sticking point in RFC v2[2] was the device reset required to refill the device rx-queues after the dmabuf bind/unbind. The solution suggested as I understand is a subset of the per-queue management ops Jakub suggested or similar: https://lore.kernel.org/netdev/20230815171638.4c057dcd@kernel.org/ This is not addressed in this revision, because: 1. This point was discussed at netconf & netdev and there is openness to using the current approach of requiring a device reset. 2. Implementing individual queue resetting seems to be difficult for my test bed with GVE. My prototype to test this ran into issues with the rx-queues not coming back up properly if reset individually. At the moment I'm unsure if it's a mistake in the POC or a genuine issue in the virtualization stack behind GVE, which currently doesn't test individual rx-queue restart. 3. Our usecases are not bothered by requiring a device reset to refill the buffer queues, and we'd like to support NICs that run into this limitation with resetting individual queues. My thought is that drivers that have trouble with per-queue configs can use the support in this series, while drivers that support new netdev ops to reset individual queues can automatically reset the queue as part of the dma-buf bind/unbind. The same approach with device resets is presented again for consideration with other sticking points addressed. This proposal includes the rx devmem path only proposed for merge. For a snapshot of my entire tree which includes the GVE POC page pool support & device memory support: https://github.com/torvalds/linux/compare/master...mina:linux:tcpdevmem-v3 [1] https://lore.kernel.org/netdev/f8270765-a27b-6ccf-33ea-cda097168d79@redhat.… [2] https://lore.kernel.org/netdev/CAHS8izOVJGJH5WF68OsRWFKJid1_huzzUK+hpKbLcL4… Changes in RFC v2: ================== The sticking point in RFC v1[1] was the dma-buf pages approach we used to deliver the device memory to the TCP stack. RFC v2 is a proof-of-concept that attempts to resolve this by implementing scatterlist support in the networking stack, such that we can import the dma-buf scatterlist directly. This is the approach proposed at a high level here[2]. Detailed changes: 1. Replaced dma-buf pages approach with importing scatterlist into the page pool. 2. Replace the dma-buf pages centric API with a netlink API. 3. Removed the TX path implementation - there is no issue with implementing the TX path with scatterlist approach, but leaving out the TX path makes it easier to review. 4. Functionality is tested with this proposal, but I have not conducted perf testing yet. I'm not sure there are regressions, but I removed perf claims from the cover letter until they can be re-confirmed. 5. Added Signed-off-by: contributors to the implementation. 6. Fixed some bugs with the RX path since RFC v1. Any feedback welcome, but specifically the biggest pending questions needing feedback IMO are: 1. Feedback on the scatterlist-based approach in general. 2. Netlink API (Patch 1 & 2). 3. Approach to handle all the drivers that expect to receive pages from the page pool (Patch 6). [1] https://lore.kernel.org/netdev/dfe4bae7-13a0-3c5d-d671-f61b375cb0b4@gmail.c… [2] https://lore.kernel.org/netdev/CAHS8izPm6XRS54LdCDZVd0C75tA1zHSu6jLVO8nzTLX… ================== * TL;DR: Device memory TCP (devmem TCP) is a proposal for transferring data to and/or from device memory efficiently, without bouncing the data to a host memory buffer. * Problem: A large amount of data transfers have device memory as the source and/or destination. Accelerators drastically increased the volume of such transfers. Some examples include: - ML accelerators transferring large amounts of training data from storage into GPU/TPU memory. In some cases ML training setup time can be as long as 50% of TPU compute time, improving data transfer throughput & efficiency can help improving GPU/TPU utilization. - Distributed training, where ML accelerators, such as GPUs on different hosts, exchange data among them. - Distributed raw block storage applications transfer large amounts of data with remote SSDs, much of this data does not require host processing. Today, the majority of the Device-to-Device data transfers the network are implemented as the following low level operations: Device-to-Host copy, Host-to-Host network transfer, and Host-to-Device copy. The implementation is suboptimal, especially for bulk data transfers, and can put significant strains on system resources, such as host memory bandwidth, PCIe bandwidth, etc. One important reason behind the current state is the kernel’s lack of semantics to express device to network transfers. * Proposal: In this patch series we attempt to optimize this use case by implementing socket APIs that enable the user to: 1. send device memory across the network directly, and 2. receive incoming network packets directly into device memory. Packet _payloads_ go directly from the NIC to device memory for receive and from device memory to NIC for transmit. Packet _headers_ go to/from host memory and are processed by the TCP/IP stack normally. The NIC _must_ support header split to achieve this. Advantages: - Alleviate host memory bandwidth pressure, compared to existing network-transfer + device-copy semantics. - Alleviate PCIe BW pressure, by limiting data transfer to the lowest level of the PCIe tree, compared to traditional path which sends data through the root complex. * Patch overview: ** Part 1: netlink API Gives user ability to bind dma-buf to an RX queue. ** Part 2: scatterlist support Currently the standard for device memory sharing is DMABUF, which doesn't generate struct pages. On the other hand, networking stack (skbs, drivers, and page pool) operate on pages. We have 2 options: 1. Generate struct pages for dmabuf device memory, or, 2. Modify the networking stack to process scatterlist. Approach #1 was attempted in RFC v1. RFC v2 implements approach #2. ** part 3: page pool support We piggy back on page pool memory providers proposal: https://github.com/kuba-moo/linux/tree/pp-providers It allows the page pool to define a memory provider that provides the page allocation and freeing. It helps abstract most of the device memory TCP changes from the driver. ** part 4: support for unreadable skb frags Page pool iovs are not accessible by the host; we implement changes throughput the networking stack to correctly handle skbs with unreadable frags. ** Part 5: recvmsg() APIs We define user APIs for the user to send and receive device memory. Not included with this series is the GVE devmem TCP support, just to simplify the review. Code available here if desired: https://github.com/mina/linux/tree/tcpdevmem This series is built on top of net-next with Jakub's pp-providers changes cherry-picked. * NIC dependencies: 1. (strict) Devmem TCP require the NIC to support header split, i.e. the capability to split incoming packets into a header + payload and to put each into a separate buffer. Devmem TCP works by using device memory for the packet payload, and host memory for the packet headers. 2. (optional) Devmem TCP works better with flow steering support & RSS support, i.e. the NIC's ability to steer flows into certain rx queues. This allows the sysadmin to enable devmem TCP on a subset of the rx queues, and steer devmem TCP traffic onto these queues and non devmem TCP elsewhere. The NIC I have access to with these properties is the GVE with DQO support running in Google Cloud, but any NIC that supports these features would suffice. I may be able to help reviewers bring up devmem TCP on their NICs. * Testing: The series includes a udmabuf kselftest that show a simple use case of devmem TCP and validates the entire data path end to end without a dependency on a specific dmabuf provider. ** Test Setup Kernel: net-next with this series and memory provider API cherry-picked locally. Hardware: Google Cloud A3 VMs. NIC: GVE with header split & RSS & flow steering support. Cc: Pavel Begunkov <asml.silence(a)gmail.com> Cc: David Wei <dw(a)davidwei.uk> Cc: Jason Gunthorpe <jgg(a)ziepe.ca> Cc: Yunsheng Lin <linyunsheng(a)huawei.com> Cc: Shailend Chand <shailend(a)google.com> Cc: Harshitha Ramamurthy <hramamurthy(a)google.com> Cc: Shakeel Butt <shakeel.butt(a)linux.dev> Cc: Jeroen de Borst <jeroendb(a)google.com> Cc: Praveen Kaligineedi <pkaligineedi(a)google.com> Mina Almasry (13): netdev: add netdev_rx_queue_restart() net: netdev netlink api to bind dma-buf to a net device netdev: support binding dma-buf to netdevice netdev: netdevice devmem allocator page_pool: convert to use netmem page_pool: devmem support memory-provider: dmabuf devmem memory provider net: support non paged skb frags net: add support for skbs with unreadable frags tcp: RX path for devmem TCP net: add SO_DEVMEM_DONTNEED setsockopt to release RX frags net: add devmem TCP documentation selftests: add ncdevmem, netcat for devmem TCP Documentation/netlink/specs/netdev.yaml | 57 +++ Documentation/networking/devmem.rst | 258 +++++++++++ Documentation/networking/index.rst | 1 + arch/alpha/include/uapi/asm/socket.h | 6 + arch/mips/include/uapi/asm/socket.h | 6 + arch/parisc/include/uapi/asm/socket.h | 6 + arch/sparc/include/uapi/asm/socket.h | 6 + include/linux/skbuff.h | 61 ++- include/linux/skbuff_ref.h | 11 +- include/linux/socket.h | 1 + include/net/devmem.h | 124 ++++++ include/net/mp_dmabuf_devmem.h | 44 ++ include/net/netdev_rx_queue.h | 5 + include/net/netmem.h | 208 ++++++++- include/net/page_pool/helpers.h | 124 ++++-- include/net/page_pool/types.h | 22 +- include/net/sock.h | 2 + include/net/tcp.h | 5 +- include/trace/events/page_pool.h | 30 +- include/uapi/asm-generic/socket.h | 6 + include/uapi/linux/netdev.h | 19 + include/uapi/linux/uio.h | 17 + net/bpf/test_run.c | 5 +- net/core/Makefile | 3 +- net/core/datagram.c | 6 + net/core/dev.c | 6 +- net/core/devmem.c | 376 ++++++++++++++++ net/core/gro.c | 3 +- net/core/netdev-genl-gen.c | 23 + net/core/netdev-genl-gen.h | 6 + net/core/netdev-genl.c | 103 +++++ net/core/netdev_rx_queue.c | 74 ++++ net/core/page_pool.c | 362 +++++++++------- net/core/skbuff.c | 83 +++- net/core/sock.c | 61 +++ net/ipv4/esp4.c | 3 +- net/ipv4/tcp.c | 261 +++++++++++- net/ipv4/tcp_input.c | 13 +- net/ipv4/tcp_ipv4.c | 16 + net/ipv4/tcp_minisocks.c | 2 + net/ipv4/tcp_output.c | 5 +- net/ipv6/esp6.c | 3 +- net/packet/af_packet.c | 4 +- tools/include/uapi/linux/netdev.h | 19 + tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 5 + tools/testing/selftests/net/ncdevmem.c | 542 ++++++++++++++++++++++++ 47 files changed, 2753 insertions(+), 251 deletions(-) create mode 100644 Documentation/networking/devmem.rst create mode 100644 include/net/devmem.h create mode 100644 include/net/mp_dmabuf_devmem.h create mode 100644 net/core/devmem.c create mode 100644 net/core/netdev_rx_queue.c create mode 100644 tools/testing/selftests/net/ncdevmem.c -- 2.45.2.741.gdbec12cfda-goog

1 year, 6 months

← Newer
1
...
6
7
8
9
10
11
12
...
33
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror June 2024