April 2025 - Linux-kselftest-mirror

[GIT PULL] kunit fixes update for Linux 6.15-rc2

by Shuah Khan

Hi Linus, Please pull the following kunit fixes update for Linux 6.15-rc2 Fixes tool to report test count in case of a late test plan when tests are specified before the test plan. Fixes spelling error in the commit that went into 6.15-rc1. diff is attached. thanks, -- Shuah ---------------------------------------------------------------- The following changes since commit 0af2f6be1b4281385b618cb86ad946eded089ac8: Linux 6.15-rc1 (2025-04-06 13:11:33 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest tags/linux_kselftest-kunit-6.15-rc2 for you to fetch changes up to d1be0cf3b8aeae75bc8fff5b7a3e01ebfe276008: kunit: Spelling s/slowm/slow/ (2025-04-08 14:57:24 -0600) ---------------------------------------------------------------- linux_kselftest-kunit-6.15-rc2 Fixes tool to report test count in case of a late test plan when tests are specified before the test plan. Fixes spelling error in the commit that went into 6.15-rc1. ---------------------------------------------------------------- Geert Uytterhoeven (1): kunit: Spelling s/slowm/slow/ Rae Moar (1): kunit: tool: fix count of tests if late test plan include/kunit/test.h | 2 +- tools/testing/kunit/kunit_parser.py | 4 ++++ tools/testing/kunit/kunit_tool_test.py | 4 ++-- 3 files changed, 7 insertions(+), 3 deletions(-) ----------------------------------------------------------------

5 months

2
1
0 0

[PATCH net-next] selftests: tc-testing: Pre-load IFE action and its submodules

by Victor Nogueira

Recently we had some issues in parallel TDC where some of IFE tests are failing due to some of IFE's submodules (like act_meta_skbtcindex and act_meta_skbprio) taking too long to load [1]. To avoid that issue, pre-load IFE and all its submodules before running any of the tests in tdc.sh [1] https://lore.kernel.org/netdev/e909b2a0-244e-4141-9fa9-1b7d96ab7d71@mojatat… Signed-off-by: Victor Nogueira <victor(a)mojatatu.com> --- tools/testing/selftests/tc-testing/tdc.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/tc-testing/tdc.sh b/tools/testing/selftests/tc-testing/tdc.sh index cddff1772e10..589b18ed758a 100755 --- a/tools/testing/selftests/tc-testing/tdc.sh +++ b/tools/testing/selftests/tc-testing/tdc.sh @@ -31,6 +31,10 @@ try_modprobe act_skbedit try_modprobe act_skbmod try_modprobe act_tunnel_key try_modprobe act_vlan +try_modprobe act_ife +try_modprobe act_meta_mark +try_modprobe act_meta_skbtcindex +try_modprobe act_meta_skbprio try_modprobe cls_basic try_modprobe cls_bpf try_modprobe cls_cgroup -- 2.49.0

5 months

2
1
0 0

[PATCH net 0/2] mptcp: only inc MPJoinAckHMacFailure for HMAC failures

by Matthieu Baerts (NGI0)

Recently, during a debugging session using local MPTCP connections, I noticed MPJoinAckHMacFailure was strangely not zero on the server side. The first patch fixes this issue -- present since v5.9 -- and the second one validates it in the selftests. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Matthieu Baerts (NGI0) (2): mptcp: only inc MPJoinAckHMacFailure for HMAC failures selftests: mptcp: validate MPJoin HMacFailure counters net/mptcp/subflow.c | 8 ++++++-- tools/testing/selftests/net/mptcp/mptcp_join.sh | 18 ++++++++++++++++++ 2 files changed, 24 insertions(+), 2 deletions(-) --- base-commit: 61f96e684edd28ca40555ec49ea1555df31ba619 change-id: 20250407-net-mptcp-hmac-failure-mib-66f599305ff3 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

5 months

3
5
0 0

[PATCH] tests/pid_namespace: Add missing sys/mount.h

by T.J. Mercier

pid_max.c: In function ‘pid_max_cb’: pid_max.c:42:15: error: implicit declaration of function ‘mount’ [-Wimplicit-function-declaration] 42 | ret = mount("", "/", NULL, MS_PRIVATE | MS_REC, 0); | ^~~~~ pid_max.c:42:36: error: ‘MS_PRIVATE’ undeclared (first use in this function); did you mean ‘MAP_PRIVATE’? 42 | ret = mount("", "/", NULL, MS_PRIVATE | MS_REC, 0); | ^~~~~~~~~~ | MAP_PRIVATE pid_max.c:42:49: error: ‘MS_REC’ undeclared (first use in this function) 42 | ret = mount("", "/", NULL, MS_PRIVATE | MS_REC, 0); | ^~~~~~ pid_max.c:48:9: error: implicit declaration of function ‘umount2’; did you mean ‘SYS_umount2’? [-Wimplicit-function-declaration] 48 | umount2("/proc", MNT_DETACH); | ^~~~~~~ | SYS_umount2 pid_max.c:48:26: error: ‘MNT_DETACH’ undeclared (first use in this function) 48 | umount2("/proc", MNT_DETACH); Fixes: 615ab43b838b ("tests/pid_namespace: add pid_max tests") Signed-off-by: T.J. Mercier <tjmercier(a)google.com> --- tools/testing/selftests/pid_namespace/pid_max.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/pid_namespace/pid_max.c b/tools/testing/selftests/pid_namespace/pid_max.c index 51c414faabb0..96f274f0582b 100644 --- a/tools/testing/selftests/pid_namespace/pid_max.c +++ b/tools/testing/selftests/pid_namespace/pid_max.c @@ -10,6 +10,7 @@ #include <stdlib.h> #include <string.h> #include <syscall.h> +#include <sys/mount.h> #include <sys/wait.h> #include "../kselftest_harness.h" -- 2.49.0.504.g3bcea36a83-goog

5 months

2
2
0 0

[PATCH] selftests/futex: futex_waitv wouldblock test should fail

by Edward Liaw

Testcase should fail if -EWOULDBLOCK is not returned when expected value differs from actual value from the waiter. Fixes: 9d57f7c79748920636f8293d2f01192d702fe390 ("selftests: futex: Test sys_futex_waitv() wouldblock") Signed-off-by: Edward Liaw <edliaw(a)google.com> --- .../testing/selftests/futex/functional/futex_wait_wouldblock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/futex/functional/futex_wait_wouldblock.c b/tools/testing/selftests/futex/functional/futex_wait_wouldblock.c index 7d7a6a06cdb7..2d8230da9064 100644 --- a/tools/testing/selftests/futex/functional/futex_wait_wouldblock.c +++ b/tools/testing/selftests/futex/functional/futex_wait_wouldblock.c @@ -98,7 +98,7 @@ int main(int argc, char *argv[]) info("Calling futex_waitv on f1: %u @ %p with val=%u\n", f1, &f1, f1+1); res = futex_waitv(&waitv, 1, 0, &to, CLOCK_MONOTONIC); if (!res || errno != EWOULDBLOCK) { - ksft_test_result_pass("futex_waitv returned: %d %s\n", + ksft_test_result_fail("futex_waitv returned: %d %s\n", res ? errno : res, res ? strerror(errno) : ""); ret = RET_FAIL; -- 2.49.0.504.g3bcea36a83-goog

5 months

4
3
0 0

[RFC PATCH v1 nf-next] selftests: netfilter: Add bridge_fastpath.sh

by Eric Woudstra

Add a script to test various scenarios where a bridge is involved in the fastpath. It runs tests in the forward path, and also in a bridged path. The setup is similar to a basic home router with multiple lan ports. It uses 3 pairs of veth-devices. Each or all pairs can be replaced by a pair of real interfaces, interconnected by wire. This is necessary to test the behavior when dealing with dsa ports, foreign (dsa) ports and switchdev userports that support SWITCHDEV_OBJ_ID_PORT_VLAN. See the head of the script for a detailed description. Run without arguments to perform all tests on veth-devices. Signed-off-by: Eric Woudstra <ericwouds(a)gmail.com> --- This test script is written first for the proposed bridge-fastpath patch-sets, but it's use is more general and can easily be expanded. Because the development of this script has helped me find and fix a few issues in my last version of the patches needed for bridge-fastpath, I am sending the whole set again (split up in smaller patch-sets), including the latest fixes. Some example outputs of this last version of patches from different hardware, without and with patches: ALL VETH: ========= ./bridge_fastpath.sh -t Setup: CLIENT 0 veth0cl | veth0rt WAN ROUTER LAN1 LAN2 veth1rt veth2rt | | veth1cl veth2cl CLIENT 1 CLIENT 2 Without patches: PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, with single vlan encap, without fastpath ERROR: unaware bridge, with double q vlan encaps, without fastpath: ipv4/6: established bytes 0 < 4194304 ERROR: unaware bridge, with 802.1ad vlan encaps, without fastpath: ipv4/6: established bytes 0 < 4194304 PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath ERROR: forward, without vlan-device, with vlan encap, client1, with fastpath: ipv4/6: tcp broken PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath ERROR: bridge fastpath test has failed With patches: PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, without encaps, with fastpath PASS: unaware bridge, with single vlan encap, without fastpath PASS: unaware bridge, with single vlan encap, with fastpath PASS: unaware bridge, with double q vlan encaps, without fastpath PASS: unaware bridge, with double q vlan encaps, with fastpath PASS: unaware bridge, with 802.1ad vlan encaps, without fastpath PASS: unaware bridge, with 802.1ad vlan encaps, with fastpath PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, without/without vlan encap, with fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, with fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, with fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, with fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath PASS: forward, without vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: all tests passed BANANAPI-R3 (lan1 & lan2 are dsa): ============ Without patches: ./bridge_fastpath.sh -t -0 enu1u2,lan2 -1 enu1u1,lan1 -2 lan4,eth1 Setup: CLIENT 0 enu1u2 | lan2 WAN ROUTER LAN1 LAN2 lan1 eth1 | | enu1u1 lan4 CLIENT 1 CLIENT 2 PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, with single vlan encap, without fastpath PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath ERROR: forward, without vlan-device, without vlan encap, client1, with fastpath: ipv4: counted bytes 2118540 > 2097152 ERROR: forward, without vlan-device, without vlan encap, client1, with fastpath: ipv6: counted bytes 2117904 > 2097152 PASS: forward, without vlan-device, without vlan encap, client2, without fastpath PASS: forward, without vlan-device, without vlan encap, client2, with fastpath PASS: forward, without vlan-device, without vlan encap, client2, with hw_fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath ERROR: forward, without vlan-device, with vlan encap, client1, with fastpath: ipv4/6: tcp broken PASS: forward, without vlan-device, with vlan encap, client2, without fastpath ERROR: forward, without vlan-device, with vlan encap, client2, with fastpath: ipv4/6: tcp broken PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, with vlan encap, client2, without fastpath PASS: forward, with vlan-device, with vlan encap, client2, with fastpath PASS: forward, with vlan-device, with vlan encap, client2, with hw_fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, without vlan encap, client2, without fastpath ERROR: forward, with vlan-device, without vlan encap, client2, with fastpath: ipv4: counted bytes 2109596 > 2097152 ERROR: forward, with vlan-device, without vlan encap, client2, with fastpath: ipv6: counted bytes 2121432 > 2097152 ERROR: bridge fastpath test has failed With patches: PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, without encaps, with fastpath PASS: unaware bridge, without encaps, with hw_fastpath PASS: unaware bridge, with single vlan encap, without fastpath PASS: unaware bridge, with single vlan encap, with fastpath PASS: unaware bridge, with single vlan encap, with hw_fastpath PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, without/without vlan encap, with fastpath PASS: aware bridge, without/without vlan encap, with hw_fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, with fastpath PASS: aware bridge, with/without vlan encap, with hw_fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, with fastpath PASS: aware bridge, with/with vlan encap, with hw_fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, with fastpath PASS: aware bridge, without/with vlan encap, with hw_fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, with fastpath PASS: forward, without vlan-device, without vlan encap, client1, with hw_fastpath PASS: forward, without vlan-device, without vlan encap, client2, without fastpath PASS: forward, without vlan-device, without vlan encap, client2, with fastpath PASS: forward, without vlan-device, without vlan encap, client2, with hw_fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath PASS: forward, without vlan-device, with vlan encap, client1, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, with hw_fastpath PASS: forward, without vlan-device, with vlan encap, client2, without fastpath PASS: forward, without vlan-device, with vlan encap, client2, with fastpath PASS: forward, without vlan-device, with vlan encap, client2, with hw_fastpath PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, with vlan encap, client2, without fastpath PASS: forward, with vlan-device, with vlan encap, client2, with fastpath PASS: forward, with vlan-device, with vlan encap, client2, with hw_fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, without vlan encap, client2, without fastpath PASS: forward, with vlan-device, without vlan encap, client2, with fastpath PASS: forward, with vlan-device, without vlan encap, client2, with hw_fastpath PASS: all tests passed AM3359 (end1 supports SWITCHDEV_OBJ_ID_PORT_VLAN, ipv4 only for now): ======= ./bridge_fastpath.sh -t -a -4 -d -1 enu1u4c2,end1 Without patches: Setup: CLIENT 0 veth0cl | veth0rt WAN ROUTER LAN1 LAN2 end1 veth2rt | | enu1u4c2 veth2cl CLIENT 1 CLIENT 2 INFO: Skipping unaware bridge PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath ERROR: forward, without vlan-device, without vlan encap, client1, with fastpath: ipv4: counted bytes 2190092 > 2097152 PASS: forward, without vlan-device, without vlan encap, client2, without fastpath PASS: forward, without vlan-device, without vlan encap, client2, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath ERROR: forward, without vlan-device, with vlan encap, client1, with fastpath: ipv4: tcp broken PASS: forward, without vlan-device, with vlan encap, client2, without fastpath ERROR: forward, without vlan-device, with vlan encap, client2, with fastpath: ipv4: tcp broken PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client2, without fastpath PASS: forward, with vlan-device, with vlan encap, client2, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client2, without fastpath PASS: forward, with vlan-device, without vlan encap, client2, with fastpath ERROR: bridge fastpath test has failed With patches: INFO: Skipping unaware bridge PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, without/without vlan encap, with fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, with fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, with fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, with fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, with fastpath PASS: forward, without vlan-device, without vlan encap, client2, without fastpath PASS: forward, without vlan-device, without vlan encap, client2, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath PASS: forward, without vlan-device, with vlan encap, client1, with fastpath PASS: forward, without vlan-device, with vlan encap, client2, without fastpath PASS: forward, without vlan-device, with vlan encap, client2, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client2, without fastpath PASS: forward, with vlan-device, with vlan encap, client2, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client2, without fastpath PASS: forward, with vlan-device, without vlan encap, client2, with fastpath PASS: all tests passed (Some problem still to figure out for my AM3359 hardware: On the second run of the command the tcp traffic is ok on all tests ipv4. On the first run the hardware is not setup correctly, some tests report broken tcp even without fastpath. Also ipv6 tcp broken even on second run even without fastpath. This may be a problem with my hardware or the test-script, but anyway it shows the fastpath is functional) .../testing/selftests/net/netfilter/Makefile | 1 + .../net/netfilter/bridge_fastpath.sh | 922 ++++++++++++++++++ 2 files changed, 923 insertions(+) create mode 100755 tools/testing/selftests/net/netfilter/bridge_fastpath.sh diff --git a/tools/testing/selftests/net/netfilter/Makefile b/tools/testing/selftests/net/netfilter/Makefile index ffe161fac8b5..104dd9e5e02a 100644 --- a/tools/testing/selftests/net/netfilter/Makefile +++ b/tools/testing/selftests/net/netfilter/Makefile @@ -8,6 +8,7 @@ MNL_LDLIBS := $(shell $(HOSTPKG_CONFIG) --libs libmnl 2>/dev/null || echo -lmnl) TEST_PROGS := br_netfilter.sh bridge_brouter.sh TEST_PROGS += br_netfilter_queue.sh +TEST_PROGS += bridge_fastpath.sh TEST_PROGS += conntrack_dump_flush.sh TEST_PROGS += conntrack_icmp_related.sh TEST_PROGS += conntrack_ipip_mtu.sh diff --git a/tools/testing/selftests/net/netfilter/bridge_fastpath.sh b/tools/testing/selftests/net/netfilter/bridge_fastpath.sh new file mode 100755 index 000000000000..68e2f9e70951 --- /dev/null +++ b/tools/testing/selftests/net/netfilter/bridge_fastpath.sh @@ -0,0 +1,922 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 +# +# Check if conntrack, nft chain and fastpath is functional in setups +# where a bridge is in the fastpath. +# +# Commandline options make it possible to use real ethernet pairs +# instead of veth-device pairs. Any, or all, pairs can be tested using +# real hardware pairs. This is can be useful to test dsa-ports, +# switchdev (dsa) foreign ports and switchdev ports supporting +# SWITCHDEV_OBJ_ID_PORT_VLAN. +# +# First tcp is tested. Conntrack and nft chain are tested using a counter. +# When there is a fastpath possible between the interfaces then the +# fastpath is also tested. +# When there is a hardware offloaded fastpath possible between the +# interfaces then the hardware offloaded path is also tested. +# +# Setup is as a typical router: +# +# nsclientwan +# | +# nsrt +# | | +# nsclient1 nsclient2 +# +# Masquerading for ipv4 only. +# +# First check if a bridge table forward chain can be setup, skip +# these tests if this is not possible. +# Then check if a inet table forward chain can be setup, skip +# these tests if this is not possible. +# +# Different setups of paths are tested that involve a bridge in the +# fastpath. This can be in the forward-fastpath or in the bridge-fastpath. +# +# The first series, in the bridge-fastpath, using a vlan-unaware bridge. +# Traffic with the following vlan-tags is checked: +# - without vlan +# - single vlan +# - double q vlan (only on veth-devices) +# - 802.1ad vlan (only on veth-devices) +# - pppoe (when available) +# - pppoe-in-q (when available) +# +# (double tag testing results in broken tcp traffic on most hardware, +# in this test setup, use '-a' argument to test it anyway) +# (pppoe testing takes place if pppd and pppoe-server are installed) +# +# The second series, in the bridge-fastpath, using a vlan-aware bridge. +# Here we test all combinations of ingress/egress with or without single +# vlan encaps. +# +# The third series, in the forward-fastpath, using a vlan-aware bridge, +# without a vlan-device linked to the master port. We test the same combinations +# of ingress/egress with or without single vlan encaps. +# +# The fourth series, in the forward-fastpath, using a vlan-aware bridge, +# with a vlan-device linked to the master port. We test the same combinations +# of ingress/egress with or without single vlan encaps. +# +# Note 1: Using dsa userports on both sides of eth-pairs client1 or client2 +# gives erratic and unpredictable results. Use, for example, an usb-eth device +# on the client side to test a dsa-userport. +# +# Note 2: Testing the hardware offloaded fastpath, it is not checked if the +# packets do not follow the software fastpath instead. A universal way to +# check this should be added at some point. +# +# Mote 3: Some interfaces to test on the router side, are netns immutable. +# Use the -d or --defaultnsrouter option so that the interfaces of the router +# do not have to change netns. The router is build up in the default netns. +# + +source lib.sh + +checktool "nft --version" "run test without nft" +checktool "socat -h" "run test without socat" +checktool "bridge -V" "run test without bridge" + +VID1=100 +VID2=101 +BRWAN=brwan +BRLAN=brlan +BRCL=brcl +LINKUP_TIMEOUT=10 +PING_TIMEOUT=10 +SOCAT_TIMEOUT=10 +filesize=2 # MiB + +filein=$(mktemp) +file1out=$(mktemp) +file2out=$(mktemp) +pppoeserveroptions=$(mktemp) +pppoeserverpid=$(mktemp) + +setup_ns nsclientwan nsclientlan1 nsclientlan2 + + WAN=0 ; LAN1=1 ; LAN2=2 ; ADWAN=3 ; ADLAN=4 +nsa=( $nsclientwan $nsclientlan1 $nsclientlan2 ) # $nsrt $nsrt +AD4=( '192.168.1.1' '192.168.2.101' '192.168.2.102' '192.168.1.2' '192.168.2.1' ) +AD6=( 'dead:1::1' 'dead:2::101' 'dead:2::102' 'dead:1::2' 'dead:2::1' ) + +while [ "${1:-}" != '' ]; do + case "$1" in + '-0' | '--pairwan') + shift + vethcl[$WAN]="${1%,*}" + vethrt[$WAN]="${1#*,}" + ;; + '-1' | '--pairlan1') + shift + vethcl[$LAN1]="${1%,*}" + vethrt[$LAN1]="${1#*,}" + ;; + '-2' | '--pairlan2') + shift + vethcl[$LAN2]="${1%,*}" + vethrt[$LAN2]="${1#*,}" + ;; + '-s' | '--filesize') + shift + filesize=$1 + ;; + '-4' | '--ipv4') + do_ipv4=1 + ;; + '-6' | '--ipv6') + do_ipv6=1 + ;; + '-a' | '--aware') + skip_unaware=1 + ;; + '-n' | '--noskip') + noskip=1 + ;; + '-d' | '--defaultnsrouter') + defaultnsrouter=1 + ;; + '-f' | '--fixmac') + fixmac=1 + ;; + '-t' | '--showtree') + showtree=1 + ;; + *) + cat <<-EOF + Usage: $(basename $0) [OPTION]... + -0 --pairwan eth0cl,eth0rt pair of real interfaces to use on wan side + -1 --pairlan1 eth1cl,eth1rt pair of real interfaces to use on lan1 side + -2 --pairlan2 eth2cl,eth2rt pair of real interfaces to use on lan2 side + -s --filesize filesize to use for testing + -4|-6 --ipv4|--ipv6 test ipv4/6 only + -a --aware only test vlan aware bridge + -d --defaultnsrouter router in default network namespace, caution! + -f --fixmac change mac address when conflict found + -n --noskip also perform the normally skipped tests + -t --showtree show the tree of used interfaces + EOF + ;; + esac + shift +done + +if [ -n "$defaultnsrouter" ]; then + nsrt="nsrt-$(mktemp -u XXXXXX)" + touch /var/run/netns/$nsrt + mount --bind /proc/1/ns/net /var/run/netns/$nsrt +else + setup_ns nsrt +fi +nsa+=($nsrt $nsrt) + +cleanup() { + if [ -n "$defaultnsrouter" ]; then + umount /var/run/netns/$nsrt + rm -f /var/run/netns/$nsrt + fi + cleanup_all_ns + rm -f "$filein" "$file1out" "$file2out" "$pppoeserveroptions" "$pppoeserverpid" +} + +trap cleanup EXIT + +head -c $(($filesize * 1024 * 1024)) < /dev/urandom > "$filein" + +check_mac() +{ + local ns=$1 + local dev=$2 + local othermacs=$3 + local mac + + mac=$(ip -net "$ns" -br link show dev "$dev" | \ + grep -o -E '([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}') + + if [[ ! "$othermacs" =~ "$mac" ]]; then + echo $mac + return 0 + fi + echo "WARN: Conflicting mac address $dev $mac" 1>&2 + + [ -z "$fixmac" ] && return 1 + + for (( j = 0 ; j < 10 ; j++ )); do + mac="${mac::6}$(printf %02x:%02x:%02x:%02x $(($RANDOM%256)) \ + $(($RANDOM%256)) $(($RANDOM%256)) $(($RANDOM%256)))" + [[ "$othermacs" =~ "$mac" ]] && continue + echo $mac + ip -net "$ns" link set dev "$dev" address "$mac" 1>&2 + return $? + done + return 1 +} + +is_linkup() +{ + local ns=$1 + local dev=$2 + + if [ -n "$(ip -net "$ns" link show dev "$dev" up 2>/dev/null | \ + grep 'state UP')" ]; then + return 0 + fi + return 1 +} + +wait_ping() +{ + local i1=$1 + local i2=$2 + local ns1=${nsa[$i1]} + local j + + for j in $(seq 1 $(($PING_TIMEOUT * 5 ))); do + ip netns exec "$ns1" ping -c 1 -w $PING_TIMEOUT -i 0.2 \ + -q "${AD4[$i2]}" >/dev/null 2>&1 + [ $? -le 1 ] && return $? + sleep 0.2 + done + return 1 +} + +add_addr() +{ + local i=$1 + local dev=$2 + local ns=${nsa[$i]} + local ad4=${AD4[$i]} + local ad6=${AD6[$i]} + + ip -net "$ns" addr add "${ad4}/24" dev "$dev" + ip -net "$ns" addr add "${ad6}/64" dev "$dev" nodad + if [[ "$ns" == "nsclientlan"* ]]; then + ip -net "$ns" route add default via "${AD4[$ADLAN]}" + ip -net "$ns" route add default via "${AD6[$ADLAN]}" + elif [[ "$ns" == "nsclientwan"* ]]; then + ip -net "$ns" route add default via "${AD6[$ADWAN]}" + fi + +} + +del_addr() +{ + local i=$1 + local dev=$2 + local ns=${nsa[$i]} + local ad4=${AD4[$i]} + local ad6=${AD6[$i]} + + if [[ "$ns" == "nsclientlan"* ]]; then + ip -net "$ns" route del default via "${AD6[$ADLAN]}" + ip -net "$ns" route del default via "${AD4[$ADLAN]}" + elif [[ "$ns" == "nsclientwan"* ]]; then + ip -net "$ns" route del default via "${AD6[$ADWAN]}" + fi + ip -net "$ns" addr del "${ad6}/64" dev "$dev" nodad + ip -net "$ns" addr del "${ad4}/24" dev "$dev" +} + +set_client() +{ + local i=$1 + local vlan=$2 + local arg=$3 + local ns=${nsa[$i]} + local vdev="${vethcl[$i]}" + local brdev="$BRCL" + local proto="" + local pvidslave="" + + unset_client $i + + if [[ "$vlan" == "qq" ]]; then + ip -net "$ns" link add link "$vdev" name "$vdev.$VID1" type vlan id $VID1 + ip -net "$ns" link add link "$vdev.$VID1" name "$vdev.$VID1.$VID2" \ + type vlan id $VID2 + ip -net "$ns" link set "$vdev.$VID1" up + ip -net "$ns" link set "$vdev.$VID1.$VID2" up + add_addr $i "$vdev.$VID1.$VID2" + return + fi + + [[ "$vlan" == "none" ]] && pvidslave="pvid untagged" + [[ "$vlan" == "ad" ]] && proto="vlan_protocol 802.1ad" + + ip -net "$ns" link add "$brdev" type bridge vlan_filtering 1 vlan_default_pvid 0 $proto + ip -net "$ns" link set "$vdev" master "$brdev" + ip -net "$ns" link set "$brdev" up + + bridge -net "$ns" vlan add dev "$brdev" vid $VID1 pvid untagged self + bridge -net "$ns" vlan add dev "$vdev" vid $VID1 $pvidslave + + if [[ "$vlan" == "ad" ]]; then + ip -net "$ns" link add link "$brdev" name "$brdev.$VID2" type vlan id $VID2 + brdev="$brdev.$VID2" + ip -net "$ns" link set "$brdev" up + fi + + if [[ "$arg" != "noaddress" ]]; then + add_addr $i "$brdev" + fi +} + +unset_client() +{ + local i=$1 + local ns=${nsa[$i]} + local vdev="${vethcl[$i]}" + local brdev="$BRCL" + + ip -net "$ns" link del "$brdev" type bridge 2>/dev/null + ip -net "$ns" link del "$vdev.$VID1" 2>/dev/null +} + +add_pppoe() +{ + local i1=$1 + local i2=$2 + local dev1=$3 + local dev2=$4 + local desc=$5 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + + ppp1=0 + while [ -n "$(ip -net "$ns1" link show ppp$ppp$LAN1 $LAN2>/dev/null)" ] + do ((ppp1++)); done + echo "noauth defaultroute noipdefault unit $ppp1" >"$pppoeserveroptions" + ppp1="ppp$ppp1" + + if ! ip netns exec "$ns1" pppoe-server -k -L "${AD4[$i1]}" -R "${AD4[$i2]}" \ + -I $dev1 -X "$pppoeserverpid" -O "$pppoeserveroptions" >/dev/null; then + echo "ERROR: $desc: failed to setup pppoe server" 1>&2 + return 1 + fi + + if ! ip netns exec "$ns2" pppd plugin pppoe.so nic-$dev2 persist holdoff 0 noauth \ + defaultroute noipdefault noaccomp nodeflate noproxyarp nopcomp \ + novj novjccomp linkname "selftest-$$" >/dev/null; then + echo "ERROR: $desc: failed to setup pppoe client" 1>&2 + return 1 + fi + + if ! wait_ping $i1 $i2; then + echo "ERROR: $desc: failed to setup functional pppoe connection" 1>&2 + return 1 + fi + + ppp2=$(cat "/run/pppd/ppp-selftest-$$.pid" | tail -n 1) + + ip -net "$ns1" addr add "${AD6[$i1]}/64" dev "$ppp1" nodad + ip -net "$ns2" addr add "${AD6[$i2]}/64" dev "$ppp2" nodad + + return 0 +} + +del_pppoe() +{ + local i1=$1 + local i2=$2 + local dev1=$3 + local dev2=$4 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + + [[ -n "$ppp1" ]] && ip -net "$ns1" addr del "${AD6[$i1]}/64" dev "$ppp1" + [[ -n "$ppp2" ]] && ip -net "$ns2" addr del "${AD6[$i2]}/64" dev "$ppp2" + + kill -9 $(cat "/run/pppd/ppp-selftest-$$.pid" | head -n 1) \ + $(cat "$pppoeserverpid" | head -n 1) +} + +listener_ready() +{ + local ns=$1 + local ipv=$2 + + ss -N "$ns" --ipv$ipv -lnt -o "sport = :8080" | grep -q 8080 +} + +test_tcp() { + local i1=$1 + local i2=$2 + local dofast=$3 + local desc=$4 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + local i=-1 + local lret=0 + local ads="" + local ipv ad a lpid bytes limit error + + if [ -n "$do_ipv4" ]; then ads="${AD4[$i2]}" + elif [ -n "$do_ipv6" ]; then ads="${AD6[$i2]}" + else ads="${AD4[$i2]} ${AD6[$i2]}" + fi + for ad in $ads; do + ((i++)) + if [[ "$ad" =~ ":" ]] + then ipv="6"; a="[${ad}]" + else ipv="4"; a="${ad}" + fi + + rm -f "$file1out" "$file2out" + + # ip netns exec "$nsrt" nft reset counters >/dev/null + # But on some systems this results in 4GB values in packet and byte count, so: + (echo "flush ruleset"; ip netns exec "$nsrt" nft --stateless list ruleset) | \ + ip netns exec "$nsrt" nft -f - + + timeout "$SOCAT_TIMEOUT" ip netns exec "$ns2" socat TCP$ipv-LISTEN:8080,reuseaddr \ + STDIO <"$filein" >"$file2out" 2>/dev/null & + lpid=$! + busywait 1000 listener_ready "$ns2" "$ipv" + + timeout "$SOCAT_TIMEOUT" ip netns exec "$ns1" socat TCP$ipv:$a:8080 \ + STDIO <"$filein" >"$file1out" 2>/dev/null + wait $lpid + + if [ $? -ne 0 ]; then + error[$i]="ipv$ipv: tcp broken" + continue + fi + if ! cmp "$filein" "$file1out" >/dev/null 2>&1; then + error[$i]="ipv$ipv: file mismatch to ${ad}" + continue + fi + if ! cmp "$filein" "$file2out" >/dev/null 2>&1; then + error[$i]="ipv$ipv: file mismatch from ${ad}" + continue + fi + + limit=$((2 * $filesize * 1024 * 1024)) + bytes=$(ip netns exec "$nsrt" nft list counter $family filter "check" | \ + grep "packets" | cut -d' ' -f4) + if [ -z "$dofast" ] && [ "$bytes" -lt "$limit" ]; then + + error[$i]="ipv$ipv: established bytes $bytes < $limit" + continue + fi + if [ -n "$dofast" ] && [ "$bytes" -gt "$((limit/2))" ]; then + # Significant reduction of bytes expected + error[$i]="ipv$ipv: counted bytes $bytes > $((limit/2))" + continue + fi + done + + if [ -n "${error[0]}" ]; then + if [[ "${error[0]#*:}" == "${error[1]#*:}" ]]; then + echo "ERROR: $desc: ipv4/6:${error[0]#*:}" 1>&2 + return 1 + fi + echo "ERROR: $desc: ${error[0]}" 1>&2 + lret=1 + fi + if [ -n "${error[1]}" ]; then + echo "ERROR: $desc: ${error[1]}" 1>&2 + lret=1 + fi + if [ $lret -eq 0 ]; then + echo "PASS: $desc" + fi + return $lret +} + +test_paths() { + local i1=$1 + local i2=$2 + local desc=$3 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + + + if ! setup_nftables $i1 $i2; then + echo "ERROR: $desc: cannot setup nftables" 1>&2 + return 1 + fi + if ! test_tcp $i1 $i2 "" "$desc without fastpath"; then + return 1 + fi + + if ! setup_fastpath $i1 $i2 "" 2>/dev/null; then + return 0 + fi + if ! test_tcp $i1 $i2 "fast" "$desc with fastpath"; then + return 1 + fi + + if ! setup_fastpath $i1 $i2 "hw" 2>/dev/null; then + return 0 + fi + if ! test_tcp $i1 $i2 "fast" "$desc with hw_fastpath"; then + return 1 + fi + + return 0 + +} + +add_masq() +{ + if [[ $family != "bridge" ]]; then + ip netns exec "$nsrt" nft -f - <<-EOF + table ip nat { + chain postrouting { + type nat hook postrouting priority 0; + oifname ${BRWAN} masquerade + } + } + EOF + else + return 0 + fi +} + +setup_nftables() +{ + local i1=$1 + local i2=$2 + + ip netns exec "$nsrt" nft flush ruleset + + if ! add_masq; then + return 1 + fi + + ip netns exec "$nsrt" nft -f - <<-EOF + table ${family} filter { + counter check { } + chain forward { + type filter hook forward priority 0; policy accept; + ct state established ip saddr ${AD4[$i1]} tcp dport 8080 counter name "check" + ct state established ip saddr ${AD4[$i2]} tcp sport 8080 counter name "check" + ct state established ip6 saddr ${AD6[$i1]} tcp dport 8080 counter name "check" + ct state established ip6 saddr ${AD6[$i2]} tcp sport 8080 counter name "check" + } + } + EOF +} + +setup_fastpath() +{ + local devs="${vethrt[$1]} , ${vethrt[$2]}" + local arg=$3 + local flags="" + + [[ "$arg" == "hw" ]] && flags="flags offload" + + ip netns exec "$nsrt" nft flush ruleset + + if ! add_masq; then + return 1 + fi + + ip netns exec "$nsrt" nft -f - <<-EOF + table ${family} filter { + counter check { } + flowtable f { + hook ingress priority filter + devices = { ${devs} } + ${flags} + } + chain forward { + type filter hook forward priority 0; policy accept; + counter name "check" + ct state established flow add @f + } + } + EOF +} + +ret=0 +### Start Initial Setup ### + +for i in 4 6; do + ip netns exec "$nsrt" sysctl -q net.ipv$i.conf.all.forwarding=1 +done + +### Setup brlan as vlan unaware bridge ### +### Use brwan to make sure software fastpath is ### +### direct xmit in other direction also ### + +ip -net "$nsrt" link add $BRWAN type bridge +ret=$(($ret | $?)) +ip -net "$nsrt" link set $BRWAN up +ret=$(($ret | $?)) +if [ $ret -ne 0 ]; then + echo "SKIP: Can't create bridge" + exit $ksft_skip +fi + +# If both lan clients are veth-devices, only test 1 in the forward path +if [ -z "${vethcl[$LAN1]}" ] && [ -z "${vethcl[$LAN2]}" ]; then + lan_all_veth=1 +fi + +for i in $WAN $LAN1 $LAN2; do + ns="${nsa[$i]}" + if [ -z "${vethcl[$i]}" ]; then + vethcl[$i]="veth${i}cl" + vethrt[$i]="veth${i}rt" + ip link add "${vethcl[$i]}" netns "$ns" type veth \ + peer name "${vethrt[$i]}" netns "$nsrt" + ret=$(($ret | $?)) + else # Use pair of interconnected hardware interfaces + ip link set "${vethrt[$i]}" netns "$nsrt" + ret=$(($ret | $?)) + ip link set "${vethcl[$i]}" netns "$ns" + ret=$(($ret | $?)) + fi +done +if [ $ret -ne 0 ]; then + echo "SKIP: (v)eth pairs cannot be used" + exit $ksft_skip +fi + +if [ -n "$showtree" ]; then + cat <<-EOF + Setup: + CLIENT 0 + ${vethcl[$WAN]} + | + ${vethrt[$WAN]} + WAN + ROUTER + LAN1 LAN2 + $(printf "%14.14s" ${vethrt[$LAN1]}) ${vethrt[$LAN2]} + | | + $(printf "%14.14s" ${vethcl[$LAN1]}) ${vethcl[$LAN2]} + CLIENT 1 CLIENT 2 + + EOF +fi + +for n in nsclientwan nsclientlan; do + routerside=""; clientside="" + for i in $WAN $LAN1 $LAN2; do + ns="${nsa[$i]}" + [[ "$ns" != "$n"* ]] && continue + mac=$(check_mac $ns ${vethcl[$i]} "$routerside $clientside") + ret=$(($ret | $?)) + clientside+=" $mac" + mac=$(check_mac $nsrt ${vethrt[$i]} "$clientside") + ret=$(($ret | $?)) + routerside+=" $mac" + done +done +if [ $ret -ne 0 ]; then + echo "SKIP: because of conflicting mac address" + exit $ksft_skip +fi + +for i in $WAN $LAN1 $LAN2; do + ns="${nsa[$i]}" + ip -net "$ns" link set "${vethcl[$i]}" up + ret=$(($ret | $?)) + ip -net "$nsrt" link set "${vethrt[$i]}" up + ret=$(($ret | $?)) +done +if [ $ret -ne 0 ]; then + echo "SKIP: setting (v)eth pairs link up failed" + exit $ksft_skip +fi + +for j in $(seq 1 $(($LINKUP_TIMEOUT * 5 ))); do + ret=0 + for i in $WAN $LAN1 $LAN2; do + ns="${nsa[$i]}" + is_linkup $ns "${vethcl[$i]}" + ret=$(($ret | $?)) + is_linkup $nsrt "${vethrt[$i]}" + ret=$(($ret | $?)) + done + [ $ret -eq 0 ] && break + sleep 0.2 +done +if [ $ret -ne 0 ]; then + echo "SKIP: waiting for (v)eth pairs link up failed" + exit $ksft_skip +fi + +i=$WAN +ip -net "$nsrt" link set "${vethrt[$i]}" master $BRWAN + +### End Initial Setup ### + +family="bridge" +setup_nftables $LAN1 $LAN2 2>/dev/null +if [ $? -ne 0 ]; then + echo "INFO: Cannot add nftables table $family" + skip_family_bridge_part2=1 +elif [ -n "$skip_unaware" ]; then + echo "INFO: Skipping unaware bridge" +else + +### Start nft family bridge test part 1 ### + +ip -net "$nsrt" link add $BRLAN type bridge +ip -net "$nsrt" link set $BRLAN up +for i in $LAN1 $LAN2; do + ns="${nsa[$i]}" + ip -net "$nsrt" link set "${vethrt[$i]}" master $BRLAN +done + +for i in $LAN1 $LAN2; do + set_client $i none +done + +test_paths $LAN1 $LAN2 "unaware bridge, without encaps, " +ret=$(($ret | $?)) + +for i in $LAN1 $LAN2; do + set_client $i q +done + +test_paths $LAN1 $LAN2 "unaware bridge, with single vlan encap, " +ret=$(($ret | $?)) + +for i in $LAN1 $LAN2; do + set_client $i qq +done + +# Skip testing double tagged packets on real hardware +if [ -n "$lan_all_veth" ] || [ -n "$noskip" ]; then + +test_paths $LAN1 $LAN2 "unaware bridge, with double q vlan encaps," +ret=$(($ret | $?)) + +for i in $LAN1 $LAN2; do + set_client $i ad +done + +test_paths $LAN1 $LAN2 "unaware bridge, with 802.1ad vlan encaps, " +ret=$(($ret | $?)) + +fi +# End Skip testing double tagged packets + +if [ -n "$(command -v pppd 2>/dev/null)" ] && + [ -n "$(command -v pppoe-server 2>/dev/null)" ]; then +# Start pppoe + +for i in $LAN1 $LAN2; do + set_client $i none noaddress +done + +if add_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" "unaware bridge, with pppoe encap"; then + test_paths $LAN1 $LAN2 "unaware bridge, with pppoe encap, " + ret=$(($ret | $?)) +fi + +del_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" + +for i in $LAN1 $LAN2; do + set_client $i q noaddress +done + +if add_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" "unaware bridge, with pppoe-in-q encaps"; then + test_paths $LAN1 $LAN2 "unaware bridge, with pppoe-in-q encaps, " + ret=$(($ret | $?)) +fi + +del_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" + +# End pppoe +fi + +ip -net "$nsrt" link del $BRLAN type bridge + +### End nft family bridge test part 1 ### +fi + +### Setup brlan as vlan aware bridge ### + +ip -net "$nsrt" link add $BRLAN type bridge vlan_filtering 1 vlan_default_pvid 0 +ip -net "$nsrt" link set $BRLAN up +bridge -net "$nsrt" vlan add dev $BRLAN vid $VID1 pvid untagged self +for i in $LAN1 $LAN2; do + ip -net "$nsrt" link set "${vethrt[$i]}" master $BRLAN + bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 pvid untagged +done + +for i in $LAN1 $LAN2; do + set_client $i none +done + +if [ -z "$skip_family_bridge_part2" ]; then +### Start nft family bridge test part 2 ### + +test_paths $LAN1 $LAN2 "aware bridge, without/without vlan encap," +ret=$(($ret | $?)) + +i=$LAN1 +bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 pvid untagged +bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 +set_client $i q + +test_paths $LAN1 $LAN2 "aware bridge, with/without vlan encap, " +ret=$(($ret | $?)) + +i=$LAN2 +bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 pvid untagged +bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 +set_client $i q + +test_paths $LAN1 $LAN2 "aware bridge, with/with vlan encap, " +ret=$(($ret | $?)) + +i=$LAN1 +bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 +bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 pvid untagged +set_client $i none + +test_paths $LAN1 $LAN2 "aware bridge, without/with vlan encap, " +ret=$(($ret | $?)) + +i=$LAN2 +bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 +bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 pvid untagged +set_client $i none + +fi + +### End nft family bridge test part 2 ### + +### Start nft family inet test ### +family="inet" +if ! setup_nftables $WAN $LAN1 $LAN2>/dev/null; then + echo "INFO: Cannot add nftables table $family" + exit $ret +fi + +set_client $WAN none +add_addr $ADWAN "$BRWAN" +add_addr $ADLAN "$BRLAN" + +test_paths $LAN1 $WAN "forward, without vlan-device, without vlan encap, client1," +ret=$(($ret | $?)) +if [ -z "$lan_all_veth" ] || [ -n "$noskip" ]; then +test_paths $LAN2 $WAN "forward, without vlan-device, without vlan encap, client2," +ret=$(($ret | $?)) +fi + +for i in $LAN1 $LAN2; do +bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 pvid untagged +bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 +set_client $i q +done + +test_paths $LAN1 $WAN "forward, without vlan-device, with vlan encap, client1," +ret=$(($ret | $?)) +if [ -z "$lan_all_veth" ] || [ -n "$noskip" ]; then +test_paths $LAN2 $WAN "forward, without vlan-device, with vlan encap, client2," +ret=$(($ret | $?)) +fi + +# Setup vlan-device linked to brlan master port +del_addr $ADLAN "$BRLAN" +ip -net "$nsrt" link set $BRLAN down +bridge -net "$nsrt" vlan del dev $BRLAN vid $VID1 pvid untagged self +bridge -net "$nsrt" vlan add dev $BRLAN vid $VID1 self +ip -net "$nsrt" link add link $BRLAN name $BRLAN.$VID1 type vlan id $VID1 +ip -net "$nsrt" link set $BRLAN up +ip -net "$nsrt" link set "$BRLAN.$VID1" up +add_addr $ADLAN "$BRLAN.$VID1" + +test_paths $LAN1 $WAN "forward, with vlan-device, with vlan encap, client1," +ret=$(($ret | $?)) +if [ -z "$lan_all_veth" ] || [ -n "$noskip" ]; then +test_paths $LAN2 $WAN "forward, with vlan-device, with vlan encap, client2," +ret=$(($ret | $?)) +fi + +for i in $LAN1 $LAN2; do +bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 +bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 pvid untagged +set_client $i none +done + +test_paths $LAN1 $WAN "forward, with vlan-device, without vlan encap, client1," +ret=$(($ret | $?)) +if [ -z "$lan_all_veth" ] || [ -n "$noskip" ]; then +test_paths $LAN2 $WAN "forward, with vlan-device, without vlan encap, client2," +ret=$(($ret | $?)) +fi + +### End nft family inet test ### + +for i in $WAN $LAN1 $LAN2; do + unset_client $i +done +ip -net "$nsrt" link del $BRLAN type bridge +ip -net "$nsrt" link del $BRWAN type bridge + +if [ $ret -eq 0 ]; then + echo "PASS: all tests passed" +else + echo "ERROR: bridge fastpath test has failed" +fi + +exit $ret -- 2.47.1

5 months

1
0
0 0

[PATCH v8 00/14] iommufd: Add vIOMMU infrastructure (Part-3: vEVENTQ)

by Nicolin Chen

As the vIOMMU infrastructure series part-3, this introduces a new vEVENTQ object. The existing FAULT object provides a nice notification pathway to the user space with a queue already, so let vEVENTQ reuse that. Mimicing the HWPT structure, add a common EVENTQ structure to support its derivatives: IOMMUFD_OBJ_FAULT (existing) and IOMMUFD_OBJ_VEVENTQ (new). An IOMMUFD_CMD_VEVENTQ_ALLOC is introduced to allocate vEVENTQ object for vIOMMUs. One vIOMMU can have multiple vEVENTQs in different types but can not support multiple vEVENTQs in the same type. The forwarding part is fairly simple but might need to replace a physical device ID with a virtual device ID in a driver-level event data structure. So, this also adds some helpers for drivers to use. As usual, this series comes with the selftest coverage for this new ioctl and with a real world use case in the ARM SMMUv3 driver. This is on Github: https://github.com/nicolinc/iommufd/commits/iommufd_veventq-v8 Paring QEMU branch for testing: https://github.com/nicolinc/qemu/commits/wip/for_iommufd_veventq-v8 Changelog v8 * Add Reviewed-by from Jason and Pranjal * Fix errno returned in arm_smmu_handle_event() * Validate domain->type outside of arm_smmu_attach_prepare_vmaster() * Drop unnecessary vmaster comparison in arm_smmu_attach_commit_vmaster() v7 https://lore.kernel.org/all/cover.1740238876.git.nicolinc@nvidia.com/ * Rebase on Jason's for-next tree for latest fault.c * Add Reviewed-by * Update commit logs * Add __reserved field sanity * Skip kfree() on the static header * Replace "bool on_list" with list_is_last() * Use u32 for flags in iommufd_vevent_header * Drop casting in iommufd_viommu_get_vdev_id() * Update the bounding logic to veventq->sequence * Add missing cpu_to_le64() around STRTAB_STE_1_MEV * Reuse veventq->common.lock to fence sequence and num_events * Rename overflow to lost_events and log it in upon kmalloc failure * Correct the error handling part in iommufd_veventq_deliver_fetch() * Add an arm_smmu_clear_vmaster() to simplify identity/blocked domain attach ops * Add additional four event records to forward to user space VM, and update the uAPI doc * Reuse the existing smmu->streams_mutex lock to fence master->vmaster pointer, instead of adding a new rwsem v6 https://lore.kernel.org/all/cover.1737754129.git.nicolinc@nvidia.com/ * Drop supports_veventq viommu op * Split bug/cosmetics fixes out of the series * Drop the blocking mutex around copy_to_user() * Add veventq_depth in uAPI to limit vEVENTQ size * Revise the documentation for a clear description * Fix sparse warnings in arm_vmaster_report_event() * Rework iommufd_viommu_get_vdev_id() to return -ENOENT v.s. 0 * Allow Abort/Bypass STEs to allocate vEVENTQ and set STE.MEV for DoS mitigations v5 https://lore.kernel.org/all/cover.1736237481.git.nicolinc@nvidia.com/ * Add Reviewed-by from Baolu * Reorder the OBJ list as well * Fix alphabetical order after renaming in v4 * Add supports_veventq viommu op for vEVENTQ type validation v4 https://lore.kernel.org/all/cover.1735933254.git.nicolinc@nvidia.com/ * Rename "vIRQ" to "vEVENTQ" * Use flexible array in struct iommufd_vevent * Add the new ioctl command to union ucmd_buffer * Fix the alphabetical order in union ucmd_buffer too * Rename _TYPE_NONE to _TYPE_DEFAULT aligning with vIOMMU naming v3 https://lore.kernel.org/all/cover.1734477608.git.nicolinc@nvidia.com/ * Rebase on Will's for-joerg/arm-smmu/updates for arm_smmu_event series * Add "Reviewed-by" lines from Kevin * Fix typos in comments, kdocs, and jump tags * Add a patch to sort struct iommufd_ioctl_op * Update iommufd's userpsace-api documentation * Update uAPI kdoc to quote SMMUv3 offical spec * Drop the unused workqueue in struct iommufd_virq * Drop might_sleep() in iommufd_viommu_report_irq() helper * Add missing "break" in iommufd_viommu_get_vdev_id() helper * Shrink the scope of the vmaster's read lock in SMMUv3 driver * Pass in two arguments to iommufd_eventq_virq_handler() helper * Move "!ops || !ops->read" validation into iommufd_eventq_init() * Move "fault->ictx = ictx" closer to iommufd_ctx_get(fault->ictx) * Update commit message for arm_smmu_attach_prepare/commit_vmaster() * Keep "iommufd_fault" as-is and rename "iommufd_eventq_virq" to just "iommufd_virq" v2 https://lore.kernel.org/all/cover.1733263737.git.nicolinc@nvidia.com/ * Rebase on v6.13-rc1 * Add IOPF and vIRQ in iommufd.rst (userspace-api) * Add a proper locking in iommufd_event_virq_destroy * Add iommufd_event_virq_abort with a lockdep_assert_held * Rename "EVENT_*" to "EVENTQ_*" to describe the objects better * Reorganize flows in iommufd_eventq_virq_alloc for abort() to work * Adde struct arm_smmu_vmaster to store vSID upon attaching to a nested domain, calling a newly added iommufd_viommu_get_vdev_id helper * Adde an arm_vmaster_report_event helper in arm-smmu-v3-iommufd file to simplify the routine in arm_smmu_handle_evt() of the main driver v1 https://lore.kernel.org/all/cover.1724777091.git.nicolinc@nvidia.com/ Thanks! Nicolin Nicolin Chen (14): iommufd/fault: Move two fault functions out of the header iommufd/fault: Add an iommufd_fault_init() helper iommufd: Abstract an iommufd_eventq from iommufd_fault iommufd: Rename fault.c to eventq.c iommufd: Add IOMMUFD_OBJ_VEVENTQ and IOMMUFD_CMD_VEVENTQ_ALLOC iommufd/viommu: Add iommufd_viommu_get_vdev_id helper iommufd/viommu: Add iommufd_viommu_report_event helper iommufd/selftest: Require vdev_id when attaching to a nested domain iommufd/selftest: Add IOMMU_TEST_OP_TRIGGER_VEVENT for vEVENTQ coverage iommufd/selftest: Add IOMMU_VEVENTQ_ALLOC test coverage Documentation: userspace-api: iommufd: Update FAULT and VEVENTQ iommu/arm-smmu-v3: Introduce struct arm_smmu_vmaster iommu/arm-smmu-v3: Report events that belong to devices attached to vIOMMU iommu/arm-smmu-v3: Set MEV bit in nested STE for DoS mitigations drivers/iommu/iommufd/Makefile | 2 +- drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h | 36 ++ drivers/iommu/iommufd/iommufd_private.h | 135 +++- drivers/iommu/iommufd/iommufd_test.h | 10 + include/linux/iommufd.h | 23 + include/uapi/linux/iommufd.h | 105 +++ tools/testing/selftests/iommu/iommufd_utils.h | 115 ++++ .../arm/arm-smmu-v3/arm-smmu-v3-iommufd.c | 64 ++ drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 82 ++- drivers/iommu/iommufd/driver.c | 72 +++ drivers/iommu/iommufd/eventq.c | 597 ++++++++++++++++++ drivers/iommu/iommufd/fault.c | 342 ---------- drivers/iommu/iommufd/hw_pagetable.c | 6 +- drivers/iommu/iommufd/main.c | 7 + drivers/iommu/iommufd/selftest.c | 54 ++ drivers/iommu/iommufd/viommu.c | 2 + tools/testing/selftests/iommu/iommufd.c | 36 ++ .../selftests/iommu/iommufd_fail_nth.c | 7 + Documentation/userspace-api/iommufd.rst | 17 + 19 files changed, 1304 insertions(+), 408 deletions(-) create mode 100644 drivers/iommu/iommufd/eventq.c delete mode 100644 drivers/iommu/iommufd/fault.c base-commit: 598749522d4254afb33b8a6c1bea614a95896868 -- 2.43.0

5 months

6
32
0 0

[PATCH] selftests: mptcp: add comment for getaddrinfo

by zhenwei pi

mptcp_connect.c is a startup tutorial of MPTCP programming, however there is a lack of ai_protocol(IPPROTO_MPTCP) usage. Add comment for getaddrinfo MPTCP support. Signed-off-by: zhenwei pi <zhenwei.pi(a)linux.dev> Signed-off-by: zhenwei pi <pizhenwei(a)bytedance.com> --- tools/testing/selftests/net/mptcp/mptcp_connect.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tools/testing/selftests/net/mptcp/mptcp_connect.c b/tools/testing/selftests/net/mptcp/mptcp_connect.c index c83a8b47bbdf..6b9031273964 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_connect.c +++ b/tools/testing/selftests/net/mptcp/mptcp_connect.c @@ -179,6 +179,18 @@ static void xgetnameinfo(const struct sockaddr *addr, socklen_t addrlen, } } +/* There is a lack of MPTCP support from glibc, these code leads error: + * struct addrinfo hints = { + * .ai_protocol = IPPROTO_MPTCP, + * ... + * }; + * err = getaddrinfo(node, service, &hints, res); + * ... + * So using IPPROTO_TCP to resolve, and use TCP/MPTCP to create socket. + * + * glibc starts to support MPTCP since v2.42. + * Link: https://sourceware.org/git/?p=glibc.git;a=commit;h=a8e9022e0f82 + */ static void xgetaddrinfo(const char *node, const char *service, const struct addrinfo *hints, struct addrinfo **res) -- 2.34.1

5 months

3
3
0 0

[PATCH] selftest/mm: Make hugetlb_reparenting_test tolerant to async reparenting

by Li Wang

In cgroup v2, memory and hugetlb usage reparenting is asynchronous. This can cause test flakiness when immediately asserting usage after deleting a child cgroup. To address this, add a helper function `assert_with_retry()` that checks usage values with a timeout-based retry. This improves test stability without relying on fixed sleep delays. Also bump up the tolerance size to 7MB. To avoid False Positives: ... # Assert memory charged correctly for child only use. # actual a = 11 MB # expected a = 0 MB # fail # cleanup # [FAIL] not ok 11 hugetlb_reparenting_test.sh -cgroup-v2 # exit=1 # 0 # SUMMARY: PASS=10 SKIP=0 FAIL=1 Signed-off-by: Li Wang <liwang(a)redhat.com> Cc: Waiman Long <longman(a)redhat.com> Cc: Anshuman Khandual <anshuman.khandual(a)arm.com> Cc: Dev Jain <dev.jain(a)arm.com> Cc: Kirill A. Shuemov <kirill.shutemov(a)linux.intel.com> Cc: Shuah Khan <shuah(a)kernel.org> --- .../selftests/mm/hugetlb_reparenting_test.sh | 96 ++++++++----------- 1 file changed, 41 insertions(+), 55 deletions(-) diff --git a/tools/testing/selftests/mm/hugetlb_reparenting_test.sh b/tools/testing/selftests/mm/hugetlb_reparenting_test.sh index 11f9bbe7dc22..1c172c6999f4 100755 --- a/tools/testing/selftests/mm/hugetlb_reparenting_test.sh +++ b/tools/testing/selftests/mm/hugetlb_reparenting_test.sh @@ -36,7 +36,7 @@ else do_umount=1 fi fi -MNT='/mnt/huge/' +MNT='/mnt/huge' function get_machine_hugepage_size() { hpz=$(grep -i hugepagesize /proc/meminfo) @@ -60,6 +60,41 @@ function cleanup() { set -e } +function assert_with_retry() { + local actual_path="$1" + local expected="$2" + local tolerance=$((7 * 1024 * 1024)) + local timeout=20 + local interval=1 + local start_time + local now + local elapsed + local actual + + start_time=$(date +%s) + + while true; do + actual="$(cat "$actual_path")" + + if [[ $actual -ge $(($expected - $tolerance)) ]] && + [[ $actual -le $(($expected + $tolerance)) ]]; then + return 0 + fi + + now=$(date +%s) + elapsed=$((now - start_time)) + + if [[ $elapsed -ge $timeout ]]; then + echo "actual = $((${actual%% *} / 1024 / 1024)) MB" + echo "expected = $((${expected%% *} / 1024 / 1024)) MB" + cleanup + exit 1 + fi + + sleep $interval + done +} + function assert_state() { local expected_a="$1" local expected_a_hugetlb="$2" @@ -70,58 +105,13 @@ function assert_state() { expected_b="$3" expected_b_hugetlb="$4" fi - local tolerance=$((5 * 1024 * 1024)) - - local actual_a - actual_a="$(cat "$CGROUP_ROOT"/a/memory.$usage_file)" - if [[ $actual_a -lt $(($expected_a - $tolerance)) ]] || - [[ $actual_a -gt $(($expected_a + $tolerance)) ]]; then - echo actual a = $((${actual_a%% *} / 1024 / 1024)) MB - echo expected a = $((${expected_a%% *} / 1024 / 1024)) MB - echo fail - - cleanup - exit 1 - fi - - local actual_a_hugetlb - actual_a_hugetlb="$(cat "$CGROUP_ROOT"/a/hugetlb.${MB}MB.$usage_file)" - if [[ $actual_a_hugetlb -lt $(($expected_a_hugetlb - $tolerance)) ]] || - [[ $actual_a_hugetlb -gt $(($expected_a_hugetlb + $tolerance)) ]]; then - echo actual a hugetlb = $((${actual_a_hugetlb%% *} / 1024 / 1024)) MB - echo expected a hugetlb = $((${expected_a_hugetlb%% *} / 1024 / 1024)) MB - echo fail - - cleanup - exit 1 - fi - - if [[ -z "$expected_b" || -z "$expected_b_hugetlb" ]]; then - return - fi - - local actual_b - actual_b="$(cat "$CGROUP_ROOT"/a/b/memory.$usage_file)" - if [[ $actual_b -lt $(($expected_b - $tolerance)) ]] || - [[ $actual_b -gt $(($expected_b + $tolerance)) ]]; then - echo actual b = $((${actual_b%% *} / 1024 / 1024)) MB - echo expected b = $((${expected_b%% *} / 1024 / 1024)) MB - echo fail - - cleanup - exit 1 - fi - local actual_b_hugetlb - actual_b_hugetlb="$(cat "$CGROUP_ROOT"/a/b/hugetlb.${MB}MB.$usage_file)" - if [[ $actual_b_hugetlb -lt $(($expected_b_hugetlb - $tolerance)) ]] || - [[ $actual_b_hugetlb -gt $(($expected_b_hugetlb + $tolerance)) ]]; then - echo actual b hugetlb = $((${actual_b_hugetlb%% *} / 1024 / 1024)) MB - echo expected b hugetlb = $((${expected_b_hugetlb%% *} / 1024 / 1024)) MB - echo fail + assert_with_retry "$CGROUP_ROOT/a/memory.$usage_file" "$expected_a" + assert_with_retry "$CGROUP_ROOT/a/hugetlb.${MB}MB.$usage_file" "$expected_a_hugetlb" - cleanup - exit 1 + if [[ -n "$expected_b" && -n "$expected_b_hugetlb" ]]; then + assert_with_retry "$CGROUP_ROOT/a/b/memory.$usage_file" "$expected_b" + assert_with_retry "$CGROUP_ROOT/a/b/hugetlb.${MB}MB.$usage_file" "$expected_b_hugetlb" fi } @@ -174,7 +164,6 @@ size=$((${MB} * 1024 * 1024 * 25)) # 50MB = 25 * 2MB hugepages. cleanup -echo echo echo Test charge, rmdir, uncharge setup @@ -195,7 +184,6 @@ cleanup echo done echo -echo if [[ ! $cgroup2 ]]; then echo "Test parent and child hugetlb usage" setup @@ -212,7 +200,6 @@ if [[ ! $cgroup2 ]]; then assert_state 0 $(($size * 2)) 0 $size rmdir "$CGROUP_ROOT"/a/b - sleep 5 echo Assert memory reparent correctly. assert_state 0 $(($size * 2)) @@ -224,7 +211,6 @@ if [[ ! $cgroup2 ]]; then cleanup fi -echo echo echo "Test child only hugetlb usage" echo setup -- 2.48.1

5 months

2
1
0 0

[PATCH v3] ublk: improve detection and handling of ublk server exit

by Uday Shankar

There are currently two ways in which ublk server exit is detected by ublk_drv: 1. uring_cmd cancellation. If there are any outstanding uring_cmds which have not been completed to the ublk server when it exits, io_uring calls the uring_cmd callback with a special cancellation flag as the issuing task is exiting. 2. I/O timeout. This is needed in addition to the above to handle the "saturated queue" case, when all I/Os for a given queue are in the ublk server, and therefore there are no outstanding uring_cmds to cancel when the ublk server exits. There are a couple of issues with this approach: - It is complex and inelegant to have two methods to detect the same condition - The second method detects ublk server exit only after a long delay (~30s, the default timeout assigned by the block layer). This delays the nosrv behavior from kicking in and potential subsequent recovery of the device. The second issue is brought to light with the new test_generic_04. It fails before this fix: selftests: ublk: test_generic_04.sh dev id is 0 dd: error writing '/dev/ublkb0': Input/output error 1+0 records in 0+0 records out 0 bytes copied, 30.0611 s, 0.0 kB/s DEAD dd took 31 seconds to exit (>= 5s tolerance)! generic_04 : [FAIL] Fix this by instead detecting and handling ublk server exit in the character file release callback. This has several advantages: - This one place can handle both saturated and unsaturated queues. Thus, it replaces both preexisting methods of detecting ublk server exit. - It runs quickly on ublk server exit - there is no 30s delay. - It starts the process of removing task references in ublk_drv. This is needed if we want to relax restrictions in the driver like letting only one thread serve each queue There is also the disadvantage that the character file release callback can also be triggered by intentional close of the file, which is a significant behavior change. Preexisting ublk servers (libublksrv) are dependent on the ability to open/close the file multiple times. To address this, only transition to a nosrv state if the file is released while the ublk device is live. This allows for programs to open/close the file multiple times during setup. It is still a behavior change if a ublk server decides to close/reopen the file while the device is LIVE (i.e. while it is responsible for serving I/O), but that would be highly unusual. This behavior is in line with what is done by FUSE, which is very similar to ublk in that a userspace daemon is providing services traditionally provided by the kernel. With this change in, the new test (and all other selftests, and all ublksrv tests) pass: selftests: ublk: test_generic_04.sh dev id is 0 dd: error writing '/dev/ublkb0': Input/output error 1+0 records in 0+0 records out 0 bytes copied, 0.0376731 s, 0.0 kB/s DEAD generic_04 : [PASS] Signed-off-by: Uday Shankar <ushankar(a)purestorage.com> --- Changes in v3: - Quiesce queue earlier to avoid concurrent cancellation and "normal" completion of io_uring cmds (Ming Lei) - Fix del_gendisk hang, found by test_stress_02 - Remove unnecessary parameters in fault_inject target (Ming Lei) - Fix delay implementation to have separate per-I/O delay instead of blocking the whole thread (Ming Lei) - Add delay_us to docs - Link to v2: https://lore.kernel.org/r/20250402-ublk_timeout-v2-1-249bc5523000@purestora… Changes in v2: - Leave null ublk selftests target untouched, instead create new fault_inject target for injecting per-I/O delay (Ming Lei) - Allow multiple open/close of ublk character device with some restrictions - Drop patches which made it in separately at https://lore.kernel.org/r/20250401-ublk_selftests-v1-1-98129c9bc8bb@puresto… - Consolidate more nosrv logic in ublk character device release, and associated code cleanup - Link to v1: https://lore.kernel.org/r/20250325-ublk_timeout-v1-0-262f0121a7bd@purestora… --- drivers/block/ublk_drv.c | 228 +++++++++--------------- tools/testing/selftests/ublk/Makefile | 4 +- tools/testing/selftests/ublk/fault_inject.c | 72 ++++++++ tools/testing/selftests/ublk/kublk.c | 6 +- tools/testing/selftests/ublk/kublk.h | 4 + tools/testing/selftests/ublk/test_generic_04.sh | 43 +++++ 6 files changed, 215 insertions(+), 142 deletions(-) diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c index 2fd05c1bd30b03343cb6f357f8c08dd92ff47af9..73baa9d22ccafb00723defa755a0b3aab7238934 100644 --- a/drivers/block/ublk_drv.c +++ b/drivers/block/ublk_drv.c @@ -162,7 +162,6 @@ struct ublk_queue { bool force_abort; bool timeout; - bool canceling; bool fail_io; /* copy of dev->state == UBLK_S_DEV_FAIL_IO */ unsigned short nr_io_ready; /* how many ios setup */ spinlock_t cancel_lock; @@ -199,8 +198,6 @@ struct ublk_device { struct completion completion; unsigned int nr_queues_ready; unsigned int nr_privileged_daemon; - - struct work_struct nosrv_work; }; /* header of ublk_params */ @@ -209,8 +206,9 @@ struct ublk_params_header { __u32 types; }; -static bool ublk_abort_requests(struct ublk_device *ub, struct ublk_queue *ubq); - +static void ublk_stop_dev_unlocked(struct ublk_device *ub); +static void ublk_abort_queue(struct ublk_device *ub, struct ublk_queue *ubq); +static void __ublk_quiesce_dev(struct ublk_device *ub); static inline struct request *__ublk_check_and_get_req(struct ublk_device *ub, struct ublk_queue *ubq, int tag, size_t offset); static inline unsigned int ublk_req_build_flags(struct request *req); @@ -1314,8 +1312,6 @@ static void ublk_queue_cmd_list(struct ublk_queue *ubq, struct rq_list *l) static enum blk_eh_timer_return ublk_timeout(struct request *rq) { struct ublk_queue *ubq = rq->mq_hctx->driver_data; - unsigned int nr_inflight = 0; - int i; if (ubq->flags & UBLK_F_UNPRIVILEGED_DEV) { if (!ubq->timeout) { @@ -1326,26 +1322,6 @@ static enum blk_eh_timer_return ublk_timeout(struct request *rq) return BLK_EH_DONE; } - if (!ubq_daemon_is_dying(ubq)) - return BLK_EH_RESET_TIMER; - - for (i = 0; i < ubq->q_depth; i++) { - struct ublk_io *io = &ubq->ios[i]; - - if (!(io->flags & UBLK_IO_FLAG_ACTIVE)) - nr_inflight++; - } - - /* cancelable uring_cmd can't help us if all commands are in-flight */ - if (nr_inflight == ubq->q_depth) { - struct ublk_device *ub = ubq->dev; - - if (ublk_abort_requests(ub, ubq)) { - schedule_work(&ub->nosrv_work); - } - return BLK_EH_DONE; - } - return BLK_EH_RESET_TIMER; } @@ -1356,19 +1332,16 @@ static blk_status_t ublk_prep_req(struct ublk_queue *ubq, struct request *rq) if (unlikely(ubq->fail_io)) return BLK_STS_TARGET; - /* With recovery feature enabled, force_abort is set in - * ublk_stop_dev() before calling del_gendisk(). We have to - * abort all requeued and new rqs here to let del_gendisk() - * move on. Besides, we cannot not call io_uring_cmd_complete_in_task() - * to avoid UAF on io_uring ctx. + /* + * force_abort is set in ublk_stop_dev() before calling + * del_gendisk(). We have to abort all requeued and new rqs here + * to let del_gendisk() move on. Besides, we cannot not call + * io_uring_cmd_complete_in_task() to avoid UAF on io_uring ctx. * * Note: force_abort is guaranteed to be seen because it is set * before request queue is unqiuesced. */ - if (ublk_nosrv_should_queue_io(ubq) && unlikely(ubq->force_abort)) - return BLK_STS_IOERR; - - if (unlikely(ubq->canceling)) + if (unlikely(ubq->force_abort)) return BLK_STS_IOERR; /* fill iod to slot in io cmd buffer */ @@ -1391,16 +1364,6 @@ static blk_status_t ublk_queue_rq(struct blk_mq_hw_ctx *hctx, if (res != BLK_STS_OK) return res; - /* - * ->canceling has to be handled after ->force_abort and ->fail_io - * is dealt with, otherwise this request may not be failed in case - * of recovery, and cause hang when deleting disk - */ - if (unlikely(ubq->canceling)) { - __ublk_abort_rq(ubq, rq); - return BLK_STS_OK; - } - ublk_queue_cmd(ubq, rq); return BLK_STS_OK; } @@ -1461,8 +1424,71 @@ static int ublk_ch_open(struct inode *inode, struct file *filp) static int ublk_ch_release(struct inode *inode, struct file *filp) { struct ublk_device *ub = filp->private_data; + int i; + + mutex_lock(&ub->mutex); + /* + * If the device is not live, we will not transition to a nosrv + * state. This protects against: + * - accidental poking of the ublk character device + * - some ublk servers which may open/close the ublk character + * device during startup + */ + if (ub->dev_info.state != UBLK_S_DEV_LIVE) + goto out; + + /* + * Since we are releasing the ublk character file descriptor, we + * know that there cannot be any concurrent file-related + * activity (e.g. uring_cmds or reads/writes). However, I/O + * might still be getting dispatched. Quiesce that too so that + * we don't need to worry about anything concurrent. + * + * We may have already quiesced the queue if we canceled any + * uring_cmds, so only quiesce if necessary (quiesce is not + * idempotent, it has an internal counter which we need to + * manage carefully). + */ + if (!blk_queue_quiesced(ub->ub_disk->queue)) + blk_mq_quiesce_queue(ub->ub_disk->queue); + + /* + * Handle any requests outstanding to the ublk server + */ + for (i = 0; i < ub->dev_info.nr_hw_queues; i++) + ublk_abort_queue(ub, ublk_get_queue(ub, i)); + /* + * Transition the device to the nosrv state. What exactly this + * means depends on the recovery flags + */ + if (ublk_nosrv_should_stop_dev(ub)) { + /* + * Allow any pending/future I/O to pass through quickly + * with an error. This is needed because del_gendisk + * waits for all pending I/O to complete + */ + for (i = 0; i < ub->dev_info.nr_hw_queues; i++) + ublk_get_queue(ub, i)->force_abort = true; + blk_mq_unquiesce_queue(ub->ub_disk->queue); + + ublk_stop_dev_unlocked(ub); + } else { + if (ublk_nosrv_dev_should_queue_io(ub)) { + __ublk_quiesce_dev(ub); + } else { + ub->dev_info.state = UBLK_S_DEV_FAIL_IO; + for (i = 0; i < ub->dev_info.nr_hw_queues; i++) + ublk_get_queue(ub, i)->fail_io = true; + } + + /* pair with earlier quiesce */ + blk_mq_unquiesce_queue(ub->ub_disk->queue); + } + +out: clear_bit(UB_STATE_OPEN, &ub->state); + mutex_unlock(&ub->mutex); return 0; } @@ -1556,57 +1582,6 @@ static void ublk_abort_queue(struct ublk_device *ub, struct ublk_queue *ubq) } } -/* Must be called when queue is frozen */ -static bool ublk_mark_queue_canceling(struct ublk_queue *ubq) -{ - bool canceled; - - spin_lock(&ubq->cancel_lock); - canceled = ubq->canceling; - if (!canceled) - ubq->canceling = true; - spin_unlock(&ubq->cancel_lock); - - return canceled; -} - -static bool ublk_abort_requests(struct ublk_device *ub, struct ublk_queue *ubq) -{ - bool was_canceled = ubq->canceling; - struct gendisk *disk; - - if (was_canceled) - return false; - - spin_lock(&ub->lock); - disk = ub->ub_disk; - if (disk) - get_device(disk_to_dev(disk)); - spin_unlock(&ub->lock); - - /* Our disk has been dead */ - if (!disk) - return false; - - /* - * Now we are serialized with ublk_queue_rq() - * - * Make sure that ubq->canceling is set when queue is frozen, - * because ublk_queue_rq() has to rely on this flag for avoiding to - * touch completed uring_cmd - */ - blk_mq_quiesce_queue(disk->queue); - was_canceled = ublk_mark_queue_canceling(ubq); - if (!was_canceled) { - /* abort queue is for making forward progress */ - ublk_abort_queue(ub, ubq); - } - blk_mq_unquiesce_queue(disk->queue); - put_device(disk_to_dev(disk)); - - return !was_canceled; -} - static void ublk_cancel_cmd(struct ublk_queue *ubq, struct ublk_io *io, unsigned int issue_flags) { @@ -1634,9 +1609,8 @@ static void ublk_uring_cmd_cancel_fn(struct io_uring_cmd *cmd, { struct ublk_uring_cmd_pdu *pdu = ublk_get_uring_cmd_pdu(cmd); struct ublk_queue *ubq = pdu->ubq; + struct ublk_device *ub = ubq->dev; struct task_struct *task; - struct ublk_device *ub; - bool need_schedule; struct ublk_io *io; if (WARN_ON_ONCE(!ubq)) @@ -1649,16 +1623,20 @@ static void ublk_uring_cmd_cancel_fn(struct io_uring_cmd *cmd, if (WARN_ON_ONCE(task && task != ubq->ubq_daemon)) return; - ub = ubq->dev; - need_schedule = ublk_abort_requests(ub, ubq); + /* + * We could be the first to notice that the ublk server is dying + * here. If we are, quiesce the queue to eliminate concurrent + * "normal" io_uring cmd completions in the I/O submission path. + */ + mutex_lock(&ub->mutex); + if (ub->dev_info.state == UBLK_S_DEV_LIVE && + !blk_queue_quiesced(ub->ub_disk->queue)) + blk_mq_quiesce_queue(ub->ub_disk->queue); + mutex_unlock(&ub->mutex); io = &ubq->ios[pdu->tag]; WARN_ON_ONCE(io->cmd != cmd); ublk_cancel_cmd(ubq, io, issue_flags); - - if (need_schedule) { - schedule_work(&ub->nosrv_work); - } } static inline bool ublk_queue_ready(struct ublk_queue *ubq) @@ -1756,13 +1734,13 @@ static struct gendisk *ublk_detach_disk(struct ublk_device *ub) return disk; } -static void ublk_stop_dev(struct ublk_device *ub) +static void ublk_stop_dev_unlocked(struct ublk_device *ub) + __must_hold(&ub->mutex) { struct gendisk *disk; - mutex_lock(&ub->mutex); if (ub->dev_info.state == UBLK_S_DEV_DEAD) - goto unlock; + return; if (ublk_nosrv_dev_should_queue_io(ub)) { if (ub->dev_info.state == UBLK_S_DEV_LIVE) __ublk_quiesce_dev(ub); @@ -1771,38 +1749,12 @@ static void ublk_stop_dev(struct ublk_device *ub) del_gendisk(ub->ub_disk); disk = ublk_detach_disk(ub); put_disk(disk); - unlock: - mutex_unlock(&ub->mutex); - ublk_cancel_dev(ub); } -static void ublk_nosrv_work(struct work_struct *work) +static void ublk_stop_dev(struct ublk_device *ub) { - struct ublk_device *ub = - container_of(work, struct ublk_device, nosrv_work); - int i; - - if (ublk_nosrv_should_stop_dev(ub)) { - ublk_stop_dev(ub); - return; - } - mutex_lock(&ub->mutex); - if (ub->dev_info.state != UBLK_S_DEV_LIVE) - goto unlock; - - if (ublk_nosrv_dev_should_queue_io(ub)) { - __ublk_quiesce_dev(ub); - } else { - blk_mq_quiesce_queue(ub->ub_disk->queue); - ub->dev_info.state = UBLK_S_DEV_FAIL_IO; - for (i = 0; i < ub->dev_info.nr_hw_queues; i++) { - ublk_get_queue(ub, i)->fail_io = true; - } - blk_mq_unquiesce_queue(ub->ub_disk->queue); - } - - unlock: + ublk_stop_dev_unlocked(ub); mutex_unlock(&ub->mutex); ublk_cancel_dev(ub); } @@ -2388,7 +2340,6 @@ static void ublk_remove(struct ublk_device *ub) bool unprivileged; ublk_stop_dev(ub); - cancel_work_sync(&ub->nosrv_work); cdev_device_del(&ub->cdev, &ub->cdev_dev); unprivileged = ub->dev_info.flags & UBLK_F_UNPRIVILEGED_DEV; ublk_put_device(ub); @@ -2675,7 +2626,6 @@ static int ublk_ctrl_add_dev(struct io_uring_cmd *cmd) goto out_unlock; mutex_init(&ub->mutex); spin_lock_init(&ub->lock); - INIT_WORK(&ub->nosrv_work, ublk_nosrv_work); ret = ublk_alloc_dev_number(ub, header->dev_id); if (ret < 0) @@ -2807,7 +2757,6 @@ static inline void ublk_ctrl_cmd_dump(struct io_uring_cmd *cmd) static int ublk_ctrl_stop_dev(struct ublk_device *ub) { ublk_stop_dev(ub); - cancel_work_sync(&ub->nosrv_work); return 0; } @@ -2927,7 +2876,6 @@ static void ublk_queue_reinit(struct ublk_device *ub, struct ublk_queue *ubq) /* We have to reset it to NULL, otherwise ub won't accept new FETCH_REQ */ ubq->ubq_daemon = NULL; ubq->timeout = false; - ubq->canceling = false; for (i = 0; i < ubq->q_depth; i++) { struct ublk_io *io = &ubq->ios[i]; diff --git a/tools/testing/selftests/ublk/Makefile b/tools/testing/selftests/ublk/Makefile index c7781efea0f33c02f340f90f547d3a37c1d1b8a0..afee027cccdd1b8f13f1cb9a90a3348cd54b18bc 100644 --- a/tools/testing/selftests/ublk/Makefile +++ b/tools/testing/selftests/ublk/Makefile @@ -6,6 +6,7 @@ LDLIBS += -lpthread -lm -luring TEST_PROGS := test_generic_01.sh TEST_PROGS += test_generic_02.sh TEST_PROGS += test_generic_03.sh +TEST_PROGS += test_generic_04.sh TEST_PROGS += test_null_01.sh TEST_PROGS += test_null_02.sh @@ -26,7 +27,8 @@ TEST_GEN_PROGS_EXTENDED = kublk include ../lib.mk -$(TEST_GEN_PROGS_EXTENDED): kublk.c null.c file_backed.c common.c stripe.c +$(TEST_GEN_PROGS_EXTENDED): kublk.c null.c file_backed.c common.c stripe.c \ + fault_inject.c check: shellcheck -x -f gcc *.sh diff --git a/tools/testing/selftests/ublk/fault_inject.c b/tools/testing/selftests/ublk/fault_inject.c new file mode 100644 index 0000000000000000000000000000000000000000..3a8574e6a73767b1f9d0d81c62c7dbf28d2445d0 --- /dev/null +++ b/tools/testing/selftests/ublk/fault_inject.c @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: GPL-2.0 + +/* + * Fault injection ublk target. Hack this up however you like for + * testing specific behaviors of ublk_drv. Currently is a null target + * with a configurable delay before completing each I/O. This delay can + * be used to test ublk_drv's handling of I/O outstanding to the ublk + * server when it dies. + */ + +#include "kublk.h" + +static int ublk_fault_inject_tgt_init(const struct dev_ctx *ctx, + struct ublk_dev *dev) +{ + const struct ublksrv_ctrl_dev_info *info = &dev->dev_info; + unsigned long dev_size = 250UL << 30; + + dev->tgt.dev_size = dev_size; + dev->tgt.params = (struct ublk_params) { + .types = UBLK_PARAM_TYPE_BASIC, + .basic = { + .logical_bs_shift = 9, + .physical_bs_shift = 12, + .io_opt_shift = 12, + .io_min_shift = 9, + .max_sectors = info->max_io_buf_bytes >> 9, + .dev_sectors = dev_size >> 9, + }, + }; + + dev->private_data = (void *)(ctx->delay_us * 1000); + return 0; +} + +static int ublk_fault_inject_queue_io(struct ublk_queue *q, int tag) +{ + const struct ublksrv_io_desc *iod = ublk_get_iod(q, tag); + struct io_uring_sqe *sqe; + struct __kernel_timespec ts = { + .tv_nsec = (long long)q->dev->private_data, + }; + + ublk_queue_alloc_sqes(q, &sqe, 1); + io_uring_prep_timeout(sqe, &ts, 1, 0); + sqe->user_data = build_user_data(tag, ublksrv_get_op(iod), 0, 1); + + ublk_queued_tgt_io(q, tag, 1); + + return 0; +} + +static void ublk_fault_inject_tgt_io_done(struct ublk_queue *q, int tag, + const struct io_uring_cqe *cqe) +{ + const struct ublksrv_io_desc *iod = ublk_get_iod(q, tag); + + if (cqe->res != -ETIME) + ublk_err("%s: unexpected cqe res %d\n", __func__, cqe->res); + + if (ublk_completed_tgt_io(q, tag)) + ublk_complete_io(q, tag, iod->nr_sectors << 9); + else + ublk_err("%s: io not complete after 1 cqe\n", __func__); +} + +const struct ublk_tgt_ops fault_inject_tgt_ops = { + .name = "fault_inject", + .init_tgt = ublk_fault_inject_tgt_init, + .queue_io = ublk_fault_inject_queue_io, + .tgt_io_done = ublk_fault_inject_tgt_io_done, +}; diff --git a/tools/testing/selftests/ublk/kublk.c b/tools/testing/selftests/ublk/kublk.c index 91c282bc767449a418cce7fc816dc8e9fc732d6a..b741d91b2288b19d450ad22a045b014da18c3f8d 100644 --- a/tools/testing/selftests/ublk/kublk.c +++ b/tools/testing/selftests/ublk/kublk.c @@ -10,6 +10,7 @@ static const struct ublk_tgt_ops *tgt_ops_list[] = { &null_tgt_ops, &loop_tgt_ops, &stripe_tgt_ops, + &fault_inject_tgt_ops, }; static const struct ublk_tgt_ops *ublk_find_tgt(const char *name) @@ -1041,7 +1042,7 @@ static int cmd_dev_get_features(void) static int cmd_dev_help(char *exe) { - printf("%s add -t [null|loop] [-q nr_queues] [-d depth] [-n dev_id] [backfile1] [backfile2] ...\n", exe); + printf("%s add -t [null|loop|stripe|fault_inject] [-q nr_queues] [-d depth] [-n dev_id] [--delay_us delay] [backfile1] [backfile2] ...\n", exe); printf("\t default: nr_queues=2(max 4), depth=128(max 128), dev_id=-1(auto allocation)\n"); printf("%s del [-n dev_id] -a \n", exe); printf("\t -a delete all devices -n delete specified device\n"); @@ -1064,6 +1065,7 @@ int main(int argc, char *argv[]) { "zero_copy", 0, NULL, 'z' }, { "foreground", 0, NULL, 0 }, { "chunk_size", 1, NULL, 0 }, + { "delay_us", 1, NULL, 0 }, { 0, 0, 0, 0 } }; int option_idx, opt; @@ -1112,6 +1114,8 @@ int main(int argc, char *argv[]) ctx.fg = 1; if (!strcmp(longopts[option_idx].name, "chunk_size")) ctx.chunk_size = strtol(optarg, NULL, 10); + if (!strcmp(longopts[option_idx].name, "delay_us")) + ctx.delay_us = strtoll(optarg, NULL, 10); } } diff --git a/tools/testing/selftests/ublk/kublk.h b/tools/testing/selftests/ublk/kublk.h index 760ff8ffb8107037a19a8fb7ab408818845e010d..a1a8a802fb43f0fe9272f33c8a3161e9316a5507 100644 --- a/tools/testing/selftests/ublk/kublk.h +++ b/tools/testing/selftests/ublk/kublk.h @@ -70,6 +70,9 @@ struct dev_ctx { /* stripe */ unsigned int chunk_size; + /* fault_inject */ + long long delay_us; + int _evtfd; }; @@ -357,6 +360,7 @@ static inline int ublk_queue_use_zc(const struct ublk_queue *q) extern const struct ublk_tgt_ops null_tgt_ops; extern const struct ublk_tgt_ops loop_tgt_ops; extern const struct ublk_tgt_ops stripe_tgt_ops; +extern const struct ublk_tgt_ops fault_inject_tgt_ops; void backing_file_tgt_deinit(struct ublk_dev *dev); int backing_file_tgt_init(struct ublk_dev *dev); diff --git a/tools/testing/selftests/ublk/test_generic_04.sh b/tools/testing/selftests/ublk/test_generic_04.sh new file mode 100755 index 0000000000000000000000000000000000000000..48af48164aa444d8ac6a58fef1743d2a16a56a14 --- /dev/null +++ b/tools/testing/selftests/ublk/test_generic_04.sh @@ -0,0 +1,43 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +. "$(cd "$(dirname "$0")" && pwd)"/test_common.sh + +TID="generic_04" +ERR_CODE=0 + +_prep_test "fault_inject" "fast cleanup when all I/Os of one hctx are in server" + +# configure ublk server to sleep 2s before completing each I/O +dev_id=$(_add_ublk_dev -t fault_inject -q 2 -d 1 --delay_us 2000000) +_check_add_dev $TID $? + +echo "dev id is ${dev_id}" + +STARTTIME=${SECONDS} + +dd if=/dev/urandom of=/dev/ublkb${dev_id} oflag=direct bs=4k count=1 & +dd_pid=$! + +__ublk_kill_daemon ${dev_id} "DEAD" + +wait $dd_pid +dd_exitcode=$? + +ENDTIME=${SECONDS} +ELAPSED=$(($ENDTIME - $STARTTIME)) + +# assert that dd sees an error and exits quickly after ublk server is +# killed. previously this relied on seeing an I/O timeout and so would +# take ~30s +if [ $dd_exitcode -eq 0 ]; then + echo "dd unexpectedly exited successfully!" + ERR_CODE=255 +fi +if [ $ELAPSED -ge 5 ]; then + echo "dd took $ELAPSED seconds to exit (>= 5s tolerance)!" + ERR_CODE=255 +fi + +_cleanup_test "fault_inject" +_show_result $TID $ERR_CODE --- base-commit: 710e2c687a16b28a873a282517a85faf02a8b7cc change-id: 20250325-ublk_timeout-b06b9b51c591 Best regards, -- Uday Shankar <ushankar(a)purestorage.com>

5 months

2
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror April 2025