- Linux-kselftest-mirror - lists.linaro.org

[PATCH v2 4/5] selftests/mm: va_high_addr_switch return fail when either test failed

by Chunyu Hu

When the first test failed, and the hugetlb test passed, the result would be pass, but we expect a fail. Fix this issue by returning fail if either is not KSFT_PASS. CC: Luiz Capitulino <luizcap(a)redhat.com> Signed-off-by: Chunyu Hu <chuhu(a)redhat.com> --- tools/testing/selftests/mm/va_high_addr_switch.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/mm/va_high_addr_switch.c b/tools/testing/selftests/mm/va_high_addr_switch.c index 02f290a69132..51401e081b20 100644 --- a/tools/testing/selftests/mm/va_high_addr_switch.c +++ b/tools/testing/selftests/mm/va_high_addr_switch.c @@ -322,7 +322,7 @@ static int supported_arch(void) int main(int argc, char **argv) { - int ret; + int ret, hugetlb_ret = KSFT_PASS; if (!supported_arch()) return KSFT_SKIP; @@ -331,6 +331,10 @@ int main(int argc, char **argv) ret = run_test(testcases, sz_testcases); if (argc == 2 && !strcmp(argv[1], "--run-hugetlb")) - ret = run_test(hugetlb_testcases, sz_hugetlb_testcases); - return ret; + hugetlb_ret = run_test(hugetlb_testcases, sz_hugetlb_testcases); + + if (ret == KSFT_PASS && hugetlb_ret == KSFT_PASS) + return KSFT_PASS; + else + return KSFT_FAIL; } -- 2.49.0

1 hour, 28 minutes

1
1
0 0

[PATCH v2 1/5] selftests/mm: fix va_high_addr_switch.sh return value

by Chunyu Hu

Patch series "Fix va_high_addr_switch.sh test failure - again", v2. The series address several issues exist for the va_high_addr_switch test: 1) the test return value is ignored in va_high_addr_switch.sh. 2) the va_high_addr_switch test requires 6 hugepages not 5. 3) the reurn value of the first test in va_high_addr_switch.c can be overridden by the second test. 4) the nr_hugepages setup in run_vmtests.sh for arm64 can be done in va_high_addr_switch.sh too. 5) update a comment for check_test_requirements. Changes in v2: - shorten the comment in for hugepages setup in v1 - add a new patch to fix the return value overridden issue in va_high_addr_switch.c - fix a code comment for check_test_requirements. - update the series summary in patch 1 - add reviewed-by from Luiz Capitulino on patch 1 and patch 3 This patch: (of 5) The return value should be return value of va_high_addr_switch, otherwise a test failure would be silently ignored. Reviewed-by: Luiz Capitulino <luizcap(a)redhat.com> Fixes: d9d957bd7b61 ("selftests/mm: alloc hugepages in va_high_addr_switch test") CC: Luiz Capitulino <luizcap(a)redhat.com> Signed-off-by: Chunyu Hu <chuhu(a)redhat.com> --- Chunyu Hu (5): selftests/mm: fix va_high_addr_switch.sh return value selftests/mm: allocate 6 hugepages in va_high_addr_switch.sh selftests/mm: remove arm64 nr_hugepages setup for va_high_addr_switch test selftests/mm: va_high_addr_switch return fail when either test failed selftests/mm: fix comment for check_test_requirements tools/testing/selftests/mm/run_vmtests.sh | 8 -------- tools/testing/selftests/mm/va_high_addr_switch.c | 10 +++++++--- tools/testing/selftests/mm/va_high_addr_switch.sh | 12 +++++++----- 3 files changed, 14 insertions(+), 16 deletions(-) According to the doc below, I don't add the cover letter, not sure if cover letter is preferred, and if that's the case, the doc need an update. https://www.ozlabs.org/~akpm/stuff/tpp.txt --- tools/testing/selftests/mm/va_high_addr_switch.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/testing/selftests/mm/va_high_addr_switch.sh b/tools/testing/selftests/mm/va_high_addr_switch.sh index a7d4b02b21dd..f89fe078a8e6 100755 --- a/tools/testing/selftests/mm/va_high_addr_switch.sh +++ b/tools/testing/selftests/mm/va_high_addr_switch.sh @@ -114,4 +114,6 @@ save_nr_hugepages # 4 keep_mapped pages, and one for tmp usage setup_nr_hugepages 5 ./va_high_addr_switch --run-hugetlb +retcode=$? restore_nr_hugepages +exit $retcode -- 2.49.0

1 hour, 28 minutes

1
2
0 0

[PATCH v1 1/3] selftests/mm: fix va_high_addr_switch.sh return value

by Chunyu Hu

Patch series "Fix va_high_addr_switch.sh test failure - again", v1. There are two issues exist for the va_high_addr_switch test. One issue is the test return value is ignored in va_high_addr_switch.sh. The second is the va_high_addr_switch requires 6 hugepages but it requires 5. Besides that, the nr_hugepages setup in run_vmtests.sh for arm64 can be done in va_high_addr_switch.sh too. This patch: (of 3) The return value should be return value of va_high_addr_switch, otherwise a test failure would be silently ignored. Fixes: d9d957bd7b61 ("selftests/mm: alloc hugepages in va_high_addr_switch test") CC: Luiz Capitulino <luizcap(a)redhat.com> Signed-off-by: Chunyu Hu <chuhu(a)redhat.com> --- tools/testing/selftests/mm/va_high_addr_switch.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/testing/selftests/mm/va_high_addr_switch.sh b/tools/testing/selftests/mm/va_high_addr_switch.sh index a7d4b02b21dd..f89fe078a8e6 100755 --- a/tools/testing/selftests/mm/va_high_addr_switch.sh +++ b/tools/testing/selftests/mm/va_high_addr_switch.sh @@ -114,4 +114,6 @@ save_nr_hugepages # 4 keep_mapped pages, and one for tmp usage setup_nr_hugepages 5 ./va_high_addr_switch --run-hugetlb +retcode=$? restore_nr_hugepages +exit $retcode -- 2.49.0

2 hours, 3 minutes

2
7
0 0

[PATCH v2 RESEND] selftests: hid: tests: test_wacom_generic: add tests for display devices and opaque devices

by Alex Tran

Verify Wacom devices set INPUT_PROP_DIRECT on display devices and INPUT_PROP_POINTER on opaque devices. Moved test_prop_pointer into TestOpaqueTablet. Created a DirectTabletTest mixin class for test_prop_direct that can be inherited by display tablet test classes. Used DirectTabletTest for TestDTH2452Tablet case. Signed-off-by: Alex Tran <alex.t.tran(a)gmail.com> --- Changes in v2: - Removed the tests from the BaseTest class - Removed disabling tests for certain subclasses - Moved test_prop_pointer under TestOpaqueTablet - Created DirectTabletTest mixin class - Moved test_prop_direct under TestDTH2452Tablet .../selftests/hid/tests/test_wacom_generic.py | 30 +++++++++++-------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/tools/testing/selftests/hid/tests/test_wacom_generic.py b/tools/testing/selftests/hid/tests/test_wacom_generic.py index 2d6d04f0f..9d0b0802d 100644 --- a/tools/testing/selftests/hid/tests/test_wacom_generic.py +++ b/tools/testing/selftests/hid/tests/test_wacom_generic.py @@ -598,18 +598,6 @@ class BaseTest: if unit_set: assert required[usage].contains(field) - def test_prop_direct(self): - """ - Todo: Verify that INPUT_PROP_DIRECT is set on display devices. - """ - pass - - def test_prop_pointer(self): - """ - Todo: Verify that INPUT_PROP_POINTER is set on opaque devices. - """ - pass - class PenTabletTest(BaseTest.TestTablet): def assertName(self, uhdev): @@ -677,6 +665,13 @@ class TestOpaqueTablet(PenTabletTest): uhdev.event(130, 240, pressure=0), [], auto_syn=False, strict=True ) + def test_prop_pointer(self): + """ + Verify that INPUT_PROP_POINTER is set on opaque devices. + """ + evdev = self.uhdev.get_evdev() + assert libevdev.INPUT_PROP_POINTER in evdev.properties + class TestOpaqueCTLTablet(TestOpaqueTablet): def create_device(self): @@ -862,7 +857,16 @@ class TestPTHX60_Pen(TestOpaqueCTLTablet): ) -class TestDTH2452Tablet(test_multitouch.BaseTest.TestMultitouch, TouchTabletTest): +class DirectTabletTest(): + def test_prop_direct(self): + """ + Verify that INPUT_PROP_DIRECT is set on display devices. + """ + evdev = self.uhdev.get_evdev() + assert libevdev.INPUT_PROP_DIRECT in evdev.properties + + +class TestDTH2452Tablet(test_multitouch.BaseTest.TestMultitouch, TouchTabletTest, DirectTabletTest): ContactIds = namedtuple("ContactIds", "contact_id, tracking_id, slot_num") def create_device(self): -- 2.51.0

8 hours, 40 minutes

1
0
0 0

[GIT PULL] kunit fixes update for Linux 6.19-rc3

by Shuah Khan

Hi Linus, Please pull the following fixes update for Linux 6.19-rc3. Drops unused parameter from kunit_device_register_internal and makes FAULT_TEST default to n when PANIC_ON_OOPS. Note: Sending this early for 6.19-rc3 (way too late for rc2 anyways) diff is attached. thanks, -- Shuah ---------------------------------------------------------------- The following changes since commit 8f0b4cce4481fb22653697cced8d0d04027cb1e8: Linux 6.19-rc1 (2025-12-14 16:05:07 +1200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest tags/linux_kselftest-kunit-fixes-6.19-rc3 for you to fetch changes up to c33b68801fbe9d5ee8a9178beb5747ec65873530: kunit: make FAULT_TEST default to n when PANIC_ON_OOPS (2025-12-15 09:27:19 -0700) ---------------------------------------------------------------- linux_kselftest-kunit-fixes-6.19-rc3 Drops unused parameter from kunit_device_register_internal and makes FAULT_TEST default to n when PANIC_ON_OOPS. ---------------------------------------------------------------- Brendan Jackman (1): kunit: make FAULT_TEST default to n when PANIC_ON_OOPS Uwe Kleine-König (1): kunit: Drop unused parameter from kunit_device_register_internal lib/kunit/Kconfig | 2 +- lib/kunit/device.c | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) ----------------------------------------------------------------

9 hours, 17 minutes

2
1
0 0

[PATCH 0/3] selftests/mm: hugetlb cgroup charging: robustness fixes

by Li Wang

This series fixes a few issues in the hugetlb cgroup charging selftests (write_to_hugetlbfs.c + charge_reserved_hugetlb.sh) that show up on systems with large hugepages (e.g. 512MB) and when failures cause the test to wait indefinitely. On an aarch64 64k page kernel with 512MB hugepages, the test consistently fails in write_to_hugetlbfs with ENOMEM and then hangs waiting for the expected usage values. The root cause is that charge_reserved_hugetlb.sh mounts hugetlbfs with a fixed size=256M, which is smaller than a single hugepage, resulting in a mount with size=0 capacity. In addition, write_to_hugetlbfs previously parsed -s via atoi() into an int, which can overflow and print negative sizes. Reproducer / environment: - Kernel: 6.12.0-xxx.el10.aarch64+64k - Hugepagesize: 524288 kB (512MB) - ./charge_reserved_hugetlb.sh -cgroup-v2 - Observed mount: pagesize=512M,size=0 before this series After applying the series, the test completes successfully on the above setup. Li Wang (3): selftests/mm/write_to_hugetlbfs: parse -s with strtoull and use size_t selftests/mm/charge_reserved_hugetlb.sh: add waits with timeout helper selftests/mm/charge_reserved_hugetlb: fix hugetlbfs mount size for large hugepages .../selftests/mm/charge_reserved_hugetlb.sh | 49 ++++++++++--------- .../testing/selftests/mm/write_to_hugetlbfs.c | 19 +++++-- 2 files changed, 43 insertions(+), 25 deletions(-) -- 2.49.0

10 hours, 30 minutes

2
4
0 0

[PATCH v9 00/16] arm64: entry: Convert to Generic Entry

by Jinjie Ruan

Currently, x86, Riscv, Loongarch use the Generic Entry which makes maintainers' work easier and codes more elegant. arm64 has already successfully switched to the Generic IRQ Entry in commit b3cf07851b6c ("arm64: entry: Switch to generic IRQ entry"), it is time to completely convert arm64 to Generic Entry. The goal is to bring arm64 in line with other architectures that already use the generic entry infrastructure, reducing duplicated code and making it easier to share future changes in entry/exit paths, such as "Syscall User Dispatch". This patch set is rebased on v6.18-rc7. And the performance was measured on Kunpeng 920 using "perf bench basic syscall" with "arm64.nopauth selinux=0 audit=1". After switch to Generic Entry, the performance are below: | Metric | W/O Generic Framework | With Generic Framework | Change | | ---------- | --------------------- | ---------------------- | ------ | | Total time | 2.130 [sec] | 2.235 [sec] | ↑4.90% | | usecs/op | 0.213095 | 0.223512 | ↑4.89% | | ops/sec | 4,692,753 | 4,474,044 | ↓4.89% | Compared to earlier with arch specific handling, the performance decreased by approximately 4.9%. On the basis of optimizing syscall_get_arguments()[1], el0_svc_common() and syscall_exit_work(), the performance are below: | Metric | W/O Generic Entry | With Generic Entry opt| Change | | ---------- | ----------------- | ------------------ | ------ | | Total time | 2.130 [sec] | 2.134 [sec] | ↑0.18% | | usecs/op | 0.213095 | 0.213414 | ↑0.15% | | ops/sec | 4,692,753 | 4,685,737 | ↓0.15% | Therefore, after the optimization, ARM64 System Call performance remains almost unchanged. It was tested ok with following test cases on kunpeng920 and QEMU virt platform: - Perf tests. - Different `dynamic preempt` mode switch. - Pseudo NMI tests. - Stress-ng CPU stress test. - Hackbench stress test. - MTE test case in Documentation/arch/arm64/memory-tagging-extension.rst and all test cases in tools/testing/selftests/arm64/mte/*. - "sud" selftest testcase. - get_set_sud, get_syscall_info, set_syscall_info, peeksiginfo in tools/testing/selftests/ptrace. - breakpoint_test_arm64 in selftests/breakpoints. - syscall-abi and ptrace in tools/testing/selftests/arm64/abi - fp-ptrace, sve-ptrace, za-ptrace in selftests/arm64/fp. - vdso_test_getrandom in tools/testing/selftests/vDSO - Strace tests. The test QEMU configuration is as follows: qemu-system-aarch64 \ -M virt,gic-version=3,virtualization=on,mte=on \ -cpu max,pauth-impdef=on \ -kernel Image \ -smp 8,sockets=1,cores=4,threads=2 \ -m 512m \ -nographic \ -no-reboot \ -device virtio-rng-pci \ -append "root=/dev/vda rw console=ttyAMA0 kgdboc=ttyAMA0,115200 \ earlycon preempt=voluntary irqchip.gicv3_pseudo_nmi=1" \ -drive if=none,file=images/rootfs.ext4,format=raw,id=hd0 \ -device virtio-blk-device,drive=hd0 \ [1]: https://lore.kernel.org/all/20251201120633.1193122-3-ruanjinjie@huawei.com/ Changes in v9: - Move "Return early for ptrace_report_syscall_entry() error" patch ahead to make it not introduce a regression. - Not check _TIF_SECCOMP/SYSCALL_EMU for syscall_exit_work() in a separate patch. - Do not report_syscall_exit() for PTRACE_SYSEMU_SINGLESTEP in a separate patch. - Add two performance patch to improve the arm64 performance. - Add Reviewed-by. - Link to v8: https://lore.kernel.org/all/20251126071446.3234218-1-ruanjinjie@huawei.com/ Changes in v8: - Rename "report_syscall_enter()" to "report_syscall_entry()". - Add ptrace_save_reg() to avoid duplication. - Remove unused _TIF_WORK_MASK in a standalone patch. - Align syscall_trace_enter() return value with the generic version. - Use "scno" instead of regs->syscallno in el0_svc_common(). - Move rseq_syscall() ahead in a standalone patch to clarify it clearly. - Rename "syscall_trace_exit()" to "syscall_exit_work()". - Keep the goto in el0_svc_common(). - No argument was passed to __secure_computing() and check -1 not -1L. - Remove "Add has_syscall_work() helper" patch. - Move "Add syscall_exit_to_user_mode_prepare() helper" patch later. - Add miss header for asm/entry-common.h. - Update the implementation of arch_syscall_is_vdso_sigreturn(). - Add "ARCH_SYSCALL_WORK_EXIT" to be defined as "SECCOMP | SYSCALL_EMU" to keep the behaviour unchanged. - Add more testcases test. - Add Reviewed-by. - Update the commit message. - Link to v7: https://lore.kernel.org/all/20251117133048.53182-1-ruanjinjie@huawei.com/ Chanegs in v7: - Support "Syscall User Dispatch" by implementing arch_syscall_is_vdso_sigreturn() as kemal suggested. - Add aarch64 support for "sud" selftest testcase, which tested ok with the patch series. - Fix the kernel test robot warning for arch_ptrace_report_syscall_entry() and arch_ptrace_report_syscall_exit() in asm/entry-common.h. - Add perf syscall performance test. - Link to v6: https://lore.kernel.org/all/20250916082611.2972008-1-ruanjinjie@huawei.com/ Changes in v6: - Rebased on v6.17-rc5-next as arm64 generic irq entry has merged. - Update the commit message. - Link to v5: https://lore.kernel.org/all/20241206101744.4161990-1-ruanjinjie@huawei.com/ Changes in v5: - Not change arm32 and keep inerrupts_enabled() macro for gicv3 driver. - Move irqentry_state definition into arch/arm64/kernel/entry-common.c. - Avoid removing the __enter_from_*() and __exit_to_*() wrappers. - Update "irqentry_state_t ret/irq_state" to "state" to keep it consistently. - Use generic irq entry header for PREEMPT_DYNAMIC after split the generic entry. - Also refactor the ARM64 syscall code. - Introduce arch_ptrace_report_syscall_entry/exit(), instead of arch_pre/post_report_syscall_entry/exit() to simplify code. - Make the syscall patches clear separation. - Update the commit message. - Link to v4: https://lore.kernel.org/all/20241025100700.3714552-1-ruanjinjie@huawei.com/ Changes in v4: - Rework/cleanup split into a few patches as Mark suggested. - Replace interrupts_enabled() macro with regs_irqs_disabled(), instead of left it here. - Remove rcu and lockdep state in pt_regs by using temporary irqentry_state_t as Mark suggested. - Remove some unnecessary intermediate functions to make it clear. - Rework preempt irq and PREEMPT_DYNAMIC code to make the switch more clear. - arch_prepare_*_entry/exit() -> arch_pre_*_entry/exit(). - Expand the arch functions comment. - Make arch functions closer to its caller. - Declare saved_reg in for block. - Remove arch_exit_to_kernel_mode_prepare(), arch_enter_from_kernel_mode(). - Adjust "Add few arch functions to use generic entry" patch to be the penultimate. - Update the commit message. - Add suggested-by. - Link to v3: https://lore.kernel.org/all/20240629085601.470241-1-ruanjinjie@huawei.com/ Changes in v3: - Test the MTE test cases. - Handle forget_syscall() in arch_post_report_syscall_entry() - Make the arch funcs not use __weak as Thomas suggested, so move the arch funcs to entry-common.h, and make arch_forget_syscall() folded in arch_post_report_syscall_entry() as suggested. - Move report_single_step() to thread_info.h for arm64 - Change __always_inline() to inline, add inline for the other arch funcs. - Remove unused signal.h for entry-common.h. - Add Suggested-by. - Update the commit message. Changes in v2: - Add tested-by. - Fix a bug that not call arch_post_report_syscall_entry() in syscall_trace_enter() if ptrace_report_syscall_entry() return not zero. - Refactor report_syscall(). - Add comment for arch_prepare_report_syscall_exit(). - Adjust entry-common.h header file inclusion to alphabetical order. - Update the commit message. Jinjie Ruan (15): arm64: Remove unused _TIF_WORK_MASK arm64/ptrace: Split report_syscall() arm64/ptrace: Return early for ptrace_report_syscall_entry() error arm64/ptrace: Refactor syscall_trace_enter/exit() arm64: ptrace: Move rseq_syscall() before audit_syscall_exit() arm64: syscall: Rework el0_svc_common() arm64/ptrace: Not check _TIF_SECCOMP/SYSCALL_EMU for syscall_exit_work() arm64/ptrace: Do not report_syscall_exit() for PTRACE_SYSEMU_SINGLESTEP arm64/ptrace: Expand secure_computing() in place arm64/ptrace: Use syscall_get_arguments() helper entry: Split syscall_exit_to_user_mode_work() for arch reuse entry: Add arch_ptrace_report_syscall_entry/exit() arm64: entry: Convert to generic entry arm64: Inline el0_svc_common() entry: Inline syscall_exit_work() kemal (1): selftests: sud_test: Support aarch64 arch/arm64/Kconfig | 2 +- arch/arm64/include/asm/entry-common.h | 76 ++++++++++++++ arch/arm64/include/asm/syscall.h | 19 +++- arch/arm64/include/asm/thread_info.h | 22 +---- arch/arm64/kernel/debug-monitors.c | 7 ++ arch/arm64/kernel/ptrace.c | 94 ------------------ arch/arm64/kernel/signal.c | 2 +- arch/arm64/kernel/syscall.c | 29 ++---- include/linux/entry-common.h | 98 ++++++++++++++++--- kernel/entry/syscall-common.c | 60 +++++------- .../syscall_user_dispatch/sud_test.c | 4 + 11 files changed, 220 insertions(+), 193 deletions(-) -- 2.34.1

14 hours, 35 minutes

5
35
0 0

[PATCH v3 00/14] tools/nolibc: always use 64-bit time-related types

by Thomas Weißschuh

nolibc currently uses 32-bit types for various APIs. These are problematic as their reduced value range can lead to truncated values. Intended for 6.19. Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net> --- Changes in v3: - Only use _Static_assert() where available - Link to v2: https://lore.kernel.org/r/20251122-nolibc-uapi-types-v2-0-b814a43654f5@weis… Changes in v2: - Drop already applied ino_t and off_t patches. - Also handle 'struct timeval'. - Make the progression of the series a bit clearer. - Add compatibility assertions. - Link to v1: https://lore.kernel.org/r/20251029-nolibc-uapi-types-v1-0-e79de3b215d8@weis… --- Thomas Weißschuh (14): tools/nolibc/poll: use kernel types for system call invocations tools/nolibc/poll: drop __NR_poll fallback tools/nolibc/select: drop non-pselect based implementations tools/nolibc/time: drop invocation of gettimeofday system call tools/nolibc: prefer explicit 64-bit time-related system calls tools/nolibc/gettimeofday: avoid libgcc 64-bit divisions tools/nolibc/select: avoid libgcc 64-bit multiplications tools/nolibc: use custom structs timespec and timeval tools/nolibc: always use 64-bit time types selftests/nolibc: test compatibility of nolibc and kernel time types tools/nolibc: remove time conversions tools/nolibc: add compiler version detection macros tools/nolibc: add __nolibc_static_assert() selftests/nolibc: add static assertions around time types handling tools/include/nolibc/arch-s390.h | 3 + tools/include/nolibc/compiler.h | 24 +++++++ tools/include/nolibc/poll.h | 14 ++-- tools/include/nolibc/std.h | 2 +- tools/include/nolibc/sys/select.h | 25 ++----- tools/include/nolibc/sys/time.h | 6 +- tools/include/nolibc/sys/timerfd.h | 32 +++------ tools/include/nolibc/time.h | 102 +++++++++------------------ tools/include/nolibc/types.h | 17 ++++- tools/testing/selftests/nolibc/nolibc-test.c | 27 +++++++ 10 files changed, 129 insertions(+), 123 deletions(-) --- base-commit: 351ec197a66e47bea17c3d803c5472473640dd0d change-id: 20251001-nolibc-uapi-types-1c072d10fcc7 Best regards, -- Thomas Weißschuh <linux(a)weissschuh.net>

15 hours, 32 minutes

1
14
0 0

[RFC bpf PATCH 0/2] bpf: Fix memory access tags in helper prototypes

by Zesen Liu

Hi, This series adds missing memory access tags (MEM_RDONLY or MEM_WRITE) to several bpf helper function prototypes that use ARG_PTR_TO_MEM but lack the correct type annotation. Missing memory access tags in helper prototypes can lead to critical correctness issues when the verifier tries to perform code optimization. After commit 37cce22dbd51 ("bpf: verifier: Refactor helper access type tracking"), the verifier relies on the memory access tags, rather than treating all arguments in helper functions as potentially modifying the pointed-to memory. We have already seen several reports regarding this: - commit ac44dcc788b9 ("bpf: Fix verifier assumptions of bpf_d_path's output buffer") adds MEM_WRITE to bpf_d_path; - commit 2eb7648558a7 ("bpf: Specify access type of bpf_sysctl_get_name args") adds MEM_WRITE to bpf_sysctl_get_name. This series looks through all prototypes in the kernel and completes the tags. In addition, this series also adds selftests for some of these functions. I marked the series as RFC since the introduced selftests are fragile and ad hoc (similar to the previously added selftests). The original goal of these tests is to reproduce the case where the verifier wrongly optimizes reads after the helper function is called. However, triggering the error often requires carefully designed code patterns. For example, I had to explicitly use "if (xx != 0)" in my attached tests, because using memcmp will not reproduce the issue. This makes the reproduction heavily dependent on the verifier's internal optimization logic and clutters the selftests with specific, unnatural patterns. Some cases are also hard to trigger by selftests. For example, I couldn't find a triggering pattern for bpf_read_branch_records, since the execution of program seems to be messed up by wrong tags. For bpf_skb_fib_lookup, I also failed to reproduce it because the argument needs content on entry, but the verifier seems to only enable this optimization for fully empty buffers. Since adding selftests does not help with existing issues or prevent future occurrences of similar problems, I believe one way to resolve it is to statically restrict ARG_PTR_TO_MEM from appearing without memory access tags. Using ARG_PTR_TO_MEM alone without tags is nonsensical because: - If the helper does not change the argument, missing MEM_RDONLY causes the verifier to incorrectly reject a read-only buffer. - If the helper does change the argument, missing MEM_WRITE causes the verifier to incorrectly assume the memory is unchanged, leading to potential errors. I am still wondering, if we agree on the above, how should we enforce this restriction? Should we let ARG_PTR_TO_MEM imply MEM_WRITE semantics by default, and change ARG_PTR_TO_MEM | MEM_RDONLY to ARG_CONST_PTR_TO_MEM? Or should we add a check in the verifier to ensure ARG_PTR_TO_MEM always comes with an access tag (though this seems to only catch errors at runtime/testing)? Any insights and comments are welcome. If the individual fix patches for the prototypes look correct, I would also really appreciate it if they could be merged ahead of the discussion. Thanks, Zesen Liu Signed-off-by: Zesen Liu <ftyghome(a)gmail.com> --- Zesen Liu (2): bpf: Fix memory access tags in helper prototypes selftests/bpf: add regression tests for snprintf and get_stack helpers kernel/bpf/helpers.c | 2 +- kernel/trace/bpf_trace.c | 6 +++--- net/core/filter.c | 8 ++++---- tools/testing/selftests/bpf/prog_tests/get_stack_raw_tp.c | 15 +++++++++++++-- tools/testing/selftests/bpf/prog_tests/snprintf.c | 6 ++++++ tools/testing/selftests/bpf/prog_tests/snprintf_btf.c | 3 +++ tools/testing/selftests/bpf/progs/netif_receive_skb.c | 13 ++++++++++++- tools/testing/selftests/bpf/progs/test_get_stack_rawtp.c | 11 ++++++++++- tools/testing/selftests/bpf/progs/test_snprintf.c | 12 ++++++++++++ 9 files changed, 64 insertions(+), 12 deletions(-) --- base-commit: 22cc16c04b7893d8fc22810599f49a305d600b9e change-id: 20251220-helper_proto-fb6e64182467 Best regards, -- Zesen Liu <ftyghome(a)gmail.com>

17 hours, 53 minutes

1
2
0 0

[PATCH] kunit: Protect KUNIT_BINARY_STR_ASSERTION against ERR_PTR values

by Richard Fitzgerald

Replace the NULL checks with IS_ERR_OR_NULL() in KUNIT_BINARY_STR_ASSERTION() to prevent the strcmp() faulting if a passed pointer is an ERR_PTR. Commit 7ece381aa72d4 ("kunit: Protect string comparisons against NULL") added the checks for NULL on both pointers so that asserts would fail, instead of faulting, if either pointer is NULL. But either pointer could hold an ERR_PTR value. This assumes that the assertion is expecting both strings to be valid, and is asserting the equality of their _content_. Signed-off-by: Richard Fitzgerald <rf(a)opensource.cirrus.com> --- include/kunit/test.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/kunit/test.h b/include/kunit/test.h index 5ec5182b5e57..9cd1594ab697 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -906,7 +906,8 @@ do { \ }; \ \ _KUNIT_SAVE_LOC(test); \ - if (likely((__left) && (__right) && (strcmp(__left, __right) op 0))) \ + if (likely(!IS_ERR_OR_NULL(__left) && !IS_ERR_OR_NULL(__right) && \ + (strcmp(__left, __right) op 0))) \ break; \ \ \ -- 2.47.3

22 hours, 29 minutes

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror