- Linux-kselftest-mirror - lists.linaro.org

[PATCH v6 00/11] Direct Map Removal Support for guest_memfd

by Roy, Patrick

[ based on kvm/next ] Unmapping virtual machine guest memory from the host kernel's direct map is a successful mitigation against Spectre-style transient execution issues: If the kernel page tables do not contain entries pointing to guest memory, then any attempted speculative read through the direct map will necessarily be blocked by the MMU before any observable microarchitectural side-effects happen. This means that Spectre-gadgets and similar cannot be used to target virtual machine memory. Roughly 60% of speculative execution issues fall into this category [1, Table 1]. This patch series extends guest_memfd with the ability to remove its memory from the host kernel's direct map, to be able to attain the above protection for KVM guests running inside guest_memfd. Additionally, a Firecracker branch with support for these VMs can be found on GitHub [2]. For more details, please refer to the v5 cover letter [v5]. No substantial changes in design have taken place since. === Changes Since v5 === - Fix up error handling for set_direct_map_[in]valid_noflush() (Mike) - Fix capability check for KVM_GUEST_MEMFD_NO_DIRECT_MAP (Mike) - Make secretmem_aops static in mm/secretmem.c (Mike) - Fixup some more comments in gup.c that referred to secretmem specifically to instead point to AS_NO_DIRECT_MAP (Mike) - New patch (PATCH 4/11) to avoid ifdeffery in kvm_gmem_free_folio() (Mike) - vma_is_no_direct_map() -> vma_has_no_direct_map() rename (David) - Squash some patches (David) - Fix up const-ness of parameters to new functions in pagemap.h (Fuad) [1]: https://download.vusec.net/papers/quarantine_raid23.pdf [2]: https://github.com/firecracker-microvm/firecracker/tree/feature/secret-hidi… [RFCv1]: https://lore.kernel.org/kvm/20240709132041.3625501-1-roypat@amazon.co.uk/ [RFCv2]: https://lore.kernel.org/kvm/20240910163038.1298452-1-roypat@amazon.co.uk/ [RFCv3]: https://lore.kernel.org/kvm/20241030134912.515725-1-roypat@amazon.co.uk/ [v4]: https://lore.kernel.org/kvm/20250221160728.1584559-1-roypat@amazon.co.uk/ [v5]: https://lore.kernel.org/kvm/20250828093902.2719-1-roypat@amazon.co.uk/ Elliot Berman (1): filemap: Pass address_space mapping to ->free_folio() Patrick Roy (10): arch: export set_direct_map_valid_noflush to KVM module mm: introduce AS_NO_DIRECT_MAP KVM: guest_memfd: Add stub for kvm_arch_gmem_invalidate KVM: guest_memfd: Add flag to remove from direct map KVM: selftests: load elf via bounce buffer KVM: selftests: set KVM_MEM_GUEST_MEMFD in vm_mem_add() if guest_memfd != -1 KVM: selftests: Add guest_memfd based vm_mem_backing_src_types KVM: selftests: stuff vm_mem_backing_src_type into vm_shape KVM: selftests: cover GUEST_MEMFD_FLAG_NO_DIRECT_MAP in existing selftests KVM: selftests: Test guest execution from direct map removed gmem Documentation/filesystems/locking.rst | 2 +- Documentation/virt/kvm/api.rst | 5 ++ arch/arm64/include/asm/kvm_host.h | 12 ++++ arch/arm64/mm/pageattr.c | 1 + arch/loongarch/mm/pageattr.c | 1 + arch/riscv/mm/pageattr.c | 1 + arch/s390/mm/pageattr.c | 1 + arch/x86/mm/pat/set_memory.c | 1 + fs/nfs/dir.c | 11 ++-- fs/orangefs/inode.c | 3 +- include/linux/fs.h | 2 +- include/linux/kvm_host.h | 9 +++ include/linux/pagemap.h | 16 +++++ include/linux/secretmem.h | 18 ------ include/uapi/linux/kvm.h | 2 + lib/buildid.c | 4 +- mm/filemap.c | 9 +-- mm/gup.c | 19 ++---- mm/mlock.c | 2 +- mm/secretmem.c | 11 ++-- mm/vmscan.c | 4 +- .../testing/selftests/kvm/guest_memfd_test.c | 2 + .../testing/selftests/kvm/include/kvm_util.h | 37 ++++++++--- .../testing/selftests/kvm/include/test_util.h | 8 +++ tools/testing/selftests/kvm/lib/elf.c | 8 +-- tools/testing/selftests/kvm/lib/io.c | 23 +++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 61 +++++++++++-------- tools/testing/selftests/kvm/lib/test_util.c | 8 +++ tools/testing/selftests/kvm/lib/x86/sev.c | 1 + .../selftests/kvm/pre_fault_memory_test.c | 1 + .../selftests/kvm/set_memory_region_test.c | 50 +++++++++++++-- .../kvm/x86/private_mem_conversions_test.c | 7 ++- virt/kvm/guest_memfd.c | 56 ++++++++++++++--- virt/kvm/kvm_main.c | 5 ++ 34 files changed, 288 insertions(+), 113 deletions(-) base-commit: a6ad54137af92535cfe32e19e5f3bc1bb7dbd383 -- 2.50.1

1 hour, 26 minutes

3
14
0 0

[PATCH v3 0/5] platform/chrome: Fix a possible UAF via revocable

by Tzung-Bi Shih

This is a follow-up series of [1]. It tries to fix a possible UAF in the fops of cros_ec_chardev after the underlying protocol device has gone by using revocable. The 1st patch introduces the revocable which is an implementation of ideas from the talk [2]. The 2nd and 3rd patches add test cases for revocable in Kunit and selftest. The 4th patch converts existing protocol devices to resource providers of cros_ec_device. The 5th patch converts cros_ec_chardev to a resource consumer of cros_ec_device to fix the UAF. [1] https://lore.kernel.org/chrome-platform/20250721044456.2736300-6-tzungbi@ke… [2] https://lpc.events/event/17/contributions/1627/ Cc: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> Cc: Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> Cc: Wolfram Sang <wsa+renesas(a)sang-engineering.com> v3: - Rebase onto https://lore.kernel.org/chrome-platform/20250828083601.856083-1-tzungbi@ker… and next-20250912. - Change the 4th patch accordingly. v2: https://lore.kernel.org/chrome-platform/20250820081645.847919-1-tzungbi@ker… - Rename "ref_proxy" -> "revocable". - Add test cases in Kunit and selftest. v1: https://lore.kernel.org/chrome-platform/20250814091020.1302888-1-tzungbi@ke… Tzung-Bi Shih (5): revocable: Revocable resource management revocable: Add Kunit test cases selftests: revocable: Add kselftest cases platform/chrome: Protect cros_ec_device lifecycle with revocable platform/chrome: cros_ec_chardev: Consume cros_ec_device via revocable .../driver-api/driver-model/index.rst | 1 + .../driver-api/driver-model/revocable.rst | 151 ++++++++++++ MAINTAINERS | 9 + drivers/base/Kconfig | 8 + drivers/base/Makefile | 5 +- drivers/base/revocable.c | 229 ++++++++++++++++++ drivers/base/revocable_test.c | 110 +++++++++ drivers/platform/chrome/cros_ec.c | 5 + drivers/platform/chrome/cros_ec_chardev.c | 124 +++++++--- include/linux/platform_data/cros_ec_proto.h | 4 + include/linux/revocable.h | 37 +++ tools/testing/selftests/Makefile | 1 + .../selftests/drivers/base/revocable/Makefile | 7 + .../drivers/base/revocable/revocable_test.c | 116 +++++++++ .../drivers/base/revocable/test-revocable.sh | 39 +++ .../base/revocable/test_modules/Makefile | 10 + .../revocable/test_modules/revocable_test.c | 188 ++++++++++++++ 17 files changed, 1003 insertions(+), 41 deletions(-) create mode 100644 Documentation/driver-api/driver-model/revocable.rst create mode 100644 drivers/base/revocable.c create mode 100644 drivers/base/revocable_test.c create mode 100644 include/linux/revocable.h create mode 100644 tools/testing/selftests/drivers/base/revocable/Makefile create mode 100644 tools/testing/selftests/drivers/base/revocable/revocable_test.c create mode 100755 tools/testing/selftests/drivers/base/revocable/test-revocable.sh create mode 100644 tools/testing/selftests/drivers/base/revocable/test_modules/Makefile create mode 100644 tools/testing/selftests/drivers/base/revocable/test_modules/revocable_test.c -- 2.51.0.384.g4c02a37b29-goog

16 hours, 53 minutes

8
30
0 0

[PATCH v3 bpf-next] selftests/bpf: Fix arena_spin_lock selftest failure

by Saket Kumar Bhaskar

For systems having CONFIG_NR_CPUS set to > 1024 in kernel config the selftest fails as arena_spin_lock_irqsave() returns EOPNOTSUPP. (eg - incase of powerpc default value for CONFIG_NR_CPUS is 8192) The selftest is skipped incase bpf program returns EOPNOTSUPP, with a descriptive message logged. Tested-by: Venkat Rao Bagalkote <venkat88(a)linux.ibm.com> Signed-off-by: Saket Kumar Bhaskar <skb99(a)linux.ibm.com> --- Changes since v2: * Separated arena_spin_lock selftest fix patch from the arena patchset as it has to go via bpf-next tree. * For EOPNOTSUPP set test_skip to 3, to differentiate it from scenarios when run conditions are not met as suggested by Hari. * Tweaked message displayed on SKIP to remove display of online cpus. v2:https://lore.kernel.org/all/20250829165135.1273071-1-skb99@linux.ibm.com/ Changes since v1: Addressed comments from Alexei: * Removed skel->rodata->nr_cpus = get_nprocs() and its usage to get currently online cpus(as it needs to be updated from userspace). v1:https://lore.kernel.org/all/20250805062747.3479221-1-skb99@linux.ibm.com/ --- .../selftests/bpf/prog_tests/arena_spin_lock.c | 13 +++++++++++++ tools/testing/selftests/bpf/progs/arena_spin_lock.c | 5 ++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/bpf/prog_tests/arena_spin_lock.c b/tools/testing/selftests/bpf/prog_tests/arena_spin_lock.c index 0223fce4db2b..693fd86fbde6 100644 --- a/tools/testing/selftests/bpf/prog_tests/arena_spin_lock.c +++ b/tools/testing/selftests/bpf/prog_tests/arena_spin_lock.c @@ -40,8 +40,13 @@ static void *spin_lock_thread(void *arg) err = bpf_prog_test_run_opts(prog_fd, &topts); ASSERT_OK(err, "test_run err"); + + if (topts.retval == -EOPNOTSUPP) + goto end; + ASSERT_EQ((int)topts.retval, 0, "test_run retval"); +end: pthread_exit(arg); } @@ -63,6 +68,7 @@ static void test_arena_spin_lock_size(int size) skel = arena_spin_lock__open_and_load(); if (!ASSERT_OK_PTR(skel, "arena_spin_lock__open_and_load")) return; + if (skel->data->test_skip == 2) { test__skip(); goto end; @@ -86,6 +92,13 @@ static void test_arena_spin_lock_size(int size) goto end_barrier; } + if (skel->data->test_skip == 3) { + printf("%s:SKIP: CONFIG_NR_CPUS exceed the maximum supported by arena spinlock\n", + __func__); + test__skip(); + goto end_barrier; + } + ASSERT_EQ(skel->bss->counter, repeat * nthreads, "check counter value"); end_barrier: diff --git a/tools/testing/selftests/bpf/progs/arena_spin_lock.c b/tools/testing/selftests/bpf/progs/arena_spin_lock.c index c4500c37f85e..086b57a426cf 100644 --- a/tools/testing/selftests/bpf/progs/arena_spin_lock.c +++ b/tools/testing/selftests/bpf/progs/arena_spin_lock.c @@ -37,8 +37,11 @@ int prog(void *ctx) #if defined(ENABLE_ATOMICS_TESTS) && defined(__BPF_FEATURE_ADDR_SPACE_CAST) unsigned long flags; - if ((ret = arena_spin_lock_irqsave(&lock, flags))) + if ((ret = arena_spin_lock_irqsave(&lock, flags))) { + if (ret == -EOPNOTSUPP) + test_skip = 3; return ret; + } if (counter != limit) counter++; bpf_repeat(cs_count); -- 2.43.5

23 hours, 57 minutes

1
0
0 0

[PATCH RESEND v2] kunit: Enable PCI on UML without triggering WARN()

by Thomas Weißschuh

Various KUnit tests require PCI infrastructure to work. All normal platforms enable PCI by default, but UML does not. Enabling PCI from .kunitconfig files is problematic as it would not be portable. So in commit 6fc3a8636a7b ("kunit: tool: Enable virtio/PCI by default on UML") PCI was enabled by way of CONFIG_UML_PCI_OVER_VIRTIO=y. However CONFIG_UML_PCI_OVER_VIRTIO requires additional configuration of CONFIG_UML_PCI_OVER_VIRTIO_DEVICE_ID or will otherwise trigger a WARN() in virtio_pcidev_init(). However there is no one correct value for UML_PCI_OVER_VIRTIO_DEVICE_ID which could be used by default. This warning is confusing when debugging test failures. On the other hand, the functionality of CONFIG_UML_PCI_OVER_VIRTIO is not used at all, given that it is completely non-functional as indicated by the WARN() in question. Instead it is only used as a way to enable CONFIG_UML_PCI which itself is not directly configurable. Instead of going through CONFIG_UML_PCI_OVER_VIRTIO, introduce a custom configuration option which enables CONFIG_UML_PCI without triggering warnings or building dead code. Signed-off-by: Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> Reviewed-by: Johannes Berg <johannes(a)sipsolutions.net> --- Changes in v2: - Rebase onto v6.17-rc1 - Pick up review from Johannes - Link to v1: https://lore.kernel.org/r/20250627-kunit-uml-pci-v1-1-a622fa445e58@linutron… --- lib/kunit/Kconfig | 7 +++++++ tools/testing/kunit/configs/arch_uml.config | 5 ++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/kunit/Kconfig b/lib/kunit/Kconfig index c10ede4b1d2201d5f8cddeb71cc5096e21be9b6a..1823539e96da30e165fa8d395ccbd3f6754c836e 100644 --- a/lib/kunit/Kconfig +++ b/lib/kunit/Kconfig @@ -106,4 +106,11 @@ config KUNIT_DEFAULT_TIMEOUT If unsure, the default timeout of 300 seconds is suitable for most cases. +config KUNIT_UML_PCI + bool "KUnit UML PCI Support" + depends on UML + select UML_PCI + help + Enables the PCI subsystem on UML for use by KUnit tests. + endif # KUNIT diff --git a/tools/testing/kunit/configs/arch_uml.config b/tools/testing/kunit/configs/arch_uml.config index 54ad8972681a2cc724e6122b19407188910b9025..28edf816aa70e6f408d9486efff8898df79ee090 100644 --- a/tools/testing/kunit/configs/arch_uml.config +++ b/tools/testing/kunit/configs/arch_uml.config @@ -1,8 +1,7 @@ # Config options which are added to UML builds by default -# Enable virtio/pci, as a lot of tests require it. -CONFIG_VIRTIO_UML=y -CONFIG_UML_PCI_OVER_VIRTIO=y +# Enable pci, as a lot of tests require it. +CONFIG_KUNIT_UML_PCI=y # Enable FORTIFY_SOURCE for wider checking. CONFIG_FORTIFY_SOURCE=y --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250626-kunit-uml-pci-a2b687553746 Best regards, -- Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>

1 day, 2 hours

3
3
0 0

[PATCH] rust: kunit: allow `cfg` on `test`s

by Kaibo Ma

The `kunit_test` proc macro only checks for the `test` attribute immediately preceding a `fn`. If the function is disabled via a `cfg`, the generated code would result in a compile error referencing a non-existent function [1]. This collects attributes and specifically cherry-picks `cfg` attributes to be duplicated inside KUnit wrapper functions such that a test function disabled via `cfg` compiles and is ignored correctly. Link: https://lore.kernel.org/rust-for-linux/CANiq72==48=69hYiDo1321pCzgn_n1_jg=e… [1] Closes: https://github.com/Rust-for-Linux/linux/issues/1185 Suggested-by: Miguel Ojeda <ojeda(a)kernel.org> Signed-off-by: Kaibo Ma <ent3rm4n(a)gmail.com> --- rust/kernel/kunit.rs | 7 +++++++ rust/macros/kunit.rs | 46 ++++++++++++++++++++++++++++++++------------ 2 files changed, 41 insertions(+), 12 deletions(-) diff --git a/rust/kernel/kunit.rs b/rust/kernel/kunit.rs index 41efd8759..32640dfc9 100644 --- a/rust/kernel/kunit.rs +++ b/rust/kernel/kunit.rs @@ -357,4 +357,11 @@ fn rust_test_kunit_example_test() { fn rust_test_kunit_in_kunit_test() { assert!(in_kunit_test()); } + + #[test] + #[cfg(not(all()))] + fn rust_test_kunit_always_disabled_test() { + // This test should never run because of the `cfg`. + assert!(false); + } } diff --git a/rust/macros/kunit.rs b/rust/macros/kunit.rs index 81d18149a..850a321e5 100644 --- a/rust/macros/kunit.rs +++ b/rust/macros/kunit.rs @@ -5,6 +5,7 @@ //! Copyright (c) 2023 José Expósito <jose.exposito89(a)gmail.com> use proc_macro::{Delimiter, Group, TokenStream, TokenTree}; +use std::collections::HashMap; use std::fmt::Write; pub(crate) fn kunit_tests(attr: TokenStream, ts: TokenStream) -> TokenStream { @@ -41,20 +42,32 @@ pub(crate) fn kunit_tests(attr: TokenStream, ts: TokenStream) -> TokenStream { // Get the functions set as tests. Search for `[test]` -> `fn`. let mut body_it = body.stream().into_iter(); let mut tests = Vec::new(); + let mut attributes: HashMap<String, TokenStream> = HashMap::new(); while let Some(token) = body_it.next() { match token { - TokenTree::Group(ident) if ident.to_string() == "[test]" => match body_it.next() { - Some(TokenTree::Ident(ident)) if ident.to_string() == "fn" => { - let test_name = match body_it.next() { - Some(TokenTree::Ident(ident)) => ident.to_string(), - _ => continue, - }; - tests.push(test_name); + TokenTree::Punct(ref p) if p.as_char() == '#' => match body_it.next() { + Some(TokenTree::Group(g)) if g.delimiter() == Delimiter::Bracket => { + if let Some(TokenTree::Ident(name)) = g.stream().into_iter().next() { + // Collect attributes because we need to find which are tests. We also + // need to copy `cfg` attributes so tests can be conditionally enabled. + attributes + .entry(name.to_string()) + .or_default() + .extend([token, TokenTree::Group(g)]); + } + continue; } - _ => continue, + _ => (), }, + TokenTree::Ident(i) if i.to_string() == "fn" && attributes.contains_key("test") => { + if let Some(TokenTree::Ident(test_name)) = body_it.next() { + tests.push((test_name, attributes.remove("cfg").unwrap_or_default())) + } + } + _ => (), } + attributes.clear(); } // Add `#[cfg(CONFIG_KUNIT="y")]` before the module declaration. @@ -100,11 +113,20 @@ pub(crate) fn kunit_tests(attr: TokenStream, ts: TokenStream) -> TokenStream { let mut test_cases = "".to_owned(); let mut assert_macros = "".to_owned(); let path = crate::helpers::file(); - for test in &tests { + let num_tests = tests.len(); + for (test, cfg_attr) in tests { let kunit_wrapper_fn_name = format!("kunit_rust_wrapper_{test}"); - // An extra `use` is used here to reduce the length of the message. + // Append any `cfg` attributes the user might have written on their tests so we don't + // attempt to call them when they are `cfg`'d out. An extra `use` is used here to reduce + // the length of the assert message. let kunit_wrapper = format!( - "unsafe extern \"C\" fn {kunit_wrapper_fn_name}(_test: *mut ::kernel::bindings::kunit) {{ use ::kernel::kunit::is_test_result_ok; assert!(is_test_result_ok({test}())); }}", + r#"unsafe extern "C" fn {kunit_wrapper_fn_name}(_test: *mut ::kernel::bindings::kunit) + {{ + {cfg_attr} {{ + use ::kernel::kunit::is_test_result_ok; + assert!(is_test_result_ok({test}())); + }} + }}"#, ); writeln!(kunit_macros, "{kunit_wrapper}").unwrap(); writeln!( @@ -139,7 +161,7 @@ macro_rules! assert_eq {{ writeln!( kunit_macros, "static mut TEST_CASES: [::kernel::bindings::kunit_case; {}] = [\n{test_cases} ::kernel::kunit::kunit_case_null(),\n];", - tests.len() + 1 + num_tests + 1 ) .unwrap(); -- 2.50.1

1 day, 4 hours

2
1
0 0

[PATCH v5 0/2] KVM: guest_memfd: use write for population

by Kalyazin, Nikita

[ based on kvm/next ] Implement guest_memfd allocation and population via the write syscall. This is useful in non-CoCo use cases where the host can access guest memory. Even though the same can also be achieved via userspace mapping and memcpying from userspace, write provides a more performant option because it does not need to set page tables and it does not cause a page fault for every page like memcpy would. Note that memcpy cannot be accelerated via MADV_POPULATE_WRITE as it is not supported by guest_memfd and relies on GUP. Populating 512MiB of guest_memfd on a x86 machine: - via memcpy: 436 ms - via write: 202 ms (-54%) v5: - Replace the call to the unexported filemap_remove_folio with zeroing the bytes that could not be copied - Fix checkpatch findings v4: - https://lore.kernel.org/kvm/20250828153049.3922-1-kalyazin@amazon.com - Switch from implementing the write callback to write_iter - Remove conditional compilation v3: - https://lore.kernel.org/kvm/20250303130838.28812-1-kalyazin@amazon.com - David/Mike D: Only compile support for the write syscall if CONFIG_KVM_GMEM_SHARED_MEM (now gone) is enabled. v2: - https://lore.kernel.org/kvm/20241129123929.64790-1-kalyazin@amazon.com - Switch from an ioctl to the write syscall to implement population v1: - https://lore.kernel.org/kvm/20241024095429.54052-1-kalyazin@amazon.com Nikita Kalyazin (2): KVM: guest_memfd: add generic population via write KVM: selftests: update guest_memfd write tests .../testing/selftests/kvm/guest_memfd_test.c | 86 +++++++++++++++++-- virt/kvm/guest_memfd.c | 62 ++++++++++++- 2 files changed, 141 insertions(+), 7 deletions(-) base-commit: a6ad54137af92535cfe32e19e5f3bc1bb7dbd383 -- 2.50.1

1 day, 8 hours

5
12
0 0

[PATCH 0/4] PCI: Add support and tests for FIXUP quirks in modules

by Brian Norris

This series primarily adds support for DECLARE_PCI_FIXUP_*() in modules. There are a few drivers that already use this, and so they are presumably broken when built as modules. While at it, I wrote some unit tests that emulate a fake PCI device, and let the PCI framework match/not-match its vendor/device IDs. This test can be built into the kernel or built as a module. I also include some infrastructure changes (patch 3 and 4), so that ARCH=um (the default for kunit.py), ARCH=arm, and ARCH=arm64 will run these tests by default. These patches have different maintainers and are independent, so they can probably be picked up separately. I included them because otherwise the tests in patch 2 aren't so easy to run. Brian Norris (4): PCI: Support FIXUP quirks in modules PCI: Add KUnit tests for FIXUP quirks um: Select PCI_DOMAINS_GENERIC kunit: qemu_configs: Add PCI to arm, arm64 arch/um/Kconfig | 1 + drivers/pci/Kconfig | 11 ++ drivers/pci/Makefile | 1 + drivers/pci/fixup-test.c | 197 ++++++++++++++++++++++ drivers/pci/quirks.c | 62 +++++++ include/linux/module.h | 18 ++ kernel/module/main.c | 26 +++ tools/testing/kunit/qemu_configs/arm.py | 1 + tools/testing/kunit/qemu_configs/arm64.py | 1 + 9 files changed, 318 insertions(+) create mode 100644 drivers/pci/fixup-test.c -- 2.51.0.384.g4c02a37b29-goog

1 day, 10 hours

1
4
0 0

[PATCH v16 0/6] KVM: arm64: Provide guest support for GCS

by Mark Brown

The arm64 Guarded Control Stack (GCS) feature provides support for hardware protected stacks of return addresses, intended to provide hardening against return oriented programming (ROP) attacks and to make it easier to gather call stacks for applications such as profiling. When GCS is active a secondary stack called the Guarded Control Stack is maintained, protected with a memory attribute which means that it can only be written with specific GCS operations. The current GCS pointer can not be directly written to by userspace. When a BL is executed the value stored in LR is also pushed onto the GCS, and when a RET is executed the top of the GCS is popped and compared to LR with a fault being raised if the values do not match. GCS operations may only be performed on GCS pages, a data abort is generated if they are not. The combination of hardware enforcement and lack of extra instructions in the function entry and exit paths should result in something which has less overhead and is more difficult to attack than a purely software implementation like clang's shadow stacks. This series implements support for managing GCS for KVM guests. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v16: - Rebase onto v6.17-rc3. - Also expose the feature to nested guests. - Implement emulation of EXLOCK when returning from nested guests. - Rename enter_exception_gcs() to compute_exlock(). - Move all ID_AA64PFR1_EL1 handling to the final kernel patch. - Drop unneeded forwarding of GCS exceptions. - Commit and cover message updates. - Link to v15: https://lore.kernel.org/r/20250820-arm64-gcs-v15-0-5e334da18b84@kernel.org Changes in v15: - Rebase onto v6.17-rc1. - Link to v14: https://lore.kernel.org/r/20241005-arm64-gcs-v14-0-59060cd6092b@kernel.org Changes in v14: - Rebase onto arm64/for-next/gcs which includes all the non-KVM support. - Manage the fine grained traps for GCS instructions. - Manage PSTATE.EXLOCK when delivering exceptions to KVM guests. - Link to v13: https://lore.kernel.org/r/20241001-arm64-gcs-v13-0-222b78d87eee@kernel.org Changes in v13: - Rebase onto v6.12-rc1. - Allocate VM_HIGH_ARCH_6 since protection keys used all the existing bits. - Implement mm_release() and free transparently allocated GCSs there. - Use bit 32 of AT_HWCAP for GCS due to AT_HWCAP2 being filled. - Since we now only set GCSCRE0_EL1 on change ensure that it is initialised with GCSPR_EL0 accessible to EL0. - Fix OOM handling on thread copy. - Link to v12: https://lore.kernel.org/r/20240829-arm64-gcs-v12-0-42fec947436a@kernel.org Changes in v12: - Clarify and simplify the signal handling code so we work with the register state. - When checking for write aborts to shadow stack pages ensure the fault is a data abort. - Depend on !UPROBES. - Comment cleanups. - Link to v11: https://lore.kernel.org/r/20240822-arm64-gcs-v11-0-41b81947ecb5@kernel.org Changes in v11: - Remove the dependency on the addition of clone3() support for shadow stacks, rebasing onto v6.11-rc3. - Make ID_AA64PFR1_EL1.GCS writeable in KVM. - Hide GCS registers when GCS is not enabled for KVM guests. - Require HCRX_EL2.GCSEn if booting at EL1. - Require that GCSCR_EL1 and GCSCRE0_EL1 be initialised regardless of if we boot at EL2 or EL1. - Remove some stray use of bit 63 in signal cap tokens. - Warn if we see a GCS with VM_SHARED. - Remove rdundant check for VM_WRITE in fault handling. - Cleanups and clarifications in the ABI document. - Clean up and improve documentation of some sync placement. - Only set the EL0 GCS mode if it's actually changed. - Various minor fixes and tweaks. - Link to v10: https://lore.kernel.org/r/20240801-arm64-gcs-v10-0-699e2bd2190b@kernel.org Changes in v10: - Fix issues with THP. - Tighten up requirements for initialising GCSCR*. - Only generate GCS signal frames for threads using GCS. - Only context switch EL1 GCS registers if S1PIE is enabled. - Move context switch of GCSCRE0_EL1 to EL0 context switch. - Make GCS registers unconditionally visible to userspace. - Use FHU infrastructure. - Don't change writability of ID_AA64PFR1_EL1 for KVM. - Remove unused arguments from alloc_gcs(). - Typo fixes. - Link to v9: https://lore.kernel.org/r/20240625-arm64-gcs-v9-0-0f634469b8f0@kernel.org Changes in v9: - Rebase onto v6.10-rc3. - Restructure and clarify memory management fault handling. - Fix up basic-gcs for the latest clone3() changes. - Convert to newly merged KVM ID register based feature configuration. - Fixes for NV traps. - Link to v8: https://lore.kernel.org/r/20240203-arm64-gcs-v8-0-c9fec77673ef@kernel.org Changes in v8: - Invalidate signal cap token on stack when consuming. - Typo and other trivial fixes. - Don't try to use process_vm_write() on GCS, it intentionally does not work. - Fix leak of thread GCSs. - Rebase onto latest clone3() series. - Link to v7: https://lore.kernel.org/r/20231122-arm64-gcs-v7-0-201c483bd775@kernel.org Changes in v7: - Rebase onto v6.7-rc2 via the clone3() patch series. - Change the token used to cap the stack during signal handling to be compatible with GCSPOPM. - Fix flags for new page types. - Fold in support for clone3(). - Replace copy_to_user_gcs() with put_user_gcs(). - Link to v6: https://lore.kernel.org/r/20231009-arm64-gcs-v6-0-78e55deaa4dd@kernel.org Changes in v6: - Rebase onto v6.6-rc3. - Add some more gcsb_dsync() barriers following spec clarifications. - Due to ongoing discussion around clone()/clone3() I've not updated anything there, the behaviour is the same as on previous versions. - Link to v5: https://lore.kernel.org/r/20230822-arm64-gcs-v5-0-9ef181dd6324@kernel.org Changes in v5: - Don't map any permissions for user GCSs, we always use EL0 accessors or use a separate mapping of the page. - Reduce the standard size of the GCS to RLIMIT_STACK/2. - Enforce a PAGE_SIZE alignment requirement on map_shadow_stack(). - Clarifications and fixes to documentation. - More tests. - Link to v4: https://lore.kernel.org/r/20230807-arm64-gcs-v4-0-68cfa37f9069@kernel.org Changes in v4: - Implement flags for map_shadow_stack() allowing the cap and end of stack marker to be enabled independently or not at all. - Relax size and alignment requirements for map_shadow_stack(). - Add more blurb explaining the advantages of hardware enforcement. - Link to v3: https://lore.kernel.org/r/20230731-arm64-gcs-v3-0-cddf9f980d98@kernel.org Changes in v3: - Rebase onto v6.5-rc4. - Add a GCS barrier on context switch. - Add a GCS stress test. - Link to v2: https://lore.kernel.org/r/20230724-arm64-gcs-v2-0-dc2c1d44c2eb@kernel.org Changes in v2: - Rebase onto v6.5-rc3. - Rework prctl() interface to allow each bit to be locked independently. - map_shadow_stack() now places the cap token based on the size requested by the caller not the actual space allocated. - Mode changes other than enable via ptrace are now supported. - Expand test coverage. - Various smaller fixes and adjustments. - Link to v1: https://lore.kernel.org/r/20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org --- Mark Brown (6): arm64/gcs: Ensure FGTs for EL1 GCS instructions are disabled KVM: arm64: Manage GCS access and registers for guests KVM: arm64: Set PSTATE.EXLOCK when entering an exception KVM: arm64: Validate GCS exception lock when emulating ERET KVM: arm64: Allow GCS to be enabled for guests KVM: selftests: arm64: Add GCS registers to get-reg-list arch/arm64/include/asm/el2_setup.h | 5 +++ arch/arm64/include/asm/kvm_emulate.h | 3 ++ arch/arm64/include/asm/kvm_host.h | 14 +++++++++ arch/arm64/include/asm/vncr_mapping.h | 2 ++ arch/arm64/include/uapi/asm/ptrace.h | 1 + arch/arm64/kvm/emulate-nested.c | 40 +++++++++++++++++++++++- arch/arm64/kvm/hyp/exception.c | 37 ++++++++++++++++++++++ arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 31 ++++++++++++++++++ arch/arm64/kvm/hyp/vhe/sysreg-sr.c | 10 ++++++ arch/arm64/kvm/nested.c | 7 +++-- arch/arm64/kvm/sys_regs.c | 32 +++++++++++++++++-- tools/testing/selftests/kvm/arm64/get-reg-list.c | 12 +++++++ 12 files changed, 188 insertions(+), 6 deletions(-) --- base-commit: 1b237f190eb3d36f52dffe07a40b5eb210280e00 change-id: 20230303-arm64-gcs-e311ab0d8729 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 day, 11 hours

2
13
0 0

[PATCH] selftests/futex: Conditionally run futex_numa_mpol test

by Wake Liu

The futex_numa_mpol test requires libnuma, which is not available on all platforms. When the test is not built, the run.sh script fails because it unconditionally tries to execute the test binary. Check for the futex_numa_mpol executable before running it. If the binary is not present, print a skip message and continue. This allows the test suite to run successfully on platforms that do not have libnuma and therefore do not build the futex_numa_mpol test. Signed-off-by: Wake Liu <wakel(a)google.com> --- tools/testing/selftests/futex/functional/run.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/futex/functional/run.sh b/tools/testing/selftests/futex/functional/run.sh index 81739849f299..f3e43eb806bf 100755 --- a/tools/testing/selftests/futex/functional/run.sh +++ b/tools/testing/selftests/futex/functional/run.sh @@ -88,4 +88,8 @@ echo ./futex_priv_hash -g $COLOR echo -./futex_numa_mpol $COLOR +if [ -x ./futex_numa_mpol ]; then + ./futex_numa_mpol $COLOR +else + echo "SKIP: futex_numa_mpol (not built)" +fi -- 2.51.0.355.g5224444f11-goog

1 day, 11 hours

3
2
0 0

[PATCH net-next] selftests: ncdevmem: remove sleep on rx

by Stanislav Fomichev

RX devmem sometimes fails on NIPA: https://netdev-3.bots.linux.dev/vmksft-fbnic-qemu-dbg/results/294402/7-devm… Both RSS and flow steering are properly installed, but the wait_port_listen fails. Try to remove sleep(1) to see if the cause of the failure is spending too much time during RX setup. I don't see a good reason to have sleep in the first place. If there needs to be a delay between installing the rules and receiving the traffic, let's add it to the callers (devmem.py) instead. Signed-off-by: Stanislav Fomichev <sdf(a)fomichev.me> --- tools/testing/selftests/drivers/net/hw/ncdevmem.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/tools/testing/selftests/drivers/net/hw/ncdevmem.c b/tools/testing/selftests/drivers/net/hw/ncdevmem.c index c0a22938bed2..3288ed04ce08 100644 --- a/tools/testing/selftests/drivers/net/hw/ncdevmem.c +++ b/tools/testing/selftests/drivers/net/hw/ncdevmem.c @@ -872,8 +872,6 @@ static int do_server(struct memory_buffer *mem) goto err_reset_rss; } - sleep(1); - if (bind_rx_queue(ifindex, mem->fd, create_queues(), num_queues, &ys)) { pr_err("Failed to bind"); goto err_reset_flow_steering; -- 2.51.0

1 day, 12 hours

2
1
0 0

[PATCH 6.1 00/15] genetlink: Test Netlink subsystem of Linux v6.1

by Yana Bashlykova

This series adds comprehensive testing infrastructure for Netlink and Generic Netlink The implementation includes both kernel module and userspace tests to verify correct Generic Netlink and Netlink behaviors under various conditions. Yana Bashlykova (15): genetlink: add sysfs test module for Generic Netlink genetlink: add TEST_GENL family for netlink testing genetlink: add PARALLEL_GENL test family genetlink: add test case for duplicate genl family registration genetlink: add test case for family with invalid ops genetlink: add netlink notifier support genetlink: add THIRD_GENL family genetlink: verify unregister fails for non-registered family genetlink: add LARGE_GENL stress test family selftests: net: genetlink: add packet capture test infrastructure selftests: net: genetlink: add /proc/net/netlink test selftests: net: genetlink: add Generic Netlink controller tests selftests: net: genetlink: add large family ID resolution test selftests: net: genetlink: add Netlink and Generic Netlink test suite selftests: net: genetlink: fix expectation for large family resolution drivers/net/Kconfig | 2 + drivers/net/Makefile | 2 + drivers/net/genetlink/Kconfig | 8 + drivers/net/genetlink/Makefile | 3 + .../net-pf-16-proto-16-family-PARALLEL_GENL.c | 1921 ++++++ tools/testing/selftests/net/Makefile | 6 + tools/testing/selftests/net/genetlink.c | 5152 +++++++++++++++++ 7 files changed, 7094 insertions(+) create mode 100644 drivers/net/genetlink/Kconfig create mode 100644 drivers/net/genetlink/Makefile create mode 100644 drivers/net/genetlink/net-pf-16-proto-16-family-PARALLEL_GENL.c create mode 100644 tools/testing/selftests/net/genetlink.c -- 2.34.1

1 day, 12 hours

2
7
0 0

[PATCH v3 0/3] HID: hidraw: rework ioctls

by Benjamin Tissoires

Arnd sent the v1 of the series in July, and it was bogus. So with a little help from claude-sonnet I built up the missing ioctls tests and tried to figure out a way to apply Arnd's logic without breaking the existing ioctls. The end result is in patch 3/3, which makes use of subfunctions to keep the main ioctl code path clean. Signed-off-by: Benjamin Tissoires <bentiss(a)kernel.org> --- Changes in v3: - dropped the co-developed-by tag and put a blurb instead - change the attribution of patch 3/3 to me as requested by Arnd. - Link to v2: https://lore.kernel.org/r/20250826-b4-hidraw-ioctls-v2-0-c7726b236719@kerne… changes in v2: - add new hidraw ioctls tests - refactor Arnd's patch to keep the existing error path logic - link to v1: https://lore.kernel.org/linux-input/20250711072847.2836962-1-arnd@kernel.or… --- Benjamin Tissoires (3): selftests/hid: hidraw: add more coverage for hidraw ioctls selftests/hid: hidraw: forge wrong ioctls and tests them HID: hidraw: tighten ioctl command parsing drivers/hid/hidraw.c | 224 ++++++++------- include/uapi/linux/hidraw.h | 2 + tools/testing/selftests/hid/hid_common.h | 6 + tools/testing/selftests/hid/hidraw.c | 473 +++++++++++++++++++++++++++++++ 4 files changed, 603 insertions(+), 102 deletions(-) --- base-commit: 02d6eeedbc36d4b309d5518778071a749ef79c4e change-id: 20250825-b4-hidraw-ioctls-66f34297032a Best regards, -- Benjamin Tissoires <bentiss(a)kernel.org>

1 day, 16 hours

1
3
0 0

[PATCH net-next 0/3] mptcp: misc minor cleanups

by Matthieu Baerts (NGI0)

Here are some small unrelated cleanups collected when working on some fixes recently. - Patches 1 & 2: close file descriptors in exit paths in the selftests. - Patch 3: fix a wrong type (int i/o u32) when parsing netlink message. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Geliang Tang (2): selftests: mptcp: close server file descriptors selftests: mptcp: close server IPC descriptors Matthieu Baerts (NGI0) (1): mptcp: pm: netlink: fix if-idx type net/mptcp/pm_netlink.c | 2 +- tools/testing/selftests/net/mptcp/mptcp_inq.c | 9 +++++++-- tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 9 +++++++-- 3 files changed, 15 insertions(+), 5 deletions(-) --- base-commit: dc2f650f7e6857bf384069c1a56b2937a1ee370d change-id: 20250912-net-next-mptcp-minor-fixes-6-18-a10e141ae3e7 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 day, 16 hours

1
3
0 0

[PATCH v2 00/33] ns: support file handles

by Christian Brauner

For a while now we have supported file handles for pidfds. This has proven to be very useful. Extend the concept to cover namespaces as well. After this patchset it is possible to encode and decode namespace file handles using the commong name_to_handle_at() and open_by_handle_at() apis. Namespaces file descriptors can already be derived from pidfds which means they aren't subject to overmount protection bugs. IOW, it's irrelevant if the caller would not have access to an appropriate /proc/<pid>/ns/ directory as they could always just derive the namespace based on a pidfd already. It has the same advantage as pidfds. It's possible to reliably and for the lifetime of the system refer to a namespace without pinning any resources and to compare them. Permission checking is kept simple. If the caller is located in the namespace the file handle refers to they are able to open it otherwise they must hold privilege over the owning namespace of the relevant namespace. Both the network namespace and the mount namespace already have an associated cookie that isn't recycled and is fully exposed to userspace. Move this into ns_common and use the same id space for all namespaces so they can trivially and reliably be compared. There's more coming based on the iterator infrastructure but the series is large enough and focuses on file handles. Extensive selftests included. Signed-off-by: Christian Brauner <brauner(a)kernel.org> --- Changes in v2: - Address various review comments. - Use a common NS_GET_ID ioctl() instead of individual ioctls. - Link to v1: https://lore.kernel.org/20250910-work-namespace-v1-0-4dd56e7359d8@kernel.org --- Christian Brauner (33): pidfs: validate extensible ioctls nsfs: drop tautological ioctl() check nsfs: validate extensible ioctls block: use extensible_ioctl_valid() ns: move to_ns_common() to ns_common.h nsfs: add nsfs.h header ns: uniformly initialize ns_common cgroup: use ns_common_init() ipc: use ns_common_init() mnt: use ns_common_init() net: use ns_common_init() pid: use ns_common_init() time: use ns_common_init() user: use ns_common_init() uts: use ns_common_init() ns: remove ns_alloc_inum() nstree: make iterator generic mnt: support ns lookup cgroup: support ns lookup ipc: support ns lookup net: support ns lookup pid: support ns lookup time: support ns lookup user: support ns lookup uts: support ns lookup ns: add to_<type>_ns() to respective headers nsfs: add current_in_namespace() nsfs: support file handles nsfs: support exhaustive file handles nsfs: add missing id retrieval support tools: update nsfs.h uapi header selftests/namespaces: add identifier selftests selftests/namespaces: add file handle selftests block/blk-integrity.c | 8 +- fs/fhandle.c | 6 + fs/internal.h | 1 + fs/mount.h | 10 +- fs/namespace.c | 156 +-- fs/nsfs.c | 201 ++- fs/pidfs.c | 2 +- include/linux/cgroup.h | 5 + include/linux/exportfs.h | 6 + include/linux/fs.h | 14 + include/linux/ipc_namespace.h | 5 + include/linux/ns_common.h | 29 + include/linux/nsfs.h | 40 + include/linux/nsproxy.h | 11 - include/linux/nstree.h | 89 ++ include/linux/pid_namespace.h | 5 + include/linux/proc_ns.h | 32 +- include/linux/time_namespace.h | 9 + include/linux/user_namespace.h | 5 + include/linux/utsname.h | 5 + include/net/net_namespace.h | 6 + include/uapi/linux/fcntl.h | 1 + include/uapi/linux/nsfs.h | 15 +- init/main.c | 2 + ipc/msgutil.c | 1 + ipc/namespace.c | 12 +- ipc/shm.c | 2 + kernel/Makefile | 2 +- kernel/cgroup/cgroup.c | 2 + kernel/cgroup/namespace.c | 24 +- kernel/nstree.c | 233 ++++ kernel/pid_namespace.c | 13 +- kernel/time/namespace.c | 23 +- kernel/user_namespace.c | 17 +- kernel/utsname.c | 28 +- net/core/net_namespace.c | 59 +- tools/include/uapi/linux/nsfs.h | 17 +- tools/testing/selftests/namespaces/.gitignore | 2 + tools/testing/selftests/namespaces/Makefile | 7 + tools/testing/selftests/namespaces/config | 7 + .../selftests/namespaces/file_handle_test.c | 1429 ++++++++++++++++++++ tools/testing/selftests/namespaces/nsid_test.c | 986 ++++++++++++++ 42 files changed, 3257 insertions(+), 270 deletions(-) --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250905-work-namespace-c68826dda0d4

1 day, 17 hours

2
34
0 0

[PATCH] mm/memory-failure: Disable soft offline for HugeTLB pages by default

by Kyle Meyer

Soft offlining a HugeTLB page reduces the available HugeTLB page pool. Since HugeTLB pages are preallocated, reducing the available HugeTLB page pool can cause allocation failures. /proc/sys/vm/enable_soft_offline provides a sysctl interface to disable/enable soft offline: 0 - Soft offline is disabled. 1 - Soft offline is enabled. The current sysctl interface does not distinguish between HugeTLB pages and other page types. Disable soft offline for HugeTLB pages by default (1) and extend the sysctl interface to preserve existing behavior (2): 0 - Soft offline is disabled. 1 - Soft offline is enabled (excluding HugeTLB pages). 2 - Soft offline is enabled (including HugeTLB pages). Update documentation for the sysctl interface, reference the sysctl interface in the sysfs ABI documentation, and update HugeTLB soft offline selftests. Reported-by: Shawn Fan <shawn.fan(a)intel.com> Suggested-by: Tony Luck <tony.luck(a)intel.com> Signed-off-by: Kyle Meyer <kyle.meyer(a)hpe.com> --- Tony's original patch disabled soft offline for HugeTLB pages when a correctable memory error reported via GHES (with "error threshold exceeded" set) happened to be on a HugeTLB page: https://lore.kernel.org/all/20250904155720.22149-1-tony.luck@intel.com This patch disables soft offline for HugeTLB pages by default (not just from GHES). --- .../ABI/testing/sysfs-memory-page-offline | 6 ++++ Documentation/admin-guide/sysctl/vm.rst | 18 ++++++++--- mm/memory-failure.c | 21 ++++++++++-- .../selftests/mm/hugetlb-soft-offline.c | 32 +++++++++++++------ 4 files changed, 60 insertions(+), 17 deletions(-) diff --git a/Documentation/ABI/testing/sysfs-memory-page-offline b/Documentation/ABI/testing/sysfs-memory-page-offline index 00f4e35f916f..befb89ae39ec 100644 --- a/Documentation/ABI/testing/sysfs-memory-page-offline +++ b/Documentation/ABI/testing/sysfs-memory-page-offline @@ -20,6 +20,12 @@ Description: number, or a error when the offlining failed. Reading the file is not allowed. + Soft-offline can be disabled/enabled via sysctl: + /proc/sys/vm/enable_soft_offline + + For details, see: + Documentation/admin-guide/sysctl/vm.rst + What: /sys/devices/system/memory/hard_offline_page Date: Sep 2009 KernelVersion: 2.6.33 diff --git a/Documentation/admin-guide/sysctl/vm.rst b/Documentation/admin-guide/sysctl/vm.rst index 4d71211fdad8..ae56372bd604 100644 --- a/Documentation/admin-guide/sysctl/vm.rst +++ b/Documentation/admin-guide/sysctl/vm.rst @@ -309,19 +309,29 @@ physical memory) vs performance / capacity implications in transparent and HugeTLB cases. For all architectures, enable_soft_offline controls whether to soft offline -memory pages. When set to 1, kernel attempts to soft offline the pages -whenever it thinks needed. When set to 0, kernel returns EOPNOTSUPP to -the request to soft offline the pages. Its default value is 1. +memory pages: + +- 0: Soft offline is disabled. +- 1: Soft offline is enabled (excluding HugeTLB pages). +- 2: Soft offline is enabled (including HugeTLB pages). + +The default is 1. + +If soft offline is disabled for the requested page type, EOPNOTSUPP is returned. It is worth mentioning that after setting enable_soft_offline to 0, the following requests to soft offline pages will not be performed: +- Request to soft offline from sysfs (soft_offline_page). + - Request to soft offline pages from RAS Correctable Errors Collector. -- On ARM, the request to soft offline pages from GHES driver. +- On ARM and X86, the request to soft offline pages from GHES driver. - On PARISC, the request to soft offline pages from Page Deallocation Table. +Note: Soft offlining a HugeTLB page reduces the HugeTLB page pool. + extfrag_threshold ================= diff --git a/mm/memory-failure.c b/mm/memory-failure.c index fc30ca4804bf..cb59a99b48c5 100644 --- a/mm/memory-failure.c +++ b/mm/memory-failure.c @@ -64,11 +64,18 @@ #include "internal.h" #include "ras/ras_event.h" +enum soft_offline { + SOFT_OFFLINE_DISABLED = 0, + SOFT_OFFLINE_ENABLED_SKIP_HUGETLB, + SOFT_OFFLINE_ENABLED +}; + static int sysctl_memory_failure_early_kill __read_mostly; static int sysctl_memory_failure_recovery __read_mostly = 1; -static int sysctl_enable_soft_offline __read_mostly = 1; +static int sysctl_enable_soft_offline __read_mostly = + SOFT_OFFLINE_ENABLED_SKIP_HUGETLB; atomic_long_t num_poisoned_pages __read_mostly = ATOMIC_LONG_INIT(0); @@ -150,7 +157,7 @@ static const struct ctl_table memory_failure_table[] = { .mode = 0644, .proc_handler = proc_dointvec_minmax, .extra1 = SYSCTL_ZERO, - .extra2 = SYSCTL_ONE, + .extra2 = SYSCTL_TWO, } }; @@ -2799,12 +2806,20 @@ int soft_offline_page(unsigned long pfn, int flags) return -EIO; } - if (!sysctl_enable_soft_offline) { + if (sysctl_enable_soft_offline == SOFT_OFFLINE_DISABLED) { pr_info_once("disabled by /proc/sys/vm/enable_soft_offline\n"); put_ref_page(pfn, flags); return -EOPNOTSUPP; } + if (sysctl_enable_soft_offline == SOFT_OFFLINE_ENABLED_SKIP_HUGETLB) { + if (folio_test_hugetlb(pfn_folio(pfn))) { + pr_info_once("disabled for HugeTLB pages by /proc/sys/vm/enable_soft_offline\n"); + put_ref_page(pfn, flags); + return -EOPNOTSUPP; + } + } + mutex_lock(&mf_mutex); if (PageHWPoison(page)) { diff --git a/tools/testing/selftests/mm/hugetlb-soft-offline.c b/tools/testing/selftests/mm/hugetlb-soft-offline.c index f086f0e04756..7e2873cd0a6d 100644 --- a/tools/testing/selftests/mm/hugetlb-soft-offline.c +++ b/tools/testing/selftests/mm/hugetlb-soft-offline.c @@ -1,10 +1,15 @@ // SPDX-License-Identifier: GPL-2.0 /* * Test soft offline behavior for HugeTLB pages: - * - if enable_soft_offline = 0, hugepages should stay intact and soft - * offlining failed with EOPNOTSUPP. - * - if enable_soft_offline = 1, a hugepage should be dissolved and - * nr_hugepages/free_hugepages should be reduced by 1. + * + * - if enable_soft_offline = 0 (SOFT_OFFLINE_DISABLED), HugeTLB pages + * should stay intact and soft offlining failed with EOPNOTSUPP. + * + * - if enable_soft_offline = 1 (SOFT_OFFLINE_ENABLED_SKIP_HUGETLB), HugeTLB pages + * should stay intact and soft offlining failed with EOPNOTSUPP. + * + * - if enable_soft_offline = 2 (SOFT_OFFLINE_ENABLED), a HugeTLB page should be + * dissolved and nr_hugepages/free_hugepages should be reduced by 1. * * Before running, make sure more than 2 hugepages of default_hugepagesz * are allocated. For example, if /proc/meminfo/Hugepagesize is 2048kB: @@ -32,6 +37,12 @@ #define EPREFIX " !!! " +enum soft_offline { + SOFT_OFFLINE_DISABLED = 0, + SOFT_OFFLINE_ENABLED_SKIP_HUGETLB, + SOFT_OFFLINE_ENABLED +}; + static int do_soft_offline(int fd, size_t len, int expect_errno) { char *filemap = NULL; @@ -83,7 +94,7 @@ static int set_enable_soft_offline(int value) char cmd[256] = {0}; FILE *cmdfile = NULL; - if (value != 0 && value != 1) + if (value < SOFT_OFFLINE_DISABLED || value > SOFT_OFFLINE_ENABLED) return -EINVAL; sprintf(cmd, "echo %d > /proc/sys/vm/enable_soft_offline", value); @@ -155,7 +166,7 @@ static int create_hugetlbfs_file(struct statfs *file_stat) static void test_soft_offline_common(int enable_soft_offline) { int fd; - int expect_errno = enable_soft_offline ? 0 : EOPNOTSUPP; + int expect_errno = (enable_soft_offline == SOFT_OFFLINE_ENABLED) ? 0 : EOPNOTSUPP; struct statfs file_stat; unsigned long hugepagesize_kb = 0; unsigned long nr_hugepages_before = 0; @@ -198,7 +209,7 @@ static void test_soft_offline_common(int enable_soft_offline) // No need for the hugetlbfs file from now on. close(fd); - if (enable_soft_offline) { + if (enable_soft_offline == SOFT_OFFLINE_ENABLED) { if (nr_hugepages_before != nr_hugepages_after + 1) { ksft_test_result_fail("MADV_SOFT_OFFLINE should reduced 1 hugepage\n"); return; @@ -219,10 +230,11 @@ static void test_soft_offline_common(int enable_soft_offline) int main(int argc, char **argv) { ksft_print_header(); - ksft_set_plan(2); + ksft_set_plan(3); - test_soft_offline_common(1); - test_soft_offline_common(0); + test_soft_offline_common(SOFT_OFFLINE_ENABLED); + test_soft_offline_common(SOFT_OFFLINE_ENABLED_SKIP_HUGETLB); + test_soft_offline_common(SOFT_OFFLINE_DISABLED); ksft_finished(); } -- 2.51.0

1 day, 17 hours

5
9
0 0

[PATCH v4 0/7] Add support for FEAT_{LS64, LS64_V} and related tests

by Yicong Yang

From: Yicong Yang <yangyicong(a)hisilicon.com> Armv8.7 introduces single-copy atomic 64-byte loads and stores instructions and its variants named under FEAT_{LS64, LS64_V}. Add support for Armv8.7 FEAT_{LS64, LS64_V}: - Add identifying and enabling in the cpufeature list - Expose the support of these features to userspace through HWCAP3 and cpuinfo - Add related hwcap test - Handle the trap of unsupported memory (normal/uncacheable) access in a VM A real scenario for this feature is that the userspace driver can make use of this to implement direct WQE (workqueue entry) - a mechanism to fill WQE directly into the hardware. Picked Marc's 2 patches form [1] for handling the LS64 trap in a VM on emulated MMIO and the introduce of KVM_EXIT_ARM_LDST64B. [1] https://lore.kernel.org/linux-arm-kernel/20240815125959.2097734-1-maz@kerne… Tested with updated hwcap test: [root@localhost tmp]# dmesg | grep "All CPU(s) started" [ 14.789859] CPU: All CPU(s) started at EL2 [root@localhost tmp]# ./hwcap # LS64 present ok 217 cpuinfo_match_LS64 ok 218 sigill_LS64 ok 219 # SKIP sigbus_LS64_V # LS64_V present ok 220 cpuinfo_match_LS64_V ok 221 sigill_LS64_V ok 222 # SKIP sigbus_LS64_V # 115 skipped test(s) detected. Consider enabling relevant config options to improve coverage. # Totals: pass:107 fail:0 xfail:0 xpass:0 skip:115 error:0 root@localhost:/mnt# dmesg | grep "All CPU(s) started" [ 0.281152] CPU: All CPU(s) started at EL1 root@localhost:/mnt# ./hwcap # LS64 present ok 217 cpuinfo_match_LS64 ok 218 sigill_LS64 ok 219 # SKIP sigbus_LS64 # LS64_V present ok 220 cpuinfo_match_LS64_V ok 221 sigill_LS64_V ok 222 # SKIP sigbus_LS64_V # 115 skipped test(s) detected. Consider enabling relevant config options to improve coverage. # Totals: pass:107 fail:0 xfail:0 xpass:0 skip:115 error:0 Change since v3: - Inject DABT fault for LS64 fault on unsupported memory but with valid memslot Link: https://lore.kernel.org/linux-arm-kernel/20250626080906.64230-1-yangyicong@… Change since v2: - Handle the LS64 fault to userspace and allow userspace to inject LS64 fault - Reorder the patches to make KVM handling prior to feature support Link: https://lore.kernel.org/linux-arm-kernel/20250331094320.35226-1-yangyicong@… Change since v1: - Drop the support for LS64_ACCDATA - handle the DABT of unsupported memory type after checking the memory attributes Link: https://lore.kernel.org/linux-arm-kernel/20241202135504.14252-1-yangyicong@… Marc Zyngier (2): KVM: arm64: Add exit to userspace on {LD,ST}64B* outside of memslots KVM: arm64: Add documentation for KVM_EXIT_ARM_LDST64B Yicong Yang (5): KVM: arm64: Handle DABT caused by LS64* instructions on unsupported memory arm64: Provide basic EL2 setup for FEAT_{LS64, LS64_V} usage at EL0/1 arm64: Add support for FEAT_{LS64, LS64_V} KVM: arm64: Enable FEAT_{LS64, LS64_V} in the supported guest kselftest/arm64: Add HWCAP test for FEAT_{LS64, LS64_V} Documentation/arch/arm64/booting.rst | 12 +++ Documentation/arch/arm64/elf_hwcaps.rst | 6 ++ Documentation/virt/kvm/api.rst | 43 +++++++++-- arch/arm64/include/asm/el2_setup.h | 12 ++- arch/arm64/include/asm/esr.h | 8 ++ arch/arm64/include/asm/hwcap.h | 2 + arch/arm64/include/asm/kvm_emulate.h | 7 ++ arch/arm64/include/uapi/asm/hwcap.h | 2 + arch/arm64/kernel/cpufeature.c | 51 +++++++++++++ arch/arm64/kernel/cpuinfo.c | 2 + arch/arm64/kvm/inject_fault.c | 29 ++++++++ arch/arm64/kvm/mmio.c | 27 ++++++- arch/arm64/kvm/mmu.c | 14 +++- arch/arm64/tools/cpucaps | 2 + include/uapi/linux/kvm.h | 3 +- tools/testing/selftests/arm64/abi/hwcap.c | 90 +++++++++++++++++++++++ 16 files changed, 299 insertions(+), 11 deletions(-) -- 2.24.0

1 day, 19 hours

3
12
0 0

[PATCH] selftests/mm: centralize the __always_unused macro

by Muhammad Usama Anjum

This macro gets used in different tests. Add it to kselftest.h which is central location and tests use this header. Then use this new macro. Signed-off-by: Muhammad Usama Anjum <usama.anjum(a)collabora.com> --- tools/testing/selftests/kselftest.h | 4 ++++ tools/testing/selftests/mm/protection_keys.c | 2 +- tools/testing/selftests/net/ovpn/ovpn-cli.c | 3 ++- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kselftest.h b/tools/testing/selftests/kselftest.h index 661d31c4b558c..274480e3573ab 100644 --- a/tools/testing/selftests/kselftest.h +++ b/tools/testing/selftests/kselftest.h @@ -92,6 +92,10 @@ #endif #define __printf(a, b) __attribute__((format(printf, a, b))) +#ifndef __always_unused +#define __always_unused __attribute__((__unused__)) +#endif + #ifndef __maybe_unused #define __maybe_unused __attribute__((__unused__)) #endif diff --git a/tools/testing/selftests/mm/protection_keys.c b/tools/testing/selftests/mm/protection_keys.c index 6281d4c61b50e..2085982dba696 100644 --- a/tools/testing/selftests/mm/protection_keys.c +++ b/tools/testing/selftests/mm/protection_keys.c @@ -1302,7 +1302,7 @@ static void test_mprotect_with_pkey_0(int *ptr, u16 pkey) static void test_ptrace_of_child(int *ptr, u16 pkey) { - __attribute__((__unused__)) int peek_result; + __always_unused int peek_result; pid_t child_pid; void *ignored = 0; long ret; diff --git a/tools/testing/selftests/net/ovpn/ovpn-cli.c b/tools/testing/selftests/net/ovpn/ovpn-cli.c index 9201f2905f2ce..688a5fa6fdacd 100644 --- a/tools/testing/selftests/net/ovpn/ovpn-cli.c +++ b/tools/testing/selftests/net/ovpn/ovpn-cli.c @@ -32,9 +32,10 @@ #include <sys/socket.h> +#include "../../kselftest.h" + /* defines to make checkpatch happy */ #define strscpy strncpy -#define __always_unused __attribute__((__unused__)) /* libnl < 3.5.0 does not set the NLA_F_NESTED on its own, therefore we * have to explicitly do it to prevent the kernel from failing upon -- 2.47.3

1 day, 19 hours

2
1
0 0

[PATCH net 0/5] mptcp: pm: nl: announce deny-join-id0 flag

by Matthieu Baerts (NGI0)

During the connection establishment, a peer can tell the other one that it cannot establish new subflows to the initial IP address and port by setting the 'C' flag [1]. Doing so makes sense when the sender is behind a strict NAT, operating behind a legacy Layer 4 load balancer, or using anycast IP address for example. When this 'C' flag is set, the path-managers must then not try to establish new subflows to the other peer's initial IP address and port. The in-kernel PM has access to this info, but the userspace PM didn't, not letting the userspace daemon able to respect the RFC8684. Here are a few fixes related to this 'C' flag (aka 'deny-join-id0'): - Patch 1: add remote_deny_join_id0 info on passive connections. A fix for v5.14. - Patch 2: let the userspace PM daemon know about the deny_join_id0 attribute, so when set, it can avoid creating new subflows to the initial IP address and port. A fix for v5.19. - Patch 3: a validation for the previous commit. - Patch 4: record the deny_join_id0 info when TFO is used. A fix for v6.2. - Patch 5: not related to deny-join-id0, but it fixes errors messages in the sockopt selftests, not to create confusions. A fix for v6.5. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Geliang Tang (1): selftests: mptcp: sockopt: fix error messages Matthieu Baerts (NGI0) (4): mptcp: set remote_deny_join_id0 on SYN recv mptcp: pm: nl: announce deny-join-id0 flag selftests: mptcp: userspace pm: validate deny-join-id0 flag mptcp: tfo: record 'deny join id0' info Documentation/netlink/specs/mptcp_pm.yaml | 4 ++-- include/uapi/linux/mptcp.h | 2 ++ include/uapi/linux/mptcp_pm.h | 4 ++-- net/mptcp/options.c | 6 +++--- net/mptcp/pm_netlink.c | 7 +++++++ net/mptcp/subflow.c | 4 ++++ tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 16 ++++++++++------ tools/testing/selftests/net/mptcp/pm_nl_ctl.c | 7 +++++++ tools/testing/selftests/net/mptcp/userspace_pm.sh | 14 +++++++++++--- 9 files changed, 48 insertions(+), 16 deletions(-) --- base-commit: 2690cb089502b80b905f2abdafd1bf2d54e1abef change-id: 20250912-net-mptcp-pm-uspace-deny_join_id0-b6111e4e7e69 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 day, 20 hours

1
5
0 0

[PATCH v3 0/3] Fix va_high_addr_switch.sh test failure

by Chunyu Hu

The three patches fix the va_high_addr_switch.sh test failure on x86_64. Patch 1 fixes the hugepage setup issue that nr_hugepages is reset too early in run_vmtests.sh and break the later va_high_addr_switch testing. Patch 2 adds hugepage setup in va_high_addr_switch test, so that it can still work if vm_runtests.sh changes the hugepage setup someday. Patch 3 fixes the test failure caused by the hint addr align method change in hugetlb_get_unmapped_area(). Changes in v3: - patch 1 adds the Acked-by from David - patch 3 changes the mmap hint addr to hugepage aligned from page aligned Changes in v2: - patch 1 renames nr_hugepgs_origin to orig_nr_hugepgs - add a patch 2 to setup hugeapges in va_high_addr_switch test Chunyu Hu (3): selftests/mm: fix hugepages cleanup too early selftests/mm: alloc hugepages in va_high_addr_switch test selftests/mm: fix va_high_addr_switch.sh failure on x86_64 tools/testing/selftests/mm/run_vmtests.sh | 9 ++++- .../selftests/mm/va_high_addr_switch.c | 4 +- .../selftests/mm/va_high_addr_switch.sh | 37 +++++++++++++++++++ 3 files changed, 46 insertions(+), 4 deletions(-) -- 2.49.0

1 day, 20 hours

2
4
0 0

[PATCH 0/2] selftests/mm: Add -Wunreachable-code and fix warnings

by Muhammad Usama Anjum

This series is trimmed down version of previous more generic series[1]. In this new series, only -wunreachable-code flag is being added and dead code is being removed from generated warnings. [1] https://lore.kernel.org/all/20250822082145.4145617-1-usama.anjum@collabora.… Muhammad Usama Anjum (2): selftests/mm: Add -Wunreachable-code and fix warnings selftests/mm: protection_keys: Fix dead code tools/testing/selftests/mm/Makefile | 1 + tools/testing/selftests/mm/hmm-tests.c | 5 ++--- tools/testing/selftests/mm/pkey_sighandler_tests.c | 2 +- tools/testing/selftests/mm/protection_keys.c | 4 +--- tools/testing/selftests/mm/split_huge_page_test.c | 2 +- 5 files changed, 6 insertions(+), 8 deletions(-) -- 2.47.3

1 day, 20 hours

2
3
0 0

[PATCH net 0/5] selftests: mptcp: avoid spurious errors on TCP disconnect

by Matthieu Baerts (NGI0)

This series should fix the recent instabilities seen by MPTCP and NIPA CIs where the 'mptcp_connect.sh' tests fail regularly when running the 'disconnect' subtests with "plain" TCP sockets, e.g. # INFO: disconnect # 63 ns1 MPTCP -> ns1 (10.0.1.1:20001 ) MPTCP (duration 996ms) [ OK ] # 64 ns1 MPTCP -> ns1 (10.0.1.1:20002 ) TCP (duration 851ms) [ OK ] # 65 ns1 TCP -> ns1 (10.0.1.1:20003 ) MPTCP Unexpected revents: POLLERR/POLLNVAL(19) # (duration 896ms) [FAIL] file received by server does not match (in, out): # -rw-r--r-- 1 root root 11112852 Aug 19 09:16 /tmp/tmp.hlJe5DoMoq.disconnect # Trailing bytes are: # /{ga 6@=#.8:-rw------- 1 root root 10085368 Aug 19 09:16 /tmp/tmp.blClunilxx # Trailing bytes are: # /{ga 6@=#.8:66 ns1 MPTCP -> ns1 (dead:beef:1::1:20004) MPTCP (duration 987ms) [ OK ] # 67 ns1 MPTCP -> ns1 (dead:beef:1::1:20005) TCP (duration 911ms) [ OK ] # 68 ns1 TCP -> ns1 (dead:beef:1::1:20006) MPTCP (duration 980ms) [ OK ] # [FAIL] Tests of the full disconnection have failed These issues started to be visible after some behavioural changes in TCP, where too quick re-connections after a shutdown() can now be more easily rejected. Patch 3 modifies the selftests to wait, but this resolution revealed an issue in MPTCP which is fixed by patch 1 (a fix for v5.9 kernel). Patches 2 and 4 improve some errors reported by the selftests, and patch 5 helps with the debugging of such issues. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Note: The last two patches are not strictly fixes, but they are useful in case similar issues happen again. That's why they have been added here in this series for -net. If that's an issue, please drop them, and I can re-send them later on. --- Matthieu Baerts (NGI0) (5): mptcp: propagate shutdown to subflows when possible selftests: mptcp: connect: catch IO errors on listen side selftests: mptcp: avoid spurious errors on TCP disconnect selftests: mptcp: print trailing bytes with od selftests: mptcp: connect: print pcap prefix net/mptcp/protocol.c | 16 ++++++++++++++++ tools/testing/selftests/net/mptcp/mptcp_connect.c | 11 ++++++----- tools/testing/selftests/net/mptcp/mptcp_connect.sh | 6 +++++- tools/testing/selftests/net/mptcp/mptcp_lib.sh | 2 +- 4 files changed, 28 insertions(+), 7 deletions(-) --- base-commit: 2690cb089502b80b905f2abdafd1bf2d54e1abef change-id: 20250912-net-mptcp-fix-sft-connect-f095ad7a6e36 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 day, 20 hours

1
5
0 0

[PATCH] PMCR_EL0.N is RAZ/WI. At least a build failes in Ubuntu 22.04 LTS. Remove the set function.

by Itaru Kitayama

Signed-off-by: Itaru Kitayama <itaru.kitayama(a)fujitsu.com> --- Seen a build failure with old Ubuntu 22.04 LTS, while the latest release has no build issue, a write to the bit fields is RAZ/WI, remove the function. --- tools/testing/selftests/kvm/arm64/vpmu_counter_access.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tools/testing/selftests/kvm/arm64/vpmu_counter_access.c b/tools/testing/selftests/kvm/arm64/vpmu_counter_access.c index f16b3b27e32ed7ca57481f27d689d47783aa0345..56214a4430be90b3e1d840f2719b22dd44f0b49b 100644 --- a/tools/testing/selftests/kvm/arm64/vpmu_counter_access.c +++ b/tools/testing/selftests/kvm/arm64/vpmu_counter_access.c @@ -45,11 +45,6 @@ static uint64_t get_pmcr_n(uint64_t pmcr) return FIELD_GET(ARMV8_PMU_PMCR_N, pmcr); } -static void set_pmcr_n(uint64_t *pmcr, uint64_t pmcr_n) -{ - u64p_replace_bits((__u64 *) pmcr, pmcr_n, ARMV8_PMU_PMCR_N); -} - static uint64_t get_counters_mask(uint64_t n) { uint64_t mask = BIT(ARMV8_PMU_CYCLE_IDX); @@ -490,7 +485,6 @@ static void test_create_vpmu_vm_with_pmcr_n(uint64_t pmcr_n, bool expect_fail) * Setting a larger value of PMCR.N should not modify the field, and * return a success. */ - set_pmcr_n(&pmcr, pmcr_n); vcpu_set_reg(vcpu, KVM_ARM64_SYS_REG(SYS_PMCR_EL0), pmcr); pmcr = vcpu_get_reg(vcpu, KVM_ARM64_SYS_REG(SYS_PMCR_EL0)); --- base-commit: aae5a9834b388860844b294c70c8770dd26e528c change-id: 20250912-selftest-fix3-27f285e79d82 Best regards, -- Itaru Kitayama <itaru.kitayama(a)linux.dev>

1 day, 20 hours

3
3
0 0

[PATCH] mm: transhuge-stress: fix potential memory leak on realloc failure

by Haofeng Li

From: Haofeng Li <lihaofeng(a)kylinos.cn> When realloc() fails in transhuge-stress test, the original code exits immediately without freeing the previously allocated memory, causing a memory leak. This patch introduces a temporary pointer to hold the realloc result, ensuring proper cleanup by freeing the original map before exiting on allocation failure. Signed-off-by: Haofeng Li <lihaofeng(a)kylinos.cn> --- tools/testing/selftests/mm/transhuge-stress.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/mm/transhuge-stress.c b/tools/testing/selftests/mm/transhuge-stress.c index 68201192e37c..cbe86c5b8de0 100644 --- a/tools/testing/selftests/mm/transhuge-stress.c +++ b/tools/testing/selftests/mm/transhuge-stress.c @@ -30,7 +30,7 @@ int main(int argc, char **argv) int i = 0; char *name = NULL; double s; - uint8_t *map; + uint8_t *map, *map_tmp; size_t map_len; int pagemap_fd; int duration = 0; @@ -107,9 +107,12 @@ int main(int argc, char **argv) nr_succeed++; if (idx >= map_len) { - map = realloc(map, idx + 1); - if (!map) + map_tmp = realloc(map, idx + 1); + if (!map_tmp) { + free(map); ksft_exit_fail_msg("map realloc\n"); + } + map = map_tmp; memset(map + map_len, 0, idx + 1 - map_len); map_len = idx + 1; } -- 2.25.1

1 day, 21 hours

2
3
0 0

next-20250909: selftests/arm64/gcs/basic-gcs.c:390:30: error: use of undeclared identifier 'HWCAP_GCS'

by Naresh Kamboju

The following build warnings / errors noticed on arm64 defconfig with clang-20 and gcc-13 toolchains on the Linux next-20250909 till next-20250911 tag while building selftests/arm64. Regression Analysis: - New regression? Yes - Reproducibility? yes First seen on next-20250909 Good: next-20250908 Bad: next-20250909 till next-20250911 Test regression: next-20250909: selftests/arm64/gcs/basic-gcs.c:390:30: error: use of undeclared identifier 'HWCAP_GCS' Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> ## Build log selftests/arm64/gcs/basic-gcs.c:390:30: error: use of undeclared identifier 'HWCAP_GCS' 390 | if (!(getauxval(AT_HWCAP) & HWCAP_GCS)) | ^ 1 error generated. The suspected commit pointing to, kselftest/arm64/gcs: Use nolibc's getauxval() a985fe638344492727528e52416211dda1c391d5 ## Source * Kernel version: 6.17.0-rc5 * Git tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/next/linux-next.git * Git describe: 6.17.0-rc5-next-20250911 * Git commit: 8f21d9da46702c4d6951ba60ca8a05f42870fe8f * Architectures: arm64 * Toolchains: gcc-13 and clang-20 * Kconfigs: defconfig ## Build * Build log: https://qa-reports.linaro.org/api/testruns/29827060/log_file/ * Build details: https://regressions.linaro.org/lkft/linux-next-master/next-20250909/log-par… * Build plan: https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/builds/32RzudgbC… * Build link: https://storage.tuxsuite.com/public/linaro/lkft/builds/32RzudgbCUiqGUoFtquJ… * Kernel config: https://storage.tuxsuite.com/public/linaro/lkft/builds/32RzudgbCUiqGUoFtquJ… ## Steps to reproduce $ tuxmake --runtime podman --target-arch arm64 \ --toolchain clang-nightly \ --kconfig https://storage.tuxsuite.com/public/linaro/lkft/builds/32RzudgbCUiqGUoFtquJ… \ LLVM=1 LLVM_IAS=1 debugkernel dtbs dtbs-legacy headers kernel kselftest modules -- Linaro LKFT

1 day, 21 hours

3
7
0 0

New September Order. 93035 Friday, September 12, 2025 at 12:16:14 PM

by Info - Albinayah 868

Hi Linux-kselftest, Please provide a quote for your products: Include: 1.Pricing (per unit) 2.Delivery cost & timeline 3.Quote expiry date Deadline: September Thanks! Kamal Prasad Albinayah Trading

1 day, 22 hours

1
0
0 0

[PATCH 00/32] ns: support file handles

by Christian Brauner

For a while now we have supported file handles for pidfds. This has proven to be very useful. Extend the concept to cover namespaces as well. After this patchset it is possible to encode and decode namespace file handles using the commong name_to_handle_at() and open_by_handle_at() apis. Namespaces file descriptors can already be derived from pidfds which means they aren't subject to overmount protection bugs. IOW, it's irrelevant if the caller would not have access to an appropriate /proc/<pid>/ns/ directory as they could always just derive the namespace based on a pidfd already. It has the same advantage as pidfds. It's possible to reliably and for the lifetime of the system refer to a namespace without pinning any resources and to compare them. Permission checking is kept simple. If the caller is located in the namespace the file handle refers to they are able to open it otherwise they must hold privilege over the owning namespace of the relevant namespace. Both the network namespace and the mount namespace already have an associated cookie that isn't recycled and is fully exposed to userspace. Move this into ns_common and use the same id space for all namespaces so they can trivially and reliably be compared. There's more coming based on the iterator infrastructure but the series is large enough and focuses on file handles. Extensive selftests included. I still have various other test-suites to run but it holds up so far. Signed-off-by: Christian Brauner <brauner(a)kernel.org> --- Christian Brauner (32): pidfs: validate extensible ioctls nsfs: validate extensible ioctls block: use extensible_ioctl_valid() ns: move to_ns_common() to ns_common.h nsfs: add nsfs.h header ns: uniformly initialize ns_common mnt: use ns_common_init() ipc: use ns_common_init() cgroup: use ns_common_init() pid: use ns_common_init() time: use ns_common_init() uts: use ns_common_init() user: use ns_common_init() net: use ns_common_init() ns: remove ns_alloc_inum() nstree: make iterator generic mnt: support iterator cgroup: support iterator ipc: support iterator net: support iterator pid: support iterator time: support iterator userns: support iterator uts: support iterator ns: add to_<type>_ns() to respective headers nsfs: add current_in_namespace() nsfs: support file handles nsfs: support exhaustive file handles nsfs: add missing id retrieval support tools: update nsfs.h uapi header selftests/namespaces: add identifier selftests selftests/namespaces: add file handle selftests block/blk-integrity.c | 8 +- fs/fhandle.c | 6 + fs/internal.h | 1 + fs/mount.h | 10 +- fs/namespace.c | 156 +-- fs/nsfs.c | 266 +++- fs/pidfs.c | 2 +- include/linux/cgroup.h | 5 + include/linux/exportfs.h | 6 + include/linux/fs.h | 14 + include/linux/ipc_namespace.h | 5 + include/linux/ns_common.h | 29 + include/linux/nsfs.h | 40 + include/linux/nsproxy.h | 11 - include/linux/nstree.h | 89 ++ include/linux/pid_namespace.h | 5 + include/linux/proc_ns.h | 32 +- include/linux/time_namespace.h | 9 + include/linux/user_namespace.h | 5 + include/linux/utsname.h | 5 + include/net/net_namespace.h | 6 + include/uapi/linux/fcntl.h | 1 + include/uapi/linux/nsfs.h | 12 +- init/main.c | 2 + ipc/msgutil.c | 1 + ipc/namespace.c | 12 +- ipc/shm.c | 2 + kernel/Makefile | 2 +- kernel/cgroup/cgroup.c | 2 + kernel/cgroup/namespace.c | 24 +- kernel/nstree.c | 233 ++++ kernel/pid_namespace.c | 13 +- kernel/time/namespace.c | 23 +- kernel/user_namespace.c | 17 +- kernel/utsname.c | 28 +- net/core/net_namespace.c | 59 +- tools/include/uapi/linux/nsfs.h | 23 +- tools/testing/selftests/namespaces/.gitignore | 2 + tools/testing/selftests/namespaces/Makefile | 7 + tools/testing/selftests/namespaces/config | 7 + .../selftests/namespaces/file_handle_test.c | 1410 ++++++++++++++++++++ tools/testing/selftests/namespaces/nsid_test.c | 986 ++++++++++++++ 42 files changed, 3306 insertions(+), 270 deletions(-) --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250905-work-namespace-c68826dda0d4

1 day, 23 hours

10
72
0 0

[PATCHv3 net-next 0/5] net: common feature compute for upper interface

by Hangbin Liu

Some high-level virtual drivers need to compute features from their lower devices, but each currently has its own implementation and may miss some feature computations. This patch set introduces a common function to compute features for such devices. Currently, bonding, team, and bridge have been updated to use the new helper. v3: a) fix hw_enc_features asign order (Sabrina Dubroca) b) set virtual dev feature defination in netdev_features.h (Jakub Kicinski) c) remove unneeded err in team_del_slave (Stanislav Fomichev) d) remove NETIF_F_HW_ESP test as it needs to be test with GSO pkts (Sabrina Dubroca) v2: a) remove hard_header_len setting. I will set needed_headroom for bond/team in a separate patch as bridge has it's own ways. (Ido Schimmel) b) Add test file to Makefile, set RET=0 to a proper location. (Ido Schimmel) Hangbin Liu (5): net: add a common function to compute features from lowers devices bonding: use common function to compute the features team: use common function to compute the features net: bridge: use common function to compute the features selftests/net: add offload checking test for virtual interface drivers/net/bonding/bond_main.c | 99 +------------- drivers/net/team/team_core.c | 78 +---------- include/linux/netdev_features.h | 18 +++ include/linux/netdevice.h | 1 + net/bridge/br_if.c | 22 +--- net/core/dev.c | 76 +++++++++++ tools/testing/selftests/net/Makefile | 1 + tools/testing/selftests/net/config | 1 + tools/testing/selftests/net/vdev_offload.sh | 137 ++++++++++++++++++++ 9 files changed, 246 insertions(+), 187 deletions(-) create mode 100755 tools/testing/selftests/net/vdev_offload.sh -- 2.50.1

2 days, 2 hours

4
11
0 0

[PATCH bpf-next v3 0/4] powerpc64/bpf: Add support for bpf arena and arena atomics

by Saket Kumar Bhaskar

This patch series introduces support for the PROBE_MEM32, bpf_addr_space_cast and PROBE_ATOMIC instructions in the powerpc BPF JIT, facilitating the implementation of BPF arena and arena atomics. All selftests related to bpf_arena, bpf_arena_atomic(except load_acquire/store_release) enablement are passing: # ./test_progs -t arena_list #5/1 arena_list/arena_list_1:OK #5/2 arena_list/arena_list_1000:OK #5 arena_list:OK Summary: 1/2 PASSED, 0 SKIPPED, 0 FAILED # ./test_progs -t arena_htab #4/1 arena_htab/arena_htab_llvm:OK #4/2 arena_htab/arena_htab_asm:OK #4 arena_htab:OK Summary: 1/2 PASSED, 0 SKIPPED, 0 FAILED # ./test_progs -t verifier_arena #464/1 verifier_arena/basic_alloc1:OK #464/2 verifier_arena/basic_alloc2:OK #464/3 verifier_arena/basic_alloc3:OK #464/4 verifier_arena/iter_maps1:OK #464/5 verifier_arena/iter_maps2:OK #464/6 verifier_arena/iter_maps3:OK #464 verifier_arena:OK #465/1 verifier_arena_large/big_alloc1:OK #465/2 verifier_arena_large/big_alloc2:OK #465 verifier_arena_large:OK Summary: 2/8 PASSED, 0 SKIPPED, 0 FAILED # ./test_progs -t arena_atomics #3/1 arena_atomics/add:OK #3/2 arena_atomics/sub:OK #3/3 arena_atomics/and:OK #3/4 arena_atomics/or:OK #3/5 arena_atomics/xor:OK #3/6 arena_atomics/cmpxchg:OK #3/7 arena_atomics/xchg:OK #3/8 arena_atomics/uaf:OK #3/9 arena_atomics/load_acquire:SKIP #3/10 arena_atomics/store_release:SKIP #3 arena_atomics:OK (SKIP: 2/10) Summary: 1/8 PASSED, 2 SKIPPED, 0 FAILED Changes since v2: * Dropped arena_spin_lock selftest fix patch from the patchset as it has to go via bpf-next while these changes will go via powerpc tree. v2:https://lore.kernel.org/all/20250829165135.1273071-1-skb99@linux.ibm.com/ Changes since v1: Addressed comments from Chris: * Squashed introduction of bpf_jit_emit_probe_mem_store() and its usage in one patch. * Defined and used PPC_RAW_RLDICL_DOT to avoid the CMPDI. * Removed conditional statement for fixup[0] = PPC_RAW_LI(dst_reg, 0); * Indicated this change is limited to powerpc64 in subject. Addressed comments from Alexei: * Removed skel->rodata->nr_cpus = get_nprocs() and its usage to get currently online cpus(as it needs to be updated from userspace). Addressed comments from Hari: * Updated the bpf jit stack layout and associated macros to accommodate new NVR. v1:https://lore.kernel.org/all/20250805062747.3479221-1-skb99@linux.ibm.com/ Saket Kumar Bhaskar (4): powerpc64/bpf: Implement PROBE_MEM32 pseudo instructions powerpc64/bpf: Implement bpf_addr_space_cast instruction powerpc64/bpf: Introduce bpf_jit_emit_atomic_ops() to emit atomic instructions powerpc64/bpf: Implement PROBE_ATOMIC instructions arch/powerpc/include/asm/ppc-opcode.h | 1 + arch/powerpc/net/bpf_jit.h | 6 +- arch/powerpc/net/bpf_jit_comp.c | 32 +- arch/powerpc/net/bpf_jit_comp32.c | 2 +- arch/powerpc/net/bpf_jit_comp64.c | 401 +++++++++++++++++++------- 5 files changed, 330 insertions(+), 112 deletions(-) -- 2.43.5

2 days, 5 hours

2
5
0 0

[PATCH net-next 1/2] selftests: Disable dad for ipv6 in fcnal-test.sh

by David Ahern

Constrained test environment; duplicate address detection is not needed and causes races so disable it. Signed-off-by: David Ahern <dsahern(a)kernel.org> --- tools/testing/selftests/net/fcnal-test.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/testing/selftests/net/fcnal-test.sh b/tools/testing/selftests/net/fcnal-test.sh index 69941520e8e5..068379a79651 100755 --- a/tools/testing/selftests/net/fcnal-test.sh +++ b/tools/testing/selftests/net/fcnal-test.sh @@ -424,6 +424,8 @@ create_ns() ip netns exec ${ns} sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1 ip netns exec ${ns} sysctl -qw net.ipv6.conf.all.forwarding=1 ip netns exec ${ns} sysctl -qw net.ipv6.conf.default.forwarding=1 + ip netns exec ${ns} sysctl -qw net.ipv6.conf.default.accept_dad=0 + ip netns exec ${ns} sysctl -qw net.ipv6.conf.all.accept_dad=0 } # create veth pair to connect namespaces and apply addresses. -- 2.43.0

2 days, 7 hours

3
4
0 0

[PATCH net-next 0/5] net: common feature compute for upper interface

by Hangbin Liu

Some high-level virtual drivers need to compute features from their lower devices, but each currently has its own implementation and may miss some feature computations. This patch set introduces a common function to compute features for such devices. Currently, bonding, team, and bridge have been updated to use the new helper. Hangbin Liu (5): net: add a common function to compute features from lowers devices bonding: use common function to compute the features team: use common function to compute the features net: bridge: use common function to compute the features selftests/net: add offload checking test for virtual interface drivers/net/bonding/bond_main.c | 99 +---------- drivers/net/team/team_core.c | 73 +------- include/linux/netdevice.h | 19 +++ net/bridge/br_if.c | 22 +-- net/core/dev.c | 79 +++++++++ tools/testing/selftests/net/config | 2 + tools/testing/selftests/net/vdev_offload.sh | 174 ++++++++++++++++++++ 7 files changed, 285 insertions(+), 183 deletions(-) create mode 100755 tools/testing/selftests/net/vdev_offload.sh -- 2.50.1

2 days, 8 hours

4
15
0 0

[PATCH] selftests/Makefile: include $(INSTALL_DEP_TARGETS) in clean target to clean net/lib dependency

by Nai-Chen Cheng

The selftests 'make clean' does not clean the net/lib because it only processes $(TARGETS) and ignores $(INSTALL_DEP_TARGETS). This leaves compiled objects in net/lib after cleaning, requiring manual cleanup. Include $(INSTALL_DEP_TARGETS) in clean target to ensure net/lib dependency is properly cleaned. Signed-off-by: Nai-Chen Cheng <bleach1827(a)gmail.com> --- tools/testing/selftests/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 030da61dbff3a7e4a22d61ba3972e248a43d374d..a2d8e1093b005c9af3570246dd8b10b59e44b46b 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -314,7 +314,7 @@ gen_tar: install @echo "Created ${TAR_PATH}" clean: - @for TARGET in $(TARGETS); do \ + @for TARGET in $(TARGETS) $(INSTALL_DEP_TARGETS); do \ BUILD_TARGET=$$BUILD/$$TARGET; \ $(MAKE) OUTPUT=$$BUILD_TARGET -C $$TARGET clean;\ done; --- base-commit: 9dd1835ecda5b96ac88c166f4a87386f3e727bd9 change-id: 20250910-selftests-makefile-clean-cc2fb70e9e32 Best regards, -- Nai-Chen Cheng <bleach1827(a)gmail.com>

2 days, 9 hours

3
2
0 0

[PATCHv5 iproute2-next] iplink: bond_slave: add support for actor_port_prio

by Hangbin Liu

Add support for the actor_port_prio option for bond slaves. This per-port priority can be used by the bonding driver in ad_select to choose the higher-priority aggregator during failover. Signed-off-by: Hangbin Liu <liuhangbin(a)gmail.com> --- v5: rename port in ad_select_tbl to actor_port_prio v4: no update v3: rename ad_actor_port_prio to actor_port_prio v2: no update --- ip/iplink_bond.c | 1 + ip/iplink_bond_slave.c | 18 ++++++++++++++++-- man/man8/ip-link.8.in | 6 ++++++ 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/ip/iplink_bond.c b/ip/iplink_bond.c index d6960f6d9b03..3ae626a03e6e 100644 --- a/ip/iplink_bond.c +++ b/ip/iplink_bond.c @@ -91,6 +91,7 @@ static const char *ad_select_tbl[] = { "stable", "bandwidth", "count", + "actor_port_prio", NULL, }; diff --git a/ip/iplink_bond_slave.c b/ip/iplink_bond_slave.c index ad6875006950..c88100e248dd 100644 --- a/ip/iplink_bond_slave.c +++ b/ip/iplink_bond_slave.c @@ -15,7 +15,9 @@ static void print_explain(FILE *f) { - fprintf(f, "Usage: ... bond_slave [ queue_id ID ] [ prio PRIORITY ]\n"); + fprintf(f, "Usage: ... bond_slave [ queue_id ID ] [ prio PRIORITY ]\n" + " [ actor_port_prio PRIORITY ]\n" + ); } static void explain(void) @@ -145,12 +147,18 @@ static void bond_slave_print_opt(struct link_util *lu, FILE *f, struct rtattr *t state); print_slave_oper_state(f, "ad_partner_oper_port_state_str", state); } + + if (tb[IFLA_BOND_SLAVE_ACTOR_PORT_PRIO]) + print_int(PRINT_ANY, + "actor_port_prio", + "actor_port_prio %d ", + rta_getattr_u16(tb[IFLA_BOND_SLAVE_ACTOR_PORT_PRIO])); } static int bond_slave_parse_opt(struct link_util *lu, int argc, char **argv, struct nlmsghdr *n) { - __u16 queue_id; + __u16 queue_id, actor_port_prio; int prio; while (argc > 0) { @@ -164,6 +172,12 @@ static int bond_slave_parse_opt(struct link_util *lu, int argc, char **argv, if (get_s32(&prio, *argv, 0)) invarg("prio is invalid", *argv); addattr32(n, 1024, IFLA_BOND_SLAVE_PRIO, prio); + } else if (strcmp(*argv, "actor_port_prio") == 0) { + NEXT_ARG(); + if (get_u16(&actor_port_prio, *argv, 0)) + invarg("actor prio is invalid", *argv); + addattr16(n, 1024, IFLA_BOND_SLAVE_ACTOR_PORT_PRIO, + actor_port_prio); } else { if (matches(*argv, "help") != 0) fprintf(stderr, diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in index e3297c577152..7995943ab11f 100644 --- a/man/man8/ip-link.8.in +++ b/man/man8/ip-link.8.in @@ -2846,6 +2846,12 @@ the following additional arguments are supported: (a 32bit signed value). This option only valid for active-backup(1), balance-tlb (5) and balance-alb (6) mode. +.sp +.BI actor_port_prio " PRIORITY" +- set the slave's ad actor port priority for 802.3ad aggregation selection +logic during failover (a 16bit unsigned value). This option only valid for +802.3ad (4) mode. + .in -8 .TP -- 2.50.1

2 days, 12 hours

2
1
0 0

[PATCH 0/6] KVM ARM64 pre_fault_memory

by Jack Thomson

From: Jack Thomson <jackabt(a)amazon.com> Overview: This patch series adds ARM64 support for the KVM_PRE_FAULT_MEMORY feature, which was previously only available on x86 [1]. This allows a reduction in the number of stage-2 faults during execution. This is beneficial in post-copy migration scenarios, particularly in memory intensive applications, where high latencies are experienced due to the stage-2 faults when pre-populating memory via UFFD / memcpy. Patch Overview: - The first patch is a preparatory refactor. - The second patch is adding a page walk flag for pre-faulting. - The third patch adds support for the KVM_PRE_FAULT_MEMORY ioctl on arm64. - The fourth patch fixes an issue with unaligned mmap allocations in the selftests. - The fifth patch updates the pre_fault_memory_test to support arm64. - The last patch extends the pre_fault_memory_test to cover different vm memory backings. [1]: https://lore.kernel.org/kvm/20240710174031.312055-1-pbonzini@redhat.com Jack Thomson (6): KVM: arm64: Add __gmem_abort and __user_mem_abort KVM: arm64: Add KVM_PGTABLE_WALK_PRE_FAULT walk flag KVM: arm64: Add pre_fault_memory implementation KVM: selftests: Fix unaligned mmap allocations KVM: selftests: Enable pre_fault_memory_test for arm64 KVM: selftests: Add option for different backing in pre-fault tests arch/arm64/include/asm/kvm_pgtable.h | 3 + arch/arm64/kvm/Kconfig | 1 + arch/arm64/kvm/arm.c | 1 + arch/arm64/kvm/hyp/pgtable.c | 6 +- arch/arm64/kvm/mmu.c | 97 +++++++++++++-- tools/testing/selftests/kvm/Makefile.kvm | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 12 +- .../selftests/kvm/pre_fault_memory_test.c | 110 +++++++++++++----- 8 files changed, 186 insertions(+), 45 deletions(-) base-commit: 42188667be387867d2bf763d028654cbad046f7b -- 2.43.0

2 days, 14 hours

2
9
0 0

[PATCH v2 0/1] seccomp: Add SECCOMP_CLONE_FILTER operation

by Tom Hromatka

Add an operation, SECCOMP_CLONE_FILTER, that can copy the seccomp filters from another process to the current process. Changes from v1 to v2: * Fixed locking issues. Thanks Al, Alexei, and Kees :) * Allow filters to be cloned if CAP_SYS_ADMIN or no new privs is set * I initially had only CAP_SYS_ADMIN, but I can't think of a way no new privs is harmful here, so I added it. Thanks, Kees * Switch to passing in pidfd directly rather than a pointer to a pidfd * This more closely aligns with other pidfd syscalls * Fixed warning in the sample code reported by the test robot * Various cleanups and improvements in the selftest Note that I left in the restriction that the target process has no seccomp filters already loaded. I could see this limitation being removed in a later patchset, but there are requests for this feature at present. Finally, I re-ran the performance numbers and updated the patch with the latest numbers. The locking changes significantly sped up the clone operation, and it's now ~1900x faster than the current method. Tom Hromatka (1): seccomp: Add SECCOMP_CLONE_FILTER operation .../userspace-api/seccomp_filter.rst | 10 ++ include/uapi/linux/seccomp.h | 1 + kernel/seccomp.c | 48 ++++++ samples/seccomp/.gitignore | 1 + samples/seccomp/Makefile | 2 +- samples/seccomp/clone-filter.c | 150 ++++++++++++++++++ tools/include/uapi/linux/seccomp.h | 1 + tools/testing/selftests/seccomp/seccomp_bpf.c | 114 +++++++++++++ 8 files changed, 326 insertions(+), 1 deletion(-) create mode 100644 samples/seccomp/clone-filter.c -- 2.47.3

2 days, 15 hours

1
1
0 0

[PATCH v18 net-next 00/14] AccECN protocol patch series

by chia-yu.chang＠nokia-bell-labs.com

From: Chia-Yu Chang <chia-yu.chang(a)nokia-bell-labs.com> Hello, Please find the v18 AccECN protocol patch series, which covers the core functionality of Accurate ECN, AccECN negotiation, AccECN TCP options, and AccECN failure handling. The Accurate ECN draft can be found in https://datatracker.ietf.org/doc/html/draft-ietf-tcpm-accurate-ecn-28, and it will be RFC9768. This patch series is part of the full AccECN patch series, which is available at https://github.com/L4STeam/linux-net-next/commits/upstream_l4steam/ Best Regards, Chia-Yu --- v18 (11-Sep-2025) - Reorder tcpi_accecn_fail_mode and tcpi_accecn_opt_seen to avoid adding fields in the middle of tcp_info (Eric Dumazet <edumazet(a)google.com>) v17 (8-Sep-2025) - Change tcp_ecn_mode_max from 5 to 2 to disable AccECN enablement before the whole AccECN feature been accpeted v16 (6-Sep-2025) - Use TCP_ECN_IN_ACCECN_OUT_ACCECN, TCP_ECN_IN_ECN_OUT_ECN, and TCP_ECN_IN_ACCECN_OUT_ECN in comments of tcp_ecn_send_syn() (Eric Dumazet <edumazet(a)google.com>) - Add tcpi_accecn_fail_mode and tcpi_accecn_opt_seen to make tcp_info be multiple of 64 bits in patch #12 v15 (14-Aug-205) - Update pahole results in commit messages - Accurate ECN will become RFC9768 v14 (22-Jul-2025) - Add missing const for struct tcp_sock of tcp_accecn_option_beacon_check() of #11 (Simon Horman <horms(a)kernel.org>) v13 (18-Jul-2025) - Implement tcp_accecn_extract_syn_ect() and tcp_accecn_reflector_flags() with static array lookup of patch #6 (Paolo Abeni <pabeni(a)redhat.com>) - Fix typos in comments of #6 and remove patch #7 of v12 about simulatenous connect (Paolo Abeni <pabeni(a)redhat.com>) - Move TCP_ACCECN_E1B_INIT_OFFSET, TCP_ACCECN_E0B_INIT_OFFSET, and TCP_ACCECN_CEB_INIT_OFFSET from patch #7 to #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use static array lookup in tcp_accecn_optfield_to_ecnfield() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return false when WARN_ON_ONCE() is true in tcp_accecn_process_option() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Make synack_ecn_bytes as static const array and use const u32 pointer in tcp_options_write() of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use ALIGN() and ALIGN_DOWN() in tcp_options_fit_accecn() to pad TCP AccECN option to dword of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return TCP_ACCECN_OPT_FAIL_SEEN if WARN_ON_ONCE() is true in tcp_accecn_option_init() of #12 (Paolo Abeni <pabeni(a)redhat.com>) v12 (04-Jul-2025) - Fix compilation issues with some intermediate patches in v11 - Add more comments for AccECN helpers of tcp_ecn.h v11 (03-Jul-2025) - Fix compilation issues with some intermediate patches in v10 v10 (02-Jul-2025) - Add new patch of separated header file include/net/tcp_ecn.h to include ECN and AccECN functions (Eric Dumazet <edumazet(a)google.com>) - Add comments on the AccECN helper functions in tcp_ecn.h (Eric Dumazet <edumazet(a)google.com>) - Add documentation of tcp_ecn, tcp_ecn_option, tcp_ecn_beacon in ip-sysctl.rst to the corresponding patch (Eric Dumazet <edumazet(a)google.com>) - Split wait third ACK functionality into a separated patch from AccECN negotiation patch (Eric Dumazet <edumazet(a)google.com>) - Add READ_ONCE() over every reads of sysctl for all patches in the series (Eric Dumazet <edumazet(a)google.com>) - Merge heuristics of AccECN option ceb/cep and ACE field multi-wrap into a single patch - Add a table of SACK block reduction and required AccECN field in patch #15 commit message (Eric Dumazet <edumazet(a)google.com>) v9 (21-Jun-2025) - Use tcp_data_ecn_check() to set TCP_ECN_SEE flag only for RFC3168 ECN (Paolo Abeni <pabeni(a)redhat.com>) - Add comments about setting TCP_ECN_SEEN flag for RFC3168 and Accruate ECN (Paolo Abeni <pabeni(a)redhat.com>) - Restruct the code in the for loop of tcp_accecn_process_option() (Paolo Abeni <pabeni(a)redhat.com>) - Remove ecn_bytes and add use_synack_ecn_bytes flag to identify whether syn_ack_bytes or received_ecn_bytes is used (Paolo Abeni <pabeni(a)redhat.com>) - Replace leftover_bytes and leftover_size with leftover_highbyte and leftover_lowbyte and add comments in tcp_options_write() (Paolo Abeni <pabeni(a)redhat.com>) - Add comments and commit message about the 1st retx SYN still attempt AccECN negotiation (Paolo Abeni <pabeni(a)redhat.com>) v8 (10-Jun-2025) - Add new helper function tcp_ecn_received_counters_payload() in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Set opts->num_sack_blocks=0 to avoid potential undefined value in #8 (Paolo Abeni <pabeni(a)redhat.com>) - Reset leftover_size to 2 once leftover_bytes is used in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_opt_demand_min() in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_saw_opt_fail_recv() in #11 (Paolo Abeni <pabeni(a)redhat.com>) - Update tcp_options_fit_accecn() to avoid using recursion in #14 (Paolo Abeni <pabeni(a)redhat.com>) v7 (14-May-2025) - Modify group sizes of tcp_sock_write_txrx and tcp_sock_write_rx in #3 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Fix the issue in #4 and #5 where the RFC3168 ECN behavior in tcp_ecn_send() is changed (Paolo Abeni <pabeni(a)redhat.com>) - Modify group size of tcp_sock_write_txrx in #4 and #6 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Update commit message for #9 to explain the increase in tcp_sock_write_rx group size - Modify group size of tcp_sock_write_tx in #10 based on pahole results v6 (09-May-2025) - Add #3 to utilize exisintg holes of tcp_sock_write_txrx group for later patches (#4, #9, #10) with new u8 members (Paolo Abeni <pabeni(a)redhat.com>) - Add pahole outcomes before and after commit in #4, #5, #6, #9, #10, #15 (Paolo Abeni <pabeni(a)redhat.com>) - Define new helper function tcp_send_ack_reflect_ect() for sending ACK with reflected ECT in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add comments for function tcp_ecn_rcv_synack() in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add enum/define to be used by sysctl_tcp_ecn in #5, sysctl_tcp_ecn_option in #9, and sysctl_tcp_ecn_option_beacon in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move accecn_fail_mode and saw_accecn_opt in #5 and #11 to use exisintg holes of tcp_sock (Paolo Abeni <pabeni(a)redhat.com>) - Change data type of new members of tcp_request_sock and move them to the end of struct in #5 and #11 (Paolo Abeni <pabeni(a)redhat.com>) - Move new members of tcp_info to the end of struct in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Merge previous #7 into #9 (Paolo Abeni <pabeni(a)redhat.com>) - Mask ecnfield with INET_ECN_MASK to remove WARN_ONCE in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Reduce the indentation levels for reabability in #9 and #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move delivered_ecn_bytes to the RX group in #9, accecn_opt_tstamp to the TX group in #10, pkts_acked_ewma to the RX group in #15 (Paolo Abeni <pabeni(a)redhat.com>) - Add changes in Documentation/networking/net_cachelines/tcp_sock.rst for new tcp_sock members in #3, #5, #6, #9, #10, #15 v5 (22-Apr-2025) - Further fix for 32-bit ARM alignment in tcp.c (Simon Horman <horms(a)kernel.org>) v4 (18-Apr-2025) - Fix 32-bit ARM assertion for alignment requirement (Simon Horman <horms(a)kernel.org>) v3 (14-Apr-2025) - Fix patch apply issue in v2 (Jakub Kicinski <kuba(a)kernel.org>) v2 (18-Mar-2025) - Add one missing patch from the previous AccECN protocol preparation patch series to this patch series. --- Chia-Yu Chang (5): tcp: reorganize tcp_sock_write_txrx group for variables later tcp: ecn functions in separated include file tcp: accecn: AccECN option send control tcp: accecn: AccECN option failure handling tcp: accecn: try to fit AccECN option with SACK Ilpo Järvinen (9): tcp: reorganize SYN ECN code tcp: fast path functions later tcp: AccECN core tcp: accecn: AccECN negotiation tcp: accecn: add AccECN rx byte counters tcp: accecn: AccECN needs to know delivered bytes tcp: sack option handling improvements tcp: accecn: AccECN option tcp: accecn: AccECN option ceb/cep and ACE field multi-wrap heuristics Documentation/networking/ip-sysctl.rst | 55 +- .../networking/net_cachelines/tcp_sock.rst | 12 + include/linux/tcp.h | 32 +- include/net/netns/ipv4.h | 2 + include/net/tcp.h | 87 ++- include/net/tcp_ecn.h | 642 ++++++++++++++++++ include/uapi/linux/tcp.h | 9 + net/ipv4/syncookies.c | 4 + net/ipv4/sysctl_net_ipv4.c | 19 + net/ipv4/tcp.c | 30 +- net/ipv4/tcp_input.c | 353 ++++++++-- net/ipv4/tcp_ipv4.c | 8 +- net/ipv4/tcp_minisocks.c | 40 +- net/ipv4/tcp_output.c | 294 ++++++-- net/ipv6/syncookies.c | 2 + net/ipv6/tcp_ipv6.c | 1 + 16 files changed, 1406 insertions(+), 184 deletions(-) create mode 100644 include/net/tcp_ecn.h -- 2.34.1

2 days, 22 hours

1
14
0 0

[PATCH v17 net-next 00/14] AccECN protocol patch series

by chia-yu.chang＠nokia-bell-labs.com

From: Chia-Yu Chang <chia-yu.chang(a)nokia-bell-labs.com> Hello, Please find the v17 AccECN protocol patch series, which covers the core functionality of Accurate ECN, AccECN negotiation, AccECN TCP options, and AccECN failure handling. The Accurate ECN draft can be found in https://datatracker.ietf.org/doc/html/draft-ietf-tcpm-accurate-ecn-28, and it will be RFC9768. This patch series is part of the full AccECN patch series, which is available at https://github.com/L4STeam/linux-net-next/commits/upstream_l4steam/ Best Regards, Chia-Yu --- v17 (8-Sep-2025) - Change tcp_ecn_mode_max from 5 to 2 to disable AccECN enablement before the whole AccECN feature been accpeted v16 (6-Sep-2025) - Use TCP_ECN_IN_ACCECN_OUT_ACCECN, TCP_ECN_IN_ECN_OUT_ECN, and TCP_ECN_IN_ACCECN_OUT_ECN in comments of tcp_ecn_send_syn() (Eric Dumazet <edumazet(a)google.com>) - Add tcpi_accecn_fail_mode and tcpi_accecn_opt_seen to make tcp_info be multiple of 64 bits in patch #12 v15 (14-Aug-205) - Update pahole results in commit messages - Accurate ECN will become RFC9768 v14 (22-Jul-2025) - Add missing const for struct tcp_sock of tcp_accecn_option_beacon_check() of #11 (Simon Horman <horms(a)kernel.org>) v13 (18-Jul-2025) - Implement tcp_accecn_extract_syn_ect() and tcp_accecn_reflector_flags() with static array lookup of patch #6 (Paolo Abeni <pabeni(a)redhat.com>) - Fix typos in comments of #6 and remove patch #7 of v12 about simulatenous connect (Paolo Abeni <pabeni(a)redhat.com>) - Move TCP_ACCECN_E1B_INIT_OFFSET, TCP_ACCECN_E0B_INIT_OFFSET, and TCP_ACCECN_CEB_INIT_OFFSET from patch #7 to #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use static array lookup in tcp_accecn_optfield_to_ecnfield() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return false when WARN_ON_ONCE() is true in tcp_accecn_process_option() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Make synack_ecn_bytes as static const array and use const u32 pointer in tcp_options_write() of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use ALIGN() and ALIGN_DOWN() in tcp_options_fit_accecn() to pad TCP AccECN option to dword of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return TCP_ACCECN_OPT_FAIL_SEEN if WARN_ON_ONCE() is true in tcp_accecn_option_init() of #12 (Paolo Abeni <pabeni(a)redhat.com>) v12 (04-Jul-2025) - Fix compilation issues with some intermediate patches in v11 - Add more comments for AccECN helpers of tcp_ecn.h v11 (03-Jul-2025) - Fix compilation issues with some intermediate patches in v10 v10 (02-Jul-2025) - Add new patch of separated header file include/net/tcp_ecn.h to include ECN and AccECN functions (Eric Dumazet <edumazet(a)google.com>) - Add comments on the AccECN helper functions in tcp_ecn.h (Eric Dumazet <edumazet(a)google.com>) - Add documentation of tcp_ecn, tcp_ecn_option, tcp_ecn_beacon in ip-sysctl.rst to the corresponding patch (Eric Dumazet <edumazet(a)google.com>) - Split wait third ACK functionality into a separated patch from AccECN negotiation patch (Eric Dumazet <edumazet(a)google.com>) - Add READ_ONCE() over every reads of sysctl for all patches in the series (Eric Dumazet <edumazet(a)google.com>) - Merge heuristics of AccECN option ceb/cep and ACE field multi-wrap into a single patch - Add a table of SACK block reduction and required AccECN field in patch #15 commit message (Eric Dumazet <edumazet(a)google.com>) v9 (21-Jun-2025) - Use tcp_data_ecn_check() to set TCP_ECN_SEE flag only for RFC3168 ECN (Paolo Abeni <pabeni(a)redhat.com>) - Add comments about setting TCP_ECN_SEEN flag for RFC3168 and Accruate ECN (Paolo Abeni <pabeni(a)redhat.com>) - Restruct the code in the for loop of tcp_accecn_process_option() (Paolo Abeni <pabeni(a)redhat.com>) - Remove ecn_bytes and add use_synack_ecn_bytes flag to identify whether syn_ack_bytes or received_ecn_bytes is used (Paolo Abeni <pabeni(a)redhat.com>) - Replace leftover_bytes and leftover_size with leftover_highbyte and leftover_lowbyte and add comments in tcp_options_write() (Paolo Abeni <pabeni(a)redhat.com>) - Add comments and commit message about the 1st retx SYN still attempt AccECN negotiation (Paolo Abeni <pabeni(a)redhat.com>) v8 (10-Jun-2025) - Add new helper function tcp_ecn_received_counters_payload() in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Set opts->num_sack_blocks=0 to avoid potential undefined value in #8 (Paolo Abeni <pabeni(a)redhat.com>) - Reset leftover_size to 2 once leftover_bytes is used in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_opt_demand_min() in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_saw_opt_fail_recv() in #11 (Paolo Abeni <pabeni(a)redhat.com>) - Update tcp_options_fit_accecn() to avoid using recursion in #14 (Paolo Abeni <pabeni(a)redhat.com>) v7 (14-May-2025) - Modify group sizes of tcp_sock_write_txrx and tcp_sock_write_rx in #3 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Fix the issue in #4 and #5 where the RFC3168 ECN behavior in tcp_ecn_send() is changed (Paolo Abeni <pabeni(a)redhat.com>) - Modify group size of tcp_sock_write_txrx in #4 and #6 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Update commit message for #9 to explain the increase in tcp_sock_write_rx group size - Modify group size of tcp_sock_write_tx in #10 based on pahole results v6 (09-May-2025) - Add #3 to utilize exisintg holes of tcp_sock_write_txrx group for later patches (#4, #9, #10) with new u8 members (Paolo Abeni <pabeni(a)redhat.com>) - Add pahole outcomes before and after commit in #4, #5, #6, #9, #10, #15 (Paolo Abeni <pabeni(a)redhat.com>) - Define new helper function tcp_send_ack_reflect_ect() for sending ACK with reflected ECT in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add comments for function tcp_ecn_rcv_synack() in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add enum/define to be used by sysctl_tcp_ecn in #5, sysctl_tcp_ecn_option in #9, and sysctl_tcp_ecn_option_beacon in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move accecn_fail_mode and saw_accecn_opt in #5 and #11 to use exisintg holes of tcp_sock (Paolo Abeni <pabeni(a)redhat.com>) - Change data type of new members of tcp_request_sock and move them to the end of struct in #5 and #11 (Paolo Abeni <pabeni(a)redhat.com>) - Move new members of tcp_info to the end of struct in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Merge previous #7 into #9 (Paolo Abeni <pabeni(a)redhat.com>) - Mask ecnfield with INET_ECN_MASK to remove WARN_ONCE in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Reduce the indentation levels for reabability in #9 and #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move delivered_ecn_bytes to the RX group in #9, accecn_opt_tstamp to the TX group in #10, pkts_acked_ewma to the RX group in #15 (Paolo Abeni <pabeni(a)redhat.com>) - Add changes in Documentation/networking/net_cachelines/tcp_sock.rst for new tcp_sock members in #3, #5, #6, #9, #10, #15 v5 (22-Apr-2025) - Further fix for 32-bit ARM alignment in tcp.c (Simon Horman <horms(a)kernel.org>) v4 (18-Apr-2025) - Fix 32-bit ARM assertion for alignment requirement (Simon Horman <horms(a)kernel.org>) v3 (14-Apr-2025) - Fix patch apply issue in v2 (Jakub Kicinski <kuba(a)kernel.org>) v2 (18-Mar-2025) - Add one missing patch from the previous AccECN protocol preparation patch series to this patch series. --- Chia-Yu Chang (5): tcp: reorganize tcp_sock_write_txrx group for variables later tcp: ecn functions in separated include file tcp: accecn: AccECN option send control tcp: accecn: AccECN option failure handling tcp: accecn: try to fit AccECN option with SACK Ilpo Järvinen (9): tcp: reorganize SYN ECN code tcp: fast path functions later tcp: AccECN core tcp: accecn: AccECN negotiation tcp: accecn: add AccECN rx byte counters tcp: accecn: AccECN needs to know delivered bytes tcp: sack option handling improvements tcp: accecn: AccECN option tcp: accecn: AccECN option ceb/cep and ACE field multi-wrap heuristics Documentation/networking/ip-sysctl.rst | 55 +- .../networking/net_cachelines/tcp_sock.rst | 12 + include/linux/tcp.h | 32 +- include/net/netns/ipv4.h | 2 + include/net/tcp.h | 87 ++- include/net/tcp_ecn.h | 642 ++++++++++++++++++ include/uapi/linux/tcp.h | 9 + net/ipv4/syncookies.c | 4 + net/ipv4/sysctl_net_ipv4.c | 19 + net/ipv4/tcp.c | 30 +- net/ipv4/tcp_input.c | 353 ++++++++-- net/ipv4/tcp_ipv4.c | 8 +- net/ipv4/tcp_minisocks.c | 40 +- net/ipv4/tcp_output.c | 294 ++++++-- net/ipv6/syncookies.c | 2 + net/ipv6/tcp_ipv6.c | 1 + 16 files changed, 1406 insertions(+), 184 deletions(-) create mode 100644 include/net/tcp_ecn.h -- 2.34.1

2 days, 22 hours

3
20
0 0

[PATCH net-next v3] selftests: net: Add tests to verify team driver option set and get.

by Marc Harvey

There are currently no kernel tests that verify setting and getting options of the team driver. In the future, options may be added that implicitly change other options, which will make it useful to have tests like these that show nothing breaks. There will be a follow up patch to this that adds new "rx_enabled" and "tx_enabled" options, which will implicitly affect the "enabled" option value and vice versa. The tests use teamnl to first set options to specific values and then gets them to compare to the set values. Signed-off-by: Marc Harvey <marcharvey(a)google.com> --- Changes in v3: - Applied minor style changes based on v2 feedback. - Link to v2: https://lore.kernel.org/netdev/20250904015424.1228665-1-marcharvey@google.c… Changes in v2: - Fixed shellcheck failures. - Fixed test failing in vng by adding a config option to enable the team driver's active backup mode. - Link to v1: https://lore.kernel.org/netdev/20250902235504.4190036-1-marcharvey@google.c… .../selftests/drivers/net/team/Makefile | 6 +- .../testing/selftests/drivers/net/team/config | 1 + .../selftests/drivers/net/team/options.sh | 188 ++++++++++++++++++ 3 files changed, 193 insertions(+), 2 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/team/options.sh diff --git a/tools/testing/selftests/drivers/net/team/Makefile b/tools/testing/selftests/drivers/net/team/Makefile index eaf6938f100e..89d854c7e674 100644 --- a/tools/testing/selftests/drivers/net/team/Makefile +++ b/tools/testing/selftests/drivers/net/team/Makefile @@ -1,11 +1,13 @@ # SPDX-License-Identifier: GPL-2.0 # Makefile for net selftests -TEST_PROGS := dev_addr_lists.sh propagation.sh +TEST_PROGS := dev_addr_lists.sh propagation.sh options.sh TEST_INCLUDES := \ ../bonding/lag_lib.sh \ ../../../net/forwarding/lib.sh \ - ../../../net/lib.sh + ../../../net/lib.sh \ + ../../../net/in_netns.sh \ + ../../../net/lib/sh/defer.sh include ../../../lib.mk diff --git a/tools/testing/selftests/drivers/net/team/config b/tools/testing/selftests/drivers/net/team/config index 636b3525b679..558e1d0cf565 100644 --- a/tools/testing/selftests/drivers/net/team/config +++ b/tools/testing/selftests/drivers/net/team/config @@ -3,4 +3,5 @@ CONFIG_IPV6=y CONFIG_MACVLAN=y CONFIG_NETDEVSIM=m CONFIG_NET_TEAM=y +CONFIG_NET_TEAM_MODE_ACTIVEBACKUP=y CONFIG_NET_TEAM_MODE_LOADBALANCE=y diff --git a/tools/testing/selftests/drivers/net/team/options.sh b/tools/testing/selftests/drivers/net/team/options.sh new file mode 100755 index 000000000000..44888f32b513 --- /dev/null +++ b/tools/testing/selftests/drivers/net/team/options.sh @@ -0,0 +1,188 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +# These tests verify basic set and get functionality of the team +# driver options over netlink. + +# Run in private netns. +test_dir="$(dirname "$0")" +if [[ $# -eq 0 ]]; then + "${test_dir}"/../../../net/in_netns.sh "$0" __subprocess + exit $? +fi + +ALL_TESTS=" + team_test_options +" + +source "${test_dir}/../../../net/lib.sh" + +TEAM_PORT="team0" +MEMBER_PORT="dummy0" + +setup() +{ + ip link add name "${MEMBER_PORT}" type dummy + ip link add name "${TEAM_PORT}" type team +} + +get_and_check_value() +{ + local option_name="$1" + local expected_value="$2" + local port_flag="$3" + + local value_from_get + + if ! value_from_get=$(teamnl "${TEAM_PORT}" getoption "${option_name}" \ + "${port_flag}"); then + echo "Could not get option '${option_name}'" >&2 + return 1 + fi + + if [[ "${value_from_get}" != "${expected_value}" ]]; then + echo "Incorrect value for option '${option_name}'" >&2 + echo "get (${value_from_get}) != set (${expected_value})" >&2 + return 1 + fi +} + +set_and_check_get() +{ + local option_name="$1" + local option_value="$2" + local port_flag="$3" + + local value_from_get + + if ! teamnl "${TEAM_PORT}" setoption "${option_name}" \ + "${option_value}" "${port_flag}"; then + echo "'setoption ${option_name} ${option_value}' failed" >&2 + return 1 + fi + + get_and_check_value "${option_name}" "${option_value}" "${port_flag}" + return $? +} + +# Get a "port flag" to pass to the `teamnl` command. +# E.g. $1="dummy0" -> "port=dummy0", +# $1="" -> "" +get_port_flag() +{ + local port_name="$1" + + if [[ -n "${port_name}" ]]; then + echo "--port=${port_name}" + fi +} + +attach_port_if_specified() +{ + local port_name="$1" + + if [[ -n "${port_name}" ]]; then + ip link set dev "${port_name}" master "${TEAM_PORT}" + return $? + fi +} + +detach_port_if_specified() +{ + local port_name="$1" + + if [[ -n "${port_name}" ]]; then + ip link set dev "${port_name}" nomaster + return $? + fi +} + +# Test that an option's get value matches its set value. +# Globals: +# RET - Used by testing infra like `check_err`. +# EXIT_STATUS - Used by `log_test` for whole script exit value. +# Arguments: +# option_name - The name of the option. +# value_1 - The first value to try setting. +# value_2 - The second value to try setting. +# port_name - The (optional) name of the attached port. +team_test_option() +{ + local option_name="$1" + local value_1="$2" + local value_2="$3" + local possible_values="$2 $3 $2" + local port_name="$4" + local port_flag + + RET=0 + + echo "Setting '${option_name}' to '${value_1}' and '${value_2}'" + + attach_port_if_specified "${port_name}" + check_err $? "Couldn't attach ${port_name} to master" + port_flag=$(get_port_flag "${port_name}") + + # Set and get both possible values. + for value in ${possible_values}; do + set_and_check_get "${option_name}" "${value}" "${port_flag}" + check_err $? "Failed to set '${option_name}' to '${value}'" + done + + detach_port_if_specified "${port_name}" + check_err $? "Couldn't detach ${port_name} from its master" + + log_test "Set + Get '${option_name}' test" +} + +# Test that getting a non-existant option fails. +# Globals: +# RET - Used by testing infra like `check_err`. +# EXIT_STATUS - Used by `log_test` for whole script exit value. +# Arguments: +# option_name - The name of the option. +# port_name - The (optional) name of the attached port. +team_test_get_option_fails() +{ + local option_name="$1" + local port_name="$2" + local port_flag + + RET=0 + + attach_port_if_specified "${port_name}" + check_err $? "Couldn't attach ${port_name} to master" + port_flag=$(get_port_flag "${port_name}") + + # Just confirm that getting the value fails. + teamnl "${TEAM_PORT}" getoption "${option_name}" "${port_flag}" + check_fail $? "Shouldn't be able to get option '${option_name}'" + + detach_port_if_specified "${port_name}" + + log_test "Get '${option_name}' fails" +} + +team_test_options() +{ + # Wrong option name behavior. + team_test_get_option_fails fake_option1 + team_test_get_option_fails fake_option2 "${MEMBER_PORT}" + + # Correct set and get behavior. + team_test_option mode activebackup loadbalance + team_test_option notify_peers_count 0 5 + team_test_option notify_peers_interval 0 5 + team_test_option mcast_rejoin_count 0 5 + team_test_option mcast_rejoin_interval 0 5 + team_test_option enabled true false "${MEMBER_PORT}" + team_test_option user_linkup true false "${MEMBER_PORT}" + team_test_option user_linkup_enabled true false "${MEMBER_PORT}" + team_test_option priority 10 20 "${MEMBER_PORT}" + team_test_option queue_id 0 1 "${MEMBER_PORT}" +} + +require_command teamnl +setup +tests_run +exit "${EXIT_STATUS}" -- 2.51.0.384.g4c02a37b29-goog

3 days

2
1
0 0

[PATCH net-next 0/5] netconsole: support automatic target recovery

by Andre Carvalho

This patch series introduces target resume capability to netconsole allowing it to recover targets when underlying low-level interface comes back online. Signed-off-by: Andre Carvalho <asantostc(a)gmail.com> --- Andre Carvalho (3): netconsole: convert 'enabled' flag to enum for clearer state management netconsole: resume previously deactivated target selftests: netconsole: validate target reactivation Breno Leitao (2): netconsole: add target_state enum netconsole: add STATE_DEACTIVATED to track targets disabled by low level drivers/net/netconsole.c | 110 ++++++++++++++++----- tools/testing/selftests/drivers/net/Makefile | 1 + .../selftests/drivers/net/lib/sh/lib_netcons.sh | 23 +++++ .../selftests/drivers/net/netcons_resume.sh | 68 +++++++++++++ 4 files changed, 175 insertions(+), 27 deletions(-) --- base-commit: 3b4296f5893d3a4e19edfc3800cb79381095e55f change-id: 20250816-netcons-retrigger-a4f547bfc867 Best regards, -- Andre Carvalho <asantostc(a)gmail.com>

3 days, 1 hour

3
9
0 0

[PATCH v5 00/15] Consolidate iommu page table implementations (AMD)

by Jason Gunthorpe

[Lots of changes in comments thanks to Randy] Currently each of the iommu page table formats duplicates all of the logic to maintain the page table and perform map/unmap/etc operations. There are several different versions of the algorithms between all the different formats. The io-pgtable system provides an interface to help isolate the page table code from the iommu driver, but doesn't provide tools to implement the common algorithms. This makes it very hard to improve the state of the pagetable code under the iommu domains as any proposed improvement needs to alter a large number of different driver code paths. Combined with a lack of software based testing this makes improvement in this area very hard. iommufd wants several new page table operations: - More efficient map/unmap operations, using iommufd's batching logic - unmap that returns the physical addresses into a batch as it progresses - cut that allows splitting areas so large pages can have holes poked in them dynamically (ie guestmemfd hitless shared/private transitions) - More agressive freeing of table memory to avoid waste - Fragmenting large pages so that dirty tracking can be more granular - Reassembling large pages so that VMs can run at full IO performance in migration/dirty tracking error flows - KHO integration for kernel live upgrade Together these are algorithmically complex enough to be a very significant task to go and implement in all the page table formats we support. Just the "server" focused drivers use almost all the formats (ARMv8 S1&S2 / x86 PAE / AMDv1 / VT-D SS / RISCV) Instead of doing the duplicated work, this series takes the first step to consolidate the algorithms into one places. In spirit it is similar to the work Christoph did a few years back to pull the redundant get_user_pages() implementations out of the arch code into core MM. This unlocked a great deal of improvement in that space in the following years. I would like to see the same benefit in iommu as well. My first RFC showed a bigger picture with all most all formats and more algorithms. This series reorganizes that to be narrowly focused on just enough to convert the AMD driver to use the new mechanism. kunit tests are provided that allow good testing of the algorithms and all formats on x86, nothing is arch specific. AMD is one of the simpler options as the HW is quite uniform with few different options/bugs while still requiring the complicated contiguous pages support. The HW also has a very simple range based invalidation approach that is easy to implement. The AMD v1 and AMD v2 page table formats are implemented bit for bit identical to the current code, tested using a compare kunit test that checks against the io-pgtable version (on github, see below). Updating the AMD driver to replace the io-pgtable layer with the new stuff is fairly straightforward now. The layering is fixed up in the new version so that all the invalidation goes through function pointers. Several small fixing patches have come out of this as I've been fixing the problems that the test suite uncovers in the current code, and implementing the fixed version in iommupt. On performance, there is a quite wide variety of implementation designs across all the drivers. Looking at some key performance across the main formats: iommu_map(): pgsz ,avg new,old ns, min new,old ns , min % (+ve is better) 2^12, 53,66 , 51,63 , 19.19 (AMDV1) 256*2^12, 386,1909 , 367,1795 , 79.79 256*2^21, 362,1633 , 355,1556 , 77.77 2^12, 56,62 , 52,59 , 11.11 (AMDv2) 256*2^12, 405,1355 , 357,1292 , 72.72 256*2^21, 393,1160 , 358,1114 , 67.67 2^12, 55,65 , 53,62 , 14.14 (VTD second stage) 256*2^12, 391,518 , 332,512 , 35.35 256*2^21, 383,635 , 336,624 , 46.46 2^12, 57,65 , 55,63 , 12.12 (ARM 64 bit) 256*2^12, 380,389 , 361,369 , 2.02 256*2^21, 358,419 , 345,400 , 13.13 iommu_unmap(): pgsz ,avg new,old ns, min new,old ns , min % (+ve is better) 2^12, 69,88 , 65,85 , 23.23 (AMDv1) 256*2^12, 353,6498 , 331,6029 , 94.94 256*2^21, 373,6014 , 360,5706 , 93.93 2^12, 71,72 , 66,69 , 4.04 (AMDv2) 256*2^12, 228,891 , 206,871 , 76.76 256*2^21, 254,721 , 245,711 , 65.65 2^12, 69,87 , 65,82 , 20.20 (VTD second stage) 256*2^12, 210,321 , 200,315 , 36.36 256*2^21, 255,349 , 238,342 , 30.30 2^12, 72,77 , 68,74 , 8.08 (ARM 64 bit) 256*2^12, 521,357 , 447,346 , -29.29 256*2^21, 489,358 , 433,345 , -25.25 * Above numbers include additional patches to remove the iommu_pgsize() overheads. gcc 13.3.0, i7-12700 This version provides fairly consistent performance across formats. ARM unmap performance is quite different because this version supports contiguous pages and uses a very different algorithm for unmapping. Though why it is so worse compared to AMDv1 I haven't figured out yet. The per-format commits include a more detailed chart. There is a second branch: https://github.com/jgunthorpe/linux/commits/iommu_pt_all Containing supporting work and future steps: - ARM short descriptor (32 bit), ARM long descriptor (64 bit) formats - RISCV format and RISCV conversion https://github.com/jgunthorpe/linux/commits/iommu_pt_riscv - Support for a DMA incoherent HW page table walker - VT-D second stage format and VT-D conversion https://github.com/jgunthorpe/linux/commits/iommu_pt_vtd - DART v1 & v2 format - Draft of a iommufd 'cut' operation to break down huge pages - A compare test that checks the iommupt formats against the iopgtable interface, including updating AMD to have a working iopgtable and patches to make VT-D have an iopgtable for testing. - A performance test to micro-benchmark map and unmap against iogptable My strategy is to go one by one for the drivers: - AMD driver conversion - RISCV page table and driver - Intel VT-D driver and VTDSS page table - Flushing improvements for RISCV - ARM SMMUv3 And concurrently work on the algorithm side: - debugfs content dump, like VT-D has - Cut support - Increase/Decrease page size support - map/unmap batching - KHO As we make more algorithm improvements the value to convert the drivers increases. This is on github: https://github.com/jgunthorpe/linux/commits/iommu_pt v4: - Text grammar updates and kdoc fixes v3: https://patch.msgid.link/r/0-v4-0d6a6726a372+18959-iommu_pt_jgg@nvidia.com - Rebase on v6.16-rc3 - Integrate the HATS/HATDis changes - Remove 'default n' from kconfig - Remove unused 'PT_FIXED_TOP_LEVEL' - Improve comments and coumentation - Fix some compile warnings from kbuild robots v2: https://patch.msgid.link/r/0-v3-a93aab628dbc+521-iommu_pt_jgg@nvidia.com - Rebase on v6.16-rc2 - s/PT_ENTRY_WORD_SIZE/PT_ITEM_WORD_SIZE/s to follow the language better - Comment and documentation updates - Add PT_TOP_PHYS_MASK to help manage alignment restrictions on the top pointer - Add missed force_aperture = true - Make pt_iommu_deinit() take care of the not-yet-inited error case internally as AMD/RISCV/VTD all shared this logic - Change gather_range() into gather_range_pages() so it also deals with the page list. This makes the following cache flushing series simpler - Fix missed update of unmap->unmapped in some error cases - Change clear_contig() to order the gather more logically - Remove goto from the error handling in __map_range_leaf() - s/log2_/oalog2_/ in places where the argument is an oaddr_t - Pass the pts to pt_table_install64/32() - Do not use SIGN_EXTEND for the AMDv2 page table because of Vasant's information on how PASID 0 works. v1: https://patch.msgid.link/r/0-v2-5c26bde5c22d+58b-iommu_pt_jgg@nvidia.com - AMD driver only, many code changes RFC: https://lore.kernel.org/all/0-v1-01fa10580981+1d-iommu_pt_jgg@nvidia.com/ Alejandro Jimenez (1): iommu/amd: Use the generic iommu page table Jason Gunthorpe (14): genpt: Generic Page Table base API genpt: Add Documentation/ files iommupt: Add the basic structure of the iommu implementation iommupt: Add the AMD IOMMU v1 page table format iommupt: Add iova_to_phys op iommupt: Add unmap_pages op iommupt: Add map_pages op iommupt: Add read_and_clear_dirty op iommupt: Add a kunit test for Generic Page Table iommupt: Add a mock pagetable format for iommufd selftest to use iommufd: Change the selftest to use iommupt instead of xarray iommupt: Add the x86 64 bit page table format iommu/amd: Remove AMD io_pgtable support iommupt: Add a kunit test for the IOMMU implementation .clang-format | 1 + Documentation/driver-api/generic_pt.rst | 140 ++ Documentation/driver-api/index.rst | 1 + drivers/iommu/Kconfig | 2 + drivers/iommu/Makefile | 1 + drivers/iommu/amd/Kconfig | 5 +- drivers/iommu/amd/Makefile | 2 +- drivers/iommu/amd/amd_iommu.h | 1 - drivers/iommu/amd/amd_iommu_types.h | 109 +- drivers/iommu/amd/io_pgtable.c | 560 -------- drivers/iommu/amd/io_pgtable_v2.c | 370 ------ drivers/iommu/amd/iommu.c | 538 ++++---- drivers/iommu/generic_pt/.kunitconfig | 13 + drivers/iommu/generic_pt/Kconfig | 67 + drivers/iommu/generic_pt/fmt/Makefile | 26 + drivers/iommu/generic_pt/fmt/amdv1.h | 409 ++++++ drivers/iommu/generic_pt/fmt/defs_amdv1.h | 21 + drivers/iommu/generic_pt/fmt/defs_x86_64.h | 21 + drivers/iommu/generic_pt/fmt/iommu_amdv1.c | 15 + drivers/iommu/generic_pt/fmt/iommu_mock.c | 10 + drivers/iommu/generic_pt/fmt/iommu_template.h | 48 + drivers/iommu/generic_pt/fmt/iommu_x86_64.c | 11 + drivers/iommu/generic_pt/fmt/x86_64.h | 248 ++++ drivers/iommu/generic_pt/iommu_pt.h | 1149 +++++++++++++++++ drivers/iommu/generic_pt/kunit_generic_pt.h | 717 ++++++++++ drivers/iommu/generic_pt/kunit_iommu.h | 183 +++ drivers/iommu/generic_pt/kunit_iommu_pt.h | 451 +++++++ drivers/iommu/generic_pt/pt_common.h | 355 +++++ drivers/iommu/generic_pt/pt_defs.h | 323 +++++ drivers/iommu/generic_pt/pt_fmt_defaults.h | 193 +++ drivers/iommu/generic_pt/pt_iter.h | 636 +++++++++ drivers/iommu/generic_pt/pt_log2.h | 130 ++ drivers/iommu/io-pgtable.c | 4 - drivers/iommu/iommufd/Kconfig | 1 + drivers/iommu/iommufd/iommufd_test.h | 11 +- drivers/iommu/iommufd/selftest.c | 438 +++---- include/linux/generic_pt/common.h | 166 +++ include/linux/generic_pt/iommu.h | 270 ++++ include/linux/io-pgtable.h | 2 - tools/testing/selftests/iommu/iommufd.c | 60 +- tools/testing/selftests/iommu/iommufd_utils.h | 12 + 41 files changed, 6128 insertions(+), 1592 deletions(-) create mode 100644 Documentation/driver-api/generic_pt.rst delete mode 100644 drivers/iommu/amd/io_pgtable.c delete mode 100644 drivers/iommu/amd/io_pgtable_v2.c create mode 100644 drivers/iommu/generic_pt/.kunitconfig create mode 100644 drivers/iommu/generic_pt/Kconfig create mode 100644 drivers/iommu/generic_pt/fmt/Makefile create mode 100644 drivers/iommu/generic_pt/fmt/amdv1.h create mode 100644 drivers/iommu/generic_pt/fmt/defs_amdv1.h create mode 100644 drivers/iommu/generic_pt/fmt/defs_x86_64.h create mode 100644 drivers/iommu/generic_pt/fmt/iommu_amdv1.c create mode 100644 drivers/iommu/generic_pt/fmt/iommu_mock.c create mode 100644 drivers/iommu/generic_pt/fmt/iommu_template.h create mode 100644 drivers/iommu/generic_pt/fmt/iommu_x86_64.c create mode 100644 drivers/iommu/generic_pt/fmt/x86_64.h create mode 100644 drivers/iommu/generic_pt/iommu_pt.h create mode 100644 drivers/iommu/generic_pt/kunit_generic_pt.h create mode 100644 drivers/iommu/generic_pt/kunit_iommu.h create mode 100644 drivers/iommu/generic_pt/kunit_iommu_pt.h create mode 100644 drivers/iommu/generic_pt/pt_common.h create mode 100644 drivers/iommu/generic_pt/pt_defs.h create mode 100644 drivers/iommu/generic_pt/pt_fmt_defaults.h create mode 100644 drivers/iommu/generic_pt/pt_iter.h create mode 100644 drivers/iommu/generic_pt/pt_log2.h create mode 100644 include/linux/generic_pt/common.h create mode 100644 include/linux/generic_pt/iommu.h base-commit: 8da0d63bd5726ff656bfa1eacb45d6f5cce65616 -- 2.43.0

3 days, 3 hours

2
18
0 0

[PATCH v2] selftests: filelock: Initialize the flock to zero

by zhouyuhang

From: Zhou Yuhang <zhouyuhang(a)kylinos.cn> On x86_64, the size of struct flock is 32 bytes, and the layout of this structure may be as follows: +------------+ offset 0 | l_type | 2 bytes +------------+ offset 2 | l_whence | 2 bytes +------------+ offset 4 | padding | 4 bytes +------------+ offset 8 | l_start | 8 bytes +------------+ offset 16 | l_len | 8 bytes +------------+ offset 24 | l_pid | 4 bytes +------------+ offset 28 | padding | 4 bytes +------------+ offset 32 Flock fl and fl2 are not initialized after definition. The padding bytes in the structure may contain random values, which could cause memcmp() to return a non-zero value, potentially leading to test failure. The output is as follows: # [INFO] opened fds 3 4 # [SUCCESS] set OFD read lock on first fd # [SUCCESS] read and write locks conflicted # [SUCCESS] F_UNLCK test returns: locked, type 0 pid -1 len 3 # [FAIL] F_UNLCK test returns: locked, type 0 pid -1 len 3 Initialize them to zero to solve this problem. Signed-off-by: Zhou Yuhang <zhouyuhang(a)kylinos.cn> --- changes in v2: - Add a description of the struct flock layout to the commit message. --- tools/testing/selftests/filelock/ofdlocks.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/testing/selftests/filelock/ofdlocks.c b/tools/testing/selftests/filelock/ofdlocks.c index a55b79810ab2..84e25505bebb 100644 --- a/tools/testing/selftests/filelock/ofdlocks.c +++ b/tools/testing/selftests/filelock/ofdlocks.c @@ -36,6 +36,8 @@ int main(void) { int rc; struct flock fl, fl2; + memset(&fl, 0, sizeof(fl)); + memset(&fl2, 0, sizeof(fl2)); int fd = open("/tmp/aa", O_RDWR | O_CREAT | O_EXCL, 0600); int fd2 = open("/tmp/aa", O_RDONLY); -- 2.33.0

3 days, 5 hours

1
0
0 0

[PATCH] selftests/mm: include linux/mman.h for prctl_thp_disable

by Usama Arif

MADV_COLLAPSE is part of linux/mman.h and needs to be included for this selftest for glibc compatibility. It is also included in other tests that use MADV_COLLAPSE. Fixes: d9c7ff4dae62 ("selftests: prctl: introduce tests for disabling THPs completely") Reported-by: Mark Brown <broonie(a)kernel.org> Closes: https://lore.kernel.org/all/c8249725-e91d-4c51-b9bb-40305e61e20d@sirena.org… Signed-off-by: Usama Arif <usamaarif642(a)gmail.com> --- tools/testing/selftests/mm/prctl_thp_disable.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/mm/prctl_thp_disable.c b/tools/testing/selftests/mm/prctl_thp_disable.c index feb711dca3a1d..84b4a4b345af5 100644 --- a/tools/testing/selftests/mm/prctl_thp_disable.c +++ b/tools/testing/selftests/mm/prctl_thp_disable.c @@ -9,6 +9,7 @@ #include <string.h> #include <unistd.h> #include <sys/mman.h> +#include <linux/mman.h> #include <sys/prctl.h> #include <sys/wait.h> -- 2.47.3

3 days, 12 hours

1
0
0 0

[PATCH net v3 0/3] net: netpoll: fix a memleak and create a selftest

by Breno Leitao

Fix a memory leak issue on netpoll and create a netconsole test that exposes the problem, when run with kmemleak enabled. This is a merge of two patches I've sent individually and are merged on the same patchset[1][2]. Link: https://lore.kernel.org/all/20250904-netconsole_torture-v2-0-5775ed5dc366@d… [1] Link: https://lore.kernel.org/all/20250902165426.6d6cd172@kernel.org/ [2] Signed-off-by: Breno Leitao <leitao(a)debian.org> --- Changes in v3: - this patchset is a merge of the fix and the selftest together as recommended by Jakub. Changes in v2: - Reuse the netconsole creation from lib_netcons.sh. Thus, refactoring the create_dynamic_target() (Jakub) - Move the "wait" to after all the messages has been sent. - Link to v1: https://lore.kernel.org/r/20250902-netconsole_torture-v1-1-03c6066598e9@deb… --- Breno Leitao (3): netpoll: fix incorrect refcount handling causing incorrect cleanup selftest: netcons: refactor target creation selftest: netcons: create a torture test net/core/netpoll.c | 7 +- tools/testing/selftests/drivers/net/Makefile | 1 + .../selftests/drivers/net/lib/sh/lib_netcons.sh | 30 +++-- .../selftests/drivers/net/netcons_torture.sh | 127 +++++++++++++++++++++ 4 files changed, 152 insertions(+), 13 deletions(-) --- base-commit: d69eb204c255c35abd9e8cb621484e8074c75eaa change-id: 20250902-netconsole_torture-8fc23f0aca99 Best regards, -- Breno Leitao <leitao(a)debian.org>

3 days, 14 hours

5
17
0 0

[PATCH] selftests/filesystems: Fix build warning on anon_inode_test

by Ranganath V N

clang warning null passed where non-null argument is expected. anon_inode_test.c:45:19: warning: argument 3 null where non-null expected [-Wnonnull] 45 | ASSERT_LT(execveat(fd_context, "", NULL, NULL, AT_EMPTY_PATH), 0); | ^~~~~~~~ Signed-off-by: Ranganath V N <vnranganath.20(a)gmail.com> --- tools/testing/selftests/filesystems/anon_inode_test.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/filesystems/anon_inode_test.c b/tools/testing/selftests/filesystems/anon_inode_test.c index 73e0a4d4fb2f..f796dad679db 100644 --- a/tools/testing/selftests/filesystems/anon_inode_test.c +++ b/tools/testing/selftests/filesystems/anon_inode_test.c @@ -38,11 +38,13 @@ TEST(anon_inode_no_chmod) TEST(anon_inode_no_exec) { int fd_context; + static char *argv[] = { NULL }; + static char *envp[] = { NULL }; fd_context = sys_fsopen("tmpfs", 0); ASSERT_GE(fd_context, 0); - ASSERT_LT(execveat(fd_context, "", NULL, NULL, AT_EMPTY_PATH), 0); + ASSERT_LT(execveat(fd_context, "", argv, envp, AT_EMPTY_PATH), 0); ASSERT_EQ(errno, EACCES); EXPECT_EQ(close(fd_context), 0); -- 2.43.0

3 days, 15 hours

1
1
0 0

[RFC PATCH v2 0/3] Add testable code specifications

by Gabriele Paoloni

[1] was an initial proposal defining testable code specifications for some functions in /drivers/char/mem.c. However a Guideline to write such specifications was missing and test cases tracing to such specifications were missing. This patchset represents a next step and is organised as follows: - patch 1/3 contains the Guideline for writing code specifications - patch 2/3 contains examples of code specfications defined for some functions of drivers/char/mem.c - patch 3/3 contains examples of selftests that map to some code specifications of patch 2/3 [1] https://lore.kernel.org/all/20250821170419.70668-1-gpaoloni@redhat.com/ --- Changes from v1: 1) Added a Guideline to write code specifications in the Linux Kernel Documentation 2) Addressed Greg KH comments in /drivers/char/mem.c 3) Added example of test cases mapping to the code specifications in /drivers/char/mem.c --- Alessandro Carminati (1): selftests/devmem: initial testset Gabriele Paoloni (2): Documentation: add guidelines for writing testable code specifications /dev/mem: Add initial documentation of memory_open() and mem_fops .../doc-guide/code-specifications.rst | 208 +++++++ Documentation/doc-guide/index.rst | 1 + drivers/char/mem.c | 231 ++++++- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/devmem/Makefile | 13 + tools/testing/selftests/devmem/debug.c | 25 + tools/testing/selftests/devmem/debug.h | 14 + tools/testing/selftests/devmem/devmem.c | 200 ++++++ tools/testing/selftests/devmem/ram_map.c | 250 ++++++++ tools/testing/selftests/devmem/ram_map.h | 38 ++ tools/testing/selftests/devmem/secret.c | 46 ++ tools/testing/selftests/devmem/secret.h | 13 + tools/testing/selftests/devmem/tests.c | 569 ++++++++++++++++++ tools/testing/selftests/devmem/tests.h | 45 ++ tools/testing/selftests/devmem/utils.c | 379 ++++++++++++ tools/testing/selftests/devmem/utils.h | 119 ++++ 16 files changed, 2146 insertions(+), 6 deletions(-) create mode 100644 Documentation/doc-guide/code-specifications.rst create mode 100644 tools/testing/selftests/devmem/Makefile create mode 100644 tools/testing/selftests/devmem/debug.c create mode 100644 tools/testing/selftests/devmem/debug.h create mode 100644 tools/testing/selftests/devmem/devmem.c create mode 100644 tools/testing/selftests/devmem/ram_map.c create mode 100644 tools/testing/selftests/devmem/ram_map.h create mode 100644 tools/testing/selftests/devmem/secret.c create mode 100644 tools/testing/selftests/devmem/secret.h create mode 100644 tools/testing/selftests/devmem/tests.c create mode 100644 tools/testing/selftests/devmem/tests.h create mode 100644 tools/testing/selftests/devmem/utils.c create mode 100644 tools/testing/selftests/devmem/utils.h -- 2.48.1

3 days, 16 hours

1
3
0 0

[PATCH] selftests/net: fix unused return value warnings in ksft.h

by Nai-Chen Cheng

The write() and read() system calls in ksft_ready() and ksft_wait() functions return values that were not being checked, causing complier warnings with GCC. Fix the warnings by casting the return values to void to indicate that ignoring them is intentional. Signed-off-by: Nai-Chen Cheng <bleach1827(a)gmail.com> --- tools/testing/selftests/net/lib/ksft.h | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/lib/ksft.h b/tools/testing/selftests/net/lib/ksft.h index 17dc34a612c64e549f634e82a23f317b2ff6a282..0ca2cb408c643bc76c0aaea684f0e7e28e6b05a6 100644 --- a/tools/testing/selftests/net/lib/ksft.h +++ b/tools/testing/selftests/net/lib/ksft.h @@ -10,6 +10,7 @@ static inline void ksft_ready(void) { const char msg[7] = "ready\n"; char *env_str; + ssize_t ret; int fd; env_str = getenv("KSFT_READY_FD"); @@ -24,7 +25,8 @@ static inline void ksft_ready(void) fd = STDOUT_FILENO; } - write(fd, msg, sizeof(msg)); + ret = write(fd, msg, sizeof(msg)); + (void)ret; if (fd != STDOUT_FILENO) close(fd); } @@ -33,6 +35,7 @@ static inline void ksft_wait(void) { char *env_str; char byte; + ssize_t ret; int fd; env_str = getenv("KSFT_WAIT_FD"); @@ -48,7 +51,8 @@ static inline void ksft_wait(void) fd = STDIN_FILENO; } - read(fd, &byte, sizeof(byte)); + ret = read(fd, &byte, sizeof(byte)); + (void)ret; if (fd != STDIN_FILENO) close(fd); } --- base-commit: d1d10cea0895264cc3769e4d9719baa94f4b250b change-id: 20250906-selftests-net-ksft-37266937bc4d Best regards, -- Nai-Chen Cheng <bleach1827(a)gmail.com>

3 days, 21 hours

3
4
0 0

[PATCH bpf-next 0/5] selftests/bpf: Extend sockmap_redir to test no-redir SK_DROP/SK_PASS

by Michal Luczaj

sockmap_redir was introduced to comprehensively test the BPF redirection. This series strives to increase the tested sockmap/sockhash code coverage; adds support for skipping the actual redirect part, allowing to simply SK_DROP or SK_PASS the packet. BPF_MAP_TYPE_SOCKMAP BPF_MAP_TYPE_SOCKHASH x sk_msg-to-egress sk_msg-to-ingress sk_skb-to-egress sk_skb-to-ingress x AF_INET, SOCK_STREAM AF_INET6, SOCK_STREAM AF_INET, SOCK_DGRAM AF_INET6, SOCK_DGRAM AF_UNIX, SOCK_STREAM AF_UNIX, SOCK_DGRAM AF_VSOCK, SOCK_STREAM AF_VSOCK, SOCK_SEQPACKET x SK_REDIRECT SK_DROP SK_PASS Patch 5 ("Support no-redirect SK_DROP/SK_PASS") implements the feature. Patches 3 ("Rename functions") and 4 ("Let test specify skel's redirect_type") make preparatory changes. I also took the opportunity to clean up (Patch 1, "Simplify try_recv()") and improve a bit (Patch 2, "Fix OOB handling"). $ cd tools/testing/selftests/bpf $ make $ sudo ./test_progs -t sockmap_redir ... Summary: 1/720 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Michal Luczaj <mhal(a)rbox.co> --- Michal Luczaj (5): selftests/bpf: sockmap_redir: Simplify try_recv() selftests/bpf: sockmap_redir: Fix OOB handling selftests/bpf: sockmap_redir: Rename functions selftests/bpf: sockmap_redir: Let test specify skel's redirect_type selftests/bpf: sockmap_redir: Support no-redirect SK_DROP/SK_PASS .../selftests/bpf/prog_tests/sockmap_redir.c | 143 +++++++++++++++------ 1 file changed, 105 insertions(+), 38 deletions(-) --- base-commit: e8a6a9d3e8cc539d281e77b9df2439f223ec8153 change-id: 20250523-redir-test-pass-drop-2f2a5edca6e1 Best regards, -- Michal Luczaj <mhal(a)rbox.co>

3 days, 23 hours

2
10
0 0

[PATCH v1] selftests/mm: gup_tests: option to GUP all pages in a single call

by David Hildenbrand

We recently missed detecting an issue during early testing because the default (!all) tests would not trigger it and even when running "all" tests it only would happen sometimes because of races. So let's allow for an easy way to specify "GUP all pages in a single call", extend the test matrix and extend our default (!all) tests. By GUP'ing all pages in a single call, with the default size of 128MiB we'll cover multiple leaf page tables / PMDs on architectures with sane THP sizes. Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Jason Gunthorpe <jgg(a)ziepe.ca> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Shuah Khan <shuah(a)kernel.org> Signed-off-by: David Hildenbrand <david(a)redhat.com> --- tools/testing/selftests/mm/gup_test.c | 2 ++ tools/testing/selftests/mm/run_vmtests.sh | 8 +++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/mm/gup_test.c b/tools/testing/selftests/mm/gup_test.c index bdeaac67ff9aa..8900b840c17a7 100644 --- a/tools/testing/selftests/mm/gup_test.c +++ b/tools/testing/selftests/mm/gup_test.c @@ -139,6 +139,8 @@ int main(int argc, char **argv) break; case 'n': nr_pages = atoi(optarg); + if (nr_pages < 0) + nr_pages = size / psize(); break; case 't': thp = 1; diff --git a/tools/testing/selftests/mm/run_vmtests.sh b/tools/testing/selftests/mm/run_vmtests.sh index 9e88cc25b9df2..6240e579b3ba5 100755 --- a/tools/testing/selftests/mm/run_vmtests.sh +++ b/tools/testing/selftests/mm/run_vmtests.sh @@ -138,7 +138,7 @@ run_gup_matrix() { # -n: How many pages to fetch together? 512 is special # because it's default thp size (or 2M on x86), 123 to # just test partial gup when hit a huge in whatever form - for num in "-n 1" "-n 512" "-n 123"; do + for num in "-n 1" "-n 512" "-n 123" "-n -1"; do CATEGORY="gup_test" run_test ./gup_test \ $huge $test_cmd $write $share $num done @@ -313,9 +313,11 @@ if $RUN_ALL; then run_gup_matrix else # get_user_pages_fast() benchmark - CATEGORY="gup_test" run_test ./gup_test -u + CATEGORY="gup_test" run_test ./gup_test -u -n 1 + CATEGORY="gup_test" run_test ./gup_test -u -n -1 # pin_user_pages_fast() benchmark - CATEGORY="gup_test" run_test ./gup_test -a + CATEGORY="gup_test" run_test ./gup_test -a -n 1 + CATEGORY="gup_test" run_test ./gup_test -a -n -1 fi # Dump pages 0, 19, and 4096, using pin_user_pages: CATEGORY="gup_test" run_test ./gup_test -ct -F 0x1 0 19 0x1000 -- 2.50.1

3 days, 23 hours

1
0
0 0

[PATCH] selftests/mm: remove PROT_EXEC req from file-collapse tests

by Zach O'Keefe

As of v6.8 commit 7fbb5e188248 ("mm: remove VM_EXEC requirement for THP eligibility") thp collapse no longer requires file-backed mappings be created with PROT_EXEC. Remove the overly-strict dependency from thp collapse tests so we test the least-strict requirement for success. Signed-off-by: Zach O'Keefe <zokeefe(a)google.com> --- tools/testing/selftests/mm/khugepaged.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/mm/khugepaged.c b/tools/testing/selftests/mm/khugepaged.c index a18c50d51141..3fe7ef04ac62 100644 --- a/tools/testing/selftests/mm/khugepaged.c +++ b/tools/testing/selftests/mm/khugepaged.c @@ -394,7 +394,7 @@ static void *file_setup_area(int nr_hpages) perror("open()"); exit(EXIT_FAILURE); } - p = mmap(BASE_ADDR, size, PROT_READ | PROT_EXEC, + p = mmap(BASE_ADDR, size, PROT_READ, MAP_PRIVATE, finfo.fd, 0); if (p == MAP_FAILED || p != BASE_ADDR) { perror("mmap()"); -- 2.51.0.384.g4c02a37b29-goog

3 days, 23 hours

5
5
0 0

[PATCH v2 net 0/2] selftests: drv-net: Fix issues in devlink_rate_tc_bw.py

by Carolina Jubran

This series fixes issues in devlink_rate_tc_bw.py selftest that made its checks unreliable and its documentation inconsistent with the actual configuration. V2: - Dropped the patch that relaxed the total bandwidth check. Jakub suggested addressing the instability with interval-based measurement and by migrating to load.py. That will be handled in a follow-up. - Link to V1: https://lore.kernel.org/netdev/20250831080641.1828455-1-cjubran@nvidia.com/ Thanks Carolina Jubran (2): selftests: drv-net: Fix and clarify TC bandwidth split in devlink_rate_tc_bw.py selftests: drv-net: Fix tolerance calculation in devlink_rate_tc_bw.py .../drivers/net/hw/devlink_rate_tc_bw.py | 100 ++++++++---------- 1 file changed, 43 insertions(+), 57 deletions(-) -- 2.38.1

4 days

2
5
0 0

[PATCH v21 0/9] PCI: EP: Add RC-to-EP doorbell with platform MSI controller

by Frank Li via B4 Relay

┌────────────┐ ┌───────────────────────────────────┐ ┌────────────────┐ │ │ │ │ │ │ │ │ │ PCI Endpoint │ │ PCI Host │ │ │ │ │ │ │ │ │◄──┤ 1.platform_msi_domain_alloc_irqs()│ │ │ │ │ │ │ │ │ │ MSI ├──►│ 2.write_msi_msg() ├──►├─BAR<n> │ │ Controller │ │ update doorbell register address│ │ │ │ │ │ for BAR │ │ │ │ │ │ │ │ 3. Write BAR<n>│ │ │◄──┼───────────────────────────────────┼───┤ │ │ │ │ │ │ │ │ ├──►│ 4.Irq Handle │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ └────────────┘ └───────────────────────────────────┘ └────────────────┘ This patches based on old https://lore.kernel.org/imx/20221124055036.1630573-1-Frank.Li@nxp.com/ Original patch only target to vntb driver. But actually it is common method. This patches add new API to pci-epf-core, so any EP driver can use it. Previous v2 discussion here. https://lore.kernel.org/imx/20230911220920.1817033-1-Frank.Li@nxp.com/ Changes in v21: - Align to bar size, try to fix Niklas reported problem. - Rebase to v6.16-rc5 - Link to v20: https://lore.kernel.org/r/20250709-ep-msi-v20-0-43d56f9bd54a@nxp.com Changes in v20: - remove set epf of_node's patch and only support one epf now. - move imx6's patch to first - detail change see each patches' change log - Link to v19: https://lore.kernel.org/r/20250609-ep-msi-v19-0-77362eaa48fa@nxp.com Changes in v19: - irq part already in v6.16-rc1, only missed pcie/dts part - rebase to v6.16-rc1 - update commit message for patch IMMUTABLE check. - Link to v18: https://lore.kernel.org/r/20250414-ep-msi-v18-0-f69b49917464@nxp.com Changes in v18: - pci-ep.yaml: sort property order, fix maxvalue to 0x7ffff for msi-map-mask and iommu-map-mask - Link to v17: https://lore.kernel.org/r/20250407-ep-msi-v17-0-633ab45a31d0@nxp.com Changes in v17: - move document part to pci-ep.yaml - Link to v16: https://lore.kernel.org/r/20250404-ep-msi-v16-0-d4919d68c0d0@nxp.com Changes in v16: - remove arm64: dts: imx95-19x19-evk: Add PCIe1 endpoint function overlay file because there are better patches, which under review. - Add document for pcie-ep msi-map usage - other change to see each patch's change log About IMMUTABLE (No change for this part, tglx provide feedback) > - This IMMUTABLE thing serves no purpose, because you don't randomly > plug this end-point block on any MSI controller. They come as part > of an SoC. "Yes and no. The problem is that the EP implementation is meant to be a generic library and while GIC-ITS guarantees immutability of the address/data pair after setup, there are architectures (x86, loongson, riscv) where the base MSI controller does not and immutability is only achieved when interrupt remapping is enabled. The latter can be disabled at boot-time and then the EP implementation becomes a lottery across affinity changes. That was my concern about this library implementation and that's why I asked for a mechanism to ensure that the underlying irqdomain provides a immutable address/data pair. So it does not matter for GIC-ITS, but in the larger picture it matters. Thanks, tglx " So it does not matter for GIC-ITS, but in the larger picture it matters. - Link to v15: https://lore.kernel.org/r/20250211-ep-msi-v15-0-bcacc1f2b1a9@nxp.com Changes in v15: - rebase to v6.14-rc1 - fix build issue find by kernel test robot - Link to v14: https://lore.kernel.org/r/20250207-ep-msi-v14-0-9671b136f2b8@nxp.com Changes in v14: Marc Zyngier raised concerns about adding DOMAIN_BUS_DEVICE_PCI_EP_MSI. As a result, the approach has been reverted to the v9 method. However, there are several improvements: MSI now supports msi-map in addition to msi-parent. - The struct device: id is used as the endpoint function (EPF) device identity to map to the stream ID (sideband information). - The EPC device tree source (DTS) utilizes msi-map to provide such information. - The EPF device's of_node is set to the EPC controller’s node. This approach is commonly used for multi-function device (MFD) platform child devices, allowing them to inherit properties from the MFD device’s DTS, such as reset-cells and gpio-cells. This method is well-suited for the current case, as the EPF is inherently created/binded to the EPC and should inherit the EPC’s DTS node properties. Additionally: Since the basic IMX95 LUT support has already been merged into the mainline, a DTS and driver increment patch is added to complete the solution. The patch is rebased onto the latest linux-next tree and aligned with the new pcitest framework. - Link to v13: https://lore.kernel.org/r/20241218-ep-msi-v13-0-646e2192dc24@nxp.com Changes in v13: - Change to use DOMAIN_BUS_PCI_DEVICE_EP_MSI - Change request id as func | vfunc << 3 - Remove IRQ_DOMAIN_MSI_IMMUTABLE Thomas Gleixner: I hope capture all your points in review comments. If missed, let me know. - Link to v12: https://lore.kernel.org/r/20241211-ep-msi-v12-0-33d4532fa520@nxp.com Changes in v12: - Change to use IRQ_DOMAIN_MSI_IMMUTABLE and add help function irq_domain_msi_is_immuatble(). - split PCI: endpoint: pci-ep-msi: Add MSI address/data pair mutable check to 3 patches - Link to v11: https://lore.kernel.org/r/20241209-ep-msi-v11-0-7434fa8397bd@nxp.com Changes in v11: - Change to use MSI_FLAG_MSG_IMMUTABLE - Link to v10: https://lore.kernel.org/r/20241204-ep-msi-v10-0-87c378dbcd6d@nxp.com Changes in v10: Thomas Gleixner: There are big change in pci-ep-msi.c. I am sure if go on the corrent path. The key improvement is remove only 1 function devices's limitation. I use new patch for imutable check, which relative additional feature compared to base enablement patch. - Remove patch Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all() - Add new patch irqchip/gic-v3-its: Avoid overwriting msi_prepare callback if provided by msi_domain_info - Remove only support 1 endpoint function limiation. - Create one MSI domain for each endpoint function devices. - Use "msi-map" in pci ep controler node, instead of of msi-parent. first argument is (func_no << 8 | vfunc_no) - Link to v9: https://lore.kernel.org/r/20241203-ep-msi-v9-0-a60dbc3f15dd@nxp.com Changes in v9 - Add patch platform-msi: Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all() - Remove patch PCI: endpoint: Add pci_epc_get_fn() API for customizable filtering - Remove API pci_epf_align_inbound_addr_lo_hi - Move doorbell_alloc in to doorbell_enable function. - Link to v8: https://lore.kernel.org/r/20241116-ep-msi-v8-0-6f1f68ffd1bb@nxp.com Changes in v8: - update helper function name to pci_epf_align_inbound_addr() - Link to v7: https://lore.kernel.org/r/20241114-ep-msi-v7-0-d4ac7aafbd2c@nxp.com Changes in v7: - Add helper function pci_epf_align_addr(); - Link to v6: https://lore.kernel.org/r/20241112-ep-msi-v6-0-45f9722e3c2a@nxp.com Changes in v6: - change doorbell_addr to doorbell_offset - use round_down() - add Niklas's test by tag - rebase to pci/endpoint - Link to v5: https://lore.kernel.org/r/20241108-ep-msi-v5-0-a14951c0d007@nxp.com Changes in v5: - Move request_irq to epf test function driver for more flexiable user case - Add fixed size bar handler - Some minor improvememtn to see each patches's changelog. - Link to v4: https://lore.kernel.org/r/20241031-ep-msi-v4-0-717da2d99b28@nxp.com Changes in v4: - Remove patch genirq/msi: Add cleanup guard define for msi_lock_descs()/msi_unlock_descs() - Use new method to avoid compatible problem. Add new command DOORBELL_ENABLE and DOORBELL_DISABLE. pcitest -B send DOORBELL_ENABLE first, EP test function driver try to remap one of BAR_N (except test register bar) to ITS MSI MMIO space. Old driver don't support new command, so failure return, not side effect. After test, DOORBELL_DISABLE command send out to recover original map, so pcitest bar test can pass as normal. - Other detail change see each patches's change log - Link to v3: https://lore.kernel.org/r/20241015-ep-msi-v3-0-cedc89a16c1a@nxp.com Change from v2 to v3 - Fixed manivannan's comments - Move common part to pci-ep-msi.c and pci-ep-msi.h - rebase to 6.12-rc1 - use RevID to distingiush old version mkdir /sys/kernel/config/pci_ep/functions/pci_epf_test/func1 echo 16 > /sys/kernel/config/pci_ep/functions/pci_epf_test/func1/msi_interrupts echo 0x080c > /sys/kernel/config/pci_ep/functions/pci_epf_test/func1/deviceid echo 0x1957 > /sys/kernel/config/pci_ep/functions/pci_epf_test/func1/vendorid echo 1 > /sys/kernel/config/pci_ep/functions/pci_epf_test/func1/revid ^^^^^^ to enable platform msi support. ln -s /sys/kernel/config/pci_ep/functions/pci_epf_test/func1 /sys/kernel/config/pci_ep/controllers/4c380000.pcie-ep - use new device ID, which identify support doorbell to avoid broken compatility. Enable doorbell support only for PCI_DEVICE_ID_IMX8_DB, while other devices keep the same behavior as before. EP side RC with old driver RC with new driver PCI_DEVICE_ID_IMX8_DB no probe doorbell enabled Other device ID doorbell disabled* doorbell disabled* * Behavior remains unchanged. Change from v1 to v2 - Add missed patch for endpont/pci-epf-test.c - Move alloc and free to epc driver from epf. - Provide general help function for EPC driver to alloc platform msi irq. - Fixed manivannan's comments. Signed-off-by: Frank Li <Frank.Li(a)nxp.com> --- Frank Li (9): PCI: imx6: Add helper function imx_pcie_add_lut_by_rid() PCI: imx6: Add LUT configuration for MSI/IOMMU in Endpoint mode PCI: endpoint: Add RC-to-EP doorbell support using platform MSI controller PCI: endpoint: pci-ep-msi: Add MSI address/data pair mutable check PCI: endpoint: Add pci_epf_align_inbound_addr() helper for address alignment PCI: endpoint: pci-epf-test: Add doorbell test support misc: pci_endpoint_test: Add doorbell test case selftests: pci_endpoint: Add doorbell test case arm64: dts: imx95: Add msi-map for pci-ep device Documentation/PCI/endpoint/pci-test-howto.rst | 14 +++ arch/arm64/boot/dts/freescale/imx95.dtsi | 1 + drivers/misc/pci_endpoint_test.c | 85 ++++++++++++- drivers/pci/controller/dwc/pci-imx6.c | 25 ++-- drivers/pci/endpoint/Kconfig | 8 ++ drivers/pci/endpoint/Makefile | 1 + drivers/pci/endpoint/functions/pci-epf-test.c | 136 +++++++++++++++++++++ drivers/pci/endpoint/pci-ep-msi.c | 98 +++++++++++++++ drivers/pci/endpoint/pci-epf-core.c | 36 ++++++ include/linux/pci-ep-msi.h | 28 +++++ include/linux/pci-epf.h | 18 +++ include/uapi/linux/pcitest.h | 1 + .../selftests/pci_endpoint/pci_endpoint_test.c | 28 +++++ 13 files changed, 470 insertions(+), 9 deletions(-) --- base-commit: d7b8f8e20813f0179d8ef519541a3527e7661d3a change-id: 20241010-ep-msi-8b4cab33b1be Best regards, -- Frank Li <Frank.Li(a)nxp.com>

4 days

5
16
0 0

[PATCH net 0/3] mptcp: misc fixes for v6.17-rc6

by Matthieu Baerts (NGI0)

Here are various unrelated fixes: - Patch 1: Fix a wrong attribute type in the MPTCP Netlink specs. A fix for v6.7. - Patch 2: Avoid mentioning a deprecated MPTCP sysctl knob in the doc. A fix for v6.15. - Patch 3: Handle new warnings from ShellCheck v0.11.0. This prevents some warnings reported by some CIs. If it is not a good material for 'net', please drop it and I can resend it later, targeting 'net-next'. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Matthieu Baerts (NGI0) (3): netlink: specs: mptcp: fix if-idx attribute type doc: mptcp: net.mptcp.pm_type is deprecated selftests: mptcp: shellcheck: support v0.11.0 Documentation/netlink/specs/mptcp_pm.yaml | 2 +- Documentation/networking/mptcp.rst | 8 ++++---- tools/testing/selftests/net/mptcp/diag.sh | 2 +- tools/testing/selftests/net/mptcp/mptcp_connect.sh | 2 +- tools/testing/selftests/net/mptcp/mptcp_join.sh | 2 +- tools/testing/selftests/net/mptcp/mptcp_sockopt.sh | 2 +- tools/testing/selftests/net/mptcp/pm_netlink.sh | 5 +++-- tools/testing/selftests/net/mptcp/simult_flows.sh | 2 +- tools/testing/selftests/net/mptcp/userspace_pm.sh | 2 +- 9 files changed, 14 insertions(+), 13 deletions(-) --- base-commit: e2a10daba84968f6b5777d150985fd7d6abc9c84 change-id: 20250908-net-mptcp-misc-fixes-6-17-rc5-7550f5f90b66 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

4 days

6
10
0 0

[PATCH v10 00/21] TDX KVM selftests

by Sagi Shahar

This is v10 of the TDX selftests. This series is based on v6.17-rc4 and has a dependency on "KVM: TDX: Force split irqchip for TDX at irqchip creation time" [1] Changes from v9 [2]: - Rebased on top of v6.17-rc4. - Addressed the comments from v9. - Removed special handling for split irqchip in the test code in favor for the kvm fix in [1]. - Removed outdated support for VM memory not backed by guest_memfd. - Split "KVM: selftests: Hook TDX support to vm and vcpu creation" into 4 separate patches. [1] https://lore.kernel.org/lkml/20250904062007.622530-1-sagis@google.com/ [2] https://lore.kernel.org/lkml/20250821042915.3712925-1-sagis@google.com/ Ackerley Tng (2): KVM: selftests: Add helpers to init TDX memory and finalize VM KVM: selftests: Add ucall support for TDX Erdem Aktas (2): KVM: selftests: Add TDX boot code KVM: selftests: Add support for TDX TDCALL from guest Isaku Yamahata (2): KVM: selftests: Update kvm_init_vm_address_properties() for TDX KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to validate TDs' attribute configuration Sagi Shahar (15): KVM: selftests: Allocate pgd in virt_map() as necessary KVM: selftests: Expose functions to get default sregs values KVM: selftests: Expose function to allocate guest vCPU stack KVM: selftests: Expose segment definitons to assembly files KVM: selftests: Add kbuild definitons KVM: selftests: Define structs to pass parameters to TDX boot code KVM: selftests: Set up TDX boot code region KVM: selftests: Set up TDX boot parameters region KVM: selftests: Add helper to initialize TDX VM KVM: selftests: Call TDX init when creating a new TDX vm KVM: selftests: Setup memory regions for TDX on vm creation KVM: selftests: Call KVM_TDX_INIT_VCPU when creating a new TDX vcpu KVM: selftests: Set entry point for TDX guest code KVM: selftests: Add wrapper for TDX MMIO from guest KVM: selftests: Add TDX lifecycle test tools/include/linux/kbuild.h | 18 + tools/testing/selftests/kvm/Makefile.kvm | 32 ++ .../selftests/kvm/include/x86/processor.h | 35 ++ .../selftests/kvm/include/x86/processor_asm.h | 12 + .../selftests/kvm/include/x86/tdx/td_boot.h | 74 ++++ .../kvm/include/x86/tdx/td_boot_asm.h | 16 + .../selftests/kvm/include/x86/tdx/tdcall.h | 34 ++ .../selftests/kvm/include/x86/tdx/tdx.h | 14 + .../selftests/kvm/include/x86/tdx/tdx_util.h | 86 +++++ .../testing/selftests/kvm/include/x86/ucall.h | 4 +- tools/testing/selftests/kvm/lib/kvm_util.c | 10 +- .../testing/selftests/kvm/lib/x86/processor.c | 91 +++-- .../selftests/kvm/lib/x86/tdx/td_boot.S | 60 +++ .../kvm/lib/x86/tdx/td_boot_offsets.c | 21 ++ .../selftests/kvm/lib/x86/tdx/tdcall.S | 93 +++++ .../kvm/lib/x86/tdx/tdcall_offsets.c | 16 + tools/testing/selftests/kvm/lib/x86/tdx/tdx.c | 23 ++ .../selftests/kvm/lib/x86/tdx/tdx_util.c | 354 ++++++++++++++++++ tools/testing/selftests/kvm/lib/x86/ucall.c | 45 ++- tools/testing/selftests/kvm/x86/tdx_vm_test.c | 31 ++ 20 files changed, 1032 insertions(+), 37 deletions(-) create mode 100644 tools/include/linux/kbuild.h create mode 100644 tools/testing/selftests/kvm/include/x86/processor_asm.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdcall.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c create mode 100644 tools/testing/selftests/kvm/x86/tdx_vm_test.c -- 2.51.0.338.gd7d06c2dae-goog

4 days, 1 hour

2
32
0 0

[PATCH net v2 0/2] net: dst_metadata: fix DF flag extraction on tunnel rx

by Ilya Maximets

Two patches here, first fixes the issue where tunnel core doesn't actually extract DF bit from the outer IP header, even though both OVS and TC flower allow matching on it. More details in the commit message. The second is a selftest for openvswitch that reproduces the issue, but also just adds some basic coverage for the tunnel metadata extraction and related openvswitch uAPI. Version 2: * Added missing tun_dst NULL check. * Added Reviewed-by from Aaron for the selftest. Version 1: https://lore.kernel.org/netdev/20250905133105.3940420-1-i.maximets@ovn.org/ Ilya Maximets (2): net: dst_metadata: fix IP_DF bit not extracted from tunnel headers selftests: openvswitch: add a simple test for tunnel metadata include/net/dst_metadata.h | 11 ++- .../selftests/net/openvswitch/openvswitch.sh | 88 +++++++++++++++++-- 2 files changed, 90 insertions(+), 9 deletions(-) -- 2.50.1

4 days, 2 hours

2
3
0 0

[PATCHv3 net 1/2] bonding: don't set oif to bond dev when getting NS target destination

by Hangbin Liu

Unlike IPv4, IPv6 routing strictly requires the source address to be valid on the outgoing interface. If the NS target is set to a remote VLAN interface, and the source address is also configured on a VLAN over a bond interface, setting the oif to the bond device will fail to retrieve the correct destination route. Fix this by not setting the oif to the bond device when retrieving the NS target destination. This allows the correct destination device (the VLAN interface) to be determined, so that bond_verify_device_path can return the proper VLAN tags for sending NS messages. Reported-by: David Wilder <wilder(a)us.ibm.com> Closes: https://lore.kernel.org/netdev/aGOKggdfjv0cApTO@fedora/ Suggested-by: Jay Vosburgh <jv(a)jvosburgh.net> Tested-by: David Wilder <wilder(a)us.ibm.com> Acked-by: Jay Vosburgh <jv(a)jvosburgh.net> Fixes: 4e24be018eb9 ("bonding: add new parameter ns_targets") Signed-off-by: Hangbin Liu <liuhangbin(a)gmail.com> --- v3: no update v2: split the patch into 2 parts, the kernel change and test update (Jay Vosburgh) --- drivers/net/bonding/bond_main.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 257333c88710..30cf97f4e814 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -3355,7 +3355,6 @@ static void bond_ns_send_all(struct bonding *bond, struct slave *slave) /* Find out through which dev should the packet go */ memset(&fl6, 0, sizeof(struct flowi6)); fl6.daddr = targets[i]; - fl6.flowi6_oif = bond->dev->ifindex; dst = ip6_route_output(dev_net(bond->dev), NULL, &fl6); if (dst->error) { -- 2.50.1

4 days, 5 hours

1
1
0 0

[PATCH 0/7] KVM: x86: Improve the handling of debug exceptions during instruction emulation

by Hou Wenlong

During my testing, I found that guest debugging with 'DR6.BD' does not work in instruction emulation, as the current code only considers the guest's DR7. Upon reviewing the code, I also observed that the checks for the userspace guest debugging feature and the guest's own debugging feature are repeated in different places during instruction emulation, but the overall logic is the same. If guest debugging is enabled, it needs to exit to userspace; otherwise, a #DB exception needs to be injected into the guest. Therefore, as suggested by Jiangshan Lai, some cleanup has been done for #DB handling in instruction emulation in this patchset. A new function named 'kvm_inject_emulated_db()' is introduced to consolidate all the checking logic. Moreover, I hope we can make the #DB interception path use the same function as well. Additionally, when I looked into the single-step #DB handling in instruction emulation, I noticed that the interrupt shadow is toggled, but it is not considered in the single-step #DB injection. This oversight causes VM entry to fail on VMX (due to pending debug exceptions checking) or breaks the 'MOV SS' suppressed #DB. For the latter, I have kept the behavior for now in my patchset, as I need some suggestions. Hou Wenlong (7): KVM: x86: Set guest DR6 by kvm_queue_exception_p() in instruction emulation KVM: x86: Check guest debug in DR access instruction emulation KVM: x86: Only check effective code breakpoint in emulation KVM: x86: Consolidate KVM_GUESTDBG_SINGLESTEP check into the kvm_inject_emulated_db() KVM: VMX: Set 'BS' bit in pending debug exceptions during instruction emulation KVM: selftests: Verify guest debug DR7.GD checking during instruction emulation KVM: selftests: Verify 'BS' bit checking in pending debug exception during VM entry arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/emulate.c | 14 +-- arch/x86/kvm/kvm_emulate.h | 7 +- arch/x86/kvm/vmx/main.c | 9 ++ arch/x86/kvm/vmx/vmx.c | 14 ++- arch/x86/kvm/vmx/x86_ops.h | 1 + arch/x86/kvm/x86.c | 109 +++++++++++------- arch/x86/kvm/x86.h | 7 ++ .../selftests/kvm/include/x86/processor.h | 3 +- tools/testing/selftests/kvm/x86/debug_regs.c | 64 +++++++++- 11 files changed, 167 insertions(+), 63 deletions(-) base-commit: ecbcc2461839e848970468b44db32282e5059925 -- 2.31.1

4 days, 6 hours

1
2
0 0

[PATCHv2 net 1/2] bonding: set random address only when slaves already exist

by Hangbin Liu

After commit 5c3bf6cba791 ("bonding: assign random address if device address is same as bond"), bonding will erroneously randomize the MAC address of the first interface added to the bond if fail_over_mac = follow. Correct this by additionally testing for the bond being empty before randomizing the MAC. Fixes: 5c3bf6cba791 ("bonding: assign random address if device address is same as bond") Reported-by: Qiuling Ren <qren(a)redhat.com> Signed-off-by: Hangbin Liu <liuhangbin(a)gmail.com> --- drivers/net/bonding/bond_main.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 257333c88710..8832bc9f107b 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -2132,6 +2132,7 @@ int bond_enslave(struct net_device *bond_dev, struct net_device *slave_dev, memcpy(ss.__data, bond_dev->dev_addr, bond_dev->addr_len); } else if (bond->params.fail_over_mac == BOND_FOM_FOLLOW && BOND_MODE(bond) == BOND_MODE_ACTIVEBACKUP && + bond_has_slaves(bond) && memcmp(slave_dev->dev_addr, bond_dev->dev_addr, bond_dev->addr_len) == 0) { /* Set slave to random address to avoid duplicate mac * address in later fail over. -- 2.50.1

4 days, 6 hours

1
1
0 0

[PATCH net-next v2] selftests: net: replace sleeps in fcnal-test with waits

by Jakub Kicinski

fcnal-test.sh already includes lib.sh, use relevant helpers instead of sleeping. The first chunk is replacing sleep after killing background commands. All remaining ones replace sleep after starting nettest as a server with wait_local_port_listen. Reviewed-by: David Ahern <dsahern(a)kernel.org> Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- v2: no changes, previous posting had a trivial Makefile conflict v1: https://lore.kernel.org/20250907012116.3315344-1-kuba@kernel.org --- tools/testing/selftests/net/fcnal-test.sh | 430 +++++++++++----------- 1 file changed, 215 insertions(+), 215 deletions(-) diff --git a/tools/testing/selftests/net/fcnal-test.sh b/tools/testing/selftests/net/fcnal-test.sh index 4fcc38907e48..0e3304d37fd0 100755 --- a/tools/testing/selftests/net/fcnal-test.sh +++ b/tools/testing/selftests/net/fcnal-test.sh @@ -189,7 +189,7 @@ show_hint() kill_procs() { killall nettest ping ping6 >/dev/null 2>&1 - sleep 1 + slowwait 2 sh -c 'test -z "$(pgrep '"'^(nettest|ping|ping6)$'"')"' } set_ping_group() @@ -875,7 +875,7 @@ ipv4_tcp_md5_novrf() # basic use case log_start run_cmd nettest -s -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: Single address config" @@ -883,7 +883,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: Server no config, client uses password" @@ -891,7 +891,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Client uses wrong password" @@ -899,7 +899,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -s -M ${MD5_PW} -m ${NSB_LO_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: Client address does not match address configured with password" @@ -910,7 +910,7 @@ ipv4_tcp_md5_novrf() # client in prefix log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: Prefix config" @@ -918,7 +918,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Prefix config, client uses wrong password" @@ -926,7 +926,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -c ${NSB_LO_IP} -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: Prefix config, client address not in configured prefix" } @@ -943,7 +943,7 @@ ipv4_tcp_md5() # basic use case log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config" @@ -951,7 +951,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since server does not have MD5 auth" run_cmd nettest -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Server no config, client uses password" @@ -959,7 +959,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Client uses wrong password" @@ -967,7 +967,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since server config differs from client" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_LO_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Client address does not match address configured with password" @@ -978,7 +978,7 @@ ipv4_tcp_md5() # client in prefix log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config" @@ -986,7 +986,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config, client uses wrong password" @@ -994,7 +994,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since client address is outside of prefix" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -c ${NSB_LO_IP} -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config, client address not in configured prefix" @@ -1005,14 +1005,14 @@ ipv4_tcp_md5() log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF" @@ -1020,7 +1020,7 @@ ipv4_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF with VRF pw" @@ -1028,21 +1028,21 @@ ipv4_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF with default VRF pw" log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF" @@ -1050,7 +1050,7 @@ ipv4_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF with VRF pw" @@ -1058,7 +1058,7 @@ ipv4_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF with default VRF pw" @@ -1082,14 +1082,14 @@ test_ipv4_md5_vrf__vrf_server__no_bind_ifindex() log_start show_hint "Simulates applications using VRF without TCP_MD5SIG_FLAG_IFINDEX" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: VRF-bound server, unbound key accepts connection" log_start show_hint "Binding both the socket and the key is not required but it works" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: VRF-bound server, bound key accepts connection" } @@ -1103,25 +1103,25 @@ test_ipv4_md5_vrf__global_server__bind_ifindex0() log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Global server, Key bound to ifindex=0 rejects VRF connection" log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Global server, key bound to ifindex=0 accepts non-VRF connection" log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Global server, key not bound to ifindex accepts VRF connection" log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Global server, key not bound to ifindex accepts non-VRF connection" @@ -1193,7 +1193,7 @@ ipv4_tcp_novrf() do log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -1201,7 +1201,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1221,13 +1221,13 @@ ipv4_tcp_novrf() do log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client" log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" @@ -1249,7 +1249,7 @@ ipv4_tcp_novrf() do log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -0 ${a} -1 ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -1257,7 +1257,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -1266,7 +1266,7 @@ ipv4_tcp_novrf() log_start show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope" run_cmd nettest -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} log_test_addr ${a} $? 1 "Device server, unbound client, local connection" done @@ -1274,7 +1274,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -0 ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Global server, device client, local connection" @@ -1283,7 +1283,7 @@ ipv4_tcp_novrf() log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, device client, local connection" done @@ -1291,7 +1291,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -d ${NSA_DEV} -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local connection" @@ -1323,19 +1323,19 @@ ipv4_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 1 "Global server" log_start run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "VRF server" log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1352,7 +1352,7 @@ ipv4_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, local connection" @@ -1374,14 +1374,14 @@ ipv4_tcp_vrf() log_start show_hint "client socket should be bound to VRF" run_cmd nettest -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Global server" log_start show_hint "client socket should be bound to VRF" run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "VRF server" @@ -1396,7 +1396,7 @@ ipv4_tcp_vrf() log_start show_hint "client socket should be bound to device" run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1406,7 +1406,7 @@ ipv4_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since client is not bound to VRF" run_cmd nettest -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} log_test_addr ${a} $? 1 "Global server, local connection" done @@ -1418,13 +1418,13 @@ ipv4_tcp_vrf() do log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -d ${VRF} log_test_addr ${a} $? 0 "Client, VRF bind" log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" @@ -1443,7 +1443,7 @@ ipv4_tcp_vrf() do log_start run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local connection" done @@ -1451,26 +1451,26 @@ ipv4_tcp_vrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "VRF server, device client, local connection" log_start show_hint "Should fail 'No route to host' since client is out of VRF scope" run_cmd nettest -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} log_test_addr ${a} $? 1 "VRF server, unbound client, local connection" log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "Device server, VRF client, local connection" log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local connection" } @@ -1509,7 +1509,7 @@ ipv4_udp_novrf() do log_start run_cmd nettest -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Global server" @@ -1522,7 +1522,7 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1533,31 +1533,31 @@ ipv4_udp_novrf() do log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client, device bind" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -C -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client, device send via cmsg" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client, device bind via IP_UNICAST_IF" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP} -U log_test_addr ${a} $? 0 "Client, device bind via IP_UNICAST_IF, with connect()" @@ -1580,7 +1580,7 @@ ipv4_udp_novrf() do log_start run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -0 ${a} -1 ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -1588,7 +1588,7 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -1597,7 +1597,7 @@ ipv4_udp_novrf() log_start show_hint "Should fail 'Connection refused' since address is out of device scope" run_cmd nettest -s -D -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} log_test_addr ${a} $? 1 "Device server, unbound client, local connection" done @@ -1605,25 +1605,25 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Global server, device client, local connection" log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -C -r ${a} log_test_addr ${a} $? 0 "Global server, device send via cmsg, local connection" log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -S -r ${a} log_test_addr ${a} $? 0 "Global server, device client via IP_UNICAST_IF, local connection" log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -S -r ${a} -U log_test_addr ${a} $? 0 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" @@ -1636,28 +1636,28 @@ ipv4_udp_novrf() log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 2 "Global server, device client, local connection" log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -C log_test_addr ${a} $? 1 "Global server, device send via cmsg, local connection" log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection" log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -U log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" @@ -1667,7 +1667,7 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -D -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" @@ -1709,19 +1709,19 @@ ipv4_udp_vrf() log_start show_hint "Fails because ingress is in a VRF and global server is disabled" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 1 "Global server" log_start run_cmd nettest -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "VRF server" log_start run_cmd nettest -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" @@ -1733,7 +1733,7 @@ ipv4_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is out of scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 1 "Global server, VRF client, local connection" done @@ -1741,26 +1741,26 @@ ipv4_udp_vrf() a=${NSA_IP} log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, enslaved device client, local connection" a=${NSA_IP} log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn" @@ -1775,19 +1775,19 @@ ipv4_udp_vrf() do log_start run_cmd nettest -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Global server" log_start run_cmd nettest -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "VRF server" log_start run_cmd nettest -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" @@ -1802,13 +1802,13 @@ ipv4_udp_vrf() # log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -d ${VRF} -D -r ${NSB_IP} -1 ${NSA_IP} log_test $? 0 "VRF client" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -d ${NSA_DEV} -D -r ${NSB_IP} -1 ${NSA_IP} log_test $? 0 "Enslaved device client" @@ -1829,31 +1829,31 @@ ipv4_udp_vrf() a=${NSA_IP} log_start run_cmd nettest -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, device client, local conn" log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn" @@ -1861,7 +1861,7 @@ ipv4_udp_vrf() do log_start run_cmd nettest -D -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" done @@ -1870,7 +1870,7 @@ ipv4_udp_vrf() do log_start run_cmd nettest -s -D -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" done @@ -2093,7 +2093,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2107,7 +2107,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2120,7 +2120,7 @@ ipv4_rt() a=${NSA_IP} log_start run_cmd nettest ${varg} -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2134,7 +2134,7 @@ ipv4_rt() # log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${NSB_IP} & sleep 3 run_cmd ip link del ${VRF} @@ -2145,7 +2145,7 @@ ipv4_rt() log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${NSB_IP} & sleep 3 run_cmd ip link del ${VRF} @@ -2161,7 +2161,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2175,7 +2175,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2189,7 +2189,7 @@ ipv4_rt() log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2200,7 +2200,7 @@ ipv4_rt() log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2211,7 +2211,7 @@ ipv4_rt() log_start run_cmd nettest ${varg} -I ${NSA_DEV} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2561,7 +2561,7 @@ ipv6_tcp_md5_novrf() # basic use case log_start run_cmd nettest -6 -s -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: Single address config" @@ -2569,7 +2569,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: Server no config, client uses password" @@ -2577,7 +2577,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Client uses wrong password" @@ -2585,7 +2585,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NSB_LO_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: Client address does not match address configured with password" @@ -2596,7 +2596,7 @@ ipv6_tcp_md5_novrf() # client in prefix log_start run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: Prefix config" @@ -2604,7 +2604,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Prefix config, client uses wrong password" @@ -2612,7 +2612,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -c ${NSB_LO_IP6} -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: Prefix config, client address not in configured prefix" } @@ -2629,7 +2629,7 @@ ipv6_tcp_md5() # basic use case log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config" @@ -2637,7 +2637,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since server does not have MD5 auth" run_cmd nettest -6 -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Server no config, client uses password" @@ -2645,7 +2645,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Client uses wrong password" @@ -2653,7 +2653,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since server config differs from client" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_LO_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Client address does not match address configured with password" @@ -2664,7 +2664,7 @@ ipv6_tcp_md5() # client in prefix log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config" @@ -2672,7 +2672,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config, client uses wrong password" @@ -2680,7 +2680,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since client address is outside of prefix" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -c ${NSB_LO_IP6} -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config, client address not in configured prefix" @@ -2691,14 +2691,14 @@ ipv6_tcp_md5() log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF" @@ -2706,7 +2706,7 @@ ipv6_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF with VRF pw" @@ -2714,21 +2714,21 @@ ipv6_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF with default VRF pw" log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF" @@ -2736,7 +2736,7 @@ ipv6_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF with VRF pw" @@ -2744,7 +2744,7 @@ ipv6_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF with default VRF pw" @@ -2772,7 +2772,7 @@ ipv6_tcp_novrf() do log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -2793,7 +2793,7 @@ ipv6_tcp_novrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 0 "Client" done @@ -2802,7 +2802,7 @@ ipv6_tcp_novrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" done @@ -2822,7 +2822,7 @@ ipv6_tcp_novrf() do log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -2830,7 +2830,7 @@ ipv6_tcp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -2839,7 +2839,7 @@ ipv6_tcp_novrf() log_start show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope" run_cmd nettest -6 -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 1 "Device server, unbound client, local connection" done @@ -2847,7 +2847,7 @@ ipv6_tcp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "Global server, device client, local connection" @@ -2856,7 +2856,7 @@ ipv6_tcp_novrf() log_start show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, device client, local connection" done @@ -2865,7 +2865,7 @@ ipv6_tcp_novrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" done @@ -2898,7 +2898,7 @@ ipv6_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 1 "Global server" done @@ -2907,7 +2907,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -2916,7 +2916,7 @@ ipv6_tcp_vrf() a=${NSA_LINKIP6}%${NSB_DEV} log_start run_cmd nettest -6 -s -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" @@ -2924,7 +2924,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Device server" done @@ -2943,7 +2943,7 @@ ipv6_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, local connection" @@ -2964,7 +2964,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -2973,7 +2973,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -2982,13 +2982,13 @@ ipv6_tcp_vrf() a=${NSA_LINKIP6}%${NSB_DEV} log_start run_cmd nettest -6 -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server" log_start run_cmd nettest -6 -s -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" @@ -2996,7 +2996,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Device server" done @@ -3016,7 +3016,7 @@ ipv6_tcp_vrf() log_start show_hint "Fails 'Connection refused' since client is not in VRF" run_cmd nettest -6 -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 1 "Global server, local connection" done @@ -3029,7 +3029,7 @@ ipv6_tcp_vrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} log_test_addr ${a} $? 0 "Client, VRF bind" done @@ -3038,7 +3038,7 @@ ipv6_tcp_vrf() log_start show_hint "Fails since VRF device does not allow linklocal addresses" run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} log_test_addr ${a} $? 1 "Client, VRF bind" @@ -3046,7 +3046,7 @@ ipv6_tcp_vrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" done @@ -3071,7 +3071,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local connection" done @@ -3079,7 +3079,7 @@ ipv6_tcp_vrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "VRF server, device client, local connection" @@ -3087,13 +3087,13 @@ ipv6_tcp_vrf() log_start show_hint "Should fail since unbound client is out of VRF scope" run_cmd nettest -6 -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 1 "VRF server, unbound client, local connection" log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "Device server, VRF client, local connection" @@ -3101,7 +3101,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local connection" done @@ -3141,13 +3141,13 @@ ipv6_udp_novrf() do log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Global server" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Device server" done @@ -3155,7 +3155,7 @@ ipv6_udp_novrf() a=${NSA_LO_IP6} log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Global server" @@ -3165,7 +3165,7 @@ ipv6_udp_novrf() #log_start #show_hint "Should fail since loopback address is out of scope" #run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - #sleep 1 + wait_local_port_listen ${NSA} 12345 udp #run_cmd_nsb nettest -6 -D -r ${a} #log_test_addr ${a} $? 1 "Device server" @@ -3185,25 +3185,25 @@ ipv6_udp_novrf() do log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client" log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client, device bind" log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -C -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client, device send via cmsg" log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client, device bind via IPV6_UNICAST_IF" @@ -3225,7 +3225,7 @@ ipv6_udp_novrf() do log_start run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -0 ${a} -1 ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -3233,7 +3233,7 @@ ipv6_udp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -3242,7 +3242,7 @@ ipv6_udp_novrf() log_start show_hint "Should fail 'Connection refused' since address is out of device scope" run_cmd nettest -6 -s -D -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} log_test_addr ${a} $? 1 "Device server, local connection" done @@ -3250,19 +3250,19 @@ ipv6_udp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Global server, device client, local connection" log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -C -r ${a} log_test_addr ${a} $? 0 "Global server, device send via cmsg, local connection" log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -S -r ${a} log_test_addr ${a} $? 0 "Global server, device client via IPV6_UNICAST_IF, local connection" @@ -3271,28 +3271,28 @@ ipv6_udp_novrf() log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, device client, local connection" log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -C log_test_addr ${a} $? 1 "Global server, device send via cmsg, local connection" log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection" log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S -U log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" done @@ -3300,7 +3300,7 @@ ipv6_udp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -D -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" @@ -3314,7 +3314,7 @@ ipv6_udp_novrf() run_cmd_nsb ip -6 ro add ${NSA_IP6}/128 dev ${NSB_DEV} log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${NSA_IP6} log_test $? 0 "UDP in - LLA to GUA" @@ -3338,7 +3338,7 @@ ipv6_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is disabled" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 1 "Global server" done @@ -3347,7 +3347,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -3356,7 +3356,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" done @@ -3378,7 +3378,7 @@ ipv6_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is disabled" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 1 "Global server, VRF client, local conn" done @@ -3387,7 +3387,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" done @@ -3396,25 +3396,25 @@ ipv6_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is disabled" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 1 "Global server, device client, local conn" log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, device client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn" @@ -3429,7 +3429,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -3438,7 +3438,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -3447,7 +3447,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" done @@ -3465,7 +3465,7 @@ ipv6_udp_vrf() # log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${NSB_IP6} log_test $? 0 "VRF client" @@ -3476,7 +3476,7 @@ ipv6_udp_vrf() log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_IP6} log_test $? 0 "Enslaved device client" @@ -3491,13 +3491,13 @@ ipv6_udp_vrf() a=${NSA_IP6} log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" #log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" @@ -3505,13 +3505,13 @@ ipv6_udp_vrf() a=${VRF_IP6} log_start run_cmd nettest -6 -D -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" @@ -3527,25 +3527,25 @@ ipv6_udp_vrf() a=${NSA_IP6} log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Global server, device client, local conn" log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, device client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Device server, VRF client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" @@ -3557,7 +3557,7 @@ ipv6_udp_vrf() # link local addresses log_start run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -d ${NSB_DEV} -r ${NSA_LINKIP6} log_test $? 0 "Global server, linklocal IP" @@ -3568,7 +3568,7 @@ ipv6_udp_vrf() log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_LINKIP6} log_test $? 0 "Enslaved device client, linklocal IP" @@ -3579,7 +3579,7 @@ ipv6_udp_vrf() log_start run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSA_LINKIP6} log_test $? 0 "Enslaved device client, local conn - linklocal IP" @@ -3592,7 +3592,7 @@ ipv6_udp_vrf() run_cmd_nsb ip -6 ro add ${NSA_IP6}/128 dev ${NSB_DEV} log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${NSA_IP6} log_test $? 0 "UDP in - LLA to GUA" @@ -3771,7 +3771,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3785,7 +3785,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3799,7 +3799,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -I ${NSA_DEV} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3814,7 +3814,7 @@ ipv6_rt() # log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${NSB_IP6} & sleep 3 run_cmd ip link del ${VRF} @@ -3825,7 +3825,7 @@ ipv6_rt() log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${NSB_IP6} & sleep 3 run_cmd ip link del ${VRF} @@ -3842,7 +3842,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3856,7 +3856,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3869,7 +3869,7 @@ ipv6_rt() a=${NSA_IP6} log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3880,7 +3880,7 @@ ipv6_rt() log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3891,7 +3891,7 @@ ipv6_rt() log_start run_cmd nettest ${varg} -I ${NSA_DEV} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3950,7 +3950,7 @@ netfilter_tcp_reset() do log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 1 "Global server, reject with TCP-reset on Rx" done @@ -3968,7 +3968,7 @@ netfilter_icmp() do log_start run_cmd nettest ${arg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${arg} -r ${a} log_test_addr ${a} $? 1 "Global ${stype} server, Rx reject icmp-port-unreach" done @@ -4007,7 +4007,7 @@ netfilter_tcp6_reset() do log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 1 "Global server, reject with TCP-reset on Rx" done @@ -4025,7 +4025,7 @@ netfilter_icmp6() do log_start run_cmd nettest -6 -s ${arg} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 ${arg} -r ${a} log_test_addr ${a} $? 1 "Global ${stype} server, Rx reject icmp-port-unreach" done @@ -4221,12 +4221,12 @@ use_case_snat_on_vrf() run_cmd ip6tables -t nat -A POSTROUTING -p tcp -m tcp --dport ${port} -j SNAT --to-source ${NSA_LO_IP6} -o ${VRF} run_cmd_nsb nettest -s -l ${NSB_IP} -p ${port} & - sleep 1 + wait_local_port_listen ${NSB} ${port} tcp run_cmd nettest -d ${VRF} -r ${NSB_IP} -p ${port} log_test $? 0 "IPv4 TCP connection over VRF with SNAT" run_cmd_nsb nettest -6 -s -l ${NSB_IP6} -p ${port} & - sleep 1 + wait_local_port_listen ${NSB} ${port} tcp run_cmd nettest -6 -d ${VRF} -r ${NSB_IP6} -p ${port} log_test $? 0 "IPv6 TCP connection over VRF with SNAT" -- 2.51.0

4 days, 6 hours

2
5
0 0

[PATCHv2 1/2] bonding: don't set oif to bond dev when getting NS target destination

by Hangbin Liu

Unlike IPv4, IPv6 routing strictly requires the source address to be valid on the outgoing interface. If the NS target is set to a remote VLAN interface, and the source address is also configured on a VLAN over a bond interface, setting the oif to the bond device will fail to retrieve the correct destination route. Fix this by not setting the oif to the bond device when retrieving the NS target destination. This allows the correct destination device (the VLAN interface) to be determined, so that bond_verify_device_path can return the proper VLAN tags for sending NS messages. Reported-by: David Wilder <wilder(a)us.ibm.com> Closes: https://lore.kernel.org/netdev/aGOKggdfjv0cApTO@fedora/ Suggested-by: Jay Vosburgh <jv(a)jvosburgh.net> Fixes: 4e24be018eb9 ("bonding: add new parameter ns_targets") Signed-off-by: Hangbin Liu <liuhangbin(a)gmail.com> --- v2: split the patch into 2 parts, the kernel change and test update (Jay Vosburgh) --- drivers/net/bonding/bond_main.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 257333c88710..30cf97f4e814 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -3355,7 +3355,6 @@ static void bond_ns_send_all(struct bonding *bond, struct slave *slave) /* Find out through which dev should the packet go */ memset(&fl6, 0, sizeof(struct flowi6)); fl6.daddr = targets[i]; - fl6.flowi6_oif = bond->dev->ifindex; dst = ip6_route_output(dev_net(bond->dev), NULL, &fl6); if (dst->error) { -- 2.50.1

4 days, 6 hours

4
6
0 0

Re: [PATCH net-next 0/3] mptcp: make ADD_ADDR retransmission timeout adaptive

by patchwork-bot+netdevbpf＠kernel.org

Hello: This series was applied to netdev/net-next.git (main) by Jakub Kicinski <kuba(a)kernel.org>: On Sun, 07 Sep 2025 17:32:41 +0200 you wrote: > Currently, the MPTCP ADD_ADDR notifications are retransmitted after a > fixed timeout controlled by the net.mptcp.add_addr_timeout sysctl knob, > if the corresponding "echo" packets are not received before. This can be > too slow (or too quick), especially with a too cautious default value > set to 2 minutes. > > - Patch 1: make ADD_ADDR retransmission timeout adaptive, using the > TCP's retransmission timeout. The corresponding sysctl knob is now > used as a maximum value. > > [...] Here is the summary with links: - [net-next,1/3] mptcp: make ADD_ADDR retransmission timeout adaptive https://git.kernel.org/netdev/net-next/c/30549eebc4d8 - [net-next,2/3] selftests: mptcp: join: tolerate more ADD_ADDR https://git.kernel.org/netdev/net-next/c/63c31d42cf6f - [net-next,3/3] selftests: mptcp: join: allow more time to send ADD_ADDR https://git.kernel.org/netdev/net-next/c/e2cda6343bfe You are awesome, thank you! -- Deet-doot-dot, I am a bot. https://korg.docs.kernel.org/patchwork/pwbot.html

4 days, 6 hours

1
0
0 0

[PATCH net 1/2] bonding: set random address only when slaves already exist

by Hangbin Liu

Commit 5c3bf6cba791 ("bonding: assign random address if device address is same as bond") fixed an issue where, after releasing the first slave and re-adding it to the bond with fail_over_mac=follow, both the active and backup slaves could end up with duplicate MAC addresses. To avoid this, the new slave was assigned a random address. However, if this happens when adding the very first slave, the bond’s hardware address is set to match the slave’s. Later, during the fail_over_mac=follow check, the slave’s MAC is randomized because it naturally matches the bond, which is incorrect. The issue is normally hidden since the first slave usually becomes the active one, which restores the bond's MAC address. However, if another slave is selected as the initial active interface, the issue becomes visible. Fix this by assigning a random address only when slaves already exist in the bond. Fixes: 5c3bf6cba791 ("bonding: assign random address if device address is same as bond") Reported-by: Qiuling Ren <qren(a)redhat.com> Signed-off-by: Hangbin Liu <liuhangbin(a)gmail.com> --- drivers/net/bonding/bond_main.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 257333c88710..8832bc9f107b 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -2132,6 +2132,7 @@ int bond_enslave(struct net_device *bond_dev, struct net_device *slave_dev, memcpy(ss.__data, bond_dev->dev_addr, bond_dev->addr_len); } else if (bond->params.fail_over_mac == BOND_FOM_FOLLOW && BOND_MODE(bond) == BOND_MODE_ACTIVEBACKUP && + bond_has_slaves(bond) && memcmp(slave_dev->dev_addr, bond_dev->dev_addr, bond_dev->addr_len) == 0) { /* Set slave to random address to avoid duplicate mac * address in later fail over. -- 2.50.1

4 days, 6 hours

2
6
0 0

[PATCH net-next] selftests: net: speed up pmtu.sh by avoiding unnecessary cleanup

by Jakub Kicinski

The pmtu test takes nearly an hour when run on a debug kernel (10min on a normal kernel, so the debug slow down is quite significant). NIPA tries to ensure all results are delivered by a certain deadline so this prevents it from retrying the test in case of a flake. Looks like one of the slowest operations in the test is calling out to ./openvswitch/ovs-dpctl.py to remove potential leftover OvS interfaces. Check whether the interfaces exist in the first place in sysfs, since it can be done directly in bash it is very fast. This should save us around 20-30% of the test runtime. Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- tools/testing/selftests/net/pmtu.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/net/pmtu.sh b/tools/testing/selftests/net/pmtu.sh index 88e914c4eef9..a3323c21f001 100755 --- a/tools/testing/selftests/net/pmtu.sh +++ b/tools/testing/selftests/net/pmtu.sh @@ -1089,10 +1089,11 @@ cleanup() { cleanup_all_ns - ip link del veth_A-C 2>/dev/null - ip link del veth_A-R1 2>/dev/null - cleanup_del_ovs_internal - cleanup_del_ovs_vswitchd + [ -e "/sys/class/net/veth_A-C" ] && ip link del veth_A-C + [ -e "/sys/class/net/veth_A-R1" ] && ip link del veth_A-R1 + [ -e "/sys/class/net/ovs_br0" ] && cleanup_del_ovs_internal + [ -e "/sys/class/net/ovs_br0" ] && cleanup_del_ovs_vswitchd + rm -f "$tmpoutfile" } -- 2.51.0

4 days, 9 hours

3
2
0 0

[PATCH net-next v2] selftests: net: run groups from fcnal-test in parallel

by Jakub Kicinski

fcnal-test.sh takes almost hour and a half to finish. The tests are already grouped into ipv4, ipv6 and other. Run those groups separately. Reviewed-by: David Ahern <dsahern(a)kernel.org> Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- v2: no changes, previous posting had a trivial Makefile conflict v1: https://lore.kernel.org/20250907012116.3315344-2-kuba@kernel.org --- tools/testing/selftests/net/Makefile | 4 +++- tools/testing/selftests/net/fcnal-ipv4.sh | 2 ++ tools/testing/selftests/net/fcnal-ipv6.sh | 2 ++ tools/testing/selftests/net/fcnal-other.sh | 2 ++ tools/testing/selftests/net/fcnal-test.sh | 3 +++ 5 files changed, 12 insertions(+), 1 deletion(-) create mode 100755 tools/testing/selftests/net/fcnal-ipv4.sh create mode 100755 tools/testing/selftests/net/fcnal-ipv6.sh create mode 100755 tools/testing/selftests/net/fcnal-other.sh diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index 8c860782f9cd..8270f747ffbc 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -8,11 +8,12 @@ CFLAGS += -I../ TEST_PROGS := run_netsocktests run_afpackettests test_bpf.sh netdevice.sh \ rtnetlink.sh xfrm_policy.sh +TEST_PROGS += fcnal-ipv4.sh fcnal-ipv6.sh fcnal-other.sh TEST_PROGS += fib_tests.sh fib-onlink-tests.sh pmtu.sh udpgso.sh ip_defrag.sh TEST_PROGS += udpgso_bench.sh fib_rule_tests.sh msg_zerocopy.sh psock_snd.sh TEST_PROGS += udpgro_bench.sh udpgro.sh test_vxlan_under_vrf.sh reuseport_addr_any.sh TEST_PROGS += test_vxlan_fdb_changelink.sh so_txtime.sh ipv6_flowlabel.sh -TEST_PROGS += tcp_fastopen_backup_key.sh fcnal-test.sh l2tp.sh traceroute.sh +TEST_PROGS += tcp_fastopen_backup_key.sh l2tp.sh traceroute.sh TEST_PROGS += fin_ack_lat.sh fib_nexthop_multiprefix.sh fib_nexthops.sh fib_nexthop_nongw.sh TEST_PROGS += altnames.sh icmp.sh icmp_redirect.sh ip6_gre_headroom.sh TEST_PROGS += route_localnet.sh @@ -127,6 +128,7 @@ TEST_GEN_FILES += $(YNL_GEN_FILES) TEST_GEN_PROGS += $(YNL_GEN_PROGS) TEST_FILES := settings +TEST_FILES += fcnal-test.sh TEST_FILES += in_netns.sh lib.sh setup_loopback.sh setup_veth.sh TEST_GEN_FILES += $(patsubst %.c,%.o,$(wildcard *.bpf.c)) diff --git a/tools/testing/selftests/net/fcnal-ipv4.sh b/tools/testing/selftests/net/fcnal-ipv4.sh new file mode 100755 index 000000000000..82f9c867c3e8 --- /dev/null +++ b/tools/testing/selftests/net/fcnal-ipv4.sh @@ -0,0 +1,2 @@ +#!/bin/sh +./fcnal-test.sh -t ipv4 diff --git a/tools/testing/selftests/net/fcnal-ipv6.sh b/tools/testing/selftests/net/fcnal-ipv6.sh new file mode 100755 index 000000000000..ab1fc7aa3caf --- /dev/null +++ b/tools/testing/selftests/net/fcnal-ipv6.sh @@ -0,0 +1,2 @@ +#!/bin/sh +./fcnal-test.sh -t ipv6 diff --git a/tools/testing/selftests/net/fcnal-other.sh b/tools/testing/selftests/net/fcnal-other.sh new file mode 100755 index 000000000000..a840cf80b32e --- /dev/null +++ b/tools/testing/selftests/net/fcnal-other.sh @@ -0,0 +1,2 @@ +#!/bin/sh +./fcnal-test.sh -t other diff --git a/tools/testing/selftests/net/fcnal-test.sh b/tools/testing/selftests/net/fcnal-test.sh index 0e3304d37fd0..49d85d267925 100755 --- a/tools/testing/selftests/net/fcnal-test.sh +++ b/tools/testing/selftests/net/fcnal-test.sh @@ -4272,6 +4272,7 @@ EOF TESTS_IPV4="ipv4_ping ipv4_tcp ipv4_udp ipv4_bind ipv4_runtime ipv4_netfilter" TESTS_IPV6="ipv6_ping ipv6_tcp ipv6_udp ipv6_bind ipv6_runtime ipv6_netfilter" TESTS_OTHER="use_cases" +# note: each TEST_ group needs a dedicated runner, e.g. fcnal-ipv4.sh PAUSE_ON_FAIL=no PAUSE=no @@ -4302,6 +4303,8 @@ elif [ "$TESTS" = "ipv4" ]; then TESTS="$TESTS_IPV4" elif [ "$TESTS" = "ipv6" ]; then TESTS="$TESTS_IPV6" +elif [ "$TESTS" = "other" ]; then + TESTS="$TESTS_OTHER" fi check_gen_prog "nettest" -- 2.51.0

4 days, 10 hours

2
1
0 0

[PATCH nf-next v6 0/2] Add IPIP flowtable SW acceleratio

by Lorenzo Bianconi

Introduce SW acceleration for IPIP tunnels in the netfilter flowtable infrastructure. --- Changes in v6: - Rebase on top of nf-next main branch - Link to v5: https://lore.kernel.org/r/20250721-nf-flowtable-ipip-v5-0-0865af9e58c6@kern… Changes in v5: - Rely on __ipv4_addr_hash() to compute the hash used as encap ID - Remove unnecessary pskb_may_pull() in nf_flow_tuple_encap() - Add nf_flow_ip4_ecanp_pop utility routine - Link to v4: https://lore.kernel.org/r/20250718-nf-flowtable-ipip-v4-0-f8bb1c18b986@kern… Changes in v4: - Use the hash value of the saddr, daddr and protocol of outer IP header as encapsulation id. - Link to v3: https://lore.kernel.org/r/20250703-nf-flowtable-ipip-v3-0-880afd319b9f@kern… Changes in v3: - Add outer IP header sanity checks - target nf-next tree instead of net-next - Link to v2: https://lore.kernel.org/r/20250627-nf-flowtable-ipip-v2-0-c713003ce75b@kern… Changes in v2: - Introduce IPIP flowtable selftest - Link to v1: https://lore.kernel.org/r/20250623-nf-flowtable-ipip-v1-1-2853596e3941@kern… --- Lorenzo Bianconi (2): net: netfilter: Add IPIP flowtable SW acceleration selftests: netfilter: nft_flowtable.sh: Add IPIP flowtable selftest include/linux/netdevice.h | 1 + net/ipv4/ipip.c | 28 +++++++++++ net/netfilter/nf_flow_table_ip.c | 56 +++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 1 + .../selftests/net/netfilter/nft_flowtable.sh | 40 ++++++++++++++++ 5 files changed, 124 insertions(+), 2 deletions(-) --- base-commit: bab3ce404553de56242d7b09ad7ea5b70441ea41 change-id: 20250623-nf-flowtable-ipip-1b3d7b08d067 Best regards, -- Lorenzo Bianconi <lorenzo(a)kernel.org>

4 days, 11 hours

2
4
0 0

[PATCH RFC net-next 0/5] selftests: drv-net: Convert XDP program to bpf_dynptr

by Nimrod Oren

Hi all, This series updates the drv-net XDP program used by the new xdp.py selftest to use the bpf_dynptr APIs for packet access. The selftest itself is unchanged. The original program accessed packet headers directly via ctx->data/data_end, implicitly assuming headers are always in the linear region. That assumption is incorrect for multi-buffer XDP and does not hold across all drivers. For example, mlx5 with striding RQ can leave the linear area empty, causing the multi-buffer cases to fail. Switching to bpf_xdp_load/store_bytes would work but always incurs copies. Instead, this series adopts bpf_dynptr, which provides safe, verifier-checked access across both linear and fragmented areas while avoiding copies. Amery Hung has also proposed a series [1] that addresses the same issues in the program, but through the use of bpf_xdp_pull_data. My series is not intended as a replacement for that work, but rather as an exploration of another viable solution, each of which may be preferable under different circumstances. In cases where the program does not return XDP_PASS, I believe dynptr has an advantage since it avoids an extra copy. Conversely, when the program returns XDP_PASS, bpf_xdp_pull_data may be preferable, as the copy will be performed in any case during skb creation. It may make sense to split the work into two separate programs, allowing us to test both solutions independently. Alternatively, we can consider a combined approach, where the more fitting solution is applied for each use case. I welcome feedback on which direction would be most useful. [1] https://lore.kernel.org/all/20250905173352.3759457-1-ameryhung@gmail.com/ Thanks! Nimrod Nimrod Oren (5): selftests: drv-net: Test XDP_TX with bpf_dynptr selftests: drv-net: Test XDP tail adjustment with bpf_dynptr selftests: drv-net: Test XDP head adjustment with bpf_dynptr selftests: drv-net: Adjust XDP header data with bpf_dynptr selftests: drv-net: Check XDP header data with bpf_dynptr .../selftests/net/lib/xdp_native.bpf.c | 219 ++++++++---------- 1 file changed, 96 insertions(+), 123 deletions(-) -- 2.45.0

4 days, 11 hours

3
7
0 0

[PATCH 0/3] selftests: drv-net: Fix issues in devlink_rate_tc_bw.py

by Carolina Jubran

This series fixes issues in devlink_rate_tc_bw.py selftest that made its checks unreliable and its documentation inconsistent with the actual configuration. Thanks Carolina Jubran (3): selftests: drv-net: Fix and clarify TC bandwidth split in devlink_rate_tc_bw.py selftests: drv-net: Fix tolerance calculation in devlink_rate_tc_bw.py selftests: drv-net: Relax total BW check in devlink_rate_tc_bw.py .../drivers/net/hw/devlink_rate_tc_bw.py | 102 ++++++++---------- 1 file changed, 44 insertions(+), 58 deletions(-) -- 2.38.1

4 days, 12 hours

3
12
0 0

[PATCH bpf-next v2] selftests/bpf: Fix incorrect array size calculation

by Jiayuan Chen

The loop in bench_sockmap_prog_destroy() has two issues: 1. Using 'sizeof(ctx.fds)' as the loop bound results in the number of bytes, not the number of file descriptors, causing the loop to iterate far more times than intended. 2. The condition 'ctx.fds[0] > 0' incorrectly checks only the first fd for all iterations, potentially leaving file descriptors unclosed. Change it to 'ctx.fds[i] > 0' to check each fd properly. These fixes ensure correct cleanup of all file descriptors when the benchmark exits. Signed-off-by: Jiayuan Chen <jiayuan.chen(a)linux.dev> Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org> Closes: https://lore.kernel.org/bpf/aLqfWuRR9R_KTe5e@stanley.mountain/ --- tools/testing/selftests/bpf/benchs/bench_sockmap.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/benchs/bench_sockmap.c b/tools/testing/selftests/bpf/benchs/bench_sockmap.c index 8ebf563a67a2..cfc072aa7fff 100644 --- a/tools/testing/selftests/bpf/benchs/bench_sockmap.c +++ b/tools/testing/selftests/bpf/benchs/bench_sockmap.c @@ -10,6 +10,7 @@ #include <argp.h> #include "bench.h" #include "bench_sockmap_prog.skel.h" +#include "bpf_util.h" #define FILE_SIZE (128 * 1024) #define DATA_REPEAT_SIZE 10 @@ -124,8 +125,8 @@ static void bench_sockmap_prog_destroy(void) { int i; - for (i = 0; i < sizeof(ctx.fds); i++) { - if (ctx.fds[0] > 0) + for (i = 0; i < ARRAY_SIZE(ctx.fds); i++) { + if (ctx.fds[i] > 0) close(ctx.fds[i]); } -- 2.43.0

4 days, 16 hours

2
1
0 0

[PATCH net 0/2] net: dst_metadata: fix DF flag extraction on tunnel rx

by Ilya Maximets

Two patches here, first fixes the issue where tunnel core doesn't actually extract DF bit from the outer IP header, even though both OVS and TC flower allow matching on it. More details in the commit message. The second is a selftest for openvswitch that reproduces the issue, but also just adds some basic coverage for the tunnel metadata extraction and related openvswitch uAPI. Ilya Maximets (2): net: dst_metadata: fix IP_DF bit not extracted from tunnel headers selftests: openvswitch: add a simple test for tunnel metadata include/net/dst_metadata.h | 11 ++- .../selftests/net/openvswitch/openvswitch.sh | 88 +++++++++++++++++-- 2 files changed, 90 insertions(+), 9 deletions(-) -- 2.50.1

4 days, 18 hours

3
5
0 0

[ANNOUNCE/CFP] Kernel Testing & Dependability Micro-conference at LPC Japan 2025 CFP postponed until 30th September

by Arisu Tachibana

Hello everyone, The Call For Proposal (CFP) for the Kernel Testing & Dependability Micro-Conference at Linux Plumbers 2025 has been updated. https://lpc.events/event/19/contributions/2001/ You still have time until the 30th September for sending your CFP: https://lpc.events/event/19/abstracts/ Thanks, Arisu & Guillaume & Shuah & Sasha

4 days, 23 hours

1
0
0 0

[PATCH v2 00/37] mm: remove nth_page()

by David Hildenbrand

This is based on mm-unstable. I will only CC non-MM folks on the cover letter and the respective patch to not flood too many inboxes (the lists receive all patches). -- As discussed recently with Linus, nth_page() is just nasty and we would like to remove it. To recap, the reason we currently need nth_page() within a folio is because on some kernel configs (SPARSEMEM without SPARSEMEM_VMEMMAP), the memmap is allocated per memory section. While buddy allocations cannot cross memory section boundaries, hugetlb and dax folios can. So crossing a memory section means that "page++" could do the wrong thing. Instead, nth_page() on these problematic configs always goes from page->pfn, to the go from (++pfn)->page, which is rather nasty. Likely, many people have no idea when nth_page() is required and when it might be dropped. We refer to such problematic PFN ranges and "non-contiguous pages". If we only deal with "contiguous pages", there is not need for nth_page(). Besides that "obvious" folio case, we might end up using nth_page() within CMA allocations (again, could span memory sections), and in one corner case (kfence) when processing memblock allocations (again, could span memory sections). So let's handle all that, add sanity checks, and remove nth_page(). Patch #1 -> #5 : stop making SPARSEMEM_VMEMMAP user-selectable + cleanups Patch #6 -> #13 : disallow folios to have non-contiguous pages Patch #14 -> #20 : remove nth_page() usage within folios Patch #22 : disallow CMA allocations of non-contiguous pages Patch #23 -> #33 : sanity+check + remove nth_page() usage within SG entry Patch #34 : sanity-check + remove nth_page() usage in unpin_user_page_range_dirty_lock() Patch #35 : remove nth_page() in kfence Patch #36 : adjust stale comment regarding nth_page Patch #37 : mm: remove nth_page() A lot of this is inspired from the discussion at [1] between Linus, Jason and me, so cudos to them. [1] https://lore.kernel.org/all/CAHk-=wiCYfNp4AJLBORU-c7ZyRBUp66W2-Et6cdQ4REx-G… v1 -> v2: * "fs: hugetlbfs: cleanup folio in adjust_range_hwpoison()" -> Add comment for loop and remove comment of function regarding copy_page_to_iter(). * Various smaller patch description tweaks I am not going to list for my sanity * "mips: mm: convert __flush_dcache_pages() to __flush_dcache_folio_pages()" -> Fix flush_dcache_page() -> Drop "extern" * "mm/gup: remove record_subpages()" -> Added * "mm/hugetlb: check for unreasonable folio sizes when registering hstate" -> Refine comment * "mm/cma: refuse handing out non-contiguous page ranges" -> Add comment above loop * "mm/page_alloc: reject unreasonable folio/compound page sizes in alloc_contig_range_noprof()" -> Added comment above check * "mm/gup: drop nth_page() usage in unpin_user_page_range_dirty_lock()" -> Refined comment RFC -> v1: * "wireguard: selftests: remove CONFIG_SPARSEMEM_VMEMMAP=y from qemu kernel config" -> Mention that it was never really relevant for the test * "mm/mm_init: make memmap_init_compound() look more like prep_compound_page()" -> Mention the setup of page links * "mm: limit folio/compound page sizes in problematic kernel configs" -> Improve comment for PUD handling, mentioning hugetlb and dax * "mm: simplify folio_page() and folio_page_idx()" -> Call variable "n" * "mm/hugetlb: cleanup hugetlb_folio_init_tail_vmemmap()" -> Keep __init_single_page() and refer to the usage of memblock_reserved_mark_noinit() * "fs: hugetlbfs: cleanup folio in adjust_range_hwpoison()" * "fs: hugetlbfs: remove nth_page() usage within folio in adjust_range_hwpoison()" -> Separate nth_page() removal from cleanups -> Further improve cleanups * "io_uring/zcrx: remove nth_page() usage within folio" -> Keep the io_copy_cache for now and limit to nth_page() removal * "mm/gup: drop nth_page() usage within folio when recording subpages" -> Cleanup record_subpages as bit * "mm/cma: refuse handing out non-contiguous page ranges" -> Replace another instance of "pfn_to_page(pfn)" where we already have the page * "scatterlist: disallow non-contigous page ranges in a single SG entry" -> We have to EXPORT the symbol. I thought about moving it to mm_inline.h, but I really don't want to include that in include/linux/scatterlist.h * "ata: libata-eh: drop nth_page() usage within SG entry" * "mspro_block: drop nth_page() usage within SG entry" * "memstick: drop nth_page() usage within SG entry" * "mmc: drop nth_page() usage within SG entry" -> Keep PAGE_SHIFT * "scsi: scsi_lib: drop nth_page() usage within SG entry" * "scsi: sg: drop nth_page() usage within SG entry" -> Split patches, Keep PAGE_SHIFT * "crypto: remove nth_page() usage within SG entry" -> Keep PAGE_SHIFT * "kfence: drop nth_page() usage" -> Keep modifying i and use "start_pfn" only instead Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Jason Gunthorpe <jgg(a)nvidia.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Marek Szyprowski <m.szyprowski(a)samsung.com> Cc: Robin Murphy <robin.murphy(a)arm.com> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Marco Elver <elver(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Brendan Jackman <jackmanb(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Zi Yan <ziy(a)nvidia.com> Cc: Dennis Zhou <dennis(a)kernel.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: Christoph Lameter <cl(a)gentwo.org> Cc: Muchun Song <muchun.song(a)linux.dev> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: x86(a)kernel.org Cc: linux-arm-kernel(a)lists.infradead.org Cc: linux-mips(a)vger.kernel.org Cc: linux-s390(a)vger.kernel.org Cc: linux-crypto(a)vger.kernel.org Cc: linux-ide(a)vger.kernel.org Cc: intel-gfx(a)lists.freedesktop.org Cc: dri-devel(a)lists.freedesktop.org Cc: linux-mmc(a)vger.kernel.org Cc: linux-arm-kernel(a)axis.com Cc: linux-scsi(a)vger.kernel.org Cc: kvm(a)vger.kernel.org Cc: virtualization(a)lists.linux.dev Cc: linux-mm(a)kvack.org Cc: io-uring(a)vger.kernel.org Cc: iommu(a)lists.linux.dev Cc: kasan-dev(a)googlegroups.com Cc: wireguard(a)lists.zx2c4.com Cc: netdev(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org Cc: linux-riscv(a)lists.infradead.org David Hildenbrand (37): mm: stop making SPARSEMEM_VMEMMAP user-selectable arm64: Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" s390/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" x86/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" wireguard: selftests: remove CONFIG_SPARSEMEM_VMEMMAP=y from qemu kernel config mm/page_alloc: reject unreasonable folio/compound page sizes in alloc_contig_range_noprof() mm/memremap: reject unreasonable folio/compound page sizes in memremap_pages() mm/hugetlb: check for unreasonable folio sizes when registering hstate mm/mm_init: make memmap_init_compound() look more like prep_compound_page() mm: sanity-check maximum folio size in folio_set_order() mm: limit folio/compound page sizes in problematic kernel configs mm: simplify folio_page() and folio_page_idx() mm/hugetlb: cleanup hugetlb_folio_init_tail_vmemmap() mm/mm/percpu-km: drop nth_page() usage within single allocation fs: hugetlbfs: remove nth_page() usage within folio in adjust_range_hwpoison() fs: hugetlbfs: cleanup folio in adjust_range_hwpoison() mm/pagewalk: drop nth_page() usage within folio in folio_walk_start() mm/gup: drop nth_page() usage within folio when recording subpages mm/gup: remove record_subpages() io_uring/zcrx: remove nth_page() usage within folio mips: mm: convert __flush_dcache_pages() to __flush_dcache_folio_pages() mm/cma: refuse handing out non-contiguous page ranges dma-remap: drop nth_page() in dma_common_contiguous_remap() scatterlist: disallow non-contigous page ranges in a single SG entry ata: libata-sff: drop nth_page() usage within SG entry drm/i915/gem: drop nth_page() usage within SG entry mspro_block: drop nth_page() usage within SG entry memstick: drop nth_page() usage within SG entry mmc: drop nth_page() usage within SG entry scsi: scsi_lib: drop nth_page() usage within SG entry scsi: sg: drop nth_page() usage within SG entry vfio/pci: drop nth_page() usage within SG entry crypto: remove nth_page() usage within SG entry mm/gup: drop nth_page() usage in unpin_user_page_range_dirty_lock() kfence: drop nth_page() usage block: update comment of "struct bio_vec" regarding nth_page() mm: remove nth_page() arch/arm64/Kconfig | 1 - arch/mips/include/asm/cacheflush.h | 11 +++-- arch/mips/mm/cache.c | 8 ++-- arch/s390/Kconfig | 1 - arch/x86/Kconfig | 1 - crypto/ahash.c | 4 +- crypto/scompress.c | 8 ++-- drivers/ata/libata-sff.c | 6 +-- drivers/gpu/drm/i915/gem/i915_gem_pages.c | 2 +- drivers/memstick/core/mspro_block.c | 3 +- drivers/memstick/host/jmb38x_ms.c | 3 +- drivers/memstick/host/tifm_ms.c | 3 +- drivers/mmc/host/tifm_sd.c | 4 +- drivers/mmc/host/usdhi6rol0.c | 4 +- drivers/scsi/scsi_lib.c | 3 +- drivers/scsi/sg.c | 3 +- drivers/vfio/pci/pds/lm.c | 3 +- drivers/vfio/pci/virtio/migrate.c | 3 +- fs/hugetlbfs/inode.c | 36 +++++--------- include/crypto/scatterwalk.h | 4 +- include/linux/bvec.h | 7 +-- include/linux/mm.h | 48 +++++++++++++++---- include/linux/page-flags.h | 5 +- include/linux/scatterlist.h | 3 +- io_uring/zcrx.c | 4 +- kernel/dma/remap.c | 2 +- mm/Kconfig | 3 +- mm/cma.c | 39 +++++++++------ mm/gup.c | 36 +++++++------- mm/hugetlb.c | 22 +++++---- mm/internal.h | 1 + mm/kfence/core.c | 12 +++-- mm/memremap.c | 3 ++ mm/mm_init.c | 15 +++--- mm/page_alloc.c | 10 +++- mm/pagewalk.c | 2 +- mm/percpu-km.c | 2 +- mm/util.c | 36 ++++++++++++++ tools/testing/scatterlist/linux/mm.h | 1 - .../selftests/wireguard/qemu/kernel.config | 1 - 40 files changed, 217 insertions(+), 146 deletions(-) base-commit: b73c6f2b5712809f5f386780ac46d1d78c31b2e6 -- 2.50.1

4 days, 23 hours

9
59
0 0

[PATCH net-next v6] selftests: net: add test for ipv6 fragmentation

by Brett A C Sheffield

Add selftest for the IPv6 fragmentation regression which affected several stable kernels. Commit a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable without some prerequisite commits. This caused a regression when sending IPv6 UDP packets by preventing fragmentation and instead returning -1 (EMSGSIZE). Add selftest to check for this issue by attempting to send a packet larger than the interface MTU. The packet will be fragmented on a working kernel, with sendmsg(2) correctly returning the expected number of bytes sent. When the regression is present, sendmsg returns -1 and sets errno to EMSGSIZE. Link: https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com Signed-off-by: Brett A C Sheffield <bacs(a)librecast.net> Reviewed-by: Willem de Bruijn <willemb(a)google.com> --- Thanks again Willem for the review. v6 changes: - port -> network byte order - remove unecessary variable err - check return value of close() v5 changes: - disable_dad: delete - not needed for lo - main: simplify failure paths - main: char -> static char buf - setup: remove pointless return value - setup: remove unused variable fd - setup: merge with interface_up() to simplify - setup: check all system call return values - remove no longer used headers v4 changes: - fix "else should follow close brace" (checkpatch ERROR) v3 changes: - add usleep instead of busy polling on sendmsg - simplify error handling by using error() and leaving cleanup to O/S - use loopback interface - don't bother creating TAP - send to localhost (::1) v2 changes: - remove superfluous namespace calls - unshare(2) suffices - remove usleep(). Don't wait for the interface to be ready, just send, and handle the (less likely) error case by retrying. - set destination address only once - document our use of the IPv6 link-local source address - send to port 9 (DISCARD) instead of 4242 (DONT PANIC) - ensure sockets are closed on failure paths - use KSFT exit codes for clarity v5: https://lore.kernel.org/netdev/20250902142502.27278-1-bacs@librecast.net v4: https://lore.kernel.org/netdev/20250901123757.13112-1-bacs@librecast.net v3: https://lore.kernel.org/netdev/20250901112248.5218-1-bacs@librecast.net v2: https://lore.kernel.org/netdev/20250831102908.14655-1-bacs@librecast.net v1: https://lore.kernel.org/netdev/20250825092548.4436-3-bacs@librecast.net tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 1 + .../selftests/net/ipv6_fragmentation.c | 114 ++++++++++++++++++ 3 files changed, 116 insertions(+) create mode 100644 tools/testing/selftests/net/ipv6_fragmentation.c diff --git a/tools/testing/selftests/net/.gitignore b/tools/testing/selftests/net/.gitignore index 47c293c2962f..3d4b4a53dfda 100644 --- a/tools/testing/selftests/net/.gitignore +++ b/tools/testing/selftests/net/.gitignore @@ -16,6 +16,7 @@ ip_local_port_range ipsec ipv6_flowlabel ipv6_flowlabel_mgr +ipv6_fragmentation log.txt msg_oob msg_zerocopy diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index eef0b8f8a7b0..276e0481d996 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -117,6 +117,7 @@ TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh +TEST_GEN_PROGS += ipv6_fragmentation TEST_PROGS += route_hint.sh # YNL files, must be before "include ..lib.mk" diff --git a/tools/testing/selftests/net/ipv6_fragmentation.c b/tools/testing/selftests/net/ipv6_fragmentation.c new file mode 100644 index 000000000000..267ef62b5c72 --- /dev/null +++ b/tools/testing/selftests/net/ipv6_fragmentation.c @@ -0,0 +1,114 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Author: Brett A C Sheffield <bacs(a)librecast.net> + * + * Kernel selftest for the IPv6 fragmentation regression which affected stable + * kernels: + * + * https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com + * + * Commit: a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable + * without some prerequisite commits. + * + * This caused a regression when sending IPv6 UDP packets by preventing + * fragmentation and instead returning -1 (EMSGSIZE). + * + * This selftest demonstrates the issue by sending an IPv6 UDP packet to + * localhost (::1) on the loopback interface from the autoconfigured link-local + * address. + * + * sendmsg(2) returns bytes sent correctly on a working kernel, and returns -1 + * (EMSGSIZE) when the regression is present. + * + * The regression was not present in the mainline kernel, but add this test to + * catch similar breakage in future. + */ + +#define _GNU_SOURCE + +#include <error.h> +#include <net/if.h> +#include <netinet/in.h> +#include <sched.h> +#include <stdio.h> +#include <sys/ioctl.h> +#include <sys/socket.h> +#include <unistd.h> +#include "../kselftest.h" + +#define MTU 1500 +#define LARGER_THAN_MTU 8192 + +static void setup(void) +{ + struct ifreq ifr = { + .ifr_name = "lo" + }; + int ctl; + + /* we need to set MTU, so do this in a namespace to play nicely */ + if (unshare(CLONE_NEWNET) == -1) + error(KSFT_FAIL, errno, "unshare"); + + ctl = socket(AF_LOCAL, SOCK_STREAM, 0); + if (ctl == -1) + error(KSFT_FAIL, errno, "socket"); + + /* ensure MTU is smaller than what we plan to send */ + ifr.ifr_mtu = MTU; + if (ioctl(ctl, SIOCSIFMTU, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl: set MTU"); + + /* bring up interface */ + if (ioctl(ctl, SIOCGIFFLAGS, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl SIOCGIFFLAGS"); + ifr.ifr_flags = ifr.ifr_flags | IFF_UP; + if (ioctl(ctl, SIOCSIFFLAGS, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl: bring interface up"); + + if (close(ctl) == -1) + error(KSFT_FAIL, errno, "close"); +} + +int main(void) +{ + struct in6_addr addr = { + .s6_addr[15] = 0x01, /* ::1 */ + }; + struct sockaddr_in6 sa = { + .sin6_family = AF_INET6, + .sin6_addr = addr, + .sin6_port = htons(9) /* port 9/udp (DISCARD) */ + }; + static char buf[LARGER_THAN_MTU] = {0}; + struct iovec iov = { .iov_base = buf, .iov_len = sizeof(buf) }; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + .msg_name = (struct sockaddr *)&sa, + .msg_namelen = sizeof(sa), + }; + ssize_t rc; + int s; + + printf("Testing IPv6 fragmentation\n"); + setup(); + s = socket(AF_INET6, SOCK_DGRAM, 0); +send_again: + rc = sendmsg(s, &msg, 0); + if (rc == -1) { + /* if interface wasn't ready, try again */ + if (errno == EADDRNOTAVAIL) { + usleep(1000); + goto send_again; + } + error(KSFT_FAIL, errno, "sendmsg"); + } else if (rc != LARGER_THAN_MTU) { + error(KSFT_FAIL, errno, "sendmsg returned %zi, expected %i", + rc, LARGER_THAN_MTU); + } + printf("[PASS] sendmsg() returned %zi\n", rc); + if (close(s) == -1) + error(KSFT_FAIL, errno, "close"); + return KSFT_PASS; +} base-commit: cd8a4cfa6bb43a441901e82f5c222dddc75a18a3 -- 2.49.1

4 days, 23 hours

2
1
0 0

[PATCHv5 net-next 0/3] bonding: support aggregator selection based on port priority

by Hangbin Liu

This patchset introduces a new per-port bonding option: `ad_actor_port_prio`. It allows users to configure the actor's port priority, which can then be used by the bonding driver for aggregator selection based on port priority. This provides finer control over LACP aggregator choice, especially in setups with multiple eligible aggregators over 2 switches. v5: a) rename 'prio' to 'actor_port_prio' in bond_ad_select_tbl (Jay Vosburgh) b) update document description v4: a) fix actor_port_prio minimal value (Jay Vosburgh) b) fix ad_agg_selection_test comment order (Paolo Abeni) c) restruct selftest, reduce duplication (Paolo Abeni) v3: a) add comments when init slave port_priority (Jonas Gorski) b) rename ad_lacp_port_prio to lacp_port_prio (Jay Vosburgh) v2: a) set default bond option value for port priority (Nikolay Aleksandrov) b) fix __agg_ports_priority coding style (Nikolay Aleksandrov) c) fix shellcheck warns Hangbin Liu (3): bonding: add support for per-port LACP actor priority bonding: support aggregator selection based on port priority selftests: bonding: add test for LACP actor port priority Documentation/networking/bonding.rst | 25 +++- drivers/net/bonding/bond_3ad.c | 31 +++++ drivers/net/bonding/bond_netlink.c | 16 +++ drivers/net/bonding/bond_options.c | 45 +++++++- include/net/bond_3ad.h | 2 + include/net/bond_options.h | 1 + include/uapi/linux/if_link.h | 1 + .../selftests/drivers/net/bonding/Makefile | 3 +- .../drivers/net/bonding/bond_lacp_prio.sh | 108 ++++++++++++++++++ tools/testing/selftests/net/forwarding/lib.sh | 24 ---- tools/testing/selftests/net/lib.sh | 24 ++++ 11 files changed, 247 insertions(+), 33 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/bond_lacp_prio.sh -- 2.50.1

4 days, 23 hours

2
4
0 0

[PATCH v2] selftests/kselftest_harness: Add harness-selftest.expected to TEST_FILES

by Yi Lai

The harness-selftest.expected is not installed in INSTALL_PATH. Attempting to execute harness-selftest.sh shows warning: diff: ./kselftest_harness/harness-selftest.expected: No such file or directory Add harness-selftest.expected to TEST_FILES. Fixes: df82ffc5a3c1 ("selftests: harness: Add kselftest harness selftest") Signed-off-by: Yi Lai <yi1.lai(a)intel.com> Reviewed-by: Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> --- tools/testing/selftests/kselftest_harness/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/kselftest_harness/Makefile b/tools/testing/selftests/kselftest_harness/Makefile index 0617535a6ce4..d2369c01701a 100644 --- a/tools/testing/selftests/kselftest_harness/Makefile +++ b/tools/testing/selftests/kselftest_harness/Makefile @@ -2,6 +2,7 @@ TEST_GEN_PROGS_EXTENDED := harness-selftest TEST_PROGS := harness-selftest.sh +TEST_FILES := harness-selftest.expected EXTRA_CLEAN := harness-selftest.seen include ../lib.mk -- 2.43.0

5 days

1
0
0 0

[PATCH] selftests/kselftest_harness: Add harness-selftest.expected to TEST_FILES

by Yi Lai

The harness-selftest.expected is not installed in INSTALL_PATH. Attempting to execute harness-selftest.sh shows warning: diff: ./kselftest_harness/harness-selftest.expected: No such file or directory Add harness-selftest.expected to TEST_FILES. Signed-off-by: Yi Lai <yi1.lai(a)intel.com> --- tools/testing/selftests/kselftest_harness/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/kselftest_harness/Makefile b/tools/testing/selftests/kselftest_harness/Makefile index 0617535a6ce4..d2369c01701a 100644 --- a/tools/testing/selftests/kselftest_harness/Makefile +++ b/tools/testing/selftests/kselftest_harness/Makefile @@ -2,6 +2,7 @@ TEST_GEN_PROGS_EXTENDED := harness-selftest TEST_PROGS := harness-selftest.sh +TEST_FILES := harness-selftest.expected EXTRA_CLEAN := harness-selftest.seen include ../lib.mk -- 2.43.0

5 days, 1 hour

4
3
0 0

[PATCH v2 0/3] Fix va_high_addr_switch.sh test failure

by Chunyu Hu

The three patches fix the va_high_addr_switch.sh test failure on x86_64. Patch 1 fixes the hugepage setup issue that nr_hugepages is reset too early in run_vmtests.sh and break the later va_high_addr_switch testing. Patch 2 adds hugepage setup in va_high_addr_switch test, so that it can still work if vm_runtests.sh changes the hugepage setup someday. Patch 3 fixes the test failure caused by the hint addr align method change in hugetlb_get_unmapped_area(). Changes in v2: - patch 1 renames nr_hugepgs_origin to orig_nr_hugepgs - add a patch 2 to setup hugeapges in va_high_addr_switch test Chunyu Hu (3): selftests/mm: fix hugepages cleanup too early selftests/mm: alloc hugepages in va_high_addr_switch test selftests/mm: fix va_high_addr_switch.sh failure on x86_64 tools/testing/selftests/mm/run_vmtests.sh | 9 ++++- .../selftests/mm/va_high_addr_switch.c | 4 +- .../selftests/mm/va_high_addr_switch.sh | 37 +++++++++++++++++++ 3 files changed, 46 insertions(+), 4 deletions(-) -- 2.49.0

5 days, 2 hours

2
6
0 0

[PATCH v2 0/2] selftests/mm: uffd-stress fixes

by Dev Jain

This patchset ensures that the number of hugepages is correctly set in the system so that the uffd-stress test does not fail due to the racy nature of the test. Patch 1 changes the hugepage constraint in the run_vmtests.sh script, whereas patch 2 changes the constraint in the test itself. --- Based on 6.17-rc5. Dev Jain (2): selftests/mm/uffd-stress: make test operate on less hugetlb memory selftests/mm/uffd-stress: stricten constraint on free hugepages needed before the test tools/testing/selftests/mm/run_vmtests.sh | 10 +++++++--- tools/testing/selftests/mm/uffd-stress.c | 17 +++++++++++------ 2 files changed, 18 insertions(+), 9 deletions(-) -- 2.30.2

5 days, 2 hours

1
3
0 0

[PATCH 0/2] selftests/mm: uffd-stress fixes

by Dev Jain

This patchset ensures that the number of hugepages is correctly set in the system so that the uffd-stress test does not fail due to the racy nature of the test. Patch 1 corrects the hugepage constraint in the run_vmtests.sh script, whereas patch 2 corrects the constraint in the test itself. Dev Jain (2): selftests/mm/uffd-stress: Make test operate on less hugetlb memory selftests/mm/uffd-stress: Stricten constraint on free hugepages before the test tools/testing/selftests/mm/run_vmtests.sh | 2 +- tools/testing/selftests/mm/uffd-stress.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) -- 2.30.2

5 days, 5 hours

3
7
0 0

[PATCHv2 net-next 0/5] net: common feature compute for upper interface

by Hangbin Liu

Some high-level virtual drivers need to compute features from their lower devices, but each currently has its own implementation and may miss some feature computations. This patch set introduces a common function to compute features for such devices. Currently, bonding, team, and bridge have been updated to use the new helper. v2: a) remove hard_header_len setting. I will set needed_headroom for bond/team in a separate patch as bridge has it's own ways. (Ido Schimmel) b) Add test file to Makefile, set RET=0 to a proper location. (Ido Schimmel) Hangbin Liu (5): net: add a common function to compute features from lowers devices bonding: use common function to compute the features team: use common function to compute the features net: bridge: use common function to compute the features selftests/net: add offload checking test for virtual interface drivers/net/bonding/bond_main.c | 99 +---------- drivers/net/team/team_core.c | 73 +------- include/linux/netdevice.h | 19 +++ net/bridge/br_if.c | 22 +-- net/core/dev.c | 76 +++++++++ tools/testing/selftests/net/Makefile | 1 + tools/testing/selftests/net/config | 2 + tools/testing/selftests/net/vdev_offload.sh | 176 ++++++++++++++++++++ 8 files changed, 285 insertions(+), 183 deletions(-) create mode 100755 tools/testing/selftests/net/vdev_offload.sh -- 2.50.1

5 days, 6 hours

3
14
0 0

[PATCH] selftests/bpf: Fix incorrect array size calculation

by Jiayuan Chen

Fix it by using ARRAY_SIZE. Signed-off-by: Jiayuan Chen <jiayuan.chen(a)linux.dev> Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org> Closes: https://lore.kernel.org/bpf/aLqfWuRR9R_KTe5e@stanley.mountain/ --- tools/testing/selftests/bpf/benchs/bench_sockmap.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/benchs/bench_sockmap.c b/tools/testing/selftests/bpf/benchs/bench_sockmap.c index 8ebf563a67a2..cfc072aa7fff 100644 --- a/tools/testing/selftests/bpf/benchs/bench_sockmap.c +++ b/tools/testing/selftests/bpf/benchs/bench_sockmap.c @@ -10,6 +10,7 @@ #include <argp.h> #include "bench.h" #include "bench_sockmap_prog.skel.h" +#include "bpf_util.h" #define FILE_SIZE (128 * 1024) #define DATA_REPEAT_SIZE 10 @@ -124,8 +125,8 @@ static void bench_sockmap_prog_destroy(void) { int i; - for (i = 0; i < sizeof(ctx.fds); i++) { - if (ctx.fds[0] > 0) + for (i = 0; i < ARRAY_SIZE(ctx.fds); i++) { + if (ctx.fds[i] > 0) close(ctx.fds[i]); } base-commit: 60ef54156148ffaa719845bc5b1fdeafa67763fc -- 2.43.0

5 days, 6 hours

2
1
0 0

[PATCH 0/5] KVM: Improve nested VMX performance

by Fred Griffoul

From: Fred Griffoul <griffoul(a)casper.infradead.org> This patch series addresses performance issues in nested VMX when handling unmanaged guest memory. Unmanaged guest memory refers to memory not directly mapped by the kernel (no struct page), such as memory passed with the mem= parameter or guest_memfd for non-Confidential Computing (CoCo) VMs. Current Problem: During nested VMX operations, the system frequently accesses specific guest pages during L2 VM entry/exit cycles. The current workflow: 1. kvm_vcpu_map() invokes memremap() for unmanaged memory. 2. The system either directly accesses mapped memory via nested VMX or passes it to the L2 guest through vmcs02. 3. kvm_vcpu_unmap() invokes memunmap() This repeated map/unmap cycle creates significant performance overhead due to expensive remapping operations. Solution approach: Our solution replaces kvm_host_map with gfn_to_pfn_cache in nested VMX. It addresses two distinct types of guest pages. First, we handle the L1 MSR bitmap page, which requires read-only access for folding L1 and L0 MSR bitmap. We implement this conversion to gfn_to_pfn_cache in patch 1. Second, we tackle system pages, including APIC access, virtual APIC, and posted interrupt descriptor pages. These pages are more complex as they're accessed by both nested VMX code _and_ passed to the L2 guest in vmcs02 fields. This requires to restore and complete the "guest-uses-pfn" support in pfncache through patches 2 and 3, followed by implementing kvm_host_map replacement with caches in patch 4. Testing: Patch 5 introduces a new selftest to verify cache invalidation and memslot update functionality. The changes are available in a git repository at: git://git.infradead.org/users/griffoul/linux.git tags/nvmx-gpc-v1 Suggested-by: dwmw(a)amazon.co.uk Fred Griffoul (5): KVM: nVMX: Implement cache for L1 MSR bitmap KVM: pfncache: Restore guest-uses-pfn support KVM: x86: Add nested state validation for pfncache support KVM: nVMX: Implement cache for L1 APIC pages KVM: selftests: Add nested VMX APIC cache invalidation test arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/vmx/nested.c | 213 +++++++++--- arch/x86/kvm/vmx/vmx.h | 10 +- arch/x86/kvm/x86.c | 14 +- include/linux/kvm_host.h | 34 +- include/linux/kvm_types.h | 1 + tools/testing/selftests/kvm/Makefile.kvm | 1 + .../selftests/kvm/x86/vmx_apic_update_test.c | 302 ++++++++++++++++++ virt/kvm/kvm_main.c | 3 +- virt/kvm/kvm_mm.h | 6 +- virt/kvm/pfncache.c | 43 ++- 11 files changed, 575 insertions(+), 53 deletions(-) create mode 100644 tools/testing/selftests/kvm/x86/vmx_apic_update_test.c -- 2.51.0

5 days, 11 hours

1
5
0 0

[PATCH] selftests/kvm: remove stale TODO in xapic_state_test

by Sukrut Heroorkar

The TODO about using the number of vCPUs instead of vcpu.id + 1 was already addressed by commit 376bc1b458c9 ("KVM: selftests: Don't assume vcpu->id is '0' in xAPIC state test"). The comment is now stale and can be removed. Signed-off-by: Sukrut Heroorkar <hsukrut3(a)gmail.com> --- tools/testing/selftests/kvm/x86/xapic_state_test.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/x86/xapic_state_test.c b/tools/testing/selftests/kvm/x86/xapic_state_test.c index fdebff1165c7..3b4814c55722 100644 --- a/tools/testing/selftests/kvm/x86/xapic_state_test.c +++ b/tools/testing/selftests/kvm/x86/xapic_state_test.c @@ -120,8 +120,8 @@ static void test_icr(struct xapic_vcpu *x) __test_icr(x, icr | i); /* - * Send all flavors of IPIs to non-existent vCPUs. TODO: use number of - * vCPUs, not vcpu.id + 1. Arbitrarily use vector 0xff. + * Send all flavors of IPIs to non-existent vCPUs. Arbitrarily use + * vector 0xff. */ icr = APIC_INT_ASSERT | 0xff; for (i = 0; i < 0xff; i++) { -- 2.43.0

5 days, 12 hours

1
0
0 0

[PATCH] selftests/kvm: Use vcpus count instead of hardcoded 0xff in test_icr

by Sukrut Heroorkar

Replace the hardcoded 0xff in test_icr() with the actual number of vcpus created for the vm. This address the existing TODO and keeps the test correct if it is ever run with multiple vcpus. Signed-off-by: Sukrut Heroorkar <hsukrut3(a)gmail.com> --- tools/testing/selftests/kvm/x86/xapic_state_test.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/x86/xapic_state_test.c b/tools/testing/selftests/kvm/x86/xapic_state_test.c index fdebff1165c7..4af36682503e 100644 --- a/tools/testing/selftests/kvm/x86/xapic_state_test.c +++ b/tools/testing/selftests/kvm/x86/xapic_state_test.c @@ -56,6 +56,17 @@ static void x2apic_guest_code(void) } while (1); } +static unsigned int vm_nr_vcpus(struct kvm_vm *vm) +{ + struct kvm_vcpu *vcpu; + unsigned int count = 0; + + list_for_each_entry(vcpu, &vm->vcpus, list) + count++; + + return count; +} + static void ____test_icr(struct xapic_vcpu *x, uint64_t val) { struct kvm_vcpu *vcpu = x->vcpu; @@ -124,7 +135,7 @@ static void test_icr(struct xapic_vcpu *x) * vCPUs, not vcpu.id + 1. Arbitrarily use vector 0xff. */ icr = APIC_INT_ASSERT | 0xff; - for (i = 0; i < 0xff; i++) { + for (i = 0; i < vm_nr_vcpus(vcpu->vm); i++) { if (i == vcpu->id) continue; for (j = 0; j < 8; j++) -- 2.43.0

5 days, 12 hours

3
2
0 0

Re: [syzbot] [net?] WARNING: suspicious RCU usage in corrupted (3)

by syzbot

syzbot suspects this issue was fixed by commit: commit 7f12c33850482521c961c5c15a50ebe9b9a88d1e Author: Charalampos Mitrodimas <charmitro(a)posteo.net> Date: Wed Jun 11 17:20:43 2025 +0000 net, bpf: Fix RCU usage in task_cls_state() for BPF programs bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13745562580000 start commit: 079e5c56a5c4 bpf: Fix error return value in bpf_copy_from_.. git tree: bpf-next kernel config: https://syzkaller.appspot.com/x/.config?x=c6c517d2f439239 dashboard link: https://syzkaller.appspot.com/bug?extid=9767c7ed68b95cfa69e6 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=114915f4580000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15566170580000 If the result looks correct, please mark the issue as fixed by replying with: #syz fix: net, bpf: Fix RCU usage in task_cls_state() for BPF programs For information about bisection process see: https://goo.gl/tpsmEJ#bisection

5 days, 12 hours

1
0
0 0

[PATCH net-next 1/2] selftests: net: make the dump test less sensitive to mem accounting

by Jakub Kicinski

Recent changes to make netlink socket memory accounting must have broken the implicit assumption of the netlink-dump test that we can fit exactly 64 dumps into the socket. Handle the failure mode properly, and increase the dump count to 80 to make sure we still run into the error condition if the default buffer size increases in the future. Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- tools/testing/selftests/net/netlink-dumps.c | 43 ++++++++++++++++----- 1 file changed, 33 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/net/netlink-dumps.c b/tools/testing/selftests/net/netlink-dumps.c index 07423f256f96..7618ebe528a4 100644 --- a/tools/testing/selftests/net/netlink-dumps.c +++ b/tools/testing/selftests/net/netlink-dumps.c @@ -31,9 +31,18 @@ struct ext_ack { const char *str; }; -/* 0: no done, 1: done found, 2: extack found, -1: error */ -static int nl_get_extack(char *buf, size_t n, struct ext_ack *ea) +enum get_ea_ret { + ERROR = -1, + NO_CTRL = 0, + FOUND_DONE, + FOUND_ERR, + FOUND_EXTACK, +}; + +static enum get_ea_ret +nl_get_extack(char *buf, size_t n, struct ext_ack *ea) { + enum get_ea_ret ret = NO_CTRL; const struct nlmsghdr *nlh; const struct nlattr *attr; ssize_t rem; @@ -41,15 +50,19 @@ static int nl_get_extack(char *buf, size_t n, struct ext_ack *ea) for (rem = n; rem > 0; NLMSG_NEXT(nlh, rem)) { nlh = (struct nlmsghdr *)&buf[n - rem]; if (!NLMSG_OK(nlh, rem)) - return -1; + return ERROR; - if (nlh->nlmsg_type != NLMSG_DONE) + if (nlh->nlmsg_type == NLMSG_ERROR) + ret = FOUND_ERR; + else if (nlh->nlmsg_type == NLMSG_DONE) + ret = FOUND_DONE; + else continue; ea->err = -*(int *)NLMSG_DATA(nlh); if (!(nlh->nlmsg_flags & NLM_F_ACK_TLVS)) - return 1; + return ret; ynl_attr_for_each(attr, nlh, sizeof(int)) { switch (ynl_attr_type(attr)) { @@ -68,10 +81,10 @@ static int nl_get_extack(char *buf, size_t n, struct ext_ack *ea) } } - return 2; + return FOUND_EXTACK; } - return 0; + return ret; } static const struct { @@ -99,9 +112,9 @@ static const struct { TEST(dump_extack) { int netlink_sock; + int i, cnt, ret; char buf[8192]; int one = 1; - int i, cnt; ssize_t n; netlink_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); @@ -118,7 +131,7 @@ TEST(dump_extack) ASSERT_EQ(n, 0); /* Dump so many times we fill up the buffer */ - cnt = 64; + cnt = 80; for (i = 0; i < cnt; i++) { n = send(netlink_sock, &dump_neigh_bad, sizeof(dump_neigh_bad), 0); @@ -140,10 +153,20 @@ TEST(dump_extack) } ASSERT_GE(n, (ssize_t)sizeof(struct nlmsghdr)); - EXPECT_EQ(nl_get_extack(buf, n, &ea), 2); + ret = nl_get_extack(buf, n, &ea); + /* Once we fill the buffer we'll see one ENOBUFS followed + * by a number of EBUSYs. Then the last recv() will finally + * trigger and complete the dump. + */ + if (ret == FOUND_ERR && (ea.err == ENOBUFS || ea.err == EBUSY)) + continue; + EXPECT_EQ(ret, FOUND_EXTACK); + EXPECT_EQ(ea.err, EINVAL); EXPECT_EQ(ea.attr_offs, sizeof(struct nlmsghdr) + sizeof(struct ndmsg)); } + /* Make sure last message was a full DONE+extack */ + EXPECT_EQ(ret, FOUND_EXTACK); } static const struct { -- 2.51.0

5 days, 13 hours

2
2
0 0

[PATCH v15 0/6] KVM: arm64: Provide guest support for GCS

by Mark Brown

The arm64 Guarded Control Stack (GCS) feature provides support for hardware protected stacks of return addresses, intended to provide hardening against return oriented programming (ROP) attacks and to make it easier to gather call stacks for applications such as profiling. When GCS is active a secondary stack called the Guarded Control Stack is maintained, protected with a memory attribute which means that it can only be written with specific GCS operations. The current GCS pointer can not be directly written to by userspace. When a BL is executed the value stored in LR is also pushed onto the GCS, and when a RET is executed the top of the GCS is popped and compared to LR with a fault being raised if the values do not match. GCS operations may only be performed on GCS pages, a data abort is generated if they are not. The combination of hardware enforcement and lack of extra instructions in the function entry and exit paths should result in something which has less overhead and is more difficult to attack than a purely software implementation like clang's shadow stacks. This series implements support for managing GCS for KVM guests, it also includes a fix for S1PIE which has also been sent separately as this feature is a dependency for GCS. It is based on: https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-next/gcs Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v15: - Rebase onto v6.17-rc1. - Link to v14: https://lore.kernel.org/r/20241005-arm64-gcs-v14-0-59060cd6092b@kernel.org Changes in v14: - Rebase onto arm64/for-next/gcs which includes all the non-KVM support. - Manage the fine grained traps for GCS instructions. - Manage PSTATE.EXLOCK when delivering exceptions to KVM guests. - Link to v13: https://lore.kernel.org/r/20241001-arm64-gcs-v13-0-222b78d87eee@kernel.org Changes in v13: - Rebase onto v6.12-rc1. - Allocate VM_HIGH_ARCH_6 since protection keys used all the existing bits. - Implement mm_release() and free transparently allocated GCSs there. - Use bit 32 of AT_HWCAP for GCS due to AT_HWCAP2 being filled. - Since we now only set GCSCRE0_EL1 on change ensure that it is initialised with GCSPR_EL0 accessible to EL0. - Fix OOM handling on thread copy. - Link to v12: https://lore.kernel.org/r/20240829-arm64-gcs-v12-0-42fec947436a@kernel.org Changes in v12: - Clarify and simplify the signal handling code so we work with the register state. - When checking for write aborts to shadow stack pages ensure the fault is a data abort. - Depend on !UPROBES. - Comment cleanups. - Link to v11: https://lore.kernel.org/r/20240822-arm64-gcs-v11-0-41b81947ecb5@kernel.org Changes in v11: - Remove the dependency on the addition of clone3() support for shadow stacks, rebasing onto v6.11-rc3. - Make ID_AA64PFR1_EL1.GCS writeable in KVM. - Hide GCS registers when GCS is not enabled for KVM guests. - Require HCRX_EL2.GCSEn if booting at EL1. - Require that GCSCR_EL1 and GCSCRE0_EL1 be initialised regardless of if we boot at EL2 or EL1. - Remove some stray use of bit 63 in signal cap tokens. - Warn if we see a GCS with VM_SHARED. - Remove rdundant check for VM_WRITE in fault handling. - Cleanups and clarifications in the ABI document. - Clean up and improve documentation of some sync placement. - Only set the EL0 GCS mode if it's actually changed. - Various minor fixes and tweaks. - Link to v10: https://lore.kernel.org/r/20240801-arm64-gcs-v10-0-699e2bd2190b@kernel.org Changes in v10: - Fix issues with THP. - Tighten up requirements for initialising GCSCR*. - Only generate GCS signal frames for threads using GCS. - Only context switch EL1 GCS registers if S1PIE is enabled. - Move context switch of GCSCRE0_EL1 to EL0 context switch. - Make GCS registers unconditionally visible to userspace. - Use FHU infrastructure. - Don't change writability of ID_AA64PFR1_EL1 for KVM. - Remove unused arguments from alloc_gcs(). - Typo fixes. - Link to v9: https://lore.kernel.org/r/20240625-arm64-gcs-v9-0-0f634469b8f0@kernel.org Changes in v9: - Rebase onto v6.10-rc3. - Restructure and clarify memory management fault handling. - Fix up basic-gcs for the latest clone3() changes. - Convert to newly merged KVM ID register based feature configuration. - Fixes for NV traps. - Link to v8: https://lore.kernel.org/r/20240203-arm64-gcs-v8-0-c9fec77673ef@kernel.org Changes in v8: - Invalidate signal cap token on stack when consuming. - Typo and other trivial fixes. - Don't try to use process_vm_write() on GCS, it intentionally does not work. - Fix leak of thread GCSs. - Rebase onto latest clone3() series. - Link to v7: https://lore.kernel.org/r/20231122-arm64-gcs-v7-0-201c483bd775@kernel.org Changes in v7: - Rebase onto v6.7-rc2 via the clone3() patch series. - Change the token used to cap the stack during signal handling to be compatible with GCSPOPM. - Fix flags for new page types. - Fold in support for clone3(). - Replace copy_to_user_gcs() with put_user_gcs(). - Link to v6: https://lore.kernel.org/r/20231009-arm64-gcs-v6-0-78e55deaa4dd@kernel.org Changes in v6: - Rebase onto v6.6-rc3. - Add some more gcsb_dsync() barriers following spec clarifications. - Due to ongoing discussion around clone()/clone3() I've not updated anything there, the behaviour is the same as on previous versions. - Link to v5: https://lore.kernel.org/r/20230822-arm64-gcs-v5-0-9ef181dd6324@kernel.org Changes in v5: - Don't map any permissions for user GCSs, we always use EL0 accessors or use a separate mapping of the page. - Reduce the standard size of the GCS to RLIMIT_STACK/2. - Enforce a PAGE_SIZE alignment requirement on map_shadow_stack(). - Clarifications and fixes to documentation. - More tests. - Link to v4: https://lore.kernel.org/r/20230807-arm64-gcs-v4-0-68cfa37f9069@kernel.org Changes in v4: - Implement flags for map_shadow_stack() allowing the cap and end of stack marker to be enabled independently or not at all. - Relax size and alignment requirements for map_shadow_stack(). - Add more blurb explaining the advantages of hardware enforcement. - Link to v3: https://lore.kernel.org/r/20230731-arm64-gcs-v3-0-cddf9f980d98@kernel.org Changes in v3: - Rebase onto v6.5-rc4. - Add a GCS barrier on context switch. - Add a GCS stress test. - Link to v2: https://lore.kernel.org/r/20230724-arm64-gcs-v2-0-dc2c1d44c2eb@kernel.org Changes in v2: - Rebase onto v6.5-rc3. - Rework prctl() interface to allow each bit to be locked independently. - map_shadow_stack() now places the cap token based on the size requested by the caller not the actual space allocated. - Mode changes other than enable via ptrace are now supported. - Expand test coverage. - Various smaller fixes and adjustments. - Link to v1: https://lore.kernel.org/r/20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org --- Mark Brown (6): arm64/gcs: Ensure FGTs for EL1 GCS instructions are disabled KVM: arm64: Manage GCS access and registers for guests KVM: arm64: Forward GCS exceptions to nested guests KVM: arm64: Set PSTATE.EXLOCK when entering an exception KVM: arm64: Allow GCS to be enabled for guests KVM: selftests: arm64: Add GCS registers to get-reg-list arch/arm64/include/asm/el2_setup.h | 4 +++ arch/arm64/include/asm/kvm_emulate.h | 3 ++ arch/arm64/include/asm/kvm_host.h | 14 +++++++++ arch/arm64/include/asm/vncr_mapping.h | 2 ++ arch/arm64/include/uapi/asm/ptrace.h | 1 + arch/arm64/kvm/handle_exit.c | 14 +++++++-- arch/arm64/kvm/hyp/exception.c | 37 ++++++++++++++++++++++++ arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 31 ++++++++++++++++++++ arch/arm64/kvm/hyp/vhe/sysreg-sr.c | 10 +++++++ arch/arm64/kvm/sys_regs.c | 32 ++++++++++++++++++-- tools/testing/selftests/kvm/arm64/get-reg-list.c | 12 ++++++++ 11 files changed, 155 insertions(+), 5 deletions(-) --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20230303-arm64-gcs-e311ab0d8729 Best regards, -- Mark Brown <broonie(a)kernel.org>

5 days, 14 hours

2
17
0 0

Re: [PATCH 5/9] KVM: selftests: Prevent PAGE_SIZE redefinition on x86

by Sean Christopherson

+lists Please keep discussions on-list unless there's something that can't/shouldn't be posted publicly, e.g. for confidentiality or security reasons. On Tue, Sep 02, 2025, Faruqui, Aqib wrote: > I suppose a fix for blindly using PAGE_SIZE in subsequent macros: > > #ifdef PAGE_SIZE > #undef PAGE_SIZE > #endif > #define PAGE_SIZE (1ULL << PAGE_SHIFT) > > Is no better and is instead blindly suppressing the compiler's redefinition warning. > > I'm having trouble finding what causes the conflict, any advice here? Maybe try a newer compiler? E.g. gcc-14.2 will spit out the exact location of the previous definition. In file included from include/x86/svm_util.h:13, from include/x86/sev.h:15, from lib/x86/sev.c:5: include/x86/processor.h:373:9: error: "PAGE_SIZE" redefined [-Werror] 373 | #define PAGE_SIZE (1ULL << PAGE_SHIFT) | ^~~~~~~~~ include/x86/processor.h:370:9: note: this is the location of the previous definition 370 | #define PAGE_SIZE BIT(12) | ^~~~~~~~~

5 days, 14 hours

2
2
0 0

[PATCH] selftests/filesystems: Use return value of the function 'chdir()'

by Alessandro Zanni

Fix to use the return value of the function 'chdir("/")' and check if the return is either 0 (ok) or 1 (not ok, so the test stops). The patch fies the solves the following errors: mount-notify_test.c:468:17: warning: ignoring return value of ‘chdir’ declared with attribute ‘warn_unused_result’ [-Wunused-result] 468 | chdir("/"); mount-notify_test_ns.c:489:17: warning: ignoring return value of ‘chdir’ declared with attribute ‘warn_unused_result’ [-Wunused- result] 489 | chdir("/"); To reproduce the issue, use the command: make kselftest TARGET=filesystems/statmount Signed-off-by: Alessandro Zanni <alessandro.zanni87(a)gmail.com> Reviewed-by: Jan Kara <jack(a)suse.cz> --- .../selftests/filesystems/mount-notify/mount-notify_test.c | 2 +- .../selftests/filesystems/mount-notify/mount-notify_test_ns.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c index 5a3b0ace1a88..a7f899599d52 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c @@ -458,7 +458,7 @@ TEST_F(fanotify, rmdir) ASSERT_GE(ret, 0); if (ret == 0) { - chdir("/"); + ASSERT_EQ(0, chdir("/")); unshare(CLONE_NEWNS); mount("", "/", NULL, MS_REC|MS_PRIVATE, NULL); umount2("/a", MNT_DETACH); diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c index d91946e69591..dc9eb3087a1a 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c @@ -486,7 +486,7 @@ TEST_F(fanotify, rmdir) ASSERT_GE(ret, 0); if (ret == 0) { - chdir("/"); + ASSERT_EQ(0, chdir("/")); unshare(CLONE_NEWNS); mount("", "/", NULL, MS_REC|MS_PRIVATE, NULL); umount2("/a", MNT_DETACH); -- 2.43.0

5 days, 15 hours

1
0
0 0

[PATCH] selftests/filesystems: Use return value of the function 'chdir()'

by Alessandro Zanni

Fix to use the return value of the function 'chdir("/")' and check if the return is either 0 (ok) or 1 (not ok, so the test stops). The patch fies the solves the following errors: mount-notify_test.c:468:17: warning: ignoring return value of ‘chdir’ declared with attribute ‘warn_unused_result’ [-Wunused-result] 468 | chdir("/"); mount-notify_test_ns.c:489:17: warning: ignoring return value of ‘chdir’ declared with attribute ‘warn_unused_result’ [-Wunused- result] 489 | chdir("/"); To reproduce the issue, use the command: make kselftest TARGET=filesystems/statmount Signed-off-by: Alessandro Zanni <alessandro.zanni87(a)gmail.com> --- .../selftests/filesystems/mount-notify/mount-notify_test.c | 2 +- .../selftests/filesystems/mount-notify/mount-notify_test_ns.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c index 5a3b0ace1a88..a7f899599d52 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c @@ -458,7 +458,7 @@ TEST_F(fanotify, rmdir) ASSERT_GE(ret, 0); if (ret == 0) { - chdir("/"); + ASSERT_EQ(0, chdir("/")); unshare(CLONE_NEWNS); mount("", "/", NULL, MS_REC|MS_PRIVATE, NULL); umount2("/a", MNT_DETACH); diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c index d91946e69591..dc9eb3087a1a 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c @@ -486,7 +486,7 @@ TEST_F(fanotify, rmdir) ASSERT_GE(ret, 0); if (ret == 0) { - chdir("/"); + ASSERT_EQ(0, chdir("/")); unshare(CLONE_NEWNS); mount("", "/", NULL, MS_REC|MS_PRIVATE, NULL); umount2("/a", MNT_DETACH); -- 2.43.0

5 days, 15 hours

1
0
0 0

[PATCH v3 bpf-next] selftests/bpf: Fix the issue where the error code is 0

by Feng Yang

From: Feng Yang <yangfeng(a)kylinos.cn> The error message printed here only uses the previous err value, which results in it being printed as 0. When bpf_map__attach_struct_ops encounters an error, it uses libbpf_err_ptr(err) to set errno = -err and returns NULL. Therefore, Using -errno can fix this issue. Fix before: run_subtest:FAIL:1019 bpf_map__attach_struct_ops failed for map pro_epilogue: err=0 Fix after: run_subtest:FAIL:1019 bpf_map__attach_struct_ops failed for map pro_epilogue: err=-9 Signed-off-by: Feng Yang <yangfeng(a)kylinos.cn> --- Changes in v3: - Use -errno here directly, thanks: Andrii Nakryiko. - Link to v2: https://lore.kernel.org/all/20250829014125.198653-1-yangfeng59949@163.com/ --- Changes in v2: - Use libbpf_get_error, thanks: Alexei Starovoitov. - Link to v1: https://lore.kernel.org/all/20250828081507.1380218-1-yangfeng59949@163.com/ --- tools/testing/selftests/bpf/test_loader.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/bpf/test_loader.c b/tools/testing/selftests/bpf/test_loader.c index 78423cf89e01..33d59c093a27 100644 --- a/tools/testing/selftests/bpf/test_loader.c +++ b/tools/testing/selftests/bpf/test_loader.c @@ -1083,7 +1083,7 @@ void run_subtest(struct test_loader *tester, link = bpf_map__attach_struct_ops(map); if (!link) { PRINT_FAIL("bpf_map__attach_struct_ops failed for map %s: err=%d\n", - bpf_map__name(map), err); + bpf_map__name(map), -errno); goto tobj_cleanup; } links[links_cnt++] = link; -- 2.25.1

5 days, 16 hours

2
1
0 0

[PATCH RFC 00/35] mm: remove nth_page()

by David Hildenbrand

This is based on mm-unstable and was cross-compiled heavily. I should probably have already dropped the RFC label but I want to hear first if I ignored some corner case (SG entries?) and I need to do at least a bit more testing. I will only CC non-MM folks on the cover letter and the respective patch to not flood too many inboxes (the lists receive all patches). --- As discussed recently with Linus, nth_page() is just nasty and we would like to remove it. To recap, the reason we currently need nth_page() within a folio is because on some kernel configs (SPARSEMEM without SPARSEMEM_VMEMMAP), the memmap is allocated per memory section. While buddy allocations cannot cross memory section boundaries, hugetlb and dax folios can. So crossing a memory section means that "page++" could do the wrong thing. Instead, nth_page() on these problematic configs always goes from page->pfn, to the go from (++pfn)->page, which is rather nasty. Likely, many people have no idea when nth_page() is required and when it might be dropped. We refer to such problematic PFN ranges and "non-contiguous pages". If we only deal with "contiguous pages", there is not need for nth_page(). Besides that "obvious" folio case, we might end up using nth_page() within CMA allocations (again, could span memory sections), and in one corner case (kfence) when processing memblock allocations (again, could span memory sections). So let's handle all that, add sanity checks, and remove nth_page(). Patch #1 -> #5 : stop making SPARSEMEM_VMEMMAP user-selectable + cleanups Patch #6 -> #12 : disallow folios to have non-contiguous pages Patch #13 -> #20 : remove nth_page() usage within folios Patch #21 : disallow CMA allocations of non-contiguous pages Patch #22 -> #31 : sanity+check + remove nth_page() usage within SG entry Patch #32 : sanity-check + remove nth_page() usage in unpin_user_page_range_dirty_lock() Patch #33 : remove nth_page() in kfence Patch #34 : adjust stale comment regarding nth_page Patch #35 : mm: remove nth_page() A lot of this is inspired from the discussion at [1] between Linus, Jason and me, so cudos to them. [1] https://lore.kernel.org/all/CAHk-=wiCYfNp4AJLBORU-c7ZyRBUp66W2-Et6cdQ4REx-G… Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Jason Gunthorpe <jgg(a)nvidia.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Marek Szyprowski <m.szyprowski(a)samsung.com> Cc: Robin Murphy <robin.murphy(a)arm.com> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Marco Elver <elver(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Brendan Jackman <jackmanb(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Zi Yan <ziy(a)nvidia.com> Cc: Dennis Zhou <dennis(a)kernel.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: Christoph Lameter <cl(a)gentwo.org> Cc: Muchun Song <muchun.song(a)linux.dev> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: x86(a)kernel.org Cc: linux-arm-kernel(a)lists.infradead.org Cc: linux-mips(a)vger.kernel.org Cc: linux-s390(a)vger.kernel.org Cc: linux-crypto(a)vger.kernel.org Cc: linux-ide(a)vger.kernel.org Cc: intel-gfx(a)lists.freedesktop.org Cc: dri-devel(a)lists.freedesktop.org Cc: linux-mmc(a)vger.kernel.org Cc: linux-arm-kernel(a)axis.com Cc: linux-scsi(a)vger.kernel.org Cc: kvm(a)vger.kernel.org Cc: virtualization(a)lists.linux.dev Cc: linux-mm(a)kvack.org Cc: io-uring(a)vger.kernel.org Cc: iommu(a)lists.linux.dev Cc: kasan-dev(a)googlegroups.com Cc: wireguard(a)lists.zx2c4.com Cc: netdev(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org Cc: linux-riscv(a)lists.infradead.org David Hildenbrand (35): mm: stop making SPARSEMEM_VMEMMAP user-selectable arm64: Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" s390/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" x86/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" wireguard: selftests: remove CONFIG_SPARSEMEM_VMEMMAP=y from qemu kernel config mm/page_alloc: reject unreasonable folio/compound page sizes in alloc_contig_range_noprof() mm/memremap: reject unreasonable folio/compound page sizes in memremap_pages() mm/hugetlb: check for unreasonable folio sizes when registering hstate mm/mm_init: make memmap_init_compound() look more like prep_compound_page() mm/hugetlb: cleanup hugetlb_folio_init_tail_vmemmap() mm: sanity-check maximum folio size in folio_set_order() mm: limit folio/compound page sizes in problematic kernel configs mm: simplify folio_page() and folio_page_idx() mm/mm/percpu-km: drop nth_page() usage within single allocation fs: hugetlbfs: remove nth_page() usage within folio in adjust_range_hwpoison() mm/pagewalk: drop nth_page() usage within folio in folio_walk_start() mm/gup: drop nth_page() usage within folio when recording subpages io_uring/zcrx: remove "struct io_copy_cache" and one nth_page() usage io_uring/zcrx: remove nth_page() usage within folio mips: mm: convert __flush_dcache_pages() to __flush_dcache_folio_pages() mm/cma: refuse handing out non-contiguous page ranges dma-remap: drop nth_page() in dma_common_contiguous_remap() scatterlist: disallow non-contigous page ranges in a single SG entry ata: libata-eh: drop nth_page() usage within SG entry drm/i915/gem: drop nth_page() usage within SG entry mspro_block: drop nth_page() usage within SG entry memstick: drop nth_page() usage within SG entry mmc: drop nth_page() usage within SG entry scsi: core: drop nth_page() usage within SG entry vfio/pci: drop nth_page() usage within SG entry crypto: remove nth_page() usage within SG entry mm/gup: drop nth_page() usage in unpin_user_page_range_dirty_lock() kfence: drop nth_page() usage block: update comment of "struct bio_vec" regarding nth_page() mm: remove nth_page() arch/arm64/Kconfig | 1 - arch/mips/include/asm/cacheflush.h | 11 +++-- arch/mips/mm/cache.c | 8 ++-- arch/s390/Kconfig | 1 - arch/x86/Kconfig | 1 - crypto/ahash.c | 4 +- crypto/scompress.c | 8 ++-- drivers/ata/libata-sff.c | 6 +-- drivers/gpu/drm/i915/gem/i915_gem_pages.c | 2 +- drivers/memstick/core/mspro_block.c | 3 +- drivers/memstick/host/jmb38x_ms.c | 3 +- drivers/memstick/host/tifm_ms.c | 3 +- drivers/mmc/host/tifm_sd.c | 4 +- drivers/mmc/host/usdhi6rol0.c | 4 +- drivers/scsi/scsi_lib.c | 3 +- drivers/scsi/sg.c | 3 +- drivers/vfio/pci/pds/lm.c | 3 +- drivers/vfio/pci/virtio/migrate.c | 3 +- fs/hugetlbfs/inode.c | 25 ++++------ include/crypto/scatterwalk.h | 4 +- include/linux/bvec.h | 7 +-- include/linux/mm.h | 48 +++++++++++++++---- include/linux/page-flags.h | 5 +- include/linux/scatterlist.h | 4 +- io_uring/zcrx.c | 34 ++++--------- kernel/dma/remap.c | 2 +- mm/Kconfig | 3 +- mm/cma.c | 36 +++++++++----- mm/gup.c | 13 +++-- mm/hugetlb.c | 23 ++++----- mm/internal.h | 1 + mm/kfence/core.c | 17 ++++--- mm/memremap.c | 3 ++ mm/mm_init.c | 13 ++--- mm/page_alloc.c | 5 +- mm/pagewalk.c | 2 +- mm/percpu-km.c | 2 +- mm/util.c | 33 +++++++++++++ tools/testing/scatterlist/linux/mm.h | 1 - .../selftests/wireguard/qemu/kernel.config | 1 - 40 files changed, 203 insertions(+), 150 deletions(-) base-commit: c0e3b3f33ba7b767368de4afabaf7c1ddfdc3872 -- 2.50.1

5 days, 16 hours

14
90
0 0

[PATCH v2] selftests/arm64: Fix grammatical error in string literals

by Nikola Z. Ivanov

Fix grammatical error in <past tense verb> + <infinitive> construct related to memory allocation checks. In essence change "Failed to allocated" to "Failed to allocate". Signed-off-by: Nikola Z. Ivanov <zlatistiv(a)gmail.com> --- Changes in v2: - More descriptive commit message Original title is "Fix typos in malloc return value check" tools/testing/selftests/arm64/fp/fp-stress.c | 2 +- tools/testing/selftests/arm64/fp/kernel-test.c | 4 ++-- tools/testing/selftests/arm64/gcs/gcs-stress.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fp-stress.c b/tools/testing/selftests/arm64/fp/fp-stress.c index 74e23208b94c..ddc01efea3f9 100644 --- a/tools/testing/selftests/arm64/fp/fp-stress.c +++ b/tools/testing/selftests/arm64/fp/fp-stress.c @@ -549,7 +549,7 @@ int main(int argc, char **argv) evs = calloc(tests, sizeof(*evs)); if (!evs) - ksft_exit_fail_msg("Failed to allocated %d epoll events\n", + ksft_exit_fail_msg("Failed to allocate %d epoll events\n", tests); for (i = 0; i < cpus; i++) { diff --git a/tools/testing/selftests/arm64/fp/kernel-test.c b/tools/testing/selftests/arm64/fp/kernel-test.c index e3cec3723ffa..0c40007d1282 100644 --- a/tools/testing/selftests/arm64/fp/kernel-test.c +++ b/tools/testing/selftests/arm64/fp/kernel-test.c @@ -188,13 +188,13 @@ static bool create_socket(void) ref = malloc(digest_len); if (!ref) { - printf("Failed to allocated %d byte reference\n", digest_len); + printf("Failed to allocate %d byte reference\n", digest_len); return false; } digest = malloc(digest_len); if (!digest) { - printf("Failed to allocated %d byte digest\n", digest_len); + printf("Failed to allocate %d byte digest\n", digest_len); return false; } diff --git a/tools/testing/selftests/arm64/gcs/gcs-stress.c b/tools/testing/selftests/arm64/gcs/gcs-stress.c index bbc7f4950c13..cf316d78ea97 100644 --- a/tools/testing/selftests/arm64/gcs/gcs-stress.c +++ b/tools/testing/selftests/arm64/gcs/gcs-stress.c @@ -433,7 +433,7 @@ int main(int argc, char **argv) evs = calloc(tests, sizeof(*evs)); if (!evs) - ksft_exit_fail_msg("Failed to allocated %d epoll events\n", + ksft_exit_fail_msg("Failed to allocate %d epoll events\n", tests); for (i = 0; i < gcs_threads; i++) -- 2.50.1

5 days, 17 hours

4
3
0 0

[PATCH 0/3] kselftest/arm64: Cleanups and readability fixes

by vivekyadav1207731111＠gmail.com

From: Vivek Yadav <vivekyadav1207731111(a)gmail.com> Hi all, This small series makes cosmetic style cleanups in the arm64 kselftests to improve readability and suppress checkpatch warnings. These changes are purely cosmetic and do not affect functionality. Changes in this series: * Suppress unnecessary checkpatch warning in a comment * Add parentheses around sizeof for clarity * Remove redundant blank line --- Vivek Yadav (3): kselftest/arm64: Remove extra blank line kselftest/arm64: Supress warning and improve readability kselftest/arm64: Add parentheses around sizeof for clarity tools/testing/selftests/arm64/abi/hwcap.c | 1 - tools/testing/selftests/arm64/bti/assembler.h | 1 - tools/testing/selftests/arm64/fp/fp-ptrace.c | 1 - tools/testing/selftests/arm64/fp/fp-stress.c | 4 ++-- tools/testing/selftests/arm64/fp/sve-ptrace.c | 2 +- tools/testing/selftests/arm64/fp/vec-syscfg.c | 1 - tools/testing/selftests/arm64/fp/zt-ptrace.c | 1 - tools/testing/selftests/arm64/gcs/gcs-locking.c | 1 - 8 files changed, 3 insertions(+), 9 deletions(-) -- 2.25.1

5 days, 17 hours

2
4
0 0

[PATCH v2] selftests: arm64: Fix -Waddress warning in tpidr2 test

by Bala-Vignesh-Reddy

Resolve compiler warning about always true condition in ksft_test_result in tpidr2, passing actual function. This silences -Waddress warning while maintaining test functionality. Fixes compiler warning (similar for other functions): warning: the address of 'write_read' will always evaluate as 'true' [-Waddress] Fixes: 6d80cb73131d ("kselftest/arm64: Convert tpidr2 test to use kselftest.h") Signed-off-by: Bala-Vignesh-Reddy <reddybalavignesh9979(a)gmail.com> --- tools/testing/selftests/arm64/abi/tpidr2.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/arm64/abi/tpidr2.c b/tools/testing/selftests/arm64/abi/tpidr2.c index f58a9f89b952..4c89ab0f1010 100644 --- a/tools/testing/selftests/arm64/abi/tpidr2.c +++ b/tools/testing/selftests/arm64/abi/tpidr2.c @@ -227,10 +227,10 @@ int main(int argc, char **argv) ret = open("/proc/sys/abi/sme_default_vector_length", O_RDONLY, 0); if (ret >= 0) { ksft_test_result(default_value(), "default_value\n"); - ksft_test_result(write_read, "write_read\n"); - ksft_test_result(write_sleep_read, "write_sleep_read\n"); - ksft_test_result(write_fork_read, "write_fork_read\n"); - ksft_test_result(write_clone_read, "write_clone_read\n"); + ksft_test_result(write_read(), "write_read\n"); + ksft_test_result(write_sleep_read(), "write_sleep_read\n"); + ksft_test_result(write_fork_read(), "write_fork_read\n"); + ksft_test_result(write_clone_read(), "write_clone_read\n"); } else { ksft_print_msg("SME support not present\n"); -- 2.43.0

5 days, 17 hours

4
3
0 0

[PATCH] selftests: arm64: Check fread return value in exec_target

by Bala-Vignesh-Reddy

Fix -Wunused-result warning generated when compiled with gcc 13.3.0, by checking fread's return value and handling errors, preventing potential failures when reading from stdin. Fixes compiler warning: warning: ignoring return value of 'fread' declared with attribute 'warn_unused_result' [-Wunused-result] Fixes: 806a15b2545e ("kselftests/arm64: add PAuth test for whether exec() changes keys") Signed-off-by: Bala-Vignesh-Reddy <reddybalavignesh9979(a)gmail.com> --- tools/testing/selftests/arm64/pauth/exec_target.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/arm64/pauth/exec_target.c b/tools/testing/selftests/arm64/pauth/exec_target.c index 4435600ca400..c22db59194eb 100644 --- a/tools/testing/selftests/arm64/pauth/exec_target.c +++ b/tools/testing/selftests/arm64/pauth/exec_target.c @@ -13,7 +13,12 @@ int main(void) unsigned long hwcaps; size_t val; - fread(&val, sizeof(size_t), 1, stdin); + size_t size = fread(&val, sizeof(size_t), 1, stdin); + + if (size != 1) { + fprintf(stderr, "Could not read input from stdin\n"); + return -1; + } /* don't try to execute illegal (unimplemented) instructions) caller * should have checked this and keep worker simple -- 2.43.0

5 days, 17 hours

3
4
0 0

[PATCH 0/2] kselftest/arm64/gcs: Cleanups for basic-gcs.c

by Thomas Weißschuh

Two small cleanups. Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net> --- Thomas Weißschuh (2): kselftest/arm64/gcs: Correctly check return value when disabling GCS kselftest/arm64/gcs: Use nolibc's getauxval() tools/testing/selftests/arm64/gcs/basic-gcs.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250821-nolibc-gcs-fixes-11cf7585bb74 Best regards, -- Thomas Weißschuh <linux(a)weissschuh.net>

5 days, 17 hours

3
5
0 0

[PATCH] kselftest/arm64: Log error codes in sve-ptrace

by Mark Brown

Use ksft_perror() to report error codes from failing ptrace operations to make it easier to interpret logs when things go wrong. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/arm64/fp/sve-ptrace.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/sve-ptrace.c b/tools/testing/selftests/arm64/fp/sve-ptrace.c index b22303778fb0..4cba3bcff660 100644 --- a/tools/testing/selftests/arm64/fp/sve-ptrace.c +++ b/tools/testing/selftests/arm64/fp/sve-ptrace.c @@ -95,19 +95,27 @@ static int do_child(void) static int get_fpsimd(pid_t pid, struct user_fpsimd_state *fpsimd) { struct iovec iov; + int ret; iov.iov_base = fpsimd; iov.iov_len = sizeof(*fpsimd); - return ptrace(PTRACE_GETREGSET, pid, NT_PRFPREG, &iov); + ret = ptrace(PTRACE_GETREGSET, pid, NT_PRFPREG, &iov); + if (ret == -1) + ksft_perror("ptrace(PTRACE_GETREGSET)"); + return ret; } static int set_fpsimd(pid_t pid, struct user_fpsimd_state *fpsimd) { struct iovec iov; + int ret; iov.iov_base = fpsimd; iov.iov_len = sizeof(*fpsimd); - return ptrace(PTRACE_SETREGSET, pid, NT_PRFPREG, &iov); + ret = ptrace(PTRACE_SETREGSET, pid, NT_PRFPREG, &iov); + if (ret == -1) + ksft_perror("ptrace(PTRACE_SETREGSET)"); + return ret; } static struct user_sve_header *get_sve(pid_t pid, const struct vec_type *type, @@ -117,6 +125,7 @@ static struct user_sve_header *get_sve(pid_t pid, const struct vec_type *type, void *p; size_t sz = sizeof *sve; struct iovec iov; + int ret; while (1) { if (*size < sz) { @@ -132,8 +141,11 @@ static struct user_sve_header *get_sve(pid_t pid, const struct vec_type *type, iov.iov_base = *buf; iov.iov_len = sz; - if (ptrace(PTRACE_GETREGSET, pid, type->regset, &iov)) + ret = ptrace(PTRACE_GETREGSET, pid, type->regset, &iov); + if (ret) { + ksft_perror("ptrace(PTRACE_GETREGSET)"); goto error; + } sve = *buf; if (sve->size <= sz) @@ -152,10 +164,14 @@ static int set_sve(pid_t pid, const struct vec_type *type, const struct user_sve_header *sve) { struct iovec iov; + int ret; iov.iov_base = (void *)sve; iov.iov_len = sve->size; - return ptrace(PTRACE_SETREGSET, pid, type->regset, &iov); + ret = ptrace(PTRACE_SETREGSET, pid, type->regset, &iov); + if (ret == -1) + ksft_perror("ptrace(PTRACE_SETREGSET)"); + return ret; } /* Validate setting and getting the inherit flag */ --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250808-arm64-fp-ptrace-perror-210bb7f93c7c Best regards, -- Mark Brown <broonie(a)kernel.org>

5 days, 17 hours

2
1
0 0

[PATCH] selftests/filesystems: Use return value of the function 'chdir()'

by Alessandro Zanni

Fix to use the return value of the function 'chdir("/")' and check if the return is either 0 (ok) or 1 (not ok, so the test stops). The patch fies the solves the following errors: mount-notify_test.c:468:17: warning: ignoring return value of ‘chdir’ declared with attribute ‘warn_unused_result’ [-Wunused-result] 468 | chdir("/"); mount-notify_test_ns.c:489:17: warning: ignoring return value of ‘chdir’ declared with attribute ‘warn_unused_result’ [-Wunused- result] 489 | chdir("/"); To reproduce the issue, use the command: make kselftest TARGET=filesystems/statmount Signed-off-by: Alessandro Zanni <alessandro.zanni87(a)gmail.com> --- .../selftests/filesystems/mount-notify/mount-notify_test.c | 2 +- .../selftests/filesystems/mount-notify/mount-notify_test_ns.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c index 5a3b0ace1a88..a7f899599d52 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c @@ -458,7 +458,7 @@ TEST_F(fanotify, rmdir) ASSERT_GE(ret, 0); if (ret == 0) { - chdir("/"); + ASSERT_EQ(0, chdir("/")); unshare(CLONE_NEWNS); mount("", "/", NULL, MS_REC|MS_PRIVATE, NULL); umount2("/a", MNT_DETACH); diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c index d91946e69591..dc9eb3087a1a 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c @@ -486,7 +486,7 @@ TEST_F(fanotify, rmdir) ASSERT_GE(ret, 0); if (ret == 0) { - chdir("/"); + ASSERT_EQ(0, chdir("/")); unshare(CLONE_NEWNS); mount("", "/", NULL, MS_REC|MS_PRIVATE, NULL); umount2("/a", MNT_DETACH); -- 2.43.0

5 days, 19 hours

2
1
0 0

[PATCH net-next v2] selftests: forwarding: Reorder arguments to obey POSIX getopt

by David Yang

Quoted from musl wiki: GNU getopt permutes argv to pull options to the front, ahead of non-option arguments. musl and the POSIX standard getopt stop processing options at the first non-option argument with no permutation. Thus these scripts stop working on musl since non-option arguments do not always come last. Fix it by reordering arguments. Signed-off-by: David Yang <mmyangfl(a)gmail.com> v1: https://lore.kernel.org/r/20250905173947.3164807-1-mmyangfl@gmail.com - fix CI errors --- .../selftests/net/forwarding/bridge_igmp.sh | 26 ++--- .../net/forwarding/bridge_locked_port.sh | 10 +- .../selftests/net/forwarding/bridge_mdb.sh | 54 ++++----- .../net/forwarding/bridge_mdb_max.sh | 16 +-- .../selftests/net/forwarding/bridge_mld.sh | 26 ++--- .../net/forwarding/bridge_sticky_fdb.sh | 2 +- .../net/forwarding/bridge_vlan_aware.sh | 8 +- .../net/forwarding/bridge_vlan_mcast.sh | 4 +- .../net/forwarding/custom_multipath_hash.sh | 34 +++--- .../forwarding/gre_custom_multipath_hash.sh | 34 +++--- .../net/forwarding/gre_inner_v4_multipath.sh | 4 +- .../net/forwarding/gre_inner_v6_multipath.sh | 4 +- .../selftests/net/forwarding/gre_multipath.sh | 4 +- .../net/forwarding/gre_multipath_nh.sh | 8 +- .../net/forwarding/gre_multipath_nh_res.sh | 8 +- .../net/forwarding/ip6_forward_instats_vrf.sh | 6 +- .../ip6gre_custom_multipath_hash.sh | 34 +++--- .../forwarding/ip6gre_inner_v4_multipath.sh | 4 +- .../forwarding/ip6gre_inner_v6_multipath.sh | 4 +- .../selftests/net/forwarding/ip6gre_lib.sh | 8 +- tools/testing/selftests/net/forwarding/lib.sh | 24 ++-- .../forwarding/mirror_gre_bridge_1q_lag.sh | 2 +- .../forwarding/mirror_gre_vlan_bridge_1q.sh | 4 +- .../selftests/net/forwarding/mirror_lib.sh | 11 +- .../selftests/net/forwarding/pedit_dsfield.sh | 4 +- .../selftests/net/forwarding/pedit_ip.sh | 2 +- .../selftests/net/forwarding/pedit_l4port.sh | 4 +- .../selftests/net/forwarding/router.sh | 18 +-- .../net/forwarding/router_broadcast.sh | 2 +- .../net/forwarding/router_mpath_nh.sh | 8 +- .../net/forwarding/router_mpath_nh_lib.sh | 4 +- .../net/forwarding/router_mpath_nh_res.sh | 8 +- .../net/forwarding/router_mpath_seed.sh | 16 +-- .../net/forwarding/router_multicast.sh | 48 ++++---- .../net/forwarding/router_multipath.sh | 8 +- .../selftests/net/forwarding/sch_red.sh | 22 ++-- .../net/forwarding/skbedit_priority.sh | 4 +- .../selftests/net/forwarding/tc_actions.sh | 40 +++---- .../selftests/net/forwarding/tc_chains.sh | 8 +- .../selftests/net/forwarding/tc_flower.sh | 108 +++++++++--------- .../selftests/net/forwarding/tc_flower_cfm.sh | 22 ++-- .../net/forwarding/tc_flower_l2_miss.sh | 16 +-- .../net/forwarding/tc_flower_port_range.sh | 52 ++++----- .../net/forwarding/tc_flower_router.sh | 8 +- .../selftests/net/forwarding/tc_police.sh | 24 ++-- .../selftests/net/forwarding/tc_shblocks.sh | 16 +-- .../selftests/net/forwarding/tc_tunnel_key.sh | 6 +- .../net/forwarding/vxlan_bridge_1d.sh | 24 ++-- .../net/forwarding/vxlan_bridge_1d_ipv6.sh | 6 +- .../net/forwarding/vxlan_bridge_1q.sh | 18 +-- .../net/forwarding/vxlan_bridge_1q_ipv6.sh | 2 +- .../net/forwarding/vxlan_bridge_1q_mc_ul.sh | 8 +- .../net/forwarding/vxlan_reserved.sh | 4 +- 53 files changed, 426 insertions(+), 423 deletions(-) diff --git a/tools/testing/selftests/net/forwarding/bridge_igmp.sh b/tools/testing/selftests/net/forwarding/bridge_igmp.sh index d4e7dd659354..dd2e46488c51 100755 --- a/tools/testing/selftests/net/forwarding/bridge_igmp.sh +++ b/tools/testing/selftests/net/forwarding/bridge_igmp.sh @@ -158,7 +158,7 @@ v3include_prepare() ip link set dev br0 type bridge mcast_igmp_version 3 check_err $? "Could not change bridge IGMP version to 3" - $MZ $host1_if -b $mac -c 1 -B $group -t ip "proto=2,p=$MZPKT_IS_INC" -q + $MZ -b $mac -c 1 -B $group -t ip -q $host1_if "proto=2,p=$MZPKT_IS_INC" sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -183,7 +183,7 @@ v3exclude_prepare() v3include_prepare $host1_if $mac $group - $MZ $host1_if -c 1 -b $mac -B $group -t ip "proto=2,p=$MZPKT_IS_EXC" -q + $MZ -c 1 -b $mac -B $group -t ip -q $host1_if "proto=2,p=$MZPKT_IS_EXC" sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -237,7 +237,7 @@ v3inc_allow_test() v3include_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_ALLOW" sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" @@ -258,7 +258,7 @@ v3inc_is_include_test() v3include_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_IS_INC2" sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" @@ -297,7 +297,7 @@ v3inc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_TO_EXC" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_TO_EXC" sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -341,7 +341,7 @@ v3exc_allow_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_ALLOW2" sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" "${Y[@]}" @@ -364,7 +364,7 @@ v3exc_is_include_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC3" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_IS_INC3" sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" "${Y[@]}" @@ -387,7 +387,7 @@ v3exc_is_exclude_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_EXC2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_IS_EXC2" sleep 1 brmcast_check_sg_entries "is_exclude" "${X[@]}" "${Y[@]}" @@ -413,7 +413,7 @@ v3exc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_TO_EXC" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_TO_EXC" sleep 1 brmcast_check_sg_entries "to_exclude" "${X[@]}" "${Y[@]}" @@ -437,7 +437,7 @@ v3inc_block_test() v3include_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_BLOCK" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_BLOCK" # make sure the lowered timers have expired (by default 2 seconds) sleep 3 brmcast_check_sg_entries "block" "${X[@]}" @@ -470,7 +470,7 @@ v3exc_block_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_BLOCK" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_BLOCK" sleep 1 brmcast_check_sg_entries "block" "${X[@]}" "${Y[@]}" @@ -502,7 +502,7 @@ v3exc_timeout_test() mcast_query_response_interval 500 \ mcast_membership_interval 1500 - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h1 "proto=2,p=$MZPKT_ALLOW2" sleep 5 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -545,7 +545,7 @@ v3star_ex_auto_add_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h2 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip -q $h2 "proto=2,p=$MZPKT_IS_INC" sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ diff --git a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh index c62331b2e006..93d2261be6e3 100755 --- a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh +++ b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh @@ -225,18 +225,18 @@ locked_port_mab_roam() bridge link set dev $swp1 learning on locked on mab on - $MZ $h1 -q -c 5 -d 100msec -t udp -a $mac -b rand + $MZ -q -c 5 -d 100msec -t udp -a $mac -b rand $h1 bridge fdb get $mac br br0 vlan 1 | grep "dev $swp1" | grep -q "locked" check_err $? "No locked entry on first injection" - $MZ $h2 -q -c 5 -d 100msec -t udp -a $mac -b rand + $MZ -q -c 5 -d 100msec -t udp -a $mac -b rand $h2 bridge fdb get $mac br br0 vlan 1 | grep -q "dev $swp2" check_err $? "Entry did not roam to an unlocked port" bridge fdb get $mac br br0 vlan 1 | grep -q "locked" check_fail $? "Entry roamed with locked flag on" - $MZ $h1 -q -c 5 -d 100msec -t udp -a $mac -b rand + $MZ -q -c 5 -d 100msec -t udp -a $mac -b rand $h1 bridge fdb get $mac br br0 vlan 1 | grep -q "dev $swp1" check_fail $? "Entry roamed back to locked port" @@ -285,12 +285,12 @@ locked_port_mab_flush() bridge fdb add $unlocked_mac1 dev $swp1 vlan 1 master static bridge fdb add $unlocked_mac2 dev $swp2 vlan 1 master static - $MZ $h1 -q -c 5 -d 100msec -t udp -a $locked_mac1 -b rand + $MZ -q -c 5 -d 100msec -t udp -a $locked_mac1 -b rand $h1 bridge fdb get $locked_mac1 br br0 vlan 1 | grep "dev $swp1" | \ grep -q "locked" check_err $? "Failed to create locked FDB entry on first port" - $MZ $h2 -q -c 5 -d 100msec -t udp -a $locked_mac2 -b rand + $MZ -q -c 5 -d 100msec -t udp -a $locked_mac2 -b rand $h2 bridge fdb get $locked_mac2 br br0 vlan 1 | grep "dev $swp2" | \ grep -q "locked" check_err $? "Failed to create locked FDB entry on second port" diff --git a/tools/testing/selftests/net/forwarding/bridge_mdb.sh b/tools/testing/selftests/net/forwarding/bridge_mdb.sh index 8c1597ebc2d3..3218cf1ffae1 100755 --- a/tools/testing/selftests/net/forwarding/bridge_mdb.sh +++ b/tools/testing/selftests/net/forwarding/bridge_mdb.sh @@ -1023,27 +1023,27 @@ __fwd_test_host_ip() # Packet should only be flooded to multicast router ports when there is # no matching MDB entry. The bridge is not configured as a multicast # router port. - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 0 check_err $? "Packet locally received after flood" # Install a regular port group entry and expect the packet to not be # locally received. bridge mdb add dev br0 port $swp2 grp $grp temp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 0 check_err $? "Packet locally received after installing a regular entry" # Add a host entry and expect the packet to be locally received. bridge mdb add dev br0 port br0 grp $grp temp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet not locally received after adding a host entry" # Remove the host entry and expect the packet to not be locally # received. bridge mdb del dev br0 port br0 grp $grp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet locally received after removing a host entry" @@ -1071,27 +1071,27 @@ fwd_test_host_l2() # Packet should be flooded and locally received when there is no # matching MDB entry. - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet not locally received after flood" # Install a regular port group entry and expect the packet to not be # locally received. bridge mdb add dev br0 port $swp2 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet locally received after installing a regular entry" # Add a host entry and expect the packet to be locally received. bridge mdb add dev br0 port br0 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 2 check_err $? "Packet not locally received after adding a host entry" # Remove the host entry and expect the packet to not be locally # received. bridge mdb del dev br0 port br0 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 2 check_err $? "Packet locally received after removing a host entry" @@ -1151,43 +1151,43 @@ __fwd_test_port_ip() vlan_ethtype $eth_type vlan_id 10 dst_ip $grp \ src_ip $invalid_src action drop - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Packet from valid source received on H2 before adding entry" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 0 check_err $? "Packet from invalid source received on H2 before adding entry" bridge mdb add dev br0 port $swp2 grp $grp vid 10 \ filter_mode $filter_mode source_list $src_list - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Packet from valid source not received on H2 after adding entry" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 0 check_err $? "Packet from invalid source received on H2 after adding entry" bridge mdb replace dev br0 port $swp2 grp $grp vid 10 \ filter_mode exclude - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 2 check_err $? "Packet from valid source not received on H2 after allowing all sources" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 1 check_err $? "Packet from invalid source not received on H2 after allowing all sources" bridge mdb del dev br0 port $swp2 grp $grp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 2 check_err $? "Packet from valid source received on H2 after deleting entry" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 1 check_err $? "Packet from invalid source received on H2 after deleting entry" @@ -1216,17 +1216,17 @@ fwd_test_port_l2() tc filter add dev $h2 ingress protocol all pref 1 handle 1 flower \ dst_mac $dmac action drop - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Packet received on H2 before adding entry" bridge mdb add dev br0 port $swp2 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Packet not received on H2 after adding entry" bridge mdb del dev br0 port $swp2 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Packet received on H2 after deleting entry" @@ -1283,8 +1283,8 @@ ctrl_igmpv3_is_in_test() filter_mode include source_list 192.0.2.1 # IS_IN ( 192.0.2.2 ) - $MZ $h1.10 -c 1 -a own -b 01:00:5e:01:01:01 -A 192.0.2.1 -B 239.1.1.1 \ - -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q + $MZ -c 1 -a own -b 01:00:5e:01:01:01 -A 192.0.2.1 -B 239.1.1.1 \ + -t ip -q $h1.10 proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) bridge mdb get dev br0 grp 239.1.1.1 src 192.0.2.2 vid 10 &> /dev/null check_fail $? "Permanent entry affected by IGMP packet" @@ -1296,8 +1296,8 @@ ctrl_igmpv3_is_in_test() filter_mode include source_list 192.0.2.1 # IS_IN ( 192.0.2.2 ) - $MZ $h1.10 -a own -b 01:00:5e:01:01:01 -c 1 -A 192.0.2.1 -B 239.1.1.1 \ - -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q + $MZ -a own -b 01:00:5e:01:01:01 -c 1 -A 192.0.2.1 -B 239.1.1.1 \ + -t ip -q $h1.10 proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) bridge -d mdb get dev br0 grp 239.1.1.1 vid 10 | grep -q 192.0.2.2 check_err $? "Source not add to source list" @@ -1321,8 +1321,8 @@ ctrl_mldv2_is_in_test() # IS_IN ( 2001:db8:1::2 ) local p=$(mldv2_is_in_get fe80::1 ff0e::1 2001:db8:1::2) - $MZ -6 $h1.10 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ + -t ip -q $h1.10 hop=1,next=0,p="$p" bridge mdb get dev br0 grp ff0e::1 src 2001:db8:1::2 vid 10 &> /dev/null check_fail $? "Permanent entry affected by MLD packet" @@ -1334,8 +1334,8 @@ ctrl_mldv2_is_in_test() filter_mode include source_list 2001:db8:1::1 # IS_IN ( 2001:db8:1::2 ) - $MZ -6 $h1.10 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ + -t ip -q $h1.10 hop=1,next=0,p="$p" bridge -d mdb get dev br0 grp ff0e::1 vid 10 | grep -q 2001:db8:1::2 check_err $? "Source not add to source list" diff --git a/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh b/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh index 3da9d93ab36f..efe24eadc2c6 100755 --- a/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh +++ b/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh @@ -253,8 +253,8 @@ ctl4_entries_add() local peer=$(locus_dev_peer $locus) local GRP=239.1.1.${grp} local dmac=01:00:5e:01:01:$(printf "%02x" $grp) - $MZ $peer -a own -b $dmac -c 1 -A 192.0.2.1 -B $GRP \ - -t ip proto=2,p=$(igmpv3_is_in_get $GRP $IPs) -q + $MZ -a own -b $dmac -c 1 -A 192.0.2.1 -B $GRP \ + -t ip -q $peer proto=2,p=$(igmpv3_is_in_get $GRP $IPs) sleep 1 local nn=$(bridge mdb show dev br0 | grep $GRP | wc -l) @@ -274,8 +274,8 @@ ctl4_entries_del() local peer=$(locus_dev_peer $locus) local GRP=239.1.1.${grp} local dmac=01:00:5e:00:00:02 - $MZ $peer -a own -b $dmac -c 1 -A 192.0.2.1 -B 224.0.0.2 \ - -t ip proto=2,p=$(igmpv2_leave_get $GRP) -q + $MZ -a own -b $dmac -c 1 -A 192.0.2.1 -B 224.0.0.2 \ + -t ip -q $peer proto=2,p=$(igmpv2_leave_get $GRP) sleep 1 ! bridge mdb show dev br0 | grep -q $GRP } @@ -293,8 +293,8 @@ ctl6_entries_add() local GRP=ff0e::${grp} local dmac=33:33:00:00:00:$(printf "%02x" $grp) local p=$(mldv2_is_in_get $SIP $GRP $IPs) - $MZ -6 $peer -a own -b $dmac -c 1 -A $SIP -B $GRP \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b $dmac -c 1 -A $SIP -B $GRP \ + -t ip -q $peer hop=1,next=0,p="$p" sleep 1 local nn=$(bridge mdb show dev br0 | grep $GRP | wc -l) @@ -316,8 +316,8 @@ ctl6_entries_del() local GRP=ff0e::${grp} local dmac=33:33:00:00:00:$(printf "%02x" $grp) local p=$(mldv1_done_get $SIP $GRP) - $MZ -6 $peer -a own -b $dmac -c 1 -A $SIP -B $GRP \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b $dmac -c 1 -A $SIP -B $GRP \ + -t ip -q $peer hop=1,next=0,p="$p" sleep 1 ! bridge mdb show dev br0 | grep -q $GRP } diff --git a/tools/testing/selftests/net/forwarding/bridge_mld.sh b/tools/testing/selftests/net/forwarding/bridge_mld.sh index 4cacef5a813a..b4f6a81e8bf0 100755 --- a/tools/testing/selftests/net/forwarding/bridge_mld.sh +++ b/tools/testing/selftests/net/forwarding/bridge_mld.sh @@ -158,7 +158,7 @@ mldv2include_prepare() ip link set dev br0 type bridge mcast_mld_version 2 check_err $? "Could not change bridge MLD version to 2" - $MZ $host1_if $MZPKT_IS_INC -q + $MZ -q $host1_if $MZPKT_IS_INC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -183,7 +183,7 @@ mldv2exclude_prepare() mldv2include_prepare $h1 - $MZ $host1_if -c 1 $MZPKT_IS_EXC -q + $MZ -c 1 -q $host1_if $MZPKT_IS_EXC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -236,7 +236,7 @@ mldv2inc_allow_test() mldv2include_prepare $h1 - $MZ $h1 -c 1 $MZPKT_ALLOW -q + $MZ -c 1 -q $h1 $MZPKT_ALLOW sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" @@ -257,7 +257,7 @@ mldv2inc_is_include_test() mldv2include_prepare $h1 - $MZ $h1 -c 1 $MZPKT_IS_INC2 -q + $MZ -c 1 -q $h1 $MZPKT_IS_INC2 sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" @@ -296,7 +296,7 @@ mldv2inc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 $MZPKT_TO_EXC -q + $MZ -c 1 -q $h1 $MZPKT_TO_EXC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -340,7 +340,7 @@ mldv2exc_allow_test() mldv2exclude_prepare $h1 - $MZ $h1 -c 1 $MZPKT_ALLOW2 -q + $MZ -c 1 -q $h1 $MZPKT_ALLOW2 sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" "${Y[@]}" @@ -363,7 +363,7 @@ mldv2exc_is_include_test() mldv2exclude_prepare $h1 - $MZ $h1 -c 1 $MZPKT_IS_INC3 -q + $MZ -c 1 -q $h1 $MZPKT_IS_INC3 sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" "${Y[@]}" @@ -386,7 +386,7 @@ mldv2exc_is_exclude_test() mldv2exclude_prepare $h1 - $MZ $h1 -c 1 $MZPKT_IS_EXC2 -q + $MZ -c 1 -q $h1 $MZPKT_IS_EXC2 sleep 1 brmcast_check_sg_entries "is_exclude" "${X[@]}" "${Y[@]}" @@ -412,7 +412,7 @@ mldv2exc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 $MZPKT_TO_EXC -q + $MZ -c 1 -q $h1 $MZPKT_TO_EXC sleep 1 brmcast_check_sg_entries "to_exclude" "${X[@]}" "${Y[@]}" @@ -436,7 +436,7 @@ mldv2inc_block_test() mldv2include_prepare $h1 - $MZ $h1 -c 1 $MZPKT_BLOCK -q + $MZ -c 1 -q $h1 $MZPKT_BLOCK # make sure the lowered timers have expired (by default 2 seconds) sleep 3 brmcast_check_sg_entries "block" "${X[@]}" @@ -469,7 +469,7 @@ mldv2exc_block_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 $MZPKT_BLOCK -q + $MZ -c 1 -q $h1 $MZPKT_BLOCK sleep 1 brmcast_check_sg_entries "block" "${X[@]}" "${Y[@]}" @@ -501,7 +501,7 @@ mldv2exc_timeout_test() mcast_query_response_interval 500 \ mcast_membership_interval 1500 - $MZ $h1 -c 1 $MZPKT_ALLOW2 -q + $MZ -c 1 -q $h1 $MZPKT_ALLOW2 sleep 5 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -544,7 +544,7 @@ mldv2star_ex_auto_add_test() mldv2exclude_prepare $h1 - $MZ $h2 -c 1 $MZPKT_IS_INC -q + $MZ -c 1 -q $h2 $MZPKT_IS_INC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ diff --git a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh index 1f8ef0eff862..cbc9a9f3c6de 100755 --- a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh +++ b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh @@ -51,7 +51,7 @@ sticky() bridge fdb add $TEST_MAC dev $swp1 master static sticky check_err $? "Could not add fdb entry" bridge fdb del $TEST_MAC dev $swp1 vlan 1 master static sticky - $MZ $h2 -c 1 -a $TEST_MAC -t arp "request" -q + $MZ -c 1 -a $TEST_MAC -t arp -q $h2 "request" bridge -j fdb show br br0 brport $swp1\ | jq -e ".[] | select(.mac == \"$TEST_MAC\")" &> /dev/null check_err $? "Did not find FDB record when should" diff --git a/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh b/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh index e59fba366a0a..88525294e410 100755 --- a/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh +++ b/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh @@ -131,7 +131,7 @@ extern_learn() bridge fdb show brport $swp1 | grep -q de:ad:be:ef:13:37 check_err $? "FDB entry was aged out when should not" - $MZ $h2 -c 1 -p 64 -a $mac -t ip -q + $MZ -c 1 -p 64 -a $mac -t ip -q $h2 bridge fdb show brport $swp2 | grep -q de:ad:be:ef:13:37 check_err $? "FDB entry did not roam when should" @@ -158,7 +158,7 @@ other_tpid() ip link set $h2 promisc on ethtool -K $h2 rx-vlan-filter off rx-vlan-stag-filter off - $MZ -q $h1 -c 1 -b $mac -a own "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" + $MZ -q -c 1 -b $mac -a own $h1 "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" sleep 1 # Match on 'self' addresses as well, for those drivers which @@ -179,7 +179,7 @@ other_tpid() bridge vlan del dev $swp1 vid 1 - $MZ -q $h1 -c 1 -b $mac -a own "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" + $MZ -q -c 1 -b $mac -a own $h1 "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" sleep 1 RET=0 @@ -202,7 +202,7 @@ other_tpid() tc filter add dev $h2 ingress protocol all pref 1 handle 101 \ flower dst_mac $mac action drop - $MZ -q $h1 -c 1 -b $mac -a own "81:00 00:00 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" + $MZ -q -c 1 -b $mac -a own $h1 "81:00 00:00 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" sleep 1 tc -j -s filter show dev $h2 ingress \ diff --git a/tools/testing/selftests/net/forwarding/bridge_vlan_mcast.sh b/tools/testing/selftests/net/forwarding/bridge_vlan_mcast.sh index 72dfbeaf56b9..9efff89b3bfd 100755 --- a/tools/testing/selftests/net/forwarding/bridge_vlan_mcast.sh +++ b/tools/testing/selftests/net/forwarding/bridge_vlan_mcast.sh @@ -508,8 +508,8 @@ vlmc_router_port_test() mcast_query_response_interval 0 bridge vlan add vid 10 dev br0 self sleep 1 - mausezahn br0 -Q 10 -c 10 -p 128 -b 01:00:5e:01:01:01 -B 239.1.1.1 \ - -t udp "dp=1024" &>/dev/null + $MZ -Q 10 -c 10 -p 128 -b 01:00:5e:01:01:01 -B 239.1.1.1 \ + -t udp br0 "dp=1024" &>/dev/null local swp1_tcstats=$(tc_rule_stats_get $swp1 10 egress) if [[ $swp1_tcstats != 10 ]]; then check_err 1 "Wrong number of vlan 10 multicast packets flooded" diff --git a/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh b/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh index 7d531f7091e6..de9086f4c724 100755 --- a/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh +++ b/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh @@ -181,44 +181,44 @@ ping_ipv6() send_src_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A "198.51.100.2-198.51.100.253" -B 203.0.113.2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B "203.0.113.2-203.0.113.253" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_src_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } send_src_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A "2001:db8:1::2-2001:db8:1::fd" -B 2001:db8:4::2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B "2001:db8:4::2-2001:db8:4::fd" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_flowlabel() @@ -226,22 +226,22 @@ send_flowlabel() # Generate 16384 echo requests, each with a random flow label. ip vrf exec v$h1 sh -c \ "for _ in {1..16384}; do \ - $PING6 2001:db8:4::2 -F 0 -c 1 -q >/dev/null 2>&1; \ + $PING6 -F 0 -c 1 -q 2001:db8:4::2 >/dev/null 2>&1; \ done" } send_src_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:4::2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:4::2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } custom_hash_test() diff --git a/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh b/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh index dda11a4a9450..24e74fa35392 100755 --- a/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh +++ b/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh @@ -276,44 +276,44 @@ ping_ipv6() send_src_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A "198.51.100.2-198.51.100.253" -B 203.0.113.2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B "203.0.113.2-203.0.113.253" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_src_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } send_src_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A "2001:db8:1::2-2001:db8:1::fd" -B 2001:db8:2::2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B "2001:db8:2::2-2001:db8:2::fd" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_flowlabel() @@ -321,22 +321,22 @@ send_flowlabel() # Generate 16384 echo requests, each with a random flow label. ip vrf exec v$h1 sh -c \ "for _ in {1..16384}; do \ - $PING6 2001:db8:2::2 -F 0 -c 1 -q >/dev/null 2>&1; \ + $PING6 -F 0 -c 1 -q 2001:db8:2::2 >/dev/null 2>&1; \ done" } send_src_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } custom_hash_test() diff --git a/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh b/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh index efca6114a3ce..3e1694c9773b 100755 --- a/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh +++ b/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh @@ -266,8 +266,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + $MZ -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh b/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh index a71ad39fc0c3..fb2707a97f59 100755 --- a/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh +++ b/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh @@ -266,9 +266,9 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ + $MZ -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ -B "2001:db8:2::2-2001:db8:2::3e" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_multipath.sh b/tools/testing/selftests/net/forwarding/gre_multipath.sh index 57531c1d884d..6ed8b8f1ac22 100755 --- a/tools/testing/selftests/net/forwarding/gre_multipath.sh +++ b/tools/testing/selftests/net/forwarding/gre_multipath.sh @@ -219,8 +219,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh b/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh index 7d5b2b9cc133..d207b5518843 100755 --- a/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh +++ b/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh @@ -243,8 +243,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) @@ -270,8 +270,8 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh b/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh index 370f9925302d..f1d8a6b17d6f 100755 --- a/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh +++ b/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh @@ -246,8 +246,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) @@ -274,8 +274,8 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) diff --git a/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh b/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh index 49fa94b53a1c..25036e38043c 100755 --- a/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh +++ b/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh @@ -95,7 +95,7 @@ ipv6_in_too_big_err() # Send too big packets ip vrf exec $vrf_name \ - $PING6 -s 1300 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null + $PING6 -s 1300 -c 1 -w $PING_TIMEOUT 2001:1:2::2 &> /dev/null local t1=$(ipv6_stats_get $rtr1 Ip6InTooBigErrors) test "$((t1 - t0))" -ne 0 @@ -131,7 +131,7 @@ ipv6_in_addr_err() # Disable forwarding temporary while sending the packet sysctl -qw net.ipv6.conf.all.forwarding=0 ip vrf exec $vrf_name \ - $PING6 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null + $PING6 -c 1 -w $PING_TIMEOUT 2001:1:2::2 &> /dev/null sysctl -qw net.ipv6.conf.all.forwarding=1 local t1=$(ipv6_stats_get $rtr1 Ip6InAddrErrors) @@ -150,7 +150,7 @@ ipv6_in_discard() # Add a policy to discard ip xfrm policy add dst 2001:1:2::2/128 dir fwd action block ip vrf exec $vrf_name \ - $PING6 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null + $PING6 -c 1 -w $PING_TIMEOUT 2001:1:2::2 &> /dev/null ip xfrm policy del dst 2001:1:2::2/128 dir fwd local t1=$(ipv6_stats_get $rtr1 Ip6InDiscards) diff --git a/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh b/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh index e28b4a079e52..38cf24158929 100755 --- a/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh @@ -278,44 +278,44 @@ ping_ipv6() send_src_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A "198.51.100.2-198.51.100.253" -B 203.0.113.2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B "203.0.113.2-203.0.113.253" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_src_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } send_src_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A "2001:db8:1::2-2001:db8:1::fd" -B 2001:db8:2::2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B "2001:db8:2::2-2001:db8:2::fd" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_flowlabel() @@ -323,22 +323,22 @@ send_flowlabel() # Generate 16384 echo requests, each with a random flow label. ip vrf exec v$h1 sh -c \ "for _ in {1..16384}; do \ - $PING6 2001:db8:2::2 -F 0 -c 1 -q >/dev/null 2>&1; \ + $PING6 -F 0 -c 1 -q 2001:db8:2::2 >/dev/null 2>&1; \ done" } send_src_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } custom_hash_test() diff --git a/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh b/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh index 32d1461f37b7..21a2deb577ef 100755 --- a/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh @@ -265,8 +265,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + $MZ -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh b/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh index e1a4b50505f5..f2fd82017f21 100755 --- a/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh @@ -265,9 +265,9 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ + $MZ -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ -B "2001:db8:2::2-2001:db8:2::3e" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/ip6gre_lib.sh b/tools/testing/selftests/net/forwarding/ip6gre_lib.sh index 2d91281dc5b7..4ebb8a1c758a 100644 --- a/tools/testing/selftests/net/forwarding/ip6gre_lib.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_lib.sh @@ -355,8 +355,8 @@ test_traffic_ip4ip6() tc filter add dev $ol2 egress protocol ipv4 pref 1 handle 101 \ flower $TC_FLAG dst_ip 203.0.113.1 action pass - $MZ $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 198.51.100.1 \ - -B 203.0.113.1 -t ip -q -d $MZ_DELAY + $MZ -c 1000 -p 64 -a $h1mac -b $ol1mac -A 198.51.100.1 \ + -B 203.0.113.1 -t ip -q -d $MZ_DELAY $h1 # Check ports after encap and after decap. tc_check_at_least_x_packets "dev $ul1 egress" 101 1000 @@ -388,8 +388,8 @@ test_traffic_ip6ip6() tc filter add dev $ol2 egress protocol ipv6 pref 1 handle 101 \ flower $TC_FLAG dst_ip 2001:db8:2::1 action pass - $MZ -6 $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 2001:db8:1::1 \ - -B 2001:db8:2::1 -t ip -q -d $MZ_DELAY + $MZ -6 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 2001:db8:1::1 \ + -B 2001:db8:2::1 -t ip -q -d $MZ_DELAY $h1 # Check ports after encap and after decap. tc_check_at_least_x_packets "dev $ul1 egress" 101 1000 diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh index 890b3374dacd..d1a06dbfe2ae 100644 --- a/tools/testing/selftests/net/forwarding/lib.sh +++ b/tools/testing/selftests/net/forwarding/lib.sh @@ -1291,8 +1291,8 @@ ping_do() vrf_name=$(master_name_get $if_name) ip vrf exec $vrf_name \ - $PING $args $dip -c $PING_COUNT -i 0.1 \ - -w $PING_TIMEOUT &> /dev/null + $PING $args -c $PING_COUNT -i 0.1 \ + -w $PING_TIMEOUT $dip &> /dev/null } ping_test() @@ -1322,8 +1322,8 @@ ping6_do() vrf_name=$(master_name_get $if_name) ip vrf exec $vrf_name \ - $PING6 $args $dip -c $PING_COUNT -i 0.1 \ - -w $PING_TIMEOUT &> /dev/null + $PING6 $args -c $PING_COUNT -i 0.1 \ + -w $PING_TIMEOUT $dip &> /dev/null } ping6_test() @@ -1369,7 +1369,7 @@ learning_test() tc filter add dev $host1_if ingress protocol ip pref 1 handle 101 \ flower dst_mac $mac action drop - $MZ $host2_if -c 1 -p 64 -b $mac -t ip -q + $MZ -c 1 -p 64 -b $mac -t ip -q $host2_if sleep 1 tc -j -s filter show dev $host1_if ingress \ @@ -1377,14 +1377,14 @@ learning_test() | select(.options.actions[0].stats.packets == 1)" &> /dev/null check_fail $? "Packet reached first host when should not" - $MZ $host1_if -c 1 -p 64 -a $mac -t ip -q + $MZ -c 1 -p 64 -a $mac -t ip -q $host1_if sleep 1 bridge -j fdb show br $bridge brport $br_port1 \ | jq -e ".[] | select(.mac == \"$mac\")" &> /dev/null check_err $? "Did not find FDB record when should" - $MZ $host2_if -c 1 -p 64 -b $mac -t ip -q + $MZ -c 1 -p 64 -b $mac -t ip -q $host2_if sleep 1 tc -j -s filter show dev $host1_if ingress \ @@ -1403,7 +1403,7 @@ learning_test() bridge link set dev $br_port1 learning off - $MZ $host1_if -c 1 -p 64 -a $mac -t ip -q + $MZ -c 1 -p 64 -a $mac -t ip -q $host1_if sleep 1 bridge -j fdb show br $bridge brport $br_port1 \ @@ -1437,7 +1437,7 @@ flood_test_do() tc filter add dev $host2_if ingress protocol ip pref 1 handle 101 \ flower dst_mac $mac action drop - $MZ $host1_if -c 1 -p 64 -b $mac -B $ip -t ip -q + $MZ -c 1 -p 64 -b $mac -B $ip -t ip -q $host1_if sleep 1 tc -j -s filter show dev $host2_if ingress \ @@ -1522,8 +1522,8 @@ __start_traffic() local dmac=$1; shift local -a mz_args=("$@") - $MZ $h_in -p $pktsize -A $sip -B $dip -c 0 \ - -a own -b $dmac -t "$proto" -q "${mz_args[@]}" & + $MZ -p $pktsize -A $sip -B $dip -c 0 \ + -a own -b $dmac -t "$proto" -q $h_in "${mz_args[@]}" & sleep 1 } @@ -1663,7 +1663,7 @@ mcast_packet_test() tc filter add dev $host2_if ingress protocol $tc_proto pref 1 handle 101 \ flower ip_proto udp dst_mac $mac action drop - $MZ $host1_if $mz_v6arg -c 1 -p 64 -b $mac -A $src_ip -B $ip -t udp "dp=4096,sp=2048" -q + $MZ $mz_v6arg -c 1 -p 64 -b $mac -A $src_ip -B $ip -t udp -q $host1_if "dp=4096,sp=2048" sleep 1 tc -j -s filter show dev $host2_if ingress \ diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh b/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh index a20d22d1df36..8d4ae6c952a1 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh @@ -238,7 +238,7 @@ test_lag_slave() ip neigh flush dev br1 setup_wait_dev $up_dev setup_wait_dev $host_dev - $ARPING -I br1 192.0.2.130 -qfc 1 + $ARPING -I br1 -qfc 1 192.0.2.130 sleep 2 mirror_test vrf-h1 192.0.2.1 192.0.2.18 $host_dev 1 ">= 10" diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh index 1b902cc579f6..a21c771908b3 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh @@ -196,7 +196,7 @@ test_span_gre_forbidden_egress() bridge vlan add dev $swp3 vid 555 # Re-prime FDB - $ARPING -I br1.555 192.0.2.130 -fqc 1 + $ARPING -I br1.555 -fqc 1 192.0.2.130 sleep 1 quick_test_span_gre_dir $tundev @@ -290,7 +290,7 @@ test_span_gre_fdb_roaming() bridge fdb del dev $swp2 $h3mac vlan 555 master 2>/dev/null # Re-prime FDB - $ARPING -I br1.555 192.0.2.130 -fqc 1 + $ARPING -I br1.555 -fqc 1 192.0.2.130 sleep 1 quick_test_span_gre_dir $tundev diff --git a/tools/testing/selftests/net/forwarding/mirror_lib.sh b/tools/testing/selftests/net/forwarding/mirror_lib.sh index 6bf9d5ae933c..9a538b1391ed 100644 --- a/tools/testing/selftests/net/forwarding/mirror_lib.sh +++ b/tools/testing/selftests/net/forwarding/mirror_lib.sh @@ -36,12 +36,15 @@ mirror_test() local pref=$1; shift local expect=$1; shift + # getopt permutation is a non-POSIX GNU extension if is_ipv6 $dip; then local proto=-6 - local type="icmp6 type=128" # Echo request. + local type="icmp6" + local typespec="type=128" # Echo request. else local proto= - local type="icmp echoreq" + local type="icmp" + local typespec="echoreq" fi if [[ -z ${expect//[[:digit:]]/} ]]; then @@ -49,8 +52,8 @@ mirror_test() fi local t0=$(tc_rule_stats_get $dev $pref) - $MZ $proto $vrf_name ${sip:+-A $sip} -B $dip -a own -b bc -q \ - -c 10 -d 100msec -t $type + $MZ $proto ${sip:+-A $sip} -B $dip -a own -b bc -q \ + -c 10 -d 100msec -t $type $vrf_name $typespec sleep 0.5 local t1=$(tc_rule_stats_get $dev $pref) local delta=$((t1 - t0)) diff --git a/tools/testing/selftests/net/forwarding/pedit_dsfield.sh b/tools/testing/selftests/net/forwarding/pedit_dsfield.sh index af008fbf2725..3e8804ccb721 100755 --- a/tools/testing/selftests/net/forwarding/pedit_dsfield.sh +++ b/tools/testing/selftests/net/forwarding/pedit_dsfield.sh @@ -130,8 +130,8 @@ do_test_pedit_dsfield_common() # TOS 125: DSCP 31, ECN 1. Used for testing that the relevant part is # overwritten when zero is selected. - $MZ $mz_flags $h1 -c 10 -d 20msec -p 100 \ - -a own -b $h2mac -q -t tcp tos=0x7d,sp=54321,dp=12345 + $MZ $mz_flags -c 10 -d 20msec -p 100 \ + -a own -b $h2mac -q -t tcp $h1 tos=0x7d,sp=54321,dp=12345 local pkts pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \ diff --git a/tools/testing/selftests/net/forwarding/pedit_ip.sh b/tools/testing/selftests/net/forwarding/pedit_ip.sh index d14efb2d23b2..48aab7f4cc49 100755 --- a/tools/testing/selftests/net/forwarding/pedit_ip.sh +++ b/tools/testing/selftests/net/forwarding/pedit_ip.sh @@ -128,7 +128,7 @@ do_test_pedit_ip() RET=0 - $MZ $mz_flags $h1 -c 10 -d 20msec -p 100 -a own -b $h2mac -q -t ip + $MZ $mz_flags -c 10 -d 20msec -p 100 -a own -b $h2mac -q -t ip $h1 local pkts pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \ diff --git a/tools/testing/selftests/net/forwarding/pedit_l4port.sh b/tools/testing/selftests/net/forwarding/pedit_l4port.sh index 10e594c55117..d9846703d6cc 100755 --- a/tools/testing/selftests/net/forwarding/pedit_l4port.sh +++ b/tools/testing/selftests/net/forwarding/pedit_l4port.sh @@ -132,8 +132,8 @@ do_test_pedit_l4port_one() RET=0 - $MZ $mz_flags $h1 -c 10 -d 20msec -p 100 \ - -a own -b $h2mac -q -t $pedit_prot sp=54321,dp=12345 + $MZ $mz_flags -c 10 -d 20msec -p 100 \ + -a own -b $h2mac -q -t $pedit_prot $h1 sp=54321,dp=12345 local pkts pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \ diff --git a/tools/testing/selftests/net/forwarding/router.sh b/tools/testing/selftests/net/forwarding/router.sh index b98ea9449b8b..2560ad760a66 100755 --- a/tools/testing/selftests/net/forwarding/router.sh +++ b/tools/testing/selftests/net/forwarding/router.sh @@ -197,8 +197,8 @@ sip_in_class_e() tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \ flower src_ip 240.0.0.1 ip_proto udp action pass - $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \ - -A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q + $MZ -t udp -c 5 -d 1msec \ + -A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -246,8 +246,8 @@ __mc_mac_mismatch() create_mcast_sg $rp1 $sip $dip $rp2 - $MZ $flags $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $dmac \ - -B $dip -q + $MZ $flags -t udp -c 5 -d 1msec -b $dmac \ + -B $dip -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -275,8 +275,8 @@ ipv4_sip_equal_dip() tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \ flower src_ip 198.51.100.2 action pass - $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \ - -A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q + $MZ -t udp -c 5 -d 1msec \ + -A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -295,8 +295,8 @@ ipv6_sip_equal_dip() tc filter add dev $rp2 egress protocol ipv6 pref 1 handle 101 \ flower src_ip 2001:db8:2::2 action pass - $MZ -6 $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \ - -A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q + $MZ -6 -t udp -c 5 -d 1msec \ + -A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -318,7 +318,7 @@ ipv4_dip_link_local() ip neigh add 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2 ip route add 169.254.1.0/24 dev $rp2 - $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $rp1mac -B $dip -q + $MZ -t udp -c 5 -d 1msec -b $rp1mac -B $dip -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" diff --git a/tools/testing/selftests/net/forwarding/router_broadcast.sh b/tools/testing/selftests/net/forwarding/router_broadcast.sh index 4eac0a06f451..e13569d96cd7 100755 --- a/tools/testing/selftests/net/forwarding/router_broadcast.sh +++ b/tools/testing/selftests/net/forwarding/router_broadcast.sh @@ -173,7 +173,7 @@ ping_test_from() log_info "ping $dip, expected reply from $from" ip vrf exec $(master_name_get $oif) \ - $PING -I $oif $dip -c 10 -i 0.1 -w $PING_TIMEOUT -b 2>&1 \ + $PING -I $oif -c 10 -i 0.1 -w $PING_TIMEOUT -b $dip 2>&1 \ | grep "bytes from $from" > /dev/null check_err_fail $fail $? } diff --git a/tools/testing/selftests/net/forwarding/router_mpath_nh.sh b/tools/testing/selftests/net/forwarding/router_mpath_nh.sh index a7d8399c8d4f..f0cded6b7bcf 100755 --- a/tools/testing/selftests/net/forwarding/router_mpath_nh.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_nh.sh @@ -244,8 +244,8 @@ multipath4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - ip vrf exec vrf-h1 $MZ $h1 -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ - -d $MZ_DELAY -t udp "$ports" + ip vrf exec vrf-h1 $MZ -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) @@ -280,8 +280,8 @@ multipath6_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "$ports" + $MZ -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) diff --git a/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh b/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh index 507b2852dabe..d8ba304ec9ff 100644 --- a/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh @@ -104,7 +104,7 @@ __nh_stats_test_v4() sysctl_set net.ipv4.fib_multipath_hash_policy 1 nh_stats_test_dispatch $nhgtype "IPv4" 101 102 103 \ - $MZ $h1 -A 192.0.2.2 -B 198.51.100.2 + $MZ -A 192.0.2.2 -B 198.51.100.2 $h1 sysctl_restore net.ipv4.fib_multipath_hash_policy } @@ -114,7 +114,7 @@ __nh_stats_test_v6() sysctl_set net.ipv6.fib_multipath_hash_policy 1 nh_stats_test_dispatch $nhgtype "IPv6" 104 105 106 \ - $MZ -6 $h1 -A 2001:db8:1::2 -B 2001:db8:2::2 + $MZ -6 -A 2001:db8:1::2 -B 2001:db8:2::2 $h1 sysctl_restore net.ipv6.fib_multipath_hash_policy } diff --git a/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh b/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh index 88ddae05b39d..1db64b8beab2 100755 --- a/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh @@ -245,8 +245,8 @@ multipath4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - ip vrf exec vrf-h1 $MZ $h1 -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ - -d $MZ_DELAY -t udp "$ports" + ip vrf exec vrf-h1 $MZ -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) @@ -278,8 +278,8 @@ multipath6_l4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "$ports" + $MZ -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) diff --git a/tools/testing/selftests/net/forwarding/router_mpath_seed.sh b/tools/testing/selftests/net/forwarding/router_mpath_seed.sh index 314cb906c1eb..d6a2a24da423 100755 --- a/tools/testing/selftests/net/forwarding/router_mpath_seed.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_seed.sh @@ -255,15 +255,15 @@ test_mpath_seed() test_mpath_seed_ipv4() { test_mpath_seed 1000 IPv4 \ - $MZ $h1 -A 192.0.2.1 -B 192.0.2.34 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -A 192.0.2.1 -B 192.0.2.34 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } test_mpath_seed_ipv6() { test_mpath_seed 2000 IPv6 \ - $MZ -6 $h1 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -6 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } check_mpath_seed_stability() @@ -311,15 +311,15 @@ test_mpath_seed_stability() test_mpath_seed_stability_ipv4() { test_mpath_seed_stability 1000 IPv4 \ - $MZ $h1 -A 192.0.2.1 -B 192.0.2.34 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -A 192.0.2.1 -B 192.0.2.34 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } test_mpath_seed_stability_ipv6() { test_mpath_seed_stability 2000 IPv6 \ - $MZ -6 $h1 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -6 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } trap cleanup EXIT diff --git a/tools/testing/selftests/net/forwarding/router_multicast.sh b/tools/testing/selftests/net/forwarding/router_multicast.sh index 83e52abdbc2e..c30b176ac954 100755 --- a/tools/testing/selftests/net/forwarding/router_multicast.sh +++ b/tools/testing/selftests/net/forwarding/router_multicast.sh @@ -222,8 +222,8 @@ mcast_v4() create_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 # Send frames with the corresponding L2 destination address. - $MZ $h1 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + $MZ -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ + -A 198.51.100.2 -B 225.1.2.3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast not received on first host" @@ -232,8 +232,8 @@ mcast_v4() delete_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 - $MZ $h1 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + $MZ -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ + -A 198.51.100.2 -B 225.1.2.3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast received on host although deleted" @@ -262,8 +262,8 @@ mcast_v6() create_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 # Send frames with the corresponding L2 destination address. - $MZ $h1 -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ - -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q + $MZ -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ + -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast not received on first host" @@ -272,8 +272,8 @@ mcast_v6() delete_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 - $MZ $h1 -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ - -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q + $MZ -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ + -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast received on first host although deleted" @@ -308,18 +308,18 @@ rpf_v4() create_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 - $MZ $h1 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 5 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h1 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h2 ingress" 1 5 check_err $? "Multicast not received on first host" tc_check_packets "dev $h3 ingress" 1 5 check_err $? "Multicast not received on second host" - $MZ $h3 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 5 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h3 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h1 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -353,18 +353,18 @@ rpf_v6() create_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 - $MZ $h1 -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 5 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h1 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h2 ingress" 1 5 check_err $? "Multicast not received on first host" tc_check_packets "dev $h3 ingress" 1 5 check_err $? "Multicast not received on second host" - $MZ $h3 -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 5 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h3 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h1 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -399,9 +399,9 @@ unres_v4() dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action drop # Forwarding should fail before installing a matching (*, G). - $MZ $h1 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 1 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h1 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -411,9 +411,9 @@ unres_v4() # Create (*, G). Will not be installed in the kernel. create_mcast_sg $rp1 0.0.0.0 225.1.2.3 $rp2 $rp3 - $MZ $h1 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 1 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h1 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Multicast not received on first host" @@ -444,9 +444,9 @@ unres_v6() dst_ip ff0e::3 ip_proto udp dst_port 12345 action drop # Forwarding should fail before installing a matching (*, G). - $MZ $h1 -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 1 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h1 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -456,9 +456,9 @@ unres_v6() # Create (*, G). Will not be installed in the kernel. create_mcast_sg $rp1 :: ff0e::3 $rp2 $rp3 - $MZ $h1 -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 1 -p 128 -t udp \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h1 "ttl=10,sp=54321,dp=12345" tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Multicast not received on first host" diff --git a/tools/testing/selftests/net/forwarding/router_multipath.sh b/tools/testing/selftests/net/forwarding/router_multipath.sh index 46f365b557b7..e71f09e7827e 100755 --- a/tools/testing/selftests/net/forwarding/router_multipath.sh +++ b/tools/testing/selftests/net/forwarding/router_multipath.sh @@ -178,8 +178,8 @@ multipath4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - ip vrf exec vrf-h1 $MZ $h1 -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + ip vrf exec vrf-h1 $MZ -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) @@ -216,8 +216,8 @@ multipath6_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) diff --git a/tools/testing/selftests/net/forwarding/sch_red.sh b/tools/testing/selftests/net/forwarding/sch_red.sh index af166662b78a..934ff436889e 100755 --- a/tools/testing/selftests/net/forwarding/sch_red.sh +++ b/tools/testing/selftests/net/forwarding/sch_red.sh @@ -165,7 +165,7 @@ send_packets() local proto=$1; shift local pkts=$1; shift - $MZ $h2 -p $PKTSZ -a own -b $h3_mac -A 192.0.2.2 -B 192.0.2.3 -t $proto -q -c $pkts "$@" + $MZ -p $PKTSZ -a own -b $h3_mac -A 192.0.2.2 -B 192.0.2.3 -t $proto -q -c $pkts $h2 "$@" } # This sends traffic in an attempt to build a backlog of $size. Returns 0 on @@ -266,8 +266,8 @@ do_ecn_test() local limit=$1; shift local name=ECN - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q $h1 tos=0x01 & defer stop_traffic $! sleep 1 @@ -287,8 +287,8 @@ do_ecn_nodrop_test() local limit=$1; shift local name="ECN nodrop" - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q $h1 tos=0x01 & defer stop_traffic $! sleep 1 @@ -311,8 +311,8 @@ do_red_test() # Use ECN-capable TCP to verify there's no marking even though the queue # is above limit. - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q $h1 tos=0x01 & defer stop_traffic $! # Pushing below the queue limit should work. @@ -342,8 +342,8 @@ do_red_qevent_test() RET=0 - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t udp -q & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t udp -q $h1 & defer stop_traffic $! sleep 1 @@ -381,8 +381,8 @@ do_ecn_qevent_test() RET=0 - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q $h1 tos=0x01 & defer stop_traffic $! sleep 1 diff --git a/tools/testing/selftests/net/forwarding/skbedit_priority.sh b/tools/testing/selftests/net/forwarding/skbedit_priority.sh index 3dd5fcbd3eaa..06e8b9e21b94 100755 --- a/tools/testing/selftests/net/forwarding/skbedit_priority.sh +++ b/tools/testing/selftests/net/forwarding/skbedit_priority.sh @@ -125,8 +125,8 @@ test_skbedit_priority_one() local pkt0=$(qdisc_parent_stats_get $swp2 $classid .packets) local pkt2=$(tc_rule_handle_stats_get "$locus" 101) - $MZ $h1 -t udp "sp=54321,dp=12345" -c 10 -d 20msec -p 100 \ - -a own -b $h2mac -A 192.0.2.1 -B 192.0.2.2 -q + $MZ -t udp -c 10 -d 20msec -p 100 \ + -a own -b $h2mac -A 192.0.2.1 -B 192.0.2.2 -q $h1 "sp=54321,dp=12345" local pkt1 pkt1=$(busywait "$HIT_TIMEOUT" until_counter_is ">= $((pkt0 + 10))" \ diff --git a/tools/testing/selftests/net/forwarding/tc_actions.sh b/tools/testing/selftests/net/forwarding/tc_actions.sh index ea89e558672d..580aaa42ed31 100755 --- a/tools/testing/selftests/net/forwarding/tc_actions.sh +++ b/tools/testing/selftests/net/forwarding/tc_actions.sh @@ -66,8 +66,8 @@ mirred_egress_test() tc filter add dev $h2 ingress protocol ip pref 1 handle 101 flower \ dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched without redirect rule inserted" @@ -76,8 +76,8 @@ mirred_egress_test() $classifier $tcflags $classifier_args \ action mirred egress $action dev $swp2 - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match incoming $action packet" @@ -96,8 +96,8 @@ gact_drop_and_ok_test() tc filter add dev $swp1 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 102 1 check_err $? "Packet was not dropped" @@ -105,8 +105,8 @@ gact_drop_and_ok_test() tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 flower \ $tcflags dst_ip 192.0.2.2 action ok - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 101 1 check_err $? "Did not see passed packet" @@ -134,8 +134,8 @@ gact_trap_test() $tcflags dst_ip 192.0.2.2 action mirred egress redirect \ dev $swp2 - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 101 1 check_fail $? "Saw packet without trap rule inserted" @@ -143,8 +143,8 @@ gact_trap_test() tc filter add dev $swp1 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 action trap - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 102 1 check_err $? "Packet was not trapped" @@ -175,8 +175,8 @@ mirred_egress_to_ingress_test() tc filter add dev $swp1 protocol ip pref 12 handle 112 ingress flower \ ip_proto icmp src_ip 192.0.2.1 dst_ip 192.0.2.2 type 0 action pass - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t icmp "ping,id=42,seq=10" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t icmp -q $h1 "ping,id=42,seq=10" tc_check_packets "dev $h1 egress" 100 1 check_err $? "didn't mirror first packet" @@ -230,8 +230,8 @@ mirred_egress_to_ingress_tcp_test() cmp -s $mirred_e2i_tf1 $mirred_e2i_tf2 check_err $? "server output check failed" - $MZ $h1 -c 10 -p 64 -a $h1mac -b $h1mac -A 192.0.2.1 -B 192.0.2.1 \ - -t icmp "ping,id=42,seq=5" -q + $MZ -c 10 -p 64 -a $h1mac -b $h1mac -A 192.0.2.1 -B 192.0.2.1 \ + -t icmp -q $h1 "ping,id=42,seq=5" tc_check_packets "dev $h1 egress" 101 10 check_err $? "didn't mirred redirect ICMP" tc_check_packets "dev $h1 ingress" 102 10 @@ -254,8 +254,8 @@ ingress_2nd_vlan_push() $tcflags num_of_vlans 2 \ cvlan_ethtype 0x800 action pass - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -Q 10 -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -Q 10 -q $h1 tc_check_packets "dev $swp1 ingress" 30 1 check_err $? "No double-vlan packets received" @@ -276,8 +276,8 @@ egress_2nd_vlan_push() $tcflags num_of_vlans 2 \ cvlan_ethtype 0x800 action pass - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h1 egress" 30 1 check_err $? "No double-vlan packets received" diff --git a/tools/testing/selftests/net/forwarding/tc_chains.sh b/tools/testing/selftests/net/forwarding/tc_chains.sh index b95de0463ebd..95b194b5e092 100755 --- a/tools/testing/selftests/net/forwarding/tc_chains.sh +++ b/tools/testing/selftests/net/forwarding/tc_chains.sh @@ -38,8 +38,8 @@ unreachable_chain_test() tc filter add dev $h2 ingress chain 1 protocol ip pref 1 handle 1101 \ flower $tcflags dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 1101 1 check_fail $? "matched on filter in unreachable chain" @@ -61,8 +61,8 @@ gact_goto_chain_test() tc filter add dev $h2 ingress protocol ip pref 1 handle 101 flower \ $tcflags dst_mac $h2mac action goto chain 1 - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 102 1 check_fail $? "Matched on a wrong filter" diff --git a/tools/testing/selftests/net/forwarding/tc_flower.sh b/tools/testing/selftests/net/forwarding/tc_flower.sh index b58909a93112..2b327b46be55 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower.sh @@ -46,8 +46,8 @@ match_dst_mac_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -72,8 +72,8 @@ match_src_mac_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags src_mac $h1mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -98,8 +98,8 @@ match_dst_ip_test() tc filter add dev $h2 ingress protocol ip pref 3 handle 103 flower \ $tcflags dst_ip 192.0.2.0/24 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -109,8 +109,8 @@ match_dst_ip_test() tc filter del dev $h2 ingress protocol ip pref 2 handle 102 flower - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 103 1 check_err $? "Did not match on correct filter with mask" @@ -132,8 +132,8 @@ match_src_ip_test() tc filter add dev $h2 ingress protocol ip pref 3 handle 103 flower \ $tcflags src_ip 192.0.2.0/24 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -143,8 +143,8 @@ match_src_ip_test() tc filter del dev $h2 ingress protocol ip pref 2 handle 102 flower - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 103 1 check_err $? "Did not match on correct filter with mask" @@ -168,8 +168,8 @@ match_ip_flags_test() tc filter add dev $h2 ingress protocol ip pref 4 handle 104 flower \ $tcflags ip_flags nofrag action drop - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=0" -q + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "frag=0" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on wrong frag filter (nofrag)" @@ -183,8 +183,8 @@ match_ip_flags_test() tc_check_packets "dev $h2 ingress" 104 1 check_err $? "Did not match on nofrag filter (nofrag)" - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=0,mf" -q + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "frag=0,mf" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on frag filter (1stfrag)" @@ -198,10 +198,10 @@ match_ip_flags_test() tc_check_packets "dev $h2 ingress" 104 1 check_err $? "Match on wrong nofrag filter (1stfrag)" - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=256,mf" -q - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=256" -q + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "frag=256,mf" + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "frag=256" tc_check_packets "dev $h2 ingress" 101 3 check_err $? "Did not match on frag filter (no1stfrag)" @@ -234,8 +234,8 @@ match_pcp_test() tc filter add dev $h2 ingress protocol 802.1q pref 2 handle 102 \ flower vlan_prio 7 $tcflags dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 7:85 -t ip -q - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 7:85 -t ip -q $h1 + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 0 check_err $? "Matched on specified PCP when should not" @@ -263,7 +263,7 @@ match_vlan_test() tc filter add dev $h2 ingress protocol 802.1q pref 2 handle 102 \ flower vlan_id 85 $tcflags action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 0 check_err $? "Matched on specified VLAN when should not" @@ -289,8 +289,8 @@ match_ip_tos_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 ip_tos 0x18 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip tos=18 -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tos=18 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (0x18)" @@ -298,8 +298,8 @@ match_ip_tos_test() tc_check_packets "dev $h2 ingress" 102 1 check_err $? "Did not match on correct filter (0x18)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip tos=20 -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tos=20 tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0x20)" @@ -322,11 +322,11 @@ match_ip_ttl_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "ttl=63" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "ttl=63" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "ttl=63,mf,frag=256" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "ttl=63,mf,frag=256" tc_check_packets "dev $h2 ingress" 102 1 check_fail $? "Matched on the wrong filter (no check on ttl)" @@ -334,8 +334,8 @@ match_ip_ttl_test() tc_check_packets "dev $h2 ingress" 101 2 check_err $? "Did not match on correct filter (ttl=63)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "ttl=255" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "ttl=255" tc_check_packets "dev $h2 ingress" 101 3 check_fail $? "Matched on a wrong filter (ttl=63)" @@ -358,8 +358,8 @@ match_indev_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags indev $h2 dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -404,7 +404,7 @@ match_mpls_label_test() flower $tcflags mpls_label 1048575 action drop pkt="$ethtype $(mpls_lse 1048575 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (1048575)" @@ -413,7 +413,7 @@ match_mpls_label_test() check_err $? "Did not match on correct filter (1048575)" pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -442,7 +442,7 @@ match_mpls_tc_test() flower $tcflags mpls_tc 7 action drop pkt="$ethtype $(mpls_lse 0 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (7)" @@ -451,7 +451,7 @@ match_mpls_tc_test() check_err $? "Did not match on correct filter (7)" pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -480,7 +480,7 @@ match_mpls_bos_test() flower $tcflags mpls_bos 1 action drop pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (1)" @@ -490,7 +490,7 @@ match_mpls_bos_test() # Need to add a second label to properly mark the Bottom of Stack pkt="$ethtype $(mpls_lse 0 0 0 255) $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -519,7 +519,7 @@ match_mpls_ttl_test() flower $tcflags mpls_ttl 255 action drop pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (255)" @@ -528,7 +528,7 @@ match_mpls_ttl_test() check_err $? "Did not match on correct filter (255)" pkt="$ethtype $(mpls_lse 0 0 1 0)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -581,45 +581,45 @@ match_mpls_lse_test() # Base packet, matched by all filters (except for stack depth 3) pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Make a variant of the above packet, with a non-matching value # for each LSE field # Wrong label at depth 1 pkt="$ethtype $(mpls_lse 1 0 0 0) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TC at depth 1 pkt="$ethtype $(mpls_lse 0 1 0 0) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong BOS at depth 1 (not adding a second LSE here since BOS is set # in the first label, so anything that'd follow wouldn't be considered) pkt="$ethtype $(mpls_lse 0 0 1 0)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TTL at depth 1 pkt="$ethtype $(mpls_lse 0 0 0 1) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong label at depth 2 pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048574 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TC at depth 2 pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 6 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong BOS at depth 2 (adding a third LSE here since BOS isn't set in # the second label) pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 7 0 255)" pkt="$pkt $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TTL at depth 2 pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 7 1 254)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Filters working at depth 1 should match all packets but one @@ -707,12 +707,12 @@ match_erspan_opts_test() enc_key_id 1002 erspan_opts 2:0:1:63 action drop ep1mac=$(mac_get erspan1) - $MZ erspan1 -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q + $MZ -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q erspan1 tc_check_packets "dev ep-ex ingress" 101 1 check_err $? "ERSPAN Type II" ep2mac=$(mac_get erspan2) - $MZ erspan2 -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q + $MZ -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q erspan2 tc_check_packets "dev ep-ex ingress" 102 1 check_err $? "ERSPAN Type III" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh b/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh index 3ca20df952eb..e2988d3b855f 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh @@ -63,9 +63,9 @@ match_cfm_opcode() flower cfm op 43 action drop pkt="$ethtype $(generate_cfm_hdr 7 47 0 32)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 6 5 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on correct opcode" @@ -74,7 +74,7 @@ match_cfm_opcode() check_err $? "Matched on the wrong opcode" pkt="$ethtype $(generate_cfm_hdr 0 43 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Matched on the wrong opcode" @@ -101,11 +101,11 @@ match_cfm_level() flower cfm mdl 0 action drop pkt="$ethtype $(generate_cfm_hdr 5 42 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 6 1 0 70)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 0 1 0 70)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on correct level" @@ -117,7 +117,7 @@ match_cfm_level() check_err $? "Did not match on correct level" pkt="$ethtype $(generate_cfm_hdr 3 0 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Matched on the wrong level" @@ -146,11 +146,11 @@ match_cfm_level_and_opcode() flower cfm mdl 7 op 42 action drop pkt="$ethtype $(generate_cfm_hdr 5 41 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 7 3 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 3 42 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on correct level and opcode" @@ -159,7 +159,7 @@ match_cfm_level_and_opcode() check_err $? "Matched on the wrong level and opcode" pkt="$ethtype $(generate_cfm_hdr 7 42 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Matched on the wrong level and opcode" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh b/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh index c2420bb72c12..73ceb27a4d5a 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh @@ -86,7 +86,7 @@ test_l2_miss_unicast() dst_ip $dip action pass # Before adding FDB entry. - $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unknown unicast filter was not hit before adding FDB entry" @@ -97,7 +97,7 @@ test_l2_miss_unicast() # Adding FDB entry. bridge fdb replace $dmac dev $swp2 master static - $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unknown unicast filter was hit after adding FDB entry" @@ -108,7 +108,7 @@ test_l2_miss_unicast() # Deleting FDB entry. bridge fdb del $dmac dev $swp2 master static - $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 2 check_err $? "Unknown unicast filter was not hit after deleting FDB entry" @@ -143,7 +143,7 @@ test_l2_miss_multicast_common() action pass # Before adding MDB entry. - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unregistered multicast filter was not hit before adding MDB entry" @@ -154,7 +154,7 @@ test_l2_miss_multicast_common() # Adding MDB entry. bridge mdb replace dev br1 port $swp2 grp $dip permanent - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unregistered multicast filter was hit after adding MDB entry" @@ -165,7 +165,7 @@ test_l2_miss_multicast_common() # Deleting MDB entry. bridge mdb del dev br1 port $swp2 grp $dip - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 2 check_err $? "Unregistered multicast filter was not hit after deleting MDB entry" @@ -255,7 +255,7 @@ test_l2_miss_ll_multicast_common() flower indev $swp1 l2_miss 1 dst_mac $dmac src_ip $sip \ dst_ip $dip action pass - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Filter was not hit" @@ -309,7 +309,7 @@ test_l2_miss_broadcast() flower l2_miss 0 dst_mac $dmac src_mac $smac \ action pass - $MZ $h1 -a $smac -b $dmac -c 1 -p 100 -q + $MZ -a $smac -b $dmac -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 0 check_err $? "L2 miss filter was hit when should not" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh b/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh index baed5e380dae..6323567ca2fb 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh @@ -103,22 +103,22 @@ __test_port_range() dst_port $dport_min-$dport_max \ action drop - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$dport_min" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$dport_min" tc_check_packets "dev $swp1 ingress" 101 1 check_err $? "Ingress filter not hit with minimum ports" tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Egress filter not hit with minimum ports" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_mid,dp=$dport_mid" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_mid,dp=$dport_mid" tc_check_packets "dev $swp1 ingress" 101 2 check_err $? "Ingress filter not hit with middle ports" tc_check_packets "dev $swp2 egress" 101 2 check_err $? "Egress filter not hit with middle ports" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_max,dp=$dport_max" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_max,dp=$dport_max" tc_check_packets "dev $swp1 ingress" 101 3 check_err $? "Ingress filter not hit with maximum ports" tc_check_packets "dev $swp2 egress" 101 3 @@ -126,16 +126,16 @@ __test_port_range() # Send traffic when both ports are out of range and when only one port # is out of range. - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_min - 1)),dp=$dport_min" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_max + 1)),dp=$dport_min" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$((dport_min - 1))" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$((dport_max + 1))" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_max + 1)),dp=$((dport_max + 1))" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_min - 1)),dp=$dport_min" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_max + 1)),dp=$dport_min" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$((dport_min - 1))" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$((dport_max + 1))" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_max + 1)),dp=$((dport_max + 1))" tc_check_packets "dev $swp1 ingress" 101 3 check_err $? "Ingress filter was hit when should not" tc_check_packets "dev $swp2 egress" 101 3 @@ -219,18 +219,18 @@ test_port_range_ipv4_udp_drop() action drop # Test ports outside range - should pass - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_min - 1)),dp=$dport" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_max + 1)),dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_min - 1)),dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_max + 1)),dp=$dport" # Test ports inside range - should be dropped - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$dport" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_mid,dp=$dport" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_max,dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_mid,dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_max,dp=$dport" tc_check_packets "dev $swp1 ingress" 101 3 check_err $? "Filter did not drop the expected number of packets" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_router.sh b/tools/testing/selftests/net/forwarding/tc_flower_router.sh index 4aee9c9e69f6..e0af18844581 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_router.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_router.sh @@ -90,8 +90,8 @@ match_indev_egress_test() tc filter add dev $rp3 egress protocol ip pref 2 handle 102 flower \ $tcflags indev $rp2 dst_ip 192.0.3.1 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $rp1mac -A 192.0.1.1 -B 192.0.3.1 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $rp1mac -A 192.0.1.1 -B 192.0.3.1 \ + -t ip -q $h1 tc_check_packets "dev $rp3 egress" 102 1 check_fail $? "Matched on a wrong filter" @@ -99,8 +99,8 @@ match_indev_egress_test() tc_check_packets "dev $rp3 egress" 101 1 check_err $? "Did not match on correct filter" - $MZ $h2 -c 1 -p 64 -a $h2mac -b $rp2mac -A 192.0.2.1 -B 192.0.3.1 \ - -t ip -q + $MZ -c 1 -p 64 -a $h2mac -b $rp2mac -A 192.0.2.1 -B 192.0.3.1 \ + -t ip -q $h2 tc_check_packets "dev $rp3 egress" 101 2 check_fail $? "Matched on a wrong filter" diff --git a/tools/testing/selftests/net/forwarding/tc_police.sh b/tools/testing/selftests/net/forwarding/tc_police.sh index 509fdedfcfa1..5a5b13e0fc9e 100755 --- a/tools/testing/selftests/net/forwarding/tc_police.sh +++ b/tools/testing/selftests/net/forwarding/tc_police.sh @@ -133,8 +133,8 @@ police_common_test() dst_ip 198.51.100.1 ip_proto udp dst_port 54321 \ action drop - mausezahn $h1 -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ - -t udp sp=12345,dp=54321 -p 1000 -c 0 -q & + $MZ -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ + -t udp -p 1000 -c 0 -q $h1 sp=12345,dp=54321 & local t0=$(tc_rule_stats_get $h2 1 ingress .bytes) sleep 10 @@ -183,8 +183,8 @@ police_shared_common_test() RET=0 - mausezahn $h1 -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ - -t udp sp=12345,dp=$dport -p 1000 -c 0 -q & + $MZ -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ + -t udp -p 1000 -c 0 -q $h1 sp=12345,dp=$dport & local t0=$(tc_rule_stats_get $h2 1 ingress .bytes) sleep 10 @@ -253,8 +253,8 @@ police_mirror_common_test() action police rate 10mbit burst 16k conform-exceed drop/pipe \ action mirred egress mirror dev $rp3 - mausezahn $h1 -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ - -t udp sp=12345,dp=54321 -p 1000 -c 0 -q & + $MZ -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ + -t udp -p 1000 -c 0 -q $h1 sp=12345,dp=54321 & local t0=$(tc_rule_stats_get $h2 1 ingress .bytes) sleep 10 @@ -305,8 +305,8 @@ police_pps_common_test() dst_ip 198.51.100.1 ip_proto udp dst_port 54321 \ action drop - mausezahn $h1 -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ - -t udp sp=12345,dp=54321 -p 1000 -c 0 -q & + $MZ -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ + -t udp -p 1000 -c 0 -q $h1 sp=12345,dp=54321 & local t0=$(tc_rule_stats_get $h2 1 ingress .packets) sleep 10 @@ -364,11 +364,11 @@ police_mtu_common_test() { dst_ip 198.51.100.1 ip_proto udp dst_port 54321 \ action drop - mausezahn $h1 -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ - -t udp sp=12345,dp=54321 -p 1001 -c 10 -q + $MZ -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ + -t udp -p 1001 -c 10 -q $h1 sp=12345,dp=54321 - mausezahn $h1 -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ - -t udp sp=12345,dp=54321 -p 1000 -c 3 -q + $MZ -a own -b $(mac_get $rp1) -A 192.0.2.1 -B 198.51.100.1 \ + -t udp -p 1000 -c 3 -q $h1 sp=12345,dp=54321 tc_check_packets "dev $dev $direction" 101 13 check_err $? "wrong packet counter" diff --git a/tools/testing/selftests/net/forwarding/tc_shblocks.sh b/tools/testing/selftests/net/forwarding/tc_shblocks.sh index 772e00ac3230..37517e4b5df6 100755 --- a/tools/testing/selftests/net/forwarding/tc_shblocks.sh +++ b/tools/testing/selftests/net/forwarding/tc_shblocks.sh @@ -53,14 +53,14 @@ shared_block_test() tc filter add block 22 protocol ip pref 1 handle 101 flower \ $tcflags dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "block 22" 101 1 check_err $? "Did not match first incoming packet on a block" - $MZ $h2 -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h2 tc_check_packets "block 22" 101 2 check_err $? "Did not match second incoming packet on a block" @@ -79,14 +79,14 @@ match_indev_test() tc filter add block 22 protocol ip pref 2 handle 102 flower \ $tcflags indev $swp2 dst_mac $swmac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "block 22" 101 1 check_err $? "Did not match first incoming packet on a block" - $MZ $h2 -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h2 tc_check_packets "block 22" 102 1 check_err $? "Did not match second incoming packet on a block" diff --git a/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh b/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh index 79775b10b99f..8c5205502827 100755 --- a/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh +++ b/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh @@ -114,11 +114,11 @@ tunnel_key_nofrag_test() # test 'nofrag' set tc filter add dev h1-et egress protocol all pref 1 handle 1 matchall $tcflags \ action tunnel_key set src_ip 192.0.2.1 dst_ip 192.0.2.2 id 42 nofrag index 10 - $MZ h1-et -c 1 -p 930 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q + $MZ -c 1 -p 930 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q h1-et tc_check_packets "dev $swp1 ingress" 100 1 check_err $? "packet smaller than MTU was not tunneled" - $MZ h1-et -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q + $MZ -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q h1-et tc_check_packets "dev $swp1 ingress" 100 1 check_err $? "packet bigger than MTU matched nofrag (nofrag was set)" tc_check_packets "dev $swp1 ingress" 101 0 @@ -128,7 +128,7 @@ tunnel_key_nofrag_test() # test 'nofrag' cleared tc actions change action tunnel_key set src_ip 192.0.2.1 dst_ip 192.0.2.2 id 42 index 10 - $MZ h1-et -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q + $MZ -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q h1-et tc_check_packets "dev $swp1 ingress" 100 1 check_err $? "packet bigger than MTU matched nofrag (nofrag was unset)" tc_check_packets "dev $swp1 ingress" 101 1 diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh index b43816dd998c..6913c0185262 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh @@ -395,7 +395,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ $h1 -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q + $MZ -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q $h1 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) @@ -567,9 +567,9 @@ vxlan_encapped_ping_do() local inner_tos=$1; shift local outer_tos=$1; shift - $MZ $dev -c $count -d 100msec -q \ + $MZ -c $count -d 100msec -q \ -b $next_hop_mac -B $dest_ip \ - -t udp tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: + -t udp $dev tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: )"08:"$( : VXLAN flags )"00:00:00:"$( : VXLAN reserved )"00:03:e8:"$( : VXLAN VNI @@ -705,8 +705,8 @@ test_learning() # a corresponding entry is created in VxLAN device vx1 RET=0 - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q self @@ -737,8 +737,8 @@ test_learning() # Re-learn the first FDB entry and check that it is correctly aged-out RET=0 - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q self @@ -749,7 +749,7 @@ test_learning() vxlan_flood_test $mac $dst 0 10 0 # The entry should age out when it only forwards traffic - $MZ $h1 -c 50 -d 1sec -p 64 -b $mac -B $dst -t icmp -q & + $MZ -c 50 -d 1sec -p 64 -b $mac -B $dst -t icmp -q $h1 & sleep 60 bridge fdb show brport vx1 | grep $mac | grep -q self @@ -767,8 +767,8 @@ test_learning() ip link set dev vx1 type bridge_slave learning off - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q -v self @@ -776,8 +776,8 @@ test_learning() ip link set dev vx1 type bridge_slave learning on - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q -v self diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh index a603f7b0a08f..988b13fe0355 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh @@ -516,7 +516,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ -6 $h1 -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 type=128 -q + $MZ -6 -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 -q $h1 type=128 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) @@ -682,9 +682,9 @@ vxlan_encapped_ping_do() local saddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:03" local daddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:01" - $MZ -6 $dev -c $count -d 100msec -q \ + $MZ -6 -c $count -d 100msec -q \ -b $next_hop_mac -B $dest_ip \ - -t udp tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: + -t udp $dev tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: )"08:"$( : VXLAN flags )"00:00:00:"$( : VXLAN reserved )"00:03:e8:"$( : VXLAN VNI diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh index afc65647f673..17333e5ad94a 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh @@ -500,7 +500,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ $h1 -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q + $MZ -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q $h1 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) @@ -717,8 +717,8 @@ __test_learning() # a corresponding entry is created in the VxLAN device RET=0 - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep -q self @@ -752,8 +752,8 @@ __test_learning() # Re-learn the first FDB entry and check that it is correctly aged-out RET=0 - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep -q self @@ -784,8 +784,8 @@ __test_learning() ip link set dev $vx type bridge_slave learning off - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ @@ -794,8 +794,8 @@ __test_learning() ip link set dev $vx type bridge_slave learning on - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh index e83fde79f40d..5af514884e2c 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh @@ -642,7 +642,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ -6 $h1 -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 type=128 -q + $MZ -6 -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 -q $h1 type=128 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh index 462db0b603e7..5cc2a7f090e3 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh @@ -471,8 +471,8 @@ do_packets_v4() local mac mac=$(mac_get "$h2") - "$MZ" "$h1" -Q 10 -c 10 -d 100msec -p 64 -a own -b "$mac" \ - -A 192.0.2.1 -B 192.0.2.2 -t udp sp=1234,dp=2345 -q + "$MZ" -Q 10 -c 10 -d 100msec -p 64 -a own -b "$mac" \ + -A 192.0.2.1 -B 192.0.2.2 -t udp -q "$h1" sp=1234,dp=2345 } do_packets_v6() @@ -480,8 +480,8 @@ do_packets_v6() local mac mac=$(mac_get "$h2") - "$MZ" -6 "$h1" -Q 20 -c 10 -d 100msec -p 64 -a own -b "$mac" \ - -A 2001:db8:1::1 -B 2001:db8:1::2 -t udp sp=1234,dp=2345 -q + "$MZ" -6 -Q 20 -c 10 -d 100msec -p 64 -a own -b "$mac" \ + -A 2001:db8:1::1 -B 2001:db8:1::2 -t udp -q "$h1" sp=1234,dp=2345 } do_test() diff --git a/tools/testing/selftests/net/forwarding/vxlan_reserved.sh b/tools/testing/selftests/net/forwarding/vxlan_reserved.sh index 46c31794b91b..6713468bc170 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_reserved.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_reserved.sh @@ -167,9 +167,9 @@ vxlan_ping_do() local vxlan_header=$(vxlan_header_bytes $vni $reserved_bits) - $MZ $dev -c $count -d 100msec -q \ + $MZ -c $count -d 100msec -q \ -b $next_hop_mac -B $dest_ip \ - -t udp sp=23456,dp=$VXPORT,p=$(: + -t udp $dev sp=23456,dp=$VXPORT,p=$(: )"$vxlan_header:"$( : VXLAN )"$dest_mac:"$( : ETH daddr )"00:11:22:33:44:55:"$( : ETH saddr -- 2.50.1

5 days, 22 hours

4
4
0 0

[PATCH RESEND v5] kunit: qemu_configs: Add MIPS configurations

by Thomas Weißschuh

Add basic support to run various MIPS variants via kunit_tool using the virtualized malta platform. Signed-off-by: Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> Reviewed-by: David Gow <davidgow(a)google.com> --- Changes in v5: - Rebase on v6.17-rc1 - Drop alreayd applied patch to MIPS core code and related CCs - Link to v4: https://lore.kernel.org/r/20250611-kunit-mips-v4-0-1d8997fb2ae4@linutronix.… Changes in v4: - Rebase on v6.16-rc1 - Pick up reviews from David - Clarify that GIC page is linked to vDSO - Link to v3: https://lore.kernel.org/r/20250415-kunit-mips-v3-0-4ec2461b5a7e@linutronix.… Changes in v3: - Also skip VDSO_RANDOMIZE_SIZE adjustment for kthreads - Link to v2: https://lore.kernel.org/r/20250414-kunit-mips-v2-0-4cf01e1a29e6@linutronix.… Changes in v2: - Fix usercopy kunit test by handling ABI-less tasks in stack_top() - Drop change to mm initialization. The broken test is not built by default anymore. - Link to v1: https://lore.kernel.org/r/20250212-kunit-mips-v1-0-eb49c9d76615@linutronix.… --- tools/testing/kunit/qemu_configs/mips.py | 18 ++++++++++++++++++ tools/testing/kunit/qemu_configs/mips64.py | 19 +++++++++++++++++++ tools/testing/kunit/qemu_configs/mips64el.py | 19 +++++++++++++++++++ tools/testing/kunit/qemu_configs/mipsel.py | 18 ++++++++++++++++++ 4 files changed, 74 insertions(+) diff --git a/tools/testing/kunit/qemu_configs/mips.py b/tools/testing/kunit/qemu_configs/mips.py new file mode 100644 index 0000000000000000000000000000000000000000..8899ac157b30bd2ee847eacd5b90fe6ad4e5fb04 --- /dev/null +++ b/tools/testing/kunit/qemu_configs/mips.py @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: GPL-2.0 + +from ..qemu_config import QemuArchParams + +QEMU_ARCH = QemuArchParams(linux_arch='mips', + kconfig=''' +CONFIG_32BIT=y +CONFIG_CPU_BIG_ENDIAN=y +CONFIG_MIPS_MALTA=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +''', + qemu_arch='mips', + kernel_path='vmlinuz', + kernel_command_line='console=ttyS0', + extra_qemu_params=['-M', 'malta']) diff --git a/tools/testing/kunit/qemu_configs/mips64.py b/tools/testing/kunit/qemu_configs/mips64.py new file mode 100644 index 0000000000000000000000000000000000000000..1478aed05b94da4914f34c6a8affdcfe34eb88ea --- /dev/null +++ b/tools/testing/kunit/qemu_configs/mips64.py @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: GPL-2.0 + +from ..qemu_config import QemuArchParams + +QEMU_ARCH = QemuArchParams(linux_arch='mips', + kconfig=''' +CONFIG_CPU_MIPS64_R2=y +CONFIG_64BIT=y +CONFIG_CPU_BIG_ENDIAN=y +CONFIG_MIPS_MALTA=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +''', + qemu_arch='mips64', + kernel_path='vmlinuz', + kernel_command_line='console=ttyS0', + extra_qemu_params=['-M', 'malta', '-cpu', '5KEc']) diff --git a/tools/testing/kunit/qemu_configs/mips64el.py b/tools/testing/kunit/qemu_configs/mips64el.py new file mode 100644 index 0000000000000000000000000000000000000000..300c711d7a82500b2ebcb4cf1467b6f72b5c17aa --- /dev/null +++ b/tools/testing/kunit/qemu_configs/mips64el.py @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: GPL-2.0 + +from ..qemu_config import QemuArchParams + +QEMU_ARCH = QemuArchParams(linux_arch='mips', + kconfig=''' +CONFIG_CPU_MIPS64_R2=y +CONFIG_64BIT=y +CONFIG_CPU_LITTLE_ENDIAN=y +CONFIG_MIPS_MALTA=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +''', + qemu_arch='mips64el', + kernel_path='vmlinuz', + kernel_command_line='console=ttyS0', + extra_qemu_params=['-M', 'malta', '-cpu', '5KEc']) diff --git a/tools/testing/kunit/qemu_configs/mipsel.py b/tools/testing/kunit/qemu_configs/mipsel.py new file mode 100644 index 0000000000000000000000000000000000000000..3d3543315b45776d0e77fb5c00c8c0a89eafdffd --- /dev/null +++ b/tools/testing/kunit/qemu_configs/mipsel.py @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: GPL-2.0 + +from ..qemu_config import QemuArchParams + +QEMU_ARCH = QemuArchParams(linux_arch='mips', + kconfig=''' +CONFIG_32BIT=y +CONFIG_CPU_LITTLE_ENDIAN=y +CONFIG_MIPS_MALTA=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +''', + qemu_arch='mipsel', + kernel_path='vmlinuz', + kernel_command_line='console=ttyS0', + extra_qemu_params=['-M', 'malta']) --- base-commit: 5606dd26f0b0d614e64a51e68c86e5066f9a5b71 change-id: 20241014-kunit-mips-e4fe1c265ed7 Best regards, -- Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>

6 days, 2 hours

1
0
0 0

[PATCH v3 0/6] ONE_REG interface for SBI FWFT extension

by Anup Patel

This series adds ONE_REG interface for SBI FWFT extension implemented by KVM RISC-V. This was missed out in accepted SBI FWFT patches for KVM RISC-V. These patches can also be found in the riscv_kvm_fwft_one_reg_v3 branch at: https://github.com/avpatel/linux.git Changes since v2: - Re-based on latest KVM RISC-V queue - Improved FWFT ONE_REG interface to allow enabling/disabling each FWFT feature from KVM userspace Changes since v1: - Dropped have_state in PATCH4 as suggested by Drew - Added Drew's Reviewed-by in appropriate patches Anup Patel (6): RISC-V: KVM: Set initial value of hedeleg in kvm_arch_vcpu_create() RISC-V: KVM: Introduce feature specific reset for SBI FWFT RISC-V: KVM: Introduce optional ONE_REG callbacks for SBI extensions RISC-V: KVM: Move copy_sbi_ext_reg_indices() to SBI implementation RISC-V: KVM: Implement ONE_REG interface for SBI FWFT state KVM: riscv: selftests: Add SBI FWFT to get-reg-list test arch/riscv/include/asm/kvm_vcpu_sbi.h | 22 +- arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h | 1 + arch/riscv/include/uapi/asm/kvm.h | 15 ++ arch/riscv/kvm/vcpu.c | 3 +- arch/riscv/kvm/vcpu_onereg.c | 60 +---- arch/riscv/kvm/vcpu_sbi.c | 172 +++++++++++-- arch/riscv/kvm/vcpu_sbi_fwft.c | 227 ++++++++++++++++-- arch/riscv/kvm/vcpu_sbi_sta.c | 63 +++-- .../selftests/kvm/riscv/get-reg-list.c | 32 +++ 9 files changed, 467 insertions(+), 128 deletions(-) -- 2.43.0

6 days, 5 hours

3
9
0 0

[PATCH net-next 3/3] selftests: mptcp: join: allow more time to send ADD_ADDR

by Matthieu Baerts (NGI0)

When many ADD_ADDR need to be sent, it can take some time to send each of them, and create new subflows. Some CIs seem to occasionally have issues with these tests, especially with "debug" kernels. Two subtests will now run for a slightly longer time: the last two where 3 or more ADD_ADDR are sent during the test. Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- tools/testing/selftests/net/mptcp/mptcp_join.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index e9e11a9e60fd5374c8a98c3b7159ccbca8053030..b41cebfa1f921ce9ea6a88a908bf6d5e6027b367 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -2268,7 +2268,8 @@ signal_address_tests() pm_nl_add_endpoint $ns1 10.0.3.1 flags signal pm_nl_add_endpoint $ns1 10.0.4.1 flags signal pm_nl_set_limits $ns2 3 3 - run_tests $ns1 $ns2 10.0.1.1 + speed=slow \ + run_tests $ns1 $ns2 10.0.1.1 chk_join_nr 3 3 3 chk_add_nr 3 3 fi @@ -2280,7 +2281,8 @@ signal_address_tests() pm_nl_add_endpoint $ns1 10.0.3.1 flags signal pm_nl_add_endpoint $ns1 10.0.14.1 flags signal pm_nl_set_limits $ns2 3 3 - run_tests $ns1 $ns2 10.0.1.1 + speed=slow \ + run_tests $ns1 $ns2 10.0.1.1 join_syn_tx=3 \ chk_join_nr 1 1 1 chk_add_nr 3 3 -- 2.51.0

6 days, 17 hours

1
0
0 0

[PATCH net-next 2/3] selftests: mptcp: join: tolerate more ADD_ADDR

by Matthieu Baerts (NGI0)

ADD_ADDR can be retransmitted, and with, the parent commit, these retransmissions can be sent quicker: from 2 minutes to less than one second. To avoid false positives where retransmitted ADD_ADDR causes higher counters than expected, it is required to be more tolerant. Errors are now only reported when fewer ADD_ADDRs have been sent/received, except if no ADD_ADDR are expected. Before the parent commit, the tolerance was present for each tests where the ADD_ADDR could be retransmitted in a reasonable time (1 sec). Now that all tests can have retransmitted ADD_ADDR, it is normal to apply the same tolerance for all tests. An alternative could be to disable the ADD_ADDR retransmissions by default, but that's changing the default kernel behaviour. Plus, ADD_ADDR retransmissions can be required for some tests. To avoid adding exceptions to many tests, it seems better to increase the tolerance. Later, we could add a new MIB counter to identify the ADD_ADDR retransmissions, and remove the tolerance when this counter is available. Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- tools/testing/selftests/net/mptcp/mptcp_join.sh | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 2f046167a0b6cc6fb5531a033d8d95c9ea399cf9..e9e11a9e60fd5374c8a98c3b7159ccbca8053030 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -358,6 +358,7 @@ reset_with_add_addr_timeout() tables="${ip6tables}" fi + # set a maximum, to avoid too long timeout with exponential backoff ip netns exec $ns1 sysctl -q net.mptcp.add_addr_timeout=1 if ! ip netns exec $ns2 $tables -A OUTPUT -p tcp \ @@ -1669,7 +1670,6 @@ chk_add_nr() local tx="" local rx="" local count - local timeout if [[ $ns_invert = "invert" ]]; then ns_tx=$ns2 @@ -1678,15 +1678,13 @@ chk_add_nr() rx=" server" fi - timeout=$(ip netns exec ${ns_tx} sysctl -n net.mptcp.add_addr_timeout) - print_check "add addr rx${rx}" count=$(mptcp_lib_get_counter ${ns_rx} "MPTcpExtAddAddr") if [ -z "$count" ]; then print_skip - # if the test configured a short timeout tolerate greater then expected - # add addrs options, due to retransmissions - elif [ "$count" != "$add_nr" ] && { [ "$timeout" -gt 1 ] || [ "$count" -lt "$add_nr" ]; }; then + # Tolerate more ADD_ADDR then expected (if any), due to retransmissions + elif [ "$count" != "$add_nr" ] && + { [ "$add_nr" -eq 0 ] || [ "$count" -lt "$add_nr" ]; }; then fail_test "got $count ADD_ADDR[s] expected $add_nr" else print_ok @@ -1774,18 +1772,15 @@ chk_add_tx_nr() { local add_tx_nr=$1 local echo_tx_nr=$2 - local timeout local count - timeout=$(ip netns exec $ns1 sysctl -n net.mptcp.add_addr_timeout) - print_check "add addr tx" count=$(mptcp_lib_get_counter ${ns1} "MPTcpExtAddAddrTx") if [ -z "$count" ]; then print_skip - # if the test configured a short timeout tolerate greater then expected - # add addrs options, due to retransmissions - elif [ "$count" != "$add_tx_nr" ] && { [ "$timeout" -gt 1 ] || [ "$count" -lt "$add_tx_nr" ]; }; then + # Tolerate more ADD_ADDR then expected (if any), due to retransmissions + elif [ "$count" != "$add_tx_nr" ] && + { [ "$add_tx_nr" -eq 0 ] || [ "$count" -lt "$add_tx_nr" ]; }; then fail_test "got $count ADD_ADDR[s] TX, expected $add_tx_nr" else print_ok -- 2.51.0

6 days, 17 hours

1
0
0 0

[PATCH net-next 1/3] mptcp: make ADD_ADDR retransmission timeout adaptive

by Matthieu Baerts (NGI0)

From: Geliang Tang <tanggeliang(a)kylinos.cn> Currently the ADD_ADDR option is retransmitted with a fixed timeout. This patch makes the retransmission timeout adaptive by using the maximum RTO among all the subflows, while still capping it at the configured maximum value (add_addr_timeout_max). This improves responsiveness when establishing new subflows. Specifically: 1. Adds mptcp_adjust_add_addr_timeout() helper to compute the adaptive timeout. 2. Uses maximum subflow RTO (icsk_rto) when available. 3. Applies exponential backoff based on retransmission count. 4. Maintains fallback to configured max timeout when no RTO data exists. This slightly changes the behaviour of the MPTCP "add_addr_timeout" sysctl knob to be used as a maximum instead of a fixed value. But this is seen as an improvement: the ADD_ADDR might be sent quicker than before to improve the overall MPTCP connection. Also, the default value is set to 2 min, which was already way too long, and caused the ADD_ADDR not to be retransmitted for connections shorter than 2 minutes. Suggested-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/576 Reviewed-by: Christoph Paasch <cpaasch(a)openai.com> Signed-off-by: Geliang Tang <tanggeliang(a)kylinos.cn> Reviewed-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- v2: no changes. --- Documentation/networking/mptcp-sysctl.rst | 8 +++++--- net/mptcp/pm.c | 28 ++++++++++++++++++++++++---- 2 files changed, 29 insertions(+), 7 deletions(-) diff --git a/Documentation/networking/mptcp-sysctl.rst b/Documentation/networking/mptcp-sysctl.rst index 1683c139821e3ba6d9eaa3c59330a523d29f1164..1eb6af26b4a7acdedd575a126c576210a78f0d4d 100644 --- a/Documentation/networking/mptcp-sysctl.rst +++ b/Documentation/networking/mptcp-sysctl.rst @@ -8,9 +8,11 @@ MPTCP Sysfs variables =============================== add_addr_timeout - INTEGER (seconds) - Set the timeout after which an ADD_ADDR control message will be - resent to an MPTCP peer that has not acknowledged a previous - ADD_ADDR message. + Set the maximum value of timeout after which an ADD_ADDR control message + will be resent to an MPTCP peer that has not acknowledged a previous + ADD_ADDR message. A dynamically estimated retransmission timeout based + on the estimated connection round-trip-time is used if this value is + lower than the maximum one. Do not retransmit if set to 0. diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c index 136a380602cae872b76560649c924330e5f42533..204e1f61212e2be77a8476f024b59be67d04b80a 100644 --- a/net/mptcp/pm.c +++ b/net/mptcp/pm.c @@ -268,6 +268,27 @@ int mptcp_pm_mp_prio_send_ack(struct mptcp_sock *msk, return -EINVAL; } +static unsigned int mptcp_adjust_add_addr_timeout(struct mptcp_sock *msk) +{ + const struct net *net = sock_net((struct sock *)msk); + unsigned int rto = mptcp_get_add_addr_timeout(net); + struct mptcp_subflow_context *subflow; + unsigned int max = 0; + + mptcp_for_each_subflow(msk, subflow) { + struct sock *ssk = mptcp_subflow_tcp_sock(subflow); + struct inet_connection_sock *icsk = inet_csk(ssk); + + if (icsk->icsk_rto > max) + max = icsk->icsk_rto; + } + + if (max && max < rto) + rto = max; + + return rto; +} + static void mptcp_pm_add_timer(struct timer_list *timer) { struct mptcp_pm_add_entry *entry = timer_container_of(entry, timer, @@ -292,7 +313,7 @@ static void mptcp_pm_add_timer(struct timer_list *timer) goto out; } - timeout = mptcp_get_add_addr_timeout(sock_net(sk)); + timeout = mptcp_adjust_add_addr_timeout(msk); if (!timeout) goto out; @@ -307,7 +328,7 @@ static void mptcp_pm_add_timer(struct timer_list *timer) if (entry->retrans_times < ADD_ADDR_RETRANS_MAX) sk_reset_timer(sk, timer, - jiffies + timeout); + jiffies + (timeout << entry->retrans_times)); spin_unlock_bh(&msk->pm.lock); @@ -348,7 +369,6 @@ bool mptcp_pm_alloc_anno_list(struct mptcp_sock *msk, { struct mptcp_pm_add_entry *add_entry = NULL; struct sock *sk = (struct sock *)msk; - struct net *net = sock_net(sk); unsigned int timeout; lockdep_assert_held(&msk->pm.lock); @@ -374,7 +394,7 @@ bool mptcp_pm_alloc_anno_list(struct mptcp_sock *msk, timer_setup(&add_entry->add_timer, mptcp_pm_add_timer, 0); reset_timer: - timeout = mptcp_get_add_addr_timeout(net); + timeout = mptcp_adjust_add_addr_timeout(msk); if (timeout) sk_reset_timer(sk, &add_entry->add_timer, jiffies + timeout); -- 2.51.0

6 days, 17 hours

1
0
0 0

[PATCHSET V2 bpf-next 0/2] cpuidle, bpf: Introduce BPF-ext cpuidle governor policy via struct_ops

by Lin Yikai

Changes in v2: - Optimized the logic in descriptions. (Song Liu) - Created a new header file to declare kfuncs for future extensions included by other files. (Christian Loehle) - Fixed some logical issues in the code. (Christian Loehle) Reference: [1] https://lore.kernel.org/bpf/20250829101137.9507-1-yikai.lin@vivo.com/ Summary ---------- Hi, everyone, This patch set introduces an extensible cpuidle governor framework using BPF struct_ops, enabling dynamic implementation of idle-state selection policies via BPF programs. Motivation ---------- As is well-known, CPUs support multiple idle states (e.g., C0, C1, C2, ...), where deeper states reduce power consumption, but results in longer wakeup latency, potentially affecting performance. Existing generic cpuidle governors operate effectively in common scenarios but exhibit suboptimal behavior in specific Android phone's use cases. Our testing reveals that during low-utilization scenarios (e.g., screen-off background tasks like music playback with CPU utilization <10%), the C0 state occupies ~50% of idle time, causing significant energy inefficiency. Reducing C0 to ≤20% could yield ≥5% power savings on mobile phones. To address this, we expect: 1.Dynamic governor switching to power-saved policies for low cpu utilization scenarios (e.g., screen-off mode) 2.Dynamic switching to alternate governors for high-performance scenarios (e.g., gaming) OverView ---------- The BPF cpuidle ext governor registers at postcore_initcall() but remains disabled by default due to its low priority "rating" with value "1". Activation requires adjust higer "rating" than other governors within BPF. Core Components: 1.**struct cpuidle_gov_ext_ops** – BPF-overridable operations: - ops.enable()/ops.disable(): enable or disable callback - ops.select(): cpu Idle-state selection logic - ops.set_stop_tick(): Scheduler tick management after state selection - ops.reflect(): feedback info about previous idle state. - ops.init()/ops.deinit(): Initialization or cleanup. 2.**Critical kfuncs for kernel state access**: - bpf_cpuidle_ext_gov_update_rating(): Activate ext governor by raising rating must be called from "ops.init()" - bpf_cpuidle_ext_gov_latency_req(): get idle-state latency constraints - bpf_tick_nohz_get_sleep_length(): get CPU sleep duration in tickless mode Future work ---------- 1. Scenario detection: Identifying low-utilization states (e.g., screen-off + background music) 2. Policy optimization: Optimizing state-selection algorithms for specific scenarios Is it related to sched_ext? --------------------------- The cpuidle framework is as follows. ---------------------------------------------------------- Scheduler Core ---------------------------------------------------------- | v ---------------------------------------------------------- | FAIR Class | EXT Class | IDLE Class | ---------------------------------------------------------- | | | | | | | v | | | ------------------------ | | | enter_cpu_idle() | | | ------------------------ | | | | | | | v | | | ------------------------------ | | | | CPUIDLE Governor | | | | ------------------------------ | | | | | | | | | v v v | | |----------------------------------- | | | default | | other | | BPF ext | | | | Governor | | Governor | | Governor | <<===Here is the feature we add. | | |----------------------------------- | | | | | | | | | v v v | | |------------------------------------- | | | select idle state | | |------------------------------------- Whereas cpuidle is invoked after switching to idle class when no tasks are present in the scheduling RQ. They are not directly related, so implementing kfuncs or other extensions through sched_ext is not feasible. Lin Yikai (2): cpuidle: Implement BPF extensible cpuidle governor class selftests/bpf: Add selftests for cpuidle_gov_ext drivers/cpuidle/Kconfig | 12 + drivers/cpuidle/governors/Makefile | 1 + drivers/cpuidle/governors/ext.c | 537 ++++++++++++++++++ .../bpf/prog_tests/test_cpuidle_gov_ext.c | 28 + .../selftests/bpf/progs/cpuidle_common.h | 13 + .../selftests/bpf/progs/cpuidle_gov_ext.c | 200 +++++++ 6 files changed, 791 insertions(+) create mode 100644 drivers/cpuidle/governors/ext.c create mode 100644 tools/testing/selftests/bpf/prog_tests/test_cpuidle_gov_ext.c create mode 100644 tools/testing/selftests/bpf/progs/cpuidle_common.h create mode 100644 tools/testing/selftests/bpf/progs/cpuidle_gov_ext.c -- 2.43.0

1 week

5
7
0 0

[PATCH net-next 1/2] selftests: net: replace sleeps in fcnal-test with waits

by Jakub Kicinski

fcnal-test.sh already includes lib.sh, use relevant helpers instead of sleeping. The first chunk is replacing sleep after killing background commands. All remaining ones replace sleep after starting nettest as a server with wait_local_port_listen. Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- tools/testing/selftests/net/fcnal-test.sh | 430 +++++++++++----------- 1 file changed, 215 insertions(+), 215 deletions(-) diff --git a/tools/testing/selftests/net/fcnal-test.sh b/tools/testing/selftests/net/fcnal-test.sh index 4fcc38907e48..0e3304d37fd0 100755 --- a/tools/testing/selftests/net/fcnal-test.sh +++ b/tools/testing/selftests/net/fcnal-test.sh @@ -189,7 +189,7 @@ show_hint() kill_procs() { killall nettest ping ping6 >/dev/null 2>&1 - sleep 1 + slowwait 2 sh -c 'test -z "$(pgrep '"'^(nettest|ping|ping6)$'"')"' } set_ping_group() @@ -875,7 +875,7 @@ ipv4_tcp_md5_novrf() # basic use case log_start run_cmd nettest -s -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: Single address config" @@ -883,7 +883,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: Server no config, client uses password" @@ -891,7 +891,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Client uses wrong password" @@ -899,7 +899,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -s -M ${MD5_PW} -m ${NSB_LO_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: Client address does not match address configured with password" @@ -910,7 +910,7 @@ ipv4_tcp_md5_novrf() # client in prefix log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: Prefix config" @@ -918,7 +918,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Prefix config, client uses wrong password" @@ -926,7 +926,7 @@ ipv4_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -c ${NSB_LO_IP} -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: Prefix config, client address not in configured prefix" } @@ -943,7 +943,7 @@ ipv4_tcp_md5() # basic use case log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config" @@ -951,7 +951,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since server does not have MD5 auth" run_cmd nettest -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Server no config, client uses password" @@ -959,7 +959,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Client uses wrong password" @@ -967,7 +967,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since server config differs from client" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_LO_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Client address does not match address configured with password" @@ -978,7 +978,7 @@ ipv4_tcp_md5() # client in prefix log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config" @@ -986,7 +986,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config, client uses wrong password" @@ -994,7 +994,7 @@ ipv4_tcp_md5() log_start show_hint "Should timeout since client address is outside of prefix" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -c ${NSB_LO_IP} -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config, client address not in configured prefix" @@ -1005,14 +1005,14 @@ ipv4_tcp_md5() log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF" @@ -1020,7 +1020,7 @@ ipv4_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF with VRF pw" @@ -1028,21 +1028,21 @@ ipv4_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NSB_IP} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF with default VRF pw" log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF" @@ -1050,7 +1050,7 @@ ipv4_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF with VRF pw" @@ -1058,7 +1058,7 @@ ipv4_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} & run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF with default VRF pw" @@ -1082,14 +1082,14 @@ test_ipv4_md5_vrf__vrf_server__no_bind_ifindex() log_start show_hint "Simulates applications using VRF without TCP_MD5SIG_FLAG_IFINDEX" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: VRF-bound server, unbound key accepts connection" log_start show_hint "Binding both the socket and the key is not required but it works" run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: VRF-bound server, bound key accepts connection" } @@ -1103,25 +1103,25 @@ test_ipv4_md5_vrf__global_server__bind_ifindex0() log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Global server, Key bound to ifindex=0 rejects VRF connection" log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Global server, key bound to ifindex=0 accepts non-VRF connection" log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Global server, key not bound to ifindex accepts VRF connection" log_start run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Global server, key not bound to ifindex accepts non-VRF connection" @@ -1193,7 +1193,7 @@ ipv4_tcp_novrf() do log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -1201,7 +1201,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1221,13 +1221,13 @@ ipv4_tcp_novrf() do log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client" log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" @@ -1249,7 +1249,7 @@ ipv4_tcp_novrf() do log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -0 ${a} -1 ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -1257,7 +1257,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -1266,7 +1266,7 @@ ipv4_tcp_novrf() log_start show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope" run_cmd nettest -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} log_test_addr ${a} $? 1 "Device server, unbound client, local connection" done @@ -1274,7 +1274,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -0 ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Global server, device client, local connection" @@ -1283,7 +1283,7 @@ ipv4_tcp_novrf() log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, device client, local connection" done @@ -1291,7 +1291,7 @@ ipv4_tcp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -d ${NSA_DEV} -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local connection" @@ -1323,19 +1323,19 @@ ipv4_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 1 "Global server" log_start run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "VRF server" log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1352,7 +1352,7 @@ ipv4_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, local connection" @@ -1374,14 +1374,14 @@ ipv4_tcp_vrf() log_start show_hint "client socket should be bound to VRF" run_cmd nettest -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Global server" log_start show_hint "client socket should be bound to VRF" run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "VRF server" @@ -1396,7 +1396,7 @@ ipv4_tcp_vrf() log_start show_hint "client socket should be bound to device" run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1406,7 +1406,7 @@ ipv4_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since client is not bound to VRF" run_cmd nettest -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} log_test_addr ${a} $? 1 "Global server, local connection" done @@ -1418,13 +1418,13 @@ ipv4_tcp_vrf() do log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -d ${VRF} log_test_addr ${a} $? 0 "Client, VRF bind" log_start run_cmd_nsb nettest -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" @@ -1443,7 +1443,7 @@ ipv4_tcp_vrf() do log_start run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local connection" done @@ -1451,26 +1451,26 @@ ipv4_tcp_vrf() a=${NSA_IP} log_start run_cmd nettest -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "VRF server, device client, local connection" log_start show_hint "Should fail 'No route to host' since client is out of VRF scope" run_cmd nettest -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} log_test_addr ${a} $? 1 "VRF server, unbound client, local connection" log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "Device server, VRF client, local connection" log_start run_cmd nettest -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local connection" } @@ -1509,7 +1509,7 @@ ipv4_udp_novrf() do log_start run_cmd nettest -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Global server" @@ -1522,7 +1522,7 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Device server" @@ -1533,31 +1533,31 @@ ipv4_udp_novrf() do log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client, device bind" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -C -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client, device send via cmsg" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client, device bind via IP_UNICAST_IF" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP} -U log_test_addr ${a} $? 0 "Client, device bind via IP_UNICAST_IF, with connect()" @@ -1580,7 +1580,7 @@ ipv4_udp_novrf() do log_start run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -0 ${a} -1 ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -1588,7 +1588,7 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -1597,7 +1597,7 @@ ipv4_udp_novrf() log_start show_hint "Should fail 'Connection refused' since address is out of device scope" run_cmd nettest -s -D -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} log_test_addr ${a} $? 1 "Device server, unbound client, local connection" done @@ -1605,25 +1605,25 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Global server, device client, local connection" log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -C -r ${a} log_test_addr ${a} $? 0 "Global server, device send via cmsg, local connection" log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -S -r ${a} log_test_addr ${a} $? 0 "Global server, device client via IP_UNICAST_IF, local connection" log_start run_cmd nettest -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -S -r ${a} -U log_test_addr ${a} $? 0 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" @@ -1636,28 +1636,28 @@ ipv4_udp_novrf() log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 2 "Global server, device client, local connection" log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -C log_test_addr ${a} $? 1 "Global server, device send via cmsg, local connection" log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection" log_start show_hint "Should fail since addresses on loopback are out of device scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -U log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" @@ -1667,7 +1667,7 @@ ipv4_udp_novrf() a=${NSA_IP} log_start run_cmd nettest -D -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" @@ -1709,19 +1709,19 @@ ipv4_udp_vrf() log_start show_hint "Fails because ingress is in a VRF and global server is disabled" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 1 "Global server" log_start run_cmd nettest -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "VRF server" log_start run_cmd nettest -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" @@ -1733,7 +1733,7 @@ ipv4_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is out of scope" run_cmd nettest -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 1 "Global server, VRF client, local connection" done @@ -1741,26 +1741,26 @@ ipv4_udp_vrf() a=${NSA_IP} log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, enslaved device client, local connection" a=${NSA_IP} log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn" @@ -1775,19 +1775,19 @@ ipv4_udp_vrf() do log_start run_cmd nettest -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Global server" log_start run_cmd nettest -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "VRF server" log_start run_cmd nettest -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" @@ -1802,13 +1802,13 @@ ipv4_udp_vrf() # log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -d ${VRF} -D -r ${NSB_IP} -1 ${NSA_IP} log_test $? 0 "VRF client" log_start run_cmd_nsb nettest -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -d ${NSA_DEV} -D -r ${NSB_IP} -1 ${NSA_IP} log_test $? 0 "Enslaved device client" @@ -1829,31 +1829,31 @@ ipv4_udp_vrf() a=${NSA_IP} log_start run_cmd nettest -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, device client, local conn" log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn" log_start run_cmd nettest -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn" @@ -1861,7 +1861,7 @@ ipv4_udp_vrf() do log_start run_cmd nettest -D -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" done @@ -1870,7 +1870,7 @@ ipv4_udp_vrf() do log_start run_cmd nettest -s -D -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" done @@ -2093,7 +2093,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2107,7 +2107,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2120,7 +2120,7 @@ ipv4_rt() a=${NSA_IP} log_start run_cmd nettest ${varg} -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2134,7 +2134,7 @@ ipv4_rt() # log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${NSB_IP} & sleep 3 run_cmd ip link del ${VRF} @@ -2145,7 +2145,7 @@ ipv4_rt() log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${NSB_IP} & sleep 3 run_cmd ip link del ${VRF} @@ -2161,7 +2161,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2175,7 +2175,7 @@ ipv4_rt() do log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2189,7 +2189,7 @@ ipv4_rt() log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2200,7 +2200,7 @@ ipv4_rt() log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2211,7 +2211,7 @@ ipv4_rt() log_start run_cmd nettest ${varg} -I ${NSA_DEV} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -2561,7 +2561,7 @@ ipv6_tcp_md5_novrf() # basic use case log_start run_cmd nettest -6 -s -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: Single address config" @@ -2569,7 +2569,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: Server no config, client uses password" @@ -2577,7 +2577,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Client uses wrong password" @@ -2585,7 +2585,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NSB_LO_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: Client address does not match address configured with password" @@ -2596,7 +2596,7 @@ ipv6_tcp_md5_novrf() # client in prefix log_start run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: Prefix config" @@ -2604,7 +2604,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: Prefix config, client uses wrong password" @@ -2612,7 +2612,7 @@ ipv6_tcp_md5_novrf() log_start show_hint "Should timeout due to MD5 mismatch" run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -c ${NSB_LO_IP6} -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: Prefix config, client address not in configured prefix" } @@ -2629,7 +2629,7 @@ ipv6_tcp_md5() # basic use case log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config" @@ -2637,7 +2637,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since server does not have MD5 auth" run_cmd nettest -6 -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Server no config, client uses password" @@ -2645,7 +2645,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Client uses wrong password" @@ -2653,7 +2653,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since server config differs from client" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_LO_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Client address does not match address configured with password" @@ -2664,7 +2664,7 @@ ipv6_tcp_md5() # client in prefix log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config" @@ -2672,7 +2672,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since client uses wrong password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config, client uses wrong password" @@ -2680,7 +2680,7 @@ ipv6_tcp_md5() log_start show_hint "Should timeout since client address is outside of prefix" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -c ${NSB_LO_IP6} -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config, client address not in configured prefix" @@ -2691,14 +2691,14 @@ ipv6_tcp_md5() log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF" @@ -2706,7 +2706,7 @@ ipv6_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF with VRF pw" @@ -2714,21 +2714,21 @@ ipv6_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NSB_IP6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NSB_IP6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF with default VRF pw" log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF" log_start run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF" @@ -2736,7 +2736,7 @@ ipv6_tcp_md5() show_hint "Should timeout since client in default VRF uses VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsc nettest -6 -r ${NSA_IP6} -X ${MD5_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF with VRF pw" @@ -2744,7 +2744,7 @@ ipv6_tcp_md5() show_hint "Should timeout since client in VRF uses default VRF password" run_cmd nettest -6 -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET6} & run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${NSA_IP6} -X ${MD5_WRONG_PW} log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF with default VRF pw" @@ -2772,7 +2772,7 @@ ipv6_tcp_novrf() do log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -2793,7 +2793,7 @@ ipv6_tcp_novrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 0 "Client" done @@ -2802,7 +2802,7 @@ ipv6_tcp_novrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" done @@ -2822,7 +2822,7 @@ ipv6_tcp_novrf() do log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -2830,7 +2830,7 @@ ipv6_tcp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -2839,7 +2839,7 @@ ipv6_tcp_novrf() log_start show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope" run_cmd nettest -6 -s -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 1 "Device server, unbound client, local connection" done @@ -2847,7 +2847,7 @@ ipv6_tcp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "Global server, device client, local connection" @@ -2856,7 +2856,7 @@ ipv6_tcp_novrf() log_start show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, device client, local connection" done @@ -2865,7 +2865,7 @@ ipv6_tcp_novrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" done @@ -2898,7 +2898,7 @@ ipv6_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 1 "Global server" done @@ -2907,7 +2907,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -2916,7 +2916,7 @@ ipv6_tcp_vrf() a=${NSA_LINKIP6}%${NSB_DEV} log_start run_cmd nettest -6 -s -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" @@ -2924,7 +2924,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Device server" done @@ -2943,7 +2943,7 @@ ipv6_tcp_vrf() log_start show_hint "Should fail 'Connection refused' since global server with VRF is disabled" run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, local connection" @@ -2964,7 +2964,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -2973,7 +2973,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -2982,13 +2982,13 @@ ipv6_tcp_vrf() a=${NSA_LINKIP6}%${NSB_DEV} log_start run_cmd nettest -6 -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Global server" log_start run_cmd nettest -6 -s -I ${VRF} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "VRF server" @@ -2996,7 +2996,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 0 "Device server" done @@ -3016,7 +3016,7 @@ ipv6_tcp_vrf() log_start show_hint "Fails 'Connection refused' since client is not in VRF" run_cmd nettest -6 -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 1 "Global server, local connection" done @@ -3029,7 +3029,7 @@ ipv6_tcp_vrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} log_test_addr ${a} $? 0 "Client, VRF bind" done @@ -3038,7 +3038,7 @@ ipv6_tcp_vrf() log_start show_hint "Fails since VRF device does not allow linklocal addresses" run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} log_test_addr ${a} $? 1 "Client, VRF bind" @@ -3046,7 +3046,7 @@ ipv6_tcp_vrf() do log_start run_cmd_nsb nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 0 "Client, device bind" done @@ -3071,7 +3071,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local connection" done @@ -3079,7 +3079,7 @@ ipv6_tcp_vrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -I ${VRF} -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "VRF server, device client, local connection" @@ -3087,13 +3087,13 @@ ipv6_tcp_vrf() log_start show_hint "Should fail since unbound client is out of VRF scope" run_cmd nettest -6 -s -I ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} log_test_addr ${a} $? 1 "VRF server, unbound client, local connection" log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${VRF} -0 ${a} log_test_addr ${a} $? 0 "Device server, VRF client, local connection" @@ -3101,7 +3101,7 @@ ipv6_tcp_vrf() do log_start run_cmd nettest -6 -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local connection" done @@ -3141,13 +3141,13 @@ ipv6_udp_novrf() do log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Global server" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Device server" done @@ -3155,7 +3155,7 @@ ipv6_udp_novrf() a=${NSA_LO_IP6} log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Global server" @@ -3165,7 +3165,7 @@ ipv6_udp_novrf() #log_start #show_hint "Should fail since loopback address is out of scope" #run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - #sleep 1 + wait_local_port_listen ${NSA} 12345 udp #run_cmd_nsb nettest -6 -D -r ${a} #log_test_addr ${a} $? 1 "Device server" @@ -3185,25 +3185,25 @@ ipv6_udp_novrf() do log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client" log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client, device bind" log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -C -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client, device send via cmsg" log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP6} log_test_addr ${a} $? 0 "Client, device bind via IPV6_UNICAST_IF" @@ -3225,7 +3225,7 @@ ipv6_udp_novrf() do log_start run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -0 ${a} -1 ${a} log_test_addr ${a} $? 0 "Global server, local connection" done @@ -3233,7 +3233,7 @@ ipv6_udp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -D -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Device server, unbound client, local connection" @@ -3242,7 +3242,7 @@ ipv6_udp_novrf() log_start show_hint "Should fail 'Connection refused' since address is out of device scope" run_cmd nettest -6 -s -D -I ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} log_test_addr ${a} $? 1 "Device server, local connection" done @@ -3250,19 +3250,19 @@ ipv6_udp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Global server, device client, local connection" log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -C -r ${a} log_test_addr ${a} $? 0 "Global server, device send via cmsg, local connection" log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -S -r ${a} log_test_addr ${a} $? 0 "Global server, device client via IPV6_UNICAST_IF, local connection" @@ -3271,28 +3271,28 @@ ipv6_udp_novrf() log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} log_test_addr ${a} $? 1 "Global server, device client, local connection" log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -C log_test_addr ${a} $? 1 "Global server, device send via cmsg, local connection" log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection" log_start show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S -U log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" done @@ -3300,7 +3300,7 @@ ipv6_udp_novrf() a=${NSA_IP6} log_start run_cmd nettest -6 -D -s -I ${NSA_DEV} -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} -0 ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" @@ -3314,7 +3314,7 @@ ipv6_udp_novrf() run_cmd_nsb ip -6 ro add ${NSA_IP6}/128 dev ${NSB_DEV} log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${NSA_IP6} log_test $? 0 "UDP in - LLA to GUA" @@ -3338,7 +3338,7 @@ ipv6_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is disabled" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 1 "Global server" done @@ -3347,7 +3347,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -3356,7 +3356,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" done @@ -3378,7 +3378,7 @@ ipv6_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is disabled" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 1 "Global server, VRF client, local conn" done @@ -3387,7 +3387,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" done @@ -3396,25 +3396,25 @@ ipv6_udp_vrf() log_start show_hint "Should fail 'Connection refused' since global server is disabled" run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 1 "Global server, device client, local conn" log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, device client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn" @@ -3429,7 +3429,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Global server" done @@ -3438,7 +3438,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "VRF server" done @@ -3447,7 +3447,7 @@ ipv6_udp_vrf() do log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${a} log_test_addr ${a} $? 0 "Enslaved device server" done @@ -3465,7 +3465,7 @@ ipv6_udp_vrf() # log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${NSB_IP6} log_test $? 0 "VRF client" @@ -3476,7 +3476,7 @@ ipv6_udp_vrf() log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_IP6} log_test $? 0 "Enslaved device client" @@ -3491,13 +3491,13 @@ ipv6_udp_vrf() a=${NSA_IP6} log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" #log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" @@ -3505,13 +3505,13 @@ ipv6_udp_vrf() a=${VRF_IP6} log_start run_cmd nettest -6 -D -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Global server, VRF client, local conn" log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${VRF} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "VRF server, VRF client, local conn" @@ -3527,25 +3527,25 @@ ipv6_udp_vrf() a=${NSA_IP6} log_start run_cmd nettest -6 -D -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Global server, device client, local conn" log_start run_cmd nettest -6 -D -I ${VRF} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "VRF server, device client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${VRF} -r ${a} log_test_addr ${a} $? 0 "Device server, VRF client, local conn" log_start run_cmd nettest -6 -D -I ${NSA_DEV} -s -3 ${NSA_DEV} & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} log_test_addr ${a} $? 0 "Device server, device client, local conn" @@ -3557,7 +3557,7 @@ ipv6_udp_vrf() # link local addresses log_start run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -d ${NSB_DEV} -r ${NSA_LINKIP6} log_test $? 0 "Global server, linklocal IP" @@ -3568,7 +3568,7 @@ ipv6_udp_vrf() log_start run_cmd_nsb nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_LINKIP6} log_test $? 0 "Enslaved device client, linklocal IP" @@ -3579,7 +3579,7 @@ ipv6_udp_vrf() log_start run_cmd nettest -6 -D -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSA_LINKIP6} log_test $? 0 "Enslaved device client, local conn - linklocal IP" @@ -3592,7 +3592,7 @@ ipv6_udp_vrf() run_cmd_nsb ip -6 ro add ${NSA_IP6}/128 dev ${NSB_DEV} log_start run_cmd nettest -6 -s -D & - sleep 1 + wait_local_port_listen ${NSA} 12345 udp run_cmd_nsb nettest -6 -D -r ${NSA_IP6} log_test $? 0 "UDP in - LLA to GUA" @@ -3771,7 +3771,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3785,7 +3785,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3799,7 +3799,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -I ${NSA_DEV} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${varg} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3814,7 +3814,7 @@ ipv6_rt() # log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${NSB_IP6} & sleep 3 run_cmd ip link del ${VRF} @@ -3825,7 +3825,7 @@ ipv6_rt() log_start run_cmd_nsb nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSB} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${NSB_IP6} & sleep 3 run_cmd ip link del ${VRF} @@ -3842,7 +3842,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3856,7 +3856,7 @@ ipv6_rt() do log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${VRF} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3869,7 +3869,7 @@ ipv6_rt() a=${NSA_IP6} log_start run_cmd nettest ${varg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3880,7 +3880,7 @@ ipv6_rt() log_start run_cmd nettest ${varg} -I ${VRF} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3891,7 +3891,7 @@ ipv6_rt() log_start run_cmd nettest ${varg} -I ${NSA_DEV} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} & sleep 3 run_cmd ip link del ${VRF} @@ -3950,7 +3950,7 @@ netfilter_tcp_reset() do log_start run_cmd nettest -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -r ${a} log_test_addr ${a} $? 1 "Global server, reject with TCP-reset on Rx" done @@ -3968,7 +3968,7 @@ netfilter_icmp() do log_start run_cmd nettest ${arg} -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest ${arg} -r ${a} log_test_addr ${a} $? 1 "Global ${stype} server, Rx reject icmp-port-unreach" done @@ -4007,7 +4007,7 @@ netfilter_tcp6_reset() do log_start run_cmd nettest -6 -s & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 -r ${a} log_test_addr ${a} $? 1 "Global server, reject with TCP-reset on Rx" done @@ -4025,7 +4025,7 @@ netfilter_icmp6() do log_start run_cmd nettest -6 -s ${arg} & - sleep 1 + wait_local_port_listen ${NSA} 12345 tcp run_cmd_nsb nettest -6 ${arg} -r ${a} log_test_addr ${a} $? 1 "Global ${stype} server, Rx reject icmp-port-unreach" done @@ -4221,12 +4221,12 @@ use_case_snat_on_vrf() run_cmd ip6tables -t nat -A POSTROUTING -p tcp -m tcp --dport ${port} -j SNAT --to-source ${NSA_LO_IP6} -o ${VRF} run_cmd_nsb nettest -s -l ${NSB_IP} -p ${port} & - sleep 1 + wait_local_port_listen ${NSB} ${port} tcp run_cmd nettest -d ${VRF} -r ${NSB_IP} -p ${port} log_test $? 0 "IPv4 TCP connection over VRF with SNAT" run_cmd_nsb nettest -6 -s -l ${NSB_IP6} -p ${port} & - sleep 1 + wait_local_port_listen ${NSB} ${port} tcp run_cmd nettest -6 -d ${VRF} -r ${NSB_IP6} -p ${port} log_test $? 0 "IPv6 TCP connection over VRF with SNAT" -- 2.51.0

1 week

2
3
0 0

[PATCH v16 net-next 00/14] AccECN protocol patch series

by chia-yu.chang＠nokia-bell-labs.com

From: Chia-Yu Chang <chia-yu.chang(a)nokia-bell-labs.com> Hello, Please find the v16 AccECN protocol patch series, which covers the core functionality of Accurate ECN, AccECN negotiation, AccECN TCP options, and AccECN failure handling. The Accurate ECN draft can be found in https://datatracker.ietf.org/doc/html/draft-ietf-tcpm-accurate-ecn-28, and it will be RFC9768. This patch series is part of the full AccECN patch series, which is available at https://github.com/L4STeam/linux-net-next/commits/upstream_l4steam/ Best Regards, Chia-Yu --- v16 (6-Sep-2025) - Use TCP_ECN_IN_ACCECN_OUT_ACCECN, TCP_ECN_IN_ECN_OUT_ECN, and TCP_ECN_IN_ACCECN_OUT_ECN in comments of tcp_ecn_send_syn() (Eric Dumazet <edumazet(a)google.com>) - Add tcpi_accecn_fail_mode and tcpi_accecn_opt_seen to make tcp_info be multiple of 64 bits in patch #12 v15 (14-Aug-205) - Update pahole results in commit messages - Accurate ECN will become RFC9768 v14 (22-Jul-2025) - Add missing const for struct tcp_sock of tcp_accecn_option_beacon_check() of #11 (Simon Horman <horms(a)kernel.org>) v13 (18-Jul-2025) - Implement tcp_accecn_extract_syn_ect() and tcp_accecn_reflector_flags() with static array lookup of patch #6 (Paolo Abeni <pabeni(a)redhat.com>) - Fix typos in comments of #6 and remove patch #7 of v12 about simulatenous connect (Paolo Abeni <pabeni(a)redhat.com>) - Move TCP_ACCECN_E1B_INIT_OFFSET, TCP_ACCECN_E0B_INIT_OFFSET, and TCP_ACCECN_CEB_INIT_OFFSET from patch #7 to #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use static array lookup in tcp_accecn_optfield_to_ecnfield() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return false when WARN_ON_ONCE() is true in tcp_accecn_process_option() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Make synack_ecn_bytes as static const array and use const u32 pointer in tcp_options_write() of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use ALIGN() and ALIGN_DOWN() in tcp_options_fit_accecn() to pad TCP AccECN option to dword of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return TCP_ACCECN_OPT_FAIL_SEEN if WARN_ON_ONCE() is true in tcp_accecn_option_init() of #12 (Paolo Abeni <pabeni(a)redhat.com>) v12 (04-Jul-2025) - Fix compilation issues with some intermediate patches in v11 - Add more comments for AccECN helpers of tcp_ecn.h v11 (03-Jul-2025) - Fix compilation issues with some intermediate patches in v10 v10 (02-Jul-2025) - Add new patch of separated header file include/net/tcp_ecn.h to include ECN and AccECN functions (Eric Dumazet <edumazet(a)google.com>) - Add comments on the AccECN helper functions in tcp_ecn.h (Eric Dumazet <edumazet(a)google.com>) - Add documentation of tcp_ecn, tcp_ecn_option, tcp_ecn_beacon in ip-sysctl.rst to the corresponding patch (Eric Dumazet <edumazet(a)google.com>) - Split wait third ACK functionality into a separated patch from AccECN negotiation patch (Eric Dumazet <edumazet(a)google.com>) - Add READ_ONCE() over every reads of sysctl for all patches in the series (Eric Dumazet <edumazet(a)google.com>) - Merge heuristics of AccECN option ceb/cep and ACE field multi-wrap into a single patch - Add a table of SACK block reduction and required AccECN field in patch #15 commit message (Eric Dumazet <edumazet(a)google.com>) v9 (21-Jun-2025) - Use tcp_data_ecn_check() to set TCP_ECN_SEE flag only for RFC3168 ECN (Paolo Abeni <pabeni(a)redhat.com>) - Add comments about setting TCP_ECN_SEEN flag for RFC3168 and Accruate ECN (Paolo Abeni <pabeni(a)redhat.com>) - Restruct the code in the for loop of tcp_accecn_process_option() (Paolo Abeni <pabeni(a)redhat.com>) - Remove ecn_bytes and add use_synack_ecn_bytes flag to identify whether syn_ack_bytes or received_ecn_bytes is used (Paolo Abeni <pabeni(a)redhat.com>) - Replace leftover_bytes and leftover_size with leftover_highbyte and leftover_lowbyte and add comments in tcp_options_write() (Paolo Abeni <pabeni(a)redhat.com>) - Add comments and commit message about the 1st retx SYN still attempt AccECN negotiation (Paolo Abeni <pabeni(a)redhat.com>) v8 (10-Jun-2025) - Add new helper function tcp_ecn_received_counters_payload() in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Set opts->num_sack_blocks=0 to avoid potential undefined value in #8 (Paolo Abeni <pabeni(a)redhat.com>) - Reset leftover_size to 2 once leftover_bytes is used in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_opt_demand_min() in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_saw_opt_fail_recv() in #11 (Paolo Abeni <pabeni(a)redhat.com>) - Update tcp_options_fit_accecn() to avoid using recursion in #14 (Paolo Abeni <pabeni(a)redhat.com>) v7 (14-May-2025) - Modify group sizes of tcp_sock_write_txrx and tcp_sock_write_rx in #3 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Fix the issue in #4 and #5 where the RFC3168 ECN behavior in tcp_ecn_send() is changed (Paolo Abeni <pabeni(a)redhat.com>) - Modify group size of tcp_sock_write_txrx in #4 and #6 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Update commit message for #9 to explain the increase in tcp_sock_write_rx group size - Modify group size of tcp_sock_write_tx in #10 based on pahole results v6 (09-May-2025) - Add #3 to utilize exisintg holes of tcp_sock_write_txrx group for later patches (#4, #9, #10) with new u8 members (Paolo Abeni <pabeni(a)redhat.com>) - Add pahole outcomes before and after commit in #4, #5, #6, #9, #10, #15 (Paolo Abeni <pabeni(a)redhat.com>) - Define new helper function tcp_send_ack_reflect_ect() for sending ACK with reflected ECT in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add comments for function tcp_ecn_rcv_synack() in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add enum/define to be used by sysctl_tcp_ecn in #5, sysctl_tcp_ecn_option in #9, and sysctl_tcp_ecn_option_beacon in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move accecn_fail_mode and saw_accecn_opt in #5 and #11 to use exisintg holes of tcp_sock (Paolo Abeni <pabeni(a)redhat.com>) - Change data type of new members of tcp_request_sock and move them to the end of struct in #5 and #11 (Paolo Abeni <pabeni(a)redhat.com>) - Move new members of tcp_info to the end of struct in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Merge previous #7 into #9 (Paolo Abeni <pabeni(a)redhat.com>) - Mask ecnfield with INET_ECN_MASK to remove WARN_ONCE in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Reduce the indentation levels for reabability in #9 and #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move delivered_ecn_bytes to the RX group in #9, accecn_opt_tstamp to the TX group in #10, pkts_acked_ewma to the RX group in #15 (Paolo Abeni <pabeni(a)redhat.com>) - Add changes in Documentation/networking/net_cachelines/tcp_sock.rst for new tcp_sock members in #3, #5, #6, #9, #10, #15 v5 (22-Apr-2025) - Further fix for 32-bit ARM alignment in tcp.c (Simon Horman <horms(a)kernel.org>) v4 (18-Apr-2025) - Fix 32-bit ARM assertion for alignment requirement (Simon Horman <horms(a)kernel.org>) v3 (14-Apr-2025) - Fix patch apply issue in v2 (Jakub Kicinski <kuba(a)kernel.org>) v2 (18-Mar-2025) - Add one missing patch from the previous AccECN protocol preparation patch series to this patch series. --- Chia-Yu Chang (5): tcp: reorganize tcp_sock_write_txrx group for variables later tcp: ecn functions in separated include file tcp: accecn: AccECN option send control tcp: accecn: AccECN option failure handling tcp: accecn: try to fit AccECN option with SACK Ilpo Järvinen (9): tcp: reorganize SYN ECN code tcp: fast path functions later tcp: AccECN core tcp: accecn: AccECN negotiation tcp: accecn: add AccECN rx byte counters tcp: accecn: AccECN needs to know delivered bytes tcp: sack option handling improvements tcp: accecn: AccECN option tcp: accecn: AccECN option ceb/cep and ACE field multi-wrap heuristics Documentation/networking/ip-sysctl.rst | 55 +- .../networking/net_cachelines/tcp_sock.rst | 12 + include/linux/tcp.h | 32 +- include/net/netns/ipv4.h | 2 + include/net/tcp.h | 87 ++- include/net/tcp_ecn.h | 642 ++++++++++++++++++ include/uapi/linux/tcp.h | 9 + net/ipv4/syncookies.c | 4 + net/ipv4/sysctl_net_ipv4.c | 19 + net/ipv4/tcp.c | 30 +- net/ipv4/tcp_input.c | 353 ++++++++-- net/ipv4/tcp_ipv4.c | 8 +- net/ipv4/tcp_minisocks.c | 40 +- net/ipv4/tcp_output.c | 294 ++++++-- net/ipv6/syncookies.c | 2 + net/ipv6/tcp_ipv6.c | 1 + 16 files changed, 1406 insertions(+), 184 deletions(-) create mode 100644 include/net/tcp_ecn.h -- 2.34.1

1 week

1
14
0 0

Re: [syzbot] [net?] possible deadlock in __netdev_update_features

by syzbot

syzbot has bisected this issue to: commit f792709e0baad67224180d73d51c2f090003adde Author: Stanislav Fomichev <stfomichev(a)gmail.com> Date: Fri May 16 23:22:05 2025 +0000 selftests: net: validate team flags propagation bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=16a3ba42580000 start commit: d69eb204c255 Merge tag 'net-6.17-rc5' of git://git.kernel... git tree: upstream final oops: https://syzkaller.appspot.com/x/report.txt?x=15a3ba42580000 console output: https://syzkaller.appspot.com/x/log.txt?x=11a3ba42580000 kernel config: https://syzkaller.appspot.com/x/.config?x=9c302bcfb26a48af dashboard link: https://syzkaller.appspot.com/bug?extid=7e0f89fb6cae5d002de0 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12942962580000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16942962580000 Reported-by: syzbot+7e0f89fb6cae5d002de0(a)syzkaller.appspotmail.com Fixes: f792709e0baa ("selftests: net: validate team flags propagation") For information about bisection process see: https://goo.gl/tpsmEJ#bisection

1 week

1
0
0 0

[PATCH net-next] selftests: ncdevmem: don't retry EFAULT

by Stanislav Fomichev

devmem test fails on NIPA. Most likely we get skb(s) with readable frags (why?) but the failure manifests as an OOM. The OOM happens because ncdevmem spams the following message: recvmsg ret=-1 recvmsg: Bad address As of today, ncdevmem can't deal with various reasons of EFAULT: - falling back to regular recvmsg for non-devmem skbs - increasing ctrl_data size (can't happen with ncdevmem's large buffer) Exit (cleanly) with error when recvmsg returns EFAULT. This should at least cause the test to cleanup its state. Signed-off-by: Stanislav Fomichev <sdf(a)fomichev.me> --- tools/testing/selftests/drivers/net/hw/ncdevmem.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/drivers/net/hw/ncdevmem.c b/tools/testing/selftests/drivers/net/hw/ncdevmem.c index 8dc9511d046f..c0a22938bed2 100644 --- a/tools/testing/selftests/drivers/net/hw/ncdevmem.c +++ b/tools/testing/selftests/drivers/net/hw/ncdevmem.c @@ -945,6 +945,10 @@ static int do_server(struct memory_buffer *mem) continue; if (ret < 0) { perror("recvmsg"); + if (errno == EFAULT) { + pr_err("received EFAULT, won't recover"); + goto err_close_client; + } continue; } if (ret == 0) { -- 2.51.0

1 week, 1 day

4
5
0 0

[PATCH net-next] selftests: forwarding: Reorder arguments to obey POSIX getopt

by David Yang

Quoted from musl wiki: GNU getopt permutes argv to pull options to the front, ahead of non-option arguments. musl and the POSIX standard getopt stop processing options at the first non-option argument with no permutation. Thus these scripts stop working on musl since non-option arguments do not always come last. Fix it by reordering arguments. Signed-off-by: David Yang <mmyangfl(a)gmail.com> --- .../selftests/net/forwarding/bridge_igmp.sh | 26 ++--- .../net/forwarding/bridge_locked_port.sh | 10 +- .../selftests/net/forwarding/bridge_mdb.sh | 54 ++++----- .../net/forwarding/bridge_mdb_max.sh | 16 +-- .../selftests/net/forwarding/bridge_mld.sh | 26 ++--- .../net/forwarding/bridge_sticky_fdb.sh | 2 +- .../net/forwarding/bridge_vlan_aware.sh | 8 +- .../net/forwarding/custom_multipath_hash.sh | 34 +++--- .../forwarding/gre_custom_multipath_hash.sh | 34 +++--- .../net/forwarding/gre_inner_v4_multipath.sh | 4 +- .../net/forwarding/gre_inner_v6_multipath.sh | 4 +- .../selftests/net/forwarding/gre_multipath.sh | 4 +- .../net/forwarding/gre_multipath_nh.sh | 8 +- .../net/forwarding/gre_multipath_nh_res.sh | 8 +- .../net/forwarding/ip6_forward_instats_vrf.sh | 6 +- .../ip6gre_custom_multipath_hash.sh | 26 ++--- .../forwarding/ip6gre_inner_v4_multipath.sh | 4 +- .../forwarding/ip6gre_inner_v6_multipath.sh | 4 +- .../selftests/net/forwarding/ip6gre_lib.sh | 8 +- tools/testing/selftests/net/forwarding/lib.sh | 24 ++-- .../forwarding/mirror_gre_bridge_1q_lag.sh | 2 +- .../forwarding/mirror_gre_vlan_bridge_1q.sh | 4 +- .../selftests/net/forwarding/mirror_lib.sh | 4 +- .../selftests/net/forwarding/pedit_dsfield.sh | 4 +- .../selftests/net/forwarding/pedit_ip.sh | 2 +- .../selftests/net/forwarding/pedit_l4port.sh | 4 +- .../selftests/net/forwarding/router.sh | 18 +-- .../net/forwarding/router_broadcast.sh | 2 +- .../net/forwarding/router_mpath_nh.sh | 8 +- .../net/forwarding/router_mpath_nh_lib.sh | 4 +- .../net/forwarding/router_mpath_nh_res.sh | 8 +- .../net/forwarding/router_mpath_seed.sh | 16 +-- .../net/forwarding/router_multicast.sh | 48 ++++---- .../net/forwarding/router_multipath.sh | 8 +- .../selftests/net/forwarding/sch_red.sh | 22 ++-- .../net/forwarding/skbedit_priority.sh | 4 +- .../selftests/net/forwarding/tc_actions.sh | 40 +++---- .../selftests/net/forwarding/tc_chains.sh | 8 +- .../selftests/net/forwarding/tc_flower.sh | 108 +++++++++--------- .../selftests/net/forwarding/tc_flower_cfm.sh | 22 ++-- .../net/forwarding/tc_flower_l2_miss.sh | 16 +-- .../net/forwarding/tc_flower_port_range.sh | 52 ++++----- .../net/forwarding/tc_flower_router.sh | 8 +- .../selftests/net/forwarding/tc_shblocks.sh | 16 +-- .../selftests/net/forwarding/tc_tunnel_key.sh | 6 +- .../net/forwarding/vxlan_bridge_1d.sh | 24 ++-- .../net/forwarding/vxlan_bridge_1d_ipv6.sh | 6 +- .../net/forwarding/vxlan_bridge_1q.sh | 18 +-- .../net/forwarding/vxlan_bridge_1q_ipv6.sh | 2 +- .../net/forwarding/vxlan_bridge_1q_mc_ul.sh | 8 +- .../net/forwarding/vxlan_reserved.sh | 4 +- 51 files changed, 403 insertions(+), 403 deletions(-) diff --git a/tools/testing/selftests/net/forwarding/bridge_igmp.sh b/tools/testing/selftests/net/forwarding/bridge_igmp.sh index d4e7dd659354..605d8f6a7468 100755 --- a/tools/testing/selftests/net/forwarding/bridge_igmp.sh +++ b/tools/testing/selftests/net/forwarding/bridge_igmp.sh @@ -158,7 +158,7 @@ v3include_prepare() ip link set dev br0 type bridge mcast_igmp_version 3 check_err $? "Could not change bridge IGMP version to 3" - $MZ $host1_if -b $mac -c 1 -B $group -t ip "proto=2,p=$MZPKT_IS_INC" -q + $MZ -b $mac -c 1 -B $group -t ip "proto=2,p=$MZPKT_IS_INC" -q $host1_if sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -183,7 +183,7 @@ v3exclude_prepare() v3include_prepare $host1_if $mac $group - $MZ $host1_if -c 1 -b $mac -B $group -t ip "proto=2,p=$MZPKT_IS_EXC" -q + $MZ -c 1 -b $mac -B $group -t ip "proto=2,p=$MZPKT_IS_EXC" -q $host1_if sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -237,7 +237,7 @@ v3inc_allow_test() v3include_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW" -q $h1 sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" @@ -258,7 +258,7 @@ v3inc_is_include_test() v3include_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC2" -q $h1 sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" @@ -297,7 +297,7 @@ v3inc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_TO_EXC" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_TO_EXC" -q $h1 sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -341,7 +341,7 @@ v3exc_allow_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW2" -q $h1 sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" "${Y[@]}" @@ -364,7 +364,7 @@ v3exc_is_include_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC3" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC3" -q $h1 sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" "${Y[@]}" @@ -387,7 +387,7 @@ v3exc_is_exclude_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_EXC2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_EXC2" -q $h1 sleep 1 brmcast_check_sg_entries "is_exclude" "${X[@]}" "${Y[@]}" @@ -413,7 +413,7 @@ v3exc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_TO_EXC" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_TO_EXC" -q $h1 sleep 1 brmcast_check_sg_entries "to_exclude" "${X[@]}" "${Y[@]}" @@ -437,7 +437,7 @@ v3inc_block_test() v3include_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_BLOCK" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_BLOCK" -q $h1 # make sure the lowered timers have expired (by default 2 seconds) sleep 3 brmcast_check_sg_entries "block" "${X[@]}" @@ -470,7 +470,7 @@ v3exc_block_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_BLOCK" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_BLOCK" -q $h1 sleep 1 brmcast_check_sg_entries "block" "${X[@]}" "${Y[@]}" @@ -502,7 +502,7 @@ v3exc_timeout_test() mcast_query_response_interval 500 \ mcast_membership_interval 1500 - $MZ $h1 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW2" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_ALLOW2" -q $h1 sleep 5 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -545,7 +545,7 @@ v3star_ex_auto_add_test() v3exclude_prepare $h1 $ALL_MAC $ALL_GROUP - $MZ $h2 -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC" -q + $MZ -c 1 -b $ALL_MAC -B $ALL_GROUP -t ip "proto=2,p=$MZPKT_IS_INC" -q $h2 sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ diff --git a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh index c62331b2e006..93d2261be6e3 100755 --- a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh +++ b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh @@ -225,18 +225,18 @@ locked_port_mab_roam() bridge link set dev $swp1 learning on locked on mab on - $MZ $h1 -q -c 5 -d 100msec -t udp -a $mac -b rand + $MZ -q -c 5 -d 100msec -t udp -a $mac -b rand $h1 bridge fdb get $mac br br0 vlan 1 | grep "dev $swp1" | grep -q "locked" check_err $? "No locked entry on first injection" - $MZ $h2 -q -c 5 -d 100msec -t udp -a $mac -b rand + $MZ -q -c 5 -d 100msec -t udp -a $mac -b rand $h2 bridge fdb get $mac br br0 vlan 1 | grep -q "dev $swp2" check_err $? "Entry did not roam to an unlocked port" bridge fdb get $mac br br0 vlan 1 | grep -q "locked" check_fail $? "Entry roamed with locked flag on" - $MZ $h1 -q -c 5 -d 100msec -t udp -a $mac -b rand + $MZ -q -c 5 -d 100msec -t udp -a $mac -b rand $h1 bridge fdb get $mac br br0 vlan 1 | grep -q "dev $swp1" check_fail $? "Entry roamed back to locked port" @@ -285,12 +285,12 @@ locked_port_mab_flush() bridge fdb add $unlocked_mac1 dev $swp1 vlan 1 master static bridge fdb add $unlocked_mac2 dev $swp2 vlan 1 master static - $MZ $h1 -q -c 5 -d 100msec -t udp -a $locked_mac1 -b rand + $MZ -q -c 5 -d 100msec -t udp -a $locked_mac1 -b rand $h1 bridge fdb get $locked_mac1 br br0 vlan 1 | grep "dev $swp1" | \ grep -q "locked" check_err $? "Failed to create locked FDB entry on first port" - $MZ $h2 -q -c 5 -d 100msec -t udp -a $locked_mac2 -b rand + $MZ -q -c 5 -d 100msec -t udp -a $locked_mac2 -b rand $h2 bridge fdb get $locked_mac2 br br0 vlan 1 | grep "dev $swp2" | \ grep -q "locked" check_err $? "Failed to create locked FDB entry on second port" diff --git a/tools/testing/selftests/net/forwarding/bridge_mdb.sh b/tools/testing/selftests/net/forwarding/bridge_mdb.sh index 8c1597ebc2d3..6ddb64ac90d0 100755 --- a/tools/testing/selftests/net/forwarding/bridge_mdb.sh +++ b/tools/testing/selftests/net/forwarding/bridge_mdb.sh @@ -1023,27 +1023,27 @@ __fwd_test_host_ip() # Packet should only be flooded to multicast router ports when there is # no matching MDB entry. The bridge is not configured as a multicast # router port. - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 0 check_err $? "Packet locally received after flood" # Install a regular port group entry and expect the packet to not be # locally received. bridge mdb add dev br0 port $swp2 grp $grp temp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 0 check_err $? "Packet locally received after installing a regular entry" # Add a host entry and expect the packet to be locally received. bridge mdb add dev br0 port br0 grp $grp temp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet not locally received after adding a host entry" # Remove the host entry and expect the packet to not be locally # received. bridge mdb del dev br0 port br0 grp $grp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $src -B $grp -t udp -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet locally received after removing a host entry" @@ -1071,27 +1071,27 @@ fwd_test_host_l2() # Packet should be flooded and locally received when there is no # matching MDB entry. - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet not locally received after flood" # Install a regular port group entry and expect the packet to not be # locally received. bridge mdb add dev br0 port $swp2 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 1 check_err $? "Packet locally received after installing a regular entry" # Add a host entry and expect the packet to be locally received. bridge mdb add dev br0 port br0 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 2 check_err $? "Packet not locally received after adding a host entry" # Remove the host entry and expect the packet to not be locally # received. bridge mdb del dev br0 port br0 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev br0 ingress" 1 2 check_err $? "Packet locally received after removing a host entry" @@ -1151,43 +1151,43 @@ __fwd_test_port_ip() vlan_ethtype $eth_type vlan_id 10 dst_ip $grp \ src_ip $invalid_src action drop - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Packet from valid source received on H2 before adding entry" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 0 check_err $? "Packet from invalid source received on H2 before adding entry" bridge mdb add dev br0 port $swp2 grp $grp vid 10 \ filter_mode $filter_mode source_list $src_list - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Packet from valid source not received on H2 after adding entry" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 0 check_err $? "Packet from invalid source received on H2 after adding entry" bridge mdb replace dev br0 port $swp2 grp $grp vid 10 \ filter_mode exclude - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 2 check_err $? "Packet from valid source not received on H2 after allowing all sources" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 1 check_err $? "Packet from invalid source not received on H2 after allowing all sources" bridge mdb del dev br0 port $swp2 grp $grp vid 10 - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $valid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 1 2 check_err $? "Packet from valid source received on H2 after deleting entry" - $MZ $mode $h1.10 -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q + $MZ $mode -a own -b $dmac -c 1 -p 128 -A $invalid_src -B $grp -t udp -q $h1.10 tc_check_packets "dev $h2 ingress" 2 1 check_err $? "Packet from invalid source received on H2 after deleting entry" @@ -1216,17 +1216,17 @@ fwd_test_port_l2() tc filter add dev $h2 ingress protocol all pref 1 handle 1 flower \ dst_mac $dmac action drop - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Packet received on H2 before adding entry" bridge mdb add dev br0 port $swp2 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Packet not received on H2 after adding entry" bridge mdb del dev br0 port $swp2 grp $dmac permanent vid 10 - $MZ $h1.10 -c 1 -p 128 -a own -b $dmac -q + $MZ -c 1 -p 128 -a own -b $dmac -q $h1.10 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Packet received on H2 after deleting entry" @@ -1283,8 +1283,8 @@ ctrl_igmpv3_is_in_test() filter_mode include source_list 192.0.2.1 # IS_IN ( 192.0.2.2 ) - $MZ $h1.10 -c 1 -a own -b 01:00:5e:01:01:01 -A 192.0.2.1 -B 239.1.1.1 \ - -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q + $MZ -c 1 -a own -b 01:00:5e:01:01:01 -A 192.0.2.1 -B 239.1.1.1 \ + -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q $h1.10 bridge mdb get dev br0 grp 239.1.1.1 src 192.0.2.2 vid 10 &> /dev/null check_fail $? "Permanent entry affected by IGMP packet" @@ -1296,8 +1296,8 @@ ctrl_igmpv3_is_in_test() filter_mode include source_list 192.0.2.1 # IS_IN ( 192.0.2.2 ) - $MZ $h1.10 -a own -b 01:00:5e:01:01:01 -c 1 -A 192.0.2.1 -B 239.1.1.1 \ - -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q + $MZ -a own -b 01:00:5e:01:01:01 -c 1 -A 192.0.2.1 -B 239.1.1.1 \ + -t ip proto=2,p=$(igmpv3_is_in_get 239.1.1.1 192.0.2.2) -q $h1.10 bridge -d mdb get dev br0 grp 239.1.1.1 vid 10 | grep -q 192.0.2.2 check_err $? "Source not add to source list" @@ -1321,8 +1321,8 @@ ctrl_mldv2_is_in_test() # IS_IN ( 2001:db8:1::2 ) local p=$(mldv2_is_in_get fe80::1 ff0e::1 2001:db8:1::2) - $MZ -6 $h1.10 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ + -t ip hop=1,next=0,p="$p" -q $h1.10 bridge mdb get dev br0 grp ff0e::1 src 2001:db8:1::2 vid 10 &> /dev/null check_fail $? "Permanent entry affected by MLD packet" @@ -1334,8 +1334,8 @@ ctrl_mldv2_is_in_test() filter_mode include source_list 2001:db8:1::1 # IS_IN ( 2001:db8:1::2 ) - $MZ -6 $h1.10 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b 33:33:00:00:00:01 -c 1 -A fe80::1 -B ff0e::1 \ + -t ip hop=1,next=0,p="$p" -q $h1.10 bridge -d mdb get dev br0 grp ff0e::1 vid 10 | grep -q 2001:db8:1::2 check_err $? "Source not add to source list" diff --git a/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh b/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh index 3da9d93ab36f..1ebce13930c3 100755 --- a/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh +++ b/tools/testing/selftests/net/forwarding/bridge_mdb_max.sh @@ -253,8 +253,8 @@ ctl4_entries_add() local peer=$(locus_dev_peer $locus) local GRP=239.1.1.${grp} local dmac=01:00:5e:01:01:$(printf "%02x" $grp) - $MZ $peer -a own -b $dmac -c 1 -A 192.0.2.1 -B $GRP \ - -t ip proto=2,p=$(igmpv3_is_in_get $GRP $IPs) -q + $MZ -a own -b $dmac -c 1 -A 192.0.2.1 -B $GRP \ + -t ip proto=2,p=$(igmpv3_is_in_get $GRP $IPs) -q $peer sleep 1 local nn=$(bridge mdb show dev br0 | grep $GRP | wc -l) @@ -274,8 +274,8 @@ ctl4_entries_del() local peer=$(locus_dev_peer $locus) local GRP=239.1.1.${grp} local dmac=01:00:5e:00:00:02 - $MZ $peer -a own -b $dmac -c 1 -A 192.0.2.1 -B 224.0.0.2 \ - -t ip proto=2,p=$(igmpv2_leave_get $GRP) -q + $MZ -a own -b $dmac -c 1 -A 192.0.2.1 -B 224.0.0.2 \ + -t ip proto=2,p=$(igmpv2_leave_get $GRP) -q $peer sleep 1 ! bridge mdb show dev br0 | grep -q $GRP } @@ -293,8 +293,8 @@ ctl6_entries_add() local GRP=ff0e::${grp} local dmac=33:33:00:00:00:$(printf "%02x" $grp) local p=$(mldv2_is_in_get $SIP $GRP $IPs) - $MZ -6 $peer -a own -b $dmac -c 1 -A $SIP -B $GRP \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b $dmac -c 1 -A $SIP -B $GRP \ + -t ip hop=1,next=0,p="$p" -q $peer sleep 1 local nn=$(bridge mdb show dev br0 | grep $GRP | wc -l) @@ -316,8 +316,8 @@ ctl6_entries_del() local GRP=ff0e::${grp} local dmac=33:33:00:00:00:$(printf "%02x" $grp) local p=$(mldv1_done_get $SIP $GRP) - $MZ -6 $peer -a own -b $dmac -c 1 -A $SIP -B $GRP \ - -t ip hop=1,next=0,p="$p" -q + $MZ -6 -a own -b $dmac -c 1 -A $SIP -B $GRP \ + -t ip hop=1,next=0,p="$p" -q $peer sleep 1 ! bridge mdb show dev br0 | grep -q $GRP } diff --git a/tools/testing/selftests/net/forwarding/bridge_mld.sh b/tools/testing/selftests/net/forwarding/bridge_mld.sh index 4cacef5a813a..b4f6a81e8bf0 100755 --- a/tools/testing/selftests/net/forwarding/bridge_mld.sh +++ b/tools/testing/selftests/net/forwarding/bridge_mld.sh @@ -158,7 +158,7 @@ mldv2include_prepare() ip link set dev br0 type bridge mcast_mld_version 2 check_err $? "Could not change bridge MLD version to 2" - $MZ $host1_if $MZPKT_IS_INC -q + $MZ -q $host1_if $MZPKT_IS_INC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -183,7 +183,7 @@ mldv2exclude_prepare() mldv2include_prepare $h1 - $MZ $host1_if -c 1 $MZPKT_IS_EXC -q + $MZ -c 1 -q $host1_if $MZPKT_IS_EXC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -236,7 +236,7 @@ mldv2inc_allow_test() mldv2include_prepare $h1 - $MZ $h1 -c 1 $MZPKT_ALLOW -q + $MZ -c 1 -q $h1 $MZPKT_ALLOW sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" @@ -257,7 +257,7 @@ mldv2inc_is_include_test() mldv2include_prepare $h1 - $MZ $h1 -c 1 $MZPKT_IS_INC2 -q + $MZ -c 1 -q $h1 $MZPKT_IS_INC2 sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" @@ -296,7 +296,7 @@ mldv2inc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 $MZPKT_TO_EXC -q + $MZ -c 1 -q $h1 $MZPKT_TO_EXC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -340,7 +340,7 @@ mldv2exc_allow_test() mldv2exclude_prepare $h1 - $MZ $h1 -c 1 $MZPKT_ALLOW2 -q + $MZ -c 1 -q $h1 $MZPKT_ALLOW2 sleep 1 brmcast_check_sg_entries "allow" "${X[@]}" "${Y[@]}" @@ -363,7 +363,7 @@ mldv2exc_is_include_test() mldv2exclude_prepare $h1 - $MZ $h1 -c 1 $MZPKT_IS_INC3 -q + $MZ -c 1 -q $h1 $MZPKT_IS_INC3 sleep 1 brmcast_check_sg_entries "is_include" "${X[@]}" "${Y[@]}" @@ -386,7 +386,7 @@ mldv2exc_is_exclude_test() mldv2exclude_prepare $h1 - $MZ $h1 -c 1 $MZPKT_IS_EXC2 -q + $MZ -c 1 -q $h1 $MZPKT_IS_EXC2 sleep 1 brmcast_check_sg_entries "is_exclude" "${X[@]}" "${Y[@]}" @@ -412,7 +412,7 @@ mldv2exc_to_exclude_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 $MZPKT_TO_EXC -q + $MZ -c 1 -q $h1 $MZPKT_TO_EXC sleep 1 brmcast_check_sg_entries "to_exclude" "${X[@]}" "${Y[@]}" @@ -436,7 +436,7 @@ mldv2inc_block_test() mldv2include_prepare $h1 - $MZ $h1 -c 1 $MZPKT_BLOCK -q + $MZ -c 1 -q $h1 $MZPKT_BLOCK # make sure the lowered timers have expired (by default 2 seconds) sleep 3 brmcast_check_sg_entries "block" "${X[@]}" @@ -469,7 +469,7 @@ mldv2exc_block_test() ip link set dev br0 type bridge mcast_last_member_interval 500 check_err $? "Could not change mcast_last_member_interval to 5s" - $MZ $h1 -c 1 $MZPKT_BLOCK -q + $MZ -c 1 -q $h1 $MZPKT_BLOCK sleep 1 brmcast_check_sg_entries "block" "${X[@]}" "${Y[@]}" @@ -501,7 +501,7 @@ mldv2exc_timeout_test() mcast_query_response_interval 500 \ mcast_membership_interval 1500 - $MZ $h1 -c 1 $MZPKT_ALLOW2 -q + $MZ -c 1 -q $h1 $MZPKT_ALLOW2 sleep 5 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ @@ -544,7 +544,7 @@ mldv2star_ex_auto_add_test() mldv2exclude_prepare $h1 - $MZ $h2 -c 1 $MZPKT_IS_INC -q + $MZ -c 1 -q $h2 $MZPKT_IS_INC sleep 1 bridge -j -d -s mdb show dev br0 \ | jq -e ".[].mdb[] | \ diff --git a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh index 1f8ef0eff862..cbc9a9f3c6de 100755 --- a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh +++ b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh @@ -51,7 +51,7 @@ sticky() bridge fdb add $TEST_MAC dev $swp1 master static sticky check_err $? "Could not add fdb entry" bridge fdb del $TEST_MAC dev $swp1 vlan 1 master static sticky - $MZ $h2 -c 1 -a $TEST_MAC -t arp "request" -q + $MZ -c 1 -a $TEST_MAC -t arp -q $h2 "request" bridge -j fdb show br br0 brport $swp1\ | jq -e ".[] | select(.mac == \"$TEST_MAC\")" &> /dev/null check_err $? "Did not find FDB record when should" diff --git a/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh b/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh index e59fba366a0a..88525294e410 100755 --- a/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh +++ b/tools/testing/selftests/net/forwarding/bridge_vlan_aware.sh @@ -131,7 +131,7 @@ extern_learn() bridge fdb show brport $swp1 | grep -q de:ad:be:ef:13:37 check_err $? "FDB entry was aged out when should not" - $MZ $h2 -c 1 -p 64 -a $mac -t ip -q + $MZ -c 1 -p 64 -a $mac -t ip -q $h2 bridge fdb show brport $swp2 | grep -q de:ad:be:ef:13:37 check_err $? "FDB entry did not roam when should" @@ -158,7 +158,7 @@ other_tpid() ip link set $h2 promisc on ethtool -K $h2 rx-vlan-filter off rx-vlan-stag-filter off - $MZ -q $h1 -c 1 -b $mac -a own "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" + $MZ -q -c 1 -b $mac -a own $h1 "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" sleep 1 # Match on 'self' addresses as well, for those drivers which @@ -179,7 +179,7 @@ other_tpid() bridge vlan del dev $swp1 vid 1 - $MZ -q $h1 -c 1 -b $mac -a own "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" + $MZ -q -c 1 -b $mac -a own $h1 "88:a8 00:03 81:00 00:05 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" sleep 1 RET=0 @@ -202,7 +202,7 @@ other_tpid() tc filter add dev $h2 ingress protocol all pref 1 handle 101 \ flower dst_mac $mac action drop - $MZ -q $h1 -c 1 -b $mac -a own "81:00 00:00 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" + $MZ -q -c 1 -b $mac -a own $h1 "81:00 00:00 08:00 aa-aa-aa-aa-aa-aa-aa-aa-aa" sleep 1 tc -j -s filter show dev $h2 ingress \ diff --git a/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh b/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh index 7d531f7091e6..de9086f4c724 100755 --- a/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh +++ b/tools/testing/selftests/net/forwarding/custom_multipath_hash.sh @@ -181,44 +181,44 @@ ping_ipv6() send_src_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A "198.51.100.2-198.51.100.253" -B 203.0.113.2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B "203.0.113.2-203.0.113.253" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_src_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } send_src_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A "2001:db8:1::2-2001:db8:1::fd" -B 2001:db8:4::2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B "2001:db8:4::2-2001:db8:4::fd" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_flowlabel() @@ -226,22 +226,22 @@ send_flowlabel() # Generate 16384 echo requests, each with a random flow label. ip vrf exec v$h1 sh -c \ "for _ in {1..16384}; do \ - $PING6 2001:db8:4::2 -F 0 -c 1 -q >/dev/null 2>&1; \ + $PING6 -F 0 -c 1 -q 2001:db8:4::2 >/dev/null 2>&1; \ done" } send_src_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:4::2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:4::2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } custom_hash_test() diff --git a/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh b/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh index dda11a4a9450..24e74fa35392 100755 --- a/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh +++ b/tools/testing/selftests/net/forwarding/gre_custom_multipath_hash.sh @@ -276,44 +276,44 @@ ping_ipv6() send_src_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A "198.51.100.2-198.51.100.253" -B 203.0.113.2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B "203.0.113.2-203.0.113.253" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_src_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } send_src_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A "2001:db8:1::2-2001:db8:1::fd" -B 2001:db8:2::2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_dst_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B "2001:db8:2::2-2001:db8:2::fd" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=20000,dp=30000" } send_flowlabel() @@ -321,22 +321,22 @@ send_flowlabel() # Generate 16384 echo requests, each with a random flow label. ip vrf exec v$h1 sh -c \ "for _ in {1..16384}; do \ - $PING6 2001:db8:2::2 -F 0 -c 1 -q >/dev/null 2>&1; \ + $PING6 -F 0 -c 1 -q 2001:db8:2::2 >/dev/null 2>&1; \ done" } send_src_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1 "sp=0-32768,dp=30000" } send_dst_udp6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1 "sp=20000,dp=0-32768" } custom_hash_test() diff --git a/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh b/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh index efca6114a3ce..3e1694c9773b 100755 --- a/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh +++ b/tools/testing/selftests/net/forwarding/gre_inner_v4_multipath.sh @@ -266,8 +266,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + $MZ -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh b/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh index a71ad39fc0c3..fb2707a97f59 100755 --- a/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh +++ b/tools/testing/selftests/net/forwarding/gre_inner_v6_multipath.sh @@ -266,9 +266,9 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ + $MZ -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ -B "2001:db8:2::2-2001:db8:2::3e" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_multipath.sh b/tools/testing/selftests/net/forwarding/gre_multipath.sh index 57531c1d884d..6ed8b8f1ac22 100755 --- a/tools/testing/selftests/net/forwarding/gre_multipath.sh +++ b/tools/testing/selftests/net/forwarding/gre_multipath.sh @@ -219,8 +219,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh b/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh index 7d5b2b9cc133..d207b5518843 100755 --- a/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh +++ b/tools/testing/selftests/net/forwarding/gre_multipath_nh.sh @@ -243,8 +243,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) @@ -270,8 +270,8 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) diff --git a/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh b/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh index 370f9925302d..f1d8a6b17d6f 100755 --- a/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh +++ b/tools/testing/selftests/net/forwarding/gre_multipath_nh_res.sh @@ -246,8 +246,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) @@ -274,8 +274,8 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul2 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" local t1_111=$(tc_rule_stats_get $ul2 111 ingress) local t1_222=$(tc_rule_stats_get $ul2 222 ingress) diff --git a/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh b/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh index 49fa94b53a1c..25036e38043c 100755 --- a/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh +++ b/tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh @@ -95,7 +95,7 @@ ipv6_in_too_big_err() # Send too big packets ip vrf exec $vrf_name \ - $PING6 -s 1300 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null + $PING6 -s 1300 -c 1 -w $PING_TIMEOUT 2001:1:2::2 &> /dev/null local t1=$(ipv6_stats_get $rtr1 Ip6InTooBigErrors) test "$((t1 - t0))" -ne 0 @@ -131,7 +131,7 @@ ipv6_in_addr_err() # Disable forwarding temporary while sending the packet sysctl -qw net.ipv6.conf.all.forwarding=0 ip vrf exec $vrf_name \ - $PING6 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null + $PING6 -c 1 -w $PING_TIMEOUT 2001:1:2::2 &> /dev/null sysctl -qw net.ipv6.conf.all.forwarding=1 local t1=$(ipv6_stats_get $rtr1 Ip6InAddrErrors) @@ -150,7 +150,7 @@ ipv6_in_discard() # Add a policy to discard ip xfrm policy add dst 2001:1:2::2/128 dir fwd action block ip vrf exec $vrf_name \ - $PING6 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null + $PING6 -c 1 -w $PING_TIMEOUT 2001:1:2::2 &> /dev/null ip xfrm policy del dst 2001:1:2::2/128 dir fwd local t1=$(ipv6_stats_get $rtr1 Ip6InDiscards) diff --git a/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh b/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh index e28b4a079e52..bcfa88fd0845 100755 --- a/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_custom_multipath_hash.sh @@ -278,44 +278,44 @@ ping_ipv6() send_src_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A "198.51.100.2-198.51.100.253" -B 203.0.113.2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1"sp=20000,dp=30000" } send_dst_ipv4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B "203.0.113.2-203.0.113.253" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1"sp=20000,dp=30000" } send_src_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=0-32768,dp=30000" + -d $MZ_DELAY -t udp $h1"sp=0-32768,dp=30000" } send_dst_udp4() { - ip vrf exec v$h1 $MZ $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -q -p 64 \ -A 198.51.100.2 -B 203.0.113.2 \ - -d $MZ_DELAY -t udp "sp=20000,dp=0-32768" + -d $MZ_DELAY -t udp $h1"sp=20000,dp=0-32768" } send_src_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A "2001:db8:1::2-2001:db8:1::fd" -B 2001:db8:2::2 \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1"sp=20000,dp=30000" } send_dst_ipv6() { - ip vrf exec v$h1 $MZ -6 $h1 -q -p 64 \ + ip vrf exec v$h1 $MZ -6 -q -p 64 \ -A 2001:db8:1::2 -B "2001:db8:2::2-2001:db8:2::fd" \ - -d $MZ_DELAY -c 50 -t udp "sp=20000,dp=30000" + -d $MZ_DELAY -c 50 -t udp $h1"sp=20000,dp=30000" } send_flowlabel() @@ -323,7 +323,7 @@ send_flowlabel() # Generate 16384 echo requests, each with a random flow label. ip vrf exec v$h1 sh -c \ "for _ in {1..16384}; do \ - $PING6 2001:db8:2::2 -F 0 -c 1 -q >/dev/null 2>&1; \ + $PING6 -F 0 -c 1 -q 2001:db8:2::2 >/dev/null 2>&1; \ done" } diff --git a/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh b/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh index 32d1461f37b7..21a2deb577ef 100755 --- a/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_inner_v4_multipath.sh @@ -265,8 +265,8 @@ multipath4_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + $MZ -q -p 64 -A "192.0.3.2-192.0.3.62" -B "192.0.4.2-192.0.4.62" \ + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh b/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh index e1a4b50505f5..f2fd82017f21 100755 --- a/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_inner_v6_multipath.sh @@ -265,9 +265,9 @@ multipath6_test() local t0_222=$(tc_rule_stats_get $ul32 222 ingress) ip vrf exec v$h1 \ - $MZ $h1 -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ + $MZ -6 -q -p 64 -A "2001:db8:1::2-2001:db8:1::3e" \ -B "2001:db8:2::2-2001:db8:2::3e" \ - -d $MZ_DELAY -c 50 -t udp "sp=1024,dp=1024" + -d $MZ_DELAY -c 50 -t udp $h1 "sp=1024,dp=1024" sleep 1 local t1_111=$(tc_rule_stats_get $ul32 111 ingress) diff --git a/tools/testing/selftests/net/forwarding/ip6gre_lib.sh b/tools/testing/selftests/net/forwarding/ip6gre_lib.sh index 2d91281dc5b7..4ebb8a1c758a 100644 --- a/tools/testing/selftests/net/forwarding/ip6gre_lib.sh +++ b/tools/testing/selftests/net/forwarding/ip6gre_lib.sh @@ -355,8 +355,8 @@ test_traffic_ip4ip6() tc filter add dev $ol2 egress protocol ipv4 pref 1 handle 101 \ flower $TC_FLAG dst_ip 203.0.113.1 action pass - $MZ $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 198.51.100.1 \ - -B 203.0.113.1 -t ip -q -d $MZ_DELAY + $MZ -c 1000 -p 64 -a $h1mac -b $ol1mac -A 198.51.100.1 \ + -B 203.0.113.1 -t ip -q -d $MZ_DELAY $h1 # Check ports after encap and after decap. tc_check_at_least_x_packets "dev $ul1 egress" 101 1000 @@ -388,8 +388,8 @@ test_traffic_ip6ip6() tc filter add dev $ol2 egress protocol ipv6 pref 1 handle 101 \ flower $TC_FLAG dst_ip 2001:db8:2::1 action pass - $MZ -6 $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 2001:db8:1::1 \ - -B 2001:db8:2::1 -t ip -q -d $MZ_DELAY + $MZ -6 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 2001:db8:1::1 \ + -B 2001:db8:2::1 -t ip -q -d $MZ_DELAY $h1 # Check ports after encap and after decap. tc_check_at_least_x_packets "dev $ul1 egress" 101 1000 diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh index 890b3374dacd..d1a06dbfe2ae 100644 --- a/tools/testing/selftests/net/forwarding/lib.sh +++ b/tools/testing/selftests/net/forwarding/lib.sh @@ -1291,8 +1291,8 @@ ping_do() vrf_name=$(master_name_get $if_name) ip vrf exec $vrf_name \ - $PING $args $dip -c $PING_COUNT -i 0.1 \ - -w $PING_TIMEOUT &> /dev/null + $PING $args -c $PING_COUNT -i 0.1 \ + -w $PING_TIMEOUT $dip &> /dev/null } ping_test() @@ -1322,8 +1322,8 @@ ping6_do() vrf_name=$(master_name_get $if_name) ip vrf exec $vrf_name \ - $PING6 $args $dip -c $PING_COUNT -i 0.1 \ - -w $PING_TIMEOUT &> /dev/null + $PING6 $args -c $PING_COUNT -i 0.1 \ + -w $PING_TIMEOUT $dip &> /dev/null } ping6_test() @@ -1369,7 +1369,7 @@ learning_test() tc filter add dev $host1_if ingress protocol ip pref 1 handle 101 \ flower dst_mac $mac action drop - $MZ $host2_if -c 1 -p 64 -b $mac -t ip -q + $MZ -c 1 -p 64 -b $mac -t ip -q $host2_if sleep 1 tc -j -s filter show dev $host1_if ingress \ @@ -1377,14 +1377,14 @@ learning_test() | select(.options.actions[0].stats.packets == 1)" &> /dev/null check_fail $? "Packet reached first host when should not" - $MZ $host1_if -c 1 -p 64 -a $mac -t ip -q + $MZ -c 1 -p 64 -a $mac -t ip -q $host1_if sleep 1 bridge -j fdb show br $bridge brport $br_port1 \ | jq -e ".[] | select(.mac == \"$mac\")" &> /dev/null check_err $? "Did not find FDB record when should" - $MZ $host2_if -c 1 -p 64 -b $mac -t ip -q + $MZ -c 1 -p 64 -b $mac -t ip -q $host2_if sleep 1 tc -j -s filter show dev $host1_if ingress \ @@ -1403,7 +1403,7 @@ learning_test() bridge link set dev $br_port1 learning off - $MZ $host1_if -c 1 -p 64 -a $mac -t ip -q + $MZ -c 1 -p 64 -a $mac -t ip -q $host1_if sleep 1 bridge -j fdb show br $bridge brport $br_port1 \ @@ -1437,7 +1437,7 @@ flood_test_do() tc filter add dev $host2_if ingress protocol ip pref 1 handle 101 \ flower dst_mac $mac action drop - $MZ $host1_if -c 1 -p 64 -b $mac -B $ip -t ip -q + $MZ -c 1 -p 64 -b $mac -B $ip -t ip -q $host1_if sleep 1 tc -j -s filter show dev $host2_if ingress \ @@ -1522,8 +1522,8 @@ __start_traffic() local dmac=$1; shift local -a mz_args=("$@") - $MZ $h_in -p $pktsize -A $sip -B $dip -c 0 \ - -a own -b $dmac -t "$proto" -q "${mz_args[@]}" & + $MZ -p $pktsize -A $sip -B $dip -c 0 \ + -a own -b $dmac -t "$proto" -q $h_in "${mz_args[@]}" & sleep 1 } @@ -1663,7 +1663,7 @@ mcast_packet_test() tc filter add dev $host2_if ingress protocol $tc_proto pref 1 handle 101 \ flower ip_proto udp dst_mac $mac action drop - $MZ $host1_if $mz_v6arg -c 1 -p 64 -b $mac -A $src_ip -B $ip -t udp "dp=4096,sp=2048" -q + $MZ $mz_v6arg -c 1 -p 64 -b $mac -A $src_ip -B $ip -t udp -q $host1_if "dp=4096,sp=2048" sleep 1 tc -j -s filter show dev $host2_if ingress \ diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh b/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh index a20d22d1df36..8d4ae6c952a1 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1q_lag.sh @@ -238,7 +238,7 @@ test_lag_slave() ip neigh flush dev br1 setup_wait_dev $up_dev setup_wait_dev $host_dev - $ARPING -I br1 192.0.2.130 -qfc 1 + $ARPING -I br1 -qfc 1 192.0.2.130 sleep 2 mirror_test vrf-h1 192.0.2.1 192.0.2.18 $host_dev 1 ">= 10" diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh index 1b902cc579f6..a21c771908b3 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh @@ -196,7 +196,7 @@ test_span_gre_forbidden_egress() bridge vlan add dev $swp3 vid 555 # Re-prime FDB - $ARPING -I br1.555 192.0.2.130 -fqc 1 + $ARPING -I br1.555 -fqc 1 192.0.2.130 sleep 1 quick_test_span_gre_dir $tundev @@ -290,7 +290,7 @@ test_span_gre_fdb_roaming() bridge fdb del dev $swp2 $h3mac vlan 555 master 2>/dev/null # Re-prime FDB - $ARPING -I br1.555 192.0.2.130 -fqc 1 + $ARPING -I br1.555 -fqc 1 192.0.2.130 sleep 1 quick_test_span_gre_dir $tundev diff --git a/tools/testing/selftests/net/forwarding/mirror_lib.sh b/tools/testing/selftests/net/forwarding/mirror_lib.sh index 6bf9d5ae933c..401b1cdf0758 100644 --- a/tools/testing/selftests/net/forwarding/mirror_lib.sh +++ b/tools/testing/selftests/net/forwarding/mirror_lib.sh @@ -49,8 +49,8 @@ mirror_test() fi local t0=$(tc_rule_stats_get $dev $pref) - $MZ $proto $vrf_name ${sip:+-A $sip} -B $dip -a own -b bc -q \ - -c 10 -d 100msec -t $type + $MZ $proto ${sip:+-A $sip} -B $dip -a own -b bc -q \ + -c 10 -d 100msec -t $type $vrf_name sleep 0.5 local t1=$(tc_rule_stats_get $dev $pref) local delta=$((t1 - t0)) diff --git a/tools/testing/selftests/net/forwarding/pedit_dsfield.sh b/tools/testing/selftests/net/forwarding/pedit_dsfield.sh index af008fbf2725..3e8804ccb721 100755 --- a/tools/testing/selftests/net/forwarding/pedit_dsfield.sh +++ b/tools/testing/selftests/net/forwarding/pedit_dsfield.sh @@ -130,8 +130,8 @@ do_test_pedit_dsfield_common() # TOS 125: DSCP 31, ECN 1. Used for testing that the relevant part is # overwritten when zero is selected. - $MZ $mz_flags $h1 -c 10 -d 20msec -p 100 \ - -a own -b $h2mac -q -t tcp tos=0x7d,sp=54321,dp=12345 + $MZ $mz_flags -c 10 -d 20msec -p 100 \ + -a own -b $h2mac -q -t tcp $h1 tos=0x7d,sp=54321,dp=12345 local pkts pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \ diff --git a/tools/testing/selftests/net/forwarding/pedit_ip.sh b/tools/testing/selftests/net/forwarding/pedit_ip.sh index d14efb2d23b2..48aab7f4cc49 100755 --- a/tools/testing/selftests/net/forwarding/pedit_ip.sh +++ b/tools/testing/selftests/net/forwarding/pedit_ip.sh @@ -128,7 +128,7 @@ do_test_pedit_ip() RET=0 - $MZ $mz_flags $h1 -c 10 -d 20msec -p 100 -a own -b $h2mac -q -t ip + $MZ $mz_flags -c 10 -d 20msec -p 100 -a own -b $h2mac -q -t ip $h1 local pkts pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \ diff --git a/tools/testing/selftests/net/forwarding/pedit_l4port.sh b/tools/testing/selftests/net/forwarding/pedit_l4port.sh index 10e594c55117..d9846703d6cc 100755 --- a/tools/testing/selftests/net/forwarding/pedit_l4port.sh +++ b/tools/testing/selftests/net/forwarding/pedit_l4port.sh @@ -132,8 +132,8 @@ do_test_pedit_l4port_one() RET=0 - $MZ $mz_flags $h1 -c 10 -d 20msec -p 100 \ - -a own -b $h2mac -q -t $pedit_prot sp=54321,dp=12345 + $MZ $mz_flags -c 10 -d 20msec -p 100 \ + -a own -b $h2mac -q -t $pedit_prot $h1 sp=54321,dp=12345 local pkts pkts=$(busywait "$TC_HIT_TIMEOUT" until_counter_is ">= 10" \ diff --git a/tools/testing/selftests/net/forwarding/router.sh b/tools/testing/selftests/net/forwarding/router.sh index b98ea9449b8b..2560ad760a66 100755 --- a/tools/testing/selftests/net/forwarding/router.sh +++ b/tools/testing/selftests/net/forwarding/router.sh @@ -197,8 +197,8 @@ sip_in_class_e() tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \ flower src_ip 240.0.0.1 ip_proto udp action pass - $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \ - -A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q + $MZ -t udp -c 5 -d 1msec \ + -A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -246,8 +246,8 @@ __mc_mac_mismatch() create_mcast_sg $rp1 $sip $dip $rp2 - $MZ $flags $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $dmac \ - -B $dip -q + $MZ $flags -t udp -c 5 -d 1msec -b $dmac \ + -B $dip -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -275,8 +275,8 @@ ipv4_sip_equal_dip() tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \ flower src_ip 198.51.100.2 action pass - $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \ - -A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q + $MZ -t udp -c 5 -d 1msec \ + -A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -295,8 +295,8 @@ ipv6_sip_equal_dip() tc filter add dev $rp2 egress protocol ipv6 pref 1 handle 101 \ flower src_ip 2001:db8:2::2 action pass - $MZ -6 $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \ - -A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q + $MZ -6 -t udp -c 5 -d 1msec \ + -A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" @@ -318,7 +318,7 @@ ipv4_dip_link_local() ip neigh add 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2 ip route add 169.254.1.0/24 dev $rp2 - $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $rp1mac -B $dip -q + $MZ -t udp -c 5 -d 1msec -b $rp1mac -B $dip -q $h1 "sp=54321,dp=12345" tc_check_packets "dev $rp2 egress" 101 5 check_err $? "Packets were dropped" diff --git a/tools/testing/selftests/net/forwarding/router_broadcast.sh b/tools/testing/selftests/net/forwarding/router_broadcast.sh index 4eac0a06f451..e13569d96cd7 100755 --- a/tools/testing/selftests/net/forwarding/router_broadcast.sh +++ b/tools/testing/selftests/net/forwarding/router_broadcast.sh @@ -173,7 +173,7 @@ ping_test_from() log_info "ping $dip, expected reply from $from" ip vrf exec $(master_name_get $oif) \ - $PING -I $oif $dip -c 10 -i 0.1 -w $PING_TIMEOUT -b 2>&1 \ + $PING -I $oif -c 10 -i 0.1 -w $PING_TIMEOUT -b $dip 2>&1 \ | grep "bytes from $from" > /dev/null check_err_fail $fail $? } diff --git a/tools/testing/selftests/net/forwarding/router_mpath_nh.sh b/tools/testing/selftests/net/forwarding/router_mpath_nh.sh index a7d8399c8d4f..f0cded6b7bcf 100755 --- a/tools/testing/selftests/net/forwarding/router_mpath_nh.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_nh.sh @@ -244,8 +244,8 @@ multipath4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - ip vrf exec vrf-h1 $MZ $h1 -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ - -d $MZ_DELAY -t udp "$ports" + ip vrf exec vrf-h1 $MZ -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) @@ -280,8 +280,8 @@ multipath6_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "$ports" + $MZ -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) diff --git a/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh b/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh index 507b2852dabe..d8ba304ec9ff 100644 --- a/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_nh_lib.sh @@ -104,7 +104,7 @@ __nh_stats_test_v4() sysctl_set net.ipv4.fib_multipath_hash_policy 1 nh_stats_test_dispatch $nhgtype "IPv4" 101 102 103 \ - $MZ $h1 -A 192.0.2.2 -B 198.51.100.2 + $MZ -A 192.0.2.2 -B 198.51.100.2 $h1 sysctl_restore net.ipv4.fib_multipath_hash_policy } @@ -114,7 +114,7 @@ __nh_stats_test_v6() sysctl_set net.ipv6.fib_multipath_hash_policy 1 nh_stats_test_dispatch $nhgtype "IPv6" 104 105 106 \ - $MZ -6 $h1 -A 2001:db8:1::2 -B 2001:db8:2::2 + $MZ -6 -A 2001:db8:1::2 -B 2001:db8:2::2 $h1 sysctl_restore net.ipv6.fib_multipath_hash_policy } diff --git a/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh b/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh index 88ddae05b39d..1db64b8beab2 100755 --- a/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_nh_res.sh @@ -245,8 +245,8 @@ multipath4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - ip vrf exec vrf-h1 $MZ $h1 -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ - -d $MZ_DELAY -t udp "$ports" + ip vrf exec vrf-h1 $MZ -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) @@ -278,8 +278,8 @@ multipath6_l4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "$ports" + $MZ -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "$ports" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) diff --git a/tools/testing/selftests/net/forwarding/router_mpath_seed.sh b/tools/testing/selftests/net/forwarding/router_mpath_seed.sh index 314cb906c1eb..d6a2a24da423 100755 --- a/tools/testing/selftests/net/forwarding/router_mpath_seed.sh +++ b/tools/testing/selftests/net/forwarding/router_mpath_seed.sh @@ -255,15 +255,15 @@ test_mpath_seed() test_mpath_seed_ipv4() { test_mpath_seed 1000 IPv4 \ - $MZ $h1 -A 192.0.2.1 -B 192.0.2.34 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -A 192.0.2.1 -B 192.0.2.34 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } test_mpath_seed_ipv6() { test_mpath_seed 2000 IPv6 \ - $MZ -6 $h1 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -6 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } check_mpath_seed_stability() @@ -311,15 +311,15 @@ test_mpath_seed_stability() test_mpath_seed_stability_ipv4() { test_mpath_seed_stability 1000 IPv4 \ - $MZ $h1 -A 192.0.2.1 -B 192.0.2.34 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -A 192.0.2.1 -B 192.0.2.34 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } test_mpath_seed_stability_ipv6() { test_mpath_seed_stability 2000 IPv6 \ - $MZ -6 $h1 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ - -p 64 -d 0 -c 10 -t udp + $MZ -6 -A 2001:db8:1::1 -B 2001:db8:3::2 -q \ + -p 64 -d 0 -c 10 -t udp $h1 } trap cleanup EXIT diff --git a/tools/testing/selftests/net/forwarding/router_multicast.sh b/tools/testing/selftests/net/forwarding/router_multicast.sh index 83e52abdbc2e..b22846b09b45 100755 --- a/tools/testing/selftests/net/forwarding/router_multicast.sh +++ b/tools/testing/selftests/net/forwarding/router_multicast.sh @@ -222,8 +222,8 @@ mcast_v4() create_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 # Send frames with the corresponding L2 destination address. - $MZ $h1 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + $MZ -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ + -A 198.51.100.2 -B 225.1.2.3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast not received on first host" @@ -232,8 +232,8 @@ mcast_v4() delete_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 - $MZ $h1 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + $MZ -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ + -A 198.51.100.2 -B 225.1.2.3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast received on host although deleted" @@ -262,8 +262,8 @@ mcast_v6() create_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 # Send frames with the corresponding L2 destination address. - $MZ $h1 -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ - -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q + $MZ -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ + -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast not received on first host" @@ -272,8 +272,8 @@ mcast_v6() delete_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 - $MZ $h1 -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ - -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q + $MZ -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ + -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q $h1 tc_check_packets "dev $h2 ingress" 122 5 check_err $? "Multicast received on first host although deleted" @@ -308,18 +308,18 @@ rpf_v4() create_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 - $MZ $h1 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h1 tc_check_packets "dev $h2 ingress" 1 5 check_err $? "Multicast not received on first host" tc_check_packets "dev $h3 ingress" 1 5 check_err $? "Multicast not received on second host" - $MZ $h3 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h3 tc_check_packets "dev $h1 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -353,18 +353,18 @@ rpf_v6() create_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 - $MZ $h1 -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h1 tc_check_packets "dev $h2 ingress" 1 5 check_err $? "Multicast not received on first host" tc_check_packets "dev $h3 ingress" 1 5 check_err $? "Multicast not received on second host" - $MZ $h3 -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h3 tc_check_packets "dev $h1 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -399,9 +399,9 @@ unres_v4() dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action drop # Forwarding should fail before installing a matching (*, G). - $MZ $h1 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h1 tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -411,9 +411,9 @@ unres_v4() # Create (*, G). Will not be installed in the kernel. create_mcast_sg $rp1 0.0.0.0 225.1.2.3 $rp2 $rp3 - $MZ $h1 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ - -A 198.51.100.2 -B 225.1.2.3 -q + -A 198.51.100.2 -B 225.1.2.3 -q $h1 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Multicast not received on first host" @@ -444,9 +444,9 @@ unres_v6() dst_ip ff0e::3 ip_proto udp dst_port 12345 action drop # Forwarding should fail before installing a matching (*, G). - $MZ $h1 -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h1 tc_check_packets "dev $h2 ingress" 1 0 check_err $? "Multicast received on first host when should not" @@ -456,9 +456,9 @@ unres_v6() # Create (*, G). Will not be installed in the kernel. create_mcast_sg $rp1 :: ff0e::3 $rp2 $rp3 - $MZ $h1 -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ + $MZ -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ - -A 2001:db8:1::2 -B ff0e::3 -q + -A 2001:db8:1::2 -B ff0e::3 -q $h1 tc_check_packets "dev $h2 ingress" 1 1 check_err $? "Multicast not received on first host" diff --git a/tools/testing/selftests/net/forwarding/router_multipath.sh b/tools/testing/selftests/net/forwarding/router_multipath.sh index 46f365b557b7..d21da56f168d 100755 --- a/tools/testing/selftests/net/forwarding/router_multipath.sh +++ b/tools/testing/selftests/net/forwarding/router_multipath.sh @@ -178,8 +178,8 @@ multipath4_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - ip vrf exec vrf-h1 $MZ $h1 -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + ip vrf exec vrf-h1 $MZ -q -p 64 -A 192.0.2.2 -B 198.51.100.2 \ + -d $MZ_DELAY -t udp $h1"sp=1024,dp=0-32768" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) @@ -216,8 +216,8 @@ multipath6_test() t0_rp12=$(link_stats_tx_packets_get $rp12) t0_rp13=$(link_stats_tx_packets_get $rp13) - $MZ $h1 -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ - -d $MZ_DELAY -t udp "sp=1024,dp=0-32768" + $MZ -6 -q -p 64 -A 2001:db8:1::2 -B 2001:db8:2::2 \ + -d $MZ_DELAY -t udp $h1 "sp=1024,dp=0-32768" sleep 1 t1_rp12=$(link_stats_tx_packets_get $rp12) diff --git a/tools/testing/selftests/net/forwarding/sch_red.sh b/tools/testing/selftests/net/forwarding/sch_red.sh index af166662b78a..5d49ca59008c 100755 --- a/tools/testing/selftests/net/forwarding/sch_red.sh +++ b/tools/testing/selftests/net/forwarding/sch_red.sh @@ -165,7 +165,7 @@ send_packets() local proto=$1; shift local pkts=$1; shift - $MZ $h2 -p $PKTSZ -a own -b $h3_mac -A 192.0.2.2 -B 192.0.2.3 -t $proto -q -c $pkts "$@" + $MZ -p $PKTSZ -a own -b $h3_mac -A 192.0.2.2 -B 192.0.2.3 -t $proto -q -c $pkts $h2 "$@" } # This sends traffic in an attempt to build a backlog of $size. Returns 0 on @@ -266,8 +266,8 @@ do_ecn_test() local limit=$1; shift local name=ECN - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q $h1 tos=0x01 & defer stop_traffic $! sleep 1 @@ -287,8 +287,8 @@ do_ecn_nodrop_test() local limit=$1; shift local name="ECN nodrop" - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q $h1 tos=0x01 & defer stop_traffic $! sleep 1 @@ -311,8 +311,8 @@ do_red_test() # Use ECN-capable TCP to verify there's no marking even though the queue # is above limit. - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q $h1 tos=0x01 & defer stop_traffic $! # Pushing below the queue limit should work. @@ -342,8 +342,8 @@ do_red_qevent_test() RET=0 - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t udp -q & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t udp -q $h1 & defer stop_traffic $! sleep 1 @@ -381,8 +381,8 @@ do_ecn_qevent_test() RET=0 - $MZ $h1 -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ - -a own -b $h3_mac -t tcp -q tos=0x01 & + $MZ -p $PKTSZ -A 192.0.2.1 -B 192.0.2.3 -c 0 \ + -a own -b $h3_mac -t tcp -q tos=0x01 $h1 & defer stop_traffic $! sleep 1 diff --git a/tools/testing/selftests/net/forwarding/skbedit_priority.sh b/tools/testing/selftests/net/forwarding/skbedit_priority.sh index 3dd5fcbd3eaa..06e8b9e21b94 100755 --- a/tools/testing/selftests/net/forwarding/skbedit_priority.sh +++ b/tools/testing/selftests/net/forwarding/skbedit_priority.sh @@ -125,8 +125,8 @@ test_skbedit_priority_one() local pkt0=$(qdisc_parent_stats_get $swp2 $classid .packets) local pkt2=$(tc_rule_handle_stats_get "$locus" 101) - $MZ $h1 -t udp "sp=54321,dp=12345" -c 10 -d 20msec -p 100 \ - -a own -b $h2mac -A 192.0.2.1 -B 192.0.2.2 -q + $MZ -t udp -c 10 -d 20msec -p 100 \ + -a own -b $h2mac -A 192.0.2.1 -B 192.0.2.2 -q $h1 "sp=54321,dp=12345" local pkt1 pkt1=$(busywait "$HIT_TIMEOUT" until_counter_is ">= $((pkt0 + 10))" \ diff --git a/tools/testing/selftests/net/forwarding/tc_actions.sh b/tools/testing/selftests/net/forwarding/tc_actions.sh index ea89e558672d..580aaa42ed31 100755 --- a/tools/testing/selftests/net/forwarding/tc_actions.sh +++ b/tools/testing/selftests/net/forwarding/tc_actions.sh @@ -66,8 +66,8 @@ mirred_egress_test() tc filter add dev $h2 ingress protocol ip pref 1 handle 101 flower \ dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched without redirect rule inserted" @@ -76,8 +76,8 @@ mirred_egress_test() $classifier $tcflags $classifier_args \ action mirred egress $action dev $swp2 - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match incoming $action packet" @@ -96,8 +96,8 @@ gact_drop_and_ok_test() tc filter add dev $swp1 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 102 1 check_err $? "Packet was not dropped" @@ -105,8 +105,8 @@ gact_drop_and_ok_test() tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 flower \ $tcflags dst_ip 192.0.2.2 action ok - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 101 1 check_err $? "Did not see passed packet" @@ -134,8 +134,8 @@ gact_trap_test() $tcflags dst_ip 192.0.2.2 action mirred egress redirect \ dev $swp2 - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 101 1 check_fail $? "Saw packet without trap rule inserted" @@ -143,8 +143,8 @@ gact_trap_test() tc filter add dev $swp1 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 action trap - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $swp1 ingress" 102 1 check_err $? "Packet was not trapped" @@ -175,8 +175,8 @@ mirred_egress_to_ingress_test() tc filter add dev $swp1 protocol ip pref 12 handle 112 ingress flower \ ip_proto icmp src_ip 192.0.2.1 dst_ip 192.0.2.2 type 0 action pass - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t icmp "ping,id=42,seq=10" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t icmp -q $h1 "ping,id=42,seq=10" tc_check_packets "dev $h1 egress" 100 1 check_err $? "didn't mirror first packet" @@ -230,8 +230,8 @@ mirred_egress_to_ingress_tcp_test() cmp -s $mirred_e2i_tf1 $mirred_e2i_tf2 check_err $? "server output check failed" - $MZ $h1 -c 10 -p 64 -a $h1mac -b $h1mac -A 192.0.2.1 -B 192.0.2.1 \ - -t icmp "ping,id=42,seq=5" -q + $MZ -c 10 -p 64 -a $h1mac -b $h1mac -A 192.0.2.1 -B 192.0.2.1 \ + -t icmp -q $h1 "ping,id=42,seq=5" tc_check_packets "dev $h1 egress" 101 10 check_err $? "didn't mirred redirect ICMP" tc_check_packets "dev $h1 ingress" 102 10 @@ -254,8 +254,8 @@ ingress_2nd_vlan_push() $tcflags num_of_vlans 2 \ cvlan_ethtype 0x800 action pass - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -Q 10 -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -Q 10 -q $h1 tc_check_packets "dev $swp1 ingress" 30 1 check_err $? "No double-vlan packets received" @@ -276,8 +276,8 @@ egress_2nd_vlan_push() $tcflags num_of_vlans 2 \ cvlan_ethtype 0x800 action pass - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h1 egress" 30 1 check_err $? "No double-vlan packets received" diff --git a/tools/testing/selftests/net/forwarding/tc_chains.sh b/tools/testing/selftests/net/forwarding/tc_chains.sh index b95de0463ebd..95b194b5e092 100755 --- a/tools/testing/selftests/net/forwarding/tc_chains.sh +++ b/tools/testing/selftests/net/forwarding/tc_chains.sh @@ -38,8 +38,8 @@ unreachable_chain_test() tc filter add dev $h2 ingress chain 1 protocol ip pref 1 handle 1101 \ flower $tcflags dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 1101 1 check_fail $? "matched on filter in unreachable chain" @@ -61,8 +61,8 @@ gact_goto_chain_test() tc filter add dev $h2 ingress protocol ip pref 1 handle 101 flower \ $tcflags dst_mac $h2mac action goto chain 1 - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 102 1 check_fail $? "Matched on a wrong filter" diff --git a/tools/testing/selftests/net/forwarding/tc_flower.sh b/tools/testing/selftests/net/forwarding/tc_flower.sh index b58909a93112..899d452b9915 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower.sh @@ -46,8 +46,8 @@ match_dst_mac_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -72,8 +72,8 @@ match_src_mac_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags src_mac $h1mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -98,8 +98,8 @@ match_dst_ip_test() tc filter add dev $h2 ingress protocol ip pref 3 handle 103 flower \ $tcflags dst_ip 192.0.2.0/24 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -109,8 +109,8 @@ match_dst_ip_test() tc filter del dev $h2 ingress protocol ip pref 2 handle 102 flower - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 103 1 check_err $? "Did not match on correct filter with mask" @@ -132,8 +132,8 @@ match_src_ip_test() tc filter add dev $h2 ingress protocol ip pref 3 handle 103 flower \ $tcflags src_ip 192.0.2.0/24 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -143,8 +143,8 @@ match_src_ip_test() tc filter del dev $h2 ingress protocol ip pref 2 handle 102 flower - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 103 1 check_err $? "Did not match on correct filter with mask" @@ -168,8 +168,8 @@ match_ip_flags_test() tc filter add dev $h2 ingress protocol ip pref 4 handle 104 flower \ $tcflags ip_flags nofrag action drop - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=0" -q + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "frag=0" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on wrong frag filter (nofrag)" @@ -183,8 +183,8 @@ match_ip_flags_test() tc_check_packets "dev $h2 ingress" 104 1 check_err $? "Did not match on nofrag filter (nofrag)" - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=0,mf" -q + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1"frag=0,mf" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on frag filter (1stfrag)" @@ -198,10 +198,10 @@ match_ip_flags_test() tc_check_packets "dev $h2 ingress" 104 1 check_err $? "Match on wrong nofrag filter (1stfrag)" - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=256,mf" -q - $MZ $h1 -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "frag=256" -q + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "frag=256,mf" + $MZ -c 1 -p 1000 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "frag=256" tc_check_packets "dev $h2 ingress" 101 3 check_err $? "Did not match on frag filter (no1stfrag)" @@ -234,8 +234,8 @@ match_pcp_test() tc filter add dev $h2 ingress protocol 802.1q pref 2 handle 102 \ flower vlan_prio 7 $tcflags dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 7:85 -t ip -q - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 7:85 -t ip -q $h1 + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 0 check_err $? "Matched on specified PCP when should not" @@ -263,7 +263,7 @@ match_vlan_test() tc filter add dev $h2 ingress protocol 802.1q pref 2 handle 102 \ flower vlan_id 85 $tcflags action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -B 192.0.2.11 -Q 0:85 -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 0 check_err $? "Matched on specified VLAN when should not" @@ -289,8 +289,8 @@ match_ip_tos_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 ip_tos 0x18 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip tos=18 -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tos=18 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (0x18)" @@ -298,8 +298,8 @@ match_ip_tos_test() tc_check_packets "dev $h2 ingress" 102 1 check_err $? "Did not match on correct filter (0x18)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip tos=20 -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tos=20 tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0x20)" @@ -322,11 +322,11 @@ match_ip_ttl_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "ttl=63" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "ttl=63" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "ttl=63,mf,frag=256" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "ttl=63,mf,frag=256" tc_check_packets "dev $h2 ingress" 102 1 check_fail $? "Matched on the wrong filter (no check on ttl)" @@ -334,8 +334,8 @@ match_ip_ttl_test() tc_check_packets "dev $h2 ingress" 101 2 check_err $? "Did not match on correct filter (ttl=63)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip "ttl=255" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 "ttl=255" tc_check_packets "dev $h2 ingress" 101 3 check_fail $? "Matched on a wrong filter (ttl=63)" @@ -358,8 +358,8 @@ match_indev_test() tc filter add dev $h2 ingress protocol ip pref 2 handle 102 flower \ $tcflags indev $h2 dst_mac $h2mac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter" @@ -404,7 +404,7 @@ match_mpls_label_test() flower $tcflags mpls_label 1048575 action drop pkt="$ethtype $(mpls_lse 1048575 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (1048575)" @@ -413,7 +413,7 @@ match_mpls_label_test() check_err $? "Did not match on correct filter (1048575)" pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -442,7 +442,7 @@ match_mpls_tc_test() flower $tcflags mpls_tc 7 action drop pkt="$ethtype $(mpls_lse 0 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (7)" @@ -451,7 +451,7 @@ match_mpls_tc_test() check_err $? "Did not match on correct filter (7)" pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -480,7 +480,7 @@ match_mpls_bos_test() flower $tcflags mpls_bos 1 action drop pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (1)" @@ -490,7 +490,7 @@ match_mpls_bos_test() # Need to add a second label to properly mark the Bottom of Stack pkt="$ethtype $(mpls_lse 0 0 0 255) $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -519,7 +519,7 @@ match_mpls_ttl_test() flower $tcflags mpls_ttl 255 action drop pkt="$ethtype $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_fail $? "Matched on a wrong filter (255)" @@ -528,7 +528,7 @@ match_mpls_ttl_test() check_err $? "Did not match on correct filter (255)" pkt="$ethtype $(mpls_lse 0 0 1 0)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 102 2 check_fail $? "Matched on a wrong filter (0)" @@ -581,45 +581,45 @@ match_mpls_lse_test() # Base packet, matched by all filters (except for stack depth 3) pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Make a variant of the above packet, with a non-matching value # for each LSE field # Wrong label at depth 1 pkt="$ethtype $(mpls_lse 1 0 0 0) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TC at depth 1 pkt="$ethtype $(mpls_lse 0 1 0 0) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong BOS at depth 1 (not adding a second LSE here since BOS is set # in the first label, so anything that'd follow wouldn't be considered) pkt="$ethtype $(mpls_lse 0 0 1 0)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TTL at depth 1 pkt="$ethtype $(mpls_lse 0 0 0 1) $(mpls_lse 1048575 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong label at depth 2 pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048574 7 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TC at depth 2 pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 6 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong BOS at depth 2 (adding a third LSE here since BOS isn't set in # the second label) pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 7 0 255)" pkt="$pkt $(mpls_lse 0 0 1 255)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Wrong TTL at depth 2 pkt="$ethtype $(mpls_lse 0 0 0 0) $(mpls_lse 1048575 7 1 254)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" # Filters working at depth 1 should match all packets but one @@ -707,12 +707,12 @@ match_erspan_opts_test() enc_key_id 1002 erspan_opts 2:0:1:63 action drop ep1mac=$(mac_get erspan1) - $MZ erspan1 -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q + $MZ -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q erspan1 tc_check_packets "dev ep-ex ingress" 101 1 check_err $? "ERSPAN Type II" ep2mac=$(mac_get erspan2) - $MZ erspan2 -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q + $MZ -c 1 -p 64 -a $ep1mac -b $h2mac -t ip -q erspan2 tc_check_packets "dev ep-ex ingress" 102 1 check_err $? "ERSPAN Type III" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh b/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh index 3ca20df952eb..e2988d3b855f 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_cfm.sh @@ -63,9 +63,9 @@ match_cfm_opcode() flower cfm op 43 action drop pkt="$ethtype $(generate_cfm_hdr 7 47 0 32)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 6 5 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on correct opcode" @@ -74,7 +74,7 @@ match_cfm_opcode() check_err $? "Matched on the wrong opcode" pkt="$ethtype $(generate_cfm_hdr 0 43 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Matched on the wrong opcode" @@ -101,11 +101,11 @@ match_cfm_level() flower cfm mdl 0 action drop pkt="$ethtype $(generate_cfm_hdr 5 42 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 6 1 0 70)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 0 1 0 70)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on correct level" @@ -117,7 +117,7 @@ match_cfm_level() check_err $? "Did not match on correct level" pkt="$ethtype $(generate_cfm_hdr 3 0 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Matched on the wrong level" @@ -146,11 +146,11 @@ match_cfm_level_and_opcode() flower cfm mdl 7 op 42 action drop pkt="$ethtype $(generate_cfm_hdr 5 41 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 7 3 0 4)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" pkt="$ethtype $(generate_cfm_hdr 3 42 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Did not match on correct level and opcode" @@ -159,7 +159,7 @@ match_cfm_level_and_opcode() check_err $? "Matched on the wrong level and opcode" pkt="$ethtype $(generate_cfm_hdr 7 42 0 12)" - $MZ $h1 -c 1 -p 64 -a $h1mac -b $h2mac "$pkt" -q + $MZ -c 1 -p 64 -a $h1mac -b $h2mac -q $h1 "$pkt" tc_check_packets "dev $h2 ingress" 101 1 check_err $? "Matched on the wrong level and opcode" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh b/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh index c2420bb72c12..73ceb27a4d5a 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh @@ -86,7 +86,7 @@ test_l2_miss_unicast() dst_ip $dip action pass # Before adding FDB entry. - $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unknown unicast filter was not hit before adding FDB entry" @@ -97,7 +97,7 @@ test_l2_miss_unicast() # Adding FDB entry. bridge fdb replace $dmac dev $swp2 master static - $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unknown unicast filter was hit after adding FDB entry" @@ -108,7 +108,7 @@ test_l2_miss_unicast() # Deleting FDB entry. bridge fdb del $dmac dev $swp2 master static - $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 2 check_err $? "Unknown unicast filter was not hit after deleting FDB entry" @@ -143,7 +143,7 @@ test_l2_miss_multicast_common() action pass # Before adding MDB entry. - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unregistered multicast filter was not hit before adding MDB entry" @@ -154,7 +154,7 @@ test_l2_miss_multicast_common() # Adding MDB entry. bridge mdb replace dev br1 port $swp2 grp $dip permanent - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Unregistered multicast filter was hit after adding MDB entry" @@ -165,7 +165,7 @@ test_l2_miss_multicast_common() # Deleting MDB entry. bridge mdb del dev br1 port $swp2 grp $dip - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 2 check_err $? "Unregistered multicast filter was not hit after deleting MDB entry" @@ -255,7 +255,7 @@ test_l2_miss_ll_multicast_common() flower indev $swp1 l2_miss 1 dst_mac $dmac src_ip $sip \ dst_ip $dip action pass - $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + $MZ $mode -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Filter was not hit" @@ -309,7 +309,7 @@ test_l2_miss_broadcast() flower l2_miss 0 dst_mac $dmac src_mac $smac \ action pass - $MZ $h1 -a $smac -b $dmac -c 1 -p 100 -q + $MZ -a $smac -b $dmac -c 1 -p 100 -q $h1 tc_check_packets "dev $swp2 egress" 101 0 check_err $? "L2 miss filter was hit when should not" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh b/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh index baed5e380dae..6323567ca2fb 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_port_range.sh @@ -103,22 +103,22 @@ __test_port_range() dst_port $dport_min-$dport_max \ action drop - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$dport_min" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$dport_min" tc_check_packets "dev $swp1 ingress" 101 1 check_err $? "Ingress filter not hit with minimum ports" tc_check_packets "dev $swp2 egress" 101 1 check_err $? "Egress filter not hit with minimum ports" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_mid,dp=$dport_mid" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_mid,dp=$dport_mid" tc_check_packets "dev $swp1 ingress" 101 2 check_err $? "Ingress filter not hit with middle ports" tc_check_packets "dev $swp2 egress" 101 2 check_err $? "Egress filter not hit with middle ports" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_max,dp=$dport_max" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_max,dp=$dport_max" tc_check_packets "dev $swp1 ingress" 101 3 check_err $? "Ingress filter not hit with maximum ports" tc_check_packets "dev $swp2 egress" 101 3 @@ -126,16 +126,16 @@ __test_port_range() # Send traffic when both ports are out of range and when only one port # is out of range. - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_min - 1)),dp=$dport_min" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_max + 1)),dp=$dport_min" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$((dport_min - 1))" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$((dport_max + 1))" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_max + 1)),dp=$((dport_max + 1))" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_min - 1)),dp=$dport_min" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_max + 1)),dp=$dport_min" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$((dport_min - 1))" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$((dport_max + 1))" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_max + 1)),dp=$((dport_max + 1))" tc_check_packets "dev $swp1 ingress" 101 3 check_err $? "Ingress filter was hit when should not" tc_check_packets "dev $swp2 egress" 101 3 @@ -219,18 +219,18 @@ test_port_range_ipv4_udp_drop() action drop # Test ports outside range - should pass - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_min - 1)),dp=$dport" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$((sport_max + 1)),dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_min - 1)),dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$((sport_max + 1)),dp=$dport" # Test ports inside range - should be dropped - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_min,dp=$dport" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_mid,dp=$dport" - $MZ $mode $h1 -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ - -t $ip_proto "sp=$sport_max,dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_min,dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_mid,dp=$dport" + $MZ $mode -c 1 -q -p 100 -a $smac -b $dmac -A $sip -B $dip \ + -t $ip_proto $h1 "sp=$sport_max,dp=$dport" tc_check_packets "dev $swp1 ingress" 101 3 check_err $? "Filter did not drop the expected number of packets" diff --git a/tools/testing/selftests/net/forwarding/tc_flower_router.sh b/tools/testing/selftests/net/forwarding/tc_flower_router.sh index 4aee9c9e69f6..e0af18844581 100755 --- a/tools/testing/selftests/net/forwarding/tc_flower_router.sh +++ b/tools/testing/selftests/net/forwarding/tc_flower_router.sh @@ -90,8 +90,8 @@ match_indev_egress_test() tc filter add dev $rp3 egress protocol ip pref 2 handle 102 flower \ $tcflags indev $rp2 dst_ip 192.0.3.1 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $rp1mac -A 192.0.1.1 -B 192.0.3.1 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $rp1mac -A 192.0.1.1 -B 192.0.3.1 \ + -t ip -q $h1 tc_check_packets "dev $rp3 egress" 102 1 check_fail $? "Matched on a wrong filter" @@ -99,8 +99,8 @@ match_indev_egress_test() tc_check_packets "dev $rp3 egress" 101 1 check_err $? "Did not match on correct filter" - $MZ $h2 -c 1 -p 64 -a $h2mac -b $rp2mac -A 192.0.2.1 -B 192.0.3.1 \ - -t ip -q + $MZ -c 1 -p 64 -a $h2mac -b $rp2mac -A 192.0.2.1 -B 192.0.3.1 \ + -t ip -q $h2 tc_check_packets "dev $rp3 egress" 101 2 check_fail $? "Matched on a wrong filter" diff --git a/tools/testing/selftests/net/forwarding/tc_shblocks.sh b/tools/testing/selftests/net/forwarding/tc_shblocks.sh index 772e00ac3230..37517e4b5df6 100755 --- a/tools/testing/selftests/net/forwarding/tc_shblocks.sh +++ b/tools/testing/selftests/net/forwarding/tc_shblocks.sh @@ -53,14 +53,14 @@ shared_block_test() tc filter add block 22 protocol ip pref 1 handle 101 flower \ $tcflags dst_ip 192.0.2.2 action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "block 22" 101 1 check_err $? "Did not match first incoming packet on a block" - $MZ $h2 -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h2 tc_check_packets "block 22" 101 2 check_err $? "Did not match second incoming packet on a block" @@ -79,14 +79,14 @@ match_indev_test() tc filter add block 22 protocol ip pref 2 handle 102 flower \ $tcflags indev $swp2 dst_mac $swmac action drop - $MZ $h1 -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h1mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h1 tc_check_packets "block 22" 101 1 check_err $? "Did not match first incoming packet on a block" - $MZ $h2 -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ - -t ip -q + $MZ -c 1 -p 64 -a $h2mac -b $swmac -A 192.0.2.1 -B 192.0.2.2 \ + -t ip -q $h2 tc_check_packets "block 22" 102 1 check_err $? "Did not match second incoming packet on a block" diff --git a/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh b/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh index 79775b10b99f..8c5205502827 100755 --- a/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh +++ b/tools/testing/selftests/net/forwarding/tc_tunnel_key.sh @@ -114,11 +114,11 @@ tunnel_key_nofrag_test() # test 'nofrag' set tc filter add dev h1-et egress protocol all pref 1 handle 1 matchall $tcflags \ action tunnel_key set src_ip 192.0.2.1 dst_ip 192.0.2.2 id 42 nofrag index 10 - $MZ h1-et -c 1 -p 930 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q + $MZ -c 1 -p 930 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q h1-et tc_check_packets "dev $swp1 ingress" 100 1 check_err $? "packet smaller than MTU was not tunneled" - $MZ h1-et -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q + $MZ -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q h1-et tc_check_packets "dev $swp1 ingress" 100 1 check_err $? "packet bigger than MTU matched nofrag (nofrag was set)" tc_check_packets "dev $swp1 ingress" 101 0 @@ -128,7 +128,7 @@ tunnel_key_nofrag_test() # test 'nofrag' cleared tc actions change action tunnel_key set src_ip 192.0.2.1 dst_ip 192.0.2.2 id 42 index 10 - $MZ h1-et -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q + $MZ -c 1 -p 931 -a 00:aa:bb:cc:dd:ee -b 00:ee:dd:cc:bb:aa -t ip -q h1-et tc_check_packets "dev $swp1 ingress" 100 1 check_err $? "packet bigger than MTU matched nofrag (nofrag was unset)" tc_check_packets "dev $swp1 ingress" 101 1 diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh index b43816dd998c..6913c0185262 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d.sh @@ -395,7 +395,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ $h1 -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q + $MZ -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q $h1 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) @@ -567,9 +567,9 @@ vxlan_encapped_ping_do() local inner_tos=$1; shift local outer_tos=$1; shift - $MZ $dev -c $count -d 100msec -q \ + $MZ -c $count -d 100msec -q \ -b $next_hop_mac -B $dest_ip \ - -t udp tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: + -t udp $dev tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: )"08:"$( : VXLAN flags )"00:00:00:"$( : VXLAN reserved )"00:03:e8:"$( : VXLAN VNI @@ -705,8 +705,8 @@ test_learning() # a corresponding entry is created in VxLAN device vx1 RET=0 - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q self @@ -737,8 +737,8 @@ test_learning() # Re-learn the first FDB entry and check that it is correctly aged-out RET=0 - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q self @@ -749,7 +749,7 @@ test_learning() vxlan_flood_test $mac $dst 0 10 0 # The entry should age out when it only forwards traffic - $MZ $h1 -c 50 -d 1sec -p 64 -b $mac -B $dst -t icmp -q & + $MZ -c 50 -d 1sec -p 64 -b $mac -B $dst -t icmp -q $h1 & sleep 60 bridge fdb show brport vx1 | grep $mac | grep -q self @@ -767,8 +767,8 @@ test_learning() ip link set dev vx1 type bridge_slave learning off - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q -v self @@ -776,8 +776,8 @@ test_learning() ip link set dev vx1 type bridge_slave learning on - in_ns ns1 $MZ w2 -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ - -t icmp -q + in_ns ns1 $MZ -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff -B $dst \ + -t icmp -q w2 sleep 1 bridge fdb show brport vx1 | grep $mac | grep -q -v self diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh index a603f7b0a08f..988b13fe0355 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1d_ipv6.sh @@ -516,7 +516,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ -6 $h1 -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 type=128 -q + $MZ -6 -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 -q $h1 type=128 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) @@ -682,9 +682,9 @@ vxlan_encapped_ping_do() local saddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:03" local daddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:01" - $MZ -6 $dev -c $count -d 100msec -q \ + $MZ -6 -c $count -d 100msec -q \ -b $next_hop_mac -B $dest_ip \ - -t udp tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: + -t udp $dev tos=$outer_tos,sp=23456,dp=$VXPORT,p=$(: )"08:"$( : VXLAN flags )"00:00:00:"$( : VXLAN reserved )"00:03:e8:"$( : VXLAN VNI diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh index afc65647f673..17333e5ad94a 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh @@ -500,7 +500,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ $h1 -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q + $MZ -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q $h1 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) @@ -717,8 +717,8 @@ __test_learning() # a corresponding entry is created in the VxLAN device RET=0 - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep -q self @@ -752,8 +752,8 @@ __test_learning() # Re-learn the first FDB entry and check that it is correctly aged-out RET=0 - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep -q self @@ -784,8 +784,8 @@ __test_learning() ip link set dev $vx type bridge_slave learning off - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ @@ -794,8 +794,8 @@ __test_learning() ip link set dev $vx type bridge_slave learning on - in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ - -B $dst -t icmp -q + in_ns ns1 $MZ -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ + -B $dst -t icmp -q w2 sleep 1 bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh index e83fde79f40d..5af514884e2c 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_ipv6.sh @@ -642,7 +642,7 @@ vxlan_flood_test() done local -a t0s=($(flood_fetch_stats "${counters[@]}")) - $MZ -6 $h1 -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 type=128 -q + $MZ -6 -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp6 -q $h1 type=128 sleep 1 local -a t1s=($(flood_fetch_stats "${counters[@]}")) diff --git a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh index 462db0b603e7..5cc2a7f090e3 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_bridge_1q_mc_ul.sh @@ -471,8 +471,8 @@ do_packets_v4() local mac mac=$(mac_get "$h2") - "$MZ" "$h1" -Q 10 -c 10 -d 100msec -p 64 -a own -b "$mac" \ - -A 192.0.2.1 -B 192.0.2.2 -t udp sp=1234,dp=2345 -q + "$MZ" -Q 10 -c 10 -d 100msec -p 64 -a own -b "$mac" \ + -A 192.0.2.1 -B 192.0.2.2 -t udp -q "$h1" sp=1234,dp=2345 } do_packets_v6() @@ -480,8 +480,8 @@ do_packets_v6() local mac mac=$(mac_get "$h2") - "$MZ" -6 "$h1" -Q 20 -c 10 -d 100msec -p 64 -a own -b "$mac" \ - -A 2001:db8:1::1 -B 2001:db8:1::2 -t udp sp=1234,dp=2345 -q + "$MZ" -6 -Q 20 -c 10 -d 100msec -p 64 -a own -b "$mac" \ + -A 2001:db8:1::1 -B 2001:db8:1::2 -t udp -q "$h1" sp=1234,dp=2345 } do_test() diff --git a/tools/testing/selftests/net/forwarding/vxlan_reserved.sh b/tools/testing/selftests/net/forwarding/vxlan_reserved.sh index 46c31794b91b..6713468bc170 100755 --- a/tools/testing/selftests/net/forwarding/vxlan_reserved.sh +++ b/tools/testing/selftests/net/forwarding/vxlan_reserved.sh @@ -167,9 +167,9 @@ vxlan_ping_do() local vxlan_header=$(vxlan_header_bytes $vni $reserved_bits) - $MZ $dev -c $count -d 100msec -q \ + $MZ -c $count -d 100msec -q \ -b $next_hop_mac -B $dest_ip \ - -t udp sp=23456,dp=$VXPORT,p=$(: + -t udp $dev sp=23456,dp=$VXPORT,p=$(: )"$vxlan_header:"$( : VXLAN )"$dest_mac:"$( : ETH daddr )"00:11:22:33:44:55:"$( : ETH saddr -- 2.50.1

1 week, 1 day

2
1
0 0

[PATCH v2 bpf-next] selftests/bpf: Fix the issue where the error code is 0

by Feng Yang

From: Feng Yang <yangfeng(a)kylinos.cn> The error message printed here only uses the previous err value, which results in it being printed as 0. Fix this issue by using libbpf_get_error to retrieve the error. Fix before: run_subtest:FAIL:1019 bpf_map__attach_struct_ops failed for map pro_epilogue: err=0 Fix after: run_subtest:FAIL:1019 bpf_map__attach_struct_ops failed for map pro_epilogue: err=-9 Signed-off-by: Feng Yang <yangfeng(a)kylinos.cn> --- Changes in v2: - Use libbpf_get_error, thanks: Alexei Starovoitov. - Link to v1: https://lore.kernel.org/all/20250828081507.1380218-1-yangfeng59949@163.com/ --- tools/testing/selftests/bpf/test_loader.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/test_loader.c b/tools/testing/selftests/bpf/test_loader.c index 78423cf89e01..b8e102eb0908 100644 --- a/tools/testing/selftests/bpf/test_loader.c +++ b/tools/testing/selftests/bpf/test_loader.c @@ -1082,8 +1082,8 @@ void run_subtest(struct test_loader *tester, } link = bpf_map__attach_struct_ops(map); if (!link) { - PRINT_FAIL("bpf_map__attach_struct_ops failed for map %s: err=%d\n", - bpf_map__name(map), err); + PRINT_FAIL("bpf_map__attach_struct_ops failed for map %s: err=%ld\n", + bpf_map__name(map), libbpf_get_error(link)); goto tobj_cleanup; } links[links_cnt++] = link; -- 2.25.1

1 week, 1 day

2
1
0 0

[PATCH] seccomp: Add SECCOMP_CLONE_FILTER operation

by Tom Hromatka

Add an operation, SECCOMP_CLONE_FILTER, that can copy the seccomp filters from another process to the current process. I roughly reproduced the Docker seccomp filter [1] and timed how long it takes to build it (via libseccomp) and attach it to a process. After 1000 runs, on average it took 3,740,000 TSC ticks (or ~1440 microseconds) on an AMD EPYC 9J14 running at 2596 MHz. The median build/load time was 3,715,000 TSC ticks. On the same system, I preloaded the above Docker seccomp filter onto a process. (Note that I opened a pidfd to the reference process and left the pidfd open for the entire run.) I then cloned the filter using the feature in this patch to 1000 new processes. On average, it took 9,300 TSC ticks (or ~3.6 microseconds) to copy the filter to the new processes. The median clone time was 9,048 TSC ticks. This is approximately a 400x performance improvement for those container managers that are using the exact same seccomp filter across all of their containers. [1] https://raw.githubusercontent.com/moby/moby/refs/heads/master/profiles/secc… Signed-off-by: Tom Hromatka <tom.hromatka(a)oracle.com> --- .../userspace-api/seccomp_filter.rst | 10 ++ include/uapi/linux/seccomp.h | 1 + kernel/seccomp.c | 48 ++++++ samples/seccomp/Makefile | 2 +- samples/seccomp/clone-filter.c | 143 ++++++++++++++++++ tools/include/uapi/linux/seccomp.h | 1 + tools/testing/selftests/seccomp/seccomp_bpf.c | 71 +++++++++ 7 files changed, 275 insertions(+), 1 deletion(-) create mode 100644 samples/seccomp/clone-filter.c diff --git a/Documentation/userspace-api/seccomp_filter.rst b/Documentation/userspace-api/seccomp_filter.rst index cff0fa7f3175..ef1797d093f6 100644 --- a/Documentation/userspace-api/seccomp_filter.rst +++ b/Documentation/userspace-api/seccomp_filter.rst @@ -289,6 +289,16 @@ above in this document: all arguments being read from the tracee's memory should be read into the tracer's memory before any policy decisions are made. This allows for an atomic decision on syscall arguments. +Cloning an Existing Seccomp Filter +================================== + +Constructing and loading a complex seccomp filter can often take a non-trivial +amount of time. If a user wants to use the same seccomp filter across more +than one process, it can be cloned to new processes via the +``SECCOMP_CLONE_FILTER`` operation. Note that the clone will only succeed if +the destination process does not have any seccomp filters already applied to +it. See ``samples/seccomp/clone-filter.c`` for an example. + Sysctls ======= diff --git a/include/uapi/linux/seccomp.h b/include/uapi/linux/seccomp.h index dbfc9b37fcae..b0917e333b4b 100644 --- a/include/uapi/linux/seccomp.h +++ b/include/uapi/linux/seccomp.h @@ -16,6 +16,7 @@ #define SECCOMP_SET_MODE_FILTER 1 #define SECCOMP_GET_ACTION_AVAIL 2 #define SECCOMP_GET_NOTIF_SIZES 3 +#define SECCOMP_CLONE_FILTER 4 /* Valid flags for SECCOMP_SET_MODE_FILTER */ #define SECCOMP_FILTER_FLAG_TSYNC (1UL << 0) diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 41aa761c7738..b726e0d6715d 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -2081,6 +2081,49 @@ static long seccomp_get_notif_sizes(void __user *usizes) return 0; } +static long seccomp_clone_filter(void __user *upidfd) +{ + struct task_struct *task; + unsigned int flags; + pid_t pidfd; + + if (!capable(CAP_SYS_ADMIN)) + return -EPERM; + + if (atomic_read(&current->seccomp.filter_count) > 0) + return -EINVAL; + + if (copy_from_user(&pidfd, upidfd, sizeof(pid_t))) + return -EFAULT; + + task = pidfd_get_task(pidfd, &flags); + if (IS_ERR(task)) + return -ESRCH; + + spin_lock_irq(&current->sighand->siglock); + spin_lock_irq(&task->sighand->siglock); + + if (atomic_read(&task->seccomp.filter_count) == 0) { + spin_unlock_irq(&task->sighand->siglock); + spin_unlock_irq(&current->sighand->siglock); + put_task_struct(task); + return -EINVAL; + } + + get_seccomp_filter(task); + current->seccomp = task->seccomp; + + spin_unlock_irq(&task->sighand->siglock); + + set_task_syscall_work(current, SECCOMP); + + spin_unlock_irq(&current->sighand->siglock); + + put_task_struct(task); + + return 0; +} + /* Common entry point for both prctl and syscall. */ static long do_seccomp(unsigned int op, unsigned int flags, void __user *uargs) @@ -2102,6 +2145,11 @@ static long do_seccomp(unsigned int op, unsigned int flags, return -EINVAL; return seccomp_get_notif_sizes(uargs); + case SECCOMP_CLONE_FILTER: + if (flags != 0) + return -EINVAL; + + return seccomp_clone_filter(uargs); default: return -EINVAL; } diff --git a/samples/seccomp/Makefile b/samples/seccomp/Makefile index c85ae0ed8342..d38977f41b86 100644 --- a/samples/seccomp/Makefile +++ b/samples/seccomp/Makefile @@ -1,5 +1,5 @@ # SPDX-License-Identifier: GPL-2.0 -userprogs-always-y += bpf-fancy dropper bpf-direct user-trap +userprogs-always-y += bpf-fancy dropper bpf-direct user-trap clone-filter bpf-fancy-objs := bpf-fancy.o bpf-helper.o diff --git a/samples/seccomp/clone-filter.c b/samples/seccomp/clone-filter.c new file mode 100644 index 000000000000..d26e1375b9dc --- /dev/null +++ b/samples/seccomp/clone-filter.c @@ -0,0 +1,143 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Seccomp filter example for cloning a filter + * + * Copyright (c) 2025 Oracle and/or its affiliates. + * Author: Tom Hromatka <tom.hromatka(a)oracle.com> + * + * The code may be used by anyone for any purpose, + * and can serve as a starting point for developing + * applications that reuse the same seccomp filter + * across many processes. + */ +#include <linux/seccomp.h> +#include <linux/filter.h> +#include <sys/syscall.h> +#include <sys/wait.h> +#include <stdbool.h> +#include <signal.h> +#include <stddef.h> +#include <stdlib.h> +#include <unistd.h> +#include <stdio.h> +#include <errno.h> + +#define ARRAY_SIZE(x) (sizeof(x) / sizeof(*(x))) + +static int seccomp(unsigned int op, unsigned int flags, void *args) +{ + errno = 0; + return syscall(__NR_seccomp, op, flags, args); +} + +static int install_filter(void) +{ + struct sock_filter deny_filter[] = { + BPF_STMT(BPF_LD|BPF_W|BPF_ABS, + offsetof(struct seccomp_data, nr)), + BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_getppid, 0, 1), + BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ERRNO | ESRCH), + BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW), + }; + struct sock_fprog deny_prog = { + .len = (unsigned short)ARRAY_SIZE(deny_filter), + .filter = deny_filter, + }; + + return seccomp(SECCOMP_SET_MODE_FILTER, 0, &deny_prog); +} + +static int clone_filter(pid_t ref_pid) +{ + int ref_pidfd, ret; + + ref_pidfd = syscall(SYS_pidfd_open, ref_pid, 0); + if (ref_pidfd < 0) + return -errno; + + ret = seccomp(SECCOMP_CLONE_FILTER, 0, &ref_pidfd); + + close(ref_pidfd); + + return ret; +} + +static void do_ref_filter(void) +{ + int ret; + + ret = install_filter(); + if (ret) { + perror("Failed to install ref filter\n"); + exit(1); + } + + while (true) + sleep(1); +} + +static void do_child_process(pid_t ref_pid) +{ + pid_t res; + int ret; + + ret = clone_filter(ref_pid); + if (ret != 0) { + perror("Failed to clone filter. Installing filter from scratch\n"); + + ret = install_filter(); + if (ret != 0) { + perror("Filter install failed\n"); + exit(ret); + } + } + + res = syscall(__NR_getpid); + if (res < 0) { + perror("getpid() unexpectedly failed\n"); + exit(errno); + } + + res = syscall(__NR_getppid); + if (res > 0) { + perror("getppid() unexpectedly succeeded\n"); + exit(1); + } + + exit(0); +} + +int main(void) +{ + pid_t ref_pid = -1, child_pid = -1; + int ret, status; + + ref_pid = fork(); + if (ref_pid < 0) + exit(errno); + else if (ref_pid == 0) + do_ref_filter(); + + child_pid = fork(); + if (child_pid < 0) + goto out; + else if (child_pid == 0) + do_child_process(ref_pid); + + waitpid(child_pid, &status, 0); + if (WEXITSTATUS(status) != 0) { + perror("child process failed"); + ret = WEXITSTATUS(status); + goto out; + } + + ret = 0; + +out: + if (ref_pid != -1) + kill(ref_pid, SIGKILL); + if (child_pid != -1) + kill(child_pid, SIGKILL); + + exit(ret); +} diff --git a/tools/include/uapi/linux/seccomp.h b/tools/include/uapi/linux/seccomp.h index dbfc9b37fcae..b0917e333b4b 100644 --- a/tools/include/uapi/linux/seccomp.h +++ b/tools/include/uapi/linux/seccomp.h @@ -16,6 +16,7 @@ #define SECCOMP_SET_MODE_FILTER 1 #define SECCOMP_GET_ACTION_AVAIL 2 #define SECCOMP_GET_NOTIF_SIZES 3 +#define SECCOMP_CLONE_FILTER 4 /* Valid flags for SECCOMP_SET_MODE_FILTER */ #define SECCOMP_FILTER_FLAG_TSYNC (1UL << 0) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 61acbd45ffaa..df5e0f615da0 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -177,6 +177,10 @@ struct seccomp_data { #define SECCOMP_GET_NOTIF_SIZES 3 #endif +#ifndef SECCOMP_CLONE_FILTER +#define SECCOMP_CLONE_FILTER 4 +#endif + #ifndef SECCOMP_FILTER_FLAG_TSYNC #define SECCOMP_FILTER_FLAG_TSYNC (1UL << 0) #endif @@ -5090,6 +5094,73 @@ TEST_F(URETPROBE, uretprobe_default_block_with_uretprobe_syscall) ASSERT_EQ(0, run_probed_with_filter(&prog)); } +TEST(clone_filter) +{ + struct sock_filter deny_filter[] = { + BPF_STMT(BPF_LD|BPF_W|BPF_ABS, + offsetof(struct seccomp_data, nr)), + BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_getppid, 0, 1), + BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ERRNO | ESRCH), + BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW), + }; + struct sock_fprog deny_prog = { + .len = (unsigned short)ARRAY_SIZE(deny_filter), + .filter = deny_filter, + }; + struct timespec ts = { + .tv_sec = 0, + .tv_nsec = 100000000, + }; + + pid_t child_pid, self_pid, res; + int child_pidfd, ret; + + /* Only real root can copy a filter. */ + if (geteuid()) { + SKIP(return, "clone_filter requires real root"); + return; + } + + self_pid = getpid(); + + child_pid = fork(); + ASSERT_LE(0, child_pid); + + if (child_pid == 0) { + ASSERT_EQ(0, prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)); + ASSERT_EQ(0, prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &deny_prog)); + + while (true) + EXPECT_EQ(0, syscall(__NR_nanosleep, &ts, NULL)); + } + + /* wait for the child pid to create its seccomp filter */ + ASSERT_EQ(0, syscall(__NR_nanosleep, &ts, NULL)); + + child_pidfd = syscall(SYS_pidfd_open, child_pid, 0); + EXPECT_LE(0, child_pidfd); + + /* Invalid flag provided */ + ret = seccomp(SECCOMP_CLONE_FILTER, 1, &child_pidfd); + EXPECT_EQ(-1, ret); + EXPECT_EQ(errno, EINVAL); + + errno = 0; + ret = seccomp(SECCOMP_CLONE_FILTER, 0, &child_pidfd); + EXPECT_EQ(0, ret); + EXPECT_EQ(errno, 0); + + res = syscall(__NR_getppid); + EXPECT_EQ(res, -1); + EXPECT_EQ(errno, ESRCH); + + res = syscall(__NR_getpid); + EXPECT_EQ(res, self_pid); + + close(child_pidfd); + kill(child_pid, SIGKILL); +} + /* * TODO: * - expand NNP testing -- 2.47.3

1 week, 1 day

6
12
0 0

[PATCH net-next v2 0/2] net: selftest: Introduce netconsole torture test

by Breno Leitao

Create a netconsole test that puts a lot of pressure on the netconsole list manipulation. Do it by creating dynamic targets and deleting targets while messages are being sent. Also put interface down while the In order to do it, refactor create_dynamic_target(), so it can be used to create random targets in the torture test. Signed-off-by: Breno Leitao <leitao(a)debian.org> --- Changes in v2: - Reuse the netconsole creation from lib_netcons.sh. Thus, refactoring the create_dynamic_target() (Jakub) - Move the "wait" to after all the messages has been sent. - Link to v1: https://lore.kernel.org/r/20250902-netconsole_torture-v1-1-03c6066598e9@deb… --- Breno Leitao (2): selftest: netcons: refactor target creation selftest: netcons: create a torture test tools/testing/selftests/drivers/net/Makefile | 1 + .../selftests/drivers/net/lib/sh/lib_netcons.sh | 30 +++-- .../selftests/drivers/net/netcons_torture.sh | 127 +++++++++++++++++++++ 3 files changed, 147 insertions(+), 11 deletions(-) --- base-commit: 2fd4161d0d2547650d9559d57fc67b4e0a26a9e3 change-id: 20250902-netconsole_torture-8fc23f0aca99 Best regards, -- Breno Leitao <leitao(a)debian.org>

1 week, 1 day

3
5
0 0

[PATCH v20 0/8] fork: Support shadow stacks in clone3()

by Mark Brown

[ I think at this point everyone is OK with the ABI, and the x86 implementation has been tested so hopefully we are near to being able to get this merged? If there are any outstanding issues let me know and I can look at addressing them. The one possible issue I am aware of is that the RISC-V shadow stack support was briefly in -next but got dropped along with the general RISC-V issues during the last merge window, rebasing for that is still in progress. I guess ideally this could be applied on a branch and then pulled into the RISC-V tree? ] The kernel has recently added support for shadow stacks, currently x86 only using their CET feature but both arm64 and RISC-V have equivalent features (GCS and Zicfiss respectively), I am actively working on GCS[1]. With shadow stacks the hardware maintains an additional stack containing only the return addresses for branch instructions which is not generally writeable by userspace and ensures that any returns are to the recorded addresses. This provides some protection against ROP attacks and making it easier to collect call stacks. These shadow stacks are allocated in the address space of the userspace process. Our API for shadow stacks does not currently offer userspace any flexiblity for managing the allocation of shadow stacks for newly created threads, instead the kernel allocates a new shadow stack with the same size as the normal stack whenever a thread is created with the feature enabled. The stacks allocated in this way are freed by the kernel when the thread exits or shadow stacks are disabled for the thread. This lack of flexibility and control isn't ideal, in the vast majority of cases the shadow stack will be over allocated and the implicit allocation and deallocation is not consistent with other interfaces. As far as I can tell the interface is done in this manner mainly because the shadow stack patches were in development since before clone3() was implemented. Since clone3() is readily extensible let's add support for specifying a shadow stack when creating a new thread or process, keeping the current implicit allocation behaviour if one is not specified either with clone3() or through the use of clone(). The user must provide a shadow stack pointer, this must point to memory mapped for use as a shadow stackby map_shadow_stack() with an architecture specified shadow stack token at the top of the stack. Yuri Khrustalev has raised questions from the libc side regarding discoverability of extended clone3() structure sizes[2], this seems like a general issue with clone3(). There was a suggestion to add a hwcap on arm64 which isn't ideal but is doable there, though architecture specific mechanisms would also be needed for x86 (and RISC-V if it's support gets merged before this does). The idea has, however, had strong pushback from the architecture maintainers and it is possible to detect support for this in clone3() by attempting a call with a misaligned shadow stack pointer specified so no hwcap has been added. [1] https://lore.kernel.org/linux-arm-kernel/20241001-arm64-gcs-v13-0-222b78d87… [2] https://lore.kernel.org/r/aCs65ccRQtJBnZ_5@arm.com Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v20: - Comment fixes and clarifications in x86 arch_shstk_validate_clone() from Rick Edgecombe. - Spelling fix in documentation. - Link to v19: https://lore.kernel.org/r/20250819-clone3-shadow-stack-v19-0-bc957075479b@k… Changes in v19: - Rebase onto v6.17-rc1. - Link to v18: https://lore.kernel.org/r/20250702-clone3-shadow-stack-v18-0-7965d2b694db@k… Changes in v18: - Rebase onto v6.16-rc3. - Thanks to pointers from Yuri Khrustalev this version has been tested on x86 so I have removed the RFT tag. - Clarify clone3_shadow_stack_valid() comment about the Kconfig check. - Remove redundant GCSB DSYNCs in arm64 code. - Fix token validation on x86. - Link to v17: https://lore.kernel.org/r/20250609-clone3-shadow-stack-v17-0-8840ed97ff6f@k… Changes in v17: - Rebase onto v6.16-rc1. - Link to v16: https://lore.kernel.org/r/20250416-clone3-shadow-stack-v16-0-2ffc9ca3917b@k… Changes in v16: - Rebase onto v6.15-rc2. - Roll in fixes from x86 testing from Rick Edgecombe. - Rework so that the argument is shadow_stack_token. - Link to v15: https://lore.kernel.org/r/20250408-clone3-shadow-stack-v15-0-3fa245c6e3be@k… Changes in v15: - Rebase onto v6.15-rc1. - Link to v14: https://lore.kernel.org/r/20250206-clone3-shadow-stack-v14-0-805b53af73b9@k… Changes in v14: - Rebase onto v6.14-rc1. - Link to v13: https://lore.kernel.org/r/20241203-clone3-shadow-stack-v13-0-93b89a81a5ed@k… Changes in v13: - Rebase onto v6.13-rc1. - Link to v12: https://lore.kernel.org/r/20241031-clone3-shadow-stack-v12-0-7183eb8bee17@k… Changes in v12: - Add the regular prctl() to the userspace API document since arm64 support is queued in -next. - Link to v11: https://lore.kernel.org/r/20241005-clone3-shadow-stack-v11-0-2a6a2bd6d651@k… Changes in v11: - Rebase onto arm64 for-next/gcs, which is based on v6.12-rc1, and integrate arm64 support. - Rework the interface to specify a shadow stack pointer rather than a base and size like we do for the regular stack. - Link to v10: https://lore.kernel.org/r/20240821-clone3-shadow-stack-v10-0-06e8797b9445@k… Changes in v10: - Integrate fixes & improvements for the x86 implementation from Rick Edgecombe. - Require that the shadow stack be VM_WRITE. - Require that the shadow stack base and size be sizeof(void *) aligned. - Clean up trailing newline. - Link to v9: https://lore.kernel.org/r/20240819-clone3-shadow-stack-v9-0-962d74f99464@ke… Changes in v9: - Pull token validation earlier and report problems with an error return to parent rather than signal delivery to the child. - Verify that the top of the supplied shadow stack is VM_SHADOW_STACK. - Rework token validation to only do the page mapping once. - Drop no longer needed support for testing for signals in selftest. - Fix typo in comments. - Link to v8: https://lore.kernel.org/r/20240808-clone3-shadow-stack-v8-0-0acf37caf14c@ke… Changes in v8: - Fix token verification with user specified shadow stack. - Don't track user managed shadow stacks for child processes. - Link to v7: https://lore.kernel.org/r/20240731-clone3-shadow-stack-v7-0-a9532eebfb1d@ke… Changes in v7: - Rebase onto v6.11-rc1. - Typo fixes. - Link to v6: https://lore.kernel.org/r/20240623-clone3-shadow-stack-v6-0-9ee7783b1fb9@ke… Changes in v6: - Rebase onto v6.10-rc3. - Ensure we don't try to free the parent shadow stack in error paths of x86 arch code. - Spelling fixes in userspace API document. - Additional cleanups and improvements to the clone3() tests to support the shadow stack tests. - Link to v5: https://lore.kernel.org/r/20240203-clone3-shadow-stack-v5-0-322c69598e4b@ke… Changes in v5: - Rebase onto v6.8-rc2. - Rework ABI to have the user allocate the shadow stack memory with map_shadow_stack() and a token. - Force inlining of the x86 shadow stack enablement. - Move shadow stack enablement out into a shared header for reuse by other tests. - Link to v4: https://lore.kernel.org/r/20231128-clone3-shadow-stack-v4-0-8b28ffe4f676@ke… Changes in v4: - Formatting changes. - Use a define for minimum shadow stack size and move some basic validation to fork.c. - Link to v3: https://lore.kernel.org/r/20231120-clone3-shadow-stack-v3-0-a7b8ed3e2acc@ke… Changes in v3: - Rebase onto v6.7-rc2. - Remove stale shadow_stack in internal kargs. - If a shadow stack is specified unconditionally use it regardless of CLONE_ parameters. - Force enable shadow stacks in the selftest. - Update changelogs for RISC-V feature rename. - Link to v2: https://lore.kernel.org/r/20231114-clone3-shadow-stack-v2-0-b613f8681155@ke… Changes in v2: - Rebase onto v6.7-rc1. - Remove ability to provide preallocated shadow stack, just specify the desired size. - Link to v1: https://lore.kernel.org/r/20231023-clone3-shadow-stack-v1-0-d867d0b5d4d0@ke… --- Mark Brown (8): arm64/gcs: Return a success value from gcs_alloc_thread_stack() Documentation: userspace-api: Add shadow stack API documentation selftests: Provide helper header for shadow stack testing fork: Add shadow stack support to clone3() selftests/clone3: Remove redundant flushes of output streams selftests/clone3: Factor more of main loop into test_clone3() selftests/clone3: Allow tests to flag if -E2BIG is a valid error code selftests/clone3: Test shadow stack support Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/shadow_stack.rst | 44 +++++ arch/arm64/include/asm/gcs.h | 8 +- arch/arm64/kernel/process.c | 8 +- arch/arm64/mm/gcs.c | 55 +++++- arch/x86/include/asm/shstk.h | 11 +- arch/x86/kernel/process.c | 2 +- arch/x86/kernel/shstk.c | 53 ++++- include/asm-generic/cacheflush.h | 11 ++ include/linux/sched/task.h | 17 ++ include/uapi/linux/sched.h | 9 +- kernel/fork.c | 93 +++++++-- tools/testing/selftests/clone3/clone3.c | 226 ++++++++++++++++++---- tools/testing/selftests/clone3/clone3_selftests.h | 65 ++++++- tools/testing/selftests/ksft_shstk.h | 98 ++++++++++ 15 files changed, 620 insertions(+), 81 deletions(-) --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20231019-clone3-shadow-stack-15d40d2bf536 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 week, 1 day

5
16
0 0

[PATCH] selftests/futex: Fix -Wformat-security warnings in futex_priv_hash

by Sukrut Heroorkar

Fix several -Wformat-security warnings in futex_priv_hash by passing the test message strings as arguments to %s format specifiers in ksft_*() logging functions. This silences the warnings without changing the functional behavior of the test. Signed-off-by: Sukrut Heroorkar <hsukrut3(a)gmail.com> --- .../selftests/futex/functional/futex_priv_hash.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/futex/functional/futex_priv_hash.c b/tools/testing/selftests/futex/functional/futex_priv_hash.c index aea001ac4946..2627eeb1625f 100644 --- a/tools/testing/selftests/futex/functional/futex_priv_hash.c +++ b/tools/testing/selftests/futex/functional/futex_priv_hash.c @@ -193,10 +193,10 @@ int main(int argc, char *argv[]) futex_slots1 = futex_hash_slots_get(); if (futex_slots1 <= 0) { ksft_print_msg("Current hash buckets: %d\n", futex_slots1); - ksft_exit_fail_msg(test_msg_auto_create); + ksft_exit_fail_msg("%s", test_msg_auto_create); } - ksft_test_result_pass(test_msg_auto_create); + ksft_test_result_pass("%s", test_msg_auto_create); online_cpus = sysconf(_SC_NPROCESSORS_ONLN); ret = pthread_barrier_init(&barrier_main, NULL, MAX_THREADS + 1); @@ -237,11 +237,11 @@ int main(int argc, char *argv[]) } ksft_print_msg("Expected increase of hash buckets but got: %d -> %d\n", futex_slots1, futex_slotsn); - ksft_exit_fail_msg(test_msg_auto_inc); + ksft_exit_fail_msg("%s", test_msg_auto_inc); } - ksft_test_result_pass(test_msg_auto_inc); + ksft_test_result_pass("%s", test_msg_auto_inc); } else { - ksft_test_result_skip(test_msg_auto_inc); + ksft_test_result_skip("%s", test_msg_auto_inc); } ret = pthread_mutex_unlock(&global_lock); -- 2.43.0

1 week, 1 day

3
2
0 0

[PATCH bpf-next v2 0/3] Add overwrite mode for bpf ring buffer

by Xu Kuohai

When the bpf ring buffer is full, new events can not be recorded util the consumer consumes some events to free space. This may cause critical events to be discarded, such as in fault diagnostic, where recent events are more critical than older ones. So add ovewrite mode for bpf ring buffer. In this mode, the new event overwrites the oldest event when the buffer is full. v2: - remove libbpf changes (Andrii) - update overwrite benchmark v1: https://lore.kernel.org/bpf/20250804022101.2171981-1-xukuohai@huaweicloud.c… Xu Kuohai (3): bpf: Add overwrite mode for bpf ring buffer selftests/bpf: Add test for overwrite ring buffer selftests/bpf/benchs: Add producer and overwrite bench for ring buffer include/uapi/linux/bpf.h | 4 + kernel/bpf/ringbuf.c | 159 +++++++++++++++--- tools/include/uapi/linux/bpf.h | 4 + tools/testing/selftests/bpf/Makefile | 3 +- tools/testing/selftests/bpf/bench.c | 2 + .../selftests/bpf/benchs/bench_ringbufs.c | 95 ++++++++++- .../bpf/benchs/run_bench_ringbufs.sh | 4 + .../selftests/bpf/prog_tests/ringbuf.c | 74 ++++++++ .../selftests/bpf/progs/ringbuf_bench.c | 10 ++ .../bpf/progs/test_ringbuf_overwrite.c | 98 +++++++++++ 10 files changed, 418 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/test_ringbuf_overwrite.c -- 2.43.0

1 week, 1 day

1
3
0 0

[PATCH v4 0/4] procfs: make reference pidns more user-visible

by Aleksa Sarai

Ever since the introduction of pid namespaces, procfs has had very implicit behaviour surrounding them (the pidns used by a procfs mount is auto-selected based on the mounting process's active pidns, and the pidns itself is basically hidden once the mount has been constructed). /* pidns mount option for procfs */ This implicit behaviour has historically meant that userspace was required to do some special dances in order to configure the pidns of a procfs mount as desired. Examples include: * In order to bypass the mnt_too_revealing() check, Kubernetes creates a procfs mount from an empty pidns so that user namespaced containers can be nested (without this, the nested containers would fail to mount procfs). But this requires forking off a helper process because you cannot just one-shot this using mount(2). * Container runtimes in general need to fork into a container before configuring its mounts, which can lead to security issues in the case of shared-pidns containers (a privileged process in the pidns can interact with your container runtime process). While SUID_DUMP_DISABLE and user namespaces make this less of an issue, the strict need for this due to a minor uAPI wart is kind of unfortunate. Things would be much easier if there was a way for userspace to just specify the pidns they want. Patch 1 implements a new "pidns" argument which can be set using fsconfig(2): fsconfig(procfd, FSCONFIG_SET_FD, "pidns", NULL, nsfd); fsconfig(procfd, FSCONFIG_SET_STRING, "pidns", "/proc/self/ns/pid", 0); or classic mount(2) / mount(8): // mount -t proc -o pidns=/proc/self/ns/pid proc /tmp/proc mount("proc", "/tmp/proc", "proc", MS_..., "pidns=/proc/self/ns/pid"); The initial security model I have in this RFC is to be as conservative as possible and just mirror the security model for setns(2) -- which means that you can only set pidns=... to pid namespaces that your current pid namespace is a direct ancestor of and you have CAP_SYS_ADMIN privileges over the pid namespace. This fulfils the requirements of container runtimes, but I suspect that this may be too strict for some usecases. The pidns argument is not displayed in mountinfo -- it's not clear to me what value it would make sense to show (maybe we could just use ns_dname to provide an identifier for the namespace, but this number would be fairly useless to userspace). I'm open to suggestions. Note that PROCFS_GET_PID_NAMESPACE (see below) does at least let userspace get information about this outside of mountinfo. Note that you cannot change the pidns of an already-created procfs instance. The primary reason is that allowing this to be changed would require RCU-protecting proc_pid_ns(sb) and thus auditing all of fs/proc/* and some of the users in fs/* to make sure they wouldn't UAF the pid namespace. Since creating procfs instances is very cheap, it seems unnecessary to overcomplicate this upfront. Trying to reconfigure procfs this way errors out with -EBUSY. /* ioctl(PROCFS_GET_PID_NAMESPACE) */ In addition, being able to figure out what pid namespace is being used by a procfs mount is quite useful when you have an administrative process (such as a container runtime) which wants to figure out the correct way of mapping PIDs between its own namespace and the namespace for procfs (using NS_GET_{PID,TGID}_{IN,FROM}_PIDNS). There are alternative ways to do this, but they all rely on ancillary information that third-party libraries and tools do not necessarily have access to. To make this easier, add a new ioctl (PROCFS_GET_PID_NAMESPACE) which can be used to get a reference to the pidns that a procfs is using. Rather than copying the (fairly strict) security model for setns(2), apply a slightly looser model to better match what userspace can already do: * Make the ioctl only valid on the root (meaning that a process without access to the procfs root -- such as only having an fd to a procfs file or some open_tree(2)-like subset -- cannot use this API). This means that the process already has some level of access to the /proc/$pid directories. * If the calling process is in an ancestor pidns, then they can already create pidfd for processes inside the pidns, which is morally equivalent to a pidns file descriptor according to setns(2). So it seems reasonable to just allow it in this case. (The justification for this model was suggested by Christian.) * If the process has access to /proc/1/ns/pid already (i.e. has ptrace-read access to the pidns pid1), then this ioctl is equivalent to just opening a handle to it that way. Ideally we would check for ptrace-read access against all processes in the pidns (which is very likely to be true for at least one process, as SUID_DUMP_DISABLE is cleared on exec(2) and is rarely set by most programs), but this would obviously not scale. I'm open to suggestions for whether we need to make this stricter (or possibly allow more cases). Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com> --- Changes in v4: - Remove unneeded EXPORT_SYMBOL_GPL. [Christian Brauner] - Return -EOPNOTSUPP for new APIs for CONFIG_PID_NS=n rather than pretending they don't exist entirely. [Christian Brauner] - PROCFS_IOCTL_MAGIC conflicts with XSDFEC_MAGIC, so we need to allocate subvalues more carefully (switch to _IO(PROCFS_IOCTL_MAGIC, 32)). - Add some more selftests for PROCFS_GET_PID_NAMESPACE. - Reword argument for PROCFS_GET_PID_NAMESPACE security model based on Christian's suggestion, and remove CAP_SYS_ADMIN edge-case (in most cases, such a process would also have ptrace-read credentials over the pidns pid1). - v3: <https://lore.kernel.org/r/20250724-procfs-pidns-api-v3-0-4c685c910923@cypha…> Changes in v3: - Disallow changing pidns for existing procfs instances, as we'd probably have to RCU-protect everything that touches the pinned pidns reference. - Improve tests with slightly nicer ASSERT_ERRNO* macros. - v2: <https://lore.kernel.org/r/20250723-procfs-pidns-api-v2-0-621e7edd8e40@cypha…> Changes in v2: - #ifdef CONFIG_PID_NS - Improve cover letter wording to make it clear we're talking about two separate features with different permission models. [Andy Lutomirski] - Fix build warnings in pidns_is_ancestor() patch. [kernel test robot] - v1: <https://lore.kernel.org/r/20250721-procfs-pidns-api-v1-0-5cd9007e512d@cypha…> --- Aleksa Sarai (4): pidns: move is-ancestor logic to helper procfs: add "pidns" mount option procfs: add PROCFS_GET_PID_NAMESPACE ioctl selftests/proc: add tests for new pidns APIs Documentation/filesystems/proc.rst | 12 ++ fs/proc/root.c | 166 +++++++++++++++- include/linux/pid_namespace.h | 9 + include/uapi/linux/fs.h | 4 + kernel/pid_namespace.c | 22 ++- tools/testing/selftests/proc/.gitignore | 1 + tools/testing/selftests/proc/Makefile | 1 + tools/testing/selftests/proc/proc-pidns.c | 315 ++++++++++++++++++++++++++++++ 8 files changed, 514 insertions(+), 16 deletions(-) --- base-commit: 66639db858112bf6b0f76677f7517643d586e575 change-id: 20250717-procfs-pidns-api-8ed1583431f0 Best regards, -- Aleksa Sarai <cyphar(a)cyphar.com>

1 week, 1 day

4
18
0 0

[PATCH] selftests/mm: refactore split_huge_page_test with kselftest_harness

by Wei Yang

Refactor split_huge_page_test with kselftest_harness, since there is a magic counting about valid tests. The idea is simple: For standalone test, put it into TEST(). For tests iterating order/offset, define fixture and variant with order and offset. And skip it if order/offset is not valid. No functional change is expected. Signed-off-by: Wei Yang <richard.weiyang(a)gmail.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: Donet Tom <donettom(a)linux.ibm.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> --- .../selftests/mm/split_huge_page_test.c | 308 ++++++++++++++---- 1 file changed, 238 insertions(+), 70 deletions(-) diff --git a/tools/testing/selftests/mm/split_huge_page_test.c b/tools/testing/selftests/mm/split_huge_page_test.c index 7731191cc8e9..2376c3530b26 100644 --- a/tools/testing/selftests/mm/split_huge_page_test.c +++ b/tools/testing/selftests/mm/split_huge_page_test.c @@ -20,14 +20,16 @@ #include <stdbool.h> #include <time.h> #include "vm_util.h" -#include "../kselftest.h" +#include "../kselftest_harness.h" uint64_t pagesize; -unsigned int pageshift; uint64_t pmd_pagesize; unsigned int pmd_order; int *expected_orders; +char *optional_xfs_path; +char fs_loc_template[] = "/tmp/thp_fs_XXXXXX"; + #define SPLIT_DEBUGFS "/sys/kernel/debug/split_huge_pages" #define SMAP_PATH "/proc/self/smaps" #define INPUT_MAX 80 @@ -41,6 +43,20 @@ const char *kpageflags_proc = "/proc/kpageflags"; int pagemap_fd; int kpageflags_fd; +#define ADD_VARIANT_ORDER(fixture_name, ord) \ + FIXTURE_VARIANT_ADD(fixture_name, order_##ord) \ + { \ + .order = ord, \ + } + +#define ADD_VARIANT_ORDER_OFFSET(fixture_name, ord, stp) \ + FIXTURE_VARIANT_ADD(fixture_name, order_##ord##_stp_##stp) \ + { \ + .order = ord, \ + .step = stp, \ + } + + static bool is_backed_by_folio(char *vaddr, int order, int pagemap_fd, int kpageflags_fd) { @@ -255,6 +271,26 @@ static int check_after_split_folio_orders(char *vaddr_start, size_t len, return status; } +void prepare_proc_fd(void) +{ + pagemap_fd = open(pagemap_proc, O_RDONLY); + if (pagemap_fd == -1) + ksft_exit_fail_msg("read pagemap: %s\n", strerror(errno)); + + kpageflags_fd = open(kpageflags_proc, O_RDONLY); + if (kpageflags_fd == -1) + ksft_exit_fail_msg("read kpageflags: %s\n", strerror(errno)); +} + +void cleanup_proc_fd(void) +{ + if (pagemap_fd != -1) + close(pagemap_fd); + + if (kpageflags_fd != -1) + close(kpageflags_fd); +} + static void write_file(const char *path, const char *buf, size_t buflen) { int fd; @@ -292,10 +328,8 @@ static char *allocate_zero_filled_hugepage(size_t len) size_t i; result = memalign(pmd_pagesize, len); - if (!result) { - printf("Fail to allocate memory\n"); - exit(EXIT_FAILURE); - } + if (!result) + ksft_exit_fail_msg("Fail to allocate memory: %s\n", strerror(errno)); madvise(result, len, MADV_HUGEPAGE); @@ -334,16 +368,19 @@ static void verify_rss_anon_split_huge_page_all_zeroes(char *one_page, int nr_hp rss_anon_before, rss_anon_after); } -static void split_pmd_zero_pages(void) +TEST(split_pmd_zero_pages) { char *one_page; int nr_hpages = 4; size_t len = nr_hpages * pmd_pagesize; + prepare_proc_fd(); + one_page = allocate_zero_filled_hugepage(len); verify_rss_anon_split_huge_page_all_zeroes(one_page, nr_hpages, len); - ksft_test_result_pass("Split zero filled huge pages successful\n"); free(one_page); + + cleanup_proc_fd(); } static void split_pmd_thp_to_order(int order) @@ -383,11 +420,10 @@ static void split_pmd_thp_to_order(int order) if (!check_huge_anon(one_page, 0, pmd_pagesize)) ksft_exit_fail_msg("Still AnonHugePages not split\n"); - ksft_test_result_pass("Split huge pages to order %d successful\n", order); free(one_page); } -static void split_pte_mapped_thp(void) +TEST(split_pte_mapped_thp) { const size_t nr_thps = 4; const size_t thp_area_size = nr_thps * pmd_pagesize; @@ -395,6 +431,8 @@ static void split_pte_mapped_thp(void) char *thp_area, *tmp, *page_area = MAP_FAILED; size_t i; + prepare_proc_fd(); + thp_area = mmap((void *)(1UL << 30), thp_area_size, PROT_READ | PROT_WRITE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); if (thp_area == MAP_FAILED) { @@ -470,14 +508,43 @@ static void split_pte_mapped_thp(void) ksft_test_result_fail("THP %zu not split\n", i); } - ksft_test_result_pass("Split PTE-mapped huge pages successful\n"); out: munmap(thp_area, thp_area_size); if (page_area != MAP_FAILED) munmap(page_area, page_area_size); + cleanup_proc_fd(); +} + +FIXTURE(split_file_backed_thp) { +}; + +FIXTURE_VARIANT(split_file_backed_thp) { + int order; +}; + +FIXTURE_SETUP(split_file_backed_thp) +{ + if (variant->order >= pmd_order) + SKIP(return, "order %d is not supported", variant->order); + prepare_proc_fd(); +} + +FIXTURE_TEARDOWN(split_file_backed_thp) +{ + cleanup_proc_fd(); } -static void split_file_backed_thp(int order) +ADD_VARIANT_ORDER(split_file_backed_thp, 0); +ADD_VARIANT_ORDER(split_file_backed_thp, 1); +ADD_VARIANT_ORDER(split_file_backed_thp, 2); +ADD_VARIANT_ORDER(split_file_backed_thp, 3); +ADD_VARIANT_ORDER(split_file_backed_thp, 4); +ADD_VARIANT_ORDER(split_file_backed_thp, 5); +ADD_VARIANT_ORDER(split_file_backed_thp, 6); +ADD_VARIANT_ORDER(split_file_backed_thp, 7); +ADD_VARIANT_ORDER(split_file_backed_thp, 8); + +TEST_F(split_file_backed_thp, orders) { int status; int fd; @@ -487,7 +554,7 @@ static void split_file_backed_thp(int order) ssize_t num_written, num_read; char *file_buf1, *file_buf2; uint64_t pgoff_start = 0, pgoff_end = 1024; - int i; + int i, order = variant->order; ksft_print_msg("Please enable pr_debug in split_huge_pages_in_file() for more info.\n"); @@ -567,7 +634,6 @@ static void split_file_backed_thp(int order) ksft_exit_fail_msg("cannot remove tmp dir: %s\n", strerror(errno)); ksft_print_msg("Please check dmesg for more information\n"); - ksft_test_result_pass("File-backed THP split to order %d test done\n", order); return; close_file: @@ -579,6 +645,45 @@ static void split_file_backed_thp(int order) ksft_exit_fail_msg("Error occurred\n"); } +FIXTURE(split_pmd_thp_to_order) { +}; + +FIXTURE_VARIANT(split_pmd_thp_to_order) { + int order; +}; + +FIXTURE_SETUP(split_pmd_thp_to_order) +{ + if (variant->order >= pmd_order) + SKIP(return, "order %d is not supported", variant->order); + + expected_orders = (int *)malloc(sizeof(int) * (pmd_order + 1)); + if (!expected_orders) + ksft_exit_fail_msg("Fail to allocate memory: %s\n", strerror(errno)); + + prepare_proc_fd(); +} + +FIXTURE_TEARDOWN(split_pmd_thp_to_order) +{ + free(expected_orders); + cleanup_proc_fd(); +} + +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 0); +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 2); +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 3); +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 4); +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 5); +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 6); +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 7); +ADD_VARIANT_ORDER(split_pmd_thp_to_order, 8); + +TEST_F(split_pmd_thp_to_order, order) +{ + split_pmd_thp_to_order(variant->order); +} + static bool prepare_thp_fs(const char *xfs_path, char *thp_fs_template, const char **thp_fs_loc) { @@ -757,81 +862,144 @@ static void split_thp_in_pagecache_to_order_at(size_t fd_size, } } -int main(int argc, char **argv) -{ - int i; - size_t fd_size; - char *optional_xfs_path = NULL; - char fs_loc_template[] = "/tmp/thp_fs_XXXXXX"; +FIXTURE(split_thp_in_pagecache_to_order) { + bool created_tmp; const char *fs_loc; +}; + +FIXTURE_VARIANT(split_thp_in_pagecache_to_order) { + int order; +}; + +FIXTURE_SETUP(split_thp_in_pagecache_to_order) +{ + /* limit order to less than pmd_order */ + if (variant->order >= pmd_order) + SKIP(return, "order %d is not supported", variant->order); + expected_orders = (int *)malloc(sizeof(int) * (pmd_order + 1)); + if (!expected_orders) + ksft_exit_fail_msg("Fail to allocate memory: %s\n", strerror(errno)); + + self->created_tmp = prepare_thp_fs(optional_xfs_path, fs_loc_template, + &self->fs_loc); + prepare_proc_fd(); +} + +FIXTURE_TEARDOWN(split_thp_in_pagecache_to_order) +{ + cleanup_proc_fd(); + cleanup_thp_fs(self->fs_loc, self->created_tmp); + free(expected_orders); +} + +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 8); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 7); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 6); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 5); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 4); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 3); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 2); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 1); +ADD_VARIANT_ORDER(split_thp_in_pagecache_to_order, 0); + +TEST_F(split_thp_in_pagecache_to_order, order) +{ + size_t fd_size = 2 * pmd_pagesize; + + split_thp_in_pagecache_to_order_at(fd_size, self->fs_loc, variant->order, -1); +} + +FIXTURE(split_thp_in_pagecache_to_order_offset) { bool created_tmp; + const char *fs_loc; int offset; - unsigned int nr_pages; - unsigned int tests; +}; - ksft_print_header(); +FIXTURE_VARIANT(split_thp_in_pagecache_to_order_offset) { + int order; + int step; +}; - if (geteuid() != 0) { - ksft_print_msg("Please run the benchmark as root\n"); - ksft_finished(); - } - - if (argc > 1) - optional_xfs_path = argv[1]; +FIXTURE_SETUP(split_thp_in_pagecache_to_order_offset) +{ + int nr_pages = pmd_pagesize / pagesize; + int offset = variant->step * MAX(nr_pages / 4, 1 << variant->order); - pagesize = getpagesize(); - pageshift = ffs(pagesize) - 1; - pmd_pagesize = read_pmd_pagesize(); - if (!pmd_pagesize) - ksft_exit_fail_msg("Reading PMD pagesize failed\n"); + /* limit order to less than pmd_order */ + if (variant->order >= pmd_order) + SKIP(return, "order %d is not supported", variant->order); - nr_pages = pmd_pagesize / pagesize; - pmd_order = sz2ord(pmd_pagesize, pagesize); + if (offset < nr_pages) + self->offset = offset; + else + SKIP(return, "offset out of thp range"); expected_orders = (int *)malloc(sizeof(int) * (pmd_order + 1)); if (!expected_orders) ksft_exit_fail_msg("Fail to allocate memory: %s\n", strerror(errno)); - tests = 2 + (pmd_order - 1) + (2 * pmd_order) + (pmd_order - 1) * 4 + 2; - ksft_set_plan(tests); - - pagemap_fd = open(pagemap_proc, O_RDONLY); - if (pagemap_fd == -1) - ksft_exit_fail_msg("read pagemap: %s\n", strerror(errno)); - - kpageflags_fd = open(kpageflags_proc, O_RDONLY); - if (kpageflags_fd == -1) - ksft_exit_fail_msg("read kpageflags: %s\n", strerror(errno)); + self->created_tmp = prepare_thp_fs(optional_xfs_path, fs_loc_template, + &self->fs_loc); + prepare_proc_fd(); +} - fd_size = 2 * pmd_pagesize; +FIXTURE_TEARDOWN(split_thp_in_pagecache_to_order_offset) +{ + cleanup_proc_fd(); + cleanup_thp_fs(self->fs_loc, self->created_tmp); + free(expected_orders); +} - split_pmd_zero_pages(); +#define SPLIT_IN_PAGECACHE_ORDER_OFFSETS(ord) \ + ADD_VARIANT_ORDER_OFFSET(split_thp_in_pagecache_to_order_offset, ord, 0);\ + ADD_VARIANT_ORDER_OFFSET(split_thp_in_pagecache_to_order_offset, ord, 1);\ + ADD_VARIANT_ORDER_OFFSET(split_thp_in_pagecache_to_order_offset, ord, 2);\ + ADD_VARIANT_ORDER_OFFSET(split_thp_in_pagecache_to_order_offset, ord, 3)\ + +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(0); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(1); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(2); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(3); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(4); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(5); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(6); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(7); +SPLIT_IN_PAGECACHE_ORDER_OFFSETS(8); + +TEST_F(split_thp_in_pagecache_to_order_offset, order_offset) +{ + size_t fd_size = 2 * pmd_pagesize; - for (i = 0; i < pmd_order; i++) - if (i != 1) - split_pmd_thp_to_order(i); + split_thp_in_pagecache_to_order_at(fd_size, self->fs_loc, + variant->order, self->offset); +} - split_pte_mapped_thp(); - for (i = 0; i < pmd_order; i++) - split_file_backed_thp(i); +int main(int argc, char **argv) +{ + int i; - created_tmp = prepare_thp_fs(optional_xfs_path, fs_loc_template, - &fs_loc); - for (i = pmd_order - 1; i >= 0; i--) - split_thp_in_pagecache_to_order_at(fd_size, fs_loc, i, -1); + if (geteuid() != 0) { + ksft_print_msg("Please run the benchmark as root\n"); + ksft_finished(); + } - for (i = 0; i < pmd_order; i++) - for (offset = 0; - offset < nr_pages; - offset += MAX(nr_pages / 4, 1 << i)) - split_thp_in_pagecache_to_order_at(fd_size, fs_loc, i, offset); - cleanup_thp_fs(fs_loc, created_tmp); + for (i = 1; i < argc; i++) { + /* only one parameter supported */ + if (*argv[i] != '-') { + optional_xfs_path = argv[i]; + break; + } - close(pagemap_fd); - close(kpageflags_fd); - free(expected_orders); + /* option -l/-h has no parameter */ + if (*(argv[i] + 1) != 'l' && *(argv[i] + 1) != 'h') + i++; + } - ksft_finished(); + pagesize = getpagesize(); + pmd_pagesize = read_pmd_pagesize(); + if (!pmd_pagesize) + ksft_exit_fail_msg("Reading PMD pagesize failed\n"); + pmd_order = sz2ord(pmd_pagesize, pagesize); - return 0; + return test_harness_run(argc, argv); } -- 2.34.1

1 week, 1 day

3
4
0 0

next-20250905: x86_64: udpgso_bench.sh triggers NULL deref in zerocopy_fill_skb_from_iter

by Naresh Kamboju

The following kernel crash was noticed on x86_64 running selftests net udpgso_bench.sh on Linux next-20250905 tag. Regression Analysis: - New regression? yes - Reproducibility? Re-validation is in progress First seen on next-20250905 Bad: next-20250905 Good: next-20250904 Test regression: next-20250905 x86_64 selftests net BUG kernel NULL pointer dereference zerocopy_fill_skb_from_iter Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> x86_64: Test: * selftests: net: udpgso_bench.sh Test error: selftests: net: udpgso_bench.sh ipv4 tcp <trim> # tcp zerocopy [ 991.110488] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=64835 comm=ss # RTNETLINK answers: Invalid argument [ 991.129878] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 991.136850] #PF: supervisor read access in kernel mode [ 991.141986] #PF: error_code(0x0000) - not-present page [ 991.147118] PGD 0 P4D 0 [ 991.149657] Oops: Oops: 0000 [#1] SMP PTI [ 991.153661] CPU: 0 UID: 0 PID: 64842 Comm: udpgso_bench_tx Tainted: G S 6.17.0-rc4-next-20250905 #1 PREEMPT(voluntary) [ 991.165907] Tainted: [S]=CPU_OUT_OF_SPEC [ 991.169825] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 991.177209] RIP: 0010:zerocopy_fill_skb_from_iter (include/linux/page-flags.h:284) [ 991.182954] Code: 4d 85 c0 0f 84 04 01 00 00 44 39 c7 41 0f 4d f8 4c 63 de 4a 8b 54 dc 30 49 89 d6 4d 29 ce 49 c1 fe 06 49 d3 ee 4d 85 f6 74 24 <48> 8b 4a 08 f6 c1 01 0f 85 cb 00 00 00 0f 1f 44 00 00 31 c9 48 f7 All code ======== 0: 4d 85 c0 test %r8,%r8 3: 0f 84 04 01 00 00 je 0x10d 9: 44 39 c7 cmp %r8d,%edi c: 41 0f 4d f8 cmovge %r8d,%edi 10: 4c 63 de movslq %esi,%r11 13: 4a 8b 54 dc 30 mov 0x30(%rsp,%r11,8),%rdx 18: 49 89 d6 mov %rdx,%r14 1b: 4d 29 ce sub %r9,%r14 1e: 49 c1 fe 06 sar $0x6,%r14 22: 49 d3 ee shr %cl,%r14 25: 4d 85 f6 test %r14,%r14 28: 74 24 je 0x4e 2a:* 48 8b 4a 08 mov 0x8(%rdx),%rcx <-- trapping instruction 2e: f6 c1 01 test $0x1,%cl 31: 0f 85 cb 00 00 00 jne 0x102 37: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 3c: 31 c9 xor %ecx,%ecx 3e: 48 rex.W 3f: f7 .byte 0xf7 Code starting with the faulting instruction =========================================== 0: 48 8b 4a 08 mov 0x8(%rdx),%rcx 4: f6 c1 01 test $0x1,%cl 7: 0f 85 cb 00 00 00 jne 0xd8 d: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 12: 31 c9 xor %ecx,%ecx 14: 48 rex.W 15: f7 .byte 0xf7 [ 991.201691] RSP: 0018:ffffb11281d0ba90 EFLAGS: 00010202 [ 991.206910] RAX: ffffe14ec4208000 RBX: 0000000000005000 RCX: 0000000000000009 [ 991.214033] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000001000 [ 991.221156] RBP: ffffb11281d0bb88 R08: 00000000000020ff R09: ffffe14ec4208000 [ 991.228280] R10: 0000000000000005 R11: 0000000000000006 R12: ffff96b4825f4200 [ 991.235406] R13: 0000000000000001 R14: 000000003d6277bf R15: 0000000000000000 [ 991.242529] FS: 00007f41e80b9740(0000) GS:ffff96b83bc1b000(0000) knlGS:0000000000000000 [ 991.250608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 991.256378] CR2: 0000000000000008 CR3: 0000000106c42003 CR4: 00000000003706f0 [ 991.263513] Call Trace: [ 991.265956] <TASK> [ 991.268055] __zerocopy_sg_from_iter (net/core/datagram.c:?) [ 991.272674] ? kmalloc_reserve (net/core/skbuff.c:581) [ 991.276599] skb_zerocopy_iter_stream (net/core/skbuff.c:1867) [ 991.281219] tcp_sendmsg_locked (net/ipv4/tcp.c:1283) [ 991.285493] tcp_sendmsg (net/ipv4/tcp.c:1393) [ 991.288896] inet6_sendmsg (net/ipv6/af_inet6.c:661) [ 991.292466] __sock_sendmsg (net/socket.c:717) [ 991.296126] __sys_sendto (net/socket.c:?) [ 991.299785] __x64_sys_sendto (net/socket.c:2235 net/socket.c:2231 net/socket.c:2231) [ 991.303622] x64_sys_call (arch/x86/entry/syscall_64.c:41) [ 991.307462] do_syscall_64 (arch/x86/entry/syscall_64.c:?) [ 991.311128] ? irqentry_exit (kernel/entry/common.c:210) [ 991.314881] ? exc_page_fault (arch/x86/mm/fault.c:1536) [ 991.318720] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 991.323762] RIP: 0033:0x7f41e814b687 [ 991.327352] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff All code ======== 0: 48 89 fa mov %rdi,%rdx 3: 4c 89 df mov %r11,%rdi 6: e8 58 b3 00 00 call 0xb363 b: 8b 93 08 03 00 00 mov 0x308(%rbx),%edx 11: 59 pop %rcx 12: 5e pop %rsi 13: 48 83 f8 fc cmp $0xfffffffffffffffc,%rax 17: 74 1a je 0x33 19: 5b pop %rbx 1a: c3 ret 1b: 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1) 22: 00 23: 48 8b 44 24 10 mov 0x10(%rsp),%rax 28: 0f 05 syscall 2a:* 5b pop %rbx <-- trapping instruction 2b: c3 ret 2c: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 33: 83 e2 39 and $0x39,%edx 36: 83 fa 08 cmp $0x8,%edx 39: 75 de jne 0x19 3b: e8 23 ff ff ff call 0xffffffffffffff63 Code starting with the faulting instruction =========================================== 0: 5b pop %rbx 1: c3 ret 2: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 9: 83 e2 39 and $0x39,%edx c: 83 fa 08 cmp $0x8,%edx f: 75 de jne 0xffffffffffffffef 11: e8 23 ff ff ff call 0xffffffffffffff39 [ 991.346124] RSP: 002b:00007ffdd843ba50 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 991.353680] RAX: ffffffffffffffda RBX: 00007f41e80b9740 RCX: 00007f41e814b687 [ 991.360806] RDX: 000000000000f180 RSI: 000056251f1fd100 RDI: 0000000000000005 [ 991.367931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 991.375063] R10: 0000000004000000 R11: 0000000000000202 R12: 0000000000000000 [ 991.382193] R13: 000056251f1fb080 R14: 000001a670e438d8 R15: 0000000000000005 [ 991.389357] </TASK> [ 991.391571] Modules linked in: mptcp_diag tcp_diag inet_diag xt_conntrack xfrm_user ipip bridge stp llc geneve vxlan act_csum act_pedit openvswitch nsh nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 psample cls_flower sch_prio xt_mark nft_compat nf_tables sch_ingress act_mirred cls_basic sch_fq_codel vrf pktgen macvtap macvlan tap x86_pkg_temp_thermal ip_tables x_tables [last unloaded: test_bpf] [ 991.426812] CR2: 0000000000000008 [ 991.430121] ---[ end trace 0000000000000000 ]--- [ 991.434733] RIP: 0010:zerocopy_fill_skb_from_iter (include/linux/page-flags.h:284) [ 991.440477] Code: 4d 85 c0 0f 84 04 01 00 00 44 39 c7 41 0f 4d f8 4c 63 de 4a 8b 54 dc 30 49 89 d6 4d 29 ce 49 c1 fe 06 49 d3 ee 4d 85 f6 74 24 <48> 8b 4a 08 f6 c1 01 0f 85 cb 00 00 00 0f 1f 44 00 00 31 c9 48 f7 All code ======== 0: 4d 85 c0 test %r8,%r8 3: 0f 84 04 01 00 00 je 0x10d 9: 44 39 c7 cmp %r8d,%edi c: 41 0f 4d f8 cmovge %r8d,%edi 10: 4c 63 de movslq %esi,%r11 13: 4a 8b 54 dc 30 mov 0x30(%rsp,%r11,8),%rdx 18: 49 89 d6 mov %rdx,%r14 1b: 4d 29 ce sub %r9,%r14 1e: 49 c1 fe 06 sar $0x6,%r14 22: 49 d3 ee shr %cl,%r14 25: 4d 85 f6 test %r14,%r14 28: 74 24 je 0x4e 2a:* 48 8b 4a 08 mov 0x8(%rdx),%rcx <-- trapping instruction 2e: f6 c1 01 test $0x1,%cl 31: 0f 85 cb 00 00 00 jne 0x102 37: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 3c: 31 c9 xor %ecx,%ecx 3e: 48 rex.W 3f: f7 .byte 0xf7 Code starting with the faulting instruction =========================================== 0: 48 8b 4a 08 mov 0x8(%rdx),%rcx 4: f6 c1 01 test $0x1,%cl 7: 0f 85 cb 00 00 00 jne 0xd8 d: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 12: 31 c9 xor %ecx,%ecx 14: 48 rex.W 15: f7 .byte 0xf7 [ 991.459215] RSP: 0018:ffffb11281d0ba90 EFLAGS: 00010202 [ 991.464434] RAX: ffffe14ec4208000 RBX: 0000000000005000 RCX: 0000000000000009 [ 991.471557] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000001000 [ 991.478681] RBP: ffffb11281d0bb88 R08: 00000000000020ff R09: ffffe14ec4208000 [ 991.485807] R10: 0000000000000005 R11: 0000000000000006 R12: ffff96b4825f4200 [ 991.492930] R13: 0000000000000001 R14: 000000003d6277bf R15: 0000000000000000 [ 991.500054] FS: 00007f41e80b9740(0000) GS:ffff96b83bc1b000(0000) knlGS:0000000000000000 [ 991.508132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 991.513870] CR2: 0000000000000008 CR3: 0000000106c42003 CR4: 00000000003706f0 [ 991.520994] note: udpgso_bench_tx[64842] exited with irqs disabled ## Source * Kernel version: 6.17.0-rc4 * Git tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/next/linux-next.git * Git describe: next-20250905 * Git commit: be5d4872e528796df9d7425f2bd9b3893eb3a42c * Architectures: x86_64 * Toolchains: clang-nightly * Kconfigs: defconfig+selftests/*/config ## Build * Test log: https://qa-reports.linaro.org/api/testruns/29777495/log_file/ * LAVA test log: https://lkft.validation.linaro.org/scheduler/job/8434053#L16943 * Test details: https://regressions.linaro.org/lkft/linux-next-master/next-20250905/log-par… * Test plan: https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/32GkXBGNRN… * Build link: https://storage.tuxsuite.com/public/linaro/lkft/builds/32GkU7mdlpISpPeeeEwI… * Kernel config: https://storage.tuxsuite.com/public/linaro/lkft/builds/32GkU7mdlpISpPeeeEwI… -- Linaro LKFT https://lkft.linaro.org

1 week, 1 day

3
4
0 0

[PATCH] kunit: print a message before triggering a NULL dereference

by Dan Carpenter

Print a message so that people reading dmesg know that these NULL dereferences are not a bug, but instead a deliberate part of the testing. Signed-off-by: Dan Carpenter <dan.carpenter(a)linaro.org> --- lib/kunit/kunit-test.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/kunit/kunit-test.c b/lib/kunit/kunit-test.c index 8c01eabd4eaf..a8b6e16f4465 100644 --- a/lib/kunit/kunit-test.c +++ b/lib/kunit/kunit-test.c @@ -119,6 +119,8 @@ static void kunit_test_null_dereference(void *data) struct kunit *test = data; int *null = NULL; + pr_info("Triggering deliberate NULL derefence.\n"); + *null = 0; KUNIT_FAIL(test, "This line should never be reached\n"); -- 2.47.2

1 week, 1 day

1
0
0 0

[PATCH] selftests: pid_namespace: add the missing close()

by zhouyuhang

From: Zhou Yuhang <zhouyuhang(a)kylinos.cn> Add the missing close() in the pid_max_cb() function. Signed-off-by: Zhou Yuhang <zhouyuhang(a)kylinos.cn> --- tools/testing/selftests/pid_namespace/pid_max.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/pid_namespace/pid_max.c b/tools/testing/selftests/pid_namespace/pid_max.c index 96f274f0582b..41f8b943bc96 100644 --- a/tools/testing/selftests/pid_namespace/pid_max.c +++ b/tools/testing/selftests/pid_namespace/pid_max.c @@ -61,6 +61,7 @@ static int pid_max_cb(void *data) } ret = write(fd, "500", sizeof("500") - 1); + close(fd); if (ret < 0) { fprintf(stderr, "%m - Failed to write pid_max\n"); return -1; -- 2.33.0

1 week, 1 day

1
0
0 0

[bug report] selftest/bpf/benchs: Add benchmark for sockmap usage

by Dan Carpenter

Hello Jiayuan Chen, Commit 7b2fa44de5e7 ("selftest/bpf/benchs: Add benchmark for sockmap usage") from Apr 7, 2025 (linux-next), leads to the following Smatch static checker warning: tools/testing/selftests/bpf/benchs/bench_sockmap.c:129 bench_sockmap_prog_destroy() error: buffer overflow 'ctx.fds' 5 <= 19 tools/testing/selftests/bpf/benchs/bench_sockmap.c 123 static void bench_sockmap_prog_destroy(void) 124 { 125 int i; 126 127 for (i = 0; i < sizeof(ctx.fds); i++) { ^^^^^^^^^^^^^^^ This should be ARRAY_SIZE(ctx.fds) otherwise it's a buffer overflow. 128 if (ctx.fds[0] > 0) ^^^^^^^^^^ Instead of .fds[0] it should be .fds[i], right? --> 129 close(ctx.fds[i]); 130 } 131 132 bench_sockmap_prog__destroy(ctx.skel); 133 } regards, dan carpenter

1 week, 2 days

1
0
0 0

[PATCH v2 bpf-next] selftests/bpf: Fix the invalid operand for instruction issue

by Feng Yang

From: Feng Yang <yangfeng(a)kylinos.cn> The following issue occurs when compiling with clang version 17.0.6: progs/compute_live_registers.c:251:3: error: invalid operand for instruction 251 | "r0 = 1;" | ^ <inline asm>:1:22: note: instantiated into assembly here 1 | r0 = 1;r2 = 2;if r1 & 0x7 goto +1;exit;r0 = r2;exit; | ^ 1 error generated. Use __imm_insn to fix this issue. Fixes: 4a4b84ba9e453 ("selftests/bpf: verify jset handling in CFG computation") Signed-off-by: Feng Yang <yangfeng(a)kylinos.cn> --- Changes in v2: - Use __imm_insn, thanks: Eduard Zingerman. - Link to v1: https://lore.kernel.org/all/20250827031540.461017-1-yangfeng59949@163.com/ --- tools/testing/selftests/bpf/progs/compute_live_registers.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/compute_live_registers.c b/tools/testing/selftests/bpf/progs/compute_live_registers.c index 6884ab99a421..01d73ad76faf 100644 --- a/tools/testing/selftests/bpf/progs/compute_live_registers.c +++ b/tools/testing/selftests/bpf/progs/compute_live_registers.c @@ -249,11 +249,13 @@ __naked void if3_jset_bug(void) asm volatile ( "r0 = 1;" "r2 = 2;" - "if r1 & 0x7 goto +1;" + ".8byte %[jset];" /* same as 'if r1 & 0x7 goto +1;' */ "exit;" "r0 = r2;" "exit;" - ::: __clobber_all); + : + : __imm_insn(jset, BPF_JMP_IMM(BPF_JSET, BPF_REG_1, 0x7, 1)) + : __clobber_all); } SEC("socket") -- 2.43.0

1 week, 2 days

2
2
0 0

[PATCH v1] libbpf: remove unused args in parse_usdt_note

by Jiawei Zhao

Remove unused 'elf' and 'path' parameters from parse_usdt_note function signature. These parameters are not referenced within the function body and only add unnecessary complexity. The function only requires the note header, data buffer, offsets, and output structure to perform USDT note parsing. Update function declaration, definition, and the single call site in collect_usdt_targets() to match the simplified signature. This is a safe internal cleanup as parse_usdt_note is a static function. Signed-off-by: Jiawei Zhao <phoenix500526(a)163.com> --- tools/lib/bpf/usdt.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/tools/lib/bpf/usdt.c b/tools/lib/bpf/usdt.c index e5eeac0b0fa4..deaea4bd13a6 100644 --- a/tools/lib/bpf/usdt.c +++ b/tools/lib/bpf/usdt.c @@ -581,9 +581,8 @@ static struct elf_seg *find_vma_seg(struct elf_seg *segs, size_t seg_cnt, long o return NULL; } -static int parse_usdt_note(Elf *elf, const char *path, GElf_Nhdr *nhdr, - const char *data, size_t name_off, size_t desc_off, - struct usdt_note *usdt_note); +static int parse_usdt_note(GElf_Nhdr *nhdr, const char *data, size_t name_off, + size_t desc_off, struct usdt_note *usdt_note); static int parse_usdt_spec(struct usdt_spec *spec, const struct usdt_note *note, __u64 usdt_cookie); @@ -637,7 +636,7 @@ static int collect_usdt_targets(struct usdt_manager *man, Elf *elf, const char * struct elf_seg *seg = NULL; void *tmp; - err = parse_usdt_note(elf, path, &nhdr, data->d_buf, name_off, desc_off, &note); + err = parse_usdt_note(&nhdr, data->d_buf, name_off, desc_off, &note); if (err) goto err_out; @@ -1143,8 +1142,7 @@ struct bpf_link *usdt_manager_attach_usdt(struct usdt_manager *man, const struct /* Parse out USDT ELF note from '.note.stapsdt' section. * Logic inspired by perf's code. */ -static int parse_usdt_note(Elf *elf, const char *path, GElf_Nhdr *nhdr, - const char *data, size_t name_off, size_t desc_off, +static int parse_usdt_note(GElf_Nhdr *nhdr, const char *data, size_t name_off, size_t desc_off, struct usdt_note *note) { const char *provider, *name, *args; -- 2.43.0

1 week, 2 days

3
2
0 0

[PATCH net-next v2] selftests: net: Add tests to verify team driver option set and get.

by Marc Harvey

There are currently no kernel tests that verify setting and getting options of the team driver. In the future, options may be added that implicitly change other options, which will make it useful to have tests like these that show nothing breaks. There will be a follow up patch to this that adds new "rx_enabled" and "tx_enabled" options, which will implicitly affect the "enabled" option value and vice versa. The tests use teamnl to first set options to specific values and then gets them to compare to the set values. Signed-off-by: Marc Harvey <marcharvey(a)google.com> --- Changes in v2: - Fixed shellcheck failures. - Fixed test failing in vng by adding a config option to enable the team driver's active backup mode. - Link to v1: https://lore.kernel.org/netdev/20250902235504.4190036-1-marcharvey@google.c… .../selftests/drivers/net/team/Makefile | 6 +- .../testing/selftests/drivers/net/team/config | 1 + .../selftests/drivers/net/team/options.sh | 192 ++++++++++++++++++ 3 files changed, 197 insertions(+), 2 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/team/options.sh diff --git a/tools/testing/selftests/drivers/net/team/Makefile b/tools/testing/selftests/drivers/net/team/Makefile index eaf6938f100e..8b00b70ce67f 100644 --- a/tools/testing/selftests/drivers/net/team/Makefile +++ b/tools/testing/selftests/drivers/net/team/Makefile @@ -1,11 +1,13 @@ # SPDX-License-Identifier: GPL-2.0 # Makefile for net selftests -TEST_PROGS := dev_addr_lists.sh propagation.sh +TEST_PROGS := dev_addr_lists.sh propagation.sh options.sh TEST_INCLUDES := \ ../bonding/lag_lib.sh \ ../../../net/forwarding/lib.sh \ - ../../../net/lib.sh + ../../../net/lib.sh \ + ../../../net/in_netns.sh \ + ../../../net/lib/sh/defer.sh \ include ../../../lib.mk diff --git a/tools/testing/selftests/drivers/net/team/config b/tools/testing/selftests/drivers/net/team/config index 636b3525b679..558e1d0cf565 100644 --- a/tools/testing/selftests/drivers/net/team/config +++ b/tools/testing/selftests/drivers/net/team/config @@ -3,4 +3,5 @@ CONFIG_IPV6=y CONFIG_MACVLAN=y CONFIG_NETDEVSIM=m CONFIG_NET_TEAM=y +CONFIG_NET_TEAM_MODE_ACTIVEBACKUP=y CONFIG_NET_TEAM_MODE_LOADBALANCE=y diff --git a/tools/testing/selftests/drivers/net/team/options.sh b/tools/testing/selftests/drivers/net/team/options.sh new file mode 100755 index 000000000000..82bf22aa3480 --- /dev/null +++ b/tools/testing/selftests/drivers/net/team/options.sh @@ -0,0 +1,192 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +# These tests verify basic set and get functionality of the team +# driver options over netlink. + +# Run in private netns. +test_dir="$(dirname "$0")" +if [[ $# -eq 0 ]]; then + "${test_dir}"/../../../net/in_netns.sh "$0" __subprocess + exit $? +fi + +ALL_TESTS=" + team_test_options +" + +source "${test_dir}/../../../net/lib.sh" + +TEAM_PORT="team0" +MEMBER_PORT="dummy0" + +setup() +{ + ip link add name "${MEMBER_PORT}" type dummy + ip link add name "${TEAM_PORT}" type team +} + +get_and_check_value() +{ + local option_name="$1" + local expected_value="$2" + local port_flag="$3" + + local value_from_get + + if ! value_from_get=$(teamnl "${TEAM_PORT}" getoption "${option_name}" \ + "${port_flag}"); then + echo "Could not get option '${option_name}'" >&2 + return 1 + fi + + if [[ "${value_from_get}" != "${expected_value}" ]]; then + echo "Incorrect value for option '${option_name}'" >&2 + echo "get (${value_from_get}) != set (${expected_value})" >&2 + return 1 + fi +} + +set_and_check_get() +{ + local option_name="$1" + local option_value="$2" + local port_flag="$3" + + local value_from_get + + if ! teamnl "${TEAM_PORT}" setoption "${option_name}" "${option_value}" \ + "${port_flag}"; then + echo "'setoption ${option_name} ${option_value}' failed" >&2 + return 1 + fi + + get_and_check_value "${option_name}" "${option_value}" "${port_flag}" + return $? +} + +# Get a "port flag" to pass to the `teamnl` command. +# E.g. $1="dummy0" -> "port=dummy0", +# $1="" -> "" +get_port_flag() +{ + local port_name="$1" + + if [[ -n "${port_name}" ]]; then + echo "--port=${port_name}" + fi +} + +attach_port_if_specified() +{ + local port_name="${1}" + + if [[ -n "${port_name}" ]]; then + ip link set dev "${port_name}" master "${TEAM_PORT}" + return $? + fi +} + +detach_port_if_specified() +{ + local port_name="${1}" + + if [[ -n "${port_name}" ]]; then + ip link set dev "${port_name}" nomaster + return $? + fi +} + +####################################### +# Test that an option's get value matches its set value. +# Globals: +# RET - Used by testing infra like `check_err`. +# EXIT_STATUS - Used by `log_test` to whole script exit value. +# Arguments: +# option_name - The name of the option. +# value_1 - The first value to try setting. +# value_2 - The second value to try setting. +# port_name - The (optional) name of the attached port. +####################################### +team_test_option() +{ + local option_name="$1" + local value_1="$2" + local value_2="$3" + local possible_values="$2 $3 $2" + local port_name="$4" + local port_flag + + RET=0 + + echo "Setting '${option_name}' to '${value_1}' and '${value_2}'" + + attach_port_if_specified "${port_name}" + check_err $? "Couldn't attach ${port_name} to master" + port_flag=$(get_port_flag "${port_name}") + + # Set and get both possible values. + for value in ${possible_values}; do + set_and_check_get "${option_name}" "${value}" "${port_flag}" + check_err $? "Failed to set '${option_name}' to '${value}'" + done + + detach_port_if_specified "${port_name}" + check_err $? "Couldn't detach ${port_name} from its master" + + log_test "Set + Get '${option_name}' test" +} + +####################################### +# Test that getting a non-existant option fails. +# Globals: +# RET - Used by testing infra like `check_err`. +# EXIT_STATUS - Used by `log_test` to whole script exit value. +# Arguments: +# option_name - The name of the option. +# port_name - The (optional) name of the attached port. +####################################### +team_test_get_option_fails() +{ + local option_name="$1" + local port_name="$2" + local port_flag + + RET=0 + + attach_port_if_specified "${port_name}" + check_err $? "Couldn't attach ${port_name} to master" + port_flag=$(get_port_flag "${port_name}") + + # Just confirm that getting the value fails. + teamnl "${TEAM_PORT}" getoption "${option_name}" "${port_flag}" + check_fail $? "Shouldn't be able to get option '${option_name}'" + + detach_port_if_specified "${port_name}" + + log_test "Get '${option_name}' fails" +} + +team_test_options() +{ + # Wrong option name behavior. + team_test_get_option_fails fake_option1 + team_test_get_option_fails fake_option2 "${MEMBER_PORT}" + + # Correct set and get behavior. + team_test_option mode activebackup loadbalance + team_test_option notify_peers_count 0 5 + team_test_option notify_peers_interval 0 5 + team_test_option mcast_rejoin_count 0 5 + team_test_option mcast_rejoin_interval 0 5 + team_test_option enabled true false "${MEMBER_PORT}" + team_test_option user_linkup true false "${MEMBER_PORT}" + team_test_option user_linkup_enabled true false "${MEMBER_PORT}" + team_test_option priority 10 20 "${MEMBER_PORT}" + team_test_option queue_id 0 1 "${MEMBER_PORT}" +} + +require_command teamnl +setup +tests_run +exit "${EXIT_STATUS}" -- 2.51.0.338.gd7d06c2dae-goog

1 week, 2 days

2
2
0 0

[PATCH net-next 10/10] selftests: forwarding: Add test for BR_BOOLOPT_FDB_LOCAL_VLAN_0

by Petr Machata

Add a selftest to check the operation of this newly-introduced bridge option. Signed-off-by: Petr Machata <petrm(a)nvidia.com> --- Notes: CC: Shuah Khan <shuah(a)kernel.org> CC: linux-kselftest(a)vger.kernel.org .../testing/selftests/net/forwarding/Makefile | 1 + .../net/forwarding/bridge_fdb_local_vlan_0.sh | 374 ++++++++++++++++++ 2 files changed, 375 insertions(+) create mode 100755 tools/testing/selftests/net/forwarding/bridge_fdb_local_vlan_0.sh diff --git a/tools/testing/selftests/net/forwarding/Makefile b/tools/testing/selftests/net/forwarding/Makefile index 0a0d4c2a85f7..e6f482a600da 100644 --- a/tools/testing/selftests/net/forwarding/Makefile +++ b/tools/testing/selftests/net/forwarding/Makefile @@ -5,6 +5,7 @@ TEST_PROGS = \ bridge_fdb_learning_limit.sh \ bridge_igmp.sh \ bridge_locked_port.sh \ + bridge_fdb_local_vlan_0.sh \ bridge_mdb.sh \ bridge_mdb_host.sh \ bridge_mdb_max.sh \ diff --git a/tools/testing/selftests/net/forwarding/bridge_fdb_local_vlan_0.sh b/tools/testing/selftests/net/forwarding/bridge_fdb_local_vlan_0.sh new file mode 100755 index 000000000000..5a0b43aff5aa --- /dev/null +++ b/tools/testing/selftests/net/forwarding/bridge_fdb_local_vlan_0.sh @@ -0,0 +1,374 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +# +-----------------------+ +-----------------------+ +-----------------------+ +# | H1 (vrf) | | H2 (vrf) | | H3 (vrf) | +# | + $h1 | | + $h2 | | + $h3 | +# | | 192.0.2.1/28 | | | 192.0.2.2/28 | | | 192.0.2.18/28 | +# | | 2001:db8:1::1/64 | | | 2001:db8:1::2/64 | | | 2001:db8:2::2/64 | +# | | | | | | | | | +# +----|------------------+ +----|------------------+ +----|------------------+ +# | | | +# +----|-------------------------|-------------------------|------------------+ +# | +--|-------------------------|------------------+ | | +# | | + $swp1 + $swp2 | + $swp3 | +# | | | 192.0.2.17/28 | +# | | BR1 (802.1q) | 2001:db8:2::1/64 | +# | | 192.0.2.3/28 | | +# | | 2001:db8:1::3/64 | | +# | +-----------------------------------------------+ SW | +# +---------------------------------------------------------------------------+ +# +#shellcheck disable=SC2317 # SC doesn't see our uses of functions. +#shellcheck disable=SC2034 # ... and global variables + +ALL_TESTS=" + test_d_no_sharing + test_d_sharing + test_q_no_sharing + test_q_sharing +" + +NUM_NETIFS=6 +source lib.sh + +pMAC=00:11:22:33:44:55 +bMAC=00:11:22:33:44:66 +mMAC=00:11:22:33:44:77 +xMAC=00:11:22:33:44:88 + +host_create() +{ + local h=$1; shift + local ipv4=$1; shift + local ipv6=$1; shift + + simple_if_init "$h" "$ipv4" "$ipv6" + defer simple_if_fini "$h" "$ipv4" "$ipv6" + + ip_route_add vrf "v$h" 192.0.2.16/28 nexthop via 192.0.2.3 + ip_route_add vrf "v$h" 2001:db8:2::/64 nexthop via 2001:db8:1::3 +} + +h3_create() +{ + simple_if_init "$h3" 192.0.2.18/28 2001:db8:2::2/64 + defer simple_if_fini "$h3" 192.0.2.18/28 2001:db8:2::2/64 + + ip_route_add vrf "v$h3" 192.0.2.0/28 nexthop via 192.0.2.17 + ip_route_add vrf "v$h3" 2001:db8:1::/64 nexthop via 2001:db8:2::1 + + tc qdisc add dev "$h3" clsact + defer tc qdisc del dev "$h3" clsact + + tc filter add dev "$h3" ingress proto ip pref 104 \ + flower skip_hw ip_proto udp dst_port 4096 \ + action pass + defer tc filter del dev "$h3" ingress proto ip pref 104 + + tc qdisc add dev "$h2" clsact + defer tc qdisc del dev "$h2" clsact + + tc filter add dev "$h2" ingress proto ip pref 104 \ + flower skip_hw ip_proto udp dst_port 4096 \ + action pass + defer tc filter del dev "$h2" ingress proto ip pref 104 +} + +switch_create() +{ + ip_link_set_up "$swp1" + + ip_link_set_up "$swp2" + + ip_addr_add "$swp3" 192.0.2.17/28 + ip_addr_add "$swp3" 2001:db8:2::1/64 + ip_link_set_up "$swp3" +} + +setup_prepare() +{ + h1=${NETIFS[p1]} + swp1=${NETIFS[p2]} + + swp2=${NETIFS[p3]} + h2=${NETIFS[p4]} + + swp3=${NETIFS[p5]} + h3=${NETIFS[p6]} + + vrf_prepare + defer vrf_cleanup + + forwarding_enable + defer forwarding_restore + + host_create "$h1" 192.0.2.1/28 2001:db8:1::1/64 + host_create "$h2" 192.0.2.2/28 2001:db8:1::2/64 + h3_create + + switch_create +} + +adf_bridge_create() +{ + local dev + local mac + + ip_link_add br up type bridge vlan_default_pvid 0 "$@" + mac=$(mac_get br) + ip_addr_add br 192.0.2.3/28 + ip_addr_add br 2001:db8:1::3/64 + + bridge_vlan_add dev br vid 1 pvid untagged self + bridge_vlan_add dev br vid 2 self + bridge_vlan_add dev br vid 3 self + + for dev in "$swp1" "$swp2"; do + ip_link_set_master "$dev" br + bridge_vlan_add dev "$dev" vid 1 pvid untagged + bridge_vlan_add dev "$dev" vid 2 + bridge_vlan_add dev "$dev" vid 3 + done + + ip_link_set_addr br "$mac" +} + +check_fdb_local_vlan_0_support() +{ + if ip_link_add XXbr up type bridge vlan_filtering 1 fdb_local_vlan_0 1 \ + &>/dev/null; then + return 0 + fi + + log_test_skip "FDB sharing" \ + "iproute 2 or the kernel do not support fdb_local_vlan_0" +} + +check_mac_presence() +{ + local should_fail=$1; shift + local dev=$1; shift + local vlan=$1; shift + local mac + + mac=$(mac_get "$dev") + + if ((vlan == 0)); then + vlan=null + fi + + bridge -j fdb show dev "$dev" | + jq -e --arg mac "$mac" --argjson vlan "$vlan" \ + '.[] | select(.mac == $mac) | select(.vlan == $vlan)' > /dev/null + check_err_fail "$should_fail" $? "FDB dev $dev vid $vlan addr $mac exists" +} + +do_sharing_test() +{ + local should_fail=$1; shift + local what=$1; shift + local dev + + RET=0 + + for dev in "$swp1" "$swp2" br; do + check_mac_presence 0 "$dev" 0 + check_mac_presence "$should_fail" "$dev" 1 + check_mac_presence "$should_fail" "$dev" 2 + check_mac_presence "$should_fail" "$dev" 3 + done + + log_test "$what" +} + +do_end_to_end_test() +{ + local mac=$1; shift + local what=$1; shift + local probe_dev=${1-$h3}; shift + local expect=${1-10}; shift + + local t0 + local t1 + local dd + + RET=0 + + # In mausezahn, use $dev MAC as the destination MAC. In the MAC sharing + # context, that will cause an FDB miss on VLAN 1 and prompt a second + # lookup in VLAN 0. + + t0=$(tc_rule_stats_get "$probe_dev" 104 ingress) + + $MZ "$h1" -c 10 -p 64 -a own -b "$mac" \ + -A 192.0.2.1 -B 192.0.2.18 -t udp "dp=4096,sp=2048" -q + sleep 1 + + t1=$(tc_rule_stats_get "$probe_dev" 104 ingress) + dd=$((t1 - t0)) + + ((dd == expect)) + check_err $? "Expected $expect packets on $probe_dev got $dd" + + log_test "$what" +} + +do_tests() +{ + local should_fail=$1; shift + local what=$1; shift + local swp1_mac + local br_mac + + swp1_mac=$(mac_get "$swp1") + br_mac=$(mac_get br) + + do_sharing_test "$should_fail" "$what" + do_end_to_end_test "$swp1_mac" "$what: end to end, $swp1 MAC" + do_end_to_end_test "$br_mac" "$what: end to end, br MAC" +} + +bridge_standard() +{ + local vlan_filtering=$1; shift + + if ((vlan_filtering)); then + echo 802.1q + else + echo 802.1d + fi +} + +nonexistent_fdb_test() +{ + local vlan_filtering=$1; shift + local standard + + standard=$(bridge_standard "$vlan_filtering") + + # We expect flooding, so $h2 should get the traffic. + do_end_to_end_test "$xMAC" "$standard: Nonexistent FDB" "$h2" +} + +misleading_fdb_test() +{ + local vlan_filtering=$1; shift + local standard + + standard=$(bridge_standard "$vlan_filtering") + + defer_scope_push + # Add an FDB entry on VLAN 0. The lookup on VLAN-aware bridge + # shouldn't pick this up even with fdb_local_vlan_0 enabled, so + # the traffic should be flooded. This all holds on + # vlan_filtering bridge, on non-vlan_filtering one the FDB entry + # is expected to be found as usual, no flooding takes place. + # + # Adding only on VLAN 0 is a bit tricky, because bridge is + # trying to be nice and interprets the request as if the FDB + # should be added on each VLAN. + + bridge fdb add "$mMAC" dev "$swp1" master + bridge fdb del "$mMAC" dev "$swp1" vlan 1 master + bridge fdb del "$mMAC" dev "$swp1" vlan 2 master + bridge fdb del "$mMAC" dev "$swp1" vlan 3 master + + local expect=$((vlan_filtering ? 10 : 0)) + do_end_to_end_test "$mMAC" \ + "$standard: Lookup of non-local MAC on VLAN 0" \ + "$h2" "$expect" + defer_scope_pop +} + +change_mac() +{ + local dev=$1; shift + local mac=$1; shift + local cur_mac + + cur_mac=$(mac_get "$dev") + + log_info "Change $dev MAC $cur_mac -> $mac" + ip_link_set_addr "$dev" "$mac" + defer log_info "Change $dev MAC back" +} + +do_test_no_sharing() +{ + local vlan_filtering=$1; shift + local standard + + standard=$(bridge_standard "$vlan_filtering") + + adf_bridge_create vlan_filtering "$vlan_filtering" + setup_wait + + do_tests 0 "$standard, no FDB sharing" + + change_mac "$swp1" "$pMAC" + change_mac br "$bMAC" + + do_tests 0 "$standard, no FDB sharing after MAC change" + + in_defer_scope check_fdb_local_vlan_0_support || return + + log_info "Set fdb_local_vlan_0=1" + ip link set dev br type bridge fdb_local_vlan_0 1 + + do_tests 1 "$standard, fdb sharing after toggle" +} + +do_test_sharing() +{ + local vlan_filtering=$1; shift + local standard + + standard=$(bridge_standard "$vlan_filtering") + + in_defer_scope check_fdb_local_vlan_0_support || return + + adf_bridge_create vlan_filtering "$vlan_filtering" fdb_local_vlan_0 1 + setup_wait + + do_tests 1 "$standard, FDB sharing" + + nonexistent_fdb_test "$vlan_filtering" + misleading_fdb_test "$vlan_filtering" + + change_mac "$swp1" "$pMAC" + change_mac br "$bMAC" + + do_tests 1 "$standard, FDB sharing after MAC change" + + log_info "Set fdb_local_vlan_0=0" + ip link set dev br type bridge fdb_local_vlan_0 0 + + do_tests 0 "$standard, No FDB sharing after toggle" +} + +test_d_no_sharing() +{ + do_test_no_sharing 0 +} + +test_d_sharing() +{ + do_test_sharing 0 +} + +test_q_no_sharing() +{ + do_test_no_sharing 1 +} + +test_q_sharing() +{ + do_test_sharing 1 +} + + +trap cleanup EXIT + +setup_prepare +tests_run -- 2.49.0

1 week, 2 days

1
0
0 0

[PATCH net-next 09/10] selftests: net: lib.sh: Don't defer failed commands

by Petr Machata

Usually the autodefer helpers in lib.sh are expected to be run in context where success is the expected outcome. However when using them for feature detection, failure can legitimately occur. But the failed command still schedules a cleanup, which will likely fail again. Instead, only schedule deferred cleanup when the positive command succeeds. This way of organizing the cleanup has the added benefit that now the return code from these functions reflects whether the command passed. Signed-off-by: Petr Machata <petrm(a)nvidia.com> --- Notes: CC: Shuah Khan <shuah(a)kernel.org> CC: linux-kselftest(a)vger.kernel.org tools/testing/selftests/net/lib.sh | 32 +++++++++++++++--------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/tools/testing/selftests/net/lib.sh b/tools/testing/selftests/net/lib.sh index c7add0dc4c60..80cf1a75136c 100644 --- a/tools/testing/selftests/net/lib.sh +++ b/tools/testing/selftests/net/lib.sh @@ -547,8 +547,8 @@ ip_link_add() { local name=$1; shift - ip link add name "$name" "$@" - defer ip link del dev "$name" + ip link add name "$name" "$@" && \ + defer ip link del dev "$name" } ip_link_set_master() @@ -556,8 +556,8 @@ ip_link_set_master() local member=$1; shift local master=$1; shift - ip link set dev "$member" master "$master" - defer ip link set dev "$member" nomaster + ip link set dev "$member" master "$master" && \ + defer ip link set dev "$member" nomaster } ip_link_set_addr() @@ -566,8 +566,8 @@ ip_link_set_addr() local addr=$1; shift local old_addr=$(mac_get "$name") - ip link set dev "$name" address "$addr" - defer ip link set dev "$name" address "$old_addr" + ip link set dev "$name" address "$addr" && \ + defer ip link set dev "$name" address "$old_addr" } ip_link_has_flag() @@ -590,8 +590,8 @@ ip_link_set_up() local name=$1; shift if ! ip_link_is_up "$name"; then - ip link set dev "$name" up - defer ip link set dev "$name" down + ip link set dev "$name" up && \ + defer ip link set dev "$name" down fi } @@ -600,8 +600,8 @@ ip_link_set_down() local name=$1; shift if ip_link_is_up "$name"; then - ip link set dev "$name" down - defer ip link set dev "$name" up + ip link set dev "$name" down && \ + defer ip link set dev "$name" up fi } @@ -609,20 +609,20 @@ ip_addr_add() { local name=$1; shift - ip addr add dev "$name" "$@" - defer ip addr del dev "$name" "$@" + ip addr add dev "$name" "$@" && \ + defer ip addr del dev "$name" "$@" } ip_route_add() { - ip route add "$@" - defer ip route del "$@" + ip route add "$@" && \ + defer ip route del "$@" } bridge_vlan_add() { - bridge vlan add "$@" - defer bridge vlan del "$@" + bridge vlan add "$@" && \ + defer bridge vlan del "$@" } wait_local_port_listen() -- 2.49.0

1 week, 2 days

1
0
0 0

[PATCH net-next 08/10] selftests: defer: Introduce DEFER_PAUSE_ON_FAIL

by Petr Machata

The fact that all cleanup (ideally) goes through the defer framework makes debugging of these commands a bit tricky. However, this also gives us a nice point to place a hook along the lines of PAUSE_ON_FAIL. When the environment variable DEFER_PAUSE_ON_FAIL is set, and a cleanup command results in non-zero exit status, show a bit of debuginfo and give the user an opportunity to interrupt the execution altogether. Signed-off-by: Petr Machata <petrm(a)nvidia.com> --- Notes: CC: Shuah Khan <shuah(a)kernel.org> CC: linux-kselftest(a)vger.kernel.org tools/testing/selftests/net/lib/sh/defer.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tools/testing/selftests/net/lib/sh/defer.sh b/tools/testing/selftests/net/lib/sh/defer.sh index 6c642f3d0ced..47ab78c4d465 100644 --- a/tools/testing/selftests/net/lib/sh/defer.sh +++ b/tools/testing/selftests/net/lib/sh/defer.sh @@ -1,6 +1,10 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0 +# Whether to pause and allow debugging when an executed deferred command has a +# non-zero exit code. +: "${DEFER_PAUSE_ON_FAIL:=no}" + # map[(scope_id,track,cleanup_id) -> cleanup_command] # track={d=default | p=priority} declare -A __DEFER__JOBS @@ -38,8 +42,20 @@ __defer__run() local track=$1; shift local defer_ix=$1; shift local defer_key=$(__defer__defer_key $track $defer_ix) + local ret eval ${__DEFER__JOBS[$defer_key]} + ret=$? + + if [[ "$DEFER_PAUSE_ON_FAIL" == yes && "$ret" -ne 0 ]]; then + echo "Deferred command (track $track index $defer_ix):" + echo " ${__DEFER__JOBS[$defer_key]}" + echo "... ended with an exit status of $ret" + echo "Hit enter to continue, 'q' to quit" + read a + [[ "$a" == q ]] && exit 1 + fi + unset __DEFER__JOBS[$defer_key] } -- 2.49.0

1 week, 2 days

1
0
0 0

[PATCH net-next 07/10] selftests: defer: Allow spaces in arguments of deferred commands

by Petr Machata

Currently the way deferred commands are stored and invoked causes any whitespace to act as an argument separator when the command is executed. To make it possible to use spaces in deferred commands, store the commands quoted, and then eval the string prior to execution. Fixes: a6e263f125cd ("selftests: net: lib: Introduce deferred commands") Signed-off-by: Petr Machata <petrm(a)nvidia.com> --- Notes: CC: Shuah Khan <shuah(a)kernel.org> CC: linux-kselftest(a)vger.kernel.org tools/testing/selftests/net/lib/sh/defer.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/lib/sh/defer.sh b/tools/testing/selftests/net/lib/sh/defer.sh index 082f5d38321b..6c642f3d0ced 100644 --- a/tools/testing/selftests/net/lib/sh/defer.sh +++ b/tools/testing/selftests/net/lib/sh/defer.sh @@ -39,7 +39,7 @@ __defer__run() local defer_ix=$1; shift local defer_key=$(__defer__defer_key $track $defer_ix) - ${__DEFER__JOBS[$defer_key]} + eval ${__DEFER__JOBS[$defer_key]} unset __DEFER__JOBS[$defer_key] } @@ -49,7 +49,7 @@ __defer__schedule() local ndefers=$(__defer__ndefers $track) local ndefers_key=$(__defer__ndefer_key $track) local defer_key=$(__defer__defer_key $track $ndefers) - local defer="$@" + local defer="${@@Q}" __DEFER__JOBS[$defer_key]="$defer" __DEFER__NJOBS[$ndefers_key]=$((ndefers + 1)) -- 2.49.0

1 week, 2 days

1
0
0 0

[PATCH net-next v5 0/9] vsock: add namespace support to vhost-vsock

by Bobby Eshleman

This series adds namespace support to vhost-vsock and loopback. It does not add namespaces to any of the other guest transports (virtio-vsock, hyperv, or vmci). The current revision only supports two modes: local or global. Local mode is complete isolation of namespaces, while global mode is complete sharing between namespaces of CIDs (the original behavior). The mode is set using /proc/sys/net/vsock/ns_mode. Modes are per-netns and write-once. This allows a system to configure namespaces independently (some may share CIDs, others are completely isolated). This also supports future possible mixed use cases, where there may be namespaces in global mode spinning up VMs while there are mixed mode namespaces that provide services to the VMs, but are not allowed to allocate from the global CID pool. Additionally, added tests for the new semantics: tools/testing/selftests/vsock/vmtest.sh 1..22 ok 1 vm_server_host_client ok 2 vm_client_host_server ok 3 vm_loopback ok 4 host_vsock_ns_mode_ok ok 5 host_vsock_ns_mode_write_once_ok ok 6 global_same_cid_fails ok 7 local_same_cid_ok ok 8 global_local_same_cid_ok ok 9 local_global_same_cid_ok ok 10 diff_ns_global_host_connect_to_global_vm_ok ok 11 diff_ns_global_host_connect_to_local_vm_fails ok 12 diff_ns_global_vm_connect_to_global_host_ok ok 13 diff_ns_global_vm_connect_to_local_host_fails ok 14 diff_ns_local_host_connect_to_local_vm_fails ok 15 diff_ns_local_vm_connect_to_local_host_fails ok 16 diff_ns_global_to_local_loopback_local_fails ok 17 diff_ns_local_to_global_loopback_fails ok 18 diff_ns_local_to_local_loopback_fails ok 19 diff_ns_global_to_global_loopback_ok ok 20 same_ns_local_loopback_ok ok 21 same_ns_local_host_connect_to_local_vm_ok ok 22 same_ns_local_vm_connect_to_local_host_ok SUMMARY: PASS=22 SKIP=0 FAIL=0 Log: /tmp/vsock_vmtest_OQC4.log Thanks again for everyone's help and reviews! Signed-off-by: Bobby Eshleman <bobbyeshleman(a)gmail.com> To: Stefano Garzarella <sgarzare(a)redhat.com> To: Shuah Khan <shuah(a)kernel.org> To: David S. Miller <davem(a)davemloft.net> To: Eric Dumazet <edumazet(a)google.com> To: Jakub Kicinski <kuba(a)kernel.org> To: Paolo Abeni <pabeni(a)redhat.com> To: Simon Horman <horms(a)kernel.org> To: Stefan Hajnoczi <stefanha(a)redhat.com> To: Michael S. Tsirkin <mst(a)redhat.com> To: Jason Wang <jasowang(a)redhat.com> To: Xuan Zhuo <xuanzhuo(a)linux.alibaba.com> To: Eugenio Pérez <eperezma(a)redhat.com> To: K. Y. Srinivasan <kys(a)microsoft.com> To: Haiyang Zhang <haiyangz(a)microsoft.com> To: Wei Liu <wei.liu(a)kernel.org> To: Dexuan Cui <decui(a)microsoft.com> To: Bryan Tan <bryan-bt.tan(a)broadcom.com> To: Vishnu Dasa <vishnu.dasa(a)broadcom.com> To: Broadcom internal kernel review list <bcm-kernel-feedback-list(a)broadcom.com> Cc: virtualization(a)lists.linux.dev Cc: netdev(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Cc: kvm(a)vger.kernel.org Cc: linux-hyperv(a)vger.kernel.org Cc: berrange(a)redhat.com Changes in v5: - /proc/net/vsock_ns_mode -> /proc/sys/net/vsock/ns_mode - vsock_global_net -> vsock_global_dummy_net - fix netns lookup in vhost_vsock to respect pid namespaces - add callbacks for vsock_loopback to avoid circular dependency - vmtest.sh loads vsock_loopback module - remove vsock_net_mode_can_set() - change vsock_net_write_mode() to return true/false based on success - make vsock_net_mode enum instead of u8 - Link to v4: https://lore.kernel.org/r/20250805-vsock-vmtest-v4-0-059ec51ab111@meta.com Changes in v4: - removed RFC tag - implemented loopback support - renamed new tests to better reflect behavior - completed suite of tests with permutations of ns modes and vsock_test as guest/host - simplified socat bridging with unix socket instead of tcp + veth - only use vsock_test for success case, socat for failure case (context in commit message) - lots of cleanup Changes in v3: - add notion of "modes" - add procfs /proc/net/vsock_ns_mode - local and global modes only - no /dev/vhost-vsock-netns - vmtest.sh already merged, so new patch just adds new tests for NS - Link to v2: https://lore.kernel.org/kvm/20250312-vsock-netns-v2-0-84bffa1aa97a@gmail.com Changes in v2: - only support vhost-vsock namespaces - all g2h namespaces retain old behavior, only common API changes impacted by vhost-vsock changes - add /dev/vhost-vsock-netns for "opt-in" - leave /dev/vhost-vsock to old behavior - removed netns module param - Link to v1: https://lore.kernel.org/r/20200116172428.311437-1-sgarzare@redhat.com Changes in v1: - added 'netns' module param to vsock.ko to enable the network namespace support (disabled by default) - added 'vsock_net_eq()' to check the "net" assigned to a socket only when 'netns' support is enabled - Link to RFC: https://patchwork.ozlabs.org/cover/1202235/ --- Bobby Eshleman (9): vsock: a per-net vsock NS mode state vsock: add net to vsock skb cb vsock: add netns to vsock core vsock/loopback: add netns support vsock/virtio: add netns to virtio transport common vhost/vsock: add netns support selftests/vsock: improve logging in vmtest.sh selftests/vsock: invoke vsock_test through helpers selftests/vsock: add namespace tests MAINTAINERS | 1 + drivers/vhost/vsock.c | 30 +- include/linux/virtio_vsock.h | 12 + include/net/af_vsock.h | 89 ++- include/net/net_namespace.h | 4 + include/net/netns/vsock.h | 25 + net/vmw_vsock/af_vsock.c | 312 ++++++++- net/vmw_vsock/hyperv_transport.c | 2 +- net/vmw_vsock/virtio_transport.c | 5 +- net/vmw_vsock/virtio_transport_common.c | 14 +- net/vmw_vsock/vmci_transport.c | 4 +- net/vmw_vsock/vsock_loopback.c | 76 ++- tools/testing/selftests/vsock/vmtest.sh | 1092 ++++++++++++++++++++++++++----- 13 files changed, 1475 insertions(+), 191 deletions(-) --- base-commit: 242041164339594ca019481d54b4f68a7aaff64e change-id: 20250325-vsock-vmtest-b3a21d2102c2 Best regards, -- Bobby Eshleman <bobbyeshleman(a)meta.com>

1 week, 2 days

3
18
0 0

[PATCH bpf-next v4 1/2] bpf: add bpf_strcasecmp kfunc

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> bpf_strcasecmp() function performs same like bpf_strcmp() except ignoring the case of the characters. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- kernel/bpf/helpers.c | 68 +++++++++++++++++++++++++++++++------------- 1 file changed, 48 insertions(+), 20 deletions(-) diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index 401b4932cc49..588bc7e36436 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -3349,45 +3349,72 @@ __bpf_kfunc void __bpf_trap(void) * __get_kernel_nofault instead of plain dereference to make them safe. */ -/** - * bpf_strcmp - Compare two strings - * @s1__ign: One string - * @s2__ign: Another string - * - * Return: - * * %0 - Strings are equal - * * %-1 - @s1__ign is smaller - * * %1 - @s2__ign is smaller - * * %-EFAULT - Cannot read one of the strings - * * %-E2BIG - One of strings is too large - * * %-ERANGE - One of strings is outside of kernel address space - */ -__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +static int __bpf_strcasecmp(const char *s1, const char *s2, bool ignore_case) { char c1, c2; int i; - if (!copy_from_kernel_nofault_allowed(s1__ign, 1) || - !copy_from_kernel_nofault_allowed(s2__ign, 1)) { + if (!copy_from_kernel_nofault_allowed(s1, 1) || + !copy_from_kernel_nofault_allowed(s2, 1)) { return -ERANGE; } guard(pagefault)(); for (i = 0; i < XATTR_SIZE_MAX; i++) { - __get_kernel_nofault(&c1, s1__ign, char, err_out); - __get_kernel_nofault(&c2, s2__ign, char, err_out); + __get_kernel_nofault(&c1, s1, char, err_out); + __get_kernel_nofault(&c2, s2, char, err_out); + if (ignore_case) { + c1 = tolower(c1); + c2 = tolower(c2); + } if (c1 != c2) return c1 < c2 ? -1 : 1; if (c1 == '\0') return 0; - s1__ign++; - s2__ign++; + s1++; + s2++; } return -E2BIG; err_out: return -EFAULT; } +/** + * bpf_strcmp - Compare two strings + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, false); +} + +/** + * bpf_strcasecmp - Compare two strings, ignoring the case of the characters + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcasecmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, true); +} + /** * bpf_strnchr - Find a character in a length limited string * @s__ign: The string to be searched @@ -3832,6 +3859,7 @@ BTF_ID_FLAGS(func, bpf_iter_dmabuf_destroy, KF_ITER_DESTROY | KF_SLEEPABLE) #endif BTF_ID_FLAGS(func, __bpf_trap) BTF_ID_FLAGS(func, bpf_strcmp); +BTF_ID_FLAGS(func, bpf_strcasecmp); BTF_ID_FLAGS(func, bpf_strchr); BTF_ID_FLAGS(func, bpf_strchrnul); BTF_ID_FLAGS(func, bpf_strnchr); -- 2.51.0

1 week, 2 days

4
3
0 0

[PATCH RESEND bpf-next v3 0/3] selftests/bpf: benchmark all symbols for kprobe-multi

by Menglong Dong

Add the benchmark testcase "kprobe-multi-all", which will hook all the kernel functions during the testing. This series is separated out from [1]. Changes since V2: * add some comment to attach_ksyms_all, which notes that don't run the testing on a debug kernel Changes since V1: * introduce trace_blacklist instead of copy-pasting strcmp in the 2nd patch * use fprintf() instead of printf() in 3rd patch Link: https://lore.kernel.org/bpf/20250817024607.296117-1-dongml2@chinatelecom.cn/ [1] Menglong Dong (3): selftests/bpf: move get_ksyms and get_addrs to trace_helpers.c selftests/bpf: skip recursive functions for kprobe_multi selftests/bpf: add benchmark testing for kprobe-multi-all tools/testing/selftests/bpf/bench.c | 4 + .../selftests/bpf/benchs/bench_trigger.c | 61 +++++ .../selftests/bpf/benchs/run_bench_trigger.sh | 4 +- .../bpf/prog_tests/kprobe_multi_test.c | 220 +--------------- .../selftests/bpf/progs/trigger_bench.c | 12 + tools/testing/selftests/bpf/trace_helpers.c | 234 ++++++++++++++++++ tools/testing/selftests/bpf/trace_helpers.h | 3 + 7 files changed, 319 insertions(+), 219 deletions(-) -- 2.51.0

1 week, 2 days

2
4
0 0

[PATCH 0/2] Fix va_high_addr_switch.sh test failure

by Chunyu Hu

The two patches fix the va_high_addr_switch.sh test failure on x86_64. Patch 1 fixes the hugepages setup issue that nr_hugepages is reset too early in run_vmtests.sh and break the later va_high_addr_switch testing. Patch 2 fixes the test failure caused by the hint addr align method change in hugetlb_get_unmapped_area(). Chunyu Hu (2): selftests/mm: fix hugepages cleanup too early selftests/mm: fix va_high_addr_switch.sh failure on x86_64 tools/testing/selftests/mm/run_vmtests.sh | 9 +++++++-- tools/testing/selftests/mm/va_high_addr_switch.c | 4 ++-- 2 files changed, 9 insertions(+), 4 deletions(-) -- 2.49.0

1 week, 2 days

2
5
0 0

[PATCH bpf-next v3 00/14] selftests/bpf: Integrate test_xsk.c to test_progs framework

by Bastien Curutchet (eBPF Foundation)

Hi all, This is a second version of a series I sent some time ago, it continues the work of migrating the script tests into prog_tests. The test_xsk.sh script covers many AF_XDP use cases. The tests it runs are defined in xksxceiver.c. Since this script is used to test real hardware, the goal here is to leave it as it is, and only integrate the tests that run on veth peers into the test_progs framework. Some tests are flaky so they can't be integrated in the CI as they are. I think that fixing their flakyness would require a significant amount of work. So, as first step, I've excluded them from the list of tests migrated to the CI (see PATCH 13). If these tests get fixed at some point, integrating them into the CI will be straightforward. PATCH 1 extracts test_xsk[.c/.h] from xskxceiver[.c/.h] to make the tests available to test_progs. PATCH 2 to 5 fix small issues in the current test PATCH 7 to 12 handle all errors to release resources instead of calling exit() when any error occurs. PATCH 13 isolates some flaky tests PATCH 14 integrate the non-flaky tests to the test_progs framework Maciej, I've fixed the bug you found in the initial series. I've looked for any hardware able to run test_xsk.sh in my office, but I couldn't find one ... So here again, only the veth part has been tested, sorry about that. Signed-off-by: Bastien Curutchet (eBPF Foundation) <bastien.curutchet(a)bootlin.com> --- Changes in v3: - Rebase on latest bpf-next_base to integrate commit c9110e6f7237 ("selftests/bpf: Fix count write in testapp_xdp_metadata_copy()"). - Move XDP_METADATA_COPY_* tests from flaky-tests to nominal tests - Link to v2: https://lore.kernel.org/r/20250902-xsk-v2-0-17c6345d5215@bootlin.com Changes in v2: - Rebase on the latest bpf-next_base and integrate the newly added tests to the work (adjust_tail* and tx_queue_consumer tests) - Re-order patches to split xkxceiver sooner. - Fix the bug reported by Maciej. - Fix verbose mode in test_xsk.sh by keeping kselftest (remove PATCH 1, 7 and 8) - Link to v1: https://lore.kernel.org/r/20250313-xsk-v1-0-7374729a93b9@bootlin.com --- Bastien Curutchet (eBPF Foundation) (14): selftests/bpf: test_xsk: Split xskxceiver selftests/bpf: test_xsk: Initialize bitmap before use selftests/bpf: test_xsk: Fix memory leaks selftests/bpf: test_xsk: Wrap test clean-up in functions selftests/bpf: test_xsk: Release resources when swap fails selftests/bpf: test_xsk: Add return value to init_iface() selftests/bpf: test_xsk: Don't exit immediately when xsk_attach fails selftests/bpf: test_xsk: Don't exit immediately when gettimeofday fails selftests/bpf: test_xsk: Don't exit immediately when workers fail selftests/bpf: test_xsk: Don't exit immediately if validate_traffic fails selftests/bpf: test_xsk: Don't exit immediately on allocation failures selftests/bpf: test_xsk: Move exit_with_error to xskxceiver.c selftests/bpf: test_xsk: Isolate flaky tests selftests/bpf: test_xsk: Integrate test_xsk.c to test_progs framework tools/testing/selftests/bpf/Makefile | 11 +- tools/testing/selftests/bpf/prog_tests/test_xsk.c | 2604 ++++++++++++++++++++ tools/testing/selftests/bpf/prog_tests/test_xsk.h | 294 +++ tools/testing/selftests/bpf/prog_tests/xsk.c | 146 ++ tools/testing/selftests/bpf/xskxceiver.c | 2685 +-------------------- tools/testing/selftests/bpf/xskxceiver.h | 156 -- 6 files changed, 3170 insertions(+), 2726 deletions(-) --- base-commit: e4e08c130231eb8071153ab5f056874d8f70430b change-id: 20250218-xsk-0cf90e975d14 Best regards, -- Bastien Curutchet (eBPF Foundation) <bastien.curutchet(a)bootlin.com>

1 week, 2 days

3
16
0 0

[PATCH] selftests/powerpc/pmu/: Add check_extended_reg_test to .gitignore

by Gopi Krishna Menon

Add the check_extended_reg_test binary to .gitignore to avoid accidentally staging the build artifact. Signed-off-by: Gopi Krishna Menon <krishnagopi487(a)gmail.com> --- tools/testing/selftests/powerpc/pmu/sampling_tests/.gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/powerpc/pmu/sampling_tests/.gitignore b/tools/testing/selftests/powerpc/pmu/sampling_tests/.gitignore index f93b4c7c3a8a..ea29228334e8 100644 --- a/tools/testing/selftests/powerpc/pmu/sampling_tests/.gitignore +++ b/tools/testing/selftests/powerpc/pmu/sampling_tests/.gitignore @@ -1,5 +1,6 @@ bhrb_filter_map_test bhrb_no_crash_wo_pmu_test +check_extended_reg_test intr_regs_no_crash_wo_pmu_test mmcr0_cc56run_test mmcr0_exceptionbits_test -- 2.43.0

1 week, 2 days

1
0
0 0

[bpf-next v2 0/5] powerpc64/bpf: Add support for bpf arena and arena atomics

by Saket Kumar Bhaskar

This patch series introduces support for the PROBE_MEM32, bpf_addr_space_cast and PROBE_ATOMIC instructions in the powerpc BPF JIT, facilitating the implementation of BPF arena and arena atomics. The last patch in the series has fix for arena spinlock selftest failure. All selftests related to bpf_arena, bpf_arena_atomic(except load_acquire/store_release) enablement are passing: # ./test_progs -t arena_list #5/1 arena_list/arena_list_1:OK #5/2 arena_list/arena_list_1000:OK #5 arena_list:OK Summary: 1/2 PASSED, 0 SKIPPED, 0 FAILED # ./test_progs -t arena_htab #4/1 arena_htab/arena_htab_llvm:OK #4/2 arena_htab/arena_htab_asm:OK #4 arena_htab:OK Summary: 1/2 PASSED, 0 SKIPPED, 0 FAILED # ./test_progs -t verifier_arena #464/1 verifier_arena/basic_alloc1:OK #464/2 verifier_arena/basic_alloc2:OK #464/3 verifier_arena/basic_alloc3:OK #464/4 verifier_arena/iter_maps1:OK #464/5 verifier_arena/iter_maps2:OK #464/6 verifier_arena/iter_maps3:OK #464 verifier_arena:OK #465/1 verifier_arena_large/big_alloc1:OK #465/2 verifier_arena_large/big_alloc2:OK #465 verifier_arena_large:OK Summary: 2/8 PASSED, 0 SKIPPED, 0 FAILED # ./test_progs -t arena_atomics #3/1 arena_atomics/add:OK #3/2 arena_atomics/sub:OK #3/3 arena_atomics/and:OK #3/4 arena_atomics/or:OK #3/5 arena_atomics/xor:OK #3/6 arena_atomics/cmpxchg:OK #3/7 arena_atomics/xchg:OK #3/8 arena_atomics/uaf:OK #3/9 arena_atomics/load_acquire:SKIP #3/10 arena_atomics/store_release:SKIP #3 arena_atomics:OK (SKIP: 2/10) Summary: 1/8 PASSED, 2 SKIPPED, 0 FAILED All selftests related to arena_spin_lock are passing: # ./test_progs -t arena_spin_lock #6/1 arena_spin_lock/arena_spin_lock_1:OK #6/2 arena_spin_lock/arena_spin_lock_1000:OK #6/3 arena_spin_lock/arena_spin_lock_50000:OK #6 arena_spin_lock:OK Summary: 1/3 PASSED, 0 SKIPPED, 0 FAILED Changes since v1: Addressed comments from Chris: * Squashed introduction of bpf_jit_emit_probe_mem_store() and its usage in one patch. * Defined and used PPC_RAW_RLDICL_DOT to avoid the CMPDI. * Removed conditional statement for fixup[0] = PPC_RAW_LI(dst_reg, 0); * Indicated this change is limited to powerpc64 in subject. Addressed comments from Alexei: * Removed skel->rodata->nr_cpus = get_nprocs() and its usage to get currently online cpus(as it needs to be updated from userspace). Saket Kumar Bhaskar (5): powerpc64/bpf: Implement PROBE_MEM32 pseudo instructions powerpc64/bpf: Implement bpf_addr_space_cast instruction powerpc64/bpf: Introduce bpf_jit_emit_atomic_ops() to emit atomic instructions powerpc64/bpf: Implement PROBE_ATOMIC instructions selftests/bpf: Fix arena_spin_lock selftest failure arch/powerpc/include/asm/ppc-opcode.h | 1 + arch/powerpc/net/bpf_jit.h | 6 +- arch/powerpc/net/bpf_jit_comp.c | 32 +- arch/powerpc/net/bpf_jit_comp32.c | 2 +- arch/powerpc/net/bpf_jit_comp64.c | 401 +++++++++++++----- .../bpf/prog_tests/arena_spin_lock.c | 13 + .../selftests/bpf/progs/arena_spin_lock.c | 5 +- 7 files changed, 347 insertions(+), 113 deletions(-) -- 2.43.5

1 week, 2 days

3
10
0 0

[PATCH v3 0/3] KVM: riscv: selftests: Enable supported test cases

by dayss1224＠gmail.com

From: Dong Yang <dayss1224(a)gmail.com> Add supported KVM test cases and fix the compilation dependencies. --- Changes in v3: - Reorder patches to fix build dependencies - Sort common supported test cases alphabetically - Move ucall_common.h include from common header to specific source files Changes in v2: - Delete some repeat KVM test cases on riscv - Add missing headers to fix the build for new RISC-V KVM selftests Dong Yang (1): KVM: riscv: selftests: Add missing headers for new testcases Quan Zhou (2): KVM: riscv: selftests: Use the existing RISCV_FENCE macro in `rseq-riscv.h` KVM: riscv: selftests: Add common supported test cases tools/testing/selftests/kvm/Makefile.kvm | 6 ++++++ tools/testing/selftests/kvm/access_tracking_perf_test.c | 1 + tools/testing/selftests/kvm/include/riscv/processor.h | 1 + .../selftests/kvm/memslot_modification_stress_test.c | 1 + tools/testing/selftests/kvm/memslot_perf_test.c | 1 + tools/testing/selftests/rseq/rseq-riscv.h | 3 +-- 6 files changed, 11 insertions(+), 2 deletions(-) -- 2.34.1

1 week, 2 days

4
6
0 0

[PATCH net-next] selftest: netcons: create a torture test

by Breno Leitao

Create a netconsole test that puts a lot of pressure on the netconsole list manipulation. Do it by creating dynamic targets and deleting targets while messages are being sent. Also put interface down while the messages are being sent, as creating parallel targets. The code launches three background jobs on distinct schedules: * Toggle netcons target every 30 iterations * create and delete random_target every 50 iterations * toggle iface every 70 iterations This creates multiple concurrency sources that interact with netconsole states. This is good practice to simulate stress, and exercise netpoll and netconsole locks. This test already found an issue as reported in [1] Link: https://lore.kernel.org/all/20250901-netpoll_memleak-v1-1-34a181977dfc@debi… [1] Signed-off-by: Breno Leitao <leitao(a)debian.org> --- tools/testing/selftests/drivers/net/Makefile | 1 + .../selftests/drivers/net/netcons_torture.sh | 133 +++++++++++++++++++++ 2 files changed, 134 insertions(+) diff --git a/tools/testing/selftests/drivers/net/Makefile b/tools/testing/selftests/drivers/net/Makefile index 984ece05f7f92..2b253b1ff4f38 100644 --- a/tools/testing/selftests/drivers/net/Makefile +++ b/tools/testing/selftests/drivers/net/Makefile @@ -17,6 +17,7 @@ TEST_PROGS := \ netcons_fragmented_msg.sh \ netcons_overflow.sh \ netcons_sysdata.sh \ + netcons_torture.sh \ netpoll_basic.py \ ping.py \ queues.py \ diff --git a/tools/testing/selftests/drivers/net/netcons_torture.sh b/tools/testing/selftests/drivers/net/netcons_torture.sh new file mode 100755 index 0000000000000..d41884c83cab3 --- /dev/null +++ b/tools/testing/selftests/drivers/net/netcons_torture.sh @@ -0,0 +1,133 @@ +#!/usr/bin/env bash +# SPDX-License-Identifier: GPL-2.0 + +# Repeatedly send kernel messages, toggles netconsole targets on and off, +# creates and deletes targets in parallel, and toggles the source interface to +# simulate stress conditions. +# +# This test aims verify the robustness of netconsole under dynamic +# configurations and concurrent operations. +# +# The major goal is to run this test with LOCKDEP, Kmemleak and KASAN to make +# sure no issues is reported. +# +# Author: Breno Leitao <leitao(a)debian.org> + +set -euo pipefail + +SCRIPTDIR=$(dirname "$(readlink -e "${BASH_SOURCE[0]}")") + +source "${SCRIPTDIR}"/lib/sh/lib_netcons.sh + +# Number of times the main loop run +ITERATIONS=${1:-1000} + +# Only test extended format +FORMAT="extended" +# And ipv6 only +IP_VERSION="ipv6" + +# Create, enable and delete some targets. +create_and_delete_random_target() { + COUNT=1 + RND_PREFIX=$(mktemp -u netcons_rnd_XXXX_) + + if [ -d "${NETCONS_CONFIGFS}/${RND_PREFIX}${COUNT}" ] || \ + [ -d "${NETCONS_CONFIGFS}/${RND_PREFIX}0" ]; then + echo "Function didn't finish yet, skipping it." >&2 + return + fi + + # enable COUNT targets + for i in $(seq 0 ${COUNT}) + do + RND_TARGET="${RND_PREFIX}"${i} + RND_TARGET_PATH="${NETCONS_CONFIGFS}"/"${RND_TARGET}" + + # Basic population so the target can come up + mkdir "${RND_TARGET_PATH}" + echo "${DSTIP}" > "${RND_TARGET_PATH}"/remote_ip + echo "${SRCIP}" > "${RND_TARGET_PATH}"/local_ip + echo "${DSTMAC}" > "${RND_TARGET_PATH}"/remote_mac + echo "${SRCIF}" > "${RND_TARGET_PATH}"/dev_name + + echo 1 > "${RND_TARGET_PATH}"/enabled + done + + echo "netconsole selftest: ${COUNT} additional target was created" > /dev/kmsg + # disable them all + for i in $(seq 0 ${COUNT}) + do + RND_TARGET="${RND_PREFIX}"${i} + RND_TARGET_PATH="${NETCONS_CONFIGFS}"/"${RND_TARGET}" + echo 0 > "${RND_TARGET_PATH}"/enabled + rmdir "${RND_TARGET_PATH}" + done +} + +# Disable and enable the target mid-air, while messages +# are being transmitted. +toggle_netcons_target() { + for i in $(seq 2) + do + if [ ! -d "${NETCONS_PATH}" ] + then + break + fi + echo 0 > "${NETCONS_PATH}"/enabled 2> /dev/null || true + # Try to enable a bit harder, given it might fail to enable + # Write to `enabled` might fail depending on the lock, which is + # highly contentious here + for _ in $(seq 5) + do + echo 1 > "${NETCONS_PATH}"/enabled 2> /dev/null || true + done + done +} + +toggle_iface(){ + ip link set "${SRCIF}" down + ip link set "${SRCIF}" up +} + +# Start here + +modprobe netdevsim 2> /dev/null || true +modprobe netconsole 2> /dev/null || true + +# Check for basic system dependency and exit if not found +check_for_dependencies +# Set current loglevel to KERN_INFO(6), and default to KERN_NOTICE(5) +echo "6 5" > /proc/sys/kernel/printk +# Remove the namespace, interfaces and netconsole target on exit +trap cleanup EXIT +# Create one namespace and two interfaces +set_network "${IP_VERSION}" +# Create a dynamic target for netconsole +create_dynamic_target "${FORMAT}" + +for i in $(seq "$ITERATIONS") +do + for _ in $(seq 10) + do + echo "${MSG}: ${TARGET} ${i}" > /dev/kmsg + wait + done + + if (( i % 30 == 0 )); then + toggle_netcons_target & + fi + + if (( i % 50 == 0 )); then + # create some targets, enable them, send msg and disable + # all in a parallel thread + create_and_delete_random_target & + fi + + if (( i % 70 == 0 )); then + toggle_iface & + fi +done +wait + +exit "${ksft_pass}" --- base-commit: 2fd4161d0d2547650d9559d57fc67b4e0a26a9e3 change-id: 20250902-netconsole_torture-8fc23f0aca99 Best regards, -- Breno Leitao <leitao(a)debian.org>

1 week, 3 days

2
2
0 0

[PATCH 0/8] riscv: add initial support for hardware breakpoints

by Jesse Taube

This patchset adds initial support for hardware breakpoints and watchpoints to the RISC-V architecture. The framework is built on top of perf subsystem and SBI debug trigger extension. Currently following features are not supported and are in works: - icount for single stepping - Virtualization of debug triggers - kernel space debug triggers The SBI debug trigger extension can be found at: https://github.com/riscv-non-isa/riscv-sbi-doc/blob/master/src/ext-debug-tr… The Sdtrig ISA is part of RISC-V debug specification which can be found at: https://github.com/riscv/riscv-debug-spec based off the original RFC by Himanshu Chauhan here: https://lore.kernel.org/lkml/20240222125059.13331-1-hchauhan@ventanamicro.c… Second RFC by Jesse Taube here: https://lore.kernel.org/lkml/20250722173829.984082-1-jesse@rivosinc.com/ Himanshu Chauhan (2): riscv: Add SBI debug trigger extension and function ids riscv: Introduce support for hardware break/watchpoints Jesse Taube (6): riscv: Add insn.c, consolidate instruction decoding riscv: insn: Add get_insn_nofault riscv: hw_breakpoint: Use icount for single stepping riscv: ptrace: Add hw breakpoint support riscv: ptrace: Add hw breakpoint regset selftests: riscv: Add test for hardware breakpoints arch/riscv/Kconfig | 2 + arch/riscv/include/asm/bug.h | 12 - arch/riscv/include/asm/hw_breakpoint.h | 59 ++ arch/riscv/include/asm/insn.h | 132 ++- arch/riscv/include/asm/kdebug.h | 3 +- arch/riscv/include/asm/processor.h | 4 + arch/riscv/include/asm/sbi.h | 33 +- arch/riscv/include/uapi/asm/ptrace.h | 9 + arch/riscv/kernel/Makefile | 2 + arch/riscv/kernel/hw_breakpoint.c | 763 ++++++++++++++++++ arch/riscv/kernel/insn.c | 165 ++++ arch/riscv/kernel/kgdb.c | 102 +-- arch/riscv/kernel/probes/kprobes.c | 1 + arch/riscv/kernel/process.c | 4 + arch/riscv/kernel/ptrace.c | 169 ++++ arch/riscv/kernel/traps.c | 11 +- arch/riscv/kernel/traps_misaligned.c | 93 +-- include/uapi/linux/elf.h | 2 + tools/include/uapi/linux/elf.h | 1 + tools/perf/tests/tests.h | 3 +- tools/testing/selftests/riscv/Makefile | 2 +- .../selftests/riscv/breakpoints/.gitignore | 1 + .../selftests/riscv/breakpoints/Makefile | 13 + .../riscv/breakpoints/breakpoint_test.c | 246 ++++++ 24 files changed, 1641 insertions(+), 191 deletions(-) create mode 100644 arch/riscv/include/asm/hw_breakpoint.h create mode 100644 arch/riscv/kernel/hw_breakpoint.c create mode 100644 arch/riscv/kernel/insn.c create mode 100644 tools/testing/selftests/riscv/breakpoints/.gitignore create mode 100644 tools/testing/selftests/riscv/breakpoints/Makefile create mode 100644 tools/testing/selftests/riscv/breakpoints/breakpoint_test.c -- 2.43.0

1 week, 3 days

5
14
0 0

[PATCH v9 00/19] TDX KVM selftests

by Sagi Shahar

This is v9 of the TDX selftests. Thanks everyone for the thorough review on v8 [1]. I tried addressing all the comments. I'm terribly sorry if I missed something. The original v8 series [1] was split to make reviewing the test framework changes easier. This series includes the original patches up to the TDX lifecycle test which is the first TDX selftest in the series. This series is based on v6.17-rc2 Changes from v8: - Rebased on top of v6.17-rc2 - Drop several patches which are no longer needed now that TDX support is integrated into the common flow. - Split several patches to make reviewing easier. - Massive refactor compared to v8 to pull TDX special handling into __vm_create() and vm_vcpu_add() instead of creating separate functions for TDX. - Use kbuild to expose values from c to assembly code. - Move setup of the reset vectors to c code as suggested by Sean. - Drop redundant cpuid masking functions which are no longer necessary. - Initialize TDX protected pages one at a time instead of allocating large chinks of memory. - Add UCALL support for TDX to align with the rest of the selftests. - Minor fixes to kselftest_harness.h and virt_map() that were identified as part of this work. [1] https://lore.kernel.org/lkml/20250807201628.1185915-1-sagis@google.com/ Ackerley Tng (2): KVM: selftests: Add helpers to init TDX memory and finalize VM KVM: selftests: Add ucall support for TDX Erdem Aktas (2): KVM: selftests: Add TDX boot code KVM: selftests: Add support for TDX TDCALL from guest Isaku Yamahata (2): KVM: selftests: Update kvm_init_vm_address_properties() for TDX KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to validate TDs' attribute configuration Sagi Shahar (13): KVM: selftests: Include overflow.h instead of redefining is_signed_type() KVM: selftests: Allocate pgd in virt_map() as necessary KVM: selftests: Expose functions to get default sregs values KVM: selftests: Expose function to allocate guest vCPU stack KVM: selftests: Expose segment definitons to assembly files KVM: selftests: Add kbuild definitons KVM: selftests: Define structs to pass parameters to TDX boot code KVM: selftests: Set up TDX boot code region KVM: selftests: Set up TDX boot parameters region KVM: selftests: Add helper to initialize TDX VM KVM: selftests: Hook TDX support to vm and vcpu creation KVM: selftests: Add wrapper for TDX MMIO from guest KVM: selftests: Add TDX lifecycle test tools/include/linux/kbuild.h | 18 + tools/testing/selftests/kselftest_harness.h | 3 +- tools/testing/selftests/kvm/Makefile.kvm | 32 ++ .../selftests/kvm/include/x86/processor.h | 8 + .../selftests/kvm/include/x86/processor_asm.h | 12 + .../selftests/kvm/include/x86/tdx/td_boot.h | 81 ++++ .../kvm/include/x86/tdx/td_boot_asm.h | 16 + .../selftests/kvm/include/x86/tdx/tdcall.h | 34 ++ .../selftests/kvm/include/x86/tdx/tdx.h | 14 + .../selftests/kvm/include/x86/tdx/tdx_util.h | 86 ++++ .../testing/selftests/kvm/include/x86/ucall.h | 4 +- tools/testing/selftests/kvm/lib/kvm_util.c | 25 +- .../testing/selftests/kvm/lib/x86/processor.c | 122 ++++-- .../selftests/kvm/lib/x86/tdx/td_boot.S | 60 +++ .../kvm/lib/x86/tdx/td_boot_offsets.c | 21 + .../selftests/kvm/lib/x86/tdx/tdcall.S | 93 +++++ .../kvm/lib/x86/tdx/tdcall_offsets.c | 16 + tools/testing/selftests/kvm/lib/x86/tdx/tdx.c | 22 + .../selftests/kvm/lib/x86/tdx/tdx_util.c | 391 ++++++++++++++++++ tools/testing/selftests/kvm/lib/x86/ucall.c | 45 +- tools/testing/selftests/kvm/x86/tdx_vm_test.c | 31 ++ 21 files changed, 1095 insertions(+), 39 deletions(-) create mode 100644 tools/include/linux/kbuild.h create mode 100644 tools/testing/selftests/kvm/include/x86/processor_asm.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdcall.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx.h create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c create mode 100644 tools/testing/selftests/kvm/x86/tdx_vm_test.c -- 2.51.0.rc1.193.gad69d77794-goog

1 week, 3 days

6
62
0 0

[PATCH net-next] selftests: net: Add tests to verify team driver option set and get.

by Marc Harvey

There are currently no kernel tests that verify setting and getting options of the team driver. In the future, options may be added that implicitly change other options, which will make it useful to have tests like these that show nothing breaks. There will be a follow up patch to this that adds new "rx_enabled" and "tx_enabled" options, which will implicitly affect the "enabled" option value and vice versa. The tests use teamnl to first set options to specific values and then gets them to compare to the set values. Signed-off-by: Marc Harvey <marcharvey(a)google.com> --- .../selftests/drivers/net/team/Makefile | 6 +- .../selftests/drivers/net/team/options.sh | 194 ++++++++++++++++++ 2 files changed, 198 insertions(+), 2 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/team/options.sh diff --git a/tools/testing/selftests/drivers/net/team/Makefile b/tools/testing/selftests/drivers/net/team/Makefile index eaf6938f100e..8b00b70ce67f 100644 --- a/tools/testing/selftests/drivers/net/team/Makefile +++ b/tools/testing/selftests/drivers/net/team/Makefile @@ -1,11 +1,13 @@ # SPDX-License-Identifier: GPL-2.0 # Makefile for net selftests -TEST_PROGS := dev_addr_lists.sh propagation.sh +TEST_PROGS := dev_addr_lists.sh propagation.sh options.sh TEST_INCLUDES := \ ../bonding/lag_lib.sh \ ../../../net/forwarding/lib.sh \ - ../../../net/lib.sh + ../../../net/lib.sh \ + ../../../net/in_netns.sh \ + ../../../net/lib/sh/defer.sh \ include ../../../lib.mk diff --git a/tools/testing/selftests/drivers/net/team/options.sh b/tools/testing/selftests/drivers/net/team/options.sh new file mode 100755 index 000000000000..b9c7aa357ad5 --- /dev/null +++ b/tools/testing/selftests/drivers/net/team/options.sh @@ -0,0 +1,194 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +# These tests verify basic set and get functionality of the team +# driver options over netlink. + +# Run in private netns. +test_dir="$(dirname "$0")" +if [[ $# -eq 0 ]]; then + "${test_dir}"/../../../net/in_netns.sh "$0" __subprocess + exit $? +fi + +ALL_TESTS=" + team_test_options +" + +source "${test_dir}/../../../net/lib.sh" + +TEAM_PORT="team0" +MEMBER_PORT="dummy0" + +setup() +{ + ip link add name "${MEMBER_PORT}" type dummy + ip link add name "${TEAM_PORT}" type team +} + +get_and_check_value() +{ + local option_name="$1" + local expected_value="$2" + local port_flag="$3" + + local value_from_get + + value_from_get=$(teamnl "${TEAM_PORT}" getoption "${option_name}" \ + "${port_flag}") + if [[ $? != 0 ]]; then + echo "Could not get option '${option_name}'" >&2 + return 1 + fi + + if [[ "${value_from_get}" != "${expected_value}" ]]; then + echo "Incorrect value for option '${option_name}'" >&2 + echo "get (${value_from_get}) != set (${expected_value})" >&2 + return 1 + fi +} + +set_and_check_get() +{ + local option_name="$1" + local option_value="$2" + local port_flag="$3" + + local value_from_get + + teamnl "${TEAM_PORT}" setoption "${option_name}" "${option_value}" \ + "${port_flag}" + if [[ $? != 0 ]]; then + echo "'setoption ${option_name} ${option_value}' failed" >&2 + return 1 + fi + + get_and_check_value "${option_name}" "${option_value}" "${port_flag}" + return $? +} + +# Get a "port flag" to pass to the `teamnl` command. +# E.g. $?="dummy0" -> "port=dummy0", +# $?="" -> "" +get_port_flag() +{ + local port_name="$1" + + if [[ -n "${port_name}" ]]; then + echo "--port=${port_name}" + fi +} + +attach_port_if_specified() +{ + local port_name="${1}" + + if [[ -n "${port_name}" ]]; then + ip link set dev "${port_name}" master "${TEAM_PORT}" + return $? + fi +} + +detach_port_if_specified() +{ + local port_name="${1}" + + if [[ -n "${port_name}" ]]; then + ip link set dev "${port_name}" nomaster + return $? + fi +} + +####################################### +# Test that an option's get value matches its set value. +# Globals: +# RET - Used by testing infra like `check_err`. +# EXIT_STATUS - Used by `log_test` to whole script exit value. +# Arguments: +# option_name - The name of the option. +# value_1 - The first value to try setting. +# value_2 - The second value to try setting. +# port_name - The (optional) name of the attached port. +####################################### +team_test_option() +{ + local option_name="$1" + local value_1="$2" + local value_2="$3" + local possible_values="$2 $3 $2" + local port_name="$4" + local port_flag + + RET=0 + + echo "Setting '${option_name}' to '${value_1}' and '${value_2}'" + + attach_port_if_specified "${port_name}" + check_err $? "Couldn't attach ${port_name} to master" + port_flag=$(get_port_flag "${port_name}") + + # Set and get both possible values. + for value in ${possible_values}; do + set_and_check_get "${option_name}" "${value}" "${port_flag}" + check_err $? "Failed to set '${option_name}' to '${value}'" + done + + detach_port_if_specified "${port_name}" + check_err $? "Couldn't detach ${port_name} from its master" + + log_test "Set + Get '${option_name}' test" +} + +####################################### +# Test that getting a non-existant option fails. +# Globals: +# RET - Used by testing infra like `check_err`. +# EXIT_STATUS - Used by `log_test` to whole script exit value. +# Arguments: +# option_name - The name of the option. +# port_name - The (optional) name of the attached port. +####################################### +team_test_get_option_fails() +{ + local option_name="$1" + local port_name="$2" + local port_flag + + RET=0 + + attach_port_if_specified "${port_name}" + check_err $? "Couldn't attach ${port_name} to master" + port_flag=$(get_port_flag "${port_name}") + + # Just confirm that getting the value fails. + teamnl "${TEAM_PORT}" getoption "${option_name}" "${port_flag}" + check_fail $? "Shouldn't be able to get option '${option_name}'" + + detach_port_if_specified "${port_name}" + + log_test "Get '${option_name}' fails" +} + +team_test_options() +{ + # Wrong option name behavior. + team_test_get_option_fails fake_option1 + team_test_get_option_fails fake_option2 "${MEMBER_PORT}" + + # Correct set and get behavior. + team_test_option mode activebackup loadbalance + team_test_option notify_peers_count 0 5 + team_test_option notify_peers_interval 0 5 + team_test_option mcast_rejoin_count 0 5 + team_test_option mcast_rejoin_interval 0 5 + team_test_option enabled true false "${MEMBER_PORT}" + team_test_option user_linkup true false "${MEMBER_PORT}" + team_test_option user_linkup_enabled true false "${MEMBER_PORT}" + team_test_option priority 10 20 "${MEMBER_PORT}" + team_test_option queue_id 0 1 "${MEMBER_PORT}" +} + +require_command teamnl +setup +tests_run +exit "${EXIT_STATUS}" -- 2.51.0.355.g5224444f11-goog

1 week, 3 days

3
4
0 0

[PATCH bpf-next v3 0/3] selftests/bpf: benchmark all symbols for kprobe-multi

by Menglong Dong

Add the benchmark testcase "kprobe-multi-all", which will hook all the kernel functions during the testing. This series is separated out from [1]. Changes since V2: * add some comment to attach_ksyms_all, which notes that don't run the testing on a debug kernel Changes since V1: * introduce trace_blacklist instead of copy-pasting strcmp in the 2nd patch * use fprintf() instead of printf() in 3rd patch Link: https://lore.kernel.org/bpf/20250817024607.296117-1-dongml2@chinatelecom.cn/ [1] Menglong Dong (3): selftests/bpf: move get_ksyms and get_addrs to trace_helpers.c selftests/bpf: skip recursive functions for kprobe_multi selftests/bpf: add benchmark testing for kprobe-multi-all tools/testing/selftests/bpf/bench.c | 4 + .../selftests/bpf/benchs/bench_trigger.c | 61 +++++ .../selftests/bpf/benchs/run_bench_trigger.sh | 4 +- .../bpf/prog_tests/kprobe_multi_test.c | 220 +--------------- .../selftests/bpf/progs/trigger_bench.c | 12 + tools/testing/selftests/bpf/trace_helpers.c | 234 ++++++++++++++++++ tools/testing/selftests/bpf/trace_helpers.h | 3 + 7 files changed, 319 insertions(+), 219 deletions(-) -- 2.51.0

1 week, 3 days

3
5
0 0

[PATCH] selftests/bpf: Upon failures, exit with code 1 in test_xsk.sh

by Ricardo B. Marlière

Currently, even if some subtests fails, the end result will still yield "ok 1 selftests: bpf: test_xsk.sh". Fix it by exiting with 1 if there are any failures. Signed-off-by: Ricardo B. Marlière <rbm(a)suse.com> --- tools/testing/selftests/bpf/test_xsk.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/testing/selftests/bpf/test_xsk.sh b/tools/testing/selftests/bpf/test_xsk.sh index 65aafe0003db054e9dfd156092fed53b07be06a0..62db060298a4a3b4391ee4cfa50557cf4a62d3d5 100755 --- a/tools/testing/selftests/bpf/test_xsk.sh +++ b/tools/testing/selftests/bpf/test_xsk.sh @@ -241,4 +241,6 @@ done if [ $failures -eq 0 ]; then echo "All tests successful!" +else + exit 1 fi --- base-commit: 5b6d6fe1ca7b712c74f78426bb23c465fd34b322 change-id: 20250828-selftests-bpf-test_xsk_ret-1eb27dbac071 Best regards, -- Ricardo B. Marlière <rbm(a)suse.com>

1 week, 3 days

3
2
0 0

[PATCH] selftests/bpf: Fix count write in testapp_xdp_metadata_copy()

by Ricardo B. Marlière

Commit 4b302092553c ("selftests/xsk: Add tail adjustment tests and support check") added a new global to xsk_xdp_progs.c, but left out the access in the testapp_xdp_metadata_copy() function. Since bpf_map_update_elem() will write to the whole bss section, it gets truncated. Fix by writing to skel_rx->bss->count directly. Fixes: 4b302092553c ("selftests/xsk: Add tail adjustment tests and support check") Signed-off-by: Ricardo B. Marlière <rbm(a)suse.com> --- tools/testing/selftests/bpf/xskxceiver.c | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/tools/testing/selftests/bpf/xskxceiver.c b/tools/testing/selftests/bpf/xskxceiver.c index a29de0713f19f05ef49a52e3824bb58a30565e87..352adc8df2d1cd777c823c5a89f1720ee043f342 100644 --- a/tools/testing/selftests/bpf/xskxceiver.c +++ b/tools/testing/selftests/bpf/xskxceiver.c @@ -2276,25 +2276,13 @@ static int testapp_xdp_metadata_copy(struct test_spec *test) { struct xsk_xdp_progs *skel_rx = test->ifobj_rx->xdp_progs; struct xsk_xdp_progs *skel_tx = test->ifobj_tx->xdp_progs; - struct bpf_map *data_map; - int count = 0; - int key = 0; test_spec_set_xdp_prog(test, skel_rx->progs.xsk_xdp_populate_metadata, skel_tx->progs.xsk_xdp_populate_metadata, skel_rx->maps.xsk, skel_tx->maps.xsk); test->ifobj_rx->use_metadata = true; - data_map = bpf_object__find_map_by_name(skel_rx->obj, "xsk_xdp_.bss"); - if (!data_map || !bpf_map__is_internal(data_map)) { - ksft_print_msg("Error: could not find bss section of XDP program\n"); - return TEST_FAILURE; - } - - if (bpf_map_update_elem(bpf_map__fd(data_map), &key, &count, BPF_ANY)) { - ksft_print_msg("Error: could not update count element\n"); - return TEST_FAILURE; - } + skel_rx->bss->count = 0; return testapp_validate_traffic(test); } --- base-commit: 5b6d6fe1ca7b712c74f78426bb23c465fd34b322 change-id: 20250829-selftests-bpf-xsk_regression_fix-674d292e4d2a Best regards, -- Ricardo B. Marlière <rbm(a)suse.com>

1 week, 3 days

2
1
0 0

[PATCH net-next v2 0/4] mptcp: misc. features for v6.18

by Matthieu Baerts (NGI0)

This series contains 4 independent new features: - Patch 1: use HMAC-SHA256 library instead of open-coded HMAC. - Patch 2: selftests: check for unexpected fallback counter increments. - Patches 3-4: record subflows in RPS table, for aRFS support. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Changes in v2: - Drop previous patches 2 ("mptcp: make ADD_ADDR retransmission timeout adaptive") + 3 ("selftests: mptcp: remove add_addr_timeout settings"): They were introducing instabilities in the selftests. - Rebased. Other patches have not been modified. - Link to v1: https://lore.kernel.org/r/20250901-net-next-mptcp-misc-feat-6-18-v1-0-80ae8… --- Christoph Paasch (2): net: Add rfs_needed() helper mptcp: record subflows in RPS table Eric Biggers (1): mptcp: use HMAC-SHA256 library instead of open-coded HMAC Gang Yan (1): selftests: mptcp: add checks for fallback counters include/net/rps.h | 85 ++++++++++------ net/mptcp/crypto.c | 35 +------ net/mptcp/protocol.c | 21 ++++ tools/testing/selftests/net/mptcp/mptcp_join.sh | 123 ++++++++++++++++++++++++ 4 files changed, 202 insertions(+), 62 deletions(-) --- base-commit: cd8a4cfa6bb43a441901e82f5c222dddc75a18a3 change-id: 20250829-net-next-mptcp-misc-feat-6-18-722fa87a60f1 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 week, 3 days

2
5
0 0

[PATCH RESEND v4] selftests/tty: add TIOCSTI test suite

by Abhinav Saxena

TIOCSTI is a TTY ioctl command that allows inserting characters into the terminal input queue, making it appear as if the user typed those characters. This functionality has behavior that varies based on system configuration and process credentials. The dev.tty.legacy_tiocsti sysctl introduced in commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") controls TIOCSTI usage. When disabled, TIOCSTI requires CAP_SYS_ADMIN capability. The current implementation checks the current process's credentials via capable(CAP_SYS_ADMIN), but does not validate against the file opener's credentials stored in file->f_cred. This creates different behavior when file descriptors are passed between processes via SCM_RIGHTS. Add a test suite with 16 test variants using fixture variants to verify TIOCSTI behavior when dev.tty.legacy_tiocsti is enabled/disabled: - Basic TIOCSTI tests (8 variants): Direct testing with different capability and controlling terminal combinations - FD passing tests (8 variants): Test behavior when file descriptors are passed between processes with different capabilities The FD passing tests document this behavior - some tests show different results than expected based on file opener credentials, demonstrating that TIOCSTI uses current process credentials rather than file opener credentials. The tests validate proper enforcement of the legacy_tiocsti sysctl. Test implementation uses openpty(3) with TIOCSCTTY for isolated PTY environments. See tty_ioctl(4) for details on TIOCSTI behavior and security requirements. Signed-off-by: Abhinav Saxena <xandfury(a)gmail.com> --- RESEND: add TTY/serial maintainers and linux-serial CCs. No code changes. - Link to orignal v4: https://lore.kernel.org/r/20250902-toicsti-bug-v4-1-e5c960e0b3d6@gmail.com Changes in v4: - Moved skip conditions and sysctl setup from TEST_F to FIXTURE_SETUP (Kees Cook) - Fixed fclose() error handling in set_legacy_tiocsti_setting (Kees Cook) - Extracted run_basic_tiocsti_test() and run_fdpass_tiocsti_test functions (Kees Cook) - Removed redundant sysctl restore logic from TEST_F (Kees Cook) - Simplified FIXTURE_TEARDOWN (Kees Cook) - Replace drop_to_nobody() to drop_all_privs() which should be more portable (Justin Stitt) - Link to v3: https://lore.kernel.org/r/20250730-toicsti-bug-v3-1-dd2dac97f27a@gmail.com Add selftests for TIOCSTI ioctl To run all tests: $ sudo ./tools/testing/selftests/tty/tty_tiocsti_test Test Results: - PASSED: 13/16 tests - Different behavior: 3/16 tests (documenting credential checking behavior) All tests validated using: - scripts/checkpatch.pl --strict (clean output) - Functional testing on kernel v6.16-rc2 Changes in v3: - Replaced all printf() calls with TH_LOG() for proper test logging (Kees Cook) - Added struct __test_metadata parameter to helper functions - Moved common legacy_tiocsti availability check to FIXTURE_SETUP() - Implemented sysctl modification/restoration in FIXTURE_SETUP/TEARDOWN - Used openpty() with TIOCSCTTY for reliable PTY testing environment - Fixed child/parent synchronization in FD passing tests - Replaced manual _exit(1) handling with proper ASSERT statements - Switched // comments to /* */ format throughout - Expanded to 16 test variants using fixture variants - Enhanced error handling and test reliability - Link to v2: https://lore.kernel.org/r/20250713-toicsti-bug-v2-1-b183787eea29@gmail.com - Link to v1: https://lore.kernel.org/r/20250622-toicsti-bug-v1-0-f374373b04b2@gmail.com References: - tty_ioctl(4) - documents TIOCSTI ioctl and capability requirements - openpty(3) - pseudo-terminal creation and management - commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") - Documentation/security/credentials.rst - https://github.com/KSPP/linux/issues/156 - https://lore.kernel.org/linux-hardening/Y0m9l52AKmw6Yxi1@hostpad/ - drivers/tty/Kconfig - Documentation/driver-api/tty/ --- tools/testing/selftests/tty/Makefile | 6 +- tools/testing/selftests/tty/config | 1 + tools/testing/selftests/tty/tty_tiocsti_test.c | 650 +++++++++++++++++++++++++ 3 files changed, 656 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tty/Makefile b/tools/testing/selftests/tty/Makefile index 50d7027b2ae3fb495dd1c0684363fa8f426be42c..7f6fbe5a0cd5663310e334d9d068b21dab9136ec 100644 --- a/tools/testing/selftests/tty/Makefile +++ b/tools/testing/selftests/tty/Makefile @@ -1,5 +1,9 @@ # SPDX-License-Identifier: GPL-2.0 CFLAGS = -O2 -Wall -TEST_GEN_PROGS := tty_tstamp_update +TEST_GEN_PROGS := tty_tstamp_update tty_tiocsti_test +LDLIBS += -lcap include ../lib.mk + +# Add libcap for TIOCSTI test +$(OUTPUT)/tty_tiocsti_test: LDLIBS += -lcap diff --git a/tools/testing/selftests/tty/config b/tools/testing/selftests/tty/config new file mode 100644 index 0000000000000000000000000000000000000000..c6373aba66366c82435bb26c019eb360eb6310eb --- /dev/null +++ b/tools/testing/selftests/tty/config @@ -0,0 +1 @@ +CONFIG_LEGACY_TIOCSTI=y diff --git a/tools/testing/selftests/tty/tty_tiocsti_test.c b/tools/testing/selftests/tty/tty_tiocsti_test.c new file mode 100644 index 0000000000000000000000000000000000000000..5e767e6cb3ef8f05c5430eb0fcc792064c446c03 --- /dev/null +++ b/tools/testing/selftests/tty/tty_tiocsti_test.c @@ -0,0 +1,650 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * TTY Tests - TIOCSTI + * + * Copyright © 2025 Abhinav Saxena <xandfury(a)gmail.com> + */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <fcntl.h> +#include <sys/ioctl.h> +#include <errno.h> +#include <stdbool.h> +#include <string.h> +#include <sys/socket.h> +#include <sys/wait.h> +#include <pwd.h> +#include <termios.h> +#include <grp.h> +#include <sys/capability.h> +#include <sys/prctl.h> +#include <pty.h> +#include <utmp.h> + +#include "../kselftest_harness.h" + +enum test_type { + TEST_PTY_TIOCSTI_BASIC, + TEST_PTY_TIOCSTI_FD_PASSING, + /* other tests cases such as serial may be added. */ +}; + +/* + * Test Strategy: + * - Basic tests: Use PTY with/without TIOCSCTTY (controlling terminal for + * current process) + * - FD passing tests: Child creates PTY, parent receives FD (demonstrates + * security issue) + * + * SECURITY VULNERABILITY DEMONSTRATION: + * FD passing tests show that TIOCSTI uses CURRENT process credentials, not + * opener credentials. This means privileged processes can be given FDs from + * unprivileged processes and successfully perform TIOCSTI operations that the + * unprivileged process couldn't do directly. + * + * Attack scenario: + * 1. Unprivileged process opens TTY (direct TIOCSTI fails due to lack of + * privileges) + * 2. Unprivileged process passes FD to privileged process via SCM_RIGHTS + * 3. Privileged process can use TIOCSTI on the FD (succeeds due to its + * privileges) + * 4. Result: Effective privilege escalation via file descriptor passing + * + * This matches the kernel logic in tiocsti(): + * 1. if (!tty_legacy_tiocsti && !capable(CAP_SYS_ADMIN)) return -EIO; + * 2. if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) + * return -EPERM; + * Note: Both checks use capable() on CURRENT process, not FD opener! + * + * If the file credentials were also checked along with the capable() checks + * then the results for FD pass tests would be consistent with the basic tests. + */ + +FIXTURE(tiocsti) +{ + int pty_master_fd; /* PTY - for basic tests */ + int pty_slave_fd; + bool has_pty; + bool initial_cap_sys_admin; + int original_legacy_tiocsti_setting; + bool can_modify_sysctl; +}; + +FIXTURE_VARIANT(tiocsti) +{ + const enum test_type test_type; + const bool controlling_tty; /* true=current->signal->tty == tty */ + const int legacy_tiocsti; /* 0=restricted, 1=permissive */ + const bool requires_cap; /* true=with CAP_SYS_ADMIN, false=without */ + const int expected_success; /* 0=success, -EIO/-EPERM=specific error */ +}; + +/* + * Tests Controlling Terminal Variants (current->signal->tty == tty) + * + * TIOCSTI Test Matrix: + * + * | legacy_tiocsti | CAP_SYS_ADMIN | Expected Result | Error | + * |----------------|---------------|-----------------|-------| + * | 1 (permissive) | true | SUCCESS | - | + * | 1 (permissive) | false | SUCCESS | - | + * | 0 (restricted) | true | SUCCESS | - | + * | 0 (restricted) | false | FAILURE | -EIO | + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, /* FAILURE: legacy restriction */ +}; /* clang-format on */ + +/* + * Note for FD Passing Test Variants + * Since we're testing the scenario where an unprivileged process pass an FD + * to a privileged one, .requires_cap here means the caps of the child process. + * Not the parent; parent would always be privileged. + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; /* clang-format on */ + +/* + * Non-Controlling Terminal Variants (current->signal->tty != tty) + * + * TIOCSTI Test Matrix: + * + * | legacy_tiocsti | CAP_SYS_ADMIN | Expected Result | Error | + * |----------------|---------------|-----------------|-------| + * | 1 (permissive) | true | SUCCESS | - | + * | 1 (permissive) | false | FAILURE | -EPERM| + * | 0 (restricted) | true | SUCCESS | - | + * | 0 (restricted) | false | FAILURE | -EIO | + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = -EPERM, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = -EPERM, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; /* clang-format on */ + +/* Helper function to send FD via SCM_RIGHTS */ +static int send_fd_via_socket(int socket_fd, int fd_to_send) +{ + struct msghdr msg = { 0 }; + struct cmsghdr *cmsg; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + char dummy_data = 'F'; + struct iovec iov = { .iov_base = &dummy_data, .iov_len = 1 }; + + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + msg.msg_control = cmsg_buf; + msg.msg_controllen = sizeof(cmsg_buf); + + cmsg = CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level = SOL_SOCKET; + cmsg->cmsg_type = SCM_RIGHTS; + cmsg->cmsg_len = CMSG_LEN(sizeof(int)); + + memcpy(CMSG_DATA(cmsg), &fd_to_send, sizeof(int)); + + return sendmsg(socket_fd, &msg, 0) < 0 ? -1 : 0; +} + +/* Helper function to receive FD via SCM_RIGHTS */ +static int recv_fd_via_socket(int socket_fd) +{ + struct msghdr msg = { 0 }; + struct cmsghdr *cmsg; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + char dummy_data; + struct iovec iov = { .iov_base = &dummy_data, .iov_len = 1 }; + int received_fd = -1; + + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + msg.msg_control = cmsg_buf; + msg.msg_controllen = sizeof(cmsg_buf); + + if (recvmsg(socket_fd, &msg, 0) < 0) + return -1; + + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if (cmsg->cmsg_level == SOL_SOCKET && + cmsg->cmsg_type == SCM_RIGHTS) { + memcpy(&received_fd, CMSG_DATA(cmsg), sizeof(int)); + break; + } + } + + return received_fd; +} + +static inline bool has_cap_sys_admin(void) +{ + cap_t caps = cap_get_proc(); + + if (!caps) + return false; + + cap_flag_value_t cap_val; + bool has_cap = (cap_get_flag(caps, CAP_SYS_ADMIN, CAP_EFFECTIVE, + &cap_val) == 0) && + (cap_val == CAP_SET); + + cap_free(caps); + return has_cap; +} + +/* + * Switch to non-root user and clear all capabilities + */ +static inline bool drop_all_privs(struct __test_metadata *_metadata) +{ + /* Drop supplementary groups */ + ASSERT_EQ(setgroups(0, NULL), 0); + + /* Switch to non-root user */ + ASSERT_EQ(setgid(1000), 0); + ASSERT_EQ(setuid(1000), 0); + + /* Clear all capabilities */ + cap_t empty = cap_init(); + + ASSERT_NE(empty, NULL); + ASSERT_EQ(cap_set_proc(empty), 0); + cap_free(empty); + + /* Prevent privilege regain */ + ASSERT_EQ(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0), 0); + + /* Verify privilege drop */ + ASSERT_FALSE(has_cap_sys_admin()); + return true; +} + +static inline int get_legacy_tiocsti_setting(struct __test_metadata *_metadata) +{ + FILE *fp; + int value = -1; + + fp = fopen("/proc/sys/dev/tty/legacy_tiocsti", "r"); + if (!fp) { + /* legacy_tiocsti sysctl not available (kernel < 6.2) */ + return -1; + } + + if (fscanf(fp, "%d", &value) == 1 && fclose(fp) == 0) { + if (value < 0 || value > 1) + value = -1; /* Invalid value */ + } else { + value = -1; /* Failed to parse */ + } + + return value; +} + +static inline bool set_legacy_tiocsti_setting(struct __test_metadata *_metadata, + int value) +{ + FILE *fp; + bool success = false; + + /* Sanity-check the value */ + ASSERT_GE(value, 0); + ASSERT_LE(value, 1); + + /* + * Try to open for writing; if we lack permission, return false so + * the test harness will skip variants that need to change it + */ + fp = fopen("/proc/sys/dev/tty/legacy_tiocsti", "w"); + if (!fp) + return false; + + /* Write the new setting */ + if (fprintf(fp, "%d\n", value) > 0 && fclose(fp) == 0) + success = true; + else + TH_LOG("Failed to write legacy_tiocsti: %s", strerror(errno)); + + return success; +} + +/* + * TIOCSTI injection test function + * @tty_fd: TTY slave file descriptor to test TIOCSTI on + * Returns: 0 on success, -errno on failure + */ +static inline int test_tiocsti_injection(struct __test_metadata *_metadata, + int tty_fd) +{ + int ret; + char inject_char = 'V'; + + errno = 0; + ret = ioctl(tty_fd, TIOCSTI, &inject_char); + return ret == 0 ? 0 : -errno; +} + +/* + * Child process: test TIOCSTI directly with capability/controlling + * terminal setup + */ +static void run_basic_tiocsti_test(struct __test_metadata *_metadata, + FIXTURE_DATA(tiocsti) * self, + const FIXTURE_VARIANT(tiocsti) * variant) +{ + /* Handle capability requirements */ + if (self->initial_cap_sys_admin && !variant->requires_cap) + ASSERT_TRUE(drop_all_privs(_metadata)); + + if (variant->controlling_tty) { + /* + * Create new session and set PTY as + * controlling terminal + */ + pid_t sid = setsid(); + + ASSERT_GE(sid, 0); + ASSERT_EQ(ioctl(self->pty_slave_fd, TIOCSCTTY, 0), 0); + } + + /* + * Validate test environment setup and verify final + * capability state matches expectation + * after potential drop. + */ + ASSERT_TRUE(self->has_pty); + ASSERT_EQ(has_cap_sys_admin(), variant->requires_cap); + + /* Test TIOCSTI and validate result */ + int result = test_tiocsti_injection(_metadata, self->pty_slave_fd); + + /* Check against expected result from variant */ + EXPECT_EQ(result, variant->expected_success); + _exit(0); +} + +/* + * Child process: create PTY and then pass FD to parent via SCM_RIGHTS + */ +static void run_fdpass_tiocsti_test(struct __test_metadata *_metadata, + const FIXTURE_VARIANT(tiocsti) * variant, + int sockfd) +{ + signal(SIGHUP, SIG_IGN); + + /* Handle privilege dropping */ + if (!variant->requires_cap && has_cap_sys_admin()) + ASSERT_TRUE(drop_all_privs(_metadata)); + + /* Create child's PTY */ + int child_master_fd, child_slave_fd; + + ASSERT_EQ(openpty(&child_master_fd, &child_slave_fd, NULL, NULL, NULL), + 0); + + if (variant->controlling_tty) { + pid_t sid = setsid(); + + ASSERT_GE(sid, 0); + ASSERT_EQ(ioctl(child_slave_fd, TIOCSCTTY, 0), 0); + } + + /* Test child's direct TIOCSTI for reference */ + int direct_result = test_tiocsti_injection(_metadata, child_slave_fd); + + EXPECT_EQ(direct_result, variant->expected_success); + + /* Send FD to parent */ + ASSERT_EQ(send_fd_via_socket(sockfd, child_slave_fd), 0); + + /* Wait for parent completion signal */ + char sync_byte; + ssize_t bytes_read = read(sockfd, &sync_byte, 1); + + ASSERT_EQ(bytes_read, 1); + + close(child_master_fd); + close(child_slave_fd); + close(sockfd); + _exit(0); +} + +FIXTURE_SETUP(tiocsti) +{ + /* Create PTY pair for basic tests */ + self->has_pty = (openpty(&self->pty_master_fd, &self->pty_slave_fd, + NULL, NULL, NULL) == 0); + if (!self->has_pty) { + self->pty_master_fd = -1; + self->pty_slave_fd = -1; + } + + self->initial_cap_sys_admin = has_cap_sys_admin(); + self->original_legacy_tiocsti_setting = + get_legacy_tiocsti_setting(_metadata); + + if (self->original_legacy_tiocsti_setting < 0) + SKIP(return, + "legacy_tiocsti sysctl not available (kernel < 6.2)"); + + /* Common skip conditions */ + if (variant->test_type == TEST_PTY_TIOCSTI_BASIC && !self->has_pty) + SKIP(return, "PTY not available for controlling terminal test"); + + if (variant->test_type == TEST_PTY_TIOCSTI_FD_PASSING && + !self->initial_cap_sys_admin) + SKIP(return, "FD Pass tests require CAP_SYS_ADMIN"); + + if (variant->requires_cap && !self->initial_cap_sys_admin) + SKIP(return, "Test requires initial CAP_SYS_ADMIN"); + + /* Test if we can modify the sysctl (requires appropriate privileges) */ + self->can_modify_sysctl = set_legacy_tiocsti_setting( + _metadata, self->original_legacy_tiocsti_setting); + + /* Sysctl setup based on variant */ + if (self->can_modify_sysctl && + self->original_legacy_tiocsti_setting != variant->legacy_tiocsti) { + if (!set_legacy_tiocsti_setting(_metadata, + variant->legacy_tiocsti)) + SKIP(return, "Failed to set legacy_tiocsti sysctl"); + + } else if (!self->can_modify_sysctl && + self->original_legacy_tiocsti_setting != + variant->legacy_tiocsti) + SKIP(return, "legacy_tiocsti setting mismatch"); +} + +FIXTURE_TEARDOWN(tiocsti) +{ + /* + * Backup restoration - + * each test should restore its own sysctl changes + */ + if (self->can_modify_sysctl) { + int current_value = get_legacy_tiocsti_setting(_metadata); + + if (current_value != self->original_legacy_tiocsti_setting) { + TH_LOG("Backup: Restoring legacy_tiocsti from %d to %d", + current_value, + self->original_legacy_tiocsti_setting); + set_legacy_tiocsti_setting( + _metadata, + self->original_legacy_tiocsti_setting); + } + } + + if (self->has_pty) { + if (self->pty_master_fd >= 0) + close(self->pty_master_fd); + if (self->pty_slave_fd >= 0) + close(self->pty_slave_fd); + } +} + +TEST_F(tiocsti, test) +{ + int status; + pid_t child_pid; + + if (variant->test_type == TEST_PTY_TIOCSTI_BASIC) { + /* ===== BASIC TIOCSTI TEST ===== */ + child_pid = fork(); + ASSERT_GE(child_pid, 0); + + /* Perform the actual test in the child process */ + if (child_pid == 0) + run_basic_tiocsti_test(_metadata, self, variant); + + } else { + /* ===== FD PASSING SECURITY TEST ===== */ + int sockpair[2]; + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sockpair), 0); + + child_pid = fork(); + ASSERT_GE(child_pid, 0); + + if (child_pid == 0) { + /* Child process - create PTY and send FD */ + close(sockpair[0]); + run_fdpass_tiocsti_test(_metadata, variant, + sockpair[1]); + } + + /* Parent process - receive FD and test TIOCSTI */ + close(sockpair[1]); + + int received_fd = recv_fd_via_socket(sockpair[0]); + + ASSERT_GE(received_fd, 0); + + bool parent_has_cap = self->initial_cap_sys_admin; + + TH_LOG("=== TIOCSTI FD Passing Test Context ==="); + TH_LOG("legacy_tiocsti: %d, Parent CAP_SYS_ADMIN: %s, Child: %s", + variant->legacy_tiocsti, parent_has_cap ? "yes" : "no", + variant->requires_cap ? "kept" : "dropped"); + + /* SECURITY TEST: Try TIOCSTI with FD opened by child */ + int result = test_tiocsti_injection(_metadata, received_fd); + + /* Log security concern if demonstrated */ + if (result == 0 && !variant->requires_cap) { + TH_LOG("*** SECURITY CONCERN DEMONSTRATED ***"); + TH_LOG("Privileged parent can use TIOCSTI on FD from unprivileged child"); + TH_LOG("This shows current process credentials are used, not opener credentials"); + } + + EXPECT_EQ(result, variant->expected_success) + { + TH_LOG("FD passing: expected error %d, got %d", + variant->expected_success, result); + } + + /* Signal child completion */ + char sync_byte = 'D'; + ssize_t bytes_written = write(sockpair[0], &sync_byte, 1); + + ASSERT_EQ(bytes_written, 1); + + close(received_fd); + close(sockpair[0]); + } + + /* Common child process cleanup for both test types */ + ASSERT_EQ(waitpid(child_pid, &status, 0), child_pid); + + if (WIFSIGNALED(status)) { + TH_LOG("Child terminated by signal %d", WTERMSIG(status)); + ASSERT_FALSE(WIFSIGNALED(status)) + { + TH_LOG("Child process failed assertion"); + } + } else { + EXPECT_EQ(WEXITSTATUS(status), 0); + } +} + +TEST_HARNESS_MAIN --- base-commit: e6b9dce0aeeb91dfc0974ab87f02454e24566182 change-id: 20250618-toicsti-bug-7822b8e94a32 Best regards, -- Abhinav Saxena <xandfury(a)gmail.com>

1 week, 3 days

1
0
0 0

[PATCH v4] selftests/tty: add TIOCSTI test suite

by Abhinav Saxena

TIOCSTI is a TTY ioctl command that allows inserting characters into the terminal input queue, making it appear as if the user typed those characters. This functionality has behavior that varies based on system configuration and process credentials. The dev.tty.legacy_tiocsti sysctl introduced in commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") controls TIOCSTI usage. When disabled, TIOCSTI requires CAP_SYS_ADMIN capability. The current implementation checks the current process's credentials via capable(CAP_SYS_ADMIN), but does not validate against the file opener's credentials stored in file->f_cred. This creates different behavior when file descriptors are passed between processes via SCM_RIGHTS. Add a test suite with 16 test variants using fixture variants to verify TIOCSTI behavior when dev.tty.legacy_tiocsti is enabled/disabled: - Basic TIOCSTI tests (8 variants): Direct testing with different capability and controlling terminal combinations - FD passing tests (8 variants): Test behavior when file descriptors are passed between processes with different capabilities The FD passing tests document this behavior - some tests show different results than expected based on file opener credentials, demonstrating that TIOCSTI uses current process credentials rather than file opener credentials. The tests validate proper enforcement of the legacy_tiocsti sysctl. Test implementation uses openpty(3) with TIOCSCTTY for isolated PTY environments. See tty_ioctl(4) for details on TIOCSTI behavior and security requirements. Signed-off-by: Abhinav Saxena <xandfury(a)gmail.com> --- Changes in v4: - Moved skip conditions and sysctl setup from TEST_F to FIXTURE_SETUP (Kees Cook) - Fixed fclose() error handling in set_legacy_tiocsti_setting (Kees Cook) - Extracted run_basic_tiocsti_test() and run_fdpass_tiocsti_test functions (Kees Cook) - Removed redundant sysctl restore logic from TEST_F (Kees Cook) - Simplified FIXTURE_TEARDOWN (Kees Cook) - Replace drop_to_nobody() to drop_all_privs() which should be more portable (Justin Stitt) - Link to v3: https://lore.kernel.org/r/20250730-toicsti-bug-v3-1-dd2dac97f27a@gmail.com Add selftests for TIOCSTI ioctl To run all tests: $ sudo ./tools/testing/selftests/tty/tty_tiocsti_test Test Results: - PASSED: 13/16 tests - Different behavior: 3/16 tests (documenting credential checking behavior) All tests validated using: - scripts/checkpatch.pl --strict (clean output) - Functional testing on kernel v6.16-rc2 Changes in v3: - Replaced all printf() calls with TH_LOG() for proper test logging (Kees Cook) - Added struct __test_metadata parameter to helper functions - Moved common legacy_tiocsti availability check to FIXTURE_SETUP() - Implemented sysctl modification/restoration in FIXTURE_SETUP/TEARDOWN - Used openpty() with TIOCSCTTY for reliable PTY testing environment - Fixed child/parent synchronization in FD passing tests - Replaced manual _exit(1) handling with proper ASSERT statements - Switched // comments to /* */ format throughout - Expanded to 16 test variants using fixture variants - Enhanced error handling and test reliability - Link to v2: https://lore.kernel.org/r/20250713-toicsti-bug-v2-1-b183787eea29@gmail.com - Link to v1: https://lore.kernel.org/r/20250622-toicsti-bug-v1-0-f374373b04b2@gmail.com References: - tty_ioctl(4) - documents TIOCSTI ioctl and capability requirements - openpty(3) - pseudo-terminal creation and management - commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") - Documentation/security/credentials.rst - https://github.com/KSPP/linux/issues/156 - https://lore.kernel.org/linux-hardening/Y0m9l52AKmw6Yxi1@hostpad/ - drivers/tty/Kconfig - Documentation/driver-api/tty/ --- tools/testing/selftests/tty/Makefile | 6 +- tools/testing/selftests/tty/config | 1 + tools/testing/selftests/tty/tty_tiocsti_test.c | 650 +++++++++++++++++++++++++ 3 files changed, 656 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tty/Makefile b/tools/testing/selftests/tty/Makefile index 50d7027b2ae3fb495dd1c0684363fa8f426be42c..7f6fbe5a0cd5663310e334d9d068b21dab9136ec 100644 --- a/tools/testing/selftests/tty/Makefile +++ b/tools/testing/selftests/tty/Makefile @@ -1,5 +1,9 @@ # SPDX-License-Identifier: GPL-2.0 CFLAGS = -O2 -Wall -TEST_GEN_PROGS := tty_tstamp_update +TEST_GEN_PROGS := tty_tstamp_update tty_tiocsti_test +LDLIBS += -lcap include ../lib.mk + +# Add libcap for TIOCSTI test +$(OUTPUT)/tty_tiocsti_test: LDLIBS += -lcap diff --git a/tools/testing/selftests/tty/config b/tools/testing/selftests/tty/config new file mode 100644 index 0000000000000000000000000000000000000000..c6373aba66366c82435bb26c019eb360eb6310eb --- /dev/null +++ b/tools/testing/selftests/tty/config @@ -0,0 +1 @@ +CONFIG_LEGACY_TIOCSTI=y diff --git a/tools/testing/selftests/tty/tty_tiocsti_test.c b/tools/testing/selftests/tty/tty_tiocsti_test.c new file mode 100644 index 0000000000000000000000000000000000000000..5e767e6cb3ef8f05c5430eb0fcc792064c446c03 --- /dev/null +++ b/tools/testing/selftests/tty/tty_tiocsti_test.c @@ -0,0 +1,650 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * TTY Tests - TIOCSTI + * + * Copyright © 2025 Abhinav Saxena <xandfury(a)gmail.com> + */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <fcntl.h> +#include <sys/ioctl.h> +#include <errno.h> +#include <stdbool.h> +#include <string.h> +#include <sys/socket.h> +#include <sys/wait.h> +#include <pwd.h> +#include <termios.h> +#include <grp.h> +#include <sys/capability.h> +#include <sys/prctl.h> +#include <pty.h> +#include <utmp.h> + +#include "../kselftest_harness.h" + +enum test_type { + TEST_PTY_TIOCSTI_BASIC, + TEST_PTY_TIOCSTI_FD_PASSING, + /* other tests cases such as serial may be added. */ +}; + +/* + * Test Strategy: + * - Basic tests: Use PTY with/without TIOCSCTTY (controlling terminal for + * current process) + * - FD passing tests: Child creates PTY, parent receives FD (demonstrates + * security issue) + * + * SECURITY VULNERABILITY DEMONSTRATION: + * FD passing tests show that TIOCSTI uses CURRENT process credentials, not + * opener credentials. This means privileged processes can be given FDs from + * unprivileged processes and successfully perform TIOCSTI operations that the + * unprivileged process couldn't do directly. + * + * Attack scenario: + * 1. Unprivileged process opens TTY (direct TIOCSTI fails due to lack of + * privileges) + * 2. Unprivileged process passes FD to privileged process via SCM_RIGHTS + * 3. Privileged process can use TIOCSTI on the FD (succeeds due to its + * privileges) + * 4. Result: Effective privilege escalation via file descriptor passing + * + * This matches the kernel logic in tiocsti(): + * 1. if (!tty_legacy_tiocsti && !capable(CAP_SYS_ADMIN)) return -EIO; + * 2. if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) + * return -EPERM; + * Note: Both checks use capable() on CURRENT process, not FD opener! + * + * If the file credentials were also checked along with the capable() checks + * then the results for FD pass tests would be consistent with the basic tests. + */ + +FIXTURE(tiocsti) +{ + int pty_master_fd; /* PTY - for basic tests */ + int pty_slave_fd; + bool has_pty; + bool initial_cap_sys_admin; + int original_legacy_tiocsti_setting; + bool can_modify_sysctl; +}; + +FIXTURE_VARIANT(tiocsti) +{ + const enum test_type test_type; + const bool controlling_tty; /* true=current->signal->tty == tty */ + const int legacy_tiocsti; /* 0=restricted, 1=permissive */ + const bool requires_cap; /* true=with CAP_SYS_ADMIN, false=without */ + const int expected_success; /* 0=success, -EIO/-EPERM=specific error */ +}; + +/* + * Tests Controlling Terminal Variants (current->signal->tty == tty) + * + * TIOCSTI Test Matrix: + * + * | legacy_tiocsti | CAP_SYS_ADMIN | Expected Result | Error | + * |----------------|---------------|-----------------|-------| + * | 1 (permissive) | true | SUCCESS | - | + * | 1 (permissive) | false | SUCCESS | - | + * | 0 (restricted) | true | SUCCESS | - | + * | 0 (restricted) | false | FAILURE | -EIO | + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, /* FAILURE: legacy restriction */ +}; /* clang-format on */ + +/* + * Note for FD Passing Test Variants + * Since we're testing the scenario where an unprivileged process pass an FD + * to a privileged one, .requires_cap here means the caps of the child process. + * Not the parent; parent would always be privileged. + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; /* clang-format on */ + +/* + * Non-Controlling Terminal Variants (current->signal->tty != tty) + * + * TIOCSTI Test Matrix: + * + * | legacy_tiocsti | CAP_SYS_ADMIN | Expected Result | Error | + * |----------------|---------------|-----------------|-------| + * | 1 (permissive) | true | SUCCESS | - | + * | 1 (permissive) | false | FAILURE | -EPERM| + * | 0 (restricted) | true | SUCCESS | - | + * | 0 (restricted) | false | FAILURE | -EIO | + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = -EPERM, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = -EPERM, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; /* clang-format on */ + +/* Helper function to send FD via SCM_RIGHTS */ +static int send_fd_via_socket(int socket_fd, int fd_to_send) +{ + struct msghdr msg = { 0 }; + struct cmsghdr *cmsg; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + char dummy_data = 'F'; + struct iovec iov = { .iov_base = &dummy_data, .iov_len = 1 }; + + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + msg.msg_control = cmsg_buf; + msg.msg_controllen = sizeof(cmsg_buf); + + cmsg = CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level = SOL_SOCKET; + cmsg->cmsg_type = SCM_RIGHTS; + cmsg->cmsg_len = CMSG_LEN(sizeof(int)); + + memcpy(CMSG_DATA(cmsg), &fd_to_send, sizeof(int)); + + return sendmsg(socket_fd, &msg, 0) < 0 ? -1 : 0; +} + +/* Helper function to receive FD via SCM_RIGHTS */ +static int recv_fd_via_socket(int socket_fd) +{ + struct msghdr msg = { 0 }; + struct cmsghdr *cmsg; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + char dummy_data; + struct iovec iov = { .iov_base = &dummy_data, .iov_len = 1 }; + int received_fd = -1; + + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + msg.msg_control = cmsg_buf; + msg.msg_controllen = sizeof(cmsg_buf); + + if (recvmsg(socket_fd, &msg, 0) < 0) + return -1; + + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if (cmsg->cmsg_level == SOL_SOCKET && + cmsg->cmsg_type == SCM_RIGHTS) { + memcpy(&received_fd, CMSG_DATA(cmsg), sizeof(int)); + break; + } + } + + return received_fd; +} + +static inline bool has_cap_sys_admin(void) +{ + cap_t caps = cap_get_proc(); + + if (!caps) + return false; + + cap_flag_value_t cap_val; + bool has_cap = (cap_get_flag(caps, CAP_SYS_ADMIN, CAP_EFFECTIVE, + &cap_val) == 0) && + (cap_val == CAP_SET); + + cap_free(caps); + return has_cap; +} + +/* + * Switch to non-root user and clear all capabilities + */ +static inline bool drop_all_privs(struct __test_metadata *_metadata) +{ + /* Drop supplementary groups */ + ASSERT_EQ(setgroups(0, NULL), 0); + + /* Switch to non-root user */ + ASSERT_EQ(setgid(1000), 0); + ASSERT_EQ(setuid(1000), 0); + + /* Clear all capabilities */ + cap_t empty = cap_init(); + + ASSERT_NE(empty, NULL); + ASSERT_EQ(cap_set_proc(empty), 0); + cap_free(empty); + + /* Prevent privilege regain */ + ASSERT_EQ(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0), 0); + + /* Verify privilege drop */ + ASSERT_FALSE(has_cap_sys_admin()); + return true; +} + +static inline int get_legacy_tiocsti_setting(struct __test_metadata *_metadata) +{ + FILE *fp; + int value = -1; + + fp = fopen("/proc/sys/dev/tty/legacy_tiocsti", "r"); + if (!fp) { + /* legacy_tiocsti sysctl not available (kernel < 6.2) */ + return -1; + } + + if (fscanf(fp, "%d", &value) == 1 && fclose(fp) == 0) { + if (value < 0 || value > 1) + value = -1; /* Invalid value */ + } else { + value = -1; /* Failed to parse */ + } + + return value; +} + +static inline bool set_legacy_tiocsti_setting(struct __test_metadata *_metadata, + int value) +{ + FILE *fp; + bool success = false; + + /* Sanity-check the value */ + ASSERT_GE(value, 0); + ASSERT_LE(value, 1); + + /* + * Try to open for writing; if we lack permission, return false so + * the test harness will skip variants that need to change it + */ + fp = fopen("/proc/sys/dev/tty/legacy_tiocsti", "w"); + if (!fp) + return false; + + /* Write the new setting */ + if (fprintf(fp, "%d\n", value) > 0 && fclose(fp) == 0) + success = true; + else + TH_LOG("Failed to write legacy_tiocsti: %s", strerror(errno)); + + return success; +} + +/* + * TIOCSTI injection test function + * @tty_fd: TTY slave file descriptor to test TIOCSTI on + * Returns: 0 on success, -errno on failure + */ +static inline int test_tiocsti_injection(struct __test_metadata *_metadata, + int tty_fd) +{ + int ret; + char inject_char = 'V'; + + errno = 0; + ret = ioctl(tty_fd, TIOCSTI, &inject_char); + return ret == 0 ? 0 : -errno; +} + +/* + * Child process: test TIOCSTI directly with capability/controlling + * terminal setup + */ +static void run_basic_tiocsti_test(struct __test_metadata *_metadata, + FIXTURE_DATA(tiocsti) * self, + const FIXTURE_VARIANT(tiocsti) * variant) +{ + /* Handle capability requirements */ + if (self->initial_cap_sys_admin && !variant->requires_cap) + ASSERT_TRUE(drop_all_privs(_metadata)); + + if (variant->controlling_tty) { + /* + * Create new session and set PTY as + * controlling terminal + */ + pid_t sid = setsid(); + + ASSERT_GE(sid, 0); + ASSERT_EQ(ioctl(self->pty_slave_fd, TIOCSCTTY, 0), 0); + } + + /* + * Validate test environment setup and verify final + * capability state matches expectation + * after potential drop. + */ + ASSERT_TRUE(self->has_pty); + ASSERT_EQ(has_cap_sys_admin(), variant->requires_cap); + + /* Test TIOCSTI and validate result */ + int result = test_tiocsti_injection(_metadata, self->pty_slave_fd); + + /* Check against expected result from variant */ + EXPECT_EQ(result, variant->expected_success); + _exit(0); +} + +/* + * Child process: create PTY and then pass FD to parent via SCM_RIGHTS + */ +static void run_fdpass_tiocsti_test(struct __test_metadata *_metadata, + const FIXTURE_VARIANT(tiocsti) * variant, + int sockfd) +{ + signal(SIGHUP, SIG_IGN); + + /* Handle privilege dropping */ + if (!variant->requires_cap && has_cap_sys_admin()) + ASSERT_TRUE(drop_all_privs(_metadata)); + + /* Create child's PTY */ + int child_master_fd, child_slave_fd; + + ASSERT_EQ(openpty(&child_master_fd, &child_slave_fd, NULL, NULL, NULL), + 0); + + if (variant->controlling_tty) { + pid_t sid = setsid(); + + ASSERT_GE(sid, 0); + ASSERT_EQ(ioctl(child_slave_fd, TIOCSCTTY, 0), 0); + } + + /* Test child's direct TIOCSTI for reference */ + int direct_result = test_tiocsti_injection(_metadata, child_slave_fd); + + EXPECT_EQ(direct_result, variant->expected_success); + + /* Send FD to parent */ + ASSERT_EQ(send_fd_via_socket(sockfd, child_slave_fd), 0); + + /* Wait for parent completion signal */ + char sync_byte; + ssize_t bytes_read = read(sockfd, &sync_byte, 1); + + ASSERT_EQ(bytes_read, 1); + + close(child_master_fd); + close(child_slave_fd); + close(sockfd); + _exit(0); +} + +FIXTURE_SETUP(tiocsti) +{ + /* Create PTY pair for basic tests */ + self->has_pty = (openpty(&self->pty_master_fd, &self->pty_slave_fd, + NULL, NULL, NULL) == 0); + if (!self->has_pty) { + self->pty_master_fd = -1; + self->pty_slave_fd = -1; + } + + self->initial_cap_sys_admin = has_cap_sys_admin(); + self->original_legacy_tiocsti_setting = + get_legacy_tiocsti_setting(_metadata); + + if (self->original_legacy_tiocsti_setting < 0) + SKIP(return, + "legacy_tiocsti sysctl not available (kernel < 6.2)"); + + /* Common skip conditions */ + if (variant->test_type == TEST_PTY_TIOCSTI_BASIC && !self->has_pty) + SKIP(return, "PTY not available for controlling terminal test"); + + if (variant->test_type == TEST_PTY_TIOCSTI_FD_PASSING && + !self->initial_cap_sys_admin) + SKIP(return, "FD Pass tests require CAP_SYS_ADMIN"); + + if (variant->requires_cap && !self->initial_cap_sys_admin) + SKIP(return, "Test requires initial CAP_SYS_ADMIN"); + + /* Test if we can modify the sysctl (requires appropriate privileges) */ + self->can_modify_sysctl = set_legacy_tiocsti_setting( + _metadata, self->original_legacy_tiocsti_setting); + + /* Sysctl setup based on variant */ + if (self->can_modify_sysctl && + self->original_legacy_tiocsti_setting != variant->legacy_tiocsti) { + if (!set_legacy_tiocsti_setting(_metadata, + variant->legacy_tiocsti)) + SKIP(return, "Failed to set legacy_tiocsti sysctl"); + + } else if (!self->can_modify_sysctl && + self->original_legacy_tiocsti_setting != + variant->legacy_tiocsti) + SKIP(return, "legacy_tiocsti setting mismatch"); +} + +FIXTURE_TEARDOWN(tiocsti) +{ + /* + * Backup restoration - + * each test should restore its own sysctl changes + */ + if (self->can_modify_sysctl) { + int current_value = get_legacy_tiocsti_setting(_metadata); + + if (current_value != self->original_legacy_tiocsti_setting) { + TH_LOG("Backup: Restoring legacy_tiocsti from %d to %d", + current_value, + self->original_legacy_tiocsti_setting); + set_legacy_tiocsti_setting( + _metadata, + self->original_legacy_tiocsti_setting); + } + } + + if (self->has_pty) { + if (self->pty_master_fd >= 0) + close(self->pty_master_fd); + if (self->pty_slave_fd >= 0) + close(self->pty_slave_fd); + } +} + +TEST_F(tiocsti, test) +{ + int status; + pid_t child_pid; + + if (variant->test_type == TEST_PTY_TIOCSTI_BASIC) { + /* ===== BASIC TIOCSTI TEST ===== */ + child_pid = fork(); + ASSERT_GE(child_pid, 0); + + /* Perform the actual test in the child process */ + if (child_pid == 0) + run_basic_tiocsti_test(_metadata, self, variant); + + } else { + /* ===== FD PASSING SECURITY TEST ===== */ + int sockpair[2]; + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sockpair), 0); + + child_pid = fork(); + ASSERT_GE(child_pid, 0); + + if (child_pid == 0) { + /* Child process - create PTY and send FD */ + close(sockpair[0]); + run_fdpass_tiocsti_test(_metadata, variant, + sockpair[1]); + } + + /* Parent process - receive FD and test TIOCSTI */ + close(sockpair[1]); + + int received_fd = recv_fd_via_socket(sockpair[0]); + + ASSERT_GE(received_fd, 0); + + bool parent_has_cap = self->initial_cap_sys_admin; + + TH_LOG("=== TIOCSTI FD Passing Test Context ==="); + TH_LOG("legacy_tiocsti: %d, Parent CAP_SYS_ADMIN: %s, Child: %s", + variant->legacy_tiocsti, parent_has_cap ? "yes" : "no", + variant->requires_cap ? "kept" : "dropped"); + + /* SECURITY TEST: Try TIOCSTI with FD opened by child */ + int result = test_tiocsti_injection(_metadata, received_fd); + + /* Log security concern if demonstrated */ + if (result == 0 && !variant->requires_cap) { + TH_LOG("*** SECURITY CONCERN DEMONSTRATED ***"); + TH_LOG("Privileged parent can use TIOCSTI on FD from unprivileged child"); + TH_LOG("This shows current process credentials are used, not opener credentials"); + } + + EXPECT_EQ(result, variant->expected_success) + { + TH_LOG("FD passing: expected error %d, got %d", + variant->expected_success, result); + } + + /* Signal child completion */ + char sync_byte = 'D'; + ssize_t bytes_written = write(sockpair[0], &sync_byte, 1); + + ASSERT_EQ(bytes_written, 1); + + close(received_fd); + close(sockpair[0]); + } + + /* Common child process cleanup for both test types */ + ASSERT_EQ(waitpid(child_pid, &status, 0), child_pid); + + if (WIFSIGNALED(status)) { + TH_LOG("Child terminated by signal %d", WTERMSIG(status)); + ASSERT_FALSE(WIFSIGNALED(status)) + { + TH_LOG("Child process failed assertion"); + } + } else { + EXPECT_EQ(WEXITSTATUS(status), 0); + } +} + +TEST_HARNESS_MAIN --- base-commit: e6b9dce0aeeb91dfc0974ab87f02454e24566182 change-id: 20250618-toicsti-bug-7822b8e94a32 Best regards, -- Abhinav Saxena <xandfury(a)gmail.com>

1 week, 3 days

2
2
0 0

[PATCH v2 0/2] selftests/mm: split_huge_page_test: split_pte_mapped_thp improvements

by David Hildenbrand

One fix for occasional failures I found while testing and a bunch of cleanups that should make that test easier to digest. Tested on x86-64, the test seems to reliably pass. Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Cc: Nico Pache <npache(a)redhat.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Dev Jain <dev.jain(a)arm.com> Cc: Barry Song <baohua(a)kernel.org> Cc: Wei Yang <richard.weiyang(a)gmail.com> -- Mostly a resend, because I accidentally disabled "ccover = true" in my git config so people were only CCed on the cover letter. v1 -> v2: * "selftests/mm: split_huge_page_test: fix occasional is_backed_by_folio() wrong results" -> Fixup missing ")" in patch description David Hildenbrand (2): selftests/mm: split_huge_page_test: fix occasional is_backed_by_folio() wrong results selftests/mm: split_huge_page_test: cleanups for split_pte_mapped_thp test .../selftests/mm/split_huge_page_test.c | 138 ++++++++++-------- 1 file changed, 81 insertions(+), 57 deletions(-) base-commit: ef42a39c44ef6da64ae3495d27e28dd6fca62a51 -- 2.50.1

1 week, 4 days

1
2
0 0

[PATCH v6 12/24] tracing: selftests: Add trace remote tests

by Vincent Donnefort

Exercise the tracefs interface for trace remote with a set of tests to check: * loading/unloading (unloading.tc) * reset (reset.tc) * size changes (buffer_size.tc) * event integrity (trace_pipe) Cc: Shuah Khan <skhan(a)linuxfoundation.org> Cc: linux-kselftest(a)vger.kernel.org Signed-off-by: Vincent Donnefort <vdonnefort(a)google.com> diff --git a/tools/testing/selftests/ftrace/test.d/remotes/buffer_size.tc b/tools/testing/selftests/ftrace/test.d/remotes/buffer_size.tc new file mode 100644 index 000000000000..60bf431ccc91 --- /dev/null +++ b/tools/testing/selftests/ftrace/test.d/remotes/buffer_size.tc @@ -0,0 +1,24 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# description: Test trace remote buffer size + +. $TEST_DIR/remotes/functions + +test_buffer_size() +{ + echo 0 > tracing_on + assert_unloaded + + echo 4096 > buffer_size_kb + echo 1 > tracing_on + assert_loaded + + echo 0 > tracing_on + echo 7 > buffer_size_kb +} + +if [ -z "$SOURCE_REMOTE_TEST" ]; then + set -e + setup_remote_test + test_buffer_size +fi diff --git a/tools/testing/selftests/ftrace/test.d/remotes/functions b/tools/testing/selftests/ftrace/test.d/remotes/functions new file mode 100644 index 000000000000..504a495b3b1b --- /dev/null +++ b/tools/testing/selftests/ftrace/test.d/remotes/functions @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: GPL-2.0 + +setup_remote() +{ + local name=$1 + + [ -e $TRACING_DIR/remotes/$name/write_event ] || exit_unresolved + + cd remotes/$name/ + echo 0 > tracing_on + clear_trace + echo 7 > buffer_size_kb + echo 0 > events/enable + echo 1 > events/$name/selftest/enable + echo 1 > tracing_on +} + +setup_remote_test() +{ + [ -d $TRACING_DIR/remotes/test/ ] || modprobe remote_test || exit_unresolved + + setup_remote "test" +} + +assert_loaded() +{ + grep -q "(loaded)" buffer_size_kb +} + +assert_unloaded() +{ + grep -q "(unloaded)" buffer_size_kb +} diff --git a/tools/testing/selftests/ftrace/test.d/remotes/reset.tc b/tools/testing/selftests/ftrace/test.d/remotes/reset.tc new file mode 100644 index 000000000000..93d6eb2a807f --- /dev/null +++ b/tools/testing/selftests/ftrace/test.d/remotes/reset.tc @@ -0,0 +1,105 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# description: Test trace remote reset + +. $TEST_DIR/remotes/functions + +get_cpu_ids() +{ + sed -n 's/^processor\s*:\s*$[0-9]\+$.*/\1/p' /proc/cpuinfo +} + +dump_trace() +{ + output=$(mktemp /tmp/remote_test.XXXXXX) + cat trace_pipe > $output & + pid=$! + sleep 1 + kill -1 $pid + + echo $output +} + +check_reset() +{ + write_event_path="write_event" + taskset="" + + clear_trace + + # Is the buffer empty? + output=$(dump_trace) + test $(wc -l $output | cut -d ' ' -f1) -eq 0 + + if $(echo $(pwd) | grep -q "per_cpu/cpu"); then + write_event_path="../../write_event" + cpu_id=$(echo $(pwd) | sed -e 's/.*per_cpu\/cpu//') + taskset="taskset -c $cpu_id" + fi + rm $output + + # Can we properly write a new event? + $taskset echo 7890 > $write_event_path + output=$(dump_trace) + test $(wc -l $output | cut -d ' ' -f1) -eq 1 + grep -q "id=7890" $output + rm $output +} + +test_global_interface() +{ + output=$(mktemp /tmp/remote_test.XXXXXX) + + # Confidence check + echo 123456 > write_event + output=$(dump_trace) + grep -q "id=123456" $output + rm $output + + # Reset single event + echo 1 > write_event + check_reset + + # Reset lost events + for i in $(seq 1 10000); do + echo 1 > write_event + done + check_reset +} + +test_percpu_interface() +{ + [ "$(get_cpu_ids | wc -l)" -ge 2 ] || return 0 + + for cpu in $(get_cpu_ids); do + taskset -c $cpu echo 1 > write_event + done + + check_non_empty=0 + for cpu in $(get_cpu_ids); do + cd per_cpu/cpu$cpu/ + + if [ $check_non_empty -eq 0 ]; then + check_reset + check_non_empty=1 + else + # Check we have only reset 1 CPU + output=$(dump_trace) + test $(wc -l $output | cut -d ' ' -f1) -eq 1 + rm $output + fi + cd - + done +} + +test_reset() +{ + test_global_interface + test_percpu_interface +} + +if [ -z "$SOURCE_REMOTE_TEST" ]; then + set -e + setup_remote_test + test_reset +fi diff --git a/tools/testing/selftests/ftrace/test.d/remotes/trace_pipe.tc b/tools/testing/selftests/ftrace/test.d/remotes/trace_pipe.tc new file mode 100644 index 000000000000..f4bd2b3655e0 --- /dev/null +++ b/tools/testing/selftests/ftrace/test.d/remotes/trace_pipe.tc @@ -0,0 +1,57 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# description: Test trace remote trace_pipe + +. $TEST_DIR/remotes/functions + +test_trace_pipe() +{ + echo 0 > tracing_on + assert_unloaded + + echo 1024 > buffer_size_kb + echo 1 > tracing_on + assert_loaded + + output=$(mktemp /tmp/remote_test.XXXXXX) + + cat trace_pipe > $output & + pid=$! + + for i in $(seq 1 1000); do + echo $i > write_event + done + + echo 0 > tracing_on + sleep 1 + kill $pid + + prev_ts=0 # TODO: Init with proper clock value + prev_id=0 + + # Only keep <timestamp> <id> + sed -i -e 's/\[[0-9]*\]\s*$[0-9]*.[0-9]*$: [a-z]* id=$[0-9]*$/\1 \2/' $output + + IFS=$'\n' + for line in $(cat $output); do + ts=$(echo $line | cut -d ' ' -f 1) + id=$(echo $line | cut -d ' ' -f 2) + + test $(echo "$ts>$prev_ts" | bc) -eq 1 + test $id -eq $((prev_id + 1)) + + prev_ts=$ts + prev_id=$id + done + + test $prev_id -eq 1000 + + rm $output +} + +if [ -z "$SOURCE_REMOTE_TEST" ]; then + set -e + + setup_remote_test + test_trace_pipe +fi diff --git a/tools/testing/selftests/ftrace/test.d/remotes/unloading.tc b/tools/testing/selftests/ftrace/test.d/remotes/unloading.tc new file mode 100644 index 000000000000..99f97e100fde --- /dev/null +++ b/tools/testing/selftests/ftrace/test.d/remotes/unloading.tc @@ -0,0 +1,40 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# description: Test trace remote unloading + +. $TEST_DIR/remotes/functions + +test_unloading() +{ + # No reader, writing + assert_loaded + + # No reader, no writing + echo 0 > tracing_on + assert_unloaded + + # 1 reader, no writing + cat trace_pipe & + pid=$! + sleep 1 + assert_loaded + kill $pid + assert_unloaded + + # No reader, no writing, events + echo 1 > tracing_on + echo 1 > write_event + echo 0 > tracing_on + assert_loaded + + # Test reset + clear_trace + assert_unloaded +} + +if [ -z "$SOURCE_REMOTE_TEST" ]; then + set -e + + setup_remote_test + test_unloading +fi -- 2.51.0.rc2.233.g662b1ed5c5-goog

1 week, 4 days

2
1
0 0

[PATCH v3] selftests/tty: add TIOCSTI test suite

by Abhinav Saxena

TIOCSTI is a TTY ioctl command that allows inserting characters into the terminal input queue, making it appear as if the user typed those characters. This functionality has behavior that varies based on system configuration and process credentials. The dev.tty.legacy_tiocsti sysctl introduced in commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") controls TIOCSTI usage. When disabled, TIOCSTI requires CAP_SYS_ADMIN capability. The current implementation checks the current process's credentials via capable(CAP_SYS_ADMIN), but does not validate against the file opener's credentials stored in file->f_cred. This creates different behavior when file descriptors are passed between processes via SCM_RIGHTS. Add a test suite with 16 test variants using fixture variants to verify TIOCSTI behavior when dev.tty.legacy_tiocsti is enabled/disabled: - Basic TIOCSTI tests (8 variants): Direct testing with different capability and controlling terminal combinations - FD passing tests (8 variants): Test behavior when file descriptors are passed between processes with different capabilities The FD passing tests document this behavior - some tests show different results than expected based on file opener credentials, demonstrating that TIOCSTI uses current process credentials rather than file opener credentials. The tests validate proper enforcement of the legacy_tiocsti sysctl. Test implementation uses openpty(3) with TIOCSCTTY for isolated PTY environments. See tty_ioctl(4) for details on TIOCSTI behavior and security requirements. Signed-off-by: Abhinav Saxena <xandfury(a)gmail.com> --- To run all tests: $ sudo ./tools/testing/selftests/tty/tty_tiocsti_test Test Results: - PASSED: 13/16 tests - Different behavior: 3/16 tests (documenting credential checking behavior) All tests validated using: - scripts/checkpatch.pl --strict (clean output) - Functional testing on kernel v6.16-rc2 Changes in v3: - Replaced all printf() calls with TH_LOG() for proper test logging (Kees Cook) - Added struct __test_metadata parameter to helper functions - Moved common legacy_tiocsti availability check to FIXTURE_SETUP() - Implemented sysctl modification/restoration in FIXTURE_SETUP/TEARDOWN - Used openpty() with TIOCSCTTY for reliable PTY testing environment - Fixed child/parent synchronization in FD passing tests - Replaced manual _exit(1) handling with proper ASSERT statements - Switched // comments to /* */ format throughout - Expanded to 16 test variants using fixture variants - Enhanced error handling and test reliability - Link to v2: https://lore.kernel.org/r/20250713-toicsti-bug-v2-1-b183787eea29@gmail.com - Link to v1: https://lore.kernel.org/r/20250622-toicsti-bug-v1-0-f374373b04b2@gmail.com References: - tty_ioctl(4) - documents TIOCSTI ioctl and capability requirements - openpty(3) - pseudo-terminal creation and management - commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") - Documentation/security/credentials.rst - https://github.com/KSPP/linux/issues/156 - https://lore.kernel.org/linux-hardening/Y0m9l52AKmw6Yxi1@hostpad/ - drivers/tty/Kconfig - Documentation/driver-api/tty/ --- tools/testing/selftests/tty/Makefile | 6 +- tools/testing/selftests/tty/config | 1 + tools/testing/selftests/tty/tty_tiocsti_test.c | 650 +++++++++++++++++++++++++ 3 files changed, 656 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tty/Makefile b/tools/testing/selftests/tty/Makefile index 50d7027b2ae3..7f6fbe5a0cd5 100644 --- a/tools/testing/selftests/tty/Makefile +++ b/tools/testing/selftests/tty/Makefile @@ -1,5 +1,9 @@ # SPDX-License-Identifier: GPL-2.0 CFLAGS = -O2 -Wall -TEST_GEN_PROGS := tty_tstamp_update +TEST_GEN_PROGS := tty_tstamp_update tty_tiocsti_test +LDLIBS += -lcap include ../lib.mk + +# Add libcap for TIOCSTI test +$(OUTPUT)/tty_tiocsti_test: LDLIBS += -lcap diff --git a/tools/testing/selftests/tty/config b/tools/testing/selftests/tty/config new file mode 100644 index 000000000000..c6373aba6636 --- /dev/null +++ b/tools/testing/selftests/tty/config @@ -0,0 +1 @@ +CONFIG_LEGACY_TIOCSTI=y diff --git a/tools/testing/selftests/tty/tty_tiocsti_test.c b/tools/testing/selftests/tty/tty_tiocsti_test.c new file mode 100644 index 000000000000..1eafef6e36fa --- /dev/null +++ b/tools/testing/selftests/tty/tty_tiocsti_test.c @@ -0,0 +1,650 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * TTY Tests - TIOCSTI + * + * Copyright © 2025 Abhinav Saxena <xandfury(a)gmail.com> + */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <fcntl.h> +#include <sys/ioctl.h> +#include <errno.h> +#include <stdbool.h> +#include <string.h> +#include <sys/socket.h> +#include <sys/wait.h> +#include <pwd.h> +#include <termios.h> +#include <grp.h> +#include <sys/capability.h> +#include <sys/prctl.h> +#include <pty.h> +#include <utmp.h> + +#include "../kselftest_harness.h" + +enum test_type { + TEST_PTY_TIOCSTI_BASIC, + TEST_PTY_TIOCSTI_FD_PASSING, + /* other tests cases such as serial may be added. */ +}; + +/* + * Test Strategy: + * - Basic tests: Use PTY with/without TIOCSCTTY (controlling terminal for + * current process) + * - FD passing tests: Child creates PTY, parent receives FD (demonstrates + * security issue) + * + * SECURITY VULNERABILITY DEMONSTRATION: + * FD passing tests show that TIOCSTI uses CURRENT process credentials, not + * opener credentials. This means privileged processes can be given FDs from + * unprivileged processes and successfully perform TIOCSTI operations that the + * unprivileged process couldn't do directly. + * + * Attack scenario: + * 1. Unprivileged process opens TTY (direct TIOCSTI fails due to lack of + * privileges) + * 2. Unprivileged process passes FD to privileged process via SCM_RIGHTS + * 3. Privileged process can use TIOCSTI on the FD (succeeds due to its + * privileges) + * 4. Result: Effective privilege escalation via file descriptor passing + * + * This matches the kernel logic in tiocsti(): + * 1. if (!tty_legacy_tiocsti && !capable(CAP_SYS_ADMIN)) return -EIO; + * 2. if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) + * return -EPERM; + * Note: Both checks use capable() on CURRENT process, not FD opener! + * + * If the file credentials were also checked along with the capable() checks + * then the results for FD pass tests would be consistent with the basic tests. + */ + +FIXTURE(tiocsti) +{ + int pty_master_fd; /* PTY - for basic tests */ + int pty_slave_fd; + bool has_pty; + bool initial_cap_sys_admin; + int original_legacy_tiocsti_setting; + bool can_modify_sysctl; +}; + +FIXTURE_VARIANT(tiocsti) +{ + const enum test_type test_type; + const bool controlling_tty; /* true=current->signal->tty == tty */ + const int legacy_tiocsti; /* 0=restricted, 1=permissive */ + const bool requires_cap; /* true=with CAP_SYS_ADMIN, false=without */ + const int expected_success; /* 0=success, -EIO/-EPERM=specific error */ +}; + +/* + * Tests Controlling Terminal Variants (current->signal->tty == tty) + * + * TIOCSTI Test Matrix: + * + * | legacy_tiocsti | CAP_SYS_ADMIN | Expected Result | Error | + * |----------------|---------------|-----------------|-------| + * | 1 (permissive) | true | SUCCESS | - | + * | 1 (permissive) | false | SUCCESS | - | + * | 0 (restricted) | true | SUCCESS | - | + * | 0 (restricted) | false | FAILURE | -EIO | + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_pty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, /* FAILURE: legacy restriction */ +}; /* clang-format on */ + +/* + * Note for FD Passing Test Variants + * Since we're testing the scenario where an unprivileged process pass an FD + * to a privileged one, .requires_cap here means the caps of the child process. + * Not the parent; parent would always be privileged. + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_pty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = true, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; /* clang-format on */ + +/* + * Non-Controlling Terminal Variants (current->signal->tty != tty) + * + * TIOCSTI Test Matrix: + * + * | legacy_tiocsti | CAP_SYS_ADMIN | Expected Result | Error | + * |----------------|---------------|-----------------|-------| + * | 1 (permissive) | true | SUCCESS | - | + * | 1 (permissive) | false | FAILURE | -EPERM| + * | 0 (restricted) | true | SUCCESS | - | + * | 0 (restricted) | false | FAILURE | -EIO | + */ + +/* clang-format off */ +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = -EPERM, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, basic_nopty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_BASIC, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_permissive_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_permissive_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 1, + .requires_cap = false, + .expected_success = -EPERM, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_restricted_withcap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = true, + .expected_success = 0, +}; + +FIXTURE_VARIANT_ADD(tiocsti, fdpass_nopty_restricted_nocap) { + .test_type = TEST_PTY_TIOCSTI_FD_PASSING, + .controlling_tty = false, + .legacy_tiocsti = 0, + .requires_cap = false, + .expected_success = -EIO, +}; /* clang-format on */ + +/* Helper function to send FD via SCM_RIGHTS */ +static int send_fd_via_socket(int socket_fd, int fd_to_send) +{ + struct msghdr msg = { 0 }; + struct cmsghdr *cmsg; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + char dummy_data = 'F'; + struct iovec iov = { .iov_base = &dummy_data, .iov_len = 1 }; + + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + msg.msg_control = cmsg_buf; + msg.msg_controllen = sizeof(cmsg_buf); + + cmsg = CMSG_FIRSTHDR(&msg); + cmsg->cmsg_level = SOL_SOCKET; + cmsg->cmsg_type = SCM_RIGHTS; + cmsg->cmsg_len = CMSG_LEN(sizeof(int)); + + memcpy(CMSG_DATA(cmsg), &fd_to_send, sizeof(int)); + + return sendmsg(socket_fd, &msg, 0) < 0 ? -1 : 0; +} + +/* Helper function to receive FD via SCM_RIGHTS */ +static int recv_fd_via_socket(int socket_fd) +{ + struct msghdr msg = { 0 }; + struct cmsghdr *cmsg; + char cmsg_buf[CMSG_SPACE(sizeof(int))]; + char dummy_data; + struct iovec iov = { .iov_base = &dummy_data, .iov_len = 1 }; + int received_fd = -1; + + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + msg.msg_control = cmsg_buf; + msg.msg_controllen = sizeof(cmsg_buf); + + if (recvmsg(socket_fd, &msg, 0) < 0) + return -1; + + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if (cmsg->cmsg_level == SOL_SOCKET && + cmsg->cmsg_type == SCM_RIGHTS) { + memcpy(&received_fd, CMSG_DATA(cmsg), sizeof(int)); + break; + } + } + + return received_fd; +} + +static inline bool has_cap_sys_admin(void) +{ + cap_t caps = cap_get_proc(); + + if (!caps) + return false; + + cap_flag_value_t cap_val; + bool has_cap = (cap_get_flag(caps, CAP_SYS_ADMIN, CAP_EFFECTIVE, + &cap_val) == 0) && + (cap_val == CAP_SET); + + cap_free(caps); + return has_cap; +} + +/* + * Drop to nobody user (uid/gid 65534) to lose all capabilities + */ +static inline bool drop_to_nobody(struct __test_metadata *_metadata) +{ + ASSERT_EQ(setgroups(0, NULL), 0); + ASSERT_EQ(setgid(65534), 0); + ASSERT_EQ(setuid(65534), 0); + + ASSERT_FALSE(has_cap_sys_admin()); + return true; +} + +static inline int get_legacy_tiocsti_setting(struct __test_metadata *_metadata) +{ + FILE *fp; + int value = -1; + + fp = fopen("/proc/sys/dev/tty/legacy_tiocsti", "r"); + if (!fp) { + /* legacy_tiocsti sysctl not available (kernel < 6.2) */ + return -1; + } + + if (fscanf(fp, "%d", &value) == 1) { + if (value < 0 || value > 1) + value = -1; /* Invalid value */ + } else { + value = -1; /* Failed to parse */ + } + + fclose(fp); + return value; +} + +static inline bool set_legacy_tiocsti_setting(struct __test_metadata *_metadata, + int value) +{ + FILE *fp; + bool success = false; + + /* Sanity-check the value */ + ASSERT_GE(value, 0); + ASSERT_LE(value, 1); + + /* + * Try to open for writing; if we lack permission, return false so + * the test harness will skip variants that need to change it + */ + fp = fopen("/proc/sys/dev/tty/legacy_tiocsti", "w"); + if (!fp) + return false; + + /* Write the new setting */ + if (fprintf(fp, "%d\n", value) > 0) + success = true; + else + TH_LOG("Failed to write legacy_tiocsti: %s", strerror(errno)); + + fclose(fp); + return success; +} + +/* + * TIOCSTI injection test function + * @tty_fd: TTY slave file descriptor to test TIOCSTI on + * Returns: 0 on success, -errno on failure + */ +static inline int test_tiocsti_injection(struct __test_metadata *_metadata, + int tty_fd) +{ + int ret; + char inject_char = 'V'; + + errno = 0; + ret = ioctl(tty_fd, TIOCSTI, &inject_char); + return ret == 0 ? 0 : -errno; +} + +FIXTURE_SETUP(tiocsti) +{ + /* Create PTY pair for basic tests */ + self->has_pty = (openpty(&self->pty_master_fd, &self->pty_slave_fd, + NULL, NULL, NULL) == 0); + if (!self->has_pty) { + self->pty_master_fd = -1; + self->pty_slave_fd = -1; + } + + self->initial_cap_sys_admin = has_cap_sys_admin(); + self->original_legacy_tiocsti_setting = + get_legacy_tiocsti_setting(_metadata); + + if (self->original_legacy_tiocsti_setting < 0) + SKIP(return, "legacy_tiocsti sysctl not available (kernel < 6.2)"); + + /* Test if we can modify the sysctl (requires appropriate privileges) */ + self->can_modify_sysctl = set_legacy_tiocsti_setting(_metadata, + self->original_legacy_tiocsti_setting); + if (!self->can_modify_sysctl) + TH_LOG("Warning: Cannot modify legacy_tiocsti sysctl - will skip mismatched variants"); +} + +FIXTURE_TEARDOWN(tiocsti) +{ + /* + * Backup restoration - + * each test should restore its own sysctl changes + */ + if (self->can_modify_sysctl && + self->original_legacy_tiocsti_setting >= 0) { + int current_value = get_legacy_tiocsti_setting(_metadata); + + if (current_value != self->original_legacy_tiocsti_setting) { + TH_LOG("Backup: Restoring legacy_tiocsti from %d to %d", + current_value, + self->original_legacy_tiocsti_setting); + set_legacy_tiocsti_setting(_metadata, + self->original_legacy_tiocsti_setting); + } + } + + if (self->has_pty) { + if (self->pty_master_fd >= 0) + close(self->pty_master_fd); + if (self->pty_slave_fd >= 0) + close(self->pty_slave_fd); + } +} + +TEST_F(tiocsti, test) +{ + int saved_legacy_tiocsti = get_legacy_tiocsti_setting(_metadata); + bool need_restore = false; + int status; + pid_t child_pid; + + /* Set legacy_tiocsti sysctl to match variant requirement */ + if (self->can_modify_sysctl) { + if (saved_legacy_tiocsti != variant->legacy_tiocsti) { + if (!set_legacy_tiocsti_setting(_metadata, + variant->legacy_tiocsti)) { + SKIP(return, + "Failed to set legacy_tiocsti sysctl"); + } + need_restore = true; + } + } else { + /* + * Can't modify sysctl + * - check if current value matches variant + */ + if (self->original_legacy_tiocsti_setting != + variant->legacy_tiocsti) { + SKIP(return, + "legacy_tiocsti setting mismatch and cannot modify sysctl"); + } + } + + /* Common skip conditions */ + if (variant->test_type == TEST_PTY_TIOCSTI_BASIC && !self->has_pty) { + SKIP(goto restore_sysctl, + "PTY not available for controlling terminal test"); + } + + if (variant->test_type == TEST_PTY_TIOCSTI_FD_PASSING && + !self->initial_cap_sys_admin) { + SKIP(goto restore_sysctl, + "FD Pass tests require CAP_SYS_ADMIN"); + } + + if (variant->requires_cap && !self->initial_cap_sys_admin) { + SKIP(goto restore_sysctl, + "Test requires initial CAP_SYS_ADMIN"); + } + + if (variant->test_type == TEST_PTY_TIOCSTI_BASIC) { + /* ===== BASIC TIOCSTI TEST ===== */ + child_pid = fork(); + ASSERT_GE(child_pid, 0); + + if (child_pid == 0) { + /* Child process - perform the actual test */ + + /* Handle capability requirements */ + if (self->initial_cap_sys_admin && + !variant->requires_cap) + ASSERT_TRUE(drop_to_nobody(_metadata)); + + if (variant->controlling_tty) { + /* + * Create new session and set PTY as + * controlling terminal + */ + pid_t sid = setsid(); + + ASSERT_GE(sid, 0); + ASSERT_EQ(ioctl(self->pty_slave_fd, TIOCSCTTY, + 0), + 0); + } + + /* + * Validate test environment setup and verify final + * capability state matches expectation + * after potential drop. + * + */ + ASSERT_TRUE(self->has_pty); + ASSERT_EQ(has_cap_sys_admin(), variant->requires_cap); + + /* Test TIOCSTI and validate result */ + int result = test_tiocsti_injection(_metadata, + self->pty_slave_fd); + + /* Check against expected result from variant */ + EXPECT_EQ(result, variant->expected_success); + _exit(0); + } + + } else { + /* ===== FD PASSING SECURITY TEST ===== */ + int sockpair[2]; + + ASSERT_EQ(socketpair(AF_UNIX, SOCK_STREAM, 0, sockpair), 0); + + child_pid = fork(); + ASSERT_GE(child_pid, 0); + + if (child_pid == 0) { + /* Child process - create PTY and send FD */ + close(sockpair[0]); + signal(SIGHUP, SIG_IGN); + + /* Handle privilege dropping */ + if (!variant->requires_cap && has_cap_sys_admin()) + ASSERT_TRUE(drop_to_nobody(_metadata)); + + /* Create child's PTY */ + int child_master_fd, child_slave_fd; + + ASSERT_EQ(openpty(&child_master_fd, &child_slave_fd, + NULL, NULL, NULL), + 0); + + if (variant->controlling_tty) { + pid_t sid = setsid(); + + ASSERT_GE(sid, 0); + ASSERT_EQ(ioctl(child_slave_fd, TIOCSCTTY, 0), + 0); + } + + /* Test child's direct TIOCSTI for reference */ + int direct_result = test_tiocsti_injection(_metadata, + child_slave_fd); + EXPECT_EQ(direct_result, variant->expected_success); + + /* Send FD to parent */ + ASSERT_EQ(send_fd_via_socket(sockpair[1], + child_slave_fd), + 0); + + /* Wait for parent completion signal */ + char sync_byte; + ssize_t bytes_read = read(sockpair[1], &sync_byte, 1); + + ASSERT_EQ(bytes_read, 1); + + close(child_master_fd); + close(child_slave_fd); + close(sockpair[1]); + _exit(0); + } + + /* Parent process - receive FD and test TIOCSTI */ + close(sockpair[1]); + + int received_fd = recv_fd_via_socket(sockpair[0]); + + ASSERT_GE(received_fd, 0); + + bool parent_has_cap = self->initial_cap_sys_admin; + + TH_LOG("=== TIOCSTI FD Passing Test Context ==="); + TH_LOG("legacy_tiocsti: %d, Parent CAP_SYS_ADMIN: %s, Child: %s", + variant->legacy_tiocsti, parent_has_cap ? "yes" : "no", + variant->requires_cap ? "kept" : "dropped"); + + /* SECURITY TEST: Try TIOCSTI with FD opened by child */ + int result = test_tiocsti_injection(_metadata, received_fd); + + /* Log security concern if demonstrated */ + if (result == 0 && !variant->requires_cap) { + TH_LOG("*** SECURITY CONCERN DEMONSTRATED ***"); + TH_LOG("Privileged parent can use TIOCSTI on FD from unprivileged child"); + TH_LOG("This shows current process credentials are used, not opener credentials"); + } + + EXPECT_EQ(result, variant->expected_success) + { + TH_LOG("FD passing: expected error %d, got %d", + variant->expected_success, result); + } + + /* Signal child completion */ + char sync_byte = 'D'; + ssize_t bytes_written = write(sockpair[0], &sync_byte, 1); + + ASSERT_EQ(bytes_written, 1); + + close(received_fd); + close(sockpair[0]); + } + + /* Common child process cleanup for both test types */ + ASSERT_EQ(waitpid(child_pid, &status, 0), child_pid); + + if (WIFSIGNALED(status)) { + TH_LOG("Child terminated by signal %d", WTERMSIG(status)); + ASSERT_FALSE(WIFSIGNALED(status)) + { + TH_LOG("Child process failed assertion"); + } + } else { + EXPECT_EQ(WEXITSTATUS(status), 0); + } + +restore_sysctl: + if (need_restore) + set_legacy_tiocsti_setting(_metadata, saved_legacy_tiocsti); +} + +TEST_HARNESS_MAIN --- base-commit: 283564a43383d6f26a55546fe9ae345b5fa95e66 change-id: 20250618-toicsti-bug-7822b8e94a32 Best regards, -- Abhinav Saxena <xandfury(a)gmail.com>

1 week, 4 days

3
4
0 0

[PATCH] selftests: net: avoid memory leak

by Zongmin Zhou

From: Zongmin Zhou <zhouzongmin(a)kylinos.cn> The buffer be used without free,fix it to avoid memory leak. Signed-off-by: Zongmin Zhou <zhouzongmin(a)kylinos.cn> --- tools/testing/selftests/net/cmsg_sender.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tools/testing/selftests/net/cmsg_sender.c b/tools/testing/selftests/net/cmsg_sender.c index a825e628aee7..5358aa09ecb9 100644 --- a/tools/testing/selftests/net/cmsg_sender.c +++ b/tools/testing/selftests/net/cmsg_sender.c @@ -491,6 +491,7 @@ int main(int argc, char *argv[]) if (err) { fprintf(stderr, "Can't resolve address [%s]:%s\n", opt.host, opt.service); + free(buf); return ERN_SOCK_CREATE; } @@ -501,6 +502,7 @@ int main(int argc, char *argv[]) if (fd < 0) { fprintf(stderr, "Can't open socket: %s\n", strerror(errno)); freeaddrinfo(ai); + free(buf); return ERN_RESOLVE; } @@ -575,5 +577,6 @@ int main(int argc, char *argv[]) err_out: close(fd); freeaddrinfo(ai); + free(buf); return err; } -- 2.34.1

1 week, 4 days

4
7
0 0

[PATCH net-next v2 1/2] selftests: drv-net: rss_ctx: use Netlink for timed reconfig

by Jakub Kicinski

The rss_ctx test has gotten pretty flaky after I increased the queue count in NIPA 2->3. Not 100% clear why. We get a lot of failures in the rss_ctx.test_hitless_key_update case. Looking closer it appears that the failures are mostly due to startup costs. I measured the following timing for ethtool -X: - python cmd(shell=True) : 150-250msec - python cmd(shell=False) : 50- 70msec - timed in bash : 45- 55msec - YNL Netlink call : 2- 4msec - .set_rxfh callback : 1- 2msec The target in the test was set to 200msec. We were mostly measuring ethtool startup cost it seems. Switch to YNL since it's 100x faster. Lower the pass criteria to 150msec, no real science behind this number but we removed some overhead, drivers which previously passed 200msec should easily pass 150msec now. Separately we should probably follow up on defaulting to shell=False, when script doesn't explicitly ask for True, because the overhead is rather significant. Switch from _rss_key_rand() to random.randbytes(), YNL takes a binary array rather than array of ints. Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- v2: - increase the threshold to safer 150msec - mention change away from _rss_key_rand() v1: https://lore.kernel.org/20250829220712.327920-1-kuba@kernel.org --- tools/testing/selftests/drivers/net/hw/rss_ctx.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/drivers/net/hw/rss_ctx.py b/tools/testing/selftests/drivers/net/hw/rss_ctx.py index 9838b8457e5a..a5562a9f729f 100755 --- a/tools/testing/selftests/drivers/net/hw/rss_ctx.py +++ b/tools/testing/selftests/drivers/net/hw/rss_ctx.py @@ -335,19 +335,20 @@ from lib.py import ethtool, ip, defer, GenerateTraffic, CmdExitFailure data = get_rss(cfg) key_len = len(data['rss-hash-key']) - key = _rss_key_rand(key_len) + ethnl = EthtoolFamily() + key = random.randbytes(key_len) tgen = GenerateTraffic(cfg) try: errors0, carrier0 = get_drop_err_sum(cfg) t0 = datetime.datetime.now() - ethtool(f"-X {cfg.ifname} hkey " + _rss_key_str(key)) + ethnl.rss_set({"header": {"dev-index": cfg.ifindex}, "hkey": key}) t1 = datetime.datetime.now() errors1, carrier1 = get_drop_err_sum(cfg) finally: tgen.wait_pkts_and_stop(5000) - ksft_lt((t1 - t0).total_seconds(), 0.2) + ksft_lt((t1 - t0).total_seconds(), 0.15) ksft_eq(errors1 - errors1, 0) ksft_eq(carrier1 - carrier0, 0) -- 2.51.0

1 week, 4 days

3
4
0 0

[PATCH bpf-next v3 1/2] bpf: add bpf_strcasecmp kfunc

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> bpf_strcasecmp() function performs same like bpf_strcmp() except ignoring the case of the characters. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- kernel/bpf/helpers.c | 68 +++++++++++++++++++++++++++++++------------- 1 file changed, 48 insertions(+), 20 deletions(-) diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index 401b4932cc49..238fd992c786 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -3349,45 +3349,72 @@ __bpf_kfunc void __bpf_trap(void) * __get_kernel_nofault instead of plain dereference to make them safe. */ -/** - * bpf_strcmp - Compare two strings - * @s1__ign: One string - * @s2__ign: Another string - * - * Return: - * * %0 - Strings are equal - * * %-1 - @s1__ign is smaller - * * %1 - @s2__ign is smaller - * * %-EFAULT - Cannot read one of the strings - * * %-E2BIG - One of strings is too large - * * %-ERANGE - One of strings is outside of kernel address space - */ -__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +int __bpf_strcasecmp(const char *s1, const char *s2, bool ignore_case) { char c1, c2; int i; - if (!copy_from_kernel_nofault_allowed(s1__ign, 1) || - !copy_from_kernel_nofault_allowed(s2__ign, 1)) { + if (!copy_from_kernel_nofault_allowed(s1, 1) || + !copy_from_kernel_nofault_allowed(s2, 1)) { return -ERANGE; } guard(pagefault)(); for (i = 0; i < XATTR_SIZE_MAX; i++) { - __get_kernel_nofault(&c1, s1__ign, char, err_out); - __get_kernel_nofault(&c2, s2__ign, char, err_out); + __get_kernel_nofault(&c1, s1, char, err_out); + __get_kernel_nofault(&c2, s2, char, err_out); + if (ignore_case) { + c1 = tolower(c1); + c2 = tolower(c2); + } if (c1 != c2) return c1 < c2 ? -1 : 1; if (c1 == '\0') return 0; - s1__ign++; - s2__ign++; + s1++; + s2++; } return -E2BIG; err_out: return -EFAULT; } +/** + * bpf_strcmp - Compare two strings + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, false); +} + +/** + * bpf_strcasecmp - Compare two strings, ignoring the case of the characters + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcasecmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, true); +} + /** * bpf_strnchr - Find a character in a length limited string * @s__ign: The string to be searched @@ -3832,6 +3859,7 @@ BTF_ID_FLAGS(func, bpf_iter_dmabuf_destroy, KF_ITER_DESTROY | KF_SLEEPABLE) #endif BTF_ID_FLAGS(func, __bpf_trap) BTF_ID_FLAGS(func, bpf_strcmp); +BTF_ID_FLAGS(func, bpf_strcasecmp); BTF_ID_FLAGS(func, bpf_strchr); BTF_ID_FLAGS(func, bpf_strchrnul); BTF_ID_FLAGS(func, bpf_strnchr); -- 2.51.0

1 week, 4 days

3
3
0 0

[PATCH bpf-next v4 2/2] selftests/bpf: Test kfunc bpf_strcasecmp

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> Add testsuites for kfunc bpf_strcasecmp. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- tools/testing/selftests/bpf/prog_tests/string_kfuncs.c | 1 + tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c | 6 ++++++ tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c | 1 + tools/testing/selftests/bpf/progs/string_kfuncs_success.c | 5 +++++ 4 files changed, 13 insertions(+) diff --git a/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c b/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c index 35af8044d059..4d66fad3c8bd 100644 --- a/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c +++ b/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c @@ -8,6 +8,7 @@ static const char * const test_cases[] = { "strcmp", + "strcasecmp", "strchr", "strchrnul", "strnchr", diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c index 53af438bd998..99d72c68f76a 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c @@ -31,6 +31,8 @@ char *invalid_kern_ptr = (char *)-1; /* Passing NULL to string kfuncs (treated as a userspace ptr) */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_null1(void *ctx) { return bpf_strcmp(NULL, "hello"); } SEC("syscall") __retval(USER_PTR_ERR)int test_strcmp_null2(void *ctx) { return bpf_strcmp("hello", NULL); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_null1(void *ctx) { return bpf_strcasecmp(NULL, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR)int test_strcasecmp_null2(void *ctx) { return bpf_strcasecmp("HELLO", NULL); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchr_null(void *ctx) { return bpf_strchr(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchrnul_null(void *ctx) { return bpf_strchrnul(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strnchr_null(void *ctx) { return bpf_strnchr(NULL, 1, 'a'); } @@ -49,6 +51,8 @@ SEC("syscall") __retval(USER_PTR_ERR)int test_strnstr_null2(void *ctx) { return /* Passing userspace ptr to string kfuncs */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr1(void *ctx) { return bpf_strcmp(user_ptr, "hello"); } SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr2(void *ctx) { return bpf_strcmp("hello", user_ptr); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr1(void *ctx) { return bpf_strcasecmp(user_ptr, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr2(void *ctx) { return bpf_strcasecmp("HELLO", user_ptr); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchr_user_ptr(void *ctx) { return bpf_strchr(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchrnul_user_ptr(void *ctx) { return bpf_strchrnul(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strnchr_user_ptr(void *ctx) { return bpf_strnchr(user_ptr, 1, 'a'); } @@ -69,6 +73,8 @@ SEC("syscall") __retval(USER_PTR_ERR) int test_strnstr_user_ptr2(void *ctx) { re /* Passing invalid kernel ptr to string kfuncs should always return -EFAULT */ SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault1(void *ctx) { return bpf_strcmp(invalid_kern_ptr, "hello"); } SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault2(void *ctx) { return bpf_strcmp("hello", invalid_kern_ptr); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault1(void *ctx) { return bpf_strcasecmp(invalid_kern_ptr, "HELLO"); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault2(void *ctx) { return bpf_strcasecmp("HELLO", invalid_kern_ptr); } SEC("syscall") __retval(-EFAULT) int test_strchr_pagefault(void *ctx) { return bpf_strchr(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strchrnul_pagefault(void *ctx) { return bpf_strchrnul(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strnchr_pagefault(void *ctx) { return bpf_strnchr(invalid_kern_ptr, 1, 'a'); } diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c b/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c index 89fb4669b0e9..e41cc5601994 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c @@ -7,6 +7,7 @@ char long_str[XATTR_SIZE_MAX + 1]; SEC("syscall") int test_strcmp_too_long(void *ctx) { return bpf_strcmp(long_str, long_str); } +SEC("syscall") int test_strcasecmp_too_long(void *ctx) { return bpf_strcasecmp(long_str, long_str); } SEC("syscall") int test_strchr_too_long(void *ctx) { return bpf_strchr(long_str, 'b'); } SEC("syscall") int test_strchrnul_too_long(void *ctx) { return bpf_strchrnul(long_str, 'b'); } SEC("syscall") int test_strnchr_too_long(void *ctx) { return bpf_strnchr(long_str, sizeof(long_str), 'b'); } diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c index 46697f381878..67830456637b 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c @@ -12,6 +12,11 @@ char str[] = "hello world"; /* Functional tests */ __test(0) int test_strcmp_eq(void *ctx) { return bpf_strcmp(str, "hello world"); } __test(1) int test_strcmp_neq(void *ctx) { return bpf_strcmp(str, "hello"); } +__test(0) int test_strcasecmp_eq1(void *ctx) { return bpf_strcasecmp(str, "hello world"); } +__test(0) int test_strcasecmp_eq2(void *ctx) { return bpf_strcasecmp(str, "HELLO WORLD"); } +__test(0) int test_strcasecmp_eq3(void *ctx) { return bpf_strcasecmp(str, "HELLO world"); } +__test(1) int test_strcasecmp_neq1(void *ctx) { return bpf_strcasecmp(str, "hello"); } +__test(1) int test_strcasecmp_neq2(void *ctx) { return bpf_strcasecmp(str, "HELLO"); } __test(1) int test_strchr_found(void *ctx) { return bpf_strchr(str, 'e'); } __test(11) int test_strchr_null(void *ctx) { return bpf_strchr(str, '\0'); } __test(-ENOENT) int test_strchr_notfound(void *ctx) { return bpf_strchr(str, 'x'); } -- 2.51.0

1 week, 4 days

1
0
0 0

[PATCH bpf-next v4 0/2] bpf: Add kfunc bpf_strcasecmp()

by Rong Tao

Kfunc already support bpf_strcmp, this patchset introduce bpf_strcasecmp and add some selftests. Rong Tao (2): bpf: add bpf_strcasecmp kfunc selftests/bpf: Test kfunc bpf_strcasecmp kernel/bpf/helpers.c | 68 +++++++++++++------ .../selftests/bpf/prog_tests/string_kfuncs.c | 1 + .../bpf/progs/string_kfuncs_failure1.c | 6 ++ .../bpf/progs/string_kfuncs_failure2.c | 1 + .../bpf/progs/string_kfuncs_success.c | 5 ++ 5 files changed, 61 insertions(+), 20 deletions(-) --- v4: __bpf_strcasecmp should be static function; v3: Update prog_tests/string_kfuncs.c for "strcasecmp"; https://lore.kernel.org/lkml/tencent_0E0C830021A02CBCCB6D95AE57CFD100C407@q… v2: Remove __ign prefix from __bpf_strcasecmp and add E2BIG failure test; https://lore.kernel.org/lkml/tencent_8646158457D4511C447C833B21B3ACF6CB07@q… v1: https://lore.kernel.org/lkml/tencent_5AE811A28781BE106AD6CDE59F4ADD2BFA06@q… -- 2.51.0

1 week, 4 days

1
0
0 0

[PATCH net-next 1/2] selftests: drv-net: adjust tests before defaulting to shell=False

by Jakub Kicinski

Clean up tests which expect shell=True without explicitly passing that param to cmd(). There seems to be only one such case, and in fact it's better converted to a direct write. Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- tools/testing/selftests/drivers/net/napi_threaded.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/drivers/net/napi_threaded.py b/tools/testing/selftests/drivers/net/napi_threaded.py index ed66efa481b0..f4be72b2145a 100755 --- a/tools/testing/selftests/drivers/net/napi_threaded.py +++ b/tools/testing/selftests/drivers/net/napi_threaded.py @@ -24,7 +24,8 @@ from lib.py import cmd, defer, ethtool def _set_threaded_state(cfg, threaded) -> None: - cmd(f"echo {threaded} > /sys/class/net/{cfg.ifname}/threaded") + with open(f"/sys/class/net/{cfg.ifname}/threaded", "wb") as fp: + fp.write(str(threaded).encode('utf-8')) def _setup_deferred_cleanup(cfg) -> None: -- 2.51.0

1 week, 4 days

3
6
0 0

[PATCH net-next] net: selftests: clean up tools/testing/selftests/net/lib/py/utils.py

by Breno Leitao

This patch improves the utils.py module by removing unused imports (errno, random), simplifying the fd_read_timeout() function by eliminating unnecessary else clause, and cleaning up code style in the defer class constructor. Additionally, it renames the parameter in rand_port() from 'type' to 'stype' to avoid shadowing the built-in Python name 'type', improving code clarity and preventing potential issues. These changes enhance code readability and maintainability without affecting functionality. Signed-off-by: Breno Leitao <leitao(a)debian.org> --- tools/testing/selftests/net/lib/py/utils.py | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/net/lib/py/utils.py b/tools/testing/selftests/net/lib/py/utils.py index b188cac49738f..1cdc8e6d6b603 100644 --- a/tools/testing/selftests/net/lib/py/utils.py +++ b/tools/testing/selftests/net/lib/py/utils.py @@ -1,9 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 -import errno import json as _json import os -import random import re import select import socket @@ -21,8 +19,7 @@ def fd_read_timeout(fd, timeout): rlist, _, _ = select.select([fd], [], [], timeout) if rlist: return os.read(fd, 1024) - else: - raise TimeoutError("Timeout waiting for fd read") + raise TimeoutError("Timeout waiting for fd read") class cmd: @@ -138,8 +135,6 @@ global_defer_queue = [] class defer: def __init__(self, func, *args, **kwargs): - global global_defer_queue - if not callable(func): raise Exception("defer created with un-callable object, did you call the function instead of passing its name?") @@ -227,11 +222,11 @@ def bpftrace(expr, json=None, ns=None, host=None, timeout=None): return cmd_obj -def rand_port(type=socket.SOCK_STREAM): +def rand_port(stype=socket.SOCK_STREAM): """ Get a random unprivileged port. """ - with socket.socket(socket.AF_INET6, type) as s: + with socket.socket(socket.AF_INET6, stype) as s: s.bind(("", 0)) return s.getsockname()[1] --- base-commit: 864ecc4a6dade82d3f70eab43dad0e277aa6fc78 change-id: 20250901-fix-02eb26114040 Best regards, -- Breno Leitao <leitao(a)debian.org>

1 week, 4 days

3
2
0 0

[PATCH net-next 0/6] mptcp: misc. features for v6.18

by Matthieu Baerts (NGI0)

This series contains 4 independent new features: - Patch 1: use HMAC-SHA256 library instead of open-coded HMAC. - Patches 2-3: make ADD_ADDR retransmission timeout adaptive + simplify selftests. - Patch 4: selftests: check for unexpected fallback counter increments. - Patches 5-6: record subflows in RPS table, for aRFS support. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Christoph Paasch (2): net: Add rfs_needed() helper mptcp: record subflows in RPS table Eric Biggers (1): mptcp: use HMAC-SHA256 library instead of open-coded HMAC Gang Yan (1): selftests: mptcp: add checks for fallback counters Geliang Tang (2): mptcp: make ADD_ADDR retransmission timeout adaptive selftests: mptcp: remove add_addr_timeout settings Documentation/networking/mptcp-sysctl.rst | 8 +- include/net/rps.h | 85 ++++++++++------ net/mptcp/crypto.c | 35 +------ net/mptcp/pm.c | 28 +++++- net/mptcp/protocol.c | 21 ++++ tools/testing/selftests/net/mptcp/mptcp_join.sh | 126 +++++++++++++++++++++++- 6 files changed, 231 insertions(+), 72 deletions(-) --- base-commit: d23ad54de795ec0054f90ecb03b41e8f2c410f3a change-id: 20250829-net-next-mptcp-misc-feat-6-18-722fa87a60f1 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 week, 4 days

5
18
0 0

[PATCH 0/8] Add selftests for mshare

by Yongting Lin

Mshare is a developing feature proposed by Anthony Yznaga and Khalid Aziz that enables sharing of PTEs across processes. The V3 patch set has been posted for review: https://lore.kernel.org/linux-mm/20250820010415.699353-1-anthony.yznaga@ora… This patch set adds selftests to exercise and demonstrate basic functionality of mshare. The initial tests use open, ioctl, and mmap syscalls to establish a shared memory mapping between two processes and verify the expected behavior. Additional tests are included to check interoperability with swap and Transparent Huge Pages. Future work will extend coverage to other use cases such as integration with KVM and more advanced scenarios. This series is intended to be applied on top of mshare V3, which is based on mm-new (2025-08-15). Yongting Lin (8): mshare: Add selftests mshare: selftests: Adding config fragment mshare: selftests: Add some helper function for mshare filesystem mshare: selftests: Add test case shared memory mshare: selftests: Add test case ioctl unmap mshare: selftests: Add some helper functions for reading and controlling cgroup mshare: selftests: Add test case to demostrate the swaping of mshare memory mshare: selftests: Add test case to demostrate that mshare doesn't support THP tools/testing/selftests/mshare/.gitignore | 3 + tools/testing/selftests/mshare/Makefile | 7 + tools/testing/selftests/mshare/basic.c | 108 ++++++++++ tools/testing/selftests/mshare/config | 1 + tools/testing/selftests/mshare/memory.c | 82 +++++++ tools/testing/selftests/mshare/util.c | 251 ++++++++++++++++++++++ 6 files changed, 452 insertions(+) create mode 100644 tools/testing/selftests/mshare/.gitignore create mode 100644 tools/testing/selftests/mshare/Makefile create mode 100644 tools/testing/selftests/mshare/basic.c create mode 100644 tools/testing/selftests/mshare/config create mode 100644 tools/testing/selftests/mshare/memory.c create mode 100644 tools/testing/selftests/mshare/util.c -- 2.20.1

1 week, 4 days

2
21
0 0

[PATCH v2 0/2] selftests/mm: split_huge_page_test: split_pte_mapped_thp improvements

by David Hildenbrand

One fix for occasional failures I found while testing and a bunch of cleanups that should make that test easier to digest. Tested on x86-64, the test seems to reliably pass. Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: Baolin Wang <baolin.wang(a)linux.alibaba.com> Cc: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Cc: Nico Pache <npache(a)redhat.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Dev Jain <dev.jain(a)arm.com> Cc: Barry Song <baohua(a)kernel.org> Cc: Wei Yang <richard.weiyang(a)gmail.com> David Hildenbrand (2): selftests/mm: split_huge_page_test: fix occasional is_backed_by_folio() wrong results selftests/mm: split_huge_page_test: cleanups for split_pte_mapped_thp test .../selftests/mm/split_huge_page_test.c | 138 ++++++++++-------- 1 file changed, 81 insertions(+), 57 deletions(-) base-commit: b73c6f2b5712809f5f386780ac46d1d78c31b2e6 -- 2.50.1

1 week, 4 days

3
5
0 0

next-20250805: ampere: WARNING: kernel/cgroup/cpuset.c:1352 at remote_partition_disable

by Naresh Kamboju

Regressions noticed intermittently on AmpereOne while running selftest cgroup testing with Linux next-20250805 and earlier seen on next-20250722 tag also. Regression Analysis: - New regression? Yes - Reproducibility? Intermittent First seen on the next-20250722 and after next-20250805. Test regression: next-20250805 ampere WARNING kernel cgroup cpuset.c at remote_partition_disable Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> ## Test log selftests: cgroup: test_cpuset_prs.sh Running state tRunning state transition test ... ransition test ... Running test 0 ... Running test 1 ... Running test 2 ... Running test 3 ... Running test 4 ... Running test 5 ... Running test 6 ... Running test 7 ... Running test 8 ... Running test 9 ... Running test 10 ... Running test 11 ... Running test 12 ... Running test 13 ... Running test 14 ... Running test 15 ... Running test 16 ... Running test 17 ... Running test 18 ... Running test 19 ... [ 137.504549] psci: CPU2 killed (polled 0 ms) [ 137.747094] Detected PIPT I-cache on CPU2 [ 137.747214] GICv3: CPU2: found redistributor 3500 region 0:0x0000400201cc0000 [ 137.747312] CPU2: Booted secondary processor 0x0000003500 [0xc00fac40] <> Running test 63 ... Running test 64 ... Running test 66 ... [ 174.929535] psci: CPU3 killed (polled 0 ms) [ 175.263087] Detected PIPT I-cache on CPU3 [ 175.263203] GICv3: CPU3: found redistributor 3501 region 0:0x0000400201d00000 [ 175.263300] CPU3: Booted secondary processor 0x0000003501 [0xc00fac40] [ 175.434129] workqueue: Interrupted when creating a worker thread "kworker/u1028:0" ** replaying previous printk message ** [ 175.434129] workqueue: Interrupted when creating a worker thread "kworker/u1028:0" [ 175.440230] ------------[ cut here ]------------ [ 175.440234] WARNING: kernel/cgroup/cpuset.c:1352 at remote_partition_disable+0x120/0x160, CPU#170: rmdir/33763 [ 175.467456] Modules linked in: cdc_ether usbnet sm3_ce sha3_ce nvme nvme_core xhci_pci_renesas arm_cspmu_module ipmi_devintf arm_spe_pmu ipmi_msghandler arm_cmn cppc_cpufreq fuse drm backlight [ 175.484676] CPU: 170 UID: 0 PID: 33763 Comm: rmdir Not tainted 6.16.0-next-20250805 #1 PREEMPT [ 175.493365] Hardware name: Inspur NF5280R7/Mitchell MB, BIOS 04.04.00004001 2025-02-04 22:23:30 02/04/2025 [ 175.503178] pstate: 63400009 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) not ok 12 selftests: cgroup: test_cpuset_prs.sh TIMEOUT 45 seconds [ 175.510130] pc : remote_partition_disable (kernel/cgroup/cpuset.c:1352 (discriminator 1) kernel/cgroup/cpuset.c:1342 (discriminator 1) kernel/cgroup/cpuset.c:1514 (discriminator 1)) [ 175.518032] lr : remote_partition_disable (kernel/cgroup/cpuset.c:1352 (discriminator 1) kernel/cgroup/cpuset.c:1514 (discriminator 1)) [ 175.525849] sp : ffff8000c853bb90 [ 175.529585] x29: ffff8000c853bb90 x28: ffff00017badc800 x27: 0000000000000000 timeout set to 45 [ 175.536713] x26: 0000000000000000 x25: ffff00014c422540 x24: ffffb1c71020b000 [ 175.545489] x23: ffff000113769c00 x22: 0000000000000001 x21: ffffb1c71020b5c0 [ 175.552615] x20: ffff8000c853bbd0 x19: ffff000113769a00 x18: 00000000ffffffff selftests: cgroup: test_cpuset_v1_hp.sh [ 175.559910] x17: 31752f72656b726f x16: 776b222064616572 x15: 68742072656b726f [ 175.569900] x14: 0000000000000004 x13: ffffb1c70fb4f160 x12: 0000000000000000 cpuset v1 mount point not found! [ 175.577888] x11: 000002f6b9bf58c3 x10: 0000000000000023 x9 : ffffb1c70d6bdff8 Test SKIPPED ok 13 selftests: cgroup: test_cpuset_v1_hp.sh #SKIP [ 175.587877] x8 : ffff8000c853bad0 x7 : 0000000000000000 x6 : 0000000000000001 [ 175.597864] x5 : ffffb1c70e87a488 x4 : fffffdffc40a88e0 x3 : 000000000080007d [ 175.607849] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 00000000fffffff4 [ 175.615578] Call trace: [ 175.618013] remote_partition_disable (kernel/cgroup/cpuset.c:1352 (discriminator 1) kernel/cgroup/cpuset.c:1342 (discriminator 1) kernel/cgroup/cpuset.c:1514 (discriminator 1)) (P) [ 175.623057] update_prstate (include/linux/spinlock.h:376 kernel/cgroup/cpuset.c:2963) [ 175.626799] cpuset_css_killed (kernel/cgroup/cpuset.c:3598) [ 175.630713] kill_css.part.0 (kernel/cgroup/cgroup.c:5968) [ 175.634464] cgroup_destroy_locked (kernel/cgroup/cgroup.c:6058 (discriminator 4)) [ 175.638810] cgroup_rmdir (kernel/cgroup/cgroup.c:6102) [ 175.642376] kernfs_iop_rmdir (fs/kernfs/dir.c:1286) [ 175.646203] vfs_rmdir (fs/namei.c:4461 fs/namei.c:4438) [ 175.649515] do_rmdir (fs/namei.c:4516 (discriminator 1)) [ 175.652823] __arm64_sys_unlinkat (fs/namei.c:4690 (discriminator 2) fs/namei.c:4684 (discriminator 2) fs/namei.c:4684 (discriminator 2)) [ 175.656998] invoke_syscall (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/syscall.c:54) [ 175.660738] el0_svc_common.constprop.0 (include/linux/thread_info.h:135 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2)) [ 175.665431] do_el0_svc (arch/arm64/kernel/syscall.c:152) [ 175.668735] el0_svc (arch/arm64/include/asm/irqflags.h:82 (discriminator 1) arch/arm64/include/asm/irqflags.h:123 (discriminator 1) arch/arm64/include/asm/irqflags.h:136 (discriminator 1) arch/arm64/kernel/entry-common.c:169 (discriminator 1) arch/arm64/kernel/entry-common.c:182 (discriminator 1) arch/arm64/kernel/entry-common.c:880 (discriminator 1)) [ 175.671877] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:899) [ 175.676052] el0t_64_sync (arch/arm64/kernel/entry.S:596) [ 175.679705] ---[ end trace 0000000000000000 ]--- ## Source * Git tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/next/linux-next.git * Git sha: afec768a6a8fe7fb02a08ffce5f2f556f51d4b52 * Git describe: next-20250805 * Architectures: arm64 * Toolchains: gcc-13 * Kconfigs: defconfig+selftests/*/configs ## Build * Test log 1: https://qa-reports.linaro.org/api/testruns/29220998/log_file/ * Test log 2: https://qa-reports.linaro.org/api/testruns/29395866/log_file/ * LAVA log: https://lkft-staging.validation.linaro.org/scheduler/job/187100#L6621 * Test history: https://regressions.linaro.org/lkft/linux-next-master-ampere/next-20250805/… * Test plan: https://tuxapi.tuxsuite.com/v1/groups/ampere/projects/ci/tests/30rj0dIdTXUi… * Build link: https://storage.tuxsuite.com/public/ampere/ci/builds/30rj0OYSDUMeT0cyTDioTe… * Kernel config: https://storage.tuxsuite.com/public/ampere/ci/builds/30rj0OYSDUMeT0cyTDioTe… -- Linaro LKFT https://lkft.linaro.org

1 week, 4 days

3
4
0 0

[PATCH v3 1/2] libbpf: add support for printing BTF character arrays as strings

by Blake Jones

The BTF dumper code currently displays arrays of characters as just that - arrays, with each character formatted individually. Sometimes this is what makes sense, but it's nice to be able to treat that array as a string. This change adds a special case to the btf_dump functionality to allow 0-terminated arrays of single-byte integer values to be printed as character strings. Characters for which isprint() returns false are printed as hex-escaped values. This is enabled when the new ".emit_strings" is set to 1 in the btf_dump_type_data_opts structure. As an example, here's what it looks like to dump the string "hello" using a few different field values for btf_dump_type_data_opts (.compact = 1): - .emit_strings = 0, .skip_names = 0: (char[6])['h','e','l','l','o',] - .emit_strings = 0, .skip_names = 1: ['h','e','l','l','o',] - .emit_strings = 1, .skip_names = 0: (char[6])"hello" - .emit_strings = 1, .skip_names = 1: "hello" Here's the string "h\xff", dumped with .compact = 1 and .skip_names = 1: - .emit_strings = 0: ['h',-1,] - .emit_strings = 1: "h\xff" Signed-off-by: Blake Jones <blakejones(a)google.com> --- tools/lib/bpf/btf.h | 3 ++- tools/lib/bpf/btf_dump.c | 55 +++++++++++++++++++++++++++++++++++++++- 2 files changed, 56 insertions(+), 2 deletions(-) diff --git a/tools/lib/bpf/btf.h b/tools/lib/bpf/btf.h index 4392451d634b..ccfd905f03df 100644 --- a/tools/lib/bpf/btf.h +++ b/tools/lib/bpf/btf.h @@ -326,9 +326,10 @@ struct btf_dump_type_data_opts { bool compact; /* no newlines/indentation */ bool skip_names; /* skip member/type names */ bool emit_zeroes; /* show 0-valued fields */ + bool emit_strings; /* print char arrays as strings */ size_t :0; }; -#define btf_dump_type_data_opts__last_field emit_zeroes +#define btf_dump_type_data_opts__last_field emit_strings LIBBPF_API int btf_dump__dump_type_data(struct btf_dump *d, __u32 id, diff --git a/tools/lib/bpf/btf_dump.c b/tools/lib/bpf/btf_dump.c index 460c3e57fadb..7c2f1f13f958 100644 --- a/tools/lib/bpf/btf_dump.c +++ b/tools/lib/bpf/btf_dump.c @@ -68,6 +68,7 @@ struct btf_dump_data { bool compact; bool skip_names; bool emit_zeroes; + bool emit_strings; __u8 indent_lvl; /* base indent level */ char indent_str[BTF_DATA_INDENT_STR_LEN]; /* below are used during iteration */ @@ -2028,6 +2029,52 @@ static int btf_dump_var_data(struct btf_dump *d, return btf_dump_dump_type_data(d, NULL, t, type_id, data, 0, 0); } +static int btf_dump_string_data(struct btf_dump *d, + const struct btf_type *t, + __u32 id, + const void *data) +{ + const struct btf_array *array = btf_array(t); + const char *chars = data; + __u32 i; + + /* Make sure it is a NUL-terminated string. */ + for (i = 0; i < array->nelems; i++) { + if ((void *)(chars + i) >= d->typed_dump->data_end) + return -E2BIG; + if (chars[i] == '\0') + break; + } + if (i == array->nelems) { + /* The caller will print this as a regular array. */ + return -EINVAL; + } + + btf_dump_data_pfx(d); + btf_dump_printf(d, "\""); + + for (i = 0; i < array->nelems; i++) { + char c = chars[i]; + + if (c == '\0') { + /* + * When printing character arrays as strings, NUL bytes + * are always treated as string terminators; they are + * never printed. + */ + break; + } + if (isprint(c)) + btf_dump_printf(d, "%c", c); + else + btf_dump_printf(d, "\\x%02x", (__u8)c); + } + + btf_dump_printf(d, "\""); + + return 0; +} + static int btf_dump_array_data(struct btf_dump *d, const struct btf_type *t, __u32 id, @@ -2055,8 +2102,13 @@ static int btf_dump_array_data(struct btf_dump *d, * char arrays, so if size is 1 and element is * printable as a char, we'll do that. */ - if (elem_size == 1) + if (elem_size == 1) { + if (d->typed_dump->emit_strings && + btf_dump_string_data(d, t, id, data) == 0) { + return 0; + } d->typed_dump->is_array_char = true; + } } /* note that we increment depth before calling btf_dump_print() below; @@ -2544,6 +2596,7 @@ int btf_dump__dump_type_data(struct btf_dump *d, __u32 id, d->typed_dump->compact = OPTS_GET(opts, compact, false); d->typed_dump->skip_names = OPTS_GET(opts, skip_names, false); d->typed_dump->emit_zeroes = OPTS_GET(opts, emit_zeroes, false); + d->typed_dump->emit_strings = OPTS_GET(opts, emit_strings, false); ret = btf_dump_dump_type_data(d, NULL, t, id, data, 0, 0); -- 2.49.0.1204.g71687c7c1d-goog

1 week, 4 days

7
12
0 0

[PATCH v2 7/7] selftests: kselftest: Add ulong typedef for non-glibc compatibility

by Aqib Faruqui

Some C libraries may not define the ulong typedef that is commonly available as a BSD/GNU extension. Add a fallback typedef to ensure ulong is available across all selftest environments. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- tools/testing/selftests/kselftest.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/testing/selftests/kselftest.h b/tools/testing/selftests/kselftest.h index f362c6766..a1088a2af 100644 --- a/tools/testing/selftests/kselftest.h +++ b/tools/testing/selftests/kselftest.h @@ -58,6 +58,11 @@ #include <stdio.h> #include <sys/utsname.h> #include <sys/syscall.h> +#include <sys/types.h> +#endif + +#ifndef ulong +typedef unsigned long ulong; #endif #ifndef ARRAY_SIZE -- 2.47.3

1 week, 4 days

1
0
0 0

[PATCH v2 6/7] selftests: Fix stdbuf compatibility in mixed libc environments

by Aqib Faruqui

The original stdbuf use only checked if /usr/bin/stdbuf exists in the host's system but failed to verify compatibility between stdbuf and the target test binary. The issue occurs when: - Host system has glibc-based stdbuf from coreutils - Selftest binaries are compiled with a non-glibc toolchain (cross compilation) The fix adds a runtime compatibility test against the target test binary before enabling stdbuf, enabling cross-compiled selftests to run successfully. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- tools/testing/selftests/kselftest/runner.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kselftest/runner.sh b/tools/testing/selftests/kselftest/runner.sh index 2c3c58e65..8d4e33bd5 100644 --- a/tools/testing/selftests/kselftest/runner.sh +++ b/tools/testing/selftests/kselftest/runner.sh @@ -107,7 +107,7 @@ run_one() echo "# Warning: file $TEST is missing!" echo "not ok $test_num $TEST_HDR_MSG" else - if [ -x /usr/bin/stdbuf ]; then + if [ -x /usr/bin/stdbuf ] && [ -x "$TEST" ] && /usr/bin/stdbuf --output=L ldd "$TEST" >/dev/null 2>&1; then stdbuf="/usr/bin/stdbuf --output=L " fi eval kselftest_cmd_args="\$${kselftest_cmd_args_ref:-}" -- 2.47.3

1 week, 4 days

1
0
0 0

[PATCH v2 5/7] rseq: selftests: Add non-glibc compatibility fixes

by Aqib Faruqui

The rseq selftests rely on features provided by glibc that may not be available in non-glibc C libraries: 1. The __GNU_PREREQ macro and glibc's thread pointer implementation are not available in non-glibc libraries 2. The __NR_rseq syscall number may not be defined in non-glibc headers Add a fallback thread pointer implementation for non-glibc systems using the pre-existing inline assembly to access thread-local storage directly via %fs/%gs registers. Also provide a fallback definition for __NR_rseq when not already defined by the C library headers: 527 for alpha and 293 for other architectures. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- .../selftests/rseq/rseq-x86-thread-pointer.h | 14 ++++++++++++++ tools/testing/selftests/rseq/rseq.c | 8 ++++++++ 2 files changed, 22 insertions(+) diff --git a/tools/testing/selftests/rseq/rseq-x86-thread-pointer.h b/tools/testing/selftests/rseq/rseq-x86-thread-pointer.h index d3133587d..a7c402926 100644 --- a/tools/testing/selftests/rseq/rseq-x86-thread-pointer.h +++ b/tools/testing/selftests/rseq/rseq-x86-thread-pointer.h @@ -14,6 +14,7 @@ extern "C" { #endif +#ifdef __GLIBC__ #if __GNUC_PREREQ (11, 1) static inline void *rseq_thread_pointer(void) { @@ -32,6 +33,19 @@ static inline void *rseq_thread_pointer(void) return __result; } #endif /* !GCC 11 */ +#else +static inline void *rseq_thread_pointer(void) +{ + void *__result; + +# ifdef __x86_64__ + __asm__ ("mov %%fs:0, %0" : "=r" (__result)); +# else + __asm__ ("mov %%gs:0, %0" : "=r" (__result)); +# endif + return __result; +} +#endif /* !__GLIBC__ */ #ifdef __cplusplus } diff --git a/tools/testing/selftests/rseq/rseq.c b/tools/testing/selftests/rseq/rseq.c index 663a9cef1..1a6f73c98 100644 --- a/tools/testing/selftests/rseq/rseq.c +++ b/tools/testing/selftests/rseq/rseq.c @@ -36,6 +36,14 @@ #include "../kselftest.h" #include "rseq.h" +#ifndef __NR_rseq +#ifdef __alpha__ +#define __NR_rseq 527 +#else +#define __NR_rseq 293 +#endif +#endif + /* * Define weak versions to play nice with binaries that are statically linked * against a libc that doesn't support registering its own rseq. -- 2.47.3

1 week, 4 days

1
0
0 0

[PATCH v2 4/7] KVM: selftests: Add backtrace fallback

by Aqib Faruqui

The backtrace() function is a GNU extension available in glibc but may not be present in non-glibc libraries. KVM selftests use backtrace() for error reporting and debugging. Add conditional inclusion of execinfo.h only for glibc builds and provide a weak stub implementation of backtrace() that returns 0 (stack trace empty) for non-glibc systems. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- tools/testing/selftests/kvm/lib/assert.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/assert.c b/tools/testing/selftests/kvm/lib/assert.c index b49690658..c9778dc6c 100644 --- a/tools/testing/selftests/kvm/lib/assert.c +++ b/tools/testing/selftests/kvm/lib/assert.c @@ -6,11 +6,19 @@ */ #include "test_util.h" -#include <execinfo.h> #include <sys/syscall.h> +#ifdef __GLIBC__ +#include <execinfo.h> /* backtrace */ +#endif + #include "kselftest.h" +int __attribute__((weak)) backtrace(void **buffer, int size) +{ + return 0; +} + /* Dumps the current stack trace to stderr. */ static void __attribute__((noinline)) test_dump_stack(void); static void test_dump_stack(void) -- 2.47.3

1 week, 4 days

1
0
0 0

[PATCH v2 3/7] selftests: kselftest: Add memfd_create syscall compatibility

by Aqib Faruqui

The memfd_create function and related MFD_* flags may not be available in non-glibc C libraries. Some selftests use memfd_create for memory backing operations. Add fallback definitions for MFD_CLOEXEC and MFD_HUGETLB flags, and provide a memfd_create wrapper. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- tools/testing/selftests/kselftest.h | 19 +++++++++++++++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 1 + 2 files changed, 20 insertions(+) diff --git a/tools/testing/selftests/kselftest.h b/tools/testing/selftests/kselftest.h index c3b6d2604..f362c6766 100644 --- a/tools/testing/selftests/kselftest.h +++ b/tools/testing/selftests/kselftest.h @@ -57,6 +57,7 @@ #include <string.h> #include <stdio.h> #include <sys/utsname.h> +#include <sys/syscall.h> #endif #ifndef ARRAY_SIZE @@ -80,6 +81,24 @@ #endif #endif /* end arch */ +#ifndef MFD_CLOEXEC +#define MFD_CLOEXEC 0x0001U +#endif + +#ifndef MFD_HUGETLB +#define MFD_HUGETLB 0x0004U +#endif + +static inline int memfd_create(const char *name, unsigned int flags) +{ +#ifdef __NR_memfd_create + return syscall(__NR_memfd_create, name, flags); +#else + errno = ENOSYS; + return -1; +#endif +} + /* define kselftest exit codes */ #define KSFT_PASS 0 #define KSFT_FAIL 1 diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index c3f5142b0..a78b64117 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -15,6 +15,7 @@ #include <sys/resource.h> #include <sys/types.h> #include <sys/stat.h> +#include <sys/syscall.h> #include <unistd.h> #include <linux/kernel.h> -- 2.47.3

1 week, 4 days

1
0
0 0

[PATCH v2 2/7] selftests: harness: Include pidfd.h to get syscall definitions from tools/

by Aqib Faruqui

The kselftest harness uses pidfd_open() for test timeout handling but may not have access to the syscall definitions in non-glibc environments. Include pidfd.h to ensure the syscall numbers are available. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- tools/testing/selftests/kselftest_harness.h | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/kselftest_harness.h b/tools/testing/selftests/kselftest_harness.h index 2925e47db..1dd3e5a1b 100644 --- a/tools/testing/selftests/kselftest_harness.h +++ b/tools/testing/selftests/kselftest_harness.h @@ -69,6 +69,7 @@ #include <unistd.h> #include "kselftest.h" +#include "pidfd/pidfd.h" #define TEST_TIMEOUT_DEFAULT 30 -- 2.47.3

1 week, 4 days

1
0
0 0

[PATCH v2 1/7] selftests/pidfd: Add architecture-specific fallback definitions for pidfd_open

by Aqib Faruqui

The pidfd_open syscall number varies by architecture. Add fallback definitions for Alpha (544) and other architectures (434) to ensure compatibility with non-glibc C libraries that may not define these syscall numbers. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- tools/testing/selftests/pidfd/pidfd.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/pidfd/pidfd.h b/tools/testing/selftests/pidfd/pidfd.h index f87993def..c373ff18e 100644 --- a/tools/testing/selftests/pidfd/pidfd.h +++ b/tools/testing/selftests/pidfd/pidfd.h @@ -45,8 +45,12 @@ #endif #ifndef __NR_pidfd_open +#ifdef __alpha__ +#define __NR_pidfd_open 544 +#else #define __NR_pidfd_open 434 #endif +#endif #ifndef __NR_pidfd_send_signal #define __NR_pidfd_send_signal 424 -- 2.47.3

1 week, 4 days

1
0
0 0

[Patch v2] selftests/mm: check content to see whether mremap corrupt data

by Wei Yang

After mremap(), add a check on content to see whether mremap corrupt data. Signed-off-by: Wei Yang <richard.weiyang(a)gmail.com> --- v2: add check on content instead of just test backed folio --- tools/testing/selftests/mm/split_huge_page_test.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/mm/split_huge_page_test.c b/tools/testing/selftests/mm/split_huge_page_test.c index 10ae65ea032f..229b6dcabece 100644 --- a/tools/testing/selftests/mm/split_huge_page_test.c +++ b/tools/testing/selftests/mm/split_huge_page_test.c @@ -423,10 +423,14 @@ static void split_pte_mapped_thp(void) /* smap does not show THPs after mremap, use kpageflags instead */ thp_size = 0; - for (i = 0; i < pagesize * 4; i++) + for (i = 0; i < pagesize * 4; i++) { + if (pte_mapped[i] != (char)i) + ksft_exit_fail_msg("%ld byte corrupted\n", i); + if (i % pagesize == 0 && is_backed_by_folio(&pte_mapped[i], pmd_order, pagemap_fd, kpageflags_fd)) thp_size++; + } if (thp_size != 4) ksft_exit_fail_msg("Some THPs are missing during mremap\n"); -- 2.34.1

1 week, 4 days

4
22
0 0

[PATCH net-next v5] selftests: net: add test for ipv6 fragmentation

by Brett A C Sheffield

Add selftest for the IPv6 fragmentation regression which affected several stable kernels. Commit a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable without some prerequisite commits. This caused a regression when sending IPv6 UDP packets by preventing fragmentation and instead returning -1 (EMSGSIZE). Add selftest to check for this issue by attempting to send a packet larger than the interface MTU. The packet will be fragmented on a working kernel, with sendmsg(2) correctly returning the expected number of bytes sent. When the regression is present, sendmsg returns -1 and sets errno to EMSGSIZE. Link: https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com Signed-off-by: Brett A C Sheffield <bacs(a)librecast.net> Reviewed-by: Willem de Bruijn <willemb(a)google.com> --- Thanks for the reviews Willem and Jakub. On 2025-09-01 09:45, Willem de Bruijn wrote: > > +int main(void) > > +{ > > + struct in6_addr addr = { > > + .s6_addr[15] = 0x01, /* ::1 */ > > + }; > > + struct sockaddr_in6 sa = { > > + .sin6_family = AF_INET6, > > + .sin6_addr = addr, > > + .sin6_port = 9 /* port 9/udp (DISCARD) */ > > htons addr is already initialized in network byte order (BE) here. Verified with: char ip6[INET6_ADDRSTRLEN]; inet_ntop(AF_INET6, &(sa.sin6_addr), ip6, INET6_ADDRSTRLEN); printf("The address is %s\n", ip6); which prints "The address is ::1" All other suggestions adopted in v5. v5 changes: - disable_dad: delete - not needed for lo - main: simplify failure paths - main: char -> static char buf - setup: remove pointless return value - setup: remove unused variable fd - setup: merge with interface_up() to simplify - setup: check all system call return values - remove no longer used headers v4 changes: - fix "else should follow close brace" (checkpatch ERROR) v3 changes: - add usleep instead of busy polling on sendmsg - simplify error handling by using error() and leaving cleanup to O/S - use loopback interface - don't bother creating TAP - send to localhost (::1) v2 changes: - remove superfluous namespace calls - unshare(2) suffices - remove usleep(). Don't wait for the interface to be ready, just send, and handle the (less likely) error case by retrying. - set destination address only once - document our use of the IPv6 link-local source address - send to port 9 (DISCARD) instead of 4242 (DONT PANIC) - ensure sockets are closed on failure paths - use KSFT exit codes for clarity v4: https://lore.kernel.org/netdev/20250901123757.13112-1-bacs@librecast.net v3: https://lore.kernel.org/netdev/20250901112248.5218-1-bacs@librecast.net v2: https://lore.kernel.org/netdev/20250831102908.14655-1-bacs@librecast.net v1: https://lore.kernel.org/netdev/20250825092548.4436-3-bacs@librecast.net tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 1 + .../selftests/net/ipv6_fragmentation.c | 115 ++++++++++++++++++ 3 files changed, 117 insertions(+) create mode 100644 tools/testing/selftests/net/ipv6_fragmentation.c diff --git a/tools/testing/selftests/net/.gitignore b/tools/testing/selftests/net/.gitignore index 47c293c2962f..3d4b4a53dfda 100644 --- a/tools/testing/selftests/net/.gitignore +++ b/tools/testing/selftests/net/.gitignore @@ -16,6 +16,7 @@ ip_local_port_range ipsec ipv6_flowlabel ipv6_flowlabel_mgr +ipv6_fragmentation log.txt msg_oob msg_zerocopy diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index eef0b8f8a7b0..276e0481d996 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -117,6 +117,7 @@ TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh +TEST_GEN_PROGS += ipv6_fragmentation TEST_PROGS += route_hint.sh # YNL files, must be before "include ..lib.mk" diff --git a/tools/testing/selftests/net/ipv6_fragmentation.c b/tools/testing/selftests/net/ipv6_fragmentation.c new file mode 100644 index 000000000000..b76ce7b713fc --- /dev/null +++ b/tools/testing/selftests/net/ipv6_fragmentation.c @@ -0,0 +1,115 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Author: Brett A C Sheffield <bacs(a)librecast.net> + * + * Kernel selftest for the IPv6 fragmentation regression which affected stable + * kernels: + * + * https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com + * + * Commit: a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable + * without some prerequisite commits. + * + * This caused a regression when sending IPv6 UDP packets by preventing + * fragmentation and instead returning -1 (EMSGSIZE). + * + * This selftest demonstrates the issue by sending an IPv6 UDP packet to + * localhost (::1) on the loopback interface from the autoconfigured link-local + * address. + * + * sendmsg(2) returns bytes sent correctly on a working kernel, and returns -1 + * (EMSGSIZE) when the regression is present. + * + * The regression was not present in the mainline kernel, but add this test to + * catch similar breakage in future. + */ + +#define _GNU_SOURCE + +#include <error.h> +#include <net/if.h> +#include <netinet/in.h> +#include <sched.h> +#include <stdio.h> +#include <sys/ioctl.h> +#include <sys/socket.h> +#include <unistd.h> +#include "../kselftest.h" + +#define MTU 1500 +#define LARGER_THAN_MTU 8192 + +static void setup(void) +{ + struct ifreq ifr = { + .ifr_name = "lo" + }; + int ctl; + + /* we need to set MTU, so do this in a namespace to play nicely */ + if (unshare(CLONE_NEWNET) == -1) + error(KSFT_FAIL, errno, "unshare"); + + ctl = socket(AF_LOCAL, SOCK_STREAM, 0); + if (ctl == -1) + error(KSFT_FAIL, errno, "socket"); + + /* ensure MTU is smaller than what we plan to send */ + ifr.ifr_mtu = MTU; + if (ioctl(ctl, SIOCSIFMTU, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl: set MTU"); + + /* bring up interface */ + if (ioctl(ctl, SIOCGIFFLAGS, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl SIOCGIFFLAGS"); + ifr.ifr_flags = ifr.ifr_flags | IFF_UP; + if (ioctl(ctl, SIOCSIFFLAGS, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl: bring interface up"); + + if (close(ctl) == -1) + error(KSFT_FAIL, errno, "close"); +} + +int main(void) +{ + struct in6_addr addr = { + .s6_addr[15] = 0x01, /* ::1 */ + }; + struct sockaddr_in6 sa = { + .sin6_family = AF_INET6, + .sin6_addr = addr, + .sin6_port = 9 /* port 9/udp (DISCARD) */ + }; + static char buf[LARGER_THAN_MTU] = {0}; + struct iovec iov = { .iov_base = buf, .iov_len = sizeof(buf) }; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + .msg_name = (struct sockaddr *)&sa, + .msg_namelen = sizeof(sa), + }; + ssize_t rc; + int err = KSFT_FAIL; + int s; + + printf("Testing IPv6 fragmentation\n"); + setup(); + s = socket(AF_INET6, SOCK_DGRAM, 0); +send_again: + rc = sendmsg(s, &msg, 0); + if (rc == -1) { + /* if interface wasn't ready, try again */ + if (errno == EADDRNOTAVAIL) { + usleep(1000); + goto send_again; + } + error(KSFT_FAIL, errno, "sendmsg"); + } else if (rc != LARGER_THAN_MTU) { + error(KSFT_FAIL, errno, "sendmsg returned %zi, expected %i", + rc, LARGER_THAN_MTU); + } + printf("[PASS] sendmsg() returned %zi\n", rc); + err = KSFT_PASS; + close(s); + return err; +} base-commit: cd8a4cfa6bb43a441901e82f5c222dddc75a18a3 -- 2.49.1

1 week, 4 days

2
1
0 0

[PATCH bpf-next v2 00/14] selftests/bpf: Integrate test_xsk.c to test_progs framework

by Bastien Curutchet (eBPF Foundation)

Hi all, This is a second version of a series I sent some time ago, it continues the work of migrating the script tests into prog_tests. The test_xsk.sh script covers many AF_XDP use cases. The tests it runs are defined in xksxceiver.c. Since this script is used to test real hardware, the goal here is to leave it as it is, and only integrate the tests that run on veth peers into the test_progs framework. Some tests are flaky so they can't be integrated in the CI as they are. I think that fixing their flakyness would require a significant amount of work. So, as first step, I've excluded them from the list of tests migrated to the CI (see PATCH 13). If these tests get fixed at some point, integrating them into the CI will be straightforward. PATCH 1 extracts test_xsk[.c/.h] from xskxceiver[.c/.h] to make the tests available to test_progs. PATCH 2 to 5 fix small issues in the current test PATCH 7 to 12 handle all errors to release resources instead of calling exit() when any error occurs. PATCH 13 isolates some flaky tests PATCH 14 integrate the non-flaky tests to the test_progs framework Maciej, I've fixed the bug you found in the initial series. I've looked for any hardware able to run test_xsk.sh in my office, but I couldn't find one ... So here again, only the veth part has been tested, sorry about that. Signed-off-by: Bastien Curutchet (eBPF Foundation) <bastien.curutchet(a)bootlin.com> --- Changes in v2: - Rebase on the latest bpf-next_base and integrate the newly added tests to the work (adjust_tail* and tx_queue_consumer tests) - Re-order patches to split xkxceiver sooner. - Fix the bug reported by Maciej. - Fix verbose mode in test_xsk.sh by keeping kselftest (remove PATCH 1, 7 and 8) - Link to v1: https://lore.kernel.org/r/20250313-xsk-v1-0-7374729a93b9@bootlin.com --- Bastien Curutchet (eBPF Foundation) (14): selftests/bpf: test_xsk: Split xskxceiver selftests/bpf: test_xsk: Initialize bitmap before use selftests/bpf: test_xsk: Fix memory leaks selftests/bpf: test_xsk: Wrap test clean-up in functions selftests/bpf: test_xsk: Release resources when swap fails selftests/bpf: test_xsk: Add return value to init_iface() selftests/bpf: test_xsk: Don't exit immediately when xsk_attach fails selftests/bpf: test_xsk: Don't exit immediately when gettimeofday fails selftests/bpf: test_xsk: Don't exit immediately when workers fail selftests/bpf: test_xsk: Don't exit immediately if validate_traffic fails selftests/bpf: test_xsk: Don't exit immediately on allocation failures selftests/bpf: test_xsk: Move exit_with_error to xskxceiver.c selftests/bpf: test_xsk: Isolate flaky tests selftests/bpf: test_xsk: Integrate test_xsk.c to test_progs framework tools/testing/selftests/bpf/Makefile | 11 +- tools/testing/selftests/bpf/prog_tests/test_xsk.c | 2616 ++++++++++++++++++++ tools/testing/selftests/bpf/prog_tests/test_xsk.h | 294 +++ tools/testing/selftests/bpf/prog_tests/xsk.c | 146 ++ tools/testing/selftests/bpf/xskxceiver.c | 2698 +-------------------- tools/testing/selftests/bpf/xskxceiver.h | 156 -- 6 files changed, 3183 insertions(+), 2738 deletions(-) --- base-commit: 1e6c91221f429972767f073295e2dd0d372520e7 change-id: 20250218-xsk-0cf90e975d14 Best regards, -- Bastien Curutchet (eBPF Foundation) <bastien.curutchet(a)bootlin.com>

1 week, 4 days

1
14
0 0

[PATCH v15 net-next 00/14] AccECN protocol patch series

by chia-yu.chang＠nokia-bell-labs.com

From: Chia-Yu Chang <chia-yu.chang(a)nokia-bell-labs.com> Hello, Please find the v15 AccECN protocol patch series, which covers the core functionality of Accurate ECN, AccECN negotiation, AccECN TCP options, and AccECN failure handling. The Accurate ECN draft can be found in https://datatracker.ietf.org/doc/html/draft-ietf-tcpm-accurate-ecn-28, and it will become RFC9768. This patch series is part of the full AccECN patch series, which is available at https://github.com/L4STeam/linux-net-next/commits/upstream_l4steam/ Best Regards, Chia-Yu --- v15 (14-Aug-205) - Update pahole results in commit messages - Accurate ECN will become RFC9768 v14 (22-Jul-2025) - Add missing const for struct tcp_sock of tcp_accecn_option_beacon_check() of #11 (Simon Horman <horms(a)kernel.org>) v13 (18-Jul-2025) - Implement tcp_accecn_extract_syn_ect() and tcp_accecn_reflector_flags() with static array lookup of patch #6 (Paolo Abeni <pabeni(a)redhat.com>) - Fix typos in comments of #6 and remove patch #7 of v12 about simulatenous connect (Paolo Abeni <pabeni(a)redhat.com>) - Move TCP_ACCECN_E1B_INIT_OFFSET, TCP_ACCECN_E0B_INIT_OFFSET, and TCP_ACCECN_CEB_INIT_OFFSET from patch #7 to #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use static array lookup in tcp_accecn_optfield_to_ecnfield() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return false when WARN_ON_ONCE() is true in tcp_accecn_process_option() of patch #11 (Paolo Abeni <pabeni(a)redhat.com>) - Make synack_ecn_bytes as static const array and use const u32 pointer in tcp_options_write() of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Use ALIGN() and ALIGN_DOWN() in tcp_options_fit_accecn() to pad TCP AccECN option to dword of #11 (Paolo Abeni <pabeni(a)redhat.com>) - Return TCP_ACCECN_OPT_FAIL_SEEN if WARN_ON_ONCE() is true in tcp_accecn_option_init() of #12 (Paolo Abeni <pabeni(a)redhat.com>) v12 (04-Jul-2025) - Fix compilation issues with some intermediate patches in v11 - Add more comments for AccECN helpers of tcp_ecn.h v11 (03-Jul-2025) - Fix compilation issues with some intermediate patches in v10 v10 (02-Jul-2025) - Add new patch of separated header file include/net/tcp_ecn.h to include ECN and AccECN functions (Eric Dumazet <edumazet(a)google.com>) - Add comments on the AccECN helper functions in tcp_ecn.h (Eric Dumazet <edumazet(a)google.com>) - Add documentation of tcp_ecn, tcp_ecn_option, tcp_ecn_beacon in ip-sysctl.rst to the corresponding patch (Eric Dumazet <edumazet(a)google.com>) - Split wait third ACK functionality into a separated patch from AccECN negotiation patch (Eric Dumazet <edumazet(a)google.com>) - Add READ_ONCE() over every reads of sysctl for all patches in the series (Eric Dumazet <edumazet(a)google.com>) - Merge heuristics of AccECN option ceb/cep and ACE field multi-wrap into a single patch - Add a table of SACK block reduction and required AccECN field in patch #15 commit message (Eric Dumazet <edumazet(a)google.com>) v9 (21-Jun-2025) - Use tcp_data_ecn_check() to set TCP_ECN_SEE flag only for RFC3168 ECN (Paolo Abeni <pabeni(a)redhat.com>) - Add comments about setting TCP_ECN_SEEN flag for RFC3168 and Accruate ECN (Paolo Abeni <pabeni(a)redhat.com>) - Restruct the code in the for loop of tcp_accecn_process_option() (Paolo Abeni <pabeni(a)redhat.com>) - Remove ecn_bytes and add use_synack_ecn_bytes flag to identify whether syn_ack_bytes or received_ecn_bytes is used (Paolo Abeni <pabeni(a)redhat.com>) - Replace leftover_bytes and leftover_size with leftover_highbyte and leftover_lowbyte and add comments in tcp_options_write() (Paolo Abeni <pabeni(a)redhat.com>) - Add comments and commit message about the 1st retx SYN still attempt AccECN negotiation (Paolo Abeni <pabeni(a)redhat.com>) v8 (10-Jun-2025) - Add new helper function tcp_ecn_received_counters_payload() in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Set opts->num_sack_blocks=0 to avoid potential undefined value in #8 (Paolo Abeni <pabeni(a)redhat.com>) - Reset leftover_size to 2 once leftover_bytes is used in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_opt_demand_min() in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Add new helper function tcp_accecn_saw_opt_fail_recv() in #11 (Paolo Abeni <pabeni(a)redhat.com>) - Update tcp_options_fit_accecn() to avoid using recursion in #14 (Paolo Abeni <pabeni(a)redhat.com>) v7 (14-May-2025) - Modify group sizes of tcp_sock_write_txrx and tcp_sock_write_rx in #3 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Fix the issue in #4 and #5 where the RFC3168 ECN behavior in tcp_ecn_send() is changed (Paolo Abeni <pabeni(a)redhat.com>) - Modify group size of tcp_sock_write_txrx in #4 and #6 based on pahole results (Paolo Abeni <pabeni(a)redhat.com>) - Update commit message for #9 to explain the increase in tcp_sock_write_rx group size - Modify group size of tcp_sock_write_tx in #10 based on pahole results v6 (09-May-2025) - Add #3 to utilize exisintg holes of tcp_sock_write_txrx group for later patches (#4, #9, #10) with new u8 members (Paolo Abeni <pabeni(a)redhat.com>) - Add pahole outcomes before and after commit in #4, #5, #6, #9, #10, #15 (Paolo Abeni <pabeni(a)redhat.com>) - Define new helper function tcp_send_ack_reflect_ect() for sending ACK with reflected ECT in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add comments for function tcp_ecn_rcv_synack() in #5 (Paolo Abeni <pabeni(a)redhat.com>) - Add enum/define to be used by sysctl_tcp_ecn in #5, sysctl_tcp_ecn_option in #9, and sysctl_tcp_ecn_option_beacon in #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move accecn_fail_mode and saw_accecn_opt in #5 and #11 to use exisintg holes of tcp_sock (Paolo Abeni <pabeni(a)redhat.com>) - Change data type of new members of tcp_request_sock and move them to the end of struct in #5 and #11 (Paolo Abeni <pabeni(a)redhat.com>) - Move new members of tcp_info to the end of struct in #6 (Paolo Abeni <pabeni(a)redhat.com>) - Merge previous #7 into #9 (Paolo Abeni <pabeni(a)redhat.com>) - Mask ecnfield with INET_ECN_MASK to remove WARN_ONCE in #9 (Paolo Abeni <pabeni(a)redhat.com>) - Reduce the indentation levels for reabability in #9 and #10 (Paolo Abeni <pabeni(a)redhat.com>) - Move delivered_ecn_bytes to the RX group in #9, accecn_opt_tstamp to the TX group in #10, pkts_acked_ewma to the RX group in #15 (Paolo Abeni <pabeni(a)redhat.com>) - Add changes in Documentation/networking/net_cachelines/tcp_sock.rst for new tcp_sock members in #3, #5, #6, #9, #10, #15 v5 (22-Apr-2025) - Further fix for 32-bit ARM alignment in tcp.c (Simon Horman <horms(a)kernel.org>) v4 (18-Apr-2025) - Fix 32-bit ARM assertion for alignment requirement (Simon Horman <horms(a)kernel.org>) v3 (14-Apr-2025) - Fix patch apply issue in v2 (Jakub Kicinski <kuba(a)kernel.org>) v2 (18-Mar-2025) - Add one missing patch from the previous AccECN protocol preparation patch series to this patch series. --- Chia-Yu Chang (5): tcp: reorganize tcp_sock_write_txrx group for variables later tcp: ecn functions in separated include file tcp: accecn: AccECN option send control tcp: accecn: AccECN option failure handling tcp: accecn: try to fit AccECN option with SACK Ilpo Järvinen (9): tcp: reorganize SYN ECN code tcp: fast path functions later tcp: AccECN core tcp: accecn: AccECN negotiation tcp: accecn: add AccECN rx byte counters tcp: accecn: AccECN needs to know delivered bytes tcp: sack option handling improvements tcp: accecn: AccECN option tcp: accecn: AccECN option ceb/cep and ACE field multi-wrap heuristics Documentation/networking/ip-sysctl.rst | 55 +- .../networking/net_cachelines/tcp_sock.rst | 12 + include/linux/tcp.h | 32 +- include/net/netns/ipv4.h | 2 + include/net/tcp.h | 87 ++- include/net/tcp_ecn.h | 649 ++++++++++++++++++ include/uapi/linux/tcp.h | 7 + net/ipv4/syncookies.c | 4 + net/ipv4/sysctl_net_ipv4.c | 19 + net/ipv4/tcp.c | 28 +- net/ipv4/tcp_input.c | 353 ++++++++-- net/ipv4/tcp_ipv4.c | 8 +- net/ipv4/tcp_minisocks.c | 40 +- net/ipv4/tcp_output.c | 294 ++++++-- net/ipv6/syncookies.c | 2 + net/ipv6/tcp_ipv6.c | 1 + 16 files changed, 1409 insertions(+), 184 deletions(-) create mode 100644 include/net/tcp_ecn.h -- 2.34.1

1 week, 4 days

4
29
0 0

[PATCH v8 00/29] KVM: arm64: Implement support for SME

by Mark Brown

I've removed the RFC tag from this version of the series, but the items that I'm looking for feedback on remains the same: - The userspace ABI, in particular: - The vector length used for the SVE registers, access to the SVE registers and access to ZA and (if available) ZT0 depending on the current state of PSTATE.{SM,ZA}. - The use of a single finalisation for both SVE and SME. - The addition of control for enabling fine grained traps in a similar manner to FGU but without the UNDEF, I'm not clear if this is desired at all and at present this requires symmetric read and write traps like FGU. That seemed like it might be desired from an implementation point of view but we already have one case where we enable an asymmetric trap (for ARM64_WORKAROUND_AMPERE_AC03_CPU_38) and it seems generally useful to enable asymmetrically. This series implements support for SME use in non-protected KVM guests. Much of this is very similar to SVE, the main additional challenge that SME presents is that it introduces a new vector length similar to the SVE vector length and two new controls which change the registers seen by guests: - PSTATE.ZA enables the ZA matrix register and, if SME2 is supported, the ZT0 LUT register. - PSTATE.SM enables streaming mode, a new floating point mode which uses the SVE register set with the separately configured SME vector length. In streaming mode implementation of the FFR register is optional. It is also permitted to build systems which support SME without SVE, in this case when not in streaming mode no SVE registers or instructions are available. Further, there is no requirement that there be any overlap in the set of vector lengths supported by SVE and SME in a system, this is expected to be a common situation in practical systems. Since there is a new vector length to configure we introduce a new feature parallel to the existing SVE one with a new pseudo register for the streaming mode vector length. Due to the overlap with SVE caused by streaming mode rather than finalising SME as a separate feature we use the existing SVE finalisation to also finalise SME, a new define KVM_ARM_VCPU_VEC is provided to help make user code clearer. Finalising SVE and SME separately would introduce complication with register access since finalising SVE makes the SVE registers writeable by userspace and doing multiple finalisations results in an error being reported. Dealing with a state where the SVE registers are writeable due to one of SVE or SME being finalised but may have their VL changed by the other being finalised seems like needless complexity with minimal practical utility, it seems clearer to just express directly that only one finalisation can be done in the ABI. Access to the floating point registers follows the architecture: - When both SVE and SME are present: - If PSTATE.SM == 0 the vector length used for the Z and P registers is the SVE vector length. - If PSTATE.SM == 1 the vector length used for the Z and P registers is the SME vector length. - If only SME is present: - If PSTATE.SM == 0 the Z and P registers are inaccessible and the floating point state accessed via the encodings for the V registers. - If PSTATE.SM == 1 the vector length used for the Z and P registers - The SME specific ZA and ZT0 registers are only accessible if SVCR.ZA is 1. The VMM must understand this, in particular when loading state SVCR should be configured before other state. It should be noted that while the architecture refers to PSTATE.SM and PSTATE.ZA these PSTATE bits are not preserved in SPSR_ELx, they are only accessible via SVCR. There are a large number of subfeatures for SME, most of which only offer additional instructions but some of which (SME2 and FA64) add architectural state. These are configured via the ID registers as per usual. Protected KVM supported, with the implementation maintaining the existing restriction that the hypervisor will refuse to run if streaming mode or ZA is enabled. This both simplfies the code and avoids the need to allocate storage for host ZA and ZT0 state, there seems to be little practical use case for supporting this and the memory usage would be non-trivial. The new KVM_ARM_VCPU_VEC feature and ZA and ZT0 registers have not been added to the get-reg-list selftest, the idea of supporting additional features there without restructuring the program to generate all possible feature combinations has been rejected. I will post a separate series which does that restructuring. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v8: - Small fixes in ABI documentation. - Link to v7: https://lore.kernel.org/r/20250822-kvm-arm64-sme-v7-0-7a65d82b8b10@kernel.o… Changes in v7: - Rebase onto v6.17-rc1. - Handle SMIDR_EL1 as a VM wide ID register and use this in feat_sme_smps(). - Expose affinity fields in SMIDR_EL1. - Remove SMPRI_EL1 from vcpu_sysreg, the value is always 0 currently. - Prevent userspace writes to SMPRIMAP_EL2. - Link to v6: https://lore.kernel.org/r/20250625-kvm-arm64-sme-v6-0-114cff4ffe04@kernel.o… Changes in v6: - Rebase onto v6.16-rc3. - Link to v5: https://lore.kernel.org/r/20250417-kvm-arm64-sme-v5-0-f469a2d5f574@kernel.o… Changes in v5: - Rebase onto v6.15-rc2. - Add pKVM guest support. - Always restore SVCR. - Link to v4: https://lore.kernel.org/r/20250214-kvm-arm64-sme-v4-0-d64a681adcc2@kernel.o… Changes in v4: - Rebase onto v6.14-rc2 and Mark Rutland's fixes. - Expose SME to nested guests. - Additional cleanups and test fixes following on from the rebase. - Flush register state on VMM PSTATE.{SM,ZA}. - Link to v3: https://lore.kernel.org/r/20241220-kvm-arm64-sme-v3-0-05b018c1ffeb@kernel.o… Changes in v3: - Rebase onto v6.12-rc2. - Link to v2: https://lore.kernel.org/r/20231222-kvm-arm64-sme-v2-0-da226cb180bb@kernel.o… Changes in v2: - Rebase onto v6.7-rc3. - Configure subfeatures based on host system only. - Complete nVHE support. - There was some snafu with sending v1 out, it didn't make it to the lists but in case it hit people's inboxes I'm sending as v2. --- Mark Brown (29): arm64/sysreg: Update SMIDR_EL1 to DDI0601 2025-06 arm64/fpsimd: Update FA64 and ZT0 enables when loading SME state arm64/fpsimd: Decide to save ZT0 and streaming mode FFR at bind time arm64/fpsimd: Check enable bit for FA64 when saving EFI state arm64/fpsimd: Determine maximum virtualisable SME vector length KVM: arm64: Introduce non-UNDEF FGT control KVM: arm64: Pay attention to FFR parameter in SVE save and load KVM: arm64: Pull ctxt_has_ helpers to start of sysreg-sr.h KVM: arm64: Move SVE state access macros after feature test macros KVM: arm64: Rename SVE finalization constants to be more general KVM: arm64: Document the KVM ABI for SME KVM: arm64: Define internal features for SME KVM: arm64: Rename sve_state_reg_region KVM: arm64: Store vector lengths in an array KVM: arm64: Implement SME vector length configuration KVM: arm64: Support SME control registers KVM: arm64: Support TPIDR2_EL0 KVM: arm64: Support SME identification registers for guests KVM: arm64: Support SME priority registers KVM: arm64: Provide assembly for SME register access KVM: arm64: Support userspace access to streaming mode Z and P registers KVM: arm64: Flush register state on writes to SVCR.SM and SVCR.ZA KVM: arm64: Expose SME specific state to userspace KVM: arm64: Context switch SME state for guests KVM: arm64: Handle SME exceptions KVM: arm64: Expose SME to nested guests KVM: arm64: Provide interface for configuring and enabling SME for guests KVM: arm64: selftests: Add SME system registers to get-reg-list KVM: arm64: selftests: Add SME to set_id_regs test Documentation/virt/kvm/api.rst | 115 ++++++++--- arch/arm64/include/asm/fpsimd.h | 26 +++ arch/arm64/include/asm/kvm_emulate.h | 6 + arch/arm64/include/asm/kvm_host.h | 169 ++++++++++++--- arch/arm64/include/asm/kvm_hyp.h | 5 +- arch/arm64/include/asm/kvm_pkvm.h | 2 +- arch/arm64/include/asm/vncr_mapping.h | 2 + arch/arm64/include/uapi/asm/kvm.h | 33 +++ arch/arm64/kernel/cpufeature.c | 2 - arch/arm64/kernel/fpsimd.c | 89 ++++---- arch/arm64/kvm/arm.c | 10 + arch/arm64/kvm/config.c | 8 +- arch/arm64/kvm/fpsimd.c | 28 ++- arch/arm64/kvm/guest.c | 252 ++++++++++++++++++++--- arch/arm64/kvm/handle_exit.c | 14 ++ arch/arm64/kvm/hyp/fpsimd.S | 28 ++- arch/arm64/kvm/hyp/include/hyp/switch.h | 175 ++++++++++++++-- arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 110 ++++++---- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 86 ++++++-- arch/arm64/kvm/hyp/nvhe/pkvm.c | 85 ++++++-- arch/arm64/kvm/hyp/nvhe/switch.c | 4 +- arch/arm64/kvm/hyp/nvhe/sys_regs.c | 6 + arch/arm64/kvm/hyp/vhe/switch.c | 17 +- arch/arm64/kvm/hyp/vhe/sysreg-sr.c | 7 + arch/arm64/kvm/nested.c | 3 +- arch/arm64/kvm/reset.c | 156 ++++++++++---- arch/arm64/kvm/sys_regs.c | 141 ++++++++++++- arch/arm64/tools/sysreg | 8 +- include/uapi/linux/kvm.h | 1 + tools/testing/selftests/kvm/arm64/get-reg-list.c | 15 +- tools/testing/selftests/kvm/arm64/set_id_regs.c | 27 ++- 31 files changed, 1327 insertions(+), 303 deletions(-) --- base-commit: 062b3e4a1f880f104a8d4b90b767788786aa7b78 change-id: 20230301-kvm-arm64-sme-06a1246d3636 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 week, 4 days

1
29
0 0

[PATCH bpf-next v2 2/2] selftests/bpf: Test kfunc bpf_strcasecmp

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> Add testsuites for kfunc bpf_strcasecmp. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c | 6 ++++++ tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c | 1 + tools/testing/selftests/bpf/progs/string_kfuncs_success.c | 5 +++++ 3 files changed, 12 insertions(+) diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c index 53af438bd998..99d72c68f76a 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c @@ -31,6 +31,8 @@ char *invalid_kern_ptr = (char *)-1; /* Passing NULL to string kfuncs (treated as a userspace ptr) */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_null1(void *ctx) { return bpf_strcmp(NULL, "hello"); } SEC("syscall") __retval(USER_PTR_ERR)int test_strcmp_null2(void *ctx) { return bpf_strcmp("hello", NULL); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_null1(void *ctx) { return bpf_strcasecmp(NULL, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR)int test_strcasecmp_null2(void *ctx) { return bpf_strcasecmp("HELLO", NULL); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchr_null(void *ctx) { return bpf_strchr(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchrnul_null(void *ctx) { return bpf_strchrnul(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strnchr_null(void *ctx) { return bpf_strnchr(NULL, 1, 'a'); } @@ -49,6 +51,8 @@ SEC("syscall") __retval(USER_PTR_ERR)int test_strnstr_null2(void *ctx) { return /* Passing userspace ptr to string kfuncs */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr1(void *ctx) { return bpf_strcmp(user_ptr, "hello"); } SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr2(void *ctx) { return bpf_strcmp("hello", user_ptr); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr1(void *ctx) { return bpf_strcasecmp(user_ptr, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr2(void *ctx) { return bpf_strcasecmp("HELLO", user_ptr); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchr_user_ptr(void *ctx) { return bpf_strchr(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchrnul_user_ptr(void *ctx) { return bpf_strchrnul(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strnchr_user_ptr(void *ctx) { return bpf_strnchr(user_ptr, 1, 'a'); } @@ -69,6 +73,8 @@ SEC("syscall") __retval(USER_PTR_ERR) int test_strnstr_user_ptr2(void *ctx) { re /* Passing invalid kernel ptr to string kfuncs should always return -EFAULT */ SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault1(void *ctx) { return bpf_strcmp(invalid_kern_ptr, "hello"); } SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault2(void *ctx) { return bpf_strcmp("hello", invalid_kern_ptr); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault1(void *ctx) { return bpf_strcasecmp(invalid_kern_ptr, "HELLO"); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault2(void *ctx) { return bpf_strcasecmp("HELLO", invalid_kern_ptr); } SEC("syscall") __retval(-EFAULT) int test_strchr_pagefault(void *ctx) { return bpf_strchr(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strchrnul_pagefault(void *ctx) { return bpf_strchrnul(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strnchr_pagefault(void *ctx) { return bpf_strnchr(invalid_kern_ptr, 1, 'a'); } diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c b/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c index 89fb4669b0e9..e41cc5601994 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c @@ -7,6 +7,7 @@ char long_str[XATTR_SIZE_MAX + 1]; SEC("syscall") int test_strcmp_too_long(void *ctx) { return bpf_strcmp(long_str, long_str); } +SEC("syscall") int test_strcasecmp_too_long(void *ctx) { return bpf_strcasecmp(long_str, long_str); } SEC("syscall") int test_strchr_too_long(void *ctx) { return bpf_strchr(long_str, 'b'); } SEC("syscall") int test_strchrnul_too_long(void *ctx) { return bpf_strchrnul(long_str, 'b'); } SEC("syscall") int test_strnchr_too_long(void *ctx) { return bpf_strnchr(long_str, sizeof(long_str), 'b'); } diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c index 46697f381878..67830456637b 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c @@ -12,6 +12,11 @@ char str[] = "hello world"; /* Functional tests */ __test(0) int test_strcmp_eq(void *ctx) { return bpf_strcmp(str, "hello world"); } __test(1) int test_strcmp_neq(void *ctx) { return bpf_strcmp(str, "hello"); } +__test(0) int test_strcasecmp_eq1(void *ctx) { return bpf_strcasecmp(str, "hello world"); } +__test(0) int test_strcasecmp_eq2(void *ctx) { return bpf_strcasecmp(str, "HELLO WORLD"); } +__test(0) int test_strcasecmp_eq3(void *ctx) { return bpf_strcasecmp(str, "HELLO world"); } +__test(1) int test_strcasecmp_neq1(void *ctx) { return bpf_strcasecmp(str, "hello"); } +__test(1) int test_strcasecmp_neq2(void *ctx) { return bpf_strcasecmp(str, "HELLO"); } __test(1) int test_strchr_found(void *ctx) { return bpf_strchr(str, 'e'); } __test(11) int test_strchr_null(void *ctx) { return bpf_strchr(str, '\0'); } __test(-ENOENT) int test_strchr_notfound(void *ctx) { return bpf_strchr(str, 'x'); } -- 2.51.0

1 week, 4 days

2
2
0 0

[PATCH bpf-next v3 2/2] selftests/bpf: Test kfunc bpf_strcasecmp

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> Add testsuites for kfunc bpf_strcasecmp. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- tools/testing/selftests/bpf/prog_tests/string_kfuncs.c | 1 + tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c | 6 ++++++ tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c | 1 + tools/testing/selftests/bpf/progs/string_kfuncs_success.c | 5 +++++ 4 files changed, 13 insertions(+) diff --git a/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c b/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c index 35af8044d059..4d66fad3c8bd 100644 --- a/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c +++ b/tools/testing/selftests/bpf/prog_tests/string_kfuncs.c @@ -8,6 +8,7 @@ static const char * const test_cases[] = { "strcmp", + "strcasecmp", "strchr", "strchrnul", "strnchr", diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c index 53af438bd998..99d72c68f76a 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c @@ -31,6 +31,8 @@ char *invalid_kern_ptr = (char *)-1; /* Passing NULL to string kfuncs (treated as a userspace ptr) */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_null1(void *ctx) { return bpf_strcmp(NULL, "hello"); } SEC("syscall") __retval(USER_PTR_ERR)int test_strcmp_null2(void *ctx) { return bpf_strcmp("hello", NULL); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_null1(void *ctx) { return bpf_strcasecmp(NULL, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR)int test_strcasecmp_null2(void *ctx) { return bpf_strcasecmp("HELLO", NULL); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchr_null(void *ctx) { return bpf_strchr(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchrnul_null(void *ctx) { return bpf_strchrnul(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strnchr_null(void *ctx) { return bpf_strnchr(NULL, 1, 'a'); } @@ -49,6 +51,8 @@ SEC("syscall") __retval(USER_PTR_ERR)int test_strnstr_null2(void *ctx) { return /* Passing userspace ptr to string kfuncs */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr1(void *ctx) { return bpf_strcmp(user_ptr, "hello"); } SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr2(void *ctx) { return bpf_strcmp("hello", user_ptr); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr1(void *ctx) { return bpf_strcasecmp(user_ptr, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr2(void *ctx) { return bpf_strcasecmp("HELLO", user_ptr); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchr_user_ptr(void *ctx) { return bpf_strchr(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchrnul_user_ptr(void *ctx) { return bpf_strchrnul(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strnchr_user_ptr(void *ctx) { return bpf_strnchr(user_ptr, 1, 'a'); } @@ -69,6 +73,8 @@ SEC("syscall") __retval(USER_PTR_ERR) int test_strnstr_user_ptr2(void *ctx) { re /* Passing invalid kernel ptr to string kfuncs should always return -EFAULT */ SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault1(void *ctx) { return bpf_strcmp(invalid_kern_ptr, "hello"); } SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault2(void *ctx) { return bpf_strcmp("hello", invalid_kern_ptr); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault1(void *ctx) { return bpf_strcasecmp(invalid_kern_ptr, "HELLO"); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault2(void *ctx) { return bpf_strcasecmp("HELLO", invalid_kern_ptr); } SEC("syscall") __retval(-EFAULT) int test_strchr_pagefault(void *ctx) { return bpf_strchr(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strchrnul_pagefault(void *ctx) { return bpf_strchrnul(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strnchr_pagefault(void *ctx) { return bpf_strnchr(invalid_kern_ptr, 1, 'a'); } diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c b/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c index 89fb4669b0e9..e41cc5601994 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_failure2.c @@ -7,6 +7,7 @@ char long_str[XATTR_SIZE_MAX + 1]; SEC("syscall") int test_strcmp_too_long(void *ctx) { return bpf_strcmp(long_str, long_str); } +SEC("syscall") int test_strcasecmp_too_long(void *ctx) { return bpf_strcasecmp(long_str, long_str); } SEC("syscall") int test_strchr_too_long(void *ctx) { return bpf_strchr(long_str, 'b'); } SEC("syscall") int test_strchrnul_too_long(void *ctx) { return bpf_strchrnul(long_str, 'b'); } SEC("syscall") int test_strnchr_too_long(void *ctx) { return bpf_strnchr(long_str, sizeof(long_str), 'b'); } diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c index 46697f381878..67830456637b 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c @@ -12,6 +12,11 @@ char str[] = "hello world"; /* Functional tests */ __test(0) int test_strcmp_eq(void *ctx) { return bpf_strcmp(str, "hello world"); } __test(1) int test_strcmp_neq(void *ctx) { return bpf_strcmp(str, "hello"); } +__test(0) int test_strcasecmp_eq1(void *ctx) { return bpf_strcasecmp(str, "hello world"); } +__test(0) int test_strcasecmp_eq2(void *ctx) { return bpf_strcasecmp(str, "HELLO WORLD"); } +__test(0) int test_strcasecmp_eq3(void *ctx) { return bpf_strcasecmp(str, "HELLO world"); } +__test(1) int test_strcasecmp_neq1(void *ctx) { return bpf_strcasecmp(str, "hello"); } +__test(1) int test_strcasecmp_neq2(void *ctx) { return bpf_strcasecmp(str, "HELLO"); } __test(1) int test_strchr_found(void *ctx) { return bpf_strchr(str, 'e'); } __test(11) int test_strchr_null(void *ctx) { return bpf_strchr(str, '\0'); } __test(-ENOENT) int test_strchr_notfound(void *ctx) { return bpf_strchr(str, 'x'); } -- 2.51.0

1 week, 4 days

1
0
0 0

[PATCH bpf-next v3 0/2] bpf: Add kfunc bpf_strcasecmp()

by Rong Tao

Kfunc already support bpf_strcmp, this patchset introduce bpf_strcasecmp and add some selftests. Rong Tao (2): bpf: add bpf_strcasecmp kfunc selftests/bpf: Test kfunc bpf_strcasecmp kernel/bpf/helpers.c | 68 +++++++++++++------ .../selftests/bpf/prog_tests/string_kfuncs.c | 1 + .../bpf/progs/string_kfuncs_failure1.c | 6 ++ .../bpf/progs/string_kfuncs_failure2.c | 1 + .../bpf/progs/string_kfuncs_success.c | 5 ++ 5 files changed, 61 insertions(+), 20 deletions(-) --- v3: Update prog_tests/string_kfuncs.c for "strcasecmp"; v2: Remove __ign prefix from __bpf_strcasecmp and add E2BIG failure test; https://lore.kernel.org/lkml/tencent_8646158457D4511C447C833B21B3ACF6CB07@q… v1: https://lore.kernel.org/lkml/tencent_5AE811A28781BE106AD6CDE59F4ADD2BFA06@q… -- 2.51.0

1 week, 4 days

1
0
0 0

[PATCH net-next 1/2] selftests: drv-net: rss_ctx: use Netlink for timed reconfig

by Jakub Kicinski

The rss_ctx test has gotten pretty flaky after I increased the queue count in NIPA 2->3. Not 100% clear why. We get a lot of failures in the rss_ctx.test_hitless_key_update case. Looking closer it appears that the failures are mostly due to startup costs. I measured the following timing for ethtool -X: - python cmd(shell=True) : 150-250msec - python cmd(shell=False) : 50- 70msec - timed in bash : 45- 55msec - YNL Netlink call : 2- 4msec - .set_rxfh callback : 1- 2msec The target in the test was set to 200msec. We were mostly measuring ethtool startup cost it seems. Switch to YNL since it's 100x faster. Lower the pass criteria to ~75msec, no real science behind this number but we removed ~150msec of overhead, and the old target was 200msec. So any driver that was passing previously should still pass with 75msec. Separately we should probably follow up on defaulting to shell=False, when script doesn't explicitly ask for True, because the overhead is rather significant. Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- tools/testing/selftests/drivers/net/hw/rss_ctx.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/drivers/net/hw/rss_ctx.py b/tools/testing/selftests/drivers/net/hw/rss_ctx.py index 9838b8457e5a..3fc5688605b5 100755 --- a/tools/testing/selftests/drivers/net/hw/rss_ctx.py +++ b/tools/testing/selftests/drivers/net/hw/rss_ctx.py @@ -335,19 +335,20 @@ from lib.py import ethtool, ip, defer, GenerateTraffic, CmdExitFailure data = get_rss(cfg) key_len = len(data['rss-hash-key']) - key = _rss_key_rand(key_len) + ethnl = EthtoolFamily() + key = random.randbytes(key_len) tgen = GenerateTraffic(cfg) try: errors0, carrier0 = get_drop_err_sum(cfg) t0 = datetime.datetime.now() - ethtool(f"-X {cfg.ifname} hkey " + _rss_key_str(key)) + ethnl.rss_set({"header": {"dev-index": cfg.ifindex}, "hkey": key}) t1 = datetime.datetime.now() errors1, carrier1 = get_drop_err_sum(cfg) finally: tgen.wait_pkts_and_stop(5000) - ksft_lt((t1 - t0).total_seconds(), 0.2) + ksft_lt((t1 - t0).total_seconds(), 0.075) ksft_eq(errors1 - errors1, 0) ksft_eq(carrier1 - carrier0, 0) -- 2.51.0

1 week, 5 days

2
4
0 0

[PATCH] selftests/fs/mount-notify: Fix compilation failure.

by Xing Guo

Commit c6d9775c2066 ("selftests/fs/mount-notify: build with tools include dir") introduces the struct __kernel_fsid_t to decouple dependency with headers_install. The commit forgets to define a macro for __kernel_fsid_t and it will cause type re-definition issue. Signed-off-by: Xing Guo <higuoxing(a)gmail.com> --- .../mount-notify/mount-notify_test.c | 17 ++++++++--------- .../mount-notify/mount-notify_test_ns.c | 18 ++++++++---------- 2 files changed, 16 insertions(+), 19 deletions(-) diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c index 63ce708d93ed..e4b7c2b457ee 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test.c @@ -2,6 +2,13 @@ // Copyright (c) 2025 Miklos Szeredi <miklos(a)szeredi.hu> #define _GNU_SOURCE + +// Needed for linux/fanotify.h +typedef struct { + int val[2]; +} __kernel_fsid_t; +#define __kernel_fsid_t __kernel_fsid_t + #include <fcntl.h> #include <sched.h> #include <stdio.h> @@ -10,20 +17,12 @@ #include <sys/mount.h> #include <unistd.h> #include <sys/syscall.h> +#include <sys/fanotify.h> #include "../../kselftest_harness.h" #include "../statmount/statmount.h" #include "../utils.h" -// Needed for linux/fanotify.h -#ifndef __kernel_fsid_t -typedef struct { - int val[2]; -} __kernel_fsid_t; -#endif - -#include <sys/fanotify.h> - static const char root_mntpoint_templ[] = "/tmp/mount-notify_test_root.XXXXXX"; static const int mark_cmds[] = { diff --git a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c index 090a5ca65004..9f57ca46e3af 100644 --- a/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c +++ b/tools/testing/selftests/filesystems/mount-notify/mount-notify_test_ns.c @@ -2,6 +2,13 @@ // Copyright (c) 2025 Miklos Szeredi <miklos(a)szeredi.hu> #define _GNU_SOURCE + +// Needed for linux/fanotify.h +typedef struct { + int val[2]; +} __kernel_fsid_t; +#define __kernel_fsid_t __kernel_fsid_t + #include <fcntl.h> #include <sched.h> #include <stdio.h> @@ -10,21 +17,12 @@ #include <sys/mount.h> #include <unistd.h> #include <sys/syscall.h> +#include <sys/fanotify.h> #include "../../kselftest_harness.h" -#include "../../pidfd/pidfd.h" #include "../statmount/statmount.h" #include "../utils.h" -// Needed for linux/fanotify.h -#ifndef __kernel_fsid_t -typedef struct { - int val[2]; -} __kernel_fsid_t; -#endif - -#include <sys/fanotify.h> - static const char root_mntpoint_templ[] = "/tmp/mount-notify_test_root.XXXXXX"; static const int mark_types[] = { -- 2.50.1

1 week, 5 days

4
7
0 0

[PATCH bpf-next v2 1/2] bpf: add bpf_strcasecmp kfunc

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> bpf_strcasecmp() function performs same like bpf_strcmp() except ignoring the case of the characters. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- kernel/bpf/helpers.c | 68 +++++++++++++++++++++++++++++++------------- 1 file changed, 48 insertions(+), 20 deletions(-) diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index 401b4932cc49..238fd992c786 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -3349,45 +3349,72 @@ __bpf_kfunc void __bpf_trap(void) * __get_kernel_nofault instead of plain dereference to make them safe. */ -/** - * bpf_strcmp - Compare two strings - * @s1__ign: One string - * @s2__ign: Another string - * - * Return: - * * %0 - Strings are equal - * * %-1 - @s1__ign is smaller - * * %1 - @s2__ign is smaller - * * %-EFAULT - Cannot read one of the strings - * * %-E2BIG - One of strings is too large - * * %-ERANGE - One of strings is outside of kernel address space - */ -__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +int __bpf_strcasecmp(const char *s1, const char *s2, bool ignore_case) { char c1, c2; int i; - if (!copy_from_kernel_nofault_allowed(s1__ign, 1) || - !copy_from_kernel_nofault_allowed(s2__ign, 1)) { + if (!copy_from_kernel_nofault_allowed(s1, 1) || + !copy_from_kernel_nofault_allowed(s2, 1)) { return -ERANGE; } guard(pagefault)(); for (i = 0; i < XATTR_SIZE_MAX; i++) { - __get_kernel_nofault(&c1, s1__ign, char, err_out); - __get_kernel_nofault(&c2, s2__ign, char, err_out); + __get_kernel_nofault(&c1, s1, char, err_out); + __get_kernel_nofault(&c2, s2, char, err_out); + if (ignore_case) { + c1 = tolower(c1); + c2 = tolower(c2); + } if (c1 != c2) return c1 < c2 ? -1 : 1; if (c1 == '\0') return 0; - s1__ign++; - s2__ign++; + s1++; + s2++; } return -E2BIG; err_out: return -EFAULT; } +/** + * bpf_strcmp - Compare two strings + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, false); +} + +/** + * bpf_strcasecmp - Compare two strings, ignoring the case of the characters + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcasecmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, true); +} + /** * bpf_strnchr - Find a character in a length limited string * @s__ign: The string to be searched @@ -3832,6 +3859,7 @@ BTF_ID_FLAGS(func, bpf_iter_dmabuf_destroy, KF_ITER_DESTROY | KF_SLEEPABLE) #endif BTF_ID_FLAGS(func, __bpf_trap) BTF_ID_FLAGS(func, bpf_strcmp); +BTF_ID_FLAGS(func, bpf_strcasecmp); BTF_ID_FLAGS(func, bpf_strchr); BTF_ID_FLAGS(func, bpf_strchrnul); BTF_ID_FLAGS(func, bpf_strnchr); -- 2.51.0

1 week, 5 days

1
0
0 0

[PATCH bpf-next v2 0/2] bpf: Add kfunc bpf_strcasecmp()

by Rong Tao

Kfunc already support bpf_strcmp, this patchset introduce bpf_strcasecmp and add some selftests. Rong Tao (2): bpf: add bpf_strcasecmp kfunc selftests/bpf: Test kfunc bpf_strcasecmp kernel/bpf/helpers.c | 68 +++++++++++++------ .../bpf/progs/string_kfuncs_failure1.c | 6 ++ .../bpf/progs/string_kfuncs_failure2.c | 1 + .../bpf/progs/string_kfuncs_success.c | 5 ++ 4 files changed, 60 insertions(+), 20 deletions(-) --- v2: Remove __ign prefix from __bpf_strcasecmp and add E2BIG failure test; v1: https://lore.kernel.org/lkml/tencent_5AE811A28781BE106AD6CDE59F4ADD2BFA06@q… -- 2.51.0

1 week, 5 days

1
0
0 0

[PATCH bpf-next 1/2] bpf: add bpf_strcasecmp kfunc

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> bpf_strcasecmp() function performs same like bpf_strcmp() except ignoring the case of the characters. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- kernel/bpf/helpers.c | 56 +++++++++++++++++++++++++++++++++----------- 1 file changed, 42 insertions(+), 14 deletions(-) diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index 401b4932cc49..e807a708e5fc 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -3349,20 +3349,7 @@ __bpf_kfunc void __bpf_trap(void) * __get_kernel_nofault instead of plain dereference to make them safe. */ -/** - * bpf_strcmp - Compare two strings - * @s1__ign: One string - * @s2__ign: Another string - * - * Return: - * * %0 - Strings are equal - * * %-1 - @s1__ign is smaller - * * %1 - @s2__ign is smaller - * * %-EFAULT - Cannot read one of the strings - * * %-E2BIG - One of strings is too large - * * %-ERANGE - One of strings is outside of kernel address space - */ -__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +int __bpf_strcasecmp(const char *s1__ign, const char *s2__ign, bool ignore_case) { char c1, c2; int i; @@ -3376,6 +3363,10 @@ __bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) for (i = 0; i < XATTR_SIZE_MAX; i++) { __get_kernel_nofault(&c1, s1__ign, char, err_out); __get_kernel_nofault(&c2, s2__ign, char, err_out); + if (ignore_case) { + c1 = tolower(c1); + c2 = tolower(c2); + } if (c1 != c2) return c1 < c2 ? -1 : 1; if (c1 == '\0') @@ -3388,6 +3379,42 @@ __bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) return -EFAULT; } +/** + * bpf_strcmp - Compare two strings + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, false); +} + +/** + * bpf_strcasecmp - Compare two strings, ignoring the case of the characters + * @s1__ign: One string + * @s2__ign: Another string + * + * Return: + * * %0 - Strings are equal + * * %-1 - @s1__ign is smaller + * * %1 - @s2__ign is smaller + * * %-EFAULT - Cannot read one of the strings + * * %-E2BIG - One of strings is too large + * * %-ERANGE - One of strings is outside of kernel address space + */ +__bpf_kfunc int bpf_strcasecmp(const char *s1__ign, const char *s2__ign) +{ + return __bpf_strcasecmp(s1__ign, s2__ign, true); +} + /** * bpf_strnchr - Find a character in a length limited string * @s__ign: The string to be searched @@ -3832,6 +3859,7 @@ BTF_ID_FLAGS(func, bpf_iter_dmabuf_destroy, KF_ITER_DESTROY | KF_SLEEPABLE) #endif BTF_ID_FLAGS(func, __bpf_trap) BTF_ID_FLAGS(func, bpf_strcmp); +BTF_ID_FLAGS(func, bpf_strcasecmp); BTF_ID_FLAGS(func, bpf_strchr); BTF_ID_FLAGS(func, bpf_strchrnul); BTF_ID_FLAGS(func, bpf_strnchr); -- 2.51.0

1 week, 5 days

2
2
0 0

[PATCH bpf-next 2/2] selftests/bpf: Test kfunc bpf_strcasecmp

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> Add testsuites for kfunc bpf_strcasecmp. Signed-off-by: Rong Tao <rongtao(a)cestc.cn> --- tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c | 6 ++++++ tools/testing/selftests/bpf/progs/string_kfuncs_success.c | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c index 53af438bd998..99d72c68f76a 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_failure1.c @@ -31,6 +31,8 @@ char *invalid_kern_ptr = (char *)-1; /* Passing NULL to string kfuncs (treated as a userspace ptr) */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_null1(void *ctx) { return bpf_strcmp(NULL, "hello"); } SEC("syscall") __retval(USER_PTR_ERR)int test_strcmp_null2(void *ctx) { return bpf_strcmp("hello", NULL); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_null1(void *ctx) { return bpf_strcasecmp(NULL, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR)int test_strcasecmp_null2(void *ctx) { return bpf_strcasecmp("HELLO", NULL); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchr_null(void *ctx) { return bpf_strchr(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strchrnul_null(void *ctx) { return bpf_strchrnul(NULL, 'a'); } SEC("syscall") __retval(USER_PTR_ERR)int test_strnchr_null(void *ctx) { return bpf_strnchr(NULL, 1, 'a'); } @@ -49,6 +51,8 @@ SEC("syscall") __retval(USER_PTR_ERR)int test_strnstr_null2(void *ctx) { return /* Passing userspace ptr to string kfuncs */ SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr1(void *ctx) { return bpf_strcmp(user_ptr, "hello"); } SEC("syscall") __retval(USER_PTR_ERR) int test_strcmp_user_ptr2(void *ctx) { return bpf_strcmp("hello", user_ptr); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr1(void *ctx) { return bpf_strcasecmp(user_ptr, "HELLO"); } +SEC("syscall") __retval(USER_PTR_ERR) int test_strcasecmp_user_ptr2(void *ctx) { return bpf_strcasecmp("HELLO", user_ptr); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchr_user_ptr(void *ctx) { return bpf_strchr(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strchrnul_user_ptr(void *ctx) { return bpf_strchrnul(user_ptr, 'a'); } SEC("syscall") __retval(USER_PTR_ERR) int test_strnchr_user_ptr(void *ctx) { return bpf_strnchr(user_ptr, 1, 'a'); } @@ -69,6 +73,8 @@ SEC("syscall") __retval(USER_PTR_ERR) int test_strnstr_user_ptr2(void *ctx) { re /* Passing invalid kernel ptr to string kfuncs should always return -EFAULT */ SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault1(void *ctx) { return bpf_strcmp(invalid_kern_ptr, "hello"); } SEC("syscall") __retval(-EFAULT) int test_strcmp_pagefault2(void *ctx) { return bpf_strcmp("hello", invalid_kern_ptr); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault1(void *ctx) { return bpf_strcasecmp(invalid_kern_ptr, "HELLO"); } +SEC("syscall") __retval(-EFAULT) int test_strcasecmp_pagefault2(void *ctx) { return bpf_strcasecmp("HELLO", invalid_kern_ptr); } SEC("syscall") __retval(-EFAULT) int test_strchr_pagefault(void *ctx) { return bpf_strchr(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strchrnul_pagefault(void *ctx) { return bpf_strchrnul(invalid_kern_ptr, 'a'); } SEC("syscall") __retval(-EFAULT) int test_strnchr_pagefault(void *ctx) { return bpf_strnchr(invalid_kern_ptr, 1, 'a'); } diff --git a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c index 46697f381878..67830456637b 100644 --- a/tools/testing/selftests/bpf/progs/string_kfuncs_success.c +++ b/tools/testing/selftests/bpf/progs/string_kfuncs_success.c @@ -12,6 +12,11 @@ char str[] = "hello world"; /* Functional tests */ __test(0) int test_strcmp_eq(void *ctx) { return bpf_strcmp(str, "hello world"); } __test(1) int test_strcmp_neq(void *ctx) { return bpf_strcmp(str, "hello"); } +__test(0) int test_strcasecmp_eq1(void *ctx) { return bpf_strcasecmp(str, "hello world"); } +__test(0) int test_strcasecmp_eq2(void *ctx) { return bpf_strcasecmp(str, "HELLO WORLD"); } +__test(0) int test_strcasecmp_eq3(void *ctx) { return bpf_strcasecmp(str, "HELLO world"); } +__test(1) int test_strcasecmp_neq1(void *ctx) { return bpf_strcasecmp(str, "hello"); } +__test(1) int test_strcasecmp_neq2(void *ctx) { return bpf_strcasecmp(str, "HELLO"); } __test(1) int test_strchr_found(void *ctx) { return bpf_strchr(str, 'e'); } __test(11) int test_strchr_null(void *ctx) { return bpf_strchr(str, '\0'); } __test(-ENOENT) int test_strchr_notfound(void *ctx) { return bpf_strchr(str, 'x'); } -- 2.51.0

1 week, 5 days

2
1
0 0

[PATCH bpf-next 0/2] bpf: Add kfunc bpf_strcasecmp()

by Rong Tao

From: Rong Tao <rongtao(a)cestc.cn> Kfunc already support bpf_strcmp, this patchset introduce bpf_strcasecmp and add some selftests. Rong Tao (2): bpf: add bpf_strcasecmp kfunc selftests/bpf: Test kfunc bpf_strcasecmp kernel/bpf/helpers.c | 56 ++++++++++++++----- .../bpf/progs/string_kfuncs_failure1.c | 6 ++ .../bpf/progs/string_kfuncs_success.c | 5 ++ 3 files changed, 53 insertions(+), 14 deletions(-) -- 2.51.0

1 week, 5 days

1
0
0 0

[PATCH] selftests: net: fix spelling and grammar mistakes

by Praveen Balakrishnan

Fix several spelling and grammatical mistakes in output messages from the net selftests to improve readability. Only the message strings for the test output have been modified. No changes to the functional logic of the tests have been made. Signed-off-by: Praveen Balakrishnan <praveen.balakrishnan(a)magd.ox.ac.uk> --- tools/testing/selftests/net/openvswitch/ovs-dpctl.py | 2 +- tools/testing/selftests/net/rps_default_mask.sh | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tools/testing/selftests/net/openvswitch/ovs-dpctl.py b/tools/testing/selftests/net/openvswitch/ovs-dpctl.py index 8a0396bfaf99..b521e0dea506 100644 --- a/tools/testing/selftests/net/openvswitch/ovs-dpctl.py +++ b/tools/testing/selftests/net/openvswitch/ovs-dpctl.py @@ -1877,7 +1877,7 @@ class OvsPacket(GenericNetlinkSocket): elif msg["cmd"] == OvsPacket.OVS_PACKET_CMD_EXECUTE: up.execute(msg) else: - print("Unkonwn cmd: %d" % msg["cmd"]) + print("Unknown cmd: %d" % msg["cmd"]) except NetlinkError as ne: raise ne diff --git a/tools/testing/selftests/net/rps_default_mask.sh b/tools/testing/selftests/net/rps_default_mask.sh index 4287a8529890..b200019b3c80 100755 --- a/tools/testing/selftests/net/rps_default_mask.sh +++ b/tools/testing/selftests/net/rps_default_mask.sh @@ -54,16 +54,16 @@ cleanup echo 1 > /proc/sys/net/core/rps_default_mask setup -chk_rps "changing rps_default_mask dont affect existing devices" "" lo $INITIAL_RPS_DEFAULT_MASK +chk_rps "changing rps_default_mask doesn't affect existing devices" "" lo $INITIAL_RPS_DEFAULT_MASK echo 3 > /proc/sys/net/core/rps_default_mask -chk_rps "changing rps_default_mask dont affect existing netns" $NETNS lo 0 +chk_rps "changing rps_default_mask doesn't affect existing netns" $NETNS lo 0 ip link add name $VETH type veth peer netns $NETNS name $VETH ip link set dev $VETH up ip -n $NETNS link set dev $VETH up -chk_rps "changing rps_default_mask affect newly created devices" "" $VETH 3 -chk_rps "changing rps_default_mask don't affect newly child netns[II]" $NETNS $VETH 0 +chk_rps "changing rps_default_mask affects newly created devices" "" $VETH 3 +chk_rps "changing rps_default_mask doesn't affect newly child netns[II]" $NETNS $VETH 0 ip link del dev $VETH ip netns del $NETNS @@ -72,8 +72,8 @@ chk_rps "rps_default_mask is 0 by default in child netns" "$NETNS" lo 0 ip netns exec $NETNS sysctl -qw net.core.rps_default_mask=1 ip link add name $VETH type veth peer netns $NETNS name $VETH -chk_rps "changing rps_default_mask in child ns don't affect the main one" "" lo $INITIAL_RPS_DEFAULT_MASK +chk_rps "changing rps_default_mask in child ns doesn't affect the main one" "" lo $INITIAL_RPS_DEFAULT_MASK chk_rps "changing rps_default_mask in child ns affects new childns devices" $NETNS $VETH 1 -chk_rps "changing rps_default_mask in child ns don't affect existing devices" $NETNS lo 0 +chk_rps "changing rps_default_mask in child ns doesn't affect existing devices" $NETNS lo 0 exit $ret -- 2.39.5

1 week, 5 days

3
2
0 0

[RFC PATCH v2 bpf-next 0/3] bpf: cgroup: support writing and freezing cgroups from BPF

by Djalal Harouni

This patch series add support to write cgroup interfaces from BPF. It is useful to freeze a cgroup hierarchy on suspicious activity for a more thorough analysis before killing it. Planned users of this feature are: systemd and BPF tools where the cgroup hierarchy could be a system service, user session, k8s pod or a container. The writing happens via kernfs nodes and the cgroup must be on the default hierarchy. It implements the requests and feedback from v1 [1] where now we use a unified path for cgroup user space and BPF writing. So I want to validate that this is the right approach first. Todo: * Limit size of data to be written. * Further tests. * Add cgroup kill support. # RFC v1 -> v2 * Implemented Alexei and Tejun requests [1]. * Unified path where user space or BPF writing end up taking directly a kernfs_node with an example on the "cgroup.freeze" interface. [1] https://lore.kernel.org/bpf/20240327225334.58474-1-tixxdz@gmail.com/ Djalal Harouni (3): kernfs: cgroup: support writing cgroup interfaces from a kernfs node bpf: cgroup: Add BPF Kfunc to write cgroup interfaces selftests/bpf: add selftest for bpf_cgroup_write_interface include/linux/cgroup.h | 3 ++ kernel/bpf/helpers.c | 45 +++++ kernel/cgroup/cgroup.c | 102 +++++++ tools/testing/selftests/bpf/prog_tests/task_freeze_cgroup.c | 172 ++++++++++++ tools/testing/selftests/bpf/progs/test_task_freeze_cgroup.c | 155 ++++++++++ 5 files changed, 471 insertions(+), 6 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/task_freeze_cgroup.c create mode 100644 tools/testing/selftests/bpf/progs/test_task_freeze_cgroup.c -- 2.34.1

1 week, 5 days

4
15
0 0

[PATCH net] selftests: drv-net: csum: fix interface name for remote host

by Jakub Kicinski

Use cfg.remote_ifname for arguments of remote command. Without this UDP tests fail in NIPA where local interface is called enp1s0 and remote enp0s4. Fixes: 1d0dc857b5d8 ("selftests: drv-net: add checksum tests") Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- CC: shuah(a)kernel.org CC: willemb(a)google.com CC: petrm(a)nvidia.com CC: linux-kselftest(a)vger.kernel.org --- tools/testing/selftests/drivers/net/hw/csum.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/drivers/net/hw/csum.py b/tools/testing/selftests/drivers/net/hw/csum.py index cd23af875317..3e3a89a34afe 100755 --- a/tools/testing/selftests/drivers/net/hw/csum.py +++ b/tools/testing/selftests/drivers/net/hw/csum.py @@ -17,7 +17,7 @@ from lib.py import bkg, cmd, wait_port_listen ip_args = f"-{ipver} -S {cfg.remote_addr_v[ipver]} -D {cfg.addr_v[ipver]}" rx_cmd = f"{cfg.bin_local} -i {cfg.ifname} -n 100 {ip_args} -r 1 -R {extra_args}" - tx_cmd = f"{cfg.bin_remote} -i {cfg.ifname} -n 100 {ip_args} -r 1 -T {extra_args}" + tx_cmd = f"{cfg.bin_remote} -i {cfg.remote_ifname} -n 100 {ip_args} -r 1 -T {extra_args}" with bkg(rx_cmd, exit_wait=True): wait_port_listen(34000, proto="udp") @@ -37,7 +37,7 @@ from lib.py import bkg, cmd, wait_port_listen if extra_args != "-U -Z": extra_args += " -r 1" - rx_cmd = f"{cfg.bin_remote} -i {cfg.ifname} -L 1 -n 100 {ip_args} -R {extra_args}" + rx_cmd = f"{cfg.bin_remote} -i {cfg.remote_ifname} -L 1 -n 100 {ip_args} -R {extra_args}" tx_cmd = f"{cfg.bin_local} -i {cfg.ifname} -L 1 -n 100 {ip_args} -T {extra_args}" with bkg(rx_cmd, host=cfg.remote, exit_wait=True): -- 2.51.0

1 week, 5 days

4
3
0 0

[PATCH v4 0/2] KVM: guest_memfd: use write for population

by Kalyazin, Nikita

[ based on kvm/next ] Implement guest_memfd allocation and population via the write syscall. This is useful in non-CoCo use cases where the host can access guest memory. Even though the same can also be achieved via userspace mapping and memcpying from userspace, write provides a more performant option because it does not need to set page tables and it does not cause a page fault for every page like memcpy would. Note that memcpy cannot be accelerated via MADV_POPULATE_WRITE as it is not supported by guest_memfd and relies on GUP. Populating 512MiB of guest_memfd on a x86 machine: - via memcpy: 436 ms - via write: 202 ms (-54%) v4: - Switch from implementing the write callback to write_iter - Remove conditional compilation - Rebase to kvm/next v3: - https://lore.kernel.org/kvm/20250303130838.28812-1-kalyazin@amazon.com - David/Mike D: Only compile support for the write syscall if CONFIG_KVM_GMEM_SHARED_MEM (now gone) is enabled. v2: - https://lore.kernel.org/kvm/20241129123929.64790-1-kalyazin@amazon.com - Switch from an ioctl to the write syscall to implement population v1: - https://lore.kernel.org/kvm/20241024095429.54052-1-kalyazin@amazon.com Nikita Kalyazin (2): KVM: guest_memfd: add generic population via write KVM: selftests: update guest_memfd write tests .../testing/selftests/kvm/guest_memfd_test.c | 85 +++++++++++++++++-- virt/kvm/guest_memfd.c | 64 +++++++++++++- 2 files changed, 142 insertions(+), 7 deletions(-) base-commit: a6ad54137af92535cfe32e19e5f3bc1bb7dbd383 -- 2.50.1

1 week, 5 days

4
9
0 0

[PATCH net-next v4] selftests: net: add test for ipv6 fragmentation

by Brett A C Sheffield

Add selftest for the IPv6 fragmentation regression which affected several stable kernels. Commit a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable without some prerequisite commits. This caused a regression when sending IPv6 UDP packets by preventing fragmentation and instead returning -1 (EMSGSIZE). Add selftest to check for this issue by attempting to send a packet larger than the interface MTU. The packet will be fragmented on a working kernel, with sendmsg(2) correctly returning the expected number of bytes sent. When the regression is present, sendmsg returns -1 and sets errno to EMSGSIZE. Link: https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com Signed-off-by: Brett A C Sheffield <bacs(a)librecast.net> --- v4 changes: - fix "else should follow close brace" (checkpatch ERROR) v3 changes: - add usleep instead of busy polling on sendmsg - simplify error handling by using error() and leaving cleanup to O/S - use loopback interface - don't bother creating TAP - send to localhost (::1) v2 changes: - remove superfluous namespace calls - unshare(2) suffices - remove usleep(). Don't wait for the interface to be ready, just send, and handle the (less likely) error case by retrying. - set destination address only once - document our use of the IPv6 link-local source address - send to port 9 (DISCARD) instead of 4242 (DONT PANIC) - ensure sockets are closed on failure paths - use KSFT exit codes for clarity v3: https://lore.kernel.org/netdev/20250901112248.5218-1-bacs@librecast.net v2: https://lore.kernel.org/netdev/20250831102908.14655-1-bacs@librecast.net v1: https://lore.kernel.org/netdev/20250825092548.4436-3-bacs@librecast.net tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 1 + .../selftests/net/ipv6_fragmentation.c | 144 ++++++++++++++++++ 3 files changed, 146 insertions(+) create mode 100644 tools/testing/selftests/net/ipv6_fragmentation.c diff --git a/tools/testing/selftests/net/.gitignore b/tools/testing/selftests/net/.gitignore index 47c293c2962f..3d4b4a53dfda 100644 --- a/tools/testing/selftests/net/.gitignore +++ b/tools/testing/selftests/net/.gitignore @@ -16,6 +16,7 @@ ip_local_port_range ipsec ipv6_flowlabel ipv6_flowlabel_mgr +ipv6_fragmentation log.txt msg_oob msg_zerocopy diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index eef0b8f8a7b0..276e0481d996 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -117,6 +117,7 @@ TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh +TEST_GEN_PROGS += ipv6_fragmentation TEST_PROGS += route_hint.sh # YNL files, must be before "include ..lib.mk" diff --git a/tools/testing/selftests/net/ipv6_fragmentation.c b/tools/testing/selftests/net/ipv6_fragmentation.c new file mode 100644 index 000000000000..6d1311e26501 --- /dev/null +++ b/tools/testing/selftests/net/ipv6_fragmentation.c @@ -0,0 +1,144 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Author: Brett A C Sheffield <bacs(a)librecast.net> + * + * Kernel selftest for the IPv6 fragmentation regression which affected stable + * kernels: + * + * https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com + * + * Commit: a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable + * without some prerequisite commits. + * + * This caused a regression when sending IPv6 UDP packets by preventing + * fragmentation and instead returning -1 (EMSGSIZE). + * + * This selftest demonstrates the issue by sending an IPv6 UDP packet to + * localhost (::1) on the loopback interface from the autoconfigured link-local + * address. + * + * sendmsg(2) returns bytes sent correctly on a working kernel, and returns -1 + * (EMSGSIZE) when the regression is present. + * + * The regression was not present in the mainline kernel, but add this test to + * catch similar breakage in future. + */ + +#define _GNU_SOURCE + +#include <error.h> +#include <fcntl.h> +#include <linux/if_tun.h> +#include <net/if.h> +#include <netinet/in.h> +#include <sched.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/ioctl.h> +#include <sys/socket.h> +#include <unistd.h> +#include "../kselftest.h" + +#define MTU 1500 +#define LARGER_THAN_MTU 8192 + +/* bring up interface */ +static int interface_up(int ctl, struct ifreq *ifr) +{ + if (ioctl(ctl, SIOCGIFFLAGS, ifr) == -1) + error(KSFT_FAIL, errno, "ioctl SIOCGIFFLAGS"); + ifr->ifr_flags = ifr->ifr_flags | IFF_UP; + return ioctl(ctl, SIOCSIFFLAGS, ifr); +} + +/* no need to wait for DAD in our namespace */ +static int disable_dad(char *ifname) +{ + char sysvar[] = "/proc/sys/net/ipv6/conf/%s/accept_dad"; + char fname[IFNAMSIZ + sizeof(sysvar)]; + int fd; + + snprintf(fname, sizeof(fname), sysvar, ifname); + fd = open(fname, O_WRONLY); + if (fd == -1) + error(KSFT_FAIL, errno, "open accept_dad"); + if (write(fd, "0", 1) != 1) + error(KSFT_FAIL, errno, "write accept_dad"); + + return close(fd); +} + +static int setup(void) +{ + struct ifreq ifr = { + .ifr_name = "lo" + }; + int fd = -1; + int ctl; + + /* we need to set MTU, so do this in a namespace to play nicely */ + if (unshare(CLONE_NEWNET) == -1) + error(KSFT_FAIL, errno, "unshare"); + + ctl = socket(AF_LOCAL, SOCK_STREAM, 0); + if (ctl == -1) + error(KSFT_FAIL, errno, "socket"); + + /* ensure MTU is smaller than what we plan to send */ + ifr.ifr_mtu = MTU; + if (ioctl(ctl, SIOCSIFMTU, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl: set MTU"); + + disable_dad("lo"); + interface_up(ctl, &ifr); + + close(ctl); + return fd; +} + +int main(void) +{ + struct in6_addr addr = { + .s6_addr[15] = 0x01, /* ::1 */ + }; + struct sockaddr_in6 sa = { + .sin6_family = AF_INET6, + .sin6_addr = addr, + .sin6_port = 9 /* port 9/udp (DISCARD) */ + }; + char buf[LARGER_THAN_MTU] = {0}; + struct iovec iov = { .iov_base = buf, .iov_len = sizeof(buf)}; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + .msg_name = (struct sockaddr *)&sa, + .msg_namelen = sizeof(sa), + }; + ssize_t rc; + int ns_fd; + int err = KSFT_FAIL; + int s; + + printf("Testing IPv6 fragmentation\n"); + ns_fd = setup(); + s = socket(AF_INET6, SOCK_DGRAM, 0); +send_again: + rc = sendmsg(s, &msg, 0); + if (rc == -1) { + /* if interface wasn't ready, try again */ + if (errno == EADDRNOTAVAIL) { + usleep(1000); + goto send_again; + } + printf("[FAIL] sendmsg: %s\n", strerror(errno)); + } else if (rc != LARGER_THAN_MTU) { + printf("[FAIL] sendmsg() returned %zi, expected %i\n", rc, LARGER_THAN_MTU); + } else { + printf("[PASS] sendmsg() returned %zi\n", rc); + err = KSFT_PASS; + } + close(s); + close(ns_fd); + return err; +} base-commit: 864ecc4a6dade82d3f70eab43dad0e277aa6fc78 -- 2.49.1

1 week, 5 days

3
2
0 0

[PATCH 2/9] KVM: selftests: Add __packed attribute fallback

by Aqib Faruqui

Kernel UAPI headers use __packed but don't provide the definition in userspace builds. Add a fallback definition matching the kernel's implementation. This follows the same pattern used by BPF and SGX selftests. Signed-off-by: Aqib Faruqui <aqibaf(a)amazon.com> --- tools/testing/selftests/kvm/include/kvm_util.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index 23a506d7e..7fae7f5e7 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -5,6 +5,10 @@ #ifndef SELFTEST_KVM_UTIL_H #define SELFTEST_KVM_UTIL_H +#ifndef __packed +#define __packed __attribute__((__packed__)) +#endif + #include "test_util.h" #include <linux/compiler.h> -- 2.47.3

1 week, 5 days

3
2
0 0

[PATCH] selftests/mm: directly add pagesize instead of increase until page size

by Wei Yang

The check of is_backed_by_folio() is done on each page. Directly move pointer to next page instead of increase one and check if it is page size aligned. Signed-off-by: Wei Yang <richard.weiyang(a)gmail.com> --- tools/testing/selftests/mm/split_huge_page_test.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/mm/split_huge_page_test.c b/tools/testing/selftests/mm/split_huge_page_test.c index 10ae65ea032f..7f7016ba4054 100644 --- a/tools/testing/selftests/mm/split_huge_page_test.c +++ b/tools/testing/selftests/mm/split_huge_page_test.c @@ -423,9 +423,8 @@ static void split_pte_mapped_thp(void) /* smap does not show THPs after mremap, use kpageflags instead */ thp_size = 0; - for (i = 0; i < pagesize * 4; i++) - if (i % pagesize == 0 && - is_backed_by_folio(&pte_mapped[i], pmd_order, pagemap_fd, kpageflags_fd)) + for (i = 0; i < pagesize * 4; i += pagesize) + if (is_backed_by_folio(&pte_mapped[i], pmd_order, pagemap_fd, kpageflags_fd)) thp_size++; if (thp_size != 4) -- 2.34.1

1 week, 5 days

4
8
0 0

[PATCH v7 00/29] KVM: arm64: Implement support for SME

by Mark Brown

I've removed the RFC tag from this version of the series, but the items that I'm looking for feedback on remains the same: - The userspace ABI, in particular: - The vector length used for the SVE registers, access to the SVE registers and access to ZA and (if available) ZT0 depending on the current state of PSTATE.{SM,ZA}. - The use of a single finalisation for both SVE and SME. - The addition of control for enabling fine grained traps in a similar manner to FGU but without the UNDEF, I'm not clear if this is desired at all and at present this requires symmetric read and write traps like FGU. That seemed like it might be desired from an implementation point of view but we already have one case where we enable an asymmetric trap (for ARM64_WORKAROUND_AMPERE_AC03_CPU_38) and it seems generally useful to enable asymmetrically. This series implements support for SME use in non-protected KVM guests. Much of this is very similar to SVE, the main additional challenge that SME presents is that it introduces a new vector length similar to the SVE vector length and two new controls which change the registers seen by guests: - PSTATE.ZA enables the ZA matrix register and, if SME2 is supported, the ZT0 LUT register. - PSTATE.SM enables streaming mode, a new floating point mode which uses the SVE register set with the separately configured SME vector length. In streaming mode implementation of the FFR register is optional. It is also permitted to build systems which support SME without SVE, in this case when not in streaming mode no SVE registers or instructions are available. Further, there is no requirement that there be any overlap in the set of vector lengths supported by SVE and SME in a system, this is expected to be a common situation in practical systems. Since there is a new vector length to configure we introduce a new feature parallel to the existing SVE one with a new pseudo register for the streaming mode vector length. Due to the overlap with SVE caused by streaming mode rather than finalising SME as a separate feature we use the existing SVE finalisation to also finalise SME, a new define KVM_ARM_VCPU_VEC is provided to help make user code clearer. Finalising SVE and SME separately would introduce complication with register access since finalising SVE makes the SVE registers writeable by userspace and doing multiple finalisations results in an error being reported. Dealing with a state where the SVE registers are writeable due to one of SVE or SME being finalised but may have their VL changed by the other being finalised seems like needless complexity with minimal practical utility, it seems clearer to just express directly that only one finalisation can be done in the ABI. Access to the floating point registers follows the architecture: - When both SVE and SME are present: - If PSTATE.SM == 0 the vector length used for the Z and P registers is the SVE vector length. - If PSTATE.SM == 1 the vector length used for the Z and P registers is the SME vector length. - If only SME is present: - If PSTATE.SM == 0 the Z and P registers are inaccessible and the floating point state accessed via the encodings for the V registers. - If PSTATE.SM == 1 the vector length used for the Z and P registers - The SME specific ZA and ZT0 registers are only accessible if SVCR.ZA is 1. The VMM must understand this, in particular when loading state SVCR should be configured before other state. It should be noted that while the architecture refers to PSTATE.SM and PSTATE.ZA these PSTATE bits are not preserved in SPSR_ELx, they are only accessible via SVCR. There are a large number of subfeatures for SME, most of which only offer additional instructions but some of which (SME2 and FA64) add architectural state. These are configured via the ID registers as per usual. Protected KVM supported, with the implementation maintaining the existing restriction that the hypervisor will refuse to run if streaming mode or ZA is enabled. This both simplfies the code and avoids the need to allocate storage for host ZA and ZT0 state, there seems to be little practical use case for supporting this and the memory usage would be non-trivial. The new KVM_ARM_VCPU_VEC feature and ZA and ZT0 registers have not been added to the get-reg-list selftest, the idea of supporting additional features there without restructuring the program to generate all possible feature combinations has been rejected. I will post a separate series which does that restructuring. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v7: - Rebase onto v6.17-rc1. - Handle SMIDR_EL1 as a VM wide ID register and use this in feat_sme_smps(). - Expose affinity fields in SMIDR_EL1. - Remove SMPRI_EL1 from vcpu_sysreg, the value is always 0 currently. - Prevent userspace writes to SMPRIMAP_EL2. - Link to v6: https://lore.kernel.org/r/20250625-kvm-arm64-sme-v6-0-114cff4ffe04@kernel.o… Changes in v6: - Rebase onto v6.16-rc3. - Link to v5: https://lore.kernel.org/r/20250417-kvm-arm64-sme-v5-0-f469a2d5f574@kernel.o… Changes in v5: - Rebase onto v6.15-rc2. - Add pKVM guest support. - Always restore SVCR. - Link to v4: https://lore.kernel.org/r/20250214-kvm-arm64-sme-v4-0-d64a681adcc2@kernel.o… Changes in v4: - Rebase onto v6.14-rc2 and Mark Rutland's fixes. - Expose SME to nested guests. - Additional cleanups and test fixes following on from the rebase. - Flush register state on VMM PSTATE.{SM,ZA}. - Link to v3: https://lore.kernel.org/r/20241220-kvm-arm64-sme-v3-0-05b018c1ffeb@kernel.o… Changes in v3: - Rebase onto v6.12-rc2. - Link to v2: https://lore.kernel.org/r/20231222-kvm-arm64-sme-v2-0-da226cb180bb@kernel.o… Changes in v2: - Rebase onto v6.7-rc3. - Configure subfeatures based on host system only. - Complete nVHE support. - There was some snafu with sending v1 out, it didn't make it to the lists but in case it hit people's inboxes I'm sending as v2. --- Mark Brown (29): arm64/sysreg: Update SMIDR_EL1 to DDI0601 2025-06 arm64/fpsimd: Update FA64 and ZT0 enables when loading SME state arm64/fpsimd: Decide to save ZT0 and streaming mode FFR at bind time arm64/fpsimd: Check enable bit for FA64 when saving EFI state arm64/fpsimd: Determine maximum virtualisable SME vector length KVM: arm64: Introduce non-UNDEF FGT control KVM: arm64: Pay attention to FFR parameter in SVE save and load KVM: arm64: Pull ctxt_has_ helpers to start of sysreg-sr.h KVM: arm64: Move SVE state access macros after feature test macros KVM: arm64: Rename SVE finalization constants to be more general KVM: arm64: Document the KVM ABI for SME KVM: arm64: Define internal features for SME KVM: arm64: Rename sve_state_reg_region KVM: arm64: Store vector lengths in an array KVM: arm64: Implement SME vector length configuration KVM: arm64: Support SME control registers KVM: arm64: Support TPIDR2_EL0 KVM: arm64: Support SME identification registers for guests KVM: arm64: Support SME priority registers KVM: arm64: Provide assembly for SME register access KVM: arm64: Support userspace access to streaming mode Z and P registers KVM: arm64: Flush register state on writes to SVCR.SM and SVCR.ZA KVM: arm64: Expose SME specific state to userspace KVM: arm64: Context switch SME state for guests KVM: arm64: Handle SME exceptions KVM: arm64: Expose SME to nested guests KVM: arm64: Provide interface for configuring and enabling SME for guests KVM: arm64: selftests: Add SME system registers to get-reg-list KVM: arm64: selftests: Add SME to set_id_regs test Documentation/virt/kvm/api.rst | 117 +++++++---- arch/arm64/include/asm/fpsimd.h | 26 +++ arch/arm64/include/asm/kvm_emulate.h | 6 + arch/arm64/include/asm/kvm_host.h | 169 ++++++++++++--- arch/arm64/include/asm/kvm_hyp.h | 5 +- arch/arm64/include/asm/kvm_pkvm.h | 2 +- arch/arm64/include/asm/vncr_mapping.h | 2 + arch/arm64/include/uapi/asm/kvm.h | 33 +++ arch/arm64/kernel/cpufeature.c | 2 - arch/arm64/kernel/fpsimd.c | 89 ++++---- arch/arm64/kvm/arm.c | 10 + arch/arm64/kvm/config.c | 8 +- arch/arm64/kvm/fpsimd.c | 28 ++- arch/arm64/kvm/guest.c | 252 ++++++++++++++++++++--- arch/arm64/kvm/handle_exit.c | 14 ++ arch/arm64/kvm/hyp/fpsimd.S | 28 ++- arch/arm64/kvm/hyp/include/hyp/switch.h | 175 ++++++++++++++-- arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 110 ++++++---- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 86 ++++++-- arch/arm64/kvm/hyp/nvhe/pkvm.c | 85 ++++++-- arch/arm64/kvm/hyp/nvhe/switch.c | 4 +- arch/arm64/kvm/hyp/nvhe/sys_regs.c | 6 + arch/arm64/kvm/hyp/vhe/switch.c | 17 +- arch/arm64/kvm/hyp/vhe/sysreg-sr.c | 7 + arch/arm64/kvm/nested.c | 3 +- arch/arm64/kvm/reset.c | 156 ++++++++++---- arch/arm64/kvm/sys_regs.c | 141 ++++++++++++- arch/arm64/tools/sysreg | 8 +- include/uapi/linux/kvm.h | 1 + tools/testing/selftests/kvm/arm64/get-reg-list.c | 15 +- tools/testing/selftests/kvm/arm64/set_id_regs.c | 27 ++- 31 files changed, 1328 insertions(+), 304 deletions(-) --- base-commit: 062b3e4a1f880f104a8d4b90b767788786aa7b78 change-id: 20230301-kvm-arm64-sme-06a1246d3636 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 week, 5 days

3
31
0 0

[PATCH v1 00/36] mm: remove nth_page()

by David Hildenbrand

This is based on mm-unstable. I will only CC non-MM folks on the cover letter and the respective patch to not flood too many inboxes (the lists receive all patches). -- As discussed recently with Linus, nth_page() is just nasty and we would like to remove it. To recap, the reason we currently need nth_page() within a folio is because on some kernel configs (SPARSEMEM without SPARSEMEM_VMEMMAP), the memmap is allocated per memory section. While buddy allocations cannot cross memory section boundaries, hugetlb and dax folios can. So crossing a memory section means that "page++" could do the wrong thing. Instead, nth_page() on these problematic configs always goes from page->pfn, to the go from (++pfn)->page, which is rather nasty. Likely, many people have no idea when nth_page() is required and when it might be dropped. We refer to such problematic PFN ranges and "non-contiguous pages". If we only deal with "contiguous pages", there is not need for nth_page(). Besides that "obvious" folio case, we might end up using nth_page() within CMA allocations (again, could span memory sections), and in one corner case (kfence) when processing memblock allocations (again, could span memory sections). So let's handle all that, add sanity checks, and remove nth_page(). Patch #1 -> #5 : stop making SPARSEMEM_VMEMMAP user-selectable + cleanups Patch #6 -> #13 : disallow folios to have non-contiguous pages Patch #14 -> #20 : remove nth_page() usage within folios Patch #21 : disallow CMA allocations of non-contiguous pages Patch #22 -> #32 : sanity+check + remove nth_page() usage within SG entry Patch #33 : sanity-check + remove nth_page() usage in unpin_user_page_range_dirty_lock() Patch #34 : remove nth_page() in kfence Patch #35 : adjust stale comment regarding nth_page Patch #36 : mm: remove nth_page() A lot of this is inspired from the discussion at [1] between Linus, Jason and me, so cudos to them. [1] https://lore.kernel.org/all/CAHk-=wiCYfNp4AJLBORU-c7ZyRBUp66W2-Et6cdQ4REx-G… RFC -> v1: * "wireguard: selftests: remove CONFIG_SPARSEMEM_VMEMMAP=y from qemu kernel config" -> Mention that it was never really relevant for the test * "mm/mm_init: make memmap_init_compound() look more like prep_compound_page()" -> Mention the setup of page links * "mm: limit folio/compound page sizes in problematic kernel configs" -> Improve comment for PUD handling, mentioning hugetlb and dax * "mm: simplify folio_page() and folio_page_idx()" -> Call variable "n" * "mm/hugetlb: cleanup hugetlb_folio_init_tail_vmemmap()" -> Keep __init_single_page() and refer to the usage of memblock_reserved_mark_noinit() * "fs: hugetlbfs: cleanup folio in adjust_range_hwpoison()" * "fs: hugetlbfs: remove nth_page() usage within folio in adjust_range_hwpoison()" -> Separate nth_page() removal from cleanups -> Further improve cleanups * "io_uring/zcrx: remove nth_page() usage within folio" -> Keep the io_copy_cache for now and limit to nth_page() removal * "mm/gup: drop nth_page() usage within folio when recording subpages" -> Cleanup record_subpages as bit * "mm/cma: refuse handing out non-contiguous page ranges" -> Replace another instance of "pfn_to_page(pfn)" where we already have the page * "scatterlist: disallow non-contigous page ranges in a single SG entry" -> We have to EXPORT the symbol. I thought about moving it to mm_inline.h, but I really don't want to include that in include/linux/scatterlist.h * "ata: libata-eh: drop nth_page() usage within SG entry" * "mspro_block: drop nth_page() usage within SG entry" * "memstick: drop nth_page() usage within SG entry" * "mmc: drop nth_page() usage within SG entry" -> Keep PAGE_SHIFT * "scsi: scsi_lib: drop nth_page() usage within SG entry" * "scsi: sg: drop nth_page() usage within SG entry" -> Split patches, Keep PAGE_SHIFT * "crypto: remove nth_page() usage within SG entry" -> Keep PAGE_SHIFT * "kfence: drop nth_page() usage" -> Keep modifying i and use "start_pfn" only instead Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Jason Gunthorpe <jgg(a)nvidia.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Marek Szyprowski <m.szyprowski(a)samsung.com> Cc: Robin Murphy <robin.murphy(a)arm.com> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Marco Elver <elver(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Brendan Jackman <jackmanb(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Zi Yan <ziy(a)nvidia.com> Cc: Dennis Zhou <dennis(a)kernel.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: Christoph Lameter <cl(a)gentwo.org> Cc: Muchun Song <muchun.song(a)linux.dev> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: x86(a)kernel.org Cc: linux-arm-kernel(a)lists.infradead.org Cc: linux-mips(a)vger.kernel.org Cc: linux-s390(a)vger.kernel.org Cc: linux-crypto(a)vger.kernel.org Cc: linux-ide(a)vger.kernel.org Cc: intel-gfx(a)lists.freedesktop.org Cc: dri-devel(a)lists.freedesktop.org Cc: linux-mmc(a)vger.kernel.org Cc: linux-arm-kernel(a)axis.com Cc: linux-scsi(a)vger.kernel.org Cc: kvm(a)vger.kernel.org Cc: virtualization(a)lists.linux.dev Cc: linux-mm(a)kvack.org Cc: io-uring(a)vger.kernel.org Cc: iommu(a)lists.linux.dev Cc: kasan-dev(a)googlegroups.com Cc: wireguard(a)lists.zx2c4.com Cc: netdev(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org Cc: linux-riscv(a)lists.infradead.org David Hildenbrand (36): mm: stop making SPARSEMEM_VMEMMAP user-selectable arm64: Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" s390/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" x86/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" wireguard: selftests: remove CONFIG_SPARSEMEM_VMEMMAP=y from qemu kernel config mm/page_alloc: reject unreasonable folio/compound page sizes in alloc_contig_range_noprof() mm/memremap: reject unreasonable folio/compound page sizes in memremap_pages() mm/hugetlb: check for unreasonable folio sizes when registering hstate mm/mm_init: make memmap_init_compound() look more like prep_compound_page() mm: sanity-check maximum folio size in folio_set_order() mm: limit folio/compound page sizes in problematic kernel configs mm: simplify folio_page() and folio_page_idx() mm/hugetlb: cleanup hugetlb_folio_init_tail_vmemmap() mm/mm/percpu-km: drop nth_page() usage within single allocation fs: hugetlbfs: remove nth_page() usage within folio in adjust_range_hwpoison() fs: hugetlbfs: cleanup folio in adjust_range_hwpoison() mm/pagewalk: drop nth_page() usage within folio in folio_walk_start() mm/gup: drop nth_page() usage within folio when recording subpages io_uring/zcrx: remove nth_page() usage within folio mips: mm: convert __flush_dcache_pages() to __flush_dcache_folio_pages() mm/cma: refuse handing out non-contiguous page ranges dma-remap: drop nth_page() in dma_common_contiguous_remap() scatterlist: disallow non-contigous page ranges in a single SG entry ata: libata-eh: drop nth_page() usage within SG entry drm/i915/gem: drop nth_page() usage within SG entry mspro_block: drop nth_page() usage within SG entry memstick: drop nth_page() usage within SG entry mmc: drop nth_page() usage within SG entry scsi: scsi_lib: drop nth_page() usage within SG entry scsi: sg: drop nth_page() usage within SG entry vfio/pci: drop nth_page() usage within SG entry crypto: remove nth_page() usage within SG entry mm/gup: drop nth_page() usage in unpin_user_page_range_dirty_lock() kfence: drop nth_page() usage block: update comment of "struct bio_vec" regarding nth_page() mm: remove nth_page() arch/arm64/Kconfig | 1 - arch/mips/include/asm/cacheflush.h | 11 +++-- arch/mips/mm/cache.c | 8 ++-- arch/s390/Kconfig | 1 - arch/x86/Kconfig | 1 - crypto/ahash.c | 4 +- crypto/scompress.c | 8 ++-- drivers/ata/libata-sff.c | 6 +-- drivers/gpu/drm/i915/gem/i915_gem_pages.c | 2 +- drivers/memstick/core/mspro_block.c | 3 +- drivers/memstick/host/jmb38x_ms.c | 3 +- drivers/memstick/host/tifm_ms.c | 3 +- drivers/mmc/host/tifm_sd.c | 4 +- drivers/mmc/host/usdhi6rol0.c | 4 +- drivers/scsi/scsi_lib.c | 3 +- drivers/scsi/sg.c | 3 +- drivers/vfio/pci/pds/lm.c | 3 +- drivers/vfio/pci/virtio/migrate.c | 3 +- fs/hugetlbfs/inode.c | 33 +++++-------- include/crypto/scatterwalk.h | 4 +- include/linux/bvec.h | 7 +-- include/linux/mm.h | 48 +++++++++++++++---- include/linux/page-flags.h | 5 +- include/linux/scatterlist.h | 3 +- io_uring/zcrx.c | 4 +- kernel/dma/remap.c | 2 +- mm/Kconfig | 3 +- mm/cma.c | 39 +++++++++------ mm/gup.c | 14 ++++-- mm/hugetlb.c | 22 +++++---- mm/internal.h | 1 + mm/kfence/core.c | 12 +++-- mm/memremap.c | 3 ++ mm/mm_init.c | 15 +++--- mm/page_alloc.c | 5 +- mm/pagewalk.c | 2 +- mm/percpu-km.c | 2 +- mm/util.c | 34 +++++++++++++ tools/testing/scatterlist/linux/mm.h | 1 - .../selftests/wireguard/qemu/kernel.config | 1 - 40 files changed, 202 insertions(+), 129 deletions(-) base-commit: efa7612003b44c220551fd02466bfbad5180fc83 -- 2.50.1

1 week, 5 days

14
141
0 0

[PATCH net-next v3] selftests: net: add test for ipv6 fragmentation

by Brett A C Sheffield

Add selftest for the IPv6 fragmentation regression which affected several stable kernels. Commit a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable without some prerequisite commits. This caused a regression when sending IPv6 UDP packets by preventing fragmentation and instead returning -1 (EMSGSIZE). Add selftest to check for this issue by attempting to send a packet larger than the interface MTU. The packet will be fragmented on a working kernel, with sendmsg(2) correctly returning the expected number of bytes sent. When the regression is present, sendmsg returns -1 and sets errno to EMSGSIZE. Link: https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com Signed-off-by: Brett A C Sheffield <bacs(a)librecast.net> --- Thanks again Willem for the prompt review. I've incorporated your suggested changes into v3. v3 changes: - add usleep instead of busy polling on sendmsg - simplify error handling by using error() and leaving cleanup to O/S - use loopback interface - don't bother creating TAP - send to localhost (::1) v2 changes: - remove superfluous namespace calls - unshare(2) suffices - remove usleep(). Don't wait for the interface to be ready, just send, and handle the (less likely) error case by retrying. - set destination address only once - document our use of the IPv6 link-local source address - send to port 9 (DISCARD) instead of 4242 (DONT PANIC) - ensure sockets are closed on failure paths - use KSFT exit codes for clarity v2: https://lore.kernel.org/netdev/20250831102908.14655-1-bacs@librecast.net v1: https://lore.kernel.org/netdev/20250825092548.4436-3-bacs@librecast.net tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 1 + .../selftests/net/ipv6_fragmentation.c | 145 ++++++++++++++++++ 3 files changed, 147 insertions(+) create mode 100644 tools/testing/selftests/net/ipv6_fragmentation.c diff --git a/tools/testing/selftests/net/.gitignore b/tools/testing/selftests/net/.gitignore index 47c293c2962f..3d4b4a53dfda 100644 --- a/tools/testing/selftests/net/.gitignore +++ b/tools/testing/selftests/net/.gitignore @@ -16,6 +16,7 @@ ip_local_port_range ipsec ipv6_flowlabel ipv6_flowlabel_mgr +ipv6_fragmentation log.txt msg_oob msg_zerocopy diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index eef0b8f8a7b0..276e0481d996 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -117,6 +117,7 @@ TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh +TEST_GEN_PROGS += ipv6_fragmentation TEST_PROGS += route_hint.sh # YNL files, must be before "include ..lib.mk" diff --git a/tools/testing/selftests/net/ipv6_fragmentation.c b/tools/testing/selftests/net/ipv6_fragmentation.c new file mode 100644 index 000000000000..be79a0340826 --- /dev/null +++ b/tools/testing/selftests/net/ipv6_fragmentation.c @@ -0,0 +1,145 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Author: Brett A C Sheffield <bacs(a)librecast.net> + * + * Kernel selftest for the IPv6 fragmentation regression which affected stable + * kernels: + * + * https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com + * + * Commit: a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable + * without some prerequisite commits. + * + * This caused a regression when sending IPv6 UDP packets by preventing + * fragmentation and instead returning -1 (EMSGSIZE). + * + * This selftest demonstrates the issue by sending an IPv6 UDP packet to + * localhost (::1) on the loopback interface from the autoconfigured link-local + * address. + * + * sendmsg(2) returns bytes sent correctly on a working kernel, and returns -1 + * (EMSGSIZE) when the regression is present. + * + * The regression was not present in the mainline kernel, but add this test to + * catch similar breakage in future. + */ + +#define _GNU_SOURCE + +#include <error.h> +#include <fcntl.h> +#include <linux/if_tun.h> +#include <net/if.h> +#include <netinet/in.h> +#include <sched.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/ioctl.h> +#include <sys/socket.h> +#include <unistd.h> +#include "../kselftest.h" + +#define MTU 1500 +#define LARGER_THAN_MTU 8192 + +/* bring up interface */ +static int interface_up(int ctl, struct ifreq *ifr) +{ + if (ioctl(ctl, SIOCGIFFLAGS, ifr) == -1) + error(KSFT_FAIL, errno, "ioctl SIOCGIFFLAGS"); + ifr->ifr_flags = ifr->ifr_flags | IFF_UP; + return ioctl(ctl, SIOCSIFFLAGS, ifr); +} + +/* no need to wait for DAD in our namespace */ +static int disable_dad(char *ifname) +{ + char sysvar[] = "/proc/sys/net/ipv6/conf/%s/accept_dad"; + char fname[IFNAMSIZ + sizeof(sysvar)]; + int fd; + + snprintf(fname, sizeof(fname), sysvar, ifname); + fd = open(fname, O_WRONLY); + if (fd == -1) + error(KSFT_FAIL, errno, "open accept_dad"); + if (write(fd, "0", 1) != 1) + error(KSFT_FAIL, errno, "write accept_dad"); + + return close(fd); +} + +static int setup(void) +{ + struct ifreq ifr = { + .ifr_name = "lo" + }; + int fd = -1; + int ctl; + + /* we need to set MTU, so do this in a namespace to play nicely */ + if (unshare(CLONE_NEWNET) == -1) + error(KSFT_FAIL, errno, "unshare"); + + ctl = socket(AF_LOCAL, SOCK_STREAM, 0); + if (ctl == -1) + error(KSFT_FAIL, errno, "socket"); + + /* ensure MTU is smaller than what we plan to send */ + ifr.ifr_mtu = MTU; + if (ioctl(ctl, SIOCSIFMTU, &ifr) == -1) + error(KSFT_FAIL, errno, "ioctl: set MTU"); + + disable_dad("lo"); + interface_up(ctl, &ifr); + + close(ctl); + return fd; +} + +int main(void) +{ + struct in6_addr addr = { + .s6_addr[15] = 0x01, /* ::1 */ + }; + struct sockaddr_in6 sa = { + .sin6_family = AF_INET6, + .sin6_addr = addr, + .sin6_port = 9 /* port 9/udp (DISCARD) */ + }; + char buf[LARGER_THAN_MTU] = {0}; + struct iovec iov = { .iov_base = buf, .iov_len = sizeof(buf)}; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + .msg_name = (struct sockaddr *)&sa, + .msg_namelen = sizeof(sa), + }; + ssize_t rc; + int ns_fd; + int err = KSFT_FAIL; + int s; + + printf("Testing IPv6 fragmentation\n"); + ns_fd = setup(); + s = socket(AF_INET6, SOCK_DGRAM, 0); +send_again: + rc = sendmsg(s, &msg, 0); + if (rc == -1) { + /* if interface wasn't ready, try again */ + if (errno == EADDRNOTAVAIL) { + usleep(1000); + goto send_again; + } + printf("[FAIL] sendmsg: %s\n", strerror(errno)); + } else if (rc != LARGER_THAN_MTU) { + printf("[FAIL] sendmsg() returned %zi, expected %i\n", rc, LARGER_THAN_MTU); + } + else { + printf("[PASS] sendmsg() returned %zi\n", rc); + err = KSFT_PASS; + } + close(s); + close(ns_fd); + return err; +} base-commit: 864ecc4a6dade82d3f70eab43dad0e277aa6fc78 -- 2.49.1

1 week, 5 days

1
0
0 0

[PATCH v2 0/5] Add Zilsd/Zclsd support in hwprobe and KVM

by Pincheng Wang

Hi all, This is v2 of a short series that adds kernel support for the ratified Zilsd (Load/Store pair) and Zclsd (Compressed Load/Store pair) RISC-V ISA extensions. The series enables kernel-side exposure so user-space (for example glibc) can detect and use these extensions via hwprobe and runtime checks. Patches: - Patch 1：Add device tree bindings documentation for Zilsd and Zclsd. - Patch 2: Extend RISC-V ISA extension string parsing to recognize them. - Patch 3: Export Zilsd and Zclsd via riscv_hwprobe. - Patch 4: Allow KVM guests to use them. - Patch 5: Add KVM selftests. Changes in v2: - Device-tree schema: simplified the rv64 validation for Zilsd by removing a redundant `contais: const: zilsd` in the `if` clause; the simpler `if (riscv, isa-base contains rv64i) then (riscv, isa-extension not contains zilsd)` form is used instead. Behaviour is unchanged, and the logic is cleaner. - Device-tree schema: corrected Zclsd dependency to require both Zilsd and Zca (previous `anyOf` was incorrect; now both are enforced). - Commit message typo fixed: "dt-bidings" -> "dt-bindings" in the Patch 1 commit subject. The v2 changes are documentation/schema corrections in extensions.yaml. No functional changes were made to ISA parsing, hwprobe syscall, KVM guest support or the selftests beyond ensuring the binding correctly documents and validates the extension relationships. Please review v2 and advise if futher changes are needed. Thanks, Pincheng Wang Pincheng Wang (5): dt-bindings: riscv: add Zilsd and Zclsd extension descriptions riscv: add ISA extension parsing for Zilsd and Zclsd riscv: hwprobe: export Zilsd and Zclsd ISA extensions riscv: KVM: allow Zilsd and Zclsd extensions for Guest/VM KVM: riscv: selftests: add Zilsd and Zclsd extension to get-reg-list test Documentation/arch/riscv/hwprobe.rst | 8 +++++ .../devicetree/bindings/riscv/extensions.yaml | 36 +++++++++++++++++++ arch/riscv/include/asm/hwcap.h | 2 ++ arch/riscv/include/uapi/asm/hwprobe.h | 2 ++ arch/riscv/include/uapi/asm/kvm.h | 2 ++ arch/riscv/kernel/cpufeature.c | 24 +++++++++++++ arch/riscv/kernel/sys_hwprobe.c | 2 ++ arch/riscv/kvm/vcpu_onereg.c | 2 ++ .../selftests/kvm/riscv/get-reg-list.c | 6 ++++ 9 files changed, 84 insertions(+) -- 2.39.5

1 week, 6 days

3
11
0 0

[PATCH v5 0/7] Add support for FEAT_{LS64, LS64_V} and related tests

by Yicong Yang

From: Yicong Yang <yangyicong(a)hisilicon.com> Armv8.7 introduces single-copy atomic 64-byte loads and stores instructions and its variants named under FEAT_{LS64, LS64_V}. Add support for Armv8.7 FEAT_{LS64, LS64_V}: - Add identifying and enabling in the cpufeature list - Expose the support of these features to userspace through HWCAP3 and cpuinfo - Add related hwcap test - Handle the trap of unsupported memory (normal/uncacheable) access in a VM A real scenario for this feature is that the userspace driver can make use of this to implement direct WQE (workqueue entry) - a mechanism to fill WQE directly into the hardware. Picked Marc's 2 patches form [1] for handling the LS64 trap in a VM on emulated MMIO and the introduce of KVM_EXIT_ARM_LDST64B. [1] https://lore.kernel.org/linux-arm-kernel/20240815125959.2097734-1-maz@kerne… Tested with updated hwcap test: [root@localhost tmp]# dmesg | grep "All CPU(s) started" [ 14.789859] CPU: All CPU(s) started at EL2 [root@localhost tmp]# ./hwcap # LS64 present ok 217 cpuinfo_match_LS64 ok 218 sigill_LS64 ok 219 # SKIP sigbus_LS64_V # LS64_V present ok 220 cpuinfo_match_LS64_V ok 221 sigill_LS64_V ok 222 # SKIP sigbus_LS64_V # 115 skipped test(s) detected. Consider enabling relevant config options to improve coverage. # Totals: pass:107 fail:0 xfail:0 xpass:0 skip:115 error:0 root@localhost:/mnt# dmesg | grep "All CPU(s) started" [ 0.281152] CPU: All CPU(s) started at EL1 root@localhost:/mnt# ./hwcap # LS64 present ok 217 cpuinfo_match_LS64 ok 218 sigill_LS64 ok 219 # SKIP sigbus_LS64 # LS64_V present ok 220 cpuinfo_match_LS64_V ok 221 sigill_LS64_V ok 222 # SKIP sigbus_LS64_V # 115 skipped test(s) detected. Consider enabling relevant config options to improve coverage. # Totals: pass:107 fail:0 xfail:0 xpass:0 skip:115 error:0 Change since v4: - Rebase on v6.17-rc2 and fix the conflicts Link: https://lore.kernel.org/linux-arm-kernel/20250715081356.12442-1-yangyicong@… Change since v3: - Inject DABT fault for LS64 fault on unsupported memory but with valid memslot Link: https://lore.kernel.org/linux-arm-kernel/20250626080906.64230-1-yangyicong@… Change since v2: - Handle the LS64 fault to userspace and allow userspace to inject LS64 fault - Reorder the patches to make KVM handling prior to feature support Link: https://lore.kernel.org/linux-arm-kernel/20250331094320.35226-1-yangyicong@… Change since v1: - Drop the support for LS64_ACCDATA - handle the DABT of unsupported memory type after checking the memory attributes Link: https://lore.kernel.org/linux-arm-kernel/20241202135504.14252-1-yangyicong@… Marc Zyngier (2): KVM: arm64: Add exit to userspace on {LD,ST}64B* outside of memslots KVM: arm64: Add documentation for KVM_EXIT_ARM_LDST64B Yicong Yang (5): KVM: arm64: Handle DABT caused by LS64* instructions on unsupported memory arm64: Provide basic EL2 setup for FEAT_{LS64, LS64_V} usage at EL0/1 arm64: Add support for FEAT_{LS64, LS64_V} KVM: arm64: Enable FEAT_{LS64, LS64_V} in the supported guest kselftest/arm64: Add HWCAP test for FEAT_{LS64, LS64_V} Documentation/arch/arm64/booting.rst | 12 +++ Documentation/arch/arm64/elf_hwcaps.rst | 6 ++ Documentation/virt/kvm/api.rst | 43 +++++++++-- arch/arm64/include/asm/el2_setup.h | 12 ++- arch/arm64/include/asm/esr.h | 8 ++ arch/arm64/include/asm/hwcap.h | 2 + arch/arm64/include/asm/kvm_emulate.h | 7 ++ arch/arm64/include/uapi/asm/hwcap.h | 2 + arch/arm64/kernel/cpufeature.c | 51 +++++++++++++ arch/arm64/kernel/cpuinfo.c | 2 + arch/arm64/kvm/inject_fault.c | 22 ++++++ arch/arm64/kvm/mmio.c | 27 ++++++- arch/arm64/kvm/mmu.c | 14 +++- arch/arm64/tools/cpucaps | 2 + include/uapi/linux/kvm.h | 3 +- tools/testing/selftests/arm64/abi/hwcap.c | 90 +++++++++++++++++++++++ 16 files changed, 292 insertions(+), 11 deletions(-) -- 2.24.0

1 week, 6 days

1
8
0 0

[PATCH v2] KVM: loongarch: selftests: Remove common tests built by TEST_GEN_PROGS_COMMON

by dayss1224＠gmail.com

From: Dong Yang <dayss1224(a)gmail.com> Remove the common KVM test cases already added to TEST_GEN_PROGS_COMMON as following: demand_paging_test dirty_log_test guest_print_test kvm_binary_stats_test kvm_create_max_vcpus kvm_page_table_test set_memory_region_test Fixes: a867688c8cbb ("KVM: selftests: Add supported test cases for LoongArch") Signed-off-by: Quan Zhou <zhouquan(a)iscas.ac.cn> Signed-off-by: Dong Yang <dayss1224(a)gmail.com> Changes in v2: - Add "TEST_GEN_PROGS_loongarch = $(TEST_GEN_PROGS_COMMON)" to include common tests --- tools/testing/selftests/kvm/Makefile.kvm | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selftests/kvm/Makefile.kvm index 38b95998e1e6..3fd1c2ae68d0 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -198,18 +198,12 @@ TEST_GEN_PROGS_riscv += coalesced_io_test TEST_GEN_PROGS_riscv += get-reg-list TEST_GEN_PROGS_riscv += steal_time +TEST_GEN_PROGS_loongarch = $(TEST_GEN_PROGS_COMMON) TEST_GEN_PROGS_loongarch += coalesced_io_test -TEST_GEN_PROGS_loongarch += demand_paging_test TEST_GEN_PROGS_loongarch += dirty_log_perf_test -TEST_GEN_PROGS_loongarch += dirty_log_test -TEST_GEN_PROGS_loongarch += guest_print_test TEST_GEN_PROGS_loongarch += hardware_disable_test -TEST_GEN_PROGS_loongarch += kvm_binary_stats_test -TEST_GEN_PROGS_loongarch += kvm_create_max_vcpus -TEST_GEN_PROGS_loongarch += kvm_page_table_test TEST_GEN_PROGS_loongarch += memslot_modification_stress_test TEST_GEN_PROGS_loongarch += memslot_perf_test -TEST_GEN_PROGS_loongarch += set_memory_region_test SPLIT_TESTS += arch_timer SPLIT_TESTS += get-reg-list base-commit: b23ff7e52a79f4fe2382e3564719b97b718166d1 -- 2.34.1

1 week, 6 days

1
0
0 0

[PATCHSET V1 0/2] cpuidle, bpf: Introduce BPF-based extensible cpuidle policy via struct_ops

by Lin Yikai

Summary ---------- Hi, everyone, This patch set introduces an extensible cpuidle governor framework using BPF struct_ops, enabling dynamic implementation of idle-state selection policies via BPF programs. Motivation ---------- As is well-known, CPUs support multiple idle states (e.g., C0, C1, C2, ...), where deeper states reduce power consumption, but results in longer wakeup latency, potentially affecting performance. Existing generic cpuidle governors operate effectively in common scenarios but exhibit suboptimal behavior in specific Android phone's use cases. Our testing reveals that during low-utilization scenarios (e.g., screen-off background tasks like music playback with CPU utilization <10%), the C0 state occupies ~50% of idle time, causing significant energy inefficiency. Reducing C0 to ≤20% could yield ≥5% power savings on mobile phones. To address this, we expect: 1.Dynamic governor switching to power-saved policies for low cpu utilization scenarios (e.g., screen-off mode) 2.Dynamic switching to alternate governors for high-performance scenarios (e.g., gaming) OverView ---------- The BPF cpuidle ext governor registers at postcore_initcall() but remains disabled by default due to its low priority "rating" with value "1". Activation requires adjust higer "rating" than other governors within BPF. Core Components: 1.**struct cpuidle_gov_ext_ops** – BPF-overridable operations: - ops.enable()/ops.disable(): enable or disable callback - ops.select(): cpu Idle-state selection logic - ops.set_stop_tick(): Scheduler tick management after state selection - ops.reflect(): feedback info about previous idle state. - ops.init()/ops.deinit(): Initialization or cleanup. 2.**Critical kfuncs for kernel state access**: - bpf_cpuidle_ext_gov_update_rating(): Activate ext governor by raising rating must be called from "ops.init()" - bpf_cpuidle_ext_gov_latency_req(): get idle-state latency constraints - bpf_tick_nohz_get_sleep_length(): get CPU sleep duration in tickless mode Future work ---------- 1. Scenario detection: Identifying low-utilization states (e.g., screen-off + background music) 2. Policy optimization: Optimizing state-selection algorithms for specific scenarios Lin Yikai (2): Subject: [PATCH v1 1/2] cpuidle: Implement BPF extensible cpuidle class Subject: [PATCH v1 2/2] selftests/bpf: Add selftests drivers/cpuidle/Kconfig | 12 + drivers/cpuidle/governors/Makefile | 1 + drivers/cpuidle/governors/ext.c | 537 ++++++++++++++++++ .../bpf/prog_tests/test_cpuidle_gov_ext.c | 28 + .../selftests/bpf/progs/cpuidle_gov_ext.c | 208 +++++++ 5 files changed, 786 insertions(+) create mode 100644 drivers/cpuidle/governors/ext.c create mode 100644 tools/testing/selftests/bpf/prog_tests/test_cpuidle_gov_ext.c create mode 100644 tools/testing/selftests/bpf/progs/cpuidle_gov_ext.c -- 2.43.0

1 week, 6 days

4
6
0 0

[PATCH 0/2] selftests: Centralize kselftest headers to avoid relative includes

by Bala-Vignesh-Reddy

This series centralize the handling of kselftest.h and kselftest_harness.h includes in selftests, replacing relative paths with a non-relative approach using shared -I path. Patch-1 updates the build files (Makefile and lib.mk) and include CFLAGS in sync/Makefile to resolve not found error Patch-2 applies bulk source change (Patch 2 is large but it is replaced automatically) Checked the changes with gcc-13.32 and clang 18.1 Suggested-by: Andrew Morton <akpm(a)linux-foundation.org> Link: https://lore.kernel.org/lkml/20250820143954.33d95635e504e94df01930d0@linux-… Bala-Vignesh-Reddy (2): selftests: Centralize include path for kselftest.h and kselftest_harness.h selftests: Replace relative includes with non-relative for kselftest.h and kselftest_harness.h Signed-off-by: Bala-Vignesh-Reddy <reddybalavignesh9979(a)gmail.com> tools/testing/selftests/Makefile | 4 ++++ tools/testing/selftests/acct/acct_syscall.c | 2 +- tools/testing/selftests/alsa/conf.c | 2 +- tools/testing/selftests/alsa/mixer-test.c | 2 +- tools/testing/selftests/alsa/pcm-test.c | 2 +- tools/testing/selftests/alsa/test-pcmtest-driver.c | 2 +- tools/testing/selftests/alsa/utimer-test.c | 2 +- tools/testing/selftests/arm64/abi/hwcap.c | 2 +- tools/testing/selftests/arm64/abi/ptrace.c | 2 +- tools/testing/selftests/arm64/abi/syscall-abi.c | 2 +- tools/testing/selftests/arm64/fp/fp-ptrace.c | 2 +- tools/testing/selftests/arm64/fp/fp-stress.c | 2 +- tools/testing/selftests/arm64/fp/sve-probe-vls.c | 2 +- tools/testing/selftests/arm64/fp/sve-ptrace.c | 2 +- tools/testing/selftests/arm64/fp/vec-syscfg.c | 2 +- tools/testing/selftests/arm64/fp/za-ptrace.c | 2 +- tools/testing/selftests/arm64/fp/zt-ptrace.c | 2 +- tools/testing/selftests/arm64/gcs/gcs-stress.c | 2 +- tools/testing/selftests/arm64/pauth/pac.c | 2 +- tools/testing/selftests/arm64/tags/tags_test.c | 2 +- tools/testing/selftests/bpf/xskxceiver.c | 2 +- tools/testing/selftests/breakpoints/breakpoint_test.c | 2 +- tools/testing/selftests/breakpoints/breakpoint_test_arm64.c | 2 +- tools/testing/selftests/breakpoints/step_after_suspend_test.c | 2 +- tools/testing/selftests/cachestat/test_cachestat.c | 2 +- tools/testing/selftests/capabilities/test_execve.c | 2 +- tools/testing/selftests/capabilities/validate_cap.c | 2 +- tools/testing/selftests/cgroup/test_core.c | 2 +- tools/testing/selftests/cgroup/test_cpu.c | 2 +- tools/testing/selftests/cgroup/test_cpuset.c | 2 +- tools/testing/selftests/cgroup/test_freezer.c | 2 +- tools/testing/selftests/cgroup/test_hugetlb_memcg.c | 2 +- tools/testing/selftests/cgroup/test_kill.c | 2 +- tools/testing/selftests/cgroup/test_kmem.c | 2 +- tools/testing/selftests/cgroup/test_memcontrol.c | 2 +- tools/testing/selftests/cgroup/test_pids.c | 2 +- tools/testing/selftests/cgroup/test_zswap.c | 2 +- tools/testing/selftests/clone3/clone3.c | 2 +- .../testing/selftests/clone3/clone3_cap_checkpoint_restore.c | 2 +- tools/testing/selftests/clone3/clone3_clear_sighand.c | 2 +- tools/testing/selftests/clone3/clone3_selftests.h | 2 +- tools/testing/selftests/clone3/clone3_set_tid.c | 2 +- tools/testing/selftests/connector/proc_filter.c | 2 +- tools/testing/selftests/core/close_range_test.c | 2 +- tools/testing/selftests/core/unshare_test.c | 2 +- tools/testing/selftests/coredump/stackdump_test.c | 2 +- tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 2 +- tools/testing/selftests/drivers/dma-buf/udmabuf.c | 2 +- tools/testing/selftests/drivers/ntsync/ntsync.c | 2 +- .../testing/selftests/drivers/s390x/uvdevice/test_uvdevice.c | 2 +- tools/testing/selftests/exec/check-exec.c | 2 +- tools/testing/selftests/exec/execveat.c | 2 +- tools/testing/selftests/exec/load_address.c | 2 +- tools/testing/selftests/exec/non-regular.c | 2 +- tools/testing/selftests/exec/null-argv.c | 2 +- tools/testing/selftests/exec/recursion-depth.c | 2 +- tools/testing/selftests/fchmodat2/fchmodat2_test.c | 2 +- tools/testing/selftests/filelock/ofdlocks.c | 2 +- tools/testing/selftests/filesystems/anon_inode_test.c | 2 +- tools/testing/selftests/filesystems/binderfs/binderfs_test.c | 2 +- tools/testing/selftests/filesystems/devpts_pts.c | 2 +- tools/testing/selftests/filesystems/epoll/epoll_wakeup_test.c | 2 +- tools/testing/selftests/filesystems/eventfd/eventfd_test.c | 2 +- tools/testing/selftests/filesystems/file_stressor.c | 2 +- tools/testing/selftests/filesystems/kernfs_test.c | 2 +- .../selftests/filesystems/mount-notify/mount-notify_test.c | 2 +- .../selftests/filesystems/mount-notify/mount-notify_test_ns.c | 2 +- tools/testing/selftests/filesystems/nsfs/iterate_mntns.c | 2 +- tools/testing/selftests/filesystems/overlayfs/dev_in_maps.c | 2 +- .../selftests/filesystems/overlayfs/set_layers_via_fds.c | 2 +- .../testing/selftests/filesystems/statmount/listmount_test.c | 2 +- .../testing/selftests/filesystems/statmount/statmount_test.c | 2 +- .../selftests/filesystems/statmount/statmount_test_ns.c | 2 +- tools/testing/selftests/filesystems/utils.c | 2 +- tools/testing/selftests/hid/hid_common.h | 2 +- tools/testing/selftests/intel_pstate/aperf.c | 2 +- tools/testing/selftests/iommu/iommufd_utils.h | 2 +- tools/testing/selftests/ipc/msgque.c | 2 +- tools/testing/selftests/ir/ir_loopback.c | 2 +- tools/testing/selftests/kcmp/kcmp_test.c | 2 +- tools/testing/selftests/kselftest_harness.h | 2 +- tools/testing/selftests/kselftest_harness/harness-selftest.c | 2 +- tools/testing/selftests/landlock/audit.h | 2 +- tools/testing/selftests/landlock/common.h | 2 +- tools/testing/selftests/lib.mk | 2 ++ tools/testing/selftests/lsm/lsm_get_self_attr_test.c | 2 +- tools/testing/selftests/lsm/lsm_list_modules_test.c | 2 +- tools/testing/selftests/lsm/lsm_set_self_attr_test.c | 2 +- tools/testing/selftests/media_tests/media_device_open.c | 2 +- tools/testing/selftests/media_tests/media_device_test.c | 2 +- tools/testing/selftests/membarrier/membarrier_test_impl.h | 2 +- tools/testing/selftests/mincore/mincore_selftest.c | 4 ++-- tools/testing/selftests/mm/compaction_test.c | 2 +- tools/testing/selftests/mm/cow.c | 2 +- tools/testing/selftests/mm/droppable.c | 2 +- tools/testing/selftests/mm/guard-regions.c | 2 +- tools/testing/selftests/mm/gup_longterm.c | 2 +- tools/testing/selftests/mm/gup_test.c | 2 +- tools/testing/selftests/mm/hmm-tests.c | 2 +- tools/testing/selftests/mm/hugepage-mmap.c | 2 +- tools/testing/selftests/mm/hugepage-mremap.c | 2 +- tools/testing/selftests/mm/hugetlb-madvise.c | 2 +- tools/testing/selftests/mm/hugetlb-read-hwpoison.c | 2 +- tools/testing/selftests/mm/hugetlb-soft-offline.c | 2 +- tools/testing/selftests/mm/hugetlb_dio.c | 2 +- tools/testing/selftests/mm/hugetlb_fault_after_madv.c | 2 +- tools/testing/selftests/mm/hugetlb_madv_vs_map.c | 2 +- tools/testing/selftests/mm/ksm_functional_tests.c | 2 +- tools/testing/selftests/mm/ksm_tests.c | 2 +- tools/testing/selftests/mm/madv_populate.c | 2 +- tools/testing/selftests/mm/map_fixed_noreplace.c | 2 +- tools/testing/selftests/mm/map_hugetlb.c | 2 +- tools/testing/selftests/mm/map_populate.c | 2 +- tools/testing/selftests/mm/mdwe_test.c | 2 +- tools/testing/selftests/mm/memfd_secret.c | 2 +- tools/testing/selftests/mm/merge.c | 2 +- tools/testing/selftests/mm/migration.c | 2 +- tools/testing/selftests/mm/mkdirty.c | 2 +- tools/testing/selftests/mm/mlock-random-test.c | 2 +- tools/testing/selftests/mm/mlock2-tests.c | 2 +- tools/testing/selftests/mm/mrelease_test.c | 2 +- tools/testing/selftests/mm/mremap_dontunmap.c | 2 +- tools/testing/selftests/mm/mremap_test.c | 2 +- tools/testing/selftests/mm/mseal_test.c | 2 +- tools/testing/selftests/mm/on-fault-limit.c | 2 +- tools/testing/selftests/mm/pagemap_ioctl.c | 2 +- tools/testing/selftests/mm/pfnmap.c | 2 +- tools/testing/selftests/mm/pkey-helpers.h | 2 +- tools/testing/selftests/mm/process_madv.c | 2 +- tools/testing/selftests/mm/soft-dirty.c | 2 +- tools/testing/selftests/mm/split_huge_page_test.c | 2 +- tools/testing/selftests/mm/thuge-gen.c | 2 +- tools/testing/selftests/mm/transhuge-stress.c | 2 +- tools/testing/selftests/mm/uffd-common.h | 2 +- tools/testing/selftests/mm/uffd-wp-mremap.c | 2 +- tools/testing/selftests/mm/va_high_addr_switch.c | 2 +- tools/testing/selftests/mm/virtual_address_range.c | 2 +- tools/testing/selftests/mm/vm_util.c | 2 +- tools/testing/selftests/mm/vm_util.h | 2 +- tools/testing/selftests/mount_setattr/mount_setattr_test.c | 2 +- .../move_mount_set_group/move_mount_set_group_test.c | 2 +- tools/testing/selftests/mqueue/mq_open_tests.c | 2 +- tools/testing/selftests/mqueue/mq_perf_tests.c | 2 +- .../selftests/mseal_system_mappings/sysmap_is_sealed.c | 4 ++-- tools/testing/selftests/nci/nci_dev.c | 2 +- tools/testing/selftests/net/af_unix/diag_uid.c | 2 +- tools/testing/selftests/net/af_unix/msg_oob.c | 2 +- tools/testing/selftests/net/af_unix/scm_inq.c | 2 +- tools/testing/selftests/net/af_unix/scm_pidfd.c | 2 +- tools/testing/selftests/net/af_unix/scm_rights.c | 2 +- tools/testing/selftests/net/af_unix/unix_connect.c | 2 +- tools/testing/selftests/net/bind_timewait.c | 2 +- tools/testing/selftests/net/bind_wildcard.c | 2 +- tools/testing/selftests/net/can/test_raw_filter.c | 2 +- tools/testing/selftests/net/cmsg_sender.c | 2 +- tools/testing/selftests/net/epoll_busy_poll.c | 2 +- tools/testing/selftests/net/gro.c | 2 +- tools/testing/selftests/net/ip_local_port_range.c | 2 +- tools/testing/selftests/net/ipsec.c | 2 +- tools/testing/selftests/net/netfilter/conntrack_dump_flush.c | 2 +- tools/testing/selftests/net/netlink-dumps.c | 2 +- tools/testing/selftests/net/proc_net_pktgen.c | 2 +- tools/testing/selftests/net/psock_fanout.c | 2 +- tools/testing/selftests/net/psock_tpacket.c | 2 +- tools/testing/selftests/net/reuseaddr_ports_exhausted.c | 2 +- tools/testing/selftests/net/reuseport_bpf.c | 2 +- tools/testing/selftests/net/reuseport_bpf_numa.c | 2 +- tools/testing/selftests/net/rxtimestamp.c | 2 +- tools/testing/selftests/net/sk_so_peek_off.c | 2 +- tools/testing/selftests/net/so_incoming_cpu.c | 2 +- tools/testing/selftests/net/socket.c | 2 +- tools/testing/selftests/net/tap.c | 2 +- tools/testing/selftests/net/tcp_ao/lib/setup.c | 2 +- tools/testing/selftests/net/tcp_fastopen_backup_key.c | 2 +- tools/testing/selftests/net/tls.c | 2 +- tools/testing/selftests/net/toeplitz.c | 2 +- tools/testing/selftests/net/tun.c | 2 +- tools/testing/selftests/net/udpgso_bench_tx.c | 2 +- tools/testing/selftests/openat2/helpers.h | 2 +- tools/testing/selftests/openat2/openat2_test.c | 2 +- tools/testing/selftests/openat2/rename_attack_test.c | 2 +- tools/testing/selftests/openat2/resolve_test.c | 2 +- tools/testing/selftests/pci_endpoint/pci_endpoint_test.c | 2 +- tools/testing/selftests/perf_events/mmap.c | 2 +- tools/testing/selftests/perf_events/remove_on_exec.c | 2 +- tools/testing/selftests/perf_events/sigtrap_threads.c | 2 +- tools/testing/selftests/perf_events/watermark_signal.c | 2 +- tools/testing/selftests/pid_namespace/pid_max.c | 2 +- tools/testing/selftests/pid_namespace/regression_enomem.c | 2 +- tools/testing/selftests/pidfd/pidfd.h | 2 +- tools/testing/selftests/pidfd/pidfd_bind_mount.c | 2 +- tools/testing/selftests/pidfd/pidfd_fdinfo_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_file_handle_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_getfd_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_info_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_open_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_poll_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_setattr_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_setns_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_test.c | 2 +- tools/testing/selftests/pidfd/pidfd_wait.c | 2 +- tools/testing/selftests/pidfd/pidfd_xattr_test.c | 2 +- tools/testing/selftests/prctl/set-anon-vma-name-test.c | 2 +- tools/testing/selftests/prctl/set-process-name.c | 2 +- tools/testing/selftests/proc/proc-maps-race.c | 2 +- tools/testing/selftests/proc/proc-pid-vm.c | 2 +- tools/testing/selftests/ptrace/get_set_sud.c | 2 +- tools/testing/selftests/ptrace/get_syscall_info.c | 2 +- tools/testing/selftests/ptrace/set_syscall_info.c | 2 +- tools/testing/selftests/ptrace/vmaccess.c | 2 +- tools/testing/selftests/resctrl/resctrl.h | 2 +- tools/testing/selftests/ring-buffer/map_test.c | 2 +- tools/testing/selftests/riscv/abi/pointer_masking.c | 2 +- tools/testing/selftests/riscv/hwprobe/cbo.c | 2 +- tools/testing/selftests/riscv/hwprobe/hwprobe.c | 2 +- tools/testing/selftests/riscv/hwprobe/which-cpus.c | 2 +- tools/testing/selftests/riscv/mm/mmap_bottomup.c | 2 +- tools/testing/selftests/riscv/mm/mmap_default.c | 2 +- tools/testing/selftests/riscv/mm/mmap_test.h | 2 +- tools/testing/selftests/riscv/sigreturn/sigreturn.c | 2 +- tools/testing/selftests/riscv/vector/v_initval.c | 2 +- tools/testing/selftests/riscv/vector/vstate_prctl.c | 2 +- tools/testing/selftests/rseq/basic_percpu_ops_test.c | 2 +- tools/testing/selftests/rseq/rseq.c | 2 +- tools/testing/selftests/rtc/rtctest.c | 2 +- tools/testing/selftests/seccomp/seccomp_benchmark.c | 2 +- tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +- tools/testing/selftests/sgx/main.c | 2 +- tools/testing/selftests/signal/mangle_uc_sigmask.c | 2 +- tools/testing/selftests/signal/sas.c | 2 +- tools/testing/selftests/sparc64/drivers/adi-test.c | 2 +- tools/testing/selftests/sync/Makefile | 2 +- tools/testing/selftests/sync/sync_test.c | 2 +- tools/testing/selftests/sync/synctest.h | 2 +- tools/testing/selftests/syscall_user_dispatch/sud_test.c | 2 +- tools/testing/selftests/tdx/tdx_guest_test.c | 2 +- tools/testing/selftests/timens/timens.h | 2 +- tools/testing/selftests/timers/adjtick.c | 2 +- tools/testing/selftests/timers/alarmtimer-suspend.c | 2 +- tools/testing/selftests/timers/change_skew.c | 2 +- tools/testing/selftests/timers/clocksource-switch.c | 2 +- tools/testing/selftests/timers/freq-step.c | 2 +- tools/testing/selftests/timers/inconsistency-check.c | 2 +- tools/testing/selftests/timers/leap-a-day.c | 2 +- tools/testing/selftests/timers/leapcrash.c | 2 +- tools/testing/selftests/timers/mqueue-lat.c | 2 +- tools/testing/selftests/timers/nanosleep.c | 2 +- tools/testing/selftests/timers/nsleep-lat.c | 2 +- tools/testing/selftests/timers/posix_timers.c | 2 +- tools/testing/selftests/timers/raw_skew.c | 2 +- tools/testing/selftests/timers/rtcpie.c | 2 +- tools/testing/selftests/timers/set-2038.c | 2 +- tools/testing/selftests/timers/set-tai.c | 2 +- tools/testing/selftests/timers/set-timer-lat.c | 2 +- tools/testing/selftests/timers/set-tz.c | 2 +- tools/testing/selftests/timers/skew_consistency.c | 2 +- tools/testing/selftests/timers/threadtest.c | 2 +- tools/testing/selftests/timers/valid-adjtimex.c | 2 +- tools/testing/selftests/tmpfs/bug-link-o-tmpfile.c | 2 +- tools/testing/selftests/tty/tty_tstamp_update.c | 2 +- tools/testing/selftests/uevent/uevent_filtering.c | 2 +- tools/testing/selftests/user_events/abi_test.c | 2 +- tools/testing/selftests/user_events/dyn_test.c | 2 +- tools/testing/selftests/user_events/ftrace_test.c | 2 +- tools/testing/selftests/user_events/perf_test.c | 2 +- tools/testing/selftests/user_events/user_events_selftests.h | 2 +- tools/testing/selftests/vDSO/vdso_test_abi.c | 2 +- tools/testing/selftests/vDSO/vdso_test_chacha.c | 2 +- tools/testing/selftests/vDSO/vdso_test_clock_getres.c | 2 +- tools/testing/selftests/vDSO/vdso_test_correctness.c | 2 +- tools/testing/selftests/vDSO/vdso_test_getcpu.c | 2 +- tools/testing/selftests/vDSO/vdso_test_getrandom.c | 2 +- tools/testing/selftests/vDSO/vdso_test_gettimeofday.c | 2 +- tools/testing/selftests/x86/corrupt_xstate_header.c | 2 +- tools/testing/selftests/x86/helpers.h | 2 +- tools/testing/selftests/x86/lam.c | 2 +- tools/testing/selftests/x86/syscall_numbering.c | 2 +- tools/testing/selftests/x86/test_mremap_vdso.c | 2 +- tools/testing/selftests/x86/test_vsyscall.c | 2 +- tools/testing/selftests/x86/xstate.h | 2 +- 280 files changed, 286 insertions(+), 280 deletions(-) -- 2.43.0

1 week, 6 days

3
15
0 0

[PATCH net-next] selftests: net: add test for ipv6 fragmentation

by Brett A C Sheffield

Add selftest for the IPv6 fragmentation regression which affected several stable kernels. Commit a18dfa9925b9 ("ipv6: save dontfrag in cork") was backported to stable without some prerequisite commits. This caused a regression when sending IPv6 UDP packets by preventing fragmentation and instead returning -1 (EMSGSIZE). Add selftest to check for this issue by attempting to send a packet larger than the interface MTU. The packet will be fragmented on a working kernel, with sendmsg(2) correctly returning the expected number of bytes sent. When the regression is present, sendmsg returns -1 and sets errno to EMSGSIZE. Signed-off-by: Brett A C Sheffield <bacs(a)librecast.net> Link: https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com --- tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 1 + .../selftests/net/ipv6_fragmentation.c | 204 ++++++++++++++++++ 3 files changed, 206 insertions(+) create mode 100644 tools/testing/selftests/net/ipv6_fragmentation.c diff --git a/tools/testing/selftests/net/.gitignore b/tools/testing/selftests/net/.gitignore index 47c293c2962f..3d4b4a53dfda 100644 --- a/tools/testing/selftests/net/.gitignore +++ b/tools/testing/selftests/net/.gitignore @@ -16,6 +16,7 @@ ip_local_port_range ipsec ipv6_flowlabel ipv6_flowlabel_mgr +ipv6_fragmentation log.txt msg_oob msg_zerocopy diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index b31a71f2b372..f83f91b758ae 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -117,6 +117,7 @@ TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh +TEST_GEN_PROGS += ipv6_fragmentation # YNL files, must be before "include ..lib.mk" YNL_GEN_FILES := busy_poller netlink-dumps diff --git a/tools/testing/selftests/net/ipv6_fragmentation.c b/tools/testing/selftests/net/ipv6_fragmentation.c new file mode 100644 index 000000000000..21e1a3cdc63d --- /dev/null +++ b/tools/testing/selftests/net/ipv6_fragmentation.c @@ -0,0 +1,204 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Author: Brett A C Sheffield <bacs(a)librecast.net> + * + * Kernel selftest for the IPv6 fragmentation regression which affected + * stable kernels: + * + * https://lore.kernel.org/stable/aElivdUXqd1OqgMY@karahi.gladserv.com + * + * Commit: + * a18dfa9925b9 ("ipv6: save dontfrag in cork") + * was backported to stable without some prerequisite commits. + * + * This caused a regression when sending IPv6 UDP packets by preventing + * fragmentation and instead returning -1 (EMSGSIZE). + * + * This selftest demonstrates the issue. sendmsg returns correctly (8192) + * on a working kernel, and returns -1 (EMSGSIZE) when the regression is + * present. + * + * The regression was not present in the mainline kernel, but add this test to + * catch similar breakage in future. + */ + +#define _GNU_SOURCE + +#include <fcntl.h> +#include <linux/if_tun.h> +#include <net/if.h> +#include <netinet/in.h> +#include <sched.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/ioctl.h> +#include <sys/socket.h> +#include <unistd.h> + +#define MTU 1500 +#define LARGER_THAN_MTU 8192 + +/* ensure MTU is smaller than what we plan to send */ +static int set_mtu(int ctl, char *ifname, struct ifreq *ifr) +{ + ifr->ifr_mtu = MTU; + return ioctl(ctl, SIOCSIFMTU, ifr); +} + +/* bring up interface */ +static int interface_up(int ctl, char *ifname, struct ifreq *ifr) +{ + if (ioctl(ctl, SIOCGIFFLAGS, ifr) == -1) { + perror("ioctl SIOCGIFFLAGS"); + return -1; + } + ifr->ifr_flags = ifr->ifr_flags | IFF_UP; + return ioctl(ctl, SIOCSIFFLAGS, ifr); +} + +/* no need to wait for DAD in our namespace */ +static int disable_dad(char *ifname) +{ + char sysvar[] = "/proc/sys/net/ipv6/conf/%s/accept_dad"; + char fname[IFNAMSIZ + sizeof(sysvar)]; + int fd; + + snprintf(fname, sizeof(fname), sysvar, ifname); + fd = open(fname, O_WRONLY); + if (fd == -1) { + perror("open accept_dad"); + return -1; + } + if (write(fd, "0", 1) != 1) { + perror("write"); + return -1; + } + return close(fd); +} + +/* create TAP interface that will be deleted when this process exits */ +static int create_interface(int ctl, char *ifname, struct ifreq *ifr) +{ + int fd; + + fd = open("/dev/net/tun", O_RDWR); + if (fd == -1) { + perror("open tun"); + return -1; + } + + ifr->ifr_flags = IFF_TAP | IFF_NO_PI; + if (ioctl(fd, TUNSETIFF, (void *)ifr) == -1) { + close(fd); + perror("ioctl: TUNSETIFF"); + return -1; + } + strcpy(ifname, ifr->ifr_name); + + return fd; +} + +/* we need to set MTU, so do this in a namespace to play nicely */ +static int create_namespace(void) +{ + const char *netns_path = "/proc/self/ns/net"; + int fd; + + if (unshare(CLONE_NEWNET) != 0) { + perror("unshare"); + return -1; + } + + fd = open(netns_path, O_RDONLY); + if (fd == -1) { + perror("open"); + return -1; + } + + if (setns(fd, CLONE_NEWNET)) { + perror("setns"); + return -1; + } + + return 0; +} + +static int setup(void) +{ + struct ifreq ifr = {0}; + char ifname[IFNAMSIZ]; + int fd = -1; + int ctl; + + if (create_namespace() == -1) + return -1; + + ctl = socket(AF_LOCAL, SOCK_STREAM, 0); + if (ctl == -1) + return -1; + + memset(ifname, 0, sizeof(ifname)); + fd = create_interface(ctl, ifname, &ifr); + if (fd == -1) + goto err_close_ctl; + if (disable_dad(ifname) == -1) + goto err_close_fd; + if (interface_up(ctl, ifname, &ifr) == -1) + goto err_close_fd; + if (set_mtu(ctl, ifname, &ifr) == -1) + goto err_close_fd; + usleep(10000); /* give interface a moment to wake up */ + goto err_close_ctl; +err_close_fd: + close(fd); + fd = -1; +err_close_ctl: + close(ctl); + return fd; +} + +int main(void) +{ + /* address doesn't matter, use an IPv6 multicast address for simplicity */ + struct in6_addr addr = { + .s6_addr[0] = 0xff, /* multicast */ + .s6_addr[1] = 0x12, /* set flags (T, link-local) */ + }; + struct sockaddr_in6 sa = { + .sin6_family = AF_INET6, + .sin6_addr = addr, + .sin6_port = 4242 + }; + char buf[LARGER_THAN_MTU] = {0}; + struct iovec iov = { .iov_base = buf, .iov_len = sizeof(buf)}; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + .msg_name = (struct sockaddr *)&sa, + .msg_namelen = sizeof(sa), + }; + ssize_t rc; + int ns_fd; + int s; + + printf("Testing IPv6 fragmentation\n"); + ns_fd = setup(); + if (ns_fd == -1) + return 1; + s = socket(AF_INET6, SOCK_DGRAM, 0); + msg.msg_name = (struct sockaddr *)&sa; + msg.msg_namelen = sizeof(sa); + rc = sendmsg(s, &msg, 0); + if (rc == -1) { + perror("send"); + return 1; + } else if (rc != LARGER_THAN_MTU) { + fprintf(stderr, "send() returned %zi\n", rc); + return 1; + } + close(s); + close(ns_fd); + + return 0; +} -- 2.49.1

1 week, 6 days

3
5
0 0

[PATCH] kselftest/arm64: Don't open code SVE_PT_SIZE() in fp-ptrace

by Mark Brown

In fp-trace when allocating a buffer to write SVE register data we open code the addition of the header size to the VL depeendent register data size, which lead to an underallocation bug when we cut'n'pasted the code for FPSIMD format writes. Use the SVE_PT_SIZE() macro that the kernel UAPI provides for this. Fixes: b84d2b27954f ("kselftest/arm64: Test FPSIMD format data writes via NT_ARM_SVE in fp-ptrace") Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/arm64/fp/fp-ptrace.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fp-ptrace.c b/tools/testing/selftests/arm64/fp/fp-ptrace.c index 124bc883365e..cdd7a45c045d 100644 --- a/tools/testing/selftests/arm64/fp/fp-ptrace.c +++ b/tools/testing/selftests/arm64/fp/fp-ptrace.c @@ -1187,7 +1187,7 @@ static void sve_write_sve(pid_t child, struct test_config *config) if (!vl) return; - iov.iov_len = SVE_PT_SVE_OFFSET + SVE_PT_SVE_SIZE(vq, SVE_PT_REGS_SVE); + iov.iov_len = SVE_PT_SIZE(vq, SVE_PT_REGS_SVE); iov.iov_base = malloc(iov.iov_len); if (!iov.iov_base) { ksft_print_msg("Failed allocating %lu byte SVE write buffer\n", @@ -1234,8 +1234,7 @@ static void sve_write_fpsimd(pid_t child, struct test_config *config) if (!vl) return; - iov.iov_len = SVE_PT_SVE_OFFSET + SVE_PT_SVE_SIZE(vq, - SVE_PT_REGS_FPSIMD); + iov.iov_len = SVE_PT_SIZE(vq, SVE_PT_REGS_FPSIMD); iov.iov_base = malloc(iov.iov_len); if (!iov.iov_base) { ksft_print_msg("Failed allocating %lu byte SVE write buffer\n", --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250808-arm64-fp-trace-macro-02ede083da51 Best regards, -- Mark Brown <broonie(a)kernel.org>

2 weeks

2
1
0 0

[PATCH v4 00/23] ARM64 PMU Partitioning

by Colton Lewis

This series creates a new PMU scheme on ARM, a partitioned PMU that allows reserving a subset of counters for more direct guest access, significantly reducing overhead. More details, including performance benchmarks, can be read in the v1 cover letter linked below. v4: * Apply Mark Brown's non-UNDEF FGT control commit to the PMU FGT controls and calculate those controls with the others in kvm_calculate_traps() * Introduce lazy context swaps for guests that only turns on for guests that have enabled partitioning and accessed PMU registers. * Rename pmu-part.c to pmu-direct.c because future features might achieve direct PMU access without partitioning. * Better explain certain commits, such as why the untrapped registers are safe to untrap. * Reduce the PMU include cleanup down to only what is still necessary and explain why. v3: https://lore.kernel.org/kvm/20250626200459.1153955-1-coltonlewis@google.com/ v2: https://lore.kernel.org/kvm/20250620221326.1261128-1-coltonlewis@google.com/ v1: https://lore.kernel.org/kvm/20250602192702.2125115-1-coltonlewis@google.com/ Colton Lewis (21): arm64: cpufeature: Add cpucap for HPMN0 KVM: arm64: Reorganize PMU functions perf: arm_pmuv3: Introduce method to partition the PMU perf: arm_pmuv3: Generalize counter bitmasks perf: arm_pmuv3: Keep out of guest counter partition KVM: arm64: Account for partitioning in kvm_pmu_get_max_counters() KVM: arm64: Set up FGT for Partitioned PMU KVM: arm64: Writethrough trapped PMEVTYPER register KVM: arm64: Use physical PMSELR for PMXEVTYPER if partitioned KVM: arm64: Writethrough trapped PMOVS register KVM: arm64: Write fast path PMU register handlers KVM: arm64: Setup MDCR_EL2 to handle a partitioned PMU KVM: arm64: Account for partitioning in PMCR_EL0 access KVM: arm64: Context swap Partitioned PMU guest registers KVM: arm64: Enforce PMU event filter at vcpu_load() KVM: arm64: Extract enum debug_owner to enum vcpu_register_owner KVM: arm64: Implement lazy PMU context swaps perf: arm_pmuv3: Handle IRQs for Partitioned PMU guest counters KVM: arm64: Inject recorded guest interrupts KVM: arm64: Add ioctl to partition the PMU when supported KVM: arm64: selftests: Add test case for partitioned PMU Marc Zyngier (1): KVM: arm64: Reorganize PMU includes Mark Brown (1): KVM: arm64: Introduce non-UNDEF FGT control Documentation/virt/kvm/api.rst | 21 + arch/arm/include/asm/arm_pmuv3.h | 38 + arch/arm64/include/asm/arm_pmuv3.h | 61 +- arch/arm64/include/asm/kvm_host.h | 34 +- arch/arm64/include/asm/kvm_pmu.h | 123 +++ arch/arm64/include/asm/kvm_types.h | 7 +- arch/arm64/kernel/cpufeature.c | 8 + arch/arm64/kvm/Makefile | 2 +- arch/arm64/kvm/arm.c | 22 + arch/arm64/kvm/debug.c | 33 +- arch/arm64/kvm/hyp/include/hyp/debug-sr.h | 6 +- arch/arm64/kvm/hyp/include/hyp/switch.h | 181 ++++- arch/arm64/kvm/pmu-direct.c | 395 ++++++++++ arch/arm64/kvm/pmu-emul.c | 674 +--------------- arch/arm64/kvm/pmu.c | 725 ++++++++++++++++++ arch/arm64/kvm/sys_regs.c | 137 +++- arch/arm64/tools/cpucaps | 1 + arch/arm64/tools/sysreg | 6 +- drivers/perf/arm_pmuv3.c | 128 +++- include/linux/perf/arm_pmu.h | 1 + include/linux/perf/arm_pmuv3.h | 14 +- include/uapi/linux/kvm.h | 4 + tools/include/uapi/linux/kvm.h | 2 + .../selftests/kvm/arm64/vpmu_counter_access.c | 62 +- 24 files changed, 1910 insertions(+), 775 deletions(-) create mode 100644 arch/arm64/kvm/pmu-direct.c base-commit: 79150772457f4d45e38b842d786240c36bb1f97f -- 2.50.0.727.gbf7dc18ff4-goog

2 weeks, 1 day

3
30
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror