- Linux-kselftest-mirror - lists.linaro.org

[PATCH v1] selftests/landlock: Fix out-of-tree builds

by Mickaël Salaün

These changes simplify the Makefile and handle these 5 ways to build Landlock tests: - make -C tools/testing/selftests/landlock - make -C tools/testing/selftests TARGETS=landlock gen_tar - make TARGETS=landlock kselftest-gen_tar - make TARGETS=landlock O=build kselftest-gen_tar - make -C /tmp/linux TARGETS=landlock O=/tmp/build kselftest-gen_tar This also makes $(KHDR_INCLUDES) available to other test collections when building in their directory. Fixes: f1227dc7d041 ("selftests/landlock: fix broken include of linux/landlock.h") Fixes: 3bb267a36185 ("selftests: drop khdr make target") Cc: Anders Roxell <anders.roxell(a)linaro.org> Cc: Guillaume Tucker <guillaume.tucker(a)collabora.com> Cc: Mark Brown <broonie(a)kernel.org> Cc: Shuah Khan <skhan(a)linuxfoundation.org> Signed-off-by: Mickaël Salaün <mic(a)digikod.net> Link: https://lore.kernel.org/r/20220909103402.1501802-1-mic@digikod.net --- tools/testing/selftests/landlock/Makefile | 19 ++++++++++--------- tools/testing/selftests/lib.mk | 4 ++++ 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/landlock/Makefile b/tools/testing/selftests/landlock/Makefile index 02868ac3bc71..6632bfff486b 100644 --- a/tools/testing/selftests/landlock/Makefile +++ b/tools/testing/selftests/landlock/Makefile @@ -1,6 +1,11 @@ # SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install CFLAGS += -Wall -O2 $(KHDR_INCLUDES) +LDLIBS += -lcap + +LOCAL_HDRS += common.h src_test := $(wildcard *_test.c) @@ -8,14 +13,10 @@ TEST_GEN_PROGS := $(src_test:.c=) TEST_GEN_PROGS_EXTENDED := true -OVERRIDE_TARGETS := 1 -top_srcdir := ../../../.. -include ../lib.mk - -khdr_dir = $(top_srcdir)/usr/include +# Static linking for short targets: +$(TEST_GEN_PROGS_EXTENDED): LDFLAGS += -static -$(OUTPUT)/true: true.c - $(LINK.c) $< $(LDLIBS) -o $@ -static +include ../lib.mk -$(OUTPUT)/%_test: %_test.c $(khdr_dir)/linux/landlock.h ../kselftest_harness.h common.h - $(LINK.c) $< $(LDLIBS) -o $@ -lcap -I$(khdr_dir) +# Static linking for targets with $(OUTPUT)/ prefix: +$(TEST_GEN_PROGS_EXTENDED): LDFLAGS += -static diff --git a/tools/testing/selftests/lib.mk b/tools/testing/selftests/lib.mk index d44c72b3abe3..9d4cb94cf437 100644 --- a/tools/testing/selftests/lib.mk +++ b/tools/testing/selftests/lib.mk @@ -42,6 +42,10 @@ endif selfdir = $(realpath $(dir $(filter %/lib.mk,$(MAKEFILE_LIST)))) top_srcdir = $(selfdir)/../../.. +ifeq ($(KHDR_INCLUDES),) +KHDR_INCLUDES := -isystem $(top_srcdir)/usr/include +endif + # The following are built by lib.mk common compile rules. # TEST_CUSTOM_PROGS should be used by tests that require # custom build rule and prevent common build rule use. base-commit: 7e18e42e4b280c85b76967a9106a13ca61c16179 -- 2.37.2

2 years, 7 months

2
4
0 0

[PATCH net-next] selftests/bonding: re-add lladdr target test

by Matthieu Baerts

It looks like this test has been accidentally dropped when resolving conflicts in this Makefile. Most probably because there were 3 different patches modifying this file in parallel: commit 152e8ec77640 ("selftests/bonding: add a test for bonding lladdr target") commit bbb774d921e2 ("net: Add tests for bonding and team address list management") commit 2ffd57327ff1 ("selftests: bonding: cause oops in bond_rr_gen_slave_id") The first one was applied in 'net-next' while the two other ones were recently applied in the 'net' tree. But that's alright, easy to fix by re-adding the missing one! Fixes: 0140a7168f8b ("Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net") Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net> --- tools/testing/selftests/drivers/net/bonding/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/drivers/net/bonding/Makefile b/tools/testing/selftests/drivers/net/bonding/Makefile index d14846fcf3d1..e9dab5f9d773 100644 --- a/tools/testing/selftests/drivers/net/bonding/Makefile +++ b/tools/testing/selftests/drivers/net/bonding/Makefile @@ -4,6 +4,7 @@ TEST_PROGS := \ bond-arp-interval-causes-panic.sh \ bond-break-lacpdu-tx.sh \ + bond-lladdr-target.sh \ dev_addr_lists.sh TEST_FILES := lag_lib.sh base-commit: d05d9eb79d0cd0f7a978621b4a56a1f2db444f86 -- 2.37.2

2 years, 7 months

4
3
0 0

[PATCH] selftests/livepatch: normalize sysctl error message

by Joe Lawrence

The livepatch kselftests rely on comparing expected and actual output from such commands as sysctl. A recent commit in procps-ng v4.0.0 [1] changed sysctl's output to emit key pathnames like: sysctl: setting key "/proc/sys/kernel/ftrace_enabled": Device or resource busy versus previous dotted output: sysctl: setting key "kernel.ftrace_enabled": Device or resource busy The modification in output was later reverted [2], but since the change has been tagged in procps-ng v4.0.0, update the livepatch kselftest to handle either case. [1] https://gitlab.com/procps-ng/procps/-/commit/6389deca5bf667f5fab5912acde78b… [2] https://gitlab.com/procps-ng/procps/-/commit/b159c198c9160a8eb13254e2b631d0… Reported-by: Dennis(Zhuoheng) Li <denli(a)redhat.com> Signed-off-by: Joe Lawrence <joe.lawrence(a)redhat.com> --- tools/testing/selftests/livepatch/functions.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/livepatch/functions.sh b/tools/testing/selftests/livepatch/functions.sh index 9230b869371d..d5001c9eb72e 100644 --- a/tools/testing/selftests/livepatch/functions.sh +++ b/tools/testing/selftests/livepatch/functions.sh @@ -86,7 +86,7 @@ function set_ftrace_enabled() { if [[ "$result" != "$1" ]] ; then if [[ $can_fail -eq 1 ]] ; then - echo "livepatch: $err" > /dev/kmsg + echo "livepatch: $err" | sed 's#/proc/sys/kernel/#kernel.#' > /dev/kmsg return fi -- 2.26.3

2 years, 7 months

3
2
0 0

Zwiększenie płynności finansowej

by Jakub Olejniczak

Dzień dobry, kontaktuję się z Państwem, ponieważ chciałbym zaproponować wygodne rozwiązanie, które umożliwi Państwa firmie stabilny rozwój. Konkurencyjne otoczenie wymaga ciągłego ulepszania i poszerzenia oferty, co z kolei wiąże się z koniecznością inwestowania. Brak odpowiedniego kapitału poważnie ogranicza tempo rozwoju firmy. Od wielu lat z powodzeniem pomagam firmom w uzyskaniu najlepszej formy finansowania z banku oraz UE. Mam stałych Klientów, którzy nadal chętnie korzystają z moich usług, a także polecają je innym. Czy chcieliby Państwo skorzystać z pomocy wykwalifikowanego i doświadczonego doradcy finansowego? Pozdrawiam Jakub Olejniczak

2 years, 7 months

1
0
0 0

[net-next] selftests: Fix the if conditions of in test_extra_filter()

by Wang Yufen

The socket 2 bind the addr in use, bind should fail with EADDRINUSE. So if bind success or errno != EADDRINUSE, testcase should be failed. Signed-off-by: Wang Yufen <wangyufen(a)huawei.com> --- tools/testing/selftests/net/reuseport_bpf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/reuseport_bpf.c b/tools/testing/selftests/net/reuseport_bpf.c index 072d709c..65aea27 100644 --- a/tools/testing/selftests/net/reuseport_bpf.c +++ b/tools/testing/selftests/net/reuseport_bpf.c @@ -328,7 +328,7 @@ static void test_extra_filter(const struct test_params p) if (bind(fd1, addr, sockaddr_size())) error(1, errno, "failed to bind recv socket 1"); - if (!bind(fd2, addr, sockaddr_size()) && errno != EADDRINUSE) + if (!bind(fd2, addr, sockaddr_size()) || errno != EADDRINUSE) error(1, errno, "bind socket 2 should fail with EADDRINUSE"); free(addr); -- 1.8.3.1

2 years, 7 months

3
2
0 0

[PATCH linux-next] KVM: selftests: remove redundant variable tsc_val

by cgel.zte＠gmail.com

From: Jinpeng Cui <cui.jinpeng2(a)zte.com.cn> Return value directly from expression instead of getting value from redundant variable tsc_val. Reported-by: Zeal Robot <zealci(a)zte.com.cn> Signed-off-by: Jinpeng Cui <cui.jinpeng2(a)zte.com.cn> --- tools/testing/selftests/kvm/include/x86_64/processor.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/processor.h b/tools/testing/selftests/kvm/include/x86_64/processor.h index 0cbc71b7af50..75920678f34d 100644 --- a/tools/testing/selftests/kvm/include/x86_64/processor.h +++ b/tools/testing/selftests/kvm/include/x86_64/processor.h @@ -237,7 +237,6 @@ static inline uint64_t get_desc64_base(const struct desc64 *desc) static inline uint64_t rdtsc(void) { uint32_t eax, edx; - uint64_t tsc_val; /* * The lfence is to wait (on Intel CPUs) until all previous * instructions have been executed. If software requires RDTSC to be @@ -245,8 +244,8 @@ static inline uint64_t rdtsc(void) * execute LFENCE immediately after RDTSC */ __asm__ __volatile__("lfence; rdtsc; lfence" : "=a"(eax), "=d"(edx)); - tsc_val = ((uint64_t)edx) << 32 | eax; - return tsc_val; + + return ((uint64_t)edx) << 32 | eax; } static inline uint64_t rdtscp(uint32_t *aux) -- 2.25.1

2 years, 7 months

5
5
0 0

[PATCH net-next,v3 00/18] refactor duplicate codes in the qdisc class walk function

by Zhengchao Shao

The walk implementation of most qdisc class modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Last, thanks to Victor and Toke for their review. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -c cake ok 1 1212 - Create CAKE with default setting ok 2 3281 - Create CAKE with bandwidth limit ok 3 c940 - Create CAKE with autorate-ingress flag ok 4 2310 - Create CAKE with rtt time ok 5 2385 - Create CAKE with besteffort flag ok 6 a032 - Create CAKE with diffserv8 flag ok 7 2349 - Create CAKE with diffserv4 flag ok 8 8472 - Create CAKE with flowblind flag ok 9 2341 - Create CAKE with dsthost and nat flag ok 10 5134 - Create CAKE with wash flag ok 11 2302 - Create CAKE with flowblind and no-split-gso flag ok 12 0768 - Create CAKE with dual-srchost and ack-filter flag ok 13 0238 - Create CAKE with dual-dsthost and ack-filter-aggressive flag ok 14 6572 - Create CAKE with memlimit and ptm flag ok 15 2436 - Create CAKE with fwmark and atm flag ok 16 3984 - Create CAKE with overhead and mpu ok 17 5421 - Create CAKE with conservative and ingress flag ok 18 6854 - Delete CAKE with conservative and ingress flag ok 19 2342 - Replace CAKE with mpu ok 20 2313 - Change CAKE with mpu ok 21 4365 - Show CAKE class ./tdc.py -c cbq ok 1 3460 - Create CBQ with default setting ok 2 0592 - Create CBQ with mpu ok 3 4684 - Create CBQ with valid cell num ok 4 4345 - Create CBQ with invalid cell num ok 5 4525 - Create CBQ with valid ewma ok 6 6784 - Create CBQ with invalid ewma ok 7 5468 - Delete CBQ with handle ok 8 492a - Show CBQ class ./tdc.py -c cbs ok 1 1820 - Create CBS with default setting ok 2 1532 - Create CBS with hicredit setting ok 3 2078 - Create CBS with locredit setting ok 4 9271 - Create CBS with sendslope setting ok 5 0482 - Create CBS with idleslope setting ok 6 e8f3 - Create CBS with multiple setting ok 7 23c9 - Replace CBS with sendslope setting ok 8 a07a - Change CBS with idleslope setting ok 9 43b3 - Delete CBS with handle ok 10 9472 - Show CBS class ./tdc.py -c drr ok 1 0385 - Create DRR with default setting ok 2 2375 - Delete DRR with handle ok 3 3092 - Show DRR class ./tdc.py -c dsmark ok 1 6345 - Create DSMARK with default setting ok 2 3462 - Create DSMARK with default_index setting ok 3 ca95 - Create DSMARK with set_tc_index flag ok 4 a950 - Create DSMARK with multiple setting ok 5 4092 - Delete DSMARK with handle ok 6 5930 - Show DSMARK class ./tdc.py -c fq_codel ok 1 4957 - Create FQ_CODEL with default setting ok 2 7621 - Create FQ_CODEL with limit setting ok 3 6871 - Create FQ_CODEL with memory_limit setting ok 4 5636 - Create FQ_CODEL with target setting ok 5 630a - Create FQ_CODEL with interval setting ok 6 4324 - Create FQ_CODEL with quantum setting ok 7 b190 - Create FQ_CODEL with noecn flag ok 8 5381 - Create FQ_CODEL with ce_threshold setting ok 9 c9d2 - Create FQ_CODEL with drop_batch setting ok 10 523b - Create FQ_CODEL with multiple setting ok 11 9283 - Replace FQ_CODEL with noecn setting ok 12 3459 - Change FQ_CODEL with limit setting ok 13 0128 - Delete FQ_CODEL with handle ok 14 0435 - Show FQ_CODEL class ./tdc.py -c hfsc ok 1 3254 - Create HFSC with default setting ok 2 0289 - Create HFSC with class sc and ul rate setting ok 3 846a - Create HFSC with class sc umax and dmax setting ok 4 5413 - Create HFSC with class rt and ls rate setting ok 5 9312 - Create HFSC with class rt umax and dmax setting ok 6 6931 - Delete HFSC with handle ok 7 8436 - Show HFSC class ./tdc.py -c htb ok 1 0904 - Create HTB with default setting ok 2 3906 - Create HTB with default-N setting ok 3 8492 - Create HTB with r2q setting ok 4 9502 - Create HTB with direct_qlen setting ok 5 b924 - Create HTB with class rate and burst setting ok 6 4359 - Create HTB with class mpu setting ok 7 9048 - Create HTB with class prio setting ok 8 4994 - Create HTB with class ceil setting ok 9 9523 - Create HTB with class cburst setting ok 10 5353 - Create HTB with class mtu setting ok 11 346a - Create HTB with class quantum setting ok 12 303a - Delete HTB with handle ./tdc.py -c mqprio ok 1 9903 - Add mqprio Qdisc to multi-queue device (8 queues) ok 2 453a - Delete nonexistent mqprio Qdisc ok 3 5292 - Delete mqprio Qdisc twice ok 4 45a9 - Add mqprio Qdisc to single-queue device ok 5 2ba9 - Show mqprio class ./tdc.py -c multiq ok 1 20ba - Add multiq Qdisc to multi-queue device (8 queues) ok 2 4301 - List multiq Class ok 3 7832 - Delete nonexistent multiq Qdisc ok 4 2891 - Delete multiq Qdisc twice ok 5 1329 - Add multiq Qdisc to single-queue device ./tdc.py -c netem ok 1 cb28 - Create NETEM with default setting ok 2 a089 - Create NETEM with limit flag ok 3 3449 - Create NETEM with delay time ok 4 3782 - Create NETEM with distribution and corrupt flag ok 5 2b82 - Create NETEM with distribution and duplicate flag ok 6 a932 - Create NETEM with distribution and loss flag ok 7 e01a - Create NETEM with distribution and loss state flag ok 8 ba29 - Create NETEM with loss gemodel flag ok 9 0492 - Create NETEM with reorder flag ok 10 7862 - Create NETEM with rate limit ok 11 7235 - Create NETEM with multiple slot rate ok 12 5439 - Create NETEM with multiple slot setting ok 13 5029 - Change NETEM with loss state ok 14 3785 - Replace NETEM with delay time ok 15 4502 - Delete NETEM with handle ok 16 0785 - Show NETEM class ./tdc.py -c qfq ok 1 0582 - Create QFQ with default setting ok 2 c9a3 - Create QFQ with class weight setting ok 3 8452 - Create QFQ with class maxpkt setting ok 4 d920 - Create QFQ with multiple class setting ok 5 0548 - Delete QFQ with handle ok 6 5901 - Show QFQ class ./tdc.py -e 0521 ok 1 0521 - Show ingress class ./tdc.py -e 1023 ok 1 1023 - Show mq class ./tdc.py -e 2410 ok 1 2410 - Show prio class ./tdc.py -e 290a ok 1 290a - Show RED class --- v3: adjust the order of input parameters, and modify subject prefix of tc-testing v2: change the ID of test case --- Zhengchao Shao (18): net/sched: sch_api: add helper for tc qdisc walker stats dump net/sched: use tc_qdisc_stats_dump() in qdisc selftests/tc-testing: add selftests for cake qdisc selftests/tc-testing: add selftests for cbq qdisc selftests/tc-testing: add selftests for cbs qdisc selftests/tc-testing: add selftests for drr qdisc selftests/tc-testing: add selftests for dsmark qdisc selftests/tc-testing: add selftests for fq_codel qdisc selftests/tc-testing: add selftests for hfsc qdisc selftests/tc-testing: add selftests for htb qdisc selftests/tc-testing: add selftests for mqprio qdisc selftests/tc-testing: add selftests for multiq qdisc selftests/tc-testing: add selftests for netem qdisc selftests/tc-testing: add selftests for qfq qdisc selftests/tc-testing: add show class case for ingress qdisc selftests/tc-testing: add show class case for mq qdisc selftests/tc-testing: add show class case for prio qdisc selftests/tc-testing: add show class case for red qdisc include/net/pkt_sched.h | 13 + net/sched/sch_atm.c | 6 +- net/sched/sch_cake.c | 9 +- net/sched/sch_cbq.c | 9 +- net/sched/sch_cbs.c | 8 +- net/sched/sch_drr.c | 9 +- net/sched/sch_dsmark.c | 14 +- net/sched/sch_ets.c | 9 +- net/sched/sch_fq_codel.c | 8 +- net/sched/sch_hfsc.c | 9 +- net/sched/sch_htb.c | 9 +- net/sched/sch_mq.c | 5 +- net/sched/sch_mqprio.c | 5 +- net/sched/sch_multiq.c | 9 +- net/sched/sch_netem.c | 8 +- net/sched/sch_prio.c | 9 +- net/sched/sch_qfq.c | 9 +- net/sched/sch_red.c | 7 +- net/sched/sch_sfb.c | 7 +- net/sched/sch_sfq.c | 8 +- net/sched/sch_skbprio.c | 9 +- net/sched/sch_taprio.c | 5 +- net/sched/sch_tbf.c | 7 +- .../tc-testing/tc-tests/qdiscs/cake.json | 487 ++++++++++++++++++ .../tc-testing/tc-tests/qdiscs/cbq.json | 184 +++++++ .../tc-testing/tc-tests/qdiscs/cbs.json | 234 +++++++++ .../tc-testing/tc-tests/qdiscs/drr.json | 71 +++ .../tc-testing/tc-tests/qdiscs/dsmark.json | 140 +++++ .../tc-testing/tc-tests/qdiscs/fq_codel.json | 326 ++++++++++++ .../tc-testing/tc-tests/qdiscs/hfsc.json | 167 ++++++ .../tc-testing/tc-tests/qdiscs/htb.json | 285 ++++++++++ .../tc-testing/tc-tests/qdiscs/ingress.json | 20 + .../tc-testing/tc-tests/qdiscs/mq.json | 24 +- .../tc-testing/tc-tests/qdiscs/mqprio.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/multiq.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/netem.json | 372 +++++++++++++ .../tc-testing/tc-tests/qdiscs/prio.json | 20 + .../tc-testing/tc-tests/qdiscs/qfq.json | 145 ++++++ .../tc-testing/tc-tests/qdiscs/red.json | 23 + 39 files changed, 2769 insertions(+), 148 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json -- 2.17.1

2 years, 7 months

2
1
0 0

[PATCH -next, v3 00/10] cleanup in Huawei hinic driver

by Zhengchao Shao

Do code cleanup in Huawei hinic driver. Zhengchao Shao (10): net: hinic: modify kernel doc comments net: hinic: change type of function to be static net: hinic: remove unused functions net: hinic: remove unused macro net: hinic: remove duplicate macro definition net: hinic: simplify code logic net: hinic: change hinic_deinit_vf_hw() to void net: hinic: remove unused enumerated value net: hinic: replace magic numbers with macro net: hinic: remove the unused input parameter prod_idx in sq_prepare_ctrl() .../net/ethernet/huawei/hinic/hinic_debugfs.h | 1 - .../net/ethernet/huawei/hinic/hinic_ethtool.c | 1 - .../net/ethernet/huawei/hinic/hinic_hw_cmdq.c | 9 ++--- .../net/ethernet/huawei/hinic/hinic_hw_cmdq.h | 3 -- .../net/ethernet/huawei/hinic/hinic_hw_csr.h | 1 - .../net/ethernet/huawei/hinic/hinic_hw_dev.c | 17 ++------- .../net/ethernet/huawei/hinic/hinic_hw_dev.h | 5 --- .../net/ethernet/huawei/hinic/hinic_hw_if.c | 35 ------------------- .../net/ethernet/huawei/hinic/hinic_hw_if.h | 9 ----- .../net/ethernet/huawei/hinic/hinic_hw_mbox.c | 9 ++--- .../net/ethernet/huawei/hinic/hinic_hw_mbox.h | 4 --- .../net/ethernet/huawei/hinic/hinic_hw_qp.c | 11 +++--- .../net/ethernet/huawei/hinic/hinic_hw_qp.h | 5 ++- .../net/ethernet/huawei/hinic/hinic_hw_wq.c | 2 -- .../net/ethernet/huawei/hinic/hinic_hw_wqe.h | 25 ------------- .../net/ethernet/huawei/hinic/hinic_main.c | 4 --- drivers/net/ethernet/huawei/hinic/hinic_rx.c | 2 +- drivers/net/ethernet/huawei/hinic/hinic_rx.h | 2 -- .../net/ethernet/huawei/hinic/hinic_sriov.c | 15 ++++---- .../net/ethernet/huawei/hinic/hinic_sriov.h | 2 -- drivers/net/ethernet/huawei/hinic/hinic_tx.c | 6 ++-- drivers/net/ethernet/huawei/hinic/hinic_tx.h | 2 -- 22 files changed, 23 insertions(+), 147 deletions(-) -- 2.17.1

2 years, 7 months

2
11
0 0

[PATCH] kselftest/arm64: Fix typo in hwcap check

by Mark Brown

We use a local variable hwcap to refer to the element of the hwcaps array which we are currently checking. When checking for the relevant hwcap bit being set in testing we were dereferencing hwcaps rather than hwcap in fetching the AT_HWCAP to use, which is perfectly valid C but means we were always checking the bit was set in the hwcap for whichever feature is first in the array. Remove the stray s. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/arm64/abi/hwcap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/arm64/abi/hwcap.c b/tools/testing/selftests/arm64/abi/hwcap.c index 322d9b92bbe3..75eb470eb432 100644 --- a/tools/testing/selftests/arm64/abi/hwcap.c +++ b/tools/testing/selftests/arm64/abi/hwcap.c @@ -307,7 +307,7 @@ int main(void) for (i = 0; i < ARRAY_SIZE(hwcaps); i++) { hwcap = &hwcaps[i]; - have_hwcap = getauxval(hwcaps->at_hwcap) & hwcap->hwcap_bit; + have_hwcap = getauxval(hwcap->at_hwcap) & hwcap->hwcap_bit; have_cpuinfo = cpuinfo_present(hwcap->cpuinfo); if (have_hwcap) -- 2.30.2

2 years, 7 months

2
1
0 0

[PATCH v2 2/4] selftests/x86/mxcsr: Test the MXCSR state write via ptrace

by Chang S. Bae

The ptrace buffer is in the non-compacted format. The MXCSR state should be written to the target thread when either SSE or AVX component is enabled. Write an MXCSR value to the target and read back. Then it is validated with the XRSTOR/XSAVE result on the current. Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Cc: x86(a)kernel.org Cc: linux-kernel(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org --- If this is acceptable, I will also follow up to move some of the helper functions to a .h file from this and other test cases because duplicating what is shareable should be avoided. --- tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mxcsr.c | 200 +++++++++++++++++++++++++++ 2 files changed, 201 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/x86/mxcsr.c diff --git a/tools/testing/selftests/x86/Makefile b/tools/testing/selftests/x86/Makefile index 0388c4d60af0..621c47960be3 100644 --- a/tools/testing/selftests/x86/Makefile +++ b/tools/testing/selftests/x86/Makefile @@ -13,7 +13,7 @@ CAN_BUILD_WITH_NOPIE := $(shell ./check_cc.sh "$(CC)" trivial_program.c -no-pie) TARGETS_C_BOTHBITS := single_step_syscall sysret_ss_attrs syscall_nt test_mremap_vdso \ check_initial_reg_state sigreturn iopl ioperm \ test_vsyscall mov_ss_trap \ - syscall_arg_fault fsgsbase_restore sigaltstack + syscall_arg_fault fsgsbase_restore sigaltstack mxcsr TARGETS_C_32BIT_ONLY := entry_from_vm86 test_syscall_vdso unwind_vdso \ test_FCMOV test_FCOMI test_FISTTP \ vdso_restorer diff --git a/tools/testing/selftests/x86/mxcsr.c b/tools/testing/selftests/x86/mxcsr.c new file mode 100644 index 000000000000..7c318c48b4be --- /dev/null +++ b/tools/testing/selftests/x86/mxcsr.c @@ -0,0 +1,200 @@ +// SPDX-License-Identifier: GPL-2.0 + +#define _GNU_SOURCE +#include <err.h> +#include <elf.h> +#include <stdbool.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <x86intrin.h> + +#include <sys/ptrace.h> +#include <sys/syscall.h> +#include <sys/wait.h> +#include <sys/uio.h> + +#include "../kselftest.h" /* For __cpuid_count() */ + +#define LEGACY_STATE_SIZE 24 +#define MXCSR_SIZE 8 +#define STSTATE_SIZE 8*16 +#define XMM_SIZE 16*16 +#define PADDING_SIZE 96 +#define XSAVE_HDR_SIZE 64 + +struct xsave_buffer { + uint8_t legacy_state[LEGACY_STATE_SIZE]; + uint8_t mxcsr[MXCSR_SIZE]; + uint8_t st_state[STSTATE_SIZE]; + uint8_t xmm_state[XMM_SIZE]; + uint8_t padding[PADDING_SIZE]; + uint8_t header[XSAVE_HDR_SIZE]; + uint8_t extended[0]; +}; + +#ifdef __x86_64__ +#define REX_PREFIX "0x48, " +#else +#define REX_PREFIX +#endif + +#define XSAVE ".byte " REX_PREFIX "0x0f,0xae,0x27" +#define XRSTOR ".byte " REX_PREFIX "0x0f,0xae,0x2f" + +static inline uint64_t xgetbv(uint32_t index) +{ + uint32_t eax, edx; + + asm volatile("xgetbv" + : "=a" (eax), "=d" (edx) + : "c" (index)); + return eax + ((uint64_t)edx << 32); +} + +static inline void xsave(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XSAVE :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi) : "memory"); +} + +static inline void xrstor(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XRSTOR :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi)); +} + +static inline void clear_xstate_header(struct xsave_buffer *xbuf) +{ + memset(&xbuf->header, 0, sizeof(xbuf->header)); +} + +static inline uint32_t get_mxcsr(struct xsave_buffer *xbuf) +{ + return *((uint32_t *)xbuf->mxcsr); +} + +static inline void set_mxcsr(struct xsave_buffer *xbuf, uint32_t val) +{ + *((uint32_t *)xbuf->mxcsr) = val; +} + +#define XFEATURE_MASK_SSE 0x2 +#define XFEATURE_MASK_YMM 0x4 + +#define CPUID_LEAF1_ECX_XSAVE_MASK (1 << 26) +#define CPUID_LEAF1_ECX_OSXSAVE_MASK (1 << 27) +#define CPUID_LEAF_XSTATE 0xd +#define CPUID_SUBLEAF_XSTATE_USER 0x0 +#define CPUID_SUBLEAF_XSTATE_EXT 0x1 + +static bool xsave_availability(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(1, 0, eax, ebx, ecx, edx); + if (!(ecx & CPUID_LEAF1_ECX_XSAVE_MASK)) + return false; + if (!(ecx & CPUID_LEAF1_ECX_OSXSAVE_MASK)) + return false; + return true; +} + +static uint32_t get_xbuf_size(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(CPUID_LEAF_XSTATE, CPUID_SUBLEAF_XSTATE_USER, + eax, ebx, ecx, edx); + return ebx; +} + +static void ptrace_get(pid_t pid, struct iovec *iov) +{ + memset(iov->iov_base, 0, iov->iov_len); + + if (ptrace(PTRACE_GETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_GETREGSET"); +} + +static void ptrace_set(pid_t pid, struct iovec *iov) +{ + if (ptrace(PTRACE_SETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_SETREGSET"); +} + +int main(void) +{ + struct xsave_buffer *xbuf; + uint32_t xbuf_size; + struct iovec iov; + uint32_t mxcsr; + pid_t child; + int status; + + if (!xsave_availability()) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + xbuf_size = get_xbuf_size(); + if (!xbuf_size) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + if (!(xgetbv(0) & (XFEATURE_MASK_SSE | XFEATURE_MASK_YMM))) + printf("[SKIP]\tSkip as SSE state not available.\n"); + + xbuf = aligned_alloc(64, xbuf_size); + if (!xbuf) + err(1, "aligned_alloc()"); + + iov.iov_base = xbuf; + iov.iov_len = xbuf_size; + + child = fork(); + if (child < 0) { + err(1, "fork()"); + } else if (!child) { + if (ptrace(PTRACE_TRACEME, 0, NULL, NULL)) + err(1, "PTRACE_TRACEME"); + + raise(SIGTRAP); + _exit(0); + } + + wait(&status); + + if (WSTOPSIG(status) != SIGTRAP) + err(1, "raise(SIGTRAP)"); + + printf("[RUN]\tTest the MXCSR state write via ptrace().\n"); + + /* Set a benign value */ + set_mxcsr(xbuf, 0xabc); + /* The MXCSR state should be loaded regardless of XSTATE_BV */ + clear_xstate_header(xbuf); + + /* Write the MXCSR state both locally and remotely. */ + xrstor(xbuf, XFEATURE_MASK_SSE); + ptrace_set(child, &iov); + + /* Read the MXCSR state back for both */ + xsave(xbuf, XFEATURE_MASK_SSE); + mxcsr = get_mxcsr(xbuf); + ptrace_get(child, &iov); + + /* Cross-check with each other */ + if (mxcsr == get_mxcsr(xbuf)) + printf("[OK]\tThe written state was read back correctly.\n"); + else + printf("[FAIL]\tThe write (or read) was incorrect.\n"); + + ptrace(PTRACE_DETACH, child, NULL, NULL); + wait(&status); + if (!WIFEXITED(status) || WEXITSTATUS(status)) + err(1, "PTRACE_DETACH"); + + free(xbuf); +} -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH v4 0/4] arm64/sme: ptrace support for TPIDR2_EL0

by Mark Brown

When SME was initially merged we did not add support for TPIDR2_EL0 to the ptrace interface, creating difficulties for debuggers in accessing lazy save state for ZA. This series implements that support, extending the existing NT_ARM_TLS regset to support the register when available, and adds kselftest coverage for the existing and new NT_ARM_TLS functionality. Existing programs that query the size of the register set will be able to observe the increased size of the register set. Programs that assume the register set is single register will see no change. On systems that do not support SME TPIDR2_EL0 will read as 0 and writes will be ignored, support for SME should be queried via hwcaps as normal. v4: - Rebase onto v6.0-rc3. v3: - Fix copyright date on test program. v2: - Rebase onto v6.0-rc1. Mark Brown (4): kselftest/arm64: Add test coverage for NT_ARM_TLS arm64/ptrace: Document extension of NT_ARM_TLS to cover TPIDR2_EL0 arm64/ptrace: Support access to TPIDR2_EL0 kselftest/arm64: Add coverage of TPIDR2_EL0 ptrace interface Documentation/arm64/sme.rst | 3 + arch/arm64/kernel/ptrace.c | 25 +- tools/testing/selftests/arm64/abi/.gitignore | 1 + tools/testing/selftests/arm64/abi/Makefile | 2 +- tools/testing/selftests/arm64/abi/ptrace.c | 241 +++++++++++++++++++ 5 files changed, 266 insertions(+), 6 deletions(-) create mode 100644 tools/testing/selftests/arm64/abi/ptrace.c base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

2 years, 7 months

3
9
0 0

[PATCH linux-next] kunit: tool: use absolute path for wget

by cgel.zte＠gmail.com

From: Xu Panda <xu.panda(a)zte.com.cn> Not using absolute path when invoking wget can lead to serious security issues. Reported-by: Zeal Robot <zealci(a)zte.com.cn> Signed-off-by: Xu Panda <xu.panda(a)zte.com.cn> --- tools/testing/kunit/qemu_configs/riscv.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/kunit/qemu_configs/riscv.py b/tools/testing/kunit/qemu_configs/riscv.py index 6207be146d26..c3dcd654ca15 100644 --- a/tools/testing/kunit/qemu_configs/riscv.py +++ b/tools/testing/kunit/qemu_configs/riscv.py @@ -11,7 +11,7 @@ if not os.path.isfile(OPENSBI_FILE): 'Would you like me to download it for you from:\n' + GITHUB_OPENSBI_URL + ' ?\n') response = input('yes/[no]: ') if response.strip() == 'yes': - os.system('wget ' + GITHUB_OPENSBI_URL) + os.system('/usr/bin/wget ' + GITHUB_OPENSBI_URL) else: sys.exit() -- 2.15.2

2 years, 7 months

3
4
0 0

[PATCH 0/3] fix error when writing negative value to simple attribute files

by Akinobu Mita

The simple attribute files do not accept a negative value since the commit 488dac0c9237 ("libfs: fix error cast of negative value in simple_attr_write()"), but some attribute files want to accept a negative value. Akinobu Mita (3): libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value lib/notifier-error-inject: fix error when writing -errno to debugfs file debugfs: fix error when writing negative value to atomic_t debugfs file .../fault-injection/fault-injection.rst | 10 +++---- fs/debugfs/file.c | 28 +++++++++++++++---- fs/libfs.c | 22 +++++++++++++-- include/linux/debugfs.h | 19 +++++++++++-- include/linux/fs.h | 12 ++++++-- lib/notifier-error-inject.c | 2 +- 6 files changed, 73 insertions(+), 20 deletions(-) -- 2.34.1

2 years, 7 months

4
8
0 0

[PATCH v17 00/12] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 3 allows dynamic pointers to be used as kfunc parameters. Patch 4 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 5 makes available for new eBPF kfuncs and programs some key-related definitions. Patch 6 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 7 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 8 changes the testing kernel configuration to compile everything as built-in. Finally, patches 9-12 introduce the tests. Changelog v16: - Remove comments in include/linux/key.h for KEY_LOOKUP_* - Change kmalloc() flag from GFP_ATOMIC to GFP_KERNEL in bpf_lookup_user_key(), as the kfunc needs anyway to be sleepable (suggested by Kumar) - Test passing a dynamic pointer with NULL data to bpf_verify_pkcs7_signature() (suggested by Kumar) v15: - Add kfunc_dynptr_param test to deny list for s390x v14: - Explain that is_dynptr_type_expected() will be useful also for BTF (suggested by Joanne) - Rename KEY_LOOKUP_FLAGS_ALL to KEY_LOOKUP_ALL (suggested by Jarkko) - Swap declaration of spi and dynptr_type in is_dynptr_type_expected() (suggested by Joanne) - Reimplement kfunc dynptr tests with a regular eBPF program instead of executing them with test_verifier (suggested by Joanne) - Make key lookup flags as enum so that they are automatically exported through BTF (suggested by Alexei) v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (11): bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 6 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 3 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../bpf/prog_tests/kfunc_dynptr_param.c | 164 +++++++ .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../bpf/progs/test_kfunc_dynptr_param.c | 99 +++++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 24 files changed, 1479 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 7 months

6
24
0 0

[PATCH v18 00/13] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 exports the bpf_dynptr definition through BTF. Patch 3 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 4 allows dynamic pointers to be used as kfunc parameters. Patch 5 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 6 makes available for new eBPF kfuncs and programs some key-related definitions. Patch 7 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 8 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 9 changes the testing kernel configuration to compile everything as built-in. Finally, patches 10-13 introduce the tests. Changelog v17: - Remove unnecessary typedefs in test_verify_pkcs7_sig.c (suggested by KP) - Add patch to export bpf_dynptr through BTF (reported by KP) - Rename u{8,16,32,64} variables to __u{8,16,32,64} in the tests, for consistency with other eBPF programs (suggested by Yonghong) v16: - Remove comments in include/linux/key.h for KEY_LOOKUP_* - Change kmalloc() flag from GFP_ATOMIC to GFP_KERNEL in bpf_lookup_user_key(), as the kfunc needs anyway to be sleepable (suggested by Kumar) - Test passing a dynamic pointer with NULL data to bpf_verify_pkcs7_signature() (suggested by Kumar) v15: - Add kfunc_dynptr_param test to deny list for s390x v14: - Explain that is_dynptr_type_expected() will be useful also for BTF (suggested by Joanne) - Rename KEY_LOOKUP_FLAGS_ALL to KEY_LOOKUP_ALL (suggested by Jarkko) - Swap declaration of spi and dynptr_type in is_dynptr_type_expected() (suggested by Joanne) - Reimplement kfunc dynptr tests with a regular eBPF program instead of executing them with test_verifier (suggested by Joanne) - Make key lookup flags as enum so that they are automatically exported through BTF (suggested by Alexei) v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (12): btf: Export bpf_dynptr definition bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 6 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 4 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 3 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../bpf/prog_tests/kfunc_dynptr_param.c | 164 +++++++ .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../bpf/progs/test_kfunc_dynptr_param.c | 94 +++++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 90 ++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 24 files changed, 1466 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 7 months

3
15
0 0

[PATCH v2] selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle

by Stefan Berger

The following output can bee seen when the test is executed: test_flush_context (tpm2_tests.SpaceTest) ... \ /usr/lib64/python3.6/unittest/case.py:605: ResourceWarning: \ unclosed file <_io.FileIO name='/dev/tpmrm0' mode='rb+' closefd=True> An instance of Client does not implicitly close /dev/tpm* handle, once it gets destroyed. Close the file handle in the class destructor Client.__del__(). Fixes: 6ea3dfe1e0732 ("selftests: add TPM 2.0 tests") Cc: Shuah Khan <shuah(a)kernel.org> Cc: linux-kselftest(a)vger.kernel.org Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Stefan Berger <stefanb(a)linux.ibm.com> --- tools/testing/selftests/tpm2/tpm2.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/tpm2/tpm2.py b/tools/testing/selftests/tpm2/tpm2.py index 057a4f49c79d..c7363c6764fc 100644 --- a/tools/testing/selftests/tpm2/tpm2.py +++ b/tools/testing/selftests/tpm2/tpm2.py @@ -371,6 +371,10 @@ class Client: fcntl.fcntl(self.tpm, fcntl.F_SETFL, flags) self.tpm_poll = select.poll() + def __del__(self): + if self.tpm: + self.tpm.close() + def close(self): self.tpm.close() -- 2.36.1

2 years, 7 months

2
1
0 0

BUG: sleeping function called from invalid context at arch/arm64/mm/fault.c:593

by Naresh Kamboju

[Please ignore this email if it is already reported] Following kernel warning and BUG have been found while running kselftests gpio test case on arm64 Raspberry Pi 4 Model B device running 6.0.0-rc5. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> crash log: [ 53.796405] kselftest: Running tests in gpio TAP version 13 1..2 # selftests: gpio: gpio-mockup.sh # 1. Module load tests # 1.1. dynamic allocation of gpio [ 55.416786] [ 55.418311] ============================= [ 55.422371] WARNING: suspicious RCU usage [ 55.426431] 6.0.0-rc5 #1 Not tainted [ 55.430052] ----------------------------- [ 55.434112] kernel/sched/core.c:9854 Illegal context switch in RCU-bh read-side critical section! [ 55.443108] [ 55.443108] other info that might help us debug this: [ 55.443108] [ 55.451222] [ 55.451222] rcu_scheduler_active = 2, debug_locks = 1 [ 55.457839] 1 lock held by modprobe/563: [ 55.461812] #0: ffff00004cf450f8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x50/0x290 [ 55.471632] [ 55.471632] stack backtrace: [ 55.476046] CPU: 2 PID: 563 Comm: modprobe Not tainted 6.0.0-rc5 #1 [ 55.482401] Hardware name: Raspberry Pi 4 Model B (DT) [ 55.487607] Call trace: [ 55.490079] dump_backtrace+0xe4/0x130 [ 55.493879] show_stack+0x30/0x70 [ 55.497235] dump_stack_lvl+0x8c/0xb8 [ 55.500947] dump_stack+0x18/0x34 [ 55.504303] lockdep_rcu_suspicious+0xf8/0x10c [ 55.508806] __might_resched+0xd0/0x240 [ 55.512694] __might_sleep+0x58/0xb0 [ 55.516316] do_page_fault+0x244/0x4d0 [ 55.520116] do_translation_fault+0xd8/0x100 [ 55.524443] do_mem_abort+0x58/0xb0 [ 55.527979] el1_abort+0x44/0x70 [ 55.531248] el1h_64_sync_handler+0xa4/0xd0 [ 55.535487] el1h_64_sync+0x64/0x68 [ 55.539020] __lock_acquire+0x53c/0x2040 [ 55.542995] lock_acquire.part.0+0xe8/0x24c [ 55.547233] lock_acquire+0x84/0xa0 [ 55.550766] down_write+0x60/0xc4 [ 55.554123] simple_recursive_removal+0x58/0x290 [ 55.558803] debugfs_remove+0x5c/0x80 [ 55.562516] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 55.568614] devm_action_release+0x24/0x3c [ 55.572764] release_nodes+0x64/0x9c [ 55.576384] devres_release_all+0x94/0xec [ 55.580447] device_unbind_cleanup+0x24/0x74 [ 55.584773] device_release_driver_internal+0x240/0x290 [ 55.590070] driver_detach+0x5c/0xf0 [ 55.593691] bus_remove_driver+0x6c/0x10c [ 55.597753] driver_unregister+0x38/0x6c [ 55.601728] platform_driver_unregister+0x24/0x34 [ 55.606497] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 55.611707] __arm64_sys_delete_module+0x184/0x2f0 [ 55.616562] invoke_syscall+0x8c/0x120 [ 55.620362] el0_svc_common.constprop.0+0x104/0x124 [ 55.625307] do_el0_svc+0x44/0xc0 [ 55.628664] el0_svc+0x48/0xc0 [ 55.631757] el0t_64_sync_handler+0xbc/0x140 [ 55.636084] el0t_64_sync+0x18c/0x190 [ 55.639793] [ 55.641298] ============================= [ 55.645356] WARNING: suspicious RCU usage [ 55.649417] 6.0.0-rc5 #1 Not tainted [ 55.653037] ----------------------------- [ 55.657096] kernel/sched/core.c:9854 Illegal context switch in RCU-sched read-side critical section! [ 55.666356] [ 55.666356] other info that might help us debug this: [ 55.666356] [ 55.674469] [ 55.674469] rcu_scheduler_active = 2, debug_locks = 1 [ 55.681084] 1 lock held by modprobe/563: [ 55.685057] #0: ffff00004cf450f8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x50/0x290 [ 55.694863] [ 55.694863] stack backtrace: [ 55.699275] CPU: 2 PID: 563 Comm: modprobe Not tainted 6.0.0-rc5 #1 [ 55.705628] Hardware name: Raspberry Pi 4 Model B (DT) [ 55.710834] Call trace: [ 55.713306] dump_backtrace+0xe4/0x130 [ 55.717103] show_stack+0x30/0x70 [ 55.720459] dump_stack_lvl+0x8c/0xb8 [ 55.724170] dump_stack+0x18/0x34 [ 55.727526] lockdep_rcu_suspicious+0xf8/0x10c [ 55.732029] __might_resched+0x214/0x240 [ 55.736003] __might_sleep+0x58/0xb0 [ 55.739625] do_page_fault+0x244/0x4d0 [ 55.743424] do_translation_fault+0xd8/0x100 [ 55.747751] do_mem_abort+0x58/0xb0 [ 55.751286] el1_abort+0x44/0x70 [ 55.754556] el1h_64_sync_handler+0xa4/0xd0 [ 55.758794] el1h_64_sync+0x64/0x68 [ 55.762326] __lock_acquire+0x53c/0x2040 [ 55.766301] lock_acquire.part.0+0xe8/0x24c [ 55.770538] lock_acquire+0x84/0xa0 [ 55.774072] down_write+0x60/0xc4 [ 55.777428] simple_recursive_removal+0x58/0x290 [ 55.782107] debugfs_remove+0x5c/0x80 [ 55.785818] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 55.791911] devm_action_release+0x24/0x3c [ 55.796061] release_nodes+0x64/0x9c [ 55.799682] devres_release_all+0x94/0xec [ 55.803743] device_unbind_cleanup+0x24/0x74 [ 55.808070] device_release_driver_internal+0x240/0x290 [ 55.813367] driver_detach+0x5c/0xf0 [ 55.816988] bus_remove_driver+0x6c/0x10c [ 55.821050] driver_unregister+0x38/0x6c [ 55.825025] platform_driver_unregister+0x24/0x34 [ 55.829793] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 55.835002] __arm64_sys_delete_module+0x184/0x2f0 [ 55.839858] invoke_syscall+0x8c/0x120 [ 55.843657] el0_svc_common.constprop.0+0x104/0x124 [ 55.848602] do_el0_svc+0x44/0xc0 [ 55.851958] el0_svc+0x48/0xc0 [ 55.855051] el0t_64_sync_handler+0xbc/0x140 [ 55.859378] el0t_64_sync+0x18c/0x190 [ 55.863087] BUG: sleeping function called from invalid context at arch/arm64/mm/fault.c:593 [ 55.871554] in_atomic(): 0, irqs_disabled(): 128, non_block: 0, pid: 563, name: modprobe [ 55.879757] preempt_count: 0, expected: 0 [ 55.883816] RCU nest depth: 0, expected: 0 [ 55.887965] 1 lock held by modprobe/563: [ 55.891936] #0: ffff00004cf450f8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0x50/0x290 [ 55.901743] irq event stamp: 10213 [ 55.905185] hardirqs last enabled at (10213): [<ffff8000096e2e74>] _raw_spin_unlock_irqrestore+0x84/0xa0 [ 55.914888] hardirqs last disabled at (10212): [<ffff8000096e3314>] _raw_spin_lock_irqsave+0xa4/0xb0 [ 55.924151] softirqs last enabled at (9742): [<ffff800008010be4>] __do_softirq+0x514/0x62c [ 55.932618] softirqs last disabled at (9737): [<ffff8000080b4768>] __irq_exit_rcu+0x164/0x19c [ 55.941265] CPU: 2 PID: 563 Comm: modprobe Not tainted 6.0.0-rc5 #1 [ 55.947618] Hardware name: Raspberry Pi 4 Model B (DT) [ 55.952823] Call trace: [ 55.955296] dump_backtrace+0xe4/0x130 [ 55.959093] show_stack+0x30/0x70 [ 55.962448] dump_stack_lvl+0x8c/0xb8 [ 55.966159] dump_stack+0x18/0x34 [ 55.969515] __might_resched+0x1c4/0x240 [ 55.973490] __might_sleep+0x58/0xb0 [ 55.977111] do_page_fault+0x244/0x4d0 [ 55.980910] do_translation_fault+0xd8/0x100 [ 55.985238] do_mem_abort+0x58/0xb0 [ 55.988774] el1_abort+0x44/0x70 [ 55.992043] el1h_64_sync_handler+0xa4/0xd0 [ 55.996281] el1h_64_sync+0x64/0x68 [ 55.999814] __lock_acquire+0x53c/0x2040 [ 56.003789] lock_acquire.part.0+0xe8/0x24c [ 56.008028] lock_acquire+0x84/0xa0 [ 56.011560] down_write+0x60/0xc4 [ 56.014916] simple_recursive_removal+0x58/0x290 [ 56.019594] debugfs_remove+0x5c/0x80 [ 56.023306] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 56.029400] devm_action_release+0x24/0x3c [ 56.033549] release_nodes+0x64/0x9c [ 56.037170] devres_release_all+0x94/0xec [ 56.041232] device_unbind_cleanup+0x24/0x74 [ 56.045559] device_release_driver_internal+0x240/0x290 [ 56.050855] driver_detach+0x5c/0xf0 [ 56.054477] bus_remove_driver+0x6c/0x10c [ 56.058539] driver_unregister+0x38/0x6c [ 56.062513] platform_driver_unregister+0x24/0x34 [ 56.067281] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 56.072490] __arm64_sys_delete_module+0x184/0x2f0 [ 56.077346] invoke_syscall+0x8c/0x120 [ 56.081145] el0_svc_common.constprop.0+0x104/0x124 [ 56.086089] do_el0_svc+0x44/0xc0 [ 56.089446] el0_svc+0x48/0xc0 [ 56.092539] el0t_64_sync_handler+0xbc/0x140 [ 56.096866] el0t_64_sync+0x18c/0x190 [ 56.100584] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000150 [ 56.109495] Mem abort info: [ 56.112320] ESR = 0x0000000096000006 [ 56.116116] EC = 0x25: DABT (current EL), IL = 32 bits [ 56.121499] SET = 0, FnV = 0 [ 56.124589] EA = 0, S1PTW = 0 [ 56.127767] FSC = 0x06: level 2 translation fault [ 56.132708] Data abort info: [ 56.135622] ISV = 0, ISS = 0x00000006 [ 56.139505] CM = 0, WnR = 0 [ 56.142506] user pgtable: 4k pages, 48-bit VAs, pgdp=000000004adb5000 [ 56.149035] [0000000000000150] pgd=08000000469d2003, p4d=08000000469d2003, pud=0800000046b70003, pmd=0000000000000000 [ 56.159807] Internal error: Oops: 96000006 [#1] PREEMPT SMP [ 56.165455] Modules linked in: gpio_mockup(-) algif_hash aes_neon_bs aes_neon_blk xhci_pci raspberrypi_cpufreq snd_soc_hdmi_codec xhci_pci_renesas brcmfmac brcmutil hci_uart btqca btbcm cfg80211 bluetooth reset_raspberrypi crct10dif_ce clk_raspberrypi raspberrypi_hwmon rfkill iproc_rng200 pwm_bcm2835 v3d rng_core i2c_bcm2835 drm_shmem_helper vc4 bcm2711_thermal cec drm_display_helper drm_cma_helper gpu_sched pcie_brcmstb drm_kms_helper fuse drm [ 56.205467] CPU: 2 PID: 563 Comm: modprobe Tainted: G W 6.0.0-rc5 #1 [ 56.213318] Hardware name: Raspberry Pi 4 Model B (DT) [ 56.218523] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 56.225582] pc : __lock_acquire+0x53c/0x2040 [ 56.229910] lr : lock_acquire.part.0+0xe8/0x24c [ 56.234499] sp : ffff80000d03b8a0 [ 56.237852] x29: ffff80000d03b8a0 x28: ffff800008456678 x27: 0000000000000000 [ 56.245091] x26: ffff800008456678 x25: 0000000000000150 x24: 0000000000000000 [ 56.252329] x23: ffff00004c200040 x22: 0000000000000000 x21: 0000000000000001 [ 56.259567] x20: 0000000000000000 x19: 0000000000000000 x18: 0000000000000000 [ 56.266804] x17: ffff800008b93ed0 x16: 0000000000000000 x15: 0000000000000028 [ 56.274041] x14: 000000000004ffff x13: ffff80000b40dd00 x12: ffff80000802cff8 [ 56.281279] x11: ffff80000b40d840 x10: ffff80000802cdfc x9 : 0000000100000000 [ 56.288517] x8 : ffff00004c200040 x7 : ffff800008456678 x6 : 0000000000000000 [ 56.295755] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000 [ 56.302992] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff80000aeb6000 [ 56.310230] Call trace: [ 56.312701] __lock_acquire+0x53c/0x2040 [ 56.316674] lock_acquire.part.0+0xe8/0x24c [ 56.320911] lock_acquire+0x84/0xa0 [ 56.324444] down_write+0x60/0xc4 [ 56.327799] simple_recursive_removal+0x58/0x290 [ 56.332477] debugfs_remove+0x5c/0x80 [ 56.336186] gpio_mockup_debugfs_cleanup+0x24/0x34 [gpio_mockup] [ 56.342276] devm_action_release+0x24/0x3c [ 56.346425] release_nodes+0x64/0x9c [ 56.350043] devres_release_all+0x94/0xec [ 56.354104] device_unbind_cleanup+0x24/0x74 [ 56.358430] device_release_driver_internal+0x240/0x290 [ 56.363725] driver_detach+0x5c/0xf0 [ 56.367346] bus_remove_driver+0x6c/0x10c [ 56.371407] driver_unregister+0x38/0x6c [ 56.375380] platform_driver_unregister+0x24/0x34 [ 56.380147] gpio_mockup_exit+0x24/0x20c [gpio_mockup] [ 56.385356] __arm64_sys_delete_module+0x184/0x2f0 [ 56.390211] invoke_syscall+0x8c/0x120 [ 56.394009] el0_svc_common.constprop.0+0x104/0x124 [ 56.398952] do_el0_svc+0x44/0xc0 [ 56.402308] el0_svc+0x48/0xc0 [ 56.405400] el0t_64_sync_handler+0xbc/0x140 [ 56.409725] el0t_64_sync+0x18c/0x190 [ 56.413435] Code: 6b01001f 54002668 a94573fb 1400003d (f9400321) [ 56.419613] ---[ end trace 0000000000000000 ]--- Full test log, https://lkft.validation.linaro.org/scheduler/job/5528616#L1360 metadata: git_ref: master git_repo: https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline git_sha: 3245cb65fd91cd514801bf91f5a3066d562f0ac4 git_describe: v6.0-rc5-25-g3245cb65fd91 kernel_version: 6.0.0-rc5 kernel-config: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv/config vmlinux.xz: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv/vmlinux.xz System.map: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv/System.map build-url: https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline/-/pipelines/… artifact-location: https://builds.tuxbuild.com/2EkryDJF2MJ3zNyYOYb016CJbRv toolchain: gcc-11 -- Linaro LKFT https://lkft.linaro.org

2 years, 7 months

2
1
0 0

[PATCH net-next,v3 01/18] net/sched: sch_api: add helper for tc qdisc walker stats dump

by Zhengchao Shao

The walk implementation of most qdisc class modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So we can reconstruct them. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- include/net/pkt_sched.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/net/pkt_sched.h b/include/net/pkt_sched.h index 29f65632ebc5..2ff80cd04c5c 100644 --- a/include/net/pkt_sched.h +++ b/include/net/pkt_sched.h @@ -222,4 +222,17 @@ static inline struct tc_skb_cb *tc_skb_cb(const struct sk_buff *skb) return cb; } +static inline bool tc_qdisc_stats_dump(struct Qdisc *sch, + unsigned long cl, + struct qdisc_walker *arg) +{ + if (arg->count >= arg->skip && arg->fn(sch, cl, arg) < 0) { + arg->stop = 1; + return false; + } + + arg->count++; + return true; +} + #endif -- 2.17.1

2 years, 7 months

2
1
0 0

[PATCH net-next,v3 02/18] net/sched: use tc_qdisc_stats_dump() in qdisc

by Zhengchao Shao

use tc_qdisc_stats_dump() in qdisc. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- net/sched/sch_atm.c | 6 +----- net/sched/sch_cake.c | 9 +++------ net/sched/sch_cbq.c | 9 +-------- net/sched/sch_cbs.c | 8 +------- net/sched/sch_drr.c | 9 +-------- net/sched/sch_dsmark.c | 14 +++++--------- net/sched/sch_ets.c | 9 +-------- net/sched/sch_fq_codel.c | 8 ++------ net/sched/sch_hfsc.c | 9 +-------- net/sched/sch_htb.c | 9 +-------- net/sched/sch_mq.c | 5 +---- net/sched/sch_mqprio.c | 5 +---- net/sched/sch_multiq.c | 9 +-------- net/sched/sch_netem.c | 8 ++------ net/sched/sch_prio.c | 9 +-------- net/sched/sch_qfq.c | 9 +-------- net/sched/sch_red.c | 7 +------ net/sched/sch_sfb.c | 7 +------ net/sched/sch_sfq.c | 8 ++------ net/sched/sch_skbprio.c | 9 +-------- net/sched/sch_taprio.c | 5 +---- net/sched/sch_tbf.c | 7 +------ 22 files changed, 31 insertions(+), 147 deletions(-) diff --git a/net/sched/sch_atm.c b/net/sched/sch_atm.c index 816fd0d7ba38..f52255fea652 100644 --- a/net/sched/sch_atm.c +++ b/net/sched/sch_atm.c @@ -354,12 +354,8 @@ static void atm_tc_walk(struct Qdisc *sch, struct qdisc_walker *walker) if (walker->stop) return; list_for_each_entry(flow, &p->flows, list) { - if (walker->count >= walker->skip && - walker->fn(sch, (unsigned long)flow, walker) < 0) { - walker->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)flow, walker)) break; - } - walker->count++; } } diff --git a/net/sched/sch_cake.c b/net/sched/sch_cake.c index 36acc95d611e..55c6879d2c7e 100644 --- a/net/sched/sch_cake.c +++ b/net/sched/sch_cake.c @@ -3061,16 +3061,13 @@ static void cake_walk(struct Qdisc *sch, struct qdisc_walker *arg) struct cake_tin_data *b = &q->tins[q->tin_order[i]]; for (j = 0; j < CAKE_QUEUES; j++) { - if (list_empty(&b->flows[j].flowchain) || - arg->count < arg->skip) { + if (list_empty(&b->flows[j].flowchain)) { arg->count++; continue; } - if (arg->fn(sch, i * CAKE_QUEUES + j + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i * CAKE_QUEUES + j + 1, + arg)) break; - } - arg->count++; } } } diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c index ba99ce05cd52..6568e17c4c63 100644 --- a/net/sched/sch_cbq.c +++ b/net/sched/sch_cbq.c @@ -1676,15 +1676,8 @@ static void cbq_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (h = 0; h < q->clhash.hashsize; h++) { hlist_for_each_entry(cl, &q->clhash.hash[h], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_cbs.c b/net/sched/sch_cbs.c index 459cc240eda9..cac870eb7897 100644 --- a/net/sched/sch_cbs.c +++ b/net/sched/sch_cbs.c @@ -520,13 +520,7 @@ static unsigned long cbs_find(struct Qdisc *sch, u32 classid) static void cbs_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) { - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } diff --git a/net/sched/sch_drr.c b/net/sched/sch_drr.c index 4e5b1cf11b85..e35a4e90f4e6 100644 --- a/net/sched/sch_drr.c +++ b/net/sched/sch_drr.c @@ -284,15 +284,8 @@ static void drr_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_dsmark.c b/net/sched/sch_dsmark.c index 7da6dc38a382..401ffaf87d62 100644 --- a/net/sched/sch_dsmark.c +++ b/net/sched/sch_dsmark.c @@ -176,16 +176,12 @@ static void dsmark_walk(struct Qdisc *sch, struct qdisc_walker *walker) return; for (i = 0; i < p->indices; i++) { - if (p->mv[i].mask == 0xff && !p->mv[i].value) - goto ignore; - if (walker->count >= walker->skip) { - if (walker->fn(sch, i + 1, walker) < 0) { - walker->stop = 1; - break; - } + if (p->mv[i].mask == 0xff && !p->mv[i].value) { + walker->count++; + continue; } -ignore: - walker->count++; + if (!tc_qdisc_stats_dump(sch, i + 1, walker)) + break; } } diff --git a/net/sched/sch_ets.c b/net/sched/sch_ets.c index a3aea22ef09d..b10efeaf0629 100644 --- a/net/sched/sch_ets.c +++ b/net/sched/sch_ets.c @@ -341,15 +341,8 @@ static void ets_qdisc_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->nbands; i++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_fq_codel.c b/net/sched/sch_fq_codel.c index eeea8c6d54e2..99d318b60568 100644 --- a/net/sched/sch_fq_codel.c +++ b/net/sched/sch_fq_codel.c @@ -673,16 +673,12 @@ static void fq_codel_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->flows_cnt; i++) { - if (list_empty(&q->flows[i].flowchain) || - arg->count < arg->skip) { + if (list_empty(&q->flows[i].flowchain)) { arg->count++; continue; } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_hfsc.c b/net/sched/sch_hfsc.c index c8bef923c79c..70b0c5873d32 100644 --- a/net/sched/sch_hfsc.c +++ b/net/sched/sch_hfsc.c @@ -1349,15 +1349,8 @@ hfsc_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], cl_common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_htb.c b/net/sched/sch_htb.c index 78d0c7549c74..e5b4bbf3ce3d 100644 --- a/net/sched/sch_htb.c +++ b/net/sched/sch_htb.c @@ -2119,15 +2119,8 @@ static void htb_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_mq.c b/net/sched/sch_mq.c index 83d2e54bf303..d0bc660d7401 100644 --- a/net/sched/sch_mq.c +++ b/net/sched/sch_mq.c @@ -247,11 +247,8 @@ static void mq_walk(struct Qdisc *sch, struct qdisc_walker *arg) arg->count = arg->skip; for (ntx = arg->skip; ntx < dev->num_tx_queues; ntx++) { - if (arg->fn(sch, ntx + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, ntx + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_mqprio.c b/net/sched/sch_mqprio.c index b29f3453c6ea..4c68abaa289b 100644 --- a/net/sched/sch_mqprio.c +++ b/net/sched/sch_mqprio.c @@ -558,11 +558,8 @@ static void mqprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) /* Walk hierarchy with a virtual class per tc */ arg->count = arg->skip; for (ntx = arg->skip; ntx < netdev_get_num_tc(dev); ntx++) { - if (arg->fn(sch, ntx + TC_H_MIN_PRIORITY, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, ntx + TC_H_MIN_PRIORITY, arg)) return; - } - arg->count++; } /* Pad the values and skip over unused traffic classes */ diff --git a/net/sched/sch_multiq.c b/net/sched/sch_multiq.c index f28050c7f12d..75c9c860182b 100644 --- a/net/sched/sch_multiq.c +++ b/net/sched/sch_multiq.c @@ -353,15 +353,8 @@ static void multiq_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (band = 0; band < q->bands; band++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, band + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, band + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c index b70ac04110dd..18f4273a835b 100644 --- a/net/sched/sch_netem.c +++ b/net/sched/sch_netem.c @@ -1251,12 +1251,8 @@ static unsigned long netem_find(struct Qdisc *sch, u32 classid) static void netem_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + if (!tc_qdisc_stats_dump(sch, 1, walker)) + return; } } diff --git a/net/sched/sch_prio.c b/net/sched/sch_prio.c index 298794c04836..fdc5ef52c3ee 100644 --- a/net/sched/sch_prio.c +++ b/net/sched/sch_prio.c @@ -376,15 +376,8 @@ static void prio_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (prio = 0; prio < q->bands; prio++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, prio + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, prio + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_qfq.c b/net/sched/sch_qfq.c index 13246a9dc5c1..cf5ebe43b3b4 100644 --- a/net/sched/sch_qfq.c +++ b/net/sched/sch_qfq.c @@ -659,15 +659,8 @@ static void qfq_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, (unsigned long)cl, arg)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_red.c b/net/sched/sch_red.c index 4952406f70b9..a5a401f93c1a 100644 --- a/net/sched/sch_red.c +++ b/net/sched/sch_red.c @@ -516,12 +516,7 @@ static unsigned long red_find(struct Qdisc *sch, u32 classid) static void red_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } diff --git a/net/sched/sch_sfb.c b/net/sched/sch_sfb.c index 1be8d04d69dc..e2389fa3cff8 100644 --- a/net/sched/sch_sfb.c +++ b/net/sched/sch_sfb.c @@ -659,12 +659,7 @@ static int sfb_delete(struct Qdisc *sch, unsigned long cl, static void sfb_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c index f8e569f79f13..abd436307d6a 100644 --- a/net/sched/sch_sfq.c +++ b/net/sched/sch_sfq.c @@ -888,16 +888,12 @@ static void sfq_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->divisor; i++) { - if (q->ht[i] == SFQ_EMPTY_SLOT || - arg->count < arg->skip) { + if (q->ht[i] == SFQ_EMPTY_SLOT) { arg->count++; continue; } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_skbprio.c b/net/sched/sch_skbprio.c index df72fb83d9c7..5df2dacb7b1a 100644 --- a/net/sched/sch_skbprio.c +++ b/net/sched/sch_skbprio.c @@ -265,15 +265,8 @@ static void skbprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < SKBPRIO_MAX_PRIORITY; i++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, i + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_taprio.c b/net/sched/sch_taprio.c index db88a692ef81..bddc1ed0c56b 100644 --- a/net/sched/sch_taprio.c +++ b/net/sched/sch_taprio.c @@ -2000,11 +2000,8 @@ static void taprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) arg->count = arg->skip; for (ntx = arg->skip; ntx < dev->num_tx_queues; ntx++) { - if (arg->fn(sch, ntx + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, ntx + 1, arg)) break; - } - arg->count++; } } diff --git a/net/sched/sch_tbf.c b/net/sched/sch_tbf.c index e031c1a41ea6..277ad11f4d61 100644 --- a/net/sched/sch_tbf.c +++ b/net/sched/sch_tbf.c @@ -580,12 +580,7 @@ static unsigned long tbf_find(struct Qdisc *sch, u32 classid) static void tbf_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, 1, walker); } } -- 2.17.1

2 years, 7 months

2
1
0 0

[PATCH net-next,v3 18/18] selftests/tc-testing: add show class case for red qdisc

by Zhengchao Shao

Test 290a: Show RED class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/red.json | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json index 0703a2a255eb..4b3e449857f2 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json @@ -181,5 +181,28 @@ "$TC qdisc del dev $DUMMY handle 1: root", "$IP link del dev $DUMMY type dummy" ] + }, + { + "id": "290a", + "name": "Show RED class", + "category": [ + "qdisc", + "red" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root red limit 1M avpkt 1500 min 100K max 300K", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class red 1:[0-9]+ parent 1:", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 17/18] selftests/tc-testing: add show class case for prio qdisc

by Zhengchao Shao

Test 2410: Show prio class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/prio.json | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json index 3076c02d08d6..8186de2f0dcf 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json @@ -272,5 +272,25 @@ "teardown": [ "$IP link del dev $DUMMY type dummy" ] + }, + { + "id": "2410", + "name": "Show prio class", + "category": [ + "qdisc", + "prio" + ], + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root prio", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class prio 1:[0-9]+ parent 1:", + "matchCount": "3", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root prio", + "$IP link del dev $DUMMY type dummy" + ] } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 16/18] selftests/tc-testing: add show class case for mq qdisc

by Zhengchao Shao

Test 1023: Show mq class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/mq.json | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json index c6046096d9db..44fbfc6caec7 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json @@ -133,5 +133,27 @@ "teardown": [ "echo \"1\" > /sys/bus/netdevsim/del_device" ] - } + }, + { + "id": "1023", + "name": "Show mq class", + "category": [ + "qdisc", + "mq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 4\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mq", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $ETH", + "matchPattern": "class mq 1:[0-9]+ root", + "matchCount": "4", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 15/18] selftests/tc-testing: add show class case for ingress qdisc

by Zhengchao Shao

Test 0521: Show ingress class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/ingress.json | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json index d99dba6e2b1a..11d33362408c 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json @@ -98,5 +98,25 @@ "teardown": [ "$IP link del dev $DUMMY type dummy" ] + }, + { + "id": "0521", + "name": "Show ingress class", + "category": [ + "qdisc", + "ingress" + ], + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY ingress", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class ingress", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY ingress", + "$IP link del dev $DUMMY type dummy" + ] } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 14/18] selftests/tc-testing: add selftests for qfq qdisc

by Zhengchao Shao

Test 0582: Create QFQ with default setting Test c9a3: Create QFQ with class weight setting Test 8452: Create QFQ with class maxpkt setting Test d920: Create QFQ with multiple class setting Test 0548: Delete QFQ with handle Test 5901: Show QFQ class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/qfq.json | 145 ++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json new file mode 100644 index 000000000000..330f1a25e0ab --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json @@ -0,0 +1,145 @@ +[ + { + "id": "0582", + "name": "Create QFQ with default setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root qfq", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc qfq 1: root refcnt [0-9]+", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "c9a3", + "name": "Create QFQ with class weight setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 qfq weight 100", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:1 root weight 100 maxpkt", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8452", + "name": "Create QFQ with class maxpkt setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 qfq maxpkt 2000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:1 root weight 1 maxpkt 2000", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "d920", + "name": "Create QFQ with multiple class setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq", + "$TC class add dev $DUMMY parent 1: classid 1:1 qfq weight 100" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:2 qfq weight 200", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:[0-9]+ root weight [0-9]+00 maxpkt", + "matchCount": "2", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0548", + "name": "Delete QFQ with handle", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq", + "$TC class add dev $DUMMY parent 1: classid 1:1 qfq weight 100" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "qdisc qfq 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5901", + "name": "Show QFQ class", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root qfq", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 13/18] selftests/tc-testing: add selftests for netem qdisc

by Zhengchao Shao

Test cb28: Create NETEM with default setting Test a089: Create NETEM with limit flag Test 3449: Create NETEM with delay time Test 3782: Create NETEM with distribution and corrupt flag Test 2b82: Create NETEM with distribution and duplicate flag Test a932: Create NETEM with distribution and loss flag Test e01a: Create NETEM with distribution and loss state flag Test ba29: Create NETEM with loss gemodel flag Test 0492: Create NETEM with reorder flag Test 7862: Create NETEM with rate limit Test 7235: Create NETEM with multiple slot rate Test 5439: Create NETEM with multiple slot setting Test 5029: Change NETEM with loss state Test 3785: Replace NETEM with delay time Test 4502: Delete NETEM with handle Test 0785: Show NETEM class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/netem.json | 372 ++++++++++++++++++ 1 file changed, 372 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json new file mode 100644 index 000000000000..7e41f548f8e8 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json @@ -0,0 +1,372 @@ +[ + { + "id": "cb28", + "name": "Create NETEM with default setting", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ limit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a089", + "name": "Create NETEM with limit flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem limit 200", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ limit 200", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3449", + "name": "Create NETEM with delay time", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3782", + "name": "Create NETEM with distribution and corrupt flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal corrupt 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms corrupt 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2b82", + "name": "Create NETEM with distribution and duplicate flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal duplicate 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms duplicate 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a932", + "name": "Create NETEM with distribution and loss flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution pareto loss 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms loss 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "e01a", + "name": "Create NETEM with distribution and loss state flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution paretonormal loss state 1", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms loss state p13 1% p31 99% p32 0% p23 100% p14 0%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "ba29", + "name": "Create NETEM with loss gemodel flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem loss gemodel 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*loss gemodel p 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0492", + "name": "Create NETEM with reorder flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms reorder 2% gap 100", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*reorder 2%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "7862", + "name": "Create NETEM with rate limit", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem rate 20000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*rate 20Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "7235", + "name": "Create NETEM with multiple slot rate", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem slot 10 200 packets 2000 bytes 9000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*slot 10ns 200ns packets 2000 bytes 9000", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5439", + "name": "Create NETEM with multiple slot setting", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem slot distribution pareto 1ms 0.1ms", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*slot distribution 1ms 100us", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5029", + "name": "Change NETEM with loss state", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal loss 1%" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal loss 2%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*loss 2%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3785", + "name": "Replace NETEM with delay time", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal loss 1%" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root netem delay 200ms 10ms", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 200ms 10ms", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4502", + "name": "Delete NETEM with handle", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0785", + "name": "Show NETEM class", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class netem 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 12/18] selftests/tc-testing: add selftests for multiq qdisc

by Zhengchao Shao

Test 20ba: Add multiq Qdisc to multi-queue device (8 queues) Test 4301: List multiq Class Test 7832: Delete nonexistent multiq Qdisc Test 2891: Delete multiq Qdisc twice Test 1329: Add multiq Qdisc to single-queue device Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/multiq.json | 114 ++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json new file mode 100644 index 000000000000..12c0af7a145d --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json @@ -0,0 +1,114 @@ +[ + { + "id": "20ba", + "name": "Add multiq Qdisc to multi-queue device (8 queues)", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: multiq", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc multiq 1: root refcnt [0-9]+ bands 8", + "matchCount": "1", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "4301", + "name": "List multiq Class", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: multiq", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $ETH", + "matchPattern": "class multiq 1:[0-9]+ parent 1:", + "matchCount": "8", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "7832", + "name": "Delete nonexistent multiq Qdisc", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 4\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1: multiq", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc multiq 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "2891", + "name": "Delete multiq Qdisc twice", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device", + "$TC qdisc add dev $ETH root handle 1: multiq", + "$TC qdisc del dev $ETH root handle 1:" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1:", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "1329", + "name": "Add multiq Qdisc to single-queue device", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: multiq", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc multiq 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 11/18] selftests/tc-testing: add selftests for mqprio qdisc

by Zhengchao Shao

Test 9903: Add mqprio Qdisc to multi-queue device (8 queues) Test 453a: Delete nonexistent mqprio Qdisc Test 5292: Delete mqprio Qdisc twice Test 45a9: Add mqprio Qdisc to single-queue device Test 2ba9: Show mqprio class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/mqprio.json | 114 ++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json new file mode 100644 index 000000000000..6e1973f731e9 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json @@ -0,0 +1,114 @@ +[ + { + "id": "9903", + "name": "Add mqprio Qdisc to multi-queue device (8 queues)", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root tc 8 map 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0.*queues:\$0:0\$ \$1:1\$ \$2:2\$ \$3:3\$ \$4:4\$ \$5:5\$ \$6:6\$ \$7:7\$", + "matchCount": "1", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "453a", + "name": "Delete nonexistent mqprio Qdisc", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 4\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1: mqprio", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "5292", + "name": "Delete mqprio Qdisc twice", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device", + "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "$TC qdisc del dev $ETH root handle 1:" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1:", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "45a9", + "name": "Add mqprio Qdisc to single-queue device", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "2ba9", + "name": "Show mqprio class", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $ETH", + "matchPattern": "class mqprio 1:", + "matchCount": "16", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 10/18] selftests/tc-testing: add selftests for htb qdisc

by Zhengchao Shao

Test 0904: Create HTB with default setting Test 3906: Create HTB with default-N setting Test 8492: Create HTB with r2q setting Test 9502: Create HTB with direct_qlen setting Test b924: Create HTB with class rate and burst setting Test 4359: Create HTB with class mpu setting Test 9048: Create HTB with class prio setting Test 4994: Create HTB with class ceil setting Test 9523: Create HTB with class cburst setting Test 5353: Create HTB with class mtu setting Test 346a: Create HTB with class quantum setting Test 303a: Delete HTB with handle Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/htb.json | 285 ++++++++++++++++++ 1 file changed, 285 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json new file mode 100644 index 000000000000..9529899482e0 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json @@ -0,0 +1,285 @@ +[ + { + "id": "0904", + "name": "Create HTB with default setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 10 default 0 direct_packets_stat.*direct_qlen", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3906", + "name": "Create HTB with default-N setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb default 10", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 10 default 0x10 direct_packets_stat.* direct_qlen", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8492", + "name": "Create HTB with r2q setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb r2q 5", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 5 default 0 direct_packets_stat.*direct_qlen", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9502", + "name": "Create HTB with direct_qlen setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb direct_qlen 1024", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 10 default 0 direct_packets_stat.*direct_qlen 1024", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "b924", + "name": "Create HTB with class rate and burst setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20kbit burst 1000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1000b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4359", + "name": "Create HTB with class mpu setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit mpu 64", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9048", + "name": "Create HTB with class prio setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit prio 1", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 1 rate 20Kbit ceil 20Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4994", + "name": "Create HTB with class ceil setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit ceil 10Kbit", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 10Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9523", + "name": "Create HTB with class cburst setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit cburst 2000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1600b cburst 2000b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5353", + "name": "Create HTB with class mtu setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit mtu 2048", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 2Kb cburst 2Kb", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "346a", + "name": "Create HTB with class quantum setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit quantum 2048", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "303a", + "name": "Delete HTB with handle", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb r2q 5" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 09/18] selftests/tc-testing: add selftests for hfsc qdisc

by Zhengchao Shao

Test 3254: Create HFSC with default setting Test 0289: Create HFSC with class sc and ul rate setting Test 846a: Create HFSC with class sc umax and dmax setting Test 5413: Create HFSC with class rt and ls rate setting Test 9312: Create HFSC with class rt umax and dmax setting Test 6931: Delete HFSC with handle Test 8436: Show HFSC class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/hfsc.json | 167 ++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json new file mode 100644 index 000000000000..af27b2c20e17 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json @@ -0,0 +1,167 @@ +[ + { + "id": "3254", + "name": "Create HFSC with default setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root hfsc", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc hfsc 1: root refcnt [0-9]+", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0289", + "name": "Create HFSC with class sc and ul rate setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc sc rate 20000 ul rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: sc m1 0bit d 0us m2 20Kbit ul m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "846a", + "name": "Create HFSC with class sc umax and dmax setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc sc umax 1540 dmax 5ms rate 10000 ul rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: sc m1 2464Kbit d 5ms m2 10Kbit ul m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5413", + "name": "Create HFSC with class rt and ls rate setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc rt rate 20000 ls rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: rt m1 0bit d 0us m2 20Kbit ls m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9312", + "name": "Create HFSC with class rt umax and dmax setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc rt umax 1540 dmax 5ms rate 10000 ls rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: rt m1 2464Kbit d 5ms m2 10Kbit ls m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6931", + "name": "Delete HFSC with handle", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc hfsc 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8436", + "name": "Show HFSC class", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root hfsc", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1: root", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 08/18] selftests/tc-testing: add selftests for fq_codel qdisc

by Zhengchao Shao

Test 4957: Create FQ_CODEL with default setting Test 7621: Create FQ_CODEL with limit setting Test 6871: Create FQ_CODEL with memory_limit setting Test 5636: Create FQ_CODEL with target setting Test 630a: Create FQ_CODEL with interval setting Test 4324: Create FQ_CODEL with quantum setting Test b190: Create FQ_CODEL with noecn flag Test 5381: Create FQ_CODEL with ce_threshold setting Test c9d2: Create FQ_CODEL with drop_batch setting Test 523b: Create FQ_CODEL with multiple setting Test 9283: Replace FQ_CODEL with noecn setting Test 3459: Change FQ_CODEL with limit setting Test 0128: Delete FQ_CODEL with handle Test 0435: Show FQ_CODEL class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/fq_codel.json | 326 ++++++++++++++++++ 1 file changed, 326 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json new file mode 100644 index 000000000000..a65266357a9a --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json @@ -0,0 +1,326 @@ +[ + { + "id": "4957", + "name": "Create FQ_CODEL with default setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "7621", + "name": "Create FQ_CODEL with limit setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6871", + "name": "Create FQ_CODEL with memory_limit setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel memory_limit 100000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 100000b ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5636", + "name": "Create FQ_CODEL with target setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel target 2000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 2ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "630a", + "name": "Create FQ_CODEL with interval setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel interval 5000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 5ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4324", + "name": "Create FQ_CODEL with quantum setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel quantum 9000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum 9000 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "b190", + "name": "Create FQ_CODEL with noecn flag", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel noecn", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5381", + "name": "Create FQ_CODEL with ce_threshold setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel ce_threshold 1024000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms ce_threshold 1.02s interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "c9d2", + "name": "Create FQ_CODEL with drop_batch setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel drop_batch 100", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "523b", + "name": "Create FQ_CODEL with multiple setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9283", + "name": "Replace FQ_CODEL with noecn setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root fq_codel noecn", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3459", + "name": "Change FQ_CODEL with limit setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root fq_codel limit 2000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 2000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0128", + "name": "Delete FQ_CODEL with handle", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb noecn drop_batch 100", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0435", + "name": "Show FQ_CODEL class", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class fq_codel 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 07/18] selftests/tc-testing: add selftests for dsmark qdisc

by Zhengchao Shao

Test 6345: Create DSMARK with default setting Test 3462: Create DSMARK with default_index setting Test ca95: Create DSMARK with set_tc_index flag Test a950: Create DSMARK with multiple setting Test 4092: Delete DSMARK with handle Test 5930: Show DSMARK class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/dsmark.json | 140 ++++++++++++++++++ 1 file changed, 140 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json new file mode 100644 index 000000000000..c030795f9c37 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json @@ -0,0 +1,140 @@ +[ + { + "id": "6345", + "name": "Create DSMARK with default setting", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3462", + "name": "Create DSMARK with default_index setting", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 default_index 512", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400 default_index 0x0200", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "ca95", + "name": "Create DSMARK with set_tc_index flag", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 set_tc_index", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400 set_tc_index", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a950", + "name": "Create DSMARK with multiple setting", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 default_index 1024 set_tc_index", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400 default_index 0x0400 set_tc_index", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4092", + "name": "Delete DSMARK with handle", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 default_index 1024" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5930", + "name": "Show DSMARK class", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class dsmark 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 06/18] selftests/tc-testing: add selftests for drr qdisc

by Zhengchao Shao

Test 0385: Create DRR with default setting Test 2375: Delete DRR with handle Test 3092: Show DRR class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/drr.json | 71 +++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json new file mode 100644 index 000000000000..486a425b3c1c --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json @@ -0,0 +1,71 @@ +[ + { + "id": "0385", + "name": "Create DRR with default setting", + "category": [ + "qdisc", + "drr" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root drr", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc drr 1: root refcnt [0-9]+", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2375", + "name": "Delete DRR with handle", + "category": [ + "qdisc", + "drr" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root drr" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc drr 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3092", + "name": "Show DRR class", + "category": [ + "qdisc", + "drr" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root drr", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class drr 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 05/18] selftests/tc-testing: add selftests for cbs qdisc

by Zhengchao Shao

Test 1820: Create CBS with default setting Test 1532: Create CBS with hicredit setting Test 2078: Create CBS with locredit setting Test 9271: Create CBS with sendslope setting Test 0482: Create CBS with idleslope setting Test e8f3: Create CBS with multiple setting Test 23c9: Replace CBS with sendslope setting Test a07a: Change CBS with idleslope setting Test 43b3: Delete CBS with handle Test 9472: Show CBS class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/cbs.json | 234 ++++++++++++++++++ 1 file changed, 234 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json new file mode 100644 index 000000000000..a46bf5ff8277 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json @@ -0,0 +1,234 @@ +[ + { + "id": "1820", + "name": "Create CBS with default setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "1532", + "name": "Create CBS with hicredit setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs hicredit 64", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 64 locredit 0 sendslope 0 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2078", + "name": "Create CBS with locredit setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs locredit 10", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 10 sendslope 0 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9271", + "name": "Create CBS with sendslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs sendslope 888", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 888 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0482", + "name": "Create CBS with idleslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 666 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "e8f3", + "name": "Create CBS with multiple setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs hicredit 10 locredit 75 sendslope 2 idleslope 666", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 10 locredit 75 sendslope 2 idleslope 666 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "23c9", + "name": "Replace CBS with sendslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root cbs sendslope 10", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 10 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a07a", + "name": "Change CBS with idleslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root cbs idleslope 1", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 1 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "43b3", + "name": "Delete CBS with handle", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 1 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9472", + "name": "Show CBS class", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class cbs 1:[0-9]+ parent 1:", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 04/18] selftests/tc-testing: add selftests for cbq qdisc

by Zhengchao Shao

Test 3460: Create CBQ with default setting Test 0592: Create CBQ with mpu Test 4684: Create CBQ with valid cell num Test 4345: Create CBQ with invalid cell num Test 4525: Create CBQ with valid ewma Test 6784: Create CBQ with invalid ewma Test 5468: Delete CBQ with handle Test 492a: Show CBQ class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> --- .../tc-testing/tc-tests/qdiscs/cbq.json | 184 ++++++++++++++++++ 1 file changed, 184 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json new file mode 100644 index 000000000000..1ab21c83a122 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json @@ -0,0 +1,184 @@ +[ + { + "id": "3460", + "name": "Create CBQ with default setting", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0592", + "name": "Create CBQ with mpu", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 mpu 1000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4684", + "name": "Create CBQ with valid cell num", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 cell 128", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4345", + "name": "Create CBQ with invalid cell num", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 cell 100", + "expExitCode": "1", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4525", + "name": "Create CBQ with valid ewma", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 ewma 16", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6784", + "name": "Create CBQ with invalid ewma", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 ewma 128", + "expExitCode": "1", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5468", + "name": "Delete CBQ with handle", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "492a", + "name": "Show CBQ class", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class cbq 1: root rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v3 03/18] selftests/tc-testing: add selftests for cake qdisc

by Zhengchao Shao

Test 1212: Create CAKE with default setting Test 3281: Create CAKE with bandwidth limit Test c940: Create CAKE with autorate-ingress flag Test 2310: Create CAKE with rtt time Test 2385: Create CAKE with besteffort flag Test a032: Create CAKE with diffserv8 flag Test 2349: Create CAKE with diffserv4 flag Test 8472: Create CAKE with flowblind flag Test 2341: Create CAKE with dsthost and nat flag Test 5134: Create CAKE with wash flag Test 2302: Create CAKE with flowblind and no-split-gso flag Test 0768: Create CAKE with dual-srchost and ack-filter flag Test 0238: Create CAKE with dual-dsthost and ack-filter-aggressive flag Test 6572: Create CAKE with memlimit and ptm flag Test 2436: Create CAKE with fwmark and atm flag Test 3984: Create CAKE with overhead and mpu Test 5421: Create CAKE with conservative and ingress flag Test 6854: Delete CAKE with conservative and ingress flag Test 2342: Replace CAKE with mpu Test 2313: Change CAKE with mpu Test 4365: Show CAKE class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> Reviewed-by: Victor Nogueira <victor(a)mojatatu.com> Tested-by: Victor Nogueira <victor(a)mojatatu.com> Acked-by: Toke Høiland-Jørgensen <toke(a)redhat.com> --- .../tc-testing/tc-tests/qdiscs/cake.json | 487 ++++++++++++++++++ 1 file changed, 487 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json new file mode 100644 index 000000000000..1134b72d281d --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json @@ -0,0 +1,487 @@ +[ + { + "id": "1212", + "name": "Create CAKE with default setting", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3281", + "name": "Create CAKE with bandwidth limit", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake bandwidth 1000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth 1Kbit diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "c940", + "name": "Create CAKE with autorate-ingress flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake autorate-ingress", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited autorate-ingress diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2310", + "name": "Create CAKE with rtt time", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake rtt 200", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 200us raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2385", + "name": "Create CAKE with besteffort flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake besteffort", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited besteffort triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a032", + "name": "Create CAKE with diffserv8 flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake diffserv8", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv8 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2349", + "name": "Create CAKE with diffserv4 flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake diffserv4", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv4 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8472", + "name": "Create CAKE with flowblind flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake flowblind", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 flowblind nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2341", + "name": "Create CAKE with dsthost and nat flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake dsthost nat", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 dsthost nat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5134", + "name": "Create CAKE with wash flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake hosts wash", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 hosts nonat wash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2302", + "name": "Create CAKE with flowblind and no-split-gso flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake flowblind no-split-gso", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 flowblind nonat nowash no-ack-filter no-split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0768", + "name": "Create CAKE with dual-srchost and ack-filter flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake dual-srchost ack-filter", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 dual-srchost nonat nowash ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0238", + "name": "Create CAKE with dual-dsthost and ack-filter-aggressive flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake dual-dsthost ack-filter-aggressive", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 dual-dsthost nonat nowash ack-filter-aggressive split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6572", + "name": "Create CAKE with memlimit and ptm flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake memlimit 10000 ptm", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw ptm overhead 0 memlimit 10000b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2436", + "name": "Create CAKE with fwmark and atm flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake fwmark 8 atm", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw atm overhead 0 fwmark 0x8", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3984", + "name": "Create CAKE with overhead and mpu", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake overhead 128 mpu 256", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms noatm overhead 128 mpu 256", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5421", + "name": "Create CAKE with conservative and ingress flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake conservative ingress", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash ingress no-ack-filter split-gso rtt 100ms atm overhead 48", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6854", + "name": "Delete CAKE with conservative and ingress flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cake conservative ingress" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash ingress no-ack-filter split-gso rtt 100ms atm overhead 48", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2342", + "name": "Replace CAKE with mpu", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cake overhead 128 mpu 256" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root cake mpu 128", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms noatm overhead 128 mpu 128", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2313", + "name": "Change CAKE with mpu", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cake overhead 128 mpu 256" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root cake mpu 128", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms noatm overhead 128 mpu 128", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4365", + "name": "Show CAKE class", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class cake", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 03/18] selftests/tc-testings: add selftests for cake qdisc

by Zhengchao Shao

Test 1212: Create CAKE with default setting Test 3281: Create CAKE with bandwidth limit Test c940: Create CAKE with autorate-ingress flag Test 2310: Create CAKE with rtt time Test 2385: Create CAKE with besteffort flag Test a032: Create CAKE with diffserv8 flag Test 2349: Create CAKE with diffserv4 flag Test 8472: Create CAKE with flowblind flag Test 2341: Create CAKE with dsthost and nat flag Test 5134: Create CAKE with wash flag Test 2302: Create CAKE with flowblind and no-split-gso flag Test 0768: Create CAKE with dual-srchost and ack-filter flag Test 0238: Create CAKE with dual-dsthost and ack-filter-aggressive flag Test 6572: Create CAKE with memlimit and ptm flag Test 2436: Create CAKE with fwmark and atm flag Test 3984: Create CAKE with overhead and mpu Test 5421: Create CAKE with conservative and ingress flag Test 6854: Delete CAKE with conservative and ingress flag Test 2342: Replace CAKE with mpu Test 2313: Change CAKE with mpu Test 4365: Show CAKE class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/cake.json | 487 ++++++++++++++++++ 1 file changed, 487 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json new file mode 100644 index 000000000000..1134b72d281d --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json @@ -0,0 +1,487 @@ +[ + { + "id": "1212", + "name": "Create CAKE with default setting", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3281", + "name": "Create CAKE with bandwidth limit", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake bandwidth 1000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth 1Kbit diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "c940", + "name": "Create CAKE with autorate-ingress flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake autorate-ingress", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited autorate-ingress diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2310", + "name": "Create CAKE with rtt time", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake rtt 200", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 200us raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2385", + "name": "Create CAKE with besteffort flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake besteffort", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited besteffort triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a032", + "name": "Create CAKE with diffserv8 flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake diffserv8", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv8 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2349", + "name": "Create CAKE with diffserv4 flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake diffserv4", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv4 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8472", + "name": "Create CAKE with flowblind flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake flowblind", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 flowblind nonat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2341", + "name": "Create CAKE with dsthost and nat flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake dsthost nat", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 dsthost nat nowash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5134", + "name": "Create CAKE with wash flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake hosts wash", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 hosts nonat wash no-ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2302", + "name": "Create CAKE with flowblind and no-split-gso flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake flowblind no-split-gso", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 flowblind nonat nowash no-ack-filter no-split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0768", + "name": "Create CAKE with dual-srchost and ack-filter flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake dual-srchost ack-filter", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 dual-srchost nonat nowash ack-filter split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0238", + "name": "Create CAKE with dual-dsthost and ack-filter-aggressive flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake dual-dsthost ack-filter-aggressive", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 dual-dsthost nonat nowash ack-filter-aggressive split-gso rtt 100ms raw overhead", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6572", + "name": "Create CAKE with memlimit and ptm flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake memlimit 10000 ptm", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw ptm overhead 0 memlimit 10000b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2436", + "name": "Create CAKE with fwmark and atm flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake fwmark 8 atm", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms raw atm overhead 0 fwmark 0x8", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3984", + "name": "Create CAKE with overhead and mpu", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake overhead 128 mpu 256", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms noatm overhead 128 mpu 256", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5421", + "name": "Create CAKE with conservative and ingress flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake conservative ingress", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash ingress no-ack-filter split-gso rtt 100ms atm overhead 48", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6854", + "name": "Delete CAKE with conservative and ingress flag", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cake conservative ingress" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash ingress no-ack-filter split-gso rtt 100ms atm overhead 48", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2342", + "name": "Replace CAKE with mpu", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cake overhead 128 mpu 256" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root cake mpu 128", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms noatm overhead 128 mpu 128", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2313", + "name": "Change CAKE with mpu", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cake overhead 128 mpu 256" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root cake mpu 128", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cake 1: root refcnt [0-9]+ bandwidth unlimited diffserv3 triple-isolate nonat nowash no-ack-filter split-gso rtt 100ms noatm overhead 128 mpu 128", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4365", + "name": "Show CAKE class", + "category": [ + "qdisc", + "cake" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cake", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class cake", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

3
2
0 0

[PATCH v5 0/3] Introduce KUNIT_EXPECT_MEMEQ and KUNIT_EXPECT_MEMNEQ macros

by Maíra Canal

Currently, in order to compare memory blocks in KUnit, the KUNIT_EXPECT_EQ or KUNIT_EXPECT_FALSE macros are used in conjunction with the memcmp function, such as: KUNIT_EXPECT_EQ(test, memcmp(foo, bar, size), 0); Although this usage produces correct results for the test cases, if the expectation fails the error message is not very helpful, indicating only the return of the memcmp function. Therefore, create a new set of macros KUNIT_EXPECT_MEMEQ and KUNIT_EXPECT_MEMNEQ that compare memory blocks until a determined size. In case of expectation failure, those macros print the hex dump of the memory blocks, making it easier to debug test failures for memory blocks. The v5 doesn't have any new change, just rebasing on top of drm-misc-next. The first patch of the series introduces the KUNIT_EXPECT_MEMEQ and KUNIT_EXPECT_MEMNEQ. The second patch adds an example of memory block expectations on the kunit-example-test.c. And the last patch replaces the KUNIT_EXPECT_EQ for KUNIT_EXPECT_MEMEQ on the existing occurrences. Best Regards, - Maíra Canal v1 -> v2: https://lore.kernel.org/linux-kselftest/2a0dcd75-5461-5266-2749-808f638f4c5… - Change "determinated" to "specified" (Daniel Latypov). - Change the macro KUNIT_EXPECT_ARREQ to KUNIT_EXPECT_MEMEQ, in order to make it easier for users to infer the right size unit (Daniel Latypov). - Mark the different bytes on the failure message with a <> (Daniel Latypov). - Replace a constant number of array elements for ARRAY_SIZE() (André Almeida). - Rename "array" and "expected" variables to "array1" and "array2" (Daniel Latypov). v2 -> v3: https://lore.kernel.org/linux-kselftest/20220802212621.420840-1-mairacanal@… - Make the bytes aligned at output. - Add KUNIT_SUBSUBTEST_INDENT to the output for the indentation (Daniel Latypov). - Line up the trailing \ at macros using tabs (Daniel Latypov). - Line up the params to the functions (Daniel Latypov). - Change "Increament" to "Augment" (Daniel Latypov). - Use sizeof() for array sizes (Daniel Latypov). - Add Daniel Latypov's tags. v3 -> v4: https://lore.kernel.org/linux-kselftest/CABVgOSm_59Yr82deQm2C=18jjSv_akmn66… - Fix wrapped lines by the mail client (David Gow). - Mention on documentation that KUNIT_EXPECT_MEMEQ is not recommended for structured data (David Gow). - Add Muhammad Usama Anjum's tag. v4 -> v5: https://lore.kernel.org/linux-kselftest/20220808125237.277126-1-mairacanal@… - Rebase on top of drm-misc-next. - Add David Gow's tags. Maíra Canal (3): kunit: Introduce KUNIT_EXPECT_MEMEQ and KUNIT_EXPECT_MEMNEQ macros kunit: Add KUnit memory block assertions to the example_all_expect_macros_test kunit: Use KUNIT_EXPECT_MEMEQ macro .../gpu/drm/tests/drm_format_helper_test.c | 6 +- include/kunit/assert.h | 34 ++++++++ include/kunit/test.h | 84 +++++++++++++++++++ lib/kunit/assert.c | 56 +++++++++++++ lib/kunit/kunit-example-test.c | 7 ++ net/core/dev_addr_lists_test.c | 4 +- 6 files changed, 186 insertions(+), 5 deletions(-) -- 2.37.3

2 years, 7 months

1
3
0 0

[PATCH net-next,v4 0/9] refactor duplicate codes in the tc cls walk function

by Zhengchao Shao

The walk implementation of most tc cls modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. Then use helper function to replace the code of each cls module in alphabetical order. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Last, thanks to Jamal, Victor and Wang for their review. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -e 0811 ok 1 0811 - Add multiple basic filter with cmp ematch u8/link layer and default action and dump them ./tdc.py -e 5129 ok 1 5129 - List basic filters ./tdc.py -c bpf-filter ok 1 23c3 - Add cBPF filter with valid bytecode ok 2 1563 - Add cBPF filter with invalid bytecode ok 3 2334 - Add eBPF filter with valid object-file ok 4 2373 - Add eBPF filter with invalid object-file ok 5 4423 - Replace cBPF bytecode ok 6 5122 - Delete cBPF filter ok 7 e0a9 - List cBPF filters ./tdc.py -c cgroup ok 1 6273 - Add cgroup filter with cmp ematch u8/link layer and drop action ok 2 4721 - Add cgroup filter with cmp ematch u8/link layer with trans flag and pass action ok 3 d392 - Add cgroup filter with cmp ematch u16/link layer and pipe action ok 4 0234 - Add cgroup filter with cmp ematch u32/link layer and miltiple actions ok 5 8499 - Add cgroup filter with cmp ematch u8/network layer and pass action ok 6 b273 - Add cgroup filter with cmp ematch u8/network layer with trans flag and drop action ok 7 1934 - Add cgroup filter with cmp ematch u16/network layer and pipe action ok 8 2733 - Add cgroup filter with cmp ematch u32/network layer and miltiple actions ok 9 3271 - Add cgroup filter with NOT cmp ematch rule and pass action ok 10 2362 - Add cgroup filter with two ANDed cmp ematch rules and single action ok 11 9993 - Add cgroup filter with two ORed cmp ematch rules and single action ok 12 2331 - Add cgroup filter with two ANDed cmp ematch rules and one ORed ematch rule and single action ok 13 3645 - Add cgroup filter with two ANDed cmp ematch rules and one NOT ORed ematch rule and single action ok 14 b124 - Add cgroup filter with u32 ematch u8/zero offset and drop action ok 15 7381 - Add cgroup filter with u32 ematch u8/zero offset and invalid value >0xFF ok 16 2231 - Add cgroup filter with u32 ematch u8/positive offset and drop action ok 17 1882 - Add cgroup filter with u32 ematch u8/invalid mask >0xFF ok 18 1237 - Add cgroup filter with u32 ematch u8/missing offset ok 19 3812 - Add cgroup filter with u32 ematch u8/missing AT keyword ok 20 1112 - Add cgroup filter with u32 ematch u8/missing value ok 21 3241 - Add cgroup filter with u32 ematch u8/non-numeric value ok 22 e231 - Add cgroup filter with u32 ematch u8/non-numeric mask ok 23 4652 - Add cgroup filter with u32 ematch u8/negative offset and pass action ok 24 1331 - Add cgroup filter with u32 ematch u16/zero offset and pipe action ok 25 e354 - Add cgroup filter with u32 ematch u16/zero offset and invalid value >0xFFFF ok 26 3538 - Add cgroup filter with u32 ematch u16/positive offset and drop action ok 27 4576 - Add cgroup filter with u32 ematch u16/invalid mask >0xFFFF ok 28 b842 - Add cgroup filter with u32 ematch u16/missing offset ok 29 c924 - Add cgroup filter with u32 ematch u16/missing AT keyword ok 30 cc93 - Add cgroup filter with u32 ematch u16/missing value ok 31 123c - Add cgroup filter with u32 ematch u16/non-numeric value ok 32 3675 - Add cgroup filter with u32 ematch u16/non-numeric mask ok 33 1123 - Add cgroup filter with u32 ematch u16/negative offset and drop action ok 34 4234 - Add cgroup filter with u32 ematch u16/nexthdr+ offset and pass action ok 35 e912 - Add cgroup filter with u32 ematch u32/zero offset and pipe action ok 36 1435 - Add cgroup filter with u32 ematch u32/positive offset and drop action ok 37 1282 - Add cgroup filter with u32 ematch u32/missing offset ok 38 6456 - Add cgroup filter with u32 ematch u32/missing AT keyword ok 39 4231 - Add cgroup filter with u32 ematch u32/missing value ok 40 2131 - Add cgroup filter with u32 ematch u32/non-numeric value ok 41 f125 - Add cgroup filter with u32 ematch u32/non-numeric mask ok 42 4316 - Add cgroup filter with u32 ematch u32/negative offset and drop action ok 43 23ae - Add cgroup filter with u32 ematch u32/nexthdr+ offset and pipe action ok 44 23a1 - Add cgroup filter with canid ematch and single SFF ok 45 324f - Add cgroup filter with canid ematch and single SFF with mask ok 46 2576 - Add cgroup filter with canid ematch and multiple SFF ok 47 4839 - Add cgroup filter with canid ematch and multiple SFF with masks ok 48 6713 - Add cgroup filter with canid ematch and single EFF ok 49 4572 - Add cgroup filter with canid ematch and single EFF with mask ok 50 8031 - Add cgroup filter with canid ematch and multiple EFF ok 51 ab9d - Add cgroup filter with canid ematch and multiple EFF with masks ok 52 5349 - Add cgroup filter with canid ematch and a combination of SFF/EFF ok 53 c934 - Add cgroup filter with canid ematch and a combination of SFF/EFF with masks ok 54 4319 - Replace cgroup filter with diffferent match ok 55 4636 - Detele cgroup filter ./tdc.py -c flow ok 1 5294 - Add flow filter with map key and ops ok 2 3514 - Add flow filter with map key or ops ok 3 7534 - Add flow filter with map key xor ops ok 4 4524 - Add flow filter with map key rshift ops ok 5 0230 - Add flow filter with map key addend ops ok 6 2344 - Add flow filter with src map key ok 7 9304 - Add flow filter with proto map key ok 8 9038 - Add flow filter with proto-src map key ok 9 2a03 - Add flow filter with proto-dst map key ok 10 a073 - Add flow filter with iif map key ok 11 3b20 - Add flow filter with priority map key ok 12 8945 - Add flow filter with mark map key ok 13 c034 - Add flow filter with nfct map key ok 14 0205 - Add flow filter with nfct-src map key ok 15 5315 - Add flow filter with nfct-src map key ok 16 7849 - Add flow filter with nfct-proto-src map key ok 17 9902 - Add flow filter with nfct-proto-dst map key ok 18 6742 - Add flow filter with rt-classid map key ok 19 5432 - Add flow filter with sk-uid map key ok 20 4234 - Add flow filter with sk-gid map key ok 21 4522 - Add flow filter with vlan-tag map key ok 22 4253 - Add flow filter with rxhash map key ok 23 4452 - Add flow filter with hash key list ok 24 4341 - Add flow filter with muliple ops ok 25 4392 - List flow filters ok 26 4322 - Change flow filter with map key num ok 27 2320 - Replace flow filter with map key num ok 28 3213 - Delete flow filter with map key num ./tdc.py -c route ok 1 e122 - Add route filter with from and to tag ok 2 6573 - Add route filter with fromif and to tag ok 3 1362 - Add route filter with to flag and reclassify action ok 4 4720 - Add route filter with from flag and continue actions ok 5 2812 - Add route filter with form tag and pipe action ok 6 7994 - Add route filter with miltiple actions ok 7 4312 - List route filters ok 8 2634 - Delete route filter with pipe action ./tdc.py -c rsvp ok 1 2141 - Add rsvp filter with tcp proto and specific IP address ok 2 5267 - Add rsvp filter with udp proto and specific IP address ok 3 2819 - Add rsvp filter with src ip and src port ok 4 c967 - Add rsvp filter with tunnelid and continue action ok 5 5463 - Add rsvp filter with tunnel and pipe action ok 6 2332 - Add rsvp filter with miltiple actions ok 7 8879 - Add rsvp filter with tunnel and skp flag ok 8 8261 - List rsvp filters ok 9 8989 - Delete rsvp filter ./tdc.py -c tcindex ok 1 8293 - Add tcindex filter with default action ok 2 7281 - Add tcindex filter with hash size and pass action ok 3 b294 - Add tcindex filter with mask shift and reclassify action ok 4 0532 - Add tcindex filter with pass_on and continue actions ok 5 d473 - Add tcindex filter with pipe action ok 6 2940 - Add tcindex filter with miltiple actions ok 7 1893 - List tcindex filters ok 8 2041 - Change tcindex filter with pass action ok 9 9203 - Replace tcindex filter with pass action ok 10 7957 - Delete tcindex filter with drop action --- v4: rename tc_cls_stats_update to tc_cls_stats_dump and modify the test case format alignment v3: modify the test case format alignment v2: rectify spelling error; The category name bpf in filters file is renamed to bpf-filter --- Zhengchao Shao (9): net/sched: cls_api: add helper for tc cls walker stats dump net/sched: use tc_cls_stats_dump() in filter selftests/tc-testings: add selftests for bpf filter selftests/tc-testings: add selftests for cgroup filter selftests/tc-testings: add selftests for flow filter selftests/tc-testings: add selftests for route filter selftests/tc-testings: add selftests for rsvp filter selftests/tc-testings: add selftests for tcindex filter selftests/tc-testings: add list case for basic filter include/net/pkt_cls.h | 13 + net/sched/cls_basic.c | 9 +- net/sched/cls_bpf.c | 8 +- net/sched/cls_flow.c | 8 +- net/sched/cls_fw.c | 9 +- net/sched/cls_route.c | 9 +- net/sched/cls_rsvp.h | 9 +- net/sched/cls_tcindex.c | 18 +- net/sched/cls_u32.c | 20 +- .../tc-testing/tc-tests/filters/basic.json | 47 + .../tc-testing/tc-tests/filters/bpf.json | 171 +++ .../tc-testing/tc-tests/filters/cgroup.json | 1236 +++++++++++++++++ .../tc-testing/tc-tests/filters/flow.json | 623 +++++++++ .../tc-testing/tc-tests/filters/route.json | 181 +++ .../tc-testing/tc-tests/filters/rsvp.json | 203 +++ .../tc-testing/tc-tests/filters/tcindex.json | 227 +++ 16 files changed, 2716 insertions(+), 75 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/bpf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/cgroup.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/flow.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/route.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/rsvp.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json -- 2.17.1

2 years, 7 months

4
12
0 0

[PATCH] selftests/kvm: Use num_vcpus when testing ICR in the xapic_state_test

by Gautam Menghani

A TODO in xapic_state_test asks to use number of vCPUs instead of vcpu.id + 1 in test_icr(). This patch adds support to get the number of vCPUs from the VM created and use it. Signed-off-by: Gautam Menghani <gautammenghani201(a)gmail.com> --- .../selftests/kvm/x86_64/xapic_state_test.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/tools/testing/selftests/kvm/x86_64/xapic_state_test.c b/tools/testing/selftests/kvm/x86_64/xapic_state_test.c index 6f7a5ef66718..de934e8e5e41 100644 --- a/tools/testing/selftests/kvm/x86_64/xapic_state_test.c +++ b/tools/testing/selftests/kvm/x86_64/xapic_state_test.c @@ -96,9 +96,8 @@ static void __test_icr(struct xapic_vcpu *x, uint64_t val) ____test_icr(x, val & ~(u64)APIC_ICR_BUSY); } -static void test_icr(struct xapic_vcpu *x) +static void test_icr(struct xapic_vcpu *x, int num_vcpus) { - struct kvm_vcpu *vcpu = x->vcpu; uint64_t icr, i, j; icr = APIC_DEST_SELF | APIC_INT_ASSERT | APIC_DM_FIXED; @@ -110,11 +109,11 @@ static void test_icr(struct xapic_vcpu *x) __test_icr(x, icr | i); /* - * Send all flavors of IPIs to non-existent vCPUs. TODO: use number of - * vCPUs, not vcpu.id + 1. Arbitrarily use vector 0xff. + * Send all flavors of IPIs to non-existent vCPUs. Arbitrarily use vector 0xff. */ + icr = APIC_INT_ASSERT | 0xff; - for (i = vcpu->id + 1; i < 0xff; i++) { + for (i = num_vcpus; i < 0xff; i++) { for (j = 0; j < 8; j++) __test_icr(x, i << (32 + 24) | icr | (j << 8)); } @@ -137,9 +136,13 @@ int main(int argc, char *argv[]) .is_x2apic = true, }; struct kvm_vm *vm; + struct list_head *iter; + int nr_vcpus_created = 0; vm = vm_create_with_one_vcpu(&x.vcpu, x2apic_guest_code); - test_icr(&x); + list_for_each(iter, &vm->vcpus) + nr_vcpus_created++; + test_icr(&x, nr_vcpus_created); kvm_vm_free(vm); /* @@ -153,6 +156,6 @@ int main(int argc, char *argv[]) vcpu_clear_cpuid_feature(x.vcpu, X86_FEATURE_X2APIC); virt_pg_map(vm, APIC_DEFAULT_GPA, APIC_DEFAULT_GPA); - test_icr(&x); + test_icr(&x, nr_vcpus_created); kvm_vm_free(vm); } -- 2.34.1

2 years, 7 months

2
2
0 0

[PATCH net v2 1/2] selftests: bonding: cause oops in bond_rr_gen_slave_id

by Jonathan Toppins

This bonding selftest causes the following kernel oops on aarch64 and should be architectures agnostic. [ 329.805838] kselftest: Running tests in drivers/net/bonding [ 330.011028] eth0: renamed from link1_2 [ 330.220846] eth0: renamed from link1_1 [ 330.387755] bond0: (slave eth0): making interface the new active one [ 330.394165] bond0: (slave eth0): Enslaving as an active interface with an up link [ 330.401867] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 334.586619] bond0: (slave eth0): Releasing backup interface [ 334.671065] bond0: (slave eth0): Enslaving as an active interface with an up link [ 334.686773] Unable to handle kernel paging request at virtual address ffff2c91ac905000 [ 334.694703] Mem abort info: [ 334.697486] ESR = 0x0000000096000004 [ 334.701234] EC = 0x25: DABT (current EL), IL = 32 bits [ 334.706536] SET = 0, FnV = 0 [ 334.709579] EA = 0, S1PTW = 0 [ 334.712719] FSC = 0x04: level 0 translation fault [ 334.717586] Data abort info: [ 334.720454] ISV = 0, ISS = 0x00000004 [ 334.724288] CM = 0, WnR = 0 [ 334.727244] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000008044d662000 [ 334.733944] [ffff2c91ac905000] pgd=0000000000000000, p4d=0000000000000000 [ 334.740734] Internal error: Oops: 96000004 [#1] SMP [ 334.745602] Modules linked in: bonding tls veth rfkill sunrpc arm_spe_pmu vfat fat acpi_ipmi ipmi_ssif ixgbe igb i40e mdio ipmi_devintf ipmi_msghandler arm_cmn arm_dsu_pmu cppc_cpufreq acpi_tad fuse zram crct10dif_ce ast ghash_ce sbsa_gwdt nvme drm_vram_helper drm_ttm_helper nvme_core ttm xgene_hwmon [ 334.772217] CPU: 7 PID: 2214 Comm: ping Not tainted 6.0.0-rc4-00133-g64ae13ed4784 #4 [ 334.779950] Hardware name: GIGABYTE R272-P31-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021 [ 334.789244] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 334.796196] pc : bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.801691] lr : bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.807962] sp : ffff8000221733e0 [ 334.811265] x29: ffff8000221733e0 x28: ffffdbac8572d198 x27: ffff80002217357c [ 334.818392] x26: 000000000000002a x25: ffffdbacb33ee000 x24: ffff07ff980fa000 [ 334.825519] x23: ffffdbacb2e398ba x22: ffff07ff98102000 x21: ffff07ff981029c0 [ 334.832646] x20: 0000000000000001 x19: ffff07ff981029c0 x18: 0000000000000014 [ 334.839773] x17: 0000000000000000 x16: ffffdbacb1004364 x15: 0000aaaabe2f5a62 [ 334.846899] x14: ffff07ff8e55d968 x13: ffff07ff8e55db30 x12: 0000000000000000 [ 334.854026] x11: ffffdbacb21532e8 x10: 0000000000000001 x9 : ffffdbac857178ec [ 334.861153] x8 : ffff07ff9f6e5a28 x7 : 0000000000000000 x6 : 000000007c2b3742 [ 334.868279] x5 : ffff2c91ac905000 x4 : ffff2c91ac905000 x3 : ffff07ff9f554400 [ 334.875406] x2 : ffff2c91ac905000 x1 : 0000000000000001 x0 : ffff07ff981029c0 [ 334.882532] Call trace: [ 334.884967] bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.890109] bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.896033] __bond_start_xmit+0x128/0x3a0 [bonding] [ 334.901001] bond_start_xmit+0x54/0xb0 [bonding] [ 334.905622] dev_hard_start_xmit+0xb4/0x220 [ 334.909798] __dev_queue_xmit+0x1a0/0x720 [ 334.913799] arp_xmit+0x3c/0xbc [ 334.916932] arp_send_dst+0x98/0xd0 [ 334.920410] arp_solicit+0xe8/0x230 [ 334.923888] neigh_probe+0x60/0xb0 [ 334.927279] __neigh_event_send+0x3b0/0x470 [ 334.931453] neigh_resolve_output+0x70/0x90 [ 334.935626] ip_finish_output2+0x158/0x514 [ 334.939714] __ip_finish_output+0xac/0x1a4 [ 334.943800] ip_finish_output+0x40/0xfc [ 334.947626] ip_output+0xf8/0x1a4 [ 334.950931] ip_send_skb+0x5c/0x100 [ 334.954410] ip_push_pending_frames+0x3c/0x60 [ 334.958758] raw_sendmsg+0x458/0x6d0 [ 334.962325] inet_sendmsg+0x50/0x80 [ 334.965805] sock_sendmsg+0x60/0x6c [ 334.969286] __sys_sendto+0xc8/0x134 [ 334.972853] __arm64_sys_sendto+0x34/0x4c [ 334.976854] invoke_syscall+0x78/0x100 [ 334.980594] el0_svc_common.constprop.0+0x4c/0xf4 [ 334.985287] do_el0_svc+0x38/0x4c [ 334.988591] el0_svc+0x34/0x10c [ 334.991724] el0t_64_sync_handler+0x11c/0x150 [ 334.996072] el0t_64_sync+0x190/0x194 [ 334.999726] Code: b9001062 f9403c02 d53cd044 8b040042 (b8210040) [ 335.005810] ---[ end trace 0000000000000000 ]--- [ 335.010416] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 335.017279] SMP: stopping secondary CPUs [ 335.021374] Kernel Offset: 0x5baca8eb0000 from 0xffff800008000000 [ 335.027456] PHYS_OFFSET: 0x80000000 [ 335.030932] CPU features: 0x0000,0085c029,19805c82 [ 335.035713] Memory Limit: none [ 335.038756] Rebooting in 180 seconds.. Signed-off-by: Jonathan Toppins <jtoppins(a)redhat.com> --- Notes: v2: * only delete used net namespaces .../selftests/drivers/net/bonding/Makefile | 3 +- .../bonding/bond-arp-interval-causes-panic.sh | 49 +++++++++++++++++++ 2 files changed, 51 insertions(+), 1 deletion(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh diff --git a/tools/testing/selftests/drivers/net/bonding/Makefile b/tools/testing/selftests/drivers/net/bonding/Makefile index 0f9659407969..1d866658e541 100644 --- a/tools/testing/selftests/drivers/net/bonding/Makefile +++ b/tools/testing/selftests/drivers/net/bonding/Makefile @@ -2,7 +2,8 @@ # Makefile for net selftests TEST_PROGS := bond-break-lacpdu-tx.sh \ - dev_addr_lists.sh + dev_addr_lists.sh \ + bond-arp-interval-causes-panic.sh TEST_FILES := lag_lib.sh diff --git a/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh new file mode 100755 index 000000000000..71c00bfafbc9 --- /dev/null +++ b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh @@ -0,0 +1,49 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# +# cause kernel oops in bond_rr_gen_slave_id +DEBUG=${DEBUG:-0} + +set -e +test ${DEBUG} -ne 0 && set -x + +finish() +{ + ip netns delete server || true + ip netns delete client || true + ip link del link1_1 || true +} + +trap finish EXIT + +client_ip4=192.168.1.198 +server_ip4=192.168.1.254 + +# setup kernel so it reboots after causing the panic +echo 180 >/proc/sys/kernel/panic + +# build namespaces +ip link add dev link1_1 type veth peer name link1_2 + +ip netns add "server" +ip link set dev link1_2 netns server up name eth0 +ip netns exec server ip addr add ${server_ip4}/24 dev eth0 + +ip netns add "client" +ip link set dev link1_1 netns client down name eth0 +ip netns exec client ip link add dev bond0 down type bond mode 1 \ + miimon 100 all_slaves_active 1 +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ip addr add ${client_ip4}/24 dev bond0 +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +ip netns exec client ip link set dev eth0 down nomaster +ip netns exec client ip link set dev bond0 down +ip netns exec client ip link set dev bond0 type bond mode 0 \ + arp_interval 1000 arp_ip_target "+${server_ip4}" +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +exit 0 -- 2.31.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 01/18] net/sched: sch_api: add helper for tc qdisc walker stats dump

by Zhengchao Shao

The walk implementation of most qdisc class modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So we can reconstruct them. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- include/net/pkt_sched.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/net/pkt_sched.h b/include/net/pkt_sched.h index 29f65632ebc5..243e8b0cb7ea 100644 --- a/include/net/pkt_sched.h +++ b/include/net/pkt_sched.h @@ -222,4 +222,17 @@ static inline struct tc_skb_cb *tc_skb_cb(const struct sk_buff *skb) return cb; } +static inline bool tc_qdisc_stats_dump(struct Qdisc *sch, + struct qdisc_walker *arg, + unsigned long cl) +{ + if (arg->count >= arg->skip && arg->fn(sch, cl, arg) < 0) { + arg->stop = 1; + return false; + } + + arg->count++; + return true; +} + #endif -- 2.17.1

2 years, 7 months

2
1
0 0

[PATCH bpf-next v10 00/23] Introduce eBPF support for HID devices

by Benjamin Tissoires

Hi, here comes the v10 of the HID-BPF series. Again, for a full explanation of HID-BPF, please refer to the last patch in this series (23/23). Hopefully we are getting closer to merging the bpf-core changes that are pre-requesite of the HID work. This revision of the series focused on those bpf-core changes with a hopefully proper way of fixing access to ctx pointers, and a few more selftests to cover those changes. Once those bpf changes are in, the HID changes are pretty much self consistent, which is a good thing, but I still wonder how we are going to merge the selftests. I'd rather have the selftests in the bpf tree to prevent any regression on bpf-core changes, but that might require some coordination between the HID and bpf trees. Anyway, let's hope we are getting closer to the end of those revisions :) Cheers, Benjamin Benjamin Tissoires (23): selftests/bpf: regroup and declare similar kfuncs selftests in an array bpf: split btf_check_subprog_arg_match in two bpf/verifier: allow all functions to read user provided context selftests/bpf: add test for accessing ctx from syscall program type bpf/btf: bump BTF_KFUNC_SET_MAX_CNT bpf/verifier: allow kfunc to return an allocated mem selftests/bpf: Add tests for kfunc returning a memory pointer HID: core: store the unique system identifier in hid_device HID: export hid_report_type to uapi HID: convert defines of HID class requests into a proper enum HID: Kconfig: split HID support and hid-core compilation HID: initial BPF implementation selftests/bpf: add tests for the HID-bpf initial implementation HID: bpf: allocate data memory for device_event BPF programs selftests/bpf/hid: add test to change the report size HID: bpf: introduce hid_hw_request() selftests/bpf: add tests for bpf_hid_hw_request HID: bpf: allow to change the report descriptor selftests/bpf: add report descriptor fixup tests selftests/bpf: Add a test for BPF_F_INSERT_HEAD samples/bpf: HID: add new hid_mouse example samples/bpf: HID: add Surface Dial example Documentation: add HID-BPF docs Documentation/hid/hid-bpf.rst | 513 +++++++++ Documentation/hid/index.rst | 1 + drivers/Makefile | 2 +- drivers/hid/Kconfig | 20 +- drivers/hid/Makefile | 2 + drivers/hid/bpf/Kconfig | 17 + drivers/hid/bpf/Makefile | 11 + drivers/hid/bpf/entrypoints/Makefile | 93 ++ drivers/hid/bpf/entrypoints/README | 4 + drivers/hid/bpf/entrypoints/entrypoints.bpf.c | 66 ++ .../hid/bpf/entrypoints/entrypoints.lskel.h | 682 ++++++++++++ drivers/hid/bpf/hid_bpf_dispatch.c | 526 ++++++++++ drivers/hid/bpf/hid_bpf_dispatch.h | 28 + drivers/hid/bpf/hid_bpf_jmp_table.c | 577 ++++++++++ drivers/hid/hid-core.c | 49 +- include/linux/bpf.h | 11 +- include/linux/bpf_verifier.h | 2 + include/linux/btf.h | 10 + include/linux/hid.h | 38 +- include/linux/hid_bpf.h | 148 +++ include/uapi/linux/hid.h | 26 +- include/uapi/linux/hid_bpf.h | 25 + kernel/bpf/btf.c | 149 ++- kernel/bpf/verifier.c | 66 +- net/bpf/test_run.c | 37 + samples/bpf/.gitignore | 2 + samples/bpf/Makefile | 27 + samples/bpf/hid_mouse.bpf.c | 134 +++ samples/bpf/hid_mouse.c | 161 +++ samples/bpf/hid_surface_dial.bpf.c | 161 +++ samples/bpf/hid_surface_dial.c | 232 ++++ tools/include/uapi/linux/hid.h | 62 ++ tools/include/uapi/linux/hid_bpf.h | 25 + tools/testing/selftests/bpf/Makefile | 2 +- tools/testing/selftests/bpf/config | 3 + tools/testing/selftests/bpf/prog_tests/hid.c | 990 ++++++++++++++++++ .../selftests/bpf/prog_tests/kfunc_call.c | 182 +++- tools/testing/selftests/bpf/progs/hid.c | 206 ++++ .../selftests/bpf/progs/kfunc_call_fail.c | 160 +++ .../selftests/bpf/progs/kfunc_call_test.c | 71 ++ 40 files changed, 5416 insertions(+), 105 deletions(-) create mode 100644 Documentation/hid/hid-bpf.rst create mode 100644 drivers/hid/bpf/Kconfig create mode 100644 drivers/hid/bpf/Makefile create mode 100644 drivers/hid/bpf/entrypoints/Makefile create mode 100644 drivers/hid/bpf/entrypoints/README create mode 100644 drivers/hid/bpf/entrypoints/entrypoints.bpf.c create mode 100644 drivers/hid/bpf/entrypoints/entrypoints.lskel.h create mode 100644 drivers/hid/bpf/hid_bpf_dispatch.c create mode 100644 drivers/hid/bpf/hid_bpf_dispatch.h create mode 100644 drivers/hid/bpf/hid_bpf_jmp_table.c create mode 100644 include/linux/hid_bpf.h create mode 100644 include/uapi/linux/hid_bpf.h create mode 100644 samples/bpf/hid_mouse.bpf.c create mode 100644 samples/bpf/hid_mouse.c create mode 100644 samples/bpf/hid_surface_dial.bpf.c create mode 100644 samples/bpf/hid_surface_dial.c create mode 100644 tools/include/uapi/linux/hid.h create mode 100644 tools/include/uapi/linux/hid_bpf.h create mode 100644 tools/testing/selftests/bpf/prog_tests/hid.c create mode 100644 tools/testing/selftests/bpf/progs/hid.c create mode 100644 tools/testing/selftests/bpf/progs/kfunc_call_fail.c -- 2.36.1

2 years, 7 months

2
28
0 0

[PATCH] selftests: tpm2: Implement class desstructor to close file descriptor

by Stefan Berger

From: Stefan Berger <stefanb(a)linux.ibm.com> Implement a class destructor to close the open TPM file descriptor and avoid the following error message: test_flush_context (tpm2_tests.SpaceTest) ... \ /usr/lib64/python3.6/unittest/case.py:605: ResourceWarning: \ unclosed file <_io.FileIO name='/dev/tpmrm0' mode='rb+' closefd=True> Fixes: 6ea3dfe1e0732 ("selftests: add TPM 2.0 tests") Cc: Shuah Khan <shuah(a)kernel.org> Cc: linux-kselftest(a)vger.kernel.org Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Stefan Berger <stefanb(a)linux.ibm.com> --- tools/testing/selftests/tpm2/tpm2.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/tpm2/tpm2.py b/tools/testing/selftests/tpm2/tpm2.py index 057a4f49c79d..c7363c6764fc 100644 --- a/tools/testing/selftests/tpm2/tpm2.py +++ b/tools/testing/selftests/tpm2/tpm2.py @@ -371,6 +371,10 @@ class Client: fcntl.fcntl(self.tpm, fcntl.F_SETFL, flags) self.tpm_poll = select.poll() + def __del__(self): + if self.tpm: + self.tpm.close() + def close(self): self.tpm.close() -- 2.35.1

2 years, 7 months

4
3
0 0

[net-next v2 0/3] seg6: add NEXT-C-SID support for SRv6 End behavior

by Andrea Mayer

The Segment Routing (SR) architecture is based on loose source routing. A list of instructions, called segments, can be added to the packet headers to influence the forwarding and processing of the packets in an SR enabled network. In SRv6 (Segment Routing over IPv6 data plane) [1], the segment identifiers (SIDs) are IPv6 addresses (128 bits) and the segment list (SID List) is carried in the Segment Routing Header (SRH). A segment may correspond to a "behavior" that is executed by a node when the packet is received. The Linux kernel currently supports a large subset of the behaviors described in [2] (e.g., End, End.X, End.T and so on). Some SRv6 scenarios (i.e.: traffic-engineering, fast-rerouting, VPN, mobile network backhaul, etc.) may require a large number of segments (i.e. up to 15). Therefore, reducing the size of the SID List is useful to minimize the impact on MTU (Maximum Transfer Unit) and to enable SRv6 on legacy hardware devices with limited processing power that can suffer from long IPv6 headers. Draft-ietf-spring-srv6-srh-compression [3] extends the SRv6 architecture by providing different mechanisms for the efficient representation (i.e. compression) of the SID List. The NEXT-C-SID mechanism described in [3] offers the possibility of encoding several SRv6 segments within a single 128 bit SID address. Such a SID address is called a Compressed SID Container. In this way, the length of the SID List can be drastically reduced. In some cases, the SRH can be omitted, as the IPv6 Destination Address can carry the whole Segment List, using its compressed representation. The NEXT-C-SID mechanism relies on the "flavors" framework defined in [2]. The flavors represent additional operations that can modify or extend a subset of the existing behaviors. In this patchset we extend the SRv6 Subsystem in order to support the NEXT-C-SID mechanism. In details the patchset is made of: - patch 1/3: add netlink_ext_ack support in parsing SRv6 behavior attributes; - patch 2/3: add NEXT-C-SID support for SRv6 End behavior; - patch 3/3: add selftest for NEXT-C-SID in SRv6 End behavior. The corresponding iproute2 patch for supporting the NEXT-C-SID in SRv6 End behavior is provided in a separated patchset. Comments, improvements and suggestions are always appreciated. Thank you all, Andrea [1] - https://datatracker.ietf.org/doc/html/rfc8754 [2] - https://datatracker.ietf.org/doc/html/rfc8986 [3] - https://datatracker.ietf.org/doc/html/draft-ietf-spring-srv6-srh-compression v1 -> v2: - rename misleading variable names and macros, using the suffix '_bits' instead of '_len', e.g. 'lcblock_len'->'lcblock_bits'; - remove unnecessary cast operations; - get rid of the 'yoda-style' syntax; - fix check for default C-SID configuration at compilation time; - add selftest for NEXT-C-SID in SRv6 End behavior. Thanks to Paolo Abeni for reviewing v1. Andrea Mayer (3): seg6: add netlink_ext_ack support in parsing SRv6 behavior attributes seg6: add NEXT-C-SID support for SRv6 End behavior selftests: seg6: add selftest for NEXT-C-SID flavor in SRv6 End behavior include/uapi/linux/seg6_local.h | 24 + net/ipv6/seg6_local.c | 379 +++++- tools/testing/selftests/net/Makefile | 1 + .../net/srv6_end_next_csid_l3vpn_test.sh | 1145 +++++++++++++++++ 4 files changed, 1530 insertions(+), 19 deletions(-) create mode 100755 tools/testing/selftests/net/srv6_end_next_csid_l3vpn_test.sh -- 2.20.1

2 years, 7 months

4
8
0 0

[PATCH linux-next] selftests: timers: Remove the unneeded result variable

by cgel.zte＠gmail.com

From: ye xingchen <ye.xingchen(a)zte.com.cn> Return the value adjtimex() directly instead of storing it in another redundant variable. Reported-by: Zeal Robot <zealci(a)zte.com.cn> Signed-off-by: ye xingchen <ye.xingchen(a)zte.com.cn> --- tools/testing/selftests/timers/valid-adjtimex.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tools/testing/selftests/timers/valid-adjtimex.c b/tools/testing/selftests/timers/valid-adjtimex.c index 48b9a803235a..4bca39e0bd16 100644 --- a/tools/testing/selftests/timers/valid-adjtimex.c +++ b/tools/testing/selftests/timers/valid-adjtimex.c @@ -50,12 +50,10 @@ int clock_adjtime(clockid_t id, struct timex *tx) int clear_time_state(void) { struct timex tx; - int ret; tx.modes = ADJ_STATUS; tx.status = 0; - ret = adjtimex(&tx); - return ret; + return adjtimex(&tx); } #define NUM_FREQ_VALID 32 -- 2.25.1

2 years, 7 months

2
1
0 0

[PATCH net 1/2] selftests: bonding: cause oops in bond_rr_gen_slave_id

by Jonathan Toppins

This bonding selftest causes the following kernel oops on aarch64 and should be architectures agnostic. [ 329.805838] kselftest: Running tests in drivers/net/bonding [ 330.011028] eth0: renamed from link1_2 [ 330.220846] eth0: renamed from link1_1 [ 330.387755] bond0: (slave eth0): making interface the new active one [ 330.394165] bond0: (slave eth0): Enslaving as an active interface with an up link [ 330.401867] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 334.586619] bond0: (slave eth0): Releasing backup interface [ 334.671065] bond0: (slave eth0): Enslaving as an active interface with an up link [ 334.686773] Unable to handle kernel paging request at virtual address ffff2c91ac905000 [ 334.694703] Mem abort info: [ 334.697486] ESR = 0x0000000096000004 [ 334.701234] EC = 0x25: DABT (current EL), IL = 32 bits [ 334.706536] SET = 0, FnV = 0 [ 334.709579] EA = 0, S1PTW = 0 [ 334.712719] FSC = 0x04: level 0 translation fault [ 334.717586] Data abort info: [ 334.720454] ISV = 0, ISS = 0x00000004 [ 334.724288] CM = 0, WnR = 0 [ 334.727244] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000008044d662000 [ 334.733944] [ffff2c91ac905000] pgd=0000000000000000, p4d=0000000000000000 [ 334.740734] Internal error: Oops: 96000004 [#1] SMP [ 334.745602] Modules linked in: bonding tls veth rfkill sunrpc arm_spe_pmu vfat fat acpi_ipmi ipmi_ssif ixgbe igb i40e mdio ipmi_devintf ipmi_msghandler arm_cmn arm_dsu_pmu cppc_cpufreq acpi_tad fuse zram crct10dif_ce ast ghash_ce sbsa_gwdt nvme drm_vram_helper drm_ttm_helper nvme_core ttm xgene_hwmon [ 334.772217] CPU: 7 PID: 2214 Comm: ping Not tainted 6.0.0-rc4-00133-g64ae13ed4784 #4 [ 334.779950] Hardware name: GIGABYTE R272-P31-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021 [ 334.789244] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 334.796196] pc : bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.801691] lr : bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.807962] sp : ffff8000221733e0 [ 334.811265] x29: ffff8000221733e0 x28: ffffdbac8572d198 x27: ffff80002217357c [ 334.818392] x26: 000000000000002a x25: ffffdbacb33ee000 x24: ffff07ff980fa000 [ 334.825519] x23: ffffdbacb2e398ba x22: ffff07ff98102000 x21: ffff07ff981029c0 [ 334.832646] x20: 0000000000000001 x19: ffff07ff981029c0 x18: 0000000000000014 [ 334.839773] x17: 0000000000000000 x16: ffffdbacb1004364 x15: 0000aaaabe2f5a62 [ 334.846899] x14: ffff07ff8e55d968 x13: ffff07ff8e55db30 x12: 0000000000000000 [ 334.854026] x11: ffffdbacb21532e8 x10: 0000000000000001 x9 : ffffdbac857178ec [ 334.861153] x8 : ffff07ff9f6e5a28 x7 : 0000000000000000 x6 : 000000007c2b3742 [ 334.868279] x5 : ffff2c91ac905000 x4 : ffff2c91ac905000 x3 : ffff07ff9f554400 [ 334.875406] x2 : ffff2c91ac905000 x1 : 0000000000000001 x0 : ffff07ff981029c0 [ 334.882532] Call trace: [ 334.884967] bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.890109] bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.896033] __bond_start_xmit+0x128/0x3a0 [bonding] [ 334.901001] bond_start_xmit+0x54/0xb0 [bonding] [ 334.905622] dev_hard_start_xmit+0xb4/0x220 [ 334.909798] __dev_queue_xmit+0x1a0/0x720 [ 334.913799] arp_xmit+0x3c/0xbc [ 334.916932] arp_send_dst+0x98/0xd0 [ 334.920410] arp_solicit+0xe8/0x230 [ 334.923888] neigh_probe+0x60/0xb0 [ 334.927279] __neigh_event_send+0x3b0/0x470 [ 334.931453] neigh_resolve_output+0x70/0x90 [ 334.935626] ip_finish_output2+0x158/0x514 [ 334.939714] __ip_finish_output+0xac/0x1a4 [ 334.943800] ip_finish_output+0x40/0xfc [ 334.947626] ip_output+0xf8/0x1a4 [ 334.950931] ip_send_skb+0x5c/0x100 [ 334.954410] ip_push_pending_frames+0x3c/0x60 [ 334.958758] raw_sendmsg+0x458/0x6d0 [ 334.962325] inet_sendmsg+0x50/0x80 [ 334.965805] sock_sendmsg+0x60/0x6c [ 334.969286] __sys_sendto+0xc8/0x134 [ 334.972853] __arm64_sys_sendto+0x34/0x4c [ 334.976854] invoke_syscall+0x78/0x100 [ 334.980594] el0_svc_common.constprop.0+0x4c/0xf4 [ 334.985287] do_el0_svc+0x38/0x4c [ 334.988591] el0_svc+0x34/0x10c [ 334.991724] el0t_64_sync_handler+0x11c/0x150 [ 334.996072] el0t_64_sync+0x190/0x194 [ 334.999726] Code: b9001062 f9403c02 d53cd044 8b040042 (b8210040) [ 335.005810] ---[ end trace 0000000000000000 ]--- [ 335.010416] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 335.017279] SMP: stopping secondary CPUs [ 335.021374] Kernel Offset: 0x5baca8eb0000 from 0xffff800008000000 [ 335.027456] PHYS_OFFSET: 0x80000000 [ 335.030932] CPU features: 0x0000,0085c029,19805c82 [ 335.035713] Memory Limit: none [ 335.038756] Rebooting in 180 seconds.. Signed-off-by: Jonathan Toppins <jtoppins(a)redhat.com> --- .../selftests/drivers/net/bonding/Makefile | 3 +- .../bonding/bond-arp-interval-causes-panic.sh | 48 +++++++++++++++++++ 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh diff --git a/tools/testing/selftests/drivers/net/bonding/Makefile b/tools/testing/selftests/drivers/net/bonding/Makefile index 0f9659407969..1d866658e541 100644 --- a/tools/testing/selftests/drivers/net/bonding/Makefile +++ b/tools/testing/selftests/drivers/net/bonding/Makefile @@ -2,7 +2,8 @@ # Makefile for net selftests TEST_PROGS := bond-break-lacpdu-tx.sh \ - dev_addr_lists.sh + dev_addr_lists.sh \ + bond-arp-interval-causes-panic.sh TEST_FILES := lag_lib.sh diff --git a/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh new file mode 100755 index 000000000000..095c262ba74c --- /dev/null +++ b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh @@ -0,0 +1,48 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# +# cause kernel oops in bond_rr_gen_slave_id +DEBUG=${DEBUG:-0} + +set -e +test ${DEBUG} -ne 0 && set -x + +function finish() +{ + ip -all netns delete + ip link del link1_1 || true +} + +trap finish EXIT + +client_ip4=192.168.1.198 +server_ip4=192.168.1.254 + +# setup kernel so it reboots after causing the panic +echo 180 >/proc/sys/kernel/panic + +# build namespaces +ip link add dev link1_1 type veth peer name link1_2 + +ip netns add "server" +ip link set dev link1_2 netns server up name eth0 +ip netns exec server ip addr add ${server_ip4}/24 dev eth0 + +ip netns add "client" +ip link set dev link1_1 netns client down name eth0 +ip netns exec client ip link add dev bond0 down type bond mode 1 \ + miimon 100 all_slaves_active 1 +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ip addr add ${client_ip4}/24 dev bond0 +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +ip netns exec client ip link set dev eth0 down nomaster +ip netns exec client ip link set dev bond0 down +ip netns exec client ip link set dev bond0 type bond mode 0 \ + arp_interval 1000 arp_ip_target "+${server_ip4}" +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +exit 0 -- 2.31.1

2 years, 7 months

2
2
0 0

[PATCH v2 0/2] selftests/Make: Recursively build TARGETS list

by Dmitry Safonov

Version 2 changes: - fix `make install` in sub-directories with TARGETS, but with no TEST_LIST defined, i.e. selftests/net directory (reported-by: kernel test robot <yujie.liu(a)intel.com>) - vfork_exec selftest is about to be reverted, don't add .gitignore entry From [1]: > Please look into a wayto invoke all of them instead of adding individual > net/* to the main Makefile. This list seems to be growing. :) I might have misunderstood what was suggested... Here is an attempt to let sub-selftests define their own $(TARGETS) directories. [1]: https://lore.kernel.org/all/aa0143bc-b0d1-69fb-c117-1e7241f0ad89@linuxfound… Version 1: https://lore.kernel.org/all/20220905202108.89338-1-dima@arista.com/T/#u Cc: Shuah Khan <shuah(a)kernel.org> Cc: Dmitry Safonov <0x7f454c46(a)gmail.com> Cc: linux-kernel(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org Dmitry Safonov (2): selftests/Make: Recursively build TARGETS list selftests/.gitignore: Add io_uring_zerocopy_tx tools/testing/selftests/Makefile | 71 ++++---------------- tools/testing/selftests/drivers/Makefile | 7 ++ tools/testing/selftests/filesystems/Makefile | 4 ++ tools/testing/selftests/lib.mk | 60 ++++++++++++++++- tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 4 ++ 6 files changed, 87 insertions(+), 60 deletions(-) create mode 100644 tools/testing/selftests/drivers/Makefile base-commit: 521a547ced6477c54b4b0cc206000406c221b4d6 -- 2.37.2

2 years, 7 months

1
2
0 0

[PATCH net-next,v2 00/18] refactor duplicate codes in the qdisc class walk function

by Zhengchao Shao

The walk implementation of most qdisc class modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Last, thanks to Victor for his review. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -c cake ok 1 1212 - Create CAKE with default setting ok 2 3281 - Create CAKE with bandwidth limit ok 3 c940 - Create CAKE with autorate-ingress flag ok 4 2310 - Create CAKE with rtt time ok 5 2385 - Create CAKE with besteffort flag ok 6 a032 - Create CAKE with diffserv8 flag ok 7 2349 - Create CAKE with diffserv4 flag ok 8 8472 - Create CAKE with flowblind flag ok 9 2341 - Create CAKE with dsthost and nat flag ok 10 5134 - Create CAKE with wash flag ok 11 2302 - Create CAKE with flowblind and no-split-gso flag ok 12 0768 - Create CAKE with dual-srchost and ack-filter flag ok 13 0238 - Create CAKE with dual-dsthost and ack-filter-aggressive flag ok 14 6572 - Create CAKE with memlimit and ptm flag ok 15 2436 - Create CAKE with fwmark and atm flag ok 16 3984 - Create CAKE with overhead and mpu ok 17 5421 - Create CAKE with conservative and ingress flag ok 18 6854 - Delete CAKE with conservative and ingress flag ok 19 2342 - Replace CAKE with mpu ok 20 2313 - Change CAKE with mpu ok 21 4365 - Show CAKE class ./tdc.py -c cbq ok 1 3460 - Create CBQ with default setting ok 2 0592 - Create CBQ with mpu ok 3 4684 - Create CBQ with valid cell num ok 4 4345 - Create CBQ with invalid cell num ok 5 4525 - Create CBQ with valid ewma ok 6 6784 - Create CBQ with invalid ewma ok 7 5468 - Delete CBQ with handle ok 8 492a - Show CBQ class ./tdc.py -c cbs ok 1 1820 - Create CBS with default setting ok 2 1532 - Create CBS with hicredit setting ok 3 2078 - Create CBS with locredit setting ok 4 9271 - Create CBS with sendslope setting ok 5 0482 - Create CBS with idleslope setting ok 6 e8f3 - Create CBS with multiple setting ok 7 23c9 - Replace CBS with sendslope setting ok 8 a07a - Change CBS with idleslope setting ok 9 43b3 - Delete CBS with handle ok 10 9472 - Show CBS class ./tdc.py -c drr ok 1 0385 - Create DRR with default setting ok 2 2375 - Delete DRR with handle ok 3 3092 - Show DRR class ./tdc.py -c dsmark ok 1 6345 - Create DSMARK with default setting ok 2 3462 - Create DSMARK with default_index setting ok 3 ca95 - Create DSMARK with set_tc_index flag ok 4 a950 - Create DSMARK with multiple setting ok 5 4092 - Delete DSMARK with handle ok 6 5930 - Show DSMARK class ./tdc.py -c fq_codel ok 1 4957 - Create FQ_CODEL with default setting ok 2 7621 - Create FQ_CODEL with limit setting ok 3 6871 - Create FQ_CODEL with memory_limit setting ok 4 5636 - Create FQ_CODEL with target setting ok 5 630a - Create FQ_CODEL with interval setting ok 6 4324 - Create FQ_CODEL with quantum setting ok 7 b190 - Create FQ_CODEL with noecn flag ok 8 5381 - Create FQ_CODEL with ce_threshold setting ok 9 c9d2 - Create FQ_CODEL with drop_batch setting ok 10 523b - Create FQ_CODEL with multiple setting ok 11 9283 - Replace FQ_CODEL with noecn setting ok 12 3459 - Change FQ_CODEL with limit setting ok 13 0128 - Delete FQ_CODEL with handle ok 14 0435 - Show FQ_CODEL class ./tdc.py -c hfsc ok 1 3254 - Create HFSC with default setting ok 2 0289 - Create HFSC with class sc and ul rate setting ok 3 846a - Create HFSC with class sc umax and dmax setting ok 4 5413 - Create HFSC with class rt and ls rate setting ok 5 9312 - Create HFSC with class rt umax and dmax setting ok 6 6931 - Delete HFSC with handle ok 7 8436 - Show HFSC class ./tdc.py -c htb ok 1 0904 - Create HTB with default setting ok 2 3906 - Create HTB with default-N setting ok 3 8492 - Create HTB with r2q setting ok 4 9502 - Create HTB with direct_qlen setting ok 5 b924 - Create HTB with class rate and burst setting ok 6 4359 - Create HTB with class mpu setting ok 7 9048 - Create HTB with class prio setting ok 8 4994 - Create HTB with class ceil setting ok 9 9523 - Create HTB with class cburst setting ok 10 5353 - Create HTB with class mtu setting ok 11 346a - Create HTB with class quantum setting ok 12 303a - Delete HTB with handle ./tdc.py -c mqprio ok 1 9903 - Add mqprio Qdisc to multi-queue device (8 queues) ok 2 453a - Delete nonexistent mqprio Qdisc ok 3 5292 - Delete mqprio Qdisc twice ok 4 45a9 - Add mqprio Qdisc to single-queue device ok 5 2ba9 - Show mqprio class ./tdc.py -c multiq ok 1 20ba - Add multiq Qdisc to multi-queue device (8 queues) ok 2 4301 - List multiq Class ok 3 7832 - Delete nonexistent multiq Qdisc ok 4 2891 - Delete multiq Qdisc twice ok 5 1329 - Add multiq Qdisc to single-queue device ./tdc.py -c netem ok 1 cb28 - Create NETEM with default setting ok 2 a089 - Create NETEM with limit flag ok 3 3449 - Create NETEM with delay time ok 4 3782 - Create NETEM with distribution and corrupt flag ok 5 2b82 - Create NETEM with distribution and duplicate flag ok 6 a932 - Create NETEM with distribution and loss flag ok 7 e01a - Create NETEM with distribution and loss state flag ok 8 ba29 - Create NETEM with loss gemodel flag ok 9 0492 - Create NETEM with reorder flag ok 10 7862 - Create NETEM with rate limit ok 11 7235 - Create NETEM with multiple slot rate ok 12 5439 - Create NETEM with multiple slot setting ok 13 5029 - Change NETEM with loss state ok 14 3785 - Replace NETEM with delay time ok 15 4502 - Delete NETEM with handle ok 16 0785 - Show NETEM class ./tdc.py -c qfq ok 1 0582 - Create QFQ with default setting ok 2 c9a3 - Create QFQ with class weight setting ok 3 8452 - Create QFQ with class maxpkt setting ok 4 d920 - Create QFQ with multiple class setting ok 5 0548 - Delete QFQ with handle ok 6 5901 - Show QFQ class ./tdc.py -e 0521 ok 1 0521 - Show ingress class ./tdc.py -e 1023 ok 1 1023 - Show mq class ./tdc.py -e 2410 ok 1 2410 - Show prio class ./tdc.py -e 290a ok 1 290a - Show RED class Zhengchao Shao (18): net/sched: sch_api: add helper for tc qdisc walker stats dump net/sched: use tc_qdisc_stats_dump() in qdisc selftests/tc-testings: add selftests for cake qdisc selftests/tc-testings: add selftests for cbq qdisc selftests/tc-testings: add selftests for cbs qdisc selftests/tc-testings: add selftests for drr qdisc selftests/tc-testings: add selftests for dsmark qdisc selftests/tc-testings: add selftests for fq_codel qdisc selftests/tc-testings: add selftests for hfsc qdisc selftests/tc-testings: add selftests for htb qdisc selftests/tc-testings: add selftests for mqprio qdisc selftests/tc-testings: add selftests for multiq qdisc selftests/tc-testings: add selftests for netem qdisc selftests/tc-testings: add selftests for qfq qdisc selftests/tc-testings: add show class case for ingress qdisc selftests/tc-testings: add show class case for mq qdisc selftests/tc-testings: add show class case for prio qdisc selftests/tc-testings: add show class case for red qdisc include/net/pkt_sched.h | 13 + net/sched/sch_atm.c | 6 +- net/sched/sch_cake.c | 9 +- net/sched/sch_cbq.c | 9 +- net/sched/sch_cbs.c | 8 +- net/sched/sch_drr.c | 9 +- net/sched/sch_dsmark.c | 14 +- net/sched/sch_ets.c | 9 +- net/sched/sch_fq_codel.c | 8 +- net/sched/sch_hfsc.c | 9 +- net/sched/sch_htb.c | 9 +- net/sched/sch_mq.c | 5 +- net/sched/sch_mqprio.c | 5 +- net/sched/sch_multiq.c | 9 +- net/sched/sch_netem.c | 8 +- net/sched/sch_prio.c | 9 +- net/sched/sch_qfq.c | 9 +- net/sched/sch_red.c | 7 +- net/sched/sch_sfb.c | 7 +- net/sched/sch_sfq.c | 8 +- net/sched/sch_skbprio.c | 9 +- net/sched/sch_taprio.c | 5 +- net/sched/sch_tbf.c | 7 +- .../tc-testing/tc-tests/qdiscs/cake.json | 487 ++++++++++++++++++ .../tc-testing/tc-tests/qdiscs/cbq.json | 184 +++++++ .../tc-testing/tc-tests/qdiscs/cbs.json | 234 +++++++++ .../tc-testing/tc-tests/qdiscs/drr.json | 71 +++ .../tc-testing/tc-tests/qdiscs/dsmark.json | 140 +++++ .../tc-testing/tc-tests/qdiscs/fq_codel.json | 326 ++++++++++++ .../tc-testing/tc-tests/qdiscs/hfsc.json | 167 ++++++ .../tc-testing/tc-tests/qdiscs/htb.json | 285 ++++++++++ .../tc-testing/tc-tests/qdiscs/ingress.json | 20 + .../tc-testing/tc-tests/qdiscs/mq.json | 24 +- .../tc-testing/tc-tests/qdiscs/mqprio.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/multiq.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/netem.json | 372 +++++++++++++ .../tc-testing/tc-tests/qdiscs/prio.json | 20 + .../tc-testing/tc-tests/qdiscs/qfq.json | 145 ++++++ .../tc-testing/tc-tests/qdiscs/red.json | 23 + 39 files changed, 2769 insertions(+), 148 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json -- 2.17.1

2 years, 7 months

2
1
0 0

[PATCH v2 0/5] KVM: arm64: Enable ring-based dirty memory tracking

by Gavin Shan

This series enables the ring-based dirty memory tracking for ARM64. The feature has been available and enabled on x86 for a while. It is beneficial when the number of dirty pages is small in a checkpointing system or live migration scenario. More details can be found from fb04a1eddb1a ("KVM: X86: Implement ring-based dirty memory tracking"). The generic part has been comprehensive, meaning there isn't too much work, needed to extend it to ARM64. - PATCH[1] introduces KVM_REQ_RING_SOFT_FULL for x86 - PATCH[2] enables the feature on ARM64 - PATCH[3-5] improves kvm/selftests/dirty_log_test v1: https://lore.kernel.org/lkml/20220819005601.198436-1-gshan@redhat.com Testing ======= (1) kvm/selftests/dirty_log_test (2) Live migration by QEMU Changelog ========= v2: * Introduce KVM_REQ_RING_SOFT_FULL (Marc) * Changelog improvement (Marc) * Fix dirty_log_test without knowing host page size (Drew) Gavin Shan (5): KVM: x86: Introduce KVM_REQ_RING_SOFT_FULL KVM: arm64: Enable ring-based dirty memory tracking KVM: selftests: Use host page size to map ring buffer in dirty_log_test KVM: selftests: Clear dirty ring states between two modes in dirty_log_test KVM: selftests: Automate choosing dirty ring size in dirty_log_test Documentation/virt/kvm/api.rst | 2 +- arch/arm64/include/uapi/asm/kvm.h | 1 + arch/arm64/kvm/Kconfig | 1 + arch/arm64/kvm/arm.c | 8 +++ arch/x86/kvm/x86.c | 5 +- include/linux/kvm_host.h | 1 + tools/testing/selftests/kvm/dirty_log_test.c | 53 ++++++++++++++------ tools/testing/selftests/kvm/lib/kvm_util.c | 2 +- virt/kvm/dirty_ring.c | 4 ++ 9 files changed, 59 insertions(+), 18 deletions(-) -- 2.23.0

2 years, 7 months

4
12
0 0

[PATCH -v2] lib/notifier-error-inject: fix error when writing errno to debugfs file

by Akinobu Mita

The simple attribute files do not accept a negative value since the commit 488dac0c9237 ("libfs: fix error cast of negative value in simple_attr_write()"), so we can no longer use DEFINE_SIMPLE_ATTRIBUTE() to define a file operations for errno value. Fixes: 488dac0c9237 ("libfs: fix error cast of negative value in simple_attr_write()") Reported-by: Zhao Gongyi <zhaogongyi(a)huawei.com> Signed-off-by: Akinobu Mita <akinobu.mita(a)gmail.com> --- v2: Fix Reported-by line lib/notifier-error-inject.c | 38 ++++++++++++++++++++++++++++++------- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/lib/notifier-error-inject.c b/lib/notifier-error-inject.c index 21016b32d313..30ec41f58d53 100644 --- a/lib/notifier-error-inject.c +++ b/lib/notifier-error-inject.c @@ -3,20 +3,44 @@ #include "notifier-error-inject.h" -static int debugfs_errno_set(void *data, u64 val) +static int notifier_err_errno_show(struct seq_file *m, void *data) { - *(int *)data = clamp_t(int, val, -MAX_ERRNO, 0); + int *value = m->private; + + seq_printf(m, "%d\n", *value); + return 0; } -static int debugfs_errno_get(void *data, u64 *val) +static int notifier_err_errno_open(struct inode *inode, struct file *file) { - *val = *(int *)data; - return 0; + return single_open(file, notifier_err_errno_show, inode->i_private); +} + +static ssize_t notifier_err_errno_write(struct file *file, const char __user *ubuf, size_t len, + loff_t *offp) +{ + struct seq_file *m = file->private_data; + int *value = m->private; + int ret; + + ret = kstrtoint_from_user(ubuf, len, 0, value); + if (ret) + return ret; + + *value = clamp(*value, -MAX_ERRNO, 0); + + return len; } -DEFINE_SIMPLE_ATTRIBUTE(fops_errno, debugfs_errno_get, debugfs_errno_set, - "%lld\n"); +static const struct file_operations fops_errno = { + .owner = THIS_MODULE, + .open = notifier_err_errno_open, + .read = seq_read, + .write = notifier_err_errno_write, + .llseek = seq_lseek, + .release = single_release, +}; static struct dentry *debugfs_create_errno(const char *name, umode_t mode, struct dentry *parent, int *value) -- 2.34.1

2 years, 7 months

2
3
0 0

[PATCH net-next 00/15] add tc-testing qdisc test cases

by Zhengchao Shao

For this patchset, test cases of the qdisc modules are added to the tc-testing test suite. After a test case is added locally, the test result is as follows: ./tdc.py -c atm ok 1 7628 - Create ATM with default setting ok 2 390a - Delete ATM with valid handle ok 3 32a0 - Show ATM class ok 4 6310 - Dump ATM stats ./tdc.py -c choke ok 1 8937 - Create CHOKE with default setting ok 2 48c0 - Create CHOKE with min packet setting ok 3 38c1 - Create CHOKE with max packet setting ok 4 234a - Create CHOKE with ecn setting ok 5 4380 - Create CHOKE with burst setting ok 6 48c7 - Delete CHOKE with valid handle ok 7 4398 - Replace CHOKE with min setting ok 8 0301 - Change CHOKE with limit setting ./tdc.py -c codel ok 1 983a - Create CODEL with default setting ok 2 38aa - Create CODEL with limit packet setting ok 3 9178 - Create CODEL with target setting ok 4 78d1 - Create CODEL with interval setting ok 5 238a - Create CODEL with ecn setting ok 6 939c - Create CODEL with ce_threshold setting ok 7 8380 - Delete CODEL with valid handle ok 8 289c - Replace CODEL with limit setting ok 9 0648 - Change CODEL with limit setting ./tdc.py -c etf ok 1 34ba - Create ETF with default setting ok 2 438f - Create ETF with delta nanos setting ok 3 9041 - Create ETF with deadline_mode setting ok 4 9a0c - Create ETF with skip_sock_check setting ok 5 2093 - Delete ETF with valid handle ./tdc.py -c fq ok 1 983b - Create FQ with default setting ok 2 38a1 - Create FQ with limit packet setting ok 3 0a18 - Create FQ with flow_limit setting ok 4 2390 - Create FQ with quantum setting ok 5 845b - Create FQ with initial_quantum setting ok 6 9398 - Create FQ with maxrate setting ok 7 342c - Create FQ with nopacing setting ok 8 6391 - Create FQ with refill_delay setting ok 9 238b - Create FQ with low_rate_threshold setting ok 10 7582 - Create FQ with orphan_mask setting ok 11 4894 - Create FQ with timer_slack setting ok 12 324c - Create FQ with ce_threshold setting ok 13 424a - Create FQ with horizon time setting ok 14 89e1 - Create FQ with horizon_cap setting ok 15 32e1 - Delete FQ with valid handle ok 16 49b0 - Replace FQ with limit setting ok 17 9478 - Change FQ with limit setting ./tdc.py -c gred ok 1 8942 - Create GRED with default setting ok 2 5783 - Create GRED with grio setting ok 3 8a09 - Create GRED with limit setting ok 4 48cb - Create GRED with ecn setting ok 5 763a - Change GRED setting ok 6 8309 - Show GRED class ./tdc.py -c hhf ok 1 4812 - Create HHF with default setting ok 2 8a92 - Create HHF with limit setting ok 3 3491 - Create HHF with quantum setting ok 4 ba04 - Create HHF with reset_timeout setting ok 5 4238 - Create HHF with admit_bytes setting ok 6 839f - Create HHF with evict_timeout setting ok 7 a044 - Create HHF with non_hh_weight setting ok 8 32f9 - Change HHF with limit setting ok 9 385e - Show HHF class ./tdc.py -c pfifo_fast ok 1 900c - Create pfifo_fast with default setting ok 2 7470 - Dump pfifo_fast stats ok 3 b974 - Replace pfifo_fast with different handle ok 4 3240 - Delete pfifo_fast with valid handle ok 5 4385 - Delete pfifo_fast with invalid handle ./tdc.py -c plug ok 1 3289 - Create PLUG with default setting ok 2 0917 - Create PLUG with block setting ok 3 483b - Create PLUG with release setting ok 4 4995 - Create PLUG with release_indefinite setting ok 5 389c - Create PLUG with limit setting ok 6 384a - Delete PLUG with valid handle ok 7 439a - Replace PLUG with limit setting ok 8 9831 - Change PLUG with limit setting ./tdc.py -c sfb ok 1 3294 - Create SFB with default setting ok 2 430a - Create SFB with rehash setting ok 3 3410 - Create SFB with db setting ok 4 49a0 - Create SFB with limit setting ok 5 1241 - Create SFB with max setting ok 6 3249 - Create SFB with target setting ok 7 30a9 - Create SFB with increment setting ok 8 239a - Create SFB with decrement setting ok 9 9301 - Create SFB with penalty_rate setting ok 10 2a01 - Create SFB with penalty_burst setting ok 11 3209 - Change SFB with rehash setting ok 12 5447 - Show SFB class ./tdc.py -c sfq ok 1 7482 - Create SFQ with default setting ok 2 c186 - Create SFQ with limit setting ok 3 ae23 - Create SFQ with perturb setting ok 4 a430 - Create SFQ with quantum setting ok 5 4539 - Create SFQ with divisor setting ok 6 b089 - Create SFQ with flows setting ok 7 99a0 - Create SFQ with depth setting ok 8 7389 - Create SFQ with headdrop setting ok 9 6472 - Create SFQ with redflowlimit setting ok 10 2a01 - Create SFB with penalty_burst setting ok 11 3209 - Change SFB with rehash setting ok 12 5447 - Show SFB class ./tdc.py -c sfq ok 1 7482 - Create SFQ with default setting ok 2 c186 - Create SFQ with limit setting ok 3 ae23 - Create SFQ with perturb setting ok 4 a430 - Create SFQ with quantum setting ok 5 4539 - Create SFQ with divisor setting ok 6 b089 - Create SFQ with flows setting ok 7 99a0 - Create SFQ with depth setting ok 8 7389 - Create SFQ with headdrop setting ok 9 6472 - Create SFQ with redflowlimit setting ok 10 8929 - Show SFQ class ./tdc.py -c skbprio ok 1 283e - Create skbprio with default setting ok 2 c086 - Create skbprio with limit setting ok 3 6733 - Change skbprio with limit setting ok 4 2958 - Show skbprio class ./tdc.py -c taprio ok 1 ba39 - Add taprio Qdisc to multi-queue device (8 queues) ok 2 9462 - Add taprio Qdisc with multiple sched-entry ok 3 8d92 - Add taprio Qdisc with txtime-delay ok 4 d092 - Delete taprio Qdisc with valid handle ok 5 8471 - Show taprio class ok 6 0a85 - Add taprio Qdisc to single-queue device ./tdc.py -c tbf ok 1 6430 - Create TBF with default setting ok 2 0518 - Create TBF with mtu setting ok 3 320a - Create TBF with peakrate setting ok 4 239b - Create TBF with latency setting ok 5 c975 - Create TBF with overhead setting ok 6 948c - Create TBF with linklayer setting ok 7 3549 - Replace TBF with mtu ok 8 f948 - Change TBF with latency time ok 9 2348 - Show TBF class ./tdc.py -c teql ok 1 84a0 - Create TEQL with default setting ok 2 7734 - Create TEQL with multiple device ok 3 34a9 - Delete TEQL with valid handle ok 4 6289 - Show TEQL stats Zhengchao Shao (15): selftests/tc-testings: add selftests for atm qdisc selftests/tc-testings: add selftests for choke qdisc selftests/tc-testings: add selftests for codel qdisc selftests/tc-testings: add selftests for etf qdisc selftests/tc-testings: add selftests for fq qdisc selftests/tc-testings: add selftests for gred qdisc selftests/tc-testings: add selftests for hhf qdisc selftests/tc-testings: add selftests for pfifo_fast qdisc selftests/tc-testings: add selftests for plug qdisc selftests/tc-testings: add selftests for sfb qdisc selftests/tc-testings: add selftests for sfq qdisc selftests/tc-testings: add selftests for skbprio qdisc selftests/tc-testings: add selftests for taprio qdisc selftests/tc-testings: add selftests for tbf qdisc selftests/tc-testings: add selftests for teql qdisc .../tc-testing/tc-tests/qdiscs/atm.json | 94 +++++ .../tc-testing/tc-tests/qdiscs/choke.json | 188 +++++++++ .../tc-testing/tc-tests/qdiscs/codel.json | 211 ++++++++++ .../tc-testing/tc-tests/qdiscs/etf.json | 117 ++++++ .../tc-testing/tc-tests/qdiscs/fq.json | 395 ++++++++++++++++++ .../tc-testing/tc-tests/qdiscs/gred.json | 164 ++++++++ .../tc-testing/tc-tests/qdiscs/hhf.json | 210 ++++++++++ .../tc-tests/qdiscs/pfifo_fast.json | 119 ++++++ .../tc-testing/tc-tests/qdiscs/plug.json | 188 +++++++++ .../tc-testing/tc-tests/qdiscs/sfb.json | 279 +++++++++++++ .../tc-testing/tc-tests/qdiscs/sfq.json | 232 ++++++++++ .../tc-testing/tc-tests/qdiscs/skbprio.json | 95 +++++ .../tc-testing/tc-tests/qdiscs/taprio.json | 135 ++++++ .../tc-testing/tc-tests/qdiscs/tbf.json | 211 ++++++++++ .../tc-testing/tc-tests/qdiscs/teql.json | 97 +++++ 15 files changed, 2735 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/atm.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/choke.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/codel.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/etf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/gred.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hhf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/pfifo_fast.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/plug.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/sfb.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/sfq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/skbprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/tbf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/teql.json -- 2.17.1

2 years, 7 months

1
15
0 0

Re: [PATCH -next v2 1/5] docs: notifier-error-inject: fix non-working usage of negative values

by zhaogongyi

Hi! > > On 17.09.22 07:39, Akinobu Mita wrote: > > 2022年9月15日(木) 18:01 Zhao Gongyi <zhaogongyi(a)huawei.com>: > >> > >> Fault injection uses debugfs in a way that the provided values via > >> sysfs are interpreted as u64. Providing negative numbers results in > >> an error: > >> > >> # cd sys/kernel/debug/notifier-error-inject/memory > >> # echo -12 > actions/MEM_GOING_ONLINE/error > >> -bash: echo: write error: Invalid argument > >> > >> Update the docs and examples to use "printf %#x <val>" in these cases. > > > > I'd rather fix the notifier-error-inject module than change the user > interface. > > I'll send a patch, so could you check if that solves the problem. > > > > That will also make patch #2 unnecessary, correct? Yes. But there is another commit 005747526d4f3c2ec995891e95cb7625161022f9 that has the same problem. Thanks! > > -- > Thanks, > > David / dhildenb

2 years, 7 months

2
1
0 0

[PATCH -next v2 0/5] Optimize and bugfix for notifier error

by Zhao Gongyi

1. Fix non-working usage of negative values 2. Add checking after online or offline 3. Restore memory before exit 4. Correct test's name Changes in v2: - Replace 'online_all_hot_pluggable_memory' with 'online_all_offline_memory()'. - Collect Reviewed-by tags from David Hildenbrand. Zhao Gongyi (5): docs: notifier-error-inject: fix non-working usage of negative values selftests/memory-hotplug: Use 'printf' instead of 'echo' selftests/memory-hotplug: Add checking after online or offline selftests/memory-hotplug: Restore memory before exit docs: notifier-error-inject: Correct test's name .../fault-injection/notifier-error-inject.rst | 14 ++++--- .../memory-hotplug/mem-on-off-test.sh | 37 +++++++++++++++---- 2 files changed, 39 insertions(+), 12 deletions(-) -- 2.17.1

2 years, 7 months

3
7
0 0

[PATCH] lib/notifier-error-inject: fix error when writing errno to debugfs file

by Akinobu Mita

The simple attribute files do not accept a negative value since the commit 488dac0c9237 ("libfs: fix error cast of negative value in simple_attr_write()"), so we can no longer use DEFINE_SIMPLE_ATTRIBUTE() to define a file operations for errno value. Fixes: 488dac0c9237 ("libfs: fix error cast of negative value in simple_attr_write()") Reported-by: Wei Yongjun <weiyongjun1(a)huawei.com> Signed-off-by: Akinobu Mita <akinobu.mita(a)gmail.com> --- lib/notifier-error-inject.c | 38 ++++++++++++++++++++++++++++++------- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/lib/notifier-error-inject.c b/lib/notifier-error-inject.c index 21016b32d313..30ec41f58d53 100644 --- a/lib/notifier-error-inject.c +++ b/lib/notifier-error-inject.c @@ -3,20 +3,44 @@ #include "notifier-error-inject.h" -static int debugfs_errno_set(void *data, u64 val) +static int notifier_err_errno_show(struct seq_file *m, void *data) { - *(int *)data = clamp_t(int, val, -MAX_ERRNO, 0); + int *value = m->private; + + seq_printf(m, "%d\n", *value); + return 0; } -static int debugfs_errno_get(void *data, u64 *val) +static int notifier_err_errno_open(struct inode *inode, struct file *file) { - *val = *(int *)data; - return 0; + return single_open(file, notifier_err_errno_show, inode->i_private); +} + +static ssize_t notifier_err_errno_write(struct file *file, const char __user *ubuf, size_t len, + loff_t *offp) +{ + struct seq_file *m = file->private_data; + int *value = m->private; + int ret; + + ret = kstrtoint_from_user(ubuf, len, 0, value); + if (ret) + return ret; + + *value = clamp(*value, -MAX_ERRNO, 0); + + return len; } -DEFINE_SIMPLE_ATTRIBUTE(fops_errno, debugfs_errno_get, debugfs_errno_set, - "%lld\n"); +static const struct file_operations fops_errno = { + .owner = THIS_MODULE, + .open = notifier_err_errno_open, + .read = seq_read, + .write = notifier_err_errno_write, + .llseek = seq_lseek, + .release = single_release, +}; static struct dentry *debugfs_create_errno(const char *name, umode_t mode, struct dentry *parent, int *value) -- 2.34.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 18/18] selftests/tc-testings: add show class case for red qdisc

by Zhengchao Shao

Test 290a: Show RED class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/red.json | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json index 0703a2a255eb..4b3e449857f2 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/red.json @@ -181,5 +181,28 @@ "$TC qdisc del dev $DUMMY handle 1: root", "$IP link del dev $DUMMY type dummy" ] + }, + { + "id": "290a", + "name": "Show RED class", + "category": [ + "qdisc", + "red" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root red limit 1M avpkt 1500 min 100K max 300K", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class red 1:[0-9]+ parent 1:", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 17/18] selftests/tc-testings: add show class case for prio qdisc

by Zhengchao Shao

Test 2410: Show prio class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/prio.json | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json index 3076c02d08d6..8186de2f0dcf 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/prio.json @@ -272,5 +272,25 @@ "teardown": [ "$IP link del dev $DUMMY type dummy" ] + }, + { + "id": "2410", + "name": "Show prio class", + "category": [ + "qdisc", + "prio" + ], + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root prio", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class prio 1:[0-9]+ parent 1:", + "matchCount": "3", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root prio", + "$IP link del dev $DUMMY type dummy" + ] } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 16/18] selftests/tc-testings: add show class case for mq qdisc

by Zhengchao Shao

Test 1023: Show mq class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/mq.json | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json index c6046096d9db..44fbfc6caec7 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mq.json @@ -133,5 +133,27 @@ "teardown": [ "echo \"1\" > /sys/bus/netdevsim/del_device" ] - } + }, + { + "id": "1023", + "name": "Show mq class", + "category": [ + "qdisc", + "mq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 4\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mq", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $ETH", + "matchPattern": "class mq 1:[0-9]+ root", + "matchCount": "4", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 15/18] selftests/tc-testings: add show class case for ingress qdisc

by Zhengchao Shao

Test 0521: Show ingress class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/ingress.json | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json index d99dba6e2b1a..11d33362408c 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/ingress.json @@ -98,5 +98,25 @@ "teardown": [ "$IP link del dev $DUMMY type dummy" ] + }, + { + "id": "0521", + "name": "Show ingress class", + "category": [ + "qdisc", + "ingress" + ], + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY ingress", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class ingress", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY ingress", + "$IP link del dev $DUMMY type dummy" + ] } ] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 14/18] selftests/tc-testings: add selftests for qfq qdisc

by Zhengchao Shao

Test 0582: Create QFQ with default setting Test c9a3: Create QFQ with class weight setting Test 8452: Create QFQ with class maxpkt setting Test d920: Create QFQ with multiple class setting Test 0548: Delete QFQ with handle Test 5901: Show QFQ class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/qfq.json | 145 ++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json new file mode 100644 index 000000000000..330f1a25e0ab --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json @@ -0,0 +1,145 @@ +[ + { + "id": "0582", + "name": "Create QFQ with default setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root qfq", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc qfq 1: root refcnt [0-9]+", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "c9a3", + "name": "Create QFQ with class weight setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 qfq weight 100", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:1 root weight 100 maxpkt", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8452", + "name": "Create QFQ with class maxpkt setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 qfq maxpkt 2000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:1 root weight 1 maxpkt 2000", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "d920", + "name": "Create QFQ with multiple class setting", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq", + "$TC class add dev $DUMMY parent 1: classid 1:1 qfq weight 100" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:2 qfq weight 200", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:[0-9]+ root weight [0-9]+00 maxpkt", + "matchCount": "2", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0548", + "name": "Delete QFQ with handle", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root qfq", + "$TC class add dev $DUMMY parent 1: classid 1:1 qfq weight 100" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "qdisc qfq 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5901", + "name": "Show QFQ class", + "category": [ + "qdisc", + "qfq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root qfq", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class qfq 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 13/18] selftests/tc-testings: add selftests for netem qdisc

by Zhengchao Shao

Test cb28: Create NETEM with default setting Test a089: Create NETEM with limit flag Test 3449: Create NETEM with delay time Test 3782: Create NETEM with distribution and corrupt flag Test 2b82: Create NETEM with distribution and duplicate flag Test a932: Create NETEM with distribution and loss flag Test e01a: Create NETEM with distribution and loss state flag Test ba29: Create NETEM with loss gemodel flag Test 0492: Create NETEM with reorder flag Test 7862: Create NETEM with rate limit Test 7235: Create NETEM with multiple slot rate Test 5439: Create NETEM with multiple slot setting Test 5029: Change NETEM with loss state Test 3785: Replace NETEM with delay time Test 4502: Delete NETEM with handle Test 0785: Show NETEM class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/netem.json | 372 ++++++++++++++++++ 1 file changed, 372 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json new file mode 100644 index 000000000000..7e41f548f8e8 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json @@ -0,0 +1,372 @@ +[ + { + "id": "cb28", + "name": "Create NETEM with default setting", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ limit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a089", + "name": "Create NETEM with limit flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem limit 200", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ limit 200", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3449", + "name": "Create NETEM with delay time", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3782", + "name": "Create NETEM with distribution and corrupt flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal corrupt 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms corrupt 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2b82", + "name": "Create NETEM with distribution and duplicate flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal duplicate 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms duplicate 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a932", + "name": "Create NETEM with distribution and loss flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution pareto loss 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms loss 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "e01a", + "name": "Create NETEM with distribution and loss state flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution paretonormal loss state 1", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms loss state p13 1% p31 99% p32 0% p23 100% p14 0%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "ba29", + "name": "Create NETEM with loss gemodel flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem loss gemodel 1%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*loss gemodel p 1%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0492", + "name": "Create NETEM with reorder flag", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms reorder 2% gap 100", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*reorder 2%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "7862", + "name": "Create NETEM with rate limit", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem rate 20000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*rate 20Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "7235", + "name": "Create NETEM with multiple slot rate", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem slot 10 200 packets 2000 bytes 9000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*slot 10ns 200ns packets 2000 bytes 9000", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5439", + "name": "Create NETEM with multiple slot setting", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem slot distribution pareto 1ms 0.1ms", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*slot distribution 1ms 100us", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5029", + "name": "Change NETEM with loss state", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal loss 1%" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal loss 2%", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*loss 2%", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3785", + "name": "Replace NETEM with delay time", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal loss 1%" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root netem delay 200ms 10ms", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 200ms 10ms", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4502", + "name": "Delete NETEM with handle", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root netem delay 100ms 10ms distribution normal" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc netem 1: root refcnt [0-9]+ .*delay 100ms 10ms", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0785", + "name": "Show NETEM class", + "category": [ + "qdisc", + "netem" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root netem", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class netem 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 12/18] selftests/tc-testings: add selftests for multiq qdisc

by Zhengchao Shao

Test 20ba: Add multiq Qdisc to multi-queue device (8 queues) Test 4301: List multiq Class Test 7832: Delete nonexistent multiq Qdisc Test 2891: Delete multiq Qdisc twice Test 1329: Add multiq Qdisc to single-queue device Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/multiq.json | 114 ++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json new file mode 100644 index 000000000000..12c0af7a145d --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json @@ -0,0 +1,114 @@ +[ + { + "id": "20ba", + "name": "Add multiq Qdisc to multi-queue device (8 queues)", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: multiq", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc multiq 1: root refcnt [0-9]+ bands 8", + "matchCount": "1", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "4301", + "name": "List multiq Class", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: multiq", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $ETH", + "matchPattern": "class multiq 1:[0-9]+ parent 1:", + "matchCount": "8", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "7832", + "name": "Delete nonexistent multiq Qdisc", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 4\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1: multiq", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc multiq 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "2891", + "name": "Delete multiq Qdisc twice", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device", + "$TC qdisc add dev $ETH root handle 1: multiq", + "$TC qdisc del dev $ETH root handle 1:" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1:", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "1329", + "name": "Add multiq Qdisc to single-queue device", + "category": [ + "qdisc", + "multiq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: multiq", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc multiq 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 11/18] selftests/tc-testings: add selftests for mqprio qdisc

by Zhengchao Shao

Test 9903: Add mqprio Qdisc to multi-queue device (8 queues) Test 453a: Delete nonexistent mqprio Qdisc Test 5292: Delete mqprio Qdisc twice Test 45a9: Add mqprio Qdisc to single-queue device Test 2ba9: Show mqprio class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/mqprio.json | 114 ++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json new file mode 100644 index 000000000000..6e1973f731e9 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json @@ -0,0 +1,114 @@ +[ + { + "id": "9903", + "name": "Add mqprio Qdisc to multi-queue device (8 queues)", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root tc 8 map 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0.*queues:\$0:0\$ \$1:1\$ \$2:2\$ \$3:3\$ \$4:4\$ \$5:5\$ \$6:6\$ \$7:7\$", + "matchCount": "1", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "453a", + "name": "Delete nonexistent mqprio Qdisc", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 4\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1: mqprio", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "5292", + "name": "Delete mqprio Qdisc twice", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device", + "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "$TC qdisc del dev $ETH root handle 1:" + ], + "cmdUnderTest": "$TC qdisc del dev $ETH root handle 1:", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "45a9", + "name": "Add mqprio Qdisc to single-queue device", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc mqprio 1: root", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, + { + "id": "2ba9", + "name": "Show mqprio class", + "category": [ + "qdisc", + "mqprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: mqprio num_tc 8 map 0 1 2 3 4 5 6 7 queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $ETH", + "matchPattern": "class mqprio 1:", + "matchCount": "16", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 10/18] selftests/tc-testings: add selftests for htb qdisc

by Zhengchao Shao

Test 0904: Create HTB with default setting Test 3906: Create HTB with default-N setting Test 8492: Create HTB with r2q setting Test 9502: Create HTB with direct_qlen setting Test b924: Create HTB with class rate and burst setting Test 4359: Create HTB with class mpu setting Test 9048: Create HTB with class prio setting Test 4994: Create HTB with class ceil setting Test 9523: Create HTB with class cburst setting Test 5353: Create HTB with class mtu setting Test 346a: Create HTB with class quantum setting Test 303a: Delete HTB with handle Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/htb.json | 285 ++++++++++++++++++ 1 file changed, 285 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json new file mode 100644 index 000000000000..9529899482e0 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json @@ -0,0 +1,285 @@ +[ + { + "id": "0904", + "name": "Create HTB with default setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 10 default 0 direct_packets_stat.*direct_qlen", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3906", + "name": "Create HTB with default-N setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb default 10", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 10 default 0x10 direct_packets_stat.* direct_qlen", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8492", + "name": "Create HTB with r2q setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb r2q 5", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 5 default 0 direct_packets_stat.*direct_qlen", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9502", + "name": "Create HTB with direct_qlen setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root htb direct_qlen 1024", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+ r2q 10 default 0 direct_packets_stat.*direct_qlen 1024", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "b924", + "name": "Create HTB with class rate and burst setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20kbit burst 1000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1000b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4359", + "name": "Create HTB with class mpu setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit mpu 64", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9048", + "name": "Create HTB with class prio setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit prio 1", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 1 rate 20Kbit ceil 20Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4994", + "name": "Create HTB with class ceil setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit ceil 10Kbit", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 10Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9523", + "name": "Create HTB with class cburst setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit cburst 2000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1600b cburst 2000b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5353", + "name": "Create HTB with class mtu setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit mtu 2048", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 2Kb cburst 2Kb", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "346a", + "name": "Create HTB with class quantum setting", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 htb rate 20Kbit quantum 2048", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class htb 1:1 root prio 0 rate 20Kbit ceil 20Kbit burst 1600b cburst 1600b", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "303a", + "name": "Delete HTB with handle", + "category": [ + "qdisc", + "htb" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root htb r2q 5" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc htb 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 09/18] selftests/tc-testings: add selftests for hfsc qdisc

by Zhengchao Shao

Test 3254: Create HFSC with default setting Test 0289: Create HFSC with class sc and ul rate setting Test 846a: Create HFSC with class sc umax and dmax setting Test 5413: Create HFSC with class rt and ls rate setting Test 9312: Create HFSC with class rt umax and dmax setting Test 6931: Delete HFSC with handle Test 8436: Show HFSC class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/hfsc.json | 167 ++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json new file mode 100644 index 000000000000..af27b2c20e17 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json @@ -0,0 +1,167 @@ +[ + { + "id": "3254", + "name": "Create HFSC with default setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root hfsc", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc hfsc 1: root refcnt [0-9]+", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0289", + "name": "Create HFSC with class sc and ul rate setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc sc rate 20000 ul rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: sc m1 0bit d 0us m2 20Kbit ul m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "846a", + "name": "Create HFSC with class sc umax and dmax setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc sc umax 1540 dmax 5ms rate 10000 ul rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: sc m1 2464Kbit d 5ms m2 10Kbit ul m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5413", + "name": "Create HFSC with class rt and ls rate setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc rt rate 20000 ls rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: rt m1 0bit d 0us m2 20Kbit ls m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9312", + "name": "Create HFSC with class rt umax and dmax setting", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC class add dev $DUMMY parent 1: classid 1:1 hfsc rt umax 1540 dmax 5ms rate 10000 ls rate 10000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1:1 parent 1: rt m1 2464Kbit d 5ms m2 10Kbit ls m1 0bit d 0us m2 10Kbit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6931", + "name": "Delete HFSC with handle", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root hfsc default 11" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc hfsc 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "8436", + "name": "Show HFSC class", + "category": [ + "qdisc", + "hfsc" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root hfsc", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class hfsc 1: root", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 08/18] selftests/tc-testings: add selftests for fq_codel qdisc

by Zhengchao Shao

Test 4957: Create FQ_CODEL with default setting Test 7621: Create FQ_CODEL with limit setting Test 6871: Create FQ_CODEL with memory_limit setting Test 5636: Create FQ_CODEL with target setting Test 630a: Create FQ_CODEL with interval setting Test 4324: Create FQ_CODEL with quantum setting Test b190: Create FQ_CODEL with noecn flag Test 5381: Create FQ_CODEL with ce_threshold setting Test c9d2: Create FQ_CODEL with drop_batch setting Test 523b: Create FQ_CODEL with multiple setting Test 9283: Replace FQ_CODEL with noecn setting Test 3459: Change FQ_CODEL with limit setting Test 0128: Delete FQ_CODEL with handle Test 0435: Show FQ_CODEL class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/fq_codel.json | 326 ++++++++++++++++++ 1 file changed, 326 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json new file mode 100644 index 000000000000..a65266357a9a --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json @@ -0,0 +1,326 @@ +[ + { + "id": "4957", + "name": "Create FQ_CODEL with default setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "7621", + "name": "Create FQ_CODEL with limit setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6871", + "name": "Create FQ_CODEL with memory_limit setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel memory_limit 100000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 100000b ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5636", + "name": "Create FQ_CODEL with target setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel target 2000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 2ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "630a", + "name": "Create FQ_CODEL with interval setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel interval 5000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 5ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4324", + "name": "Create FQ_CODEL with quantum setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel quantum 9000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum 9000 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "b190", + "name": "Create FQ_CODEL with noecn flag", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel noecn", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5381", + "name": "Create FQ_CODEL with ce_threshold setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel ce_threshold 1024000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms ce_threshold 1.02s interval 100ms memory_limit 32Mb ecn drop_batch 64", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "c9d2", + "name": "Create FQ_CODEL with drop_batch setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel drop_batch 100", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 10240p flows 1024 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "523b", + "name": "Create FQ_CODEL with multiple setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9283", + "name": "Replace FQ_CODEL with noecn setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root fq_codel noecn", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3459", + "name": "Change FQ_CODEL with limit setting", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root fq_codel limit 2000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 2000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 100", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0128", + "name": "Delete FQ_CODEL with handle", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root fq_codel limit 1000 flows 256 drop_batch 100" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc fq_codel 1: root refcnt [0-9]+ limit 1000p flows 256 quantum.*target 5ms interval 100ms memory_limit 32Mb noecn drop_batch 100", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0435", + "name": "Show FQ_CODEL class", + "category": [ + "qdisc", + "fq_codel" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root fq_codel", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class fq_codel 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 07/18] selftests/tc-testings: add selftests for dsmark qdisc

by Zhengchao Shao

Test 6345: Create DSMARK with default setting Test 3462: Create DSMARK with default_index setting Test ca95: Create DSMARK with set_tc_index flag Test a950: Create DSMARK with multiple setting Test 4092: Delete DSMARK with handle Test 5930: Show DSMARK class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/dsmark.json | 140 ++++++++++++++++++ 1 file changed, 140 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json new file mode 100644 index 000000000000..c030795f9c37 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json @@ -0,0 +1,140 @@ +[ + { + "id": "6345", + "name": "Create DSMARK with default setting", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3462", + "name": "Create DSMARK with default_index setting", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 default_index 512", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400 default_index 0x0200", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "ca95", + "name": "Create DSMARK with set_tc_index flag", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 set_tc_index", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400 set_tc_index", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a950", + "name": "Create DSMARK with multiple setting", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 default_index 1024 set_tc_index", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400 default_index 0x0400 set_tc_index", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4092", + "name": "Delete DSMARK with handle", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024 default_index 1024" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc dsmark 1: root refcnt [0-9]+ indices 0x0400", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5930", + "name": "Show DSMARK class", + "category": [ + "qdisc", + "dsmark" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root dsmark indices 1024", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class dsmark 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 06/18] selftests/tc-testings: add selftests for drr qdisc

by Zhengchao Shao

Test 0385: Create DRR with default setting Test 2375: Delete DRR with handle Test 3092: Show DRR class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/drr.json | 71 +++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json new file mode 100644 index 000000000000..486a425b3c1c --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json @@ -0,0 +1,71 @@ +[ + { + "id": "0385", + "name": "Create DRR with default setting", + "category": [ + "qdisc", + "drr" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root drr", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc drr 1: root refcnt [0-9]+", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2375", + "name": "Delete DRR with handle", + "category": [ + "qdisc", + "drr" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root drr" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc drr 1: root refcnt [0-9]+", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "3092", + "name": "Show DRR class", + "category": [ + "qdisc", + "drr" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root drr", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class drr 1:", + "matchCount": "0", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 05/18] selftests/tc-testings: add selftests for cbs qdisc

by Zhengchao Shao

Test 1820: Create CBS with default setting Test 1532: Create CBS with hicredit setting Test 2078: Create CBS with locredit setting Test 9271: Create CBS with sendslope setting Test 0482: Create CBS with idleslope setting Test e8f3: Create CBS with multiple setting Test 23c9: Replace CBS with sendslope setting Test a07a: Change CBS with idleslope setting Test 43b3: Delete CBS with handle Test 9472: Show CBS class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/cbs.json | 234 ++++++++++++++++++ 1 file changed, 234 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json new file mode 100644 index 000000000000..a46bf5ff8277 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json @@ -0,0 +1,234 @@ +[ + { + "id": "1820", + "name": "Create CBS with default setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "1532", + "name": "Create CBS with hicredit setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs hicredit 64", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 64 locredit 0 sendslope 0 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "2078", + "name": "Create CBS with locredit setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs locredit 10", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 10 sendslope 0 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9271", + "name": "Create CBS with sendslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs sendslope 888", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 888 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0482", + "name": "Create CBS with idleslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 666 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "e8f3", + "name": "Create CBS with multiple setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs hicredit 10 locredit 75 sendslope 2 idleslope 666", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 10 locredit 75 sendslope 2 idleslope 666 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "23c9", + "name": "Replace CBS with sendslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666" + ], + "cmdUnderTest": "$TC qdisc replace dev $DUMMY handle 1: root cbs sendslope 10", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 10 idleslope 0 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "a07a", + "name": "Change CBS with idleslope setting", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666" + ], + "cmdUnderTest": "$TC qdisc change dev $DUMMY handle 1: root cbs idleslope 1", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 1 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "43b3", + "name": "Delete CBS with handle", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbs idleslope 666" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbs 1: root refcnt [0-9]+ hicredit 0 locredit 0 sendslope 0 idleslope 1 offload 0.*qdisc pfifo 0: parent 1: limit 1000p", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "9472", + "name": "Show CBS class", + "category": [ + "qdisc", + "cbs" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbs", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class cbs 1:[0-9]+ parent 1:", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 04/18] selftests/tc-testings: add selftests for cbq qdisc

by Zhengchao Shao

Test 3460: Create CBQ with default setting Test 0592: Create CBQ with mpu Test 4684: Create CBQ with valid cell num Test 4345: Create CBQ with invalid cell num Test 4525: Create CBQ with valid ewma Test 6784: Create CBQ with invalid ewma Test 5468: Delete CBQ with handle Test 492a: Show CBQ class Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- .../tc-testing/tc-tests/qdiscs/cbq.json | 184 ++++++++++++++++++ 1 file changed, 184 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json new file mode 100644 index 000000000000..1ab21c83a122 --- /dev/null +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json @@ -0,0 +1,184 @@ +[ + { + "id": "3460", + "name": "Create CBQ with default setting", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "0592", + "name": "Create CBQ with mpu", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 mpu 1000", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4684", + "name": "Create CBQ with valid cell num", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 cell 128", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4345", + "name": "Create CBQ with invalid cell num", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 cell 100", + "expExitCode": "1", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "4525", + "name": "Create CBQ with valid ewma", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 ewma 16", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "6784", + "name": "Create CBQ with invalid ewma", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000 ewma 128", + "expExitCode": "1", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "5468", + "name": "Delete CBQ with handle", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true", + "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000" + ], + "cmdUnderTest": "$TC qdisc del dev $DUMMY handle 1: root", + "expExitCode": "0", + "verifyCmd": "$TC qdisc show dev $DUMMY", + "matchPattern": "qdisc cbq 1: root refcnt [0-9]+ rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "0", + "teardown": [ + "$IP link del dev $DUMMY type dummy" + ] + }, + { + "id": "492a", + "name": "Show CBQ class", + "category": [ + "qdisc", + "cbq" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "$IP link add dev $DUMMY type dummy || /bin/true" + ], + "cmdUnderTest": "$TC qdisc add dev $DUMMY handle 1: root cbq bandwidth 10000 avpkt 9000", + "expExitCode": "0", + "verifyCmd": "$TC class show dev $DUMMY", + "matchPattern": "class cbq 1: root rate 10Kbit \$bounded,isolated\$ prio no-transmit", + "matchCount": "1", + "teardown": [ + "$TC qdisc del dev $DUMMY handle 1: root", + "$IP link del dev $DUMMY type dummy" + ] + } +] -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next,v2 02/18] net/sched: use tc_qdisc_stats_dump() in qdisc

by Zhengchao Shao

use tc_qdisc_stats_dump() in qdisc. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- net/sched/sch_atm.c | 6 +----- net/sched/sch_cake.c | 9 +++------ net/sched/sch_cbq.c | 9 +-------- net/sched/sch_cbs.c | 8 +------- net/sched/sch_drr.c | 9 +-------- net/sched/sch_dsmark.c | 14 +++++--------- net/sched/sch_ets.c | 9 +-------- net/sched/sch_fq_codel.c | 8 ++------ net/sched/sch_hfsc.c | 9 +-------- net/sched/sch_htb.c | 9 +-------- net/sched/sch_mq.c | 5 +---- net/sched/sch_mqprio.c | 5 +---- net/sched/sch_multiq.c | 9 +-------- net/sched/sch_netem.c | 8 ++------ net/sched/sch_prio.c | 9 +-------- net/sched/sch_qfq.c | 9 +-------- net/sched/sch_red.c | 7 +------ net/sched/sch_sfb.c | 7 +------ net/sched/sch_sfq.c | 8 ++------ net/sched/sch_skbprio.c | 9 +-------- net/sched/sch_taprio.c | 5 +---- net/sched/sch_tbf.c | 7 +------ 22 files changed, 31 insertions(+), 147 deletions(-) diff --git a/net/sched/sch_atm.c b/net/sched/sch_atm.c index 816fd0d7ba38..b6c45ca60e78 100644 --- a/net/sched/sch_atm.c +++ b/net/sched/sch_atm.c @@ -354,12 +354,8 @@ static void atm_tc_walk(struct Qdisc *sch, struct qdisc_walker *walker) if (walker->stop) return; list_for_each_entry(flow, &p->flows, list) { - if (walker->count >= walker->skip && - walker->fn(sch, (unsigned long)flow, walker) < 0) { - walker->stop = 1; + if (!tc_qdisc_stats_dump(sch, walker, (unsigned long)flow)) break; - } - walker->count++; } } diff --git a/net/sched/sch_cake.c b/net/sched/sch_cake.c index 36acc95d611e..cab9ff213d92 100644 --- a/net/sched/sch_cake.c +++ b/net/sched/sch_cake.c @@ -3061,16 +3061,13 @@ static void cake_walk(struct Qdisc *sch, struct qdisc_walker *arg) struct cake_tin_data *b = &q->tins[q->tin_order[i]]; for (j = 0; j < CAKE_QUEUES; j++) { - if (list_empty(&b->flows[j].flowchain) || - arg->count < arg->skip) { + if (list_empty(&b->flows[j].flowchain)) { arg->count++; continue; } - if (arg->fn(sch, i * CAKE_QUEUES + j + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, + i * CAKE_QUEUES + j + 1)) break; - } - arg->count++; } } } diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c index ba99ce05cd52..4897329f9412 100644 --- a/net/sched/sch_cbq.c +++ b/net/sched/sch_cbq.c @@ -1676,15 +1676,8 @@ static void cbq_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (h = 0; h < q->clhash.hashsize; h++) { hlist_for_each_entry(cl, &q->clhash.hash[h], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, (unsigned long)cl)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_cbs.c b/net/sched/sch_cbs.c index 459cc240eda9..270d517e492d 100644 --- a/net/sched/sch_cbs.c +++ b/net/sched/sch_cbs.c @@ -520,13 +520,7 @@ static unsigned long cbs_find(struct Qdisc *sch, u32 classid) static void cbs_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) { - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - } - walker->count++; + tc_qdisc_stats_dump(sch, walker, 1); } } diff --git a/net/sched/sch_drr.c b/net/sched/sch_drr.c index 4e5b1cf11b85..d75ea3e35fcc 100644 --- a/net/sched/sch_drr.c +++ b/net/sched/sch_drr.c @@ -284,15 +284,8 @@ static void drr_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, (unsigned long)cl)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_dsmark.c b/net/sched/sch_dsmark.c index 7da6dc38a382..5cf944ab20b6 100644 --- a/net/sched/sch_dsmark.c +++ b/net/sched/sch_dsmark.c @@ -176,16 +176,12 @@ static void dsmark_walk(struct Qdisc *sch, struct qdisc_walker *walker) return; for (i = 0; i < p->indices; i++) { - if (p->mv[i].mask == 0xff && !p->mv[i].value) - goto ignore; - if (walker->count >= walker->skip) { - if (walker->fn(sch, i + 1, walker) < 0) { - walker->stop = 1; - break; - } + if (p->mv[i].mask == 0xff && !p->mv[i].value) { + walker->count++; + continue; } -ignore: - walker->count++; + if (!tc_qdisc_stats_dump(sch, walker, i + 1)) + break; } } diff --git a/net/sched/sch_ets.c b/net/sched/sch_ets.c index a3aea22ef09d..7e3b16c342d2 100644 --- a/net/sched/sch_ets.c +++ b/net/sched/sch_ets.c @@ -341,15 +341,8 @@ static void ets_qdisc_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->nbands; i++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, i + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_fq_codel.c b/net/sched/sch_fq_codel.c index eeea8c6d54e2..59a60ce5b7ef 100644 --- a/net/sched/sch_fq_codel.c +++ b/net/sched/sch_fq_codel.c @@ -673,16 +673,12 @@ static void fq_codel_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->flows_cnt; i++) { - if (list_empty(&q->flows[i].flowchain) || - arg->count < arg->skip) { + if (list_empty(&q->flows[i].flowchain)) { arg->count++; continue; } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, i + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_hfsc.c b/net/sched/sch_hfsc.c index c8bef923c79c..815599f94ad9 100644 --- a/net/sched/sch_hfsc.c +++ b/net/sched/sch_hfsc.c @@ -1349,15 +1349,8 @@ hfsc_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], cl_common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, (unsigned long)cl)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_htb.c b/net/sched/sch_htb.c index 78d0c7549c74..e9fee0b5706f 100644 --- a/net/sched/sch_htb.c +++ b/net/sched/sch_htb.c @@ -2119,15 +2119,8 @@ static void htb_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, (unsigned long)cl)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_mq.c b/net/sched/sch_mq.c index 83d2e54bf303..c544e9d8e79e 100644 --- a/net/sched/sch_mq.c +++ b/net/sched/sch_mq.c @@ -247,11 +247,8 @@ static void mq_walk(struct Qdisc *sch, struct qdisc_walker *arg) arg->count = arg->skip; for (ntx = arg->skip; ntx < dev->num_tx_queues; ntx++) { - if (arg->fn(sch, ntx + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, ntx + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_mqprio.c b/net/sched/sch_mqprio.c index b29f3453c6ea..55b965dbf3bc 100644 --- a/net/sched/sch_mqprio.c +++ b/net/sched/sch_mqprio.c @@ -558,11 +558,8 @@ static void mqprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) /* Walk hierarchy with a virtual class per tc */ arg->count = arg->skip; for (ntx = arg->skip; ntx < netdev_get_num_tc(dev); ntx++) { - if (arg->fn(sch, ntx + TC_H_MIN_PRIORITY, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, ntx + TC_H_MIN_PRIORITY)) return; - } - arg->count++; } /* Pad the values and skip over unused traffic classes */ diff --git a/net/sched/sch_multiq.c b/net/sched/sch_multiq.c index f28050c7f12d..c8a649a24696 100644 --- a/net/sched/sch_multiq.c +++ b/net/sched/sch_multiq.c @@ -353,15 +353,8 @@ static void multiq_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (band = 0; band < q->bands; band++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, band + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, band + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c index b70ac04110dd..5a7f41a61fe2 100644 --- a/net/sched/sch_netem.c +++ b/net/sched/sch_netem.c @@ -1251,12 +1251,8 @@ static unsigned long netem_find(struct Qdisc *sch, u32 classid) static void netem_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + if (!tc_qdisc_stats_dump(sch, walker, 1)) + return; } } diff --git a/net/sched/sch_prio.c b/net/sched/sch_prio.c index 298794c04836..6bfabc4ba4b5 100644 --- a/net/sched/sch_prio.c +++ b/net/sched/sch_prio.c @@ -376,15 +376,8 @@ static void prio_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (prio = 0; prio < q->bands; prio++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, prio + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, prio + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_qfq.c b/net/sched/sch_qfq.c index 13246a9dc5c1..35bb772abbee 100644 --- a/net/sched/sch_qfq.c +++ b/net/sched/sch_qfq.c @@ -659,15 +659,8 @@ static void qfq_walk(struct Qdisc *sch, struct qdisc_walker *arg) for (i = 0; i < q->clhash.hashsize; i++) { hlist_for_each_entry(cl, &q->clhash.hash[i], common.hnode) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, (unsigned long)cl, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, (unsigned long)cl)) return; - } - arg->count++; } } } diff --git a/net/sched/sch_red.c b/net/sched/sch_red.c index 4952406f70b9..99c30542823c 100644 --- a/net/sched/sch_red.c +++ b/net/sched/sch_red.c @@ -516,12 +516,7 @@ static unsigned long red_find(struct Qdisc *sch, u32 classid) static void red_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, walker, 1); } } diff --git a/net/sched/sch_sfb.c b/net/sched/sch_sfb.c index 1be8d04d69dc..001927b31eab 100644 --- a/net/sched/sch_sfb.c +++ b/net/sched/sch_sfb.c @@ -659,12 +659,7 @@ static int sfb_delete(struct Qdisc *sch, unsigned long cl, static void sfb_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, walker, 1); } } diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c index f8e569f79f13..a82d844b02d0 100644 --- a/net/sched/sch_sfq.c +++ b/net/sched/sch_sfq.c @@ -888,16 +888,12 @@ static void sfq_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < q->divisor; i++) { - if (q->ht[i] == SFQ_EMPTY_SLOT || - arg->count < arg->skip) { + if (q->ht[i] == SFQ_EMPTY_SLOT) { arg->count++; continue; } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, i + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_skbprio.c b/net/sched/sch_skbprio.c index df72fb83d9c7..3b2cdd0fa66a 100644 --- a/net/sched/sch_skbprio.c +++ b/net/sched/sch_skbprio.c @@ -265,15 +265,8 @@ static void skbprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) return; for (i = 0; i < SKBPRIO_MAX_PRIORITY; i++) { - if (arg->count < arg->skip) { - arg->count++; - continue; - } - if (arg->fn(sch, i + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, i + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_taprio.c b/net/sched/sch_taprio.c index db88a692ef81..d98d6a8b271a 100644 --- a/net/sched/sch_taprio.c +++ b/net/sched/sch_taprio.c @@ -2000,11 +2000,8 @@ static void taprio_walk(struct Qdisc *sch, struct qdisc_walker *arg) arg->count = arg->skip; for (ntx = arg->skip; ntx < dev->num_tx_queues; ntx++) { - if (arg->fn(sch, ntx + 1, arg) < 0) { - arg->stop = 1; + if (!tc_qdisc_stats_dump(sch, arg, ntx + 1)) break; - } - arg->count++; } } diff --git a/net/sched/sch_tbf.c b/net/sched/sch_tbf.c index e031c1a41ea6..e852db4079c4 100644 --- a/net/sched/sch_tbf.c +++ b/net/sched/sch_tbf.c @@ -580,12 +580,7 @@ static unsigned long tbf_find(struct Qdisc *sch, u32 classid) static void tbf_walk(struct Qdisc *sch, struct qdisc_walker *walker) { if (!walker->stop) { - if (walker->count >= walker->skip) - if (walker->fn(sch, 1, walker) < 0) { - walker->stop = 1; - return; - } - walker->count++; + tc_qdisc_stats_dump(sch, walker, 1); } } -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH net-next 00/18] refactor duplicate codes in the qdisc class walk function

by Zhengchao Shao

The walk implementation of most qdisc class modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -c cake ok 1 1212 - Create CAKE with default setting ok 2 3241 - Create CAKE with bandwidth limit ok 3 c940 - Create CAKE with autorate-ingress flag ok 4 2310 - Create CAKE with rtt time ok 5 2385 - Create CAKE with besteffort flag ok 6 a032 - Create CAKE with diffserv8 flag ok 7 2349 - Create CAKE with diffserv4 flag ok 8 8472 - Create CAKE with flowblind flag ok 9 2341 - Create CAKE with dsthost and nat flag ok 10 5134 - Create CAKE with wash flag ok 11 2302 - Create CAKE with flowblind and no-split-gso flag ok 12 0768 - Create CAKE with dual-srchost and ack-filter flag ok 13 0238 - Create CAKE with dual-dsthost and ack-filter-aggressive flag ok 14 6573 - Create CAKE with memlimit and ptm flag ok 15 2436 - Create CAKE with fwmark and atm flag ok 16 3984 - Create CAKE with overhead and mpu ok 17 2342 - Create CAKE with conservative and ingress flag ok 18 2313 - Change CAKE with mpu ok 19 4365 - Show CAKE class ./tdc.py -c cbq ok 1 3460 - Create CBQ with default setting ok 2 0592 - Create CBQ with mpu ok 3 4684 - Create CBQ with valid cell num ok 4 4345 - Create CBQ with invalid cell num ok 5 4525 - Create CBQ with valid ewma ok 6 6784 - Create CBQ with invalid ewma ok 7 5468 - Delete CBQ with handle ok 8 492a - Show CBQ class ./tdc.py -c cbs ok 1 1820 - Create CBS with default setting ok 2 1532 - Create CBS with hicredit setting ok 3 2078 - Create CBS with locredit setting ok 4 0482 - Create CBS with sendslope setting ok 5 e8f3 - Create CBS with multiple setting ok 6 23c9 - Replace CBS with sendslope setting ok 7 a07a - Change CBS with idleslope setting ok 8 43b3 - Delete CBS with handle ok 9 9472 - Show CBS class ./tdc.py -c drr ok 1 0385 - Create DRR with default setting ok 2 2375 - Delete DRR with handle ok 3 3092 - Show DRR class ./tdc.py -c dsmark ok 1 6345 - Create DSMARK with default setting ok 2 3462 - Create DSMARK with default_index setting ok 3 ca95 - Create DSMARK with set_tc_index flag ok 4 a950 - Create DSMARK with multiple setting ok 5 4092 - Delete DSMARK with handle ok 6 5930 - Show DSMARK class ./tdc.py -c fq_codel ok 1 4957 - Create FQ_CODEL with default setting ok 2 7621 - Create FQ_CODEL with limit setting ok 3 6872 - Create FQ_CODEL with memory_limit setting ok 4 5636 - Create FQ_CODEL with target setting ok 5 630a - Create FQ_CODEL with interval setting ok 6 4324 - Create FQ_CODEL with quantum setting ok 7 b190 - Create FQ_CODEL with noecn flag ok 8 c9d2 - Create FQ_CODEL with ce_threshold setting ok 9 523b - Create FQ_CODEL with multiple setting ok 10 9283 - Replace FQ_CODEL with noecn setting ok 11 3459 - Change FQ_CODEL with limit setting ok 12 0128 - Delete FQ_CODEL with handle ok 13 0435 - Show FQ_CODEL class ./tdc.py -c hfsc ok 1 3254 - Create HFSC with default setting ok 2 0289 - Create HFSC with class sc and ul rate setting ok 3 846a - Create HFSC with class sc umax and dmax setting ok 4 5413 - Create HFSC with class rt and ls rate setting ok 5 9312 - Create HFSC with class rt umax and dmax setting ok 6 6931 - Delete HFSC with handle ok 7 8436 - Show HFSC class ./tdc.py -c htb ok 1 0904 - Create HTB with default setting ok 2 3906 - Create HTB with default-N setting ok 3 8492 - Create HTB with r2q setting ok 4 9502 - Create HTB with direct_qlen setting ok 5 b924 - Create HTB with class rate and burst setting ok 6 4359 - Create HTB with class mpu setting ok 7 9048 - Create HTB with class prio setting ok 8 4994 - Create HTB with class ceil setting ok 9 9523 - Create HTB with class cburst setting ok 10 5353 - Create HTB with class mtu setting ok 11 346a - Create HTB with class quantum setting ok 12 303a - Delete HTB with handle ./tdc.py -c mqprio ok 1 9903 - Add mqprio Qdisc to multi-queue device (8 queues) ok 2 453a - Delete nonexistent mqprio Qdisc ok 3 5294 - Delete mqprio Qdisc twice ok 4 45a9 - Add mqprio Qdisc to single-queue device ok 5 2ba9 - Show mqprio class ./tdc.py -c multiq ok 1 20ba - Add multiq Qdisc to multi-queue device (8 queues) ok 2 9903 - List multiq Class ok 3 7832 - Delete nonexistent multiq Qdisc ok 4 2891 - Delete multiq Qdisc twice ok 5 1329 - Add multiq Qdisc to single-queue device ./tdc.py -c netem ok 1 cb28 - Create NETEM with default setting ok 2 a089 - Create NETEM with limit flag ok 3 3449 - Create NETEM with delay time ok 4 3782 - Create NETEM with distribution and corrupt flag ok 5 a932 - Create NETEM with distribution and duplicate flag ok 6 e01a - Create NETEM with distribution and loss state flag ok 7 ba29 - Create NETEM with loss gemodel flag ok 8 0492 - Create NETEM with reorder flag ok 9 7862 - Create NETEM with rate limit ok 10 7235 - Create NETEM with multiple slot rate ok 11 5439 - Create NETEM with multiple slot setting ok 12 5029 - Change NETEM with loss state ok 13 3785 - Replace NETEM with delay time ok 14 4502 - Delete NETEM with handle ok 15 0785 - Show NETEM class ./tdc.py -c qfq ok 1 0582 - Create QFQ with default setting ok 2 c9a3 - Create QFQ with class weight setting ok 3 8452 - Create QFQ with class maxpkt setting ok 4 d920 - Create QFQ with multiple class setting ok 5 0548 - Delete QFQ with handle ok 6 5901 - Show QFQ class ./tdc.py -e 0521 ok 1 0521 - Show ingress class ./tdc.py -e 1023 ok 1 1023 - Show mq class ./tdc.py -e 2410 ok 1 2410 - Show prio class ./tdc.py -e 290a ok 1 290a - Show RED class Zhengchao Shao (18): net/sched: sch_api: add helper for tc qdisc walker stats dump net/sched: use tc_qdisc_stats_dump() in qdisc selftests/tc-testings: add selftests for cake qdisc selftests/tc-testings: add selftests for cbq qdisc selftests/tc-testings: add selftests for cbs qdisc selftests/tc-testings: add selftests for drr qdisc selftests/tc-testings: add selftests for dsmark qdisc selftests/tc-testings: add selftests for fq_codel qdisc selftests/tc-testings: add selftests for hfsc qdisc selftests/tc-testings: add selftests for htb qdisc selftests/tc-testings: add selftests for mqprio qdisc selftests/tc-testings: add selftests for multiq qdisc selftests/tc-testings: add selftests for netem qdisc selftests/tc-testings: add selftests for qfq qdisc selftests/tc-testings: add show class case for ingress qdisc selftests/tc-testings: add show class case for mq qdisc selftests/tc-testings: add show class case for prio qdisc selftests/tc-testings: add show class case for red qdisc include/net/pkt_sched.h | 13 + net/sched/sch_atm.c | 6 +- net/sched/sch_cake.c | 9 +- net/sched/sch_cbq.c | 9 +- net/sched/sch_cbs.c | 8 +- net/sched/sch_drr.c | 9 +- net/sched/sch_dsmark.c | 14 +- net/sched/sch_ets.c | 9 +- net/sched/sch_fq_codel.c | 8 +- net/sched/sch_hfsc.c | 9 +- net/sched/sch_htb.c | 9 +- net/sched/sch_mq.c | 5 +- net/sched/sch_mqprio.c | 5 +- net/sched/sch_multiq.c | 9 +- net/sched/sch_netem.c | 8 +- net/sched/sch_prio.c | 9 +- net/sched/sch_qfq.c | 9 +- net/sched/sch_red.c | 7 +- net/sched/sch_sfb.c | 7 +- net/sched/sch_sfq.c | 8 +- net/sched/sch_skbprio.c | 9 +- net/sched/sch_taprio.c | 5 +- net/sched/sch_tbf.c | 7 +- .../tc-testing/tc-tests/qdiscs/cake.json | 488 ++++++++++++++++++ .../tc-testing/tc-tests/qdiscs/cbq.json | 184 +++++++ .../tc-testing/tc-tests/qdiscs/cbs.json | 234 +++++++++ .../tc-testing/tc-tests/qdiscs/drr.json | 71 +++ .../tc-testing/tc-tests/qdiscs/dsmark.json | 140 +++++ .../tc-testing/tc-tests/qdiscs/fq_codel.json | 326 ++++++++++++ .../tc-testing/tc-tests/qdiscs/hfsc.json | 167 ++++++ .../tc-testing/tc-tests/qdiscs/htb.json | 285 ++++++++++ .../tc-testing/tc-tests/qdiscs/ingress.json | 20 + .../tc-testing/tc-tests/qdiscs/mq.json | 24 +- .../tc-testing/tc-tests/qdiscs/mqprio.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/multiq.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/netem.json | 372 +++++++++++++ .../tc-testing/tc-tests/qdiscs/prio.json | 20 + .../tc-testing/tc-tests/qdiscs/qfq.json | 145 ++++++ .../tc-testing/tc-tests/qdiscs/red.json | 23 + 39 files changed, 2770 insertions(+), 148 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json -- 2.17.1

2 years, 7 months

3
24
0 0

[PATCH 2/4] selftests/x86/mxcsr: Test the MXCSR state write via ptrace

by Chang S. Bae

The ptrace buffer is in the non-compacted format. The MXCSR state should be written to the target thread when either SSE or AVX component is enabled. Write an MXCSR value to the target and read back. Then it is validated with the XRSTOR/XSAVE result on the current. Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Cc: x86(a)kernel.org Cc: linux-kernel(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org --- If this is acceptable, I will also follow up to move some of the helper functions to a .h file from this and other test cases because duplicating what is shareable should be avoided. --- tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mxcsr.c | 200 +++++++++++++++++++++++++++ 2 files changed, 201 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/x86/mxcsr.c diff --git a/tools/testing/selftests/x86/Makefile b/tools/testing/selftests/x86/Makefile index 0388c4d60af0..621c47960be3 100644 --- a/tools/testing/selftests/x86/Makefile +++ b/tools/testing/selftests/x86/Makefile @@ -13,7 +13,7 @@ CAN_BUILD_WITH_NOPIE := $(shell ./check_cc.sh "$(CC)" trivial_program.c -no-pie) TARGETS_C_BOTHBITS := single_step_syscall sysret_ss_attrs syscall_nt test_mremap_vdso \ check_initial_reg_state sigreturn iopl ioperm \ test_vsyscall mov_ss_trap \ - syscall_arg_fault fsgsbase_restore sigaltstack + syscall_arg_fault fsgsbase_restore sigaltstack mxcsr TARGETS_C_32BIT_ONLY := entry_from_vm86 test_syscall_vdso unwind_vdso \ test_FCMOV test_FCOMI test_FISTTP \ vdso_restorer diff --git a/tools/testing/selftests/x86/mxcsr.c b/tools/testing/selftests/x86/mxcsr.c new file mode 100644 index 000000000000..7c318c48b4be --- /dev/null +++ b/tools/testing/selftests/x86/mxcsr.c @@ -0,0 +1,200 @@ +// SPDX-License-Identifier: GPL-2.0 + +#define _GNU_SOURCE +#include <err.h> +#include <elf.h> +#include <stdbool.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <x86intrin.h> + +#include <sys/ptrace.h> +#include <sys/syscall.h> +#include <sys/wait.h> +#include <sys/uio.h> + +#include "../kselftest.h" /* For __cpuid_count() */ + +#define LEGACY_STATE_SIZE 24 +#define MXCSR_SIZE 8 +#define STSTATE_SIZE 8*16 +#define XMM_SIZE 16*16 +#define PADDING_SIZE 96 +#define XSAVE_HDR_SIZE 64 + +struct xsave_buffer { + uint8_t legacy_state[LEGACY_STATE_SIZE]; + uint8_t mxcsr[MXCSR_SIZE]; + uint8_t st_state[STSTATE_SIZE]; + uint8_t xmm_state[XMM_SIZE]; + uint8_t padding[PADDING_SIZE]; + uint8_t header[XSAVE_HDR_SIZE]; + uint8_t extended[0]; +}; + +#ifdef __x86_64__ +#define REX_PREFIX "0x48, " +#else +#define REX_PREFIX +#endif + +#define XSAVE ".byte " REX_PREFIX "0x0f,0xae,0x27" +#define XRSTOR ".byte " REX_PREFIX "0x0f,0xae,0x2f" + +static inline uint64_t xgetbv(uint32_t index) +{ + uint32_t eax, edx; + + asm volatile("xgetbv" + : "=a" (eax), "=d" (edx) + : "c" (index)); + return eax + ((uint64_t)edx << 32); +} + +static inline void xsave(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XSAVE :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi) : "memory"); +} + +static inline void xrstor(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XRSTOR :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi)); +} + +static inline void clear_xstate_header(struct xsave_buffer *xbuf) +{ + memset(&xbuf->header, 0, sizeof(xbuf->header)); +} + +static inline uint32_t get_mxcsr(struct xsave_buffer *xbuf) +{ + return *((uint32_t *)xbuf->mxcsr); +} + +static inline void set_mxcsr(struct xsave_buffer *xbuf, uint32_t val) +{ + *((uint32_t *)xbuf->mxcsr) = val; +} + +#define XFEATURE_MASK_SSE 0x2 +#define XFEATURE_MASK_YMM 0x4 + +#define CPUID_LEAF1_ECX_XSAVE_MASK (1 << 26) +#define CPUID_LEAF1_ECX_OSXSAVE_MASK (1 << 27) +#define CPUID_LEAF_XSTATE 0xd +#define CPUID_SUBLEAF_XSTATE_USER 0x0 +#define CPUID_SUBLEAF_XSTATE_EXT 0x1 + +static bool xsave_availability(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(1, 0, eax, ebx, ecx, edx); + if (!(ecx & CPUID_LEAF1_ECX_XSAVE_MASK)) + return false; + if (!(ecx & CPUID_LEAF1_ECX_OSXSAVE_MASK)) + return false; + return true; +} + +static uint32_t get_xbuf_size(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(CPUID_LEAF_XSTATE, CPUID_SUBLEAF_XSTATE_USER, + eax, ebx, ecx, edx); + return ebx; +} + +static void ptrace_get(pid_t pid, struct iovec *iov) +{ + memset(iov->iov_base, 0, iov->iov_len); + + if (ptrace(PTRACE_GETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_GETREGSET"); +} + +static void ptrace_set(pid_t pid, struct iovec *iov) +{ + if (ptrace(PTRACE_SETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_SETREGSET"); +} + +int main(void) +{ + struct xsave_buffer *xbuf; + uint32_t xbuf_size; + struct iovec iov; + uint32_t mxcsr; + pid_t child; + int status; + + if (!xsave_availability()) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + xbuf_size = get_xbuf_size(); + if (!xbuf_size) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + if (!(xgetbv(0) & (XFEATURE_MASK_SSE | XFEATURE_MASK_YMM))) + printf("[SKIP]\tSkip as SSE state not available.\n"); + + xbuf = aligned_alloc(64, xbuf_size); + if (!xbuf) + err(1, "aligned_alloc()"); + + iov.iov_base = xbuf; + iov.iov_len = xbuf_size; + + child = fork(); + if (child < 0) { + err(1, "fork()"); + } else if (!child) { + if (ptrace(PTRACE_TRACEME, 0, NULL, NULL)) + err(1, "PTRACE_TRACEME"); + + raise(SIGTRAP); + _exit(0); + } + + wait(&status); + + if (WSTOPSIG(status) != SIGTRAP) + err(1, "raise(SIGTRAP)"); + + printf("[RUN]\tTest the MXCSR state write via ptrace().\n"); + + /* Set a benign value */ + set_mxcsr(xbuf, 0xabc); + /* The MXCSR state should be loaded regardless of XSTATE_BV */ + clear_xstate_header(xbuf); + + /* Write the MXCSR state both locally and remotely. */ + xrstor(xbuf, XFEATURE_MASK_SSE); + ptrace_set(child, &iov); + + /* Read the MXCSR state back for both */ + xsave(xbuf, XFEATURE_MASK_SSE); + mxcsr = get_mxcsr(xbuf); + ptrace_get(child, &iov); + + /* Cross-check with each other */ + if (mxcsr == get_mxcsr(xbuf)) + printf("[OK]\tThe written state was read back correctly.\n"); + else + printf("[FAIL]\tThe write (or read) was incorrect.\n"); + + ptrace(PTRACE_DETACH, child, NULL, NULL); + wait(&status); + if (!WIFEXITED(status) || WEXITSTATUS(status)) + err(1, "PTRACE_DETACH"); + + free(xbuf); +} -- 2.17.1

2 years, 7 months

1
0
0 0

[PATCH v1 0/3] kselftest/arm64: Updates to the hwcaps test

by Mark Brown

This series fixes an output formatting issue then adds a bunch more hwcaps to the hwcaps test. This includes the recently added SVE EBF16 hwcap so this requires both for-next/kselftest and for-next/sve. Mark Brown (3): kselftest/arm64: Add missing newline in hwcap output kselftest/arm64: Add SVE 2 to the tested hwcaps kselftest/arm64: Add hwcap test for RNG tools/testing/selftests/arm64/abi/hwcap.c | 150 +++++++++++++++++++++- 1 file changed, 149 insertions(+), 1 deletion(-) base-commit: daecb3077f330058d1c53de32d272bc23ff61a25 -- 2.30.2

2 years, 7 months

2
4
0 0

[PATCH net v3 0/4] Unsync addresses from ports when stopping aggregated devices

by Benjamin Poirier

This series fixes similar problems in the bonding and team drivers. Because of missing dev_{uc,mc}_unsync() calls, addresses added to underlying devices may be leftover after the aggregated device is deleted. Add the missing calls and a few related tests. v2: * fix selftest installation, see patch 3 v3: * Split lacpdu_multicast changes to their own patch, #1 * In ndo_{add,del}_slave methods, only perform address list changes when the aggregated device is up (patches 2 & 3) * Add selftest function related to the above change (patch 4) Benjamin Poirier (4): net: bonding: Share lacpdu_mcast_addr definition net: bonding: Unsync device addresses on ndo_stop net: team: Unsync device addresses on ndo_stop net: Add tests for bonding and team address list management MAINTAINERS | 1 + drivers/net/bonding/bond_3ad.c | 5 +- drivers/net/bonding/bond_main.c | 57 +++++---- drivers/net/team/team.c | 24 +++- include/net/bond_3ad.h | 2 - include/net/bonding.h | 3 + tools/testing/selftests/Makefile | 1 + .../selftests/drivers/net/bonding/Makefile | 5 +- .../selftests/drivers/net/bonding/config | 1 + .../drivers/net/bonding/dev_addr_lists.sh | 109 ++++++++++++++++++ .../selftests/drivers/net/bonding/lag_lib.sh | 61 ++++++++++ .../selftests/drivers/net/team/Makefile | 6 + .../testing/selftests/drivers/net/team/config | 3 + .../drivers/net/team/dev_addr_lists.sh | 51 ++++++++ 14 files changed, 297 insertions(+), 32 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/dev_addr_lists.sh create mode 100644 tools/testing/selftests/drivers/net/bonding/lag_lib.sh create mode 100644 tools/testing/selftests/drivers/net/team/Makefile create mode 100644 tools/testing/selftests/drivers/net/team/config create mode 100755 tools/testing/selftests/drivers/net/team/dev_addr_lists.sh -- 2.37.2

2 years, 7 months

3
6
0 0

[PATCH net-next 0/8] add tc-testing test cases

by Zhengchao Shao

For this patchset, test cases of the ctinfo, gate, and xt action modules are added to the tc-testing test suite. Also add deleting test for connmark, ife, nat, sample and tunnel_key action modules. After a test case is added locally, the test result is as follows: ./tdc.py -c action ctinfo considering category action considering category ctinfo Test c826: Add ctinfo action with default setting Test 0286: Add ctinfo action with dscp Test 4938: Add ctinfo action with valid cpmark and zone Test 7593: Add ctinfo action with drop control Test 2961: Replace ctinfo action zone and action control Test e567: Delete ctinfo action with valid index Test 6a91: Delete ctinfo action with invalid index Test 5232: List ctinfo actions Test 7702: Flush ctinfo actions Test 3201: Add ctinfo action with duplicate index Test 8295: Add ctinfo action with invalid index Test 3964: Replace ctinfo action with invalid goto_chain control All test results: 1..12 ok 1 c826 - Add ctinfo action with default setting ok 2 0286 - Add ctinfo action with dscp ok 3 4938 - Add ctinfo action with valid cpmark and zone ok 4 7593 - Add ctinfo action with drop control ok 5 2961 - Replace ctinfo action zone and action control ok 6 e567 - Delete ctinfo action with valid index ok 7 6a91 - Delete ctinfo action with invalid index ok 8 5232 - List ctinfo actions ok 9 7702 - Flush ctinfo actions ok 10 3201 - Add ctinfo action with duplicate index ok 11 8295 - Add ctinfo action with invalid index ok 12 3964 - Replace ctinfo action with invalid goto_chain control ./tdc.py -c action gate considering category gate considering category action Test 5153: Add gate action with priority and sched-entry Test 7189: Add gate action with base-time Test a721: Add gate action with cycle-time Test c029: Add gate action with cycle-time-ext Test 3719: Replace gate base-time action Test d821: Delete gate action with valid index Test 3128: Delete gate action with invalid index Test 7837: List gate actions Test 9273: Flush gate actions Test c829: Add gate action with duplicate index Test 3043: Add gate action with invalid index Test 2930: Add gate action with cookie All test results: 1..12 ok 1 5153 - Add gate action with priority and sched-entry ok 2 7189 - Add gate action with base-time ok 3 a721 - Add gate action with cycle-time ok 4 c029 - Add gate action with cycle-time-ext ok 5 3719 - Replace gate base-time action ok 6 d821 - Delete gate action with valid index ok 7 3128 - Delete gate action with invalid index ok 8 7837 - List gate actions ok 9 9273 - Flush gate actions ok 10 c829 - Add gate action with duplicate index ok 11 3043 - Add gate action with invalid index ok 12 2930 - Add gate action with cookie ./tdc.py -c action xt considering category xt considering category action Test 2029: Add xt action with log-prefix Test 3562: Replace xt action log-prefix Test 8291: Delete xt action with valid index Test 5169: Delete xt action with invalid index Test 7284: List xt actions Test 5010: Flush xt actions Test 8437: Add xt action with duplicate index Test 2837: Add xt action with invalid index All test results: 1..8 ok 1 2029 - Add xt action with log-prefix ok 2 3562 - Replace xt action log-prefix ok 3 8291 - Delete xt action with valid index ok 4 5169 - Delete xt action with invalid index ok 5 7284 - List xt actions ok 6 5010 - Flush xt actions ok 7 8437 - Add xt action with duplicate index ok 8 2837 - Add xt action with invalid index ./tdc.py -c action connmark considering category action considering category connmark Test 2002: Add valid connmark action with defaults Test 56a5: Add valid connmark action with control pass Test 7c66: Add valid connmark action with control drop Test a913: Add valid connmark action with control pipe Test bdd8: Add valid connmark action with control reclassify Test b8be: Add valid connmark action with control continue Test d8a6: Add valid connmark action with control jump Test aae8: Add valid connmark action with zone argument Test 2f0b: Add valid connmark action with invalid zone argument Test 9305: Add connmark action with unsupported argument Test 71ca: Add valid connmark action and replace it Test 5f8f: Add valid connmark action with cookie Test c506: Replace connmark with invalid goto chain control Test 6571: Delete connmark action with valid index Test 3426: Delete connmark action with invalid index All test results: 1..15 ok 1 2002 - Add valid connmark action with defaults ok 2 56a5 - Add valid connmark action with control pass ok 3 7c66 - Add valid connmark action with control drop ok 4 a913 - Add valid connmark action with control pipe ok 5 bdd8 - Add valid connmark action with control reclassify ok 6 b8be - Add valid connmark action with control continue ok 7 d8a6 - Add valid connmark action with control jump ok 8 aae8 - Add valid connmark action with zone argument ok 9 2f0b - Add valid connmark action with invalid zone argument ok 10 9305 - Add connmark action with unsupported argument ok 11 71ca - Add valid connmark action and replace it ok 12 5f8f - Add valid connmark action with cookie ok 13 c506 - Replace connmark with invalid goto chain control ok 14 6571 - Delete connmark action with valid index ok 15 3426 - Delete connmark action with invalid index ./tdc.py -c action ife considering category action considering category ife Test 7682: Create valid ife encode action with mark and pass control Test ef47: Create valid ife encode action with mark and pipe control Test df43: Create valid ife encode action with mark and continue control Test e4cf: Create valid ife encode action with mark and drop control Test ccba: Create valid ife encode action with mark and reclassify control Test a1cf: Create valid ife encode action with mark and jump control Test cb3d: Create valid ife encode action with mark value at 32-bit maximum Test 1efb: Create ife encode action with mark value exceeding 32-bit maximum Test 95ed: Create valid ife encode action with prio and pass control Test aa17: Create valid ife encode action with prio and pipe control Test 74c7: Create valid ife encode action with prio and continue control Test 7a97: Create valid ife encode action with prio and drop control Test f66b: Create valid ife encode action with prio and reclassify control Test 3056: Create valid ife encode action with prio and jump control Test 7dd3: Create valid ife encode action with prio value at 32-bit maximum Test 2ca1: Create ife encode action with prio value exceeding 32-bit maximum Test 05bb: Create valid ife encode action with tcindex and pass control Test ce65: Create valid ife encode action with tcindex and pipe control Test 09cd: Create valid ife encode action with tcindex and continue control Test 8eb5: Create valid ife encode action with tcindex and continue control Test 451a: Create valid ife encode action with tcindex and drop control Test d76c: Create valid ife encode action with tcindex and reclassify control Test e731: Create valid ife encode action with tcindex and jump control Test b7b8: Create valid ife encode action with tcindex value at 16-bit maximum Test d0d8: Create ife encode action with tcindex value exceeding 16-bit maximum Test 2a9c: Create valid ife encode action with mac src parameter Test cf5c: Create valid ife encode action with mac dst parameter Test 2353: Create valid ife encode action with mac src and mac dst parameters Test 552c: Create valid ife encode action with mark and type parameters Test 0421: Create valid ife encode action with prio and type parameters Test 4017: Create valid ife encode action with tcindex and type parameters Test fac3: Create valid ife encode action with index at 32-bit maximum Test 7c25: Create valid ife decode action with pass control Test dccb: Create valid ife decode action with pipe control Test 7bb9: Create valid ife decode action with continue control Test d9ad: Create valid ife decode action with drop control Test 219f: Create valid ife decode action with reclassify control Test 8f44: Create valid ife decode action with jump control Test 56cf: Create ife encode action with index exceeding 32-bit maximum Test ee94: Create ife encode action with invalid control Test b330: Create ife encode action with cookie Test bbc0: Create ife encode action with invalid argument Test d54a: Create ife encode action with invalid type argument Test 7ee0: Create ife encode action with invalid mac src argument Test 0a7d: Create ife encode action with invalid mac dst argument Test a0e2: Replace ife encode action with invalid goto chain control Test a972: Delete ife encode action with valid index Test 1272: Delete ife encode action with invalid index All test results: 1..48 ok 1 7682 - Create valid ife encode action with mark and pass control ok 2 ef47 - Create valid ife encode action with mark and pipe control ok 3 df43 - Create valid ife encode action with mark and continue control ok 4 e4cf - Create valid ife encode action with mark and drop control ok 5 ccba - Create valid ife encode action with mark and reclassify control ok 6 a1cf - Create valid ife encode action with mark and jump control ok 7 cb3d - Create valid ife encode action with mark value at 32-bit maximum ok 8 1efb - Create ife encode action with mark value exceeding 32-bit maximum ok 9 95ed - Create valid ife encode action with prio and pass control ok 10 aa17 - Create valid ife encode action with prio and pipe control ok 11 74c7 - Create valid ife encode action with prio and continue control ok 12 7a97 - Create valid ife encode action with prio and drop control ok 13 f66b - Create valid ife encode action with prio and reclassify control ok 14 3056 - Create valid ife encode action with prio and jump control ok 15 7dd3 - Create valid ife encode action with prio value at 32-bit maximum ok 16 2ca1 - Create ife encode action with prio value exceeding 32-bit maximum ok 17 05bb - Create valid ife encode action with tcindex and pass control ok 18 ce65 - Create valid ife encode action with tcindex and pipe control ok 19 09cd - Create valid ife encode action with tcindex and continue control ok 20 8eb5 - Create valid ife encode action with tcindex and continue control ok 21 451a - Create valid ife encode action with tcindex and drop control ok 22 d76c - Create valid ife encode action with tcindex and reclassify control ok 23 e731 - Create valid ife encode action with tcindex and jump control ok 24 b7b8 - Create valid ife encode action with tcindex value at 16-bit maximum ok 25 d0d8 - Create ife encode action with tcindex value exceeding 16-bit maximum ok 26 2a9c - Create valid ife encode action with mac src parameter ok 27 cf5c - Create valid ife encode action with mac dst parameter ok 28 2353 - Create valid ife encode action with mac src and mac dst parameters ok 29 552c - Create valid ife encode action with mark and type parameters ok 30 0421 - Create valid ife encode action with prio and type parameters ok 31 4017 - Create valid ife encode action with tcindex and type parameters ok 32 fac3 - Create valid ife encode action with index at 32-bit maximum ok 33 7c25 - Create valid ife decode action with pass control ok 34 dccb - Create valid ife decode action with pipe control ok 35 7bb9 - Create valid ife decode action with continue control ok 36 d9ad - Create valid ife decode action with drop control ok 37 219f - Create valid ife decode action with reclassify control ok 38 8f44 - Create valid ife decode action with jump control ok 39 56cf - Create ife encode action with index exceeding 32-bit maximum ok 40 ee94 - Create ife encode action with invalid control ok 41 b330 - Create ife encode action with cookie ok 42 bbc0 - Create ife encode action with invalid argument ok 43 d54a - Create ife encode action with invalid type argument ok 44 7ee0 - Create ife encode action with invalid mac src argument ok 45 0a7d - Create ife encode action with invalid mac dst argument ok 46 a0e2 - Replace ife encode action with invalid goto chain control ok 47 a972 - Delete ife encode action with valid index ok 48 1272 - Delete ife encode action with invalid index ./tdc.py -c action nat considering category action considering category nat Test 7565: Add nat action on ingress with default control action Test fd79: Add nat action on ingress with pipe control action Test eab9: Add nat action on ingress with continue control action Test c53a: Add nat action on ingress with reclassify control action Test 76c9: Add nat action on ingress with jump control action Test 24c6: Add nat action on ingress with drop control action Test 2120: Add nat action on ingress with maximum index value Test 3e9d: Add nat action on ingress with invalid index value Test f6c9: Add nat action on ingress with invalid IP address Test be25: Add nat action on ingress with invalid argument Test a7bd: Add nat action on ingress with DEFAULT IP address Test ee1e: Add nat action on ingress with ANY IP address Test 1de8: Add nat action on ingress with ALL IP address Test 8dba: Add nat action on egress with default control action Test 19a7: Add nat action on egress with pipe control action Test f1d9: Add nat action on egress with continue control action Test 6d4a: Add nat action on egress with reclassify control action Test b313: Add nat action on egress with jump control action Test d9fc: Add nat action on egress with drop control action Test a895: Add nat action on egress with DEFAULT IP address Test 2572: Add nat action on egress with ANY IP address Test 37f3: Add nat action on egress with ALL IP address Test 6054: Add nat action on egress with cookie Test 79d6: Add nat action on ingress with cookie Test 4b12: Replace nat action with invalid goto chain control Test b811: Delete nat action with valid index Test a521: Delete nat action with invalid index All test results: 1..27 ok 1 7565 - Add nat action on ingress with default control action ok 2 fd79 - Add nat action on ingress with pipe control action ok 3 eab9 - Add nat action on ingress with continue control action ok 4 c53a - Add nat action on ingress with reclassify control action ok 5 76c9 - Add nat action on ingress with jump control action ok 6 24c6 - Add nat action on ingress with drop control action ok 7 2120 - Add nat action on ingress with maximum index value ok 8 3e9d - Add nat action on ingress with invalid index value ok 9 f6c9 - Add nat action on ingress with invalid IP address ok 10 be25 - Add nat action on ingress with invalid argument ok 11 a7bd - Add nat action on ingress with DEFAULT IP address ok 12 ee1e - Add nat action on ingress with ANY IP address ok 13 1de8 - Add nat action on ingress with ALL IP address ok 14 8dba - Add nat action on egress with default control action ok 15 19a7 - Add nat action on egress with pipe control action ok 16 f1d9 - Add nat action on egress with continue control action ok 17 6d4a - Add nat action on egress with reclassify control action ok 18 b313 - Add nat action on egress with jump control action ok 19 d9fc - Add nat action on egress with drop control action ok 20 a895 - Add nat action on egress with DEFAULT IP address ok 21 2572 - Add nat action on egress with ANY IP address ok 22 37f3 - Add nat action on egress with ALL IP address ok 23 6054 - Add nat action on egress with cookie ok 24 79d6 - Add nat action on ingress with cookie ok 25 4b12 - Replace nat action with invalid goto chain control ok 26 b811 - Delete nat action with valid index ok 27 a521 - Delete nat action with invalid index ./tdc.py -c action sample considering category action considering category sample Test 9784: Add valid sample action with mandatory arguments Test 5c91: Add valid sample action with mandatory arguments and continue control action Test 334b: Add valid sample action with mandatory arguments and drop control action Test da69: Add valid sample action with mandatory arguments and reclassify control action Test 13ce: Add valid sample action with mandatory arguments and pipe control action Test 1886: Add valid sample action with mandatory arguments and jump control action Test 7571: Add sample action with invalid rate Test b6d4: Add sample action with mandatory arguments and invalid control action Test a874: Add invalid sample action without mandatory arguments Test ac01: Add invalid sample action without mandatory argument rate Test 4203: Add invalid sample action without mandatory argument group Test 14a7: Add invalid sample action without mandatory argument group Test 8f2e: Add valid sample action with trunc argument Test 45f8: Add sample action with maximum rate argument Test ad0c: Add sample action with maximum trunc argument Test 83a9: Add sample action with maximum group argument Test ed27: Add sample action with invalid rate argument Test 2eae: Add sample action with invalid group argument Test 6ff3: Add sample action with invalid trunc size Test 2b2a: Add sample action with invalid index Test dee2: Add sample action with maximum allowed index Test 560e: Add sample action with cookie Test 704a: Replace existing sample action with new rate argument Test 60eb: Replace existing sample action with new group argument Test 2cce: Replace existing sample action with new trunc argument Test 59d1: Replace existing sample action with new control argument Test 0a6e: Replace sample action with invalid goto chain control Test 3872: Delete sample action with valid index Test a394: Delete sample action with invalid index All test results: 1..29 ok 1 9784 - Add valid sample action with mandatory arguments ok 2 5c91 - Add valid sample action with mandatory arguments and continue control action ok 3 334b - Add valid sample action with mandatory arguments and drop control action ok 4 da69 - Add valid sample action with mandatory arguments and reclassify control action ok 5 13ce - Add valid sample action with mandatory arguments and pipe control action ok 6 1886 - Add valid sample action with mandatory arguments and jump control action ok 7 7571 - Add sample action with invalid rate ok 8 b6d4 - Add sample action with mandatory arguments and invalid control action ok 9 a874 - Add invalid sample action without mandatory arguments ok 10 ac01 - Add invalid sample action without mandatory argument rate ok 11 4203 - Add invalid sample action without mandatory argument group ok 12 14a7 - Add invalid sample action without mandatory argument group ok 13 8f2e - Add valid sample action with trunc argument ok 14 45f8 - Add sample action with maximum rate argument ok 15 ad0c - Add sample action with maximum trunc argument ok 16 83a9 - Add sample action with maximum group argument ok 17 ed27 - Add sample action with invalid rate argument ok 18 2eae - Add sample action with invalid group argument ok 19 6ff3 - Add sample action with invalid trunc size ok 20 2b2a - Add sample action with invalid index ok 21 dee2 - Add sample action with maximum allowed index ok 22 560e - Add sample action with cookie ok 23 704a - Replace existing sample action with new rate argument ok 24 60eb - Replace existing sample action with new group argument ok 25 2cce - Replace existing sample action with new trunc argument ok 26 59d1 - Replace existing sample action with new control argument ok 27 0a6e - Replace sample action with invalid goto chain control ok 28 3872 - Delete sample action with valid index ok 29 a394 - Delete sample action with invalid index ./tdc.py -c action tunnel_key considering category tunnel_key considering category action Test 2b11: Add tunnel_key set action with mandatory parameters Test dc6b: Add tunnel_key set action with missing mandatory src_ip parameter Test 7f25: Add tunnel_key set action with missing mandatory dst_ip parameter Test a5e0: Add tunnel_key set action with invalid src_ip parameter Test eaa8: Add tunnel_key set action with invalid dst_ip parameter Test 3b09: Add tunnel_key set action with invalid id parameter Test 9625: Add tunnel_key set action with invalid dst_port parameter Test 05af: Add tunnel_key set action with optional dst_port parameter Test da80: Add tunnel_key set action with index at 32-bit maximum Test d407: Add tunnel_key set action with index exceeding 32-bit maximum Test 5cba: Add tunnel_key set action with id value at 32-bit maximum Test e84a: Add tunnel_key set action with id value exceeding 32-bit maximum Test 9c19: Add tunnel_key set action with dst_port value at 16-bit maximum Test 3bd9: Add tunnel_key set action with dst_port value exceeding 16-bit maximum Test 68e2: Add tunnel_key unset action Test 6192: Add tunnel_key unset continue action Test 061d: Add tunnel_key set continue action with cookie Test 8acb: Add tunnel_key set continue action with invalid cookie Test a07e: Add tunnel_key action with no set/unset command specified Test b227: Add tunnel_key action with csum option Test 58a7: Add tunnel_key action with nocsum option Test 2575: Add tunnel_key action with not-supported parameter Test 7a88: Add tunnel_key action with cookie parameter Test 4f20: Add tunnel_key action with a single geneve option parameter Test e33d: Add tunnel_key action with multiple geneve options parameter Test 0778: Add tunnel_key action with invalid class geneve option parameter Test 4ae8: Add tunnel_key action with invalid type geneve option parameter Test 4039: Add tunnel_key action with short data length geneve option parameter Test 26a6: Add tunnel_key action with non-multiple of 4 data length geneve option parameter Test f44d: Add tunnel_key action with incomplete geneve options parameter Test 7afc: Replace tunnel_key set action with all parameters Test 364d: Replace tunnel_key set action with all parameters and cookie Test 937c: Fetch all existing tunnel_key actions Test 6783: Flush all existing tunnel_key actions Test 8242: Replace tunnel_key set action with invalid goto chain Test 0cd2: Add tunnel_key set action with no_percpu flag Test 3671: Delete tunnel_key set action with valid index Test 8597: Delete tunnel_key set action with invalid index All test results: 1..38 ok 1 2b11 - Add tunnel_key set action with mandatory parameters ok 2 dc6b - Add tunnel_key set action with missing mandatory src_ip parameter ok 3 7f25 - Add tunnel_key set action with missing mandatory dst_ip parameter ok 4 a5e0 - Add tunnel_key set action with invalid src_ip parameter ok 5 eaa8 - Add tunnel_key set action with invalid dst_ip parameter ok 6 3b09 - Add tunnel_key set action with invalid id parameter ok 7 9625 - Add tunnel_key set action with invalid dst_port parameter ok 8 05af - Add tunnel_key set action with optional dst_port parameter ok 9 da80 - Add tunnel_key set action with index at 32-bit maximum ok 10 d407 - Add tunnel_key set action with index exceeding 32-bit maximum ok 11 5cba - Add tunnel_key set action with id value at 32-bit maximum ok 12 e84a - Add tunnel_key set action with id value exceeding 32-bit maximum ok 13 9c19 - Add tunnel_key set action with dst_port value at 16-bit maximum ok 14 3bd9 - Add tunnel_key set action with dst_port value exceeding 16-bit maximum ok 15 68e2 - Add tunnel_key unset action ok 16 6192 - Add tunnel_key unset continue action ok 17 061d - Add tunnel_key set continue action with cookie ok 18 8acb - Add tunnel_key set continue action with invalid cookie ok 19 a07e - Add tunnel_key action with no set/unset command specified ok 20 b227 - Add tunnel_key action with csum option ok 21 58a7 - Add tunnel_key action with nocsum option ok 22 2575 - Add tunnel_key action with not-supported parameter ok 23 7a88 - Add tunnel_key action with cookie parameter ok 24 4f20 - Add tunnel_key action with a single geneve option parameter ok 25 e33d - Add tunnel_key action with multiple geneve options parameter ok 26 0778 - Add tunnel_key action with invalid class geneve option parameter ok 27 4ae8 - Add tunnel_key action with invalid type geneve option parameter ok 28 4039 - Add tunnel_key action with short data length geneve option parameter ok 29 26a6 - Add tunnel_key action with non-multiple of 4 data length geneve option parameter ok 30 f44d - Add tunnel_key action with incomplete geneve options parameter ok 31 7afc - Replace tunnel_key set action with all parameters ok 32 364d - Replace tunnel_key set action with all parameters and cookie ok 33 937c - Fetch all existing tunnel_key actions ok 34 6783 - Flush all existing tunnel_key actions ok 35 8242 - Replace tunnel_key set action with invalid goto chain ok 36 0cd2 - Add tunnel_key set action with no_percpu flag ok 37 3671 - Delete tunnel_key set action with valid index ok 38 8597 - Delete tunnel_key set action with invalid index Zhengchao Shao (8): selftests/tc-testings: add selftests for ctinfo action selftests/tc-testings: add selftests for gate action selftests/tc-testings: add selftests for xt action selftests/tc-testings: add connmark action deleting test case selftests/tc-testings: add ife action deleting test case selftests/tc-testings: add nat action deleting test case selftests/tc-testings: add sample action deleting test case selftests/tc-testings: add tunnel_key action deleting test case .../tc-testing/tc-tests/actions/connmark.json | 50 +++ .../tc-testing/tc-tests/actions/ctinfo.json | 316 ++++++++++++++++++ .../tc-testing/tc-tests/actions/gate.json | 315 +++++++++++++++++ .../tc-testing/tc-tests/actions/ife.json | 50 +++ .../tc-testing/tc-tests/actions/nat.json | 50 +++ .../tc-testing/tc-tests/actions/sample.json | 50 +++ .../tc-tests/actions/tunnel_key.json | 50 +++ .../tc-testing/tc-tests/actions/xt.json | 219 ++++++++++++ 8 files changed, 1100 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/actions/ctinfo.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/actions/gate.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/actions/xt.json -- 2.17.1

2 years, 7 months

4
11
0 0

[PATCH v13 0/3] Add TDX Guest Attestation support

by Kuppuswamy Sathyanarayanan

Hi All, Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious hosts and some physical attacks. VM guest with TDX support is called as a TDX Guest. In TDX guest, attestation process is used to verify the TDX guest trustworthiness to other entities before provisioning secrets to the guest. For example, a key server may request for attestation before releasing the encryption keys to mount the encrypted rootfs or secondary drive. This patch set adds attestation support for the TDX guest. Details about the TDX attestation process and the steps involved are explained in the commit log of Patch 1/3 or in Documentation/x86/tdx.rst (added by patch 3/3). Following are the details of the patch set: Patch 1/3 -> Adds TDREPORT support. Patch 2/3 -> Adds selftest support for TDREPORT feature. Patch 3/3 -> Add attestation related documentation. Commit log history is maintained in the individual patches. Kuppuswamy Sathyanarayanan (3): x86/tdx: Add TDX Guest attestation interface driver selftests: tdx: Test TDX attestation GetReport support Documentation/x86: Document TDX attestation process Documentation/x86/tdx.rst | 75 +++++++++ arch/x86/coco/tdx/tdx.c | 115 +++++++++++++ arch/x86/include/uapi/asm/tdx.h | 56 +++++++ tools/arch/x86/include/uapi/asm/tdx.h | 56 +++++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/tdx/Makefile | 11 ++ tools/testing/selftests/tdx/config | 1 + tools/testing/selftests/tdx/tdx_attest_test.c | 157 ++++++++++++++++++ 8 files changed, 472 insertions(+) create mode 100644 arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/testing/selftests/tdx/Makefile create mode 100644 tools/testing/selftests/tdx/config create mode 100644 tools/testing/selftests/tdx/tdx_attest_test.c -- 2.34.1

2 years, 7 months

7
37
0 0

[PATCH net-next,v3 0/9] refactor duplicate codes in the tc cls walk function

by Zhengchao Shao

The walk implementation of most tc cls modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. Then use helper function to replace the code of each cls module in alphabetical order. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Last, thanks to Jamal and Victor for their review. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -e 0811 ok 1 0811 - Add multiple basic filter with cmp ematch u8/link layer and default action and dump them ./tdc.py -e 5129 ok 1 5129 - List basic filters ./tdc.py -c bpf-filter ok 1 23c3 - Add cBPF filter with valid bytecode ok 2 1563 - Add cBPF filter with invalid bytecode ok 3 2334 - Add eBPF filter with valid object-file ok 4 2373 - Add eBPF filter with invalid object-file ok 5 4423 - Replace cBPF bytecode ok 6 5122 - Delete cBPF filter ok 7 e0a9 - List cBPF filters ./tdc.py -c cgroup ok 1 6273 - Add cgroup filter with cmp ematch u8/link layer and drop action ok 2 4721 - Add cgroup filter with cmp ematch u8/link layer with trans flag and pass action ok 3 d392 - Add cgroup filter with cmp ematch u16/link layer and pipe action ok 4 0234 - Add cgroup filter with cmp ematch u32/link layer and miltiple actions ok 5 8499 - Add cgroup filter with cmp ematch u8/network layer and pass action ok 6 b273 - Add cgroup filter with cmp ematch u8/network layer with trans flag and drop action ok 7 1934 - Add cgroup filter with cmp ematch u16/network layer and pipe action ok 8 2733 - Add cgroup filter with cmp ematch u32/network layer and miltiple actions ok 9 3271 - Add cgroup filter with NOT cmp ematch rule and pass action ok 10 2362 - Add cgroup filter with two ANDed cmp ematch rules and single action ok 11 9993 - Add cgroup filter with two ORed cmp ematch rules and single action ok 12 2331 - Add cgroup filter with two ANDed cmp ematch rules and one ORed ematch rule and single action ok 13 3645 - Add cgroup filter with two ANDed cmp ematch rules and one NOT ORed ematch rule and single action ok 14 b124 - Add cgroup filter with u32 ematch u8/zero offset and drop action ok 15 7381 - Add cgroup filter with u32 ematch u8/zero offset and invalid value >0xFF ok 16 2231 - Add cgroup filter with u32 ematch u8/positive offset and drop action ok 17 1882 - Add cgroup filter with u32 ematch u8/invalid mask >0xFF ok 18 1237 - Add cgroup filter with u32 ematch u8/missing offset ok 19 3812 - Add cgroup filter with u32 ematch u8/missing AT keyword ok 20 1112 - Add cgroup filter with u32 ematch u8/missing value ok 21 3241 - Add cgroup filter with u32 ematch u8/non-numeric value ok 22 e231 - Add cgroup filter with u32 ematch u8/non-numeric mask ok 23 4652 - Add cgroup filter with u32 ematch u8/negative offset and pass action ok 24 1331 - Add cgroup filter with u32 ematch u16/zero offset and pipe action ok 25 e354 - Add cgroup filter with u32 ematch u16/zero offset and invalid value >0xFFFF ok 26 3538 - Add cgroup filter with u32 ematch u16/positive offset and drop action ok 27 4576 - Add cgroup filter with u32 ematch u16/invalid mask >0xFFFF ok 28 b842 - Add cgroup filter with u32 ematch u16/missing offset ok 29 c924 - Add cgroup filter with u32 ematch u16/missing AT keyword ok 30 cc93 - Add cgroup filter with u32 ematch u16/missing value ok 31 123c - Add cgroup filter with u32 ematch u16/non-numeric value ok 32 3675 - Add cgroup filter with u32 ematch u16/non-numeric mask ok 33 1123 - Add cgroup filter with u32 ematch u16/negative offset and drop action ok 34 4234 - Add cgroup filter with u32 ematch u16/nexthdr+ offset and pass action ok 35 e912 - Add cgroup filter with u32 ematch u32/zero offset and pipe action ok 36 1435 - Add cgroup filter with u32 ematch u32/positive offset and drop action ok 37 1282 - Add cgroup filter with u32 ematch u32/missing offset ok 38 6456 - Add cgroup filter with u32 ematch u32/missing AT keyword ok 39 4231 - Add cgroup filter with u32 ematch u32/missing value ok 40 2131 - Add cgroup filter with u32 ematch u32/non-numeric value ok 41 f125 - Add cgroup filter with u32 ematch u32/non-numeric mask ok 42 4316 - Add cgroup filter with u32 ematch u32/negative offset and drop action ok 43 23ae - Add cgroup filter with u32 ematch u32/nexthdr+ offset and pipe action ok 44 23a1 - Add cgroup filter with canid ematch and single SFF ok 45 324f - Add cgroup filter with canid ematch and single SFF with mask ok 46 2576 - Add cgroup filter with canid ematch and multiple SFF ok 47 4839 - Add cgroup filter with canid ematch and multiple SFF with masks ok 48 6713 - Add cgroup filter with canid ematch and single EFF ok 49 4572 - Add cgroup filter with canid ematch and single EFF with mask ok 50 8031 - Add cgroup filter with canid ematch and multiple EFF ok 51 ab9d - Add cgroup filter with canid ematch and multiple EFF with masks ok 52 5349 - Add cgroup filter with canid ematch and a combination of SFF/EFF ok 53 c934 - Add cgroup filter with canid ematch and a combination of SFF/EFF with masks ok 54 4319 - Replace cgroup filter with diffferent match ok 55 4636 - Detele cgroup filter ./tdc.py -c flow ok 1 5294 - Add flow filter with map key and ops ok 2 3514 - Add flow filter with map key or ops ok 3 7534 - Add flow filter with map key xor ops ok 4 4524 - Add flow filter with map key rshift ops ok 5 0230 - Add flow filter with map key addend ops ok 6 2344 - Add flow filter with src map key ok 7 9304 - Add flow filter with proto map key ok 8 9038 - Add flow filter with proto-src map key ok 9 2a03 - Add flow filter with proto-dst map key ok 10 a073 - Add flow filter with iif map key ok 11 3b20 - Add flow filter with priority map key ok 12 8945 - Add flow filter with mark map key ok 13 c034 - Add flow filter with nfct map key ok 14 0205 - Add flow filter with nfct-src map key ok 15 5315 - Add flow filter with nfct-src map key ok 16 7849 - Add flow filter with nfct-proto-src map key ok 17 9902 - Add flow filter with nfct-proto-dst map key ok 18 6742 - Add flow filter with rt-classid map key ok 19 5432 - Add flow filter with sk-uid map key ok 20 4234 - Add flow filter with sk-gid map key ok 21 4522 - Add flow filter with vlan-tag map key ok 22 4253 - Add flow filter with rxhash map key ok 23 4452 - Add flow filter with hash key list ok 24 4341 - Add flow filter with muliple ops ok 25 4392 - List flow filters ok 26 4322 - Change flow filter with map key num ok 27 2320 - Replace flow filter with map key num ok 28 3213 - Delete flow filter with map key num ./tdc.py -c route ok 1 e122 - Add route filter with from and to tag ok 2 6573 - Add route filter with fromif and to tag ok 3 1362 - Add route filter with to flag and reclassify action ok 4 4720 - Add route filter with from flag and continue actions ok 5 2812 - Add route filter with form tag and pipe action ok 6 7994 - Add route filter with miltiple actions ok 7 4312 - List route filters ok 8 2634 - Delete route filter with pipe action ./tdc.py -c rsvp ok 1 2141 - Add rsvp filter with tcp proto and specific IP address ok 2 5267 - Add rsvp filter with udp proto and specific IP address ok 3 2819 - Add rsvp filter with src ip and src port ok 4 c967 - Add rsvp filter with tunnelid and continue action ok 5 5463 - Add rsvp filter with tunnel and pipe action ok 6 2332 - Add rsvp filter with miltiple actions ok 7 8879 - Add rsvp filter with tunnel and skp flag ok 8 8261 - List rsvp filters ok 9 8989 - Delete rsvp filter ./tdc.py -c tcindex ok 1 8293 - Add tcindex filter with default action ok 2 7281 - Add tcindex filter with hash size and pass action ok 3 b294 - Add tcindex filter with mask shift and reclassify action ok 4 0532 - Add tcindex filter with pass_on and continue actions ok 5 d473 - Add tcindex filter with pipe action ok 6 2940 - Add tcindex filter with miltiple actions ok 7 1893 - List tcindex filters ok 8 2041 - Change tcindex filter with pass action ok 9 9203 - Replace tcindex filter with pass action ok 10 7957 - Delete tcindex filter with drop action --- v3: Modify the test case format alignment v2: rectify spelling error; The category name bpf in filters file is renamed to bpf-filter --- Zhengchao Shao (9): net/sched: cls_api: add helper for tc cls walker stats updating net/sched: use tc_cls_stats_update() in filter selftests/tc-testings: add selftests for bpf filter selftests/tc-testings: add selftests for cgroup filter selftests/tc-testings: add selftests for flow filter selftests/tc-testings: add selftests for route filter selftests/tc-testings: add selftests for rsvp filter selftests/tc-testings: add selftests for tcindex filter selftests/tc-testings: add list case for basic filter include/net/pkt_cls.h | 13 + net/sched/cls_basic.c | 9 +- net/sched/cls_bpf.c | 8 +- net/sched/cls_flow.c | 8 +- net/sched/cls_fw.c | 9 +- net/sched/cls_route.c | 9 +- net/sched/cls_rsvp.h | 9 +- net/sched/cls_tcindex.c | 18 +- net/sched/cls_u32.c | 20 +- .../tc-testing/tc-tests/filters/basic.json | 47 + .../tc-testing/tc-tests/filters/bpf.json | 171 +++ .../tc-testing/tc-tests/filters/cgroup.json | 1236 +++++++++++++++++ .../tc-testing/tc-tests/filters/flow.json | 623 +++++++++ .../tc-testing/tc-tests/filters/route.json | 181 +++ .../tc-testing/tc-tests/filters/rsvp.json | 203 +++ .../tc-testing/tc-tests/filters/tcindex.json | 227 +++ 16 files changed, 2716 insertions(+), 75 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/bpf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/cgroup.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/flow.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/route.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/rsvp.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json -- 2.17.1

2 years, 7 months

4
14
0 0

[PATCH net-next 0/5] mptcp: allow privileged operations from user ns & cleanup

by Matthieu Baerts

This series allows privileged Netlink operations from user namespaces. When a non-root user configures MPTCP endpoints, the memory allocation is now accounted to this user. See patches 4 and 5. Apart from that, there are some cleanup: - Patch 1 adds a macro to improve code readability - Patch 2 regroups similar checks all together - Patch 3 uses an explicit boolean instead of a counter to do one more check Geliang Tang (2): selftests: mptcp: move prefix tests of addr_nr_ns2 together mptcp: add do_check_data_fin to replace copied Matthieu Baerts (1): mptcp: add mptcp_for_each_subflow_safe helper Thomas Haller (2): mptcp: allow privileged operations from user namespaces mptcp: account memory allocation in mptcp_nl_cmd_add_addr() to user net/mptcp/pm_netlink.c | 22 +++++++++---------- net/mptcp/protocol.c | 13 ++++++----- net/mptcp/protocol.h | 2 ++ .../testing/selftests/net/mptcp/mptcp_join.sh | 10 ++++----- 4 files changed, 24 insertions(+), 23 deletions(-) base-commit: 03fdb11da92fde0bdc0b6e9c1c642b7414d49e8d -- 2.37.2

2 years, 7 months

2
2
0 0

Re: [PATCH -next 4/5] selftests/memory-hotplug: Restore memory before exit

by zhaogongyi

Hi, Thanks for your review, I have submit the patches in a new version as your suggestion. Best Wishes, Gongyi > > On 09.09.22 09:51, Zhao Gongyi wrote: > > Some momory will be left in offline state when calling > > offline_memory_expect_fail() failed. Restore it before exit. > > > > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com> > > --- > > .../memory-hotplug/mem-on-off-test.sh | 24 > +++++++++++++------ > > 1 file changed, 17 insertions(+), 7 deletions(-) > > > > diff --git a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > index 3bdf3c4d6d06..259fd8978639 100755 > > --- a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > +++ b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > @@ -134,6 +134,17 @@ offline_memory_expect_fail() > > return 0 > > } > > > > +online_all_hot_pluggable_memory() > > +{ > > + > > + for memory in `hotpluggable_offline_memory`; do > > + online_memory_expect_success $memory || { > > + echo "online memory $memory: unexpected fail" > > + retval=1 > > + } > > + done > > +} > > Maybe call it > > "online_all_offline_memory()" > > instead? > > Note that "removable" as used in hotpluggable_memory() will nowadays > always return "1" if the kernel supports memory hotunplug, independent > of the specific memory block. > > -- > Thanks, > > David / dhildenb

2 years, 7 months

1
0
0 0

Re: Wycena paneli fotowoltaicznych

by Raj Rajasekar

Dear Is the below mail from you? ----- Dzień dobry, dostrzegam możliwość współpracy z Państwa firmą. Świadczymy kompleksową obsługę inwestycji w fotowoltaikę, która obniża koszty energii elektrycznej nawet o 90%. Czy są Państwo zainteresowani weryfikacją wstępnych propozycji? Pozdrawiam, Norbert Karecki ---- Raj Manager - Engineering and Projects [cid:image001.png@01D8C8E0.52373950] Jebel Ali Industrial Area 3, P.O.Box 51328, Dubai, UAE. Ph: +9714-8997900 Fax: +9714-8841589 Mob: +971-56-3656857 www.tristar-group.co<http://www.tristar-group.co/> This email and any attachments may contain confidential information. If you have received them in error, please delete them and contact Tristar. If the content of this e-mail does not relate to Tristar's business, Tristar does not endorse it. You should check attachments for virus before opening. Tristar Transport is a limited liability company incorporated in the UAE.

2 years, 7 months

1
0
0 0

[PATCH net-next 0/9] refactor duplicate codes in the tc cls walk function

by Zhengchao Shao

The walk implementation of most tc cls modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. Then use helper function to replace the code of each cls module in alphabetical order. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -e 0811 ok 1 0811 - Add multiple basic filter with cmp ematch u8/link layer and default action and dump them ./tdc.py -e 5129 ok 1 5129 - List basic filters ./tdc.py -c filters bpf ok 13 23c3 - Add cBPF filter with valid bytecode ok 14 1563 - Add cBPF filter with invalid bytecode ok 15 2334 - Add eBPF filter with valid object-file ok 16 2373 - Add eBPF filter with invalid object-file ok 17 4423 - Replace cBPF bytecode ok 18 5122 - Delete cBPF filter ok 19 e0a9 - List cBPF filters ./tdc.py -c filters cgroup ok 1 6273 - Add cgroup filter with cmp ematch u8/link layer and drop action ok 2 4721 - Add cgroup filter with cmp ematch u8/link layer with trans flag and pass action ok 3 d392 - Add cgroup filter with cmp ematch u16/link layer and pipe action ok 4 0234 - Add cgroup filter with cmp ematch u32/link layer and miltiple actions ok 5 8499 - Add cgroup filter with cmp ematch u8/network layer and pass action ok 6 b273 - Add cgroup filter with cmp ematch u8/network layer with trans flag and drop action ok 7 1934 - Add cgroup filter with cmp ematch u16/network layer and pipe action ok 8 2733 - Add cgroup filter with cmp ematch u32/network layer and miltiple actions ok 9 3271 - Add cgroup filter with NOT cmp ematch rule and pass action ok 10 2362 - Add cgroup filter with two ANDed cmp ematch rules and single action ok 11 9993 - Add cgroup filter with two ORed cmp ematch rules and single action ok 12 2331 - Add cgroup filter with two ANDed cmp ematch rules and one ORed ematch rule and single action ok 13 3645 - Add cgroup filter with two ANDed cmp ematch rules and one NOT ORed ematch rule and single action ok 14 b124 - Add cgroup filter with u32 ematch u8/zero offset and drop action ok 15 7381 - Add cgroup filter with u32 ematch u8/zero offset and invalid value >0xFF ok 16 2231 - Add cgroup filter with u32 ematch u8/positive offset and drop action ok 17 1882 - Add cgroup filter with u32 ematch u8/invalid mask >0xFF ok 18 1237 - Add cgroup filter with u32 ematch u8/missing offset ok 19 3812 - Add cgroup filter with u32 ematch u8/missing AT keyword ok 20 1112 - Add cgroup filter with u32 ematch u8/missing value ok 21 3241 - Add cgroup filter with u32 ematch u8/non-numeric value ok 22 e231 - Add cgroup filter with u32 ematch u8/non-numeric mask ok 23 4652 - Add cgroup filter with u32 ematch u8/negative offset and pass action ok 24 1331 - Add cgroup filter with u32 ematch u16/zero offset and pipe action ok 25 e354 - Add cgroup filter with u32 ematch u16/zero offset and invalid value >0xFFFF ok 26 3538 - Add cgroup filter with u32 ematch u16/positive offset and drop action ok 27 4576 - Add cgroup filter with u32 ematch u16/invalid mask >0xFFFF ok 28 b842 - Add cgroup filter with u32 ematch u16/missing offset ok 29 c924 - Add cgroup filter with u32 ematch u16/missing AT keyword ok 30 cc93 - Add cgroup filter with u32 ematch u16/missing value ok 31 123c - Add cgroup filter with u32 ematch u16/non-numeric value ok 32 3675 - Add cgroup filter with u32 ematch u16/non-numeric mask ok 33 1123 - Add cgroup filter with u32 ematch u16/negative offset and drop action ok 34 4234 - Add cgroup filter with u32 ematch u16/nexthdr+ offset and pass action ok 35 e912 - Add cgroup filter with u32 ematch u32/zero offset and pipe action ok 36 1435 - Add cgroup filter with u32 ematch u32/positive offset and drop action ok 37 1282 - Add cgroup filter with u32 ematch u32/missing offset ok 38 6456 - Add cgroup filter with u32 ematch u32/missing AT keyword ok 39 4231 - Add cgroup filter with u32 ematch u32/missing value ok 40 2131 - Add cgroup filter with u32 ematch u32/non-numeric value ok 41 f125 - Add cgroup filter with u32 ematch u32/non-numeric mask ok 42 4316 - Add cgroup filter with u32 ematch u32/negative offset and drop action ok 43 23ae - Add cgroup filter with u32 ematch u32/nexthdr+ offset and pipe action ok 44 23a1 - Add cgroup filter with canid ematch and single SFF ok 45 324f - Add cgroup filter with canid ematch and single SFF with mask ok 46 2576 - Add cgroup filter with canid ematch and multiple SFF ok 47 4839 - Add cgroup filter with canid ematch and multiple SFF with masks ok 48 6713 - Add cgroup filter with canid ematch and single EFF ok 49 4572 - Add cgroup filter with canid ematch and single EFF with mask ok 50 8031 - Add cgroup filter with canid ematch and multiple EFF ok 51 ab9d - Add cgroup filter with canid ematch and multiple EFF with masks ok 52 5349 - Add cgroup filter with canid ematch and a combination of SFF/EFF ok 53 c934 - Add cgroup filter with canid ematch and a combination of SFF/EFF with masks ok 54 4319 - Replace cgroup filter with diffferent match ok 55 4636 - Detele cgroup filter ./tdc.py -c filters flow ok 1 5294 - Add flow filter with map key and ops ok 2 3514 - Add flow filter with map key or ops ok 3 7534 - Add flow filter with map key xor ops ok 4 4524 - Add flow filter with map key rshift ops ok 5 0230 - Add flow filter with map key addend ops ok 6 2344 - Add flow filter with src map key ok 7 9304 - Add flow filter with proto map key ok 8 9038 - Add flow filter with proto-src map key ok 9 2a03 - Add flow filter with proto-dst map key ok 10 a073 - Add flow filter with iif map key ok 11 3b20 - Add flow filter with priority map key ok 12 8945 - Add flow filter with mark map key ok 13 c034 - Add flow filter with nfct map key ok 14 0205 - Add flow filter with nfct-src map key ok 15 5315 - Add flow filter with nfct-src map key ok 16 7849 - Add flow filter with nfct-proto-src map key ok 17 9902 - Add flow filter with nfct-proto-dst map key ok 18 6742 - Add flow filter with rt-classid map key ok 19 5432 - Add flow filter with sk-uid map key ok 20 4234 - Add flow filter with sk-gid map key ok 21 4522 - Add flow filter with vlan-tag map key ok 22 4253 - Add flow filter with rxhash map key ok 23 4452 - Add flow filter with hash key list ok 24 4341 - Add flow filter with muliple ops ok 25 4322 - List flow filters ok 26 2320 - Replace flow filter with map key num ok 27 3213 - Delete flow filter with map key num ./tdc.py -c filters route ok 1 e122 - Add route filter with from and to tag ok 2 6573 - Add route filter with fromif and to tag ok 3 1362 - Add route filter with to flag and reclassify action ok 4 4720 - Add route filter with from flag and continue actions ok 5 2812 - Add route filter with form tag and pipe action ok 6 7994 - Add route filter with miltiple actions ok 7 4312 - List route filters ok 8 2634 - Delete route filters with pipe action ./tdc.py -c filters rsvp ok 1 2141 - Add rsvp filter with tcp proto and specific IP address ok 2 5267 - Add rsvp filter with udp proto and specific IP address ok 3 2819 - Add rsvp filter with src ip and src port ok 4 c967 - Add rsvp filter with tunnelid and continue action ok 5 5463 - Add rsvp filter with tunnel and pipe action ok 6 2332 - Add rsvp filter with miltiple actions ok 7 8879 - Add rsvp filter with tunnel and skp flag ok 8 8261 - List rsvp filters ok 9 8989 - Delete rsvp filters ./tdc.py -c filters tcindex ok 1 8293 - Add tcindex filter with default action ok 2 7281 - Add tcindex filter with hash size and pass action ok 3 b294 - Add tcindex filter with mask shift and reclassify action ok 4 0532 - Add tcindex filter with pass_on and continue actions ok 5 d473 - Add tcindex filter with pipe action ok 6 2940 - Add tcindex filter with miltiple actions ok 7 1893 - List tcindex filters ok 8 2041 - Change tcindex filters with pass action ok 9 9203 - Replace tcindex filters with pass action ok 10 7957 - Delete tcindex filters with drop action Zhengchao Shao (9): net/sched: cls_api: add helper for tc cls walker stats updating net/sched: use tc_cls_stats_update() in filter selftests/tc-testings: add selftests for bpf filter selftests/tc-testings: add selftests for cgroup filter selftests/tc-testings: add selftests for flow filter selftests/tc-testings: add selftests for route filter selftests/tc-testings: add selftests for rsvp filter selftests/tc-testings: add selftests for tcindex filter selftests/tc-testings: add list case for basic filter include/net/pkt_cls.h | 13 + net/sched/cls_basic.c | 9 +- net/sched/cls_bpf.c | 8 +- net/sched/cls_flow.c | 8 +- net/sched/cls_fw.c | 9 +- net/sched/cls_route.c | 9 +- net/sched/cls_rsvp.h | 9 +- net/sched/cls_tcindex.c | 18 +- net/sched/cls_u32.c | 20 +- .../tc-testing/tc-tests/filters/basic.json | 47 + .../tc-testing/tc-tests/filters/bpf.json | 171 +++ .../tc-testing/tc-tests/filters/cgroup.json | 1236 +++++++++++++++++ .../tc-testing/tc-tests/filters/flow.json | 623 +++++++++ .../tc-testing/tc-tests/filters/route.json | 181 +++ .../tc-testing/tc-tests/filters/rsvp.json | 203 +++ .../tc-testing/tc-tests/filters/tcindex.json | 227 +++ 16 files changed, 2716 insertions(+), 75 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/bpf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/cgroup.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/flow.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/route.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/rsvp.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json -- 2.17.1

2 years, 7 months

4
14
0 0

[V1 PATCH 0/5] Execute hypercalls from guests according to cpu type

by Vishal Annapurve

This series is posted in context of the discussion at: https://lore.kernel.org/lkml/Ywa9T+jKUpaHLu%2Fl@google.com/ Major changes: 1) Move common startup logic to a single common main function in kvm_util.c 2) Introduce following APIs: kvm_arch_main: to perform arch specific common startup. kvm_post_vm_load: to update the guest memory state to convey common information to guests. 3) For x86, capture cpu type at startup and pass on the cpu type to guest after guest elf is loaded. 4) Execute hypercall instruction from within guest VMs according to the cpu type. This will help prevent an extra kvm exit during hypercall execution. Vishal Annapurve (5): selftests: kvm: move common startup logic to kvm_util.c selftests: kvm: Introduce kvm_arch_main and helpers selftests: kvm: x86: Execute vmcall/vmmcall according to CPU type selftests: kvm: delete svm_vmcall_test selftests: kvm: Execute vmcall/vmmcall as per cpu type tools/testing/selftests/kvm/.gitignore | 1 - .../selftests/kvm/aarch64/arch_timer.c | 5 +- .../selftests/kvm/aarch64/debug-exceptions.c | 2 +- .../selftests/kvm/aarch64/get-reg-list.c | 2 +- .../selftests/kvm/aarch64/hypercalls.c | 4 +- .../testing/selftests/kvm/aarch64/psci_test.c | 2 +- .../selftests/kvm/aarch64/vcpu_width_config.c | 2 +- .../testing/selftests/kvm/aarch64/vgic_init.c | 2 +- .../testing/selftests/kvm/aarch64/vgic_irq.c | 5 +- .../selftests/kvm/access_tracking_perf_test.c | 4 +- .../selftests/kvm/demand_paging_test.c | 7 +- .../selftests/kvm/dirty_log_perf_test.c | 4 +- tools/testing/selftests/kvm/dirty_log_test.c | 4 +- .../selftests/kvm/hardware_disable_test.c | 2 +- .../selftests/kvm/include/kvm_util_base.h | 15 ++++ .../selftests/kvm/include/x86_64/processor.h | 10 +++ .../selftests/kvm/include/x86_64/vmx.h | 9 --- .../selftests/kvm/kvm_binary_stats_test.c | 3 +- .../selftests/kvm/kvm_create_max_vcpus.c | 4 +- .../selftests/kvm/kvm_page_table_test.c | 4 +- .../selftests/kvm/lib/aarch64/processor.c | 8 ++ tools/testing/selftests/kvm/lib/elf.c | 2 + tools/testing/selftests/kvm/lib/kvm_util.c | 12 +++ .../selftests/kvm/lib/riscv/processor.c | 8 ++ .../selftests/kvm/lib/s390x/processor.c | 8 ++ tools/testing/selftests/kvm/lib/sparsebit.c | 2 +- .../selftests/kvm/lib/x86_64/perf_test_util.c | 2 +- .../selftests/kvm/lib/x86_64/processor.c | 38 +++++++++- .../selftests/kvm/max_guest_memory_test.c | 2 +- .../kvm/memslot_modification_stress_test.c | 4 +- .../testing/selftests/kvm/memslot_perf_test.c | 9 +-- tools/testing/selftests/kvm/rseq_test.c | 7 +- tools/testing/selftests/kvm/s390x/memop.c | 4 +- tools/testing/selftests/kvm/s390x/resets.c | 4 +- .../selftests/kvm/s390x/sync_regs_test.c | 5 +- tools/testing/selftests/kvm/s390x/tprot.c | 2 +- .../selftests/kvm/set_memory_region_test.c | 7 +- tools/testing/selftests/kvm/steal_time.c | 4 +- .../kvm/system_counter_offset_test.c | 2 +- tools/testing/selftests/kvm/x86_64/amx_test.c | 2 +- .../testing/selftests/kvm/x86_64/cpuid_test.c | 2 +- .../kvm/x86_64/cr4_cpuid_sync_test.c | 6 +- .../testing/selftests/kvm/x86_64/debug_regs.c | 4 +- .../kvm/x86_64/emulator_error_test.c | 7 +- .../testing/selftests/kvm/x86_64/evmcs_test.c | 2 +- .../selftests/kvm/x86_64/fix_hypercall_test.c | 2 +- .../kvm/x86_64/get_msr_index_features.c | 2 +- .../selftests/kvm/x86_64/hyperv_clock.c | 2 +- .../selftests/kvm/x86_64/hyperv_cpuid.c | 7 +- .../selftests/kvm/x86_64/hyperv_features.c | 2 +- .../selftests/kvm/x86_64/hyperv_svm_test.c | 2 +- .../selftests/kvm/x86_64/kvm_clock_test.c | 2 +- .../selftests/kvm/x86_64/kvm_pv_test.c | 2 +- .../kvm/x86_64/max_vcpuid_cap_test.c | 3 +- .../selftests/kvm/x86_64/mmio_warning_test.c | 4 +- .../selftests/kvm/x86_64/monitor_mwait_test.c | 3 +- .../selftests/kvm/x86_64/nx_huge_pages_test.c | 4 +- .../selftests/kvm/x86_64/platform_info_test.c | 7 +- .../kvm/x86_64/pmu_event_filter_test.c | 7 +- .../selftests/kvm/x86_64/set_boot_cpu_id.c | 2 +- .../selftests/kvm/x86_64/set_sregs_test.c | 7 +- .../selftests/kvm/x86_64/sev_migrate_tests.c | 3 +- tools/testing/selftests/kvm/x86_64/smm_test.c | 4 +- .../testing/selftests/kvm/x86_64/state_test.c | 10 +-- .../selftests/kvm/x86_64/svm_int_ctl_test.c | 3 +- .../kvm/x86_64/svm_nested_soft_inject_test.c | 7 +- .../selftests/kvm/x86_64/svm_vmcall_test.c | 74 ------------------- .../selftests/kvm/x86_64/sync_regs_test.c | 7 +- .../kvm/x86_64/triple_fault_event_test.c | 2 +- .../selftests/kvm/x86_64/tsc_msrs_test.c | 4 +- .../selftests/kvm/x86_64/tsc_scaling_sync.c | 3 +- .../kvm/x86_64/ucna_injection_test.c | 2 +- .../selftests/kvm/x86_64/userspace_io_test.c | 6 +- .../kvm/x86_64/userspace_msr_exit_test.c | 7 +- .../kvm/x86_64/vmx_apic_access_test.c | 5 +- .../kvm/x86_64/vmx_close_while_nested_test.c | 2 +- .../selftests/kvm/x86_64/vmx_dirty_log_test.c | 4 +- .../vmx_exception_with_invalid_guest_state.c | 2 +- .../x86_64/vmx_invalid_nested_guest_state.c | 2 +- .../selftests/kvm/x86_64/vmx_msrs_test.c | 2 +- .../kvm/x86_64/vmx_nested_tsc_scaling_test.c | 5 +- .../selftests/kvm/x86_64/vmx_pmu_caps_test.c | 2 +- .../kvm/x86_64/vmx_preemption_timer_test.c | 4 +- .../kvm/x86_64/vmx_set_nested_state_test.c | 3 +- .../kvm/x86_64/vmx_tsc_adjust_test.c | 5 +- .../selftests/kvm/x86_64/xapic_ipi_test.c | 4 +- .../selftests/kvm/x86_64/xapic_state_test.c | 2 +- .../selftests/kvm/x86_64/xen_shinfo_test.c | 67 +++++++---------- .../selftests/kvm/x86_64/xen_vmcall_test.c | 17 +++-- .../selftests/kvm/x86_64/xss_msr_test.c | 2 +- 90 files changed, 223 insertions(+), 339 deletions(-) delete mode 100644 tools/testing/selftests/kvm/x86_64/svm_vmcall_test.c -- 2.37.2.789.g6183377224-goog

2 years, 7 months

3
16
0 0

[RFC PATCH] bonding: cause oops on aarch64 architecture in bond_rr_gen_slave_id

by Jonathan Toppins

This bonding selftest causes the following kernel oops on aarch64 and possibly ppc64le architectures. This was reproduced on net/master commit 64ae13ed478428135cddc2f1113dff162d8112d4 net: core: fix flow symmetric hash [ 329.805838] kselftest: Running tests in drivers/net/bonding [ 330.011028] eth0: renamed from link1_2 [ 330.220846] eth0: renamed from link1_1 [ 330.387755] bond0: (slave eth0): making interface the new active one [ 330.394165] bond0: (slave eth0): Enslaving as an active interface with an up link [ 330.401867] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 334.586619] bond0: (slave eth0): Releasing backup interface [ 334.671065] bond0: (slave eth0): Enslaving as an active interface with an up link [ 334.686773] Unable to handle kernel paging request at virtual address ffff2c91ac905000 [ 334.694703] Mem abort info: [ 334.697486] ESR = 0x0000000096000004 [ 334.701234] EC = 0x25: DABT (current EL), IL = 32 bits [ 334.706536] SET = 0, FnV = 0 [ 334.709579] EA = 0, S1PTW = 0 [ 334.712719] FSC = 0x04: level 0 translation fault [ 334.717586] Data abort info: [ 334.720454] ISV = 0, ISS = 0x00000004 [ 334.724288] CM = 0, WnR = 0 [ 334.727244] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000008044d662000 [ 334.733944] [ffff2c91ac905000] pgd=0000000000000000, p4d=0000000000000000 [ 334.740734] Internal error: Oops: 96000004 [#1] SMP [ 334.745602] Modules linked in: bonding tls veth rfkill sunrpc arm_spe_pmu vfat fat acpi_ipmi ipmi_ssif ixgbe igb i40e mdio ipmi_devintf ipmi_msghandler arm_cmn arm_dsu_pmu cppc_cpufreq acpi_tad fuse zram crct10dif_ce ast ghash_ce sbsa_gwdt nvme drm_vram_helper drm_ttm_helper nvme_core ttm xgene_hwmon [ 334.772217] CPU: 7 PID: 2214 Comm: ping Not tainted 6.0.0-rc4-00133-g64ae13ed4784 #4 [ 334.779950] Hardware name: GIGABYTE R272-P31-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021 [ 334.789244] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 334.796196] pc : bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.801691] lr : bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.807962] sp : ffff8000221733e0 [ 334.811265] x29: ffff8000221733e0 x28: ffffdbac8572d198 x27: ffff80002217357c [ 334.818392] x26: 000000000000002a x25: ffffdbacb33ee000 x24: ffff07ff980fa000 [ 334.825519] x23: ffffdbacb2e398ba x22: ffff07ff98102000 x21: ffff07ff981029c0 [ 334.832646] x20: 0000000000000001 x19: ffff07ff981029c0 x18: 0000000000000014 [ 334.839773] x17: 0000000000000000 x16: ffffdbacb1004364 x15: 0000aaaabe2f5a62 [ 334.846899] x14: ffff07ff8e55d968 x13: ffff07ff8e55db30 x12: 0000000000000000 [ 334.854026] x11: ffffdbacb21532e8 x10: 0000000000000001 x9 : ffffdbac857178ec [ 334.861153] x8 : ffff07ff9f6e5a28 x7 : 0000000000000000 x6 : 000000007c2b3742 [ 334.868279] x5 : ffff2c91ac905000 x4 : ffff2c91ac905000 x3 : ffff07ff9f554400 [ 334.875406] x2 : ffff2c91ac905000 x1 : 0000000000000001 x0 : ffff07ff981029c0 [ 334.882532] Call trace: [ 334.884967] bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.890109] bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.896033] __bond_start_xmit+0x128/0x3a0 [bonding] [ 334.901001] bond_start_xmit+0x54/0xb0 [bonding] [ 334.905622] dev_hard_start_xmit+0xb4/0x220 [ 334.909798] __dev_queue_xmit+0x1a0/0x720 [ 334.913799] arp_xmit+0x3c/0xbc [ 334.916932] arp_send_dst+0x98/0xd0 [ 334.920410] arp_solicit+0xe8/0x230 [ 334.923888] neigh_probe+0x60/0xb0 [ 334.927279] __neigh_event_send+0x3b0/0x470 [ 334.931453] neigh_resolve_output+0x70/0x90 [ 334.935626] ip_finish_output2+0x158/0x514 [ 334.939714] __ip_finish_output+0xac/0x1a4 [ 334.943800] ip_finish_output+0x40/0xfc [ 334.947626] ip_output+0xf8/0x1a4 [ 334.950931] ip_send_skb+0x5c/0x100 [ 334.954410] ip_push_pending_frames+0x3c/0x60 [ 334.958758] raw_sendmsg+0x458/0x6d0 [ 334.962325] inet_sendmsg+0x50/0x80 [ 334.965805] sock_sendmsg+0x60/0x6c [ 334.969286] __sys_sendto+0xc8/0x134 [ 334.972853] __arm64_sys_sendto+0x34/0x4c [ 334.976854] invoke_syscall+0x78/0x100 [ 334.980594] el0_svc_common.constprop.0+0x4c/0xf4 [ 334.985287] do_el0_svc+0x38/0x4c [ 334.988591] el0_svc+0x34/0x10c [ 334.991724] el0t_64_sync_handler+0x11c/0x150 [ 334.996072] el0t_64_sync+0x190/0x194 [ 334.999726] Code: b9001062 f9403c02 d53cd044 8b040042 (b8210040) [ 335.005810] ---[ end trace 0000000000000000 ]--- [ 335.010416] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 335.017279] SMP: stopping secondary CPUs [ 335.021374] Kernel Offset: 0x5baca8eb0000 from 0xffff800008000000 [ 335.027456] PHYS_OFFSET: 0x80000000 [ 335.030932] CPU features: 0x0000,0085c029,19805c82 [ 335.035713] Memory Limit: none [ 335.038756] Rebooting in 180 seconds.. Signed-off-by: Jonathan Toppins <jtoppins(a)redhat.com> --- .../selftests/drivers/net/bonding/Makefile | 1 + .../bonding/bond-arp-interval-causes-panic.sh | 46 +++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100755 tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh diff --git a/tools/testing/selftests/drivers/net/bonding/Makefile b/tools/testing/selftests/drivers/net/bonding/Makefile index ab6c54b12098..79bb06fd386a 100644 --- a/tools/testing/selftests/drivers/net/bonding/Makefile +++ b/tools/testing/selftests/drivers/net/bonding/Makefile @@ -2,5 +2,6 @@ # Makefile for net selftests TEST_PROGS := bond-break-lacpdu-tx.sh +TEST_PROGS += bond-arp-interval-causes-panic.sh include ../../../lib.mk diff --git a/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh new file mode 100755 index 000000000000..0c3e5d486193 --- /dev/null +++ b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh @@ -0,0 +1,46 @@ +#!/bin/sh + +# cause kernel oops in bond_rr_gen_slave_id on aarch64 and ppcle +# architectures +DEBUG=${DEBUG:-0} + +set -e +test ${DEBUG} -ne 0 && set -x + +function finish() +{ + ip -all netns delete + ip link del link1_1 || true +} + +trap finish EXIT + +client_ip4=192.168.1.198 +server_ip4=192.168.1.254 + +# setup kernel so it reboots after causing the panic +echo 180 >/proc/sys/kernel/panic + +# build namespaces +ip link add dev link1_1 type veth peer name link1_2 + +ip netns add "server" +ip link set dev link1_2 netns server up name eth0 +ip netns exec server ip addr add ${server_ip4}/24 dev eth0 + +ip netns add "client" +ip link set dev link1_1 netns client down name eth0 +ip netns exec client ip link add dev bond0 down type bond mode 1 miimon 100 all_slaves_active 1 +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ip addr add ${client_ip4}/24 dev bond0 +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +ip netns exec client ip link set dev eth0 down nomaster +ip netns exec client ip link set dev bond0 down +ip netns exec client ip link set dev bond0 type bond mode 0 arp_interval 1000 arp_ip_target "+${server_ip4}" +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +exit 0 -- 2.31.1

2 years, 7 months

2
2
0 0

[PATCH] selftests/futex: fix build for clang

by Ricardo Cañuelo

Don't use the test-specific header files as source files to force a target dependency, as clang will complain if more than one source file is used for a compile command with a single '-o' flag. Use the proper Makefile variables instead as defined in tools/testing/selftests/lib.mk. Signed-off-by: Ricardo Cañuelo <ricardo.canuelo(a)collabora.com> --- tools/testing/selftests/futex/functional/Makefile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/futex/functional/Makefile b/tools/testing/selftests/futex/functional/Makefile index 732149011692..5a0e0df8de9b 100644 --- a/tools/testing/selftests/futex/functional/Makefile +++ b/tools/testing/selftests/futex/functional/Makefile @@ -3,11 +3,11 @@ INCLUDES := -I../include -I../../ -I../../../../../usr/include/ CFLAGS := $(CFLAGS) -g -O2 -Wall -D_GNU_SOURCE -pthread $(INCLUDES) $(KHDR_INCLUDES) LDLIBS := -lpthread -lrt -HEADERS := \ +LOCAL_HDRS := \ ../include/futextest.h \ ../include/atomic.h \ ../include/logging.h -TEST_GEN_FILES := \ +TEST_GEN_PROGS := \ futex_wait_timeout \ futex_wait_wouldblock \ futex_requeue_pi \ @@ -24,5 +24,3 @@ TEST_PROGS := run.sh top_srcdir = ../../../../.. DEFAULT_INSTALL_HDR_PATH := 1 include ../../lib.mk - -$(TEST_GEN_FILES): $(HEADERS) -- 2.25.1

2 years, 7 months

2
2
0 0

[PATCH net-next,v2 0/9] refactor duplicate codes in the tc cls walk function

by Zhengchao Shao

The walk implementation of most tc cls modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. Then use helper function to replace the code of each cls module in alphabetical order. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -e 0811 ok 1 0811 - Add multiple basic filter with cmp ematch u8/link layer and default action and dump them ./tdc.py -e 5129 ok 1 5129 - List basic filters ./tdc.py -c bpf-filter ok 1 23c3 - Add cBPF filter with valid bytecode ok 2 1563 - Add cBPF filter with invalid bytecode ok 3 2334 - Add eBPF filter with valid object-file ok 4 2373 - Add eBPF filter with invalid object-file ok 5 4423 - Replace cBPF bytecode ok 6 5122 - Delete cBPF filter ok 7 e0a9 - List cBPF filters ./tdc.py -c cgroup ok 1 6273 - Add cgroup filter with cmp ematch u8/link layer and drop action ok 2 4721 - Add cgroup filter with cmp ematch u8/link layer with trans flag and pass action ok 3 d392 - Add cgroup filter with cmp ematch u16/link layer and pipe action ok 4 0234 - Add cgroup filter with cmp ematch u32/link layer and miltiple actions ok 5 8499 - Add cgroup filter with cmp ematch u8/network layer and pass action ok 6 b273 - Add cgroup filter with cmp ematch u8/network layer with trans flag and drop action ok 7 1934 - Add cgroup filter with cmp ematch u16/network layer and pipe action ok 8 2733 - Add cgroup filter with cmp ematch u32/network layer and miltiple actions ok 9 3271 - Add cgroup filter with NOT cmp ematch rule and pass action ok 10 2362 - Add cgroup filter with two ANDed cmp ematch rules and single action ok 11 9993 - Add cgroup filter with two ORed cmp ematch rules and single action ok 12 2331 - Add cgroup filter with two ANDed cmp ematch rules and one ORed ematch rule and single action ok 13 3645 - Add cgroup filter with two ANDed cmp ematch rules and one NOT ORed ematch rule and single action ok 14 b124 - Add cgroup filter with u32 ematch u8/zero offset and drop action ok 15 7381 - Add cgroup filter with u32 ematch u8/zero offset and invalid value >0xFF ok 16 2231 - Add cgroup filter with u32 ematch u8/positive offset and drop action ok 17 1882 - Add cgroup filter with u32 ematch u8/invalid mask >0xFF ok 18 1237 - Add cgroup filter with u32 ematch u8/missing offset ok 19 3812 - Add cgroup filter with u32 ematch u8/missing AT keyword ok 20 1112 - Add cgroup filter with u32 ematch u8/missing value ok 21 3241 - Add cgroup filter with u32 ematch u8/non-numeric value ok 22 e231 - Add cgroup filter with u32 ematch u8/non-numeric mask ok 23 4652 - Add cgroup filter with u32 ematch u8/negative offset and pass action ok 24 1331 - Add cgroup filter with u32 ematch u16/zero offset and pipe action ok 25 e354 - Add cgroup filter with u32 ematch u16/zero offset and invalid value >0xFFFF ok 26 3538 - Add cgroup filter with u32 ematch u16/positive offset and drop action ok 27 4576 - Add cgroup filter with u32 ematch u16/invalid mask >0xFFFF ok 28 b842 - Add cgroup filter with u32 ematch u16/missing offset ok 29 c924 - Add cgroup filter with u32 ematch u16/missing AT keyword ok 30 cc93 - Add cgroup filter with u32 ematch u16/missing value ok 31 123c - Add cgroup filter with u32 ematch u16/non-numeric value ok 32 3675 - Add cgroup filter with u32 ematch u16/non-numeric mask ok 33 1123 - Add cgroup filter with u32 ematch u16/negative offset and drop action ok 34 4234 - Add cgroup filter with u32 ematch u16/nexthdr+ offset and pass action ok 35 e912 - Add cgroup filter with u32 ematch u32/zero offset and pipe action ok 36 1435 - Add cgroup filter with u32 ematch u32/positive offset and drop action ok 37 1282 - Add cgroup filter with u32 ematch u32/missing offset ok 38 6456 - Add cgroup filter with u32 ematch u32/missing AT keyword ok 39 4231 - Add cgroup filter with u32 ematch u32/missing value ok 40 2131 - Add cgroup filter with u32 ematch u32/non-numeric value ok 41 f125 - Add cgroup filter with u32 ematch u32/non-numeric mask ok 42 4316 - Add cgroup filter with u32 ematch u32/negative offset and drop action ok 43 23ae - Add cgroup filter with u32 ematch u32/nexthdr+ offset and pipe action ok 44 23a1 - Add cgroup filter with canid ematch and single SFF ok 45 324f - Add cgroup filter with canid ematch and single SFF with mask ok 46 2576 - Add cgroup filter with canid ematch and multiple SFF ok 47 4839 - Add cgroup filter with canid ematch and multiple SFF with masks ok 48 6713 - Add cgroup filter with canid ematch and single EFF ok 49 4572 - Add cgroup filter with canid ematch and single EFF with mask ok 50 8031 - Add cgroup filter with canid ematch and multiple EFF ok 51 ab9d - Add cgroup filter with canid ematch and multiple EFF with masks ok 52 5349 - Add cgroup filter with canid ematch and a combination of SFF/EFF ok 53 c934 - Add cgroup filter with canid ematch and a combination of SFF/EFF with masks ok 54 4319 - Replace cgroup filter with diffferent match ok 55 4636 - Detele cgroup filter ./tdc.py -c flow ok 1 5294 - Add flow filter with map key and ops ok 2 3514 - Add flow filter with map key or ops ok 3 7534 - Add flow filter with map key xor ops ok 4 4524 - Add flow filter with map key rshift ops ok 5 0230 - Add flow filter with map key addend ops ok 6 2344 - Add flow filter with src map key ok 7 9304 - Add flow filter with proto map key ok 8 9038 - Add flow filter with proto-src map key ok 9 2a03 - Add flow filter with proto-dst map key ok 10 a073 - Add flow filter with iif map key ok 11 3b20 - Add flow filter with priority map key ok 12 8945 - Add flow filter with mark map key ok 13 c034 - Add flow filter with nfct map key ok 14 0205 - Add flow filter with nfct-src map key ok 15 5315 - Add flow filter with nfct-src map key ok 16 7849 - Add flow filter with nfct-proto-src map key ok 17 9902 - Add flow filter with nfct-proto-dst map key ok 18 6742 - Add flow filter with rt-classid map key ok 19 5432 - Add flow filter with sk-uid map key ok 20 4234 - Add flow filter with sk-gid map key ok 21 4522 - Add flow filter with vlan-tag map key ok 22 4253 - Add flow filter with rxhash map key ok 23 4452 - Add flow filter with hash key list ok 24 4341 - Add flow filter with muliple ops ok 25 4392 - List flow filters ok 26 4322 - Change flow filter with map key num ok 27 2320 - Replace flow filter with map key num ok 28 3213 - Delete flow filter with map key num ./tdc.py -c route ok 1 e122 - Add route filter with from and to tag ok 2 6573 - Add route filter with fromif and to tag ok 3 1362 - Add route filter with to flag and reclassify action ok 4 4720 - Add route filter with from flag and continue actions ok 5 2812 - Add route filter with form tag and pipe action ok 6 7994 - Add route filter with miltiple actions ok 7 4312 - List route filters ok 8 2634 - Delete route filter with pipe action ./tdc.py -c rsvp ok 1 2141 - Add rsvp filter with tcp proto and specific IP address ok 2 5267 - Add rsvp filter with udp proto and specific IP address ok 3 2819 - Add rsvp filter with src ip and src port ok 4 c967 - Add rsvp filter with tunnelid and continue action ok 5 5463 - Add rsvp filter with tunnel and pipe action ok 6 2332 - Add rsvp filter with miltiple actions ok 7 8879 - Add rsvp filter with tunnel and skp flag ok 8 8261 - List rsvp filters ok 9 8989 - Delete rsvp filter ./tdc.py -c tcindex ok 1 8293 - Add tcindex filter with default action ok 2 7281 - Add tcindex filter with hash size and pass action ok 3 b294 - Add tcindex filter with mask shift and reclassify action ok 4 0532 - Add tcindex filter with pass_on and continue actions ok 5 d473 - Add tcindex filter with pipe action ok 6 2940 - Add tcindex filter with miltiple actions ok 7 1893 - List tcindex filters ok 8 2041 - Change tcindex filter with pass action ok 9 9203 - Replace tcindex filter with pass action ok 10 7957 - Delete tcindex filter with drop action --- v2: rectify spelling error; The category name bpf in filters file is renamed to bpf-filter --- Zhengchao Shao (9): net/sched: cls_api: add helper for tc cls walker stats updating net/sched: use tc_cls_stats_update() in filter selftests/tc-testings: add selftests for bpf filter selftests/tc-testings: add selftests for cgroup filter selftests/tc-testings: add selftests for flow filter selftests/tc-testings: add selftests for route filter selftests/tc-testings: add selftests for rsvp filter selftests/tc-testings: add selftests for tcindex filter selftests/tc-testings: add list case for basic filter include/net/pkt_cls.h | 13 + net/sched/cls_basic.c | 9 +- net/sched/cls_bpf.c | 8 +- net/sched/cls_flow.c | 8 +- net/sched/cls_fw.c | 9 +- net/sched/cls_route.c | 9 +- net/sched/cls_rsvp.h | 9 +- net/sched/cls_tcindex.c | 18 +- net/sched/cls_u32.c | 20 +- .../tc-testing/tc-tests/filters/basic.json | 47 + .../tc-testing/tc-tests/filters/bpf.json | 171 +++ .../tc-testing/tc-tests/filters/cgroup.json | 1236 +++++++++++++++++ .../tc-testing/tc-tests/filters/flow.json | 623 +++++++++ .../tc-testing/tc-tests/filters/route.json | 181 +++ .../tc-testing/tc-tests/filters/rsvp.json | 203 +++ .../tc-testing/tc-tests/filters/tcindex.json | 227 +++ 16 files changed, 2716 insertions(+), 75 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/bpf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/cgroup.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/flow.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/route.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/rsvp.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json -- 2.17.1

2 years, 7 months

1
9
0 0

[PATCH v6 1/2] x86/fpu: Allow PKRU to be (once again) written by ptrace.

by Kyle Huey

From: Kyle Huey <me(a)kylehuey.com> When management of the PKRU register was moved away from XSTATE, emulation of PKRU's existence in XSTATE was added for reading PKRU through ptrace, but not for writing PKRU through ptrace. This can be seen by running gdb and executing `p $pkru`, `set $pkru = 42`, and `p $pkru`. On affected kernels (5.14+) the write to the PKRU register (which gdb performs through ptrace) is ignored. There are three APIs that write PKRU: sigreturn, PTRACE_SETREGSET with NT_X86_XSTATE, and KVM_SET_XSAVE. sigreturn still uses XRSTOR to write to PKRU. KVM_SET_XSAVE has its own special handling to make PKRU writes take effect (in fpu_copy_uabi_to_guest_fpstate). Push that down into copy_uabi_to_xstate and have PTRACE_SETREGSET with NT_X86_XSTATE pass in a pointer to the appropriate PKRU slot. copy_sigframe_from_user_to_xstate depends on copy_uabi_to_xstate populating the PKRU field in the task's XSTATE so that __fpu_restore_sig can do a XRSTOR from it, so continue doing that. This also adds code to initialize the PKRU value to the hardware init value (namely 0) if the PKRU bit is not set in the XSTATE header provided to ptrace, to match XRSTOR. Fixes: e84ba47e313d ("x86/fpu: Hook up PKRU into ptrace()") Signed-off-by: Kyle Huey <me(a)kylehuey.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Borislav Petkov <bp(a)suse.de> Cc: stable(a)vger.kernel.org # 5.14+ --- arch/x86/kernel/fpu/core.c | 20 +++++++++----------- arch/x86/kernel/fpu/regset.c | 2 +- arch/x86/kernel/fpu/signal.c | 2 +- arch/x86/kernel/fpu/xstate.c | 25 ++++++++++++++++++++----- arch/x86/kernel/fpu/xstate.h | 4 ++-- 5 files changed, 33 insertions(+), 20 deletions(-) diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index 3b28c5b25e12..c273669e8a00 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -391,8 +391,6 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, { struct fpstate *kstate = gfpu->fpstate; const union fpregs_state *ustate = buf; - struct pkru_state *xpkru; - int ret; if (!cpu_feature_enabled(X86_FEATURE_XSAVE)) { if (ustate->xsave.header.xfeatures & ~XFEATURE_MASK_FPSSE) @@ -406,16 +404,16 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, if (ustate->xsave.header.xfeatures & ~xcr0) return -EINVAL; - ret = copy_uabi_from_kernel_to_xstate(kstate, ustate); - if (ret) - return ret; + /* + * Nullify @vpkru to preserve its current value if PKRU's bit isn't set + * in the header. KVM's odd ABI is to leave PKRU untouched in this + * case (all other components are eventually re-initialized). + * (Not clear that this is actually necessary for compat). + */ + if (!(ustate->xsave.header.xfeatures & XFEATURE_MASK_PKRU)) + vpkru = NULL; - /* Retrieve PKRU if not in init state */ - if (kstate->regs.xsave.header.xfeatures & XFEATURE_MASK_PKRU) { - xpkru = get_xsave_addr(&kstate->regs.xsave, XFEATURE_PKRU); - *vpkru = xpkru->pkru; - } - return 0; + return copy_uabi_from_kernel_to_xstate(kstate, ustate, vpkru); } EXPORT_SYMBOL_GPL(fpu_copy_uabi_to_guest_fpstate); #endif /* CONFIG_KVM */ diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index 75ffaef8c299..6d056b68f4ed 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -167,7 +167,7 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, } fpu_force_restore(fpu); - ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf); + ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf, &target->thread.pkru); out: vfree(tmpbuf); diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 91d4b6de58ab..558076dbde5b 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -396,7 +396,7 @@ static bool __fpu_restore_sig(void __user *buf, void __user *buf_fx, fpregs = &fpu->fpstate->regs; if (use_xsave() && !fx_only) { - if (copy_sigframe_from_user_to_xstate(fpu->fpstate, buf_fx)) + if (copy_sigframe_from_user_to_xstate(tsk, buf_fx)) return false; } else { if (__copy_from_user(&fpregs->fxsave, buf_fx, diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index c8340156bfd2..8f14981a3936 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -1197,7 +1197,7 @@ static int copy_from_buffer(void *dst, unsigned int offset, unsigned int size, static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, - const void __user *ubuf) + const void __user *ubuf, u32 *pkru) { struct xregs_state *xsave = &fpstate->regs.xsave; unsigned int offset, size; @@ -1246,6 +1246,21 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, } } + /* + * Update the user protection key storage. Allow KVM to + * pass in a NULL pkru pointer if the mask bit is unset + * for its legacy ABI behavior. + */ + if (pkru) + *pkru = 0; + + if (hdr.xfeatures & XFEATURE_MASK_PKRU) { + struct pkru_state *xpkru; + + xpkru = __raw_xsave_addr(xsave, XFEATURE_PKRU); + *pkru = xpkru->pkru; + } + /* * The state that came in from userspace was user-state only. * Mask all the user states out of 'xfeatures': @@ -1264,9 +1279,9 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, * Convert from a ptrace standard-format kernel buffer to kernel XSAVE[S] * format and copy to the target thread. Used by ptrace and KVM. */ -int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) +int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru) { - return copy_uabi_to_xstate(fpstate, kbuf, NULL); + return copy_uabi_to_xstate(fpstate, kbuf, NULL, pkru); } /* @@ -1274,10 +1289,10 @@ int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) * XSAVE[S] format and copy to the target thread. This is called from the * sigreturn() and rt_sigreturn() system calls. */ -int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, +int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf) { - return copy_uabi_to_xstate(fpstate, NULL, ubuf); + return copy_uabi_to_xstate(tsk->thread.fpu.fpstate, NULL, ubuf, &tsk->thread.pkru); } static bool validate_independent_components(u64 mask) diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 5ad47031383b..a4ecb04d8d64 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -46,8 +46,8 @@ extern void __copy_xstate_to_uabi_buf(struct membuf to, struct fpstate *fpstate, u32 pkru_val, enum xstate_copy_mode copy_mode); extern void copy_xstate_to_uabi_buf(struct membuf to, struct task_struct *tsk, enum xstate_copy_mode mode); -extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf); -extern int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, const void __user *ubuf); +extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru); +extern int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf); extern void fpu__init_cpu_xstate(void); -- 2.37.2 Changelog since v5: - Avoids a second copy from the uabi buffer as suggested. - Preserves old KVM_SET_XSAVE behavior where leaving the PKRU bit in the XSTATE header results in PKRU remaining unchanged instead of reinitializing it. - Fixed up patch metadata as requested. Changelog since v4: - Selftest additionally checks PKRU readbacks through ptrace. - Selftest flips all PKRU bits (except the default key). Changelog since v3: - The v3 patch is now part 1 of 2. - Adds a selftest in part 2 of 2. Changelog since v2: - Removed now unused variables in fpu_copy_uabi_to_guest_fpstate Changelog since v1: - Handles the error case of copy_to_buffer().

2 years, 7 months

2
4
0 0

[PATCH v3 7/7] KVM: selftests: Add test for AArch32 ID registers

by Oliver Upton

Add a test to assert that KVM handles the AArch64 views of the AArch32 ID registers as RAZ/WI (writable only from userspace). For registers that were already hidden or unallocated, expect RAZ + invariant behavior. Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/aarch64/aarch32_id_regs.c | 169 ++++++++++++++++++ 3 files changed, 171 insertions(+) create mode 100644 tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index d625a3f83780..87d1a0b1bae0 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -1,4 +1,5 @@ # SPDX-License-Identifier: GPL-2.0-only +/aarch64/aarch32_id_regs /aarch64/arch_timer /aarch64/debug-exceptions /aarch64/get-reg-list diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 4c122f1b1737..784abe7f0962 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -144,6 +144,7 @@ TEST_GEN_PROGS_x86_64 += system_counter_offset_test # Compiled outputs used by test targets TEST_GEN_PROGS_EXTENDED_x86_64 += x86_64/nx_huge_pages_test +TEST_GEN_PROGS_aarch64 += aarch64/aarch32_id_regs TEST_GEN_PROGS_aarch64 += aarch64/arch_timer TEST_GEN_PROGS_aarch64 += aarch64/debug-exceptions TEST_GEN_PROGS_aarch64 += aarch64/get-reg-list diff --git a/tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c b/tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c new file mode 100644 index 000000000000..6f9c1f19c7f6 --- /dev/null +++ b/tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c @@ -0,0 +1,169 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * aarch32_id_regs - Test for ID register behavior on AArch64-only systems + * + * Copyright (c) 2022 Google LLC. + * + * Test that KVM handles the AArch64 views of the AArch32 ID registers as RAZ + * and WI from userspace. + */ + +#include <stdint.h> + +#include "kvm_util.h" +#include "processor.h" +#include "test_util.h" + +#define BAD_ID_REG_VAL 0x1badc0deul + +#define GUEST_ASSERT_REG_RAZ(reg) GUEST_ASSERT_EQ(read_sysreg_s(reg), 0) + +static void guest_main(void) +{ + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_DFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_AFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR3_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR3_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR4_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR5_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR4_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR6_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR2_EL1); + GUEST_ASSERT_REG_RAZ(sys_reg(3, 0, 0, 3, 3)); + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_DFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR5_EL1); + GUEST_ASSERT_REG_RAZ(sys_reg(3, 0, 0, 3, 7)); + + GUEST_DONE(); +} + +static void test_guest_raz(struct kvm_vcpu *vcpu) +{ + struct ucall uc; + + vcpu_run(vcpu); + + switch (get_ucall(vcpu, &uc)) { + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + break; + case UCALL_DONE: + break; + default: + TEST_FAIL("Unexpected ucall: %lu", uc.cmd); + } +} + +static uint64_t raz_wi_reg_ids[] = { + KVM_ARM64_SYS_REG(SYS_ID_PFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_PFR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_DFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR3_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR3_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR4_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR5_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR4_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR6_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR0_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR1_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_PFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR5_EL1), +}; + +static void test_user_raz_wi(struct kvm_vcpu *vcpu) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(raz_wi_reg_ids); i++) { + uint64_t reg_id = raz_wi_reg_ids[i]; + uint64_t val; + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + + /* + * Expect the ioctl to succeed with no effect on the register + * value. + */ + vcpu_set_reg(vcpu, reg_id, BAD_ID_REG_VAL); + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + } +} + +static uint64_t raz_invariant_reg_ids[] = { + KVM_ARM64_SYS_REG(SYS_ID_AFR0_EL1), + KVM_ARM64_SYS_REG(sys_reg(3, 0, 0, 3, 3)), + KVM_ARM64_SYS_REG(SYS_ID_DFR1_EL1), + KVM_ARM64_SYS_REG(sys_reg(3, 0, 0, 3, 7)), +}; + +static void test_user_raz_invariant(struct kvm_vcpu *vcpu) +{ + int i, r; + + for (i = 0; i < ARRAY_SIZE(raz_invariant_reg_ids); i++) { + uint64_t reg_id = raz_invariant_reg_ids[i]; + uint64_t val; + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + + r = __vcpu_set_reg(vcpu, reg_id, BAD_ID_REG_VAL); + TEST_ASSERT(r < 0 && errno == EINVAL, + "unexpected KVM_SET_ONE_REG error: r=%d, errno=%d", r, errno); + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + } +} + + + +static bool vcpu_aarch64_only(struct kvm_vcpu *vcpu) +{ + uint64_t val, el0; + + vcpu_get_reg(vcpu, KVM_ARM64_SYS_REG(SYS_ID_AA64PFR0_EL1), &val); + + el0 = (val & ARM64_FEATURE_MASK(ID_AA64PFR0_EL0)) >> ID_AA64PFR0_EL0_SHIFT; + return el0 == ID_AA64PFR0_ELx_64BIT_ONLY; +} + +int main(void) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + + vm = vm_create_with_one_vcpu(&vcpu, guest_main); + + TEST_REQUIRE(vcpu_aarch64_only(vcpu)); + + ucall_init(vm, NULL); + + test_user_raz_wi(vcpu); + test_user_raz_invariant(vcpu); + test_guest_raz(vcpu); + + ucall_uninit(vm); + kvm_vm_free(vm); +} -- 2.37.2.789.g6183377224-goog

2 years, 7 months

1
0
0 0

make run_tests -C proc: proc-pid-vm assertion failed.

by Jie2x Zhou

hi, The test error is caused by g_vsyscall set failed. Error output: selftests: proc: proc-pid-vm proc-pid-vm: proc-pid-vm.c:389: main: Assertion `rv == len' failed. Aborted g_vsyscall is set to 0. In proc-pid-vm.c: /* * 0: vsyscall VMA doesn't exist vsyscall=none * 1: vsyscall VMA is r-xp vsyscall=emulate * 2: vsyscall VMA is --xp vsyscall=xonly */ static int g_vsyscall; static const char *str_vsyscall; static const char str_vsyscall_0[] = ""; static const char str_vsyscall_1[] = "ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]\n"; static const char str_vsyscall_2[] = "ffffffffff600000-ffffffffff601000 --xp 00000000 00:00 0 [vsyscall]\n"; The /proc/%u/maps output is: buf=100000000-100001000 r-xp 00000000 00:2d 2 /tmp/#2 (deleted) ffffffffff600000-ffffffffff601000 --xp 00000000 00:00 0 [vsyscall] So the g_vsyscall should be 2 according to commentary(2: vsyscall VMA is --xp). Is it a bug? best regards,

2 years, 7 months

3
2
0 0

[PATCH] selftests/intel_pstate: fix build for ARCH=x86_64

by Ricardo Cañuelo

Handle the scenario where the build is launched with the ARCH envvar defined as x86_64. Signed-off-by: Ricardo Cañuelo <ricardo.canuelo(a)collabora.com> --- tools/testing/selftests/intel_pstate/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/intel_pstate/Makefile b/tools/testing/selftests/intel_pstate/Makefile index 39f0fa2a8fd6..05d66ef50c97 100644 --- a/tools/testing/selftests/intel_pstate/Makefile +++ b/tools/testing/selftests/intel_pstate/Makefile @@ -2,10 +2,10 @@ CFLAGS := $(CFLAGS) -Wall -D_GNU_SOURCE LDLIBS += -lm -uname_M := $(shell uname -m 2>/dev/null || echo not) -ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/) +ARCH ?= $(shell uname -m 2>/dev/null || echo not) +ARCH_PROCESSED := $(shell echo $(ARCH) | sed -e s/i.86/x86/ -e s/x86_64/x86/) -ifeq (x86,$(ARCH)) +ifeq (x86,$(ARCH_PROCESSED)) TEST_GEN_FILES := msr aperf endif -- 2.25.1

2 years, 7 months

1
0
0 0

[PATCH v2 1/5] selftests/sgx: Retry the ioctl()'s returned with EAGAIN

by Jarkko Sakkinen

From: Haitao Huang <haitao.huang(a)linux.intel.com> For EMODT and EREMOVE ioctl()'s with a large range, kernel may not finish in one shot and return EAGAIN error code and count of bytes of EPC pages on that operations are finished successfully. Change the unclobbered_vdso_oversubscribed_remove test to rerun the ioctl()'s in a loop, updating offset and length using the byte count returned in each iteration. Fixes: 6507cce561b4 ("selftests/sgx: Page removal stress test") Signed-off-by: Haitao Huang <haitao.huang(a)linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v3: * Added a fixes tag. The bug is in v6.0 patches. * Added my tested-by (the bug reproduced in my NUC often). v2: * Changed branching in EAGAIN condition so that else branch is not required. * Addressed Reinette's feedback: --- tools/testing/selftests/sgx/main.c | 42 ++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 9820b3809c69..59cca806eda1 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -390,6 +390,7 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) struct encl_segment *heap; unsigned long total_mem; int ret, errno_save; + unsigned long count; unsigned long addr; unsigned long i; @@ -453,16 +454,30 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) modt_ioc.offset = heap->offset; modt_ioc.length = heap->size; modt_ioc.page_type = SGX_PAGE_TYPE_TRIM; - + count = 0; TH_LOG("Changing type of %zd bytes to trimmed may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + EXPECT_EQ(modt_ioc.result, 0); + + count += modt_ioc.count; + modt_ioc.offset += modt_ioc.count; + modt_ioc.length -= modt_ioc.count; + modt_ioc.result = 0; + modt_ioc.count = 0; + } while (modt_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); EXPECT_EQ(modt_ioc.result, 0); - EXPECT_EQ(modt_ioc.count, heap->size); + count += modt_ioc.count; + EXPECT_EQ(count, heap->size); /* EACCEPT all removed pages. */ addr = self->encl.encl_base + heap->offset; @@ -490,15 +505,26 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) remove_ioc.offset = heap->offset; remove_ioc.length = heap->size; - + count = 0; TH_LOG("Removing %zd bytes from enclave may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + count += remove_ioc.count; + remove_ioc.offset += remove_ioc.count; + remove_ioc.length -= remove_ioc.count; + remove_ioc.count = 0; + } while (remove_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); - EXPECT_EQ(remove_ioc.count, heap->size); + count += remove_ioc.count; + EXPECT_EQ(count, heap->size); } TEST_F(enclave, clobbered_vdso) -- 2.37.2

2 years, 7 months

2
7
0 0

[RFC PATCH] Hugetlb: Migrating hugetlb tests from libhugetlbfs

by Tarun Sahu

Libhugetlbfs is not being maintained actively, and some distro is dropping support for it. There are some tests that are good for testing hugetlb functionality in kernel, which can be migrated to either kernel kselftests or LTP. I am submitting this patch to get comments from community on the following 1. The test framework in ltp is most suitable for the tests that are in libhugetlbfs/tests/ which follow similar test framework. And there is already a section for hugetlb specific tests in LTP. So it makes more sense and less effort to migrate the test to LTP. Though I recommend migrating these tests to LTP, I would like to discuss tests should be migrated to LTP or kselftests. 2. Libhugetlbfs tests has license GNU Lesser GPL 2.1 or later, while kernel and LTP has license GPL2 or later, so can the test be migrated to kernel/kselftests or LTP. The below patch is libhugetlbfs/tests/direct.c which has been migrated to ltp/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c Signed-off-by: Tarun Sahu <tsahu(a)linux.ibm.com> --- runtest/hugetlb | 2 + testcases/kernel/mem/.gitignore | 1 + .../kernel/mem/hugetlb/hugemmap/hugemmap07.c | 106 ++++++++++++++++++ 3 files changed, 109 insertions(+) create mode 100644 testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c diff --git a/runtest/hugetlb b/runtest/hugetlb index f719217ab..ee02835d3 100644 --- a/runtest/hugetlb +++ b/runtest/hugetlb @@ -3,6 +3,8 @@ hugemmap02 hugemmap02 hugemmap04 hugemmap04 hugemmap05 hugemmap05 hugemmap06 hugemmap06 +hugemmap07 hugemmap07 + hugemmap05_1 hugemmap05 -m hugemmap05_2 hugemmap05 -s hugemmap05_3 hugemmap05 -s -m diff --git a/testcases/kernel/mem/.gitignore b/testcases/kernel/mem/.gitignore index ff2910533..df5256ec8 100644 --- a/testcases/kernel/mem/.gitignore +++ b/testcases/kernel/mem/.gitignore @@ -4,6 +4,7 @@ /hugetlb/hugemmap/hugemmap04 /hugetlb/hugemmap/hugemmap05 /hugetlb/hugemmap/hugemmap06 +/hugetlb/hugemmap/hugemmap07 /hugetlb/hugeshmat/hugeshmat01 /hugetlb/hugeshmat/hugeshmat02 /hugetlb/hugeshmat/hugeshmat03 diff --git a/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c new file mode 100644 index 000000000..798735ed0 --- /dev/null +++ b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c @@ -0,0 +1,106 @@ +/* + * License/Copyright Details + */ + +#define _GNU_SOURCE +#include <stdio.h> +#include <sys/mount.h> +#include <limits.h> +#include <sys/param.h> +#include <sys/types.h> + +#include "tst_test.h" + +#define P0 "ffffffff" +#define IOSZ 4096 +char buf[IOSZ] __attribute__((aligned(IOSZ))); +static int fildes = -1, nfildes = -1; +static char TEMPFILE[MAXPATHLEN]; +static char NTEMPFILE[MAXPATHLEN]; + +void test_directio(void) +{ + long hpage_size; + void *p; + int ret; + + hpage_size = SAFE_READ_MEMINFO("Hugepagesize:"); + + fildes = SAFE_OPEN(TEMPFILE, O_RDWR | O_CREAT, 0600); + nfildes = SAFE_OPEN(NTEMPFILE, O_CREAT|O_EXCL|O_RDWR|O_DIRECT, 0600); + + p = mmap(NULL, hpage_size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fildes, 0); + if (p == MAP_FAILED) + tst_brk(TFAIL | TERRNO, "mmap() Failed on %s", TEMPFILE); + + memcpy(p, P0, 8); + + /* Direct write from huge page */ + ret = write(nfildes, p, IOSZ); + if (ret == -1) + tst_brk(TFAIL | TERRNO, "Direct-IO write from huge page"); + if (ret != IOSZ) + tst_brk(TFAIL, "Short direct-IO write from huge page"); + if (lseek(nfildes, 0, SEEK_SET) == -1) + tst_brk(TFAIL | TERRNO, "lseek"); + + /* Check for accuracy */ + ret = read(nfildes, buf, IOSZ); + if (ret == -1) + tst_brk(TFAIL | TERRNO, "Direct-IO read to normal memory"); + if (ret != IOSZ) + tst_brk(TFAIL, "Short direct-IO read to normal memory"); + if (memcmp(P0, buf, 8)) + tst_brk(TFAIL, "Memory mismatch after Direct-IO write"); + if (lseek(nfildes, 0, SEEK_SET) == -1) + tst_brk(TFAIL | TERRNO, "lseek"); + + /* Direct read to huge page */ + memset(p, 0, IOSZ); + ret = read(nfildes, p, IOSZ); + if (ret == -1) + tst_brk(TFAIL | TERRNO, "Direct-IO read to huge page"); + if (ret != IOSZ) + tst_brk(TFAIL, "Short direct-IO read to huge page"); + + /* Check for accuracy */ + if (memcmp(p, P0, 8)) + tst_brk(TFAIL, "Memory mismatch after Direct-IO read"); + tst_res(TPASS, "Successfully tested Hugepage Direct I/O"); +} + +void setup(void) +{ + if (tst_hugepages == 0) + tst_brk(TCONF, "Not enough hugepages for testing."); + + if (!Hopt) + Hopt = tst_get_tmpdir(); + SAFE_MOUNT("none", Hopt, "hugetlbfs", 0, NULL); + + snprintf(TEMPFILE, sizeof(TEMPFILE), "%s/mmapfile%d", Hopt, getpid()); + snprintf(NTEMPFILE, sizeof(NTEMPFILE), "%s/nmmapfile%d", "/home/", getpid()); +} + +void cleanup(void) +{ + close(fildes); + close(nfildes); + remove(TEMPFILE); + remove(NTEMPFILE); + umount2(Hopt, MNT_DETACH); +} + +static struct tst_test test = { + .needs_root = 1, + .needs_tmpdir = 1, + .options = (struct tst_option[]) { + {"H:", &Hopt, "Location of hugetlbfs, i.e. -H /var/hugetlbfs"}, + {"s:", &nr_opt, "Set the number of the been allocated hugepages"}, + {} + }, + .setup = setup, + .cleanup = cleanup, + .test_all = test_directio, + .hugepages = {2, TST_REQUEST}, +}; -- 2.31.1

2 years, 7 months

2
4
0 0

[PATCH 0/7] mm/damon: minor fixes and cleanups

by SeongJae Park

This patchset contains minor fixes and cleanups for DAMON including - selftest for a bug we found before (Patch 1), - fix of region holes in vaddr corner case and a kunit test for it (Patches 2 and 3), and - documents/Kconfig updates for title wordsmithing (Patch 4) and more aggressive DAMON debugfs interface deprecation announcement (Patches 5-7). SeongJae Park (7): selftest/damon: add a test for duplicate context dirs creation mm/damon/core: avoid holes in newly set monitoring target ranges mm/damon/core-test: test damon_set_regions Docs/admin-guide/mm/damon: rename the title of the document mm/damon/Kconfig: Notify debugfs deprecation plan Docs/DAMON/start: mention the dependency as sysfs instead of debugfs Docs/admin-guide/mm/damon/usage: note DAMON debugfs interface deprecation plan Documentation/admin-guide/mm/damon/index.rst | 6 ++--- Documentation/admin-guide/mm/damon/start.rst | 13 +++------ Documentation/admin-guide/mm/damon/usage.rst | 5 ++++ mm/damon/Kconfig | 3 +++ mm/damon/core-test.h | 23 ++++++++++++++++ mm/damon/core.c | 24 +++++++++++++++++ tools/testing/selftests/damon/Makefile | 1 + .../debugfs_duplicate_context_creation.sh | 27 +++++++++++++++++++ 8 files changed, 89 insertions(+), 13 deletions(-) create mode 100644 tools/testing/selftests/damon/debugfs_duplicate_context_creation.sh -- 2.25.1

2 years, 8 months

1
1
0 0

[PATCH v12 0/3] Add TDX Guest Attestation support

by Kuppuswamy Sathyanarayanan

Hi All, Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious hosts and some physical attacks. VM guest with TDX support is called as a TDX Guest. In TDX guest, attestation process is used to verify the TDX guest trustworthiness to other entities before provisioning secrets to the guest. For example, a key server may request for attestation before releasing the encryption keys to mount the encrypted rootfs or secondary drive. This patch set adds attestation support for the TDX guest. Details about the TDX attestation process and the steps involved are explained in the commit log of Patch 1/3 or in Documentation/x86/tdx.rst (added by patch 3/3). Following are the details of the patch set: Patch 1/3 -> Adds TDREPORT support. Patch 2/3 -> Adds selftest support for TDREPORT feature. Patch 3/3 -> Add attestation related documentation. Commit log history is maintained in the individual patches. Kuppuswamy Sathyanarayanan (3): x86/tdx: Add TDX Guest attestation interface driver selftests: tdx: Test TDX attestation GetReport support Documentation/x86: Document TDX attestation process Documentation/x86/tdx.rst | 75 +++++++++ arch/x86/coco/tdx/tdx.c | 112 +++++++++++++ arch/x86/include/uapi/asm/tdx.h | 54 ++++++ tools/arch/x86/include/uapi/asm/tdx.h | 54 ++++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/tdx/Makefile | 11 ++ tools/testing/selftests/tdx/config | 1 + tools/testing/selftests/tdx/tdx_attest_test.c | 155 ++++++++++++++++++ 8 files changed, 463 insertions(+) create mode 100644 arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/testing/selftests/tdx/Makefile create mode 100644 tools/testing/selftests/tdx/config create mode 100644 tools/testing/selftests/tdx/tdx_attest_test.c -- 2.34.1

2 years, 8 months

7
19
0 0

[GIT PULL] KUnit fixes update for Linux 6.0-rc5

by Shuah Khan

Hi Linus, Please pull the following KUnit fixes update for Linux 6.0-rc5. This KUnit fixes update for Linux 6.0-rc5 consists of 2 fixes to test build and a fix to incorrect taint reason reporting. Please note that this update touches drivers/thunderbolt and drivers/virt Kconfig files. diff is attached. thanks, -- Shuah ---------------------------------------------------------------- The following changes since commit 41a55567b9e31cb852670684404654ec4fd0d8d6: module: kunit: Load .kunit_test_suites section when CONFIG_KUNIT=m (2022-08-15 13:51:07 -0600) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest tags/linux-kselftest-kunit-fixes-6.0-rc5 for you to fetch changes up to 2a2dfc869d3345ccdd91322b023f4b0da84acbe7: tools: Add new "test" taint to kernel-chktaint (2022-09-07 14:51:12 -0600) ---------------------------------------------------------------- linux-kselftest-kunit-fixes-6.0-rc5 This KUnit fixes update for Linux 6.0-rc5 consists of 2 fixes to test build and a fix to incorrect taint reason reporting. ---------------------------------------------------------------- Joe Fradley (1): tools: Add new "test" taint to kernel-chktaint Nico Pache (1): kunit: fix Kconfig for build-in tests USB4 and Nitro Enclaves Sander Vanheule (1): kunit: fix assert_type for comparison macros drivers/thunderbolt/Kconfig | 3 +-- drivers/virt/nitro_enclaves/Kconfig | 2 +- include/kunit/test.h | 6 +++--- tools/debugging/kernel-chktaint | 9 +++++++++ 4 files changed, 14 insertions(+), 6 deletions(-) ----------------------------------------------------------------

2 years, 8 months

2
1
0 0

[PATCH -next 0/5] Optimize and bugfix for notifier error

by Zhao Gongyi

1. Fix non-working usage of negative values 2. Add checking after online or offline 3. Restore memory before exit 4. Correct test's name Zhao Gongyi (5): docs: notifier-error-inject: fix non-working usage of negative values selftests/memory-hotplug: Use 'printf' instead of 'echo' selftests/memory-hotplug: Add checking after online or offline selftests/memory-hotplug: Restore memory before exit docs: notifier-error-inject: Correct test's name .../fault-injection/notifier-error-inject.rst | 14 ++++--- .../memory-hotplug/mem-on-off-test.sh | 37 +++++++++++++++---- 2 files changed, 39 insertions(+), 12 deletions(-) -- 2.17.1

2 years, 8 months

2
7
0 0

test ./tools/testing/selftests/bpf/test_offload.py failed

by Jie2x Zhou

hi, I try to know why output following error? I found that "disable_ifindex" file do not set read function, so return -EINVAL when do read. Is it a bug in test_offload.py? test output: selftests: bpf: test_offload.py Test destruction of generic XDP... ...... raise Exception("Command failed: %s\n%s" % (proc.args, stderr)) Exception: Command failed: cat /sys/kernel/debug/netdevsim/netdevsim0//ports/0/dev/hwstats/l3/disable_ifindex cat: /sys/kernel/debug/netdevsim/netdevsim0//ports/0/dev/hwstats/l3/disable_ifindex: Invalid argument not ok 20 selftests: bpf: test_offload.py # exit=1 source code: In drivers/net/netdevsim/hwstats.c: define NSIM_DEV_HWSTATS_FOPS(ACTION, TYPE) \ { \ .fops = { \ .open = simple_open, \ .write = nsim_dev_hwstats_do_write, \ .llseek = generic_file_llseek, \ .owner = THIS_MODULE, \ }, \ .action = ACTION, \ .type = TYPE, \ } static const struct nsim_dev_hwstats_fops nsim_dev_hwstats_l3_disable_fops = NSIM_DEV_HWSTATS_FOPS(NSIM_DEV_HWSTATS_DO_DISABLE, NETDEV_OFFLOAD_XSTATS_TYPE_L3); debugfs_create_file("disable_ifindex", 0600, hwstats->l3_ddir, hwstats, &nsim_dev_hwstats_l3_disable_fops.fops); In fs/read_write.c: ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos) { ...... if (file->f_op->read) ret = file->f_op->read(file, buf, count, pos); else if (file->f_op->read_iter) ret = new_sync_read(file, buf, count, pos); else ret = -EINVAL; ...... } best regards,

2 years, 8 months

3
8
0 0

[net-next v4 0/6] net: support QUIC crypto

by Adel Abouchaev

QUIC requires end to end encryption of the data. The application usually prepares the data in clear text, encrypts and calls send() which implies multiple copies of the data before the packets hit the networking stack. Similar to kTLS, QUIC kernel offload of cryptography reduces the memory pressure by reducing the number of copies. The scope of kernel support is limited to the symmetric cryptography, leaving the handshake to the user space library. For QUIC in particular, the application packets that require symmetric cryptography are the 1RTT packets with short headers. Kernel will encrypt the application packets on transmission and decrypt on receive. This series implements Tx only, because in QUIC server applications Tx outweighs Rx by orders of magnitude. Supporting the combination of QUIC and GSO requires the application to correctly place the data and the kernel to correctly slice it. The encryption process appends an arbitrary number of bytes (tag) to the end of the message to authenticate it. The GSO value should include this overhead, the offload would then subtract the tag size to parse the input on Tx before chunking and encrypting it. With the kernel cryptography, the buffer copy operation is conjoined with the encryption operation. The memory bandwidth is reduced by 5-8%. When devices supporting QUIC encryption in hardware come to the market, we will be able to free further 7% of CPU utilization which is used today for crypto operations. Adel Abouchaev (6): Documentation on QUIC kernel Tx crypto. Define QUIC specific constants, control and data plane structures Add UDP ULP operations, initialization and handling prototype functions. Implement QUIC offload functions Add flow counters and Tx processing error counter Add self tests for ULP operations, flow setup and crypto tests Documentation/networking/index.rst | 1 + Documentation/networking/quic.rst | 215 ++++ include/net/inet_sock.h | 2 + include/net/netns/mib.h | 3 + include/net/quic.h | 63 + include/net/snmp.h | 6 + include/net/udp.h | 33 + include/uapi/linux/quic.h | 68 ++ include/uapi/linux/snmp.h | 9 + include/uapi/linux/udp.h | 4 + net/Kconfig | 1 + net/Makefile | 1 + net/ipv4/Makefile | 3 +- net/ipv4/udp.c | 15 + net/ipv4/udp_ulp.c | 192 +++ net/quic/Kconfig | 16 + net/quic/Makefile | 8 + net/quic/quic_main.c | 1533 ++++++++++++++++++++++++ net/quic/quic_proc.c | 45 + security/security.c | 1 + tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 3 +- tools/testing/selftests/net/quic.c | 1369 +++++++++++++++++++++ tools/testing/selftests/net/quic.sh | 46 + 24 files changed, 3636 insertions(+), 2 deletions(-) create mode 100644 Documentation/networking/quic.rst create mode 100644 include/net/quic.h create mode 100644 include/uapi/linux/quic.h create mode 100644 net/ipv4/udp_ulp.c create mode 100644 net/quic/Kconfig create mode 100644 net/quic/Makefile create mode 100644 net/quic/quic_main.c create mode 100644 net/quic/quic_proc.c create mode 100644 tools/testing/selftests/net/quic.c create mode 100755 tools/testing/selftests/net/quic.sh -- 2.30.2

2 years, 8 months

2
7
0 0

[PATCH v2 5/5] selftests/sgx: Add SGX selftest augment_via_eaccept_long

by Jarkko Sakkinen

From: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Add a new test case which is same as augment_via_eaccept but adds a larger number of EPC pages to stress test EAUG via EACCEPT. Signed-off-by: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v8: - Specify dynamic heap size in side the test case. v7: - Contains now only the test case. Support for dynamic heap is prepared in prepending patches. v6: - Address Reinette's feedback: https://lore.kernel.org/linux-sgx/Yw6%2FiTzSdSw%2FY%2FVO@kernel.org/ v5: - Add the klog dump and sysctl option to the commit message. v4: - Explain expectations for dirty_page_list in the function header, instead of an inline comment. - Improve commit message to explain the conditions better. - Return the number of pages left dirty to ksgxd() and print warning after the 2nd call, if there are any. v3: - Remove WARN_ON(). - Tuned comments and the commit message a bit. v2: - Replaced WARN_ON() with optional pr_info() inside __sgx_sanitize_pages(). - Rewrote the commit message. - Added the fixes tag. --- tools/testing/selftests/sgx/main.c | 112 ++++++++++++++++++++++++++++- 1 file changed, 111 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 78c3b913ce10..e596b45bc5f8 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -22,8 +22,10 @@ #include "main.h" static const size_t ENCL_HEAP_SIZE_DEFAULT = PAGE_SIZE; +static const unsigned long TIMEOUT_DEFAULT = 900; static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; + vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; /* @@ -387,7 +389,7 @@ TEST_F(enclave, unclobbered_vdso_oversubscribed) EXPECT_EQ(self->run.user_data, 0); } -TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) +TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, TIMEOUT_DEFAULT) { struct sgx_enclave_remove_pages remove_ioc; struct sgx_enclave_modify_types modt_ioc; @@ -1245,6 +1247,114 @@ TEST_F(enclave, augment_via_eaccept) munmap(addr, PAGE_SIZE); } +/* + * Test for the addition of large number of pages to an initialized enclave via + * a pre-emptive run of EACCEPT on every page to be added. + */ +TEST_F_TIMEOUT(enclave, augment_via_eaccept_long, TIMEOUT_DEFAULT) +{ + /* + * The dynamic heap size was chosen based on a bug report: + * Message-ID: + * <DM8PR11MB55912A7F47A84EC9913A6352F6999(a)DM8PR11MB5591.namprd11.prod.outlook.com> + */ + static const unsigned long DYNAMIC_HEAP_SIZE = 0x200000L * PAGE_SIZE; + struct encl_op_get_from_addr get_addr_op; + struct encl_op_put_to_addr put_addr_op; + struct encl_op_eaccept eaccept_op; + size_t total_size = 0; + unsigned long i; + void *addr; + + if (!sgx2_supported()) + SKIP(return, "SGX2 not supported"); + + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, DYNAMIC_HEAP_SIZE, + &self->encl, _metadata)); + + memset(&self->run, 0, sizeof(self->run)); + self->run.tcs = self->encl.encl_base; + + for (i = 0; i < self->encl.nr_segments; i++) { + struct encl_segment *seg = &self->encl.segment_tbl[i]; + + total_size += seg->size; + } + + /* + * mmap() every page at end of existing enclave to be used for + * EDMM. + */ + addr = mmap((void *)self->encl.encl_base + total_size, DYNAMIC_HEAP_SIZE, + PROT_READ | PROT_WRITE | PROT_EXEC, MAP_SHARED | MAP_FIXED, + self->encl.fd, 0); + EXPECT_NE(addr, MAP_FAILED); + + self->run.exception_vector = 0; + self->run.exception_error_code = 0; + self->run.exception_addr = 0; + + /* + * Run EACCEPT on every page to trigger the #PF->EAUG->EACCEPT(again + * without a #PF). All should be transparent to userspace. + */ + eaccept_op.flags = SGX_SECINFO_R | SGX_SECINFO_W | SGX_SECINFO_REG | SGX_SECINFO_PENDING; + eaccept_op.ret = 0; + eaccept_op.header.type = ENCL_OP_EACCEPT; + + for (i = 0; i < DYNAMIC_HEAP_SIZE; i += PAGE_SIZE) { + eaccept_op.epc_addr = (uint64_t)(addr + i); + + EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0); + if (self->run.exception_vector == 14 && + self->run.exception_error_code == 4 && + self->run.exception_addr == self->encl.encl_base) { + munmap(addr, DYNAMIC_HEAP_SIZE); + SKIP(return, "Kernel does not support adding pages to initialized enclave"); + } + + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + ASSERT_EQ(eaccept_op.ret, 0); + ASSERT_EQ(self->run.function, EEXIT); + } + + /* + * Pool of pages were successfully added to enclave. Perform sanity + * check on first page of the pool only to ensure data can be written + * to and read from a dynamically added enclave page. + */ + put_addr_op.value = MAGIC; + put_addr_op.addr = (unsigned long)addr; + put_addr_op.header.type = ENCL_OP_PUT_TO_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + /* + * Read memory from newly added page that was just written to, + * confirming that data previously written (MAGIC) is present. + */ + get_addr_op.value = 0; + get_addr_op.addr = (unsigned long)addr; + get_addr_op.header.type = ENCL_OP_GET_FROM_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0); + + EXPECT_EQ(get_addr_op.value, MAGIC); + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + munmap(addr, DYNAMIC_HEAP_SIZE); +} + /* * SGX2 page type modification test in two phases: * Phase 1: -- 2.37.2

2 years, 8 months

2
3
0 0

[PATCH v2 4/5] selftests/sgx: Include the dynamic heap size to the ELRANGE calculation

by Jarkko Sakkinen

When calculating ELRANGE, i.e. the address range defined for an enclave, and represented by encl->encl_size, also dynamic memory should be taken into account. Implement setup_test_encl_dynamic() with dynamic_size parameter for the dynamic heap size, and use it in 'augment_via_eaccept' and 'augment' tests. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v2: * Specify a dynamic heap of three pages for tcs_create test. * Specify required dynamic heap inside the test cases instead of ENCL_DYNAMIC_SIZE_DEFAULT because the dynamic heaps size varies between the test cases. --- tools/testing/selftests/sgx/load.c | 5 +++-- tools/testing/selftests/sgx/main.c | 22 +++++++++++++++------- tools/testing/selftests/sgx/main.h | 3 ++- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 3b4e2422fb09..963a5c6bbbdc 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -171,7 +171,8 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) return 0; } -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long dynamic_size) { const char device_path[] = "/dev/sgx_enclave"; unsigned long contents_size; @@ -299,7 +300,7 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) if (seg->src == MAP_FAILED) goto err; - contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; + contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size + dynamic_size; for (encl->encl_size = 4096; encl->encl_size < contents_size; ) encl->encl_size <<= 1; diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index a1850e139c99..78c3b913ce10 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -173,8 +173,8 @@ FIXTURE(enclave) { struct sgx_enclave_run run; }; -static bool setup_test_encl(unsigned long heap_size, struct encl *encl, - struct __test_metadata *_metadata) +static bool setup_test_encl_dynamic(unsigned long heap_size, unsigned long dynamic_size, + struct encl *encl, struct __test_metadata *_metadata) { Elf64_Sym *sgx_enter_enclave_sym = NULL; struct vdso_symtab symtab; @@ -184,7 +184,7 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, unsigned int i; void *addr; - if (!encl_load("test_encl.elf", encl, heap_size)) { + if (!encl_load("test_encl.elf", encl, heap_size, dynamic_size)) { encl_delete(encl); TH_LOG("Failed to load the test enclave."); return false; @@ -251,6 +251,12 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, return false; } +static bool setup_test_encl(unsigned long heap_size, struct encl *encl, + struct __test_metadata *_metadata) +{ + return setup_test_encl_dynamic(heap_size, 0, encl, _metadata); +} + FIXTURE_SETUP(enclave) { } @@ -1013,7 +1019,8 @@ TEST_F(enclave, augment) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, PAGE_SIZE, &self->encl, + _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1143,7 +1150,8 @@ TEST_F(enclave, augment_via_eaccept) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, PAGE_SIZE, &self->encl, + _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1264,8 +1272,8 @@ TEST_F(enclave, tcs_create) int errno_save; int ret, i; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, - _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, 3 * PAGE_SIZE, &self->encl, + _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index 9c1bc0d9b43c..8f77ce56ad09 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -32,7 +32,8 @@ extern unsigned char sign_key[]; extern unsigned char sign_key_end[]; void encl_delete(struct encl *ctx); -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size); +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long dynamic_size); bool encl_measure(struct encl *encl); bool encl_build(struct encl *encl); uint64_t encl_get_entry(struct encl *encl, const char *symbol); -- 2.37.2

2 years, 8 months

2
1
0 0

[PATCH v2 3/5] selftests/sgx: Use encl->encl_size in sigstruct.c

by Jarkko Sakkinen

The final enclave address range (referred as ELRANGE in Intel SDM) calculation is a reminiscent of signing tool being a separate command-line utility, and sigstruct being produced during the compilation. Given that nowadays the sigstruct is calculated on-fly, use the readily calculated encl->encl_size instead, in order to remove duplicate code. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/load.c | 5 +++-- tools/testing/selftests/sgx/main.h | 1 - tools/testing/selftests/sgx/sigstruct.c | 8 ++------ 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 94bdeac1cf04..3b4e2422fb09 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -174,6 +174,7 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) { const char device_path[] = "/dev/sgx_enclave"; + unsigned long contents_size; struct encl_segment *seg; Elf64_Phdr *phdr_tbl; off_t src_offset; @@ -298,9 +299,9 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) if (seg->src == MAP_FAILED) goto err; - encl->src_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; + contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; - for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + for (encl->encl_size = 4096; encl->encl_size < contents_size; ) encl->encl_size <<= 1; return true; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index 82b33f8db048..9c1bc0d9b43c 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -20,7 +20,6 @@ struct encl { void *bin; off_t bin_size; void *src; - size_t src_size; size_t encl_size; off_t encl_base; unsigned int nr_segments; diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index 50c5ab1aa6fa..0c7678d2594b 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -212,13 +212,9 @@ struct mrecreate { } __attribute__((__packed__)); -static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t blob_size) +static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t encl_size) { struct mrecreate mrecreate; - uint64_t encl_size; - - for (encl_size = 0x1000; encl_size < blob_size; ) - encl_size <<= 1; memset(&mrecreate, 0, sizeof(mrecreate)); mrecreate.tag = MRECREATE; @@ -343,7 +339,7 @@ bool encl_measure(struct encl *encl) if (!ctx) goto err; - if (!mrenclave_ecreate(ctx, encl->src_size)) + if (!mrenclave_ecreate(ctx, encl->encl_size)) goto err; for (i = 0; i < encl->nr_segments; i++) { -- 2.37.2

2 years, 8 months

2
1
0 0

[PATCH v2 2/5] selftests/sgx: Move ENCL_HEAP_SIZE_DEFAULT to main.c

by Jarkko Sakkinen

Move ENCL_HEAP_SIZE_DEFAULT to main.c because all the other constants are also there, and it is only used locally there. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/main.c | 1 + tools/testing/selftests/sgx/main.h | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 59cca806eda1..a1850e139c99 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -21,6 +21,7 @@ #include "../kselftest_harness.h" #include "main.h" +static const size_t ENCL_HEAP_SIZE_DEFAULT = PAGE_SIZE; static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index fc585be97e2f..82b33f8db048 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -6,8 +6,6 @@ #ifndef MAIN_H #define MAIN_H -#define ENCL_HEAP_SIZE_DEFAULT 4096 - struct encl_segment { void *src; off_t offset; -- 2.37.2

2 years, 8 months

2
1
0 0

[PATCH 0/7] bpf: Add fd modes check for map iter and extend libbpf

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> Add a missing fd modes check in map iterators, potentially causing unauthorized map writes by eBPF programs attached to the iterator. Use this patch set as an opportunity to start a discussion with the cgroup developers about whether a security check is missing or not for their iterator. Also, extend libbpf with the _opts variant of bpf_*_get_fd_by_id(). Only bpf_map_get_fd_by_id_opts() is really useful in this patch set, to ensure that the creation of a map iterator fails with a read-only fd. Add all variants in this patch set for symmetry with bpf_map_get_fd_by_id_opts(), and because all the variants share the same opts structure. Also, add all the variants here, to shrink the patch set fixing map permissions requested by bpftool, so that the remaining patches are only about the latter. Finally, extend the bpf_iter test with the read-only fd check, and test each _opts variant of bpf_*_get_fd_by_id(). Roberto Sassu (7): bpf: Add missing fd modes check for map iterators libbpf: Define bpf_get_fd_opts and introduce bpf_map_get_fd_by_id_opts() libbpf: Introduce bpf_prog_get_fd_by_id_opts() libbpf: Introduce bpf_btf_get_fd_by_id_opts() libbpf: Introduce bpf_link_get_fd_by_id_opts() selftests/bpf: Ensure fd modes are checked for map iters and destroy links selftests/bpf: Add tests for _opts variants of libbpf include/linux/bpf.h | 2 +- kernel/bpf/inode.c | 2 +- kernel/bpf/map_iter.c | 3 +- kernel/bpf/syscall.c | 8 +- net/core/bpf_sk_storage.c | 3 +- net/core/sock_map.c | 3 +- tools/lib/bpf/bpf.c | 47 +++++- tools/lib/bpf/bpf.h | 16 ++ tools/lib/bpf/libbpf.map | 10 +- tools/lib/bpf/libbpf_version.h | 2 +- .../selftests/bpf/prog_tests/bpf_iter.c | 34 +++- .../bpf/prog_tests/libbpf_get_fd_opts.c | 145 ++++++++++++++++++ .../bpf/progs/test_libbpf_get_fd_opts.c | 49 ++++++ 13 files changed, 309 insertions(+), 15 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/libbpf_get_fd_opts.c create mode 100644 tools/testing/selftests/bpf/progs/test_libbpf_get_fd_opts.c -- 2.25.1

2 years, 8 months

2
12
0 0

[PATCH] selftests/cgroup: fix repeated words in comments

by wangjianli

Delete the redundant word 'in'. Signed-off-by: wangjianli <wangjianli(a)cdjrlc.com> --- tools/testing/selftests/cgroup/test_freezer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/cgroup/test_freezer.c b/tools/testing/selftests/cgroup/test_freezer.c index ff519029f6f4..b479434e87b7 100644 --- a/tools/testing/selftests/cgroup/test_freezer.c +++ b/tools/testing/selftests/cgroup/test_freezer.c @@ -740,7 +740,7 @@ static int test_cgfreezer_ptraced(const char *root) /* * cg_check_frozen(cgroup, true) will fail here, - * because the task in in the TRACEd state. + * because the task in the TRACEd state. */ if (cg_freeze_wait(cgroup, false)) goto cleanup; -- 2.36.1

2 years, 8 months

3
2
0 0

[PATCH] selftests/kexec: fix build for ARCH=x86_64

by Ricardo Cañuelo

Handle the scenario where the build is launched with the ARCH envvar defined as x86_64. Signed-off-by: Ricardo Cañuelo <ricardo.canuelo(a)collabora.com> --- tools/testing/selftests/kexec/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kexec/Makefile b/tools/testing/selftests/kexec/Makefile index 806a150648c3..67fe7a46cb62 100644 --- a/tools/testing/selftests/kexec/Makefile +++ b/tools/testing/selftests/kexec/Makefile @@ -1,10 +1,10 @@ # SPDX-License-Identifier: GPL-2.0-only # Makefile for kexec tests -uname_M := $(shell uname -m 2>/dev/null || echo not) -ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/) +ARCH ?= $(shell uname -m 2>/dev/null || echo not) +ARCH_PROCESSED := $(shell echo $(ARCH) | sed -e s/i.86/x86/ -e s/x86_64/x86/) -ifeq ($(ARCH),$(filter $(ARCH),x86 ppc64le)) +ifeq ($(ARCH_PROCESSED),$(filter $(ARCH_PROCESSED),x86 ppc64le)) TEST_PROGS := test_kexec_load.sh test_kexec_file_load.sh TEST_FILES := kexec_common_lib.sh -- 2.25.1

2 years, 8 months

1
0
0 0

kselftest/next kselftest-lkdtm: 5 runs, 1 regressions (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761)

by kernelci.org bot

kselftest/next kselftest-lkdtm: 5 runs, 1 regressions (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/job/kselftest/branch/next/kernel/linux-kselftest-… Test: kselftest-lkdtm Tree: kselftest Branch: next Describe: linux-kselftest-next-6.0-rc2-11-g144eeb2fc761 URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git SHA: 144eeb2fc761f966f71ab8b4b7d2a2198ecc400f Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/6319235877d2cc81a935564f Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-1… HTML log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-1… Rootfs: http://storage.kernelci.org/images/rootfs/debian/bullseye-kselftest/2022082… * kselftest-lkdtm.login: https://kernelci.org/test/case/id/6319235877d2cc81a9355650 failing since 15 days (last pass: v6.0-rc1-1-gf1227dc7d0411, first fail: linux-kselftest-next-6.0-rc2-1-gab7039dbcc61)

2 years, 8 months

1
0
0 0

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761)

by kernelci.org bot

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761) Full Build Summary: https://kernelci.org/build/kselftest/branch/next/kernel/linux-kselftest-nex… Tree: kselftest Branch: next Git Describe: linux-kselftest-next-6.0-rc2-11-g144eeb2fc761 Git Commit: 144eeb2fc761f966f71ab8b4b7d2a2198ecc400f Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git Built: 4 unique architectures ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- defconfig+kselftest (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig+kselftest (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+kselftest (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

2 years, 8 months

1
0
0 0

[PATCH -next v3 0/5] Optimize and bugfix for cpu-on-off-test.sh

by Zhao Gongyi

1. Correct log info 2. Replace exit with return to make the test exit gracefully 3. Delete fault injection related code 4. Reserve one cpu online when the test offline all cpus 5. Add log info when run full test successfully Changes in v3: - Remove config file for patch 2 - Update information of cover letter Changes in v2: - Update change log of patch 2 - Update exiting value to avoid incorrect report for patch 2 - Keep online_cpu_expect_fail() and offline_cpu_expect_fail() for patch 3 Zhao Gongyi (5): selftests/cpu-hotplug: Correct log info selftests/cpu-hotplug: Use return instead of exit selftests/cpu-hotplug: Delete fault injection related code selftests/cpu-hotplug: Reserve one cpu online at least selftests/cpu-hotplug: Add log info when test success tools/testing/selftests/cpu-hotplug/Makefile | 2 +- tools/testing/selftests/cpu-hotplug/config | 1 - .../selftests/cpu-hotplug/cpu-on-off-test.sh | 140 +++++------------- 3 files changed, 37 insertions(+), 106 deletions(-) delete mode 100644 tools/testing/selftests/cpu-hotplug/config -- 2.17.1

2 years, 8 months

2
6
0 0

[PATCH bpf-next v11 0/7] bpf-core changes for preparation of

by Benjamin Tissoires

Hi, well, given that the HID changes haven't moved a lot in the past revisions and that I am cc-ing a bunch of people, I have dropped them while we focus on the last 2 requirements in bpf-core changes. I'll submit a HID targeted series when we get these in tree, which would make things a lore more independent. For reference, the whole reasons for these 2 main changes are at https://lore.kernel.org/bpf/20220902132938.2409206-1-benjamin.tissoires@red… Compared to v10 (in addition of dropping the HID changes), I have changed the selftests so we can test both light skeletons and libbbpf calls. Cheers, Benjamin Benjamin Tissoires (7): selftests/bpf: regroup and declare similar kfuncs selftests in an array bpf: split btf_check_subprog_arg_match in two bpf/verifier: allow all functions to read user provided context selftests/bpf: add test for accessing ctx from syscall program type bpf/btf: bump BTF_KFUNC_SET_MAX_CNT bpf/verifier: allow kfunc to return an allocated mem selftests/bpf: Add tests for kfunc returning a memory pointer include/linux/bpf.h | 11 +- include/linux/bpf_verifier.h | 2 + include/linux/btf.h | 10 + kernel/bpf/btf.c | 149 ++++++++++-- kernel/bpf/verifier.c | 66 +++-- net/bpf/test_run.c | 37 +++ tools/testing/selftests/bpf/Makefile | 5 +- .../selftests/bpf/prog_tests/kfunc_call.c | 227 ++++++++++++++++-- .../selftests/bpf/progs/kfunc_call_fail.c | 160 ++++++++++++ .../selftests/bpf/progs/kfunc_call_test.c | 71 ++++++ 10 files changed, 678 insertions(+), 60 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/kfunc_call_fail.c -- 2.36.1

2 years, 8 months

4
15
0 0

[PATCH][next] kselftest/arm64: Fix spelling misakes of signal names

by Colin Ian King

There are a couple of spelling mistakes of signame names. Fix them. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/arm64/fp/fp-stress.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fp-stress.c b/tools/testing/selftests/arm64/fp/fp-stress.c index 01cef1962ab5..a5c0ebef2419 100644 --- a/tools/testing/selftests/arm64/fp/fp-stress.c +++ b/tools/testing/selftests/arm64/fp/fp-stress.c @@ -247,7 +247,7 @@ static void handle_child_signal(int sig, siginfo_t *info, void *context) } if (!found) - ksft_print_msg("SIGCHILD for unknown PID %d with status %d\n", + ksft_print_msg("SIGCHLD for unknown PID %d with status %d\n", info->si_pid, info->si_status); } @@ -457,7 +457,7 @@ int main(int argc, char **argv) strerror(errno), errno); ret = sigaction(SIGTERM, &sa, NULL); if (ret < 0) - ksft_print_msg("Failed to install SIGTEM handler: %s (%d)\n", + ksft_print_msg("Failed to install SIGTERM handler: %s (%d)\n", strerror(errno), errno); sa.sa_sigaction = handle_child_signal; ret = sigaction(SIGCHLD, &sa, NULL); -- 2.37.1

2 years, 8 months

2
1
0 0

[PATCH] kselftest/arm64: Install signal handlers before output in FP stress tests

by Mark Brown

To interface more robustly with other processes install the signal handers in the floating point stress tests before we produce any output, this means that a parent process can know that if it has seen any output from the test then the test is ready to handle incoming signals. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Resending with signoff added, was missed on previous postings. .../testing/selftests/arm64/fp/fpsimd-test.S | 48 +++++++++---------- tools/testing/selftests/arm64/fp/sve-test.S | 48 +++++++++---------- tools/testing/selftests/arm64/fp/za-test.S | 48 +++++++++---------- 3 files changed, 72 insertions(+), 72 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fpsimd-test.S b/tools/testing/selftests/arm64/fp/fpsimd-test.S index f0f92192351a..918d04885a33 100644 --- a/tools/testing/selftests/arm64/fp/fpsimd-test.S +++ b/tools/testing/selftests/arm64/fp/fpsimd-test.S @@ -216,6 +216,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + // Sanity-check and report the vector length mov x19, #128 @@ -246,30 +270,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - mov x22, #0 // generation number, increments per iteration .Ltest_loop: diff --git a/tools/testing/selftests/arm64/fp/sve-test.S b/tools/testing/selftests/arm64/fp/sve-test.S index 79c56e6c5b23..2a18cb4c528c 100644 --- a/tools/testing/selftests/arm64/fp/sve-test.S +++ b/tools/testing/selftests/arm64/fp/sve-test.S @@ -379,6 +379,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // Irritation signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + #ifdef SSVE puts "Streaming mode " smstart_sm @@ -414,30 +438,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - #ifdef SSVE smstart_sm // syscalls will have exited streaming mode #endif diff --git a/tools/testing/selftests/arm64/fp/za-test.S b/tools/testing/selftests/arm64/fp/za-test.S index 901839107205..53c54af65704 100644 --- a/tools/testing/selftests/arm64/fp/za-test.S +++ b/tools/testing/selftests/arm64/fp/za-test.S @@ -232,6 +232,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + puts "Streaming mode " smstart_za @@ -264,30 +288,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - mov x22, #0 // generation number, increments per iteration .Ltest_loop: rdsvl 0, 8 -- 2.30.2

2 years, 8 months

2
1
0 0

[net-next v3 0/6] net: support QUIC crypto

by Adel Abouchaev

QUIC requires end to end encryption of the data. The application usually prepares the data in clear text, encrypts and calls send() which implies multiple copies of the data before the packets hit the networking stack. Similar to kTLS, QUIC kernel offload of cryptography reduces the memory pressure by reducing the number of copies. The scope of kernel support is limited to the symmetric cryptography, leaving the handshake to the user space library. For QUIC in particular, the application packets that require symmetric cryptography are the 1RTT packets with short headers. Kernel will encrypt the application packets on transmission and decrypt on receive. This series implements Tx only, because in QUIC server applications Tx outweighs Rx by orders of magnitude. Supporting the combination of QUIC and GSO requires the application to correctly place the data and the kernel to correctly slice it. The encryption process appends an arbitrary number of bytes (tag) to the end of the message to authenticate it. The GSO value should include this overhead, the offload would then subtract the tag size to parse the input on Tx before chunking and encrypting it. With the kernel cryptography, the buffer copy operation is conjoined with the encryption operation. The memory bandwidth is reduced by 5-8%. When devices supporting QUIC encryption in hardware come to the market, we will be able to free further 7% of CPU utilization which is used today for crypto operations. Adel Abouchaev (6): Documentation on QUIC kernel Tx crypto. Define QUIC specific constants, control and data plane structures Add UDP ULP operations, initialization and handling prototype functions. Implement QUIC offload functions Add flow counters and Tx processing error counter Add self tests for ULP operations, flow setup and crypto tests Documentation/networking/index.rst | 1 + Documentation/networking/quic.rst | 211 ++++ include/net/inet_sock.h | 2 + include/net/netns/mib.h | 3 + include/net/quic.h | 63 + include/net/snmp.h | 6 + include/net/udp.h | 33 + include/uapi/linux/quic.h | 66 + include/uapi/linux/snmp.h | 9 + include/uapi/linux/udp.h | 4 + net/Kconfig | 1 + net/Makefile | 1 + net/ipv4/Makefile | 3 +- net/ipv4/udp.c | 15 + net/ipv4/udp_ulp.c | 192 +++ net/quic/Kconfig | 16 + net/quic/Makefile | 8 + net/quic/quic_main.c | 1533 ++++++++++++++++++++++++ net/quic/quic_proc.c | 45 + tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 3 +- tools/testing/selftests/net/quic.c | 1370 +++++++++++++++++++++ tools/testing/selftests/net/quic.sh | 46 + 23 files changed, 3630 insertions(+), 2 deletions(-) create mode 100644 Documentation/networking/quic.rst create mode 100644 include/net/quic.h create mode 100644 include/uapi/linux/quic.h create mode 100644 net/ipv4/udp_ulp.c create mode 100644 net/quic/Kconfig create mode 100644 net/quic/Makefile create mode 100644 net/quic/quic_main.c create mode 100644 net/quic/quic_proc.c create mode 100644 tools/testing/selftests/net/quic.c create mode 100755 tools/testing/selftests/net/quic.sh -- 2.30.2

2 years, 8 months

2
8
0 0

[PATCH v16 00/12] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 3 allows dynamic pointers to be used as kfunc parameters. Patch 4 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 5 makes available for new eBPF kfuncs and programs some key-related definitions. Patch 6 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 7 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 8 changes the testing kernel configuration to compile everything as built-in. Finally, patches 9-12 introduce the tests. Changelog v15: - Add kfunc_dynptr_param test to deny list for s390x v14: - Explain that is_dynptr_type_expected() will be useful also for BTF (suggested by Joanne) - Rename KEY_LOOKUP_FLAGS_ALL to KEY_LOOKUP_ALL (suggested by Jarkko) - Swap declaration of spi and dynptr_type in is_dynptr_type_expected() (suggested by Joanne) - Reimplement kfunc dynptr tests with a regular eBPF program instead of executing them with test_verifier (suggested by Joanne) - Make key lookup flags as enum so that they are automatically exported through BTF (suggested by Alexei) v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (11): bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 6 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 3 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../bpf/prog_tests/kfunc_dynptr_param.c | 103 +++++ .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../bpf/progs/test_kfunc_dynptr_param.c | 57 +++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 24 files changed, 1376 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 8 months

5
46
0 0

[PATCH] KVM: selftests: Make rseq compatible with versions prior to glibc-2.30

by Liam Merwick

The fix for commit e923b0537d28 ("KVM: selftests: Fix target thread to be migrated in rseq_test") added a call to gettid() which was only added to glibc-2.30 and fails to compile with older glibc versions. rseq_test.c: In function 'main': rseq_test.c:230:33: warning: implicit declaration of function 'gettid'; did you mean 'getgid'? [-Wimplicit-function-declaration] (void *)(unsigned long)gettid()); ^~~~~~ getgid Switch the call to syscall(SYS_gettid) which was the original advice in the gettid(2) NOTES section and which works with both new and older glibc versions. Fixes: e923b0537d28 ("KVM: selftests: Fix target thread to be migrated in rseq_test") Cc: stable(a)vger.kernel.org # v5.15 Signed-off-by: Liam Merwick <liam.merwick(a)oracle.com> --- Verified with glibc-2.28 and glibc-2.34 and ensured test case from e923b0537d28 still passes. tools/testing/selftests/kvm/rseq_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/rseq_test.c b/tools/testing/selftests/kvm/rseq_test.c index fac248a43666..6f88da7e60be 100644 --- a/tools/testing/selftests/kvm/rseq_test.c +++ b/tools/testing/selftests/kvm/rseq_test.c @@ -227,7 +227,7 @@ int main(int argc, char *argv[]) ucall_init(vm, NULL); pthread_create(&migration_thread, NULL, migration_worker, - (void *)(unsigned long)gettid()); + (void *)(unsigned long)syscall(SYS_gettid)); for (i = 0; !done; i++) { vcpu_run(vcpu); -- 2.31.1

2 years, 8 months

2
1
0 0

ATTENTION/PROPOSAL

by LUMAR CASEY

ATTENTION BUSINESS PARTNER, I AM LUMAR CASEY WORKING WITH AN INSURANCE FINANCIAL INSTITUTE, WITH MY POSITION AND PRIVILEGES I WAS ABLE TO SOURCE OUT AN OVER DUE PAYMENT OF 12.8 MILLION POUNDS THAT IS NOW SECURED WITH A SHIPPING DIPLOMATIC OUTLET. I AM SEEKING YOUR PARTNERSHIP TO RECEIVE THIS CONSIGNMENT AS AS MY PARTNER TO INVEST THIS FUND INTO A PROSPEROUS INVESTMENT VENTURE IN YOUR COUNTRY. I AWAIT YOUR REPLY TO ENABLE US PROCEED WITH THIS BUSINESS PARTNERSHIP TOGETHER. REGARDS, LUMAR CASEY

2 years, 8 months

1
0
0 0

Re: [fortify] 728833277d: WARNING:at_net/netlink/af_netlink.c:#netlink_ack

by Gustavo A. R. Silva

On Wed, Sep 07, 2022 at 01:42:16PM +0800, kernel test robot wrote: Hi! > > Hi Kees Cook, > > the patch "[PATCH 1/2] fortify: Add run-time WARN for cross-field memcpy()" > raises a persistent WARNING as below report in our tests. > > according to commit message, we understand this is kind of expected. but > we don't have enough knowledge if it reveals a real issue in kernel source > code and what the next step could be. > > so we still report FYI. > > if you think it's unnecessary for us to make out this kind of report, please > let us know. we will consider how to refine our report rules. Thanks a lot! > > below is the full report. It seems that the idea is to continue reporting these warnings, as they help us identify the places that need to be audited and determine how to refactor the code (in case it's a false positive), or how to properly fix it (in case it's an actual bug). In this case, it seems that the issue was already addressed by this patch: https://lore.kernel.org/linux-hardening/20220903043749.3102675-1-keescook@c… Thanks -- Gustavo

2 years, 8 months

2
1
0 0

3% Rate

by SunTrust Loans

¿Necesita un préstamo? Ofrecemos todo tipo de préstamos al 3%, envíenos un correo electrónico ahora si está interesado para obtener más información. solo a través de este correo electrónico: suntrustinvestmentloans(a)gmail.com

2 years, 8 months

1
0
0 0

Re: [PATCH V5 15/31] x86/sgx: Support restricting of enclave page permissions

by zhubojun

Hi, Reinette, thanks for your great contribution for EDMM Linux kernel patch. I am trying to follow the newest patch now, and I have some questions on it. It seems that `sgx_enclave_restrict_permissions()` is able to do permission restrictions for multiple enclave’s pages. After driver invokes ENCLS[EMODPR] to restrict the page’s permission, it should then invoke ENCLS[ETRACK] and send IPIs to ensure stale TLB entries have been flushed. Only in this way, ENCLU[EACCEPT] inside enclave can only succeed. Current implementation invokes `sgx_enclave_etrack(encl)` after every `__emodpr(…)` in the for loop. My question is: Can we move the `sgx_enclave_etrack(encl)` out of the for loop? After doing so, `sgx_enclave_etrack(encl)` is invoked **one** time for multiple enclave pages’ permission restriction, instead of N times (N = `modp -> length / PAGE_SIZE`). We may gain some performance optimization from it. Please correct my if my understanding is incorrect. Looking forward to your reply and Thanks for your time! BR, Bojun

2 years, 8 months

2
3
0 0

[PATCH v3 0/3] arm64/sve: Document our actual SVE syscall ABI

by Mark Brown

Currently our SVE syscall ABI documentation does not reflect the actual implemented ABI, it says that register state not shared with FPSIMD becomes undefined on syscall when in reality we always clear it. Since changing this would cause a change in the observed kernel behaviour there is a substantial desire to avoid taking advantage of the documented ABI so instead let's document what we actually do so it's clear that it is in reality an ABI. There has been some pushback on tightening the documentation in the past but it is hard to see who that helps, it makes the implementation decisions less clear and makes it harder for people to discover and make use of the actual ABI. The main practical concern is that qemu's user mode does not currently flush the registers. v3: - Rebase onto v6.0-rc3. v2: - Rebase onto v6.0-rc1. Mark Brown (3): kselftest/arm64: Correct buffer allocation for SVE Z registers arm64/sve: Document our actual ABI for clearing registers on syscall kselftest/arm64: Enforce actual ABI for SVE syscalls Documentation/arm64/sve.rst | 2 +- .../testing/selftests/arm64/abi/syscall-abi.c | 61 ++++++++++++------- 2 files changed, 41 insertions(+), 22 deletions(-) base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

2 years, 8 months

2
8
0 0

[PATCH v2] kselftest/arm64: Add simple hwcap validation

by Mark Brown

Add some trivial hwcap validation which checks that /proc/cpuinfo and AT_HWCAP agree with each other and can verify that for extensions that can generate a SIGILL due to adding new instructions one appears or doesn't appear as expected. I've added SVE and SME, other capabilities can be added later if this gets merged. This isn't super exciting but on the other hand took very little time to write and should be handy when verifying that you wired up AT_HWCAP properly. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/arm64/abi/.gitignore | 1 + tools/testing/selftests/arm64/abi/Makefile | 2 +- tools/testing/selftests/arm64/abi/hwcap.c | 188 +++++++++++++++++++ 3 files changed, 190 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/arm64/abi/hwcap.c diff --git a/tools/testing/selftests/arm64/abi/.gitignore b/tools/testing/selftests/arm64/abi/.gitignore index b9e54417250d..c31d34d48a30 100644 --- a/tools/testing/selftests/arm64/abi/.gitignore +++ b/tools/testing/selftests/arm64/abi/.gitignore @@ -1,2 +1,3 @@ +hwcap syscall-abi tpidr2 diff --git a/tools/testing/selftests/arm64/abi/Makefile b/tools/testing/selftests/arm64/abi/Makefile index c8d7f2495eb2..e60752eb8334 100644 --- a/tools/testing/selftests/arm64/abi/Makefile +++ b/tools/testing/selftests/arm64/abi/Makefile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 # Copyright (C) 2021 ARM Limited -TEST_GEN_PROGS := syscall-abi tpidr2 +TEST_GEN_PROGS := hwcap syscall-abi tpidr2 include ../../lib.mk diff --git a/tools/testing/selftests/arm64/abi/hwcap.c b/tools/testing/selftests/arm64/abi/hwcap.c new file mode 100644 index 000000000000..8b5c646cea63 --- /dev/null +++ b/tools/testing/selftests/arm64/abi/hwcap.c @@ -0,0 +1,188 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (C) 2022 ARM Limited. + */ + +#include <errno.h> +#include <signal.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/auxv.h> +#include <sys/prctl.h> +#include <asm/hwcap.h> +#include <asm/sigcontext.h> +#include <asm/unistd.h> + +#include "../../kselftest.h" + +#define TESTS_PER_HWCAP 2 + +/* + * Function expected to generate SIGILL when the feature is not + * supported and return when it is supported. If SIGILL is generated + * then the handler must be able to skip over the instruction safely. + * + * Note that it is expected that for many architecture extensions + * there are no specific traps due to no architecture state being + * added so we may not fault if running on a kernel which doesn't know + * to add the hwcap. + */ +typedef void (*sigill_fn)(void); + +static void sme_sigill(void) +{ + /* RDSVL x0, #0 */ + asm volatile(".inst 0x04bf5800" : : : "x0"); +} + +static void sve_sigill(void) +{ + /* RDVL x0, #0 */ + asm volatile(".inst 0x04bf5000" : : : "x0"); +} + +static const struct hwcap_data { + const char *name; + unsigned long at_hwcap; + unsigned long hwcap_bit; + const char *cpuinfo; + sigill_fn sigill_fn; + bool sigill_reliable; +} hwcaps[] = { + { + .name = "SME", + .at_hwcap = AT_HWCAP2, + .hwcap_bit = HWCAP2_SME, + .cpuinfo = "sme", + .sigill_fn = sme_sigill, + .sigill_reliable = true, + }, + { + .name = "SVE", + .at_hwcap = AT_HWCAP, + .hwcap_bit = HWCAP_SVE, + .cpuinfo = "sve", + .sigill_fn = sve_sigill, + .sigill_reliable = true, + }, +}; + +static bool seen_sigill; + +static void handle_sigill(int sig, siginfo_t *info, void *context) +{ + ucontext_t *uc = context; + + seen_sigill = true; + + /* Skip over the offending instruction */ + uc->uc_mcontext.pc += 4; +} + +bool cpuinfo_present(const char *name) +{ + FILE *f; + char buf[2048], name_space[30], name_newline[30]; + char *s; + + /* + * The feature should appear with a leading space and either a + * trailing space or a newline. + */ + snprintf(name_space, sizeof(name_space), " %s ", name); + snprintf(name_newline, sizeof(name_newline), " %s\n", name); + + f = fopen("/proc/cpuinfo", "r"); + if (!f) { + ksft_print_msg("Failed to open /proc/cpuinfo\n"); + return false; + } + + while (fgets(buf, sizeof(buf), f)) { + /* Features: line? */ + if (strncmp(buf, "Features\t:", strlen("Features\t:")) != 0) + continue; + + /* All CPUs should be symmetric, don't read any more */ + fclose(f); + + s = strstr(buf, name_space); + if (s) + return true; + s = strstr(buf, name_newline); + if (s) + return true; + + return false; + } + + ksft_print_msg("Failed to find Features in /proc/cpuinfo\n"); + fclose(f); + return false; +} + +int main(void) +{ + const struct hwcap_data *hwcap; + int i, ret; + bool have_cpuinfo, have_hwcap; + struct sigaction sa; + + ksft_print_header(); + ksft_set_plan(ARRAY_SIZE(hwcaps) * TESTS_PER_HWCAP); + + memset(&sa, 0, sizeof(sa)); + sa.sa_sigaction = handle_sigill; + sa.sa_flags = SA_RESTART | SA_SIGINFO; + sigemptyset(&sa.sa_mask); + ret = sigaction(SIGILL, &sa, NULL); + if (ret < 0) + ksft_exit_fail_msg("Failed to install SIGILL handler: %s (%d)\n", + strerror(errno), errno); + + for (i = 0; i < ARRAY_SIZE(hwcaps); i++) { + hwcap = &hwcaps[i]; + + have_hwcap = getauxval(hwcaps->at_hwcap) & hwcap->hwcap_bit; + have_cpuinfo = cpuinfo_present(hwcap->cpuinfo); + + if (have_hwcap) + ksft_print_msg("%s present", hwcap->name); + + ksft_test_result(have_hwcap == have_cpuinfo, + "cpuinfo_match_%s\n", hwcap->name); + + if (hwcap->sigill_fn) { + seen_sigill = false; + hwcap->sigill_fn(); + + if (have_hwcap) { + /* Should be able to use the extension */ + ksft_test_result(!seen_sigill, "sigill_%s\n", + hwcap->name); + } else if (hwcap->sigill_reliable) { + /* Guaranteed a SIGILL */ + ksft_test_result(seen_sigill, "sigill_%s\n", + hwcap->name); + } else { + /* Missing SIGILL might be fine */ + ksft_print_msg("SIGILL %sreported for %s\n", + seen_sigill ? "" : "not ", + hwcap->name); + ksft_test_result_skip("sigill_%s\n", + hwcap->name); + } + } else { + ksft_test_result_skip("sigill_%s\n", + hwcap->name); + } + } + + ksft_print_cnts(); + + return 0; +} base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

2 years, 8 months

2
1
0 0

[PATCH v2 0/4] kselftest/arm64: Floating point stress test harness

by Mark Brown

This series has a few small enhancements for the existing standalone floating point stress tests and then builds on those with a kselftest integrated program which gives those a very quick spin from within kselftest, as well as having an option to set a custom timeout to allow for use with longer soak testing. This makes it much easier to get thorough testing of the floating point state management logic, rather than requiring custom setup for coverage of the various vector lengths in the system as is needed at present. It might be nice in future to extend this to attach to some or all of the test programs with ptrace and read/write their registers as another means of potentially triggering race conditions or corruption but that's definitely another step. v2: - Rebase onto v6.0-rc3. - Announce the results of enumeration before we start everything. Mark Brown (4): kselftest/arm64: Always encourage preemption for za-test kselftest/arm64: Count SIGUSR2 deliveries in FP stress tests kselftest/arm64: Install signal handlers before output in FP stress tests kselftest/arm64: kselftest harness for FP stress tests tools/testing/selftests/arm64/fp/.gitignore | 1 + tools/testing/selftests/arm64/fp/Makefile | 5 +- .../testing/selftests/arm64/fp/asm-offsets.h | 1 + tools/testing/selftests/arm64/fp/fp-stress.c | 535 ++++++++++++++++++ .../testing/selftests/arm64/fp/fpsimd-test.S | 51 +- tools/testing/selftests/arm64/fp/sve-test.S | 51 +- tools/testing/selftests/arm64/fp/za-test.S | 58 +- 7 files changed, 641 insertions(+), 61 deletions(-) create mode 100644 tools/testing/selftests/arm64/fp/fp-stress.c base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

2 years, 8 months

2
5
0 0

[PATCH v2 0/2] kselftest/arm64: Small improvements to ZA signal handling coverag

by Mark Brown

These patches improve the coverage of ZA signal contexts a bit, adding some validation that the actual data is correct and covering the case where ZA is not enabled. v2: - Rebase onto v6.0-rc3. Mark Brown (2): kselftest/arm64: Tighten up validation of ZA signal context kselftest/arm64: Add a test for signal frames with ZA disabled .../arm64/signal/testcases/za_no_regs.c | 119 ++++++++++++++++++ .../arm64/signal/testcases/za_regs.c | 16 ++- 2 files changed, 134 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/arm64/signal/testcases/za_no_regs.c base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

2 years, 8 months

2
3
0 0

[PATCH v2 00/10] kselftest/arm64: EXTRA_CONTEXT related fixes

by Mark Brown

The arm64 architecture originally made the signal context a fixed size structure containing a linked list of records with the various kinds of register and other state which may be present. When SVE was implemented it was realised that it supported implementations with more state than could fit in that structure so a new record type EXTRA_CONTEXT was introduced allowing the signal context to be extended beyond the original size. Unfortunately the signal handling tests can not cope with these EXTRA_CONTEXT records at all - some support was implemented but it simply never worked. v2: - Rebase onto v6.0-rc3 Mark Brown (10): kselftest/arm64: Enumerate SME rather than SVE vector lengths for za_regs kselftest/arm64: Validate signal ucontext in place kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT kselftest/arm64: Fix validation of EXTRA_CONTEXT signal context location kselftest/arm64: Remove unneeded protype for validate_extra_context() kselftest/arm64: Only validate each signal context once kselftest/arm64: Validate contents of EXTRA_CONTEXT blocks kselftest/arm64: Preserve any EXTRA_CONTEXT in handle_signal_copyctx() kselftest/arm64: Allow larger buffers in get_signal_context() kselftest/arm64: Include larger SVE and SME VLs in signal tests .../arm64/signal/test_signals_utils.c | 59 +++++++++++++++++-- .../arm64/signal/test_signals_utils.h | 5 +- .../testcases/fake_sigreturn_bad_magic.c | 2 +- .../testcases/fake_sigreturn_bad_size.c | 2 +- .../fake_sigreturn_bad_size_for_magic0.c | 2 +- .../fake_sigreturn_duplicated_fpsimd.c | 2 +- .../testcases/fake_sigreturn_misaligned_sp.c | 2 +- .../testcases/fake_sigreturn_missing_fpsimd.c | 2 +- .../testcases/fake_sigreturn_sme_change_vl.c | 2 +- .../testcases/fake_sigreturn_sve_change_vl.c | 2 +- .../selftests/arm64/signal/testcases/sme_vl.c | 2 +- .../arm64/signal/testcases/ssve_regs.c | 25 +++----- .../arm64/signal/testcases/sve_regs.c | 23 +++----- .../selftests/arm64/signal/testcases/sve_vl.c | 2 +- .../arm64/signal/testcases/testcases.c | 48 +++++++++++---- .../arm64/signal/testcases/testcases.h | 9 ++- .../arm64/signal/testcases/za_regs.c | 28 ++++----- 17 files changed, 137 insertions(+), 80 deletions(-) base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

2 years, 8 months

2
11
0 0

[PATCH v12 00/10] cgroup/cpuset: cpu partition code fixes & enhancements

by Waiman Long

v12: - Change patch 1 to enable update_tasks_cpumask() for top_cpuset except for percpu kthreads. - Add 2 more patches to make exclusivity rule violations invalidate the partition and its siblings instead of failing the change to make it consistent with other cpuset changes. - Update documentation and test script accordingly. v11: - Fix incorrect spacing in patch 7 and include documentation suggestions by Michal. - Move partition_is_populated() check to the last one in list of conditions to be checked. v10: - Relax constraints for changes made to "cpuset.cpus" and "cpuset.cpus.partition" as suggested. Now almost all changes are allowed. - Add patch 1 to signal that we may need to do additional work in the future to relax the constraint that tasks' cpumask may need some adjustment if child partitions are present. - Add patch 2 for miscellaneous cleanups. The first patch fixes the problem that tasks in the top_cpuset will not have its cpus_mask properly set to reflect the reduced set of cpus available in the top_cpuset when a partition is enabled. This patchset also includes the following enhancements to the cpuset v2 partition code. 1) Allow partitions that have no task to have empty effective cpus. 2) Relax the constraints on what changes are allowed in cpuset.cpus and cpuset.cpus.partition. However, the partition remain invalid until the constraints of a valid partition root is satisfied. 3) Add a new "isolated" partition type for partitions with no load balancing which is available in v1 but not yet in v2. 4) Allow the reading of cpuset.cpus.partition to include a reason string as to why the partition remain invalid. In addition, the cgroup-v2.rst documentation file is updated and a self test is added to verify the correctness the partition code. Waiman Long (10): cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset cgroup/cpuset: Miscellaneous cleanups & add helper functions cgroup/cpuset: Allow no-task partition to have empty cpuset.cpus.effective cgroup/cpuset: Relax constraints to partition & cpus changes cgroup/cpuset: Add a new isolated cpus.partition type cgroup/cpuset: Show invalid partition reason string cgroup/cpuset: Relocate a code block in validate_change() cgroup/cpuset: Make partition invalid if cpumask change violates exclusivity rule cgroup/cpuset: Update description of cpuset.cpus.partition in cgroup-v2.rst kselftest/cgroup: Add cpuset v2 partition root state test Documentation/admin-guide/cgroup-v2.rst | 150 ++-- kernel/cgroup/cpuset.c | 817 ++++++++++++------ tools/testing/selftests/cgroup/.gitignore | 1 + tools/testing/selftests/cgroup/Makefile | 5 +- .../selftests/cgroup/test_cpuset_prs.sh | 674 +++++++++++++++ tools/testing/selftests/cgroup/wait_inotify.c | 87 ++ 6 files changed, 1385 insertions(+), 349 deletions(-) create mode 100755 tools/testing/selftests/cgroup/test_cpuset_prs.sh create mode 100644 tools/testing/selftests/cgroup/wait_inotify.c -- 2.31.1

2 years, 8 months

4
14
0 0

[PATCH v2 7/7] KVM: selftests: Add test for RAZ/WI AArch32 ID registers

by Oliver Upton

Add a test to assert that KVM handles the AArch64 views of the AArch32 ID registers as RAZ/WI (writable only from userspace). Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../kvm/aarch64/aarch64_only_id_regs.c | 135 ++++++++++++++++++ 3 files changed, 137 insertions(+) create mode 100644 tools/testing/selftests/kvm/aarch64/aarch64_only_id_regs.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index d625a3f83780..4331af62a982 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -1,4 +1,5 @@ # SPDX-License-Identifier: GPL-2.0-only +/aarch64/aarch64_only_id_regs /aarch64/arch_timer /aarch64/debug-exceptions /aarch64/get-reg-list diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 4c122f1b1737..efe155259095 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -144,6 +144,7 @@ TEST_GEN_PROGS_x86_64 += system_counter_offset_test # Compiled outputs used by test targets TEST_GEN_PROGS_EXTENDED_x86_64 += x86_64/nx_huge_pages_test +TEST_GEN_PROGS_aarch64 += aarch64/aarch64_only_id_regs TEST_GEN_PROGS_aarch64 += aarch64/arch_timer TEST_GEN_PROGS_aarch64 += aarch64/debug-exceptions TEST_GEN_PROGS_aarch64 += aarch64/get-reg-list diff --git a/tools/testing/selftests/kvm/aarch64/aarch64_only_id_regs.c b/tools/testing/selftests/kvm/aarch64/aarch64_only_id_regs.c new file mode 100644 index 000000000000..704a3e7524a8 --- /dev/null +++ b/tools/testing/selftests/kvm/aarch64/aarch64_only_id_regs.c @@ -0,0 +1,135 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * aarch64_only_id_regs - Test for ID register behavior on AArch64-only systems + * + * Copyright (c) 2022 Google LLC. + * + * Test that KVM handles the AArch64 views of the AArch32 ID registers as RAZ + * and WI from userspace. + */ + +#include <stdint.h> + +#include "kvm_util.h" +#include "processor.h" +#include "test_util.h" + +#define BAD_ID_REG_VAL 0x1badc0deul + +#define GUEST_ASSERT_REG_RAZ(reg) GUEST_ASSERT_EQ(read_sysreg_s(reg), 0) + +static void guest_main(void) +{ + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_DFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR3_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR3_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR4_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR5_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR4_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR6_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR5_EL1); + + GUEST_DONE(); +} + +static void test_guest_raz(struct kvm_vcpu *vcpu) +{ + struct ucall uc; + + vcpu_run(vcpu); + + switch (get_ucall(vcpu, &uc)) { + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + break; + case UCALL_DONE: + break; + default: + TEST_FAIL("Unexpected ucall: %lu", uc.cmd); + } +} + +static uint64_t reg_ids[] = { + KVM_ARM64_SYS_REG(SYS_ID_PFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_PFR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_DFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR3_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR3_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR4_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR5_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR4_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR6_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR0_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR1_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_PFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR5_EL1), +}; + +static void test_user_raz_wi(struct kvm_vcpu *vcpu) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(reg_ids); i++) { + uint64_t reg_id = reg_ids[i]; + uint64_t val; + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + + /* + * Expect the ioctl to succeed with no effect on the register + * value. + */ + vcpu_set_reg(vcpu, reg_id, BAD_ID_REG_VAL); + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + } +} + +static bool vcpu_aarch64_only(struct kvm_vcpu *vcpu) +{ + uint64_t val, el0; + + vcpu_get_reg(vcpu, KVM_ARM64_SYS_REG(SYS_ID_AA64PFR0_EL1), &val); + + el0 = (val & ARM64_FEATURE_MASK(ID_AA64PFR0_EL0)) >> ID_AA64PFR0_EL0_SHIFT; + return el0 == ID_AA64PFR0_ELx_64BIT_ONLY; +} + +int main(void) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + + vm = vm_create_with_one_vcpu(&vcpu, guest_main); + + TEST_REQUIRE(vcpu_aarch64_only(vcpu)); + + ucall_init(vm, NULL); + + test_user_raz_wi(vcpu); + test_guest_raz(vcpu); + + ucall_uninit(vm); + kvm_vm_free(vm); +} -- 2.37.2.789.g6183377224-goog

2 years, 8 months

2
2
0 0

[PATCH 0/3] selftests/Make: Recursively build TARGETS list

by Dmitry Safonov

From [1]: > Please look into a wayto invoke all of them instead of adding individual > net/* to the main Makefile. This list seems to be growing. :) I might have misunderstood what was suggested... Here is an attempt to let sub-selftests define their own $(TARGETS) directories. [1]: https://lore.kernel.org/all/aa0143bc-b0d1-69fb-c117-1e7241f0ad89@linuxfound… Cc: Shuah Khan <shuah(a)kernel.org> Cc: Dmitry Safonov <0x7f454c46(a)gmail.com> Cc: linux-kernel(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org Dmitry Safonov (3): selftests/Make: Recursively build TARGETS list selftests/.gitignore: Add vfork_exec selftests/.gitignore: Add io_uring_zerocopy_tx tools/testing/selftests/Makefile | 71 ++++---------------- tools/testing/selftests/drivers/Makefile | 7 ++ tools/testing/selftests/filesystems/Makefile | 4 ++ tools/testing/selftests/lib.mk | 59 +++++++++++++++- tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 4 ++ tools/testing/selftests/timens/.gitignore | 1 + 7 files changed, 87 insertions(+), 60 deletions(-) create mode 100644 tools/testing/selftests/drivers/Makefile base-commit: 42e66b1cc3a070671001f8a1e933a80818a192bf -- 2.37.2

2 years, 8 months

1
3
0 0

Re: [PATCH -next v2 3/5] selftests/cpu-hotplug: Delete fault injection related code

by zhaogongyi

Hi shuah, I am so sorry! There are some mistaks in the patch that did not delete the config file, please skip the patches of v2 version. And I have resubmit the patches with new version, please see: https://patchwork.kernel.org/project/linux-kselftest/patch/20220905133615.1… Thanks for your review! Kind regards, Gongyi > > Delete fault injection related code since the module has been deleted. > > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com> > --- > .../selftests/cpu-hotplug/cpu-on-off-test.sh | 87 ++----------------- > 1 file changed, 6 insertions(+), 81 deletions(-) > > diff --git a/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh > b/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh > index bd2e791fe887..184156763ccb 100755 > --- a/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh > +++ b/tools/testing/selftests/cpu-hotplug/cpu-on-off-test.sh > @@ -116,10 +116,10 @@ online_cpu_expect_fail() > > if online_cpu $cpu 2> /dev/null; then > echo $FUNCNAME $cpu: unexpected success >&2 > - exit 1 > + retval=1 > elif ! cpu_is_offline $cpu; then > echo $FUNCNAME $cpu: unexpected online >&2 > - exit 1 > + retval=1 > fi > } > > @@ -142,16 +142,14 @@ offline_cpu_expect_fail() > > if offline_cpu $cpu 2> /dev/null; then > echo $FUNCNAME $cpu: unexpected success >&2 > - exit 1 > + retval=1 > elif ! cpu_is_online $cpu; then > echo $FUNCNAME $cpu: unexpected offline >&2 > - exit 1 > + retval=1 > fi > } > > -error=-12 > allcpus=0 > -priority=0 > online_cpus=0 > online_max=0 > offline_cpus=0 > @@ -159,31 +157,20 @@ offline_max=0 > present_cpus=0 > present_max=0 > > -while getopts e:ahp: opt; do > +while getopts ah opt; do > case $opt in > - e) > - error=$OPTARG > - ;; > a) > allcpus=1 > ;; > h) > - echo "Usage $0 [ -a ] [ -e errno ] [ -p notifier-priority ]" > + echo "Usage $0 [ -a ]" > echo -e "\t default offline one cpu" > echo -e "\t run with -a option to offline all cpus" > exit > ;; > - p) > - priority=$OPTARG > - ;; > esac > done > > -if ! [ "$error" -ge -4095 -a "$error" -lt 0 ]; then > - echo "error code must be -4095 <= errno < 0" >&2 > - exit 1 > -fi > - > prerequisite > > # > @@ -231,66 +218,4 @@ for cpu in `hotplaggable_offline_cpus`; do > online_cpu_expect_success $cpu > done > > -# > -# Test with cpu notifier error injection -# > - > -DEBUGFS=`mount -t debugfs | head -1 | awk '{ print $3 }'` > -NOTIFIER_ERR_INJECT_DIR=$DEBUGFS/notifier-error-inject/cpu > - > -prerequisite_extra() > -{ > - msg="skip extra tests:" > - > - /sbin/modprobe -q -r cpu-notifier-error-inject > - /sbin/modprobe -q cpu-notifier-error-inject priority=$priority > - > - if [ ! -d "$DEBUGFS" ]; then > - echo $msg debugfs is not mounted >&2 > - exit $ksft_skip > - fi > - > - if [ ! -d $NOTIFIER_ERR_INJECT_DIR ]; then > - echo $msg cpu-notifier-error-inject module is not available >&2 > - exit $ksft_skip > - fi > -} > - > -prerequisite_extra > - > -# > -# Offline all hot-pluggable CPUs > -# > -echo 0 > > $NOTIFIER_ERR_INJECT_DIR/actions/CPU_DOWN_PREPARE/error > -for cpu in `hotpluggable_online_cpus`; do > - offline_cpu_expect_success $cpu > -done > - > -# > -# Test CPU hot-add error handling (offline => online) -# -echo $error > > $NOTIFIER_ERR_INJECT_DIR/actions/CPU_UP_PREPARE/error > -for cpu in `hotplaggable_offline_cpus`; do > - online_cpu_expect_fail $cpu > -done > - > -# > -# Online all hot-pluggable CPUs > -# > -echo 0 > $NOTIFIER_ERR_INJECT_DIR/actions/CPU_UP_PREPARE/error > -for cpu in `hotplaggable_offline_cpus`; do > - online_cpu_expect_success $cpu > -done > - > -# > -# Test CPU hot-remove error handling (online => offline) -# -echo $error > > $NOTIFIER_ERR_INJECT_DIR/actions/CPU_DOWN_PREPARE/error > -for cpu in `hotpluggable_online_cpus`; do > - offline_cpu_expect_fail $cpu > -done > - > -echo 0 > > $NOTIFIER_ERR_INJECT_DIR/actions/CPU_DOWN_PREPARE/error > -/sbin/modprobe -q -r cpu-notifier-error-inject > - > exit $retval > -- > 2.17.1

2 years, 8 months

1
0
0 0

[PATCH -next v2 0/5] Optimize and bugfix for cpu-on-off-test.sh

by Zhao Gongyi

1. Correct log info 2. Add checking of invalid options 3. Replace exit with return to make the test exit gracefully 4. Delete fault injection related code 5. Reserve one cpu online when the test offline all cpus Changes in v2: - Update change log of patch 2 - Update exiting value to avoid incorrect report for patch 2 - Keep online_cpu_expect_fail() and offline_cpu_expect_fail() for patch 3 Zhao Gongyi (5): selftests/cpu-hotplug: Correct log info selftests/cpu-hotplug: Use return instead of exit selftests/cpu-hotplug: Delete fault injection related code selftests/cpu-hotplug: Reserve one cpu online at least selftests/cpu-hotplug: Add log info when test success tools/testing/selftests/cpu-hotplug/Makefile | 2 +- .../selftests/cpu-hotplug/cpu-on-off-test.sh | 140 +++++------------- 2 files changed, 37 insertions(+), 105 deletions(-) -- 2.17.1

2 years, 8 months

1
5
0 0

[PATCH net v2 0/3] Unsync addresses from ports when stopping aggregated devices

by Benjamin Poirier

This series fixes similar problems in the bonding and team drivers. Because of missing dev_{uc,mc}_unsync() calls, addresses added to underlying devices may be leftover after the aggregated device is deleted. Add the missing calls and a few related tests. v2: * fix selftest installation, see patch 3 Benjamin Poirier (3): net: bonding: Unsync device addresses on ndo_stop net: team: Unsync device addresses on ndo_stop net: Add tests for bonding and team address list management MAINTAINERS | 1 + drivers/net/bonding/bond_main.c | 31 ++++--- drivers/net/team/team.c | 8 ++ tools/testing/selftests/Makefile | 1 + .../selftests/drivers/net/bonding/Makefile | 5 +- .../selftests/drivers/net/bonding/config | 1 + .../drivers/net/bonding/dev_addr_lists.sh | 89 +++++++++++++++++++ .../selftests/drivers/net/bonding/lag_lib.sh | 63 +++++++++++++ .../selftests/drivers/net/team/Makefile | 6 ++ .../testing/selftests/drivers/net/team/config | 3 + .../drivers/net/team/dev_addr_lists.sh | 51 +++++++++++ 11 files changed, 248 insertions(+), 11 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/dev_addr_lists.sh create mode 100644 tools/testing/selftests/drivers/net/bonding/lag_lib.sh create mode 100644 tools/testing/selftests/drivers/net/team/Makefile create mode 100644 tools/testing/selftests/drivers/net/team/config create mode 100755 tools/testing/selftests/drivers/net/team/dev_addr_lists.sh -- 2.37.2

2 years, 8 months

2
5
0 0

[PATCH 5/5] selftests/sgx: Add SGX selftest augment_via_eaccept_long

by Jarkko Sakkinen

From: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Add a new test case which is same as augment_via_eaccept but adds a larger number of EPC pages to stress test EAUG via EACCEPT. Signed-off-by: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v7: - Contains now only the test case. Support for dynamic heap is prepared in prepending patches. v6: - Address Reinette's feedback: https://lore.kernel.org/linux-sgx/Yw6%2FiTzSdSw%2FY%2FVO@kernel.org/ v5: - Add the klog dump and sysctl option to the commit message. v4: - Explain expectations for dirty_page_list in the function header, instead of an inline comment. - Improve commit message to explain the conditions better. - Return the number of pages left dirty to ksgxd() and print warning after the 2nd call, if there are any. v3: - Remove WARN_ON(). - Tuned comments and the commit message a bit. v2: - Replaced WARN_ON() with optional pr_info() inside __sgx_sanitize_pages(). - Rewrote the commit message. - Added the fixes tag. --- tools/testing/selftests/sgx/main.c | 112 ++++++++++++++++++++++++++++- 1 file changed, 111 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 4feffe7cd8fb..48976bb7bd79 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -23,8 +23,15 @@ static const size_t ENCL_HEAP_SIZE_DEFAULT = PAGE_SIZE; static const size_t ENCL_DYNAMIC_SIZE_DEFAULT = PAGE_SIZE; +/* + * The size was chosen based on a bug report: + * Message-ID: <DM8PR11MB55912A7F47A84EC9913A6352F6999(a)DM8PR11MB5591.namprd11.prod.outlook.com> + */ +static const size_t ENCL_DYNAMIC_SIZE_LONG = 8L * 1024L * 1024L * 1024L; +static const unsigned long TIMEOUT_DEFAULT = 900; static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; + vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; /* @@ -388,7 +395,7 @@ TEST_F(enclave, unclobbered_vdso_oversubscribed) EXPECT_EQ(self->run.user_data, 0); } -TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) +TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, TIMEOUT_DEFAULT) { struct sgx_enclave_remove_pages remove_ioc; struct sgx_enclave_modify_types modt_ioc; @@ -1248,6 +1255,109 @@ TEST_F(enclave, augment_via_eaccept) munmap(addr, PAGE_SIZE); } +/* + * Test for the addition of large number of pages to an initialized enclave via + * a pre-emptive run of EACCEPT on every page to be added. + */ +TEST_F_TIMEOUT(enclave, augment_via_eaccept_long, TIMEOUT_DEFAULT) +{ + struct encl_op_get_from_addr get_addr_op; + struct encl_op_put_to_addr put_addr_op; + struct encl_op_eaccept eaccept_op; + size_t total_size = 0; + unsigned long i; + void *addr; + + if (!sgx2_supported()) + SKIP(return, "SGX2 not supported"); + + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, + ENCL_DYNAMIC_SIZE_LONG, + &self->encl, _metadata)); + + memset(&self->run, 0, sizeof(self->run)); + self->run.tcs = self->encl.encl_base; + + for (i = 0; i < self->encl.nr_segments; i++) { + struct encl_segment *seg = &self->encl.segment_tbl[i]; + + total_size += seg->size; + } + + /* + * mmap() every page at end of existing enclave to be used for + * EDMM. + */ + addr = mmap((void *)self->encl.encl_base + total_size, ENCL_DYNAMIC_SIZE_LONG, + PROT_READ | PROT_WRITE | PROT_EXEC, MAP_SHARED | MAP_FIXED, + self->encl.fd, 0); + EXPECT_NE(addr, MAP_FAILED); + + self->run.exception_vector = 0; + self->run.exception_error_code = 0; + self->run.exception_addr = 0; + + /* + * Run EACCEPT on every page to trigger the #PF->EAUG->EACCEPT(again + * without a #PF). All should be transparent to userspace. + */ + eaccept_op.flags = SGX_SECINFO_R | SGX_SECINFO_W | SGX_SECINFO_REG | SGX_SECINFO_PENDING; + eaccept_op.ret = 0; + eaccept_op.header.type = ENCL_OP_EACCEPT; + + for (i = 0; i < ENCL_DYNAMIC_SIZE_LONG; i += 4096) { + eaccept_op.epc_addr = (uint64_t)(addr + i); + + EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0); + if (self->run.exception_vector == 14 && + self->run.exception_error_code == 4 && + self->run.exception_addr == self->encl.encl_base) { + munmap(addr, ENCL_DYNAMIC_SIZE_LONG); + SKIP(return, "Kernel does not support adding pages to initialized enclave"); + } + + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + ASSERT_EQ(eaccept_op.ret, 0); + ASSERT_EQ(self->run.function, EEXIT); + } + + /* + * Pool of pages were successfully added to enclave. Perform sanity + * check on first page of the pool only to ensure data can be written + * to and read from a dynamically added enclave page. + */ + put_addr_op.value = MAGIC; + put_addr_op.addr = (unsigned long)addr; + put_addr_op.header.type = ENCL_OP_PUT_TO_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + /* + * Read memory from newly added page that was just written to, + * confirming that data previously written (MAGIC) is present. + */ + get_addr_op.value = 0; + get_addr_op.addr = (unsigned long)addr; + get_addr_op.header.type = ENCL_OP_GET_FROM_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0); + + EXPECT_EQ(get_addr_op.value, MAGIC); + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + munmap(addr, ENCL_DYNAMIC_SIZE_LONG); +} + /* * SGX2 page type modification test in two phases: * Phase 1: -- 2.37.2

2 years, 8 months

1
0
0 0

[PATCH 4/5] selftests/sgx: Include the dynamic heap size to the ELRANGE calculation

by Jarkko Sakkinen

When calculating ELRANGE, i.e. the address range defined for an enclave, and represented by encl->encl_size, also dynamic memory should be taken into account. Implement setup_test_encl_dynamic() with dynamic_size parameter for the dynamic heap size, and use it in 'augment_via_eaccept' and 'augment' tests. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/load.c | 5 +++-- tools/testing/selftests/sgx/main.c | 24 +++++++++++++++++------- tools/testing/selftests/sgx/main.h | 3 ++- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 3b4e2422fb09..963a5c6bbbdc 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -171,7 +171,8 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) return 0; } -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long dynamic_size) { const char device_path[] = "/dev/sgx_enclave"; unsigned long contents_size; @@ -299,7 +300,7 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) if (seg->src == MAP_FAILED) goto err; - contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; + contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size + dynamic_size; for (encl->encl_size = 4096; encl->encl_size < contents_size; ) encl->encl_size <<= 1; diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index a1850e139c99..4feffe7cd8fb 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -22,6 +22,7 @@ #include "main.h" static const size_t ENCL_HEAP_SIZE_DEFAULT = PAGE_SIZE; +static const size_t ENCL_DYNAMIC_SIZE_DEFAULT = PAGE_SIZE; static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; @@ -173,8 +174,8 @@ FIXTURE(enclave) { struct sgx_enclave_run run; }; -static bool setup_test_encl(unsigned long heap_size, struct encl *encl, - struct __test_metadata *_metadata) +static bool setup_test_encl_dynamic(unsigned long heap_size, unsigned long dynamic_size, + struct encl *encl, struct __test_metadata *_metadata) { Elf64_Sym *sgx_enter_enclave_sym = NULL; struct vdso_symtab symtab; @@ -184,7 +185,7 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, unsigned int i; void *addr; - if (!encl_load("test_encl.elf", encl, heap_size)) { + if (!encl_load("test_encl.elf", encl, heap_size, dynamic_size)) { encl_delete(encl); TH_LOG("Failed to load the test enclave."); return false; @@ -251,6 +252,12 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, return false; } +static bool setup_test_encl(unsigned long heap_size, struct encl *encl, + struct __test_metadata *_metadata) +{ + return setup_test_encl_dynamic(heap_size, 0, encl, _metadata); +} + FIXTURE_SETUP(enclave) { } @@ -1013,7 +1020,9 @@ TEST_F(enclave, augment) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, + ENCL_DYNAMIC_SIZE_DEFAULT, + &self->encl, _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1143,7 +1152,9 @@ TEST_F(enclave, augment_via_eaccept) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, + ENCL_DYNAMIC_SIZE_DEFAULT, + &self->encl, _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1264,8 +1275,7 @@ TEST_F(enclave, tcs_create) int errno_save; int ret, i; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, - _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index 9c1bc0d9b43c..8f77ce56ad09 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -32,7 +32,8 @@ extern unsigned char sign_key[]; extern unsigned char sign_key_end[]; void encl_delete(struct encl *ctx); -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size); +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long dynamic_size); bool encl_measure(struct encl *encl); bool encl_build(struct encl *encl); uint64_t encl_get_entry(struct encl *encl, const char *symbol); -- 2.37.2

2 years, 8 months

1
0
0 0

[PATCH 3/5] selftests/sgx: Use encl->encl_size in sigstruct.c

by Jarkko Sakkinen

The final enclave address range (referred as ELRANGE in Intel SDM) calculation is a reminiscent of signing tool being a separate command-line utility, and sigstruct being produced during the compilation. Given that nowadays the sigstruct is calculated on-fly, use the readily calculated encl->encl_size instead, in order to remove duplicate code. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/load.c | 5 +++-- tools/testing/selftests/sgx/main.h | 1 - tools/testing/selftests/sgx/sigstruct.c | 8 ++------ 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 94bdeac1cf04..3b4e2422fb09 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -174,6 +174,7 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) { const char device_path[] = "/dev/sgx_enclave"; + unsigned long contents_size; struct encl_segment *seg; Elf64_Phdr *phdr_tbl; off_t src_offset; @@ -298,9 +299,9 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) if (seg->src == MAP_FAILED) goto err; - encl->src_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; + contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; - for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + for (encl->encl_size = 4096; encl->encl_size < contents_size; ) encl->encl_size <<= 1; return true; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index 82b33f8db048..9c1bc0d9b43c 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -20,7 +20,6 @@ struct encl { void *bin; off_t bin_size; void *src; - size_t src_size; size_t encl_size; off_t encl_base; unsigned int nr_segments; diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index a07896a46364..9a40c7966eda 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -218,13 +218,9 @@ struct mrecreate { } __attribute__((__packed__)); -static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t blob_size) +static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t encl_size) { struct mrecreate mrecreate; - uint64_t encl_size; - - for (encl_size = 0x1000; encl_size < blob_size; ) - encl_size <<= 1; memset(&mrecreate, 0, sizeof(mrecreate)); mrecreate.tag = MRECREATE; @@ -349,7 +345,7 @@ bool encl_measure(struct encl *encl) if (!ctx) goto err; - if (!mrenclave_ecreate(ctx, encl->src_size)) + if (!mrenclave_ecreate(ctx, encl->encl_size)) goto err; for (i = 0; i < encl->nr_segments; i++) { -- 2.37.2

2 years, 8 months

1
0
0 0

[PATCH 2/5] selftests/sgx: Move ENCL_HEAP_SIZE_DEFAULT to main.c

by Jarkko Sakkinen

Move ENCL_HEAP_SIZE_DEFAULT to main.c because all the other constants are also there, and it is only used locally there. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/main.c | 1 + tools/testing/selftests/sgx/main.h | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 59cca806eda1..a1850e139c99 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -21,6 +21,7 @@ #include "../kselftest_harness.h" #include "main.h" +static const size_t ENCL_HEAP_SIZE_DEFAULT = PAGE_SIZE; static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index fc585be97e2f..82b33f8db048 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -6,8 +6,6 @@ #ifndef MAIN_H #define MAIN_H -#define ENCL_HEAP_SIZE_DEFAULT 4096 - struct encl_segment { void *src; off_t offset; -- 2.37.2

2 years, 8 months

1
0
0 0

[PATCH 1/5] selftests/sgx: Retry the ioctl()'s returned with EAGAIN

by Jarkko Sakkinen

From: Haitao Huang <haitao.huang(a)linux.intel.com> For EMODT and EREMOVE ioctl()'s with a large range, kernel may not finish in one shot and return EAGAIN error code and count of bytes of EPC pages on that operations are finished successfully. Change the unclobbered_vdso_oversubscribed_remove test to rerun the ioctl()'s in a loop, updating offset and length using the byte count returned in each iteration. Fixes: 6507cce561b4 ("selftests/sgx: Page removal stress test") Signed-off-by: Haitao Huang <haitao.huang(a)linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v3: * Added a fixes tag. The bug is in v6.0 patches. * Added my tested-by (the bug reproduced in my NUC often). v2: * Changed branching in EAGAIN condition so that else branch is not required. * Addressed Reinette's feedback: --- tools/testing/selftests/sgx/main.c | 42 ++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 9820b3809c69..59cca806eda1 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -390,6 +390,7 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) struct encl_segment *heap; unsigned long total_mem; int ret, errno_save; + unsigned long count; unsigned long addr; unsigned long i; @@ -453,16 +454,30 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) modt_ioc.offset = heap->offset; modt_ioc.length = heap->size; modt_ioc.page_type = SGX_PAGE_TYPE_TRIM; - + count = 0; TH_LOG("Changing type of %zd bytes to trimmed may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + EXPECT_EQ(modt_ioc.result, 0); + + count += modt_ioc.count; + modt_ioc.offset += modt_ioc.count; + modt_ioc.length -= modt_ioc.count; + modt_ioc.result = 0; + modt_ioc.count = 0; + } while (modt_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); EXPECT_EQ(modt_ioc.result, 0); - EXPECT_EQ(modt_ioc.count, heap->size); + count += modt_ioc.count; + EXPECT_EQ(count, heap->size); /* EACCEPT all removed pages. */ addr = self->encl.encl_base + heap->offset; @@ -490,15 +505,26 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) remove_ioc.offset = heap->offset; remove_ioc.length = heap->size; - + count = 0; TH_LOG("Removing %zd bytes from enclave may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + count += remove_ioc.count; + remove_ioc.offset += remove_ioc.count; + remove_ioc.length -= remove_ioc.count; + remove_ioc.count = 0; + } while (remove_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); - EXPECT_EQ(remove_ioc.count, heap->size); + count += remove_ioc.count; + EXPECT_EQ(count, heap->size); } TEST_F(enclave, clobbered_vdso) -- 2.37.2

2 years, 8 months

1
0
0 0

[PATCH v2 4/6] selftests/sgx: Add SGX selftest augment_via_eaccept_long

by Jarkko Sakkinen

From: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Add a new test case which is same as augment_via_eaccept but adds a larger number of EPC pages to stress test EAUG via EACCEPT. Signed-off-by: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Co-developed-by: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v3: - Addressed Reinette's feedback: https://lore.kernel.org/linux-sgx/bd5285dd-d6dd-8a46-fca9-728db5e2f369@inte… v2: - Addressed Reinette's feedback: https://lore.kernel.org/linux-sgx/24bd8e42-ff4e-0090-d9e1-cd81e4807f21@inte… --- tools/testing/selftests/sgx/load.c | 5 +- tools/testing/selftests/sgx/main.c | 143 +++++++++++++++++++++++++---- tools/testing/selftests/sgx/main.h | 3 +- 3 files changed, 130 insertions(+), 21 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 94bdeac1cf04..47b2786d6a77 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -171,7 +171,8 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) return 0; } -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long edmm_size) { const char device_path[] = "/dev/sgx_enclave"; struct encl_segment *seg; @@ -300,7 +301,7 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) encl->src_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; - for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + for (encl->encl_size = 4096; encl->encl_size < encl->src_size + edmm_size;) encl->encl_size <<= 1; return true; diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 9820b3809c69..c5aa9f323745 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -23,6 +23,10 @@ static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; +/* Message-ID: <DM8PR11MB55912A7F47A84EC9913A6352F6999(a)DM8PR11MB5591.namprd11.prod.outlook.com> */ +static const uint64_t EDMM_SIZE_LONG = 8L * 1024L * 1024L * 1024L; +static const uint64_t TIMEOUT_LONG = 900; /* seconds */ + vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; /* @@ -173,7 +177,8 @@ FIXTURE(enclave) { }; static bool setup_test_encl(unsigned long heap_size, struct encl *encl, - struct __test_metadata *_metadata) + struct __test_metadata *_metadata, + unsigned long edmm_size) { Elf64_Sym *sgx_enter_enclave_sym = NULL; struct vdso_symtab symtab; @@ -183,7 +188,7 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, unsigned int i; void *addr; - if (!encl_load("test_encl.elf", encl, heap_size)) { + if (!encl_load("test_encl.elf", encl, heap_size, edmm_size)) { encl_delete(encl); TH_LOG("Failed to load the test enclave."); return false; @@ -284,7 +289,7 @@ TEST_F(enclave, unclobbered_vdso) struct encl_op_get_from_buf get_op; struct encl_op_put_to_buf put_op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -357,7 +362,7 @@ TEST_F(enclave, unclobbered_vdso_oversubscribed) total_mem = get_total_epc_mem(); ASSERT_NE(total_mem, 0); - ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -401,7 +406,7 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) ASSERT_NE(total_mem, 0); TH_LOG("Creating an enclave with %lu bytes heap may take a while ...", total_mem); - ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata, 0)); /* * Hardware (SGX2) and kernel support is needed for this test. Start @@ -506,7 +511,7 @@ TEST_F(enclave, clobbered_vdso) struct encl_op_get_from_buf get_op; struct encl_op_put_to_buf put_op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -542,7 +547,7 @@ TEST_F(enclave, clobbered_vdso_and_user_function) struct encl_op_get_from_buf get_op; struct encl_op_put_to_buf put_op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -575,7 +580,7 @@ TEST_F(enclave, tcs_entry) { struct encl_op_header op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -620,7 +625,7 @@ TEST_F(enclave, pte_permissions) unsigned long data_start; int ret; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -722,7 +727,7 @@ TEST_F(enclave, tcs_permissions) struct sgx_enclave_restrict_permissions ioc; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -785,7 +790,7 @@ TEST_F(enclave, epcm_permissions) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -986,7 +991,7 @@ TEST_F(enclave, augment) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1116,7 +1121,7 @@ TEST_F(enclave, augment_via_eaccept) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1210,6 +1215,108 @@ TEST_F(enclave, augment_via_eaccept) munmap(addr, PAGE_SIZE); } +/* + * Test for the addition of large number of pages to an initialized enclave via + * a pre-emptive run of EACCEPT on every page to be added. + */ +TEST_F_TIMEOUT(enclave, augment_via_eaccept_long, TIMEOUT_LONG) +{ + struct encl_op_get_from_addr get_addr_op; + struct encl_op_put_to_addr put_addr_op; + struct encl_op_eaccept eaccept_op; + size_t total_size = 0; + unsigned long i; + void *addr; + + if (!sgx2_supported()) + SKIP(return, "SGX2 not supported"); + + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, + EDMM_SIZE_LONG)); + + memset(&self->run, 0, sizeof(self->run)); + self->run.tcs = self->encl.encl_base; + + for (i = 0; i < self->encl.nr_segments; i++) { + struct encl_segment *seg = &self->encl.segment_tbl[i]; + + total_size += seg->size; + } + + /* + * mmap() every page at end of existing enclave to be used for + * EDMM. + */ + addr = mmap((void *)self->encl.encl_base + total_size, EDMM_SIZE_LONG, + PROT_READ | PROT_WRITE | PROT_EXEC, MAP_SHARED | MAP_FIXED, + self->encl.fd, 0); + EXPECT_NE(addr, MAP_FAILED); + + self->run.exception_vector = 0; + self->run.exception_error_code = 0; + self->run.exception_addr = 0; + + /* + * Run EACCEPT on every page to trigger the #PF->EAUG->EACCEPT(again + * without a #PF). All should be transparent to userspace. + */ + eaccept_op.flags = SGX_SECINFO_R | SGX_SECINFO_W | SGX_SECINFO_REG | SGX_SECINFO_PENDING; + eaccept_op.ret = 0; + eaccept_op.header.type = ENCL_OP_EACCEPT; + + for (i = 0; i < EDMM_SIZE_LONG; i += 4096) { + eaccept_op.epc_addr = (uint64_t)(addr + i); + + EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0); + if (self->run.exception_vector == 14 && + self->run.exception_error_code == 4 && + self->run.exception_addr == self->encl.encl_base) { + munmap(addr, EDMM_SIZE_LONG); + SKIP(return, "Kernel does not support adding pages to initialized enclave"); + } + + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + ASSERT_EQ(eaccept_op.ret, 0); + ASSERT_EQ(self->run.function, EEXIT); + } + + /* + * Pool of pages were successfully added to enclave. Perform sanity + * check on first page of the pool only to ensure data can be written + * to and read from a dynamically added enclave page. + */ + put_addr_op.value = MAGIC; + put_addr_op.addr = (unsigned long)addr; + put_addr_op.header.type = ENCL_OP_PUT_TO_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + /* + * Read memory from newly added page that was just written to, + * confirming that data previously written (MAGIC) is present. + */ + get_addr_op.value = 0; + get_addr_op.addr = (unsigned long)addr; + get_addr_op.header.type = ENCL_OP_GET_FROM_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0); + + EXPECT_EQ(get_addr_op.value, MAGIC); + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + munmap(addr, EDMM_SIZE_LONG); +} + /* * SGX2 page type modification test in two phases: * Phase 1: @@ -1238,7 +1345,7 @@ TEST_F(enclave, tcs_create) int ret, i; ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, - _metadata)); + _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1568,7 +1675,7 @@ TEST_F(enclave, remove_added_page_no_eaccept) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1679,7 +1786,7 @@ TEST_F(enclave, remove_added_page_invalid_access) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1794,7 +1901,7 @@ TEST_F(enclave, remove_added_page_invalid_access_after_eaccept) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1918,7 +2025,7 @@ TEST_F(enclave, remove_untouched_page) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); /* * Hardware (SGX2) and kernel support is needed for this test. Start diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index fc585be97e2f..5c190e21a5ff 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -35,7 +35,8 @@ extern unsigned char sign_key[]; extern unsigned char sign_key_end[]; void encl_delete(struct encl *ctx); -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size); +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long edmm_size); bool encl_measure(struct encl *encl); bool encl_build(struct encl *encl); uint64_t encl_get_entry(struct encl *encl, const char *symbol); -- 2.37.2

2 years, 8 months

2
6
0 0

[PATCH v5 0/4] Introduce security_create_user_ns()

by Frederick Lawler

While user namespaces do not make the kernel more vulnerable, they are however used to initiate exploits. Some users do not want to block namespace creation for the entirety of the system, which some distributions provide. Instead, we needed a way to have some applications be blocked, and others allowed. This is not possible with those tools. Managing hierarchies also did not fit our case because we're determining which tasks are allowed based on their attributes. While exploring a solution, we first leveraged the LSM cred_prepare hook because that is the closest hook to prevent a call to create_user_ns(). The calls look something like this: cred = prepare_creds() security_prepare_creds() call_int_hook(cred_prepare, ... if (cred) create_user_ns(cred) We noticed that error codes were not propagated from this hook and introduced a patch [1] to propagate those errors. The discussion notes that security_prepare_creds() is not appropriate for MAC policies, and instead the hook is meant for LSM authors to prepare credentials for mutation. [2] Additionally, cred_prepare hook is not without problems. Handling the clone3 case is a bit more tricky due to the user space pointer passed to it. This makes checking the syscall subject to a possible TOCTTOU attack. Ultimately, we concluded that a better course of action is to introduce a new security hook for LSM authors. [3] This patch set first introduces a new security_create_user_ns() function and userns_create LSM hook, then marks the hook as sleepable in BPF. The following patches after include a BPF test and a patch for an SELinux implementation. We want to encourage use of user namespaces, and also cater the needs of users/administrators to observe and/or control access. There is no expectation of an impact on user space applications because access control is opt-in, and users wishing to observe within a LSM context Links: 1. https://lore.kernel.org/all/20220608150942.776446-1-fred@cloudflare.com/ 2. https://lore.kernel.org/all/87y1xzyhub.fsf@email.froward.int.ebiederm.org/ 3. https://lore.kernel.org/all/9fe9cd9f-1ded-a179-8ded-5fde8960a586@cloudflare… Past discussions: V4: https://lore.kernel.org/all/20220801180146.1157914-1-fred@cloudflare.com/ V3: https://lore.kernel.org/all/20220721172808.585539-1-fred@cloudflare.com/ V2: https://lore.kernel.org/all/20220707223228.1940249-1-fred@cloudflare.com/ V1: https://lore.kernel.org/all/20220621233939.993579-1-fred@cloudflare.com/ Changes since v4: - Update commit description - Update cover letter Changes since v3: - Explicitly set CAP_SYS_ADMIN to test namespace is created given permission - Simplify BPF test to use sleepable hook only - Prefer unshare() over clone() for tests Changes since v2: - Rename create_user_ns hook to userns_create - Use user_namespace as an object opposed to a generic namespace object - s/domB_t/domA_t in commit message Changes since v1: - Add selftests/bpf: Add tests verifying bpf lsm create_user_ns hook patch - Add selinux: Implement create_user_ns hook patch - Change function signature of security_create_user_ns() to only take struct cred - Move security_create_user_ns() call after id mapping check in create_user_ns() - Update documentation to reflect changes Frederick Lawler (4): security, lsm: Introduce security_create_user_ns() bpf-lsm: Make bpf_lsm_userns_create() sleepable selftests/bpf: Add tests verifying bpf lsm userns_create hook selinux: Implement userns_create hook include/linux/lsm_hook_defs.h | 1 + include/linux/lsm_hooks.h | 4 + include/linux/security.h | 6 ++ kernel/bpf/bpf_lsm.c | 1 + kernel/user_namespace.c | 5 + security/security.c | 5 + security/selinux/hooks.c | 9 ++ security/selinux/include/classmap.h | 2 + .../selftests/bpf/prog_tests/deny_namespace.c | 102 ++++++++++++++++++ .../selftests/bpf/progs/test_deny_namespace.c | 33 ++++++ 10 files changed, 168 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/deny_namespace.c create mode 100644 tools/testing/selftests/bpf/progs/test_deny_namespace.c -- 2.30.2

2 years, 8 months

8
34
0 0

[PATCH v1] selftests/xsk: Avoid use-after-free on ctx

by Ian Rogers

The put lowers the reference count to 0 and frees ctx, reading it afterwards is invalid. Move the put after the uses and determine the last use by the reference count being 1. Fixes: 39e940d4abfa ("selftests/xsk: Destroy BPF resources only when ctx refcount drops to 0") Signed-off-by: Ian Rogers <irogers(a)google.com> --- tools/testing/selftests/bpf/xsk.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/bpf/xsk.c b/tools/testing/selftests/bpf/xsk.c index f2721a4ae7c5..0b3ff49c740d 100644 --- a/tools/testing/selftests/bpf/xsk.c +++ b/tools/testing/selftests/bpf/xsk.c @@ -1237,15 +1237,15 @@ void xsk_socket__delete(struct xsk_socket *xsk) ctx = xsk->ctx; umem = ctx->umem; - xsk_put_ctx(ctx, true); - - if (!ctx->refcount) { + if (ctx->refcount == 1) { xsk_delete_bpf_maps(xsk); close(ctx->prog_fd); if (ctx->has_bpf_link) close(ctx->link_fd); } + xsk_put_ctx(ctx, true); + err = xsk_get_mmap_offsets(xsk->fd, &off); if (!err) { if (xsk->rx) { -- 2.37.2.789.g6183377224-goog

2 years, 8 months

3
2
0 0

[PATCH bpf-next v9 00/23] Introduce eBPF support for HID devices

by Benjamin Tissoires

Hi, here comes the v9 of the HID-BPF series. Again, for a full explanation of HID-BPF, please refer to the last patch in this series (23/23). This version sees some minor improvements compared to v7 and v8, only focusing on the reviews I got. (v8 was a single patch update) - patch 1/24 in v7 was dropped as it is already fixed upstream - patch 1/23 in v9 is now capable of handling all functions, not just kfuncs (tested with the selftests only) - some minor nits from Greg's review - a rebase on top of the current bpf-next tree as the kfunc definition changed (for the better). Cheers, Benjamin Benjamin Tissoires (23): bpf/verifier: allow all functions to read user provided context bpf/verifier: do not clear meta in check_mem_size selftests/bpf: add test for accessing ctx from syscall program type bpf/verifier: allow kfunc to return an allocated mem selftests/bpf: Add tests for kfunc returning a memory pointer bpf: prepare for more bpf syscall to be used from kernel and user space. libbpf: add map_get_fd_by_id and map_delete_elem in light skeleton HID: core: store the unique system identifier in hid_device HID: export hid_report_type to uapi HID: convert defines of HID class requests into a proper enum HID: Kconfig: split HID support and hid-core compilation HID: initial BPF implementation selftests/bpf: add tests for the HID-bpf initial implementation HID: bpf: allocate data memory for device_event BPF programs selftests/bpf/hid: add test to change the report size HID: bpf: introduce hid_hw_request() selftests/bpf: add tests for bpf_hid_hw_request HID: bpf: allow to change the report descriptor selftests/bpf: add report descriptor fixup tests selftests/bpf: Add a test for BPF_F_INSERT_HEAD samples/bpf: HID: add new hid_mouse example samples/bpf: HID: add Surface Dial example Documentation: add HID-BPF docs Documentation/hid/hid-bpf.rst | 512 +++++++++ Documentation/hid/index.rst | 1 + drivers/Makefile | 2 +- drivers/hid/Kconfig | 20 +- drivers/hid/Makefile | 2 + drivers/hid/bpf/Kconfig | 17 + drivers/hid/bpf/Makefile | 11 + drivers/hid/bpf/entrypoints/Makefile | 93 ++ drivers/hid/bpf/entrypoints/README | 4 + drivers/hid/bpf/entrypoints/entrypoints.bpf.c | 66 ++ .../hid/bpf/entrypoints/entrypoints.lskel.h | 682 ++++++++++++ drivers/hid/bpf/hid_bpf_dispatch.c | 526 ++++++++++ drivers/hid/bpf/hid_bpf_dispatch.h | 28 + drivers/hid/bpf/hid_bpf_jmp_table.c | 577 ++++++++++ drivers/hid/hid-core.c | 49 +- include/linux/bpf.h | 9 +- include/linux/btf.h | 10 + include/linux/hid.h | 38 +- include/linux/hid_bpf.h | 148 +++ include/uapi/linux/hid.h | 26 +- include/uapi/linux/hid_bpf.h | 25 + kernel/bpf/btf.c | 109 +- kernel/bpf/syscall.c | 10 +- kernel/bpf/verifier.c | 64 +- net/bpf/test_run.c | 21 + samples/bpf/.gitignore | 2 + samples/bpf/Makefile | 27 + samples/bpf/hid_mouse.bpf.c | 134 +++ samples/bpf/hid_mouse.c | 161 +++ samples/bpf/hid_surface_dial.bpf.c | 161 +++ samples/bpf/hid_surface_dial.c | 232 ++++ tools/include/uapi/linux/hid.h | 62 ++ tools/include/uapi/linux/hid_bpf.h | 25 + tools/lib/bpf/skel_internal.h | 23 + tools/testing/selftests/bpf/Makefile | 5 +- tools/testing/selftests/bpf/config | 3 + tools/testing/selftests/bpf/prog_tests/hid.c | 990 ++++++++++++++++++ .../selftests/bpf/prog_tests/kfunc_call.c | 76 ++ tools/testing/selftests/bpf/progs/hid.c | 206 ++++ .../selftests/bpf/progs/kfunc_call_test.c | 125 +++ 40 files changed, 5198 insertions(+), 84 deletions(-) create mode 100644 Documentation/hid/hid-bpf.rst create mode 100644 drivers/hid/bpf/Kconfig create mode 100644 drivers/hid/bpf/Makefile create mode 100644 drivers/hid/bpf/entrypoints/Makefile create mode 100644 drivers/hid/bpf/entrypoints/README create mode 100644 drivers/hid/bpf/entrypoints/entrypoints.bpf.c create mode 100644 drivers/hid/bpf/entrypoints/entrypoints.lskel.h create mode 100644 drivers/hid/bpf/hid_bpf_dispatch.c create mode 100644 drivers/hid/bpf/hid_bpf_dispatch.h create mode 100644 drivers/hid/bpf/hid_bpf_jmp_table.c create mode 100644 include/linux/hid_bpf.h create mode 100644 include/uapi/linux/hid_bpf.h create mode 100644 samples/bpf/hid_mouse.bpf.c create mode 100644 samples/bpf/hid_mouse.c create mode 100644 samples/bpf/hid_surface_dial.bpf.c create mode 100644 samples/bpf/hid_surface_dial.c create mode 100644 tools/include/uapi/linux/hid.h create mode 100644 tools/include/uapi/linux/hid_bpf.h create mode 100644 tools/testing/selftests/bpf/prog_tests/hid.c create mode 100644 tools/testing/selftests/bpf/progs/hid.c -- 2.36.1

2 years, 8 months

4
43
0 0

[PATCH] selftests: net: sort .gitignore file

by Axel Rasmussen

This is the result of `sort tools/testing/selftests/net/.gitignore`, but preserving the comment at the top. Suggested-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Axel Rasmussen <axelrasmussen(a)google.com> --- tools/testing/selftests/net/.gitignore | 52 +++++++++++++------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/tools/testing/selftests/net/.gitignore b/tools/testing/selftests/net/.gitignore index 02abf8fdfd3a..e64419c3fed8 100644 --- a/tools/testing/selftests/net/.gitignore +++ b/tools/testing/selftests/net/.gitignore @@ -1,43 +1,43 @@ # SPDX-License-Identifier: GPL-2.0-only +cmsg_sender +fin_ack_lat +gro +hwtstamp_config +ioam6_parser +io_uring_zerocopy_tx +ip_defrag ipsec +ipv6_flowlabel +ipv6_flowlabel_mgr msg_zerocopy -socket +nettest psock_fanout psock_snd psock_tpacket -stress_reuseport_listen +reuseaddr_conflict +reuseaddr_ports_exhausted reuseport_addr_any reuseport_bpf reuseport_bpf_cpu reuseport_bpf_numa reuseport_dualstack -reuseaddr_conflict -tcp_mmap -udpgso -udpgso_bench_rx -udpgso_bench_tx -tcp_inq -tls -txring_overwrite -ip_defrag -ipv6_flowlabel -ipv6_flowlabel_mgr -so_txtime -tcp_fastopen_backup_key -nettest -fin_ack_lat -reuseaddr_ports_exhausted -hwtstamp_config rxtimestamp -timestamping -txtimestamp +socket so_netns_cookie +so_txtime +stress_reuseport_listen +tap +tcp_fastopen_backup_key +tcp_inq +tcp_mmap test_unix_oob -gro -ioam6_parser +timestamping +tls toeplitz tun -cmsg_sender +txring_overwrite +txtimestamp +udpgso +udpgso_bench_rx +udpgso_bench_tx unix_connect -tap -io_uring_zerocopy_tx -- 2.37.2.672.g94769d06f0-goog

2 years, 8 months

4
4
0 0

[PATCH v2] checkpatch: Handle FILE pointer type

by Mickaël Salaün

When using a "FILE *" type, checkpatch considers this an error: ERROR: need consistent spacing around '*' (ctx:WxV) #32: FILE: f.c:8: +static void a(FILE *const b) ^ Fix this by explicitly defining "FILE" as a common type. This is useful for user space patches. With this patch, we now get: <E> <E> <_>WS( ) <E> <E> <_>IDENT(static) <E> <V> <_>WS( ) <E> <V> <_>DECLARE(void ) <E> <T> <_>FUNC(a) <E> <V> <V>PAREN('(') <EV> <N> <_>DECLARE(FILE *const ) <EV> <T> <_>IDENT(b) <EV> <V> <_>PAREN(')') -> V <E> <V> <_>WS( ) 32 > . static void a(FILE *const b) 32 > EEVVVVVVVTTTTTVNTTTTTTTTTTTTVVV 32 > ______________________________ Cc: Andy Whitcroft <apw(a)canonical.com> Cc: Dwaipayan Ray <dwaipayanray1(a)gmail.com> Cc: Joe Perches <joe(a)perches.com> Cc: Lukas Bulwahn <lukas.bulwahn(a)gmail.com> Signed-off-by: Mickaël Salaün <mic(a)digikod.net> Link: https://lore.kernel.org/r/20220902111923.1488671-1-mic@digikod.net --- Changes since v1: https://lore.kernel.org/r/20220901145948.1456353-1-mic@digikod.net * Remove the FIXTURE_{DATA,VARIANT}() comments. * Improve commit description. --- scripts/checkpatch.pl | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 79e759aac543..e2175102a354 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -576,10 +576,14 @@ our $typeKernelTypedefs = qr{(?x: (?:__)?(?:u|s|be|le)(?:8|16|32|64)| atomic_t )}; +our $typeStdioTypedefs = qr{(?x: + FILE +)}; our $typeTypedefs = qr{(?x: $typeC99Typedefs\b| $typeOtherOSTypedefs\b| - $typeKernelTypedefs\b + $typeKernelTypedefs\b| + $typeStdioTypedefs\b )}; our $zero_initializer = qr{(?:(?:0[xX])?0+$Int_type?|NULL|false)\b}; base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.37.2

2 years, 8 months

2
1
0 0

[RFC PATCH v1] checkpatch: Handle FILE pointer type

by Mickaël Salaün

When using a "FILE *" type, checkpatch considers this an error. Fix this by explicitly defining "FILE" as a common type. This is useful for user space patches. With this patch, we now get: static void a(FILE *const b) <E> <E> <_>WS( ) <E> <E> <_>IDENT(static) <E> <V> <_>WS( ) <E> <V> <_>DECLARE(void ) <E> <T> <_>FUNC(a) <E> <V> <V>PAREN('(') <EV> <N> <_>DECLARE(FILE *const ) <EV> <T> <_>IDENT(b) <EV> <V> <_>PAREN(')') -> V <E> <V> <_>WS( ) 32 > . static void a(FILE *const b) 32 > EEVVVVVVVTTTTTVNTTTTTTTTTTTTVVV 32 > ______________________________ Another error may be throw when we use FIXTURE_{DATA,VARIANT}() structs, as defined in kselftest_harness.h . The commented $typeKselftestHarnessTypedefs should fix it but such definition is considered as a function instead, because of the closing parenthesis. I'd like some help to fix this as well. With $typeKselftestHarnessTypedefs added to $typeTypedefs, we get: static void c(const FIXTURE_VARIANT(d) *const e) <E> <E> <_>WS( ) <E> <E> <_>IDENT(static) <E> <V> <_>WS( ) <E> <V> <_>DECLARE(void ) <E> <T> <_>FUNC(c) <E> <V> <V>PAREN('(') <EV> <N> <_>MODIFIER(const) <EV> <T> <_>WS( ) <EV> <T> <_>FUNC(FIXTURE_VARIANT) <EV> <V> <V>PAREN('(') <EVV> <N> <_>IDENT(d) <EVV> <V> <_>PAREN(')') -> V <EV> <V> <_>WS( ) <EV> <V> <_>OPV(*) <EV> <N> <_>MODIFIER(const) <EV> <T> <_>WS( ) <EV> <T> <_>IDENT(e) <EV> <V> <_>PAREN(')') -> V <E> <V> <_>WS( ) 30 > . static void c(const FIXTURE_VARIANT(d) *const e) 30 > EEVVVVVVVTTTTTVNTTTTTTVVVVVVVVVVVVVVVNVVVNTTTTTTVVV 30 > ________________________________________B_________ Cc: Andy Whitcroft <apw(a)canonical.com> Cc: Dwaipayan Ray <dwaipayanray1(a)gmail.com> Cc: Joe Perches <joe(a)perches.com> Cc: Lukas Bulwahn <lukas.bulwahn(a)gmail.com> Signed-off-by: Mickaël Salaün <mic(a)digikod.net> Link: https://lore.kernel.org/r/20220901145948.1456353-1-mic@digikod.net --- scripts/checkpatch.pl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 79e759aac543..016b47c35742 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -576,10 +576,17 @@ our $typeKernelTypedefs = qr{(?x: (?:__)?(?:u|s|be|le)(?:8|16|32|64)| atomic_t )}; +our $typeStdioTypedefs = qr{(?x: + FILE +)}; +# our $typeKselftestHarnessTypedefs = qr{(?x: +# FIXTURE_(?:DATA|VARIANT)$$Ident$ +# )}; our $typeTypedefs = qr{(?x: $typeC99Typedefs\b| $typeOtherOSTypedefs\b| - $typeKernelTypedefs\b + $typeKernelTypedefs\b| + $typeStdioTypedefs\b )}; our $zero_initializer = qr{(?:(?:0[xX])?0+$Int_type?|NULL|false)\b}; base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.37.2

2 years, 8 months

2
6
0 0

[PATCH 1/2] drm/tests: Split drm_framebuffer_create_test into parameterized tests

by Maíra Canal

The igt_check_drm_framebuffer_create is based on a loop that executes tests for all createbuffer_tests test cases. This could be better represented by parameterized tests, provided by KUnit. So, convert the igt_check_drm_framebuffer_create test into parameterized tests. Signed-off-by: Maíra Canal <mairacanal(a)riseup.net> --- drivers/gpu/drm/tests/drm_framebuffer_test.c | 23 +++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/tests/drm_framebuffer_test.c b/drivers/gpu/drm/tests/drm_framebuffer_test.c index ec7a08ba4056..3e46fd9f6615 100644 --- a/drivers/gpu/drm/tests/drm_framebuffer_test.c +++ b/drivers/gpu/drm/tests/drm_framebuffer_test.c @@ -25,7 +25,7 @@ struct drm_framebuffer_test { const char *name; }; -static struct drm_framebuffer_test createbuffer_tests[] = { +static const struct drm_framebuffer_test drm_framebuffer_create_cases[] = { { .buffer_created = 1, .name = "ABGR8888 normal sizes", .cmd = { .width = 600, .height = 600, .pixel_format = DRM_FORMAT_ABGR8888, .handles = { 1, 0, 0 }, .pitches = { 4 * 600, 0, 0 }, @@ -340,28 +340,25 @@ static struct drm_device mock_drm_device = { }, }; -static int execute_drm_mode_fb_cmd2(struct drm_mode_fb_cmd2 *r) +static void drm_framebuffer_create_test(struct kunit *test) { + const struct drm_framebuffer_test *params = test->param_value; int buffer_created = 0; mock_drm_device.dev_private = &buffer_created; - drm_internal_framebuffer_create(&mock_drm_device, r, NULL); - return buffer_created; + drm_internal_framebuffer_create(&mock_drm_device, &params->cmd, NULL); + KUNIT_EXPECT_EQ(test, params->buffer_created, buffer_created); } -static void igt_check_drm_framebuffer_create(struct kunit *test) +static void drm_framebuffer_to_desc(const struct drm_framebuffer_test *t, char *desc) { - int i = 0; - - for (i = 0; i < ARRAY_SIZE(createbuffer_tests); i++) { - KUNIT_EXPECT_EQ_MSG(test, createbuffer_tests[i].buffer_created, - execute_drm_mode_fb_cmd2(&createbuffer_tests[i].cmd), - "Test %d: \"%s\" failed\n", i, createbuffer_tests[i].name); - } + strcpy(desc, t->name); } +KUNIT_ARRAY_PARAM(drm_framebuffer_create, drm_framebuffer_create_cases, drm_framebuffer_to_desc); + static struct kunit_case drm_framebuffer_tests[] = { - KUNIT_CASE(igt_check_drm_framebuffer_create), + KUNIT_CASE_PARAM(drm_framebuffer_create_test, drm_framebuffer_create_gen_params), { } }; -- 2.37.2

2 years, 8 months

4
6
0 0

Wycena paneli fotowoltaicznych

by Norbert Karecki

Dzień dobry, dostrzegam możliwość współpracy z Państwa firmą. Świadczymy kompleksową obsługę inwestycji w fotowoltaikę, która obniża koszty energii elektrycznej nawet o 90%. Czy są Państwo zainteresowani weryfikacją wstępnych propozycji? Pozdrawiam, Norbert Karecki

2 years, 8 months

1
0
0 0

[PATCH v14 00/12] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 3 allows dynamic pointers to be used as kfunc parameters. Patch 4 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 5 makes available for new eBPF kfuncs some key-related definitions. Patch 6 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 7 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 8 changes the testing kernel configuration to compile everything as built-in. Finally, patches 9-12 introduce the tests. Changelog v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (11): bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and set KEY_LOOKUP_FLAGS_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add verifier tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 4 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 2 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../bpf/verifier/kfunc_dynptr_param.c | 72 ++++ .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 23 files changed, 1285 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/verifier/kfunc_dynptr_param.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 8 months

4
22
0 0

[PATCH v1 0/5] KVM: arm64: Enable ring-based dirty memory tracking

by Gavin Shan

This series enables the ring-based dirty memory tracking for ARM64. The feature has been available and enabled on x86 for a while. It is beneficial when the number of dirty pages is small in a checkpointing system or live migration scenario. More details can be found from fb04a1eddb1a ("KVM: X86: Implement ring-based dirty memory tracking"). The generic part has been comprehensive enough, meaning there isn't too much work, needed to extend it to ARM64. - PATCH[1] enables the feature on ARM64 - PATCH[2-5] improves kvm/selftests/dirty_log_test Testing ======= - kvm/selftests/dirty_log_test - Live migration by QEMU - Host with 4KB or 64KB base page size Gavin Shan (5): KVM: arm64: Enable ring-based dirty memory tracking KVM: selftests: Use host page size to map ring buffer in dirty_log_test KVM: selftests: Dirty host pages in dirty_log_test KVM: selftests: Clear dirty ring states between two modes in dirty_log_test KVM: selftests: Automate choosing dirty ring size in dirty_log_test Documentation/virt/kvm/api.rst | 2 +- arch/arm64/include/uapi/asm/kvm.h | 1 + arch/arm64/kvm/Kconfig | 1 + arch/arm64/kvm/arm.c | 8 ++ tools/testing/selftests/kvm/dirty_log_test.c | 101 ++++++++++++++----- tools/testing/selftests/kvm/lib/kvm_util.c | 2 +- 6 files changed, 88 insertions(+), 27 deletions(-) -- 2.23.0

2 years, 8 months

6
32
0 0

[PATCH 4/6] selftests/sgx: Add SGX selftest augment_via_eaccept_long

by Jarkko Sakkinen

From: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Add a new test case which is same as augment_via_eaccept but adds a larger number of EPC pages to stress test EAUG via EACCEPT. Signed-off-by: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Co-developed-by: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v2: - Addressed Reinette's feedback: https://lore.kernel.org/linux-sgx/24bd8e42-ff4e-0090-d9e1-cd81e4807f21@inte… --- tools/testing/selftests/sgx/load.c | 5 +- tools/testing/selftests/sgx/main.c | 141 +++++++++++++++++++++--- tools/testing/selftests/sgx/main.h | 3 +- tools/testing/selftests/sgx/sigstruct.c | 2 +- 4 files changed, 129 insertions(+), 22 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 94bdeac1cf04..7de1b15c90b1 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -171,7 +171,8 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) return 0; } -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long edmm_size) { const char device_path[] = "/dev/sgx_enclave"; struct encl_segment *seg; @@ -300,7 +301,7 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) encl->src_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; - for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + for (encl->encl_size = 4096; encl->encl_size < encl->src_size + edmm_size;) encl->encl_size <<= 1; return true; diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 9820b3809c69..867e98502120 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -21,8 +21,15 @@ #include "../kselftest_harness.h" #include "main.h" +/* + * The size was chosen based on a bug report: + * https://lore.kernel.org/linux-sgx/DM8PR11MB55912A7F47A84EC9913A6352F6999@DM… + */ +static const unsigned long EDMM_SIZE_LONG = 8L * 1024L * 1024L * 1024L; // 8 GB +static const unsigned long TIMEOUT_LONG = 900; /* seconds */ static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; + vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; /* @@ -173,7 +180,8 @@ FIXTURE(enclave) { }; static bool setup_test_encl(unsigned long heap_size, struct encl *encl, - struct __test_metadata *_metadata) + struct __test_metadata *_metadata, + unsigned long edmm_size) { Elf64_Sym *sgx_enter_enclave_sym = NULL; struct vdso_symtab symtab; @@ -183,7 +191,7 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, unsigned int i; void *addr; - if (!encl_load("test_encl.elf", encl, heap_size)) { + if (!encl_load("test_encl.elf", encl, heap_size, edmm_size)) { encl_delete(encl); TH_LOG("Failed to load the test enclave."); return false; @@ -284,7 +292,7 @@ TEST_F(enclave, unclobbered_vdso) struct encl_op_get_from_buf get_op; struct encl_op_put_to_buf put_op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -357,7 +365,7 @@ TEST_F(enclave, unclobbered_vdso_oversubscribed) total_mem = get_total_epc_mem(); ASSERT_NE(total_mem, 0); - ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -401,7 +409,7 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) ASSERT_NE(total_mem, 0); TH_LOG("Creating an enclave with %lu bytes heap may take a while ...", total_mem); - ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata, 0)); /* * Hardware (SGX2) and kernel support is needed for this test. Start @@ -506,7 +514,7 @@ TEST_F(enclave, clobbered_vdso) struct encl_op_get_from_buf get_op; struct encl_op_put_to_buf put_op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -542,7 +550,7 @@ TEST_F(enclave, clobbered_vdso_and_user_function) struct encl_op_get_from_buf get_op; struct encl_op_put_to_buf put_op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -575,7 +583,7 @@ TEST_F(enclave, tcs_entry) { struct encl_op_header op; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -620,7 +628,7 @@ TEST_F(enclave, pte_permissions) unsigned long data_start; int ret; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -722,7 +730,7 @@ TEST_F(enclave, tcs_permissions) struct sgx_enclave_restrict_permissions ioc; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -785,7 +793,7 @@ TEST_F(enclave, epcm_permissions) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -986,7 +994,7 @@ TEST_F(enclave, augment) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1116,7 +1124,7 @@ TEST_F(enclave, augment_via_eaccept) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1210,6 +1218,103 @@ TEST_F(enclave, augment_via_eaccept) munmap(addr, PAGE_SIZE); } +/* + * Test for the addition of large number of pages to an initialized enclave via + * a pre-emptive run of EACCEPT on every page to be added. + */ +TEST_F_TIMEOUT(enclave, augment_via_eaccept_long, TIMEOUT_LONG) +{ + struct encl_op_get_from_addr get_addr_op; + struct encl_op_put_to_addr put_addr_op; + struct encl_op_eaccept eaccept_op; + size_t total_size = 0; + unsigned long i; + void *addr; + + if (!sgx2_supported()) + SKIP(return, "SGX2 not supported"); + + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, + EDMM_SIZE_LONG)); + + memset(&self->run, 0, sizeof(self->run)); + self->run.tcs = self->encl.encl_base; + + for (i = 0; i < self->encl.nr_segments; i++) { + struct encl_segment *seg = &self->encl.segment_tbl[i]; + + total_size += seg->size; + } + + /* + * mmap() every page at end of existing enclave to be used for + * EDMM. + */ + addr = mmap((void *)self->encl.encl_base + total_size, EDMM_SIZE_LONG, + PROT_READ | PROT_WRITE | PROT_EXEC, MAP_SHARED | MAP_FIXED, + self->encl.fd, 0); + EXPECT_NE(addr, MAP_FAILED); + + self->run.exception_vector = 0; + self->run.exception_error_code = 0; + self->run.exception_addr = 0; + + /* + * Run EACCEPT on new page to trigger the #PF->EAUG->EACCEPT(again + * without a #PF). All should be transparent to userspace. + */ + eaccept_op.flags = SGX_SECINFO_R | SGX_SECINFO_W | SGX_SECINFO_REG | SGX_SECINFO_PENDING; + eaccept_op.ret = 0; + eaccept_op.header.type = ENCL_OP_EACCEPT; + + for (i = 0; i < EDMM_SIZE_LONG; i += 4096) { + eaccept_op.epc_addr = (uint64_t)(addr + i); + + EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0); + if (self->run.exception_vector == 14 && + self->run.exception_error_code == 4 && + self->run.exception_addr == self->encl.encl_base) { + munmap(addr, EDMM_SIZE_LONG); + SKIP(return, "Kernel does not support adding pages to initialized enclave"); + } + + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + ASSERT_EQ(eaccept_op.ret, 0); + ASSERT_EQ(self->run.function, EEXIT); + } + + put_addr_op.value = MAGIC; + put_addr_op.addr = (unsigned long)addr; + put_addr_op.header.type = ENCL_OP_PUT_TO_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + /* + * Read memory from newly added page that was just written to, + * confirming that data previously written (MAGIC) is present. + */ + get_addr_op.value = 0; + get_addr_op.addr = (unsigned long)addr; + get_addr_op.header.type = ENCL_OP_GET_FROM_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0); + + EXPECT_EQ(get_addr_op.value, MAGIC); + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + munmap(addr, EDMM_SIZE_LONG); +} + /* * SGX2 page type modification test in two phases: * Phase 1: @@ -1238,7 +1343,7 @@ TEST_F(enclave, tcs_create) int ret, i; ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, - _metadata)); + _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1568,7 +1673,7 @@ TEST_F(enclave, remove_added_page_no_eaccept) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1679,7 +1784,7 @@ TEST_F(enclave, remove_added_page_invalid_access) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1794,7 +1899,7 @@ TEST_F(enclave, remove_added_page_invalid_access_after_eaccept) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1918,7 +2023,7 @@ TEST_F(enclave, remove_untouched_page) unsigned long data_start; int ret, errno_save; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata, 0)); /* * Hardware (SGX2) and kernel support is needed for this test. Start diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index fc585be97e2f..fe5d39ac0e1e 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -35,7 +35,8 @@ extern unsigned char sign_key[]; extern unsigned char sign_key_end[]; void encl_delete(struct encl *ctx); -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size); +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long edmm_size); bool encl_measure(struct encl *encl); bool encl_build(struct encl *encl); uint64_t encl_get_entry(struct encl *encl, const char *symbol); diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index a07896a46364..decd767434d5 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -349,7 +349,7 @@ bool encl_measure(struct encl *encl) if (!ctx) goto err; - if (!mrenclave_ecreate(ctx, encl->src_size)) + if (!mrenclave_ecreate(ctx, encl->encl_size)) goto err; for (i = 0; i < encl->nr_segments; i++) { -- 2.37.2

2 years, 8 months

2
7
0 0

[PATCH 6/6] selftests/sgx: Add a bpftrace script for tracking allocation errors

by Jarkko Sakkinen

Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/alloc-error.bt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 tools/testing/selftests/sgx/alloc-error.bt diff --git a/tools/testing/selftests/sgx/alloc-error.bt b/tools/testing/selftests/sgx/alloc-error.bt new file mode 100644 index 000000000000..9268d50dea29 --- /dev/null +++ b/tools/testing/selftests/sgx/alloc-error.bt @@ -0,0 +1,7 @@ +kr:sgx_alloc_epc_page /(uint64)retval >= (uint64)(-4095)/ { + printf("sgx_alloc_epc_page: retval=%d\n", (int64)retval); +} + +kr:sgx_encl_page_alloc /(uint64)retval >= (uint64)(-4095)/ { + printf("sgx_encl_page_alloc: retval=%d\n", (int64)retval); +} -- 2.37.2

2 years, 8 months

3
8
0 0

[PATCH v2] tools: Add new "test" taint to kernel-chktaint

by Joe Fradley

Commit c272612cb4a2 ("kunit: Taint the kernel when KUnit tests are run") added a new taint flag for when in-kernel tests run. This commit adds recognition of this new flag in kernel-chktaint. Reviewed-by: David Gow <davidgow(a)google.com> Signed-off-by: Joe Fradley <joefradley(a)google.com> --- Changes in v2: - based off of kselftest/kunit branch - Added David's Reviewed-by tag tools/debugging/kernel-chktaint | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tools/debugging/kernel-chktaint b/tools/debugging/kernel-chktaint index f1af27ce9f20..279be06332be 100755 --- a/tools/debugging/kernel-chktaint +++ b/tools/debugging/kernel-chktaint @@ -187,6 +187,7 @@ else echo " * auxiliary taint, defined for and used by distros (#16)" fi + T=`expr $T / 2` if [ `expr $T % 2` -eq 0 ]; then addout " " @@ -195,6 +196,14 @@ else echo " * kernel was built with the struct randomization plugin (#17)" fi +T=`expr $T / 2` +if [ `expr $T % 2` -eq 0 ]; then + addout " " +else + addout "N" + echo " * an in-kernel test (such as a KUnit test) has been run (#18)" +fi + echo "For a more detailed explanation of the various taint flags see" echo " Documentation/admin-guide/tainted-kernels.rst in the Linux kernel sources" echo " or https://kernel.org/doc/html/latest/admin-guide/tainted-kernels.html" -- 2.37.1.595.g718a3a8f04-goog

2 years, 8 months

4
5
0 0

[PATCH v2 6/6] selftests/sgx: Add a bpftrace script for tracking allocation errors

by Jarkko Sakkinen

Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v2: * Added comments. --- tools/testing/selftests/sgx/alloc-error.bt | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 tools/testing/selftests/sgx/alloc-error.bt diff --git a/tools/testing/selftests/sgx/alloc-error.bt b/tools/testing/selftests/sgx/alloc-error.bt new file mode 100644 index 000000000000..0cc8b2e41852 --- /dev/null +++ b/tools/testing/selftests/sgx/alloc-error.bt @@ -0,0 +1,9 @@ +/* EPC allocation */ +kr:sgx_alloc_epc_page /(uint64)retval >= (uint64)(-4095)/ { + printf("sgx_alloc_epc_page: retval=%d\n", (int64)retval); +} + +/* kzalloc for struct sgx_encl_page */ +kr:sgx_encl_page_alloc /(uint64)retval >= (uint64)(-4095)/ { + printf("sgx_encl_page_alloc: retval=%d\n", (int64)retval); +} -- 2.37.2

2 years, 8 months

2
2
0 0

[PATCH 5/6] selftests/sgx: retry the ioctls returned with EAGAIN

by Jarkko Sakkinen

From: Haitao Huang <haitao.huang(a)linux.intel.com> For EMODT and EREMOVE ioctls with a large range, kernel may not finish in one shot and return EAGAIN error code and count of bytes of EPC pages on that operations are finished successfully. Change the unclobbered_vdso_oversubscribed_remove test to rerun the ioctls in a loop, updating offset and length using the byte count returned in each iteration. Signed-off-by: Haitao Huang <haitao.huang(a)linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/main.c | 39 +++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 867e98502120..3268d8b01b0b 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -399,7 +399,7 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) unsigned long total_mem; int ret, errno_save; unsigned long addr; - unsigned long i; + unsigned long i, count; /* * Create enclave with additional heap that is as big as all @@ -461,16 +461,27 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) modt_ioc.offset = heap->offset; modt_ioc.length = heap->size; modt_ioc.page_type = SGX_PAGE_TYPE_TRIM; - + count = 0; TH_LOG("Changing type of %zd bytes to trimmed may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); + errno_save = ret == -1 ? errno : 0; + if (errno_save == EAGAIN) { + count += modt_ioc.count; + modt_ioc.offset += modt_ioc.count; + modt_ioc.length -= modt_ioc.count; + modt_ioc.result = 0; + modt_ioc.count = 0; + } else + break; + } while (modt_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); EXPECT_EQ(modt_ioc.result, 0); - EXPECT_EQ(modt_ioc.count, heap->size); + count += modt_ioc.count; + EXPECT_EQ(count, heap->size); /* EACCEPT all removed pages. */ addr = self->encl.encl_base + heap->offset; @@ -498,15 +509,25 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) remove_ioc.offset = heap->offset; remove_ioc.length = heap->size; - + count = 0; TH_LOG("Removing %zd bytes from enclave may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); + errno_save = ret == -1 ? errno : 0; + if (errno_save == EAGAIN) { + count += remove_ioc.count; + remove_ioc.offset += remove_ioc.count; + remove_ioc.length -= remove_ioc.count; + remove_ioc.count = 0; + } else + break; + } while (remove_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); - EXPECT_EQ(remove_ioc.count, heap->size); + count += remove_ioc.count; + EXPECT_EQ(count, heap->size); } TEST_F(enclave, clobbered_vdso) -- 2.37.2

2 years, 8 months

3
6
0 0

[PATCH 0/2] fortify: Add run-time WARN for cross-field memcpy()

by Kees Cook

Hi, I'm hoping to at least get this into -next to see how noisy it ends up being. I've tracked down several false positives that are getting fixed, but I'd like to see this get wider testing. For details, see patch 1, but this is the run-time half of the recent FORTIFY_SOURCE memcpy() bounds checking work. -Kees Kees Cook (2): fortify: Add run-time WARN for cross-field memcpy() lkdtm: Update tests for memcpy() run-time warnings drivers/misc/lkdtm/fortify.c | 96 +++++++++++++++++++++---- include/linux/fortify-string.h | 70 +++++++++++++++++- tools/testing/selftests/lkdtm/tests.txt | 8 ++- 3 files changed, 155 insertions(+), 19 deletions(-) -- 2.34.1

2 years, 8 months

2
3
0 0

[PATCH] selftest: vm: remove deleted local_config.* from .gitignore

by Tarun Sahu

Commit d2d6cba5d6623245a80cc151008cce825c8b6248 ("selftest: vm: remove orphaned references to local_config.{h,mk}") took care of removing orphaned references. This commit remove local_config from .gitignore. Parent Patch Commit 69007f156ba7aead6c75b0046958ad3396f5aed1 ("Kselftests: remove support of libhugetlbfs from kselftests") Signed-off-by: Tarun Sahu <tsahu(a)linux.ibm.com> --- tools/testing/selftests/vm/.gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/tools/testing/selftests/vm/.gitignore b/tools/testing/selftests/vm/.gitignore index 31e5eea2a9b9..7b9dc2426f18 100644 --- a/tools/testing/selftests/vm/.gitignore +++ b/tools/testing/selftests/vm/.gitignore @@ -30,7 +30,6 @@ map_fixed_noreplace write_to_hugetlbfs hmm-tests memfd_secret -local_config.* soft-dirty split_huge_page_test ksm_tests -- 2.31.1

2 years, 8 months

2
1
0 0

Re: [selftests] a37ddddd86: BUG:KASAN:use-after-free_in_firmware_upload_unregister

by Russ Weight

Thanks for the reply. I was able to reproduce it a couple of weeks ago and I have already submitted a fix. - Russ On 8/31/22 22:43, Yujie Liu wrote: > Hi Russ, > > On 8/2/2022 04:42, Russ Weight wrote: >> Oliver, >> >> On 7/29/22 00:08, kernel test robot wrote: >>> >>> Greeting, >>> >>> FYI, we noticed the following commit (built with gcc-11): >>> >>> commit: a37ddddd86037c896c702b4df416bc4e51b2a5a0 ("selftests: firmware: Add firmware upload selftests") >>> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master >>> >>> in testcase: kernel-selftests >>> version: kernel-selftests-x86_64-4cb0bec3-1_20220724 >>> with following parameters: >>> >>> group: firmware >>> ucode: 0xec >>> >>> test-description: The kernel contains a set of "self tests" under the tools/testing/selftests/ directory. These are intended to be small unit tests to exercise individual code paths in the kernel. >>> test-url: https://www.kernel.org/doc/Documentation/kselftest.txt >>> >>> >>> on test machine: 8 threads Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz with 28G memory >>> >>> caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): >>> >>> >>> >>> If you fix the issue, kindly add following tag >>> Reported-by: kernel test robot <oliver.sang(a)intel.com> >>> >>> >>> [ 103.520572][ T2443] BUG: KASAN: use-after-free in firmware_upload_unregister (drivers/base/firmware_loader/sysfs_upload.c:395) >>> [ 103.520579][ T2443] Read of size 8 at addr ffff8881e186c808 by task fw_upload.sh/2443 >>> [ 103.528481][ T395] >>> [ 103.534696][ T2443] >>> [ 103.534698][ T2443] CPU: 7 PID: 2443 Comm: fw_upload.sh Not tainted 5.18.0-rc2-00036-ga37ddddd8603 #1 >>> [ 103.534701][ T2443] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.2.8 01/26/2016 >>> [ 103.534703][ T2443] Call Trace: >>> [ 103.534705][ T2443] <TASK> >>> [ 103.534707][ T2443] ? firmware_upload_unregister (drivers/base/firmware_loader/sysfs_upload.c:395) >> I believe I understand the problem, but I have been unable to reproduce the error to verify the fix: >> >> 394 device_unregister(&fw_sysfs->dev); >> 395 module_put(fw_upload_priv->module); >> >> The device_unregister() call could result in the dev_release >> function freeing the fw_upload_priv structure before it is >> dereferenced on line 395. Copying fw_upload_priv->module to a >> local variable for use when calling device_unregister() >> should fix the problem. >> >>> [ 103.534713][ T2443] dump_stack_lvl (lib/dump_stack.c:107 (discriminator 4)) >>> [ 103.588011][ T2443] print_address_description+0x1f/0x200 >>> [ 103.594406][ T2443] ? firmware_upload_unregister (drivers/base/firmware_loader/sysfs_upload.c:395) >>> [ 103.600112][ T2443] print_report.cold (mm/kasan/report.c:430) >>> [ 103.604782][ T2443] ? do_raw_spin_lock (arch/x86/include/asm/atomic.h:202 include/linux/atomic/atomic-instrumented.h:543 include/asm-generic/qspinlock.h:82 kernel/locking/spinlock_debug.c:115) >>> [ 103.609624][ T2443] kasan_report (mm/kasan/report.c:162 mm/kasan/report.c:493) >>> [ 103.613861][ T2443] ? firmware_upload_unregister (drivers/base/firmware_loader/sysfs_upload.c:395) >>> [ 103.619561][ T2443] firmware_upload_unregister (drivers/base/firmware_loader/sysfs_upload.c:395) >>> [ 103.625091][ T2443] upload_unregister_store (lib/test_firmware.c:1060 lib/test_firmware.c:1321) >>> [ 103.630377][ T2443] ? sysfs_file_ops (fs/sysfs/file.c:129) >>> [ 103.635046][ T2443] kernfs_fop_write_iter (fs/kernfs/file.c:294) >>> [ 103.640145][ T2443] new_sync_write (fs/read_write.c:505 (discriminator 1)) >>> [ 103.644642][ T2443] ? new_sync_read (fs/read_write.c:494) >>> [ 103.649225][ T2443] ? ksys_write (fs/read_write.c:644) >>> [ 103.653463][ T2443] ? rcu_read_unlock (include/linux/rcupdate.h:723 (discriminator 5)) >>> [ 103.658057][ T2443] ? lock_is_held_type (kernel/locking/lockdep.c:5382 kernel/locking/lockdep.c:5684) >>> [ 103.662909][ T2443] vfs_write (fs/read_write.c:591) >>> [ 103.666984][ T2443] ksys_write (fs/read_write.c:644) >>> [ 103.671057][ T2443] ? __ia32_sys_read (fs/read_write.c:634) >>> [ 103.675645][ T2443] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4501) >>> [ 103.682051][ T2443] ? syscall_enter_from_user_mode (arch/x86/include/asm/irqflags.h:45 arch/x86/include/asm/irqflags.h:80 kernel/entry/common.c:109) >>> [ 103.687756][ T2443] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) >>> [ 103.692010][ T2443] ? pick_file (fs/file.c:660) >>> [ 103.696165][ T2443] ? do_raw_spin_unlock (arch/x86/include/asm/atomic.h:29 include/linux/atomic/atomic-instrumented.h:28 include/asm-generic/qspinlock.h:28 kernel/locking/spinlock_debug.c:100 kernel/locking/spinlock_debug.c:140) >>> [ 103.701094][ T2443] ? syscall_exit_to_user_mode (kernel/entry/common.c:129 kernel/entry/common.c:296) >>> [ 103.706539][ T2443] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4501) >>> [ 103.712929][ T2443] ? do_syscall_64 (arch/x86/entry/common.c:87) >>> [ 103.717343][ T2443] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4501) >>> [ 103.723747][ T2443] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115) >>> [ 103.729451][ T2443] RIP: 0033:0x7f1020308f33 >>> [ 103.733709][ T2443] Code: 8b 15 61 ef 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 >>> All code >>> ======== >>> 0: 8b 15 61 ef 0c 00 mov 0xcef61(%rip),%edx # 0xcef67 >>> 6: f7 d8 neg %eax >>> 8: 64 89 02 mov %eax,%fs:(%rdx) >>> b: 48 c7 c0 ff ff ff ff mov $0xffffffffffffffff,%rax >>> 12: eb b7 jmp 0xffffffffffffffcb >>> 14: 0f 1f 00 nopl (%rax) >>> 17: 64 8b 04 25 18 00 00 mov %fs:0x18,%eax >>> 1e: 00 >>> 1f: 85 c0 test %eax,%eax >>> 21: 75 14 jne 0x37 >>> 23: b8 01 00 00 00 mov $0x1,%eax >>> 28: 0f 05 syscall >>> 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction >>> 30: 77 55 ja 0x87 >>> 32: c3 retq >>> 33: 0f 1f 40 00 nopl 0x0(%rax) >>> 37: 48 83 ec 28 sub $0x28,%rsp >>> 3b: 48 89 54 24 18 mov %rdx,0x18(%rsp) >>> >>> Code starting with the faulting instruction >>> =========================================== >>> 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax >>> 6: 77 55 ja 0x5d >>> 8: c3 retq >>> 9: 0f 1f 40 00 nopl 0x0(%rax) >>> d: 48 83 ec 28 sub $0x28,%rsp >>> 11: 48 89 54 24 18 mov %rdx,0x18(%rsp) >>> [ 103.753040][ T2443] RSP: 002b:00007fffe4075988 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 >>> [ 103.761244][ T2443] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1020308f33 >>> [ 103.769013][ T2443] RDX: 0000000000000003 RSI: 00005582df845b80 RDI: 0000000000000001 >>> [ 103.776791][ T2443] RBP: 00005582df845b80 R08: 00000000ffffffff R09: 0000000000000003 >>> [ 103.784561][ T2443] R10: 00005582df833c80 R11: 0000000000000246 R12: 0000000000000003 >>> [ 103.792328][ T2443] R13: 00007f10203d96a0 R14: 0000000000000003 R15: 00007f10203d98a0 >>> [ 103.800100][ T2443] </TASK> >>> [ 103.802957][ T2443] >>> [ 103.805125][ T2443] Allocated by task 2443: >>> [ 103.809276][ T2443] kasan_save_stack (mm/kasan/common.c:39) >>> [ 103.813781][ T2443] __kasan_kmalloc (mm/kasan/common.c:45 mm/kasan/common.c:436 mm/kasan/common.c:515 mm/kasan/common.c:524) >>> [ 103.818190][ T2443] firmware_upload_register (drivers/base/firmware_loader/sysfs_upload.c:160) >>> [ 103.824150][ T2443] upload_register_store (lib/test_firmware.c:1279) >>> [ 103.829250][ T2443] kernfs_fop_write_iter (fs/kernfs/file.c:294) >>> [ 103.834350][ T2443] new_sync_write (fs/read_write.c:505 (discriminator 1)) >>> [ 103.838846][ T2443] vfs_write (fs/read_write.c:591) >>> [ 103.842910][ T2443] ksys_write (fs/read_write.c:644) >>> [ 103.846975][ T2443] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) >>> [ 103.851217][ T2443] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115) >>> [ 103.856932][ T2443] >>> [ 103.859100][ T2443] Freed by task 2443: >>> [ 103.862907][ T2443] kasan_save_stack (mm/kasan/common.c:39) >>> [ 103.867415][ T2443] kasan_set_track (mm/kasan/common.c:45) >>> [ 103.871822][ T2443] kasan_set_free_info (mm/kasan/generic.c:372) >>> [ 103.876579][ T2443] __kasan_slab_free (mm/kasan/common.c:368 mm/kasan/common.c:328 mm/kasan/common.c:374) >>> [ 103.881331][ T2443] slab_free_freelist_hook (mm/slub.c:1754) >>> [ 103.886517][ T2443] kfree (mm/slub.c:3510 mm/slub.c:4552) >>> [ 103.890156][ T2443] fw_dev_release (drivers/base/firmware_loader/sysfs.c:102) >>> [ 103.894483][ T2443] device_release (drivers/base/core.c:2235) >>> [ 103.898902][ T2443] kobject_cleanup (lib/kobject.c:677) >>> [ 103.903492][ T2443] firmware_upload_unregister (drivers/base/firmware_loader/sysfs_upload.c:395) >>> [ 103.909034][ T2443] upload_unregister_store (lib/test_firmware.c:1060 lib/test_firmware.c:1321) >>> [ 103.914311][ T2443] kernfs_fop_write_iter (fs/kernfs/file.c:294) >>> [ 103.919429][ T2443] new_sync_write (fs/read_write.c:505 (discriminator 1)) >>> [ 103.923927][ T2443] vfs_write (fs/read_write.c:591) >>> [ 103.927990][ T2443] ksys_write (fs/read_write.c:644) >>> [ 103.932054][ T2443] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) >>> [ 103.936290][ T2443] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115) >>> [ 103.941992][ T2443] >>> [ 103.944159][ T2443] Last potentially related work creation: >>> [ 103.949704][ T2443] kasan_save_stack (mm/kasan/common.c:39) >>> [ 103.954216][ T2443] __kasan_record_aux_stack (mm/kasan/generic.c:348) >>> [ 103.959400][ T2443] insert_work (include/linux/instrumented.h:71 include/asm-generic/bitops/instrumented-non-atomic.h:134 kernel/workqueue.c:635 kernel/workqueue.c:642 kernel/workqueue.c:1361) >>> [ 103.963552][ T2443] __queue_work (kernel/workqueue.c:1520) >>> [ 103.967888][ T2443] queue_work_on (kernel/workqueue.c:1546) >>> [ 103.972141][ T2443] fw_upload_start (drivers/base/firmware_loader/sysfs_upload.c:263) >>> [ 103.976723][ T2443] firmware_loading_store (drivers/base/firmware_loader/sysfs.c:213) >>> [ 103.981910][ T2443] kernfs_fop_write_iter (fs/kernfs/file.c:294) >>> [ 103.987022][ T2443] new_sync_write (fs/read_write.c:505 (discriminator 1)) >>> [ 103.991537][ T2443] vfs_write (fs/read_write.c:591) >>> [ 103.995604][ T2443] ksys_write (fs/read_write.c:644) >>> [ 103.999673][ T2443] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) >>> [ 104.003930][ T2443] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115) >>> [ 104.009631][ T2443] >>> [ 104.011800][ T2443] Second to last potentially related work creation: >>> [ 104.018219][ T2443] kasan_save_stack (mm/kasan/common.c:39) >>> [ 104.022727][ T2443] __kasan_record_aux_stack (mm/kasan/generic.c:348) >>> [ 104.027938][ T2443] insert_work (include/linux/instrumented.h:71 include/asm-generic/bitops/instrumented-non-atomic.h:134 kernel/workqueue.c:635 kernel/workqueue.c:642 kernel/workqueue.c:1361) >>> [ 104.032101][ T2443] __queue_work (kernel/workqueue.c:1520) >>> [ 104.036423][ T2443] queue_work_on (kernel/workqueue.c:1546) >>> [ 104.040658][ T2443] fw_upload_start (drivers/base/firmware_loader/sysfs_upload.c:263) >>> [ 104.045240][ T2443] firmware_loading_store (drivers/base/firmware_loader/sysfs.c:213) >>> [ 104.050423][ T2443] kernfs_fop_write_iter (fs/kernfs/file.c:294) >>> [ 104.055522][ T2443] new_sync_write (fs/read_write.c:505 (discriminator 1)) >>> [ 104.060016][ T2443] vfs_write (fs/read_write.c:591) >>> [ 104.064081][ T2443] ksys_write (fs/read_write.c:644) >>> [ 104.068144][ T2443] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) >>> [ 104.072381][ T2443] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:115) >>> [ 104.078083][ T2443] >>> [ 104.080249][ T2443] The buggy address belongs to the object at ffff8881e186c800 >>> [ 104.080249][ T2443] which belongs to the cache kmalloc-512 of size 512 >>> [ 104.094049][ T2443] The buggy address is located 8 bytes inside of >>> [ 104.094049][ T2443] 512-byte region [ffff8881e186c800, ffff8881e186ca00) >>> [ 104.106914][ T2443] >>> [ 104.109084][ T2443] The buggy address belongs to the physical page: >>> [ 104.115315][ T2443] page:0000000037a5888d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e1868 >>> [ 104.125336][ T2443] head:0000000037a5888d order:3 compound_mapcount:0 compound_pincount:0 >>> [ 104.133454][ T2443] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff) >>> [ 104.141498][ T2443] raw: 0017ffffc0010200 ffffea0005491e00 dead000000000002 ffff888100042c80 >>> [ 104.149885][ T2443] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000 >>> [ 104.158274][ T2443] page dumped because: kasan: bad access detected >>> [ 104.164492][ T2443] >>> >>> >>> To reproduce: >>> >>> git clone https://github.com/intel/lkp-tests.git >>> cd lkp-tests >>> sudo bin/lkp install job.yaml # job file is attached in this email >> I have tried these steps on Fedora35 and on CentOS Stream. In both >> cases I have missing packages that I have not yet resolved: >> >> Error: Unable to find a match: arping lib32gcc-dev libc6-dev-i386 libc6-i386 libc6-x32 libhugetlbfs-dev libmnl-dev libmount-dev libpci3 libreadline-dev libx32asan5 libx32atomic1 libx32gcc1 libx32gcc-dev libx32gomp1 libx32itm1 libx32quadmath0 libx32ubsan1 linux-libc-dev-amd64-cross netcat-openbsd openvswitch-common openvswitch-switch sendip libpci-dev >> >> Simply running the fw_upload selftests in a loop is not sufficient to >> trigger the error. Can you provide additional instructions for >> running the lkp tests manually? Do I need a specific OS? How can I >> access the missing packages? > > We can reproduce this error on bare metal by simply running fw_upload.sh. > > ~/linux/tools/testing/selftests/firmware# ./fw_upload.sh > ./fw_upload.sh: firmware upload cancellation works > ./fw_upload.sh: firmware upload error handling works > ./fw_upload.sh: oversized firmware error handling works > ./fw_upload.sh: firmware upload for fw1 works > ./fw_upload.sh: firmware upload for fw2 works > ./fw_upload.sh: firmware upload for fw3 works > > Message from syslogd@debian-x8664 at Sep 1 05:06:54 ... > kernel:[ 1090.872590][ T1293] Kernel panic - not syncing: Fatal exception > > dmesg read from serial: > > [ 1089.654274][ T1293] ================================================================== > [ 1089.662192][ T1293] BUG: KASAN: use-after-free in firmware_upload_unregister+0x16e/0x1c0 > [ 1089.670282][ T1293] Read of size 8 at addr ffff88873a872008 by task fw_upload.sh/1293 > [ 1089.678107][ T1293] > [ 1089.680291][ T1293] CPU: 4 PID: 1293 Comm: fw_upload.sh Not tainted 5.18.0-rc2-00036-ga37ddddd8603 #1 > [ 1089.689527][ T1293] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.2.8 01/26/2016 > [ 1089.697612][ T1293] Call Trace: > [ 1089.700751][ T1293] <TASK> > [ 1089.703557][ T1293] ? firmware_upload_unregister+0x16e/0x1c0 > [ 1089.709313][ T1293] dump_stack_lvl+0x45/0x59 > [ 1089.713669][ T1293] print_address_description.constprop.0+0x1f/0x200 > [ 1089.720107][ T1293] ? firmware_upload_unregister+0x16e/0x1c0 > [ 1089.725851][ T1293] print_report.cold+0x55/0x22c > [ 1089.730556][ T1293] ? do_raw_spin_lock+0x12e/0x280 > [ 1089.735432][ T1293] kasan_report+0xbe/0x1c0 > > > Could you please help check if the .config file used to compile the kernel > matches the one we attached in the original report? Here we attach it again > for your reference. > > > About the issue of missing packages during setting up lkp test environment, > we wish to support various OS and distributions, but sometimes our package > dependencies are not updated in time, sorry for the inconvenience. We use > debian OS in our test environment, and it can install the required packages > successfully. We will fix the package issue on other OS soon. For this case, > we still recommend to run fw_upload.sh to trigger the error, because it's > much easier than setting up lkp tests environment. > > -- > Thanks, > Yujie > >> >> Thanks, >> - Russ >>> bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run >>> sudo bin/lkp run generated-yaml-file >>> >>> # if come across any failure that blocks the test, >>> # please remove ~/.lkp and /lkp dir to run from a clean state. >>> >>> >>> >>

2 years, 8 months

1
0
0 0

[RFC PATCH v2 00/17] TDX KVM selftests

by Sagi Shahar

Hello, This is v2 of the patch series for TDX selftests. It is based on v5.19-rc8 and Intel's V8 of the TDX host patches which was proposed in https://lkml.org/lkml/2022/8/8/877 The tree can be found at https://github.com/googleprodkernel/linux-cc/tree/selftests Major changes vrom v1: - rebased to v5.19 - added helpers for success and failure reporting - added additional test cases --- TDX stands for Trust Domain Extensions which isolates VMs from the virtual-machine manager (VMM)/hypervisor and any other software on the platform. Intel has recently submitted a set of RFC patches for KVM support for TDX and more information can be found on the latest TDX Support Patches: https://lkml.org/lkml/2022/8/8/877 Due to the nature of the confidential computing environment that TDX provides, it is very difficult to verify/test the KVM support. TDX requires UEFI and the guest kernel to be enlightened which are all under development. We are working on a set of selftests to close this gap and be able to verify the KVM functionality to support TDX lifecycle and GHCI [1] interface. We are looking for any feedback on: - Patch series itself - Any suggestion on how we should approach testing TDX functionality. Does selftests seems reasonable or should we switch to using KVM unit tests. I would be happy to get some perspective on how KVM unit tests can help us more. - Any test case or scenario that we should add. - Anything else I have not thought of yet. Current patch series provide the following capabilities: - Provide helper functions to create a TD (Trusted Domain) using the KVM ioctls - Provide helper functions to create a guest image that can include any testing code - Provide helper functions and wrapper functions to write testing code using GHCI interface - Add a test case that verifies TDX life cycle - Add a test case that verifies TDX GHCI port IO TODOs: - Use existing function to create page tables dynamically (ie __virt_pg_map()) - Remove arbitrary defined magic numbers for data structure offsets - Add TDVMCALL for error reporting - Add additional test cases as some listed below - Add #VE handlers to help testing more complicated test cases --- Erdem Aktas (4): KVM: selftests: Add support for creating non-default type VMs KVM: selftest: Add helper functions to create TDX VMs KVM: selftest: Adding TDX life cycle test. KVM: selftest: Adding test case for TDX port IO Roger Wang (1): KVM: selftest: TDX: Add TDG.VP.INFO test Ryan Afranji (2): KVM: selftest: TDX: Verify the behavior when host consumes a TD private memory KVM: selftest: TDX: Add shared memory test Sagi Shahar (10): KVM: selftest: TDX: Add report_fatal_error test KVM: selftest: TDX: Add basic TDX CPUID test KVM: selftest: TDX: Add basic get_td_vmcall_info test KVM: selftest: TDX: Add TDX IO writes test KVM: selftest: TDX: Add TDX IO reads test KVM: selftest: TDX: Add TDX MSR read/write tests KVM: selftest: TDX: Add TDX HLT exit test KVM: selftest: TDX: Add TDX MMIO reads test KVM: selftest: TDX: Add TDX MMIO writes test KVM: selftest: TDX: Add TDX CPUID TDVMCALL test tools/testing/selftests/kvm/Makefile | 2 + .../selftests/kvm/include/kvm_util_base.h | 12 +- .../selftests/kvm/include/x86_64/processor.h | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 6 +- .../selftests/kvm/lib/x86_64/processor.c | 27 + tools/testing/selftests/kvm/lib/x86_64/tdx.h | 495 +++++ .../selftests/kvm/lib/x86_64/tdx_lib.c | 373 ++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 1666 +++++++++++++++++ 8 files changed, 2577 insertions(+), 5 deletions(-) create mode 100644 tools/testing/selftests/kvm/lib/x86_64/tdx.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/tdx_lib.c create mode 100644 tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c -- 2.37.2.789.g6183377224-goog

2 years, 8 months

3
22
0 0

[PATCH] selftest: vm: remove orphaned references to local_config.{h,mk}

by Axel Rasmussen

Note: this commit is intended to apply to mm-unstable, the commit being fixed only exists in that branch for now. Commit b4efb234e53cc60ccdc855190be9f35918687412 ("Kselftests: remove support of libhugetlbfs from kselftests") removed the rule describing how to build local_config.{h,mk}, but it left two references to these files lingering around. The result is, none of the selftests could be built due to dependencies with no rule for how to build them. Signed-off-by: Axel Rasmussen <axelrasmussen(a)google.com> --- tools/testing/selftests/vm/Makefile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tools/testing/selftests/vm/Makefile b/tools/testing/selftests/vm/Makefile index b52f2cc51482..4ae879f70f4c 100644 --- a/tools/testing/selftests/vm/Makefile +++ b/tools/testing/selftests/vm/Makefile @@ -1,9 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 # Makefile for vm selftests -LOCAL_HDRS += $(selfdir)/vm/local_config.h $(top_srcdir)/mm/gup_test.h - -include local_config.mk +LOCAL_HDRS += $(top_srcdir)/mm/gup_test.h uname_M := $(shell uname -m 2>/dev/null || echo not) MACHINE ?= $(shell echo $(uname_M) | sed -e 's/aarch64.*/arm64/' -e 's/ppc64.*/ppc64/') -- 2.37.2.789.g6183377224-goog

2 years, 8 months

3
2
0 0

[PATCH v15 00/12] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 3 allows dynamic pointers to be used as kfunc parameters. Patch 4 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 5 makes available for new eBPF kfuncs and programs some key-related definitions. Patch 6 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 7 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 8 changes the testing kernel configuration to compile everything as built-in. Finally, patches 9-12 introduce the tests. Changelog v14: - Explain that is_dynptr_type_expected() will be useful also for BTF (suggested by Joanne) - Rename KEY_LOOKUP_FLAGS_ALL to KEY_LOOKUP_ALL (suggested by Jarkko) - Swap declaration of spi and dynptr_type in is_dynptr_type_expected() (suggested by Joanne) - Reimplement kfunc dynptr tests with a regular eBPF program instead of executing them with test_verifier (suggested by Joanne) - Make key lookup flags as enum so that they are automatically exported through BTF (suggested by Alexei) v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (11): bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 6 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 2 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../bpf/prog_tests/kfunc_dynptr_param.c | 102 +++++ .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../bpf/progs/test_kfunc_dynptr_param.c | 57 +++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 24 files changed, 1374 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 8 months

1
14
0 0

[PATCH] selftests: pidfd: Fix compling warnings

by Li Zhijian

Fix warnings and enable Wall Signed-off-by: Li Zhijian <lizhijian(a)fujitsu.com> --- tools/testing/selftests/pidfd/Makefile | 2 +- tools/testing/selftests/pidfd/pidfd_test.c | 2 ++ tools/testing/selftests/pidfd/pidfd_wait.c | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/pidfd/Makefile b/tools/testing/selftests/pidfd/Makefile index f4a2f28f926b..778b6cdc8aed 100644 --- a/tools/testing/selftests/pidfd/Makefile +++ b/tools/testing/selftests/pidfd/Makefile @@ -1,5 +1,5 @@ # SPDX-License-Identifier: GPL-2.0-only -CFLAGS += -g -I../../../../usr/include/ -pthread +CFLAGS += -g -I../../../../usr/include/ -pthread -Wall TEST_GEN_PROGS := pidfd_test pidfd_fdinfo_test pidfd_open_test \ pidfd_poll_test pidfd_wait pidfd_getfd_test pidfd_setns_test diff --git a/tools/testing/selftests/pidfd/pidfd_test.c b/tools/testing/selftests/pidfd/pidfd_test.c index 9a2d64901d59..d36654265b7a 100644 --- a/tools/testing/selftests/pidfd/pidfd_test.c +++ b/tools/testing/selftests/pidfd/pidfd_test.c @@ -435,6 +435,8 @@ static int child_poll_exec_test(void *args) */ while (1) sleep(1); + + return 0; } static void test_pidfd_poll_exec(int use_waitpid) diff --git a/tools/testing/selftests/pidfd/pidfd_wait.c b/tools/testing/selftests/pidfd/pidfd_wait.c index c3e2a3041f55..2dee6223112c 100644 --- a/tools/testing/selftests/pidfd/pidfd_wait.c +++ b/tools/testing/selftests/pidfd/pidfd_wait.c @@ -148,7 +148,7 @@ static int sys_waitid(int which, pid_t pid, siginfo_t *info, int options, TEST(wait_nonblock) { - int pidfd, status = 0; + int pidfd = 0; unsigned int flags = 0; pid_t parent_tid = -1; struct clone_args args = { -- 1.8.3.1

2 years, 8 months

1
0
0 0

[PATCH v2] net-next: Fix IP_UNICAST_IF option behavior for connected sockets

by Richard Gobert

The IP_UNICAST_IF socket option is used to set the outgoing interface for outbound packets. The IP_UNICAST_IF socket option was added as it was needed by the Wine project, since no other existing option (SO_BINDTODEVICE socket option, IP_PKTINFO socket option or the bind function) provided the needed characteristics needed by the IP_UNICAST_IF socket option. [1] The IP_UNICAST_IF socket option works well for unconnected sockets, that is, the interface specified by the IP_UNICAST_IF socket option is taken into consideration in the route lookup process when a packet is being sent. However, for connected sockets, the outbound interface is chosen when connecting the socket, and in the route lookup process which is done when a packet is being sent, the interface specified by the IP_UNICAST_IF socket option is being ignored. This inconsistent behavior was reported and discussed in an issue opened on systemd's GitHub project [2]. Also, a bug report was submitted in the kernel's bugzilla [3]. To understand the problem in more detail, we can look at what happens for UDP packets over IPv4 (The same analysis was done separately in the referenced systemd issue). When a UDP packet is sent the udp_sendmsg function gets called and the following happens: 1. The oif member of the struct ipcm_cookie ipc (which stores the output interface of the packet) is initialized by the ipcm_init_sk function to inet->sk.sk_bound_dev_if (the device set by the SO_BINDTODEVICE socket option). 2. If the IP_PKTINFO socket option was set, the oif member gets overridden by the call to the ip_cmsg_send function. 3. If no output interface was selected yet, the interface specified by the IP_UNICAST_IF socket option is used. 4. If the socket is connected and no destination address is specified in the send function, the struct ipcm_cookie ipc is not taken into consideration and the cached route, that was calculated in the connect function is being used. Thus, for a connected socket, the IP_UNICAST_IF sockopt isn't taken into consideration. This patch corrects the behavior of the IP_UNICAST_IF socket option for connect()ed sockets by taking into consideration the IP_UNICAST_IF sockopt when connecting the socket. In order to avoid reconnecting the socket, this option is still ignored when applied on an already connected socket until connect() is called again by the Richard Gobert. Change the __ip4_datagram_connect function, which is called during socket connection, to take into consideration the interface set by the IP_UNICAST_IF socket option, in a similar way to what is done in the udp_sendmsg function. [1] https://lore.kernel.org/netdev/1328685717.4736.4.camel@edumazet-laptop/T/ [2] https://github.com/systemd/systemd/issues/11935#issuecomment-618691018 [3] https://bugzilla.kernel.org/show_bug.cgi?id=210255 Signed-off-by: Richard Gobert <richardbgobert(a)gmail.com> --- v1 -> v2: Added self-tests and targeted to net-next. net/ipv4/datagram.c | 2 ++ tools/testing/selftests/net/fcnal-test.sh | 30 +++++++++++++++++++++++ tools/testing/selftests/net/nettest.c | 16 ++++++++++-- 3 files changed, 46 insertions(+), 2 deletions(-) diff --git a/net/ipv4/datagram.c b/net/ipv4/datagram.c index ffd57523331f..405a8c2aea64 100644 --- a/net/ipv4/datagram.c +++ b/net/ipv4/datagram.c @@ -42,6 +42,8 @@ int __ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len oif = inet->mc_index; if (!saddr) saddr = inet->mc_addr; + } else if (!oif) { + oif = inet->uc_index; } fl4 = &inet->cork.fl.u.ip4; rt = ip_route_connect(fl4, usin->sin_addr.s_addr, saddr, oif, diff --git a/tools/testing/selftests/net/fcnal-test.sh b/tools/testing/selftests/net/fcnal-test.sh index 03b586760164..31c3b6ebd388 100755 --- a/tools/testing/selftests/net/fcnal-test.sh +++ b/tools/testing/selftests/net/fcnal-test.sh @@ -1466,6 +1466,13 @@ ipv4_udp_novrf() run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP} log_test_addr ${a} $? 0 "Client, device bind via IP_UNICAST_IF" + log_start + run_cmd_nsb nettest -D -s & + sleep 1 + run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP} -U + log_test_addr ${a} $? 0 "Client, device bind via IP_UNICAST_IF, with connect()" + + log_start show_hint "Should fail 'Connection refused'" run_cmd nettest -D -r ${a} @@ -1525,6 +1532,13 @@ ipv4_udp_novrf() run_cmd nettest -D -d ${NSA_DEV} -S -r ${a} log_test_addr ${a} $? 0 "Global server, device client via IP_UNICAST_IF, local connection" + log_start + run_cmd nettest -s -D & + sleep 1 + run_cmd nettest -D -d ${NSA_DEV} -S -r ${a} -U + log_test_addr ${a} $? 0 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" + + # IPv4 with device bind has really weird behavior - it overrides the # fib lookup, generates an rtable and tries to send the packet. This # causes failures for local traffic at different places @@ -1550,6 +1564,15 @@ ipv4_udp_novrf() sleep 1 run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection" + + log_start + show_hint "Should fail since addresses on loopback are out of device scope" + run_cmd nettest -D -s & + sleep 1 + run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -U + log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" + + done a=${NSA_IP} @@ -3157,6 +3180,13 @@ ipv6_udp_novrf() sleep 1 run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection" + + log_start + show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope" + run_cmd nettest -6 -D -s & + sleep 1 + run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S -U + log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection, with connect()" done a=${NSA_IP6} diff --git a/tools/testing/selftests/net/nettest.c b/tools/testing/selftests/net/nettest.c index d9a6fd2cd9d3..7900fa98eccb 100644 --- a/tools/testing/selftests/net/nettest.c +++ b/tools/testing/selftests/net/nettest.c @@ -127,6 +127,9 @@ struct sock_args { /* ESP in UDP encap test */ int use_xfrm; + + /* use send() and connect() instead of sendto */ + int datagram_connect; }; static int server_mode; @@ -979,6 +982,11 @@ static int send_msg(int sd, void *addr, socklen_t alen, struct sock_args *args) log_err_errno("write failed sending msg to peer"); return 1; } + } else if (args->datagram_connect) { + if (send(sd, msg, msglen, 0) < 0) { + log_err_errno("send failed sending msg to peer"); + return 1; + } } else if (args->ifindex && args->use_cmsg) { if (send_msg_cmsg(sd, addr, alen, args->ifindex, args->version)) return 1; @@ -1659,7 +1667,7 @@ static int connectsock(void *addr, socklen_t alen, struct sock_args *args) if (args->has_local_ip && bind_socket(sd, args)) goto err; - if (args->type != SOCK_STREAM) + if (args->type != SOCK_STREAM && !args->datagram_connect) goto out; if (args->password && tcp_md5sig(sd, addr, alen, args)) @@ -1854,7 +1862,7 @@ static int ipc_parent(int cpid, int fd, struct sock_args *args) return client_status; } -#define GETOPT_STR "sr:l:c:p:t:g:P:DRn:M:X:m:d:I:BN:O:SCi6xL:0:1:2:3:Fbqf" +#define GETOPT_STR "sr:l:c:p:t:g:P:DRn:M:X:m:d:I:BN:O:SUCi6xL:0:1:2:3:Fbqf" #define OPT_FORCE_BIND_KEY_IFINDEX 1001 #define OPT_NO_BIND_KEY_IFINDEX 1002 @@ -1891,6 +1899,7 @@ static void print_usage(char *prog) " -I dev bind socket to given device name - server mode\n" " -S use setsockopt (IP_UNICAST_IF or IP_MULTICAST_IF)\n" " to set device binding\n" + " -U Use connect() and send() for datagram sockets\n" " -f bind socket with the IP[V6]_FREEBIND option\n" " -C use cmsg and IP_PKTINFO to specify device binding\n" "\n" @@ -2074,6 +2083,9 @@ int main(int argc, char *argv[]) case 'x': args.use_xfrm = 1; break; + case 'U': + args.datagram_connect = 1; + break; default: print_usage(argv[0]); return 1; -- 2.36.1

2 years, 8 months

3
2
0 0

[PATCH net 0/3] Unsync addresses from ports when stopping aggregated devices

by Benjamin Poirier

This series fixes similar problems in the bonding and team drivers. Because of missing dev_{uc,mc}_unsync() calls, addresses added to underlying devices may be leftover after the aggregated device is deleted. Add the missing calls and a few related tests. Benjamin Poirier (3): net: bonding: Unsync device addresses on ndo_stop net: team: Unsync device addresses on ndo_stop net: Add tests for bonding and team address list management MAINTAINERS | 1 + drivers/net/bonding/bond_main.c | 31 ++++--- drivers/net/team/team.c | 8 ++ tools/testing/selftests/Makefile | 1 + .../selftests/drivers/net/bonding/Makefile | 3 +- .../selftests/drivers/net/bonding/config | 1 + .../drivers/net/bonding/dev_addr_lists.sh | 89 +++++++++++++++++++ .../selftests/drivers/net/bonding/lag_lib.sh | 63 +++++++++++++ .../selftests/drivers/net/team/Makefile | 6 ++ .../testing/selftests/drivers/net/team/config | 3 + .../drivers/net/team/dev_addr_lists.sh | 51 +++++++++++ 11 files changed, 246 insertions(+), 11 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/dev_addr_lists.sh create mode 100644 tools/testing/selftests/drivers/net/bonding/lag_lib.sh create mode 100644 tools/testing/selftests/drivers/net/team/Makefile create mode 100644 tools/testing/selftests/drivers/net/team/config create mode 100755 tools/testing/selftests/drivers/net/team/dev_addr_lists.sh -- 2.36.1

2 years, 8 months

2
6
0 0

[PATCH -next 0/5] Optimize and bugfix for cpu-on-off-test.sh

by Zhao Gongyi

1. Correct log info 2. Replace exit with return to make the test exit gracefully 3. Delete fault injection related code 4. Reserve one cpu online when the test offline all cpus 5. Add log info when run full test successfully Zhao Gongyi (5): selftests/cpu-hotplug: Correct log info selftests/cpu-hotplug: Replace exit with return selftests/cpu-hotplug: Delete fault injection related code selftests/cpu-hotplug: Reserve one cpu online at least selftests/cpu-hotplug: Add log info when test success tools/testing/selftests/cpu-hotplug/Makefile | 2 +- tools/testing/selftests/cpu-hotplug/config | 1 - .../selftests/cpu-hotplug/cpu-on-off-test.sh | 150 ++++-------------- 3 files changed, 29 insertions(+), 124 deletions(-) delete mode 100644 tools/testing/selftests/cpu-hotplug/config -- 2.17.1

2 years, 8 months

2
7
0 0

[PATCH v2 5/6] selftests/sgx: retry the ioctls returned with EAGAIN

by Jarkko Sakkinen

From: Haitao Huang <haitao.huang(a)linux.intel.com> For EMODT and EREMOVE ioctls with a large range, kernel may not finish in one shot and return EAGAIN error code and count of bytes of EPC pages on that operations are finished successfully. Change the unclobbered_vdso_oversubscribed_remove test to rerun the ioctls in a loop, updating offset and length using the byte count returned in each iteration. Signed-off-by: Haitao Huang <haitao.huang(a)linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v2: * Changed branching in EAGAIN condition so that else branch is not required. * Addressed Reinette's feedback: https://lore.kernel.org/linux-sgx/5d19be91-3aef-5cbe-6063-3ff3dbd5572b@inte… --- tools/testing/selftests/sgx/main.c | 42 ++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index c5aa9f323745..f42941da3bbe 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -395,6 +395,7 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) struct encl_segment *heap; unsigned long total_mem; int ret, errno_save; + unsigned long count; unsigned long addr; unsigned long i; @@ -458,16 +459,30 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) modt_ioc.offset = heap->offset; modt_ioc.length = heap->size; modt_ioc.page_type = SGX_PAGE_TYPE_TRIM; - + count = 0; TH_LOG("Changing type of %zd bytes to trimmed may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + EXPECT_EQ(modt_ioc.result, 0); + + count += modt_ioc.count; + modt_ioc.offset += modt_ioc.count; + modt_ioc.length -= modt_ioc.count; + modt_ioc.result = 0; + modt_ioc.count = 0; + } while (modt_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); EXPECT_EQ(modt_ioc.result, 0); - EXPECT_EQ(modt_ioc.count, heap->size); + count += modt_ioc.count; + EXPECT_EQ(count, heap->size); /* EACCEPT all removed pages. */ addr = self->encl.encl_base + heap->offset; @@ -495,15 +510,26 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) remove_ioc.offset = heap->offset; remove_ioc.length = heap->size; - + count = 0; TH_LOG("Removing %zd bytes from enclave may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + count += remove_ioc.count; + remove_ioc.offset += remove_ioc.count; + remove_ioc.length -= remove_ioc.count; + remove_ioc.count = 0; + } while (remove_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); - EXPECT_EQ(remove_ioc.count, heap->size); + count += remove_ioc.count; + EXPECT_EQ(count, heap->size); } TEST_F(enclave, clobbered_vdso) -- 2.37.2

2 years, 8 months

2
1
0 0

[PATCH v2 1/6] selftests/sgx: Ignore OpenSSL 3.0 deprecated functions warning

by Jarkko Sakkinen

From: Kristen Carlson Accardi <kristen(a)linux.intel.com> OpenSSL 3.0 deprecates some of the functions used in the SGX selftests, causing build errors on new distros. For now ignore the warnings until support for the functions is no longer available and mark FIXME so that it can be clear this should be removed at some point. Signed-off-by: Kristen Carlson Accardi <kristen(a)linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v2: - Kept because does not exist in tip/x86/sgx, which is the maintainer branch for SGX, and is required for selftests. --- tools/testing/selftests/sgx/sigstruct.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index 50c5ab1aa6fa..a07896a46364 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -17,6 +17,12 @@ #include "defines.h" #include "main.h" +/* + * FIXME: OpenSSL 3.0 has deprecated some functions. For now just ignore + * the warnings. + */ +#pragma GCC diagnostic ignored "-Wdeprecated-declarations" + struct q1q2_ctx { BN_CTX *bn_ctx; BIGNUM *m; -- 2.37.2

2 years, 8 months

1
0
0 0

[PATCH linux-next] powerpc/selftests:Use timersub() for gettimeofday()

by cgel.zte＠gmail.com

From: ye xingchen <ye.xingchen(a)zte.com.cn> Use timersub() function to simplify the code. Reported-by: Zeal Robot <zealci(a)zte.com.cn> Signed-off-by: ye xingchen <ye.xingchen(a)zte.com.cn> --- tools/testing/selftests/powerpc/benchmarks/gettimeofday.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/powerpc/benchmarks/gettimeofday.c b/tools/testing/selftests/powerpc/benchmarks/gettimeofday.c index 6b415683357b..580fcac0a09f 100644 --- a/tools/testing/selftests/powerpc/benchmarks/gettimeofday.c +++ b/tools/testing/selftests/powerpc/benchmarks/gettimeofday.c @@ -12,7 +12,7 @@ static int test_gettimeofday(void) { int i; - struct timeval tv_start, tv_end; + struct timeval tv_start, tv_end, tv_diff; gettimeofday(&tv_start, NULL); @@ -20,7 +20,9 @@ static int test_gettimeofday(void) gettimeofday(&tv_end, NULL); } - printf("time = %.6f\n", tv_end.tv_sec - tv_start.tv_sec + (tv_end.tv_usec - tv_start.tv_usec) * 1e-6); + timersub(&tv_start, &tv_end, &tv_diff); + + printf("time = %.6f\n", tv_diff.tv_sec + (tv_diff.tv_usec) * 1e-6); return 0; } -- 2.25.1

2 years, 8 months

2
1
0 0

[PATCH] selftests/sgx: Fix OpenSSL deprecated warning for ERR_get_error_line

by Dhanuka Warusadura

These changes fix the "error: ‘ERR_get_error_line’ is deprecated: Since OpenSSL 3.0" warning. Signed-off-by: Dhanuka Warusadura <wdnuka(a)gmail.com> --- tools/testing/selftests/sgx/sigstruct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index 50c5ab1aa6fa..671d9b58e274 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -136,7 +136,7 @@ static bool check_crypto_errors(void) break; had_errors = true; - err = ERR_get_error_line(&filename, &line); + err = ERR_peek_last_error_line(&filename, &line); ERR_error_string_n(err, str, sizeof(str)); fprintf(stderr, "crypto: %s: %s:%d\n", str, filename, line); } -- 2.37.2

2 years, 8 months

3
6
0 0

Copie de : Bild: Investieren Sie einmal 250 $ und erhalten Sie ab 1000 $ pro Tag

by Galerie Raymond Dreyfus

Ceci est une copie du message que vous avez envoyé à Galerie Raymond Dreyfus via Galerie Raymond Dreyfus Ceci est un message expédié via http://www.raymond-dreyfus.com/ par : JosephZem <linux-kselftest(a)vger.kernel.org> TOP 3 Handelsroboter, die Menschen zu Millionaren machen http://bitcoin-obituaries.beersec.com/dayli-news-8902

2 years, 8 months

1
0
0 0

Copie de : Bild: Investieren Sie einmal 250 $ und erhalten Sie ab 1000 $ pro Tag

by Galerie Raymond Dreyfus

Ceci est une copie du message que vous avez envoyé à Galerie Raymond Dreyfus via Galerie Raymond Dreyfus Ceci est un message expédié via http://www.raymond-dreyfus.com/ par : JosephZem <linux-kselftest(a)vger.kernel.org> TOP 3 Handelsroboter, die Menschen zu Millionaren machen http://bitcoin-obituaries.beersec.com/dayli-news-8902

2 years, 8 months

1
0
0 0

Copie de : Bild: Investieren Sie einmal 250 $ und erhalten Sie ab 1000 $ pro Tag

by Galerie Raymond Dreyfus

Ceci est une copie du message que vous avez envoyé à Galerie Raymond Dreyfus via Galerie Raymond Dreyfus Ceci est un message expédié via http://www.raymond-dreyfus.com/ par : JosephZem <linux-kselftest(a)vger.kernel.org> TOP 3 Handelsroboter, die Menschen zu Millionaren machen http://bitcoin-obituaries.beersec.com/dayli-news-8902

2 years, 8 months

1
0
0 0

Copie de : Bild: Investieren Sie einmal 250 $ und erhalten Sie ab 1000 $ pro Tag

by Galerie Raymond Dreyfus

Ceci est une copie du message que vous avez envoyé à Galerie Raymond Dreyfus via Galerie Raymond Dreyfus Ceci est un message expédié via http://www.raymond-dreyfus.com/ par : JosephZem <linux-kselftest(a)vger.kernel.org> TOP 3 Handelsroboter, die Menschen zu Millionaren machen http://bitcoin-obituaries.beersec.com/dayli-news-8902

2 years, 8 months

1
0
0 0

Copie de : Bild: Investieren Sie einmal 250 $ und erhalten Sie ab 1000 $ pro Tag

by Galerie Raymond Dreyfus

Ceci est une copie du message que vous avez envoyé à Galerie Raymond Dreyfus via Galerie Raymond Dreyfus Ceci est un message expédié via http://www.raymond-dreyfus.com/ par : JosephZem <linux-kselftest(a)vger.kernel.org> TOP 3 Handelsroboter, die Menschen zu Millionaren machen http://bitcoin-obituaries.beersec.com/dayli-news-8902

2 years, 8 months

1
0
0 0

[PATCH 3/6] selftests/sgx: Ignore OpenSSL 3.0 deprecated functions warning

by Jarkko Sakkinen

From: Kristen Carlson Accardi <kristen(a)linux.intel.com> OpenSSL 3.0 deprecates some of the functions used in the SGX selftests, causing build errors on new distros. For now ignore the warnings until support for the functions is no longer available and mark FIXME so that it can be clear this should be removed at some point. Signed-off-by: Kristen Carlson Accardi <kristen(a)linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/sigstruct.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index 50c5ab1aa6fa..a07896a46364 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -17,6 +17,12 @@ #include "defines.h" #include "main.h" +/* + * FIXME: OpenSSL 3.0 has deprecated some functions. For now just ignore + * the warnings. + */ +#pragma GCC diagnostic ignored "-Wdeprecated-declarations" + struct q1q2_ctx { BN_CTX *bn_ctx; BIGNUM *m; -- 2.37.2

2 years, 8 months

2
2
0 0

[RFC V2 PATCH 0/8] selftests: KVM: SEV: selftests for fd-based private memory

by Vishal Annapurve

This series implements selftests executing SEV VMs to target the feature floated by Chao via: https://lore.kernel.org/linux-mm/20220706082016.2603916-12-chao.p.peng@linu… Below changes aim to test the fd based approach for guest private memory in context of SEV VMs executing on AMD SEV compatible platforms. sev_private_mem_test.c file adds selftest to access private memory from the guest via private/shared accesses and checking if the contents can be leaked to/accessed by vmm via shared memory view before/after conversions. To allow SEV/SEV-ES VMs to toggle the encryption bit during memory conversion, support is added for mapping guest pagetables to guest va ranges and passing the mapping information to guests via shared pages. This series has dependency on following patch series: 1) V7 series patches from Chao mentioned above. 2) https://lore.kernel.org/lkml/20220810152033.946942-1-pgonda@google.com/T/#u - Series posted by Peter containing patches from Michael and Sean 3) https://lore.kernel.org/lkml/Ywa9T+jKUpaHLu%2Fl@google.com/T/ - Series posted for similar selftests executing non-confidential VMs. Github link for the patches posted as part of this series: https://github.com/vishals4gh/linux/commits/sev_upm_selftests_rfcv2 Vishal Annapurve (8): selftests: kvm: x86_64: Add support for pagetable tracking kvm: Add HVA range operator arch: x86: sev: Populate private memory fd during LAUNCH_UPDATE_DATA selftests: kvm: sev: Support memslots with private memory selftests: kvm: Update usage of private mem lib for SEV VMs selftests: kvm: Support executing SEV VMs with private memory selftests: kvm: Refactor testing logic for private memory selftests: kvm: Add private memory test for SEV VMs arch/x86/kvm/svm/sev.c | 99 ++++++- include/linux/kvm_host.h | 8 + tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 2 + .../selftests/kvm/include/kvm_util_base.h | 105 +++++++ .../kvm/include/x86_64/private_mem.h | 10 +- .../include/x86_64/private_mem_test_helper.h | 13 + .../selftests/kvm/include/x86_64/sev.h | 2 + tools/testing/selftests/kvm/lib/kvm_util.c | 78 ++++- .../selftests/kvm/lib/x86_64/private_mem.c | 189 ++++++++++-- .../kvm/lib/x86_64/private_mem_test_helper.c | 273 ++++++++++++++++++ .../selftests/kvm/lib/x86_64/processor.c | 32 ++ tools/testing/selftests/kvm/lib/x86_64/sev.c | 15 +- .../selftests/kvm/x86_64/private_mem_test.c | 246 +--------------- .../kvm/x86_64/sev_private_mem_test.c | 21 ++ virt/kvm/kvm_main.c | 87 +++++- 16 files changed, 880 insertions(+), 301 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/x86_64/private_mem_test_helper.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/private_mem_test_helper.c create mode 100644 tools/testing/selftests/kvm/x86_64/sev_private_mem_test.c -- 2.37.2.672.g94769d06f0-goog

2 years, 8 months

1
8
0 0

[PATCH v3 0/2] begin KTAP spec v2 process

by frowand.list＠gmail.com

From: Frank Rowand <frank.rowand(a)sony.com> The process to create version 2 of the KTAP Specification is documented in email discussions. I am attempting to capture this information at https://elinux.org/Test_Results_Format_Notes#KTAP_version_2 I am already not following the suggested process, which says: "...please try to follow this principal of one major topic per email thread." I think that is ok in this case because the two patches are related and (hopefully) not controversial. Changes since patch version 2: - correct version 1 change text - version 1 patch 2/2 had not yet been applied when I created version 2, refresh version 2 patch 2/2 for new context Changes since patch version 1: - drop patch 2/2. Jonathan Corbet has already applied this patch into version 1 of the Specification - add new patch 2/2 Frank Rowand (2): ktap_v2: change version to 2-rc in KTAP specification ktap_v2: change "version 1" to "version 2" in examples Documentation/dev-tools/ktap.rst | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) -- Frank Rowand <frank.rowand(a)sony.com>

2 years, 8 months

4
7
0 0

[PATCH bpf-next v7 00/24] Introduce eBPF support for HID devices

by Benjamin Tissoires

Hi, here comes the v7 of the HID-BPF series. Again, for a full explanation of HID-BPF, please refer to the last patch in this series (24/24). This version sees some minor improvements compared to v6, only focusing on the reviews I got. I also wanted to mention that I have started working on the userspace side to "see" how the BPF programs would look when automatically loaded. See the udev-hid-bpf project[0] for the code. The idea is to define the HID-BPF userspace programs so we can reuse the same semantic in the kernel. I am quite happy with the results: this looks pretty similar to a kernel module in term of design. The .bpf.c file is a standalone compilation unit, and instead of having a table of ids, the filename is used (based on the modalias). This allows to have a "probe" like function that we can run to decide if the program needs to be attached or not. All in all, the end result is that we can write the bpf program, compile it locally, and send the result to the user. The user needs to drop the .bpf.o in a local folder, and udev-hid-bpf will pick it up the next time the device is plugged in. No other operations is required. Next step will be to drop the same source file in the kernel source tree, and have some magic to automatically load the compiled program when the device is loaded. Cheers, Benjamin [0] https://gitlab.freedesktop.org/bentiss/udev-hid-bpf (warning: probably not the best rust code ever) Benjamin Tissoires (24): selftests/bpf: fix config for CLS_BPF bpf/verifier: allow kfunc to read user provided context bpf/verifier: do not clear meta in check_mem_size selftests/bpf: add test for accessing ctx from syscall program type bpf/verifier: allow kfunc to return an allocated mem selftests/bpf: Add tests for kfunc returning a memory pointer bpf: prepare for more bpf syscall to be used from kernel and user space. libbpf: add map_get_fd_by_id and map_delete_elem in light skeleton HID: core: store the unique system identifier in hid_device HID: export hid_report_type to uapi HID: convert defines of HID class requests into a proper enum HID: Kconfig: split HID support and hid-core compilation HID: initial BPF implementation selftests/bpf: add tests for the HID-bpf initial implementation HID: bpf: allocate data memory for device_event BPF programs selftests/bpf/hid: add test to change the report size HID: bpf: introduce hid_hw_request() selftests/bpf: add tests for bpf_hid_hw_request HID: bpf: allow to change the report descriptor selftests/bpf: add report descriptor fixup tests selftests/bpf: Add a test for BPF_F_INSERT_HEAD samples/bpf: add new hid_mouse example HID: bpf: add Surface Dial example Documentation: add HID-BPF docs Documentation/hid/hid-bpf.rst | 512 +++++++++ Documentation/hid/index.rst | 1 + drivers/Makefile | 2 +- drivers/hid/Kconfig | 20 +- drivers/hid/Makefile | 2 + drivers/hid/bpf/Kconfig | 18 + drivers/hid/bpf/Makefile | 11 + drivers/hid/bpf/entrypoints/Makefile | 93 ++ drivers/hid/bpf/entrypoints/README | 4 + drivers/hid/bpf/entrypoints/entrypoints.bpf.c | 66 ++ .../hid/bpf/entrypoints/entrypoints.lskel.h | 682 ++++++++++++ drivers/hid/bpf/hid_bpf_dispatch.c | 553 ++++++++++ drivers/hid/bpf/hid_bpf_dispatch.h | 28 + drivers/hid/bpf/hid_bpf_jmp_table.c | 577 ++++++++++ drivers/hid/hid-core.c | 49 +- include/linux/bpf.h | 9 +- include/linux/btf.h | 10 + include/linux/hid.h | 38 +- include/linux/hid_bpf.h | 148 +++ include/uapi/linux/hid.h | 26 +- include/uapi/linux/hid_bpf.h | 25 + kernel/bpf/btf.c | 91 +- kernel/bpf/syscall.c | 10 +- kernel/bpf/verifier.c | 65 +- net/bpf/test_run.c | 23 + samples/bpf/.gitignore | 2 + samples/bpf/Makefile | 27 + samples/bpf/hid_mouse.bpf.c | 134 +++ samples/bpf/hid_mouse.c | 147 +++ samples/bpf/hid_surface_dial.bpf.c | 161 +++ samples/bpf/hid_surface_dial.c | 212 ++++ tools/include/uapi/linux/hid.h | 62 ++ tools/include/uapi/linux/hid_bpf.h | 25 + tools/lib/bpf/skel_internal.h | 23 + tools/testing/selftests/bpf/Makefile | 5 +- tools/testing/selftests/bpf/config | 5 +- tools/testing/selftests/bpf/prog_tests/hid.c | 990 ++++++++++++++++++ .../selftests/bpf/prog_tests/kfunc_call.c | 76 ++ tools/testing/selftests/bpf/progs/hid.c | 206 ++++ .../selftests/bpf/progs/kfunc_call_test.c | 125 +++ 40 files changed, 5184 insertions(+), 79 deletions(-) create mode 100644 Documentation/hid/hid-bpf.rst create mode 100644 drivers/hid/bpf/Kconfig create mode 100644 drivers/hid/bpf/Makefile create mode 100644 drivers/hid/bpf/entrypoints/Makefile create mode 100644 drivers/hid/bpf/entrypoints/README create mode 100644 drivers/hid/bpf/entrypoints/entrypoints.bpf.c create mode 100644 drivers/hid/bpf/entrypoints/entrypoints.lskel.h create mode 100644 drivers/hid/bpf/hid_bpf_dispatch.c create mode 100644 drivers/hid/bpf/hid_bpf_dispatch.h create mode 100644 drivers/hid/bpf/hid_bpf_jmp_table.c create mode 100644 include/linux/hid_bpf.h create mode 100644 include/uapi/linux/hid_bpf.h create mode 100644 samples/bpf/hid_mouse.bpf.c create mode 100644 samples/bpf/hid_mouse.c create mode 100644 samples/bpf/hid_surface_dial.bpf.c create mode 100644 samples/bpf/hid_surface_dial.c create mode 100644 tools/include/uapi/linux/hid.h create mode 100644 tools/include/uapi/linux/hid_bpf.h create mode 100644 tools/testing/selftests/bpf/prog_tests/hid.c create mode 100644 tools/testing/selftests/bpf/progs/hid.c -- 2.36.1

2 years, 8 months

6
44
0 0

kselftest/next kselftest-lkdtm: 3 runs, 1 regressions (linux-kselftest-next-6.0-rc2-5-g997fdfc6b9c0)

by kernelci.org bot

kselftest/next kselftest-lkdtm: 3 runs, 1 regressions (linux-kselftest-next-6.0-rc2-5-g997fdfc6b9c0) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/job/kselftest/branch/next/kernel/linux-kselftest-… Test: kselftest-lkdtm Tree: kselftest Branch: next Describe: linux-kselftest-next-6.0-rc2-5-g997fdfc6b9c0 URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git SHA: 997fdfc6b9c041be39ecb9a156cdeeea1a9a4379 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/630d58c57d995ddce035565d Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-5… HTML log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-5… Rootfs: http://storage.kernelci.org/images/rootfs/debian/bullseye-kselftest/2022082… * kselftest-lkdtm.login: https://kernelci.org/test/case/id/630d58c57d995ddce035565e failing since 7 days (last pass: v6.0-rc1-1-gf1227dc7d0411, first fail: linux-kselftest-next-6.0-rc2-1-gab7039dbcc61)

2 years, 8 months

1
0
0 0

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-5-g997fdfc6b9c0)

by kernelci.org bot

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-5-g997fdfc6b9c0) Full Build Summary: https://kernelci.org/build/kselftest/branch/next/kernel/linux-kselftest-nex… Tree: kselftest Branch: next Git Describe: linux-kselftest-next-6.0-rc2-5-g997fdfc6b9c0 Git Commit: 997fdfc6b9c041be39ecb9a156cdeeea1a9a4379 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git Built: 4 unique architectures ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- defconfig+kselftest (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig+kselftest (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+kselftest (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

2 years, 8 months

1
0
0 0

[PATCH v2] kunit: fix assert_type for comparison macros

by Sander Vanheule

When replacing KUNIT_BINARY_*_MSG_ASSERTION() macros with KUNIT_BINARY_INT_ASSERTION(), the assert_type parameter was not always correctly transferred. Specifically, the following errors were introduced: - KUNIT_EXPECT_LE_MSG() uses KUNIT_ASSERTION - KUNIT_ASSERT_LT_MSG() uses KUNIT_EXPECTATION - KUNIT_ASSERT_GT_MSG() uses KUNIT_EXPECTATION A failing KUNIT_EXPECT_LE_MSG() test thus prevents further tests from running, while failing KUNIT_ASSERT_{LT,GT}_MSG() tests do not prevent further tests from running. This is contrary to the documentation, which states that failing KUNIT_EXPECT_* macros allow further tests to run, while failing KUNIT_ASSERT_* macros should prevent this. Revert the KUNIT_{ASSERTION,EXPECTATION} switches to fix the behaviour for the affected macros. Fixes: 40f39777ce4f ("kunit: decrease macro layering for integer asserts") Signed-off-by: Sander Vanheule <sander(a)svanheule.net> --- include/kunit/test.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/kunit/test.h b/include/kunit/test.h index c958855681cc..840a2c375065 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -826,7 +826,7 @@ do { \ #define KUNIT_EXPECT_LE_MSG(test, left, right, fmt, ...) \ KUNIT_BINARY_INT_ASSERTION(test, \ - KUNIT_ASSERTION, \ + KUNIT_EXPECTATION, \ left, <=, right, \ fmt, \ ##__VA_ARGS__) @@ -1116,7 +1116,7 @@ do { \ #define KUNIT_ASSERT_LT_MSG(test, left, right, fmt, ...) \ KUNIT_BINARY_INT_ASSERTION(test, \ - KUNIT_EXPECTATION, \ + KUNIT_ASSERTION, \ left, <, right, \ fmt, \ ##__VA_ARGS__) @@ -1157,7 +1157,7 @@ do { \ #define KUNIT_ASSERT_GT_MSG(test, left, right, fmt, ...) \ KUNIT_BINARY_INT_ASSERTION(test, \ - KUNIT_EXPECTATION, \ + KUNIT_ASSERTION, \ left, >, right, \ fmt, \ ##__VA_ARGS__) -- 2.37.2

2 years, 8 months

3
2
0 0

[PATCH v2] selftests/bpf: Fix bind{4,6} tcp/socket header type conflict

by James Hilliard

There is a potential for us to hit a type conflict when including netinet/tcp.h with sys/socket.h, we can remove these as they are not actually needed. Fixes errors like: In file included from /usr/include/netinet/tcp.h:91, from progs/bind4_prog.c:10: /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:34:23: error: conflicting types for 'int8_t'; have 'char' 34 | typedef __INT8_TYPE__ int8_t; | ^~~~~~ In file included from /usr/include/x86_64-linux-gnu/sys/types.h:155, from /usr/include/x86_64-linux-gnu/bits/socket.h:29, from /usr/include/x86_64-linux-gnu/sys/socket.h:33, from progs/bind4_prog.c:9: /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:24:18: note: previous declaration of 'int8_t' with type 'int8_t' {aka 'signed char'} 24 | typedef __int8_t int8_t; | ^~~~~~ /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:43:24: error: conflicting types for 'int64_t'; have 'long int' 43 | typedef __INT64_TYPE__ int64_t; | ^~~~~~~ /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:27:19: note: previous declaration of 'int64_t' with type 'int64_t' {aka 'long long int'} 27 | typedef __int64_t int64_t; | ^~~~~~~ make: *** [Makefile:537: /home/buildroot/bpf-next/tools/testing/selftests/bpf/bpf_gcc/bind4_prog.o] Error 1 Signed-off-by: James Hilliard <james.hilliard1(a)gmail.com> --- Changes v1 -> v2: - just remove netinet/tcp.h and sys/socket.h --- tools/testing/selftests/bpf/progs/bind4_prog.c | 2 -- tools/testing/selftests/bpf/progs/bind6_prog.c | 2 -- 2 files changed, 4 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/bind4_prog.c b/tools/testing/selftests/bpf/progs/bind4_prog.c index 474c6a62078a..a487f60b73ac 100644 --- a/tools/testing/selftests/bpf/progs/bind4_prog.c +++ b/tools/testing/selftests/bpf/progs/bind4_prog.c @@ -6,8 +6,6 @@ #include <linux/bpf.h> #include <linux/in.h> #include <linux/in6.h> -#include <sys/socket.h> -#include <netinet/tcp.h> #include <linux/if.h> #include <errno.h> diff --git a/tools/testing/selftests/bpf/progs/bind6_prog.c b/tools/testing/selftests/bpf/progs/bind6_prog.c index c19cfa869f30..d62cd9e9cf0e 100644 --- a/tools/testing/selftests/bpf/progs/bind6_prog.c +++ b/tools/testing/selftests/bpf/progs/bind6_prog.c @@ -6,8 +6,6 @@ #include <linux/bpf.h> #include <linux/in.h> #include <linux/in6.h> -#include <sys/socket.h> -#include <netinet/tcp.h> #include <linux/if.h> #include <errno.h> -- 2.34.1

2 years, 8 months

3
5
0 0

[PATCH v11 1/3] x86/tdx: Add TDX Guest attestation interface driver

by Kuppuswamy Sathyanarayanan

Attestation is used to verify the TDX guest trustworthiness to other entities before provisioning secrets to the guest. For example, a key server may request for attestation before releasing the encryption keys to mount the encrypted rootfs or secondary drive. During the TDX guest launch, the initial contents (including the firmware image) and configuration of the guest are recorded by the Intel TDX module in build time measurement register (MRTD). After TDX guest is created, run-time measurement registers (RTMRs) can be used by the guest software to extend the measurements. TDX supports 4 RTMR registers, and TDG.MR.RTMR.EXTEND TDCALL is used to update the RTMR registers securely. RTMRs are mainly used to record measurements related to sections like the kernel image, command line parameters, initrd, ACPI tables, firmware data, configuration firmware volume (CFV) of TDVF, etc. For complete details, please refer to TDX Virtual Firmware design specification, sec titled "TD Measurement". At TDX guest runtime, the Intel TDX module reuses the Intel SGX attestation infrastructure to provide support for attesting to these measurements as described below. The attestation process consists of two steps: TDREPORT generation and Quote generation. TDREPORT (TDREPORT_STRUCT) is a fixed-size data structure generated by the TDX module which contains guest-specific information (such as build and boot measurements), platform security version, and the MAC to protect the integrity of the TDREPORT. The guest kernel uses TDCALL[TDG.MR.REPORT] to get the TDREPORT from the TDX module. A user-provided 64-Byte REPORTDATA is used as input and included in the TDREPORT. Typically it can be some nonce provided by attestation service so the TDREPORT can be verified uniquely. More details about the TDREPORT can be found in Intel TDX Module specification, section titled "TDG.MR.REPORT Leaf". TDREPORT by design can only be verified on the local platform as the MAC key is bound to the platform. To support remote verification of the TDREPORT, TDX leverages Intel SGX Quote Enclave (QE) to verify the TDREPORT locally and convert it to a remote verifiable Quote. After getting the TDREPORT, the second step of the attestation process is to send it to the QE to generate the Quote. TDX doesn't support SGX inside the guest, so the QE can be deployed in the host, or in another legacy VM with SGX support. QE checks the integrity of TDREPORT and if it is valid, a certified quote signing key is used to sign the Quote. How to send the TDREPORT to QE and receive the Quote is implementation and deployment specific. Implement a basic guest misc driver to allow userspace to get the TDREPORT. After getting TDREPORT, the userspace attestation software can choose whatever communication channel available (i.e. vsock or hypercall) to send the TDREPORT to QE and receive the Quote. Also note that explicit access permissions are not enforced in this driver because the quote and measurements are not a secret. However the access permissions of the device node can be used to set any desired access policy. The udev default is usually root access only. Operations like getting TDREPORT or Quote generation involves sending a blob of data as input and getting another blob of data as output. It was considered to use a sysfs interface for this, but it doesn't fit well into the standard sysfs model for configuring values. It would be possible to do read/write on files, but it would need multiple file descriptors, which would be somewhat messy. IOCTLs seems to be the best fitting and simplest model for this use case. This is similar to AMD SEV platform, which also uses IOCTL interface to support attestation. Any distribution enabling TDX is also expected to need attestation. So enable it by default with TDX guest support. Reviewed-by: Tony Luck <tony.luck(a)intel.com> Reviewed-by: Andi Kleen <ak(a)linux.intel.com> Acked-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Acked-by: Kai Huang <kai.huang(a)intel.com> Acked-by: Wander Lairson Costa <wander(a)redhat.com> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> --- Changes since v10: * Replaced TD/TD Guest usage with TDX Guest or Guest. * Removed unnecessary comments. * Added more validation to user input in tdx_get_report(). * Used u64_to_user_ptr when reading user u64 pointers. * Fixed commit log as per review comments. Changes since v9: * Dropped the cover letter. Since this patch set only adds TDREPORT support, the commit log itself has all the required details. * Dropped the Quote support and event IRQ support as per Dave's review suggestion. * Dropped attest.c and moved its contents to tdx.c * Updated commit log and comments to reflect latest changes. Changes since v8: * Please refer to https://lore.kernel.org/all/ \ 20220728034420.648314-1-sathyanarayanan.kuppuswamy(a)linux.intel.com/ arch/x86/coco/tdx/tdx.c | 114 ++++++++++++++++++++++++++++++++ arch/x86/include/uapi/asm/tdx.h | 51 ++++++++++++++ 2 files changed, 165 insertions(+) create mode 100644 arch/x86/include/uapi/asm/tdx.h diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 928dcf7a20d9..0888bdf93a4e 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -5,16 +5,21 @@ #define pr_fmt(fmt) "tdx: " fmt #include <linux/cpufeature.h> +#include <linux/miscdevice.h> +#include <linux/mm.h> +#include <linux/io.h> #include <asm/coco.h> #include <asm/tdx.h> #include <asm/vmx.h> #include <asm/insn.h> #include <asm/insn-eval.h> #include <asm/pgtable.h> +#include <uapi/asm/tdx.h> /* TDX module Call Leaf IDs */ #define TDX_GET_INFO 1 #define TDX_GET_VEINFO 3 +#define TDX_GET_REPORT 4 #define TDX_ACCEPT_PAGE 6 /* TDX hypercall Leaf IDs */ @@ -34,6 +39,10 @@ #define VE_GET_PORT_NUM(e) ((e) >> 16) #define VE_IS_IO_STRING(e) ((e) & BIT(4)) +#define DRIVER_NAME "tdx-guest" + +static struct miscdevice tdx_misc_dev; + /* * Wrapper for standard use of __tdx_hypercall with no output aside from * return code. @@ -775,3 +784,108 @@ void __init tdx_early_init(void) pr_info("Guest detected\n"); } + +static long tdx_get_report(void __user *argp) +{ + u8 *reportdata, *tdreport; + struct tdx_report_req req; + long ret; + + if (copy_from_user(&req, argp, sizeof(req))) + return -EFAULT; + + /* + * Per TDX Module 1.0 specification, section titled + * "TDG.MR.REPORT", REPORTDATA length is fixed as + * TDX_REPORTDATA_LEN, TDREPORT length is fixed as + * TDX_REPORT_LEN, and TDREPORT subtype is fixed as + * 0. Also check for valid user pointers. + */ + if (!req.reportdata || !req.tdreport || req.subtype || + req.rpd_len != TDX_REPORTDATA_LEN || + req.tdr_len != TDX_REPORT_LEN) + return -EINVAL; + + reportdata = kmalloc(req.rpd_len, GFP_KERNEL); + if (!reportdata) + return -ENOMEM; + + tdreport = kzalloc(req.tdr_len, GFP_KERNEL); + if (!tdreport) { + kfree(reportdata); + return -ENOMEM; + } + + if (copy_from_user(reportdata, u64_to_user_ptr(req.reportdata), + req.rpd_len)) { + ret = -EFAULT; + goto out; + } + + /* + * Generate TDREPORT using "TDG.MR.REPORT" TDCALL. + * + * Get the TDREPORT using REPORTDATA as input. Refer to + * section 22.3.3 TDG.MR.REPORT leaf in the TDX Module 1.0 + * Specification for detailed information. + */ + ret = __tdx_module_call(TDX_GET_REPORT, virt_to_phys(tdreport), + virt_to_phys(reportdata), req.subtype, + 0, NULL); + if (ret) { + ret = -EIO; + goto out; + } + + if (copy_to_user(u64_to_user_ptr(req.tdreport), tdreport, req.tdr_len)) + ret = -EFAULT; + +out: + kfree(reportdata); + kfree(tdreport); + return ret; +} +static long tdx_guest_ioctl(struct file *file, unsigned int cmd, + unsigned long arg) +{ + void __user *argp = (void __user *)arg; + long ret = -EINVAL; + + switch (cmd) { + case TDX_CMD_GET_REPORT: + ret = tdx_get_report(argp); + break; + default: + pr_debug("cmd %d not supported\n", cmd); + break; + } + + return ret; +} + +static const struct file_operations tdx_guest_fops = { + .owner = THIS_MODULE, + .unlocked_ioctl = tdx_guest_ioctl, + .llseek = no_llseek, +}; + +static int __init tdx_guest_init(void) +{ + int ret; + + if (!cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) + return -EIO; + + tdx_misc_dev.name = DRIVER_NAME; + tdx_misc_dev.minor = MISC_DYNAMIC_MINOR; + tdx_misc_dev.fops = &tdx_guest_fops; + + ret = misc_register(&tdx_misc_dev); + if (ret) { + pr_err("misc device registration failed\n"); + return ret; + } + + return 0; +} +device_initcall(tdx_guest_init) diff --git a/arch/x86/include/uapi/asm/tdx.h b/arch/x86/include/uapi/asm/tdx.h new file mode 100644 index 000000000000..c1667b20fe20 --- /dev/null +++ b/arch/x86/include/uapi/asm/tdx.h @@ -0,0 +1,51 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +#ifndef _UAPI_ASM_X86_TDX_H +#define _UAPI_ASM_X86_TDX_H + +#include <linux/types.h> +#include <linux/ioctl.h> + +/* Length of the REPORTDATA used in TDG.MR.REPORT TDCALL */ +#define TDX_REPORTDATA_LEN 64 + +/* Length of TDREPORT used in TDG.MR.REPORT TDCALL */ +#define TDX_REPORT_LEN 1024 + +/** + * struct tdx_report_req: Get TDREPORT using REPORTDATA as input. + * + * @subtype : Subtype of TDREPORT (fixed as 0 by TDX Module + * specification, but added a parameter to handle + * future extension). + * @reportdata : User-defined REPORTDATA to be included into + * TDREPORT. Typically it can be some nonce + * provided by attestation service, so the + * generated TDREPORT can be uniquely verified. + * @rpd_len : Length of the REPORTDATA (fixed as 64 bytes by + * the TDX Module specification, but parameter is + * added to handle future extension). + * @tdreport : TDREPORT output from TDCALL[TDG.MR.REPORT]. + * @tdr_len : Length of the TDREPORT (fixed as 1024 bytes by + * the TDX Module specification, but a parameter + * is added to accommodate future extension). + * + * Used in TDX_CMD_GET_REPORT IOCTL request. + */ +struct tdx_report_req { + __u8 subtype; + __u64 reportdata; + __u32 rpd_len; + __u64 tdreport; + __u32 tdr_len; +}; + +/* + * TDX_CMD_GET_REPORT - Get TDREPORT using TDCALL[TDG.MR.REPORT] + * + * Return 0 on success, -EIO on TDCALL execution failure, and + * standard errno on other general error cases. + * + */ +#define TDX_CMD_GET_REPORT _IOWR('T', 0x01, __u64) + +#endif /* _UAPI_ASM_X86_TDX_H */ -- 2.25.1

2 years, 8 months

5
14
0 0

[PATCH v2] selftests/bpf: Fix connect4_prog tcp/socket header type conflict

by James Hilliard

There is a potential for us to hit a type conflict when including netinet/tcp.h and sys/socket.h, we can replace both of these includes with linux/tcp.h and bpf_tcp_helpers.h to avoid this conflict. Fixes the following error: In file included from /usr/include/netinet/tcp.h:91, from progs/connect4_prog.c:11: /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:34:23: error: conflicting types for 'int8_t'; have 'char' 34 | typedef __INT8_TYPE__ int8_t; | ^~~~~~ In file included from /usr/include/x86_64-linux-gnu/sys/types.h:155, from /usr/include/x86_64-linux-gnu/bits/socket.h:29, from /usr/include/x86_64-linux-gnu/sys/socket.h:33, from progs/connect4_prog.c:10: /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:24:18: note: previous declaration of 'int8_t' with type 'int8_t' {aka 'signed char'} 24 | typedef __int8_t int8_t; | ^~~~~~ /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:43:24: error: conflicting types for 'int64_t'; have 'long int' 43 | typedef __INT64_TYPE__ int64_t; | ^~~~~~~ /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:27:19: note: previous declaration of 'int64_t' with type 'int64_t' {aka 'long long int'} 27 | typedef __int64_t int64_t; | ^~~~~~~ Signed-off-by: James Hilliard <james.hilliard1(a)gmail.com> --- Changes v1 -> v2: - use bpf_tcp_helpers.h so we can use SOL_TCP --- tools/testing/selftests/bpf/progs/connect4_prog.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/connect4_prog.c b/tools/testing/selftests/bpf/progs/connect4_prog.c index b241932911db..23d85f5027d3 100644 --- a/tools/testing/selftests/bpf/progs/connect4_prog.c +++ b/tools/testing/selftests/bpf/progs/connect4_prog.c @@ -7,13 +7,13 @@ #include <linux/bpf.h> #include <linux/in.h> #include <linux/in6.h> -#include <sys/socket.h> -#include <netinet/tcp.h> +#include <linux/tcp.h> #include <linux/if.h> #include <errno.h> #include <bpf/bpf_helpers.h> #include <bpf/bpf_endian.h> +#include "bpf_tcp_helpers.h" #define SRC_REWRITE_IP4 0x7f000004U #define DST_REWRITE_IP4 0x7f000001U -- 2.34.1

2 years, 8 months

2
1
0 0

[PATCH] selftests/bpf: Fix bind{4,6} tcp/socket header type conflict

by James Hilliard

There is a potential for us to hit a type conflict when including netinet/tcp.h with sys/socket.h, we can replace both of these includes with linux/tcp.h to avoid this conflict. Fixes errors like: In file included from /usr/include/netinet/tcp.h:91, from progs/bind4_prog.c:10: /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:34:23: error: conflicting types for 'int8_t'; have 'char' 34 | typedef __INT8_TYPE__ int8_t; | ^~~~~~ In file included from /usr/include/x86_64-linux-gnu/sys/types.h:155, from /usr/include/x86_64-linux-gnu/bits/socket.h:29, from /usr/include/x86_64-linux-gnu/sys/socket.h:33, from progs/bind4_prog.c:9: /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:24:18: note: previous declaration of 'int8_t' with type 'int8_t' {aka 'signed char'} 24 | typedef __int8_t int8_t; | ^~~~~~ /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:43:24: error: conflicting types for 'int64_t'; have 'long int' 43 | typedef __INT64_TYPE__ int64_t; | ^~~~~~~ /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:27:19: note: previous declaration of 'int64_t' with type 'int64_t' {aka 'long long int'} 27 | typedef __int64_t int64_t; | ^~~~~~~ make: *** [Makefile:537: /home/buildroot/bpf-next/tools/testing/selftests/bpf/bpf_gcc/bind4_prog.o] Error 1 Signed-off-by: James Hilliard <james.hilliard1(a)gmail.com> --- tools/testing/selftests/bpf/progs/bind4_prog.c | 3 +-- tools/testing/selftests/bpf/progs/bind6_prog.c | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/bind4_prog.c b/tools/testing/selftests/bpf/progs/bind4_prog.c index 474c6a62078a..6bd20042fd53 100644 --- a/tools/testing/selftests/bpf/progs/bind4_prog.c +++ b/tools/testing/selftests/bpf/progs/bind4_prog.c @@ -6,8 +6,7 @@ #include <linux/bpf.h> #include <linux/in.h> #include <linux/in6.h> -#include <sys/socket.h> -#include <netinet/tcp.h> +#include <linux/tcp.h> #include <linux/if.h> #include <errno.h> diff --git a/tools/testing/selftests/bpf/progs/bind6_prog.c b/tools/testing/selftests/bpf/progs/bind6_prog.c index c19cfa869f30..f37617b35a55 100644 --- a/tools/testing/selftests/bpf/progs/bind6_prog.c +++ b/tools/testing/selftests/bpf/progs/bind6_prog.c @@ -6,8 +6,7 @@ #include <linux/bpf.h> #include <linux/in.h> #include <linux/in6.h> -#include <sys/socket.h> -#include <netinet/tcp.h> +#include <linux/tcp.h> #include <linux/if.h> #include <errno.h> -- 2.34.1

2 years, 8 months

5
15
0 0

[PATCH] selftests/bpf: Fix connect4_prog tcp/socket header type conflict

by James Hilliard

There is a potential for us to hit a type conflict when including netinet/tcp.h and sys/socket.h, we can replace both of these includes with linux/tcp.h to avoid this conflict. We also need to replace SOL_TCP with equivalent IPPROTO_TCP. Fixes the following error: In file included from /usr/include/netinet/tcp.h:91, from progs/connect4_prog.c:11: /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:34:23: error: conflicting types for 'int8_t'; have 'char' 34 | typedef __INT8_TYPE__ int8_t; | ^~~~~~ In file included from /usr/include/x86_64-linux-gnu/sys/types.h:155, from /usr/include/x86_64-linux-gnu/bits/socket.h:29, from /usr/include/x86_64-linux-gnu/sys/socket.h:33, from progs/connect4_prog.c:10: /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:24:18: note: previous declaration of 'int8_t' with type 'int8_t' {aka 'signed char'} 24 | typedef __int8_t int8_t; | ^~~~~~ /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:43:24: error: conflicting types for 'int64_t'; have 'long int' 43 | typedef __INT64_TYPE__ int64_t; | ^~~~~~~ /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:27:19: note: previous declaration of 'int64_t' with type 'int64_t' {aka 'long long int'} 27 | typedef __int64_t int64_t; | ^~~~~~~ Signed-off-by: James Hilliard <james.hilliard1(a)gmail.com> --- .../selftests/bpf/progs/connect4_prog.c | 21 +++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/connect4_prog.c b/tools/testing/selftests/bpf/progs/connect4_prog.c index b241932911db..0f68b8d756b3 100644 --- a/tools/testing/selftests/bpf/progs/connect4_prog.c +++ b/tools/testing/selftests/bpf/progs/connect4_prog.c @@ -7,8 +7,7 @@ #include <linux/bpf.h> #include <linux/in.h> #include <linux/in6.h> -#include <sys/socket.h> -#include <netinet/tcp.h> +#include <linux/tcp.h> #include <linux/if.h> #include <errno.h> @@ -52,7 +51,7 @@ static __inline int verify_cc(struct bpf_sock_addr *ctx, char buf[TCP_CA_NAME_MAX]; int i; - if (bpf_getsockopt(ctx, SOL_TCP, TCP_CONGESTION, &buf, sizeof(buf))) + if (bpf_getsockopt(ctx, IPPROTO_TCP, TCP_CONGESTION, &buf, sizeof(buf))) return 1; for (i = 0; i < TCP_CA_NAME_MAX; i++) { @@ -70,12 +69,12 @@ static __inline int set_cc(struct bpf_sock_addr *ctx) char reno[TCP_CA_NAME_MAX] = "reno"; char cubic[TCP_CA_NAME_MAX] = "cubic"; - if (bpf_setsockopt(ctx, SOL_TCP, TCP_CONGESTION, &reno, sizeof(reno))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_CONGESTION, &reno, sizeof(reno))) return 1; if (verify_cc(ctx, reno)) return 1; - if (bpf_setsockopt(ctx, SOL_TCP, TCP_CONGESTION, &cubic, sizeof(cubic))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_CONGESTION, &cubic, sizeof(cubic))) return 1; if (verify_cc(ctx, cubic)) return 1; @@ -113,15 +112,15 @@ static __inline int set_keepalive(struct bpf_sock_addr *ctx) if (bpf_setsockopt(ctx, SOL_SOCKET, SO_KEEPALIVE, &one, sizeof(one))) return 1; if (ctx->type == SOCK_STREAM) { - if (bpf_setsockopt(ctx, SOL_TCP, TCP_KEEPIDLE, &one, sizeof(one))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_KEEPIDLE, &one, sizeof(one))) return 1; - if (bpf_setsockopt(ctx, SOL_TCP, TCP_KEEPINTVL, &one, sizeof(one))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_KEEPINTVL, &one, sizeof(one))) return 1; - if (bpf_setsockopt(ctx, SOL_TCP, TCP_KEEPCNT, &one, sizeof(one))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_KEEPCNT, &one, sizeof(one))) return 1; - if (bpf_setsockopt(ctx, SOL_TCP, TCP_SYNCNT, &one, sizeof(one))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_SYNCNT, &one, sizeof(one))) return 1; - if (bpf_setsockopt(ctx, SOL_TCP, TCP_USER_TIMEOUT, &one, sizeof(one))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_USER_TIMEOUT, &one, sizeof(one))) return 1; } if (bpf_setsockopt(ctx, SOL_SOCKET, SO_KEEPALIVE, &zero, sizeof(zero))) @@ -135,7 +134,7 @@ static __inline int set_notsent_lowat(struct bpf_sock_addr *ctx) int lowat = 65535; if (ctx->type == SOCK_STREAM) { - if (bpf_setsockopt(ctx, SOL_TCP, TCP_NOTSENT_LOWAT, &lowat, sizeof(lowat))) + if (bpf_setsockopt(ctx, IPPROTO_TCP, TCP_NOTSENT_LOWAT, &lowat, sizeof(lowat))) return 1; } -- 2.34.1

2 years, 8 months

2
2
0 0

[PATCH v12 00/10] bpf: Add kfuncs for PKCS#7 signature verification

by roberto.sassu＠huaweicloud.com

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 allows dynamic pointers to be used as kfunc parameters. Patch 3 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 4 makes available for new eBPF kfuncs some key-related definitions. Patch 5 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 6 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 7 changes the testing kernel configuration to compile everything as built-in. Finally, patches 8-10 introduce the tests. Changelog v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (9): btf: Handle dynamic pointer parameter in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc include/linux/bpf.h | 7 + include/linux/bpf_verifier.h | 3 + include/linux/btf.h | 9 + include/linux/key.h | 11 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 19 + kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 4 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 20 files changed, 1173 insertions(+), 28 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 8 months

6
30
0 0

[PATCH RESEND v2 1/2] mm: drop oom code from exit_mmap

by Suren Baghdasaryan

The primary reason to invoke the oom reaper from the exit_mmap path used to be a prevention of an excessive oom killing if the oom victim exit races with the oom reaper (see [1] for more details). The invocation has moved around since then because of the interaction with the munlock logic but the underlying reason has remained the same (see [2]). Munlock code is no longer a problem since [3] and there shouldn't be any blocking operation before the memory is unmapped by exit_mmap so the oom reaper invocation can be dropped. The unmapping part can be done with the non-exclusive mmap_sem and the exclusive one is only required when page tables are freed. Remove the oom_reaper from exit_mmap which will make the code easier to read. This is really unlikely to make any observable difference although some microbenchmarks could benefit from one less branch that needs to be evaluated even though it almost never is true. [1] 212925802454 ("mm: oom: let oom_reap_task and exit_mmap run concurrently") [2] 27ae357fa82b ("mm, oom: fix concurrent munlock and oom reaper unmap, v3") [3] a213e5cf71cb ("mm/munlock: delete munlock_vma_pages_all(), allow oomreap") Signed-off-by: Suren Baghdasaryan <surenb(a)google.com> Acked-by: Michal Hocko <mhocko(a)suse.com> --- Notes: - Rebased over git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm mm-unstable branch per Andrew's request but applies cleany to Linus' ToT - Conflicts with maple-tree patchset. Resolving these was discussed in https://lore.kernel.org/all/20220519223438.qx35hbpfnnfnpouw@revolver/ include/linux/oom.h | 2 -- mm/mmap.c | 31 ++++++++++++------------------- mm/oom_kill.c | 2 +- 3 files changed, 13 insertions(+), 22 deletions(-) diff --git a/include/linux/oom.h b/include/linux/oom.h index 02d1e7bbd8cd..6cdde62b078b 100644 --- a/include/linux/oom.h +++ b/include/linux/oom.h @@ -106,8 +106,6 @@ static inline vm_fault_t check_stable_address_space(struct mm_struct *mm) return 0; } -bool __oom_reap_task_mm(struct mm_struct *mm); - long oom_badness(struct task_struct *p, unsigned long totalpages); diff --git a/mm/mmap.c b/mm/mmap.c index 2b9305ed0dda..b7918e6bb0db 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -3110,30 +3110,13 @@ void exit_mmap(struct mm_struct *mm) /* mm's last user has gone, and its about to be pulled down */ mmu_notifier_release(mm); - if (unlikely(mm_is_oom_victim(mm))) { - /* - * Manually reap the mm to free as much memory as possible. - * Then, as the oom reaper does, set MMF_OOM_SKIP to disregard - * this mm from further consideration. Taking mm->mmap_lock for - * write after setting MMF_OOM_SKIP will guarantee that the oom - * reaper will not run on this mm again after mmap_lock is - * dropped. - * - * Nothing can be holding mm->mmap_lock here and the above call - * to mmu_notifier_release(mm) ensures mmu notifier callbacks in - * __oom_reap_task_mm() will not block. - */ - (void)__oom_reap_task_mm(mm); - set_bit(MMF_OOM_SKIP, &mm->flags); - } - - mmap_write_lock(mm); + mmap_read_lock(mm); arch_exit_mmap(mm); vma = mm->mmap; if (!vma) { /* Can happen if dup_mmap() received an OOM */ - mmap_write_unlock(mm); + mmap_read_unlock(mm); return; } @@ -3143,6 +3126,16 @@ void exit_mmap(struct mm_struct *mm) /* update_hiwater_rss(mm) here? but nobody should be looking */ /* Use -1 here to ensure all VMAs in the mm are unmapped */ unmap_vmas(&tlb, vma, 0, -1); + mmap_read_unlock(mm); + + /* + * Set MMF_OOM_SKIP to hide this task from the oom killer/reaper + * because the memory has been already freed. Do not bother checking + * mm_is_oom_victim because setting a bit unconditionally is cheaper. + */ + set_bit(MMF_OOM_SKIP, &mm->flags); + + mmap_write_lock(mm); free_pgtables(&tlb, vma, FIRST_USER_ADDRESS, USER_PGTABLES_CEILING); tlb_finish_mmu(&tlb); diff --git a/mm/oom_kill.c b/mm/oom_kill.c index 8a70bca67c94..98dca2b42357 100644 --- a/mm/oom_kill.c +++ b/mm/oom_kill.c @@ -538,7 +538,7 @@ static DECLARE_WAIT_QUEUE_HEAD(oom_reaper_wait); static struct task_struct *oom_reaper_list; static DEFINE_SPINLOCK(oom_reaper_lock); -bool __oom_reap_task_mm(struct mm_struct *mm) +static bool __oom_reap_task_mm(struct mm_struct *mm) { struct vm_area_struct *vma; bool ret = true; -- 2.36.1.255.ge46751e96f-goog

2 years, 8 months

6
19
0 0

Bild: Werden Sie in einem Monat einer der Krypto-Millionare

by JosephroX

Message Body: TOP 3 Handelsroboter, die Menschen zu Millionaren machen http://875-bitcoin-mining-rig.pinkflamemedia.com/dayli-news-6323 -- This e-mail was sent from a contact form on EducationWP (http://thim.staging.wpengine.com/thim-2/)

2 years, 8 months

1
0
0 0

[PATCH] drm/mm: Reduce stack frame usage in __igt_reserve

by Maíra Canal

The struct drm_mm is being allocated on the stack, which is causing the following -Wframe-larger-than warning on ARM: ../drivers/gpu/drm/tests/drm_mm_test.c:344:12: error: stack frame size (1064) exceeds limit (1024) in '__igt_reserve' [-Werror,-Wframe-larger-than] static int __igt_reserve(struct kunit *test, unsigned int count, u64 size) ^ 1 error generated. So, fix this warning by dynamically allocating the struct drm_mm. Fixes: fc8d29e298cf ("drm: selftest: convert drm_mm selftest to KUnit") Reported-by: kernel test robot <lkp(a)intel.com> Signed-off-by: Maíra Canal <mairacanal(a)riseup.net> --- drivers/gpu/drm/tests/drm_mm_test.c | 33 ++++++++++++++++------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/drivers/gpu/drm/tests/drm_mm_test.c b/drivers/gpu/drm/tests/drm_mm_test.c index 1e2c1aa524bd..fbd8dcbc12ee 100644 --- a/drivers/gpu/drm/tests/drm_mm_test.c +++ b/drivers/gpu/drm/tests/drm_mm_test.c @@ -344,7 +344,7 @@ static bool check_reserve_boundaries(struct kunit *test, struct drm_mm *mm, static int __igt_reserve(struct kunit *test, unsigned int count, u64 size) { DRM_RND_STATE(prng, random_seed); - struct drm_mm mm; + struct drm_mm *mm; struct drm_mm_node tmp, *nodes, *node, *next; unsigned int *order, n, m, o = 0; int ret, err; @@ -366,17 +366,20 @@ static int __igt_reserve(struct kunit *test, unsigned int count, u64 size) nodes = vzalloc(array_size(count, sizeof(*nodes))); KUNIT_ASSERT_TRUE(test, nodes); + mm = kunit_kzalloc(test, sizeof(struct drm_mm), GFP_KERNEL); + KUNIT_ASSERT_NOT_NULL(test, mm); + ret = -EINVAL; - drm_mm_init(&mm, 0, count * size); + drm_mm_init(mm, 0, count * size); - if (!check_reserve_boundaries(test, &mm, count, size)) + if (!check_reserve_boundaries(test, mm, count, size)) goto out; for (n = 0; n < count; n++) { nodes[n].start = order[n] * size; nodes[n].size = size; - err = drm_mm_reserve_node(&mm, &nodes[n]); + err = drm_mm_reserve_node(mm, &nodes[n]); if (err) { KUNIT_FAIL(test, "reserve failed, step %d, start %llu\n", n, nodes[n].start); @@ -390,23 +393,23 @@ static int __igt_reserve(struct kunit *test, unsigned int count, u64 size) goto out; } - if (!expect_reserve_fail(test, &mm, &nodes[n])) + if (!expect_reserve_fail(test, mm, &nodes[n])) goto out; } /* After random insertion the nodes should be in order */ - if (!assert_continuous(test, &mm, size)) + if (!assert_continuous(test, mm, size)) goto out; /* Repeated use should then fail */ drm_random_reorder(order, count, &prng); for (n = 0; n < count; n++) { - if (!expect_reserve_fail(test, &mm, set_node(&tmp, order[n] * size, 1))) + if (!expect_reserve_fail(test, mm, set_node(&tmp, order[n] * size, 1))) goto out; /* Remove and reinsert should work */ drm_mm_remove_node(&nodes[order[n]]); - err = drm_mm_reserve_node(&mm, &nodes[order[n]]); + err = drm_mm_reserve_node(mm, &nodes[order[n]]); if (err) { KUNIT_FAIL(test, "reserve failed, step %d, start %llu\n", n, nodes[n].start); @@ -415,16 +418,16 @@ static int __igt_reserve(struct kunit *test, unsigned int count, u64 size) } } - if (!assert_continuous(test, &mm, size)) + if (!assert_continuous(test, mm, size)) goto out; /* Overlapping use should then fail */ for (n = 0; n < count; n++) { - if (!expect_reserve_fail(test, &mm, set_node(&tmp, 0, size * count))) + if (!expect_reserve_fail(test, mm, set_node(&tmp, 0, size * count))) goto out; } for (n = 0; n < count; n++) { - if (!expect_reserve_fail(test, &mm, set_node(&tmp, size * n, size * (count - n)))) + if (!expect_reserve_fail(test, mm, set_node(&tmp, size * n, size * (count - n)))) goto out; } @@ -437,7 +440,7 @@ static int __igt_reserve(struct kunit *test, unsigned int count, u64 size) for (m = 0; m < n; m++) { node = &nodes[order[(o + m) % count]]; - err = drm_mm_reserve_node(&mm, node); + err = drm_mm_reserve_node(mm, node); if (err) { KUNIT_FAIL(test, "reserve failed, step %d/%d, start %llu\n", m, n, node->start); @@ -448,15 +451,15 @@ static int __igt_reserve(struct kunit *test, unsigned int count, u64 size) o += n; - if (!assert_continuous(test, &mm, size)) + if (!assert_continuous(test, mm, size)) goto out; } ret = 0; out: - drm_mm_for_each_node_safe(node, next, &mm) + drm_mm_for_each_node_safe(node, next, mm) drm_mm_remove_node(node); - drm_mm_takedown(&mm); + drm_mm_takedown(mm); vfree(nodes); kfree(order); err: -- 2.37.2

2 years, 8 months

1
0
0 0

[PATCH] kvm/rseq_test.c:Correct gettid func name kselftest

by Akhil Raj

I got the following error message when I ran make kselftest summary=1 TARGETS=kvm rseq_test.c: In function ‘main’: rseq_test.c:230:33: warning: implicit declaration of function ‘gettid’; did you mean ‘getgid’? [-Wimplicit-function-declaration] (void *)(unsigned long)gettid()); ^~~~~~ getgid /tmp/ccNexT4G.o: In function `main': linux_mainline/tools/testing/selftests/kvm/rseq_test.c:230: undefined reference to `gettid' collect2: error: ld returned 1 exit status ../lib.mk:136: recipe for target 'linux_mainline/tools/testing/selftests/kvm/rseq_test' failed As per suggestion I renamed gettid to getgid after rerunning the kselftest command the following selftests messages were returned not ok 7 selftests: kvm: hyperv_clock # exit=254 not ok 11 selftests: kvm: kvm_clock_test # exit=254 not ok 51 selftests: kvm: access_tracking_perf_test # exit=254 not ok 53 selftests: kvm: dirty_log_test # exit=254 not ok 58 selftests: kvm: max_guest_memory_test # TIMEOUT 120 seconds not ok 60 selftests: kvm: memslot_perf_test # exit=142 Signed-off-by: Akhil Raj <lf32.dev(a)gmail.com> --- tools/testing/selftests/kvm/rseq_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/rseq_test.c b/tools/testing/selftests/kvm/rseq_test.c index fac248a43666..aa83a0537f0c 100644 --- a/tools/testing/selftests/kvm/rseq_test.c +++ b/tools/testing/selftests/kvm/rseq_test.c @@ -227,7 +227,7 @@ int main(int argc, char *argv[]) ucall_init(vm, NULL); pthread_create(&migration_thread, NULL, migration_worker, - (void *)(unsigned long)gettid()); + (void *)(unsigned long)getgid()); for (i = 0; !done; i++) { vcpu_run(vcpu); -- 2.17.1

2 years, 8 months

1
0
0 0

[PATCH v13 00/10] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 allows dynamic pointers to be used as kfunc parameters. Patch 3 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 4 makes available for new eBPF kfuncs some key-related definitions. Patch 5 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 6 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 7 changes the testing kernel configuration to compile everything as built-in. Finally, patches 8-10 introduce the tests. Changelog v12: - Blacklist lookup_key and verify_pkcs7_sig tests for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (9): btf: Handle dynamic pointer parameter in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc include/linux/bpf.h | 7 + include/linux/bpf_verifier.h | 3 + include/linux/btf.h | 9 + include/linux/key.h | 11 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 19 + kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 4 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 2 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 21 files changed, 1175 insertions(+), 28 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

2 years, 8 months

4
17
0 0

[PATCH -next 0/5] landlock: add chmod and chown support

by Xiu Jianfeng

hi, this patchset adds chmod and chown support for landlock Xiu Jianfeng (5): landlock: expand access_mask_t to u32 type landlock: add chmod and chown support landlock/selftests: add selftests for chmod and chown landlock/samples: add chmod and chown support landlock: update chmod and chown support in document Documentation/userspace-api/landlock.rst | 8 +- include/uapi/linux/landlock.h | 8 +- samples/landlock/sandboxer.c | 12 +- security/landlock/fs.c | 16 +- security/landlock/limits.h | 2 +- security/landlock/ruleset.h | 2 +- security/landlock/syscalls.c | 2 +- tools/testing/selftests/landlock/base_test.c | 2 +- tools/testing/selftests/landlock/fs_test.c | 234 ++++++++++++++++++- 9 files changed, 274 insertions(+), 12 deletions(-) -- 2.17.1

2 years, 8 months

5
26
0 0

[PATCH] selftests/bpf: declare subprog_noise as static in tailcall_bpf2bpf4

by James Hilliard

Due to bpf_map_lookup_elem being declared static we need to also declare subprog_noise as static. Fixes the following error: progs/tailcall_bpf2bpf4.c:26:9: error: 'bpf_map_lookup_elem' is static but used in inline function 'subprog_noise' which is not static [-Werror] 26 | bpf_map_lookup_elem(&nop_table, &key); | ^~~~~~~~~~~~~~~~~~~ Signed-off-by: James Hilliard <james.hilliard1(a)gmail.com> --- tools/testing/selftests/bpf/progs/tailcall_bpf2bpf4.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/bpf/progs/tailcall_bpf2bpf4.c b/tools/testing/selftests/bpf/progs/tailcall_bpf2bpf4.c index b67e8022d500..a017d6b2f1dd 100644 --- a/tools/testing/selftests/bpf/progs/tailcall_bpf2bpf4.c +++ b/tools/testing/selftests/bpf/progs/tailcall_bpf2bpf4.c @@ -19,7 +19,7 @@ struct { int count = 0; int noise = 0; -__always_inline int subprog_noise(void) +static __always_inline int subprog_noise(void) { __u32 key = 0; -- 2.34.1

2 years, 8 months

3
2
0 0

Re: linux-next: Tree for Aug 25 (kunit: virt/nitro_enclaves; also kexec)

by Randy Dunlap

On 8/24/22 22:44, Stephen Rothwell wrote: > Hi all, > > Changes since 20220824: > on x86_64: ld: vmlinux.o: in function `kunit_kcalloc': include/kunit/test.h:369: undefined reference to `kunit_kmalloc_array' ld: vmlinux.o: in function `ne_misc_dev_test_merge_phys_contig_memory_regions': drivers/virt/nitro_enclaves/ne_misc_dev_test.c:120: undefined reference to `kunit_do_failed_assertion' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:128: undefined reference to `kunit_binary_assert_format' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:128: undefined reference to `kunit_do_failed_assertion' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:129: undefined reference to `kunit_binary_assert_format' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:129: undefined reference to `kunit_do_failed_assertion' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:135: undefined reference to `kunit_binary_assert_format' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:135: undefined reference to `kunit_do_failed_assertion' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:137: undefined reference to `kunit_binary_assert_format' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:137: undefined reference to `kunit_do_failed_assertion' ld: drivers/virt/nitro_enclaves/ne_misc_dev_test.c:141: undefined reference to `kunit_kfree' ld: vmlinux.o: in function `kexec_purgatory_size': (.rodata+0x209ee0): undefined reference to `kunit_unary_assert_format' Full randconfig file is attached. -- ~Randy

2 years, 8 months

2
1
0 0

[PATCH] selftests/bpf: fix type conflict in test_tc_dtime

by James Hilliard

The sys/socket.h header isn't required to build test_tc_dtime and may cause a type conflict. Fixes the following error: In file included from /usr/include/x86_64-linux-gnu/sys/types.h:155, from /usr/include/x86_64-linux-gnu/bits/socket.h:29, from /usr/include/x86_64-linux-gnu/sys/socket.h:33, from progs/test_tc_dtime.c:18: /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:24:18: error: conflicting types for 'int8_t'; have '__int8_t' {aka 'signed char'} 24 | typedef __int8_t int8_t; | ^~~~~~ In file included from progs/test_tc_dtime.c:5: /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:34:23: note: previous declaration of 'int8_t' with type 'int8_t' {aka 'char'} 34 | typedef __INT8_TYPE__ int8_t; | ^~~~~~ /usr/include/x86_64-linux-gnu/bits/stdint-intn.h:27:19: error: conflicting types for 'int64_t'; have '__int64_t' {aka 'long long int'} 27 | typedef __int64_t int64_t; | ^~~~~~~ /home/buildroot/opt/cross/lib/gcc/bpf/13.0.0/include/stdint.h:43:24: note: previous declaration of 'int64_t' with type 'int64_t' {aka 'long int'} 43 | typedef __INT64_TYPE__ int64_t; | ^~~~~~~ make: *** [Makefile:537: /home/buildroot/bpf-next/tools/testing/selftests/bpf/bpf_gcc/test_tc_dtime.o] Error 1 Signed-off-by: James Hilliard <james.hilliard1(a)gmail.com> --- tools/testing/selftests/bpf/progs/test_tc_dtime.c | 1 - 1 file changed, 1 deletion(-) diff --git a/tools/testing/selftests/bpf/progs/test_tc_dtime.c b/tools/testing/selftests/bpf/progs/test_tc_dtime.c index b596479a9ebe..125beec31834 100644 --- a/tools/testing/selftests/bpf/progs/test_tc_dtime.c +++ b/tools/testing/selftests/bpf/progs/test_tc_dtime.c @@ -15,7 +15,6 @@ #include <linux/udp.h> #include <bpf/bpf_helpers.h> #include <bpf/bpf_endian.h> -#include <sys/socket.h> /* veth_src --- veth_src_fwd --- veth_det_fwd --- veth_dst * | | -- 2.34.1

2 years, 8 months

3
2
0 0

[PATCH v2 0/8] Documentation: Kunit: clean kunit-tool.rst and start.rst

by Tales Aparecida

Hi, Continuing the documentation refactoring started by Harinder Singh[1], removes kunit-tool.rst, which had its information rearranged into run_wrapper, and employs further work in the index and the getting-started guide. This series was written on top of another[2] that haven't got applied yet, but the only dependency it has is the "kunit-on-qemu" anchor used in start.rst. Changelog: v1 -> v2: - Update expected output for `kunit.py run` from "Generating .config ..." to "Configuring KUnit Kernel ..." - Update run_wrapper titles as suggested by Sadiya Kazi - Remove confusing recommendation from start.rst intro, highlighted by Tim Bird - Fix grammars nits pointed by Maíra Canal and Sadiya Kazi - Add some reviewed-by Thanks again for your feedbacks, Tales [1] https://lore.kernel.org/r/20211217044911.798817-1-sharinder@google.com/ [2] https://lore.kernel.org/r/20220813042055.136832-1-tales.aparecida@gmail.com/ Tales Aparecida (8): Documentation: KUnit: remove duplicated docs for kunit_tool Documentation: KUnit: avoid repeating "kunit.py run" in start.rst Documentation: KUnit: add note about mrproper in start.rst Documentation: KUnit: Reword start guide for selecting tests Documentation: KUnit: add intro to the getting-started page Documentation: KUnit: update links in the index page lib: overflow: update reference to kunit-tool lib: stackinit: update reference to kunit-tool Documentation/dev-tools/kunit/index.rst | 16 +- Documentation/dev-tools/kunit/kunit-tool.rst | 232 ------------------ Documentation/dev-tools/kunit/run_wrapper.rst | 34 +-- Documentation/dev-tools/kunit/start.rst | 136 ++++++---- lib/overflow_kunit.c | 2 +- lib/stackinit_kunit.c | 2 +- 6 files changed, 117 insertions(+), 305 deletions(-) delete mode 100644 Documentation/dev-tools/kunit/kunit-tool.rst base-commit: 568035b01cfb107af8d2e4bd2fb9aea22cf5b868 prerequisite-patch-id: b794218cd939a6644aaf5fb2a73997c56a624c80 prerequisite-patch-id: ccd24491ae99152ebdc6dcb8ddb9499d3456a4a0 prerequisite-patch-id: cc17b80d42fd5f5049e144da5c04e922036a33eb prerequisite-patch-id: ba7edd270c6f285352e0e17bfe65ff6119192113 -- 2.37.2

2 years, 8 months

4
20
0 0

[PATCH 0/8] Documentation: Kunit: clean kunit-tool.rst and start.rst

by Tales Aparecida

Hi, Continuing the documentation refactoring started by Harinder Singh[1], removes kunit-tool.rst, which had its information rearranged into run_wrapper, and employs further work in the index and the getting-started guide. This series was written on top of another[2] that haven't got applied yet, but the only dependency it has is the "kunit-on-qemu" anchor used in start.rst. The patches working with the start.rst might be squashable, feel free to suggest so, if you concur. Still about this file, I realize the note about "mrproper" was removed in the recent refactoring, but having worked in the last months with people new to kunit, it showed itself as a common occurrence, so I'm suggesting here to restore it. Regarding the last two patches, I wasn't sure about either renaming run_wrapper to kunit-tool to keep old references working or do as I did, updating the references I could find. Thanks in advance for your feedbacks, Tales [1] https://lore.kernel.org/r/20211217044911.798817-1-sharinder@google.com/ [2] https://lore.kernel.org/r/20220813042055.136832-1-tales.aparecida@gmail.com/ Tales Aparecida (8): Documentation: KUnit: remove duplicated docs for kunit_tool Documentation: KUnit: avoid repeating "kunit.py run" in start.rst Documentation: KUnit: restore note about mrproper in start.rst Documentation: KUnit: Reword start guide for selecting tests Documentation: KUnit: add intro to the getting-started page Documentation: KUnit: update links in the index page lib: overflow: update reference to kunit-tool lib: stackinit: update reference to kunit-tool Documentation/dev-tools/kunit/index.rst | 16 +- Documentation/dev-tools/kunit/kunit-tool.rst | 232 ------------------ Documentation/dev-tools/kunit/run_wrapper.rst | 4 +- Documentation/dev-tools/kunit/start.rst | 137 +++++++---- lib/overflow_kunit.c | 2 +- lib/stackinit_kunit.c | 2 +- 6 files changed, 103 insertions(+), 290 deletions(-) delete mode 100644 Documentation/dev-tools/kunit/kunit-tool.rst base-commit: 568035b01cfb107af8d2e4bd2fb9aea22cf5b868 prerequisite-patch-id: b794218cd939a6644aaf5fb2a73997c56a624c80 prerequisite-patch-id: ccd24491ae99152ebdc6dcb8ddb9499d3456a4a0 prerequisite-patch-id: cc17b80d42fd5f5049e144da5c04e922036a33eb prerequisite-patch-id: ba7edd270c6f285352e0e17bfe65ff6119192113 -- 2.37.1

2 years, 8 months

8
22
0 0

[PATCH] Documentation: KUnit: Reword kunit_tool guide

by Sadiya Kazi

Updated the kunit_tool.rst guide to streamline it. The following changes were made: 1. Updated headings 2. Reworded content across sections 3. Added a cross reference to full list of command-line args Signed-off-by: Sadiya Kazi <sadiyakazi(a)google.com> --- Documentation/dev-tools/kunit/kunit-tool.rst | 82 ++++++++++---------- 1 file changed, 42 insertions(+), 40 deletions(-) diff --git a/Documentation/dev-tools/kunit/kunit-tool.rst b/Documentation/dev-tools/kunit/kunit-tool.rst index ae52e0f489f9..33186679f5de 100644 --- a/Documentation/dev-tools/kunit/kunit-tool.rst +++ b/Documentation/dev-tools/kunit/kunit-tool.rst @@ -1,8 +1,10 @@ .. SPDX-License-Identifier: GPL-2.0 -================= -kunit_tool How-To -================= +======================== +Understanding kunit_tool +======================== + +This page introduces the kunit_tool and covers the concepts and working of this tool. What is kunit_tool? =================== @@ -10,39 +12,37 @@ What is kunit_tool? kunit_tool is a script (``tools/testing/kunit/kunit.py``) that aids in building the Linux kernel as UML (`User Mode Linux <http://user-mode-linux.sourceforge.net/>`_), running KUnit tests, parsing -the test results and displaying them in a user friendly manner. +the test results and displaying them in a user-friendly manner. kunit_tool addresses the problem of being able to run tests without needing a virtual machine or actual hardware with User Mode Linux. User Mode Linux is a Linux architecture, like ARM or x86; however, unlike other architectures it -compiles the kernel as a standalone Linux executable that can be run like any +compiles the kernel as a standalone Linux executable. This executable can be run like any other program directly inside of a host operating system. To be clear, it does not require any virtualization support: it is just a regular program. -What is a .kunitconfig? -======================= +What is .kunitconfig? +===================== -It's just a defconfig that kunit_tool looks for in the build directory -(``.kunit`` by default). kunit_tool uses it to generate a .config as you might -expect. In addition, it verifies that the generated .config contains the CONFIG -options in the .kunitconfig; the reason it does this is so that it is easy to -be sure that a CONFIG that enables a test actually ends up in the .config. +.kunitconfig is a default configuration file (defconfig) that kunit_tool looks +for in the build directory (``.kunit``). The kunit_tool uses this file to +generate a .config. Additionally, it also verifies that the generated .config contains the CONFIG options in the .kunitconfig file. This is done to make sure that a CONFIG that enables a test is actually part of the .config file. -It's also possible to pass a separate .kunitconfig fragment to kunit_tool, +It is also possible to pass a separate .kunitconfig fragment to kunit_tool, which is useful if you have several different groups of tests you wish -to run independently, or if you want to use pre-defined test configs for +to run independently, or if you want to use pre-defined test configurations for certain subsystems. -Getting Started with kunit_tool +Getting started with kunit_tool =============================== -If a kunitconfig is present at the root directory, all you have to do is: +If a kunitconfig is present at the root directory, run the following command: .. code-block:: bash ./tools/testing/kunit/kunit.py run -However, you most likely want to use it with the following options: +However, most likely you may want to use it with the following options: .. code-block:: bash @@ -68,20 +68,20 @@ For a list of all the flags supported by kunit_tool, you can run: ./tools/testing/kunit/kunit.py run --help -Configuring, Building, and Running Tests +Configuring, building, and running tests ======================================== -It's also possible to run just parts of the KUnit build process independently, -which is useful if you want to make manual changes to part of the process. +It is also possible to run specific parts of the KUnit build process independently. +This is useful if you want to make manual changes to part of the process. -A .config can be generated from a .kunitconfig by using the ``config`` argument +If you want to generate a .config from a .kunitconfig, you can use the ``config`` argument when running kunit_tool: .. code-block:: bash ./tools/testing/kunit/kunit.py config -Similarly, if you just want to build a KUnit kernel from the current .config, +Similarly, if you want to build a KUnit kernel from the current .config, you can use the ``build`` argument: .. code-block:: bash @@ -95,33 +95,31 @@ run the kernel and display the test results with the ``exec`` argument: ./tools/testing/kunit/kunit.py exec -The ``run`` command which is discussed above is equivalent to running all three +The ``run`` command, discussed above is equivalent to running all three of these in sequence. All of these commands accept a number of optional command-line arguments. The ``--help`` flag will give a complete list of these, or keep reading this page for a guide to some of the more useful ones. -Parsing Test Results +Parsing test results ==================== -KUnit tests output their results in TAP (Test Anything Protocol) format. -kunit_tool will, when running tests, parse this output and print a summary -which is much more pleasant to read. If you wish to look at the raw test -results in TAP format, you can pass the ``--raw_output`` argument. +The output of the KUnit test results are displayed in TAP (Test Anything Protocol) format. +When running tests, the kunit_tool parses this output and prints a plaintext, human-readable summary. To view the raw test results in TAP format, you can use the ``--raw_output`` argument. .. code-block:: bash ./tools/testing/kunit/kunit.py run --raw_output The raw output from test runs may contain other, non-KUnit kernel log -lines. You can see just KUnit output with ``--raw_output=kunit``: +lines. To view only the KUnit output, you can use ``--raw_output=kunit``: .. code-block:: bash ./tools/testing/kunit/kunit.py run --raw_output=kunit -If you have KUnit results in their raw TAP format, you can parse them and print +If you have KUnit results in the raw TAP format, you can parse them and print the human-readable summary with the ``parse`` command for kunit_tool. This accepts a filename for an argument, or will read from standard input. @@ -135,11 +133,11 @@ accepts a filename for an argument, or will read from standard input. This is very useful if you wish to run tests in a configuration not supported by kunit_tool (such as on real hardware, or an unsupported architecture). -Filtering Tests +Filtering tests =============== -It's possible to run only a subset of the tests built into a kernel by passing -a filter to the ``exec`` or ``run`` commands. For example, if you only wanted +It is possible to run only a subset of the tests built into a kernel by passing +a filter to the ``exec`` or ``run`` commands. For example, if you want to run KUnit resource tests, you could use: .. code-block:: bash @@ -148,15 +146,14 @@ to run KUnit resource tests, you could use: This uses the standard glob format for wildcards. -Running Tests on QEMU +Running tests on QEMU ===================== -kunit_tool supports running tests on QEMU as well as via UML (as mentioned -elsewhere). The default way of running tests on QEMU requires two flags: +kunit_tool supports running tests on QEMU as well as via UML. The default way of running tests on QEMU requires two flags: ``--arch`` Selects a collection of configs (Kconfig as well as QEMU configs - options, etc) that allow KUnit tests to be run on the specified + options and so on) that allow KUnit tests to be run on the specified architecture in a minimal way; this is usually not much slower than using UML. The architecture argument is the same as the name of the option passed to the ``ARCH`` variable used by Kbuild. Not all @@ -196,8 +193,8 @@ look something like this: --jobs=12 \ --qemu_config=./tools/testing/kunit/qemu_configs/x86_64.py -Other Useful Options -==================== +Other useful options +====================== kunit_tool has a number of other command-line arguments which can be useful when adapting it to fit your environment or needs. @@ -228,5 +225,10 @@ Some of the more useful ones are: dependencies by adding ``CONFIG_KUNIT_ALL_TESTS=1`` to your .kunitconfig is preferable. -There are several other options (and new ones are often added), so do check +There are several other options (and new ones are often added), so do run ``--help`` if you're looking for something not mentioned here. +For more information on these options, see `Command-line-arguments +<https://www.kernel.org/doc/html/latest/dev-tools/kunit/run_wrapper.html#com…>`__ + + +. -- 2.37.1.595.g718a3a8f04-goog

2 years, 8 months

3
2
0 0

[PATCH v5 1/2] x86/fpu: Allow PKRU to be (once again) written by ptrace.

by Kyle Huey

From: Kyle Huey <me(a)kylehuey.com> When management of the PKRU register was moved away from XSTATE, emulation of PKRU's existence in XSTATE was added for APIs that read XSTATE, but not for APIs that write XSTATE. This can be seen by running gdb and executing `p $pkru`, `set $pkru = 42`, and `p $pkru`. On affected kernels (5.14+) the write to the PKRU register (which gdb performs through ptrace) is ignored. There are three relevant APIs: PTRACE_SETREGSET with NT_X86_XSTATE, sigreturn, and KVM_SET_XSAVE. KVM_SET_XSAVE has its own special handling to make PKRU writes take effect (in fpu_copy_uabi_to_guest_fpstate). Push that down into copy_uabi_to_xstate and have PTRACE_SETREGSET with NT_X86_XSTATE and sigreturn pass in pointers to the appropriate PKRU value. This also adds code to initialize the PKRU value to the hardware init value (namely 0) if the PKRU bit is not set in the XSTATE header to match XRSTOR. This is a change to the current KVM_SET_XSAVE behavior. Changelog since v4: - Selftest additionally checks PKRU readbacks through ptrace. - Selftest flips all PKRU bits (except the key used for PROT_EXEC). Changelog since v3: - The v3 patch is now part 1 of 2. - Adds a selftest in part 2 of 2. Changelog since v2: - Removed now unused variables in fpu_copy_uabi_to_guest_fpstate Changelog since v1: - Handles the error case of copy_to_buffer(). Signed-off-by: Kyle Huey <me(a)kylehuey.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Borislav Petkov <bp(a)suse.de> Cc: kvm(a)vger.kernel.org # For edge case behavior of KVM_SET_XSAVE Cc: stable(a)vger.kernel.org # 5.14+ Fixes: e84ba47e313d ("x86/fpu: Hook up PKRU into ptrace()") --- arch/x86/kernel/fpu/core.c | 13 +------------ arch/x86/kernel/fpu/regset.c | 2 +- arch/x86/kernel/fpu/signal.c | 2 +- arch/x86/kernel/fpu/xstate.c | 28 +++++++++++++++++++++++----- arch/x86/kernel/fpu/xstate.h | 4 ++-- 5 files changed, 28 insertions(+), 21 deletions(-) diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index 3b28c5b25e12..46b935bc87c8 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -391,8 +391,6 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, { struct fpstate *kstate = gfpu->fpstate; const union fpregs_state *ustate = buf; - struct pkru_state *xpkru; - int ret; if (!cpu_feature_enabled(X86_FEATURE_XSAVE)) { if (ustate->xsave.header.xfeatures & ~XFEATURE_MASK_FPSSE) @@ -406,16 +404,7 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, if (ustate->xsave.header.xfeatures & ~xcr0) return -EINVAL; - ret = copy_uabi_from_kernel_to_xstate(kstate, ustate); - if (ret) - return ret; - - /* Retrieve PKRU if not in init state */ - if (kstate->regs.xsave.header.xfeatures & XFEATURE_MASK_PKRU) { - xpkru = get_xsave_addr(&kstate->regs.xsave, XFEATURE_PKRU); - *vpkru = xpkru->pkru; - } - return 0; + return copy_uabi_from_kernel_to_xstate(kstate, ustate, vpkru); } EXPORT_SYMBOL_GPL(fpu_copy_uabi_to_guest_fpstate); #endif /* CONFIG_KVM */ diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index 75ffaef8c299..6d056b68f4ed 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -167,7 +167,7 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, } fpu_force_restore(fpu); - ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf); + ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf, &target->thread.pkru); out: vfree(tmpbuf); diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 91d4b6de58ab..558076dbde5b 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -396,7 +396,7 @@ static bool __fpu_restore_sig(void __user *buf, void __user *buf_fx, fpregs = &fpu->fpstate->regs; if (use_xsave() && !fx_only) { - if (copy_sigframe_from_user_to_xstate(fpu->fpstate, buf_fx)) + if (copy_sigframe_from_user_to_xstate(tsk, buf_fx)) return false; } else { if (__copy_from_user(&fpregs->fxsave, buf_fx, diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index c8340156bfd2..e01d3514ae68 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -1197,7 +1197,7 @@ static int copy_from_buffer(void *dst, unsigned int offset, unsigned int size, static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, - const void __user *ubuf) + const void __user *ubuf, u32 *pkru) { struct xregs_state *xsave = &fpstate->regs.xsave; unsigned int offset, size; @@ -1235,6 +1235,24 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, for (i = 0; i < XFEATURE_MAX; i++) { mask = BIT_ULL(i); + if (i == XFEATURE_PKRU) { + /* + * Retrieve PKRU if not in init state, otherwise + * initialize it. + */ + if (hdr.xfeatures & mask) { + struct pkru_state xpkru = {0}; + + if (copy_from_buffer(&xpkru, xstate_offsets[i], + sizeof(xpkru), kbuf, ubuf)) + return -EFAULT; + + *pkru = xpkru.pkru; + } else { + *pkru = 0; + } + } + if (hdr.xfeatures & mask) { void *dst = __raw_xsave_addr(xsave, i); @@ -1264,9 +1282,9 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, * Convert from a ptrace standard-format kernel buffer to kernel XSAVE[S] * format and copy to the target thread. Used by ptrace and KVM. */ -int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) +int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru) { - return copy_uabi_to_xstate(fpstate, kbuf, NULL); + return copy_uabi_to_xstate(fpstate, kbuf, NULL, pkru); } /* @@ -1274,10 +1292,10 @@ int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) * XSAVE[S] format and copy to the target thread. This is called from the * sigreturn() and rt_sigreturn() system calls. */ -int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, +int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf) { - return copy_uabi_to_xstate(fpstate, NULL, ubuf); + return copy_uabi_to_xstate(tsk->thread.fpu.fpstate, NULL, ubuf, &tsk->thread.pkru); } static bool validate_independent_components(u64 mask) diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 5ad47031383b..a4ecb04d8d64 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -46,8 +46,8 @@ extern void __copy_xstate_to_uabi_buf(struct membuf to, struct fpstate *fpstate, u32 pkru_val, enum xstate_copy_mode copy_mode); extern void copy_xstate_to_uabi_buf(struct membuf to, struct task_struct *tsk, enum xstate_copy_mode mode); -extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf); -extern int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, const void __user *ubuf); +extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru); +extern int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf); extern void fpu__init_cpu_xstate(void); -- 2.37.1

2 years, 8 months

3
6
0 0

[net-next] Fix reinitialization of TEST_PROGS in net self tests.

by Adel Abouchaev

Fix reinitialization of TEST_PROGS in net self tests. Signed-off-by: Adel Abouchaev <adel.abushaev(a)gmail.com> --- tools/testing/selftests/net/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index 11a288b67e2f..4a5978eab848 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -42,7 +42,7 @@ TEST_PROGS += arp_ndisc_evict_nocarrier.sh TEST_PROGS += ndisc_unsolicited_na_test.sh TEST_PROGS += arp_ndisc_untracked_subnets.sh TEST_PROGS += stress_reuseport_listen.sh -TEST_PROGS := l2_tos_ttl_inherit.sh +TEST_PROGS += l2_tos_ttl_inherit.sh TEST_PROGS_EXTENDED := in_netns.sh setup_loopback.sh setup_veth.sh TEST_PROGS_EXTENDED += toeplitz_client.sh toeplitz.sh TEST_GEN_FILES = socket nettest -- 2.30.2

2 years, 8 months

3
2
0 0

Re: [PATCH v4 net-next 3/6] drivers: net: dsa: add locked fdb entry flag to drivers

by netdev＠kapio-technology.com

On 2022-08-11 13:28, Ido Schimmel wrote: >> > I'm talking about roaming, not forwarding. Let's say you have a locked >> > entry with MAC X pointing to port Y. Now you get a packet with SMAC X >> > from port Z which is unlocked. Will the FDB entry roam to port Z? I >> > think it should, but at least in current implementation it seems that >> > the "locked" flag will not be reset and having locked entries pointing >> > to an unlocked port looks like a bug. >> > >> In general I have been thinking that the said setup is a network configuration error as I was arguing in an earlier conversation with Vladimir. In this setup we must remember that SMAC X becomes DMAC X in the return traffic on the open port. But the question arises to me why MAC X would be behind the locked port without getting authed while being behind an open port too? In a real life setup, I don't think you would want random hosts behind a locked port in the MAB case, but only the hosts you will let through. Other hosts should be regarded as intruders. If we are talking about a station move, then the locked entry will age out and MAC X will function normally on the open port after the timeout, which was a case that was taken up in earlier discussions. But I will anyhow do some testing with this 'edge case' (of being behind both a locked and an unlocked port) if I may call it so, and see to that the offloaded and non-offloaded cases correspond to each other, and will work satisfactory. I think it will be good to have a flag to enable the mac-auth/MAB feature, and I suggest just calling the flag 'mab', as it is short. Otherwise I don't see any major issues with the whole feature as it is.

2 years, 8 months

2
21
0 0

[PATCH v2 0/4] Implement IOCTL to get and clear soft dirty PTE

by Muhammad Usama Anjum

Hello, This patch series implements a new ioctl on the pagemap proc fs file to get, clear and perform both get and clear at the same time atomically on the specified range of the memory. Soft-dirty PTE bit of the memory pages can be viewed by using pagemap procfs file. The soft-dirty PTE bit for the whole memory range of the process can be cleared by writing to the clear_refs file. This series adds features that weren't present earlier. - There is no atomic get soft-dirty PTE bit status and clear operation present. - The soft-dirty PTE bit of only a part of memory cannot be cleared. Historically, soft-dirty PTE bit tracking has been used in the CRIU project. The proc fs interface is enough for that as I think the process is frozen. We have the use case where we need to track the soft-dirty PTE bit for the running processes. We need this tracking and clear mechanism of a region of memory while the process is running to emulate the getWriteWatch() syscall of Windows. This syscall is used by games to keep track of dirty pages and keep processing only the dirty pages. This new ioctl can be used by the CRIU project and other applications which require soft-dirty PTE bit information. As in the current kernel there is no way to clear a part of memory (instead of clearing the Soft-Dirty bits for the entire process) and get+clear operation cannot be performed atomically, there are other methods to mimic this information entirely in userspace with poor performance: - The mprotect syscall and SIGSEGV handler for bookkeeping - The userfaultfd syscall with the handler for bookkeeping Some benchmarks can be seen [1]. This ioctl can be used by the CRIU project and other applications which require soft-dirty PTE bit information. The following operations are supported in this ioctl: - Get the pages that are soft-dirty. - Clear the pages which are soft-dirty. - The optional flag to ignore the VM_SOFTDIRTY and only track per page soft-dirty PTE bit There are two decisions which have been taken about how to get the output from the syscall. - Return offsets of the pages from the start in the vec - Stop execution when vec is filled with dirty pages These two arguments doesn't follow the mincore() philosophy where the output array corresponds to the address range in one to one fashion, hence the output buffer length isn't passed and only a flag is set if the page is present. This makes mincore() easy to use with less control. We are passing the size of the output array and putting return data consecutively which is offset of dirty pages from the start. The user can convert these offsets back into the dirty page addresses easily. Suppose, the user want to get first 10 dirty pages from a total memory of 100 pages. He'll allocate output buffer of size 10 and the ioctl will abort after finding the 10 pages. This behaviour is needed to support Windows' getWriteWatch(). The behaviour like mincore() can be achieved by passing output buffer of 100 size. This interface can be used for any desired behaviour. [1] https://lore.kernel.org/lkml/54d4c322-cd6e-eefd-b161-2af2b56aae24@collabora… Regards, Muhammad Usama Anjum Cc: Gabriel Krisman Bertazi <krisman(a)collabora.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Peter Enderborg <peter.enderborg(a)sony.com> Muhammad Usama Anjum (4): fs/proc/task_mmu: update functions to clear the soft-dirty bit fs/proc/task_mmu: Implement IOCTL to get and clear soft dirty PTE bit selftests: vm: add pagemap ioctl tests mm: add documentation of the new ioctl on pagemap Documentation/admin-guide/mm/soft-dirty.rst | 42 +- fs/proc/task_mmu.c | 337 ++++++++++- include/uapi/linux/fs.h | 13 + tools/include/uapi/linux/fs.h | 13 + tools/testing/selftests/vm/.gitignore | 1 + tools/testing/selftests/vm/Makefile | 2 + tools/testing/selftests/vm/pagemap_ioctl.c | 629 ++++++++++++++++++++ 7 files changed, 1005 insertions(+), 32 deletions(-) create mode 100644 tools/testing/selftests/vm/pagemap_ioctl.c -- 2.30.2

2 years, 8 months

2
7
0 0

[PATCH] selftests/landlock: fix broken include of linux/landlock.h

by Guillaume Tucker

Revert part of the earlier changes to fix the kselftest build when using a sub-directory from the top of the tree as this broke the landlock test build as a side-effect when building with "make -C tools/testing/selftests/landlock". Reported-by: Mickaël Salaün <mic(a)digikod.net> Fixes: a917dd94b832 ("selftests/landlock: drop deprecated headers dependency") Fixes: f2745dc0ba3d ("selftests: stop using KSFT_KHDR_INSTALL") Signed-off-by: Guillaume Tucker <guillaume.tucker(a)collabora.com> --- tools/testing/selftests/landlock/Makefile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/landlock/Makefile b/tools/testing/selftests/landlock/Makefile index a6959df28eb0..02868ac3bc71 100644 --- a/tools/testing/selftests/landlock/Makefile +++ b/tools/testing/selftests/landlock/Makefile @@ -9,10 +9,13 @@ TEST_GEN_PROGS := $(src_test:.c=) TEST_GEN_PROGS_EXTENDED := true OVERRIDE_TARGETS := 1 +top_srcdir := ../../../.. include ../lib.mk +khdr_dir = $(top_srcdir)/usr/include + $(OUTPUT)/true: true.c $(LINK.c) $< $(LDLIBS) -o $@ -static -$(OUTPUT)/%_test: %_test.c ../kselftest_harness.h common.h - $(LINK.c) $< $(LDLIBS) -o $@ -lcap +$(OUTPUT)/%_test: %_test.c $(khdr_dir)/linux/landlock.h ../kselftest_harness.h common.h + $(LINK.c) $< $(LDLIBS) -o $@ -lcap -I$(khdr_dir) -- 2.30.2

2 years, 8 months

4
11
0 0

[PATCH bpf-next,v3] selftests/bpf: add lwt ip encap tests to test_progs

by Eyal Birger

Port test_lwt_ip_encap.sh tests onto test_progs. In addition, this commit adds "egress_md" tests which test a similar flow as egress tests only they use gre devices in collect_md mode for encapsulation and set the tunnel key using bpf_set_tunnel_key(). This introduces minor changes to the test setup and test_lwt_ip_encap.c: - GRE key must exist as bpf_set_tunnel_key() explicitly sets the TUNNEL_KEY flag - Source address for GRE traffic is set to IP*_5 instead of IP*_1 since GRE traffic is sent via veth5 so its address is selected when using bpf_set_tunnel_key() Note: currently these programs use the legacy section name convention as iproute2 lwt configuration does not support providing function names. Since the shell version is not routinely tested, remove it and rely on the C version. Signed-off-by: Eyal Birger <eyal.birger(a)gmail.com> ---- v2: remove lwt_ip_encap.sh v2: - set CONFIG_NET_VRF and CONFIG_NET_L3_MASTER_DEV in reference .config - add wait after sending large packet to allow it to get delivered as in the .sh test --- tools/testing/selftests/bpf/Makefile | 1 - tools/testing/selftests/bpf/config | 2 + .../selftests/bpf/prog_tests/lwt_ip_encap.c | 585 ++++++++++++++++++ .../selftests/bpf/progs/test_lwt_ip_encap.c | 51 +- .../selftests/bpf/test_lwt_ip_encap.sh | 475 -------------- 5 files changed, 634 insertions(+), 480 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/lwt_ip_encap.c delete mode 100755 tools/testing/selftests/bpf/test_lwt_ip_encap.sh diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile index eecad99f1735..39b675cc4ca9 100644 --- a/tools/testing/selftests/bpf/Makefile +++ b/tools/testing/selftests/bpf/Makefile @@ -63,7 +63,6 @@ TEST_PROGS := test_kmod.sh \ test_flow_dissector.sh \ test_xdp_vlan_mode_generic.sh \ test_xdp_vlan_mode_native.sh \ - test_lwt_ip_encap.sh \ test_tcp_check_syncookie.sh \ test_tc_tunnel.sh \ test_tc_edt.sh \ diff --git a/tools/testing/selftests/bpf/config b/tools/testing/selftests/bpf/config index 3fc46f9cfb22..04cc64e334ef 100644 --- a/tools/testing/selftests/bpf/config +++ b/tools/testing/selftests/bpf/config @@ -64,3 +64,5 @@ CONFIG_TEST_BPF=m CONFIG_USERFAULTFD=y CONFIG_VXLAN=y CONFIG_XDP_SOCKETS=y +CONFIG_NET_VRF=y +CONFIG_NET_L3_MASTER_DEV=y diff --git a/tools/testing/selftests/bpf/prog_tests/lwt_ip_encap.c b/tools/testing/selftests/bpf/prog_tests/lwt_ip_encap.c new file mode 100644 index 000000000000..986c06d1bda1 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/lwt_ip_encap.c @@ -0,0 +1,585 @@ +// SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause + +/* Setup/topology: + * + * NS1 NS2 NS3 + * veth1 <---> veth2 veth3 <---> veth4 (the top route) + * veth5 <---> veth6 veth7 <---> veth8 (the bottom route) + * + * each vethN gets IP[4|6]_N address + * + * IP*_SRC = IP*_1 + * IP*_DST = IP*_4 + * + * all tests test pings from IP*_SRC to IP*_DST + * + * by default, routes are configured to allow packets to go + * IP*_1 <=> IP*_2 <=> IP*_3 <=> IP*_4 (the top route) + * + * a GRE device is installed in NS3 with IP*_GRE, and + * NS1/NS2 are configured to route packets to IP*_GRE via IP*_8 + * (the bottom route) + * + * Tests: + * + * 1. routes NS2->IP*_DST are brought down, so the only way a ping + * from IP*_SRC to IP*_DST can work is via IP*_GRE + * + * 2a. in an egress test, a bpf LWT_XMIT program is installed on veth1 + * that encaps the packets with an IP/GRE header to route to IP*_GRE + * + * ping: SRC->[encap at veth1:egress]->GRE:decap->DST + * ping replies go DST->SRC directly + * + * 2b. in an ingress test, a bpf LWT_IN program is installed on veth2 + * that encaps the packets with an IP/GRE header to route to IP*_GRE + * + * ping: SRC->[encap at veth2:ingress]->GRE:decap->DST + * ping replies go DST->SRC directly + * + * 2c. in an egress_md test, a bpf LWT_XMIT program is installed on a + * route towards collect_md gre{,6} devices in NS1 and sets the tunnel + * key such that packets are encapsulated with an IP/GRE header to route + * to IP*_GRE + * + * ping: SRC->[encap at gre{,6}_md:xmit]->GRE:decap->DST + * ping replies go DST->SRC directly + */ + +#include "test_progs.h" +#include "network_helpers.h" + +#define NS_1 "ns_lwt_1" +#define NS_2 "ns_lwt_2" +#define NS_3 "ns_lwt_3" + +#define IP4_1 "172.16.1.100" +#define IP4_2 "172.16.2.100" +#define IP4_3 "172.16.3.100" +#define IP4_4 "172.16.4.100" +#define IP4_5 "172.16.5.100" +#define IP4_6 "172.16.6.100" +#define IP4_7 "172.16.7.100" +#define IP4_8 "172.16.8.100" +#define IP4_GRE "172.16.16.100" +#define IP4_DST IP4_4 + +#define IP6_1 "fb01::1" +#define IP6_2 "fb02::1" +#define IP6_3 "fb03::1" +#define IP6_4 "fb04::1" +#define IP6_5 "fb05::1" +#define IP6_6 "fb06::1" +#define IP6_7 "fb07::1" +#define IP6_8 "fb08::1" +#define IP6_GRE "fb10::1" +#define IP6_DST IP6_4 + +#define TEST_VRF_NAME "red" + +static const char * const namespaces[] = {NS_1, NS_2, NS_3, NULL}; +static __u32 duration; +static bool use_vrf; + +enum encap_type { + ENCAP_EGRESS, + ENCAP_INGRESS, + ENCAP_EGRESS_MD, +}; + +#define SYS(fmt, ...) \ + ({ \ + char cmd[1024]; \ + snprintf(cmd, sizeof(cmd), fmt, ##__VA_ARGS__); \ + if (!ASSERT_OK(system(cmd), cmd)) \ + goto fail; \ + }) + +#define ADD_VETH_PAIR(v1, ns1, v2, ns2) \ + SYS("ip link add " v1 " netns " ns1 " type veth " \ + "peer name " v2 " netns " ns2) + +#define SET_NS_ROUTE(op, netns, family, fmt, ...) \ + SYS("ip %s%s %s route " op " %s " fmt, \ + netns[0] ? "-netns " : "", netns[0] ? netns : "", \ + family == AF_INET6 ? "-6" : "", \ + use_vrf ? "vrf " TEST_VRF_NAME : "", \ + ##__VA_ARGS__) + +#define SET_NS_ADDR_ROUTE(op, netns, addr, fmt, ...) \ + ({ \ + int family = strchr(addr, ':') ? AF_INET6 : AF_INET; \ + SET_NS_ROUTE(op, netns, family, addr "%s " fmt, \ + family == AF_INET6 ? "/128" : "/32", \ + ##__VA_ARGS__); \ + }) + +#define ADD_ROUTE(family, ...) SET_NS_ROUTE("add", "", family, ##__VA_ARGS__) + +#define ADD_ADDR_ROUTE(...) SET_NS_ADDR_ROUTE("add", "", ##__VA_ARGS__) + +static int write_sysctl(const char *sysctl, const char *value) +{ + int fd, err, len; + + fd = open(sysctl, O_WRONLY); + if (CHECK(fd == -1, "open sysctl", "open(%s): %s (%d)\n", + sysctl, strerror(errno), errno)) + return -1; + + len = strlen(value); + err = write(fd, value, len); + close(fd); + if (CHECK(err != len, "write sysctl", + "write(%s, %s): err:%d %s (%d)\n", + sysctl, value, err, strerror(errno), errno)) + return -1; + + return 0; +} + +static int setup_namespaces(const char *verb) +{ + const char * const *ns = namespaces; + + while (*ns) { + SYS("ip netns %s %s", verb, *ns); + ns++; + } + return 0; +fail: + return -1; +} + +static void setup_namespaces_nofail(const char *verb) +{ + const char * const *ns = namespaces; + char cmd[128]; + + while (*ns) { + snprintf(cmd, sizeof(cmd), "ip netns %s %s > /dev/null 2>&1", + verb, *ns); + system(cmd); + ns++; + } +} + +static int setup_ns(const char *ns, int (*ns_setup_fn)(void)) +{ + struct nstoken *nstoken; + int err = -1; + + nstoken = open_netns(ns); + if (!ASSERT_OK_PTR(nstoken, "setns")) + return -1; + + /* rp_filter gets confused by what these tests are doing, + * so disable it. + * also disable IPv6 DAD because it sometimes takes too long and fails + * tests. + */ + if (write_sysctl("/proc/sys/net/ipv4/conf/all/rp_filter", "0") || + write_sysctl("/proc/sys/net/ipv4/conf/default/rp_filter", "0") || + write_sysctl("/proc/sys/net/ipv6/conf/all/accept_dad", "0") || + write_sysctl("/proc/sys/net/ipv6/conf/default/accept_dad", "0")) + goto exit; + + err = ns_setup_fn(); + +exit: + close_netns(nstoken); + return err; +} + +static int setup_device(const char *devname, const char *addr4, + const char *addr6) +{ + if (use_vrf) + SYS("ip link set %s vrf %s", devname, TEST_VRF_NAME); + + if (addr4) + SYS("ip addr add %s/24 dev %s", addr4, devname); + + if (addr6) + SYS("ip -6 addr add %s/128 nodad dev %s", addr6, devname); + + SYS("ip link set dev %s up", devname); + return 0; +fail: + return -1; +} + +static int setup_vrf(void) +{ + SYS("ip link add %s type vrf table 1001", TEST_VRF_NAME); + SYS("ip link set dev %s up", TEST_VRF_NAME); + SYS("ip route add table 1001 unreachable default metric 8192"); + SYS("ip -6 route add table 1001 unreachable default metric 8192"); + return 0; +fail: + return -1; +} + +static int setup_ns1(void) +{ + if (use_vrf && setup_vrf()) + goto fail; + + SYS("ip link add gre_md type gre external"); + SYS("ip link add gre6_md type ip6gre external"); + + if (setup_device("veth1", IP4_1, IP6_1) || + setup_device("veth5", IP4_5, IP6_5) || + setup_device("gre_md", IP4_1, IP6_1) || + setup_device("gre6_md", IP4_1, IP6_1)) + goto fail; + + /* Top route */ + ADD_ADDR_ROUTE(IP4_2, "dev veth1"); + ADD_ADDR_ROUTE(IP6_2, "dev veth1"); + ADD_ROUTE(AF_INET, "default dev veth1 via " IP4_2); + ADD_ROUTE(AF_INET6, "default dev veth1 via " IP6_2); + + /* Bottom route */ + ADD_ADDR_ROUTE(IP4_6, "dev veth5"); + ADD_ADDR_ROUTE(IP4_7, "dev veth5 via " IP4_6); + ADD_ADDR_ROUTE(IP4_8, "dev veth5 via " IP4_6); + ADD_ADDR_ROUTE(IP6_6, "dev veth5"); + ADD_ADDR_ROUTE(IP6_7, "dev veth5 via " IP6_6); + ADD_ADDR_ROUTE(IP6_8, "dev veth5 via " IP6_6); + + /* GRE peer via the bottom route */ + ADD_ADDR_ROUTE(IP4_GRE, "dev veth5 via " IP4_6); + ADD_ADDR_ROUTE(IP6_GRE, "dev veth5 via " IP6_6); + return 0; +fail: + return -1; +} + +static int setup_ns2(void) +{ + if (write_sysctl("/proc/sys/net/ipv4/ip_forward", "1") || + write_sysctl("/proc/sys/net/ipv6/conf/all/forwarding", "1")) + goto fail; + + if (use_vrf && setup_vrf()) + goto fail; + + if (setup_device("veth2", IP4_2, IP6_2) || + setup_device("veth3", IP4_3, IP6_3) || + setup_device("veth6", IP4_6, IP6_6) || + setup_device("veth7", IP4_7, IP6_7)) + goto fail; + + /* Top route */ + ADD_ADDR_ROUTE(IP4_1, "dev veth2"); + ADD_ADDR_ROUTE(IP4_4, "dev veth3"); + ADD_ADDR_ROUTE(IP6_1, "dev veth2"); + ADD_ADDR_ROUTE(IP6_4, "dev veth3"); + + /* Bottom route */ + ADD_ADDR_ROUTE(IP4_5, "dev veth6"); + ADD_ADDR_ROUTE(IP4_8, "dev veth7"); + ADD_ADDR_ROUTE(IP6_5, "dev veth6"); + ADD_ADDR_ROUTE(IP6_8, "dev veth7"); + + /* GRE peer via the bottom route */ + ADD_ADDR_ROUTE(IP4_GRE, "dev veth7 via " IP4_8); + ADD_ADDR_ROUTE(IP6_GRE, "dev veth7 via " IP6_8); + return 0; +fail: + return -1; +} + +static int setup_ns3(void) +{ + if (use_vrf && setup_vrf()) + goto fail; + + if (setup_device("veth4", IP4_4, IP6_4) || + setup_device("veth8", IP4_8, IP6_8)) + goto fail; + + /* Top route */ + ADD_ADDR_ROUTE(IP4_3, "dev veth4"); + ADD_ADDR_ROUTE(IP4_1, "dev veth4 via " IP4_3); + ADD_ADDR_ROUTE(IP4_2, "dev veth4 via " IP4_3); + ADD_ADDR_ROUTE(IP6_3, "dev veth4"); + ADD_ADDR_ROUTE(IP6_1, "dev veth4 via " IP6_3); + ADD_ADDR_ROUTE(IP6_2, "dev veth4 via " IP6_3); + + /* Bottom route */ + ADD_ADDR_ROUTE(IP4_7, "dev veth8"); + ADD_ADDR_ROUTE(IP4_5, "dev veth8 via " IP4_7); + ADD_ADDR_ROUTE(IP4_6, "dev veth8 via " IP4_7); + ADD_ADDR_ROUTE(IP6_7, "dev veth8"); + ADD_ADDR_ROUTE(IP6_5, "dev veth8 via " IP6_7); + ADD_ADDR_ROUTE(IP6_6, "dev veth8 via " IP6_7); + + /* configure IPv4 GRE device in NS3, and a route to it via the + * "bottom" route + */ + SYS("ip tunnel add gre_dev mode gre remote " IP4_5 " local " IP4_GRE + " ttl 255 key 0"); + if (setup_device("gre_dev", IP4_GRE, NULL)) + goto fail; + + SYS("ip tunnel add gre6_dev mode ip6gre remote " IP6_5 " local " IP6_GRE + " ttl 255 key 0"); + if (setup_device("gre6_dev", NULL, IP6_GRE)) + goto fail; + + return 0; +fail: + return -1; +} + +static int setup_links_and_routes(void) +{ + ADD_VETH_PAIR("veth1", NS_1, "veth2", NS_2); + ADD_VETH_PAIR("veth3", NS_2, "veth4", NS_3); + ADD_VETH_PAIR("veth5", NS_1, "veth6", NS_2); + ADD_VETH_PAIR("veth7", NS_2, "veth8", NS_3); + + if (setup_ns(NS_1, setup_ns1) || + setup_ns(NS_2, setup_ns2) || + setup_ns(NS_3, setup_ns3)) + goto fail; + + return 0; +fail: + return -1; +} + +static int remove_routes_to_gredev(void) +{ + SET_NS_ADDR_ROUTE("del", NS_1, IP4_GRE, "dev veth5"); + SET_NS_ADDR_ROUTE("del", NS_1, IP6_GRE, "dev veth5"); + SET_NS_ADDR_ROUTE("del", NS_2, IP4_GRE, "dev veth7"); + SET_NS_ADDR_ROUTE("del", NS_2, IP6_GRE, "dev veth7"); +fail: + return -1; +} + +static int add_unreachable_routes_to_gredev(void) +{ + SET_NS_ROUTE("add", NS_1, AF_INET, "unreachable " IP4_GRE "/32"); + SET_NS_ROUTE("add", NS_1, AF_INET6, "unreachable " IP6_GRE "/128"); + SET_NS_ROUTE("add", NS_2, AF_INET, "unreachable " IP4_GRE "/32"); + SET_NS_ROUTE("add", NS_2, AF_INET6, "unreachable " IP6_GRE "/128"); + return 0; +fail: + return -1; +} + +static int test_ping(int family, bool must_fail, bool bindtodev) +{ + const char *addr, *ping_args; + char cmd[1024]; + int ret; + + addr = family == AF_INET ? IP4_DST : IP6_DST; + ping_args = bindtodev ? "-c 1 -W 1 -I veth1" : "-c 1 -W 1"; + snprintf(cmd, sizeof(cmd), + "ip netns exec " NS_1 " %s %s %s > /dev/null", + ping_command(family), ping_args, addr); + ret = system(cmd); + if (!ASSERT_EQ(!!ret, !!must_fail, cmd)) + return -1; + return 0; +} + +#define TIMEOUT_MILLIS 10000 + +static int test_gso(int family, const char *dst) +{ + int listen_fd = -1, accept_fd = -1, client_fd = -1; + struct nstoken *nstoken; + static char buf[5000]; + int n, ret = -1; + + nstoken = open_netns(NS_3); + if (!ASSERT_OK_PTR(nstoken, "setns")) + return -1; + + listen_fd = start_server(family, SOCK_STREAM, dst, 9000, 0); + if (!ASSERT_GE(listen_fd, 0, "listen")) + goto done; + + close_netns(nstoken); + nstoken = open_netns(NS_1); + if (!ASSERT_OK_PTR(nstoken, "setns src")) + goto done; + + client_fd = connect_to_fd(listen_fd, TIMEOUT_MILLIS); + if (!ASSERT_GE(client_fd, 0, "connect_to_fd")) + goto done; + + accept_fd = accept(listen_fd, NULL, NULL); + if (!ASSERT_GE(accept_fd, 0, "accept")) + goto done; + + if (!ASSERT_OK(settimeo(accept_fd, TIMEOUT_MILLIS), "settimeo")) + goto done; + + /* Send a packet larger than the MTU */ + n = write(client_fd, buf, sizeof(buf)); + if (!ASSERT_EQ(n, sizeof(buf), "send to server")) + goto done; + + sleep(2); /* let the packet get delivered */ + + n = read(accept_fd, buf, sizeof(buf)); + ASSERT_EQ(n, sizeof(buf), "recv from server"); + + ret = 0; + +done: + if (nstoken) + close_netns(nstoken); + if (listen_fd >= 0) + close(listen_fd); + if (accept_fd >= 0) + close(accept_fd); + if (client_fd >= 0) + close(client_fd); + return ret; +} + +static void lwt_ip_encap_test(int encap_family, enum encap_type encap_type) +{ + const char *prog_sec, *encap_dev, *lwt_type, *encap_ns; + bool bindtodev = true; + + if (!ASSERT_OK(setup_namespaces("add"), "setup namespaces")) + return; + if (!ASSERT_OK(setup_links_and_routes(), + "setup links and routes")) + goto fail; + + sleep(2); /* reduce flakiness */ + + /* by default, pings work */ + test_ping(AF_INET, false, bindtodev); + test_ping(AF_INET6, false, bindtodev); + + /* remove NS2->DST routes, ping fails */ + SET_NS_ADDR_ROUTE("del", NS_2, IP4_DST, "dev veth3"); + SET_NS_ADDR_ROUTE("del", NS_2, IP6_DST, "dev veth3"); + + test_ping(AF_INET, true, bindtodev); + test_ping(AF_INET6, true, bindtodev); + + prog_sec = encap_family == AF_INET ? "encap_gre" : "encap_gre6"; + + switch (encap_type) { + case ENCAP_EGRESS: + encap_dev = "veth1"; + lwt_type = "xmit"; + encap_ns = NS_1; + break; + case ENCAP_INGRESS: + encap_dev = "veth2"; + lwt_type = "in"; + encap_ns = NS_2; + break; + case ENCAP_EGRESS_MD: + switch (encap_family) { + case AF_INET: + prog_sec = "encap_gre_md"; + encap_dev = "gre_md"; + break; + case AF_INET6: + prog_sec = "encap_gre6_md"; + encap_dev = "gre6_md"; + break; + default: + goto fail; + } + lwt_type = "xmit"; + encap_ns = NS_1; + break; + default: + goto fail; + } + + /* install replacement routes (LWT/eBPF), pings succeed */ + SET_NS_ADDR_ROUTE("add", encap_ns, IP4_DST, + "encap bpf %s obj test_lwt_ip_encap.o sec %s dev %s", + lwt_type, prog_sec, encap_dev); + SET_NS_ADDR_ROUTE("add", encap_ns, IP6_DST, + "encap bpf %s obj test_lwt_ip_encap.o sec %s dev %s", + lwt_type, prog_sec, encap_dev); + + /* binding to device doesn't work for egress_md tests as routing is + * asymmetrical + */ + bindtodev = encap_type != ENCAP_EGRESS_MD; + test_ping(AF_INET, false, bindtodev); + test_ping(AF_INET6, false, bindtodev); + + /* VRF is complex for testing GSO in this setup */ + if (!use_vrf && encap_type != ENCAP_INGRESS) { + test_gso(AF_INET, IP4_DST); + test_gso(AF_INET6, IP6_DST); + } + + /* a negative test: remove routes to GRE devices: ping fails */ + if (remove_routes_to_gredev()) + goto fail; + + test_ping(AF_INET, true, bindtodev); + test_ping(AF_INET6, true, bindtodev); + + if (add_unreachable_routes_to_gredev()) + goto fail; + + test_ping(AF_INET, true, bindtodev); + test_ping(AF_INET6, true, bindtodev); +fail: + setup_namespaces("delete"); +} + +#define RUN_TEST(name, family, encap_type, _use_vrf) \ + ({ \ + if (test__start_subtest(name)) { \ + use_vrf = _use_vrf; \ + lwt_ip_encap_test(family, encap_type); \ + } \ + }) + +static void *lwt_ip_encap_run_tests(void *arg) +{ + setup_namespaces_nofail("delete"); + + RUN_TEST("lwt_ipv4_encap_egress", AF_INET, ENCAP_EGRESS, false); + RUN_TEST("lwt_ipv6_encap_egress", AF_INET6, ENCAP_EGRESS, false); + RUN_TEST("lwt_ipv4_encap_egress_vrf", AF_INET, ENCAP_EGRESS, true); + RUN_TEST("lwt_ipv6_encap_egress_vrf", AF_INET6, ENCAP_EGRESS, true); + + RUN_TEST("lwt_ipv4_encap_ingress", AF_INET, ENCAP_INGRESS, false); + RUN_TEST("lwt_ipv6_encap_ingress", AF_INET6, ENCAP_INGRESS, false); + RUN_TEST("lwt_ipv4_encap_ingress_vrf", AF_INET, ENCAP_INGRESS, true); + RUN_TEST("lwt_ipv6_encap_ingress_vrf", AF_INET6, ENCAP_INGRESS, true); + + /* bpf_set_tunnel_key() doesn't support setting underlying VRF routing + * so egress_md tests don't run in VRF setup. + */ + RUN_TEST("lwt_ipv4_encap_egress_md", AF_INET, ENCAP_EGRESS_MD, false); + RUN_TEST("lwt_ipv6_encap_egress_md", AF_INET6, ENCAP_EGRESS_MD, false); + return NULL; +} + +void serial_test_lwt_ip_encap(void) +{ + pthread_t test_thread; + int err; + + /* Run the tests in their own thread to isolate the namespace changes + * so they do not affect the environment of other tests. + * (specifically needed because of unshare(CLONE_NEWNS) in open_netns()) + */ + err = pthread_create(&test_thread, NULL, &lwt_ip_encap_run_tests, NULL); + if (ASSERT_OK(err, "pthread_create")) + ASSERT_OK(pthread_join(test_thread, NULL), "pthread_join"); +} diff --git a/tools/testing/selftests/bpf/progs/test_lwt_ip_encap.c b/tools/testing/selftests/bpf/progs/test_lwt_ip_encap.c index d6cb986e7533..39c6bd5402ae 100644 --- a/tools/testing/selftests/bpf/progs/test_lwt_ip_encap.c +++ b/tools/testing/selftests/bpf/progs/test_lwt_ip_encap.c @@ -10,8 +10,11 @@ struct grehdr { __be16 flags; __be16 protocol; + __be32 key; }; +#define GRE_KEY 0x2000 + SEC("encap_gre") int bpf_lwt_encap_gre(struct __sk_buff *skb) { @@ -28,10 +31,10 @@ int bpf_lwt_encap_gre(struct __sk_buff *skb) hdr.iph.ttl = 0x40; hdr.iph.protocol = 47; /* IPPROTO_GRE */ #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ - hdr.iph.saddr = 0x640110ac; /* 172.16.1.100 */ + hdr.iph.saddr = 0x640510ac; /* 172.16.5.100 */ hdr.iph.daddr = 0x641010ac; /* 172.16.16.100 */ #elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ - hdr.iph.saddr = 0xac100164; /* 172.16.1.100 */ + hdr.iph.saddr = 0xac100564; /* 172.16.5.100 */ hdr.iph.daddr = 0xac101064; /* 172.16.16.100 */ #else #error "Fix your compiler's __BYTE_ORDER__?!" @@ -39,6 +42,7 @@ int bpf_lwt_encap_gre(struct __sk_buff *skb) hdr.iph.tot_len = bpf_htons(skb->len + sizeof(struct encap_hdr)); hdr.greh.protocol = skb->protocol; + hdr.greh.flags = bpf_htons(GRE_KEY); err = bpf_lwt_push_encap(skb, BPF_LWT_ENCAP_IP, &hdr, sizeof(struct encap_hdr)); @@ -63,9 +67,9 @@ int bpf_lwt_encap_gre6(struct __sk_buff *skb) hdr.ip6hdr.payload_len = bpf_htons(skb->len + sizeof(struct grehdr)); hdr.ip6hdr.nexthdr = 47; /* IPPROTO_GRE */ hdr.ip6hdr.hop_limit = 0x40; - /* fb01::1 */ + /* fb05::1 */ hdr.ip6hdr.saddr.s6_addr[0] = 0xfb; - hdr.ip6hdr.saddr.s6_addr[1] = 1; + hdr.ip6hdr.saddr.s6_addr[1] = 5; hdr.ip6hdr.saddr.s6_addr[15] = 1; /* fb10::1 */ hdr.ip6hdr.daddr.s6_addr[0] = 0xfb; @@ -73,6 +77,7 @@ int bpf_lwt_encap_gre6(struct __sk_buff *skb) hdr.ip6hdr.daddr.s6_addr[15] = 1; hdr.greh.protocol = skb->protocol; + hdr.greh.flags = bpf_htons(GRE_KEY); err = bpf_lwt_push_encap(skb, BPF_LWT_ENCAP_IP, &hdr, sizeof(struct encap_hdr)); @@ -82,4 +87,42 @@ int bpf_lwt_encap_gre6(struct __sk_buff *skb) return BPF_LWT_REROUTE; } +SEC("encap_gre_md") +int bpf_lwt_encap_gre_md(struct __sk_buff *skb) +{ + struct bpf_tunnel_key key; + int err; + + __builtin_memset(&key, 0x0, sizeof(key)); + key.remote_ipv4 = 0xac101064; /* 172.16.16.100 - always in host order */ + key.tunnel_ttl = 0x40; + err = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), + BPF_F_ZERO_CSUM_TX | BPF_F_SEQ_NUMBER); + if (err) + return BPF_DROP; + + return BPF_OK; +} + +SEC("encap_gre6_md") +int bpf_lwt_encap_gre6_md(struct __sk_buff *skb) +{ + struct bpf_tunnel_key key; + int err; + + __builtin_memset(&key, 0x0, sizeof(key)); + + /* fb10::1 */ + key.remote_ipv6[0] = bpf_htonl(0xfb100000); + key.remote_ipv6[3] = bpf_htonl(0x01); + key.tunnel_ttl = 0x40; + err = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), + BPF_F_ZERO_CSUM_TX | BPF_F_SEQ_NUMBER | + BPF_F_TUNINFO_IPV6); + if (err) + return BPF_DROP; + + return BPF_OK; +} + char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_lwt_ip_encap.sh b/tools/testing/selftests/bpf/test_lwt_ip_encap.sh deleted file mode 100755 index 6c69c42b1d60..000000000000 --- a/tools/testing/selftests/bpf/test_lwt_ip_encap.sh +++ /dev/null @@ -1,475 +0,0 @@ -#!/bin/bash -# SPDX-License-Identifier: GPL-2.0 -# -# Setup/topology: -# -# NS1 NS2 NS3 -# veth1 <---> veth2 veth3 <---> veth4 (the top route) -# veth5 <---> veth6 veth7 <---> veth8 (the bottom route) -# -# each vethN gets IPv[4|6]_N address -# -# IPv*_SRC = IPv*_1 -# IPv*_DST = IPv*_4 -# -# all tests test pings from IPv*_SRC to IPv*_DST -# -# by default, routes are configured to allow packets to go -# IP*_1 <=> IP*_2 <=> IP*_3 <=> IP*_4 (the top route) -# -# a GRE device is installed in NS3 with IPv*_GRE, and -# NS1/NS2 are configured to route packets to IPv*_GRE via IP*_8 -# (the bottom route) -# -# Tests: -# -# 1. routes NS2->IPv*_DST are brought down, so the only way a ping -# from IP*_SRC to IP*_DST can work is via IPv*_GRE -# -# 2a. in an egress test, a bpf LWT_XMIT program is installed on veth1 -# that encaps the packets with an IP/GRE header to route to IPv*_GRE -# -# ping: SRC->[encap at veth1:egress]->GRE:decap->DST -# ping replies go DST->SRC directly -# -# 2b. in an ingress test, a bpf LWT_IN program is installed on veth2 -# that encaps the packets with an IP/GRE header to route to IPv*_GRE -# -# ping: SRC->[encap at veth2:ingress]->GRE:decap->DST -# ping replies go DST->SRC directly - -if [[ $EUID -ne 0 ]]; then - echo "This script must be run as root" - echo "FAIL" - exit 1 -fi - -readonly NS1="ns1-$(mktemp -u XXXXXX)" -readonly NS2="ns2-$(mktemp -u XXXXXX)" -readonly NS3="ns3-$(mktemp -u XXXXXX)" - -readonly IPv4_1="172.16.1.100" -readonly IPv4_2="172.16.2.100" -readonly IPv4_3="172.16.3.100" -readonly IPv4_4="172.16.4.100" -readonly IPv4_5="172.16.5.100" -readonly IPv4_6="172.16.6.100" -readonly IPv4_7="172.16.7.100" -readonly IPv4_8="172.16.8.100" -readonly IPv4_GRE="172.16.16.100" - -readonly IPv4_SRC=$IPv4_1 -readonly IPv4_DST=$IPv4_4 - -readonly IPv6_1="fb01::1" -readonly IPv6_2="fb02::1" -readonly IPv6_3="fb03::1" -readonly IPv6_4="fb04::1" -readonly IPv6_5="fb05::1" -readonly IPv6_6="fb06::1" -readonly IPv6_7="fb07::1" -readonly IPv6_8="fb08::1" -readonly IPv6_GRE="fb10::1" - -readonly IPv6_SRC=$IPv6_1 -readonly IPv6_DST=$IPv6_4 - -TEST_STATUS=0 -TESTS_SUCCEEDED=0 -TESTS_FAILED=0 - -TMPFILE="" - -process_test_results() -{ - if [[ "${TEST_STATUS}" -eq 0 ]] ; then - echo "PASS" - TESTS_SUCCEEDED=$((TESTS_SUCCEEDED+1)) - else - echo "FAIL" - TESTS_FAILED=$((TESTS_FAILED+1)) - fi -} - -print_test_summary_and_exit() -{ - echo "passed tests: ${TESTS_SUCCEEDED}" - echo "failed tests: ${TESTS_FAILED}" - if [ "${TESTS_FAILED}" -eq "0" ] ; then - exit 0 - else - exit 1 - fi -} - -setup() -{ - set -e # exit on error - TEST_STATUS=0 - - # create devices and namespaces - ip netns add "${NS1}" - ip netns add "${NS2}" - ip netns add "${NS3}" - - # rp_filter gets confused by what these tests are doing, so disable it - ip netns exec ${NS1} sysctl -wq net.ipv4.conf.all.rp_filter=0 - ip netns exec ${NS2} sysctl -wq net.ipv4.conf.all.rp_filter=0 - ip netns exec ${NS3} sysctl -wq net.ipv4.conf.all.rp_filter=0 - ip netns exec ${NS1} sysctl -wq net.ipv4.conf.default.rp_filter=0 - ip netns exec ${NS2} sysctl -wq net.ipv4.conf.default.rp_filter=0 - ip netns exec ${NS3} sysctl -wq net.ipv4.conf.default.rp_filter=0 - - # disable IPv6 DAD because it sometimes takes too long and fails tests - ip netns exec ${NS1} sysctl -wq net.ipv6.conf.all.accept_dad=0 - ip netns exec ${NS2} sysctl -wq net.ipv6.conf.all.accept_dad=0 - ip netns exec ${NS3} sysctl -wq net.ipv6.conf.all.accept_dad=0 - ip netns exec ${NS1} sysctl -wq net.ipv6.conf.default.accept_dad=0 - ip netns exec ${NS2} sysctl -wq net.ipv6.conf.default.accept_dad=0 - ip netns exec ${NS3} sysctl -wq net.ipv6.conf.default.accept_dad=0 - - ip link add veth1 type veth peer name veth2 - ip link add veth3 type veth peer name veth4 - ip link add veth5 type veth peer name veth6 - ip link add veth7 type veth peer name veth8 - - ip netns exec ${NS2} sysctl -wq net.ipv4.ip_forward=1 - ip netns exec ${NS2} sysctl -wq net.ipv6.conf.all.forwarding=1 - - ip link set veth1 netns ${NS1} - ip link set veth2 netns ${NS2} - ip link set veth3 netns ${NS2} - ip link set veth4 netns ${NS3} - ip link set veth5 netns ${NS1} - ip link set veth6 netns ${NS2} - ip link set veth7 netns ${NS2} - ip link set veth8 netns ${NS3} - - if [ ! -z "${VRF}" ] ; then - ip -netns ${NS1} link add red type vrf table 1001 - ip -netns ${NS1} link set red up - ip -netns ${NS1} route add table 1001 unreachable default metric 8192 - ip -netns ${NS1} -6 route add table 1001 unreachable default metric 8192 - ip -netns ${NS1} link set veth1 vrf red - ip -netns ${NS1} link set veth5 vrf red - - ip -netns ${NS2} link add red type vrf table 1001 - ip -netns ${NS2} link set red up - ip -netns ${NS2} route add table 1001 unreachable default metric 8192 - ip -netns ${NS2} -6 route add table 1001 unreachable default metric 8192 - ip -netns ${NS2} link set veth2 vrf red - ip -netns ${NS2} link set veth3 vrf red - ip -netns ${NS2} link set veth6 vrf red - ip -netns ${NS2} link set veth7 vrf red - fi - - # configure addesses: the top route (1-2-3-4) - ip -netns ${NS1} addr add ${IPv4_1}/24 dev veth1 - ip -netns ${NS2} addr add ${IPv4_2}/24 dev veth2 - ip -netns ${NS2} addr add ${IPv4_3}/24 dev veth3 - ip -netns ${NS3} addr add ${IPv4_4}/24 dev veth4 - ip -netns ${NS1} -6 addr add ${IPv6_1}/128 nodad dev veth1 - ip -netns ${NS2} -6 addr add ${IPv6_2}/128 nodad dev veth2 - ip -netns ${NS2} -6 addr add ${IPv6_3}/128 nodad dev veth3 - ip -netns ${NS3} -6 addr add ${IPv6_4}/128 nodad dev veth4 - - # configure addresses: the bottom route (5-6-7-8) - ip -netns ${NS1} addr add ${IPv4_5}/24 dev veth5 - ip -netns ${NS2} addr add ${IPv4_6}/24 dev veth6 - ip -netns ${NS2} addr add ${IPv4_7}/24 dev veth7 - ip -netns ${NS3} addr add ${IPv4_8}/24 dev veth8 - ip -netns ${NS1} -6 addr add ${IPv6_5}/128 nodad dev veth5 - ip -netns ${NS2} -6 addr add ${IPv6_6}/128 nodad dev veth6 - ip -netns ${NS2} -6 addr add ${IPv6_7}/128 nodad dev veth7 - ip -netns ${NS3} -6 addr add ${IPv6_8}/128 nodad dev veth8 - - ip -netns ${NS1} link set dev veth1 up - ip -netns ${NS2} link set dev veth2 up - ip -netns ${NS2} link set dev veth3 up - ip -netns ${NS3} link set dev veth4 up - ip -netns ${NS1} link set dev veth5 up - ip -netns ${NS2} link set dev veth6 up - ip -netns ${NS2} link set dev veth7 up - ip -netns ${NS3} link set dev veth8 up - - # configure routes: IP*_SRC -> veth1/IP*_2 (= top route) default; - # the bottom route to specific bottom addresses - - # NS1 - # top route - ip -netns ${NS1} route add ${IPv4_2}/32 dev veth1 ${VRF} - ip -netns ${NS1} route add default dev veth1 via ${IPv4_2} ${VRF} # go top by default - ip -netns ${NS1} -6 route add ${IPv6_2}/128 dev veth1 ${VRF} - ip -netns ${NS1} -6 route add default dev veth1 via ${IPv6_2} ${VRF} # go top by default - # bottom route - ip -netns ${NS1} route add ${IPv4_6}/32 dev veth5 ${VRF} - ip -netns ${NS1} route add ${IPv4_7}/32 dev veth5 via ${IPv4_6} ${VRF} - ip -netns ${NS1} route add ${IPv4_8}/32 dev veth5 via ${IPv4_6} ${VRF} - ip -netns ${NS1} -6 route add ${IPv6_6}/128 dev veth5 ${VRF} - ip -netns ${NS1} -6 route add ${IPv6_7}/128 dev veth5 via ${IPv6_6} ${VRF} - ip -netns ${NS1} -6 route add ${IPv6_8}/128 dev veth5 via ${IPv6_6} ${VRF} - - # NS2 - # top route - ip -netns ${NS2} route add ${IPv4_1}/32 dev veth2 ${VRF} - ip -netns ${NS2} route add ${IPv4_4}/32 dev veth3 ${VRF} - ip -netns ${NS2} -6 route add ${IPv6_1}/128 dev veth2 ${VRF} - ip -netns ${NS2} -6 route add ${IPv6_4}/128 dev veth3 ${VRF} - # bottom route - ip -netns ${NS2} route add ${IPv4_5}/32 dev veth6 ${VRF} - ip -netns ${NS2} route add ${IPv4_8}/32 dev veth7 ${VRF} - ip -netns ${NS2} -6 route add ${IPv6_5}/128 dev veth6 ${VRF} - ip -netns ${NS2} -6 route add ${IPv6_8}/128 dev veth7 ${VRF} - - # NS3 - # top route - ip -netns ${NS3} route add ${IPv4_3}/32 dev veth4 - ip -netns ${NS3} route add ${IPv4_1}/32 dev veth4 via ${IPv4_3} - ip -netns ${NS3} route add ${IPv4_2}/32 dev veth4 via ${IPv4_3} - ip -netns ${NS3} -6 route add ${IPv6_3}/128 dev veth4 - ip -netns ${NS3} -6 route add ${IPv6_1}/128 dev veth4 via ${IPv6_3} - ip -netns ${NS3} -6 route add ${IPv6_2}/128 dev veth4 via ${IPv6_3} - # bottom route - ip -netns ${NS3} route add ${IPv4_7}/32 dev veth8 - ip -netns ${NS3} route add ${IPv4_5}/32 dev veth8 via ${IPv4_7} - ip -netns ${NS3} route add ${IPv4_6}/32 dev veth8 via ${IPv4_7} - ip -netns ${NS3} -6 route add ${IPv6_7}/128 dev veth8 - ip -netns ${NS3} -6 route add ${IPv6_5}/128 dev veth8 via ${IPv6_7} - ip -netns ${NS3} -6 route add ${IPv6_6}/128 dev veth8 via ${IPv6_7} - - # configure IPv4 GRE device in NS3, and a route to it via the "bottom" route - ip -netns ${NS3} tunnel add gre_dev mode gre remote ${IPv4_1} local ${IPv4_GRE} ttl 255 - ip -netns ${NS3} link set gre_dev up - ip -netns ${NS3} addr add ${IPv4_GRE} dev gre_dev - ip -netns ${NS1} route add ${IPv4_GRE}/32 dev veth5 via ${IPv4_6} ${VRF} - ip -netns ${NS2} route add ${IPv4_GRE}/32 dev veth7 via ${IPv4_8} ${VRF} - - - # configure IPv6 GRE device in NS3, and a route to it via the "bottom" route - ip -netns ${NS3} -6 tunnel add name gre6_dev mode ip6gre remote ${IPv6_1} local ${IPv6_GRE} ttl 255 - ip -netns ${NS3} link set gre6_dev up - ip -netns ${NS3} -6 addr add ${IPv6_GRE} nodad dev gre6_dev - ip -netns ${NS1} -6 route add ${IPv6_GRE}/128 dev veth5 via ${IPv6_6} ${VRF} - ip -netns ${NS2} -6 route add ${IPv6_GRE}/128 dev veth7 via ${IPv6_8} ${VRF} - - TMPFILE=$(mktemp /tmp/test_lwt_ip_encap.XXXXXX) - - sleep 1 # reduce flakiness - set +e -} - -cleanup() -{ - if [ -f ${TMPFILE} ] ; then - rm ${TMPFILE} - fi - - ip netns del ${NS1} 2> /dev/null - ip netns del ${NS2} 2> /dev/null - ip netns del ${NS3} 2> /dev/null -} - -trap cleanup EXIT - -remove_routes_to_gredev() -{ - ip -netns ${NS1} route del ${IPv4_GRE} dev veth5 ${VRF} - ip -netns ${NS2} route del ${IPv4_GRE} dev veth7 ${VRF} - ip -netns ${NS1} -6 route del ${IPv6_GRE}/128 dev veth5 ${VRF} - ip -netns ${NS2} -6 route del ${IPv6_GRE}/128 dev veth7 ${VRF} -} - -add_unreachable_routes_to_gredev() -{ - ip -netns ${NS1} route add unreachable ${IPv4_GRE}/32 ${VRF} - ip -netns ${NS2} route add unreachable ${IPv4_GRE}/32 ${VRF} - ip -netns ${NS1} -6 route add unreachable ${IPv6_GRE}/128 ${VRF} - ip -netns ${NS2} -6 route add unreachable ${IPv6_GRE}/128 ${VRF} -} - -test_ping() -{ - local readonly PROTO=$1 - local readonly EXPECTED=$2 - local RET=0 - - if [ "${PROTO}" == "IPv4" ] ; then - ip netns exec ${NS1} ping -c 1 -W 1 -I veth1 ${IPv4_DST} 2>&1 > /dev/null - RET=$? - elif [ "${PROTO}" == "IPv6" ] ; then - ip netns exec ${NS1} ping6 -c 1 -W 1 -I veth1 ${IPv6_DST} 2>&1 > /dev/null - RET=$? - else - echo " test_ping: unknown PROTO: ${PROTO}" - TEST_STATUS=1 - fi - - if [ "0" != "${RET}" ]; then - RET=1 - fi - - if [ "${EXPECTED}" != "${RET}" ] ; then - echo " test_ping failed: expected: ${EXPECTED}; got ${RET}" - TEST_STATUS=1 - fi -} - -test_gso() -{ - local readonly PROTO=$1 - local readonly PKT_SZ=5000 - local IP_DST="" - : > ${TMPFILE} # trim the capture file - - # check that nc is present - command -v nc >/dev/null 2>&1 || \ - { echo >&2 "nc is not available: skipping TSO tests"; return; } - - # listen on port 9000, capture TCP into $TMPFILE - if [ "${PROTO}" == "IPv4" ] ; then - IP_DST=${IPv4_DST} - ip netns exec ${NS3} bash -c \ - "nc -4 -l -p 9000 > ${TMPFILE} &" - elif [ "${PROTO}" == "IPv6" ] ; then - IP_DST=${IPv6_DST} - ip netns exec ${NS3} bash -c \ - "nc -6 -l -p 9000 > ${TMPFILE} &" - RET=$? - else - echo " test_gso: unknown PROTO: ${PROTO}" - TEST_STATUS=1 - fi - sleep 1 # let nc start listening - - # send a packet larger than MTU - ip netns exec ${NS1} bash -c \ - "dd if=/dev/zero bs=$PKT_SZ count=1 > /dev/tcp/${IP_DST}/9000 2>/dev/null" - sleep 2 # let the packet get delivered - - # verify we received all expected bytes - SZ=$(stat -c %s ${TMPFILE}) - if [ "$SZ" != "$PKT_SZ" ] ; then - echo " test_gso failed: ${PROTO}" - TEST_STATUS=1 - fi -} - -test_egress() -{ - local readonly ENCAP=$1 - echo "starting egress ${ENCAP} encap test ${VRF}" - setup - - # by default, pings work - test_ping IPv4 0 - test_ping IPv6 0 - - # remove NS2->DST routes, ping fails - ip -netns ${NS2} route del ${IPv4_DST}/32 dev veth3 ${VRF} - ip -netns ${NS2} -6 route del ${IPv6_DST}/128 dev veth3 ${VRF} - test_ping IPv4 1 - test_ping IPv6 1 - - # install replacement routes (LWT/eBPF), pings succeed - if [ "${ENCAP}" == "IPv4" ] ; then - ip -netns ${NS1} route add ${IPv4_DST} encap bpf xmit obj \ - test_lwt_ip_encap.o sec encap_gre dev veth1 ${VRF} - ip -netns ${NS1} -6 route add ${IPv6_DST} encap bpf xmit obj \ - test_lwt_ip_encap.o sec encap_gre dev veth1 ${VRF} - elif [ "${ENCAP}" == "IPv6" ] ; then - ip -netns ${NS1} route add ${IPv4_DST} encap bpf xmit obj \ - test_lwt_ip_encap.o sec encap_gre6 dev veth1 ${VRF} - ip -netns ${NS1} -6 route add ${IPv6_DST} encap bpf xmit obj \ - test_lwt_ip_encap.o sec encap_gre6 dev veth1 ${VRF} - else - echo " unknown encap ${ENCAP}" - TEST_STATUS=1 - fi - test_ping IPv4 0 - test_ping IPv6 0 - - # skip GSO tests with VRF: VRF routing needs properly assigned - # source IP/device, which is easy to do with ping and hard with dd/nc. - if [ -z "${VRF}" ] ; then - test_gso IPv4 - test_gso IPv6 - fi - - # a negative test: remove routes to GRE devices: ping fails - remove_routes_to_gredev - test_ping IPv4 1 - test_ping IPv6 1 - - # another negative test - add_unreachable_routes_to_gredev - test_ping IPv4 1 - test_ping IPv6 1 - - cleanup - process_test_results -} - -test_ingress() -{ - local readonly ENCAP=$1 - echo "starting ingress ${ENCAP} encap test ${VRF}" - setup - - # need to wait a bit for IPv6 to autoconf, otherwise - # ping6 sometimes fails with "unable to bind to address" - - # by default, pings work - test_ping IPv4 0 - test_ping IPv6 0 - - # remove NS2->DST routes, pings fail - ip -netns ${NS2} route del ${IPv4_DST}/32 dev veth3 ${VRF} - ip -netns ${NS2} -6 route del ${IPv6_DST}/128 dev veth3 ${VRF} - test_ping IPv4 1 - test_ping IPv6 1 - - # install replacement routes (LWT/eBPF), pings succeed - if [ "${ENCAP}" == "IPv4" ] ; then - ip -netns ${NS2} route add ${IPv4_DST} encap bpf in obj \ - test_lwt_ip_encap.o sec encap_gre dev veth2 ${VRF} - ip -netns ${NS2} -6 route add ${IPv6_DST} encap bpf in obj \ - test_lwt_ip_encap.o sec encap_gre dev veth2 ${VRF} - elif [ "${ENCAP}" == "IPv6" ] ; then - ip -netns ${NS2} route add ${IPv4_DST} encap bpf in obj \ - test_lwt_ip_encap.o sec encap_gre6 dev veth2 ${VRF} - ip -netns ${NS2} -6 route add ${IPv6_DST} encap bpf in obj \ - test_lwt_ip_encap.o sec encap_gre6 dev veth2 ${VRF} - else - echo "FAIL: unknown encap ${ENCAP}" - TEST_STATUS=1 - fi - test_ping IPv4 0 - test_ping IPv6 0 - - # a negative test: remove routes to GRE devices: ping fails - remove_routes_to_gredev - test_ping IPv4 1 - test_ping IPv6 1 - - # another negative test - add_unreachable_routes_to_gredev - test_ping IPv4 1 - test_ping IPv6 1 - - cleanup - process_test_results -} - -VRF="" -test_egress IPv4 -test_egress IPv6 -test_ingress IPv4 -test_ingress IPv6 - -VRF="vrf red" -test_egress IPv4 -test_egress IPv6 -test_ingress IPv4 -test_ingress IPv6 - -print_test_summary_and_exit -- 2.34.1

2 years, 8 months

3
3
0 0

[PATCH AUTOSEL 5.15 16/20] testing: selftests: nft_flowtable.sh: use random netns names

by Sasha Levin

From: Florian Westphal <fw(a)strlen.de> [ Upstream commit b71b7bfeac38c7a21c423ddafb29aa6258949df8 ] "ns1" is a too generic name, use a random suffix to avoid errors when such a netns exists. Also allows to run multiple instances of the script in parallel. Signed-off-by: Florian Westphal <fw(a)strlen.de> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- .../selftests/netfilter/nft_flowtable.sh | 246 +++++++++--------- 1 file changed, 128 insertions(+), 118 deletions(-) diff --git a/tools/testing/selftests/netfilter/nft_flowtable.sh b/tools/testing/selftests/netfilter/nft_flowtable.sh index d4ffebb989f8..c336e6c148d1 100755 --- a/tools/testing/selftests/netfilter/nft_flowtable.sh +++ b/tools/testing/selftests/netfilter/nft_flowtable.sh @@ -14,6 +14,11 @@ # nft_flowtable.sh -o8000 -l1500 -r2000 # +sfx=$(mktemp -u "XXXXXXXX") +ns1="ns1-$sfx" +ns2="ns2-$sfx" +nsr1="nsr1-$sfx" +nsr2="nsr2-$sfx" # Kselftest framework requirement - SKIP code is 4. ksft_skip=4 @@ -36,18 +41,17 @@ checktool (){ checktool "nft --version" "run test without nft tool" checktool "ip -Version" "run test without ip tool" checktool "which nc" "run test without nc (netcat)" -checktool "ip netns add nsr1" "create net namespace" +checktool "ip netns add $nsr1" "create net namespace $nsr1" -ip netns add ns1 -ip netns add ns2 - -ip netns add nsr2 +ip netns add $ns1 +ip netns add $ns2 +ip netns add $nsr2 cleanup() { - for i in 1 2; do - ip netns del ns$i - ip netns del nsr$i - done + ip netns del $ns1 + ip netns del $ns2 + ip netns del $nsr1 + ip netns del $nsr2 rm -f "$ns1in" "$ns1out" rm -f "$ns2in" "$ns2out" @@ -59,22 +63,21 @@ trap cleanup EXIT sysctl -q net.netfilter.nf_log_all_netns=1 -ip link add veth0 netns nsr1 type veth peer name eth0 netns ns1 -ip link add veth1 netns nsr1 type veth peer name veth0 netns nsr2 +ip link add veth0 netns $nsr1 type veth peer name eth0 netns $ns1 +ip link add veth1 netns $nsr1 type veth peer name veth0 netns $nsr2 -ip link add veth1 netns nsr2 type veth peer name eth0 netns ns2 +ip link add veth1 netns $nsr2 type veth peer name eth0 netns $ns2 for dev in lo veth0 veth1; do - for i in 1 2; do - ip -net nsr$i link set $dev up - done + ip -net $nsr1 link set $dev up + ip -net $nsr2 link set $dev up done -ip -net nsr1 addr add 10.0.1.1/24 dev veth0 -ip -net nsr1 addr add dead:1::1/64 dev veth0 +ip -net $nsr1 addr add 10.0.1.1/24 dev veth0 +ip -net $nsr1 addr add dead:1::1/64 dev veth0 -ip -net nsr2 addr add 10.0.2.1/24 dev veth1 -ip -net nsr2 addr add dead:2::1/64 dev veth1 +ip -net $nsr2 addr add 10.0.2.1/24 dev veth1 +ip -net $nsr2 addr add dead:2::1/64 dev veth1 # set different MTUs so we need to push packets coming from ns1 (large MTU) # to ns2 (smaller MTU) to stack either to perform fragmentation (ip_no_pmtu_disc=1), @@ -106,49 +109,56 @@ do esac done -if ! ip -net nsr1 link set veth0 mtu $omtu; then +if ! ip -net $nsr1 link set veth0 mtu $omtu; then exit 1 fi -ip -net ns1 link set eth0 mtu $omtu +ip -net $ns1 link set eth0 mtu $omtu -if ! ip -net nsr2 link set veth1 mtu $rmtu; then +if ! ip -net $nsr2 link set veth1 mtu $rmtu; then exit 1 fi -ip -net ns2 link set eth0 mtu $rmtu +ip -net $ns2 link set eth0 mtu $rmtu # transfer-net between nsr1 and nsr2. # these addresses are not used for connections. -ip -net nsr1 addr add 192.168.10.1/24 dev veth1 -ip -net nsr1 addr add fee1:2::1/64 dev veth1 - -ip -net nsr2 addr add 192.168.10.2/24 dev veth0 -ip -net nsr2 addr add fee1:2::2/64 dev veth0 - -for i in 1 2; do - ip netns exec nsr$i sysctl net.ipv4.conf.veth0.forwarding=1 > /dev/null - ip netns exec nsr$i sysctl net.ipv4.conf.veth1.forwarding=1 > /dev/null - - ip -net ns$i link set lo up - ip -net ns$i link set eth0 up - ip -net ns$i addr add 10.0.$i.99/24 dev eth0 - ip -net ns$i route add default via 10.0.$i.1 - ip -net ns$i addr add dead:$i::99/64 dev eth0 - ip -net ns$i route add default via dead:$i::1 - if ! ip netns exec ns$i sysctl net.ipv4.tcp_no_metrics_save=1 > /dev/null; then +ip -net $nsr1 addr add 192.168.10.1/24 dev veth1 +ip -net $nsr1 addr add fee1:2::1/64 dev veth1 + +ip -net $nsr2 addr add 192.168.10.2/24 dev veth0 +ip -net $nsr2 addr add fee1:2::2/64 dev veth0 + +for i in 0 1; do + ip netns exec $nsr1 sysctl net.ipv4.conf.veth$i.forwarding=1 > /dev/null + ip netns exec $nsr2 sysctl net.ipv4.conf.veth$i.forwarding=1 > /dev/null +done + +for ns in $ns1 $ns2;do + ip -net $ns link set lo up + ip -net $ns link set eth0 up + + if ! ip netns exec $ns sysctl net.ipv4.tcp_no_metrics_save=1 > /dev/null; then echo "ERROR: Check Originator/Responder values (problem during address addition)" exit 1 fi - # don't set ip DF bit for first two tests - ip netns exec ns$i sysctl net.ipv4.ip_no_pmtu_disc=1 > /dev/null + ip netns exec $ns sysctl net.ipv4.ip_no_pmtu_disc=1 > /dev/null done -ip -net nsr1 route add default via 192.168.10.2 -ip -net nsr2 route add default via 192.168.10.1 +ip -net $ns1 addr add 10.0.1.99/24 dev eth0 +ip -net $ns2 addr add 10.0.2.99/24 dev eth0 +ip -net $ns1 route add default via 10.0.1.1 +ip -net $ns2 route add default via 10.0.2.1 +ip -net $ns1 addr add dead:1::99/64 dev eth0 +ip -net $ns2 addr add dead:2::99/64 dev eth0 +ip -net $ns1 route add default via dead:1::1 +ip -net $ns2 route add default via dead:2::1 + +ip -net $nsr1 route add default via 192.168.10.2 +ip -net $nsr2 route add default via 192.168.10.1 -ip netns exec nsr1 nft -f - <<EOF +ip netns exec $nsr1 nft -f - <<EOF table inet filter { flowtable f1 { hook ingress priority 0 @@ -197,18 +207,18 @@ if [ $? -ne 0 ]; then fi # test basic connectivity -if ! ip netns exec ns1 ping -c 1 -q 10.0.2.99 > /dev/null; then - echo "ERROR: ns1 cannot reach ns2" 1>&2 +if ! ip netns exec $ns1 ping -c 1 -q 10.0.2.99 > /dev/null; then + echo "ERROR: $ns1 cannot reach ns2" 1>&2 exit 1 fi -if ! ip netns exec ns2 ping -c 1 -q 10.0.1.99 > /dev/null; then - echo "ERROR: ns2 cannot reach ns1" 1>&2 +if ! ip netns exec $ns2 ping -c 1 -q 10.0.1.99 > /dev/null; then + echo "ERROR: $ns2 cannot reach $ns1" 1>&2 exit 1 fi if [ $ret -eq 0 ];then - echo "PASS: netns routing/connectivity: ns1 can reach ns2" + echo "PASS: netns routing/connectivity: $ns1 can reach $ns2" fi ns1in=$(mktemp) @@ -312,24 +322,24 @@ make_file "$ns2in" # First test: # No PMTU discovery, nsr1 is expected to fragment packets from ns1 to ns2 as needed. -if test_tcp_forwarding ns1 ns2; then +if test_tcp_forwarding $ns1 $ns2; then echo "PASS: flow offloaded for ns1/ns2" else echo "FAIL: flow offload for ns1/ns2:" 1>&2 - ip netns exec nsr1 nft list ruleset + ip netns exec $nsr1 nft list ruleset ret=1 fi # delete default route, i.e. ns2 won't be able to reach ns1 and # will depend on ns1 being masqueraded in nsr1. # expect ns1 has nsr1 address. -ip -net ns2 route del default via 10.0.2.1 -ip -net ns2 route del default via dead:2::1 -ip -net ns2 route add 192.168.10.1 via 10.0.2.1 +ip -net $ns2 route del default via 10.0.2.1 +ip -net $ns2 route del default via dead:2::1 +ip -net $ns2 route add 192.168.10.1 via 10.0.2.1 # Second test: # Same, but with NAT enabled. -ip netns exec nsr1 nft -f - <<EOF +ip netns exec $nsr1 nft -f - <<EOF table ip nat { chain prerouting { type nat hook prerouting priority 0; policy accept; @@ -343,47 +353,47 @@ table ip nat { } EOF -if test_tcp_forwarding_nat ns1 ns2; then +if test_tcp_forwarding_nat $ns1 $ns2; then echo "PASS: flow offloaded for ns1/ns2 with NAT" else echo "FAIL: flow offload for ns1/ns2 with NAT" 1>&2 - ip netns exec nsr1 nft list ruleset + ip netns exec $nsr1 nft list ruleset ret=1 fi # Third test: # Same as second test, but with PMTU discovery enabled. -handle=$(ip netns exec nsr1 nft -a list table inet filter | grep something-to-grep-for | cut -d \# -f 2) +handle=$(ip netns exec $nsr1 nft -a list table inet filter | grep something-to-grep-for | cut -d \# -f 2) -if ! ip netns exec nsr1 nft delete rule inet filter forward $handle; then +if ! ip netns exec $nsr1 nft delete rule inet filter forward $handle; then echo "FAIL: Could not delete large-packet accept rule" exit 1 fi -ip netns exec ns1 sysctl net.ipv4.ip_no_pmtu_disc=0 > /dev/null -ip netns exec ns2 sysctl net.ipv4.ip_no_pmtu_disc=0 > /dev/null +ip netns exec $ns1 sysctl net.ipv4.ip_no_pmtu_disc=0 > /dev/null +ip netns exec $ns2 sysctl net.ipv4.ip_no_pmtu_disc=0 > /dev/null -if test_tcp_forwarding_nat ns1 ns2; then +if test_tcp_forwarding_nat $ns1 $ns2; then echo "PASS: flow offloaded for ns1/ns2 with NAT and pmtu discovery" else echo "FAIL: flow offload for ns1/ns2 with NAT and pmtu discovery" 1>&2 - ip netns exec nsr1 nft list ruleset + ip netns exec $nsr1 nft list ruleset fi # Another test: # Add bridge interface br0 to Router1, with NAT enabled. -ip -net nsr1 link add name br0 type bridge -ip -net nsr1 addr flush dev veth0 -ip -net nsr1 link set up dev veth0 -ip -net nsr1 link set veth0 master br0 -ip -net nsr1 addr add 10.0.1.1/24 dev br0 -ip -net nsr1 addr add dead:1::1/64 dev br0 -ip -net nsr1 link set up dev br0 +ip -net $nsr1 link add name br0 type bridge +ip -net $nsr1 addr flush dev veth0 +ip -net $nsr1 link set up dev veth0 +ip -net $nsr1 link set veth0 master br0 +ip -net $nsr1 addr add 10.0.1.1/24 dev br0 +ip -net $nsr1 addr add dead:1::1/64 dev br0 +ip -net $nsr1 link set up dev br0 -ip netns exec nsr1 sysctl net.ipv4.conf.br0.forwarding=1 > /dev/null +ip netns exec $nsr1 sysctl net.ipv4.conf.br0.forwarding=1 > /dev/null # br0 with NAT enabled. -ip netns exec nsr1 nft -f - <<EOF +ip netns exec $nsr1 nft -f - <<EOF flush table ip nat table ip nat { chain prerouting { @@ -398,59 +408,59 @@ table ip nat { } EOF -if test_tcp_forwarding_nat ns1 ns2; then +if test_tcp_forwarding_nat $ns1 $ns2; then echo "PASS: flow offloaded for ns1/ns2 with bridge NAT" else echo "FAIL: flow offload for ns1/ns2 with bridge NAT" 1>&2 - ip netns exec nsr1 nft list ruleset + ip netns exec $nsr1 nft list ruleset ret=1 fi # Another test: # Add bridge interface br0 to Router1, with NAT and VLAN. -ip -net nsr1 link set veth0 nomaster -ip -net nsr1 link set down dev veth0 -ip -net nsr1 link add link veth0 name veth0.10 type vlan id 10 -ip -net nsr1 link set up dev veth0 -ip -net nsr1 link set up dev veth0.10 -ip -net nsr1 link set veth0.10 master br0 - -ip -net ns1 addr flush dev eth0 -ip -net ns1 link add link eth0 name eth0.10 type vlan id 10 -ip -net ns1 link set eth0 up -ip -net ns1 link set eth0.10 up -ip -net ns1 addr add 10.0.1.99/24 dev eth0.10 -ip -net ns1 route add default via 10.0.1.1 -ip -net ns1 addr add dead:1::99/64 dev eth0.10 - -if test_tcp_forwarding_nat ns1 ns2; then +ip -net $nsr1 link set veth0 nomaster +ip -net $nsr1 link set down dev veth0 +ip -net $nsr1 link add link veth0 name veth0.10 type vlan id 10 +ip -net $nsr1 link set up dev veth0 +ip -net $nsr1 link set up dev veth0.10 +ip -net $nsr1 link set veth0.10 master br0 + +ip -net $ns1 addr flush dev eth0 +ip -net $ns1 link add link eth0 name eth0.10 type vlan id 10 +ip -net $ns1 link set eth0 up +ip -net $ns1 link set eth0.10 up +ip -net $ns1 addr add 10.0.1.99/24 dev eth0.10 +ip -net $ns1 route add default via 10.0.1.1 +ip -net $ns1 addr add dead:1::99/64 dev eth0.10 + +if test_tcp_forwarding_nat $ns1 $ns2; then echo "PASS: flow offloaded for ns1/ns2 with bridge NAT and VLAN" else echo "FAIL: flow offload for ns1/ns2 with bridge NAT and VLAN" 1>&2 - ip netns exec nsr1 nft list ruleset + ip netns exec $nsr1 nft list ruleset ret=1 fi # restore test topology (remove bridge and VLAN) -ip -net nsr1 link set veth0 nomaster -ip -net nsr1 link set veth0 down -ip -net nsr1 link set veth0.10 down -ip -net nsr1 link delete veth0.10 type vlan -ip -net nsr1 link delete br0 type bridge -ip -net ns1 addr flush dev eth0.10 -ip -net ns1 link set eth0.10 down -ip -net ns1 link set eth0 down -ip -net ns1 link delete eth0.10 type vlan +ip -net $nsr1 link set veth0 nomaster +ip -net $nsr1 link set veth0 down +ip -net $nsr1 link set veth0.10 down +ip -net $nsr1 link delete veth0.10 type vlan +ip -net $nsr1 link delete br0 type bridge +ip -net $ns1 addr flush dev eth0.10 +ip -net $ns1 link set eth0.10 down +ip -net $ns1 link set eth0 down +ip -net $ns1 link delete eth0.10 type vlan # restore address in ns1 and nsr1 -ip -net ns1 link set eth0 up -ip -net ns1 addr add 10.0.1.99/24 dev eth0 -ip -net ns1 route add default via 10.0.1.1 -ip -net ns1 addr add dead:1::99/64 dev eth0 -ip -net ns1 route add default via dead:1::1 -ip -net nsr1 addr add 10.0.1.1/24 dev veth0 -ip -net nsr1 addr add dead:1::1/64 dev veth0 -ip -net nsr1 link set up dev veth0 +ip -net $ns1 link set eth0 up +ip -net $ns1 addr add 10.0.1.99/24 dev eth0 +ip -net $ns1 route add default via 10.0.1.1 +ip -net $ns1 addr add dead:1::99/64 dev eth0 +ip -net $ns1 route add default via dead:1::1 +ip -net $nsr1 addr add 10.0.1.1/24 dev veth0 +ip -net $nsr1 addr add dead:1::1/64 dev veth0 +ip -net $nsr1 link set up dev veth0 KEY_SHA="0x"$(ps -xaf | sha1sum | cut -d " " -f 1) KEY_AES="0x"$(ps -xaf | md5sum | cut -d " " -f 1) @@ -480,23 +490,23 @@ do_esp() { } -do_esp nsr1 192.168.10.1 192.168.10.2 10.0.1.0/24 10.0.2.0/24 $SPI1 $SPI2 +do_esp $nsr1 192.168.10.1 192.168.10.2 10.0.1.0/24 10.0.2.0/24 $SPI1 $SPI2 -do_esp nsr2 192.168.10.2 192.168.10.1 10.0.2.0/24 10.0.1.0/24 $SPI2 $SPI1 +do_esp $nsr2 192.168.10.2 192.168.10.1 10.0.2.0/24 10.0.1.0/24 $SPI2 $SPI1 -ip netns exec nsr1 nft delete table ip nat +ip netns exec $nsr1 nft delete table ip nat # restore default routes -ip -net ns2 route del 192.168.10.1 via 10.0.2.1 -ip -net ns2 route add default via 10.0.2.1 -ip -net ns2 route add default via dead:2::1 +ip -net $ns2 route del 192.168.10.1 via 10.0.2.1 +ip -net $ns2 route add default via 10.0.2.1 +ip -net $ns2 route add default via dead:2::1 -if test_tcp_forwarding ns1 ns2; then +if test_tcp_forwarding $ns1 $ns2; then echo "PASS: ipsec tunnel mode for ns1/ns2" else echo "FAIL: ipsec tunnel mode for ns1/ns2" - ip netns exec nsr1 nft list ruleset 1>&2 - ip netns exec nsr1 cat /proc/net/xfrm_stat 1>&2 + ip netns exec $nsr1 nft list ruleset 1>&2 + ip netns exec $nsr1 cat /proc/net/xfrm_stat 1>&2 fi exit $ret -- 2.35.1

2 years, 8 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror