- Linux-kselftest-mirror - lists.linaro.org

[PATCH v2 1/5] kunit: string-stream: Simplify resource use

by Daniel Latypov

From: David Gow <davidgow(a)google.com> Currently, KUnit's string streams are themselves "KUnit resources". This is redundant since the stream itself is already allocated with kunit_kzalloc() and will thus be freed automatically at the end of the test. string-stream is only used internally within KUnit, and isn't using the extra features that resources provide like reference counting, being able to locate them dynamically as "test-local variables", etc. Indeed, the resource's refcount is never incremented when the pointer is returned. The fact that it's always manually destroyed is more evidence that the reference counting is unused. Signed-off-by: David Gow <davidgow(a)google.com> Signed-off-by: Daniel Latypov <dlatypov(a)google.com> --- v1 -> v2: no changes --- lib/kunit/string-stream.c | 90 +++++++-------------------------------- lib/kunit/string-stream.h | 2 +- lib/kunit/test.c | 2 +- 3 files changed, 18 insertions(+), 76 deletions(-) diff --git a/lib/kunit/string-stream.c b/lib/kunit/string-stream.c index 141789ca8949..a2496abef152 100644 --- a/lib/kunit/string-stream.c +++ b/lib/kunit/string-stream.c @@ -12,64 +12,31 @@ #include "string-stream.h" -struct string_stream_fragment_alloc_context { - struct kunit *test; - int len; - gfp_t gfp; -}; -static int string_stream_fragment_init(struct kunit_resource *res, - void *context) +static struct string_stream_fragment *alloc_string_stream_fragment( + struct kunit *test, int len, gfp_t gfp) { - struct string_stream_fragment_alloc_context *ctx = context; struct string_stream_fragment *frag; - frag = kunit_kzalloc(ctx->test, sizeof(*frag), ctx->gfp); + frag = kunit_kzalloc(test, sizeof(*frag), gfp); if (!frag) - return -ENOMEM; + return ERR_PTR(-ENOMEM); - frag->test = ctx->test; - frag->fragment = kunit_kmalloc(ctx->test, ctx->len, ctx->gfp); + frag->test = test; + frag->fragment = kunit_kmalloc(test, len, gfp); if (!frag->fragment) - return -ENOMEM; + return ERR_PTR(-ENOMEM); - res->data = frag; - - return 0; + return frag; } -static void string_stream_fragment_free(struct kunit_resource *res) +static void string_stream_fragment_destroy(struct string_stream_fragment *frag) { - struct string_stream_fragment *frag = res->data; - list_del(&frag->node); kunit_kfree(frag->test, frag->fragment); kunit_kfree(frag->test, frag); } -static struct string_stream_fragment *alloc_string_stream_fragment( - struct kunit *test, int len, gfp_t gfp) -{ - struct string_stream_fragment_alloc_context context = { - .test = test, - .len = len, - .gfp = gfp - }; - - return kunit_alloc_resource(test, - string_stream_fragment_init, - string_stream_fragment_free, - gfp, - &context); -} - -static int string_stream_fragment_destroy(struct string_stream_fragment *frag) -{ - return kunit_destroy_resource(frag->test, - kunit_resource_instance_match, - frag); -} - int string_stream_vadd(struct string_stream *stream, const char *fmt, va_list args) @@ -169,48 +136,23 @@ struct string_stream_alloc_context { gfp_t gfp; }; -static int string_stream_init(struct kunit_resource *res, void *context) +struct string_stream *alloc_string_stream(struct kunit *test, gfp_t gfp) { struct string_stream *stream; - struct string_stream_alloc_context *ctx = context; - stream = kunit_kzalloc(ctx->test, sizeof(*stream), ctx->gfp); + stream = kunit_kzalloc(test, sizeof(*stream), gfp); if (!stream) - return -ENOMEM; + return ERR_PTR(-ENOMEM); - res->data = stream; - stream->gfp = ctx->gfp; - stream->test = ctx->test; + stream->gfp = gfp; + stream->test = test; INIT_LIST_HEAD(&stream->fragments); spin_lock_init(&stream->lock); - return 0; + return stream; } -static void string_stream_free(struct kunit_resource *res) +void string_stream_destroy(struct string_stream *stream) { - struct string_stream *stream = res->data; - string_stream_clear(stream); } - -struct string_stream *alloc_string_stream(struct kunit *test, gfp_t gfp) -{ - struct string_stream_alloc_context context = { - .test = test, - .gfp = gfp - }; - - return kunit_alloc_resource(test, - string_stream_init, - string_stream_free, - gfp, - &context); -} - -int string_stream_destroy(struct string_stream *stream) -{ - return kunit_destroy_resource(stream->test, - kunit_resource_instance_match, - stream); -} diff --git a/lib/kunit/string-stream.h b/lib/kunit/string-stream.h index 43f9508a55b4..494dee0f24bd 100644 --- a/lib/kunit/string-stream.h +++ b/lib/kunit/string-stream.h @@ -46,6 +46,6 @@ int string_stream_append(struct string_stream *stream, bool string_stream_is_empty(struct string_stream *stream); -int string_stream_destroy(struct string_stream *stream); +void string_stream_destroy(struct string_stream *stream); #endif /* _KUNIT_STRING_STREAM_H */ diff --git a/lib/kunit/test.c b/lib/kunit/test.c index b73d5bb5c473..0fb2771ca03e 100644 --- a/lib/kunit/test.c +++ b/lib/kunit/test.c @@ -267,7 +267,7 @@ static void kunit_fail(struct kunit *test, const struct kunit_loc *loc, kunit_print_string_stream(test, stream); - WARN_ON(string_stream_destroy(stream)); + string_stream_destroy(stream); } static void __noreturn kunit_abort(struct kunit *test) base-commit: 94681e289bf5d10c9db9db143d1a22d8717205c5 -- 2.37.1.359.gd136c6c3e2-goog

2 years, 8 months

3
10
0 0

[PATCH v1 0/9] KVM: s390: Extend MEM_OP ioctl by storage key checked cmpxchg

by Janis Schoetterl-Glausch

User space can use the MEM_OP ioctl to make storage key checked reads and writes to the guest, however, it has no way of performing atomic, key checked, accesses to the guest. Extend the MEM_OP ioctl in order to allow for this, by adding a cmpxchg mode. For now, support this mode for absolute accesses only. This mode can be use, for example, to set the device-state-change indicator and the adapter-local-summary indicator atomically. Janis Schoetterl-Glausch (9): s390/uaccess: Add storage key checked cmpxchg access to user space KVM: s390: Extend MEM_OP ioctl by storage key checked cmpxchg Documentation: KVM: s390: Describe KVM_S390_MEMOP_F_CMPXCHG KVM: s390: selftest: memop: Pass mop_desc via pointer KVM: s390: selftest: memop: Replace macros by functions KVM: s390: selftest: memop: Add bad address test KVM: s390: selftest: memop: Add cmpxchg tests KVM: s390: selftest: memop: Fix typo KVM: s390: selftest: memop: Fix wrong address being used in test Documentation/virt/kvm/api.rst | 18 +- include/uapi/linux/kvm.h | 5 + arch/s390/include/asm/uaccess.h | 187 ++++++ arch/s390/kvm/gaccess.h | 4 + arch/s390/kvm/gaccess.c | 56 ++ arch/s390/kvm/kvm-s390.c | 50 +- tools/testing/selftests/kvm/s390x/memop.c | 704 +++++++++++++++++----- 7 files changed, 874 insertions(+), 150 deletions(-) base-commit: f76349cf41451c5c42a99f18a9163377e4b364ff -- 2.34.1

2 years, 8 months

5
21
0 0

[PATCH RESEND] selftests/ftrace: func_event_triggers: fix typo in user message

by Randy Dunlap

Correct typo of "it's" to "it". Signed-off-by: Randy Dunlap <rdunlap(a)infradead.org> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: linux-kselftest(a)vger.kernel.org --- tools/testing/selftests/ftrace/test.d/ftrace/func_event_triggers.tc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- linux-next-20211224.orig/tools/testing/selftests/ftrace/test.d/ftrace/func_event_triggers.tc +++ linux-next-20211224/tools/testing/selftests/ftrace/test.d/ftrace/func_event_triggers.tc @@ -85,7 +85,7 @@ run_enable_disable() { echo $check_disable > $EVENT_ENABLE done sleep $SLEEP_TIME - echo " make sure it's still works" + echo " make sure it still works" test_event_enabled $check_enable_star reset_ftrace_filter

2 years, 8 months

2
1
0 0

[PATCH 0/6] Add _opts variant for bpf_*_get_fd_by_id()

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> Add the _opts variant for bpf_*_get_fd_by_id() functions, to be able to pass to the kernel more options, when requesting a fd of an eBPF object to the kernel. Pass the options through a newly introduced structure, bpf_get_fd_opts, which currently contains open_flags (the other two members are for compatibility and for padding). open_flags allows the caller to request specific permissions to access a map (e.g. read-only). This is useful for example in the situation where a map is write-protected. Besides patches 2-6, which introduce the new variants and the data structure, patch 1 fixes the LIBBPF_1.0.0 declaration in libbpf.map. Roberto Sassu (6): libbpf: Fix LIBBPF_1.0.0 declaration in libbpf.map libbpf: Define bpf_get_fd_opts and introduce bpf_map_get_fd_by_id_opts() libbpf: Introduce bpf_prog_get_fd_by_id_opts() libbpf: Introduce bpf_btf_get_fd_by_id_opts() libbpf: Introduce bpf_link_get_fd_by_id_opts() selftests/bpf: Add tests for _opts variants of bpf_*_get_fd_by_id() tools/lib/bpf/bpf.c | 47 +++++++++- tools/lib/bpf/bpf.h | 16 ++++ tools/lib/bpf/libbpf.map | 6 +- .../bpf/prog_tests/libbpf_get_fd_opts.c | 88 +++++++++++++++++++ .../bpf/progs/test_libbpf_get_fd_opts.c | 36 ++++++++ 5 files changed, 188 insertions(+), 5 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/libbpf_get_fd_opts.c create mode 100644 tools/testing/selftests/bpf/progs/test_libbpf_get_fd_opts.c -- 2.25.1

2 years, 9 months

1
6
0 0

Hi

by Ann Ghallagher

Hi Dear, Nice to meet you, hope you’re enjoying a blissful day? I'm Ann Ghallagher. I'm a U.S. Army officer from the United States of America, I am supportive and caring, I like swimming and cooking am gentle although I am a soldier but I'm kind, wanting to get a good friend, I would like to establish mutual friendship with you.I want to make a deal with you so if you are interested contact my email (annghallaghe(a)gmail.com) or should I tell you about the deal here? Regards, Ann

2 years, 9 months

1
0
0 0

[PATCH v6 1/2] x86/fpu: Allow PKRU to be (once again) written by ptrace.

by Kyle Huey

From: Kyle Huey <me(a)kylehuey.com> When management of the PKRU register was moved away from XSTATE, emulation of PKRU's existence in XSTATE was added for reading PKRU through ptrace, but not for writing PKRU through ptrace. This can be seen by running gdb and executing `p $pkru`, `set $pkru = 42`, and `p $pkru`. On affected kernels (5.14+) the write to the PKRU register (which gdb performs through ptrace) is ignored. There are three APIs that write PKRU: sigreturn, PTRACE_SETREGSET with NT_X86_XSTATE, and KVM_SET_XSAVE. sigreturn still uses XRSTOR to write to PKRU. KVM_SET_XSAVE has its own special handling to make PKRU writes take effect (in fpu_copy_uabi_to_guest_fpstate). Push that down into copy_uabi_to_xstate and have PTRACE_SETREGSET with NT_X86_XSTATE pass in a pointer to the appropriate PKRU slot. copy_sigframe_from_user_to_xstate depends on copy_uabi_to_xstate populating the PKRU field in the task's XSTATE so that __fpu_restore_sig can do a XRSTOR from it, so continue doing that. This also adds code to initialize the PKRU value to the hardware init value (namely 0) if the PKRU bit is not set in the XSTATE header provided to ptrace, to match XRSTOR. Fixes: e84ba47e313d ("x86/fpu: Hook up PKRU into ptrace()") Signed-off-by: Kyle Huey <me(a)kylehuey.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Borislav Petkov <bp(a)suse.de> Cc: stable(a)vger.kernel.org # 5.14+ --- arch/x86/kernel/fpu/core.c | 20 +++++++++----------- arch/x86/kernel/fpu/regset.c | 2 +- arch/x86/kernel/fpu/signal.c | 2 +- arch/x86/kernel/fpu/xstate.c | 25 ++++++++++++++++++++----- arch/x86/kernel/fpu/xstate.h | 4 ++-- 5 files changed, 33 insertions(+), 20 deletions(-) diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index 3b28c5b25e12..c273669e8a00 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -391,8 +391,6 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, { struct fpstate *kstate = gfpu->fpstate; const union fpregs_state *ustate = buf; - struct pkru_state *xpkru; - int ret; if (!cpu_feature_enabled(X86_FEATURE_XSAVE)) { if (ustate->xsave.header.xfeatures & ~XFEATURE_MASK_FPSSE) @@ -406,16 +404,16 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, if (ustate->xsave.header.xfeatures & ~xcr0) return -EINVAL; - ret = copy_uabi_from_kernel_to_xstate(kstate, ustate); - if (ret) - return ret; + /* + * Nullify @vpkru to preserve its current value if PKRU's bit isn't set + * in the header. KVM's odd ABI is to leave PKRU untouched in this + * case (all other components are eventually re-initialized). + * (Not clear that this is actually necessary for compat). + */ + if (!(ustate->xsave.header.xfeatures & XFEATURE_MASK_PKRU)) + vpkru = NULL; - /* Retrieve PKRU if not in init state */ - if (kstate->regs.xsave.header.xfeatures & XFEATURE_MASK_PKRU) { - xpkru = get_xsave_addr(&kstate->regs.xsave, XFEATURE_PKRU); - *vpkru = xpkru->pkru; - } - return 0; + return copy_uabi_from_kernel_to_xstate(kstate, ustate, vpkru); } EXPORT_SYMBOL_GPL(fpu_copy_uabi_to_guest_fpstate); #endif /* CONFIG_KVM */ diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index 75ffaef8c299..6d056b68f4ed 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -167,7 +167,7 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, } fpu_force_restore(fpu); - ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf); + ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf, &target->thread.pkru); out: vfree(tmpbuf); diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 91d4b6de58ab..558076dbde5b 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -396,7 +396,7 @@ static bool __fpu_restore_sig(void __user *buf, void __user *buf_fx, fpregs = &fpu->fpstate->regs; if (use_xsave() && !fx_only) { - if (copy_sigframe_from_user_to_xstate(fpu->fpstate, buf_fx)) + if (copy_sigframe_from_user_to_xstate(tsk, buf_fx)) return false; } else { if (__copy_from_user(&fpregs->fxsave, buf_fx, diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index c8340156bfd2..8f14981a3936 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -1197,7 +1197,7 @@ static int copy_from_buffer(void *dst, unsigned int offset, unsigned int size, static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, - const void __user *ubuf) + const void __user *ubuf, u32 *pkru) { struct xregs_state *xsave = &fpstate->regs.xsave; unsigned int offset, size; @@ -1246,6 +1246,21 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, } } + /* + * Update the user protection key storage. Allow KVM to + * pass in a NULL pkru pointer if the mask bit is unset + * for its legacy ABI behavior. + */ + if (pkru) + *pkru = 0; + + if (hdr.xfeatures & XFEATURE_MASK_PKRU) { + struct pkru_state *xpkru; + + xpkru = __raw_xsave_addr(xsave, XFEATURE_PKRU); + *pkru = xpkru->pkru; + } + /* * The state that came in from userspace was user-state only. * Mask all the user states out of 'xfeatures': @@ -1264,9 +1279,9 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, * Convert from a ptrace standard-format kernel buffer to kernel XSAVE[S] * format and copy to the target thread. Used by ptrace and KVM. */ -int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) +int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru) { - return copy_uabi_to_xstate(fpstate, kbuf, NULL); + return copy_uabi_to_xstate(fpstate, kbuf, NULL, pkru); } /* @@ -1274,10 +1289,10 @@ int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) * XSAVE[S] format and copy to the target thread. This is called from the * sigreturn() and rt_sigreturn() system calls. */ -int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, +int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf) { - return copy_uabi_to_xstate(fpstate, NULL, ubuf); + return copy_uabi_to_xstate(tsk->thread.fpu.fpstate, NULL, ubuf, &tsk->thread.pkru); } static bool validate_independent_components(u64 mask) diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 5ad47031383b..a4ecb04d8d64 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -46,8 +46,8 @@ extern void __copy_xstate_to_uabi_buf(struct membuf to, struct fpstate *fpstate, u32 pkru_val, enum xstate_copy_mode copy_mode); extern void copy_xstate_to_uabi_buf(struct membuf to, struct task_struct *tsk, enum xstate_copy_mode mode); -extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf); -extern int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, const void __user *ubuf); +extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru); +extern int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf); extern void fpu__init_cpu_xstate(void); -- 2.37.2 Changelog since v5: - Avoids a second copy from the uabi buffer as suggested. - Preserves old KVM_SET_XSAVE behavior where leaving the PKRU bit in the XSTATE header results in PKRU remaining unchanged instead of reinitializing it. - Fixed up patch metadata as requested. Changelog since v4: - Selftest additionally checks PKRU readbacks through ptrace. - Selftest flips all PKRU bits (except the default key). Changelog since v3: - The v3 patch is now part 1 of 2. - Adds a selftest in part 2 of 2. Changelog since v2: - Removed now unused variables in fpu_copy_uabi_to_guest_fpstate Changelog since v1: - Handles the error case of copy_to_buffer().

2 years, 9 months

1
1
0 0

[RFC PATCH v2 0/2] kunit: Support redirecting function calls

by David Gow

When writing tests, it'd often be very useful to be able to intercept calls to a function in the code being tested and replace it with a test-specific stub. This has always been an obviously missing piece of KUnit, and the solutions always involve some tradeoffs with cleanliness, performance, or impact on non-test code. See the folowing document for some of the challenges: https://kunit.dev/mocking.html This series consists of two prototype patches which add support for this sort of redirection to KUnit tests: 1: static_stub: Any function which might want to be intercepted adds a call to a macro which checks if a test has redirected calls to it, and calls the corresponding replacement. 2: ftrace_stub: Functions are intercepted using ftrace. This doesn't require adding a new prologue to each function being replaced, but does have more dependencies (which restricts it to a small number of architectures, not including UML), and doesn't work well with inline functions. The API for both implementations is very similar, so it should be easy to migrate from one to the other if necessary. Both of these implementations restrict the redirection to the test context: it is automatically undone after the KUnit test completes, and does not affect calls in other threads. If CONFIG_KUNIT is not enabled, there should be no overhead in either implementation. Does either (or both) of these features sound useful, and is this sort-of API the right model? (Personally, I think there's a reasonable scope for both.) Is anything obviously missing or wrong? Do the names, descriptions etc. make any sense? Note that these patches are definitely still at the "prototype" level, and things like error-handling, documentation, and testing are still pretty sparse. There is also quite a bit of room for optimisation. These'll all be improved for v1 if the concept seems good. We're going to be talking about this again at LPC, so it's worth having another look before then if you're interested and/or will be attending: https://lpc.events/event/16/contributions/1308/ Cheers, -- David --- Changes since RFC v1: https://lore.kernel.org/lkml/20220318021314.3225240-1-davidgow@google.com/ - Fix some typos (thanks Daniel) - Use typecheck_fn() to fix typechecking in some cases (thanks Brendan) - Use ftrace_instruction_pointer_set() in place of kernel livepatch, which seems to have disappeared: https://lore.kernel.org/lkml/0a76550d-008d-0364-8244-4dae2981ea05@csgroup.e… - Fix a copy-paste name error in the resource finding function. - Rebase on top of torvalds/master, as it wasn't applying cleanly. Note that the Kernel Livepatch -> ftrace change seems to allow more architectures to work, but while they compile, there still seems to be issues. So, this will compile on (e.g.) arm64, but fails: $ ./tools/testing/kunit/kunit.py run 'example*' --kunitconfig lib/kunit/stubs_example.kunitconfig --arch arm64 --make_options LLVM=1 [05:00:13] # example_ftrace_stub_test: initializing [05:00:13] # example_ftrace_stub_test: EXPECTATION FAILED at lib/kunit/kunit-example-test.c:179 [05:00:13] Expected add_one(1) == 0, but [05:00:13] add_one(1) == 2 [05:00:13] not ok 6 - example_ftrace_stub_test [05:00:13] [FAILED] example_ftrace_stub_test Daniel Latypov (1): kunit: expose ftrace-based API for stubbing out functions during tests David Gow (1): kunit: Expose 'static stub' API to redirect functions include/kunit/ftrace_stub.h | 84 +++++++++++++++++ include/kunit/static_stub.h | 106 +++++++++++++++++++++ lib/kunit/Kconfig | 11 +++ lib/kunit/Makefile | 5 + lib/kunit/ftrace_stub.c | 137 ++++++++++++++++++++++++++++ lib/kunit/kunit-example-test.c | 63 +++++++++++++ lib/kunit/static_stub.c | 125 +++++++++++++++++++++++++ lib/kunit/stubs_example.kunitconfig | 10 ++ 8 files changed, 541 insertions(+) create mode 100644 include/kunit/ftrace_stub.h create mode 100644 include/kunit/static_stub.h create mode 100644 lib/kunit/ftrace_stub.c create mode 100644 lib/kunit/static_stub.c create mode 100644 lib/kunit/stubs_example.kunitconfig -- 2.37.2.789.g6183377224-goog

2 years, 9 months

4
6
0 0

[PATCH iproute2-next 1/2] bridge: link: enable MacAuth/MAB feature

by Hans Schultz

The MAB feature can be enabled on a locked port with the command: bridge link set dev <DEV> mab on Signed-off-by: Hans Schultz <netdev(a)kapio-technology.com> --- bridge/fdb.c | 17 +++++++++++++++-- bridge/link.c | 21 ++++++++++++++++++--- include/uapi/linux/if_link.h | 1 + include/uapi/linux/neighbour.h | 7 ++++++- ip/iplink_bridge_slave.c | 16 +++++++++++++--- man/man8/bridge.8 | 10 ++++++++++ man/man8/ip-link.8.in | 8 ++++++++ 7 files changed, 71 insertions(+), 9 deletions(-) diff --git a/bridge/fdb.c b/bridge/fdb.c index 5f71bde0..0fbe9bd3 100644 --- a/bridge/fdb.c +++ b/bridge/fdb.c @@ -93,7 +93,7 @@ static int state_a2n(unsigned int *s, const char *arg) return 0; } -static void fdb_print_flags(FILE *fp, unsigned int flags) +static void fdb_print_flags(FILE *fp, unsigned int flags, __u8 ext_flags) { open_json_array(PRINT_JSON, is_json_context() ? "flags" : ""); @@ -116,6 +116,9 @@ static void fdb_print_flags(FILE *fp, unsigned int flags) if (flags & NTF_STICKY) print_string(PRINT_ANY, NULL, "%s ", "sticky"); + if (ext_flags & NTF_EXT_LOCKED) + print_string(PRINT_ANY, NULL, "%s ", "locked"); + close_json_array(PRINT_JSON, NULL); } @@ -144,6 +147,7 @@ int print_fdb(struct nlmsghdr *n, void *arg) struct ndmsg *r = NLMSG_DATA(n); int len = n->nlmsg_len; struct rtattr *tb[NDA_MAX+1]; + __u32 ext_flags = 0; __u16 vid = 0; if (n->nlmsg_type != RTM_NEWNEIGH && n->nlmsg_type != RTM_DELNEIGH) { @@ -170,6 +174,9 @@ int print_fdb(struct nlmsghdr *n, void *arg) parse_rtattr(tb, NDA_MAX, NDA_RTA(r), n->nlmsg_len - NLMSG_LENGTH(sizeof(*r))); + if (tb[NDA_FLAGS_EXT]) + ext_flags = rta_getattr_u32(tb[NDA_FLAGS_EXT]); + if (tb[NDA_VLAN]) vid = rta_getattr_u16(tb[NDA_VLAN]); @@ -266,7 +273,7 @@ int print_fdb(struct nlmsghdr *n, void *arg) if (show_stats && tb[NDA_CACHEINFO]) fdb_print_stats(fp, RTA_DATA(tb[NDA_CACHEINFO])); - fdb_print_flags(fp, r->ndm_flags); + fdb_print_flags(fp, r->ndm_flags, ext_flags); if (tb[NDA_MASTER]) @@ -414,6 +421,7 @@ static int fdb_modify(int cmd, int flags, int argc, char **argv) char *endptr; short vid = -1; __u32 nhid = 0; + __u32 ext_flags = 0; while (argc > 0) { if (strcmp(*argv, "dev") == 0) { @@ -527,6 +535,11 @@ static int fdb_modify(int cmd, int flags, int argc, char **argv) if (dst_ok) addattr_l(&req.n, sizeof(req), NDA_DST, &dst.data, dst.bytelen); + if (ext_flags && + addattr_l(&req.n, sizeof(req), NDA_FLAGS_EXT, &ext_flags, + sizeof(ext_flags)) < 0) + return -1; + if (vid >= 0) addattr16(&req.n, sizeof(req), NDA_VLAN, vid); if (nhid > 0) diff --git a/bridge/link.c b/bridge/link.c index 3810fa04..dd69d7c3 100644 --- a/bridge/link.c +++ b/bridge/link.c @@ -181,9 +181,14 @@ static void print_protinfo(FILE *fp, struct rtattr *attr) if (prtb[IFLA_BRPORT_ISOLATED]) print_on_off(PRINT_ANY, "isolated", "isolated %s ", rta_getattr_u8(prtb[IFLA_BRPORT_ISOLATED])); - if (prtb[IFLA_BRPORT_LOCKED]) - print_on_off(PRINT_ANY, "locked", "locked %s ", - rta_getattr_u8(prtb[IFLA_BRPORT_LOCKED])); + if (prtb[IFLA_BRPORT_LOCKED]) { + if (prtb[IFLA_BRPORT_MAB] && rta_getattr_u8(prtb[IFLA_BRPORT_MAB])) + print_on_off(PRINT_ANY, "locked mab", "locked mab %s ", + rta_getattr_u8(prtb[IFLA_BRPORT_LOCKED])); + else + print_on_off(PRINT_ANY, "locked", "locked %s ", + rta_getattr_u8(prtb[IFLA_BRPORT_LOCKED])); + } } else print_stp_state(rta_getattr_u8(attr)); } @@ -281,6 +286,7 @@ static void usage(void) " [ vlan_tunnel {on | off} ]\n" " [ isolated {on | off} ]\n" " [ locked {on | off} ]\n" + " [ mab {on | off} ]\n" " [ hwmode {vepa | veb} ]\n" " [ backup_port DEVICE ] [ nobackup_port ]\n" " [ self ] [ master ]\n" @@ -312,6 +318,7 @@ static int brlink_modify(int argc, char **argv) __s8 bcast_flood = -1; __s8 mcast_to_unicast = -1; __s8 locked = -1; + __s8 macauth = -1; __s8 isolated = -1; __s8 hairpin = -1; __s8 bpdu_guard = -1; @@ -437,6 +444,11 @@ static int brlink_modify(int argc, char **argv) locked = parse_on_off("locked", *argv, &ret); if (ret) return ret; + } else if (strcmp(*argv, "mab") == 0) { + NEXT_ARG(); + macauth = parse_on_off("mab", *argv, &ret); + if (ret) + return ret; } else if (strcmp(*argv, "backup_port") == 0) { NEXT_ARG(); backup_port_idx = ll_name_to_index(*argv); @@ -520,6 +532,9 @@ static int brlink_modify(int argc, char **argv) if (locked >= 0) addattr8(&req.n, sizeof(req), IFLA_BRPORT_LOCKED, locked); + if (macauth >= 0) + addattr8(&req.n, sizeof(req), IFLA_BRPORT_MAB, macauth); + if (backup_port_idx != -1) addattr32(&req.n, sizeof(req), IFLA_BRPORT_BACKUP_PORT, backup_port_idx); diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h index 7494cffb..58a002de 100644 --- a/include/uapi/linux/if_link.h +++ b/include/uapi/linux/if_link.h @@ -559,6 +559,7 @@ enum { IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT, IFLA_BRPORT_MCAST_EHT_HOSTS_CNT, IFLA_BRPORT_LOCKED, + IFLA_BRPORT_MAB, __IFLA_BRPORT_MAX }; #define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1) diff --git a/include/uapi/linux/neighbour.h b/include/uapi/linux/neighbour.h index a998bf76..4dda051b 100644 --- a/include/uapi/linux/neighbour.h +++ b/include/uapi/linux/neighbour.h @@ -52,7 +52,8 @@ enum { #define NTF_STICKY (1 << 6) #define NTF_ROUTER (1 << 7) /* Extended flags under NDA_FLAGS_EXT: */ -#define NTF_EXT_MANAGED (1 << 0) +#define NTF_EXT_MANAGED (1 << 0) +#define NTF_EXT_LOCKED (1 << 1) /* * Neighbor Cache Entry States. @@ -86,6 +87,10 @@ enum { * NTF_EXT_MANAGED flagged neigbor entries are managed by the kernel on behalf * of a user space control plane, and automatically refreshed so that (if * possible) they remain in NUD_REACHABLE state. + * + * NTF_EXT_LOCKED flagged FDB entries are placeholder entries used with the + * locked port feature, that ensures that an entry exists while at the same + * time dropping packets on ingress with src MAC and VID matching the entry. */ struct nda_cacheinfo { diff --git a/ip/iplink_bridge_slave.c b/ip/iplink_bridge_slave.c index 98d17213..0c0894eb 100644 --- a/ip/iplink_bridge_slave.c +++ b/ip/iplink_bridge_slave.c @@ -44,6 +44,7 @@ static void print_explain(FILE *f) " [ vlan_tunnel {on | off} ]\n" " [ isolated {on | off} ]\n" " [ locked {on | off} ]\n" + " [ mab {on | off} ]\n" " [ backup_port DEVICE ] [ nobackup_port ]\n" ); } @@ -284,9 +285,14 @@ static void bridge_slave_print_opt(struct link_util *lu, FILE *f, print_on_off(PRINT_ANY, "isolated", "isolated %s ", rta_getattr_u8(tb[IFLA_BRPORT_ISOLATED])); - if (tb[IFLA_BRPORT_LOCKED]) - print_on_off(PRINT_ANY, "locked", "locked %s ", - rta_getattr_u8(tb[IFLA_BRPORT_LOCKED])); + if (tb[IFLA_BRPORT_LOCKED]) { + if (tb[IFLA_BRPORT_MAB] && rta_getattr_u8(tb[IFLA_BRPORT_MAB])) + print_on_off(PRINT_ANY, "locked mab", "locked mab %s ", + rta_getattr_u8(tb[IFLA_BRPORT_LOCKED])); + else + print_on_off(PRINT_ANY, "locked", "locked %s ", + rta_getattr_u8(tb[IFLA_BRPORT_LOCKED])); + } if (tb[IFLA_BRPORT_BACKUP_PORT]) { int backup_p = rta_getattr_u32(tb[IFLA_BRPORT_BACKUP_PORT]); @@ -411,6 +417,10 @@ static int bridge_slave_parse_opt(struct link_util *lu, int argc, char **argv, NEXT_ARG(); bridge_slave_parse_on_off("locked", *argv, n, IFLA_BRPORT_LOCKED); + } else if (matches(*argv, "mab") == 0) { + NEXT_ARG(); + bridge_slave_parse_on_off("mab", *argv, n, + IFLA_BRPORT_MAB); } else if (matches(*argv, "backup_port") == 0) { int ifindex; diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index d4df772e..40250477 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -54,6 +54,7 @@ bridge \- show / manipulate bridge addresses and devices .BR vlan_tunnel " { " on " | " off " } ] [ " .BR isolated " { " on " | " off " } ] [ " .BR locked " { " on " | " off " } ] [ " +.BR mab " { " on " | " off " } ] [ " .B backup_port .IR DEVICE " ] [" .BR nobackup_port " ] [ " @@ -580,6 +581,15 @@ The common use is that hosts are allowed access through authentication with the IEEE 802.1X protocol or based on whitelists or like setups. By default this flag is off. +.TP +.RB "mab on " or " mab off " +Enables or disables the MAB/MacAuth feature. This feature can only be +activated on a port that is in locked mode, and when enabled it extends the +locked port feature so that MAC address can get access through a locked +port based on acceptlists, thus it is a much simpler procedure for a +device to become authorized than f.ex. the 802.1X protocol, and is used +for devices that are not capable of password or crypto based authorization +methods. .TP .BI backup_port " DEVICE" diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in index fc9d62fc..187ca7ca 100644 --- a/man/man8/ip-link.8.in +++ b/man/man8/ip-link.8.in @@ -2454,6 +2454,9 @@ the following additional arguments are supported: .BR isolated " { " on " | " off " }" ] [ .BR locked " { " on " | " off " }" +] [ +.BR mab " { " on " | " off " }" +] [ .BR backup_port " DEVICE" ] [ .BR nobackup_port " ]" @@ -2560,6 +2563,11 @@ default this flag is off. behind the port cannot communicate through the port unless a FDB entry representing the host is in the FDB. By default this flag is off. +.BR mab " { " on " | " off " }" +- enables or disables the MAB/MacAuth feature on a locked port. It is +thus possible for a device to gain authorization on a locked port based +on acceptlists. + .BI backup_port " DEVICE" - if the port loses carrier all traffic will be redirected to the configured backup port -- 2.34.1

2 years, 9 months

5
11
0 0

[PATCH] Documentation: kunit: Update description of --alltests option

by David Gow

kunit_tool's --alltests option was changed in commit 980ac3ad0512 ("kunit: tool: rename all_test_uml.config, use it for --alltests") to use a manually curated list of architecture-indpendent Kconfig options, rather than attempting to use make allyesconfig on UML, which was broken. Update the kunit_tool documentation to reflect the new behaviour of --alltests. Signed-off-by: David Gow <davidgow(a)google.com> --- Documentation/dev-tools/kunit/run_wrapper.rst | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/Documentation/dev-tools/kunit/run_wrapper.rst b/Documentation/dev-tools/kunit/run_wrapper.rst index 6b33caf6c8ab..dafe8eb28d30 100644 --- a/Documentation/dev-tools/kunit/run_wrapper.rst +++ b/Documentation/dev-tools/kunit/run_wrapper.rst @@ -251,14 +251,15 @@ command line arguments: compiling a kernel (using ``build`` or ``run`` commands). For example: to enable compiler warnings, we can pass ``--make_options W=1``. -- ``--alltests``: Builds a UML kernel with all config options enabled - using ``make allyesconfig``. This allows us to run as many tests as - possible. - - .. note:: It is slow and prone to breakage as new options are - added or modified. Instead, enable all tests - which have satisfied dependencies by adding - ``CONFIG_KUNIT_ALL_TESTS=y`` to your ``.kunitconfig``. +- ``--alltests``: Enable a predefined set of options in order to build + as many tests as possible. + + .. note:: The list of enabled options can be found in + ``tools/testing/kunit/configs/all_tests.config``. + + If you only want to enable all tests with otherwise satisfied + dependencies, instead add ``CONFIG_KUNIT_ALL_TESTS=y`` to your + ``.kunitconfig``. - ``--kunitconfig``: Specifies the path or the directory of the ``.kunitconfig`` file. For example: -- 2.38.0.rc1.362.ged0d419d3c-goog

2 years, 9 months

2
1
0 0

[PATCH v10 0/2] SPDX: add copyleft-next-0.3.1

by Luis Chamberlain

As suggested by Thomas Gleixner, I'm following up to move on with the SPDX tag needed for copyleft-next-0.3.1. I've split this out from the test_sysfs selftest so to separate review from that. Changes on this v10: o embraced paragraph from Thomas Gleixner which helps explain why the OR operator in the SPDX license name o dropped the GPL-2.0 and GPL-2.0+ tags as suggested by Thomas Gleixner as these are outdated (still valid) in the SPDX spec o trimmed the Cc list to remove the test_sysfs / block layer / fs folks as the test_sysfs stuff is now dropped from consideration in this series The last series was at v9 but it also had the test_sysfs and its changes, its history can be found here: https://lore.kernel.org/all/20211029184500.2821444-1-mcgrof@kernel.org/ Luis Chamberlain (2): LICENSES: Add the copyleft-next-0.3.1 license testing: use the copyleft-next-0.3.1 SPDX tag LICENSES/dual/copyleft-next-0.3.1 | 236 +++++++++++++++++++++++ lib/test_kmod.c | 12 +- lib/test_sysctl.c | 12 +- tools/testing/selftests/kmod/kmod.sh | 13 +- tools/testing/selftests/sysctl/sysctl.sh | 12 +- 5 files changed, 240 insertions(+), 45 deletions(-) create mode 100644 LICENSES/dual/copyleft-next-0.3.1 -- 2.35.1

2 years, 9 months

3
6
0 0

[PATCH] selftests/kvm: Avoid for loop initialization using vcpu->id in xapic_state_test

by Gautam Menghani

In the test_icr() function in xapic_state_test, one of the for loops is initialized with vcpu->id. Fix this assumption that vcpu->id is 0 so that IPIs are correctly sent to non-existent vCPUs [1]. Suggested-by: Sean Christopherson <seanjc(a)google.com> Signed-off-by: Gautam Menghani <gautammenghani201(a)gmail.com> --- [1] https://lore.kernel.org/kvm/YyoZr9rXSSMEtdh5@google.com/ tools/testing/selftests/kvm/x86_64/xapic_state_test.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/x86_64/xapic_state_test.c b/tools/testing/selftests/kvm/x86_64/xapic_state_test.c index 6f7a5ef66718..d7d37dae3eeb 100644 --- a/tools/testing/selftests/kvm/x86_64/xapic_state_test.c +++ b/tools/testing/selftests/kvm/x86_64/xapic_state_test.c @@ -114,7 +114,9 @@ static void test_icr(struct xapic_vcpu *x) * vCPUs, not vcpu.id + 1. Arbitrarily use vector 0xff. */ icr = APIC_INT_ASSERT | 0xff; - for (i = vcpu->id + 1; i < 0xff; i++) { + for (i = 0; i < 0xff; i++) { + if (i == vcpu->id) + continue; for (j = 0; j < 8; j++) __test_icr(x, i << (32 + 24) | icr | (j << 8)); } -- 2.34.1

2 years, 9 months

1
0
0 0

[PATCH v2] Documentation: kunit: rewrite writing first test instructions

by Bagas Sanjaya

The wordings of step-by-step instructions on writing the first Kunit test are instructing readers to write codes without knowing what these are about. Rewrite these instructions to include the purpose of written code. While at it, align the code blocks of these contents. Signed-off-by: Bagas Sanjaya <bagasdotme(a)gmail.com> --- Changes since v1 [1]: - Fix jumped list numbering on writing the feature This patch is based on Khalid's full path to .kunitconfig patch [2]. [1]: https://lore.kernel.org/linux-doc/20220929125458.52979-1-bagasdotme@gmail.c… [2]: https://lore.kernel.org/linux-doc/20220929085332.4155-1-khalid.masum.92@gma… Documentation/dev-tools/kunit/start.rst | 40 ++++++++++++++----------- 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst index 7999874dc4ddb3..c0a5adf6d8d665 100644 --- a/Documentation/dev-tools/kunit/start.rst +++ b/Documentation/dev-tools/kunit/start.rst @@ -131,17 +131,19 @@ are built-in. Otherwise the module will need to be loaded. Writing Your First Test ======================= -In your kernel repository, let's add some code that we can test. +In your kernel repository, let's add some code that we can test. For this +purpose, we are going to add simple addition driver. -1. Create a file ``drivers/misc/example.h``, which includes: +1. Write the feature that will be tested. First, write the declaration + for ``misc_example_add()`` in ``drivers/misc/example.h``: -.. code-block:: c + .. code-block:: c int misc_example_add(int left, int right); -2. Create a file ``drivers/misc/example.c``, which includes: + Then implement the function in ``drivers/misc/example.c``: -.. code-block:: c + .. code-block:: c #include <linux/errno.h> @@ -152,24 +154,25 @@ In your kernel repository, let's add some code that we can test. return left + right; } -3. Add the following lines to ``drivers/misc/Kconfig``: +2. Add Kconfig menu entry for the feature to ``drivers/misc/Kconfig``: -.. code-block:: kconfig + .. code-block:: kconfig config MISC_EXAMPLE bool "My example" -4. Add the following lines to ``drivers/misc/Makefile``: +3. Add the kbuild goal that will build the feature to + ``drivers/misc/Makefile``: -.. code-block:: make + .. code-block:: make obj-$(CONFIG_MISC_EXAMPLE) += example.o Now we are ready to write the test cases. -1. Add the below test case in ``drivers/misc/example_test.c``: +1. Write the test in ``drivers/misc/example_test.c``: -.. code-block:: c + .. code-block:: c #include <kunit/test.h> #include "example.h" @@ -202,31 +205,32 @@ Now we are ready to write the test cases. }; kunit_test_suite(misc_example_test_suite); -2. Add the following lines to ``drivers/misc/Kconfig``: +2. Add following Kconfig entry for the test to ``drivers/misc/Kconfig``: -.. code-block:: kconfig + .. code-block:: kconfig config MISC_EXAMPLE_TEST tristate "Test for my example" if !KUNIT_ALL_TESTS depends on MISC_EXAMPLE && KUNIT=y default KUNIT_ALL_TESTS -3. Add the following lines to ``drivers/misc/Makefile``: +3. Add kbuild goal of the test to ``drivers/misc/Makefile``: -.. code-block:: make + .. code-block:: make obj-$(CONFIG_MISC_EXAMPLE_TEST) += example_test.o -4. Add following configuration fragments to ``.kunit/.kunitconfig``: +4. Add following configuration fragments for the test to + ``.kunit/.kunitconfig``: -.. code-block:: none + .. code-block:: none CONFIG_MISC_EXAMPLE=y CONFIG_MISC_EXAMPLE_TEST=y 5. Run the test: -.. code-block:: bash + .. code-block:: bash ./tools/testing/kunit/kunit.py run -- An old man doll... just what I always wanted! - Clara

2 years, 9 months

2
5
0 0

[PATCH net-next,v2] selftests/tc-testing: update qdisc/cls/action features in config

by Zhengchao Shao

Since three patchsets "add tc-testing test cases", "refactor duplicate codes in the tc cls walk function", and "refactor duplicate codes in the qdisc class walk function" are merged to net-next tree, the list of supported features needs to be updated in config file. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- v2: modify typos --- tools/testing/selftests/tc-testing/config | 25 ++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tc-testing/config b/tools/testing/selftests/tc-testing/config index 2b2c2a835757..4638c63a339f 100644 --- a/tools/testing/selftests/tc-testing/config +++ b/tools/testing/selftests/tc-testing/config @@ -13,15 +13,28 @@ CONFIG_NET_SCHED=y # Queueing/Scheduling # CONFIG_NET_SCH_ATM=m +CONFIG_NET_SCH_CAKE=m +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_CBS=m CONFIG_NET_SCH_CHOKE=m CONFIG_NET_SCH_CODEL=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_DSMARK=m CONFIG_NET_SCH_ETF=m CONFIG_NET_SCH_FQ=m +CONFIG_NET_SCH_FQ_CODEL=m CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_HFSC=m CONFIG_NET_SCH_HHF=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_INGRESS=m +CONFIG_NET_SCH_MQPRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_PIE=m CONFIG_NET_SCH_PLUG=m CONFIG_NET_SCH_PRIO=m -CONFIG_NET_SCH_INGRESS=m +CONFIG_NET_SCH_QFQ=m CONFIG_NET_SCH_SFB=m CONFIG_NET_SCH_SFQ=m CONFIG_NET_SCH_SKBPRIO=m @@ -37,6 +50,15 @@ CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_BPF=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_FLOWER=m +CONFIG_NET_CLS_MATCHALL=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_TCINDEX=m CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=m @@ -68,6 +90,7 @@ CONFIG_NET_ACT_IFE=m CONFIG_NET_ACT_TUNNEL_KEY=m CONFIG_NET_ACT_CT=m CONFIG_NET_ACT_MPLS=m +CONFIG_NET_ACT_GATE=m CONFIG_NET_IFE_SKBMARK=m CONFIG_NET_IFE_SKBPRIO=m CONFIG_NET_IFE_SKBTCINDEX=m -- 2.17.1

2 years, 9 months

5
4
0 0

[PATCH] selftests/bpf: Fix spelling mistake "unpriviledged" -> "unprivileged"

by Colin Ian King

There a couple of spelling mistakes, one in a literal string and one in a comment. Fix them. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/bpf/verifier/calls.c | 2 +- tools/testing/selftests/bpf/verifier/var_off.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/verifier/calls.c b/tools/testing/selftests/bpf/verifier/calls.c index 3fb4f69b1962..e1a937277b54 100644 --- a/tools/testing/selftests/bpf/verifier/calls.c +++ b/tools/testing/selftests/bpf/verifier/calls.c @@ -284,7 +284,7 @@ .result = ACCEPT, }, { - "calls: not on unpriviledged", + "calls: not on unprivileged", .insns = { BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 1, 0, 2), BPF_MOV64_IMM(BPF_REG_0, 1), diff --git a/tools/testing/selftests/bpf/verifier/var_off.c b/tools/testing/selftests/bpf/verifier/var_off.c index 187c6f6e32bc..d37f512fad16 100644 --- a/tools/testing/selftests/bpf/verifier/var_off.c +++ b/tools/testing/selftests/bpf/verifier/var_off.c @@ -121,7 +121,7 @@ BPF_EXIT_INSN(), }, .fixup_map_hash_8b = { 1 }, - /* The unpriviledged case is not too interesting; variable + /* The unprivileged case is not too interesting; variable * stack access is rejected. */ .errstr_unpriv = "R2 variable stack access prohibited for !root", -- 2.37.1

2 years, 9 months

3
2
0 0

[RFC][PATCH 0/3] bpf: Enforce map fd modes in verifier

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> === All credits of this patch set go to Lorenz Bauer <oss(a)lmb.io>, as he identified this issue and proposed a number of solutions. === Lorenz presented at the Linux Plumbers EU 2022 a talk with title 'Closing the BPF map permission loophole', where he reported that read-only fds can be used for map update operations, if they were provided to eBPF programs. This work initially started as PoC to reproduce the reported bug, and became the test for validating an idea on how to fix the bug. Patch 1 adds a dependency necessary for the tests. The actual fix, in patch 2, is relatively simple. It is based on an already existing enforcement mechanism in the eBPF verifier for map flags. As Lorenz mentioned, a problem would be backporting this fix to stable kernels which don't have that enforcement mechanism. However, backporting just the enforcement mechanism itself (without introducing the new map flags and allowing user space to use them) could meet the stable kernel criteria. Alternatively, a completely different fix can be developed for older stable kernels, like what Lorenz suggested, to refuse fds which are not read/write. Finally, patch 3 introduces the tests. Roberto Sassu (3): libbpf: Define bpf_get_fd_opts and introduce bpf_map_get_fd_by_id_opts() bpf: Enforce granted permissions in a map fd at verifier level selftests/bpf: Test enforcement of map fd permissions at verifier level include/linux/bpf.h | 13 + include/linux/bpf_verifier.h | 1 + kernel/bpf/verifier.c | 26 +- tools/lib/bpf/bpf.c | 12 +- tools/lib/bpf/bpf.h | 10 + tools/lib/bpf/libbpf.map | 3 +- .../selftests/bpf/prog_tests/map_fd_perm.c | 227 ++++++++++++++++++ 7 files changed, 288 insertions(+), 4 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/map_fd_perm.c -- 2.25.1

2 years, 9 months

2
4
0 0

Re: [PATCH -next v5 2/4] selftests/memory-hotplug: Restore memory before exit

by zhaogongyi

Hi! > > On 30.09.22 08:35, Zhao Gongyi wrote: > > Some momory will be left in offline state when calling > > offline_memory_expect_fail() failed. Restore it before exit. > > > > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com> > > --- > > .../memory-hotplug/mem-on-off-test.sh | 21 > ++++++++++++++----- > > 1 file changed, 16 insertions(+), 5 deletions(-) > > > > diff --git a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > index 1d87611a7d52..91a7457616bb 100755 > > --- a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > +++ b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > @@ -134,6 +134,16 @@ offline_memory_expect_fail() > > return 0 > > } > > > > +online_all_offline_memory() > > +{ > > + for memory in `hotpluggable_offline_memory`; do > > + if ! online_memory_expect_success $memory; then > > + echo "$FUNCNAME $memory: unexpected fail" >&2 > > Do we need that output? In my opinion, if online a memory node failed ,it should be a kernel bug catched, so, I think the output here is needed. Thanks! Gongyi

2 years, 9 months

2
1
0 0

[PATCH -next v5 0/4] Optimize and bugfix for memory-hotplug

by Zhao Gongyi

1. Add checking after online or offline 2. Restore memory before exit 3. Adjust log info for maintainability 4. Correct test's name Changes in v5: - Adjust log info for maintainability Changes in v4: - Remove redundant log information Changes in v3: - Remove 2 obselute patches Zhao Gongyi (4): selftests/memory-hotplug: Add checking after online or offline selftests/memory-hotplug: Restore memory before exit selftests/memory-hotplug: Adjust log info for maintainability docs: notifier-error-inject: Correct test's name .../fault-injection/notifier-error-inject.rst | 4 +-- .../memory-hotplug/mem-on-off-test.sh | 34 +++++++++++++++---- 2 files changed, 29 insertions(+), 9 deletions(-) -- 2.17.1

2 years, 9 months

2
7
0 0

[PATCH v2] Documentation: Kunit: Use full path to .kunitconfig

by Khalid Masum

The fourth list item on writing test cases instructs adding Kconfig fragments to .kunitconfig, which should have been full path to the file (.kunit/.kunitconfig). Cc: Sadiya Kazi <sadiyakazi(a)google.com> Cc: David Gow <davidgow(a)google.com> Suggested-by: Bagas Sanjaya <bagasdotme(a)gmail.com> Signed-off-by: Khalid Masum <khalid.masum.92(a)gmail.com> --- Changes since v1: - Update commit message - Make the instruction more descriptive Documentation/dev-tools/kunit/start.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst index 867a4bba6bf6..69361065cda6 100644 --- a/Documentation/dev-tools/kunit/start.rst +++ b/Documentation/dev-tools/kunit/start.rst @@ -217,7 +217,7 @@ Now we are ready to write the test cases. obj-$(CONFIG_MISC_EXAMPLE_TEST) += example_test.o -4. Add the following lines to ``.kunitconfig``: +4. Add following configuration fragments to ``.kunit/.kunitconfig``: .. code-block:: none -- 2.37.3

2 years, 9 months

3
2
0 0

[PATCH v5 net-next 0/6] Extend locked port feature with FDB locked flag (MAC-Auth/MAB)

by Hans Schultz

This patch set extends the locked port feature for devices that are behind a locked port, but do not have the ability to authorize themselves as a supplicant using IEEE 802.1X. Such devices can be printers, meters or anything related to fixed installations. Instead of 802.1X authorization, devices can get access based on their MAC addresses being whitelisted. For an authorization daemon to detect that a device is trying to get access through a locked port, the bridge will add the MAC address of the device to the FDB with a locked flag to it. Thus the authorization daemon can catch the FDB add event and check if the MAC address is in the whitelist and if so replace the FDB entry without the locked flag enabled, and thus open the port for the device. This feature is known as MAC-Auth or MAC Authentication Bypass (MAB) in Cisco terminology, where the full MAB concept involves additional Cisco infrastructure for authorization. There is no real authentication process, as the MAC address of the device is the only input the authorization daemon, in the general case, has to base the decision if to unlock the port or not. With this patch set, an implementation of the offloaded case is supplied for the mv88e6xxx driver. When a packet ingresses on a locked port, an ATU miss violation event will occur. When handling such ATU miss violation interrupts, the MAC address of the device is added to the FDB with a zero destination port vector (DPV) and the MAC address is communicated through the switchdev layer to the bridge, so that a FDB entry with the locked flag enabled can be added. Log: v3: Added timers and lists in the driver (mv88e6xxx) to keep track of and remove locked entries. v4: Leave out enforcing a limit to the number of locked entries in the bridge. Removed the timers in the driver and use the worker only. Add locked FDB flag to all drivers using port_fdb_add() from the dsa api and let all drivers ignore entries with this flag set. Change how to get the ageing timeout of locked entries. See global1_atu.c and switchdev.c. Use struct mv88e6xxx_port for locked entries variables instead of struct dsa_port. v5: Added 'mab' flag to enable MAB/MacAuth feature, in a similar way to the locked feature flag. In these implementations for the mv88e6xxx, the switchport must be configured with learning on. To tell userspace about the behavior of the locked entries in the driver, a 'blackhole' FDB flag has been added, which locked FDB entries coming from the driver gets. Also the 'sticky' flag comes with those locked entries, as the drivers locked entries cannot roam. Fixed issues with taking mutex locks, and added a function to read the fid, that supports all versions of the chipset family. Hans Schultz (6): net: bridge: add locked entry fdb flag to extend locked port feature net: switchdev: add support for offloading of fdb locked flag drivers: net: dsa: add locked fdb entry flag to drivers net: dsa: mv88e6xxx: allow reading FID when handling ATU violations net: dsa: mv88e6xxx: MacAuth/MAB implementation selftests: forwarding: add test of MAC-Auth Bypass to locked port tests drivers/net/dsa/b53/b53_common.c | 5 + drivers/net/dsa/b53/b53_priv.h | 1 + drivers/net/dsa/hirschmann/hellcreek.c | 5 + drivers/net/dsa/lan9303-core.c | 5 + drivers/net/dsa/lantiq_gswip.c | 5 + drivers/net/dsa/microchip/ksz_common.c | 5 + drivers/net/dsa/mt7530.c | 5 + drivers/net/dsa/mv88e6xxx/Makefile | 1 + drivers/net/dsa/mv88e6xxx/chip.c | 81 ++++- drivers/net/dsa/mv88e6xxx/chip.h | 19 ++ drivers/net/dsa/mv88e6xxx/global1.h | 1 + drivers/net/dsa/mv88e6xxx/global1_atu.c | 76 ++++- drivers/net/dsa/mv88e6xxx/port.c | 15 +- drivers/net/dsa/mv88e6xxx/port.h | 6 + drivers/net/dsa/mv88e6xxx/switchdev.c | 285 ++++++++++++++++++ drivers/net/dsa/mv88e6xxx/switchdev.h | 37 +++ drivers/net/dsa/ocelot/felix.c | 5 + drivers/net/dsa/qca/qca8k-common.c | 5 + drivers/net/dsa/qca/qca8k.h | 1 + drivers/net/dsa/sja1105/sja1105_main.c | 7 +- include/linux/if_bridge.h | 1 + include/net/dsa.h | 1 + include/net/switchdev.h | 3 + include/uapi/linux/if_link.h | 1 + include/uapi/linux/neighbour.h | 4 +- net/bridge/br.c | 5 +- net/bridge/br_fdb.c | 43 ++- net/bridge/br_input.c | 16 +- net/bridge/br_netlink.c | 9 +- net/bridge/br_private.h | 7 +- net/bridge/br_switchdev.c | 5 +- net/dsa/dsa_priv.h | 4 +- net/dsa/port.c | 7 +- net/dsa/slave.c | 4 +- net/dsa/switch.c | 10 +- .../net/forwarding/bridge_locked_port.sh | 107 ++++++- .../net/forwarding/bridge_sticky_fdb.sh | 21 +- 37 files changed, 768 insertions(+), 50 deletions(-) create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.c create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.h -- 2.30.2

2 years, 9 months

6
68
0 0

[PATCH v1 0/3] kselftest/arm64: fp-stress updates

by Mark Brown

A few small updates for fp-stress, improving the usability with signal handling a bit. Mark Brown (3): kselftest/arm64: Don't repeat termination handler for fp-stress kselftest/arm64: Flag fp-stress as exiting when we begin finishing up kselftest/arm64: Handle EINTR while reading data from children tools/testing/selftests/arm64/fp/fp-stress.c | 90 ++++++++++++-------- 1 file changed, 55 insertions(+), 35 deletions(-) base-commit: ea84edbf08025e592f58b0d9b282777a9ca9fb22 -- 2.30.2

2 years, 9 months

2
4
0 0

[PATCH] kselftest/arm64: Don't enable v8.5 for MTE selftest builds

by Mark Brown

Currently we set -march=armv8.5+memtag when building the MTE selftests, allowing the compiler to emit v8.5 and MTE instructions for anything it generates. This means that we may get code that will generate SIGILLs when run on older systems rather than skipping on non-MTE systems as should be the case. Most toolchains don't select any incompatible instructions but I have seen some reports which suggest that some may be appearing which do so. This is also potentially problematic in that if the compiler chooses to emit any MTE instructions for the C code it may interfere with the MTE usage we are trying to test. Since the only reason we are specifying this option is to allow us to assemble MTE instructions in mte_helper.S we can avoid these issues by moving to using a .arch directive there and adding the -march explicitly to the toolchain support check instead of the generic CFLAGS. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/arm64/mte/Makefile | 5 +---- tools/testing/selftests/arm64/mte/mte_helper.S | 2 ++ 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/arm64/mte/Makefile b/tools/testing/selftests/arm64/mte/Makefile index a5a0744423d8..037046f5784e 100644 --- a/tools/testing/selftests/arm64/mte/Makefile +++ b/tools/testing/selftests/arm64/mte/Makefile @@ -11,11 +11,8 @@ LDFLAGS += -pthread SRCS := $(filter-out mte_common_util.c,$(wildcard *.c)) PROGS := $(patsubst %.c,%,$(SRCS)) -#Add mte compiler option -CFLAGS += -march=armv8.5-a+memtag - #check if the compiler works well -mte_cc_support := $(shell if ($(CC) $(CFLAGS) -E -x c /dev/null -o /dev/null 2>&1) then echo "1"; fi) +mte_cc_support := $(shell if ($(CC) $(CFLAGS) -march=armv8.5-a+memtag -E -x c /dev/null -o /dev/null 2>&1) then echo "1"; fi) ifeq ($(mte_cc_support),1) # Generated binaries to be installed by top KSFT script diff --git a/tools/testing/selftests/arm64/mte/mte_helper.S b/tools/testing/selftests/arm64/mte/mte_helper.S index a02c04cd0aac..a55dbbc56ed1 100644 --- a/tools/testing/selftests/arm64/mte/mte_helper.S +++ b/tools/testing/selftests/arm64/mte/mte_helper.S @@ -3,6 +3,8 @@ #include "mte_def.h" +.arch armv8.5-a+memtag + #define ENTRY(name) \ .globl name ;\ .p2align 2;\ -- 2.30.2

2 years, 9 months

2
1
0 0

[PATCH v6 net-next 9/9] selftests: forwarding: add test of MAC-Auth Bypass to locked port tests

by Hans Schultz

From: "Hans J. Schultz" <netdev(a)kapio-technology.com> Verify that the MAC-Auth mechanism works by adding a FDB entry with the locked flag set, denying access until the FDB entry is replaced with a FDB entry without the locked flag set. Add test of blackhole fdb entries, verifying that there is no forwarding to a blackhole entry from any port, and that the blackhole entry can be replaced. Also add a test that verifies that sticky FDB entries cannot roam (this is not needed for now, but should in general be present anyhow for future applications). Signed-off-by: Hans J. Schultz <netdev(a)kapio-technology.com> --- .../net/forwarding/bridge_blackhole_fdb.sh | 102 +++++++++++++++++ .../net/forwarding/bridge_locked_port.sh | 106 +++++++++++++++++- .../net/forwarding/bridge_sticky_fdb.sh | 21 +++- tools/testing/selftests/net/forwarding/lib.sh | 18 +++ 4 files changed, 245 insertions(+), 2 deletions(-) create mode 100755 tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh diff --git a/tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh b/tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh new file mode 100755 index 000000000000..54b1a51e1ed6 --- /dev/null +++ b/tools/testing/selftests/net/forwarding/bridge_blackhole_fdb.sh @@ -0,0 +1,102 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +ALL_TESTS="blackhole_fdb" +NUM_NETIFS=4 +source lib.sh + +switch_create() +{ + ip link add dev br0 type bridge + + ip link set dev $swp1 master br0 + ip link set dev $swp2 master br0 + + ip link set dev br0 up + ip link set dev $h1 up + ip link set dev $swp1 up + ip link set dev $h2 up + ip link set dev $swp2 up + + tc qdisc add dev $swp2 clsact +} + +switch_destroy() +{ + tc qdisc del dev $swp2 clsact + + ip link set dev $swp2 down + ip link set dev $h2 down + ip link set dev $swp1 down + ip link set dev $h1 down + + ip link del dev br0 +} + +setup_prepare() +{ + h1=${NETIFS[p1]} + swp1=${NETIFS[p2]} + h2=${NETIFS[p3]} + swp2=${NETIFS[p4]} + + switch_create +} + +cleanup() +{ + pre_cleanup + switch_destroy +} + +# Check that there is no egress with blackhole entry and that blackhole entries can be replaced +blackhole_fdb() +{ + RET=0 + + check_blackhole_fdb_support || return 0 + + tc filter add dev $swp2 egress protocol ip pref 1 handle 1 flower \ + dst_ip 192.0.2.2 ip_proto udp dst_port 12345 action pass + + $MZ $h1 -c 1 -p 128 -t udp "sp=54321,dp=12345" \ + -a own -b `mac_get $h2` -A 192.0.2.1 -B 192.0.2.2 -q + + tc_check_packets "dev $swp2 egress" 1 1 + check_err $? "Packet not seen on egress before adding blackhole entry" + + bridge fdb add `mac_get $h2` dev br0 blackhole + bridge fdb get `mac_get $h2` br br0 | grep -q blackhole + check_err $? "Blackhole entry not found" + + $MZ $h1 -c 1 -p 128 -t udp "sp=54321,dp=12345" \ + -a own -b `mac_get $h2` -A 192.0.2.1 -B 192.0.2.2 -q + + tc_check_packets "dev $swp2 egress" 1 1 + check_err $? "Packet seen on egress after adding blackhole entry" + + # Check blackhole entries can be replaced. + bridge fdb replace `mac_get $h2` dev $swp2 master static + bridge fdb get `mac_get $h2` br br0 | grep -q blackhole + check_fail $? "Blackhole entry found after replacement" + + $MZ $h1 -c 1 -p 128 -t udp "sp=54321,dp=12345" \ + -a own -b `mac_get $h2` -A 192.0.2.1 -B 192.0.2.2 -q + + tc_check_packets "dev $swp2 egress" 1 2 + check_err $? "Packet not seen on egress after replacing blackhole entry" + + bridge fdb del `mac_get $h2` dev $swp2 master static + tc filter del dev $swp2 egress protocol ip pref 1 handle 1 flower + + log_test "Blackhole FDB entry" +} + +trap cleanup EXIT + +setup_prepare +setup_wait + +tests_run + +exit $EXIT_STATUS diff --git a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh index 5b02b6b60ce7..59b8b7666eab 100755 --- a/tools/testing/selftests/net/forwarding/bridge_locked_port.sh +++ b/tools/testing/selftests/net/forwarding/bridge_locked_port.sh @@ -1,7 +1,15 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0 -ALL_TESTS="locked_port_ipv4 locked_port_ipv6 locked_port_vlan" +ALL_TESTS=" + locked_port_ipv4 + locked_port_ipv6 + locked_port_vlan + locked_port_mab + locked_port_station_move + locked_port_mab_station_move +" + NUM_NETIFS=4 CHECK_TC="no" source lib.sh @@ -166,6 +174,102 @@ locked_port_ipv6() log_test "Locked port ipv6" } +locked_port_mab() +{ + RET=0 + check_locked_port_support || return 0 + + ping_do $h1 192.0.2.2 + check_err $? "MAB: Ping did not work before locking port" + + bridge link set dev $swp1 locked on + check_port_mab_support $swp1 || return 0 + + ping_do $h1 192.0.2.2 + check_fail $? "MAB: Ping worked on locked port without FDB entry" + + bridge fdb show | grep `mac_get $h1` | grep -q "locked" + check_err $? "MAB: No locked fdb entry after ping on locked port" + + bridge fdb replace `mac_get $h1` dev $swp1 master static + + ping_do $h1 192.0.2.2 + check_err $? "MAB: Ping did not work with fdb entry without locked flag" + + bridge fdb del `mac_get $h1` dev $swp1 master + bridge link set dev $swp1 locked off mab off + + log_test "Locked port MAB" +} + +# No roaming allowed to a simple locked port +locked_port_station_move() +{ + local mac=a0:b0:c0:c0:b0:a0 + + RET=0 + check_locked_port_support || return 0 + + bridge link set dev $swp1 locked on + + $MZ $h1 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "master br0" + check_fail $? "Locked port station move: FDB entry on first injection" + + $MZ $h2 -q -t udp -a $mac -b rand + bridge fdb show dev $swp2 | grep "$mac vlan 1" | grep -q "master br0" + check_err $? "Locked port station move: Entry not found on unlocked port" + + $MZ $h1 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "master br0" + check_fail $? "Locked port station move: entry roamed to locked port" + + bridge link set dev $swp1 locked off + + log_test "Locked port station move" +} + +# Roaming to and from a MAB enabled port should work if sticky flag is not set +locked_port_mab_station_move() +{ + local mac=10:20:30:30:20:10 + + RET=0 + check_locked_port_support || return 0 + + bridge link set dev $swp1 locked on + + check_port_mab_support $swp1 || return 0 + + $MZ $h1 -q -t udp -a $mac -b rand + if bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "permanent"; then + echo "SKIP: Roaming not possible with local flag, skipping test..." + bridge link set dev $swp1 locked off mab off + return $ksft_skip + fi + + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "locked" + check_err $? "MAB station move: no locked entry on first injection" + + $MZ $h2 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep -q "locked" + check_fail $? "MAB station move: locked entry did not move" + + bridge fdb show dev $swp2 | grep "$mac vlan 1" | grep -q "locked" + check_fail $? "MAB station move: roamed entry to unlocked port had locked flag on" + + bridge fdb show dev $swp2 | grep "$mac vlan 1" | grep -q "master br0" + check_err $? "MAB station move: roamed entry not found" + + $MZ $h1 -q -t udp -a $mac -b rand + bridge fdb show dev $swp1 | grep "$mac vlan 1" | grep "master br0" | grep -q "locked" + check_fail $? "MAB station move: entry roamed back to locked port" + + bridge link set dev $swp1 locked off mab off + + log_test "Locked port MAB station move" +} + trap cleanup EXIT setup_prepare diff --git a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh index 1f8ef0eff862..bca77bc3fe09 100755 --- a/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh +++ b/tools/testing/selftests/net/forwarding/bridge_sticky_fdb.sh @@ -1,7 +1,7 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0 -ALL_TESTS="sticky" +ALL_TESTS="sticky sticky_no_roaming" NUM_NETIFS=4 TEST_MAC=de:ad:be:ef:13:37 source lib.sh @@ -59,6 +59,25 @@ sticky() log_test "Sticky fdb entry" } +# No roaming allowed with the sticky flag set +sticky_no_roaming() +{ + local mac=a8:b4:c2:c2:b4:a8 + + RET=0 + + bridge link set dev $swp2 learning on + bridge fdb add $mac dev $swp1 master static sticky + bridge fdb show dev $swp1 | grep "$mac master br0" | grep -q sticky + check_err $? "Sticky no roaming: No sticky FDB entry found after adding" + + $MZ $h2 -q -t udp -c 10 -d 100msec -a $mac -b rand + bridge fdb show dev $swp2 | grep "$mac master br0" | grep -q sticky + check_fail $? "Sticky no roaming: Sticky entry roamed" + + log_test "Sticky no roaming" +} + trap cleanup EXIT setup_prepare diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh index 3ffb9d6c0950..642fbf217c20 100755 --- a/tools/testing/selftests/net/forwarding/lib.sh +++ b/tools/testing/selftests/net/forwarding/lib.sh @@ -137,6 +137,24 @@ check_locked_port_support() fi } +check_port_mab_support() +{ + local dev=$1; + + if ! bridge link set dev $dev mab on 2>/dev/null; then + echo "SKIP: iproute2 too old; MacAuth feature not supported." + return $ksft_skip + fi +} + +check_blackhole_fdb_support() +{ + if ! bridge fdb help | grep -q "blackhole"; then + echo "SKIP: Blackhole fdb feature not supported." + return $ksft_skip + fi +} + if [[ "$(id -u)" -ne 0 ]]; then echo "SKIP: need root privileges" exit $ksft_skip -- 2.34.1

2 years, 9 months

3
3
0 0

selftest: arm64: missing install files

by Naresh Kamboju

While running kselftest arm64 tests the following list of tests were missing which means those test binaries not installed on to the rootfs. Not a part of "make install" do we need to fix Makefiles ? or am I missing something on the build machine ? We are building on the one machine and testing on multiple arm64 target devices. Please refer to build log [1] and test log [2]. # selftests: arm64: fp-stress # Warning: file fp-stress is missing! # selftests: arm64: sve-ptrace # Warning: file sve-ptrace is missing! # selftests: arm64: vec-syscfg # Warning: file vec-syscfg is missing! # selftests: arm64: za-ptrace # Warning: file za-ptrace is missing! # selftests: arm64: hwcap # Warning: file hwcap is missing! # selftests: arm64: ptrace # Warning: file ptrace is missing! # selftests: arm64: syscall-abi # Warning: file syscall-abi is missing! Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> [1] Build log: click on log.do_compile file link https://storage.lkft.org/rootfs-kselftest/oe-kirkstone/20220927-202538/juno/ [2] Test log: click on full log file link https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20220923/te… - Naresh

2 years, 9 months

2
1
0 0

[PATCH 0/5] selftests/resctrl: Some improvements of resctrl selftest

by Shaopeng Tan

Hello, The aim of this patch series is to improve the resctrl selftest. The first three patches clear redundant code. The last two patches are bug fixes. Without the two fixes, some unnecessary processing will be executed and test results will be confusing. There is no behavior change in test themselves. [patch 1] Because the default schemata is 100% , in MBM test it is not necessary to reset schemata by write_schemata(). [patch 2] Delete CMT-related processing in write_schemata() which is not called by CMT. [patch 3] Before exiting each test CMT/CAT/MBM/MBA, clear test result files function cat/cmt/mbm/mba_test_cleanup() are called twice. Delete once. [patch 4] If there is an exception occurs after creating a child process with fork() in the CAT test, kill the child process before terminating the parent process. [patch 5] When a child process is created by fork(), the buffer of the parent process is also copied. Flush the buffer before executing fork(). This patch series is based on Linux v6.0-rc5 Shaopeng Tan (5): selftests/resctrl: Clear unused initalization code in MBM tests selftests/resctrl: Clear unused common codes called by CAT/MBA tests testing/selftests: Remove duplicate codes that clear each test result file selftests/resctrl: Kill the child process before exiting the parent process if an exception occurs selftests/resctrl: Flush stdout file buffer before executing fork() tools/testing/selftests/resctrl/cat_test.c | 17 +++++++++-------- tools/testing/selftests/resctrl/cmt_test.c | 2 -- tools/testing/selftests/resctrl/mba_test.c | 2 -- tools/testing/selftests/resctrl/mbm_test.c | 19 ++++++------------- tools/testing/selftests/resctrl/resctrl_val.c | 1 + tools/testing/selftests/resctrl/resctrlfs.c | 7 +++---- 6 files changed, 19 insertions(+), 29 deletions(-) -- 2.27.0

2 years, 9 months

3
23
0 0

[PATCH] Documentation: kunit: rewrite writing first test instructions

by Bagas Sanjaya

The wordings of step-by-step instructions on writing the first Kunit test are instructing readers to write codes without knowing what these are about. Rewrite these instructions to include the purpose of written code. While at it, align the code blocks of these contents. Signed-off-by: Bagas Sanjaya <bagasdotme(a)gmail.com> --- This patch is based on Khalid's full path to .kunitconfig patch [1]. [1]: https://lore.kernel.org/linux-doc/20220929085332.4155-1-khalid.masum.92@gma… Documentation/dev-tools/kunit/start.rst | 40 ++++++++++++++----------- 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst index 7999874dc4ddb3..9628360947507b 100644 --- a/Documentation/dev-tools/kunit/start.rst +++ b/Documentation/dev-tools/kunit/start.rst @@ -131,17 +131,19 @@ are built-in. Otherwise the module will need to be loaded. Writing Your First Test ======================= -In your kernel repository, let's add some code that we can test. +In your kernel repository, let's add some code that we can test. For this +purpose, we are going to add simple addition driver. -1. Create a file ``drivers/misc/example.h``, which includes: +1. Write the feature that will be tested. First, write the declaration + for ``misc_example_add()`` in ``drivers/misc/example.h``: -.. code-block:: c + .. code-block:: c int misc_example_add(int left, int right); -2. Create a file ``drivers/misc/example.c``, which includes: + Then implement the function in ``drivers/misc/example.c``: -.. code-block:: c + .. code-block:: c #include <linux/errno.h> @@ -152,24 +154,25 @@ In your kernel repository, let's add some code that we can test. return left + right; } -3. Add the following lines to ``drivers/misc/Kconfig``: +3. Add Kconfig menu entry for the feature to ``drivers/misc/Kconfig``: -.. code-block:: kconfig + .. code-block:: kconfig config MISC_EXAMPLE bool "My example" -4. Add the following lines to ``drivers/misc/Makefile``: +4. Add the kbuild goal that will build the feature to + ``drivers/misc/Makefile``: -.. code-block:: make + .. code-block:: make obj-$(CONFIG_MISC_EXAMPLE) += example.o Now we are ready to write the test cases. -1. Add the below test case in ``drivers/misc/example_test.c``: +1. Write the test in ``drivers/misc/example_test.c``: -.. code-block:: c + .. code-block:: c #include <kunit/test.h> #include "example.h" @@ -202,31 +205,32 @@ Now we are ready to write the test cases. }; kunit_test_suite(misc_example_test_suite); -2. Add the following lines to ``drivers/misc/Kconfig``: +2. Add following Kconfig entry for the test to ``drivers/misc/Kconfig``: -.. code-block:: kconfig + .. code-block:: kconfig config MISC_EXAMPLE_TEST tristate "Test for my example" if !KUNIT_ALL_TESTS depends on MISC_EXAMPLE && KUNIT=y default KUNIT_ALL_TESTS -3. Add the following lines to ``drivers/misc/Makefile``: +3. Add kbuild goal of the test to ``drivers/misc/Makefile``: -.. code-block:: make + .. code-block:: make obj-$(CONFIG_MISC_EXAMPLE_TEST) += example_test.o -4. Add following configuration fragments to ``.kunit/.kunitconfig``: +4. Add following configuration fragments for the test to + ``.kunit/.kunitconfig``: -.. code-block:: none + .. code-block:: none CONFIG_MISC_EXAMPLE=y CONFIG_MISC_EXAMPLE_TEST=y 5. Run the test: -.. code-block:: bash + .. code-block:: bash ./tools/testing/kunit/kunit.py run -- An old man doll... just what I always wanted! - Clara

2 years, 9 months

1
1
0 0

Re: [PATCH -next v4 1/3] selftests/memory-hotplug: Add checking after online or offline

by zhaogongyi

Hi! > > On 29.09.22 09:39, zhaogongyi wrote: > > Hi, > > > > We can not get the EBUSY from " echo 0 > > /sys/devices/system/memory/memoryxxx/online", maybe, redirect the error > ouput to /dev/null is suitable when calling offline_memory_expect_success(): > > > > # sh mem-on-off-test.sh -a > > mem-on-off-test.sh: illegal option -- a Test scope: 2% hotplug memory > > online all hot-pluggable memory in offline state: > > SKIPPED - no hot-pluggable memory in offline state > > offline 2% hot-pluggable memory in online state > > trying to offline 4 out of 192 memory block(s): > > online->offline memory0 > > online->offline memory10 > > online->offline memory100 > > online->offline memory101 > > online->offline memory102 > > online->offline memory103 > > online->offline memory104 > > online->offline memory105 > > online->offline memory106 > > online->offline memory107 > > online->offline memory108 > > online->offline memory109 > > online->offline memory11 > > online->offline memory110 > > online->offline memory111 > > online->offline memory112 > > online->offline memory113 > > online->offline memory114 > > online->offline memory115 > > online->offline memory116 > > online->offline memory117 > > online->offline memory118 > > online->offline memory119 > > online->offline memory12 > > online->offline memory120 > > online->offline memory121 > > online->offline memory122 > > online->offline memory123 > > online->offline memory124 > > Can we have here an output like > > online->offline memory0 > -> Failure > online->offline memory10 > -> Success > > That would make much more sense for debugging purposes and understanding > what is happening here. I was primarily concerned about the misleading error > message, that indicated that something is "unexpected" -- it's perfectly > reasonable here to *expect* that offlining a random memory blocks just fails. Yes, I will submit a new version of patches to implement it as your suggestiones: 1. Redirect misleading msg to /dev/null 2. Add an output for online->offline test Thanks! > > -- > Thanks, > > David / dhildenb

2 years, 9 months

1
0
0 0

[PATCH 1/2] kunit: tool: remove UML specific options from all_tests_uml.config

by Daniel Latypov

Commit 6fc3a8636a7b ("kunit: tool: Enable virtio/PCI by default on UML") made it so we enable these options by default for UML. Specifying them here is now redundant. Signed-off-by: Daniel Latypov <dlatypov(a)google.com> --- tools/testing/kunit/configs/all_tests_uml.config | 2 -- 1 file changed, 2 deletions(-) diff --git a/tools/testing/kunit/configs/all_tests_uml.config b/tools/testing/kunit/configs/all_tests_uml.config index bdee36bef4a3..f990cbb73250 100644 --- a/tools/testing/kunit/configs/all_tests_uml.config +++ b/tools/testing/kunit/configs/all_tests_uml.config @@ -16,8 +16,6 @@ CONFIG_EXT4_FS=y CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y -CONFIG_VIRTIO_UML=y -CONFIG_UML_PCI_OVER_VIRTIO=y CONFIG_PCI=y CONFIG_USB4=y base-commit: 0b3acd1cc0222953035d18176b1e4aa06624fd6e -- 2.37.2.789.g6183377224-goog

2 years, 9 months

2
3
0 0

Re: [PATCH -next v4 1/3] selftests/memory-hotplug: Add checking after online or offline

by zhaogongyi

Hi, We can not get the EBUSY from " echo 0 > /sys/devices/system/memory/memoryxxx/online", maybe, redirect the error ouput to /dev/null is suitable when calling offline_memory_expect_success(): # sh mem-on-off-test.sh -a mem-on-off-test.sh: illegal option -- a Test scope: 2% hotplug memory online all hot-pluggable memory in offline state: SKIPPED - no hot-pluggable memory in offline state offline 2% hot-pluggable memory in online state trying to offline 4 out of 192 memory block(s): online->offline memory0 online->offline memory10 online->offline memory100 online->offline memory101 online->offline memory102 online->offline memory103 online->offline memory104 online->offline memory105 online->offline memory106 online->offline memory107 online->offline memory108 online->offline memory109 online->offline memory11 online->offline memory110 online->offline memory111 online->offline memory112 online->offline memory113 online->offline memory114 online->offline memory115 online->offline memory116 online->offline memory117 online->offline memory118 online->offline memory119 online->offline memory12 online->offline memory120 online->offline memory121 online->offline memory122 online->offline memory123 online->offline memory124 online all hot-pluggable memory in offline state: offline->online memory121 offline->online memory122 offline->online memory123 offline->online memory124 Test with memory notifier error injection # echo $? 0 Thanks! Gongyi > > > >> Reviewed-by: David Hildenbrand <david(a)redhat.com> > >> > >> > >> I am questioning the stability of the offlining test, though. > >> Offlining a random memory block can fail easily, because > >> "->removable" is not > >> expressive: > >> > >> # tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > >> Test scope: 2% hotplug memory > >> online all hot-pluggable memory in offline state: > >> SKIPPED - no hot-pluggable memory in offline state > >> offline 2% hot-pluggable memory in online state > >> trying to offline 2 out of 96 memory block(s): > >> online->offline memory0 > >> tools/testing/selftests/memory-hotplug/mem-on-off-test.sh: line 78: echo: > >> write error: Invalid argument offline_memory_expect_success 0: > >> unexpected fail > >> online->offline memory10 > >> online->offline memory11 > >> > >> > >> I guess this test will almost always fail nowadays. > > > > Offline some memory node maybe failed as expected, but the error message > is a bit annoying. > > Ah, I see it now. We try offlining two and fail offlining the first one. > Can we silence that warning in that case somehow? > > -- > Thanks, > > David / dhildenb

2 years, 9 months

2
1
0 0

[PATCH] Documentation: Kunit: Use full path to .kunitconfig

by Khalid Masum

The numbered list contains full path to every files that need to be modified or created in order to implement misc-example kunit test. Except for .kunitconfig. Which might make a newcommer confused about where the file exists. Since there are multiple .kunitconfig files. Fix this by using the full path to .kunitconfig. Signed-off-by: Khalid Masum <khalid.masum.92(a)gmail.com> --- Documentation/dev-tools/kunit/start.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst index 867a4bba6bf6..69361065cda6 100644 --- a/Documentation/dev-tools/kunit/start.rst +++ b/Documentation/dev-tools/kunit/start.rst @@ -217,7 +217,7 @@ Now we are ready to write the test cases. obj-$(CONFIG_MISC_EXAMPLE_TEST) += example_test.o -4. Add the following lines to ``.kunitconfig``: +4. Add the following lines to ``.kunit/.kunitconfig``: .. code-block:: none -- 2.37.3

2 years, 9 months

3
3
0 0

[PATCH net-next] selftests/tc-testing: update qdisc/cls/action features in config

by Zhengchao Shao

Since three patchsets "add tc-testing test cases", "refactor duplicate codes in the tc cls walk function", and "refactor duplicate codes in the qdisc class walk function" are merged to net-next tree, the list of supported features needs to be updated in config file. Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- tools/testing/selftests/tc-testing/config | 25 ++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tc-testing/config b/tools/testing/selftests/tc-testing/config index 2b2c2a835757..5ec7418a3c29 100644 --- a/tools/testing/selftests/tc-testing/config +++ b/tools/testing/selftests/tc-testing/config @@ -13,15 +13,28 @@ CONFIG_NET_SCHED=y # Queueing/Scheduling # CONFIG_NET_SCH_ATM=m +CONFIG_NET_SCH_CAKE=m +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_CBS=m CONFIG_NET_SCH_CHOKE=m CONFIG_NET_SCH_CODEL=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_DSMARK=m CONFIG_NET_SCH_ETF=m CONFIG_NET_SCH_FQ=m +CONFIG_NET_SCH_FQ_CODEL=m CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_HFSC=m CONFIG_NET_SCH_HHF=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_INGRESS=m +CONFIG_NET_SCH_MQPRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_NET_SCH_NETEM=m +CONFIG_NET_SCH_PIE=m CONFIG_NET_SCH_PLUG=m CONFIG_NET_SCH_PRIO=m -CONFIG_NET_SCH_INGRESS=m +CONFIG_NET_SCH_QFQ=m CONFIG_NET_SCH_SFB=m CONFIG_NET_SCH_SFQ=m CONFIG_NET_SCH_SKBPRIO=m @@ -37,6 +50,15 @@ CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_BPF=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_FLOWER=m +CONFIG_NET_CLS_MATCHALL=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_RSVP=m +CONFGI_NET_CLS_TCINDEX=m CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=m @@ -68,6 +90,7 @@ CONFIG_NET_ACT_IFE=m CONFIG_NET_ACT_TUNNEL_KEY=m CONFIG_NET_ACT_CT=m CONFIG_NET_ACT_MPLS=m +CONFIG_NET_ACT_GATE=m CONFIG_NET_IFE_SKBMARK=m CONFIG_NET_IFE_SKBPRIO=m CONFIG_NET_IFE_SKBTCINDEX=m -- 2.17.1

2 years, 9 months

3
2
0 0

[PATCH] KVM: selftests: Fix spelling mistake "miliseconds" -> "milliseconds"

by Colin Ian King

There is a spelling mistake in some help text. Fix it. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/kvm/x86_64/nx_huge_pages_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/x86_64/nx_huge_pages_test.c b/tools/testing/selftests/kvm/x86_64/nx_huge_pages_test.c index e19933ea34ca..62827d121c4f 100644 --- a/tools/testing/selftests/kvm/x86_64/nx_huge_pages_test.c +++ b/tools/testing/selftests/kvm/x86_64/nx_huge_pages_test.c @@ -211,7 +211,7 @@ static void help(char *name) puts(""); printf("usage: %s [-h] [-p period_ms] [-t token]\n", name); puts(""); - printf(" -p: The NX reclaim period in miliseconds.\n"); + printf(" -p: The NX reclaim period in milliseconds.\n"); printf(" -t: The magic token to indicate environment setup is done.\n"); printf(" -r: The test has reboot permissions and can disable NX huge pages.\n"); puts(""); -- 2.37.1

2 years, 9 months

1
0
0 0

[PATCH] kselftests/sched: Fix spelling mistake "hiearchy" -> "hierarchy"

by Colin Ian King

There is a spelling mistake in a printed message. Fix it. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/sched/cs_prctl_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/sched/cs_prctl_test.c b/tools/testing/selftests/sched/cs_prctl_test.c index 8109b17dc764..62b579b601bf 100644 --- a/tools/testing/selftests/sched/cs_prctl_test.c +++ b/tools/testing/selftests/sched/cs_prctl_test.c @@ -267,7 +267,7 @@ int main(int argc, char *argv[]) if (setpgid(0, 0) != 0) handle_error("process group"); - printf("\n## Create a thread/process/process group hiearchy\n"); + printf("\n## Create a thread/process/process group hierarchy\n"); create_processes(num_processes, num_threads, procs); need_cleanup = 1; disp_processes(num_processes, procs); -- 2.37.1

2 years, 9 months

1
0
0 0

[PATCH] KVM: selftests: Fix spelling mistake "begining" -> "beginning"

by Colin Ian King

There is a spelling mistake in an asset message. Fix it. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/kvm/lib/elf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/elf.c b/tools/testing/selftests/kvm/lib/elf.c index 9f54c098d9d0..d71a9a5974de 100644 --- a/tools/testing/selftests/kvm/lib/elf.c +++ b/tools/testing/selftests/kvm/lib/elf.c @@ -138,7 +138,7 @@ void kvm_vm_elf_load(struct kvm_vm *vm, const char *filename) offset = hdr.e_phoff + (n1 * hdr.e_phentsize); offset_rv = lseek(fd, offset, SEEK_SET); TEST_ASSERT(offset_rv == offset, - "Failed to seek to begining of program header %u,\n" + "Failed to seek to beginning of program header %u,\n" " filename: %s\n" " rv: %jd errno: %i", n1, filename, (intmax_t) offset_rv, errno); -- 2.37.1

2 years, 9 months

2
1
0 0

[PATCH v2 0/2] kunit: add boot time parameter to enable KUnit

by Joe Fradley

v2: - Added enable check in executor.c to prevent wrong error output from kunit_tool.py when run against a KUnit disabled kernel - kunit_tool.py now passes kunit.enable=1 - Flipped around logic of new config to KUNIT_DEFAULT_ENABLED - Now load modules containing tests but not executing them - Various message/description text clean up There are some use cases where the kernel binary is desired to be the same for both production and testing. This poses a problem for users of KUnit as built-in tests will automatically run at startup and test modules can still be loaded leaving the kernel in an unsafe state. There is a "test" taint flag that gets set if a test runs but nothing to prevent the execution. This patch adds the kunit.enable module parameter that will need to be set to true in addition to KUNIT being enabled for KUnit tests to run. The default value is true giving backwards compatibility. However, for the production+testing use case the new config option KUNIT_DEFAULT_ENABLED can be set to N requiring the tester to opt-in by passing kunit.enable=1 to the kernel. Joe Fradley (2): kunit: add kunit.enable to enable/disable KUnit test kunit: no longer call module_info(test, "Y") for kunit modules .../admin-guide/kernel-parameters.txt | 6 +++++ include/kunit/test.h | 3 ++- lib/kunit/Kconfig | 11 +++++++++ lib/kunit/executor.c | 4 ++++ lib/kunit/test.c | 24 +++++++++++++++++++ tools/testing/kunit/kunit_kernel.py | 1 + 6 files changed, 48 insertions(+), 1 deletion(-) -- 2.37.1.595.g718a3a8f04-goog

2 years, 9 months

3
10
0 0

[PATCH] KVM: selftests: Fix spelling mistake "UFFDIO_CONINUE" -> "UFFDIO_CONTINUE"

by Colin Ian King

There is a spelling mistake in a debug message. Fix it. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/kvm/demand_paging_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/demand_paging_test.c b/tools/testing/selftests/kvm/demand_paging_test.c index 779ae54f89c4..56035d94c653 100644 --- a/tools/testing/selftests/kvm/demand_paging_test.c +++ b/tools/testing/selftests/kvm/demand_paging_test.c @@ -225,7 +225,7 @@ static void setup_demand_paging(struct kvm_vm *vm, PER_PAGE_DEBUG("Userfaultfd %s mode, faults resolved with %s\n", is_minor ? "MINOR" : "MISSING", - is_minor ? "UFFDIO_CONINUE" : "UFFDIO_COPY"); + is_minor ? "UFFDIO_CONTINUE" : "UFFDIO_COPY"); /* In order to get minor faults, prefault via the alias. */ if (is_minor) { -- 2.37.1

2 years, 9 months

1
0
0 0

[PATCH linux-next v5] selftests/vm: enable running select groups of tests

by Joel Savitz

Our memory management kernel CI testing at Red Hat uses the VM selftests and we have run into two problems: First, our LTP tests overlap with the VM selftests. We want to avoid unhelpful redundancy in our testing practices. Second, we have observed the current run_vmtests.sh to report overall failure/ambiguous results in the case that a machine lacks the necessary hardware to perform one or more of the tests. E.g. ksm tests that require more than one numa node. We want to be able to run the vm selftests suitable to particular hardware. Add the ability to run one or more groups of vm tests via run_vmtests.sh instead of simply all-or-none in order to solve these problems. Preserve existing default behavior of running all tests when the script is invoked with no arguments. Documentation of test groups is included in the patch as follows: # ./run_vmtests.sh [ -h || --help ] usage: ./tools/testing/selftests/vm/run_vmtests.sh [ -h | -t "<categories>"] -t: specify specific categories to tests to run -h: display this message The default behavior is to run all tests. Alternatively, specific groups tests can be run by passing a string to the -t argument containing one or more of the following categories separated by spaces: - mmap tests for mmap(2) - gup_test tests for gup using gup_test interface - userfaultfd tests for userfaultfd(2) - compaction a test for the patch "Allow compaction of unevictable pages" - mlock tests for mlock(2) - mremap tests for mremap(2) - hugevm tests for very large virtual address space - vmalloc vmalloc smoke tests - hmm hmm smoke tests - madv_populate test memadvise(2) MADV_POPULATE_{READ,WRITE} options - memfd_secret test memfd_secret(2) - process_mrelease test process_mrelease(2) - ksm ksm tests that do not require >=2 NUMA nodes - ksm_numa ksm tests that require >=2 NUMA nodes - pkey memory protection key tests example: ./run_vmtests.sh -t "hmm mmap ksm" Changes from v4: - fix imprecise checking in test_selected - drop conditional setup/cleanup of hugetlb Changes from v3: - rename variable TEST_ITEMS as VM_TEST_ITEMS Changes from v2: - rebase onto the mm-everyting branch in https://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git - integrate this functionality with new the tests Changes from v1: - use a command line argument to pass the test categories to the script instead of an environmet variable - remove novel prints to avoid messing with extant parsers of this script - update the usage text Signed-off-by: Joel Savitz <jsavitz(a)redhat.com> --- tools/testing/selftests/vm/run_vmtests.sh | 232 +++++++++++++++------- 1 file changed, 155 insertions(+), 77 deletions(-) diff --git a/tools/testing/selftests/vm/run_vmtests.sh b/tools/testing/selftests/vm/run_vmtests.sh index 249295a10f56..f115e9a6d3a1 100755 --- a/tools/testing/selftests/vm/run_vmtests.sh +++ b/tools/testing/selftests/vm/run_vmtests.sh @@ -1,6 +1,6 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0 -#please run as root +# Please run as root # Kselftest framework requirement - SKIP code is 4. ksft_skip=4 @@ -8,15 +8,76 @@ ksft_skip=4 mnt=./huge exitcode=0 -#get huge pagesize and freepages from /proc/meminfo -while read -r name size unit; do - if [ "$name" = "HugePages_Free:" ]; then - freepgs="$size" +usage() { + cat <<EOF +usage: ${BASH_SOURCE[0]:-$0} [ -h | -t "<categories>"] + -t: specify specific categories to tests to run + -h: display this message + +The default behavior is to run all tests. + +Alternatively, specific groups tests can be run by passing a string +to the -t argument containing one or more of the following categories +separated by spaces: +- mmap + tests for mmap(2) +- gup_test + tests for gup using gup_test interface +- userfaultfd + tests for userfaultfd(2) +- compaction + a test for the patch "Allow compaction of unevictable pages" +- mlock + tests for mlock(2) +- mremap + tests for mremap(2) +- hugevm + tests for very large virtual address space +- vmalloc + vmalloc smoke tests +- hmm + hmm smoke tests +- madv_populate + test memadvise(2) MADV_POPULATE_{READ,WRITE} options +- memfd_secret + test memfd_secret(2) +- process_mrelease + test process_mrelease(2) +- ksm + ksm tests that do not require >=2 NUMA nodes +- ksm_numa + ksm tests that require >=2 NUMA nodes +- pkey + memory protection key tests +example: ./run_vmtests.sh -t "hmm mmap ksm" +EOF + exit 0 +} + + +while getopts "ht:" OPT; do + case ${OPT} in + "h") usage ;; + "t") VM_SELFTEST_ITEMS=${OPTARG} ;; + esac +done +shift $((OPTIND -1)) + +# default behavior: run all tests +VM_SELFTEST_ITEMS=${VM_SELFTEST_ITEMS:-default} + +test_selected() { + if [ "$VM_SELFTEST_ITEMS" == "default" ]; then + # If no VM_SELFTEST_ITEMS are specified, run all tests + return 0 fi - if [ "$name" = "Hugepagesize:" ]; then - hpgsize_KB="$size" + # If test selected argument is one of the test items + if [[ " ${VM_SELFTEST_ITEMS[*]} " =~ " ${1} " ]]; then + return 0 + else + return 1 fi -done < /proc/meminfo +} # Simple hugetlbfs tests have a hardcoded minimum requirement of # huge pages totaling 256MB (262144KB) in size. The userfaultfd @@ -28,7 +89,17 @@ hpgsize_MB=$((hpgsize_KB / 1024)) half_ufd_size_MB=$((((nr_cpus * hpgsize_MB + 127) / 128) * 128)) needmem_KB=$((half_ufd_size_MB * 2 * 1024)) -#set proper nr_hugepages +# get huge pagesize and freepages from /proc/meminfo +while read -r name size unit; do + if [ "$name" = "HugePages_Free:" ]; then + freepgs="$size" + fi + if [ "$name" = "Hugepagesize:" ]; then + hpgsize_KB="$size" + fi +done < /proc/meminfo + +# set proper nr_hugepages if [ -n "$freepgs" ] && [ -n "$hpgsize_KB" ]; then nr_hugepgs=$(cat /proc/sys/vm/nr_hugepages) needpgs=$((needmem_KB / hpgsize_KB)) @@ -57,140 +128,147 @@ else exit 1 fi -#filter 64bit architectures +# filter 64bit architectures ARCH64STR="arm64 ia64 mips64 parisc64 ppc64 ppc64le riscv64 s390x sh64 sparc64 x86_64" if [ -z "$ARCH" ]; then ARCH=$(uname -m 2>/dev/null | sed -e 's/aarch64.*/arm64/') fi VADDR64=0 -echo "$ARCH64STR" | grep "$ARCH" && VADDR64=1 +echo "$ARCH64STR" | grep "$ARCH" &>/dev/null && VADDR64=1 # Usage: run_test [test binary] [arbitrary test arguments...] run_test() { - local title="running $*" - local sep=$(echo -n "$title" | tr "[:graph:][:space:]" -) - printf "%s\n%s\n%s\n" "$sep" "$title" "$sep" - - "$@" - local ret=$? - if [ $ret -eq 0 ]; then - echo "[PASS]" - elif [ $ret -eq $ksft_skip ]; then - echo "[SKIP]" - exitcode=$ksft_skip - else - echo "[FAIL]" - exitcode=1 - fi + if test_selected ${CATEGORY}; then + echo "running: $1" + local title="running $*" + local sep=$(echo -n "$title" | tr "[:graph:][:space:]" -) + printf "%s\n%s\n%s\n" "$sep" "$title" "$sep" + + "$@" + local ret=$? + if [ $ret -eq 0 ]; then + echo "[PASS]" + elif [ $ret -eq $ksft_skip ]; then + echo "[SKIP]" + exitcode=$ksft_skip + else + echo "[FAIL]" + exitcode=1 + fi + fi # test_selected } mkdir "$mnt" mount -t hugetlbfs none "$mnt" -run_test ./hugepage-mmap +CATEGORY="hugetlb" run_test ./hugepage-mmap shmmax=$(cat /proc/sys/kernel/shmmax) shmall=$(cat /proc/sys/kernel/shmall) echo 268435456 > /proc/sys/kernel/shmmax echo 4194304 > /proc/sys/kernel/shmall -run_test ./hugepage-shm +CATEGORY="hugetlb" run_test ./hugepage-shm echo "$shmmax" > /proc/sys/kernel/shmmax echo "$shmall" > /proc/sys/kernel/shmall -run_test ./map_hugetlb +CATEGORY="hugetlb" run_test ./map_hugetlb -run_test ./hugepage-mremap "$mnt"/huge_mremap -rm -f "$mnt"/huge_mremap +CATEGORY="hugetlb" run_test ./hugepage-mremap "$mnt"/huge_mremap +test_selected "hugetlb" && rm -f "$mnt"/huge_mremap -run_test ./hugepage-vmemmap +CATEGORY="hugetlb" run_test ./hugepage-vmemmap -run_test ./hugetlb-madvise "$mnt"/madvise-test -rm -f "$mnt"/madvise-test +CATEGORY="hugetlb" run_test ./hugetlb-madvise "$mnt"/madvise-test +test_selected "hugetlb" && rm -f "$mnt"/madvise-test -echo "NOTE: The above hugetlb tests provide minimal coverage. Use" -echo " https://github.com/libhugetlbfs/libhugetlbfs.git for" -echo " hugetlb regression testing." +if test_selected "hugetlb"; then + echo "NOTE: These hugetlb tests provide minimal coverage. Use" + echo " https://github.com/libhugetlbfs/libhugetlbfs.git for" + echo " hugetlb regression testing." +fi -run_test ./map_fixed_noreplace +CATEGORY="mmap" run_test ./map_fixed_noreplace # get_user_pages_fast() benchmark -run_test ./gup_test -u +CATEGORY="gup_test" run_test ./gup_test -u # pin_user_pages_fast() benchmark -run_test ./gup_test -a +CATEGORY="gup_test" run_test ./gup_test -a # Dump pages 0, 19, and 4096, using pin_user_pages: -run_test ./gup_test -ct -F 0x1 0 19 0x1000 +CATEGORY="gup_test" run_test ./gup_test -ct -F 0x1 0 19 0x1000 -run_test ./userfaultfd anon 20 16 -run_test ./userfaultfd anon:dev 20 16 +CATEGORY="userfaultfd" run_test ./userfaultfd anon 20 16 +CATEGORY="userfaultfd" run_test ./userfaultfd anon:dev 20 16 # Hugetlb tests require source and destination huge pages. Pass in half the # size ($half_ufd_size_MB), which is used for *each*. -run_test ./userfaultfd hugetlb "$half_ufd_size_MB" 32 -run_test ./userfaultfd hugetlb:dev "$half_ufd_size_MB" 32 -run_test ./userfaultfd hugetlb_shared "$half_ufd_size_MB" 32 "$mnt"/uffd-test +CATEGORY="userfaultfd" run_test ./userfaultfd hugetlb "$half_ufd_size_MB" 32 +CATEGORY="userfaultfd" run_test ./userfaultfd hugetlb:dev "$half_ufd_size_MB" 32 +CATEGORY="userfaultfd" run_test ./userfaultfd hugetlb_shared "$half_ufd_size_MB" 32 "$mnt"/uffd-test rm -f "$mnt"/uffd-test -run_test ./userfaultfd hugetlb_shared:dev "$half_ufd_size_MB" 32 "$mnt"/uffd-test +CATEGORY="userfaultfd" run_test ./userfaultfd hugetlb_shared:dev "$half_ufd_size_MB" 32 "$mnt"/uffd-test rm -f "$mnt"/uffd-test -run_test ./userfaultfd shmem 20 16 -run_test ./userfaultfd shmem:dev 20 16 - -#cleanup -umount "$mnt" -rm -rf "$mnt" -echo "$nr_hugepgs" > /proc/sys/vm/nr_hugepages +CATEGORY="userfaultfd" run_test ./userfaultfd shmem 20 16 +CATEGORY="userfaultfd" run_test ./userfaultfd shmem:dev 20 16 + +# cleanup (only needed when running hugetlb tests) +if test_selected "hugetlb"; then + umount "$mnt" + rm -rf "$mnt" + echo "$nr_hugepgs" > /proc/sys/vm/nr_hugepages +fi -run_test ./compaction_test +CATEGORY="compaction" run_test ./compaction_test -run_test sudo -u nobody ./on-fault-limit +CATEGORY="mlock" run_test sudo -u nobody ./on-fault-limit -run_test ./map_populate +CATEGORY="mmap" run_test ./map_populate -run_test ./mlock-random-test +CATEGORY="mlock" run_test ./mlock-random-test -run_test ./mlock2-tests +CATEGORY="mlock" run_test ./mlock2-tests -run_test ./mrelease_test +CATEGORY="process_mrelease" run_test ./mrelease_test -run_test ./mremap_test +CATEGORY="mremap" run_test ./mremap_test -run_test ./thuge-gen +CATEGORY="hugetlb" run_test ./thuge-gen if [ $VADDR64 -ne 0 ]; then - run_test ./virtual_address_range + CATEGORY="hugevm" run_test ./virtual_address_range # virtual address 128TB switch test - run_test ./va_128TBswitch.sh + CATEGORY="hugevm" run_test ./va_128TBswitch.sh fi # VADDR64 # vmalloc stability smoke test -run_test ./test_vmalloc.sh smoke +CATEGORY="vmalloc" run_test ./test_vmalloc.sh smoke -run_test ./mremap_dontunmap +CATEGORY="mremap" run_test ./mremap_dontunmap -run_test ./test_hmm.sh smoke +CATEGORY="hmm" run_test ./test_hmm.sh smoke # MADV_POPULATE_READ and MADV_POPULATE_WRITE tests -run_test ./madv_populate +CATEGORY="madv_populate" run_test ./madv_populate -run_test ./memfd_secret +CATEGORY="memfd_secret" run_test ./memfd_secret # KSM MADV_MERGEABLE test with 10 identical pages -run_test ./ksm_tests -M -p 10 +CATEGORY="ksm" run_test ./ksm_tests -M -p 10 # KSM unmerge test -run_test ./ksm_tests -U +CATEGORY="ksm" run_test ./ksm_tests -U # KSM test with 10 zero pages and use_zero_pages = 0 -run_test ./ksm_tests -Z -p 10 -z 0 +CATEGORY="ksm" run_test ./ksm_tests -Z -p 10 -z 0 # KSM test with 10 zero pages and use_zero_pages = 1 -run_test ./ksm_tests -Z -p 10 -z 1 +CATEGORY="ksm" run_test ./ksm_tests -Z -p 10 -z 1 # KSM test with 2 NUMA nodes and merge_across_nodes = 1 -run_test ./ksm_tests -N -m 1 +CATEGORY="ksm_numa" run_test ./ksm_tests -N -m 1 # KSM test with 2 NUMA nodes and merge_across_nodes = 0 -run_test ./ksm_tests -N -m 0 +CATEGORY="ksm_numa" run_test ./ksm_tests -N -m 0 # protection_keys tests if [ $VADDR64 -eq 0 ]; then - run_test ./protection_keys_32 + CATEGORY="pkey" run_test ./protection_keys_32 else - run_test ./protection_keys_64 + CATEGORY="pkey" run_test ./protection_keys_64 fi exit $exitcode -- 2.31.1

2 years, 9 months

1
0
0 0

[PATCH v6 net-next 8/9] net: dsa: mv88e6xxx: add blackhole ATU entries

by Hans Schultz

From: "Hans J. Schultz" <netdev(a)kapio-technology.com> Blackhole FDB entries can now be added, deleted or replaced in the driver ATU. Signed-off-by: Hans J. Schultz <netdev(a)kapio-technology.com> --- drivers/net/dsa/mv88e6xxx/chip.c | 78 ++++++++++++++++++++++++++++++-- 1 file changed, 74 insertions(+), 4 deletions(-) diff --git a/drivers/net/dsa/mv88e6xxx/chip.c b/drivers/net/dsa/mv88e6xxx/chip.c index 71843fe87f77..a17f30e5d4a6 100644 --- a/drivers/net/dsa/mv88e6xxx/chip.c +++ b/drivers/net/dsa/mv88e6xxx/chip.c @@ -2735,6 +2735,72 @@ static int mv88e6xxx_vlan_msti_set(struct dsa_switch *ds, return err; } +struct mv88e6xxx_vid_search_ctx { + u16 vid_search; + u16 fid_found; +}; + +static int mv88e6xxx_find_fid_on_matching_vid(struct mv88e6xxx_chip *chip, + const struct mv88e6xxx_vtu_entry *entry, + void *priv) +{ + struct mv88e6xxx_vid_search_ctx *ctx = priv; + + if (ctx->vid_search == entry->vid) { + ctx->fid_found = entry->fid; + return 1; + } + + return 0; +} + +static int mv88e6xxx_blackhole_fdb_loadpurge(struct dsa_switch *ds, + const unsigned char *addr, u16 vid, u8 state) +{ + struct mv88e6xxx_chip *chip = ds->priv; + struct mv88e6xxx_vid_search_ctx ctx; + struct mv88e6xxx_atu_entry entry; + u16 fid = 0; + int err; + + ether_addr_copy(entry.mac, addr); + entry.portvec = MV88E6XXX_G1_ATU_DATA_PORT_VECTOR_NO_EGRESS; + entry.state = state; + entry.trunk = false; + + ctx.vid_search = vid; + mv88e6xxx_reg_lock(chip); + err = mv88e6xxx_vtu_walk(chip, mv88e6xxx_find_fid_on_matching_vid, &ctx); + mv88e6xxx_reg_unlock(chip); + if (err < 0) + return err; + if (err == 1) + fid = ctx.fid_found; + else + return -ENODATA; + + if (!fid) + return -ENODATA; + + mv88e6xxx_reg_lock(chip); + err = mv88e6xxx_g1_atu_loadpurge(chip, fid, &entry); + mv88e6xxx_reg_unlock(chip); + + return err; +} + +int mv88e6xxx_blackhole_fdb_add(struct dsa_switch *ds, const unsigned char *addr, u16 vid) +{ + return mv88e6xxx_blackhole_fdb_loadpurge(ds, addr, vid, + MV88E6XXX_G1_ATU_DATA_STATE_UC_STATIC); +} + +int mv88e6xxx_blackhole_fdb_del(struct dsa_switch *ds, const unsigned char *addr, u16 vid) +{ + return mv88e6xxx_blackhole_fdb_loadpurge(ds, addr, vid, + MV88E6XXX_G1_ATU_DATA_STATE_UC_UNUSED); +} + static int mv88e6xxx_port_fdb_add(struct dsa_switch *ds, int port, const unsigned char *addr, u16 vid, u16 fdb_flags, struct dsa_db db) @@ -2742,9 +2808,12 @@ static int mv88e6xxx_port_fdb_add(struct dsa_switch *ds, int port, struct mv88e6xxx_chip *chip = ds->priv; int err; - /* Ignore entries with flags set */ - if (fdb_flags) + if (fdb_flags & DSA_FDB_FLAG_LOCKED) return 0; + if (fdb_flags & DSA_FDB_FLAG_BLACKHOLE) { + mv88e6xxx_blackhole_fdb_del(ds, addr, vid); + return mv88e6xxx_blackhole_fdb_add(ds, addr, vid); + } if (mv88e6xxx_port_is_locked(chip, port)) mv88e6xxx_atu_locked_entry_find_purge(ds, port, addr, vid); @@ -2765,9 +2834,10 @@ static int mv88e6xxx_port_fdb_del(struct dsa_switch *ds, int port, bool locked_found = false; int err = 0; - /* Ignore entries with flags set */ - if (fdb_flags) + if (fdb_flags & DSA_FDB_FLAG_LOCKED) return 0; + if (fdb_flags & DSA_FDB_FLAG_BLACKHOLE) + return mv88e6xxx_blackhole_fdb_del(ds, addr, vid); if (mv88e6xxx_port_is_locked(chip, port)) locked_found = mv88e6xxx_atu_locked_entry_find_purge(ds, port, addr, vid); -- 2.34.1

2 years, 9 months

1
0
0 0

[PATCH v6 net-next 7/9] net: dsa: mv88e6xxx: mac-auth/MAB implementation

by Hans Schultz

From: "Hans J. Schultz" <netdev(a)kapio-technology.com> This implementation for the Marvell mv88e6xxx chip series, is based on handling ATU miss violations occurring when packets ingress on a port that is locked. The mac address triggering the ATU miss violation will be added to the ATU with a zero-DPV, and is then communicated through switchdev to the bridge module, which adds a fdb entry with the fdb locked flag set. The entry is kept according to the bridges ageing time, thus simulating a dynamic entry. Additionally the driver will set the sticky and masked flags, as the driver does not support roaming and forwarding from any port to a locked entry. As this is essentially a form of CPU based learning, the amount of locked entries will be limited by a hardcoded value for now, so as to prevent DOS attacks. Signed-off-by: Hans J. Schultz <netdev(a)kapio-technology.com> --- drivers/net/dsa/mv88e6xxx/Makefile | 1 + drivers/net/dsa/mv88e6xxx/chip.c | 76 +++++-- drivers/net/dsa/mv88e6xxx/chip.h | 19 ++ drivers/net/dsa/mv88e6xxx/global1.h | 1 + drivers/net/dsa/mv88e6xxx/global1_atu.c | 12 +- drivers/net/dsa/mv88e6xxx/port.c | 15 +- drivers/net/dsa/mv88e6xxx/port.h | 6 + drivers/net/dsa/mv88e6xxx/switchdev.c | 284 ++++++++++++++++++++++++ drivers/net/dsa/mv88e6xxx/switchdev.h | 37 +++ 9 files changed, 429 insertions(+), 22 deletions(-) create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.c create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.h diff --git a/drivers/net/dsa/mv88e6xxx/Makefile b/drivers/net/dsa/mv88e6xxx/Makefile index c8eca2b6f959..be903a983780 100644 --- a/drivers/net/dsa/mv88e6xxx/Makefile +++ b/drivers/net/dsa/mv88e6xxx/Makefile @@ -15,3 +15,4 @@ mv88e6xxx-objs += port_hidden.o mv88e6xxx-$(CONFIG_NET_DSA_MV88E6XXX_PTP) += ptp.o mv88e6xxx-objs += serdes.o mv88e6xxx-objs += smi.o +mv88e6xxx-objs += switchdev.o diff --git a/drivers/net/dsa/mv88e6xxx/chip.c b/drivers/net/dsa/mv88e6xxx/chip.c index 352121cce77e..71843fe87f77 100644 --- a/drivers/net/dsa/mv88e6xxx/chip.c +++ b/drivers/net/dsa/mv88e6xxx/chip.c @@ -42,6 +42,7 @@ #include "ptp.h" #include "serdes.h" #include "smi.h" +#include "switchdev.h" static void assert_reg_lock(struct mv88e6xxx_chip *chip) { @@ -924,6 +925,13 @@ static void mv88e6xxx_mac_link_down(struct dsa_switch *ds, int port, if (err) dev_err(chip->dev, "p%d: failed to force MAC link down\n", port); + else + if (mv88e6xxx_port_is_locked(chip, port)) { + err = mv88e6xxx_atu_locked_entry_flush(ds, port); + if (err) + dev_err(chip->dev, + "p%d: failed to clear locked entries\n", port); + } } static void mv88e6xxx_mac_link_up(struct dsa_switch *ds, int port, @@ -1690,6 +1698,13 @@ static void mv88e6xxx_port_fast_age(struct dsa_switch *ds, int port) struct mv88e6xxx_chip *chip = ds->priv; int err; + if (mv88e6xxx_port_is_locked(chip, port)) { + err = mv88e6xxx_atu_locked_entry_flush(ds, port); + if (err) + dev_err(chip->ds->dev, "p%d: failed to clear locked entries: %d\n", + port, err); + } + mv88e6xxx_reg_lock(chip); err = mv88e6xxx_port_fast_age_fid(chip, port, 0); mv88e6xxx_reg_unlock(chip); @@ -1726,11 +1741,11 @@ static int mv88e6xxx_vtu_get(struct mv88e6xxx_chip *chip, u16 vid, return err; } -static int mv88e6xxx_vtu_walk(struct mv88e6xxx_chip *chip, - int (*cb)(struct mv88e6xxx_chip *chip, - const struct mv88e6xxx_vtu_entry *entry, - void *priv), - void *priv) +int mv88e6xxx_vtu_walk(struct mv88e6xxx_chip *chip, + int (*cb)(struct mv88e6xxx_chip *chip, + const struct mv88e6xxx_vtu_entry *entry, + void *priv), + void *priv) { struct mv88e6xxx_vtu_entry entry = { .vid = mv88e6xxx_max_vid(chip), @@ -2731,6 +2746,9 @@ static int mv88e6xxx_port_fdb_add(struct dsa_switch *ds, int port, if (fdb_flags) return 0; + if (mv88e6xxx_port_is_locked(chip, port)) + mv88e6xxx_atu_locked_entry_find_purge(ds, port, addr, vid); + mv88e6xxx_reg_lock(chip); err = mv88e6xxx_port_db_load_purge(chip, port, addr, vid, MV88E6XXX_G1_ATU_DATA_STATE_UC_STATIC); @@ -2744,16 +2762,21 @@ static int mv88e6xxx_port_fdb_del(struct dsa_switch *ds, int port, u16 fdb_flags, struct dsa_db db) { struct mv88e6xxx_chip *chip = ds->priv; - int err; + bool locked_found = false; + int err = 0; /* Ignore entries with flags set */ if (fdb_flags) return 0; - mv88e6xxx_reg_lock(chip); - err = mv88e6xxx_port_db_load_purge(chip, port, addr, vid, 0); - mv88e6xxx_reg_unlock(chip); + if (mv88e6xxx_port_is_locked(chip, port)) + locked_found = mv88e6xxx_atu_locked_entry_find_purge(ds, port, addr, vid); + if (!locked_found) { + mv88e6xxx_reg_lock(chip); + err = mv88e6xxx_port_db_load_purge(chip, port, addr, vid, 0); + mv88e6xxx_reg_unlock(chip); + } return err; } @@ -3849,11 +3872,18 @@ static int mv88e6xxx_setup(struct dsa_switch *ds) static int mv88e6xxx_port_setup(struct dsa_switch *ds, int port) { - return mv88e6xxx_setup_devlink_regions_port(ds, port); + int err; + + err = mv88e6xxx_setup_devlink_regions_port(ds, port); + if (!err) + return mv88e6xxx_init_violation_handler(ds, port); + + return err; } static void mv88e6xxx_port_teardown(struct dsa_switch *ds, int port) { + mv88e6xxx_teardown_violation_handler(ds, port); mv88e6xxx_teardown_devlink_regions_port(ds, port); } @@ -6528,7 +6558,7 @@ static int mv88e6xxx_port_pre_bridge_flags(struct dsa_switch *ds, int port, const struct mv88e6xxx_ops *ops; if (flags.mask & ~(BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD | - BR_BCAST_FLOOD | BR_PORT_LOCKED)) + BR_BCAST_FLOOD | BR_PORT_LOCKED | BR_PORT_MAB)) return -EINVAL; ops = chip->info->ops; @@ -6549,13 +6579,13 @@ static int mv88e6xxx_port_bridge_flags(struct dsa_switch *ds, int port, struct mv88e6xxx_chip *chip = ds->priv; int err = -EOPNOTSUPP; - mv88e6xxx_reg_lock(chip); - if (flags.mask & BR_LEARNING) { bool learning = !!(flags.val & BR_LEARNING); u16 pav = learning ? (1 << port) : 0; + mv88e6xxx_reg_lock(chip); err = mv88e6xxx_port_set_assoc_vector(chip, port, pav); + mv88e6xxx_reg_unlock(chip); if (err) goto out; } @@ -6563,8 +6593,10 @@ static int mv88e6xxx_port_bridge_flags(struct dsa_switch *ds, int port, if (flags.mask & BR_FLOOD) { bool unicast = !!(flags.val & BR_FLOOD); + mv88e6xxx_reg_lock(chip); err = chip->info->ops->port_set_ucast_flood(chip, port, unicast); + mv88e6xxx_reg_unlock(chip); if (err) goto out; } @@ -6572,8 +6604,10 @@ static int mv88e6xxx_port_bridge_flags(struct dsa_switch *ds, int port, if (flags.mask & BR_MCAST_FLOOD) { bool multicast = !!(flags.val & BR_MCAST_FLOOD); + mv88e6xxx_reg_lock(chip); err = chip->info->ops->port_set_mcast_flood(chip, port, multicast); + mv88e6xxx_reg_unlock(chip); if (err) goto out; } @@ -6581,20 +6615,34 @@ static int mv88e6xxx_port_bridge_flags(struct dsa_switch *ds, int port, if (flags.mask & BR_BCAST_FLOOD) { bool broadcast = !!(flags.val & BR_BCAST_FLOOD); + mv88e6xxx_reg_lock(chip); err = mv88e6xxx_port_broadcast_sync(chip, port, broadcast); + mv88e6xxx_reg_unlock(chip); if (err) goto out; } + if (flags.mask & BR_PORT_MAB) { + chip->ports[port].mab = !!(flags.val & BR_PORT_MAB); + + if (!chip->ports[port].mab) + err = mv88e6xxx_atu_locked_entry_flush(ds, port); + else + err = 0; + } + if (flags.mask & BR_PORT_LOCKED) { bool locked = !!(flags.val & BR_PORT_LOCKED); + mv88e6xxx_reg_lock(chip); err = mv88e6xxx_port_set_lock(chip, port, locked); + mv88e6xxx_reg_unlock(chip); if (err) goto out; + + chip->ports[port].locked = locked; } out: - mv88e6xxx_reg_unlock(chip); return err; } diff --git a/drivers/net/dsa/mv88e6xxx/chip.h b/drivers/net/dsa/mv88e6xxx/chip.h index e693154cf803..180fbcf596fa 100644 --- a/drivers/net/dsa/mv88e6xxx/chip.h +++ b/drivers/net/dsa/mv88e6xxx/chip.h @@ -280,6 +280,16 @@ struct mv88e6xxx_port { unsigned int serdes_irq; char serdes_irq_name[64]; struct devlink_region *region; + + /* Locked port and MacAuth control flags */ + bool locked; + bool mab; + + /* List and maintenance of ATU locked entries */ + struct mutex ale_list_lock; + struct list_head ale_list; + struct delayed_work ale_work; + int ale_cnt; }; enum mv88e6xxx_region_id { @@ -399,6 +409,9 @@ struct mv88e6xxx_chip { int egress_dest_port; int ingress_dest_port; + /* Keep the register written age time for easy access */ + u8 age_time; + /* Per-port timestamping resources. */ struct mv88e6xxx_port_hwtstamp port_hwtstamp[DSA_MAX_PORTS]; @@ -802,6 +815,12 @@ static inline void mv88e6xxx_reg_unlock(struct mv88e6xxx_chip *chip) mutex_unlock(&chip->reg_lock); } +int mv88e6xxx_vtu_walk(struct mv88e6xxx_chip *chip, + int (*cb)(struct mv88e6xxx_chip *chip, + const struct mv88e6xxx_vtu_entry *entry, + void *priv), + void *priv); + int mv88e6xxx_fid_map(struct mv88e6xxx_chip *chip, unsigned long *bitmap); #endif /* _MV88E6XXX_CHIP_H */ diff --git a/drivers/net/dsa/mv88e6xxx/global1.h b/drivers/net/dsa/mv88e6xxx/global1.h index 65958b2a0d3a..503fbf216670 100644 --- a/drivers/net/dsa/mv88e6xxx/global1.h +++ b/drivers/net/dsa/mv88e6xxx/global1.h @@ -136,6 +136,7 @@ #define MV88E6XXX_G1_ATU_DATA_TRUNK 0x8000 #define MV88E6XXX_G1_ATU_DATA_TRUNK_ID_MASK 0x00f0 #define MV88E6XXX_G1_ATU_DATA_PORT_VECTOR_MASK 0x3ff0 +#define MV88E6XXX_G1_ATU_DATA_PORT_VECTOR_NO_EGRESS 0x0000 #define MV88E6XXX_G1_ATU_DATA_STATE_MASK 0x000f #define MV88E6XXX_G1_ATU_DATA_STATE_UC_UNUSED 0x0000 #define MV88E6XXX_G1_ATU_DATA_STATE_UC_AGE_1_OLDEST 0x0001 diff --git a/drivers/net/dsa/mv88e6xxx/global1_atu.c b/drivers/net/dsa/mv88e6xxx/global1_atu.c index d9dfa1159cde..67907cd00b87 100644 --- a/drivers/net/dsa/mv88e6xxx/global1_atu.c +++ b/drivers/net/dsa/mv88e6xxx/global1_atu.c @@ -12,6 +12,8 @@ #include "chip.h" #include "global1.h" +#include "port.h" +#include "switchdev.h" /* Offset 0x01: ATU FID Register */ @@ -54,6 +56,7 @@ int mv88e6xxx_g1_atu_set_age_time(struct mv88e6xxx_chip *chip, /* Round to nearest multiple of coeff */ age_time = (msecs + coeff / 2) / coeff; + chip->age_time = age_time; err = mv88e6xxx_g1_read(chip, MV88E6XXX_G1_ATU_CTL, &val); if (err) @@ -426,6 +429,8 @@ static irqreturn_t mv88e6xxx_g1_atu_prob_irq_thread_fn(int irq, void *dev_id) if (err) goto out; + mv88e6xxx_reg_unlock(chip); + spid = entry.state; if (val & MV88E6XXX_G1_ATU_OP_AGE_OUT_VIOLATION) { @@ -446,6 +451,12 @@ static irqreturn_t mv88e6xxx_g1_atu_prob_irq_thread_fn(int irq, void *dev_id) "ATU miss violation for %pM portvec %x spid %d\n", entry.mac, entry.portvec, spid); chip->ports[spid].atu_miss_violation++; + + if (fid && chip->ports[spid].mab) + err = mv88e6xxx_handle_violation(chip, spid, &entry, fid, + MV88E6XXX_G1_ATU_OP_MISS_VIOLATION); + if (err) + goto out; } if (val & MV88E6XXX_G1_ATU_OP_FULL_VIOLATION) { @@ -454,7 +465,6 @@ static irqreturn_t mv88e6xxx_g1_atu_prob_irq_thread_fn(int irq, void *dev_id) entry.mac, entry.portvec, spid); chip->ports[spid].atu_full_violation++; } - mv88e6xxx_reg_unlock(chip); return IRQ_HANDLED; diff --git a/drivers/net/dsa/mv88e6xxx/port.c b/drivers/net/dsa/mv88e6xxx/port.c index 5c4195c635b0..67e457ce67ae 100644 --- a/drivers/net/dsa/mv88e6xxx/port.c +++ b/drivers/net/dsa/mv88e6xxx/port.c @@ -14,9 +14,11 @@ #include <linux/phylink.h> #include "chip.h" +#include "global1.h" #include "global2.h" #include "port.h" #include "serdes.h" +#include "switchdev.h" int mv88e6xxx_port_read(struct mv88e6xxx_chip *chip, int port, int reg, u16 *val) @@ -1240,13 +1242,12 @@ int mv88e6xxx_port_set_lock(struct mv88e6xxx_chip *chip, int port, if (err) return err; - err = mv88e6xxx_port_read(chip, port, MV88E6XXX_PORT_ASSOC_VECTOR, &reg); - if (err) - return err; - - reg &= ~MV88E6XXX_PORT_ASSOC_VECTOR_LOCKED_PORT; - if (locked) - reg |= MV88E6XXX_PORT_ASSOC_VECTOR_LOCKED_PORT; + reg = 0; + if (locked) { + reg = (1 << port); + reg |= MV88E6XXX_PORT_ASSOC_VECTOR_IGNORE_WRONG | + MV88E6XXX_PORT_ASSOC_VECTOR_LOCKED_PORT; + } return mv88e6xxx_port_write(chip, port, MV88E6XXX_PORT_ASSOC_VECTOR, reg); } diff --git a/drivers/net/dsa/mv88e6xxx/port.h b/drivers/net/dsa/mv88e6xxx/port.h index cb04243f37c1..9475bc6e95a2 100644 --- a/drivers/net/dsa/mv88e6xxx/port.h +++ b/drivers/net/dsa/mv88e6xxx/port.h @@ -231,6 +231,7 @@ #define MV88E6XXX_PORT_ASSOC_VECTOR_LOCKED_PORT 0x2000 #define MV88E6XXX_PORT_ASSOC_VECTOR_IGNORE_WRONG 0x1000 #define MV88E6XXX_PORT_ASSOC_VECTOR_REFRESH_LOCKED 0x0800 +#define MV88E6XXX_PORT_ASSOC_VECTOR_PAV_MASK 0x07ff /* Offset 0x0C: Port ATU Control */ #define MV88E6XXX_PORT_ATU_CTL 0x0c @@ -375,6 +376,11 @@ int mv88e6xxx_port_set_pvid(struct mv88e6xxx_chip *chip, int port, u16 pvid); int mv88e6xxx_port_set_lock(struct mv88e6xxx_chip *chip, int port, bool locked); +static inline bool mv88e6xxx_port_is_locked(struct mv88e6xxx_chip *chip, int port) +{ + return chip->ports[port].locked; +} + int mv88e6xxx_port_set_8021q_mode(struct mv88e6xxx_chip *chip, int port, u16 mode); int mv88e6095_port_tag_remap(struct mv88e6xxx_chip *chip, int port); diff --git a/drivers/net/dsa/mv88e6xxx/switchdev.c b/drivers/net/dsa/mv88e6xxx/switchdev.c new file mode 100644 index 000000000000..327dbc0cfc3c --- /dev/null +++ b/drivers/net/dsa/mv88e6xxx/switchdev.c @@ -0,0 +1,284 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * switchdev.c + * + * Authors: + * Hans J. Schultz <hans.schultz(a)westermo.com> + * + */ + +#include <net/switchdev.h> +#include <linux/list.h> +#include "chip.h" +#include "global1.h" +#include "switchdev.h" + +static void mv88e6xxx_atu_locked_entry_purge(struct mv88e6xxx_atu_locked_entry *ale, + bool notify, bool take_nl_lock) +{ + struct switchdev_notifier_fdb_info info = { + .addr = ale->mac, + .vid = ale->vid, + .locked = true, + .offloaded = true, + }; + struct mv88e6xxx_atu_entry entry; + struct net_device *brport; + struct dsa_port *dp; + + entry.portvec = MV88E6XXX_G1_ATU_DATA_PORT_VECTOR_NO_EGRESS; + entry.state = MV88E6XXX_G1_ATU_DATA_STATE_UC_UNUSED; + entry.trunk = false; + ether_addr_copy(entry.mac, ale->mac); + + mv88e6xxx_reg_lock(ale->chip); + mv88e6xxx_g1_atu_loadpurge(ale->chip, ale->fid, &entry); + mv88e6xxx_reg_unlock(ale->chip); + + dp = dsa_to_port(ale->chip->ds, ale->port); + + if (notify) { + if (take_nl_lock) + rtnl_lock(); + brport = dsa_port_to_bridge_port(dp); + + if (brport) { + call_switchdev_notifiers(SWITCHDEV_FDB_DEL_TO_BRIDGE, + brport, &info.info, NULL); + } else { + dev_err(ale->chip->dev, "No bridge port for dsa port belonging to port %d\n", + ale->port); + } + if (take_nl_lock) + rtnl_unlock(); + } + + list_del(&ale->list); + kfree(ale); +} + +static void mv88e6xxx_atu_locked_entry_cleanup(struct work_struct *work) +{ + struct mv88e6xxx_port *p = container_of(work, struct mv88e6xxx_port, ale_work.work); + struct mv88e6xxx_atu_locked_entry *ale, *tmp; + + mutex_lock(&p->ale_list_lock); + list_for_each_entry_safe(ale, tmp, &p->ale_list, list) { + if (time_after(jiffies, ale->expires)) { + mv88e6xxx_atu_locked_entry_purge(ale, true, true); + p->ale_cnt--; + } + } + mutex_unlock(&p->ale_list_lock); + + mod_delayed_work(system_long_wq, &p->ale_work, msecs_to_jiffies(100)); +} + +static int mv88e6xxx_new_atu_locked_entry(struct mv88e6xxx_chip *chip, const unsigned char *addr, + int port, u16 fid, u16 vid, + struct mv88e6xxx_atu_locked_entry **alep) +{ + struct mv88e6xxx_atu_locked_entry *ale; + unsigned long now, age_time; + + ale = kmalloc(sizeof(*ale), GFP_ATOMIC); + if (!ale) + return -ENOMEM; + + ether_addr_copy(ale->mac, addr); + ale->chip = chip; + ale->port = port; + ale->fid = fid; + ale->vid = vid; + now = jiffies; + age_time = chip->age_time * chip->info->age_time_coeff; + ale->expires = now + age_time; + + *alep = ale; + return 0; +} + +struct mv88e6xxx_fid_search_ctx { + u16 fid_search; + u16 vid_found; +}; + +static int mv88e6xxx_find_vid_on_matching_fid(struct mv88e6xxx_chip *chip, + const struct mv88e6xxx_vtu_entry *entry, + void *priv) +{ + struct mv88e6xxx_fid_search_ctx *ctx = priv; + + if (ctx->fid_search == entry->fid) { + ctx->vid_found = entry->vid; + return 1; + } + + return 0; +} + +int mv88e6xxx_handle_violation(struct mv88e6xxx_chip *chip, int port, + struct mv88e6xxx_atu_entry *entry, + u16 fid, u16 type) +{ + struct switchdev_notifier_fdb_info info = { + .addr = entry->mac, + .vid = 0, + .is_local = true, + .locked = true, + .blackhole = true, + .offloaded = true, + }; + struct mv88e6xxx_atu_locked_entry *ale; + struct mv88e6xxx_fid_search_ctx ctx; + struct net_device *brport; + struct mv88e6xxx_port *p; + struct dsa_port *dp; + int err; + + if (!mv88e6xxx_is_invalid_port(chip, port)) + p = &chip->ports[port]; + else + return -ENODEV; + + ctx.fid_search = fid; + mv88e6xxx_reg_lock(chip); + err = mv88e6xxx_vtu_walk(chip, mv88e6xxx_find_vid_on_matching_fid, &ctx); + mv88e6xxx_reg_unlock(chip); + if (err < 0) + return err; + if (err == 1) + info.vid = ctx.vid_found; + else + return -ENODATA; + + switch (type) { + case MV88E6XXX_G1_ATU_OP_MISS_VIOLATION: + mutex_lock(&p->ale_list_lock); + if (p->ale_cnt >= ATU_LOCKED_ENTRIES_MAX) + goto exit; + mutex_unlock(&p->ale_list_lock); + entry->portvec = MV88E6XXX_G1_ATU_DATA_PORT_VECTOR_NO_EGRESS; + entry->state = MV88E6XXX_G1_ATU_DATA_STATE_UC_STATIC; + entry->trunk = false; + + mv88e6xxx_reg_lock(chip); + err = mv88e6xxx_g1_atu_loadpurge(chip, fid, entry); + if (err) + goto fail; + mv88e6xxx_reg_unlock(chip); + + dp = dsa_to_port(chip->ds, port); + err = mv88e6xxx_new_atu_locked_entry(chip, entry->mac, port, fid, + info.vid, &ale); + if (err) + return err; + + mutex_lock(&p->ale_list_lock); + list_add(&ale->list, &p->ale_list); + p->ale_cnt++; + mutex_unlock(&p->ale_list_lock); + + rtnl_lock(); + brport = dsa_port_to_bridge_port(dp); + if (!brport) { + rtnl_unlock(); + return -ENODEV; + } + err = call_switchdev_notifiers(SWITCHDEV_FDB_ADD_TO_BRIDGE, + brport, &info.info, NULL); + rtnl_unlock(); + break; + } + + return err; + +fail: + mv88e6xxx_reg_unlock(chip); + return err; + +exit: + mutex_unlock(&p->ale_list_lock); + return 0; +} + +bool mv88e6xxx_atu_locked_entry_find_purge(struct dsa_switch *ds, int port, + const unsigned char *addr, u16 vid) +{ + struct mv88e6xxx_atu_locked_entry *ale, *tmp; + struct mv88e6xxx_chip *chip = ds->priv; + struct mv88e6xxx_port *p; + bool found = false; + + p = &chip->ports[port]; + mutex_lock(&p->ale_list_lock); + list_for_each_entry_safe(ale, tmp, &p->ale_list, list) { + if (ether_addr_equal(ale->mac, addr) == 0) { + if (ale->vid == vid) { + mv88e6xxx_atu_locked_entry_purge(ale, false, false); + p->ale_cnt--; + found = true; + break; + } + } + } + mutex_unlock(&p->ale_list_lock); + return found; +} + +int mv88e6xxx_atu_locked_entry_flush(struct dsa_switch *ds, int port) +{ + struct mv88e6xxx_atu_locked_entry *ale, *tmp; + struct mv88e6xxx_chip *chip = ds->priv; + struct mv88e6xxx_port *p; + + if (!mv88e6xxx_is_invalid_port(chip, port)) + p = &chip->ports[port]; + else + return -ENODEV; + + mutex_lock(&p->ale_list_lock); + list_for_each_entry_safe(ale, tmp, &p->ale_list, list) { + mv88e6xxx_atu_locked_entry_purge(ale, true, false); + p->ale_cnt--; + } + mutex_unlock(&p->ale_list_lock); + + return 0; +} + +int mv88e6xxx_init_violation_handler(struct dsa_switch *ds, int port) +{ + struct mv88e6xxx_chip *chip = ds->priv; + struct mv88e6xxx_port *p; + + if (!mv88e6xxx_is_invalid_port(chip, port)) + p = &chip->ports[port]; + else + return -ENODEV; + + INIT_LIST_HEAD(&p->ale_list); + mutex_init(&p->ale_list_lock); + p->ale_cnt = 0; + INIT_DELAYED_WORK(&p->ale_work, mv88e6xxx_atu_locked_entry_cleanup); + mod_delayed_work(system_long_wq, &p->ale_work, msecs_to_jiffies(500)); + + return 0; +} + +int mv88e6xxx_teardown_violation_handler(struct dsa_switch *ds, int port) +{ + struct mv88e6xxx_chip *chip = ds->priv; + struct mv88e6xxx_port *p; + + if (!mv88e6xxx_is_invalid_port(chip, port)) + p = &chip->ports[port]; + else + return -ENODEV; + + cancel_delayed_work(&p->ale_work); + mv88e6xxx_atu_locked_entry_flush(ds, port); + mutex_destroy(&p->ale_list_lock); + + return 0; +} diff --git a/drivers/net/dsa/mv88e6xxx/switchdev.h b/drivers/net/dsa/mv88e6xxx/switchdev.h new file mode 100644 index 000000000000..df2005c36f47 --- /dev/null +++ b/drivers/net/dsa/mv88e6xxx/switchdev.h @@ -0,0 +1,37 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later + * + * switchdev.h + * + * Authors: + * Hans J. Schultz <hans.schultz(a)westermo.com> + * + */ + +#ifndef DRIVERS_NET_DSA_MV88E6XXX_SWITCHDEV_H_ +#define DRIVERS_NET_DSA_MV88E6XXX_SWITCHDEV_H_ + +#include <net/switchdev.h> +#include "chip.h" + +#define ATU_LOCKED_ENTRIES_MAX 64 + +struct mv88e6xxx_atu_locked_entry { + struct list_head list; + struct mv88e6xxx_chip *chip; + int port; + u8 mac[ETH_ALEN]; + u16 fid; + u16 vid; + unsigned long expires; +}; + +int mv88e6xxx_handle_violation(struct mv88e6xxx_chip *chip, int port, + struct mv88e6xxx_atu_entry *entry, + u16 fid, u16 type); +bool mv88e6xxx_atu_locked_entry_find_purge(struct dsa_switch *ds, int port, + const unsigned char *addr, u16 vid); +int mv88e6xxx_atu_locked_entry_flush(struct dsa_switch *ds, int port); +int mv88e6xxx_init_violation_handler(struct dsa_switch *ds, int port); +int mv88e6xxx_teardown_violation_handler(struct dsa_switch *ds, int port); + +#endif /* DRIVERS_NET_DSA_MV88E6XXX_SWITCHDEV_H_ */ -- 2.34.1

2 years, 9 months

1
0
0 0

[PATCH v6 net-next 6/9] net: dsa: mv88e6xxx: allow reading FID when handling ATU violations

by Hans Schultz

From: "Hans J. Schultz" <netdev(a)kapio-technology.com> The FID is needed to get hold of which VID was involved in a violation, thus the need to be able to read the FID. For convenience the function mv88e6xxx_g1_atu_op() has been used to read ATU violations, but the function invalidates reading the fid, so to both read ATU violations without zeroing the fid, and read the fid, functions have been added to ensure both are done correctly. Signed-off-by: Hans J. Schultz <netdev(a)kapio-technology.com> --- drivers/net/dsa/mv88e6xxx/global1_atu.c | 60 ++++++++++++++++++++++--- 1 file changed, 55 insertions(+), 5 deletions(-) diff --git a/drivers/net/dsa/mv88e6xxx/global1_atu.c b/drivers/net/dsa/mv88e6xxx/global1_atu.c index 40bd67a5c8e9..d9dfa1159cde 100644 --- a/drivers/net/dsa/mv88e6xxx/global1_atu.c +++ b/drivers/net/dsa/mv88e6xxx/global1_atu.c @@ -114,6 +114,19 @@ static int mv88e6xxx_g1_atu_op_wait(struct mv88e6xxx_chip *chip) return mv88e6xxx_g1_wait_bit(chip, MV88E6XXX_G1_ATU_OP, bit, 0); } +static int mv88e6xxx_g1_read_atu_violation(struct mv88e6xxx_chip *chip) +{ + int err; + + err = mv88e6xxx_g1_write(chip, MV88E6XXX_G1_ATU_OP, + MV88E6XXX_G1_ATU_OP_BUSY | + MV88E6XXX_G1_ATU_OP_GET_CLR_VIOLATION); + if (err) + return err; + + return mv88e6xxx_g1_atu_op_wait(chip); +} + static int mv88e6xxx_g1_atu_op(struct mv88e6xxx_chip *chip, u16 fid, u16 op) { u16 val; @@ -159,6 +172,41 @@ int mv88e6xxx_g1_atu_get_next(struct mv88e6xxx_chip *chip, u16 fid) return mv88e6xxx_g1_atu_op(chip, fid, MV88E6XXX_G1_ATU_OP_GET_NEXT_DB); } +static int mv88e6xxx_g1_atu_fid_read(struct mv88e6xxx_chip *chip, u16 *fid) +{ + u16 val = 0, upper = 0, op = 0; + int err = -EOPNOTSUPP; + + if (mv88e6xxx_num_databases(chip) > 256) { + err = mv88e6xxx_g1_read(chip, MV88E6352_G1_ATU_FID, &val); + val &= 0xfff; + if (err) + return err; + } else { + err = mv88e6xxx_g1_read(chip, MV88E6XXX_G1_ATU_OP, &op); + if (err) + return err; + if (mv88e6xxx_num_databases(chip) > 64) { + /* ATU DBNum[7:4] are located in ATU Control 15:12 */ + err = mv88e6xxx_g1_read(chip, MV88E6XXX_G1_ATU_CTL, &upper); + if (err) + return err; + + upper = (upper >> 8) & 0x00f0; + } else if (mv88e6xxx_num_databases(chip) > 16) { + /* ATU DBNum[5:4] are located in ATU Operation 9:8 */ + + upper = (op >> 4) & 0x30; + } + /* ATU DBNum[3:0] are located in ATU Operation 3:0 */ + + val = (op & 0xf) | upper; + } + *fid = val; + + return err; +} + /* Offset 0x0C: ATU Data Register */ static int mv88e6xxx_g1_atu_data_read(struct mv88e6xxx_chip *chip, @@ -353,14 +401,12 @@ static irqreturn_t mv88e6xxx_g1_atu_prob_irq_thread_fn(int irq, void *dev_id) { struct mv88e6xxx_chip *chip = dev_id; struct mv88e6xxx_atu_entry entry; - int spid; - int err; - u16 val; + int err, spid; + u16 val, fid; mv88e6xxx_reg_lock(chip); - err = mv88e6xxx_g1_atu_op(chip, 0, - MV88E6XXX_G1_ATU_OP_GET_CLR_VIOLATION); + err = mv88e6xxx_g1_read_atu_violation(chip); if (err) goto out; @@ -368,6 +414,10 @@ static irqreturn_t mv88e6xxx_g1_atu_prob_irq_thread_fn(int irq, void *dev_id) if (err) goto out; + err = mv88e6xxx_g1_atu_fid_read(chip, &fid); + if (err) + goto out; + err = mv88e6xxx_g1_atu_data_read(chip, &entry); if (err) goto out; -- 2.34.1

2 years, 9 months

1
0
0 0

[RESEND PATCH] KVM: selftests: Update top-of-file comment in psci_test

by Oliver Upton

Fix the comment to accurately describe the test and recently added SYSTEM_SUSPEND test case. What was once psci_cpu_on_test was renamed and extended to squeeze in a test case for PSCI SYSTEM_SUSPEND. Nonetheless, the author of those changes (whoever they may be...) failed to update the file comment to reflect what had changed. Reported-by: Reiji Watanabe <reijiw(a)google.com> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> --- Forgetting the name of the darned UAPI event. Tsk tsk. tools/testing/selftests/kvm/aarch64/psci_test.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/kvm/aarch64/psci_test.c b/tools/testing/selftests/kvm/aarch64/psci_test.c index f7621f6e938e..e0b9e81a3e09 100644 --- a/tools/testing/selftests/kvm/aarch64/psci_test.c +++ b/tools/testing/selftests/kvm/aarch64/psci_test.c @@ -1,12 +1,14 @@ // SPDX-License-Identifier: GPL-2.0-only /* - * psci_cpu_on_test - Test that the observable state of a vCPU targeted by the - * CPU_ON PSCI call matches what the caller requested. + * psci_test - Tests relating to KVM's PSCI implementation. * * Copyright (c) 2021 Google LLC. * - * This is a regression test for a race between KVM servicing the PSCI call and - * userspace reading the vCPUs registers. + * This test includes: + * - A regression test for a race between KVM servicing the PSCI CPU_ON call + * and userspace reading the targeted vCPU's registers. + * - A test for KVM's handling of PSCI SYSTEM_SUSPEND and the associated + * KVM_SYSTEM_EVENT_SUSPEND UAPI. */ #define _GNU_SOURCE base-commit: 568035b01cfb107af8d2e4bd2fb9aea22cf5b868 -- 2.37.1.595.g718a3a8f04-goog

2 years, 9 months

2
1
0 0

Re: [PATCH -next v4 1/3] selftests/memory-hotplug: Add checking after online or offline

by zhaogongyi

Hi! > > On 27.09.22 05:28, Zhao Gongyi wrote: > > Add checking for online_memory_expect_success()/ > > offline_memory_expect_success()/offline_memory_expect_fail(), or the > > test would exit 0 although the functions return 1. > > > > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com> > > --- > > .../selftests/memory-hotplug/mem-on-off-test.sh | 12 > +++++++++--- > > 1 file changed, 9 insertions(+), 3 deletions(-) > > > > diff --git a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > index 46a97f318f58..1d87611a7d52 100755 > > --- a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > +++ b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > @@ -266,7 +266,9 @@ done > > # > > echo $error > > $NOTIFIER_ERR_INJECT_DIR/actions/MEM_GOING_ONLINE/error > > for memory in `hotpluggable_offline_memory`; do > > - online_memory_expect_fail $memory > > + if ! online_memory_expect_fail $memory; then > > + retval=1 > > + fi > > done > > > > # > > @@ -274,7 +276,9 @@ done > > # > > echo 0 > > $NOTIFIER_ERR_INJECT_DIR/actions/MEM_GOING_ONLINE/error > > for memory in `hotpluggable_offline_memory`; do > > - online_memory_expect_success $memory > > + if ! online_memory_expect_success $memory; then > > + retval=1 > > + fi > > done > > > > # > > @@ -283,7 +287,9 @@ done > > echo $error > > $NOTIFIER_ERR_INJECT_DIR/actions/MEM_GOING_OFFLINE/error > > for memory in `hotpluggable_online_memory`; do > > if [ $((RANDOM % 100)) -lt $ratio ]; then > > - offline_memory_expect_fail $memory > > + if ! offline_memory_expect_fail $memory; then > > + retval=1 > > + fi > > fi > > > LGTM > > Reviewed-by: David Hildenbrand <david(a)redhat.com> > > > I am questioning the stability of the offlining test, though. > Offlining a random memory block can fail easily, because "->removable" is not > expressive: > > # tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > Test scope: 2% hotplug memory > online all hot-pluggable memory in offline state: > SKIPPED - no hot-pluggable memory in offline state > offline 2% hot-pluggable memory in online state > trying to offline 2 out of 96 memory block(s): > online->offline memory0 > tools/testing/selftests/memory-hotplug/mem-on-off-test.sh: line 78: echo: > write error: Invalid argument offline_memory_expect_success 0: unexpected > fail > online->offline memory10 > online->offline memory11 > > > I guess this test will almost always fail nowadays. Offline some memory node maybe failed as expected, but the error message is a bit annoying. > > -- > Thanks, > > David / dhildenb

2 years, 9 months

2
1
0 0

[PATCH net-next,v3 00/15] add tc-testing qdisc test cases

by Zhengchao Shao

For this patchset, test cases of the qdisc modules are added to the tc-testing test suite. Last, thanks to Victor for testing and suggestion. After a test case is added locally, the test result is as follows: ./tdc.py -c atm ok 1 7628 - Create ATM with default setting ok 2 390a - Delete ATM with valid handle ok 3 32a0 - Show ATM class ok 4 6310 - Dump ATM stats ./tdc.py -c choke ok 1 8937 - Create CHOKE with default setting ok 2 48c0 - Create CHOKE with min packet setting ok 3 38c1 - Create CHOKE with max packet setting ok 4 234a - Create CHOKE with ecn setting ok 5 4380 - Create CHOKE with burst setting ok 6 48c7 - Delete CHOKE with valid handle ok 7 4398 - Replace CHOKE with min setting ok 8 0301 - Change CHOKE with limit setting ./tdc.py -c codel ok 1 983a - Create CODEL with default setting ok 2 38aa - Create CODEL with limit packet setting ok 3 9178 - Create CODEL with target setting ok 4 78d1 - Create CODEL with interval setting ok 5 238a - Create CODEL with ecn setting ok 6 939c - Create CODEL with ce_threshold setting ok 7 8380 - Delete CODEL with valid handle ok 8 289c - Replace CODEL with limit setting ok 9 0648 - Change CODEL with limit setting ./tdc.py -c etf ok 1 34ba - Create ETF with default setting ok 2 438f - Create ETF with delta nanos setting ok 3 9041 - Create ETF with deadline_mode setting ok 4 9a0c - Create ETF with skip_sock_check setting ok 5 2093 - Delete ETF with valid handle ./tdc.py -c fq ok 1 983b - Create FQ with default setting ok 2 38a1 - Create FQ with limit packet setting ok 3 0a18 - Create FQ with flow_limit setting ok 4 2390 - Create FQ with quantum setting ok 5 845b - Create FQ with initial_quantum setting ok 6 9398 - Create FQ with maxrate setting ok 7 342c - Create FQ with nopacing setting ok 8 6391 - Create FQ with refill_delay setting ok 9 238b - Create FQ with low_rate_threshold setting ok 10 7582 - Create FQ with orphan_mask setting ok 11 4894 - Create FQ with timer_slack setting ok 12 324c - Create FQ with ce_threshold setting ok 13 424a - Create FQ with horizon time setting ok 14 89e1 - Create FQ with horizon_cap setting ok 15 32e1 - Delete FQ with valid handle ok 16 49b0 - Replace FQ with limit setting ok 17 9478 - Change FQ with limit setting ./tdc.py -c gred ok 1 8942 - Create GRED with default setting ok 2 5783 - Create GRED with grio setting ok 3 8a09 - Create GRED with limit setting ok 4 48cb - Create GRED with ecn setting ok 5 763a - Change GRED setting ok 6 8309 - Show GRED class ./tdc.py -c hhf ok 1 4812 - Create HHF with default setting ok 2 8a92 - Create HHF with limit setting ok 3 3491 - Create HHF with quantum setting ok 4 ba04 - Create HHF with reset_timeout setting ok 5 4238 - Create HHF with admit_bytes setting ok 6 839f - Create HHF with evict_timeout setting ok 7 a044 - Create HHF with non_hh_weight setting ok 8 32f9 - Change HHF with limit setting ok 9 385e - Show HHF class ./tdc.py -c pfifo_fast ok 1 900c - Create pfifo_fast with default setting ok 2 7470 - Dump pfifo_fast stats ok 3 b974 - Replace pfifo_fast with different handle ok 4 3240 - Delete pfifo_fast with valid handle ok 5 4385 - Delete pfifo_fast with invalid handle ./tdc.py -c plug ok 1 3289 - Create PLUG with default setting ok 2 0917 - Create PLUG with block setting ok 3 483b - Create PLUG with release setting ok 4 4995 - Create PLUG with release_indefinite setting ok 5 389c - Create PLUG with limit setting ok 6 384a - Delete PLUG with valid handle ok 7 439a - Replace PLUG with limit setting ok 8 9831 - Change PLUG with limit setting ./tdc.py -c sfb ok 1 3294 - Create SFB with default setting ok 2 430a - Create SFB with rehash setting ok 3 3410 - Create SFB with db setting ok 4 49a0 - Create SFB with limit setting ok 5 1241 - Create SFB with max setting ok 6 3249 - Create SFB with target setting ok 7 30a9 - Create SFB with increment setting ok 8 239a - Create SFB with decrement setting ok 9 9301 - Create SFB with penalty_rate setting ok 10 2a01 - Create SFB with penalty_burst setting ok 11 3209 - Change SFB with rehash setting ok 12 5447 - Show SFB class ./tdc.py -c sfq ok 1 7482 - Create SFQ with default setting ok 2 c186 - Create SFQ with limit setting ok 3 ae23 - Create SFQ with perturb setting ok 4 a430 - Create SFQ with quantum setting ok 5 4539 - Create SFQ with divisor setting ok 6 b089 - Create SFQ with flows setting ok 7 99a0 - Create SFQ with depth setting ok 8 7389 - Create SFQ with headdrop setting ok 9 6472 - Create SFQ with redflowlimit setting ok 10 8929 - Show SFQ class ./tdc.py -c skbprio ok 1 283e - Create skbprio with default setting ok 2 c086 - Create skbprio with limit setting ok 3 6733 - Change skbprio with limit setting ok 4 2958 - Show skbprio class ./tdc.py -c taprio ok 1 ba39 - Add taprio Qdisc to multi-queue device (8 queues) ok 2 9462 - Add taprio Qdisc with multiple sched-entry ok 3 8d92 - Add taprio Qdisc with txtime-delay ok 4 d092 - Delete taprio Qdisc with valid handle ok 5 8471 - Show taprio class ok 6 0a85 - Add taprio Qdisc to single-queue device ./tdc.py -c tbf ok 1 6430 - Create TBF with default setting ok 2 0518 - Create TBF with mtu setting ok 3 320a - Create TBF with peakrate setting ok 4 239b - Create TBF with latency setting ok 5 c975 - Create TBF with overhead setting ok 6 948c - Create TBF with linklayer setting ok 7 3549 - Replace TBF with mtu ok 8 f948 - Change TBF with latency time ok 9 2348 - Show TBF class ./tdc.py -c teql ok 1 84a0 - Create TEQL with default setting ok 2 7734 - Create TEQL with multiple device ok 3 34a9 - Delete TEQL with valid handle ok 4 6289 - Show TEQL stats --- v3: add config v2: modify subject prefix --- Zhengchao Shao (15): selftests/tc-testing: add selftests for atm qdisc selftests/tc-testing: add selftests for choke qdisc selftests/tc-testing: add selftests for codel qdisc selftests/tc-testing: add selftests for etf qdisc selftests/tc-testing: add selftests for fq qdisc selftests/tc-testing: add selftests for gred qdisc selftests/tc-testing: add selftests for hhf qdisc selftests/tc-testing: add selftests for pfifo_fast qdisc selftests/tc-testing: add selftests for plug qdisc selftests/tc-testing: add selftests for sfb qdisc selftests/tc-testing: add selftests for sfq qdisc selftests/tc-testing: add selftests for skbprio qdisc selftests/tc-testing: add selftests for taprio qdisc selftests/tc-testing: add selftests for tbf qdisc selftests/tc-testing: add selftests for teql qdisc tools/testing/selftests/tc-testing/config | 15 + .../tc-testing/tc-tests/qdiscs/atm.json | 94 +++++ .../tc-testing/tc-tests/qdiscs/choke.json | 188 +++++++++ .../tc-testing/tc-tests/qdiscs/codel.json | 211 ++++++++++ .../tc-testing/tc-tests/qdiscs/etf.json | 117 ++++++ .../tc-testing/tc-tests/qdiscs/fq.json | 395 ++++++++++++++++++ .../tc-testing/tc-tests/qdiscs/gred.json | 164 ++++++++ .../tc-testing/tc-tests/qdiscs/hhf.json | 210 ++++++++++ .../tc-tests/qdiscs/pfifo_fast.json | 119 ++++++ .../tc-testing/tc-tests/qdiscs/plug.json | 188 +++++++++ .../tc-testing/tc-tests/qdiscs/sfb.json | 279 +++++++++++++ .../tc-testing/tc-tests/qdiscs/sfq.json | 232 ++++++++++ .../tc-testing/tc-tests/qdiscs/skbprio.json | 95 +++++ .../tc-testing/tc-tests/qdiscs/taprio.json | 135 ++++++ .../tc-testing/tc-tests/qdiscs/tbf.json | 211 ++++++++++ .../tc-testing/tc-tests/qdiscs/teql.json | 97 +++++ 16 files changed, 2750 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/atm.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/choke.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/codel.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/etf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/gred.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hhf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/pfifo_fast.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/plug.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/sfb.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/sfq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/skbprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/tbf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/teql.json -- 2.17.1

2 years, 9 months

2
16
0 0

[RFC PATCH v2 0/5] Make BPF ring buffer overwritable

by Francis Laniel

Hi. First, I hope you are fine and the same for your relatives. Normally, when BPF ring buffer are full, producers cannot write anymore and need to wait for consumer to get some data. As a consequence, calling bpf_ringbuf_reserve() from eBPF code returns NULL. This contribution adds a new flag to make BPF ring buffer overwritable. Perf ring buffers already implement an option to be overwritable. In order to avoid data corruption, the data is written backward, see commit 9ecda41acb97 ("perf/core: Add ::write_backward attribute to perf event"). This patch series re-uses the same idea from perf ring buffers but in BPF ring buffers. So, calling bpf_ringbuf_reserve() on an overwritable BPF ring buffer never returns NULL. As a consequence, oldest data will be overwritten by the newest so consumer will loose data. Overwritable ring buffers are useful in BPF programs that are permanently enabled but rarely read, only on-demand, for example in case of a user request to investigate problems. We would like to use this in the Traceloop project [1]. The self test added in this series was tested and validated in a VM: you@vm# ./share/linux/tools/testing/selftests/bpf/test_progs -t ringbuf_over Can't find bpf_testmod.ko kernel module: -2 WARNING! Selftests relying on bpf_testmod.ko will be skipped. #135 ringbuf_over_writable:OK Summary: 1/0 PASSED, 0 SKIPPED, 0 FAILED You can also test the libbpf implementation by using the last patch of this series which should be applied to iovisor/bcc: you@home$ cd /path/to/iovisor/bcc you@home$ git am -3 v2-0005-for-test-purpose-only-Add-toy-to-play-with-BPF-ri.patch you@home$ cd /path/to/linux/tools/lib/bpf you@home$ make -j$(nproc) you@home$ cp libbpf.a /path/to/iovisor/bcc/libbpf-tools/.output you@home$ cd /path/to/iovisor/bcc/libbpf-tools/ you@home$ make -j toy # Start your VM and copy toy executable inside it. root@vm-amd64:~# ./share/toy & [1] 287 root@vm-amd64:~# for i in {1..16}; do ls > /dev/null; done 16 15 14 13 12 11 10 9 root@vm-amd64:~# ls > /dev/null && ls > /dev/null 18 17 As you can see, the first eight events are overwritten. If you see any way to improve this contribution, feel free to share. Changes since: v1: * Made producers write backward like perf ring buffer, so it permits avoiding memory corruption. * Added libbpf implementation to consume all events available. * Added selftest. * Added documentation. Francis Laniel (5): bpf: Make ring buffer overwritable. selftests: Add BPF overwritable ring buffer self tests. docs/bpf: Add documentation for overwritable ring buffer. libbpf: Add implementation to consume overwritable BPF ring buffer. for test purpose only: Add toy to play with BPF ring. ...-only-Add-toy-to-play-with-BPF-ring-.patch | 147 ++++++++++++++++ Documentation/bpf/ringbuf.rst | 18 +- include/uapi/linux/bpf.h | 3 + kernel/bpf/ringbuf.c | 43 +++-- tools/include/uapi/linux/bpf.h | 3 + tools/lib/bpf/ringbuf.c | 106 ++++++++++++ tools/testing/selftests/bpf/Makefile | 5 +- .../bpf/prog_tests/ringbuf_overwritable.c | 158 ++++++++++++++++++ .../bpf/progs/test_ringbuf_overwritable.c | 61 +++++++ 9 files changed, 531 insertions(+), 13 deletions(-) create mode 100644 0001-for-test-purpose-only-Add-toy-to-play-with-BPF-ring-.patch create mode 100644 tools/testing/selftests/bpf/prog_tests/ringbuf_overwritable.c create mode 100644 tools/testing/selftests/bpf/progs/test_ringbuf_overwritable.c Best regards and thank you in advance. --- [1] https://github.com/kinvolk/traceloop Traceloop was presented at LPC 2020 (https://lpc.events/event/7/contributions/667/) -- 2.25.1

2 years, 9 months

2
6
0 0

[net-next v2 0/6] net: support QUIC crypto

by Adel Abouchaev

QUIC requires end to end encryption of the data. The application usually prepares the data in clear text, encrypts and calls send() which implies multiple copies of the data before the packets hit the networking stack. Similar to kTLS, QUIC kernel offload of cryptography reduces the memory pressure by reducing the number of copies. The scope of kernel support is limited to the symmetric cryptography, leaving the handshake to the user space library. For QUIC in particular, the application packets that require symmetric cryptography are the 1RTT packets with short headers. Kernel will encrypt the application packets on transmission and decrypt on receive. This series implements Tx only, because in QUIC server applications Tx outweighs Rx by orders of magnitude. Supporting the combination of QUIC and GSO requires the application to correctly place the data and the kernel to correctly slice it. The encryption process appends an arbitrary number of bytes (tag) to the end of the message to authenticate it. The GSO value should include this overhead, the offload would then subtract the tag size to parse the input on Tx before chunking and encrypting it. With the kernel cryptography, the buffer copy operation is conjoined with the encryption operation. The memory bandwidth is reduced by 5-8%. When devices supporting QUIC encryption in hardware come to the market, we will be able to free further 7% of CPU utilization which is used today for crypto operations. Adel Abouchaev (6): Documentation on QUIC kernel Tx crypto. Define QUIC specific constants, control and data plane structures Add UDP ULP operations, initialization and handling prototype functions. Implement QUIC offload functions Add flow counters and Tx processing error counter Add self tests for ULP operations, flow setup and crypto tests Documentation/networking/index.rst | 1 + Documentation/networking/quic.rst | 185 ++++ include/net/inet_sock.h | 2 + include/net/netns/mib.h | 3 + include/net/quic.h | 63 ++ include/net/snmp.h | 6 + include/net/udp.h | 33 + include/uapi/linux/quic.h | 60 + include/uapi/linux/snmp.h | 9 + include/uapi/linux/udp.h | 4 + net/Kconfig | 1 + net/Makefile | 1 + net/ipv4/Makefile | 3 +- net/ipv4/udp.c | 15 + net/ipv4/udp_ulp.c | 192 ++++ net/quic/Kconfig | 16 + net/quic/Makefile | 8 + net/quic/quic_main.c | 1417 ++++++++++++++++++++++++ net/quic/quic_proc.c | 45 + tools/testing/selftests/net/.gitignore | 4 +- tools/testing/selftests/net/Makefile | 3 +- tools/testing/selftests/net/quic.c | 1153 +++++++++++++++++++ tools/testing/selftests/net/quic.sh | 46 + 23 files changed, 3267 insertions(+), 3 deletions(-) create mode 100644 Documentation/networking/quic.rst create mode 100644 include/net/quic.h create mode 100644 include/uapi/linux/quic.h create mode 100644 net/ipv4/udp_ulp.c create mode 100644 net/quic/Kconfig create mode 100644 net/quic/Makefile create mode 100644 net/quic/quic_main.c create mode 100644 net/quic/quic_proc.c create mode 100644 tools/testing/selftests/net/quic.c create mode 100755 tools/testing/selftests/net/quic.sh base-commit: fd78d07c7c35de260eb89f1be4a1e7487b8092ad -- 2.30.2

2 years, 9 months

5
15
0 0

Re: [PATCH v5] selftests/landlock: Skip overlayfs tests not supported

by Mickaël Salaün

On 26/09/2022 16:23, Jeff Xu wrote: > On Thu, Aug 25, 2022 at 1:23 AM Mickaël Salaün <mic(a)digikod.net> wrote: >> >> As discussed for the v4, the next version of this patch needs a >> TEST_F_FORK() fix. >> > I can make TEST_F_FORK() to be skipped when SKIP() is called > in FIXTURE_SETUP(), but this makes FIXTURE_TEARDOWN() > complicated, because SKIP() can be called after any resource > creation failure in the FIXTURE_SETUP(). > > Another (better) option: add generic FIXTURE_CONFIG_CHECK() > FIXTURE_CONFIG_CHECK() checks the runtime configuration for > current FIXTURE, if the configuration is not met, the whole test will be > skipped, including FIXTURE_SETUP()/TEARDOWN(), TEST_F_FORK(), > so there is no resource clear up issue after test. This looks like a good idea. What do you think Shuah? > >> Please add a link to the previous patch (lore.kernel.org) for each new >> version. >> >> >> On 24/08/2022 03:58, jeffxu(a)chromium.org wrote: >>> From: Jeff Xu <jeffxu(a)chromium.org> >>> >>> overlayfs can be disabled in the kernel configuration (which is the case >>> for chromeOS), causing related tests to fail. Skip such tests when an >>> overlayfs mount operation failed because the running kernel doesn't >>> support this file system. >>> >>> Signed-off-by: Jeff Xu <jeffxu(a)chromium.org> >>> Reviewed-by: Guenter Roeck <groeck(a)chromium.org> >>> --- >>> tools/testing/selftests/landlock/fs_test.c | 54 ++++++++++++++++++++-- >>> 1 file changed, 51 insertions(+), 3 deletions(-) >>> >>> diff --git a/tools/testing/selftests/landlock/fs_test.c b/tools/testing/selftests/landlock/fs_test.c >>> index 21a2ce8fa739..645304d9fe98 100644 >>> --- a/tools/testing/selftests/landlock/fs_test.c >>> +++ b/tools/testing/selftests/landlock/fs_test.c >>> @@ -11,6 +11,7 @@ >>> #include <fcntl.h> >>> #include <linux/landlock.h> >>> #include <sched.h> >>> +#include <stdio.h> >>> #include <string.h> >>> #include <sys/capability.h> >>> #include <sys/mount.h> >>> @@ -169,6 +170,42 @@ static int remove_path(const char *const path) >>> return err; >>> } >>> >>> +static bool fgrep(FILE *file, const char *str) >>> +{ >>> + char line[32]; >>> + int str_len = strlen(str); >>> + >>> + while (!feof(file)) { >>> + if (!fgets(line, sizeof(line), file)) >>> + break; >>> + if (strncmp(line, str, str_len)) >>> + continue; >>> + >>> + return true; >>> + } >>> + >>> + return false; >>> +} >>> + >>> +static bool supports_overlayfs(void) >>> +{ >>> + bool ret; >>> + FILE *file = fopen("/proc/filesystems", "r"); >>> + >>> + /* >>> + * A failed attempt to open /proc/filesystems >>> + * implies that the file system is supported (default >>> + * behavior). This can help detect such unattended issue >>> + * (which should not happen)." >>> + */ >>> + if (!file) >>> + return true; >>> + >>> + ret = fgrep(file, "nodev\toverlay\n"); >>> + fclose(file); >>> + return ret; >>> +} >>> + >>> static void prepare_layout(struct __test_metadata *const _metadata) >>> { >>> disable_caps(_metadata); >>> @@ -3404,6 +3441,8 @@ FIXTURE(layout2_overlay) {}; >>> >>> FIXTURE_SETUP(layout2_overlay) >>> { >>> + int ret, err; >>> + >>> prepare_layout(_metadata); >>> >>> create_directory(_metadata, LOWER_BASE); >>> @@ -3431,11 +3470,20 @@ FIXTURE_SETUP(layout2_overlay) >>> create_directory(_metadata, MERGE_DATA); >>> set_cap(_metadata, CAP_SYS_ADMIN); >>> set_cap(_metadata, CAP_DAC_OVERRIDE); >>> - ASSERT_EQ(0, mount("overlay", MERGE_DATA, "overlay", 0, >>> - "lowerdir=" LOWER_DATA ",upperdir=" UPPER_DATA >>> - ",workdir=" UPPER_WORK)); >>> + >>> + ret = mount("overlay", MERGE_DATA, "overlay", 0, >>> + "lowerdir=" LOWER_DATA ",upperdir=" UPPER_DATA >>> + ",workdir=" UPPER_WORK); >>> + err = errno; >>> clear_cap(_metadata, CAP_DAC_OVERRIDE); >>> clear_cap(_metadata, CAP_SYS_ADMIN); >>> + >>> + if (ret == -1) { >>> + ASSERT_EQ(ENODEV, err); >>> + ASSERT_FALSE(supports_overlayfs()); >>> + SKIP(return, "overlayfs is not supported"); >>> + } >>> + ASSERT_EQ(0, ret); >>> } >>> >>> FIXTURE_TEARDOWN(layout2_overlay) >>> >>> base-commit: 50cd95ac46548429e5bba7ca75cc97d11a697947

2 years, 9 months

1
0
0 0

[PATCH] KVM: selftests: replace assertion with warning in access_tracking_perf_test

by Emanuele Giuseppe Esposito

Page_idle uses {ptep/pmdp}_clear_young_notify which in turn calls the mmu notifier callback ->clear_young(), which purposefully does not flush the TLB. When running the test in a nested guest, point 1. of the test doc header is violated, because KVM TLB is unbounded by size and since no flush is forced, KVM does not update the sptes accessed/idle bits resulting in guest assertion failure. More precisely, only the first ACCESS_WRITE in run_test() actually makes visible changes, because sptes are created and the accessed bit is set to 1 (or idle bit is 0). Then the first mark_memory_idle() passes since access bit is still one, and sets all pages as idle (or not accessed). When the next write is performed, the update is not flushed therefore idle is still 1 and next mark_memory_idle() fails. Signed-off-by: Emanuele Giuseppe Esposito <eesposit(a)redhat.com> --- .../selftests/kvm/access_tracking_perf_test.c | 25 ++++++++++++------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/kvm/access_tracking_perf_test.c b/tools/testing/selftests/kvm/access_tracking_perf_test.c index 1c2749b1481a..87b0bd5ebc65 100644 --- a/tools/testing/selftests/kvm/access_tracking_perf_test.c +++ b/tools/testing/selftests/kvm/access_tracking_perf_test.c @@ -31,8 +31,9 @@ * These limitations are worked around in this test by using a large enough * region of memory for each vCPU such that the number of translations cached in * the TLB and the number of pages held in pagevecs are a small fraction of the - * overall workload. And if either of those conditions are not true this test - * will fail rather than silently passing. + * overall workload. And if either of those conditions are not true (for example + * in nesting, where TLB size is unlimited) this test will print a warning + * rather than silently passing. */ #include <inttypes.h> #include <limits.h> @@ -172,17 +173,23 @@ static void mark_vcpu_memory_idle(struct kvm_vm *vm, vcpu_idx, no_pfn, pages); /* - * Test that at least 90% of memory has been marked idle (the rest might - * not be marked idle because the pages have not yet made it to an LRU - * list or the translations are still cached in the TLB). 90% is + * Check that at least 90% of memory has been marked idle (the rest + * might not be marked idle because the pages have not yet made it to an + * LRU list or the translations are still cached in the TLB). 90% is * arbitrary; high enough that we ensure most memory access went through * access tracking but low enough as to not make the test too brittle * over time and across architectures. + * + * Note that when run in nested virtualization, this check will trigger + * much more frequently because TLB size is unlimited and since no flush + * happens, much more pages are cached there and guest won't see the + * "idle" bit cleared. */ - TEST_ASSERT(still_idle < pages / 10, - "vCPU%d: Too many pages still idle (%"PRIu64 " out of %" - PRIu64 ").\n", - vcpu_idx, still_idle, pages); + if (still_idle < pages / 10) + printf("WARNING: vCPU%d: Too many pages still idle (%"PRIu64 " + out of %" PRIu64 "), this will affect performance results + .\n", + vcpu_idx, still_idle, pages); close(page_idle_fd); close(pagemap_fd); -- 2.31.1

2 years, 9 months

2
1
0 0

[net-next v2] selftests: Fix the if conditions of in test_extra_filter()

by Wang Yufen

The socket 2 bind the addr in use, bind should fail with EADDRINUSE. So if bind success or errno != EADDRINUSE, testcase should be failed. Fixes: 3ca8e4029969 ("soreuseport: BPF selection functional test") Signed-off-by: Wang Yufen <wangyufen(a)huawei.com> --- v1 -> v2: add a Fixes tag tools/testing/selftests/net/reuseport_bpf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/reuseport_bpf.c b/tools/testing/selftests/net/reuseport_bpf.c index 072d709c..65aea27 100644 --- a/tools/testing/selftests/net/reuseport_bpf.c +++ b/tools/testing/selftests/net/reuseport_bpf.c @@ -328,7 +328,7 @@ static void test_extra_filter(const struct test_params p) if (bind(fd1, addr, sockaddr_size())) error(1, errno, "failed to bind recv socket 1"); - if (!bind(fd2, addr, sockaddr_size()) && errno != EADDRINUSE) + if (!bind(fd2, addr, sockaddr_size()) || errno != EADDRINUSE) error(1, errno, "bind socket 2 should fail with EADDRINUSE"); free(addr); -- 1.8.3.1

2 years, 9 months

2
1
0 0

[PATCH -next v4 0/3] Optimize and bugfix for memory-hotplug

by Zhao Gongyi

1. Add checking after online or offline 2. Restore memory before exit 3. Correct test's name Changes in v4: - Remove redundant log information Changes in v3: - Remove 2 obselute patches Zhao Gongyi (3): selftests/memory-hotplug: Add checking after online or offline selftests/memory-hotplug: Restore memory before exit docs: notifier-error-inject: Correct test's name .../fault-injection/notifier-error-inject.rst | 4 +-- .../memory-hotplug/mem-on-off-test.sh | 27 +++++++++++++++---- 2 files changed, 24 insertions(+), 7 deletions(-) -- 2.17.1

2 years, 9 months

2
5
0 0

Re: [PATCH -next v3 1/3] selftests/memory-hotplug: Add checking after online or offline

by zhaogongyi

> > On 26.09.22 15:03, Zhao Gongyi wrote: > > Add checking for online_memory_expect_success()/ > > offline_memory_expect_success()/offline_memory_expect_fail(), or > the > > test would exit 0 although the functions return 1. > > > > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com> > > --- > > .../selftests/memory-hotplug/mem-on-off-test.sh | 15 > ++++++++++++--- > > 1 file changed, 12 insertions(+), 3 deletions(-) > > > > diff --git a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > index 46a97f318f58..3edda1f13f7b 100755 > > --- a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > +++ b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > @@ -266,7 +266,10 @@ done > > # > > echo $error > > $NOTIFIER_ERR_INJECT_DIR/actions/MEM_GOING_ONLINE/error > > for memory in `hotpluggable_offline_memory`; do > > - online_memory_expect_fail $memory > > + online_memory_expect_fail $memory || { > > + echo "online memory $memory: unexpected success" > > The functions themself already print an error, isn't it sufficient to set > retval=1? Indeed, this function is only called once. It is no need to add the log info. > > > + retval=1 > > + } > > done > > > > # > > @@ -274,7 +277,10 @@ done > > # > > echo 0 > > $NOTIFIER_ERR_INJECT_DIR/actions/MEM_GOING_ONLINE/error > > for memory in `hotpluggable_offline_memory`; do > > - online_memory_expect_success $memory > > + online_memory_expect_success $memory || { > > + echo "online memory $memory: unexpected fail" > > + retval=1 > > + } > > done > > > > # > > @@ -283,7 +289,10 @@ done > > echo $error > > $NOTIFIER_ERR_INJECT_DIR/actions/MEM_GOING_OFFLINE/error > > for memory in `hotpluggable_online_memory`; do > > if [ $((RANDOM % 100)) -lt $ratio ]; then > > - offline_memory_expect_fail $memory > > + offline_memory_expect_fail $memory || { > > + echo "offline memory $memory: unexpected success" > > + retval=1 > > + } > > These functions return 0 if the result is as expected and 1 if the result is > unexpected. > > ... but wouldn't we evaluate the right hand side only if the result is "0" -- > expected? I might be wrong. > Yes, if offline_memory_expect_fail's return value is not zero, then it will set 'retval=1' > > Wouldn't it be simpler do it as in "Online all hot-pluggable memory again" > > if ! online_memory_expect_success $memory; then > retval=1 > fi > > (similarly adjusting the function name) I will send a new version of the patch to fix it. Kind regards, Gongyi

2 years, 9 months

1
0
0 0

[PATCH bpf-next v2] selftests/bpf: fix incorrect fcntl call (test_sockmap.c)

by Qiao Ma

In test_sockmap.c, the testcase sets socket nonblock first, and then calls select() and recvmsg() to receive data. If some error occur, nonblock setting will make recvmsg() return immediately, rather than blocking forever. However, the way to call fcntl() to set nonblock is wrong. To set socket noblock, we need to use > fcntl(fd, F_SETFL, O_NONBLOCK); rather than: > fcntl(fd, O_NONBLOCK); Signed-off-by: Qiao Ma <mqaio(a)linux.alibaba.com> --- tools/testing/selftests/bpf/test_sockmap.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/bpf/test_sockmap.c b/tools/testing/selftests/bpf/test_sockmap.c index 0fbaccdc8861..abb4102f33b0 100644 --- a/tools/testing/selftests/bpf/test_sockmap.c +++ b/tools/testing/selftests/bpf/test_sockmap.c @@ -598,7 +598,12 @@ static int msg_loop(int fd, int iov_count, int iov_length, int cnt, struct timeval timeout; fd_set w; - fcntl(fd, fd_flags); + err = fcntl(fd, F_SETFL, fd_flags); + if (err < 0) { + perror("fcntl failed"); + goto out_errno; + } + /* Account for pop bytes noting each iteration of apply will * call msg_pop_data helper so we need to account for this * by calculating the number of apply iterations. Note user -- 1.8.3.1

2 years, 9 months

5
5
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror