- Linux-kselftest-mirror - lists.linaro.org

[PATCH net-next 00/18] refactor duplicate codes in the qdisc class walk function

by Zhengchao Shao

The walk implementation of most qdisc class modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -c cake ok 1 1212 - Create CAKE with default setting ok 2 3241 - Create CAKE with bandwidth limit ok 3 c940 - Create CAKE with autorate-ingress flag ok 4 2310 - Create CAKE with rtt time ok 5 2385 - Create CAKE with besteffort flag ok 6 a032 - Create CAKE with diffserv8 flag ok 7 2349 - Create CAKE with diffserv4 flag ok 8 8472 - Create CAKE with flowblind flag ok 9 2341 - Create CAKE with dsthost and nat flag ok 10 5134 - Create CAKE with wash flag ok 11 2302 - Create CAKE with flowblind and no-split-gso flag ok 12 0768 - Create CAKE with dual-srchost and ack-filter flag ok 13 0238 - Create CAKE with dual-dsthost and ack-filter-aggressive flag ok 14 6573 - Create CAKE with memlimit and ptm flag ok 15 2436 - Create CAKE with fwmark and atm flag ok 16 3984 - Create CAKE with overhead and mpu ok 17 2342 - Create CAKE with conservative and ingress flag ok 18 2313 - Change CAKE with mpu ok 19 4365 - Show CAKE class ./tdc.py -c cbq ok 1 3460 - Create CBQ with default setting ok 2 0592 - Create CBQ with mpu ok 3 4684 - Create CBQ with valid cell num ok 4 4345 - Create CBQ with invalid cell num ok 5 4525 - Create CBQ with valid ewma ok 6 6784 - Create CBQ with invalid ewma ok 7 5468 - Delete CBQ with handle ok 8 492a - Show CBQ class ./tdc.py -c cbs ok 1 1820 - Create CBS with default setting ok 2 1532 - Create CBS with hicredit setting ok 3 2078 - Create CBS with locredit setting ok 4 0482 - Create CBS with sendslope setting ok 5 e8f3 - Create CBS with multiple setting ok 6 23c9 - Replace CBS with sendslope setting ok 7 a07a - Change CBS with idleslope setting ok 8 43b3 - Delete CBS with handle ok 9 9472 - Show CBS class ./tdc.py -c drr ok 1 0385 - Create DRR with default setting ok 2 2375 - Delete DRR with handle ok 3 3092 - Show DRR class ./tdc.py -c dsmark ok 1 6345 - Create DSMARK with default setting ok 2 3462 - Create DSMARK with default_index setting ok 3 ca95 - Create DSMARK with set_tc_index flag ok 4 a950 - Create DSMARK with multiple setting ok 5 4092 - Delete DSMARK with handle ok 6 5930 - Show DSMARK class ./tdc.py -c fq_codel ok 1 4957 - Create FQ_CODEL with default setting ok 2 7621 - Create FQ_CODEL with limit setting ok 3 6872 - Create FQ_CODEL with memory_limit setting ok 4 5636 - Create FQ_CODEL with target setting ok 5 630a - Create FQ_CODEL with interval setting ok 6 4324 - Create FQ_CODEL with quantum setting ok 7 b190 - Create FQ_CODEL with noecn flag ok 8 c9d2 - Create FQ_CODEL with ce_threshold setting ok 9 523b - Create FQ_CODEL with multiple setting ok 10 9283 - Replace FQ_CODEL with noecn setting ok 11 3459 - Change FQ_CODEL with limit setting ok 12 0128 - Delete FQ_CODEL with handle ok 13 0435 - Show FQ_CODEL class ./tdc.py -c hfsc ok 1 3254 - Create HFSC with default setting ok 2 0289 - Create HFSC with class sc and ul rate setting ok 3 846a - Create HFSC with class sc umax and dmax setting ok 4 5413 - Create HFSC with class rt and ls rate setting ok 5 9312 - Create HFSC with class rt umax and dmax setting ok 6 6931 - Delete HFSC with handle ok 7 8436 - Show HFSC class ./tdc.py -c htb ok 1 0904 - Create HTB with default setting ok 2 3906 - Create HTB with default-N setting ok 3 8492 - Create HTB with r2q setting ok 4 9502 - Create HTB with direct_qlen setting ok 5 b924 - Create HTB with class rate and burst setting ok 6 4359 - Create HTB with class mpu setting ok 7 9048 - Create HTB with class prio setting ok 8 4994 - Create HTB with class ceil setting ok 9 9523 - Create HTB with class cburst setting ok 10 5353 - Create HTB with class mtu setting ok 11 346a - Create HTB with class quantum setting ok 12 303a - Delete HTB with handle ./tdc.py -c mqprio ok 1 9903 - Add mqprio Qdisc to multi-queue device (8 queues) ok 2 453a - Delete nonexistent mqprio Qdisc ok 3 5294 - Delete mqprio Qdisc twice ok 4 45a9 - Add mqprio Qdisc to single-queue device ok 5 2ba9 - Show mqprio class ./tdc.py -c multiq ok 1 20ba - Add multiq Qdisc to multi-queue device (8 queues) ok 2 9903 - List multiq Class ok 3 7832 - Delete nonexistent multiq Qdisc ok 4 2891 - Delete multiq Qdisc twice ok 5 1329 - Add multiq Qdisc to single-queue device ./tdc.py -c netem ok 1 cb28 - Create NETEM with default setting ok 2 a089 - Create NETEM with limit flag ok 3 3449 - Create NETEM with delay time ok 4 3782 - Create NETEM with distribution and corrupt flag ok 5 a932 - Create NETEM with distribution and duplicate flag ok 6 e01a - Create NETEM with distribution and loss state flag ok 7 ba29 - Create NETEM with loss gemodel flag ok 8 0492 - Create NETEM with reorder flag ok 9 7862 - Create NETEM with rate limit ok 10 7235 - Create NETEM with multiple slot rate ok 11 5439 - Create NETEM with multiple slot setting ok 12 5029 - Change NETEM with loss state ok 13 3785 - Replace NETEM with delay time ok 14 4502 - Delete NETEM with handle ok 15 0785 - Show NETEM class ./tdc.py -c qfq ok 1 0582 - Create QFQ with default setting ok 2 c9a3 - Create QFQ with class weight setting ok 3 8452 - Create QFQ with class maxpkt setting ok 4 d920 - Create QFQ with multiple class setting ok 5 0548 - Delete QFQ with handle ok 6 5901 - Show QFQ class ./tdc.py -e 0521 ok 1 0521 - Show ingress class ./tdc.py -e 1023 ok 1 1023 - Show mq class ./tdc.py -e 2410 ok 1 2410 - Show prio class ./tdc.py -e 290a ok 1 290a - Show RED class Zhengchao Shao (18): net/sched: sch_api: add helper for tc qdisc walker stats dump net/sched: use tc_qdisc_stats_dump() in qdisc selftests/tc-testings: add selftests for cake qdisc selftests/tc-testings: add selftests for cbq qdisc selftests/tc-testings: add selftests for cbs qdisc selftests/tc-testings: add selftests for drr qdisc selftests/tc-testings: add selftests for dsmark qdisc selftests/tc-testings: add selftests for fq_codel qdisc selftests/tc-testings: add selftests for hfsc qdisc selftests/tc-testings: add selftests for htb qdisc selftests/tc-testings: add selftests for mqprio qdisc selftests/tc-testings: add selftests for multiq qdisc selftests/tc-testings: add selftests for netem qdisc selftests/tc-testings: add selftests for qfq qdisc selftests/tc-testings: add show class case for ingress qdisc selftests/tc-testings: add show class case for mq qdisc selftests/tc-testings: add show class case for prio qdisc selftests/tc-testings: add show class case for red qdisc include/net/pkt_sched.h | 13 + net/sched/sch_atm.c | 6 +- net/sched/sch_cake.c | 9 +- net/sched/sch_cbq.c | 9 +- net/sched/sch_cbs.c | 8 +- net/sched/sch_drr.c | 9 +- net/sched/sch_dsmark.c | 14 +- net/sched/sch_ets.c | 9 +- net/sched/sch_fq_codel.c | 8 +- net/sched/sch_hfsc.c | 9 +- net/sched/sch_htb.c | 9 +- net/sched/sch_mq.c | 5 +- net/sched/sch_mqprio.c | 5 +- net/sched/sch_multiq.c | 9 +- net/sched/sch_netem.c | 8 +- net/sched/sch_prio.c | 9 +- net/sched/sch_qfq.c | 9 +- net/sched/sch_red.c | 7 +- net/sched/sch_sfb.c | 7 +- net/sched/sch_sfq.c | 8 +- net/sched/sch_skbprio.c | 9 +- net/sched/sch_taprio.c | 5 +- net/sched/sch_tbf.c | 7 +- .../tc-testing/tc-tests/qdiscs/cake.json | 488 ++++++++++++++++++ .../tc-testing/tc-tests/qdiscs/cbq.json | 184 +++++++ .../tc-testing/tc-tests/qdiscs/cbs.json | 234 +++++++++ .../tc-testing/tc-tests/qdiscs/drr.json | 71 +++ .../tc-testing/tc-tests/qdiscs/dsmark.json | 140 +++++ .../tc-testing/tc-tests/qdiscs/fq_codel.json | 326 ++++++++++++ .../tc-testing/tc-tests/qdiscs/hfsc.json | 167 ++++++ .../tc-testing/tc-tests/qdiscs/htb.json | 285 ++++++++++ .../tc-testing/tc-tests/qdiscs/ingress.json | 20 + .../tc-testing/tc-tests/qdiscs/mq.json | 24 +- .../tc-testing/tc-tests/qdiscs/mqprio.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/multiq.json | 114 ++++ .../tc-testing/tc-tests/qdiscs/netem.json | 372 +++++++++++++ .../tc-testing/tc-tests/qdiscs/prio.json | 20 + .../tc-testing/tc-tests/qdiscs/qfq.json | 145 ++++++ .../tc-testing/tc-tests/qdiscs/red.json | 23 + 39 files changed, 2770 insertions(+), 148 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cake.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/cbs.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/drr.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/dsmark.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/hfsc.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/htb.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/mqprio.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/multiq.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/netem.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/qdiscs/qfq.json -- 2.17.1

3 years

3
24
0 0

[PATCH 2/4] selftests/x86/mxcsr: Test the MXCSR state write via ptrace

by Chang S. Bae

The ptrace buffer is in the non-compacted format. The MXCSR state should be written to the target thread when either SSE or AVX component is enabled. Write an MXCSR value to the target and read back. Then it is validated with the XRSTOR/XSAVE result on the current. Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Cc: x86(a)kernel.org Cc: linux-kernel(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org --- If this is acceptable, I will also follow up to move some of the helper functions to a .h file from this and other test cases because duplicating what is shareable should be avoided. --- tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mxcsr.c | 200 +++++++++++++++++++++++++++ 2 files changed, 201 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/x86/mxcsr.c diff --git a/tools/testing/selftests/x86/Makefile b/tools/testing/selftests/x86/Makefile index 0388c4d60af0..621c47960be3 100644 --- a/tools/testing/selftests/x86/Makefile +++ b/tools/testing/selftests/x86/Makefile @@ -13,7 +13,7 @@ CAN_BUILD_WITH_NOPIE := $(shell ./check_cc.sh "$(CC)" trivial_program.c -no-pie) TARGETS_C_BOTHBITS := single_step_syscall sysret_ss_attrs syscall_nt test_mremap_vdso \ check_initial_reg_state sigreturn iopl ioperm \ test_vsyscall mov_ss_trap \ - syscall_arg_fault fsgsbase_restore sigaltstack + syscall_arg_fault fsgsbase_restore sigaltstack mxcsr TARGETS_C_32BIT_ONLY := entry_from_vm86 test_syscall_vdso unwind_vdso \ test_FCMOV test_FCOMI test_FISTTP \ vdso_restorer diff --git a/tools/testing/selftests/x86/mxcsr.c b/tools/testing/selftests/x86/mxcsr.c new file mode 100644 index 000000000000..7c318c48b4be --- /dev/null +++ b/tools/testing/selftests/x86/mxcsr.c @@ -0,0 +1,200 @@ +// SPDX-License-Identifier: GPL-2.0 + +#define _GNU_SOURCE +#include <err.h> +#include <elf.h> +#include <stdbool.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <x86intrin.h> + +#include <sys/ptrace.h> +#include <sys/syscall.h> +#include <sys/wait.h> +#include <sys/uio.h> + +#include "../kselftest.h" /* For __cpuid_count() */ + +#define LEGACY_STATE_SIZE 24 +#define MXCSR_SIZE 8 +#define STSTATE_SIZE 8*16 +#define XMM_SIZE 16*16 +#define PADDING_SIZE 96 +#define XSAVE_HDR_SIZE 64 + +struct xsave_buffer { + uint8_t legacy_state[LEGACY_STATE_SIZE]; + uint8_t mxcsr[MXCSR_SIZE]; + uint8_t st_state[STSTATE_SIZE]; + uint8_t xmm_state[XMM_SIZE]; + uint8_t padding[PADDING_SIZE]; + uint8_t header[XSAVE_HDR_SIZE]; + uint8_t extended[0]; +}; + +#ifdef __x86_64__ +#define REX_PREFIX "0x48, " +#else +#define REX_PREFIX +#endif + +#define XSAVE ".byte " REX_PREFIX "0x0f,0xae,0x27" +#define XRSTOR ".byte " REX_PREFIX "0x0f,0xae,0x2f" + +static inline uint64_t xgetbv(uint32_t index) +{ + uint32_t eax, edx; + + asm volatile("xgetbv" + : "=a" (eax), "=d" (edx) + : "c" (index)); + return eax + ((uint64_t)edx << 32); +} + +static inline void xsave(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XSAVE :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi) : "memory"); +} + +static inline void xrstor(struct xsave_buffer *xbuf, uint64_t rfbm) +{ + uint32_t rfbm_lo = rfbm; + uint32_t rfbm_hi = rfbm >> 32; + + asm volatile(XRSTOR :: "D" (xbuf), "a" (rfbm_lo), "d" (rfbm_hi)); +} + +static inline void clear_xstate_header(struct xsave_buffer *xbuf) +{ + memset(&xbuf->header, 0, sizeof(xbuf->header)); +} + +static inline uint32_t get_mxcsr(struct xsave_buffer *xbuf) +{ + return *((uint32_t *)xbuf->mxcsr); +} + +static inline void set_mxcsr(struct xsave_buffer *xbuf, uint32_t val) +{ + *((uint32_t *)xbuf->mxcsr) = val; +} + +#define XFEATURE_MASK_SSE 0x2 +#define XFEATURE_MASK_YMM 0x4 + +#define CPUID_LEAF1_ECX_XSAVE_MASK (1 << 26) +#define CPUID_LEAF1_ECX_OSXSAVE_MASK (1 << 27) +#define CPUID_LEAF_XSTATE 0xd +#define CPUID_SUBLEAF_XSTATE_USER 0x0 +#define CPUID_SUBLEAF_XSTATE_EXT 0x1 + +static bool xsave_availability(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(1, 0, eax, ebx, ecx, edx); + if (!(ecx & CPUID_LEAF1_ECX_XSAVE_MASK)) + return false; + if (!(ecx & CPUID_LEAF1_ECX_OSXSAVE_MASK)) + return false; + return true; +} + +static uint32_t get_xbuf_size(void) +{ + uint32_t eax, ebx, ecx, edx; + + __cpuid_count(CPUID_LEAF_XSTATE, CPUID_SUBLEAF_XSTATE_USER, + eax, ebx, ecx, edx); + return ebx; +} + +static void ptrace_get(pid_t pid, struct iovec *iov) +{ + memset(iov->iov_base, 0, iov->iov_len); + + if (ptrace(PTRACE_GETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_GETREGSET"); +} + +static void ptrace_set(pid_t pid, struct iovec *iov) +{ + if (ptrace(PTRACE_SETREGSET, pid, (uint32_t)NT_X86_XSTATE, iov)) + err(1, "TRACE_SETREGSET"); +} + +int main(void) +{ + struct xsave_buffer *xbuf; + uint32_t xbuf_size; + struct iovec iov; + uint32_t mxcsr; + pid_t child; + int status; + + if (!xsave_availability()) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + xbuf_size = get_xbuf_size(); + if (!xbuf_size) + printf("[SKIP]\tSkip as XSAVE not available.\n"); + + if (!(xgetbv(0) & (XFEATURE_MASK_SSE | XFEATURE_MASK_YMM))) + printf("[SKIP]\tSkip as SSE state not available.\n"); + + xbuf = aligned_alloc(64, xbuf_size); + if (!xbuf) + err(1, "aligned_alloc()"); + + iov.iov_base = xbuf; + iov.iov_len = xbuf_size; + + child = fork(); + if (child < 0) { + err(1, "fork()"); + } else if (!child) { + if (ptrace(PTRACE_TRACEME, 0, NULL, NULL)) + err(1, "PTRACE_TRACEME"); + + raise(SIGTRAP); + _exit(0); + } + + wait(&status); + + if (WSTOPSIG(status) != SIGTRAP) + err(1, "raise(SIGTRAP)"); + + printf("[RUN]\tTest the MXCSR state write via ptrace().\n"); + + /* Set a benign value */ + set_mxcsr(xbuf, 0xabc); + /* The MXCSR state should be loaded regardless of XSTATE_BV */ + clear_xstate_header(xbuf); + + /* Write the MXCSR state both locally and remotely. */ + xrstor(xbuf, XFEATURE_MASK_SSE); + ptrace_set(child, &iov); + + /* Read the MXCSR state back for both */ + xsave(xbuf, XFEATURE_MASK_SSE); + mxcsr = get_mxcsr(xbuf); + ptrace_get(child, &iov); + + /* Cross-check with each other */ + if (mxcsr == get_mxcsr(xbuf)) + printf("[OK]\tThe written state was read back correctly.\n"); + else + printf("[FAIL]\tThe write (or read) was incorrect.\n"); + + ptrace(PTRACE_DETACH, child, NULL, NULL); + wait(&status); + if (!WIFEXITED(status) || WEXITSTATUS(status)) + err(1, "PTRACE_DETACH"); + + free(xbuf); +} -- 2.17.1

3 years

1
0
0 0

[PATCH v1 0/3] kselftest/arm64: Updates to the hwcaps test

by Mark Brown

This series fixes an output formatting issue then adds a bunch more hwcaps to the hwcaps test. This includes the recently added SVE EBF16 hwcap so this requires both for-next/kselftest and for-next/sve. Mark Brown (3): kselftest/arm64: Add missing newline in hwcap output kselftest/arm64: Add SVE 2 to the tested hwcaps kselftest/arm64: Add hwcap test for RNG tools/testing/selftests/arm64/abi/hwcap.c | 150 +++++++++++++++++++++- 1 file changed, 149 insertions(+), 1 deletion(-) base-commit: daecb3077f330058d1c53de32d272bc23ff61a25 -- 2.30.2

3 years

2
4
0 0

[PATCH net v3 0/4] Unsync addresses from ports when stopping aggregated devices

by Benjamin Poirier

This series fixes similar problems in the bonding and team drivers. Because of missing dev_{uc,mc}_unsync() calls, addresses added to underlying devices may be leftover after the aggregated device is deleted. Add the missing calls and a few related tests. v2: * fix selftest installation, see patch 3 v3: * Split lacpdu_multicast changes to their own patch, #1 * In ndo_{add,del}_slave methods, only perform address list changes when the aggregated device is up (patches 2 & 3) * Add selftest function related to the above change (patch 4) Benjamin Poirier (4): net: bonding: Share lacpdu_mcast_addr definition net: bonding: Unsync device addresses on ndo_stop net: team: Unsync device addresses on ndo_stop net: Add tests for bonding and team address list management MAINTAINERS | 1 + drivers/net/bonding/bond_3ad.c | 5 +- drivers/net/bonding/bond_main.c | 57 +++++---- drivers/net/team/team.c | 24 +++- include/net/bond_3ad.h | 2 - include/net/bonding.h | 3 + tools/testing/selftests/Makefile | 1 + .../selftests/drivers/net/bonding/Makefile | 5 +- .../selftests/drivers/net/bonding/config | 1 + .../drivers/net/bonding/dev_addr_lists.sh | 109 ++++++++++++++++++ .../selftests/drivers/net/bonding/lag_lib.sh | 61 ++++++++++ .../selftests/drivers/net/team/Makefile | 6 + .../testing/selftests/drivers/net/team/config | 3 + .../drivers/net/team/dev_addr_lists.sh | 51 ++++++++ 14 files changed, 297 insertions(+), 32 deletions(-) create mode 100755 tools/testing/selftests/drivers/net/bonding/dev_addr_lists.sh create mode 100644 tools/testing/selftests/drivers/net/bonding/lag_lib.sh create mode 100644 tools/testing/selftests/drivers/net/team/Makefile create mode 100644 tools/testing/selftests/drivers/net/team/config create mode 100755 tools/testing/selftests/drivers/net/team/dev_addr_lists.sh -- 2.37.2

3 years

3
6
0 0

[PATCH net-next 0/8] add tc-testing test cases

by Zhengchao Shao

For this patchset, test cases of the ctinfo, gate, and xt action modules are added to the tc-testing test suite. Also add deleting test for connmark, ife, nat, sample and tunnel_key action modules. After a test case is added locally, the test result is as follows: ./tdc.py -c action ctinfo considering category action considering category ctinfo Test c826: Add ctinfo action with default setting Test 0286: Add ctinfo action with dscp Test 4938: Add ctinfo action with valid cpmark and zone Test 7593: Add ctinfo action with drop control Test 2961: Replace ctinfo action zone and action control Test e567: Delete ctinfo action with valid index Test 6a91: Delete ctinfo action with invalid index Test 5232: List ctinfo actions Test 7702: Flush ctinfo actions Test 3201: Add ctinfo action with duplicate index Test 8295: Add ctinfo action with invalid index Test 3964: Replace ctinfo action with invalid goto_chain control All test results: 1..12 ok 1 c826 - Add ctinfo action with default setting ok 2 0286 - Add ctinfo action with dscp ok 3 4938 - Add ctinfo action with valid cpmark and zone ok 4 7593 - Add ctinfo action with drop control ok 5 2961 - Replace ctinfo action zone and action control ok 6 e567 - Delete ctinfo action with valid index ok 7 6a91 - Delete ctinfo action with invalid index ok 8 5232 - List ctinfo actions ok 9 7702 - Flush ctinfo actions ok 10 3201 - Add ctinfo action with duplicate index ok 11 8295 - Add ctinfo action with invalid index ok 12 3964 - Replace ctinfo action with invalid goto_chain control ./tdc.py -c action gate considering category gate considering category action Test 5153: Add gate action with priority and sched-entry Test 7189: Add gate action with base-time Test a721: Add gate action with cycle-time Test c029: Add gate action with cycle-time-ext Test 3719: Replace gate base-time action Test d821: Delete gate action with valid index Test 3128: Delete gate action with invalid index Test 7837: List gate actions Test 9273: Flush gate actions Test c829: Add gate action with duplicate index Test 3043: Add gate action with invalid index Test 2930: Add gate action with cookie All test results: 1..12 ok 1 5153 - Add gate action with priority and sched-entry ok 2 7189 - Add gate action with base-time ok 3 a721 - Add gate action with cycle-time ok 4 c029 - Add gate action with cycle-time-ext ok 5 3719 - Replace gate base-time action ok 6 d821 - Delete gate action with valid index ok 7 3128 - Delete gate action with invalid index ok 8 7837 - List gate actions ok 9 9273 - Flush gate actions ok 10 c829 - Add gate action with duplicate index ok 11 3043 - Add gate action with invalid index ok 12 2930 - Add gate action with cookie ./tdc.py -c action xt considering category xt considering category action Test 2029: Add xt action with log-prefix Test 3562: Replace xt action log-prefix Test 8291: Delete xt action with valid index Test 5169: Delete xt action with invalid index Test 7284: List xt actions Test 5010: Flush xt actions Test 8437: Add xt action with duplicate index Test 2837: Add xt action with invalid index All test results: 1..8 ok 1 2029 - Add xt action with log-prefix ok 2 3562 - Replace xt action log-prefix ok 3 8291 - Delete xt action with valid index ok 4 5169 - Delete xt action with invalid index ok 5 7284 - List xt actions ok 6 5010 - Flush xt actions ok 7 8437 - Add xt action with duplicate index ok 8 2837 - Add xt action with invalid index ./tdc.py -c action connmark considering category action considering category connmark Test 2002: Add valid connmark action with defaults Test 56a5: Add valid connmark action with control pass Test 7c66: Add valid connmark action with control drop Test a913: Add valid connmark action with control pipe Test bdd8: Add valid connmark action with control reclassify Test b8be: Add valid connmark action with control continue Test d8a6: Add valid connmark action with control jump Test aae8: Add valid connmark action with zone argument Test 2f0b: Add valid connmark action with invalid zone argument Test 9305: Add connmark action with unsupported argument Test 71ca: Add valid connmark action and replace it Test 5f8f: Add valid connmark action with cookie Test c506: Replace connmark with invalid goto chain control Test 6571: Delete connmark action with valid index Test 3426: Delete connmark action with invalid index All test results: 1..15 ok 1 2002 - Add valid connmark action with defaults ok 2 56a5 - Add valid connmark action with control pass ok 3 7c66 - Add valid connmark action with control drop ok 4 a913 - Add valid connmark action with control pipe ok 5 bdd8 - Add valid connmark action with control reclassify ok 6 b8be - Add valid connmark action with control continue ok 7 d8a6 - Add valid connmark action with control jump ok 8 aae8 - Add valid connmark action with zone argument ok 9 2f0b - Add valid connmark action with invalid zone argument ok 10 9305 - Add connmark action with unsupported argument ok 11 71ca - Add valid connmark action and replace it ok 12 5f8f - Add valid connmark action with cookie ok 13 c506 - Replace connmark with invalid goto chain control ok 14 6571 - Delete connmark action with valid index ok 15 3426 - Delete connmark action with invalid index ./tdc.py -c action ife considering category action considering category ife Test 7682: Create valid ife encode action with mark and pass control Test ef47: Create valid ife encode action with mark and pipe control Test df43: Create valid ife encode action with mark and continue control Test e4cf: Create valid ife encode action with mark and drop control Test ccba: Create valid ife encode action with mark and reclassify control Test a1cf: Create valid ife encode action with mark and jump control Test cb3d: Create valid ife encode action with mark value at 32-bit maximum Test 1efb: Create ife encode action with mark value exceeding 32-bit maximum Test 95ed: Create valid ife encode action with prio and pass control Test aa17: Create valid ife encode action with prio and pipe control Test 74c7: Create valid ife encode action with prio and continue control Test 7a97: Create valid ife encode action with prio and drop control Test f66b: Create valid ife encode action with prio and reclassify control Test 3056: Create valid ife encode action with prio and jump control Test 7dd3: Create valid ife encode action with prio value at 32-bit maximum Test 2ca1: Create ife encode action with prio value exceeding 32-bit maximum Test 05bb: Create valid ife encode action with tcindex and pass control Test ce65: Create valid ife encode action with tcindex and pipe control Test 09cd: Create valid ife encode action with tcindex and continue control Test 8eb5: Create valid ife encode action with tcindex and continue control Test 451a: Create valid ife encode action with tcindex and drop control Test d76c: Create valid ife encode action with tcindex and reclassify control Test e731: Create valid ife encode action with tcindex and jump control Test b7b8: Create valid ife encode action with tcindex value at 16-bit maximum Test d0d8: Create ife encode action with tcindex value exceeding 16-bit maximum Test 2a9c: Create valid ife encode action with mac src parameter Test cf5c: Create valid ife encode action with mac dst parameter Test 2353: Create valid ife encode action with mac src and mac dst parameters Test 552c: Create valid ife encode action with mark and type parameters Test 0421: Create valid ife encode action with prio and type parameters Test 4017: Create valid ife encode action with tcindex and type parameters Test fac3: Create valid ife encode action with index at 32-bit maximum Test 7c25: Create valid ife decode action with pass control Test dccb: Create valid ife decode action with pipe control Test 7bb9: Create valid ife decode action with continue control Test d9ad: Create valid ife decode action with drop control Test 219f: Create valid ife decode action with reclassify control Test 8f44: Create valid ife decode action with jump control Test 56cf: Create ife encode action with index exceeding 32-bit maximum Test ee94: Create ife encode action with invalid control Test b330: Create ife encode action with cookie Test bbc0: Create ife encode action with invalid argument Test d54a: Create ife encode action with invalid type argument Test 7ee0: Create ife encode action with invalid mac src argument Test 0a7d: Create ife encode action with invalid mac dst argument Test a0e2: Replace ife encode action with invalid goto chain control Test a972: Delete ife encode action with valid index Test 1272: Delete ife encode action with invalid index All test results: 1..48 ok 1 7682 - Create valid ife encode action with mark and pass control ok 2 ef47 - Create valid ife encode action with mark and pipe control ok 3 df43 - Create valid ife encode action with mark and continue control ok 4 e4cf - Create valid ife encode action with mark and drop control ok 5 ccba - Create valid ife encode action with mark and reclassify control ok 6 a1cf - Create valid ife encode action with mark and jump control ok 7 cb3d - Create valid ife encode action with mark value at 32-bit maximum ok 8 1efb - Create ife encode action with mark value exceeding 32-bit maximum ok 9 95ed - Create valid ife encode action with prio and pass control ok 10 aa17 - Create valid ife encode action with prio and pipe control ok 11 74c7 - Create valid ife encode action with prio and continue control ok 12 7a97 - Create valid ife encode action with prio and drop control ok 13 f66b - Create valid ife encode action with prio and reclassify control ok 14 3056 - Create valid ife encode action with prio and jump control ok 15 7dd3 - Create valid ife encode action with prio value at 32-bit maximum ok 16 2ca1 - Create ife encode action with prio value exceeding 32-bit maximum ok 17 05bb - Create valid ife encode action with tcindex and pass control ok 18 ce65 - Create valid ife encode action with tcindex and pipe control ok 19 09cd - Create valid ife encode action with tcindex and continue control ok 20 8eb5 - Create valid ife encode action with tcindex and continue control ok 21 451a - Create valid ife encode action with tcindex and drop control ok 22 d76c - Create valid ife encode action with tcindex and reclassify control ok 23 e731 - Create valid ife encode action with tcindex and jump control ok 24 b7b8 - Create valid ife encode action with tcindex value at 16-bit maximum ok 25 d0d8 - Create ife encode action with tcindex value exceeding 16-bit maximum ok 26 2a9c - Create valid ife encode action with mac src parameter ok 27 cf5c - Create valid ife encode action with mac dst parameter ok 28 2353 - Create valid ife encode action with mac src and mac dst parameters ok 29 552c - Create valid ife encode action with mark and type parameters ok 30 0421 - Create valid ife encode action with prio and type parameters ok 31 4017 - Create valid ife encode action with tcindex and type parameters ok 32 fac3 - Create valid ife encode action with index at 32-bit maximum ok 33 7c25 - Create valid ife decode action with pass control ok 34 dccb - Create valid ife decode action with pipe control ok 35 7bb9 - Create valid ife decode action with continue control ok 36 d9ad - Create valid ife decode action with drop control ok 37 219f - Create valid ife decode action with reclassify control ok 38 8f44 - Create valid ife decode action with jump control ok 39 56cf - Create ife encode action with index exceeding 32-bit maximum ok 40 ee94 - Create ife encode action with invalid control ok 41 b330 - Create ife encode action with cookie ok 42 bbc0 - Create ife encode action with invalid argument ok 43 d54a - Create ife encode action with invalid type argument ok 44 7ee0 - Create ife encode action with invalid mac src argument ok 45 0a7d - Create ife encode action with invalid mac dst argument ok 46 a0e2 - Replace ife encode action with invalid goto chain control ok 47 a972 - Delete ife encode action with valid index ok 48 1272 - Delete ife encode action with invalid index ./tdc.py -c action nat considering category action considering category nat Test 7565: Add nat action on ingress with default control action Test fd79: Add nat action on ingress with pipe control action Test eab9: Add nat action on ingress with continue control action Test c53a: Add nat action on ingress with reclassify control action Test 76c9: Add nat action on ingress with jump control action Test 24c6: Add nat action on ingress with drop control action Test 2120: Add nat action on ingress with maximum index value Test 3e9d: Add nat action on ingress with invalid index value Test f6c9: Add nat action on ingress with invalid IP address Test be25: Add nat action on ingress with invalid argument Test a7bd: Add nat action on ingress with DEFAULT IP address Test ee1e: Add nat action on ingress with ANY IP address Test 1de8: Add nat action on ingress with ALL IP address Test 8dba: Add nat action on egress with default control action Test 19a7: Add nat action on egress with pipe control action Test f1d9: Add nat action on egress with continue control action Test 6d4a: Add nat action on egress with reclassify control action Test b313: Add nat action on egress with jump control action Test d9fc: Add nat action on egress with drop control action Test a895: Add nat action on egress with DEFAULT IP address Test 2572: Add nat action on egress with ANY IP address Test 37f3: Add nat action on egress with ALL IP address Test 6054: Add nat action on egress with cookie Test 79d6: Add nat action on ingress with cookie Test 4b12: Replace nat action with invalid goto chain control Test b811: Delete nat action with valid index Test a521: Delete nat action with invalid index All test results: 1..27 ok 1 7565 - Add nat action on ingress with default control action ok 2 fd79 - Add nat action on ingress with pipe control action ok 3 eab9 - Add nat action on ingress with continue control action ok 4 c53a - Add nat action on ingress with reclassify control action ok 5 76c9 - Add nat action on ingress with jump control action ok 6 24c6 - Add nat action on ingress with drop control action ok 7 2120 - Add nat action on ingress with maximum index value ok 8 3e9d - Add nat action on ingress with invalid index value ok 9 f6c9 - Add nat action on ingress with invalid IP address ok 10 be25 - Add nat action on ingress with invalid argument ok 11 a7bd - Add nat action on ingress with DEFAULT IP address ok 12 ee1e - Add nat action on ingress with ANY IP address ok 13 1de8 - Add nat action on ingress with ALL IP address ok 14 8dba - Add nat action on egress with default control action ok 15 19a7 - Add nat action on egress with pipe control action ok 16 f1d9 - Add nat action on egress with continue control action ok 17 6d4a - Add nat action on egress with reclassify control action ok 18 b313 - Add nat action on egress with jump control action ok 19 d9fc - Add nat action on egress with drop control action ok 20 a895 - Add nat action on egress with DEFAULT IP address ok 21 2572 - Add nat action on egress with ANY IP address ok 22 37f3 - Add nat action on egress with ALL IP address ok 23 6054 - Add nat action on egress with cookie ok 24 79d6 - Add nat action on ingress with cookie ok 25 4b12 - Replace nat action with invalid goto chain control ok 26 b811 - Delete nat action with valid index ok 27 a521 - Delete nat action with invalid index ./tdc.py -c action sample considering category action considering category sample Test 9784: Add valid sample action with mandatory arguments Test 5c91: Add valid sample action with mandatory arguments and continue control action Test 334b: Add valid sample action with mandatory arguments and drop control action Test da69: Add valid sample action with mandatory arguments and reclassify control action Test 13ce: Add valid sample action with mandatory arguments and pipe control action Test 1886: Add valid sample action with mandatory arguments and jump control action Test 7571: Add sample action with invalid rate Test b6d4: Add sample action with mandatory arguments and invalid control action Test a874: Add invalid sample action without mandatory arguments Test ac01: Add invalid sample action without mandatory argument rate Test 4203: Add invalid sample action without mandatory argument group Test 14a7: Add invalid sample action without mandatory argument group Test 8f2e: Add valid sample action with trunc argument Test 45f8: Add sample action with maximum rate argument Test ad0c: Add sample action with maximum trunc argument Test 83a9: Add sample action with maximum group argument Test ed27: Add sample action with invalid rate argument Test 2eae: Add sample action with invalid group argument Test 6ff3: Add sample action with invalid trunc size Test 2b2a: Add sample action with invalid index Test dee2: Add sample action with maximum allowed index Test 560e: Add sample action with cookie Test 704a: Replace existing sample action with new rate argument Test 60eb: Replace existing sample action with new group argument Test 2cce: Replace existing sample action with new trunc argument Test 59d1: Replace existing sample action with new control argument Test 0a6e: Replace sample action with invalid goto chain control Test 3872: Delete sample action with valid index Test a394: Delete sample action with invalid index All test results: 1..29 ok 1 9784 - Add valid sample action with mandatory arguments ok 2 5c91 - Add valid sample action with mandatory arguments and continue control action ok 3 334b - Add valid sample action with mandatory arguments and drop control action ok 4 da69 - Add valid sample action with mandatory arguments and reclassify control action ok 5 13ce - Add valid sample action with mandatory arguments and pipe control action ok 6 1886 - Add valid sample action with mandatory arguments and jump control action ok 7 7571 - Add sample action with invalid rate ok 8 b6d4 - Add sample action with mandatory arguments and invalid control action ok 9 a874 - Add invalid sample action without mandatory arguments ok 10 ac01 - Add invalid sample action without mandatory argument rate ok 11 4203 - Add invalid sample action without mandatory argument group ok 12 14a7 - Add invalid sample action without mandatory argument group ok 13 8f2e - Add valid sample action with trunc argument ok 14 45f8 - Add sample action with maximum rate argument ok 15 ad0c - Add sample action with maximum trunc argument ok 16 83a9 - Add sample action with maximum group argument ok 17 ed27 - Add sample action with invalid rate argument ok 18 2eae - Add sample action with invalid group argument ok 19 6ff3 - Add sample action with invalid trunc size ok 20 2b2a - Add sample action with invalid index ok 21 dee2 - Add sample action with maximum allowed index ok 22 560e - Add sample action with cookie ok 23 704a - Replace existing sample action with new rate argument ok 24 60eb - Replace existing sample action with new group argument ok 25 2cce - Replace existing sample action with new trunc argument ok 26 59d1 - Replace existing sample action with new control argument ok 27 0a6e - Replace sample action with invalid goto chain control ok 28 3872 - Delete sample action with valid index ok 29 a394 - Delete sample action with invalid index ./tdc.py -c action tunnel_key considering category tunnel_key considering category action Test 2b11: Add tunnel_key set action with mandatory parameters Test dc6b: Add tunnel_key set action with missing mandatory src_ip parameter Test 7f25: Add tunnel_key set action with missing mandatory dst_ip parameter Test a5e0: Add tunnel_key set action with invalid src_ip parameter Test eaa8: Add tunnel_key set action with invalid dst_ip parameter Test 3b09: Add tunnel_key set action with invalid id parameter Test 9625: Add tunnel_key set action with invalid dst_port parameter Test 05af: Add tunnel_key set action with optional dst_port parameter Test da80: Add tunnel_key set action with index at 32-bit maximum Test d407: Add tunnel_key set action with index exceeding 32-bit maximum Test 5cba: Add tunnel_key set action with id value at 32-bit maximum Test e84a: Add tunnel_key set action with id value exceeding 32-bit maximum Test 9c19: Add tunnel_key set action with dst_port value at 16-bit maximum Test 3bd9: Add tunnel_key set action with dst_port value exceeding 16-bit maximum Test 68e2: Add tunnel_key unset action Test 6192: Add tunnel_key unset continue action Test 061d: Add tunnel_key set continue action with cookie Test 8acb: Add tunnel_key set continue action with invalid cookie Test a07e: Add tunnel_key action with no set/unset command specified Test b227: Add tunnel_key action with csum option Test 58a7: Add tunnel_key action with nocsum option Test 2575: Add tunnel_key action with not-supported parameter Test 7a88: Add tunnel_key action with cookie parameter Test 4f20: Add tunnel_key action with a single geneve option parameter Test e33d: Add tunnel_key action with multiple geneve options parameter Test 0778: Add tunnel_key action with invalid class geneve option parameter Test 4ae8: Add tunnel_key action with invalid type geneve option parameter Test 4039: Add tunnel_key action with short data length geneve option parameter Test 26a6: Add tunnel_key action with non-multiple of 4 data length geneve option parameter Test f44d: Add tunnel_key action with incomplete geneve options parameter Test 7afc: Replace tunnel_key set action with all parameters Test 364d: Replace tunnel_key set action with all parameters and cookie Test 937c: Fetch all existing tunnel_key actions Test 6783: Flush all existing tunnel_key actions Test 8242: Replace tunnel_key set action with invalid goto chain Test 0cd2: Add tunnel_key set action with no_percpu flag Test 3671: Delete tunnel_key set action with valid index Test 8597: Delete tunnel_key set action with invalid index All test results: 1..38 ok 1 2b11 - Add tunnel_key set action with mandatory parameters ok 2 dc6b - Add tunnel_key set action with missing mandatory src_ip parameter ok 3 7f25 - Add tunnel_key set action with missing mandatory dst_ip parameter ok 4 a5e0 - Add tunnel_key set action with invalid src_ip parameter ok 5 eaa8 - Add tunnel_key set action with invalid dst_ip parameter ok 6 3b09 - Add tunnel_key set action with invalid id parameter ok 7 9625 - Add tunnel_key set action with invalid dst_port parameter ok 8 05af - Add tunnel_key set action with optional dst_port parameter ok 9 da80 - Add tunnel_key set action with index at 32-bit maximum ok 10 d407 - Add tunnel_key set action with index exceeding 32-bit maximum ok 11 5cba - Add tunnel_key set action with id value at 32-bit maximum ok 12 e84a - Add tunnel_key set action with id value exceeding 32-bit maximum ok 13 9c19 - Add tunnel_key set action with dst_port value at 16-bit maximum ok 14 3bd9 - Add tunnel_key set action with dst_port value exceeding 16-bit maximum ok 15 68e2 - Add tunnel_key unset action ok 16 6192 - Add tunnel_key unset continue action ok 17 061d - Add tunnel_key set continue action with cookie ok 18 8acb - Add tunnel_key set continue action with invalid cookie ok 19 a07e - Add tunnel_key action with no set/unset command specified ok 20 b227 - Add tunnel_key action with csum option ok 21 58a7 - Add tunnel_key action with nocsum option ok 22 2575 - Add tunnel_key action with not-supported parameter ok 23 7a88 - Add tunnel_key action with cookie parameter ok 24 4f20 - Add tunnel_key action with a single geneve option parameter ok 25 e33d - Add tunnel_key action with multiple geneve options parameter ok 26 0778 - Add tunnel_key action with invalid class geneve option parameter ok 27 4ae8 - Add tunnel_key action with invalid type geneve option parameter ok 28 4039 - Add tunnel_key action with short data length geneve option parameter ok 29 26a6 - Add tunnel_key action with non-multiple of 4 data length geneve option parameter ok 30 f44d - Add tunnel_key action with incomplete geneve options parameter ok 31 7afc - Replace tunnel_key set action with all parameters ok 32 364d - Replace tunnel_key set action with all parameters and cookie ok 33 937c - Fetch all existing tunnel_key actions ok 34 6783 - Flush all existing tunnel_key actions ok 35 8242 - Replace tunnel_key set action with invalid goto chain ok 36 0cd2 - Add tunnel_key set action with no_percpu flag ok 37 3671 - Delete tunnel_key set action with valid index ok 38 8597 - Delete tunnel_key set action with invalid index Zhengchao Shao (8): selftests/tc-testings: add selftests for ctinfo action selftests/tc-testings: add selftests for gate action selftests/tc-testings: add selftests for xt action selftests/tc-testings: add connmark action deleting test case selftests/tc-testings: add ife action deleting test case selftests/tc-testings: add nat action deleting test case selftests/tc-testings: add sample action deleting test case selftests/tc-testings: add tunnel_key action deleting test case .../tc-testing/tc-tests/actions/connmark.json | 50 +++ .../tc-testing/tc-tests/actions/ctinfo.json | 316 ++++++++++++++++++ .../tc-testing/tc-tests/actions/gate.json | 315 +++++++++++++++++ .../tc-testing/tc-tests/actions/ife.json | 50 +++ .../tc-testing/tc-tests/actions/nat.json | 50 +++ .../tc-testing/tc-tests/actions/sample.json | 50 +++ .../tc-tests/actions/tunnel_key.json | 50 +++ .../tc-testing/tc-tests/actions/xt.json | 219 ++++++++++++ 8 files changed, 1100 insertions(+) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/actions/ctinfo.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/actions/gate.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/actions/xt.json -- 2.17.1

3 years

4
11
0 0

[PATCH v13 0/3] Add TDX Guest Attestation support

by Kuppuswamy Sathyanarayanan

Hi All, Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious hosts and some physical attacks. VM guest with TDX support is called as a TDX Guest. In TDX guest, attestation process is used to verify the TDX guest trustworthiness to other entities before provisioning secrets to the guest. For example, a key server may request for attestation before releasing the encryption keys to mount the encrypted rootfs or secondary drive. This patch set adds attestation support for the TDX guest. Details about the TDX attestation process and the steps involved are explained in the commit log of Patch 1/3 or in Documentation/x86/tdx.rst (added by patch 3/3). Following are the details of the patch set: Patch 1/3 -> Adds TDREPORT support. Patch 2/3 -> Adds selftest support for TDREPORT feature. Patch 3/3 -> Add attestation related documentation. Commit log history is maintained in the individual patches. Kuppuswamy Sathyanarayanan (3): x86/tdx: Add TDX Guest attestation interface driver selftests: tdx: Test TDX attestation GetReport support Documentation/x86: Document TDX attestation process Documentation/x86/tdx.rst | 75 +++++++++ arch/x86/coco/tdx/tdx.c | 115 +++++++++++++ arch/x86/include/uapi/asm/tdx.h | 56 +++++++ tools/arch/x86/include/uapi/asm/tdx.h | 56 +++++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/tdx/Makefile | 11 ++ tools/testing/selftests/tdx/config | 1 + tools/testing/selftests/tdx/tdx_attest_test.c | 157 ++++++++++++++++++ 8 files changed, 472 insertions(+) create mode 100644 arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/testing/selftests/tdx/Makefile create mode 100644 tools/testing/selftests/tdx/config create mode 100644 tools/testing/selftests/tdx/tdx_attest_test.c -- 2.34.1

3 years

7
37
0 0

[PATCH net-next,v3 0/9] refactor duplicate codes in the tc cls walk function

by Zhengchao Shao

The walk implementation of most tc cls modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. Then use helper function to replace the code of each cls module in alphabetical order. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Last, thanks to Jamal and Victor for their review. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -e 0811 ok 1 0811 - Add multiple basic filter with cmp ematch u8/link layer and default action and dump them ./tdc.py -e 5129 ok 1 5129 - List basic filters ./tdc.py -c bpf-filter ok 1 23c3 - Add cBPF filter with valid bytecode ok 2 1563 - Add cBPF filter with invalid bytecode ok 3 2334 - Add eBPF filter with valid object-file ok 4 2373 - Add eBPF filter with invalid object-file ok 5 4423 - Replace cBPF bytecode ok 6 5122 - Delete cBPF filter ok 7 e0a9 - List cBPF filters ./tdc.py -c cgroup ok 1 6273 - Add cgroup filter with cmp ematch u8/link layer and drop action ok 2 4721 - Add cgroup filter with cmp ematch u8/link layer with trans flag and pass action ok 3 d392 - Add cgroup filter with cmp ematch u16/link layer and pipe action ok 4 0234 - Add cgroup filter with cmp ematch u32/link layer and miltiple actions ok 5 8499 - Add cgroup filter with cmp ematch u8/network layer and pass action ok 6 b273 - Add cgroup filter with cmp ematch u8/network layer with trans flag and drop action ok 7 1934 - Add cgroup filter with cmp ematch u16/network layer and pipe action ok 8 2733 - Add cgroup filter with cmp ematch u32/network layer and miltiple actions ok 9 3271 - Add cgroup filter with NOT cmp ematch rule and pass action ok 10 2362 - Add cgroup filter with two ANDed cmp ematch rules and single action ok 11 9993 - Add cgroup filter with two ORed cmp ematch rules and single action ok 12 2331 - Add cgroup filter with two ANDed cmp ematch rules and one ORed ematch rule and single action ok 13 3645 - Add cgroup filter with two ANDed cmp ematch rules and one NOT ORed ematch rule and single action ok 14 b124 - Add cgroup filter with u32 ematch u8/zero offset and drop action ok 15 7381 - Add cgroup filter with u32 ematch u8/zero offset and invalid value >0xFF ok 16 2231 - Add cgroup filter with u32 ematch u8/positive offset and drop action ok 17 1882 - Add cgroup filter with u32 ematch u8/invalid mask >0xFF ok 18 1237 - Add cgroup filter with u32 ematch u8/missing offset ok 19 3812 - Add cgroup filter with u32 ematch u8/missing AT keyword ok 20 1112 - Add cgroup filter with u32 ematch u8/missing value ok 21 3241 - Add cgroup filter with u32 ematch u8/non-numeric value ok 22 e231 - Add cgroup filter with u32 ematch u8/non-numeric mask ok 23 4652 - Add cgroup filter with u32 ematch u8/negative offset and pass action ok 24 1331 - Add cgroup filter with u32 ematch u16/zero offset and pipe action ok 25 e354 - Add cgroup filter with u32 ematch u16/zero offset and invalid value >0xFFFF ok 26 3538 - Add cgroup filter with u32 ematch u16/positive offset and drop action ok 27 4576 - Add cgroup filter with u32 ematch u16/invalid mask >0xFFFF ok 28 b842 - Add cgroup filter with u32 ematch u16/missing offset ok 29 c924 - Add cgroup filter with u32 ematch u16/missing AT keyword ok 30 cc93 - Add cgroup filter with u32 ematch u16/missing value ok 31 123c - Add cgroup filter with u32 ematch u16/non-numeric value ok 32 3675 - Add cgroup filter with u32 ematch u16/non-numeric mask ok 33 1123 - Add cgroup filter with u32 ematch u16/negative offset and drop action ok 34 4234 - Add cgroup filter with u32 ematch u16/nexthdr+ offset and pass action ok 35 e912 - Add cgroup filter with u32 ematch u32/zero offset and pipe action ok 36 1435 - Add cgroup filter with u32 ematch u32/positive offset and drop action ok 37 1282 - Add cgroup filter with u32 ematch u32/missing offset ok 38 6456 - Add cgroup filter with u32 ematch u32/missing AT keyword ok 39 4231 - Add cgroup filter with u32 ematch u32/missing value ok 40 2131 - Add cgroup filter with u32 ematch u32/non-numeric value ok 41 f125 - Add cgroup filter with u32 ematch u32/non-numeric mask ok 42 4316 - Add cgroup filter with u32 ematch u32/negative offset and drop action ok 43 23ae - Add cgroup filter with u32 ematch u32/nexthdr+ offset and pipe action ok 44 23a1 - Add cgroup filter with canid ematch and single SFF ok 45 324f - Add cgroup filter with canid ematch and single SFF with mask ok 46 2576 - Add cgroup filter with canid ematch and multiple SFF ok 47 4839 - Add cgroup filter with canid ematch and multiple SFF with masks ok 48 6713 - Add cgroup filter with canid ematch and single EFF ok 49 4572 - Add cgroup filter with canid ematch and single EFF with mask ok 50 8031 - Add cgroup filter with canid ematch and multiple EFF ok 51 ab9d - Add cgroup filter with canid ematch and multiple EFF with masks ok 52 5349 - Add cgroup filter with canid ematch and a combination of SFF/EFF ok 53 c934 - Add cgroup filter with canid ematch and a combination of SFF/EFF with masks ok 54 4319 - Replace cgroup filter with diffferent match ok 55 4636 - Detele cgroup filter ./tdc.py -c flow ok 1 5294 - Add flow filter with map key and ops ok 2 3514 - Add flow filter with map key or ops ok 3 7534 - Add flow filter with map key xor ops ok 4 4524 - Add flow filter with map key rshift ops ok 5 0230 - Add flow filter with map key addend ops ok 6 2344 - Add flow filter with src map key ok 7 9304 - Add flow filter with proto map key ok 8 9038 - Add flow filter with proto-src map key ok 9 2a03 - Add flow filter with proto-dst map key ok 10 a073 - Add flow filter with iif map key ok 11 3b20 - Add flow filter with priority map key ok 12 8945 - Add flow filter with mark map key ok 13 c034 - Add flow filter with nfct map key ok 14 0205 - Add flow filter with nfct-src map key ok 15 5315 - Add flow filter with nfct-src map key ok 16 7849 - Add flow filter with nfct-proto-src map key ok 17 9902 - Add flow filter with nfct-proto-dst map key ok 18 6742 - Add flow filter with rt-classid map key ok 19 5432 - Add flow filter with sk-uid map key ok 20 4234 - Add flow filter with sk-gid map key ok 21 4522 - Add flow filter with vlan-tag map key ok 22 4253 - Add flow filter with rxhash map key ok 23 4452 - Add flow filter with hash key list ok 24 4341 - Add flow filter with muliple ops ok 25 4392 - List flow filters ok 26 4322 - Change flow filter with map key num ok 27 2320 - Replace flow filter with map key num ok 28 3213 - Delete flow filter with map key num ./tdc.py -c route ok 1 e122 - Add route filter with from and to tag ok 2 6573 - Add route filter with fromif and to tag ok 3 1362 - Add route filter with to flag and reclassify action ok 4 4720 - Add route filter with from flag and continue actions ok 5 2812 - Add route filter with form tag and pipe action ok 6 7994 - Add route filter with miltiple actions ok 7 4312 - List route filters ok 8 2634 - Delete route filter with pipe action ./tdc.py -c rsvp ok 1 2141 - Add rsvp filter with tcp proto and specific IP address ok 2 5267 - Add rsvp filter with udp proto and specific IP address ok 3 2819 - Add rsvp filter with src ip and src port ok 4 c967 - Add rsvp filter with tunnelid and continue action ok 5 5463 - Add rsvp filter with tunnel and pipe action ok 6 2332 - Add rsvp filter with miltiple actions ok 7 8879 - Add rsvp filter with tunnel and skp flag ok 8 8261 - List rsvp filters ok 9 8989 - Delete rsvp filter ./tdc.py -c tcindex ok 1 8293 - Add tcindex filter with default action ok 2 7281 - Add tcindex filter with hash size and pass action ok 3 b294 - Add tcindex filter with mask shift and reclassify action ok 4 0532 - Add tcindex filter with pass_on and continue actions ok 5 d473 - Add tcindex filter with pipe action ok 6 2940 - Add tcindex filter with miltiple actions ok 7 1893 - List tcindex filters ok 8 2041 - Change tcindex filter with pass action ok 9 9203 - Replace tcindex filter with pass action ok 10 7957 - Delete tcindex filter with drop action --- v3: Modify the test case format alignment v2: rectify spelling error; The category name bpf in filters file is renamed to bpf-filter --- Zhengchao Shao (9): net/sched: cls_api: add helper for tc cls walker stats updating net/sched: use tc_cls_stats_update() in filter selftests/tc-testings: add selftests for bpf filter selftests/tc-testings: add selftests for cgroup filter selftests/tc-testings: add selftests for flow filter selftests/tc-testings: add selftests for route filter selftests/tc-testings: add selftests for rsvp filter selftests/tc-testings: add selftests for tcindex filter selftests/tc-testings: add list case for basic filter include/net/pkt_cls.h | 13 + net/sched/cls_basic.c | 9 +- net/sched/cls_bpf.c | 8 +- net/sched/cls_flow.c | 8 +- net/sched/cls_fw.c | 9 +- net/sched/cls_route.c | 9 +- net/sched/cls_rsvp.h | 9 +- net/sched/cls_tcindex.c | 18 +- net/sched/cls_u32.c | 20 +- .../tc-testing/tc-tests/filters/basic.json | 47 + .../tc-testing/tc-tests/filters/bpf.json | 171 +++ .../tc-testing/tc-tests/filters/cgroup.json | 1236 +++++++++++++++++ .../tc-testing/tc-tests/filters/flow.json | 623 +++++++++ .../tc-testing/tc-tests/filters/route.json | 181 +++ .../tc-testing/tc-tests/filters/rsvp.json | 203 +++ .../tc-testing/tc-tests/filters/tcindex.json | 227 +++ 16 files changed, 2716 insertions(+), 75 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/bpf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/cgroup.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/flow.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/route.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/rsvp.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json -- 2.17.1

3 years

4
14
0 0

[PATCH net-next 0/5] mptcp: allow privileged operations from user ns & cleanup

by Matthieu Baerts

This series allows privileged Netlink operations from user namespaces. When a non-root user configures MPTCP endpoints, the memory allocation is now accounted to this user. See patches 4 and 5. Apart from that, there are some cleanup: - Patch 1 adds a macro to improve code readability - Patch 2 regroups similar checks all together - Patch 3 uses an explicit boolean instead of a counter to do one more check Geliang Tang (2): selftests: mptcp: move prefix tests of addr_nr_ns2 together mptcp: add do_check_data_fin to replace copied Matthieu Baerts (1): mptcp: add mptcp_for_each_subflow_safe helper Thomas Haller (2): mptcp: allow privileged operations from user namespaces mptcp: account memory allocation in mptcp_nl_cmd_add_addr() to user net/mptcp/pm_netlink.c | 22 +++++++++---------- net/mptcp/protocol.c | 13 ++++++----- net/mptcp/protocol.h | 2 ++ .../testing/selftests/net/mptcp/mptcp_join.sh | 10 ++++----- 4 files changed, 24 insertions(+), 23 deletions(-) base-commit: 03fdb11da92fde0bdc0b6e9c1c642b7414d49e8d -- 2.37.2

3 years

2
2
0 0

Re: [PATCH -next 4/5] selftests/memory-hotplug: Restore memory before exit

by zhaogongyi

Hi, Thanks for your review, I have submit the patches in a new version as your suggestion. Best Wishes, Gongyi > > On 09.09.22 09:51, Zhao Gongyi wrote: > > Some momory will be left in offline state when calling > > offline_memory_expect_fail() failed. Restore it before exit. > > > > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com> > > --- > > .../memory-hotplug/mem-on-off-test.sh | 24 > +++++++++++++------ > > 1 file changed, 17 insertions(+), 7 deletions(-) > > > > diff --git a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > index 3bdf3c4d6d06..259fd8978639 100755 > > --- a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > +++ b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh > > @@ -134,6 +134,17 @@ offline_memory_expect_fail() > > return 0 > > } > > > > +online_all_hot_pluggable_memory() > > +{ > > + > > + for memory in `hotpluggable_offline_memory`; do > > + online_memory_expect_success $memory || { > > + echo "online memory $memory: unexpected fail" > > + retval=1 > > + } > > + done > > +} > > Maybe call it > > "online_all_offline_memory()" > > instead? > > Note that "removable" as used in hotpluggable_memory() will nowadays > always return "1" if the kernel supports memory hotunplug, independent > of the specific memory block. > > -- > Thanks, > > David / dhildenb

3 years

1
0
0 0

Re: Wycena paneli fotowoltaicznych

by Raj Rajasekar

Dear Is the below mail from you? ----- Dzień dobry, dostrzegam możliwość współpracy z Państwa firmą. Świadczymy kompleksową obsługę inwestycji w fotowoltaikę, która obniża koszty energii elektrycznej nawet o 90%. Czy są Państwo zainteresowani weryfikacją wstępnych propozycji? Pozdrawiam, Norbert Karecki ---- Raj Manager - Engineering and Projects [cid:image001.png@01D8C8E0.52373950] Jebel Ali Industrial Area 3, P.O.Box 51328, Dubai, UAE. Ph: +9714-8997900 Fax: +9714-8841589 Mob: +971-56-3656857 www.tristar-group.co<http://www.tristar-group.co/> This email and any attachments may contain confidential information. If you have received them in error, please delete them and contact Tristar. If the content of this e-mail does not relate to Tristar's business, Tristar does not endorse it. You should check attachments for virus before opening. Tristar Transport is a limited liability company incorporated in the UAE.

3 years

1
0
0 0

[PATCH net-next 0/9] refactor duplicate codes in the tc cls walk function

by Zhengchao Shao

The walk implementation of most tc cls modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. Then use helper function to replace the code of each cls module in alphabetical order. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -e 0811 ok 1 0811 - Add multiple basic filter with cmp ematch u8/link layer and default action and dump them ./tdc.py -e 5129 ok 1 5129 - List basic filters ./tdc.py -c filters bpf ok 13 23c3 - Add cBPF filter with valid bytecode ok 14 1563 - Add cBPF filter with invalid bytecode ok 15 2334 - Add eBPF filter with valid object-file ok 16 2373 - Add eBPF filter with invalid object-file ok 17 4423 - Replace cBPF bytecode ok 18 5122 - Delete cBPF filter ok 19 e0a9 - List cBPF filters ./tdc.py -c filters cgroup ok 1 6273 - Add cgroup filter with cmp ematch u8/link layer and drop action ok 2 4721 - Add cgroup filter with cmp ematch u8/link layer with trans flag and pass action ok 3 d392 - Add cgroup filter with cmp ematch u16/link layer and pipe action ok 4 0234 - Add cgroup filter with cmp ematch u32/link layer and miltiple actions ok 5 8499 - Add cgroup filter with cmp ematch u8/network layer and pass action ok 6 b273 - Add cgroup filter with cmp ematch u8/network layer with trans flag and drop action ok 7 1934 - Add cgroup filter with cmp ematch u16/network layer and pipe action ok 8 2733 - Add cgroup filter with cmp ematch u32/network layer and miltiple actions ok 9 3271 - Add cgroup filter with NOT cmp ematch rule and pass action ok 10 2362 - Add cgroup filter with two ANDed cmp ematch rules and single action ok 11 9993 - Add cgroup filter with two ORed cmp ematch rules and single action ok 12 2331 - Add cgroup filter with two ANDed cmp ematch rules and one ORed ematch rule and single action ok 13 3645 - Add cgroup filter with two ANDed cmp ematch rules and one NOT ORed ematch rule and single action ok 14 b124 - Add cgroup filter with u32 ematch u8/zero offset and drop action ok 15 7381 - Add cgroup filter with u32 ematch u8/zero offset and invalid value >0xFF ok 16 2231 - Add cgroup filter with u32 ematch u8/positive offset and drop action ok 17 1882 - Add cgroup filter with u32 ematch u8/invalid mask >0xFF ok 18 1237 - Add cgroup filter with u32 ematch u8/missing offset ok 19 3812 - Add cgroup filter with u32 ematch u8/missing AT keyword ok 20 1112 - Add cgroup filter with u32 ematch u8/missing value ok 21 3241 - Add cgroup filter with u32 ematch u8/non-numeric value ok 22 e231 - Add cgroup filter with u32 ematch u8/non-numeric mask ok 23 4652 - Add cgroup filter with u32 ematch u8/negative offset and pass action ok 24 1331 - Add cgroup filter with u32 ematch u16/zero offset and pipe action ok 25 e354 - Add cgroup filter with u32 ematch u16/zero offset and invalid value >0xFFFF ok 26 3538 - Add cgroup filter with u32 ematch u16/positive offset and drop action ok 27 4576 - Add cgroup filter with u32 ematch u16/invalid mask >0xFFFF ok 28 b842 - Add cgroup filter with u32 ematch u16/missing offset ok 29 c924 - Add cgroup filter with u32 ematch u16/missing AT keyword ok 30 cc93 - Add cgroup filter with u32 ematch u16/missing value ok 31 123c - Add cgroup filter with u32 ematch u16/non-numeric value ok 32 3675 - Add cgroup filter with u32 ematch u16/non-numeric mask ok 33 1123 - Add cgroup filter with u32 ematch u16/negative offset and drop action ok 34 4234 - Add cgroup filter with u32 ematch u16/nexthdr+ offset and pass action ok 35 e912 - Add cgroup filter with u32 ematch u32/zero offset and pipe action ok 36 1435 - Add cgroup filter with u32 ematch u32/positive offset and drop action ok 37 1282 - Add cgroup filter with u32 ematch u32/missing offset ok 38 6456 - Add cgroup filter with u32 ematch u32/missing AT keyword ok 39 4231 - Add cgroup filter with u32 ematch u32/missing value ok 40 2131 - Add cgroup filter with u32 ematch u32/non-numeric value ok 41 f125 - Add cgroup filter with u32 ematch u32/non-numeric mask ok 42 4316 - Add cgroup filter with u32 ematch u32/negative offset and drop action ok 43 23ae - Add cgroup filter with u32 ematch u32/nexthdr+ offset and pipe action ok 44 23a1 - Add cgroup filter with canid ematch and single SFF ok 45 324f - Add cgroup filter with canid ematch and single SFF with mask ok 46 2576 - Add cgroup filter with canid ematch and multiple SFF ok 47 4839 - Add cgroup filter with canid ematch and multiple SFF with masks ok 48 6713 - Add cgroup filter with canid ematch and single EFF ok 49 4572 - Add cgroup filter with canid ematch and single EFF with mask ok 50 8031 - Add cgroup filter with canid ematch and multiple EFF ok 51 ab9d - Add cgroup filter with canid ematch and multiple EFF with masks ok 52 5349 - Add cgroup filter with canid ematch and a combination of SFF/EFF ok 53 c934 - Add cgroup filter with canid ematch and a combination of SFF/EFF with masks ok 54 4319 - Replace cgroup filter with diffferent match ok 55 4636 - Detele cgroup filter ./tdc.py -c filters flow ok 1 5294 - Add flow filter with map key and ops ok 2 3514 - Add flow filter with map key or ops ok 3 7534 - Add flow filter with map key xor ops ok 4 4524 - Add flow filter with map key rshift ops ok 5 0230 - Add flow filter with map key addend ops ok 6 2344 - Add flow filter with src map key ok 7 9304 - Add flow filter with proto map key ok 8 9038 - Add flow filter with proto-src map key ok 9 2a03 - Add flow filter with proto-dst map key ok 10 a073 - Add flow filter with iif map key ok 11 3b20 - Add flow filter with priority map key ok 12 8945 - Add flow filter with mark map key ok 13 c034 - Add flow filter with nfct map key ok 14 0205 - Add flow filter with nfct-src map key ok 15 5315 - Add flow filter with nfct-src map key ok 16 7849 - Add flow filter with nfct-proto-src map key ok 17 9902 - Add flow filter with nfct-proto-dst map key ok 18 6742 - Add flow filter with rt-classid map key ok 19 5432 - Add flow filter with sk-uid map key ok 20 4234 - Add flow filter with sk-gid map key ok 21 4522 - Add flow filter with vlan-tag map key ok 22 4253 - Add flow filter with rxhash map key ok 23 4452 - Add flow filter with hash key list ok 24 4341 - Add flow filter with muliple ops ok 25 4322 - List flow filters ok 26 2320 - Replace flow filter with map key num ok 27 3213 - Delete flow filter with map key num ./tdc.py -c filters route ok 1 e122 - Add route filter with from and to tag ok 2 6573 - Add route filter with fromif and to tag ok 3 1362 - Add route filter with to flag and reclassify action ok 4 4720 - Add route filter with from flag and continue actions ok 5 2812 - Add route filter with form tag and pipe action ok 6 7994 - Add route filter with miltiple actions ok 7 4312 - List route filters ok 8 2634 - Delete route filters with pipe action ./tdc.py -c filters rsvp ok 1 2141 - Add rsvp filter with tcp proto and specific IP address ok 2 5267 - Add rsvp filter with udp proto and specific IP address ok 3 2819 - Add rsvp filter with src ip and src port ok 4 c967 - Add rsvp filter with tunnelid and continue action ok 5 5463 - Add rsvp filter with tunnel and pipe action ok 6 2332 - Add rsvp filter with miltiple actions ok 7 8879 - Add rsvp filter with tunnel and skp flag ok 8 8261 - List rsvp filters ok 9 8989 - Delete rsvp filters ./tdc.py -c filters tcindex ok 1 8293 - Add tcindex filter with default action ok 2 7281 - Add tcindex filter with hash size and pass action ok 3 b294 - Add tcindex filter with mask shift and reclassify action ok 4 0532 - Add tcindex filter with pass_on and continue actions ok 5 d473 - Add tcindex filter with pipe action ok 6 2940 - Add tcindex filter with miltiple actions ok 7 1893 - List tcindex filters ok 8 2041 - Change tcindex filters with pass action ok 9 9203 - Replace tcindex filters with pass action ok 10 7957 - Delete tcindex filters with drop action Zhengchao Shao (9): net/sched: cls_api: add helper for tc cls walker stats updating net/sched: use tc_cls_stats_update() in filter selftests/tc-testings: add selftests for bpf filter selftests/tc-testings: add selftests for cgroup filter selftests/tc-testings: add selftests for flow filter selftests/tc-testings: add selftests for route filter selftests/tc-testings: add selftests for rsvp filter selftests/tc-testings: add selftests for tcindex filter selftests/tc-testings: add list case for basic filter include/net/pkt_cls.h | 13 + net/sched/cls_basic.c | 9 +- net/sched/cls_bpf.c | 8 +- net/sched/cls_flow.c | 8 +- net/sched/cls_fw.c | 9 +- net/sched/cls_route.c | 9 +- net/sched/cls_rsvp.h | 9 +- net/sched/cls_tcindex.c | 18 +- net/sched/cls_u32.c | 20 +- .../tc-testing/tc-tests/filters/basic.json | 47 + .../tc-testing/tc-tests/filters/bpf.json | 171 +++ .../tc-testing/tc-tests/filters/cgroup.json | 1236 +++++++++++++++++ .../tc-testing/tc-tests/filters/flow.json | 623 +++++++++ .../tc-testing/tc-tests/filters/route.json | 181 +++ .../tc-testing/tc-tests/filters/rsvp.json | 203 +++ .../tc-testing/tc-tests/filters/tcindex.json | 227 +++ 16 files changed, 2716 insertions(+), 75 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/bpf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/cgroup.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/flow.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/route.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/rsvp.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json -- 2.17.1

3 years

4
14
0 0

[V1 PATCH 0/5] Execute hypercalls from guests according to cpu type

by Vishal Annapurve

This series is posted in context of the discussion at: https://lore.kernel.org/lkml/Ywa9T+jKUpaHLu%2Fl@google.com/ Major changes: 1) Move common startup logic to a single common main function in kvm_util.c 2) Introduce following APIs: kvm_arch_main: to perform arch specific common startup. kvm_post_vm_load: to update the guest memory state to convey common information to guests. 3) For x86, capture cpu type at startup and pass on the cpu type to guest after guest elf is loaded. 4) Execute hypercall instruction from within guest VMs according to the cpu type. This will help prevent an extra kvm exit during hypercall execution. Vishal Annapurve (5): selftests: kvm: move common startup logic to kvm_util.c selftests: kvm: Introduce kvm_arch_main and helpers selftests: kvm: x86: Execute vmcall/vmmcall according to CPU type selftests: kvm: delete svm_vmcall_test selftests: kvm: Execute vmcall/vmmcall as per cpu type tools/testing/selftests/kvm/.gitignore | 1 - .../selftests/kvm/aarch64/arch_timer.c | 5 +- .../selftests/kvm/aarch64/debug-exceptions.c | 2 +- .../selftests/kvm/aarch64/get-reg-list.c | 2 +- .../selftests/kvm/aarch64/hypercalls.c | 4 +- .../testing/selftests/kvm/aarch64/psci_test.c | 2 +- .../selftests/kvm/aarch64/vcpu_width_config.c | 2 +- .../testing/selftests/kvm/aarch64/vgic_init.c | 2 +- .../testing/selftests/kvm/aarch64/vgic_irq.c | 5 +- .../selftests/kvm/access_tracking_perf_test.c | 4 +- .../selftests/kvm/demand_paging_test.c | 7 +- .../selftests/kvm/dirty_log_perf_test.c | 4 +- tools/testing/selftests/kvm/dirty_log_test.c | 4 +- .../selftests/kvm/hardware_disable_test.c | 2 +- .../selftests/kvm/include/kvm_util_base.h | 15 ++++ .../selftests/kvm/include/x86_64/processor.h | 10 +++ .../selftests/kvm/include/x86_64/vmx.h | 9 --- .../selftests/kvm/kvm_binary_stats_test.c | 3 +- .../selftests/kvm/kvm_create_max_vcpus.c | 4 +- .../selftests/kvm/kvm_page_table_test.c | 4 +- .../selftests/kvm/lib/aarch64/processor.c | 8 ++ tools/testing/selftests/kvm/lib/elf.c | 2 + tools/testing/selftests/kvm/lib/kvm_util.c | 12 +++ .../selftests/kvm/lib/riscv/processor.c | 8 ++ .../selftests/kvm/lib/s390x/processor.c | 8 ++ tools/testing/selftests/kvm/lib/sparsebit.c | 2 +- .../selftests/kvm/lib/x86_64/perf_test_util.c | 2 +- .../selftests/kvm/lib/x86_64/processor.c | 38 +++++++++- .../selftests/kvm/max_guest_memory_test.c | 2 +- .../kvm/memslot_modification_stress_test.c | 4 +- .../testing/selftests/kvm/memslot_perf_test.c | 9 +-- tools/testing/selftests/kvm/rseq_test.c | 7 +- tools/testing/selftests/kvm/s390x/memop.c | 4 +- tools/testing/selftests/kvm/s390x/resets.c | 4 +- .../selftests/kvm/s390x/sync_regs_test.c | 5 +- tools/testing/selftests/kvm/s390x/tprot.c | 2 +- .../selftests/kvm/set_memory_region_test.c | 7 +- tools/testing/selftests/kvm/steal_time.c | 4 +- .../kvm/system_counter_offset_test.c | 2 +- tools/testing/selftests/kvm/x86_64/amx_test.c | 2 +- .../testing/selftests/kvm/x86_64/cpuid_test.c | 2 +- .../kvm/x86_64/cr4_cpuid_sync_test.c | 6 +- .../testing/selftests/kvm/x86_64/debug_regs.c | 4 +- .../kvm/x86_64/emulator_error_test.c | 7 +- .../testing/selftests/kvm/x86_64/evmcs_test.c | 2 +- .../selftests/kvm/x86_64/fix_hypercall_test.c | 2 +- .../kvm/x86_64/get_msr_index_features.c | 2 +- .../selftests/kvm/x86_64/hyperv_clock.c | 2 +- .../selftests/kvm/x86_64/hyperv_cpuid.c | 7 +- .../selftests/kvm/x86_64/hyperv_features.c | 2 +- .../selftests/kvm/x86_64/hyperv_svm_test.c | 2 +- .../selftests/kvm/x86_64/kvm_clock_test.c | 2 +- .../selftests/kvm/x86_64/kvm_pv_test.c | 2 +- .../kvm/x86_64/max_vcpuid_cap_test.c | 3 +- .../selftests/kvm/x86_64/mmio_warning_test.c | 4 +- .../selftests/kvm/x86_64/monitor_mwait_test.c | 3 +- .../selftests/kvm/x86_64/nx_huge_pages_test.c | 4 +- .../selftests/kvm/x86_64/platform_info_test.c | 7 +- .../kvm/x86_64/pmu_event_filter_test.c | 7 +- .../selftests/kvm/x86_64/set_boot_cpu_id.c | 2 +- .../selftests/kvm/x86_64/set_sregs_test.c | 7 +- .../selftests/kvm/x86_64/sev_migrate_tests.c | 3 +- tools/testing/selftests/kvm/x86_64/smm_test.c | 4 +- .../testing/selftests/kvm/x86_64/state_test.c | 10 +-- .../selftests/kvm/x86_64/svm_int_ctl_test.c | 3 +- .../kvm/x86_64/svm_nested_soft_inject_test.c | 7 +- .../selftests/kvm/x86_64/svm_vmcall_test.c | 74 ------------------- .../selftests/kvm/x86_64/sync_regs_test.c | 7 +- .../kvm/x86_64/triple_fault_event_test.c | 2 +- .../selftests/kvm/x86_64/tsc_msrs_test.c | 4 +- .../selftests/kvm/x86_64/tsc_scaling_sync.c | 3 +- .../kvm/x86_64/ucna_injection_test.c | 2 +- .../selftests/kvm/x86_64/userspace_io_test.c | 6 +- .../kvm/x86_64/userspace_msr_exit_test.c | 7 +- .../kvm/x86_64/vmx_apic_access_test.c | 5 +- .../kvm/x86_64/vmx_close_while_nested_test.c | 2 +- .../selftests/kvm/x86_64/vmx_dirty_log_test.c | 4 +- .../vmx_exception_with_invalid_guest_state.c | 2 +- .../x86_64/vmx_invalid_nested_guest_state.c | 2 +- .../selftests/kvm/x86_64/vmx_msrs_test.c | 2 +- .../kvm/x86_64/vmx_nested_tsc_scaling_test.c | 5 +- .../selftests/kvm/x86_64/vmx_pmu_caps_test.c | 2 +- .../kvm/x86_64/vmx_preemption_timer_test.c | 4 +- .../kvm/x86_64/vmx_set_nested_state_test.c | 3 +- .../kvm/x86_64/vmx_tsc_adjust_test.c | 5 +- .../selftests/kvm/x86_64/xapic_ipi_test.c | 4 +- .../selftests/kvm/x86_64/xapic_state_test.c | 2 +- .../selftests/kvm/x86_64/xen_shinfo_test.c | 67 +++++++---------- .../selftests/kvm/x86_64/xen_vmcall_test.c | 17 +++-- .../selftests/kvm/x86_64/xss_msr_test.c | 2 +- 90 files changed, 223 insertions(+), 339 deletions(-) delete mode 100644 tools/testing/selftests/kvm/x86_64/svm_vmcall_test.c -- 2.37.2.789.g6183377224-goog

3 years

3
16
0 0

[RFC PATCH] bonding: cause oops on aarch64 architecture in bond_rr_gen_slave_id

by Jonathan Toppins

This bonding selftest causes the following kernel oops on aarch64 and possibly ppc64le architectures. This was reproduced on net/master commit 64ae13ed478428135cddc2f1113dff162d8112d4 net: core: fix flow symmetric hash [ 329.805838] kselftest: Running tests in drivers/net/bonding [ 330.011028] eth0: renamed from link1_2 [ 330.220846] eth0: renamed from link1_1 [ 330.387755] bond0: (slave eth0): making interface the new active one [ 330.394165] bond0: (slave eth0): Enslaving as an active interface with an up link [ 330.401867] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 334.586619] bond0: (slave eth0): Releasing backup interface [ 334.671065] bond0: (slave eth0): Enslaving as an active interface with an up link [ 334.686773] Unable to handle kernel paging request at virtual address ffff2c91ac905000 [ 334.694703] Mem abort info: [ 334.697486] ESR = 0x0000000096000004 [ 334.701234] EC = 0x25: DABT (current EL), IL = 32 bits [ 334.706536] SET = 0, FnV = 0 [ 334.709579] EA = 0, S1PTW = 0 [ 334.712719] FSC = 0x04: level 0 translation fault [ 334.717586] Data abort info: [ 334.720454] ISV = 0, ISS = 0x00000004 [ 334.724288] CM = 0, WnR = 0 [ 334.727244] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000008044d662000 [ 334.733944] [ffff2c91ac905000] pgd=0000000000000000, p4d=0000000000000000 [ 334.740734] Internal error: Oops: 96000004 [#1] SMP [ 334.745602] Modules linked in: bonding tls veth rfkill sunrpc arm_spe_pmu vfat fat acpi_ipmi ipmi_ssif ixgbe igb i40e mdio ipmi_devintf ipmi_msghandler arm_cmn arm_dsu_pmu cppc_cpufreq acpi_tad fuse zram crct10dif_ce ast ghash_ce sbsa_gwdt nvme drm_vram_helper drm_ttm_helper nvme_core ttm xgene_hwmon [ 334.772217] CPU: 7 PID: 2214 Comm: ping Not tainted 6.0.0-rc4-00133-g64ae13ed4784 #4 [ 334.779950] Hardware name: GIGABYTE R272-P31-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021 [ 334.789244] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 334.796196] pc : bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.801691] lr : bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.807962] sp : ffff8000221733e0 [ 334.811265] x29: ffff8000221733e0 x28: ffffdbac8572d198 x27: ffff80002217357c [ 334.818392] x26: 000000000000002a x25: ffffdbacb33ee000 x24: ffff07ff980fa000 [ 334.825519] x23: ffffdbacb2e398ba x22: ffff07ff98102000 x21: ffff07ff981029c0 [ 334.832646] x20: 0000000000000001 x19: ffff07ff981029c0 x18: 0000000000000014 [ 334.839773] x17: 0000000000000000 x16: ffffdbacb1004364 x15: 0000aaaabe2f5a62 [ 334.846899] x14: ffff07ff8e55d968 x13: ffff07ff8e55db30 x12: 0000000000000000 [ 334.854026] x11: ffffdbacb21532e8 x10: 0000000000000001 x9 : ffffdbac857178ec [ 334.861153] x8 : ffff07ff9f6e5a28 x7 : 0000000000000000 x6 : 000000007c2b3742 [ 334.868279] x5 : ffff2c91ac905000 x4 : ffff2c91ac905000 x3 : ffff07ff9f554400 [ 334.875406] x2 : ffff2c91ac905000 x1 : 0000000000000001 x0 : ffff07ff981029c0 [ 334.882532] Call trace: [ 334.884967] bond_rr_gen_slave_id+0x40/0x124 [bonding] [ 334.890109] bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding] [ 334.896033] __bond_start_xmit+0x128/0x3a0 [bonding] [ 334.901001] bond_start_xmit+0x54/0xb0 [bonding] [ 334.905622] dev_hard_start_xmit+0xb4/0x220 [ 334.909798] __dev_queue_xmit+0x1a0/0x720 [ 334.913799] arp_xmit+0x3c/0xbc [ 334.916932] arp_send_dst+0x98/0xd0 [ 334.920410] arp_solicit+0xe8/0x230 [ 334.923888] neigh_probe+0x60/0xb0 [ 334.927279] __neigh_event_send+0x3b0/0x470 [ 334.931453] neigh_resolve_output+0x70/0x90 [ 334.935626] ip_finish_output2+0x158/0x514 [ 334.939714] __ip_finish_output+0xac/0x1a4 [ 334.943800] ip_finish_output+0x40/0xfc [ 334.947626] ip_output+0xf8/0x1a4 [ 334.950931] ip_send_skb+0x5c/0x100 [ 334.954410] ip_push_pending_frames+0x3c/0x60 [ 334.958758] raw_sendmsg+0x458/0x6d0 [ 334.962325] inet_sendmsg+0x50/0x80 [ 334.965805] sock_sendmsg+0x60/0x6c [ 334.969286] __sys_sendto+0xc8/0x134 [ 334.972853] __arm64_sys_sendto+0x34/0x4c [ 334.976854] invoke_syscall+0x78/0x100 [ 334.980594] el0_svc_common.constprop.0+0x4c/0xf4 [ 334.985287] do_el0_svc+0x38/0x4c [ 334.988591] el0_svc+0x34/0x10c [ 334.991724] el0t_64_sync_handler+0x11c/0x150 [ 334.996072] el0t_64_sync+0x190/0x194 [ 334.999726] Code: b9001062 f9403c02 d53cd044 8b040042 (b8210040) [ 335.005810] ---[ end trace 0000000000000000 ]--- [ 335.010416] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 335.017279] SMP: stopping secondary CPUs [ 335.021374] Kernel Offset: 0x5baca8eb0000 from 0xffff800008000000 [ 335.027456] PHYS_OFFSET: 0x80000000 [ 335.030932] CPU features: 0x0000,0085c029,19805c82 [ 335.035713] Memory Limit: none [ 335.038756] Rebooting in 180 seconds.. Signed-off-by: Jonathan Toppins <jtoppins(a)redhat.com> --- .../selftests/drivers/net/bonding/Makefile | 1 + .../bonding/bond-arp-interval-causes-panic.sh | 46 +++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100755 tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh diff --git a/tools/testing/selftests/drivers/net/bonding/Makefile b/tools/testing/selftests/drivers/net/bonding/Makefile index ab6c54b12098..79bb06fd386a 100644 --- a/tools/testing/selftests/drivers/net/bonding/Makefile +++ b/tools/testing/selftests/drivers/net/bonding/Makefile @@ -2,5 +2,6 @@ # Makefile for net selftests TEST_PROGS := bond-break-lacpdu-tx.sh +TEST_PROGS += bond-arp-interval-causes-panic.sh include ../../../lib.mk diff --git a/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh new file mode 100755 index 000000000000..0c3e5d486193 --- /dev/null +++ b/tools/testing/selftests/drivers/net/bonding/bond-arp-interval-causes-panic.sh @@ -0,0 +1,46 @@ +#!/bin/sh + +# cause kernel oops in bond_rr_gen_slave_id on aarch64 and ppcle +# architectures +DEBUG=${DEBUG:-0} + +set -e +test ${DEBUG} -ne 0 && set -x + +function finish() +{ + ip -all netns delete + ip link del link1_1 || true +} + +trap finish EXIT + +client_ip4=192.168.1.198 +server_ip4=192.168.1.254 + +# setup kernel so it reboots after causing the panic +echo 180 >/proc/sys/kernel/panic + +# build namespaces +ip link add dev link1_1 type veth peer name link1_2 + +ip netns add "server" +ip link set dev link1_2 netns server up name eth0 +ip netns exec server ip addr add ${server_ip4}/24 dev eth0 + +ip netns add "client" +ip link set dev link1_1 netns client down name eth0 +ip netns exec client ip link add dev bond0 down type bond mode 1 miimon 100 all_slaves_active 1 +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ip addr add ${client_ip4}/24 dev bond0 +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +ip netns exec client ip link set dev eth0 down nomaster +ip netns exec client ip link set dev bond0 down +ip netns exec client ip link set dev bond0 type bond mode 0 arp_interval 1000 arp_ip_target "+${server_ip4}" +ip netns exec client ip link set dev eth0 down master bond0 +ip netns exec client ip link set dev bond0 up +ip netns exec client ping -c 5 $server_ip4 >/dev/null + +exit 0 -- 2.31.1

3 years

2
2
0 0

[PATCH] selftests/futex: fix build for clang

by Ricardo Cañuelo

Don't use the test-specific header files as source files to force a target dependency, as clang will complain if more than one source file is used for a compile command with a single '-o' flag. Use the proper Makefile variables instead as defined in tools/testing/selftests/lib.mk. Signed-off-by: Ricardo Cañuelo <ricardo.canuelo(a)collabora.com> --- tools/testing/selftests/futex/functional/Makefile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/futex/functional/Makefile b/tools/testing/selftests/futex/functional/Makefile index 732149011692..5a0e0df8de9b 100644 --- a/tools/testing/selftests/futex/functional/Makefile +++ b/tools/testing/selftests/futex/functional/Makefile @@ -3,11 +3,11 @@ INCLUDES := -I../include -I../../ -I../../../../../usr/include/ CFLAGS := $(CFLAGS) -g -O2 -Wall -D_GNU_SOURCE -pthread $(INCLUDES) $(KHDR_INCLUDES) LDLIBS := -lpthread -lrt -HEADERS := \ +LOCAL_HDRS := \ ../include/futextest.h \ ../include/atomic.h \ ../include/logging.h -TEST_GEN_FILES := \ +TEST_GEN_PROGS := \ futex_wait_timeout \ futex_wait_wouldblock \ futex_requeue_pi \ @@ -24,5 +24,3 @@ TEST_PROGS := run.sh top_srcdir = ../../../../.. DEFAULT_INSTALL_HDR_PATH := 1 include ../../lib.mk - -$(TEST_GEN_FILES): $(HEADERS) -- 2.25.1

3 years

2
2
0 0

[PATCH net-next,v2 0/9] refactor duplicate codes in the tc cls walk function

by Zhengchao Shao

The walk implementation of most tc cls modules is basically the same. That is, the values of count and skip are checked first. If count is greater than or equal to skip, the registered fn function is executed. Otherwise, increase the value of count. So the code can be refactored. Then use helper function to replace the code of each cls module in alphabetical order. The walk function is invoked during dump. Therefore, test cases related to the tdc filter need to be added. Add test cases locally and perform the test. The test results are listed below: ./tdc.py -e 0811 ok 1 0811 - Add multiple basic filter with cmp ematch u8/link layer and default action and dump them ./tdc.py -e 5129 ok 1 5129 - List basic filters ./tdc.py -c bpf-filter ok 1 23c3 - Add cBPF filter with valid bytecode ok 2 1563 - Add cBPF filter with invalid bytecode ok 3 2334 - Add eBPF filter with valid object-file ok 4 2373 - Add eBPF filter with invalid object-file ok 5 4423 - Replace cBPF bytecode ok 6 5122 - Delete cBPF filter ok 7 e0a9 - List cBPF filters ./tdc.py -c cgroup ok 1 6273 - Add cgroup filter with cmp ematch u8/link layer and drop action ok 2 4721 - Add cgroup filter with cmp ematch u8/link layer with trans flag and pass action ok 3 d392 - Add cgroup filter with cmp ematch u16/link layer and pipe action ok 4 0234 - Add cgroup filter with cmp ematch u32/link layer and miltiple actions ok 5 8499 - Add cgroup filter with cmp ematch u8/network layer and pass action ok 6 b273 - Add cgroup filter with cmp ematch u8/network layer with trans flag and drop action ok 7 1934 - Add cgroup filter with cmp ematch u16/network layer and pipe action ok 8 2733 - Add cgroup filter with cmp ematch u32/network layer and miltiple actions ok 9 3271 - Add cgroup filter with NOT cmp ematch rule and pass action ok 10 2362 - Add cgroup filter with two ANDed cmp ematch rules and single action ok 11 9993 - Add cgroup filter with two ORed cmp ematch rules and single action ok 12 2331 - Add cgroup filter with two ANDed cmp ematch rules and one ORed ematch rule and single action ok 13 3645 - Add cgroup filter with two ANDed cmp ematch rules and one NOT ORed ematch rule and single action ok 14 b124 - Add cgroup filter with u32 ematch u8/zero offset and drop action ok 15 7381 - Add cgroup filter with u32 ematch u8/zero offset and invalid value >0xFF ok 16 2231 - Add cgroup filter with u32 ematch u8/positive offset and drop action ok 17 1882 - Add cgroup filter with u32 ematch u8/invalid mask >0xFF ok 18 1237 - Add cgroup filter with u32 ematch u8/missing offset ok 19 3812 - Add cgroup filter with u32 ematch u8/missing AT keyword ok 20 1112 - Add cgroup filter with u32 ematch u8/missing value ok 21 3241 - Add cgroup filter with u32 ematch u8/non-numeric value ok 22 e231 - Add cgroup filter with u32 ematch u8/non-numeric mask ok 23 4652 - Add cgroup filter with u32 ematch u8/negative offset and pass action ok 24 1331 - Add cgroup filter with u32 ematch u16/zero offset and pipe action ok 25 e354 - Add cgroup filter with u32 ematch u16/zero offset and invalid value >0xFFFF ok 26 3538 - Add cgroup filter with u32 ematch u16/positive offset and drop action ok 27 4576 - Add cgroup filter with u32 ematch u16/invalid mask >0xFFFF ok 28 b842 - Add cgroup filter with u32 ematch u16/missing offset ok 29 c924 - Add cgroup filter with u32 ematch u16/missing AT keyword ok 30 cc93 - Add cgroup filter with u32 ematch u16/missing value ok 31 123c - Add cgroup filter with u32 ematch u16/non-numeric value ok 32 3675 - Add cgroup filter with u32 ematch u16/non-numeric mask ok 33 1123 - Add cgroup filter with u32 ematch u16/negative offset and drop action ok 34 4234 - Add cgroup filter with u32 ematch u16/nexthdr+ offset and pass action ok 35 e912 - Add cgroup filter with u32 ematch u32/zero offset and pipe action ok 36 1435 - Add cgroup filter with u32 ematch u32/positive offset and drop action ok 37 1282 - Add cgroup filter with u32 ematch u32/missing offset ok 38 6456 - Add cgroup filter with u32 ematch u32/missing AT keyword ok 39 4231 - Add cgroup filter with u32 ematch u32/missing value ok 40 2131 - Add cgroup filter with u32 ematch u32/non-numeric value ok 41 f125 - Add cgroup filter with u32 ematch u32/non-numeric mask ok 42 4316 - Add cgroup filter with u32 ematch u32/negative offset and drop action ok 43 23ae - Add cgroup filter with u32 ematch u32/nexthdr+ offset and pipe action ok 44 23a1 - Add cgroup filter with canid ematch and single SFF ok 45 324f - Add cgroup filter with canid ematch and single SFF with mask ok 46 2576 - Add cgroup filter with canid ematch and multiple SFF ok 47 4839 - Add cgroup filter with canid ematch and multiple SFF with masks ok 48 6713 - Add cgroup filter with canid ematch and single EFF ok 49 4572 - Add cgroup filter with canid ematch and single EFF with mask ok 50 8031 - Add cgroup filter with canid ematch and multiple EFF ok 51 ab9d - Add cgroup filter with canid ematch and multiple EFF with masks ok 52 5349 - Add cgroup filter with canid ematch and a combination of SFF/EFF ok 53 c934 - Add cgroup filter with canid ematch and a combination of SFF/EFF with masks ok 54 4319 - Replace cgroup filter with diffferent match ok 55 4636 - Detele cgroup filter ./tdc.py -c flow ok 1 5294 - Add flow filter with map key and ops ok 2 3514 - Add flow filter with map key or ops ok 3 7534 - Add flow filter with map key xor ops ok 4 4524 - Add flow filter with map key rshift ops ok 5 0230 - Add flow filter with map key addend ops ok 6 2344 - Add flow filter with src map key ok 7 9304 - Add flow filter with proto map key ok 8 9038 - Add flow filter with proto-src map key ok 9 2a03 - Add flow filter with proto-dst map key ok 10 a073 - Add flow filter with iif map key ok 11 3b20 - Add flow filter with priority map key ok 12 8945 - Add flow filter with mark map key ok 13 c034 - Add flow filter with nfct map key ok 14 0205 - Add flow filter with nfct-src map key ok 15 5315 - Add flow filter with nfct-src map key ok 16 7849 - Add flow filter with nfct-proto-src map key ok 17 9902 - Add flow filter with nfct-proto-dst map key ok 18 6742 - Add flow filter with rt-classid map key ok 19 5432 - Add flow filter with sk-uid map key ok 20 4234 - Add flow filter with sk-gid map key ok 21 4522 - Add flow filter with vlan-tag map key ok 22 4253 - Add flow filter with rxhash map key ok 23 4452 - Add flow filter with hash key list ok 24 4341 - Add flow filter with muliple ops ok 25 4392 - List flow filters ok 26 4322 - Change flow filter with map key num ok 27 2320 - Replace flow filter with map key num ok 28 3213 - Delete flow filter with map key num ./tdc.py -c route ok 1 e122 - Add route filter with from and to tag ok 2 6573 - Add route filter with fromif and to tag ok 3 1362 - Add route filter with to flag and reclassify action ok 4 4720 - Add route filter with from flag and continue actions ok 5 2812 - Add route filter with form tag and pipe action ok 6 7994 - Add route filter with miltiple actions ok 7 4312 - List route filters ok 8 2634 - Delete route filter with pipe action ./tdc.py -c rsvp ok 1 2141 - Add rsvp filter with tcp proto and specific IP address ok 2 5267 - Add rsvp filter with udp proto and specific IP address ok 3 2819 - Add rsvp filter with src ip and src port ok 4 c967 - Add rsvp filter with tunnelid and continue action ok 5 5463 - Add rsvp filter with tunnel and pipe action ok 6 2332 - Add rsvp filter with miltiple actions ok 7 8879 - Add rsvp filter with tunnel and skp flag ok 8 8261 - List rsvp filters ok 9 8989 - Delete rsvp filter ./tdc.py -c tcindex ok 1 8293 - Add tcindex filter with default action ok 2 7281 - Add tcindex filter with hash size and pass action ok 3 b294 - Add tcindex filter with mask shift and reclassify action ok 4 0532 - Add tcindex filter with pass_on and continue actions ok 5 d473 - Add tcindex filter with pipe action ok 6 2940 - Add tcindex filter with miltiple actions ok 7 1893 - List tcindex filters ok 8 2041 - Change tcindex filter with pass action ok 9 9203 - Replace tcindex filter with pass action ok 10 7957 - Delete tcindex filter with drop action --- v2: rectify spelling error; The category name bpf in filters file is renamed to bpf-filter --- Zhengchao Shao (9): net/sched: cls_api: add helper for tc cls walker stats updating net/sched: use tc_cls_stats_update() in filter selftests/tc-testings: add selftests for bpf filter selftests/tc-testings: add selftests for cgroup filter selftests/tc-testings: add selftests for flow filter selftests/tc-testings: add selftests for route filter selftests/tc-testings: add selftests for rsvp filter selftests/tc-testings: add selftests for tcindex filter selftests/tc-testings: add list case for basic filter include/net/pkt_cls.h | 13 + net/sched/cls_basic.c | 9 +- net/sched/cls_bpf.c | 8 +- net/sched/cls_flow.c | 8 +- net/sched/cls_fw.c | 9 +- net/sched/cls_route.c | 9 +- net/sched/cls_rsvp.h | 9 +- net/sched/cls_tcindex.c | 18 +- net/sched/cls_u32.c | 20 +- .../tc-testing/tc-tests/filters/basic.json | 47 + .../tc-testing/tc-tests/filters/bpf.json | 171 +++ .../tc-testing/tc-tests/filters/cgroup.json | 1236 +++++++++++++++++ .../tc-testing/tc-tests/filters/flow.json | 623 +++++++++ .../tc-testing/tc-tests/filters/route.json | 181 +++ .../tc-testing/tc-tests/filters/rsvp.json | 203 +++ .../tc-testing/tc-tests/filters/tcindex.json | 227 +++ 16 files changed, 2716 insertions(+), 75 deletions(-) create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/bpf.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/cgroup.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/flow.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/route.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/rsvp.json create mode 100644 tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json -- 2.17.1

3 years

1
9
0 0

[PATCH v6 1/2] x86/fpu: Allow PKRU to be (once again) written by ptrace.

by Kyle Huey

From: Kyle Huey <me(a)kylehuey.com> When management of the PKRU register was moved away from XSTATE, emulation of PKRU's existence in XSTATE was added for reading PKRU through ptrace, but not for writing PKRU through ptrace. This can be seen by running gdb and executing `p $pkru`, `set $pkru = 42`, and `p $pkru`. On affected kernels (5.14+) the write to the PKRU register (which gdb performs through ptrace) is ignored. There are three APIs that write PKRU: sigreturn, PTRACE_SETREGSET with NT_X86_XSTATE, and KVM_SET_XSAVE. sigreturn still uses XRSTOR to write to PKRU. KVM_SET_XSAVE has its own special handling to make PKRU writes take effect (in fpu_copy_uabi_to_guest_fpstate). Push that down into copy_uabi_to_xstate and have PTRACE_SETREGSET with NT_X86_XSTATE pass in a pointer to the appropriate PKRU slot. copy_sigframe_from_user_to_xstate depends on copy_uabi_to_xstate populating the PKRU field in the task's XSTATE so that __fpu_restore_sig can do a XRSTOR from it, so continue doing that. This also adds code to initialize the PKRU value to the hardware init value (namely 0) if the PKRU bit is not set in the XSTATE header provided to ptrace, to match XRSTOR. Fixes: e84ba47e313d ("x86/fpu: Hook up PKRU into ptrace()") Signed-off-by: Kyle Huey <me(a)kylehuey.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Borislav Petkov <bp(a)suse.de> Cc: stable(a)vger.kernel.org # 5.14+ --- arch/x86/kernel/fpu/core.c | 20 +++++++++----------- arch/x86/kernel/fpu/regset.c | 2 +- arch/x86/kernel/fpu/signal.c | 2 +- arch/x86/kernel/fpu/xstate.c | 25 ++++++++++++++++++++----- arch/x86/kernel/fpu/xstate.h | 4 ++-- 5 files changed, 33 insertions(+), 20 deletions(-) diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index 3b28c5b25e12..c273669e8a00 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -391,8 +391,6 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, { struct fpstate *kstate = gfpu->fpstate; const union fpregs_state *ustate = buf; - struct pkru_state *xpkru; - int ret; if (!cpu_feature_enabled(X86_FEATURE_XSAVE)) { if (ustate->xsave.header.xfeatures & ~XFEATURE_MASK_FPSSE) @@ -406,16 +404,16 @@ int fpu_copy_uabi_to_guest_fpstate(struct fpu_guest *gfpu, const void *buf, if (ustate->xsave.header.xfeatures & ~xcr0) return -EINVAL; - ret = copy_uabi_from_kernel_to_xstate(kstate, ustate); - if (ret) - return ret; + /* + * Nullify @vpkru to preserve its current value if PKRU's bit isn't set + * in the header. KVM's odd ABI is to leave PKRU untouched in this + * case (all other components are eventually re-initialized). + * (Not clear that this is actually necessary for compat). + */ + if (!(ustate->xsave.header.xfeatures & XFEATURE_MASK_PKRU)) + vpkru = NULL; - /* Retrieve PKRU if not in init state */ - if (kstate->regs.xsave.header.xfeatures & XFEATURE_MASK_PKRU) { - xpkru = get_xsave_addr(&kstate->regs.xsave, XFEATURE_PKRU); - *vpkru = xpkru->pkru; - } - return 0; + return copy_uabi_from_kernel_to_xstate(kstate, ustate, vpkru); } EXPORT_SYMBOL_GPL(fpu_copy_uabi_to_guest_fpstate); #endif /* CONFIG_KVM */ diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index 75ffaef8c299..6d056b68f4ed 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -167,7 +167,7 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, } fpu_force_restore(fpu); - ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf); + ret = copy_uabi_from_kernel_to_xstate(fpu->fpstate, kbuf ?: tmpbuf, &target->thread.pkru); out: vfree(tmpbuf); diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 91d4b6de58ab..558076dbde5b 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -396,7 +396,7 @@ static bool __fpu_restore_sig(void __user *buf, void __user *buf_fx, fpregs = &fpu->fpstate->regs; if (use_xsave() && !fx_only) { - if (copy_sigframe_from_user_to_xstate(fpu->fpstate, buf_fx)) + if (copy_sigframe_from_user_to_xstate(tsk, buf_fx)) return false; } else { if (__copy_from_user(&fpregs->fxsave, buf_fx, diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index c8340156bfd2..8f14981a3936 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -1197,7 +1197,7 @@ static int copy_from_buffer(void *dst, unsigned int offset, unsigned int size, static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, - const void __user *ubuf) + const void __user *ubuf, u32 *pkru) { struct xregs_state *xsave = &fpstate->regs.xsave; unsigned int offset, size; @@ -1246,6 +1246,21 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, } } + /* + * Update the user protection key storage. Allow KVM to + * pass in a NULL pkru pointer if the mask bit is unset + * for its legacy ABI behavior. + */ + if (pkru) + *pkru = 0; + + if (hdr.xfeatures & XFEATURE_MASK_PKRU) { + struct pkru_state *xpkru; + + xpkru = __raw_xsave_addr(xsave, XFEATURE_PKRU); + *pkru = xpkru->pkru; + } + /* * The state that came in from userspace was user-state only. * Mask all the user states out of 'xfeatures': @@ -1264,9 +1279,9 @@ static int copy_uabi_to_xstate(struct fpstate *fpstate, const void *kbuf, * Convert from a ptrace standard-format kernel buffer to kernel XSAVE[S] * format and copy to the target thread. Used by ptrace and KVM. */ -int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) +int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru) { - return copy_uabi_to_xstate(fpstate, kbuf, NULL); + return copy_uabi_to_xstate(fpstate, kbuf, NULL, pkru); } /* @@ -1274,10 +1289,10 @@ int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf) * XSAVE[S] format and copy to the target thread. This is called from the * sigreturn() and rt_sigreturn() system calls. */ -int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, +int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf) { - return copy_uabi_to_xstate(fpstate, NULL, ubuf); + return copy_uabi_to_xstate(tsk->thread.fpu.fpstate, NULL, ubuf, &tsk->thread.pkru); } static bool validate_independent_components(u64 mask) diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 5ad47031383b..a4ecb04d8d64 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -46,8 +46,8 @@ extern void __copy_xstate_to_uabi_buf(struct membuf to, struct fpstate *fpstate, u32 pkru_val, enum xstate_copy_mode copy_mode); extern void copy_xstate_to_uabi_buf(struct membuf to, struct task_struct *tsk, enum xstate_copy_mode mode); -extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf); -extern int copy_sigframe_from_user_to_xstate(struct fpstate *fpstate, const void __user *ubuf); +extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru); +extern int copy_sigframe_from_user_to_xstate(struct task_struct *tsk, const void __user *ubuf); extern void fpu__init_cpu_xstate(void); -- 2.37.2 Changelog since v5: - Avoids a second copy from the uabi buffer as suggested. - Preserves old KVM_SET_XSAVE behavior where leaving the PKRU bit in the XSTATE header results in PKRU remaining unchanged instead of reinitializing it. - Fixed up patch metadata as requested. Changelog since v4: - Selftest additionally checks PKRU readbacks through ptrace. - Selftest flips all PKRU bits (except the default key). Changelog since v3: - The v3 patch is now part 1 of 2. - Adds a selftest in part 2 of 2. Changelog since v2: - Removed now unused variables in fpu_copy_uabi_to_guest_fpstate Changelog since v1: - Handles the error case of copy_to_buffer().

3 years

2
4
0 0

[PATCH v3 7/7] KVM: selftests: Add test for AArch32 ID registers

by Oliver Upton

Add a test to assert that KVM handles the AArch64 views of the AArch32 ID registers as RAZ/WI (writable only from userspace). For registers that were already hidden or unallocated, expect RAZ + invariant behavior. Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/aarch64/aarch32_id_regs.c | 169 ++++++++++++++++++ 3 files changed, 171 insertions(+) create mode 100644 tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index d625a3f83780..87d1a0b1bae0 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -1,4 +1,5 @@ # SPDX-License-Identifier: GPL-2.0-only +/aarch64/aarch32_id_regs /aarch64/arch_timer /aarch64/debug-exceptions /aarch64/get-reg-list diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 4c122f1b1737..784abe7f0962 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -144,6 +144,7 @@ TEST_GEN_PROGS_x86_64 += system_counter_offset_test # Compiled outputs used by test targets TEST_GEN_PROGS_EXTENDED_x86_64 += x86_64/nx_huge_pages_test +TEST_GEN_PROGS_aarch64 += aarch64/aarch32_id_regs TEST_GEN_PROGS_aarch64 += aarch64/arch_timer TEST_GEN_PROGS_aarch64 += aarch64/debug-exceptions TEST_GEN_PROGS_aarch64 += aarch64/get-reg-list diff --git a/tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c b/tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c new file mode 100644 index 000000000000..6f9c1f19c7f6 --- /dev/null +++ b/tools/testing/selftests/kvm/aarch64/aarch32_id_regs.c @@ -0,0 +1,169 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * aarch32_id_regs - Test for ID register behavior on AArch64-only systems + * + * Copyright (c) 2022 Google LLC. + * + * Test that KVM handles the AArch64 views of the AArch32 ID registers as RAZ + * and WI from userspace. + */ + +#include <stdint.h> + +#include "kvm_util.h" +#include "processor.h" +#include "test_util.h" + +#define BAD_ID_REG_VAL 0x1badc0deul + +#define GUEST_ASSERT_REG_RAZ(reg) GUEST_ASSERT_EQ(read_sysreg_s(reg), 0) + +static void guest_main(void) +{ + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_DFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_AFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR3_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR3_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR4_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR5_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR4_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_ISAR6_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR0_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_MVFR2_EL1); + GUEST_ASSERT_REG_RAZ(sys_reg(3, 0, 0, 3, 3)); + GUEST_ASSERT_REG_RAZ(SYS_ID_PFR2_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_DFR1_EL1); + GUEST_ASSERT_REG_RAZ(SYS_ID_MMFR5_EL1); + GUEST_ASSERT_REG_RAZ(sys_reg(3, 0, 0, 3, 7)); + + GUEST_DONE(); +} + +static void test_guest_raz(struct kvm_vcpu *vcpu) +{ + struct ucall uc; + + vcpu_run(vcpu); + + switch (get_ucall(vcpu, &uc)) { + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + break; + case UCALL_DONE: + break; + default: + TEST_FAIL("Unexpected ucall: %lu", uc.cmd); + } +} + +static uint64_t raz_wi_reg_ids[] = { + KVM_ARM64_SYS_REG(SYS_ID_PFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_PFR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_DFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR3_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR0_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR1_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR3_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR4_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR5_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR4_EL1), + KVM_ARM64_SYS_REG(SYS_ID_ISAR6_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR0_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR1_EL1), + KVM_ARM64_SYS_REG(SYS_MVFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_PFR2_EL1), + KVM_ARM64_SYS_REG(SYS_ID_MMFR5_EL1), +}; + +static void test_user_raz_wi(struct kvm_vcpu *vcpu) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(raz_wi_reg_ids); i++) { + uint64_t reg_id = raz_wi_reg_ids[i]; + uint64_t val; + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + + /* + * Expect the ioctl to succeed with no effect on the register + * value. + */ + vcpu_set_reg(vcpu, reg_id, BAD_ID_REG_VAL); + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + } +} + +static uint64_t raz_invariant_reg_ids[] = { + KVM_ARM64_SYS_REG(SYS_ID_AFR0_EL1), + KVM_ARM64_SYS_REG(sys_reg(3, 0, 0, 3, 3)), + KVM_ARM64_SYS_REG(SYS_ID_DFR1_EL1), + KVM_ARM64_SYS_REG(sys_reg(3, 0, 0, 3, 7)), +}; + +static void test_user_raz_invariant(struct kvm_vcpu *vcpu) +{ + int i, r; + + for (i = 0; i < ARRAY_SIZE(raz_invariant_reg_ids); i++) { + uint64_t reg_id = raz_invariant_reg_ids[i]; + uint64_t val; + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + + r = __vcpu_set_reg(vcpu, reg_id, BAD_ID_REG_VAL); + TEST_ASSERT(r < 0 && errno == EINVAL, + "unexpected KVM_SET_ONE_REG error: r=%d, errno=%d", r, errno); + + vcpu_get_reg(vcpu, reg_id, &val); + ASSERT_EQ(val, 0); + } +} + + + +static bool vcpu_aarch64_only(struct kvm_vcpu *vcpu) +{ + uint64_t val, el0; + + vcpu_get_reg(vcpu, KVM_ARM64_SYS_REG(SYS_ID_AA64PFR0_EL1), &val); + + el0 = (val & ARM64_FEATURE_MASK(ID_AA64PFR0_EL0)) >> ID_AA64PFR0_EL0_SHIFT; + return el0 == ID_AA64PFR0_ELx_64BIT_ONLY; +} + +int main(void) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + + vm = vm_create_with_one_vcpu(&vcpu, guest_main); + + TEST_REQUIRE(vcpu_aarch64_only(vcpu)); + + ucall_init(vm, NULL); + + test_user_raz_wi(vcpu); + test_user_raz_invariant(vcpu); + test_guest_raz(vcpu); + + ucall_uninit(vm); + kvm_vm_free(vm); +} -- 2.37.2.789.g6183377224-goog

3 years

1
0
0 0

make run_tests -C proc: proc-pid-vm assertion failed.

by Jie2x Zhou

hi, The test error is caused by g_vsyscall set failed. Error output: selftests: proc: proc-pid-vm proc-pid-vm: proc-pid-vm.c:389: main: Assertion `rv == len' failed. Aborted g_vsyscall is set to 0. In proc-pid-vm.c: /* * 0: vsyscall VMA doesn't exist vsyscall=none * 1: vsyscall VMA is r-xp vsyscall=emulate * 2: vsyscall VMA is --xp vsyscall=xonly */ static int g_vsyscall; static const char *str_vsyscall; static const char str_vsyscall_0[] = ""; static const char str_vsyscall_1[] = "ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]\n"; static const char str_vsyscall_2[] = "ffffffffff600000-ffffffffff601000 --xp 00000000 00:00 0 [vsyscall]\n"; The /proc/%u/maps output is: buf=100000000-100001000 r-xp 00000000 00:2d 2 /tmp/#2 (deleted) ffffffffff600000-ffffffffff601000 --xp 00000000 00:00 0 [vsyscall] So the g_vsyscall should be 2 according to commentary(2: vsyscall VMA is --xp). Is it a bug? best regards,

3 years

3
2
0 0

[PATCH] selftests/intel_pstate: fix build for ARCH=x86_64

by Ricardo Cañuelo

Handle the scenario where the build is launched with the ARCH envvar defined as x86_64. Signed-off-by: Ricardo Cañuelo <ricardo.canuelo(a)collabora.com> --- tools/testing/selftests/intel_pstate/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/intel_pstate/Makefile b/tools/testing/selftests/intel_pstate/Makefile index 39f0fa2a8fd6..05d66ef50c97 100644 --- a/tools/testing/selftests/intel_pstate/Makefile +++ b/tools/testing/selftests/intel_pstate/Makefile @@ -2,10 +2,10 @@ CFLAGS := $(CFLAGS) -Wall -D_GNU_SOURCE LDLIBS += -lm -uname_M := $(shell uname -m 2>/dev/null || echo not) -ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/) +ARCH ?= $(shell uname -m 2>/dev/null || echo not) +ARCH_PROCESSED := $(shell echo $(ARCH) | sed -e s/i.86/x86/ -e s/x86_64/x86/) -ifeq (x86,$(ARCH)) +ifeq (x86,$(ARCH_PROCESSED)) TEST_GEN_FILES := msr aperf endif -- 2.25.1

3 years

1
0
0 0

[PATCH v2 1/5] selftests/sgx: Retry the ioctl()'s returned with EAGAIN

by Jarkko Sakkinen

From: Haitao Huang <haitao.huang(a)linux.intel.com> For EMODT and EREMOVE ioctl()'s with a large range, kernel may not finish in one shot and return EAGAIN error code and count of bytes of EPC pages on that operations are finished successfully. Change the unclobbered_vdso_oversubscribed_remove test to rerun the ioctl()'s in a loop, updating offset and length using the byte count returned in each iteration. Fixes: 6507cce561b4 ("selftests/sgx: Page removal stress test") Signed-off-by: Haitao Huang <haitao.huang(a)linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko(a)kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v3: * Added a fixes tag. The bug is in v6.0 patches. * Added my tested-by (the bug reproduced in my NUC often). v2: * Changed branching in EAGAIN condition so that else branch is not required. * Addressed Reinette's feedback: --- tools/testing/selftests/sgx/main.c | 42 ++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 9820b3809c69..59cca806eda1 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -390,6 +390,7 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) struct encl_segment *heap; unsigned long total_mem; int ret, errno_save; + unsigned long count; unsigned long addr; unsigned long i; @@ -453,16 +454,30 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) modt_ioc.offset = heap->offset; modt_ioc.length = heap->size; modt_ioc.page_type = SGX_PAGE_TYPE_TRIM; - + count = 0; TH_LOG("Changing type of %zd bytes to trimmed may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + EXPECT_EQ(modt_ioc.result, 0); + + count += modt_ioc.count; + modt_ioc.offset += modt_ioc.count; + modt_ioc.length -= modt_ioc.count; + modt_ioc.result = 0; + modt_ioc.count = 0; + } while (modt_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); EXPECT_EQ(modt_ioc.result, 0); - EXPECT_EQ(modt_ioc.count, heap->size); + count += modt_ioc.count; + EXPECT_EQ(count, heap->size); /* EACCEPT all removed pages. */ addr = self->encl.encl_base + heap->offset; @@ -490,15 +505,26 @@ TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) remove_ioc.offset = heap->offset; remove_ioc.length = heap->size; - + count = 0; TH_LOG("Removing %zd bytes from enclave may take a while ...", heap->size); - ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); - errno_save = ret == -1 ? errno : 0; + do { + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); + + errno_save = ret == -1 ? errno : 0; + if (errno_save != EAGAIN) + break; + + count += remove_ioc.count; + remove_ioc.offset += remove_ioc.count; + remove_ioc.length -= remove_ioc.count; + remove_ioc.count = 0; + } while (remove_ioc.length != 0); EXPECT_EQ(ret, 0); EXPECT_EQ(errno_save, 0); - EXPECT_EQ(remove_ioc.count, heap->size); + count += remove_ioc.count; + EXPECT_EQ(count, heap->size); } TEST_F(enclave, clobbered_vdso) -- 2.37.2

3 years

2
7
0 0

[RFC PATCH] Hugetlb: Migrating hugetlb tests from libhugetlbfs

by Tarun Sahu

Libhugetlbfs is not being maintained actively, and some distro is dropping support for it. There are some tests that are good for testing hugetlb functionality in kernel, which can be migrated to either kernel kselftests or LTP. I am submitting this patch to get comments from community on the following 1. The test framework in ltp is most suitable for the tests that are in libhugetlbfs/tests/ which follow similar test framework. And there is already a section for hugetlb specific tests in LTP. So it makes more sense and less effort to migrate the test to LTP. Though I recommend migrating these tests to LTP, I would like to discuss tests should be migrated to LTP or kselftests. 2. Libhugetlbfs tests has license GNU Lesser GPL 2.1 or later, while kernel and LTP has license GPL2 or later, so can the test be migrated to kernel/kselftests or LTP. The below patch is libhugetlbfs/tests/direct.c which has been migrated to ltp/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c Signed-off-by: Tarun Sahu <tsahu(a)linux.ibm.com> --- runtest/hugetlb | 2 + testcases/kernel/mem/.gitignore | 1 + .../kernel/mem/hugetlb/hugemmap/hugemmap07.c | 106 ++++++++++++++++++ 3 files changed, 109 insertions(+) create mode 100644 testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c diff --git a/runtest/hugetlb b/runtest/hugetlb index f719217ab..ee02835d3 100644 --- a/runtest/hugetlb +++ b/runtest/hugetlb @@ -3,6 +3,8 @@ hugemmap02 hugemmap02 hugemmap04 hugemmap04 hugemmap05 hugemmap05 hugemmap06 hugemmap06 +hugemmap07 hugemmap07 + hugemmap05_1 hugemmap05 -m hugemmap05_2 hugemmap05 -s hugemmap05_3 hugemmap05 -s -m diff --git a/testcases/kernel/mem/.gitignore b/testcases/kernel/mem/.gitignore index ff2910533..df5256ec8 100644 --- a/testcases/kernel/mem/.gitignore +++ b/testcases/kernel/mem/.gitignore @@ -4,6 +4,7 @@ /hugetlb/hugemmap/hugemmap04 /hugetlb/hugemmap/hugemmap05 /hugetlb/hugemmap/hugemmap06 +/hugetlb/hugemmap/hugemmap07 /hugetlb/hugeshmat/hugeshmat01 /hugetlb/hugeshmat/hugeshmat02 /hugetlb/hugeshmat/hugeshmat03 diff --git a/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c new file mode 100644 index 000000000..798735ed0 --- /dev/null +++ b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap07.c @@ -0,0 +1,106 @@ +/* + * License/Copyright Details + */ + +#define _GNU_SOURCE +#include <stdio.h> +#include <sys/mount.h> +#include <limits.h> +#include <sys/param.h> +#include <sys/types.h> + +#include "tst_test.h" + +#define P0 "ffffffff" +#define IOSZ 4096 +char buf[IOSZ] __attribute__((aligned(IOSZ))); +static int fildes = -1, nfildes = -1; +static char TEMPFILE[MAXPATHLEN]; +static char NTEMPFILE[MAXPATHLEN]; + +void test_directio(void) +{ + long hpage_size; + void *p; + int ret; + + hpage_size = SAFE_READ_MEMINFO("Hugepagesize:"); + + fildes = SAFE_OPEN(TEMPFILE, O_RDWR | O_CREAT, 0600); + nfildes = SAFE_OPEN(NTEMPFILE, O_CREAT|O_EXCL|O_RDWR|O_DIRECT, 0600); + + p = mmap(NULL, hpage_size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fildes, 0); + if (p == MAP_FAILED) + tst_brk(TFAIL | TERRNO, "mmap() Failed on %s", TEMPFILE); + + memcpy(p, P0, 8); + + /* Direct write from huge page */ + ret = write(nfildes, p, IOSZ); + if (ret == -1) + tst_brk(TFAIL | TERRNO, "Direct-IO write from huge page"); + if (ret != IOSZ) + tst_brk(TFAIL, "Short direct-IO write from huge page"); + if (lseek(nfildes, 0, SEEK_SET) == -1) + tst_brk(TFAIL | TERRNO, "lseek"); + + /* Check for accuracy */ + ret = read(nfildes, buf, IOSZ); + if (ret == -1) + tst_brk(TFAIL | TERRNO, "Direct-IO read to normal memory"); + if (ret != IOSZ) + tst_brk(TFAIL, "Short direct-IO read to normal memory"); + if (memcmp(P0, buf, 8)) + tst_brk(TFAIL, "Memory mismatch after Direct-IO write"); + if (lseek(nfildes, 0, SEEK_SET) == -1) + tst_brk(TFAIL | TERRNO, "lseek"); + + /* Direct read to huge page */ + memset(p, 0, IOSZ); + ret = read(nfildes, p, IOSZ); + if (ret == -1) + tst_brk(TFAIL | TERRNO, "Direct-IO read to huge page"); + if (ret != IOSZ) + tst_brk(TFAIL, "Short direct-IO read to huge page"); + + /* Check for accuracy */ + if (memcmp(p, P0, 8)) + tst_brk(TFAIL, "Memory mismatch after Direct-IO read"); + tst_res(TPASS, "Successfully tested Hugepage Direct I/O"); +} + +void setup(void) +{ + if (tst_hugepages == 0) + tst_brk(TCONF, "Not enough hugepages for testing."); + + if (!Hopt) + Hopt = tst_get_tmpdir(); + SAFE_MOUNT("none", Hopt, "hugetlbfs", 0, NULL); + + snprintf(TEMPFILE, sizeof(TEMPFILE), "%s/mmapfile%d", Hopt, getpid()); + snprintf(NTEMPFILE, sizeof(NTEMPFILE), "%s/nmmapfile%d", "/home/", getpid()); +} + +void cleanup(void) +{ + close(fildes); + close(nfildes); + remove(TEMPFILE); + remove(NTEMPFILE); + umount2(Hopt, MNT_DETACH); +} + +static struct tst_test test = { + .needs_root = 1, + .needs_tmpdir = 1, + .options = (struct tst_option[]) { + {"H:", &Hopt, "Location of hugetlbfs, i.e. -H /var/hugetlbfs"}, + {"s:", &nr_opt, "Set the number of the been allocated hugepages"}, + {} + }, + .setup = setup, + .cleanup = cleanup, + .test_all = test_directio, + .hugepages = {2, TST_REQUEST}, +}; -- 2.31.1

3 years

2
4
0 0

[PATCH 0/7] mm/damon: minor fixes and cleanups

by SeongJae Park

This patchset contains minor fixes and cleanups for DAMON including - selftest for a bug we found before (Patch 1), - fix of region holes in vaddr corner case and a kunit test for it (Patches 2 and 3), and - documents/Kconfig updates for title wordsmithing (Patch 4) and more aggressive DAMON debugfs interface deprecation announcement (Patches 5-7). SeongJae Park (7): selftest/damon: add a test for duplicate context dirs creation mm/damon/core: avoid holes in newly set monitoring target ranges mm/damon/core-test: test damon_set_regions Docs/admin-guide/mm/damon: rename the title of the document mm/damon/Kconfig: Notify debugfs deprecation plan Docs/DAMON/start: mention the dependency as sysfs instead of debugfs Docs/admin-guide/mm/damon/usage: note DAMON debugfs interface deprecation plan Documentation/admin-guide/mm/damon/index.rst | 6 ++--- Documentation/admin-guide/mm/damon/start.rst | 13 +++------ Documentation/admin-guide/mm/damon/usage.rst | 5 ++++ mm/damon/Kconfig | 3 +++ mm/damon/core-test.h | 23 ++++++++++++++++ mm/damon/core.c | 24 +++++++++++++++++ tools/testing/selftests/damon/Makefile | 1 + .../debugfs_duplicate_context_creation.sh | 27 +++++++++++++++++++ 8 files changed, 89 insertions(+), 13 deletions(-) create mode 100644 tools/testing/selftests/damon/debugfs_duplicate_context_creation.sh -- 2.25.1

3 years

1
1
0 0

[PATCH v12 0/3] Add TDX Guest Attestation support

by Kuppuswamy Sathyanarayanan

Hi All, Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious hosts and some physical attacks. VM guest with TDX support is called as a TDX Guest. In TDX guest, attestation process is used to verify the TDX guest trustworthiness to other entities before provisioning secrets to the guest. For example, a key server may request for attestation before releasing the encryption keys to mount the encrypted rootfs or secondary drive. This patch set adds attestation support for the TDX guest. Details about the TDX attestation process and the steps involved are explained in the commit log of Patch 1/3 or in Documentation/x86/tdx.rst (added by patch 3/3). Following are the details of the patch set: Patch 1/3 -> Adds TDREPORT support. Patch 2/3 -> Adds selftest support for TDREPORT feature. Patch 3/3 -> Add attestation related documentation. Commit log history is maintained in the individual patches. Kuppuswamy Sathyanarayanan (3): x86/tdx: Add TDX Guest attestation interface driver selftests: tdx: Test TDX attestation GetReport support Documentation/x86: Document TDX attestation process Documentation/x86/tdx.rst | 75 +++++++++ arch/x86/coco/tdx/tdx.c | 112 +++++++++++++ arch/x86/include/uapi/asm/tdx.h | 54 ++++++ tools/arch/x86/include/uapi/asm/tdx.h | 54 ++++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/tdx/Makefile | 11 ++ tools/testing/selftests/tdx/config | 1 + tools/testing/selftests/tdx/tdx_attest_test.c | 155 ++++++++++++++++++ 8 files changed, 463 insertions(+) create mode 100644 arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/arch/x86/include/uapi/asm/tdx.h create mode 100644 tools/testing/selftests/tdx/Makefile create mode 100644 tools/testing/selftests/tdx/config create mode 100644 tools/testing/selftests/tdx/tdx_attest_test.c -- 2.34.1

3 years

7
19
0 0

[GIT PULL] KUnit fixes update for Linux 6.0-rc5

by Shuah Khan

Hi Linus, Please pull the following KUnit fixes update for Linux 6.0-rc5. This KUnit fixes update for Linux 6.0-rc5 consists of 2 fixes to test build and a fix to incorrect taint reason reporting. Please note that this update touches drivers/thunderbolt and drivers/virt Kconfig files. diff is attached. thanks, -- Shuah ---------------------------------------------------------------- The following changes since commit 41a55567b9e31cb852670684404654ec4fd0d8d6: module: kunit: Load .kunit_test_suites section when CONFIG_KUNIT=m (2022-08-15 13:51:07 -0600) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest tags/linux-kselftest-kunit-fixes-6.0-rc5 for you to fetch changes up to 2a2dfc869d3345ccdd91322b023f4b0da84acbe7: tools: Add new "test" taint to kernel-chktaint (2022-09-07 14:51:12 -0600) ---------------------------------------------------------------- linux-kselftest-kunit-fixes-6.0-rc5 This KUnit fixes update for Linux 6.0-rc5 consists of 2 fixes to test build and a fix to incorrect taint reason reporting. ---------------------------------------------------------------- Joe Fradley (1): tools: Add new "test" taint to kernel-chktaint Nico Pache (1): kunit: fix Kconfig for build-in tests USB4 and Nitro Enclaves Sander Vanheule (1): kunit: fix assert_type for comparison macros drivers/thunderbolt/Kconfig | 3 +-- drivers/virt/nitro_enclaves/Kconfig | 2 +- include/kunit/test.h | 6 +++--- tools/debugging/kernel-chktaint | 9 +++++++++ 4 files changed, 14 insertions(+), 6 deletions(-) ----------------------------------------------------------------

3 years

2
1
0 0

[PATCH -next 0/5] Optimize and bugfix for notifier error

by Zhao Gongyi

1. Fix non-working usage of negative values 2. Add checking after online or offline 3. Restore memory before exit 4. Correct test's name Zhao Gongyi (5): docs: notifier-error-inject: fix non-working usage of negative values selftests/memory-hotplug: Use 'printf' instead of 'echo' selftests/memory-hotplug: Add checking after online or offline selftests/memory-hotplug: Restore memory before exit docs: notifier-error-inject: Correct test's name .../fault-injection/notifier-error-inject.rst | 14 ++++--- .../memory-hotplug/mem-on-off-test.sh | 37 +++++++++++++++---- 2 files changed, 39 insertions(+), 12 deletions(-) -- 2.17.1

3 years

2
7
0 0

test ./tools/testing/selftests/bpf/test_offload.py failed

by Jie2x Zhou

hi, I try to know why output following error? I found that "disable_ifindex" file do not set read function, so return -EINVAL when do read. Is it a bug in test_offload.py? test output: selftests: bpf: test_offload.py Test destruction of generic XDP... ...... raise Exception("Command failed: %s\n%s" % (proc.args, stderr)) Exception: Command failed: cat /sys/kernel/debug/netdevsim/netdevsim0//ports/0/dev/hwstats/l3/disable_ifindex cat: /sys/kernel/debug/netdevsim/netdevsim0//ports/0/dev/hwstats/l3/disable_ifindex: Invalid argument not ok 20 selftests: bpf: test_offload.py # exit=1 source code: In drivers/net/netdevsim/hwstats.c: define NSIM_DEV_HWSTATS_FOPS(ACTION, TYPE) \ { \ .fops = { \ .open = simple_open, \ .write = nsim_dev_hwstats_do_write, \ .llseek = generic_file_llseek, \ .owner = THIS_MODULE, \ }, \ .action = ACTION, \ .type = TYPE, \ } static const struct nsim_dev_hwstats_fops nsim_dev_hwstats_l3_disable_fops = NSIM_DEV_HWSTATS_FOPS(NSIM_DEV_HWSTATS_DO_DISABLE, NETDEV_OFFLOAD_XSTATS_TYPE_L3); debugfs_create_file("disable_ifindex", 0600, hwstats->l3_ddir, hwstats, &nsim_dev_hwstats_l3_disable_fops.fops); In fs/read_write.c: ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos) { ...... if (file->f_op->read) ret = file->f_op->read(file, buf, count, pos); else if (file->f_op->read_iter) ret = new_sync_read(file, buf, count, pos); else ret = -EINVAL; ...... } best regards,

3 years

3
8
0 0

[net-next v4 0/6] net: support QUIC crypto

by Adel Abouchaev

QUIC requires end to end encryption of the data. The application usually prepares the data in clear text, encrypts and calls send() which implies multiple copies of the data before the packets hit the networking stack. Similar to kTLS, QUIC kernel offload of cryptography reduces the memory pressure by reducing the number of copies. The scope of kernel support is limited to the symmetric cryptography, leaving the handshake to the user space library. For QUIC in particular, the application packets that require symmetric cryptography are the 1RTT packets with short headers. Kernel will encrypt the application packets on transmission and decrypt on receive. This series implements Tx only, because in QUIC server applications Tx outweighs Rx by orders of magnitude. Supporting the combination of QUIC and GSO requires the application to correctly place the data and the kernel to correctly slice it. The encryption process appends an arbitrary number of bytes (tag) to the end of the message to authenticate it. The GSO value should include this overhead, the offload would then subtract the tag size to parse the input on Tx before chunking and encrypting it. With the kernel cryptography, the buffer copy operation is conjoined with the encryption operation. The memory bandwidth is reduced by 5-8%. When devices supporting QUIC encryption in hardware come to the market, we will be able to free further 7% of CPU utilization which is used today for crypto operations. Adel Abouchaev (6): Documentation on QUIC kernel Tx crypto. Define QUIC specific constants, control and data plane structures Add UDP ULP operations, initialization and handling prototype functions. Implement QUIC offload functions Add flow counters and Tx processing error counter Add self tests for ULP operations, flow setup and crypto tests Documentation/networking/index.rst | 1 + Documentation/networking/quic.rst | 215 ++++ include/net/inet_sock.h | 2 + include/net/netns/mib.h | 3 + include/net/quic.h | 63 + include/net/snmp.h | 6 + include/net/udp.h | 33 + include/uapi/linux/quic.h | 68 ++ include/uapi/linux/snmp.h | 9 + include/uapi/linux/udp.h | 4 + net/Kconfig | 1 + net/Makefile | 1 + net/ipv4/Makefile | 3 +- net/ipv4/udp.c | 15 + net/ipv4/udp_ulp.c | 192 +++ net/quic/Kconfig | 16 + net/quic/Makefile | 8 + net/quic/quic_main.c | 1533 ++++++++++++++++++++++++ net/quic/quic_proc.c | 45 + security/security.c | 1 + tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 3 +- tools/testing/selftests/net/quic.c | 1369 +++++++++++++++++++++ tools/testing/selftests/net/quic.sh | 46 + 24 files changed, 3636 insertions(+), 2 deletions(-) create mode 100644 Documentation/networking/quic.rst create mode 100644 include/net/quic.h create mode 100644 include/uapi/linux/quic.h create mode 100644 net/ipv4/udp_ulp.c create mode 100644 net/quic/Kconfig create mode 100644 net/quic/Makefile create mode 100644 net/quic/quic_main.c create mode 100644 net/quic/quic_proc.c create mode 100644 tools/testing/selftests/net/quic.c create mode 100755 tools/testing/selftests/net/quic.sh -- 2.30.2

3 years

2
7
0 0

[PATCH v2 5/5] selftests/sgx: Add SGX selftest augment_via_eaccept_long

by Jarkko Sakkinen

From: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Add a new test case which is same as augment_via_eaccept but adds a larger number of EPC pages to stress test EAUG via EACCEPT. Signed-off-by: Vijay Dhanraj <vijay.dhanraj(a)intel.com> Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v8: - Specify dynamic heap size in side the test case. v7: - Contains now only the test case. Support for dynamic heap is prepared in prepending patches. v6: - Address Reinette's feedback: https://lore.kernel.org/linux-sgx/Yw6%2FiTzSdSw%2FY%2FVO@kernel.org/ v5: - Add the klog dump and sysctl option to the commit message. v4: - Explain expectations for dirty_page_list in the function header, instead of an inline comment. - Improve commit message to explain the conditions better. - Return the number of pages left dirty to ksgxd() and print warning after the 2nd call, if there are any. v3: - Remove WARN_ON(). - Tuned comments and the commit message a bit. v2: - Replaced WARN_ON() with optional pr_info() inside __sgx_sanitize_pages(). - Rewrote the commit message. - Added the fixes tag. --- tools/testing/selftests/sgx/main.c | 112 ++++++++++++++++++++++++++++- 1 file changed, 111 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 78c3b913ce10..e596b45bc5f8 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -22,8 +22,10 @@ #include "main.h" static const size_t ENCL_HEAP_SIZE_DEFAULT = PAGE_SIZE; +static const unsigned long TIMEOUT_DEFAULT = 900; static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; + vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; /* @@ -387,7 +389,7 @@ TEST_F(enclave, unclobbered_vdso_oversubscribed) EXPECT_EQ(self->run.user_data, 0); } -TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) +TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, TIMEOUT_DEFAULT) { struct sgx_enclave_remove_pages remove_ioc; struct sgx_enclave_modify_types modt_ioc; @@ -1245,6 +1247,114 @@ TEST_F(enclave, augment_via_eaccept) munmap(addr, PAGE_SIZE); } +/* + * Test for the addition of large number of pages to an initialized enclave via + * a pre-emptive run of EACCEPT on every page to be added. + */ +TEST_F_TIMEOUT(enclave, augment_via_eaccept_long, TIMEOUT_DEFAULT) +{ + /* + * The dynamic heap size was chosen based on a bug report: + * Message-ID: + * <DM8PR11MB55912A7F47A84EC9913A6352F6999(a)DM8PR11MB5591.namprd11.prod.outlook.com> + */ + static const unsigned long DYNAMIC_HEAP_SIZE = 0x200000L * PAGE_SIZE; + struct encl_op_get_from_addr get_addr_op; + struct encl_op_put_to_addr put_addr_op; + struct encl_op_eaccept eaccept_op; + size_t total_size = 0; + unsigned long i; + void *addr; + + if (!sgx2_supported()) + SKIP(return, "SGX2 not supported"); + + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, DYNAMIC_HEAP_SIZE, + &self->encl, _metadata)); + + memset(&self->run, 0, sizeof(self->run)); + self->run.tcs = self->encl.encl_base; + + for (i = 0; i < self->encl.nr_segments; i++) { + struct encl_segment *seg = &self->encl.segment_tbl[i]; + + total_size += seg->size; + } + + /* + * mmap() every page at end of existing enclave to be used for + * EDMM. + */ + addr = mmap((void *)self->encl.encl_base + total_size, DYNAMIC_HEAP_SIZE, + PROT_READ | PROT_WRITE | PROT_EXEC, MAP_SHARED | MAP_FIXED, + self->encl.fd, 0); + EXPECT_NE(addr, MAP_FAILED); + + self->run.exception_vector = 0; + self->run.exception_error_code = 0; + self->run.exception_addr = 0; + + /* + * Run EACCEPT on every page to trigger the #PF->EAUG->EACCEPT(again + * without a #PF). All should be transparent to userspace. + */ + eaccept_op.flags = SGX_SECINFO_R | SGX_SECINFO_W | SGX_SECINFO_REG | SGX_SECINFO_PENDING; + eaccept_op.ret = 0; + eaccept_op.header.type = ENCL_OP_EACCEPT; + + for (i = 0; i < DYNAMIC_HEAP_SIZE; i += PAGE_SIZE) { + eaccept_op.epc_addr = (uint64_t)(addr + i); + + EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0); + if (self->run.exception_vector == 14 && + self->run.exception_error_code == 4 && + self->run.exception_addr == self->encl.encl_base) { + munmap(addr, DYNAMIC_HEAP_SIZE); + SKIP(return, "Kernel does not support adding pages to initialized enclave"); + } + + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + ASSERT_EQ(eaccept_op.ret, 0); + ASSERT_EQ(self->run.function, EEXIT); + } + + /* + * Pool of pages were successfully added to enclave. Perform sanity + * check on first page of the pool only to ensure data can be written + * to and read from a dynamically added enclave page. + */ + put_addr_op.value = MAGIC; + put_addr_op.addr = (unsigned long)addr; + put_addr_op.header.type = ENCL_OP_PUT_TO_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + /* + * Read memory from newly added page that was just written to, + * confirming that data previously written (MAGIC) is present. + */ + get_addr_op.value = 0; + get_addr_op.addr = (unsigned long)addr; + get_addr_op.header.type = ENCL_OP_GET_FROM_ADDRESS; + + EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0); + + EXPECT_EQ(get_addr_op.value, MAGIC); + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + + munmap(addr, DYNAMIC_HEAP_SIZE); +} + /* * SGX2 page type modification test in two phases: * Phase 1: -- 2.37.2

3 years

2
3
0 0

[PATCH v2 4/5] selftests/sgx: Include the dynamic heap size to the ELRANGE calculation

by Jarkko Sakkinen

When calculating ELRANGE, i.e. the address range defined for an enclave, and represented by encl->encl_size, also dynamic memory should be taken into account. Implement setup_test_encl_dynamic() with dynamic_size parameter for the dynamic heap size, and use it in 'augment_via_eaccept' and 'augment' tests. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- v2: * Specify a dynamic heap of three pages for tcs_create test. * Specify required dynamic heap inside the test cases instead of ENCL_DYNAMIC_SIZE_DEFAULT because the dynamic heaps size varies between the test cases. --- tools/testing/selftests/sgx/load.c | 5 +++-- tools/testing/selftests/sgx/main.c | 22 +++++++++++++++------- tools/testing/selftests/sgx/main.h | 3 ++- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 3b4e2422fb09..963a5c6bbbdc 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -171,7 +171,8 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) return 0; } -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long dynamic_size) { const char device_path[] = "/dev/sgx_enclave"; unsigned long contents_size; @@ -299,7 +300,7 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) if (seg->src == MAP_FAILED) goto err; - contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; + contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size + dynamic_size; for (encl->encl_size = 4096; encl->encl_size < contents_size; ) encl->encl_size <<= 1; diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index a1850e139c99..78c3b913ce10 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -173,8 +173,8 @@ FIXTURE(enclave) { struct sgx_enclave_run run; }; -static bool setup_test_encl(unsigned long heap_size, struct encl *encl, - struct __test_metadata *_metadata) +static bool setup_test_encl_dynamic(unsigned long heap_size, unsigned long dynamic_size, + struct encl *encl, struct __test_metadata *_metadata) { Elf64_Sym *sgx_enter_enclave_sym = NULL; struct vdso_symtab symtab; @@ -184,7 +184,7 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, unsigned int i; void *addr; - if (!encl_load("test_encl.elf", encl, heap_size)) { + if (!encl_load("test_encl.elf", encl, heap_size, dynamic_size)) { encl_delete(encl); TH_LOG("Failed to load the test enclave."); return false; @@ -251,6 +251,12 @@ static bool setup_test_encl(unsigned long heap_size, struct encl *encl, return false; } +static bool setup_test_encl(unsigned long heap_size, struct encl *encl, + struct __test_metadata *_metadata) +{ + return setup_test_encl_dynamic(heap_size, 0, encl, _metadata); +} + FIXTURE_SETUP(enclave) { } @@ -1013,7 +1019,8 @@ TEST_F(enclave, augment) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, PAGE_SIZE, &self->encl, + _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1143,7 +1150,8 @@ TEST_F(enclave, augment_via_eaccept) if (!sgx2_supported()) SKIP(return, "SGX2 not supported"); - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, PAGE_SIZE, &self->encl, + _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; @@ -1264,8 +1272,8 @@ TEST_F(enclave, tcs_create) int errno_save; int ret, i; - ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, - _metadata)); + ASSERT_TRUE(setup_test_encl_dynamic(ENCL_HEAP_SIZE_DEFAULT, 3 * PAGE_SIZE, &self->encl, + _metadata)); memset(&self->run, 0, sizeof(self->run)); self->run.tcs = self->encl.encl_base; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index 9c1bc0d9b43c..8f77ce56ad09 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -32,7 +32,8 @@ extern unsigned char sign_key[]; extern unsigned char sign_key_end[]; void encl_delete(struct encl *ctx); -bool encl_load(const char *path, struct encl *encl, unsigned long heap_size); +bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, + unsigned long dynamic_size); bool encl_measure(struct encl *encl); bool encl_build(struct encl *encl); uint64_t encl_get_entry(struct encl *encl, const char *symbol); -- 2.37.2

3 years

2
1
0 0

[PATCH v2 3/5] selftests/sgx: Use encl->encl_size in sigstruct.c

by Jarkko Sakkinen

The final enclave address range (referred as ELRANGE in Intel SDM) calculation is a reminiscent of signing tool being a separate command-line utility, and sigstruct being produced during the compilation. Given that nowadays the sigstruct is calculated on-fly, use the readily calculated encl->encl_size instead, in order to remove duplicate code. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/load.c | 5 +++-- tools/testing/selftests/sgx/main.h | 1 - tools/testing/selftests/sgx/sigstruct.c | 8 ++------ 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 94bdeac1cf04..3b4e2422fb09 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -174,6 +174,7 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) { const char device_path[] = "/dev/sgx_enclave"; + unsigned long contents_size; struct encl_segment *seg; Elf64_Phdr *phdr_tbl; off_t src_offset; @@ -298,9 +299,9 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size) if (seg->src == MAP_FAILED) goto err; - encl->src_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; + contents_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size; - for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + for (encl->encl_size = 4096; encl->encl_size < contents_size; ) encl->encl_size <<= 1; return true; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index 82b33f8db048..9c1bc0d9b43c 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -20,7 +20,6 @@ struct encl { void *bin; off_t bin_size; void *src; - size_t src_size; size_t encl_size; off_t encl_base; unsigned int nr_segments; diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c index 50c5ab1aa6fa..0c7678d2594b 100644 --- a/tools/testing/selftests/sgx/sigstruct.c +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -212,13 +212,9 @@ struct mrecreate { } __attribute__((__packed__)); -static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t blob_size) +static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t encl_size) { struct mrecreate mrecreate; - uint64_t encl_size; - - for (encl_size = 0x1000; encl_size < blob_size; ) - encl_size <<= 1; memset(&mrecreate, 0, sizeof(mrecreate)); mrecreate.tag = MRECREATE; @@ -343,7 +339,7 @@ bool encl_measure(struct encl *encl) if (!ctx) goto err; - if (!mrenclave_ecreate(ctx, encl->src_size)) + if (!mrenclave_ecreate(ctx, encl->encl_size)) goto err; for (i = 0; i < encl->nr_segments; i++) { -- 2.37.2

3 years

2
1
0 0

[PATCH v2 2/5] selftests/sgx: Move ENCL_HEAP_SIZE_DEFAULT to main.c

by Jarkko Sakkinen

Move ENCL_HEAP_SIZE_DEFAULT to main.c because all the other constants are also there, and it is only used locally there. Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org> --- tools/testing/selftests/sgx/main.c | 1 + tools/testing/selftests/sgx/main.h | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 59cca806eda1..a1850e139c99 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -21,6 +21,7 @@ #include "../kselftest_harness.h" #include "main.h" +static const size_t ENCL_HEAP_SIZE_DEFAULT = PAGE_SIZE; static const uint64_t MAGIC = 0x1122334455667788ULL; static const uint64_t MAGIC2 = 0x8877665544332211ULL; vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave; diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h index fc585be97e2f..82b33f8db048 100644 --- a/tools/testing/selftests/sgx/main.h +++ b/tools/testing/selftests/sgx/main.h @@ -6,8 +6,6 @@ #ifndef MAIN_H #define MAIN_H -#define ENCL_HEAP_SIZE_DEFAULT 4096 - struct encl_segment { void *src; off_t offset; -- 2.37.2

3 years

2
1
0 0

[PATCH 0/7] bpf: Add fd modes check for map iter and extend libbpf

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> Add a missing fd modes check in map iterators, potentially causing unauthorized map writes by eBPF programs attached to the iterator. Use this patch set as an opportunity to start a discussion with the cgroup developers about whether a security check is missing or not for their iterator. Also, extend libbpf with the _opts variant of bpf_*_get_fd_by_id(). Only bpf_map_get_fd_by_id_opts() is really useful in this patch set, to ensure that the creation of a map iterator fails with a read-only fd. Add all variants in this patch set for symmetry with bpf_map_get_fd_by_id_opts(), and because all the variants share the same opts structure. Also, add all the variants here, to shrink the patch set fixing map permissions requested by bpftool, so that the remaining patches are only about the latter. Finally, extend the bpf_iter test with the read-only fd check, and test each _opts variant of bpf_*_get_fd_by_id(). Roberto Sassu (7): bpf: Add missing fd modes check for map iterators libbpf: Define bpf_get_fd_opts and introduce bpf_map_get_fd_by_id_opts() libbpf: Introduce bpf_prog_get_fd_by_id_opts() libbpf: Introduce bpf_btf_get_fd_by_id_opts() libbpf: Introduce bpf_link_get_fd_by_id_opts() selftests/bpf: Ensure fd modes are checked for map iters and destroy links selftests/bpf: Add tests for _opts variants of libbpf include/linux/bpf.h | 2 +- kernel/bpf/inode.c | 2 +- kernel/bpf/map_iter.c | 3 +- kernel/bpf/syscall.c | 8 +- net/core/bpf_sk_storage.c | 3 +- net/core/sock_map.c | 3 +- tools/lib/bpf/bpf.c | 47 +++++- tools/lib/bpf/bpf.h | 16 ++ tools/lib/bpf/libbpf.map | 10 +- tools/lib/bpf/libbpf_version.h | 2 +- .../selftests/bpf/prog_tests/bpf_iter.c | 34 +++- .../bpf/prog_tests/libbpf_get_fd_opts.c | 145 ++++++++++++++++++ .../bpf/progs/test_libbpf_get_fd_opts.c | 49 ++++++ 13 files changed, 309 insertions(+), 15 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/libbpf_get_fd_opts.c create mode 100644 tools/testing/selftests/bpf/progs/test_libbpf_get_fd_opts.c -- 2.25.1

3 years

2
12
0 0

[PATCH] selftests/cgroup: fix repeated words in comments

by wangjianli

Delete the redundant word 'in'. Signed-off-by: wangjianli <wangjianli(a)cdjrlc.com> --- tools/testing/selftests/cgroup/test_freezer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/cgroup/test_freezer.c b/tools/testing/selftests/cgroup/test_freezer.c index ff519029f6f4..b479434e87b7 100644 --- a/tools/testing/selftests/cgroup/test_freezer.c +++ b/tools/testing/selftests/cgroup/test_freezer.c @@ -740,7 +740,7 @@ static int test_cgfreezer_ptraced(const char *root) /* * cg_check_frozen(cgroup, true) will fail here, - * because the task in in the TRACEd state. + * because the task in the TRACEd state. */ if (cg_freeze_wait(cgroup, false)) goto cleanup; -- 2.36.1

3 years

3
2
0 0

[PATCH] selftests/kexec: fix build for ARCH=x86_64

by Ricardo Cañuelo

Handle the scenario where the build is launched with the ARCH envvar defined as x86_64. Signed-off-by: Ricardo Cañuelo <ricardo.canuelo(a)collabora.com> --- tools/testing/selftests/kexec/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kexec/Makefile b/tools/testing/selftests/kexec/Makefile index 806a150648c3..67fe7a46cb62 100644 --- a/tools/testing/selftests/kexec/Makefile +++ b/tools/testing/selftests/kexec/Makefile @@ -1,10 +1,10 @@ # SPDX-License-Identifier: GPL-2.0-only # Makefile for kexec tests -uname_M := $(shell uname -m 2>/dev/null || echo not) -ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/) +ARCH ?= $(shell uname -m 2>/dev/null || echo not) +ARCH_PROCESSED := $(shell echo $(ARCH) | sed -e s/i.86/x86/ -e s/x86_64/x86/) -ifeq ($(ARCH),$(filter $(ARCH),x86 ppc64le)) +ifeq ($(ARCH_PROCESSED),$(filter $(ARCH_PROCESSED),x86 ppc64le)) TEST_PROGS := test_kexec_load.sh test_kexec_file_load.sh TEST_FILES := kexec_common_lib.sh -- 2.25.1

3 years

1
0
0 0

kselftest/next kselftest-lkdtm: 5 runs, 1 regressions (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761)

by kernelci.org bot

kselftest/next kselftest-lkdtm: 5 runs, 1 regressions (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/job/kselftest/branch/next/kernel/linux-kselftest-… Test: kselftest-lkdtm Tree: kselftest Branch: next Describe: linux-kselftest-next-6.0-rc2-11-g144eeb2fc761 URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git SHA: 144eeb2fc761f966f71ab8b4b7d2a2198ecc400f Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ----------------+------+---------------+----------+------------------------------+------------ imx6q-sabrelite | arm | lab-collabora | gcc-10 | multi_v7_defconfig+kselftest | 1 Details: https://kernelci.org/test/plan/id/6319235877d2cc81a935564f Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig+kselftest Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-1… HTML log: https://storage.kernelci.org//kselftest/next/linux-kselftest-next-6.0-rc2-1… Rootfs: http://storage.kernelci.org/images/rootfs/debian/bullseye-kselftest/2022082… * kselftest-lkdtm.login: https://kernelci.org/test/case/id/6319235877d2cc81a9355650 failing since 15 days (last pass: v6.0-rc1-1-gf1227dc7d0411, first fail: linux-kselftest-next-6.0-rc2-1-gab7039dbcc61)

3 years

1
0
0 0

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761)

by kernelci.org bot

kselftest/next build: 8 builds: 0 failed, 8 passed (linux-kselftest-next-6.0-rc2-11-g144eeb2fc761) Full Build Summary: https://kernelci.org/build/kselftest/branch/next/kernel/linux-kselftest-nex… Tree: kselftest Branch: next Git Describe: linux-kselftest-next-6.0-rc2-11-g144eeb2fc761 Git Commit: 144eeb2fc761f966f71ab8b4b7d2a2198ecc400f Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git Built: 4 unique architectures ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- defconfig+kselftest (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig+kselftest (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+kselftest (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, clang-15) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

3 years

1
0
0 0

[PATCH -next v3 0/5] Optimize and bugfix for cpu-on-off-test.sh

by Zhao Gongyi

1. Correct log info 2. Replace exit with return to make the test exit gracefully 3. Delete fault injection related code 4. Reserve one cpu online when the test offline all cpus 5. Add log info when run full test successfully Changes in v3: - Remove config file for patch 2 - Update information of cover letter Changes in v2: - Update change log of patch 2 - Update exiting value to avoid incorrect report for patch 2 - Keep online_cpu_expect_fail() and offline_cpu_expect_fail() for patch 3 Zhao Gongyi (5): selftests/cpu-hotplug: Correct log info selftests/cpu-hotplug: Use return instead of exit selftests/cpu-hotplug: Delete fault injection related code selftests/cpu-hotplug: Reserve one cpu online at least selftests/cpu-hotplug: Add log info when test success tools/testing/selftests/cpu-hotplug/Makefile | 2 +- tools/testing/selftests/cpu-hotplug/config | 1 - .../selftests/cpu-hotplug/cpu-on-off-test.sh | 140 +++++------------- 3 files changed, 37 insertions(+), 106 deletions(-) delete mode 100644 tools/testing/selftests/cpu-hotplug/config -- 2.17.1

3 years

2
6
0 0

[PATCH bpf-next v11 0/7] bpf-core changes for preparation of

by Benjamin Tissoires

Hi, well, given that the HID changes haven't moved a lot in the past revisions and that I am cc-ing a bunch of people, I have dropped them while we focus on the last 2 requirements in bpf-core changes. I'll submit a HID targeted series when we get these in tree, which would make things a lore more independent. For reference, the whole reasons for these 2 main changes are at https://lore.kernel.org/bpf/20220902132938.2409206-1-benjamin.tissoires@red… Compared to v10 (in addition of dropping the HID changes), I have changed the selftests so we can test both light skeletons and libbbpf calls. Cheers, Benjamin Benjamin Tissoires (7): selftests/bpf: regroup and declare similar kfuncs selftests in an array bpf: split btf_check_subprog_arg_match in two bpf/verifier: allow all functions to read user provided context selftests/bpf: add test for accessing ctx from syscall program type bpf/btf: bump BTF_KFUNC_SET_MAX_CNT bpf/verifier: allow kfunc to return an allocated mem selftests/bpf: Add tests for kfunc returning a memory pointer include/linux/bpf.h | 11 +- include/linux/bpf_verifier.h | 2 + include/linux/btf.h | 10 + kernel/bpf/btf.c | 149 ++++++++++-- kernel/bpf/verifier.c | 66 +++-- net/bpf/test_run.c | 37 +++ tools/testing/selftests/bpf/Makefile | 5 +- .../selftests/bpf/prog_tests/kfunc_call.c | 227 ++++++++++++++++-- .../selftests/bpf/progs/kfunc_call_fail.c | 160 ++++++++++++ .../selftests/bpf/progs/kfunc_call_test.c | 71 ++++++ 10 files changed, 678 insertions(+), 60 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/kfunc_call_fail.c -- 2.36.1

3 years

4
15
0 0

[PATCH][next] kselftest/arm64: Fix spelling misakes of signal names

by Colin Ian King

There are a couple of spelling mistakes of signame names. Fix them. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- tools/testing/selftests/arm64/fp/fp-stress.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fp-stress.c b/tools/testing/selftests/arm64/fp/fp-stress.c index 01cef1962ab5..a5c0ebef2419 100644 --- a/tools/testing/selftests/arm64/fp/fp-stress.c +++ b/tools/testing/selftests/arm64/fp/fp-stress.c @@ -247,7 +247,7 @@ static void handle_child_signal(int sig, siginfo_t *info, void *context) } if (!found) - ksft_print_msg("SIGCHILD for unknown PID %d with status %d\n", + ksft_print_msg("SIGCHLD for unknown PID %d with status %d\n", info->si_pid, info->si_status); } @@ -457,7 +457,7 @@ int main(int argc, char **argv) strerror(errno), errno); ret = sigaction(SIGTERM, &sa, NULL); if (ret < 0) - ksft_print_msg("Failed to install SIGTEM handler: %s (%d)\n", + ksft_print_msg("Failed to install SIGTERM handler: %s (%d)\n", strerror(errno), errno); sa.sa_sigaction = handle_child_signal; ret = sigaction(SIGCHLD, &sa, NULL); -- 2.37.1

3 years

2
1
0 0

[PATCH] kselftest/arm64: Install signal handlers before output in FP stress tests

by Mark Brown

To interface more robustly with other processes install the signal handers in the floating point stress tests before we produce any output, this means that a parent process can know that if it has seen any output from the test then the test is ready to handle incoming signals. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Resending with signoff added, was missed on previous postings. .../testing/selftests/arm64/fp/fpsimd-test.S | 48 +++++++++---------- tools/testing/selftests/arm64/fp/sve-test.S | 48 +++++++++---------- tools/testing/selftests/arm64/fp/za-test.S | 48 +++++++++---------- 3 files changed, 72 insertions(+), 72 deletions(-) diff --git a/tools/testing/selftests/arm64/fp/fpsimd-test.S b/tools/testing/selftests/arm64/fp/fpsimd-test.S index f0f92192351a..918d04885a33 100644 --- a/tools/testing/selftests/arm64/fp/fpsimd-test.S +++ b/tools/testing/selftests/arm64/fp/fpsimd-test.S @@ -216,6 +216,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + // Sanity-check and report the vector length mov x19, #128 @@ -246,30 +270,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - mov x22, #0 // generation number, increments per iteration .Ltest_loop: diff --git a/tools/testing/selftests/arm64/fp/sve-test.S b/tools/testing/selftests/arm64/fp/sve-test.S index 79c56e6c5b23..2a18cb4c528c 100644 --- a/tools/testing/selftests/arm64/fp/sve-test.S +++ b/tools/testing/selftests/arm64/fp/sve-test.S @@ -379,6 +379,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // Irritation signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + #ifdef SSVE puts "Streaming mode " smstart_sm @@ -414,30 +438,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - #ifdef SSVE smstart_sm // syscalls will have exited streaming mode #endif diff --git a/tools/testing/selftests/arm64/fp/za-test.S b/tools/testing/selftests/arm64/fp/za-test.S index 901839107205..53c54af65704 100644 --- a/tools/testing/selftests/arm64/fp/za-test.S +++ b/tools/testing/selftests/arm64/fp/za-test.S @@ -232,6 +232,30 @@ endfunction .globl _start function _start _start: + mov x23, #0 // signal count + + mov w0, #SIGINT + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGTERM + adr x1, terminate_handler + mov w2, #SA_SIGINFO + bl setsignal + + mov w0, #SIGUSR1 + adr x1, irritator_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + + mov w0, #SIGUSR2 + adr x1, tickle_handler + mov w2, #SA_SIGINFO + orr w2, w2, #SA_NODEFER + bl setsignal + puts "Streaming mode " smstart_za @@ -264,30 +288,6 @@ _start: mov x0, x20 bl putdecn - mov x23, #0 // Irritation signal count - - mov w0, #SIGINT - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGTERM - adr x1, terminate_handler - mov w2, #SA_SIGINFO - bl setsignal - - mov w0, #SIGUSR1 - adr x1, irritator_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - - mov w0, #SIGUSR2 - adr x1, tickle_handler - mov w2, #SA_SIGINFO - orr w2, w2, #SA_NODEFER - bl setsignal - mov x22, #0 // generation number, increments per iteration .Ltest_loop: rdsvl 0, 8 -- 2.30.2

3 years

2
1
0 0

[net-next v3 0/6] net: support QUIC crypto

by Adel Abouchaev

QUIC requires end to end encryption of the data. The application usually prepares the data in clear text, encrypts and calls send() which implies multiple copies of the data before the packets hit the networking stack. Similar to kTLS, QUIC kernel offload of cryptography reduces the memory pressure by reducing the number of copies. The scope of kernel support is limited to the symmetric cryptography, leaving the handshake to the user space library. For QUIC in particular, the application packets that require symmetric cryptography are the 1RTT packets with short headers. Kernel will encrypt the application packets on transmission and decrypt on receive. This series implements Tx only, because in QUIC server applications Tx outweighs Rx by orders of magnitude. Supporting the combination of QUIC and GSO requires the application to correctly place the data and the kernel to correctly slice it. The encryption process appends an arbitrary number of bytes (tag) to the end of the message to authenticate it. The GSO value should include this overhead, the offload would then subtract the tag size to parse the input on Tx before chunking and encrypting it. With the kernel cryptography, the buffer copy operation is conjoined with the encryption operation. The memory bandwidth is reduced by 5-8%. When devices supporting QUIC encryption in hardware come to the market, we will be able to free further 7% of CPU utilization which is used today for crypto operations. Adel Abouchaev (6): Documentation on QUIC kernel Tx crypto. Define QUIC specific constants, control and data plane structures Add UDP ULP operations, initialization and handling prototype functions. Implement QUIC offload functions Add flow counters and Tx processing error counter Add self tests for ULP operations, flow setup and crypto tests Documentation/networking/index.rst | 1 + Documentation/networking/quic.rst | 211 ++++ include/net/inet_sock.h | 2 + include/net/netns/mib.h | 3 + include/net/quic.h | 63 + include/net/snmp.h | 6 + include/net/udp.h | 33 + include/uapi/linux/quic.h | 66 + include/uapi/linux/snmp.h | 9 + include/uapi/linux/udp.h | 4 + net/Kconfig | 1 + net/Makefile | 1 + net/ipv4/Makefile | 3 +- net/ipv4/udp.c | 15 + net/ipv4/udp_ulp.c | 192 +++ net/quic/Kconfig | 16 + net/quic/Makefile | 8 + net/quic/quic_main.c | 1533 ++++++++++++++++++++++++ net/quic/quic_proc.c | 45 + tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 3 +- tools/testing/selftests/net/quic.c | 1370 +++++++++++++++++++++ tools/testing/selftests/net/quic.sh | 46 + 23 files changed, 3630 insertions(+), 2 deletions(-) create mode 100644 Documentation/networking/quic.rst create mode 100644 include/net/quic.h create mode 100644 include/uapi/linux/quic.h create mode 100644 net/ipv4/udp_ulp.c create mode 100644 net/quic/Kconfig create mode 100644 net/quic/Makefile create mode 100644 net/quic/quic_main.c create mode 100644 net/quic/quic_proc.c create mode 100644 tools/testing/selftests/net/quic.c create mode 100755 tools/testing/selftests/net/quic.sh -- 2.30.2

3 years

2
8
0 0

[PATCH v16 00/12] bpf: Add kfuncs for PKCS#7 signature verification

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing four new kfuncs: bpf_lookup_user_key() and bpf_lookup_system_key(), for retrieving a keyring with keys trusted for signature verification, respectively from its serial and from a pre-determined ID; bpf_key_put(), to release the reference obtained with the former two kfuncs, bpf_verify_pkcs7_signature(), for verifying PKCS#7 signatures. Other than the key serial, bpf_lookup_user_key() also accepts key lookup flags, that influence the behavior of the lookup. bpf_lookup_system_key() accepts pre-determined IDs defined in include/linux/verification.h. bpf_key_put() accepts the new bpf_key structure, introduced to tell whether the other structure member, a key pointer, is valid or not. The reason is that verify_pkcs7_signature() also accepts invalid pointers, set with the pre-determined ID, to select a system-defined keyring. key_put() must be called only for valid key pointers. Since the two key lookup functions allocate memory and one increments a key reference count, they must be used in conjunction with bpf_key_put(). The latter must be called only if the lookup functions returned a non-NULL pointer. The verifier denies the execution of eBPF programs that don't respect this rule. The two key lookup functions should be used in alternative, depending on the use case. While bpf_lookup_user_key() provides great flexibility, it seems suboptimal in terms of security guarantees, as even if the eBPF program is assumed to be trusted, the serial used to obtain the key pointer might come from untrusted user space not choosing one that the system administrator approves to enforce a mandatory policy. bpf_lookup_system_key() instead provides much stronger guarantees, especially if the pre-determined ID is not passed by user space but is hardcoded in the eBPF program, and that program is signed. In this case, bpf_verify_pkcs7_signature() will always perform signature verification with a key that the system administrator approves, i.e. the primary, secondary or platform keyring. Nevertheless, key permission checks need to be done accurately. Since bpf_lookup_user_key() cannot determine how a key will be used by other kfuncs, it has to defer the permission check to the actual kfunc using the key. It does it by calling lookup_user_key() with KEY_DEFER_PERM_CHECK as needed permission. Later, bpf_verify_pkcs7_signature(), if called, completes the permission check by calling key_validate(). It does not need to call key_task_permission() with permission KEY_NEED_SEARCH, as it is already done elsewhere by the key subsystem. Future kfuncs using the bpf_key structure need to implement the proper checks as well. Finally, the last kfunc, bpf_verify_pkcs7_signature(), accepts the data and signature to verify as eBPF dynamic pointers, to minimize the number of kfunc parameters, and the keyring with keys for signature verification as a bpf_key structure, returned by one of the two key lookup functions. bpf_lookup_user_key() and bpf_verify_pkcs7_signature() can be called only from sleepable programs, because of memory allocation and crypto operations. For example, the lsm.s/bpf attach point is suitable, fexit/array_map_update_elem is not. The correctness of implementation of the new kfuncs and of their usage is checked with the introduced tests. The patch set includes a patch from another author (dependency) for sake of completeness. It is organized as follows. Patch 1 from KP Singh allows kfuncs to be used by LSM programs. Patch 2 splits is_dynptr_reg_valid_init() and introduces is_dynptr_type_expected(), to know more precisely the cause of a negative result of a dynamic pointer check. Patch 3 allows dynamic pointers to be used as kfunc parameters. Patch 4 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 5 makes available for new eBPF kfuncs and programs some key-related definitions. Patch 6 introduces the bpf_lookup_*_key() and bpf_key_put() kfuncs. Patch 7 introduces the bpf_verify_pkcs7_signature() kfunc. Patch 8 changes the testing kernel configuration to compile everything as built-in. Finally, patches 9-12 introduce the tests. Changelog v15: - Add kfunc_dynptr_param test to deny list for s390x v14: - Explain that is_dynptr_type_expected() will be useful also for BTF (suggested by Joanne) - Rename KEY_LOOKUP_FLAGS_ALL to KEY_LOOKUP_ALL (suggested by Jarkko) - Swap declaration of spi and dynptr_type in is_dynptr_type_expected() (suggested by Joanne) - Reimplement kfunc dynptr tests with a regular eBPF program instead of executing them with test_verifier (suggested by Joanne) - Make key lookup flags as enum so that they are automatically exported through BTF (suggested by Alexei) v13: - Split is_dynptr_reg_valid_init() and introduce is_dynptr_type_expected() to see if the dynamic pointer type passed as argument to a kfunc is supported (suggested by Kumar) - Add forward declaration of struct key in include/linux/bpf.h (suggested by Song) - Declare mask for key lookup flags, remove key_lookup_flags_check() (suggested by Jarkko and KP) - Allow only certain dynamic pointer types (currently, local) to be passed as argument to kfuncs (suggested by Kumar) - For each dynamic pointer parameter in kfunc, additionally check if the passed pointer is to the stack (suggested by Kumar) - Split the validity/initialization and dynamic pointer type check also in the verifier, and adjust the expected error message in the test (a test for an unexpected dynptr type passed to a helper cannot be added due to missing suitable helpers, but this case has been tested manually) - Add verifier tests to check the dynamic pointers passed as argument to kfuncs (suggested by Kumar) v12: - Put lookup_key and verify_pkcs7_sig tests in deny list for s390x (JIT does not support calling kernel function) v11: - Move stringify_struct() macro to include/linux/btf.h (suggested by Daniel) - Change kernel configuration options in tools/testing/selftests/bpf/config* from =m to =y v10: - Introduce key_lookup_flags_check() and system_keyring_id_check() inline functions to check parameters (suggested by KP) - Fix descriptions and comment of key-related kfuncs (suggested by KP) - Register kfunc set only once (suggested by Alexei) - Move needed kernel options to the architecture-independent configuration for testing v9: - Drop patch to introduce KF_SLEEPABLE kfunc flag (already merged) - Rename valid_ptr member of bpf_key to has_ref (suggested by Daniel) - Check dynamic pointers in kfunc definition with bpf_dynptr_kern struct definition instead of string, to detect structure renames (suggested by Daniel) - Explicitly say that we permit initialized dynamic pointers in kfunc definition (suggested by Daniel) - Remove noinline __weak from kfuncs definition (reported by Daniel) - Simplify key lookup flags check in bpf_lookup_user_key() (suggested by Daniel) - Explain the reason for deferring key permission check (suggested by Daniel) - Allocate memory with GFP_ATOMIC in bpf_lookup_system_key(), and remove KF_SLEEPABLE kfunc flag from kfunc declaration (suggested by Daniel) - Define only one kfunc set and remove the loop for registration (suggested by Alexei) v8: - Define the new bpf_key structure to carry the key pointer and whether that pointer is valid or not (suggested by Daniel) - Drop patch to mark a kfunc parameter with the __maybe_null suffix - Improve documentation of kfuncs - Introduce bpf_lookup_system_key() to obtain a key pointer suitable for verify_pkcs7_signature() (suggested by Daniel) - Use the new kfunc registration API - Drop patch to test the __maybe_null suffix - Add tests for bpf_lookup_system_key() v7: - Add support for using dynamic and NULL pointers in kfunc (suggested by Alexei) - Add new kfunc-related tests v6: - Switch back to key lookup helpers + signature verification (until v5), and defer permission check from bpf_lookup_user_key() to bpf_verify_pkcs7_signature() - Add additional key lookup test to illustrate the usage of the KEY_LOOKUP_CREATE flag and validate the flags (suggested by Daniel) - Make description of flags of bpf_lookup_user_key() more user-friendly (suggested by Daniel) - Fix validation of flags parameter in bpf_lookup_user_key() (reported by Daniel) - Rename bpf_verify_pkcs7_signature() keyring-related parameters to user_keyring and system_keyring to make their purpose more clear - Accept keyring-related parameters of bpf_verify_pkcs7_signature() as alternatives (suggested by KP) - Replace unsigned long type with u64 in helper declaration (suggested by Daniel) - Extend the bpf_verify_pkcs7_signature() test by calling the helper without data, by ensuring that the helper enforces the keyring-related parameters as alternatives, by ensuring that the helper rejects inaccessible and expired keyrings, and by checking all system keyrings - Move bpf_lookup_user_key() and bpf_key_put() usage tests to ref_tracking.c (suggested by John) - Call bpf_lookup_user_key() and bpf_key_put() only in sleepable programs v5: - Move KEY_LOOKUP_ to include/linux/key.h for validation of bpf_verify_pkcs7_signature() parameter - Remove bpf_lookup_user_key() and bpf_key_put() helpers, and the corresponding tests - Replace struct key parameter of bpf_verify_pkcs7_signature() with the keyring serial and lookup flags - Call lookup_user_key() and key_put() in bpf_verify_pkcs7_signature() code, to ensure that the retrieved key is used according to the permission requested at lookup time - Clarified keyring precedence in the description of bpf_verify_pkcs7_signature() (suggested by John) - Remove newline in the second argument of ASSERT_ - Fix helper prototype regular expression in bpf_doc.py v4: - Remove bpf_request_key_by_id(), don't return an invalid pointer that other helpers can use - Pass the keyring ID (without ULONG_MAX, suggested by Alexei) to bpf_verify_pkcs7_signature() - Introduce bpf_lookup_user_key() and bpf_key_put() helpers (suggested by Alexei) - Add lookup_key_norelease test, to ensure that the verifier blocks eBPF programs which don't decrement the key reference count - Parse raw PKCS#7 signature instead of module-style signature in the verify_pkcs7_signature test (suggested by Alexei) - Parse kernel module in user space and pass raw PKCS#7 signature to the eBPF program for signature verification v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) KP Singh (1): bpf: Allow kfuncs to be used in LSM programs Roberto Sassu (11): bpf: Move dynptr type check to is_dynptr_type_expected() btf: Allow dynamic pointer parameters in kfuncs bpf: Export bpf_dynptr_get_size() KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs bpf: Add bpf_verify_pkcs7_signature() kfunc selftests/bpf: Compile kernel with everything as built-in selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put() selftests/bpf: Add additional tests for bpf_lookup_*_key() selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc selftests/bpf: Add tests for dynamic pointers parameters in kfuncs include/linux/bpf.h | 9 + include/linux/bpf_verifier.h | 5 + include/linux/btf.h | 9 + include/linux/key.h | 6 + include/linux/verification.h | 8 + kernel/bpf/btf.c | 34 ++ kernel/bpf/helpers.c | 2 +- kernel/bpf/verifier.c | 35 +- kernel/trace/bpf_trace.c | 180 ++++++++ security/keys/internal.h | 2 - tools/testing/selftests/bpf/DENYLIST.s390x | 3 + tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 32 +- tools/testing/selftests/bpf/config.x86_64 | 7 +- .../testing/selftests/bpf/prog_tests/dynptr.c | 2 +- .../bpf/prog_tests/kfunc_dynptr_param.c | 103 +++++ .../selftests/bpf/prog_tests/lookup_key.c | 112 +++++ .../bpf/prog_tests/verify_pkcs7_sig.c | 399 ++++++++++++++++++ .../bpf/progs/test_kfunc_dynptr_param.c | 57 +++ .../selftests/bpf/progs/test_lookup_key.c | 46 ++ .../bpf/progs/test_verify_pkcs7_sig.c | 100 +++++ tools/testing/selftests/bpf/test_verifier.c | 3 +- .../selftests/bpf/verifier/ref_tracking.c | 139 ++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 104 +++++ 24 files changed, 1376 insertions(+), 35 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/prog_tests/lookup_key.c create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_kfunc_dynptr_param.c create mode 100644 tools/testing/selftests/bpf/progs/test_lookup_key.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

3 years

5
46
0 0

[PATCH] KVM: selftests: Make rseq compatible with versions prior to glibc-2.30

by Liam Merwick

The fix for commit e923b0537d28 ("KVM: selftests: Fix target thread to be migrated in rseq_test") added a call to gettid() which was only added to glibc-2.30 and fails to compile with older glibc versions. rseq_test.c: In function 'main': rseq_test.c:230:33: warning: implicit declaration of function 'gettid'; did you mean 'getgid'? [-Wimplicit-function-declaration] (void *)(unsigned long)gettid()); ^~~~~~ getgid Switch the call to syscall(SYS_gettid) which was the original advice in the gettid(2) NOTES section and which works with both new and older glibc versions. Fixes: e923b0537d28 ("KVM: selftests: Fix target thread to be migrated in rseq_test") Cc: stable(a)vger.kernel.org # v5.15 Signed-off-by: Liam Merwick <liam.merwick(a)oracle.com> --- Verified with glibc-2.28 and glibc-2.34 and ensured test case from e923b0537d28 still passes. tools/testing/selftests/kvm/rseq_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/rseq_test.c b/tools/testing/selftests/kvm/rseq_test.c index fac248a43666..6f88da7e60be 100644 --- a/tools/testing/selftests/kvm/rseq_test.c +++ b/tools/testing/selftests/kvm/rseq_test.c @@ -227,7 +227,7 @@ int main(int argc, char *argv[]) ucall_init(vm, NULL); pthread_create(&migration_thread, NULL, migration_worker, - (void *)(unsigned long)gettid()); + (void *)(unsigned long)syscall(SYS_gettid)); for (i = 0; !done; i++) { vcpu_run(vcpu); -- 2.31.1

3 years

2
1
0 0

ATTENTION/PROPOSAL

by LUMAR CASEY

ATTENTION BUSINESS PARTNER, I AM LUMAR CASEY WORKING WITH AN INSURANCE FINANCIAL INSTITUTE, WITH MY POSITION AND PRIVILEGES I WAS ABLE TO SOURCE OUT AN OVER DUE PAYMENT OF 12.8 MILLION POUNDS THAT IS NOW SECURED WITH A SHIPPING DIPLOMATIC OUTLET. I AM SEEKING YOUR PARTNERSHIP TO RECEIVE THIS CONSIGNMENT AS AS MY PARTNER TO INVEST THIS FUND INTO A PROSPEROUS INVESTMENT VENTURE IN YOUR COUNTRY. I AWAIT YOUR REPLY TO ENABLE US PROCEED WITH THIS BUSINESS PARTNERSHIP TOGETHER. REGARDS, LUMAR CASEY

3 years

1
0
0 0

Re: [fortify] 728833277d: WARNING:at_net/netlink/af_netlink.c:#netlink_ack

by Gustavo A. R. Silva

On Wed, Sep 07, 2022 at 01:42:16PM +0800, kernel test robot wrote: Hi! > > Hi Kees Cook, > > the patch "[PATCH 1/2] fortify: Add run-time WARN for cross-field memcpy()" > raises a persistent WARNING as below report in our tests. > > according to commit message, we understand this is kind of expected. but > we don't have enough knowledge if it reveals a real issue in kernel source > code and what the next step could be. > > so we still report FYI. > > if you think it's unnecessary for us to make out this kind of report, please > let us know. we will consider how to refine our report rules. Thanks a lot! > > below is the full report. It seems that the idea is to continue reporting these warnings, as they help us identify the places that need to be audited and determine how to refactor the code (in case it's a false positive), or how to properly fix it (in case it's an actual bug). In this case, it seems that the issue was already addressed by this patch: https://lore.kernel.org/linux-hardening/20220903043749.3102675-1-keescook@c… Thanks -- Gustavo

3 years

2
1
0 0

3% Rate

by SunTrust Loans

¿Necesita un préstamo? Ofrecemos todo tipo de préstamos al 3%, envíenos un correo electrónico ahora si está interesado para obtener más información. solo a través de este correo electrónico: suntrustinvestmentloans(a)gmail.com

3 years

1
0
0 0

Re: [PATCH V5 15/31] x86/sgx: Support restricting of enclave page permissions

by zhubojun

Hi, Reinette, thanks for your great contribution for EDMM Linux kernel patch. I am trying to follow the newest patch now, and I have some questions on it. It seems that `sgx_enclave_restrict_permissions()` is able to do permission restrictions for multiple enclave’s pages. After driver invokes ENCLS[EMODPR] to restrict the page’s permission, it should then invoke ENCLS[ETRACK] and send IPIs to ensure stale TLB entries have been flushed. Only in this way, ENCLU[EACCEPT] inside enclave can only succeed. Current implementation invokes `sgx_enclave_etrack(encl)` after every `__emodpr(…)` in the for loop. My question is: Can we move the `sgx_enclave_etrack(encl)` out of the for loop? After doing so, `sgx_enclave_etrack(encl)` is invoked **one** time for multiple enclave pages’ permission restriction, instead of N times (N = `modp -> length / PAGE_SIZE`). We may gain some performance optimization from it. Please correct my if my understanding is incorrect. Looking forward to your reply and Thanks for your time! BR, Bojun

3 years

2
3
0 0

[PATCH v3 0/3] arm64/sve: Document our actual SVE syscall ABI

by Mark Brown

Currently our SVE syscall ABI documentation does not reflect the actual implemented ABI, it says that register state not shared with FPSIMD becomes undefined on syscall when in reality we always clear it. Since changing this would cause a change in the observed kernel behaviour there is a substantial desire to avoid taking advantage of the documented ABI so instead let's document what we actually do so it's clear that it is in reality an ABI. There has been some pushback on tightening the documentation in the past but it is hard to see who that helps, it makes the implementation decisions less clear and makes it harder for people to discover and make use of the actual ABI. The main practical concern is that qemu's user mode does not currently flush the registers. v3: - Rebase onto v6.0-rc3. v2: - Rebase onto v6.0-rc1. Mark Brown (3): kselftest/arm64: Correct buffer allocation for SVE Z registers arm64/sve: Document our actual ABI for clearing registers on syscall kselftest/arm64: Enforce actual ABI for SVE syscalls Documentation/arm64/sve.rst | 2 +- .../testing/selftests/arm64/abi/syscall-abi.c | 61 ++++++++++++------- 2 files changed, 41 insertions(+), 22 deletions(-) base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

3 years

2
8
0 0

[PATCH v2] kselftest/arm64: Add simple hwcap validation

by Mark Brown

Add some trivial hwcap validation which checks that /proc/cpuinfo and AT_HWCAP agree with each other and can verify that for extensions that can generate a SIGILL due to adding new instructions one appears or doesn't appear as expected. I've added SVE and SME, other capabilities can be added later if this gets merged. This isn't super exciting but on the other hand took very little time to write and should be handy when verifying that you wired up AT_HWCAP properly. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/arm64/abi/.gitignore | 1 + tools/testing/selftests/arm64/abi/Makefile | 2 +- tools/testing/selftests/arm64/abi/hwcap.c | 188 +++++++++++++++++++ 3 files changed, 190 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/arm64/abi/hwcap.c diff --git a/tools/testing/selftests/arm64/abi/.gitignore b/tools/testing/selftests/arm64/abi/.gitignore index b9e54417250d..c31d34d48a30 100644 --- a/tools/testing/selftests/arm64/abi/.gitignore +++ b/tools/testing/selftests/arm64/abi/.gitignore @@ -1,2 +1,3 @@ +hwcap syscall-abi tpidr2 diff --git a/tools/testing/selftests/arm64/abi/Makefile b/tools/testing/selftests/arm64/abi/Makefile index c8d7f2495eb2..e60752eb8334 100644 --- a/tools/testing/selftests/arm64/abi/Makefile +++ b/tools/testing/selftests/arm64/abi/Makefile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 # Copyright (C) 2021 ARM Limited -TEST_GEN_PROGS := syscall-abi tpidr2 +TEST_GEN_PROGS := hwcap syscall-abi tpidr2 include ../../lib.mk diff --git a/tools/testing/selftests/arm64/abi/hwcap.c b/tools/testing/selftests/arm64/abi/hwcap.c new file mode 100644 index 000000000000..8b5c646cea63 --- /dev/null +++ b/tools/testing/selftests/arm64/abi/hwcap.c @@ -0,0 +1,188 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (C) 2022 ARM Limited. + */ + +#include <errno.h> +#include <signal.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/auxv.h> +#include <sys/prctl.h> +#include <asm/hwcap.h> +#include <asm/sigcontext.h> +#include <asm/unistd.h> + +#include "../../kselftest.h" + +#define TESTS_PER_HWCAP 2 + +/* + * Function expected to generate SIGILL when the feature is not + * supported and return when it is supported. If SIGILL is generated + * then the handler must be able to skip over the instruction safely. + * + * Note that it is expected that for many architecture extensions + * there are no specific traps due to no architecture state being + * added so we may not fault if running on a kernel which doesn't know + * to add the hwcap. + */ +typedef void (*sigill_fn)(void); + +static void sme_sigill(void) +{ + /* RDSVL x0, #0 */ + asm volatile(".inst 0x04bf5800" : : : "x0"); +} + +static void sve_sigill(void) +{ + /* RDVL x0, #0 */ + asm volatile(".inst 0x04bf5000" : : : "x0"); +} + +static const struct hwcap_data { + const char *name; + unsigned long at_hwcap; + unsigned long hwcap_bit; + const char *cpuinfo; + sigill_fn sigill_fn; + bool sigill_reliable; +} hwcaps[] = { + { + .name = "SME", + .at_hwcap = AT_HWCAP2, + .hwcap_bit = HWCAP2_SME, + .cpuinfo = "sme", + .sigill_fn = sme_sigill, + .sigill_reliable = true, + }, + { + .name = "SVE", + .at_hwcap = AT_HWCAP, + .hwcap_bit = HWCAP_SVE, + .cpuinfo = "sve", + .sigill_fn = sve_sigill, + .sigill_reliable = true, + }, +}; + +static bool seen_sigill; + +static void handle_sigill(int sig, siginfo_t *info, void *context) +{ + ucontext_t *uc = context; + + seen_sigill = true; + + /* Skip over the offending instruction */ + uc->uc_mcontext.pc += 4; +} + +bool cpuinfo_present(const char *name) +{ + FILE *f; + char buf[2048], name_space[30], name_newline[30]; + char *s; + + /* + * The feature should appear with a leading space and either a + * trailing space or a newline. + */ + snprintf(name_space, sizeof(name_space), " %s ", name); + snprintf(name_newline, sizeof(name_newline), " %s\n", name); + + f = fopen("/proc/cpuinfo", "r"); + if (!f) { + ksft_print_msg("Failed to open /proc/cpuinfo\n"); + return false; + } + + while (fgets(buf, sizeof(buf), f)) { + /* Features: line? */ + if (strncmp(buf, "Features\t:", strlen("Features\t:")) != 0) + continue; + + /* All CPUs should be symmetric, don't read any more */ + fclose(f); + + s = strstr(buf, name_space); + if (s) + return true; + s = strstr(buf, name_newline); + if (s) + return true; + + return false; + } + + ksft_print_msg("Failed to find Features in /proc/cpuinfo\n"); + fclose(f); + return false; +} + +int main(void) +{ + const struct hwcap_data *hwcap; + int i, ret; + bool have_cpuinfo, have_hwcap; + struct sigaction sa; + + ksft_print_header(); + ksft_set_plan(ARRAY_SIZE(hwcaps) * TESTS_PER_HWCAP); + + memset(&sa, 0, sizeof(sa)); + sa.sa_sigaction = handle_sigill; + sa.sa_flags = SA_RESTART | SA_SIGINFO; + sigemptyset(&sa.sa_mask); + ret = sigaction(SIGILL, &sa, NULL); + if (ret < 0) + ksft_exit_fail_msg("Failed to install SIGILL handler: %s (%d)\n", + strerror(errno), errno); + + for (i = 0; i < ARRAY_SIZE(hwcaps); i++) { + hwcap = &hwcaps[i]; + + have_hwcap = getauxval(hwcaps->at_hwcap) & hwcap->hwcap_bit; + have_cpuinfo = cpuinfo_present(hwcap->cpuinfo); + + if (have_hwcap) + ksft_print_msg("%s present", hwcap->name); + + ksft_test_result(have_hwcap == have_cpuinfo, + "cpuinfo_match_%s\n", hwcap->name); + + if (hwcap->sigill_fn) { + seen_sigill = false; + hwcap->sigill_fn(); + + if (have_hwcap) { + /* Should be able to use the extension */ + ksft_test_result(!seen_sigill, "sigill_%s\n", + hwcap->name); + } else if (hwcap->sigill_reliable) { + /* Guaranteed a SIGILL */ + ksft_test_result(seen_sigill, "sigill_%s\n", + hwcap->name); + } else { + /* Missing SIGILL might be fine */ + ksft_print_msg("SIGILL %sreported for %s\n", + seen_sigill ? "" : "not ", + hwcap->name); + ksft_test_result_skip("sigill_%s\n", + hwcap->name); + } + } else { + ksft_test_result_skip("sigill_%s\n", + hwcap->name); + } + } + + ksft_print_cnts(); + + return 0; +} base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

3 years

2
1
0 0

[PATCH v2 0/4] kselftest/arm64: Floating point stress test harness

by Mark Brown

This series has a few small enhancements for the existing standalone floating point stress tests and then builds on those with a kselftest integrated program which gives those a very quick spin from within kselftest, as well as having an option to set a custom timeout to allow for use with longer soak testing. This makes it much easier to get thorough testing of the floating point state management logic, rather than requiring custom setup for coverage of the various vector lengths in the system as is needed at present. It might be nice in future to extend this to attach to some or all of the test programs with ptrace and read/write their registers as another means of potentially triggering race conditions or corruption but that's definitely another step. v2: - Rebase onto v6.0-rc3. - Announce the results of enumeration before we start everything. Mark Brown (4): kselftest/arm64: Always encourage preemption for za-test kselftest/arm64: Count SIGUSR2 deliveries in FP stress tests kselftest/arm64: Install signal handlers before output in FP stress tests kselftest/arm64: kselftest harness for FP stress tests tools/testing/selftests/arm64/fp/.gitignore | 1 + tools/testing/selftests/arm64/fp/Makefile | 5 +- .../testing/selftests/arm64/fp/asm-offsets.h | 1 + tools/testing/selftests/arm64/fp/fp-stress.c | 535 ++++++++++++++++++ .../testing/selftests/arm64/fp/fpsimd-test.S | 51 +- tools/testing/selftests/arm64/fp/sve-test.S | 51 +- tools/testing/selftests/arm64/fp/za-test.S | 58 +- 7 files changed, 641 insertions(+), 61 deletions(-) create mode 100644 tools/testing/selftests/arm64/fp/fp-stress.c base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 -- 2.30.2

3 years

2
5
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror