- Linux-kselftest-mirror - lists.linaro.org

[PATCH AUTOSEL 5.15 25/44] selftests/powerpc/spectre_v2: Return skip code when miss_percent is high

by Sasha Levin

From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> [ Upstream commit 3c42e9542050d49610077e083c7c3f5fd5e26820 ] A mis-match between reported and actual mitigation is not restricted to the Vulnerable case. The guest might also report the mitigation as "Software count cache flush" and the host will still mitigate with branch cache disabled. So, instead of skipping depending on the detected mitigation, simply skip whenever the detected miss_percent is the expected one for a fully mitigated system, that is, above 95%. Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> Link: https://lore.kernel.org/r/20211207130557.40566-1-cascardo@canonical.com Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/powerpc/security/spectre_v2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/powerpc/security/spectre_v2.c b/tools/testing/selftests/powerpc/security/spectre_v2.c index adc2b7294e5fd..83647b8277e7d 100644 --- a/tools/testing/selftests/powerpc/security/spectre_v2.c +++ b/tools/testing/selftests/powerpc/security/spectre_v2.c @@ -193,7 +193,7 @@ int spectre_v2_test(void) * We are not vulnerable and reporting otherwise, so * missing such a mismatch is safe. */ - if (state == VULNERABLE) + if (miss_percent > 95) return 4; return 1; -- 2.34.1

3 years, 9 months

1
0
0 0

[PATCH AUTOSEL 5.16 39/52] selftests/powerpc: Add a test of sigreturning to the kernel

by Sasha Levin

From: Michael Ellerman <mpe(a)ellerman.id.au> [ Upstream commit a8968521cfdc3e339fe69473d6632e0aa8d7202a ] We have a general signal fuzzer, sigfuz, which can modify the MSR & NIP before sigreturn. But the chance of it hitting a kernel address and also clearing MSR_PR is fairly slim. So add a specific test of sigreturn to a kernel address, both with and without attempting to clear MSR_PR (which the kernel must block). Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> Link: https://lore.kernel.org/r/20211209115944.4062384-1-mpe@ellerman.id.au Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- .../selftests/powerpc/signal/.gitignore | 1 + .../testing/selftests/powerpc/signal/Makefile | 1 + .../powerpc/signal/sigreturn_kernel.c | 132 ++++++++++++++++++ 3 files changed, 134 insertions(+) create mode 100644 tools/testing/selftests/powerpc/signal/sigreturn_kernel.c diff --git a/tools/testing/selftests/powerpc/signal/.gitignore b/tools/testing/selftests/powerpc/signal/.gitignore index ce3375cd8e73e..8f6c816099a48 100644 --- a/tools/testing/selftests/powerpc/signal/.gitignore +++ b/tools/testing/selftests/powerpc/signal/.gitignore @@ -4,3 +4,4 @@ signal_tm sigfuz sigreturn_vdso sig_sc_double_restart +sigreturn_kernel diff --git a/tools/testing/selftests/powerpc/signal/Makefile b/tools/testing/selftests/powerpc/signal/Makefile index d6ae54663aed7..84e201572466d 100644 --- a/tools/testing/selftests/powerpc/signal/Makefile +++ b/tools/testing/selftests/powerpc/signal/Makefile @@ -1,5 +1,6 @@ # SPDX-License-Identifier: GPL-2.0 TEST_GEN_PROGS := signal signal_tm sigfuz sigreturn_vdso sig_sc_double_restart +TEST_GEN_PROGS += sigreturn_kernel CFLAGS += -maltivec $(OUTPUT)/signal_tm: CFLAGS += -mhtm diff --git a/tools/testing/selftests/powerpc/signal/sigreturn_kernel.c b/tools/testing/selftests/powerpc/signal/sigreturn_kernel.c new file mode 100644 index 0000000000000..0a1b6e591eeed --- /dev/null +++ b/tools/testing/selftests/powerpc/signal/sigreturn_kernel.c @@ -0,0 +1,132 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Test that we can't sigreturn to kernel addresses, or to kernel mode. + */ + +#define _GNU_SOURCE + +#include <stdio.h> +#include <signal.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <unistd.h> + +#include "utils.h" + +#define MSR_PR (1ul << 14) + +static volatile unsigned long long sigreturn_addr; +static volatile unsigned long long sigreturn_msr_mask; + +static void sigusr1_handler(int signo, siginfo_t *si, void *uc_ptr) +{ + ucontext_t *uc = (ucontext_t *)uc_ptr; + + if (sigreturn_addr) + UCONTEXT_NIA(uc) = sigreturn_addr; + + if (sigreturn_msr_mask) + UCONTEXT_MSR(uc) &= sigreturn_msr_mask; +} + +static pid_t fork_child(void) +{ + pid_t pid; + + pid = fork(); + if (pid == 0) { + raise(SIGUSR1); + exit(0); + } + + return pid; +} + +static int expect_segv(pid_t pid) +{ + int child_ret; + + waitpid(pid, &child_ret, 0); + FAIL_IF(WIFEXITED(child_ret)); + FAIL_IF(!WIFSIGNALED(child_ret)); + FAIL_IF(WTERMSIG(child_ret) != 11); + + return 0; +} + +int test_sigreturn_kernel(void) +{ + struct sigaction act; + int child_ret, i; + pid_t pid; + + act.sa_sigaction = sigusr1_handler; + act.sa_flags = SA_SIGINFO; + sigemptyset(&act.sa_mask); + + FAIL_IF(sigaction(SIGUSR1, &act, NULL)); + + for (i = 0; i < 2; i++) { + // Return to kernel + sigreturn_addr = 0xcull << 60; + pid = fork_child(); + expect_segv(pid); + + // Return to kernel virtual + sigreturn_addr = 0xc008ull << 48; + pid = fork_child(); + expect_segv(pid); + + // Return out of range + sigreturn_addr = 0xc010ull << 48; + pid = fork_child(); + expect_segv(pid); + + // Return to no-man's land, just below PAGE_OFFSET + sigreturn_addr = (0xcull << 60) - (64 * 1024); + pid = fork_child(); + expect_segv(pid); + + // Return to no-man's land, above TASK_SIZE_4PB + sigreturn_addr = 0x1ull << 52; + pid = fork_child(); + expect_segv(pid); + + // Return to 0xd space + sigreturn_addr = 0xdull << 60; + pid = fork_child(); + expect_segv(pid); + + // Return to 0xe space + sigreturn_addr = 0xeull << 60; + pid = fork_child(); + expect_segv(pid); + + // Return to 0xf space + sigreturn_addr = 0xfull << 60; + pid = fork_child(); + expect_segv(pid); + + // Attempt to set PR=0 for 2nd loop (should be blocked by kernel) + sigreturn_msr_mask = ~MSR_PR; + } + + printf("All children killed as expected\n"); + + // Don't change address, just MSR, should return to user as normal + sigreturn_addr = 0; + sigreturn_msr_mask = ~MSR_PR; + pid = fork_child(); + waitpid(pid, &child_ret, 0); + FAIL_IF(!WIFEXITED(child_ret)); + FAIL_IF(WIFSIGNALED(child_ret)); + FAIL_IF(WEXITSTATUS(child_ret) != 0); + + return 0; +} + +int main(void) +{ + return test_harness(test_sigreturn_kernel, "sigreturn_kernel"); +} -- 2.34.1

3 years, 9 months

1
0
0 0

[PATCH AUTOSEL 5.16 28/52] selftests/powerpc/spectre_v2: Return skip code when miss_percent is high

by Sasha Levin

From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> [ Upstream commit 3c42e9542050d49610077e083c7c3f5fd5e26820 ] A mis-match between reported and actual mitigation is not restricted to the Vulnerable case. The guest might also report the mitigation as "Software count cache flush" and the host will still mitigate with branch cache disabled. So, instead of skipping depending on the detected mitigation, simply skip whenever the detected miss_percent is the expected one for a fully mitigated system, that is, above 95%. Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> Link: https://lore.kernel.org/r/20211207130557.40566-1-cascardo@canonical.com Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/powerpc/security/spectre_v2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/powerpc/security/spectre_v2.c b/tools/testing/selftests/powerpc/security/spectre_v2.c index adc2b7294e5fd..83647b8277e7d 100644 --- a/tools/testing/selftests/powerpc/security/spectre_v2.c +++ b/tools/testing/selftests/powerpc/security/spectre_v2.c @@ -193,7 +193,7 @@ int spectre_v2_test(void) * We are not vulnerable and reporting otherwise, so * missing such a mismatch is safe. */ - if (state == VULNERABLE) + if (miss_percent > 95) return 4; return 1; -- 2.34.1

3 years, 9 months

1
0
0 0

[PATCH v3 2/2] selftests: tpm: add async space test with noneexisting handle

by Tadeusz Struk

Add a test for /dev/tpmrm0 in async mode that checks if the code handles invalid handles correctly. Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Cc: Shuah Khan <shuah(a)kernel.org> Cc: <linux-integrity(a)vger.kernel.org> Cc: <linux-kselftest(a)vger.kernel.org> Cc: <linux-kernel(a)vger.kernel.org> Tested-by: Jarkko Sakkinen<jarkko(a)kernel.org> Signed-off-by: Tadeusz Struk <tstruk(a)gmail.com> --- Changed in v2: - Updated commit message Changed in v3: - Fixed typo in the function name --- tools/testing/selftests/tpm2/tpm2_tests.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tools/testing/selftests/tpm2/tpm2_tests.py b/tools/testing/selftests/tpm2/tpm2_tests.py index 9d764306887b..340ffef97fb6 100644 --- a/tools/testing/selftests/tpm2/tpm2_tests.py +++ b/tools/testing/selftests/tpm2/tpm2_tests.py @@ -302,3 +302,19 @@ class AsyncTest(unittest.TestCase): log.debug("Calling get_cap in a NON_BLOCKING mode") async_client.get_cap(tpm2.TPM2_CAP_HANDLES, tpm2.HR_LOADED_SESSION) async_client.close() + + def test_flush_invalid_context(self): + log = logging.getLogger(__name__) + log.debug(sys._getframe().f_code.co_name) + + async_client = tpm2.Client(tpm2.Client.FLAG_SPACE | tpm2.Client.FLAG_NONBLOCK) + log.debug("Calling flush_context passing in an invalid handle ") + handle = 0x80123456 + rc = 0 + try: + async_client.flush_context(handle) + except OSError as e: + rc = e.errno + + self.assertEqual(rc, 22) + async_client.close() -- 2.30.2

3 years, 9 months

2
6
0 0

[RFC PATCH 00/13] x86 User Interrupts support

by Sohil Mehta

User Interrupts Introduction ============================ User Interrupts (Uintr) is a hardware technology that enables delivering interrupts directly to user space. Today, virtually all communication across privilege boundaries happens by going through the kernel. These include signals, pipes, remote procedure calls and hardware interrupt based notifications. User interrupts provide the foundation for more efficient (low latency and low CPU utilization) versions of these common operations by avoiding transitions through the kernel. In the User Interrupts hardware architecture, a receiver is always expected to be a user space task. However, a user interrupt can be sent by another user space task, kernel or an external source (like a device). In addition to the general infrastructure to receive user interrupts, this series introduces a single source: interrupts from another user task. These are referred to as User IPIs. The first implementation of User IPIs will be in the Intel processor code-named Sapphire Rapids. Refer Chapter 11 of the Intel Architecture instruction set extensions for details of the hardware architecture [1]. Series-reviewed-by: Tony Luck <tony.luck(a)intel.com> Main goals of this RFC ====================== - Introduce this upcoming technology to the community. This cover letter includes a hardware architecture summary along with the software architecture and kernel design choices. This post is a bit long as a result. Hopefully, it helps answer more questions than it creates :) I am also planning to talk about User Interrupts next week at the LPC Kernel summit. - Discuss potential use cases. We are starting to look at actual usages and libraries (like libevent[2] and liburing[3]) that can take advantage of this technology. Unfortunately, we don't have much to share on this right now. We need some help from the community to identify usages that can benefit from this. We would like to make sure the proposed APIs work for the eventual consumers. - Get early feedback on the software architecture. We are hoping to get some feedback on the direction of overall software architecture - starting with User IPI, extending it for kernel-to-user interrupt notifications and external interrupts in the future. - Discuss some of the main architecture opens. There is lot of work that still needs to happen to enable this technology. We are looking for some input on future patches that would be of interest. Here are some of the big opens that we are looking to resolve. * Should Uintr interrupt all blocking system calls like sleep(), read(), poll(), etc? If so, should we implement an SA_RESTART type of mechanism similar to signals? - Refer Blocking for interrupts section below. * Should the User Interrupt Target table (UITT) be shared between threads of a multi-threaded application or maybe even across processes? - Refer Sharing the UITT section below. Why care about this? - Micro benchmark performance ================================================== There is a ~9x or higher performance improvement using User IPI over other IPC mechanisms for event signaling. Below is the average normalized latency for a 1M ping-pong IPC notifications with message size=1. +------------+-------------------------+ | IPC type | Relative Latency | | |(normalized to User IPI) | +------------+-------------------------+ | User IPI | 1.0 | | Signal | 14.8 | | Eventfd | 9.7 | | Pipe | 16.3 | | Domain | 17.3 | +------------+-------------------------+ Results have been estimated based on tests on internal hardware with Linux v5.14 + User IPI patches. Original benchmark: https://github.com/goldsborough/ipc-bench Updated benchmark: https://github.com/intel/uintr-ipc-bench/tree/linux-rfc-v1 *Performance varies by use, configuration and other factors. How it works underneath? - Hardware Summary =========================================== User Interrupts is a posted interrupt delivery mechanism. The interrupts are first posted to a memory location and then delivered to the receiver when they are running with CPL=3. Kernel managed architectural data structures -------------------------------------------- UPID: User Posted Interrupt Descriptor - Holds receiver interrupt vector information and notification state (like an ongoing notification, suppressed notifications). UITT: User Interrupt Target Table - Stores UPID pointer and vector information for interrupt routing on the sender side. Referred by the senduipi instruction. The interrupt state of each task is referenced via MSRs which are saved and restored by the kernel during context switch. Instructions ------------ senduipi <index> - send a user IPI to a target task based on the UITT index. clui - Mask user interrupts by clearing UIF (User Interrupt Flag). stui - Unmask user interrupts by setting UIF. testui - Test current value of UIF. uiret - return from a user interrupt handler. User IPI -------- When a User IPI sender executes 'senduipi <index>', the hardware refers the UITT table entry pointed by the index and posts the interrupt vector (63-0) into the receiver's UPID. If the receiver is running (CPL=3), the sender cpu would send a physical IPI to the receiver's cpu. On the receiver side this IPI is detected as a User Interrupt. The User Interrupt handler for the receiver is invoked and the vector number (63-0) is pushed onto the stack. Upon execution of 'uiret' in the interrupt handler, the control is transferred back to instruction that was interrupted. Refer Chapter 11 of the Intel Architecture instruction set extensions [1] for more details. Application interface - Software Architecture ============================================= User Interrupts (Uintr) is an opt-in feature (unlike signals). Applications wanting to use Uintr are expected to register themselves with the kernel using the Uintr related system calls. A Uintr receiver is always a userspace task. A Uintr sender can be another userspace task, kernel or a device. 1) A receiver can register/unregister an interrupt handler using the Uintr receiver related syscalls. uintr_register_handler(handler, flags) uintr_unregister_handler(flags) 2) A syscall also allows a receiver to register a vector and create a user interrupt file descriptor - uintr_fd. uintr_fd = uintr_create_fd(vector, flags) Uintr can be useful in some of the usages where eventfd or signals are used for frequent userspace event notifications. The semantics of uintr_fd are somewhat similar to an eventfd() or the write end of a pipe. 3) Any sender with access to uintr_fd can use it to deliver events (in this case - interrupts) to a receiver. A sender task can manage its connection with the receiver using the sender related syscalls based on uintr_fd. uipi_index = uintr_register_sender(uintr_fd, flags) Using an FD abstraction provides a secure mechanism to connect with a receiver. The FD sharing and isolation mechanisms put in place by the kernel would extend to Uintr as well. 4a) After the initial setup, a sender task can use the SENDUIPI instruction along with the uipi_index to generate user IPIs without any kernel intervention. SENDUIPI <uipi_index> If the receiver is running (CPL=3), then the user interrupt is delivered directly without a kernel transition. If the receiver isn't running the interrupt is delivered when the receiver gets context switched back. If the receiver is blocked in the kernel, the user interrupt is delivered to the kernel which then unblocks the intended receiver to deliver the interrupt. 4b) If the sender is the kernel or a device, the uintr_fd can be passed onto the related kernel entity to allow them to setup a connection and then generate a user interrupt for event delivery. <The exact details of this API are still being worked upon.> For details of the user interface and associated system calls refer the Uintr man-pages draft: https://github.com/intel/uintr-linux-kernel/tree/rfc-v1/tools/uintr/manpages. We have also included the same content as patch 1 of this series to make it easier to review. Refer the Uintr compiler programming guide [4] for details on Uintr integration with GCC and Binutils. Kernel design choices ===================== Here are some of the reasons and trade-offs for the current design of the APIs. System call interface --------------------- Why a system call interface?: The 2 options we considered are using a char device at /dev or use system calls (current approach). A syscall approach avoids exposing a core cpu feature through a driver model. Also, we want to have a user interrupt FD per vector and share a single common interrupt handler among all vectors. This seems easier for the kernel and userspace to accomplish using a syscall based approach. Data sharing using user interrupts: Uintr doesn't include a mechanism to share/transmit data. The expectation is applications use existing data sharing mechanisms to share data and use Uintr only for signaling. An FD for each vector: A uintr_fd is assigned to each vector to allow fine grained priority and event management by the receiver. The alternative we considered was to allocate an FD to the interrupt handler and having that shared with the sender. However, that approach relies on the sender selecting the vector and moves the vector priority management to the sender. Also, if multiple senders want to send unique user interrupts they would need to coordinate the vector selection amongst them. Extending the APIs: Currently, the system calls are only extendable using the flags argument. We can add a variable size struct to some of the syscalls if needed. Extending existing mechanisms ----------------------------- Uintr can be beneficial in some of the usages where eventfd() or signals are used. Since Uintr is hardware-dependent, thread-specific and bypasses the kernel in the fast path, it makes extending existing mechanisms harder. Main issues with extending signals: Signal handlers are defined significantly differently than a User interrupt handler. An application needs to save/restore registers in a user interrupt handler and call uiret to return from it. Also, signals can be process directed (or thread directed) but user interrupts are always thread directed. Comparison of signals with User Interrupts: +=====================+===========================+===========================+ | | Signals | User Interrupts | +=====================+===========================+===========================+ | Stacks | Has alt stacks | Uses application stack | | | | (alternate stack option | | | | not yet enabled) | +---------------------+---------------------------+---------------------------+ | Registers state | Kernel manages incl. | App responsible (Use GCC | | | FPU/XSTATE area | 'interrupt' attribute for | | | | general purpose registers)| +---------------------+---------------------------+---------------------------+ | Blocking/Masking | sigprocmask(2)/sa_mask | CLUI instruction (No per | | | | vector masking) | +---------------------+---------------------------+---------------------------+ | Direction | Uni-directional | Uni-directional | +---------------------+---------------------------+---------------------------+ | Post event | kill(), signal(), | SENDUIPI <index> - index | | | sigqueue(), etc. | derived from uintr_fd | +---------------------+---------------------------+---------------------------+ | Target | Process-directed or | Thread-directed | | | thread-directed | | +---------------------+---------------------------+---------------------------+ | Fork/inheritance | Empty signal set | Nothing is inherited | +---------------------+---------------------------+---------------------------+ | Execv | Pending signals preserved | Nothing is inherited | +---------------------+---------------------------+---------------------------+ | Order of delivery | Undetermined | High to low vector numbers| | for multiple signals| | | +---------------------+---------------------------+---------------------------+ | Handler re-entry | All signals except the | No interrupts can cause | | | one being handled | handler re-entry. | +---------------------+---------------------------+---------------------------+ | Delivery feedback | 0 or -1 based on whether | No feedback on whether the| | | the signal was sent | interrupt was sent or | | | | received. | +---------------------+---------------------------+---------------------------+ Main issues with extending eventfd(): eventfd() has a counter value that is core to the API. User interrupts can't have an associated counter since the signaling happens at the user level and the hardware doesn't have a memory counter mechanism. Also, eventfd can be used for bi-directional signaling where as uintr_fd is uni-directional. Comparison of eventfd with uintr_fd: +====================+======================+==============================+ | | Eventfd | uintr_fd (User Interrupt FD) | +====================+======================+==============================+ | Object | Counter - uint64 | Receiver vector information | +--------------------+----------------------+------------------------------+ | Post event | write() to eventfd | SENDUIPI <index> - index | | | | derived from uintr_fd | +--------------------+----------------------+------------------------------+ | Receive event | read() on eventfd | Implicit - Handler is | | | | invoked with associated | | | | vector. | +--------------------+----------------------+------------------------------+ | Direction | Bi-directional | Uni-directional | +--------------------+----------------------+------------------------------+ | Data transmitted | Counter - uint64 | None | +--------------------+----------------------+------------------------------+ | Waiting for events | Poll() family of | No per vector wait. | | | syscalls | uintr_wait() allows waiting | | | | for all user interrupts | +--------------------+----------------------+------------------------------+ Security Model ============== User Interrupts is designed as an opt-in feature (unlike signals). The security model for user interrupts is intended to be similar to eventfd(). The general idea is that any sender with access to uintr_fd would be able to generate the associated interrupt vector for the receiver task that created the fd. Untrusted processes ------------------- The current implementation expects only trusted and cooperating processes to communicate using user interrupts. Coordination is expected between processes for a connection teardown. In situations where coordination doesn't happen (say, due to abrupt process exit), the kernel would end up keeping shared resources (like UPID) allocated to avoid faults. Currently, a sender can easily cause a denial of service for the receiver by generating a storm of user interrupts. A user interrupt handler is invoked with interrupts disabled, but upon execution of uiret, interrupts get enabled again by the hardware. This can lead to the handler being invoked again before normal execution can resume. There isn't a hardware mechanism to mask specific interrupt vectors. To enable untrusted processes to communicate, we need to add a per-vector masking option through another syscall (or maybe IOCTL). However, this can add some complexity to the kernel code. A vector can only be masked by modifying the UITT entries at the source. We need to be careful about races while removing and restoring the UPID from the UITT. Resource limits --------------- The maximum number of receiver-sender connections would be limited by the maximum number of open file descriptors and the size of the UITT. The UITT size is chosen as 4kB fixed size arbitrarily right now. We plan to make it dynamic and configurable in size. RLIMIT_MEMLOCK or ENOMEM should be triggered when the size limits have been hit. Main Opens ========== Blocking for interrupts ----------------------- User interrupts are delivered to applications immediately if they are running in userspace. If a receiver task has blocked in the kernel using the placeholder uintr_wait() syscall, the task would be woken up to deliver the user interrupt. However, if the task is blocked due to any other blocking calls like read(), sleep(), etc; the interrupt will only get delivered when the application gets scheduled again. We need to consider if applications need to receive User Interrupts as soon as they are posted (similar to signals) when they are blocked due to some other reason. Adding this capability would likely make the kernel implementation more complex. Interrupting system calls using User Interrupts would also mean we need to consider an SA_RESTART type of mechanism. We also need to evaluate if some of the signal handler related semantics in the kernel can be reused for User Interrupts. Sharing the User Interrupt Target Table (UITT) ---------------------------------------------- The current implementation assigns a unique UITT to each task. This assumes that User interrupts are used for point-to-point communication between 2 tasks. Also, this keeps the kernel implementation relatively simple. However, there are of benefits to sharing the UITT between threads of a multi-threaded application. One, they would see a consistent view of the UITT. i.e. SENDUIPI <index> would mean the same on all threads of the application. Also, each thread doesn't have to register itself using the common uintr_fd. This would simplify the userspace setup and make efficient use of kernel memory. The potential downside is that the kernel implementation to allocate, modify, expand and free the UITT would be more complex. A similar argument can be made for a set of processes that do a lot of IPC amongst them. They would prefer to have a shared UITT that lets them target any process from any process. With the current file descriptor based approach, the connection setup can be time consuming and somewhat cumbersome. We need to evaluate if this can be made simpler as well. Kernel page table isolation (KPTI) ---------------------------------- SENDUIPI is a special ring-3 instruction that makes a supervisor mode memory access to the UPID and UITT memory. The current patches need KPTI to be disabled for User IPIs to work. To make User IPI work with KPTI, we need to allocate these structures from a special memory region that has supervisor access but it is mapped into userspace. The plan is to implement a mechanism similar to LDT. Processors that support user interrupts are not affected by Meltdown so the auto mode of KPTI will default to off. Users who want to force enable KPTI will need to wait for a later version of this patch series to use user interrupts. Please let us know if you want the development of these patches to be prioritized (or deprioritized). FAQs ==== Q: What happens if a process is "surprised" by a user interrupt? A: For tasks that haven't registered with the kernel and requested for user interrupts aren't expected or able to receive to user interrupts. Q: Do user interrupts affect kernel scheduling? A: No. If a task is blocked waiting for user interrupts, when the kernel receives a notification on behalf of that task we only put it back on the runqueue. Delivery of a user interrupt in no way changes the scheduling priorities of a task. Q: Does the sender get to know if the interrupt was delivered? A: No. User interrupts only provides a posted interrupt delivery mechanism. If applications need to rely on whether the interrupt was delivered they should consider a userspace mechanism for feedback (like a shared memory counter or a user interrupt back to the sender). Q: Why is there no feedback on interrupt delivery? A: Being a posted interrupt delivery mechanism, the interrupt delivery happens in 2 steps: 1) The interrupt information is stored in a memory location (UPID). 2) The physical interrupt is delivered to the interrupt receiver. The 2nd step could happen immediately, after an extended period, or it might never happen based on the state of the receiver after step 1. (The receiver could have disabled interrupts, have been context switched out or it might have crashed during that time.) This makes it very hard for the hardware to reliably provide feedback upon execution of SENDUIPI. Q: Can user interrupts be nested? A: Yes. Using STUI instruction in the interrupt handler would allow new user interrupts to be delivered. However, there no TPR(thread priority register) like mechanism to allow only higher priority interrupts. Any user interrupt can be taken when nesting is enabled. Q: Can a task receive all pending user interrupts in one go? A: No. The hardware allows only one vector to be processed at a time. If a task is interested in knowing all the interrupts that are pending then we could add a syscall that provides the pending interrupts information. Q: Do the processes need to be pinned to a cpu? A: No. User interrupts will be routed correctly to whichever cpu the receiver is running on. The kernel updates the cpu information in the UPID during context switch. Q: Why are UPID and UITT allocated by the kernel? A: If allocated by user space, applications could misuse the UPID and UITT to write to unauthorized memory and generate interrupts on any cpu. The UPID and UITT are allocated by the kernel and accessed by the hardware with supervisor privilege. Patch structure for this series =============================== - Man-pages and Kernel documentation (patch 1,2) - Hardware enumeration (patch 3, 4) - User IPI kernel vector reservation (patch 5) - Syscall interface for interrupt receiver, sender and vector management(uintr_fd) (patch 6-12) - Basic selftests (patch 13) Along with the patches in this RFC, there are additional tests and samples that are available at: https://github.com/intel/uintr-linux-kernel/tree/rfc-v1 Links ===== [1]: https://software.intel.com/content/www/us/en/develop/download/intel-archite… [2]: https://libevent.org/ [3]: https://github.com/axboe/liburing [4]: https://github.com/intel/uintr-compiler-guide/blob/uintr-gcc-11.1/UINTR-com… Sohil Mehta (13): x86/uintr/man-page: Include man pages draft for reference Documentation/x86: Add documentation for User Interrupts x86/cpu: Enumerate User Interrupts support x86/fpu/xstate: Enumerate User Interrupts supervisor state x86/irq: Reserve a user IPI notification vector x86/uintr: Introduce uintr receiver syscalls x86/process/64: Add uintr task context switch support x86/process/64: Clean up uintr task fork and exit paths x86/uintr: Introduce vector registration and uintr_fd syscall x86/uintr: Introduce user IPI sender syscalls x86/uintr: Introduce uintr_wait() syscall x86/uintr: Wire up the user interrupt syscalls selftests/x86: Add basic tests for User IPI .../admin-guide/kernel-parameters.txt | 2 + Documentation/x86/index.rst | 1 + Documentation/x86/user-interrupts.rst | 107 +++ arch/x86/Kconfig | 12 + arch/x86/entry/syscalls/syscall_32.tbl | 6 + arch/x86/entry/syscalls/syscall_64.tbl | 6 + arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/disabled-features.h | 8 +- arch/x86/include/asm/entry-common.h | 4 + arch/x86/include/asm/fpu/types.h | 20 +- arch/x86/include/asm/fpu/xstate.h | 3 +- arch/x86/include/asm/hardirq.h | 4 + arch/x86/include/asm/idtentry.h | 5 + arch/x86/include/asm/irq_vectors.h | 6 +- arch/x86/include/asm/msr-index.h | 8 + arch/x86/include/asm/processor.h | 8 + arch/x86/include/asm/uintr.h | 76 ++ arch/x86/include/uapi/asm/processor-flags.h | 2 + arch/x86/kernel/Makefile | 1 + arch/x86/kernel/cpu/common.c | 61 ++ arch/x86/kernel/cpu/cpuid-deps.c | 1 + arch/x86/kernel/fpu/core.c | 17 + arch/x86/kernel/fpu/xstate.c | 20 +- arch/x86/kernel/idt.c | 4 + arch/x86/kernel/irq.c | 51 + arch/x86/kernel/process.c | 10 + arch/x86/kernel/process_64.c | 4 + arch/x86/kernel/uintr_core.c | 880 ++++++++++++++++++ arch/x86/kernel/uintr_fd.c | 300 ++++++ include/linux/syscalls.h | 8 + include/uapi/asm-generic/unistd.h | 15 +- kernel/sys_ni.c | 8 + scripts/checksyscalls.sh | 6 + tools/testing/selftests/x86/Makefile | 10 + tools/testing/selftests/x86/uintr.c | 147 +++ tools/uintr/manpages/0_overview.txt | 265 ++++++ tools/uintr/manpages/1_register_receiver.txt | 122 +++ .../uintr/manpages/2_unregister_receiver.txt | 62 ++ tools/uintr/manpages/3_create_fd.txt | 104 +++ tools/uintr/manpages/4_register_sender.txt | 121 +++ tools/uintr/manpages/5_unregister_sender.txt | 79 ++ tools/uintr/manpages/6_wait.txt | 59 ++ 42 files changed, 2626 insertions(+), 8 deletions(-) create mode 100644 Documentation/x86/user-interrupts.rst create mode 100644 arch/x86/include/asm/uintr.h create mode 100644 arch/x86/kernel/uintr_core.c create mode 100644 arch/x86/kernel/uintr_fd.c create mode 100644 tools/testing/selftests/x86/uintr.c create mode 100644 tools/uintr/manpages/0_overview.txt create mode 100644 tools/uintr/manpages/1_register_receiver.txt create mode 100644 tools/uintr/manpages/2_unregister_receiver.txt create mode 100644 tools/uintr/manpages/3_create_fd.txt create mode 100644 tools/uintr/manpages/4_register_sender.txt create mode 100644 tools/uintr/manpages/5_unregister_sender.txt create mode 100644 tools/uintr/manpages/6_wait.txt base-commit: 6880fa6c56601bb8ed59df6c30fd390cc5f6dd8f -- 2.33.0

3 years, 9 months

13
86
0 0

<> Advanced SEO plans <>

by Mehran

Off the shell SEO plans to increase your website`s SEO Metrics and Ranks within just 1 month See more details here https://liftmyrank.co/affordable-seo-services-small-businesses/ Unsubscribe: https://mgdots.co/unsubscribe/

3 years, 9 months

1
0
0 0

[PATCH v4 0/2] selftests: tpm2: Determine available PCR bank

by Stefan Berger

From: Stefan Berger <stefanb(a)linux.ibm.com> This series of patches fixes two issues with TPM2 selftest. - Determines available PCR banks for use by test cases - Resets DA lock on TPM2 to avoid subsequent test failures Stefan v4: - Switch to query TPM2_GET_CAP to determine the available PCR banks - Moved call to reset DA lock into finally branch at end of test - Dropped patch 3 v3: - Mention SHA-256 PCR bank as alternative in patch 1 description v2: - Clarified patch 1 description - Added patch 3 with support for SHA-384 and SHA-512 Stefan Berger (2): selftests: tpm2: Determine available PCR bank selftests: tpm2: Reset the dictionary attack lock tools/testing/selftests/tpm2/tpm2.py | 31 ++++++++++++++++++++++ tools/testing/selftests/tpm2/tpm2_tests.py | 31 ++++++++++++++++------ 2 files changed, 54 insertions(+), 8 deletions(-) -- 2.31.1

3 years, 9 months

3
12
0 0

[PATCH bpf-next] test: selftests: remove unused various in sockmap_verdict_prog.c

by menglong8.dong＠gmail.com

From: Menglong Dong <imagedong(a)tencent.com> 'lport' and 'rport' in bpf_prog1() of sockmap_verdict_prog.c is not used, just remove them. Signed-off-by: Menglong Dong <imagedong(a)tencent.com> --- tools/testing/selftests/bpf/progs/sockmap_parse_prog.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/sockmap_parse_prog.c b/tools/testing/selftests/bpf/progs/sockmap_parse_prog.c index 95d5b941bc1f..c9abfe3a11af 100644 --- a/tools/testing/selftests/bpf/progs/sockmap_parse_prog.c +++ b/tools/testing/selftests/bpf/progs/sockmap_parse_prog.c @@ -7,8 +7,6 @@ int bpf_prog1(struct __sk_buff *skb) { void *data_end = (void *)(long) skb->data_end; void *data = (void *)(long) skb->data; - __u32 lport = skb->local_port; - __u32 rport = skb->remote_port; __u8 *d = data; int err; -- 2.34.1

3 years, 9 months

3
2
0 0

[PATCH v2] kselftests/net: list all available tests in usage()

by Li Zhijian

So that users can run/query them easily. $ ./fcnal-test.sh -h usage: fcnal-test.sh OPTS -4 IPv4 tests only -6 IPv6 tests only -t <test> Test name/set to run -p Pause on fail -P Pause after each test -v Be verbose Tests: ipv4_ping ipv4_tcp ipv4_udp ipv4_bind ipv4_runtime ipv4_netfilter ipv6_ping ipv6_tcp ipv6_udp ipv6_bind ipv6_runtime ipv6_netfilter use_cases Suggested-by: David Ahern <dsahern(a)gmail.com> Signed-off-by: Li Zhijian <lizhijian(a)fujitsu.com> --- tools/testing/selftests/net/fcnal-test.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tools/testing/selftests/net/fcnal-test.sh b/tools/testing/selftests/net/fcnal-test.sh index 412d85205546..3f4c8cfe7aca 100755 --- a/tools/testing/selftests/net/fcnal-test.sh +++ b/tools/testing/selftests/net/fcnal-test.sh @@ -4059,6 +4059,9 @@ usage: ${0##*/} OPTS -p Pause on fail -P Pause after each test -v Be verbose + +Tests: + $TESTS_IPV4 $TESTS_IPV6 $TESTS_OTHER EOF } -- 2.33.0

3 years, 9 months

2
1
0 0

[PATCH v2 1/2] selftests: net: remove meaningless help option

by Li Zhijian

$ ./fcnal-test.sh -t help Test names: help Looks it intent to list the available tests but it didn't do the right thing. I will add another option the do that in the later patch. Signed-off-by: Li Zhijian <lizhijian(a)cn.fujitsu.com> --- tools/testing/selftests/net/fcnal-test.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/tools/testing/selftests/net/fcnal-test.sh b/tools/testing/selftests/net/fcnal-test.sh index 7f5b265fcb90..5cb59947eed2 100755 --- a/tools/testing/selftests/net/fcnal-test.sh +++ b/tools/testing/selftests/net/fcnal-test.sh @@ -4068,8 +4068,6 @@ do # setup namespaces and config, but do not run any tests setup) setup; exit 0;; vrf_setup) setup "yes"; exit 0;; - - help) echo "Test names: $TESTS"; exit 0;; esac done -- 2.33.0

3 years, 9 months

3
4
0 0

Good News Finally.

by Marcus Galois

Hello friend. You might find it so difficult to remember me, though it is indeed a very long time, I am much delighted to contact you again after a long period of time, I remember you despite circumstances that made things not worked out as we projected then. I want to inform you that the transaction we're doing together then finally worked out and I decided to contact you and to let you know because of your tremendous effort to make things work out then. Meanwhile I must inform you that I'm presently in Caribbean Island for numerous business negotiation with some partners. with my sincere heart i have decided to compensate you with USD$900,000 for your dedication then on our transaction, you tried so much that period and I appreciated your effort. I wrote a cheque/check on your name, as soon as you receive it, you let me know. Contact my secretary now on his email: mchristophdaniel(a)gmail.com Name: Mr. Christoph Daniel You are to forward to him your Name........ Address.......,Phone number......for shipment/dispatch of the cheque/Check to you Regards, Mr. Marcus Galois

3 years, 9 months

1
0
0 0

[PATCH] kselftests/net: adapt the timeout to the largest runtime

by Li Zhijian

timeout in settings is used by each case under the same directory, so it should adapt to the maximum runtime. A normally running net/fib_nexthops.sh may be killed by this unsuitable timeout. Furthermore, since the defect[1] of kselftests framework, net/fib_nexthops.sh which might take at least (300 * 4) seconds would block the whole kselftests framework previously. $ git grep -w 'sleep 300' tools/testing/selftests/net tools/testing/selftests/net/fib_nexthops.sh: sleep 300 tools/testing/selftests/net/fib_nexthops.sh: sleep 300 tools/testing/selftests/net/fib_nexthops.sh: sleep 300 tools/testing/selftests/net/fib_nexthops.sh: sleep 300 Enlarge the timeout by plus 300 based on the obvious largest runtime to avoid the blocking. [1]: https://www.spinics.net/lists/kernel/msg4185370.html Signed-off-by: Zhou Jie <zhoujie2011(a)fujitsu.com> Signed-off-by: Li Zhijian <lizhijian(a)fujitsu.com> --- tools/testing/selftests/net/settings | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/settings b/tools/testing/selftests/net/settings index 694d70710ff0..dfc27cdc6c05 100644 --- a/tools/testing/selftests/net/settings +++ b/tools/testing/selftests/net/settings @@ -1 +1 @@ -timeout=300 +timeout=1500 -- 2.33.0

3 years, 9 months

2
1
0 0

[PATCH v2] ksefltest: pidfd: Fix wait_states: Test terminated by timeout

by Li Zhijian

0Day/LKP observed that the kselftest blocks foever since one of the pidfd_wait doesn't terminate in 1 of 30 runs. After digging into the source, we found that it blocks at: ASSERT_EQ(sys_waitid(P_PIDFD, pidfd, &info, WCONTINUED, NULL), 0); we can reproduce it by: $ while true; do make run_tests -C pidfd; done Introduce a blocking read in child process to make sure the parent can check its WCONTINUED. CC: Philip Li <philip.li(a)intel.com> Reported-by: kernel test robot <lkp(a)intel.com> Signed-off-by: Li Zhijian <lizhijian(a)cn.fujitsu.com> --- V2: rewrite with pipe to avoid usleep --- tools/testing/selftests/pidfd/pidfd_wait.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/pidfd/pidfd_wait.c b/tools/testing/selftests/pidfd/pidfd_wait.c index be2943f072f6..d5c0ffa26c32 100644 --- a/tools/testing/selftests/pidfd/pidfd_wait.c +++ b/tools/testing/selftests/pidfd/pidfd_wait.c @@ -96,21 +96,26 @@ TEST(wait_states) .flags = CLONE_PIDFD | CLONE_PARENT_SETTID, .exit_signal = SIGCHLD, }; - int ret; + int ret, pfd[2]; pid_t pid; siginfo_t info = { .si_signo = 0, }; - + ASSERT_EQ(pipe(pfd), 0); pid = sys_clone3(&args); ASSERT_GE(pid, 0); if (pid == 0) { + char buf[2]; + close(pfd[1]); kill(getpid(), SIGSTOP); + ASSERT_EQ(read(pfd[0], buf, 1), 1); + close(pfd[0]); kill(getpid(), SIGSTOP); exit(EXIT_SUCCESS); } + close(pfd[0]); ASSERT_EQ(sys_waitid(P_PIDFD, pidfd, &info, WSTOPPED, NULL), 0); ASSERT_EQ(info.si_signo, SIGCHLD); ASSERT_EQ(info.si_code, CLD_STOPPED); @@ -119,6 +124,8 @@ TEST(wait_states) ASSERT_EQ(sys_pidfd_send_signal(pidfd, SIGCONT, NULL, 0), 0); ASSERT_EQ(sys_waitid(P_PIDFD, pidfd, &info, WCONTINUED, NULL), 0); + ASSERT_EQ(write(pfd[1], "C", 1), 1); + close(pfd[1]); ASSERT_EQ(info.si_signo, SIGCHLD); ASSERT_EQ(info.si_code, CLD_CONTINUED); ASSERT_EQ(info.si_pid, parent_tid); -- 2.33.0

3 years, 9 months

2
1
0 0

[PATCH v9 0/7] cgroup/cpuset: Add new cpuset partition type & empty effecitve cpus

by Waiman Long

v9: - Add a new patch 1 to remove the child cpuset restriction on parent's "cpuset.cpus". - Relax initial root partition entry limitation to allow cpuset.cpus to overlap that of parent's. - An "isolated invalid" displayed type is added to cpuset.cpus.partition. - Resetting partition root to "member" will leave child partition root as invalid. - Update documentation and test accordingly. v8: - Reorganize the patch series and rationalize the features and constraints of a partition. - Update patch descriptions and documentation accordingly. v7: - Simplify the documentation patch (patch 5) as suggested by Tejun. - Fix a typo in patch 2 and improper commit log in patch 3. This patchset includes one bug fix and four enhancements to the cpuset v2 code. Patch 1: Allow parent to set "cpuset.cpus" that may not be a superset of children's "cpuset.cpus" for default hierarchy. Patch 2: Enable partition with no task to have empty cpuset.cpus.effective. Patch 3: Refining the features and constraints of a cpuset partition clarifying what changes are allowed. Patch 4: Add a new partition state "isolated" to create a partition root without load balancing. This is for handling intermitten workloads that have a strict low latency requirement. Patch 5: Enable the "cpuset.cpus.partition" file to show the reason that causes invalid partition like "root invalid (No cpu available due to hotplug)". Patch 6 updates the cgroup-v2.rst file accordingly. Patch 7 adds a new cpuset test to test the new cpuset partition code. Waiman Long (7): cgroup/cpuset: Don't let child cpusets restrict parent in default hierarchy cgroup/cpuset: Allow no-task partition to have empty cpuset.cpus.effective cgroup/cpuset: Refining features and constraints of a partition cgroup/cpuset: Add a new isolated cpus.partition type cgroup/cpuset: Show invalid partition reason string cgroup/cpuset: Update description of cpuset.cpus.partition in cgroup-v2.rst kselftest/cgroup: Add cpuset v2 partition root state test Documentation/admin-guide/cgroup-v2.rst | 168 +++-- kernel/cgroup/cpuset.c | 440 +++++++----- tools/testing/selftests/cgroup/Makefile | 5 +- .../selftests/cgroup/test_cpuset_prs.sh | 667 ++++++++++++++++++ tools/testing/selftests/cgroup/wait_inotify.c | 87 +++ 5 files changed, 1142 insertions(+), 225 deletions(-) create mode 100755 tools/testing/selftests/cgroup/test_cpuset_prs.sh create mode 100644 tools/testing/selftests/cgroup/wait_inotify.c -- 2.27.0

3 years, 9 months

4
29
0 0

[PATCH] selftests: rtc: Increase test timeout so that all tests run

by Nícolas F. R. A. Prado

The timeout setting for the rtc kselftest is currently 90 seconds. However, two of the tests set alarms, which take one minute to complete each. So the timeout should be at least 120. Set it to 180, so that all tests are able to complete and still have some slack. Signed-off-by: Nícolas F. R. A. Prado <nfraprado(a)collabora.com> --- This issue was discovered as part of adding the rtc kselftest to run on KernelCI for the rk3399-gru-kevin device, which uses rtc-cros-ec as the RTC driver. The output log with the current timeout is shown in [1]. As can be seen, the whole test times out before the alarm_wkalm_set_minute test has had a chance to complete: # # RUN rtc.alarm_wkalm_set_minute ... # # rtctest.c:294:alarm_wkalm_set_minute:Alarm time now set to 11/01/2022 23:03:00. # not ok 1 selftests: rtc: rtctest # TIMEOUT 90 seconds With the increased timeout, as shown in [2], the alarm_wkalm_set_minute test does complete its run: # # RUN rtc.alarm_wkalm_set_minute ... # # rtctest.c:294:alarm_wkalm_set_minute:Alarm time now set to 12/01/2022 15:54:00. # # OK rtc.alarm_wkalm_set_minute # ok 7 rtc.alarm_wkalm_set_minute # # FAILED: 6 / 7 tests passed. The fact that the alarm_alm_set_minute test times out on its own is probably an issue with the rtc-cros-ec driver. Still, since the tests are independent, all of them should be able to run regardless of how long each one takes (so, assuming the worst case scenario). [1] https://lava.collabora.co.uk/scheduler/job/5409783 [2] https://lava.collabora.co.uk/scheduler/job/5415176 tools/testing/selftests/rtc/settings | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/rtc/settings b/tools/testing/selftests/rtc/settings index ba4d85f74cd6..a953c96aa16e 100644 --- a/tools/testing/selftests/rtc/settings +++ b/tools/testing/selftests/rtc/settings @@ -1 +1 @@ -timeout=90 +timeout=180 -- 2.34.1

3 years, 9 months

2
2
0 0

[PATCH v2 0/6] kunit: refactor assertions to use less stack

by Daniel Latypov

Every KUNIT_ASSERT/EXPECT() invocation puts a `kunit_assert` object onto the stack. The most common one is `kunit_binary_assert` which is 88 bytes on UML. So in the cases where the compiler doesn't optimize this away, we can very quickly blow up the stack size. This series implements Linus' suggestion in [1]. Namely, we split out the file, line number, and assert_type (EXPECT/ASSERT) out of kunit_assert. We can also drop the entirely unused `struct kunit *test` field, saving a bit more space as well. All together, sizeof(struct kunit_assert) went from 48 to 24 on UML. Note: the other assert types are bigger, see [2]. This series also adds in an example test that uses all the base KUNIT_EXPECT macros to both advertise their existence to new users and serve as a smoketest for all these changes here. [1] https://groups.google.com/g/kunit-dev/c/i3fZXgvBrfA/m/VULQg1z6BAAJ [2] e.g. consider the most commonly used assert (also the biggest) struct kunit_binary_assert { struct kunit_assert assert; const char *operation; const char *left_text; long long left_value; const char *right_text; long long right_value; }; So sizeof(struct kunit_binary_assert) = went from 88 to 64. I.e. only a 27% reduction instead of 50% in the most common case. All 3 of the `const char*` could be split out into a `static` var as well, but that's a bit trickier to do with how all the macros are written. === Changelog === v1 -> v2: * made the new example test more focused on documenting the macros rather than using them all as a smoketest * s/kunit_failed_assertion()/kunit_do_failed_assertion() * added `unlikely()` to `if(!(pass))` check in KUNIT_ASSERTION() Daniel Latypov (6): kunit: add example test case showing off all the expect macros kunit: move check if assertion passed into the macros kunit: drop unused kunit* field in kunit_assert kunit: factor out kunit_base_assert_format() call into kunit_fail() kunit: split out part of kunit_assert into a static const kunit: drop unused assert_type from kunit_assert and clean up macros include/kunit/assert.h | 88 +++++++++++----------------------- include/kunit/test.h | 53 ++++++++++---------- lib/kunit/assert.c | 15 ++---- lib/kunit/kunit-example-test.c | 42 ++++++++++++++++ lib/kunit/test.c | 27 +++++------ 5 files changed, 117 insertions(+), 108 deletions(-) base-commit: ad659ccb5412874c6a89d3588cb18857c00e9d0f -- 2.34.1.575.g55b058a8bb-goog

3 years, 9 months

3
13
0 0

[PATCH 0/6] kunit: refactor assertions to use less stack

by Daniel Latypov

Every KUNIT_ASSERT/EXPECT() invocation puts a `kunit_assert` object onto the stack. The most common one is `kunit_binary_assert` which is 88 bytes on UML. So in the cases where the compiler doesn't optimize this away, we can very quickly blow up the stack size. This series implements Linus' suggestion in [1]. Namely, we split out the file, line number, and assert_type (EXPECT/ASSERT) out of kunit_assert. We can also drop the entirely unused `struct kunit *test` field, saving a bit more space as well. All together, sizeof(struct kunit_assert) went from 48 to 24 on UML. Note: the other assert types are bigger, see [2]. This series also adds in an example test that uses all the KUNIT_EXPECT macros to both advertise their existence to new users and serve as a smoketest for all these changes here. [1] https://groups.google.com/g/kunit-dev/c/i3fZXgvBrfA/m/VULQg1z6BAAJ [2] e.g. consider the most commonly used assert (also the biggest) struct kunit_binary_assert { struct kunit_assert assert; const char *operation; const char *left_text; long long left_value; const char *right_text; long long right_value; }; So sizeof(struct kunit_binary_assert) = went from 88 to 64. I.e. only a 27% reduction instead of 50% in the most common case. All 3 of the `const char*` could be split out into a `static` var as well, but that's a bit trickier to do with how all the macros are written. Daniel Latypov (6): kunit: add example test case showing off all the expect macros kunit: move check if assertion passed into the macros kunit: drop unused kunit* field in kunit_assert kunit: factor out kunit_base_assert_format() call into kunit_fail() kunit: split out part of kunit_assert into a static const kunit: drop unused assert_type from kunit_assert and clean up macros include/kunit/assert.h | 88 +++++++++++----------------------- include/kunit/test.h | 52 ++++++++++---------- lib/kunit/assert.c | 15 ++---- lib/kunit/kunit-example-test.c | 46 ++++++++++++++++++ lib/kunit/test.c | 27 +++++------ 5 files changed, 120 insertions(+), 108 deletions(-) base-commit: ad659ccb5412874c6a89d3588cb18857c00e9d0f -- 2.34.1.575.g55b058a8bb-goog

3 years, 9 months

3
24
0 0

[PATCH 1/2] selftests/lkdtm: Remove dead config option

by Muhammad Usama Anjum

CONFIG_HARDENED_USERCOPY_FALLBACK config option has been removed in commit 53944f171a89 ("mm: remove HARDENED_USERCOPY_FALLBACK"). Remove it from the lkdtm selftest config. Signed-off-by: Muhammad Usama Anjum <usama.anjum(a)collabora.com> --- tools/testing/selftests/lkdtm/config | 1 - 1 file changed, 1 deletion(-) diff --git a/tools/testing/selftests/lkdtm/config b/tools/testing/selftests/lkdtm/config index a26a3fa9e925..a7a58f885f52 100644 --- a/tools/testing/selftests/lkdtm/config +++ b/tools/testing/selftests/lkdtm/config @@ -3,7 +3,6 @@ CONFIG_DEBUG_LIST=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_FORTIFY_SOURCE=y CONFIG_HARDENED_USERCOPY=y -# CONFIG_HARDENED_USERCOPY_FALLBACK is not set CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y CONFIG_UBSAN_BOUNDS=y -- 2.30.2

3 years, 9 months

1
1
0 0

Wycena paneli fotowoltaicznych

by Jakub Daroch

Dzień dobry, dostrzegam możliwość współpracy z Państwa firmą. Świadczymy kompleksową obsługę inwestycji w fotowoltaikę, która obniża koszty energii elektrycznej nawet o 90%. Czy są Państwo zainteresowani weryfikacją wstępnych propozycji? Pozdrawiam, Jakub Daroch

3 years, 9 months

1
0
0 0

[PATCH v2 2/2] selftests: tpm: add async space test with noneexisting handle

by Tadeusz Struk

Add a test for /dev/tpmrm0 in async mode that checks if the code handles invalid handles correctly. Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Cc: Shuah Khan <shuah(a)kernel.org> Cc: <linux-integrity(a)vger.kernel.org> Cc: <linux-kselftest(a)vger.kernel.org> Cc: <linux-kernel(a)vger.kernel.org> Signed-off-by: Tadeusz Struk <tstruk(a)gmail.com> --- Changes in v2: - Updated commit message --- tools/testing/selftests/tpm2/tpm2_tests.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tools/testing/selftests/tpm2/tpm2_tests.py b/tools/testing/selftests/tpm2/tpm2_tests.py index 9d764306887b..b373b0936e40 100644 --- a/tools/testing/selftests/tpm2/tpm2_tests.py +++ b/tools/testing/selftests/tpm2/tpm2_tests.py @@ -302,3 +302,19 @@ class AsyncTest(unittest.TestCase): log.debug("Calling get_cap in a NON_BLOCKING mode") async_client.get_cap(tpm2.TPM2_CAP_HANDLES, tpm2.HR_LOADED_SESSION) async_client.close() + + def test_flush_invlid_context(self): + log = logging.getLogger(__name__) + log.debug(sys._getframe().f_code.co_name) + + async_client = tpm2.Client(tpm2.Client.FLAG_SPACE | tpm2.Client.FLAG_NONBLOCK) + log.debug("Calling flush_context passing in an invalid handle ") + handle = 0x80123456 + rc = 0 + try: + async_client.flush_context(handle) + except OSError as e: + rc = e.errno + + self.assertEqual(rc, 22) + async_client.close() -- 2.30.2

3 years, 9 months

1
0
0 0

[PATCH -next] KVM: selftests: remove unneeded semicolon

by Yang Li

Eliminate the following coccicheck warning: ./tools/testing/selftests/kvm/lib/riscv/processor.c:353:3-4: Unneeded semicolon Reported-by: Abaci Robot <abaci(a)linux.alibaba.com> Signed-off-by: Yang Li <yang.lee(a)linux.alibaba.com> --- tools/testing/selftests/kvm/lib/riscv/processor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/riscv/processor.c b/tools/testing/selftests/kvm/lib/riscv/processor.c index d377f2603d98..e8d7cda99472 100644 --- a/tools/testing/selftests/kvm/lib/riscv/processor.c +++ b/tools/testing/selftests/kvm/lib/riscv/processor.c @@ -350,7 +350,7 @@ void vcpu_args_set(struct kvm_vm *vm, uint32_t vcpuid, unsigned int num, ...) case 7: id = RISCV_CORE_REG(regs.a7); break; - }; + } set_reg(vm, vcpuid, id, va_arg(ap, uint64_t)); } -- 2.20.1.7.g153144c

3 years, 9 months

1
0
0 0

[GIT PULL] KUnit update for Linux 5.17-rc1

by Shuah Khan

Hi Linus, Please pull the following KUnit update for Linux 5.17-rc1. This KUnit update for Linux 5.17-rc1 consists of several fixes and enhancements. A few highlights: - Option --kconfig_add option allows easily tweaking kunitconfigs - make build subcommand can reconfigure if needed - doesn't error on tests without test plans - doesn't crash if no parameters are generated - defaults --jobs to # of cups - reports test parameter results as (K)TAP subtests diff is attached. thanks, -- Shuah ---------------------------------------------------------------- The following changes since commit fa55b7dcdc43c1aa1ba12bca9d2dd4318c2a0dbf: Linux 5.16-rc1 (2021-11-14 13:56:52 -0800) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest tags/linux-kselftest-kunit-5.17-rc1 for you to fetch changes up to ad659ccb5412874c6a89d3588cb18857c00e9d0f: kunit: tool: Default --jobs to number of CPUs (2021-12-15 16:44:55 -0700) ---------------------------------------------------------------- linux-kselftest-kunit-5.17-rc1 This KUnit update for Linux 5.17-rc1 consists of several fixes and enhancements. A few highlights: - Option --kconfig_add option allows easily tweaking kunitconfigs - make build subcommand can reconfigure if needed - doesn't error on tests without test plans - doesn't crash if no parameters are generated - defaults --jobs to # of cups - reports test parameter results as (K)TAP subtests ---------------------------------------------------------------- Daniel Latypov (13): kunit: tool: fix --json output for skipped tests Documentation: kunit: remove claims that kunit is a mocking framework kunit: add run_checks.py script to validate kunit changes kunit: tool: print parsed test results fully incrementally kunit: tool: move Kconfig read_from_file/parse_from_string to package-level kunit: tool: add --kconfig_add to allow easily tweaking kunitconfigs kunit: tool: revamp message for invalid kunitconfig kunit: tool: reconfigure when the used kunitconfig changes kunit: tool: suggest using decode_stacktrace.sh on kernel crash kunit: tool: use dataclass instead of collections.namedtuple kunit: tool: delete kunit_parser.TestResult type kunit: tool: make `build` subcommand also reconfigure if needed kunit: tool: fix newly introduced typechecker errors David Gow (5): kunit: tool: Do not error on tests without test plans kunit: tool: Report an error if any test has no subtests kunit: Don't crash if no parameters are generated kunit: Report test parameter results as (K)TAP subtests kunit: tool: Default --jobs to number of CPUs Documentation/dev-tools/kunit/api/index.rst | 3 +- Documentation/dev-tools/kunit/api/test.rst | 3 +- Documentation/dev-tools/kunit/index.rst | 2 +- Documentation/dev-tools/kunit/start.rst | 8 +- lib/kunit/test.c | 25 +-- tools/testing/kunit/kunit.py | 182 ++++++++++++--------- tools/testing/kunit/kunit_config.py | 61 +++---- tools/testing/kunit/kunit_json.py | 8 +- tools/testing/kunit/kunit_kernel.py | 76 ++++++--- tools/testing/kunit/kunit_parser.py | 57 ++++--- tools/testing/kunit/kunit_tool_test.py | 171 ++++++++++++++++--- tools/testing/kunit/run_checks.py | 81 +++++++++ .../test_is_test_passed-no_tests_no_plan.log | 7 + 13 files changed, 480 insertions(+), 204 deletions(-) create mode 100755 tools/testing/kunit/run_checks.py create mode 100644 tools/testing/kunit/test_data/test_is_test_passed-no_tests_no_plan.log ----------------------------------------------------------------

3 years, 9 months

2
1
0 0

[GIT PULL] seccomp updates for v5.17-rc1

by Kees Cook

Hi Linus, Please pull these seccomp selftest updates for v5.17-rc1. The core seccomp code hasn't changed for this cycle, but the selftests were improved while helping to debug the recent signal handling refactoring work Eric did. Thanks! -Kees The following changes since commit d9bbdbf324cda23aa44873f505be77ed4b61d79c: x86: deduplicate the spectre_v2_user documentation (2021-10-04 12:12:57 -0700) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/seccomp-v5.17-rc1 for you to fetch changes up to 1e6d69c7b9cd7735bbf4c6754ccbb9cce8bd8ff4: selftests/seccomp: Report event mismatches more clearly (2021-11-03 12:02:07 -0700) ---------------------------------------------------------------- seccomp updates for v5.17-rc1 - Improve seccomp selftests in support of signal handler refactoring (Kees Cook) ---------------------------------------------------------------- Kees Cook (2): selftests/seccomp: Stop USER_NOTIF test if kcmp() fails selftests/seccomp: Report event mismatches more clearly tools/testing/selftests/seccomp/seccomp_bpf.c | 56 ++++++++++++++++++++++++--- 1 file changed, 50 insertions(+), 6 deletions(-) -- Kees Cook

3 years, 9 months

2
1
0 0

[GIT PULL] Kselftest update for Linux 5.17-rc1

by Shuah Khan

Hi Linus, Please pull the following Kselftest update for Linux 5.17-rc1 This Kselftest update for Linux 5.17-rc1 consists of fixes to build errors, false negatives, and several code cleanups, including the ARRAY_SIZE cleanup that removes 25+ duplicates ARRAY_SIZE defines from individual tests. diff is attached. thanks, -- Shuah ---------------------------------------------------------------- The following changes since commit 0fcfb00b28c0b7884635dacf38e46d60bf3d4eb1: Linux 5.16-rc4 (2021-12-05 14:08:22 -0800) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest tags/linux-kselftest-next-5.17-rc1 for you to fetch changes up to e89908201e2509354c40158b517945bf3d645812: selftests/vm: remove ARRAY_SIZE define from individual tests (2021-12-10 17:51:25 -0700) ---------------------------------------------------------------- linux-kselftest-next-5.17-rc1 This Kselftest update for Linux 5.17-rc1 consists of fixes to build errors, false negatives, and several code cleanups, including the ARRAY_SIZE cleanup that removes 25+ duplicates ARRAY_SIZE defines from individual tests. ---------------------------------------------------------------- Anders Roxell (2): selftests: clone3: clone3: add case CLONE3_ARGS_NO_TEST selftests: cgroup: build error multiple outpt files Heiko Carstens (1): selftests/ftrace: make kprobe profile testcase description unique Jakub Kicinski (1): selftests: harness: avoid false negatives if test has no ASSERTs Shuah Khan (12): tools: fix ARRAY_SIZE defines in tools and selftests hdrs selftests/arm64: remove ARRAY_SIZE define from vec-syscfg.c selftests/cgroup: remove ARRAY_SIZE define from cgroup_util.h selftests/core: remove ARRAY_SIZE define from close_range_test.c selftests/ir: remove ARRAY_SIZE define from ir_loopback.c selftests/landlock: remove ARRAY_SIZE define from common.h selftests/net: remove ARRAY_SIZE define from individual tests selftests/rseq: remove ARRAY_SIZE define from individual tests selftests/seccomp: remove ARRAY_SIZE define from seccomp_benchmark selftests/sparc64: remove ARRAY_SIZE define from adi-test selftests/timens: remove ARRAY_SIZE define from individual tests selftests/vm: remove ARRAY_SIZE define from individual tests Yang Guang (2): selftests/mount: remove unneeded conversion to bool selftests/move_mount_set_group remove unneeded conversion to bool Zhang Mingyu (2): kselftests: timers:Remove unneeded semicolon selftests: timers: Remove unneeded semicolon tools/include/linux/kernel.h | 2 ++ tools/testing/selftests/arm64/fp/vec-syscfg.c | 2 -- tools/testing/selftests/cgroup/Makefile | 12 +++++++----- tools/testing/selftests/cgroup/cgroup_util.h | 4 ++-- tools/testing/selftests/clone3/clone3.c | 6 ++++++ tools/testing/selftests/core/close_range_test.c | 4 ---- tools/testing/selftests/ftrace/test.d/kprobe/profile.tc | 2 +- tools/testing/selftests/ir/ir_loopback.c | 1 - tools/testing/selftests/kselftest.h | 4 ++++ tools/testing/selftests/kselftest_harness.h | 4 +++- tools/testing/selftests/landlock/common.h | 4 ---- tools/testing/selftests/lib.mk | 2 +- tools/testing/selftests/mount/unprivileged-remount-test.c | 4 ++-- .../move_mount_set_group/move_mount_set_group_test.c | 10 +++++----- tools/testing/selftests/net/gro.c | 3 ++- tools/testing/selftests/net/ipsec.c | 1 - tools/testing/selftests/net/reuseport_bpf.c | 4 +--- tools/testing/selftests/net/rxtimestamp.c | 2 +- tools/testing/selftests/net/socket.c | 3 ++- tools/testing/selftests/net/tcp_fastopen_backup_key.c | 6 ++---- tools/testing/selftests/rseq/basic_percpu_ops_test.c | 3 +-- tools/testing/selftests/rseq/rseq.c | 3 +-- tools/testing/selftests/seccomp/seccomp_benchmark.c | 2 +- tools/testing/selftests/sparc64/drivers/adi-test.c | 4 ---- tools/testing/selftests/timens/procfs.c | 2 -- tools/testing/selftests/timens/timens.c | 2 -- tools/testing/selftests/timers/alarmtimer-suspend.c | 2 +- tools/testing/selftests/timers/inconsistency-check.c | 2 +- tools/testing/selftests/vm/mremap_test.c | 1 - tools/testing/selftests/vm/pkey-helpers.h | 3 ++- tools/testing/selftests/vm/va_128TBswitch.c | 2 +- 31 files changed, 49 insertions(+), 57 deletions(-) ----------------------------------------------------------------

3 years, 9 months

2
1
0 0

[RFC PATCH v2 2/2] selftests: rseq: test abort-at-ip extension on x86

by Mathieu Desnoyers

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: linux-kselftest(a)vger.kernel.org --- tools/testing/selftests/rseq/.gitignore | 1 + tools/testing/selftests/rseq/Makefile | 3 +- tools/testing/selftests/rseq/rseq.c | 21 ++ tools/testing/selftests/rseq/rseq.h | 12 + .../selftests/rseq/rseq_ext_abort_at_ip.c | 285 ++++++++++++++++++ 5 files changed, 321 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/rseq/rseq_ext_abort_at_ip.c diff --git a/tools/testing/selftests/rseq/.gitignore b/tools/testing/selftests/rseq/.gitignore index 5910888ebfe1..472152afab77 100644 --- a/tools/testing/selftests/rseq/.gitignore +++ b/tools/testing/selftests/rseq/.gitignore @@ -5,3 +5,4 @@ basic_rseq_op_test param_test param_test_benchmark param_test_compare_twice +rseq_ext_abort_at_ip diff --git a/tools/testing/selftests/rseq/Makefile b/tools/testing/selftests/rseq/Makefile index 2af9d39a9716..dae0dba7552b 100644 --- a/tools/testing/selftests/rseq/Makefile +++ b/tools/testing/selftests/rseq/Makefile @@ -13,7 +13,8 @@ LDLIBS += -lpthread OVERRIDE_TARGETS = 1 TEST_GEN_PROGS = basic_test basic_percpu_ops_test param_test \ - param_test_benchmark param_test_compare_twice + param_test_benchmark param_test_compare_twice \ + rseq_ext_abort_at_ip TEST_GEN_PROGS_EXTENDED = librseq.so diff --git a/tools/testing/selftests/rseq/rseq.c b/tools/testing/selftests/rseq/rseq.c index 7159eb777fd3..3e012f581ddb 100644 --- a/tools/testing/selftests/rseq/rseq.c +++ b/tools/testing/selftests/rseq/rseq.c @@ -73,6 +73,27 @@ static int sys_rseq(volatile struct rseq *rseq_abi, uint32_t rseq_len, return syscall(__NR_rseq, rseq_abi, rseq_len, flags, sig); } +/* + * Return 0 if extension is available, negative error otherwise. + */ +int rseq_query_extension(enum rseq_extension ext) +{ + int ret; + unsigned int flags; + + switch (ext) { + case RSEQ_EXT_ABORT_AT_IP: + flags = RSEQ_FLAG_QUERY_ABORT_AT_IP; + break; + default: + return -EINVAL; + } + ret = sys_rseq(NULL, 0, flags, 0); + if (!ret) + return 0; + return -errno; +} + int rseq_register_current_thread(void) { int rc, ret = 0; diff --git a/tools/testing/selftests/rseq/rseq.h b/tools/testing/selftests/rseq/rseq.h index 3f63eb362b92..34c80402c078 100644 --- a/tools/testing/selftests/rseq/rseq.h +++ b/tools/testing/selftests/rseq/rseq.h @@ -67,6 +67,12 @@ extern int __rseq_handled; abort(); \ } while (0) +enum rseq_extension { + RSEQ_EXT_ABORT_AT_IP = 0, +}; + +#define ASM_RSEQ_CS_FLAG_ABORT_AT_IP (1U << 3) + #if defined(__x86_64__) || defined(__i386__) #include <rseq-x86.h> #elif defined(__ARMEL__) @@ -162,4 +168,10 @@ static inline void rseq_prepare_unload(void) rseq_clear_rseq_cs(); } +/* + * Query whether rseq extension is available. Return 0 if available, negative + * error value otherwise. + */ +int rseq_query_extension(enum rseq_extension ext); + #endif /* RSEQ_H_ */ diff --git a/tools/testing/selftests/rseq/rseq_ext_abort_at_ip.c b/tools/testing/selftests/rseq/rseq_ext_abort_at_ip.c new file mode 100644 index 000000000000..4cddf7433cc3 --- /dev/null +++ b/tools/testing/selftests/rseq/rseq_ext_abort_at_ip.c @@ -0,0 +1,285 @@ +// SPDX-License-Identifier: LGPL-2.1 +/* + * RSEQ abort-at-ip extension test. + * + * The test test_abort_at_ip_loop() implements an infinite loop which only exits when + * aborted. This rseq critical section is defined with the abort-at-ip + * extension, which requires the userspace abort handler to reajust the stack pointer. + * This test validates that the abort-at-ip value is within the address range of the + * rseq critical section. + * + * The test test_abort_at_ip_undo() validates that when aborted between two + * consecutive increments of two distinct variables, those variables are indeed one + * value apart. This validates that abort undo operations based on the abort-at-ip + * work as expected. + */ + +#define _GNU_SOURCE +#include <assert.h> +#include <sched.h> +#include <signal.h> +#include <stdio.h> +#include <string.h> +#include <sys/time.h> + +#include "rseq.h" + +const int nr_iter = 10; + +#ifdef __x86_64__ +static void test_abort_at_ip_loop(void) +{ + void *abort_ip_addr, *abort_ip_start, *abort_ip_end; + + printf("Testing abort_at_ip infinite loop\n"); + + __asm__ __volatile__ goto ( + __RSEQ_ASM_DEFINE_TABLE(3, 0x0, ASM_RSEQ_CS_FLAG_ABORT_AT_IP, 1f, (2f - 1f), 4f) /* start, post_commit_offset, abort */ + /* Start rseq by storing table entry pointer into rseq_cs. */ + RSEQ_ASM_STORE_RSEQ_CS(1, 3b, RSEQ_CS_OFFSET(%[rseq_abi])) + "rep; nop\n\t" /* cpu_relax for busy loop. */ + "jmp 1b\n\t" /* infinite loop. */ + "2:\n\t" + RSEQ_ASM_DEFINE_ABORT(4, + /* abort-at-ip must be pop from the stack. */ + "popq %%rcx\n\t" + "addq $128, %%rsp\n\t" /* x86-64 redzone */ + "movq %%rcx, %[abort_ip_addr]\n\t" + "lea 1b(%%rip), %%rcx\n\t" + "movq %%rcx, %[abort_ip_start]\n\t" + "lea 2b(%%rip), %%rcx\n\t" + "movq %%rcx, %[abort_ip_end]\n\t", + abort) + : /* gcc asm goto does not allow outputs */ + : [rseq_abi] "r" (&__rseq_abi), + [abort_ip_addr] "m" (abort_ip_addr), + [abort_ip_start] "m" (abort_ip_start), + [abort_ip_end] "m" (abort_ip_end) + : "memory", "cc", "rcx" + : abort + ); + fprintf(stderr, "Error: infinite loop should never exit gracefully.\n"); + abort(); + +abort: + printf("Critical section aborted (as expected) at ip %p, within range [%p,%p[\n", + abort_ip_addr, abort_ip_start, abort_ip_end); + if (abort_ip_addr < abort_ip_start || abort_ip_addr >= abort_ip_end) { + fprintf(stderr, "Error: abort-ip is outside of expected range\n"); + abort(); + } +} + +static void test_abort_at_ip_undo(void) +{ + void *abort_ip_addr, *abort_ip_start, *abort_ip_end, *ip_after_first_inc, *ip_after_second_inc; + unsigned long v[2] = { 0, 0 }; + + printf("Testing abort_at_ip undo\n"); + + __asm__ __volatile__ goto ( + __RSEQ_ASM_DEFINE_TABLE(3, 0x0, ASM_RSEQ_CS_FLAG_ABORT_AT_IP, 1f, (2f - 1f), 4f) /* start, post_commit_offset, abort */ + /* Start rseq by storing table entry pointer into rseq_cs. */ + RSEQ_ASM_STORE_RSEQ_CS(1, 3b, RSEQ_CS_OFFSET(%[rseq_abi])) + "incq %[v0]\n\t" + "10:\n\t" + "rep; nop\n\t" + "incq %[v1]\n\t" + "20:\n\t" + "rep; nop\n\t" + "jmp 1b\n\t" /* infinite loop. */ + "2:\n\t" + RSEQ_ASM_DEFINE_ABORT(4, + /* abort-at-ip must be pop from the stack. */ + "popq %%rcx\n\t" + "addq $128, %%rsp\n\t" /* x86-64 redzone */ + "movq %%rcx, %[abort_ip_addr]\n\t" + "lea 1b(%%rip), %%rcx\n\t" + "movq %%rcx, %[abort_ip_start]\n\t" + "lea 2b(%%rip), %%rcx\n\t" + "movq %%rcx, %[abort_ip_end]\n\t" + "lea 10b(%%rip), %%rcx\n\t" + "movq %%rcx, %[ip_after_first_inc]\n\t" + "lea 20b(%%rip), %%rcx\n\t" + "movq %%rcx, %[ip_after_second_inc]\n\t", + abort) + : /* gcc asm goto does not allow outputs */ + : [rseq_abi] "r" (&__rseq_abi), + [abort_ip_addr] "m" (abort_ip_addr), + [abort_ip_start] "m" (abort_ip_start), + [abort_ip_end] "m" (abort_ip_end), + [ip_after_first_inc] "m" (ip_after_first_inc), + [ip_after_second_inc] "m" (ip_after_second_inc), + [v0] "m" (v[0]), + [v1] "m" (v[1]) + : "memory", "cc", "rcx" + : abort + ); + fprintf(stderr, "Error: infinite loop should never exit gracefully.\n"); + abort(); + +abort: + printf("Critical section aborted (as expected) at ip %p, within range [%p,%p[\n", + abort_ip_addr, abort_ip_start, abort_ip_end); + if (abort_ip_addr < abort_ip_start || abort_ip_addr >= abort_ip_end) { + fprintf(stderr, "Error: abort-ip is outside of expected range\n"); + abort(); + } + printf("ip after first inc: %p, ip after second inc: %p\n", + ip_after_first_inc, ip_after_second_inc); + printf("Counter values: v0: %lu v1: %lu\n", v[0], v[1]); + if (abort_ip_addr < ip_after_first_inc || abort_ip_addr >= ip_after_second_inc) { + if (v[0] != v[1]) + abort(); + } else { + if (v[0] != v[1] + 1) + abort(); + } +} +#elif defined (__i386__) +static void test_abort_at_ip_loop(void) +{ + void *abort_ip_addr, *abort_ip_start, *abort_ip_end; + + printf("Testing abort_at_ip infinite loop\n"); + + __asm__ __volatile__ goto ( + __RSEQ_ASM_DEFINE_TABLE(3, 0x0, ASM_RSEQ_CS_FLAG_ABORT_AT_IP, 1f, (2f - 1f), 4f) /* start, post_commit_offset, abort */ + /* Start rseq by storing table entry pointer into rseq_cs. */ + RSEQ_ASM_STORE_RSEQ_CS(1, 3b, RSEQ_CS_OFFSET(%[rseq_abi])) + "rep; nop\n\t" /* cpu_relax for busy loop. */ + "jmp 1b\n\t" /* infinite loop. */ + "2:\n\t" + RSEQ_ASM_DEFINE_ABORT(4, + /* abort-at-ip must be pop from the stack. */ + "popl %%ecx\n\t" + "movl %%ecx, %[abort_ip_addr]\n\t" + "movl $1b, %%ecx\n\t" + "movl %%ecx, %[abort_ip_start]\n\t" + "movl $2b, %%ecx\n\t" + "movl %%ecx, %[abort_ip_end]\n\t", + abort) + : /* gcc asm goto does not allow outputs */ + : [rseq_abi] "r" (&__rseq_abi), + [abort_ip_addr] "m" (abort_ip_addr), + [abort_ip_start] "m" (abort_ip_start), + [abort_ip_end] "m" (abort_ip_end) + : "memory", "cc", "ecx" + : abort + ); + fprintf(stderr, "Error: infinite loop should never exit gracefully.\n"); + abort(); + +abort: + printf("Critical section aborted (as expected) at ip %p, within range [%p,%p[\n", + abort_ip_addr, abort_ip_start, abort_ip_end); + if (abort_ip_addr < abort_ip_start || abort_ip_addr >= abort_ip_end) { + fprintf(stderr, "Error: abort-ip is outside of expected range\n"); + abort(); + } +} + +static void test_abort_at_ip_undo(void) +{ + void *abort_ip_addr, *abort_ip_start, *abort_ip_end, *ip_after_first_inc, *ip_after_second_inc; + unsigned long v[2] = { 0, 0 }; + + printf("Testing abort_at_ip undo\n"); + + __asm__ __volatile__ goto ( + __RSEQ_ASM_DEFINE_TABLE(3, 0x0, ASM_RSEQ_CS_FLAG_ABORT_AT_IP, 1f, (2f - 1f), 4f) /* start, post_commit_offset, abort */ + /* Start rseq by storing table entry pointer into rseq_cs. */ + RSEQ_ASM_STORE_RSEQ_CS(1, 3b, RSEQ_CS_OFFSET(%[rseq_abi])) + "incl %[v0]\n\t" + "10:\n\t" + "rep; nop\n\t" + "incl %[v1]\n\t" + "20:\n\t" + "rep; nop\n\t" + "jmp 1b\n\t" /* infinite loop. */ + "2:\n\t" + RSEQ_ASM_DEFINE_ABORT(4, + /* abort-at-ip must be pop from the stack. */ + "popl %%ecx\n\t" + "movl %%ecx, %[abort_ip_addr]\n\t" + "movl $1b, %%ecx\n\t" + "movl %%ecx, %[abort_ip_start]\n\t" + "movl $2b, %%ecx\n\t" + "movl %%ecx, %[abort_ip_end]\n\t" + "movl $10b, %%ecx\n\t" + "movl %%ecx, %[ip_after_first_inc]\n\t" + "movl $20b, %%ecx\n\t" + "movl %%ecx, %[ip_after_second_inc]\n\t", + abort) + : /* gcc asm goto does not allow outputs */ + : [rseq_abi] "r" (&__rseq_abi), + [abort_ip_addr] "m" (abort_ip_addr), + [abort_ip_start] "m" (abort_ip_start), + [abort_ip_end] "m" (abort_ip_end), + [ip_after_first_inc] "m" (ip_after_first_inc), + [ip_after_second_inc] "m" (ip_after_second_inc), + [v0] "m" (v[0]), + [v1] "m" (v[1]) + : "memory", "cc", "rcx" + : abort + ); + fprintf(stderr, "Error: infinite loop should never exit gracefully.\n"); + abort(); + +abort: + printf("Critical section aborted (as expected) at ip %p, within range [%p,%p[\n", + abort_ip_addr, abort_ip_start, abort_ip_end); + if (abort_ip_addr < abort_ip_start || abort_ip_addr >= abort_ip_end) { + fprintf(stderr, "Error: abort-ip is outside of expected range\n"); + abort(); + } + printf("ip after first inc: %p, ip after second inc: %p\n", + ip_after_first_inc, ip_after_second_inc); + printf("Counter values: v0: %lu v1: %lu\n", v[0], v[1]); + if (abort_ip_addr < ip_after_first_inc || abort_ip_addr >= ip_after_second_inc) { + if (v[0] != v[1]) + abort(); + } else { + if (v[0] != v[1] + 1) + abort(); + } +} +#else +static void test_abort_at_ip_loop(void) +{ + abort(); +} +static void test_abort_at_ip_undo(void) +{ + abort(); +} +#endif + +int main(int argc, char **argv) +{ + int i; + + if (rseq_register_current_thread()) { + fprintf(stderr, "Error: rseq_register_current_thread(...) failed(%d): %s\n", + errno, strerror(errno)); + goto init_thread_error; + } + printf("testing abort-at-ip extension\n"); + if (rseq_query_extension(RSEQ_EXT_ABORT_AT_IP) != 0) { + fprintf(stderr, "RSEQ abort-at-ip extension is not supported, skipping test.\n"); + return 0; + } + for (i = 0; i < nr_iter; i++) + test_abort_at_ip_loop(); + for (i = 0; i < nr_iter; i++) + test_abort_at_ip_undo(); + if (rseq_unregister_current_thread()) { + fprintf(stderr, "Error: rseq_unregister_current_thread(...) failed(%d): %s\n", + errno, strerror(errno)); + goto init_thread_error; + } + return 0; + +init_thread_error: + return -1; +} -- 2.17.1

3 years, 9 months

1
0
0 0

Contact GT Bank-Benin to receive your transfer amount of $18.5m US Dollars.

by Barr Robert Richter

Attn,Dear I need you to know that the fear of the LORD is the beginning of wisdom, and knowledge of the Holy One is understanding. As power of God Most High. And This is the confidence we have in approaching God, that if we ask anything according to his will, he hears us. I will make you know that Slow and steady wins the race. It is your turn to receive your overdue compensation funds total amount $18.5Milion USD. I actualized that you will receive your transfer today without any more delay No More fee OK, Believe me , I am your Attorney standing here on your favor. I just concluded conversation with the Gt Bank Director, Mrs Mary Gate And She told me that your transfer is ready today So the Bank Asked you to contact them immediately by re-confirming your Bank details asap. Because this is the Only thing holding this transfer If you did not trust me and Mrs Mary Gate,Who Else will you Trust? For we are the ones trying to protect your funds here and make sure that your funds is secure. So Promisingly, I am here to assure you, that Grate Miracle is coming on your way, and this funds total amount of $18.500,000 is your compensation, entitlement inheritance overdue funds on your name. Which you cannot let anything delay you from receiving your funds now, Finally i advised you to try your possible best and contact Gt Bank Benin once you get this message to receive your transfer $18.5 USD today. I know that a journey of thousand miles begins with a single step. Always put your best foot forward Try as hard as you can, God give you best. take my advice and follow the due process of your payment, the transfer will be released to you smoothly without any hitches or hindrance. Contact DR.MRS MARY GATE, Director Gt bank-Benin to receive your transfer amount of $18.5m US Dollars It was deposited and registered to your name this morning. Contact the Bank now to know when they will transfer to your country today Email id: gtbank107(a)yahoo.com Tel/mobile, +229 99069872 Contact person, Mrs Mary Gate,Director Gt bank-Benin. Among the blind the one-eyed man is king As you sow, so you shall reap, i want you to receive your funds Best things in life are free Send to her your Bank Details as i listed here. Your account name------------- Your Bank Name---------------- Account Number---------- your Bank address---------- Country----------- Your private phone number--------- Routing Numbers------------- Swift Code----------- Note, Your funds is %100 Percent ready for transfer. Everything you do remember that Good things come to those who wait. I have done this work for you with my personally effort, Honesty is the best policy. now your transfer is currently deposited with paying bank this morning. It is by the grace of God that I received Christ, having known the truth. I had no choice than to do what is lawful and justice in the sight of God for eternal life and in the sight of man for witness of God & His Mercies and glory upon my life. send this needed bank details to the bank today, so that you receive your transfer today as it is available for your confirmation today. Please do your best as a serious person and send the fee urgent, Note that this transfer of $18.500.000 M USD is a Gift from God to Bless you. If you did not contact the bank urgent, finally the Bank will release your transfer of $18.500.000M USD to Mr. David Bollen as your representative. So not allow another to claim your Money. Thanks For your Understanding. Barr Robert Richter, UN Attorney At Law Court-Benin

3 years, 9 months

1
0
0 0

From Dr. Tracy Williams.

by Tracy Williams

Hello Dear, how are you today,I hope you are doing great. It is my great pleasure to contact you,I want to make a new and special friend,I hope you don't mind. My name is Tracy Williams from the United States, Am a french and English nationality. I will give you pictures and more details about my self as soon as i hear from you in my email account bellow, Here is my email address; drtracywilliams89(a)gmail.com Please send your reply to my PRIVATE mail box. Thanks, Tracy Williams.

3 years, 9 months

1
0
0 0

[PATCH] Documentation: kunit: Fix typo

by Qinghua Jin

Fix a typo: actualy -> actual Signed-off-by: Qinghua Jin <qhjin.dev(a)gmail.com> --- Documentation/dev-tools/kunit/usage.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/dev-tools/kunit/usage.rst b/Documentation/dev-tools/kunit/usage.rst index 63f1bb89ebf5..b9940758787c 100644 --- a/Documentation/dev-tools/kunit/usage.rst +++ b/Documentation/dev-tools/kunit/usage.rst @@ -615,7 +615,7 @@ kunit_tool) only fully supports running tests inside of UML and QEMU; however, this is only due to our own time limitations as humans working on KUnit. It is entirely possible to support other emulators and even actual hardware, but for now QEMU and UML is what is fully supported within the KUnit Wrapper. Again, to -be clear, this is just the Wrapper. The actualy KUnit tests and the KUnit +be clear, this is just the Wrapper. The actual KUnit tests and the KUnit library they are written in is fully architecture agnostic and can be used in virtually any setup, you just won't have the benefit of typing a single command out of the box and having everything magically work perfectly. -- 2.30.2

3 years, 10 months

2
1
0 0

[PATCH v5 net-next 0/3] net: bpf: handle return value of post_bind{4,6} and add selftests for it

by menglong8.dong＠gmail.com

From: Menglong Dong <imagedong(a)tencent.com> The return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND() in __inet_bind() is not handled properly. While the return value is non-zero, it will set inet_saddr and inet_rcv_saddr to 0 and exit: exit: err = BPF_CGROUP_RUN_PROG_INET4_POST_BIND(sk); if (err) { inet->inet_saddr = inet->inet_rcv_saddr = 0; goto out_release_sock; } Let's take UDP for example and see what will happen. For UDP socket, it will be added to 'udp_prot.h.udp_table->hash' and 'udp_prot.h.udp_table->hash2' after the sk->sk_prot->get_port() called success. If 'inet->inet_rcv_saddr' is specified here, then 'sk' will be in the 'hslot2' of 'hash2' that it don't belong to (because inet_saddr is changed to 0), and UDP packet received will not be passed to this sock. If 'inet->inet_rcv_saddr' is not specified here, the sock will work fine, as it can receive packet properly, which is wired, as the 'bind()' is already failed. To undo the get_port() operation, introduce the 'put_port' field for 'struct proto'. For TCP proto, it is inet_put_port(); For UDP proto, it is udp_lib_unhash(); For icmp proto, it is ping_unhash(). Therefore, after sys_bind() fail caused by BPF_CGROUP_RUN_PROG_INET4_POST_BIND(), it will be unbinded, which means that it can try to be binded to another port. The second patch use C99 initializers in test_sock.c The third patch is the selftests for this modification. Changes since v4: - use C99 initializers in test_sock.c before adding the test case Changes since v3: - add the third patch which use C99 initializers in test_sock.c Changes since v2: - NULL check for sk->sk_prot->put_port Changes since v1: - introduce 'put_port' field for 'struct proto' - add selftests for it Menglong Dong (3): net: bpf: handle return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND() bpf: selftests: use C99 initializers in test_sock.c bpf: selftests: add bind retry for post_bind{4, 6} include/net/sock.h | 1 + net/ipv4/af_inet.c | 2 + net/ipv4/ping.c | 1 + net/ipv4/tcp_ipv4.c | 1 + net/ipv4/udp.c | 1 + net/ipv6/af_inet6.c | 2 + net/ipv6/ping.c | 1 + net/ipv6/tcp_ipv6.c | 1 + net/ipv6/udp.c | 1 + tools/testing/selftests/bpf/test_sock.c | 370 ++++++++++++++---------- 10 files changed, 233 insertions(+), 148 deletions(-) -- 2.27.0

3 years, 10 months

2
4
0 0

[PATCH] selftests/vm: Make charge_reserved_hugetlb.sh work with existing cgroup setting

by Waiman Long

The hugetlb cgroup reservation test charge_reserved_hugetlb.sh assume that no cgroup filesystems are mounted before running the test. That is not true in many cases. As a result, the test fails to run. Fix that by querying the current cgroup mount setting and using the existing cgroup setup instead before attempting to freshly mount a cgroup filesystem. Similar change is also made for hugetlb_reparenting_test.sh as well, though it still has problem if cgroup v2 isn't used. The patched test scripts were run on a centos 8 based system to verify that they ran properly. Fixes: 29750f71a9b4 ("hugetlb_cgroup: add hugetlb_cgroup reservation tests") Signed-off-by: Waiman Long <longman(a)redhat.com> --- .../selftests/vm/charge_reserved_hugetlb.sh | 34 +++++++++++-------- .../selftests/vm/hugetlb_reparenting_test.sh | 21 +++++++----- .../selftests/vm/write_hugetlb_memory.sh | 2 +- 3 files changed, 34 insertions(+), 23 deletions(-) mode change 100644 => 100755 tools/testing/selftests/vm/charge_reserved_hugetlb.sh mode change 100644 => 100755 tools/testing/selftests/vm/hugetlb_reparenting_test.sh mode change 100644 => 100755 tools/testing/selftests/vm/write_hugetlb_memory.sh diff --git a/tools/testing/selftests/vm/charge_reserved_hugetlb.sh b/tools/testing/selftests/vm/charge_reserved_hugetlb.sh old mode 100644 new mode 100755 index fe8fcfb334e0..a5cb4b09a46c --- a/tools/testing/selftests/vm/charge_reserved_hugetlb.sh +++ b/tools/testing/selftests/vm/charge_reserved_hugetlb.sh @@ -24,19 +24,23 @@ if [[ "$1" == "-cgroup-v2" ]]; then reservation_usage_file=rsvd.current fi -cgroup_path=/dev/cgroup/memory -if [[ ! -e $cgroup_path ]]; then - mkdir -p $cgroup_path - if [[ $cgroup2 ]]; then +if [[ $cgroup2 ]]; then + cgroup_path=$(mount -t cgroup2 | head -1 | awk -e '{print $3}') + if [[ -z "$cgroup_path" ]]; then + cgroup_path=/dev/cgroup/memory mount -t cgroup2 none $cgroup_path - else + do_umount=1 + fi + echo "+hugetlb" >$cgroup_path/cgroup.subtree_control +else + cgroup_path=$(mount -t cgroup | grep ",hugetlb" | awk -e '{print $3}') + if [[ -z "$cgroup_path" ]]; then + cgroup_path=/dev/cgroup/memory mount -t cgroup memory,hugetlb $cgroup_path + do_umount=1 fi fi - -if [[ $cgroup2 ]]; then - echo "+hugetlb" >/dev/cgroup/memory/cgroup.subtree_control -fi +export cgroup_path function cleanup() { if [[ $cgroup2 ]]; then @@ -108,7 +112,7 @@ function setup_cgroup() { function wait_for_hugetlb_memory_to_get_depleted() { local cgroup="$1" - local path="/dev/cgroup/memory/$cgroup/hugetlb.${MB}MB.$reservation_usage_file" + local path="$cgroup_path/$cgroup/hugetlb.${MB}MB.$reservation_usage_file" # Wait for hugetlbfs memory to get depleted. while [ $(cat $path) != 0 ]; do echo Waiting for hugetlb memory to get depleted. @@ -121,7 +125,7 @@ function wait_for_hugetlb_memory_to_get_reserved() { local cgroup="$1" local size="$2" - local path="/dev/cgroup/memory/$cgroup/hugetlb.${MB}MB.$reservation_usage_file" + local path="$cgroup_path/$cgroup/hugetlb.${MB}MB.$reservation_usage_file" # Wait for hugetlbfs memory to get written. while [ $(cat $path) != $size ]; do echo Waiting for hugetlb memory reservation to reach size $size. @@ -134,7 +138,7 @@ function wait_for_hugetlb_memory_to_get_written() { local cgroup="$1" local size="$2" - local path="/dev/cgroup/memory/$cgroup/hugetlb.${MB}MB.$fault_usage_file" + local path="$cgroup_path/$cgroup/hugetlb.${MB}MB.$fault_usage_file" # Wait for hugetlbfs memory to get written. while [ $(cat $path) != $size ]; do echo Waiting for hugetlb memory to reach size $size. @@ -574,5 +578,7 @@ for populate in "" "-o"; do done # populate done # method -umount $cgroup_path -rmdir $cgroup_path +if [[ $do_umount ]]; then + umount $cgroup_path + rmdir $cgroup_path +fi diff --git a/tools/testing/selftests/vm/hugetlb_reparenting_test.sh b/tools/testing/selftests/vm/hugetlb_reparenting_test.sh old mode 100644 new mode 100755 index 4a9a3afe9fd4..bf2d2a684edf --- a/tools/testing/selftests/vm/hugetlb_reparenting_test.sh +++ b/tools/testing/selftests/vm/hugetlb_reparenting_test.sh @@ -18,19 +18,24 @@ if [[ "$1" == "-cgroup-v2" ]]; then usage_file=current fi -CGROUP_ROOT='/dev/cgroup/memory' -MNT='/mnt/huge/' -if [[ ! -e $CGROUP_ROOT ]]; then - mkdir -p $CGROUP_ROOT - if [[ $cgroup2 ]]; then +if [[ $cgroup2 ]]; then + CGROUP_ROOT=$(mount -t cgroup2 | head -1 | awk -e '{print $3}') + if [[ -z "$CGROUP_ROOT" ]]; then + CGROUP_ROOT=/dev/cgroup/memory mount -t cgroup2 none $CGROUP_ROOT - sleep 1 - echo "+hugetlb +memory" >$CGROUP_ROOT/cgroup.subtree_control - else + do_umount=1 + fi + echo "+hugetlb +memory" >$CGROUP_ROOT/cgroup.subtree_control +else + CGROUP_ROOT=$(mount -t cgroup | grep ",hugetlb" | awk -e '{print $3}') + if [[ -z "$CGROUP_ROOT" ]]; then + CGROUP_ROOT=/dev/cgroup/memory mount -t cgroup memory,hugetlb $CGROUP_ROOT + do_umount=1 fi fi +MNT='/mnt/huge/' function get_machine_hugepage_size() { hpz=$(grep -i hugepagesize /proc/meminfo) diff --git a/tools/testing/selftests/vm/write_hugetlb_memory.sh b/tools/testing/selftests/vm/write_hugetlb_memory.sh old mode 100644 new mode 100755 index d3d0d108924d..70a02301f4c2 --- a/tools/testing/selftests/vm/write_hugetlb_memory.sh +++ b/tools/testing/selftests/vm/write_hugetlb_memory.sh @@ -14,7 +14,7 @@ want_sleep=$8 reserve=$9 echo "Putting task in cgroup '$cgroup'" -echo $$ > /dev/cgroup/memory/"$cgroup"/cgroup.procs +echo $$ > ${cgroup_path:-/dev/cgroup/memory}/"$cgroup"/cgroup.procs echo "Method is $method" -- 2.27.0

3 years, 10 months

2
1
0 0

txtimestamp.c:164:29: warning: format '0' expects argument of type 'long unsigned int', but argument 3 has type 'int64_t' {aka 'long long int'} [-Wformat=]

by Naresh Kamboju

While building selftests the following warnings were noticed for arm architecture on Linux stable v5.15.13 kernel and also on Linus's tree. arm-linux-gnueabihf-gcc -Wall -Wl,--no-as-needed -O2 -g -I../../../../usr/include/ txtimestamp.c -o /home/tuxbuild/.cache/tuxmake/builds/current/kselftest/net/txtimestamp txtimestamp.c: In function 'validate_timestamp': txtimestamp.c:164:29: warning: format '0' expects argument of type 'long unsigned int', but argument 3 has type 'int64_t' {aka 'long long int'} [-Wformat=] 164 | fprintf(stderr, "ERROR: 0 us expected between 0 and 0\n", | ~~^ | | | long unsigned int | 0 165 | cur64 - start64, min_delay, max_delay); | ~~~~~~~~~~~~~~~ | | | int64_t {aka long long int} txtimestamp.c: In function '__print_ts_delta_formatted': txtimestamp.c:173:22: warning: format '0' expects argument of type 'long unsigned int', but argument 3 has type 'int64_t' {aka 'long long int'} [-Wformat=] 173 | fprintf(stderr, "0 ns", ts_delta); | ~~^ ~~~~~~~~ | | | | | int64_t {aka long long int} | long unsigned int | 0 txtimestamp.c:175:22: warning: format '0' expects argument of type 'long unsigned int', but argument 3 has type 'int64_t' {aka 'long long int'} [-Wformat=] 175 | fprintf(stderr, "0 us", ts_delta / NSEC_PER_USEC); | ~~^ | | | long unsigned int | 0 Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> build link: https://builds.tuxbuild.com/23HFntxpqyCx0RbiuadfGZ36Kym/ metadata: git repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git git commit: 734eb1fd2073f503f5c6b44f1c0d453ca6986b84 git describe: v5.15.13 toolchain: gcc-11 kernel-config: https://builds.tuxbuild.com/23HFntxpqyCx0RbiuadfGZ36Kym/config # To install tuxmake on your system globally: # sudo pip3 install -U tuxmake tuxmake --runtime podman --target-arch arm --toolchain gcc-10 \ --kconfig https://builds.tuxbuild.com/23HFntxpqyCx0RbiuadfGZ36Kym/config \ dtbs dtbs-legacy headers kernel kselftest kselftest-merge modules -- Linaro LKFT https://lkft.linaro.org

3 years, 10 months

2
3
0 0

test_vsyscall.c:500:22: warning: '__builtin_memcmp_eq' specified bound 4096 exceeds source size 0

by Naresh Kamboju

While building selftests the following warnings were noticed for x86_64 architecture on Linux stable v5.15.13 kernel. metadata: git repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git git commit: 734eb1fd2073f503f5c6b44f1c0d453ca6986b84 git describe: v5.15.13 toolchain": gcc-11 kernel-config: https://builds.tuxbuild.com/23HFo8abXIL6i4FFfSYiJlqAYMW/config x86_64-linux-gnu-gcc -m64 -o \ /home/tuxbuild/.cache/tuxmake/builds/current/kselftest/x86/test_vsyscall_64 \ -O2 -g -std=gnu99 -pthread -Wall -no-pie \ -DCAN_BUILD_64 test_vsyscall.c helpers.h -lrt -ldl test_vsyscall.c: In function 'test_process_vm_readv': test_vsyscall.c:500:22: warning: '__builtin_memcmp_eq' specified bound 4096 exceeds source size 0 [-Wstringop-overread] 500 | if (!memcmp(buf, (const void *)0xffffffffff600000, 4096)) { | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> Build link: https://builds.tuxbuild.com/23HFo8abXIL6i4FFfSYiJlqAYMW/ # To install tuxmake on your system globally: # sudo pip3 install -U tuxmake tuxmake --runtime podman --target-arch x86_64 --toolchain gcc-11 \ --kconfig https://builds.tuxbuild.com/23HFo8abXIL6i4FFfSYiJlqAYMW/config \ cpupower headers kernel kselftest kselftest-merge modules -- Linaro LKFT https://lkft.linaro.org

3 years, 10 months

2
3
0 0

[PATCH v4 net-next 0/3] net: bpf: handle return value of post_bind{4,6} and add selftests for it

by menglong8.dong＠gmail.com

From: Menglong Dong <imagedong(a)tencent.com> The return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND() in __inet_bind() is not handled properly. While the return value is non-zero, it will set inet_saddr and inet_rcv_saddr to 0 and exit: exit: err = BPF_CGROUP_RUN_PROG_INET4_POST_BIND(sk); if (err) { inet->inet_saddr = inet->inet_rcv_saddr = 0; goto out_release_sock; } Let's take UDP for example and see what will happen. For UDP socket, it will be added to 'udp_prot.h.udp_table->hash' and 'udp_prot.h.udp_table->hash2' after the sk->sk_prot->get_port() called success. If 'inet->inet_rcv_saddr' is specified here, then 'sk' will be in the 'hslot2' of 'hash2' that it don't belong to (because inet_saddr is changed to 0), and UDP packet received will not be passed to this sock. If 'inet->inet_rcv_saddr' is not specified here, the sock will work fine, as it can receive packet properly, which is wired, as the 'bind()' is already failed. To undo the get_port() operation, introduce the 'put_port' field for 'struct proto'. For TCP proto, it is inet_put_port(); For UDP proto, it is udp_lib_unhash(); For icmp proto, it is ping_unhash(). Therefore, after sys_bind() fail caused by BPF_CGROUP_RUN_PROG_INET4_POST_BIND(), it will be unbinded, which means that it can try to be binded to another port. The second patch is the selftests for this modification. The third patch use C99 initializers in test_sock.c. Changes since v3: - add the third patch which use C99 initializers in test_sock.c Changes since v2: - NULL check for sk->sk_prot->put_port Changes since v1: - introduce 'put_port' field for 'struct proto' - add selftests for it Menglong Dong (3): net: bpf: handle return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND() bpf: selftests: add bind retry for post_bind{4, 6} bpf: selftests: use C99 initializers in test_sock.c include/net/sock.h | 1 + net/ipv4/af_inet.c | 2 + net/ipv4/ping.c | 1 + net/ipv4/tcp_ipv4.c | 1 + net/ipv4/udp.c | 1 + net/ipv6/af_inet6.c | 2 + net/ipv6/ping.c | 1 + net/ipv6/tcp_ipv6.c | 1 + net/ipv6/udp.c | 1 + tools/testing/selftests/bpf/test_sock.c | 370 ++++++++++++++---------- 10 files changed, 233 insertions(+), 148 deletions(-) -- 2.27.0

3 years, 10 months

2
4
0 0

[PATCH v5 00/21] AMX Support in KVM

by Yang Zhong

Thanks a lot for all the review comments and guidance! Hope this version is in a good state now. :) (Jing is temporarily leave for family reason, Yang helped work out this version) ---- v4->v5: - Directly call fpu core to expand fpstate buffer in kvm_check_cpuid() and remove duplicated permission check there (Sean) - Accordingly remove Thomas's reviewed-by as a different wrapper is introduced now (patch-7) - Properly queue #NM exception in nested scenario (Sean) - Verify non-XFD related #NM usage in nested scenario (Sean) - Hide XFD in kvm_cpu_cap on 32bit host kernels (Sean) - Use xstate_required_size() in KVM_CAP_XSAVE2 which may be called before any vcpu is created (Sean/Paolo) - Replace boot_cpu_has with kvm_cpu_cap_has when disabling RDMSR interception for xfd_err (Sean) v3->v4: - Verify kvm selftest for AMX (Paolo) - Expand fpstate buffer in kvm_check_cpuid() and improve patch description (Sean) - Drop 'preemption' word in #NM interception patch (Sean) - Remove 'trap_nm' flag. Replace it by: (Sean) * Trapping #NM according to guest_fpu::xfd when write to xfd is intercepted. * Always trapping #NM when xfd write interception is disabled - Use better name for #NM related functions (Sean) - Drop '#ifdef CONFIG_X86_64' in __kvm_set_xcr (Sean) - Update description for KVM_CAP_XSAVE2 and prevent the guest from using the wrong ioctl (Sean) - Replace 'xfd_out_of_sync' with a better name (Sean) v2->v3: - Trap #NM until write IA32_XFD with a non-zero value (Thomas) - Revise return value in __xstate_request_perm() (Thomas) - Revise doc for KVM_GET_SUPPORTED_CPUID (Paolo) - Add Thomas's reviewed-by on one patch - Reorder disabling read interception of XFD_ERR patch (Paolo) - Move disabling r/w interception of XFD from x86.c to vmx.c (Paolo) - Provide the API doc together with the new KVM_GET_XSAVE2 ioctl (Paolo) - Make KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2) return minimum size of struct kvm_xsave (4K) (Paolo) - Request permission at the start of vm_create_with_vcpus() in selftest - Request permission conditionally when XFD is supported (Paolo) v1->v2: - Live migration supported and verified with a selftest - Rebase to Thomas's new series for guest fpstate reallocation [1] - Expand fpstate at KVM_SET_CPUID2 instead of when emulating XCR0 and IA32_XFD (Thomas/Paolo) - Accordingly remove all exit-to-userspace stuff - Intercept #NM to save guest XFD_ERR and restore host/guest value at preemption on/off boundary (Thomas) - Accordingly remove all xfd_err logic in preemption callback and fpu_swap_kvm_fpstate() - Reuse KVM_SET_XSAVE to handle both legacy and expanded buffer (Paolo) - Don't return dynamic bits w/o prctl() in KVM_GET_SUPPORTED_CPUID (Paolo) - Check guest permissions for dynamic features in CPUID[0xD] instead of only for AMX at KVM_SET_CPUID (Paolo) - Remove dynamic bit check for 32-bit guest in __kvm_set_xcr() (Paolo) - Fix CPUID emulation for 0x1d and 0x1e (Paolo) - Move "disable interception" to the end of the series (Paolo) This series brings AMX (Advanced Matrix eXtensions) virtualization support to KVM. The preparatory series from Thomas [1] is also included. A large portion of the changes in this series is to deal with eXtended Feature Disable (XFD) which allows resizing of the fpstate buffer to support dynamically-enabled XSTATE features with large state component (e.g. 8K for AMX). There are a lot of simplications when comparing v5 to the original proposal [2] and the first version [3]. Thanks to Thomas, Paolo and Sean for many good suggestions. The support is based on following key changes: - Guest permissions for dynamically-enabled XSAVE features Native tasks have to request permission via prctl() before touching a dynamic-resized XSTATE compoenent. Introduce guest permissions for the similar purpose. Userspace VMM is expected to request guest permission only once when the first vCPU is created. KVM checks guest permission in KVM_SET_CPUID2. Setting XFD in guest cpuid w/o proper permissions fails this operation. In the meantime, unpermitted features are also excluded in KVM_GET_SUPPORTED_CPUID. - Extend fpstate reallocation mechanism to cover guest fpu Unlike native tasks which have reallocation triggered from #NM handler, guest fpstate reallocation is requested by KVM when it identifies the intention on using dynamically-enabled XSAVE features inside guest. Extend fpu core to allow KVM request fpstate buffer expansion for a guest fpu containter. - Trigger fpstate reallocation in KVM This could be done either before guest runs or until xfd is updated in the emulation path. According to discussion [1] we decide to go the former option in KVM_SET_CPUID2, with fpstate buffer sized accordingly. This spares a lot of code and also avoid imposing an ordered restore sequence (XCR0, XFD and XSTATE) to userspace VMM. - RDMSR/WRMSR emulation for IA32_XFD Because fpstate expansion is completed in KVM_SET_CPUID2, emulating r/w access to IA32_XFD simply involves the xfd field in the guest fpu container. If write and guest fpu is currently active, the software state (guest_fpstate::xfd and per-cpu xfd cache) is also updated. - RDMSR/WRMSR emulation for XFD_ERR When XFD causes an instruction to generate #NM, XFD_ERR contains information about which disabled state components are being accessed. It'd be problematic if the XFD_ERR value generated in guest is consumed/clobbered by the host before the guest itself doing so. Intercept #NM exception to save the guest XFD_ERR value when write IA32_XFD with a non-zero value for 1st time. There is at most one interception per guest task given a dynamic feature. RDMSR/WRMSR emulation uses the saved value. The host value (always ZERO outside of the host #NM handler) is restored before enabling interrupts. The saved guest value is restored right before entering the guest (with interrupts disabled). - Get/set dynamic xfeature state for migration Introduce new capability (KVM_CAP_XSAVE2) to deal with >4KB fpstate buffer. Reading this capability returns the size of the current guest fpstate (e.g. after expansion). Userspace VMM uses a new ioctl (KVM_GET_XSAVE2) to read guest fpstate from the kernel and reuses the existing ioctl (KVM_SET_XSAVE) to update guest fpsate to the kernel. KVM_SET_XSAVE is extended to do properly_sized memdup_user() based on the guest fpstate. - Expose related cpuid bits to guest The last step is to allow exposing XFD, AMX_TILE, AMX_INT8 and AMX_BF16 in guest cpuid. Adding those bits into kvm_cpu_caps finally activates all previous logics in this series - Optimization: disable interception for IA32_XFD IA32_XFD can be frequently updated by the guest, as it is part of the task state and swapped in context switch when prev and next have different XFD setting. Always intercepting WRMSR can easily cause non-negligible overhead. Disable r/w emulation for IA32_XFD after intercepting the first WRMSR(IA32_XFD) with a non-zero value. However MSR passthrough implies the software state (guest_fpstate::xfd and per-cpu xfd cache) might be out of sync with MSR. This suggests KVM needs to re-sync them at VM-exit before preemption is enabled. Thanks Jun Nakajima and Kevin Tian for the design suggestions when this was being internally worked on. [1] https://lore.kernel.org/all/20211214022825.563892248@linutronix.de/ [2] https://www.spinics.net/lists/kvm/msg259015.html [3] https://lore.kernel.org/lkml/20211208000359.2853257-1-yang.zhong@intel.com/ Thanks, Yang ---- Guang Zeng (1): kvm: x86: Add support for getting/setting expanded xstate buffer Jing Liu (11): kvm: x86: Fix xstate_required_size() to follow XSTATE alignment rule kvm: x86: Exclude unpermitted xfeatures at KVM_GET_SUPPORTED_CPUID x86/fpu: Make XFD initialization in __fpstate_reset() a function argument kvm: x86: Enable dynamic xfeatures at KVM_SET_CPUID2 kvm: x86: Add emulation for IA32_XFD x86/fpu: Prepare xfd_err in struct fpu_guest kvm: x86: Intercept #NM for saving IA32_XFD_ERR kvm: x86: Emulate IA32_XFD_ERR for guest kvm: x86: Disable RDMSR interception of IA32_XFD_ERR kvm: x86: Add XCR0 support for Intel AMX kvm: x86: Add CPUID support for Intel AMX Kevin Tian (2): x86/fpu: Provide fpu_update_guest_xfd() for IA32_XFD emulation kvm: x86: Disable interception for IA32_XFD on demand Sean Christopherson (1): x86/fpu: Provide fpu_enable_guest_xfd_features() for KVM Thomas Gleixner (5): x86/fpu: Extend fpu_xstate_prctl() with guest permissions x86/fpu: Prepare guest FPU for dynamically enabled FPU features x86/fpu: Add guest support to xfd_enable_feature() x86/fpu: Add uabi_size to guest_fpu x86/fpu: Provide fpu_sync_guest_vmexit_xfd_state() Wei Wang (1): kvm: selftests: Add support for KVM_CAP_XSAVE2 Documentation/virt/kvm/api.rst | 46 +++++- arch/x86/include/asm/cpufeatures.h | 2 + arch/x86/include/asm/fpu/api.h | 11 ++ arch/x86/include/asm/fpu/types.h | 32 ++++ arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/uapi/asm/kvm.h | 16 +- arch/x86/include/uapi/asm/prctl.h | 26 ++-- arch/x86/kernel/fpu/core.c | 94 ++++++++++- arch/x86/kernel/fpu/xstate.c | 147 +++++++++++------- arch/x86/kernel/fpu/xstate.h | 15 +- arch/x86/kernel/process.c | 2 + arch/x86/kvm/cpuid.c | 86 +++++++--- arch/x86/kvm/cpuid.h | 2 + arch/x86/kvm/vmx/vmcs.h | 5 + arch/x86/kvm/vmx/vmx.c | 68 ++++++++ arch/x86/kvm/vmx/vmx.h | 2 +- arch/x86/kvm/x86.c | 112 ++++++++++++- include/uapi/linux/kvm.h | 4 + tools/arch/x86/include/uapi/asm/kvm.h | 16 +- tools/include/uapi/linux/kvm.h | 3 + .../testing/selftests/kvm/include/kvm_util.h | 2 + .../selftests/kvm/include/x86_64/processor.h | 10 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 32 ++++ .../selftests/kvm/lib/x86_64/processor.c | 67 +++++++- .../testing/selftests/kvm/x86_64/evmcs_test.c | 2 +- tools/testing/selftests/kvm/x86_64/smm_test.c | 2 +- .../testing/selftests/kvm/x86_64/state_test.c | 2 +- .../kvm/x86_64/vmx_preemption_timer_test.c | 2 +- 28 files changed, 702 insertions(+), 107 deletions(-)

3 years, 10 months

5
30
0 0

[RFC PATCH 00/10] KVM: selftests: Add support for test-selectable ucall implementations

by Michael Roth

These patches are based on kvm/next, and are also available at: https://github.com/mdroth/linux/commits/sev-selftests-ucall-rfc1 == BACKGROUND == These patches are a prerequisite for adding selftest support for SEV guests and possibly other confidential computing implementations in the future. They were motivated by a suggestion Paolo made in response to the initial SEV selftest RFC: https://lore.kernel.org/lkml/20211025035833.yqphcnf5u3lk4zgg@amd.com/T/#m95… Since the changes touch multiple archs and ended up creating a bit more churn than expected, I thought it would be a good idea to carve this out into a separate standalone series for reviewers who may be more interested in the ucall changes than anything SEV-related. To summarize, x86 relies on a ucall based on using PIO intructions to generate an exit to userspace and provide the GVA of a dynamically-allocated ucall struct that resides in guest memory and contains information about how to handle/interpret the exit. This doesn't work for SEV guests for 3 main reasons: 1) The guest memory is generally encrypted during run-time, so the guest needs to ensure the ucall struct is allocated in shared memory. 2) The guest page table is also encrypted, so the address would need to be a GPA instead of a GVA. 3) The guest vCPU register may also be encrypted in the case of SEV-ES/SEV-SNP, so the approach of examining vCPU register state has additional requirements such as requiring guest code to implement a #VC handler that can provide the appropriate registers via a vmgexit. To address these issues, the SEV selftest RFC1 patchset introduced a set of new SEV-specific interfaces that closely mirrored the functionality of ucall()/get_ucall(), but relied on a pre-allocated/static ucall buffer in shared guest memory so it that guest code could pass messages/state to the host by simply writing to this pre-arranged shared memory region and then generating an exit to userspace (via a halt instruction). Paolo suggested instead implementing support for test/guest-specific ucall implementations that could be used as an alternative to the default PIO-based ucall implementations as-needed based on test/guest requirements, while still allowing for tests to use a common set interfaces like ucall()/get_ucall(). == OVERVIEW == This series implements the above functionality by introducing a new ucall_ops struct that can be used to register a particular ucall implementation as need, then re-implements x86/arm64/s390x in terms of the ucall_ops. But for the purposes of introducing a new ucall_ops implementation appropriate for SEV, there are a couple issues that resulted in the need for some additional ucall interfaces as well: a) ucall() doesn't take a pointer to the ucall struct it modifies, so to make it work in the case of an implementation that relies a pre-allocated ucall struct in shared guest memory some sort of global lookup functionality would be needed to locate the appropriate ucall struct for a particular VM/vcpu combination, and this would need to be made accessible for use by the guest as well. guests would then need some way of determining what VM/vcpu identifiers they need to use to do the lookup, which to do reliably would likely require seeding the guest with those identifiers in advance, which is possible, but much more easily achievable by simply adding a ucall() alternative that accepts a pointer to the ucall struct for that particular VM/vcpu. b) get_ucall() *does* take a pointer to a ucall struct, but currently zeroes it out and uses it to copy the guest's ucall struct into. It *could* be re-purposed to handle the case where the pointer is an actual pointer to the ucall struct in shared guest memory, but that could cause problems since callers would need some idea of what the underlying ucall implementation expects. Ideally the interfaces would be agnostic to the ucall implementation. So to address those issues, this series also allows ucall implementations to optionally be extended to support a set of 'shared' ops that are used in the following manner: host: uc_gva = ucall_shared_alloc() setup_vm_args(vm, uc_gva) guest: ucall_shared(uc_gva, ...) host: uget_ucall_shared(uc_gva, ...) and then implements a new ucall implementation, ucall_ops_halt, based around these shared interfaces and halt instructions. While this doesn't really meet the initial goal of re-using the existing ucall interfaces as-is, the hope is that these *_shared interfaces are general enough to be re-usable things other than SEV, or at least improve on code readability over the initial SEV-specific interfaces. Any review/comments are greatly appreciated! ---------------------------------------------------------------- Michael Roth (10): kvm: selftests: move base kvm_util.h declarations to kvm_util_base.h kvm: selftests: move ucall declarations into ucall_common.h kvm: selftests: introduce ucall_ops for test/arch-specific ucall implementations kvm: arm64: selftests: use ucall_ops to define default ucall implementation (COMPILE-TESTED ONLY) kvm: s390: selftests: use ucall_ops to define default ucall implementation kvm: selftests: add ucall interfaces based around shared memory kvm: selftests: add ucall_shared ops for PIO kvm: selftests: introduce ucall implementation based on halt instructions kvm: selftests: add GUEST_SHARED_* macros for shared ucall implementations kvm: selftests: add ucall_test to test various ucall functionality tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 5 +- .../testing/selftests/kvm/include/aarch64/ucall.h | 18 + tools/testing/selftests/kvm/include/kvm_util.h | 408 +-------------------- .../testing/selftests/kvm/include/kvm_util_base.h | 368 +++++++++++++++++++ tools/testing/selftests/kvm/include/s390x/ucall.h | 18 + tools/testing/selftests/kvm/include/ucall_common.h | 147 ++++++++ tools/testing/selftests/kvm/include/x86_64/ucall.h | 19 + tools/testing/selftests/kvm/lib/aarch64/ucall.c | 43 +-- tools/testing/selftests/kvm/lib/s390x/ucall.c | 45 +-- tools/testing/selftests/kvm/lib/ucall_common.c | 133 +++++++ tools/testing/selftests/kvm/lib/x86_64/ucall.c | 82 +++-- tools/testing/selftests/kvm/ucall_test.c | 182 +++++++++ 13 files changed, 982 insertions(+), 487 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/aarch64/ucall.h create mode 100644 tools/testing/selftests/kvm/include/kvm_util_base.h create mode 100644 tools/testing/selftests/kvm/include/s390x/ucall.h create mode 100644 tools/testing/selftests/kvm/include/ucall_common.h create mode 100644 tools/testing/selftests/kvm/include/x86_64/ucall.h create mode 100644 tools/testing/selftests/kvm/lib/ucall_common.c create mode 100644 tools/testing/selftests/kvm/ucall_test.c

3 years, 10 months

4
22
0 0

[PATCH 2/2] selftests: tpm: add async space test with noneexisting handle

by Tadeusz Struk

Add a test for tpm2 spaces in async mode that checks if the code handles invalid handles correctly. Cc: Jarkko Sakkinen <jarkko(a)kernel.org> Cc: Shuah Khan <shuah(a)kernel.org> Cc: <linux-integrity(a)vger.kernel.org> Cc: <linux-kselftest(a)vger.kernel.org> Cc: <linux-kernel(a)vger.kernel.org> Signed-off-by: Tadeusz Struk <tstruk(a)gmail.com> --- tools/testing/selftests/tpm2/tpm2_tests.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tools/testing/selftests/tpm2/tpm2_tests.py b/tools/testing/selftests/tpm2/tpm2_tests.py index 9d764306887b..b373b0936e40 100644 --- a/tools/testing/selftests/tpm2/tpm2_tests.py +++ b/tools/testing/selftests/tpm2/tpm2_tests.py @@ -302,3 +302,19 @@ class AsyncTest(unittest.TestCase): log.debug("Calling get_cap in a NON_BLOCKING mode") async_client.get_cap(tpm2.TPM2_CAP_HANDLES, tpm2.HR_LOADED_SESSION) async_client.close() + + def test_flush_invlid_context(self): + log = logging.getLogger(__name__) + log.debug(sys._getframe().f_code.co_name) + + async_client = tpm2.Client(tpm2.Client.FLAG_SPACE | tpm2.Client.FLAG_NONBLOCK) + log.debug("Calling flush_context passing in an invalid handle ") + handle = 0x80123456 + rc = 0 + try: + async_client.flush_context(handle) + except OSError as e: + rc = e.errno + + self.assertEqual(rc, 22) + async_client.close() -- 2.30.2

3 years, 10 months

2
1
0 0

[PATCH net] selftests: set amt.sh executable

by Taehee Yoo

amt.sh test script will not work because it doesn't have execution permission. So, it adds execution permission. Reported-by: Hangbin Liu <liuhangbin(a)gmail.com> Fixes: c08e8baea78e ("selftests: add amt interface selftest script") Signed-off-by: Taehee Yoo <ap420073(a)gmail.com> --- tools/testing/selftests/net/amt.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 tools/testing/selftests/net/amt.sh diff --git a/tools/testing/selftests/net/amt.sh b/tools/testing/selftests/net/amt.sh old mode 100644 new mode 100755 -- 2.17.1

3 years, 10 months

2
1
0 0

[PATCH 1/3] selftest/kexec: fix "ignored null byte in input" warning

by Nageswara R Sastry

From: Mimi Zohar <zohar(a)linux.ibm.com> Instead of assigning the string to a variable, which might contain a null character, redirect the output and grep for the string directly. Signed-off-by: Mimi Zohar <zohar(a)linux.ibm.com> --- tools/testing/selftests/kexec/test_kexec_file_load.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kexec/test_kexec_file_load.sh b/tools/testing/selftests/kexec/test_kexec_file_load.sh index 2ff600388c30..99f6fc23ee31 100755 --- a/tools/testing/selftests/kexec/test_kexec_file_load.sh +++ b/tools/testing/selftests/kexec/test_kexec_file_load.sh @@ -97,10 +97,11 @@ check_for_imasig() check_for_modsig() { local module_sig_string="~Module signature appended~" - local sig="$(tail --bytes $((${#module_sig_string} + 1)) $KERNEL_IMAGE)" local ret=0 - if [ "$sig" == "$module_sig_string" ]; then + tail --bytes $((${#module_sig_string} + 1)) $KERNEL_IMAGE | \ + grep -q "$module_sig_string" + if [ $? -eq 0 ]; then ret=1 log_info "kexec kernel image modsig signed" else -- 2.23.0

3 years, 10 months

3
4
0 0

[PATCH v3 net-next 0/2] net: bpf: handle return value of post_bind{4,6} and add selftests for it

by menglong8.dong＠gmail.com

From: Menglong Dong <imagedong(a)tencent.com> The return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND() in __inet_bind() is not handled properly. While the return value is non-zero, it will set inet_saddr and inet_rcv_saddr to 0 and exit: exit: err = BPF_CGROUP_RUN_PROG_INET4_POST_BIND(sk); if (err) { inet->inet_saddr = inet->inet_rcv_saddr = 0; goto out_release_sock; } Let's take UDP for example and see what will happen. For UDP socket, it will be added to 'udp_prot.h.udp_table->hash' and 'udp_prot.h.udp_table->hash2' after the sk->sk_prot->get_port() called success. If 'inet->inet_rcv_saddr' is specified here, then 'sk' will be in the 'hslot2' of 'hash2' that it don't belong to (because inet_saddr is changed to 0), and UDP packet received will not be passed to this sock. If 'inet->inet_rcv_saddr' is not specified here, the sock will work fine, as it can receive packet properly, which is wired, as the 'bind()' is already failed. To undo the get_port() operation, introduce the 'put_port' field for 'struct proto'. For TCP proto, it is inet_put_port(); For UDP proto, it is udp_lib_unhash(); For icmp proto, it is ping_unhash(). Therefore, after sys_bind() fail caused by BPF_CGROUP_RUN_PROG_INET4_POST_BIND(), it will be unbinded, which means that it can try to be binded to another port. The second patch is the selftests for this modification. Changes since v2: - NULL check for sk->sk_prot->put_port Changes since v1: - introduce 'put_port' field for 'struct proto' - add selftests for it Menglong Dong (2): net: bpf: handle return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND() bpf: selftests: add bind retry for post_bind{4, 6} include/net/sock.h | 1 + net/ipv4/af_inet.c | 2 + net/ipv4/ping.c | 1 + net/ipv4/tcp_ipv4.c | 1 + net/ipv4/udp.c | 1 + net/ipv6/af_inet6.c | 2 + net/ipv6/ping.c | 1 + net/ipv6/tcp_ipv6.c | 1 + net/ipv6/udp.c | 1 + tools/testing/selftests/bpf/test_sock.c | 166 +++++++++++++++++++++--- 10 files changed, 157 insertions(+), 20 deletions(-) -- 2.27.0

3 years, 10 months

3
4
0 0

[PATCH v4 00/21] AMX Support in KVM

by Yang Zhong

Highly appreciate for your review. This version mostly addressed the comments from Sean. Most comments are adopted except three which are not closed and need more discussions: - Move the entire xfd write emulation code to x86.c. Doing so requires introducing a new kvm_x86_ops callback to disable msr write bitmap. According to Paolo's earlier comment he prefers to handle it in vmx.c. - Directly check msr_bitmap in update_exception_bitmap() (for trapping #NM) and vcpu_enter_guest() (for syncing guest xfd after vm-exit) instead of introducing an extra flag in the last patch. However, doing so requires another new kvm_x86_ops callback for checking msr_bitmap since vcpu_enter_guest() is x86 common code. Having an extra flag sounds simpler here (at least for the initial AMX support). It does penalize nested guest with one xfd sync per exit, but it's not worse than a normal guest which initializes xfd but doesn't run AMX applications at all. Those could be improved afterwards. - Disable #NM trap for nested guest. This version still chooses to always trap #NM (regardless in L1 or L2) as long as xfd write interception is disabled. In reality #NM is rare if nested guest doesn't intend to run AMX applications and always-trap is safer than dynamic trap for the basic support in case of any oversight here. (Jing is temporarily leave for family reason, Yang helped work out this version) ---- v3->v4: - Verify kvm selftest for AMX (Paolo) - Move fpstate buffer expansion from kvm_vcpu_after_set_cpuid () to kvm_check_cpuid() and improve patch description (Sean) - Drop 'preemption' word in #NM interception patch (Sean) - Remove 'trap_nm' flag. Replace it by: (Sean) * Trapping #NM according to guest_fpu::xfd when write to xfd is intercepted. * Always trapping #NM when xfd write interception is disabled - Use better name for #NM related functions (Sean) - Drop '#ifdef CONFIG_X86_64' in __kvm_set_xcr (Sean) - Update description for KVM_CAP_XSAVE2 and prevent the guest from using the wrong ioctl (Sean) - Replace 'xfd_out_of_sync' with a better name (Sean) v2->v3: - Trap #NM until write IA32_XFD with a non-zero value (Thomas) - Revise return value in __xstate_request_perm() (Thomas) - Revise doc for KVM_GET_SUPPORTED_CPUID (Paolo) - Add Thomas's reviewed-by on one patch - Reorder disabling read interception of XFD_ERR patch (Paolo) - Move disabling r/w interception of XFD from x86.c to vmx.c (Paolo) - Provide the API doc together with the new KVM_GET_XSAVE2 ioctl (Paolo) - Make KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2) return minimum size of struct kvm_xsave (4K) (Paolo) - Request permission at the start of vm_create_with_vcpus() in selftest - Request permission conditionally when XFD is supported (Paolo) v1->v2: - Live migration supported and verified with a selftest - Rebase to Thomas's new series for guest fpstate reallocation [1] - Expand fpstate at KVM_SET_CPUID2 instead of when emulating XCR0 and IA32_XFD (Thomas/Paolo) - Accordingly remove all exit-to-userspace stuff - Intercept #NM to save guest XFD_ERR and restore host/guest value at preemption on/off boundary (Thomas) - Accordingly remove all xfd_err logic in preemption callback and fpu_swap_kvm_fpstate() - Reuse KVM_SET_XSAVE to handle both legacy and expanded buffer (Paolo) - Don't return dynamic bits w/o prctl() in KVM_GET_SUPPORTED_CPUID (Paolo) - Check guest permissions for dynamic features in CPUID[0xD] instead of only for AMX at KVM_SET_CPUID (Paolo) - Remove dynamic bit check for 32-bit guest in __kvm_set_xcr() (Paolo) - Fix CPUID emulation for 0x1d and 0x1e (Paolo) - Move "disable interception" to the end of the series (Paolo) This series brings AMX (Advanced Matrix eXtensions) virtualization support to KVM. The preparatory series from Thomas [1] is also included. A large portion of the changes in this series is to deal with eXtended Feature Disable (XFD) which allows resizing of the fpstate buffer to support dynamically-enabled XSTATE features with large state component (e.g. 8K for AMX). There are a lot of simplications when comparing v2/v3 to the original proposal [2] and the first version [3]. Thanks to Thomas and Paolo for many good suggestions. The support is based on following key changes: - Guest permissions for dynamically-enabled XSAVE features Native tasks have to request permission via prctl() before touching a dynamic-resized XSTATE compoenent. Introduce guest permissions for the similar purpose. Userspace VMM is expected to request guest permission only once when the first vCPU is created. KVM checks guest permission in KVM_SET_CPUID2. Setting XFD in guest cpuid w/o proper permissions fails this operation. In the meantime, unpermitted features are also excluded in KVM_GET_SUPPORTED_CPUID. - Extend fpstate reallocation mechanism to cover guest fpu Unlike native tasks which have reallocation triggered from #NM handler, guest fpstate reallocation is requested by KVM when it identifies the intention on using dynamically-enabled XSAVE features inside guest. Extend fpu core to allow KVM request fpstate buffer expansion for a guest fpu containter. - Trigger fpstate reallocation in KVM This could be done either statically (before guest runs) or dynamically (in the emulation path). According to discussion [1] we decide to statically enable all xfeatures allowed by guest perm in KVM_SET_CPUID2, with fpstate buffer sized accordingly. This spares a lot of code and also avoid imposing an ordered restore sequence (XCR0, XFD and XSTATE) to userspace VMM. - RDMSR/WRMSR emulation for IA32_XFD Because fpstate expansion is completed in KVM_SET_CPUID2, emulating r/w access to IA32_XFD simply involves the xfd field in the guest fpu container. If write and guest fpu is currently active, the software state (guest_fpstate::xfd and per-cpu xfd cache) is also updated. - RDMSR/WRMSR emulation for XFD_ERR When XFD causes an instruction to generate #NM, XFD_ERR contains information about which disabled state components are being accessed. It'd be problematic if the XFD_ERR value generated in guest is consumed/clobbered by the host before the guest itself doing so. Intercept #NM exception to save the guest XFD_ERR value when write IA32_XFD with a non-zero value for 1st time. There is at most one interception per guest task given a dynamic feature. RDMSR/WRMSR emulation uses the saved value. The host value (always ZERO outside of the host #NM handler) is restored before enabling preemption. The saved guest value is restored right before entering the guest (with preemption disabled). - Get/set dynamic xfeature state for migration Introduce new capability (KVM_CAP_XSAVE2) to deal with >4KB fpstate buffer. Reading this capability returns the size of the current guest fpstate (e.g. after expansion). Userspace VMM uses a new ioctl (KVM_GET_XSAVE2) to read guest fpstate from the kernel and reuses the existing ioctl (KVM_SET_XSAVE) to update guest fpsate to the kernel. KVM_SET_XSAVE is extended to do properly_sized memdup_user() based on the guest fpstate. - Expose related cpuid bits to guest The last step is to allow exposing XFD, AMX_TILE, AMX_INT8 and AMX_BF16 in guest cpuid. Adding those bits into kvm_cpu_caps finally activates all previous logics in this series - Optimization: disable interception for IA32_XFD IA32_XFD can be frequently updated by the guest, as it is part of the task state and swapped in context switch when prev and next have different XFD setting. Always intercepting WRMSR can easily cause non-negligible overhead. Disable r/w emulation for IA32_XFD after intercepting the first WRMSR(IA32_XFD) with a non-zero value. However MSR passthrough implies the software state (guest_fpstate::xfd and per-cpu xfd cache) might be out of sync with MSR. This suggests KVM needs to re-sync them at VM-exit before preemption is enabled. Thanks Jun Nakajima and Kevin Tian for the design suggestions when this version is being internally worked on. [1] https://lore.kernel.org/all/20211214022825.563892248@linutronix.de/ [2] https://www.spinics.net/lists/kvm/msg259015.html [3] https://lore.kernel.org/lkml/20211208000359.2853257-1-yang.zhong@intel.com/ Thanks, Yang --- Guang Zeng (1): kvm: x86: Add support for getting/setting expanded xstate buffer Jing Liu (11): kvm: x86: Fix xstate_required_size() to follow XSTATE alignment rule kvm: x86: Exclude unpermitted xfeatures at KVM_GET_SUPPORTED_CPUID x86/fpu: Make XFD initialization in __fpstate_reset() a function argument kvm: x86: Check and enable permitted dynamic xfeatures at KVM_SET_CPUID2 kvm: x86: Add emulation for IA32_XFD x86/fpu: Prepare xfd_err in struct fpu_guest kvm: x86: Intercept #NM for saving IA32_XFD_ERR kvm: x86: Emulate IA32_XFD_ERR for guest kvm: x86: Disable RDMSR interception of IA32_XFD_ERR kvm: x86: Add XCR0 support for Intel AMX kvm: x86: Add CPUID support for Intel AMX Kevin Tian (3): x86/fpu: Provide fpu_update_guest_perm_features() for guest x86/fpu: Provide fpu_update_guest_xfd() for IA32_XFD emulation kvm: x86: Disable interception for IA32_XFD on demand Thomas Gleixner (5): x86/fpu: Extend fpu_xstate_prctl() with guest permissions x86/fpu: Prepare guest FPU for dynamically enabled FPU features x86/fpu: Add guest support to xfd_enable_feature() x86/fpu: Add uabi_size to guest_fpu x86/fpu: Provide fpu_sync_guest_vmexit_xfd_state() Wei Wang (1): kvm: selftests: Add support for KVM_CAP_XSAVE2 Documentation/virt/kvm/api.rst | 46 +++++- arch/x86/include/asm/cpufeatures.h | 2 + arch/x86/include/asm/fpu/api.h | 11 ++ arch/x86/include/asm/fpu/types.h | 32 ++++ arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/uapi/asm/kvm.h | 16 +- arch/x86/include/uapi/asm/prctl.h | 26 ++-- arch/x86/kernel/fpu/core.c | 104 ++++++++++++- arch/x86/kernel/fpu/xstate.c | 147 +++++++++++------- arch/x86/kernel/fpu/xstate.h | 15 +- arch/x86/kernel/process.c | 2 + arch/x86/kvm/cpuid.c | 99 +++++++++--- arch/x86/kvm/vmx/vmcs.h | 5 + arch/x86/kvm/vmx/vmx.c | 45 +++++- arch/x86/kvm/vmx/vmx.h | 2 +- arch/x86/kvm/x86.c | 105 ++++++++++++- include/uapi/linux/kvm.h | 4 + tools/arch/x86/include/uapi/asm/kvm.h | 16 +- tools/include/uapi/linux/kvm.h | 3 + .../testing/selftests/kvm/include/kvm_util.h | 2 + .../selftests/kvm/include/x86_64/processor.h | 10 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 32 ++++ .../selftests/kvm/lib/x86_64/processor.c | 67 +++++++- .../testing/selftests/kvm/x86_64/evmcs_test.c | 2 +- tools/testing/selftests/kvm/x86_64/smm_test.c | 2 +- .../testing/selftests/kvm/x86_64/state_test.c | 2 +- .../kvm/x86_64/vmx_preemption_timer_test.c | 2 +- 27 files changed, 691 insertions(+), 109 deletions(-)

3 years, 10 months

4
37
0 0

[PATCH v2 00/13] KVM: selftests: Add tests for SEV and SEV-ES guests

by Michael Roth

These patches and are also available at: https://github.com/mdroth/linux/commits/sev-selftests-v2 They are based on top of the recent RFC: "KVM: selftests: Add support for test-selectable ucall implementations" https://lore.kernel.org/all/20211210164620.11636-1-michael.roth@amd.com/T/ https://github.com/mdroth/linux/commits/sev-selftests-ucall-rfc1 which provides a new ucall implementation that this series relies on. Those patches were in turn based on kvm/next as of 2021-12-10. == OVERVIEW == This series introduces a set of memory encryption-related parameter/hooks in the core kselftest library, then uses the hooks to implement a small library for creating/managing SEV, SEV-ES, and (eventually) SEV-SNP guests. This library is then used to implement a basic boot/memory test that's run for variants of SEV/SEV-ES guests. - Patches 1-8 implement SEV boot tests and should run against existing kernels - Patch 9 is a KVM changes that's required to allow SEV-ES/SEV-SNP guests to boot with an externally generated page table, and is a host kernel prequisite for the remaining patches in the series. - Patches 10-13 extend the boot tests to cover SEV-ES Any review/comments are greatly appreciated! v2: - rebased on ucall_ops patchset (which is based on kvm/next 2021-12-10) - remove SEV-SNP support for now - provide encryption bitmap as const* to original rather than as a copy (Mingwei, Paolo) - drop SEV-specific synchronization helpers in favor of ucall_ops_halt (Paolo) - don't pass around addresses with c-bit included, add them as-needed via addr_gpa2raw() (e.g. when adding PTEs, or initializing initial cr3/vm->pgd) (Paolo) - rename lib/sev.c functions for better consistency (Krish) - move more test setup code out of main test function and into setup_test_common() (Krish) - suppress compiler warnings due to -Waddress-of-packed-member like kernel does - don't require SNP support in minimum firmware version detection (Marc) - allow SEV device path to be configured via make SEV_PATH= (Marc) ---------------------------------------------------------------- Michael Roth (13): KVM: selftests: move vm_phy_pages_alloc() earlier in file KVM: selftests: sparsebit: add const where appropriate KVM: selftests: add hooks for managing encrypted guest memory KVM: selftests: handle encryption bits in page tables KVM: selftests: add support for encrypted vm_vaddr_* allocations KVM: selftests: ensure ucall_shared_alloc() allocates shared memory KVM: selftests: add library for creating/interacting with SEV guests KVM: selftests: add SEV boot tests KVM: SVM: include CR3 in initial VMSA state for SEV-ES guests KVM: selftests: account for error code in #VC exception frame KVM: selftests: add support for creating SEV-ES guests KVM: selftests: add library for handling SEV-ES-related exits KVM: selftests: add SEV-ES boot tests arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/svm/svm.c | 19 ++ arch/x86/kvm/vmx/vmx.c | 6 + arch/x86/kvm/x86.c | 1 + tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 10 +- .../testing/selftests/kvm/include/kvm_util_base.h | 10 + tools/testing/selftests/kvm/include/sparsebit.h | 36 +-- tools/testing/selftests/kvm/include/x86_64/sev.h | 44 +++ .../selftests/kvm/include/x86_64/sev_exitlib.h | 14 + tools/testing/selftests/kvm/include/x86_64/svm.h | 35 +++ .../selftests/kvm/include/x86_64/svm_util.h | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 270 ++++++++++++------ .../testing/selftests/kvm/lib/kvm_util_internal.h | 10 + tools/testing/selftests/kvm/lib/sparsebit.c | 48 ++-- tools/testing/selftests/kvm/lib/ucall_common.c | 4 +- tools/testing/selftests/kvm/lib/x86_64/handlers.S | 4 +- tools/testing/selftests/kvm/lib/x86_64/processor.c | 16 +- tools/testing/selftests/kvm/lib/x86_64/sev.c | 252 ++++++++++++++++ .../testing/selftests/kvm/lib/x86_64/sev_exitlib.c | 249 ++++++++++++++++ .../selftests/kvm/x86_64/sev_all_boot_test.c | 316 +++++++++++++++++++++ 22 files changed, 1215 insertions(+), 133 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c

3 years, 10 months

4
23
0 0

[PATCH v3 00/22] AMX Support in KVM

by Jing Liu

Highly appreciate for your review. We will continue working on remaining selftest and send out later. TODO: - kvm selftest for AMX is still in progress; ---- v2->v3: - Trap #NM until write IA32_XFD with a non-zero value (Thomas) - Revise return value in __xstate_request_perm() (Thomas) - Revise doc for KVM_GET_SUPPORTED_CPUID (Paolo) - Add Thomas's reviewed-by on one patch - Reorder disabling read interception of XFD_ERR patch (Paolo) - Move disabling r/w interception of XFD from x86.c to vmx.c (Paolo) - Provide the API doc together with the new KVM_GET_XSAVE2 ioctl (Paolo) - Make KVM_CHECK_EXTENSION(KVM_CAP_XSAVE2) return minimum size of struct kvm_xsave (4K) (Paolo) - Request permission at the start of vm_create_with_vcpus() in selftest - Request permission conditionally when XFD is supported (Paolo) v1->v2: - Live migration supported and verified with a selftest - Rebase to Thomas's new series for guest fpstate reallocation [1] - Expand fpstate at KVM_SET_CPUID2 instead of when emulating XCR0 and IA32_XFD (Thomas/Paolo) - Accordingly remove all exit-to-userspace stuff - Intercept #NM to save guest XFD_ERR and restore host/guest value at preemption on/off boundary (Thomas) - Accordingly remove all xfd_err logic in preemption callback and fpu_swap_kvm_fpstate() - Reuse KVM_SET_XSAVE to handle both legacy and expanded buffer (Paolo) - Don't return dynamic bits w/o prctl() in KVM_GET_SUPPORTED_CPUID (Paolo) - Check guest permissions for dynamic features in CPUID[0xD] instead of only for AMX at KVM_SET_CPUID (Paolo) - Remove dynamic bit check for 32-bit guest in __kvm_set_xcr() (Paolo) - Fix CPUID emulation for 0x1d and 0x1e (Paolo) - Move "disable interception" to the end of the series (Paolo) This series brings AMX (Advanced Matrix eXtensions) virtualization support to KVM. The preparatory series from Thomas [1] is also included. A large portion of the changes in this series is to deal with eXtended Feature Disable (XFD) which allows resizing of the fpstate buffer to support dynamically-enabled XSTATE features with large state component (e.g. 8K for AMX). There are a lot of simplications when comparing v2/v3 to the original proposal [2] and the first version [3]. Thanks to Thomas and Paolo for many good suggestions. The support is based on following key changes: - Guest permissions for dynamically-enabled XSAVE features Native tasks have to request permission via prctl() before touching a dynamic-resized XSTATE compoenent. Introduce guest permissions for the similar purpose. Userspace VMM is expected to request guest permission only once when the first vCPU is created. KVM checks guest permission in KVM_SET_CPUID2. Setting XFD in guest cpuid w/o proper permissions fails this operation. In the meantime, unpermitted features are also excluded in KVM_GET_SUPPORTED_CPUID. - Extend fpstate reallocation mechanism to cover guest fpu Unlike native tasks which have reallocation triggered from #NM handler, guest fpstate reallocation is requested by KVM when it identifies the intention on using dynamically-enabled XSAVE features inside guest. Extend fpu core to allow KVM request fpstate buffer expansion for a guest fpu containter. - Trigger fpstate reallocation in KVM This could be done either statically (before guest runs) or dynamically (in the emulation path). According to discussion [1] we decide to statically enable all xfeatures allowed by guest perm in KVM_SET_CPUID2, with fpstate buffer sized accordingly. This spares a lot of code and also avoid imposing an ordered restore sequence (XCR0, XFD and XSTATE) to userspace VMM. - RDMSR/WRMSR emulation for IA32_XFD Because fpstate expansion is completed in KVM_SET_CPUID2, emulating r/w access to IA32_XFD simply involves the xfd field in the guest fpu container. If write and guest fpu is currently active, the software state (guest_fpstate::xfd and per-cpu xfd cache) is also updated. - RDMSR/WRMSR emulation for XFD_ERR When XFD causes an instruction to generate #NM, XFD_ERR contains information about which disabled state components are being accessed. It'd be problematic if the XFD_ERR value generated in guest is consumed/clobbered by the host before the guest itself doing so. Intercept #NM exception to save the guest XFD_ERR value when write IA32_XFD with a non-zero value for 1st time. There is at most one interception per guest task given a dynamic feature. RDMSR/WRMSR emulation uses the saved value. The host value (always ZERO outside of the host #NM handler) is restored before enabling preemption. The saved guest value is restored right before entering the guest (with preemption disabled). - Get/set dynamic xfeature state for migration Introduce new capability (KVM_CAP_XSAVE2) to deal with >4KB fpstate buffer. Reading this capability returns the size of the current guest fpstate (e.g. after expansion). Userspace VMM uses a new ioctl (KVM_GET_XSAVE2) to read guest fpstate from the kernel and reuses the existing ioctl (KVM_SET_XSAVE) to update guest fpsate to the kernel. KVM_SET_XSAVE is extended to do properly_sized memdup_user() based on the guest fpstate. - Expose related cpuid bits to guest The last step is to allow exposing XFD, AMX_TILE, AMX_INT8 and AMX_BF16 in guest cpuid. Adding those bits into kvm_cpu_caps finally activates all previous logics in this series - Optimization: disable interception for IA32_XFD IA32_XFD can be frequently updated by the guest, as it is part of the task state and swapped in context switch when prev and next have different XFD setting. Always intercepting WRMSR can easily cause non-negligible overhead. Disable r/w emulation for IA32_XFD after intercepting the first WRMSR(IA32_XFD) with a non-zero value. However MSR passthrough implies the software state (guest_fpstate::xfd and per-cpu xfd cache) might be out of sync with MSR. This suggests KVM needs to re-sync them at VM-exit before preemption is enabled. To verify AMX virtualization overhead on non-AMX usages, we run the Phoronix kernel build test in the guest w/ and w/o AMX in cpuid. The result shows no observable difference between two configurations. Thanks Jun Nakajima and Kevin Tian for the design suggestions when this version is being internally worked on. [1] https://lore.kernel.org/all/20211214022825.563892248@linutronix.de/ [2] https://www.spinics.net/lists/kvm/msg259015.html [3] https://lore.kernel.org/lkml/20211208000359.2853257-1-yang.zhong@intel.com/ Thanks, Jing --- Guang Zeng (1): kvm: x86: Get/set expanded xstate buffer Jing Liu (13): kvm: x86: Fix xstate_required_size() to follow XSTATE alignment rule kvm: x86: Exclude unpermitted xfeatures at KVM_GET_SUPPORTED_CPUID kvm: x86: Check permitted dynamic xfeatures at KVM_SET_CPUID2 x86/fpu: Make XFD initialization in __fpstate_reset() a function argument kvm: x86: Enable dynamic XSAVE features at KVM_SET_CPUID2 kvm: x86: Add emulation for IA32_XFD x86/fpu: Prepare xfd_err in struct fpu_guest kvm: x86: Intercept #NM for saving IA32_XFD_ERR kvm: x86: Emulate IA32_XFD_ERR for guest kvm: x86: Disable RDMSR interception of IA32_XFD_ERR kvm: x86: Add XCR0 support for Intel AMX kvm: x86: Add CPUID support for Intel AMX kvm: x86: Disable interception for IA32_XFD on demand Kevin Tian (2): x86/fpu: Provide fpu_update_guest_perm_features() for guest x86/fpu: Provide fpu_update_guest_xfd() for IA32_XFD emulation Thomas Gleixner (5): x86/fpu: Extend fpu_xstate_prctl() with guest permissions x86/fpu: Prepare guest FPU for dynamically enabled FPU features x86/fpu: Add guest support to xfd_enable_feature() x86/fpu: Add uabi_size to guest_fpu x86/fpu: Provide fpu_sync_guest_vmexit_xfd_state() Wei Wang (1): kvm: selftests: Add support for KVM_CAP_XSAVE2 Documentation/virt/kvm/api.rst | 46 +++++- arch/x86/include/asm/cpufeatures.h | 2 + arch/x86/include/asm/fpu/api.h | 11 ++ arch/x86/include/asm/fpu/types.h | 32 ++++ arch/x86/include/asm/kvm_host.h | 2 + arch/x86/include/uapi/asm/kvm.h | 16 +- arch/x86/include/uapi/asm/prctl.h | 26 ++-- arch/x86/kernel/fpu/core.c | 104 ++++++++++++- arch/x86/kernel/fpu/xstate.c | 147 +++++++++++------- arch/x86/kernel/fpu/xstate.h | 15 +- arch/x86/kernel/process.c | 2 + arch/x86/kvm/cpuid.c | 93 ++++++++--- arch/x86/kvm/vmx/vmcs.h | 5 + arch/x86/kvm/vmx/vmx.c | 32 +++- arch/x86/kvm/vmx/vmx.h | 2 +- arch/x86/kvm/x86.c | 102 +++++++++++- include/uapi/linux/kvm.h | 4 + tools/arch/x86/include/uapi/asm/kvm.h | 16 +- tools/include/uapi/linux/kvm.h | 3 + .../testing/selftests/kvm/include/kvm_util.h | 2 + .../selftests/kvm/include/x86_64/processor.h | 10 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 32 ++++ .../selftests/kvm/lib/x86_64/processor.c | 67 +++++++- .../testing/selftests/kvm/x86_64/evmcs_test.c | 2 +- tools/testing/selftests/kvm/x86_64/smm_test.c | 2 +- .../testing/selftests/kvm/x86_64/state_test.c | 2 +- .../kvm/x86_64/vmx_preemption_timer_test.c | 2 +- 27 files changed, 668 insertions(+), 111 deletions(-) -- 2.27.0

3 years, 10 months

5
46
0 0

[PATCH v1 00/11] mm: COW fixes part 1: fix the COW security issue for THP and hugetlb

by David Hildenbrand

Hi everybody, as discussed in the linux-mm alignment session on Wednesday, this is part 1 of the COW fixes: fix the COW security issue using GUP-triggered unsharing of shared anonymous pages (ordinary, THP, hugetlb). In the meeting slides, this approach was referred to as "Copy On Read". If anybody wants to have access to the slides, please feel free to reach out. The patches are based on v5.16-rc5 and available at: https://github.com/davidhildenbrand/linux/pull/new/unshare_v1 It is currently again possible for a child process to observe modifications of anonymous pages performed by the parent process after fork() in some cases, which is not only a violation of the POSIX semantics of MAP_PRIVATE, but more importantly a real security issue. This issue, including other related COW issues, has been summarized at [1]: " 1. Observing Memory Modifications of Private Pages From A Child Process Long story short: process-private memory might not be as private as you think once you fork(): successive modifications of private memory regions in the parent process can still be observed by the child process, for example, by smart use of vmsplice()+munmap(). The core problem is that pinning pages readable in a child process, such as done via the vmsplice system call, can result in a child process observing memory modifications done in the parent process the child is not supposed to observe. [1] contains an excellent summary and [2] contains further details. This issue was assigned CVE-2020-29374 [9]. For this to trigger, it's required to use a fork() without subsequent exec(), for example, as used under Android zygote. Without further details about an application that forks less-privileged child processes, one cannot really say what's actually affected and what's not -- see the details section the end of this mail for a short sshd/openssh analysis. While commit 17839856fd58 ("gup: document and work around "COW can break either way" issue") fixed this issue and resulted in other problems (e.g., ptrace on pmem), commit 09854ba94c6a ("mm: do_wp_page() simplification") re-introduced part of the problem unfortunately. The original reproducer can be modified quite easily to use THP [3] and make the issue appear again on upstream kernels. I modified it to use hugetlb [4] and it triggers as well. The problem is certainly less severe with hugetlb than with THP; it merely highlights that we still have plenty of open holes we should be closing/fixing. Regarding vmsplice(), the only known workaround is to disallow the vmsplice() system call ... or disable THP and hugetlb. But who knows what else is affected (RDMA? O_DIRECT?) to achieve the same goal -- in the end, it's a more generic issue. " This security issue was first reported by Jann Horn on 27 May 2020 and it currently affects anonymous THP and hugetlb again. The "security issue" part for hugetlb might be less important than for THP. However, with this approach it's just easy to get the MAP_PRIVATE semantics of any anonymous pages in that regard and avoid any such information leaks without much added complexity. Ordinary anonymous pages are currently not affected, because the COW logic was changed in commit 09854ba94c6a ("mm: do_wp_page() simplification") for them to COW on "page_count() != 1" instead of "mapcount > 1", which unfortunately results in other COW issues, some of them documented in [1] as well. To fix this COW issue once and for all, introduce GUP-triggered unsharing that can be conditionally triggered via FAULT_FLAG_UNSHARE. In contrast to traditional COW, unsharing will leave the copied page mapped write-protected in the page table, not having the semantics of a write fault. Logically, unsharing is triggered "early", as soon as GUP performs the action that could result in a COW getting missed later and the security issue triggering: however, unsharing is not triggered as before via a write fault with undesired side effects. Long story short, GUP triggers unsharing if all of the following conditions are met: * The page is mapped R/O * We have an anonymous page, excluding KSM * We want to read (!FOLL_WRITE) * Unsharing is not disabled (!FOLL_NOUNSHARE) * We want to take a reference (FOLL_GET or FOLL_PIN) * The page is a shared anonymous page: mapcount > 1 To reliably detect shared anonymous THP without heavy locking, introduce a mapcount_seqcount seqlock that protects the mapcount of a THP and can be used to read an atomic mapcount value. The mapcount_seqlock is stored inside the memmap of the compound page -- to keep it simple, factor out a raw_seqlock_t from the seqlock_t. As this patch series introduces the same unsharing logic for any anonymous pages, it also paves the way to fix other COW issues, e.g., documented in [1], without reintroducing the security issue or reintroducing other issues we observed in the past (e.g., broken ptrace on pmem). All reproducers for this COW issue have been consolidated in the selftest included in this series. Hopefully we'll get this fixed for good. Future work: * get_user_pages_fast_only() can currently spin on the mapcount_seqcount when reading the mapcount, which might be a rare event. While this is fine even when done from get_user_pages_fast_only() in IRQ context, we might want to just fail fast in get_user_pages_fast_only(). We already have patches prepared that add page_anon_maybe_shared() and page_trans_huge_anon_maybe_shared() that will return "true" in case spinning would be required and make get_user_pages_fast_only() fail fast. I'm excluding them for simplicity. ... even better would be finding a way to just not need the mapcount_seqcount, but THP splitting and PageDoubleMap() gives us a hard time -- but maybe we'll eventually find a way someday :) * Part 2 will tackle the other user-space visible breakages / COW issues raised in [1]. This series is the basis for adjusting the COW logic once again without re-introducing the COW issue fixed in this series and without reintroducing the issues we saw with the original CVE fix (e.g., breaking ptrace on pmem). There might be further parts to improve the GUP long-term <-> MM synchronicity and to optimize some things around that. The idea is by Andrea and some patches are rewritten versions of prototype patches by Andrea. I cross-compiled and tested as good as possible. I'll CC locking+selftest folks only on the relevant patch and the cover letter to minimze the noise. I'll put everyone on CC who was either involved with the COW issues in the past or attended the linux-mm alignment session on Wednesday. Appologies if I forget anyone :) [1] https://lore.kernel.org/r/3ae33b08-d9ef-f846-56fb-645e3b9b4c66@redhat.com David Hildenbrand (11): seqlock: provide lockdep-free raw_seqcount_t variant mm: thp: consolidate mapcount logic on THP split mm: simplify hugetlb and file-THP handling in __page_mapcount() mm: thp: simlify total_mapcount() mm: thp: allow for reading the THP mapcount atomically via a raw_seqlock_t mm: support GUP-triggered unsharing via FAULT_FLAG_UNSHARE (!hugetlb) mm: gup: trigger unsharing via FAULT_FLAG_UNSHARE when required (!hugetlb) mm: hugetlb: support GUP-triggered unsharing via FAULT_FLAG_UNSHARE mm: gup: trigger unsharing via FAULT_FLAG_UNSHARE when required (hugetlb) mm: thp: introduce and use page_trans_huge_anon_shared() selftests/vm: add tests for the known COW security issues Documentation/locking/seqlock.rst | 50 ++++ include/linux/huge_mm.h | 72 +++++ include/linux/mm.h | 14 + include/linux/mm_types.h | 9 + include/linux/seqlock.h | 145 +++++++--- mm/gup.c | 89 +++++- mm/huge_memory.c | 120 +++++++-- mm/hugetlb.c | 129 +++++++-- mm/memory.c | 136 ++++++++-- mm/rmap.c | 40 +-- mm/swapfile.c | 35 ++- mm/util.c | 24 +- tools/testing/selftests/vm/Makefile | 1 + tools/testing/selftests/vm/gup_cow.c | 312 ++++++++++++++++++++++ tools/testing/selftests/vm/run_vmtests.sh | 16 ++ 15 files changed, 1044 insertions(+), 148 deletions(-) create mode 100644 tools/testing/selftests/vm/gup_cow.c -- 2.31.1

3 years, 10 months

11
136
0 0

[PATCH AUTOSEL 5.15 16/16] userfaultfd/selftests: fix hugetlb area allocations

by Sasha Levin

From: Mike Kravetz <mike.kravetz(a)oracle.com> [ Upstream commit f5c73297181c6b3ad76537bad98eaad6d29b9333 ] Currently, userfaultfd selftest for hugetlb as run from run_vmtests.sh or any environment where there are 'just enough' hugetlb pages will always fail with: testing events (fork, remap, remove): ERROR: UFFDIO_COPY error: -12 (errno=12, line=616) The ENOMEM error code implies there are not enough hugetlb pages. However, there are free hugetlb pages but they are all reserved. There is a basic problem with the way the test allocates hugetlb pages which has existed since the test was originally written. Due to the way 'cleanup' was done between different phases of the test, this issue was masked until recently. The issue was uncovered by commit 8ba6e8640844 ("userfaultfd/selftests: reinitialize test context in each test"). For the hugetlb test, src and dst areas are allocated as PRIVATE mappings of a hugetlb file. This means that at mmap time, pages are reserved for the src and dst areas. At the start of event testing (and other tests) the src area is populated which results in allocation of huge pages to fill the area and consumption of reserves associated with the area. Then, a child is forked to fault in the dst area. Note that the dst area was allocated in the parent and hence the parent owns the reserves associated with the mapping. The child has normal access to the dst area, but can not use the reserves created/owned by the parent. Thus, if there are no other huge pages available allocation of a page for the dst by the child will fail. Fix by not creating reserves for the dst area. In this way the child can use free (non-reserved) pages. Also, MAP_PRIVATE of a file only makes sense if you are interested in the contents of the file before making a COW copy. The test does not do this. So, just use MAP_ANONYMOUS | MAP_HUGETLB to create an anonymous hugetlb mapping. There is no need to create a hugetlb file in the non-shared case. Link: https://lkml.kernel.org/r/20211217172919.7861-1-mike.kravetz@oracle.com Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Axel Rasmussen <axelrasmussen(a)google.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Mina Almasry <almasrymina(a)google.com> Cc: Shuah Khan <shuah(a)kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/vm/userfaultfd.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/vm/userfaultfd.c b/tools/testing/selftests/vm/userfaultfd.c index 60aa1a4fc69b6..81690f1737c80 100644 --- a/tools/testing/selftests/vm/userfaultfd.c +++ b/tools/testing/selftests/vm/userfaultfd.c @@ -86,7 +86,7 @@ static bool test_uffdio_minor = false; static bool map_shared; static int shm_fd; -static int huge_fd; +static int huge_fd = -1; /* only used for hugetlb_shared test */ static char *huge_fd_off0; static unsigned long long *count_verify; static int uffd = -1; @@ -222,6 +222,9 @@ static void noop_alias_mapping(__u64 *start, size_t len, unsigned long offset) static void hugetlb_release_pages(char *rel_area) { + if (huge_fd == -1) + return; + if (fallocate(huge_fd, FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE, rel_area == huge_fd_off0 ? 0 : nr_pages * page_size, nr_pages * page_size)) @@ -234,16 +237,17 @@ static void hugetlb_allocate_area(void **alloc_area) char **alloc_area_alias; *alloc_area = mmap(NULL, nr_pages * page_size, PROT_READ | PROT_WRITE, - (map_shared ? MAP_SHARED : MAP_PRIVATE) | - MAP_HUGETLB, - huge_fd, *alloc_area == area_src ? 0 : - nr_pages * page_size); + map_shared ? MAP_SHARED : + MAP_PRIVATE | MAP_HUGETLB | + (*alloc_area == area_src ? 0 : MAP_NORESERVE), + huge_fd, + *alloc_area == area_src ? 0 : nr_pages * page_size); if (*alloc_area == MAP_FAILED) err("mmap of hugetlbfs file failed"); if (map_shared) { area_alias = mmap(NULL, nr_pages * page_size, PROT_READ | PROT_WRITE, - MAP_SHARED | MAP_HUGETLB, + MAP_SHARED, huge_fd, *alloc_area == area_src ? 0 : nr_pages * page_size); if (area_alias == MAP_FAILED) -- 2.34.1

3 years, 10 months

1
0
0 0

[Resource Leak] Missing closing files in testing/selftests/timens/procfs.c

by Ryan Cai

Dear Kernel maintainers, 1. In read_proc_uptime, the file opened at Line 75 may not closed when going to Line 84 and 87. Location: https://github.com/torvalds/linux/blob/5bfc75d92efd494db37f5c4c173d3639d477… Can I send I a patch? Best, Ryan

3 years, 10 months

1
0
0 0

[Resource Leak] Missing closing files in tools/bpf/bpf_asm.c

by Ryan Cai

Dear Kernel maintainers, 1. In ksm_read_sysfs, the file opened at Line 74 may not closed when going to Line 83. Location: https://github.com/torvalds/linux/blob/512b7931ad0561ffe14265f9ff554a3c081b… 2. In ksm_write_sysfs, the file opened at Line 56 may not closed when going to Line 64. Location: https://github.com/torvalds/linux/blob/512b7931ad0561ffe14265f9ff554a3c081b… Should they be bugs? I can send a patch for these. Best, Ryan

3 years, 10 months

1
0
0 0

[Resource Leak] Missing closing files in testing/selftests/vm/mlock2

by Ryan Cai

Dear Kernel maintainers, 1. In testing/selftests/vm/mlock2, the file opened at Line 39 may not closed when going to Line 65. Location: https://github.com/torvalds/linux/blob/5bfc75d92efd494db37f5c4c173d3639d477… Can I send I a patch? Best, Ryan

3 years, 10 months

2
1
0 0

[PATCH v4 0/4] KVM RISC-V 64-bit selftests support

by Anup Patel

This series adds initial support for testing KVM RISC-V 64-bit using kernel selftests framework. The PATCH1 & PATCH2 of this series does some ground work in KVM RISC-V to implement RISC-V support in the KVM selftests whereas remaining patches does required changes in the KVM selftests. These patches can be found in riscv_kvm_selftests_v3 branch at: https://github.com/avpatel/linux.git Changes since v2: - Rebased series on Linux-5.16-rc6 - Renamed kvm_riscv_stage2_gpa_size() to kvm_riscv_stage2_gpa_bits() in PATCH2 Changes since v1: - Renamed kvm_sbi_ext_expevend_handler() to kvm_sbi_ext_forward_handler() in PATCH1 - Renamed KVM_CAP_RISCV_VM_GPA_SIZE to KVM_CAP_VM_GPA_BITS in PATCH2 and PATCH4 Anup Patel (4): RISC-V: KVM: Forward SBI experimental and vendor extensions RISC-V: KVM: Add VM capability to allow userspace get GPA bits KVM: selftests: Add EXTRA_CFLAGS in top-level Makefile KVM: selftests: Add initial support for RISC-V 64-bit arch/riscv/include/asm/kvm_host.h | 1 + arch/riscv/kvm/mmu.c | 5 + arch/riscv/kvm/vcpu_sbi.c | 4 + arch/riscv/kvm/vcpu_sbi_base.c | 27 ++ arch/riscv/kvm/vm.c | 3 + include/uapi/linux/kvm.h | 1 + tools/testing/selftests/kvm/Makefile | 14 +- .../testing/selftests/kvm/include/kvm_util.h | 10 + .../selftests/kvm/include/riscv/processor.h | 135 +++++++ tools/testing/selftests/kvm/lib/guest_modes.c | 10 + .../selftests/kvm/lib/riscv/processor.c | 362 ++++++++++++++++++ tools/testing/selftests/kvm/lib/riscv/ucall.c | 87 +++++ 12 files changed, 658 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/kvm/include/riscv/processor.h create mode 100644 tools/testing/selftests/kvm/lib/riscv/processor.c create mode 100644 tools/testing/selftests/kvm/lib/riscv/ucall.c -- 2.25.1

3 years, 10 months

2
9
0 0

Wycena paneli fotowoltaicznych

by "Paweł Jasiński"

Dzień dobry, dostrzegam możliwość współpracy z Państwa firmą. Świadczymy kompleksową obsługę inwestycji w fotowoltaikę, która obniża koszty energii elektrycznej nawet o 90%. Czy są Państwo zainteresowani weryfikacją wstępnych propozycji? Pozdrawiam Paweł Jasiński

3 years, 10 months

1
0
0 0

Happy Weekend:

by ele.mon＠jllresort.com

Greetings to you linux-kselftest, I was wondering if you got my previous email? I have been trying to reach you by email linux-kselftest(a)vger.kernel.org, kindly get back to me swiftly, it is very important and urgent. Thanks Mustafa Ayvaz Email: mustafa.ayvaz(a)ayvazburosu.com

3 years, 10 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror