- Linux-kselftest-mirror - lists.linaro.org

[PATCH 0/3] selftests/ftrace: Fix ftracetest testcases for dash, etc.

by Masami Hiramatsu

Hi, Here are some patches to update ftracetest to fix some issues. - [1/3] Fix coloring of XFAIL - [2/3] Fix a testcase not to expect just one event entry - [3/3] Do not use built-in echo because the behavior is different on dash and bash. (Thanks Liu for reporting!) Thank you, --- Masami Hiramatsu (3): selftests/ftrace: Make XFAIL green color selftests/ftrace: Pick only the first kprobe event to test selftests/ftrace: Use /bin/echo instead of built-in echo tools/testing/selftests/ftrace/ftracetest | 2 +- tools/testing/selftests/ftrace/test.d/functions | 3 +++ .../ftrace/test.d/kprobe/kprobe_args_type.tc | 2 +- .../test.d/trigger/trigger-trace-marker-hist.tc | 2 +- .../trigger-trace-marker-synthetic-kernel.tc | 4 ++++ .../trigger/trigger-trace-marker-synthetic.tc | 4 ++-- 6 files changed, 12 insertions(+), 5 deletions(-) -- Masami Hiramatsu (Linaro) <mhiramat(a)kernel.org>

5 years, 4 months

8
37
0 0

[PATCH bpf 0/5] bpf: fix map permissions check and cleanup code around

by Anton Protopopov

This series fixes a bug in the map_lookup_and_delete_elem() function which should check for the FMODE_CAN_READ bit, because it returns data to user space. The rest of commits fix some typos and comment in selftests and extend the test_map_wronly test to cover the new check for the BPF_MAP_TYPE_STACK and BPF_MAP_TYPE_QUEUE map types. Anton Protopopov (5): selftests/bpf: fix a typo in test_maps selftests/bpf: cleanup some file descriptors in test_maps selftests/bpf: cleanup comments in test_maps bpf: fix map permissions check selftests/bpf: add tests for write-only stacks/queues kernel/bpf/syscall.c | 3 +- tools/testing/selftests/bpf/test_maps.c | 52 ++++++++++++++++++++++--- 2 files changed, 49 insertions(+), 6 deletions(-) -- 2.20.1

5 years, 4 months

2
6
0 0

kselftest OOT run_tests

by Yauheni Kaliuta

Hi! I'm wondering how out of tree check is supposed to work for make O=dir run_tests from selftests (or make -C ...) directory? (both with 051f278e9d81 ("kbuild: replace KBUILD_SRCTREE with boolean building_out_of_srctree") and without) make M= ... does not work with run_tests. -- WBR, Yauheni Kaliuta

5 years, 4 months

3
7
0 0

selftests: cgroup: config fragments required

by Naresh Kamboju

selftest cgroup tests are getting skipped due to missing kernel config fragments. Please create the required config fragments "config" file. Our CI system merges these kernel config fragments and builds the kernel for testing. You may refer config files in other test directories. Test output log, # selftests cgroup test_memcontrol cgroup: test_memcontrol_ # [SKIP] not ok 1 # SKIP memory controller isn't available ok: 1_# [SKIP] [SKIP] 1 selftests cgroup test_memcontrol # SKIP selftests: cgroup_test_memcontrol [SKIP] # selftests cgroup test_core cgroup: test_core_ # [SKIP] not ok 1 # SKIP Failed to set memory controller ok: 1_# [SKIP] [SKIP] 2 selftests cgroup test_core # SKIP selftests: cgroup_test_core [SKIP] # selftests cgroup test_freezer cgroup: test_freezer_ # # ok 1 test_cgfreezer_simple 1: test_cgfreezer_simple_ # # ok 2 test_cgfreezer_tree 2: test_cgfreezer_tree_ # # ok 3 test_cgfreezer_forkbomb 3: test_cgfreezer_forkbomb_ # # ok 4 test_cgfreezer_mkdir 4: test_cgfreezer_mkdir_ # # ok 5 test_cgfreezer_rmdir 5: test_cgfreezer_rmdir_ # # ok 6 test_cgfreezer_migrate 6: test_cgfreezer_migrate_ # # Cgroup /sys/fs/cgroup/unified/cg_test_ptrace isn't frozen /sys/fs/cgroup/unified/cg_test_ptrace: isn't_frozen # # not ok 7 test_cgfreezer_ptrace ok: 7_test_cgfreezer_ptrace # # ok 8 test_cgfreezer_stopped 8: test_cgfreezer_stopped_ # # ok 9 test_cgfreezer_ptraced 9: test_cgfreezer_ptraced_ # # ok 10 test_cgfreezer_vfork 10: test_cgfreezer_vfork_ # [FAIL] 3 selftests cgroup test_freezer # exit=1 selftests: cgroup_test_freezer [FAIL] # selftests cgroup test_stress.sh cgroup: test_stress.sh_ # # ./with_stress.sh line 34 echo write error No such file or directory line: 34_echo # # Skipping cannot enable cpuset in /sys/fs/cgroup/unified cannot: enable_cpuset # [SKIP] 4 selftests cgroup test_stress.sh # SKIP selftests: cgroup_test_stress.sh [SKIP] You may create config file like this, CONFIG_CGROUPS=y CONFIG_CGROUP_WRITEBACK=y CONFIG_CGROUP_SCHED=y CONFIG_CGROUP_FREEZER=y CONFIG_CGROUP_HUGETLB=y CONFIG_CPUSETS=y CONFIG_PROC_PID_CPUSET=y CONFIG_CGROUP_DEVICE=y CONFIG_CGROUP_CPUACCT=y CONFIG_CGROUP_PERF=y -- Linaro LKFT https://lkft.linaro.org

5 years, 4 months

1
0
0 0

Re: [PATCH v3 3/7] kunit: tests for stats_fs API

by Alan Maguire

On Tue, 26 May 2020, Emanuele Giuseppe Esposito wrote: > Add kunit tests to extensively test the stats_fs API functionality. > I've added in the kunit-related folks. > In order to run them, the kernel .config must set CONFIG_KUNIT=y > and a new .kunitconfig file must be created with CONFIG_STATS_FS=y > and CONFIG_STATS_FS_TEST=y > It looks like CONFIG_STATS_FS is built-in, but it exports much of the functionality you are testing. However could the tests also be built as a module (i.e. make CONFIG_STATS_FS_TEST a tristate variable)? To test this you'd need to specify CONFIG_KUNIT=m and CONFIG_STATS_FS_TEST=m, and testing would simply be a case of "modprobe"ing the stats fs module and collecting results in /sys/kernel/debug/kunit/<module_name> (rather than running kunit.py). Are you relying on unexported internals in the the tests that would prevent building them as a module? Thanks! Alan

5 years, 4 months

2
1
0 0

Re: [PATCH 0/8] selftests/bpf: installation and out of tree build fixes

by Yauheni Kaliuta

Hi, Andrii! >>>>> On Tue, 26 May 2020 15:32:10 -0700, Andrii Nakryiko wrote: > On Thu, May 21, 2020 at 11:41 PM Yauheni Kaliuta > <yauheni.kaliuta(a)redhat.com> wrote: >> >> >> Actually, a bit more needed :) > From the other kselftest thread, it seems like selftests are not > supporting builds out-of-tree. With that, wouldn't it be simpler to > build in tree and then just copy selftests/bpf directory to wherever > you need to run tests from? It would be simple and reliable. Given I > and probably everyone else never build and run tests out-of-tree, it's > just too easy to break this and you'll be constantly chasing some > non-obvious breakages... > Is there some problem with such approach? This is `make install` ;). I personally do not need OOT build, but since it's in the code, I'd prefer either fix it or remove it, otherwise it's misleading. But I have not got reply from kselftest. >> >> >>>>> On Fri, 22 May 2020 07:13:02 +0300, Yauheni Kaliuta wrote: >> >> > I had a look, here are some fixes. >> > Yauheni Kaliuta (8): >> > selftests/bpf: remove test_align from Makefile >> > selftests/bpf: build bench.o for any $(OUTPUT) >> > selftests/bpf: install btf .c files >> > selftests/bpf: fix object files installation >> > selftests/bpf: add output dir to include list >> > selftests/bpf: fix urandom_read installation >> > selftests/bpf: fix test.h placing for out of tree build >> > selftests/bpf: factor out MKDIR rule >> >> > tools/testing/selftests/bpf/Makefile | 77 ++++++++++++++++++++-------- >> > 1 file changed, 55 insertions(+), 22 deletions(-) >> >> > -- >> > 2.26.2 >> >> >> -- >> WBR, >> Yauheni Kaliuta >> -- WBR, Yauheni Kaliuta

5 years, 4 months

2
3
0 0

Kunit get 0 tests when run defconfig in Debian9

by kernel test robot

Hi, all. I met a strange problem that kunit run 0 tests in Debian9. Env: ``` root@lkp-hsw-ep4 ~/linus# head /etc/os-release PRETTY_NAME="Debian GNU/Linux 9 (stretch)" NAME="Debian GNU/Linux" VERSION_ID="9" VERSION="9 (stretch)" ID=debian root@lkp-hsw-ep4 ~/linus# uname -r 5.6.0 ``` Reproduce: Just run `./tools/testing/kunit/kunit.py run --defconfig` ``` root@lkp-hsw-ep4 ~/linus# ./tools/testing/kunit/kunit.py run --defconfig [13:41:30] Building KUnit Kernel ... [13:41:33] Starting KUnit Kernel ... [13:41:33] ============================================================ [13:41:33] Testing complete. 0 tests run. 0 failed. 0 crashed. [13:41:33] Elapsed time: 2.619s total, 0.002s configuring, 2.610s building, 0.007s running root@lkp-hsw-ep4 ~/linus# cat .kunitconfig CONFIG_KUNIT=y CONFIG_KUNIT_TEST=y CONFIG_KUNIT_EXAMPLE_TEST=y ``` As doc said, looks like everything worked correctly. But kunit run 0 tests. ``` If everything worked correctly, you should see the following: Generating .config ... Building KUnit Kernel ... Starting KUnit Kernel ... ``` -- Best regards. Liu Yiding

5 years, 4 months

4
3
0 0

[PATCH] selftests: powerpc: Add test for execute-disabled pkeys

by Sandipan Das

Apart from read and write access, memory protection keys can also be used for restricting execute permission of pages on powerpc. This adds a test to verify if the feature works as expected. Signed-off-by: Sandipan Das <sandipan(a)linux.ibm.com> --- tools/testing/selftests/powerpc/mm/Makefile | 3 +- .../selftests/powerpc/mm/pkey_exec_prot.c | 326 ++++++++++++++++++ 2 files changed, 328 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/powerpc/mm/pkey_exec_prot.c diff --git a/tools/testing/selftests/powerpc/mm/Makefile b/tools/testing/selftests/powerpc/mm/Makefile index b9103c4bb414..2816229f648b 100644 --- a/tools/testing/selftests/powerpc/mm/Makefile +++ b/tools/testing/selftests/powerpc/mm/Makefile @@ -3,7 +3,7 @@ noarg: $(MAKE) -C ../ TEST_GEN_PROGS := hugetlb_vs_thp_test subpage_prot prot_sao segv_errors wild_bctr \ - large_vm_fork_separation bad_accesses + large_vm_fork_separation bad_accesses pkey_exec_prot TEST_GEN_PROGS_EXTENDED := tlbie_test TEST_GEN_FILES := tempfile @@ -17,6 +17,7 @@ $(OUTPUT)/prot_sao: ../utils.c $(OUTPUT)/wild_bctr: CFLAGS += -m64 $(OUTPUT)/large_vm_fork_separation: CFLAGS += -m64 $(OUTPUT)/bad_accesses: CFLAGS += -m64 +$(OUTPUT)/pkey_exec_prot: CFLAGS += -m64 $(OUTPUT)/tempfile: dd if=/dev/zero of=$@ bs=64k count=1 diff --git a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c new file mode 100644 index 000000000000..b346ad205e68 --- /dev/null +++ b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c @@ -0,0 +1,326 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/* + * Copyright 2020, Sandipan Das, IBM Corp. + * + * Test if applying execute protection on pages using memory + * protection keys works as expected. + */ + +#define _GNU_SOURCE +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <signal.h> + +#include <time.h> +#include <unistd.h> +#include <sys/mman.h> + +#include "utils.h" + +/* Override definitions as they might be inconsistent */ +#undef PKEY_DISABLE_ACCESS +#define PKEY_DISABLE_ACCESS 0x3 + +#undef PKEY_DISABLE_WRITE +#define PKEY_DISABLE_WRITE 0x2 + +#undef PKEY_DISABLE_EXECUTE +#define PKEY_DISABLE_EXECUTE 0x4 + +/* Older distros might not define this */ +#ifndef SEGV_PKUERR +#define SEGV_PKUERR 4 +#endif + +#define SYS_pkey_mprotect 386 +#define SYS_pkey_alloc 384 +#define SYS_pkey_free 385 + +#define PKEY_BITS_PER_PKEY 2 +#define NR_PKEYS 32 + +#define PKEY_BITS_MASK ((1UL << PKEY_BITS_PER_PKEY) - 1) + +static unsigned long pkeyreg_get(void) +{ + unsigned long uamr; + + asm volatile("mfspr %0, 0xd" : "=r"(uamr)); + return uamr; +} + +static void pkeyreg_set(unsigned long uamr) +{ + asm volatile("isync; mtspr 0xd, %0; isync;" : : "r"(uamr)); +} + +static void pkey_set_rights(int pkey, unsigned long rights) +{ + unsigned long uamr, shift; + + shift = (NR_PKEYS - pkey - 1) * PKEY_BITS_PER_PKEY; + uamr = pkeyreg_get(); + uamr &= ~(PKEY_BITS_MASK << shift); + uamr |= (rights & PKEY_BITS_MASK) << shift; + pkeyreg_set(uamr); +} + +static int sys_pkey_mprotect(void *addr, size_t len, int prot, int pkey) +{ + return syscall(SYS_pkey_mprotect, addr, len, prot, pkey); +} + +static int sys_pkey_alloc(unsigned long flags, unsigned long rights) +{ + return syscall(SYS_pkey_alloc, flags, rights); +} + +static int sys_pkey_free(int pkey) +{ + return syscall(SYS_pkey_free, pkey); +} + +static volatile int fpkey, fcode, ftype, faults; +static unsigned long pgsize, numinsns; +static volatile unsigned int *faddr; +static unsigned int *insns; + +static void segv_handler(int signum, siginfo_t *sinfo, void *ctx) +{ + /* Check if this fault originated because of the expected reasons */ + if (sinfo->si_code != SEGV_ACCERR && sinfo->si_code != SEGV_PKUERR) { + printf("got an unexpected fault, code = %d\n", + sinfo->si_code); + goto fail; + } + + /* Check if this fault originated from the expected address */ + if (sinfo->si_addr != (void *) faddr) { + printf("got an unexpected fault, addr = %p\n", + sinfo->si_addr); + goto fail; + } + + /* Check if the expected number of faults has been exceeded */ + if (faults == 0) + goto fail; + + fcode = sinfo->si_code; + + /* Restore permissions in order to continue */ + switch (fcode) { + case SEGV_ACCERR: + if (mprotect(insns, pgsize, PROT_READ | PROT_WRITE)) { + perror("mprotect"); + goto fail; + } + break; + case SEGV_PKUERR: + if (sinfo->si_pkey != fpkey) + goto fail; + + if (ftype == PKEY_DISABLE_ACCESS) { + pkey_set_rights(fpkey, 0); + } else if (ftype == PKEY_DISABLE_EXECUTE) { + /* + * Reassociate the exec-only pkey with the region + * to be able to continue. Unlike AMR, we cannot + * set IAMR directly from userspace to restore the + * permissions. + */ + if (mprotect(insns, pgsize, PROT_EXEC)) { + perror("mprotect"); + goto fail; + } + } else { + goto fail; + } + break; + } + + faults--; + return; + +fail: + /* Restore all page permissions to avoid repetitive faults */ + if (mprotect(insns, pgsize, PROT_READ | PROT_WRITE | PROT_EXEC)) + perror("mprotect"); + if (sinfo->si_code == SEGV_PKUERR) + pkey_set_rights(sinfo->si_pkey, 0); + faults = -1; /* Something unexpected happened */ +} + +static int pkeys_unsupported(void) +{ + bool using_hash = false; + char line[128]; + int pkey; + FILE *f; + + f = fopen("/proc/cpuinfo", "r"); + FAIL_IF(!f); + + /* Protection keys are currently supported on Hash MMU only */ + while (fgets(line, sizeof(line), f)) { + if (strcmp(line, "MMU : Hash\n") == 0) { + using_hash = true; + break; + } + } + + fclose(f); + SKIP_IF(!using_hash); + + /* Check if the system call is supported */ + pkey = sys_pkey_alloc(0, 0); + SKIP_IF(pkey < 0); + sys_pkey_free(pkey); + + return 0; +} + +static int test(void) +{ + struct sigaction act; + int pkey, ret, i; + + ret = pkeys_unsupported(); + if (ret) + return ret; + + /* Setup signal handler */ + act.sa_handler = 0; + act.sa_sigaction = segv_handler; + FAIL_IF(sigprocmask(SIG_SETMASK, 0, &act.sa_mask) != 0); + act.sa_flags = SA_SIGINFO; + act.sa_restorer = 0; + FAIL_IF(sigaction(SIGSEGV, &act, NULL) != 0); + + /* Setup executable region */ + pgsize = sysconf(_SC_PAGESIZE); + numinsns = pgsize / sizeof(unsigned int); + insns = (unsigned int *) mmap(NULL, pgsize, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + FAIL_IF(insns == MAP_FAILED); + + /* Write the instruction words */ + for (i = 0; i < numinsns - 1; i++) + insns[i] = 0x60000000; /* nop */ + + /* + * Later, to jump to the executable region, we use a linked + * branch which sets the return address automatically in LR. + * Use that to return back. + */ + insns[numinsns - 1] = 0x4e800020; /* blr */ + + /* Allocate a pkey that restricts execution */ + pkey = sys_pkey_alloc(0, PKEY_DISABLE_EXECUTE); + FAIL_IF(pkey < 0); + + /* + * Pick a random instruction address from the executable + * region. + */ + srand(time(NULL)); + faddr = &insns[rand() % (numinsns - 1)]; + + /* The following two cases will avoid SEGV_PKUERR */ + ftype = -1; + fpkey = -1; + + /* + * Read an instruction word from the address when AMR bits + * are not set. + * + * This should not generate a fault as having PROT_EXEC + * implicitly allows reads. The pkey currently restricts + * execution only based on the IAMR bits. The AMR bits are + * cleared. + */ + faults = 0; + FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); + printf("read from %p, pkey is execute-disabled\n", (void *) faddr); + i = *faddr; + FAIL_IF(faults != 0); + + /* + * Write an instruction word to the address when AMR bits + * are not set. + * + * This should generate an access fault as having just + * PROT_EXEC also restricts writes. The pkey currently + * restricts execution only based on the IAMR bits. The + * AMR bits are cleared. + */ + faults = 1; + FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); + printf("write to %p, pkey is execute-disabled\n", (void *) faddr); + *faddr = 0x60000000; /* nop */ + FAIL_IF(faults != 0 || fcode != SEGV_ACCERR); + + /* The following three cases will generate SEGV_PKUERR */ + ftype = PKEY_DISABLE_ACCESS; + fpkey = pkey; + + /* + * Read an instruction word from the address when AMR bits + * are set. + * + * This should generate a pkey fault based on AMR bits only + * as having PROT_EXEC implicitly allows reads. + */ + faults = 1; + FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); + printf("read from %p, pkey is execute-disabled, access-disabled\n", + (void *) faddr); + pkey_set_rights(pkey, PKEY_DISABLE_ACCESS); + i = *faddr; + FAIL_IF(faults != 0 || fcode != SEGV_PKUERR); + + /* + * Write an instruction word to the address when AMR bits + * are set. + * + * This should generate two faults. First, a pkey fault based + * on AMR bits and then an access fault based on PROT_EXEC. + */ + faults = 2; + FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); + printf("write to %p, pkey is execute-disabled, access-disabled\n", + (void *) faddr); + pkey_set_rights(pkey, PKEY_DISABLE_ACCESS); + *faddr = 0x60000000; /* nop */ + FAIL_IF(faults != 0 || fcode != SEGV_ACCERR); + + /* + * Jump to the executable region. This should generate a pkey + * fault based on IAMR bits. AMR bits will not affect execution. + */ + faddr = insns; + ftype = PKEY_DISABLE_EXECUTE; + fpkey = pkey; + faults = 1; + FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); + pkey_set_rights(pkey, PKEY_DISABLE_ACCESS); + printf("execute at %p, ", (void *) faddr); + printf("pkey is execute-disabled, access-disabled\n"); + + /* Branch into the executable region */ + asm volatile("mtctr %0" : : "r"((unsigned long) insns)); + asm volatile("bctrl"); + FAIL_IF(faults != 0 || fcode != SEGV_PKUERR); + + /* Cleanup */ + munmap((void *) insns, pgsize); + sys_pkey_free(pkey); + + return 0; +} + +int main(void) +{ + test_harness(test, "pkey_exec_prot"); +} -- 2.17.1

5 years, 4 months

2
3
0 0

[fixup] kunit: use --build_dir=.kunit as default

by Vitor Massaru Iha

To make KUnit easier to use, and to avoid overwriting object and .config files, the default KUnit build directory is set to .kunit * Related bug: https://bugzilla.kernel.org/show_bug.cgi?id=205221 Fixed up minor merge conflicts - Shuah Khan <skhan(a)linuxfoundation.org> Signed-off-by: Vitor Massaru Iha <vitor(a)massaru.org> Reviewed-by: Brendan Higgins <brendanhiggins(a)google.com> Signed-off-by: Shuah Khan <skhan(a)linuxfoundation.org> --- version after merge on kunit brach: * fix identation (tabs instead of spaces) --- tools/testing/kunit/kunit.py | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/tools/testing/kunit/kunit.py b/tools/testing/kunit/kunit.py index b01838b6f5f9..b3490271a103 100755 --- a/tools/testing/kunit/kunit.py +++ b/tools/testing/kunit/kunit.py @@ -169,7 +169,7 @@ def add_common_opts(parser): parser.add_argument('--build_dir', help='As in the make command, it specifies the build ' 'directory.', - type=str, default='', metavar='build_dir') + type=str, default='.kunit', metavar='build_dir') parser.add_argument('--make_options', help='X=Y make option, can be repeated.', action='append') @@ -245,12 +245,11 @@ def main(argv, linux=None): cli_args = parser.parse_args(argv) if cli_args.subcommand == 'run': - if cli_args.build_dir: - if not os.path.exists(cli_args.build_dir): - os.mkdir(cli_args.build_dir) - kunit_kernel.kunitconfig_path = os.path.join( - cli_args.build_dir, - kunit_kernel.kunitconfig_path) + if not os.path.exists(cli_args.build_dir): + os.mkdir(cli_args.build_dir) + kunit_kernel.kunitconfig_path = os.path.join( + cli_args.build_dir, + kunit_kernel.kunitconfig_path) if not linux: linux = kunit_kernel.LinuxSourceTree() -- 2.26.2

5 years, 4 months

2
2
0 0

[fixup] kunit: use KUnit defconfig by default

by Vitor Massaru Iha

To improve the usability of KUnit, defconfig is used by default if no kunitconfig is present. * https://bugzilla.kernel.org/show_bug.cgi?id=205259 Fixed up minor merge conflicts - Shuah Khan <skhan(a)linuxfoundation.org> Signed-off-by: Vitor Massaru Iha <vitor(a)massaru.org> Reviewed-by: Brendan Higgins <brendanhiggins(a)google.com> Signed-off-by: Shuah Khan <skhan(a)linuxfoundation.org> --- Version after kunit merge branch: * removes code related defconfig; * handles when there is no .kunitconfig. --- tools/testing/kunit/kunit.py | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/tools/testing/kunit/kunit.py b/tools/testing/kunit/kunit.py index b3490271a103..787b6d4ad716 100755 --- a/tools/testing/kunit/kunit.py +++ b/tools/testing/kunit/kunit.py @@ -23,7 +23,7 @@ import kunit_parser KunitResult = namedtuple('KunitResult', ['status','result','elapsed_time']) KunitConfigRequest = namedtuple('KunitConfigRequest', - ['build_dir', 'defconfig', 'make_options']) + ['build_dir', 'make_options']) KunitBuildRequest = namedtuple('KunitBuildRequest', ['jobs', 'build_dir', 'alltests', 'make_options']) @@ -32,8 +32,8 @@ KunitExecRequest = namedtuple('KunitExecRequest', KunitParseRequest = namedtuple('KunitParseRequest', ['raw_output', 'input_data']) KunitRequest = namedtuple('KunitRequest', ['raw_output','timeout', 'jobs', - 'build_dir', 'defconfig', - 'alltests', 'make_options']) + 'build_dir', 'alltests', + 'make_options']) KernelDirectoryPath = sys.argv[0].split('tools/testing/kunit/')[0] @@ -60,8 +60,7 @@ def config_tests(linux: kunit_kernel.LinuxSourceTree, kunit_parser.print_with_timestamp('Configuring KUnit Kernel ...') config_start = time.time() - if request.defconfig: - create_default_kunitconfig() + create_default_kunitconfig() success = linux.build_reconfig(request.build_dir, request.make_options) config_end = time.time() if not success: @@ -131,7 +130,6 @@ def run_tests(linux: kunit_kernel.LinuxSourceTree, run_start = time.time() config_request = KunitConfigRequest(request.build_dir, - request.defconfig, request.make_options) config_result = config_tests(linux, config_request) if config_result.status != KunitStatus.SUCCESS: @@ -177,11 +175,6 @@ def add_common_opts(parser): help='Run all KUnit tests through allyesconfig', action='store_true') -def add_config_opts(parser): - parser.add_argument('--defconfig', - help='Uses a default .kunitconfig.', - action='store_true') - def add_build_opts(parser): parser.add_argument('--jobs', help='As in the make command, "Specifies the number of ' @@ -210,7 +203,6 @@ def main(argv, linux=None): # The 'run' command will config, build, exec, and parse in one go. run_parser = subparser.add_parser('run', help='Runs KUnit tests.') add_common_opts(run_parser) - add_config_opts(run_parser) add_build_opts(run_parser) add_exec_opts(run_parser) add_parse_opts(run_parser) @@ -219,7 +211,6 @@ def main(argv, linux=None): help='Ensures that .config contains all of ' 'the options in .kunitconfig') add_common_opts(config_parser) - add_config_opts(config_parser) build_parser = subparser.add_parser('build', help='Builds a kernel with KUnit tests') add_common_opts(build_parser) @@ -251,6 +242,9 @@ def main(argv, linux=None): cli_args.build_dir, kunit_kernel.kunitconfig_path) + if not os.path.exists(kunit_kernel.kunitconfig_path): + create_default_kunitconfig() + if not linux: linux = kunit_kernel.LinuxSourceTree() @@ -258,7 +252,6 @@ def main(argv, linux=None): cli_args.timeout, cli_args.jobs, cli_args.build_dir, - cli_args.defconfig, cli_args.alltests, cli_args.make_options) result = run_tests(linux, request) @@ -272,11 +265,13 @@ def main(argv, linux=None): cli_args.build_dir, kunit_kernel.kunitconfig_path) + if not os.path.exists(kunit_kernel.kunitconfig_path): + create_default_kunitconfig() + if not linux: linux = kunit_kernel.LinuxSourceTree() request = KunitConfigRequest(cli_args.build_dir, - cli_args.defconfig, cli_args.make_options) result = config_tests(linux, request) kunit_parser.print_with_timestamp(( @@ -292,6 +287,9 @@ def main(argv, linux=None): cli_args.build_dir, kunit_kernel.kunitconfig_path) + if not os.path.exists(kunit_kernel.kunitconfig_path): + create_default_kunitconfig() + if not linux: linux = kunit_kernel.LinuxSourceTree() @@ -313,6 +311,9 @@ def main(argv, linux=None): cli_args.build_dir, kunit_kernel.kunitconfig_path) + if not os.path.exists(kunit_kernel.kunitconfig_path): + create_default_kunitconfig() + if not linux: linux = kunit_kernel.LinuxSourceTree() -- 2.26.2

5 years, 5 months

1
0
0 0

Re: [PATCH v2 0/3] selftests: lib.mk improvements

by shuah

On 5/19/20 8:49 AM, Yauheni Kaliuta wrote: > Hi, shuah! > >>>>>> On Tue, 19 May 2020 07:59:16 -0600, shuah wrote: > > > On 5/15/20 6:00 AM, Yauheni Kaliuta wrote: > >> > >> Yauheni Kaliuta (3): > >> selftests: do not use .ONESHELL > >> selftests: fix condition in run_tests > >> selftests: simplify run_tests > >> > >> tools/testing/selftests/lib.mk | 19 ++++++------------- > >> 1 file changed, 6 insertions(+), 13 deletions(-) > >> > > > Quick note that, I will pull these in for 5.8-rc1. Patches look okay to me, however, just noticed, this series hasn't been cc'ed to linux-kselftest. Hence it didn't go through the necessary reviews. Please run get_maintainers and resend the series to everybody the script suggests. thanks, -- Shuah

5 years, 5 months

2
2
0 0

OUTPUT and TEST_CUSTOM_PROGS

by Yauheni Kaliuta

Hi! lib.mk expects TEST_GEN_PROGS, TEST_GEN_PROGS_EXTENDED and TEST_GEN_FILES to be in local directory and tries to handle out of tree build adding OUTPUT to it at the beginning. commit be16a244c199 ("selftests: lib.mk: add TEST_CUSTOM_PROGS to allow custom test run/install") adds TEST_CUSTOM_PROGS but it handles it differently. Should it add OUTPUT as well? -- WBR, Yauheni Kaliuta

5 years, 5 months

2
1
0 0

Canada Offer

by Felix

I hope you are doing great? This is Felix from Toronto-Canada. I have a lucrative business offer that will benefit us both immensely within a very short period of time. However, I need your initial approval of interest prior to further and complete details regarding the deal. Thanks, Felix.

5 years, 5 months

1
0
0 0

[RESEND] kunit: use --build_dir=.kunit as default

by Vitor Massaru Iha

To make KUnit easier to use, and to avoid overwriting object and .config files, the default KUnit build directory is set to .kunit * Related bug: https://bugzilla.kernel.org/show_bug.cgi?id=205221 Signed-off-by: Vitor Massaru Iha <vitor(a)massaru.org> --- tools/testing/kunit/kunit.py | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/tools/testing/kunit/kunit.py b/tools/testing/kunit/kunit.py index 7dca74774dd2..5da190c79481 100755 --- a/tools/testing/kunit/kunit.py +++ b/tools/testing/kunit/kunit.py @@ -116,7 +116,7 @@ def main(argv, linux=None): run_parser.add_argument('--build_dir', help='As in the make command, it specifies the build ' 'directory.', - type=str, default='', metavar='build_dir') + type=str, default='.kunit', metavar='build_dir') run_parser.add_argument('--defconfig', help='Uses a default .kunitconfig.', @@ -136,12 +136,11 @@ def main(argv, linux=None): if get_kernel_root_path(): os.chdir(get_kernel_root_path()) - if cli_args.build_dir: - if not os.path.exists(cli_args.build_dir): - os.mkdir(cli_args.build_dir) - kunit_kernel.kunitconfig_path = os.path.join( - cli_args.build_dir, - kunit_kernel.kunitconfig_path) + if not os.path.exists(cli_args.build_dir): + os.mkdir(cli_args.build_dir) + kunit_kernel.kunitconfig_path = os.path.join( + cli_args.build_dir, + kunit_kernel.kunitconfig_path) if cli_args.defconfig: create_default_kunitconfig() -- 2.25.1

5 years, 5 months

4
5
0 0

Kselftest pstore test failure on riscv

by vaibhav jadhav

Hi, To run the Kselftest pstore test suite I use following: Hardware: Freedom U540 Architecture: RISCV Kernel: 5.4.3 Steps followed to run the test: 1.Cloning linux kernel sources from https://github.com/torvalds/linux.git 2.Extracting it. 3.From the cloned kernel source top directory running: # make -C tools/testing/selftests/ TARGETS=pstore run_tests Following is the log: make: Entering directory '/mnt/linux-master/tools/testing/selftests' make --no-builtin-rules ARCH=riscv -C ../../.. headers_install make[1]: Entering directory '/mnt/linux-master' INSTALL ./usr/include make[1]: Leaving directory '/mnt/linux-master' make[1]: Entering directory '/mnt/linux-master/tools/testing/selftests/pstore' make[1]: Nothing to be done for 'all'. make[1]: Leaving directory '/mnt/linux-master/tools/testing/selftests/pstore' make[1]: Entering directory '/mnt/linux-master/tools/testing/selftests/pstore' TAP version 13 1..2 # selftests: pstore: pstore_tests # === Pstore unit tests (pstore_tests) === # UUID=a5947bf3-bc04-4175-ac85-4056024cbc4b # Checking pstore backend is registered ... ok # backend=(null) # cmdline=earlycon=sbi earlycon=sbi root=/dev/mmcblk0p3 rootwait console=ttySIF0 console=tty0 # Checking pstore console is registered ... FAIL # Checking /dev/pmsg0 exists ... FAIL # Writing unique string to /dev/pmsg0 ... FAIL not ok 1 selftests: pstore: pstore_tests # exit=1 # selftests: pstore: pstore_post_reboot_tests # === Pstore unit tests (pstore_post_reboot_tests) === # UUID=265706d3-ab26-4568-842c-2cf1756ad9db # Checking pstore backend is registered ... ok # backend=(null) # cmdline=earlycon=sbi earlycon=sbi root=/dev/mmcblk0p3 rootwait console=ttySIF0 console=tty0 # pstore_crash_test has not been executed yet. we skip further tests. not ok 2 selftests: pstore: pstore_post_reboot_tests # SKIP make[1]: Leaving directory '/mnt/linux-master/tools/testing/selftests/pstore' make: Leaving directory '/mnt/linux-master/tools/testing/selftests' Trying to find reasons for failue: # Checking pstore console is registered ... FAIL # Checking /dev/pmsg0 exists ... FAIL # Writing unique string to /dev/pmsg0 ... FAIL Thankyou

5 years, 5 months

1
0
0 0

[PATCH] firmware_loader: change enum fw_opt to u32

by Scott Branden

"enum fw_opt" is not used as an enum. Change fw_opt to a u32 and the FW_OPT_* values inside the enum to defines. Signed-off-by: Scott Branden <scott.branden(a)broadcom.com> --- drivers/base/firmware_loader/fallback.c | 12 +++++------ drivers/base/firmware_loader/fallback.h | 8 +++---- .../base/firmware_loader/fallback_platform.c | 2 +- drivers/base/firmware_loader/firmware.h | 21 ++++++++----------- drivers/base/firmware_loader/main.c | 11 +++++----- 5 files changed, 25 insertions(+), 29 deletions(-) diff --git a/drivers/base/firmware_loader/fallback.c b/drivers/base/firmware_loader/fallback.c index 1e9c96e3ed63..af1aa3d69920 100644 --- a/drivers/base/firmware_loader/fallback.c +++ b/drivers/base/firmware_loader/fallback.c @@ -460,7 +460,7 @@ static const struct attribute_group *fw_dev_attr_groups[] = { static struct fw_sysfs * fw_create_instance(struct firmware *firmware, const char *fw_name, - struct device *device, enum fw_opt opt_flags) + struct device *device, u32 opt_flags) { struct fw_sysfs *fw_sysfs; struct device *f_dev; @@ -493,7 +493,7 @@ fw_create_instance(struct firmware *firmware, const char *fw_name, * In charge of constructing a sysfs fallback interface for firmware loading. **/ static int fw_load_sysfs_fallback(struct fw_sysfs *fw_sysfs, - enum fw_opt opt_flags, long timeout) + u32 opt_flags, long timeout) { int retval = 0; struct device *f_dev = &fw_sysfs->dev; @@ -547,7 +547,7 @@ static int fw_load_sysfs_fallback(struct fw_sysfs *fw_sysfs, static int fw_load_from_user_helper(struct firmware *firmware, const char *name, struct device *device, - enum fw_opt opt_flags) + u32 opt_flags) { struct fw_sysfs *fw_sysfs; long timeout; @@ -588,7 +588,7 @@ static int fw_load_from_user_helper(struct firmware *firmware, return ret; } -static bool fw_force_sysfs_fallback(enum fw_opt opt_flags) +static bool fw_force_sysfs_fallback(u32 opt_flags) { if (fw_fallback_config.force_sysfs_fallback) return true; @@ -597,7 +597,7 @@ static bool fw_force_sysfs_fallback(enum fw_opt opt_flags) return true; } -static bool fw_run_sysfs_fallback(enum fw_opt opt_flags) +static bool fw_run_sysfs_fallback(u32 opt_flags) { int ret; @@ -640,7 +640,7 @@ static bool fw_run_sysfs_fallback(enum fw_opt opt_flags) **/ int firmware_fallback_sysfs(struct firmware *fw, const char *name, struct device *device, - enum fw_opt opt_flags, + u32 opt_flags, int ret) { if (!fw_run_sysfs_fallback(opt_flags)) diff --git a/drivers/base/firmware_loader/fallback.h b/drivers/base/firmware_loader/fallback.h index 06f4577733a8..2afdb6adb23f 100644 --- a/drivers/base/firmware_loader/fallback.h +++ b/drivers/base/firmware_loader/fallback.h @@ -33,7 +33,7 @@ struct firmware_fallback_config { #ifdef CONFIG_FW_LOADER_USER_HELPER int firmware_fallback_sysfs(struct firmware *fw, const char *name, struct device *device, - enum fw_opt opt_flags, + u32 opt_flags, int ret); void kill_pending_fw_fallback_reqs(bool only_kill_custom); @@ -45,7 +45,7 @@ void unregister_sysfs_loader(void); #else /* CONFIG_FW_LOADER_USER_HELPER */ static inline int firmware_fallback_sysfs(struct firmware *fw, const char *name, struct device *device, - enum fw_opt opt_flags, + u32 opt_flags, int ret) { /* Keep carrying over the same error */ @@ -67,10 +67,10 @@ static inline void unregister_sysfs_loader(void) #endif /* CONFIG_FW_LOADER_USER_HELPER */ #ifdef CONFIG_EFI_EMBEDDED_FIRMWARE -int firmware_fallback_platform(struct fw_priv *fw_priv, enum fw_opt opt_flags); +int firmware_fallback_platform(struct fw_priv *fw_priv, u32 opt_flags); #else static inline int firmware_fallback_platform(struct fw_priv *fw_priv, - enum fw_opt opt_flags) + u32 opt_flags) { return -ENOENT; } diff --git a/drivers/base/firmware_loader/fallback_platform.c b/drivers/base/firmware_loader/fallback_platform.c index c88c745590fe..cdd2c9a9f38a 100644 --- a/drivers/base/firmware_loader/fallback_platform.c +++ b/drivers/base/firmware_loader/fallback_platform.c @@ -8,7 +8,7 @@ #include "fallback.h" #include "firmware.h" -int firmware_fallback_platform(struct fw_priv *fw_priv, enum fw_opt opt_flags) +int firmware_fallback_platform(struct fw_priv *fw_priv, u32 opt_flags) { const u8 *data; size_t size; diff --git a/drivers/base/firmware_loader/firmware.h b/drivers/base/firmware_loader/firmware.h index 25836a6afc9f..cf6dc96a84a2 100644 --- a/drivers/base/firmware_loader/firmware.h +++ b/drivers/base/firmware_loader/firmware.h @@ -12,7 +12,7 @@ #include <generated/utsrelease.h> /** - * enum fw_opt - options to control firmware loading behaviour + * fw_opt - options to control firmware loading behaviour * * @FW_OPT_UEVENT: Enables the fallback mechanism to send a kobject uevent * when the firmware is not found. Userspace is in charge to load the @@ -33,15 +33,13 @@ * the platform's main firmware. If both this fallback and the sysfs * fallback are enabled, then this fallback will be tried first. */ -enum fw_opt { - FW_OPT_UEVENT = BIT(0), - FW_OPT_NOWAIT = BIT(1), - FW_OPT_USERHELPER = BIT(2), - FW_OPT_NO_WARN = BIT(3), - FW_OPT_NOCACHE = BIT(4), - FW_OPT_NOFALLBACK_SYSFS = BIT(5), - FW_OPT_FALLBACK_PLATFORM = BIT(6), -}; +#define FW_OPT_UEVENT BIT(0) +#define FW_OPT_NOWAIT BIT(1) +#define FW_OPT_USERHELPER BIT(2) +#define FW_OPT_NO_WARN BIT(3) +#define FW_OPT_NOCACHE BIT(4) +#define FW_OPT_NOFALLBACK_SYSFS BIT(5) +#define FW_OPT_FALLBACK_PLATFORM BIT(6) enum fw_status { FW_STATUS_UNKNOWN, @@ -136,8 +134,7 @@ static inline void fw_state_done(struct fw_priv *fw_priv) __fw_state_set(fw_priv, FW_STATUS_DONE); } -int assign_fw(struct firmware *fw, struct device *device, - enum fw_opt opt_flags); +int assign_fw(struct firmware *fw, struct device *device, u32 opt_flags); #ifdef CONFIG_FW_LOADER_PAGED_BUF void fw_free_paged_buf(struct fw_priv *fw_priv); diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c index 76f79913916d..2ca6b4735979 100644 --- a/drivers/base/firmware_loader/main.c +++ b/drivers/base/firmware_loader/main.c @@ -210,7 +210,7 @@ static struct fw_priv *__lookup_fw_priv(const char *fw_name) static int alloc_lookup_fw_priv(const char *fw_name, struct firmware_cache *fwc, struct fw_priv **fw_priv, void *dbuf, - size_t size, enum fw_opt opt_flags) + size_t size, u32 opt_flags) { struct fw_priv *tmp; @@ -635,8 +635,7 @@ static int fw_add_devm_name(struct device *dev, const char *name) } #endif -int assign_fw(struct firmware *fw, struct device *device, - enum fw_opt opt_flags) +int assign_fw(struct firmware *fw, struct device *device, u32 opt_flags) { struct fw_priv *fw_priv = fw->priv; int ret; @@ -687,7 +686,7 @@ int assign_fw(struct firmware *fw, struct device *device, static int _request_firmware_prepare(struct firmware **firmware_p, const char *name, struct device *device, void *dbuf, size_t size, - enum fw_opt opt_flags) + u32 opt_flags) { struct firmware *firmware; struct fw_priv *fw_priv; @@ -753,7 +752,7 @@ static void fw_abort_batch_reqs(struct firmware *fw) static int _request_firmware(const struct firmware **firmware_p, const char *name, struct device *device, void *buf, size_t size, - enum fw_opt opt_flags) + u32 opt_flags) { struct firmware *fw = NULL; int ret; @@ -990,7 +989,7 @@ struct firmware_work { struct device *device; void *context; void (*cont)(const struct firmware *fw, void *context); - enum fw_opt opt_flags; + u32 opt_flags; }; static void request_firmware_work_func(struct work_struct *work) -- 2.17.1

5 years, 5 months

3
5
0 0

[PATCH v2] firmware_loader: change enum fw_opt to u32

by Scott Branden

"enum fw_opt" is not used as an enum. Change fw_opt to u32 as FW_OPT_* values are OR'd together. Signed-off-by: Scott Branden <scott.branden(a)broadcom.com> --- drivers/base/firmware_loader/fallback.c | 12 ++++++------ drivers/base/firmware_loader/fallback.h | 8 ++++---- drivers/base/firmware_loader/fallback_platform.c | 2 +- drivers/base/firmware_loader/firmware.h | 3 +-- drivers/base/firmware_loader/main.c | 11 +++++------ 5 files changed, 17 insertions(+), 19 deletions(-) diff --git a/drivers/base/firmware_loader/fallback.c b/drivers/base/firmware_loader/fallback.c index 1e9c96e3ed63..af1aa3d69920 100644 --- a/drivers/base/firmware_loader/fallback.c +++ b/drivers/base/firmware_loader/fallback.c @@ -460,7 +460,7 @@ static const struct attribute_group *fw_dev_attr_groups[] = { static struct fw_sysfs * fw_create_instance(struct firmware *firmware, const char *fw_name, - struct device *device, enum fw_opt opt_flags) + struct device *device, u32 opt_flags) { struct fw_sysfs *fw_sysfs; struct device *f_dev; @@ -493,7 +493,7 @@ fw_create_instance(struct firmware *firmware, const char *fw_name, * In charge of constructing a sysfs fallback interface for firmware loading. **/ static int fw_load_sysfs_fallback(struct fw_sysfs *fw_sysfs, - enum fw_opt opt_flags, long timeout) + u32 opt_flags, long timeout) { int retval = 0; struct device *f_dev = &fw_sysfs->dev; @@ -547,7 +547,7 @@ static int fw_load_sysfs_fallback(struct fw_sysfs *fw_sysfs, static int fw_load_from_user_helper(struct firmware *firmware, const char *name, struct device *device, - enum fw_opt opt_flags) + u32 opt_flags) { struct fw_sysfs *fw_sysfs; long timeout; @@ -588,7 +588,7 @@ static int fw_load_from_user_helper(struct firmware *firmware, return ret; } -static bool fw_force_sysfs_fallback(enum fw_opt opt_flags) +static bool fw_force_sysfs_fallback(u32 opt_flags) { if (fw_fallback_config.force_sysfs_fallback) return true; @@ -597,7 +597,7 @@ static bool fw_force_sysfs_fallback(enum fw_opt opt_flags) return true; } -static bool fw_run_sysfs_fallback(enum fw_opt opt_flags) +static bool fw_run_sysfs_fallback(u32 opt_flags) { int ret; @@ -640,7 +640,7 @@ static bool fw_run_sysfs_fallback(enum fw_opt opt_flags) **/ int firmware_fallback_sysfs(struct firmware *fw, const char *name, struct device *device, - enum fw_opt opt_flags, + u32 opt_flags, int ret) { if (!fw_run_sysfs_fallback(opt_flags)) diff --git a/drivers/base/firmware_loader/fallback.h b/drivers/base/firmware_loader/fallback.h index 06f4577733a8..2afdb6adb23f 100644 --- a/drivers/base/firmware_loader/fallback.h +++ b/drivers/base/firmware_loader/fallback.h @@ -33,7 +33,7 @@ struct firmware_fallback_config { #ifdef CONFIG_FW_LOADER_USER_HELPER int firmware_fallback_sysfs(struct firmware *fw, const char *name, struct device *device, - enum fw_opt opt_flags, + u32 opt_flags, int ret); void kill_pending_fw_fallback_reqs(bool only_kill_custom); @@ -45,7 +45,7 @@ void unregister_sysfs_loader(void); #else /* CONFIG_FW_LOADER_USER_HELPER */ static inline int firmware_fallback_sysfs(struct firmware *fw, const char *name, struct device *device, - enum fw_opt opt_flags, + u32 opt_flags, int ret) { /* Keep carrying over the same error */ @@ -67,10 +67,10 @@ static inline void unregister_sysfs_loader(void) #endif /* CONFIG_FW_LOADER_USER_HELPER */ #ifdef CONFIG_EFI_EMBEDDED_FIRMWARE -int firmware_fallback_platform(struct fw_priv *fw_priv, enum fw_opt opt_flags); +int firmware_fallback_platform(struct fw_priv *fw_priv, u32 opt_flags); #else static inline int firmware_fallback_platform(struct fw_priv *fw_priv, - enum fw_opt opt_flags) + u32 opt_flags) { return -ENOENT; } diff --git a/drivers/base/firmware_loader/fallback_platform.c b/drivers/base/firmware_loader/fallback_platform.c index c88c745590fe..cdd2c9a9f38a 100644 --- a/drivers/base/firmware_loader/fallback_platform.c +++ b/drivers/base/firmware_loader/fallback_platform.c @@ -8,7 +8,7 @@ #include "fallback.h" #include "firmware.h" -int firmware_fallback_platform(struct fw_priv *fw_priv, enum fw_opt opt_flags) +int firmware_fallback_platform(struct fw_priv *fw_priv, u32 opt_flags) { const u8 *data; size_t size; diff --git a/drivers/base/firmware_loader/firmware.h b/drivers/base/firmware_loader/firmware.h index 25836a6afc9f..933e2192fbe8 100644 --- a/drivers/base/firmware_loader/firmware.h +++ b/drivers/base/firmware_loader/firmware.h @@ -136,8 +136,7 @@ static inline void fw_state_done(struct fw_priv *fw_priv) __fw_state_set(fw_priv, FW_STATUS_DONE); } -int assign_fw(struct firmware *fw, struct device *device, - enum fw_opt opt_flags); +int assign_fw(struct firmware *fw, struct device *device, u32 opt_flags); #ifdef CONFIG_FW_LOADER_PAGED_BUF void fw_free_paged_buf(struct fw_priv *fw_priv); diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c index 76f79913916d..2ca6b4735979 100644 --- a/drivers/base/firmware_loader/main.c +++ b/drivers/base/firmware_loader/main.c @@ -210,7 +210,7 @@ static struct fw_priv *__lookup_fw_priv(const char *fw_name) static int alloc_lookup_fw_priv(const char *fw_name, struct firmware_cache *fwc, struct fw_priv **fw_priv, void *dbuf, - size_t size, enum fw_opt opt_flags) + size_t size, u32 opt_flags) { struct fw_priv *tmp; @@ -635,8 +635,7 @@ static int fw_add_devm_name(struct device *dev, const char *name) } #endif -int assign_fw(struct firmware *fw, struct device *device, - enum fw_opt opt_flags) +int assign_fw(struct firmware *fw, struct device *device, u32 opt_flags) { struct fw_priv *fw_priv = fw->priv; int ret; @@ -687,7 +686,7 @@ int assign_fw(struct firmware *fw, struct device *device, static int _request_firmware_prepare(struct firmware **firmware_p, const char *name, struct device *device, void *dbuf, size_t size, - enum fw_opt opt_flags) + u32 opt_flags) { struct firmware *firmware; struct fw_priv *fw_priv; @@ -753,7 +752,7 @@ static void fw_abort_batch_reqs(struct firmware *fw) static int _request_firmware(const struct firmware **firmware_p, const char *name, struct device *device, void *buf, size_t size, - enum fw_opt opt_flags) + u32 opt_flags) { struct firmware *fw = NULL; int ret; @@ -990,7 +989,7 @@ struct firmware_work { struct device *device; void *context; void (*cont)(const struct firmware *fw, void *context); - enum fw_opt opt_flags; + u32 opt_flags; }; static void request_firmware_work_func(struct work_struct *work) -- 2.17.1

5 years, 5 months

2
1
0 0

[PATCH bpf 0/2] selftests/bpf: add missing CONFIG values to test config

by Alan Maguire

Selftests "config" file is intended to represent the config required to run the tests; a few values are missing for the BPF selftests and these can result in test failures due to missing helpers etc. Add the missing values as they will help document the config needed for a clean BPF selftests run. Alan Maguire (2): selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o selftests/bpf: CONFIG_LIRC required for test_lirc_mode2.sh tools/testing/selftests/bpf/config | 2 ++ 1 file changed, 2 insertions(+) -- 1.8.3.1

5 years, 5 months

2
3
0 0

[PATCH] selftests/bpf: add general instructions for test execution

by Alan Maguire

Getting a clean BPF selftests run involves ensuring latest trunk LLVM/clang are used, pahole is recent (>=1.16) and config matches the specified config file as closely as possible. Add to bpf_devel_QA.rst and point tools/testing/selftests/bpf/README.rst to it. Signed-off-by: Alan Maguire <alan.maguire(a)oracle.com> Acked-by: Andrii Nakryiko <andriin(a)fb.com> --- Documentation/bpf/bpf_devel_QA.rst | 15 +++++++++++++++ tools/testing/selftests/bpf/README.rst | 2 ++ 2 files changed, 17 insertions(+) diff --git a/Documentation/bpf/bpf_devel_QA.rst b/Documentation/bpf/bpf_devel_QA.rst index 38c15c6..0b3db91 100644 --- a/Documentation/bpf/bpf_devel_QA.rst +++ b/Documentation/bpf/bpf_devel_QA.rst @@ -437,6 +437,21 @@ needed:: See the kernels selftest `Documentation/dev-tools/kselftest.rst`_ document for further documentation. +To maximize the number of tests passing, the .config of the kernel +under test should match the config file fragment in +tools/testing/selftests/bpf as closely as possible. + +Finally to ensure support for latest BPF Type Format features - +discussed in `Documentation/bpf/btf.rst`_ - pahole version 1.16 +is required for kernels built with CONFIG_DEBUG_INFO_BTF=y. +pahole is delivered in the dwarves package or can be built +from source at + +https://github.com/acmel/dwarves + +Some distros have pahole version 1.16 packaged already, e.g. +Fedora, Gentoo. + Q: Which BPF kernel selftests version should I run my kernel against? --------------------------------------------------------------------- A: If you run a kernel ``xyz``, then always run the BPF kernel selftests diff --git a/tools/testing/selftests/bpf/README.rst b/tools/testing/selftests/bpf/README.rst index 0f67f1b..e885d35 100644 --- a/tools/testing/selftests/bpf/README.rst +++ b/tools/testing/selftests/bpf/README.rst @@ -1,6 +1,8 @@ ================== BPF Selftest Notes ================== +General instructions on running selftests can be found in +`Documentation/bpf/bpf_devel_QA.rst`_. Additional information about selftest failures are documented here. -- 1.8.3.1

5 years, 5 months

2
1
0 0

[PATCH] kunit: use KUnit defconfig by default

by Vitor Massaru Iha

To improve the usability of KUnit, defconfig is used by default if no kunitconfig is present. * https://bugzilla.kernel.org/show_bug.cgi?id=205259 Signed-off-by: Vitor Massaru Iha <vitor(a)massaru.org> --- tools/testing/kunit/kunit.py | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/tools/testing/kunit/kunit.py b/tools/testing/kunit/kunit.py index 7dca74774dd2..4b98f6e75e4c 100755 --- a/tools/testing/kunit/kunit.py +++ b/tools/testing/kunit/kunit.py @@ -23,8 +23,8 @@ import kunit_parser KunitResult = namedtuple('KunitResult', ['status','result']) KunitRequest = namedtuple('KunitRequest', ['raw_output','timeout', 'jobs', - 'build_dir', 'defconfig', - 'alltests', 'make_options']) + 'build_dir', 'alltests', + 'make_options']) KernelDirectoryPath = sys.argv[0].split('tools/testing/kunit/')[0] @@ -118,10 +118,6 @@ def main(argv, linux=None): 'directory.', type=str, default='', metavar='build_dir') - run_parser.add_argument('--defconfig', - help='Uses a default .kunitconfig.', - action='store_true') - run_parser.add_argument('--alltests', help='Run all KUnit tests through allyesconfig', action='store_true') @@ -143,8 +139,7 @@ def main(argv, linux=None): cli_args.build_dir, kunit_kernel.kunitconfig_path) - if cli_args.defconfig: - create_default_kunitconfig() + create_default_kunitconfig() if not linux: linux = kunit_kernel.LinuxSourceTree() @@ -153,7 +148,6 @@ def main(argv, linux=None): cli_args.timeout, cli_args.jobs, cli_args.build_dir, - cli_args.defconfig, cli_args.alltests, cli_args.make_options) result = run_tests(linux, request) -- 2.25.1

5 years, 5 months

3
2
0 0

[PATCH v5] Documentation: test.h - fix warnings

by Lothar Rubusch

Fix warnings at 'make htmldocs', and formatting issues in the resulting documentation. - test.h: Fix annotation in kernel-doc parameter description. - Documentation/*.rst: Fixing formatting issues, and a duplicate label issue due to usage of sphinx.ext.autosectionlabel and identical labels within one document (sphinx warning) Signed-off-by: Lothar Rubusch <l.rubusch(a)gmail.com> --- v2: Several documentation fixes v3: Do not touch API documentation index v4: Replace macro argument in test.h by named variadic argument v5: Patch format fixed NB: checkpatch.pl will complain about flow control statements (i.e. usage of "return") within the macro kunit_test_suites(suites_list...). Better? I feel I'm making you a lot of extra work. I'm really sorry for all this fuzz! Documentation/dev-tools/kunit/start.rst | 13 ++++++++----- Documentation/dev-tools/kunit/usage.rst | 4 ++-- include/kunit/test.h | 12 ++++++------ 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst index e1c5ce80ce12..bb112cf70624 100644 --- a/Documentation/dev-tools/kunit/start.rst +++ b/Documentation/dev-tools/kunit/start.rst @@ -32,15 +32,17 @@ test targets as well. The ``.kunitconfig`` should also contain any other config options required by the tests. A good starting point for a ``.kunitconfig`` is the KUnit defconfig: + .. code-block:: bash cd $PATH_TO_LINUX_REPO cp arch/um/configs/kunit_defconfig .kunitconfig You can then add any other Kconfig options you wish, e.g.: + .. code-block:: none - CONFIG_LIST_KUNIT_TEST=y + CONFIG_LIST_KUNIT_TEST=y :doc:`kunit_tool <kunit-tool>` will ensure that all config options set in ``.kunitconfig`` are set in the kernel ``.config`` before running the tests. @@ -54,8 +56,8 @@ using. other tools (such as make menuconfig) to adjust other config options. -Running the tests ------------------ +Running the tests (KUnit Wrapper) +--------------------------------- To make sure that everything is set up correctly, simply invoke the Python wrapper from your kernel repo: @@ -105,8 +107,9 @@ have config options ending in ``_KUNIT_TEST``. KUnit and KUnit tests can be compiled as modules: in this case the tests in a module will be run when the module is loaded. -Running the tests ------------------ + +Running the tests (w/o KUnit Wrapper) +------------------------------------- Build and run your kernel as usual. Test output will be written to the kernel log in `TAP <https://testanything.org/>`_ format. diff --git a/Documentation/dev-tools/kunit/usage.rst b/Documentation/dev-tools/kunit/usage.rst index 473a2361ec37..3c3fe8b5fecc 100644 --- a/Documentation/dev-tools/kunit/usage.rst +++ b/Documentation/dev-tools/kunit/usage.rst @@ -595,7 +595,7 @@ able to run one test case per invocation. KUnit debugfs representation ============================ When kunit test suites are initialized, they create an associated directory -in /sys/kernel/debug/kunit/<test-suite>. The directory contains one file +in ``/sys/kernel/debug/kunit/<test-suite>``. The directory contains one file - results: "cat results" displays results of each test case and the results of the entire suite for the last test run. @@ -604,4 +604,4 @@ The debugfs representation is primarily of use when kunit test suites are run in a native environment, either as modules or builtin. Having a way to display results like this is valuable as otherwise results can be intermixed with other events in dmesg output. The maximum size of each -results file is KUNIT_LOG_SIZE bytes (defined in include/kunit/test.h). +results file is KUNIT_LOG_SIZE bytes (defined in ``include/kunit/test.h``). diff --git a/include/kunit/test.h b/include/kunit/test.h index 9b0c46a6ca1f..47e61e1d5337 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -175,7 +175,7 @@ struct kunit_suite { void (*exit)(struct kunit *test); struct kunit_case *test_cases; - /* private - internal use only */ + /* private: internal use only */ struct dentry *debugfs; char *log; }; @@ -232,12 +232,12 @@ void __kunit_test_suites_exit(struct kunit_suite **suites); * kunit_test_suites() - used to register one or more &struct kunit_suite * with KUnit. * - * @suites: a statically allocated list of &struct kunit_suite. + * @suites_list...: a statically allocated list of &struct kunit_suite. * - * Registers @suites with the test framework. See &struct kunit_suite for + * Registers @suites_list with the test framework. See &struct kunit_suite for * more information. * - * When builtin, KUnit tests are all run as late_initcalls; this means + * When builtin, KUnit tests are all run as late_initcalls; this means * that they cannot test anything where tests must run at a different init * phase. One significant restriction resulting from this is that KUnit * cannot reliably test anything that is initialize in the late_init phase; @@ -253,8 +253,8 @@ void __kunit_test_suites_exit(struct kunit_suite **suites); * tests from the same place, and at the very least to do so after * everything else is definitely initialized. */ -#define kunit_test_suites(...) \ - static struct kunit_suite *suites[] = { __VA_ARGS__, NULL}; \ +#define kunit_test_suites(suites_list...) \ + static struct kunit_suite *suites[] = {suites_list, NULL}; \ static int kunit_test_suites_init(void) \ { \ return __kunit_test_suites_init(suites); \ -- 2.20.1

5 years, 5 months

4
3
0 0

[PATCH v3] Kernel selftests: Add check if TPM devices are supported

by Nikita Sobolev

TPM2 tests set uses /dev/tpm0 and /dev/tpmrm0 without check if they are available. In case, when these devices are not available test fails, but expected behaviour is skipped test. Signed-off-by: Nikita Sobolev <Nikita.Sobolev(a)synopsys.com> --- Changes for v2: - Coding Style cleanup Changes for v3: - Commit text message cleanup tools/testing/selftests/tpm2/test_smoke.sh | 5 +++++ tools/testing/selftests/tpm2/test_space.sh | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/tools/testing/selftests/tpm2/test_smoke.sh b/tools/testing/selftests/tpm2/test_smoke.sh index 8155c2ea7ccb..663062701d5a 100755 --- a/tools/testing/selftests/tpm2/test_smoke.sh +++ b/tools/testing/selftests/tpm2/test_smoke.sh @@ -1,6 +1,11 @@ #!/bin/bash # SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +[ -f /dev/tpm0 ] || exit $ksft_skip + python -m unittest -v tpm2_tests.SmokeTest python -m unittest -v tpm2_tests.AsyncTest diff --git a/tools/testing/selftests/tpm2/test_space.sh b/tools/testing/selftests/tpm2/test_space.sh index a6f5e346635e..36c9d030a1c6 100755 --- a/tools/testing/selftests/tpm2/test_space.sh +++ b/tools/testing/selftests/tpm2/test_space.sh @@ -1,4 +1,9 @@ #!/bin/bash # SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +[ -f /dev/tpmrm0 ] || exit $ksft_skip + python -m unittest -v tpm2_tests.SpaceTest -- 2.16.2

5 years, 5 months

4
5
0 0

[PATCH v3] selftests/timens: handle a case when alarm clocks are not supported

by Andrei Vagin

This can happen if a testing node doesn't have RTC (real time clock) hardware or it doesn't support alarms. Fixes: 61c57676035d ("selftests/timens: Add Time Namespace test for supported clocks") Acked-by: Vincenzo Frascino <vincenzo.frascino(a)arm.com> Reported-by: Vincenzo Frascino <vincenzo.frascino(a)arm.com> Signed-off-by: Andrei Vagin <avagin(a)gmail.com> --- v2: fix timer.c and timerfd.c too. v3: add Reported-by and Fixes tags. tools/testing/selftests/timens/clock_nanosleep.c | 2 +- tools/testing/selftests/timens/timens.c | 2 +- tools/testing/selftests/timens/timens.h | 13 ++++++++++++- tools/testing/selftests/timens/timer.c | 5 +++++ tools/testing/selftests/timens/timerfd.c | 5 +++++ 5 files changed, 24 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/timens/clock_nanosleep.c b/tools/testing/selftests/timens/clock_nanosleep.c index 8e7b7c72ef65..72d41b955fb2 100644 --- a/tools/testing/selftests/timens/clock_nanosleep.c +++ b/tools/testing/selftests/timens/clock_nanosleep.c @@ -119,7 +119,7 @@ int main(int argc, char *argv[]) ksft_set_plan(4); - check_config_posix_timers(); + check_supported_timers(); if (unshare_timens()) return 1; diff --git a/tools/testing/selftests/timens/timens.c b/tools/testing/selftests/timens/timens.c index 098be7c83be3..52b6a1185f52 100644 --- a/tools/testing/selftests/timens/timens.c +++ b/tools/testing/selftests/timens/timens.c @@ -155,7 +155,7 @@ int main(int argc, char *argv[]) nscheck(); - check_config_posix_timers(); + check_supported_timers(); ksft_set_plan(ARRAY_SIZE(clocks) * 2); diff --git a/tools/testing/selftests/timens/timens.h b/tools/testing/selftests/timens/timens.h index e09e7e39bc52..d4fc52d47146 100644 --- a/tools/testing/selftests/timens/timens.h +++ b/tools/testing/selftests/timens/timens.h @@ -14,15 +14,26 @@ #endif static int config_posix_timers = true; +static int config_alarm_timers = true; -static inline void check_config_posix_timers(void) +static inline void check_supported_timers(void) { + struct timespec ts; + if (timer_create(-1, 0, 0) == -1 && errno == ENOSYS) config_posix_timers = false; + + if (clock_gettime(CLOCK_BOOTTIME_ALARM, &ts) == -1 && errno == EINVAL) + config_alarm_timers = false; } static inline bool check_skip(int clockid) { + if (!config_alarm_timers && clockid == CLOCK_BOOTTIME_ALARM) { + ksft_test_result_skip("CLOCK_BOOTTIME_ALARM isn't supported\n"); + return true; + } + if (config_posix_timers) return false; diff --git a/tools/testing/selftests/timens/timer.c b/tools/testing/selftests/timens/timer.c index 96dba11ebe44..5e7f0051bd7b 100644 --- a/tools/testing/selftests/timens/timer.c +++ b/tools/testing/selftests/timens/timer.c @@ -22,6 +22,9 @@ int run_test(int clockid, struct timespec now) timer_t fd; int i; + if (check_skip(clockid)) + return 0; + for (i = 0; i < 2; i++) { struct sigevent sevp = {.sigev_notify = SIGEV_NONE}; int flags = 0; @@ -74,6 +77,8 @@ int main(int argc, char *argv[]) nscheck(); + check_supported_timers(); + ksft_set_plan(3); clock_gettime(CLOCK_MONOTONIC, &mtime_now); diff --git a/tools/testing/selftests/timens/timerfd.c b/tools/testing/selftests/timens/timerfd.c index eff1ec5ff215..9edd43d6b2c1 100644 --- a/tools/testing/selftests/timens/timerfd.c +++ b/tools/testing/selftests/timens/timerfd.c @@ -28,6 +28,9 @@ int run_test(int clockid, struct timespec now) long long elapsed; int fd, i; + if (check_skip(clockid)) + return 0; + if (tclock_gettime(clockid, &now)) return pr_perror("clock_gettime(%d)", clockid); @@ -81,6 +84,8 @@ int main(int argc, char *argv[]) nscheck(); + check_supported_timers(); + ksft_set_plan(3); clock_gettime(CLOCK_MONOTONIC, &mtime_now); -- 2.24.1

5 years, 5 months

2
1
0 0

[PATCH v3 0/3] selftests: vdso: Add a selftest for vDSO getcpu()

by Mark Brown

This series does a bit of a cleanup of the existing tests for the vDSO in kselftest and then adds a new test for getcpu(). v3: Remove some extern keywords. v2: Silence checkpatch Mark Brown (3): selftests: vdso: Rename vdso_test to vdso_test_gettimeofday selftests: vdso: Use a header file to prototype parse_vdso API selftests: vdso: Add a selftest for vDSO getcpu() tools/testing/selftests/vDSO/.gitignore | 2 + tools/testing/selftests/vDSO/Makefile | 5 +- tools/testing/selftests/vDSO/parse_vdso.c | 24 +-------- tools/testing/selftests/vDSO/parse_vdso.h | 31 +++++++++++ .../selftests/vDSO/vdso_standalone_test_x86.c | 4 +- .../testing/selftests/vDSO/vdso_test_getcpu.c | 54 +++++++++++++++++++ .../{vdso_test.c => vdso_test_gettimeofday.c} | 10 ++-- 7 files changed, 96 insertions(+), 34 deletions(-) create mode 100644 tools/testing/selftests/vDSO/parse_vdso.h create mode 100644 tools/testing/selftests/vDSO/vdso_test_getcpu.c rename tools/testing/selftests/vDSO/{vdso_test.c => vdso_test_gettimeofday.c} (84%) -- 2.20.1

5 years, 5 months

2
4
0 0

[PATCH 0/3] selftests: vdso: Add a selftest for vDSO getcpu()

by Mark Brown

This series does a bit of a cleanup of the existing tests for the vDSO in kselftest and then adds a new test for getcpu(). Mark Brown (3): selftests: vdso: Rename vdso_test to vdso_test_gettimeofday selftests: vdso: Use a header file to prototype parse_vdso API selftests: vdso: Add a selftest for vDSO getcpu() tools/testing/selftests/vDSO/.gitignore | 2 + tools/testing/selftests/vDSO/Makefile | 5 +- tools/testing/selftests/vDSO/parse_vdso.c | 24 +-------- tools/testing/selftests/vDSO/parse_vdso.h | 31 ++++++++++++ .../selftests/vDSO/vdso_standalone_test_x86.c | 4 +- .../testing/selftests/vDSO/vdso_test_getcpu.c | 50 +++++++++++++++++++ .../{vdso_test.c => vdso_test_gettimeofday.c} | 10 ++-- 7 files changed, 92 insertions(+), 34 deletions(-) create mode 100644 tools/testing/selftests/vDSO/parse_vdso.h create mode 100644 tools/testing/selftests/vDSO/vdso_test_getcpu.c rename tools/testing/selftests/vDSO/{vdso_test.c => vdso_test_gettimeofday.c} (84%) -- 2.20.1

5 years, 5 months

2
12
0 0

[PATCH v2 0/3] selftests: vdso: Add a selftest for vDSO getcpu()

by Mark Brown

This series does a bit of a cleanup of the existing tests for the vDSO in kselftest and then adds a new test for getcpu(). v2: Silence checkpatch Mark Brown (3): selftests: vdso: Rename vdso_test to vdso_test_gettimeofday selftests: vdso: Use a header file to prototype parse_vdso API selftests: vdso: Add a selftest for vDSO getcpu() tools/testing/selftests/vDSO/.gitignore | 2 + tools/testing/selftests/vDSO/Makefile | 5 +- tools/testing/selftests/vDSO/parse_vdso.c | 24 +-------- tools/testing/selftests/vDSO/parse_vdso.h | 31 +++++++++++ .../selftests/vDSO/vdso_standalone_test_x86.c | 4 +- .../testing/selftests/vDSO/vdso_test_getcpu.c | 54 +++++++++++++++++++ .../{vdso_test.c => vdso_test_gettimeofday.c} | 10 ++-- 7 files changed, 96 insertions(+), 34 deletions(-) create mode 100644 tools/testing/selftests/vDSO/parse_vdso.h create mode 100644 tools/testing/selftests/vDSO/vdso_test_getcpu.c rename tools/testing/selftests/vDSO/{vdso_test.c => vdso_test_gettimeofday.c} (84%) -- 2.20.1

5 years, 5 months

2
4
0 0

[PATCH] selftests:mptcp: fix empty optstring

by Li Zhijian

From: Li Zhijian <lizhijian(a)cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian(a)cn.fujitsu.com> --- tools/testing/selftests/net/mptcp/pm_netlink.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/pm_netlink.sh b/tools/testing/selftests/net/mptcp/pm_netlink.sh index 9172746b6cf0..8c7998c64d9e 100755 --- a/tools/testing/selftests/net/mptcp/pm_netlink.sh +++ b/tools/testing/selftests/net/mptcp/pm_netlink.sh @@ -8,8 +8,7 @@ usage() { echo "Usage: $0 [ -h ]" } - -while getopts "$optstring" option;do +while getopts "h" option;do case "$option" in "h") usage $0 -- 2.17.1

5 years, 5 months

4
3
0 0

[PATCH AUTOSEL 5.6 13/41] kselftests: dmabuf-heaps: Fix confused return value on expected error testing

by Sasha Levin

From: John Stultz <john.stultz(a)linaro.org> [ Upstream commit 4bb9d46d47b105a774f9dca642f5271375bca4b2 ] When I added the expected error testing, I forgot I need to set the return to zero when we successfully see an error. Without this change we only end up testing a single heap before the test quits. Cc: Shuah Khan <shuah(a)kernel.org> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: Benjamin Gaignard <benjamin.gaignard(a)linaro.org> Cc: Brian Starkey <brian.starkey(a)arm.com> Cc: Laura Abbott <labbott(a)redhat.com> Cc: "Andrew F. Davis" <afd(a)ti.com> Cc: linux-kselftest(a)vger.kernel.org Signed-off-by: John Stultz <john.stultz(a)linaro.org> Signed-off-by: Shuah Khan <skhan(a)linuxfoundation.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c b/tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c index cd5e1f602ac9..909da9cdda97 100644 --- a/tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c +++ b/tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c @@ -351,6 +351,7 @@ static int test_alloc_errors(char *heap_name) } printf("Expected error checking passed\n"); + ret = 0; out: if (dmabuf_fd >= 0) close(dmabuf_fd); -- 2.25.1

5 years, 5 months

1
0
0 0

Offer

by Mazer

I hope you are doing great? This is Felix from Toronto-Canada. I have a lucrative business offer that will benefit us both immensely within a very short period of time. However, I need your initial approval of interest prior to further and complete details regarding the deal. Thanks, Felix.

5 years, 5 months

1
0
0 0

Offer

by Mazer

I hope you are doing great? This is Felix from Toronto-Canada. I have a lucrative business offer that will benefit us both immensely within a very short period of time. However, I need your initial approval of interest prior to further and complete details regarding the deal. Thanks, Felix.

5 years, 5 months

1
0
0 0

[PATCH V2 00/19] Miscellaneous fixes for resctrl selftests

by Sai Praneeth Prakhya

This patch set has several miscellaneous fixes to resctrl selftest tool that are easily visible to user. V1 had fixes to CAT test and CMT test but they were dropped in V2 because having them here made the patchset humongous. So, changes to CAT test and CMT test will be posted in another patchset. Some warnings reported by sparse tool were fixed in this patchset but some are not yet fixed. They will be fixed in another patchset. Patches 1 to 14, 18 and 19 are independent fixes. Patches 15 and 16 are preparatory patches for patch 17. Thanks to Dan and David for reporting couple of issues. V1 can be found at: https://lkml.org/lkml/2020/3/6/1249 Based on v5.7-rc6. Changes from V1: ================ 1. Dropped changes to CAT test and CMT test as they will be posted in a later series. 2. Added several other fixes Fenghua Yu (1): selftests/resctrl: Fix missing options "-n" and "-p" Reinette Chatre (3): selftests/resctrl: Fix typo selftests/resctrl: Fix typo in help text selftests/resctrl: Ensure sibling CPU is not same as original CPU Sai Praneeth Prakhya (15): selftests/resctrl: Rename CQM test as CMT test selftests/resctrl: Declare global variables as extern selftests/resctrl: Return if resctrl file system is not supported selftests/resctrl: Check for resctrl mount point only if resctrl FS is supported selftests/resctrl: Use resctrl/info for feature detection selftests/resctrl: Fix MBA/MBM results reporting format selftests/resctrl: Abort running tests if not root user selftests/resctrl: Enable gcc checks to detect buffer overflows selftests/resctrl: Dynamically select buffer size for CAT test selftests/resctrl: Skip the test if requested resctrl feature is not supported selftests/resctrl: Change return type of umount_resctrlfs() to void selftests/resctrl: Umount resctrl FS only if mounted selftests/resctrl: Unmount resctrl FS after running all tests selftests/resctrl: Fix incorrect parsing of iMC counters selftests/resctrl: Fix checking for < 0 for unsigned values tools/testing/selftests/resctrl/Makefile | 2 +- tools/testing/selftests/resctrl/README | 4 +- tools/testing/selftests/resctrl/cache.c | 4 +- tools/testing/selftests/resctrl/cat_test.c | 8 +- .../resctrl/{cqm_test.c => cmt_test.c} | 23 +++--- tools/testing/selftests/resctrl/mba_test.c | 23 +++--- tools/testing/selftests/resctrl/mbm_test.c | 16 ++-- tools/testing/selftests/resctrl/resctrl.h | 20 +++-- .../testing/selftests/resctrl/resctrl_tests.c | 69 ++++++++++++----- tools/testing/selftests/resctrl/resctrl_val.c | 67 ++++++++++------ tools/testing/selftests/resctrl/resctrlfs.c | 77 +++++++++++++------ 11 files changed, 195 insertions(+), 118 deletions(-) rename tools/testing/selftests/resctrl/{cqm_test.c => cmt_test.c} (88%) -- 2.19.1

5 years, 5 months

3
26
0 0

[PATCH] selftests/exec: Add binfmt_script regression test

by Kees Cook

While working on commit b5372fe5dc84 ("exec: load_script: Do not exec truncated interpreter path"), I wrote a series of test scripts to verify corner cases. However, soon after, commit 6eb3c3d0a52d ("exec: increase BINPRM_BUF_SIZE to 256") landed, resulting in the tests needing to be refactored for the larger BINPRM_BUF_SIZE, which got lost on my TODO list. During the recent exec refactoring work[1], the need for these tests resurfaced, so I've finished them up for addition to the kernel selftests. [1] https://lore.kernel.org/lkml/202005191144.E3112135@keescook/ Signed-off-by: Kees Cook <keescook(a)chromium.org> --- tools/testing/selftests/exec/Makefile | 1 + tools/testing/selftests/exec/binfmt_script | 171 +++++++++++++++++++++ 2 files changed, 172 insertions(+) create mode 100755 tools/testing/selftests/exec/binfmt_script diff --git a/tools/testing/selftests/exec/Makefile b/tools/testing/selftests/exec/Makefile index 33339e31e365..7f4527f897c4 100644 --- a/tools/testing/selftests/exec/Makefile +++ b/tools/testing/selftests/exec/Makefile @@ -3,6 +3,7 @@ CFLAGS = -Wall CFLAGS += -Wno-nonnull CFLAGS += -D_GNU_SOURCE +TEST_PROGS := binfmt_script TEST_GEN_PROGS := execveat TEST_GEN_FILES := execveat.symlink execveat.denatured script subdir # Makefile is a run-time dependency, since it's accessed by the execveat test diff --git a/tools/testing/selftests/exec/binfmt_script b/tools/testing/selftests/exec/binfmt_script new file mode 100755 index 000000000000..05f94a741c7a --- /dev/null +++ b/tools/testing/selftests/exec/binfmt_script @@ -0,0 +1,171 @@ +#!/usr/bin/env python3 +# SPDX-License-Identifier: GPL-2.0 +# +# Test that truncation of bprm->buf doesn't cause unexpected execs paths, along +# with various other pathological cases. +import os, subprocess + +# Relevant commits +# +# b5372fe5dc84 ("exec: load_script: Do not exec truncated interpreter path") +# 6eb3c3d0a52d ("exec: increase BINPRM_BUF_SIZE to 256") + +# BINPRM_BUF_SIZE +SIZE=256 + +NAME_MAX=int(subprocess.check_output(["getconf", "NAME_MAX", "."])) + +test_num=0 + +code='''#!/usr/bin/perl +print "Executed interpreter! Args:\n"; +print "0 : '$0'\n"; +$counter = 1; +foreach my $a (@ARGV) { + print "$counter : '$a'\n"; + $counter++; +} +''' + +## +# test - produce a binfmt_script hashbang line for testing +# +# @size: bytes for bprm->buf line, including hashbang but not newline +# @good: whether this script is expected to execute correctly +# @hashbang: the special 2 bytes for running binfmt_script +# @leading: any leading whitespace before the executable path +# @root: start of executable pathname +# @target: end of executable pathname +# @arg: bytes following the executable pathname +# @fill: character to fill between @root and @target to reach @size bytes +# @newline: character to use as newline, not counted towards @size +# ... +def test(name, size, good=True, leading="", root="./", target="/perl", + fill="A", arg="", newline="\n", hashbang="#!"): + global test_num, tests, NAME_MAX + test_num += 1 + if test_num > tests: + raise ValueError("more binfmt_script tests than expected! (want %d, expected %d)" + % (test_num, tests)) + + middle = "" + remaining = size - len(hashbang) - len(leading) - len(root) - len(target) - len(arg) + # The middle of the pathname must not exceed NAME_MAX + while remaining >= NAME_MAX: + middle += fill * (NAME_MAX - 1) + middle += '/' + remaining -= NAME_MAX + middle += fill * remaining + + dirpath = root + middle + binary = dirpath + target + if len(target): + os.makedirs(dirpath, mode=0o755, exist_ok=True) + open(binary, "w").write(code) + os.chmod(binary, 0o755) + + buf=hashbang + leading + root + middle + target + arg + newline + if len(newline) > 0: + buf += 'echo this is not really perl\n' + + script = "binfmt_script-%s" % (name) + open(script, "w").write(buf) + os.chmod(script, 0o755) + + proc = subprocess.Popen(["./%s" % (script)], shell=True, + stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + stdout = proc.communicate()[0] + + if proc.returncode == 0 and b'Executed interpreter' in stdout: + if good: + print("ok %d - binfmt_script %s (successful good exec)" + % (test_num, name)) + else: + print("not ok %d - binfmt_script %s succeeded when it should have failed" + % (test_num, name)) + else: + if good: + print("not ok %d - binfmt_script %s failed when it should have succeeded (rc:%d)" + % (test_num, name, proc.returncode)) + else: + print("ok %d - binfmt_script %s (correctly failed bad exec)" + % (test_num, name)) + + # Clean up crazy binaries + os.unlink(script) + if len(target): + elements = binary.split('/') + os.unlink(binary) + elements.pop() + while len(elements) > 1: + os.rmdir("/".join(elements)) + elements.pop() + +tests=27 +print("TAP version 1.3") +print("1..%d" % (tests)) + +### FAIL (8 tests) + +# Entire path is well past the BINFMT_BUF_SIZE. +test(name="too-big", size=SIZE+80, good=False) +# Path is right at max size, making it impossible to tell if it was truncated. +test(name="exact", size=SIZE, good=False) +# Same as above, but with leading whitespace. +test(name="exact-space", size=SIZE, good=False, leading=" ") +# Huge buffer of only whitespace. +test(name="whitespace-too-big", size=SIZE+71, good=False, root="", + fill=" ", target="") +# A good path, but it gets truncated due to leading whitespace. +test(name="truncated", size=SIZE+17, good=False, leading=" " * 19) +# Entirely empty except for #! +test(name="empty", size=2, good=False, root="", + fill="", target="", newline="") +# Within size, but entirely spaces +test(name="spaces", size=SIZE-1, good=False, root="", fill=" ", + target="", newline="") +# Newline before binary. +test(name="newline-prefix", size=SIZE-1, good=False, leading="\n", + root="", fill=" ", target="") + +### ok (19 tests) + +# The original test case that was broken by commit: +# 8099b047ecc4 ("exec: load_script: don't blindly truncate shebang string") +test(name="test.pl", size=439, leading=" ", + root="./nix/store/bwav8kz8b3y471wjsybgzw84mrh4js9-perl-5.28.1/bin", + arg=" -I/nix/store/x6yyav38jgr924nkna62q3pkp0dgmzlx-perl5.28.1-File-Slurp-9999.25/lib/perl5/site_perl -I/nix/store/ha8v67sl8dac92r9z07vzr4gv1y9nwqz-perl5.28.1-Net-DBus-1.1.0/lib/perl5/site_perl -I/nix/store/dcrkvnjmwh69ljsvpbdjjdnqgwx90a9d-perl5.28.1-XML-Parser-2.44/lib/perl5/site_perl -I/nix/store/rmji88k2zz7h4zg97385bygcydrf2q8h-perl5.28.1-XML-Twig-3.52/lib/perl5/site_perl") +# One byte under size, leaving newline visible. +test(name="one-under", size=SIZE-1) +# Two bytes under size, leaving newline visible. +test(name="two-under", size=SIZE-2) +# Exact size, but trailing whitespace visible instead of newline +test(name="exact-trunc-whitespace", size=SIZE, arg=" ") +# Exact size, but trailing space and first arg char visible instead of newline. +test(name="exact-trunc-arg", size=SIZE, arg=" f") +# One bute under, with confirmed non-truncated arg since newline now visible. +test(name="one-under-full-arg", size=SIZE-1, arg=" f") +# Short read buffer by one byte. +test(name="one-under-no-nl", size=SIZE-1, newline="") +# Short read buffer by half buffer size. +test(name="half-under-no-nl", size=int(SIZE/2), newline="") +# One byte under with whitespace arg. leaving wenline visible. +test(name="one-under-trunc-arg", size=SIZE-1, arg=" ") +# One byte under with whitespace leading. leaving wenline visible. +test(name="one-under-leading", size=SIZE-1, leading=" ") +# One byte under with whitespace leading and as arg. leaving newline visible. +test(name="one-under-leading-trunc-arg", size=SIZE-1, leading=" ", arg=" ") +# Same as above, but with 2 bytes under +test(name="two-under-no-nl", size=SIZE-2, newline="") +test(name="two-under-trunc-arg", size=SIZE-2, arg=" ") +test(name="two-under-leading", size=SIZE-2, leading=" ") +test(name="two-under-leading-trunc-arg", size=SIZE-2, leading=" ", arg=" ") +# Same as above, but with buffer half filled +test(name="two-under-no-nl", size=int(SIZE/2), newline="") +test(name="two-under-trunc-arg", size=int(SIZE/2), arg=" ") +test(name="two-under-leading", size=int(SIZE/2), leading=" ") +test(name="two-under-lead-trunc-arg", size=int(SIZE/2), leading=" ", arg=" ") + +if test_num != tests: + raise ValueError("fewer binfmt_script tests than expected! (ran %d, expected %d" + % (test_num, tests)) -- 2.20.1 -- Kees Cook

5 years, 5 months

2
1
0 0

[PATCH] selftests/timens: handle a case when alarm clocks are not supported

by Andrei Vagin

This can happen if a testing node doesn't have RTC (real time clock) hardware or it doesn't support alarms. Cc: Vincenzo Frascino <vincenzo.frascino(a)arm.com> Signed-off-by: Andrei Vagin <avagin(a)gmail.com> --- tools/testing/selftests/timens/clock_nanosleep.c | 2 +- tools/testing/selftests/timens/timens.c | 2 +- tools/testing/selftests/timens/timens.h | 13 ++++++++++++- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/timens/clock_nanosleep.c b/tools/testing/selftests/timens/clock_nanosleep.c index 8e7b7c72ef65..72d41b955fb2 100644 --- a/tools/testing/selftests/timens/clock_nanosleep.c +++ b/tools/testing/selftests/timens/clock_nanosleep.c @@ -119,7 +119,7 @@ int main(int argc, char *argv[]) ksft_set_plan(4); - check_config_posix_timers(); + check_supported_timers(); if (unshare_timens()) return 1; diff --git a/tools/testing/selftests/timens/timens.c b/tools/testing/selftests/timens/timens.c index 559d26e21ba0..07feebe8e53e 100644 --- a/tools/testing/selftests/timens/timens.c +++ b/tools/testing/selftests/timens/timens.c @@ -156,7 +156,7 @@ int main(int argc, char *argv[]) nscheck(); - check_config_posix_timers(); + check_supported_timers(); ksft_set_plan(ARRAY_SIZE(clocks) * 2); diff --git a/tools/testing/selftests/timens/timens.h b/tools/testing/selftests/timens/timens.h index e09e7e39bc52..d4fc52d47146 100644 --- a/tools/testing/selftests/timens/timens.h +++ b/tools/testing/selftests/timens/timens.h @@ -14,15 +14,26 @@ #endif static int config_posix_timers = true; +static int config_alarm_timers = true; -static inline void check_config_posix_timers(void) +static inline void check_supported_timers(void) { + struct timespec ts; + if (timer_create(-1, 0, 0) == -1 && errno == ENOSYS) config_posix_timers = false; + + if (clock_gettime(CLOCK_BOOTTIME_ALARM, &ts) == -1 && errno == EINVAL) + config_alarm_timers = false; } static inline bool check_skip(int clockid) { + if (!config_alarm_timers && clockid == CLOCK_BOOTTIME_ALARM) { + ksft_test_result_skip("CLOCK_BOOTTIME_ALARM isn't supported\n"); + return true; + } + if (config_posix_timers) return false; -- 2.24.1

5 years, 5 months

2
2
0 0

[PATCH bpf-next] selftests/bpf: add general instructions for test execution

by Alan Maguire

Getting a clean BPF selftests run involves ensuring latest trunk LLVM/clang are used, pahole is recent (>=1.16) and config matches the specified config file as closely as possible. Document all of this in the general README.rst file. Also note how to work around timeout failures. Signed-off-by: Alan Maguire <alan.maguire(a)oracle.com> --- tools/testing/selftests/bpf/README.rst | 46 ++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/tools/testing/selftests/bpf/README.rst b/tools/testing/selftests/bpf/README.rst index 0f67f1b..b00eebb 100644 --- a/tools/testing/selftests/bpf/README.rst +++ b/tools/testing/selftests/bpf/README.rst @@ -1,6 +1,52 @@ ================== BPF Selftest Notes ================== +First verify the built kernel config options match the config options +specified in the config file in this directory. Test failures for +unknown helpers, inability to find BTF etc will be observed otherwise. + +To ensure the maximum number of tests pass, it is best to use the latest +trunk LLVM/clang, i.e. + +git clone https://github.com/llvm/llvm-project + +Build/install trunk LLVM: + +.. code-block:: bash + git clone https://github.com/llvm/llvm-project + cd llvm-project + mkdir build/llvm + cd build/llvm + cmake ../../llvm/ + make + sudo make install + cd ../../ + +Build/install trunk clang: + +.. code-block:: bash + mkdir -p build/clang + cd build/clang + cmake ../../clang + make + sudo make install + +When building the kernel with CONFIG_DEBUG_INFO_BTF, pahole +version 16 or later is also required for BTF function +support. pahole can be built from the source at + +https://github.com/acmel/dwarves + +It is often available in "dwarves/libdwarves" packages also, +but be aware that versions prior to 1.16 will fail with +errors that functions cannot be found in BTF. + +When running selftests, the default timeout of 45 seconds +can be exceeded by some tests. We can override the default +timeout via a "settings" file; for example: + +.. code-block:: bash + echo "timeout=120" > tools/testing/selftests/bpf/settings Additional information about selftest failures are documented here. -- 1.8.3.1

5 years, 5 months

3
4
0 0

[PATCH v2] selftests: introduce gen_tar Makefile target

by Veronika Kabatova

The gen_kselftest_tar.sh always packages *all* selftests and doesn't pass along any variables to `make install` to influence what should be built. This can result in an early error on the command line ("Unknown tarball format TARGETS=XXX"), or unexpected test failures as the tarball contains tests people wanted to skip on purpose. Since the makefile already contains all the logic, we can add a target for packaging. Keep the default .gz target the script uses, and actually extend the supported formats by using tar's autodetection. To not break current workflows, keep the gen_kselftest_tar.sh script as it is, with an added suggestion to use the makefile target instead. Signed-off-by: Veronika Kabatova <vkabatov(a)redhat.com> --- v2: overriden -> overridden, sent from the matching email address Documentation/dev-tools/kselftest.rst | 23 ++++++++++++++++++++ tools/testing/selftests/Makefile | 9 +++++++- tools/testing/selftests/gen_kselftest_tar.sh | 5 +++++ 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/Documentation/dev-tools/kselftest.rst b/Documentation/dev-tools/kselftest.rst index 61ae13c44f91..3fc559bcb597 100644 --- a/Documentation/dev-tools/kselftest.rst +++ b/Documentation/dev-tools/kselftest.rst @@ -151,6 +151,29 @@ note some tests will require root privileges:: $ cd kselftest $ ./run_kselftest.sh +Packaging selftests +=================== + +In some cases packaging is desired, such as when tests need to run on a +different system. To package selftests, run:: + + $ make -C tools/testing/selftests gen_tar + +This generates a tarball in the `INSTALL_PATH/kselftest-packages` directory. By +default, `.gz` format is used. The tar format can be overridden by specifying +a `FORMAT` make variable. Any value recognized by `tar's auto-compress`_ option +is supported, such as:: + + $ make -C tools/testing/selftests gen_tar FORMAT=.xz + +`make gen_tar` invokes `make install` so you can use it to package a subset of +tests by using variables specified in `Running a subset of selftests`_ +section:: + + $ make -C tools/testing/selftests gen_tar TARGETS="bpf" FORMAT=.xz + +.. _tar's auto-compress: https://www.gnu.org/software/tar/manual/html_node/gzip.html#auto_002dcompre… + Contributing new tests ====================== diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 2ff68702fd41..1195bd85af38 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -249,10 +249,17 @@ else $(error Error: set INSTALL_PATH to use install) endif +FORMAT ?= .gz +TAR_PATH = $(abspath ${INSTALL_PATH}/kselftest-packages/kselftest.tar${FORMAT}) +gen_tar: install + @mkdir -p ${INSTALL_PATH}/kselftest-packages/ + @tar caf ${TAR_PATH} --exclude=kselftest-packages -C ${INSTALL_PATH} . + @echo "Created ${TAR_PATH}" + clean: @for TARGET in $(TARGETS); do \ BUILD_TARGET=$$BUILD/$$TARGET; \ $(MAKE) OUTPUT=$$BUILD_TARGET -C $$TARGET clean;\ done; -.PHONY: khdr all run_tests hotplug run_hotplug clean_hotplug run_pstore_crash install clean +.PHONY: khdr all run_tests hotplug run_hotplug clean_hotplug run_pstore_crash install clean gen_tar diff --git a/tools/testing/selftests/gen_kselftest_tar.sh b/tools/testing/selftests/gen_kselftest_tar.sh index 8b2b6088540d..4a974bc03385 100755 --- a/tools/testing/selftests/gen_kselftest_tar.sh +++ b/tools/testing/selftests/gen_kselftest_tar.sh @@ -49,6 +49,11 @@ main() # directory ./kselftest_install.sh "$install_dir" (cd "$install_work"; tar $copts "$dest"/kselftest${ext} $install_name) + + # Don't put the message at the actual end as people may be parsing the + # "archive created" line in their scripts. + echo -e "\nConsider using 'make gen_tar' instead of this script\n" + echo "Kselftest archive kselftest${ext} created!" # clean up top-level install work directory -- 2.25.1

5 years, 5 months

3
2
0 0

[PATCH] selftests: introduce gen_tar Makefile target

by Veronika Kabatova

The gen_kselftest_tar.sh always packages *all* selftests and doesn't pass along any variables to `make install` to influence what should be built. This can result in an early error on the command line ("Unknown tarball format TARGETS=XXX"), or unexpected test failures as the tarball contains tests people wanted to skip on purpose. Since the makefile already contains all the logic, we can add a target for packaging. Keep the default .gz target the script uses, and actually extend the supported formats by using tar's autodetection. To not break current workflows, keep the gen_kselftest_tar.sh script as it is, with an added suggestion to use the makefile target instead. Signed-off-by: Veronika Kabatova <vkabatov(a)redhat.com> Reviewed-by: Stefano Brivio <sbrivio(a)redhat.com> --- Documentation/dev-tools/kselftest.rst | 23 ++++++++++++++++++++ tools/testing/selftests/Makefile | 9 +++++++- tools/testing/selftests/gen_kselftest_tar.sh | 5 +++++ 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/Documentation/dev-tools/kselftest.rst b/Documentation/dev-tools/kselftest.rst index 61ae13c44f91..3fc559bcb597 100644 --- a/Documentation/dev-tools/kselftest.rst +++ b/Documentation/dev-tools/kselftest.rst @@ -151,6 +151,29 @@ note some tests will require root privileges:: $ cd kselftest $ ./run_kselftest.sh +Packaging selftests +=================== + +In some cases packaging is desired, such as when tests need to run on a +different system. To package selftests, run:: + + $ make -C tools/testing/selftests gen_tar + +This generates a tarball in the `INSTALL_PATH/kselftest-packages` directory. By +default, `.gz` format is used. The tar format can be overriden by specifying +a `FORMAT` make variable. Any value recognized by `tar's auto-compress`_ option +is supported, such as:: + + $ make -C tools/testing/selftests gen_tar FORMAT=.xz + +`make gen_tar` invokes `make install` so you can use it to package a subset of +tests by using variables specified in `Running a subset of selftests`_ +section:: + + $ make -C tools/testing/selftests gen_tar TARGETS="bpf" FORMAT=.xz + +.. _tar's auto-compress: https://www.gnu.org/software/tar/manual/html_node/gzip.html#auto_002dcompre… + Contributing new tests ====================== diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 2ff68702fd41..1195bd85af38 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -249,10 +249,17 @@ else $(error Error: set INSTALL_PATH to use install) endif +FORMAT ?= .gz +TAR_PATH = $(abspath ${INSTALL_PATH}/kselftest-packages/kselftest.tar${FORMAT}) +gen_tar: install + @mkdir -p ${INSTALL_PATH}/kselftest-packages/ + @tar caf ${TAR_PATH} --exclude=kselftest-packages -C ${INSTALL_PATH} . + @echo "Created ${TAR_PATH}" + clean: @for TARGET in $(TARGETS); do \ BUILD_TARGET=$$BUILD/$$TARGET; \ $(MAKE) OUTPUT=$$BUILD_TARGET -C $$TARGET clean;\ done; -.PHONY: khdr all run_tests hotplug run_hotplug clean_hotplug run_pstore_crash install clean +.PHONY: khdr all run_tests hotplug run_hotplug clean_hotplug run_pstore_crash install clean gen_tar diff --git a/tools/testing/selftests/gen_kselftest_tar.sh b/tools/testing/selftests/gen_kselftest_tar.sh index 8b2b6088540d..4a974bc03385 100755 --- a/tools/testing/selftests/gen_kselftest_tar.sh +++ b/tools/testing/selftests/gen_kselftest_tar.sh @@ -49,6 +49,11 @@ main() # directory ./kselftest_install.sh "$install_dir" (cd "$install_work"; tar $copts "$dest"/kselftest${ext} $install_name) + + # Don't put the message at the actual end as people may be parsing the + # "archive created" line in their scripts. + echo -e "\nConsider using 'make gen_tar' instead of this script\n" + echo "Kselftest archive kselftest${ext} created!" # clean up top-level install work directory -- 2.25.1

5 years, 5 months

3
5
0 0

[PATCH v2] mm/hmm/test: use xa_for_each_range instead of looping

by Ralph Campbell

The test driver uses an xa_array to store virtual to physical address translations for a simulated hardware device. The MMU notifier invalidation callback is used to keep the table consistent with the CPU page table and is frequently called only for a page or two. However, if the test process exits unexpectedly or is killed, the range can be [0..ULONG_MAX] in which case calling xa_erase() for every possible PFN results in CPU timeouts. Use xa_for_each_range() to efficiently erase entries in the range. Signed-off-by: Ralph Campbell <rcampbell(a)nvidia.com> --- This patch is based on Jason Gunthorpe's hmm tree and should be folded into the ("mm/hmm/test: add selftest driver for HMM") patch once this patch is reviewed, etc. v1 -> v2: Use xa_for_each_range() instead of special casing [0..ULONG_MAX]. lib/test_hmm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/test_hmm.c b/lib/test_hmm.c index 8b36c26b717b..5c1858e325ba 100644 --- a/lib/test_hmm.c +++ b/lib/test_hmm.c @@ -196,13 +196,15 @@ static void dmirror_do_update(struct dmirror *dmirror, unsigned long start, unsigned long end) { unsigned long pfn; + void *entry; /* * The XArray doesn't hold references to pages since it relies on * the mmu notifier to clear page pointers when they become stale. * Therefore, it is OK to just clear the entry. */ - for (pfn = start >> PAGE_SHIFT; pfn < (end >> PAGE_SHIFT); pfn++) + xa_for_each_range(&dmirror->pt, pfn, entry, start >> PAGE_SHIFT, + end >> PAGE_SHIFT) xa_erase(&dmirror->pt, pfn); } -- 2.20.1

5 years, 5 months

2
1
0 0

[PATCH v2] Kernel selftests: Add check if tpm devices are supported

by Nikita Sobolev

tpm2 tests set uses /dev/tpm0 and /dev/tpmrm0 without check if they are available. In case, when these devices are not available test fails, but expected behaviour is skipped test. Signed-off-by: Nikita Sobolev <Nikita.Sobolev(a)synopsys.com> --- Changes for v2: - Coding Style cleanup tools/testing/selftests/tpm2/test_smoke.sh | 5 +++++ tools/testing/selftests/tpm2/test_space.sh | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/tools/testing/selftests/tpm2/test_smoke.sh b/tools/testing/selftests/tpm2/test_smoke.sh index 8155c2ea7ccb..663062701d5a 100755 --- a/tools/testing/selftests/tpm2/test_smoke.sh +++ b/tools/testing/selftests/tpm2/test_smoke.sh @@ -1,6 +1,11 @@ #!/bin/bash # SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +[ -f /dev/tpm0 ] || exit $ksft_skip + python -m unittest -v tpm2_tests.SmokeTest python -m unittest -v tpm2_tests.AsyncTest diff --git a/tools/testing/selftests/tpm2/test_space.sh b/tools/testing/selftests/tpm2/test_space.sh index a6f5e346635e..36c9d030a1c6 100755 --- a/tools/testing/selftests/tpm2/test_space.sh +++ b/tools/testing/selftests/tpm2/test_space.sh @@ -1,4 +1,9 @@ #!/bin/bash # SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +[ -f /dev/tpmrm0 ] || exit $ksft_skip + python -m unittest -v tpm2_tests.SpaceTest -- 2.16.2

5 years, 5 months

3
3
0 0

[PATCH] Kernel selftests: Add check if tpm devices are supported

by Nikita Sobolev

tpm2 tests set uses /dev/tpm0 and /dev/tpmrm0 without check if they are available. In case, when these devices are not available test fails, but expected behaviour is test to be skipped. Signed-off-by: Nikita Sobolev <Nikita.Sobolev(a)synopsys.com> --- tools/testing/selftests/tpm2/test_smoke.sh | 11 +++++++++-- tools/testing/selftests/tpm2/test_space.sh | 9 ++++++++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/tpm2/test_smoke.sh b/tools/testing/selftests/tpm2/test_smoke.sh index 8155c2ea7ccb..e55d3e400666 100755 --- a/tools/testing/selftests/tpm2/test_smoke.sh +++ b/tools/testing/selftests/tpm2/test_smoke.sh @@ -1,8 +1,15 @@ #!/bin/bash # SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) -python -m unittest -v tpm2_tests.SmokeTest -python -m unittest -v tpm2_tests.AsyncTest +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +if [ -f /dev/tpm0 ] ; then + python -m unittest -v tpm2_tests.SmokeTest + python -m unittest -v tpm2_tests.AsyncTest +else + exit $ksft_skip +fi CLEAR_CMD=$(which tpm2_clear) if [ -n $CLEAR_CMD ]; then diff --git a/tools/testing/selftests/tpm2/test_space.sh b/tools/testing/selftests/tpm2/test_space.sh index a6f5e346635e..180b469c53b4 100755 --- a/tools/testing/selftests/tpm2/test_space.sh +++ b/tools/testing/selftests/tpm2/test_space.sh @@ -1,4 +1,11 @@ #!/bin/bash # SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) -python -m unittest -v tpm2_tests.SpaceTest +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +if [ -f /dev/tpmrm0 ] ; then + python -m unittest -v tpm2_tests.SpaceTest +else + exit $ksft_skip +fi -- 2.16.2

5 years, 5 months

3
2
0 0

[PATCH 0/2] selftests/vm: minor fixes for 5.7-rc5

by John Hubbard

Here's a couple of tiny fixes, just so we can cleanly build selftests/vm. These apply to today's linux.git. Some merge notes: * The .gitignore fix is appropriate for linux.git, but it is a subset of what's required for linux-next and mmotm. In order to fix things now in linux.git, and keep it fixed in mmotm and linux-next, but without manual intervention required in git merges, I'm adding the missing item ("mremap_dontunmap") to the *top* of .gitignore for this patch. And then I'll send a separate patch to be applied to mmotm and linux-next, that will also add a different item ("khugepaged") to the *bottom* of .gitignore. * The write_to_hugetlbfs.c fix is already applied to linux-next, but doesn't seem to be getting picked up for linux.git. Maybe it's in the merge pipeline, but if not, let's fix it here, before the -rc cycle is over. John Hubbard (2): selftests/vm/write_to_hugetlbfs.c: fix unused variable warning selftests/vm/.gitignore: add mremap_dontunmap tools/testing/selftests/vm/.gitignore | 1 + tools/testing/selftests/vm/write_to_hugetlbfs.c | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) base-commit: 3d1c1e5931ce45b3a3f309385bbc00c78e9951c6 -- 2.26.2

5 years, 5 months

2
3
0 0

[PATCH] selftests/exec: Verify execve of non-regular files fail

by Kees Cook

Add a named pipe as an exec target to make sure that non-regular files are rejected by execve() with EACCES. This can help verify commit 73601ea5b7b1 ("fs/open.c: allow opening only regular files during execve()"). Signed-off-by: Kees Cook <keescook(a)chromium.org> --- tools/testing/selftests/exec/.gitignore | 1 + tools/testing/selftests/exec/Makefile | 2 +- tools/testing/selftests/exec/execveat.c | 8 ++++++++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/exec/.gitignore b/tools/testing/selftests/exec/.gitignore index c078ece12ff0..94b02a18f230 100644 --- a/tools/testing/selftests/exec/.gitignore +++ b/tools/testing/selftests/exec/.gitignore @@ -9,3 +9,4 @@ execveat.ephemeral execveat.denatured /recursion-depth xxxxxxxx* +pipe diff --git a/tools/testing/selftests/exec/Makefile b/tools/testing/selftests/exec/Makefile index 33339e31e365..cfafa1f8a2fa 100644 --- a/tools/testing/selftests/exec/Makefile +++ b/tools/testing/selftests/exec/Makefile @@ -4,7 +4,7 @@ CFLAGS += -Wno-nonnull CFLAGS += -D_GNU_SOURCE TEST_GEN_PROGS := execveat -TEST_GEN_FILES := execveat.symlink execveat.denatured script subdir +TEST_GEN_FILES := execveat.symlink execveat.denatured script subdir pipe # Makefile is a run-time dependency, since it's accessed by the execveat test TEST_FILES := Makefile diff --git a/tools/testing/selftests/exec/execveat.c b/tools/testing/selftests/exec/execveat.c index cbb6efbdb786..67bf7254a48f 100644 --- a/tools/testing/selftests/exec/execveat.c +++ b/tools/testing/selftests/exec/execveat.c @@ -5,7 +5,9 @@ * Selftests for execveat(2). */ +#ifndef _GNU_SOURCE #define _GNU_SOURCE /* to get O_PATH, AT_EMPTY_PATH */ +#endif #include <sys/sendfile.h> #include <sys/stat.h> #include <sys/syscall.h> @@ -311,6 +313,10 @@ static int run_tests(void) fail += check_execveat_fail(AT_FDCWD, fullname_symlink, AT_SYMLINK_NOFOLLOW, ELOOP); + /* Non-regular file failure */ + fail += check_execveat_fail(dot_dfd, "pipe", 0, EACCES); + unlink("pipe"); + /* Shell script wrapping executable file: */ /* dfd + path */ fail += check_execveat(subdir_dfd, "../script", 0); @@ -384,6 +390,8 @@ static void prerequisites(void) fd = open("subdir.ephemeral/script", O_RDWR|O_CREAT|O_TRUNC, 0755); write(fd, script, strlen(script)); close(fd); + + mkfifo("pipe", 0755); } int main(int argc, char **argv) -- 2.20.1 -- Kees Cook

5 years, 5 months

1
0
0 0

[PATCH 0/1] selftests/vm: .gitignore fixes for mmotm

by John Hubbard

These apply to today's mmotm. Some merge notes: * The missing item ("mremap_dontunmap") at the *top* of .gitignore for this patch will also being applied to linux.git in a separate patch [1]. The other missing item ("khugepaged") is added to *bottom* of .gitignore. This approach allows merging to work without manual intervention in this case. [1] https://lore.kernel.org/r/20200517001245.361762-3-jhubbard@nvidia.com John Hubbard (1): selftests/vm/.gitignore: add khugepaged, mremap_dontunmap tools/testing/selftests/vm/.gitignore | 2 ++ 1 file changed, 2 insertions(+) base-commit: 2bbf0589bfeb27800c730b76eacf34528eee5418 -- 2.26.2

5 years, 5 months

1
1
0 0

[PATCH v5 0/7] firmware: add partial read support in request_firmware_into_buf

by Scott Branden

Please consider this version series ready for upstream acceptance. This patch series adds partial read support in request_firmware_into_buf. In order to accept the enhanced API it has been requested that kernel selftests and upstreamed driver utilize the API enhancement and so are included in this patch series. Also in this patch series is the addition of a new Broadcom VK driver utilizing the new request_firmware_into_buf enhanced API. Changes from v4: - handle reset issues if card crashes - allow driver to have min required msix - add card utilization information Changes from v3: - fix sparse warnings - fix printf format specifiers for size_t - fix 32-bit cross-compiling reports 32-bit shifts - use readl/writel,_relaxed to access pci ioremap memory, removed memory barriers and volatile keyword with such change - driver optimizations for interrupt/poll functionalities Changes from v2: - remove unnecessary code and mutex locks in lib/test_firmware.c - remove VK_IOCTL_ACCESS_BAR support from driver and use pci sysfs instead - remove bitfields - remove Kconfig default m - adjust formatting and some naming based on feedback - fix error handling conditions - use appropriate return codes - use memcpy_toio instead of direct access to PCIE bar Scott Branden (7): fs: introduce kernel_pread_file* support firmware: add offset to request_firmware_into_buf test_firmware: add partial read support for request_firmware_into_buf firmware: test partial file reads of request_firmware_into_buf bcm-vk: add bcm_vk UAPI misc: bcm-vk: add Broadcom VK driver MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver MAINTAINERS | 7 + drivers/base/firmware_loader/firmware.h | 5 + drivers/base/firmware_loader/main.c | 52 +- drivers/misc/Kconfig | 1 + drivers/misc/Makefile | 1 + drivers/misc/bcm-vk/Kconfig | 29 + drivers/misc/bcm-vk/Makefile | 12 + drivers/misc/bcm-vk/bcm_vk.h | 435 +++++ drivers/misc/bcm-vk/bcm_vk_dev.c | 1256 +++++++++++++++ drivers/misc/bcm-vk/bcm_vk_legacy.c | 89 + drivers/misc/bcm-vk/bcm_vk_msg.c | 1425 +++++++++++++++++ drivers/misc/bcm-vk/bcm_vk_msg.h | 196 +++ drivers/misc/bcm-vk/bcm_vk_sg.c | 271 ++++ drivers/misc/bcm-vk/bcm_vk_sg.h | 60 + drivers/misc/bcm-vk/bcm_vk_tty.c | 352 ++++ drivers/soc/qcom/mdt_loader.c | 7 +- fs/exec.c | 96 +- include/linux/firmware.h | 8 +- include/linux/fs.h | 20 + include/uapi/linux/misc/bcm_vk.h | 99 ++ lib/test_firmware.c | 144 +- .../selftests/firmware/fw_filesystem.sh | 80 + 22 files changed, 4596 insertions(+), 49 deletions(-) create mode 100644 drivers/misc/bcm-vk/Kconfig create mode 100644 drivers/misc/bcm-vk/Makefile create mode 100644 drivers/misc/bcm-vk/bcm_vk.h create mode 100644 drivers/misc/bcm-vk/bcm_vk_dev.c create mode 100644 drivers/misc/bcm-vk/bcm_vk_legacy.c create mode 100644 drivers/misc/bcm-vk/bcm_vk_msg.c create mode 100644 drivers/misc/bcm-vk/bcm_vk_msg.h create mode 100644 drivers/misc/bcm-vk/bcm_vk_sg.c create mode 100644 drivers/misc/bcm-vk/bcm_vk_sg.h create mode 100644 drivers/misc/bcm-vk/bcm_vk_tty.c create mode 100644 include/uapi/linux/misc/bcm_vk.h -- 2.17.1

5 years, 5 months

5
32
0 0

[PATCH] mm/hmm/test: destroy xa_array instead of looping

by Ralph Campbell

The test driver uses an xa_array to store virtual to physical address translations for a simulated hardware device. The MMU notifier invalidation callback is used to keep the table consistent with the CPU page table and is frequently called only for a page or two. However, if the test process exits unexpectedly or is killed, the range can be [0..ULONG_MAX] in which case calling xa_erase() for every possible PFN results in CPU timeouts. Munmap() can result in a large range being invalidated but in that case, the xa_array is likely to contain entries that need to be invalidated. Check for [0..ULONG_MAX] explicitly and just destroy the whole table. Signed-off-by: Ralph Campbell <rcampbell(a)nvidia.com> --- This patch is based on Jason Gunthorpe's hmm tree and should be folded into the ("mm/hmm/test: add selftest driver for HMM") patch once this patch is reviewed, etc. lib/test_hmm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/test_hmm.c b/lib/test_hmm.c index 8b36c26b717b..b89852ec3c29 100644 --- a/lib/test_hmm.c +++ b/lib/test_hmm.c @@ -201,7 +201,13 @@ static void dmirror_do_update(struct dmirror *dmirror, unsigned long start, * The XArray doesn't hold references to pages since it relies on * the mmu notifier to clear page pointers when they become stale. * Therefore, it is OK to just clear the entry. + * However, if the entire address space is being invalidated, it + * takes too long to clear them one at a time so destroy the array. */ + if (start == 0 && end == ULONG_MAX) { + xa_destroy(&dmirror->pt); + return; + } for (pfn = start >> PAGE_SHIFT; pfn < (end >> PAGE_SHIFT); pfn++) xa_erase(&dmirror->pt, pfn); } -- 2.20.1

5 years, 5 months

2
2
0 0

[GIT PULL] Kselftest update for Linux 5.7-rc6

by Shuah Khan

Hi Linus, Please pull the following Kselftest update for Linux 5.7-rc6. This Kselftest update for Linux 5.7-rc6 consists of - lkdtm runner fixes to prevent dmesg clearing and shellcheck errors - ftrace test handling when test module doesn't exist - nsfs test fix to replace zero-length array with flexible-array - dmabuf-heaps test fix to return clear error value diff is attached. thanks, -- Shuah ---------------------------------------------------------------- The following changes since commit 0e698dfa282211e414076f9dc7e83c1c288314fd: Linux 5.7-rc4 (2020-05-03 14:56:04 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest tags/linux-kselftest-5.7-rc6 for you to fetch changes up to 851c4df54dc1bcae41d07e46e3d89e035b0a7140: selftests/lkdtm: Use grep -E instead of egrep (2020-05-08 09:46:17 -0600) ---------------------------------------------------------------- linux-kselftest-5.7-rc6 This Kselftest update for Linux 5.7-rc6 consists of - lkdtm runner fixes to prevent dmesg clearing and shellcheck errors - ftrace test handling when test module doesn't exist - nsfs test fix to replace zero-length array with flexible-array - dmabuf-heaps test fix to return clear error value ---------------------------------------------------------------- Gustavo A. R. Silva (1): tools/testing: Replace zero-length array with flexible-array John Stultz (1): kselftests: dmabuf-heaps: Fix confused return value on expected error testing Michael Ellerman (2): selftests/lkdtm: Don't clear dmesg when running tests selftests/lkdtm: Use grep -E instead of egrep Po-Hsu Lin (1): selftests/ftrace: mark irqsoff_tracer.tc test as unresolved if the test module does not exist tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 1 + .../ftrace/test.d/preemptirq/irqsoff_tracer.tc | 9 ++++++++- tools/testing/selftests/lkdtm/run.sh | 22 ++++++++++++---------- tools/testing/selftests/nsfs/pidns.c | 2 +- 4 files changed, 22 insertions(+), 12 deletions(-) ----------------------------------------------------------------

5 years, 5 months

2
1
0 0

[PATCH net] selftests:mptcp:pm: rm the right tmp file

by Matthieu Baerts

"$err" is a variable pointing to a temp file. "$out" is not: only used as a local variable in "check()" and representing the output of a command line. Fixes: eedbc685321b (selftests: add PM netlink functional tests) Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net> --- tools/testing/selftests/net/mptcp/pm_netlink.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/mptcp/pm_netlink.sh b/tools/testing/selftests/net/mptcp/pm_netlink.sh index 9172746b6cf0..15f4f46ca3a9 100755 --- a/tools/testing/selftests/net/mptcp/pm_netlink.sh +++ b/tools/testing/selftests/net/mptcp/pm_netlink.sh @@ -30,7 +30,7 @@ ret=0 cleanup() { - rm -f $out + rm -f $err ip netns del $ns1 } -- 2.25.1

5 years, 5 months

2
1
0 0

[PATCH 0/4] Kselftest integration into Kernel CI - Part 1

by Shuah Khan

This patch series consists of first round of fixes to integrate Kselftest into Kernel CI. You can find full list of problems in my announcement I sent out last week: https://lkml.org/lkml/2020/2/27/2221 These fixes to android and seccomp tests address relocatable support. However, they will still leave the source directory dirty. android test does headers_install in source directory. This is an easier problem to fix. seccomp on the other hand builds fixdep scripts under scripts/basic and installs headers in the source directory. It is linked to solving bpf relocatable build issue which I haven't given it a lot of thought for now. There is no dependency on source directory for run-time which is what we want. I will apply these kernelci topic branch for testing git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git Shuah Khan (4): selftests: Fix kselftest O=objdir build from cluttering top level objdir selftests: Fix seccomp to support relocatable build (O=objdir) selftests: android: ion: Fix ionmap_test compile error selftests: android: Fix custom install from skipping test progs tools/testing/selftests/Makefile | 4 ++-- tools/testing/selftests/android/Makefile | 2 +- tools/testing/selftests/android/ion/Makefile | 2 +- tools/testing/selftests/seccomp/Makefile | 16 +++------------- 4 files changed, 7 insertions(+), 17 deletions(-) -- 2.20.1

5 years, 5 months

5
13
0 0

[PATCH v30 18/20] selftests/x86: Add a selftest for SGX

by Jarkko Sakkinen

Add a selftest for SGX. It is a trivial test where a simple enclave copies one 64-bit word of memory between two memory locations. Cc: linux-kselftest(a)vger.kernel.org Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/sgx/.gitignore | 2 + tools/testing/selftests/sgx/Makefile | 53 +++ tools/testing/selftests/sgx/call.S | 54 +++ tools/testing/selftests/sgx/defines.h | 21 + tools/testing/selftests/sgx/load.c | 282 +++++++++++++ tools/testing/selftests/sgx/main.c | 199 +++++++++ tools/testing/selftests/sgx/main.h | 38 ++ tools/testing/selftests/sgx/sigstruct.c | 395 ++++++++++++++++++ tools/testing/selftests/sgx/test_encl.c | 20 + tools/testing/selftests/sgx/test_encl.lds | 40 ++ .../selftests/sgx/test_encl_bootstrap.S | 89 ++++ 12 files changed, 1194 insertions(+) create mode 100644 tools/testing/selftests/sgx/.gitignore create mode 100644 tools/testing/selftests/sgx/Makefile create mode 100644 tools/testing/selftests/sgx/call.S create mode 100644 tools/testing/selftests/sgx/defines.h create mode 100644 tools/testing/selftests/sgx/load.c create mode 100644 tools/testing/selftests/sgx/main.c create mode 100644 tools/testing/selftests/sgx/main.h create mode 100644 tools/testing/selftests/sgx/sigstruct.c create mode 100644 tools/testing/selftests/sgx/test_encl.c create mode 100644 tools/testing/selftests/sgx/test_encl.lds create mode 100644 tools/testing/selftests/sgx/test_encl_bootstrap.S diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 2ff68702fd41..008497495ae4 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -64,6 +64,7 @@ TARGETS += user TARGETS += vm TARGETS += x86 TARGETS += zram +TARGETS += sgx #Please keep the TARGETS list alphabetically sorted # Run "make quicktest=1 run_tests" or # "make quicktest=1 kselftest" from top level Makefile diff --git a/tools/testing/selftests/sgx/.gitignore b/tools/testing/selftests/sgx/.gitignore new file mode 100644 index 000000000000..fbaf0bda9a92 --- /dev/null +++ b/tools/testing/selftests/sgx/.gitignore @@ -0,0 +1,2 @@ +test_sgx +test_encl.elf diff --git a/tools/testing/selftests/sgx/Makefile b/tools/testing/selftests/sgx/Makefile new file mode 100644 index 000000000000..95e5c4df8014 --- /dev/null +++ b/tools/testing/selftests/sgx/Makefile @@ -0,0 +1,53 @@ +top_srcdir = ../../../.. + +include ../lib.mk + +.PHONY: all clean + +CAN_BUILD_X86_64 := $(shell ../x86/check_cc.sh $(CC) \ + ../x86/trivial_64bit_program.c) + +ifndef OBJCOPY +OBJCOPY := $(CROSS_COMPILE)objcopy +endif + +INCLUDES := -I$(top_srcdir)/tools/include +HOST_CFLAGS := -Wall -Werror -g $(INCLUDES) -fPIC -z noexecstack +ENCL_CFLAGS := -Wall -Werror -static -nostdlib -nostartfiles -fPIC \ + -fno-stack-protector -mrdrnd $(INCLUDES) + +TEST_CUSTOM_PROGS := $(OUTPUT)/test_sgx $(OUTPUT)/test_encl.elf + +ifeq ($(CAN_BUILD_X86_64), 1) +all: $(TEST_CUSTOM_PROGS) +endif + +$(OUTPUT)/test_sgx: $(OUTPUT)/main.o \ + $(OUTPUT)/load.o \ + $(OUTPUT)/sigstruct.o \ + $(OUTPUT)/call.o + $(CC) $(HOST_CFLAGS) -o $@ $^ -lcrypto + +$(OUTPUT)/main.o: main.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/load.o: load.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/sigstruct.o: sigstruct.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/call.o: call.S + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/test_encl.elf: test_encl.lds test_encl.c test_encl_bootstrap.S + $(CC) $(ENCL_CFLAGS) -T $^ -o $@ + +EXTRA_CLEAN := \ + $(OUTPUT)/test_encl.elf \ + $(OUTPUT)/load.o \ + $(OUTPUT)/call.o \ + $(OUTPUT)/main.o \ + $(OUTPUT)/sigstruct.o \ + $(OUTPUT)/test_sgx \ + $(OUTPUT)/test_sgx.o \ diff --git a/tools/testing/selftests/sgx/call.S b/tools/testing/selftests/sgx/call.S new file mode 100644 index 000000000000..77131e83db42 --- /dev/null +++ b/tools/testing/selftests/sgx/call.S @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) */ +/** +* Copyright(c) 2016-18 Intel Corporation. +*/ + + .text + + .macro ENCLU + .byte 0x0f, 0x01, 0xd7 + .endm + + .text + + .global sgx_call_vdso +sgx_call_vdso: + .cfi_startproc + push %r15 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r15, 0 + push %r14 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r14, 0 + push %r13 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r13, 0 + push %r12 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r12, 0 + push %rbx + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %rbx, 0 + push $0 + .cfi_adjust_cfa_offset 8 + push 0x48(%rsp) + .cfi_adjust_cfa_offset 8 + push 0x48(%rsp) + .cfi_adjust_cfa_offset 8 + push 0x48(%rsp) + .cfi_adjust_cfa_offset 8 + call *eenter(%rip) + add $0x20, %rsp + .cfi_adjust_cfa_offset -0x20 + pop %rbx + .cfi_adjust_cfa_offset -8 + pop %r12 + .cfi_adjust_cfa_offset -8 + pop %r13 + .cfi_adjust_cfa_offset -8 + pop %r14 + .cfi_adjust_cfa_offset -8 + pop %r15 + .cfi_adjust_cfa_offset -8 + ret + .cfi_endproc diff --git a/tools/testing/selftests/sgx/defines.h b/tools/testing/selftests/sgx/defines.h new file mode 100644 index 000000000000..be8969922804 --- /dev/null +++ b/tools/testing/selftests/sgx/defines.h @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright(c) 2016-19 Intel Corporation. + */ + +#ifndef DEFINES_H +#define DEFINES_H + +#include <stdint.h> + +#define PAGE_SIZE 4096 +#define PAGE_MASK (~(PAGE_SIZE - 1)) + +#define __aligned(x) __attribute__((__aligned__(x))) +#define __packed __attribute__((packed)) + +#include "../../../../arch/x86/kernel/cpu/sgx/arch.h" +#include "../../../../arch/x86/include/asm/enclu.h" +#include "../../../../arch/x86/include/uapi/asm/sgx.h" + +#endif /* DEFINES_H */ diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c new file mode 100644 index 000000000000..53c565347e9e --- /dev/null +++ b/tools/testing/selftests/sgx/load.c @@ -0,0 +1,282 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <assert.h> +#include <elf.h> +#include <errno.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/ioctl.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <sys/types.h> +#include "defines.h" +#include "main.h" + +void encl_delete(struct encl *encl) +{ + if (encl->encl_base) + munmap((void *)encl->encl_base, encl->encl_size); + + if (encl->bin) + munmap(encl->bin, encl->bin_size); + + if (encl->fd) + close(encl->fd); + + if (encl->segment_tbl) + free(encl->segment_tbl); + + memset(encl, 0, sizeof(*encl)); +} + +static bool encl_map_bin(const char *path, struct encl *encl) +{ + struct stat sb; + void *bin; + int ret; + int fd; + + fd = open(path, O_RDONLY); + if (fd == -1) { + perror("open()"); + return false; + } + + ret = stat(path, &sb); + if (ret) { + perror("stat()"); + goto err; + } + + bin = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); + if (bin == MAP_FAILED) { + perror("mmap()"); + goto err; + } + + encl->bin = bin; + encl->bin_size = sb.st_size; + + close(fd); + return true; + +err: + close(fd); + return false; +} + +static bool encl_ioc_create(struct encl *encl) +{ + struct sgx_secs *secs = &encl->secs; + struct sgx_enclave_create ioc; + int rc; + + assert(encl->encl_base != 0); + + memset(secs, 0, sizeof(*secs)); + secs->ssa_frame_size = 1; + secs->attributes = SGX_ATTR_MODE64BIT; + secs->xfrm = 3; + secs->base = encl->encl_base; + secs->size = encl->encl_size; + + ioc.src = (unsigned long)secs; + rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_CREATE, &ioc); + if (rc) { + fprintf(stderr, "SGX_IOC_ENCLAVE_CREATE failed: errno=%d\n", + errno); + munmap((void *)secs->base, encl->encl_size); + return false; + } + + return true; +} + +static bool encl_ioc_add_pages(struct encl *encl, struct encl_segment *seg) +{ + struct sgx_enclave_add_pages ioc; + struct sgx_secinfo secinfo; + int rc; + + memset(&secinfo, 0, sizeof(secinfo)); + secinfo.flags = seg->flags; + + ioc.src = (uint64_t)encl->src + seg->offset; + ioc.offset = seg->offset; + ioc.length = seg->size; + ioc.secinfo = (unsigned long)&secinfo; + ioc.flags = SGX_PAGE_MEASURE; + + rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_ADD_PAGES, &ioc); + if (rc) { + fprintf(stderr, "SGX_IOC_ENCLAVE_ADD_PAGES failed: errno=%d.\n", + errno); + return false; + } + + if (ioc.count != ioc.length) { + fprintf(stderr, "A segment not fully processed.\n"); + return false; + } + + return true; +} + +bool encl_load(const char *path, struct encl *encl) +{ + Elf64_Phdr *phdr_tbl; + off_t src_offset; + Elf64_Ehdr *ehdr; + int i, j; + int ret; + + memset(encl, 0, sizeof(*encl)); + + ret = open("/dev/sgx/enclave", O_RDWR); + if (ret < 0) { + fprintf(stderr, "Unable to open /dev/sgx\n"); + goto err; + } + + encl->fd = ret; + + if (!encl_map_bin(path, encl)) + goto err; + + ehdr = encl->bin; + phdr_tbl = encl->bin + ehdr->e_phoff; + + for (i = 0; i < ehdr->e_phnum; i++) { + Elf64_Phdr *phdr = &phdr_tbl[i]; + + if (phdr->p_type == PT_LOAD) + encl->nr_segments++; + } + + encl->segment_tbl = calloc(encl->nr_segments, + sizeof(struct encl_segment)); + if (!encl->segment_tbl) + goto err; + + for (i = 0, j = 0; i < ehdr->e_phnum; i++) { + Elf64_Phdr *phdr = &phdr_tbl[i]; + unsigned int flags = phdr->p_flags; + struct encl_segment *seg; + + if (phdr->p_type != PT_LOAD) + continue; + + seg = &encl->segment_tbl[j]; + + if (!!(flags & ~(PF_R | PF_W | PF_X))) { + fprintf(stderr, + "%d has invalid segment flags 0x%02x.\n", i, + phdr->p_flags); + goto err; + } + + if (j == 0 && flags != (PF_R | PF_W)) { + fprintf(stderr, + "TCS has invalid segment flags 0x%02x.\n", + phdr->p_flags); + goto err; + } + + if (j == 0) { + src_offset = (phdr->p_offset & PAGE_MASK) - src_offset; + + seg->prot = PROT_READ | PROT_WRITE; + seg->flags = SGX_PAGE_TYPE_TCS << 8; + } else { + seg->prot = (phdr->p_flags & PF_R) ? PROT_READ : 0; + seg->prot |= (phdr->p_flags & PF_W) ? PROT_WRITE : 0; + seg->prot |= (phdr->p_flags & PF_X) ? PROT_EXEC : 0; + seg->flags = (SGX_PAGE_TYPE_REG << 8) | seg->prot; + } + + seg->offset = (phdr->p_offset & PAGE_MASK) - src_offset; + seg->size = (phdr->p_filesz + PAGE_SIZE - 1) & PAGE_MASK; + + printf("0x%016lx 0x%016lx 0x%02x\n", seg->offset, seg->size, + seg->prot); + + j++; + } + + assert(j == encl->nr_segments); + + encl->src = encl->bin + src_offset; + encl->src_size = encl->segment_tbl[j - 1].offset + + encl->segment_tbl[j - 1].size; + + for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + encl->encl_size <<= 1; + + return true; + +err: + encl_delete(encl); + return false; +} + +static bool encl_map_area(struct encl *encl) +{ + size_t encl_size = encl->encl_size; + void *area; + + area = mmap(NULL, encl_size * 2, PROT_NONE, + MAP_SHARED | MAP_ANONYMOUS, -1, 0); + if (area == MAP_FAILED) { + perror("mmap"); + return false; + } + + encl->encl_base = ((uint64_t)area + encl_size - 1) & ~(encl_size - 1); + + munmap(area, encl->encl_base - (uint64_t)area); + munmap((void *)(encl->encl_base + encl_size), + (uint64_t)area + encl_size - encl->encl_base); + + return true; +} + +bool encl_build(struct encl *encl) +{ + struct sgx_enclave_init ioc; + int ret; + int i; + + if (!encl_map_area(encl)) + return false; + + if (!encl_ioc_create(encl)) + return false; + + /* + * Pages must be added before mapping VMAs because their permissions + * cap the VMA permissions. + */ + for (i = 0; i < encl->nr_segments; i++) { + struct encl_segment *seg = &encl->segment_tbl[i]; + + if (!encl_ioc_add_pages(encl, seg)) + return false; + } + + ioc.sigstruct = (uint64_t)&encl->sigstruct; + ret = ioctl(encl->fd, SGX_IOC_ENCLAVE_INIT, &ioc); + if (ret) { + fprintf(stderr, "SGX_IOC_ENCLAVE_INIT failed: errno=%d\n", + errno); + return false; + } + + return true; +} diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c new file mode 100644 index 000000000000..5394b2f6af8e --- /dev/null +++ b/tools/testing/selftests/sgx/main.c @@ -0,0 +1,199 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <elf.h> +#include <errno.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/ioctl.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <sys/types.h> +#include "defines.h" +#include "main.h" + +static const uint64_t MAGIC = 0x1122334455667788ULL; +vdso_sgx_enter_enclave_t eenter; + +struct vdso_symtab { + Elf64_Sym *elf_symtab; + const char *elf_symstrtab; + Elf64_Word *elf_hashtab; +}; + +static void *vdso_get_base_addr(char *envp[]) +{ + Elf64_auxv_t *auxv; + int i; + + for (i = 0; envp[i]; i++) + ; + + auxv = (Elf64_auxv_t *)&envp[i + 1]; + + for (i = 0; auxv[i].a_type != AT_NULL; i++) { + if (auxv[i].a_type == AT_SYSINFO_EHDR) + return (void *)auxv[i].a_un.a_val; + } + + return NULL; +} + +static Elf64_Dyn *vdso_get_dyntab(void *addr) +{ + Elf64_Ehdr *ehdr = addr; + Elf64_Phdr *phdrtab = addr + ehdr->e_phoff; + int i; + + for (i = 0; i < ehdr->e_phnum; i++) + if (phdrtab[i].p_type == PT_DYNAMIC) + return addr + phdrtab[i].p_offset; + + return NULL; +} + +static void *vdso_get_dyn(void *addr, Elf64_Dyn *dyntab, Elf64_Sxword tag) +{ + int i; + + for (i = 0; dyntab[i].d_tag != DT_NULL; i++) + if (dyntab[i].d_tag == tag) + return addr + dyntab[i].d_un.d_ptr; + + return NULL; +} + +static bool vdso_get_symtab(void *addr, struct vdso_symtab *symtab) +{ + Elf64_Dyn *dyntab = vdso_get_dyntab(addr); + + symtab->elf_symtab = vdso_get_dyn(addr, dyntab, DT_SYMTAB); + if (!symtab->elf_symtab) + return false; + + symtab->elf_symstrtab = vdso_get_dyn(addr, dyntab, DT_STRTAB); + if (!symtab->elf_symstrtab) + return false; + + symtab->elf_hashtab = vdso_get_dyn(addr, dyntab, DT_HASH); + if (!symtab->elf_hashtab) + return false; + + return true; +} + +static unsigned long elf_sym_hash(const char *name) +{ + unsigned long h = 0, high; + + while (*name) { + h = (h << 4) + *name++; + high = h & 0xf0000000; + + if (high) + h ^= high >> 24; + + h &= ~high; + } + + return h; +} + +static Elf64_Sym *vdso_symtab_get(struct vdso_symtab *symtab, const char *name) +{ + Elf64_Word bucketnum = symtab->elf_hashtab[0]; + Elf64_Word *buckettab = &symtab->elf_hashtab[2]; + Elf64_Word *chaintab = &symtab->elf_hashtab[2 + bucketnum]; + Elf64_Sym *sym; + Elf64_Word i; + + for (i = buckettab[elf_sym_hash(name) % bucketnum]; i != STN_UNDEF; + i = chaintab[i]) { + sym = &symtab->elf_symtab[i]; + if (!strcmp(name, &symtab->elf_symstrtab[sym->st_name])) + return sym; + } + + return NULL; +} + +int main(int argc, char *argv[], char *envp[]) +{ + struct sgx_enclave_exception exception; + struct vdso_symtab symtab; + Elf64_Sym *eenter_sym; + uint64_t result = 0; + struct encl encl; + unsigned int i; + void *addr; + + if (!encl_load("test_encl.elf", &encl)) + goto err; + + if (!encl_measure(&encl)) + goto err; + + if (!encl_build(&encl)) + goto err; + + /* + * An enclave consumer only must do this. + */ + for (i = 0; i < encl.nr_segments; i++) { + struct encl_segment *seg = &encl.segment_tbl[i]; + + addr = mmap((void *)encl.encl_base + seg->offset, seg->size, + seg->prot, MAP_SHARED | MAP_FIXED, encl.fd, 0); + if (addr == MAP_FAILED) { + fprintf(stderr, "mmap() failed, errno=%d.\n", errno); + return false; + } + } + + memset(&exception, 0, sizeof(exception)); + + addr = vdso_get_base_addr(envp); + if (!addr) + goto err; + + if (!vdso_get_symtab(addr, &symtab)) + goto err; + + eenter_sym = vdso_symtab_get(&symtab, "__vdso_sgx_enter_enclave"); + if (!eenter_sym) + goto err; + + eenter = addr + eenter_sym->st_value; + + sgx_call_vdso((void *)&MAGIC, &result, 0, EENTER, NULL, NULL, + (void *)encl.encl_base, &exception, NULL); + if (result != MAGIC) { + printf("FAIL: sgx_call_vdso(), expected: 0x%lx, got: 0x%lx\n", + MAGIC, result); + goto err; + } + + /* Invoke the vDSO directly. */ + result = 0; + eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER, 0, 0, + (void *)encl.encl_base, &exception, NULL); + if (result != MAGIC) { + printf("FAIL: eenter(), expected: 0x%lx, got: 0x%lx\n", + MAGIC, result); + goto err; + } + + printf("SUCCESS\n"); + encl_delete(&encl); + exit(0); + +err: + encl_delete(&encl); + exit(1); +} diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h new file mode 100644 index 000000000000..999422cc7343 --- /dev/null +++ b/tools/testing/selftests/sgx/main.h @@ -0,0 +1,38 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright(c) 2016-19 Intel Corporation. + */ + +#ifndef MAIN_H +#define MAIN_H + +struct encl_segment { + off_t offset; + size_t size; + unsigned int prot; + unsigned int flags; +}; + +struct encl { + int fd; + void *bin; + off_t bin_size; + void *src; + size_t src_size; + size_t encl_size; + off_t encl_base; + unsigned int nr_segments; + struct encl_segment *segment_tbl; + struct sgx_secs secs; + struct sgx_sigstruct sigstruct; +}; + +void encl_delete(struct encl *ctx); +bool encl_load(const char *path, struct encl *encl); +bool encl_measure(struct encl *encl); +bool encl_build(struct encl *encl); + +int sgx_call_vdso(void *rdi, void *rsi, long rdx, u32 leaf, void *r8, void *r9, + void *tcs, struct sgx_enclave_exception *ei, void *cb); + +#endif /* MAIN_H */ diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c new file mode 100644 index 000000000000..ceddad478672 --- /dev/null +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -0,0 +1,395 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#define _GNU_SOURCE +#include <assert.h> +#include <getopt.h> +#include <stdbool.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <unistd.h> +#include <openssl/err.h> +#include <openssl/pem.h> +#include "defines.h" +#include "main.h" + +struct q1q2_ctx { + BN_CTX *bn_ctx; + BIGNUM *m; + BIGNUM *s; + BIGNUM *q1; + BIGNUM *qr; + BIGNUM *q2; +}; + +static void free_q1q2_ctx(struct q1q2_ctx *ctx) +{ + BN_CTX_free(ctx->bn_ctx); + BN_free(ctx->m); + BN_free(ctx->s); + BN_free(ctx->q1); + BN_free(ctx->qr); + BN_free(ctx->q2); +} + +static bool alloc_q1q2_ctx(const uint8_t *s, const uint8_t *m, + struct q1q2_ctx *ctx) +{ + ctx->bn_ctx = BN_CTX_new(); + ctx->s = BN_bin2bn(s, SGX_MODULUS_SIZE, NULL); + ctx->m = BN_bin2bn(m, SGX_MODULUS_SIZE, NULL); + ctx->q1 = BN_new(); + ctx->qr = BN_new(); + ctx->q2 = BN_new(); + + if (!ctx->bn_ctx || !ctx->s || !ctx->m || !ctx->q1 || !ctx->qr || + !ctx->q2) { + free_q1q2_ctx(ctx); + return false; + } + + return true; +} + +static bool calc_q1q2(const uint8_t *s, const uint8_t *m, uint8_t *q1, + uint8_t *q2) +{ + struct q1q2_ctx ctx; + + if (!alloc_q1q2_ctx(s, m, &ctx)) { + fprintf(stderr, "Not enough memory for Q1Q2 calculation\n"); + return false; + } + + if (!BN_mul(ctx.q1, ctx.s, ctx.s, ctx.bn_ctx)) + goto out; + + if (!BN_div(ctx.q1, ctx.qr, ctx.q1, ctx.m, ctx.bn_ctx)) + goto out; + + if (BN_num_bytes(ctx.q1) > SGX_MODULUS_SIZE) { + fprintf(stderr, "Too large Q1 %d bytes\n", + BN_num_bytes(ctx.q1)); + goto out; + } + + if (!BN_mul(ctx.q2, ctx.s, ctx.qr, ctx.bn_ctx)) + goto out; + + if (!BN_div(ctx.q2, NULL, ctx.q2, ctx.m, ctx.bn_ctx)) + goto out; + + if (BN_num_bytes(ctx.q2) > SGX_MODULUS_SIZE) { + fprintf(stderr, "Too large Q2 %d bytes\n", + BN_num_bytes(ctx.q2)); + goto out; + } + + BN_bn2bin(ctx.q1, q1); + BN_bn2bin(ctx.q2, q2); + + free_q1q2_ctx(&ctx); + return true; +out: + free_q1q2_ctx(&ctx); + return false; +} + +struct sgx_sigstruct_payload { + struct sgx_sigstruct_header header; + struct sgx_sigstruct_body body; +}; + +static bool check_crypto_errors(void) +{ + int err; + bool had_errors = false; + const char *filename; + int line; + char str[256]; + + for ( ; ; ) { + if (ERR_peek_error() == 0) + break; + + had_errors = true; + err = ERR_get_error_line(&filename, &line); + ERR_error_string_n(err, str, sizeof(str)); + fprintf(stderr, "crypto: %s: %s:%d\n", str, filename, line); + } + + return had_errors; +} + +static inline const BIGNUM *get_modulus(RSA *key) +{ +#if OPENSSL_VERSION_NUMBER < 0x10100000L + return key->n; +#else + const BIGNUM *n; + + RSA_get0_key(key, &n, NULL, NULL); + return n; +#endif +} + +static RSA *gen_sign_key(void) +{ + BIGNUM *e; + RSA *key; + int ret; + + e = BN_new(); + key = RSA_new(); + + if (!e || !key) + goto err; + + ret = BN_set_word(e, RSA_3); + if (ret != 1) + goto err; + + ret = RSA_generate_key_ex(key, 3072, e, NULL); + if (ret != 1) + goto err; + + BN_free(e); + + return key; + +err: + RSA_free(key); + BN_free(e); + + return NULL; +} + +static void reverse_bytes(void *data, int length) +{ + int i = 0; + int j = length - 1; + uint8_t temp; + uint8_t *ptr = data; + + while (i < j) { + temp = ptr[i]; + ptr[i] = ptr[j]; + ptr[j] = temp; + i++; + j--; + } +} + +enum mrtags { + MRECREATE = 0x0045544145524345, + MREADD = 0x0000000044444145, + MREEXTEND = 0x00444E4554584545, +}; + +static bool mrenclave_update(EVP_MD_CTX *ctx, const void *data) +{ + if (!EVP_DigestUpdate(ctx, data, 64)) { + fprintf(stderr, "digest update failed\n"); + return false; + } + + return true; +} + +static bool mrenclave_commit(EVP_MD_CTX *ctx, uint8_t *mrenclave) +{ + unsigned int size; + + if (!EVP_DigestFinal_ex(ctx, (unsigned char *)mrenclave, &size)) { + fprintf(stderr, "digest commit failed\n"); + return false; + } + + if (size != 32) { + fprintf(stderr, "invalid digest size = %u\n", size); + return false; + } + + return true; +} + +struct mrecreate { + uint64_t tag; + uint32_t ssaframesize; + uint64_t size; + uint8_t reserved[44]; +} __attribute__((__packed__)); + + +static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t blob_size) +{ + struct mrecreate mrecreate; + uint64_t encl_size; + + for (encl_size = 0x1000; encl_size < blob_size; ) + encl_size <<= 1; + + memset(&mrecreate, 0, sizeof(mrecreate)); + mrecreate.tag = MRECREATE; + mrecreate.ssaframesize = 1; + mrecreate.size = encl_size; + + if (!EVP_DigestInit_ex(ctx, EVP_sha256(), NULL)) + return false; + + return mrenclave_update(ctx, &mrecreate); +} + +struct mreadd { + uint64_t tag; + uint64_t offset; + uint64_t flags; /* SECINFO flags */ + uint8_t reserved[40]; +} __attribute__((__packed__)); + +static bool mrenclave_eadd(EVP_MD_CTX *ctx, uint64_t offset, uint64_t flags) +{ + struct mreadd mreadd; + + memset(&mreadd, 0, sizeof(mreadd)); + mreadd.tag = MREADD; + mreadd.offset = offset; + mreadd.flags = flags; + + return mrenclave_update(ctx, &mreadd); +} + +struct mreextend { + uint64_t tag; + uint64_t offset; + uint8_t reserved[48]; +} __attribute__((__packed__)); + +static bool mrenclave_eextend(EVP_MD_CTX *ctx, uint64_t offset, + const uint8_t *data) +{ + struct mreextend mreextend; + int i; + + for (i = 0; i < 0x1000; i += 0x100) { + memset(&mreextend, 0, sizeof(mreextend)); + mreextend.tag = MREEXTEND; + mreextend.offset = offset + i; + + if (!mrenclave_update(ctx, &mreextend)) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x00])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x40])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x80])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0xC0])) + return false; + } + + return true; +} + +static bool mrenclave_segment(EVP_MD_CTX *ctx, struct encl *encl, + struct encl_segment *seg) +{ + uint64_t end = seg->offset + seg->size; + uint64_t offset; + + for (offset = seg->offset; offset < end; offset += PAGE_SIZE) { + if (!mrenclave_eadd(ctx, offset, seg->flags)) + return false; + + if (!mrenclave_eextend(ctx, offset, encl->src + offset)) + return false; + } + + return true; +} + +bool encl_measure(struct encl *encl) +{ + uint64_t header1[2] = {0x000000E100000006, 0x0000000000010000}; + uint64_t header2[2] = {0x0000006000000101, 0x0000000100000060}; + struct sgx_sigstruct *sigstruct = &encl->sigstruct; + struct sgx_sigstruct_payload payload; + uint8_t digest[SHA256_DIGEST_LENGTH]; + unsigned int siglen; + RSA *key = NULL; + EVP_MD_CTX *ctx; + int i; + + memset(sigstruct, 0, sizeof(*sigstruct)); + + sigstruct->header.header1[0] = header1[0]; + sigstruct->header.header1[1] = header1[1]; + sigstruct->header.header2[0] = header2[0]; + sigstruct->header.header2[1] = header2[1]; + sigstruct->exponent = 3; + sigstruct->body.attributes = SGX_ATTR_MODE64BIT; + sigstruct->body.xfrm = 3; + + /* sanity check */ + if (check_crypto_errors()) + goto err; + + key = gen_sign_key(); + if (!key) + goto err; + + BN_bn2bin(get_modulus(key), sigstruct->modulus); + + ctx = EVP_MD_CTX_create(); + if (!ctx) + goto err; + + if (!mrenclave_ecreate(ctx, encl->src_size)) + goto err; + + for (i = 0; i < encl->nr_segments; i++) { + struct encl_segment *seg = &encl->segment_tbl[i]; + + if (!mrenclave_segment(ctx, encl, seg)) + goto err; + } + + if (!mrenclave_commit(ctx, sigstruct->body.mrenclave)) + goto err; + + memcpy(&payload.header, &sigstruct->header, sizeof(sigstruct->header)); + memcpy(&payload.body, &sigstruct->body, sizeof(sigstruct->body)); + + SHA256((unsigned char *)&payload, sizeof(payload), digest); + + if (!RSA_sign(NID_sha256, digest, SHA256_DIGEST_LENGTH, + sigstruct->signature, &siglen, key)) + goto err; + + if (!calc_q1q2(sigstruct->signature, sigstruct->modulus, sigstruct->q1, + sigstruct->q2)) + goto err; + + /* BE -> LE */ + reverse_bytes(sigstruct->signature, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->modulus, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->q1, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->q2, SGX_MODULUS_SIZE); + + EVP_MD_CTX_destroy(ctx); + RSA_free(key); + return true; + +err: + EVP_MD_CTX_destroy(ctx); + RSA_free(key); + return false; +} diff --git a/tools/testing/selftests/sgx/test_encl.c b/tools/testing/selftests/sgx/test_encl.c new file mode 100644 index 000000000000..ede915399742 --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <stddef.h> +#include "defines.h" + +static void *memcpy(void *dest, const void *src, size_t n) +{ + size_t i; + + for (i = 0; i < n; i++) + ((char *)dest)[i] = ((char *)src)[i]; + + return dest; +} + +void encl_body(void *rdi, void *rsi) +{ + memcpy(rsi, rdi, 8); +} diff --git a/tools/testing/selftests/sgx/test_encl.lds b/tools/testing/selftests/sgx/test_encl.lds new file mode 100644 index 000000000000..0fbbda7e665e --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl.lds @@ -0,0 +1,40 @@ +OUTPUT_FORMAT(elf64-x86-64) + +PHDRS +{ + tcs PT_LOAD; + text PT_LOAD; + data PT_LOAD; +} + +SECTIONS +{ + . = 0; + .tcs : { + *(.tcs*) + } : tcs + + . = ALIGN(4096); + .text : { + *(.text*) + *(.rodata*) + } : text + + . = ALIGN(4096); + .data : { + *(.data*) + } : data + + /DISCARD/ : { + *(.comment*) + *(.note*) + *(.debug*) + *(.eh_frame*) + } +} + +ASSERT(!DEFINED(.altinstructions), "ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.altinstr_replacement), "ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.discard.retpoline_safe), "RETPOLINE ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.discard.nospec), "RETPOLINE ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.got.plt), "Libcalls are not supported in enclaves") diff --git a/tools/testing/selftests/sgx/test_encl_bootstrap.S b/tools/testing/selftests/sgx/test_encl_bootstrap.S new file mode 100644 index 000000000000..6836ea86126e --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl_bootstrap.S @@ -0,0 +1,89 @@ +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) */ +/* + * Copyright(c) 2016-18 Intel Corporation. + */ + + .macro ENCLU + .byte 0x0f, 0x01, 0xd7 + .endm + + .section ".tcs", "aw" + .balign 4096 + + .fill 1, 8, 0 # STATE (set by CPU) + .fill 1, 8, 0 # FLAGS + .quad encl_ssa # OSSA + .fill 1, 4, 0 # CSSA (set by CPU) + .fill 1, 4, 1 # NSSA + .quad encl_entry # OENTRY + .fill 1, 8, 0 # AEP (set by EENTER and ERESUME) + .fill 1, 8, 0 # OFSBASE + .fill 1, 8, 0 # OGSBASE + .fill 1, 4, 0xFFFFFFFF # FSLIMIT + .fill 1, 4, 0xFFFFFFFF # GSLIMIT + .fill 4024, 1, 0 # Reserved + + # Identical to the previous TCS. + .fill 1, 8, 0 # STATE (set by CPU) + .fill 1, 8, 0 # FLAGS + .quad encl_ssa # OSSA + .fill 1, 4, 0 # CSSA (set by CPU) + .fill 1, 4, 1 # NSSA + .quad encl_entry # OENTRY + .fill 1, 8, 0 # AEP (set by EENTER and ERESUME) + .fill 1, 8, 0 # OFSBASE + .fill 1, 8, 0 # OGSBASE + .fill 1, 4, 0xFFFFFFFF # FSLIMIT + .fill 1, 4, 0xFFFFFFFF # GSLIMIT + .fill 4024, 1, 0 # Reserved + + .text + +encl_entry: + # RBX contains the base address for TCS, which is also the first address + # inside the enclave. By adding the value of le_stack_end to it, we get + # the absolute address for the stack. + lea (encl_stack)(%rbx), %rax + xchg %rsp, %rax + push %rax + + push %rcx # push the address after EENTER + push %rbx # push the enclave base address + + call encl_body + + pop %rbx # pop the enclave base address + + /* Clear volatile GPRs, except RAX (EEXIT leaf). */ + xor %rcx, %rcx + xor %rdx, %rdx + xor %rdi, %rdi + xor %rsi, %rsi + xor %r8, %r8 + xor %r9, %r9 + xor %r10, %r10 + xor %r11, %r11 + + # Reset status flags. + add %rdx, %rdx # OF = SF = AF = CF = 0; ZF = PF = 1 + + # Prepare EEXIT target by popping the address of the instruction after + # EENTER to RBX. + pop %rbx + + # Restore the caller stack. + pop %rax + mov %rax, %rsp + + # EEXIT + mov $4, %rax + enclu + + .section ".data", "aw" + +encl_ssa: + .space 4096 + + .balign 4096 + .space 8192 +encl_stack: -- 2.25.1

5 years, 5 months

1
0
0 0

[PATCH RESEND net-next] selftests: fix flower parent qdisc

by Vlad Buslov

Flower tests used to create ingress filter with specified parent qdisc "parent ffff:" but dump them on "ingress". With recent commit that fixed tcm_parent handling in dump those are not considered same parent anymore, which causes iproute2 tc to emit additional "parent ffff:" in first line of filter dump output. The change in output causes filter match in tests to fail. Prevent parent qdisc output when dumping filters in flower tests by always correctly specifying "ingress" parent both when creating and dumping filters. Fixes: a7df4870d79b ("net_sched: fix tcm_parent in tc filter dump") Signed-off-by: Vlad Buslov <vladbu(a)mellanox.com> --- .../selftests/tc-testing/tc-tests/filters/tests.json | 6 +++--- tools/testing/selftests/tc-testing/tdc_batch.py | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/tc-testing/tc-tests/filters/tests.json b/tools/testing/selftests/tc-testing/tc-tests/filters/tests.json index 8877f7b2b809..12aa4bc1f6a0 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/filters/tests.json +++ b/tools/testing/selftests/tc-testing/tc-tests/filters/tests.json @@ -32,7 +32,7 @@ "setup": [ "$TC qdisc add dev $DEV2 ingress" ], - "cmdUnderTest": "$TC filter add dev $DEV2 protocol ip pref 1 parent ffff: handle 0xffffffff flower action ok", + "cmdUnderTest": "$TC filter add dev $DEV2 protocol ip pref 1 ingress handle 0xffffffff flower action ok", "expExitCode": "0", "verifyCmd": "$TC filter show dev $DEV2 ingress", "matchPattern": "filter protocol ip pref 1 flower.*handle 0xffffffff", @@ -77,9 +77,9 @@ }, "setup": [ "$TC qdisc add dev $DEV2 ingress", - "$TC filter add dev $DEV2 protocol ip prio 1 parent ffff: flower dst_mac e4:11:22:11:4a:51 src_mac e4:11:22:11:4a:50 ip_proto tcp src_ip 1.1.1.1 dst_ip 2.2.2.2 action drop" + "$TC filter add dev $DEV2 protocol ip prio 1 ingress flower dst_mac e4:11:22:11:4a:51 src_mac e4:11:22:11:4a:50 ip_proto tcp src_ip 1.1.1.1 dst_ip 2.2.2.2 action drop" ], - "cmdUnderTest": "$TC filter add dev $DEV2 protocol ip prio 1 parent ffff: flower dst_mac e4:11:22:11:4a:51 src_mac e4:11:22:11:4a:50 ip_proto tcp src_ip 1.1.1.1 dst_ip 2.2.2.2 action drop", + "cmdUnderTest": "$TC filter add dev $DEV2 protocol ip prio 1 ingress flower dst_mac e4:11:22:11:4a:51 src_mac e4:11:22:11:4a:50 ip_proto tcp src_ip 1.1.1.1 dst_ip 2.2.2.2 action drop", "expExitCode": "2", "verifyCmd": "$TC -s filter show dev $DEV2 ingress", "matchPattern": "filter protocol ip pref 1 flower chain 0 handle", diff --git a/tools/testing/selftests/tc-testing/tdc_batch.py b/tools/testing/selftests/tc-testing/tdc_batch.py index 6a2bd2cf528e..995f66ce43eb 100755 --- a/tools/testing/selftests/tc-testing/tdc_batch.py +++ b/tools/testing/selftests/tc-testing/tdc_batch.py @@ -72,21 +72,21 @@ mac_prefix = args.mac_prefix def format_add_filter(device, prio, handle, skip, src_mac, dst_mac, share_action): - return ("filter add dev {} {} protocol ip parent ffff: handle {} " + return ("filter add dev {} {} protocol ip ingress handle {} " " flower {} src_mac {} dst_mac {} action drop {}".format( device, prio, handle, skip, src_mac, dst_mac, share_action)) def format_rep_filter(device, prio, handle, skip, src_mac, dst_mac, share_action): - return ("filter replace dev {} {} protocol ip parent ffff: handle {} " + return ("filter replace dev {} {} protocol ip ingress handle {} " " flower {} src_mac {} dst_mac {} action drop {}".format( device, prio, handle, skip, src_mac, dst_mac, share_action)) def format_del_filter(device, prio, handle, skip, src_mac, dst_mac, share_action): - return ("filter del dev {} {} protocol ip parent ffff: handle {} " + return ("filter del dev {} {} protocol ip ingress handle {} " "flower".format(device, prio, handle)) -- 2.21.0

5 years, 5 months

2
1
0 0

[PATCH v17 00/10] Landlock LSM

by Mickaël Salaün

Hi, This new patch series brings some improvements and add new tests: Use smaller userspace structures (attributes) to save space, and check at built time that every attribute don't contain hole and are 8-bits aligned. Allow enforcement of empty ruleset, which enables deny-all policies (useful for strict sandboxes). I found that UML may not keep the same internal struct inode for an open file. Because the Landlock filesystem access-control relies on internal kernel states, special architectures such as UML can't support Landlock. Add a new ARCH_EPHEMERAL_STATES to identify such architectures. Add a size_attr_features field to struct landlock_attr_features for self-introspection Switch syscall attribute pointer and size arguments to follow similar syscalls argument order (e.g. bpf, clone3, openat2). The SLOC count is 1288 for security/landlock/ and 1740 for tools/testing/selftest/landlock/ . Test coverage for security/landlock/ is 93.6% of lines. The code not covered only deals with internal kernel errors (e.g. memory allocation) and race conditions. The compiled documentation is available here: https://landlock.io/linux-doc/landlock-v17/security/landlock/index.html This series can be applied on top of v5.7-rc5. This can be tested with CONFIG_SECURITY_LANDLOCK and CONFIG_SAMPLE_LANDLOCK. This patch series can be found in a Git repository here: https://github.com/landlock-lsm/linux/commits/landlock-v17 I would really appreciate constructive comments on this patch series. # Landlock LSM The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. Because Landlock is a stackable LSM [2], it makes possible to create safe security sandboxes as new security layers in addition to the existing system-wide access-controls. This kind of sandbox is expected to help mitigate the security impact of bugs or unexpected/malicious behaviors in user-space applications. Landlock empowers any process, including unprivileged ones, to securely restrict themselves. Landlock is inspired by seccomp-bpf but instead of filtering syscalls and their raw arguments, a Landlock rule can restrict the use of kernel objects like file hierarchies, according to the kernel semantic. Landlock also takes inspiration from other OS sandbox mechanisms: XNU Sandbox, FreeBSD Capsicum or OpenBSD Pledge/Unveil. Previous version: https://lore.kernel.org/lkml/20200416103955.145757-1-mic@digikod.net/ [1] https://lore.kernel.org/lkml/e07fe473-1801-01cc-12ae-b3167f95250e@digikod.n… [2] https://lore.kernel.org/lkml/50db058a-7dde-441b-a7f9-f6837fe8b69f@schaufler… Regards, Mickaël Salaün (10): landlock: Add object management landlock: Add ruleset and domain management landlock: Set up the security framework and manage credentials landlock: Add ptrace restrictions fs,landlock: Support filesystem access-control landlock: Add syscall implementation arch: Wire up landlock() syscall selftests/landlock: Add initial tests samples/landlock: Add a sandbox manager example landlock: Add user and kernel documentation Documentation/security/index.rst | 1 + Documentation/security/landlock/index.rst | 18 + Documentation/security/landlock/kernel.rst | 69 + Documentation/security/landlock/user.rst | 268 +++ MAINTAINERS | 12 + arch/Kconfig | 7 + arch/alpha/kernel/syscalls/syscall.tbl | 1 + arch/arm/tools/syscall.tbl | 1 + arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 2 + arch/ia64/kernel/syscalls/syscall.tbl | 1 + arch/m68k/kernel/syscalls/syscall.tbl | 1 + arch/microblaze/kernel/syscalls/syscall.tbl | 1 + arch/mips/kernel/syscalls/syscall_n32.tbl | 1 + arch/mips/kernel/syscalls/syscall_n64.tbl | 1 + arch/mips/kernel/syscalls/syscall_o32.tbl | 1 + arch/parisc/kernel/syscalls/syscall.tbl | 1 + arch/powerpc/kernel/syscalls/syscall.tbl | 1 + arch/s390/kernel/syscalls/syscall.tbl | 1 + arch/sh/kernel/syscalls/syscall.tbl | 1 + arch/sparc/kernel/syscalls/syscall.tbl | 1 + arch/um/Kconfig | 1 + arch/x86/entry/syscalls/syscall_32.tbl | 1 + arch/x86/entry/syscalls/syscall_64.tbl | 1 + arch/xtensa/kernel/syscalls/syscall.tbl | 1 + fs/super.c | 2 + include/linux/fs.h | 5 + include/linux/landlock.h | 22 + include/linux/syscalls.h | 3 + include/uapi/asm-generic/unistd.h | 4 +- include/uapi/linux/landlock.h | 302 +++ kernel/sys_ni.c | 3 + samples/Kconfig | 7 + samples/Makefile | 1 + samples/landlock/.gitignore | 1 + samples/landlock/Makefile | 15 + samples/landlock/sandboxer.c | 228 +++ security/Kconfig | 11 +- security/Makefile | 2 + security/landlock/Kconfig | 18 + security/landlock/Makefile | 4 + security/landlock/common.h | 20 + security/landlock/cred.c | 46 + security/landlock/cred.h | 58 + security/landlock/fs.c | 601 ++++++ security/landlock/fs.h | 42 + security/landlock/object.c | 66 + security/landlock/object.h | 91 + security/landlock/ptrace.c | 120 ++ security/landlock/ptrace.h | 14 + security/landlock/ruleset.c | 342 ++++ security/landlock/ruleset.h | 161 ++ security/landlock/setup.c | 39 + security/landlock/setup.h | 18 + security/landlock/syscall.c | 532 +++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/landlock/.gitignore | 2 + tools/testing/selftests/landlock/Makefile | 29 + tools/testing/selftests/landlock/base_test.c | 170 ++ tools/testing/selftests/landlock/common.h | 108 + tools/testing/selftests/landlock/config | 5 + tools/testing/selftests/landlock/fs_test.c | 1729 +++++++++++++++++ .../testing/selftests/landlock/ptrace_test.c | 293 +++ tools/testing/selftests/landlock/true.c | 5 + 64 files changed, 5509 insertions(+), 7 deletions(-) create mode 100644 Documentation/security/landlock/index.rst create mode 100644 Documentation/security/landlock/kernel.rst create mode 100644 Documentation/security/landlock/user.rst create mode 100644 include/linux/landlock.h create mode 100644 include/uapi/linux/landlock.h create mode 100644 samples/landlock/.gitignore create mode 100644 samples/landlock/Makefile create mode 100644 samples/landlock/sandboxer.c create mode 100644 security/landlock/Kconfig create mode 100644 security/landlock/Makefile create mode 100644 security/landlock/common.h create mode 100644 security/landlock/cred.c create mode 100644 security/landlock/cred.h create mode 100644 security/landlock/fs.c create mode 100644 security/landlock/fs.h create mode 100644 security/landlock/object.c create mode 100644 security/landlock/object.h create mode 100644 security/landlock/ptrace.c create mode 100644 security/landlock/ptrace.h create mode 100644 security/landlock/ruleset.c create mode 100644 security/landlock/ruleset.h create mode 100644 security/landlock/setup.c create mode 100644 security/landlock/setup.h create mode 100644 security/landlock/syscall.c create mode 100644 tools/testing/selftests/landlock/.gitignore create mode 100644 tools/testing/selftests/landlock/Makefile create mode 100644 tools/testing/selftests/landlock/base_test.c create mode 100644 tools/testing/selftests/landlock/common.h create mode 100644 tools/testing/selftests/landlock/config create mode 100644 tools/testing/selftests/landlock/fs_test.c create mode 100644 tools/testing/selftests/landlock/ptrace_test.c create mode 100644 tools/testing/selftests/landlock/true.c -- 2.26.2

5 years, 5 months

3
20
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror