- Linux-kselftest-mirror - lists.linaro.org

[PATCH v4 0/7] platform/chrome: Fix a possible UAF via revocable

by Tzung-Bi Shih

This is a follow-up series of [1]. It tries to fix a possible UAF in the fops of cros_ec_chardev after the underlying protocol device has gone by using revocable. The 1st patch introduces the revocable which is an implementation of ideas from the talk [2]. The 2nd and 3rd patches add test cases for revocable in Kunit and selftest. The 4th patch converts existing protocol devices to resource providers of cros_ec_device. The 5th - 7th are PoC patches for moving most revocable code to subsystem level. Miscdevice is used as it would be simpler for PoC. Note that the device driver (e.g., cros_ec_chardev) still needs to be revocable-aware. The driver needs to specify where to save the pointer and thus the resource is available in fops. - The 5th patch adds a helper for using revocable API with fops. - The 6th patch leverages the helper in miscdevice. - The 7th patch converts cros_ec_chardev to a resource consumer of cros_ec_device to fix the UAF. [1] https://lore.kernel.org/chrome-platform/20250721044456.2736300-6-tzungbi@ke… [2] https://lpc.events/event/17/contributions/1627/ v4: - Rebase onto next-20250922. - Remove the 5th patch from v3. - Add fops replacement PoC in 5th - 7th patches. v3: https://lore.kernel.org/chrome-platform/20250912081718.3827390-1-tzungbi@ke… - Rebase onto https://lore.kernel.org/chrome-platform/20250828083601.856083-1-tzungbi@ker… and next-20250912. - The 4th patch changed accordingly. v2: https://lore.kernel.org/chrome-platform/20250820081645.847919-1-tzungbi@ker… - Rename "ref_proxy" -> "revocable". - Add test cases in Kunit and selftest. v1: https://lore.kernel.org/chrome-platform/20250814091020.1302888-1-tzungbi@ke… Tzung-Bi Shih (7): revocable: Revocable resource management revocable: Add Kunit test cases selftests: revocable: Add kselftest cases platform/chrome: Protect cros_ec_device lifecycle with revocable revocable: Add fops replacement char: misc: Leverage revocable fops replacement platform/chrome: cros_ec_chardev: Secure cros_ec_device via revocable .../driver-api/driver-model/index.rst | 1 + .../driver-api/driver-model/revocable.rst | 87 ++++ MAINTAINERS | 9 + drivers/base/Kconfig | 8 + drivers/base/Makefile | 5 +- drivers/base/revocable.c | 374 ++++++++++++++++++ drivers/base/revocable_test.c | 110 ++++++ drivers/char/misc.c | 7 + drivers/platform/chrome/cros_ec.c | 5 + drivers/platform/chrome/cros_ec_chardev.c | 15 +- include/linux/miscdevice.h | 3 + include/linux/platform_data/cros_ec_proto.h | 4 + include/linux/revocable.h | 60 +++ tools/testing/selftests/Makefile | 1 + .../selftests/drivers/base/revocable/Makefile | 7 + .../drivers/base/revocable/revocable_test.c | 116 ++++++ .../drivers/base/revocable/test-revocable.sh | 39 ++ .../base/revocable/test_modules/Makefile | 10 + .../revocable/test_modules/revocable_test.c | 188 +++++++++ 19 files changed, 1047 insertions(+), 2 deletions(-) create mode 100644 Documentation/driver-api/driver-model/revocable.rst create mode 100644 drivers/base/revocable.c create mode 100644 drivers/base/revocable_test.c create mode 100644 include/linux/revocable.h create mode 100644 tools/testing/selftests/drivers/base/revocable/Makefile create mode 100644 tools/testing/selftests/drivers/base/revocable/revocable_test.c create mode 100755 tools/testing/selftests/drivers/base/revocable/test-revocable.sh create mode 100644 tools/testing/selftests/drivers/base/revocable/test_modules/Makefile create mode 100644 tools/testing/selftests/drivers/base/revocable/test_modules/revocable_test.c -- 2.51.0.534.gc79095c0ca-goog

1 month

2
10
0 0

[PATCH net-next 0/8] mptcp: receive path improvement

by Matthieu Baerts (NGI0)

This series includes several changes to the MPTCP RX path. The main goals are improving the RX performances, and increase the long term maintainability. Some changes reflects recent(ish) improvements introduced in the TCP stack: patch 1, 2 and 3 are the MPTCP counter part of SKB deferral free and auto-tuning improvements. Note that patch 3 could possibly fix additional issues, and overall such patch should protect from similar issues to arise in the future. Patches 4-7 are aimed at introducing the socket backlog usage which will be done in a later series to process the packets received by the different subflows while the msk socket is owned. Patch 8 is not related to the RX path, but it contains additional tests for new features recently introduced in net-next. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Notes: - Sorry for sending this series that late, we had quite a few patches to upstream during this cycle. This is the last batch, and it has been heavily tested the last 2 weeks. - If there are some issues with some patches, but not with 1-3, it would be nice, if possible, if these 3 first patches can be accepted, to reduce the recently introduced gap with TCP. - Patches can be grouped like this if needed: 1-3, 4-5, 6-7, 8. 6-7 are preparing the ground for future on-going work, they can be dropped if there are issues with them. --- Matthieu Baerts (NGI0) (1): selftests: mptcp: join: validate new laminar endp Paolo Abeni (7): mptcp: leverage skb deferral free tcp: make tcp_rcvbuf_grow() accessible to mptcp code mptcp: rcvbuf auto-tuning improvement mptcp: introduce the mptcp_init_skb helper mptcp: remove unneeded mptcp_move_skb() mptcp: factor out a basic skb coalesce helper mptcp: minor move_skbs_to_msk() cleanup include/net/tcp.h | 1 + net/ipv4/tcp_input.c | 2 +- net/mptcp/protocol.c | 187 ++++++++++++------------ net/mptcp/protocol.h | 4 +- tools/testing/selftests/net/mptcp/mptcp_join.sh | 69 +++++++++ tools/testing/selftests/net/mptcp/pm_nl_ctl.c | 9 ++ 6 files changed, 177 insertions(+), 95 deletions(-) --- base-commit: 1493c18fe8696bfc758a97130a485fc4e08387f5 change-id: 20250927-net-next-mptcp-rcv-path-imp-192d8c24c9c7 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

1 month

4
11
0 0

[PATCH] KVM: selftests: fix irqfd_test on arm64

by Sebastian Ott

irqfd_test on arm triggers the following assertion: ==== Test Assertion Failure ==== include/kvm_util.h:527: !ret pid=3643 tid=3643 errno=11 - Resource temporarily unavailable 1 0x00000000004026d7: kvm_irqfd at kvm_util.h:527 2 0x0000000000402083: main at irqfd_test.c:100 3 0x0000ffffa5aab587: ?? ??:0 4 0x0000ffffa5aab65f: ?? ??:0 5 0x000000000040236f: _start at ??:? KVM_IRQFD failed, rc: -1 errno: 11 (Resource temporarily unavailable) Fix this by setting up a vgic for the vm. Signed-off-by: Sebastian Ott <sebott(a)redhat.com> --- tools/testing/selftests/kvm/irqfd_test.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/irqfd_test.c b/tools/testing/selftests/kvm/irqfd_test.c index 7c301b4c7005..f7b8766e9d42 100644 --- a/tools/testing/selftests/kvm/irqfd_test.c +++ b/tools/testing/selftests/kvm/irqfd_test.c @@ -8,7 +8,11 @@ #include <stdint.h> #include <sys/sysinfo.h> +#include "processor.h" #include "kvm_util.h" +#ifdef __aarch64__ +#include "vgic.h" +#endif static struct kvm_vm *vm1; static struct kvm_vm *vm2; @@ -86,14 +90,30 @@ static void juggle_eventfd_primary(struct kvm_vm *vm, int eventfd) kvm_irqfd(vm, GSI_BASE_PRIMARY + 1, eventfd, KVM_IRQFD_FLAG_DEASSIGN); } +static struct kvm_vm *test_vm_create(void) +{ +#ifdef __aarch64__ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + int gic_fd; + + vm = vm_create_with_one_vcpu(&vcpu, NULL); + gic_fd = vgic_v3_setup(vm, 1, 64); + __TEST_REQUIRE(gic_fd >= 0, "Failed to create vgic-v3"); + + return vm; +#endif + return vm_create(1); +} + int main(int argc, char *argv[]) { pthread_t racing_thread; int r, i; /* Create "full" VMs, as KVM_IRQFD requires an in-kernel IRQ chip. */ - vm1 = vm_create(1); - vm2 = vm_create(1); + vm1 = test_vm_create(); + vm2 = test_vm_create(); WRITE_ONCE(__eventfd, kvm_new_eventfd()); -- 2.51.0

1 month

4
10
0 0

[PATCH net-next] selftests/net: add tcp_port_share to .gitignore

by Gopi Krishna Menon

Add the tcp_port_share test binary to .gitignore to avoid accidentally staging the build artifact. Fixes: 8a8241cdaa34 ("selftests/net: Test tcp port reuse after unbinding a socket") Signed-off-by: Gopi Krishna Menon <krishnagopi487(a)gmail.com> --- tools/testing/selftests/net/.gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/net/.gitignore b/tools/testing/selftests/net/.gitignore index 3d4b4a53dfda..439101b518ee 100644 --- a/tools/testing/selftests/net/.gitignore +++ b/tools/testing/selftests/net/.gitignore @@ -52,6 +52,7 @@ tap tcp_fastopen_backup_key tcp_inq tcp_mmap +tcp_port_share tfo timestamping tls -- 2.43.0

1 month, 1 week

4
5
0 0

selftests: kvm: irqfd_test: KVM_IRQFD failed, rc: -1 errno: 11 (Resource temporarily unavailable)

by Naresh Kamboju

The selftests: kvm: irqfd_test consistently fails across all test platforms since its introduction in Linux next-20250625. The failure occurs due to a KVM_IRQFD ioctl returning errno 11 (Resource temporarily unavailable). This has been observed from day one and is reproducible on all test runs. Reproducibility: 100% failure on all test platforms since next-20250625..next-20250929 Test fails on the below list * graviton4 * rk3399-rock-pi-4b ## Initial Observations: The test is attempting to register an IRQFD but fails with EAGAIN (errno 11). This likely indicates resource exhaustion or unsupported behavior on affected ARM-based platforms. Could you please advise on the way forward for this test? Should we treat this as an unsupported case on ARM platforms, or is there a missing implementation/configuration that needs to be addressed? ## Test log selftests: kvm: irqfd_test Random seed: 0x6b8b4567 ==== Test Assertion Failure ==== include/kvm_util.h:527: !ret pid=721 tid=721 errno=11 - Resource temporarily unavailable 1 0x000000000040250f: kvm_irqfd at kvm_util.h:527 2 0x000000000040222f: main at irqfd_test.c:100 3 0x0000ffffbd43229b: ?? ??:0 4 0x0000ffffbd43237b: ?? ??:0 addr2line: 5 0x000000000040206f: DWARF error: mangled line number section (bad file number) addr2line: DWARF error: mangled line number section (bad file number) _start at ??:? KVM_IRQFD failed, rc: -1 errno: 11 (Resource temporarily unavailable) not ok 4 selftests: kvm: irqfd_test exit=254 ## Links * https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20250929/te… * https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20250929/te…

1 month, 1 week

2
1
0 0

[PATCH v2 1/2] selftests/net: add netdevsim.c

by Maksimilijan Marosevic

Tests an edge case in the nsim module where gw_family == AF_UNSPEC. Works by creating a new nsim device and then sending a multipath path message to it and loopback. In unpatched kernels, this triggers a WARN_ON_ONCE in netdevsim/fib.c. Reported-by: syzbot+a259a17220263c2d73fc(a)syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=a259a17220263c2d73fc Fixes: e6f497955fb6 ("ipv6: Check GATEWAY in rtm_to_fib6_multipath_config().") Signed-off-by: Maksimilijan Marosevic <maksimilijan.marosevic(a)proton.me> --- tools/testing/selftests/net/netdevsim.c | 391 ++++++++++++++++++++++++ 1 file changed, 391 insertions(+) create mode 100644 tools/testing/selftests/net/netdevsim.c diff --git a/tools/testing/selftests/net/netdevsim.c b/tools/testing/selftests/net/netdevsim.c new file mode 100644 index 000000000000..cdc8ebef4dac --- /dev/null +++ b/tools/testing/selftests/net/netdevsim.c @@ -0,0 +1,391 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * This test creates a new netdevsim device and then sends + * an IPv6 multipath netlink message to it and the loopback + * interface. + * + * This triggers an edge case where the routing table is + * constructed with an entry where gw_family = AF_UNSPEC. + * If not caught, this causes an unexpected nsiblings count + * in netdevsim/fib.c: nsim_fib6_event_init(), raising a + * warning. + * + * NOTE: The warning in question is raised by WARN_ON_ONCE. + * Therefore, this test reports a false negative if the + * warning has already been triggered. + * + */ + +#include <arpa/inet.h> +#include <bits/types/struct_iovec.h> +#include <linux/netlink.h> +#include <linux/rtnetlink.h> +#include <netinet/in.h> +#include <stdio.h> +#include <fcntl.h> +#include <stdlib.h> +#include <string.h> +#include <sys/socket.h> +#include <unistd.h> +#include <dirent.h> +#include <stdbool.h> +#include <net/if.h> + +#define RTF_UP 0x0001 // route usable +#define RTF_HOST 0x0004 // host entry (net otherwise) + +#define NSIM_PORTS 1 +#define NETDEVSIM_DEV_DIR "/sys/bus/netdevsim/devices" +#define NSIM_DEV_DIR_BUFFER_SIZE 128 +#define LO_DEV "lo" + +#define BUFSIZE 4096 +#define DST_PREFIX "2001:db8::" +#define GW1 "fe80::1" +#define GW2 "::1" + +#define PID_LEN 16 + +int get_free_idx(void) +{ + int idx = 0; + int tmp = 0; + DIR *nsim_dir = opendir(NETDEVSIM_DEV_DIR); + struct dirent *entry = NULL; + + if (nsim_dir == NULL) { + fprintf(stderr, "Unable to open nsim directory\n"); + return -1; + } + + do { + entry = readdir(nsim_dir); + if (entry != NULL && + sscanf(entry->d_name, "netdevsim%d", &tmp) > 0) { + if (tmp >= idx) + idx = tmp + 1; + } + } while (entry != NULL); + + closedir(nsim_dir); + return idx; +} + +int create_netdevsim_device(int id, int num_ports) +{ + const char *path = "/sys/bus/netdevsim/new_device"; + char buffer[64]; + int fd; + + fd = open(path, O_WRONLY); + if (fd < 0) { + fprintf(stderr, "Failed to open new_device\n"); + return -1; + } + + snprintf(buffer, sizeof(buffer), "%d %d", id, num_ports); + if (write(fd, buffer, strlen(buffer)) < 0) { + fprintf(stderr, "Failed to write to new_device\n"); + close(fd); + return -1; + } + + close(fd); + return 0; +} + +int ensure_nsim_dev_exists(void) +{ + int ret; + int nsim_idx; + + nsim_idx = get_free_idx(); + ret = create_netdevsim_device(nsim_idx, NSIM_PORTS); + if (ret != 0) { + fprintf(stderr, "Failed to create nsim device\n"); + return -1; + } + + return nsim_idx; +} + +char *get_nsim_dev_link(int nsim_idx) +{ + char nsim_dev_dir_buffer[NSIM_DEV_DIR_BUFFER_SIZE]; + DIR *nsim_dev_dir; + struct dirent *entry; + + sprintf(nsim_dev_dir_buffer, "%s/netdevsim%d/%s", NETDEVSIM_DEV_DIR, + nsim_idx, "net"); + + nsim_dev_dir = opendir(nsim_dev_dir_buffer); + + if (nsim_dev_dir == NULL) { + fprintf(stderr, "Unable to open %s\n", nsim_dev_dir_buffer); + return NULL; + } + + do { + entry = readdir(nsim_dev_dir); + if (entry != NULL && entry->d_name[0] != '.') + break; + + } while (entry != NULL); + + if (entry == NULL || entry->d_name[0] == '.') { + fprintf(stderr, "Device has no ports\n"); + return NULL; + } + + closedir(nsim_dev_dir); + + return entry->d_name; +} + +int get_nsim_dev(char **nsim_link) +{ + int nsim_idx; + char *nsim_dev_link; + + nsim_idx = ensure_nsim_dev_exists(); + if (nsim_idx < 0) + return -1; + + nsim_dev_link = get_nsim_dev_link(nsim_idx); + if (nsim_dev_link == NULL) + return -1; + + *nsim_link = nsim_dev_link; + return 0; +} + +int prepare_socket(void) +{ + struct sockaddr_nl sa; + int fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); + + if (fd < 0) { + fprintf(stderr, "Failed to open socket\n"); + return -1; + } + + sa.nl_family = AF_NETLINK; + + if (bind(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) + fprintf(stderr, "Failed to bind socket\n"); + + return fd; +} + +struct nlmsghdr *construct_header(char **pos) +{ + struct nlmsghdr *nlh = (struct nlmsghdr *)(*pos); + + nlh->nlmsg_type = RTM_NEWROUTE; + nlh->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE; + + *pos += NLMSG_HDRLEN; + + return nlh; +} + +void construct_rtmsg(char **pos) +{ + struct rtmsg *rtm = (struct rtmsg *)(*pos); + + rtm->rtm_family = AF_INET6; + rtm->rtm_table = RT_TABLE_MAIN; + rtm->rtm_protocol = RTPROT_STATIC; + rtm->rtm_type = RTN_UNICAST; + rtm->rtm_scope = RT_SCOPE_UNIVERSE; + rtm->rtm_dst_len = 128; + rtm->rtm_flags |= RTF_HOST | RTF_UP; + + *pos += NLMSG_ALIGN(sizeof(struct rtmsg)); +} + +void construct_dest(char **pos) +{ + struct rtattr *rta_dest = (struct rtattr *)(*pos); + struct in6_addr dst6; + + rta_dest->rta_type = RTA_DST; + rta_dest->rta_len = RTA_LENGTH(sizeof(struct in6_addr)); + inet_pton(AF_INET6, DST_PREFIX, &dst6); + memcpy(RTA_DATA(rta_dest), &dst6, sizeof(dst6)); + *pos += RTA_ALIGN(rta_dest->rta_len); +} + +struct rtattr *construct_multipath_hdr(char **pos) +{ + struct rtattr *rta_mp = (struct rtattr *)(*pos); + + rta_mp->rta_type = RTA_MULTIPATH; + *pos += sizeof(struct rtattr); + + return rta_mp; +} + +void add_nexthop(char **pos, int ifindex, char *gw_addr) +{ + struct rtnexthop *rtnh = (struct rtnexthop *)(*pos); + + rtnh->rtnh_hops = 0; + rtnh->rtnh_ifindex = ifindex; + char *rtnh_pos = (char *)rtnh + RTNH_ALIGN(sizeof(struct rtnexthop)); + + struct rtattr *attr = (struct rtattr *)rtnh_pos; + + attr->rta_type = RTA_GATEWAY; + attr->rta_len = RTA_LENGTH(sizeof(struct in6_addr)); + + struct in6_addr gw; + + inet_pton(AF_INET6, gw_addr, &gw); + memcpy(RTA_DATA(attr), &gw, sizeof(gw)); + + rtnh_pos += RTA_ALIGN(attr->rta_len); + rtnh->rtnh_len = rtnh_pos - (char *)rtnh; + + *pos = rtnh_pos; +} + +struct nlmsghdr *construct_message(char *buf, int nsim_ifindex, int lo_ifindex) +{ + char *pos = buf; + struct nlmsghdr *nlh = construct_header(&pos); + + construct_rtmsg(&pos); + construct_dest(&pos); + + struct rtattr *rta_mp = construct_multipath_hdr(&pos); + + add_nexthop(&pos, nsim_ifindex, GW1); + add_nexthop(&pos, lo_ifindex, GW2); + + rta_mp->rta_len = pos - (char *)rta_mp; + nlh->nlmsg_len = pos - buf; + + return nlh; +} + +int send_nl_msg(struct nlmsghdr *nlh, int socket) +{ + struct iovec iov = { .iov_base = nlh, .iov_len = nlh->nlmsg_len }; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + }; + + if (sendmsg(socket, (struct msghdr *)&msg, 0) < 0) { + fprintf(stderr, "Failed to send message\n"); + return 1; + } + + return 0; +} + +int open_kmsg(void) +{ + int fd = open("/dev/kmsg", O_RDONLY | O_NONBLOCK); + + if (fd < 0) { + fprintf(stderr, "Failed to open kmsg\n"); + return -1; + } + + return fd; +} + +int move_cursor_to_end(int fd) +{ + if (lseek(fd, 0, SEEK_END) == -1) { + fprintf(stderr, "Failed to lseek kmsg\n"); + return -1; + } + + return 0; +} + +int look_for_warn(int kmsg_fd) +{ + char buffer[1024]; + int bytes_read; + int pid = getpid(); + char pid_str[PID_LEN]; + + snprintf(pid_str, PID_LEN, "%d", pid); + + while ((bytes_read = read(kmsg_fd, buffer, sizeof(buffer) - 1)) > 0) { + buffer[bytes_read] = '\0'; + if (strstr(buffer, "WARNING") && strstr(buffer, pid_str)) { + printf("Kernel warning detected\n"); + return 1; + } + } + + return 0; +} + +int main(void) +{ + char *nsim_dev; + int if_lo, if_nsim; + int fd; + int kmsg_fd; + struct nlmsghdr *nlh; + char buf[BUFSIZE]; + + if (get_nsim_dev(&nsim_dev) != 0) + return EXIT_FAILURE; + + sleep(1); // Doesn't work without a delay + + if_lo = if_nametoindex(LO_DEV); + if_nsim = if_nametoindex(nsim_dev); + + if (!if_lo || !if_nsim) { + fprintf(stderr, "Failed to get interface index\n"); + return EXIT_FAILURE; + } + + memset(buf, 0, sizeof(buf)); + nlh = construct_message(buf, if_nsim, if_lo); + + fd = prepare_socket(); + if (fd < 0) { + fprintf(stderr, "Failed to open socket\n"); + close(fd); + return EXIT_FAILURE; + } + + kmsg_fd = open_kmsg(); + if (kmsg_fd < 0) { + fprintf(stderr, "Failed to open kmsg\n"); + close(fd); + return EXIT_FAILURE; + } + + if (move_cursor_to_end(kmsg_fd) < 0) { + fprintf(stderr, "Failed to open kmsg\n"); + close(fd); + close(kmsg_fd); + return EXIT_FAILURE; + } + + if (send_nl_msg(nlh, fd) != 0) { + close(fd); + close(kmsg_fd); + return EXIT_FAILURE; + } + + if (look_for_warn(kmsg_fd) != 0) { + close(fd); + close(kmsg_fd); + return EXIT_FAILURE; + } + + close(kmsg_fd); + close(fd); + return EXIT_SUCCESS; +} -- 2.43.0

1 month, 1 week

2
1
0 0

[PATCH net-next v3 0/8] psp: add a kselftest suite and netdevsim implementation

by Jakub Kicinski

Add a basic test suite for drivers that support PSP. Also, add a PSP implementation in the netdevsim driver. The netdevsim implementation does encapsulation and decapsulation of PSP packets, but no crypto. The tests cover the basic usage of the uapi, and demonstrate key exchange and connection setup. The tests and netdevsim support IPv4 and IPv6. Here is an example run on a system with a CX7 NIC. TAP version 13 1..28 ok 1 psp.data_basic_send_v0_ip4 ok 2 psp.data_basic_send_v0_ip6 ok 3 psp.data_basic_send_v1_ip4 ok 4 psp.data_basic_send_v1_ip6 ok 5 psp.data_basic_send_v2_ip4 # SKIP ('PSP version not supported', 'hdr0-aes-gmac-128') ok 6 psp.data_basic_send_v2_ip6 # SKIP ('PSP version not supported', 'hdr0-aes-gmac-128') ok 7 psp.data_basic_send_v3_ip4 # SKIP ('PSP version not supported', 'hdr0-aes-gmac-256') ok 8 psp.data_basic_send_v3_ip6 # SKIP ('PSP version not supported', 'hdr0-aes-gmac-256') ok 9 psp.data_mss_adjust_ip4 ok 10 psp.data_mss_adjust_ip6 ok 11 psp.dev_list_devices ok 12 psp.dev_get_device ok 13 psp.dev_get_device_bad ok 14 psp.dev_rotate ok 15 psp.dev_rotate_spi ok 16 psp.assoc_basic ok 17 psp.assoc_bad_dev ok 18 psp.assoc_sk_only_conn ok 19 psp.assoc_sk_only_mismatch ok 20 psp.assoc_sk_only_mismatch_tx ok 21 psp.assoc_sk_only_unconn ok 22 psp.assoc_version_mismatch ok 23 psp.assoc_twice ok 24 psp.data_send_bad_key ok 25 psp.data_send_disconnect ok 26 psp.data_stale_key ok 27 psp.removal_device_rx # XFAIL Test only works on netdevsim ok 28 psp.removal_device_bi # XFAIL Test only works on netdevsim # Totals: pass:22 fail:0 xfail:2 xpass:0 skip:4 error:0 # # Responder logs (0): # STDERR: # Set PSP enable on device 1 to 0x3 # Set PSP enable on device 1 to 0x0 v3: - fix netdevsim bugs - rework the skipping - use errno - remove duplicated condition v2: https://lore.kernel.org/20250925211647.3450332-1-daniel.zahka@gmail.com - fix pylint warnings - insert CONFIG_INET_PSP in alphebetical order - use branch to skip all tests - fix compilation error when CONFIG_INET_PSP is not set v1: https://lore.kernel.org/20250924194959.2845473-1-daniel.zahka@gmail.com Jakub Kicinski (8): netdevsim: a basic test PSP implementation selftests: drv-net: base device access API test selftests: drv-net: add PSP responder selftests: drv-net: psp: add basic data transfer and key rotation tests selftests: drv-net: psp: add association tests selftests: drv-net: psp: add connection breaking tests selftests: drv-net: psp: add test for auto-adjusting TCP MSS selftests: drv-net: psp: add tests for destroying devices drivers/net/netdevsim/Makefile | 4 + tools/testing/selftests/drivers/net/Makefile | 10 + drivers/net/netdevsim/netdevsim.h | 27 + drivers/net/netdevsim/netdev.c | 43 +- drivers/net/netdevsim/psp.c | 225 +++++++ net/core/skbuff.c | 1 + .../selftests/drivers/net/psp_responder.c | 483 ++++++++++++++ .../testing/selftests/drivers/net/.gitignore | 1 + tools/testing/selftests/drivers/net/config | 1 + .../drivers/net/hw/lib/py/__init__.py | 4 +- .../selftests/drivers/net/lib/py/__init__.py | 4 +- .../selftests/drivers/net/lib/py/env.py | 4 + tools/testing/selftests/drivers/net/psp.py | 627 ++++++++++++++++++ .../testing/selftests/net/lib/py/__init__.py | 2 +- tools/testing/selftests/net/lib/py/ksft.py | 10 + tools/testing/selftests/net/lib/py/ynl.py | 5 + 16 files changed, 1440 insertions(+), 11 deletions(-) create mode 100644 drivers/net/netdevsim/psp.c create mode 100644 tools/testing/selftests/drivers/net/psp_responder.c create mode 100755 tools/testing/selftests/drivers/net/psp.py -- 2.51.0

1 month, 1 week

4
16
0 0

[PATCH net v5] selftest:net: Fix uninit return values

by Sidharth Seela

Fix functions that return undefined values. These issues were caught by running clang using LLVM=1 option. Clang warnings are as follows: ovpn-cli.c:1587:6: warning: variable 'ret' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized] 1587 | if (!sock) { | ^~~~~ ovpn-cli.c:1635:9: note: uninitialized use occurs here 1635 | return ret; | ^~~ ovpn-cli.c:1587:2: note: remove the 'if' if its condition is always false 1587 | if (!sock) { | ^~~~~~~~~~~~ 1588 | fprintf(stderr, "cannot allocate netlink socket\n"); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1589 | goto err_free; | ~~~~~~~~~~~~~~ 1590 | } | ~ ovpn-cli.c:1584:15: note: initialize the variable 'ret' to silence this warning 1584 | int mcid, ret; | ^ | = 0 ovpn-cli.c:2107:7: warning: variable 'ret' is used uninitialized whenever switch case is taken [-Wsometimes-uninitialized] 2107 | case CMD_INVALID: | ^~~~~~~~~~~ ovpn-cli.c:2111:9: note: uninitialized use occurs here 2111 | return ret; | ^~~ ovpn-cli.c:1939:12: note: initialize the variable 'ret' to silence this warning 1939 | int n, ret; | ^ | Fixes: 959bc330a439 ("testing/selftests: add test tool and scripts for ovpn module") ovpn module") Signed-off-by: Sidharth Seela <sidharthseela(a)gmail.com> --- v5: - Assign -ENOMEM to ret inside if block. - Assign -EINVAL to ret inside case block. v4: - Move changelog below sign-off. - Remove double-hyphens in commit description. v3: - Use prefix net. - Remove so_txtime fix as default case calls error(). - Changelog before sign-off. - Three dashes after sign-off v2: - Use subsystem name "net". - Add fixes tags. - Remove txtimestamp fix as default case calls error. - Assign constant error string instead of NULL. diff --git a/tools/testing/selftests/net/ovpn/ovpn-cli.c b/tools/testing/selftests/net/ovpn/ovpn-cli.c index 9201f2905f2c..8d0f2f61923c 100644 --- a/tools/testing/selftests/net/ovpn/ovpn-cli.c +++ b/tools/testing/selftests/net/ovpn/ovpn-cli.c @@ -1586,6 +1586,7 @@ static int ovpn_listen_mcast(void) sock = nl_socket_alloc(); if (!sock) { fprintf(stderr, "cannot allocate netlink socket\n"); + ret = -ENOMEM; goto err_free; } @@ -2105,6 +2106,7 @@ static int ovpn_run_cmd(struct ovpn_ctx *ovpn) ret = ovpn_listen_mcast(); break; case CMD_INVALID: + ret = -EINVAL; break; } -- 2.47.3

1 month, 1 week

3
3
0 0

[PATCH net v4] selftest:net: Fix uninit return values

by Sidharth Seela

Fix functions that return undefined values. These issues were caught by running clang using LLVM=1 option. Clang warnings are as follows: ovpn-cli.c:1587:6: warning: variable 'ret' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized] 1587 | if (!sock) { | ^~~~~ ovpn-cli.c:1635:9: note: uninitialized use occurs here 1635 | return ret; | ^~~ ovpn-cli.c:1587:2: note: remove the 'if' if its condition is always false 1587 | if (!sock) { | ^~~~~~~~~~~~ 1588 | fprintf(stderr, "cannot allocate netlink socket\n"); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1589 | goto err_free; | ~~~~~~~~~~~~~~ 1590 | } | ~ ovpn-cli.c:1584:15: note: initialize the variable 'ret' to silence this warning 1584 | int mcid, ret; | ^ | = 0 ovpn-cli.c:2107:7: warning: variable 'ret' is used uninitialized whenever switch case is taken [-Wsometimes-uninitialized] 2107 | case CMD_INVALID: | ^~~~~~~~~~~ ovpn-cli.c:2111:9: note: uninitialized use occurs here 2111 | return ret; | ^~~ ovpn-cli.c:1939:12: note: initialize the variable 'ret' to silence this warning 1939 | int n, ret; | ^ | Fixes: 959bc330a439 ("testing/selftests: add test tool and scripts for ovpn module") ovpn module") Signed-off-by: Sidharth Seela <sidharthseela(a)gmail.com> --- v4: - Move changelog below sign-off. - Remove double-hyphens in commit description. v3: - Use prefix net. - Remove so_txtime fix as default case calls error(). - Changelog before sign-off. - Three dashes after sign-off v2: - Use subsystem name "net". - Add fixes tags. - Remove txtimestamp fix as default case calls error. - Assign constant error string instead of NULL. diff --git a/tools/testing/selftests/net/ovpn/ovpn-cli.c b/tools/testing/selftests/net/ovpn/ovpn-cli.c index 9201f2905f2c..20d00378f34a 100644 --- a/tools/testing/selftests/net/ovpn/ovpn-cli.c +++ b/tools/testing/selftests/net/ovpn/ovpn-cli.c @@ -1581,7 +1581,7 @@ static int ovpn_listen_mcast(void) { struct nl_sock *sock; struct nl_cb *cb; - int mcid, ret; + int mcid, ret = -1; sock = nl_socket_alloc(); if (!sock) { @@ -1936,7 +1936,7 @@ static int ovpn_run_cmd(struct ovpn_ctx *ovpn) { char peer_id[10], vpnip[INET6_ADDRSTRLEN], laddr[128], lport[10]; char raddr[128], rport[10]; - int n, ret; + int n, ret = -1; FILE *fp; switch (ovpn->cmd) { -- 2.47.3

1 month, 1 week

2
2
0 0

[PATCH v3 net-next 00/12] AccECN protocol case handling series

by chia-yu.chang＠nokia-bell-labs.com

From: Chia-Yu Chang <chia-yu.chang(a)nokia-bell-labs.com> Hello, Plesae find the v2 AccECN case handling patch series, which covers several excpetional case handling of Accurate ECN spec (RFC9768), adds new identifiers to be used by CC modules, adds ecn_delta into rate_sample, and keeps the ACE counter for computation, etc. This patch series is part of the full AccECN patch series, which is available at https://github.com/L4STeam/linux-net-next/commits/upstream_l4steam/ Best regards, Chia-Yu --- v3: - Add additional min() check if pkts_acked_ewma is not initialized in #1. - Change TCP_CONG_WANTS_ECT_1 into individual flag add helper function INET_ECN_xmit_wants_ect_1() in #3. - Add empty line between variable declarations and code in #4. - Update commit message to fix old AccECN commits in #5. - Remove unnecessary brackets in #10. - Move patch #3 in v2 to a later Prague patch serise and remove patch #13 in v2. --- Chia-Yu Chang (10): tcp: L4S ECT(1) identifier and NEEDS_ACCECN for CC modules tcp: disable RFC3168 fallback identifier for CC modules tcp: accecn: handle unexpected AccECN negotiation feedback tcp: accecn: retransmit downgraded SYN in AccECN negotiation tcp: move increment of num_retrans tcp: accecn: retransmit SYN/ACK without AccECN option or non-AccECN SYN/ACK tcp: accecn: unset ECT if receive or send ACE=0 in AccECN negotiaion tcp: accecn: fallback outgoing half link to non-AccECN tcp: accecn: verify ACE counter in 1st ACK after AccECN negotiation tcp: accecn: enable AccECN Ilpo Järvinen (2): tcp: try to avoid safer when ACKs are thinned gro: flushing when CWR is set negatively affects AccECN .../networking/net_cachelines/tcp_sock.rst | 1 + include/linux/tcp.h | 1 + include/net/inet_ecn.h | 20 ++++- include/net/tcp.h | 32 ++++++- include/net/tcp_ecn.h | 90 +++++++++++++------ net/ipv4/sysctl_net_ipv4.c | 2 +- net/ipv4/tcp.c | 2 + net/ipv4/tcp_cong.c | 10 ++- net/ipv4/tcp_input.c | 49 ++++++++-- net/ipv4/tcp_minisocks.c | 40 ++++++--- net/ipv4/tcp_offload.c | 3 +- net/ipv4/tcp_output.c | 35 +++++--- 12 files changed, 218 insertions(+), 67 deletions(-) -- 2.34.1

1 month, 1 week

3
14
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror