- Linux-kselftest-mirror - lists.linaro.org

[PATCH v5 0/6] KVM: selftests: Improve PMU event filter settings and add test cases

by Jinrong Liang

Hi, This patch series aims to improve the PMU event filter settings with a cleaner and more organized structure and adds several test cases related to PMU event filters. These changes help to ensure that KVM's PMU event filter functions as expected in all supported use cases. Any feedback or suggestions are greatly appreciated. Sincerely, Jinrong Liang Changes log: v5: - Add more x86 properties for Intel PMU; - Designated initializer instead of overwrite all members; (Isaku Yamahata) - PMU event filter invalid flag modified to "KVM_PMU_EVENT_FLAGS_VALID_MASK << 1"; (Isaku Yamahata) - sizeof(bitmap) is modified to "sizeof(bitmap) * 8" to represent the number of bits that can be represented by the bitmap variable. (Isaku Yamahata) Previous: https://lore.kernel.org/kvm/20230717062343.3743-1-cloudliang@tencent.com/T/ Jinrong Liang (6): KVM: selftests: Add x86 properties for Intel PMU in processor.h KVM: selftests: Drop the return of remove_event() KVM: selftests: Introduce __kvm_pmu_event_filter to improved event filter settings KVM: selftests: Add test cases for unsupported PMU event filter input values KVM: selftests: Test if event filter meets expectations on fixed counters KVM: selftests: Test gp event filters don't affect fixed event filters .../selftests/kvm/include/x86_64/processor.h | 5 + .../kvm/x86_64/pmu_event_filter_test.c | 317 ++++++++++++------ 2 files changed, 228 insertions(+), 94 deletions(-) base-commit: 88bb466c9dec4f70d682cf38c685324e7b1b3d60 -- 2.39.3

1 year, 11 months

1
6
0 0

[PATCH v2] kselftest/arm64: Exit streaming mode after collecting signal context

by Mark Brown

When we collect a signal context with one of the SME modes enabled we will have enabled that mode behind the compiler and libc's back so they may issue some instructions not valid in streaming mode, causing spurious failures. For the code prior to issuing the BRK to trigger signal handling we need to stay in streaming mode if we were already there since that's a part of the signal context the caller is trying to collect. Unfortunately this code includes a memset() which is likely to be heavily optimised and is likely to use FP instructions incompatible with streaming mode. We can avoid this happening by open coding the memset(), inserting a volatile assembly statement to avoid the compiler recognising what's being done and doing something in optimisation. This code is not performance critical so the inefficiency should not be an issue. After collecting the context we can simply exit streaming mode, avoiding these issues. Use a full SMSTOP for safety to prevent any issues appearing with ZA. Reported-by: Will Deacon <will(a)kernel.org> Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v2: - Rebase onto v6.5-rc1. - Link to v1: https://lore.kernel.org/r/20230628-arm64-signal-memcpy-fix-v1-1-db3e0300829… --- .../selftests/arm64/signal/test_signals_utils.h | 28 +++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/arm64/signal/test_signals_utils.h b/tools/testing/selftests/arm64/signal/test_signals_utils.h index 222093f51b67..db28409fd44b 100644 --- a/tools/testing/selftests/arm64/signal/test_signals_utils.h +++ b/tools/testing/selftests/arm64/signal/test_signals_utils.h @@ -60,13 +60,28 @@ static __always_inline bool get_current_context(struct tdescr *td, size_t dest_sz) { static volatile bool seen_already; + int i; + char *uc = (char *)dest_uc; assert(td && dest_uc); /* it's a genuine invocation..reinit */ seen_already = 0; td->live_uc_valid = 0; td->live_sz = dest_sz; - memset(dest_uc, 0x00, td->live_sz); + + /* + * This is a memset() but we don't want the compiler to + * optimise it into either instructions or a library call + * which might be incompatible with streaming mode. + */ + for (i = 0; i < td->live_sz; i++) { + asm volatile("nop" + : "+m" (*dest_uc) + : + : "memory"); + uc[i] = 0; + } + td->live_uc = dest_uc; /* * Grab ucontext_t triggering a SIGTRAP. @@ -103,6 +118,17 @@ static __always_inline bool get_current_context(struct tdescr *td, : : "memory"); + /* + * If we were grabbing a streaming mode context then we may + * have entered streaming mode behind the system's back and + * libc or compiler generated code might decide to do + * something invalid in streaming mode, or potentially even + * the state of ZA. Issue a SMSTOP to exit both now we have + * grabbed the state. + */ + if (td->feats_supported & FEAT_SME) + asm volatile("msr S0_3_C4_C6_3, xzr"); + /* * If we get here with seen_already==1 it implies the td->live_uc * context has been used to get back here....this probably means --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230628-arm64-signal-memcpy-fix-7de3b3c8fa10 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 year, 11 months

2
2
0 0

[PATCH v2 0/8] selftests/mm fixes for arm64

by Ryan Roberts

Hi All, This is v2 of my series to clean up mm selftests so that they run correctly on arm64. See [1] for full explanation. Changes Since v1 [1] -------------------- - Patch 1: Explicitly set line buffer mode in ksft_print_header() - Dropped v1 patch 2 (set execute permissions): Andrew has taken this into his branch separately. - Patch 2: Don't compile `soft-dirty` suite for arm64 instead of skipping it at runtime. - Patch 2: Declare fewer tests and skip all of test_softdirty() if soft-dirty is not supported, rather than conditionally marking each check as skipped. - Added Reviewed-by tags: thanks DavidH! - Patch 8: Clarified commit message. [1] https://lore.kernel.org/linux-mm/20230713135440.3651409-1-ryan.roberts@arm.… Thanks, Ryan Ryan Roberts (8): selftests: Line buffer test program's stdout selftests/mm: Skip soft-dirty tests on arm64 selftests/mm: Enable mrelease_test for arm64 selftests/mm: Fix thuge-gen test bugs selftests/mm: va_high_addr_switch should skip unsupported arm64 configs selftests/mm: Make migration test robust to failure selftests/mm: Optionally pass duration to transhuge-stress selftests/mm: Run all tests from run_vmtests.sh tools/testing/selftests/kselftest.h | 9 ++ tools/testing/selftests/kselftest/runner.sh | 7 +- tools/testing/selftests/mm/Makefile | 82 ++++++++++--------- tools/testing/selftests/mm/madv_populate.c | 26 +++++- tools/testing/selftests/mm/migration.c | 14 +++- tools/testing/selftests/mm/mrelease_test.c | 1 + tools/testing/selftests/mm/run_vmtests.sh | 28 ++++++- tools/testing/selftests/mm/settings | 2 +- tools/testing/selftests/mm/thuge-gen.c | 4 +- tools/testing/selftests/mm/transhuge-stress.c | 12 ++- .../selftests/mm/va_high_addr_switch.c | 2 +- 11 files changed, 133 insertions(+), 54 deletions(-) -- 2.25.1

1 year, 11 months

4
21
0 0

[PROBLEM] selftests: net/forwarding/bridge_mdb.sh: 'Command "replace" is unknown, try "bridge mdb help"'

by Mirsad Todorovac

Hi, Consequential to the previous problem report, this one addresses almost the very next test script. The testing environment is the same: 6.5-rc2 vanilla Torvalds tree on Ubuntu 22.04 LTS. The used config is the same, please find it with the bridge_mdb.sh normal and "set -x" output on this link (too large to attach): https://domac.alu.unizg.hr/~mtodorov/linux/selftests/net-forwarding/bridge_… root@defiant:# ./bridge_mdb.sh INFO: # Host entries configuration tests TEST: Common host entries configuration tests (IPv4) [FAIL] Managed to add IPv4 host entry with a filter mode TEST: Common host entries configuration tests (IPv6) [FAIL] Managed to add IPv6 host entry with a filter mode TEST: Common host entries configuration tests (L2) [FAIL] Managed to add L2 host entry with a filter mode INFO: # Port group entries configuration tests - (*, G) Command "replace" is unknown, try "bridge mdb help". TEST: Common port group entries configuration tests (IPv4 (*, G)) [FAIL] Failed to replace IPv4 (*, G) entry Command "replace" is unknown, try "bridge mdb help". TEST: Common port group entries configuration tests (IPv6 (*, G)) [FAIL] Failed to replace IPv6 (*, G) entry Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". RTNETLINK answers: Invalid argument Error: bridge: (*, G) group is already joined by port. Error: bridge: (*, G) group is already joined by port. TEST: IPv4 (*, G) port group entries configuration tests [FAIL] (S, G) entry not created Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". RTNETLINK answers: Invalid argument Error: bridge: (*, G) group is already joined by port. Error: bridge: (*, G) group is already joined by port. TEST: IPv6 (*, G) port group entries configuration tests [FAIL] (S, G) entry not created INFO: # Port group entries configuration tests - (S, G) Command "replace" is unknown, try "bridge mdb help". TEST: Common port group entries configuration tests (IPv4 (S, G)) [FAIL] Failed to replace IPv4 (S, G) entry Command "replace" is unknown, try "bridge mdb help". TEST: Common port group entries configuration tests (IPv6 (S, G)) [FAIL] Failed to replace IPv6 (S, G) entry Error: bridge: (S, G) group is already joined by port. Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". TEST: IPv4 (S, G) port group entries configuration tests [FAIL] Managed to add an entry with a filter mode Error: bridge: (S, G) group is already joined by port. Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". Command "replace" is unknown, try "bridge mdb help". TEST: IPv6 (S, G) port group entries configuration tests [FAIL] "temp" entry has an unpending group timer INFO: # Port group entries configuration tests - L2 Command "replace" is unknown, try "bridge mdb help". TEST: Common port group entries configuration tests (L2 (*, G)) [FAIL] Failed to replace L2 (*, G) entry TEST: L2 (*, G) port group entries configuration tests [FAIL] Managed to add an entry with a filter mode INFO: # Large scale dump tests TEST: IPv4 large scale dump tests [ OK ] TEST: IPv6 large scale dump tests [ OK ] TEST: L2 large scale dump tests [ OK ] INFO: # Forwarding tests Error: bridge: Group is already joined by host. TEST: IPv4 host entries forwarding tests [FAIL] Packet not locally received after adding a host entry Error: bridge: Group is already joined by host. TEST: IPv6 host entries forwarding tests [FAIL] Packet locally received after flood TEST: L2 host entries forwarding tests [FAIL] Packet not locally received after flood Command "replace" is unknown, try "bridge mdb help". TEST: IPv4 port group "exclude" entries forwarding tests [FAIL] Packet from valid source not received on H2 after adding entry Command "replace" is unknown, try "bridge mdb help". TEST: IPv6 port group "exclude" entries forwarding tests [FAIL] Packet from invalid source received on H2 after adding entry Command "replace" is unknown, try "bridge mdb help". TEST: IPv4 port group "include" entries forwarding tests [FAIL] Packet from valid source not received on H2 after adding entry Command "replace" is unknown, try "bridge mdb help". TEST: IPv6 port group "include" entries forwarding tests [FAIL] Packet from invalid source received on H2 after adding entry TEST: L2 port entries forwarding tests [ OK ] INFO: # Control packets tests Command "replace" is unknown, try "bridge mdb help". TEST: IGMPv3 MODE_IS_INCLUDE tests [FAIL] Source not add to source list Command "replace" is unknown, try "bridge mdb help". TEST: MLDv2 MODE_IS_INCLUDE tests [FAIL] Source not add to source list root@defiant:# bridge mdb show root@defiant:# NOTE that several "sleep 10" command looped in the script can easily exceed the default timeout of 45 seconds, and SIGTERM to the script isn't processed, so it leaves the system in an unpredictable state from which even "systemctl restart networking" didn't bail out. Setting tools/testing/selftests/net/forwarding/settings:timeout=150 seemed enough. Best regards, Mirsad Todorovac

1 year, 11 months

2
2
0 0

[PATCH v2 bpf-next 0/4] allow bpf_map_sum_elem_count for all program types

by Anton Protopopov

This series is a follow up to the recent change [1] which added per-cpu insert/delete statistics for maps. The bpf_map_sum_elem_count kfunc presented in the original series was only available to tracing programs, so let's make it available to all. The first patch makes types listed in the reg2btf_ids[] array to be considered trusted by kfuncs. The second patch allows to treat CONST_PTR_TO_MAP as trusted pointers from kfunc's point of view by adding it to the reg2btf_ids[] array. The third patch adds missing const to the map argument of the bpf_map_sum_elem_count kfunc. The fourth patch registers the bpf_map_sum_elem_count for all programs, and patches selftests correspondingly. [1] https://lore.kernel.org/bpf/20230705160139.19967-1-aspsk@isovalent.com/ v1 -> v2: * treat the whole reg2btf_ids array as trusted (Alexei) Anton Protopopov (4): bpf: consider types listed in reg2btf_ids as trusted bpf: consider CONST_PTR_TO_MAP as trusted pointer to struct bpf_map bpf: make an argument const in the bpf_map_sum_elem_count kfunc bpf: allow any program to use the bpf_map_sum_elem_count kfunc include/linux/btf_ids.h | 1 + kernel/bpf/map_iter.c | 7 +++--- kernel/bpf/verifier.c | 22 +++++++++++-------- .../selftests/bpf/progs/map_ptr_kern.c | 5 +++++ 4 files changed, 22 insertions(+), 13 deletions(-) -- 2.34.1

1 year, 11 months

2
5
0 0

[PATCH v2 1/3] bpf: Allow NULL buffers in bpf_dynptr_slice(_rw)

by Daniel Rosenberg

bpf_dynptr_slice(_rw) uses a user provided buffer if it can not provide a pointer to a block of contiguous memory. This buffer is unused in the case of local dynptrs, and may be unused in other cases as well. There is no need to require the buffer, as the kfunc can just return NULL if it was needed and not provided. This adds another kfunc annotation, __opt, which combines with __sz and __szk to allow the buffer associated with the size to be NULL. If the buffer is NULL, the verifier does not check that the buffer is of sufficient size. Signed-off-by: Daniel Rosenberg <drosen(a)google.com> --- Documentation/bpf/kfuncs.rst | 23 ++++++++++++++++++++++- include/linux/skbuff.h | 2 +- kernel/bpf/helpers.c | 30 ++++++++++++++++++------------ kernel/bpf/verifier.c | 17 +++++++++++++---- 4 files changed, 54 insertions(+), 18 deletions(-) diff --git a/Documentation/bpf/kfuncs.rst b/Documentation/bpf/kfuncs.rst index ea2516374d92..7a3d9de5f315 100644 --- a/Documentation/bpf/kfuncs.rst +++ b/Documentation/bpf/kfuncs.rst @@ -100,7 +100,7 @@ Hence, whenever a constant scalar argument is accepted by a kfunc which is not a size parameter, and the value of the constant matters for program safety, __k suffix should be used. -2.2.2 __uninit Annotation +2.2.3 __uninit Annotation ------------------------- This annotation is used to indicate that the argument will be treated as @@ -117,6 +117,27 @@ Here, the dynptr will be treated as an uninitialized dynptr. Without this annotation, the verifier will reject the program if the dynptr passed in is not initialized. +2.2.4 __opt Annotation +------------------------- + +This annotation is used to indicate that the buffer associated with an __sz or __szk +argument may be null. If the function is passed a nullptr in place of the buffer, +the verifier will not check that length is appropriate for the buffer. The kfunc is +responsible for checking if this buffer is null before using it. + +An example is given below:: + + __bpf_kfunc void *bpf_dynptr_slice(..., void *buffer__opt, u32 buffer__szk) + { + ... + } + +Here, the buffer may be null. If buffer is not null, it at least of size buffer_szk. +Either way, the returned buffer is either NULL, or of size buffer_szk. Without this +annotation, the verifier will reject the program if a null pointer is passed in with +a nonzero size. + + .. _BPF_kfunc_nodef: 2.3 Using an existing kernel function diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 738776ab8838..8ddb4af1a501 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -4033,7 +4033,7 @@ __skb_header_pointer(const struct sk_buff *skb, int offset, int len, if (likely(hlen - offset >= len)) return (void *)data + offset; - if (!skb || unlikely(skb_copy_bits(skb, offset, buffer, len) < 0)) + if (!skb || !buffer || unlikely(skb_copy_bits(skb, offset, buffer, len) < 0)) return NULL; return buffer; diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index 8d368fa353f9..26efb6fbeab2 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -2167,13 +2167,15 @@ __bpf_kfunc struct task_struct *bpf_task_from_pid(s32 pid) * bpf_dynptr_slice() - Obtain a read-only pointer to the dynptr data. * @ptr: The dynptr whose data slice to retrieve * @offset: Offset into the dynptr - * @buffer: User-provided buffer to copy contents into - * @buffer__szk: Size (in bytes) of the buffer. This is the length of the - * requested slice. This must be a constant. + * @buffer__opt: User-provided buffer to copy contents into. May be NULL + * @buffer__szk: Size (in bytes) of the buffer if present. This is the + * length of the requested slice. This must be a constant. * * For non-skb and non-xdp type dynptrs, there is no difference between * bpf_dynptr_slice and bpf_dynptr_data. * + * If buffer__opt is NULL, the call will fail if buffer_opt was needed. + * * If the intention is to write to the data slice, please use * bpf_dynptr_slice_rdwr. * @@ -2190,7 +2192,7 @@ __bpf_kfunc struct task_struct *bpf_task_from_pid(s32 pid) * direct pointer) */ __bpf_kfunc void *bpf_dynptr_slice(const struct bpf_dynptr_kern *ptr, u32 offset, - void *buffer, u32 buffer__szk) + void *buffer__opt, u32 buffer__szk) { enum bpf_dynptr_type type; u32 len = buffer__szk; @@ -2210,15 +2212,17 @@ __bpf_kfunc void *bpf_dynptr_slice(const struct bpf_dynptr_kern *ptr, u32 offset case BPF_DYNPTR_TYPE_RINGBUF: return ptr->data + ptr->offset + offset; case BPF_DYNPTR_TYPE_SKB: - return skb_header_pointer(ptr->data, ptr->offset + offset, len, buffer); + return skb_header_pointer(ptr->data, ptr->offset + offset, len, buffer__opt); case BPF_DYNPTR_TYPE_XDP: { void *xdp_ptr = bpf_xdp_pointer(ptr->data, ptr->offset + offset, len); if (xdp_ptr) return xdp_ptr; - bpf_xdp_copy_buf(ptr->data, ptr->offset + offset, buffer, len, false); - return buffer; + if (!buffer__opt) + return NULL; + bpf_xdp_copy_buf(ptr->data, ptr->offset + offset, buffer__opt, len, false); + return buffer__opt; } default: WARN_ONCE(true, "unknown dynptr type %d\n", type); @@ -2230,13 +2234,15 @@ __bpf_kfunc void *bpf_dynptr_slice(const struct bpf_dynptr_kern *ptr, u32 offset * bpf_dynptr_slice_rdwr() - Obtain a writable pointer to the dynptr data. * @ptr: The dynptr whose data slice to retrieve * @offset: Offset into the dynptr - * @buffer: User-provided buffer to copy contents into - * @buffer__szk: Size (in bytes) of the buffer. This is the length of the - * requested slice. This must be a constant. + * @buffer__opt: User-provided buffer to copy contents into. May be NULL + * @buffer__szk: Size (in bytes) of the buffer if present. This is the + * length of the requested slice. This must be a constant. * * For non-skb and non-xdp type dynptrs, there is no difference between * bpf_dynptr_slice and bpf_dynptr_data. * + * If buffer__opt is NULL, the call will fail if buffer_opt was needed. + * * The returned pointer is writable and may point to either directly the dynptr * data at the requested offset or to the buffer if unable to obtain a direct * data pointer to (example: the requested slice is to the paged area of an skb @@ -2267,7 +2273,7 @@ __bpf_kfunc void *bpf_dynptr_slice(const struct bpf_dynptr_kern *ptr, u32 offset * direct pointer) */ __bpf_kfunc void *bpf_dynptr_slice_rdwr(const struct bpf_dynptr_kern *ptr, u32 offset, - void *buffer, u32 buffer__szk) + void *buffer__opt, u32 buffer__szk) { if (!ptr->data || bpf_dynptr_is_rdonly(ptr)) return NULL; @@ -2294,7 +2300,7 @@ __bpf_kfunc void *bpf_dynptr_slice_rdwr(const struct bpf_dynptr_kern *ptr, u32 o * will be copied out into the buffer and the user will need to call * bpf_dynptr_write() to commit changes. */ - return bpf_dynptr_slice(ptr, offset, buffer, buffer__szk); + return bpf_dynptr_slice(ptr, offset, buffer__opt, buffer__szk); } __bpf_kfunc void *bpf_cast_to_kern_ctx(void *obj) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index fbcf5a4e2fcd..708ae7bca1fe 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -9398,6 +9398,11 @@ static bool is_kfunc_arg_const_mem_size(const struct btf *btf, return __kfunc_param_match_suffix(btf, arg, "__szk"); } +static bool is_kfunc_arg_optional(const struct btf *btf, const struct btf_param *arg) +{ + return __kfunc_param_match_suffix(btf, arg, "__opt"); +} + static bool is_kfunc_arg_constant(const struct btf *btf, const struct btf_param *arg) { return __kfunc_param_match_suffix(btf, arg, "__k"); @@ -10464,13 +10469,17 @@ static int check_kfunc_args(struct bpf_verifier_env *env, struct bpf_kfunc_call_ break; case KF_ARG_PTR_TO_MEM_SIZE: { + struct bpf_reg_state *buff_reg = &regs[regno]; + const struct btf_param *buff_arg = &args[i]; struct bpf_reg_state *size_reg = &regs[regno + 1]; const struct btf_param *size_arg = &args[i + 1]; - ret = check_kfunc_mem_size_reg(env, size_reg, regno + 1); - if (ret < 0) { - verbose(env, "arg#%d arg#%d memory, len pair leads to invalid memory access\n", i, i + 1); - return ret; + if (!register_is_null(buff_reg) || !is_kfunc_arg_optional(meta->btf, buff_arg)) { + ret = check_kfunc_mem_size_reg(env, size_reg, regno + 1); + if (ret < 0) { + verbose(env, "arg#%d arg#%d memory, len pair leads to invalid memory access\n", i, i + 1); + return ret; + } } if (is_kfunc_arg_const_mem_size(meta->btf, size_arg, size_reg)) { base-commit: 6e98b09da931a00bf4e0477d0fa52748bf28fcce -- 2.40.1.495.gc816e09b53d-goog

1 year, 11 months

5
17
0 0

[PATCH 00/35] arm64/gcs: Provide support for GCS at EL0

by Mark Brown

The arm64 Guarded Control Stack (GCS) feature provides support for hardware protected stacks of return addresses, intended to provide hardening against return oriented programming (ROP) attacks and to make it easier to gather call stacks for applications such as profiling. When GCS is active a secondary stack called the Guarded Control Stack is maintained, protected with a memory attribute which means that it can only be written with specific GCS operations. When a BL is executed the value stored in LR is also pushed onto the GCS, and when a RET is executed the top of the GCS is popped and compared to LR with a fault being raised if the values do not match. GCS operations may only be performed on GCS pages, a data abort is generated if they are not. This series implements support for use of GCS by EL0, along with support for use of GCS within KVM guests. It does not enable use of GCS by either EL1 or EL2. Executables are started without GCS and must use a prctl() to enable it, it is expected that this will be done very early in application execution by the dynamic linker or other startup code. x86 has an equivalent feature called shadow stacks, this series depends on the x86 patches for generic memory management support for the new guarded/shadow stack page type and shares APIs as much as possible. As there has been extensive discussion with the wider community around the ABI for shadow stacks I have as far as practical kept implementation decisions close to those for x86, anticipating that review would lead to similar conclusions in the absence of strong reasoning for divergence. The main divergence I am concious of is that x86 allows shadow stack to be enabled and disabled repeatedly, freeing the shadow stack for the thread whenever disabled, while this implementation keeps the GCS allocated after disable but refuses to reenable it. This is to avoid races with things actively walking the GCS during a disable, we do anticipate that some systems will wish to disable GCS at runtime but are not aware of any demand for subsequently reenabling it. x86 uses an arch_prctl() to manage enable and disable, since only x86 and S/390 use arch_prctl() a generic prctl() was proposed[1] as part of a patch set for the equivalent RISC-V zisslpcfi feature which is adopted with some enhancements here. There's a few bits where I'm not convinced with where I've placed things, in particular the GCS write operation is in the GCS header not in uaccess.h, I wasn't sure what was clearest there and am probably too close to the code to have a clear opinion. The series depends on the x86 shadow stack support: https://lore.kernel.org/lkml/20230227222957.24501-1-rick.p.edgecombe@intel.… I've rebased this onto v6.5-rc1 but not included it in the series in order to avoid confusion with Rick's work and cut down the size of the series, you can see the branch at: https://git.kernel.org/pub/scm/linux/kernel/git/broonie/misc.git arm64-gcs [1] https://lore.kernel.org/lkml/20230213045351.3945824-1-debug@rivosinc.com/ Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Deepak Gupta (1): prctl: arch-agnostic prctl for shadow stack Mark Brown (34): prctl: Add flag for shadow stack writeability and push/pop arm64: Document boot requirements for Guarded Control Stacks arm64/gcs: Document the ABI for Guarded Control Stacks arm64/sysreg: Add new system registers for GCS arm64/sysreg: Add definitions for architected GCS caps arm64/gcs: Add manual encodings of GCS instructions arm64/gcs: Provide copy_to_user_gcs() arm64/cpufeature: Runtime detection of Guarded Control Stack (GCS) arm64/mm: Allocate PIE slots for EL0 guarded control stack mm: Define VM_SHADOW_STACK for arm64 when we support GCS arm64/mm: Map pages for guarded control stack KVM: arm64: Manage GCS registers for guests arm64: Disable traps for GCS usage at EL0 and EL1 arm64/idreg: Add overrride for GCS arm64/hwcap: Add hwcap for GCS arm64/traps: Handle GCS exceptions arm64/mm: Handle GCS data aborts arm64/gcs: Context switch GCS registers for EL0 arm64/gcs: Allocate a new GCS for threads with GCS enabled arm64/gcs: Implement shadow stack prctl() interface arm64/mm: Implement map_shadow_stack() arm64/signal: Set up and restore the GCS context for signal handlers arm64/signal: Expose GCS state in signal frames arm64/ptrace: Expose GCS via ptrace and core files arm64: Add Kconfig for Guarded Control Stack (GCS) kselftest/arm64: Verify the GCS hwcap kselftest/arm64: Add GCS as a detected feature in the signal tests kselftest/arm64: Add framework support for GCS to signal handling tests kselftest/arm64: Allow signals tests to specify an expected si_code kselftest/arm64: Always run signals tests with GCS enabled kselftest/arm64: Add very basic GCS test program kselftest/arm64: Add a GCS test program built with the system libc selftests/arm64: Add GCS signal tests kselftest/arm64: Enable GCS for the FP stress tests Documentation/admin-guide/kernel-parameters.txt | 3 + Documentation/arch/arm64/booting.rst | 22 ++ Documentation/arch/arm64/elf_hwcaps.rst | 3 + Documentation/arch/arm64/gcs.rst | 216 +++++++++++++ Documentation/arch/arm64/index.rst | 1 + Documentation/filesystems/proc.rst | 2 +- arch/arm64/Kconfig | 19 ++ arch/arm64/include/asm/cpufeature.h | 6 + arch/arm64/include/asm/el2_setup.h | 9 + arch/arm64/include/asm/esr.h | 26 +- arch/arm64/include/asm/exception.h | 2 + arch/arm64/include/asm/gcs.h | 88 ++++++ arch/arm64/include/asm/hwcap.h | 1 + arch/arm64/include/asm/kvm_host.h | 12 + arch/arm64/include/asm/pgtable-prot.h | 14 +- arch/arm64/include/asm/processor.h | 6 + arch/arm64/include/asm/sysreg.h | 20 ++ arch/arm64/include/asm/uaccess.h | 42 +++ arch/arm64/include/uapi/asm/hwcap.h | 1 + arch/arm64/include/uapi/asm/ptrace.h | 7 + arch/arm64/include/uapi/asm/sigcontext.h | 9 + arch/arm64/kernel/cpufeature.c | 23 ++ arch/arm64/kernel/cpuinfo.c | 1 + arch/arm64/kernel/entry-common.c | 23 ++ arch/arm64/kernel/idreg-override.c | 2 + arch/arm64/kernel/process.c | 77 +++++ arch/arm64/kernel/ptrace.c | 50 +++ arch/arm64/kernel/signal.c | 240 +++++++++++++- arch/arm64/kernel/traps.c | 11 + arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 17 + arch/arm64/kvm/sys_regs.c | 22 ++ arch/arm64/mm/Makefile | 1 + arch/arm64/mm/fault.c | 75 ++++- arch/arm64/mm/gcs.c | 202 ++++++++++++ arch/arm64/mm/mmap.c | 17 +- arch/arm64/tools/cpucaps | 1 + arch/arm64/tools/sysreg | 55 ++++ fs/proc/task_mmu.c | 3 + include/linux/mm.h | 15 +- include/linux/syscalls.h | 1 + include/uapi/asm-generic/unistd.h | 5 +- include/uapi/linux/elf.h | 1 + include/uapi/linux/prctl.h | 19 ++ kernel/sys.c | 20 ++ kernel/sys_ni.c | 1 + tools/testing/selftests/arm64/Makefile | 2 +- tools/testing/selftests/arm64/abi/hwcap.c | 19 ++ tools/testing/selftests/arm64/fp/assembler.h | 15 + tools/testing/selftests/arm64/fp/fpsimd-test.S | 2 + tools/testing/selftests/arm64/fp/sve-test.S | 2 + tools/testing/selftests/arm64/fp/za-test.S | 2 + tools/testing/selftests/arm64/fp/zt-test.S | 2 + tools/testing/selftests/arm64/gcs/.gitignore | 2 + tools/testing/selftests/arm64/gcs/Makefile | 19 ++ tools/testing/selftests/arm64/gcs/basic-gcs.c | 350 +++++++++++++++++++++ tools/testing/selftests/arm64/gcs/gcs-util.h | 65 ++++ tools/testing/selftests/arm64/gcs/libc-gcs.c | 217 +++++++++++++ tools/testing/selftests/arm64/signal/.gitignore | 1 + .../testing/selftests/arm64/signal/test_signals.c | 17 +- .../testing/selftests/arm64/signal/test_signals.h | 6 + .../selftests/arm64/signal/test_signals_utils.c | 32 +- .../selftests/arm64/signal/test_signals_utils.h | 39 +++ .../arm64/signal/testcases/gcs_exception_fault.c | 59 ++++ .../selftests/arm64/signal/testcases/gcs_frame.c | 78 +++++ .../arm64/signal/testcases/gcs_write_fault.c | 67 ++++ .../selftests/arm64/signal/testcases/testcases.c | 7 + .../selftests/arm64/signal/testcases/testcases.h | 1 + 67 files changed, 2363 insertions(+), 32 deletions(-) --- base-commit: 023ee2d672f3d7c2d15acf62bcfc4bc49c3677e5 change-id: 20230303-arm64-gcs-e311ab0d8729 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 year, 11 months

5
50
0 0

[PATCH v2 0/5] ASoC: Improve coverage in default KUnit runs

by Mark Brown

We have some KUnit tests for ASoC but they're not being run as much as they should be since ASoC isn't enabled in the configs used by default with KUnit and in the case of the topology tests there is no way to enable them without enabling drivers that use them. This series provides a Kconfig option which KUnit can use directly rather than worry about drivers. Further, since KUnit is typically run in UML but ALSA prevents build with UML we need to remove that Kconfig conflict. As far as I can tell the motiviation for this is that many ALSA drivers use iomem APIs which are not available under UML and it's more trouble than it's worth to go through and add per driver dependencies. In order to avoid these issues we also provide stubs for these APIs so there are no build time issues if a driver relies on iomem but does not depend on it. With these stubs I am able to build all the sound drivers available in a UML defconfig (UML allmodconfig appears to have substantial other issues in a quick test). With this series I am able to run the topology KUnit tests as part of a kunit --alltests run. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v2: - Add support for building ALSA with UML. - Link to v1: https://lore.kernel.org/r/20230712-asoc-topology-kunit-enable-v1-0-b9f2da9d… --- Mark Brown (5): driver core: Provide stubs for !IOMEM builds platform: Provide stubs for !HAS_IOMEM builds ALSA: Enable build with UML kunit: Enable ASoC in all_tests.config ASoC: topology: Add explicit build option include/linux/device.h | 26 ++++++++++++++++++++++++++ include/linux/platform_device.h | 28 ++++++++++++++++++++++++++++ sound/Kconfig | 4 ---- sound/soc/Kconfig | 11 +++++++++++ tools/testing/kunit/configs/all_tests.config | 5 +++++ 5 files changed, 70 insertions(+), 4 deletions(-) --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230701-asoc-topology-kunit-enable-5e8dd50d0ed7 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 year, 11 months

4
14
0 0

[PATCH 0/2] ASoC: Improve coverage in default KUnit runs

by Mark Brown

We have some KUnit tests for ASoC but they're not being run as much as they should be since ASoC isn't enabled in the configs used by default with KUnit and in the case of the topolofy tests there is no way to enable them without enabling drivers that use them. Let's improve that. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Mark Brown (2): kunit: Enable ASoC in all_tests.config ASoC: topology: Add explicit build option sound/soc/Kconfig | 11 +++++++++++ tools/testing/kunit/configs/all_tests.config | 5 +++++ 2 files changed, 16 insertions(+) --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230701-asoc-topology-kunit-enable-5e8dd50d0ed7 Best regards, -- Mark Brown <broonie(a)kernel.org>

1 year, 11 months

2
6
0 0

[PATCH net-next 0/4] nexthop: Refactor and fix nexthop selection for multipath routes

by Benjamin Poirier

In order to select a nexthop for multipath routes, fib_select_multipath() is used with legacy nexthops and nexthop_select_path_hthr() is used with nexthop objects. Those two functions perform a validity test on the neighbor related to each nexthop but their logic is structured differently. This causes a divergence in behavior and nexthop_select_path_hthr() may return a nexthop that failed the neighbor validity test even if there was one that passed. Refactor nexthop_select_path_hthr() to make it more similar to fib_select_multipath() and fix the problem mentioned above. Benjamin Poirier (4): nexthop: Factor out hash threshold fdb nexthop selection nexthop: Factor out neighbor validity check nexthop: Do not return invalid nexthop object during multipath selection selftests: net: Add test cases for nexthop groups with invalid neighbors net/ipv4/nexthop.c | 64 +++++++--- tools/testing/selftests/net/fib_nexthops.sh | 129 ++++++++++++++++++++ 2 files changed, 174 insertions(+), 19 deletions(-) -- 2.40.1

1 year, 11 months

3
10
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror