- Linux-kselftest-mirror - lists.linaro.org

[PATCH bpf-next v3 0/7] Add SO_REUSEPORT support for TC bpf_sk_assign

by Lorenz Bauer

We want to replace iptables TPROXY with a BPF program at TC ingress. To make this work in all cases we need to assign a SO_REUSEPORT socket to an skb, which is currently prohibited. This series adds support for such sockets to bpf_sk_assing. I did some refactoring to cut down on the amount of duplicate code. The key to this is to use INDIRECT_CALL in the reuseport helpers. To show that this approach is not just beneficial to TC sk_assign I removed duplicate code for bpf_sk_lookup as well. Changes from v1: - Correct commit abbrev length (Kuniyuki) - Reduce duplication (Kuniyuki) - Add checks on sk_state (Martin) - Split exporting inet[6]_lookup_reuseport into separate patch (Eric) Joint work with Daniel Borkmann. Signed-off-by: Lorenz Bauer <lmb(a)isovalent.com> --- Changes in v3: - Fix warning re udp_ehashfn and udp6_ehashfn (Simon) - Return higher scoring connected UDP reuseport sockets (Kuniyuki) - Fix ipv6 module builds - Link to v2: https://lore.kernel.org/r/20230613-so-reuseport-v2-0-b7c69a342613@isovalent… --- Daniel Borkmann (1): selftests/bpf: Test that SO_REUSEPORT can be used with sk_assign helper Lorenz Bauer (6): udp: re-score reuseport groups when connected sockets are present net: export inet_lookup_reuseport and inet6_lookup_reuseport net: document inet[6]_lookup_reuseport sk_state requirements net: remove duplicate reuseport_lookup functions net: remove duplicate sk_lookup helpers bpf, net: Support SO_REUSEPORT sockets with bpf_sk_assign include/net/inet6_hashtables.h | 84 ++++++++- include/net/inet_hashtables.h | 77 +++++++- include/net/sock.h | 7 +- include/net/udp.h | 8 + include/uapi/linux/bpf.h | 3 - net/core/filter.c | 2 - net/ipv4/inet_hashtables.c | 70 +++++--- net/ipv4/udp.c | 88 ++++----- net/ipv6/inet6_hashtables.c | 73 +++++--- net/ipv6/udp.c | 98 ++++------ tools/include/uapi/linux/bpf.h | 3 - tools/testing/selftests/bpf/network_helpers.c | 3 + .../selftests/bpf/prog_tests/assign_reuse.c | 197 +++++++++++++++++++++ .../selftests/bpf/progs/test_assign_reuse.c | 142 +++++++++++++++ 14 files changed, 676 insertions(+), 179 deletions(-) --- base-commit: 970308a7b544fa1c7ee98a2721faba3765be8dd8 change-id: 20230613-so-reuseport-e92c526173ee Best regards, -- Lorenz Bauer <lmb(a)isovalent.com>

2 years

3
16
0 0

[PATCH] selftests: timers: set-timer-lat: Remove unneeded semicolon

by baomingtong001＠208suo.com

./tools/testing/selftests/timers/set-timer-lat.c:83:2-3: Unneeded semicolon Signed-off-by: Mingtong Bao <baomingtong001(a)208suo.com> --- tools/testing/selftests/timers/set-timer-lat.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/timers/set-timer-lat.c b/tools/testing/selftests/timers/set-timer-lat.c index 50da45437daa..d60bbcad487f 100644 --- a/tools/testing/selftests/timers/set-timer-lat.c +++ b/tools/testing/selftests/timers/set-timer-lat.c @@ -80,7 +80,7 @@ char *clockstring(int clockid) return "CLOCK_BOOTTIME_ALARM"; case CLOCK_TAI: return "CLOCK_TAI"; - }; + } return "UNKNOWN_CLOCKID"; } -- 2.40.1

2 years

2
1
0 0

[PATCH v3 0/9] cgroup/cpuset: Support remote partitions

by Waiman Long

v3: - [v2] https://lore.kernel.org/lkml/20230531163405.2200292-1-longman@redhat.com/ - Change the new control file from root-only "cpuset.cpus.reserve" to non-root "cpuset.cpus.exclusive" which lists the set of exclusive CPUs distributed down the hierarchy. - Add a patch to restrict boot-time isolated CPUs to isolated partitions only. - Update the test_cpuset_prs.sh test script and documentation accordingly. v2: - [v1] https://lore.kernel.org/lkml/20230412153758.3088111-1-longman@redhat.com/ - Dropped the special "isolcpus" partition in v1 - Add the root only "cpuset.cpus.reserve" control file for reserving CPUs used for remote isolated partitions. - Update the test_cpuset_prs.sh test script and documentation accordingly. This patch series introduces a new cpuset control file "cpuset.cpus.exclusive" which must be a subset of "cpuset.cpus" and the parent's "cpuset.cpus.exclusive". This control file lists the exclusive CPUs to be distributed down the hierarchy. Any one of the exclusive CPUs can only be distributed to at most one child cpuset. Unlike "cpuset.cpus", invalid input to "cpuset.cpus.exclusive" will be rejected with an error. This new control file has no effect on the behavior of the cpuset until it turns into a partition root. At that point, its effective CPUs will be set to its exclusive CPUs unless some of them are offline. This patch series also introduces a new category of cpuset partition called remote partitions. The existing partition category where the partition roots have to be clustered around the root cgroup in a hierarchical way is now referred to as local partitions. A remote partition can be formed far from the root cgroup with no partition root parent. While local partitions can be created without touching "cpuset.cpus.exclusive" as it can be set automatically if a cpuset becomes a local partition root. Properly set "cpuset.cpus.exclusive" values down the hierarchy are required to create a remote partition. Both scheduling and isolated partitions can be formed in a remote partition. A local partition can be created under a remote partition. A remote partition, however, cannot be formed under a local partition for now. Modern container orchestration tools like Kubernetes use the cgroup hierarchy to manage different containers. And it is relying on other middleware like systemd to help managing it. If a container needs to use isolated CPUs, it is hard to get those with the local partitions as it will require the administrative parent cgroup to be a partition root too which tool like systemd may not be ready to manage. With this patch series, we allow the creation of remote partition far from the root. The container management tool can manage the "cpuset.cpus.exclusive" file without impacting the other cpuset files that are managed by other middlewares. Of course, invalid "cpuset.cpus.exclusive" values will be rejected and changes to "cpuset.cpus" can affect the value of "cpuset.cpus.exclusive" due to the requirement that it has to be a subset of the former control file. Waiman Long (9): cgroup/cpuset: Inherit parent's load balance state in v2 cgroup/cpuset: Extract out CS_CPU_EXCLUSIVE & CS_SCHED_LOAD_BALANCE handling cgroup/cpuset: Improve temporary cpumasks handling cgroup/cpuset: Allow suppression of sched domain rebuild in update_cpumasks_hier() cgroup/cpuset: Add cpuset.cpus.exclusive for v2 cgroup/cpuset: Introduce remote partition cgroup/cpuset: Check partition conflict with housekeeping setup cgroup/cpuset: Documentation update for partition cgroup/cpuset: Extend test_cpuset_prs.sh to test remote partition Documentation/admin-guide/cgroup-v2.rst | 100 +- kernel/cgroup/cpuset.c | 1352 ++++++++++++----- .../selftests/cgroup/test_cpuset_prs.sh | 398 +++-- 3 files changed, 1297 insertions(+), 553 deletions(-) -- 2.31.1

2 years

2
11
0 0

[linux-next:master] BUILD REGRESSION 60e7c4a25da68cd826719b685babbd23e73b85b0

by kernel test robot

tree/branch: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master branch HEAD: 60e7c4a25da68cd826719b685babbd23e73b85b0 Add linux-next specific files for 20230626 Error/Warning reports: https://lore.kernel.org/oe-kbuild-all/202306122223.HHER4zOo-lkp@intel.com https://lore.kernel.org/oe-kbuild-all/202306262024.HUr6WfyW-lkp@intel.com Error/Warning: (recently discovered and may have been fixed) arch/parisc/kernel/pdt.c:66:6: warning: no previous prototype for 'arch_report_meminfo' [-Wmissing-prototypes] drivers/char/mem.c:164:25: error: implicit declaration of function 'unxlate_dev_mem_ptr'; did you mean 'xlate_dev_mem_ptr'? [-Werror=implicit-function-declaration] drivers/gpu/drm/i915/display/intel_display_power.h:255:70: error: declaration of 'struct seq_file' will not be visible outside of this function [-Werror,-Wvisibility] drivers/gpu/drm/i915/display/intel_display_power.h:256:70: error: declaration of 'struct seq_file' will not be visible outside of this function [-Werror,-Wvisibility] lib/kunit/executor_test.c:138:4: warning: cast from 'void (*)(const void *)' to 'kunit_action_t *' (aka 'void (*)(void *)') converts to incompatible function type [-Wcast-function-type-strict] lib/kunit/test.c:775:38: warning: cast from 'void (*)(const void *)' to 'kunit_action_t *' (aka 'void (*)(void *)') converts to incompatible function type [-Wcast-function-type-strict] Unverified Error/Warning (likely false positive, please contact us if interested): drivers/usb/cdns3/cdns3-starfive.c:23: warning: expecting prototype for cdns3(). Prototype was for USB_STRAP_HOST() instead fs/btrfs/volumes.c:6407 btrfs_map_block() error: we previously assumed 'mirror_num_ret' could be null (see line 6244) lib/kunit/test.c:336 __kunit_abort() warn: ignoring unreachable code. {standard input}: Error: local label `"2" (instance number 9 of a fb label)' is not defined {standard input}:1097: Error: pcrel too far Error/Warning ids grouped by kconfigs: gcc_recent_errors |-- i386-randconfig-m021-20230625 | `-- fs-btrfs-volumes.c-btrfs_map_block()-error:we-previously-assumed-mirror_num_ret-could-be-null-(see-line-) |-- parisc-allyesconfig | `-- arch-parisc-kernel-pdt.c:warning:no-previous-prototype-for-arch_report_meminfo |-- parisc-defconfig | `-- arch-parisc-kernel-pdt.c:warning:no-previous-prototype-for-arch_report_meminfo |-- parisc-generic-64bit_defconfig | `-- arch-parisc-kernel-pdt.c:warning:no-previous-prototype-for-arch_report_meminfo |-- parisc-randconfig-r012-20230626 | `-- arch-parisc-kernel-pdt.c:warning:no-previous-prototype-for-arch_report_meminfo |-- parisc-randconfig-r026-20230626 | `-- arch-parisc-kernel-pdt.c:warning:no-previous-prototype-for-arch_report_meminfo |-- parisc-randconfig-r053-20230625 | `-- arch-parisc-kernel-pdt.c:warning:no-previous-prototype-for-arch_report_meminfo |-- parisc64-defconfig | `-- arch-parisc-kernel-pdt.c:warning:no-previous-prototype-for-arch_report_meminfo |-- powerpc-randconfig-m041-20230625 | `-- lib-kunit-test.c-__kunit_abort()-warn:ignoring-unreachable-code. |-- riscv-allmodconfig | `-- drivers-usb-cdns3-cdns3-starfive.c:warning:expecting-prototype-for-cdns3().-Prototype-was-for-USB_STRAP_HOST()-instead |-- riscv-allyesconfig | `-- drivers-usb-cdns3-cdns3-starfive.c:warning:expecting-prototype-for-cdns3().-Prototype-was-for-USB_STRAP_HOST()-instead |-- sh-allmodconfig | |-- drivers-char-mem.c:error:implicit-declaration-of-function-unxlate_dev_mem_ptr | |-- standard-input:Error:local-label-(instance-number-of-a-fb-label)-is-not-defined | `-- standard-input:Error:pcrel-too-far |-- sh-rsk7201_defconfig | `-- drivers-char-mem.c:error:implicit-declaration-of-function-unxlate_dev_mem_ptr |-- sh-se7619_defconfig | `-- drivers-char-mem.c:error:implicit-declaration-of-function-unxlate_dev_mem_ptr `-- sparc64-randconfig-r053-20230625 `-- net-bluetooth-hci_conn.c:WARNING-opportunity-for-kmemdup clang_recent_errors |-- arm-randconfig-r016-20230626 | |-- lib-kunit-executor_test.c:warning:cast-from-void-(-)(const-void-)-to-kunit_action_t-(aka-void-(-)(void-)-)-converts-to-incompatible-function-type | `-- lib-kunit-test.c:warning:cast-from-void-(-)(const-void-)-to-kunit_action_t-(aka-void-(-)(void-)-)-converts-to-incompatible-function-type |-- hexagon-randconfig-r041-20230626 | |-- lib-kunit-executor_test.c:warning:cast-from-void-(-)(const-void-)-to-kunit_action_t-(aka-void-(-)(void-)-)-converts-to-incompatible-function-type | `-- lib-kunit-test.c:warning:cast-from-void-(-)(const-void-)-to-kunit_action_t-(aka-void-(-)(void-)-)-converts-to-incompatible-function-type |-- i386-randconfig-i004-20230626 | `-- drivers-gpu-drm-i915-display-intel_display_power.h:error:declaration-of-struct-seq_file-will-not-be-visible-outside-of-this-function-Werror-Wvisibility |-- um-randconfig-r024-20230626 | |-- lib-kunit-executor_test.c:warning:cast-from-void-(-)(const-void-)-to-kunit_action_t-(aka-void-(-)(void-)-)-converts-to-incompatible-function-type | `-- lib-kunit-test.c:warning:cast-from-void-(-)(const-void-)-to-kunit_action_t-(aka-void-(-)(void-)-)-converts-to-incompatible-function-type `-- x86_64-randconfig-r004-20230626 `-- drivers-gpu-drm-i915-display-intel_display_power.h:error:declaration-of-struct-seq_file-will-not-be-visible-outside-of-this-function-Werror-Wvisibility elapsed time: 1076m configs tested: 124 configs skipped: 8 tested configs: alpha allyesconfig gcc alpha defconfig gcc alpha randconfig-r002-20230626 gcc alpha randconfig-r036-20230626 gcc arc allyesconfig gcc arc defconfig gcc arc nsim_700_defconfig gcc arc randconfig-r023-20230626 gcc arc randconfig-r043-20230626 gcc arm allmodconfig gcc arm allyesconfig gcc arm aspeed_g4_defconfig clang arm defconfig gcc arm footbridge_defconfig gcc arm h3600_defconfig gcc arm imx_v4_v5_defconfig clang arm ixp4xx_defconfig clang arm multi_v7_defconfig gcc arm mxs_defconfig clang arm netwinder_defconfig clang arm randconfig-r003-20230626 gcc arm randconfig-r006-20230626 gcc arm randconfig-r016-20230626 clang arm randconfig-r034-20230626 gcc arm randconfig-r046-20230626 clang arm s5pv210_defconfig clang arm spear3xx_defconfig clang arm64 allyesconfig gcc arm64 defconfig gcc arm64 randconfig-r031-20230626 clang csky defconfig gcc csky randconfig-r013-20230626 gcc hexagon randconfig-r041-20230626 clang hexagon randconfig-r045-20230626 clang i386 alldefconfig gcc i386 allyesconfig gcc i386 buildonly-randconfig-r004-20230626 clang i386 buildonly-randconfig-r005-20230626 clang i386 buildonly-randconfig-r006-20230626 clang i386 debian-10.3 gcc i386 defconfig gcc i386 randconfig-i001-20230626 clang i386 randconfig-i002-20230626 clang i386 randconfig-i003-20230626 clang i386 randconfig-i004-20230626 clang i386 randconfig-i005-20230626 clang i386 randconfig-i006-20230626 clang i386 randconfig-i011-20230626 gcc i386 randconfig-i012-20230626 gcc i386 randconfig-i013-20230626 gcc i386 randconfig-i014-20230626 gcc i386 randconfig-i015-20230626 gcc i386 randconfig-i016-20230626 gcc loongarch allmodconfig gcc loongarch allnoconfig gcc loongarch defconfig gcc m68k allmodconfig gcc m68k allyesconfig gcc m68k defconfig gcc m68k hp300_defconfig gcc m68k randconfig-r011-20230626 gcc m68k randconfig-r015-20230626 gcc microblaze randconfig-r005-20230626 gcc mips allmodconfig gcc mips allyesconfig gcc mips ath79_defconfig clang mips ip22_defconfig clang mips loongson2k_defconfig clang mips malta_defconfig clang mips malta_qemu_32r6_defconfig clang mips maltaaprp_defconfig clang mips randconfig-r035-20230626 gcc nios2 defconfig gcc nios2 randconfig-r032-20230626 gcc openrisc defconfig gcc openrisc simple_smp_defconfig gcc parisc allyesconfig gcc parisc defconfig gcc parisc generic-64bit_defconfig gcc parisc randconfig-r012-20230626 gcc parisc randconfig-r026-20230626 gcc parisc64 defconfig gcc powerpc allmodconfig gcc powerpc allnoconfig gcc powerpc arches_defconfig gcc powerpc currituck_defconfig gcc powerpc pcm030_defconfig gcc powerpc randconfig-r021-20230626 gcc powerpc socrates_defconfig clang riscv alldefconfig clang riscv allmodconfig gcc riscv allnoconfig gcc riscv allyesconfig gcc riscv defconfig gcc riscv randconfig-r042-20230626 gcc riscv rv32_defconfig gcc s390 allmodconfig gcc s390 allyesconfig gcc s390 defconfig gcc s390 randconfig-r044-20230626 gcc sh allmodconfig gcc sh defconfig gcc sh rsk7201_defconfig gcc sh se7619_defconfig gcc sh sh7785lcr_32bit_defconfig gcc sparc allyesconfig gcc sparc defconfig gcc um allmodconfig clang um allnoconfig clang um allyesconfig clang um defconfig gcc um i386_defconfig gcc um randconfig-r024-20230626 clang um x86_64_defconfig gcc x86_64 allyesconfig gcc x86_64 buildonly-randconfig-r001-20230626 clang x86_64 buildonly-randconfig-r002-20230626 clang x86_64 buildonly-randconfig-r003-20230626 clang x86_64 defconfig gcc x86_64 kexec gcc x86_64 randconfig-r022-20230626 gcc x86_64 rhel-8.3-rust clang x86_64 rhel-8.3 gcc xtensa generic_kc705_defconfig gcc -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

2 years

1
0
0 0

arm64: fp-stress: BUG: KFENCE: memory corruption in fpsimd_release_task

by Naresh Kamboju

Following kernel BUG noticed while running selftests arm64 fp-stress running stable rc kernel versions 6.1.29-rc1 and 6.3.3-rc1. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> # selftests: arm64: fp-stress # TAP version 13 # 1..80 # # 8 CPUs, 3 SVE VLs, 3 SME VLs, SME2 absent # # Will run for 10s ... # # ZA-VL-32-4: PID: 1091 # # [ 263.834190] ================================================================== [ 263.834270] BUG: KFENCE: memory corruption in fpsimd_release_task+0x28/0x50 [ 263.834270] ZA-V[ 263.834419] Corrupted memory at 0x00000000d9c0a375 [ ! ! ! ! ! ! . . . . . . . . . . ] (in kfence-#158): L-64-[ 263.834929] fpsimd_release_task+0x28/0x50 [ 263.835074] arch_release_task_struct+0x1c/0x30 [ 263.835221] __put_task_struct+0x164/0x220 [ 263.835336] delayed_put_task_struct+0x60/0x128 4: [ 263.835484] rcu_core+0x318/0x950 [ 263.835632] rcu_core_si+0x1c/0x30 [ 263.835770] __do_softirq+0x110/0x3d8 Stre[ 263.835874] run_ksoftirqd+0x40/0xe0 [ 263.835994] smpboot_thread_fn+0x1d0/0x260 [ 263.836105] kthread+0xec/0x190 [ 263.836221] ret_from_fork+0x10/0x20 [ 263.836342] ami[ 263.836393] kfence-#158: 0x00000000c8819329-0x000000009e00cc22, size=546, cache=kmalloc-1k [ 263.836393] [ 263.836527] allocated by task 1112 on cpu 5 at 252.422888s: [ 263.836697] do_sme_acc+0xa8/0x230 ng m[ 263.836821] el0_sme_acc+0x40/0xa0 [ 263.836966] el0t_64_sync_handler+0xa8/0xf0 [ 263.837114] el0t_64_sync+0x190/0x198 [ 263.837224] ode[ 263.837275] freed by task 15 on cpu 0 at 263.833793s: [ 263.837500] fpsimd_release_task+0x28/0x50 [ 263.837629] arch_release_task_struct+0x1c/0x30 ve[ 263.837773] __put_task_struct+0x164/0x220 [ 263.837886] delayed_put_task_struct+0x60/0x128 [ 263.838032] rcu_core+0x318/0x950 cto[ 263.838176] rcu_core_si+0x1c/0x30 [ 263.838310] __do_softirq+0x110/0x3d8 [ 263.838417] run_ksoftirqd+0x40/0xe0 [ 263.838521] smpboot_thread_fn+0x1d0/0x260 [ 263.838626] kthread+0xec/0x190 [ 263.838742] ret_from_fork+0x10/0x20 [ 263.838861] [ 263.838913] CPU: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 6.3.3-rc1 #1 [ 263.839037] Hardware name: FVP Base RevC (DT) [ 263.839111] ================================================================== r length: 512 bits # # ZA-VL-64-4: PID: 1089 # # SSVE-VL-64-4: Streaming mode Vector length: 512 bits # # SSVE-VL-64-4: PID: 1088 # # ZA-VL-16-4: Streaming mode vector length: 128 bits # # ZA-VL-16-4: PID: 1093 # # FPSIMD-5-0: Vector length: 128 bits # # FPSIMD-5-0: PID: 1094 # # SVE-VL-32-5: Vector length: 256 bits # # SVE-VL-32-5: PID: 1096 # # SSVE-VL-64-5: Streaming mode Vector length: 512 bits # # SVE-VL-64-5: Vector length: 512 bits # # SVE-VL-64-5: PID: 1095 # # SSVE-VL-64-5: PID: 1098 # # ZA-VL-64-5:[ 263.905145] ================================================================== [ 263.905299] BUG: KFENCE: memory corruption in fpsimd_release_task+0x28/0x50 [ 263.905299] Str[ 263.905444] Corrupted memory at 0x00000000e3d2342a [ ! ! ! ! ! ! . . . . . . . . . . ] (in kfence-#146): [ 263.905957] fpsimd_release_task+0x28/0x50 eam[ 263.906088] arch_release_task_struct+0x1c/0x30 [ 263.906236] __put_task_struct+0x164/0x220 [ 263.906348] delayed_put_task_struct+0x60/0x128 [ 263.906499] rcu_core+0x318/0x950 [ 263.906647] rcu_core_si+0x1c/0x30 in[ 263.906786] __do_softirq+0x110/0x3d8 [ 263.906892] ____do_softirq+0x1c/0x30 [ 263.907015] call_on_irq_stack+0x24/0x58 g mo[ 263.907139] do_softirq_own_stack+0x28/0x40 [ 263.907305] __irq_exit_rcu+0x94/0xf8 [ 263.907454] irq_exit_rcu+0x1c/0x40 de [ 263.907599] el0_interrupt+0x58/0x160 [ 263.907765] __el0_irq_handler_common+0x18/0x28 [ 263.907879] el0t_64_irq_handler+0x10/0x20 [ 263.907989] el0t_64_irq+0x190/0x198 [ 263.908098] vect[ 263.908149] kfence-#146: 0x000000005a8569e6-0x00000000c704c501, size=546, cache=kmalloc-1k [ 263.908149] [ 263.908282] allocated by task 1102 on cpu 0 at 251.030980s: [ 263.908452] do_sme_acc+0xa8/0x230 or l[ 263.908576] el0_sme_acc+0x40/0xa0 [ 263.908725] el0t_64_sync_handler+0xa8/0xf0 [ 263.908879] el0t_64_sync+0x190/0x198 [ 263.908986] eng[ 263.909036] freed by task 1 on cpu 3 at 263.904989s: [ 263.909311] fpsimd_release_task+0x28/0x50 [ 263.909439] arch_release_task_struct+0x1c/0x30 th:[ 263.909584] __put_task_struct+0x164/0x220 [ 263.909696] delayed_put_task_struct+0x60/0x128 [ 263.909842] rcu_core+0x318/0x950 512 [ 263.909986] rcu_core_si+0x1c/0x30 [ 263.910175] __do_softirq+0x110/0x3d8 [ 263.910279] ____do_softirq+0x1c/0x30 [ 263.910399] call_on_irq_stack+0x24/0x58 [ 263.910520] do_softirq_own_stack+0x28/0x40 [ 263.910645] __irq_exit_rcu+0x94/0xf8 bits[ 263.910792] irq_exit_rcu+0x1c/0x40 [ 263.910937] el0_interrupt+0x58/0x160 [ 263.911043] __el0_irq_handler_common+0x18/0x28 [ 263.911154] el0t_64_irq_handler+0x10/0x20 [ 263.911261] el0t_64_irq+0x190/0x198 # # [ 263.911387] [ 263.911448] CPU: 3 PID: 1 Comm: systemd Tainted: G B 6.3.3-rc1 #1 [ 263.911575] Hardware name: FVP Base RevC (DT) [ 263.911653] ================================================================== .. # ok 80 ZA-VL-16-7 # # Totals: pass:80 fail:0 xfail:0 xpass:0 skip:0 error:0 ok 32 selftests: arm64: fp-stress Steps to reproduce: ============ # To install tuxrun on your system globally: # sudo pip3 install -U tuxrun==0.42.0 # # See https://tuxrun.org/ for complete documentation. tuxrun \ --runtime podman \ --device fvp-aemva \ --boot-args rw \ --kernel https://storage.tuxsuite.com/public/linaro/lkft/builds/2Pq5NvLiBcWRMuy6lXft… \ --modules https://storage.tuxsuite.com/public/linaro/lkft/builds/2Pq5NvLiBcWRMuy6lXft… \ --rootfs https://storage.tuxboot.com/debian/bookworm/arm64/rootfs.ext4.xz \ --parameters SKIPFILE=skipfile-lkft.yaml \ --parameters KSELFTEST=https://storage.tuxsuite.com/public/linaro/lkft/builds/2Pq5NvLiBc… \ --image tuxrun:fvp \ --tests kselftest-arm64 \ --timeouts boot=60 kselftest-arm64=60 Test log links: ======== - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.1.y/build/v6.1.2… - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.1.y/build/v6.1.2… - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.1.y/build/v6.1.2… - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.3.y/build/v6.3.2… - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.3.y/build/v6.3.2… - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.3.y/build/v6.3.2… -- Linaro LKFT https://lkft.linaro.org

2 years

5
15
0 0

[PATCH v4 0/3] tracing/user_events: Fix incorrect return value for writes when events are disabled and add its tests

by sunliming

Now the writing operation return the count of writes regardless of whether events are enabled or disabled. Fix this by just return -EBADF when events are disabled. v3 -> v4: - Change the return value from zero to -EBADF v2 -> v3: - Change the return value from -ENOENT to zero v1 -> v2: - Change the return value from -EFAULT to -ENOENT sunliming (3): tracing/user_events: Fix incorrect return value for writing operation when events are disabled selftests/user_events: Enable the event before write_fault test in ftrace self-test selftests/user_events: Add test cases when event is disabled kernel/trace/trace_events_user.c | 3 ++- tools/testing/selftests/user_events/ftrace_test.c | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) -- 2.25.1

2 years

2
4
0 0

[PATCH net] selftests: rtnetlink: remove netdevsim device after ipsec offload test

by Sabrina Dubroca

On systems where netdevsim is built-in or loaded before the test starts, kci_test_ipsec_offload doesn't remove the netdevsim device it created during the test. Fixes: e05b2d141fef ("netdevsim: move netdev creation/destruction to dev probe") Signed-off-by: Sabrina Dubroca <sd(a)queasysnail.net> --- tools/testing/selftests/net/rtnetlink.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/net/rtnetlink.sh b/tools/testing/selftests/net/rtnetlink.sh index 383ac6fc037d..ba286d680fd9 100755 --- a/tools/testing/selftests/net/rtnetlink.sh +++ b/tools/testing/selftests/net/rtnetlink.sh @@ -860,6 +860,7 @@ EOF fi # clean up any leftovers + echo 0 > /sys/bus/netdevsim/del_device $probed && rmmod netdevsim if [ $ret -ne 0 ]; then -- 2.40.1

2 years

4
3
0 0

[PATCH v20 0/5] Implement IOCTL to get and optionally clear info about PTEs

by Muhammad Usama Anjum

*Changes in v20* - Correct PAGE_IS_FILE and add PAGE_IS_PFNZERO *Changes in v19* - Minor changes and interface updates *Changes in v18* - Rebase on top of next-20230613 - Minor updates *Changes in v17* - Rebase on top of next-20230606 - Minor improvements in PAGEMAP_SCAN IOCTL patch *Changes in v16* - Fix a corner case - Add exclusive PM_SCAN_OP_WP back *Changes in v15* - Build fix (Add missed build fix in RESEND) *Changes in v14* - Fix build error caused by #ifdef added at last minute in some configs *Changes in v13* - Rebase on top of next-20230414 - Give-up on using uffd_wp_range() and write new helpers, flush tlb only once *Changes in v12* - Update and other memory types to UFFD_FEATURE_WP_ASYNC - Rebaase on top of next-20230406 - Review updates *Changes in v11* - Rebase on top of next-20230307 - Base patches on UFFD_FEATURE_WP_UNPOPULATED - Do a lot of cosmetic changes and review updates - Remove ENGAGE_WP + !GET operation as it can be performed with UFFDIO_WRITEPROTECT *Changes in v10* - Add specific condition to return error if hugetlb is used with wp async - Move changes in tools/include/uapi/linux/fs.h to separate patch - Add documentation *Changes in v9:* - Correct fault resolution for userfaultfd wp async - Fix build warnings and errors which were happening on some configs - Simplify pagemap ioctl's code *Changes in v8:* - Update uffd async wp implementation - Improve PAGEMAP_IOCTL implementation *Changes in v7:* - Add uffd wp async - Update the IOCTL to use uffd under the hood instead of soft-dirty flags *Motivation* The real motivation for adding PAGEMAP_SCAN IOCTL is to emulate Windows GetWriteWatch() syscall [1]. The GetWriteWatch{} retrieves the addresses of the pages that are written to in a region of virtual memory. This syscall is used in Windows applications and games etc. This syscall is being emulated in pretty slow manner in userspace. Our purpose is to enhance the kernel such that we translate it efficiently in a better way. Currently some out of tree hack patches are being used to efficiently emulate it in some kernels. We intend to replace those with these patches. So the whole gaming on Linux can effectively get benefit from this. It means there would be tons of users of this code. CRIU use case [2] was mentioned by Andrei and Danylo: > Use cases for migrating sparse VMAs are binaries sanitized with ASAN, > MSAN or TSAN [3]. All of these sanitizers produce sparse mappings of > shadow memory [4]. Being able to migrate such binaries allows to highly > reduce the amount of work needed to identify and fix post-migration > crashes, which happen constantly. Andrei's defines the following uses of this code: * it is more granular and allows us to track changed pages more effectively. The current interface can clear dirty bits for the entire process only. In addition, reading info about pages is a separate operation. It means we must freeze the process to read information about all its pages, reset dirty bits, only then we can start dumping pages. The information about pages becomes more and more outdated, while we are processing pages. The new interface solves both these downsides. First, it allows us to read pte bits and clear the soft-dirty bit atomically. It means that CRIU will not need to freeze processes to pre-dump their memory. Second, it clears soft-dirty bits for a specified region of memory. It means CRIU will have actual info about pages to the moment of dumping them. * The new interface has to be much faster because basic page filtering is happening in the kernel. With the old interface, we have to read pagemap for each page. *Implementation Evolution (Short Summary)* From the definition of GetWriteWatch(), we feel like kernel's soft-dirty feature can be used under the hood with some additions like: * reset soft-dirty flag for only a specific region of memory instead of clearing the flag for the entire process * get and clear soft-dirty flag for a specific region atomically So we decided to use ioctl on pagemap file to read or/and reset soft-dirty flag. But using soft-dirty flag, sometimes we get extra pages which weren't even written. They had become soft-dirty because of VMA merging and VM_SOFTDIRTY flag. This breaks the definition of GetWriteWatch(). We were able to by-pass this short coming by ignoring VM_SOFTDIRTY until David reported that mprotect etc messes up the soft-dirty flag while ignoring VM_SOFTDIRTY [5]. This wasn't happening until [6] got introduced. We discussed if we can revert these patches. But we could not reach to any conclusion. So at this point, I made couple of tries to solve this whole VM_SOFTDIRTY issue by correcting the soft-dirty implementation: * [7] Correct the bug fixed wrongly back in 2014. It had potential to cause regression. We left it behind. * [8] Keep a list of soft-dirty part of a VMA across splits and merges. I got the reply don't increase the size of the VMA by 8 bytes. At this point, we left soft-dirty considering it is too much delicate and userfaultfd [9] seemed like the only way forward. From there onward, we have been basing soft-dirty emulation on userfaultfd wp feature where kernel resolves the faults itself when WP_ASYNC feature is used. It was straight forward to add WP_ASYNC feature in userfautlfd. Now we get only those pages dirty or written-to which are really written in reality. (PS There is another WP_UNPOPULATED userfautfd feature is required which is needed to avoid pre-faulting memory before write-protecting [9].) All the different masks were added on the request of CRIU devs to create interface more generic and better. [1] https://learn.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-… [2] https://lore.kernel.org/all/20221014134802.1361436-1-mdanylo@google.com [3] https://github.com/google/sanitizers [4] https://github.com/google/sanitizers/wiki/AddressSanitizerAlgorithm#64-bit [5] https://lore.kernel.org/all/bfcae708-db21-04b4-0bbe-712badd03071@redhat.com [6] https://lore.kernel.org/all/20220725142048.30450-1-peterx@redhat.com/ [7] https://lore.kernel.org/all/20221122115007.2787017-1-usama.anjum@collabora.… [8] https://lore.kernel.org/all/20221220162606.1595355-1-usama.anjum@collabora.… [9] https://lore.kernel.org/all/20230306213925.617814-1-peterx@redhat.com [10] https://lore.kernel.org/all/20230125144529.1630917-1-mdanylo@google.com * Original Cover letter from v8* Hello, Note: Soft-dirty pages and pages which have been written-to are synonyms. As kernel already has soft-dirty feature inside which we have given up to use, we are using written-to terminology while using UFFD async WP under the hood. This IOCTL, PAGEMAP_SCAN on pagemap file can be used to get and/or clear the info about page table entries. The following operations are supported in this ioctl: - Get the information if the pages have been written-to (PAGE_IS_WRITTEN), file mapped (PAGE_IS_FILE), present (PAGE_IS_PRESENT) or swapped (PAGE_IS_SWAPPED). - Write-protect the pages (PAGEMAP_WP_ENGAGE) to start finding which pages have been written-to. - Find pages which have been written-to and write protect the pages (atomic PAGE_IS_WRITTEN + PAGEMAP_WP_ENGAGE) It is possible to find and clear soft-dirty pages entirely in userspace. But it isn't efficient: - The mprotect and SIGSEGV handler for bookkeeping - The userfaultfd wp (synchronous) with the handler for bookkeeping Some benchmarks can be seen here[1]. This series adds features that weren't present earlier: - There is no atomic get soft-dirty/Written-to status and clear present in the kernel. - The pages which have been written-to can not be found in accurate way. (Kernel's soft-dirty PTE bit + sof_dirty VMA bit shows more soft-dirty pages than there actually are.) Historically, soft-dirty PTE bit tracking has been used in the CRIU project. The procfs interface is enough for finding the soft-dirty bit status and clearing the soft-dirty bit of all the pages of a process. We have the use case where we need to track the soft-dirty PTE bit for only specific pages on-demand. We need this tracking and clear mechanism of a region of memory while the process is running to emulate the getWriteWatch() syscall of Windows. *(Moved to using UFFD instead of soft-dirtyi feature to find pages which have been written-to from v7 patch series)*: Stop using the soft-dirty flags for finding which pages have been written to. It is too delicate and wrong as it shows more soft-dirty pages than the actual soft-dirty pages. There is no interest in correcting it [2][3] as this is how the feature was written years ago. It shouldn't be updated to changed behaviour. Peter Xu has suggested using the async version of the UFFD WP [4] as it is based inherently on the PTEs. So in this patch series, I've added a new mode to the UFFD which is asynchronous version of the write protect. When this variant of the UFFD WP is used, the page faults are resolved automatically by the kernel. The pages which have been written-to can be found by reading pagemap file (!PM_UFFD_WP). This feature can be used successfully to find which pages have been written to from the time the pages were write protected. This works just like the soft-dirty flag without showing any extra pages which aren't soft-dirty in reality. The information related to pages if the page is file mapped, present and swapped is required for the CRIU project [5][6]. The addition of the required mask, any mask, excluded mask and return masks are also required for the CRIU project [5]. The IOCTL returns the addresses of the pages which match the specific masks. The page addresses are returned in struct page_region in a compact form. The max_pages is needed to support a use case where user only wants to get a specific number of pages. So there is no need to find all the pages of interest in the range when max_pages is specified. The IOCTL returns when the maximum number of the pages are found. The max_pages is optional. If max_pages is specified, it must be equal or greater than the vec_size. This restriction is needed to handle worse case when one page_region only contains info of one page and it cannot be compacted. This is needed to emulate the Windows getWriteWatch() syscall. The patch series include the detailed selftest which can be used as an example for the uffd async wp test and PAGEMAP_IOCTL. It shows the interface usages as well. [1] https://lore.kernel.org/lkml/54d4c322-cd6e-eefd-b161-2af2b56aae24@collabora… [2] https://lore.kernel.org/all/20221220162606.1595355-1-usama.anjum@collabora.… [3] https://lore.kernel.org/all/20221122115007.2787017-1-usama.anjum@collabora.… [4] https://lore.kernel.org/all/Y6Hc2d+7eTKs7AiH@x1n [5] https://lore.kernel.org/all/YyiDg79flhWoMDZB@gmail.com/ [6] https://lore.kernel.org/all/20221014134802.1361436-1-mdanylo@google.com/ Regards, Muhammad Usama Anjum Muhammad Usama Anjum (4): fs/proc/task_mmu: Implement IOCTL to get and optionally clear info about PTEs tools headers UAPI: Update linux/fs.h with the kernel sources mm/pagemap: add documentation of PAGEMAP_SCAN IOCTL selftests: mm: add pagemap ioctl tests Peter Xu (1): userfaultfd: UFFD_FEATURE_WP_ASYNC Documentation/admin-guide/mm/pagemap.rst | 58 + Documentation/admin-guide/mm/userfaultfd.rst | 35 + fs/proc/task_mmu.c | 560 +++++++ fs/userfaultfd.c | 26 +- include/linux/hugetlb.h | 1 + include/linux/userfaultfd_k.h | 21 +- include/uapi/linux/fs.h | 54 + include/uapi/linux/userfaultfd.h | 9 +- mm/hugetlb.c | 34 +- mm/memory.c | 27 +- tools/include/uapi/linux/fs.h | 54 + tools/testing/selftests/mm/.gitignore | 2 + tools/testing/selftests/mm/Makefile | 3 +- tools/testing/selftests/mm/config | 1 + tools/testing/selftests/mm/pagemap_ioctl.c | 1464 ++++++++++++++++++ tools/testing/selftests/mm/run_vmtests.sh | 4 + 16 files changed, 2329 insertions(+), 24 deletions(-) create mode 100644 tools/testing/selftests/mm/pagemap_ioctl.c mode change 100644 => 100755 tools/testing/selftests/mm/run_vmtests.sh -- 2.39.2

2 years

3
9
0 0

Re: [PATCH v3 3/3] selftests/tdx: Test GetQuote TDX attestation feature

by Dan Williams

Erdem Aktas wrote: > On Mon, Jun 12, 2023 at 12:03 PM Dan Williams <dan.j.williams(a)intel.com> > wrote: > > > [ add David, Brijesh, and Atish] > > > > Kuppuswamy Sathyanarayanan wrote: > > > In TDX guest, the second stage of the attestation process is Quote > > > generation. This process is required to convert the locally generated > > > TDREPORT into a remotely verifiable Quote. It involves sending the > > > TDREPORT data to a Quoting Enclave (QE) which will verify the > > > integrity of the TDREPORT and sign it with an attestation key. > > > > > > Intel's TDX attestation driver exposes TDX_CMD_GET_QUOTE IOCTL to > > > allow the user agent to get the TD Quote. > > > > > > Add a kernel selftest module to verify the Quote generation feature. > > > > > > TD Quote generation involves following steps: > > > > > > * Get the TDREPORT data using TDX_CMD_GET_REPORT IOCTL. > > > * Embed the TDREPORT data in quote buffer and request for quote > > > generation via TDX_CMD_GET_QUOTE IOCTL request. > > > * Upon completion of the GetQuote request, check for non zero value > > > in the status field of Quote header to make sure the generated > > > quote is valid. > > > > What this cover letter does not say is that this is adding another > > instance of the similar pattern as SNP_GET_REPORT. > > > > Linux is best served when multiple vendors trying to do similar > > operations are brought together behind a common ABI. We see this in the > > history of wrangling SCSI vendors behind common interfaces. > > Compared to the number of SCSI vendors, I think the number of CPU vendors > for confidential computing seems manageable to me. Is this really a good > comparison? Fair enough, and prompted by this I talk a bit more about the motiviations and benefits of a Keys abstraction for attestation here: https://lore.kernel.org/all/64961c3baf8ce_142af829436@dwillia2-xfh.jf.intel… > > Now multiple > > confidential computing vendors trying to develop similar flows with > > differentiated formats where that differentiation need not leak over the > > ABI boundary. > > > > <Just my personal opinion below> > I agree with this statement in the high level but it is also somehow > surprising for me after all the discussion happened around this topic. > Honestly, I feel like there are multiple versions of "Intel" working in > different directions. This proposal was sent while firmly wearing my Linux community hat. I agree, the timing here is unfortunate. > If we want multiple vendors trying to do the similar things behind a common > ABI, it should start with the spec. Since this comment is coming from > Intel, I wonder if there is any plan to combine the GHCB and GHCI > interfaces under common ABI in the future or why it did not even happen in > the first place. Per above comment about firmly wearing my Linux hat I am coming at this purely from the perspective of what do we do now as a community that continues to see these implementations proliferate and grow more features. Common specs are great, but I agree with you, it is too late for that, but I hope that as Linux asserts "this is what it should look like" it starts to influence future IP innovation, and attestation service providers, to acommodate the kernel's ABI momentum. > What I see is that Intel has GETQUOTE TDVMCALL interface in its spec and > again Intel does not really want to provide support for it in linux. It > feels really frustrating. I am aware of how frustrating late feedback can be. I am also encouraged by some of the conversations and investigations that have already happened around how Keys fits what these attestation solutions need. > > My observation of SNP_GET_REPORT and TDX_CMD_GET_REPORT is that they are > > both passing blobs across the user/kernel and platform/kernel boundary > > for the purposes of unlocking other resources. To me that is a flow that > > the Keys subsystem has infrastructure to handle. It has the concept of > > upcalls and asynchronous population of blobs by handles and mechanisms > > to protect and cache those communications. Linux / the Keys subsystem > > could benefit from the enhancements it would need to cover these 2 > > cases. Specifically, the benefit that when ARM and RISC-V arrive with > > similar communications with platform TSMs (Trusted Security Module) they > > can build upon the same infrastructure. > > > > David, am I reaching with that association? My strawman mapping of > > TDX_CMD_GET_QUOTE to request_key() is something like: > > > > request_key(coco_quote, "description", "<uuencoded tdreport>") > > > > Where this is a common key_type for all vendors, but the description and > > arguments have room for vendor differentiation when doing the upcall to > > the platform TSM, but userspace never needs to contend with the > > different vendor formats, that is all handled internally to the kernel. > > > > I think the problem definition here is not accurate. With AMD SNP, guests > need to do a hypercall to KVM and KVM needs to issue > a SNP_GUEST_REQUEST(MSG_REPORT_REQ) to the SP firmware. In TDX, guests > need to do a TDCALL to TDXMODULE to get the TDREPORT and then it needs to > get that report delivered to the host userspace to get the TDQUOTE > generated by the SGX quoting enclave. Also TDQUOTE is designed to work > async while the SNP_GUEST_REQUESTS are blocking vmcalls. > > Those are completely different flows. Are you suggesting that intel should > also come down to a single call to get the TDQUOTE like AMD SNP? The Keys subsystem supports async instantiation of key material with usermode upcalls if necessary. So I do not see a problem supporting these flows behind a common key type. > The TDCALL interface asking for the TDREPORT is already there. AMD does not > need to ask the report and the quote separately. > > Here, the problem was that Intel (upstream) did not want to implement > hypercall for TDQUOTE which would be handled by the user space VMM. The > alternative implementation (using vsock) does not work for many use cases > including ours. I do not see how your suggestion addresses the problem that > this patch was trying to solve. Perhaps the strawman mockup makes it more clear: https://lore.kernel.org/all/64961c3baf8ce_142af829436@dwillia2-xfh.jf.intel… > So while I like the suggested direction, I am not sure how much it is > possible to come up with a common ABI even with just only for 2 vendors > (AMD and Intel) without doing spec changes which is a multi year effort > imho. I agree, hardware spec changes are out of scope for this effort, but Keys might require some additional flows to be built up in the kernel that could be previously handled in userspace. I.e. the "bottom half" that I reference in the mockup. This is something we went through with using "encrypted-keys" for nvdimm. Instead of an ioctl to inject a secret key over the user kernel boundary a key server need to store a serialized version of the encrypted key blob and pass that into the kernel.

2 years

1
0
0 0

[PATCH v2 0/2] arm64/signal: Fix handling of TPIDR2

by Mark Brown

The restoring of TPIDR2 signal context has been broken since it was merged, fix this and add a test case covering it. This is a result of TPIDR2 context management following a different flow to any of the other state that we provide and the fact that we don't expose TPIDR (which follows the same pattern) to signals. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v2: - Added a feature check for SME to the new test. - Link to v1: https://lore.kernel.org/r/20230621-arm64-fix-tpidr2-signal-restore-v1-0-b6d… --- Mark Brown (2): arm64/signal: Restore TPIDR2 register rather than memory state kselftest/arm64: Add a test case for TPIDR2 restore arch/arm64/kernel/signal.c | 2 +- tools/testing/selftests/arm64/signal/.gitignore | 2 +- .../arm64/signal/testcases/tpidr2_restore.c | 86 ++++++++++++++++++++++ 3 files changed, 88 insertions(+), 2 deletions(-) --- base-commit: 858fd168a95c5b9669aac8db6c14a9aeab446375 change-id: 20230621-arm64-fix-tpidr2-signal-restore-713d93798f99 Best regards, -- Mark Brown <broonie(a)kernel.org>

2 years

2
7
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror