These two patches improve the mixer test, checking that the default
values for enums are valid and extending them to cover all the values
for multi-value controls, not just the first one. It also factors out
the validation that values are OK for controls for future reuse.
Mark Brown (2):
kselftest: alsa: Factor out check that values meet constraints
kselftest: alsa: Validate values read from enumerations
tools/testing/selftests/alsa/mixer-test.c | 158 ++++++++++++++--------
1 file changed, 99 insertions(+), 59 deletions(-)
base-commit: b73dad806533cad55df41a9c0349969b56d4ff7f
--
2.30.2
The XSAVE feature set supports the saving and restoring of xstate components,
which is used for process context switching. The state components include
x87 state for FPU execution environment, SSE state, AVX state and so on.
In order to ensure that XSAVE works correctly, add XSAVE basic test for XSAVE
architecture functionality.
This patch set tests and verifies the basic functions of XSAVE in user
space; it tests "FPU, SSE(XMM), AVX2(YMM), AVX512 opmask and PKRU parts"
xstates with following cases:
1. In nested signal processing, the signal handling will use each signal's own
xstates, and the xstates of the signal handling under test should not be
changed after another nested signal handling is completed; and these xstates
content in the process should not change after the nested signal handling
is complete.
2. The xstates content of the child process should be the same as that of the
parent process. The xstates content of the process should be the same across
process switching.
This is the xstates position for FP, XMM, Header, YMM, AVX512 opmask and PKRU:
It could be saved by xsave instruction, and mask could control which part will
be saved(Header will be saved as mandatory):
FP (0 - 159 bytes)
XMM (160-415 bytes)
Reserved (416-511 bytes SDM vol1 13.4.1)
Header_used (512-527 bytes)
Headed_reserved (528-575 bytes must 00, otherwise xrstor will #GP)
YMM (Offset:CPUID.(EAX=0D,ECX=2).EBX Size:CPUID(EAX=0D,ECX=2).EAX)
AVX512 opmask (Offset:CPUID.(EAX=0D,ECX=5).EBX Size:CPUID(EAX=0D,ECX=5).EAX)
PKRU (Offset:CPUID.(EAX=0D,ECX=9).EBX Size:CPUID(EAX=0D,ECX=9).EAX)
It uses syscall function instead of fork() function, becasue syscall libc
function will resume xstates after syscall if there is some xstates change
in syscall libc function.
And populate the xstates will try not to use libc, and every key test action
will try not to use libc except syscall until it's failed or done.
In order to prevent GCC from generating any FP code by mistake,
"-mno-sse -mno-mmx -mno-sse2 -mno-avx -mno-pku" compiler parameter is added to
avoid fake failure. Thanks Dave Hansen's suggestion.
This series introduces only the most basic XSAVE tests. In the future, the
intention is to continue expanding the scope of these selftests to include
more xstates and kernel XSAVE-related functionality tests.
========
- Change from v6 to v7:
- Added the error number and error description of the reason for the
failure, thanks Shuah Khan's suggestion.
- Added a description of what these tests are doing in the head comments.
- Added changes update in the head comments.
- Added description of the purpose of the function. thanks Shuah Khan.
- Change from v5 to v6:
- In order to prevent GCC from generating any FP code by mistake,
"-mno-sse -mno-mmx -mno-sse2 -mno-avx -mno-pku" compiler parameter was
added, it's referred to the parameters for compiling the x86 kernel. Thanks
Dave Hansen's suggestion.
- Removed the use of "kselftest.h", because kselftest.h included <stdlib.h>,
and "stdlib.h" would use sse instructions in it's libc, and this *XSAVE*
test needed to be compiled without libc sse instructions(-mno-sse).
- Improved the description in commit header, thanks Chen Yu's suggestion.
- Becasue test code could not use buildin xsave64 in libc without sse, added
xsave function by instruction way.
- Every key test action would not use libc(like printf) except syscall until
it's failed or done. If it's failed, then it would print the failed reason.
- Used __cpuid_count() instead of native_cpuid(), becasue __cpuid_count()
was a macro definition function with one instruction in libc and did not
change xstate. Thanks Chatre Reinette, Shuah Khan.
https://lore.kernel.org/linux-sgx/8b7c98f4-f050-bc1c-5699-fa598ecc66a2@linu…
- Change from v4 to v5:
- Moved code files into tools/testing/selftests/x86.
- Delete xsave instruction test, becaue it's not related to kernel.
- Improved case description.
- Added AVX512 opmask change and related XSAVE content verification.
- Added PKRU part xstate test into instruction and signal handling test.
- Added XSAVE process swich test for FPU, AVX2, AVX512 opmask and PKRU part.
- Change from v3 to v4:
- Improve the comment in patch 1.
- Change from v2 to v3:
- Improve the description of patch 2 git log.
- Change from v1 to v2:
- Improve the cover-letter. Thanks Dave Hansen's suggestion.
Pengfei Xu (2):
selftests/x86: add xsave test related to nested signal handling
selftests/x86: add xsave test related to process switching
tools/testing/selftests/x86/Makefile | 4 +-
tools/testing/selftests/x86/xsave_common.h | 397 ++++++++++++++++++
tools/testing/selftests/x86/xsave_fork_test.c | 148 +++++++
.../selftests/x86/xsave_signal_handle.c | 189 +++++++++
4 files changed, 737 insertions(+), 1 deletion(-)
create mode 100644 tools/testing/selftests/x86/xsave_common.h
create mode 100644 tools/testing/selftests/x86/xsave_fork_test.c
create mode 100644 tools/testing/selftests/x86/xsave_signal_handle.c
--
2.31.1
The KUnit documentation was not very organized. There was little
information related to KUnit architecture and the importance of unit
testing.
Add some new pages, expand and reorganize the existing documentation.
Reword pages to make information and style more consistent.
Changes since v5:
https://lore.kernel.org/linux-kselftest/20211217043716.794289-1-sharinder@g…
-- Forgot to add the new .svg diagram file to git.
Changes since v4:
https://lore.kernel.org/linux-kselftest/20211216055958.634097-1-sharinder@g…
-- Replaced kunit_suitememorydiagram.png with kunit_suitememorydiagram.svg
Changes since v3:
https://lore.kernel.org/linux-kselftest/20211210052812.1998578-1-sharinder@…
--Reworded sentences as per comments
--Replaced Elixir links with kernel.org links or kernel-doc references
Changes since v2:
https://lore.kernel.org/linux-kselftest/20211207054019.1455054-1-sharinder@…
--Reworded sentences as per comments
--Expanded the explaination in usage.rst for accessing the current test example
--Standardized on US english in style.rst
Changes since v1:
https://lore.kernel.org/linux-kselftest/20211203042437.740255-1-sharinder@g…
--Fixed spelling mistakes
--Restored paragraph about kunit_tool introduction
--Added note about CONFIG_KUNIT_ALL_TESTS (Thanks Tim Bird for review
comments)
-- Miscellaneous changes
Harinder Singh (7):
Documentation: KUnit: Rewrite main page
Documentation: KUnit: Rewrite getting started
Documentation: KUnit: Added KUnit Architecture
Documentation: kunit: Reorganize documentation related to running
tests
Documentation: KUnit: Rework writing page to focus on writing tests
Documentation: KUnit: Restyle Test Style and Nomenclature page
Documentation: KUnit: Restyled Frequently Asked Questions
.../dev-tools/kunit/architecture.rst | 204 +++++++
Documentation/dev-tools/kunit/faq.rst | 73 ++-
Documentation/dev-tools/kunit/index.rst | 172 +++---
.../kunit/kunit_suitememorydiagram.svg | 81 +++
Documentation/dev-tools/kunit/run_manual.rst | 57 ++
Documentation/dev-tools/kunit/run_wrapper.rst | 247 ++++++++
Documentation/dev-tools/kunit/start.rst | 198 +++---
Documentation/dev-tools/kunit/style.rst | 105 ++--
Documentation/dev-tools/kunit/usage.rst | 578 ++++++++----------
9 files changed, 1128 insertions(+), 587 deletions(-)
create mode 100644 Documentation/dev-tools/kunit/architecture.rst
create mode 100644 Documentation/dev-tools/kunit/kunit_suitememorydiagram.svg
create mode 100644 Documentation/dev-tools/kunit/run_manual.rst
create mode 100644 Documentation/dev-tools/kunit/run_wrapper.rst
base-commit: 4c388a8e740d3235a194f330c8ef327deef710f6
--
2.34.1.173.g76aa8bc2d0-goog
Good Day,
My name is Luis Fernandez, I am contacting you because we have
investors that have the capacity to invest in any massive project
in your country or invest in your existing project that requires
funding.
Kindly get back to me for more details.
Regards
Luis Fernandez
This is similar to TCP-MD5 in functionality but it's sufficiently
different that packet formats and interfaces are incompatible.
Compared to TCP-MD5 more algorithms are supported and multiple keys
can be used on the same connection but there is still no negotiation
mechanism.
Expected use-case is protecting long-duration BGP/LDP connections
between routers using pre-shared keys. The goal of this series is to
allow routers using the Linux TCP stack to interoperate with vendors
such as Cisco and Juniper.
Both algorithms described in RFC5926 are implemented but the code is not
very easily extensible beyond that. In particular there are several code
paths making stack allocations based on RFC5926 maximum, those would
have to be increased. Support for arbitrary algorithms was requested
in reply to previous posts but I believe there is no real use case for
that.
The current implementation is somewhat loose regarding configuration:
* Overlaping MKTs can be configured despite what RFC5925 says
* Current key can be deleted. RFC says this shouldn't be allowed but
enforcing this belongs at an admin shell rather than in the kernel.
* If multiple keys are valid for a destination the kernel picks one
in an unpredictable manner (this can be overridden).
These conditions could be tightened but it is not clear the kernel
should spend effort to prevent misconfiguration from userspace.
The major change in this version is switching from per-socket to
per-netns keys. This is quite a large change and means that keys can
leak if not explicitly removed but the expected usecase is long-lived
routing daemon anyway. The fact that key management no longer needs
to be duplicate on listen sockets and active connection actually
simplifies them.
The TCP_AUTHOPT option still needs to be enabled for each individual
socket in order for AO keys to take effect.
Here are some known flaws and limitations:
* Crypto API is used with buffers on the stack and inside struct sock,
this might not work on all arches. I'm currently only testing x64 VMs
* Interaction with TCP-MD5 not tested in all corners.
* Interaction with FASTOPEN not tested and unlikely to work because
sequence number assumptions for syn/ack.
* No way to limit keys on a per-port basis (used to be implicit with
per-socket keys).
* Not clear if crypto_ahash_setkey might sleep. If some implementation
do that then maybe they could be excluded through alloc flags.
* Traffic key is not cached (reducing performance)
* No caching or hashing for key lookups so this will scale poorly with
many keys
There is relatively little code sharing with the TCP_MD5SIG feature and
earlier versions shared even less. Unlike MD5 the AO feature is kept
separate from the rest of the TCP code and reusing code would require
many unrelated cleanup changes.
I'm not convinced that "authopt" is particularly good naming convention,
this name is a personal invention that does not appear anywhere else.
The RFC calls this "tcp-ao". Perhaps TCP_AOSIG would be a better name
and it would also make the close connection to TCP_MD5SIG more visible?
Some testing support is included in nettest and fcnal-test.sh, similar
to the current level of tcp-md5 testing.
A more elaborate test suite using pytest and scapy is available out of
tree: https://github.com/cdleonard/tcp-authopt-test That test suite is
much larger that the kernel code and did not receive many comments in
previous ports so I will attempt to push it separately (if at all).
Changes for frr (old): https://github.com/FRRouting/frr/pull/9442
That PR was made early for ABI feedback, it has many issues.
Changes for yabgp (old): https://github.com/cdleonard/yabgp/commits/tcp_authopt
This can be used for easy interoperability testing with cisco/juniper/etc.
Would need updates for global keys to avoid leaks
Changes since PATCH v3:
* Made keys global (per-netns rather than per-sock).
* Add /proc/net/tcp_authopt with a table of keys (not sockets).
* Fix part of the shash/ahash conversion having slipped from patch 3 to patch 5
* Fix tcp_parse_sig_options assigning NULL incorrectly when both MD5 and AO
are disabled (kernel build robot)
* Fix sparse endianness warnings in prefix match (kernel build robot)
* Fix several incorrect RCU annotations reported by sparse (kernel build robot)
Link: https://lore.kernel.org/netdev/cover.1638962992.git.cdleonard@gmail.com/
Changes since PATCH v2:
* Protect tcp_authopt_alg_get/put_tfm with local_bh_disable instead of
preempt_disable. This caused signature corruption when send path executing
with BH enabled was interrupted by recv.
* Fix accepted keyids not configured locally as "unexpected". If any key
is configured that matches the peer then traffic MUST be signed.
* Fix issues related to sne rollover during handshake itself. (Francesco)
* Implement and test prefixlen (David)
* Replace shash with ahash and reuse some of the MD5 code (Dmitry)
* Parse md5+ao options only once in the same function (Dmitry)
* Pass tcp_authopt_info into inbound check path, this avoids second rcu
dereference for same packet.
* Pass tcp_request_socket into inbound check path instead of just listen
socket. This is required for SNE rollover during handshake and clearifies
ISN handling.
* Do not allow disabling via sysctl after enabling once, this is difficult
to support well (David)
* Verbose check for sysctl_tcp_authopt (Dmitry)
* Use netif_index_is_l3_master (David)
* Cleanup ipvx_addr_match (David)
* Add a #define tcp_authopt_needed to wrap static key usage because it looks
nicer.
* Replace rcu_read_lock with rcu_dereference_protected in SNE updates (Eric)
* Remove test suite
Link: https://lore.kernel.org/netdev/cover.1635784253.git.cdleonard@gmail.com/
Changes since PATCH v1:
* Implement Sequence Number Extension
* Implement l3index for vrf: TCP_AUTHOPT_KEY_IFINDEX as equivalent of
TCP_MD5SIG_FLAG_IFINDEX
* Expand TCP-AO tests in fcnal-test.sh to near-parity with md5.
* Show addr/port on failure similar to md5
* Remove tox dependency from test suite (create venv directly)
* Switch default pytest output format to TAP (kselftest standard)
* Fix _copy_from_sockptr_tolerant stack corruption on short sockopts.
This was covered in test but error was invisible without STACKPROTECTOR=y
* Fix sysctl_tcp_authopt check in tcp_get_authopt_val before memset. This
was harmless because error code is checked in getsockopt anyway.
* Fix dropping md5 packets on all sockets with AO enabled
* Fix checking (key->recv_id & TCP_AUTHOPT_KEY_ADDR_BIND) instead of
key->flags in tcp_authopt_key_match_exact
* Fix PATCH 1/19 not compiling due to missing "int err" declaration
* Add ratelimited message for AO and MD5 both present
* Export all symbols required by CONFIG_IPV6=m (again)
* Fix compilation with CONFIG_TCP_AUTHOPT=y CONFIG_TCP_MD5SIG=n
* Fix checkpatch issues
* Pass -rrequirements.txt to tox to avoid dependency variation.
Link: https://lore.kernel.org/netdev/cover.1632240523.git.cdleonard@gmail.com/
Changes since RFCv3:
* Implement TCP_AUTHOPT handling for timewait and reset replies. Write
tests to execute these paths by injecting packets with scapy
* Handle combining md5 and authopt: if both are configured use authopt.
* Fix locking issues around send_key, introduced in on of the later patches.
* Handle IPv4-mapped-IPv6 addresses: it used to be that an ipv4 SYN sent
to an ipv6 socket with TCP-AO triggered WARN
* Implement un-namespaced sysctl disabled this feature by default
* Allocate new key before removing any old one in setsockopt (Dmitry)
* Remove tcp_authopt_key_info.local_id because it's no longer used (Dmitry)
* Propagate errors from TCP_AUTHOPT getsockopt (Dmitry)
* Fix no-longer-correct TCP_AUTHOPT_KEY_DEL docs (Dmitry)
* Simplify crypto allocation (Eric)
* Use kzmalloc instead of __GFP_ZERO (Eric)
* Add static_key_false tcp_authopt_needed (Eric)
* Clear authopt_info copied from oldsk in __tcp_authopt_openreq (Eric)
* Replace memcmp in ipv4 and ipv6 addr comparisons (Eric)
* Export symbols for CONFIG_IPV6=m (kernel test robot)
* Mark more functions static (kernel test robot)
* Fix build with CONFIG_PROVE_RCU_LIST=y (kernel test robot)
Link: https://lore.kernel.org/netdev/cover.1629840814.git.cdleonard@gmail.com/
Changes since RFCv2:
* Removed local_id from ABI and match on send_id/recv_id/addr
* Add all relevant out-of-tree tests to tools/testing/selftests
* Return an error instead of ignoring unknown flags, hopefully this makes
it easier to extend.
* Check sk_family before __tcp_authopt_info_get_or_create in tcp_set_authopt_key
* Use sock_owned_by_me instead of WARN_ON(!lockdep_sock_is_held(sk))
* Fix some intermediate build failures reported by kbuild robot
* Improve documentation
Link: https://lore.kernel.org/netdev/cover.1628544649.git.cdleonard@gmail.com/
Changes since RFC:
* Split into per-topic commits for ease of review. The intermediate
commits compile with a few "unused function" warnings and don't do
anything useful by themselves.
* Add ABI documention including kernel-doc on uapi
* Fix lockdep warnings from crypto by creating pools with one shash for
each cpu
* Accept short options to setsockopt by padding with zeros; this
approach allows increasing the size of the structs in the future.
* Support for aes-128-cmac-96
* Support for binding addresses to keys in a way similar to old tcp_md5
* Add support for retrieving received keyid/rnextkeyid and controling
the keyid/rnextkeyid being sent.
Link: https://lore.kernel.org/netdev/01383a8751e97ef826ef2adf93bfde3a08195a43.162…
Leonard Crestez (19):
tcp: authopt: Initial support and key management
docs: Add user documentation for tcp_authopt
tcp: authopt: Add crypto initialization
tcp: md5: Refactor tcp_sig_hash_skb_data for AO
tcp: authopt: Compute packet signatures
tcp: authopt: Hook into tcp core
tcp: authopt: Disable via sysctl by default
tcp: authopt: Implement Sequence Number Extension
tcp: ipv6: Add AO signing for tcp_v6_send_response
tcp: authopt: Add support for signing skb-less replies
tcp: ipv4: Add AO signing for skb-less replies
tcp: authopt: Add key selection controls
tcp: authopt: Add initial l3index support
tcp: authopt: Add NOSEND/NORECV flags
tcp: authopt: Add prefixlen support
tcp: authopt: Add /proc/net/tcp_authopt listing all keys
selftests: nettest: Rename md5_prefix to key_addr_prefix
selftests: nettest: Initial tcp_authopt support
selftests: net/fcnal: Initial tcp_authopt support
Documentation/networking/index.rst | 1 +
Documentation/networking/ip-sysctl.rst | 6 +
Documentation/networking/tcp_authopt.rst | 88 +
include/linux/tcp.h | 9 +
include/net/net_namespace.h | 4 +
include/net/netns/tcp_authopt.h | 12 +
include/net/tcp.h | 27 +-
include/net/tcp_authopt.h | 323 ++++
include/uapi/linux/snmp.h | 1 +
include/uapi/linux/tcp.h | 137 ++
net/ipv4/Kconfig | 14 +
net/ipv4/Makefile | 1 +
net/ipv4/proc.c | 1 +
net/ipv4/sysctl_net_ipv4.c | 39 +
net/ipv4/tcp.c | 68 +-
net/ipv4/tcp_authopt.c | 1799 +++++++++++++++++++++
net/ipv4/tcp_input.c | 41 +-
net/ipv4/tcp_ipv4.c | 138 +-
net/ipv4/tcp_minisocks.c | 12 +
net/ipv4/tcp_output.c | 86 +-
net/ipv6/tcp_ipv6.c | 110 +-
tools/testing/selftests/net/fcnal-test.sh | 329 +++-
tools/testing/selftests/net/nettest.c | 204 ++-
23 files changed, 3364 insertions(+), 86 deletions(-)
create mode 100644 Documentation/networking/tcp_authopt.rst
create mode 100644 include/net/netns/tcp_authopt.h
create mode 100644 include/net/tcp_authopt.h
create mode 100644 net/ipv4/tcp_authopt.c
base-commit: f4f2970dfd87e5132c436e6125148914596a9863
--
2.25.1
Some distros are now storing the Kconfig in /lib/modules/`uname -r`/config.
Check there first before attempting to read it from /proc or extract it
from the kernel image.
Fix "ignored null byte in input" warning.
Mimi Zohar (2):
selftest/kexec: fix "ignored null byte in input" warning
selftests/kexec: update searching for the Kconfig
tools/testing/selftests/kexec/kexec_common_lib.sh | 13 +++++++++----
.../testing/selftests/kexec/test_kexec_file_load.sh | 5 +++--
2 files changed, 12 insertions(+), 6 deletions(-)
--
2.27.0