January 2025 - Linux-kselftest-mirror

[PATCH] selftests/net/forwarding: teamd command not found

by Alessandro Zanni

Running "make kselftest TARGETS=net/forwarding" results in several occurrences of the same error: ./lib.sh: line 787: teamd: command not found Since many tests depends on teamd, this fix stops the tests if the teamd command is not installed. Signed-off-by: Alessandro Zanni <alessandro.zanni87(a)gmail.com> --- tools/testing/selftests/net/forwarding/lib.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh index 7337f398f9cc..a6a74a4be4bf 100644 --- a/tools/testing/selftests/net/forwarding/lib.sh +++ b/tools/testing/selftests/net/forwarding/lib.sh @@ -784,6 +784,7 @@ team_destroy() { local if_name=$1; shift + require_command $TEAMD $TEAMD -t $if_name -k } -- 2.43.0

3 weeks, 2 days

4
5
0 0

[PATCH v2 0/3] selftests/mm: virtual_address_range: Reduce memory usage and avoid VVAR access

by Thomas Weißschuh

The selftest started failing since commit e93d2521b27f ("x86/vdso: Split virtual clock pages into dedicated mapping") was merged. While debugging I stumbled upon some memory usage optimizations. With these test now runs on a VM with only 60MiB of memory. Signed-off-by: Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> --- Changes in v2: - Drop /dev/null usage - Avoid overcommit restrictions by dropping PROT_WRITE - Avoid high memory usage due to PTEs - Link to v1: https://lore.kernel.org/r/20250107-virtual_address_range-tests-v1-0-3834a2f… --- Thomas Weißschuh (3): selftests/mm: virtual_address_range: mmap() without PROT_WRITE selftests/mm: virtual_address_range: Unmap chunks after validation selftests/mm: virtual_address_range: Avoid reading VVAR mappings tools/testing/selftests/mm/config | 1 + tools/testing/selftests/mm/virtual_address_range.c | 34 +++++++++++++++++++--- 2 files changed, 31 insertions(+), 4 deletions(-) --- base-commit: 32af4d2269d20fe2f8d32aaa456cad8e40abd365 change-id: 20250107-virtual_address_range-tests-95843766fa97 Best regards, -- Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>

3 weeks, 2 days

3
9
0 0

[PATCH] selftests/mm/cow: Modify the incorrect checking parameters

by Hao Ge

From: Hao Ge <gehao(a)kylinos.cn> In the run_with_memfd_hugetlb function, some error handle have passed incorrect parameters. It should be "smem", but it was mistakenly written as "mem". Let's fix it. Fixes: baa489fabd01 ("selftests/vm: rename selftests/vm to selftests/mm") Signed-off-by: Hao Ge <gehao(a)kylinos.cn> --- tools/testing/selftests/mm/cow.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/mm/cow.c b/tools/testing/selftests/mm/cow.c index 32c6ccc2a6be..7a89680d1566 100644 --- a/tools/testing/selftests/mm/cow.c +++ b/tools/testing/selftests/mm/cow.c @@ -1684,7 +1684,7 @@ static void run_with_memfd_hugetlb(non_anon_test_fn fn, const char *desc, goto close; } smem = mmap(NULL, hugetlbsize, PROT_READ, MAP_SHARED, fd, 0); - if (mem == MAP_FAILED) { + if (smem == MAP_FAILED) { ksft_test_result_fail("mmap() failed\n"); goto munmap; } @@ -1696,7 +1696,7 @@ static void run_with_memfd_hugetlb(non_anon_test_fn fn, const char *desc, fn(mem, smem, hugetlbsize); munmap: munmap(mem, hugetlbsize); - if (mem != MAP_FAILED) + if (smem != MAP_FAILED) munmap(smem, hugetlbsize); close: close(fd); -- 2.25.1

3 weeks, 2 days

3
5
0 0

[PATCH net-next v17 00/25] Introducing OpenVPN Data Channel Offload

by Antonio Quartulli

Notable changes since v16: * fixed usage of netdev tracker by removing dev_tracker member from ovpn_priv and adding it to ovpn_peer and ovpn_socket as those are the objects really holding a ref to the netdev * switched ovpn_get_dev_from_attrs() to GFP_ATOMIC to prevent sleep under rcu_read_lock * allocated netdevice_tracker in ovpn_nl_pre_doit() [stored in user_ptr[1]] to keep track of the netdev reference held during netlink handler calls * moved whole socket detaching routine to worker. This way the code is allowed to sleep and in turn it can be executed under lock_sock. This lock allows us to happily coordinate concurrent attach/detach calls. (note: lock is acquired everytime the refcnt for the socket is decremented, because this guarantees us that setting the refcnt to 0 and detaching the socket will happen atomically) * dropped kref_put_sock()/refcount handler as it's not required anymore, thanks to the point above * re-arranged ovpn_socket_new() in order to simplify error path by first allocating the new ovpn_sock and then attaching Please note that some patches were already reviewed/tested by a few people. iThese patches have retained the tags as they have hardly been touched. The latest code can also be found at: https://github.com/OpenVPN/linux-kernel-ovpn Thanks a lot! Best Regards, Antonio Quartulli OpenVPN Inc. --- Antonio Quartulli (25): net: introduce OpenVPN Data Channel Offload (ovpn) ovpn: add basic netlink support ovpn: add basic interface creation/destruction/management routines ovpn: keep carrier always on for MP interfaces ovpn: introduce the ovpn_peer object ovpn: introduce the ovpn_socket object ovpn: implement basic TX path (UDP) ovpn: implement basic RX path (UDP) ovpn: implement packet processing ovpn: store tunnel and transport statistics ipv6: export inet6_stream_ops via EXPORT_SYMBOL_GPL ovpn: implement TCP transport skb: implement skb_send_sock_locked_with_flags() ovpn: add support for MSG_NOSIGNAL in tcp_sendmsg ovpn: implement multi-peer support ovpn: implement peer lookup logic ovpn: implement keepalive mechanism ovpn: add support for updating local UDP endpoint ovpn: add support for peer floating ovpn: implement peer add/get/dump/delete via netlink ovpn: implement key add/get/del/swap via netlink ovpn: kill key and notify userspace in case of IV exhaustion ovpn: notify userspace when a peer is deleted ovpn: add basic ethtool support testing/selftests: add test tool and scripts for ovpn module Documentation/netlink/specs/ovpn.yaml | 372 +++ Documentation/netlink/specs/rt_link.yaml | 16 + MAINTAINERS | 11 + drivers/net/Kconfig | 15 + drivers/net/Makefile | 1 + drivers/net/ovpn/Makefile | 22 + drivers/net/ovpn/bind.c | 55 + drivers/net/ovpn/bind.h | 101 + drivers/net/ovpn/crypto.c | 211 ++ drivers/net/ovpn/crypto.h | 145 ++ drivers/net/ovpn/crypto_aead.c | 382 ++++ drivers/net/ovpn/crypto_aead.h | 33 + drivers/net/ovpn/io.c | 446 ++++ drivers/net/ovpn/io.h | 34 + drivers/net/ovpn/main.c | 350 +++ drivers/net/ovpn/main.h | 14 + drivers/net/ovpn/netlink-gen.c | 213 ++ drivers/net/ovpn/netlink-gen.h | 41 + drivers/net/ovpn/netlink.c | 1183 ++++++++++ drivers/net/ovpn/netlink.h | 18 + drivers/net/ovpn/ovpnstruct.h | 54 + drivers/net/ovpn/peer.c | 1269 +++++++++++ drivers/net/ovpn/peer.h | 164 ++ drivers/net/ovpn/pktid.c | 129 ++ drivers/net/ovpn/pktid.h | 87 + drivers/net/ovpn/proto.h | 118 + drivers/net/ovpn/skb.h | 60 + drivers/net/ovpn/socket.c | 204 ++ drivers/net/ovpn/socket.h | 49 + drivers/net/ovpn/stats.c | 21 + drivers/net/ovpn/stats.h | 47 + drivers/net/ovpn/tcp.c | 565 +++++ drivers/net/ovpn/tcp.h | 33 + drivers/net/ovpn/udp.c | 421 ++++ drivers/net/ovpn/udp.h | 22 + include/linux/skbuff.h | 2 + include/uapi/linux/if_link.h | 15 + include/uapi/linux/ovpn.h | 111 + include/uapi/linux/udp.h | 1 + net/core/skbuff.c | 18 +- net/ipv6/af_inet6.c | 1 + tools/testing/selftests/Makefile | 1 + tools/testing/selftests/net/ovpn/.gitignore | 2 + tools/testing/selftests/net/ovpn/Makefile | 17 + tools/testing/selftests/net/ovpn/config | 10 + tools/testing/selftests/net/ovpn/data64.key | 5 + tools/testing/selftests/net/ovpn/ovpn-cli.c | 2366 ++++++++++++++++++++ tools/testing/selftests/net/ovpn/tcp_peers.txt | 5 + .../testing/selftests/net/ovpn/test-chachapoly.sh | 9 + tools/testing/selftests/net/ovpn/test-float.sh | 9 + tools/testing/selftests/net/ovpn/test-tcp.sh | 9 + tools/testing/selftests/net/ovpn/test.sh | 185 ++ tools/testing/selftests/net/ovpn/udp_peers.txt | 5 + 53 files changed, 9672 insertions(+), 5 deletions(-) --- base-commit: 7b24f164cf005b9649138ef6de94aaac49c9f3d1 change-id: 20241002-b4-ovpn-eeee35c694a2 Best regards, -- Antonio Quartulli <antonio(a)openvpn.net>

3 weeks, 3 days

2
27
0 0

[PATCH] selftests: livepatch: test if ftrace can trace a livepatched function

by Filipe Xavier

This new test makes sure that ftrace can trace a function that was introduced by a livepatch. Signed-off-by: Filipe Xavier <felipeaggger(a)gmail.com> --- tools/testing/selftests/livepatch/test-ftrace.sh | 37 ++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/tools/testing/selftests/livepatch/test-ftrace.sh b/tools/testing/selftests/livepatch/test-ftrace.sh index fe14f248913acbec46fb6c0fec38a2fc84209d39..5f0d5308c88669e84210393ce7b8aa138b694ebd 100755 --- a/tools/testing/selftests/livepatch/test-ftrace.sh +++ b/tools/testing/selftests/livepatch/test-ftrace.sh @@ -61,4 +61,41 @@ livepatch: '$MOD_LIVEPATCH': unpatching complete % rmmod $MOD_LIVEPATCH" +# - verify livepatch can load +# - check traces if have a patched function +# - unload livepatch and reset trace + +start_test "livepatch trace patched function and check that the live patch remains in effect" + +TRACE_FILE="$SYSFS_DEBUG_DIR/tracing/trace" +FUNCTION_NAME="livepatch_cmdline_proc_show" + +load_lp $MOD_LIVEPATCH + +echo $FUNCTION_NAME > $SYSFS_DEBUG_DIR/tracing/set_ftrace_filter +echo "function" > $SYSFS_DEBUG_DIR/tracing/current_tracer +echo "" > $TRACE_FILE + +if [[ "$(cat /proc/cmdline)" != "$MOD_LIVEPATCH: this has been live patched" ]] ; then + echo -e "FAIL\n\n" + die "livepatch kselftest(s) failed" +fi + +grep -q $FUNCTION_NAME $TRACE_FILE +FOUND=$? + +disable_lp $MOD_LIVEPATCH +unload_lp $MOD_LIVEPATCH + +# Reset tracing +echo "nop" > $SYSFS_DEBUG_DIR/tracing/current_tracer +echo "" > $SYSFS_DEBUG_DIR/tracing/set_ftrace_filter +echo "" > $TRACE_FILE + +if [ "$FOUND" -eq 1 ]; then + echo -e "FAIL\n\n" + die "livepatch kselftest(s) failed" +fi + + exit 0 --- base-commit: fc033cf25e612e840e545f8d5ad2edd6ba613ed5 change-id: 20250101-ftrace-selftest-livepatch-161fb77dbed8 Best regards, -- Filipe Xavier <felipeaggger(a)gmail.com>

3 weeks, 3 days

2
3
0 0

selftests: core: unshare_test: WARNING: at mm/util.c:671 __kvmalloc_node_noprof

by Naresh Kamboju

The following kernel warning is noticed on all arch and all devices while running selftests: core: unshare_test on Linux next-20240823 and next-20240826. First seen on next-20240823. Good: next-20240822 BAD: next-20240823 and next-20240826 Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> Crash log: -------- # selftests: core: unshare_test <4>[ 61.084149] ------------[ cut here ]------------ <4>[ 61.085175] WARNING: CPU: 0 PID: 477 at mm/util.c:671 __kvmalloc_node_noprof (mm/util.c:671 (discriminator 1)) <4>[ 61.088958] Modules linked in: crct10dif_ce sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 drm fuse backlight dm_mod ip_tables x_tables <4>[ 61.093141] CPU: 0 UID: 0 PID: 477 Comm: unshare_test Not tainted 6.11.0-rc5-next-20240826 #1 <4>[ 61.094558] Hardware name: linux,dummy-virt (DT) <4>[ 61.096763] pstate: 23400009 (nzCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) <4>[ 61.097841] pc : __kvmalloc_node_noprof (mm/util.c:671 (discriminator 1)) <4>[ 61.099701] lr : __kvmalloc_node_noprof (mm/util.c:661) <4>[ 61.100448] sp : ffff800080abbce0 <4>[ 61.100819] x29: ffff800080abbcf0 x28: fff0000004549280 x27: 0000000000000000 <4>[ 61.101744] x26: 0000000000000000 x25: 0000000000000000 x24: fff0000003615e40 <4>[ 61.102512] x23: fff0000003615ec0 x22: bfafa45863b285c8 x21: 0000000200002000 <4>[ 61.103232] x20: 00000000ffffffff x19: 0000000000400cc0 x18: 0000000000000000 <4>[ 61.104053] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 <4>[ 61.104927] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 <4>[ 61.105752] x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 <4>[ 61.106606] x8 : 0000000000000001 x7 : 0000000000000001 x6 : 0000000000000005 <4>[ 61.107377] x5 : 0000000000000000 x4 : fff0000004549280 x3 : 0000000000000000 <4>[ 61.108207] x2 : 0000000000000000 x1 : 000000007fffffff x0 : 0000000000000000 <4>[ 61.109262] Call trace: <4>[ 61.109619] __kvmalloc_node_noprof (mm/util.c:671 (discriminator 1)) <4>[ 61.110248] alloc_fdtable (fs/file.c:133) <4>[ 61.110751] expand_files (include/linux/atomic/atomic-arch-fallback.h:457 include/linux/atomic/atomic-instrumented.h:33 fs/file.c:177 fs/file.c:238) <4>[ 61.111171] ksys_dup3 (fs/file.c:1337) <4>[ 61.111596] __arm64_sys_dup3 (fs/file.c:1355) <4>[ 61.112006] invoke_syscall (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/syscall.c:54) <4>[ 61.112480] el0_svc_common.constprop.0 (include/linux/thread_info.h:127 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2)) <4>[ 61.112955] do_el0_svc (arch/arm64/kernel/syscall.c:152) <4>[ 61.113384] el0_svc (arch/arm64/include/asm/irqflags.h:55 arch/arm64/include/asm/irqflags.h:76 arch/arm64/kernel/entry-common.c:165 arch/arm64/kernel/entry-common.c:178 arch/arm64/kernel/entry-common.c:713) <4>[ 61.113742] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:731) <4>[ 61.115181] el0t_64_sync (arch/arm64/kernel/entry.S:598) <4>[ 61.115709] ---[ end trace 0000000000000000 ]--- Crash Log links, -------- - https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20240826/te… Crash failed comparison: ---------- - https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20240826/te… metadata: ---- git describe: next-20240823 and next-20240826 git repo: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next git sha: c79c85875f1af04040fe4492ed94ce37ad729c4d kernel config: https://storage.tuxsuite.com/public/linaro/lkft/builds/2l2pZRzhgRkPgXIKLJCI… artifact location: https://storage.tuxsuite.com/public/linaro/lkft/builds/2l2pZRzhgRkPgXIKLJCI… build url: https://storage.tuxsuite.com/public/linaro/lkft/builds/2l2pZRzhgRkPgXIKLJCI… toolchain: clang-18 and gcc-13 Steps to reproduce: --------- - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2l2paZVYTl… - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2l2paZVYTl… Please let me know if you need more information. -- Linaro LKFT https://lkft.linaro.org

3 weeks, 3 days

2
2
0 0

[PATCH net-next v2 0/2] ipvlan: Support bonding events

by Etienne Champetier

No changes for first commit. Second commit rework bond_macvlan.sh test to add minimal ipvlan over bond testing (asked by Jakub during v1 review). Etienne Champetier (2): ipvlan: Support bonding events selftests: bonding: add ipvlan over bond testing drivers/net/ipvlan/ipvlan_main.c | 6 ++ .../selftests/drivers/net/bonding/Makefile | 2 +- .../drivers/net/bonding/bond_macvlan.sh | 99 ------------------- .../net/bonding/bond_macvlan_ipvlan.sh | 96 ++++++++++++++++++ .../selftests/drivers/net/bonding/config | 1 + 5 files changed, 104 insertions(+), 100 deletions(-) delete mode 100755 tools/testing/selftests/drivers/net/bonding/bond_macvlan.sh create mode 100755 tools/testing/selftests/drivers/net/bonding/bond_macvlan_ipvlan.sh -- 2.47.1

3 weeks, 4 days

2
3
0 0

[PATCH bpf-next v2 0/3] selftests: bpf: Migrate test_xdp_redirect.sh to test_progs

by Bastien Curutchet (eBPF Foundation)

Hi all, This patch series continues the work to migrate the *.sh tests into prog_tests. test_xdp_redirect.sh tests the XDP redirections done through bpf_redirect(). These XDP redirections are already tested by prog_tests/xdp_do_redirect.c but IMO it doesn't cover the exact same code path because xdp_do_redirect.c uses bpf_prog_test_run_opts() to trigger redirections of 'fake packets' while test_xdp_redirect.sh redirects packets coming from the network. Also, the test_xdp_redirect.sh script tests the redirections with both SKB and DRV modes while xdp_do_redirect.c only tests the DRV mode. The patch series adds two new test cases in prog_tests/xdp_do_redirect.c to replace the test_xdp_redirect.sh script. Signed-off-by: Bastien Curutchet (eBPF Foundation) <bastien.curutchet(a)bootlin.com> --- Changes in v2: - Use directly skel->progs instead of 'bpf_object__find_program_by_name()' - Use 'ip -n NSX' in SYS calls instead of opening NSX with open_netns() - Use #define for static indexes of veth1 and veth2 - Delete the useless second ping - Set nstoken to NULL after close_netns() - Merge the two added tests into one with 3 subtests (one for each flag: 0, DRV, SKB) - Link to v1: https://lore.kernel.org/r/20250103-xdp_redirect-v1-0-e93099f59069@bootlin.c… --- Bastien Curutchet (eBPF Foundation) (3): selftests/bpf: test_xdp_redirect: Rename BPF sections selftests/bpf: Migrate test_xdp_redirect.sh to xdp_do_redirect.c selftests/bpf: Migrate test_xdp_redirect.c to test_xdp_do_redirect.c tools/testing/selftests/bpf/Makefile | 1 - .../selftests/bpf/prog_tests/xdp_do_redirect.c | 164 +++++++++++++++++++++ .../selftests/bpf/progs/test_xdp_do_redirect.c | 12 ++ .../selftests/bpf/progs/test_xdp_redirect.c | 26 ---- tools/testing/selftests/bpf/test_xdp_redirect.sh | 79 ---------- 5 files changed, 176 insertions(+), 106 deletions(-) --- base-commit: b27feb5365c6a1bf7e71ba5c795717ee0eec298d change-id: 20241219-xdp_redirect-2b8ec79dc24e Best regards, -- Bastien Curutchet (eBPF Foundation) <bastien.curutchet(a)bootlin.com>

3 weeks, 4 days

3
5
0 0

[PATCH bpf-next] bpf: veristat: Document verifier log dumping capability

by Daniel Xu

`-l2 -v` is a useful combination of flags to dump the entire verification log. This is helpful when making changes to the verifier, as you can see what it thinks program one instruction at a time. This was more or less a hidden feature before. Document it so others can discover it. Signed-off-by: Daniel Xu <dxu(a)dxuuu.xyz> --- tools/testing/selftests/bpf/veristat.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/veristat.c b/tools/testing/selftests/bpf/veristat.c index 974c808f9321..7d0a9cb753e3 100644 --- a/tools/testing/selftests/bpf/veristat.c +++ b/tools/testing/selftests/bpf/veristat.c @@ -216,7 +216,8 @@ const char argp_program_doc[] = "\n" "USAGE: veristat <obj-file> [<obj-file>...]\n" " OR: veristat -C <baseline.csv> <comparison.csv>\n" -" OR: veristat -R <results.csv>\n"; +" OR: veristat -R <results.csv>\n" +" OR: veristat -v -l2 <to_analyze.bpf.o>\n"; enum { OPT_LOG_FIXED = 1000, @@ -228,7 +229,7 @@ static const struct argp_option opts[] = { { "version", 'V', NULL, 0, "Print version" }, { "verbose", 'v', NULL, 0, "Verbose mode" }, { "debug", 'd', NULL, 0, "Debug mode (turns on libbpf debug logging)" }, - { "log-level", 'l', "LEVEL", 0, "Verifier log level (default 0 for normal mode, 1 for verbose mode)" }, + { "log-level", 'l', "LEVEL", 0, "Verifier log level (default 0 for normal mode, 1 for verbose mode, 2 for full verification log)" }, { "log-fixed", OPT_LOG_FIXED, NULL, 0, "Disable verifier log rotation" }, { "log-size", OPT_LOG_SIZE, "BYTES", 0, "Customize verifier log size (default to 16MB)" }, { "top-n", 'n', "N", 0, "Emit only up to first N results." }, -- 2.47.1

3 weeks, 4 days

3
2
0 0

[RFC PATCH v2 0/2] Add file seal to prevent future exec mappings

by Isaac J. Manjarres

Android uses the ashmem driver [1] for creating shared memory regions between processes. The ashmem driver exposes an ioctl command for processes to restrict the permissions an ashmem buffer can be mapped with. Buffers are created with the ability to be mapped as readable, writable, and executable. Processes remove the ability to map some ashmem buffers as executable to ensure that those buffers cannot be used to inject malicious code for another process to run. Other buffers retain their ability to be mapped as executable, as these buffers can be used for just-in-time (JIT) compilation. So there is a need to be able to remove the ability to map a buffer as executable on a per-buffer basis. Android is currently trying to migrate towards replacing its ashmem driver usage with memfd. Part of the transition involved introducing a library that serves to abstract away how shared memory regions are allocated (i.e. ashmem vs memfd). This allows clients to use a single interface for restricting how a buffer can be mapped without having to worry about how it is handled for ashmem (through the ioctl command mentioned earlier) or memfd (through file seals). While memfd has support for preventing buffers from being mapped as writable beyond a certain point in time (thanks to F_SEAL_FUTURE_WRITE), it does not have a similar interface to prevent buffers from being mapped as executable beyond a certain point. However, that could be implemented as a file seal (F_SEAL_FUTURE_EXEC) which works similarly to F_SEAL_FUTURE_WRITE. F_SEAL_FUTURE_WRITE was chosen as a template for how this new seal should behave, instead of F_SEAL_WRITE, for the following reasons: 1. Having the new seal behave like F_SEAL_FUTURE_WRITE matches the behavior that was present with ashmem. This aids in seamlessly transitioning clients away from ashmem to memfd. 2. Making the new seal behave like F_SEAL_WRITE would mean that no mappings that could become executable in the future (i.e. via mprotect()) can exist when the seal is applied. However, there are known cases (e.g. CursorWindow [2]) where restrictions are applied on how a buffer can be mapped after a mapping has already been made. That mapping may have VM_MAYEXEC set, which would not allow the seal to be applied successfully. Therefore, the F_SEAL_FUTURE_EXEC seal was designed to have the same semantics as F_SEAL_FUTURE_WRITE. Note: this series depends on Lorenzo's work [3], [4], [5] from Andrew Morton's mm-unstable branch [6], which reworks memfd's file seal checks, allowing for newer file seals to be implemented in a cleaner fashion. Changes from v1 ==> v2: - Changed the return code to be -EPERM instead of -EACCES when attempting to map an exec sealed file with PROT_EXEC to align to mmap()'s man page. Thank you Kalesh Singh for spotting this! - Rebased on top of Lorenzo's work to cleanup memfd file seal checks in mmap() ([3], [4], and [5]). Thank you for this Lorenzo! - Changed to deny PROT_EXEC mappings only if the mapping is shared, instead of for both shared and private mappings, after discussing this with Lorenzo. Opens: - Lorenzo brought up that this patch may negatively impact the usage of MFD_NOEXEC_SCOPE_NOEXEC_ENFORCED [7]. However, it is not clear to me why that is the case. At the moment, my intent is for the executable permissions of the file to be disjoint from the ability to create executable mappings. Links: [1] https://cs.android.com/android/kernel/superproject/+/common-android-mainlin… [2] https://developer.android.com/reference/android/database/CursorWindow [3] https://lore.kernel.org/all/cover.1732804776.git.lorenzo.stoakes@oracle.com/ [4] https://lkml.kernel.org/r/20241206212846.210835-1-lorenzo.stoakes@oracle.com [5] https://lkml.kernel.org/r/7dee6c5d-480b-4c24-b98e-6fa47dbd8a23@lucifer.local [6] https://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git/tree/?h=mm-unst… [7] https://lore.kernel.org/all/3a53b154-1e46-45fb-a559-65afa7a8a788@lucifer.lo… Links to previous versions: v1: https://lore.kernel.org/all/20241206010930.3871336-1-isaacmanjarres@google.… Isaac J. Manjarres (2): mm/memfd: Add support for F_SEAL_FUTURE_EXEC to memfd selftests/memfd: Add tests for F_SEAL_FUTURE_EXEC include/uapi/linux/fcntl.h | 1 + mm/memfd.c | 39 ++++++++++- tools/testing/selftests/memfd/memfd_test.c | 79 ++++++++++++++++++++++ 3 files changed, 118 insertions(+), 1 deletion(-) -- 2.47.1.613.gc27f4b7a9f-goog

3 weeks, 5 days

2
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror January 2025