September 2025 - Linux-kselftest-mirror

[PATCH v5 00/15] Consolidate iommu page table implementations (AMD)

by Jason Gunthorpe

[Lots of changes in comments thanks to Randy] Currently each of the iommu page table formats duplicates all of the logic to maintain the page table and perform map/unmap/etc operations. There are several different versions of the algorithms between all the different formats. The io-pgtable system provides an interface to help isolate the page table code from the iommu driver, but doesn't provide tools to implement the common algorithms. This makes it very hard to improve the state of the pagetable code under the iommu domains as any proposed improvement needs to alter a large number of different driver code paths. Combined with a lack of software based testing this makes improvement in this area very hard. iommufd wants several new page table operations: - More efficient map/unmap operations, using iommufd's batching logic - unmap that returns the physical addresses into a batch as it progresses - cut that allows splitting areas so large pages can have holes poked in them dynamically (ie guestmemfd hitless shared/private transitions) - More agressive freeing of table memory to avoid waste - Fragmenting large pages so that dirty tracking can be more granular - Reassembling large pages so that VMs can run at full IO performance in migration/dirty tracking error flows - KHO integration for kernel live upgrade Together these are algorithmically complex enough to be a very significant task to go and implement in all the page table formats we support. Just the "server" focused drivers use almost all the formats (ARMv8 S1&S2 / x86 PAE / AMDv1 / VT-D SS / RISCV) Instead of doing the duplicated work, this series takes the first step to consolidate the algorithms into one places. In spirit it is similar to the work Christoph did a few years back to pull the redundant get_user_pages() implementations out of the arch code into core MM. This unlocked a great deal of improvement in that space in the following years. I would like to see the same benefit in iommu as well. My first RFC showed a bigger picture with all most all formats and more algorithms. This series reorganizes that to be narrowly focused on just enough to convert the AMD driver to use the new mechanism. kunit tests are provided that allow good testing of the algorithms and all formats on x86, nothing is arch specific. AMD is one of the simpler options as the HW is quite uniform with few different options/bugs while still requiring the complicated contiguous pages support. The HW also has a very simple range based invalidation approach that is easy to implement. The AMD v1 and AMD v2 page table formats are implemented bit for bit identical to the current code, tested using a compare kunit test that checks against the io-pgtable version (on github, see below). Updating the AMD driver to replace the io-pgtable layer with the new stuff is fairly straightforward now. The layering is fixed up in the new version so that all the invalidation goes through function pointers. Several small fixing patches have come out of this as I've been fixing the problems that the test suite uncovers in the current code, and implementing the fixed version in iommupt. On performance, there is a quite wide variety of implementation designs across all the drivers. Looking at some key performance across the main formats: iommu_map(): pgsz ,avg new,old ns, min new,old ns , min % (+ve is better) 2^12, 53,66 , 51,63 , 19.19 (AMDV1) 256*2^12, 386,1909 , 367,1795 , 79.79 256*2^21, 362,1633 , 355,1556 , 77.77 2^12, 56,62 , 52,59 , 11.11 (AMDv2) 256*2^12, 405,1355 , 357,1292 , 72.72 256*2^21, 393,1160 , 358,1114 , 67.67 2^12, 55,65 , 53,62 , 14.14 (VTD second stage) 256*2^12, 391,518 , 332,512 , 35.35 256*2^21, 383,635 , 336,624 , 46.46 2^12, 57,65 , 55,63 , 12.12 (ARM 64 bit) 256*2^12, 380,389 , 361,369 , 2.02 256*2^21, 358,419 , 345,400 , 13.13 iommu_unmap(): pgsz ,avg new,old ns, min new,old ns , min % (+ve is better) 2^12, 69,88 , 65,85 , 23.23 (AMDv1) 256*2^12, 353,6498 , 331,6029 , 94.94 256*2^21, 373,6014 , 360,5706 , 93.93 2^12, 71,72 , 66,69 , 4.04 (AMDv2) 256*2^12, 228,891 , 206,871 , 76.76 256*2^21, 254,721 , 245,711 , 65.65 2^12, 69,87 , 65,82 , 20.20 (VTD second stage) 256*2^12, 210,321 , 200,315 , 36.36 256*2^21, 255,349 , 238,342 , 30.30 2^12, 72,77 , 68,74 , 8.08 (ARM 64 bit) 256*2^12, 521,357 , 447,346 , -29.29 256*2^21, 489,358 , 433,345 , -25.25 * Above numbers include additional patches to remove the iommu_pgsize() overheads. gcc 13.3.0, i7-12700 This version provides fairly consistent performance across formats. ARM unmap performance is quite different because this version supports contiguous pages and uses a very different algorithm for unmapping. Though why it is so worse compared to AMDv1 I haven't figured out yet. The per-format commits include a more detailed chart. There is a second branch: https://github.com/jgunthorpe/linux/commits/iommu_pt_all Containing supporting work and future steps: - ARM short descriptor (32 bit), ARM long descriptor (64 bit) formats - RISCV format and RISCV conversion https://github.com/jgunthorpe/linux/commits/iommu_pt_riscv - Support for a DMA incoherent HW page table walker - VT-D second stage format and VT-D conversion https://github.com/jgunthorpe/linux/commits/iommu_pt_vtd - DART v1 & v2 format - Draft of a iommufd 'cut' operation to break down huge pages - A compare test that checks the iommupt formats against the iopgtable interface, including updating AMD to have a working iopgtable and patches to make VT-D have an iopgtable for testing. - A performance test to micro-benchmark map and unmap against iogptable My strategy is to go one by one for the drivers: - AMD driver conversion - RISCV page table and driver - Intel VT-D driver and VTDSS page table - Flushing improvements for RISCV - ARM SMMUv3 And concurrently work on the algorithm side: - debugfs content dump, like VT-D has - Cut support - Increase/Decrease page size support - map/unmap batching - KHO As we make more algorithm improvements the value to convert the drivers increases. This is on github: https://github.com/jgunthorpe/linux/commits/iommu_pt v4: - Text grammar updates and kdoc fixes v3: https://patch.msgid.link/r/0-v4-0d6a6726a372+18959-iommu_pt_jgg@nvidia.com - Rebase on v6.16-rc3 - Integrate the HATS/HATDis changes - Remove 'default n' from kconfig - Remove unused 'PT_FIXED_TOP_LEVEL' - Improve comments and coumentation - Fix some compile warnings from kbuild robots v2: https://patch.msgid.link/r/0-v3-a93aab628dbc+521-iommu_pt_jgg@nvidia.com - Rebase on v6.16-rc2 - s/PT_ENTRY_WORD_SIZE/PT_ITEM_WORD_SIZE/s to follow the language better - Comment and documentation updates - Add PT_TOP_PHYS_MASK to help manage alignment restrictions on the top pointer - Add missed force_aperture = true - Make pt_iommu_deinit() take care of the not-yet-inited error case internally as AMD/RISCV/VTD all shared this logic - Change gather_range() into gather_range_pages() so it also deals with the page list. This makes the following cache flushing series simpler - Fix missed update of unmap->unmapped in some error cases - Change clear_contig() to order the gather more logically - Remove goto from the error handling in __map_range_leaf() - s/log2_/oalog2_/ in places where the argument is an oaddr_t - Pass the pts to pt_table_install64/32() - Do not use SIGN_EXTEND for the AMDv2 page table because of Vasant's information on how PASID 0 works. v1: https://patch.msgid.link/r/0-v2-5c26bde5c22d+58b-iommu_pt_jgg@nvidia.com - AMD driver only, many code changes RFC: https://lore.kernel.org/all/0-v1-01fa10580981+1d-iommu_pt_jgg@nvidia.com/ Alejandro Jimenez (1): iommu/amd: Use the generic iommu page table Jason Gunthorpe (14): genpt: Generic Page Table base API genpt: Add Documentation/ files iommupt: Add the basic structure of the iommu implementation iommupt: Add the AMD IOMMU v1 page table format iommupt: Add iova_to_phys op iommupt: Add unmap_pages op iommupt: Add map_pages op iommupt: Add read_and_clear_dirty op iommupt: Add a kunit test for Generic Page Table iommupt: Add a mock pagetable format for iommufd selftest to use iommufd: Change the selftest to use iommupt instead of xarray iommupt: Add the x86 64 bit page table format iommu/amd: Remove AMD io_pgtable support iommupt: Add a kunit test for the IOMMU implementation .clang-format | 1 + Documentation/driver-api/generic_pt.rst | 140 ++ Documentation/driver-api/index.rst | 1 + drivers/iommu/Kconfig | 2 + drivers/iommu/Makefile | 1 + drivers/iommu/amd/Kconfig | 5 +- drivers/iommu/amd/Makefile | 2 +- drivers/iommu/amd/amd_iommu.h | 1 - drivers/iommu/amd/amd_iommu_types.h | 109 +- drivers/iommu/amd/io_pgtable.c | 560 -------- drivers/iommu/amd/io_pgtable_v2.c | 370 ------ drivers/iommu/amd/iommu.c | 538 ++++---- drivers/iommu/generic_pt/.kunitconfig | 13 + drivers/iommu/generic_pt/Kconfig | 67 + drivers/iommu/generic_pt/fmt/Makefile | 26 + drivers/iommu/generic_pt/fmt/amdv1.h | 409 ++++++ drivers/iommu/generic_pt/fmt/defs_amdv1.h | 21 + drivers/iommu/generic_pt/fmt/defs_x86_64.h | 21 + drivers/iommu/generic_pt/fmt/iommu_amdv1.c | 15 + drivers/iommu/generic_pt/fmt/iommu_mock.c | 10 + drivers/iommu/generic_pt/fmt/iommu_template.h | 48 + drivers/iommu/generic_pt/fmt/iommu_x86_64.c | 11 + drivers/iommu/generic_pt/fmt/x86_64.h | 248 ++++ drivers/iommu/generic_pt/iommu_pt.h | 1149 +++++++++++++++++ drivers/iommu/generic_pt/kunit_generic_pt.h | 717 ++++++++++ drivers/iommu/generic_pt/kunit_iommu.h | 183 +++ drivers/iommu/generic_pt/kunit_iommu_pt.h | 451 +++++++ drivers/iommu/generic_pt/pt_common.h | 355 +++++ drivers/iommu/generic_pt/pt_defs.h | 323 +++++ drivers/iommu/generic_pt/pt_fmt_defaults.h | 193 +++ drivers/iommu/generic_pt/pt_iter.h | 636 +++++++++ drivers/iommu/generic_pt/pt_log2.h | 130 ++ drivers/iommu/io-pgtable.c | 4 - drivers/iommu/iommufd/Kconfig | 1 + drivers/iommu/iommufd/iommufd_test.h | 11 +- drivers/iommu/iommufd/selftest.c | 438 +++---- include/linux/generic_pt/common.h | 166 +++ include/linux/generic_pt/iommu.h | 270 ++++ include/linux/io-pgtable.h | 2 - tools/testing/selftests/iommu/iommufd.c | 60 +- tools/testing/selftests/iommu/iommufd_utils.h | 12 + 41 files changed, 6128 insertions(+), 1592 deletions(-) create mode 100644 Documentation/driver-api/generic_pt.rst delete mode 100644 drivers/iommu/amd/io_pgtable.c delete mode 100644 drivers/iommu/amd/io_pgtable_v2.c create mode 100644 drivers/iommu/generic_pt/.kunitconfig create mode 100644 drivers/iommu/generic_pt/Kconfig create mode 100644 drivers/iommu/generic_pt/fmt/Makefile create mode 100644 drivers/iommu/generic_pt/fmt/amdv1.h create mode 100644 drivers/iommu/generic_pt/fmt/defs_amdv1.h create mode 100644 drivers/iommu/generic_pt/fmt/defs_x86_64.h create mode 100644 drivers/iommu/generic_pt/fmt/iommu_amdv1.c create mode 100644 drivers/iommu/generic_pt/fmt/iommu_mock.c create mode 100644 drivers/iommu/generic_pt/fmt/iommu_template.h create mode 100644 drivers/iommu/generic_pt/fmt/iommu_x86_64.c create mode 100644 drivers/iommu/generic_pt/fmt/x86_64.h create mode 100644 drivers/iommu/generic_pt/iommu_pt.h create mode 100644 drivers/iommu/generic_pt/kunit_generic_pt.h create mode 100644 drivers/iommu/generic_pt/kunit_iommu.h create mode 100644 drivers/iommu/generic_pt/kunit_iommu_pt.h create mode 100644 drivers/iommu/generic_pt/pt_common.h create mode 100644 drivers/iommu/generic_pt/pt_defs.h create mode 100644 drivers/iommu/generic_pt/pt_fmt_defaults.h create mode 100644 drivers/iommu/generic_pt/pt_iter.h create mode 100644 drivers/iommu/generic_pt/pt_log2.h create mode 100644 include/linux/generic_pt/common.h create mode 100644 include/linux/generic_pt/iommu.h base-commit: 8da0d63bd5726ff656bfa1eacb45d6f5cce65616 -- 2.43.0

2 months

6
65
0 0

[PATCH RFC 00/35] mm: remove nth_page()

by David Hildenbrand

This is based on mm-unstable and was cross-compiled heavily. I should probably have already dropped the RFC label but I want to hear first if I ignored some corner case (SG entries?) and I need to do at least a bit more testing. I will only CC non-MM folks on the cover letter and the respective patch to not flood too many inboxes (the lists receive all patches). --- As discussed recently with Linus, nth_page() is just nasty and we would like to remove it. To recap, the reason we currently need nth_page() within a folio is because on some kernel configs (SPARSEMEM without SPARSEMEM_VMEMMAP), the memmap is allocated per memory section. While buddy allocations cannot cross memory section boundaries, hugetlb and dax folios can. So crossing a memory section means that "page++" could do the wrong thing. Instead, nth_page() on these problematic configs always goes from page->pfn, to the go from (++pfn)->page, which is rather nasty. Likely, many people have no idea when nth_page() is required and when it might be dropped. We refer to such problematic PFN ranges and "non-contiguous pages". If we only deal with "contiguous pages", there is not need for nth_page(). Besides that "obvious" folio case, we might end up using nth_page() within CMA allocations (again, could span memory sections), and in one corner case (kfence) when processing memblock allocations (again, could span memory sections). So let's handle all that, add sanity checks, and remove nth_page(). Patch #1 -> #5 : stop making SPARSEMEM_VMEMMAP user-selectable + cleanups Patch #6 -> #12 : disallow folios to have non-contiguous pages Patch #13 -> #20 : remove nth_page() usage within folios Patch #21 : disallow CMA allocations of non-contiguous pages Patch #22 -> #31 : sanity+check + remove nth_page() usage within SG entry Patch #32 : sanity-check + remove nth_page() usage in unpin_user_page_range_dirty_lock() Patch #33 : remove nth_page() in kfence Patch #34 : adjust stale comment regarding nth_page Patch #35 : mm: remove nth_page() A lot of this is inspired from the discussion at [1] between Linus, Jason and me, so cudos to them. [1] https://lore.kernel.org/all/CAHk-=wiCYfNp4AJLBORU-c7ZyRBUp66W2-Et6cdQ4REx-G… Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Jason Gunthorpe <jgg(a)nvidia.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Mike Rapoport <rppt(a)kernel.org> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Marek Szyprowski <m.szyprowski(a)samsung.com> Cc: Robin Murphy <robin.murphy(a)arm.com> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Marco Elver <elver(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Brendan Jackman <jackmanb(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Zi Yan <ziy(a)nvidia.com> Cc: Dennis Zhou <dennis(a)kernel.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: Christoph Lameter <cl(a)gentwo.org> Cc: Muchun Song <muchun.song(a)linux.dev> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: x86(a)kernel.org Cc: linux-arm-kernel(a)lists.infradead.org Cc: linux-mips(a)vger.kernel.org Cc: linux-s390(a)vger.kernel.org Cc: linux-crypto(a)vger.kernel.org Cc: linux-ide(a)vger.kernel.org Cc: intel-gfx(a)lists.freedesktop.org Cc: dri-devel(a)lists.freedesktop.org Cc: linux-mmc(a)vger.kernel.org Cc: linux-arm-kernel(a)axis.com Cc: linux-scsi(a)vger.kernel.org Cc: kvm(a)vger.kernel.org Cc: virtualization(a)lists.linux.dev Cc: linux-mm(a)kvack.org Cc: io-uring(a)vger.kernel.org Cc: iommu(a)lists.linux.dev Cc: kasan-dev(a)googlegroups.com Cc: wireguard(a)lists.zx2c4.com Cc: netdev(a)vger.kernel.org Cc: linux-kselftest(a)vger.kernel.org Cc: linux-riscv(a)lists.infradead.org David Hildenbrand (35): mm: stop making SPARSEMEM_VMEMMAP user-selectable arm64: Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" s390/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" x86/Kconfig: drop superfluous "select SPARSEMEM_VMEMMAP" wireguard: selftests: remove CONFIG_SPARSEMEM_VMEMMAP=y from qemu kernel config mm/page_alloc: reject unreasonable folio/compound page sizes in alloc_contig_range_noprof() mm/memremap: reject unreasonable folio/compound page sizes in memremap_pages() mm/hugetlb: check for unreasonable folio sizes when registering hstate mm/mm_init: make memmap_init_compound() look more like prep_compound_page() mm/hugetlb: cleanup hugetlb_folio_init_tail_vmemmap() mm: sanity-check maximum folio size in folio_set_order() mm: limit folio/compound page sizes in problematic kernel configs mm: simplify folio_page() and folio_page_idx() mm/mm/percpu-km: drop nth_page() usage within single allocation fs: hugetlbfs: remove nth_page() usage within folio in adjust_range_hwpoison() mm/pagewalk: drop nth_page() usage within folio in folio_walk_start() mm/gup: drop nth_page() usage within folio when recording subpages io_uring/zcrx: remove "struct io_copy_cache" and one nth_page() usage io_uring/zcrx: remove nth_page() usage within folio mips: mm: convert __flush_dcache_pages() to __flush_dcache_folio_pages() mm/cma: refuse handing out non-contiguous page ranges dma-remap: drop nth_page() in dma_common_contiguous_remap() scatterlist: disallow non-contigous page ranges in a single SG entry ata: libata-eh: drop nth_page() usage within SG entry drm/i915/gem: drop nth_page() usage within SG entry mspro_block: drop nth_page() usage within SG entry memstick: drop nth_page() usage within SG entry mmc: drop nth_page() usage within SG entry scsi: core: drop nth_page() usage within SG entry vfio/pci: drop nth_page() usage within SG entry crypto: remove nth_page() usage within SG entry mm/gup: drop nth_page() usage in unpin_user_page_range_dirty_lock() kfence: drop nth_page() usage block: update comment of "struct bio_vec" regarding nth_page() mm: remove nth_page() arch/arm64/Kconfig | 1 - arch/mips/include/asm/cacheflush.h | 11 +++-- arch/mips/mm/cache.c | 8 ++-- arch/s390/Kconfig | 1 - arch/x86/Kconfig | 1 - crypto/ahash.c | 4 +- crypto/scompress.c | 8 ++-- drivers/ata/libata-sff.c | 6 +-- drivers/gpu/drm/i915/gem/i915_gem_pages.c | 2 +- drivers/memstick/core/mspro_block.c | 3 +- drivers/memstick/host/jmb38x_ms.c | 3 +- drivers/memstick/host/tifm_ms.c | 3 +- drivers/mmc/host/tifm_sd.c | 4 +- drivers/mmc/host/usdhi6rol0.c | 4 +- drivers/scsi/scsi_lib.c | 3 +- drivers/scsi/sg.c | 3 +- drivers/vfio/pci/pds/lm.c | 3 +- drivers/vfio/pci/virtio/migrate.c | 3 +- fs/hugetlbfs/inode.c | 25 ++++------ include/crypto/scatterwalk.h | 4 +- include/linux/bvec.h | 7 +-- include/linux/mm.h | 48 +++++++++++++++---- include/linux/page-flags.h | 5 +- include/linux/scatterlist.h | 4 +- io_uring/zcrx.c | 34 ++++--------- kernel/dma/remap.c | 2 +- mm/Kconfig | 3 +- mm/cma.c | 36 +++++++++----- mm/gup.c | 13 +++-- mm/hugetlb.c | 23 ++++----- mm/internal.h | 1 + mm/kfence/core.c | 17 ++++--- mm/memremap.c | 3 ++ mm/mm_init.c | 13 ++--- mm/page_alloc.c | 5 +- mm/pagewalk.c | 2 +- mm/percpu-km.c | 2 +- mm/util.c | 33 +++++++++++++ tools/testing/scatterlist/linux/mm.h | 1 - .../selftests/wireguard/qemu/kernel.config | 1 - 40 files changed, 203 insertions(+), 150 deletions(-) base-commit: c0e3b3f33ba7b767368de4afabaf7c1ddfdc3872 -- 2.50.1

2 months

16
95
0 0

[PATCH 00/11] vdso: Various cleanups

by Thomas Weißschuh

Various cleanups to the generic vDSO infrastructure and a patch for ARM which was never applied. This series has one trivial syntactic conflict with "dso/datastore: Allow prefaulting by mlockall()" [0] and a semantic one with "sparc64: vdso: Switch to generic vDSO library" [1], which still uses the removed GENERIC_VDSO_DATA_STORE. [0] https://lore.kernel.org/lkml/20250812-vdso-mlockall-v1-0-2f49ba7cf819@linut… [1] https://lore.kernel.org/lkml/20250815-vdso-sparc64-generic-2-v2-0-b5ff80672… Signed-off-by: Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> --- Rasmus Villemoes (1): ARM: VDSO: remove cntvct_ok global variable Thomas Weißschuh (10): vdso/datastore: Gate time data behind CONFIG_GENERIC_GETTIMEOFDAY vdso: Move ENABLE_COMPAT_VDSO from core to arm64 vdso/gettimeofday: Remove !CONFIG_TIME_NS stubs time: Build generic update_vsyscall() only with generic time vDSO riscv: vdso: Untangle kconfig logic vdso: Drop kconfig GENERIC_VDSO_32 vdso: Drop kconfig GENERIC_COMPAT_VDSO vdso: Drop kconfig GENERIC_VDSO_DATA_STORE vdso: Drop kconfig GENERIC_VDSO_TIME_NS vdso: Gate VDSO_GETRANDOM behind HAVE_GENERIC_VDSO arch/Kconfig | 2 +- arch/arm/include/asm/vdso/vsyscall.h | 2 -- arch/arm/kernel/vdso.c | 10 +++------ arch/arm/mm/Kconfig | 2 -- arch/arm64/Kconfig | 3 --- arch/arm64/include/asm/vdso/compat_barrier.h | 7 +++--- arch/arm64/include/asm/vdso/compat_gettimeofday.h | 6 ++--- arch/arm64/include/asm/vdso/gettimeofday.h | 8 +++++++ arch/arm64/kernel/vdso32/Makefile | 1 - arch/loongarch/Kconfig | 2 -- arch/mips/Kconfig | 1 - arch/powerpc/Kconfig | 2 -- arch/riscv/Kconfig | 12 +++++----- arch/s390/Kconfig | 2 -- arch/x86/Kconfig | 3 --- include/asm-generic/vdso/vsyscall.h | 4 ---- include/vdso/datapage.h | 9 +------- init/Kconfig | 2 +- kernel/time/Makefile | 2 +- lib/vdso/Kconfig | 25 +-------------------- lib/vdso/Makefile | 2 +- lib/vdso/datastore.c | 6 ++--- lib/vdso/gettimeofday.c | 27 ----------------------- tools/testing/selftests/pidfd/config | 1 - 24 files changed, 31 insertions(+), 110 deletions(-) --- base-commit: 3cd1f6bc6aa056cfd32946f9ce0aa3eb3db180e8 change-id: 20250825-vdso-cleanups-fd6fbb32fc19 Best regards, -- Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>

2 months

3
16
0 0

[PATCH v2] Fix to avoid the usage of the `res` variable uninitialized in the following macro expansions.

by Alessandro Zanni

It solves the following warning: In function ‘iommufd_viommu_vdevice_alloc’, inlined from ‘wrapper_iommufd_viommu_vdevice_alloc’ at iommufd.c:2889:1: ../kselftest_harness.h:760:12: warning: ‘ret’ may be used uninitialized [-Wmaybe-uninitialized] 760 | if (!(__exp _t __seen)) { \ | ^ ../kselftest_harness.h:513:9: note: in expansion of macro ‘__EXPECT’ 513 | __EXPECT(expected, #expected, seen, #seen, ==, 1) | ^~~~~~~~ iommufd_utils.h:1057:9: note: in expansion of macro ‘ASSERT_EQ’ 1057 | ASSERT_EQ(0, _test_cmd_trigger_vevents(self->fd, dev_id, nvevents)) | ^~~~~~~~~ iommufd.c:2924:17: note: in expansion of macro ‘test_cmd_trigger_vevents’ 2924 | test_cmd_trigger_vevents(dev_id, 3); | ^~~~~~~~~~~~~~~~~~~~~~~~ The issue can be reproduced, building the tests, with the command: make -C tools/testing/selftests TARGETS=iommu Signed-off-by: Alessandro Zanni <alessandro.zanni87(a)gmail.com> --- tools/testing/selftests/iommu/iommufd_utils.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/iommu/iommufd_utils.h b/tools/testing/selftests/iommu/iommufd_utils.h index 3c3e08b8c90e..772ca1db6e59 100644 --- a/tools/testing/selftests/iommu/iommufd_utils.h +++ b/tools/testing/selftests/iommu/iommufd_utils.h @@ -1042,15 +1042,13 @@ static int _test_cmd_trigger_vevents(int fd, __u32 dev_id, __u32 nvevents) .dev_id = dev_id, }, }; - int ret; while (nvevents--) { - ret = ioctl(fd, _IOMMU_TEST_CMD(IOMMU_TEST_OP_TRIGGER_VEVENT), - &trigger_vevent_cmd); - if (ret < 0) + if (!ioctl(fd, _IOMMU_TEST_CMD(IOMMU_TEST_OP_TRIGGER_VEVENT), + &trigger_vevent_cmd)) return -1; } - return ret; + return 0; } #define test_cmd_trigger_vevents(dev_id, nvevents) \ -- 2.43.0

2 months

4
3
0 0

[PATCH 0/7] tools/nolibc: reduce __nolibc_enosys() fallbacks

by Thomas Weißschuh

The __nolibc_enosys() fallback is used when the UAPI headers do not provide a certain syscall number or any possible fallback syscall. This is either because the syscall definition is fairly new and nolibc tries to be compatible with old UAPI headers or an architecture does not support a syscall at all. Many of these __nolibc_enosys() fallbacks have become unnecessary. Either because the "new" syscalls or not so new anymore or real fallbacks have been implemented in the meantime. Unnecessary usages of __nolibc_enosys() as it is not obvious anymore if a given function is really implemented on all architectures. Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net> --- Thomas Weißschuh (7): tools/nolibc: remove __nolibc_enosys() fallback from time64-related functions tools/nolibc: remove __nolibc_enosys() fallback from *at() functions tools/nolibc: remove __nolibc_enosys() fallback from dup2() tools/nolibc: remove __nolibc_enosys() fallback from fork functions tools/nolibc: fold llseek fallback into lseek() kselftest/arm64: tpidr2: Switch to waitpid() over wait4() tools/nolibc: drop wait4() support tools/include/nolibc/poll.h | 4 +- tools/include/nolibc/sys.h | 90 +++++++++--------------------- tools/include/nolibc/sys/timerfd.h | 8 +-- tools/include/nolibc/sys/wait.h | 17 ------ tools/include/nolibc/time.h | 8 +-- tools/testing/selftests/arm64/abi/tpidr2.c | 6 +- 6 files changed, 34 insertions(+), 99 deletions(-) --- base-commit: 850047b19741490631855a475ccaa3ed29316039 change-id: 20250821-nolibc-enosys-2b2ec0b505ba Best regards, -- Thomas Weißschuh <linux(a)weissschuh.net>

2 months

5
13
0 0

[RESEND PATCH] selftests/filesystems: Fix build warning on anon_inode_test

by Ranganath V N

clang warning null passed where non-null argument is expected. anon_inode_test.c:45:19: warning: argument 3 null where non-null expected [-Wnonnull] 45 | ASSERT_LT(execveat(fd_context, "", NULL, NULL, AT_EMPTY_PATH), 0); | ^~~~~~~~ Signed-off-by: Ranganath V N <vnranganath.20(a)gmail.com> --- Adding missed mainters to the patch tools/testing/selftests/filesystems/anon_inode_test.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/filesystems/anon_inode_test.c b/tools/testing/selftests/filesystems/anon_inode_test.c index 73e0a4d4fb2f..f796dad679db 100644 --- a/tools/testing/selftests/filesystems/anon_inode_test.c +++ b/tools/testing/selftests/filesystems/anon_inode_test.c @@ -38,11 +38,13 @@ TEST(anon_inode_no_chmod) TEST(anon_inode_no_exec) { int fd_context; + static char *argv[] = { NULL }; + static char *envp[] = { NULL }; fd_context = sys_fsopen("tmpfs", 0); ASSERT_GE(fd_context, 0); - ASSERT_LT(execveat(fd_context, "", NULL, NULL, AT_EMPTY_PATH), 0); + ASSERT_LT(execveat(fd_context, "", argv, envp, AT_EMPTY_PATH), 0); ASSERT_EQ(errno, EACCES); EXPECT_EQ(close(fd_context), 0); -- 2.43.0

2 months

1
1
0 0

[RFC PATCH v3 nf-next] selftests: netfilter: Add bridge_fastpath.sh

by Eric Woudstra

Add a script to test various scenarios where a bridge is involved in the fastpath. It runs tests in the forward path, and also in a bridged path. The setup is similar to a basic home router with multiple lan ports. It uses 3 pairs of veth-devices. Each or all pairs can be replaced by a pair of real interfaces, interconnected by wire. This is necessary to test the behavior when dealing with dsa ports, foreign (dsa) ports and switchdev userports that support SWITCHDEV_OBJ_ID_PORT_VLAN. See the head of the script for a detailed description. Run without arguments to perform all tests on veth-devices. Signed-off-by: Eric Woudstra <ericwouds(a)gmail.com> --- This test script is written first for the proposed bridge-fastpath patch-sets, but it's use is more general and can easily be expanded. Changes in v3: - Removed all warnings reported by shellcheck -x -e SC2317 - Improved del_pppoe(), check if interfaces are removed - Added is_known_issue() to warn instead of error for known issues - Link down and (hardware) interfaces to default netns at end of script - Removed matching ip(v6) address Changes in v2: - Moved test-series to functions - Moved code to set_pair_link() up/down - Added conntrack zone to bridged traffic - Test bridge chain prerouting in test without fastpath and bridge chain forward in tests with fastpath Some example outputs of this last version of patches from different hardware, without and with patches: ALL VETH: ========= ./bridge_fastpath.sh -t Setup: CLIENT 0 veth0cl | veth0rt WAN ROUTER LAN1 LAN2 veth1rt veth2rt | | veth1cl veth2cl CLIENT 1 CLIENT 2 Without patches: PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, with single vlan encap, without fastpath WARN: unaware bridge, with double q vlan encaps, without fastpath: ipv4/6: established bytes 0 < 4194304 WARN: unaware bridge, with 802.1ad vlan encaps, without fastpath: ipv4/6: established bytes 0 < 4194304 WARN: unaware bridge, with pppoe encap, without fastpath: ipv4/6: established bytes 0 < 4194304 WARN: unaware bridge, with pppoe-in-q encaps, without fastpath: ipv4/6: established bytes 0 < 4194304 PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath WARN: forward, without vlan-device, with vlan encap, client1, with fastpath: ipv4/6: tcp broken PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: all tests passed With patches: PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, without encaps, with fastpath PASS: unaware bridge, with single vlan encap, without fastpath PASS: unaware bridge, with single vlan encap, with fastpath PASS: unaware bridge, with double q vlan encaps, without fastpath PASS: unaware bridge, with double q vlan encaps, with fastpath PASS: unaware bridge, with 802.1ad vlan encaps, without fastpath PASS: unaware bridge, with 802.1ad vlan encaps, with fastpath PASS: unaware bridge, with pppoe encap, without fastpath PASS: unaware bridge, with pppoe encap, with fastpath PASS: unaware bridge, with pppoe-in-q encaps, without fastpath PASS: unaware bridge, with pppoe-in-q encaps, with fastpath PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, without/without vlan encap, with fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, with fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, with fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, with fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath PASS: forward, without vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: all tests passed BANANAPI-R3 (lan1 & lan2 are dsa): ============ Without patches: ./bridge_fastpath.sh -t -0 enu1u2,lan2 -1 enu1u1,lan1 -2 lan4,eth1 Setup: CLIENT 0 enu1u2 | lan2 WAN ROUTER LAN1 LAN2 lan1 eth1 | | enu1u1 lan4 CLIENT 1 CLIENT 2 PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, with single vlan encap, without fastpath WARN: unaware bridge, with pppoe encap, without fastpath: ipv4/6: established bytes 0 < 4194304 WARN: unaware bridge, with pppoe-in-q encaps, without fastpath: ipv4/6: established bytes 0 < 4194304 PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath WARN: forward, without vlan-device, without vlan encap, client1, with fastpath: ipv4: counted bytes 2110480 > 2097152 WARN: forward, without vlan-device, without vlan encap, client1, with fastpath: ipv6: counted bytes 2116104 > 2097152 PASS: forward, without vlan-device, without vlan encap, client1, with hw_fastpath PASS: forward, without vlan-device, without vlan encap, client2, without fastpath PASS: forward, without vlan-device, without vlan encap, client2, with fastpath PASS: forward, without vlan-device, without vlan encap, client2, with hw_fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath WARN: forward, without vlan-device, with vlan encap, client1, with fastpath: ipv4/6: tcp broken WARN: forward, without vlan-device, with vlan encap, client1, with hw_fastpath: ipv4/6: tcp broken PASS: forward, without vlan-device, with vlan encap, client2, without fastpath WARN: forward, without vlan-device, with vlan encap, client2, with fastpath: ipv4/6: tcp broken WARN: forward, without vlan-device, with vlan encap, client2, with hw_fastpath: ipv4/6: tcp broken PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, without vlan encap, client2, without fastpath WARN: forward, with vlan-device, without vlan encap, client2, with fastpath: ipv4: counted bytes 2122388 > 2097152 WARN: forward, with vlan-device, without vlan encap, client2, with fastpath: ipv6: counted bytes 2129280 > 2097152 WARN: forward, with vlan-device, without vlan encap, client2, with hw_fastpath: ipv4: counted bytes 2110428 > 2097152 WARN: forward, with vlan-device, without vlan encap, client2, with hw_fastpath: ipv6: counted bytes 2140144 > 2097152 PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, with vlan encap, client2, without fastpath PASS: forward, with vlan-device, with vlan encap, client2, with fastpath PASS: forward, with vlan-device, with vlan encap, client2, with hw_fastpath PASS: all tests passed With patches: PASS: unaware bridge, without encaps, without fastpath PASS: unaware bridge, without encaps, with fastpath PASS: unaware bridge, without encaps, with hw_fastpath PASS: unaware bridge, with single vlan encap, without fastpath PASS: unaware bridge, with single vlan encap, with fastpath PASS: unaware bridge, with single vlan encap, with hw_fastpath PASS: unaware bridge, with pppoe encap, without fastpath PASS: unaware bridge, with pppoe encap, with fastpath PASS: unaware bridge, with pppoe encap, with hw_fastpath PASS: unaware bridge, with pppoe-in-q encaps, without fastpath PASS: unaware bridge, with pppoe-in-q encaps, with fastpath PASS: unaware bridge, with pppoe-in-q encaps, with hw_fastpath PASS: aware bridge, without/without vlan encap, without fastpath PASS: aware bridge, without/without vlan encap, with fastpath PASS: aware bridge, without/without vlan encap, with hw_fastpath PASS: aware bridge, with/without vlan encap, without fastpath PASS: aware bridge, with/without vlan encap, with fastpath PASS: aware bridge, with/without vlan encap, with hw_fastpath PASS: aware bridge, with/with vlan encap, without fastpath PASS: aware bridge, with/with vlan encap, with fastpath PASS: aware bridge, with/with vlan encap, with hw_fastpath PASS: aware bridge, without/with vlan encap, without fastpath PASS: aware bridge, without/with vlan encap, with fastpath PASS: aware bridge, without/with vlan encap, with hw_fastpath PASS: forward, without vlan-device, without vlan encap, client1, without fastpath PASS: forward, without vlan-device, without vlan encap, client1, with fastpath PASS: forward, without vlan-device, without vlan encap, client1, with hw_fastpath PASS: forward, without vlan-device, without vlan encap, client2, without fastpath PASS: forward, without vlan-device, without vlan encap, client2, with fastpath PASS: forward, without vlan-device, without vlan encap, client2, with hw_fastpath PASS: forward, without vlan-device, with vlan encap, client1, without fastpath PASS: forward, without vlan-device, with vlan encap, client1, with fastpath PASS: forward, without vlan-device, with vlan encap, client1, with hw_fastpath PASS: forward, without vlan-device, with vlan encap, client2, without fastpath PASS: forward, without vlan-device, with vlan encap, client2, with fastpath PASS: forward, without vlan-device, with vlan encap, client2, with hw_fastpath PASS: forward, with vlan-device, without vlan encap, client1, without fastpath PASS: forward, with vlan-device, without vlan encap, client1, with fastpath PASS: forward, with vlan-device, without vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, without vlan encap, client2, without fastpath PASS: forward, with vlan-device, without vlan encap, client2, with fastpath PASS: forward, with vlan-device, without vlan encap, client2, with hw_fastpath PASS: forward, with vlan-device, with vlan encap, client1, without fastpath PASS: forward, with vlan-device, with vlan encap, client1, with fastpath PASS: forward, with vlan-device, with vlan encap, client1, with hw_fastpath PASS: forward, with vlan-device, with vlan encap, client2, without fastpath PASS: forward, with vlan-device, with vlan encap, client2, with fastpath PASS: forward, with vlan-device, with vlan encap, client2, with hw_fastpath PASS: all tests passed .../testing/selftests/net/netfilter/Makefile | 1 + .../net/netfilter/bridge_fastpath.sh | 1055 +++++++++++++++++ 2 files changed, 1056 insertions(+) create mode 100755 tools/testing/selftests/net/netfilter/bridge_fastpath.sh diff --git a/tools/testing/selftests/net/netfilter/Makefile b/tools/testing/selftests/net/netfilter/Makefile index a98ed892f55f..e0de04333a3f 100644 --- a/tools/testing/selftests/net/netfilter/Makefile +++ b/tools/testing/selftests/net/netfilter/Makefile @@ -8,6 +8,7 @@ MNL_LDLIBS := $(shell $(HOSTPKG_CONFIG) --libs libmnl 2>/dev/null || echo -lmnl) TEST_PROGS := br_netfilter.sh bridge_brouter.sh TEST_PROGS += br_netfilter_queue.sh +TEST_PROGS += bridge_fastpath.sh TEST_PROGS += conntrack_dump_flush.sh TEST_PROGS += conntrack_icmp_related.sh TEST_PROGS += conntrack_ipip_mtu.sh diff --git a/tools/testing/selftests/net/netfilter/bridge_fastpath.sh b/tools/testing/selftests/net/netfilter/bridge_fastpath.sh new file mode 100755 index 000000000000..614497489edb --- /dev/null +++ b/tools/testing/selftests/net/netfilter/bridge_fastpath.sh @@ -0,0 +1,1055 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 +# +# Check if conntrack, nft chain and fastpath is functional in setups +# where a bridge is in the fastpath. +# +# Commandline options make it possible to use real ethernet pairs +# instead of veth-device pairs. Any, or all, pairs can be tested using +# real hardware pairs. This is can be useful to test dsa-ports, +# switchdev (dsa) foreign ports and switchdev ports supporting +# SWITCHDEV_OBJ_ID_PORT_VLAN. +# +# First tcp is tested. Conntrack and nft chain are tested using a counter. +# When there is a fastpath possible between the interfaces then the +# fastpath is also tested. +# When there is a hardware offloaded fastpath possible between the +# interfaces then the hardware offloaded path is also tested. +# +# Setup is as a typical router: +# +# nsclientwan +# | +# nsrt +# | | +# nsclient1 nsclient2 +# +# Masquerading for ipv4 only. +# +# First check if a bridge table forward chain can be setup, skip +# these tests if this is not possible. +# Then check if a inet table forward chain can be setup, skip +# these tests if this is not possible. +# +# Different setups of paths are tested that involve a bridge in the +# fastpath. This can be in the forward-fastpath or in the bridge-fastpath. +# +# The first series, in the bridge-fastpath, using a vlan-unaware bridge. +# Traffic with the following vlan-tags is checked: +# a. without vlan +# b. single vlan +# c. double q vlan (only on veth-devices) +# d. 802.1ad vlan (only on veth-devices) +# e. pppoe (when available) +# f. pppoe-in-q (when available) +# +# (for items c to f fastpath can only work when a conntrack zone is set) +# (double tag testing results in broken tcp traffic on most hardware, +# in this test setup, use '-a' argument to test it anyway) +# (pppoe testing takes place if pppd and pppoe-server are installed) +# +# The second series, in the bridge-fastpath, using a vlan-aware bridge. +# Here we test all combinations of ingress/egress with or without single +# vlan encaps. +# +# The third series, in the forward-fastpath, using a vlan-aware bridge, +# without a vlan-device linked to the master port. We test the same combinations +# of ingress/egress with or without single vlan encaps. +# +# The fourth series, in the forward-fastpath, using a vlan-aware bridge, +# with a vlan-device linked to the master port. We test the same combinations +# of ingress/egress with or without single vlan encaps. +# +# Note 1: Using dsa userports on both sides of eth-pairs client1 or client2 +# gives erratic and unpredictable results. Use, for example, an usb-eth device +# on the client side to test a dsa-userport. +# +# Note 2: Testing the hardware offloaded fastpath, it is not checked if the +# packets do not follow the software fastpath instead. A universal way to +# check this should be added at some point. +# +# Note 3: Some interfaces to test on the router side, are netns immutable. +# Use the -d or --defaultnsrouter option so that the interfaces of the router +# do not have to change netns. The router is build up in the default netns. +# + +source lib.sh + +checktool "nft --version" "run test without nft" +checktool "socat -h" "run test without socat" +checktool "bridge -V" "run test without bridge" + +NR_OF_TESTS=4 +VID1=100 +VID2=101 +BRWAN=brwan +BRLAN=brlan +BRCL=brcl +LINKUP_TIMEOUT=10 +PING_TIMEOUT=10 +SOCAT_TIMEOUT=10 +filesize=$((2 * 1024 * 1024)) + +filein=$(mktemp) +file1out=$(mktemp) +file2out=$(mktemp) +pppoeserveroptions=$(mktemp) +pppoeserverpid=$(mktemp) + +setup_ns nsclientwan nsclientlan1 nsclientlan2 + + WAN=0 ; LAN1=1 ; LAN2=2 ; ADWAN=3 ; ADLAN=4 +nsa=( "$nsclientwan" "$nsclientlan1" "$nsclientlan2" ) # $nsrt $nsrt +AD4=( '192.168.1.1' '192.168.2.101' '192.168.2.102' '192.168.1.2' '192.168.2.1' ) +AD6=( 'dead:1::1' 'dead:2::101' 'dead:2::102' 'dead:1::2' 'dead:2::1' ) + +tests_string=$(seq 1 $NR_OF_TESTS) + +while [ "${1:-}" != '' ]; do + case "$1" in + '-0' | '--pairwan') + shift + vethcl[WAN]="${1%,*}" + vethrt[WAN]="${1#*,}" + ;; + '-1' | '--pairlan1') + shift + vethcl[LAN1]="${1%,*}" + vethrt[LAN1]="${1#*,}" + ;; + '-2' | '--pairlan2') + shift + vethcl[LAN2]="${1%,*}" + vethrt[LAN2]="${1#*,}" + ;; + '-s' | '--filesize') + shift + filesize=$1 + ;; + '-p' | '--parts') + shift + tests_string=$1 + ;; + '-4' | '--ipv4') + do_ipv4=1 + ;; + '-6' | '--ipv6') + do_ipv6=1 + ;; + '-n' | '--noskip') + noskip=1 + ;; + '-d' | '--defaultnsrouter') + defaultnsrouter=1 + ;; + '-f' | '--fixmac') + fixmac=1 + ;; + '-t' | '--showtree') + showtree=1 + ;; + *) + cat <<-EOF + Usage: $(basename "$0") [OPTION]... + -0 --pairwan eth0cl,eth0rt pair of real interfaces to use on wan side + -1 --pairlan1 eth1cl,eth1rt pair of real interfaces to use on lan1 side + -2 --pairlan2 eth2cl,eth2rt pair of real interfaces to use on lan2 side + -s --filesize filesize to use for testing in bytes + -p --parts partnumbers of tests to run, comma separated + -4|-6 --ipv4|--ipv6 test ipv4/6 only + -d --defaultnsrouter router in default network namespace, caution! + -f --fixmac change mac address when conflict found + -n --noskip also perform the normally skipped tests + -t --showtree show the tree of used interfaces + EOF + exit "$ksft_skip" + ;; + esac + shift +done + +for i in ${tests_string//','/' '}; do + tests[i]="yes" +done + +if [ -n "$defaultnsrouter" ]; then + nsrt="nsrt-$(mktemp -u XXXXXX)" + touch "/var/run/netns/$nsrt" + mount --bind /proc/1/ns/net "/var/run/netns/$nsrt" +else + setup_ns nsrt +fi +nsa+=("$nsrt" "$nsrt") + +cleanup() { + if [ -n "$defaultnsrouter" ]; then + umount "/var/run/netns/$nsrt" + rm -f "/var/run/netns/$nsrt" + fi + cleanup_all_ns + rm -f "$filein" "$file1out" "$file2out" "$pppoeserveroptions" "$pppoeserverpid" +} + +trap cleanup EXIT + +head -c "$filesize" < /dev/urandom > "$filein" + +check_mac() +{ + local ns=$1 + local dev=$2 + local othermacs=$3 + local mac + + mac=$(ip -net "$ns" -br link show dev "$dev" | \ + grep -o -E '([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}') + + if [[ ! "$othermacs" =~ $mac ]]; then + echo "$mac" + return 0 + fi + echo "WARN: Conflicting mac address $dev $mac" 1>&2 + + [ -z "$fixmac" ] && return 1 + + for (( j = 0 ; j < 10 ; j++ )); do + mac="${mac::6}$(printf %02x:%02x:%02x:%02x $((RANDOM%256)) \ + $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))" + [[ "$othermacs" =~ $mac ]] && continue + echo "$mac" + ip -net "$ns" link set dev "$dev" address "$mac" 1>&2 + return $? + done + return 1 +} + +is_link() +{ + local updown=$1 + local ns=$2 + local dev=$3 + + if ip -net "$ns" link show dev "$dev" "${updown,,}" 2>/dev/null | \ + grep -q "state ${updown^^}" + then + return 0 + fi + return 1 +} + +set_pair_link() +{ + local updown=$1 + local all="${*:2}" + local lret=0 + local i j + + for i in $all; do + ns="${nsa[$i]}" + ip -net "$ns" link set "${vethcl[$i]}" "$updown" + lret=$((lret | $?)) + ip -net "$nsrt" link set "${vethrt[$i]}" "$updown" + lret=$((lret | $?)) + done + [ $lret -ne 0 ] && return 1 + + for j in $(seq 1 $((LINKUP_TIMEOUT * 5 ))); do + lret=0 + for i in $all; do + ns="${nsa[$i]}" + is_link "$updown" "$ns" "${vethcl[$i]}" + lret=$((lret | $?)) + is_link "$updown" "$nsrt" "${vethrt[$i]}" + lret=$((lret | $?)) + done + [ $lret -eq 0 ] && break + sleep 0.2 + done + return $lret +} + +wait_ping() +{ + local i1=$1 + local i2=$2 + local ns1=${nsa[$i1]} + local j + local lret + + for j in $(seq 1 $((PING_TIMEOUT * 5 ))); do + ip netns exec "$ns1" ping -c 1 -w $PING_TIMEOUT -i 0.2 \ + -q "${AD4[$i2]}" >/dev/null 2>&1 + lret=$? + [ $lret -le 1 ] && return $lret + sleep 0.2 + done + return 1 +} + +add_addr() +{ + local i=$1 + local dev=$2 + local ns=${nsa[$i]} + local ad4=${AD4[$i]} + local ad6=${AD6[$i]} + + ip -net "$ns" addr add "${ad4}/24" dev "$dev" + ip -net "$ns" addr add "${ad6}/64" dev "$dev" nodad + if [[ "$ns" == "nsclientlan"* ]]; then + ip -net "$ns" route add default via "${AD4[$ADLAN]}" + ip -net "$ns" route add default via "${AD6[$ADLAN]}" + elif [[ "$ns" == "nsclientwan"* ]]; then + ip -net "$ns" route add default via "${AD6[$ADWAN]}" + fi + +} + +del_addr() +{ + local i=$1 + local dev=$2 + local ns=${nsa[$i]} + local ad4=${AD4[$i]} + local ad6=${AD6[$i]} + + if [[ "$ns" == "nsclientlan"* ]]; then + ip -net "$ns" route del default via "${AD6[$ADLAN]}" + ip -net "$ns" route del default via "${AD4[$ADLAN]}" + elif [[ "$ns" == "nsclientwan"* ]]; then + ip -net "$ns" route del default via "${AD6[$ADWAN]}" + fi + ip -net "$ns" addr del "${ad6}/64" dev "$dev" nodad + ip -net "$ns" addr del "${ad4}/24" dev "$dev" +} + +set_client() +{ + local i=$1 + local vlan=$2 + local arg=$3 + local ns=${nsa[$i]} + local vdev="${vethcl[$i]}" + local brdev="$BRCL" + local proto="" + local pvidslave="" + + unset_client "$i" + + if [[ "$vlan" == "qq" ]]; then + ip -net "$ns" link add link "$vdev" name "$vdev.$VID1" type vlan id $VID1 + ip -net "$ns" link add link "$vdev.$VID1" name "$vdev.$VID1.$VID2" \ + type vlan id $VID2 + ip -net "$ns" link set "$vdev.$VID1" up + ip -net "$ns" link set "$vdev.$VID1.$VID2" up + add_addr "$i" "$vdev.$VID1.$VID2" + return + fi + + [[ "$vlan" == "none" ]] && pvidslave="pvid untagged" + [[ "$vlan" == "ad" ]] && proto="vlan_protocol 802.1ad" + + # shellcheck disable=SC2086 + ip -net "$ns" link add "$brdev" type bridge vlan_filtering 1 vlan_default_pvid 0 $proto + ip -net "$ns" link set "$vdev" master "$brdev" + ip -net "$ns" link set "$brdev" up + + # shellcheck disable=SC2086 + bridge -net "$ns" vlan add dev "$vdev" vid $VID1 $pvidslave + bridge -net "$ns" vlan add dev "$brdev" vid $VID1 pvid untagged self + + if [[ "$vlan" == "ad" ]]; then + ip -net "$ns" link add link "$brdev" name "$brdev.$VID2" type vlan id $VID2 + brdev="$brdev.$VID2" + ip -net "$ns" link set "$brdev" up + fi + + if [[ "$arg" != "noaddress" ]]; then + add_addr "$i" "$brdev" + fi +} + +unset_client() +{ + local i=$1 + local ns=${nsa[$i]} + local vdev="${vethcl[$i]}" + local brdev="$BRCL" + + ip -net "$ns" link del "$brdev" type bridge 2>/dev/null + ip -net "$ns" link del "$vdev.$VID1" 2>/dev/null +} + +add_pppoe() +{ + local i1=$1 + local i2=$2 + local dev1=$3 + local dev2=$4 + local desc=$5 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + + ppp1=0 + while [ -n "$(ip -net "$ns1" link show ppp$ppp1 2>/dev/null)" ] + do ((ppp1++)); done + echo "noauth defaultroute noipdefault unit $ppp1" >"$pppoeserveroptions" + ppp1="ppp$ppp1" + + if ! ip netns exec "$ns1" pppoe-server -k -L "${AD4[$i1]}" -R "${AD4[$i2]}" \ + -I "$dev1" -X "$pppoeserverpid" -O "$pppoeserveroptions" >/dev/null; then + echo "ERROR: $desc: failed to setup pppoe server" 1>&2 + return 1 + fi + + if ! ip netns exec "$ns2" pppd plugin pppoe.so nic-"$dev2" persist holdoff 0 noauth \ + defaultroute noipdefault noaccomp nodeflate noproxyarp nopcomp \ + novj novjccomp linkname "selftest-$$" >/dev/null; then + echo "ERROR: $desc: failed to setup pppoe client" 1>&2 + return 1 + fi + + if ! wait_ping "$i1" "$i2"; then + echo "ERROR: $desc: failed to setup functional pppoe connection" 1>&2 + return 1 + fi + + ppp2=$(tail -n 1 < "/run/pppd/ppp-selftest-$$.pid") + + ip -net "$ns1" addr add "${AD6[$i1]}/64" dev "$ppp1" nodad + ip -net "$ns2" addr add "${AD6[$i2]}/64" dev "$ppp2" nodad + + return 0 +} + +del_pppoe() +{ + local i1=$1 + local i2=$2 + local dev1=$3 + local dev2=$4 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + local i serverpid clientpid + + serverpid="$(head -n 1 < "$pppoeserverpid")" + clientpid="$(head -n 1 < "/run/pppd/ppp-selftest-$$.pid")" + + [[ -n "$ppp1" ]] && ip -net "$ns1" addr del "${AD6[$i1]}/64" dev "$ppp1" + [[ -n "$ppp2" ]] && ip -net "$ns2" addr del "${AD6[$i2]}/64" dev "$ppp2" + + for i in $(seq 1 $((PING_TIMEOUT * 5 ))); do + if ip -net "$ns2" link show dev "$ppp2" 1>/dev/null 2>/dev/null; then + kill -9 "$clientpid" 2>/dev/null + elif ip -net "$ns1" link show dev "$ppp1" 1>/dev/null 2>/dev/null; then + kill -SIGTERM "$serverpid" 2>/dev/null + else return 0 + fi + sleep 0.2 + done + echo "ERROR: failed to remove pppoe connection" 1>&2 + return 1 +} + +listener_ready() +{ + local ns=$1 + local ipv=$2 + + ss -N "$ns" --ipv"$ipv" -lnt -o "sport = :8080" | grep -q 8080 +} + +test_tcp() { + local i1=$1 + local i2=$2 + local dofast=$3 + local desc=$4 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + local i=-1 + local lret=0 + local ads="" + local ipv ad a lpid bytes limit error + + if [ -n "$do_ipv4" ]; then ads="${AD4[$i2]}" + elif [ -n "$do_ipv6" ]; then ads="${AD6[$i2]}" + else ads="${AD4[$i2]} ${AD6[$i2]}" + fi + for ad in $ads; do + ((i++)) + if [[ "$ad" =~ ":" ]] + then ipv="6"; a="[${ad}]" + else ipv="4"; a="${ad}" + fi + + rm -f "$file1out" "$file2out" + + # ip netns exec "$nsrt" nft reset counters >/dev/null + # But on some systems this results in 4GB values in packet and byte count, so: + (echo "flush ruleset"; ip netns exec "$nsrt" nft --stateless list ruleset) | \ + ip netns exec "$nsrt" nft -f - + + timeout "$SOCAT_TIMEOUT" ip netns exec "$ns2" socat TCP$ipv-LISTEN:8080,reuseaddr \ + STDIO <"$filein" >"$file2out" 2>/dev/null & + lpid=$! + busywait 1000 listener_ready "$ns2" "$ipv" + + timeout "$SOCAT_TIMEOUT" ip netns exec "$ns1" socat TCP$ipv:"$a":8080 \ + STDIO <"$filein" >"$file1out" 2>/dev/null + + if ! wait $lpid; then + error[i]="tcp broken" + continue + fi + if ! cmp "$filein" "$file1out" >/dev/null 2>&1; then + error[i]="file mismatch to ${ad}" + continue + fi + if ! cmp "$filein" "$file2out" >/dev/null 2>&1; then + error[i]="file mismatch from ${ad}" + continue + fi + + limit=$((2 * filesize)) + bytes=$(ip netns exec "$nsrt" nft list counter $family filter "check" | \ + grep "packets" | cut -d' ' -f4) + if [ -z "$dofast" ] && [ "$bytes" -lt "$limit" ]; then + + error[i]="established bytes $bytes < $limit" + continue + fi + if [ -n "$dofast" ] && [ "$bytes" -gt "$((limit/2))" ]; then + # Significant reduction of bytes expected + error[i]="counted bytes $bytes > $((limit/2))" + continue + fi + + done + + if [ -n "${error[0]}" ]; then + if [[ "${error[0]}" == "${error[1]}" ]]; then + error[0]="$desc: ipv4/6: ${error[0]}" + error[1]="" + else + error[0]="$desc: ipv4: ${error[0]}" + fi + fi + if [ -n "${error[1]}" ]; then + error[1]="$desc: ipv6: ${error[1]}" + fi + + for i in 0 1; do + if [ -n "${error[i]}" ]; then + if is_known_issue "$desc: ${error[i]}"; then + echo "WARN: ${error[i]}" 1>&2 + lret=$((lret | 1)) + else + echo "ERROR: ${error[i]}" 1>&2 + lret=$((lret | 2)) + fi + fi + done + if [ $lret -eq 0 ]; then + echo "PASS: $desc" + fi + return $(( lret & 2 )) +} + +known_issues=( +'*unaware bridge,*with double q vlan encaps,*without fastpath*established*' # 1 +'*unaware bridge,*with 802.1ad vlan encaps,*without fastpath*established*' # 1 +'*unaware bridge,*with pppoe encap,*without fastpath*established*' # 1 +'*unaware bridge,*with pppoe-in-q encaps,*without fastpath*established*' # 1 +'*forward,*without vlan-device, without vlan encap,*with *fastpath:*counted*' # 2 +'*forward,*without vlan-device, with vlan encap,*with *fastpath:*tcp broken*' # 3 +'*forward,*with vlan-device, without vlan encap,*with *fastpath:*counted*' # 4 +) + +is_known_issue() { + local err=$1 + for issue in "${known_issues[@]}"; do + # shellcheck disable=SC2053 + [[ "$err" == $issue ]] && return 0 + done + return 1 +} + +test_paths() { + local i1=$1 + local i2=$2 + local desc=$3 + local ns1=${nsa[$i1]} + local ns2=${nsa[$i2]} + + + if ! setup_nftables "$i1" "$i2"; then + echo "ERROR: $desc: cannot setup nftables" 1>&2 + return 1 + fi + if ! test_tcp "$i1" "$i2" "" "$desc without fastpath"; then + return 1 + fi + + if ! setup_fastpath "$i1" "$i2" "" 2>/dev/null; then + return 0 + fi + if ! test_tcp "$i1" "$i2" "fast" "$desc with fastpath"; then + return 1 + fi + + if ! setup_fastpath "$i1" "$i2" "hw" 2>/dev/null; then + return 0 + fi + if ! test_tcp "$i1" "$i2" "fast" "$desc with hw_fastpath"; then + return 1 + fi + + return 0 + +} + +add_masq() +{ + if [[ $family != "bridge" ]]; then + ip netns exec "$nsrt" nft -f - <<-EOF + table ip nat { + chain postrouting { + type nat hook postrouting priority 0; + oifname ${BRWAN} masquerade + } + } + EOF + else + return 0 + fi +} + +add_zone() +{ + local devs=$1 + + if [[ $family == "bridge" ]]; then + ip netns exec "$nsrt" nft -f - <<-EOF + table ${family} filter { + chain preroutingzones { + type filter hook prerouting priority -300; + iif ${devs} ct zone set 23 + } + } + EOF + fi +} + +setup_nftables() +{ + local devs="{ ${vethrt[$1]} , ${vethrt[$2]} }" + local i1=$1 + local i2=$2 + + ip netns exec "$nsrt" nft flush ruleset + + if ! add_masq; then + return 1 + fi + + add_zone "${devs}" 2>/dev/null + + ip netns exec "$nsrt" nft -f - <<-EOF + table ${family} filter { + counter check { } + chain prerouting { + type filter hook prerouting priority 0; policy accept; + ct state established tcp dport 8080 counter name "check" + ct state established tcp sport 8080 counter name "check" + } + } + EOF +} + +setup_fastpath() +{ + local devs="{ ${vethrt[$1]} , ${vethrt[$2]} }" + local arg=$3 + local flags="" + + [[ "$arg" == "hw" ]] && flags="flags offload" + + ip netns exec "$nsrt" nft flush ruleset + + if ! add_masq; then + return 1 + fi + + add_zone "${devs}" 2>/dev/null + + ip netns exec "$nsrt" nft -f - <<-EOF + table ${family} filter { + counter check { } + flowtable f { + hook ingress priority filter + devices = ${devs} + ${flags} + } + chain forward { + type filter hook forward priority 0; policy accept; + counter name "check" + ct state established flow add @f + } + } + EOF +} + +test_unaware_bridge() +{ + local lret=0 + local i + + for i in $LAN1 $LAN2; do + set_client "$i" none + done + + test_paths $LAN1 $LAN2 "unaware bridge, without encaps, " + lret=$((lret | $?)) + + for i in $LAN1 $LAN2; do + set_client "$i" q + done + + test_paths $LAN1 $LAN2 "unaware bridge, with single vlan encap, " + lret=$((lret | $?)) + + for i in $LAN1 $LAN2; do + set_client "$i" qq + done + + # Skip testing double tagged packets on real hardware + if [ -n "$lan_all_veth" ] || [ -n "$noskip" ]; then + + test_paths $LAN1 $LAN2 "unaware bridge, with double q vlan encaps, " + lret=$((lret | $?)) + + for i in $LAN1 $LAN2; do + set_client "$i" ad + done + + test_paths $LAN1 $LAN2 "unaware bridge, with 802.1ad vlan encaps, " + lret=$((lret | $?)) + + fi + # End Skip testing double tagged packets + + if [ -n "$(command -v pppd 2>/dev/null)" ] && + [ -n "$(command -v pppoe-server 2>/dev/null)" ]; then + # Start pppoe + + for i in $LAN1 $LAN2; do + set_client "$i" none noaddress + done + + if add_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" "unaware bridge, with pppoe encap"; then + test_paths $LAN1 $LAN2 "unaware bridge, with pppoe encap, " + lret=$((lret | $?)) + fi + + del_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" + lret=$((lret | $?)) + + for i in $LAN1 $LAN2; do + set_client "$i" q noaddress + done + + if add_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" "unaware bridge, with pppoe-in-q encaps"; then + test_paths $LAN1 $LAN2 "unaware bridge, with pppoe-in-q encaps, " + lret=$((lret | $?)) + fi + + del_pppoe $LAN1 $LAN2 "$BRCL" "$BRCL" + lret=$((lret | $?)) + + # End pppoe + fi + + for i in $LAN1 $LAN2; do + unset_client "$i" + done + return $lret +} + +test_aware_bridge() +{ + local lret=0 + local i + + for i in $LAN1 $LAN2; do + bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 pvid untagged + set_client "$i" none + done + test_paths $LAN1 $LAN2 "aware bridge, without/without vlan encap," + lret=$((lret | $?)) + + i=$LAN1 + bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 pvid untagged + bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 + set_client $i q + + test_paths $LAN1 $LAN2 "aware bridge, with/without vlan encap, " + lret=$((lret | $?)) + + i=$LAN2 + bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 pvid untagged + bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 + set_client $i q + + test_paths $LAN1 $LAN2 "aware bridge, with/with vlan encap, " + lret=$((lret | $?)) + + i=$LAN1 + bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 + bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 pvid untagged + set_client $i none + + test_paths $LAN1 $LAN2 "aware bridge, without/with vlan encap, " + lret=$((lret | $?)) + + i=$LAN1 + bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 pvid untagged + unset_client $i + i=$LAN2 + bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 + unset_client $i + + return $lret +} + +test_forward_without_vlandev() +{ + local wo=$1 + local lret=0 + local i + + [[ "$wo" == "" ]] && wo="without" + + for i in $LAN1 $LAN2; do + bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 pvid untagged + set_client "$i" none + done + + test_paths $LAN1 $WAN "forward, $wo vlan-device, without vlan encap, client1," + lret=$((lret | $?)) + if [ -z "$lan_all_veth" ] || [ -n "$noskip" ]; then + test_paths $LAN2 $WAN "forward, $wo vlan-device, without vlan encap, client2," + lret=$((lret | $?)) + fi + + for i in $LAN1 $LAN2; do + bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 pvid untagged + bridge -net "$nsrt" vlan add dev "${vethrt[$i]}" vid $VID1 + set_client "$i" q + done + + test_paths $LAN1 $WAN "forward, $wo vlan-device, with vlan encap, client1," + lret=$((lret | $?)) + if [ -z "$lan_all_veth" ] || [ -n "$noskip" ]; then + test_paths $LAN2 $WAN "forward, $wo vlan-device, with vlan encap, client2," + lret=$((lret | $?)) + fi + + for i in $LAN1 $LAN2; do + bridge -net "$nsrt" vlan del dev "${vethrt[$i]}" vid $VID1 + unset_client "$i" + done + return $lret +} + +test_forward_with_vlandev() +{ + test_forward_without_vlandev "with" + return $? +} + +ret=0 +### Start Initial Setup ### + +for i in 4 6; do + ip netns exec "$nsrt" sysctl -q net.ipv$i.conf.all.forwarding=1 +done + +### Use brwan to make sure software fastpath is ### +### direct xmit in other direction also ### + +ip -net "$nsrt" link add $BRWAN type bridge +ret=$((ret | $?)) +ip -net "$nsrt" link set $BRWAN up +ret=$((ret | $?)) +if [ $ret -ne 0 ]; then + echo "SKIP: Can't create bridge" + exit "$ksft_skip" +fi + +# If both lan clients are veth-devices, only test 1 in the forward path +if [ -z "${vethcl[$LAN1]}" ] && [ -z "${vethcl[$LAN2]}" ]; then + lan_all_veth=1 +fi + +for i in $WAN $LAN1 $LAN2; do + ns="${nsa[$i]}" + if [ -z "${vethcl[$i]}" ]; then + vethcl[i]="veth${i}cl" + vethrt[i]="veth${i}rt" + ip link add "${vethcl[$i]}" netns "$ns" type veth \ + peer name "${vethrt[$i]}" netns "$nsrt" + ret=$((ret | $?)) + else # Use pair of interconnected hardware interfaces + ip link set "${vethrt[$i]}" netns "$nsrt" + ret=$((ret | $?)) + ip link set "${vethcl[$i]}" netns "$ns" + ret=$((ret | $?)) + fi +done +if [ $ret -ne 0 ]; then + echo "SKIP: (v)eth pairs cannot be used" + exit "$ksft_skip" +fi + +if [ -n "$showtree" ]; then + cat <<-EOF + Setup: + CLIENT 0 + ${vethcl[$WAN]} + | + ${vethrt[$WAN]} + WAN + ROUTER + LAN1 LAN2 + $(printf "%14.14s" "${vethrt[$LAN1]}") ${vethrt[$LAN2]} + | | + $(printf "%14.14s" "${vethcl[$LAN1]}") ${vethcl[$LAN2]} + CLIENT 1 CLIENT 2 + + EOF +fi + +for n in nsclientwan nsclientlan; do + routerside=""; clientside="" + for i in $WAN $LAN1 $LAN2; do + ns="${nsa[$i]}" + [[ "$ns" != "$n"* ]] && continue + mac=$(check_mac "$ns" "${vethcl[$i]}" "$routerside $clientside") + ret=$((ret | $?)) + clientside+=" $mac" + mac=$(check_mac "$nsrt" "${vethrt[$i]}" "$clientside") + ret=$((ret | $?)) + routerside+=" $mac" + done +done +if [ $ret -ne 0 ]; then + echo "SKIP: conflicting mac address" + exit "$ksft_skip" +fi + +set_pair_link up $WAN $LAN1 $LAN2 +ret=$((ret | $?)) +if [ $ret -ne 0 ]; then + echo "SKIP: setting (v)eth pairs link up failed" + exit "$ksft_skip" +fi + +i=$WAN +ip -net "$nsrt" link set "${vethrt[$i]}" master $BRWAN +set_client $i none +add_addr $ADWAN "$BRWAN" + +family="bridge" +if ! setup_nftables $LAN1 $LAN2 2>/dev/null; then + echo "INFO: Cannot add nftables table $family" + tests[1]=""; tests[2]="" +fi +family="inet" +if ! setup_nftables $WAN $LAN1 2>/dev/null; then + echo "INFO: Cannot add nftables table $family" + tests[3]=""; tests[4]="" +fi + +### End Initial Setup ### + +if [ -n "${tests[1]}" ]; then + # Setup brlan as vlan unaware bridge + family="bridge" + ip -net "$nsrt" link add $BRLAN type bridge + ip -net "$nsrt" link set $BRLAN up + for i in $LAN1 $LAN2; do + ip -net "$nsrt" link set "${vethrt[$i]}" master $BRLAN + done + test_unaware_bridge + ret=$((ret | $?)) + ip -net "$nsrt" link del $BRLAN type bridge +fi + +if [ -n "${tests[2]}" ] || [ -n "${tests[3]}" ] || [ -n "${tests[4]}" ]; then + # Setup brlan as vlan aware bridge + family="bridge" + + ip -net "$nsrt" link add $BRLAN type bridge vlan_filtering 1 vlan_default_pvid 0 + ip -net "$nsrt" link set $BRLAN up + bridge -net "$nsrt" vlan add dev $BRLAN vid $VID1 pvid untagged self + add_addr $ADLAN "$BRLAN" + for i in $LAN1 $LAN2; do + ip -net "$nsrt" link set "${vethrt[$i]}" master $BRLAN + done + + if [ -n "${tests[2]}" ]; then + test_aware_bridge + ret=$((ret | $?)) + fi + + family="inet" + + if [ -n "${tests[3]}" ]; then + test_forward_without_vlandev + ret=$((ret | $?)) + fi + + if [ -n "${tests[4]}" ]; then + # Setup vlan-device linked to brlan master port + del_addr $ADLAN "$BRLAN" + ip -net "$nsrt" link set $BRLAN down + bridge -net "$nsrt" vlan del dev $BRLAN vid $VID1 pvid untagged self + bridge -net "$nsrt" vlan add dev $BRLAN vid $VID1 self + ip -net "$nsrt" link add link $BRLAN name $BRLAN.$VID1 type vlan id $VID1 + ip -net "$nsrt" link set $BRLAN up + ip -net "$nsrt" link set "$BRLAN.$VID1" up + add_addr $ADLAN "$BRLAN.$VID1" + test_forward_with_vlandev + ret=$((ret | $?)) + fi + + ip -net "$nsrt" link del $BRLAN type bridge +fi + +### Finish tests ### + +ip -net "$nsrt" link del $BRWAN type bridge + +for i in $WAN $LAN1 $LAN2; do + unset_client "$i" +done + +set_pair_link down $WAN $LAN1 $LAN2 + +for i in $WAN $LAN1 $LAN2; do + ns="${nsa[$i]}" + if [[ "${vethcl[$i]:0:4}" != "veth" ]]; then + ip netns exec "$ns" ip link set "${vethcl[$i]}" netns 1 + fi + if [[ "${vethrt[$i]:0:4}" != "veth" ]]; then + ip netns exec "$nsrt" ip link set "${vethrt[$i]}" netns 1 + fi +done + +if [ $ret -eq 0 ]; then + echo "PASS: all tests passed" +else + echo "ERROR: bridge fastpath test has failed" +fi + +exit $ret -- 2.50.0

2 months, 1 week

2
3
0 0

[PATCH v3 0/3] VMM can handle guest SEA via KVM_EXIT_ARM_SEA

by Jiaqi Yan

Problem ======= When host APEI is unable to claim a synchronous external abort (SEA) during guest abort, today KVM directly injects an asynchronous SError into the VCPU then resumes it. The injected SError usually results in unpleasant guest kernel panic. One of the major situation of guest SEA is when VCPU consumes recoverable uncorrected memory error (UER), which is not uncommon at all in modern datacenter servers with large amounts of physical memory. Although SError and guest panic is sufficient to stop the propagation of corrupted memory, there is room to recover from an UER in a more graceful manner. Proposed Solution ================= The idea is, we can replay the SEA to the faulting VCPU. If the memory error consumption or the fault that cause SEA is not from guest kernel, the blast radius can be limited to the poison-consuming guest process, while the VM can keep running. In addition, instead of doing under the hood without involving userspace, there are benefits to redirect the SEA to VMM: - VM customers care about the disruptions caused by memory errors, and VMM usually has the responsibility to start the process of notifying the customers of memory error events in their VMs. For example some cloud provider emits a critical log in their observability UI [1], and provides a playbook for customers on how to mitigate disruptions to their workloads. - VMM can protect future memory error consumption by unmapping the poisoned pages from stage-2 page table with KVM userfault [2], or by splitting the memslot that contains the poisoned pages. - VMM can keep track of SEA events in the VM. When VMM thinks the status on the host or the VM is bad enough, e.g. number of distinct SEAs exceeds a threshold, it can restart the VM on another healthy host. - Behavior parity with x86 architecture. When machine check exception (MCE) is caused by VCPU, kernel or KVM signals userspace SIGBUS to let VMM either recover from the MCE, or terminate itself with VM. The prior RFC proposes to implement SIGBUS on arm64 as well, but Marc preferred KVM exit over signal [3]. However, implementation aside, returning SEA to VMM is on par with returning MCE to VMM. Once SEA is redirected to VMM, among other actions, VMM is encouraged to inject external aborts into the faulting VCPU. New UAPIs ========= This patchset introduces following userspace-visible changes to empower VMM to control what happens for SEA on guest memory: - KVM_CAP_ARM_SEA_TO_USER. While taking SEA, if userspace has enabled this new capability at VM creation, and the SEA is not owned by kernel allocated memory, instead of injecting SError, return KVM_EXIT_ARM_SEA to userspace. - KVM_EXIT_ARM_SEA. This is the VM exit reason VMM gets. The details about the SEA is provided in arm_sea as much as possible, including sanitized ESR value at EL2, faulting guest virtual and physical addresses if available. * From v2 [4]: - Rebased on "[PATCH] KVM: arm64: nv: Handle SEAs due to VNCR redirection" [5] and kvmarm/next commit 7b8346bd9fce ("KVM: arm64: Don't attempt vLPI mappings when vPE allocation is disabled") - Took the host_owns_sea implementation from Oliver [6, 7]. - Excluded the guest SEA injection patches. - Updated selftest. * From v1 [8]: - Rebased on commit 4d62121ce9b5 ("KVM: arm64: vgic-debug: Avoid dereferencing NULL ITE pointer"). - Sanitize ESR_EL2 before reporting it to userspace. - Do not do KVM_EXIT_ARM_SEA when SEA is caused by memory allocated to stage-2 translation table. [1] https://cloud.google.com/solutions/sap/docs/manage-host-errors [2] https://lore.kernel.org/kvm/20250109204929.1106563-1-jthoughton@google.com [3] https://lore.kernel.org/kvm/86pljbqqh0.wl-maz@kernel.org [4] https://lore.kernel.org/kvm/20250604050902.3944054-1-jiaqiyan@google.com/ [5] https://lore.kernel.org/kvmarm/20250729182342.3281742-1-oliver.upton@linux.… [6] https://lore.kernel.org/kvm/aHFohmTb9qR_JG1E@linux.dev/#t [7] https://lore.kernel.org/kvm/aHK-DPufhLy5Dtuk@linux.dev/ [8] https://lore.kernel.org/kvm/20250505161412.1926643-1-jiaqiyan@google.com Jiaqi Yan (3): KVM: arm64: VM exit to userspace to handle SEA KVM: selftests: Test for KVM_EXIT_ARM_SEA Documentation: kvm: new UAPI for handling SEA Documentation/virt/kvm/api.rst | 61 ++++ arch/arm64/include/asm/kvm_host.h | 2 + arch/arm64/kvm/arm.c | 5 + arch/arm64/kvm/mmu.c | 68 +++- include/uapi/linux/kvm.h | 10 + tools/arch/arm64/include/asm/esr.h | 2 + tools/testing/selftests/kvm/Makefile.kvm | 1 + .../testing/selftests/kvm/arm64/sea_to_user.c | 327 ++++++++++++++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 1 + 9 files changed, 476 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/kvm/arm64/sea_to_user.c -- 2.50.1.565.gc32cd1483b-goog

2 months, 1 week

1
5
0 0

[PATCH] selftests/bpf: Add -Wsign-compare C compilation flag

by Mehdi Ben Hadj Khelifa

-Change all the source files and the corresponding headers to having matching sign comparisons. Signed-off-by: Mehdi Ben Hadj Khelifa <mehdi.benhadjkhelifa(a)gmail.com> --- As suggested by the TODO, -Wsign-compare was added to the C compilation flags for the selftests/bpf/Makefile and all corresponding files in selftests and a single file under tools/lib/bpf/usdt.bpf.h have been carefully changed to account for correct sign comparisons either by explicit casting or changing the variable type.Only local variables and variables which are in limited scope have been changed in cases where it doesn't break the code.Other struct variables or global ones have left untouched to avoid other conflicts and opted to explicit casting in this case.This change will help avoid implicit type conversions and have predictable behavior. I have already compiled all bpf tests with no errors as well as the kernel and have ran all the selftests with no obvious side effects. I would like to know if it's more convinient to have all changes as a single patch like here or if it needs to be divided in some way and sent as a patch series. Best Regards, Mehdi Ben Hadj Khelifa --- tools/lib/bpf/usdt.bpf.h | 4 ++-- tools/testing/selftests/bpf/Makefile | 4 ++-- tools/testing/selftests/bpf/bpf_arena_htab.h | 2 +- tools/testing/selftests/bpf/progs/arena_list.c | 2 +- .../bpf/progs/bench_local_storage_create.c | 2 +- tools/testing/selftests/bpf/progs/bind_perm.c | 2 +- tools/testing/selftests/bpf/progs/bpf_cc_cubic.c | 2 +- tools/testing/selftests/bpf/progs/bpf_cubic.c | 8 ++++---- .../bpf/progs/bpf_iter_bpf_percpu_array_map.c | 2 +- .../selftests/bpf/progs/bpf_iter_task_stack.c | 2 +- .../testing/selftests/bpf/progs/bpf_iter_tasks.c | 3 ++- .../selftests/bpf/progs/bpf_iter_vma_offset.c | 4 ++-- .../testing/selftests/bpf/progs/bpf_qdisc_fifo.c | 2 +- tools/testing/selftests/bpf/progs/bpf_qdisc_fq.c | 4 ++-- .../bpf/progs/cgroup_getset_retval_getsockopt.c | 6 +++--- .../selftests/bpf/progs/cpumask_success.c | 4 ++-- .../testing/selftests/bpf/progs/dynptr_success.c | 8 ++++---- tools/testing/selftests/bpf/progs/iters.c | 16 ++++++++-------- .../selftests/bpf/progs/kfunc_call_test.c | 2 +- tools/testing/selftests/bpf/progs/linked_list.c | 10 +++++----- tools/testing/selftests/bpf/progs/lsm.c | 2 +- .../testing/selftests/bpf/progs/map_in_map_btf.c | 2 +- tools/testing/selftests/bpf/progs/map_ptr_kern.c | 2 +- .../selftests/bpf/progs/mmap_inner_array.c | 2 +- .../testing/selftests/bpf/progs/mptcp_subflow.c | 2 +- .../selftests/bpf/progs/netif_receive_skb.c | 4 ++-- tools/testing/selftests/bpf/progs/profiler.inc.h | 6 +++--- .../testing/selftests/bpf/progs/rcu_read_lock.c | 4 ++-- .../bpf/progs/sk_storage_omem_uncharge.c | 6 +++--- .../selftests/bpf/progs/sockopt_inherit.c | 4 ++-- tools/testing/selftests/bpf/progs/sockopt_sk.c | 4 ++-- tools/testing/selftests/bpf/progs/strobemeta.h | 2 +- .../selftests/bpf/progs/test_bpf_cookie.c | 2 +- .../testing/selftests/bpf/progs/test_check_mtu.c | 4 ++-- .../selftests/bpf/progs/test_core_extern.c | 2 +- .../testing/selftests/bpf/progs/test_get_xattr.c | 4 ++-- .../selftests/bpf/progs/test_global_func11.c | 2 +- .../selftests/bpf/progs/test_global_func12.c | 2 +- .../selftests/bpf/progs/test_global_func13.c | 2 +- .../selftests/bpf/progs/test_global_func14.c | 2 +- .../selftests/bpf/progs/test_global_func9.c | 2 +- .../selftests/bpf/progs/test_lwt_seg6local.c | 4 ++-- .../testing/selftests/bpf/progs/test_map_init.c | 2 +- .../selftests/bpf/progs/test_parse_tcp_hdr_opt.c | 2 +- .../bpf/progs/test_parse_tcp_hdr_opt_dynptr.c | 2 +- .../selftests/bpf/progs/test_pkt_access.c | 6 +++--- .../testing/selftests/bpf/progs/test_seg6_loop.c | 4 ++-- tools/testing/selftests/bpf/progs/test_skb_ctx.c | 2 +- .../testing/selftests/bpf/progs/test_snprintf.c | 2 +- .../selftests/bpf/progs/test_sockmap_kern.h | 2 +- .../selftests/bpf/progs/test_sockmap_strp.c | 2 +- .../testing/selftests/bpf/progs/test_tc_tunnel.c | 2 +- tools/testing/selftests/bpf/progs/test_xdp.c | 2 +- .../selftests/bpf/progs/test_xdp_dynptr.c | 2 +- .../testing/selftests/bpf/progs/test_xdp_loop.c | 2 +- .../selftests/bpf/progs/test_xdp_noinline.c | 4 ++-- tools/testing/selftests/bpf/progs/udp_limit.c | 2 +- tools/testing/selftests/bpf/progs/uprobe_multi.c | 4 ++-- .../bpf/progs/uprobe_multi_session_recursive.c | 5 +++-- .../selftests/bpf/progs/verifier_arena_large.c | 4 ++-- .../bpf/progs/verifier_iterating_callbacks.c | 2 +- 61 files changed, 105 insertions(+), 103 deletions(-) diff --git a/tools/lib/bpf/usdt.bpf.h b/tools/lib/bpf/usdt.bpf.h index 2a7865c8e3fe..ea20bd4e635d 100644 --- a/tools/lib/bpf/usdt.bpf.h +++ b/tools/lib/bpf/usdt.bpf.h @@ -129,7 +129,7 @@ int bpf_usdt_arg_size(struct pt_regs *ctx, __u64 arg_num) if (arg_num >= BPF_USDT_MAX_ARG_CNT) return -ENOENT; barrier_var(arg_num); - if (arg_num >= spec->arg_cnt) + if (arg_num >= (__u64)spec->arg_cnt) return -ENOENT; arg_spec = &spec->args[arg_num]; @@ -165,7 +165,7 @@ int bpf_usdt_arg(struct pt_regs *ctx, __u64 arg_num, long *res) if (arg_num >= BPF_USDT_MAX_ARG_CNT) return -ENOENT; barrier_var(arg_num); - if (arg_num >= spec->arg_cnt) + if (arg_num >= (__u64)spec->arg_cnt) return -ENOENT; arg_spec = &spec->args[arg_num]; diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile index 4863106034df..97755e421062 100644 --- a/tools/testing/selftests/bpf/Makefile +++ b/tools/testing/selftests/bpf/Makefile @@ -453,8 +453,8 @@ BPF_CFLAGS = -g -Wall -Werror -D__TARGET_ARCH_$(SRCARCH) $(MENDIAN) \ -I$(abspath $(OUTPUT)/../usr/include) \ -std=gnu11 \ -fno-strict-aliasing \ - -Wno-compare-distinct-pointer-types -# TODO: enable me -Wsign-compare + -Wno-compare-distinct-pointer-types \ + -Wsign-compare CLANG_CFLAGS = $(CLANG_SYS_INCLUDES) diff --git a/tools/testing/selftests/bpf/bpf_arena_htab.h b/tools/testing/selftests/bpf/bpf_arena_htab.h index acc01a876668..ad77514c3cb1 100644 --- a/tools/testing/selftests/bpf/bpf_arena_htab.h +++ b/tools/testing/selftests/bpf/bpf_arena_htab.h @@ -42,7 +42,7 @@ static hashtab_elem_t *lookup_elem_raw(arena_list_head_t *head, __u32 hash, int hashtab_elem_t *l; list_for_each_entry(l, head, hash_node) - if (l->hash == hash && l->key == key) + if ((__u32)l->hash == hash && l->key == key) return l; return NULL; diff --git a/tools/testing/selftests/bpf/progs/arena_list.c b/tools/testing/selftests/bpf/progs/arena_list.c index 3a2ddcacbea6..02676f77a4cf 100644 --- a/tools/testing/selftests/bpf/progs/arena_list.c +++ b/tools/testing/selftests/bpf/progs/arena_list.c @@ -50,7 +50,7 @@ int arena_list_add(void *ctx) list_head = &global_head; - for (i = zero; i < cnt && can_loop; i++) { + for (i = zero; i < (__u64)cnt && can_loop; i++) { struct elem __arena *n = bpf_alloc(sizeof(*n)); test_val++; diff --git a/tools/testing/selftests/bpf/progs/bench_local_storage_create.c b/tools/testing/selftests/bpf/progs/bench_local_storage_create.c index c8ec0d0368e4..2b23e59bc04a 100644 --- a/tools/testing/selftests/bpf/progs/bench_local_storage_create.c +++ b/tools/testing/selftests/bpf/progs/bench_local_storage_create.c @@ -44,7 +44,7 @@ int BPF_PROG(sched_process_fork, struct task_struct *parent, struct task_struct { struct storage *stg; - if (parent->tgid != bench_pid) + if ((__u32)parent->tgid != bench_pid) return 0; stg = bpf_task_storage_get(&task_storage_map, child, NULL, diff --git a/tools/testing/selftests/bpf/progs/bind_perm.c b/tools/testing/selftests/bpf/progs/bind_perm.c index 7bd2a027025d..e629909c97b6 100644 --- a/tools/testing/selftests/bpf/progs/bind_perm.c +++ b/tools/testing/selftests/bpf/progs/bind_perm.c @@ -7,7 +7,7 @@ #include <bpf/bpf_helpers.h> #include <bpf/bpf_endian.h> -static __always_inline int bind_prog(struct bpf_sock_addr *ctx, int family) +static __always_inline int bind_prog(struct bpf_sock_addr *ctx, __u32 family) { struct bpf_sock *sk; diff --git a/tools/testing/selftests/bpf/progs/bpf_cc_cubic.c b/tools/testing/selftests/bpf/progs/bpf_cc_cubic.c index 1654a530aa3d..942deb5016a6 100644 --- a/tools/testing/selftests/bpf/progs/bpf_cc_cubic.c +++ b/tools/testing/selftests/bpf/progs/bpf_cc_cubic.c @@ -91,7 +91,7 @@ static void tcp_cwnd_reduction(struct sock *sk, int newly_acked_sacked, (__u64)tp->snd_ssthresh * prr_delivered + tp->prior_cwnd - 1; sndcnt = (__u32)div64_u64(dividend, (__u64)tp->prior_cwnd) - tp->prr_out; } else { - sndcnt = max(prr_delivered - tp->prr_out, newly_acked_sacked); + sndcnt = max(prr_delivered - tp->prr_out, (__u32)newly_acked_sacked); if (flag & FLAG_SND_UNA_ADVANCED && !newly_lost) sndcnt++; sndcnt = min(delta, sndcnt); diff --git a/tools/testing/selftests/bpf/progs/bpf_cubic.c b/tools/testing/selftests/bpf/progs/bpf_cubic.c index f089faa97ae6..100937488d2d 100644 --- a/tools/testing/selftests/bpf/progs/bpf_cubic.c +++ b/tools/testing/selftests/bpf/progs/bpf_cubic.c @@ -277,7 +277,7 @@ static void bictcp_update(struct bpf_bictcp *ca, __u32 cwnd, __u32 acked) ca->ack_cnt += acked; /* count the number of ACKed packets */ if (ca->last_cwnd == cwnd && - (__s32)(tcp_jiffies32 - ca->last_time) <= HZ / 32) + (__s32)(tcp_jiffies32 - ca->last_time) <= (__s32)HZ / 32) return; /* The CUBIC function can update ca->cnt at most once per jiffy. @@ -474,7 +474,7 @@ static void hystart_update(struct sock *sk, __u32 delay) if (sk->sk_pacing_status == SK_PACING_NONE) threshold >>= 1; - if ((__s32)(now - ca->round_start) > threshold) { + if ((__s32)(now - ca->round_start) > (__s32)threshold) { ca->found = 1; tp->snd_ssthresh = tp->snd_cwnd; } @@ -512,7 +512,7 @@ void BPF_PROG(bpf_cubic_acked, struct sock *sk, const struct ack_sample *sample) return; /* Discard delay samples right after fast recovery */ - if (ca->epoch_start && (__s32)(tcp_jiffies32 - ca->epoch_start) < HZ) + if (ca->epoch_start && (__s32)(tcp_jiffies32 - ca->epoch_start) < (__s32)HZ) return; delay = sample->rtt_us; @@ -525,7 +525,7 @@ void BPF_PROG(bpf_cubic_acked, struct sock *sk, const struct ack_sample *sample) /* hystart triggers when cwnd is larger than some threshold */ if (!ca->found && tcp_in_slow_start(tp) && hystart && - tp->snd_cwnd >= hystart_low_window) + tp->snd_cwnd >= (__u32)hystart_low_window) hystart_update(sk, delay); } diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_bpf_percpu_array_map.c b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_percpu_array_map.c index 9fdea8cd4c6f..0baf00463f35 100644 --- a/tools/testing/selftests/bpf/progs/bpf_iter_bpf_percpu_array_map.c +++ b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_percpu_array_map.c @@ -24,7 +24,7 @@ int dump_bpf_percpu_array_map(struct bpf_iter__bpf_map_elem *ctx) __u32 *key = ctx->key; void *pptr = ctx->value; __u32 step; - int i; + __u32 i; if (key == (void *)0 || pptr == (void *)0) return 0; diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_task_stack.c b/tools/testing/selftests/bpf/progs/bpf_iter_task_stack.c index f5a309455490..647ec1aa0326 100644 --- a/tools/testing/selftests/bpf/progs/bpf_iter_task_stack.c +++ b/tools/testing/selftests/bpf/progs/bpf_iter_task_stack.c @@ -27,7 +27,7 @@ int dump_task_stack(struct bpf_iter__task *ctx) BPF_SEQ_PRINTF(seq, "pid: %8u num_entries: %8u\n", task->pid, retlen / SIZE_OF_ULONG); for (i = 0; i < MAX_STACK_TRACE_DEPTH; i++) { - if (retlen > i * SIZE_OF_ULONG) + if ((__u32)retlen > i * SIZE_OF_ULONG) BPF_SEQ_PRINTF(seq, "[<0>] %pB\n", (void *)entries[i]); } BPF_SEQ_PRINTF(seq, "\n"); diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c b/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c index 966ee5a7b066..704db7589565 100644 --- a/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c +++ b/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c @@ -115,7 +115,8 @@ int dump_task_sleepable(struct bpf_iter__task *ctx) /* Same length as the string */ ret = bpf_copy_from_user_task_str((char *)task_str2, 10, user_ptr, task, 0); /* only need to do the task pid check once */ - if (bpf_strncmp(task_str2, 10, "test_data\0") != 0 || ret != 10 || task->tgid != pid) { + if (bpf_strncmp(task_str2, 10, "test_data\0") != 0 || ret != 10 || + (__u32)task->tgid != pid) { BPF_SEQ_PRINTF(seq, "%s\n", info); return 0; } diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_vma_offset.c b/tools/testing/selftests/bpf/progs/bpf_iter_vma_offset.c index 174298e122d3..d9088851babf 100644 --- a/tools/testing/selftests/bpf/progs/bpf_iter_vma_offset.c +++ b/tools/testing/selftests/bpf/progs/bpf_iter_vma_offset.c @@ -22,11 +22,11 @@ int get_vma_offset(struct bpf_iter__task_vma *ctx) if (task == NULL || vma == NULL) return 0; - if (last_tgid != task->tgid) + if (last_tgid != (__u32)task->tgid) unique_tgid_cnt++; last_tgid = task->tgid; - if (task->tgid != pid) + if ((__u32)task->tgid != pid) return 0; if (vma->vm_start <= address && vma->vm_end > address) { diff --git a/tools/testing/selftests/bpf/progs/bpf_qdisc_fifo.c b/tools/testing/selftests/bpf/progs/bpf_qdisc_fifo.c index 1de2be3e370b..7a639dcb23a9 100644 --- a/tools/testing/selftests/bpf/progs/bpf_qdisc_fifo.c +++ b/tools/testing/selftests/bpf/progs/bpf_qdisc_fifo.c @@ -88,7 +88,7 @@ void BPF_PROG(bpf_fifo_reset, struct Qdisc *sch) { struct bpf_list_node *node; struct skb_node *skbn; - int i; + __u32 i; bpf_for(i, 0, sch->q.qlen) { struct sk_buff *skb = NULL; diff --git a/tools/testing/selftests/bpf/progs/bpf_qdisc_fq.c b/tools/testing/selftests/bpf/progs/bpf_qdisc_fq.c index 1a3233a275c7..4f80164b5491 100644 --- a/tools/testing/selftests/bpf/progs/bpf_qdisc_fq.c +++ b/tools/testing/selftests/bpf/progs/bpf_qdisc_fq.c @@ -351,7 +351,7 @@ int BPF_PROG(bpf_fq_enqueue, struct sk_buff *skb, struct Qdisc *sch, jiffies = bpf_jiffies64(); if ((s64)(jiffies - (flow_copy->age + q.flow_refill_delay)) > 0) { - if (flow_copy->credit < q.quantum) + if ((__u32)flow_copy->credit < q.quantum) flow_copy->credit = q.quantum; } flow_copy->age = 0; @@ -590,7 +590,7 @@ struct sk_buff *BPF_PROG(bpf_fq_dequeue, struct Qdisc *sch) { struct dequeue_nonprio_ctx cb_ctx = {}; struct sk_buff *skb = NULL; - int i; + __u32 i; if (!sch->q.qlen) goto out; diff --git a/tools/testing/selftests/bpf/progs/cgroup_getset_retval_getsockopt.c b/tools/testing/selftests/bpf/progs/cgroup_getset_retval_getsockopt.c index 932b8ecd4ae3..854dae839f7f 100644 --- a/tools/testing/selftests/bpf/progs/cgroup_getset_retval_getsockopt.c +++ b/tools/testing/selftests/bpf/progs/cgroup_getset_retval_getsockopt.c @@ -22,7 +22,7 @@ int get_retval(struct bpf_sockopt *ctx) __sync_fetch_and_add(&invocations, 1); /* optval larger than PAGE_SIZE use kernel's buffer. */ - if (ctx->optlen > page_size) + if ((__u32)ctx->optlen > page_size) ctx->optlen = 0; return 1; @@ -37,7 +37,7 @@ int set_eisconn(struct bpf_sockopt *ctx) assertion_error = 1; /* optval larger than PAGE_SIZE use kernel's buffer. */ - if (ctx->optlen > page_size) + if ((__u32)ctx->optlen > page_size) ctx->optlen = 0; return 1; @@ -51,7 +51,7 @@ int clear_retval(struct bpf_sockopt *ctx) ctx->retval = 0; /* optval larger than PAGE_SIZE use kernel's buffer. */ - if (ctx->optlen > page_size) + if ((__u32)ctx->optlen > page_size) ctx->optlen = 0; return 1; diff --git a/tools/testing/selftests/bpf/progs/cpumask_success.c b/tools/testing/selftests/bpf/progs/cpumask_success.c index 0e04c31b91c0..c09e290fbdac 100644 --- a/tools/testing/selftests/bpf/progs/cpumask_success.c +++ b/tools/testing/selftests/bpf/progs/cpumask_success.c @@ -221,7 +221,7 @@ int BPF_PROG(test_first_firstzero_cpu, struct task_struct *task, u64 clone_flags if (!cpumask) return 0; - if (bpf_cpumask_first(cast(cpumask)) < nr_cpus) { + if (bpf_cpumask_first(cast(cpumask)) < (__u32)nr_cpus) { err = 3; goto release_exit; } @@ -866,7 +866,7 @@ int BPF_PROG(test_populate, struct task_struct *task, u64 clone_flags) * access NR_CPUS, the upper bound for nr_cpus, so we infer * it from the size of cpumask_t. */ - if (nr_cpus < 0 || nr_cpus >= CPUMASK_TEST_MASKLEN * 8) { + if (nr_cpus < 0 || (__u32)nr_cpus >= CPUMASK_TEST_MASKLEN * 8) { err = 3; goto out; } diff --git a/tools/testing/selftests/bpf/progs/dynptr_success.c b/tools/testing/selftests/bpf/progs/dynptr_success.c index 8315273cb900..a479147c3441 100644 --- a/tools/testing/selftests/bpf/progs/dynptr_success.c +++ b/tools/testing/selftests/bpf/progs/dynptr_success.c @@ -40,7 +40,7 @@ int test_read_write(void *ctx) char write_data[64] = "hello there, world!!"; char read_data[64] = {}; struct bpf_dynptr ptr; - int i; + __u32 i; if (bpf_get_current_pid_tgid() >> 32 != pid) return 0; @@ -114,7 +114,7 @@ int test_dynptr_data(void *ctx) if (err) return 0; - if (val != *(int *)data) + if ((int)val != *(int *)data) err = 5; return 0; @@ -571,7 +571,7 @@ int BPF_PROG(test_dynptr_skb_tp_btf, void *skb, void *location) static inline int bpf_memcmp(const char *a, const char *b, u32 size) { - int i; + __u32 i; bpf_for(i, 0, size) { if (a[i] != b[i]) @@ -882,7 +882,7 @@ static __always_inline void test_dynptr_probe(void *ptr, bpf_read_dynptr_fn_t bp { char buf[sizeof(expected_str)]; struct bpf_dynptr ptr_buf; - int i; + __u32 i; if (bpf_get_current_pid_tgid() >> 32 != pid) return; diff --git a/tools/testing/selftests/bpf/progs/iters.c b/tools/testing/selftests/bpf/progs/iters.c index 7dd92a303bf6..bb896fd7b364 100644 --- a/tools/testing/selftests/bpf/progs/iters.c +++ b/tools/testing/selftests/bpf/progs/iters.c @@ -369,7 +369,7 @@ SEC("raw_tp") __success int iter_array_fill(const void *ctx) { - int sum, i; + __u32 sum, i; MY_PID_GUARD(); @@ -395,7 +395,7 @@ SEC("raw_tp") __success int iter_nested_iters(const void *ctx) { - int sum, row, col; + __u64 sum, row, col; MY_PID_GUARD(); @@ -463,7 +463,7 @@ int iter_nested_deeply_iters(const void *ctx) static __noinline void fill_inner_dimension(int row) { - int col; + __u64 col; bpf_for(col, 0, ARRAY_SIZE(arr2d[0])) { arr2d[row][col] = row * col; @@ -472,7 +472,7 @@ static __noinline void fill_inner_dimension(int row) static __noinline int sum_inner_dimension(int row) { - int sum = 0, col; + __u64 sum = 0, col; bpf_for(col, 0, ARRAY_SIZE(arr2d[0])) { sum += arr2d[row][col]; @@ -487,7 +487,7 @@ SEC("raw_tp") __success int iter_subprog_iters(const void *ctx) { - int sum, row, col; + __u64 sum, row, col; MY_PID_GUARD(); @@ -626,7 +626,7 @@ __success int iter_stack_array_loop(const void *ctx) { long arr1[16], arr2[16], sum = 0; - int i; + __u32 i; MY_PID_GUARD(); @@ -663,7 +663,7 @@ static __noinline void fill(struct bpf_iter_num *it, int *arr, __u32 n, int mul) while ((t = bpf_iter_num_next(it))) { i = *t; - if (i >= n) + if ((__u32)i >= n) break; arr[i] = i * mul; } @@ -1537,7 +1537,7 @@ int iter_arr_with_actual_elem_count(const void *ctx) { int i, n = loop_data.n, sum = 0; - if (n > ARRAY_SIZE(loop_data.data)) + if ((__u64)n > ARRAY_SIZE(loop_data.data)) return 0; bpf_for(i, 0, n) { diff --git a/tools/testing/selftests/bpf/progs/kfunc_call_test.c b/tools/testing/selftests/bpf/progs/kfunc_call_test.c index 8b86113a0126..c4e570662b54 100644 --- a/tools/testing/selftests/bpf/progs/kfunc_call_test.c +++ b/tools/testing/selftests/bpf/progs/kfunc_call_test.c @@ -108,7 +108,7 @@ int kfunc_syscall_test(struct syscall_test_args *args) { const long size = args->size; - if (size > sizeof(args->data)) + if ((__u64)size > sizeof(args->data)) return -7; /* -E2BIG */ bpf_kfunc_call_test_mem_len_pass1(&args->data, sizeof(args->data)); diff --git a/tools/testing/selftests/bpf/progs/linked_list.c b/tools/testing/selftests/bpf/progs/linked_list.c index 421f40835acd..d817c8a483f3 100644 --- a/tools/testing/selftests/bpf/progs/linked_list.c +++ b/tools/testing/selftests/bpf/progs/linked_list.c @@ -110,7 +110,7 @@ int list_push_pop_multiple(struct bpf_spin_lock *lock, struct bpf_list_head *hea { struct bpf_list_node *n; struct foo *f[200], *pf; - int i; + __u64 i; /* Loop following this check adds nodes 2-at-a-time in order to * validate multiple release_on_unlock release logic @@ -144,7 +144,7 @@ int list_push_pop_multiple(struct bpf_spin_lock *lock, struct bpf_list_head *hea if (!n) return 3; pf = container_of(n, struct foo, node2); - if (pf->data != (ARRAY_SIZE(f) - i - 1)) { + if ((__u64)pf->data != (ARRAY_SIZE(f) - i - 1)) { bpf_obj_drop(pf); return 4; } @@ -163,7 +163,7 @@ int list_push_pop_multiple(struct bpf_spin_lock *lock, struct bpf_list_head *hea if (!n) return 5; pf = container_of(n, struct foo, node2); - if (pf->data != i) { + if ((__u64)pf->data != i) { bpf_obj_drop(pf); return 6; } @@ -193,7 +193,7 @@ int list_in_list(struct bpf_spin_lock *lock, struct bpf_list_head *head, bool le struct bpf_list_node *n; struct bar *ba[8], *b; struct foo *f; - int i; + __u64 i; f = bpf_obj_new(typeof(*f)); if (!f) @@ -238,7 +238,7 @@ int list_in_list(struct bpf_spin_lock *lock, struct bpf_list_head *head, bool le return 6; } b = container_of(n, struct bar, node); - if (b->data != i) { + if ((__u64)b->data != i) { bpf_obj_drop(f); bpf_obj_drop(b); return 7; diff --git a/tools/testing/selftests/bpf/progs/lsm.c b/tools/testing/selftests/bpf/progs/lsm.c index 0c13b7409947..bb6a4bb6e364 100644 --- a/tools/testing/selftests/bpf/progs/lsm.c +++ b/tools/testing/selftests/bpf/progs/lsm.c @@ -115,7 +115,7 @@ int BPF_PROG(test_void_hook, struct linux_binprm *bprm) __u32 key = 0; __u64 *value; - if (monitored_pid == pid) + if ((__u32)monitored_pid == pid) bprm_count++; bpf_copy_from_user(args, sizeof(args), (void *)bprm->vma->vm_mm->arg_start); diff --git a/tools/testing/selftests/bpf/progs/map_in_map_btf.c b/tools/testing/selftests/bpf/progs/map_in_map_btf.c index 7a1336d7b16a..719368217fe8 100644 --- a/tools/testing/selftests/bpf/progs/map_in_map_btf.c +++ b/tools/testing/selftests/bpf/progs/map_in_map_btf.c @@ -49,7 +49,7 @@ int add_to_list_in_inner_array(void *ctx) struct bpf_map *map; int zero = 0; - if (done || (u32)bpf_get_current_pid_tgid() != pid) + if (done || (__u32)bpf_get_current_pid_tgid() != (__u32)pid) return 0; map = bpf_map_lookup_elem(&outer_array, &zero); diff --git a/tools/testing/selftests/bpf/progs/map_ptr_kern.c b/tools/testing/selftests/bpf/progs/map_ptr_kern.c index efaf622c28dd..310526d06233 100644 --- a/tools/testing/selftests/bpf/progs/map_ptr_kern.c +++ b/tools/testing/selftests/bpf/progs/map_ptr_kern.c @@ -148,7 +148,7 @@ static inline int check_array(void) { struct bpf_array *array = (struct bpf_array *)&m_array; struct bpf_map *map = (struct bpf_map *)&m_array; - int i, n_lookups = 0, n_keys = 0; + __u32 i, n_lookups = 0, n_keys = 0; VERIFY(check_default(&array->map, map)); diff --git a/tools/testing/selftests/bpf/progs/mmap_inner_array.c b/tools/testing/selftests/bpf/progs/mmap_inner_array.c index 90aacbc2938a..90e31cf3a4d3 100644 --- a/tools/testing/selftests/bpf/progs/mmap_inner_array.c +++ b/tools/testing/selftests/bpf/progs/mmap_inner_array.c @@ -38,7 +38,7 @@ int add_to_list_in_inner_array(void *ctx) __u64 *value; curr_pid = (u32)bpf_get_current_pid_tgid(); - if (done || curr_pid != pid) + if (done || curr_pid != (__u32)pid) return 0; pid_match = true; diff --git a/tools/testing/selftests/bpf/progs/mptcp_subflow.c b/tools/testing/selftests/bpf/progs/mptcp_subflow.c index 70302477e326..8af5c2dfc08c 100644 --- a/tools/testing/selftests/bpf/progs/mptcp_subflow.c +++ b/tools/testing/selftests/bpf/progs/mptcp_subflow.c @@ -63,7 +63,7 @@ int mptcp_subflow(struct bpf_sock_ops *skops) static int _check_getsockopt_subflow_mark(struct mptcp_sock *msk, struct bpf_sockopt *ctx) { struct mptcp_subflow_context *subflow; - int i = 0; + __u32 i = 0; mptcp_for_each_subflow(msk, subflow) { struct sock *ssk; diff --git a/tools/testing/selftests/bpf/progs/netif_receive_skb.c b/tools/testing/selftests/bpf/progs/netif_receive_skb.c index 9e067dcbf607..920b884eef01 100644 --- a/tools/testing/selftests/bpf/progs/netif_receive_skb.c +++ b/tools/testing/selftests/bpf/progs/netif_receive_skb.c @@ -35,7 +35,7 @@ static int __strncmp(const void *m1, const void *m2, size_t len) { const unsigned char *s1 = m1; const unsigned char *s2 = m2; - int i, delta = 0; + size_t i, delta = 0; for (i = 0; i < len; i++) { delta = s1[i] - s2[i]; @@ -107,7 +107,7 @@ int BPF_PROG(trace_netif_receive_skb, struct sk_buff *skb) /* Ensure we can write skb string representation */ p.type_id = bpf_core_type_id_kernel(struct sk_buff); p.ptr = skb; - for (i = 0; i < ARRAY_SIZE(flags); i++) { + for (i = 0; (size_t)i < ARRAY_SIZE(flags); i++) { ++num_subtests; ret = bpf_snprintf_btf(str, STRSIZE, &p, sizeof(p), 0); if (ret < 0) diff --git a/tools/testing/selftests/bpf/progs/profiler.inc.h b/tools/testing/selftests/bpf/progs/profiler.inc.h index 813143b4985d..f664f5915169 100644 --- a/tools/testing/selftests/bpf/progs/profiler.inc.h +++ b/tools/testing/selftests/bpf/progs/profiler.inc.h @@ -169,7 +169,7 @@ static INLINE int get_var_spid_index(struct var_kill_data_arr_t* arr_struct, #ifdef UNROLL __pragma_loop_unroll #endif - for (int i = 0; i < ARRAY_SIZE(arr_struct->array); i++) + for (size_t i = 0; i < ARRAY_SIZE(arr_struct->array); i++) if (arr_struct->array[i].meta.pid == spid) return i; return -1; @@ -402,7 +402,7 @@ static INLINE int trace_var_sys_kill(void* ctx, int tpid, int sig) #ifdef UNROLL __pragma_loop_unroll #endif - for (int i = 0; i < ARRAY_SIZE(arr_struct->array); i++) + for (size_t i = 0; i < ARRAY_SIZE(arr_struct->array); i++) if (arr_struct->array[i].meta.pid == 0) { bpf_probe_read_kernel(&arr_struct->array[i], sizeof(arr_struct->array[i]), @@ -629,7 +629,7 @@ int raw_tracepoint__sched_process_exit(void* ctx) #ifdef UNROLL __pragma_loop_unroll #endif - for (int i = 0; i < ARRAY_SIZE(arr_struct->array); i++) { + for (size_t i = 0; i < ARRAY_SIZE(arr_struct->array); i++) { struct var_kill_data_t* past_kill_data = &arr_struct->array[i]; if (past_kill_data != NULL && past_kill_data->kill_target_pid == (pid_t)tpid) { diff --git a/tools/testing/selftests/bpf/progs/rcu_read_lock.c b/tools/testing/selftests/bpf/progs/rcu_read_lock.c index 3a868a199349..38fa039f586b 100644 --- a/tools/testing/selftests/bpf/progs/rcu_read_lock.c +++ b/tools/testing/selftests/bpf/progs/rcu_read_lock.c @@ -34,7 +34,7 @@ int get_cgroup_id(void *ctx) struct css_set *cgroups; task = bpf_get_current_task_btf(); - if (task->pid != target_pid) + if ((__u32)task->pid != target_pid) return 0; /* simulate bpf_get_current_cgroup_id() helper */ @@ -56,7 +56,7 @@ int task_succ(void *ctx) long *ptr; task = bpf_get_current_task_btf(); - if (task->pid != target_pid) + if ((__u32)task->pid != target_pid) return 0; bpf_rcu_read_lock(); diff --git a/tools/testing/selftests/bpf/progs/sk_storage_omem_uncharge.c b/tools/testing/selftests/bpf/progs/sk_storage_omem_uncharge.c index 46d6eb2a3b17..2df842c7e9ed 100644 --- a/tools/testing/selftests/bpf/progs/sk_storage_omem_uncharge.c +++ b/tools/testing/selftests/bpf/progs/sk_storage_omem_uncharge.c @@ -28,7 +28,7 @@ int BPF_PROG(bpf_local_storage_destroy, struct bpf_local_storage *local_storage) return 0; sk = bpf_core_cast(sk_ptr, struct sock); - if (sk->sk_cookie.counter != cookie) + if ((__u64)sk->sk_cookie.counter != cookie) return 0; cookie_found++; @@ -43,11 +43,11 @@ int BPF_PROG(inet6_sock_destruct, struct sock *sk) { int *value; - if (!cookie || sk->sk_cookie.counter != cookie) + if (!cookie || (__u64)sk->sk_cookie.counter != cookie) return 0; value = bpf_sk_storage_get(&sk_storage, sk, 0, 0); - if (value && *value == 0xdeadbeef) { + if (value && (__u32)*value == 0xdeadbeef) { cookie_found++; sk_ptr = sk; local_storage_ptr = sk->sk_bpf_storage; diff --git a/tools/testing/selftests/bpf/progs/sockopt_inherit.c b/tools/testing/selftests/bpf/progs/sockopt_inherit.c index a3434b840928..9f15752af34b 100644 --- a/tools/testing/selftests/bpf/progs/sockopt_inherit.c +++ b/tools/testing/selftests/bpf/progs/sockopt_inherit.c @@ -56,7 +56,7 @@ int _getsockopt(struct bpf_sockopt *ctx) struct sockopt_inherit *storage; __u8 *optval = ctx->optval; - if (ctx->level != SOL_CUSTOM) + if (ctx->level != (__s32)SOL_CUSTOM) goto out; /* only interested in SOL_CUSTOM */ if (optval + 1 > optval_end) @@ -87,7 +87,7 @@ int _setsockopt(struct bpf_sockopt *ctx) struct sockopt_inherit *storage; __u8 *optval = ctx->optval; - if (ctx->level != SOL_CUSTOM) + if (ctx->level != (__s32)SOL_CUSTOM) goto out; /* only interested in SOL_CUSTOM */ if (optval + 1 > optval_end) diff --git a/tools/testing/selftests/bpf/progs/sockopt_sk.c b/tools/testing/selftests/bpf/progs/sockopt_sk.c index cb990a7d3d45..f08529dfb2cb 100644 --- a/tools/testing/selftests/bpf/progs/sockopt_sk.c +++ b/tools/testing/selftests/bpf/progs/sockopt_sk.c @@ -107,7 +107,7 @@ int _getsockopt(struct bpf_sockopt *ctx) return 1; } - if (ctx->level != SOL_CUSTOM) + if (ctx->level != (__s32)SOL_CUSTOM) return 0; /* deny everything except custom level */ if (optval + 1 > optval_end) @@ -212,7 +212,7 @@ int _setsockopt(struct bpf_sockopt *ctx) return 1; } - if (ctx->level != SOL_CUSTOM) + if (ctx->level != (__s32)SOL_CUSTOM) return 0; /* deny everything except custom level */ if (optval + 1 > optval_end) diff --git a/tools/testing/selftests/bpf/progs/strobemeta.h b/tools/testing/selftests/bpf/progs/strobemeta.h index a5c74d31a244..36b4e82abae2 100644 --- a/tools/testing/selftests/bpf/progs/strobemeta.h +++ b/tools/testing/selftests/bpf/progs/strobemeta.h @@ -409,7 +409,7 @@ static __always_inline uint64_t read_map_var(struct strobemeta_cfg *cfg, descr->id = map.id; descr->cnt = map.cnt; - if (cfg->req_meta_idx == idx) { + if (cfg->req_meta_idx == (__s64)idx) { data->req_id = map.id; data->req_meta_valid = 1; } diff --git a/tools/testing/selftests/bpf/progs/test_bpf_cookie.c b/tools/testing/selftests/bpf/progs/test_bpf_cookie.c index c83142b55f47..47e80864b6b8 100644 --- a/tools/testing/selftests/bpf/progs/test_bpf_cookie.c +++ b/tools/testing/selftests/bpf/progs/test_bpf_cookie.c @@ -6,7 +6,7 @@ #include <bpf/bpf_tracing.h> #include <errno.h> -int my_tid; +__u32 my_tid; __u64 kprobe_res; __u64 kprobe_multi_res; diff --git a/tools/testing/selftests/bpf/progs/test_check_mtu.c b/tools/testing/selftests/bpf/progs/test_check_mtu.c index 2ec1de11a3ae..246caea8124f 100644 --- a/tools/testing/selftests/bpf/progs/test_check_mtu.c +++ b/tools/testing/selftests/bpf/progs/test_check_mtu.c @@ -47,7 +47,7 @@ int xdp_use_helper(struct xdp_md *ctx) goto out; } - if (mtu_len != GLOBAL_USER_MTU) + if (mtu_len != (__u32)GLOBAL_USER_MTU) retval = XDP_DROP; out: @@ -165,7 +165,7 @@ int tc_use_helper(struct __sk_buff *ctx) goto out; } - if (mtu_len != GLOBAL_USER_MTU) + if (mtu_len != (__u32)GLOBAL_USER_MTU) retval = BPF_REDIRECT; out: global_bpf_mtu_tc = mtu_len; diff --git a/tools/testing/selftests/bpf/progs/test_core_extern.c b/tools/testing/selftests/bpf/progs/test_core_extern.c index a3c7c1042f35..4eae1eb885f1 100644 --- a/tools/testing/selftests/bpf/progs/test_core_extern.c +++ b/tools/testing/selftests/bpf/progs/test_core_extern.c @@ -37,7 +37,7 @@ uint64_t missing_val = -1; SEC("raw_tp/sys_enter") int handle_sys_enter(struct pt_regs *ctx) { - int i; + __u32 i; kern_ver = LINUX_KERNEL_VERSION; unkn_virt_val = LINUX_UNKNOWN_VIRTUAL_EXTERN; diff --git a/tools/testing/selftests/bpf/progs/test_get_xattr.c b/tools/testing/selftests/bpf/progs/test_get_xattr.c index 54305f4c9f2d..3cda9379a62a 100644 --- a/tools/testing/selftests/bpf/progs/test_get_xattr.c +++ b/tools/testing/selftests/bpf/progs/test_get_xattr.c @@ -42,7 +42,7 @@ int BPF_PROG(test_file_open, struct file *f) bpf_dynptr_from_mem(value1, sizeof(value1), 0, &value_ptr); - for (i = 0; i < ARRAY_SIZE(xattr_names); i++) { + for (i = 0; (__u32)i < ARRAY_SIZE(xattr_names); i++) { ret = bpf_get_file_xattr(f, xattr_names[i], &value_ptr); if (ret == sizeof(expected_value)) break; @@ -68,7 +68,7 @@ int BPF_PROG(test_inode_getxattr, struct dentry *dentry, char *name) bpf_dynptr_from_mem(value2, sizeof(value2), 0, &value_ptr); - for (i = 0; i < ARRAY_SIZE(xattr_names); i++) { + for (i = 0; (__u32)i < ARRAY_SIZE(xattr_names); i++) { ret = bpf_get_dentry_xattr(dentry, xattr_names[i], &value_ptr); if (ret == sizeof(expected_value)) break; diff --git a/tools/testing/selftests/bpf/progs/test_global_func11.c b/tools/testing/selftests/bpf/progs/test_global_func11.c index 283e036dc401..2ad72bf0e07b 100644 --- a/tools/testing/selftests/bpf/progs/test_global_func11.c +++ b/tools/testing/selftests/bpf/progs/test_global_func11.c @@ -5,7 +5,7 @@ #include "bpf_misc.h" struct S { - int x; + __u32 x; }; __noinline int foo(const struct S *s) diff --git a/tools/testing/selftests/bpf/progs/test_global_func12.c b/tools/testing/selftests/bpf/progs/test_global_func12.c index 6e03d42519a6..53eab8ec6772 100644 --- a/tools/testing/selftests/bpf/progs/test_global_func12.c +++ b/tools/testing/selftests/bpf/progs/test_global_func12.c @@ -5,7 +5,7 @@ #include "bpf_misc.h" struct S { - int x; + __u32 x; }; __noinline int foo(const struct S *s) diff --git a/tools/testing/selftests/bpf/progs/test_global_func13.c b/tools/testing/selftests/bpf/progs/test_global_func13.c index 02ea80da75b5..c4afdfc9d92e 100644 --- a/tools/testing/selftests/bpf/progs/test_global_func13.c +++ b/tools/testing/selftests/bpf/progs/test_global_func13.c @@ -5,7 +5,7 @@ #include "bpf_misc.h" struct S { - int x; + __u32 x; }; __noinline int foo(const struct S *s) diff --git a/tools/testing/selftests/bpf/progs/test_global_func14.c b/tools/testing/selftests/bpf/progs/test_global_func14.c index 33b7d5efd7b2..9c494fb39e2f 100644 --- a/tools/testing/selftests/bpf/progs/test_global_func14.c +++ b/tools/testing/selftests/bpf/progs/test_global_func14.c @@ -9,7 +9,7 @@ struct S; __noinline int foo(const struct S *s) { if (s) - return bpf_get_prandom_u32() < *(const int *) s; + return bpf_get_prandom_u32() < *(const __u32 *) s; return 0; } diff --git a/tools/testing/selftests/bpf/progs/test_global_func9.c b/tools/testing/selftests/bpf/progs/test_global_func9.c index 1f2cb0159b8d..9138d9bd08fc 100644 --- a/tools/testing/selftests/bpf/progs/test_global_func9.c +++ b/tools/testing/selftests/bpf/progs/test_global_func9.c @@ -5,7 +5,7 @@ #include "bpf_misc.h" struct S { - int x; + __u32 x; }; struct C { diff --git a/tools/testing/selftests/bpf/progs/test_lwt_seg6local.c b/tools/testing/selftests/bpf/progs/test_lwt_seg6local.c index fed66f36adb6..976af2d3cdda 100644 --- a/tools/testing/selftests/bpf/progs/test_lwt_seg6local.c +++ b/tools/testing/selftests/bpf/progs/test_lwt_seg6local.c @@ -167,7 +167,7 @@ int is_valid_tlv_boundary(struct __sk_buff *skb, struct ip6_srh_t *srh, if (*pad_off == 0) *pad_off = cur_off; - if (*tlv_off == -1) + if (*tlv_off == (__u32)-1) *tlv_off = cur_off; else if (!offset_valid) return -EINVAL; @@ -186,7 +186,7 @@ int add_tlv(struct __sk_buff *skb, struct ip6_srh_t *srh, uint32_t tlv_off, uint32_t partial_srh_len; int err; - if (tlv_off != -1) + if (tlv_off != (__u32)-1) tlv_off += srh_off; if (itlv->type == SR6_TLV_PADDING || itlv->type == SR6_TLV_HMAC) diff --git a/tools/testing/selftests/bpf/progs/test_map_init.c b/tools/testing/selftests/bpf/progs/test_map_init.c index c89d28ead673..311e6ac64588 100644 --- a/tools/testing/selftests/bpf/progs/test_map_init.c +++ b/tools/testing/selftests/bpf/progs/test_map_init.c @@ -22,7 +22,7 @@ int sysenter_getpgid(const void *ctx) /* Just do it for once, when called from our own test prog. This * ensures the map value is only updated for a single CPU. */ - int cur_pid = bpf_get_current_pid_tgid() >> 32; + __u32 cur_pid = bpf_get_current_pid_tgid() >> 32; if (cur_pid == inPid) bpf_map_update_elem(&hashmap1, &inKey, &inValue, BPF_NOEXIST); diff --git a/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt.c b/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt.c index d9b2ba7ac340..4b8ab8716246 100644 --- a/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt.c +++ b/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt.c @@ -102,7 +102,7 @@ int xdp_ingress_v6(struct xdp_md *xdp) opt_state.byte_offset = sizeof(struct tcphdr) + tcp_offset; /* max number of bytes of options in tcp header is 40 bytes */ - for (int i = 0; i < tcp_hdr_opt_max_opt_checks; i++) { + for (__u32 i = 0; i < tcp_hdr_opt_max_opt_checks; i++) { err = parse_hdr_opt(xdp, &opt_state); if (err || !opt_state.hdr_bytes_remaining) diff --git a/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt_dynptr.c b/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt_dynptr.c index dc6e43bc6a62..bf3ac5c2938c 100644 --- a/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt_dynptr.c +++ b/tools/testing/selftests/bpf/progs/test_parse_tcp_hdr_opt_dynptr.c @@ -100,7 +100,7 @@ int xdp_ingress_v6(struct xdp_md *xdp) off += sizeof(struct tcphdr); /* max number of bytes of options in tcp header is 40 bytes */ - for (int i = 0; i < tcp_hdr_opt_max_opt_checks; i++) { + for (__u32 i = 0; i < tcp_hdr_opt_max_opt_checks; i++) { err = parse_hdr_opt(&ptr, &off, &hdr_bytes_remaining, &server_id); if (err || !hdr_bytes_remaining) diff --git a/tools/testing/selftests/bpf/progs/test_pkt_access.c b/tools/testing/selftests/bpf/progs/test_pkt_access.c index bce7173152c6..39b5a5ba9033 100644 --- a/tools/testing/selftests/bpf/progs/test_pkt_access.c +++ b/tools/testing/selftests/bpf/progs/test_pkt_access.c @@ -130,11 +130,11 @@ int test_pkt_access(struct __sk_buff *skb) tcp = (struct tcphdr *)((void *)(ip6h) + ihl_len); } - if (test_pkt_access_subprog1(skb) != skb->len * 2) + if ((__u32)test_pkt_access_subprog1(skb) != skb->len * 2) return TC_ACT_SHOT; - if (test_pkt_access_subprog2(2, skb) != skb->len * 2) + if ((__u32)test_pkt_access_subprog2(2, skb) != skb->len * 2) return TC_ACT_SHOT; - if (test_pkt_access_subprog3(3, skb) != skb->len * 3 * skb->ifindex) + if ((__u32)test_pkt_access_subprog3(3, skb) != skb->len * 3 * skb->ifindex) return TC_ACT_SHOT; if (tcp) { if (test_pkt_write_access_subprog(skb, (void *)tcp - data)) diff --git a/tools/testing/selftests/bpf/progs/test_seg6_loop.c b/tools/testing/selftests/bpf/progs/test_seg6_loop.c index 5059050f74f6..fccb21d23fe2 100644 --- a/tools/testing/selftests/bpf/progs/test_seg6_loop.c +++ b/tools/testing/selftests/bpf/progs/test_seg6_loop.c @@ -170,7 +170,7 @@ static __always_inline int is_valid_tlv_boundary(struct __sk_buff *skb, if (*pad_off == 0) *pad_off = cur_off; - if (*tlv_off == -1) + if (*tlv_off == (__u32)-1) *tlv_off = cur_off; else if (!offset_valid) return -EINVAL; @@ -189,7 +189,7 @@ static __always_inline int add_tlv(struct __sk_buff *skb, uint32_t partial_srh_len; int err; - if (tlv_off != -1) + if (tlv_off != (__u32)-1) tlv_off += srh_off; if (itlv->type == SR6_TLV_PADDING || itlv->type == SR6_TLV_HMAC) diff --git a/tools/testing/selftests/bpf/progs/test_skb_ctx.c b/tools/testing/selftests/bpf/progs/test_skb_ctx.c index a724a70c6700..7939a2edc414 100644 --- a/tools/testing/selftests/bpf/progs/test_skb_ctx.c +++ b/tools/testing/selftests/bpf/progs/test_skb_ctx.c @@ -11,7 +11,7 @@ SEC("tc") int process(struct __sk_buff *skb) { __pragma_loop_unroll_full - for (int i = 0; i < 5; i++) { + for (__u32 i = 0; i < 5; i++) { if (skb->cb[i] != i + 1) return 1; skb->cb[i]++; diff --git a/tools/testing/selftests/bpf/progs/test_snprintf.c b/tools/testing/selftests/bpf/progs/test_snprintf.c index 8fda07544023..1aa4835da71a 100644 --- a/tools/testing/selftests/bpf/progs/test_snprintf.c +++ b/tools/testing/selftests/bpf/progs/test_snprintf.c @@ -4,7 +4,7 @@ #include <linux/bpf.h> #include <bpf/bpf_helpers.h> -__u32 pid = 0; +int pid = 0; char num_out[64] = {}; long num_ret = 0; diff --git a/tools/testing/selftests/bpf/progs/test_sockmap_kern.h b/tools/testing/selftests/bpf/progs/test_sockmap_kern.h index f48f85f1bd70..2297c83433b7 100644 --- a/tools/testing/selftests/bpf/progs/test_sockmap_kern.h +++ b/tools/testing/selftests/bpf/progs/test_sockmap_kern.h @@ -336,7 +336,7 @@ int bpf_prog9(struct sk_msg_md *msg) bytes = bpf_map_lookup_elem(&sock_cork_bytes, &zero); if (bytes) { - if (((__u64)data_end - (__u64)data) >= *bytes) + if (((__u64)data_end - (__u64)data) >= (__u64)*bytes) return SK_PASS; ret = bpf_msg_cork_bytes(msg, *bytes); if (ret) diff --git a/tools/testing/selftests/bpf/progs/test_sockmap_strp.c b/tools/testing/selftests/bpf/progs/test_sockmap_strp.c index dde3d5bec515..e9675c45d8ef 100644 --- a/tools/testing/selftests/bpf/progs/test_sockmap_strp.c +++ b/tools/testing/selftests/bpf/progs/test_sockmap_strp.c @@ -2,7 +2,7 @@ #include <linux/bpf.h> #include <bpf/bpf_helpers.h> #include <bpf/bpf_endian.h> -int verdict_max_size = 10000; +__u32 verdict_max_size = 10000; struct { __uint(type, BPF_MAP_TYPE_SOCKMAP); __uint(max_entries, 20); diff --git a/tools/testing/selftests/bpf/progs/test_tc_tunnel.c b/tools/testing/selftests/bpf/progs/test_tc_tunnel.c index 404124a93892..c7e2d4571a2b 100644 --- a/tools/testing/selftests/bpf/progs/test_tc_tunnel.c +++ b/tools/testing/selftests/bpf/progs/test_tc_tunnel.c @@ -80,7 +80,7 @@ static __always_inline void set_ipv4_csum(struct iphdr *iph) { __u16 *iph16 = (__u16 *)iph; __u32 csum; - int i; + size_t i; iph->check = 0; diff --git a/tools/testing/selftests/bpf/progs/test_xdp.c b/tools/testing/selftests/bpf/progs/test_xdp.c index 8caf58be5818..ce2a9ae26088 100644 --- a/tools/testing/selftests/bpf/progs/test_xdp.c +++ b/tools/testing/selftests/bpf/progs/test_xdp.c @@ -89,7 +89,7 @@ static __always_inline int handle_ipv4(struct xdp_md *xdp) struct vip vip = {}; int dport; __u32 csum = 0; - int i; + size_t i; if (iph + 1 > data_end) return XDP_DROP; diff --git a/tools/testing/selftests/bpf/progs/test_xdp_dynptr.c b/tools/testing/selftests/bpf/progs/test_xdp_dynptr.c index 67a77944ef29..12ad0ec91021 100644 --- a/tools/testing/selftests/bpf/progs/test_xdp_dynptr.c +++ b/tools/testing/selftests/bpf/progs/test_xdp_dynptr.c @@ -89,7 +89,7 @@ static __always_inline int handle_ipv4(struct xdp_md *xdp, struct bpf_dynptr *xd struct vip vip = {}; int dport; __u32 csum = 0; - int i; + size_t i; __builtin_memset(eth_buffer, 0, sizeof(eth_buffer)); __builtin_memset(iph_buffer_tcp, 0, sizeof(iph_buffer_tcp)); diff --git a/tools/testing/selftests/bpf/progs/test_xdp_loop.c b/tools/testing/selftests/bpf/progs/test_xdp_loop.c index 93267a68825b..e9b7bbff5c23 100644 --- a/tools/testing/selftests/bpf/progs/test_xdp_loop.c +++ b/tools/testing/selftests/bpf/progs/test_xdp_loop.c @@ -85,7 +85,7 @@ static __always_inline int handle_ipv4(struct xdp_md *xdp) struct vip vip = {}; int dport; __u32 csum = 0; - int i; + size_t i; if (iph + 1 > data_end) return XDP_DROP; diff --git a/tools/testing/selftests/bpf/progs/test_xdp_noinline.c b/tools/testing/selftests/bpf/progs/test_xdp_noinline.c index fad94e41cef9..85ef3c0a3e20 100644 --- a/tools/testing/selftests/bpf/progs/test_xdp_noinline.c +++ b/tools/testing/selftests/bpf/progs/test_xdp_noinline.c @@ -372,7 +372,7 @@ bool encap_v4(struct xdp_md *xdp, struct ctl_value *cval, next_iph_u16 = (__u16 *) iph; __pragma_loop_unroll_full - for (int i = 0; i < sizeof(struct iphdr) >> 1; i++) + for (size_t i = 0; i < sizeof(struct iphdr) >> 1; i++) csum += *next_iph_u16++; iph->check = ~((csum & 0xffff) + (csum >> 16)); if (bpf_xdp_adjust_head(xdp, (int)sizeof(struct iphdr))) @@ -423,7 +423,7 @@ int send_icmp_reply(void *data, void *data_end) iph->check = 0; next_iph_u16 = (__u16 *) iph; __pragma_loop_unroll_full - for (int i = 0; i < sizeof(struct iphdr) >> 1; i++) + for (size_t i = 0; i < sizeof(struct iphdr) >> 1; i++) csum += *next_iph_u16++; iph->check = ~((csum & 0xffff) + (csum >> 16)); return swap_mac_and_send(data, data_end); diff --git a/tools/testing/selftests/bpf/progs/udp_limit.c b/tools/testing/selftests/bpf/progs/udp_limit.c index 4767451b59ac..af1b3195ea8a 100644 --- a/tools/testing/selftests/bpf/progs/udp_limit.c +++ b/tools/testing/selftests/bpf/progs/udp_limit.c @@ -50,7 +50,7 @@ int sock_release(struct bpf_sock *ctx) return 1; sk_storage = bpf_sk_storage_get(&sk_map, ctx, 0, 0); - if (!sk_storage || *sk_storage != 0xdeadbeef) + if (!sk_storage || *sk_storage != (int)0xdeadbeef) return 0; __sync_fetch_and_add(&invocations, 1); diff --git a/tools/testing/selftests/bpf/progs/uprobe_multi.c b/tools/testing/selftests/bpf/progs/uprobe_multi.c index 44190efcdba2..f99957773c3a 100644 --- a/tools/testing/selftests/bpf/progs/uprobe_multi.c +++ b/tools/testing/selftests/bpf/progs/uprobe_multi.c @@ -20,13 +20,13 @@ __u64 uretprobe_multi_func_3_result = 0; __u64 uprobe_multi_sleep_result = 0; -int pid = 0; +__u32 pid = 0; int child_pid = 0; int child_tid = 0; int child_pid_usdt = 0; int child_tid_usdt = 0; -int expect_pid = 0; +__u32 expect_pid = 0; bool bad_pid_seen = false; bool bad_pid_seen_usdt = false; diff --git a/tools/testing/selftests/bpf/progs/uprobe_multi_session_recursive.c b/tools/testing/selftests/bpf/progs/uprobe_multi_session_recursive.c index 8fbcd69fae22..017f1859ebe8 100644 --- a/tools/testing/selftests/bpf/progs/uprobe_multi_session_recursive.c +++ b/tools/testing/selftests/bpf/progs/uprobe_multi_session_recursive.c @@ -3,6 +3,7 @@ #include <bpf/bpf_helpers.h> #include <bpf/bpf_tracing.h> #include <stdbool.h> +#include <stddef.h> #include "bpf_kfuncs.h" #include "bpf_misc.h" @@ -10,8 +11,8 @@ char _license[] SEC("license") = "GPL"; int pid = 0; -int idx_entry = 0; -int idx_return = 0; +size_t idx_entry = 0; +size_t idx_return = 0; __u64 test_uprobe_cookie_entry[6]; __u64 test_uprobe_cookie_return[3]; diff --git a/tools/testing/selftests/bpf/progs/verifier_arena_large.c b/tools/testing/selftests/bpf/progs/verifier_arena_large.c index 9dbdf123542d..6e1147b83c8b 100644 --- a/tools/testing/selftests/bpf/progs/verifier_arena_large.c +++ b/tools/testing/selftests/bpf/progs/verifier_arena_large.c @@ -86,10 +86,10 @@ int access_reserved(void *ctx) return 1; /* Try to dirty reserved memory. */ - for (i = 0; i < len && can_loop; i++) + for (i = 0; (size_t)i < len && can_loop; i++) *page = 0x5a; - for (i = 0; i < len && can_loop; i++) { + for (i = 0; (size_t)i < len && can_loop; i++) { page = (volatile char __arena *)(base + i * PAGE_SIZE); /* diff --git a/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c b/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c index 75dd922e4e9f..72f9f8c23c93 100644 --- a/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c +++ b/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c @@ -593,7 +593,7 @@ int loop_inside_iter_volatile_limit(const void *ctx) { struct bpf_iter_num it; int *v, sum = 0; - __u64 i = 0; + __s32 i = 0; bpf_iter_num_new(&it, 0, ARR2_SZ); while ((v = bpf_iter_num_next(&it))) { -- 2.51.0

2 months, 1 week

4
8
0 0

[PATCH bpf-next v2 0/3] selftests/bpf: benchmark all symbols for kprobe-multi

by Menglong Dong

Add the benchmark testcase "kprobe-multi-all", which will hook all the kernel functions during the testing. This series is separated out from [1]. Changes since V1: * introduce trace_blacklist instead of copy-pasting strcmp in the 2nd patch * use fprintf() instead of printf() in 3rd patch Link: https://lore.kernel.org/bpf/20250817024607.296117-1-dongml2@chinatelecom.cn/ [1] Menglong Dong (3): selftests/bpf: move get_ksyms and get_addrs to trace_helpers.c selftests/bpf: skip recursive functions for kprobe_multi selftests/bpf: add benchmark testing for kprobe-multi-all tools/testing/selftests/bpf/bench.c | 4 + .../selftests/bpf/benchs/bench_trigger.c | 53 ++++ .../selftests/bpf/benchs/run_bench_trigger.sh | 4 +- .../bpf/prog_tests/kprobe_multi_test.c | 220 +--------------- .../selftests/bpf/progs/trigger_bench.c | 12 + tools/testing/selftests/bpf/trace_helpers.c | 234 ++++++++++++++++++ tools/testing/selftests/bpf/trace_helpers.h | 3 + 7 files changed, 311 insertions(+), 219 deletions(-) -- 2.51.0

2 months, 1 week

4
8
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror September 2025