Linux-kselftest-mirror

linux-kselftest-mirror@lists.linaro.org

131 participants
14274 discussions

[PATCH net-next v9 0/5] net: devmem: improve cpu cost of RX token management

by Bobby Eshleman

This series improves the CPU cost of RX token management by adding an attribute to NETDEV_CMD_BIND_RX that configures sockets using the binding to avoid the xarray allocator and instead use a per-binding niov array and a uref field in niov. Improvement is ~13% cpu util per RX user thread. Using kperf, the following results were observed: Before: Average RX worker idle %: 13.13, flows 4, test runs 11 After: Average RX worker idle %: 26.32, flows 4, test runs 11 Two other approaches were tested, but with no improvement. Namely, 1) using a hashmap for tokens and 2) keeping an xarray of atomic counters but using RCU so that the hotpath could be mostly lockless. Neither of these approaches proved better than the simple array in terms of CPU. The attribute NETDEV_A_DMABUF_AUTORELEASE is added to toggle the optimization. It is an optional attribute and defaults to 0 (i.e., optimization on). Signed-off-by: Bobby Eshleman <bobbyeshleman(a)meta.com> Changes in v9: - fixed build with NET_DEVMEM=n - fixed bug in rx bindings count logic - Link to v8: https://lore.kernel.org/r/20260107-scratch-bobbyeshleman-devmem-tcp-token-u… Changes in v8: - change static branch logic (only set when enabled, otherwise just always revert back to disabled) - fix missing tests - Link to v7: https://lore.kernel.org/r/20251119-scratch-bobbyeshleman-devmem-tcp-token-u… Changes in v7: - use netlink instead of sockopt (Stan) - restrict system to only one mode, dmabuf bindings can not co-exist with different modes (Stan) - use static branching to enforce single system-wide mode (Stan) - Link to v6: https://lore.kernel.org/r/20251104-scratch-bobbyeshleman-devmem-tcp-token-u… Changes in v6: - renamed 'net: devmem: use niov array for token management' to refer to optionality of new config - added documentation and tests - make autorelease flag per-socket sockopt instead of binding field / sysctl - many per-patch changes (see Changes sections per-patch) - Link to v5: https://lore.kernel.org/r/20251023-scratch-bobbyeshleman-devmem-tcp-token-u… Changes in v5: - add sysctl to opt-out of performance benefit, back to old token release - Link to v4: https://lore.kernel.org/all/20250926-scratch-bobbyeshleman-devmem-tcp-token… Changes in v4: - rebase to net-next - Link to v3: https://lore.kernel.org/r/20250926-scratch-bobbyeshleman-devmem-tcp-token-u… Changes in v3: - make urefs per-binding instead of per-socket, reducing memory footprint - fallback to cleaning up references in dmabuf unbind if socket leaked tokens - drop ethtool patch - Link to v2: https://lore.kernel.org/r/20250911-scratch-bobbyeshleman-devmem-tcp-token-u… Changes in v2: - net: ethtool: prevent user from breaking devmem single-binding rule (Mina) - pre-assign niovs in binding->vec for RX case (Mina) - remove WARNs on invalid user input (Mina) - remove extraneous binding ref get (Mina) - remove WARN for changed binding (Mina) - always use GFP_ZERO for binding->vec (Mina) - fix length of alloc for urefs - use atomic_set(, 0) to initialize sk_user_frags.urefs - Link to v1: https://lore.kernel.org/r/20250902-scratch-bobbyeshleman-devmem-tcp-token-u… --- Bobby Eshleman (5): net: devmem: rename tx_vec to vec in dmabuf binding net: devmem: refactor sock_devmem_dontneed for autorelease split net: devmem: implement autorelease token management net: devmem: document NETDEV_A_DMABUF_AUTORELEASE netlink attribute selftests: drv-net: devmem: add autorelease test Documentation/netlink/specs/netdev.yaml | 12 +++ Documentation/networking/devmem.rst | 70 +++++++++++++ include/net/netmem.h | 1 + include/net/sock.h | 7 +- include/uapi/linux/netdev.h | 1 + net/core/devmem.c | 116 ++++++++++++++++++---- net/core/devmem.h | 29 +++++- net/core/netdev-genl-gen.c | 5 +- net/core/netdev-genl.c | 10 +- net/core/sock.c | 103 ++++++++++++++----- net/ipv4/tcp.c | 76 +++++++++++--- net/ipv4/tcp_ipv4.c | 11 +- net/ipv4/tcp_minisocks.c | 3 +- tools/include/uapi/linux/netdev.h | 1 + tools/testing/selftests/drivers/net/hw/devmem.py | 21 +++- tools/testing/selftests/drivers/net/hw/ncdevmem.c | 19 ++-- 16 files changed, 407 insertions(+), 78 deletions(-) --- base-commit: 6ad078fa0ababa8de2a2b39f476d2abd179a3cf6 change-id: 20250829-scratch-bobbyeshleman-devmem-tcp-token-upstream-292be174d503 Best regards, -- Bobby Eshleman <bobbyeshleman(a)meta.com>

2 hours, 25 minutes

[PATCH RESEND net-next] selftests/net/ipsec: Fix variable size type not at the end of struct

by Ankit Khushwaha

The "struct alg" object contains a union of 3 xfrm structures: union { struct xfrm_algo; struct xfrm_algo_aead; struct xfrm_algo_auth; } All of them end with a flexible array member used to store key material, but the flexible array appears at *different offsets* in each struct. bcz of this, union itself is of variable-sized & Placing it above char buf[...] triggers: ipsec.c:835:5: warning: field 'u' with variable sized type 'union (unnamed union at ipsec.c:831:3)' not at the end of a struct or class is a GNU extension [-Wgnu-variable-sized-type-not-at-end] 835 | } u; | ^ one fix is to use "TRAILING_OVERLAP()" which works with one flexible array member only. But In "struct alg" flexible array member exists in all union members, but not at the same offset, so TRAILING_OVERLAP cannot be applied. so the fix is to explicitly overlay the key buffer at the correct offset for the largest union member (xfrm_algo_auth). This ensures that the flexible-array region and the fixed buffer line up. No functional change. Reviewed-by: Simon Horman <horms(a)kernel.org> Signed-off-by: Ankit Khushwaha <ankitkhushwaha.linux(a)gmail.com> --- CCed Gustavo and linux-hardening as suggested by Simon. Previous patch: https://lore.kernel.org/all/aSiXmp4mh7M3RaRv@horms.kernel.org/t/#u --- tools/testing/selftests/net/ipsec.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/ipsec.c b/tools/testing/selftests/net/ipsec.c index 0ccf484b1d9d..f4afef51b930 100644 --- a/tools/testing/selftests/net/ipsec.c +++ b/tools/testing/selftests/net/ipsec.c @@ -43,6 +43,10 @@ #define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2*!!(condition)])) +#ifndef offsetof +#define offsetof(TYPE, MEMBER) __builtin_offsetof(TYPE, MEMBER) +#endif + #define IPV4_STR_SZ 16 /* xxx.xxx.xxx.xxx is longest + \0 */ #define MAX_PAYLOAD 2048 #define XFRM_ALGO_KEY_BUF_SIZE 512 @@ -827,13 +831,16 @@ static int xfrm_fill_key(char *name, char *buf, static int xfrm_state_pack_algo(struct nlmsghdr *nh, size_t req_sz, struct xfrm_desc *desc) { - struct { + union { union { struct xfrm_algo alg; struct xfrm_algo_aead aead; struct xfrm_algo_auth auth; } u; - char buf[XFRM_ALGO_KEY_BUF_SIZE]; + struct { + unsigned char __offset_to_FAM[offsetof(struct xfrm_algo_auth, alg_key)]; + char buf[XFRM_ALGO_KEY_BUF_SIZE]; + }; } alg = {}; size_t alen, elen, clen, aelen; unsigned short type; -- 2.52.0

3 hours, 6 minutes

[PATCH net-next v14 00/12] vsock: add namespace support to vhost-vsock and loopback

by Bobby Eshleman

This series adds namespace support to vhost-vsock and loopback. It does not add namespaces to any of the other guest transports (virtio-vsock, hyperv, or vmci). The current revision supports two modes: local and global. Local mode is complete isolation of namespaces, while global mode is complete sharing between namespaces of CIDs (the original behavior). The mode is set using the parent namespace's /proc/sys/net/vsock/child_ns_mode and inherited when a new namespace is created. The mode of the current namespace can be queried by reading /proc/sys/net/vsock/ns_mode. The mode can not change after the namespace has been created. Modes are per-netns. This allows a system to configure namespaces independently (some may share CIDs, others are completely isolated). This also supports future possible mixed use cases, where there may be namespaces in global mode spinning up VMs while there are mixed mode namespaces that provide services to the VMs, but are not allowed to allocate from the global CID pool (this mode is not implemented in this series). Additionally, added tests for the new namespace features: tools/testing/selftests/vsock/vmtest.sh 1..25 ok 1 vm_server_host_client ok 2 vm_client_host_server ok 3 vm_loopback ok 4 ns_host_vsock_ns_mode_ok ok 5 ns_host_vsock_child_ns_mode_ok ok 6 ns_global_same_cid_fails ok 7 ns_local_same_cid_ok ok 8 ns_global_local_same_cid_ok ok 9 ns_local_global_same_cid_ok ok 10 ns_diff_global_host_connect_to_global_vm_ok ok 11 ns_diff_global_host_connect_to_local_vm_fails ok 12 ns_diff_global_vm_connect_to_global_host_ok ok 13 ns_diff_global_vm_connect_to_local_host_fails ok 14 ns_diff_local_host_connect_to_local_vm_fails ok 15 ns_diff_local_vm_connect_to_local_host_fails ok 16 ns_diff_global_to_local_loopback_local_fails ok 17 ns_diff_local_to_global_loopback_fails ok 18 ns_diff_local_to_local_loopback_fails ok 19 ns_diff_global_to_global_loopback_ok ok 20 ns_same_local_loopback_ok ok 21 ns_same_local_host_connect_to_local_vm_ok ok 22 ns_same_local_vm_connect_to_local_host_ok ok 23 ns_delete_vm_ok ok 24 ns_delete_host_ok ok 25 ns_delete_both_ok SUMMARY: PASS=25 SKIP=0 FAIL=0 Thanks again for everyone's help and reviews! Suggested-by: Sargun Dhillon <sargun(a)sargun.me> Signed-off-by: Bobby Eshleman <bobbyeshleman(a)gmail.com> Changes in v14: - squashed 'vsock: add per-net vsock NS mode state' into 'vsock: add netns to vsock core' (MST) - remove RFC tag - fixed base-commit (still had b4 configured to depend on old vmtest.sh series) - Link to v13: https://lore.kernel.org/all/20251223-vsock-vmtest-v13-0-9d6db8e7c80b@meta.c… Changes in v13: - add support for immutable sysfs ns_mode and inheritance from sysfs child_ns_mode - remove passing around of net_mode, can be accessed now via vsock_net_mode(net) since it is immutable - update tests for new uAPI - add one patch to extend the kselftest timeout (it was starting to fail with the new tests added) - Link to v12: https://lore.kernel.org/r/20251126-vsock-vmtest-v12-0-257ee21cd5de@meta.com Changes in v12: - add ns mode checking to _allow() callbacks to reject local mode for incompatible transports (Stefano) - flip vhost/loopback to return true for stream_allow() and seqpacket_allow() in "vsock: add netns support to virtio transports" (Stefano) - add VMADDR_CID_ANY + local mode documentation in af_vsock.c (Stefano) - change "selftests/vsock: add tests for host <-> vm connectivity with namespaces" to skip test 29 in vsock_test for namespace local vsock_test calls in a host local-mode namespace. There is a false-positive edge case for that test encountered with the ->stream_allow() approach. More details in that patch. - updated cover letter with new test output - Link to v11: https://lore.kernel.org/r/20251120-vsock-vmtest-v11-0-55cbc80249a7@meta.com Changes in v11: - vmtest: add a patch to use ss in wait_for_listener functions and support vsock, tcp, and unix. Change all patches to use the new functions. - vmtest: add a patch to re-use vm dmesg / warn counting functions - Link to v10: https://lore.kernel.org/r/20251117-vsock-vmtest-v10-0-df08f165bf3e@meta.com Changes in v10: - Combine virtio common patches into one (Stefano) - Resolve vsock_loopback virtio_transport_reset_no_sock() issue with info->vsk setting. This eliminates the need for skb->cb, so remove skb->cb patches. - many line width 80 fixes - Link to v9: https://lore.kernel.org/all/20251111-vsock-vmtest-v9-0-852787a37bed@meta.com Changes in v9: - reorder loopback patch after patch for virtio transport common code - remove module ordering tests patch because loopback no longer depends on pernet ops - major simplifications in vsock_loopback - added a new patch for blocking local mode for guests, added test case to check - add net ref tracking to vsock_loopback patch - Link to v8: https://lore.kernel.org/r/20251023-vsock-vmtest-v8-0-dea984d02bb0@meta.com Changes in v8: - Break generic cleanup/refactoring patches into standalone series, remove those from this series - Link to dependency: https://lore.kernel.org/all/20251022-vsock-selftests-fixes-and-improvements… - Link to v7: https://lore.kernel.org/r/20251021-vsock-vmtest-v7-0-0661b7b6f081@meta.com Changes in v7: - fix hv_sock build - break out vmtest patches into distinct, more well-scoped patches - change `orig_net_mode` to `net_mode` - many fixes and style changes in per-patch change sets (see individual patches for specific changes) - optimize `virtio_vsock_skb_cb` layout - update commit messages with more useful descriptions - vsock_loopback: use orig_net_mode instead of current net mode - add tests for edge cases (ns deletion, mode changing, loopback module load ordering) - Link to v6: https://lore.kernel.org/r/20250916-vsock-vmtest-v6-0-064d2eb0c89d@meta.com Changes in v6: - define behavior when mode changes to local while socket/VM is alive - af_vsock: clarify description of CID behavior - af_vsock: use stronger langauge around CID rules (dont use "may") - af_vsock: improve naming of buf/buffer - af_vsock: improve string length checking on proc writes - vsock_loopback: add space in struct to clarify lock protection - vsock_loopback: do proper cleanup/unregister on vsock_loopback_exit() - vsock_loopback: use virtio_vsock_skb_net() instead of sock_net() - vsock_loopback: set loopback to NULL after kfree() - vsock_loopback: use pernet_operations and remove callback mechanism - vsock_loopback: add macros for "global" and "local" - vsock_loopback: fix length checking - vmtest.sh: check for namespace support in vmtest.sh - Link to v5: https://lore.kernel.org/r/20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com Changes in v5: - /proc/net/vsock_ns_mode -> /proc/sys/net/vsock/ns_mode - vsock_global_net -> vsock_global_dummy_net - fix netns lookup in vhost_vsock to respect pid namespaces - add callbacks for vsock_loopback to avoid circular dependency - vmtest.sh loads vsock_loopback module - remove vsock_net_mode_can_set() - change vsock_net_write_mode() to return true/false based on success - make vsock_net_mode enum instead of u8 - Link to v4: https://lore.kernel.org/r/20250805-vsock-vmtest-v4-0-059ec51ab111@meta.com Changes in v4: - removed RFC tag - implemented loopback support - renamed new tests to better reflect behavior - completed suite of tests with permutations of ns modes and vsock_test as guest/host - simplified socat bridging with unix socket instead of tcp + veth - only use vsock_test for success case, socat for failure case (context in commit message) - lots of cleanup Changes in v3: - add notion of "modes" - add procfs /proc/net/vsock_ns_mode - local and global modes only - no /dev/vhost-vsock-netns - vmtest.sh already merged, so new patch just adds new tests for NS - Link to v2: https://lore.kernel.org/kvm/20250312-vsock-netns-v2-0-84bffa1aa97a@gmail.com Changes in v2: - only support vhost-vsock namespaces - all g2h namespaces retain old behavior, only common API changes impacted by vhost-vsock changes - add /dev/vhost-vsock-netns for "opt-in" - leave /dev/vhost-vsock to old behavior - removed netns module param - Link to v1: https://lore.kernel.org/r/20200116172428.311437-1-sgarzare@redhat.com Changes in v1: - added 'netns' module param to vsock.ko to enable the network namespace support (disabled by default) - added 'vsock_net_eq()' to check the "net" assigned to a socket only when 'netns' support is enabled - Link to RFC: https://patchwork.ozlabs.org/cover/1202235/ --- Bobby Eshleman (12): vsock: add netns to vsock core virtio: set skb owner of virtio_transport_reset_no_sock() reply vsock: add netns support to virtio transports selftests/vsock: increase timeout to 1200 selftests/vsock: add namespace helpers to vmtest.sh selftests/vsock: prepare vm management helpers for namespaces selftests/vsock: add vm_dmesg_{warn,oops}_count() helpers selftests/vsock: use ss to wait for listeners instead of /proc/net selftests/vsock: add tests for proc sys vsock ns_mode selftests/vsock: add namespace tests for CID collisions selftests/vsock: add tests for host <-> vm connectivity with namespaces selftests/vsock: add tests for namespace deletion MAINTAINERS | 1 + drivers/vhost/vsock.c | 44 +- include/linux/virtio_vsock.h | 9 +- include/net/af_vsock.h | 53 +- include/net/net_namespace.h | 4 + include/net/netns/vsock.h | 17 + net/vmw_vsock/af_vsock.c | 297 ++++++++- net/vmw_vsock/hyperv_transport.c | 7 +- net/vmw_vsock/virtio_transport.c | 22 +- net/vmw_vsock/virtio_transport_common.c | 62 +- net/vmw_vsock/vmci_transport.c | 26 +- net/vmw_vsock/vsock_loopback.c | 22 +- tools/testing/selftests/vsock/settings | 2 +- tools/testing/selftests/vsock/vmtest.sh | 1055 +++++++++++++++++++++++++++++-- 14 files changed, 1488 insertions(+), 133 deletions(-) --- base-commit: 2f2d896ec59a11a9baaa56818466db7a3178c041 change-id: 20250325-vsock-vmtest-b3a21d2102c2 Best regards, -- Bobby Eshleman <bobbyeshleman(a)meta.com>

3 hours, 14 minutes

[PATCH bpf-next v7 0/3] bpf: Fix FIONREAD and copied_seq issues

by Jiayuan Chen

syzkaller reported a bug [1] where a socket using sockmap, after being unloaded, exposed incorrect copied_seq calculation. The selftest I provided can be used to reproduce the issue reported by syzkaller. TCP recvmsg seq # bug 2: copied E92C873, seq E68D125, rcvnxt E7CEB7C, fl 40 WARNING: CPU: 1 PID: 5997 at net/ipv4/tcp.c:2724 tcp_recvmsg_locked+0xb2f/0x2910 net/ipv4/tcp.c:2724 Call Trace: <TASK> receive_fallback_to_copy net/ipv4/tcp.c:1968 [inline] tcp_zerocopy_receive+0x131a/0x2120 net/ipv4/tcp.c:2200 do_tcp_getsockopt+0xe28/0x26c0 net/ipv4/tcp.c:4713 tcp_getsockopt+0xdf/0x100 net/ipv4/tcp.c:4812 do_sock_getsockopt+0x34d/0x440 net/socket.c:2421 __sys_getsockopt+0x12f/0x260 net/socket.c:2450 __do_sys_getsockopt net/socket.c:2457 [inline] __se_sys_getsockopt net/socket.c:2454 [inline] __x64_sys_getsockopt+0xbd/0x160 net/socket.c:2454 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f A sockmap socket maintains its own receive queue (ingress_msg) which may contain data from either its own protocol stack or forwarded from other sockets. FD1:read() -- FD1->copied_seq++ | [read data] | [enqueue data] v [sockmap] -> ingress to self -> ingress_msg queue FD1 native stack ------> ^ -- FD1->rcv_nxt++ -> redirect to other | [enqueue data] | | | ingress to FD1 v ^ ... | [sockmap] FD2 native stack The issue occurs when reading from ingress_msg: we update tp->copied_seq by default, but if the data comes from other sockets (not the socket's own protocol stack), tcp->rcv_nxt remains unchanged. Later, when converting back to a native socket, reads may fail as copied_seq could be significantly larger than rcv_nxt. Additionally, FIONREAD calculation based on copied_seq and rcv_nxt is insufficient for sockmap sockets, requiring separate field tracking. [1] https://syzkaller.appspot.com/bug?extid=06dbd397158ec0ea4983 --- v5 -> v7: Some modifications suggested by Jakub Sitnicki, and added Reviewed-by tag. https://lore.kernel.org/bpf/20260106051458.279151-1-jiayuan.chen@linux.dev/ v1 -> v5: Use skmsg.sk instead of extending BPF_F_XXX macro and fix CI failure reported by CI v1: https://lore.kernel.org/bpf/20251117110736.293040-1-jiayuan.chen@linux.dev/ Jiayuan Chen (3): bpf, sockmap: Fix incorrect copied_seq calculation bpf, sockmap: Fix FIONREAD for sockmap bpf, selftest: Add tests for FIONREAD and copied_seq include/linux/skmsg.h | 70 ++++- net/core/skmsg.c | 31 +- net/ipv4/tcp_bpf.c | 37 ++- net/ipv4/udp_bpf.c | 23 +- .../selftests/bpf/prog_tests/sockmap_basic.c | 277 +++++++++++++++++- .../bpf/progs/test_sockmap_pass_prog.c | 14 + 6 files changed, 435 insertions(+), 17 deletions(-) -- 2.43.0

3 hours, 35 minutes

[PATCH net-next 0/2] selftests: net: improve error handling in passive TFO test

by Yohei Kojima

This series improves error handling in the passive TFO test by (1) fixing a broken behavior when the child processes failed (or timed out), and (2) adding more error handlng code in the test program. The first patch fixes the behavior that the test didn't report failure even if the server or the client process exited with non-zero status. The second patch adds error handling code in the test program to improve reliability of the test. This series was split out from the following series to address the feedback from Andrew Lunn: https://lore.kernel.org/netdev/cover.1767032397.git.yk@y-koj.net/ Yohei Kojima (2): selftests: net: fix passive TFO test to fail if child processes failed selftests: net: improve error handling in passive TFO test tools/testing/selftests/net/tfo.c | 10 +++++++--- tools/testing/selftests/net/tfo_passive.sh | 13 ++++++++++++- 2 files changed, 19 insertions(+), 4 deletions(-) -- 2.52.0

4 hours, 39 minutes

[PATCH v2 0/8] Various mm kselftests improvements/fixes

by Kevin Brodsky

Various improvements/fixes for the mm kselftests: - Patch 1-3 extend support for more build configurations: out-of-tree $KDIR, cross-compilation, etc. - Patch 4-6 fix issues related to faulting in pages, introducing a new helper for that purpose. - Patch 7 fixes the value returned by pagemap_ioctl (PASS was always returned, which explains why the issue fixed in patch 6 went unnoticed). - Patch 8 improves the exit code of pfnmap. Net results: - 1 test no longer fails (patch 6) - 3 tests are no longer skipped (patch 4) - More accurate return values for whole suites (patch 7, 8) - Extra tests are more likely to be built (patch 1-3) --- v1..v2: - New patches: 1, 4, 5, 8 v1: https://lore.kernel.org/all/20251216142633.2401447-1-kevin.brodsky@arm.com/ --- Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: David Hildenbrand <david(a)kernel.org> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Mark Brown <broonie(a)kernel.org> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Shuah Khan <shuah(a)kernel.org> --- Kevin Brodsky (8): selftests/mm: default KDIR to build directory selftests/mm: remove flaky header check selftests/mm: pass down full CC and CFLAGS to check_config.sh selftests/mm: fix usage of FORCE_READ() in cow tests selftests/mm: introduce helper to read every page in range selftests/mm: fix faulting-in code in pagemap_ioctl test selftests/mm: fix exit code in pagemap_ioctl selftests/mm: report SKIP in pfnmap if a check fails tools/testing/selftests/mm/Makefile | 8 +- tools/testing/selftests/mm/check_config.sh | 3 +- tools/testing/selftests/mm/cow.c | 16 ++-- tools/testing/selftests/mm/hugetlb-madvise.c | 9 +- tools/testing/selftests/mm/page_frag/Makefile | 2 +- tools/testing/selftests/mm/pagemap_ioctl.c | 10 +- tools/testing/selftests/mm/pfnmap.c | 95 ++++++++++++------- .../selftests/mm/split_huge_page_test.c | 6 +- tools/testing/selftests/mm/vm_util.h | 6 ++ 9 files changed, 84 insertions(+), 71 deletions(-) base-commit: 9ace4753a5202b02191d54e9fdf7f9e3d02b85eb -- 2.51.2

5 hours, 30 minutes

[PATCH RFC net-next v13 00/13] vsock: add namespace support to vhost-vsock and loopback

by Bobby Eshleman

This series adds namespace support to vhost-vsock and loopback. It does not add namespaces to any of the other guest transports (virtio-vsock, hyperv, or vmci). The current revision supports two modes: local and global. Local mode is complete isolation of namespaces, while global mode is complete sharing between namespaces of CIDs (the original behavior). The mode is set using the parent namespace's /proc/sys/net/vsock/child_ns_mode and inherited when a new namespace is created. The mode of the current namespace can be queried by reading /proc/sys/net/vsock/ns_mode. The mode can not change after the namespace has been created. Modes are per-netns. This allows a system to configure namespaces independently (some may share CIDs, others are completely isolated). This also supports future possible mixed use cases, where there may be namespaces in global mode spinning up VMs while there are mixed mode namespaces that provide services to the VMs, but are not allowed to allocate from the global CID pool (this mode is not implemented in this series). Additionally, added tests for the new namespace features: tools/testing/selftests/vsock/vmtest.sh 1..25 ok 1 vm_server_host_client ok 2 vm_client_host_server ok 3 vm_loopback ok 4 ns_host_vsock_ns_mode_ok ok 5 ns_host_vsock_child_ns_mode_ok ok 6 ns_global_same_cid_fails ok 7 ns_local_same_cid_ok ok 8 ns_global_local_same_cid_ok ok 9 ns_local_global_same_cid_ok ok 10 ns_diff_global_host_connect_to_global_vm_ok ok 11 ns_diff_global_host_connect_to_local_vm_fails ok 12 ns_diff_global_vm_connect_to_global_host_ok ok 13 ns_diff_global_vm_connect_to_local_host_fails ok 14 ns_diff_local_host_connect_to_local_vm_fails ok 15 ns_diff_local_vm_connect_to_local_host_fails ok 16 ns_diff_global_to_local_loopback_local_fails ok 17 ns_diff_local_to_global_loopback_fails ok 18 ns_diff_local_to_local_loopback_fails ok 19 ns_diff_global_to_global_loopback_ok ok 20 ns_same_local_loopback_ok ok 21 ns_same_local_host_connect_to_local_vm_ok ok 22 ns_same_local_vm_connect_to_local_host_ok ok 23 ns_delete_vm_ok ok 24 ns_delete_host_ok ok 25 ns_delete_both_ok SUMMARY: PASS=25 SKIP=0 FAIL=0 Thanks again for everyone's help and reviews! Suggested-by: Sargun Dhillon <sargun(a)sargun.me> Signed-off-by: Bobby Eshleman <bobbyeshleman(a)gmail.com> Changes in v13: - add support for immutable sysfs ns_mode and inheritance from sysfs child_ns_mode - remove passing around of net_mode, can be accessed now via vsock_net_mode(net) since it is immutable - update tests for new uAPI - add one patch to extend the kselftest timeout (it was starting to fail with the new tests added) - Link to v12: https://lore.kernel.org/r/20251126-vsock-vmtest-v12-0-257ee21cd5de@meta.com Changes in v12: - add ns mode checking to _allow() callbacks to reject local mode for incompatible transports (Stefano) - flip vhost/loopback to return true for stream_allow() and seqpacket_allow() in "vsock: add netns support to virtio transports" (Stefano) - add VMADDR_CID_ANY + local mode documentation in af_vsock.c (Stefano) - change "selftests/vsock: add tests for host <-> vm connectivity with namespaces" to skip test 29 in vsock_test for namespace local vsock_test calls in a host local-mode namespace. There is a false-positive edge case for that test encountered with the ->stream_allow() approach. More details in that patch. - updated cover letter with new test output - Link to v11: https://lore.kernel.org/r/20251120-vsock-vmtest-v11-0-55cbc80249a7@meta.com Changes in v11: - vmtest: add a patch to use ss in wait_for_listener functions and support vsock, tcp, and unix. Change all patches to use the new functions. - vmtest: add a patch to re-use vm dmesg / warn counting functions - Link to v10: https://lore.kernel.org/r/20251117-vsock-vmtest-v10-0-df08f165bf3e@meta.com Changes in v10: - Combine virtio common patches into one (Stefano) - Resolve vsock_loopback virtio_transport_reset_no_sock() issue with info->vsk setting. This eliminates the need for skb->cb, so remove skb->cb patches. - many line width 80 fixes - Link to v9: https://lore.kernel.org/all/20251111-vsock-vmtest-v9-0-852787a37bed@meta.com Changes in v9: - reorder loopback patch after patch for virtio transport common code - remove module ordering tests patch because loopback no longer depends on pernet ops - major simplifications in vsock_loopback - added a new patch for blocking local mode for guests, added test case to check - add net ref tracking to vsock_loopback patch - Link to v8: https://lore.kernel.org/r/20251023-vsock-vmtest-v8-0-dea984d02bb0@meta.com Changes in v8: - Break generic cleanup/refactoring patches into standalone series, remove those from this series - Link to dependency: https://lore.kernel.org/all/20251022-vsock-selftests-fixes-and-improvements… - Link to v7: https://lore.kernel.org/r/20251021-vsock-vmtest-v7-0-0661b7b6f081@meta.com Changes in v7: - fix hv_sock build - break out vmtest patches into distinct, more well-scoped patches - change `orig_net_mode` to `net_mode` - many fixes and style changes in per-patch change sets (see individual patches for specific changes) - optimize `virtio_vsock_skb_cb` layout - update commit messages with more useful descriptions - vsock_loopback: use orig_net_mode instead of current net mode - add tests for edge cases (ns deletion, mode changing, loopback module load ordering) - Link to v6: https://lore.kernel.org/r/20250916-vsock-vmtest-v6-0-064d2eb0c89d@meta.com Changes in v6: - define behavior when mode changes to local while socket/VM is alive - af_vsock: clarify description of CID behavior - af_vsock: use stronger langauge around CID rules (dont use "may") - af_vsock: improve naming of buf/buffer - af_vsock: improve string length checking on proc writes - vsock_loopback: add space in struct to clarify lock protection - vsock_loopback: do proper cleanup/unregister on vsock_loopback_exit() - vsock_loopback: use virtio_vsock_skb_net() instead of sock_net() - vsock_loopback: set loopback to NULL after kfree() - vsock_loopback: use pernet_operations and remove callback mechanism - vsock_loopback: add macros for "global" and "local" - vsock_loopback: fix length checking - vmtest.sh: check for namespace support in vmtest.sh - Link to v5: https://lore.kernel.org/r/20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com Changes in v5: - /proc/net/vsock_ns_mode -> /proc/sys/net/vsock/ns_mode - vsock_global_net -> vsock_global_dummy_net - fix netns lookup in vhost_vsock to respect pid namespaces - add callbacks for vsock_loopback to avoid circular dependency - vmtest.sh loads vsock_loopback module - remove vsock_net_mode_can_set() - change vsock_net_write_mode() to return true/false based on success - make vsock_net_mode enum instead of u8 - Link to v4: https://lore.kernel.org/r/20250805-vsock-vmtest-v4-0-059ec51ab111@meta.com Changes in v4: - removed RFC tag - implemented loopback support - renamed new tests to better reflect behavior - completed suite of tests with permutations of ns modes and vsock_test as guest/host - simplified socat bridging with unix socket instead of tcp + veth - only use vsock_test for success case, socat for failure case (context in commit message) - lots of cleanup Changes in v3: - add notion of "modes" - add procfs /proc/net/vsock_ns_mode - local and global modes only - no /dev/vhost-vsock-netns - vmtest.sh already merged, so new patch just adds new tests for NS - Link to v2: https://lore.kernel.org/kvm/20250312-vsock-netns-v2-0-84bffa1aa97a@gmail.com Changes in v2: - only support vhost-vsock namespaces - all g2h namespaces retain old behavior, only common API changes impacted by vhost-vsock changes - add /dev/vhost-vsock-netns for "opt-in" - leave /dev/vhost-vsock to old behavior - removed netns module param - Link to v1: https://lore.kernel.org/r/20200116172428.311437-1-sgarzare@redhat.com Changes in v1: - added 'netns' module param to vsock.ko to enable the network namespace support (disabled by default) - added 'vsock_net_eq()' to check the "net" assigned to a socket only when 'netns' support is enabled - Link to RFC: https://patchwork.ozlabs.org/cover/1202235/ --- Bobby Eshleman (13): vsock: add per-net vsock NS mode state vsock: add netns to vsock core virtio: set skb owner of virtio_transport_reset_no_sock() reply vsock: add netns support to virtio transports selftests/vsock: increase timeout to 1200 selftests/vsock: add namespace helpers to vmtest.sh selftests/vsock: prepare vm management helpers for namespaces selftests/vsock: add vm_dmesg_{warn,oops}_count() helpers selftests/vsock: use ss to wait for listeners instead of /proc/net selftests/vsock: add tests for proc sys vsock ns_mode selftests/vsock: add namespace tests for CID collisions selftests/vsock: add tests for host <-> vm connectivity with namespaces selftests/vsock: add tests for namespace deletion MAINTAINERS | 1 + drivers/vhost/vsock.c | 44 +- include/linux/virtio_vsock.h | 9 +- include/net/af_vsock.h | 53 +- include/net/net_namespace.h | 4 + include/net/netns/vsock.h | 17 + net/vmw_vsock/af_vsock.c | 296 ++++++++- net/vmw_vsock/hyperv_transport.c | 7 +- net/vmw_vsock/virtio_transport.c | 22 +- net/vmw_vsock/virtio_transport_common.c | 62 +- net/vmw_vsock/vmci_transport.c | 26 +- net/vmw_vsock/vsock_loopback.c | 22 +- tools/testing/selftests/vsock/settings | 2 +- tools/testing/selftests/vsock/vmtest.sh | 1055 +++++++++++++++++++++++++++++-- 14 files changed, 1487 insertions(+), 133 deletions(-) --- base-commit: 962ac5ca99a5c3e7469215bf47572440402dfd59 change-id: 20250325-vsock-vmtest-b3a21d2102c2 prerequisite-message-id: <20251022-vsock-selftests-fixes-and-improvements-v1-0-edeb179d6463(a)meta.com> prerequisite-patch-id: a2eecc3851f2509ed40009a7cab6990c6d7cfff5 prerequisite-patch-id: 501db2100636b9c8fcb3b64b8b1df797ccbede85 prerequisite-patch-id: ba1a2f07398a035bc48ef72edda41888614be449 prerequisite-patch-id: fd5cc5445aca9355ce678e6d2bfa89fab8a57e61 prerequisite-patch-id: 795ab4432ffb0843e22b580374782e7e0d99b909 prerequisite-patch-id: 1499d263dc933e75366c09e045d2125ca39f7ddd prerequisite-patch-id: f92d99bb1d35d99b063f818a19dcda999152d74c prerequisite-patch-id: e3296f38cdba6d903e061cff2bbb3e7615e8e671 prerequisite-patch-id: bc4662b4710d302d4893f58708820fc2a0624325 prerequisite-patch-id: f8991f2e98c2661a706183fde6b35e2b8d9aedcf prerequisite-patch-id: 44bf9ed69353586d284e5ee63d6fffa30439a698 prerequisite-patch-id: d50621bc630eeaf608bbaf260370c8dabf6326df Best regards, -- Bobby Eshleman <bobbyeshleman(a)meta.com>

5 hours, 33 minutes

[PATCH 00/10] KVM: x86: nSVM: Improve PAT virtualization

by Jim Mattson

KVM's implementation of nested SVM treats PAT the same way whether or not nested NPT is enabled: L1 and L2 share a PAT. This is correct when nested NPT is disabled, but incorrect when nested NPT is enabled. When nested NPT is enabled, L1 and L2 have independent PATs. The architectural specification for this separation is unusual. There is a "guest PAT register" that is accessed by references to the PAT MSR in guest mode, but it is different from the (host) PAT MSR. Other resources that have distinct host and guest values have a shared storage location, and the values are swapped on VM-entry/VM-exit. In https://lore.kernel.org/kvm/20251107201151.3303170-1-jmattson@google.com/, I proposed an implementation that adhered to the architectural specification. It had a few warts. The worst was the necessity of "fixing up" KVM_SET_MSRS when executing KVM_SET_NESTED_STATE if L2 was active and nested NPT was enabled when a snapshot was taken. Aside from Yosry's clarification, no one has responded. I will take silence to imply rejection. That's okay; I wasn't fond of that implementation myself. The current series treats PAT just like any other resource with distinct host and guest values. There is a single shared storage location (vcpu->arch.pat), and the values are swapped on VM-entry/VM-exit. Though this implementation doesn't precisely follow the architectural specification, the guest visible behavior is the same as architected. The first three patches ensure that the vmcb01.g_pat value at VMRUN is preserved through virtual SMM and serialization. When NPT is enabled, this field holds the host (L1) hPAT value from emulated VMRUN to emulated #VMEXIT. The fourth patch restores (L1) hPAT value from vmcb01.g_pat at emulated #VMEXIT. Note that this is not architected, but it is required for this implementation, because hPAT and gPAT occupy the same storage location. The next three patches handle loading vmcb12.g_pat into the (L2) guest PAT register at VMRUN. Most of this behavior is architected, but the architectural specification states that the value is loaded into the guest PAT register, leaving the hPAT register unchanged. The eighth patch stores the (L2) guest PAT register into vmcb12_g_pat on emulated #VMEXIT, as architected. The ninth patch fixes the emulation of WRMSR(IA32_PAT) when nested NPT is enabled. The tenth patch introduces a new KVM selftest to validate virtualized PAT behavior. Jim Mattson (10): KVM: x86: nSVM: Add g_pat to fields copied by svm_copy_vmrun_state() KVM: x86: nSVM: Add VALID_GPAT flag to kvm_svm_nested_state_hdr KVM: x86: nSVM: Handle legacy SVM nested state in SET_NESTED_STATE KVM: x86: nSVM: Restore L1's PAT on emulated #VMEXIT from L2 to L1 KVM: x86: nSVM: Cache g_pat in vmcb_save_area_cached KVM: x86: nSVM: Add validity check for VMCB12 g_pat KVM: x86: nSVM: Set vmcb02.g_pat correctly for nested NPT KVM: x86: nSVM: Save gPAT to vmcb12.g_pat on emulated #VMEXIT from L2 to L1 KVM: x86: nSVM: Fix assignment to IA32_PAT from L2 KVM: selftests: nSVM: Add svm_nested_pat test arch/x86/include/uapi/asm/kvm.h | 3 + arch/x86/kvm/svm/nested.c | 74 +++- arch/x86/kvm/svm/svm.c | 14 +- arch/x86/kvm/svm/svm.h | 2 +- tools/testing/selftests/kvm/Makefile.kvm | 1 + .../selftests/kvm/x86/svm_nested_pat_test.c | 357 ++++++++++++++++++ 6 files changed, 432 insertions(+), 19 deletions(-) create mode 100644 tools/testing/selftests/kvm/x86/svm_nested_pat_test.c base-commit: f62b64b970570c92fe22503b0cdc65be7ce7fc7c -- 2.52.0.457.g6b5491de43-goog

5 hours, 56 minutes

[PATCH net-next v2 0/6] selftests: drv-net: gro: enable HW GRO and LRO testing

by Jakub Kicinski

Add support for running our existing GRO test against HW GRO and LRO implementation. The first 3 patches are just ksft lib nice-to-haves, and patch 4 cleans up the existing gro Python. Patches 5 and 6 are of most practical interest. The support reconfiguring the NIC to disable SW GRO and enable HW GRO and LRO. Additionally last patch breaks up the existing GRO cases to track HW compliance at finer granularity. v2: - fix restoring all features - apply the generic XDP hack selectively (print a msg when it happens) - a lot of small tweaks and 4 extra patches v1: https://lore.kernel.org/20251128005242.2604732-1-kuba@kernel.org Jakub Kicinski (6): selftests: net: py: teach ksft_pr() multi-line safety selftests: net: py: teach cmd() how to print itself selftests: drv-net: gro: use cmd print selftests: drv-net: gro: improve feature config selftests: drv-net: gro: run the test against HW GRO and LRO selftests: drv-net: gro: break out all individual test cases tools/testing/selftests/drivers/net/gro.c | 399 +++++++++++--------- tools/testing/selftests/drivers/net/gro.py | 158 ++++++-- tools/testing/selftests/net/lib/py/ksft.py | 29 +- tools/testing/selftests/net/lib/py/utils.py | 23 ++ 4 files changed, 406 insertions(+), 203 deletions(-) -- 2.52.0

6 hours, 9 minutes

[PATCH net-next v3 0/6] selftests: drv-net: gro: enable HW GRO and LRO testing

by Jakub Kicinski

Add support for running our existing GRO test against HW GRO and LRO implementation. The first 3 patches are just ksft lib nice-to-haves, and patch 4 cleans up the existing gro Python. Patches 5 and 6 are of most practical interest. The support reconfiguring the NIC to disable SW GRO and enable HW GRO and LRO. Additionally last patch breaks up the existing GRO cases to track HW compliance at finer granularity. v3: - patch 4 - s/tso/tcp-segmentation-offload/ for ethtool feature names - patch 5 - explicitly skip LRO on netdevsim, it lies about support - patch 6 - add enum for the flush_id test configs v2: https://lore.kernel.org/20260110005121.3561437-1-kuba@kernel.org - fix restoring all features - apply the generic XDP hack selectively (print a msg when it happens) - a lot of small tweaks and 4 extra patches v1: https://lore.kernel.org/20251128005242.2604732-1-kuba@kernel.org Jakub Kicinski (6): selftests: net: py: teach ksft_pr() multi-line safety selftests: net: py: teach cmd() how to print itself selftests: drv-net: gro: use cmd print selftests: drv-net: gro: improve feature config selftests: drv-net: gro: run the test against HW GRO and LRO selftests: drv-net: gro: break out all individual test cases tools/testing/selftests/drivers/net/gro.c | 433 ++++++++++-------- tools/testing/selftests/drivers/net/gro.py | 163 ++++++- .../selftests/drivers/net/lib/py/env.py | 7 +- tools/testing/selftests/net/lib/py/ksft.py | 29 +- tools/testing/selftests/net/lib/py/utils.py | 23 + 5 files changed, 439 insertions(+), 216 deletions(-) -- 2.52.0

6 hours, 18 minutes

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror