- Linux-kselftest-mirror - lists.linaro.org

[PATCH] selftests/proc: fix unused result warning during test compilation

by Abhinav Jain

Check the return value from write function to get rid of the warning during test compilation, shared below. Tested by compiling after the change, the warning disappears. proc-empty-vm.c:385:17: warning: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Wunused-result] 385 | write(1, buf, rv); Signed-off-by: Abhinav Jain <jain.abhinav177(a)gmail.com> --- tools/testing/selftests/proc/proc-empty-vm.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/proc/proc-empty-vm.c b/tools/testing/selftests/proc/proc-empty-vm.c index 56198d4ca2bf..510ab4a5330a 100644 --- a/tools/testing/selftests/proc/proc-empty-vm.c +++ b/tools/testing/selftests/proc/proc-empty-vm.c @@ -382,7 +382,12 @@ static int test_proc_pid_statm(pid_t pid) assert(rv >= 0); assert(rv <= sizeof(buf)); if (0) { - write(1, buf, rv); + ssize_t bytes_written = write(1, buf, rv); + + if (bytes_written != rv) { + perror("write"); + return EXIT_FAILURE; + } } const char *p = buf; -- 2.34.1

6 months, 3 weeks

2
4
0 0

[PATCH v2] selftests/proc: fix unused result warning during test compilation

by Abhinav Jain

Check the return value from write function to get rid of the warning during test compilation, shared below. Tested by compiling after the change, the warning disappears. proc-empty-vm.c:385:17: warning: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Wunused-result] 385 | write(1, buf, rv); Signed-off-by: Abhinav Jain <jain.abhinav177(a)gmail.com> --- Changes since v1: - Remove the redundant if(0) block as per the feedback - Patch v1: https://lore.kernel.org/all/20240625152139.16412-1-jain.abhinav177@gmail.co… --- tools/testing/selftests/proc/proc-empty-vm.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/proc/proc-empty-vm.c b/tools/testing/selftests/proc/proc-empty-vm.c index 56198d4ca2bf..123c622cd816 100644 --- a/tools/testing/selftests/proc/proc-empty-vm.c +++ b/tools/testing/selftests/proc/proc-empty-vm.c @@ -381,8 +381,12 @@ static int test_proc_pid_statm(pid_t pid) assert(rv >= 0); assert(rv <= sizeof(buf)); - if (0) { - write(1, buf, rv); + + ssize_t bytes_written = write(1, buf, rv); + + if (bytes_written != rv) { + perror("write"); + return EXIT_FAILURE; } const char *p = buf; -- 2.34.1

6 months, 3 weeks

1
0
0 0

[PATCH net-next v3 0/7] selftests: net: Switch pmtu.sh to use the internal ovs script.

by Aaron Conole

Currently, if a user wants to run pmtu.sh and cover all the provided test cases, they need to install the Open vSwitch userspace utilities. This dependency is difficult for users as well as CI environments, because the userspace build and setup may require lots of support and devel packages to be installed, system setup to be correct, and things like permissions and selinux policies to be properly configured. The kernel selftest suite includes an ovs-dpctl.py utility which can interact with the openvswitch module directly. This lets developers and CI environments run without needing too many extra dependencies - just the pyroute2 python package. This series enhances the ovs-dpctl utility to provide support for set() and tunnel() flow specifiers, better ipv6 handling support, and the ability to add tunnel vports, and LWT interfaces. Finally, it modifies the pmtu.sh script to call the ovs-dpctl.py utility rather than the typical OVS userspace utilities. The pmtu.sh can still fall back on the Open vSwitch userspace utilities if the ovs-dpctl.py script can't be used. Aaron Conole (7): selftests: openvswitch: Support explicit tunnel port creation. selftests: openvswitch: Refactor actions parsing. selftests: openvswitch: Add set() and set_masked() support. selftests: openvswitch: Add support for tunnel() key. selftests: openvswitch: Support implicit ipv6 arguments. selftests: net: Use the provided dpctl rather than the vswitchd for tests. selftests: net: add config for openvswitch tools/testing/selftests/net/config | 5 + .../selftests/net/openvswitch/ovs-dpctl.py | 368 +++++++++++++++--- tools/testing/selftests/net/pmtu.sh | 145 +++++-- 3 files changed, 451 insertions(+), 67 deletions(-) -- 2.45.1

6 months, 3 weeks

4
14
0 0

[PATCH bpf-next v5 0/9] use network helpers, part 8

by Geliang Tang

From: Geliang Tang <tanggeliang(a)kylinos.cn> v5: - keep make_server and make_client as Eduard suggested. v4: - a new patch to use make_sockaddr in sockmap_ktls. - a new patch to close fd in error path in drop_on_reuseport. - drop make_server() in patch 7. - drop make_client() too in patch 9. v3: - a new patch to add backlog for network_helper_opts. - use start_server_str in sockmap_ktls now, not start_server. v2: - address Eduard's comments in v1. (thanks) - fix errors reported by CI. This patch set uses network helpers in sockmap_ktls and sk_lookup, and drop three local helpers tcp_server(), inetaddr_len() and make_socket() in them. Geliang Tang (9): selftests/bpf: Add backlog for network_helper_opts selftests/bpf: Use start_server_str in sockmap_ktls selftests/bpf: Use connect_to_fd in sockmap_ktls selftests/bpf: Use make_sockaddr in sockmap_ktls selftests/bpf: Close fd in error path in drop_on_reuseport selftests/bpf: Use start_server_str in sk_lookup selftests/bpf: Use connect_to_fd in sk_lookup selftests/bpf: Use connect_to_addr in sk_lookup selftests/bpf: Drop make_socket in sk_lookup tools/testing/selftests/bpf/network_helpers.c | 2 +- tools/testing/selftests/bpf/network_helpers.h | 1 + .../selftests/bpf/prog_tests/sk_lookup.c | 141 +++++++----------- .../selftests/bpf/prog_tests/sockmap_ktls.c | 51 ++----- 4 files changed, 61 insertions(+), 134 deletions(-) -- 2.43.0

6 months, 3 weeks

2
10
0 0

[PATCH 0/3] tools/nolibc: implement strerror()

by Thomas Weißschuh

Adds a simple implementation of strerror() and makes use of it in kselftests. Shuah, could you Ack patch 3? Willy, this should work *without* your Ack. Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net> --- Thomas Weißschuh (3): selftests/nolibc: introduce condition to run tests only on nolibc tools/nolibc: implement strerror() selftests: kselftest: also use strerror() on nolibc tools/include/nolibc/stdio.h | 10 ++++++++ tools/testing/selftests/kselftest.h | 8 ------- tools/testing/selftests/nolibc/nolibc-test.c | 36 ++++++++++++++++++---------- 3 files changed, 33 insertions(+), 21 deletions(-) --- base-commit: a3063ba97f31e0364379a3ffc567203e3f79e877 change-id: 20240425-nolibc-strerror-67f4bfa03035 Best regards, -- Thomas Weißschuh <linux(a)weissschuh.net>

6 months, 3 weeks

2
8
0 0

[PATCH net-next v6 00/10] net: openvswitch: Add sample multicasting.

by Adrian Moreno

** Background ** Currently, OVS supports several packet sampling mechanisms (sFlow, per-bridge IPFIX, per-flow IPFIX). These end up being translated into a userspace action that needs to be handled by ovs-vswitchd's handler threads only to be forwarded to some third party application that will somehow process the sample and provide observability on the datapath. A particularly interesting use-case is controller-driven per-flow IPFIX sampling where the OpenFlow controller can add metadata to samples (via two 32bit integers) and this metadata is then available to the sample-collecting system for correlation. ** Problem ** The fact that sampled traffic share netlink sockets and handler thread time with upcalls, apart from being a performance bottleneck in the sample extraction itself, can severely compromise the datapath, yielding this solution unfit for highly loaded production systems. Users are left with little options other than guessing what sampling rate will be OK for their traffic pattern and system load and dealing with the lost accuracy. Looking at available infrastructure, an obvious candidated would be to use psample. However, it's current state does not help with the use-case at stake because sampled packets do not contain user-defined metadata. ** Proposal ** This series is an attempt to fix this situation by extending the existing psample infrastructure to carry a variable length user-defined cookie. The main existing user of psample is tc's act_sample. It is also extended to forward the action's cookie to psample. Finally, a new OVS action (OVS_SAMPLE_ATTR_EMIT_SAMPLE) is created. It accepts a group and an optional cookie and uses psample to multicast the packet and the metadata. -- v5 -> v6: - Renamed emit_sample -> psample - Addressed unused variable and conditionally compilation of function. v4 -> v5: - Rebased. - Removed lefover enum value and wrapped some long lines in selftests. v3 -> v4: - Rebased. - Addressed Jakub's comment on private and unused nla attributes. v2 -> v3: - Addressed comments from Simon, Aaron and Ilya. - Dropped probability propagation in nested sample actions. - Dropped patch v2's 7/9 in favor of a userspace implementation and consume skb if emit_sample is the last action, same as we do with userspace. - Split ovs-dpctl.py features in independent patches. v1 -> v2: - Create a new action ("emit_sample") rather than reuse existing "sample" one. - Add probability semantics to psample's sampling rate. - Store sampling probability in skb's cb area and use it in emit_sample. - Test combining "emit_sample" with "trunc" - Drop group_id filtering and tracepoint in psample. rfc_v2 -> v1: - Accommodate Ilya's comments. - Split OVS's attribute in two attributes and simplify internal handling of psample arguments. - Extend psample and tc with a user-defined cookie. - Add a tracepoint to psample to facilitate troubleshooting. rfc_v1 -> rfc_v2: - Use psample instead of a new OVS-only multicast group. - Extend psample and tc with a user-defined cookie. Adrian Moreno (10): net: psample: add user cookie net: sched: act_sample: add action cookie to sample net: psample: skip packet copy if no listeners net: psample: allow using rate as probability net: openvswitch: add psample action net: openvswitch: store sampling probability in cb. selftests: openvswitch: add psample action selftests: openvswitch: add userspace parsing selftests: openvswitch: parse trunc action selftests: openvswitch: add psample test Documentation/netlink/specs/ovs_flow.yaml | 17 ++ include/net/psample.h | 5 +- include/uapi/linux/openvswitch.h | 31 +- include/uapi/linux/psample.h | 11 +- net/openvswitch/Kconfig | 1 + net/openvswitch/actions.c | 65 ++++- net/openvswitch/datapath.h | 3 + net/openvswitch/flow_netlink.c | 32 ++- net/openvswitch/vport.c | 1 + net/psample/psample.c | 16 +- net/sched/act_sample.c | 12 + .../selftests/net/openvswitch/openvswitch.sh | 115 +++++++- .../selftests/net/openvswitch/ovs-dpctl.py | 272 +++++++++++++++++- 13 files changed, 565 insertions(+), 16 deletions(-) -- 2.45.2

6 months, 3 weeks

2
5
0 0

[PATCH v6 0/4] Userspace controls soft-offline pages

by Jiaqi Yan

Correctable memory errors are very common on servers with large amount of memory, and are corrected by ECC, but with two pain points to users: 1. Correction usually happens on the fly and adds latency overhead 2. Not-fully-proved theory states excessive correctable memory errors can develop into uncorrectable memory error. Soft offline is kernel's additional solution for memory pages having (excessive) corrected memory errors. Impacted page is migrated to healthy page if it is in use, then the original page is discarded for any future use. The actual policy on whether (and when) to soft offline should be maintained by userspace, especially in case of an 1G HugeTLB page. Soft-offline dissolves the HugeTLB page, either in-use or free, into chunks of 4K pages, reducing HugeTLB pool capacity by 1 hugepage. If userspace has not acknowledged such behavior, it may be surprised when later mmap hugepages MAP_FAILED due to lack of hugepages. In case of a transparent hugepage, it will be split into 4K pages as well; userspace will stop enjoying the transparent performance. In addition, discarding the entire 1G HugeTLB page only because of corrected memory errors sounds very costly and kernel better not doing under the hood. But today there are at least 2 such cases: 1. GHES driver sees both GHES_SEV_CORRECTED and CPER_SEC_ERROR_THRESHOLD_EXCEEDED after parsing CPER. 2. RAS Correctable Errors Collector counts correctable errors per PFN and when the counter for a PFN reaches threshold In both cases, userspace has no control of the soft offline performed by kernel's memory failure recovery. This patch series give userspace the control of softofflining any page: kernel only soft offlines raw page / transparent hugepage / HugeTLB hugepage if userspace has agreed to. The interface to userspace is a new sysctl called enable_soft_offline under /proc/sys/vm. By default enable_soft_line is 1 to preserve existing behavior in kernel. Changelog v5=> v6: * incorporate feedbacks from Miaohe Lin <linmiaohe(a)huawei.com> * add a ':' in soft offline log. * close hugetlbfs file descriptor in selftest. * no need to "return" after ksft_exit_fail_msg. v4 => v5: * incorporate feedbacks from Muhammad Usama Anjum <usama.anjum(a)collabora.com> * refactor selftest to use what available in kselftest.h v3 => v4: * incorporate feedbacks from Miaohe Lin <linmiaohe(a)huawei.com>, Andrew Morton <akpm(a)linux-foundation.org>, and Oscar Salvador <osalvador(a)suse.de>. * insert a refactor commit to unify soft offline's logs to follow "Soft offline: 0x${pfn}: ${message}" format. * some rewords in document: fail => will not perform. * v4 is still based on commit 83a7eefedc9b ("Linux 6.10-rc3"), akpm/mm-stable. v2 => v3: * incorporate feedbacks from Miaohe Lin <linmiaohe(a)huawei.com>, Lance Yang <ioworker0(a)gmail.com>, Oscar Salvador <osalvador(a)suse.de>, and David Rientjes <rientjes(a)google.com>. * release potential refcount if enable_soft_offline is 0. * soft_offline_page() returns EOPNOTSUPP if enable_soft_offline is 0. * refactor hugetlb-soft-offline.c, for example, introduce test_soft_offline_common to reduce repeated code. * rewrite enable_soft_offline's documentation, adds more details about the cost of soft-offline for transparent and hugetlb hugepages, and components that are impacted when enable_soft_offline becomes 0. * fix typos in commit messages. * v3 is still based on commit 83a7eefedc9b ("Linux 6.10-rc3"). v1 => v2: * incorporate feedbacks from both Miaohe Lin <linmiaohe(a)huawei.com> and Jane Chu <jane.chu(a)oracle.com>. * make the switch to control all pages, instead of HugeTLB specific. * change the API from /sys/kernel/mm/hugepages/hugepages-${size}kB/softoffline_corrected_errors to /proc/sys/vm/enable_soft_offline. * minor update to test code. * update documentation of the user control API. * v2 is based on commit 83a7eefedc9b ("Linux 6.10-rc3"). Jiaqi Yan (4): mm/memory-failure: refactor log format in soft offline code mm/memory-failure: userspace controls soft-offlining pages selftest/mm: test enable_soft_offline behaviors docs: mm: add enable_soft_offline sysctl Documentation/admin-guide/sysctl/vm.rst | 32 +++ mm/memory-failure.c | 38 ++- tools/testing/selftests/mm/.gitignore | 1 + tools/testing/selftests/mm/Makefile | 1 + .../selftests/mm/hugetlb-soft-offline.c | 228 ++++++++++++++++++ tools/testing/selftests/mm/run_vmtests.sh | 4 + 6 files changed, 296 insertions(+), 8 deletions(-) create mode 100644 tools/testing/selftests/mm/hugetlb-soft-offline.c -- 2.45.2.741.gdbec12cfda-goog

6 months, 3 weeks

3
8
0 0

[PATCH v2 0/4] Introduce user namespace capabilities

by Jonathan Calmels

This patch series introduces a new user namespace capability set, as well as some plumbing around it (i.e. sysctl, secbit, lsm support). First patch goes over the motivations for this as well as prior art. In summary, while user namespaces are a great success today in that they avoid running a lot of code as root, they also expand the attack surface of the kernel substantially which is often abused by attackers. Methods exist to limit the creation of such namespaces [1], however, application developers often need to assume that user namespaces are available for various tasks such as sandboxing. Thus, instead of restricting the creation of user namespaces, we offer ways for userspace to limit the capabilities granted to them. Why a new capability set and not something specific to the userns (e.g. ioctl_ns)? 1. We can't really expect userspace to patch every single callsite and opt-in this new security mechanism. 2. We don't necessarily want policies enforced at said callsites. For example a service like systemd-machined or a PAM session need to be able to place restrictions on any namespace spawned under it. 3. We would need to come up with inheritance rules, querying capabilities, etc. At this point we're just reinventing capability sets. 4. We can easily define interactions between capability sets, thus helping with adoption (patch 2 is an example of this) Some examples of how this could be leveraged in userspace: - Prevent user from getting CAP_NET_ADMIN in user namespaces under SSH: echo "auth optional pam_cap.so" >> /etc/pam.d/sshd echo "!cap_net_admin $USER" >> /etc/security/capability.conf capsh --secbits=$((1 << 8)) -- -c /usr/sbin/sshd - Prevent containers from ever getting CAP_DAC_OVERRIDE: systemd-run -p CapabilityBoundingSet=~CAP_DAC_OVERRIDE \ -p SecureBits=userns-strict-caps \ /usr/bin/dockerd systemd-run -p UserNSCapabilities=~CAP_DAC_OVERRIDE \ /usr/bin/incusd - Kernel could be vulnerable to CAP_SYS_RAWIO exploits, prevent it: sysctl -w cap_bound_userns_mask=0x1fffffdffff - Drop CAP_SYS_ADMIN for this shell and all the user namespaces below it: bwrap --unshare-user --cap-drop CAP_SYS_ADMIN /bin/sh [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… --- Changes since v1: - Add documentation - Change commit wording - Cleanup various aspects of the code based on feedback - Add new CAP_SYS_CONTROL capability for sysctl check - Add BPF-LSM support for modifying userns capabilities --- Jonathan Calmels (4): capabilities: Add user namespace capabilities capabilities: Add securebit to restrict userns caps capabilities: Add sysctl to mask off userns caps bpf,lsm: Allow editing capabilities in BPF-LSM hooks Documentation/filesystems/proc.rst | 1 + Documentation/security/credentials.rst | 6 ++ fs/proc/array.c | 9 +++ include/linux/cred.h | 3 + include/linux/lsm_hook_defs.h | 2 +- include/linux/securebits.h | 1 + include/linux/security.h | 4 +- include/linux/user_namespace.h | 7 ++ include/uapi/linux/capability.h | 6 +- include/uapi/linux/prctl.h | 7 ++ include/uapi/linux/securebits.h | 11 ++- kernel/bpf/bpf_lsm.c | 55 +++++++++++++ kernel/cred.c | 3 + kernel/sysctl.c | 10 +++ kernel/umh.c | 15 ++++ kernel/user_namespace.c | 80 +++++++++++++++++-- security/apparmor/lsm.c | 2 +- security/commoncap.c | 62 +++++++++++++- security/keys/process_keys.c | 3 + security/security.c | 6 +- security/selinux/hooks.c | 2 +- security/selinux/include/classmap.h | 5 +- .../selftests/bpf/prog_tests/deny_namespace.c | 12 ++- .../selftests/bpf/progs/test_deny_namespace.c | 7 +- 24 files changed, 291 insertions(+), 28 deletions(-) -- 2.45.2

6 months, 3 weeks

7
31
0 0

[PATCH v1] selftests/harness: Fix tests timeout and race condition

by Mickaël Salaün

We cannot use CLONE_VFORK because we also need to wait for the timeout signal. Restore tests timeout by using the original fork() call in __run_test() but also in __TEST_F_IMPL(). Also fix a race condition when waiting for the test child process. Because test metadata are shared between test processes, only the parent process must set the test PID (child). Otherwise, t->pid may be set to zero, leading to inconsistent error cases: # RUN layout1.rule_on_mountpoint ... # rule_on_mountpoint: Test ended in some other way [127] # OK layout1.rule_on_mountpoint ok 20 layout1.rule_on_mountpoint As safeguards, initialize the "status" variable with a valid exit code, and handle unknown test exits as errors. The use of fork() introduces a new race condition in landlock/fs_test.c which seems to be specific to hostfs bind mounts, but I haven't found the root cause and it's difficult to trigger. I'll try to fix it with another patch. Cc: Christian Brauner <brauner(a)kernel.org> Cc: Günther Noack <gnoack(a)google.com> Cc: Jakub Kicinski <kuba(a)kernel.org> Cc: Kees Cook <keescook(a)chromium.org> Cc: Mark Brown <broonie(a)kernel.org> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Will Drewry <wad(a)chromium.org> Cc: stable(a)vger.kernel.org Closes: https://lore.kernel.org/r/9341d4db-5e21-418c-bf9e-9ae2da7877e1@sirena.org.uk Fixes: a86f18903db9 ("selftests/harness: Fix interleaved scheduling leading to race conditions") Fixes: 24cf65a62266 ("selftests/harness: Share _metadata between forked processes") Signed-off-by: Mickaël Salaün <mic(a)digikod.net> Link: https://lore.kernel.org/r/20240621180605.834676-1-mic@digikod.net --- tools/testing/selftests/kselftest_harness.h | 43 ++++++++++++--------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/tools/testing/selftests/kselftest_harness.h b/tools/testing/selftests/kselftest_harness.h index b634969cbb6f..40723a6a083f 100644 --- a/tools/testing/selftests/kselftest_harness.h +++ b/tools/testing/selftests/kselftest_harness.h @@ -66,8 +66,6 @@ #include <sys/wait.h> #include <unistd.h> #include <setjmp.h> -#include <syscall.h> -#include <linux/sched.h> #include "kselftest.h" @@ -82,17 +80,6 @@ # define TH_LOG_ENABLED 1 #endif -/* Wait for the child process to end but without sharing memory mapping. */ -static inline pid_t clone3_vfork(void) -{ - struct clone_args args = { - .flags = CLONE_VFORK, - .exit_signal = SIGCHLD, - }; - - return syscall(__NR_clone3, &args, sizeof(args)); -} - /** * TH_LOG() * @@ -437,7 +424,7 @@ static inline pid_t clone3_vfork(void) } \ if (setjmp(_metadata->env) == 0) { \ /* _metadata and potentially self are shared with all forks. */ \ - child = clone3_vfork(); \ + child = fork(); \ if (child == 0) { \ fixture_name##_setup(_metadata, self, variant->data); \ /* Let setup failure terminate early. */ \ @@ -1016,7 +1003,14 @@ void __wait_for_test(struct __test_metadata *t) .sa_flags = SA_SIGINFO, }; struct sigaction saved_action; - int status; + /* + * Sets status so that WIFEXITED(status) returns true and + * WEXITSTATUS(status) returns KSFT_FAIL. This safe default value + * should never be evaluated because of the waitpid(2) check and + * SIGALRM handling. + */ + int status = KSFT_FAIL << 8; + int child; if (sigaction(SIGALRM, &action, &saved_action)) { t->exit_code = KSFT_FAIL; @@ -1028,7 +1022,15 @@ void __wait_for_test(struct __test_metadata *t) __active_test = t; t->timed_out = false; alarm(t->timeout); - waitpid(t->pid, &status, 0); + child = waitpid(t->pid, &status, 0); + if (child == -1 && errno != EINTR) { + t->exit_code = KSFT_FAIL; + fprintf(TH_LOG_STREAM, + "# %s: Failed to wait for PID %d (errno: %d)\n", + t->name, t->pid, errno); + return; + } + alarm(0); if (sigaction(SIGALRM, &saved_action, NULL)) { t->exit_code = KSFT_FAIL; @@ -1083,6 +1085,7 @@ void __wait_for_test(struct __test_metadata *t) WTERMSIG(status)); } } else { + t->exit_code = KSFT_FAIL; fprintf(TH_LOG_STREAM, "# %s: Test ended in some other way [%u]\n", t->name, @@ -1218,6 +1221,7 @@ void __run_test(struct __fixture_metadata *f, struct __test_xfail *xfail; char test_name[1024]; const char *diagnostic; + int child; /* reset test struct */ t->exit_code = KSFT_PASS; @@ -1236,15 +1240,16 @@ void __run_test(struct __fixture_metadata *f, fflush(stdout); fflush(stderr); - t->pid = clone3_vfork(); - if (t->pid < 0) { + child = fork(); + if (child < 0) { ksft_print_msg("ERROR SPAWNING TEST CHILD\n"); t->exit_code = KSFT_FAIL; - } else if (t->pid == 0) { + } else if (child == 0) { setpgrp(); t->fn(t, variant); _exit(t->exit_code); } else { + t->pid = child; __wait_for_test(t); } ksft_print_msg(" %4s %s\n", base-commit: 83a7eefedc9b56fe7bfeff13b6c7356688ffa670 -- 2.45.2

6 months, 3 weeks

2
2
0 0

[PATCH net-next 00/12] selftest: Clean-up and stabilize mirroring tests

by Petr Machata

The mirroring selftests work by sending ICMP traffic between two hosts. Along the way, this traffic is mirrored to a gretap netdevice, and counter taps are then installed strategically along the path of the mirrored traffic to verify the mirroring took place. The problem with this is that besides mirroring the primary traffic, any other service traffic is mirrored as well. At the same time, because the tests need to work in HW-offloaded scenarios, the ability of the device to do arbitrary packet inspection should not be taken for granted. Most tests therefore simply use matchall, one uses flower to match on IP address. As a result, the selftests are noisy. mirror_test() accommodated this noisiness by giving the counters an allowance of several packets. But that only works up to a point, and on busy systems won't be always enough. In this patch set, clean up and stabilize the mirroring selftests. The original intention was to port the tests over to UDP, but the logic of ICMP ends up being so entangled in the mirroring selftests that the changes feel overly invasive. Instead, ICMP is kept, but where possible, we match on ICMP message type, thus filtering out hits by other ICMP messages. Where this is not practical (where the counter tap is put on a device that carries encapsulated packets), switch the counter condition to _at least_ X observed packets. This is less robust, but barely so -- probably the only scenario that this would not catch is something like erroneous packet duplication, which would hopefully get caught by the numerous other tests in this extensive suite. - Patches #1 to #3 clean up parameters at various helpers. - Patches #4 to #6 stabilize the mirroring selftests as described above. - Mirroring tests currently allow testing SW datapath even on HW netdevices by trapping traffic to the SW datapath. This complicates the tests a bit without a good reason: to test SW datapath, just run the selftests on the veth topology. Thus in patch #7, drop support for this dual SW/HW testing. - At this point, some cleanups were either made possible by the previous patches, or were always possible. In patches #8 to #11, realize these cleanups. - In patch #12, fix mlxsw mirror_gre selftest to respect setting TESTS. Petr Machata (12): selftests: libs: Expand "$@" where possible selftests: mirror: Drop direction argument from several functions selftests: lib: tc_rule_stats_get(): Move default to argument definition selftests: mirror_gre_lag_lacp: Check counters at tunnel selftests: mirror: do_test_span_dir_ips(): Install accurate taps selftests: mirror: mirror_test(): Allow exact count of packets selftests: mirror: Drop dual SW/HW testing selftests: mlxsw: mirror_gre: Simplify selftests: mirror_gre_lag_lacp: Drop unnecessary code selftests: libs: Drop slow_path_trap_install()/_uninstall() selftests: libs: Drop unused functions selftests: mlxsw: mirror_gre: Obey TESTS .../selftests/drivers/net/mlxsw/mirror_gre.sh | 71 ++++++--------- .../drivers/net/mlxsw/mirror_gre_scale.sh | 18 +--- tools/testing/selftests/net/forwarding/lib.sh | 83 +++++++++++------ .../selftests/net/forwarding/mirror_gre.sh | 45 +++------- .../net/forwarding/mirror_gre_bound.sh | 23 +---- .../net/forwarding/mirror_gre_bridge_1d.sh | 21 +---- .../forwarding/mirror_gre_bridge_1d_vlan.sh | 21 +---- .../net/forwarding/mirror_gre_bridge_1q.sh | 21 +---- .../forwarding/mirror_gre_bridge_1q_lag.sh | 29 ++---- .../net/forwarding/mirror_gre_changes.sh | 73 ++++++--------- .../net/forwarding/mirror_gre_flower.sh | 43 ++++----- .../net/forwarding/mirror_gre_lag_lacp.sh | 65 ++++++-------- .../net/forwarding/mirror_gre_lib.sh | 90 ++++++++++++++----- .../net/forwarding/mirror_gre_neigh.sh | 39 +++----- .../selftests/net/forwarding/mirror_gre_nh.sh | 35 ++------ .../net/forwarding/mirror_gre_vlan.sh | 21 +---- .../forwarding/mirror_gre_vlan_bridge_1q.sh | 69 ++++++-------- .../selftests/net/forwarding/mirror_lib.sh | 79 +++++++++++----- .../selftests/net/forwarding/mirror_vlan.sh | 43 +++------ tools/testing/selftests/net/lib.sh | 4 +- 20 files changed, 355 insertions(+), 538 deletions(-) -- 2.45.0

6 months, 3 weeks

2
13
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror