In the test_icr() function in xapic_state_test, one of the for loops is
initialized with vcpu->id. Fix this assumption that vcpu->id is 0 so
that IPIs are correctly sent to non-existent vCPUs [1].
Suggested-by: Sean Christopherson <seanjc(a)google.com>
Signed-off-by: Gautam Menghani <gautammenghani201(a)gmail.com>
---
[1] https://lore.kernel.org/kvm/YyoZr9rXSSMEtdh5@google.com/
tools/testing/selftests/kvm/x86_64/xapic_state_test.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/kvm/x86_64/xapic_state_test.c b/tools/testing/selftests/kvm/x86_64/xapic_state_test.c
index 6f7a5ef66718..d7d37dae3eeb 100644
--- a/tools/testing/selftests/kvm/x86_64/xapic_state_test.c
+++ b/tools/testing/selftests/kvm/x86_64/xapic_state_test.c
@@ -114,7 +114,9 @@ static void test_icr(struct xapic_vcpu *x)
* vCPUs, not vcpu.id + 1. Arbitrarily use vector 0xff.
*/
icr = APIC_INT_ASSERT | 0xff;
- for (i = vcpu->id + 1; i < 0xff; i++) {
+ for (i = 0; i < 0xff; i++) {
+ if (i == vcpu->id)
+ continue;
for (j = 0; j < 8; j++)
__test_icr(x, i << (32 + 24) | icr | (j << 8));
}
--
2.34.1
The wordings of step-by-step instructions on writing the first Kunit test
are instructing readers to write codes without knowing what these are about.
Rewrite these instructions to include the purpose of written code.
While at it, align the code blocks of these contents.
Signed-off-by: Bagas Sanjaya <bagasdotme(a)gmail.com>
---
Changes since v1 [1]:
- Fix jumped list numbering on writing the feature
This patch is based on Khalid's full path to .kunitconfig patch [2].
[1]: https://lore.kernel.org/linux-doc/20220929125458.52979-1-bagasdotme@gmail.c…
[2]: https://lore.kernel.org/linux-doc/20220929085332.4155-1-khalid.masum.92@gma…
Documentation/dev-tools/kunit/start.rst | 40 ++++++++++++++-----------
1 file changed, 22 insertions(+), 18 deletions(-)
diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst
index 7999874dc4ddb3..c0a5adf6d8d665 100644
--- a/Documentation/dev-tools/kunit/start.rst
+++ b/Documentation/dev-tools/kunit/start.rst
@@ -131,17 +131,19 @@ are built-in. Otherwise the module will need to be loaded.
Writing Your First Test
=======================
-In your kernel repository, let's add some code that we can test.
+In your kernel repository, let's add some code that we can test. For this
+purpose, we are going to add simple addition driver.
-1. Create a file ``drivers/misc/example.h``, which includes:
+1. Write the feature that will be tested. First, write the declaration
+ for ``misc_example_add()`` in ``drivers/misc/example.h``:
-.. code-block:: c
+ .. code-block:: c
int misc_example_add(int left, int right);
-2. Create a file ``drivers/misc/example.c``, which includes:
+ Then implement the function in ``drivers/misc/example.c``:
-.. code-block:: c
+ .. code-block:: c
#include <linux/errno.h>
@@ -152,24 +154,25 @@ In your kernel repository, let's add some code that we can test.
return left + right;
}
-3. Add the following lines to ``drivers/misc/Kconfig``:
+2. Add Kconfig menu entry for the feature to ``drivers/misc/Kconfig``:
-.. code-block:: kconfig
+ .. code-block:: kconfig
config MISC_EXAMPLE
bool "My example"
-4. Add the following lines to ``drivers/misc/Makefile``:
+3. Add the kbuild goal that will build the feature to
+ ``drivers/misc/Makefile``:
-.. code-block:: make
+ .. code-block:: make
obj-$(CONFIG_MISC_EXAMPLE) += example.o
Now we are ready to write the test cases.
-1. Add the below test case in ``drivers/misc/example_test.c``:
+1. Write the test in ``drivers/misc/example_test.c``:
-.. code-block:: c
+ .. code-block:: c
#include <kunit/test.h>
#include "example.h"
@@ -202,31 +205,32 @@ Now we are ready to write the test cases.
};
kunit_test_suite(misc_example_test_suite);
-2. Add the following lines to ``drivers/misc/Kconfig``:
+2. Add following Kconfig entry for the test to ``drivers/misc/Kconfig``:
-.. code-block:: kconfig
+ .. code-block:: kconfig
config MISC_EXAMPLE_TEST
tristate "Test for my example" if !KUNIT_ALL_TESTS
depends on MISC_EXAMPLE && KUNIT=y
default KUNIT_ALL_TESTS
-3. Add the following lines to ``drivers/misc/Makefile``:
+3. Add kbuild goal of the test to ``drivers/misc/Makefile``:
-.. code-block:: make
+ .. code-block:: make
obj-$(CONFIG_MISC_EXAMPLE_TEST) += example_test.o
-4. Add following configuration fragments to ``.kunit/.kunitconfig``:
+4. Add following configuration fragments for the test to
+ ``.kunit/.kunitconfig``:
-.. code-block:: none
+ .. code-block:: none
CONFIG_MISC_EXAMPLE=y
CONFIG_MISC_EXAMPLE_TEST=y
5. Run the test:
-.. code-block:: bash
+ .. code-block:: bash
./tools/testing/kunit/kunit.py run
--
An old man doll... just what I always wanted! - Clara
There a couple of spelling mistakes, one in a literal string and one
in a comment. Fix them.
Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com>
---
tools/testing/selftests/bpf/verifier/calls.c | 2 +-
tools/testing/selftests/bpf/verifier/var_off.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/testing/selftests/bpf/verifier/calls.c b/tools/testing/selftests/bpf/verifier/calls.c
index 3fb4f69b1962..e1a937277b54 100644
--- a/tools/testing/selftests/bpf/verifier/calls.c
+++ b/tools/testing/selftests/bpf/verifier/calls.c
@@ -284,7 +284,7 @@
.result = ACCEPT,
},
{
- "calls: not on unpriviledged",
+ "calls: not on unprivileged",
.insns = {
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 1, 0, 2),
BPF_MOV64_IMM(BPF_REG_0, 1),
diff --git a/tools/testing/selftests/bpf/verifier/var_off.c b/tools/testing/selftests/bpf/verifier/var_off.c
index 187c6f6e32bc..d37f512fad16 100644
--- a/tools/testing/selftests/bpf/verifier/var_off.c
+++ b/tools/testing/selftests/bpf/verifier/var_off.c
@@ -121,7 +121,7 @@
BPF_EXIT_INSN(),
},
.fixup_map_hash_8b = { 1 },
- /* The unpriviledged case is not too interesting; variable
+ /* The unprivileged case is not too interesting; variable
* stack access is rejected.
*/
.errstr_unpriv = "R2 variable stack access prohibited for !root",
--
2.37.1
From: Roberto Sassu <roberto.sassu(a)huawei.com>
===
All credits of this patch set go to Lorenz Bauer <oss(a)lmb.io>, as he
identified this issue and proposed a number of solutions.
===
Lorenz presented at the Linux Plumbers EU 2022 a talk with title 'Closing
the BPF map permission loophole', where he reported that read-only fds can
be used for map update operations, if they were provided to eBPF programs.
This work initially started as PoC to reproduce the reported bug, and
became the test for validating an idea on how to fix the bug.
Patch 1 adds a dependency necessary for the tests.
The actual fix, in patch 2, is relatively simple. It is based on an already
existing enforcement mechanism in the eBPF verifier for map flags. As
Lorenz mentioned, a problem would be backporting this fix to stable kernels
which don't have that enforcement mechanism. However, backporting just the
enforcement mechanism itself (without introducing the new map flags and
allowing user space to use them) could meet the stable kernel criteria.
Alternatively, a completely different fix can be developed for older stable
kernels, like what Lorenz suggested, to refuse fds which are not
read/write.
Finally, patch 3 introduces the tests.
Roberto Sassu (3):
libbpf: Define bpf_get_fd_opts and introduce
bpf_map_get_fd_by_id_opts()
bpf: Enforce granted permissions in a map fd at verifier level
selftests/bpf: Test enforcement of map fd permissions at verifier
level
include/linux/bpf.h | 13 +
include/linux/bpf_verifier.h | 1 +
kernel/bpf/verifier.c | 26 +-
tools/lib/bpf/bpf.c | 12 +-
tools/lib/bpf/bpf.h | 10 +
tools/lib/bpf/libbpf.map | 3 +-
.../selftests/bpf/prog_tests/map_fd_perm.c | 227 ++++++++++++++++++
7 files changed, 288 insertions(+), 4 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/map_fd_perm.c
--
2.25.1
Hi!
>
> On 30.09.22 08:35, Zhao Gongyi wrote:
> > Some momory will be left in offline state when calling
> > offline_memory_expect_fail() failed. Restore it before exit.
> >
> > Signed-off-by: Zhao Gongyi <zhaogongyi(a)huawei.com>
> > ---
> > .../memory-hotplug/mem-on-off-test.sh | 21
> ++++++++++++++-----
> > 1 file changed, 16 insertions(+), 5 deletions(-)
> >
> > diff --git a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh
> b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh
> > index 1d87611a7d52..91a7457616bb 100755
> > --- a/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh
> > +++ b/tools/testing/selftests/memory-hotplug/mem-on-off-test.sh
> > @@ -134,6 +134,16 @@ offline_memory_expect_fail()
> > return 0
> > }
> >
> > +online_all_offline_memory()
> > +{
> > + for memory in `hotpluggable_offline_memory`; do
> > + if ! online_memory_expect_success $memory; then
> > + echo "$FUNCNAME $memory: unexpected fail" >&2
>
> Do we need that output?
In my opinion, if online a memory node failed ,it should be a kernel bug catched, so, I think the output here is needed.
Thanks!
Gongyi
1. Add checking after online or offline
2. Restore memory before exit
3. Adjust log info for maintainability
4. Correct test's name
Changes in v5:
- Adjust log info for maintainability
Changes in v4:
- Remove redundant log information
Changes in v3:
- Remove 2 obselute patches
Zhao Gongyi (4):
selftests/memory-hotplug: Add checking after online or offline
selftests/memory-hotplug: Restore memory before exit
selftests/memory-hotplug: Adjust log info for maintainability
docs: notifier-error-inject: Correct test's name
.../fault-injection/notifier-error-inject.rst | 4 +--
.../memory-hotplug/mem-on-off-test.sh | 34 +++++++++++++++----
2 files changed, 29 insertions(+), 9 deletions(-)
--
2.17.1
The fourth list item on writing test cases instructs adding Kconfig
fragments to .kunitconfig, which should have been full path to the file
(.kunit/.kunitconfig).
Cc: Sadiya Kazi <sadiyakazi(a)google.com>
Cc: David Gow <davidgow(a)google.com>
Suggested-by: Bagas Sanjaya <bagasdotme(a)gmail.com>
Signed-off-by: Khalid Masum <khalid.masum.92(a)gmail.com>
---
Changes since v1:
- Update commit message
- Make the instruction more descriptive
Documentation/dev-tools/kunit/start.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst
index 867a4bba6bf6..69361065cda6 100644
--- a/Documentation/dev-tools/kunit/start.rst
+++ b/Documentation/dev-tools/kunit/start.rst
@@ -217,7 +217,7 @@ Now we are ready to write the test cases.
obj-$(CONFIG_MISC_EXAMPLE_TEST) += example_test.o
-4. Add the following lines to ``.kunitconfig``:
+4. Add following configuration fragments to ``.kunit/.kunitconfig``:
.. code-block:: none
--
2.37.3
This patch set extends the locked port feature for devices
that are behind a locked port, but do not have the ability to
authorize themselves as a supplicant using IEEE 802.1X.
Such devices can be printers, meters or anything related to
fixed installations. Instead of 802.1X authorization, devices
can get access based on their MAC addresses being whitelisted.
For an authorization daemon to detect that a device is trying
to get access through a locked port, the bridge will add the
MAC address of the device to the FDB with a locked flag to it.
Thus the authorization daemon can catch the FDB add event and
check if the MAC address is in the whitelist and if so replace
the FDB entry without the locked flag enabled, and thus open
the port for the device.
This feature is known as MAC-Auth or MAC Authentication Bypass
(MAB) in Cisco terminology, where the full MAB concept involves
additional Cisco infrastructure for authorization. There is no
real authentication process, as the MAC address of the device
is the only input the authorization daemon, in the general
case, has to base the decision if to unlock the port or not.
With this patch set, an implementation of the offloaded case is
supplied for the mv88e6xxx driver. When a packet ingresses on
a locked port, an ATU miss violation event will occur. When
handling such ATU miss violation interrupts, the MAC address of
the device is added to the FDB with a zero destination port
vector (DPV) and the MAC address is communicated through the
switchdev layer to the bridge, so that a FDB entry with the
locked flag enabled can be added.
Log:
v3: Added timers and lists in the driver (mv88e6xxx)
to keep track of and remove locked entries.
v4: Leave out enforcing a limit to the number of
locked entries in the bridge.
Removed the timers in the driver and use the
worker only. Add locked FDB flag to all drivers
using port_fdb_add() from the dsa api and let
all drivers ignore entries with this flag set.
Change how to get the ageing timeout of locked
entries. See global1_atu.c and switchdev.c.
Use struct mv88e6xxx_port for locked entries
variables instead of struct dsa_port.
v5: Added 'mab' flag to enable MAB/MacAuth feature,
in a similar way to the locked feature flag.
In these implementations for the mv88e6xxx, the
switchport must be configured with learning on.
To tell userspace about the behavior of the
locked entries in the driver, a 'blackhole'
FDB flag has been added, which locked FDB
entries coming from the driver gets. Also the
'sticky' flag comes with those locked entries,
as the drivers locked entries cannot roam.
Fixed issues with taking mutex locks, and added
a function to read the fid, that supports all
versions of the chipset family.
Hans Schultz (6):
net: bridge: add locked entry fdb flag to extend locked port feature
net: switchdev: add support for offloading of fdb locked flag
drivers: net: dsa: add locked fdb entry flag to drivers
net: dsa: mv88e6xxx: allow reading FID when handling ATU violations
net: dsa: mv88e6xxx: MacAuth/MAB implementation
selftests: forwarding: add test of MAC-Auth Bypass to locked port
tests
drivers/net/dsa/b53/b53_common.c | 5 +
drivers/net/dsa/b53/b53_priv.h | 1 +
drivers/net/dsa/hirschmann/hellcreek.c | 5 +
drivers/net/dsa/lan9303-core.c | 5 +
drivers/net/dsa/lantiq_gswip.c | 5 +
drivers/net/dsa/microchip/ksz_common.c | 5 +
drivers/net/dsa/mt7530.c | 5 +
drivers/net/dsa/mv88e6xxx/Makefile | 1 +
drivers/net/dsa/mv88e6xxx/chip.c | 81 ++++-
drivers/net/dsa/mv88e6xxx/chip.h | 19 ++
drivers/net/dsa/mv88e6xxx/global1.h | 1 +
drivers/net/dsa/mv88e6xxx/global1_atu.c | 76 ++++-
drivers/net/dsa/mv88e6xxx/port.c | 15 +-
drivers/net/dsa/mv88e6xxx/port.h | 6 +
drivers/net/dsa/mv88e6xxx/switchdev.c | 285 ++++++++++++++++++
drivers/net/dsa/mv88e6xxx/switchdev.h | 37 +++
drivers/net/dsa/ocelot/felix.c | 5 +
drivers/net/dsa/qca/qca8k-common.c | 5 +
drivers/net/dsa/qca/qca8k.h | 1 +
drivers/net/dsa/sja1105/sja1105_main.c | 7 +-
include/linux/if_bridge.h | 1 +
include/net/dsa.h | 1 +
include/net/switchdev.h | 3 +
include/uapi/linux/if_link.h | 1 +
include/uapi/linux/neighbour.h | 4 +-
net/bridge/br.c | 5 +-
net/bridge/br_fdb.c | 43 ++-
net/bridge/br_input.c | 16 +-
net/bridge/br_netlink.c | 9 +-
net/bridge/br_private.h | 7 +-
net/bridge/br_switchdev.c | 5 +-
net/dsa/dsa_priv.h | 4 +-
net/dsa/port.c | 7 +-
net/dsa/slave.c | 4 +-
net/dsa/switch.c | 10 +-
.../net/forwarding/bridge_locked_port.sh | 107 ++++++-
.../net/forwarding/bridge_sticky_fdb.sh | 21 +-
37 files changed, 768 insertions(+), 50 deletions(-)
create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.c
create mode 100644 drivers/net/dsa/mv88e6xxx/switchdev.h
--
2.30.2
A few small updates for fp-stress, improving the usability with
signal handling a bit.
Mark Brown (3):
kselftest/arm64: Don't repeat termination handler for fp-stress
kselftest/arm64: Flag fp-stress as exiting when we begin finishing up
kselftest/arm64: Handle EINTR while reading data from children
tools/testing/selftests/arm64/fp/fp-stress.c | 90 ++++++++++++--------
1 file changed, 55 insertions(+), 35 deletions(-)
base-commit: ea84edbf08025e592f58b0d9b282777a9ca9fb22
--
2.30.2