- Linux-kselftest-mirror - lists.linaro.org

[PATCH v4 1/3] list: test: Add test for list_del_init_careful()

by David Gow

The list_del_init_careful() function was added[1] after the list KUnit test. Add a very basic test to cover it. Note that this test only covers the single-threaded behaviour (which matches list_del_init()), as is already the case with the test for list_empty_careful(). [1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… Signed-off-by: David Gow <davidgow(a)google.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> --- Changes since v3: https://lore.kernel.org/lkml/20220209052813.854014-1-davidgow@google.com/ - Fix a comment style issue. - Add Reviewed-by tags. Changes since v2: https://lore.kernel.org/linux-kselftest/20220208040122.695258-1-davidgow@go… - Fix the test calling list_del_init() instead of list_del_init_careful() - Improve the comment noting we only test single-threaded behaviour. Changes since v1: https://lore.kernel.org/linux-kselftest/20220205061539.273330-1-davidgow@go… - Patch 1/3 unchanged --- lib/list-test.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/lib/list-test.c b/lib/list-test.c index ee09505df16f..302b7382bff4 100644 --- a/lib/list-test.c +++ b/lib/list-test.c @@ -161,6 +161,26 @@ static void list_test_list_del_init(struct kunit *test) KUNIT_EXPECT_TRUE(test, list_empty_careful(&a)); } +static void list_test_list_del_init_careful(struct kunit *test) +{ + /* NOTE: This test only checks the behaviour of this function in + * isolation. It does not verify memory model guarantees. + */ + struct list_head a, b; + LIST_HEAD(list); + + list_add_tail(&a, &list); + list_add_tail(&b, &list); + + /* before: [list] -> a -> b */ + list_del_init_careful(&a); + /* after: [list] -> b, a initialised */ + + KUNIT_EXPECT_PTR_EQ(test, list.next, &b); + KUNIT_EXPECT_PTR_EQ(test, b.prev, &list); + KUNIT_EXPECT_TRUE(test, list_empty_careful(&a)); +} + static void list_test_list_move(struct kunit *test) { struct list_head a, b; @@ -707,6 +727,7 @@ static struct kunit_case list_test_cases[] = { KUNIT_CASE(list_test_list_replace_init), KUNIT_CASE(list_test_list_swap), KUNIT_CASE(list_test_list_del_init), + KUNIT_CASE(list_test_list_del_init_careful), KUNIT_CASE(list_test_list_move), KUNIT_CASE(list_test_list_move_tail), KUNIT_CASE(list_test_list_bulk_move_tail), -- 2.35.1.574.g5d30c73bfb-goog

3 years, 4 months

1
2
0 0

[RFC PATCH 0/6] RLIMIT_NPROC in ucounts fixups

by Michal Koutný

This series is a result of looking deeper into breakage of tools/testing/selftests/rlimits/rlimits-per-userns.c after https://lore.kernel.org/r/20220204181144.24462-1-mkoutny@suse.com/ is applied. The description of the original problem that lead to RLIMIT_NPROC et al. ucounts rewrite could be ambiguously interpretted as supporting either the case of: - never-fork service or - fork (RLIMIT_NPROC-1) times service. The scenario is weird anyway given existence of pids controller. The realization of that scenario relies not only on tracking number of processes per user_ns but also newly allows the root to override limit through set*uid. The commit message didn't mention that, so it's unclear if it was the intention too. I also noticed that the RLIMIT_NPROC enforcing in fork seems subject to TOCTOU race (check(nr_tasks),...,nr_tasks++) so the limit is rather advisory (but that's not a new thing related to ucounts rewrite). This series is RFC to discuss relevance of the subtle changes RLIMIT_NPROC to ucounts rewrite introduced. Michal Koutný (6): set_user: Perform RLIMIT_NPROC capability check against new user credentials set*uid: Check RLIMIT_PROC against new credentials cred: Count tasks by their real uid into RLIMIT_NPROC ucounts: Allow root to override RLIMIT_NPROC selftests: Challenge RLIMIT_NPROC in user namespaces selftests: Test RLIMIT_NPROC in clone-created user namespaces fs/exec.c | 2 +- include/linux/cred.h | 2 +- kernel/cred.c | 29 ++- kernel/fork.c | 2 +- kernel/sys.c | 20 +- kernel/ucount.c | 3 + kernel/user_namespace.c | 2 +- .../selftests/rlimits/rlimits-per-userns.c | 233 +++++++++++++++--- 8 files changed, 229 insertions(+), 64 deletions(-) -- 2.34.1

3 years, 4 months

10
33
0 0

lkft kselftest for next-20220222

by lkft＠linaro.org

## Build * kernel: 5.17.0-rc5 * git: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next * git branch: [None, 'master'] * git commit: 196d330d7fb1e7cc0d85641c89ce4602cb36f12e * git describe: next-20220222 * test details: https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20220222 ## Test Regressions (compared to next-20220214) No test regressions found. ## Metric Regressions (compared to next-20220214) No metric regressions found. Tested-by: Linux Kernel Functional Testing <lkft(a)linaro.org> ## Test Fixes (compared to next-20220214) No test fixes found. ## Metric Fixes (compared to next-20220214) No metric fixes found. ## Test result summary total: 0, pass: 0, fail: 0, skip: 0, xfail: 0 ## Build Summary ## Test suites summary -- Linaro LKFT https://lkft.linaro.org

3 years, 4 months

1
0
0 0

lkft kselftest for next-20220217

by lkft＠linaro.org

## Build * kernel: 5.17.0-rc4 * git: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next * git branch: master * git commit: 3c30cf91b5ecc7272b3d2942ae0505dd8320b81c * git describe: next-20220217 * test details: https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20220217 ## Test Regressions (compared to next-20220124) No test regressions found. ## Metric Regressions (compared to next-20220124) No metric regressions found. Tested-by: Linux Kernel Functional Testing <lkft(a)linaro.org> ## Test Fixes (compared to next-20220124) No test fixes found. ## Metric Fixes (compared to next-20220124) No metric fixes found. ## Test result summary total: 0, pass: 0, fail: 0, skip: 0, xfail: 0 ## Build Summary ## Test suites summary -- Linaro LKFT https://lkft.linaro.org

3 years, 4 months

1
0
0 0

[PATCH 1/3] kunit: tool: readability tweaks in KernelCI json generation logic

by Daniel Latypov

Use a more idiomatic check that a list is non-empty (`if mylist:`) and sinmplify the function body by dedenting and using a dict to map between the kunit TestStatus enum => KernelCI json status string. The dict hopefully makes it less likely to have bugs like commit 9a6bb30a8830 ("kunit: tool: fix --json output for skipped tests"). Signed-off-by: Daniel Latypov <dlatypov(a)google.com> --- Note: this series is based on my earlier set of kunit tool cleanups for 5.18, https://lore.kernel.org/linux-kselftest/20220118190922.1557074-1-dlatypov@g… There's no interesting semantic dependency, just some boring merge conflicts, specifically with patch #4 there, https://lore.kernel.org/linux-kselftest/20220118190922.1557074-5-dlatypov@g… --- tools/testing/kunit/kunit_json.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tools/testing/kunit/kunit_json.py b/tools/testing/kunit/kunit_json.py index 24d103049bca..14a480d3308a 100644 --- a/tools/testing/kunit/kunit_json.py +++ b/tools/testing/kunit/kunit_json.py @@ -16,24 +16,24 @@ from typing import Any, Dict JsonObj = Dict[str, Any] +_status_map: Dict[TestStatus, str] = { + TestStatus.SUCCESS: "PASS", + TestStatus.SKIPPED: "SKIP", + TestStatus.TEST_CRASHED: "ERROR", +} + def _get_group_json(test: Test, def_config: str, build_dir: str) -> JsonObj: sub_groups = [] # List[JsonObj] test_cases = [] # List[JsonObj] for subtest in test.subtests: - if len(subtest.subtests): + if subtest.subtests: sub_group = _get_group_json(subtest, def_config, build_dir) sub_groups.append(sub_group) - else: - test_case = {"name": subtest.name, "status": "FAIL"} - if subtest.status == TestStatus.SUCCESS: - test_case["status"] = "PASS" - elif subtest.status == TestStatus.SKIPPED: - test_case["status"] = "SKIP" - elif subtest.status == TestStatus.TEST_CRASHED: - test_case["status"] = "ERROR" - test_cases.append(test_case) + continue + status = _status_map.get(subtest.status, "FAIL") + test_cases.append({"name": subtest.name, "status": status}) test_group = { "name": test.name, -- 2.35.1.473.g83b2b277ed-goog

3 years, 4 months

2
7
0 0

kselftest/next kselftest-seccomp: 2 runs, 4 regressions (v5.17-rc5-16-g1900be289b59)

by kernelci.org bot

kselftest/next kselftest-seccomp: 2 runs, 4 regressions (v5.17-rc5-16-g1900be289b59) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ----------------+-------+---------------+----------+------------------------------+------------ mt8173-elm-hana | arm64 | lab-collabora | gcc-10 | defconfig+kse...4-chromebook | 4 Details: https://kernelci.org/test/job/kselftest/branch/next/kernel/v5.17-rc5-16-g19… Test: kselftest-seccomp Tree: kselftest Branch: next Describe: v5.17-rc5-16-g1900be289b59 URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git SHA: 1900be289b598b2c553b3add13e491c0bb8a8550 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ----------------+-------+---------------+----------+------------------------------+------------ mt8173-elm-hana | arm64 | lab-collabora | gcc-10 | defconfig+kse...4-chromebook | 4 Details: https://kernelci.org/test/plan/id/62179887662699179cc62968 Results: 87 PASS, 4 FAIL, 7 SKIP Full config: defconfig+kselftest+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//kselftest/next/v5.17-rc5-16-g1900be289b59/arm… HTML log: https://storage.kernelci.org//kselftest/next/v5.17-rc5-16-g1900be289b59/arm… Rootfs: http://storage.kernelci.org/images/rootfs/debian/bullseye-kselftest/2022021… * kselftest-seccomp.seccomp_seccomp_bpf: https://kernelci.org/test/case/id/62179887662699179cc6296b new failure (last pass: v5.17-rc1-2-g6d468898d774) * kselftest-seccomp.seccomp_seccomp_bpf_TSYNC_two_siblings_with_one_divergence_no_tid_in_err: https://kernelci.org/test/case/id/62179887662699179cc6296c new failure (last pass: v5.17-rc1-2-g6d468898d774) * kselftest-seccomp.seccomp_seccomp_bpf_TSYNC_two_siblings_with_one_divergence: https://kernelci.org/test/case/id/62179887662699179cc6296d new failure (last pass: v5.17-rc1-2-g6d468898d774) * kselftest-seccomp.seccomp_seccomp_bpf_TSYNC_siblings_fail_prctl: https://kernelci.org/test/case/id/62179887662699179cc62971 new failure (last pass: v5.17-rc1-2-g6d468898d774)

3 years, 4 months

1
0
0 0

kselftest/next build: 7 builds: 0 failed, 7 passed, 1 warning (v5.17-rc5-16-g1900be289b59)

by kernelci.org bot

kselftest/next build: 7 builds: 0 failed, 7 passed, 1 warning (v5.17-rc5-16-g1900be289b59) Full Build Summary: https://kernelci.org/build/kselftest/branch/next/kernel/v5.17-rc5-16-g1900b… Tree: kselftest Branch: next Git Describe: v5.17-rc5-16-g1900be289b59 Git Commit: 1900be289b598b2c553b3add13e491c0bb8a8550 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git Built: 3 unique architectures Warnings Detected: arm64: i386: x86_64: x86_64_defconfig+kselftest (clang-14): 1 warning Warnings summary: 1 net/core/skbuff.o: warning: objtool: skb_copy()+0x132: unreachable instruction ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- defconfig+kselftest (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest (arm64, clang-14) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+kselftest+arm64-chromebook (arm64, clang-14) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig+kselftest (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+kselftest (x86_64, clang-14) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: net/core/skbuff.o: warning: objtool: skb_copy()+0x132: unreachable instruction --- For more info write to <info(a)kernelci.org>

3 years, 4 months

1
0
0 0

[PATCH bpf-next v2 0/3] New BPF helpers to accelerate synproxy

by Maxim Mikityanskiy

The first patch of this series is an improvement to the existing syncookie BPF helper. The two other patches add new functionality that allows XDP to accelerate iptables synproxy. v1 of this series [1] used to include a patch that exposed conntrack lookup to BPF using stable helpers. It was superseded by series [2] by Kumar Kartikeya Dwivedi, which implements this functionality using unstable helpers. The second patch adds new helpers to issue and check SYN cookies without binding to a socket, which is useful in the synproxy scenario. The third patch adds a selftest, which consists of a script, an XDP program and a userspace control application. The XDP program uses socketless SYN cookie helpers and queries conntrack status instead of socket status. The userspace control application allows to tune parameters of the XDP program. This program also serves as a minimal example of usage of the new functionality. The draft of the new functionality was presented on Netdev 0x15 [3]. v2 changes: Split into two series, submitted bugfixes to bpf, dropped the conntrack patches, implemented the timestamp cookie in BPF using bpf_loop, dropped the timestamp cookie patch. [1]: https://lore.kernel.org/bpf/20211020095815.GJ28644@breakpoint.cc/t/ [2]: https://lore.kernel.org/bpf/20220114163953.1455836-1-memxor@gmail.com/ [3]: https://netdevconf.info/0x15/session.html?Accelerating-synproxy-with-XDP Maxim Mikityanskiy (3): bpf: Make errors of bpf_tcp_check_syncookie distinguishable bpf: Add helpers to issue and check SYN cookies in XDP bpf: Add selftests for raw syncookie helpers include/net/tcp.h | 1 + include/uapi/linux/bpf.h | 75 +- net/core/filter.c | 128 ++- net/ipv4/tcp_input.c | 3 +- tools/include/uapi/linux/bpf.h | 75 +- tools/testing/selftests/bpf/.gitignore | 1 + tools/testing/selftests/bpf/Makefile | 5 +- .../selftests/bpf/progs/xdp_synproxy_kern.c | 743 ++++++++++++++++++ .../selftests/bpf/test_xdp_synproxy.sh | 71 ++ tools/testing/selftests/bpf/xdp_synproxy.c | 418 ++++++++++ 10 files changed, 1510 insertions(+), 10 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/xdp_synproxy_kern.c create mode 100755 tools/testing/selftests/bpf/test_xdp_synproxy.sh create mode 100644 tools/testing/selftests/bpf/xdp_synproxy.c -- 2.30.2

3 years, 4 months

4
16
0 0

Ruch z pierwszej pozycji w Google

by Wiktor Zielonko

Dzień dobry, jakiś czas temu zgłosiła się do nas firma, której strona internetowa nie pozycjonowała się wysoko w wyszukiwarce Google. Na podstawie wykonanego przez nas audytu SEO zoptymalizowaliśmy treści na stronie pod kątem wcześniej opracowanych słów kluczowych. Nasz wewnętrzny system codziennie analizuje prawidłowe działanie witryny. Dzięki indywidualnej strategii, firma zdobywa coraz więcej Klientów. Czy chcieliby Państwo zwiększyć liczbę osób odwiedzających stronę internetową firmy? Mógłbym przedstawić ofertę? Pozdrawiam serdecznie, Wiktor Zielonko

3 years, 4 months

1
0
0 0

[PATCH net-next v4 0/5] Add support for locked bridge ports (for 802.1X)

by Hans Schultz

This series starts by adding support for SA filtering to the bridge, which is then allowed to be offloaded to switchdev devices. Furthermore an offloading implementation is supplied for the mv88e6xxx driver. Public Local Area Networks are often deployed such that there is a risk of unauthorized or unattended clients getting access to the LAN. To prevent such access we introduce SA filtering, such that ports designated as secure ports are set in locked mode, so that only authorized source MAC addresses are given access by adding them to the bridges forwarding database. Incoming packets with source MAC addresses that are not in the forwarding database of the bridge are discarded. It is then the task of user space daemons to populate the bridge's forwarding database with static entries of authorized entities. The most common approach is to use the IEEE 802.1X protocol to take care of the authorization of allowed users to gain access by opening for the source address of the authorized host. With the current use of the bridge parameter in hostapd, there is a limitation in using this for IEEE 802.1X port authentication. It depends on hostapd attaching the port on which it has a successful authentication to the bridge, but that only allows for a single authentication per port. This patch set allows for the use of IEEE 802.1X port authentication in a more general network context with multiple 802.1X aware hosts behind a single port as depicted, which is a commonly used commercial use-case, as it is only the number of available entries in the forwarding database that limits the number of authenticated clients. +--------------------------------+ | | | Bridge/Authenticator | | | +-------------+------------------+ 802.1X port | | | +------+-------+ | | | Hub/Switch | | | +-+----------+-+ | | +--+--+ +--+--+ | | | | Hosts | a | | b | . . . | | | | +-----+ +-----+ The 802.1X standard involves three different components, a Supplicant (Host), an Authenticator (Network Access Point) and an Authentication Server which is typically a Radius server. This patch set thus enables the bridge module together with an authenticator application to serve as an Authenticator on designated ports. For the bridge to become an IEEE 802.1X Authenticator, a solution using hostapd with the bridge driver can be found at https://github.com/westermo/hostapd/tree/bridge_driver . The relevant components work transparently in relation to if it is the bridge module or the offloaded switchcore case that is in use. Hans Schultz (5): net: bridge: Add support for bridge port in locked mode net: bridge: Add support for offloading of locked port flag net: dsa: Include BR_PORT_LOCKED in the list of synced brport flags net: dsa: mv88e6xxx: Add support for bridge port locked mode selftests: forwarding: tests of locked port feature drivers/net/dsa/mv88e6xxx/chip.c | 9 +- drivers/net/dsa/mv88e6xxx/port.c | 29 +++ drivers/net/dsa/mv88e6xxx/port.h | 9 +- include/linux/if_bridge.h | 1 + include/uapi/linux/if_link.h | 1 + net/bridge/br_input.c | 11 +- net/bridge/br_netlink.c | 6 +- net/bridge/br_switchdev.c | 2 +- net/dsa/port.c | 4 +- .../testing/selftests/net/forwarding/Makefile | 1 + .../net/forwarding/bridge_locked_port.sh | 180 ++++++++++++++++++ tools/testing/selftests/net/forwarding/lib.sh | 8 + 12 files changed, 254 insertions(+), 7 deletions(-) create mode 100755 tools/testing/selftests/net/forwarding/bridge_locked_port.sh -- 2.30.2

3 years, 4 months

3
10
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror