- Linux-kselftest-mirror - lists.linaro.org

[PATCH v3 0/3] selftests: kvm: s390: Add ucontrol memory selftests

by Christoph Schlameuss

This patch series adds a some not yet picked selftests to the kvm s390x selftest suite. The additional test cases are covering: * Assert KVM_EXIT_S390_UCONTROL exit on not mapped memory access * Assert functionality of storage keys in ucontrol VM * Assert that memory region operations are rejected for ucontrol VMs Running the test cases requires sys_admin capabilities to start the ucontrol VM. This can be achieved by running as root or with a command like: sudo setpriv --reuid nobody --inh-caps -all,+sys_admin \ --ambient-caps -all,+sys_admin --bounding-set -all,+sys_admin \ ./ucontrol_test --- The patches in this series have been part of the previous patch series. The test cases added here do depend on the fixture added in the earlier patches. From v5 PATCH 7-9 the segment and page table generation has been removed and DAT has been disabled. Since DAT is not necessary to validate the KVM code. https://lore.kernel.org/kvm/20240807154512.316936-1-schlameuss@linux.ibm.co… v3: - fix skey assertion (thanks Claudio) - introduce a wrapper around UCAS map and unmap ioctls to improve readability (Claudio) - add an displacement to accessed memory to assert translation intercepts actually point to segments to the uc_map_unmap test - add an misaligned failing mapping try to the uc_map_unmap test v2: - Reenable KSS intercept and handle it within skey test. - Modify the checked register between storing (sske) and reading (iske) it within the test program to make sure the. - Add an additional state assertion in the end of uc_skey - Fix some typos and white spaces. v1: - Remove segment and page table generation and disable DAT. This is not necessary to validate the KVM code. Christoph Schlameuss (3): selftests: kvm: s390: Add uc_map_unmap VM test case selftests: kvm: s390: Add uc_skey VM test case selftests: kvm: s390: Verify reject memory region operations for ucontrol VMs .../selftests/kvm/s390x/ucontrol_test.c | 256 +++++++++++++++++- 1 file changed, 254 insertions(+), 2 deletions(-) -- 2.46.0

3 months, 3 weeks

3
9
0 0

[PATCH v5 00/14] integrity: Introduce the Integrity Digest Cache

by Roberto Sassu

From: Roberto Sassu <roberto.sassu(a)huawei.com> Integrity detection and protection has long been a desirable feature, to reach a large user base and mitigate the risk of flaws in the software and attacks. However, while solutions exist, they struggle to reach a large user base, due to requiring higher than desired constraints on performance, flexibility and configurability, that only security conscious people are willing to accept. For example, IMA measurement requires the target platform to collect integrity measurements, and to protect them with the TPM, which introduces a noticeable overhead (up to 10x slower in a microbenchmark) on frequently used system calls, like the open(). IMA Appraisal currently requires individual files to be signed and verified, and Linux distributions to rebuild all packages to include file signatures (this approach has been adopted from Fedora 39+). Like a TPM, also signature verification introduces a significant overhead, especially if it is used to check the integrity of many files. This is where the new Integrity Digest Cache comes into play, it offers additional support for new and existing integrity solutions, to make them faster and easier to deploy. The Integrity Digest Cache can help IMA to reduce the number of TPM operations and to make them happen in a deterministic way. If IMA knows that a file comes from a Linux distribution, it can measure files in a different way: measure the list of digests coming from the distribution (e.g. RPM package headers), and subsequently measure a file if it is not found in that list. The performance improvement comes at the cost of IMA not reporting which files from installed packages were accessed, and in which temporal sequence. This approach might not be suitable for all use cases. The Integrity Digest Cache can also help IMA for appraisal. IMA can simply lookup the calculated digest of an accessed file in the list of digests extracted from package headers, after verifying the header signature. It is sufficient to verify only one signature for all files in the package, as opposed to verifying a signature for each file. The same approach can be followed by other LSMs, such as Integrity Policy Enforcement (IPE), and BPF LSM. The Integrity Digest Cache is not tied to a specific package format. While it currently supports a TLV-based and the RPM formats, it can be easily extended to support more formats, such as DEBs. Focusing on just extracting digests keeps these parsers minimal and reasonably simple (e.g. the RPM parser has ~220 LOC). Included parsers have been verified for memory safety with the Frama-C static analyzer. The parsers with the Frama-C assertions are available here: https://github.com/robertosassu/rpm-formal/ Integrating the Integrity Digest Cache in IMA brings significant performance improvements: up to 67% and 79% for measurement respectively in sequential and parallel file reads; up to 65% and 43% for appraisal respectively in sequential and parallel file reads. The performance can be further enhanced by using fsverity digests instead of conventional file digests, which would make IMA verify only the portion of the file to be read. However, at the moment, fsverity digests are not included in RPM packages. In this case, once rpm is extended to include them, Linux distributions still have to rebuild their packages. The Integrity Digest Cache can support both digest types, so that the functionality is immediately available without waiting for Linux distributions to do the transition. This patch set only includes the patches necessary to extract digests from a TLV-based and RPM data formats, and exposes an API for LSMs to query them. A separate patch set will be provided to integrate it in IMA. This patch set and the follow-up IMA integration can be tested by following the instructions at: https://github.com/linux-integrity/digest-cache-tools This patch set applies on top of: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git/l… with commit fa8a4ce432e8 ("ima: fix buffer overrun in ima_eventdigest_init_common"). Changelog v4: - Rename digest_cache LSM to Integrity Digest Cache (suggested by Paul Moore) - Update documentation - Remove forward declaration of struct digest_cache in include/linux/digest_cache.h (suggested by Jarkko) - Add DIGEST_CACHE_FREE digest cache event for notification - Remove digest_cache_found_t typedef and use uintptr_t instead - Add header callback in TLV parser and unexport tlv_parse_hdr() and tlv_parse_data() - Plug the Integrity Digest Cache into the 'ima' LSM - Switch from constructor to zeroing the object cache - Remove notifier and detect digest cache changes by comparing pointers - Rename digest_cache_dir_create() to digest_cache_dir_add_entries() - Introduce digest_cache_dir_create() to create and initialize a directory digest cache - Introduce digest_cache_dir_update_dig_user() to update dig_user with a file digest cache on positive digest lookup - Use up to date directory digest cache, to take into account possible inode eviction for the old ones - Introduce digest_cache_dir_prefetch() to prefetch digest lists - Adjust component name in debug messages (suggested by Jarkko) - Add FILE_PREFETCH and FILE_READ digest cache flags, remove RESET_USER - Reintroduce spin lock for digest cache verification data (needed for the selftests) - Get inode and file descriptor security blob offsets from outside (IMA) - Avoid user-after-free in digest_cache_unref() by decrementing the ref. count after printing the debug message - Check for digest list lookup loops also for the parent directory - Put and clear dig_owner directly in digest_cache_reset_clear_owner() - Move digest cache initialization code from digest_cache_create() to digest_cache_init() - Hold the digest list path until the digest cache is initialized (to avoid premature inode eviction) - Avoid race condition on setting DIR_PREFETCH in the directory digest cache - Introduce digest_cache_dir_prefetch() and do it between digest cache creation and initialization (to avoid lock inversion) - Avoid unnecessary length check in digest_list_parse_rpm() - Declare arrays of strings in tlv parser as static - Emit reset for parent directory on directory entry modification - Rename digest_cache_reset_owner() to digest_cache_reset_clear_owner() and digest_cache_reset_user() to digest_cache_clear_user() - Execute digest_cache_file_release() either if FMODE_WRITE or FMODE_CREATED are set in the file descriptor f_mode - Determine in digest_cache_verif_set() which gfp flag to use depending on verifier ID - Update selftests v3: - Rewrite documentation, and remove the installation instructions since they are now included in the README of digest-cache-tools - Add digest cache event notifier - Drop digest_cache_was_reset(), and send instead to asynchronous notifications - Fix digest_cache LSM Kconfig style issues (suggested by Randy Dunlap) - Propagate digest cache reset to directory entries - Destroy per directory entry mutex - Introduce RESET_USER bit, to clear the dig_user pointer on set/removexattr - Replace 'file content' with 'file data' (suggested by Mimi) - Introduce per digest cache mutex and replace verif_data_lock spinlock - Track changes of security.digest_list xattr - Stop tracking file_open and use file_release instead also for file writes - Add error messages in digest_cache_create() - Load/unload testing kernel module automatically during execution of test - Add tests for digest cache event notifier - Add test for ftruncate() - Remove DIGEST_CACHE_RESET_PREFETCH_BUF command in test and clear the buffer on read instead v2: - Include the TLV parser in this patch set (from user asymmetric keys and signatures) - Move from IMA and make an independent LSM - Remove IMA-specific stuff from this patch set - Add per algorithm hash table - Expect all digest lists to be in the same directory and allow changing the default directory - Support digest lookup on directories, when there is no security.digest_list xattr - Add seq num to digest list file name, to impose ordering on directory iteration - Add a new data type DIGEST_LIST_ENTRY_DATA for the nested data in the tlv digest list format - Add the concept of verification data attached to digest caches - Add the reset mechanism to track changes on digest lists and directory containing the digest lists - Add kernel selftests v1: - Add documentation in Documentation/security/integrity-digest-cache.rst - Pass the mask of IMA actions to digest_cache_alloc() - Add a reference count to the digest cache - Remove the path parameter from digest_cache_get(), and rely on the reference count to avoid the digest cache disappearing while being used - Rename the dentry_to_check parameter of digest_cache_get() to dentry - Rename digest_cache_get() to digest_cache_new() and add digest_cache_get() to set the digest cache in the iint of the inode for which the digest cache was requested - Add dig_owner and dig_user to the iint, to distinguish from which inode the digest cache was created from, and which is using it; consequently it makes the digest cache usable to measure/appraise other digest caches (support not yet enabled) - Add dig_owner_mutex and dig_user_mutex to serialize accesses to dig_owner and dig_user until they are initialized - Enforce strong synchronization and make the contenders wait until dig_owner and dig_user are assigned to the iint the first time - Move checking IMA actions on the digest list earlier, and fail if no action were performed (digest cache not usable) - Remove digest_cache_put(), not needed anymore with the introduction of the reference count - Fail immediately in digest_cache_lookup() if the digest algorithm is not set in the digest cache - Use 64 bit mask for IMA actions on the digest list instead of 8 bit - Return NULL in the inline version of digest_cache_get() - Use list_add_tail() instead of list_add() in the iterator - Copy the digest list path to a separate buffer in digest_cache_iter_dir() - Use digest list parsers verified with Frama-C - Explicitly disable (for now) the possibility in the IMA policy to use the digest cache to measure/appraise other digest lists - Replace exit(<value>) with return <value> in manage_digest_lists.c Roberto Sassu (14): lib: Add TLV parser integrity: Introduce the Integrity Digest Cache digest_cache: Initialize digest caches digest_cache: Add securityfs interface digest_cache: Add hash tables and operations digest_cache: Populate the digest cache from a digest list digest_cache: Parse tlv digest lists digest_cache: Parse rpm digest lists digest_cache: Add management of verification data digest_cache: Add support for directories digest cache: Prefetch digest lists if requested digest_cache: Reset digest cache on file/directory change selftests/digest_cache: Add selftests for the Integrity Digest Cache docs: Add documentation of the Integrity Digest Cache Documentation/security/digest_cache.rst | 814 ++++++++++++++++++ Documentation/security/index.rst | 1 + MAINTAINERS | 10 + include/linux/digest_cache.h | 58 ++ include/linux/kernel_read_file.h | 1 + include/linux/tlv_parser.h | 48 ++ include/uapi/linux/tlv_digest_list.h | 72 ++ include/uapi/linux/tlv_parser.h | 62 ++ include/uapi/linux/xattr.h | 6 + lib/Kconfig | 3 + lib/Makefile | 2 + lib/tlv_parser.c | 221 +++++ lib/tlv_parser.h | 17 + security/integrity/Kconfig | 1 + security/integrity/Makefile | 1 + security/integrity/digest_cache/Kconfig | 33 + security/integrity/digest_cache/Makefile | 11 + security/integrity/digest_cache/dir.c | 397 +++++++++ security/integrity/digest_cache/htable.c | 254 ++++++ security/integrity/digest_cache/internal.h | 277 ++++++ security/integrity/digest_cache/main.c | 559 ++++++++++++ security/integrity/digest_cache/modsig.c | 66 ++ .../integrity/digest_cache/parsers/parsers.h | 15 + security/integrity/digest_cache/parsers/rpm.c | 220 +++++ security/integrity/digest_cache/parsers/tlv.c | 341 ++++++++ security/integrity/digest_cache/populate.c | 157 ++++ security/integrity/digest_cache/reset.c | 227 +++++ security/integrity/digest_cache/secfs.c | 104 +++ security/integrity/digest_cache/verif.c | 131 +++ security/integrity/ima/ima.h | 1 + security/integrity/ima/ima_fs.c | 6 + security/integrity/ima/ima_main.c | 11 +- tools/testing/selftests/Makefile | 1 + .../testing/selftests/digest_cache/.gitignore | 3 + tools/testing/selftests/digest_cache/Makefile | 24 + .../testing/selftests/digest_cache/all_test.c | 749 ++++++++++++++++ tools/testing/selftests/digest_cache/common.c | 78 ++ tools/testing/selftests/digest_cache/common.h | 134 +++ .../selftests/digest_cache/common_user.c | 47 + .../selftests/digest_cache/common_user.h | 17 + tools/testing/selftests/digest_cache/config | 1 + .../selftests/digest_cache/generators.c | 248 ++++++ .../selftests/digest_cache/generators.h | 19 + .../selftests/digest_cache/testmod/Makefile | 16 + .../selftests/digest_cache/testmod/kern.c | 501 +++++++++++ 45 files changed, 5964 insertions(+), 1 deletion(-) create mode 100644 Documentation/security/digest_cache.rst create mode 100644 include/linux/digest_cache.h create mode 100644 include/linux/tlv_parser.h create mode 100644 include/uapi/linux/tlv_digest_list.h create mode 100644 include/uapi/linux/tlv_parser.h create mode 100644 lib/tlv_parser.c create mode 100644 lib/tlv_parser.h create mode 100644 security/integrity/digest_cache/Kconfig create mode 100644 security/integrity/digest_cache/Makefile create mode 100644 security/integrity/digest_cache/dir.c create mode 100644 security/integrity/digest_cache/htable.c create mode 100644 security/integrity/digest_cache/internal.h create mode 100644 security/integrity/digest_cache/main.c create mode 100644 security/integrity/digest_cache/modsig.c create mode 100644 security/integrity/digest_cache/parsers/parsers.h create mode 100644 security/integrity/digest_cache/parsers/rpm.c create mode 100644 security/integrity/digest_cache/parsers/tlv.c create mode 100644 security/integrity/digest_cache/populate.c create mode 100644 security/integrity/digest_cache/reset.c create mode 100644 security/integrity/digest_cache/secfs.c create mode 100644 security/integrity/digest_cache/verif.c create mode 100644 tools/testing/selftests/digest_cache/.gitignore create mode 100644 tools/testing/selftests/digest_cache/Makefile create mode 100644 tools/testing/selftests/digest_cache/all_test.c create mode 100644 tools/testing/selftests/digest_cache/common.c create mode 100644 tools/testing/selftests/digest_cache/common.h create mode 100644 tools/testing/selftests/digest_cache/common_user.c create mode 100644 tools/testing/selftests/digest_cache/common_user.h create mode 100644 tools/testing/selftests/digest_cache/config create mode 100644 tools/testing/selftests/digest_cache/generators.c create mode 100644 tools/testing/selftests/digest_cache/generators.h create mode 100644 tools/testing/selftests/digest_cache/testmod/Makefile create mode 100644 tools/testing/selftests/digest_cache/testmod/kern.c -- 2.34.1

3 months, 3 weeks

4
22
0 0

[PATCH bpf-next v5 0/8] libbpf, selftests/bpf: Support cross-endian usage

by Tony Ambardar

Hello all, This patch series targets a long-standing BPF usability issue - the lack of general cross-compilation support - by enabling cross-endian usage of libbpf and bpftool, as well as supporting cross-endian build targets for selftests/bpf. Benefits include improved BPF development and testing for embedded systems based on e.g. big-endian MIPS, more build options e.g for s390x systems, and better accessibility to the very latest test tools e.g. 'test_progs'. The series touches many functional areas: BTF.ext handling; object access, introspection, and linking; generation of normal and "light" skeletons. Initial development and testing used mips64, since this arch makes switching the build byte-order trivial and is thus very handy for A/B testing. However, it lacks some key features (bpf2bpf call, kfuncs, etc) making for poor selftests/bpf coverage. Final testing takes the kernel and selftests/bpf cross-built from x86_64 to s390x, and runs the result under QEMU/s390x. That same configuration could also be used on kernel-patches/bpf CI for regression testing endian support or perhaps load-sharing s390x builds across x86_64 systems. This thread includes some background regarding testing on QEMU/s390x and the generally favourable results: https://lore.kernel.org/bpf/ZsEcsaa3juxxQBUf@kodidev-ubuntu/ Earlier versions and related discussion of the series are here: v1: https://lore.kernel.org/bpf/cover.1724216108.git.tony.ambardar@gmail.com/ v2: https://lore.kernel.org/bpf/cover.1724313164.git.tony.ambardar@gmail.com/ v3: https://lore.kernel.org/bpf/cover.1724843049.git.tony.ambardar@gmail.com/ v4: https://lore.kernel.org/bpf/cover.1724976539.git.tony.ambardar@gmail.com/ Feedback and suggestions are welcome! Best regards, Tony Changelog: --------- v4 -> v5: (feedback from Andrii and Eduard) - add separate functions to byte-swap info metadata and records, and ensure ordering so record bswaps occur when metadata is native endian - use new and existing macros to iterate through info sections/records, and check embedded record sizes match that of info structs used - drop use of <cough> evil callbacks - move setting swapped_endian flag to after byte-swapping functions are called during initialization, allowing funcs to infer endianness and drop a 'bool native' call parameter - simplify byte-swapping macro used to generate light skeleton, and use internal lib funcs to swap info records instead of assuming all __u32 - change info bswap library funcs to void return - rework/consolidate new debug statements to reduce their number - remove some unneeded handling of impossible errors, and drop a safety check already handled elsewhere - add and clarify some comments v3 -> v4: - fix a use-after-free ELF data-handling error causing rare CI failures - move bswap functions for func/line/core-relo records to internal header - use bswap functions also for info blobs in light skeleton v2 -> v3: (feedback from Andrii) - improve some log and commit message formatting - restructure BTF.ext endianness safety checks and byte-swapping - use BTF.ext info record definitions for swapping, require BTF v1 - follow BTF API implementation more closely for BTF.ext - explicitly reject loading non-native endianness program into kernel - simplify linker output byte-order setting - drop redundant safety checks during linking - simplify endianness macro and improve blob setup code for light skel - no unexpected test failures after cross-compiling x86_64 -> s390x v1 -> v2: - fixed a light skeleton bug causing test_progs 'map_ptr' failure - simplified some BTF.ext related endianness logic - remove an 'inline' usage related to CI checkpatch failure - improve some formatting noted by checkpatch warnings - unexpected 'test_progs' failures drop 3 -> 2 (x86_64 to s390x cross) Tony Ambardar (8): libbpf: Improve log message formatting libbpf: Fix header comment typos for BTF.ext libbpf: Fix output .symtab byte-order during linking libbpf: Support BTF.ext loading and output in either endianness libbpf: Support opening bpf objects of either endianness libbpf: Support linking bpf objects of either endianness libbpf: Support creating light skeleton of either endianness selftests/bpf: Support cross-endian building tools/lib/bpf/bpf_gen_internal.h | 1 + tools/lib/bpf/btf.c | 242 +++++++++++++++++++++++++-- tools/lib/bpf/btf.h | 3 + tools/lib/bpf/btf_dump.c | 2 +- tools/lib/bpf/btf_relocate.c | 2 +- tools/lib/bpf/gen_loader.c | 191 +++++++++++++++------ tools/lib/bpf/libbpf.c | 57 +++++-- tools/lib/bpf/libbpf.map | 2 + tools/lib/bpf/libbpf_internal.h | 43 ++++- tools/lib/bpf/linker.c | 80 +++++++-- tools/lib/bpf/relo_core.c | 2 +- tools/lib/bpf/skel_internal.h | 3 +- tools/testing/selftests/bpf/Makefile | 7 +- 13 files changed, 529 insertions(+), 106 deletions(-) -- 2.34.1

3 months, 3 weeks

4
15
0 0

[PATCH bpf-next v4 0/8] libbpf, selftests/bpf: Support cross-endian usage

by Tony Ambardar

Hello all, This patch series targets a long-standing BPF usability issue - the lack of general cross-compilation support - by enabling cross-endian usage of libbpf and bpftool, as well as supporting cross-endian build targets for selftests/bpf. Benefits include improved BPF development and testing for embedded systems based on e.g. big-endian MIPS, more build options e.g for s390x systems, and better accessibility to the very latest test tools e.g. 'test_progs'. Initial development and testing used mips64, since this arch makes switching the build byte-order trivial and is thus very handy for A/B testing. However, it lacks some key features (bpf2bpf call, kfuncs, etc) making for poor selftests/bpf coverage. Final testing takes the kernel and selftests/bpf cross-built from x86_64 to s390x, and runs the result under QEMU/s390x. That same configuration could also be used on kernel-patches/bpf CI for regression testing endian support or perhaps load-sharing s390x builds across x86_64 systems. This thread includes some background regarding testing on QEMU/s390x and the generally favourable results: https://lore.kernel.org/bpf/ZsEcsaa3juxxQBUf@kodidev-ubuntu/ Feedback and suggestions are welcome! Best regards, Tony Changelog: --------- v3 -> v4: - fix a use-after-free ELF data-handling error causing rare CI failures - move bswap functions for func/line/core-relo records to internal header - use bswap functions also for info blobs in light skeleton v2 -> v3: (feedback from Andrii) - improve some log and commit message formatting - restructure BTF.ext endianness safety checks and byte-swapping - use BTF.ext info record definitions for swapping, require BTF v1 - follow BTF API implementation more closely for BTF.ext - explicitly reject loading non-native endianness program into kernel - simplify linker output byte-order setting - drop redundant safety checks during linking - simplify endianness macro and improve blob setup code for light skel - no unexpected test failures after cross-compiling x86_64 -> s390x v1 -> v2: - fixed a light skeleton bug causing test_progs 'map_ptr' failure - simplified some BTF.ext related endianness logic - remove an 'inline' usage related to CI checkpatch failure - improve some formatting noted by checkpatch warnings - unexpected 'test_progs' failures drop 3 -> 2 (x86_64 to s390x cross) Tony Ambardar (8): libbpf: Improve log message formatting libbpf: Fix header comment typos for BTF.ext libbpf: Fix output .symtab byte-order during linking libbpf: Support BTF.ext loading and output in either endianness libbpf: Support opening bpf objects of either endianness libbpf: Support linking bpf objects of either endianness libbpf: Support creating light skeleton of either endianness selftests/bpf: Support cross-endian building tools/lib/bpf/bpf_gen_internal.h | 1 + tools/lib/bpf/btf.c | 196 ++++++++++++++++++++++++--- tools/lib/bpf/btf.h | 3 + tools/lib/bpf/btf_dump.c | 2 +- tools/lib/bpf/btf_relocate.c | 2 +- tools/lib/bpf/gen_loader.c | 187 +++++++++++++++++++------ tools/lib/bpf/libbpf.c | 54 ++++++-- tools/lib/bpf/libbpf.map | 2 + tools/lib/bpf/libbpf_internal.h | 48 ++++++- tools/lib/bpf/linker.c | 92 ++++++++++--- tools/lib/bpf/relo_core.c | 2 +- tools/lib/bpf/skel_internal.h | 3 +- tools/testing/selftests/bpf/Makefile | 7 +- 13 files changed, 502 insertions(+), 97 deletions(-) -- 2.34.1

3 months, 3 weeks

4
27
0 0

[PATCH] selftests: Makefile: add missing 'net/lib' to targets

by Anders Roxell

Fixes: 1d0dc857b5d8 ("selftests: drv-net: add checksum tests") Signed-off-by: Anders Roxell <anders.roxell(a)linaro.org> --- tools/testing/selftests/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 3b7df5477317..fc3681270afe 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -64,6 +64,7 @@ TARGETS += net TARGETS += net/af_unix TARGETS += net/forwarding TARGETS += net/hsr +TARGETS += net/lib TARGETS += net/mptcp TARGETS += net/netfilter TARGETS += net/openvswitch -- 2.45.2

3 months, 3 weeks

4
7
0 0

[linux-next:master] [list] 17640748eb: kunit.list-kunit-test.fail

by kernel test robot

Hello, kernel test robot noticed "kunit.list-kunit-test.fail" on: commit: 17640748eb3875e486805e2d98ca1044a3a69b93 ("list: test: fix tests for list_cut_position()") https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master [test failed on linux-next/master 5acd9952f95fb4b7da6d09a3be39195a80845eb6] in testcase: kunit version: with following parameters: group: group-00 compiler: gcc-12 test machine: 8 threads Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz (Skylake) with 16G memory (please refer to attached dmesg/kmsg for entire log/backtrace) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <oliver.sang(a)intel.com> | Closes: https://lore.kernel.org/oe-lkp/202409161554.6c3e8d5d-oliver.sang@intel.com below 2 cases can pass on parent but fail on this commit. 13a6473783aaced3 17640748eb3875e486805e2d98c ---------------- --------------------------- fail:runs %reproduction fail:runs | | | :9 67% 6:6 kunit.list-kunit-test.list_test_list_cut_before.fail :9 67% 6:6 kunit.list-kunit-test.list_test_list_cut_position.fail [ 143.881460] KTAP version 1 [ 143.884865] 1..3 [ 143.887802] KTAP version 1 [ 143.891541] # Subtest: list-kunit-test [ 143.896316] # module: list_test [ 143.896336] 1..39 [ 143.904046] ok 1 list_test_list_init [ 143.904607] ok 2 list_test_list_add [ 143.909698] ok 3 list_test_list_add_tail [ 143.915034] ok 4 list_test_list_del [ 143.920415] ok 5 list_test_list_replace [ 143.925428] ok 6 list_test_list_replace_init [ 143.930900] ok 7 list_test_list_swap [ 143.936712] ok 8 list_test_list_del_init [ 143.941952] ok 9 list_test_list_del_init_careful [ 143.947363] ok 10 list_test_list_move [ 143.953422] ok 11 list_test_list_move_tail [ 143.958536] ok 12 list_test_list_bulk_move_tail [ 143.964192] ok 13 list_test_list_is_head [ 143.970279] ok 14 list_test_list_is_first [ 143.975777] ok 15 list_test_list_is_last [ 143.981871] ok 16 list_test_list_empty [ 143.987375] ok 17 list_test_list_empty_careful [ 143.992611] ok 18 list_test_list_rotate_left [ 143.998511] ok 19 list_test_list_rotate_to_front [ 144.004367] ok 20 list_test_list_is_singular [ 144.010375] # list_test_list_cut_position: EXPECTATION FAILED at lib/list-test.c:409 Expected cur == &entries[i], but cur == ffffc9000126fd70 &entries[i] == ffffc9000126fd50 [ 144.016196] not ok 21 list_test_list_cut_position [ 144.040950] # list_test_list_cut_before: EXPECTATION FAILED at lib/list-test.c:440 Expected cur == &entries[i], but cur == ffffc9000129fd60 &entries[i] == ffffc9000129fd50 [ 144.047033] # list_test_list_cut_before: EXPECTATION FAILED at lib/list-test.c:440 Expected cur == &entries[i], but cur == ffffc9000129fd70 &entries[i] == ffffc9000129fd60 [ 144.071616] not ok 22 list_test_list_cut_before [ 144.096387] ok 23 list_test_list_splice [ 144.102425] ok 24 list_test_list_splice_tail [ 144.107897] ok 25 list_test_list_splice_init [ 144.113704] ok 26 list_test_list_splice_tail_init [ 144.119664] ok 27 list_test_list_entry [ 144.126022] ok 28 list_test_list_entry_is_head [ 144.131275] ok 29 list_test_list_first_entry [ 144.137246] ok 30 list_test_list_last_entry [ 144.143084] ok 31 list_test_list_first_entry_or_null [ 144.148823] ok 32 list_test_list_next_entry [ 144.155283] ok 33 list_test_list_prev_entry [ 144.161048] ok 34 list_test_list_for_each [ 144.166792] ok 35 list_test_list_for_each_prev [ 144.172318] ok 36 list_test_list_for_each_safe [ 144.178278] ok 37 list_test_list_for_each_prev_safe [ 144.184235] ok 38 list_test_list_for_each_entry [ 144.190607] ok 39 list_test_list_for_each_entry_reverse [ 144.196199] # list-kunit-test: pass:37 fail:2 skip:0 total:39 [ 144.202470] # Totals: pass:37 fail:2 skip:0 total:39 [ 144.208908] not ok 1 list-kunit-test The kernel config and materials to reproduce are available at: https://download.01.org/0day-ci/archive/20240916/202409161554.6c3e8d5d-oliv… -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

3 months, 3 weeks

1
0
0 0

[PATCH] selftests: mm: Fix build errors on armhf

by Muhammad Usama Anjum

The __NR_mmap isn't found on armhf. The mmap() is commonly available system call and its wrapper is presnet on all architectures. So it should be used directly. It solves problem for armhf and doesn't create problem for architectures as well. Remove sys_mmap() functions as they aren't doing anything else other than calling mmap(). There is no need to set errno = 0 manually as glibc always resets it. For reference errors are as following: CC seal_elf seal_elf.c: In function 'sys_mmap': seal_elf.c:39:33: error: '__NR_mmap' undeclared (first use in this function) 39 | sret = (void *) syscall(__NR_mmap, addr, len, prot, | ^~~~~~~~~ mseal_test.c: In function 'sys_mmap': mseal_test.c:90:33: error: '__NR_mmap' undeclared (first use in this function) 90 | sret = (void *) syscall(__NR_mmap, addr, len, prot, | ^~~~~~~~~ Cc: stable(a)vger.kernel.org Fixes: 4926c7a52de7 ("selftest mm/mseal memory sealing") Signed-off-by: Muhammad Usama Anjum <usama.anjum(a)collabora.com> --- tools/testing/selftests/mm/mseal_test.c | 37 +++++++++---------------- tools/testing/selftests/mm/seal_elf.c | 13 +-------- 2 files changed, 14 insertions(+), 36 deletions(-) diff --git a/tools/testing/selftests/mm/mseal_test.c b/tools/testing/selftests/mm/mseal_test.c index a818f010de479..bfcea5cf9a484 100644 --- a/tools/testing/selftests/mm/mseal_test.c +++ b/tools/testing/selftests/mm/mseal_test.c @@ -81,17 +81,6 @@ static int sys_mprotect_pkey(void *ptr, size_t size, unsigned long orig_prot, return sret; } -static void *sys_mmap(void *addr, unsigned long len, unsigned long prot, - unsigned long flags, unsigned long fd, unsigned long offset) -{ - void *sret; - - errno = 0; - sret = (void *) syscall(__NR_mmap, addr, len, prot, - flags, fd, offset); - return sret; -} - static int sys_munmap(void *ptr, size_t size) { int sret; @@ -172,7 +161,7 @@ static void setup_single_address(int size, void **ptrOut) { void *ptr; - ptr = sys_mmap(NULL, size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + ptr = mmap(NULL, size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); *ptrOut = ptr; } @@ -181,7 +170,7 @@ static void setup_single_address_rw(int size, void **ptrOut) void *ptr; unsigned long mapflags = MAP_ANONYMOUS | MAP_PRIVATE; - ptr = sys_mmap(NULL, size, PROT_READ | PROT_WRITE, mapflags, -1, 0); + ptr = mmap(NULL, size, PROT_READ | PROT_WRITE, mapflags, -1, 0); *ptrOut = ptr; } @@ -205,7 +194,7 @@ bool seal_support(void) void *ptr; unsigned long page_size = getpagesize(); - ptr = sys_mmap(NULL, page_size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + ptr = mmap(NULL, page_size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); if (ptr == (void *) -1) return false; @@ -481,8 +470,8 @@ static void test_seal_zero_address(void) int prot; /* use mmap to change protection. */ - ptr = sys_mmap(0, size, PROT_NONE, - MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); + ptr = mmap(0, size, PROT_NONE, + MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); FAIL_TEST_IF_FALSE(ptr == 0); size = get_vma_size(ptr, &prot); @@ -1209,8 +1198,8 @@ static void test_seal_mmap_overwrite_prot(bool seal) } /* use mmap to change protection. */ - ret2 = sys_mmap(ptr, size, PROT_NONE, - MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); + ret2 = mmap(ptr, size, PROT_NONE, + MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); if (seal) { FAIL_TEST_IF_FALSE(ret2 == MAP_FAILED); FAIL_TEST_IF_FALSE(errno == EPERM); @@ -1240,8 +1229,8 @@ static void test_seal_mmap_expand(bool seal) } /* use mmap to expand. */ - ret2 = sys_mmap(ptr, size, PROT_READ, - MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); + ret2 = mmap(ptr, size, PROT_READ, + MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); if (seal) { FAIL_TEST_IF_FALSE(ret2 == MAP_FAILED); FAIL_TEST_IF_FALSE(errno == EPERM); @@ -1268,8 +1257,8 @@ static void test_seal_mmap_shrink(bool seal) } /* use mmap to shrink. */ - ret2 = sys_mmap(ptr, 8 * page_size, PROT_READ, - MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); + ret2 = mmap(ptr, 8 * page_size, PROT_READ, + MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); if (seal) { FAIL_TEST_IF_FALSE(ret2 == MAP_FAILED); FAIL_TEST_IF_FALSE(errno == EPERM); @@ -1650,7 +1639,7 @@ static void test_seal_discard_ro_anon_on_filebacked(bool seal) ret = fallocate(fd, 0, 0, size); FAIL_TEST_IF_FALSE(!ret); - ptr = sys_mmap(NULL, size, PROT_READ, mapflags, fd, 0); + ptr = mmap(NULL, size, PROT_READ, mapflags, fd, 0); FAIL_TEST_IF_FALSE(ptr != MAP_FAILED); if (seal) { @@ -1680,7 +1669,7 @@ static void test_seal_discard_ro_anon_on_shared(bool seal) int ret; unsigned long mapflags = MAP_ANONYMOUS | MAP_SHARED; - ptr = sys_mmap(NULL, size, PROT_READ, mapflags, -1, 0); + ptr = mmap(NULL, size, PROT_READ, mapflags, -1, 0); FAIL_TEST_IF_FALSE(ptr != (void *)-1); if (seal) { diff --git a/tools/testing/selftests/mm/seal_elf.c b/tools/testing/selftests/mm/seal_elf.c index 7aa1366063e4e..d9f8ba8d5050b 100644 --- a/tools/testing/selftests/mm/seal_elf.c +++ b/tools/testing/selftests/mm/seal_elf.c @@ -30,17 +30,6 @@ static int sys_mseal(void *start, size_t len) return sret; } -static void *sys_mmap(void *addr, unsigned long len, unsigned long prot, - unsigned long flags, unsigned long fd, unsigned long offset) -{ - void *sret; - - errno = 0; - sret = (void *) syscall(__NR_mmap, addr, len, prot, - flags, fd, offset); - return sret; -} - static inline int sys_mprotect(void *ptr, size_t size, unsigned long prot) { int sret; @@ -56,7 +45,7 @@ static bool seal_support(void) void *ptr; unsigned long page_size = getpagesize(); - ptr = sys_mmap(NULL, page_size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + ptr = mmap(NULL, page_size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); if (ptr == (void *) -1) return false; -- 2.39.2

3 months, 3 weeks

4
6
0 0

[PATCH bpf-next 0/2] Support eliding map lookup nullness

by Daniel Xu

This patch allows progs to elide a null check on statically known map lookup keys. In other words, if the verifier can statically prove that the lookup will be in-bounds, allow the prog to drop the null check. This is useful for two reasons: 1. Large numbers of nullness checks (especially when they cannot fail) unnecessarily pushes prog towards BPF_COMPLEXITY_LIMIT_JMP_SEQ. 2. It forms a tighter contract between programmer and verifier. For (1), bpftrace is starting to make heavier use of percpu scratch maps. As a result, for user scripts with large number of unrolled loops, we are starting to hit jump complexity verification errors. These percpu lookups cannot fail anyways, as we only use static key values. Eliding nullness probably results in less work for verifier as well. For (2), percpu scratch maps are often used as a larger stack, as the currrent stack is limited to 512 bytes. In these situations, it is desirable for the programmer to express: "this lookup should never fail, and if it does, it means I messed up the code". By omitting the null check, the programmer can "ask" the verifier to double check the logic. Daniel Xu (2): bpf: verifier: Support eliding map lookup nullness bpf: selftests: verifier: Add nullness elision tests kernel/bpf/verifier.c | 56 +++++++ .../bpf/progs/verifier_array_access.c | 143 ++++++++++++++++++ 2 files changed, 199 insertions(+) -- 2.46.0

3 months, 4 weeks

1
1
0 0

[PATCH net] selftests: forwarding: Avoid false MDB delete/flush failures

by Jamie Bainbridge

Running this test on a small system produces different failures every test checking deletions, and some flushes. From different test runs: TEST: Common host entries configuration tests (L2) [FAIL] Failed to delete L2 host entry TEST: Common port group entries configuration tests (IPv4 (S, G)) [FAIL] IPv4 (S, G) entry with VLAN 10 not deleted when VLAN was not specified TEST: Common port group entries configuration tests (IPv6 (*, G)) [FAIL] IPv6 (*, G) entry with VLAN 10 not deleted when VLAN was not specified TEST: Flush tests [FAIL] Entry not flushed by specified VLAN ID TEST: Flush tests [FAIL] IPv6 host entry not flushed by "nopermanent" state Add a short sleep after deletion and flush to resolve this. Tested using 25 test runs in a row, resulting in 100% pass OK. Create a variable just for this test to allow short sleep, the default WAIT_TIME of 5 seconds makes the test far longer than necessary. Fixes: b6d00da08610 ("selftests: forwarding: Add bridge MDB test") Signed-off-by: Jamie Bainbridge <jamie.bainbridge(a)gmail.com> --- .../selftests/net/forwarding/bridge_mdb.sh | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tools/testing/selftests/net/forwarding/bridge_mdb.sh b/tools/testing/selftests/net/forwarding/bridge_mdb.sh index d9d587454d207931a539f59be15cbc63d471888f..b3a2a7bc1824f4c394267b283b89e7a3ae19b0fb 100755 --- a/tools/testing/selftests/net/forwarding/bridge_mdb.sh +++ b/tools/testing/selftests/net/forwarding/bridge_mdb.sh @@ -30,6 +30,9 @@ ALL_TESTS=" ctrl_test " +# time to wait for delete and flush to complete +: "${SETTLE_DELAY:=0.1}" + NUM_NETIFS=4 source lib.sh source tc_common.sh @@ -152,6 +155,7 @@ cfg_test_host_common() check_fail $? "Managed to replace $name host entry" bridge mdb del dev br0 port br0 grp $grp $state vid 10 + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp $grp vid 10 &> /dev/null check_fail $? "Failed to delete $name host entry" @@ -208,6 +212,7 @@ cfg_test_port_common() check_err $? "Failed to replace $name entry" bridge mdb del dev br0 port $swp1 $grp_key permanent vid 10 + sleep "$SETTLE_DELAY" bridge mdb get dev br0 $grp_key vid 10 &> /dev/null check_fail $? "Failed to delete $name entry" @@ -230,6 +235,7 @@ cfg_test_port_common() check_err $? "$name entry with VLAN 20 not added when VLAN was not specified" bridge mdb del dev br0 port $swp1 $grp_key permanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 $grp_key vid 10 &> /dev/null check_fail $? "$name entry with VLAN 10 not deleted when VLAN was not specified" bridge mdb get dev br0 $grp_key vid 20 &> /dev/null @@ -310,6 +316,7 @@ __cfg_test_port_ip_star_g() bridge -d mdb get dev br0 grp $grp src $src1 vid 10 &> /dev/null check_err $? "(S, G) entry not created" bridge mdb del dev br0 port $swp1 grp $grp vid 10 + sleep "$SETTLE_DELAY" bridge -d mdb get dev br0 grp $grp vid 10 &> /dev/null check_fail $? "(*, G) entry not deleted" bridge -d mdb get dev br0 grp $grp src $src1 vid 10 &> /dev/null @@ -828,6 +835,7 @@ cfg_test_flush() bridge mdb add dev br0 port $swp1 grp 239.1.1.8 vid 10 temp bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" num_entries=$(bridge mdb show dev br0 | wc -l) [[ $num_entries -eq 0 ]] check_err $? 0 "Not all entries flushed after flush all" @@ -840,6 +848,7 @@ cfg_test_flush() bridge mdb add dev br0 port br0 grp 239.1.1.1 vid 10 bridge mdb flush dev br0 port $swp1 + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 | grep -q "port $swp1" check_fail $? "Entry not flushed by specified port" @@ -849,11 +858,13 @@ cfg_test_flush() check_err $? "Host entry flushed by wrong port" bridge mdb flush dev br0 port br0 + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 | grep -q "port br0" check_fail $? "Host entry not flushed by specified port" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Check that when flushing by VLAN ID only entries programmed with the # specified VLAN ID are flushed and the rest are not. @@ -864,6 +875,7 @@ cfg_test_flush() bridge mdb add dev br0 port $swp2 grp 239.1.1.1 vid 20 bridge mdb flush dev br0 vid 10 + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 &> /dev/null check_fail $? "Entry not flushed by specified VLAN ID" @@ -871,6 +883,7 @@ cfg_test_flush() check_err $? "Entry flushed by wrong VLAN ID" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Check that all permanent entries are flushed when "permanent" is # specified and that temporary entries are not. @@ -879,6 +892,7 @@ cfg_test_flush() bridge mdb add dev br0 port $swp2 grp 239.1.1.1 temp vid 10 bridge mdb flush dev br0 permanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 | grep -q "port $swp1" check_fail $? "Entry not flushed by \"permanent\" state" @@ -886,6 +900,7 @@ cfg_test_flush() check_err $? "Entry flushed by wrong state (\"permanent\")" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Check that all temporary entries are flushed when "nopermanent" is # specified and that permanent entries are not. @@ -894,6 +909,7 @@ cfg_test_flush() bridge mdb add dev br0 port $swp2 grp 239.1.1.1 temp vid 10 bridge mdb flush dev br0 nopermanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 | grep -q "port $swp1" check_err $? "Entry flushed by wrong state (\"nopermanent\")" @@ -901,6 +917,7 @@ cfg_test_flush() check_fail $? "Entry not flushed by \"nopermanent\" state" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Check that L2 host entries are not flushed when "nopermanent" is # specified, but flushed when "permanent" is specified. @@ -908,16 +925,19 @@ cfg_test_flush() bridge mdb add dev br0 port br0 grp 01:02:03:04:05:06 permanent vid 10 bridge mdb flush dev br0 nopermanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 01:02:03:04:05:06 vid 10 &> /dev/null check_err $? "L2 host entry flushed by wrong state (\"nopermanent\")" bridge mdb flush dev br0 permanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 01:02:03:04:05:06 vid 10 &> /dev/null check_fail $? "L2 host entry not flushed by \"permanent\" state" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Check that IPv4 host entries are not flushed when "permanent" is # specified, but flushed when "nopermanent" is specified. @@ -925,16 +945,19 @@ cfg_test_flush() bridge mdb add dev br0 port br0 grp 239.1.1.1 temp vid 10 bridge mdb flush dev br0 permanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 &> /dev/null check_err $? "IPv4 host entry flushed by wrong state (\"permanent\")" bridge mdb flush dev br0 nopermanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 &> /dev/null check_fail $? "IPv4 host entry not flushed by \"nopermanent\" state" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Check that IPv6 host entries are not flushed when "permanent" is # specified, but flushed when "nopermanent" is specified. @@ -942,16 +965,19 @@ cfg_test_flush() bridge mdb add dev br0 port br0 grp ff0e::1 temp vid 10 bridge mdb flush dev br0 permanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp ff0e::1 vid 10 &> /dev/null check_err $? "IPv6 host entry flushed by wrong state (\"permanent\")" bridge mdb flush dev br0 nopermanent + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp ff0e::1 vid 10 &> /dev/null check_fail $? "IPv6 host entry not flushed by \"nopermanent\" state" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Check that when flushing by routing protocol only entries programmed # with the specified routing protocol are flushed and the rest are not. @@ -961,6 +987,7 @@ cfg_test_flush() bridge mdb add dev br0 port br0 grp 239.1.1.1 vid 10 bridge mdb flush dev br0 proto bgp + sleep "$SETTLE_DELAY" bridge mdb get dev br0 grp 239.1.1.1 vid 10 | grep -q "port $swp1" check_fail $? "Entry not flushed by specified routing protocol" @@ -970,20 +997,25 @@ cfg_test_flush() check_err $? "Host entry flushed by wrong routing protocol" bridge mdb flush dev br0 + sleep "$SETTLE_DELAY" # Test that an error is returned when trying to flush using unsupported # parameters. bridge mdb flush dev br0 src_vni 10 &> /dev/null + sleep "$SETTLE_DELAY" check_fail $? "Managed to flush by source VNI" bridge mdb flush dev br0 dst 198.51.100.1 &> /dev/null + sleep "$SETTLE_DELAY" check_fail $? "Managed to flush by destination IP" bridge mdb flush dev br0 dst_port 4789 &> /dev/null + sleep "$SETTLE_DELAY" check_fail $? "Managed to flush by UDP destination port" bridge mdb flush dev br0 vni 10 &> /dev/null + sleep "$SETTLE_DELAY" check_fail $? "Managed to flush by destination VNI" log_test "Flush tests" -- 2.39.2

3 months, 4 weeks

2
2
0 0

[PATCH HID v2 00/11] HID: bpf: add a new hook to control hid-generic

by Benjamin Tissoires

This is a slight change from the fundamentals of HID-BPF. In theory, HID-BPF is abstract to the kernel itself, and makes only changes at the HID level (through report descriptors or events emitted to/from the device). However, we have seen a few use cases where HID-BPF might interact with the running kernel when the target device is already handled by a specific device. For example, the XP-Pen/Huion/UC-Logic tablets are handled by hid-uclogic but this driver is also doing a report descriptor fixup without checking if the device has already been fixed by HID-BPF. In the same way, another recent example[0] was when a cheap foot pedal is used and tricks iPhones and Windows machines by presenting itself as a known Apple wireless keyboard. The problem is that this fake keyboard is not presenting a compatible report descriptor and hid-core merges all device nodes together making libinput ignore the keyboard part for historical reasons. Last, there has been a long standing request to allow to disable the input part of a given gamepad while SDL or Steam opens the device through hidraw. This series aims at tackling both of these problems: - first we had a new hook `hid_bpf_driver_probe` which allows the BPF program to decide if the curently probed driver should be used or not - then this same hook can also change the ->driver_data of the struct hid_device_id argument, and we teach hid-generic to use that field as the connect mask. Basically, it means that when we insert a BPF program to fix a device, we can force hid-generic to handle the device, and thus preventing any other kernel driver to tamper with our device. We can also selectively decide to export the hidraw or input nodes when using hid-generic. In the SDL/Steam use case, this would means that the gaming application will load one BPF program per input device it wants to open through hidraw, that BPF program reassigns the input device to hid-generic and disables hid-input, then it can open the new hidraw node. Once that program terminates, the BPF program is removed (either automatically because no-one has the fd of the links open, or manually by SDL/Steam), and the normal driver rebinds to the HID device, restoring full input functionality. This branch is on top of the for-6.12/hidraw and for-6.12/constify-rdesc branches of hid.git, mainly because those branch would conflict otherwise. [0] https://gitlab.freedesktop.org/libinput/libinput/-/issues/1014 Signed-off-by: Benjamin Tissoires <bentiss(a)kernel.org> --- Changes in v2: - Refactored the API to not use a new hook but hid_bpf_rdesc_fixup instead - Some cleanups in hid-core.c probe() device to not kmemdup multiple time the report descriptor when it's not required - I'm still not 100% sure the HID_QUIRK_IGNORE_HIDINPUT is that required, but I can not think of anything else at the moment to temporary disable any driver input device. - Link to v1: https://lore.kernel.org/r/20240903-hid-bpf-hid-generic-v1-0-9511a565b2da@ke… --- Benjamin Tissoires (11): HID: bpf: move HID-BPF report descriptor fixup earlier HID: core: save one kmemdup during .probe() HID: core: remove one more kmemdup on .probe() HID: bpf: allow write access to quirks field in struct hid_device selftests/hid: add dependency on hid_common.h selftests/hid: cleanup C tests by adding a common struct uhid_device selftests/hid: allow to parametrize bus/vid/pid/rdesc on the test device HID: add per device quirk to force bind to hid-generic selftests/hid: add test for assigning a given device to hid-generic HID: add quirk to prevent hid-input to be used selftests/hid: add test to disable hid-input drivers/hid/bpf/hid_bpf_dispatch.c | 8 +- drivers/hid/bpf/hid_bpf_struct_ops.c | 1 + drivers/hid/hid-core.c | 72 ++++++-- drivers/hid/hid-generic.c | 3 + include/linux/hid.h | 22 ++- include/linux/hid_bpf.h | 9 +- tools/testing/selftests/hid/Makefile | 2 +- tools/testing/selftests/hid/hid_bpf.c | 205 ++++++++++++++++----- tools/testing/selftests/hid/hid_common.h | 112 +++++++---- tools/testing/selftests/hid/hidraw.c | 36 +--- tools/testing/selftests/hid/progs/hid.c | 13 ++ .../testing/selftests/hid/progs/hid_bpf_helpers.h | 7 +- 12 files changed, 343 insertions(+), 147 deletions(-) --- base-commit: e1370d5de7b755600df050979e19fbcd625fb4c6 change-id: 20240829-hid-bpf-hid-generic-61579f5b5945 Best regards, -- Benjamin Tissoires <bentiss(a)kernel.org>

3 months, 4 weeks

2
16
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror