- Linux-kselftest-mirror - lists.linaro.org

[PATCH 00/34] docs: avoid using ReST :doc:`foo` tag

by Mauro Carvalho Chehab

As discussed at: https://lore.kernel.org/linux-doc/871r9k6rmy.fsf@meer.lwn.net/ It is better to avoid using :doc:`foo` to refer to Documentation/foo.rst, as the automarkup.py extension should handle it automatically, on most cases. There are a couple of exceptions to this rule: 1. when :doc: tag is used to point to a kernel-doc DOC: markup; 2. when it is used with a named tag, e. g. :doc:`some name <foo>`; It should also be noticed that automarkup.py has currently an issue: if one use a markup like: Documentation/dev-tools/kunit/api/test.rst - documents all of the standard testing API excluding mocking or mocking related features. or, even: Documentation/dev-tools/kunit/api/test.rst documents all of the standard testing API excluding mocking or mocking related features. The automarkup.py will simply ignore it. Not sure why. This patch series avoid the above patterns (which is present only on 4 files), but it would be nice to have a followup patch fixing the issue at automarkup.py. On this series: Patch 1 manually adjust the references inside driver-api/pm/devices.rst, as there it uses :file:`foo` to refer to some Documentation/ files; Patch 2 converts a table at Documentation/dev-tools/kunit/api/index.rst into a list, carefully avoiding the Patch 3 converts the cross-references at the media documentation, also avoiding the automarkup.py bug; Patches 4-34 convert the other occurrences via a replace script. They were manually edited, in order to honour 80-columns where possible. I did a diff between the Sphinx 2.4.4 output before and after this patch series in order to double-check that all converted Documentation/ references will produce <a href=<foo>.rst>foo title</a> tags. Mauro Carvalho Chehab (34): docs: devices.rst: better reference documentation docs docs: dev-tools: kunit: don't use a table for docs name media: docs: */media/index.rst: don't use ReST doc:`foo` media: userspace-api: avoid using ReST :doc:`foo` markup media: driver-api: drivers: avoid using ReST :doc:`foo` markup media: admin-guide: avoid using ReST :doc:`foo` markup docs: admin-guide: pm: avoid using ReSt :doc:`foo` markup docs: admin-guide: hw-vuln: avoid using ReST :doc:`foo` markup docs: admin-guide: sysctl: avoid using ReST :doc:`foo` markup docs: block: biodoc.rst: avoid using ReSt :doc:`foo` markup docs: bpf: bpf_lsm.rst: avoid using ReSt :doc:`foo` markup docs: core-api: avoid using ReSt :doc:`foo` markup docs: dev-tools: testing-overview.rst: avoid using ReSt :doc:`foo` markup docs: dev-tools: kunit: avoid using ReST :doc:`foo` markup docs: devicetree: bindings: submitting-patches.rst: avoid using ReSt :doc:`foo` markup docs: doc-guide: avoid using ReSt :doc:`foo` markup docs: driver-api: avoid using ReSt :doc:`foo` markup docs: driver-api: gpio: using-gpio.rst: avoid using ReSt :doc:`foo` markup docs: driver-api: surface_aggregator: avoid using ReSt :doc:`foo` markup docs: driver-api: usb: avoid using ReSt :doc:`foo` markup docs: firmware-guide: acpi: avoid using ReSt :doc:`foo` markup docs: hwmon: adm1177.rst: avoid using ReSt :doc:`foo` markup docs: i2c: avoid using ReSt :doc:`foo` markup docs: kernel-hacking: hacking.rst: avoid using ReSt :doc:`foo` markup docs: networking: devlink: avoid using ReSt :doc:`foo` markup docs: PCI: endpoint: pci-endpoint-cfs.rst: avoid using ReSt :doc:`foo` markup docs: PCI: pci.rst: avoid using ReSt :doc:`foo` markup docs: process: submitting-patches.rst: avoid using ReSt :doc:`foo` markup docs: security: landlock.rst: avoid using ReSt :doc:`foo` markup docs: trace: coresight: coresight.rst: avoid using ReSt :doc:`foo` markup docs: trace: ftrace.rst: avoid using ReSt :doc:`foo` markup docs: userspace-api: landlock.rst: avoid using ReSt :doc:`foo` markup docs: virt: kvm: s390-pv-boot.rst: avoid using ReSt :doc:`foo` markup docs: x86: avoid using ReSt :doc:`foo` markup .../PCI/endpoint/pci-endpoint-cfs.rst | 2 +- Documentation/PCI/pci.rst | 6 +-- .../special-register-buffer-data-sampling.rst | 3 +- Documentation/admin-guide/media/bt8xx.rst | 15 ++++---- Documentation/admin-guide/media/bttv.rst | 21 ++++++----- Documentation/admin-guide/media/index.rst | 12 +++--- Documentation/admin-guide/media/saa7134.rst | 3 +- Documentation/admin-guide/pm/intel_idle.rst | 16 +++++--- Documentation/admin-guide/pm/intel_pstate.rst | 9 +++-- Documentation/admin-guide/sysctl/abi.rst | 2 +- Documentation/admin-guide/sysctl/kernel.rst | 37 ++++++++++--------- Documentation/block/biodoc.rst | 2 +- Documentation/bpf/bpf_lsm.rst | 13 ++++--- .../core-api/bus-virt-phys-mapping.rst | 2 +- Documentation/core-api/dma-api.rst | 5 ++- Documentation/core-api/dma-isa-lpc.rst | 2 +- Documentation/core-api/index.rst | 4 +- Documentation/dev-tools/kunit/api/index.rst | 8 ++-- Documentation/dev-tools/kunit/faq.rst | 2 +- Documentation/dev-tools/kunit/index.rst | 14 +++---- Documentation/dev-tools/kunit/start.rst | 6 +-- Documentation/dev-tools/kunit/tips.rst | 5 ++- Documentation/dev-tools/kunit/usage.rst | 8 ++-- Documentation/dev-tools/testing-overview.rst | 16 ++++---- .../bindings/submitting-patches.rst | 11 +++--- Documentation/doc-guide/contributing.rst | 8 ++-- Documentation/driver-api/gpio/using-gpio.rst | 4 +- Documentation/driver-api/ioctl.rst | 2 +- .../driver-api/media/drivers/bttv-devel.rst | 2 +- Documentation/driver-api/media/index.rst | 10 +++-- Documentation/driver-api/pm/devices.rst | 8 ++-- .../surface_aggregator/clients/index.rst | 3 +- .../surface_aggregator/internal.rst | 15 ++++---- .../surface_aggregator/overview.rst | 6 ++- Documentation/driver-api/usb/dma.rst | 6 +-- .../acpi/dsd/data-node-references.rst | 3 +- .../firmware-guide/acpi/dsd/graph.rst | 2 +- .../firmware-guide/acpi/enumeration.rst | 7 ++-- Documentation/hwmon/adm1177.rst | 3 +- Documentation/i2c/instantiating-devices.rst | 2 +- Documentation/i2c/old-module-parameters.rst | 3 +- Documentation/i2c/smbus-protocol.rst | 4 +- Documentation/kernel-hacking/hacking.rst | 4 +- .../networking/devlink/devlink-region.rst | 2 +- .../networking/devlink/devlink-trap.rst | 4 +- Documentation/process/submitting-patches.rst | 32 ++++++++-------- Documentation/security/landlock.rst | 3 +- Documentation/trace/coresight/coresight.rst | 8 ++-- Documentation/trace/ftrace.rst | 2 +- Documentation/userspace-api/landlock.rst | 11 +++--- .../userspace-api/media/glossary.rst | 2 +- Documentation/userspace-api/media/index.rst | 12 +++--- Documentation/virt/kvm/s390-pv-boot.rst | 2 +- Documentation/x86/boot.rst | 4 +- Documentation/x86/mtrr.rst | 2 +- 55 files changed, 217 insertions(+), 183 deletions(-) -- 2.31.1

4 years

4
16
0 0

[PATCH] kunit: Add gnu_printf specifiers

by David Gow

Some KUnit functions use variable arguments to implement a printf-like format string. Use the __printf() attribute to let the compiler warn if invalid format strings are passed in. If the kernel is build with W=1, it complained about the lack of these specifiers, e.g.: ../lib/kunit/test.c:72:2: warning: function ‘kunit_log_append’ might be a candidate for ‘gnu_printf’ format attribute [-Wsuggest-attribute=format] Signed-off-by: David Gow <davidgow(a)google.com> --- include/kunit/test.h | 2 +- lib/kunit/string-stream.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/kunit/test.h b/include/kunit/test.h index 49601c4b98b8..af2e386b867c 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -610,7 +610,7 @@ static inline void *kunit_kzalloc(struct kunit *test, size_t size, gfp_t gfp) void kunit_cleanup(struct kunit *test); -void kunit_log_append(char *log, const char *fmt, ...); +void __printf(2, 3) kunit_log_append(char *log, const char *fmt, ...); /* * printk and log to per-test or per-suite log buffer. Logging only done diff --git a/lib/kunit/string-stream.h b/lib/kunit/string-stream.h index fe98a00b75a9..5e94b623454f 100644 --- a/lib/kunit/string-stream.h +++ b/lib/kunit/string-stream.h @@ -35,9 +35,9 @@ struct string_stream *alloc_string_stream(struct kunit *test, gfp_t gfp); int __printf(2, 3) string_stream_add(struct string_stream *stream, const char *fmt, ...); -int string_stream_vadd(struct string_stream *stream, - const char *fmt, - va_list args); +int __printf(2, 0) string_stream_vadd(struct string_stream *stream, + const char *fmt, + va_list args); char *string_stream_get_string(struct string_stream *stream); -- 2.31.1.751.gd2f1c929bd-goog

4 years

3
4
0 0

[PATCH v3 0/1] lib: Convert UUID runtime test to KUnit

by André Almeida

Hi, This patch converts existing UUID runtime test to use KUnit framework. Below, there's a comparison between the old output format and the new one. Keep in mind that even if KUnit seems very verbose, this is the corner case where _every_ test has failed. * This is how the current output looks like in success: test_uuid: all 18 tests passed * And when it fails: test_uuid: conversion test #1 failed on LE data: 'c33f4995-3701-450e-9fbf-206a2e98e576' test_uuid: cmp test #2 failed on LE data: 'c33f4995-3701-450e-9fbf-206a2e98e576' test_uuid: cmp test #2 actual data: 'c33f4995-3701-450e-9fbf-206a2e98e576' test_uuid: conversion test #3 failed on BE data: 'c33f4995-3701-450e-9fbf-206a2e98e576' test_uuid: cmp test #4 failed on BE data: 'c33f4995-3701-450e-9fbf-206a2e98e576' test_uuid: cmp test #4 actual data: 'c33f4995-3701-450e-9fbf-206a2e98e576' test_uuid: conversion test #5 failed on LE data: '64b4371c-77c1-48f9-8221-29f054fc023b' test_uuid: cmp test #6 failed on LE data: '64b4371c-77c1-48f9-8221-29f054fc023b' test_uuid: cmp test #6 actual data: '64b4371c-77c1-48f9-8221-29f054fc023b' test_uuid: conversion test #7 failed on BE data: '64b4371c-77c1-48f9-8221-29f054fc023b' test_uuid: cmp test #8 failed on BE data: '64b4371c-77c1-48f9-8221-29f054fc023b' test_uuid: cmp test #8 actual data: '64b4371c-77c1-48f9-8221-29f054fc023b' test_uuid: conversion test #9 failed on LE data: '0cb4ddff-a545-4401-9d06-688af53e7f84' test_uuid: cmp test #10 failed on LE data: '0cb4ddff-a545-4401-9d06-688af53e7f84' test_uuid: cmp test #10 actual data: '0cb4ddff-a545-4401-9d06-688af53e7f84' test_uuid: conversion test #11 failed on BE data: '0cb4ddff-a545-4401-9d06-688af53e7f84' test_uuid: cmp test #12 failed on BE data: '0cb4ddff-a545-4401-9d06-688af53e7f84' test_uuid: cmp test #12 actual data: '0cb4ddff-a545-4401-9d06-688af53e7f84' test_uuid: negative test #13 passed on wrong LE data: 'c33f4995-3701-450e-9fbf206a2e98e576 ' test_uuid: negative test #14 passed on wrong BE data: 'c33f4995-3701-450e-9fbf206a2e98e576 ' test_uuid: negative test #15 passed on wrong LE data: '64b4371c-77c1-48f9-8221-29f054XX023b' test_uuid: negative test #16 passed on wrong BE data: '64b4371c-77c1-48f9-8221-29f054XX023b' test_uuid: negative test #17 passed on wrong LE data: '0cb4ddff-a545-4401-9d06-688af53e' test_uuid: negative test #18 passed on wrong BE data: '0cb4ddff-a545-4401-9d06-688af53e' test_uuid: failed 18 out of 18 tests * Now, here's how it looks like with KUnit: ======== [PASSED] uuid ======== [PASSED] uuid_correct_be [PASSED] uuid_correct_le [PASSED] uuid_wrong_be [PASSED] uuid_wrong_le * And if every test fail with KUnit: ======== [FAILED] uuid ======== [FAILED] uuid_correct_be # uuid_correct_be: ASSERTION FAILED at lib/test_uuid.c:57 Expected uuid_parse(data->uuid, &be) == 1, but uuid_parse(data->uuid, &be) == 0 failed to parse 'c33f4995-3701-450e-9fbf-206a2e98e576' # uuid_correct_be: not ok 1 - c33f4995-3701-450e-9fbf-206a2e98e576 # uuid_correct_be: ASSERTION FAILED at lib/test_uuid.c:57 Expected uuid_parse(data->uuid, &be) == 1, but uuid_parse(data->uuid, &be) == 0 failed to parse '64b4371c-77c1-48f9-8221-29f054fc023b' # uuid_correct_be: not ok 2 - 64b4371c-77c1-48f9-8221-29f054fc023b # uuid_correct_be: ASSERTION FAILED at lib/test_uuid.c:57 Expected uuid_parse(data->uuid, &be) == 1, but uuid_parse(data->uuid, &be) == 0 failed to parse '0cb4ddff-a545-4401-9d06-688af53e7f84' # uuid_correct_be: not ok 3 - 0cb4ddff-a545-4401-9d06-688af53e7f84 not ok 1 - uuid_correct_be [FAILED] uuid_correct_le # uuid_correct_le: ASSERTION FAILED at lib/test_uuid.c:46 Expected guid_parse(data->uuid, &le) == 1, but guid_parse(data->uuid, &le) == 0 failed to parse 'c33f4995-3701-450e-9fbf-206a2e98e576' # uuid_correct_le: not ok 1 - c33f4995-3701-450e-9fbf-206a2e98e576 # uuid_correct_le: ASSERTION FAILED at lib/test_uuid.c:46 Expected guid_parse(data->uuid, &le) == 1, but guid_parse(data->uuid, &le) == 0 failed to parse '64b4371c-77c1-48f9-8221-29f054fc023b' # uuid_correct_le: not ok 2 - 64b4371c-77c1-48f9-8221-29f054fc023b # uuid_correct_le: ASSERTION FAILED at lib/test_uuid.c:46 Expected guid_parse(data->uuid, &le) == 1, but guid_parse(data->uuid, &le) == 0 failed to parse '0cb4ddff-a545-4401-9d06-688af53e7f84' # uuid_correct_le: not ok 3 - 0cb4ddff-a545-4401-9d06-688af53e7f84 not ok 2 - uuid_correct_le [FAILED] uuid_wrong_be # uuid_wrong_be: ASSERTION FAILED at lib/test_uuid.c:77 Expected uuid_parse(*data, &be) == 0, but uuid_parse(*data, &be) == -22 parsing of 'c33f4995-3701-450e-9fbf206a2e98e576 ' should've failed # uuid_wrong_be: not ok 1 - c33f4995-3701-450e-9fbf206a2e98e576 # uuid_wrong_be: ASSERTION FAILED at lib/test_uuid.c:77 Expected uuid_parse(*data, &be) == 0, but uuid_parse(*data, &be) == -22 parsing of '64b4371c-77c1-48f9-8221-29f054XX023b' should've failed # uuid_wrong_be: not ok 2 - 64b4371c-77c1-48f9-8221-29f054XX023b # uuid_wrong_be: ASSERTION FAILED at lib/test_uuid.c:77 Expected uuid_parse(*data, &be) == 0, but uuid_parse(*data, &be) == -22 parsing of '0cb4ddff-a545-4401-9d06-688af53e' should've failed # uuid_wrong_be: not ok 3 - 0cb4ddff-a545-4401-9d06-688af53e not ok 3 - uuid_wrong_be [FAILED] uuid_wrong_le # uuid_wrong_le: ASSERTION FAILED at lib/test_uuid.c:68 Expected guid_parse(*data, &le) == 0, but guid_parse(*data, &le) == -22 parsing of 'c33f4995-3701-450e-9fbf206a2e98e576 ' should've failed # uuid_wrong_le: not ok 1 - c33f4995-3701-450e-9fbf206a2e98e576 # uuid_wrong_le: ASSERTION FAILED at lib/test_uuid.c:68 Expected guid_parse(*data, &le) == 0, but guid_parse(*data, &le) == -22 parsing of '64b4371c-77c1-48f9-8221-29f054XX023b' should've failed # uuid_wrong_le: not ok 2 - 64b4371c-77c1-48f9-8221-29f054XX023b # uuid_wrong_le: ASSERTION FAILED at lib/test_uuid.c:68 Expected guid_parse(*data, &le) == 0, but guid_parse(*data, &le) == -22 parsing of '0cb4ddff-a545-4401-9d06-688af53e' should've failed # uuid_wrong_le: not ok 3 - 0cb4ddff-a545-4401-9d06-688af53e not ok 4 - uuid_wrong_le Changes from v2: - Clarify in commit message the new test cases setup v2: https://lore.kernel.org/lkml/20210609233730.164082-1-andrealmeid@collabora.… Changes from v1: - Test suite name: uuid_test -> uuid - Config name: TEST_UUID -> UUID_KUNIT_TEST - Config entry in the Kconfig file left where it is - Converted tests to use _MSG variant v1: https://lore.kernel.org/lkml/20210605215215.171165-1-andrealmeid@collabora.… André Almeida (1): lib: Convert UUID runtime test to KUnit lib/Kconfig.debug | 11 +++- lib/Makefile | 2 +- lib/test_uuid.c | 137 +++++++++++++++++++--------------------------- 3 files changed, 67 insertions(+), 83 deletions(-) -- 2.31.1

4 years

4
6
0 0

[PATCH v7 0/4] KVM statistics data fd-based binary interface

by Jing Zhang

This patchset provides a file descriptor for every VM and VCPU to read KVM statistics data in binary format. It is meant to provide a lightweight, flexible, scalable and efficient lock-free solution for user space telemetry applications to pull the statistics data periodically for large scale systems. The pulling frequency could be as high as a few times per second. In this patchset, every statistics data are treated to have some attributes as below: * architecture dependent or generic * VM statistics data or VCPU statistics data * type: cumulative, instantaneous, * unit: none for simple counter, nanosecond, microsecond, millisecond, second, Byte, KiByte, MiByte, GiByte. Clock Cycles Since no lock/synchronization is used, the consistency between all the statistics data is not guaranteed. That means not all statistics data are read out at the exact same time, since the statistics date are still being updated by KVM subsystems while they are read out. --- * v6 -> v7 - Improve file descriptor allocation function by Krish suggestion - Use "generic stats" instead of "common stats" as Krish suggested - Addressed some other nits from Krish and David Matlack * v5 -> v6 - Use designated initializers for STATS_DESC - Change KVM_STATS_SCALE... to KVM_STATS_BASE... - Use a common function for kvm_[vm|vcpu]_stats_read - Fix some documentation errors/missings - Use TEST_ASSERT in selftest - Use a common function for [vm|vcpu]_stats_test in selftest * v4 -> v5 - Rebase to kvm/queue, commit a4345a7cecfb ("Merge tag 'kvmarm-fixes-5.13-1'") - Change maximum stats name length to 48 - Replace VM_STATS_COMMON/VCPU_STATS_COMMON macros with stats descriptor definition macros. - Fixed some errors/warnings reported by checkpatch.pl * v3 -> v4 - Rebase to kvm/queue, commit 9f242010c3b4 ("KVM: avoid "deadlock" between install_new_memslots and MMU notifier") - Use C-stype comments in the whole patch - Fix wrong count for x86 VCPU stats descriptors - Fix KVM stats data size counting and validity check in selftest * v2 -> v3 - Rebase to kvm/queue, commit edf408f5257b ("KVM: avoid "deadlock" between install_new_memslots and MMU notifier") - Resolve some nitpicks about format * v1 -> v2 - Use ARRAY_SIZE to count the number of stats descriptors - Fix missing `size` field initialization in macro STATS_DESC [1] https://lore.kernel.org/kvm/20210402224359.2297157-1-jingzhangos@google.com [2] https://lore.kernel.org/kvm/20210415151741.1607806-1-jingzhangos@google.com [3] https://lore.kernel.org/kvm/20210423181727.596466-1-jingzhangos@google.com [4] https://lore.kernel.org/kvm/20210429203740.1935629-1-jingzhangos@google.com [5] https://lore.kernel.org/kvm/20210517145314.157626-1-jingzhangos@google.com [6] https://lore.kernel.org/kvm/20210524151828.4113777-1-jingzhangos@google.com --- Jing Zhang (4): KVM: stats: Separate generic stats from architecture specific ones KVM: stats: Add fd-based API to read binary stats data KVM: stats: Add documentation for statistics data binary interface KVM: selftests: Add selftest for KVM statistics data binary interface Documentation/virt/kvm/api.rst | 180 +++++++++++++++ arch/arm64/include/asm/kvm_host.h | 9 +- arch/arm64/kvm/guest.c | 38 +++- arch/mips/include/asm/kvm_host.h | 9 +- arch/mips/kvm/mips.c | 64 +++++- arch/powerpc/include/asm/kvm_host.h | 9 +- arch/powerpc/kvm/book3s.c | 64 +++++- arch/powerpc/kvm/book3s_hv.c | 12 +- arch/powerpc/kvm/book3s_pr.c | 2 +- arch/powerpc/kvm/book3s_pr_papr.c | 2 +- arch/powerpc/kvm/booke.c | 59 ++++- arch/s390/include/asm/kvm_host.h | 9 +- arch/s390/kvm/kvm-s390.c | 129 ++++++++++- arch/x86/include/asm/kvm_host.h | 9 +- arch/x86/kvm/x86.c | 67 +++++- include/linux/kvm_host.h | 141 +++++++++++- include/linux/kvm_types.h | 12 + include/uapi/linux/kvm.h | 50 ++++ tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 3 + .../testing/selftests/kvm/include/kvm_util.h | 3 + .../selftests/kvm/kvm_binary_stats_test.c | 215 ++++++++++++++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 12 + virt/kvm/kvm_main.c | 169 +++++++++++++- 24 files changed, 1178 insertions(+), 90 deletions(-) create mode 100644 tools/testing/selftests/kvm/kvm_binary_stats_test.c base-commit: a4345a7cecfb91ae78cd43d26b0c6a956420761a -- 2.32.0.rc1.229.g3e70b5a671-goog

4 years

5
31
0 0

[PATCH net-next v2 4/7] testing: selftests: drivers: net: netdevsim: devlink: add test case for hard drop statistics

by Oleksandr Mazur

Add hard drop counter check testcase, to make sure netdevsim driver properly handles the devlink hard drop counters get/set callbacks. Signed-off-by: Oleksandr Mazur <oleksandr.mazur(a)plvision.eu> --- .../selftests/drivers/net/netdevsim/devlink_trap.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tools/testing/selftests/drivers/net/netdevsim/devlink_trap.sh b/tools/testing/selftests/drivers/net/netdevsim/devlink_trap.sh index 6165901a1cf3..109900c817be 100755 --- a/tools/testing/selftests/drivers/net/netdevsim/devlink_trap.sh +++ b/tools/testing/selftests/drivers/net/netdevsim/devlink_trap.sh @@ -165,6 +165,16 @@ trap_stats_test() devlink_trap_action_set $trap_name "drop" devlink_trap_stats_idle_test $trap_name check_err $? "Stats of trap $trap_name not idle when action is drop" + + echo "y"> $DEBUGFS_DIR/fail_trap_drop_counter_get + devlink -s trap show $DEVLINK_DEV trap $trap_name &> /dev/null + check_fail $? "Managed to read trap (hard dropped) statistics when should not" + echo "n"> $DEBUGFS_DIR/fail_trap_drop_counter_get + devlink -s trap show $DEVLINK_DEV trap $trap_name &> /dev/null + check_err $? "Did not manage to read trap (hard dropped) statistics when should" + + devlink_trap_drop_stats_idle_test $trap_name + check_fail $? "Drop stats of trap $trap_name idle when should not" else devlink_trap_stats_idle_test $trap_name check_fail $? "Stats of non-drop trap $trap_name idle when should not" -- 2.17.1

4 years

1
0
0 0

[PATCH net-next v2 2/7] testing: selftests: net: forwarding: add devlink-required functionality to test (hard) dropped stats field

by Oleksandr Mazur

Add devlink_trap_drop_packets_get function, as well as test that are used to verify devlink (hard) dropped stats functionality works. Signed-off-by: Oleksandr Mazur <oleksandr.mazur(a)plvision.eu> --- .../selftests/net/forwarding/devlink_lib.sh | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tools/testing/selftests/net/forwarding/devlink_lib.sh b/tools/testing/selftests/net/forwarding/devlink_lib.sh index 39fb9b8e7b58..13d3d4428a32 100644 --- a/tools/testing/selftests/net/forwarding/devlink_lib.sh +++ b/tools/testing/selftests/net/forwarding/devlink_lib.sh @@ -324,6 +324,14 @@ devlink_trap_rx_bytes_get() | jq '.[][][]["stats"]["rx"]["bytes"]' } +devlink_trap_drop_packets_get() +{ + local trap_name=$1; shift + + devlink -js trap show $DEVLINK_DEV trap $trap_name \ + | jq '.[][][]["stats"]["rx"]["dropped"]' +} + devlink_trap_stats_idle_test() { local trap_name=$1; shift @@ -345,6 +353,24 @@ devlink_trap_stats_idle_test() fi } +devlink_trap_drop_stats_idle_test() +{ + local trap_name=$1; shift + local t0_packets t0_bytes + + t0_packets=$(devlink_trap_drop_packets_get $trap_name) + + sleep 1 + + t1_packets=$(devlink_trap_drop_packets_get $trap_name) + + if [[ $t0_packets -eq $t1_packets ]]; then + return 0 + else + return 1 + fi +} + devlink_traps_enable_all() { local trap_name -- 2.17.1

4 years

1
0
0 0

[PATCH] selftests: cgroup: add stale mem protection values test

by Alexander Ovechkin

Add test case that reproduces premature oom caused by usage of stale mem protection. Usage of stale mem protection could lead to throttle of reclaim in target memcg and thus could trigger OOM. This bug was fixed in 22f7496f0b90 ("mm, memcg: avoid stale protection values when cgroup is above protection"). Signed-off-by: Alexander Ovechkin <ovov(a)yandex-team.ru> --- tools/testing/selftests/cgroup/cgroup_util.c | 21 ++-- tools/testing/selftests/cgroup/cgroup_util.h | 1 + .../selftests/cgroup/test_memcontrol.c | 96 +++++++++++++++++++ 3 files changed, 111 insertions(+), 7 deletions(-) diff --git a/tools/testing/selftests/cgroup/cgroup_util.c b/tools/testing/selftests/cgroup/cgroup_util.c index 027014662fb2..b4e90fe56c11 100644 --- a/tools/testing/selftests/cgroup/cgroup_util.c +++ b/tools/testing/selftests/cgroup/cgroup_util.c @@ -12,6 +12,7 @@ #include <sys/stat.h> #include <sys/types.h> #include <sys/wait.h> +#include <sys/mman.h> #include <unistd.h> #include "cgroup_util.h" @@ -456,22 +457,28 @@ int get_temp_fd(void) return open(".", O_TMPFILE | O_RDWR | O_EXCL); } +int touch_file(int fd, size_t size, off_t offset) { + char *buf; + + buf = mmap(0, size, PROT_READ, MAP_SHARED | MAP_POPULATE, fd, offset); + if (!buf) + return -1; + munmap(buf, size); + return 0; +} + int alloc_pagecache(int fd, size_t size) { - char buf[PAGE_SIZE]; struct stat st; - int i; if (fstat(fd, &st)) goto cleanup; - size += st.st_size; - - if (ftruncate(fd, size)) + if (ftruncate(fd, st.st_size + size)) goto cleanup; - for (i = 0; i < size; i += sizeof(buf)) - read(fd, buf, sizeof(buf)); + if (touch_file(fd, size, st.st_size)) + goto cleanup; return 0; diff --git a/tools/testing/selftests/cgroup/cgroup_util.h b/tools/testing/selftests/cgroup/cgroup_util.h index 5a1305dd1f0b..c9f3af07d969 100644 --- a/tools/testing/selftests/cgroup/cgroup_util.h +++ b/tools/testing/selftests/cgroup/cgroup_util.h @@ -42,6 +42,7 @@ extern int cg_run_nowait(const char *cgroup, int (*fn)(const char *cgroup, void *arg), void *arg); extern int get_temp_fd(void); +extern int touch_file(int fd, size_t size, off_t offset); extern int alloc_pagecache(int fd, size_t size); extern int alloc_anon(const char *cgroup, void *arg); extern int is_swap_enabled(void); diff --git a/tools/testing/selftests/cgroup/test_memcontrol.c b/tools/testing/selftests/cgroup/test_memcontrol.c index c19a97dd02d4..63b0b4403f4d 100644 --- a/tools/testing/selftests/cgroup/test_memcontrol.c +++ b/tools/testing/selftests/cgroup/test_memcontrol.c @@ -20,6 +20,7 @@ #include "../kselftest.h" #include "cgroup_util.h" + /* * This test creates two nested cgroups with and without enabling * the memory controller. @@ -579,6 +580,24 @@ static int alloc_pagecache_max_30M(const char *cgroup, void *arg) } +static int touch_pagecache(const char *cgroup, void *arg) { + int fd = (long)arg; + struct stat st; + + if (fstat(fd, &st)) + return -1; + + return touch_file(fd, st.st_size, 0); +} + +static int alloc_pagecache_300M(const char *cgroup, void *arg) +{ + int fd = (long)arg; + + return alloc_pagecache(fd, MB(300)); +} + + /* * This test checks that memory.high limits the amount of * memory which can be consumed by either anonymous memory @@ -1169,6 +1188,82 @@ static int test_memcg_oom_group_score_events(const char *root) return ret; } +/* + * First, this test creates the following hierarchy: + * A memory.low = 200M, memory.max = 200M + * A/B memory.low = 200M, memory.max = 200M + * A/C memory.low = 200M, memory.max = 200M + * + * Then it triggers relaim in A, by allocating A/B and A/C + * pagecaches. During this reclaim elow values of A/B and A/C are + * filled. + * Then it lowers limits for A/C to create memory pressure + * and trigger reclaim in A/C. Usage of elow value assigned during + * previous step as memory protection will lead with high probabilty + * to OOM. + */ +static int test_memcg_stale_protection_oom(const char *root) { + int i; + int fd = -1; + char *memcgs[3] = {0}; + const int memcgs_count = sizeof(memcgs)/sizeof(memcgs[0]); + int ret = -1; + char *low1 = "200M", *low2 = "100M"; + + for (i = 0; i < memcgs_count; ++i) { + char name[] = "memcg_test_\0"; + name[sizeof(name)-2] = '0' + i; + memcgs[i] = cg_name(memcgs[0] ? : root, name); + if (!memcgs[i]) + goto cleanup; + if (cg_create(memcgs[i])) + goto cleanup; + } + + if (cg_write(memcgs[0], "cgroup.subtree_control", "+memory")) + goto cleanup; + + for (i = 0; i < memcgs_count; ++i) { + if (cg_write(memcgs[i], "memory.max", low1)) { + goto cleanup; + } + if (cg_write(memcgs[i], "memory.low", low1)) { + goto cleanup; + } + } + + fd = get_temp_fd(); + if (fd < 0) + goto cleanup; + + if (cg_run(memcgs[1], alloc_pagecache_300M, (void*)(long)fd)) { + goto cleanup; + } + if (cg_run(memcgs[2], touch_pagecache, (void*)(long)fd)) { + goto cleanup; + } + + if (cg_write(memcgs[2], "memory.max", low2)) + goto cleanup; + if (cg_write(memcgs[2], "memory.low", low2)) + goto cleanup; + if (cg_run(memcgs[2], touch_pagecache, (void*)(long)fd)) + goto cleanup; + + ret = 0; +cleanup: + for (i = memcgs_count; i > 0; --i) { + if (memcgs[i - 1]) { + cg_destroy(memcgs[i - 1]); + free(memcgs[i - 1]); + } + } + + if (fd >= 0) + close(fd); + return ret; +} + #define T(x) { x, #x } struct memcg_test { @@ -1187,6 +1282,7 @@ struct memcg_test { T(test_memcg_oom_group_leaf_events), T(test_memcg_oom_group_parent_events), T(test_memcg_oom_group_score_events), + T(test_memcg_stale_protection_oom), }; #undef T -- 2.17.1

4 years

1
0
0 0

[PATCH] kunit: Fix result propagation for parameterised tests

by David Gow

When one parameter of a parameterised test failed, its failure would be propagated to the overall test, but not to the suite result (unless it was the last parameter). This is because test_case->success was being reset to the test->success result after each parameter was used, so a failing test's result would be overwritten by a non-failing result. The overall test result was handled in a third variable, test_result, but this was disacarded after the status line was printed. Instead, just propagate the result after each parameter run. Signed-off-by: David Gow <davidgow(a)google.com> Fixes: fadb08e7c750 ("kunit: Support for Parameterized Testing") --- This is fixing quite a serious bug where some test suites would appear to succeed even if some of their component tests failed. It'd be nice to get this into kunit-fixes ASAP. (This will require a rework of some of the skip tests work, for which I'll send out a new version soon.) Cheers, -- David lib/kunit/test.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lib/kunit/test.c b/lib/kunit/test.c index 2f6cc0123232..17973a4a44c2 100644 --- a/lib/kunit/test.c +++ b/lib/kunit/test.c @@ -376,7 +376,7 @@ static void kunit_run_case_catch_errors(struct kunit_suite *suite, context.test_case = test_case; kunit_try_catch_run(try_catch, &context); - test_case->success = test->success; + test_case->success &= test->success; } int kunit_run_tests(struct kunit_suite *suite) @@ -388,7 +388,7 @@ int kunit_run_tests(struct kunit_suite *suite) kunit_suite_for_each_test_case(suite, test_case) { struct kunit test = { .param_value = NULL, .param_index = 0 }; - bool test_success = true; + test_case->success = true; if (test_case->generate_params) { /* Get initial param. */ @@ -398,7 +398,6 @@ int kunit_run_tests(struct kunit_suite *suite) do { kunit_run_case_catch_errors(suite, test_case, &test); - test_success &= test_case->success; if (test_case->generate_params) { if (param_desc[0] == '\0') { @@ -420,7 +419,7 @@ int kunit_run_tests(struct kunit_suite *suite) } } while (test.param_value); - kunit_print_ok_not_ok(&test, true, test_success, + kunit_print_ok_not_ok(&test, true, test_case->success, kunit_test_case_num(suite, test_case), test_case->name); } -- 2.32.0.272.g935e593368-goog

4 years, 1 month

4
5
0 0

[PATCH v3] kunit: add unit test for filtering suites by names

by Daniel Latypov

This adds unit tests for kunit_filter_subsuite() and kunit_filter_suites(). Note: what the executor means by "subsuite" is the array of suites corresponding to each test file. This patch lightly refactors executor.c to avoid the use of global variables to make it testable. It also includes a clever `kfree_at_end()` helper that makes this test easier to write than it otherwise would have been. Tested by running just the new tests using itself $ ./tools/testing/kunit/kunit.py run '*exec*' Signed-off-by: Daniel Latypov <dlatypov(a)google.com> Reviewed-by: David Gow <davidgow(a)google.com> --- v2 -> v3: * Rename variable for filter_glob module param to avoid compiler warnings. Couldn't think of a better name for the argument. v1 -> v2: * Fix missing free in kfree_subsuites_at_end() --- lib/kunit/executor.c | 32 +++++---- lib/kunit/executor_test.c | 133 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 151 insertions(+), 14 deletions(-) create mode 100644 lib/kunit/executor_test.c diff --git a/lib/kunit/executor.c b/lib/kunit/executor.c index 15832ed44668..b6af56267f9b 100644 --- a/lib/kunit/executor.c +++ b/lib/kunit/executor.c @@ -13,13 +13,13 @@ extern struct kunit_suite * const * const __kunit_suites_end[]; #if IS_BUILTIN(CONFIG_KUNIT) -static char *filter_glob; -module_param(filter_glob, charp, 0); +static char *filter_glob_param; +module_param_named(filter_glob, filter_glob_param, charp, 0); MODULE_PARM_DESC(filter_glob, "Filter which KUnit test suites run at boot-time, e.g. list*"); static struct kunit_suite * const * -kunit_filter_subsuite(struct kunit_suite * const * const subsuite) +kunit_filter_subsuite(struct kunit_suite * const * const subsuite, const char *filter_glob) { int i, n = 0; struct kunit_suite **filtered; @@ -52,19 +52,14 @@ struct suite_set { struct kunit_suite * const * const *end; }; -static struct suite_set kunit_filter_suites(void) +static struct suite_set kunit_filter_suites(const struct suite_set *suite_set, + const char *filter_glob) { int i; struct kunit_suite * const **copy, * const *filtered_subsuite; struct suite_set filtered; - const size_t max = __kunit_suites_end - __kunit_suites_start; - - if (!filter_glob) { - filtered.start = __kunit_suites_start; - filtered.end = __kunit_suites_end; - return filtered; - } + const size_t max = suite_set->end - suite_set->start; copy = kmalloc_array(max, sizeof(*filtered.start), GFP_KERNEL); filtered.start = copy; @@ -74,7 +69,7 @@ static struct suite_set kunit_filter_suites(void) } for (i = 0; i < max; ++i) { - filtered_subsuite = kunit_filter_subsuite(__kunit_suites_start[i]); + filtered_subsuite = kunit_filter_subsuite(suite_set->start[i], filter_glob); if (filtered_subsuite) *copy++ = filtered_subsuite; } @@ -98,15 +93,20 @@ static void kunit_print_tap_header(struct suite_set *suite_set) int kunit_run_all_tests(void) { struct kunit_suite * const * const *suites; + struct suite_set suite_set = { + .start = __kunit_suites_start, + .end = __kunit_suites_end, + }; - struct suite_set suite_set = kunit_filter_suites(); + if (filter_glob_param) + suite_set = kunit_filter_suites(&suite_set, filter_glob_param); kunit_print_tap_header(&suite_set); for (suites = suite_set.start; suites < suite_set.end; suites++) __kunit_test_suites_init(*suites); - if (filter_glob) { /* a copy was made of each array */ + if (filter_glob_param) { /* a copy was made of each array */ for (suites = suite_set.start; suites < suite_set.end; suites++) kfree(*suites); kfree(suite_set.start); @@ -115,4 +115,8 @@ int kunit_run_all_tests(void) return 0; } +#if IS_BUILTIN(CONFIG_KUNIT_TEST) +#include "executor_test.c" +#endif + #endif /* IS_BUILTIN(CONFIG_KUNIT) */ diff --git a/lib/kunit/executor_test.c b/lib/kunit/executor_test.c new file mode 100644 index 000000000000..cdbe54b16501 --- /dev/null +++ b/lib/kunit/executor_test.c @@ -0,0 +1,133 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * KUnit test for the KUnit executor. + * + * Copyright (C) 2021, Google LLC. + * Author: Daniel Latypov <dlatypov(a)google.com> + */ + +#include <kunit/test.h> + +static void kfree_at_end(struct kunit *test, const void *to_free); +static struct kunit_suite *alloc_fake_suite(struct kunit *test, + const char *suite_name); + +static void filter_subsuite_test(struct kunit *test) +{ + struct kunit_suite *subsuite[3] = {NULL, NULL, NULL}; + struct kunit_suite * const *filtered; + + subsuite[0] = alloc_fake_suite(test, "suite1"); + subsuite[1] = alloc_fake_suite(test, "suite2"); + + /* Want: suite1, suite2, NULL -> suite2, NULL */ + filtered = kunit_filter_subsuite(subsuite, "suite2*"); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, filtered); + kfree_at_end(test, filtered); + + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, filtered[0]); + KUNIT_EXPECT_STREQ(test, (const char *)filtered[0]->name, "suite2"); + + KUNIT_EXPECT_FALSE(test, filtered[1]); +} + +static void filter_subsuite_to_empty_test(struct kunit *test) +{ + struct kunit_suite *subsuite[3] = {NULL, NULL, NULL}; + struct kunit_suite * const *filtered; + + subsuite[0] = alloc_fake_suite(test, "suite1"); + subsuite[1] = alloc_fake_suite(test, "suite2"); + + filtered = kunit_filter_subsuite(subsuite, "not_found"); + kfree_at_end(test, filtered); /* just in case */ + + KUNIT_EXPECT_FALSE_MSG(test, filtered, + "should be NULL to indicate no match"); +} + +static void kfree_subsuites_at_end(struct kunit *test, struct suite_set *suite_set) +{ + struct kunit_suite * const * const *suites; + + kfree_at_end(test, suite_set->start); + for (suites = suite_set->start; suites < suite_set->end; suites++) + kfree_at_end(test, *suites); +} + +static void filter_suites_test(struct kunit *test) +{ + /* Suites per-file are stored as a NULL terminated array */ + struct kunit_suite *subsuites[2][2] = { + {NULL, NULL}, + {NULL, NULL}, + }; + /* Match the memory layout of suite_set */ + struct kunit_suite * const * const suites[2] = { + subsuites[0], subsuites[1], + }; + + const struct suite_set suite_set = { + .start = suites, + .end = suites + 2, + }; + struct suite_set filtered = {.start = NULL, .end = NULL}; + + /* Emulate two files, each having one suite */ + subsuites[0][0] = alloc_fake_suite(test, "suite0"); + subsuites[1][0] = alloc_fake_suite(test, "suite1"); + + /* Filter out suite1 */ + filtered = kunit_filter_suites(&suite_set, "suite0"); + kfree_subsuites_at_end(test, &filtered); /* let us use ASSERTs without leaking */ + KUNIT_ASSERT_EQ(test, filtered.end - filtered.start, (ptrdiff_t)1); + + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, filtered.start); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, filtered.start[0]); + KUNIT_EXPECT_STREQ(test, (const char *)filtered.start[0][0]->name, "suite0"); +} + +static struct kunit_case executor_test_cases[] = { + KUNIT_CASE(filter_subsuite_test), + KUNIT_CASE(filter_subsuite_to_empty_test), + KUNIT_CASE(filter_suites_test), + {} +}; + +static struct kunit_suite executor_test_suite = { + .name = "kunit_executor_test", + .test_cases = executor_test_cases, +}; + +kunit_test_suites(&executor_test_suite); + +/* Test helpers */ + +static void kfree_res_free(struct kunit_resource *res) +{ + kfree(res->data); +} + +/* Use the resource API to register a call to kfree(to_free). + * Since we never actually use the resource, it's safe to use on const data. + */ +static void kfree_at_end(struct kunit *test, const void *to_free) +{ + /* kfree() handles NULL already, but avoid allocating a no-op cleanup. */ + if (IS_ERR_OR_NULL(to_free)) + return; + kunit_alloc_and_get_resource(test, NULL, kfree_res_free, GFP_KERNEL, + (void *)to_free); +} + +static struct kunit_suite *alloc_fake_suite(struct kunit *test, + const char *suite_name) +{ + struct kunit_suite *suite; + + /* We normally never expect to allocate suites, hence the non-const cast. */ + suite = kunit_kzalloc(test, sizeof(*suite), GFP_KERNEL); + strncpy((char *)suite->name, suite_name, sizeof(suite->name) - 1); + + return suite; +} base-commit: 1fe5501ba1abf2b7e78295df73675423bd6899a0 -- 2.31.1.368.gbe11c130af-goog

4 years, 1 month

3
2
0 0

[PATCH v8 0/8] Fork brute force attack mitigation

by John Wood

Attacks against vulnerable userspace applications with the purpose to break ASLR or bypass canaries traditionally use some level of brute force with the help of the fork system call. This is possible since when creating a new process using fork its memory contents are the same as those of the parent process (the process that called the fork system call). So, the attacker can test the memory infinite times to find the correct memory values or the correct memory addresses without worrying about crashing the application. Based on the above scenario it would be nice to have this detected and mitigated, and this is the goal of this patch serie. Specifically the following attacks are expected to be detected: 1.- Launching (fork()/exec()) a setuid/setgid process repeatedly until a desirable memory layout is got (e.g. Stack Clash). 2.- Connecting to an exec()ing network daemon (e.g. xinetd) repeatedly until a desirable memory layout is got (e.g. what CTFs do for simple network service). 3.- Launching processes without exec() (e.g. Android Zygote) and exposing state to attack a sibling. 4.- Connecting to a fork()ing network daemon (e.g. apache) repeatedly until the previously shared memory layout of all the other children is exposed (e.g. kind of related to HeartBleed). In each case, a privilege boundary has been crossed: Case 1: setuid/setgid process Case 2: network to local Case 3: privilege changes Case 4: network to local So, what will really be detected are fork/exec brute force attacks that cross any of the commented bounds. The implementation details and comparison against other existing implementations can be found in the "Documentation" patch. It is important to mention that the v8 and v7 versions have changed the method used to track the information related to the application crashes. Prior this versions, a pointer per process (in the task_struct structure) held a reference to the shared statistical data. Or in other words, these stats were shared by all the fork hierarchy processes. But this has an important drawback: a brute force attack that happens through the execve system call losts the faults info since these statistics are freed when the fork hierarchy disappears. So, the solution adopted in the v6 version was to use an upper fork hierarchy to track the info for this attack type. But, as Valdis Kletnieks pointed out during this discussion [1], this method can be easily bypassed using a double exec (well, this was the method used in the kselftest to avoid the detection ;) ). So, in this version, to track all the statistical data (info related with application crashes), the extended attributes feature for the executable files are used. The xattr is also used to mark the executables as "not allowed" when an attack is detected. Then, the execve system call rely on this flag to avoid following executions of this file. [1] https://lore.kernel.org/kernelnewbies/20210330173459.GA3163@ubuntu/ Moreover, I think this solves another problem pointed out by Andi Kleen during the v5 review [2] related to the possibility that a supervisor respawns processes killed by the Brute LSM. He suggested adding some way so a supervisor can know that a process has been killed by Brute and then decide to respawn or not. So, now, the supervisor can read the brute xattr of one executable and know if it is blocked by Brute and why (using the statistical data). [2] https://lore.kernel.org/kernel-hardening/878s78dnrm.fsf@linux.intel.com/ Although the xattr of the executable is accessible from userspace, in complex daemons this file may not be visible directly by the supervisor as it may be run through some wrapper. So, an extension to the waitid() system call has been added in this version. This was suggested by Andi Kleen [3] during the v7 review. (The case with supervisors using cgroups is not yet tested). [3] https://lore.kernel.org/kernel-hardening/19903478-52e0-3829-0515-3e17669108… Knowing all this information I will explain now the different patches: The 1/8 patch defines a new LSM hook to get the fatal signal of a task. This will be useful during the attack detection phase. The 2/8 patch defines a new LSM and the necessary sysctl attributes to fine tuning the attack detection. The 3/8 patch detects a fork/exec brute force attack and narrows the possible cases taken into account the privilege boundary crossing. The 4/8 patch mitigates a brute force attack. The 5/8 patch adds the extension to the waitid system call to notify to userspace that a task has been killed by Brute LSM when an attack is mitigated. The 6/8 patch adds self-tests to validate the Brute LSM expectations. The 7/8 patch adds the documentation to explain this implementation. The 8/8 patch updates the maintainers file. This patch serie is a task of the KSPP [4] and can also be accessed from my github tree [5] in the "brute_v8" branch. [4] https://github.com/KSPP/linux/issues/39 [5] https://github.com/johwood/linux/ When I ran the "checkpatch" script I got the following errors, but I think they are false positives as I follow the same coding style for the others extended attributes suffixes. ---------------------------------------------------------------------------- ../patches/brute_v8/v8-0003-security-brute-Detect-a-brute-force-attack.patch ---------------------------------------------------------------------------- ERROR: Macros with complex values should be enclosed in parentheses 89: FILE: include/uapi/linux/xattr.h:80: +#define XATTR_NAME_BRUTE XATTR_SECURITY_PREFIX XATTR_BRUTE_SUFFIX ----------------------------------------------------------------------------- ../patches/brute_v8/v8-0006-selftests-brute-Add-tests-for-the-Brute-LSM.patch ----------------------------------------------------------------------------- ERROR: Macros with complex values should be enclosed in parentheses 159: FILE: tools/testing/selftests/brute/rmxattr.c:18: +#define XATTR_NAME_BRUTE XATTR_SECURITY_PREFIX XATTR_BRUTE_SUFFIX When I ran the "kernel-doc" script with the following parameters: ./scripts/kernel-doc --none -v security/brute/brute.c I got the following warning: security/brute/brute.c:118: warning: contents before sections But I don't understand why it is complaining. Could it be a false positive? The previous versions can be found in: RFC https://lore.kernel.org/kernel-hardening/20200910202107.3799376-1-keescook@… Version 2 https://lore.kernel.org/kernel-hardening/20201025134540.3770-1-john.wood@gm… Version 3 https://lore.kernel.org/lkml/20210221154919.68050-1-john.wood@gmx.com/ Version 4 https://lore.kernel.org/lkml/20210227150956.6022-1-john.wood@gmx.com/ Version 5 https://lore.kernel.org/kernel-hardening/20210227153013.6747-1-john.wood@gm… Version 6 https://lore.kernel.org/kernel-hardening/20210307113031.11671-1-john.wood@g… Version 7 https://lore.kernel.org/kernel-hardening/20210521172414.69456-1-john.wood@g… Changelog RFC -> v2 ------------------- - Rename this feature with a more suitable name (Jann Horn, Kees Cook). - Convert the code to an LSM (Kees Cook). - Add locking to avoid data races (Jann Horn). - Add a new LSM hook to get the fatal signal of a task (Jann Horn, Kees Cook). - Add the last crashes timestamps list to avoid false positives in the attack detection (Jann Horn). - Use "period" instead of "rate" (Jann Horn). - Other minor changes suggested (Jann Horn, Kees Cook). Changelog v2 -> v3 ------------------ - Compute the application crash period on an on-going basis (Kees Cook). - Detect a brute force attack through the execve system call (Kees Cook). - Detect an slow brute force attack (Randy Dunlap). - Fine tuning the detection taken into account privilege boundary crossing (Kees Cook). - Taken into account only fatal signals delivered by the kernel (Kees Cook). - Remove the sysctl attributes to fine tuning the detection (Kees Cook). - Remove the prctls to allow per process enabling/disabling (Kees Cook). - Improve the documentation (Kees Cook). - Fix some typos in the documentation (Randy Dunlap). - Add self-test to validate the expectations (Kees Cook). Changelog v3 -> v4 ------------------ - Fix all the warnings shown by the tool "scripts/kernel-doc" (Randy Dunlap). Changelog v4 -> v5 ------------------ - Fix some typos (Randy Dunlap). Changelog v5 -> v6 ------------------ - Fix a reported deadlock (kernel test robot). - Add high level details to the documentation (Andi Kleen). Changelog v6 -> v7 ------------------ - Add the "Reviewed-by:" tag to the first patch. - Rearrange the brute LSM between lockdown and yama (Kees Cook). - Split subdir and obj in security/Makefile (Kees Cook). - Reduce the number of header files included (Kees Cook). - Print the pid when an attack is detected (Kees Cook). - Use the socket_accept LSM hook instead of socket_sock_rcv_skb hook to avoid running a hook on every incoming network packet (Kees Cook). - Update the documentation and fix it to render it properly (Jonathan Corbet). - Manage correctly an exec brute force attack avoiding the bypass (Valdis Kletnieks). - Other minor changes and cleanups. Changelog v7 -> v8 ------------------ - Rebase against v5.13-rc4. - Fix a build error if CONFIG_IPV6 and/or CONFIG_SECURITY_NETWORK is not set (kernel test robot). - Notify to userspace that a task has been killed by Brute LSM (Andi Kleen). - Add a new test to verify that the userspace notification is working. - Update the documentation accordingly with this new feature. - Other minor changes and cleanups. Any constructive comments are welcome. Thanks in advance. John Wood (8): security: Add LSM hook at the point where a task gets a fatal signal security/brute: Define a LSM and add sysctl attributes security/brute: Detect a brute force attack security/brute: Mitigate a brute force attack security/brute: Notify to userspace "task killed" selftests/brute: Add tests for the Brute LSM Documentation: Add documentation for the Brute LSM MAINTAINERS: Add a new entry for the Brute LSM Documentation/admin-guide/LSM/Brute.rst | 359 ++++++++++ Documentation/admin-guide/LSM/index.rst | 1 + MAINTAINERS | 8 + arch/x86/kernel/signal_compat.c | 2 +- include/brute/brute.h | 16 + include/linux/lsm_hook_defs.h | 1 + include/linux/lsm_hooks.h | 4 + include/linux/security.h | 4 + include/uapi/asm-generic/siginfo.h | 3 +- include/uapi/linux/xattr.h | 3 + kernel/exit.c | 6 +- kernel/signal.c | 5 +- security/Kconfig | 11 +- security/Makefile | 2 + security/brute/Kconfig | 15 + security/brute/Makefile | 2 + security/brute/brute.c | 795 +++++++++++++++++++++++ security/security.c | 5 + tools/testing/selftests/Makefile | 1 + tools/testing/selftests/brute/.gitignore | 3 + tools/testing/selftests/brute/Makefile | 5 + tools/testing/selftests/brute/config | 1 + tools/testing/selftests/brute/exec.c | 46 ++ tools/testing/selftests/brute/rmxattr.c | 34 + tools/testing/selftests/brute/test.c | 507 +++++++++++++++ tools/testing/selftests/brute/test.sh | 269 ++++++++ 26 files changed, 2099 insertions(+), 9 deletions(-) create mode 100644 Documentation/admin-guide/LSM/Brute.rst create mode 100644 include/brute/brute.h create mode 100644 security/brute/Kconfig create mode 100644 security/brute/Makefile create mode 100644 security/brute/brute.c create mode 100644 tools/testing/selftests/brute/.gitignore create mode 100644 tools/testing/selftests/brute/Makefile create mode 100644 tools/testing/selftests/brute/config create mode 100644 tools/testing/selftests/brute/exec.c create mode 100644 tools/testing/selftests/brute/rmxattr.c create mode 100644 tools/testing/selftests/brute/test.c create mode 100755 tools/testing/selftests/brute/test.sh -- 2.25.1

4 years, 1 month

3
12
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror