The PAC tests currently generate a very small number of false failures since the limited size of PAC keys, especially with fewer bits allocated for PAC due to larger VA, means collisions in generated PACs are possible even if the PAC keys are different. The test tries to work around this by testing repeatedly but doesn't iterate often enough to be reliable.
We also fix a leak of file descriptors in the exec test which doesn't matter now but can become an issue when the number of iterations is increased, we can bump into limits on allocated file descriptors.
Signed-off-by: Mark Brown broonie@kernel.org --- Mark Brown (2): kselftest/arm64: Don't leak pipe fds in pac.exec_sign_all() kselftest/arm64: Try harder to generate different keys during PAC tests
tools/testing/selftests/arm64/pauth/pac.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- base-commit: 8e929cb546ee42c9a61d24fae60605e9e3192354 change-id: 20241111-arm64-pac-test-collisions-5613f5dfe479
Best regards,
The PAC exec_sign_all() test spawns some child processes, creating pipes to be stdin and stdout for the child. It cleans up most of the file descriptors that are created as part of this but neglects to clean up the parent end of the child stdin and stdout. Add the missing close() calls.
Signed-off-by: Mark Brown broonie@kernel.org --- tools/testing/selftests/arm64/pauth/pac.c | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/tools/testing/selftests/arm64/pauth/pac.c b/tools/testing/selftests/arm64/pauth/pac.c index b743daa772f55f570a3c0a912ac0c2c403c4256a..5a07b3958fbf292b09c9d6b11b8f9db2880beeed 100644 --- a/tools/testing/selftests/arm64/pauth/pac.c +++ b/tools/testing/selftests/arm64/pauth/pac.c @@ -182,6 +182,9 @@ int exec_sign_all(struct signatures *signed_vals, size_t val) return -1; }
+ close(new_stdin[1]); + close(new_stdout[0]); + return 0; }
We very intermittently see failures in the single_thread_different_keys PAC test. As noted in the comment in the test the PAC field can be quite narrow so there is a chance of collisions even with different keys with a chance of 5% for 7 bit keys, and the potential for narrower keys. The test tries to avoid this by running repeatedly, but only tries 10 times which even with a 5% chance of collisions isn't enough.
Increase the number of times we attempt to look for collisions by a factor of 100, this also affects other tests which are following a similar pattern with running the test repeatedly and either don't care like with pac_instruction_not_nop or potentially have the same issue like exec_sign_all.
The PAC tests are very fast, running in a second or two even in emulation, so the 100x increased cost is mildly irritating but not a huge issue. The bulk of the overhead is in the exec_sign_all test which does a fork() and exec() per iteration.
Signed-off-by: Mark Brown broonie@kernel.org --- tools/testing/selftests/arm64/pauth/pac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/arm64/pauth/pac.c b/tools/testing/selftests/arm64/pauth/pac.c index 5a07b3958fbf292b09c9d6b11b8f9db2880beeed..6d21b2fc758d80d0cd7d0db2859de3b308522cb4 100644 --- a/tools/testing/selftests/arm64/pauth/pac.c +++ b/tools/testing/selftests/arm64/pauth/pac.c @@ -13,7 +13,7 @@ #include "../../kselftest_harness.h" #include "helper.h"
-#define PAC_COLLISION_ATTEMPTS 10 +#define PAC_COLLISION_ATTEMPTS 1000 /* * The kernel sets TBID by default. So bits 55 and above should remain * untouched no matter what.
On Mon, 11 Nov 2024 16:18:54 +0000, Mark Brown wrote:
The PAC tests currently generate a very small number of false failures since the limited size of PAC keys, especially with fewer bits allocated for PAC due to larger VA, means collisions in generated PACs are possible even if the PAC keys are different. The test tries to work around this by testing repeatedly but doesn't iterate often enough to be reliable.
[...]
Applied to arm64 (for-next/kselftest), thanks!
[1/2] kselftest/arm64: Don't leak pipe fds in pac.exec_sign_all() https://git.kernel.org/arm64/c/27141b690547 [2/2] kselftest/arm64: Try harder to generate different keys during PAC tests https://git.kernel.org/arm64/c/91a6533811bb
linux-kselftest-mirror@lists.linaro.org
-
Catalin Marinas -
Mark Brown