Packets received over the socket are forwarded to the user device.
Implementation is UDP only. TCP will be added by a later patch.
Note: no decryption/decapsulation exists yet, packets are forwarded as
they arrive without much processing.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/i
When sending an skb over a socket using skb_send_sock_locked(),
it is currently not possible to specify any flag to be set in
msghdr->msg_flags.
However, we may want to pass flags the user may have specified,
like MSG_NOSIGNAL.
Extend __skb_send_sock() with a new argument 'flags' and add a
new in
With this change ovpn is allowed to communicate to peers also via TCP.
Parsing of incoming messages is implemented through the strparser API.
Note that ovpn redefines sk_prot and sk_socket->ops for the TCP socket
used to communicate with the peer.
For this reason it needs to access inet6_stream_op
Packets sent over the ovpn interface are processed and transmitted to the
connected peer, if any.
Implementation is UDP only. TCP will be added by a later patch.
Note: no crypto/encapsulation exists yet. Packets are just captured and
sent.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconf
Byte/packet counters for in-tunnel and transport streams
are now initialized and updated as needed.
To be exported via netlink.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 12 +++-
drivers/net/ovpn/peer.c | 2 ++
drivers/net/ovpn
inet6_stream_ops is currently non-static and also declared in
include/net/ipv6.h, however, it is not exported for usage in
non-builtin modules.
Export inet6_stream_ops via EXPORT_SYMBOL_GPL in order to make
it available to non-builtin modules.
Cc: David Ahern
Cc: Eric Dumazet
Cc: Jakub Kicinski
On 1/6/25 19:21, Thorsten Leemhuis wrote:
> Lo! From the "better reply late than never" department:
>
> Thx for picking this up again, much appreciated!
Thank you both for the support :)
> On 18.12.24 06:48, Kees Cook wrote:
>> On Fri, Dec 13, 2024 at 12:29:22PM +0100, Vlastimil Babka wrote:
>>>
On Mon, Jan 13, 2025 at 02:51:58PM +0100, Michal Luczaj wrote:
On 1/13/25 12:05, Stefano Garzarella wrote:
On Mon, Jan 13, 2025 at 11:12:52AM +0100, Michal Luczaj wrote:
On 1/13/25 10:07, Stefano Garzarella wrote:
On Mon, 13 Jan 2025 at 09:57, Stefano Garzarella wrote:
On Sun, Jan 12, 2025 a
+Shuah Khan
On Sat, Dec 7, 2024 at 1:52 PM Tamir Duberstein wrote:
>
> Thanks David! While the next patch is still plausibly undergoing
> discussion, would it be possible to pick this one up? Without it
> kunit.py is not usable on macOS.
Shuah, could you pick this if you agree?
Cheers,
Tamir
On Mon, 13 Jan 2025 09:30:20 -0800 Joe Damato wrote:
> > > static void virtnet_napi_enable_lock(struct virtqueue *vq,
> > > -struct napi_struct *napi)
> > > +struct napi_struct *napi,
> > > +
Running "make kselftest TARGETS=net/forwarding" results in
multiple ccurrences of the same error:
- ./lib.sh: line 787: teamd: command not found
This patch adds the variable $REQUIRE_TEAMD in every test that uses the
command teamd and checks the $REQUIRE_TEAMD variable in the file "lib.sh"
to skip
Release memory before exception branch returns to prevent memory leaks
Checking tools/testing/selftests/mm/mkdirty.c ...
tools/testing/selftests/mm/mkdirty.c:283:3: error: Memory leak: src [memleak]
return;
^
Signed-off-by: liuye
---
tools/testing/selftests/mm/mkdirty.c | 1 +
1 file ch
I tested this patch with virtio-net regression tests, everything works fine.
Tested-by: Lei Yang
On Mon, Jan 13, 2025 at 5:20 AM Mike Christie
wrote:
>
> On 1/12/25 11:35 AM, michael.chris...@oracle.com wrote:
> > So I think to fix the issue, we would want to:
> >
> > 1. move the
> >
> > memcp
On Mon, 13 Jan 2025 14:15:38 +0100 Thomas Weißschuh
wrote:
> The virtual_address_range selftest reads from the start of each mapping
> listed in /proc/self/maps.
> However not all mappings are valid to be arbitrarily accessed.
>
> For example the vvar data used for virtual clocks on x86 [vvar_v
Release memory before exception branch returns to prevent memory leaks.
Signed-off-by: liuye
---
tools/testing/selftests/mm/cow.c | 21 -
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/tools/testing/selftests/mm/cow.c b/tools/testing/selftests/mm/cow.c
ind
If name is NULL, a NULL pointer may be accessed in printf.
Signed-off-by: liuye
---
tools/testing/selftests/memfd/memfd_test.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/memfd/memfd_test.c
b/tools/testing/selftests/memfd/memfd_test.c
index c0
On Mon, 13 Jan 2025 14:51:55 +0800 Chen Ridong
wrote:
>
>
> On 2025/1/6 16:45, Vlastimil Babka wrote:
> > On 12/24/24 03:52, Chen Ridong wrote:
> >> From: Chen Ridong
> >
> > +CC RCU
> >
> >> A soft lockup issue was found in the product with about 56,000 tasks were
> >> in the OOM cgroup, i
Exception branch returns without closing fp.
Signed-off-by: liuye
---
tools/testing/selftests/acct/acct_syscall.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/acct/acct_syscall.c
b/tools/testing/selftests/acct/acct_syscall.c
index e44e8fe1f4a
Port over the definition of data_race() so we can build tools/virtio.
cc -g -O2 -Werror -Wno-maybe-uninitialized -Wall -I.
-I../include/ -I ../../usr/include/ -Wno-pointer-sign
-fno-strict-overflow -fno-strict-aliasing -fno-common
-MMD -U_FORTIFY_SOURCE -include ../../include/linux/kconfig.h
-mfun
On Tue, 14 Jan 2025 11:21:15 +0800 liuye wrote:
> If name is NULL, a NULL pointer may be accessed in printf.
>
> ...
>
> --- a/tools/testing/selftests/memfd/memfd_test.c
> +++ b/tools/testing/selftests/memfd/memfd_test.c
> @@ -171,7 +171,7 @@ static void mfd_fail_new(const char *name, unsign
On 1/11/25 19:42, Krzysztof Kozlowski wrote:
> Use syscon_regmap_lookup_by_phandle_args() which is a wrapper over
> syscon_regmap_lookup_by_phandle() and getting the argument. Except
> simpler code this annotates within one line that given phandle has
> arguments, so grepping for code would be
On 1/11/25 19:42, Krzysztof Kozlowski wrote:
> Use dev_err_probe() to make error code handling simpler and handle
> deferred probe.
>
> Signed-off-by: Krzysztof Kozlowski
> ---
> drivers/remoteproc/st_remoteproc.c | 44
> +-
> 1 file changed, 20 insertions
On 11/15/2024 5:11 AM, Pratik R. Sampat wrote:
> Extend the SEV library to include support for SNP ioctl() wrappers,
> which aid in launching and interacting with a SEV-SNP guest.
>
> Signed-off-by: Pratik R. Sampat
> ---
> .../selftests/kvm/include/x86_64/sev.h| 49 ++-
> too
On 11/15/2024 5:11 AM, Pratik R. Sampat wrote:
> In preparation for SNP, declutter the vm type check by introducing a
> SEV-SNP VM type check as well a transitive set of helper functions.
>
> The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP
> types are subset of the SEV VM
Fix a bug where the code was checking the wrong file descriptor
when opening the input file. The code was checking 'fd' instead
of 'fd_in', which could lead to incorrect error handling.
Signed-off-by: Cong Liu
---
tools/testing/selftests/net/mptcp/mptcp_connect.c | 4 ++--
1 file changed, 2 inse
Fix several issues in the mptcp connect test's main_loop function.
- Fix a bug where the wrong file descriptor was being checked for errors
- Fix the input file descriptor lifecycle in the reconnection loop to
prevent use of invalid fd
- Add proper resource cleanup in error paths
Cong Liu (
Add proper cleanup of resources (file descriptors and address info)
in error paths to prevent resource leaks.
Signed-off-by: Cong Liu
---
tools/testing/selftests/net/mptcp/mptcp_connect.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/net/mptcp
When both cfg_input and cfg_sockopt_types.mptfo are set, the input file
descriptor (fd_in) is opened before the reconnection loop but closed
within the loop. However, when mptfo is enabled, the descriptor is not
reopened in the loop, causing subsequent iterations to use an invalid
file descriptor.
On Sun, Jan 12, 2025 at 11:42:30PM +0100, Michal Luczaj wrote:
On 1/10/25 09:35, Stefano Garzarella wrote:
If the socket has been de-assigned or assigned to another transport,
we must discard any packets received because they are not expected
and would cause issues when we access vsk->transport.
Fixes: ("virtio_ring: perform premapped operations based on
per-buffer")
also add DMA_MAPPING_ERROR define for virtio test.
Signed-off-by: Yufeng Wang
---
tools/virtio/linux/dma-mapping.h | 12
1 file changed, 12 insertions(+)
diff --git a/tools/virtio/linux/dma-mapping.h b/tools/
On Fri, Jan 10, 2025 at 04:41:03PM +0100, David Hildenbrand wrote:
> On 10.01.25 14:05, Thomas Weißschuh wrote:
> > The virtual_address_range selftest reads from the start of each mapping
> > listed in /proc/self/maps.
> > However not all mappings are valid to be arbitrarily accessed.
> > For examp
On Mon, 13 Jan 2025 at 09:57, Stefano Garzarella wrote:
> On Sun, Jan 12, 2025 at 11:42:30PM +0100, Michal Luczaj wrote:
[...]
> >
> >So, if I get this right:
> >1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)
> >2. transport->release() calls vsock_remove_bound() without che
On January 4, 2025 2:37 am, Luis Chamberlain wrote:
> On Wed, Dec 25, 2024 at 11:52:00PM +0100, Thomas Weißschuh wrote:
>> diff --git a/kernel/module/Kconfig b/kernel/module/Kconfig
>> index
>> 7b329057997ad2ec310133ca84617d9bfcdb7e9f..57d317a6fa444195d0806e6bd7a2af6e338a7f01
>> 100644
>> --- a/k
when we build tools/virtio, meet below error information.
cc -g -O2 -Werror -Wno-maybe-uninitialized -Wall -I. -I../include/
-I ../../usr/include/ -Wno-pointer-sign -fno-strict-overflow
-fno-strict-aliasing -fno-common -MMD
-U_FORTIFY_SOURCE -include ../../include/linux/kconfig.h
-mfunction-return
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig| 4 +
drivers/net/ovpn/Makefile
With this change an ovpn instance will be able to stay connected to
multiple remote endpoints.
This functionality is strictly required when running ovpn on an
OpenVPN server.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 67 +-
drivers/net/ovpn/ovpnstruct
Userspace may want to pass the MSG_NOSIGNAL flag to
tcp_sendmsg() in order to avoid generating a SIGPIPE.
To pass this flag down the TCP stack a new skb sending API
accepting a flags argument is introduced.
Cc: Eric Dumazet
Cc: Paolo Abeni
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
Check whether PTRACE_SET_SYSCALL_INFO semantics implemented in the
kernel matches userspace expectations.
Signed-off-by: Dmitry V. Levin
---
tools/testing/selftests/ptrace/Makefile | 2 +-
.../selftests/ptrace/set_syscall_info.c | 441 ++
2 files changed, 442 insert
Similar to syscall_set_arguments() that complements
syscall_get_arguments(), introduce syscall_set_nr()
that complements syscall_get_nr().
syscall_set_nr() is going to be needed along with
syscall_set_arguments() on all HAVE_ARCH_TRACEHOOK
architectures to implement PTRACE_SET_SYSCALL_INFO API.
S
On 1/13/25 2:32 AM, Nikunj A. Dadhania wrote:
>
>
> On 11/15/2024 5:11 AM, Pratik R. Sampat wrote:
>> Extend the SEV library to include support for SNP ioctl() wrappers,
>> which aid in launching and interacting with a SEV-SNP guest.
>>
>> Signed-off-by: Pratik R. Sampat
>> ---
>> .../selfte
On 1/13/25 2:18 AM, Nikunj A. Dadhania wrote:
>
>
> On 11/15/2024 5:11 AM, Pratik R. Sampat wrote:
>> In preparation for SNP, declutter the vm type check by introducing a
>> SEV-SNP VM type check as well a transitive set of helper functions.
>>
>> The SNP VM type is the subset of SEV-ES. Simil
On Mon, Jan 13, 2025 at 02:04:46PM -0800, Jakub Kicinski wrote:
> On Mon, 13 Jan 2025 09:30:20 -0800 Joe Damato wrote:
> > > > static void virtnet_napi_enable_lock(struct virtqueue *vq,
> > > > -struct napi_struct *napi)
> > > > +
On Mon, 13 Jan 2025 14:23:56 -0800 Joe Damato wrote:
> Please CC me on that series so I can take a look and I'll adjust the
> v2 of this series to avoid the locking once your series is merged.
Will do! I'll send the first chunk as soon as Comcast restores
the internet at my home :|
On 1/10/25 09:16, Mathieu Desnoyers wrote:
On 2025-01-10 05:22, Stafford Horne wrote:
Add support for OpenRISC in the rseq selftests. OpenRISC is 32-bit
only.
Tested this with:
Compiler: gcc version 14.2.0 (GCC)
Binutils: GNU assembler version 2.43.1 (or1k-smh-linux-gnu) using BFD
On 12/10/24 15:44, Raghavendra Rao Ananta wrote:
Currently the rseq constructor, rseq_init(), assumes that glibc always
has the support for rseq symbols (__rseq_size for instance). However,
glibc supports rseq from version 2.35 onwards. As a result, for the
systems that run glibc less than 2.35,
On 1/10/25 09:22, Mathieu Desnoyers wrote:
On 2025-01-02 23:03, Stafford Horne wrote:
When working on OpenRISC support for restartable sequences I noticed
and fixed these two issues with the riscv support bits.
1 The 'inc' argument to RSEQ_ASM_OP_R_DEREF_ADDV was being implicitly
passed t
From: Jakub Kicinski
[ Upstream commit e95274dfe86490ec2a5633035c24b2de6722841f ]
After previous change rshift >= 32 is no longer allowed.
Modify the test to use 31, the test doesn't seem to send
any traffic so the exact value shouldn't matter.
Reviewed-by: Eric Dumazet
Link: https://patch.msg
From: Lizhi Xu
[ Upstream commit eb09fbeb48709fe66c0d708aed81e910a577a30a ]
syzkaller reported a corrupted list in ieee802154_if_remove. [1]
Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4
hardware device from the system.
CPU0CPU1
From: Jakub Kicinski
[ Upstream commit e95274dfe86490ec2a5633035c24b2de6722841f ]
After previous change rshift >= 32 is no longer allowed.
Modify the test to use 31, the test doesn't seem to send
any traffic so the exact value shouldn't matter.
Reviewed-by: Eric Dumazet
Link: https://patch.msg
From: Lizhi Xu
[ Upstream commit eb09fbeb48709fe66c0d708aed81e910a577a30a ]
syzkaller reported a corrupted list in ieee802154_if_remove. [1]
Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4
hardware device from the system.
CPU0CPU1
From: Jakub Kicinski
[ Upstream commit e95274dfe86490ec2a5633035c24b2de6722841f ]
After previous change rshift >= 32 is no longer allowed.
Modify the test to use 31, the test doesn't seem to send
any traffic so the exact value shouldn't matter.
Reviewed-by: Eric Dumazet
Link: https://patch.msg
From: Lizhi Xu
[ Upstream commit eb09fbeb48709fe66c0d708aed81e910a577a30a ]
syzkaller reported a corrupted list in ieee802154_if_remove. [1]
Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4
hardware device from the system.
CPU0CPU1
From: Lizhi Xu
[ Upstream commit eb09fbeb48709fe66c0d708aed81e910a577a30a ]
syzkaller reported a corrupted list in ieee802154_if_remove. [1]
Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4
hardware device from the system.
CPU0CPU1
From: Lizhi Xu
[ Upstream commit eb09fbeb48709fe66c0d708aed81e910a577a30a ]
syzkaller reported a corrupted list in ieee802154_if_remove. [1]
Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4
hardware device from the system.
CPU0CPU1
On 1/13/25 16:01, Stefano Garzarella wrote:
> On Mon, Jan 13, 2025 at 02:51:58PM +0100, Michal Luczaj wrote:
>> On 1/13/25 12:05, Stefano Garzarella wrote:
>>> ...
>>> An alternative approach, which would perhaps allow us to avoid all this,
>>> is to re-insert the socket in the unbound list after c
Notable changes since v17:
* fixed netdevice_tracker pointer assignment in netlink post_doit
(triggered by kernel test robot on m86k)
* renamed nla_get_uint() to ovpn_nla_get_uint() in ovpn-cli.c to avoid
clashes with libnl-3.11.0
FTR, here are the notable changes since v16:
* fixed usage of n
An ovpn interface configured in MP mode will keep carrier always
on and let the user decide when to bring it administratively up and
down.
This way a MP node (i.e. a server) will keep its interface always
up and running, even when no peer is connected.
Signed-off-by: Antonio Quartulli
---
drive
An ovpn_peer object holds the whole status of a remote peer
(regardless whether it is a server or a client).
This includes status for crypto, tx/rx buffers, napi, etc.
Only support for one peer is introduced (P2P mode).
Multi peer support is introduced with a later patch.
Along with the ovpn_pee
This specific structure is used in the ovpn kernel module
to wrap and carry around a standard kernel socket.
ovpn takes ownership of passed sockets and therefore an ovpn
specific objects is attached to them for status tracking
purposes.
Initially only UDP support is introduced. TCP will come in a
Implement support for basic ethtool functionality.
Note that ovpn is a virtual device driver, therefore
various ethtool APIs are just not meaningful and thus
not implemented.
Signed-off-by: Antonio Quartulli
Reviewed-by: Andrew Lunn
---
drivers/net/ovpn/main.c | 15 +++
1 file chan
In case of UDP links, the local endpoint used to communicate with a
given peer may change without a connection restart.
Add support for learning the new address in case of change.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 45 +
dr
From: Paolo Abeni
mptcp_cleanup_rbuf() is responsible to send acks when the user-space
reads enough data to update the receive windows significantly.
It tries hard to avoid acquiring the subflow sockets locks by checking
conditions similar to the ones implemented at the TCP level.
To avoid too
From: Paolo Abeni
The disconnect test-case generates spurious errors:
INFO: disconnect
INFO: extra options: -I 3 -i /tmp/tmp.r43niviyoI
01 ns1 MPTCP -> ns1 (10.0.1.1:1 ) MPTCP (duration 140ms) [FAIL]
file received by server does not match (in, out):
Unexpected revents: POLLERR
From: Paolo Abeni
The wake-up condition currently implemented by mptcp_epollin_ready()
is wrong, as it could mark the MPTCP socket as readable even when
no data are present and the system is under memory pressure.
Explicitly check for some data being available in the receive queue.
Fixes: 5684a
ect.c | 43 +--
3 files changed, 43 insertions(+), 15 deletions(-)
---
base-commit: 76201b5979768500bca362871db66d77cb4c225e
change-id: 20250113-net-mptcp-connect-st-flakes-4af6389808de
Best regards,
--
Matthieu Baerts (NGI0)
On 13/01/25 6:45 pm, Thomas Weißschuh wrote:
When mapping a larger chunk than physical memory is available with
PROT_WRITE and overcommit is disabled, the mapping will fail.
This will prevent the test from running on systems with less then ~1GiB
of memory and triggering an inscrutinable test f
On 1/10/25 20:16, Luis Chamberlain wrote:
> On Thu, Jan 09, 2025 at 11:52:27AM +0100, Arnout Engelen wrote:
>> On Fri, 3 Jan 2025 17:37:52 -0800, Luis Chamberlain wrote:
>>> What distro which is using module signatures would switch
>>> to this as an alternative instead?
>>
>> In NixOS, we disable M
This commit introduces basic netlink support with family
registration/unregistration functionalities and stub pre/post-doit.
More importantly it introduces the YAML uAPI description along
with its auto-generated files:
- include/uapi/linux/ovpn.h
- drivers/net/ovpn/netlink-gen.c
- drivers/net/ovpn
Add basic infrastructure for handling ovpn interfaces.
Tested-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/rt_link.yaml | 16 +
drivers/net/ovpn/Makefile| 1 +
drivers/net/ovpn/io.c| 22 ++
drivers/net/ovpn/io
OpenVPN is a userspace software existing since around 2005 that allows
users to create secure tunnels.
So far OpenVPN has implemented all operations in userspace, which
implies several back and forth between kernel and user land in order to
process packets (encapsulate/decapsulate, encrypt/decrypt
On 1/13/25 10:07, Stefano Garzarella wrote:
> On Mon, 13 Jan 2025 at 09:57, Stefano Garzarella wrote:
>> On Sun, Jan 12, 2025 at 11:42:30PM +0100, Michal Luczaj wrote:
>
> [...]
>
>>>
>>> So, if I get this right:
>>> 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)
>>> 2. tra
On 1/8/25 10:04, Sebastian Andrzej Siewior wrote:
> This is an updated version of the initial post after PeterZ made me
> aware that there are users outside of the module directory.
> The goal is replace the mix auf rcu_read_lock(), rcu_read_lock_sched()
> and preempt_disable() with just rcu_read_l
On Mon, Jan 13, 2025 at 11:12:52AM +0100, Michal Luczaj wrote:
On 1/13/25 10:07, Stefano Garzarella wrote:
On Mon, 13 Jan 2025 at 09:57, Stefano Garzarella wrote:
On Sun, Jan 12, 2025 at 11:42:30PM +0100, Michal Luczaj wrote:
[...]
So, if I get this right:
1. vsock_create() (refcnt=1) cal
On 2025-01-13 12:09:27 [+0100], Petr Pavlu wrote:
> Thanks for this cleanup. I've queued the fix in patch #1 on
> modules-fixes. For the rest, I plan to give folks more time to look at
> the changes as this affects a number of subsystems. If there are no
> other concerns, I'd then add the series on
For each accessed chunk a PTE is created.
More than 1GiB of PTEs is used in this way.
Remove each PTE after validating a chunk to reduce peak memory usage.
It is important to only unmap memory that previously mmap()ed,
as unmapping other mappings like the stack, heap or executable mappings
will cr
The selftest started failing since commit e93d2521b27f
("x86/vdso: Split virtual clock pages into dedicated mapping")
was merged. While debugging I stumbled upon some memory usage
optimizations.
With these test now runs on a VM with only 60MiB of memory.
Signed-off-by: Thomas Weißschuh
---
Chang
The virtual_address_range selftest reads from the start of each mapping
listed in /proc/self/maps.
However not all mappings are valid to be arbitrarily accessed.
For example the vvar data used for virtual clocks on x86 [vvar_vclock]
can only be accessed if 1) the kernel configuration enables virtu
Upcoming changes want to reuse the /proc/self/smaps parsing logic to
parse the VmFlags field.
As that works differently from the currently parsed HugePage counters,
split up the logic so common functionality can be shared.
While reworking this code, also use the correct sscanf placeholder for
the
When mapping a larger chunk than physical memory is available with
PROT_WRITE and overcommit is disabled, the mapping will fail.
This will prevent the test from running on systems with less then ~1GiB
of memory and triggering an inscrutinable test failure.
As the mappings are never written to anywa
A peer connected via UDP may change its IP address without reconnecting
(float).
Add support for detecting and updating the new peer IP/port in case of
floating.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 4 +
drivers/net/ovpn/peer.c | 243 +
In a multi-peer scenario there are a number of situations when a
specific peer needs to be looked up.
We may want to lookup a peer by:
1. its ID
2. its VPN destination IP
3. its transport IP/port couple
For each of the above, there is a specific routing table referencing all
peers for fast look u
OpenVPN supports configuring a periodic keepalive packet.
message to allow the remote endpoint detect link failures.
This change implements the keepalive sending and timer expiring logic.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 77 +
drivers/net/ovp
On 13.01.25 10:09, Thomas Weißschuh wrote:
On Fri, Jan 10, 2025 at 04:41:03PM +0100, David Hildenbrand wrote:
On 10.01.25 14:05, Thomas Weißschuh wrote:
The virtual_address_range selftest reads from the start of each mapping
listed in /proc/self/maps.
However not all mappings are valid to be ar
This change introduces the netlink command needed to add, delete and
retrieve/dump known peers. Userspace is expected to use these commands
to handle known peer lifecycles.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 630 -
driver
This change introduces the netlink commands needed to add, get, delete
and swap keys for a specific peer.
Userspace is expected to use these commands to create, inspect (non
sensitive data only), destroy and rotate session keys for a specific
peer.
Signed-off-by: Antonio Quartulli
---
drivers/n
On 1/13/25 12:05, Stefano Garzarella wrote:
> On Mon, Jan 13, 2025 at 11:12:52AM +0100, Michal Luczaj wrote:
>> On 1/13/25 10:07, Stefano Garzarella wrote:
>>> On Mon, 13 Jan 2025 at 09:57, Stefano Garzarella
>>> wrote:
On Sun, Jan 12, 2025 at 11:42:30PM +0100, Michal Luczaj wrote:
>>>
>>> [
The ovpn-cli tool can be compiled and used as selftest for the ovpn
kernel module.
[NOTE: it depends on libmedtls for decoding base64-encoded keys]
ovpn-cli implements the netlink and RTNL APIs and can thus be integrated
in any script for more automated testing.
Along with the tool, 4 scripts ar
Whenever a peer is deleted, send a notification to userspace so that it
can react accordingly.
This is most important when a peer is deleted due to ping timeout,
because it all happens in kernelspace and thus userspace has no direct
way to learn about it.
Signed-off-by: Antonio Quartulli
---
dr
IV wrap-around is cryptographically dangerous for a number of ciphers,
therefore kill the key and inform userspace (via netlink) should the
IV space go exhausted.
Userspace has two ways of deciding when the key has to be renewed before
exhausting the IV space:
1) time based approach:
after X se
Jakub Kicinski writes:
> On Fri, 10 Jan 2025 15:35:23 +0100 Alessandro Zanni wrote:
>> On Fri, Jan 10, 2025 at 04:09:07AM +, Hangbin Liu wrote:
>> > On Fri, Jan 10, 2025 at 01:07:44AM +0100, Alessandro Zanni wrote:
>> > > Running "make kselftest TARGETS=net/forwarding" results in several
when we build tools/virtio, meet below error information.
cc -g -O2 -Werror -Wno-maybe-uninitialized -Wall
-I. -I../include/ -I ../../usr/include/
-Wno-pointer-sign -fno-strict-overflow
-fno-strict-aliasing -fno-common -MMD
-U_FORTIFY_SOURCE -include ../../include/linux/kconfig.h
-mfunction-return
Uninitialized variable: have_outer_privilege.
Fix it.
Signed-off-by: liuye
---
tools/testing/selftests/capabilities/test_execve.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/capabilities/test_execve.c
b/tools/testing/selftests/capabilities
On 2025-01-13 01:35:20, Michael Christie wrote:
>
> On 1/10/25 9:34 PM, Haoran Zhang wrote:
> > Since commit 3f8ca2e115e55 ("vhost scsi: alloc cmds per vq instead of
> > session"), a bug can be triggered when the host sends a duplicate
> > VHOST_SCSI_SET_ENDPOINT ioctl command.
>
> I don't thi
Fix the following warning.
tools/testing/selftests/net/ipsec.c:230:25: warning: Possible null pointer
dereference: payload [nullPointer]
memcpy(RTA_DATA(attr), payload, size);
^
tools/testing/selftests/net/ipsec.c:1618:54: note: Calling function
'rta
On Mon, Jan 13, 2025 at 12:05:51PM +0800, Jason Wang wrote:
> On Sat, Jan 11, 2025 at 4:26 AM Joe Damato wrote:
> >
> > Use netif_queue_set_napi to map NAPIs to queue IDs so that the mapping
> > can be accessed by user apps.
> >
> > $ ethtool -i ens4 | grep driver
> > driver: virtio_net
> >
> > $
On Thu, Oct 17, 2024 at 09:34:25PM +, Stanislav Kinsburskii wrote:
> The new option controls tests run on boot or module load. With the new
> debugfs "run" dentry allowing to run tests on demand, an ability to disable
> automatic tests run becomes a useful option in case of intrusive tests.
>
From: Lizhi Xu
[ Upstream commit eb09fbeb48709fe66c0d708aed81e910a577a30a ]
syzkaller reported a corrupted list in ieee802154_if_remove. [1]
Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4
hardware device from the system.
CPU0CPU1
On Fri, Jan 10, 2025 at 07:32:24PM -0800, Nicolin Chen wrote:
> Now, iommufd has its own iommufd_sw_msi using iommufd_hwpt, the iommufd
> owned domain's private pointer. Similarly, iova_cookie can be seen as a
> dma-iommu owned domain's private pointer. So, move iova_cookie into the
> union.
This
98 matches
Mail list logo
