From: Dmitry Safonov <0x7f454...@gmail.com>
There are related TCP-MD5 <=> TCP and TCP-MD5 <=> TCP-AO tests
that can benefit from checking the related counters, not only from
validating operations timeouts.
It also prepares the code for introduction of mixed select()+poll mode,
see the follow-up p
From: Dmitry Safonov <0x7f454...@gmail.com>
Rename __test_tcp_ao_counters_cmp() into test_assert_counters_ao() and
test_tcp_ao_key_counters_cmp() into test_assert_counters_key() as they
are asserts, rather than just compare functions.
Provide test_cmp_counters() helper, that's going to be used to
From: Dmitry Safonov <0x7f454...@gmail.com>
It's always TEST_TIMEOUT_SEC, with an unjustified exception in rst test,
that is more paranoia-long timeout rather than based on requirements.
Signed-off-by: Dmitry Safonov <0x7f454...@gmail.com>
---
tools/testing/selftests/net/tcp_ao/connect.c
From: Dmitry Safonov <0x7f454...@gmail.com>
As both client and server print the same test name on failure or pass,
add "[server]" so that it's more obvious from a log which side printed
"ok" or "not ok".
Signed-off-by: Dmitry Safonov <0x7f454...@gmail.com>
---
tools/testing/selftests/net/tcp_ao/
From: Dmitry Safonov <0x7f454...@gmail.com>
Currently, tcp_ao tests have two timeouts: TEST_RETRANSMIT_SEC and
TEST_TIMEOUT_SEC [by default 1 and 5 seconds]. The first one,
TEST_RETRANSMIT_SEC is used for operations that are expected to succeed
in order for a test to pass. It is usually not consum
On Mon, Mar 10, 2025 at 6:42 PM Tom Lendacky wrote:
>
> On 3/10/25 05:26, Borislav Petkov wrote:
> > On Thu, Dec 19, 2024 at 11:44:00AM +, Ajay Kaher wrote:
> >> For VMware hypervisor, SEV-SNP enabled VM's could boot without UEFI.
> >> In this case, mpparse_find_mptable() has to be called to p
On 12.03.2025 11:31:12, Matias Ezequiel Vara Larsen wrote:
> On Thu, Feb 01, 2024 at 07:57:45PM +0100, Harald Mommer wrote:
> > Hello,
> >
> > I thought there would be some more comments coming and I could address
> > everything in one chunk. Not the case, besides your comments silence.
> >
> > O
Currenyly the implementation of "Guard" methods are basically wrappers
around rcu's function within kernel. Building the kernel with llvm
18.1.8 on x86_64 machine will generate the following symbols:
$ nm vmlinux | grep ' _R'.*Guard | rustfilt
817b6c90 T ::new
817b6cb0 T ::unlock
f
On 3/12/2025 9:11 AM, Jason Wang wrote:
On Tue, Mar 11, 2025 at 9:18 PM Zhongqiu Han wrote:
Syzkaller reports a data-race when accessing the event_triggered field of
vring_virtqueue in virtqueue_disable_cb / virtqueue_enable_cb_delayed.
Here is the simplified stack when the issue occurred:
==
Add a node for the GT9897 touchscreen found on this smartphone connected
via SPI.
Reviewed-by: Konrad Dybcio
Signed-off-by: Luca Weiss
---
Changes in v2:
- Use interrupts-extended for irq (Konrad)
- Pick up tags
- Link to v1:
https://lore.kernel.org/r/20250311-fp5-touchscreen-v1-1-4d80ad3e4...@
On Wed, Mar 12, 2025 at 02:36:05PM +0100, Marc Kleine-Budde wrote:
> On 12.03.2025 14:28:10, Matias Ezequiel Vara Larsen wrote:
> > On Wed, Mar 12, 2025 at 11:41:26AM +0100, Marc Kleine-Budde wrote:
> > > On 12.03.2025 11:31:12, Matias Ezequiel Vara Larsen wrote:
> > > > On Thu, Feb 01, 2024 at 07:
On 2/22/25 23:46, Suren Baghdasaryan wrote:
> On Fri, Feb 14, 2025 at 8:27 AM Vlastimil Babka wrote:
>>
>> Specifying a non-zero value for a new struct kmem_cache_args field
>> sheaf_capacity will setup a caching layer of percpu arrays called
>> sheaves of given capacity for the created cache.
>>
On Tue, Mar 11, 2025 at 04:56:47PM +, Nikita Kalyazin wrote:
>
>
> On 10/03/2025 19:57, Peter Xu wrote:
> > On Mon, Mar 10, 2025 at 06:12:22PM +, Nikita Kalyazin wrote:
> > >
> > >
> > > On 05/03/2025 20:29, Peter Xu wrote:
> > > > On Wed, Mar 05, 2025 at 11:35:27AM -0800, James Houghto
On 3/6/25 17:57, Luis Chamberlain wrote:
> + linux-mm since we're adding TAINT_BAD_PAGE
>
> On Thu, Mar 06, 2025 at 11:36:55AM +0100, Petr Pavlu wrote:
>> In the unlikely case that setting ro_after_init data to read-only fails, it
>> is too late to cancel loading of the module. The loader then iss
On Wed, Mar 12, 2025 at 7:58 AM Vlastimil Babka wrote:
>
> On 2/22/25 23:46, Suren Baghdasaryan wrote:
> > On Fri, Feb 14, 2025 at 8:27 AM Vlastimil Babka wrote:
> >>
> >> Specifying a non-zero value for a new struct kmem_cache_args field
> >> sheaf_capacity will setup a caching layer of percpu a
On Tue, Mar 11, 2025 at 07:50:44PM +0200, Julian Anastasov wrote:
>
> Hello,
>
> On Mon, 10 Mar 2025, Dan Carpenter wrote:
>
> > The get->num_services variable is an unsigned int which is controlled by
> > the user. The struct_size() function ensures that the size calculation
> > does not
syzbot reports a data-race when accessing the event_triggered, here is the
simplified stack when the issue occurred:
==
BUG: KCSAN: data-race in virtqueue_disable_cb / virtqueue_enable_cb_delayed
write to 0x8881025bc452 of 1 byte
On 2/24/25 09:04, Harry Yoo wrote:
>> +static void barn_shrink(struct kmem_cache *s, struct node_barn *barn)
>> +{
>> +struct list_head empty_list;
>> +struct list_head full_list;
>> +struct slab_sheaf *sheaf, *sheaf2;
>> +unsigned long flags;
>> +
>> +INIT_LIST_HEAD(&empty_list
Add a node for the "Type-C USB 3.1 Gen 1 and DisplayPort v1.2 combo
redriver" found on this device.
Reviewed-by: Konrad Dybcio
Signed-off-by: Luca Weiss
---
arch/arm64/boot/dts/qcom/qcm6490-fairphone-fp5.dts | 35 +-
1 file changed, 34 insertions(+), 1 deletion(-)
diff --gi
Add a node for the OCP96011 on the board which is used to handle USB-C
analog audio switch and handles the SBU mux for DisplayPort-over-USB-C.
Reviewed-by: Konrad Dybcio
Signed-off-by: Luca Weiss
---
arch/arm64/boot/dts/qcom/qcm6490-fairphone-fp5.dts | 14 +-
1 file changed, 13 inse
This series adds all the necessary bits to enable DisplayPort-out over
USB-C on Fairphone 5.
There's currently a dt validation error with this, not quite sure how to
resolve this:
arch/arm64/boot/dts/qcom/qcm6490-fairphone-fp5.dtb: typec-mux@42:
port:endpoint: Unevaluated properties are not al
On 2/24/25 09:40, Harry Yoo wrote:
>> +static bool kfree_rcu_sheaf(void *obj)
>> +{
>> +struct kmem_cache *s;
>> +struct folio *folio;
>> +struct slab *slab;
>> +
>> +folio = virt_to_folio(obj);
>> +if (unlikely(!folio_test_slab(folio)))
>> +return false;
>
> Does v
Hi Shuah,
On Thu, 13 Mar 2025 at 05:14, Shuah Khan wrote:
>
> David, Brendan, Rae,
>
> I am seeing the following error when I run
>
> ./tools/testing/kunit/kunit.py run --arch x86_64
>
> ERROR:root:ld:arch/x86/realmode/rm/realmode.lds:236: undefined symbol
> `sev_es_trampoline_start' referenced
Hi Petr,
On Wed, Mar 12, 2025 at 5:05 AM Petr Pavlu wrote:
>
> On 3/7/25 01:12, Sami Tolvanen wrote:
> > On Thu, Mar 06, 2025 at 06:28:58PM +0100, Christophe Leroy wrote:
> >> Le 06/03/2025 à 14:13, Petr Pavlu a écrit :
> >>> Section .static_call_sites holds data structures that need to be sorted
With this change an ovpn instance will be able to stay connected to
multiple remote endpoints.
This functionality is strictly required when running ovpn on an
OpenVPN server.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 64 +--
drivers/net/ovpn/ovpnpriv.h | 1
On Tue, Mar 11, 2025 at 09:49:56PM +0100, Miguel Ojeda wrote:
> On Tue, Mar 11, 2025 at 9:44 PM Tamir Duberstein wrote:
> >
> > By the way, it would be great if the email also included the rustc version
> > used.
>
> Yeah, I think I may have mentioned it at some point... For the moment,
Sorry a
From: Dmitry Safonov <0x7f454...@gmail.com>
Before:
># 13145[lib/ftrace-tcp.c:427] trace event filter tcp_ao_key_not_found
>[2001:db8:1::1:-1 => 2001:db8:254::1:7010, L3index 0, flags: !FS!R!P!., keyid:
>100, rnext: 100, maclen: -1, sne: -1] = 1
After:
># 13487[lib/ftrace-tcp.c:427] trace event
On Wed, Mar 12, 2025 at 01:05:07PM +0100, Luca Weiss wrote:
> This series adds all the necessary bits to enable DisplayPort-out over
> USB-C on Fairphone 5.
>
> There's currently a dt validation error with this, not quite sure how to
> resolve this:
>
> arch/arm64/boot/dts/qcom/qcm6490-fairphon
On Wed, Mar 12, 2025 at 04:45:24PM +0100, Vlastimil Babka wrote:
> On 3/6/25 17:57, Luis Chamberlain wrote:
> > + linux-mm since we're adding TAINT_BAD_PAGE
> >
> > On Thu, Mar 06, 2025 at 11:36:55AM +0100, Petr Pavlu wrote:
> >> In the unlikely case that setting ro_after_init data to read-only fa
…
> This patch will fix it.
Will an imperative wording be more desirable for such a change description?
https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.14-rc6#n94
Regards,
Markus
On Wed, Mar 12, 2025 at 09:30:28AM -0700, Kees Cook wrote:
> On Wed, Mar 12, 2025 at 04:45:24PM +0100, Vlastimil Babka wrote:
> > On 3/6/25 17:57, Luis Chamberlain wrote:
> > > + linux-mm since we're adding TAINT_BAD_PAGE
> > >
> > > On Thu, Mar 06, 2025 at 11:36:55AM +0100, Petr Pavlu wrote:
> >
On Wed, Mar 12, 2025 at 05:07:25PM +, Nikita Kalyazin wrote:
> However if MISSING is not registered, the kernel will auto-populate with a
> clear page, ie there is no way to inject custom content from userspace. To
> explain my use case a bit more, the population thread will be trying to copy
On 12.03.2025 14:28:10, Matias Ezequiel Vara Larsen wrote:
> On Wed, Mar 12, 2025 at 11:41:26AM +0100, Marc Kleine-Budde wrote:
> > On 12.03.2025 11:31:12, Matias Ezequiel Vara Larsen wrote:
> > > On Thu, Feb 01, 2024 at 07:57:45PM +0100, Harald Mommer wrote:
> > > > Hello,
> > > >
> > > > I thoug
On Wed, Mar 12, 2025 at 11:41:26AM +0100, Marc Kleine-Budde wrote:
> On 12.03.2025 11:31:12, Matias Ezequiel Vara Larsen wrote:
> > On Thu, Feb 01, 2024 at 07:57:45PM +0100, Harald Mommer wrote:
> > > Hello,
> > >
> > > I thought there would be some more comments coming and I could address
> > > e
On Wed Mar 12, 2025 at 11:17 AM CET, I Hsin Cheng wrote:
> Currenyly the implementation of "Guard" methods are basically wrappers
> around rcu's function within kernel. Building the kernel with llvm
> 18.1.8 on x86_64 machine will generate the following symbols:
>
> $ nm vmlinux | grep ' _R'.*Guard
On 3/7/25 01:12, Sami Tolvanen wrote:
> On Thu, Mar 06, 2025 at 06:28:58PM +0100, Christophe Leroy wrote:
>> Le 06/03/2025 à 14:13, Petr Pavlu a écrit :
>>> Section .static_call_sites holds data structures that need to be sorted and
>>> processed only at module load time. This initial processing ha
I Hsin Cheng writes:
> Currenyly the implementation of "Guard" methods are basically wrappers
"Currenyly" -> "Currently".
> around rcu's function within kernel. Building the kernel with llvm
> 18.1.8 on x86_64 machine will generate the following symbols:
>
> $ nm vmlinux | grep ' _R'.*Guard | r
Hi,
On Fri, 7 Mar 2025, Song Liu wrote:
> This is largely based on [1] by Suraj Jitindar Singh.
>
> Test coverage:
>
> - Passed manual tests with samples/livepatch.
> - Passed all but test-kprobe.sh in selftests/livepatch.
> test-kprobe.sh is expected to fail, because arm64 doesn't have
> K
On 12/03/2025 15:45, Peter Xu wrote:
On Tue, Mar 11, 2025 at 04:56:47PM +, Nikita Kalyazin wrote:
On 10/03/2025 19:57, Peter Xu wrote:
On Mon, Mar 10, 2025 at 06:12:22PM +, Nikita Kalyazin wrote:
On 05/03/2025 20:29, Peter Xu wrote:
On Wed, Mar 05, 2025 at 11:35:27AM -0800, Jam
On 2/23/25 04:54, Suren Baghdasaryan wrote:
> On Fri, Feb 14, 2025 at 8:27 AM Vlastimil Babka wrote:
>>
>> Add functions for efficient guaranteed allocations e.g. in a critical
>> section that cannot sleep, when the exact number of allocations is not
>> known beforehand, but an upper limit can be
On 11/03/25 2:16 pm, Saket Kumar Bhaskar wrote:
The SO_RCVLOWAT option is defined as 18 in the selftest header,
which matches the generic definition. However, on powerpc,
SO_RCVLOWAT is defined as 16. This discrepancy causes
sol_socket_sockopt() to fail with the default switch case on powerpc.
On 2/25/25 09:00, Harry Yoo wrote:
> On Fri, Feb 14, 2025 at 05:27:42PM +0100, Vlastimil Babka wrote:
>> Add functions for efficient guaranteed allocations e.g. in a critical
>> section that cannot sleep, when the exact number of allocations is not
>> known beforehand, but an upper limit can be cal
Hello,
On Thu, Feb 01, 2024 at 07:57:45PM +0100, Harald Mommer wrote:
> Hello,
>
> I thought there would be some more comments coming and I could address
> everything in one chunk. Not the case, besides your comments silence.
>
> On 08.01.24 20:34, Christophe JAILLET wrote:
> >
> > Hi,
> > a fe
Add basic infrastructure for handling ovpn interfaces.
Tested-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/rt_link.yaml | 16 +
drivers/net/ovpn/Makefile| 1 +
drivers/net/ovpn/io.c| 22 ++
drivers/net/ovpn/io
This commit introduces basic netlink support with family
registration/unregistration functionalities and stub pre/post-doit.
More importantly it introduces the YAML uAPI description along
with its auto-generated files:
- include/uapi/linux/ovpn.h
- drivers/net/ovpn/netlink-gen.c
- drivers/net/ovpn
OpenVPN is a userspace software existing since around 2005 that allows
users to create secure tunnels.
So far OpenVPN has implemented all operations in userspace, which
implies several back and forth between kernel and user land in order to
process packets (encapsulate/decapsulate, encrypt/decrypt
Notable changes since v22:
* ensure local endpoint is copied only if one is specified (compile
error)
Notable changes since v21:
* accessed crypto_slot->primary_idx via READ/WRITE_ONCE
* made ovpn_aead_init() static
* converted link tx/rx packet counters from u32 to to uint
* ensured all u32 NL
This specific structure is used in the ovpn kernel module
to wrap and carry around a standard kernel socket.
ovpn takes ownership of passed sockets and therefore an ovpn
specific objects is attached to them for status tracking
purposes.
Initially only UDP support is introduced. TCP will come in a
An ovpn interface configured in MP mode will keep carrier always
on and let the user decide when to bring it administratively up and
down.
This way a MP node (i.e. a server) will keep its interface always
up and running, even when no peer is connected.
Signed-off-by: Antonio Quartulli
---
drive
Packets received over the socket are forwarded to the user device.
Implementation is UDP only. TCP will be added by a later patch.
Note: no decryption/decapsulation exists yet, packets are forwarded as
they arrive without much processing.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/i
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig| 4 +
drivers/net/ovpn/Makefile
An ovpn_peer object holds the whole status of a remote peer
(regardless whether it is a server or a client).
This includes status for crypto, tx/rx buffers, napi, etc.
Only support for one peer is introduced (P2P mode).
Multi peer support is introduced with a later patch.
Along with the ovpn_pee
When sending an skb over a socket using skb_send_sock_locked(),
it is currently not possible to specify any flag to be set in
msghdr->msg_flags.
However, we may want to pass flags the user may have specified,
like MSG_NOSIGNAL.
Extend __skb_send_sock() with a new argument 'flags' and add a
new in
Userspace may want to pass the MSG_NOSIGNAL flag to
tcp_sendmsg() in order to avoid generating a SIGPIPE.
To pass this flag down the TCP stack a new skb sending API
accepting a flags argument is introduced.
Cc: Eric Dumazet
Cc: Paolo Abeni
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
This change introduces the netlink command needed to add, delete and
retrieve/dump known peers. Userspace is expected to use these commands
to handle known peer lifecycles.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 677 -
driver
In case of UDP links, the local or remote endpoint used to communicate
with a given peer may change without a connection restart.
Add support for learning the new address in case of change.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 8 ++
drivers/net/ovpn/peer.c | 213
Whenever a peer is deleted, send a notification to userspace so that it
can react accordingly.
This is most important when a peer is deleted due to ping timeout,
because it all happens in kernelspace and thus userspace has no direct
way to learn about it.
Signed-off-by: Antonio Quartulli
---
dr
Packets sent over the ovpn interface are processed and transmitted to the
connected peer, if any.
Implementation is UDP only. TCP will be added by a later patch.
Note: no crypto/encapsulation exists yet. Packets are just captured and
sent.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconf
Implement support for basic ethtool functionality.
Note that ovpn is a virtual device driver, therefore
various ethtool APIs are just not meaningful and thus
not implemented.
Signed-off-by: Antonio Quartulli
Reviewed-by: Andrew Lunn
---
drivers/net/ovpn/main.c | 15 +++
1 file chan
The ovpn-cli tool can be compiled and used as selftest for the ovpn
kernel module.
[NOTE: it depends on libmedtls for decoding base64-encoded keys]
ovpn-cli implements the netlink and RTNL APIs and can thus be integrated
in any script for more automated testing.
Along with the tool, a bunch of s
Byte/packet counters for in-tunnel and transport streams
are now initialized and updated as needed.
To be exported via netlink.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 12 +++-
drivers/net/ovpn/peer.c | 2 ++
drivers/net/ovpn
IV wrap-around is cryptographically dangerous for a number of ciphers,
therefore kill the key and inform userspace (via netlink) should the
IV space go exhausted.
Userspace has two ways of deciding when the key has to be renewed before
exhausting the IV space:
1) time based approach:
after X se
OpenVPN supports configuring a periodic keepalive packet.
message to allow the remote endpoint detect link failures.
This change implements the keepalive sending and timer expiring logic.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 74
drivers/net/ovpn/i
This change introduces the netlink commands needed to add, get, delete
and swap keys for a specific peer.
Userspace is expected to use these commands to create, inspect (non
sensitive data only), destroy and rotate session keys for a specific
peer.
Signed-off-by: Antonio Quartulli
---
drivers/n
On 2/25/25 09:54, Harry Yoo wrote:
> On Fri, Feb 14, 2025 at 05:27:43PM +0100, Vlastimil Babka wrote:
>> The possibility of many barn operations is determined by the current
>> number of full or empty sheaves. Taking the barn->lock just to find out
>> that e.g. there are no empty sheaves results in
From: Dmitry Safonov <0x7f454...@gmail.com>
Unused: it's always either the default timeout or asynchronous
connect().
Signed-off-by: Dmitry Safonov <0x7f454...@gmail.com>
---
tools/testing/selftests/net/tcp_ao/lib/aolib.h| 8
tools/testing/selftests/net/tcp_ao/lib/sock.c | 19 +
On 2/23/25 00:08, Suren Baghdasaryan wrote:
> On Fri, Feb 14, 2025 at 8:27 AM Vlastimil Babka wrote:
>>
>> Extend the sheaf infrastructure for more efficient kfree_rcu() handling.
>> For caches with sheaves, on each cpu maintain a rcu_free sheaf in
>> addition to main and spare sheaves.
>>
>> kfre
On Wed, Mar 12, 2025 at 06:17:23PM +0800, I Hsin Cheng wrote:
> Currenyly the implementation of "Guard" methods are basically wrappers
> around rcu's function within kernel. Building the kernel with llvm
> 18.1.8 on x86_64 machine will generate the following symbols:
>
> $ nm vmlinux | grep ' _R'.
On Wed, Mar 12, 2025 at 9:36 PM Marc Kleine-Budde wrote:
>
> On 12.03.2025 14:28:10, Matias Ezequiel Vara Larsen wrote:
> > On Wed, Mar 12, 2025 at 11:41:26AM +0100, Marc Kleine-Budde wrote:
> > > On 12.03.2025 11:31:12, Matias Ezequiel Vara Larsen wrote:
> > > > On Thu, Feb 01, 2024 at 07:57:45PM
With this change ovpn is allowed to communicate to peers also via TCP.
Parsing of incoming messages is implemented through the strparser API.
Note that ovpn redefines sk_prot and sk_socket->ops for the TCP socket
used to communicate with the peer.
For this reason it needs to access inet6_stream_op
David, Brendan, Rae,
I am seeing the following error when I run
./tools/testing/kunit/kunit.py run --arch x86_64
ERROR:root:ld:arch/x86/realmode/rm/realmode.lds:236: undefined symbol
`sev_es_trampoline_start' referenced in expression
I isolated it to dependency on CONFIG_AMD_MEM_ENCRYPT
I ad
Hi Antonio,
kernel test robot noticed the following build warnings:
[auto build test WARNING on 40587f749df216889163dd6e02d88ad53e759e66]
url:
https://github.com/intel-lab-lkp/linux/commits/Antonio-Quartulli/net-introduce-OpenVPN-Data-Channel-Offload-ovpn/20250311-202334
base: 40587f749df2
ng/kunit/kunit.py run --arch x86_64
>
> I tried something different checking out a fresh
> linux_next repo and running ./tools/testing/kunit/kunit.py run --arch x86_64
>
> No errors on
>
> ./tools/testing/kunit/kunit.py run --arch x86_64
>
> I will try this again and
73 matches
Mail list logo
