On Mon, Oct 16, 2023 at 8:07 AM Greg KH wrote:
>
> On Mon, Oct 16, 2023 at 02:38:20PM +, jef...@chromium.org wrote:
> > +#ifdef CONFIG_MSEAL
> > + /*
> > + * bit masks for seal.
> > + * need this since vm_flags is full.
> > + */
> > + unsigned long vm_seals; /* s
On 10/17/2023 1:48 AM, Nicolin Chen wrote:
On Mon, Oct 16, 2023 at 04:16:05PM +0800, Liu, Jingqi wrote:
@@ -88,10 +90,19 @@ iommufd_hw_pagetable_alloc(struct iommufd_ctx *ictx, struct
iommufd_ioas *ioas,
refcount_inc(&ioas->obj.users);
hwpt->ioas = ioas;
- hwpt->doma
On Tue, Oct 17, 2023 at 7:53 AM Alexei Starovoitov
wrote:
>
> On Sun, Oct 15, 2023 at 10:10 AM Akihiko Odaki
> wrote:
> >
> > On 2023/10/16 1:07, Alexei Starovoitov wrote:
> > > On Sun, Oct 15, 2023 at 7:17 AM Akihiko Odaki
> > > wrote:
> > >>
> > >> diff --git a/include/uapi/linux/bpf.h b/inc
The opened file should be closed in main(), otherwise resource
leak will occur
Signed-off-by: zhujun2
---
tools/testing/selftests/efivarfs/create-read.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/testing/selftests/efivarfs/create-read.c
b/tools/testing/selftests/efivarfs/creat
when the argument type is 'unsigned int',printf '%u'
in format string
Signed-off-by: zhujun2
---
tools/testing/selftests/kselftest.h | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/tools/testing/selftests/kselftest.h
b/tools/testing/selftests/kselftest.h
index
On 2023/10/17 4:35, Marco Pagani wrote:
> Commit 2810c1e99867 ("kunit: Fix wild-memory-access bug in
> kunit_free_suite_set()") is causing all test suites to run (when
> built as modules) while still in MODULE_STATE_COMING. In that state,
> test modules are not fully initialized and lack sysfs k
On Mon, Oct 16, 2023 at 7:53 PM Alexei Starovoitov
wrote:
>
> On Sun, Oct 15, 2023 at 10:10 AM Akihiko Odaki
> wrote:
> >
> > On 2023/10/16 1:07, Alexei Starovoitov wrote:
> > > On Sun, Oct 15, 2023 at 7:17 AM Akihiko Odaki
> > > wrote:
> > >>
> > >> diff --git a/include/uapi/linux/bpf.h b/inc
On Sun, Oct 15, 2023 at 10:10 AM Akihiko Odaki wrote:
>
> On 2023/10/16 1:07, Alexei Starovoitov wrote:
> > On Sun, Oct 15, 2023 at 7:17 AM Akihiko Odaki
> > wrote:
> >>
> >> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> >> index 0448700890f7..298634556fab 100644
> >> --- a/
On Mon, Oct 16, 2023 at 11:50:34AM -0700, srinivas pandruvada wrote:
I'll respond to the rest tomorrow, it's far too late.
> > > Also, same question as to the amd folks; what serializes those
> > > static
> > > variables?
> >
> > That's a good one.
>
> This function which is checking static var
On Mon, Oct 16, 2023 at 01:21:20PM -0600, Shuah Khan wrote:
> On 10/6/23 03:55, Muhammad Usama Anjum wrote:
> > Kselftests are kernel tests and must be build with kernel headers from
> > same source version. The kernel headers are already being included
> > correctly in futex selftest Makefile with
Commit 2810c1e99867 ("kunit: Fix wild-memory-access bug in
kunit_free_suite_set()") is causing all test suites to run (when
built as modules) while still in MODULE_STATE_COMING. In that state,
test modules are not fully initialized and lack sysfs kobjects.
This behavior can cause a crash if the tes
On 10/6/23 03:55, Muhammad Usama Anjum wrote:
Kselftests are kernel tests and must be build with kernel headers from
same source version. The kernel headers are already being included
correctly in futex selftest Makefile with the help of KHDR_INCLUDE. In
this patch, only the dead code is being re
On 10/15/23 20:50, zhujun2 wrote:
printf %d in format string requires 'int' but the argument type is 'unsigned
int'
This line to long. Character limit is < 75/line.
How did you find this problem? Please add the details to
the commit log.
Signed-off-by: zhujun2
---
thanks,
-- Shuah
On 10/16/23 02:47, kirill.shute...@linux.intel.com wrote:
On Mon, Oct 16, 2023 at 02:24:46PM +0800, Binbin Wu wrote:
Zero out the buffer for readlink() since readlink() does not append a
terminating null byte to the buffer. Also change the buffer length
passed to readlink() to 'PATH_MAX - 1' to
On 10/12/23 03:32, Swapnil Sapkal wrote:
This series fixes issues observed with selftests/amd-pstate while
running performance comparison tests with different governors. First
patch changes relative paths with absolute paths and also change it
with correct paths wherever it is broken.
The second
David,
On Mon, Oct 16, 2023 at 08:01:10PM +0200, David Hildenbrand wrote:
> [...]
>
> > > > Actually, even though I have no solid clue, but I had a feeling that
> > > > there
> > > > can be some interesting way to leverage this across-mm movement, while
> > > > keeping things all safe (by e.g. e
On Mon, 2023-10-16 at 19:27 +0200, Wysocki, Rafael J wrote:
> On 10/16/2023 12:58 PM, Peter Zijlstra wrote:
> > On Mon, Oct 16, 2023 at 06:20:53AM +, Meng, Li (Jassmine)
> > wrote:
> > > > > +static void amd_pstate_init_prefcore(struct amd_cpudata
> > > > > *cpudata) {
> > > > > + int ret,
On Mon, Oct 16, 2023 at 08:59:07AM -0300, Jason Gunthorpe wrote:
> On Mon, Oct 16, 2023 at 03:03:04PM +0800, Yi Liu wrote:
> > Current nesting series actually extends HWPT_ALLOC ioctl to accept user
> > data for allocating domain with vendor specific data. Nested translation
> > happens to be the u
On Mon, Oct 16, 2023 at 08:54:07AM -0300, Jason Gunthorpe wrote:
> On Mon, Oct 16, 2023 at 11:28:15AM +0800, Yi Liu wrote:
> > On 2023/10/14 01:56, Nicolin Chen wrote:
> > > On Fri, Oct 13, 2023 at 11:04:56AM -0300, Jason Gunthorpe wrote:
> > > > On Fri, Oct 13, 2023 at 12:33:13PM +0800, Yi Liu wro
[...]
Actually, even though I have no solid clue, but I had a feeling that there
can be some interesting way to leverage this across-mm movement, while
keeping things all safe (by e.g. elaborately requiring other proc to create
uffd and deliver to this proc).
Okay, but no real use cases yet.
On Mon, Oct 16, 2023 at 04:16:05PM +0800, Liu, Jingqi wrote:
> @@ -88,10 +90,19 @@ iommufd_hw_pagetable_alloc(struct iommufd_ctx *ictx,
> struct iommufd_ioas *ioas,
>refcount_inc(&ioas->obj.users);
>hwpt->ioas = ioas;
>
> - hwpt->domain = iommu_domain_alloc(idev->dev->bus)
On Mon, Oct 16, 2023 at 09:04:54AM -0300, Jason Gunthorpe wrote:
> On Sun, Oct 15, 2023 at 12:14:01AM -0700, Nicolin Chen wrote:
> > On Thu, Sep 28, 2023 at 12:15:23AM -0700, Yi Liu wrote:
> >
> > > diff --git a/include/uapi/linux/iommufd.h b/include/uapi/linux/iommufd.h
> > > index b4ba0c0cbab6..
On Mon, Oct 16, 2023 at 4:38 PM wrote:
>
> From: Jeff Xu
>
> This patchset proposes a new mseal() syscall for the Linux kernel.
>
> Modern CPUs support memory permissions such as RW and NX bits. Linux has
> supported NX since the release of kernel version 2.6.8 in August 2004 [1].
> The memory pe
On 10/16/2023 12:58 PM, Peter Zijlstra wrote:
On Mon, Oct 16, 2023 at 06:20:53AM +, Meng, Li (Jassmine) wrote:
+static void amd_pstate_init_prefcore(struct amd_cpudata *cpudata) {
+ int ret, prio;
+ u32 highest_perf;
+ static u32 max_highest_perf = 0, min_highest_perf = U32_MAX;
On Mon, 16 Oct 2023 at 07:38, wrote:
>
> This patchset proposes a new mseal() syscall for the Linux kernel.
So I have no objections to adding some kind of "lock down memory
mappings" model, but this isn't it.
First off, the simple stuff: the commit messages are worthless. Having
check seal f
On Mon, Oct 16, 2023 at 02:38:19PM +, jef...@chromium.org wrote:
> Modern CPUs support memory permissions such as RW and NX bits. Linux has
> supported NX since the release of kernel version 2.6.8 in August 2004 [1].
This seems like a confusing way to introduce the subject. Here, you're
talki
On Mon, Oct 16, 2023 at 02:38:20PM +, jef...@chromium.org wrote:
> +#ifdef CONFIG_MSEAL
> + /*
> + * bit masks for seal.
> + * need this since vm_flags is full.
> + */
> + unsigned long vm_seals; /* seal flags, see mm.h. */
"unsigned long" and yet:
> diff --git
From: Jeff Xu
selftest for sealing mprotect/munmap/mremap/mmap
Signed-off-by: Jeff Xu
---
tools/testing/selftests/mm/Makefile |1 +
tools/testing/selftests/mm/mseal_test.c | 1428 +++
2 files changed, 1429 insertions(+)
create mode 100644 tools/testing/selftests/mm
From: Jeff Xu
can_modify_mm:
checks sealing flags for given memory range.
can_modify_vma:
checks sealing flags for given vma.
Signed-off-by: Jeff Xu
---
include/linux/mm.h | 34 ++
mm/mseal.c | 60 ++
2 files chang
From: Jeff Xu
check seal for mmap(2)
Signed-off-by: Jeff Xu
---
fs/aio.c | 5 +++--
include/linux/mm.h | 5 -
ipc/shm.c | 3 ++-
mm/internal.h | 4 ++--
mm/mmap.c | 13 +
mm/nommu.c | 6 --
mm/util.c | 8 +---
7 fi
From: Jeff Xu
check seal for mremap(2)
Signed-off-by: Jeff Xu
---
mm/mremap.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/mm/mremap.c b/mm/mremap.c
index e43f9ceaa29d..2288f9d0b126 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -836,7 +836,15 @@ static unsigned long mrem
From: Jeff Xu
check seal for munmap(2).
Signed-off-by: Jeff Xu
---
include/linux/mm.h | 2 +-
mm/mmap.c | 22 ++
mm/mremap.c| 5 +++--
3 files changed, 18 insertions(+), 11 deletions(-)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index aafdb6895
From: Jeff Xu
check sealing for mprotect(2).
Signed-off-by: Jeff Xu
---
mm/mprotect.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/mm/mprotect.c b/mm/mprotect.c
index 130db91d3a8c..5b67c66d55f7 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -753,6 +753,12 @@ static int do_mprot
From: Jeff Xu
Wire up mseal syscall for all architectures.
Signed-off-by: Jeff Xu
---
arch/alpha/kernel/syscalls/syscall.tbl | 1 +
arch/arm/tools/syscall.tbl | 1 +
arch/arm64/include/asm/unistd.h | 2 +-
arch/arm64/include/asm/unistd32.h | 2 ++
ar
From: Jeff Xu
mseal() prevents system calls from modifying the metadata of
virtual addresses.
Five syscalls can be sealed, as specified by bitmasks:
MM_SEAL_MPROTECT: Deny mprotect(2)/pkey_mprotect(2).
MM_SEAL_MUNMAP: Deny munmap(2).
MM_SEAL_MMAP: Deny mmap(2).
MM_SEAL_MREMAP: Deny mremap(2).
MM
From: Jeff Xu
This patchset proposes a new mseal() syscall for the Linux kernel.
Modern CPUs support memory permissions such as RW and NX bits. Linux has
supported NX since the release of kernel version 2.6.8 in August 2004 [1].
The memory permission feature improves security stance on memory
c
On Sun, Oct 15, 2023 at 12:46:48AM -0700, Nicolin Chen wrote:
> TEST_LENGTH passing ".size = sizeof(struct _struct) - 1" expects -EINVAL
> from "if (ucmd.user_size < op->min_size)" check in iommufd_fops_ioctl().
> This has been working when min_size is exactly the size of the structure.
>
> Howeve
Expand the sockopt test to use also check for io_uring {g,s}etsockopt
commands operations.
This patch starts by marking each test if they support io_uring support
or not.
Right now, io_uring cmd getsockopt() has a limitation of only
accepting level == SOL_SOCKET, otherwise it returns -EOPNOTSUPP.
Instead of defining basic io_uring functions in the test case, move them
to a common directory, so, other tests can use them.
This simplify the test code and reuse the common liburing
infrastructure. This is basically a copy of what we have in
io_uring_zerocopy_tx with some minor improvements to m
In preparation of the following fdb limit for dynamically learned entries,
allow fdb_create to detect that the entry was added by the user. This
way it can skip applying the limit in this case.
Reviewed-by: Ido Schimmel
Acked-by: Nikolay Aleksandrov
Signed-off-by: Johannes Nixdorf
---
net/brid
A malicious actor behind one bridge port may spam the kernel with packets
with a random source MAC address, each of which will create an FDB entry,
each of which is a dynamic allocation in the kernel.
There are roughly 2^48 different MAC addresses, further limited by the
rhashtable they are stored
Add a suite covering the fdb_n_learned and fdb_max_learned bridge
features, touching all special cases in accounting at least once.
Acked-by: Nikolay Aleksandrov
Signed-off-by: Johannes Nixdorf
---
tools/testing/selftests/net/forwarding/Makefile| 3 +-
.../net/forwarding/bridge_fdb_learni
Introduce a limit on the amount of learned FDB entries on a bridge,
configured by netlink with a build time default on bridge creation in
the kernel config.
For backwards compatibility the kernel config default is disabling the
limit (0).
Without any limit a malicious actor may OOM a kernel by sp
Set any new attributes added to br_policy to be parsed strictly, to
prevent userspace from passing garbage.
Signed-off-by: Johannes Nixdorf
---
net/bridge/br_netlink.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
index 0c3cf6e6dea2..5ad4
The previous patch added accounting and a limit for the number of
dynamically learned FDB entries per bridge. However it did not provide
means to actually configure those bounds or read back the count. This
patch does that.
Two new netlink attributes are added for the accounting and limit of
dynam
On 2023/10/16 21:52, Daniel Borkmann wrote:
On 10/16/23 2:43 PM, Akihiko Odaki wrote:
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Signed-off-by: Akihiko Od
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Signed-off-by: Akihiko Odaki
---
V3 -> V4: Added "2> /dev/null".
V2 -> V3: Added missing "echo".
V1 -> V2: Implem
On 10/16/23 2:43 PM, Akihiko Odaki wrote:
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Signed-off-by: Akihiko Odaki
---
V2 -> V3: Added missing "echo".
V1 -
On 2023/10/16 21:19, Daniel Borkmann wrote:
On 10/16/23 1:54 PM, Akihiko Odaki wrote:
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Signed-off-by: Akihiko Od
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Signed-off-by: Akihiko Odaki
---
V2 -> V3: Added missing "echo".
V1 -> V2: Implemented fallback, referring to HOS
On 10/16/23 1:54 PM, Akihiko Odaki wrote:
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Signed-off-by: Akihiko Odaki
---
V1 -> V2: Implemented fallback, refe
On Sun, Oct 15, 2023 at 12:14:01AM -0700, Nicolin Chen wrote:
> On Thu, Sep 28, 2023 at 12:15:23AM -0700, Yi Liu wrote:
>
> > diff --git a/include/uapi/linux/iommufd.h b/include/uapi/linux/iommufd.h
> > index b4ba0c0cbab6..4a7c5c8fdbb4 100644
> > --- a/include/uapi/linux/iommufd.h
> > +++ b/includ
On Mon, Oct 16, 2023 at 08:26:25AM +, Tian, Kevin wrote:
> > From: Jason Gunthorpe
> > Sent: Friday, October 13, 2023 10:06 PM
> >
> > On Fri, Oct 13, 2023 at 07:13:34AM +, Tian, Kevin wrote:
> > > > From: Jason Gunthorpe
> > > > Sent: Friday, October 13, 2023 3:10 AM
> > > >
> > > > Als
On Mon, Oct 16, 2023 at 03:03:04PM +0800, Yi Liu wrote:
> On 2023/10/14 08:51, Nicolin Chen wrote:
> > On Fri, Oct 13, 2023 at 09:07:09PM -0300, Jason Gunthorpe wrote:
> > > On Fri, Oct 13, 2023 at 01:58:59PM -0700, Nicolin Chen wrote:
> > > > On Fri, Oct 13, 2023 at 12:19:23PM -0300, Jason Gunthor
On Mon, Oct 16, 2023 at 08:48:03AM +, Tian, Kevin wrote:
> > From: Nicolin Chen
> > Sent: Saturday, October 14, 2023 8:45 AM
> >
> > On Tue, Sep 26, 2023 at 01:16:35AM -0700, Tian, Kevin wrote:
> > > > From: Liu, Yi L
> > > > Sent: Thursday, September 21, 2023 3:51 PM
> > > >
> > > > From: N
On 2023/10/16 20:39, Daniel Borkmann wrote:
On 10/15/23 3:39 PM, Akihiko Odaki wrote:
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Is this not covered via
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Signed-off-by: Akihiko Odaki
---
V1 -> V2: Implemented fallback, referring to HOSTPKG_CONFIG.
tools/testing/sel
On Mon, Oct 16, 2023 at 11:28:15AM +0800, Yi Liu wrote:
> On 2023/10/14 01:56, Nicolin Chen wrote:
> > On Fri, Oct 13, 2023 at 11:04:56AM -0300, Jason Gunthorpe wrote:
> > > On Fri, Oct 13, 2023 at 12:33:13PM +0800, Yi Liu wrote:
> > >
> > > > not really. Below the users of the struct iommu_user_d
On 10/15/23 3:39 PM, Akihiko Odaki wrote:
When linking statically, libraries may require other dependencies to be
included to ld flags. In particular, libelf may require libzstd. Use
pkg-config to determine such dependencies.
Is this not covered via -lz or is it that the name differs?
Anyway,
On Mon, Oct 16, 2023 at 06:20:53AM +, Meng, Li (Jassmine) wrote:
> > > +static void amd_pstate_init_prefcore(struct amd_cpudata *cpudata) {
> > > + int ret, prio;
> > > + u32 highest_perf;
> > > + static u32 max_highest_perf = 0, min_highest_perf = U32_MAX;
> >
> > What serializes t
> From: Nicolin Chen
> Sent: Saturday, October 14, 2023 8:45 AM
>
> On Tue, Sep 26, 2023 at 01:16:35AM -0700, Tian, Kevin wrote:
> > > From: Liu, Yi L
> > > Sent: Thursday, September 21, 2023 3:51 PM
> > >
> > > From: Nicolin Chen
> > >
> > > Now enforce_cache_coherency and msi_cookie are kerne
> From: Nicolin Chen
> Sent: Sunday, October 15, 2023 3:47 PM
>
> TEST_LENGTH passing ".size = sizeof(struct _struct) - 1" expects -EINVAL
> from "if (ucmd.user_size < op->min_size)" check in iommufd_fops_ioctl().
> This has been working when min_size is exactly the size of the structure.
>
> Ho
On Mon, Oct 16, 2023 at 02:24:46PM +0800, Binbin Wu wrote:
> Zero out the buffer for readlink() since readlink() does not append a
> terminating null byte to the buffer. Also change the buffer length
> passed to readlink() to 'PATH_MAX - 1' to ensure the resulting string
> is always null terminate
Hello:
This patch was applied to netdev/net-next.git (main)
by David S. Miller :
On Sun, 15 Oct 2023 23:30:39 -0700 you wrote:
> These variables are never referenced in the code, just remove them
>
> Signed-off-by: zhujun2
> ---
> tools/testing/selftests/net/af_unix/scm_pidfd.c | 1 -
> to
> From: Liu, Yi L
> Sent: Friday, October 13, 2023 8:40 PM
>
> >> + *
> >> + * This is used for nested translation based vIOMMU. e.g. guest IOVA and
> >> + * guest shared virtual address. In this case, the first-level page tables
> >> + * are used for GVA/GIOVA-GPA translation in the guest, the s
> From: Jason Gunthorpe
> Sent: Friday, October 13, 2023 10:06 PM
>
> On Fri, Oct 13, 2023 at 07:13:34AM +, Tian, Kevin wrote:
> > > From: Jason Gunthorpe
> > > Sent: Friday, October 13, 2023 3:10 AM
> > >
> > > Also, we probably should feed enforce_cache_coherency through the
> > > alloc_hw
On 2023/10/14 08:51, Nicolin Chen wrote:
On Fri, Oct 13, 2023 at 09:07:09PM -0300, Jason Gunthorpe wrote:
On Fri, Oct 13, 2023 at 01:58:59PM -0700, Nicolin Chen wrote:
On Fri, Oct 13, 2023 at 12:19:23PM -0300, Jason Gunthorpe wrote:
On Thu, Sep 21, 2023 at 12:51:31AM -0700, Yi Liu wrote:
IOMM
67 matches
Mail list logo
