The kernel has recently added support for shadow stacks, currently
x86 only using their CET feature but both arm64 and RISC-V have
equivalent features (GCS and Zicfiss respectively), I am actively
working on GCS[1]. With shadow stacks the hardware maintains an
additional stack containing only the
There are a number of architectures with shadow stack features which we are
presenting to userspace with as consistent an API as we can (though there
are some architecture specifics). Especially given that there are some
important considerations for userspace code interacting directly with the
feat
While almost all users of shadow stacks should be relying on the dynamic
linker and libc to enable the feature there are several low level test
programs where it is useful to enable without any libc support, allowing
testing without full system enablement. This low level testing is helpful
during b
Since multiple architectures have support for shadow stacks and we need to
select support for this feature in several places in the generic code
provide a generic config option that the architectures can select.
Suggested-by: David Hildenbrand
Acked-by: David Hildenbrand
Reviewed-by: Deepak Gupt
Unlike with the normal stack there is no API for configuring the the shadow
stack for a new thread, instead the kernel will dynamically allocate a new
shadow stack with the same size as the normal stack. This appears to be due
to the shadow stack series having been in development since before the m
Since there were widespread issues with output not being flushed the
kselftest framework was modified to explicitly set the output streams
unbuffered in commit 58e2847ad2e6 ("selftests: line buffer test
program's stdout") so there is no need to explicitly flush in the clone3
tests.
Signed-off-by:
In order to make it easier to add more configuration for the tests and
more support for runtime detection of when tests can be run pass the
structure describing the tests into test_clone3() rather than picking
the arguments out of it and have that function do all the per-test work.
No functional c
In order to improve diagnostics and allow tests to explicitly look for
signals check to see if the child exited due to a signal and if it did
print the code and return it as a positive value, distinct from the
negative errnos currently returned.
Signed-off-by: Mark Brown
---
tools/testing/selfte
The clone_args structure is extensible, with the syscall passing in the
length of the structure. Inside the kernel we use copy_struct_from_user()
to read the struct but this has the unfortunate side effect of silently
accepting some overrun in the structure size providing the extra data is
all zero
Add basic test coverage for specifying the shadow stack for a newly
created thread via clone3(), including coverage of the newly extended
argument structure. We check that a user specified shadow stack can be
provided, and that invalid combinations of parameters are rejected.
In order to facilita
Guard close() with extra link_fd[i] >= 0 and fexit_fd[i] >= 0
check to prevent close(-1).
Signed-off-by: Ma Ke
---
tools/testing/selftests/bpf/prog_tests/fexit_stress.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/testing/selftests/bpf/prog_tests/fexit_stress.c
On Fri, Jun 21, 2024 at 06:03:30PM -0700, Andrew Morton wrote:
> On Fri, 21 Jun 2024 14:12:22 -0400 Audra Mitchell wrote:
>
> > Currently if we request a feature that is not set in the Kernel
> > config we fail silently and return all the available features. However,
> > the man page indicates we
On Wed, Jun 19, 2024 at 01:35:18PM +0200, Clément Léger wrote:
> The Zc* standard extension for code reduction introduces new extensions.
> This patch adds support for Zca, Zcf, Zcd and Zcb. Zce, Zcmt and Zcmp
> are left out of this patch since they are targeting microcontrollers/
> embedded CPUs i
Jakub Kicinski writes:
> On Thu, 20 Jun 2024 08:55:54 -0400 Aaron Conole wrote:
>> This series enhances the ovs-dpctl utility to provide support for set()
>> and tunnel() flow specifiers, better ipv6 handling support, and the
>> ability to add tunnel vports, and LWT interfaces. Finally, it modif
On 6/21/24 19:48, Mina Almasry wrote:
On Mon, Jun 17, 2024 at 7:17 AM Pavel Begunkov wrote:
...
static inline unsigned long netmem_to_pfn(netmem_ref netmem)
{
+ if (netmem_is_net_iov(netmem))
+ return 0;
IIRC 0 is a valid pfn. Not much of a concern since it's
used only
On 6/21/24 21:31, Mina Almasry wrote:
On Mon, Jun 17, 2024 at 9:36 AM Pavel Begunkov wrote:
On 6/13/24 02:35, Mina Almasry wrote:
The pages awaiting freeing are stored in the newly added
sk->sk_user_frags, and each page passed to userspace is get_page()'d.
This reference is dropped once the
On 2024/6/21 3:36 AM, Alexandre Belloni wrote:
On 23/05/2024 18:38:06-0700, Joseph Jang wrote:
In alarm_wkalm_set and alarm_wkalm_set_minute test, they use different
ioctl (RTC_ALM_SET/RTC_WKALM_SET) for alarm feature detection. They will
skip testing if RTC_ALM_SET/RTC_WKALM_SET ioctl return
On 2024/6/21 3:36 AM, Alexandre Belloni wrote:
> On 23/05/2024 18:38:06-0700, Joseph Jang wrote:
>> In alarm_wkalm_set and alarm_wkalm_set_minute test, they use different
>> ioctl (RTC_ALM_SET/RTC_WKALM_SET) for alarm feature detection. They will
>> skip testing if RTC_ALM_SET/RTC_WKALM_SET ioctl
On 2024/6/21 2:48, Jiaqi Yan wrote:
> Logs from soft_offline_page and soft_offline_in_use_page have
> different formats than majority of the memory failure code:
>
> "Memory failure: 0x${pfn}: ${lower_case_message}"
>
> Convert them to the following format:
>
> "Soft offline: 0x${pfn}: ${low
On 2024/6/22 04:20, Charlie Jenkins wrote:
On Fri, Jun 21, 2024 at 02:29:07PM +0800, Quan Zhou wrote:
On 2024/6/20 10:55, Charlie Jenkins wrote:
On Wed, Jun 19, 2024 at 10:01:47AM +0800, zhouq...@iscas.ac.cn wrote:
From: Quan Zhou
This test creates two processes: a tracer and a tracee. The
On 2024/6/21 2:48, Jiaqi Yan wrote:
> Correctable memory errors are very common on servers with large
...
>
> /*
> @@ -2749,8 +2760,9 @@ static int soft_offline_in_use_page(struct page *page)
> * @pfn: pfn to soft-offline
> * @flags: flags. Same as memory_failure().
> *
> - * Returns 0 on
Barry Song <21cn...@gmail.com> writes:
> On Fri, Jun 21, 2024 at 9:24 PM Huang, Ying wrote:
>>
>> Barry Song <21cn...@gmail.com> writes:
>>
>> > On Fri, Jun 21, 2024 at 7:25 PM Ryan Roberts wrote:
>> >>
>> >> On 20/06/2024 12:34, David Hildenbrand wrote:
>> >> > On 20.06.24 11:04, Ryan Roberts w
On Mon, Jun 24, 2024 at 3:44 PM Huang, Ying wrote:
>
> Barry Song <21cn...@gmail.com> writes:
>
> > On Fri, Jun 21, 2024 at 9:24 PM Huang, Ying wrote:
> >>
> >> Barry Song <21cn...@gmail.com> writes:
> >>
> >> > On Fri, Jun 21, 2024 at 7:25 PM Ryan Roberts
> >> > wrote:
> >> >>
> >> >> On 20/06
From: Geliang Tang
Some callers expect __start_server() helper to pass their own "backlog"
value to listen() instead of the default of 1. So this patch adds struct
member "backlog" for network_helper_opts to allow callers to set "backlog"
value via start_server_str() helper.
Signed-off-by: Gelia
From: Geliang Tang
v4:
- a new patch to use make_sockaddr in sockmap_ktls.
- a new patch to close fd in error path in drop_on_reuseport.
- drop make_server() in patch 7.
- drop make_client() too in patch 9.
v3:
- a new patch to add backlog for network_helper_opts.
- use start_server_str in
From: Geliang Tang
Include network_helpers.h in prog_tests/sockmap_ktls.c, use public network
helper start_server_str() instead of local defined function tcp_server().
This can avoid duplicate code.
Technically, this is not a one-for-one replacement, as start_server_str()
also does bind(). But t
From: Geliang Tang
Use public network helper connect_to_fd() instead of open-coding it in
prog_tests/sockmap_ktls.c. This can avoid duplicate code.
Acked-by: Eduard Zingerman
Signed-off-by: Geliang Tang
---
.../selftests/bpf/prog_tests/sockmap_ktls.c| 14 ++
1 file changed
From: Geliang Tang
This patch uses public helper make_sockaddr() exported in network_helpers.h
instead of open-coding in sockmap_ktls.c. This can avoid duplicate code.
Signed-off-by: Geliang Tang
---
.../selftests/bpf/prog_tests/sockmap_ktls.c | 16 ++--
1 file changed, 2 inse
From: Geliang Tang
Server 1 fd should be closed in the error path when update_lookup_map()
fails. This patch fixes it by goto "close_srv1" instead of "detach"
lable in that case.
Signed-off-by: Geliang Tang
---
tools/testing/selftests/bpf/prog_tests/sk_lookup.c | 2 +-
1 file changed, 1 insert
From: Geliang Tang
In order to facilitate subsequent commits to drop make_server(), this patch
invokes attach_reuseport() out of make_server(), right after invoking
make_server() if the passed "reuseport_prog" argument is not NULL.
Signed-off-by: Geliang Tang
---
.../selftests/bpf/prog_tests/s
From: Geliang Tang
This patch uses public helper connect_to_fd() exported in network_helpers.h
instead of using make_socket() and connect() in prog_tests/sk_lookup.c.
This can simplify the code.
Signed-off-by: Geliang Tang
---
.../testing/selftests/bpf/prog_tests/sk_lookup.c | 16 ++---
From: Geliang Tang
Use public network helpers make_sockaddr() and connect_to_addr() instead
of using make_socket() + connect() or make_client().
Now local defined functions inetaddr_len(), make_socket() and make_client()
all can be dropped.
Signed-off-by: Geliang Tang
---
.../selftests/bpf/pr
From: Geliang Tang
This patch uses public helper start_server_addr() instead of local
defined function make_server() in prog_tests/sk_lookup.c to avoid
duplicate code.
Add a helper setsockopts() to set SOL_CUSTOM sockopt looply, set
it to setsockopt pointer of struct network_helper_opts, and pas
It seems that there is no definition for config IP_GRE, and it is not a
dependency of other configs, so remove it.
linux$ find -name Kconfig | xargs grep "IP_GRE"
<-- nothing
There is a IPV6_GRE config defined in net/ipv6/Kconfig. It only depends
on NET_IPGRE_DEMUX but not IP_GRE.
Fixes: 04fe7c5
34 matches
Mail list logo
