On 2025-04-25 13:59:56, Jiayuan Chen wrote:
> Cong reported a warning when running ./test_sockmp:
> https://lore.kernel.org/bpf/aAmIi0vlycHtbXeb@pop-os.localdomain/T/#t
>
> [ cut here ]
> WARNING: CPU: 1 PID: 40 at net/ipv4/af_inet.c inet_sock_destruct+0x173/0x1d5
> Tainted
Clean up two build warnings:
[1]:
iou-zcrx.c: In function ‘process_recvzc’:
iou-zcrx.c:263:37: warning: too many arguments for
format [-Wformat-extra-args]
263 | error(1, 0, "payload mismatch at ", i);
| ^~
[2]:
iou-zcrx.c: In
On Mon, Apr 14, 2025 at 02:30:54PM -0400, Frank Li wrote:
Marc Zyngier:
Do you have additional comments for this version?
Frank Li
> ┌┐ ┌───┐ ┌┐
> ││ │ │ ││
The test_memcg_protection() function is used for the test_memcg_min and
test_memcg_low sub-tests. This function generates a set of parent/child
cgroups like:
parent: memory.min/low = 50M
child 0: memory.min/low = 75M, memory.current = 50M
child 1: memory.min/low = 25M, memory.current = 50
The test_memcontrol selftest consistently fails its test_memcg_low
sub-test due to the fact that its 3rd test child cgroup which
have a memmory.low of 0 have low event count. This happens when
memory_recursiveprot mount option is enabled which is the default
setting used by systemd to mount cgroup2
v8:
- Ignore the low event count of child 2 with memory_recursiveprot on
in patch 1 as originally suggested by Michal.
v7:
- Skip the vmscan change as the mem_cgroup_usage() check for now as
it is currently redundant.
v6:
- The memcg_test_low failure is indeed due to the memory_recursive
On Thu, 1 May 2025 at 10:17, Luis Gerhorst wrote:
>
> Insert a nospec before the access to prevent it from ever using an index
> that is subject to speculative scalar-confusion.
>
> The access itself can either happen directly in the BPF program (reads
> only, check_stack_read_var_off()) or in a h
On 5/1/25 10:44 AM, Tanmay Shah wrote:
Hi Mathieu,
I tested this patchset on top of recent for-next branch. I don't see
issue on AMD-xlnx ZynqMP platform. With this:
Tested-by: Tanmay Shah
Hi Mathieu,
Looks like I said it too soon. Firmware loading works with this series,
but RPMsg d
On Thu, 1 May 2025 at 10:00, Luis Gerhorst wrote:
>
> This implements the core of the series and causes the verifier to fall
> back to mitigating Spectre v1 using speculation barriers. The approach
> was presented at LPC'24 [1] and RAID'24 [2].
>
> If we find any forbidden behavior on a speculativ
On Thu, 1 May 2025 at 10:02, Luis Gerhorst wrote:
>
> This is made to clarify that this flag will cause a nospec to be added
> after this insn and can therefore be relied upon to reduce speculative
> path analysis.
>
> Signed-off-by: Luis Gerhorst
> Cc: Henriette Herzog
> Cc: Maximilian Ott
> C
On Thu, 1 May 2025 at 09:51, Luis Gerhorst wrote:
>
> JITs can set bpf_jit_bypass_spec_v1/v4() if they want the verifier to
> skip analysis/patching for the respective vulnerability. For v4, this
> will reduce the number of barriers the verifier inserts. For v1, it
> allows more programs to be acc
On Tue, Apr 29, 2025 at 10:25 AM Jann Horn wrote:
>
> On Tue, Apr 29, 2025 at 7:15 PM Suren Baghdasaryan wrote:
> > On Tue, Apr 29, 2025 at 8:56 AM Jann Horn wrote:
> > > On Wed, Apr 23, 2025 at 12:54 AM Andrii Nakryiko
> > > wrote:
> > > > On Fri, Apr 18, 2025 at 10:50 AM Suren Baghdasaryan
On Thu, 1 May 2025 at 09:48, Luis Gerhorst wrote:
>
> This prevents us from trying to recover from these on speculative paths
> in the future.
>
> Signed-off-by: Luis Gerhorst
> Reviewed-by: Eduard Zingerman
> Acked-by: Henriette Herzog
> Cc: Maximilian Ott
> Cc: Milan Stephan
> ---
Acked-by
On Thu, 1 May 2025 at 09:48, Luis Gerhorst wrote:
>
> Mark these cases as non-recoverable to later prevent them from being
> caught when they occur during speculative path verification.
>
> Eduard writes [1]:
>
> The only pace I'm aware of that might act upon specific error code
> from verifie
On Thu, 1 May 2025 at 09:43, Luis Gerhorst wrote:
>
> This is required to catch the errors later and fall back to a nospec if
> on a speculative path.
>
> Eliminate the regs variable as it is only used once and insn_idx is not
> modified in-between the definition and usage.
>
> Still pass insn sim
Le Wed, Apr 30, 2025 at 02:20:31AM +, Joel Fernandes a écrit :
>
>
> > On Apr 29, 2025, at 9:44 AM, Frederic Weisbecker
> > wrote:
>
> Hi Frederic,
> These all look good to me. Do you wish for
> these to go into the upcoming merge window or
> can I push them to a for-Neeraj branch as he
>
On Thu, May 1, 2025 at 7:28 AM Lorenz Bauer wrote:
>
> User space needs access to kernel BTF for many modern features of BPF.
> Right now each process needs to read the BTF blob either in pieces or
> as a whole. Allow mmaping the sysfs file so that processes can directly
> access the memory alloca
On Thu, May 01, 2025, Peter Zijlstra wrote:
> On Thu, May 01, 2025 at 01:42:35PM +0200, Peter Zijlstra wrote:
> > On Wed, Oct 16, 2024 at 07:14:34PM -0700, John Hubbard wrote:
> > > Peter Zijlstra's "NAK NAK NAK" response [1] last year was the most
> > > colorful, so I'll helpfully cite it here. :)
On Thu, 2025-05-01 at 09:35 +0200, Luis Gerhorst wrote:
> This is required to catch the errors later and fall back to a nospec if
> on a speculative path.
>
> Eliminate the regs variable as it is only used once and insn_idx is not
> modified in-between the definition and usage.
>
> Still pass ins
On Thu, 2025-05-01 at 09:35 +0200, Luis Gerhorst wrote:
> Currently, __xlated_unpriv and __jited_unpriv do not work because the
> BPF syscall will overwrite info.jited_prog_len and info.xlated_prog_len
> with 0 if the process is not bpf_capable(). This bug was not noticed
> before, because there is
On Thu, 1 May 2025 at 09:39, Luis Gerhorst wrote:
>
> Currently, __xlated_unpriv and __jited_unpriv do not work because the
> BPF syscall will overwrite info.jited_prog_len and info.xlated_prog_len
> with 0 if the process is not bpf_capable(). This bug was not noticed
> before, because there is no
We use the refactored uffd_global_test_opts instead of global variables
for uffd-wp-mremap tests.
Signed-off-by: Ujwal Kundur
---
tools/testing/selftests/mm/uffd-wp-mremap.c | 23 +
1 file changed, 14 insertions(+), 9 deletions(-)
diff --git a/tools/testing/selftests/mm/uffd
We use the refactored uffd_global_test_opts instead of global variables
for uffd-unit-tests.
Signed-off-by: Ujwal Kundur
---
tools/testing/selftests/mm/uffd-unit-tests.c | 523 ++-
1 file changed, 269 insertions(+), 254 deletions(-)
diff --git a/tools/testing/selftests/mm/uffd-u
We use the refactored uffd_global_test_opts struct instead of global
variables for uffd-stress tests.
Signed-off-by: Ujwal Kundur
---
tools/testing/selftests/mm/uffd-stress.c | 226 ---
1 file changed, 122 insertions(+), 104 deletions(-)
diff --git a/tools/testing/selftests/
This patch deals with the common uffd routines, refactoring macros and
non-composite global variable definitions into a struct that is defined
at the start of a test and is passed around instead of relying on global
vars.
Signed-off-by: Ujwal Kundur
---
tools/testing/selftests/mm/uffd-common.c |
This patchset refactors non-composite global variables into a common
struct that can be initialized and passed around per-test instead of
relying on the presence of global variables.
This allows:
- Better encapsulation
- Debugging becomes easier -- local variable state can be viewed per
stack fr
> 3 files changed, 104 insertions(+), 3 deletions(-)
> ---
> base-commit: 38d976c32d85ef12dcd2b8a231196f7049548477
> change-id: 20250501-vmlinux-mmap-2ec5563c3ef1
>
> Best regards,
> --
> Lorenz Bauer
Hi Mathieu,
I tested this patchset on top of recent for-next branch. I don't see
issue on AMD-xlnx ZynqMP platform. With this:
Tested-by: Tanmay Shah
On 4/24/25 9:14 AM, Mathieu Poirier wrote:
Arnaud, Daniel, Iuliana, Andrew and Tanmay - please test this patchset
on the platforms you are wo
Hello,
syzbot found the following issue on:
HEAD commit:bc3372351d0c Merge tag 'for-6.15-rc3-tag' of git://git.ker..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12d6457458
kernel config: https://syzkaller.appspot.com/x/.config?x=fca45111586bf9a6
das
tools/testing/selftests/bpf/prog_tests/btf_sysfs.c | 79 ++
3 files changed, 104 insertions(+), 3 deletions(-)
---
base-commit: 38d976c32d85ef12dcd2b8a231196f7049548477
change-id: 20250501-vmlinux-mmap-2ec5563c3ef1
Best regards,
--
Lorenz Bauer
Add a basic test for the ability to mmap /sys/kernel/btf/vmlinux. Since
libbpf doesn't have an API to parse BTF from memory we do some basic
sanity checks ourselves.
Signed-off-by: Lorenz Bauer
---
tools/testing/selftests/bpf/prog_tests/btf_sysfs.c | 79 ++
1 file changed, 79
User space needs access to kernel BTF for many modern features of BPF.
Right now each process needs to read the BTF blob either in pieces or
as a whole. Allow mmaping the sysfs file so that processes can directly
access the memory allocated for it in the kernel.
Signed-off-by: Lorenz Bauer
---
i
Kuniyuki Iwashima wrote:
> From: "Jiayuan Chen"
> Date: Thu, 01 May 2025 06:22:17 +
> > 2025/5/1 12:42, "Kuniyuki Iwashima" wrote:
> >
> > >
> > > From: Jiayuan Chen
> > >
> > > Date: Thu, 1 May 2025 11:51:08 +0800
> > >
> > > >
> > > > For some services we are using "established-over-u
Hi Srini,
Srinivas Kandagatla schreef op 1 mei 2025 13:37:45 CEST:
>On Fri, Apr 25, 2025 at 10:07:26AM +0200, Luca Weiss wrote:
>> Sound machine drivers for Qualcomm SoCs can be reused across multiple
>> SoCs. But user space ALSA UCM files depend on the card driver name which
>> should be set per
On Wed, Apr 30, 2025 at 07:04:28PM -0700, Jon Kohler wrote:
> In handle_tx_copy, TX batching processes packets below ~PAGE_SIZE and
> batches up to 64 messages before calling sock->sendmsg.
>
> Currently, when there are no more messages on the ring to dequeue,
> handle_tx_copy re-enables kicks on
On Wed, Apr 30, 2025 at 1:46 PM Atish Patra wrote:
>
> This series improves the following tests.
> 1. Get-reg-list : Adds vector support
> 2. SBI PMU test : Distinguish between different types of illegal exception
>
> The first patch is just helper patch that adds stval support during
> exception
On Thu, May 01, 2025 at 01:42:35PM +0200, Peter Zijlstra wrote:
> On Wed, Oct 16, 2024 at 07:14:34PM -0700, John Hubbard wrote:
> > On 10/16/24 3:06 PM, Lorenzo Stoakes wrote:
> > > On Wed, Oct 16, 2024 at 02:00:27PM -0600, Shuah Khan wrote:
> > > > On 10/16/24 04:20, Lorenzo Stoakes wrote:
> > ...
On Sun, 27 Apr 2025, Krzysztof Kozlowski wrote:
> On 26/04/2025 18:16, Alexey Gladkov wrote:
> > The name used in the macro does not exist.
> >
> > drivers/mfd/stmpe-spi.c:132:26: error: use of undeclared identifier
> > 'stmpe_id'
> > 132 | MODULE_DEVICE_TABLE(spi, stmpe_id);
> > |
On Sat, 26 Apr 2025 18:16:32 +0200, Alexey Gladkov wrote:
> The name used in the macro does not exist.
>
> drivers/mfd/stmpe-spi.c:132:26: error: use of undeclared identifier 'stmpe_id'
> 132 | MODULE_DEVICE_TABLE(spi, stmpe_id);
> | ^
> 1 error generated.
>
> [..
On Wed, Oct 16, 2024 at 07:14:34PM -0700, John Hubbard wrote:
> On 10/16/24 3:06 PM, Lorenzo Stoakes wrote:
> > On Wed, Oct 16, 2024 at 02:00:27PM -0600, Shuah Khan wrote:
> > > On 10/16/24 04:20, Lorenzo Stoakes wrote:
> ...
> > > > diff --git a/tools/testing/selftests/pidfd/pidfd.h
> > > > b/too
On Fri, Apr 25, 2025 at 10:07:26AM +0200, Luca Weiss wrote:
> Sound machine drivers for Qualcomm SoCs can be reused across multiple
> SoCs. But user space ALSA UCM files depend on the card driver name which
> should be set per board/SoC.
>
> Allow such customization by using driver match data as s
On 5/1/25 8:48 AM, Luca Weiss wrote:
> Add a node for q6usb which handles USB audio offloading, allowing to
> play audio via a USB-C headset with lower power consumption and enabling
> some other features.
>
> We also need to set num-hc-interrupters for the dwc3 for the q6usb to be
> able to use i
On Thu, May 1, 2025 at 9:55 AM Andreas Hindborg wrote:
>
> +pub mod parse_int {
> +
> +use crate::prelude::*;
Spurious newline.
> +use crate::str::BStr;
> +use core::ops::Deref;
> +/// # Examples
> +/// ```
Missing newline.
> +// integer. We choose u64
On 5/1/25 8:48 AM, Luca Weiss wrote:
> Enable USB audio offloading which allows to play audio via a USB-C
> headset with lower power consumption and enabling some other features.
>
> This can be used like the following:
>
> $ amixer -c0 cset name='USB_RX Audio Mixer MultiMedia1' On
> $ aplay
Insert a nospec before the access to prevent it from ever using an index
that is subject to speculative scalar-confusion.
The access itself can either happen directly in the BPF program (reads
only, check_stack_read_var_off()) or in a helper (read/write,
check_helper_mem_access()).
This relies on
ALU sanitization was introduced to ensure that a subsequent ptr access
can never go OOB, even under speculation. This is required because we
currently allow speculative scalar confusion. Spec. scalar confusion is
possible because Spectre v4 sanitization only adds a nospec after
critical stores (e.g
Change vsock's lingerning to wait on close() until all data is sent, i.e.
until workers picked all the packets for processing.
Changes in v4:
- While in virtio, stick to virtio_transport_unsent_bytes() [Stefano]
- Squash the indentation reduction [Stefano]
- Pull SOCK_LINGER check into vsock_linge
Lingering should be transport-independent in the long run. In preparation
for supporting other transports, as well the linger on shutdown(), move
code to core.
Generalize by querying vsock_transport::unsent_bytes(), guard against the
callback being unimplemented. Do not pass sk_lingertime explicit
Currently vsock's lingering effectively boils down to waiting (or timing
out) until packets are consumed or dropped by the peer; be it by receiving
the data, closing or shutting down the connection.
To align with the semantics described in the SO_LINGER section of man
socket(7) and to mimic AF_INE
There was an issue with SO_LINGER: instead of blocking until all queued
messages for the socket have been successfully sent (or the linger timeout
has been reached), close() would block until packets were handled by the
peer.
Add a check to alert on close() lingering when it should not.
Signed-of
This is based on the gadget from the description of commit 9183671af6db
("bpf: Fix leakage under speculation on mispredicted branches").
Signed-off-by: Luis Gerhorst
---
.../selftests/bpf/progs/verifier_unpriv.c | 57 +++
1 file changed, 57 insertions(+)
diff --git a/tools/t
This implements the core of the series and causes the verifier to fall
back to mitigating Spectre v1 using speculation barriers. The approach
was presented at LPC'24 [1] and RAID'24 [2].
If we find any forbidden behavior on a speculative path, we insert a
nospec (e.g., lfence speculation barrier o
On Thu, May 01, 2025 at 09:53:36AM +0200, Andreas Hindborg wrote:
> Extend the `module!` macro with support module parameters. Also add some
> string
> to integer parsing functions and updates `BStr` with a method to strip a
> string
> prefix.
>
> Based on code by Adam Bratschi-Kaye lifted from
This is made to clarify that this flag will cause a nospec to be added
after this insn and can therefore be relied upon to reduce speculative
path analysis.
Signed-off-by: Luis Gerhorst
Cc: Henriette Herzog
Cc: Maximilian Ott
Cc: Milan Stephan
---
include/linux/bpf_verifier.h | 2 +-
kernel/b
Add the trait `ParseInt` for parsing string representations of integers
where the string representations are optionally prefixed by a radix
specifier. Implement the trait for the primitive integer types.
Tested-by: Daniel Almeida
Reviewed-by: Daniel Almeida
Signed-off-by: Andreas Hindborg
---
Add support for module parameters to the `module!` macro. Implement read
only support for integer types without `sysfs` support.
Acked-by: Petr Pavlu # from modules perspective
Tested-by: Daniel Gomez
Signed-off-by: Andreas Hindborg
---
rust/kernel/lib.rs | 1 +
rust/kernel/module_
The module subsystem people agreed to maintain rust support for modules
[1]. Thus, add entries for relevant files to modules entry in MAINTAINERS.
Link:
https://lore.kernel.org/all/0d9e596a-5316-4e00-862b-fd77552ae...@suse.com/ [1]
Acked-by: Daniel Gomez
Signed-off-by: Andreas Hindborg
---
MAI
Extend the `module!` macro with support module parameters. Also add some string
to integer parsing functions and updates `BStr` with a method to strip a string
prefix.
Based on code by Adam Bratschi-Kaye lifted from the original `rust` branch [1].
Link:
https://github.com/Rust-for-Linux/linux/tr
This changes the semantics of BPF_NOSPEC (previously a v4-only barrier)
to always emit a speculation barrier that works against both Spectre v1
AND v4. If mitigation is not needed on an architecture, the backend
should set bpf_jit_bypass_spec_v4/v1().
As of now, this commit only has the user-visib
JITs can set bpf_jit_bypass_spec_v1/v4() if they want the verifier to
skip analysis/patching for the respective vulnerability. For v4, this
will reduce the number of barriers the verifier inserts. For v1, it
allows more programs to be accepted.
The primary motivation for this is to not regress unp
This prevents us from trying to recover from these on speculative paths
in the future.
Signed-off-by: Luis Gerhorst
Reviewed-by: Eduard Zingerman
Acked-by: Henriette Herzog
Cc: Maximilian Ott
Cc: Milan Stephan
---
kernel/bpf/verifier.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions
This improves the expressiveness of unprivileged BPF by inserting
speculation barriers instead of rejecting the programs.
The approach was previously presented at LPC'24 [1] and RAID'24 [2].
To mitigate the Spectre v1 (PHT) vulnerability, the kernel rejects
potentially-dangerous unprivileged BPF
Mark these cases as non-recoverable to later prevent them from being
caught when they occur during speculative path verification.
Eduard writes [1]:
The only pace I'm aware of that might act upon specific error code
from verifier syscall is libbpf. Looking through libbpf code, it seems
that
This is required to catch the errors later and fall back to a nospec if
on a speculative path.
Eliminate the regs variable as it is only used once and insn_idx is not
modified in-between the definition and usage.
Still pass insn simply to match the other check_*() functions. As Eduard
points out
Currently, __xlated_unpriv and __jited_unpriv do not work because the
BPF syscall will overwrite info.jited_prog_len and info.xlated_prog_len
with 0 if the process is not bpf_capable(). This bug was not noticed
before, because there is no test that actually uses
__xlated_unpriv/__jited_unpriv.
To
On Wed, Apr 30, 2025 at 11:54:49AM -0400, Matthew Rosato wrote:
>
> > 2)
> > Regressions on s390 with defconfig builds with gcc-13, gcc-8 and
> > clang-20 and clang-nightly toolchains on the stable-rc 6.1.136-rc1.
> >
> > * s390, build
> > - clang-20-defconfig
> > - clang-nightly-defconfig
>
From: "Jiayuan Chen"
Date: Thu, 01 May 2025 06:22:17 +
> 2025/5/1 12:42, "Kuniyuki Iwashima" wrote:
>
> >
> > From: Jiayuan Chen
> >
> > Date: Thu, 1 May 2025 11:51:08 +0800
> >
> > >
> > > For some services we are using "established-over-unconnected" model.
> > >
> > >
> > >
> > >
67 matches
Mail list logo
