aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/tools/testing
AgeCommit message (Collapse)AuthorFilesLines
2026-03-19selftests: drv-net: gro: test GRO statsJakub Kicinski3-2/+433
Test accuracy of GRO stats. We want to cover two potentially tricky cases: - single segment GRO - packets which were eligible but didn't get GRO'd The first case is trivial, teach gro.c to send one packet, and check GRO stats didn't move. Second case requires gro.c to send a lot of flows expecting the NIC to run out of GRO flow capacity. To avoid system traffic noise we steer the packets to a dedicated queue and operate on qstat. Link: https://patch.msgid.link/20260318033819.1469350-5-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-19selftests: drv-net: gro: use SO_TXTIME to schedule packets togetherJakub Kicinski1-3/+54
Longer packet sequence tests are quite flaky when the test is run over a real network. Try to avoid at least the jitter on the sender side by scheduling all the packets to be sent at once using SO_TXTIME. Use hardcoded tx time of 5msec in the future. In my test increasing this time past 2msec makes no difference so 5msec is plenty of margin. Since we now expect more output buffering make sure to raise SNDBUF. Note that this is an opportunistic reliability improvement which will only work if the qdisc can schedule Tx time for us (fq). Fiddling with qdisc config was deemed too complex, so it's not part of the patch. Reviewed-by: Willem de Bruijn <willemb@google.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Link: https://patch.msgid.link/20260318033819.1469350-4-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-19selftests: drv-net: give HW stats sync time extra 25% of marginJakub Kicinski1-2/+2
There are transient failures for devices which update stats periodically, especially if it's the FW DMA'ing the stats rather than host periodic work querying the FW. Wait 25% longer than strictly necessary. For devices which don't report stats-block-usecs we retain 25 msec as the default wait time (0.025sec == 20,000usec * 1.25). Reviewed-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Willem de Bruijn <willemb@google.com> Link: https://patch.msgid.link/20260318033819.1469350-3-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-19selftests: net: move gro to lib for HW vs SW reuseJakub Kicinski6-4/+4
The gro.c packet sender is used for SW testing but bulk of incoming new tests will be HW-specific. So it's better to put them under drivers/net/hw/, to avoid tip-toeing around netdevsim. Move gro.c to lib so we can reuse it. Reviewed-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Willem de Bruijn <willemb@google.com> Link: https://patch.msgid.link/20260318033819.1469350-2-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-19Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski14-42/+288
Cross-merge networking fixes after downstream PR (net-7.0-rc5). net/netfilter/nft_set_rbtree.c 598adea720b97 ("netfilter: revert nft_set_rbtree: validate open interval overlap") 3aea466a43998 ("netfilter: nft_set_rbtree: don't disable bh when acquiring tree lock") https://lore.kernel.org/abgaQBpeGstdN4oq@sirena.org.uk No adjacent changes. Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-19selftests/landlock: Test tsync interruption and cancellation pathsMickaël Salaün1-1/+90
Add tsync_interrupt test to exercise the signal interruption path in landlock_restrict_sibling_threads(). When a signal interrupts wait_for_completion_interruptible() while the calling thread waits for sibling threads to finish credential preparation, the kernel: 1. Sets ERESTARTNOINTR to request a transparent syscall restart. 2. Calls cancel_tsync_works() to opportunistically dequeue task works that have not started running yet. 3. Breaks out of the preparation loop, then unblocks remaining task works via complete_all() and waits for them to finish. 4. Returns the error, causing abort_creds() in the syscall handler. Specifically, cancel_tsync_works() in its entirety, the ERESTARTNOINTR error branch in landlock_restrict_sibling_threads(), and the abort_creds() error branch in the landlock_restrict_self() syscall handler are timing-dependent and not exercised by the existing tsync tests, making code coverage measurements non-deterministic. The test spawns a signaler thread that rapidly sends SIGUSR1 to the calling thread while it performs landlock_restrict_self() with LANDLOCK_RESTRICT_SELF_TSYNC. Since ERESTARTNOINTR causes a transparent restart, userspace always sees the syscall succeed. This is a best-effort coverage test: the interruption path is exercised when the signal lands during the preparation wait, which depends on thread scheduling. The test creates enough idle sibling threads (200) to ensure multiple serialized waves of credential preparation even on machines with many cores (e.g., 64), widening the window for the signaler. Deterministic coverage would require wrapping the wait call with ALLOW_ERROR_INJECTION() and using CONFIG_FAIL_FUNCTION. Test coverage for security/landlock was 90.2% of 2105 lines according to LLVM 21, and it is now 91.1% of 2105 lines with this new test. Cc: Günther Noack <gnoack@google.com> Cc: Justin Suess <utilityemal77@gmail.com> Cc: Tingmao Wang <m@maowtm.org> Cc: Yihan Ding <dingyihan@uniontech.com> Link: https://lore.kernel.org/r/20260310190416.1913908-1-mic@digikod.net Signed-off-by: Mickaël Salaün <mic@digikod.net>
2026-03-19vfio: selftests: Fix VLA initialisation in vfio_pci_irq_set()Manish Honap1-1/+3
C does not permit an initialiser expression on a variable-length array (C99 Section 6.7.9 constraint: "The type of the entity to be initialized shall not be a variable length array type"). vfio_pci_irq_set() declared: u8 buf[sizeof(struct vfio_irq_set) + sizeof(int) * count] = {}; where `count` is a runtime function parameter, making `buf` a VLA. GCC rejects this with (tried with GCC-9.4.0): error: variable-sized object may not be initialized Fix by removing the `= {}` initialiser and inserting an explicit memset() immediately after the declaration. memset() on a VLA is perfectly legal and achieves the same zero-initialisation on all conforming C implementations. Fixes: 19faf6fd969c ("vfio: selftests: Add a helper library for VFIO selftests") Cc: stable@vger.kernel.org Reviewed-by: Dave Jiang <dave.jiang@intel.com> Reviewed-by: David Matlack <dmatlack@google.com> Signed-off-by: Manish Honap <mhonap@nvidia.com> Link: https://lore.kernel.org/r/20260317051402.3725670-1-mhonap@nvidia.com Signed-off-by: Alex Williamson <alex@shazbot.org>
2026-03-19KVM: arm64: selftests: Add no-vgic-v5 selftestSascha Bischoff3-178/+298
Now that GICv5 is supported, it is important to check that all of the GICv5 register state is hidden from a guest that doesn't create a vGICv5. Rename the no-vgic-v3 selftest to no-vgic, and extend it to check GICv5 system registers too. Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com> Link: https://patch.msgid.link/20260319154937.3619520-42-sascha.bischoff@arm.com Signed-off-by: Marc Zyngier <maz@kernel.org>
2026-03-19KVM: arm64: selftests: Introduce a minimal GICv5 PPI selftestSascha Bischoff3-0/+379
This basic selftest creates a vgic_v5 device (if supported), and tests that one of the PPI interrupts works as expected with a basic single-vCPU guest. Upon starting, the guest enables interrupts. That means that it is initialising all PPIs to have reasonable priorities, but marking them as disabled. Then the priority mask in the ICC_PCR_EL1 is set, and interrupts are enable in ICC_CR0_EL1. At this stage the guest is able to receive interrupts. The architected SW_PPI (64) is enabled and KVM_IRQ_LINE ioctl is used to inject the state into the guest. The guest's interrupt handler has an explicit WFI in order to ensure that the guest skips WFI when there are pending and enabled PPI interrupts. Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com> Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com> Link: https://patch.msgid.link/20260319154937.3619520-41-sascha.bischoff@arm.com Signed-off-by: Marc Zyngier <maz@kernel.org>
2026-03-19kunit: configs: Enable all crypto library tests in all_tests.configEric Biggers1-0/+2
The new option CONFIG_CRYPTO_LIB_ENABLE_ALL_FOR_KUNIT enables all the crypto library code that has KUnit tests, causing CONFIG_KUNIT_ALL_TESTS to enable all these tests. Add this option to all_tests.config so that kunit.py will run them when passed the --alltests option. Link: https://lore.kernel.org/r/20260314035927.51351-3-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@kernel.org>
2026-03-19Merge tag 'ovpn-net-next-20260317' of https://github.com/OpenVPN/ovpn-net-nextPaolo Abeni40-86/+472
Antonio Quartulli says: ==================== Included features: * use bitops.h API when possible * send netlink notification in case of client float event * implement support for asymmetric peer IDs * consolidate memory allocations during crypto operations * add netlink notification check in selftests * add FW mark check in selftest * tag 'ovpn-net-next-20260317' of https://github.com/OpenVPN/ovpn-net-next: ovpn: consolidate crypto allocations in one chunk selftests: ovpn: add test for the FW mark feature selftests: ovpn: check asymmetric peer-id ovpn: add support for asymmetric peer IDs selftests: ovpn: add notification parsing and matching ovpn: notify userspace on client float event ovpn: pktid: use bitops.h API ovpn: use correct array size to parse nested attributes in ovpn_nl_key_swap_doit selftests: ovpn: allow compiling ovpn-cli.c with mbedtls3 ==================== Link: https://patch.msgid.link/20260317104023.192548-1-antonio@openvpn.net Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-03-19selftests/net: packetdrill: improve tcp_rcv_neg_window.pktSimon Baatz1-3/+11
The test depends on accepting a packet that is larger than the advertised window and that does not trigger an immediate ACK. Previously, the test might still pass even if kernel behavior changed unexpectedly. Add assertions verifying that the large packet was accepted and no ACK was sent. Suggested-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Simon Baatz <gmbnomis@gmail.com> Link: https://patch.msgid.link/20260316-improve_tcp_neg_usable_wnd_test-v1-1-f16d5e365107@gmail.com Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-03-18selftests/vsock: auto-detect kernel for guest VMsBobby Eshleman1-0/+19
When running vmtest.sh inside a nested VM the running kernel may not be installed on the filesystem at the standard /boot/ or /usr/lib/modules/ paths. Previously, this would cause vng to fail with "does not exist" since it could not find the kernel image. Instead, this patch uses --dry-run to detect if the kernel is available. If not, then we fall back to the kernel in the kernel source tree. If that fails, then we die. This way runners, like NIPA, can use vng --run arch/x86/boot/bzImage to setup an outer VM, and vmtest.sh will still do the right thing setting up the inner VM. Due to job control issues in vng, a workaround is used to prevent 'make kselftest TARGETS=vsock' from hanging until test timeout. A PR has been placed upstream to solve the issue in vng: https://github.com/arighi/virtme-ng/pull/453 Signed-off-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://patch.msgid.link/20260316-vsock-vmtest-autodetect-kernel-v2-1-5eec7b4831f8@meta.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-18selftests/bpf: Isolate fmod_ret hooks by pidSun Jian2-3/+18
modify_return's fmod_ret programs can override bpf_modify_return_test()'s return value, which conflicts with get_func_ip_test when selftests run in parallel. Store current tgid in BSS and make modify_return hooks act only for that tgid. For other tasks, fentry/fexit become no-ops and fmod_ret returns the original ret. Drop the serial-only restriction and remove the TODO comment. Tested: sudo ./test_progs -t modify_return sudo ./test_progs -t get_func_ip_test sudo ./test_progs -j$(nproc) -t modify_return sudo ./test_progs -j$(nproc) -t get_func_ip_test Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com> Link: https://lore.kernel.org/r/20260313034540.255805-1-sun.jian.kdev@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-03-18selftests/bpf: Avoid spurious failures perf_linkSun Jian1-15/+5
perf_link creates a system-wide perf event pinned to CPU 0 (pid=-1, cpu=0) and also pins the test thread to CPU 0. Under concurrent selftests this can lead to cross-test interference and CPU 0 contention, making the test flaky. Create a per-task perf event instead (pid=0, cpu=-1) and drop CPU pinning from burn_cpu(). Use barrier() to prevent the burn loop from being optimized away. Drop the serial_ prefix so the test can run in parallel. Also remove the stale TODO comment. Tested: ./test_progs -t perf_link -vv ./test_progs -j$(nproc) -t perf_link -vv for i in $(seq 1 50); do ./test_progs -j$(nproc) -t perf_link; done Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com> Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> Link: https://lore.kernel.org/r/20260305084306.283983-1-sun.jian.kdev@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-03-18tools: ynl: rework policy access to support recursionJakub Kicinski1-15/+11
Donald points out that the current naive implementation using dicts breaks if policy is recursive (child nest uses policy idx already used by its parent). Lean more into the NlPolicy class. This lets us "render" the policy on demand, when user accesses it. If someone wants to do an infinite walk that's on them :) Show policy info as attributes of the class and use dict format to descend into sub-policies for extra neatness. Reviewed-by: Donald Hunter <donald.hunter@gmail.com> Link: https://patch.msgid.link/20260313232047.2068518-1-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-18ktest: Store failure logs also in fatal pathsRicardo B. Marlière1-0/+5
STORE_FAILURES was only saved from fail(), so paths that reached dodie() could exit without preserving failure logs. That includes fatal hook paths such as: POST_BUILD_DIE = 1 and ordinary failures when: DIE_ON_FAILURE = 1 Call save_logs("fail", ...) from dodie() too so fatal failures keep the same STORE_FAILURES artifacts as non-fatal fail() paths. Cc: John Hawley <warthog9@eaglescrag.net> Link: https://patch.msgid.link/20260318-ktest-fixes-v1-1-9dd94d46d84c@suse.com Signed-off-by: Ricardo B. Marlière <rbm@suse.com> Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2026-03-17Merge tag 'hid-for-linus-2026031701' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hidLinus Torvalds1-0/+12
Pull HID fixes from Jiri Kosina: - various fixes dealing with (intentionally) broken devices in HID core, logitech-hidpp and multitouch drivers (Lee Jones) - fix for OOB in wacom driver (Benoît Sevens) - fix for potentialy HID-bpf-induced buffer overflow in () (Benjamin Tissoires) - various other small fixes and device ID / quirk additions * tag 'hid-for-linus-2026031701' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: HID: multitouch: Check to ensure report responses match the request HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure HID: bpf: prevent buffer overflow in hid_hw_request selftests/hid: fix compilation when bpf_wq and hid_device are not exported HID: core: Mitigate potential OOB by removing bogus memset() HID: intel-thc-hid: Set HID_PHYS with PCI BDF HID: appletb-kbd: add .resume method in PM HID: logitech-hidpp: Enable MX Master 4 over bluetooth HID: input: Add HID_BATTERY_QUIRK_DYNAMIC for Elan touchscreens HID: input: Drop Asus UX550* touchscreen ignore battery quirks HID: asus: add xg mobile 2022 external hardware support HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq
2026-03-17Merge tag 'rust_io-7.1-rc1' into driver-core-nextDanilo Krummrich14-42/+331
Register abstraction and I/O infrastructure improvements Introduce the register!() macro to define type-safe I/O register accesses. Refactor the IoCapable trait into a functional trait, which simplifies I/O backends and removes the need for overloaded Io methods. This is a stable tag for other trees to merge. Signed-off-by: Danilo Krummrich <dakr@kernel.org>
2026-03-17selftests/sched_ext: Show failed test names in summaryCheng-Yang Chou1-1/+7
When tests fail, the runner only printed the failure count, making it hard to tell which tests failed without scrolling through output. Track failed test names in an array and print them after the summary so failures are immediately visible at the end of the run. Signed-off-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Signed-off-by: Tejun Heo <tj@kernel.org>
2026-03-17kunit: configs: Enable all CRC tests in all_tests.configEric Biggers1-0/+2
The new option CONFIG_CRC_ENABLE_ALL_FOR_KUNIT enables all the CRC code that has KUnit tests, causing CONFIG_KUNIT_ALL_TESTS to enable all these tests. Add this option to all_tests.config so that kunit.py will run them when passed the --alltests option. Acked-by: Ard Biesheuvel <ardb@kernel.org> Link: https://lore.kernel.org/r/20260314172224.15152-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@kernel.org>
2026-03-17selftests/mount_setattr: increase tmpfs size for idmapped mount testsChristian Brauner1-1/+1
The mount_setattr_idmapped fixture mounts a 2 MB tmpfs at /mnt and then creates a 2 GB sparse ext4 image at /mnt/C/ext4.img. While ftruncate() succeeds (sparse file), mkfs.ext4 needs to write actual metadata blocks (inode tables, journal, bitmaps) which easily exceeds the 2 MB tmpfs limit, causing ENOSPC and failing the fixture setup for all mount_setattr_idmapped tests. This was introduced by commit d37d4720c3e7 ("selftests/mount_settattr: ensure that ext4 filesystem can be created") which increased the image size from 2 MB to 2 GB but didn't adjust the tmpfs size. Bump the tmpfs size to 256 MB which is sufficient for the ext4 metadata. Fixes: d37d4720c3e7 ("selftests/mount_settattr: ensure that ext4 filesystem can be created") Signed-off-by: Christian Brauner <brauner@kernel.org>
2026-03-17selftests: net: add ipv6 RA route to ECMP merge testFernando Fernandez Mancera2-0/+19
As commit bbf4a17ad9ff ("ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF") pointed out, RA routes are not elegible for ECMP merging. Add a test scenario mixing RA and static routes with gateway to check that they are not getting merged. Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de> Link: https://patch.msgid.link/20260313124827.3945-1-fmancera@suse.de Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-03-17selftests: ovpn: add test for the FW mark featureRalf Lici3-1/+119
Add a selftest to verify that the FW mark socket option is correctly supported and its value propagated by ovpn. The test adds and removes nftables DROP rules based on the mark value, and checks that the rule counter aligns with the number of lost ping packets. Cc: Shuah Khan <shuah@kernel.org> Cc: linux-kselftest@vger.kernel.org Cc: horms@kernel.org Signed-off-by: Ralf Lici <ralf@mandelbit.com> Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2026-03-17selftests: ovpn: check asymmetric peer-idRalf Lici30-81/+271
Extend the base test to verify that the correct peer-id is set in data packet headers. This is done by capturing ping packets with tcpdump during the initial exchange and matching the first portion of the header against the expected sequence for every connection. Cc: Shuah Khan <shuah@kernel.org> Cc: linux-kselftest@vger.kernel.org Cc: horms@kernel.org Signed-off-by: Ralf Lici <ralf@mandelbit.com> Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2026-03-17selftests: ovpn: add notification parsing and matchingRalf Lici18-3/+76
To verify that netlink notifications are correctly emitted and contain the expected fields, this commit uses the tools/net/ynl/pyynl/cli.py script to create multicast listeners. These listeners record the captured notifications to a JSON file, which is later compared to the expected output. Cc: linux-kselftest@vger.kernel.org Cc: shuah@kernel.org Cc: horms@kernel.org Signed-off-by: Ralf Lici <ralf@mandelbit.com> Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2026-03-17ovpn: notify userspace on client float eventRalf Lici1-0/+3
Send a netlink notification when a client updates its remote UDP endpoint. The notification includes the new IP address, port, and scope ID (for IPv6). Cc: linux-kselftest@vger.kernel.org Cc: horms@kernel.org Cc: shuah@kernel.org Cc: donald.hunter@gmail.com Signed-off-by: Ralf Lici <ralf@mandelbit.com> Signed-off-by: Antonio Quartulli <antonio@openvpn.net> Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
2026-03-17selftests: ovpn: allow compiling ovpn-cli.c with mbedtls3Antonio Quartulli2-10/+12
mbedtls 3 installs headers and calls the shared object differently than version 2, therefore we must now rely on pkgconfig to fill the right C/LDFLAGS. Moreover the mbedtls3 library expects any base64 file to have their content on one line. Since this change does no break older versions, let's change the sample key file format and make mbedtls3 happy. Cc: Shuah Khan <shuah@kernel.org> Cc: linux-kselftest@vger.kernel.org Cc: horms@kernel.org Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2026-03-16selftests: net: py: give bpftrace more time to startJakub Kicinski1-1/+1
After commit under Fixes debug runners in the CI hit the following: # subprocess.TimeoutExpired: Command '['bpftrace', '-f', 'json', '-q', '-e', 'kprobe:netpoll_poll_dev { @hits = count(); } interval:s:10 { exit(); }']' timed out after 15 seconds # # Exception| net.lib.py.ksft.KsftFailEx: bpftrace failed to run!?: {} in netpoll_basic.py >10% of the time. Let's give bpftool more time to start, it can take a while on a debug kernel. Fixes: 82562972b854 ("selftests: net: pass bpftrace timeout to cmd()") Reviewed-by: Breno Leitao <leitao@debian.org> Reviewed-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Nimrod Oren <noren@nvidia.com> Link: https://patch.msgid.link/20260315160038.3187730-1-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-16cxl: support Type2 when initializing cxl_dev_stateAlejandro Lucero1-2/+1
In preparation for type2 drivers add function and macro for differentiating CXL memory expanders (type 3) from CXL device accelerators (type 2) helping drivers built from public headers to embed struct cxl_dev_state inside a private struct. Update type3 driver for using this same initialization. Signed-off-by: Alejandro Lucero <alucerop@amd.com> Reviewed-by: Dave Jiang <dave.jiang@intel.com> Reviewed-by: Alison Schofield <alison.schofield@intel.com> Reviewed-by: Gregory Price <gourry@gourry.net> Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com> Link: https://patch.msgid.link/20260306164741.3796372-2-alejandro.lucero-palau@amd.com Signed-off-by: Dave Jiang <dave.jiang@intel.com>
2026-03-16selftests/bpf: Bump path and command buffer sizes in bpftool_helpers.cIhor Solodrai1-8/+7
The path length of 64 is way too low in some envirnoments, which leads to subtle failures due to truncation [1]. Replace BPFTOOL_PATH_MAX_LEN with PATH_MAX, and set BPFTOOL_FULL_CMD_MAX_LEN to double of PATH_MAX. [1] https://github.com/libbpf/libbpf/actions/runs/22980753016/job/66719800527 Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Link: https://lore.kernel.org/bpf/20260312234820.439720-1-ihor.solodrai@linux.dev
2026-03-16bpftool: Allow explicitly skip llvm, libbfd and libcrypto dependenciesMykyta Yatsenko1-0/+8
Introduce SKIP_LLVM, SKIP_LIBBFD, and SKIP_CRYPTO build flags that let users build bpftool without these optional dependencies. SKIP_LLVM=1 skips LLVM even when detected. SKIP_LIBBFD=1 prevents the libbfd JIT disassembly fallback when LLVM is absent. Together, they produce a bpftool with no disassembly support. SKIP_CRYPTO=1 excludes sign.c and removes the -lcrypto link dependency. Inline stubs in main.h return errors with a clear message if signing functions are called at runtime. Use BPFTOOL_WITHOUT_CRYPTO (not HAVE_LIBCRYPTO_SUPPORT) as the C define, following the BPFTOOL_WITHOUT_SKELETONS naming convention for bpftool-internal build config, leaving HAVE_LIBCRYPTO_SUPPORT free for proper feature detection in the future. All three flags are propagated through the selftests Makefile to bpftool sub-builds. Signed-off-by: Mykyta Yatsenko <yatsenko@meta.com> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Link: https://lore.kernel.org/bpf/20260312-b4-bpftool_build-v2-1-4c9d57133644@meta.com
2026-03-16selftests/bpf: Add deep call stack selftestsEmil Tsalapatis2-0/+97
Add tests that demonstrate the verifier support for deep call stacks while still enforcing maximum stack size limits. Acked-by: Eduard Zingerman <eddyz87@gmail.com> Signed-off-by: Emil Tsalapatis <emil@etsalapatis.com> Link: https://lore.kernel.org/r/20260316161225.128011-3-emil@etsalapatis.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-03-16bpf: Only enforce 8 frame call stack limit for all-static stacksEmil Tsalapatis1-9/+9
The BPF verifier currently enforces a call stack depth of 8 frames, regardless of the actual stack space consumption of those frames. The limit is necessary for static call stacks, because the bookkeeping data structures used by the verifier when stepping into static functions during verification only support 8 stack frames. However, this limitation only matters for static stack frames: Global subprogs are verified by themselves and do not require limiting the call depth. Relax this limitation to only apply to static stack frames. Verification now only fails when there is a sequence of 8 calls to non-global subprogs. Calling into a global subprog resets the counter. This allows deeper call stacks, provided all frames still fit in the stack. The change does not increase the maximum size of the call stack, only the maximum number of frames we can place in it. Also change the progs/test_global_func3.c selftest to use static functions, since with the new patch it would otherwise unexpectedly pass verification. Acked-by: Mykyta Yatsenko <yatsenko@meta.com> Acked-by: Eduard Zingerman <eddyz87@gmail.com> Signed-off-by: Emil Tsalapatis <emil@etsalapatis.com> Link: https://lore.kernel.org/r/20260316161225.128011-2-emil@etsalapatis.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-03-16KVM: s390: selftests: Add IRQ routing address offset testsJanosch Frank2-0/+76
This test tries to setup routes which have address + offset combinations which cross a page. Reviewed-by: Matthew Rosato <mjrosato@linux.ibm.com> Tested-by: Matthew Rosato <mjrosato@linux.ibm.com> Signed-off-by: Janosch Frank <frankja@linux.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@linux.ibm.com>
2026-03-16selftests/hid: fix compilation when bpf_wq and hid_device are not exportedBenjamin Tissoires1-0/+12
This can happen in situations when CONFIG_HID_SUPPORT is set to no, or some complex situations where struct bpf_wq is not exported. So do the usual dance of hiding them before including vmlinux.h, and then redefining them and make use of CO-RE to have the correct offsets. Reported-by: kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202603111558.KLCIxsZB-lkp@intel.com/ Fixes: fe8d561db3e8 ("selftests/hid: add wq test for hid_bpf_input_report()") Cc: stable@vger.kernel.org Acked-by: Jiri Kosina <jkosina@suse.com> Reviewed-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de> Signed-off-by: Benjamin Tissoires <bentiss@kernel.org>
2026-03-15Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds8-26/+250
Pull kvm fixes from Paolo Bonzini: "Quite a large pull request, partly due to skipping last week and therefore having material from ~all submaintainers in this one. About a fourth of it is a new selftest, and a couple more changes are large in number of files touched (fixing a -Wflex-array-member-not-at-end compiler warning) or lines changed (reformatting of a table in the API documentation, thanks rST). But who am I kidding---it's a lot of commits and there are a lot of bugs being fixed here, some of them on the nastier side like the RISC-V ones. ARM: - Correctly handle deactivation of interrupts that were activated from LRs. Since EOIcount only denotes deactivation of interrupts that are not present in an LR, start EOIcount deactivation walk *after* the last irq that made it into an LR - Avoid calling into the stubs to probe for ICH_VTR_EL2.TDS when pKVM is already enabled -- not only thhis isn't possible (pKVM will reject the call), but it is also useless: this can only happen for a CPU that has already booted once, and the capability will not change - Fix a couple of low-severity bugs in our S2 fault handling path, affecting the recently introduced LS64 handling and the even more esoteric handling of hwpoison in a nested context - Address yet another syzkaller finding in the vgic initialisation, where we would end-up destroying an uninitialised vgic with nasty consequences - Address an annoying case of pKVM failing to boot when some of the memblock regions that the host is faulting in are not page-aligned - Inject some sanity in the NV stage-2 walker by checking the limits against the advertised PA size, and correctly report the resulting faults PPC: - Fix a PPC e500 build error due to a long-standing wart that was exposed by the recent conversion to kmalloc_obj(); rip out all the ugliness that led to the wart RISC-V: - Prevent speculative out-of-bounds access using array_index_nospec() in APLIC interrupt handling, ONE_REG regiser access, AIA CSR access, float register access, and PMU counter access - Fix potential use-after-free issues in kvm_riscv_gstage_get_leaf(), kvm_riscv_aia_aplic_has_attr(), and kvm_riscv_aia_imsic_has_attr() - Fix potential null pointer dereference in kvm_riscv_vcpu_aia_rmw_topei() - Fix off-by-one array access in SBI PMU - Skip THP support check during dirty logging - Fix error code returned for Smstateen and Ssaia ONE_REG interface - Check host Ssaia extension when creating AIA irqchip x86: - Fix cases where CPUID mitigation features were incorrectly marked as available whenever the kernel used scattered feature words for them - Validate _all_ GVAs, rather than just the first GVA, when processing a range of GVAs for Hyper-V's TLB flush hypercalls - Fix a brown paper bug in add_atomic_switch_msr() - Use hlist_for_each_entry_srcu() when traversing mask_notifier_list, to fix a lockdep warning; KVM doesn't hold RCU, just irq_srcu - Ensure AVIC VMCB fields are initialized if the VM has an in-kernel local APIC (and AVIC is enabled at the module level) - Update CR8 write interception when AVIC is (de)activated, to fix a bug where the guest can run in perpetuity with the CR8 intercept enabled - Add a quirk to skip the consistency check on FREEZE_IN_SMM, i.e. to allow L1 hypervisors to set FREEZE_IN_SMM. This reverts (by default) an unintentional tightening of userspace ABI in 6.17, and provides some amount of backwards compatibility with hypervisors who want to freeze PMCs on VM-Entry - Validate the VMCS/VMCB on return to a nested guest from SMM, because either userspace or the guest could stash invalid values in memory and trigger the processor's consistency checks Generic: - Remove a subtle pseudo-overlay of kvm_stats_desc, which, aside from being unnecessary and confusing, triggered compiler warnings due to -Wflex-array-member-not-at-end - Document that vcpu->mutex is take outside of kvm->slots_lock and kvm->slots_arch_lock, which is intentional and desirable despite being rather unintuitive Selftests: - Increase the maximum number of NUMA nodes in the guest_memfd selftest to 64 (from 8)" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (43 commits) KVM: selftests: Verify SEV+ guests can read and write EFER, CR0, CR4, and CR8 Documentation: kvm: fix formatting of the quirks table KVM: x86: clarify leave_smm() return value selftests: kvm: add a test that VMX validates controls on RSM selftests: kvm: extract common functionality out of smm_test.c KVM: SVM: check validity of VMCB controls when returning from SMM KVM: VMX: check validity of VMCS controls when returning from SMM KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC KVM: x86: Introduce KVM_X86_QUIRK_VMCS12_ALLOW_FREEZE_IN_SMM KVM: x86: Fix SRCU list traversal in kvm_fire_mask_notifiers() KVM: VMX: Fix a wrong MSR update in add_atomic_switch_msr() KVM: x86: hyper-v: Validate all GVAs during PV TLB flush KVM: x86: synthesize CPUID bits only if CPU capability is set KVM: PPC: e500: Rip out "struct tlbe_ref" KVM: PPC: e500: Fix build error due to using kmalloc_obj() with wrong type KVM: selftests: Increase 'maxnode' for guest_memfd tests KVM: arm64: pkvm: Don't reprobe for ICH_VTR_EL2.TDS on CPU hotplug KVM: arm64: vgic: Pick EOIcount deactivations from AP-list tail KVM: arm64: Remove the redundant ISB in __kvm_at_s1e2() ...
2026-03-15Merge tag 'powerpc-7.0-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linuxLinus Torvalds4-14/+24
Pull powerpc fixes from Madhavan Srinivasan: - Fix KUAP warning in VMX usercopy path - Fix lockdep warning during PCI enumeration - Fix to move CMA reservations to arch_mm_preinit - Fix to check current->mm is alive before getting user callchain Thanks to Aboorva Devarajan, Christophe Leroy (CS GROUP), Dan Horák, Nicolin Chen, Nilay Shroff, Qiao Zhao, Ritesh Harjani (IBM), Saket Kumar Bhaskar, Sayali Patil, Shrikanth Hegde, Venkat Rao Bagalkote, and Viktor Malik. * tag 'powerpc-7.0-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: powerpc/iommu: fix lockdep warning during PCI enumeration powerpc/selftests/copyloops: extend selftest to exercise __copy_tofrom_user_power7_vmx powerpc: fix KUAP warning in VMX usercopy path powerpc, perf: Check that current->mm is alive before getting user callchain powerpc/mem: Move CMA reservations to arch_mm_preinit
2026-03-15selftests: pci_endpoint: Skip reserved BARsNiklas Cassel1-0/+4
Running a test against a reserved BAR will result in the pci-epf-test driver returning -ENOBUFS. Make sure that the pci_endpoint_test selftest will return skip instead of failure or success for reserved BARs. Signed-off-by: Niklas Cassel <cassel@kernel.org> Signed-off-by: Manivannan Sadhasivam <mani@kernel.org> Tested-by: Manikanta Maddireddy <mmaddireddy@nvidia.com> Tested-by: Koichiro Den <den@valinux.co.jp> Reviewed-by: Manikanta Maddireddy <mmaddireddy@nvidia.com> Reviewed-by: Frank Li <Frank.Li@nxp.com> Link: https://patch.msgid.link/20260312130229.2282001-22-cassel@kernel.org
2026-03-14sched_ext: Update selftests to drop ops.cpu_acquire/release()Cheng-Yang Chou3-9/+12
ops.cpu_acquire/release() are deprecated by commit a3f5d4822253 ("sched_ext: Allow scx_bpf_reenqueue_local() to be called from anywhere") in favor of handling CPU preemption via the sched_switch tracepoint. In the maximal selftest, replace the cpu_acquire/release stubs with a minimal sched_switch TP program. Attach all non-struct_ops programs (including the new TP) via maximal__attach() after disabling auto-attach for the maximal_ops struct_ops map, which is managed manually in run(). Apply the same fix to reload_loop, which also uses the maximal skeleton. Signed-off-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Andrea Righi <arighi@nvidia.com> Signed-off-by: Tejun Heo <tj@kernel.org>
2026-03-14sched_ext: Update demo schedulers and selftests to use scx_bpf_task_set_dsq_vtime()Cheng-Yang Chou1-2/+4
Direct writes to p->scx.dsq_vtime are deprecated in favor of scx_bpf_task_set_dsq_vtime(). Update scx_simple, scx_flatcg, and select_cpu_vtime selftest to use the new kfunc with scale_by_task_weight_inverse(). Signed-off-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Andrea Righi <arighi@nvidia.com> Signed-off-by: Tejun Heo <tj@kernel.org>
2026-03-14selftests/net: packetdrill: add tcp_disorder_fin_in_FIN_WAIT.pktEric Dumazet1-0/+33
Commit 795a7dfbc3d9 ("net: tcp: accept old ack during closing") was fixing an old bug, add a test to make sure we won't break this case in future kernels. Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Menglong Dong <menglong8.dong@gmail.com> Link: https://patch.msgid.link/20260313115429.3365751-1-edumazet@google.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-14selftests/arm64: Implement cmpbr_sigill() to hwcap testYifan Wu1-1/+2
The function executes a CBEQ instruction which is valid if the CPU supports the CMPBR extension. The CBEQ branches to skip the following UDF instruction, and no SIGILL is generated. Otherwise, it will generate a SIGILL. Signed-off-by: Yifan Wu <wuyifan50@huawei.com> Reviewed-by: Mark Brown <broonie@kernel.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2026-03-14selftests/net: packetdrill: add tcp_rcv_neg_window.pktSimon Baatz1-0/+26
The test ensures we correctly apply the maximum advertised window limit when rcv_nxt advances past rcv_mwnd_seq, so that the "usable window" is properly clamped to zero rather than becoming negative. Signed-off-by: Simon Baatz <gmbnomis@gmail.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Link: https://patch.msgid.link/20260309-tcp_rfc7323_retract_wnd_rfc-v3-6-4c7f96b1ec69@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-14selftests/net: packetdrill: add tcp_rcv_wnd_shrink_allowed.pktSimon Baatz1-0/+40
This test verifies the sequence number checks using the maximum advertised window sequence number when net.ipv4.tcp_shrink_window is enabled. Signed-off-by: Simon Baatz <gmbnomis@gmail.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Link: https://patch.msgid.link/20260309-tcp_rfc7323_retract_wnd_rfc-v3-5-4c7f96b1ec69@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-14selftests/net: packetdrill: add tcp_rcv_wnd_shrink_nomem.pktSimon Baatz1-0/+132
This test verifies - the sequence number checks using the maximum advertised window sequence number and - the logic for handling received data in tcp_data_queue() for the cases: 1. The window is reduced to zero because of memory 2. The window grows again but still does not reach the originally advertised window Signed-off-by: Simon Baatz <gmbnomis@gmail.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Link: https://patch.msgid.link/20260309-tcp_rfc7323_retract_wnd_rfc-v3-4-4c7f96b1ec69@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-14tcp: implement RFC 7323 window retraction receiver requirementsSimon Baatz1-1/+1
By default, the Linux TCP implementation does not shrink the advertised window (RFC 7323 calls this "window retraction") with the following exceptions: - When an incoming segment cannot be added due to the receive buffer running out of memory. Since commit 8c670bdfa58e ("tcp: correct handling of extreme memory squeeze") a zero window will be advertised in this case. It turns out that reaching the required memory pressure is easy when window scaling is in use. In the simplest case, sending a sufficient number of segments smaller than the scale factor to a receiver that does not read data is enough. - Commit b650d953cd39 ("tcp: enforce receive buffer memory limits by allowing the tcp window to shrink") addressed the "eating memory" problem by introducing a sysctl knob that allows shrinking the window before running out of memory. However, RFC 7323 does not only state that shrinking the window is necessary in some cases, it also formulates requirements for TCP implementations when doing so (Section 2.4). This commit addresses the receiver-side requirements: After retracting the window, the peer may have a snd_nxt that lies within a previously advertised window but is now beyond the retracted window. This means that all incoming segments (including pure ACKs) will be rejected until the application happens to read enough data to let the peer's snd_nxt be in window again (which may be never). To comply with RFC 7323, the receiver MUST honor any segment that would have been in window for any ACK sent by the receiver and, when window scaling is in effect, SHOULD track the maximum window sequence number it has advertised. This patch tracks that maximum window sequence number rcv_mwnd_seq throughout the connection and uses it in tcp_sequence() when deciding whether a segment is acceptable. rcv_mwnd_seq is updated together with rcv_wup and rcv_wnd in tcp_select_window(). If we count tcp_sequence() as fast path, it is read in the fast path. Therefore, rcv_mwnd_seq is put into rcv_wnd's cacheline group. The logic for handling received data in tcp_data_queue() is already sufficient and does not need to be updated. Signed-off-by: Simon Baatz <gmbnomis@gmail.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Link: https://patch.msgid.link/20260309-tcp_rfc7323_retract_wnd_rfc-v3-1-4c7f96b1ec69@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-03-13sched_ext/selftests: Fix incorrect include guard commentsCheng-Yang Chou2-2/+2
Fix two mismatched closing comments in header include guards: - util.h: closing comment says __SCX_TEST_H__ but the guard is __SCX_TEST_UTIL_H__ - exit_test.h: closing comment has a spurious '#' character before the guard name Signed-off-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Signed-off-by: Tejun Heo <tj@kernel.org>
2026-03-13selftests/sched_ext: Update scx_bpf_dsq_move_to_local() in kselftestsAndrea Righi6-9/+9
After commit 860683763ebf ("sched_ext: Add enq_flags to scx_bpf_dsq_move_to_local()") some of the kselftests are failing to build: exit.bpf.c:44:34: error: too few arguments provided to function-like macro invocation 44 | scx_bpf_dsq_move_to_local(DSQ_ID); Update the kselftests adding the new argument to scx_bpf_dsq_move_to_local(). Fixes: 860683763ebf ("sched_ext: Add enq_flags to scx_bpf_dsq_move_to_local()") Signed-off-by: Andrea Righi <arighi@nvidia.com> Signed-off-by: Tejun Heo <tj@kernel.org>
2026-03-13selftests/bpf: Test case for refinement improvement using 64b boundsPaul Chaignon1-0/+33
This new selftest demonstrates the improvement of bounds refinement from the previous patch. It is inspired from a set of reg_bounds_sync inputs generated using CBMC [1] by Shung-Hsi: reg.smin_value=0x8000000000000002 reg.smax_value=2 reg.umin_value=2 reg.umax_value=19 reg.s32_min_value=2 reg.s32_max_value=3 reg.u32_min_value=2 reg.u32_max_value=3 reg_bounds_sync returns R=[2; 3] without the previous patch, and R=2 with it. __reg64_deduce_bounds is able to derive that u64=2, but before the previous patch, those bounds are overwritten in __reg_deduce_mixed_bounds using the 32bits bounds. To arrive to these reg_bounds_sync inputs, we bound the 32bits value first to [2; 3]. We can then upper-bound s64 without impacting u64. At that point, the refinement to u64=2 doesn't happen because the ranges still overlap in two points: 0 umin=2 umax=0xff..ff00..03 U64_MAX | [xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] | |----------------------------|------------------------------| |xx] [xxxxxxxxxxxxxxxxxxxxxxxxxxxx| 0 smax=2 smin=0x800..02 -1 With an upper-bound check at value 19, we can reach the above inputs for reg_bounds_sync. At that point, the refinement to u64=2 happens and because it isn't overwritten by __reg_deduce_mixed_bounds anymore, reg_bounds_sync returns with reg=2. The test validates this result by including an illegal instruction in the (dead) branch reg != 2. Link: https://github.com/shunghsiyu/reg_bounds_sync-review/ [1] Co-developed-by: Shung-Hsi Yu <shung-hsi.yu@suse.com> Signed-off-by: Shung-Hsi Yu <shung-hsi.yu@suse.com> Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com> Tested-by: Eduard Zingerman <eddyz87@gmail.com> Link: https://lore.kernel.org/r/622dc51c581cd4d652fff362188b2a5f73c1fe99.1773401138.git.paul.chaignon@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>