Unnamed repository; edit this file 'description' to name the repository. https://git.kobert.dev/pm24.git/atom?h=v6.7-rc7 2023-11-03T19:28:53Z 2023-11-03T19:28:53Z Linus Torvalds torvalds@linux-foundation.org 2023-11-03T19:28:53Z urn:sha1:136cc1e1f5be75f57f1e0404b94ee1c8792cb07d Pull landlock updates from Mickaël Salaün: "A Landlock ruleset can now handle two new access rights: LANDLOCK_ACCESS_NET_BIND_TCP and LANDLOCK_ACCESS_NET_CONNECT_TCP. When handled, the related actions are denied unless explicitly allowed by a Landlock network rule for a specific port. The related patch series has been reviewed for almost two years, it has evolved a lot and we now have reached a decent design, code and testing. The refactored kernel code and the new test helpers also bring the foundation to support more network protocols. Test coverage for security/landlock is 92.4% of 710 lines according to gcc/gcov-13, and it was 93.1% of 597 lines before this series. The decrease in coverage is due to code refactoring to make the ruleset management more generic (i.e. dealing with inodes and ports) that also added new WARN_ON_ONCE() checks not possible to test from user space. syzkaller has been updated accordingly [4], and such patched instance (tailored to Landlock) has been running for a month, covering all the new network-related code [5]" Link: https://lore.kernel.org/r/20231026014751.414649-1-konstantin.meskhidze@huawei.com [1] Link: https://lore.kernel.org/r/CAHC9VhS1wwgH6NNd+cJz4MYogPiRV8NyPDd1yj5SpaxeUB4UVg@mail.gmail.com [2] Link: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next-history.git/commit/?id=c8dc5ee69d3a [3] Link: https://github.com/google/syzkaller/pull/4266 [4] Link: https://storage.googleapis.com/syzbot-assets/82e8608dec36/ci-upstream-linux-next-kasan-gce-root-ab577164.html#security%2flandlock%2fnet.c [5] * tag 'landlock-6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux: selftests/landlock: Add tests for FS topology changes with network rules landlock: Document network support samples/landlock: Support TCP restrictions selftests/landlock: Add network tests selftests/landlock: Share enforce_ruleset() helper landlock: Support network rules with TCP bind and connect landlock: Refactor landlock_add_rule() syscall landlock: Refactor layer helpers landlock: Move and rename layer helpers landlock: Refactor merge/inherit_ruleset helpers landlock: Refactor landlock_find_rule/insert_rule helpers landlock: Allow FS topology changes for domains without such rule type landlock: Make ruleset's access masks more generic 2023-11-02T02:15:42Z Linus Torvalds torvalds@linux-foundation.org 2023-11-02T02:15:42Z urn:sha1:05bf73aa27ba89474763cea7b9cd2626eda61e01 Pull probes updates from Masami Hiramatsu: "Cleanups: - kprobes: Fixes typo in kprobes samples - tracing/eprobes: Remove 'break' after return kretprobe/fprobe performance improvements: - lib: Introduce new `objpool`, which is a high performance lockless object queue. This uses per-cpu ring array to allocate/release objects from the pre-allocated object pool. Since the index of ring array is a 32bit sequential counter, we can retry to push/pop the object pointer from the ring without lock (as seq-lock does) - lib: Add an objpool test module to test the functionality and evaluate the performance under some circumstances - kprobes/fprobe: Improve kretprobe and rethook scalability performance with objpool. This improves both legacy kretprobe and fprobe exit handler (which is based on rethook) to be scalable on SMP systems. Even with 8-threads parallel test, it shows a great scalability improvement - Remove unneeded freelist.h which is replaced by objpool - objpool: Add maintainers entry for the objpool - objpool: Fix to remove unused include header lines" * tag 'probes-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: kprobes: unused header files removed MAINTAINERS: objpool added kprobes: freelist.h removed kprobes: kretprobe scalability improvement lib: objpool test module added lib: objpool added: ring-array based lockless MPMC tracing/eprobe: drop unneeded breaks samples: kprobes: Fixes a typo 2023-11-01T23:55:40Z Linus Torvalds torvalds@linux-foundation.org 2023-11-01T23:55:40Z urn:sha1:deefd5024f0772cf56052ace9a8c347dc70bcaf3 Pull VFIO updates from Alex Williamson: - Add support for "chunk mode" in the mlx5-vfio-pci variant driver, which allows both larger device image sizes for migration, beyond the previous 4GB limit, and also read-ahead support for improved migration performance (Yishai Hadas) - A new bus master control interface for the CDX bus driver where there is no in-band mechanism to toggle device DMA as there is through config space on PCI devices (Nipun Gupta) - Add explicit alignment directives to vfio data structures to reduce the chance of breaking 32-bit userspace. In most cases this is transparent and the remaining cases where data structures are padded work within the existing rules for extending data structures within vfio (Stefan Hajnoczi) - Resolve a bug in the cdx bus driver noted when compiled with clang where missing parenthesis result in the wrong operation (Nathan Chancellor) - Resolve errors reported by smatch for a function when dealing with invalid inputs (Alex Williamson) - Add migration support to the mtty vfio/mdev sample driver for testing and integration purposes, allowing CI of migration without specific hardware requirements. Also resolve many of the short- comings of this driver relative to implementation of the vfio interrupt ioctl along the way (Alex Williamson) * tag 'vfio-v6.7-rc1' of https://github.com/awilliam/linux-vfio: vfio/mtty: Enable migration support vfio/mtty: Overhaul mtty interrupt handling vfio: Fix smatch errors in vfio_combine_iova_ranges() vfio/cdx: Add parentheses between bitwise AND expression and logical NOT vfio/mlx5: Activate the chunk mode functionality vfio/mlx5: Add support for READING in chunk mode vfio/mlx5: Add support for SAVING in chunk mode vfio/mlx5: Pre-allocate chunks for the STOP_COPY phase vfio/mlx5: Rename some stuff to match chunk mode vfio/mlx5: Enable querying state size which is > 4GB vfio/mlx5: Refactor the SAVE callback to activate a work only upon an error vfio/mlx5: Wake up the reader post of disabling the SAVING migration file vfio: use __aligned_u64 in struct vfio_device_ioeventfd vfio: use __aligned_u64 in struct vfio_device_gfx_plane_info vfio: trivially use __aligned_u64 for ioctl structs vfio-cdx: add bus mastering device feature support vfio: add bus master feature to device feature ioctl cdx: add support for bus mastering 2023-10-26T19:07:17Z Konstantin Meskhidze konstantin.meskhidze@huawei.com 2023-10-26T01:47:50Z urn:sha1:5e990dcef12eebf683d209bac5e14591308dc216 Add TCP restrictions to the sandboxer demo. It's possible to allow a sandboxer to bind/connect to a list of specified ports restricting network actions to the rest of them. This is controlled with the new LL_TCP_BIND and LL_TCP_CONNECT environment variables. Rename ENV_PATH_TOKEN to ENV_DELIMITER. Signed-off-by: Konstantin Meskhidze <konstantin.meskhidze@huawei.com> Link: https://lore.kernel.org/r/20231026014751.414649-12-konstantin.meskhidze@huawei.com [mic: Extend commit message] Signed-off-by: Mickaël Salaün <mic@digikod.net> 2023-10-26T13:32:13Z Viktor Malik vmalik@redhat.com 2023-10-25T06:19:14Z urn:sha1:37db10bc247d5d0b448babd7ff386f092246e732 samples/bpf build its own bpftool boostrap to generate vmlinux.h as well as some BPF objects. This is a redundant step if bpftool has been already built, so update samples/bpf/Makefile such that it accepts a path to bpftool passed via the BPFTOOL variable. The approach is practically the same as tools/testing/selftests/bpf/Makefile uses. Signed-off-by: Viktor Malik <vmalik@redhat.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/bd746954ac271b02468d8d951ff9f11e655d485b.1698213811.git.vmalik@redhat.com 2023-10-26T13:32:13Z Viktor Malik vmalik@redhat.com 2023-10-25T06:19:13Z urn:sha1:f56bcfadf7d6d56b099726df4fc262b76486b0e0 samples/bpf/Makefile passes LDFLAGS=$(TPROGS_LDFLAGS) to libbpf build without surrounding quotes, which may cause compilation errors when passing custom TPROGS_USER_LDFLAGS. For example: $ make -C samples/bpf/ TPROGS_USER_LDFLAGS="-Wl,--as-needed -specs=/usr/lib/gcc/x86_64-redhat-linux/13/libsanitizer.spec" make: Entering directory './samples/bpf' make -C ../../ M=./samples/bpf BPF_SAMPLES_PATH=./samples/bpf make[1]: Entering directory '.' make -C ./samples/bpf/../../tools/lib/bpf RM='rm -rf' EXTRA_CFLAGS="-Wall -O2 -Wmissing-prototypes -Wstrict-prototypes -I./usr/include -I./tools/testing/selftests/bpf/ -I./samples/bpf/libbpf/include -I./tools/include -I./tools/perf -I./tools/lib -DHAVE_ATTR_TEST=0" \ LDFLAGS=-Wl,--as-needed -specs=/usr/lib/gcc/x86_64-redhat-linux/13/libsanitizer.spec srctree=./samples/bpf/../../ \ O= OUTPUT=./samples/bpf/libbpf/ DESTDIR=./samples/bpf/libbpf prefix= \ ./samples/bpf/libbpf/libbpf.a install_headers make: invalid option -- 'c' make: invalid option -- '=' make: invalid option -- '/' make: invalid option -- 'u' make: invalid option -- '/' [...] Fix the error by properly quoting $(TPROGS_LDFLAGS). Suggested-by: Donald Zickus <dzickus@redhat.com> Signed-off-by: Viktor Malik <vmalik@redhat.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/c690de6671cc6c983d32a566d33fd7eabd18b526.1698213811.git.vmalik@redhat.com 2023-10-26T13:32:12Z Viktor Malik vmalik@redhat.com 2023-10-25T06:19:12Z urn:sha1:870f09f1ba3014e2c157b14299c172b4bb716638 Currently, it is not possible to specify custom flags when building samples/bpf. The flags are defined in TPROGS_CFLAGS/TPROGS_LDFLAGS variables, however, when trying to override those from the make command, compilation fails. For example, when trying to build with PIE: $ make -C samples/bpf TPROGS_CFLAGS="-fpie" TPROGS_LDFLAGS="-pie" This is because samples/bpf/Makefile updates these variables, especially appends include paths to TPROGS_CFLAGS and these updates are overridden by setting the variables from the make command. This patch introduces variables TPROGS_USER_CFLAGS/TPROGS_USER_LDFLAGS for this purpose, which can be set from the make command and their values are propagated to TPROGS_CFLAGS/TPROGS_LDFLAGS. Signed-off-by: Viktor Malik <vmalik@redhat.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/2d81100b830a71f0e72329cc7781edaefab75f62.1698213811.git.vmalik@redhat.com 2023-10-24T21:03:10Z Alex Williamson alex.williamson@redhat.com 2023-10-16T22:47:36Z urn:sha1:2b88119e35b00d8cb418d86abbace3b90a993bd7 The mtty driver exposes a PCI serial device to userspace and therefore makes an easy target for a sample device supporting migration. The device does not make use of DMA, therefore we can easily claim support for the migration P2P states, as well as dirty logging. This implementation also makes use of PRE_COPY support in order to provide migration stream compatibility testing, which should generally be considered good practice. Reviewed-by: Cédric Le Goater <clg@redhat.com> Link: https://lore.kernel.org/r/20231016224736.2575718-3-alex.williamson@redhat.com Signed-off-by: Alex Williamson <alex.williamson@redhat.com> 2023-10-24T21:02:55Z Alex Williamson alex.williamson@redhat.com 2023-10-16T22:47:35Z urn:sha1:293fbc28818135743f54d46c418ede3e4a20a742 The mtty driver does not currently conform to the vfio SET_IRQS uAPI. For example, it claims to support mask and unmask of INTx, but actually does nothing. It claims to support AUTOMASK for INTx, but doesn't. It fails to teardown eventfds under the full semantics specified by the SET_IRQS ioctl. It also fails to teardown eventfds when the device is closed, leading to memory leaks. It claims to support the request IRQ, but doesn't. Fix all these. A side effect of this is that QEMU will now report a warning: vfio <uuid>: Failed to set up UNMASK eventfd signaling for interrupt \ INTX-0: VFIO_DEVICE_SET_IRQS failure: Inappropriate ioctl for device The fact is that the unmask eventfd was never supported but quietly failed. mtty never honored the AUTOMASK behavior, therefore there was nothing to unmask. QEMU is verbose about the failure, but properly falls back to userspace unmasking. Fixes: 9d1a546c53b4 ("docs: Sample driver to demonstrate how to use Mediated device framework.") Reviewed-by: Cédric Le Goater <clg@redhat.com> Link: https://lore.kernel.org/r/20231016224736.2575718-2-alex.williamson@redhat.com Signed-off-by: Alex Williamson <alex.williamson@redhat.com> 2023-10-23T16:58:15Z Denys Zagorui dzagorui@cisco.com 2023-10-19T11:35:21Z urn:sha1:69a19170303ff2f802049be94cfcf62f714002a3 This modification doesn't change behaviour of the syscall_tp But such code is often used as a reference so it should be correct anyway Signed-off-by: Denys Zagorui <dzagorui@cisco.com> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Link: https://lore.kernel.org/bpf/20231019113521.4103825-1-dzagorui@cisco.com