1. 04 12月, 2014 1 次提交
  2. 23 9月, 2014 1 次提交
  3. 09 8月, 2014 1 次提交
  4. 01 8月, 2014 1 次提交
    • E
      mnt: Add tests for unprivileged remount cases that have found to be faulty · db181ce0
      Eric W. Biederman 提交于
      Kenton Varda <kenton@sandstorm.io> discovered that by remounting a
      read-only bind mount read-only in a user namespace the
      MNT_LOCK_READONLY bit would be cleared, allowing an unprivileged user
      to the remount a read-only mount read-write.
      
      Upon review of the code in remount it was discovered that the code allowed
      nosuid, noexec, and nodev to be cleared.  It was also discovered that
      the code was allowing the per mount atime flags to be changed.
      
      The first naive patch to fix these issues contained the flaw that using
      default atime settings when remounting a filesystem could be disallowed.
      
      To avoid this problems in the future add tests to ensure unprivileged
      remounts are succeeding and failing at the appropriate times.
      
      Cc: stable@vger.kernel.org
      Acked-by: NSerge E. Hallyn <serge.hallyn@ubuntu.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      db181ce0
  5. 18 7月, 2014 1 次提交
  6. 12 7月, 2014 1 次提交
    • S
      tools: selftests - create a separate hotplug target for full range test · ddddda9b
      Shuah Khan 提交于
      On some systems, hot-plug tests could hang forever waiting for cpu and
      memory to be ready to be offlined. A special hot-plug target is created
      to run full range of hot-plug tests. In default mode, hot-plug tests run
      in safe mode with a limited scope. In limited mode, cpu-hotplug test is
      run on a single cpu as opposed to all hotplug capable cpus, and memory
      hotplug test is run on 2% of hotplug capable memory instead of 10%. In
      addition to the above change, cpu-hotplug is chnged to change processor
      affinity to cpu 0 so it doesn't impact itself while the test runs.
      Signed-off-by: NShuah Khan <shuah.kh@samsung.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Michael Ellerman <michael@ellerman.id.au>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Frederic Weisbecker <fweisbec@gmail.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      ddddda9b
  7. 07 6月, 2014 1 次提交
    • K
      tools/testing/selftests/sysctl: validate sysctl_writes_strict · 24fe831c
      Kees Cook 提交于
      This adds several behavioral tests to sysctl string and number writing
      to detect unexpected cases that behaved differently when the sysctl
      kernel.sysctl_writes_strict != 1.
      
      [ original ]
          root@localhost:~# make test_num
          == Testing sysctl behavior against /proc/sys/kernel/domainname ==
          Writing test file ... ok
          Checking sysctl is not set to test value ... ok
          Writing sysctl from shell ... ok
          Resetting sysctl to original value ... ok
          Writing entire sysctl in single write ... ok
          Writing middle of sysctl after synchronized seek ... FAIL
          Writing beyond end of sysctl ... FAIL
          Writing sysctl with multiple long writes ... FAIL
          Writing entire sysctl in short writes ... FAIL
          Writing middle of sysctl after unsynchronized seek ... ok
          Checking sysctl maxlen is at least 65 ... ok
          Checking sysctl keeps original string on overflow append ... FAIL
          Checking sysctl stays NULL terminated on write ... ok
          Checking sysctl stays NULL terminated on overwrite ... ok
          make: *** [test_num] Error 1
          root@localhost:~# make test_string
          == Testing sysctl behavior against /proc/sys/vm/swappiness ==
          Writing test file ... ok
          Checking sysctl is not set to test value ... ok
          Writing sysctl from shell ... ok
          Resetting sysctl to original value ... ok
          Writing entire sysctl in single write ... ok
          Writing middle of sysctl after synchronized seek ... FAIL
          Writing beyond end of sysctl ... FAIL
          Writing sysctl with multiple long writes ... ok
          make: *** [test_string] Error 1
      
      [ with CONFIG_PROC_SYSCTL_STRICT_WRITES ]
          root@localhost:~# make run_tests
          == Testing sysctl behavior against /proc/sys/kernel/domainname ==
          Writing test file ... ok
          Checking sysctl is not set to test value ... ok
          Writing sysctl from shell ... ok
          Resetting sysctl to original value ... ok
          Writing entire sysctl in single write ... ok
          Writing middle of sysctl after synchronized seek ... ok
          Writing beyond end of sysctl ... ok
          Writing sysctl with multiple long writes ... ok
          Writing entire sysctl in short writes ... ok
          Writing middle of sysctl after unsynchronized seek ... ok
          Checking sysctl maxlen is at least 65 ... ok
          Checking sysctl keeps original string on overflow append ... ok
          Checking sysctl stays NULL terminated on write ... ok
          Checking sysctl stays NULL terminated on overwrite ... ok
          == Testing sysctl behavior against /proc/sys/vm/swappiness ==
          Writing test file ... ok
          Checking sysctl is not set to test value ... ok
          Writing sysctl from shell ... ok
          Resetting sysctl to original value ... ok
          Writing entire sysctl in single write ... ok
          Writing middle of sysctl after synchronized seek ... ok
          Writing beyond end of sysctl ... ok
          Writing sysctl with multiple long writes ... ok
      Signed-off-by: NKees Cook <keescook@chromium.org>
      Cc: Randy Dunlap <rdunlap@infradead.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      24fe831c
  8. 24 1月, 2014 1 次提交
  9. 14 8月, 2013 1 次提交
  10. 03 7月, 2013 1 次提交
    • F
      selftests: add basic posix timers selftests · 0bc4b0cf
      Frederic Weisbecker 提交于
      Add some initial basic tests on a few posix timers interface such as
      setitimer() and timer_settime().
      
      These simply check that expiration happens in a reasonable timeframe after
      expected elapsed clock time (user time, user + system time, real time,
      ...).
      
      This is helpful for finding basic breakages while hacking
      on this subsystem.
      Signed-off-by: NFrederic Weisbecker <fweisbec@gmail.com>
      Cc: Stanislaw Gruszka <sgruszka@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
      Cc: Olivier Langlois <olivier@trillion01.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      0bc4b0cf
  11. 25 5月, 2013 1 次提交
  12. 01 5月, 2013 2 次提交
  13. 21 3月, 2013 1 次提交
  14. 20 3月, 2013 2 次提交
    • W
      packet: packet fanout rollover during socket overload · 77f65ebd
      Willem de Bruijn 提交于
      Changes:
        v3->v2: rebase (no other changes)
                passes selftest
        v2->v1: read f->num_members only once
                fix bug: test rollover mode + flag
      
      Minimize packet drop in a fanout group. If one socket is full,
      roll over packets to another from the group. Maintain flow
      affinity during normal load using an rxhash fanout policy, while
      dispersing unexpected traffic storms that hit a single cpu, such
      as spoofed-source DoS flows. Rollover breaks affinity for flows
      arriving at saturated sockets during those conditions.
      
      The patch adds a fanout policy ROLLOVER that rotates between sockets,
      filling each socket before moving to the next. It also adds a fanout
      flag ROLLOVER. If passed along with any other fanout policy, the
      primary policy is applied until the chosen socket is full. Then,
      rollover selects another socket, to delay packet drop until the
      entire system is saturated.
      
      Probing sockets is not free. Selecting the last used socket, as
      rollover does, is a greedy approach that maximizes chance of
      success, at the cost of extreme load imbalance. In practice, with
      sufficiently long queues to absorb bursts, sockets are drained in
      parallel and load balance looks uniform in `top`.
      
      To avoid contention, scales counters with number of sockets and
      accesses them lockfree. Values are bounds checked to ensure
      correctness.
      
      Tested using an application with 9 threads pinned to CPUs, one socket
      per thread and sufficient busywork per packet operation to limits each
      thread to handling 32 Kpps. When sent 500 Kpps single UDP stream
      packets, a FANOUT_CPU setup processes 32 Kpps in total without this
      patch, 270 Kpps with the patch. Tested with read() and with a packet
      ring (V1).
      
      Also, passes psock_fanout.c unit test added to selftests.
      Signed-off-by: NWillem de Bruijn <willemb@google.com>
      Reviewed-by: NEric Dumazet <edumazet@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      77f65ebd
    • D
      net: Add socket() system call self test. · b0aa73bf
      David S. Miller 提交于
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b0aa73bf
  15. 28 2月, 2013 2 次提交
  16. 09 11月, 2012 1 次提交
    • A
      revert "epoll: support for disabling items, and a self-test app" · a80a6b85
      Andrew Morton 提交于
      Revert commit 03a7beb5 ("epoll: support for disabling items, and a
      self-test app") pending resolution of the issues identified by Michael
      Kerrisk, copied below.
      
      We'll revisit this for 3.8.
      
      : I've taken a look at this patch as it currently stands in 3.7-rc1, and
      : done a bit of testing. (By the way, the test program
      : tools/testing/selftests/epoll/test_epoll.c does not compile...)
      :
      : There are one or two places where the behavior seems a little strange,
      : so I have a question or two at the end of this mail. But other than
      : that, I want to check my understanding so that the interface can be
      : correctly documented.
      :
      : Just to go though my understanding, the problem is the following
      : scenario in a multithreaded application:
      :
      : 1. Multiple threads are performing epoll_wait() operations,
      :    and maintaining a user-space cache that contains information
      :    corresponding to each file descriptor being monitored by
      :    epoll_wait().
      :
      : 2. At some point, a thread wants to delete (EPOLL_CTL_DEL)
      :    a file descriptor from the epoll interest list, and
      :    delete the corresponding record from the user-space cache.
      :
      : 3. The problem with (2) is that some other thread may have
      :    previously done an epoll_wait() that retrieved information
      :    about the fd in question, and may be in the middle of using
      :    information in the cache that relates to that fd. Thus,
      :    there is a potential race.
      :
      : 4. The race can't solved purely in user space, because doing
      :    so would require applying a mutex across the epoll_wait()
      :    call, which would of course blow thread concurrency.
      :
      : Right?
      :
      : Your solution is the EPOLL_CTL_DISABLE operation. I want to
      : confirm my understanding about how to use this flag, since
      : the description that has accompanied the patches so far
      : has been a bit sparse
      :
      : 0. In the scenario you're concerned about, deleting a file
      :    descriptor means (safely) doing the following:
      :    (a) Deleting the file descriptor from the epoll interest list
      :        using EPOLL_CTL_DEL
      :    (b) Deleting the corresponding record in the user-space cache
      :
      : 1. It's only meaningful to use this EPOLL_CTL_DISABLE in
      :    conjunction with EPOLLONESHOT.
      :
      : 2. Using EPOLL_CTL_DISABLE without using EPOLLONESHOT in
      :    conjunction is a logical error.
      :
      : 3. The correct way to code multithreaded applications using
      :    EPOLL_CTL_DISABLE and EPOLLONESHOT is as follows:
      :
      :    a. All EPOLL_CTL_ADD and EPOLL_CTL_MOD operations should
      :       should EPOLLONESHOT.
      :
      :    b. When a thread wants to delete a file descriptor, it
      :       should do the following:
      :
      :       [1] Call epoll_ctl(EPOLL_CTL_DISABLE)
      :       [2] If the return status from epoll_ctl(EPOLL_CTL_DISABLE)
      :           was zero, then the file descriptor can be safely
      :           deleted by the thread that made this call.
      :       [3] If the epoll_ctl(EPOLL_CTL_DISABLE) fails with EBUSY,
      :           then the descriptor is in use. In this case, the calling
      :           thread should set a flag in the user-space cache to
      :           indicate that the thread that is using the descriptor
      :           should perform the deletion operation.
      :
      : Is all of the above correct?
      :
      : The implementation depends on checking on whether
      : (events & ~EP_PRIVATE_BITS) == 0
      : This replies on the fact that EPOLL_CTL_AD and EPOLL_CTL_MOD always
      : set EPOLLHUP and EPOLLERR in the 'events' mask, and EPOLLONESHOT
      : causes those flags (as well as all others in ~EP_PRIVATE_BITS) to be
      : cleared.
      :
      : A corollary to the previous paragraph is that using EPOLL_CTL_DISABLE
      : is only useful in conjunction with EPOLLONESHOT. However, as things
      : stand, one can use EPOLL_CTL_DISABLE on a file descriptor that does
      : not have EPOLLONESHOT set in 'events' This results in the following
      : (slightly surprising) behavior:
      :
      : (a) The first call to epoll_ctl(EPOLL_CTL_DISABLE) returns 0
      :     (the indicator that the file descriptor can be safely deleted).
      : (b) The next call to epoll_ctl(EPOLL_CTL_DISABLE) fails with EBUSY.
      :
      : This doesn't seem particularly useful, and in fact is probably an
      : indication that the user made a logic error: they should only be using
      : epoll_ctl(EPOLL_CTL_DISABLE) on a file descriptor for which
      : EPOLLONESHOT was set in 'events'. If that is correct, then would it
      : not make sense to return an error to user space for this case?
      
      Cc: Michael Kerrisk <mtk.manpages@gmail.com>
      Cc: "Paton J. Lewis" <palewis@adobe.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      a80a6b85
  17. 06 10月, 2012 1 次提交
  18. 31 7月, 2012 1 次提交
    • A
      fault-injection: add selftests for cpu and memory hotplug · d89dffa9
      Akinobu Mita 提交于
      This adds two selftests
      
      * tools/testing/selftests/cpu-hotplug/on-off-test.sh is testing script
      for CPU hotplug
      
      1. Online all hot-pluggable CPUs
      2. Offline all hot-pluggable CPUs
      3. Online all hot-pluggable CPUs again
      4. Exit if cpu-notifier-error-inject.ko is not available
      5. Offline all hot-pluggable CPUs in preparation for testing
      6. Test CPU hot-add error handling by injecting notifier errors
      7. Online all hot-pluggable CPUs in preparation for testing
      8. Test CPU hot-remove error handling by injecting notifier errors
      
      * tools/testing/selftests/memory-hotplug/on-off-test.sh is doing the
      similar thing for memory hotplug.
      
      1. Online all hot-pluggable memory
      2. Offline 10% of hot-pluggable memory
      3. Online all hot-pluggable memory again
      4. Exit if memory-notifier-error-inject.ko is not available
      5. Offline 10% of hot-pluggable memory in preparation for testing
      6. Test memory hot-add error handling by injecting notifier errors
      7. Online all hot-pluggable memory in preparation for testing
      8. Test memory hot-remove error handling by injecting notifier errors
      Signed-off-by: NAkinobu Mita <akinobu.mita@gmail.com>
      Suggested-by: NAndrew Morton <akpm@linux-foundation.org>
      Cc: Pavel Machek <pavel@ucw.cz>
      Cc: "Rafael J. Wysocki" <rjw@sisk.pl>
      Cc: Greg KH <greg@kroah.com>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: Michael Ellerman <michael@ellerman.id.au>
      Cc: Dave Jones <davej@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      d89dffa9
  19. 01 6月, 2012 2 次提交
    • C
      syscalls, x86: add __NR_kcmp syscall · d97b46a6
      Cyrill Gorcunov 提交于
      While doing the checkpoint-restore in the user space one need to determine
      whether various kernel objects (like mm_struct-s of file_struct-s) are
      shared between tasks and restore this state.
      
      The 2nd step can be solved by using appropriate CLONE_ flags and the
      unshare syscall, while there's currently no ways for solving the 1st one.
      
      One of the ways for checking whether two tasks share e.g.  mm_struct is to
      provide some mm_struct ID of a task to its proc file, but showing such
      info considered to be not that good for security reasons.
      
      Thus after some debates we end up in conclusion that using that named
      'comparison' syscall might be the best candidate.  So here is it --
      __NR_kcmp.
      
      It takes up to 5 arguments - the pids of the two tasks (which
      characteristics should be compared), the comparison type and (in case of
      comparison of files) two file descriptors.
      
      Lookups for pids are done in the caller's PID namespace only.
      
      At moment only x86 is supported and tested.
      
      [akpm@linux-foundation.org: fix up selftests, warnings]
      [akpm@linux-foundation.org: include errno.h]
      [akpm@linux-foundation.org: tweak comment text]
      Signed-off-by: NCyrill Gorcunov <gorcunov@openvz.org>
      Acked-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      Cc: Pavel Emelyanov <xemul@parallels.com>
      Cc: Andrey Vagin <avagin@openvz.org>
      Cc: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Glauber Costa <glommer@parallels.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Matt Helsley <matthltc@us.ibm.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: Eric Dumazet <eric.dumazet@gmail.com>
      Cc: Vasiliy Kulikov <segoon@openwall.com>
      Cc: Alexey Dobriyan <adobriyan@gmail.com>
      Cc: Valdis.Kletnieks@vt.edu
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Frederic Weisbecker <fweisbec@gmail.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      d97b46a6
    • D
      selftests: add mq_open_tests · 50069a58
      Doug Ledford 提交于
      Add a directory to house POSIX message queue subsystem specific tests.
      Add first test which checks the operation of mq_open() under various
      corner conditions.
      Signed-off-by: NDoug Ledford <dledford@redhat.com>
      Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
      Cc: Doug Ledford <dledford@redhat.com>
      Cc: Joe Korty <joe.korty@ccur.com>
      Cc: Amerigo Wang <amwang@redhat.com>
      Cc: Serge E. Hallyn <serue@us.ibm.com>
      Cc: Jiri Slaby <jslaby@suse.cz>
      Cc: Manfred Spraul <manfred@colorfullife.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      50069a58
  20. 29 3月, 2012 3 次提交
  21. 13 1月, 2012 2 次提交