summaryrefslogtreecommitdiff
path: root/tools
AgeCommit message (Collapse)Author
2026-05-04kunit: qemu_configs: Add or1k / openrisc configurationThomas Weißschuh
Add a basic configuration to run kunit tests on or1k / openrisc. Link: https://lore.kernel.org/r/20260427-kunit-or1k-v1-2-9d3109e991e8@weissschuh.net Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Reviewed-by: David Gow <david@davidgow.net> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
2026-05-04Merge tag 'v7.1-rc2' into nolibc/for-nextThomas Weißschuh
Pick up commit b0aa5e4b087b ("sh: Fix fallout from ZERO_PAGE consolidation") to fix the sh4 selftests. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
2026-05-03tools/nolibc: add support for 32-bit pariscThomas Weißschuh
Extend nolibc to target the 32-bit parisc architecture. 64-bit is not yet supported. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch/msgid.link/20260428-nolibc-hppa-v5-2-d843d573111a@weissschuh.net
2026-05-03selftests/nolibc: avoid function pointer comparisonsThomas Weißschuh
The upcoming parisc support would require libgcc to implement function pointer comparisons. As we try to avoid the libgcc dependency rework the logic to work without such comparisons. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260428-nolibc-hppa-v5-1-d843d573111a@weissschuh.net
2026-05-03tools/nolibc: add support for OpenRISC / or1kThomas Weißschuh
Add support for OpenRISC / or1k to nolibc. _start() uses the same wrapper construct as in arch-sh.h. libgcc is necessary as OpenRISC is missing 64-bit multiplication. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Stafford Horne <shorne@gmail.com> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-openrisc-v2-1-8d7d7a2f3fec@weissschuh.net
2026-05-03selftests/nolibc: use vmlinux for MIPS testsThomas Weißschuh
QEMU for MIPS can also load 'vmlinux'. Slim down the table by using that from the fallback. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-qemu-arch-v1-7-a2ca07eab297@weissschuh.net
2026-05-03selftests/nolibc: trim IMAGE mappingsThomas Weißschuh
For many configurations QEMU_ARCH is simply 'vmlinux'. Slim down the table by automatically falling back to 'vmlinux'. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-qemu-arch-v1-6-a2ca07eab297@weissschuh.net
2026-05-03selftests/nolibc: trim DEFCONFIG mappingsThomas Weißschuh
For many configurations DEFCONFIG is simply 'defconfig'. Slim down the table by automatically falling back to 'defconfig'. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-qemu-arch-v1-5-a2ca07eab297@weissschuh.net
2026-05-03selftests/nolibc: trim QEMU_ARCH mappingsThomas Weißschuh
For many configurations QEMU_ARCH is the same as XARCH. Slim down the table by automatically falling back to XARCH. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-qemu-arch-v1-4-a2ca07eab297@weissschuh.net
2026-05-03selftests/nolibc: use QEMU_ARCH for QEMU_ARCH_USERThomas Weißschuh
The current logic forces the XARCH to QEMU_ARCH mapping to contain entries for all architectures. This will change. To avoid duplication of that logic, reuse the already computed QEMU_ARCH variable. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-qemu-arch-v1-3-a2ca07eab297@weissschuh.net
2026-05-03selftests/nolibc: drop riscv configurationThomas Weißschuh
The riscv configuration is just a duplication of the riscv64 one. Remove it. Passing ARCH=riscv will be rerouted to riscv64 anyways. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-qemu-arch-v1-2-a2ca07eab297@weissschuh.net
2026-05-03selftests/nolibc: align QEMU_ARCH_mips32beThomas Weißschuh
The variable is slightly misaligned. Fix that. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260429-nolibc-qemu-arch-v1-1-a2ca07eab297@weissschuh.net
2026-05-02selftests: tls: add test for data loss on small pipeJakub Kicinski
Add selftest for data loss on short splice. Link: https://patch.msgid.link/20260429222944.2139041-3-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-02selftests/tc-testing: Add tests that force red and sfb to dequeue from ↵Victor Nogueira
child's gso_skb Create 4 test cases: - Force red to dequeue from its child's gso_skb with qfq leaf - Force sfb to dequeue from its child's gso_skb with qfq leaf - Force red to dequeue from its child's gso_skb with dualpi2 leaf - Force sfb to dequeue from its child's gso_skb with dualpi2 leaf All of them have tbf followed by red (or sfb) followed by qfq (or dualpi2). Since tbf calls its child's peek followed by qdisc_dequeue_peeked, it will force red/sfb to call their child's peek. In this case, since the child (qfq/dualpi2) has qdisc_peek_dequeued as its peek callback, the packet will be stored in its gso_skb queue. During the subsequent call to qdisc_dequeue_peeked, red/sfb will have to dequeue from the child's gso_skb to retrieve the packet. Not doing so will cause a NULL ptr deref which was happening before a recent fix. Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Signed-off-by: Victor Nogueira <victor@mojatatu.com> Link: https://patch.msgid.link/20260430152957.194015-4-jhs@mojatatu.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-02tools/headers: Regenerate stddef.h to fix BPF selftestsPaul Chaignon
With commit dacbfc167808 ("crypto: af_alg - Annotate struct af_alg_iv with __counted_by"), two selftests, test_tag and crypto_sanity, now indirectly rely on the __counted_by macro. On systems with commit dacbfc167808 in the installed UAPI headers, the selftests build fails with: In file included from tools/testing/selftests/bpf/prog_tests/crypto_sanity.c:7: /usr/include/linux/if_alg.h:45:22: error: expected ‘:’, ‘,’, ‘;’, ‘}’ or ‘__attribute__’ before ‘__counted_by’ 45 | __u8 iv[] __counted_by(ivlen); | ^~~~~~~~~~~~ This patch fixes it by regenerating stddef.h in tools/include using the instructions from commit a778f5d46b62 ("tools/headers: Pull in stddef.h to uapi to fix BPF selftests build in CI"). Fixes: dacbfc167808 ("crypto: af_alg - Annotate struct af_alg_iv with __counted_by") Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com> Reviewed-by: Alan Maguire <alan.maguire@oracle.com> Tested-by: Ihor Solodrai <ihor.solodrai@linux.dev> Link: https://lore.kernel.org/r/8da8ef16055aa452d940668ed5359ce54adc6b0b.1777715500.git.paul.chaignon@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-05-01selftest: net: Add test for TCP flow failover with ECMP routes.Kuniyuki Iwashima
Without the previous commit, TCP failed to switch to alternative IPv6 routes immediately upon carrier loss. It would persist with the dead route until reaching the threshold net.ipv4.tcp_retries1, leading to unnecessary delays in failover. Let's add a selftest for this scenario to ensure TCP fails over immediately upon a carrier loss event. Before: TEST: TCP IPv4 failover [ OK ] TEST: TCP IPv6 failover [FAIL] After: TEST: TCP IPv4 failover [ OK ] TEST: TCP IPv6 failover [ OK ] Signed-off-by: Kuniyuki Iwashima <kuniyu@google.com> Signed-off-by: Sagarika Sharma <sharmasagarika@google.com> Link: https://patch.msgid.link/20260430200909.527827-3-sharmasagarika@google.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-01selftests: drv-net: Enable ntuple-filters if supportedDimitri Daskalakis
Certain devices which support ntuple-filters do not enable the feature by default. The existing tests will skip (if they check for the feature), or fail if they blindly attempt to install rules. Therefore, attempt to turn on ntuple-filters if the device supports them. Signed-off-by: Dimitri Daskalakis <daskald@meta.com> Reviewed-by: Joe Damato <joe@dama.to> Link: https://patch.msgid.link/20260430165217.3700469-1-dimitri.daskalakis1@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-01Merge tag 'arm64-fixes' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Catalin Marinas: - Avoid writing an uninitialised stack variable to POR_EL0 on sigreturn if the poe_context record is absent - Reserve one more page for the early 4K-page kernel mapping to cover the extra [_text, _stext) split introduced by the non-executable read-only mapping - Force the arch_local_irq_*() wrappers to be __always_inline so that noinstr entry and idle paths cannot call out-of-line, instrumentable copies - Fix potential sign extension in the arm64 SCS unwinder's DWARF advance_loc4 decoding - Tolerate arm64 ACPI platforms with only WFI and no deeper PSCI idle states, restoring cpuidle registration on such systems - Include the UAPI <asm/ptrace.h> header in the arm64 GCS libc test rather than carrying a duplicate struct user_gcs definition (the original #ifdef NT_ARM_GCS was wrong to cover the structure definition as it would be masked out if the toolchain defined it) * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: signal: Preserve POR_EL0 if poe_context is missing arm64: Reserve an extra page for early kernel mapping kselftest/arm64: Include <asm/ptrace.h> for user_gcs definition ACPI: arm64: cpuidle: Tolerate platforms with no deep PSCI idle states arm64/irqflags: __always_inline the arch_local_irq_*() helpers arm64/scs: Fix potential sign extension issue of advance_loc4
2026-05-01selftests/rseq: Don't run tests with runner scripts outside of the scriptsMark Brown
The rseq selftests include two runner scripts run_param_test.sh and run_syscall_errors_test.sh which set up the environment for test binaries and run them with various parameters. Currently we list these test binaries in TEST_GEN_PROGS but this results in the kselftest framework running them directly as well as via the runners, resulting in duplication and spurious failures when the environment is not correctly set up (eg, if glibc tries to use rseq). Move the binaries the runners invoke to TEST_GEN_PROGS_EXTENDED, binaries listed there are built but not run by the framework. The param_test benchmarks are not moved since they are not run by run_param_test.sh. Fixes: 830969e7821a ("selftests/rseq: Implement time slice extension test") Signed-off-by: Mark Brown <broonie@kernel.org> Signed-off-by: Thomas Gleixner <tglx@kernel.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://patch.msgid.link/20260423-selftests-rseq-use-runner-v1-1-e13a133754c1@kernel.org Cc: stable@vger.kernel.org
2026-05-01Merge tag 'mm-hotfixes-stable-2026-04-30-15-39' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull MM fixes from Andrew Morton: "20 hotfixes. All are for MM (and for MMish maintainers). 9 are cc:stable and the remainder are for post-7.0 issues or aren't deemed suitable for backporting. There are two DAMON series from SeongJae Park which address races which could lead to use-after-free errors, and avoid the possibility of presenting stale parameter values to users" * tag 'mm-hotfixes-stable-2026-04-30-15-39' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: mm: memcontrol: fix rcu unbalance in get_non_dying_memcg_end() mm/userfaultfd: detect VMA type change after copy retry in mfill_copy_folio_retry() MAINTAINERS: remove stale kdump project URL mm/damon/stat: detect and use fresh enabled value mm/damon/lru_sort: detect and use fresh enabled and kdamond_pid values mm/damon/reclaim: detect and use fresh enabled and kdamond_pid values selftests/mm: specify requirement for PROC_MEM_ALWAYS_FORCE=y mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock MAINTAINERS: update Li Wang's email address MAINTAINERS, mailmap: update email address for Qi Zheng MAINTAINERS: update Liam's email address mm/hugetlb_cma: round up per_node before logging it MAINTAINERS: fix regex pattern in CORE MM category mm/vma: do not try to unmap a VMA if mmap_prepare() invoked from mmap() mm: start background writeback based on per-wb threshold for strictlimit BDIs kho: fix error handling in kho_add_subtree() liveupdate: fix return value on session allocation failure mailmap: update entry for Dan Carpenter vmalloc: fix buffer overflow in vrealloc_node_align()
2026-05-01kselftest/arm64: Include <asm/ptrace.h> for user_gcs definitionLeo Yan
kselftest includes kernel uAPI headers with option: -isystem $(top_srcdir)/usr/include Include <asm/ptrace.h> in libc-gcs.c for the definition of struct user_gcs from the uAPI headers, and remove the redundant definition in gcs-util.h. This fixes a compilation error on systems where the toolchain defines NT_ARM_GCS. Fixes: a505a52b4e29 ("kselftest/arm64: Add a GCS test program built with the system libc") Signed-off-by: Leo Yan <leo.yan@arm.com> Reviewed-by: Mark Brown <broonie@kernel.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2026-04-30selftests/net: packetdrill: add tcp_syncookies_ip[46]_9kEric Dumazet
These tests check syncookie mode is able to reconstruct some client options when TCP TS are used: - wscale option. - sackOK. - MSS (in a limited way, especially for IPv4). - ECN : not enabled. Note that IPv4 and IPv6 have different msstab[] values: IPv4 msstab[4] = { 536, 1300, 1440, 1460 } IPv6 msstab[4] = { 1280 - 60, 1480 - 60, 1500 - 60, 9000 - 60 } IPv4 is currently capping SND_MSS to 1460, even on a 9K MTU network. Signed-off-by: Eric Dumazet <edumazet@google.com> Reviewed-by: Neal Cardwell <ncardwell@google.com> Link: https://patch.msgid.link/20260430021444.2929534-1-edumazet@google.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-04-30selftests: net: Add tests for ARP probe and DAD NS handlingDanielle Ratson
Add test cases to verify that ARP probes and DAD Neighbor Solicitations are handled correctly by the bridge neighbor suppression feature. When neighbor suppression is enabled on a bridge VXLAN port, the bridge should reply to ARP/NS messages on behalf of remote hosts when both FDB and neighbor entries exist, and the answer is known. However, when either the FDB or the neighbor exists, ARP probes / DAD NS should be treated like regular ARP requests / NS and flood to VXLAN. Add two new test functions: neigh_suppress_arp_probe(): Tests ARP probe handling by triggering duplicate address detection using arping -D. Verifies that probes are flooded when the bridge doesn't know the answer, and suppressed when FDB and neighbor entries exist. neigh_suppress_dad_ns(): Tests DAD NS handling by constructing DAD NS packets using mausezahn and verifies correct flooding/suppression behavior. Before the previous patch: $ ./test_bridge_neigh_suppress.sh -t "neigh_suppress_arp_probe neigh_suppress_dad_ns" Per-port ARP probe suppression ------------------------------ TEST: ARP probe suppression [ OK ] TEST: "neigh_suppress" is on [ OK ] TEST: ARP probe suppression [FAIL] TEST: FDB and neighbor entry installation [ OK ] TEST: arping [FAIL] TEST: ARP probe suppression [FAIL] TEST: neighbor removal [ OK ] TEST: ARP probe suppression [FAIL] TEST: "neigh_suppress" is off [ OK ] TEST: ARP probe suppression [FAIL] Per-port DAD NS suppression --------------------------- TEST: DAD NS suppression [ OK ] TEST: "neigh_suppress" is on [ OK ] TEST: DAD NS suppression [FAIL] TEST: FDB and neighbor entry installation [ OK ] TEST: DAD NS suppression [FAIL] TEST: neighbor removal [ OK ] TEST: DAD NS suppression [FAIL] TEST: DAD NS proxy NA reply [FAIL] TEST: "neigh_suppress" is off [ OK ] TEST: DAD NS suppression [FAIL] Tests passed: 10 Tests failed: 10 After the previous patch: $ ./test_bridge_neigh_suppress.sh -t "neigh_suppress_arp_probe neigh_suppress_dad_ns" Per-port ARP probe suppression ------------------------------ TEST: ARP probe suppression [ OK ] TEST: "neigh_suppress" is on [ OK ] TEST: ARP probe suppression [ OK ] TEST: FDB and neighbor entry installation [ OK ] TEST: arping [ OK ] TEST: ARP probe suppression [ OK ] TEST: neighbor removal [ OK ] TEST: ARP probe suppression [ OK ] TEST: "neigh_suppress" is off [ OK ] TEST: ARP probe suppression [ OK ] Per-port DAD NS suppression --------------------------- TEST: DAD NS suppression [ OK ] TEST: "neigh_suppress" is on [ OK ] TEST: DAD NS suppression [ OK ] TEST: FDB and neighbor entry installation [ OK ] TEST: DAD NS suppression [ OK ] TEST: neighbor removal [ OK ] TEST: DAD NS suppression [ OK ] TEST: DAD NS proxy NA reply [ OK ] TEST: "neigh_suppress" is off [ OK ] TEST: DAD NS suppression [ OK ] Tests passed: 20 Tests failed: 0 Signed-off-by: Danielle Ratson <danieller@nvidia.com> Acked-by: Nikolay Aleksandrov <razor@blackwall.org> Link: https://patch.msgid.link/20260429062405.1386417-3-danieller@nvidia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-04-30Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski
Cross-merge networking fixes after downstream PR (net-7.1-rc2). No conflicts, or adjacent changes. Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-04-30PM: tools: pm-graph: fix ValueError when parsing incomplete device propertiesGongwei Li
When parsing device properties from ftrace data, the devprops() function assumes that each line has at least three fields and that the third field (f[2]) always contains a valid integer. However, due to incomplete or corrupted ftrace logs, f[2] may be missing, empty, or non-existent. This can lead to the following error: Traceback (most recent call last): File "../sleepgraph.py", line 7142, in <module> stamp = rerunTest(sysvals.outdir) File "../sleepgraph.py", line 6255, in rerunTest testruns, stamp = processData() File "../sleepgraph.py", line 6181, in processData testruns, error = parseTraceLog(live) File "../sleepgraph.py", line 3470, in parseTraceLog tp, tf = loadTraceLog() File "../sleepgraph.py", line 3398, in loadTraceLog if tp.stampInfo(line, sysvals): File "../sleepgraph.py", line 3073, in stampInfo self.parsePlatformInfo(line, sv) File "../sleepgraph.py", line 3177, in parsePlatformInfo sv.devprops = self.devprops(sv.b64unzip(info)) File "../sleepgraph.py", line 3158, in devprops if int(f[2]): ValueError: invalid literal for int() with base 10: '' To prevent this crash, add proper validation before accessing. Signed-off-by: Gongwei Li <ligongwei@kylinos.cn> Acked-by: Todd Brandt <todd.e.brandt@intel.com> [ rjw: Subject tweak ] Link: https://patch.msgid.link/20260424071208.3610628-1-13875017792@163.com Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2026-04-30Merge tag 'net-7.1-rc2' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "Including fixes from netfilter. Current release - regressions: - ipmr: free mr_table after RCU grace period. Previous releases - regressions: - core: add net_iov_init() and use it to initialize ->page_type - sched: taprio: fix NULL pointer dereference in class dump - netfilter: nf_tables: - use list_del_rcu for netlink hooks - fix strict mode inbound policy matching - tcp: make probe0 timer handle expired user timeout - vrf: fix a potential NPD when removing a port from a VRF - eth: ice: - fix NULL pointer dereference in ice_reset_all_vfs() - fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw Previous releases - always broken: - page_pool: fix memory-provider leak in error path - sched: sch_cake: annotate data-races in cake_dump_stats() - mptcp: fix scheduling with atomic in timestamp sockopt - psp: check for device unregister when creating assoc - tls: fix strparser anchor skb leak on offload RX setup failure - eth: - stmmac: prevent NULL deref when RX memory exhausted - airoha: do not read uninitialized fragment address - rtl8150: fix use-after-free in rtl8150_start_xmit() Misc: - add Ido Schimmel as IPv4/IPv6 maintainer - add David Heidelberg as NFC subsystem maintainer" * tag 'net-7.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (79 commits) net/sched: cls_flower: revert unintended changes sfc: fix error code in efx_devlink_info_running_versions() net: tls: fix strparser anchor skb leak on offload RX setup failure ice: add dpll peer notification for paired SMA and U.FL pins ice: fix missing dpll notifications for SW pins dpll: export __dpll_pin_change_ntf() for use under dpll_lock ice: fix SMA and U.FL pin state changes affecting paired pin ice: fix missing SMA pin initialization in DPLL subsystem ice: fix infinite recursion in ice_cfg_tx_topo via ice_init_dev_hw ice: fix NULL pointer dereference in ice_reset_all_vfs() iavf: add VIRTCHNL_OP_ADD_VLAN to success completion handler iavf: wait for PF confirmation before removing VLAN filters iavf: stop removing VLAN filters from PF on interface down iavf: rename IAVF_VLAN_IS_NEW to IAVF_VLAN_ADDING page_pool: fix memory-provider leak in page_pool_create_percpu() error path bonding: 3ad: implement proper RCU rules for port->aggregator net: airoha: Do not return err in ndo_stop() callback hv_sock: fix ARM64 support MAINTAINERS: update the IPv4/IPv6 entry and add Ido Schimmel selftests: drv-net: clarify linters and frameworks in README ...
2026-04-30selftests/bpf: Test insns processed breakdownPaul Chaignon
This patch covers in global subprog selftests the new verifier log with the breakdown of instructions processed by global subprogs. The test ensures the log line is present and that it has the right number of subcounts. Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com> Link: https://lore.kernel.org/bpf/3a5157f4573edaa8846f6fc4041f715136f693b1.1777538384.git.paul.chaignon@gmail.com Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
2026-04-30net/tcp-ao: Use crypto library API instead of crypto_ahashEric Biggers
Currently the kernel's TCP-AO implementation does the MAC and KDF computations using the crypto_ahash API. This API is inefficient and difficult to use, and it has required extensive workarounds in the form of per-CPU preallocated objects (tcp_sigpool) to work at all. Let's use lib/crypto/ instead. This means switching to straightforward stack-allocated structures, virtually addressed buffers, and direct function calls. It also means removing quite a bit of error handling. This makes TCP-AO quite a bit faster. This also enables many additional cleanups, which later commits will handle: removing tcp-sigpool, removing support for crypto_tfm cloning, removing more error handling, and replacing more dynamically-allocated buffers with stack buffers based on the now-statically-known limits. Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Link: https://patch.msgid.link/20260427172727.9310-3-ebiggers@kernel.org Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-04-30net/tcp-ao: Drop support for most non-RFC-specified algorithmsEric Biggers
RFC 5926 (https://datatracker.ietf.org/doc/html/rfc5926) specifies the use of AES-128-CMAC and HMAC-SHA1 with TCP-AO. This includes a specification for how traffic keys shall be derived for each algorithm. Support for any other algorithms with TCP-AO isn't standardized, though an expired Internet Draft (a work-in-progress document, not a standard) from 2019 does propose adding HMAC-SHA256 support: https://datatracker.ietf.org/doc/html/draft-nayak-tcp-sha2-03 Since both documents specify the KDF for each algorithm individually, it isn't necessarily clear how any other algorithm should be integrated. Nevertheless, the Linux implementation of TCP-AO allows userspace to specify the MAC algorithm as a string tcp_ao_add::alg_name naming either "cmac(aes128)" or an arbitrary algorithm in the crypto_ahash API. The set of valid strings is undocumented. The implementation assumes that "cmac(aes128)" is the only algorithm that requires an entropy extraction step and that all algorithms accept keys with length equal to the untruncated MAC; thus, arbitrary HMAC algorithms probably do work, but some other MAC algorithms like AES-256-CMAC have never actually worked. Unfortunately, this undocumented string allows many obsolete, insecure, or redundant algorithms. For example, "hmac(md5)" and the non-cryptographic "crc32" are accepted. It also ties the implementation to crypto_ahash and requires that most memory be dynamically allocated, making the implementation unnecessarily complex and inefficient. Still furthermore, this implementation requires the crypto API to support "transformation cloning", whose only user is this feature. Fortunately, it's very likely that only a few algorithms are actually used in practice. Let's restrict the set of allowed algorithms to "cmac(aes128)" (or "cmac(aes)" with keylen=16), "hmac(sha1)", and "hmac(sha256)". The first two are the actually standard ones, while HMAC-SHA256 seems like a reasonable algorithm to continue supporting as a Linux extension, considering the Internet Draft for it and the fact that SHA-256 is the usual choice of upgrade from the outdated SHA-1. If any other algorithm ever turns out to be needed, e.g. HMAC-SHA512, it can of course be (re-)added in library form. However, note that the TCP options space limits TCP-AO MACs to 20 bytes (160 bits) anyway, which limits the potential benefit of any further upgrade to the algorithm. Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Link: https://patch.msgid.link/20260427172727.9310-2-ebiggers@kernel.org Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-04-29selftests: drv-net: rss: add case for field config on RSS contextJakub Kicinski
We had some issues with a suspected traffic imbalance on an RSS context. Make sure the tests cover the RXFH field selection vs additional contexts. Tested-by: Pavan Chebbi <pavan.chebbi@broadcom.com> Link: https://patch.msgid.link/20260428203624.1224387-1-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-04-29selftests: drv-net: clarify linters and frameworks in READMEJakub Kicinski
Minor clarifications in the README: - call out what linters we expect to be clean - make it clear that by "frameworks" we mean code under lib/ not just factoring code out in the same file Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-04-29tools/sched_ext: scx_qmap: Port to cid-form struct_opsTejun Heo
Flip qmap's struct_ops to bpf_sched_ext_ops_cid. The kernel now passes cids and cmasks to callbacks directly, so the per-callback cpu<->cid translations that the prior patch added drop out and cpu_ctxs[] is reindexed by cid. Cpu-form kfunc calls switch to their cid-form counterparts. The cpu-only kfuncs (idle/any pick, cpumask iteration) have no cid substitute. Their callers already moved to cmask scans against qa_idle_cids and taskc->cpus_allowed in the prior patch, so the kfunc calls drop here without behavior changes. set_cmask is wired up via cmask_copy_from_kernel() to copy the kernel-supplied cmask into the arena-resident taskc cmask. The cpuperf monitor iterates the cid-form perf kfuncs. v4: Match scx_bpf_cid_override()'s 2-arg form, drop the shard test plumbing, bound nr_cpu_ids for the verifier, and switch mode 3 from bad-mono to bad-range (Changwoo, Andrea). Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29tools/sched_ext: scx_qmap: Add cmask-based idle tracking and cid-based idle pickTejun Heo
Switch qmap's idle-cpu picker from scx_bpf_pick_idle_cpu() to a BPF-side bitmap scan, still under cpu-form struct_ops. qa_idle_cids tracks idle cids (updated in update_idle / cpu_offline) and each task's taskc->cpus_allowed tracks its allowed cids (built in set_cpumask / init_task); select_cpu / enqueue scan the intersection for an idle cid. Callbacks translate cpu <-> cid on entry; cid-qmap-port drops those translations. The scan is barebone - no core preference or other topology-aware picks like the in-kernel picker - but qmap is a demo and this is enough to exercise the plumbing. v3: qmap_init() refuses to load when nr_cids exceeds SCX_QMAP_MAX_CPUS; task_ctx's flex array would otherwise overflow into the next slab entry. (Sashiko) Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29tools/sched_ext: scx_qmap: Restart on hotplug instead of cpu_online/offlineTejun Heo
The cid mapping is built from the online cpu set at scheduler enable and stays valid for that set; routine hotplug invalidates it. The default cid behavior is to restart the scheduler so the mapping gets rebuilt against the new online set, and that requires not implementing cpu_online / cpu_offline (which suppress the kernel's ACT_RESTART). Drop the two ops along with their print_cpus() helper - the cluster view was only useful as a hotplug demo and is meaningless over the dense cid space the scheduler will move to. Wire main() to handle the ACT_RESTART exit by reopening the skel and reattaching, matching the pattern in scx_simple / scx_central / scx_flatcg etc. Reset optind so getopt re-parses argv into the fresh skel rodata each iteration. Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29sched_ext: Add bpf_sched_ext_ops_cid struct_ops typeTejun Heo
cpumask is awkward from BPF and unusable from arena; cid/cmask work in both. Sub-sched enqueue will need cmask. Without a full cid interface, schedulers end up mixing forms - a subtle-bug factory. Add sched_ext_ops_cid, which mirrors sched_ext_ops with cid/cmask replacing cpu/cpumask in the topology-carrying callbacks. cpu_acquire/cpu_release are deprecated and absent; a prior patch moved them past @priv so the cid-form can omit them without disturbing shared-field offsets. The two structs share byte-identical layout up to @priv, so the existing bpf_scx init/check hooks, has_op bitmap, and scx_kf_allow_flags[] are offset-indexed and apply to both. BUILD_BUG_ON in scx_init() pins the shared-field and renamed-callback offsets so any future drift trips at boot. The kernel<->BPF boundary translates between cpu and cid: - A static key, enabled on cid-form sched load, gates the translation so cpu-form schedulers pay nothing. - dispatch, update_idle, cpu_online/offline and dump_cpu translate the cpu arg at the callsite. - select_cpu also translates the returned cid back to a cpu. - set_cpumask is wrapped to synthesize a cmask in a per-cpu scratch before calling the cid-form callback. All scheds in a hierarchy share one form. The static key drives the hot-path branch. v2: Use struct_size() for the set_cmask_scratch percpu alloc. Move cid-shard fields and assertions into the later cid-shard patch. v3: Drop `static` on scx_set_cmask_scratch; add extern in ext_internal.h. Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29sched_ext: Add cid-form kfunc wrappers alongside cpu-formTejun Heo
cpumask is awkward from BPF and unusable from arena; cid/cmask work in both. Sub-sched enqueue will need cmask. Without full cid coverage a scheduler has to mix cid and cpu forms, which is a subtle-bug factory. Close the gap with a cid-native interface. Pair every cpu-form kfunc that takes a cpu id with a cid-form equivalent (kick, task placement, cpuperf query/set, per-cpu current task, nr-cpu-ids). Add two cid-natives with no cpu-form sibling: scx_bpf_this_cid() (cid of the running cpu, scx equivalent of bpf_get_smp_processor_id) and scx_bpf_nr_online_cids(). scx_bpf_cpu_rq is deprecated; no cid-form counterpart. NUMA node info is reachable via scx_bpf_cid_topo() on the BPF side. Each cid-form wrapper is a thin cid -> cpu translation that delegates to the cpu path, registered in the same context sets so usage constraints match. Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29sched_ext: Add cmask, a base-windowed bitmap over cid spaceTejun Heo
Sub-scheduler code built on cids needs bitmaps scoped to a slice of cid space (e.g. the idle cids of a shard). A cpumask sized for NR_CPUS wastes most of its bits for a small window and is awkward in BPF. scx_cmask covers [base, base + nr_bits). bits[] is aligned to the global 64-cid grid: bits[0] spans [base & ~63, (base & ~63) + 64). Any two cmasks therefore address bits[] against the same global windows, so cross-cmask word ops reduce to dest->bits[i] OP= operand->bits[i - delta] with no bit-shifting, at the cost of up to one extra storage word for head misalignment. This alignment guarantee is the reason binary ops can stay word-level; every mutating helper preserves it. Kernel side in ext_cid.[hc]; BPF side in tools/sched_ext/include/scx/ cid.bpf.h. BPF side drops the scx_ prefix (redundant in BPF code) and adds the extra helpers that basic idle-cpu selection needs. No callers yet. v2: Narrow to helpers that will be used in the planned changes; set/bit/find/zero ops will be added as usage develops. v3: cmask_copy_from_kernel: validate src->base == 0 via probe-read; bit-level nr_bits check instead of round-up word count. (Sashiko) v4: Bump CMASK_CAS_TRIES to 1<<23 so abort fires only after seconds of real spinning, not on plausible contention. Switch __builtin_ctzll() to the ctzll() wrapper for clang compat (Changwoo). Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29tools/sched_ext: Add struct_size() helpers to common.bpf.hTejun Heo
Add flex_array_size(), struct_size() and struct_size_t() to scx/common.bpf.h so BPF schedulers can size flex-array-containing structs the same way kernel code does. These are abbreviated forms of the <linux/overflow.h> macros. v3: Use offsetof() instead of sizeof() in struct_size() to match kernel semantics (no inflation from trailing struct padding). (Sashiko) Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29sched_ext: Add scx_bpf_cid_override() kfuncTejun Heo
The auto-probed cid mapping reflects the kernel's view of topology (node -> LLC -> core), but a BPF scheduler may want a different layout - to align cid slices with its own partitioning, or to work around how the kernel reports a particular machine. Add scx_bpf_cid_override(), callable from ops.init() of the root scheduler. It validates the caller-supplied cpu->cid array and replaces the in-place mapping; topo info is invalidated. A compat.bpf.h wrapper silently no-ops on kernels that lack the kfunc. A new SCX_KF_ALLOW_INIT bit in the kfunc context filter restricts the kfunc to ops.init() at verifier load time. Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com>
2026-04-29sched_ext: Add topological CPU IDs (cids)Tejun Heo
Raw cpu numbers are clumsy for sharding and cross-sched communication, especially from BPF. The space is sparse, numerical closeness doesn't track topological closeness (x86 hyperthreading often scatters SMT siblings), and a range of cpu ids doesn't describe anything meaningful. Sub-sched support makes this acute: cpu allocation, revocation, and state constantly flow across sub-scheds. Passing whole cpumasks scales poorly (every op scans 4K bits) and cpumasks are awkward in BPF. cids assign every cpu a dense, topology-ordered id. CPUs sharing a core, LLC, or NUMA node occupy contiguous cid ranges, so a topology unit becomes a (start, length) slice. Communication passes slices; BPF can process a u64 word of cids at a time. Build the mapping once at root enable by walking online cpus node -> LLC -> core. Possible-but-not-online cpus tail the space with no-topo cids. Expose kfuncs to map cpu <-> cid in either direction and to query each cid's topology metadata. v2: Use kzalloc_objs()/kmalloc_objs() for the three allocs in scx_cid_arrays_alloc() (Cheng-Yang Chou). v3: scx_cid_init() failure path now drops cpus_read_lock(); BUILD_BUG_ON tightened to match BPF cmask helpers' NR_CPUS<=8192. (Sashiko) Signed-off-by: Tejun Heo <tj@kernel.org> Reviewed-by: Cheng-Yang Chou <yphbchou0911@gmail.com> Reviewed-by: Changwoo Min <changwoo@igalia.com> Reviewed-by: Andrea Righi <arighi@nvidia.com>
2026-04-29Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds
Pull kvm updates from Paolo Bonzini: "On top of a lot of Arm fixes, this includes a massive rename of types and variables in tools/testing/selftests/kvm - these were unnecessarily different from what the kernel uses, so they're being made consistent. arm64: - Allow tracing for non-pKVM, which was accidentally disabled when the series was merged - Rationalise the way the pKVM hypercall ranges are defined by using the same mechanism as already used for the vcpu_sysreg enum - Enforce that SMCCC function numbers relayed by the pKVM proxy are actually compliant with the specification - Fix a couple of feature to idreg mappings which resulted in the wrong sanitisation being applied - Fix the GICD_IIDR revision number field that could never been written correctly by userspace - Make kvm_vcpu_initialized() correctly use its parameter instead of relying on the surrounding context - Enforce correct ordering in __pkvm_init_vcpu(), plugging a potential pin leak at the same time - Move __pkvm_init_finalise() to a less dangerous spot, avoiding future problems - Restore functional userspace irqchip support after a four year breakage (last functional kernel was 5.18...) - Spelling fixes Selftests: - Rename types across all KVM selftests to more closely align with types used in the kernel: vm_vaddr_t -> gva_t vm_paddr_t -> gpa_t uint64_t -> u64 uint32_t -> u32 uint16_t -> u16 uint8_t -> u8 int64_t -> s64 int32_t -> s32 int16_t -> s16 int8_t -> s8 - Fix Loongarch compilation" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (31 commits) KVM: selftests: Add check_steal_time_uapi() implementation for LoongArch KVM: arm64: Wake-up from WFI when iqrchip is in userspace KVM: arm64: Fix initialisation order in __pkvm_init_finalise() KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu() KVM: arm64: Fix kvm_vcpu_initialized() macro parameter KVM: arm64: Fix FEAT_SPE_FnE to use PMSIDR_EL1.FnE, not PMSVer KVM: arm64: Fix typo in feature check comments KVM: arm64: Fix FEAT_Debugv8p9 to check DebugVer, not PMUVer KVM: arm64: Reject non compliant SMCCC function calls in pKVM KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value KVM: selftests: Replace "paddr" with "gpa" throughout KVM: selftests: Replace "u64 nested_paddr" with "gpa_t l2_gpa" KVM: selftests: Replace "u64 gpa" with "gpa_t" throughout KVM: selftests: Replace "vaddr" with "gva" throughout KVM: selftests: Clarify that arm64's inject_uer() takes a host PA, not a guest PA KVM: selftests: Rename translate_to_host_paddr() => translate_hva_to_hpa() KVM: selftests: Rename vm_vaddr_populate_bitmap() => vm_populate_gva_bitmap() KVM: selftests: Rename vm_vaddr_unused_gap() => vm_unused_gva_gap() KVM: selftests: Drop "vaddr_" from APIs that allocate memory for a given VM KVM: selftests: Use u8 instead of uint8_t ...
2026-04-28sched_ext: Expose exit_cpu to BPF and userspaceChangwoo Min
Extend struct user_exit_info with an exit_cpu field so BPF schedulers and the userspace report path can see the CPU that triggered the exit, matching the kernel-side dump. UEI_RECORD() defaults the field to -1 before the CO-RE-gated copy so that running against an older kernel without exit_cpu stays distinguishable from "exit happened on CPU 0". UEI_REPORT() appends "on CPU N" to the EXIT line when the value is valid, surfacing the most diagnostically useful piece of exit info to any sched_ext userspace tool without needing to crack open the debug dump. Signed-off-by: Changwoo Min <changwoo@igalia.com> Signed-off-by: Tejun Heo <tj@kernel.org>
2026-04-28Merge tag 'sched_ext-for-7.1-rc1-fixes' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fixes from Tejun Heo: "The merge window pulled in the cgroup sub-scheduler infrastructure, and new AI reviews are accelerating bug reporting and fixing - hence the larger than usual fixes batch: - Use-after-frees during scheduler load/unload: - The disable path could free the BPF scheduler while deferred irq_work / kthread work was still in flight - cgroup setter callbacks read the active scheduler outside the rwsem that synchronizes against teardown Fix both, and reuse the disable drain in the enable error paths so the BPF JIT page can't be freed under live callbacks. - Several BPF op invocations didn't tell the framework which runqueue was already locked, so helper kfuncs that re-acquire the runqueue by CPU could deadlock on the held lock Fix the affected callsites, including recursive parent-into-child dispatch. - The hardlockup notifier ran from NMI but eventually took a non-NMI-safe lock. Bounce it through irq_work. - A handful of bugs in the new sub-scheduler hierarchy: - helper kfuncs hard-coded the root instead of resolving the caller's scheduler - the enable error path tried to disable per-task state that had never been initialized, and leaked cpus_read_lock on the way out - a sysfs object was leaked on every load/unload - the dispatch fast-path used the root scheduler instead of the task's - a couple of CONFIG #ifdef guards were misclassified - Verifier-time hardening: BPF programs of unrelated struct_ops types (e.g. tcp_congestion_ops) could call sched_ext kfuncs - a semantic bug and, once sub-sched was enabled, a KASAN out-of-bounds read. Now rejected at load. Plus a few NULL and cross-task argument checks on sched_ext kfuncs, and a selftest covering the new deny. - rhashtable (Herbert): restore the insecure_elasticity toggle and bounce the deferred-resize kick through irq_work to break a lock-order cycle observable from raw-spinlock callers. sched_ext's scheduler-instance hash is the first user of both. - The bypass-mode load balancer used file-scope cpumasks; with multiple scheduler instances now possible, those raced. Move to per-instance cpumasks, plus a follow-up to skip tasks whose recorded CPU is stale relative to the new owning runqueue. - Smaller fixes: - a dispatch queue's first-task tracking misbehaved when a parked iterator cursor sat in the list - the runqueue's next-class wasn't promoted on local-queue enqueue, leaving an SCX task behind RT in edge cases - the reference qmap scheduler stopped erroring on legitimate cross-scheduler task-storage misses" * tag 'sched_ext-for-7.1-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: (26 commits) sched_ext: Fix scx_flush_disable_work() UAF race sched_ext: Call wakeup_preempt() in local_dsq_post_enq() sched_ext: Release cpus_read_lock on scx_link_sched() failure in root enable sched_ext: Reject NULL-sch callers in scx_bpf_task_set_slice/dsq_vtime sched_ext: Refuse cross-task select_cpu_from_kfunc calls sched_ext: Align cgroup #ifdef guards with SUB_SCHED vs GROUP_SCHED sched_ext: Make bypass LB cpumasks per-scheduler sched_ext: Pass held rq to SCX_CALL_OP() for core_sched_before sched_ext: Pass held rq to SCX_CALL_OP() for dump_cpu/dump_task sched_ext: Save and restore scx_locked_rq across SCX_CALL_OP sched_ext: Use dsq->first_task instead of list_empty() in dispatch_enqueue() FIFO-tail sched_ext: Resolve caller's scheduler in scx_bpf_destroy_dsq() / scx_bpf_dsq_nr_queued() sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup setters sched_ext: Don't disable tasks in scx_sub_enable_workfn() abort path sched_ext: Skip tasks with stale task_rq in bypass_lb_cpu() sched_ext: Guard scx_dsq_move() against NULL kit->dsq after failed iter_new sched_ext: Unregister sub_kset on scheduler disable sched_ext: Defer scx_hardlockup() out of NMI sched_ext: sync disable_irq_work in bpf_scx_unreg() sched_ext: Fix local_dsq_post_enq() to use task's scheduler in sub-sched ...
2026-04-28selftests/bpf: Rename libarena malloc/free methodsEmil Tsalapatis
The s390 architecture uses the token "free" for an enum, conflicting with the malloc/free definitions. Rename the calls to arena_malloc and arena_free instead to prevent collisions. Reported-by: Ihor Solodrai <ihor.solodrai@linux.dev> Signed-off-by: Emil Tsalapatis <etsal@meta.com> Fixes: 86426a28c52d ("selftests/bpf: Add buddy allocator for libarena") Acked-by: Ihor Solodrai <ihor.solodrai@linux.dev> Link: https://lore.kernel.org/r/20260428134252.2783519-1-etsal@meta.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-04-28tools/selftests: Add a VXLAN+IPsec traffic testCosmin Ratiu
There are VXLAN tests and IPsec tests, but there is no test that combines the two protocols and exercises the tunnel-over-ipsec code paths. Fix that by adding a traffic test with VXLAN and IPsec using crypto offload. This is runnable on HW which supports ESP offload (so no nsim unfortunately). Traffic is done with iperf3 and the test validates that there are no packet drops and iperf3 can get to at least 100 Mbps (a very conservative value on today's crypto offload HW, as it can typically reach multi-Gbps rates). Ran right now, the test fails due to a recently exposed bug in xfrm, which will be fixed in the next patch: # ./tools/testing/selftests/drivers/net/hw/ipsec_vxlan.py TAP version 13 1..4 # Check| At ./tools/testing/selftests/drivers/net/hw/ipsec_vxlan.py, # line 161, in test_vxlan_ipsec_crypto_offload: # Check| ksft_eq(drops_after - drops_before, 0, # Check failed 189 != 0 TX drops during VXLAN+IPsec # Check| At ./tools/testing/selftests/drivers/net/hw/ipsec_vxlan.py, # line 163, in test_vxlan_ipsec_crypto_offload: # Check| ksft_ge(bw_gbps, 0.1, # Check failed 0.0015058278404812596 < 0.1 Minimum 100Mbps over # VXLAN+IPsec not ok 1 ipsec_vxlan.test_vxlan_ipsec_crypto_offload.outer_v4_inner_v4 ... Signed-off-by: Cosmin Ratiu <cratiu@nvidia.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2026-04-28tools/selftests: Use a sensible timeout value for iperf3 clientCosmin Ratiu
The default timeout of cmd() is 5 seconds and Iperf3Runner requests the iperf3 client to run for 10 seconds, which clearly doesn't work since commit [1] enforced the timeout parameter. Use a value derived from duration as timeout (+5 seconds for startup/teardown/various other overhead). [1] commit f0bd19316663 ("selftests: net: fix timeout passed as positional argument to communicate()") Signed-off-by: Cosmin Ratiu <cratiu@nvidia.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2026-04-27selftests/tc-testing: add taprio test for class dump after child deleteWeiming Shi
Add a regression test for the NULL pointer dereference fixed in the previous commit. Before the fix, taprio_graft() stored NULL into q->qdiscs[cl - 1] when an explicitly grafted child qdisc was deleted via RTM_DELQDISC; the next RTM_GETTCLASS dump then crashed the kernel in taprio_dump_class() while reading child->handle. The test installs a taprio root qdisc on a multi-queue netdevsim device, grafts a pfifo child onto class 8001:1, deletes that child, and then performs a class dump. On a fixed kernel the dump succeeds and all eight taprio classes are listed; on an unpatched kernel the class dump crashes, which surfaces as a test failure. Signed-off-by: Weiming Shi <bestswngs@gmail.com> Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Link: https://patch.msgid.link/20260422161958.2517539-4-bestswngs@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-04-27selftests/nolibc: test large file supportThomas Weißschuh
Make sure nolibc correctly handles large files. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260418-nolibc-largefile-v1-7-b91f0775bac3@weissschuh.net
2026-04-27tools/nolibc: open files with O_LARGEFILEThomas Weißschuh
nolibc can natively handle large files. Tell this to the kernel by always using O_LARGEFILE when opening files. This is also how other libcs do it. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260418-nolibc-largefile-v1-6-b91f0775bac3@weissschuh.net
2026-04-27tools/nolibc: handle 64-bit system call arguments on MIPS N32Thomas Weißschuh
The N32 system call ABI expects 64-bit values directly in registers. This does not work on nolibc currently, as a 'long' is only 32 bits wide. Switch the system call wrappers to use 'long long' instead which can handle 64-bit values on N32. As on N64 'long' and 'long long' are the same, this does not change the behavior there. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260418-nolibc-largefile-v1-5-b91f0775bac3@weissschuh.net