summaryrefslogtreecommitdiff
path: root/tools/testing
AgeCommit message (Collapse)Author
2026-05-28bpf: replace pop/push emptiness check with bpf_list_empty()Suchit Karunakaran
Simplify fq_flows_is_empty() by replacing the pop/push based emptiness check with a direct call to bpf_list_empty(). This avoids unnecessary list mutation and simplifies the code while preserving correctness. Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> Changes since v1: - Removed unused variable node Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com> Link: https://lore.kernel.org/r/20260524025853.13786-1-suchitkarunakaran@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-05-28selftests: mptcp: sockopt: set EXIT trap earlierGeliang Tang
Set the EXIT trap for cleanup immediately after creating temporary file variables, before init and make_file, to ensure cleanup runs on any failure or interruption during the early setup phase. Signed-off-by: Geliang Tang <tanggeliang@kylinos.cn> Reviewed-by: Matthieu Baerts (NGI0) <matttbe@kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org> Link: https://patch.msgid.link/20260527-net-mptcp-sft-bufferbloat-exit-v1-3-9afc4e742090@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-28selftests: mptcp: simult_flows: adapt limitsMatthieu Baerts (NGI0)
Avoid using a fixed limit, no matter the setup. This was causing too high bufferbloat in some situations, e.g. with a low bandwidth and very low delay because the default limit was too high for this case. Instead, use more appropriated limits. Note that unbalanced bandwidth modes seem to require slightly higher limits to cope with the different bursts. Reviewed-by: Mat Martineau <martineau@kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org> Link: https://patch.msgid.link/20260527-net-mptcp-sft-bufferbloat-exit-v1-2-9afc4e742090@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-28selftests: mptcp: simult_flows: disable GSOMatthieu Baerts (NGI0)
Netem is used to apply a rate limit, and its 'limit' option is per packet. Disable GSO on both sides to work with packets of a specific size. That increases the number of packets, but stabilise the throughput. As a consequence, limits are more adapted, and the bufferbloat is reduced. Reviewed-by: Mat Martineau <martineau@kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org> Link: https://patch.msgid.link/20260527-net-mptcp-sft-bufferbloat-exit-v1-1-9afc4e742090@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-28Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski
Cross-merge networking fixes after downstream PR (net-7.1-rc6). Conflicts: drivers/net/phy/air_en8811h.c d895767c33781 ("net: phy: air_en8811h: add AN8811HB MCU assert/deassert support") dddfadd75197e ("net: phy: Add Airoha phy library for shared code") 5226bb6634cdf ("net: phy: air_phy_lib: Factorize BuckPBus register accessors") e08f0ea6daf2e ("net: phy: Rename Airoha common BuckPBus register accessors") net/sched/sch_netem.c a2f6ed7b4873 ("net/sched: netem: add per-impairment extended statistics") 9552b11e3eda ("net/sched: fix packet loop on netem when duplicate is on") Adjacent changes: drivers/dpll/zl3073x/core.c c1224569cef0 ("dpll: zl3073x: make frequency monitor a per-device attribute") 54e65df8cf18 ("dpll: zl3073x: report FFO as DPLL vs input reference offset") net/iucv/af_iucv.c 347fdd4df85f ("af_iucv: convert to getsockopt_iter") 3589d20a666c ("net/iucv: fix locking in .getsockopt") Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-28Merge tag 'net-7.1-rc6' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "This is again significantly bigger than the same point into the previous cycle, but at least smaller than last week. I'm not aware of any pending regression for the current cycle. Including fixes from netfilter. Current release - regressions: - netfilter: walk fib6_siblings under RCU Previous releases - regressions: - netlink: fix sending unassigned nsid after assigned one - bridge: fix sleep in atomic context in netlink path - sched: fix ethx:ingress -> ethy:egress -> ethx:ingress mirred loop - ipv4: fix net->ipv4.sysctl_local_reserved_ports UaF - eth: tun: free page on short-frame rejection in tun_xdp_one() Previous releases - always broken: - skbuff: fix missing zerocopy reference in pskb_carve helpers - handshake: drain pending requests at net namespace exit - ethtool: - rss: avoid modifying the RSS context response - module: avoid leaking a netdev ref on module flash errors - coalesce: cap profile updates at NET_DIM_PARAMS_NUM_PROFILES - netfilter: fix dst corruption in same register operation - nfc: hci: fix out-of-bounds read in HCP header parsing - ipv6: exthdrs: refresh nh pointer after ipv6_hop_jumbo() - eth: - vti: use ip6_tnl.net in vti6_changelink(). - vxlan: do not reuse cached ip_hdr() value after skb_tunnel_check_pmtu()" * tag 'net-7.1-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (94 commits) dpll: zl3073x: make frequency monitor a per-device attribute dpll: zl3073x: use __dpll_device_change_ntf() and remove change_work dpll: export __dpll_device_change_ntf() for use under dpll_lock net/handshake: Drain pending requests at net namespace exit net/handshake: Verify file-reference balance in submit paths net/handshake: Close the submit-side sock_hold race net/handshake: hand off the pinned file reference to accept_doit net/handshake: Take a long-lived file reference at submit net/handshake: Pass negative errno through handshake_complete() nvme-tcp: store negative errno in queue->tls_err net/handshake: Use spin_lock_bh for hn_lock net: skbuff: fix missing zerocopy reference in pskb_carve helpers net: hibmcge: move dma_rmb() after dma_sync_single_for_cpu() in RX path net: hibmcge: disable Relaxed Ordering to fix RX packet corruption selftests/tc-testing: Add netem test case exercising loops selftests/tc-testing: Add mirred test cases exercising loops net/sched: act_mirred: Fix return code in early mirred redirect error paths net/sched: act_mirred: Fix blockcast recursion bypass leading to stack overflow net/sched: Fix ethx:ingress -> ethy:egress -> ethx:ingress mirred loop net/sched: fix packet loop on netem when duplicate is on ...
2026-05-28selftests/pipe: add pipe_bench microbenchmarkBreno Leitao
Add a small selftest that stresses pipe->mutex contention by spawning N writer threads that hammer a single pipe with multi-page writes, plus M reader threads that drain. Each writer records its own write() latency samples into a log2-bucketed histogram; main aggregates and prints total writes, throughput, average and percentile (p50/p99) latencies, and the maximum observed latency. Pass --memory-pressure to fork stress-ng (--vm 4 --vm-bytes 80% --vm-method all) for the duration of the run, so alloc_page() in anon_pipe_write() routinely hits direct reclaim. The flag fails fast if stress-ng is not on $PATH. Program print something like the following, for different writes, readers, msgsizes and memory pressure: config: writers=X readers=Y msgsize=Z duration=3 pipe_size=1048576 memory_pressure=[no|yes] writes: total=54451 rate=18150/s throughput_MBps: 1134.40 lat_avg_ns: 275355 lat_p50_ns_upper: 262143 lat_p99_ns_upper: 1048575 lat_max_ns: 2145633 Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Breno Leitao <leitao@debian.org> Link: https://patch.msgid.link/20260524-fix_pipe-v3-2-bb4a75d23a90@debian.org Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
2026-05-28KVM: selftests: Enable pre_fault_memory_test for s390Claudio Imbrenda
Enable the pre_fault_memory_test to run on s390. Reviewed-by: Steffen Eiden <seiden@linux.ibm.com> Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com> Message-ID: <20260527144358.186359-6-imbrenda@linux.ibm.com>
2026-05-28KVM: selftests: Fix pre_fault_memory_test to run on s390Claudio Imbrenda
Add a missing #include <ucall_common.h> which is needed and otherwise not included on s390. Remove the assertion vcpu->run->exit_reason == KVM_EXIT_IO since it is x86-specific and redundant anyway. Acked-by: Sean Christopherson <seanjc@google.com> Reviewed-by: Steffen Eiden <seiden@linux.ibm.com> Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com> Message-ID: <20260527144358.186359-5-imbrenda@linux.ibm.com>
2026-05-28selftests/tc-testing: Add netem test case exercising loopsVictor Nogueira
Add a netem nested duplicate test case to validate that it won't cause an infinite loop Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Acked-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Victor Nogueira <victor@mojatatu.com> Link: https://patch.msgid.link/20260525122556.973584-10-jhs@mojatatu.com Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-05-28selftests/tc-testing: Add mirred test cases exercising loopsVictor Nogueira
Add mirred loop test cases to validate that those will be caught and other test cases that were previously misinterpreted as loops by mirred. This commit adds 12 test cases: - Redirect multiport: dummy egress -> dev1 ingress -> dummy egress (Loop) - Redirect singleport: dev1 ingress -> dev1 egress -> dev1 ingress (Loop) - Redirect multiport: dev1 ingress -> dummy ingress -> dev1 egress (No Loop) - Redirect multiport: dev1 ingress -> dummy ingress -> dev1 ingress (Loop) - Redirect multiport: dev1 ingress -> dummy egress -> dev1 ingress (Loop) - Redirect multiport: dummy egress -> dev1 ingress -> dummy egress, different prios (Loop) - Redirect multiport: dev1 ingress -> dummy ingress -> dummy egress -> dev1 egress (No Loop) - Redirect multiport: dev1 ingress -> dummy egress -> dev1 egress (No Loop) - Redirect multiport: dev1 ingress -> dummy egress -> dummy ingress (No Loop) - Redirect singleport: dev1 ingress -> dev1 ingress (Loop) - Redirect singleport: dummy egress -> dummy ingress (No Loop) - Redirect multiport: dev1 ingress -> dummy ingress -> dummy egress (No Loop) Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Acked-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Victor Nogueira <victor@mojatatu.com> Link: https://patch.msgid.link/20260525122556.973584-9-jhs@mojatatu.com Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-05-28Revert "selftests/tc-testing: Add tests for restrictions on netem duplication"Jamal Hadi Salim
This reverts commit ecdec65ec78d67d3ebd17edc88b88312054abe0d. The tests added were related to check_netem_in_tree() which was just reverted in the previous patch. Reviewed-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com> Link: https://patch.msgid.link/20260525122556.973584-4-jhs@mojatatu.com Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2026-05-27net: sch_fq: update flow delivery time on earlier EDT packetWillem de Bruijn
When inserting an EDT packet with time before flow->time_next_packet, update the flow and possibly queue next delivery time. Reinsert the flow into the q->delayed rb-tree to position correctly and to have fq_check_throttled set wake-up at the right next time. Factor RB tree insertion out fq_flow_set_throttled to avoid open coding twice. EDT packets do not take precedence over queue rate limit. Skip this new step if a queue limit is set. EDT packets do take precedence over per-socket rate limits, as can be seen from fq_dequeue reading sk_pacing_rate if !skb->tstamp. With this change the so_txtime selftest sends packets in the expected order. Signed-off-by: Willem de Bruijn <willemb@google.com> Link: https://patch.msgid.link/20260526134109.2624493-1-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-27selftests: rtnetlink: Add bridge promiscuity testsIdo Schimmel
Add two test cases that always pass, but trigger sleeping in atomic context BUGs without "bridge: Fix sleep in atomic context in netlink path" and "bridge: Fix sleep in atomic context in sysfs path". Reviewed-by: Nikolay Aleksandrov <nikolay@nvidia.com> Signed-off-by: Ido Schimmel <idosch@nvidia.com> Link: https://patch.msgid.link/20260526064818.272516-4-idosch@nvidia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-27cgroup/cpuset: Add test cases for sibling CPU exclusion on partition updateSun Shaojie
When sibling CPU exclusion occurs, a partition's effective_xcpus may be a subset of its user_xcpus. The partcmd_update path must use effective_xcpus instead of user_xcpus when calculating CPUs to return to or request from the parent. Add two test cases to verify this behavior: 1) Narrowing cpuset.cpus to only the sibling-excluded CPUs should not return CPUs to parent that the partition never actually owned. 2) Expanding cpuset.cpus after a sibling becomes a member should correctly request the additional CPUs from parent. Co-developed-by: Zhang Guopeng <zhangguopeng@kylinos.cn> Signed-off-by: Zhang Guopeng <zhangguopeng@kylinos.cn> Signed-off-by: Sun Shaojie <sunshaojie@kylinos.cn> Reviewed-by: Waiman Long <longman@redhat.com> Signed-off-by: Tejun Heo <tj@kernel.org>
2026-05-27KVM: selftests: Update hwcr_msr_test for CPUID faulting bitJim Mattson
Add BIT_ULL(35) (CpuidUserDis) to the valid mask in hwcr_msr_test, now that KVM accepts writes to this bit when the guest CPUID advertises CpuidUserDis. Signed-off-by: Jim Mattson <jmattson@google.com> Link: https://patch.msgid.link/20260527174347.2356165-6-jmattson@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-27selftests/clone3: remove unused variablesKonstantin Khorenko
clone3_cap_checkpoint_restore.c: In function 'call_clone3_set_tid': clone3_cap_checkpoint_restore.c:57:22: warning: unused variable 'tmp' [-Wunused-variable] 57 | char tmp = 0; | ^~~ clone3_cap_checkpoint_restore.c:56:21: warning: unused variable 'ret' [-Wunused-variable] 56 | int ret; | ^~~ clone3_cap_checkpoint_restore.c: In function 'clone3_cap_checkpoint_restore': clone3_cap_checkpoint_restore.c:138:13: warning: unused variable 'ret' [-Wunused-variable] 138 | int ret = 0; | ^~~ Remove unused variables 'ret' and 'tmp' to fix -Wunused-variable warnings. Signed-off-by: Konstantin Khorenko <khorenko@virtuozzo.com> Link: https://patch.msgid.link/20260524163840.34247-3-eva.kurchatova@virtuozzo.com Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
2026-05-27selftests/clone3: fix libcap interface usageEva Kurchatova
The test's set_capability() function needs to set CAP_CHECKPOINT_RESTORE (bit 40). But libcap's API (cap_set_flag) didn't support cap 40 when the test was written - it was too new. So the author worked around it by casting cap_t to an assumed internal layout. This worked with older libcap versions where cap_t pointed directly to that layout. Newer libcap internally restructured its cap_t opaque type. Since 2.43, libcap natively supports CAP_CHECKPOINT_RESTORE, workaround is no longer needed. The fix directly uses the library interface. Signed-off-by: Eva Kurchatova <eva.kurchatova@virtuozzo.com> Link: https://patch.msgid.link/20260524163840.34247-2-eva.kurchatova@virtuozzo.com Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
2026-05-27selftests: Fix Makefile target for nsfsFlorian Schmaus
The kselftests for nsfs where moved under filesystem/ with commit cae73d3bdce5 ("seltests: move nsfs into filesystems subfolder"). However, the kselftest TARGETS declaration was not adjusted. Since the kselftest Makefile ignores errors unless no target builds, the invalid target declaration can easily be missed. Fix this by adjusting the TARGETS accordingly. Fixes: cae73d3bdce5 ("seltests: move nsfs into filesystems subfolder") Signed-off-by: Florian Schmaus <flo@geekplace.eu> Link: https://patch.msgid.link/20260526-kselftest-nsfs-v1-1-7b042ebe42d6@geekplace.eu Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
2026-05-26selftests: fib_tests: add temporary IPv6 address renewal testFernando Fernandez Mancera
Add a test to check that temporary IPv6 address is regenerated properly after the base prefix is deprecated and restored. Fib6 temporary address renewal test TEST: IPv6 temporary address cleanly deprecated and regenerated [ OK ] Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Link: https://patch.msgid.link/20260523103811.3790-2-fmancera@suse.de Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-26KVM: selftests: Add nested page fault injection testKevin Cheng
Add a test that exercises nested page fault injection during L2 execution. L2 executes I/O string instructions (OUTSB/INSB) that access memory restricted in L1's nested page tables (NPT/EPT), triggering a nested page fault that L0 must inject to L1. The test supports both AMD SVM (NPF) and Intel VMX (EPT violation) and verifies that: - The exit reason is an NPF/EPT violation - The access type and permission bits are correct - The faulting GPA is correct Three test cases are implemented: - Unmap the final data page (final translation fault, OUTSB read) - Unmap a PT page (page walk fault, OUTSB read) - Write-protect the final data page (protection violation, INSB write) - Write-protect a PT page (protection violation on A/D update, OUTSB read) Signed-off-by: Kevin Cheng <chengkev@google.com> [sean: name it nested_tdp_fault_test, consolidate asserts] Link: https://patch.msgid.link/20260522232701.3671446-6-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-26cxl/test: Update mock dev array before calling platform_device_add()Li Ming
CXL test environment hits the following error sometimes. cxl_mem mem9: endpoint7 failed probe All mock memdevs are platform firmware devices added by cxl_test module, and cxl_test module also provides a platform device driver for them to create a memdev device to CXL subsystem. cxl_test module uses cxl_rcd/mem_single/mem arrays to store different types of mock memdevs. CXL drivers calls registered mock functions for a mock memdev by checking if a given memdev is in these arrays. When cxl_test module adds these mock memdevs, it always calls platform_device_add() before adding them to a suitable mock memdev array. However, there is a small window where CXL drivers calls mock function for a added memdev before it added to a mock memdev array. In above case, cxl endpoint driver considers a added memdev was not a mock memdev, then calling devm_cxl_endpoint_decoders_setup() for it rather than mock_endpoint_decoders_setup(). An appropriate solution is that adding a new mock device to a mock device array before calling platform_device_add() for it. It can guarantee the new mock device is visible to CXL subsystem. This patch introduces a new helped called cxl_mock_platform_device_add() to handle the issue, and uses the function for all mock devices addition. Fixes: 3a2b97b3210b ("cxl/test: Improve init-order fidelity relative to real-world systems") Signed-off-by: Li Ming <ming.li@zohomail.com> Tested-by: Alison Schofield <alison.schofield@intel.com> Reviewed-by: Alison Schofield <alison.schofield@intel.com> Link: https://patch.msgid.link/20260520121457.234404-1-ming.li@zohomail.com Signed-off-by: Dave Jiang <dave.jiang@intel.com>
2026-05-26KVM: selftests: hyperv_features: test write of 1 to HV_X64_MSR_RESETPiotr Zarycki
Writing 1 to HV_X64_MSR_RESET triggers a real vCPU reset; the test was writing 0 because the host loop was not prepared to handle the resulting KVM_EXIT_SYSTEM_EVENT. Add the missing handling and write 1 to actually exercise the reset path. Signed-off-by: Piotr Zarycki <piotr.zarycki@gmail.com> Reviewed-by: Vitaly Kuznetsov <vkuznets@redhat.com> Link: https://patch.msgid.link/20260523111857.195396-1-piotr.zarycki@gmail.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-26KVM: selftests: Randomize dirty_log_test's delay before reaping the bitmapSean Christopherson
In the dirty log test, randomize the delay before the initial call to get the dirty log bitmap for a given iteration, so that the amount of memory dirtied by the guest varies from iteration to iteration, and so that the user can effectively control the duration (by increasing the interval). Always waiting 1ms effectively hides a KVM RISC-V bug as the test reaps the dirty bitmap before the guest has a chance to trigger the problematic flow in KVM. Reported-by: Wu Fei <wu.fei9@sanechips.com.cn> Closes: https://lore.kernel.org/all/202605111130.64BBUXDN013040@mse-fl2.zte.com.cn Cc: Wu Fei <atwufei@163.com> Link: https://patch.msgid.link/20260522170230.3518669-1-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-26KVM: selftests: Add and use kvm_free_fd() to harden against fd goofsSean Christopherson
Add a kvm_free_fd() macro to close and invalidate a file descriptor, and use it through the core infrastructure to harden against goofs where a selftest attempts to reuse a closed file descriptor. Cc: Bibo Mao <maobibo@loongson.cn> Cc: Fuad Tabba <tabba@google.com> Cc: Ackerley Tng <ackerleytng@google.com> Reviewed-by: Ackerley Tng <ackerleytng@google.com> Link: https://patch.msgid.link/20260522171535.3525890-3-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-26KVM: selftests: Cast guest_memfd fd to a signed int when checking for >= 0Sean Christopherson
When conditionally closing a memory region's guest_memfd file descriptor, cast the field to a signed it so that negative values are correctly detected. Because selftests reuse "struct kvm_userspace_memory_region2" instead of providing custom storage, they pick up the kernel uAPI's __u32 definition of the file descriptor, not the more common "int" definition, e.g. that's used for userspace_mem_region.fd. Fixes: bb2968ad6c33 ("KVM: selftests: Add support for creating private memslots") Reported-by: Bibo Mao <maobibo@loongson.cn> Closes: https://lore.kernel.org/all/20260508015013.4108345-1-maobibo@loongson.cn Reviewed-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Ackerley Tng <ackerleytng@google.com> Link: https://patch.msgid.link/20260522171535.3525890-2-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-26KVM: selftests: Remove unnecessary "%s" formatting of a constant stringSean Christopherson
Drop superfluous %s formatting from assertions in the guest_memfd overlap testcases, as the string being printed doesn't require runtime formatting. No functional change intended. Reported-by: Ackerley Tng <ackerleytng@google.com> Reviewed-by: Ackerley Tng <ackerleytng@google.com> Link: https://patch.msgid.link/20260522172151.3530267-4-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-26KVM: selftests: Test guest_memfd binding overlap without GPA overlapZongyao Chen
The guest_memfd binding overlap test recreates the deleted slot with GPA ranges that overlap the still-live slot. KVM rejects those attempts from the generic memslot overlap check before reaching kvm_gmem_bind(), so the test can pass even if guest_memfd binding overlap detection is broken. Recreate the slot at its original, non-overlapping GPA and use guest_memfd offsets that overlap the front and back halves of the other slot's binding. Expand the guest_memfd so the back-half case remains within the file size. Fixes: 2feabb855df8 ("KVM: selftests: Expand set_memory_region_test to validate guest_memfd()") Signed-off-by: Zongyao Chen <ZongYao.Chen@linux.alibaba.com> Reviewed-by: Ackerley Tng <ackerleytng@google.com> Tested-by: Ackerley Tng <ackerleytng@google.com> [sean: keep the existing GPA overlap testcases] Link: https://patch.msgid.link/20260522172151.3530267-3-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
2026-05-26selftests/nolibc: test against -Wwrite-stringsThomas Weißschuh
Users may use this warning when building their own applications. Make sure that nolibc does not trigger any such warnings. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260525-nolibc-write-strings-v2-3-ab5cc16c7b23@weissschuh.net
2026-05-26selftests/nolibc: use mutable buffer for execve() argv stringThomas Weißschuh
The existing code would trigger a warning under -Wwrite-strings which is about to be enabled. Use a mutable buffer instead. While in this specific case, casting away the 'const' would be fine, let's avoid casts which are not really necessary. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Link: https://patch.msgid.link/20260525-nolibc-write-strings-v2-2-ab5cc16c7b23@weissschuh.net
2026-05-25Merge branch 'arena_direct_access' of ↵Tejun Heo
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next into for-7.2
2026-05-25Merge tag 'nf-26-05-22' of ↵Jakub Kicinski
https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Florian Westphal says: ==================== netfilter: updates for net Patches 7+8 fix a regression from 7.1-rc1. Everything else is from 2.6.x to 5.3 releases. There are additional known issues with these patches (drive-by-findings in related code). There are many old bugs all over netfilter and our ability to review feature patches has come to a complete halt due to lack of time. There are further security bugs that we cannot address due to lack of time, maintainers and reviewers. Other remarks: The xtables 32bit compat interface is already off in many vendor kernels, the plan is to remove it soon. 1) Prevent RST packets with invalid sequence numbers from forcing TCP connections into the CLOSE state without a direction check. From Hamza Mahfooz. 2) Re-derive the TCP header pointer after skb_ensure_writable in synproxy_tstamp_adjust. Prevent use-after-free and invalid checksum updates caused by stale pointers during buffer expansion. From Chris Mason. 3) Fix a race condition causing keymap list corruption in conntracks gre/pptp helper. 4) Use raw_smp_processor_id() in xt_cpu to prevent splats under PREEMPT_RCU. 5) Disable netfilter payload mangling in user namespaces (nft_payload.c and nf_queue). TCP option mangling via nft_exthdr.c remains enabled. There will be followups here to restrict resp. revalidate headers. 6) Fix an out-of-bounds read in ebtables's compat_mtw_from_user function. 7) Use list_for_each_entry_rcu() to traverse fib6_siblings in nft_fib6_info_nh_uses_dev(). Ensure safe list walking under RCU. 8) Fix an out-of-bounds read in nft_fib_ipv6 caused by incorrect list traversal. 9) Add nft_fib_nexthop selftest to netfilter. Cover nexthop enumeration for single, group, and multipath route shapes. All three nft_fib6 fixes from Jiayuan Chen. 10) Fix destination corruption in shift operations when source and destination registers overlap. Reject partial register overlap for all operations from control plane. From Fernando Fernandez Mancera. * tag 'nf-26-05-22' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_tables: fix dst corruption in same register operation selftests: netfilter: add nft_fib_nexthop test netfilter: nft_fib_ipv6: handle routes via external nexthop netfilter: nft_fib_ipv6: walk fib6_siblings under RCU netfilter: ebtables: fix OOB read in compat_mtw_from_user netfilter: disable payload mangling in userns netfilter: xt_cpu: prefer raw_smp_processor_id netfilter: nf_conntrack_gre: fix gre keymap list corruption netfilter: synproxy: refresh tcphdr after skb_ensure_writable netfilter: conntrack: tcp: do not force CLOSE on invalid-seq RST without direction check ==================== Link: https://patch.msgid.link/20260522104257.2008-1-fw@strlen.de Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-25Merge tag 'v7.1-rc5' into rdma.git for-nextJason Gunthorpe
For dependencies in the following patches Resolve conflicts, use the goto labels from the rc tag. * tag 'v7.1-rc5': (1526 commits) Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
2026-05-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf 7.1-rc5Alexei Starovoitov
Cross-merge BPF and other fixes after downstream PR. Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-05-24tools/nolibc: add ftruncate()Thomas Weißschuh
On architectures with 32-bit longs, call the compat syscall __NR_ftruncate64. As off_t is 64-bit it must be split into 2 registers. Unlike llseek() which passes the high and low parts in explicitly named arguments, the order here is endian independent. Some architectures (arm, mips, ppc) require this pair of registers to be aligned to an even register, so add custom _sys_ftruncate64() wrappers for those. A test case for ftruncate is added which validates negative length or invalid fd return the appropriate error, and checks the length is correct on success. Co-developed-by: Jordan Richards <jordanrichards@google.com> Signed-off-by: Jordan Richards <jordanrichards@google.com> Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Reviewed-by: Daniel Palmer <daniel@thingy.jp> Link: https://patch.msgid.link/20260521-nolibc-ftruncate-v1-3-5384a83b2402@weissschuh.net
2026-05-24selftests/nolibc: enable CONFIG_TMPFS for sparc32Thomas Weißschuh
An upcoming selftest will use memfd_create() which require tmpfs. Enable that. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Acked-by: Willy Tarreau <w@1wt.eu> Reviewed-by: Daniel Palmer <daniel@thingy.jp> Link: https://patch.msgid.link/20260521-nolibc-ftruncate-v1-1-5384a83b2402@weissschuh.net
2026-05-24Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds
Pull kvm fixes from Paolo Bonzini: "arm64: - Fix ITS EventID sanitisation when restoring an interrupt translation table. - Fix PPI memory leak when failing to initialise a vcpu. - Correctly return an error when the validation of a hypervisor trace descriptor fails, and limit this validation to protected mode only. RISC-V: - Fix invalid HVA warning in steal-time recording - Return SBI_ERR_FAILURE to guest upon OOM in pmu_event_info() and pmu_snapshot_set_shmem() - Fix NULL pointer dereference in SBI v0.1 SEND_IPI handler - Fix sign extension of value for MMIO loads s390: - Fix bugs in vSIE (nested virtualization) and UCONTROL, caused by the page table rewrite. x86: - Apply erratum #1235 workaround (disable AVIC IPI virtualization) on Hygon Family 18h, just like on AMD Family 17h. - When KVM_CAP_X86_APIC_BUS_CYCLES_NS is queried on a specific VM, return the VM's configured APIC bus frequency instead of the default. This is less confusing (read: not wrong) and makes it easier to fill in CPUID information that communicates the APIC bus frequency to the guest. Selftests: - Do not include glibc-internal <bits/endian.h>; it worked by chance and broke building KVM selftests with musl" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: SVM: Disable AVIC IPI virtualization on Hygon Family 18h (erratum #1235) KVM: selftests: Verify that KVM returns the configured APIC cycle length KVM: x86: Return the VM's configured APIC bus frequency when queried KVM: selftests: elf: Include <endian.h> instead of <bits/endian.h> KVM: s390: Properly reset zero bit in PGSTE KVM: s390: vsie: Fix redundant rmap entries KVM: s390: vsie: Fix unshadowing logic KVM: s390: Fix leaking kvm_s390_mmu_cache in case of errors KVM: s390: vsie: Fix memory leak when unshadowing KVM: arm64: Fix nVHE/pKVM hyp tracing error on invalid desc KVM: arm64: vgic: Free private_irqs when init fails after allocation KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits RISC-V: KVM: Fix sign extension for MMIO loads RISC-V: KVM: Fix NULL pointer dereference in SBI v0.1 SEND_IPI handler riscv: kvm: return SBI_ERR_FAILURE for pmu_event_info() when OOM riscv: kvm: return SBI_ERR_FAILURE for pmu_snapshot_set_shmem() when OOM RISC-V: KVM: Fix invalid HVA warning in steal-time recording
2026-05-24Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpfLinus Torvalds
Pull bpf fixes from Alexei Starovoitov: - Fix bpf_throw() and global subprog combination (Kumar Kartikeya Dwivedi) - Fix out of bounds access in BPF interpreter (Yazhou Tang) - Fix potential out of bounds access in inner per-cpu array map (Guannan Wang) - Reject NULL data/sig in bpf_verify_pkcs7_signature (KP Singh) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: libbpf: fix off-by-one in emit_signature_match jump offset bpf: Reject NULL data/sig in bpf_verify_pkcs7_signature selftests/bpf: Cover global subprog exception leaks bpf: Check global subprog exception paths bpf: make bpf_session_is_return() reference optional bpf: Use array_map_meta_equal for percpu array inner map replacement selftests/bpf: Add test for large offset bpf-to-bpf call bpf: Fix s16 truncation for large bpf-to-bpf call offsets bpf: Fix out-of-bounds read in bpf_patch_call_args()
2026-05-24torture: Allow "norm" abbreviation for "normal"Paul E. McKenney
This adds "--do-norm", --do-no-norm", and "--no-norm" synonyms for the "--do-normal" group of torture.sh command-line arguments. Signed-off-by: Paul E. McKenney <paulmck@kernel.org> Signed-off-by: Uladzislau Rezki (Sony) <urezki@gmail.com>
2026-05-24torture: Improve kvm-series.sh header commentPaul E. McKenney
The constraints on the arguments to kvm-series.sh are easy to forget, so this commit adds examples in the header comment. Signed-off-by: Paul E. McKenney <paulmck@kernel.org> Signed-off-by: Uladzislau Rezki (Sony) <urezki@gmail.com>
2026-05-23Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdmaLinus Torvalds
Pull rdma fixes from Jason Gunthorpe: - syzbot triggred crash in rxe due to concurrent plug/unplug - Possible non-zero'd memory exposed to userspace in bnxt_re - Malicous 'magic packet' with SIW causes a buffer overflow - Tighten the new uAPI validation code to not crash in debugging prints and have the right module dependencies in drivers - mana was missing the max_msg_sz report to userspace - UAF in rtrs on an error path * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: RDMA/rtrs: Fix use-after-free in path file creation cleanup RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port RDMA/core: Do not read wild stack memory in uverbs_get_handler_fn() RDMA/core: Move the _ib_copy_validate_udata* functions to ib_core_uverbs RDMA/siw: Reject MPA FPDU length underflow before signed receive math RDMA/bnxt_re: zero shared page before exposing to userspace selftests/rdma: explicitly skip tests when required modules are missing RDMA/nldev: Add mutual exclusion in nldev_dellink()
2026-05-23KVM: arm64: selftests: Improve error handling for GICv5 PPI selftestSascha Bischoff
Cases where the KVM_RUN ioctl returned an error were wrongly reported as incorrect ucalls. Furthermore, potential failures when calling KVM_IRQ_LINE were being hidden. Improve the error handling to correctly propagate the error in both cases. Fixes: 0a9f38bf612b ("KVM: arm64: selftests: Introduce a minimal GICv5 PPI selftest") Link: https://sashiko.dev/#/patchset/20260319154937.3619520-1-sascha.bischoff%40arm.com Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com> Link: https://lore.kernel.org/r/20260520091949.542365-15-maz@kernel.org Signed-off-by: Marc Zyngier <maz@kernel.org>
2026-05-23KVM: arm64: selftests: Cleanup unused vars in GICv5 PPI selftestSascha Bischoff
Clean up a set of unused variables around the size of the guest's PA space as they are completely irrelevant for GICv5 when only considering PPIs. Fixes: 0a9f38bf612b ("KVM: arm64: selftests: Introduce a minimal GICv5 PPI selftest") Link: https://sashiko.dev/#/patchset/20260319154937.3619520-1-sascha.bischoff%40arm.com Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com> Link: https://lore.kernel.org/r/20260520091949.542365-14-maz@kernel.org Signed-off-by: Marc Zyngier <maz@kernel.org>
2026-05-23KVM: arm64: selftests: Add missing GIC CDEN to no-vgic-v5 selftestSascha Bischoff
The selftest mistakenly omitted the GIC CDEN instruction from the testing. Add it in. Fixes: ce29261ec648 ("KVM: arm64: selftests: Add no-vgic-v5 selftest") Reviewed-by: Joey Gouly <joey.gouly@arm.com> Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com> Link: https://lore.kernel.org/r/20260520091949.542365-13-maz@kernel.org Signed-off-by: Marc Zyngier <maz@kernel.org>
2026-05-23KVM: selftests: Verify that KVM returns the configured APIC cycle lengthSean Christopherson
Add checks in the APIC bus clock test to verify that querying KVM_CAP_X86_APIC_BUS_CYCLES_NS on the VM after changing the frequency returns the VM's actual APIC cycle length, not KVM's default. For giggles, verify that KVM still returns its default frequency for the system-scoped check. Signed-off-by: Sean Christopherson <seanjc@google.com> Message-ID: <20260522173526.3539407-3-seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2026-05-23KVM: selftests: elf: Include <endian.h> instead of <bits/endian.h>Hisam Mehboob
<bits/endian.h> is a glibc-internal header that explicitly states it should never be included directly: #error "Never use <bits/endian.h> directly; include <endian.h> instead." Replace it with the correct public header <endian.h> which works on all C libraries including musl. Building KVM selftests with musl-gcc fails with: lib/elf.c:10:10: fatal error: bits/endian.h: No such file or directory Fixes: 6089ae0bd5e1 ("kvm: selftests: add sync_regs_test") Signed-off-by: Hisam Mehboob <hisamshar@gmail.com> Message-ID: <20260409164020.1575176-4-hisamshar@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2026-05-22selftests: net: add a test case for nsid in all nsid notificationsIlya Maximets
The test subscribes to link events from all namespaces and makes sure that local events do not carry NSID in their ancillary data (even if there is a self-referential NSID allocated for the local namespace), and remote events do. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Link: https://patch.msgid.link/20260520172317.175168-5-i.maximets@ovn.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-22selftests: tls: use ASSERT_GE in test_mutliprocGeliang Tang
In test_mutliproc(), when send() or recv() returns an error (e.g., -1), the test continues to execute the remaining code and fails repeatedly due to using EXPECT_GE. For example, if a TLS connection is broken and recv() returns -1, EXPECT_GE(res, 0) records a failure but does not stop the test. The test then proceeds with left -= res (where res = -1), causing left to increase unexpectedly, and the loop continues indefinitely. This results in a massive number of identical failure messages: # tls.c:1686:mutliproc_sendpage_writers:Expected res (-1) >= 0 (0) # tls.c:1686:mutliproc_sendpage_writers:Expected res (-1) >= 0 (0) ... (hundreds of identical failures) Fix this by replacing EXPECT_GE with ASSERT_GE. When send() or recv() fails, ASSERT_GE immediately aborts the current test, preventing the subsequent undefined behavior and endless failure messages. Signed-off-by: Geliang Tang <tanggeliang@kylinos.cn> Link: https://patch.msgid.link/0ee9f412b6bd1a260a547d19f979f73b396746ac.1779354585.git.tanggeliang@kylinos.cn Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-22selftests/tc-testing: Adapt idempotent qdisc notify callback tests to recent ↵Victor Nogueira
fq_codel changes Commit 150061a20651 ("net/sched: fq_codel: local packets no longer count against memory limit") made fq_codel not account for local packets in the memory limit. Since tests a4bb, a4be, a4bf, a4c0, a4c1 were relying on these packets being accounted so that parent's qlen notify callback was executed, they broke. Fix the tests by adding the qdiscs to ifb instead and making it see mirred packets that came from scapy. That way the packets are accounted in the memory limit and the parent's qlen notify callback is still executed. Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Signed-off-by: Victor Nogueira <victor@mojatatu.com> Acked-by: Eric Dumazet <edumazet@google.com> Link: https://patch.msgid.link/20260521150811.1896373-2-victor@mojatatu.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-05-22selftests/tc-testing: Add support for ifb devicesVictor Nogueira
Add support for ifb devices in tdc so that tests with the nsPlugin are able to use it when necessary. Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Signed-off-by: Victor Nogueira <victor@mojatatu.com> Link: https://patch.msgid.link/20260521150811.1896373-1-victor@mojatatu.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>