summaryrefslogtreecommitdiff
path: root/tools/testing
AgeCommit message (Collapse)Author
2026-06-16Merge branch 'for-7.2/bpf' into for-linusJiri Kosina
2026-06-16selftests/bpf: test that TLS crypto is rejected on a sockmap socketJakub Kicinski
TLS and sockmap are mutually exclusive. We already have a test for the sockmap side rejecting kTLS, add the inverse test matching patch 1 of this series. Link: https://patch.msgid.link/20260614014102.461064-6-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-16selftests/bpf: drop the unused kTLS program from test_sockmapJakub Kicinski
With the sockmap + kTLS tests gone, the BPF-side support in test_sockmap is dead: the tls_sock_map map and bpf_prog3 (which redirected skbs into it) are no longer referenced. Remove them, along with the now-unused bpf_write_pass() helper. bpf_prog3 was progs[2], so renumber the progs[] users in test_sockmap.c: the sockops program drops to progs[2] and the sk_msg tx programs to progs[3..7]. Shrink the map/prog arrays from 9 to 8 and drop the tls_sock_map entry (the last one) from map_names[] to match. Link: https://patch.msgid.link/20260614014102.461064-5-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-16selftests/bpf: remove sockmap + ktls testsJakub Kicinski
The combination of sockmap and TLS is no longer supported - installing the TLS ULP on a sockmap socket (and vice versa) is now rejected. Remove the tests that exercise the combination along with their BPF program; the file covered nothing but sockmap sockets holding kTLS contexts. Reviewed-by: Jakub Sitnicki <jakub@cloudflare.com> Link: https://patch.msgid.link/20260614014102.461064-4-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-16Merge tag 'linux_kselftest-next-7.2-rc1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest updates from Shuah Khan: "Several fixes and improvements to resctrl tests and a change to kselftest document to clarify the use of FORCE_TARGETS build variable" * tag 'linux_kselftest-next-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: kselftest: fix doc for ksft_test_result_report() selftests/resctrl: Reduce L2 impact on CAT test selftests/resctrl: Simplify perf usage in CAT test selftests/resctrl: Remove requirement on cache miss rate selftests/resctrl: Raise threshold at which MBM and PMU values are compared selftests/resctrl: Increase size of buffer used in MBM and MBA tests selftests/resctrl: Support multiple events associated with iMC selftests/resctrl: Prepare for parsing multiple events per iMC selftests/resctrl: Do not store iMC counter value in counter config structure selftests/resctrl: Reduce interference from L2 occupancy during cache occupancy test selftests/resctrl: Improve accuracy of cache occupancy test docs: kselftest: Document the FORCE_TARGETS build variable
2026-06-16Merge tag 'linux_kselftest-kunit-7.2-rc1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kunit updates from Shuah Khan: "Fixes to tool and kunit core and new features to both to support JUnit XML (primitive) and backtrace suppression API: - Core support for suppressing warning backtraces - Parse and print the reason tests are skipped - Add (primitive) support for outputting JUnit XML - Don't write to stdout when it should be disabled - Add backtrace suppression self-tests - Suppress intentional warning backtraces in scaling unit tests - Add documentation for warning backtrace suppression API - Fix spelling mistakes in comments and messages - gen_compile_commands: Ignore libgcc.a - qemu_configs: Add or1k / openrisc configuration" * tag 'linux_kselftest-kunit-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: kunit:tool: Don't write to stdout when it should be disabled kunit: tool: Add (primitive) support for outputting JUnit XML kunit: tool: Parse and print the reason tests are skipped kunit: Add documentation for warning backtrace suppression API drm: Suppress intentional warning backtraces in scaling unit tests kunit: Add backtrace suppression self-tests bug/kunit: Core support for suppressing warning backtraces kunit: Fix spelling mistakes in comments and messages kunit: qemu_configs: Add or1k / openrisc configuration gen_compile_commands: Ignore libgcc.a
2026-06-16Merge tag 'hardening-v7.2-rc1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull hardening updates from Kees Cook: - lkdtm: - Add case to provoke a crash in EFI runtime services (Ard Biesheuvel) - add PPC_RADIX_TLBIEL test and missed isync (Sayali Patil) - stddef: Document designated initializer semantics for __TRAILING_OVERLAP() (Gustavo A. R. Silva) - strarray: drop redundant allocation, add __counted_by_ptr (Thorsten Blum) * tag 'hardening-v7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: lkdtm/powerpc: add PPC_RADIX_TLBIEL test for radix MCE validation lkdtm/powerpc: add isync after slbmte to enforce SLB update ordering lkdtm: Add case to provoke a crash in EFI runtime services lib/string_helpers: annotate struct strarray with __counted_by_ptr lib/string_helpers: drop redundant allocation in kasprintf_strarray MAINTAINERS: add kernel hardening keyword __counted_by_ptr stddef: Document designated initializer semantics for __TRAILING_OVERLAP()
2026-06-16Merge tag 'v7.2-p1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto updates from Herbert Xu: "API: - Drop support for off-CPU cryptography in af_alg - Document that af_alg is *always* slower - Document the deprecation of af_alg - Remove zero-copy support from skcipher and aead in af_alg - Cap AEAD AD length to 0x80000000 in af_alg - Free default RNG on module exit Algorithms: - Fix vli multiplication carry overflow in ecc - Drop unused cipher_null crypto_alg - Remove unused variants of drbg - Use lib/crypto in drbg - Use memcpy_from/to_sglist in authencesn - Allow authenc(hmac(sha{256,384}),cts(cbc(aes))) in FIPS mode - Disallow RSA PKCS#1 SHA-1 sig algs in FIPS mode - Filter out async aead implementations at alloc in krb5 - Fix non-parallel fallback by rstoring callback in pcrypt - Validate poly1305 template argument in chacha20poly1305 Drivers: - Add sysfs PCI reset support to qat - Add KPT support for GEN6 devices to qat - Remove unused character device and ioctls from qat - Add support for hw access via SMCC to mtk - Remove prng support from crypto4xx - Remove prng support from hisi-trng - Remove prng support from sun4i-ss - Remove prng support from xilinx-trng - Remove loongson-rng - Remove exynos-rng Others: - Remove support for AIO on sockets" * tag 'v7.2-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (196 commits) crypto: tegra - fix refcount leak in tegra_se_host1x_submit() crypto: rng - Free default RNG on module exit crypto: testmgr - allow authenc(hmac(sha{256,384}),cts(cbc(aes))) in FIPS mode hwrng: jh7110 - fix refcount leak in starfive_trng_read() crypto: atmel-ecc - drop dead code in atmel_ecdh_max_size crypto: cavium/cpt - fix DMA cleanup using wrong loop index crypto: marvell/octeontx - fix DMA cleanup using wrong loop index MAINTAINERS: make myself the maintainer of the Qualcomm QCE driver crypto: amcc - convert irq_of_parse_and_map to platform_get_irq crypto: sun4i-ss - Remove insecure and unused rng_alg hwrng: xilinx - Move xilinx-rng into drivers/char/hw_random/ crypto: xilinx-trng - Replace crypto_drbg_ctr_df() with HMAC-SHA512 crypto: xilinx-trng - Fix return value of xtrng_hwrng_trng_read() crypto: xilinx-trng - Remove crypto_rng interface crypto: exynos-rng - Remove exynos-rng driver hwrng: hisi-trng - Move hisi-trng into drivers/char/hw_random/ crypto: hisi-trng - Remove crypto_rng interface crypto: loongson - Remove broken and unused loongson-rng crypto: crypto4xx - Remove insecure and unused rng_alg crypto: qat - validate RSA CRT component lengths ...
2026-06-16Merge tag 'slab-for-7.2' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab updates from Vlastimil Babka: - Support for "allocation tokens" (currently available in Clang 22+) for smarter partitioning of kmalloc caches based on the allocated object type, which can be enabled instead of the "random" per-caller-address-hash partitioning. It should be able to deterministically separate types containing a pointer from those that do not (Marco Elver) - Improvements and simplification of the kmem_cache_alloc_bulk() and mempool_alloc_bulk() API. This includes adaptation of callers (Christoph Hellwig) - Performance improvements and cleanups related mostly to sheaves refill (Hao Li, Shengming Hu, Vlastimil Babka) - Several fixups for the slabinfo tool (Xuewen Wang) * tag 'slab-for-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: mm/slab: do not limit zeroing to orig_size when only red zoning is enabled mm/slub: preserve original size in _kmalloc_nolock_noprof retry path mm: simplify the mempool_alloc_bulk API mm/slab: improve kmem_cache_alloc_bulk mm/slub: detach and reattach partial slabs in batch mm/slub: introduce helpers for node partial slab state mm/slub: use empty sheaf helpers for oversized sheaves tools/mm/slabinfo: remove redundant slab->partial assignment tools/mm/slabinfo: remove dead assignment in get_obj_and_str() tools/mm/slabinfo: Fix trace disable logic inversion MAINTAINERS: add slab-related scripts and tools to SLAB ALLOCATOR mm/slub: fix typo in sheaves comment mm, slab: simplify returning slab in __refill_objects_node() mm, slab: add an optimistic __slab_try_return_freelist() slab: fix kernel-docs for mm-api slab: improve KMALLOC_PARTITION_RANDOM randomness slab: support for compiler-assisted type-based slab cache partitioning mm/slub: defer freelist construction until after bulk allocation from a new slab
2026-06-15selftests/net: Add hugepage kernel config dependency for zcrxDaniel Borkmann
test_iou_zcrx_large_buf in drivers/net/hw/nk_qlease.py runs iou-zcrx with rx_buf_len > page size, backed by a hugepage-mapped area. Thus add to the Kconfig. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://patch.msgid.link/20260614102607.863838-5-daniel@iogearbox.net Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15selftests/net: Add netkit io_uring ZC test for large rx_buf_lenDaniel Borkmann
Add test_iou_zcrx_large_buf, which runs iou-zcrx with rx_buf_len > page size (-x 2) through a netkit-leased RX queue. The netkit ifindex is opaque to io_uring, but rx_page_size is honoured by the leased physical qops via netif_mp_open_rxq()'s lease redirect. Originally, I also added a BIG TCP variant on top, but dropped it here as fbnic (and the QEMU fbnic model) has no BIG TCP support to exercise it as this point. Tested against the QEMU fbnic emulation. The new test exercises the > page rx_buf_len path only when the leased NIC advertises QCFG_RX_PAGE_SIZE; otherwise it skips. For fbnic, I used Bjorn's patches locally [0]: # ./nk_qlease.py TAP version 13 1..5 ok 1 nk_qlease.test_iou_zcrx ok 2 nk_qlease.test_iou_zcrx_large_buf ok 3 nk_qlease.test_attrs ok 4 nk_qlease.test_attach_xdp_with_mp ok 5 nk_qlease.test_destroy # Totals: pass:5 fail:0 xfail:0 xpass:0 skip:0 error:0 Without those patches (aka not advertising QCFG_RX_PAGE_SIZE): # ./nk_qlease.py TAP version 13 1..5 ok 1 nk_qlease.test_iou_zcrx ok 2 nk_qlease.test_iou_zcrx_large_buf # SKIP Large chunks are not supported -95 ok 3 nk_qlease.test_attrs ok 4 nk_qlease.test_attach_xdp_with_mp ok 5 nk_qlease.test_destroy # Totals: pass:4 fail:0 xfail:0 xpass:0 skip:1 error:0 Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://lore.kernel.org/netdev/20260522113225.241337-1-bjorn@kernel.org/ [0] Link: https://patch.msgid.link/20260614102607.863838-4-daniel@iogearbox.net Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15selftests/net: Use public NetDrvContEnv API in nk_qlease fixturesDaniel Borkmann
Expose the netkit host ifname as a public attribute nk_host_ifname (symmetric with the already-public nk_guest_ifname), rename _attach_bpf to a public attach_bpf, and add a public detach_bpf helper that encapsulates the tc-filter teardown bookkeeping. Switch the fixtures to this public API. No functional change and keeps pylint happy. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://patch.msgid.link/20260614102607.863838-3-daniel@iogearbox.net Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15selftests/net: Move netkit lease hw setup into per-test fixturesDaniel Borkmann
The HW counterpart of nk_qlease.py was carrying its lease setup in main() and stashing src_queue / nk_queue / nk_*_ifname on cfg, which had drawbacks called out during the review at [0]. This is the deferred half of the cleanup that landed in commit e254ffb9502c ("selftests/net: Split netdevsim tests from HW tests in nk_qlease") which was the SW counterpart of nk_qlease.py. While at it, convert the open-coded "ip netns exec" prefixes in the test bodies over to the ns= argument of cmd() / bkg(). Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://lore.kernel.org/netdev/20260408162238.16709090@kernel.org/ [0] Link: https://patch.msgid.link/20260614102607.863838-2-daniel@iogearbox.net Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-16Merge tag 'arm64-upstream' of ↵Linus Torvalds
gitolite.kernel.org:pub/scm/linux/kernel/git/arm64/linux Pull arm64 updates from Will Deacon: "It feels like the new world of AI tooling has slowed us down a little on the feature side when compared to the fixes side. The extra rounds of Sashiko review have also pushed a few things out until next time. Still, there's some good foundational stuff here for the fpsimd code and hardening work towards removing the predictable linear alias of the kernel image. CPU errata handling: - Extend CnP disabling workaround to HiSilicon HIP09 hardware. - Work around eternally broken broadcast TLB invalidation on more CPUs. - Documentation and code cleanups. CPU features: - Add new hwcaps for the 2025 dpISA extensions. Floating point / SVE / SME: - Significant cleanup to the low-level state management code in the core architecture code and KVM. - Use correct register widths during SVE/SME save/restore assembly. - Expose SVE/SME save/restore memory accesses to sanitisers. Memory management: - Preparatory work for unmapping the kernel data and bss sections from the linear map. Miscellaneous: - Inline DAIF manipulation helpers so they can be used safely from non-instrumentable code. - Fix handling of the 'nosmp' cmdline option to avoid marking secondary cores as "possible". MPAM: - Add support for v0.1 of the MPAM architecture. Perf: - Update HiSilicon PMU MAINTAINERS entry. - Fix event encodings for the DVM node in the CMN driver. Selftests: - Extend sigframe tests to cover POE context. - Add coverage for the newly added 2025 dpISA hwcaps. System registers: - Add new registers and ESR encodings for the HDBSS feature. Plus minor fixes and cleanups across the board" * tag 'arm64-upstream' of gitolite.kernel.org:pub/scm/linux/kernel/git/arm64/linux: (73 commits) arm64: errata: Mitigate TLBI errata on Microsoft Azure Cobalt 100 CPU arm64: errata: Mitigate TLBI errata on NVIDIA Olympus CPU arm64: errata: Mitigate TLBI errata on various Arm CPUs arm64: cputype: Add C1-Premium definitions arm64: cputype: Add C1-Ultra definitions Revert "arm64: mm: Unmap kernel data/bss entirely from the linear map" Revert "arm64: mm: Defer remap of linear alias of data/bss" arm64: arch_timer: reuse arch_timer_read_cnt{p,v}ct_el0() helpers arm64/mm: Rename ptdesc_t arm64: mm: Defer remap of linear alias of data/bss KVM: arm64: Omit tag sync on stage-2 mappings of the zero page arm64: Avoid double evaluation of __ptep_get() kasan: Move generic KASAN page tables out of BSS too arm64: Rename page table BSS section to .bss..pgtbl arm64: patching: replace min_t with min in __text_poke perf/arm-cmn: Fix DVM node events arm64: fpsimd: Remove <asm/fpsimdmacros.h> arm64: fpsimd: Move SME save/restore inline arm64: fpsimd: Move sve_flush_live() inline arm64: fpsimd: Move SVE save/restore inline ...
2026-06-15selftests: net: add local ECMP rehash testNeil Spring
Add ecmp_rehash.sh with nine scenarios verifying that TCP rehash selects a different local ECMP path for IPv6: - SYN retransmission (forward path blocked during setup) - SYN/ACK retransmission (reverse path blocked during setup) - Midstream RTO (forward path blocked on established connection) - Midstream ACK rehash (reverse path blocked on established connection) - PLB rehash (ECN-driven congestion on established connection) - Hash policy 1 negative test (rehash attempted but path unchanged) - No flowlabel leak (client mp_hash does not alter on-wire flowlabel) - Dst rebuild consistency (dst invalidation does not change path) - Syncookie server path consistency (SYN-ACK and post-cookie ACKs use the same ECMP path) The policy 1 test verifies that fib_multipath_hash_policy=1 computes a deterministic 5-tuple hash, so txhash re-rolls do not change the ECMP path while TcpTimeoutRehash still increments. The flowlabel leak test sets auto_flowlabels=0 on the client and installs tc filters on client egress that drop TCP packets with nonzero flowlabel, confirming that the client's fl6->mp_hash does not leak into the on-wire IPv6 flow label. The PLB test needs DCTCP, a restricted congestion control. Rather than relax the host-global tcp_allowed_congestion_control (no per-netns equivalent), it pins dctcp on the test routes via the congctl route attribute, confined to the test namespaces. The dst rebuild test streams data, invalidates the cached dst by adding and removing a dummy route (bumping the fib6_node sernum), and verifies that traffic stays on the same path. The sernum change causes ip6_dst_check() to fail on the next transmit, triggering a fresh route lookup via inet6_csk_route_socket(). ECMP_REBUILD_ROUNDS=10 repeats the check to reduce the probability of a buggy kernel passing by chance with 2-way ECMP. The syncookie server path consistency test verifies that the server's SYN-ACK and subsequent ACKs use the same ECMP path. With syncookies, the request socket is freed after the SYN-ACK, so cookie_tcp_reqsk_init() must derive the same txhash (from the cookie) that was used for the SYN-ACK's route lookup. The syncookie test forces tcp_syncookies=2; it skips when CONFIG_SYN_COOKIES is not available. selftests/net/config selects it (and CONFIG_TCP_CONG_DCTCP for the PLB test). Signed-off-by: Neil Spring <ntspring@meta.com> Link: https://patch.msgid.link/20260615042158.1600746-3-ntspring@meta.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15selftests/net/openvswitch: add SET action testMinxi Hou
Add test_action_set exercising OVS_ACTION_ATTR_SET with an ipv4 dst rewrite. The test verifies the SET action in three steps: first confirm normal forwarding, then apply set(ipv4(dst=10.0.0.99)) to rewrite the destination to an address nobody owns and verify ping fails, then restore normal forwarding and verify connectivity recovers. Signed-off-by: Minxi Hou <houminxi@gmail.com> Reviewed-by: Aaron Conole <aconole@redhat.com> Link: https://patch.msgid.link/20260612130503.311240-1-houminxi@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15io_uring/zcrx: selftests: verify rx_buf_len for large chunksDragos Tatulea
Check the newly added rx_buf_len page_pool field for io_uring in the existing large-chunks test after the receiver is up. Signed-off-by: Dragos Tatulea <dtatulea@nvidia.com> Link: https://patch.msgid.link/20260612211709.1456966-4-dtatulea@nvidia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15selftests/vsock: skip vng setsid workaround on >= 1.41Bobby Eshleman
virtme-ng 1.41 ships the upstream fix for the SIGTTOU hang (https://github.com/arighi/virtme-ng/pull/453), so the setsid wrapper in vng_dry_run() is no longer needed there. Gate the workaround on the vng version: setsid is used for vng < 1.41, and vng is invoked directly on >= 1.41. Signed-off-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://patch.msgid.link/20260612-vsock-test-update-v1-2-7d7eeed3ac8f@meta.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15selftests/vsock: accept vng 1.33 or >= 1.36Bobby Eshleman
The current vng version check uses a discrete allowlist of "1.33", "1.36", and "1.37", which forces a script update on every new release even though all post-1.36 releases work. Replace the discrete list with: "1.33", or any version >= 1.36. 1.34 and 1.35 are skipped because they were not tested. Add a version_lt() helper that compares MAJOR.MINOR numerically, so the check reads as a straightforward version comparison. Signed-off-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://patch.msgid.link/20260612-vsock-test-update-v1-1-7d7eeed3ac8f@meta.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2026-06-15Merge tag 'kvm-riscv-7.2-1' of https://github.com/kvm-riscv/linux into HEADPaolo Bonzini
KVM/riscv changes for 7.2 - Batch G-stage TLB flushes for GPA range based page table updates - Convert HGEI line management to fully per-HART - Fix missing CSR dirty marking when FWFT state updated via ONE_REG - Fix stale FWFT feature exposure to Guest/VM - Speed up dirty logging write faults using MMU rwlock and atomic PTE updates using cmpxchg() for permission-only changes - Use flexible array for APLIC IRQ state - Use kvm_slot_dirty_track_enabled() for logging enable check on a memslot - Avoid skipping valid pages in kvm_riscv_gstage_wp_range() - Avoid skipping valid pages in kvm_riscv_gstage_unmap_range() - Use endian-specific __lelong for NACL shared memory
2026-06-15Merge tag 'kvm-s390-next-7.2-1' of ↵Paolo Bonzini
https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into HEAD KVM: s390: New features for 7.2 New features for 7.2 for KVM/s390: * KVM_PRE_FAULT_MEMORY support * Support for 2G hugepages * Support for the ASTFLEIE 2 facility * kvm_arch_set_irq_inatomic Fast Inject * Fix potential leak of uninitialized bytes
2026-06-15Merge tag 'sched-core-2026-06-14' of ↵Linus Torvalds
gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip Pull scheduler updates from Ingo Molnar: "SMP load-balancing updates: - A large series to introduce infrastructure for cache-aware load balancing, with the goal of co-locating tasks that share data within the same Last Level Cache (LLC) domain. By improving cache locality, the scheduler can reduce cache bouncing and cache misses, ultimately improving data access efficiency. Implemented by Chen Yu and Tim Chen, based on early prototype work by Peter Zijlstra, with fixes by Jianyong Wu, Peter Zijlstra and Shrikanth Hegde. - A series to simplify CONFIG_SCHED_SMT ifdef usage (Shrikanth Hegde) Fair scheduler updates: - A series to improve SD_ASYM_CPUCAPACITY scheduling by introducing SMT awareness (Andrea Righi, K Prateek Nayak) - A series to optimize cfs_rq and sched_entity allocation for better data locality (Zecheng Li) - A preparatory series to change fair/cgroup scheduling to a single runqueue, without the final change (Peter Zijlstra) - Auto-manage ext/fair dl_server bandwidth (Andrea Righi) - Fix cpu_util runnable_avg arithmetic (Hongyan Xia) - Optimize update_tg_load_avg()'s rate-limiting code (Rik van Riel) - Allow account_cfs_rq_runtime() to throttle current hierarchy (K Prateek Nayak) - Update util_est after updating util_avg during dequeue, to fix the util signal update logic, which reduces signal noise (Vincent Guittot) Scheduler topology updates: - Allow multiple domains to claim sched_domain_shared (K Prateek Nayak) - Add parameter to split LLC (Peter Zijlstra) Core scheduler updates: - Use trace_call__<tp>() to save a static branch (Gabriele Monaco) Scheduler statistics updates: - Drop now-stale mul_u64_u64_div_u64() cputime over-approximation guard (Nicolas Pitre) Deadline scheduler updates: - Reject debugfs dl_server writes for offline CPUs (Andrea Righi) - Fix replenishment logic for non-deferred servers (Yuri Andriaccio) RT scheduling updates: - Turn RT_PUSH_IPI default off for non PREEMPT_RT (Steven Rostedt) - Update default bandwidth for real-time tasks to 1.0 (Yuri Andriaccio) Proxy scheduling updates: - A series to implement Optimized Donor Migration for Proxy Execution (John Stultz, Peter Zijlstra) - Various proxy scheduling cleanups and fixes (Peter Zijlstra, K Prateek Nayak) Misc fixes, improvements and cleanups by Aaron Lu, Andrea Righi, Zenghui Yu, Chen Yu, Guanyou.Chen, John Stultz, Shrikanth Hegde, Peter Zijlstra, Liang Luo and Yiyang Chen" * tag 'sched-core-2026-06-14' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: (91 commits) sched/fair: Fix newidle vs core-sched sched/deadline: Use task_on_rq_migrating() helper sched/core: Combine separate 'else' and 'if' statements sched/fair: Fix cpu_util runnable_avg arithmetic sched/fair: Unify cfs_rq throttling via account_cfs_rq_runtime() sched/fair: Move the throttled tasks to a local list in tg_unthrottle_up() sched/fair: Call update_curr() before unthrottling the hierarchy sched/fair: Use throttled_csd_list for local unthrottle sched/fair: Convert cfs bandwidth throttling to use guards sched/fair: Allocate cfs_tg_state with percpu allocator sched/fair: Remove task_group->se pointer array sched/fair: Co-locate cfs_rq and sched_entity in cfs_tg_state sched: restore timer_slack_ns when resetting RT policy on fork MAINTAINERS: Fix spelling mistake in Peter's name sched: Simplify ttwu_runnable() sched/proxy: Remove superfluous clear_task_blocked_in() sched/proxy: Remove PROXY_WAKING sched/proxy: Switch proxy to use p->is_blocked sched/proxy: Only return migrate when needed sched: Be more strict about p->is_blocked ...
2026-06-15Merge tag 'locking-core-2026-06-14' of ↵Linus Torvalds
gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip Pull locking updates from Ingo Molnar: "Futex updates: - Optimize futex hash bucket access patterns (Peter Zijlstra) - Large series to address the robust futex unlock race for real, by Thomas Gleixner: "The robust futex unlock mechanism is racy in respect to the clearing of the robust_list_head::list_op_pending pointer because unlock and clearing the pointer are not atomic. The race window is between the unlock and clearing the pending op pointer. If the task is forced to exit in this window, exit will access a potentially invalid pending op pointer when cleaning up the robust list. That happens if another task manages to unmap the object containing the lock before the cleanup, which results in an UAF. In the worst case this UAF can lead to memory corruption when unrelated content has been mapped to the same address by the time the access happens. User space can't solve this problem without help from the kernel. This series provides the kernel side infrastructure to help it along: 1) Combined unlock, pointer clearing, wake-up for the contended case 2) VDSO based unlock and pointer clearing helpers with a fix-up function in the kernel when user space was interrupted within the critical section. ... with help by André Almeida: - Add a note about robust list race condition (André Almeida) - Add self-tests for robust release operations (André Almeida) Context analysis updates: - Implement context analysis for 'struct rt_mutex'. (Bart Van Assche) - Bump required Clang version to 23 (Marco Elver) Guard infrastructure updates: - Series to remove NULL check from unconditional guards (Dmitry Ilvokhin) Lockdep updates: - Restore self-test migrate_disable() and sched_rt_mutex state on PREEMPT_RT (Karl Mehltretter) Membarriers updates: - Use per-CPU mutexes for targeted commands (Aniket Gattani) - Modernize membarrier_global_expedited with cleanup guards (Aniket Gattani) - Add rseq stress test for CFS throttle interactions (Aniket Gattani) percpu-rwsems updates: - Extract __percpu_up_read() to optimize inlining overhead (Dmitry Ilvokhin) Seqlocks updates: - Allow UBSAN_ALIGNMENT to fail optimizing (Heiko Carstens) Lock tracing: - Add contended_release tracepoint to sleepable locks such as mutexes, percpu-rwsems, rtmutexes, rwsems and semaphores (Dmitry Ilvokhin) MAINTAINERS updates: - MAINTAINERS: Add RUST [SYNC] entry (Boqun Feng) Misc updates and fixes by Randy Dunlap, YE WEI-HONG, Fabricio Parra, Dmitry Ilvokhin and Peter Zijlstra" * tag 'locking-core-2026-06-14' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: (36 commits) locking: Add contended_release tracepoint to sleepable locks locking/percpu-rwsem: Extract __percpu_up_read() tracing/lock: Remove unnecessary linux/sched.h include futex: Optimize futex hash bucket access patterns rust: sync: completion: Mark inline complete_all and wait_for_completion MAINTAINERS: Add RUST [SYNC] entry cleanup: Specify nonnull argument index selftests: futex: Add tests for robust release operations Documentation: futex: Add a note about robust list race condition x86/vdso: Implement __vdso_futex_robust_try_unlock() x86/vdso: Prepare for robust futex unlock support futex: Provide infrastructure to plug the non contended robust futex unlock race futex: Add robust futex unlock IP range futex: Add support for unlocking robust futexes futex: Cleanup UAPI defines x86: Select ARCH_MEMORY_ORDER_TSO uaccess: Provide unsafe_atomic_store_release_user() futex: Provide UABI defines for robust list entry modifiers futex: Move futex related mm_struct data into a struct futex: Make futex_mm_init() void ...
2026-06-15Merge tag 'timers-core-2026-06-13' of ↵Linus Torvalds
gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip Pull timer core updates from Thomas Gleixner: "Updates for the time/timer core subsystem: - Harden the user space controllable hrtimer interfaces further to protect against unpriviledged DoS attempts by arming timers in the past. - Add per-capacity hierarchies to the timer migration code to prevent timer migration accross different capacity domains. This code has been disabled last minute as there is a pathological problem with SoCs which advertise a larger number of capacity domains. The problem is under investigation and the code won't be active before v7.3, but that turned out to be less intrusive than a full revert as it preserves the preparatory steps and allows people to work on the final resolution - Export time namespace functionality as a recent user can be built as a module. - Initialize the jiffies clocksource before using it. The recent hardening against time moving backward requires that the related members of struct clocksource have been initialized, otherwise it clamps the readout to 0, which makes time stand sill and causes boot delays. - Fix a more than twenty year old PID reference count leak in an error path of the POSIX CPU timer code. - The usual small fixes, improvements and cleanups all over the place" * tag 'timers-core-2026-06-13' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: (31 commits) posix-cpu-timers: Fix pid refcount leak in do_cpu_nanosleep() error path time/jiffies: Register jiffies clocksource before usage timers/migration: Temporarily disable per capacity hierarchies timers/migration: Turn tmigr_hierarchy level_list into a flexible array timers/migration: Deactivate per-capacity hierarchies under nohz_full timers/migration: Fix hotplug migrator selection target on asymetric capacity machines ntsync: Honour caller's time namespace for absolute MONOTONIC timeouts time/namespace: Export init_time_ns and do_timens_ktime_to_host() timers/migration: Update stale @online doc to @available timers: Fix flseep() typo in kernel-doc comment hrtimer: Fix the bogus return type of __hrtimer_start_range_ns() hrtimer: Return ktime_t from hrtimer_get_next_event()/hrtimer_next_event_without() clocksource: Clean up clocksource_update_freq() functions alarmtimer: Remove stale return description from alarm_handle_timer() selftests/posix_timers: Use CLOCK_THREAD_CPUTIME_ID for ITIMER_PROF measurements scripts/timers: Add timer_migration_tree.py timers/migration: Handle capacity in connect tracepoints timers/migration: Split per-capacity hierarchies timers/migration: Track CPUs in a hierarchy timers/migration: Abstract out hierarchy to prepare for CPU capacity awareness ...
2026-06-15Merge tag 'core-rseq-2026-06-13' of ↵Linus Torvalds
gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip Pull rseq update from Thomas Gleixner: "A trivial update for RSEQ selftests to provide the config fragments which contain the config options required to actually run the tests" * tag 'core-rseq-2026-06-13' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: selftests/rseq: Add config fragment
2026-06-15selftests/bpf: Work around llvm stack overflow in crypto progsAlexei Starovoitov
clang 23 fails to build crypto_bench.c and crypto_sanity.c with "BPF stack limit exceeded". The progs fill a 408-byte bpf_crypto_params on the stack and pass it to bpf_crypto_ctx_create(). clang 23 copies the byte-aligned cipher/key globals into it one byte at a time through the stack, and keeps more than one copy of the struct around. Together that blows the 512-byte limit. Align the source arrays to 8 bytes so the copy is word-wise, and move params off the stack into a static .bss var. static keeps it out of the skeleton, where bpf_crypto_params is an incomplete type. Either change alone is not enough. Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-15Merge tag 'nolibc-20260614-for-7.2-1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/nolibc/linux-nolibc Pull nolibc updates from Thomas Weißschuh: - New architectures: OpenRISC and 32-bit parisc - New library functionality: alloca(), assert(), creat() and ftruncate() - Automatic large file support - Proper 64-bit system call argument passing on x32 and MIPS N32 - Cleanups of the testmatrix - Various bugfixes and cleanups * tag 'nolibc-20260614-for-7.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/nolibc/linux-nolibc: (37 commits) selftests/nolibc: test against -Wwrite-strings selftests/nolibc: use mutable buffer for execve() argv string tools/nolibc: cast default values of program_invocation_name tools/nolibc: add ftruncate() tools/nolibc: add a helper to split a 64-bit argument into 32-bit halves selftests/nolibc: enable CONFIG_TMPFS for sparc32 tools/nolibc: stackprotector: Avoid stalling program startup if crng is not init yet tools/nolibc: getopt: Fix potential out of bounds access selftests/nolibc: test open mode handling tools/nolibc: always pass mode to open syscall tools/nolibc: split open mode handling into a macro tools/nolibc: split implicit open flags into a macro tools/nolibc: add support for 32-bit parisc selftests/nolibc: avoid function pointer comparisons tools/nolibc: add support for OpenRISC / or1k selftests/nolibc: use vmlinux for MIPS tests selftests/nolibc: trim IMAGE mappings selftests/nolibc: trim DEFCONFIG mappings selftests/nolibc: trim QEMU_ARCH mappings selftests/nolibc: use QEMU_ARCH for QEMU_ARCH_USER ...
2026-06-14selftests/bpf: add test for bpf_msg_pop_data() overflowSechang Lim
Add a test in sockmap_basic.c that calls bpf_msg_pop_data() with a length close to U32_MAX, which overflows the start + len bounds check. The sk_msg program records the return value over a sendmsg and the test checks that the call is rejected with -EINVAL. Reviewed-by: Jiayuan Chen <jiayuan.chen@linux.dev> Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com> Cc: Jiayuan Chen <jiayuan.chen@linux.dev> Signed-off-by: Sechang Lim <rhkrqnwk98@gmail.com> Signed-off-by: Jiayuan Chen <jiayuan.chen@linux.dev> Link: https://lore.kernel.org/r/20260615021959.140010-7-jiayuan.chen@linux.dev Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftsets/bpf: Retry map update on helper_fill_hashmap()Gabriele Monaco
helper_fill_hashmap() is used also on parallel and stress map tests. Those are consistently failing with ENOMEM on kernels built with PREEMPT_RT if preallocation is disabled. The failure is transient and only called by the memory cache refill running in a preemptible irq_work, which can easily stall in case of contention. Use a retriable update in those cases to handle transient ENOMEM and make the test more stable also on PREEMPT_RT. Also fix the sign of the value printed in case of error (strerror() expects a positive errno while updates return it negative). Signed-off-by: Gabriele Monaco <gmonaco@redhat.com> Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com> Link: https://lore.kernel.org/r/20260611150704.95133-1-gmonaco@redhat.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-15Merge tag 'rcu.release.v7.2' of ↵Linus Torvalds
gitolite.kernel.org:pub/scm/linux/kernel/git/rcu/linux Pull RCU updates from Uladzislau Rezki: "Torture test updates: - Improve kvm-series.sh script by adding examples in its header comment - Lazy RCU is more fully tested now by replacing call_rcu_hurry() with call_rcu() and doing rcu_barrier() to motivate lazy callbacks during a stutter pause - Add more synonyms for the "--do-normal" group of torture.sh command-line arguments Misc changes: - Reduce stack usage of nocb_gp_wait() to address frame size warning when built with CONFIG_UBSAN_ALIGNMENT - The synchronize_rcu() call can detect the flood and latches a normal/default path temporary switching to wait_rcu_gp() path - Document using rcu_access_pointer() to fetch the old pointer for lockless cmpxchg() updates - Simplify some RCU code using clamp_val() - Fix a kerneldoc header comment typo in srcu_down_read_fast()" * tag 'rcu.release.v7.2' of gitolite.kernel.org:pub/scm/linux/kernel/git/rcu/linux: rcu/nocb: reduce stack usage in nocb_gp_wait() rcu-tasks: Fix possible boot-time tests failed for the call_rcu_tasks() rcu: Latch normal synchronize_rcu() path on flood rcu: Document rcu_access_pointer() feeding into cmpxchg() rcu: Simplify param_set_next_fqs_jiffies() by applying clamp_val() rcu: Simplify rcu_do_batch() by applying clamp() checkpatch: Undeprecate rcu_read_lock_trace() and rcu_read_unlock_trace() srcu: Fix kerneldoc header comment typo in srcu_down_read_fast() torture: Allow "norm" abbreviation for "normal" torture: Improve kvm-series.sh header comment torture: Add torture_sched_set_normal() for user-specified nice values rcutorture: Fully test lazy RCU
2026-06-14selftests/bpf: Add test for sleepable lsm_cgroup rejectionDavid Windsor
Confirm the verifier rejects loading a sleepable BPF_LSM_CGROUP program, as introduced in commit 5b038319be44 ("bpf: Reject sleepable BPF_LSM_CGROUP programs at load time"). Signed-off-by: David Windsor <dwindsor@gmail.com> Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com> Link: https://lore.kernel.org/r/20260611143549.703914-1-dwindsor@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: Add test to verify the fix for bpf_setsockopt() helperLeon Hwang
Verify the fix by: 1. Attach cgroup sockops prog. 2. Build a tcp connection using ipv4 addr in ipv6 socket. 3. Verify the return value of bpf_setsockopt() helper. Assisted-by: Codex:gpt-5.5-xhigh Signed-off-by: Leon Hwang <leon.hwang@linux.dev> Link: https://lore.kernel.org/r/20260613162443.60515-3-leon.hwang@linux.dev Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: Avoid static LLVM linking for cross buildsLeo Yan
The BPF selftests prefer static LLVM linking, which works for native builds but can break cross builds. Its --link-static output may include host-only libraries that are unavailable for the cross compilation, causing link failures. Avoid static LLVM linking for cross builds and use shared LLVM libraries instead. Native builds keep the existing behavior. Signed-off-by: Leo Yan <leo.yan@arm.com> Link: https://lore.kernel.org/r/20260602-tools_build_fix_zero_init_bpf_only-v2-8-c76e5250ea1c@arm.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: Use common CFLAGS for urandom_readLeo Yan
The urandom_read helper and its shared library are built with $(CLANG) directly rather than through the normal selftest $(CC) rules. The CFLAGS variable can contain specific flags only for $(CC) but might be imcompatible for $(CLANG) and those flags are not necessarily valid for the clang-only urandom_read build. Split the BPF selftest local flags into COMMON_CFLAGS and append them to CFLAGS for the normal build path. Use COMMON_CFLAGS directly for urandom_read and liburandom_read.so, while still filtering out -static as before. Signed-off-by: Leo Yan <leo.yan@arm.com> Link: https://lore.kernel.org/r/20260602-tools_build_fix_zero_init_bpf_only-v2-7-c76e5250ea1c@arm.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: Initialize operation name before useLeo Yan
ASAN reports stack-buffer-overflow due to the uninitialized op_name. Initialize it to fix the issue. Fixes: 054b6c7866c7 ("selftests/bpf: Add verifier log tests for BPF_BTF_LOAD command") Signed-off-by: Leo Yan <leo.yan@arm.com> Acked-by: Ihor Solodrai <ihor.solodrai@linux.dev> Link: https://lore.kernel.org/r/20260602-tools_build_fix_zero_init_bpf_only-v2-6-c76e5250ea1c@arm.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: correct CONFIG_PPC64 macro name in commentEthan Nelson-Moore
A comment in tools/testing/selftests/bpf/progs/test_fill_link_info.c incorrectly refers to CONFIG_PPC6 instead of CONFIG_PPC64. Correct it. Discovered while searching for CONFIG_* symbols referenced in code but not defined in any Kconfig file. Signed-off-by: Ethan Nelson-Moore <enelsonmoore@gmail.com> Link: https://lore.kernel.org/r/20260610044023.225820-1-enelsonmoore@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: Fix typo in verify_umulti_link_infoJiri Olsa
We verify info.uprobe_multi.flags against wrong kprobe-multi flag (BPF_F_KPROBE_MULTI_RETURN). It's the same value as the correct flag (BPF_F_UPROBE_MULTI_RETURN), so there's not functional change. Fixes: 147c69307bcf ("selftests/bpf: Add link_info test for uprobe_multi link") Signed-off-by: Jiri Olsa <jolsa@kernel.org> Link: https://lore.kernel.org/r/20260611114230.950379-8-jolsa@kernel.org Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: Add uprobe_multi path_fd fail testsJiri Olsa
Adding tests to attach_api_fails suite to make sure we fail wrong setup for path_fd usage. Signed-off-by: Jiri Olsa <jolsa@kernel.org> Link: https://lore.kernel.org/r/20260611114230.950379-7-jolsa@kernel.org Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/bpf: Add uprobe_multi path_fd testJiri Olsa
Add a uprobe_multi link API selftest that opens /proc/self/exe and passes the resulting descriptor through opts.uprobe_multi.path_fd with BPF_F_UPROBE_MULTI_PATH_FD set. Assisted-by: Codex:GPT-5.4 Signed-off-by: Jiri Olsa <jolsa@kernel.org> Link: https://lore.kernel.org/r/20260611114230.950379-6-jolsa@kernel.org Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-15Merge tag 'vfs-7.2-rc1.misc' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull misc vfs updates from Christian Brauner: "Features: - Reduce pipe->mutex contention by pre-allocating pages outside the lock in anon_pipe_write(). anon_pipe_write() called alloc_page() once per page while holding pipe->mutex. The allocation can sleep doing direct reclaim and runs memcg charging, which extends the critical section and stalls any concurrent reader on the same mutex. Now up to 8 pages are pre-allocated before the mutex is taken, leftovers are recycled into the per-pipe tmp_page[] cache before unlock, and any remainder is released after unlock, keeping the allocator out of the critical section on both sides. On a writers x readers sweep with 64KB writes against a 1 MB pipe throughput improves 6-28% and average write latency drops 5-22%; under memory pressure - when the cost of holding the mutex across reclaim is highest - throughput improves 21-48% and latency drops 17-33%. The microbenchmark is added to selftests. - uaccess/sockptr: fix the ignored_trailing logic in copy_struct_to_user() to behave as documented and the usize check in copy_struct_from_sockptr() for user pointers, and add copy_struct_{from,to}_bounce_buffer() and copy_struct_to_sockptr() helpers for upcoming users (IPPROTO_SMBDIRECT, IPPROTO_QUIC). - bpf: add a sleepable bpf_real_inode() kfunc that resolves the real inode backing a dentry via d_real_inode(). On overlayfs the inode attached to the dentry doesn't carry the underlying device information; this is used by the filesystem restriction BPF program that was merged into systemd. - docs: add guidelines for submitting new filesystems, motivated by the maintenance burden abandoned and untestable filesystems impose on VFS developers, blocking infrastructure work like folio conversions and iomap migration. Fixes: - libfs: set SB_I_NOEXEC and SB_I_NODEV by default in init_pseudo() and drop the now-redundant assignments in callers. This began as a one-line dma-buf fix for a path_noexec() warning; a pseudo filesystem has no reason not to set SB_I_NOEXEC. All init_pseudo() callers were audited: the only visible effect is on dma-buf where SB_I_NOEXEC silences the warning. - Handle set_blocksize() failures in legacy filesystems (bfs, hpfs, qnx4, jfs, befs, affs, isofs, minix, ntfs3, omfs). Mounting a device with a sector size > PAGE_SIZE crashed roughly half of them; the rest had the same missing error handling pattern. Plus a follow-up releasing the superblock buffer_head when setting the minix v3 block size fails. - mount: honour SB_NOUSER in the new mount API. - fs/fcntl: fix a SOFTIRQ-unsafe lock order in fasync signaling by switching the process-group paths of send_sigio() and send_sigurg() from read_lock(&tasklist_lock) to RCU, matching the single-PID path. - vfs: add an FS_USERNS_DELEGATABLE flag and set it for NFS, fixing delegated NFS mounts (fsopen() in a container with the mount performed by a privileged daemon) that broke when non-init s_user_ns was tied to FS_USERNS_MOUNT. - selftests/namespaces: fix a hang in nsid_test where an unreaped grandchild kept the TAP pipe write-end open, a waitpid(-1) race in listns_efault_test, and a false FAIL on kernels without listns() where the tests should SKIP. - filelock: fix the break_lease() stub signature for CONFIG_FILE_LOCKING=n. - init/initramfs_test: wait for the async initramfs unpacking before running; the test and do_populate_rootfs() share the parser state. - fs/coredump: reduce redundant log noise in validate_coredump_safety(). - iomap: pass the correct length to fserror_report_io() in __iomap_write_begin(). - backing-file: fix the backing_file_open() kerneldoc. Cleanups: - initramfs: refactor the cpio hex header parsing to use hex2bin() instead of the hand-rolled simple_strntoul() which is reverted, and extend the initramfs KUnit tests to cover header fields with 0x prefixes. - Replace __get_free_pages() and friends with kmalloc()/kzalloc() across quota, proc, ocfs2/dlm, nilfs2, nfs, nfsd, libfs, jfs, jbd2, isofs, fuse, select, namespace, configfs, binfmt_misc, bfs, and the do_mounts init code - part of the larger work of replacing page allocator calls with kmalloc(). - Use clear_and_wake_up_bit() in unlock_buffer() and journal_end_buffer_io_sync() instead of open-coding the sequence. - Drop unused VFS exports: unexport drop_super_exclusive(), remove start_removing_user_path_at(), and fold __start_removing_path() into start_removing_path(). - fs/read_write: narrow the __kernel_write() export with EXPORT_SYMBOL_FOR_MODULES(). - vfs: uapi: retire octal and hex constants in favor of (1 << n) for the O_ flags. Finding a free bit for a new flag across the architectures was needlessly hard with the mixed bases. - dcache: add extra sanity checks of dead dentries in dentry_free() via a new DENTRY_WARN_ONCE() that also prints d_flags. - iov_iter: use kmemdup_array() in dup_iter() to harden the allocation against multiplication overflow. - fs/pipe: write to ->poll_usage only once. - vfs: remove an always-taken if-branch in find_next_fd(). - dcache: use kmalloc_flex() for struct external_name in __d_alloc(). - namei: use QSTR() instead of QSTR_INIT() in path_pts(). - sync_file_range: delete dead S_ISLNK code. - Comment fixes: retire a stale comment in fget_task_next() and fix assorted spelling mistakes" * tag 'vfs-7.2-rc1.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (73 commits) backing-file: fix backing_file_open() kerneldoc parameter iomap: pass the correct len to fserror_report_io in __iomap_write_begin vfs: add FS_USERNS_DELEGATABLE flag and set it for NFS filelock: fix break_lease() stub signature for CONFIG_FILE_LOCKING=n vfs: uapi: retire octal and hex numbers in favor of (1 << n) for O_ flags bpf: add bpf_real_inode() kfunc fs/read_write: Do not export __kernel_write() to the entire world libfs: drop redundant SB_I_NOEXEC/SB_I_NODEV in init_pseudo() callers libfs: set SB_I_NOEXEC and SB_I_NODEV by default in init_pseudo() mount: honour SB_NOUSER in the new mount API fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling selftests/pipe: add pipe_bench microbenchmark fs/pipe: pre-allocate pages outside pipe->mutex in anon_pipe_write fs: retire stale comment in fget_task_next() fs: fix spelling mistakes in comment bfs: replace get_zeroed_page() with kzalloc() binfmt_misc: replace __get_free_page() with kmalloc() configfs: replace __get_free_pages() with kzalloc() fs/namespace: use __getname() to allocate mntpath buffer fs/select: replace __get_free_page() with kmalloc() ...
2026-06-15Merge tag 'vfs-7.2-rc1.eventpoll' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull eventpoll updates from Christian Brauner: - eventpoll clarity refactor The recent eventpoll UAF fixes (a6dc643c6931 and follow-ups) depended on invariants in fs/eventpoll.c that were nowhere documented and had to be reverse-engineered from the code: the lifetime relationships between struct eventpoll, struct epitem, and struct file, the three removal paths coordinating via epi_fget() pins and ep->mtx, the ovflist sentinel-encoded scan state machine, the POLLFREE release/acquire handshake, and the loop / path check globals serialized by epnested_mutex. The fixes were correct but the next person to touch this code would hit the same learning curve. This series codifies those invariants in source and tightens the surrounding structure. No functional changes intended: - Documentation: a top-of-file overview with field-protection tables for struct eventpoll and struct epitem, a section gathering the loop-check / path-check globals next to their declarations, labelled comments on the two sides of the POLLFREE handshake, refreshed comments on epi_fget() and ep_remove_file(), and a docblock on ep_clear_and_put() that names its two-pass structure as load-bearing. - Mechanical renames: ep_refcount_dec_and_test() -> ep_put() to pair with ep_get(), attach_epitem() -> ep_attach_file() for ep_remove_file() symmetry, the unused depth argument dropped from epoll_mutex_lock(), and the CONFIG_KCMP block relocated next to CONFIG_COMPAT so the hot-path code is contiguous. - Helper extraction: ep_insert() splits into ep_alloc_epitem() and ep_register_epitem(), ep_clear_and_put()'s two passes become ep_drain_pollwaits() and ep_drain_tree() so the ordering invariant is enforced by the call sequence rather than convention, the per-event delivery loop body becomes ep_deliver_event(), and the ep->mtx + epnested_mutex acquisition dance lifts out of do_epoll_ctl() into ep_ctl_lock() / ep_ctl_unlock(). - Sentinel and predicate cleanup: the EP_UNACTIVE_PTR overload is hidden behind named helpers (ep_is_scanning, epi_on_ovflist, ...), epi->next is renamed to epi->ovflist_next, and the boolean predicates return bool. - The per-CTL_ADD scratch state (tfile_check_list, path_count[], inserting_into) moves from file-scope globals into a stack-allocated struct ep_ctl_ctx plumbed through the loop / path check chain. Two follow-up fixes are included: missing kernel-doc for the new @ctx parameters, and restoring the EP_UNACTIVE_PTR sentinel for ctx->tfile_check_list - replacing it with NULL termination broke ep_remove_file()'s "never listed" check for the list tail, causing a syzbot-reported use-after-free. - io_uring related epoll cleanups One of the nastier things about epoll is how it allows nesting contexts inside each other, leading to the necessity of loop detection and the issues that have come with that. There is no reason to support nesting on the io_uring side, so contain the damage and disallow nested contexts from there: eventpoll gains a file based control interface and struct epoll_filefd is renamed to epoll_key. The io_uring side proper goes on top of this through the block tree. - Fix epoll_wait() reporting false negatives ep_events_available() checks ep->rdllist and ep_is_scanning() without a lock and can race with a concurrent scan such that neither check sees the events, causing epoll_wait() with a zero timeout to wrongly report no events even though events are available. A sequence lock closes the race and a reproducer is added to the eventpoll selftests. * tag 'vfs-7.2-rc1.eventpoll' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (25 commits) eventpoll: restore EP_UNACTIVE_PTR sentinel for ctx->tfile_check_list eventpoll: Fix epoll_wait() report false negative selftests/eventpoll: Add test for multiple waiters eventpoll: add missing kernel-doc for @ctx function parameters eventpoll: rename struct epoll_filefd to epoll_key eventpoll: add file based control interface eventpoll: export is_file_epoll() eventpoll: pass struct epoll_filefd through ep_find() and ep_insert() eventpoll: hoist CTL_ADD scratch state into struct ep_ctl_ctx eventpoll: use bool for predicate helpers eventpoll: rename epi->next and txlist for clarity eventpoll: wrap EP_UNACTIVE_PTR in typed sentinel helpers eventpoll: extract lock dance from do_epoll_ctl() into ep_ctl_lock() eventpoll: extract ep_deliver_event() from ep_send_events() eventpoll: split ep_clear_and_put() into drain helpers eventpoll: split ep_insert() into alloc + register stages eventpoll: relocate KCMP helpers near compat syscalls eventpoll: rename attach_epitem() to ep_attach_file() eventpoll: drop unused depth argument from epoll_mutex_lock() eventpoll: rename ep_refcount_dec_and_test() to ep_put() ...
2026-06-15Merge tag 'vfs-7.2-rc1.openat2' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull openat2 updates from Christian Brauner: "Features: - Add O_EMPTYPATH to openat(2)/openat2(2). To get an operable file descriptor from an O_PATH file descriptor it is possible to use openat(fd, ".", O_DIRECTORY) for directories, but other file types require going through open("/proc/<pid>/fd/<nr>") and thus depend on a functioning procfs. With O_EMPTYPATH an empty path string is accepted and LOOKUP_EMPTY is set at path resolution time, allowing to reopen the file behind the file descriptor directly. Selftests are included. - Add an OPENAT2_REGULAR flag for openat2(2) which refuses to open anything but regular files with the new EFTYPE error code. This implements the "ability to only open regular files" feature requested by userspace via uapi-group.org and protects services from being redirected to fifos, device nodes, and friends. All atomic_open implementations were audited for OPENAT2_REGULAR handling. Explicit checks were added to ceph, gfs2, nfs (v4), and cifs/smb - these are the filesystems whose atomic_open can encounter an existing non-regular file and would otherwise call finish_open() on it or return a misleading error code. The remaining implementations (9p, fuse, vboxsf, nfs v2/v3) only call finish_open() on freshly created files and use finish_no_open() for lookup hits, letting the VFS catch non-regular files via the do_open() safety net. Cleanups: - Migrate the openat2 selftests to the kselftest harness and move them under selftests/filesystems/. The tests were written in the early days of selftests' TAP support and the modern kselftest harness is much easier to follow and maintain. The contents of the tests are unchanged and the new emptypath tests are ported on top. - Make the LAST_XXX last-type constants private to fs/namei.c. The only user outside of fs/namei.c was ksmbd which only needs to know whether the last component is a regular one, so vfs_path_parent_lookup() now performs the LAST_NORM check internally. The ints are replaced with a dedicated enum last_type" * tag 'vfs-7.2-rc1.openat2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: vfs: replace ints with enum last_type for LAST_XXX vfs: make LAST_XXX private to fs/namei.c selftests: openat2: port emptypath_test to kselftest harness kselftest/openat2: test for OPENAT2_REGULAR flag openat2: new OPENAT2_REGULAR flag support openat2: introduce EFTYPE error code selftest: add tests for O_EMPTYPATH vfs: add O_EMPTYPATH to openat(2)/openat2(2) selftests: openat2: migrate to kselftest harness selftests: openat2: switch from custom ARRAY_LEN to ARRAY_SIZE selftests: openat2: move helpers to header selftests: move openat2 tests to selftests/filesystems/
2026-06-15Merge tag 'kernel-7.2-rc1.misc' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull misc kernel updates from Christian Brauner: "Fixes - rhashtable: give each instance its own lockdep class syzbot reported a circular locking dependency between ht->mutex and fs_reclaim via the simple_xattrs rhashtable being torn down during inode eviction. The predicted deadlock cannot occur: rhashtable_free_and_destroy() cancels the deferred worker before taking ht->mutex and acquisitions on distinct rhashtables are on distinct mutexes. Lockdep flags a cycle anyway because every ht->mutex in the kernel shared the single static lockdep class from rhashtable_init_noprof(). The lockdep key is lifted to a per-call-site static key so every rhashtable instance gets its own class. - selftests/clone3: fix misuse of the libcap library interface in the cap_checkpoint_restore test and remove unused variables - selftests/pid_namespace: compute the pid_max test limits dynamically instead of hardcoding values below the kernel-enforced minimum of PIDS_PER_CPU_MIN * num_possible_cpus() which made the tests fail on machines with many possible CPUs - selftests: fix the Makefile TARGETS entry for nsfs which wasn't adjusted when the tests moved under filesystems/ Cleanups - ipc/sem.c: use unsigned int for nsops to match the declaration in syscalls.h" * tag 'kernel-7.2-rc1.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: selftests/clone3: remove unused variables selftests/clone3: fix libcap interface usage ipc/sem.c: use unsigned int for nsops selftests: Fix Makefile target for nsfs rhashtable: give each instance its own lockdep class selftests/pid_namespace: compute pid_max test limits dynamically
2026-06-14bpf: Raise maximum call chain depth to 16 framesAlexei Starovoitov
Bump MAX_CALL_FRAMES from 8 to 16 to allow deeper call chains that Rust-BPF requires and update selftests. Link: https://lore.kernel.org/r/20260613180755.29671-1-alexei.starovoitov@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-06-14selftests/landlock: Add tests for invalid use of quiet flagTingmao Wang
Make sure that these calls return EINVAL. Test coverage for security/landlock is 91.6% of 2347 lines according to LLVM 22. Assisted-by: GitHub-Copilot:claude-opus-4.8 Signed-off-by: Tingmao Wang <m@maowtm.org> Link: https://patch.msgid.link/9401d5c6468675863d944d6c26640d97db1a1f31.1781228815.git.m@maowtm.org [mic: Add test coverage] Signed-off-by: Mickaël Salaün <mic@digikod.net>
2026-06-14selftests/landlock: Add tests for quiet flag with scopeTingmao Wang
Enhance scoped_audit.connect_to_child and audit_flags.signal to test interaction with various quiet flag settings. Signed-off-by: Tingmao Wang <m@maowtm.org> Link: https://patch.msgid.link/032849ca97bd45b2e14f96192b61537ed9405a0d.1781228815.git.m@maowtm.org [mic: Fix comment formatting] Signed-off-by: Mickaël Salaün <mic@digikod.net>
2026-06-14selftests/landlock: Add tests for quiet flag with net rulesTingmao Wang
Tests that: - Quiet flag works on network rules - Quiet flag applied to unrelated ports has no effect - Denied access not in quiet_access_net is still logged This is not as thorough as the fs tests, but given the shared logic it should be sufficient. There is also no "optional" access for network rules. Signed-off-by: Tingmao Wang <m@maowtm.org> Assisted-by: GitHub-Copilot:claude-opus-4.7 copilot-review Link: https://patch.msgid.link/364fbd08081318d64bc23049d3a7721f0a3a3624.1781228815.git.m@maowtm.org Signed-off-by: Mickaël Salaün <mic@digikod.net>
2026-06-14selftests/landlock: Add tests for quiet flag with fs rulesTingmao Wang
Test various interactions of the quiet flag with filesystem rules: - Non-optional access (tested with open and rename). - Optional access (tested with truncate and ioctl). - Behaviour around mounts matches with normal Landlock rules. - Behaviour around disconnected directories matches with normal Landlock rules (test expected behaviour of 9a868cdbe66a ("landlock: Fix handling of disconnected directories") applied to the collected quiet flag). - Multiple layers works as expected. Assisted-by: GitHub-Copilot:claude-opus-4.6 copilot-review Signed-off-by: Tingmao Wang <m@maowtm.org> Link: https://patch.msgid.link/0f304507dd3ebccc753e1580456bdfc909012357.1781228815.git.m@maowtm.org [mic: Fix comment formatting] Signed-off-by: Mickaël Salaün <mic@digikod.net>
2026-06-14selftests/landlock: Replace hard-coded 16 with a constantTingmao Wang
The next commit will reuse this number. Make it a shared constant to future-proof changes. Signed-off-by: Tingmao Wang <m@maowtm.org> Link: https://patch.msgid.link/eff35caa9b4ac51aa83a88d67c4dd67f4f8b3a4a.1781228815.git.m@maowtm.org Signed-off-by: Mickaël Salaün <mic@digikod.net>
2026-06-14landlock: Add API support and docs for the quiet flagsTingmao Wang
Adds the UAPI for the quiet flags feature (but not the implementation yet). Even though currently LANDLOCK_ADD_RULE_QUIET only affects audit logging, in the future this can also be used as part of a supervisor mechanism, where it will also suppress denial notifications on a per-object basis. Thus the name is deliberately generic, as opposed to e.g. LANDLOCK_ADD_RULE_LOG_QUIET. According to pahole, even after adding the struct access_masks quiet_masks in struct landlock_hierarchy, the u32 log_* bitfield still only has a size of 2 bytes, so there's minimal wasted space. Assisted-by: GitHub-Copilot:claude-opus-4.8 Signed-off-by: Tingmao Wang <m@maowtm.org> [mic: Update date, fix comment formatting] Link: https://patch.msgid.link/031184748a8e74c0bb02f1fa13d7a3f10918c627.1781228815.git.m@maowtm.org Signed-off-by: Mickaël Salaün <mic@digikod.net>