| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aBo4dievUeVxP7dk@devbig793.prn5.facebook.com>
Date: Tue, 6 May 2025 09:27:34 -0700
From: Bobby Eshleman <bobbyeshleman@...il.com>
To: Paolo Abeni <pabeni@...hat.com>
Cc: Stefano Garzarella <sgarzare@...hat.com>,
Stefan Hajnoczi <stefanha@...hat.com>,
Shuah Khan <shuah@...nel.org>, kvm@...r.kernel.org,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Simon Horman <horms@...nel.org>,
linux-kernel@...r.kernel.org, virtualization@...ts.linux.dev,
netdev@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH net-next v3] selftests/vsock: add initial vmtest.sh for
vsock
On Fri, May 02, 2025 at 12:22:46PM +0200, Paolo Abeni wrote:
> On 4/29/25 1:48 AM, Bobby Eshleman wrote:
> > This commit introduces a new vmtest.sh runner for vsock.
> >
> > It uses virtme-ng/qemu to run tests in a VM. The tests validate G2H,
> > H2G, and loopback. The testing tools from tools/testing/vsock/ are
> > reused. Currently, only vsock_test is used.
> >
> > VMCI and hyperv support is automatically built, though not used.
> >
> > Only tested on x86.
> >
> > To run:
> >
> > $ tools/testing/selftests/vsock/vmtest.sh
> >
> > or
> >
> > $ make -C tools/testing/selftests TARGETS=vsock run_tests
> >
> > Results:
> > # linux/tools/testing/selftests/vsock/vmtest.log
> > setup: Building kernel and tests
> > setup: Booting up VM
> > setup: VM booted up
> > test:vm_server_host_client:guest: Control socket listening on 0.0.0.0:51000
> > test:vm_server_host_client:guest: Control socket connection accepted...
> > [...]
> > test:vm_loopback:guest: 30 - SOCK_STREAM retry failed connect()...ok
> > test:vm_loopback:guest: 31 - SOCK_STREAM SO_LINGER null-ptr-deref...ok
> > test:vm_loopback:guest: 31 - SOCK_STREAM SO_LINGER null-ptr-deref...ok
> >
> > Future work can include vsock_diag_test.
> >
> > vmtest.sh is loosely based off of tools/testing/selftests/net/pmtu.sh,
> > which was picked out of the bag of tests I knew to work with NIPA.
> >
> > Because vsock requires a VM to test anything other than loopback, this
> > patch adds vmtest.sh as a kselftest itself. This is different than other
> > systems that have a "vmtest.sh", where it is used as a utility script to
> > spin up a VM to run the selftests as a guest (but isn't hooked into
> > kselftest). This aspect is worth review, as I'm not aware of all of the
> > enviroments where this would run.
>
> I think this approach is interesting, but I think it will need some
> additional more work, see below...
>
> [...]
>
> > diff --git a/tools/testing/selftests/vsock/settings b/tools/testing/selftests/vsock/settings
> > new file mode 100644
> > index 0000000000000000000000000000000000000000..e7b9417537fbc4626153b72e8f295ab4594c844b
> > --- /dev/null
> > +++ b/tools/testing/selftests/vsock/settings
> > @@ -0,0 +1 @@
> > +timeout=0
>
> We need a reasonable, bounded runtime for nipa integration.
>
> > diff --git a/tools/testing/selftests/vsock/vmtest.sh b/tools/testing/selftests/vsock/vmtest.sh
> > new file mode 100755
> > index 0000000000000000000000000000000000000000..d70b9446e531d6d20beb24ddeda2cf0a9f7e9a39
> > --- /dev/null
> > +++ b/tools/testing/selftests/vsock/vmtest.sh
> > @@ -0,0 +1,354 @@
> > +#!/bin/bash
> > +# SPDX-License-Identifier: GPL-2.0
> > +#
> > +# Copyright (c) 2025 Meta Platforms, Inc. and affiliates
> > +#
> > +# Dependencies:
> > +# * virtme-ng
> > +# * busybox-static (used by virtme-ng)
> > +# * qemu (used by virtme-ng)
>
> You should probably check for such tools presence and bail out with skip
> otherwise.
>
> > +
> > +SCRIPT_DIR="$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)"
> > +KERNEL_CHECKOUT=$(realpath ${SCRIPT_DIR}/../../../..)
>
> This is not going to work if/when the self-tests are installed in their
> own directory via `make install` in the tools/testing/selftests/
> directory, and that use case is supposed to work.
>
> At very least you should check for the expected layout and skip otherwise.
>
> > +QEMU=$(command -v qemu-system-$(uname -m))
> > +VERBOSE=0
> > +SKIP_BUILD=0
> > +VSOCK_TEST=${KERNEL_CHECKOUT}/tools/testing/vsock/vsock_test
> > +
> > +TEST_GUEST_PORT=51000
> > +TEST_HOST_PORT=50000
> > +TEST_HOST_PORT_LISTENER=50001
> > +SSH_GUEST_PORT=22
> > +SSH_HOST_PORT=2222
> > +VSOCK_CID=1234
> > +WAIT_PERIOD=3
> > +WAIT_PERIOD_MAX=20
> > +
> > +QEMU_PIDFILE=/tmp/qemu.pid
> > +
> > +# virtme-ng offers a netdev for ssh when using "--ssh", but we also need a
> > +# control port forwarded for vsock_test. Because virtme-ng doesn't support
> > +# adding an additional port to forward to the device created from "--ssh" and
> > +# virtme-init mistakenly sets identical IPs to the ssh device and additional
> > +# devices, we instead opt out of using --ssh, add the device manually, and also
> > +# add the kernel cmdline options that virtme-init uses to setup the interface.
> > +QEMU_OPTS=""
> > +QEMU_OPTS="${QEMU_OPTS} -netdev user,id=n0,hostfwd=tcp::${TEST_HOST_PORT}-:${TEST_GUEST_PORT}"
> > +QEMU_OPTS="${QEMU_OPTS},hostfwd=tcp::${SSH_HOST_PORT}-:${SSH_GUEST_PORT}"
> > +QEMU_OPTS="${QEMU_OPTS} -device virtio-net-pci,netdev=n0"
> > +QEMU_OPTS="${QEMU_OPTS} -device vhost-vsock-pci,guest-cid=${VSOCK_CID}"
> > +QEMU_OPTS="${QEMU_OPTS} --pidfile ${QEMU_PIDFILE}"
> > +KERNEL_CMDLINE="virtme.dhcp net.ifnames=0 biosdevname=0 virtme.ssh virtme_ssh_user=$USER"
> > +
> > +LOG=${SCRIPT_DIR}/vmtest.log
> > +
> > +# Name Description
> > +avail_tests="
> > + vm_server_host_client Run vsock_test in server mode on the VM and in client mode on the host.
> > + vm_client_host_server Run vsock_test in client mode on the VM and in server mode on the host.
> > + vm_loopback Run vsock_test using the loopback transport in the VM.
> > +"
> > +
> > +usage() {
> > + echo
> > + echo "$0 [OPTIONS] [TEST]..."
> > + echo "If no TEST argument is given, all tests will be run."
> > + echo
> > + echo "Options"
> > + echo " -v: verbose output"
> > + echo " -s: skip build"
> > + echo
> > + echo "Available tests${avail_tests}"
> > + exit 1
> > +}
> > +
> > +die() {
> > + echo "$*" >&2
> > + exit 1
> > +}
> > +
> > +vm_ssh() {
> > + ssh -q -o UserKnownHostsFile=/dev/null -p 2222 localhost $*
> > + return $?
> > +}
> > +
> > +cleanup() {
> > + if [[ -f "${QEMU_PIDFILE}" ]]; then
> > + pkill -SIGTERM -F ${QEMU_PIDFILE} 2>&1 >/dev/null
> > + fi
> > +}
> > +
> > +build() {
> > + log_setup "Building kernel and tests"
> > +
> > + pushd ${KERNEL_CHECKOUT} >/dev/null
> > + vng \
> > + --kconfig \
> > + --config ${KERNEL_CHECKOUT}/tools/testing/selftests/vsock/config.vsock
> > + make -j$(nproc)
> > + make -C ${KERNEL_CHECKOUT}/tools/testing/vsock
> > + popd >/dev/null
>
> I think it would be better to avoid the kernel rebuild. A possible
> alternative could be including in 'config' the needed knobs for vng's
> sake and re-use the running kernel.
>
> Cheers,
>
> Paolo
>
Thanks Paolo, I'll incorporate your feedback in the next rev!
Best,
Bobby
Powered by blists - more mailing lists