--- /dev/null
+From d4a5b369ad6d8aae552752ff438dddde653a72ec Mon Sep 17 00:00:00 2001
+From: Shakeel Butt <shakeelb@google.com>
+Date: Thu, 28 Dec 2023 07:30:55 +0000
+Subject: mm: ratelimit stat flush from workingset shrinker
+
+From: Shakeel Butt <shakeelb@google.com>
+
+commit d4a5b369ad6d8aae552752ff438dddde653a72ec upstream.
+
+One of our workloads (Postgres 14 + sysbench OLTP) regressed on newer
+upstream kernel and on further investigation, it seems like the cause is
+the always synchronous rstat flush in the count_shadow_nodes() added by
+the commit f82e6bf9bb9b ("mm: memcg: use rstat for non-hierarchical
+stats"). On further inspection it seems like we don't really need
+accurate stats in this function as it was already approximating the amount
+of appropriate shadow entries to keep for maintaining the refault
+information. Since there is already 2 sec periodic rstat flush, we don't
+need exact stats here. Let's ratelimit the rstat flush in this code path.
+
+Link: https://lkml.kernel.org/r/20231228073055.4046430-1-shakeelb@google.com
+Fixes: f82e6bf9bb9b ("mm: memcg: use rstat for non-hierarchical stats")
+Signed-off-by: Shakeel Butt <shakeelb@google.com>
+Cc: Johannes Weiner <hannes@cmpxchg.org>
+Cc: Yosry Ahmed <yosryahmed@google.com>
+Cc: Yu Zhao <yuzhao@google.com>
+Cc: Michal Hocko <mhocko@suse.com>
+Cc: Roman Gushchin <roman.gushchin@linux.dev>
+Cc: Muchun Song <songmuchun@bytedance.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Jesper Dangaard Brouer <hawk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ mm/workingset.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/mm/workingset.c
++++ b/mm/workingset.c
+@@ -664,7 +664,7 @@ static unsigned long count_shadow_nodes(
+ struct lruvec *lruvec;
+ int i;
+
+- mem_cgroup_flush_stats();
++ mem_cgroup_flush_stats_ratelimited();
+ lruvec = mem_cgroup_lruvec(sc->memcg, NODE_DATA(sc->nid));
+ for (pages = 0, i = 0; i < NR_LRU_LISTS; i++)
+ pages += lruvec_page_state_local(lruvec,
--- /dev/null
+From stable+bounces-47647-greg=kroah.com@vger.kernel.org Wed May 29 17:18:03 2024
+From: Po-Hsu Lin <po-hsu.lin@canonical.com>
+Date: Wed, 29 May 2024 23:16:02 +0800
+Subject: selftests: net: included needed helper in the install targets
+To: stable@vger.kernel.org
+Cc: gregkh@linuxfoundation.org, po-hsu.lin@canonical.com
+Message-ID: <20240529151603.204106-4-po-hsu.lin@canonical.com>
+
+From: Po-Hsu Lin <po-hsu.lin@canonical.com>
+
+From: Paolo Abeni <pabeni@redhat.com>
+
+commit f5173fe3e13b2cbd25d0d73f40acd923d75add55 upstream.
+
+The blamed commit below introduce a dependency in some net self-tests
+towards a newly introduce helper script.
+
+Such script is currently not included into the TEST_PROGS_EXTENDED list
+and thus is not installed, causing failure for the relevant tests when
+executed from the install dir.
+
+Fix the issue updating the install targets.
+
+Fixes: 3bdd9fd29cb0 ("selftests/net: synchronize udpgro tests' tx and rx connection")
+Signed-off-by: Paolo Abeni <pabeni@redhat.com>
+Reviewed-by: Willem de Bruijn <willemb@google.com>
+Link: https://lore.kernel.org/r/076e8758e21ff2061cc9f81640e7858df775f0a9.1706131762.git.pabeni@redhat.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+[PHLin: ignore the non-existing lib.sh]
+Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ tools/testing/selftests/net/Makefile | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/tools/testing/selftests/net/Makefile
++++ b/tools/testing/selftests/net/Makefile
+@@ -55,6 +55,7 @@ TEST_PROGS += rps_default_mask.sh
+ TEST_PROGS += big_tcp.sh
+ TEST_PROGS_EXTENDED := in_netns.sh setup_loopback.sh setup_veth.sh
+ TEST_PROGS_EXTENDED += toeplitz_client.sh toeplitz.sh
++TEST_PROGS_EXTENDED += net_helper.sh
+ TEST_GEN_FILES = socket nettest
+ TEST_GEN_FILES += psock_fanout psock_tpacket msg_zerocopy reuseport_addr_any
+ TEST_GEN_FILES += tcp_mmap tcp_inq psock_snd txring_overwrite
--- /dev/null
+From stable+bounces-47648-greg=kroah.com@vger.kernel.org Wed May 29 17:18:05 2024
+From: Po-Hsu Lin <po-hsu.lin@canonical.com>
+Date: Wed, 29 May 2024 23:16:03 +0800
+Subject: selftests: net: List helper scripts in TEST_FILES Makefile variable
+To: stable@vger.kernel.org
+Cc: gregkh@linuxfoundation.org, po-hsu.lin@canonical.com
+Message-ID: <20240529151603.204106-5-po-hsu.lin@canonical.com>
+
+From: Po-Hsu Lin <po-hsu.lin@canonical.com>
+
+From: Benjamin Poirier <bpoirier@nvidia.com>
+
+commit 06efafd8608dac0c3a480539acc66ee41d2fb430 upstream.
+
+Some scripts are not tests themselves; they contain utility functions used
+by other tests. According to Documentation/dev-tools/kselftest.rst, such
+files should be listed in TEST_FILES. Move those utility scripts to
+TEST_FILES.
+
+Fixes: 1751eb42ddb5 ("selftests: net: use TEST_PROGS_EXTENDED")
+Fixes: 25ae948b4478 ("selftests/net: add lib.sh")
+Fixes: b99ac1841147 ("kselftests/net: add missed setup_loopback.sh/setup_veth.sh to Makefile")
+Fixes: f5173fe3e13b ("selftests: net: included needed helper in the install targets")
+Suggested-by: Petr Machata <petrm@nvidia.com>
+Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
+Link: https://lore.kernel.org/r/20240131140848.360618-5-bpoirier@nvidia.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+[PHLin: ignore the non-existing lib.sh]
+Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ tools/testing/selftests/net/Makefile | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+--- a/tools/testing/selftests/net/Makefile
++++ b/tools/testing/selftests/net/Makefile
+@@ -53,9 +53,7 @@ TEST_PROGS += bind_bhash.sh
+ TEST_PROGS += ip_local_port_range.sh
+ TEST_PROGS += rps_default_mask.sh
+ TEST_PROGS += big_tcp.sh
+-TEST_PROGS_EXTENDED := in_netns.sh setup_loopback.sh setup_veth.sh
+-TEST_PROGS_EXTENDED += toeplitz_client.sh toeplitz.sh
+-TEST_PROGS_EXTENDED += net_helper.sh
++TEST_PROGS_EXTENDED := toeplitz_client.sh toeplitz.sh
+ TEST_GEN_FILES = socket nettest
+ TEST_GEN_FILES += psock_fanout psock_tpacket msg_zerocopy reuseport_addr_any
+ TEST_GEN_FILES += tcp_mmap tcp_inq psock_snd txring_overwrite
+@@ -94,6 +92,7 @@ TEST_PROGS += test_vxlan_nolocalbypass.s
+ TEST_PROGS += test_bridge_backup_port.sh
+
+ TEST_FILES := settings
++TEST_FILES += in_netns.sh net_helper.sh setup_loopback.sh setup_veth.sh
+
+ include ../lib.mk
+
--- /dev/null
+From stable+bounces-47646-greg=kroah.com@vger.kernel.org Wed May 29 17:18:05 2024
+From: Po-Hsu Lin <po-hsu.lin@canonical.com>
+Date: Wed, 29 May 2024 23:16:00 +0800
+Subject: selftests/net: synchronize udpgro tests' tx and rx connection
+To: stable@vger.kernel.org
+Cc: gregkh@linuxfoundation.org, po-hsu.lin@canonical.com
+Message-ID: <20240529151603.204106-2-po-hsu.lin@canonical.com>
+
+From: Po-Hsu Lin <po-hsu.lin@canonical.com>
+
+From: Lucas Karpinski <lkarpins@redhat.com>
+
+commit 3bdd9fd29cb0f136b307559a19c107210ad5c314 upstream.
+
+The sockets used by udpgso_bench_tx aren't always ready when
+udpgso_bench_tx transmits packets. This issue is more prevalent in -rt
+kernels, but can occur in both. Replace the hacky sleep calls with a
+function that checks whether the ports in the namespace are ready for
+use.
+
+Suggested-by: Paolo Abeni <pabeni@redhat.com>
+Signed-off-by: Lucas Karpinski <lkarpins@redhat.com>
+Reviewed-by: Willem de Bruijn <willemb@google.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+[PHLin: context adjustment for the differences in BPF_FILE]
+Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ tools/testing/selftests/net/net_helper.sh | 22 ++++++++++++++++++++++
+ tools/testing/selftests/net/udpgro.sh | 13 ++++++-------
+ tools/testing/selftests/net/udpgro_bench.sh | 5 +++--
+ tools/testing/selftests/net/udpgro_frglist.sh | 5 +++--
+ 4 files changed, 34 insertions(+), 11 deletions(-)
+ create mode 100755 tools/testing/selftests/net/net_helper.sh
+
+--- /dev/null
++++ b/tools/testing/selftests/net/net_helper.sh
+@@ -0,0 +1,22 @@
++#!/bin/bash
++# SPDX-License-Identifier: GPL-2.0
++#
++# Helper functions
++
++wait_local_port_listen()
++{
++ local listener_ns="${1}"
++ local port="${2}"
++ local protocol="${3}"
++ local port_hex
++ local i
++
++ port_hex="$(printf "%04X" "${port}")"
++ for i in $(seq 10); do
++ if ip netns exec "${listener_ns}" cat /proc/net/"${protocol}"* | \
++ grep -q "${port_hex}"; then
++ break
++ fi
++ sleep 0.1
++ done
++}
+--- a/tools/testing/selftests/net/udpgro.sh
++++ b/tools/testing/selftests/net/udpgro.sh
+@@ -3,6 +3,8 @@
+ #
+ # Run a series of udpgro functional tests.
+
++source net_helper.sh
++
+ readonly PEER_NS="ns-peer-$(mktemp -u XXXXXX)"
+
+ BPF_FILE="xdp_dummy.o"
+@@ -51,8 +53,7 @@ run_one() {
+ echo "ok" || \
+ echo "failed" &
+
+- # Hack: let bg programs complete the startup
+- sleep 0.2
++ wait_local_port_listen ${PEER_NS} 8000 udp
+ ./udpgso_bench_tx ${tx_args}
+ ret=$?
+ wait $(jobs -p)
+@@ -97,7 +98,7 @@ run_one_nat() {
+ echo "ok" || \
+ echo "failed"&
+
+- sleep 0.1
++ wait_local_port_listen "${PEER_NS}" 8000 udp
+ ./udpgso_bench_tx ${tx_args}
+ ret=$?
+ kill -INT $pid
+@@ -118,11 +119,9 @@ run_one_2sock() {
+ echo "ok" || \
+ echo "failed" &
+
+- # Hack: let bg programs complete the startup
+- sleep 0.2
++ wait_local_port_listen "${PEER_NS}" 12345 udp
+ ./udpgso_bench_tx ${tx_args} -p 12345
+- sleep 0.1
+- # first UDP GSO socket should be closed at this point
++ wait_local_port_listen "${PEER_NS}" 8000 udp
+ ./udpgso_bench_tx ${tx_args}
+ ret=$?
+ wait $(jobs -p)
+--- a/tools/testing/selftests/net/udpgro_bench.sh
++++ b/tools/testing/selftests/net/udpgro_bench.sh
+@@ -3,6 +3,8 @@
+ #
+ # Run a series of udpgro benchmarks
+
++source net_helper.sh
++
+ readonly PEER_NS="ns-peer-$(mktemp -u XXXXXX)"
+
+ BPF_FILE="xdp_dummy.o"
+@@ -40,8 +42,7 @@ run_one() {
+ ip netns exec "${PEER_NS}" ./udpgso_bench_rx ${rx_args} -r &
+ ip netns exec "${PEER_NS}" ./udpgso_bench_rx -t ${rx_args} -r &
+
+- # Hack: let bg programs complete the startup
+- sleep 0.2
++ wait_local_port_listen "${PEER_NS}" 8000 udp
+ ./udpgso_bench_tx ${tx_args}
+ }
+
+--- a/tools/testing/selftests/net/udpgro_frglist.sh
++++ b/tools/testing/selftests/net/udpgro_frglist.sh
+@@ -3,6 +3,8 @@
+ #
+ # Run a series of udpgro benchmarks
+
++source net_helper.sh
++
+ readonly PEER_NS="ns-peer-$(mktemp -u XXXXXX)"
+
+ BPF_FILE="xdp_dummy.o"
+@@ -45,8 +47,7 @@ run_one() {
+ echo ${rx_args}
+ ip netns exec "${PEER_NS}" ./udpgso_bench_rx ${rx_args} -r &
+
+- # Hack: let bg programs complete the startup
+- sleep 0.2
++ wait_local_port_listen "${PEER_NS}" 8000 udp
+ ./udpgso_bench_tx ${tx_args}
+ }
+
mptcp-cleanup-sol_tcp-handling.patch
mptcp-fix-full-tcp-keep-alive-support.patch
erofs-avoid-allocating-deflate-streams-before-mounting.patch
+mm-ratelimit-stat-flush-from-workingset-shrinker.patch
+vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch
+selftests-net-synchronize-udpgro-tests-tx-and-rx-connection.patch
+selftests-net-included-needed-helper-in-the-install-targets.patch
+selftests-net-list-helper-scripts-in-test_files-makefile-variable.patch
--- /dev/null
+From 1cd4bc987abb2823836cbb8f887026011ccddc8a Mon Sep 17 00:00:00 2001
+From: Daniel Borkmann <daniel@iogearbox.net>
+Date: Mon, 3 Jun 2024 10:59:26 +0200
+Subject: vxlan: Fix regression when dropping packets due to invalid src addresses
+
+From: Daniel Borkmann <daniel@iogearbox.net>
+
+commit 1cd4bc987abb2823836cbb8f887026011ccddc8a upstream.
+
+Commit f58f45c1e5b9 ("vxlan: drop packets from invalid src-address")
+has recently been added to vxlan mainly in the context of source
+address snooping/learning so that when it is enabled, an entry in the
+FDB is not being created for an invalid address for the corresponding
+tunnel endpoint.
+
+Before commit f58f45c1e5b9 vxlan was similarly behaving as geneve in
+that it passed through whichever macs were set in the L2 header. It
+turns out that this change in behavior breaks setups, for example,
+Cilium with netkit in L3 mode for Pods as well as tunnel mode has been
+passing before the change in f58f45c1e5b9 for both vxlan and geneve.
+After mentioned change it is only passing for geneve as in case of
+vxlan packets are dropped due to vxlan_set_mac() returning false as
+source and destination macs are zero which for E/W traffic via tunnel
+is totally fine.
+
+Fix it by only opting into the is_valid_ether_addr() check in
+vxlan_set_mac() when in fact source address snooping/learning is
+actually enabled in vxlan. This is done by moving the check into
+vxlan_snoop(). With this change, the Cilium connectivity test suite
+passes again for both tunnel flavors.
+
+Fixes: f58f45c1e5b9 ("vxlan: drop packets from invalid src-address")
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Cc: David Bauer <mail@david-bauer.net>
+Cc: Ido Schimmel <idosch@nvidia.com>
+Cc: Nikolay Aleksandrov <razor@blackwall.org>
+Cc: Martin KaFai Lau <martin.lau@kernel.org>
+Reviewed-by: Ido Schimmel <idosch@nvidia.com>
+Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
+Reviewed-by: David Bauer <mail@david-bauer.net>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+[ Backport note: vxlan snooping/learning not supported in 6.8 or older,
+ so commit is simply a revert. ]
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/vxlan/vxlan_core.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+--- a/drivers/net/vxlan/vxlan_core.c
++++ b/drivers/net/vxlan/vxlan_core.c
+@@ -1615,10 +1615,6 @@ static bool vxlan_set_mac(struct vxlan_d
+ if (ether_addr_equal(eth_hdr(skb)->h_source, vxlan->dev->dev_addr))
+ return false;
+
+- /* Ignore packets from invalid src-address */
+- if (!is_valid_ether_addr(eth_hdr(skb)->h_source))
+- return false;
+-
+ /* Get address from the outer IP header */
+ if (vxlan_get_sk_family(vs) == AF_INET) {
+ saddr.sin.sin_addr.s_addr = ip_hdr(skb)->saddr;
projects / thirdparty / kernel / stable-queue.git / commitdiff
