From: Greg Kroah-Hartman Date: Wed, 12 Jun 2024 13:46:03 +0000 (+0200) Subject: 6.6-stable patches X-Git-Tag: v4.19.316~120 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=167568955f3705bfab43cf066ed69ce1a1c36e9e;p=thirdparty%2Fkernel%2Fstable-queue.git 6.6-stable patches added patches: mm-ratelimit-stat-flush-from-workingset-shrinker.patch selftests-net-included-needed-helper-in-the-install-targets.patch selftests-net-list-helper-scripts-in-test_files-makefile-variable.patch selftests-net-synchronize-udpgro-tests-tx-and-rx-connection.patch vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch --- diff --git a/queue-6.6/mm-ratelimit-stat-flush-from-workingset-shrinker.patch b/queue-6.6/mm-ratelimit-stat-flush-from-workingset-shrinker.patch new file mode 100644 index 00000000000..c17fff88aa9 --- /dev/null +++ b/queue-6.6/mm-ratelimit-stat-flush-from-workingset-shrinker.patch @@ -0,0 +1,46 @@ +From d4a5b369ad6d8aae552752ff438dddde653a72ec Mon Sep 17 00:00:00 2001 +From: Shakeel Butt +Date: Thu, 28 Dec 2023 07:30:55 +0000 +Subject: mm: ratelimit stat flush from workingset shrinker + +From: Shakeel Butt + +commit d4a5b369ad6d8aae552752ff438dddde653a72ec upstream. + +One of our workloads (Postgres 14 + sysbench OLTP) regressed on newer +upstream kernel and on further investigation, it seems like the cause is +the always synchronous rstat flush in the count_shadow_nodes() added by +the commit f82e6bf9bb9b ("mm: memcg: use rstat for non-hierarchical +stats"). On further inspection it seems like we don't really need +accurate stats in this function as it was already approximating the amount +of appropriate shadow entries to keep for maintaining the refault +information. Since there is already 2 sec periodic rstat flush, we don't +need exact stats here. Let's ratelimit the rstat flush in this code path. + +Link: https://lkml.kernel.org/r/20231228073055.4046430-1-shakeelb@google.com +Fixes: f82e6bf9bb9b ("mm: memcg: use rstat for non-hierarchical stats") +Signed-off-by: Shakeel Butt +Cc: Johannes Weiner +Cc: Yosry Ahmed +Cc: Yu Zhao +Cc: Michal Hocko +Cc: Roman Gushchin +Cc: Muchun Song +Signed-off-by: Andrew Morton +Signed-off-by: Jesper Dangaard Brouer +Signed-off-by: Greg Kroah-Hartman +--- + mm/workingset.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/mm/workingset.c ++++ b/mm/workingset.c +@@ -664,7 +664,7 @@ static unsigned long count_shadow_nodes( + struct lruvec *lruvec; + int i; + +- mem_cgroup_flush_stats(); ++ mem_cgroup_flush_stats_ratelimited(); + lruvec = mem_cgroup_lruvec(sc->memcg, NODE_DATA(sc->nid)); + for (pages = 0, i = 0; i < NR_LRU_LISTS; i++) + pages += lruvec_page_state_local(lruvec, diff --git a/queue-6.6/selftests-net-included-needed-helper-in-the-install-targets.patch b/queue-6.6/selftests-net-included-needed-helper-in-the-install-targets.patch new file mode 100644 index 00000000000..b7514726f79 --- /dev/null +++ b/queue-6.6/selftests-net-included-needed-helper-in-the-install-targets.patch @@ -0,0 +1,45 @@ +From stable+bounces-47647-greg=kroah.com@vger.kernel.org Wed May 29 17:18:03 2024 +From: Po-Hsu Lin +Date: Wed, 29 May 2024 23:16:02 +0800 +Subject: selftests: net: included needed helper in the install targets +To: stable@vger.kernel.org +Cc: gregkh@linuxfoundation.org, po-hsu.lin@canonical.com +Message-ID: <20240529151603.204106-4-po-hsu.lin@canonical.com> + +From: Po-Hsu Lin + +From: Paolo Abeni + +commit f5173fe3e13b2cbd25d0d73f40acd923d75add55 upstream. + +The blamed commit below introduce a dependency in some net self-tests +towards a newly introduce helper script. + +Such script is currently not included into the TEST_PROGS_EXTENDED list +and thus is not installed, causing failure for the relevant tests when +executed from the install dir. + +Fix the issue updating the install targets. + +Fixes: 3bdd9fd29cb0 ("selftests/net: synchronize udpgro tests' tx and rx connection") +Signed-off-by: Paolo Abeni +Reviewed-by: Willem de Bruijn +Link: https://lore.kernel.org/r/076e8758e21ff2061cc9f81640e7858df775f0a9.1706131762.git.pabeni@redhat.com +Signed-off-by: Jakub Kicinski +[PHLin: ignore the non-existing lib.sh] +Signed-off-by: Po-Hsu Lin +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/net/Makefile | 1 + + 1 file changed, 1 insertion(+) + +--- a/tools/testing/selftests/net/Makefile ++++ b/tools/testing/selftests/net/Makefile +@@ -55,6 +55,7 @@ TEST_PROGS += rps_default_mask.sh + TEST_PROGS += big_tcp.sh + TEST_PROGS_EXTENDED := in_netns.sh setup_loopback.sh setup_veth.sh + TEST_PROGS_EXTENDED += toeplitz_client.sh toeplitz.sh ++TEST_PROGS_EXTENDED += net_helper.sh + TEST_GEN_FILES = socket nettest + TEST_GEN_FILES += psock_fanout psock_tpacket msg_zerocopy reuseport_addr_any + TEST_GEN_FILES += tcp_mmap tcp_inq psock_snd txring_overwrite diff --git a/queue-6.6/selftests-net-list-helper-scripts-in-test_files-makefile-variable.patch b/queue-6.6/selftests-net-list-helper-scripts-in-test_files-makefile-variable.patch new file mode 100644 index 00000000000..07a4237bdf9 --- /dev/null +++ b/queue-6.6/selftests-net-list-helper-scripts-in-test_files-makefile-variable.patch @@ -0,0 +1,55 @@ +From stable+bounces-47648-greg=kroah.com@vger.kernel.org Wed May 29 17:18:05 2024 +From: Po-Hsu Lin +Date: Wed, 29 May 2024 23:16:03 +0800 +Subject: selftests: net: List helper scripts in TEST_FILES Makefile variable +To: stable@vger.kernel.org +Cc: gregkh@linuxfoundation.org, po-hsu.lin@canonical.com +Message-ID: <20240529151603.204106-5-po-hsu.lin@canonical.com> + +From: Po-Hsu Lin + +From: Benjamin Poirier + +commit 06efafd8608dac0c3a480539acc66ee41d2fb430 upstream. + +Some scripts are not tests themselves; they contain utility functions used +by other tests. According to Documentation/dev-tools/kselftest.rst, such +files should be listed in TEST_FILES. Move those utility scripts to +TEST_FILES. + +Fixes: 1751eb42ddb5 ("selftests: net: use TEST_PROGS_EXTENDED") +Fixes: 25ae948b4478 ("selftests/net: add lib.sh") +Fixes: b99ac1841147 ("kselftests/net: add missed setup_loopback.sh/setup_veth.sh to Makefile") +Fixes: f5173fe3e13b ("selftests: net: included needed helper in the install targets") +Suggested-by: Petr Machata +Signed-off-by: Benjamin Poirier +Link: https://lore.kernel.org/r/20240131140848.360618-5-bpoirier@nvidia.com +Signed-off-by: Jakub Kicinski +[PHLin: ignore the non-existing lib.sh] +Signed-off-by: Po-Hsu Lin +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/net/Makefile | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +--- a/tools/testing/selftests/net/Makefile ++++ b/tools/testing/selftests/net/Makefile +@@ -53,9 +53,7 @@ TEST_PROGS += bind_bhash.sh + TEST_PROGS += ip_local_port_range.sh + TEST_PROGS += rps_default_mask.sh + TEST_PROGS += big_tcp.sh +-TEST_PROGS_EXTENDED := in_netns.sh setup_loopback.sh setup_veth.sh +-TEST_PROGS_EXTENDED += toeplitz_client.sh toeplitz.sh +-TEST_PROGS_EXTENDED += net_helper.sh ++TEST_PROGS_EXTENDED := toeplitz_client.sh toeplitz.sh + TEST_GEN_FILES = socket nettest + TEST_GEN_FILES += psock_fanout psock_tpacket msg_zerocopy reuseport_addr_any + TEST_GEN_FILES += tcp_mmap tcp_inq psock_snd txring_overwrite +@@ -94,6 +92,7 @@ TEST_PROGS += test_vxlan_nolocalbypass.s + TEST_PROGS += test_bridge_backup_port.sh + + TEST_FILES := settings ++TEST_FILES += in_netns.sh net_helper.sh setup_loopback.sh setup_veth.sh + + include ../lib.mk + diff --git a/queue-6.6/selftests-net-synchronize-udpgro-tests-tx-and-rx-connection.patch b/queue-6.6/selftests-net-synchronize-udpgro-tests-tx-and-rx-connection.patch new file mode 100644 index 00000000000..10433b67bd1 --- /dev/null +++ b/queue-6.6/selftests-net-synchronize-udpgro-tests-tx-and-rx-connection.patch @@ -0,0 +1,146 @@ +From stable+bounces-47646-greg=kroah.com@vger.kernel.org Wed May 29 17:18:05 2024 +From: Po-Hsu Lin +Date: Wed, 29 May 2024 23:16:00 +0800 +Subject: selftests/net: synchronize udpgro tests' tx and rx connection +To: stable@vger.kernel.org +Cc: gregkh@linuxfoundation.org, po-hsu.lin@canonical.com +Message-ID: <20240529151603.204106-2-po-hsu.lin@canonical.com> + +From: Po-Hsu Lin + +From: Lucas Karpinski + +commit 3bdd9fd29cb0f136b307559a19c107210ad5c314 upstream. + +The sockets used by udpgso_bench_tx aren't always ready when +udpgso_bench_tx transmits packets. This issue is more prevalent in -rt +kernels, but can occur in both. Replace the hacky sleep calls with a +function that checks whether the ports in the namespace are ready for +use. + +Suggested-by: Paolo Abeni +Signed-off-by: Lucas Karpinski +Reviewed-by: Willem de Bruijn +Signed-off-by: David S. Miller +[PHLin: context adjustment for the differences in BPF_FILE] +Signed-off-by: Po-Hsu Lin +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/net/net_helper.sh | 22 ++++++++++++++++++++++ + tools/testing/selftests/net/udpgro.sh | 13 ++++++------- + tools/testing/selftests/net/udpgro_bench.sh | 5 +++-- + tools/testing/selftests/net/udpgro_frglist.sh | 5 +++-- + 4 files changed, 34 insertions(+), 11 deletions(-) + create mode 100755 tools/testing/selftests/net/net_helper.sh + +--- /dev/null ++++ b/tools/testing/selftests/net/net_helper.sh +@@ -0,0 +1,22 @@ ++#!/bin/bash ++# SPDX-License-Identifier: GPL-2.0 ++# ++# Helper functions ++ ++wait_local_port_listen() ++{ ++ local listener_ns="${1}" ++ local port="${2}" ++ local protocol="${3}" ++ local port_hex ++ local i ++ ++ port_hex="$(printf "%04X" "${port}")" ++ for i in $(seq 10); do ++ if ip netns exec "${listener_ns}" cat /proc/net/"${protocol}"* | \ ++ grep -q "${port_hex}"; then ++ break ++ fi ++ sleep 0.1 ++ done ++} +--- a/tools/testing/selftests/net/udpgro.sh ++++ b/tools/testing/selftests/net/udpgro.sh +@@ -3,6 +3,8 @@ + # + # Run a series of udpgro functional tests. + ++source net_helper.sh ++ + readonly PEER_NS="ns-peer-$(mktemp -u XXXXXX)" + + BPF_FILE="xdp_dummy.o" +@@ -51,8 +53,7 @@ run_one() { + echo "ok" || \ + echo "failed" & + +- # Hack: let bg programs complete the startup +- sleep 0.2 ++ wait_local_port_listen ${PEER_NS} 8000 udp + ./udpgso_bench_tx ${tx_args} + ret=$? + wait $(jobs -p) +@@ -97,7 +98,7 @@ run_one_nat() { + echo "ok" || \ + echo "failed"& + +- sleep 0.1 ++ wait_local_port_listen "${PEER_NS}" 8000 udp + ./udpgso_bench_tx ${tx_args} + ret=$? + kill -INT $pid +@@ -118,11 +119,9 @@ run_one_2sock() { + echo "ok" || \ + echo "failed" & + +- # Hack: let bg programs complete the startup +- sleep 0.2 ++ wait_local_port_listen "${PEER_NS}" 12345 udp + ./udpgso_bench_tx ${tx_args} -p 12345 +- sleep 0.1 +- # first UDP GSO socket should be closed at this point ++ wait_local_port_listen "${PEER_NS}" 8000 udp + ./udpgso_bench_tx ${tx_args} + ret=$? + wait $(jobs -p) +--- a/tools/testing/selftests/net/udpgro_bench.sh ++++ b/tools/testing/selftests/net/udpgro_bench.sh +@@ -3,6 +3,8 @@ + # + # Run a series of udpgro benchmarks + ++source net_helper.sh ++ + readonly PEER_NS="ns-peer-$(mktemp -u XXXXXX)" + + BPF_FILE="xdp_dummy.o" +@@ -40,8 +42,7 @@ run_one() { + ip netns exec "${PEER_NS}" ./udpgso_bench_rx ${rx_args} -r & + ip netns exec "${PEER_NS}" ./udpgso_bench_rx -t ${rx_args} -r & + +- # Hack: let bg programs complete the startup +- sleep 0.2 ++ wait_local_port_listen "${PEER_NS}" 8000 udp + ./udpgso_bench_tx ${tx_args} + } + +--- a/tools/testing/selftests/net/udpgro_frglist.sh ++++ b/tools/testing/selftests/net/udpgro_frglist.sh +@@ -3,6 +3,8 @@ + # + # Run a series of udpgro benchmarks + ++source net_helper.sh ++ + readonly PEER_NS="ns-peer-$(mktemp -u XXXXXX)" + + BPF_FILE="xdp_dummy.o" +@@ -45,8 +47,7 @@ run_one() { + echo ${rx_args} + ip netns exec "${PEER_NS}" ./udpgso_bench_rx ${rx_args} -r & + +- # Hack: let bg programs complete the startup +- sleep 0.2 ++ wait_local_port_listen "${PEER_NS}" 8000 udp + ./udpgso_bench_tx ${tx_args} + } + diff --git a/queue-6.6/series b/queue-6.6/series index e9edd25a880..f73ed43e941 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -7,3 +7,8 @@ mptcp-avoid-some-duplicate-code-in-socket-option-handling.patch mptcp-cleanup-sol_tcp-handling.patch mptcp-fix-full-tcp-keep-alive-support.patch erofs-avoid-allocating-deflate-streams-before-mounting.patch +mm-ratelimit-stat-flush-from-workingset-shrinker.patch +vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch +selftests-net-synchronize-udpgro-tests-tx-and-rx-connection.patch +selftests-net-included-needed-helper-in-the-install-targets.patch +selftests-net-list-helper-scripts-in-test_files-makefile-variable.patch diff --git a/queue-6.6/vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch b/queue-6.6/vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch new file mode 100644 index 00000000000..a0d7634b3ff --- /dev/null +++ b/queue-6.6/vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch @@ -0,0 +1,62 @@ +From 1cd4bc987abb2823836cbb8f887026011ccddc8a Mon Sep 17 00:00:00 2001 +From: Daniel Borkmann +Date: Mon, 3 Jun 2024 10:59:26 +0200 +Subject: vxlan: Fix regression when dropping packets due to invalid src addresses + +From: Daniel Borkmann + +commit 1cd4bc987abb2823836cbb8f887026011ccddc8a upstream. + +Commit f58f45c1e5b9 ("vxlan: drop packets from invalid src-address") +has recently been added to vxlan mainly in the context of source +address snooping/learning so that when it is enabled, an entry in the +FDB is not being created for an invalid address for the corresponding +tunnel endpoint. + +Before commit f58f45c1e5b9 vxlan was similarly behaving as geneve in +that it passed through whichever macs were set in the L2 header. It +turns out that this change in behavior breaks setups, for example, +Cilium with netkit in L3 mode for Pods as well as tunnel mode has been +passing before the change in f58f45c1e5b9 for both vxlan and geneve. +After mentioned change it is only passing for geneve as in case of +vxlan packets are dropped due to vxlan_set_mac() returning false as +source and destination macs are zero which for E/W traffic via tunnel +is totally fine. + +Fix it by only opting into the is_valid_ether_addr() check in +vxlan_set_mac() when in fact source address snooping/learning is +actually enabled in vxlan. This is done by moving the check into +vxlan_snoop(). With this change, the Cilium connectivity test suite +passes again for both tunnel flavors. + +Fixes: f58f45c1e5b9 ("vxlan: drop packets from invalid src-address") +Signed-off-by: Daniel Borkmann +Cc: David Bauer +Cc: Ido Schimmel +Cc: Nikolay Aleksandrov +Cc: Martin KaFai Lau +Reviewed-by: Ido Schimmel +Reviewed-by: Nikolay Aleksandrov +Reviewed-by: David Bauer +Signed-off-by: David S. Miller +[ Backport note: vxlan snooping/learning not supported in 6.8 or older, + so commit is simply a revert. ] +Signed-off-by: Daniel Borkmann +Signed-off-by: Greg Kroah-Hartman +--- + drivers/net/vxlan/vxlan_core.c | 4 ---- + 1 file changed, 4 deletions(-) + +--- a/drivers/net/vxlan/vxlan_core.c ++++ b/drivers/net/vxlan/vxlan_core.c +@@ -1615,10 +1615,6 @@ static bool vxlan_set_mac(struct vxlan_d + if (ether_addr_equal(eth_hdr(skb)->h_source, vxlan->dev->dev_addr)) + return false; + +- /* Ignore packets from invalid src-address */ +- if (!is_valid_ether_addr(eth_hdr(skb)->h_source)) +- return false; +- + /* Get address from the outer IP header */ + if (vxlan_get_sk_family(vs) == AF_INET) { + saddr.sin.sin_addr.s_addr = ip_hdr(skb)->saddr;