Commit Graph

1507 Commits

Author SHA1 Message Date
Kristof Provost
c90b9a5ebb netpfil tests: add dummynet fq_codel test case
fq_codel was broken due to a missing m_rcvif_serialize() in the enqueue
path.
Add a simple test case to ensure it at least passes traffic.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-11-11 11:55:59 +01:00
Kristof Provost
832c8a58e1 if_ovpn tests: add aes-128-gcm test case
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-11-11 11:17:39 +01:00
Kristof Provost
e838ed7ca1 if_ovpn tests: fix typo in test description
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-11-10 14:34:25 +01:00
Ed Maste
185efcc376 tests: also remove sparc64 case
Followup to commit d6273acf56, which removed MIPS.

Reported by:	mhorne
2022-11-08 18:55:00 -05:00
Ed Maste
d6273acf56 tests: retire now-unused MIPS case 2022-11-08 09:17:53 -05:00
Kristof Provost
a7222b3cc3 pf tests: bridge-to test case
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D37194
2022-11-02 15:45:23 +01:00
Kristof Provost
20777f79b8 ipsec tests: add test case for chacha20_poly1305
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D37181
2022-11-02 14:19:37 +01:00
Kristof Provost
e1274b5b26 bridge tests: re-enable span test
The root cause of the intermittent span test failures has been
identified as a race between sending the packet and starting the bpf
capture.
This is now resolved, so the test can be re-enabled.

PR:		260461
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-11-02 11:59:11 +01:00
Kristof Provost
67557372df tests: make sniffer more robust
The Sniffer class is often used by test tools such as pft_ping to verify
that packets actually get sent where they're expected.

It starts a background thread to capture packets, but this thread needs
some time to start, leading to intermittent test failures when the
capture doesn't start before the relevant packet is sent.

Add a semaphore to ensure the Sniffer constructor doesn't return until
the capture is actually running.

PR:		260461
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-11-02 11:59:10 +01:00
Kristof Provost
45258e1bc7 pf tests: make killstate tests more robust
Rather than using a Scapy-based Python script only check if the state
still exists. Scapy tends to be slow to start, it appears because it
lists all interfaces and gets their (IPv6) addresses a couple of times
at startup. This can be sufficient for the ICMP state to time out and
the test to fail.

We now only check if the state exists or is removed as expected, which
makes things faster, and should mean the test is more robust on slower
machines (such as CI VMs).

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-11-01 18:47:05 +01:00
Kristof Provost
b0bf430310 pf tests: verify syncookie status report
Verify that pfctl -si -v correctly shows syncookies to be
active/inactive.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-10-31 18:14:10 +01:00
John Baldwin
9e0aaedd70 Split netinet shell tests into one per line.
This makes diffs when adding or removing tests easier to read.

While here, sort the list of tests.

Reviewed by:	kevans, melifaro, asomers, markj, emaste
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D36908
2022-10-28 13:36:12 -07:00
Alan Somers
f6e5319550 fusefs: fix VOP_ADVLOCK with SEEK_END
When the user specifies SEEK_END, unlike SEEK_CUR, VOP_ADVLOCK must
adjust lock offsets itself.

Sort-of related to bug 266886.

MFC after:	2 weeks
Reviewed by:	emaste
Differential Revision: https://reviews.freebsd.org/D37040
2022-10-18 19:11:49 -06:00
Kristof Provost
713efe0542 if_ovpn tests: fix timeout test case
Use the management interface to work out if we've timed out the client,
rather than looking for an openvpn process to die (with incorrect
syntax).

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-10-18 10:12:23 +02:00
Kristof Provost
188e069670 if_ovpn tests: test explicit exit notifications
Test that when a client exits the server notices this, even without
keepalive traffic.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-10-18 10:12:22 +02:00
Alan Somers
3c3b906b54 fusefs: After successful F_GETLK, l_whence should be SEEK_SET
PR:		266886
Reported by:	John Millikin <jmillikin@gmail.com>
MFC after:	2 weeks
Reviewed by:	emaste
Differential Revision: https://reviews.freebsd.org/D37014
2022-10-17 07:09:50 -06:00
Alan Somers
46fcf947c6 fusefs: during F_GETLK, don't change l_pid if no lock is found
PR:		266885
MFC after:	2 weeks
Submitted by:	John Millikin <jmillikin@gmail.com>
Sponsored by:	Axcient
Reviewed by:	emaste
Differential Revision: https://reviews.freebsd.org/D36905
2022-10-07 09:09:21 -06:00
Kornel Dulęba
fdbd0ba75d test/sys/opencrypto: Fix NIST KAT parser iterator
When yield a.k.a "generator" iterator is used we need to return all
data using "yield", before returning from the function.
Because of that only encryption tests were run for AES-CBC, other modes
were affected as well.
Add one more loop to the iterator "next" routine to fix that.
This unveiled a problem in the GCM AEAD parser logic, which didn't
correctly handle tests cases with empty plaintext, i.e. AAD only.
Include the fix in this patch as it's a rather trivial one.

Obtained from:	Semihalf
Differential Revision: https://reviews.freebsd.org/D36861
2022-10-06 16:42:31 +02:00
Gleb Smirnoff
69d79ceb2c tests/unix_passfd: add test case against 636420bde3 2022-09-30 13:43:37 -07:00
Gleb Smirnoff
0421ff5ab1 tests/unix_passfd: factor out sysctl(3) read into separate function 2022-09-30 13:43:08 -07:00
Alan Somers
52360ca32f copy_file_range: truncate write if it would exceed RLIMIT_FSIZE
PR:		266611
MFC after:	2 weeks
Reviewed by:	kib
Differential Revision: https://reviews.freebsd.org/D36706
2022-09-26 15:22:29 -06:00
Mark Johnston
e4eedf8c31 posixshm tests: Map the large pages in the madvise test
This improves test coverage and was unintentionally omitted when the
tests were written.

MFC after:	1 week
2022-09-26 08:58:10 -04:00
Kristof Provost
76e1c9c671 if_ovpn: fix address family check when traffic class bits are set
When the tunneled (IPv6) traffic had traffic class bits set (but only >=
16) the packet got lost on the receive side.

This happened because the address family check in ovpn_get_af() failed
to mask correctly, so the version check didn't match, causing us to drop
the packet.

While here also extend the existing 6-in-6 test case to trigger this
issue.

PR:		266598
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-09-26 13:54:20 +02:00
Alan Somers
be280f60dd fusefs: truncate write if it would exceed RLIMIT_FSIZE
PR:		164793
MFC after:	2 weeks
Reviewed by:	kib
Differential Revision: https://reviews.freebsd.org/D36703
2022-09-25 15:02:59 -06:00
Alan Somers
0a192b3aba fusefs: respect RLIMIT_FSIZE during truncate
PR:		164793
MFC after:	2 weeks
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D36703
2022-09-25 15:02:23 -06:00
Mitchell Horne
c387c23098 tests/sys/fs: remove mips workaround
MIPS is gone, so we no longer require this check.

Reviewed by:	imp, asomers
Differential Revision:	https://reviews.freebsd.org/D36566
2022-09-15 10:58:42 -03:00
Mitchell Horne
80dadb9c1a pf tests: require scapy for ether:short_pkt
The pft_ether.py script requires both python and scapy to be installed.
Check for this so we properly skip the test when it is unavailable.

Reviewed by:	kp
Fixes:	07ffa50ba0 ("pf tests: test short packets")
Differential Revision:	https://reviews.freebsd.org/D36561
2022-09-15 10:58:42 -03:00
Kristof Provost
95d5a656a2 pf tests: syncookie limits test
Test that we can successfuly set syncookie high/low watermarks for very
low or very high state limits.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D36498
2022-09-12 09:32:02 +02:00
Doug Moore
2c545cf3b0 rb_tree: test rank balance
With _RB_DIAGNOSTIC defined, provide an RB_RANK method to compute the
rank of a node in an rb-tree, if the subtree rooted at that node is
rank-balanced, and -1 otherwise.

In rb_test, rewrite a bit to avoid malloc/free and nondeterministic
running times because of randomness. Allocate all the nodes on the
stack, and shuffle a set of keys to get randomness for the testing.

Add a rank-balance check for the completed tree.

Reviewed by:	markj
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D36484
2022-09-07 21:40:05 -05:00
Gleb Smirnoff
322b5b7c16 tests: partial revert of 4627bc1e90
Python's socketmodule isn't able to construct sockaddr when it doesn't
recognize the address family.  Until this is solved in python let the
tests use the compatibility way to create divert(4) socket.
2022-09-06 20:54:49 -07:00
Kristof Provost
d5a0bf4517 pf tests: test wildcard anchors
Ensure that a wildcard anchor actually includes any nested anchors (i.e.
foo/* will call into foo/bar).

MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D36414
2022-09-06 10:42:09 +02:00
Gleb Smirnoff
4627bc1e90 tests: use PF_DIVERT/SOCK_RAW instead of PF_INET/SOCK_RAW/IPPROTO_DIVERT 2022-08-30 16:24:37 -07:00
Li-Wen Hsu
9ea2716b77
Reenable basic_signal:trap_signal_test on i386
This is fixed in dc4a2d1d0e

PR:		265889
Sponsored by:	The FreeBSD Foundation
MFC with:	dc4a2d1d0e
2022-08-25 12:09:00 +08:00
Eric van Gyzen
3b0f105ce3 shared_shadow_inval_test: fix copy-pasto in error message
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2022-08-24 13:03:11 -05:00
Mark Johnston
4b8feb5d61 tests: Handle platforms with MAXPAGESIZES < 2
Reported by:	Jenkins
Fixes:		1dfa8b73f6 ("tests: Add more shared shadow regression tests")
2022-08-23 19:48:06 -04:00
Eric van Gyzen
3d268c19ef Fix shared_shadow_inval_test when superpages are disabled
In that case, there is only one page size.

Reviewed by:	kib
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D36265
2022-08-23 09:12:51 -05:00
Kristof Provost
eed634d113 if_ovpn tests: fix WITHOUT_PF
At least one if_ovpn.sh test relies on pf, so the file includes
netpfil/pf/utils.subr, which doesn't exist if WITHOUT_PF is set.

Do not install the if_ovpn.sh tests if pf is disabled.

Suggested by:	Olivier Cochard-Labbé <olivier@freebsd.org>
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-08-18 11:25:51 +02:00
Li-Wen Hsu
beeeb40bca
basic_signal test: really skip trap_signal_test on i386
PR:		265889
Fixes:		c04721e35f
Sponsored by:	The FreeBSD Foundation
2022-08-17 08:15:10 +08:00
Li-Wen Hsu
c04721e35f
basic_signal test: temporarily skip trap_signal_test on i386
This case crashes a bhyve VM.

PR:		265889
Sponsored by:	The FreeBSD Foundation
2022-08-17 06:03:37 +08:00
Dimitry Andric
ab28cc352b Adjust function definition in if_ovpn_c.c to avoid clang 15 warning
With clang 15, the following -Werror warning is produced:

    tests/sys/net/if_ovpn/if_ovpn_c.c:19:14: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
    fake_sockaddr()
		 ^
		  void

This is because fake_sockaddr() is declared with a (void) argument list,
but defined with an empty argument list. Make the definition match the
declaration.

MFC after:      3 days
2022-08-14 13:11:52 +02:00
Kristof Provost
248da7940a if_ovpn tests: Test using a TCP socket for DCO
This used to trigger panics, so try to reproduce it.
Create an if_ovpn interface, set a new peer on it with a TCP fd (as
opposed to the expected UDP) and ensure that this is rejected.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-08-11 10:40:03 +02:00
Mark Johnston
1dfa8b73f6 tests: Add more shared shadow regression tests
The new tests exercise simulated COW that occurs when the protections on
a wired, copy-on-write mapping are changed from read-only to read-write.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D35636
2022-08-09 18:34:01 -04:00
Kristof Provost
b77d581535 if_ovpn tests: remote access test case
Add a (multi-client) test case where we route traffic beyond the ovpn
server, onto a shared LAN.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-08-09 15:14:14 +02:00
Mike Karels
ec00e95190 netinet tests: Add test for IPv6 mapped-v4 bind problem
Test fix in 637f317c6d, verifying that when ports run out, we get
an EADDRNOTAVAIL error from bind() rather than an EADDRINUSE error
from connect().  Use small port range to exhaust ports and see which
error happens.

Reviewed by:	tuexen, glebius, melifaro
Differential Revision:	https://reviews.freebsd.org/D36056
MFC after:	3 days (with 637f317c6d)
2022-08-09 07:08:09 -05:00
Gleb Smirnoff
e87ff1ea22 tests/socket: add accept_filter(9) test
Test basic functionality of accf_data(9) and accf_http(9)
2022-08-08 14:10:18 -07:00
John Baldwin
cc13c98302 ktls_test: Add a require_toe option similar to require_ifnet.
This skips tests that send and receive records that do not use TOE TLS.

Sponsored by:	Chelsio Communications
2022-08-08 11:21:54 -07:00
Alexander V. Chernikov
7064c94a02 tests: add routing tests for switching between same prefixes
Differential Revision: https://reviews.freebsd.org/D36055
MFC after:	2 weeks
2022-08-07 19:45:25 +00:00
Mark Johnston
121e120883 bridge tests: Tests using pft_ping.py require scapy
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2022-08-04 09:41:52 -04:00
Alexander V. Chernikov
f28532a0f3 tests: fix unix_passfd_dgram:rights_creds_payload after be1f485d7d
The test was failing due to the assert on lack of MSG_TRUNC flag in the
 output flags of recvmsg().
The code passed MSG_TRUNC, along with sufficient-size buffer to hold the
 message to-be-received to the recvmsg(), and expected MSG_TRUNC to be
 returned as well.

This is not exactly correct as a) MSG_TRUNC was not even a supported
 recvmsg() flag before be1f485d7d and b) it violates POSIX, as
 POSIX states it should be set only "If a message is too long to fit in
 the supplied buffers,".
The test was working before as the kernel copied input flags to the
 output flags. be1f485d7d changed that behaviour to clear MSG_TRUNC
 if it was present on the input.

Fix the test by checking POSIX-defined behaviour.

Discussed with:	glebius
2022-08-01 09:20:45 +00:00
Alexander V. Chernikov
be1f485d7d sockets: add MSG_TRUNC flag handling for recvfrom()/recvmsg().
Implement Linux-variant of MSG_TRUNC input flag used in recv(), recvfrom() and recvmsg().
Posix defines MSG_TRUNC as an output flag, indicating packet/datagram truncation.
Linux extended it a while (~15+ years) ago to act as input flag,
resulting in returning the full packet size regarless of the input
buffer size.
It's a (relatively) popular pattern to do recvmsg( MSG_PEEK | MSG_TRUNC) to get the
packet size, allocate the buffer and issue another call to fetch the packet.
In particular, it's popular in userland netlink code, which is the primary driving factor of this change.

This commit implements the MSG_TRUNC support for SOCK_DGRAM sockets (udp, unix and all soreceive_generic() users).

PR:		kern/176322
Reviewed by:	pauamma(doc)
Differential Revision: https://reviews.freebsd.org/D35909
MFC after:	1 month
2022-07-30 18:21:51 +00:00