If ktls.require_ifnet is set to true, then check the TLS offload mode
for tests sending and receiving records and skip the test if the
offload mode is not ifnet mode.
This can be used along with ktls.host to run KTLS tests against a NIC
supporting ifnet TLS and verify that expected cipher suites and
directions used ifnet TLS rather than software TLS. Receive tests may
result in a false positive as receive ifnet TLS can use software as a
fallback.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D35427
Previously ktls tests always executed over a local socket pair.
ktls.host can be set to a host to connect to with a single socket
instead. The remote end is expected to echo back any data received
(such as the echo service). The port can be set with ktls.port which
defaults to "echo".
This is primarily useful to permit testing NIC TLS offload use cases
where the traffic needs to transit the NIC.
Note that the variables must be set via
'kyua -v test_suites.FreeBSD.ktls.host=host'.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D35426
Make it a complex, but a single for(;;) statement. The previous cycle
with some loop logic in the beginning and some loop logic at the end
was confusing. Both me and markj@ were misleaded to a conclusion that
some checks are unnecessary, while they actually were necessary.
While here, handle an edge case found by Mark, when on 64-bit platform
an incorrect message from userland would underflow length counter, but
return without any error. Provide a test case for such message.
Reviewed by: markj
Differential revision: https://reviews.freebsd.org/D35375
Test pfsync in a more realistic scenario with carp and route_to rules.
Build this topology and initiate a single ping session from client to
server:
┌──────┐
│client│
└───┬──┘
│
┌───┴───┐
│bridge0│
└┬─────┬┘
│ │
┌────────────────┴─┐ ┌─┴────────────────┐
│gw_route_to_master├─┤gw_route_to_backup│
└────────────────┬─┘ └─┬────────────────┘
│ │
┌┴─────┴┐
│bridge1│
└┬─────┬┘
│ │
┌────────────────┴─┐ ┌─┴────────────────┐
│gw_reply_to_master├─┤gw_reply_to_backup│
└────────────────┬─┘ └─┬────────────────┘
│ │
┌┴─────┴┐
│bridge2│
└───┬───┘
│
┌───┴──┐
│server│
└──────┘
gw* jails forward traffic through pf route-to rules, not fib lookups.
If backup_promotion arg is given (as in the pfsync_pbr test case), a
carp failover event occurs during the ping session on both gateways.
Verify that ping messages still go where we expect them to go.
MFC after: 2 weeks
Sponsored by: Orange Business Services
Put some data into a socket and check that:
o select(2) sees readable data
o kevent(2) sees data, and correctly sees data size
o ioctl(FIONREAD) sees correct size
o aio(4) successfully reads the data
Repeat the test twice for a connected socket and not-connected. With
future implementation these two cases would exercise different code.
We could insert proxy NDP entries by the ndp command, but the host
with proxy ndp entries had not responded to Neighbor Solicitations.
Change the following points for proxy NDP to work as expected:
* join solicited-node multicast addresses for proxy NDP entries
in order to receive Neighbor Solicitations.
* look up proxy NDP entries not on the routing table but on the
link-level address table when receiving Neighbor Solicitations.
Reviewed By: melifaro
Differential Revision: https://reviews.freebsd.org/D35307
MFC after: 2 weeks
Fix:
tests/sys/kern/unix_passfd_test.c:414:24: error: comparison of integers
of different signs: 'int' and 'unsigned int' [-Werror,-Wsign-compare]
ATF_REQUIRE(getnfds() == nfds + MAXFDS);
~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
powerpc.powerpc/tmp/usr/include/atf-c/macros.h:144:15: note: expanded
from macro 'ATF_REQUIRE'
if (!(expression)) \
^~~~~~~~~~
1 error generated.
--- unix_passfd_test.o ---
o Exercise bounds checking when sending large set of file descriptors,
that can't fit into single control mbuf.
o Exercise resource limits checks when receiving a large sets.
o Check that socket isn't left in a completely stuck state when we can't
receive SCM_RIGHTS due to limits. Current SOCK_STREAM socket would
free the control, but leave the data in. This seems to be a legit
behavior for a stream socket, as we don't want holes in the data.
PR: 239250
Reviewed by: markj
Differential revision: https://reviews.freebsd.org/D35315
Just invoke the test program directly instead of trying to convert its
output to TAP format. The test suite is all or nothing; there's no way
to enumerate individual test cases, so there's no advantage in trying to
massage its output, and doing so throws away information that's useful
when diagnosing test failures.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
One of the tests exposes the regression reported in PR 264131.
One test is disabled because FreeBSD does not support setting EV_ONESHOT
on an already-added periodic timer. Though, in this case the flag is
simply ignored, which isn't ideal.
One test is slightly modified to set EV_ADD when reconfiguring a
disabled timer per some commentary in PR 258412.
Ideally we would re-import the test suite from libkqueue but there is a
fair bit of divergence so this will require some effort. This just gets
us one small step closer while increasing test coverage.
PR: 258412
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
- Some EVFILT_PROC bugs were fixed around the time that the tests were
disabled.
- I can't reproduce any failures locally.
- Jenkins logs referenced from the PR are gone, so let's re-enable the
tests and see whether a problem persists.
PR: 233586
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Only the send_and_shutdown test is exclusive, but kyua doesn't allow
to prevent parallel execution of a single test.
Approved by: glebius
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35260
Validate the cases where a match can be found immediately and where no
match can be found. This extends the existing test cases and is enough
to catch the bug fixed in commit 6e7a585348 ("bitstring: fix ff_area()
when start!=0").
Reviewed by: dougm
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35259
Extend the existing ethernet dummynet test to also test dummynet on the
outbound direction.
This used to be a problem as traffic shaping wasn't done in the ethernet
code. It merely tagged the packet and left shaping up to the layer 3 pf
code. This works in the inbound direction, but not for outbound traffic
where we hit the L3 code first and only then the L2 code.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D35258
test_sig_discard_ign_* could not run at the same time.
Approved by: dchagin
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35236
* If during FUSE_CREATE, FUSE_MKDIR, etc the server returns the same
inode number for the new file as for its parent directory, reject it.
Previously this would triggers a recurse-on-non-recursive lock panic.
* If during FUSE_LINK the server returns a different inode number for
the new name as for the old one, reject it. Obviously, that can't be
a hard link.
* If during FUSE_LOOKUP the server returns the same inode number for the
new file as for its parent directory, reject it. Nothing good can
come of this.
PR: 263662
Reported by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 2 weeks
Reviewed by: pfg
Differential Revision: https://reviews.freebsd.org/D35128
Both of these functions would overflow for very large inputs. Add tests
for them. Also, add tests for the inverse functions, *stosbt, whose
overflow errors were fixed by 4c30b9ecd4.
PR: 263073
MFC after: 1 week
Sponsored by: Axcient
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D34809
This has two goals:
- Exercize call to unp_dispose() via soshutdown() instead of sofree()
- Make sure that shutdown indeed dereferences the fd stored
Reviewed by: markj
Differential revision: https://reviews.freebsd.org/D35122
When we destroy an interface while the jail containing it is being
destroyed we risk seeing a race between if_vmove() and the destruction
code, which results in us trying to move a destroyed interface.
Protect against this by using the ifnet_detach_sxlock to also covert
if_vmove() (and not just detach).
PR: 262829
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D34704
The fusefs tests intentionally leak file descriptors. Annotate all of
the leakages in order to hopefully pacify Coverity.
Reported by: Coverity (20 different CIDs)
MFC after: 2 weeks
Sponsored by: Axcient
As a fallout of backing out 91f44749c6, vnet tests started
failing in CI. Temporarily broadly disable vnet tests until
specific cases can be resolved, and file a bug.
PR: 263767
Differential Revision: https://reviews.freebsd.org/D35119
Submitted by: kbowling
The daemon can specify fsname=XXX in its mount options. If so, the file
system should report f_mntfromname as XXX during statfs. This will show
up in the output of commands like mount and df.
Submitted by: Ali Abdallah <ali.abdallah@suse.com>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D35090
At mount time server can set, for example, "subtype=xfs", so that
mount(8) will later show the mountpoint's file system as "fusefs.xfs".
fusefs has had this feature ever since the original GSoC commit in 2012,
but there's never been a test for it.
MFC after: 2 weeks
Prior to fuse protocol version 7.9, the fuse_entry_out structure had a
smaller size. But fuse_vnop_create did not take that into account when
working with servers that use older protocols. The bug does not matter
for servers which don't use file handles or open flags (the only fields
affected).
PR: 263625
Submitted by: Ali Abdallah <ali.abdallah@suse.com>
MFC after: 2 weeks
It may be dynamic so we can't rely on PAGE_SIZE being present or
correct.
Reviewed by: markj, kib, imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34961
The largepage_config posix shared memory test was failing on arm64 as
the page size array is never filled out. Fix this by calling
getpagesizes(3), via pagesizes.
Reviewed by: markj, kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34960
Allow tables to be used for the l3 source/destination matching.
This requires taking the PF_RULES read lock.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D34917
During a FUSE_WRITE, the kernel requests the server to write a certain
amount of data, and the server responds with the amount that it actually
did write. It is obviously an error for the server to write more than
it was provided, and we always treated it as such, but there were two
problems:
* If the server responded with a huge amount, greater than INT_MAX, it
would trigger an integer overflow which would cause a panic.
* When extending the file, we wrongly set the file's size before
validing the amount written.
PR: 263263
Reported by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 2 weeks
Sponsored by: Axcient
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D34955
Perhaps surprisingly, and contrary to the expectations of
path_test:path_event, NOTE_LINK events are not raised when a file is
unlinked. Prior to commit bf13db086b, the test happened to work
because unlinking the file would cause the vnode to be recycled, and
EVFILT_VNODE knotes deliver an event with EV_EOF set when the vnode is
doomed. Since the test did not verify the note type, the test
succeeded. After commit bf13db086b, the vnode is not recycled after
being unlinked and so the test hangs.
Fix the test by waiting for NOTE_DELETE instead, and check that we got
the note that we expected.
Reported by: Jenkins
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Formerly fusefs would pass up the stack any error value returned by the
fuse server. However, some values aren't valid for userland, but have
special meanings within the kernel. One of these, EJUSTRETURN, could
cause a kernel page fault if the server returned it in response to
FUSE_LOOKUP. Fix by validating all errors returned by the server.
Also, fix a data lifetime bug in the FUSE_DESTROY test.
PR: 263220
Reported by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 3 weeks
Sponsored by: Axcient
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D34931
When an overlength path is set as the temporary directory for test
case sys/audit/inter-process:shm_unlink_success, the test will fail,
e.g.
```
root@freebsd:/usr/tests/sys/audit # env TMPDIR=/var/tmp/tests/kyua kyua test inter-process:shm_unlink_success
inter-process:shm_unlink_success -> failed: shm_unlink.*fileforaudit.*return,success not found in auditpipe within the time limit [10.452s]
Results file id is usr_tests_sys_audit.20220412-221852-924310
Results saved to /root/.kyua/store/results.usr_tests_sys_audit.20220412-221852-924310.db
0/1 passed (1 failed)
```
The root cause is that dirpath is defined too small to handle it.
Reviewers: vangyzen, dab
Differential Revision: https://reviews.freebsd.org/D34885
Submitted by: Yongbo Yao (yongbo.yao@dell.com)
Sponsored by: Dell Technologies
The page size may be dynamically selected on boot. Have the
coredump_phnum test helper ask the kernel for the correct value.
Sponsored by: The FreeBSD Foundation
