Commit Graph

1577 Commits

Author SHA1 Message Date
Gleb Smirnoff
235d960aae tests/unix_passfd: compile SOCK_STREAM and SOCK_DGRAM versions
Most test pass identically on different kinds of sockets. However,
few edge cases work differently on stream and datagram sockets. We
want to exercise this and document.

Differential revision:	https://reviews.freebsd.org/D35420
2022-06-24 09:09:11 -07:00
Gleb Smirnoff
458f475df8 unix/dgram: smart socket buffers for one-to-many sockets
A one-to-many unix/dgram socket is a socket that has been bound
with bind(2) and can get multiple connections.  A typical example
is /var/run/log bound by syslogd(8) and receiving multiple
connections from libc syslog(3) API.  Until now all of these
connections shared the same receive socket buffer of the bound
socket.  This made the socket vulnerable to overflow attack.
See 240d5a9b1c for a historical attempt to workaround the problem.

This commit creates a per-connection socket buffer for every single
connected socket and eliminates the problem.  The new behavior will
optimize seldom writers over frequent writers.  See added test case
scenarios and code comments for more detailed description of the
new behavior.

Reviewed by:		markj
Differential revision:	https://reviews.freebsd.org/D35303
2022-06-24 09:09:11 -07:00
Claudio Jeker
7958889716 Add tests for TCP_MD5 getsockopt
Add tests for TCP_MD5 getsockopt for ipv6 and ipv4. These will only run
when the kernel module is loaded, but will be in place if further
regressions are found.

Reviewed by:	rscheff
MFC after:	3 days
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D35532
2022-06-23 15:57:56 +01:00
Li-Wen Hsu
b256d2dc0c
Temporarily skip flaky test case: sys.netpfil.common.dummynet.ipfw_queue
PR:		264805
Sponsored by:	The FreeBSD Foundation
2022-06-21 20:00:07 +08:00
Kristof Provost
3fccdfab64 pf tests: basic 'tagged' test for Ethernet rules
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D35364
2022-06-20 10:16:20 +02:00
Kristof Provost
7b271afd62 pf tests: basic 'tagged' test for Ethernet rules
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D35363
2022-06-20 10:16:20 +02:00
Andrew Turner
2ff6e4ee97 Remove PAGE_SIZE from the kcov tests
To allow for a dynamic page size on arm64 remove the static valud from
the kcov tests

Sponsored by:	The FreeBSD Foundation
2022-06-17 10:43:30 +01:00
John Baldwin
ea4ebdcb4d ktls_test: Permit an option to skip tests not using ifnet TLS.
If ktls.require_ifnet is set to true, then check the TLS offload mode
for tests sending and receiving records and skip the test if the
offload mode is not ifnet mode.

This can be used along with ktls.host to run KTLS tests against a NIC
supporting ifnet TLS and verify that expected cipher suites and
directions used ifnet TLS rather than software TLS.  Receive tests may
result in a false positive as receive ifnet TLS can use software as a
fallback.

Reviewed by:	markj
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D35427
2022-06-14 10:35:01 -07:00
John Baldwin
2400a7b18f ktls_test: Permit connecting to a remote echo server for tests.
Previously ktls tests always executed over a local socket pair.
ktls.host can be set to a host to connect to with a single socket
instead.  The remote end is expected to echo back any data received
(such as the echo service).  The port can be set with ktls.port which
defaults to "echo".

This is primarily useful to permit testing NIC TLS offload use cases
where the traffic needs to transit the NIC.

Note that the variables must be set via
'kyua -v test_suites.FreeBSD.ktls.host=host'.

Reviewed by:	markj
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D35426
2022-06-14 10:34:51 -07:00
John Baldwin
2c10520533 ktls_test: Add a helper function to close sockets.
Reviewed by:	markj
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D35425
2022-06-14 10:34:38 -07:00
Gleb Smirnoff
d97922c6c6 unix/*: rewrite unp_internalize() cmsg parsing cycle
Make it a complex, but a single for(;;) statement.  The previous cycle
with some loop logic in the beginning and some loop logic at the end
was confusing.  Both me and markj@ were misleaded to a conclusion that
some checks are unnecessary, while they actually were necessary.

While here, handle an edge case found by Mark, when on 64-bit platform
an incorrect message from userland would underflow length counter, but
return without any error.  Provide a test case for such message.

Reviewed by:		markj
Differential revision:	https://reviews.freebsd.org/D35375
2022-06-06 10:05:28 -07:00
Thomas Pasqualini
536e1da18b pf tests: pfsync and route_to test case
Test pfsync in a more realistic scenario with carp and route_to rules.

Build this topology and initiate a single ping session from client to
server:
		   ┌──────┐
		   │client│
		   └───┬──┘
		       │
		   ┌───┴───┐
		   │bridge0│
		   └┬─────┬┘
		    │     │
   ┌────────────────┴─┐ ┌─┴────────────────┐
   │gw_route_to_master├─┤gw_route_to_backup│
   └────────────────┬─┘ └─┬────────────────┘
		    │     │
		   ┌┴─────┴┐
		   │bridge1│
		   └┬─────┬┘
		    │     │
   ┌────────────────┴─┐ ┌─┴────────────────┐
   │gw_reply_to_master├─┤gw_reply_to_backup│
   └────────────────┬─┘ └─┬────────────────┘
		    │     │
		   ┌┴─────┴┐
		   │bridge2│
		   └───┬───┘
		       │
		   ┌───┴──┐
		   │server│
		   └──────┘

gw* jails forward traffic through pf route-to rules, not fib lookups.
If backup_promotion arg is given (as in the pfsync_pbr test case), a
carp failover event occurs during the ping session on both gateways.

Verify that ping messages still go where we expect them to go.

MFC after:	2 weeks
Sponsored by:	Orange Business Services
2022-06-04 14:23:17 +02:00
Gleb Smirnoff
70d07b2089 tests/unix_dgram: add test for event dispatchers
Put some data into a socket and check that:

o select(2) sees readable data
o kevent(2) sees data, and correctly sees data size
o ioctl(FIONREAD) sees correct size
o aio(4) successfully reads the data

Repeat the test twice for a connected socket and not-connected.  With
future implementation these two cases would exercise different code.
2022-06-03 12:55:44 -07:00
KUROSAWA Takahiro
d6cd20cc5c netinet6: fix ndp proxying
We could insert proxy NDP entries by the ndp command, but the host
with proxy ndp entries had not responded to Neighbor Solicitations.
Change the following points for proxy NDP to work as expected:
* join solicited-node multicast addresses for proxy NDP entries
  in order to receive Neighbor Solicitations.
* look up proxy NDP entries not on the routing table but on the
  link-level address table when receiving Neighbor Solicitations.

Reviewed By: melifaro
Differential Revision: https://reviews.freebsd.org/D35307
MFC after:	2 weeks
2022-05-30 10:53:33 +00:00
Cy Schubert
05882e28fb tests: Fix i386 and powerpc build
Fix:

tests/sys/kern/unix_passfd_test.c:414:24: error: comparison of integers
of different signs: 'int' and 'unsigned int' [-Werror,-Wsign-compare]
        ATF_REQUIRE(getnfds() == nfds + MAXFDS);
        ~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
powerpc.powerpc/tmp/usr/include/atf-c/macros.h:144:15: note: expanded
from macro 'ATF_REQUIRE'
        if (!(expression)) \
              ^~~~~~~~~~
1 error generated.
--- unix_passfd_test.o ---
2022-05-27 14:04:17 -07:00
Gleb Smirnoff
23402c83f4 tests/unix_passfd: sending many and too many SCM_RIGHTS
o Exercise bounds checking when sending large set of file descriptors,
  that can't fit into single control mbuf.
o Exercise resource limits checks when receiving a large sets.
o Check that socket isn't left in a completely stuck state when we can't
  receive SCM_RIGHTS due to limits.  Current SOCK_STREAM socket would
  free the control, but leave the data in.  This seems to be a legit
  behavior for a stream socket, as we don't want holes in the data.

PR:			239250
Reviewed by:		markj
Differential revision:	https://reviews.freebsd.org/D35315
2022-05-25 13:28:40 -07:00
Mark Johnston
68fe988a40 kqueue tests: Simplify the test runner
Just invoke the test program directly instead of trying to convert its
output to TAP format.  The test suite is all or nothing; there's no way
to enumerate individual test cases, so there's no advantage in trying to
massage its output, and doing so throws away information that's useful
when diagnosing test failures.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2022-05-24 20:17:41 -04:00
Mark Johnston
d6d4f9b45e kqueue tests: Add new EVFILT_TIMER regression tests from upstream
One of the tests exposes the regression reported in PR 264131.

One test is disabled because FreeBSD does not support setting EV_ONESHOT
on an already-added periodic timer.  Though, in this case the flag is
simply ignored, which isn't ideal.

One test is slightly modified to set EV_ADD when reconfiguring a
disabled timer per some commentary in PR 258412.

Ideally we would re-import the test suite from libkqueue but there is a
fair bit of divergence so this will require some effort.  This just gets
us one small step closer while increasing test coverage.

PR:		258412
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2022-05-24 20:16:32 -04:00
Mark Johnston
c728c56c87 kqueue tests: Add file and line info to some test failure output
This brings us slightly closer to upstream and is useful when debugging
test failures.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2022-05-24 20:14:20 -04:00
Mark Johnston
bc7512cc58 kqueue tests: Re-enable kqueue proc tests
- Some EVFILT_PROC bugs were fixed around the time that the tests were
  disabled.
- I can't reproduce any failures locally.
- Jenkins logs referenced from the PR are gone, so let's re-enable the
  tests and see whether a problem persists.

PR:		233586
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2022-05-24 20:14:10 -04:00
Olivier Cochard
2d896da92a tests/unix_passfd: Prevent running them in parallel
Only the send_and_shutdown test is exclusive, but kyua doesn't allow
to prevent parallel execution of a single test.

Approved by:	glebius
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D35260
2022-05-23 15:44:10 +02:00
Mark Johnston
670be460e4 bitstring_test: Add regression tests for bit_ff(c|s)_area_at()
Validate the cases where a match can be found immediately and where no
match can be found.  This extends the existing test cases and is enough
to catch the bug fixed in commit 6e7a585348 ("bitstring: fix ff_area()
when start!=0").

Reviewed by:	dougm
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D35259
2022-05-20 10:36:05 -04:00
Kristof Provost
b3fa36efe7 pf tests: extend ethernet dummynet test
Extend the existing ethernet dummynet test to also test dummynet on the
outbound direction.
This used to be a problem as traffic shaping wasn't done in the ethernet
code. It merely tagged the packet and left shaping up to the layer 3 pf
code. This works in the inbound direction, but not for outbound traffic
where we hit the L3 code first and only then the L2 code.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D35258
2022-05-20 14:49:31 +02:00
Olivier Cochard
c678572e76 Prevent running sigwait tests in parallel
test_sig_discard_ign_* could not run at the same time.

Approved by:	dchagin
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D35236
2022-05-17 23:33:39 +02:00
Gleb Smirnoff
aa9f97af93 tests/unix_dgram: account for size of sender address in the filling cycle
This fixes test failure with large net.local.dgram.recvspace values.
2022-05-16 19:08:21 -07:00
Dmitry Chagin
d966efcc08 fusefs tests: Remove an unused variable.
Reviewed by:		asomers
Differential revision:	https://reviews.freebsd.org/D35185
MFC after:		2 weeks
2022-05-13 20:52:14 +03:00
Alan Somers
0bef4927ea fusefs: handle evil servers that return illegal inode numbers
* If during FUSE_CREATE, FUSE_MKDIR, etc the server returns the same
  inode number for the new file as for its parent directory, reject it.
  Previously this would triggers a recurse-on-non-recursive lock panic.

* If during FUSE_LINK the server returns a different inode number for
  the new name as for the old one, reject it.  Obviously, that can't be
  a hard link.

* If during FUSE_LOOKUP the server returns the same inode number for the
  new file as for its parent directory, reject it.  Nothing good can
  come of this.

PR:		263662
Reported by:	Robert Morris <rtm@lcs.mit.edu>
MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D35128
2022-05-12 14:32:26 -06:00
Alan Somers
8b582b1640 fusefs: make the mknod.cc tests a bit more general.
MFC after:      2 weeks
Reviewed by:    pfg
2022-05-12 14:31:57 -06:00
Kristof Provost
920c341087 pf tests: test dummynet on route-to'd packets
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D35161
2022-05-12 21:50:10 +02:00
Kristof Provost
1977d9a37b pf tests: factor out common dummynet check
Reviewed by:	glebius
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D35160
2022-05-12 21:50:10 +02:00
Dmitry Chagin
e4a257058c tests: Get rid of invalid since 3e11d3f6 testcase
MFC after:		2 weeks
2022-05-12 22:14:41 +03:00
Gleb Smirnoff
6d31772360 tests/kern: add tests for PF_UNIX/SOCK_DGRAM 2022-05-12 11:02:41 -07:00
Dmitry Chagin
c8b5c478f6 Add tests for affinity syscalls.
MFC after:		2 weeks
2022-05-11 10:39:18 +03:00
Alan Somers
10f44229dc Fix overflow errors in sbttous and sbttoms
Both of these functions would overflow for very large inputs.  Add tests
for them.  Also, add tests for the inverse functions, *stosbt, whose
overflow errors were fixed by 4c30b9ecd4.

PR:		263073
MFC after:	1 week
Sponsored by:	Axcient
Reviewed by:	imp
Differential Revision: https://reviews.freebsd.org/D34809
2022-05-09 16:38:59 -06:00
Gleb Smirnoff
2400c536b4 tests/unix_passfd: add test for shutdown(2) on a buffer with an fd
This has two goals:
- Exercize call to unp_dispose() via soshutdown() instead of sofree()
- Make sure that shutdown indeed dereferences the fd stored

Reviewed by:		markj
Differential revision:	https://reviews.freebsd.org/D35122
2022-05-09 10:42:48 -07:00
Kristof Provost
868bf82153 if: avoid interface destroy race
When we destroy an interface while the jail containing it is being
destroyed we risk seeing a race between if_vmove() and the destruction
code, which results in us trying to move a destroyed interface.

Protect against this by using the ifnet_detach_sxlock to also covert
if_vmove() (and not just detach).

PR:		262829
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D34704
2022-05-06 13:55:08 +02:00
Ed Maste
adbe6e6435 Reenable vnet tests in CI
After restoring the associated commits the tests can be enabled again.

This reverts commit 711524d961.
This reverts commit c4585b938a.

PR:		263767
2022-05-05 14:38:08 -04:00
Alan Somers
4ac4b12699 fusefs: annotate more file descriptor leaks in the tests
The fusefs tests intentionally leak file descriptors.  Annotate all of
the leakages in order to hopefully pacify Coverity.

Reported by:	Coverity (20 different CIDs)
MFC after:	2 weeks
Sponsored by:	Axcient
2022-05-05 09:06:04 -06:00
Marko Zec
c4585b938a tests: vnet tests started failing in CI, disable temporarily
As a fallout of backing out 91f44749c6, vnet tests started
failing in CI.  Temporarily broadly disable vnet tests until
specific cases can be resolved, and file a bug.

PR:		263767
Differential Revision:	https://reviews.freebsd.org/D35119
Submitted by:	kbowling
2022-05-04 06:19:46 +02:00
Marko Zec
711524d961 tests/dummynet: disable since mbuf pointer serialization KPI to be backed out
Obtained from:	github.com/glebius/FreeBSD/commits/backout-ifindex
2022-05-03 19:11:39 +02:00
Alan Somers
2f6362484c fusefs: use the fsname mount option if set
The daemon can specify fsname=XXX in its mount options.  If so, the file
system should report f_mntfromname as XXX during statfs.  This will show
up in the output of commands like mount and df.

Submitted by:	Ali Abdallah <ali.abdallah@suse.com>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D35090
2022-04-29 11:10:03 -06:00
Alan Somers
616eaa66aa fusefs: add a test for the subtype= option
At mount time server can set, for example, "subtype=xfs", so that
mount(8) will later show the mountpoint's file system as "fusefs.xfs".
fusefs has had this feature ever since the original GSoC commit in 2012,
but there's never been a test for it.

MFC after:	2 weeks
2022-04-29 07:59:29 -06:00
Alan Somers
45825a12f9 fusefs: fix FUSE_CREATE with file handles and fuse protocol < 7.9
Prior to fuse protocol version 7.9, the fuse_entry_out structure had a
smaller size.  But fuse_vnop_create did not take that into account when
working with servers that use older protocols.  The bug does not matter
for servers which don't use file handles or open flags (the only fields
affected).

PR:		263625
Submitted by:	Ali Abdallah <ali.abdallah@suse.com>
MFC after:	2 weeks
2022-04-28 15:13:09 -06:00
Dmitry Chagin
0ced2aef06 Fix build after 128b9bf9
MFC after:	2 weeks
2022-04-25 14:45:05 +03:00
Dmitry Chagin
128b9bf96c Add tests for sigwait family syscalls.
MFC after:		2 weeks
2022-04-25 13:20:12 +03:00
Andrew Turner
d3aabde979 Have posixshm_test ask the kernel for the page size
It may be dynamic so we can't rely on PAGE_SIZE being present or
correct.

Reviewed by:	markj, kib, imp
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34961
2022-04-20 14:44:52 +01:00
Andrew Turner
05d173587b Fill the page size array in one posix shm test
The largepage_config posix shared memory test was failing on arm64 as
the page size array is never filled out. Fix this by calling
getpagesizes(3), via pagesizes.

Reviewed by:	markj, kib
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34960
2022-04-20 13:38:05 +01:00
Kristof Provost
812839e5aa pf: allow the use of tables in ethernet rules
Allow tables to be used for the l3 source/destination matching.
This requires taking the PF_RULES read lock.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D34917
2022-04-20 13:01:12 +02:00
Alan Somers
3a1b3c6a1e fusefs: correctly handle servers that report too much data written
During a FUSE_WRITE, the kernel requests the server to write a certain
amount of data, and the server responds with the amount that it actually
did write.  It is obviously an error for the server to write more than
it was provided, and we always treated it as such, but there were two
problems:

* If the server responded with a huge amount, greater than INT_MAX, it
  would trigger an integer overflow which would cause a panic.

* When extending the file, we wrongly set the file's size before
  validing the amount written.

PR:		263263
Reported by:	Robert Morris <rtm@lcs.mit.edu>
MFC after:	2 weeks
Sponsored by:	Axcient
Reviewed by:	emaste
Differential Revision: https://reviews.freebsd.org/D34955
2022-04-18 18:59:10 -06:00
Mark Johnston
b13ac67842 path_test: Verify that operations on unlinked files work
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2022-04-18 17:55:24 -04:00
Mark Johnston
333f668468 path_test: Correct the kevent test
Perhaps surprisingly, and contrary to the expectations of
path_test:path_event, NOTE_LINK events are not raised when a file is
unlinked.  Prior to commit bf13db086b, the test happened to work
because unlinking the file would cause the vnode to be recycled, and
EVFILT_VNODE knotes deliver an event with EV_EOF set when the vnode is
doomed.  Since the test did not verify the note type, the test
succeeded.  After commit bf13db086b, the vnode is not recycled after
being unlinked and so the test hangs.

Fix the test by waiting for NOTE_DELETE instead, and check that we got
the note that we expected.

Reported by:	Jenkins
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2022-04-18 11:45:45 -04:00
Alan Somers
155ac516c6 fusefs: validate servers' error values
Formerly fusefs would pass up the stack any error value returned by the
fuse server.  However, some values aren't valid for userland, but have
special meanings within the kernel.  One of these, EJUSTRETURN, could
cause a kernel page fault if the server returned it in response to
FUSE_LOOKUP.  Fix by validating all errors returned by the server.

Also, fix a data lifetime bug in the FUSE_DESTROY test.

PR:		263220
Reported by:	Robert Morris <rtm@lcs.mit.edu>
MFC after:	3 weeks
Sponsored by:	Axcient
Reviewed by:	emaste
Differential Revision: https://reviews.freebsd.org/D34931
2022-04-15 13:57:32 -06:00
Li-Wen Hsu
4642a6fac2
Disable building kcov test on powerpcspe
It's also 32-bit and lacks support for the needed atomic operations.

Sponsored by:	The FreeBSD Foundation
2022-04-14 23:03:00 +08:00
David Bright
0966fb1b74 Extend the length of dirpath to fix failure in kyua test
When an overlength path is set as the temporary directory for test
case sys/audit/inter-process:shm_unlink_success, the test will fail,
e.g.

```
root@freebsd:/usr/tests/sys/audit # env TMPDIR=/var/tmp/tests/kyua kyua test inter-process:shm_unlink_success
inter-process:shm_unlink_success  ->  failed: shm_unlink.*fileforaudit.*return,success not found in auditpipe within the time limit  [10.452s]

Results file id is usr_tests_sys_audit.20220412-221852-924310
Results saved to /root/.kyua/store/results.usr_tests_sys_audit.20220412-221852-924310.db

0/1 passed (1 failed)
```

The root cause is that dirpath is defined too small to handle it.

Reviewers:	vangyzen, dab
Differential Revision:	https://reviews.freebsd.org/D34885
Submitted by:	Yongbo Yao (yongbo.yao@dell.com)
Sponsored by:	Dell Technologies
2022-04-12 09:23:56 -07:00
Andrew Turner
8d40ee599d Have path_test ask the kernel for the page size
It may be dynamic so we can't rely on PAGE_SIZE being present or
correct.

Sponsored by:	The FreeBSD Foundation
2022-04-07 15:59:38 +01:00
Andrew Turner
df696a2fb6 Have the coredump_phnum test ask for the page size
The page size may be dynamically selected on boot. Have the
coredump_phnum test helper ask the kernel for the correct value.

Sponsored by:	The FreeBSD Foundation
2022-04-07 15:59:32 +01:00
Andrew Turner
1b7d882f00 Enable the kcov tests on supported architectures
i386 and 32-bit powerpc lack support for the needed atomic operations
in userspace.

Sponsored by:	The FreeBSD Foundation
2022-04-07 14:31:51 +01:00
Andrew Turner
41e6d2091c Enable subr_physmem_test on supported architectures
Only build where it's supported.

While here add support for amd64 to help with testing.

Sponsored by:	The FreeBSD Foundation
2022-04-07 14:31:51 +01:00
Alan Somers
3227325366 fusefs: fix two bugs regarding VOP_RECLAIM of the root inode
* We never send FUSE_LOOKUP for the root inode, since its inode number
  is hard-coded to 1.  Therefore, we should not send FUSE_FORGET for it,
  lest the server see its lookup count fall below 0.

* During VOP_RECLAIM, if we are reclaiming the root inode, we must clear
  the file system's vroot pointer.  Otherwise it will be left pointing
  at a reclaimed vnode, which will cause future VOP_LOOKUP operations to
  fail.  Previously we only cleared that pointer during VFS_UMOUNT.  I
  don't know of any real-world way to trigger this bug.

MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D34753
2022-04-06 16:16:52 -06:00
Andrew Turner
d8819d88af Disable the physmem test for now
It fails to build on at least i386
2022-04-06 15:02:10 +01:00
Andrew Turner
d8bff5b67c Handle non-page aligned/sized memory in physmem
In some configurations the firmware may pass memory regions that are
not page sized or aligned, e.g. when using 16k pages on arm64. If this
is the case we will calculate many small regions because the alignment
is applied before being inserted. As we round the start up and end down
this will leave a 1 page hole between what should have been a single
region.

Fix by keeping the original alignment until we are just about to insert
the region into the avail array.

Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34694
2022-04-06 14:13:29 +01:00
Andrew Turner
8c99dfed54 Port subr_physmem to userspace and add tests
These give us some confidience we haven't broken anything in early
boot code that may be running before the console.

Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34691
2022-04-06 14:13:05 +01:00
Kristof Provost
9bb06778f8 pf: support listing ethernet anchors
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-03-30 10:28:19 +02:00
Kristof Provost
3468cd95ca pf: ether l3 rules can only use addresses
Disallow the use of tables in ethernet rules. Using tables requires
taking the PF_RULES lock. Moreover, the current table code isn't ready
to deal with ethernet rules.

Disallow their use for now.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-03-25 11:13:47 +01:00
Kristof Provost
d234b011a8 netinet tests: only log critical errors from scapy
See also a26e895f3d.

MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-03-17 23:34:12 +01:00
Kristof Provost
3c3a19d1f4 pf tests: Test retrieving nested nat-anchors
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-03-17 22:37:06 +01:00
Kristof Provost
d58d2e403d pf tests: Test setting and retrieving nested anchors
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-03-17 22:37:06 +01:00
Kristof Provost
734782a781 pf tests: Test new L3 inspection for pf 'ether' rules
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D34483
2022-03-14 22:43:38 +01:00
John Baldwin
18207579a2 module_test: Fix some assignments to errno intended to be tests.
Reported by:	vangyzen
Reviewed by:	vangyzen, markj
Sponsored by:	University of Cambridge, Google, Inc.
Differential Revision:	https://reviews.freebsd.org/D34528
2022-03-14 14:05:05 -07:00
Li-Wen Hsu
8e03a75086
Skip sys.geom.class.multipath.failloop.failloop if dtrace fails to run
This test case depends on dtrace and sometimes gets affected if dtrace
has issues.  Make it report skipped instead of failure when dtrace fails
to run.

Sponsored by:	The FreeBSD Foundation
2022-03-08 18:12:40 +08:00
Mark Johnston
d7412bcac8 gmultipath tests: Re-enable the failloop test in CI
Sponsored by:	The FreeBSD Foundation
2022-03-07 10:43:19 -05:00
Mark Johnston
3a01dcc99f tests: Fix the test plan for closefrom_test
Fixes:	f3f3e3c44d ("fd: add close_range(..., CLOSE_RANGE_CLOEXEC)")
Reported by:	Jenkins
2022-03-06 12:57:40 -05:00
John Baldwin
5a1de9c25d Add simple kyua tests for the mod* system calls.
Reviewed by:	markj
Obtained from:	CheriBSD
Sponsored by:	University of Cambridge, Google, Inc.
Differential Revision:	https://reviews.freebsd.org/D34417
2022-03-03 17:51:45 -08:00
Mateusz Guzik
f3f3e3c44d fd: add close_range(..., CLOSE_RANGE_CLOEXEC)
For compatibility with Linux.

MFC after:	3 days
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D34424
2022-03-03 17:21:58 +00:00
Kristof Provost
0d88926740 pf tests: extend ether test to verify mac address masks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-03-02 17:00:08 +01:00
Kristof Provost
fdadb00682 pf tests: Ensure 'pfctl -F ethernet' works
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-03-02 17:00:07 +01:00
Kristof Provost
93b64cdc59 pf tests: slightly more complect captive portal setup
Combine anchor, dummynet and rdr to produce a more complex captive
portal setup.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32484
2022-03-02 17:00:07 +01:00
Kristof Provost
d1702bd1c3 pf tests: basic test for ether anchors
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32483
2022-03-02 17:00:07 +01:00
Kristof Provost
87a89d6e14 pfctl: support lists of mac addresses
Teach the 'ether' rules to accept { mac1, mac2, ... } lists, similar to
the lists of interfaces or IP addresses we already supported for layer 3
filtering.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32481
2022-03-02 17:00:07 +01:00
Kristof Provost
ab1868a7d1 pf tests: test match keyword and dummynet
Ensure that the 'match' keyword works with dummynet

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32480
2022-03-02 17:00:06 +01:00
Kristof Provost
0faafc2185 pf tests: test dummynet for ether traffic
Test that we can set dummynet information on L2, which is processed by
L3 later (assuming it's not overruled by L3 rules, of course).

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32223
2022-03-02 17:00:06 +01:00
Kristof Provost
feefb5625b pf tests: Test ether direction
Test that we correctly match inbound ('in') or outbound ('out') Ethernet
packets.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31747
2022-03-02 17:00:05 +01:00
Kristof Provost
792d7a5630 pf tests: Basic captive portal like test
Use the ether rules to selectively (i.e. per MAC address) redirect
certain connections. Test that tags carry over to the layer-3 pf code.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31746
2022-03-02 17:00:05 +01:00
Kristof Provost
4ffb7d1300 pf tests: Test EtherType filtering
Test filtering packets by their EtherType (i.e. ARP/IPv4/IPv6/...).

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31745
2022-03-02 17:00:05 +01:00
Kristof Provost
3a04f1d1ed pf tests: Test MAC address negation
Test that we can express 'ether block from ! 00:01:02:03:04:05'.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31744
2022-03-02 17:00:04 +01:00
Kristof Provost
d6fc3ee2e7 pf tests: MAC address filtering test
Test the MAC address filtering capability in the new 'ether' feature in
pf.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31743
2022-03-02 17:00:04 +01:00
Ed Maste
f27fb06cad zfs: Update test format strings to match variable typtes
And drop stray 'd' from the end of some printed numbers.  I assume this
was the result of someone thinking u is a printf length modifier for d,
not a format specifier itself.

Reviewed by:	kevans, rew
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D34387
2022-03-01 12:21:40 -05:00
Alan Somers
e8553be9bc fusefs: fix a cached attributes bug during directory rename
When renaming a directory into a different parent directory, invalidate
the cached attributes of the new parent.  Otherwise, stat will show the
wrong st_nlink value.

MFC after:	1 week
Reviewed by:	ngie
Differential Revision: https://reviews.freebsd.org/D34336
2022-02-24 14:07:25 -07:00
Li-Wen Hsu
d33158471a
Temporarily skip sys.geom.class.multipath.failloop.failloop in CI
This test case uses `dtrace -c` but it has some issues at the moment so
disable it until dtrace fixed.

From markj:

This is the CTF type ID limit which has come up quite a few times
lately.  It'll be fixed with the introduction of CTFv3.

PR:		258763
Sponsored by:	The FreeBSD Foundation
2022-02-24 06:28:24 +08:00
Andrew Turner
6713be3159 Add NT_ARM_ADDR_MASK
This can be used by debuggers to find which bits in a virtual address
should be masked off to get a canonical address. This is currently used
by the Pointer Authentication Code support to get its mask. It could also
be used if we support Top Byte Ignore for the same purpose.

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34302
2022-02-22 17:10:35 +00:00
Arka Sharma
766c2466ff mmap map_at_zero test: handle W^X
Use kern.elfXX.allow_wx to decide whether to map W+X or W-only memory.

Future work could expand this test to add an "allow_wx" axis to the
test matrix, but I would argue that a separate test should be written,
since that's orthogonal to map_at_zero.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2022-02-21 09:43:42 -06:00
Kristof Provost
7d3fc84b2d pf tests: Test per-anchor tables
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-02-17 14:13:50 +01:00
Kristof Provost
7f55a9b490 pf tests: remove a stray 'set -x'
'set -x' is very useful when debugging tests, but does not need to be
left in.

MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-02-17 13:40:41 +01:00
Kristof Provost
31566b98b8 vlan tests: fix bpf_pcp test
We now allow net.link.vlan.mtag_pcp to be set per-vnet, so we must set
it in the correct vnet, not on the host.
2022-02-15 07:53:30 +01:00
Kristof Provost
24360d8375 pf tests: Basic 'set prio' test
The ability to set VLAN PCP from pf was introduced in 3e248e0fb4, but
never had a test added.

Create a basic setup to set the PCP to an arbitrary value and use
tcpdump to check it's actually set.

MFC after:	1 week
2022-02-14 22:51:10 +01:00
Alan Somers
0b6a34acda [skip ci] fusefs: delete a stray comment from 91972cfcdd
MFC after:	3 days
2022-02-12 09:27:56 -07:00
John Baldwin
dba02df30d Cast pointer to uintptr_t to avoid alignment warnings.
Both struct ip and struct udphdr both have an aligment of 2, but the
cast from struct ip to a uint32_t pointer confused GCC 9 into raising
the required alignment to 4 and then raising a
-Waddress-of-packed-member error when casting to struct udphdr.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D31941
2022-02-11 16:04:52 -08:00
Mark Johnston
5de79eeddb ktls: Disallow transmitting empty frames outside of TLS 1.0/CBC mode
There was nothing preventing one from sending an empty fragment on an
arbitrary KTLS TX-enabled socket, but ktls_frame() asserts that this
could not happen.  Though the transmit path handles this case for TLS
1.0 with AES-CBC, we should be strict and allow empty fragments only in
modes where it is explicitly allowed.

Modify sosend_generic() to reject writes to a KTLS-enabled socket if the
number of data bytes is zero, so that userspace cannot trigger the
aforementioned assertion.

Add regression tests to exercise this case.

Reported by:	syzkaller
Reviewed by:	gallatin, jhb
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D34195
2022-02-08 12:40:41 -05:00
Andrew Turner
31cf95cec7 Stop single stepping in signal handers on arm64
We should clear the single step flag when entering a signal hander and
set it when returning. This fixes the ptrace__PT_STEP_with_signal test.

While here add support for userspace to set the single step bit as on
x86. This can be used by userspace for self tracing.

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34170
2022-02-07 15:03:23 +00:00
Dimitry Andric
c9cabf9aa6 Explicitly include semaphore.h for struct _sem in fusefs setattr test
In libc++'s __threading_support header the semaphore.h header was
implicitly included, but from version 14 onwards, this is no longer the
case, resulting in compile errors:

tests/sys/fs/fusefs/setattr.cc:740:8: error: variable has incomplete type 'sem_t' (aka '_sem')
        sem_t sem;
              ^
tests/sys/fs/fusefs/utils.hh:33:8: note: forward declaration of '_sem'
struct _sem;
       ^

MFC after:	3 days
2022-02-06 17:07:28 +01:00
Kristof Provost
34478b73bf pf tests: Only do post-test logging when specifically enabled
The pf tests have the ability to log state information (pf rules, pf
states, interfaces, ...) on exit (i.e. on success or on error).
This is useful, but only in specific cases. When it's not needed it may
get in the way of clear output.

Test scripts can add 'debug' to the pft_init call to enable this for the
specified test.

Reviewed by:	brd
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D34133
2022-02-05 10:31:51 +01:00
Kristof Provost
1094189965 pf tests: Test adding counters to an existing table
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D34132
2022-02-05 10:29:34 +01:00
Warner Losh
356deeb2e7 kyua/qemu: When running in qemu, don't teset sendfile
qemu's bsd-user doesn't implement sendfile, so just skip those tests
that use it.

Sponsored by:		Netflix
2022-02-02 14:27:51 -07:00
John Baldwin
978c7e2247 tests/sys/ses: Use ANSI C definition for has_ses.
This fixes -Wstrict-prototypes and -Wold-style-definition warnings
from GCC 9.
2022-02-01 13:25:47 -08:00
Mark Johnston
773e3a71b2 pf: Initialize pf_kpool mutexes earlier
There are some error paths in ioctl handlers that will call
pf_krule_free() before the rule's rpool.mtx field is initialized,
causing a panic with INVARIANTS enabled.

Fix the problem by introducing pf_krule_alloc() and initializing the
mutex there.  This does mean that the rule->krule and pool->kpool
conversion functions need to stop zeroing the input structure, but I
don't see a nicer way to handle this except perhaps by guarding the
mtx_destroy() with a mtx_initialized() check.

Constify some related functions while here and add a regression test
based on a syzkaller reproducer.

Reported by:	syzbot+77cd12872691d219c158@syzkaller.appspotmail.com
Reviewed by:	kp
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D34115
2022-01-31 16:14:00 -05:00
Andrew Turner
548a2ec49b Add PT_GETREGSET
This adds the PT_GETREGSET and PT_SETREGSET ptrace types. These can be
used to access all the registers from a specified core dump note type.
The NT_PRSTATUS and NT_FPREGSET notes are initially supported. Other
machine-dependant types are expected to be added in the future.

The ptrace addr points to a struct iovec pointing at memory to hold the
registers along with its length. On success the length in the iovec is
updated to tell userspace the actual length the kernel wrote or, if the
base address is NULL, the length the kernel would have written.

Because the data field is an int the arguments are backwards when
compared to the Linux PTRACE_GETREGSET call.

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D19831
2022-01-27 11:40:34 +00:00
Kristof Provost
a95fcd81d5 netpfil tests: re-enable dummynet tests
These had been disabled due to panics with queued packets keeping
pointers (in m->m_pkthdr.rcvif) to removed interfaces.
This issue has been resolved in 165746f4e4, so the tests can be run
again.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-01-27 10:16:21 +01:00
Kristof Provost
74e6b014b4 netpfil tests: test removing interfaces with pending dummynet packets
Dummynet queues packets with an associated struct ifnet pointer. Ensure
that things do not explode if that interface goes away with packets
still in the queue.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33065
2022-01-27 09:36:09 +01:00
Gleb Smirnoff
929ff66ad3 tests/sys/net/routing: remove bandaid against old epair(4) panic 2022-01-26 21:58:43 -08:00
Gleb Smirnoff
942d05e3b8 tests/sys/net/epair: don't leak the interface after the test 2022-01-26 21:08:50 -08:00
Li-Wen Hsu
2c449a4c5a
Fix test of ses(4) when there is no SES device exists
glob(3) returns GLOB_NOMATCH if GLOB_NOCHECK or GLOB_NOMAGIC flag is not
passed so ATF_REQUIRE_EQ(r, 0) will cause a precondition check failure if no
/dev/ses* exists.

Remove calling of atf_tc_skip() in ATF_TC_CLEANUP() because it would let
the clean up procedure unfinish.

While here, fix a set-but-not-used warning.

Reviewed by:	asomers
Differential Revision:	https://reviews.freebsd.org/D34056
2022-01-27 07:11:17 +08:00
Kyle Evans
e5b431fc0c tests: add a basic test for argc == 0
The kernel should reject such exec()s now, early on. Instead of adding
the needed boilerplate to write a test in C, just add an -n argument for
"(n)ull argv" to the execve helper and exec this other helper that just
exits silently with argv count.

Reviewed by:	emaste, kib, markj (all previous version)
Differential Revision:	https://reviews.freebsd.org/D34045
2022-01-26 13:40:27 -06:00
Gleb Smirnoff
80fc25025f tests/net*: destroy interface from inside a jail
There is no guarentee that upon return of 'jail -r' all jail resources
will be released.  The test suite used to rely on that.  Recent changes
to the PCB zones made jails delay releasing their resources, which ended
with interface leak in the test suite.

Fix that by executing 'ifconfig foo0 destroy' inside the jail, instead
of doing 'jail -r' and expecting interfaces to pop up back immediately
in the parent jail.

Reviewed by:		kp
Differential revision:	https://reviews.freebsd.org/D33942
2022-01-24 21:08:03 -08:00
Thomas Steen Rasmussen
4a178afb4a tests/netinet: add test for IPv6 NS and CARP
PR:			193280
Reviewed by:		melifaro
Differential revision:	https://reviews.freebsd.org/D33859
2022-01-24 21:02:47 -08:00
Alan Somers
eea7c61590 Add tests for ses(4)
The tests require SES hardware.  Without it, the test cases will be
skipped.

Reviewed by:	ken
Differential Revision: https://reviews.freebsd.org/D31809
Sponsored by:	Axcient
MFC after:	2 weeks
2022-01-19 12:43:51 -07:00
Alan Somers
89d57b94d7 fusefs: implement VOP_DEALLOCATE
MFC after:	Never
Reviewed by:	khng
Differential Revision: https://reviews.freebsd.org/D33800
2022-01-18 21:13:02 -07:00
Cy Schubert
64e33c5cb1 Revert "wpa: Import wpa 2.10."
This reverts commit 5eb81a4b40, reversing
changes made to c6806434e7 and
this reverts commit 679ff61123.

What happend is git rebase --rebase-merges doesn't do what is expected.
2022-01-18 08:10:33 -08:00
Cy Schubert
5eb81a4b40 wpa: Import wpa 2.10.
The long awaited hostapd 2.10 is finally here.

MFC after:	3 weeks
2022-01-18 07:45:39 -08:00
Mark Johnston
6393594b03 copyin tests: Use the KERN_PROC_VM_LAYOUT sysctl to fetch layout info
... rather than using the KERN_PROC_PS_STRINGS value to derive the top
of the user address space.

Reviewed by:	kib
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33708
2022-01-17 16:12:43 -05:00
Cy Schubert
03f33dd077 wpa: Import wpa 2.10
The long awaited wpa 2.10 is finally here.
2022-01-17 07:48:49 -08:00
Kristof Provost
4ca4193760 pf tests: Provoke failure in pf_ioctl_addrule
MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-01-16 09:04:59 +01:00
Doug Moore
84e2ae64c5 vm_reserv: use enhanced bitstring for popmaps
vm_reserv.c uses its own bitstring implemenation for popmaps. Using
the bitstring_t type from a standard header eliminates the code
duplication, allows some bit-at-a-time operations to be replaced with
more efficient bitstring range operations, and, in
vm_reserv_test_contig, allows bit_ffc_area_at to more efficiently
search for a big-enough set of consecutive zero-bits.

Make bitstring changes improve the vm_reserv code.  Define a bit_ntest
method to test whether a range of bits is all set, or all clear.
Define bit_ff_at and bit_ff_area_at to implement the ffs and ffc
versions with a parameter to choose between set- and clear- bits.
Improve the area_at implementation.  Modify the bit_nset and
bit_nclear implementations to allow code optimization in the cases
when start or end are multiples of _BITSTR_BITS.

Add a few new cases to bitstring_test.

Discussed with:	alc
Reviewed by:	markj
Tested by:	pho (earlier version)
Differential Revision:	https://reviews.freebsd.org/D33312
2022-01-12 11:03:53 -06:00
Cy Schubert
7b54fad807 wpa: Import wpa_supplicant/hostapd commit b26f5c0fe
This is the December/January update to vendor/wpa committed upstream
2021-12-13.
2022-01-05 22:05:32 -08:00
Mark Johnston
321e586e46 posixshm tests: Fix occasional largepage_mprotect failures
largepage_mprotect maps a superpage and later extends the mapping.  This
occasionally fails with ASLR disabled.  To fix this, first try to
reserve a sufficiently large virtual address region.

Reported by:	Jenkins
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2022-01-03 13:00:50 -05:00
Alan Somers
398c88c758 fusefs: implement VOP_ALLOCATE
Now posix_fallocate will be correctly forwarded to fuse file system
servers, for those that support it.

MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D33389
2021-12-31 21:05:28 -07:00
Alan Somers
1613087a81 fusefs: fix .. lookups when the parent has been reclaimed.
By default, FUSE file systems are assumed not to support lookups for "."
and "..".  They must opt-in to that.  To cope with this limitation, the
fusefs kernel module caches every fuse vnode's parent's inode number,
and uses that during VOP_LOOKUP for "..".  But if the parent's vnode has
been reclaimed that won't be possible.  Previously we paniced in this
situation.  Now, we'll return ESTALE instead.  Or, if the file system
has opted into ".." lookups, we'll just do that instead.

This commit also fixes VOP_LOOKUP to respect the cache timeout for ".."
lookups, if the FUSE file system specified a finite timeout.

PR:		259974
MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D33239
2021-12-31 20:38:27 -07:00
Alan Somers
8d99a6b91b fusefs: move common code from forget.cc to utils.cc
MFC after:	2 weeks
2021-12-31 20:38:20 -07:00
Alan Somers
19ab361045 fusefs: in the tests, always assume debug.try_reclaim_vnode is available
In an earlier version of the revision that created that sysctl (D20519)
the sysctl was gated by INVARIANTS, so the test had to check for it.
But in the committed version it is always available.

MFC after:	2 weeks
2021-12-31 18:04:52 -07:00
Alan Somers
5169832c96 fusefs: copy_file_range must update file timestamps
If FUSE_COPY_FILE_RANGE returns successfully, update the atime of the
source and the mtime and ctime of the destination.

MFC after:	2 weeks
Reviewers:	pfg
Differential Revision: https://reviews.freebsd.org/D33159
2021-12-31 17:43:57 -07:00
Alan Somers
13d593a5b0 Fix a race in fusefs that can corrupt a file's size.
VOPs like VOP_SETATTR can change a file's size, with the vnode
exclusively locked.  But VOPs like VOP_LOOKUP look up the file size from
the server without the vnode locked.  So a race is possible.  For
example:

1) One thread calls VOP_SETATTR to truncate a file.  It locks the vnode
   and sends FUSE_SETATTR to the server.
2) A second thread calls VOP_LOOKUP and fetches the file's attributes from
   the server.  Then it blocks trying to acquire the vnode lock.
3) FUSE_SETATTR returns and the first thread releases the vnode lock.
4) The second thread acquires the vnode lock and caches the file's
   attributes, which are now out-of-date.

Fix this race by recording a timestamp in the vnode of the last time
that its filesize was modified.  Check that timestamp during VOP_LOOKUP
and VFS_VGET.  If it's newer than the time at which FUSE_LOOKUP was
issued to the server, ignore the attributes returned by FUSE_LOOKUP.

PR:		259071
Reported by:	Agata <chogata@moosefs.pro>
Reviewed by:	pfg
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D33158
2021-12-31 17:38:42 -07:00
Lutz Donnerhacke
2c733b50c5 tests/libalias: Portrange
Test ranges of allowed ports for aliasing.
 - Explicit default like ipfw(8) is doing
 - Regular range
 - Exhausting a very small range
 - Recovery

Includes a fix of an utility macro, which was not used before.

MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31012
2021-12-27 14:54:57 +01:00
Dimitry Andric
46aec7fae4 tests/libalias: Make inline functions static inline
In C, plain inline functions should never be used: they should be
declared either static inline or extern inline. In this case, they are
clearly meant to be static inline.

MFC after:	3 days
2021-12-20 10:52:25 +01:00
Mark Johnston
fff0ae77b9 tests: Add some regression tests for a couple of KERN_PROC_* sysctls
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2021-12-17 13:10:52 -05:00
Mark Johnston
ee5686c614 ktls: Add a regression test to exercise socket error handling
Prior to commit 916c61a5ed ("Fix handling of errors from
pru_send(PRUS_NOTREADY)") this test triggered a kernel panic due to an
mbuf double free.

Reviewed by:	jhb
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33517
2021-12-17 13:10:22 -05:00
Kristof Provost
cfca19c28e tests: sys.netpfil.pf.pfsync.defer fails in CI
sys.netpfil.pf.pfsync.defer has been failing for a while in CI now.
Disable it for now.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-12-16 13:09:59 +01:00
Warner Losh
7821ef4487 tests: sys.net.if_bridge_test.span is failing in CI
sys.net.if_bridge_test.span has been failing in CI for a while
now. Disable it until this can be resolved.

PR:		260461
Sponsored by:	Netflix
2021-12-15 18:32:37 -07:00
Warner Losh
8b44e26df3 tests: sys.netpfil.pf.forward.v6 fails in CI
sys.netpfil.pf.forward.v6 has been failing in CI. File a bug and disable
until it can be resolved.

PR:		260460
Sponsored by:	Netflix
2021-12-15 18:32:37 -07:00
Warner Losh
0ab7c42e94 tests: sys.netpfil.pf.set_tos.v6 fails in CI
sys.netpfil.pf.set_tos.v6 has been failing for a while in CI now.  File
a bug and disable.

PR:		260459
Sponsored by:	Netflix
2021-12-15 18:32:37 -07:00
Warner Losh
300f4be447 tests: sys.netpfil.pf.killstate.v6 fails in CI
sys.netpfil.pf.killstate.v6 has been failing in CI for a while, file a
bug and disable.

PR:		260458
Sponsored by:	Netflix
2021-12-15 18:32:37 -07:00
John Baldwin
05a1d0f5d7 ktls: Support for TLS 1.3 receive offload.
Note that support for TLS 1.3 receive offload in OpenSSL is still an
open pull request in active development.  However, potential changes
to that pull request should not affect the kernel interface.

Reviewed by:	hselasky
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D33007
2021-12-14 11:01:05 -08:00
Kristof Provost
08851be187 ndp tests: fix cleanup
Fix the cleanup function name so we actually remove our test jail and
interfaces.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-12-13 18:14:59 +01:00
Kristof Provost
4826406b30 pf tests: log additional information when a test ends
Log information from the running jails (routing, interfaces and pf) as
well as interfaces on the host.

This information is expected to be useful in debugging test failures.

MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-12-13 15:54:03 +01:00
Konstantin Belousov
b49b6e0f95 swapon(8): adapt to the new swapoff(2) interface
also fix test sys/audit/administrative.c.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D33343
2021-12-09 02:48:59 +02:00
Alan Somers
41ae9f9e64 fusefs: invalidate the cache during copy_file_range
FUSE_COPY_FILE_RANGE instructs the server to write data to a file.
fusefs must invalidate any cached data within the written range.

PR:		260242
MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D33280
2021-12-06 21:41:50 -07:00
Alan Somers
25927e068f fusefs: correctly handle an inode that changes file types
Correctly handle the situation where a FUSE server unlinks a file, then
creates a new file of a different type but with the same inode number.
Previously fuse_vnop_lookup in this situation would return EAGAIN.  But
since it didn't call vgone(), the vnode couldn't be reused right away.
Fix this by immediately calling vgone() and reallocating a new vnode.

This problem can occur in three code paths, during VOP_LOOKUP,
VOP_SETATTR, or following FUSE_GETATTR, which usually happens during
VOP_GETATTR but can occur during other vops, too.  Note that the correct
response actually doesn't depend on whether the entry cache has expired.
In fact, during VOP_LOOKUP, we can't even tell.  Either it has expired
already, or else the vnode got reclaimed by vnlru.

Also, correct the error code during the VOP_SETATTR path.

PR:		258022
Reported by:	chogata@moosefs.pro
MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D33283
2021-12-06 21:36:46 -07:00
Kristof Provost
5fecc5a79a dummynet tests: disable for now
Disable the dummynet tests when running the ci tests. This avoids
running into the panic described in https://reviews.freebsd.org/D33064
(where an interface is removed but a dummynet queued packet still has a
pointer to it).

These tests can be re-enabled when the work in
https://reviews.freebsd.org/D33267 lands.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-12-06 18:15:24 +01:00
Kristof Provost
60a3a371af pf tests: more thorough pfsync defer test
Add a somewhat more extensive pfsync defer mode test. Ensure that pfsync
actually delays the state creating packet until after it has sent the
pfsync update and given the peer time to create the state.

Ideally the test should validate the pfsync state update and generate an
ack message, but to keep the test simple we rely on the timeout of the
deferred packet instead.

MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33245
2021-12-06 13:25:14 +01:00
Stefan Eßer
5e04571cf3 sys/bitset.h: reduce visibility of BIT_* macros
Add two underscore characters "__" to names of BIT_* and BITSET_*
macros to move them to the implementation name space and to prevent
a name space pollution due to BIT_* macros in 3rd party programs with
conflicting parameter signatures.

These prefixed macro names are used in kernel header files to define
macros in e.g. sched.h, sys/cpuset.h and sys/domainset.h.

If C programs are built with either -D_KERNEL (automatically passed
when building a kernel or kernel modules) or -D_WANT_FREENBSD_BITSET
(or this macros is defined in the source code before including the
bitset macros), then all macros are made visible with their previous
names, too. E.g., both __BIT_SET() and BIT_SET() are visible with
either of _KERNEL or _WANT_FREEBSD_BITSET defined.

The main reason for this change is that some 3rd party sources
including sched.h have been found to contain conflicting BIT_*
macros.

As a work-around, parts of shed.h have been made conditional and
depend on _WITH_CPU_SET_T being set when sched.h is included.
Ports that expect the full functionality provided by sched.h need
to be built with -D_WITH_CPU_SET_T. But this leads to conflicts if
BIT_* macros are defined in that program, too.

This patch set makes all of sched.h visible again without this
parameter being passed and without any name space pollution due
to BIT_* macros becoming visible when sched.h is included.

This patch set will be backported to the STABLE branches, but ports
will need to use -D_WITH_CPU_SET_T as long as there are supported
releases that do not contain these patches.

Reviewed by:	kib, markj
MFC after:	1 month
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D33235
2021-12-05 23:00:25 +01:00
Mitchell Horne
d99a40e5ba Remove riscv workaround in sys.netgraph.hub.loop test
The test case now passes on this architecture. This reverts commits
d5fd5cdc06 and 168b579a48.

Reviewed by:	lwhsu, imp
Differential Revision:	https://reviews.freebsd.org/D33252
2021-12-05 11:12:40 -04:00
Alan Somers
c2d342c509 fusefs: better debugging for FUSE_RENAME in the tests
MFC after:	2 weeks
2021-12-02 20:26:27 -07:00
Cy Schubert
56f32b0e4c wpa: Import wpa_supplicant/hostapd commit 14ab4a816
This is the November update to vendor/wpa committed upstream 2021-11-26.
2021-12-01 08:06:47 -08:00
Alan Somers
d109559ddb fusefs: fix 32-bit build of the tests after 91972cfcdd
MFC after:	2 weeks
MFC with:	91972cfcdd
2021-11-28 20:35:42 -07:00
Alan Somers
91972cfcdd fusefs: update atime on reads when using cached attributes
When using cached attributes, whether or not the data cache is enabled,
fusefs must update a file's atime whenever it reads from it, so long as
it wasn't mounted with -o noatime.  Update it in-kernel, and flush it to
the server on close or during the next setattr operation.

The downside is that close() will now frequently trigger a FUSE_SETATTR
upcall.  But if you care about performance, you should be using
-o noatime anyway.

MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D33145
2021-11-28 18:53:31 -07:00
Alan Somers
65d70b3bae fusefs: fix copy_file_range when extending a file
When copy_file_range extends a file, it must update the cached file
size.

MFC after:	2 weeks
Reviewed by:	rmacklem, pfg
Differential Revision: https://reviews.freebsd.org/D33151
2021-11-28 18:35:58 -07:00
Warner Losh
09f1ead230 Fix copyright to be like all my others in the tree 2021-11-23 21:21:18 -07:00
Warner Losh
afc5ab870d Basic signal tests: Can we deliver a signal?
Basic signal tests that tests can we deliver a signal via raise() and
can we deliver one via SIGALARM asynchronously.

In addition, tests whether or not on ARM T32 (Thumb) code can interrupt
A32 (normal) and vice versa.

While this test is aimed at ensuring basic qemu signals are working,
it's good to have in the base.

Sponsored by:		Netflix
Discussed with:		kevans, cognet
Differential Revision:	https://reviews.freebsd.org/D33078
2021-11-23 13:37:14 -07:00
Ed Maste
8ec4c5dae3 Fix coredump_phnum test with ASLR enabled by default
coredump_phnum intends to generate a core file with many PT_LOAD
segments.  Previously it called mmap() in a loop with alternating
protections, relying on each mapping following the previous, to produce
a core file with many page-sized PT_LOAD segments.  With ASLR on we no
longer have this property of each mmap() following the previous.

Instead, perform a single allocation, and then use mprotect() to set
alternating pages to PROT_READ.

PR:		259970
Reported by:	lwhsu, mw
Reviewed by:	kib
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33070
2021-11-21 12:57:38 -05:00
Kristof Provost
67573b7a39 net tests: fix if_stf:6to4
This test needs to have the loopback interface enabled, or route lookups
for our own IP addresses will fail.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33041
2021-11-20 19:29:02 +01:00
Kristof Provost
2610dcc1a5 net tests: 6rd to 6rd test
Test traffic between 6rd hosts, without border relay involvement.

PR:		253328
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33040
2021-11-20 19:29:02 +01:00
Kristof Provost
e1b95017d2 net tests: 6rd test for if_stf
Basic test case for 6rd.

PR:		253328
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33039
2021-11-20 19:29:02 +01:00
John Baldwin
694c708d6a ktls tests: Check the return values of close().
Suggested by:	markj
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D33004
2021-11-16 09:56:15 -08:00
John Baldwin
d71830cdf0 ktls: Use ATF_REQUIRE instead of assert() for validating TLS header lengths.
The TLS header length field is set by the kernel, so if it is
incorrect that is an indication of a kernel bug, not an internal error
in the tests.

Prompted by:	markj (comment in an earlier review)
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D33003
2021-11-16 09:56:15 -08:00
John Baldwin
83a54b582f ktls: Add tests ensuring unsupported receive cipher suites are rejected.
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32982
2021-11-15 11:32:49 -08:00
John Baldwin
233ce578a4 ktls: Add tests ensuring invalid receive cipher suites are rejected.
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32981
2021-11-15 11:32:15 -08:00
John Baldwin
3e7f8a8da2 ktls: Add simple receive tests of kernel TLS.
Similar to the simple transmit tests added in
a10482ea74, these tests test the kernel
TLS functionality directly by manually encrypting TLS records using
randomly generated keys and writing them to a socket to be processed
by the kernel.

Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32980
2021-11-15 11:31:16 -08:00
John Baldwin
d1c369f926 ktls: Add tests ensuring various invalid cipher suites are rejected.
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32843
2021-11-15 11:30:48 -08:00
John Baldwin
0ff2a12ae3 ktls: Add tests for sending empty fragments for TLS 1.0 connections.
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32841
2021-11-15 11:28:12 -08:00
John Baldwin
44265dc3da ktls: Add padding tests for AES-CBC MTE cipher suites.
For each AES-CBC MTE cipher suite, test sending records with 1 to 16
bytes of payload.  This ensures that all of the potential padding
values are covered.

Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32840
2021-11-15 11:26:45 -08:00
Gleb Smirnoff
6913bf4c3d tests/divert: fix after 2ce85919bb (IP source address validation)
Just make the test packet more legitimate.

Reviewed by:	melifaro
2021-11-12 11:20:06 -08:00
Kristof Provost
2de49deeca pf tests: Test PR259689
We didn't populate dyncnt/tblcnt, so `pfctl -sr -vv` might not have the
table element count.

PR:		259689
MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32893
2021-11-10 11:27:22 +01:00
Ed Maste
e818178e3a tests: do not build ktls_test if WITHOUT_OPENSSL
ktls_test requires libcrypto to build, and fails if it is not available
(which is the case when building WITHOUT_OPENSSL).

Reported by:	Michael Dexter, Build Option Survey
Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32895
2021-11-09 13:47:20 -05:00
Kristof Provost
eb5e0755f7 net tests: basic if_stf test
Test the 6to4 code.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32850
2021-11-09 09:39:54 +01:00
Kristof Provost
6e0755b37b net tests: basic if_gif(4) test case
MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32836
2021-11-08 12:00:00 +01:00
Kornel Duleba
197ff4c35b ossl: Add support for AES-CBC cipher
AES-CBC OpenSSL assembly is used underneath.
The glue layer(ossl_aes.c) is based on CHACHA20 implementation.
Contrary to the SHA and CHACHA20, AES OpenSSL assembly logic
does not have a fallback implementation in case CPU doesn't
support required instructions.
Because of that CPU caps are checked during initialization and AES
support is advertised only if available.
The feature is available on all architectures that ossl supports:
i386, amd64, arm64.

The biggest advantage of this patch over existing solutions
(aesni(4) and armv8crypto(4)) is that it supports SHA,
allowing for ETA operations.

Sponsored by:		Stormshield
Obtained from:		Semihalf
Reviewed by:		jhb (previous version)
Differential revision:	https://reviews.freebsd.org/D32099
2021-11-08 10:53:31 +01:00
Wojciech Macek
200bc58953 Revert "ossl: Add support for AES-CBC cipher"
This reverts commit 849faf4e0b.
2021-11-06 17:46:01 +01:00
Kornel Duleba
849faf4e0b ossl: Add support for AES-CBC cipher
AES-CBC OpenSSL assembly is used underneath.
The glue layer(ossl_aes.c) is based on CHACHA20 implementation.
Contrary to the SHA and CHACHA20, AES OpenSSL assembly logic
does not have a fallback implementation in case CPU doesn't
support required instructions.
Because of that CPU caps are checked during initialization and AES
support is advertised only if available.
The feature is available on all architectures that ossl supports:
i386, amd64, arm64.

The biggest advantage of this patch over existing solutions
(aesni(4) and armv8crypto(4)) is that it supports SHA,
allowing for ETA operations.

Sponsored by:		Stormshield
Obtained from:		Semihalf
Reviewed by:		jhb
Differential revision:	https://reviews.freebsd.org/D32099
2021-11-06 09:08:44 +01:00
Kristof Provost
508161111d pf tests: basic test for ridentifier
MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32751
2021-11-05 09:39:56 +01:00
Kristof Provost
11703705c2 pf tests: route_to:icmp_nat_head requires scapy
Document the requirement so the test is skipped if scapy is not
installed.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-11-03 10:35:09 +01:00
John Baldwin
a10482ea74 ktls: Add simple transmit tests of kernel TLS.
Note that these tests test the kernel TLS functionality directly.
Rather than using OpenSSL to perform negotiation and generate keys,
these tests generate random keys send data over a pair of TCP sockets
manually decrypting the TLS records generated by the kernel.

Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32652
2021-11-01 11:28:10 -07:00
Marius Halden
847b0d07c4 carp tests: negative demotion
PR:		259528
Reviewed by:	donner
MFC after:	3 weeks
Sponsored by:	Modirum MDPay
Differential Revision:	https://reviews.freebsd.org/D32760
2021-11-01 17:08:23 +01:00
Kristof Provost
4ee0f6d874 netpfil tests: dummynet+NAT test for pf
Ensure that NAT still works as expected when combined with dummynet.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32666
2021-10-28 10:41:17 +02:00
Kristof Provost
30276ef12c pf tests: test NAT-ed ICMP errors
Ensure that the ICMP error is returned with the correct
source and destination addresses.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32572
2021-10-22 09:52:17 +02:00
Mark Johnston
51425cb210 bitset: Reimplement BIT_FOREACH_IS(SET|CLR)
Eliminate the nested loops and re-implement following a suggestion from
rlibby.

Add some simple regression tests.

Reviewed by:	rlibby, kib
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32472
2021-10-18 09:56:58 -04:00
Kristof Provost
914ec9c78d pf tests: ensure that $nr expansion is correct
Test the $nr expansion in labels is correct, even if the optimiser
reduces the rule count.

MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D32489
2021-10-15 22:19:45 +02:00
Li-Wen Hsu
168b579a48
Fix RISC-V build
Fixes:	d5fd5cdc06
2021-10-14 23:20:12 +08:00
Li-Wen Hsu
d5fd5cdc06
Temporarily skip sys.netgraph.hub.loop on RISC-V in CI
This case panics kernel.

PR:		259157
Sponsored by:	The FreeBSD Foundation
2021-10-14 05:31:22 +08:00
Kyle Evans
7259ca3104 fifos: delegate unhandled kqueue filters to underlying filesystem
This gives the vfs layer a chance to provide handling for EVFILT_VNODE,
for instance.  Change pipe_specops to use the default vop_kqfilter to
accommodate fifoops that don't specify the method (i.e. all in-tree).

Based on a patch by Jan Kokemüller.

PR:		225934
Reviewed by:	kib, markj (both pre-KASSERT)
Differential Revision:	https://reviews.freebsd.org/D32271
2021-10-12 02:43:07 -05:00
Li-Wen Hsu
2d827c065a
Skip sys.net.if_lagg_test.status_stress in CI
This case panics the machine fairly often and we should run
stress tests separately.

Sponsored by:	The FreeBSD Foundation
2021-10-12 05:40:24 +08:00
Mitchell Horne
8babb5582e riscv: fix VM_MAXUSER_ADDRESS checks in asm routines
There are two issues with the checks against VM_MAXUSER_ADDRESS. First,
the comparison should consider the values as unsigned, otherwise
addresses with the high bit set will fail to branch. Second, the value
of VM_MAXUSER_ADDRESS is, by convention, one larger than the maximum
mappable user address and invalid itself. Thus, use the bgeu instruction
for these comparisons.

Add a regression test case for copyin(9).

PR:		257193
Reported by:	Robert Morris <rtm@lcs.mit.edu>
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D31209
2021-10-07 18:12:30 -03:00
John Baldwin
668770dc7d crypto: Test all of the AES-CCM KAT vectors.
Previously, only test vectors which used the default nonce and tag
sizes (12 and 16, respectively) were tested.  This now tests all of
the vectors.  This exposed some additional issues around requests with
an empty payload (which wasn't supported) and an empty AAD (which
falls back to CIOCCRYPT instead of CIOCCRYPTAEAD).

- Make use of the 'ivlen' and 'maclen' fields for CIOGSESSION2 to
  test AES-CCM vectors with non-default nonce and tag lengths.

- Permit requests with an empty payload.

- Permit an input MAC for requests without AAD.

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32121
2021-10-06 14:08:48 -07:00
Alan Somers
f44a448709 fusefs: fix intermittency in the dev_fuse_poll test
The DevFusePoll::access/select test would occasionally segfault.  The
cause was a file descriptor that was shared between two threads.  The
first thread would kill the second and close the file descriptor.  But
it was possible that the second would read the file descriptor before it
shut down.  That did not cause problems for kqueue, poll, or blocking
operation, but it triggered segfaults in select's macros.

MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D32142
2021-10-06 14:28:48 -06:00
Alan Somers
032a5bd55b fusefs: Fix a bug during VOP_STRATEGY when the server changes file size
If the FUSE server tells the kernel that a file's size has changed, then
the kernel must invalidate any portion of that file in cache.  But the
kernel can't do that during VOP_STRATEGY, because the file's buffers are
already locked.  Instead, proceed with the write.

PR:		256937
Reported by:	Agata <chogata@moosefs.pro>
Tested by:	Agata <chogata@moosefs.pro>
MFC after:	2 weeks
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D32332
2021-10-06 14:07:33 -06:00
Alan Somers
7430017b99 fusefs: fix a recurse-on-non-recursive lockmgr panic
fuse_vnop_bmap needs to know the file's size in order to calculate the
optimum amount of readahead.  If the file's size is unknown, it must ask
the FUSE server.  But if the file's data was previously cached and the
server reports that its size has shrunk, fusefs must invalidate the
cached data.  That's not possible during VOP_BMAP because the buffer
object is already locked.

Fix the panic by not querying the FUSE server for the file's size during
VOP_BMAP if we don't need it.  That's also a a slight performance
optimization.

PR:		256937
Reported by:	Agata <chogata@moosefs.pro>
Tested by:	Agata <chogata@moosefs.pro>
MFC after:	2 weeks
2021-10-06 14:07:33 -06:00
Mark Johnston
69f7649b71 gmultipath tests: Re-enable the failloop test in CI
PR:		258763
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2021-10-04 12:28:27 -04:00
Kyle Evans
2f4dbe279f kqueue: fix recent assertion
NOTE_ABSTIME may also have a zero timeout, which indicates that we
should still fire immediately as an absolute time in the past.  A test
has been added for this one as well.

Fixes:	9c999a259f ("kqueue: don't arbitrarily restrict long-past...")
Point hat:	kevans
Reported by:	syzbot+1c8d1154f560b3930042@syzkaller.appspotmail.com
2021-10-01 13:17:30 -05:00
Kyle Evans
9c999a259f kqueue: don't arbitrarily restrict long-past values for NOTE_ABSTIME
NOTE_ABSTIME values are converted to values relative to boottime in
filt_timervalidate(), and negative values are currently rejected.  We
don't reject times in the past in general, so clamp this up to 0 as
needed such that the timer fires immediately rather than imposing what
looks like an arbitrary restriction.

Another possible scenario is that the system clock had to be adjusted
by ~minutes or ~hours and we have less than that in terms of uptime,
making a reasonable short-timeout suddenly invalid. Firing it is still
a valid choice in this scenario so that applications can at least
expect a consistent behavior.

Reviewed by:	kib, markj
Discussed with:	allanjude
Differential Revision:	https://reviews.freebsd.org/D32230
2021-09-30 21:31:24 -05:00
Kristof Provost
2f20d80692 pf tests: Basic adaptive mode syncookie test
MFC after:	1 week
Sponsored by:	Modirum MDPay
Differential Revision:	https://reviews.freebsd.org/D32139
2021-09-29 15:42:01 +02:00
Kristof Provost
dc0636636b pf tests: Basic syncookie test
MFC after:	1 week
Sponsored by:	Modirum MDPay
Differential Revision:	https://reviews.freebsd.org/D32138
2021-09-29 15:42:01 +02:00
Li-Wen Hsu
0b159faaca
Temporarily skip flaky tset cases under sys.aio.aio_test in CI
- sys.aio.aio_test.vectored_unaligned
- sys.aio.aio_test.vectored_zvol_poll

PR:		258766
Sponsored by:	The FreeBSD Foundation
2021-09-29 03:32:47 +08:00
Li-Wen Hsu
b9b5a4dd59
gmultipath failloop test: Put the dtrace sanity checker in right place
Check if dtrace excution is successful or not right after execution.

Sponsored by:	The FreeBSD Foundation
2021-09-29 02:38:34 +08:00