Commit Graph

993 Commits

Author SHA1 Message Date
Mark Johnston
9a1184de2a Add safexcel(4) to cryptotest.
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC (Netgate)
2020-07-14 14:11:54 +00:00
Enji Cooper
cdb9318eed Don't leave path behind when executing :chflags_success
Prior to this change a `SF_IMMUTABLE` chflagsat(2)'ed file (`path`) was left
behind, which sabotaged kyua(1) from being able to clean up the work directory,
This resulted in unnecessary work for folks having to clean up the work
directory on non-disposable systems, which defaults to `/tmp`. Use `UF_OFFLINE`
instead of `SF_IMMUTABLE`, in part because setting `SF_IMMUTABLE` isn't relevant
to the test and `SF_IMMUTABLE` cannot be cleared at all securelevels, as pointed
out by @asomers.

Additional work is required to catch cases like this upfront in the future to
avoid tester headache. See PR # 247765 for more details/followup.

Suggested by:	asomers
Reviewed By:	asomers, #tests
MFC after:	1 week
PR:		247761
Sponsored by:	DellEMC
Differential Revision: https://reviews.freebsd.org/D25561
2020-07-12 17:16:57 +00:00
Kyle Evans
423a033ba7 memfd_create: turn on SHM_GROW_ON_WRITE
memfd_create fds will no longer require an ftruncate(2) to set the size;
they'll grow (to the extent that it's possible) upon write(2)-like syscalls.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D25502
2020-07-10 00:45:16 +00:00
Alan Somers
6f818c1fb0 geli: enable direct dispatch
geli does all of its crypto operations in a separate thread pool, so
g_eli_start, g_eli_read_done, and g_eli_write_done don't actually do very
much work. Enabling direct dispatch eliminates the g_up/g_down bottlenecks,
doubling IOPs on my system. This change does not affect the thread pool.

Reviewed by:	markj
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D25587
2020-07-08 17:12:12 +00:00
Alexander V. Chernikov
eddfb2e86f Fix IPv6 regression introduced by r362900.
PR:		kern/247729
2020-07-03 08:06:26 +00:00
Li-Wen Hsu
2749666d01 Temporarily skip sys.netinet6.redirect.valid_redirect in CI
PR:		247729
Sponsored by:	The FreeBSD Foundation
2020-07-03 02:02:34 +00:00
Edward Tomasz Napierala
7a9a01db9f Make sys.auditpipe depend on /dev/auditpipe. This fixes a few failures
on armv7.

MFC after:	2 weeks
Sponsored by:	DARPA
2020-06-24 12:17:40 +00:00
Li-Wen Hsu
f29bf91a23 Temporarily skip unstable sys.geom.class.gate.ggate_test.ggated on i386 in CI
PR:		244737
Sponsored by:	The FreeBSD Foundation
2020-06-24 07:25:54 +00:00
Edward Tomasz Napierala
a8ca275b7d Make audit tests depend on /dev/auditpipe. This should fix
some 416 failing tests on armv7:

https://ci.freebsd.org/job/FreeBSD-head-armv7-test/lastCompletedBuild/testReport/

Reviewed by:	asomers
MFC after:	2 weeks
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D25144
2020-06-18 15:41:16 +00:00
Li-Wen Hsu
435166f877 Skip sys.net.if_lagg_test.lacp_linkstate_destroy_stress in CI because of panic
PR:		244168
Sponsored by:	The FreeBSD Foundation
2020-06-11 18:59:57 +00:00
Kristof Provost
048c96e3e6 bridge tests: Re-enable STP test
This test should no longer provoke large amounts of traffic, which can
overwhelm single-core systems, preventing them from making progress in the
tests.

The test can now be re-enabled.

PR:		246448
2020-06-07 13:53:02 +00:00
Kristof Provost
e07e002e95 bridge tests: Avoid building a switching loop
Enable STP before bringing the bridges up. This avoids a switching loop,
which has a tendency to drown out progress in userspace processes,
especially on single-core systems.

Only check that we have indeed shut down one of the looped interfaces

PR:		246448
Reviewed by:	melifaro
Differential Revision:	https://reviews.freebsd.org/D25084
2020-06-01 19:26:16 +00:00
Li-Wen Hsu
4d3aef0780 Revert r361497, these cases are fixed by r361617.
PR:		246737
Sponsored by:	The FreeBSD Foundation
2020-05-29 10:09:47 +00:00
Shteryana Shopova
a7a64b722b Proper check if divert(4) module is present by the relevant tests
Fix the netinet/netinet6 divert tests falsely reporting 'ipdivert module is
not loaded' when the divert module is built into the kernel

Sponsored by:	Axiado
Differential Revision:	https://reviews.freebsd.org/D25026
2020-05-27 16:33:00 +00:00
Li-Wen Hsu
c4e61d8568 Disable failing test cases in CI:
sys.netipsec.tunnel.aes_cbc_128_hmac_sha1.v4
sys.netipsec.tunnel.aes_cbc_256_hmac_sha2_256.v4
sys.netipsec.tunnel.aesni_aes_cbc_128_hmac_sha1.v4
sys.netipsec.tunnel.aesni_aes_cbc_256_hmac_sha2_256.v4

PR:		246737
Sponsored by:	The FreeBSD Foundation
2020-05-26 06:55:03 +00:00
Alan Somers
bfcb817bcd Fix issues with FUSE_ACCESS when default_permissions is disabled
This patch fixes two issues relating to FUSE_ACCESS when the
default_permissions mount option is disabled:

* VOP_ACCESS() calls with VADMIN set should never be sent to a fuse server
  in the form of FUSE_ACCESS operations. The FUSE protocol has no equivalent
  of VADMIN, so we must evaluate such things kernel-side, regardless of the
  default_permissions setting.

* The FUSE protocol only requires FUSE_ACCESS to be sent for two purposes:
  for the access(2) syscall and to check directory permissions for
  searchability during lookup. FreeBSD sends it much more frequently, due to
  differences between our VFS and Linux's, for which FUSE was designed. But
  this patch does eliminate several cases not required by the FUSE protocol:

  * for any FUSE_*XATTR operation
  * when creating a new file
  * when deleting a file
  * when setting timestamps, such as by utimensat(2).

* Additionally, when default_permissions is disabled, this patch removes one
  FUSE_GETATTR operation when deleting a file.

PR:		245689
Reported by:	MooseFS FreeBSD Team <freebsd@moosefs.pro>
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24777
2020-05-22 18:11:17 +00:00
Mark Johnston
9bf12bb91d Avoid hard-coding pipe buffer sizes in the pipe and fifo kqueue tests.
Fix some style issues in the modified tests while here.

Reported by:	Jenkins via lwhsu
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2020-05-20 17:48:18 +00:00
Edward Tomasz Napierala
f464bd04ce Make sys.net.if_bridge_test depend on python; sys.net.if_bridge_test.span
requires it.

MFC after:	2 weeks
Sponsored by:	DARPA
2020-05-19 21:55:29 +00:00
Edward Tomasz Napierala
b43bd1070c Make sys.netinet.output and sys.netinet6.output6 tests depend on python;
they need to be able to run net_receiver.py.

MFC after:	2 weeks
Sponsored by:	DARPA
2020-05-19 21:48:45 +00:00
Li-Wen Hsu
6c9dbd8b13 Revert r361237, it's fixed by r361231
PR:		246560
Sponsored by:	The FreeBSD Foundation
2020-05-19 07:16:09 +00:00
Li-Wen Hsu
3f5fe78b9a Temporarily disable test case causes kernel panic in CI:
- sys.netinet.so_reuseport_lb_test.basic_ipv6

PR:		246560
Sponsored by:	The FreeBSD Foundation
2020-05-19 02:07:08 +00:00
Li-Wen Hsu
f9777376b9 Revert 357780, dtrace -c has been fixed in head`
PR:		244053
Sponsored by:	The FreeBSD Foundation
2020-05-18 23:43:48 +00:00
Alan Somers
275379902e fusefs: fix intermittency in some ENOENT tests
When a FUSE operation other than LOOKUP returns ENOENT, the kernel will
reclaim that vnode, resuling in a FUSE_FORGET being sent a short while
later.  Many of the ENOENT tests weren't expecting those FUSE_FORGET
operations.  They usually passed by luck since FUSE_FORGET is often delayed.
This commit adds appropriate expectations.

MFC after:	2 weeks
2020-05-18 18:36:32 +00:00
Alan Somers
8bebfe076d Reenable sys.geom.class.gate.ggate_test.ggated in CI
Should be fixed by r360613

PR:		244737
Reported by:	lwhsu
2020-05-17 02:41:50 +00:00
Kyle Evans
1d2e31af14 pf tests: fix up a couple WARNS= 6 nits
common_init_tbl is only used within this single CU, so it should be marked
static.

WARNS=6 also complained about the var defined by
`ATF_TC_WITH_CLEANUP(getastats);` being unused, which turns out to be
because it's not been hooked up in ATF_TP_ADD_TCS. kp@ did not immediately
recall any reason for this, and the case passes on my local system, so hook
it up.

Note that I've not yet set WARNS= 6 here. Investigation is underway to see
if we can feasibly default WARNS to 6 for src builds to catch directories
too deep to inherit a WARNS from the top-level subdirectories' Makefile.inc.
Those particular WARNS settings will be subsequently removed as they become
redundant with a more-global default.

MFC after:	1 week
2020-05-14 23:20:58 +00:00
Li-Wen Hsu
b18e0a534f Only skip sys.net.if_clone_test.epair_stress in CI env
PR:		246443
Sponsored by:	The FreeBSD Foundation
2020-05-13 20:37:46 +00:00
Li-Wen Hsu
bf3dd13d41 Temporarily skip sys.net.if_bridge_test.stp in CI as it always times out
PR:		244229
Sponsored by:	The FreeBSD Foundation
2020-05-13 20:36:38 +00:00
Li-Wen Hsu
40988c2456 Temporarily skip sys.net.if_clone_test.epair_stress
This case timed out so often

PR:		246443
Sponsored by:	The FreeBSD Foundation
2020-05-13 19:29:14 +00:00
Mark Johnston
17dd52dfab Add a basic table entry counter regression test.
Reviewed by:	kp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24809
2020-05-11 19:08:03 +00:00
Mark Johnston
96bc58ea81 Remove the svn:executable property from some pf test files.
The test makefiles will handle setting mode bits during install.  Also,
Phabricator gets upset when uploading an executable plain-text file
without a shebang.

MFC after:	1 week
2020-05-11 19:07:33 +00:00
Alan Somers
a22a780752 fusefs: fix two small bugs in the tests' expectations
These two errors have been present since the tests' introduction.
Coincidentally every test (I think there's only one) that cares about that
field also works when the field's value is 0.

MFC after:	2 weeks
2020-05-08 23:00:02 +00:00
Alan Somers
deed14f451 Fix the sys.geom.class.multipath.misc.fail_on_error test on stable/12
This test uses a gnop feature (delay probability) that isn't available on
stable/12.  But it's unnecessary; the test works fine without it.  Removing
it simplifies the test and, once MFCed, will allow it to pass on stable/12.

PR:		244158
Reported by:	lwhsu
MFC after:	2 weeks
2020-05-08 02:42:15 +00:00
Alexander V. Chernikov
768c98a737 Add basic routing LPM tests.
Differential Revision:	https://reviews.freebsd.org/D24684
2020-05-06 07:48:37 +00:00
Li-Wen Hsu
bbea96df46 Revert r360204, sys.netipsec.tunnel.empty.v{4,6} are fixed by r360560
PR:		245832
Sponsored by:	The FreeBSD Foundation
2020-05-04 11:23:55 +00:00
Alan Somers
4abfd5bd93 Fix intermittent cleanup failures in the ggated test
MFC after:	2 weeks
2020-05-03 18:10:54 +00:00
Alan Somers
b43a935cae Resolve conflict between the fusefs(5) and mac_bsdextended(4) tests
mac_bsdextended(4), when enabled, causes ordinary operations to send many
more VOP_GETATTRs to file system. The fusefs tests expectations aren't
written with those in mind. Optionally expecting them would greatly
obfuscate the fusefs tests. Worse, certain fusefs functionality (like
attribute caching) would be impossible to test if the tests couldn't expect
an exact number of GETATTR operations.

This commit resolves that conflict by making two changes:

1. The fusefs tests will now check for mac_bsdextended, and skip if it's
   enabled.
2. The mac_bsdextended tests will now check whether the module is enabled, not
   merely loaded. If it's loaded but disabled, the tests will automatically
   enable it for the duration of the tests.

With these changes, a CI system can achieve best coverage by loading both
fusefs and mac_bsdextended at boot, and setting
security.mac.bsdextended.enabled=0

PR:		244229
Reported by:	lwhsu
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24577
2020-05-02 20:14:59 +00:00
John Baldwin
6c80c319ef Remove support for the algorithms deprecated in r348876.
This removes support for the following algorithms:
- ARC4
- Blowfish
- CAST128
- DES
- 3DES
- MD5-HMAC
- Skipjack

Since /dev/crypto no longer supports 3DES, stop testing the 3DES KAT
vectors in cryptotest.py.

Reviewed by:	cem (previous version)
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24346
2020-05-02 14:20:32 +00:00
Ed Maste
de1ca57386 geli tests require OpenSSL - exclude them under WITHOUT_OPENSSL
PR:		245931
Submitted by:	The FreeBSD Foundation
2020-04-30 21:09:01 +00:00
Mark Johnston
344d411c67 Add some regression tests for read and write kevents on pipes.
Submitted by:	Jan Kokemüller <jan.kokemueller@gmail.com>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24528
2020-04-27 15:59:34 +00:00
Kristof Provost
5377560783 bridge tests: Test for #216510
We used to have an issue with recursive locking with
net.link.bridge.inherit_mac. This causes us to send an ARP request while
we hold the BRIDGE_LOCK, which used to cause us to acquire the
BRIDGE_LOCK again. We can't re-acquire it, so this caused a panic.

Now that we no longer need to acquire the BRIDGE_LOCK for
bridge_transmit() this should no longer panic. Test this.

PR:	216510
Reviewed by:	emaste, philip
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24251
2020-04-26 16:27:03 +00:00
Alan Somers
db20acc029 mac_bsdextended: ATFify the tests
The new tests have more complete setup and cleanup, are more granular, and
correctly annotate expected failures and skipped tests. A follow-up commit
will resolve a conflict with the fusefs tests (bug 244229).

MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24257
2020-04-26 15:51:46 +00:00
Li-Wen Hsu
87e9ade239 Temporarily skip sys.netipsec.tunnel.empty.v{4,6} in CI
PR:		245832
Sponsored by:	The FreeBSD Foundation
2020-04-22 20:50:24 +00:00
John Baldwin
871eec00e2 Update blake2 accelerated software tests to work after OCF refactoring.
- Lookup device drivers to test by name instead of assuming that the
  software / hardware flags will select specific drivers.
- Set the sysctl to permit software /dev/crypto requests when testing
  the accelerated software blake2 driver.

PR:		245825
Reported by:	lwhsu
Reviewed by:	cem, lwhsu
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24540
2020-04-22 20:43:18 +00:00
Li-Wen Hsu
841d3cc068 Temporarily skip sys.opencrypto.blake2_test.blake2{b,s}_vectors_x86 in CI
PR:		245825
Sponsored by:	The FreeBSD Foundation
2020-04-22 14:45:00 +00:00
Li-Wen Hsu
79959b8475 Enable timer tests in sys.kqueue.libkqueue.kqueue_test.main on i386
They were fixed in r360140

PR:		245768
Sponsored by:	The FreeBSD Foundation
2020-04-22 09:53:41 +00:00
Alex Richardson
f527d7de58 Remove extern from function declarations in common.h
Suggested by: cem
2020-04-21 15:55:08 +00:00
Li-Wen Hsu
129ba2d368 Temporarily skip timer tests in sys.kqueue.libkqueue.kqueue_test.main on i386
PR:		245768
Sponsored by:	The FreeBSD Foundation
2020-04-20 17:48:10 +00:00
Li-Wen Hsu
69b7dbeb38 Only skip sys.netinet.socket_afinet.socket_afinet_bind_zero in CI env
Sponsored by:	The FreeBSD Foundation
2020-04-20 14:24:13 +00:00
Li-Wen Hsu
a1841da4fa Temporarily disable sys.netinet.divert.* on i386
PR:		244703
Sponsored by:	The FreeBSD Foundation
2020-04-20 14:18:56 +00:00
Kyle Evans
0fbdc3726a tests: kqueue: fix some issues with now() on ILP32 platforms
There were ultimately two separate problems here:
- a 32-bit long cannot represent microseconds since 1970 (noted by ian)
- time_t is 32-bit on i386, so now() was wrong anyways even with the correct
  return type.

For the first, just explicitly use a uint64_t for now() and all of the
callers. For the second, we need to explicitly cast tv_sec to uint64_t
before it gets multiplied in the SEC_TO_US macro. Casting this instance
rather than generally in the macro was arbitrarily chosen simply because all
other uses are converting small relative time values.

The tests now pass on i386, at least; presumably other ILP32 will be fine
now as well.
2020-04-20 00:47:28 +00:00