Commit Graph

500 Commits

Author SHA1 Message Date
Kristof Provost
bd0eb4dcc4 pf tests: Test for nested inline anchor issue
PR:		196314
MFC after:	1 week
2019-03-02 12:30:59 +00:00
Kristof Provost
15426769bb pf tests: Test CVE-2019-5597
Generate a fragmented packet with different header chains, to provoke
the incorrect behaviour of pf.
Without the fix this will trigger a panic.

Obtained from:	Corentin Bayet, Nicolas Collignon, Luca Moro at Synacktiv
2019-03-01 07:39:55 +00:00
Andrew Turner
bdffe3b5bf Allow the kcov buffer to be mmaped multiple times.
After r344391 this restriction is no longer needed.

Sponsored by:	DARPA, AFRL
2019-02-21 10:11:15 +00:00
Andrew Turner
bd52577899 Use KCOV_ENTRY_SIZE for the entry size.
Previously it was sizeof(uint64_t). While this is currently true, it may
not be on all future architectures.

Sponsored by:	DARPA, AFRL
2019-02-21 09:43:14 +00:00
Kristof Provost
fe5a065d4b pf tests: Check size validation in DIOCGETSRCNODES
Ensure that invalid sizes for DIOCGETSRCNODES do not cause panics.

MFC after:	 1 week
2019-01-22 02:56:36 +00:00
Kristof Provost
b9dee1ff02 pf tests: Test PR 229241
pfctl has an issue with 'set skip on <group>', which causes inconsistent
behaviour: the set skip directive works initially, but does not take
effect when the same rules are re-applied.

PR:		229241
MFC after:	1 week
2019-01-13 05:31:53 +00:00
Andrew Turner
c1bc2f7a02 Temporarily disable the kcov tests. Not all architectures have
atomic_store_64 and atomic_store_64.

Sponsored by:	DARPA, AFRL
2019-01-12 11:50:39 +00:00
Andrew Turner
b3c0d957a2 Add support for the Clang Coverage Sanitizer in the kernel (KCOV).
When building with KCOV enabled the compiler will insert function calls
to probes allowing us to trace the execution of the kernel from userspace.
These probes are on function entry (trace-pc) and on comparison operations
(trace-cmp).

Userspace can enable the use of these probes on a single kernel thread with
an ioctl interface. It can allocate space for the probe with KIOSETBUFSIZE,
then mmap the allocated buffer and enable tracing with KIOENABLE, with the
trace mode being passed in as the int argument. When complete KIODISABLE
is used to disable tracing.

The first item in the buffer is the number of trace event that have
happened. Userspace can write 0 to this to reset the tracing, and is
expected to do so on first use.

The format of the buffer depends on the trace mode. When in PC tracing just
the return address of the probe is stored. Under comparison tracing the
comparison type, the two arguments, and the return address are traced. The
former method uses on entry per trace event, while the later uses 4. As
such they are incompatible so only a single mode may be enabled.

KCOV is expected to help fuzzing the kernel, and while in development has
already found a number of issues. It is required for the syzkaller system
call fuzzer [1]. Other kernel fuzzers could also make use of it, either
with the current interface, or by extending it with new modes.

A man page is currently being worked on and is expected to be committed
soon, however having the code in the kernel now is useful for other
developers to use.

[1] https://github.com/google/syzkaller

Submitted by:	Mitchell Horne <mhorne063@gmail.com> (Earlier version)
Reviewed by:	kib
Testing by:	tuexen
Sponsored by:	DARPA, AFRL
Sponsored by:	The FreeBSD Foundation (Mitchell Horne)
Differential Revision:	https://reviews.freebsd.org/D14599
2019-01-12 11:21:28 +00:00
Vincenzo Maffione
08f34ad9ed netmap: unit tests: fix issues found by coverity scan
Reported by:	asomers
MFC after:	1 week
Sponsored by:	Sunny Valley Networks
2019-01-03 16:47:05 +00:00
Vincenzo Maffione
5854d71854 netmap: fix warnings on unit tests
Fix some printf() format string warnings raised for ctrl-api-test.c
on some architectures.

MFC after:	1 week
Sponsored by:	Sunny Valley Networks
2018-12-31 12:07:17 +00:00
Vincenzo Maffione
2a8682a815 netmap: add suite of unit tests
Import the unit tests from upstream (https://github.com/luigirizzo/netmap
ba02539859d46d33), and make them ready for use with Kyua.
There are currently 38 regression tests, which test the kernel control ABI
exposed by netmap to userspace applications:

  1: test for port info get
  2-5: tests for basic port registration
  6-9: tests for VALE
  10-11: tests for getting netmap allocator info
  12-15: tests for netmap pipes
  16: test on polling mode
  17-18: tests on options
  19-27: tests for sync-kloop subsystem
  28-39: tests for null ports
  31-38: tests for the legacy NIOCREGIF registers

Reviewed by:	ngie
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18490
2018-12-31 11:17:58 +00:00
Alan Somers
b1ce931bd8 Conditionalize installtion audit(4) tests on MK_AUDIT
MK_AUDIT already controls auditd(8), praudit(1), etc.  It should also control
the audit test suite.

Submitted by:	ngie
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd/pull/240
2018-12-17 18:35:32 +00:00
Alan Somers
7fe3fd48a5 audit(4) tests: require /etc/rc.d/auditd
These tests should be skipped if /etc/rc.d/auditd is missing, which could be
the case if world was built with WITHOUT_AUDIT set.  Also, one test case
requires /etc/rc.d/accounting.

Submitted by:	ngie
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd/pull/240
2018-12-17 18:11:06 +00:00
Kristof Provost
ff514f1f8a pf tests: Basic rdr test
MFC after:	2 weeks
2018-12-12 20:19:56 +00:00
Kristof Provost
9bfe20461c pf tests: NAT exhaustion test
It's been reported that pf doesn't handle running out of available ports
for NAT correctly. It freezes until a state expires and it can find a
free port.
Test for this, by setting up a situation where only two ports are
available for NAT and then attempting to create three connections.

If successful the third connection will fail immediately. In an
incorrect case the connection attempt will freeze, also freezing all
interaction with pf through pfctl and trigger timeout.

PR:		233867
MFC after:	2 weeks
2018-12-12 20:19:18 +00:00
Kristof Provost
d3cc40300e pf tests: Use the ATF cleanup infrastructure in the ioctl tests
Use ATF_TC_CLEANUP(), because that means the cleanup code will get
called even if a test fails. Before it would only be executed if every
test within the body succeeded.

Reported by:	Marie Helene Kvello-Aune <marieheleneka@gmail.com>
MFC after:	2 weeks
2018-12-11 21:49:13 +00:00
Kristof Provost
87c7063c2b pf tests: ioctl tests require root rights
Explicitly mark these tests as requiring root rights. We need to be able
to open /dev/pf.

Reported by:	Marie Helene Kvello-Aune <marieheleneka@gmail.com>
MFC after:	2 weeks
2018-12-11 21:45:56 +00:00
John Baldwin
c5786670ac Don't report stale signal information for non-signal events in ptrace_lwpinfo.
Once a signal's siginfo was copied to 'td_si' as part of the signal
exchange in issignal(), it was never cleared.  This caused future
thread events that are reported as SIGTRAP events without signal
information to report the stale siginfo in 'td_si'.  For example, if a
debugger created a new process and used SIGSTOP to stop it after
PT_ATTACH, future system call entry / exit events would set PL_FLAG_SI
with the SIGSTOP siginfo in pl_siginfo.  This broke 'catch syscall' in
current versions of gdb as it assumed PL_FLAG_SI with SIGTRAP
indicates a breakpoint or single step trap.

Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18487
2018-12-10 19:39:24 +00:00
Conrad Meyer
af7dcae0e2 gmirror: Evaluate mirror components against newest metadata copy
Re-apply r341665 with format strings fixed.

If we happen to taste a stale mirror component first, don't reject valid,
newer components that have differing metadata from the stale component
(during STARTING).  Instead, update our view of the most recent metadata as
we taste components.

Like mediasize beforehand, remove some checks from g_mirror_check_metadata
which would evict valid components due to metadata that can change over a
mirror's lifetime.  g_mirror_check_metadata is invoked long before we check
genid/syncid and decide which component(s) are newest and whether or not we
have quorum.

Before checking if we can enter RUNNING (i.e., we have quorum) after a NEW
component is added, first remove any known stale or inconsistent disks from
the mirrorset, rather than removing them *after* deciding we have quorum.
Check if we have quorum after removing these components.

Additionally, add a knob, kern.geom.mirror.launch_mirror_before_timeout, to
force gmirrors to wait out the full timeout (kern.geom.mirror.timeout)
before transitioning from STARTING to RUNNING.  This is a kludge to help
ensure all eligible, boot-time available mirror components are tasted before
RUNNING a gmirror.

Add a basic test case for STARTING -> RUNNING startup behavior around stale
genids.

PR:		232671, 232835
Submitted by:	Cindy Yang <cyang AT isilon.com> (previous version)
Reviewed by:	markj (kernel portions)
Discussed with:	asomers, Cindy Yang
Tested by:	pho
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D18062
2018-12-07 02:44:04 +00:00
Conrad Meyer
c4e87bdfc1 Revert r341665 due to tinderbox breakage
I didn't notice that some format strings were non-portable.  Will fix and
re-commit later.
2018-12-07 00:47:05 +00:00
Alan Somers
a9ebbf33ea geom tests: Fix cleanup of ATF tests since r341392
r341392 changed common test cleanup routines in a way that allowed them to
be used by TAP tests as well as ATF tests.  However, a late change made
during code review resulted in cleanup being broken for ATF tests, which
source geom_subr.sh separately during the body and cleanup phases of the
test.  The result was that md(4) devices wouldn't get cleaned up.

MFC after:	2 weeks
X-MFC-With:	341392
2018-12-07 00:27:38 +00:00
Conrad Meyer
bc1ee0be2d gmirror: Evaluate mirror components against newest metadata copy
If we happen to taste a stale mirror component first, don't reject valid,
newer components that have differing metadata from the stale component
(during STARTING).  Instead, update our view of the most recent metadata as
we taste components.

Like mediasize beforehand, remove some checks from g_mirror_check_metadata
which would evict valid components due to metadata that can change over a
mirror's lifetime.  g_mirror_check_metadata is invoked long before we check
genid/syncid and decide which component(s) are newest and whether or not we
have quorum.

Before checking if we can enter RUNNING (i.e., we have quorum) after a NEW
component is added, first remove any known stale or inconsistent disks from
the mirrorset, rather than removing them *after* deciding we have quorum.
Check if we have quorum after removing these components.

Additionally, add a knob, kern.geom.mirror.launch_mirror_before_timeout, to
force gmirrors to wait out the full timeout (kern.geom.mirror.timeout)
before transitioning from STARTING to RUNNING.  This is a kludge to help
ensure all eligible, boot-time available mirror components are tasted before
RUNNING a gmirror.

When we are instructed to forget mirror components, bump the generation id
to avoid confusion with such stale components later.

Add a basic test case for STARTING -> RUNNING startup behavior around stale
genids.

PR:		232671, 232835
Submitted by:	Cindy Yang <cyang AT isilon.com> (previous version)
Reviewed by:	markj (kernel portions)
Discussed with:	asomers, Cindy Yang
Tested by:	pho
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D18062
2018-12-06 23:55:39 +00:00
Li-Wen Hsu
037479ff5e Temporarily skip flakey test cases
PR:		233586, 233587, 233588
Approved by:	markj (mentor)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18362
2018-12-06 09:22:35 +00:00
Kristof Provost
369d9a2c15 pf tests: Add a defer mode test for pfsync
Repeat the pfsync test, this time with the 'defer' option enabled. This
exercises slightly different code paths.
2018-12-05 19:53:09 +00:00
Alan Somers
cf551b8a98 Unbreak geli/gmirror testcases if their geom classes cannot be loaded
The problem with the logic prior to this commit was twofold:

1. The wrong set of idioms (TAP-compatible) were being applied to the ATF
   testcases when run, resulting in confusing ATF failure results on setup.
2. The cleanup subroutines were broken when the geom classes could not be
   loaded as they exited with 0 unexpectedly.

This commit changes the test code to source the class-specific configuration
(conf.sh) once globally, instead of sourcing it per testcase and per cleanup
subroutine, and to call the ATF-specific setup subroutine(s) inline in
the testcases.

The refactoring done is effectively a no-op for the TAP testcases, modulo
any refactoring done to create common code between the ATF and TAP
testcases.

This unbreaks the geli testcases converted to ATF in r327662 and r327683,
and the gmirror testcases added in r327780, respectively, when the geom
class could not be loaded.

tests/sys/geom/class/mirror/...
    While here, ignore errors when turning debug failpoint sysctl off, which
    could occur if the gmirror class was not loaded.

Submitted by:	ngie
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd/pull/241
2018-12-02 05:06:37 +00:00
Alan Somers
b27a4408c2 Remove some dead code from the geli tests
This is detritus in the Makefile, leftover from 327662.

MFC after:	2 weeks
2018-12-02 00:41:43 +00:00
Kristof Provost
df5ceb3b66 pf tests: Test name handling
Provoke a situation where two interfaces have the same name, and verify
pf's reaction to this.
2018-12-01 09:59:32 +00:00
Kristof Provost
db785060cb pf tests: Make pass_block:noalias more robust
Send several ICMPv6 echo requests. We've seen occasional failures with a
single request.
2018-12-01 09:57:29 +00:00
Eric van Gyzen
de7417c40c Maybe make gcc happy
According to Jenkins, the GCC architectures were unhappy because:

    sigaltstack.c:82: warning: missing initializer
    sigaltstack.c:82: warning: (near initialization for 'oss.ss_size')

MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2018-11-30 23:47:57 +00:00
Eric van Gyzen
984969cd96 Fix reporting of SS_ONSTACK
Fix reporting of SS_ONSTACK in nested signal delivery when sigaltstack()
is used on some architectures.

Add a unit test for this.  I tested the test by introducing the bug
on amd64.  I did not test it on other architectures.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D18347
2018-11-30 22:44:33 +00:00
David Bright
d340488122 Make whitespace more consistent in libkqueue tests.
After r337820, which "corrected" some spaces-instead-of-tab whitespace
issues in the libkqueue tests, jmg@ pointed out that these files were
originally space-based, not tab-spaced, and so the correction should
have been to get rid of the tabs that had been introduced in previous
changes, not the spaces. This change does that. This is a whitespace
only change; no functional change is intended.

Reported by:	jmg@
MFC after:	3 days
Sponsored by:	Dell EMC Isilon
2018-11-27 15:12:34 +00:00
Mark Johnston
9ed1e4ecd4 Plug a trivial memory leak.
CID:		1396911
MFC with:	r340485
2018-11-20 18:13:18 +00:00
Mark Johnston
5211f8dccb Add regression tests for r340313 and r340483.
Reviewed by:	emaste
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17926
2018-11-16 19:04:12 +00:00
Mark Johnston
634bb9e435 Rename the SO_REUSEPORT_LB test file to be consistent with other tests.
MFC after:	1 week
2018-11-16 18:59:58 +00:00
Li-Wen Hsu
b0e9618e68 Fix test: sys.netpfil.pf.pass_block.noalias
Replace hard-coded epair0b with the variable holds the real epair interface
used for testing.

Reviewed by:	kp
Approved by:	emaste, markj (mentors)
MFC with:	r339836
Sponsored by:	The FreeBSD Foundation
2018-11-09 15:24:24 +00:00
Kristof Provost
55177f18a1 pf tests: Test PR 183198
Create a table which is only used inside an anchor, ensure that the
table exists.

PR:		183198
MFC after:	2 weeks
2018-11-08 21:56:06 +00:00
Kristof Provost
6ab3ac5afa pf tests: Basic pfsync test
Set up two jails, configure pfsync between them and create state in one
of them, verify that this state is copied to the other jail.

MFC after:	2 weeks
Sponsored by:	Orange Business Services
Differential Revision:	https://reviews.freebsd.org/D17504
2018-11-02 16:59:55 +00:00
Kristof Provost
71f8908a1a pf tests: Test ':0' ignoring link-local addresses
PR:		201695
2018-10-28 05:37:15 +00:00
Mark Johnston
36847545b5 Add a very basic regression test for setfacl -R with NFSv4 ACLs.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-26 21:20:04 +00:00
Mark Johnston
6951c4eebc Update and re-enable ACL tests following r332396 and r339781.
PR:		229930
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-26 19:03:30 +00:00
Mark Johnston
ddab8c351a Reparent a child of pdfork(2) to its reaper when the procdesc is closed.
Unconditionally reparenting to PID 1 breaks the procctl(2) reaper
functionality.

Add a regression test for this case.

Reviewed by:	kib
Approved by:	re (gjb)
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17589
2018-10-16 20:06:56 +00:00
Mark Johnston
3f8b4bf28d Add a couple of basic regression tests for SO_REUSEPORT_LB.
Reviewed by:	asomers
Approved by:	re (kib)
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D17110
2018-09-11 21:14:07 +00:00
Alan Somers
e894e376b0 Fix sys/netipsec/tunnel tests after r337736
Originally, these tests accidentally used broadcast addresses when they
should've used unicast addresses.  That the tests passed prior to r337736
was accidental.

Submitted by:	ae
Reviewed by:	olivier
MFC after:	2 weeks
2018-08-17 18:37:22 +00:00
Kristof Provost
2848a0e2da pf tests: Verify that pf limits the number of fragments per packet
Test the limitation on number of frames per packet introduced in pf in r337969.

Sponsored by:	Klara Systems
2018-08-17 15:02:58 +00:00
Conrad Meyer
1e7bbbc54c Add test cases for Poly1305 from RFC 7539 2018-08-17 00:32:00 +00:00
Alan Somers
3c5ba95ad1 Fix sys/opencrypto/blake2_test when kern.cryptodevallowsoft=0
Two of these testcases require software crypto to be enabled. Curiously, it
isn't by default.

PR:		230671
Reported by:	Jenkins
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16755
2018-08-16 23:49:56 +00:00
Alan Somers
88fa3a7649 Revert r337929
FreeBSD's mkstemp sets the temporary file's permissions to 600, and has ever
since mkstemp was added in 1987.  Coverity's warning is still relevant for
portable programs since OpenGroup does not require that behavior, and POSIX
didn't until 2008.  But none of these programs are portable.
2018-08-16 22:04:00 +00:00
Alan Somers
76f2606181 Fix Coverity warnings about mkstemp in tests
umask(2) should always be used prior to mkstemp(3) so the temporary file
won't be created with insecure permissions.

Reported by:	Coverity
CID:		1331605 1347173 1375366 1339800 1331604 1296056 1296060
CID:		1296057 1296062
MFC after:	2 weeks
2018-08-16 21:36:19 +00:00
Alan Somers
670e1da043 Fix the sys/opencrypto/runtests test when aesni(4) is already loaded
Apparently kldstat requires the full module name, including busname

Reported by:	Jenkins
MFC after:	2 weeks
2018-08-16 15:44:48 +00:00
David Bright
4e258e2d9f Fix a couple whitespace errors in r337814.
Reported by:	Renato Botelho <garga.bsd@gmail.com>
MFC after:	3 days
X-MFC-with:	r337814
Sponsored by:	Dell EMC
2018-08-14 20:26:54 +00:00