42 Commits

Author SHA1 Message Date
bdrewery
a598c4b809 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
ngie
42a5537248 Check the exit code from fsck_ffs instead of relying on MODIFIED being in the output
^/head@r323923 changed when MODIFIED is printed at exit. It's better to follow the
documented way of determining whether or not a filesystem is clean per fsck_ffs, i.e.,
ensure that the exit code is either 0 or 7.

The pass/fail determination is brittle prior to this commit, and ^/head@r323923 made
the issue apparent -- thus this needs to be fixed independent of ^/head@r323923.

PR:		222780
MFC after:	1 week
MFC with:	r323923
Reported by:	Jenkins
2017-10-10 05:58:33 +00:00
ngie
18951eee49 Add supporting changes for Add limited sandbox capability to "make check"
Non-tests/... changes:
- Add HAS_TESTS= to Makefiles with libraries and programs to enable iteration
  and propagate the appropriate environment down to *.test.mk.

tests/... changes:
- Add appropriate support Makefile.inc's to set HAS_TESTS in a minimal manner,
  since tests/... is a special subdirectory tree compared to the others.

MFC after:	2 months
MFC with:	r322511
Reviewed by:	arch (silence), testing (silence)
Differential Revision:	D12014
2017-08-14 19:21:37 +00:00
ngie
9e96179b9c Make test scripts under tests/... non-executable
Executable bits should be set at install time instead of in the repo.
Setting executable bits on files triggers false positives with Phabricator.

MFC after:	2 months
2017-08-08 04:59:16 +00:00
ngie
e01efdbd81 Use MK_CHECK_USE_SANDBOX in tests/..., to deal with the fact that
tests/... is a special snowflake directory and using HAS_TESTS would
result in a nasty layering violation between bsd.tests.mk and
bsd.prog.mk.

Add reachover Makefile.inc's which get the default value from
Makefile.inc0 (inspired by gnu/usr.bin/binutils/Makefile.inc0).
2017-08-02 22:24:08 +00:00
ngie
8989e76d12 Remove superfluous exit 0 added in r321702
atf_skip triggers equivalent functionality, which means the `exit 0`
is unreachable code.

PR:		220164
MFC after:	1 month
MFC with:	r321702
2017-07-29 22:03:21 +00:00
ngie
e2012dbcee Load geom_gate(4) if necessary before running tests; skip if it can't be loaded
The test code prior to r311893 loaded geom_gate at test start if necessary and
skipped the tests if it couldn't be loaded.

The ATF-ifcation of this test done in r311893 unfortunately dropped this
functionality.

This change restores the geom_gate module load and skips the test(s) if unavailable
in an ATF-like way.

MFC after:	1 month
PR:		220164
Reported by:	gjb
2017-07-29 22:01:17 +00:00
markj
ee14be16ad Add regression tests for r317712 and r306743.
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-02 23:31:39 +00:00
glebius
f5795dcff8 Fix buildworld broken in r315230 when /sys doesn't point into a right
source tree.  Usage of SYSDIR is apparently wrong here.

Discussed with:	allanjude
2017-03-15 05:31:02 +00:00
ngie
6d8054dce0 Move .../sys/geom/eli/pbkdf2... to .../sys/geom/class/eli/...
This change moves the tests added in r313962 to an existing directory
structure used by the geli TAP tests. It also, renames the test from
pbkdf2 to pbkdf2_test .

The changes to ObsoleteFiles.inc are being committed separately as they
aren't needed for the MFC to ^/stable/11, etc, if the MFC for the tests
is done all in one commit.

MFC after:	2 weeks
X-MFC with:	r313962, r313972-r313973
Reviewed by:	allanjude
Sponsored by:	Dell EMC Isilon
Differential Revision:	D9985
2017-03-14 07:00:22 +00:00
ngie
fdb26eba34 A forced commit to note other portion of the Makefile change accidentally
committed in r313972

The code committed in r313962 implicitly relies on python 2.x to generate
testvect.h . There are a handful of issues with this approach:

- python is not an explicit build dependency for FreeBSD
- python 2.x is deprecated and will be removed sometime in the future
  (potentially before 11.x's EOL), and the script does not function with
  python 3.5 (it uses deprecated idioms and incompatible function calls).
- python(1) (by default) lives in /usr/local/bin (${LOCALBASE}/bin) and
  gentestvect.py is a dependency of testvect.h (prior to r313972) which
  means that if the mtime of the generator script was newer than the
  mtime of the test vector, it could cause a spurious build failure in
  build time or at install time.

A better solution using C/C++ should be devised.

Discussed with:	allanjude
MFC after:	2 weeks
X-MFC with:	r313962, r313972
Sponsored by:	Dell EMC Isilon
2017-02-19 22:00:11 +00:00
ngie
5e41217761 Unbreak the build when "make obj" is executed beforehand
Using relative paths imply working directory (in this case .OBJDIR), whereas the
sources live in the .CURDIR-relative path.

MFC after:	2 weeks
X-MFC with:	r313962
Pointyhat to:	allanjude
Sponsored by:	Dell EMC Isilon
2017-02-19 21:19:44 +00:00
allanjude
8557f8f2df improve PBKDF2 performance
The PBKDF2 in sys/geom/eli/pkcs5v2.c is around half the speed it could be

GELI's PBKDF2 uses a simple benchmark to determine a number of iterations
that will takes approximately 2 seconds. The security provided is actually
half what is expected, because an attacker could use the optimized
algorithm to brute force the key in half the expected time.

With this change, all newly generated GELI keys will be approximately 2x
as strong. Previously generated keys will talk half as long to calculate,
resulting in faster mounting of encrypted volumes. Users may choose to
rekey, to generate a new key with the larger default number of iterations
using the geli(8) setkey command.

Security of existing data is not compromised, as ~1 second per brute force
attempt is still a very high threshold.

PR:		202365
Original Research:	https://jbp.io/2015/08/11/pbkdf2-performance-matters/
Submitted by:	Joe Pixton <jpixton@gmail.com> (Original Version), jmg (Later Version)
Reviewed by:	ed, pjd, delphij
Approved by:	secteam, pjd (maintainer)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D8236
2017-02-19 19:30:31 +00:00
ngie
95fca9ca4d Replace for/retry loops with "wait_for_ggate_device" calls and check
results of commands

As noted in r313008, the underlying issue was that geom_gate device
creation wasn't created at ggatel command completion, but some short
time after. ggatec(8) employs similar logic when creating geom_gate(4)
devices.

Switch from retry loops (after the ggatec/dd write calls) to
wait_for_ggate_device function calls after calling ggatec(8) instead
to detect the presence of the /dev/ggate* device, as this function is
sufficient for determining whether or not the character device is ready
for testing

While here, use atf_check consistently with all dd calls to ensure that
data output is as expected.

MFC after:	1 week
Reviewed by:	asomers
Differential Revision:	D9409
Sponsored by:	Dell EMC Isilon
2017-02-02 03:54:43 +00:00
ngie
775bfca1a6 Wait for /dev/ggate* to appear after calling ggatel create in :ggatel_{file,md}
The test assumed that `ggatel create` created a device on completion, but that's
incorrect. This squashes the race by waiting for the device to appear, as
`ggatel create` daemonizes before issuing an ioctl to geom_gate(4) if not called
with `-v`.

Discussed with:	asomers
MFC after:	1 week
PR:		204616
Sponsored by:	Dell EMC Isilon
2017-01-31 06:12:51 +00:00
asomers
0306948513 ATFify the geom gate tests.
This ensures their cleanup routines will be run even if they should timeout.

tests/sys/geom/class/gate/ggate_test.sh
tests/sys/geom/class/gate/Makefile
	Add an ATF test with three testcases, one for each TAP test. Use
	ATF-style cleanup functions, and convert sleeps to polling loops.

ObsoleteFiles.inc
tests/sys/geom/class/gate/conf.sh
tests/sys/geom/class/gate/1_test.sh
tests/sys/geom/class/gate/2_test.sh
tests/sys/geom/class/gate/3_test.sh
	Delete TAP test files

Reviewed by:	ngie
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D8891
2017-01-10 20:35:09 +00:00
asomers
d2495843bd ATFify the gnop tests
Also, add test cases for the -p, -P, and -s options to gnop create

Reviewed by:	ngie
MFC after:	4 weeks
Differential Revision:	https://reviews.freebsd.org/D8892
2016-12-30 02:22:38 +00:00
asomers
5281b8cf72 Reduce the runtime of the GELI tests
There is no reduction in test coverage.  On my system runtime is reduced
from 38m32s to 6m24s.

tests/sys/geom/class/eli/conf.sh
tests/sys/geom/class/eli/init_a_test.sh
tests/sys/geom/class/eli/init_test.sh
tests/sys/geom/class/eli/integrity_copy_test.sh
tests/sys/geom/class/eli/integrity_data_test.sh
tests/sys/geom/class/eli/integrity_hmac_test.sh
tests/sys/geom/class/eli/onetime_a_test.sh
tests/sys/geom/class/eli/onetime_test.sh
	Move the looping code into common functions in conf.sh, and remove
	alias ciphers from the list.

tests/sys/geom/class/eli/init_a_test.sh
tests/sys/geom/class/eli/init_test.sh
tests/sys/geom/class/eli/integrity_copy_test.sh
tests/sys/geom/class/eli/integrity_data_test.sh
tests/sys/geom/class/eli/integrity_hmac_test.sh
tests/sys/geom/class/eli/onetime_a_test.sh
	Move a few commands that don't need to be in the inner loop out.

tests/sys/geom/class/eli/init_test.sh
tests/sys/geom/class/eli/onetime_a_test.sh
	Reduce the sector count

tests/sys/geom/class/eli/Makefile
tests/sys/geom/class/eli/init_alias_test.sh
	Add a test for initializing a GELI device using one of the cipher
	aliases, and check that the alias is correctly interpreted.

MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D8814
2016-12-29 20:28:50 +00:00
br
974b9cc530 Change fs image name so it will not be regenerated (we
have both big and little-endian images in tree).
Also we don't known the endianness of the platform the
image was generated on.

Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-10-25 18:43:36 +00:00
br
5579c4169c Add big-endian uzip file system and choose right file system
to proceed tests with.

Reviewed by:	jmmv, ngie
Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
Differential Revision:	https://reviews.freebsd.org/D8073
2016-10-19 10:01:04 +00:00
br
fbed217db3 Increase timeouts for geli tests. It takes 2-3x more time to proceed the
tests on MIPS64EB in QEMU.

Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-09-28 08:11:00 +00:00
br
c43a3e1e3e Use bsdlabel as we don't have hardlink disklabel -> bsdlabel
on some platforms.

Reviewed by:	ngie
Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
Differential Revision:	https://reviews.freebsd.org/D7968
2016-09-22 12:53:11 +00:00
ngie
92100036c8 Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed
after r298107

Summary of changes:

- Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that
  namespacing is kept with FILES appropriately, and that this shouldn't need
  to be repeated if the namespace changes -- only the definition of PACKAGE
  needs to be changed
- Allow PACKAGE to be overridden by callers instead of forcing it to always be
  `tests`. In the event we get to the point where things can be split up
  enough in the base system, it would make more sense to group the tests
  with the blocks they're a part of, e.g. byacc with byacc-tests, etc
- Remove PACKAGE definitions where possible, i.e. where FILES wasn't used
  previously.
- Remove unnecessary TESTSPACKAGE definitions; this has been elided into
  bsd.tests.mk
- Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES;
  ${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk.
- Fix installation of files under data/ subdirectories in lib/libc/tests/hash
  and lib/libc/tests/net/getaddrinfo
- Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup)

Document the proposed changes in share/examples/tests/tests/... via examples
so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of
replacing FILES. share/mk/bsd.README didn't seem like the appropriate method
of communicating that info.

MFC after: never probably
X-MFC with: r298107
PR: 209114
Relnotes: yes
Tested with: buildworld, installworld, checkworld; buildworld, packageworld
Sponsored by: EMC / Isilon Storage Division
2016-05-04 23:20:53 +00:00
gjb
1dc4c40e3b MFH
Sponsored by:	The FreeBSD Foundation
2016-04-04 23:55:32 +00:00
ngie
aff96eae84 Use a SKIP testplan instead of bailing out if/when the tester isn't
root, or the geom class can't be loaded cleanly [*]

This makes sure that scenarios that are easy to hit aren't counted
as false positives with kyua test

MFC after: 1 week
PR: 208101
Sponsored by: EMC / Isilon Storage Division
2016-03-22 08:12:45 +00:00
gjb
1c7e318a9a MFH
Sponsored by:	The FreeBSD Foundation
2016-03-10 21:16:01 +00:00
bdrewery
aab40fdc3d DIRDEPS_BUILD: Connect MK_TESTS.
Sponsored by:	EMC / Isilon Storage Division
2016-03-09 22:46:01 +00:00
gjb
64f34d0d71 MFH
Sponsored by:	The FreeBSD Foundation
2016-02-15 21:58:52 +00:00
ngie
7342fc0c5b Similar to r295116, add an additional 1 second sleep after calling ggatel
before calling dd to defeat a race when writing out to the geom_gate(4)
device

MFC after: 1 month
Reported by: Jenkins
Sponsored by: EMC / Isilon Storage Division
2016-02-10 17:57:24 +00:00
gjb
fae384c503 Final pass through to fix 'tests' packaging.
Sponsored by:	The FreeBSD Foundation
2016-02-03 20:55:08 +00:00
gjb
ae6f203603 More 'tests' packaging fixes.
Sponsored by:	The FreeBSD Foundation
2016-02-03 19:08:45 +00:00
gjb
811267757a More 'tests' package fixes.
Sponsored by:	The FreeBSD Foundation
2016-02-03 00:34:23 +00:00
ngie
6bfd443027 Use the pidfile support added to ggated(8) in r294973 to ensure that the
ggated(8) daemon used by the tests is the instance specifically invoked by
the tests instead of one or more daemon instances running on the system

MFC after: 1 month
Sponsored by: EMC / Isilon Storage Division
2016-02-01 06:27:59 +00:00
ngie
45e2a376b1 Add an additional 1 second sleep to after calling ggatec before calling
dd to defeat a race when writing out to the geom_gate(4) device

This will quell the Jenkins failure emails until I come up with a better
solution

MFC after: 1 month
Reported by: Jenkins
Sponsored by: EMC / Isilon Storage Division
2016-02-01 06:25:16 +00:00
ngie
17e785577a PID file support hasn't been committed for ggated(8) yet. Unbreak running
the testcase more than once by restoring the "killall ggated"

MFC after: 15 days
Sponsored by: EMC / Isilon Storage Division
2016-01-14 07:39:05 +00:00
ngie
88a8680a45 Remove unnecessary kldload logic added to geom_subr.sh in r293028
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-01-14 07:27:14 +00:00
ngie
68e22a452a Integrate
tools/regression/geom_{concat,eli,gate,mirror,nop,raid3,shsec,stripe,uzip}
in to the FreeBSD test suite as
tests/sys/geom/class/{concat,eli,gate,mirror,nop,raid3,shsec,stripe,uzip}

The tools/regression/geom and tools/regression/geom_part testcases are being
left alone because both test sets are both currently broken.

The majority of this work was done on ^/user/ngie/more-tests2 . The differences
are as follows:
- tests/sys/geom/class/Makefile.inc is not present; it was
  inlined into the class's Makefiles for explicitness.
- The testcases officially require root via kyua
- The geom_gate(4) tests don't use the pidfile changes proposed in
  https://reviews.freebsd.org/D4836 .

MFC after: 1 month
Sponsored by: EMC / Isilon Storage Division
2016-01-13 09:14:27 +00:00
ngie
3be4153633 Use a more unique name for the graid device 2016-01-01 02:52:29 +00:00
ngie
7d60ca1b88 Use geom <class> load instead of g<class> load (g<class> doesn't
exist for geom_uzip(4)..)
2016-01-01 01:04:53 +00:00
ngie
ad4c61ab7d Only try to unmount/remove mountpt if it's defined 2016-01-01 00:16:54 +00:00
ngie
a859d88d20 Add missing Makefile 2016-01-01 00:13:04 +00:00
ngie
a50007a155 Move sbin/geom/class/tests to tests/sys/geom/class and remove sbin/geom/tests
This is inspired by parallel efforts being done on projects/zfsd (and makes
more sense because these are functional tests of the subsystems, not the
geom(8) commands
2016-01-01 00:12:10 +00:00