Commit Graph

1112 Commits

Author SHA1 Message Date
Kristof Provost
048c96e3e6 bridge tests: Re-enable STP test
This test should no longer provoke large amounts of traffic, which can
overwhelm single-core systems, preventing them from making progress in the
tests.

The test can now be re-enabled.

PR:		246448
2020-06-07 13:53:02 +00:00
Kristof Provost
e07e002e95 bridge tests: Avoid building a switching loop
Enable STP before bringing the bridges up. This avoids a switching loop,
which has a tendency to drown out progress in userspace processes,
especially on single-core systems.

Only check that we have indeed shut down one of the looped interfaces

PR:		246448
Reviewed by:	melifaro
Differential Revision:	https://reviews.freebsd.org/D25084
2020-06-01 19:26:16 +00:00
Li-Wen Hsu
4d3aef0780 Revert r361497, these cases are fixed by r361617.
PR:		246737
Sponsored by:	The FreeBSD Foundation
2020-05-29 10:09:47 +00:00
Shteryana Shopova
a7a64b722b Proper check if divert(4) module is present by the relevant tests
Fix the netinet/netinet6 divert tests falsely reporting 'ipdivert module is
not loaded' when the divert module is built into the kernel

Sponsored by:	Axiado
Differential Revision:	https://reviews.freebsd.org/D25026
2020-05-27 16:33:00 +00:00
Li-Wen Hsu
c4e61d8568 Disable failing test cases in CI:
sys.netipsec.tunnel.aes_cbc_128_hmac_sha1.v4
sys.netipsec.tunnel.aes_cbc_256_hmac_sha2_256.v4
sys.netipsec.tunnel.aesni_aes_cbc_128_hmac_sha1.v4
sys.netipsec.tunnel.aesni_aes_cbc_256_hmac_sha2_256.v4

PR:		246737
Sponsored by:	The FreeBSD Foundation
2020-05-26 06:55:03 +00:00
Alan Somers
bfcb817bcd Fix issues with FUSE_ACCESS when default_permissions is disabled
This patch fixes two issues relating to FUSE_ACCESS when the
default_permissions mount option is disabled:

* VOP_ACCESS() calls with VADMIN set should never be sent to a fuse server
  in the form of FUSE_ACCESS operations. The FUSE protocol has no equivalent
  of VADMIN, so we must evaluate such things kernel-side, regardless of the
  default_permissions setting.

* The FUSE protocol only requires FUSE_ACCESS to be sent for two purposes:
  for the access(2) syscall and to check directory permissions for
  searchability during lookup. FreeBSD sends it much more frequently, due to
  differences between our VFS and Linux's, for which FUSE was designed. But
  this patch does eliminate several cases not required by the FUSE protocol:

  * for any FUSE_*XATTR operation
  * when creating a new file
  * when deleting a file
  * when setting timestamps, such as by utimensat(2).

* Additionally, when default_permissions is disabled, this patch removes one
  FUSE_GETATTR operation when deleting a file.

PR:		245689
Reported by:	MooseFS FreeBSD Team <freebsd@moosefs.pro>
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24777
2020-05-22 18:11:17 +00:00
Mark Johnston
9bf12bb91d Avoid hard-coding pipe buffer sizes in the pipe and fifo kqueue tests.
Fix some style issues in the modified tests while here.

Reported by:	Jenkins via lwhsu
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2020-05-20 17:48:18 +00:00
Edward Tomasz Napierala
f464bd04ce Make sys.net.if_bridge_test depend on python; sys.net.if_bridge_test.span
requires it.

MFC after:	2 weeks
Sponsored by:	DARPA
2020-05-19 21:55:29 +00:00
Edward Tomasz Napierala
b43bd1070c Make sys.netinet.output and sys.netinet6.output6 tests depend on python;
they need to be able to run net_receiver.py.

MFC after:	2 weeks
Sponsored by:	DARPA
2020-05-19 21:48:45 +00:00
Li-Wen Hsu
6c9dbd8b13 Revert r361237, it's fixed by r361231
PR:		246560
Sponsored by:	The FreeBSD Foundation
2020-05-19 07:16:09 +00:00
Li-Wen Hsu
3f5fe78b9a Temporarily disable test case causes kernel panic in CI:
- sys.netinet.so_reuseport_lb_test.basic_ipv6

PR:		246560
Sponsored by:	The FreeBSD Foundation
2020-05-19 02:07:08 +00:00
Li-Wen Hsu
f9777376b9 Revert 357780, dtrace -c has been fixed in head`
PR:		244053
Sponsored by:	The FreeBSD Foundation
2020-05-18 23:43:48 +00:00
Alan Somers
275379902e fusefs: fix intermittency in some ENOENT tests
When a FUSE operation other than LOOKUP returns ENOENT, the kernel will
reclaim that vnode, resuling in a FUSE_FORGET being sent a short while
later.  Many of the ENOENT tests weren't expecting those FUSE_FORGET
operations.  They usually passed by luck since FUSE_FORGET is often delayed.
This commit adds appropriate expectations.

MFC after:	2 weeks
2020-05-18 18:36:32 +00:00
Alan Somers
8bebfe076d Reenable sys.geom.class.gate.ggate_test.ggated in CI
Should be fixed by r360613

PR:		244737
Reported by:	lwhsu
2020-05-17 02:41:50 +00:00
Kyle Evans
1d2e31af14 pf tests: fix up a couple WARNS= 6 nits
common_init_tbl is only used within this single CU, so it should be marked
static.

WARNS=6 also complained about the var defined by
`ATF_TC_WITH_CLEANUP(getastats);` being unused, which turns out to be
because it's not been hooked up in ATF_TP_ADD_TCS. kp@ did not immediately
recall any reason for this, and the case passes on my local system, so hook
it up.

Note that I've not yet set WARNS= 6 here. Investigation is underway to see
if we can feasibly default WARNS to 6 for src builds to catch directories
too deep to inherit a WARNS from the top-level subdirectories' Makefile.inc.
Those particular WARNS settings will be subsequently removed as they become
redundant with a more-global default.

MFC after:	1 week
2020-05-14 23:20:58 +00:00
Li-Wen Hsu
b18e0a534f Only skip sys.net.if_clone_test.epair_stress in CI env
PR:		246443
Sponsored by:	The FreeBSD Foundation
2020-05-13 20:37:46 +00:00
Li-Wen Hsu
bf3dd13d41 Temporarily skip sys.net.if_bridge_test.stp in CI as it always times out
PR:		244229
Sponsored by:	The FreeBSD Foundation
2020-05-13 20:36:38 +00:00
Li-Wen Hsu
40988c2456 Temporarily skip sys.net.if_clone_test.epair_stress
This case timed out so often

PR:		246443
Sponsored by:	The FreeBSD Foundation
2020-05-13 19:29:14 +00:00
Mark Johnston
17dd52dfab Add a basic table entry counter regression test.
Reviewed by:	kp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24809
2020-05-11 19:08:03 +00:00
Mark Johnston
96bc58ea81 Remove the svn:executable property from some pf test files.
The test makefiles will handle setting mode bits during install.  Also,
Phabricator gets upset when uploading an executable plain-text file
without a shebang.

MFC after:	1 week
2020-05-11 19:07:33 +00:00
Alan Somers
a22a780752 fusefs: fix two small bugs in the tests' expectations
These two errors have been present since the tests' introduction.
Coincidentally every test (I think there's only one) that cares about that
field also works when the field's value is 0.

MFC after:	2 weeks
2020-05-08 23:00:02 +00:00
Alan Somers
deed14f451 Fix the sys.geom.class.multipath.misc.fail_on_error test on stable/12
This test uses a gnop feature (delay probability) that isn't available on
stable/12.  But it's unnecessary; the test works fine without it.  Removing
it simplifies the test and, once MFCed, will allow it to pass on stable/12.

PR:		244158
Reported by:	lwhsu
MFC after:	2 weeks
2020-05-08 02:42:15 +00:00
Alexander V. Chernikov
768c98a737 Add basic routing LPM tests.
Differential Revision:	https://reviews.freebsd.org/D24684
2020-05-06 07:48:37 +00:00
Li-Wen Hsu
bbea96df46 Revert r360204, sys.netipsec.tunnel.empty.v{4,6} are fixed by r360560
PR:		245832
Sponsored by:	The FreeBSD Foundation
2020-05-04 11:23:55 +00:00
Alan Somers
4abfd5bd93 Fix intermittent cleanup failures in the ggated test
MFC after:	2 weeks
2020-05-03 18:10:54 +00:00
Alan Somers
b43a935cae Resolve conflict between the fusefs(5) and mac_bsdextended(4) tests
mac_bsdextended(4), when enabled, causes ordinary operations to send many
more VOP_GETATTRs to file system. The fusefs tests expectations aren't
written with those in mind. Optionally expecting them would greatly
obfuscate the fusefs tests. Worse, certain fusefs functionality (like
attribute caching) would be impossible to test if the tests couldn't expect
an exact number of GETATTR operations.

This commit resolves that conflict by making two changes:

1. The fusefs tests will now check for mac_bsdextended, and skip if it's
   enabled.
2. The mac_bsdextended tests will now check whether the module is enabled, not
   merely loaded. If it's loaded but disabled, the tests will automatically
   enable it for the duration of the tests.

With these changes, a CI system can achieve best coverage by loading both
fusefs and mac_bsdextended at boot, and setting
security.mac.bsdextended.enabled=0

PR:		244229
Reported by:	lwhsu
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24577
2020-05-02 20:14:59 +00:00
John Baldwin
6c80c319ef Remove support for the algorithms deprecated in r348876.
This removes support for the following algorithms:
- ARC4
- Blowfish
- CAST128
- DES
- 3DES
- MD5-HMAC
- Skipjack

Since /dev/crypto no longer supports 3DES, stop testing the 3DES KAT
vectors in cryptotest.py.

Reviewed by:	cem (previous version)
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24346
2020-05-02 14:20:32 +00:00
Ed Maste
de1ca57386 geli tests require OpenSSL - exclude them under WITHOUT_OPENSSL
PR:		245931
Submitted by:	The FreeBSD Foundation
2020-04-30 21:09:01 +00:00
Mark Johnston
344d411c67 Add some regression tests for read and write kevents on pipes.
Submitted by:	Jan Kokemüller <jan.kokemueller@gmail.com>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24528
2020-04-27 15:59:34 +00:00
Kristof Provost
5377560783 bridge tests: Test for #216510
We used to have an issue with recursive locking with
net.link.bridge.inherit_mac. This causes us to send an ARP request while
we hold the BRIDGE_LOCK, which used to cause us to acquire the
BRIDGE_LOCK again. We can't re-acquire it, so this caused a panic.

Now that we no longer need to acquire the BRIDGE_LOCK for
bridge_transmit() this should no longer panic. Test this.

PR:	216510
Reviewed by:	emaste, philip
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24251
2020-04-26 16:27:03 +00:00
Alan Somers
db20acc029 mac_bsdextended: ATFify the tests
The new tests have more complete setup and cleanup, are more granular, and
correctly annotate expected failures and skipped tests. A follow-up commit
will resolve a conflict with the fusefs tests (bug 244229).

MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24257
2020-04-26 15:51:46 +00:00
Li-Wen Hsu
87e9ade239 Temporarily skip sys.netipsec.tunnel.empty.v{4,6} in CI
PR:		245832
Sponsored by:	The FreeBSD Foundation
2020-04-22 20:50:24 +00:00
John Baldwin
871eec00e2 Update blake2 accelerated software tests to work after OCF refactoring.
- Lookup device drivers to test by name instead of assuming that the
  software / hardware flags will select specific drivers.
- Set the sysctl to permit software /dev/crypto requests when testing
  the accelerated software blake2 driver.

PR:		245825
Reported by:	lwhsu
Reviewed by:	cem, lwhsu
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24540
2020-04-22 20:43:18 +00:00
Li-Wen Hsu
841d3cc068 Temporarily skip sys.opencrypto.blake2_test.blake2{b,s}_vectors_x86 in CI
PR:		245825
Sponsored by:	The FreeBSD Foundation
2020-04-22 14:45:00 +00:00
Li-Wen Hsu
79959b8475 Enable timer tests in sys.kqueue.libkqueue.kqueue_test.main on i386
They were fixed in r360140

PR:		245768
Sponsored by:	The FreeBSD Foundation
2020-04-22 09:53:41 +00:00
Alex Richardson
f527d7de58 Remove extern from function declarations in common.h
Suggested by: cem
2020-04-21 15:55:08 +00:00
Li-Wen Hsu
129ba2d368 Temporarily skip timer tests in sys.kqueue.libkqueue.kqueue_test.main on i386
PR:		245768
Sponsored by:	The FreeBSD Foundation
2020-04-20 17:48:10 +00:00
Li-Wen Hsu
69b7dbeb38 Only skip sys.netinet.socket_afinet.socket_afinet_bind_zero in CI env
Sponsored by:	The FreeBSD Foundation
2020-04-20 14:24:13 +00:00
Li-Wen Hsu
a1841da4fa Temporarily disable sys.netinet.divert.* on i386
PR:		244703
Sponsored by:	The FreeBSD Foundation
2020-04-20 14:18:56 +00:00
Kyle Evans
0fbdc3726a tests: kqueue: fix some issues with now() on ILP32 platforms
There were ultimately two separate problems here:
- a 32-bit long cannot represent microseconds since 1970 (noted by ian)
- time_t is 32-bit on i386, so now() was wrong anyways even with the correct
  return type.

For the first, just explicitly use a uint64_t for now() and all of the
callers. For the second, we need to explicitly cast tv_sec to uint64_t
before it gets multiplied in the SEC_TO_US macro. Casting this instance
rather than generally in the macro was arbitrarily chosen simply because all
other uses are converting small relative time values.

The tests now pass on i386, at least; presumably other ILP32 will be fine
now as well.
2020-04-20 00:47:28 +00:00
Kristof Provost
2885ae0c3c bridge tests: Ensure that bridges in different jails get different MAC addresses
We used to have a problem where bridges created in different vnet jails
would end up having the same mac address. This is now fixed by
including the jail name as a seed for the mac address generation, but we
should verify that it doesn't regress.
2020-04-19 16:30:49 +00:00
Alex Richardson
c9c283bd30 Fix various warnings in tests/sys/kqueue and bump WARNS
Reviewed By:	kevans
Differential Revision: https://reviews.freebsd.org/D24296
2020-04-18 12:54:47 +00:00
Olivier Cochard
86686423d5 Skip routing regression tests depending on if_epair if this module isn't installed.
Approved by:	melifaro
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D24468
2020-04-17 16:31:07 +00:00
Kristof Provost
3f359bfd47 bridge tests: Test deleting a bridge with members
Reviewed by:	philip, emaste
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24337
2020-04-17 14:57:15 +00:00
Kyle Evans
c17dd0e88b tests: kqueue: use a more precise timer for the NOTE_ABSTIME test
Originally noticed while attempting to run the kqueue tests under
qemu-user-static, this apparently just happens sometimes when running in a
jail in general -- the timer will fire off "too early," but it's really just
the result of imprecise measurements (noted by cem).

Kicking this over to NOTE_USECONDS still tests the correct thing while
allowing it to work more consistently; a basic sanity test reveals that we
often end up coming in just less than 200 microseconds after the timer
fired off.

MFC after:	3 days
2020-04-17 02:22:15 +00:00
Jonathan T. Looney
631d525dc1 Add a regression test for the changes in r359922 and r359923.
Note that the Python code has been tested on both Python 2.7 and 3.7.

Reviewed by:	olivier
MFC after:	2 weeks
Sponsored by:	Netflix, Inc.
2020-04-16 20:07:34 +00:00
Kyle Evans
30b4df2e4a tests: audit: mark closefrom test an expected fail for now
closefrom has been converted to close_range internally; remediation is
underway for this, marking it as an expected fail for now while proper
course is determined.

PR:		245625
2020-04-14 23:36:03 +00:00
Kyle Evans
51a16c8412 posixshm: fix counting of writable mappings
Similar to mmap'ing vnodes, posixshm should count any mapping where maxprot
contains VM_PROT_WRITE (i.e. fd opened r/w with no write-seal applied) as
writable and thus blocking of any write-seal.

The memfd tests have been amended to reflect the fixes here, which notably
includes:

1. Fix for error return bug; EPERM is not a documented failure mode for mmap
2. Fix rejection of write-seal with active mappings that can be upgraded via
    mprotect(2).

Reported by:	markj
Discussed with:	markj, kib
2020-04-14 13:32:03 +00:00
Kyle Evans
605c4cda2f close_range/closefrom: fix regression from close_range introduction
close_range will clamp the range between [0, fdp->fd_lastfile], but failed
to take into account that fdp->fd_lastfile can become -1 if all fds are
closed. =-( In this scenario, just return because there's nothing further we
can do at the moment.

Add a test case for this, fork() and simply closefrom(0) twice in the child;
on the second invocation, fdp->fd_lastfile == -1 and will trigger a panic
before this change.

X-MFC-With:	r359836
2020-04-13 17:55:31 +00:00
Kyle Evans
472ced39ef Implement a close_range(2) syscall
close_range(min, max, flags) allows for a range of descriptors to be
closed. The Python folk have indicated that they would much prefer this
interface to closefrom(2), as the case may be that they/someone have special
fds dup'd to higher in the range and they can't necessarily closefrom(min)
because they don't want to hit the upper range, but relocating them to lower
isn't necessarily feasible.

sys_closefrom has been rewritten to use kern_close_range() using ~0U to
indicate closing to the end of the range. This was chosen rather than
requiring callers of kern_close_range() to hold FILEDESC_SLOCK across the
call to kern_close_range for simplicity.

The flags argument of close_range(2) is currently unused, so any flags set
is currently EINVAL. It was added to the interface in Linux so that future
flags could be added for, e.g., "halt on first error" and things of this
nature.

This patch is based on a syscall of the same design that is expected to be
merged into Linux.

Reviewed by:	kib, markj, vangyzen (all slightly earlier revisions)
Differential Revision:	https://reviews.freebsd.org/D21627
2020-04-12 21:23:19 +00:00
Kristof Provost
47308803e7 carp tests: Basic functionality test
Set up three vnet jails, bridged together. Run carp between two of them.
Attempt to provoke locking / epoch issues.

Reviewed by:	mav (previous version), melifaro, asomers
Differential Revision:	https://reviews.freebsd.org/D24303
2020-04-12 16:13:05 +00:00
Kyle Evans
ce6a89e27c kqueue tests: fix -fno-common build
vnode_fd and kqfd are both shared among multiple CU; define them exactly
once.

In the case of vnode_fd, it was simply the declaration that needed
correction.

-fno-common will become the default in GCC10/LLVM11.

MFC after:	3 days
2020-04-06 23:08:07 +00:00
Alexander V. Chernikov
272bd6985f Add routing tests verifying basic RTM_CHANGE functionality.
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24239
2020-04-02 20:02:33 +00:00
Alexander V. Chernikov
ddc7507637 Switch rtsock tests to per-test jails and epair interfaces.
Many rtsock tests verify the ordering of the kernel messages for the
 particular event. In order to avoid flaky tests due to the other tests
 running, switch all tests to use personal vnet-enabled jails.
This removes all clashes on the IP addresses and brings back the ability
 to run these tests simultaneously.

Reported by:	olivier
Reviewed by:	olivier
Differential Revision:	https://reviews.freebsd.org/D24182
2020-03-29 06:25:57 +00:00
John Baldwin
c034143269 Refactor driver and consumer interfaces for OCF (in-kernel crypto).
- The linked list of cryptoini structures used in session
  initialization is replaced with a new flat structure: struct
  crypto_session_params.  This session includes a new mode to define
  how the other fields should be interpreted.  Available modes
  include:

  - COMPRESS (for compression/decompression)
  - CIPHER (for simply encryption/decryption)
  - DIGEST (computing and verifying digests)
  - AEAD (combined auth and encryption such as AES-GCM and AES-CCM)
  - ETA (combined auth and encryption using encrypt-then-authenticate)

  Additional modes could be added in the future (e.g. if we wanted to
  support TLS MtE for AES-CBC in the kernel we could add a new mode
  for that.  TLS modes might also affect how AAD is interpreted, etc.)

  The flat structure also includes the key lengths and algorithms as
  before.  However, code doesn't have to walk the linked list and
  switch on the algorithm to determine which key is the auth key vs
  encryption key.  The 'csp_auth_*' fields are always used for auth
  keys and settings and 'csp_cipher_*' for cipher.  (Compression
  algorithms are stored in csp_cipher_alg.)

- Drivers no longer register a list of supported algorithms.  This
  doesn't quite work when you factor in modes (e.g. a driver might
  support both AES-CBC and SHA2-256-HMAC separately but not combined
  for ETA).  Instead, a new 'crypto_probesession' method has been
  added to the kobj interface for symmteric crypto drivers.  This
  method returns a negative value on success (similar to how
  device_probe works) and the crypto framework uses this value to pick
  the "best" driver.  There are three constants for hardware
  (e.g. ccr), accelerated software (e.g. aesni), and plain software
  (cryptosoft) that give preference in that order.  One effect of this
  is that if you request only hardware when creating a new session,
  you will no longer get a session using accelerated software.
  Another effect is that the default setting to disallow software
  crypto via /dev/crypto now disables accelerated software.

  Once a driver is chosen, 'crypto_newsession' is invoked as before.

- Crypto operations are now solely described by the flat 'cryptop'
  structure.  The linked list of descriptors has been removed.

  A separate enum has been added to describe the type of data buffer
  in use instead of using CRYPTO_F_* flags to make it easier to add
  more types in the future if needed (e.g. wired userspace buffers for
  zero-copy).  It will also make it easier to re-introduce separate
  input and output buffers (in-kernel TLS would benefit from this).

  Try to make the flags related to IV handling less insane:

  - CRYPTO_F_IV_SEPARATE means that the IV is stored in the 'crp_iv'
    member of the operation structure.  If this flag is not set, the
    IV is stored in the data buffer at the 'crp_iv_start' offset.

  - CRYPTO_F_IV_GENERATE means that a random IV should be generated
    and stored into the data buffer.  This cannot be used with
    CRYPTO_F_IV_SEPARATE.

  If a consumer wants to deal with explicit vs implicit IVs, etc. it
  can always generate the IV however it needs and store partial IVs in
  the buffer and the full IV/nonce in crp_iv and set
  CRYPTO_F_IV_SEPARATE.

  The layout of the buffer is now described via fields in cryptop.
  crp_aad_start and crp_aad_length define the boundaries of any AAD.
  Previously with GCM and CCM you defined an auth crd with this range,
  but for ETA your auth crd had to span both the AAD and plaintext
  (and they had to be adjacent).

  crp_payload_start and crp_payload_length define the boundaries of
  the plaintext/ciphertext.  Modes that only do a single operation
  (COMPRESS, CIPHER, DIGEST) should only use this region and leave the
  AAD region empty.

  If a digest is present (or should be generated), it's starting
  location is marked by crp_digest_start.

  Instead of using the CRD_F_ENCRYPT flag to determine the direction
  of the operation, cryptop now includes an 'op' field defining the
  operation to perform.  For digests I've added a new VERIFY digest
  mode which assumes a digest is present in the input and fails the
  request with EBADMSG if it doesn't match the internally-computed
  digest.  GCM and CCM already assumed this, and the new AEAD mode
  requires this for decryption.  The new ETA mode now also requires
  this for decryption, so IPsec and GELI no longer do their own
  authentication verification.  Simple DIGEST operations can also do
  this, though there are no in-tree consumers.

  To eventually support some refcounting to close races, the session
  cookie is now passed to crypto_getop() and clients should no longer
  set crp_sesssion directly.

- Assymteric crypto operation structures should be allocated via
  crypto_getkreq() and freed via crypto_freekreq().  This permits the
  crypto layer to track open asym requests and close races with a
  driver trying to unregister while asym requests are in flight.

- crypto_copyback, crypto_copydata, crypto_apply, and
  crypto_contiguous_subsegment now accept the 'crp' object as the
  first parameter instead of individual members.  This makes it easier
  to deal with different buffer types in the future as well as
  separate input and output buffers.  It's also simpler for driver
  writers to use.

- bus_dmamap_load_crp() loads a DMA mapping for a crypto buffer.
  This understands the various types of buffers so that drivers that
  use DMA do not have to be aware of different buffer types.

- Helper routines now exist to build an auth context for HMAC IPAD
  and OPAD.  This reduces some duplicated work among drivers.

- Key buffers are now treated as const throughout the framework and in
  device drivers.  However, session key buffers provided when a session
  is created are expected to remain alive for the duration of the
  session.

- GCM and CCM sessions now only specify a cipher algorithm and a cipher
  key.  The redundant auth information is not needed or used.

- For cryptosoft, split up the code a bit such that the 'process'
  callback now invokes a function pointer in the session.  This
  function pointer is set based on the mode (in effect) though it
  simplifies a few edge cases that would otherwise be in the switch in
  'process'.

  It does split up GCM vs CCM which I think is more readable even if there
  is some duplication.

- I changed /dev/crypto to support GMAC requests using CRYPTO_AES_NIST_GMAC
  as an auth algorithm and updated cryptocheck to work with it.

- Combined cipher and auth sessions via /dev/crypto now always use ETA
  mode.  The COP_F_CIPHER_FIRST flag is now a no-op that is ignored.
  This was actually documented as being true in crypto(4) before, but
  the code had not implemented this before I added the CIPHER_FIRST
  flag.

- I have not yet updated /dev/crypto to be aware of explicit modes for
  sessions.  I will probably do that at some point in the future as well
  as teach it about IV/nonce and tag lengths for AEAD so we can support
  all of the NIST KAT tests for GCM and CCM.

- I've split up the exising crypto.9 manpage into several pages
  of which many are written from scratch.

- I have converted all drivers and consumers in the tree and verified
  that they compile, but I have not tested all of them.  I have tested
  the following drivers:

  - cryptosoft
  - aesni (AES only)
  - blake2
  - ccr

  and the following consumers:

  - cryptodev
  - IPsec
  - ktls_ocf
  - GELI (lightly)

  I have not tested the following:

  - ccp
  - aesni with sha
  - hifn
  - kgssapi_krb5
  - ubsec
  - padlock
  - safe
  - armv8_crypto (aarch64)
  - glxsb (i386)
  - sec (ppc)
  - cesa (armv7)
  - cryptocteon (mips64)
  - nlmsec (mips64)

Discussed with:	cem
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D23677
2020-03-27 18:25:23 +00:00
Alfredo Dal'Ava Junior
9b2877353b so_reuseport_lb_test: correct setsockopt parameter size
Change type of variable used in setsocketopt so correct size of
option is passed.

Test failure was identified when running the test on PowerPC64,
and the following error message was seen:

	"bind () failed: Address already in use"

Submitted by:	Fernando Valle <fernando.valle@eldorado.org.br>
Reviewed by:	melifaro, adalava
Approved by:	jhibbits (mentor)
Sponsored by:	Eldorado Research Institute (eldorado.org.br)
Differential Revision:	https://reviews.freebsd.org/D24164
2020-03-25 20:20:08 +00:00
Alexander V. Chernikov
b4a4a3b82f Add tests verifying IPv4/IPv6 output for TCP/UDP/raw paths.
Reviewed by:	kp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24138
2020-03-23 12:21:32 +00:00
Kristof Provost
bb490fcf19 bridge tests: Basic span test
Reviewed by:	philip, emaste (previous version)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23961
2020-03-16 08:44:46 +00:00
Li-Wen Hsu
c0507192fa Skip sys.netpfil.pf.nat.exhaust on all platforms as it not only fails on amd64
PR:		244703
Sponsored by:	The FreeBSD Foundation
2020-03-13 16:44:48 +00:00
Li-Wen Hsu
f95988cc0e Temporarily skip sys.geom.class.gate.ggate_test.ggated in CI
PR:		244737
Sponsored by:	The FreeBSD Foundation
2020-03-11 10:42:05 +00:00
Alan Somers
b0ecfb42d1 fusefs: avoid cache corruption with buggy fuse servers
The FUSE protocol allows the client (kernel) to cache a file's size, if the
server (userspace daemon) allows it. A well-behaved daemon obviously should
not change a file's size while a client has it cached. But a buggy daemon
might. If the kernel ever detects that that has happened, then it should
invalidate the entire cache for that file. Previously, we would not only
cache stale data, but in the case of a file extension while we had the size
cached, we accidentally extended the cache with zeros.

PR:		244178
Reported by:	Ben RUBSON <ben.rubson@gmx.com>
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24012
2020-03-11 04:29:45 +00:00
Alexander V. Chernikov
d7cdd89777 Add basic IPv4/IPv6 forwarding tests.
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24002
2020-03-10 19:52:19 +00:00
Li-Wen Hsu
7d292b4814 Skip sys.netpfil.pf.nat.exhaust on amd64 in CI as it sometimes panics kernel
PR:		244703
Sponsored by:	The FreeBSD Foundation
2020-03-10 19:18:24 +00:00
Kristof Provost
d99bb677c1 bridge test: adding and removing static addresses
Reviewed by:	philip
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23960
2020-03-10 06:29:59 +00:00
Kristof Provost
6f0a65b080 bridge test: spanning tree
Basic test case where we create a bridge loop, verify that we really are
looping and then enable spanning tree to resolve the loop.

Reviewed by:	philip
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23959
2020-03-10 06:28:45 +00:00
Alan Somers
d970778e6f fusefs: fix fsync for files with multiple open handles
We were reusing a structure for multiple operations, but failing to
reinitialize one member.  The result is that a server that cares about FUSE
file handle IDs would see one correct FUSE_FSYNC operation, and one with the
FHID unset.

PR:		244431
Reported by:	Agata <chogata@gmail.com>
MFC after:	2 weeks
2020-03-09 01:57:21 +00:00
Alan Somers
cc6e71e16c [skip ci] fix typo in comment in the fusefs tests
MFC after:	2 weeks
2020-03-09 00:14:09 +00:00
Olivier Cochard
8ccf503240 Skip if_epair regression test if module doesn't exist
Approved by:	kp
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D23876
2020-03-03 17:35:15 +00:00
Alexander V. Chernikov
ea2773323c Fix dynamic redrects by adding forgotten RTF_HOST flag.
Improve tests to verify the generated route flags.

Reported by:	jtl
MFC after:	2 weeks
2020-03-03 15:33:43 +00:00
Li-Wen Hsu
06bd9afc5f Skip the right test case
PR:		244172
Sponsored by:	The FreeBSD Foundation
2020-02-26 15:15:55 +00:00
Li-Wen Hsu
547a1e03c3 Revert r358309 after r358311.
PR:		244393
Sponsored by:	The FreeBSD Foundation
2020-02-26 04:54:50 +00:00
Li-Wen Hsu
bebf52f1ec Temporarily skip failing test case sys.netpfil.pf.fragmentation.v6
PR:		244393
Sponsored by:	The FreeBSD Foundation
2020-02-25 11:56:54 +00:00
Kristof Provost
e3c73f3d74 bridge tests: Remove unneeded 'All rights reserved.'
The FreeBSD foundation no longer requires this, as per
https://lists.freebsd.org/pipermail/svn-src-all/2019-February/177215.html and
private communications.

Sponsored by:	The FreeBSD Foundation
2020-02-19 16:44:16 +00:00
Alan Somers
691c0a5f3d [skip ci] delete obsolete comment in fusefs tests
It should've been deleted by r349436

MFC after:	2 weeks
2020-02-19 01:51:01 +00:00
Li-Wen Hsu
db41308a28 Temporarily skip flakey test case sys.netinet.fibs_test.udp_dontroute6 in CI
PR:		244172
Sponsored by:	The FreeBSD Foundation
2020-02-16 17:55:32 +00:00
Li-Wen Hsu
314ef80dc4 Temporarily skip flakey test case sys.netinet6.frag6.frag6_07.frag6_07 in CI
PR:		244170
Sponsored by:	The FreeBSD Foundation
2020-02-16 17:36:16 +00:00
Li-Wen Hsu
f1cabcd328 Temporarily skip sys.net.if_lagg_test.lacp_linkstate_destroy_stress on i386 CI
It panics kernel

PR:		244168
Sponsored by:	The FreeBSD Foundation
2020-02-16 16:49:29 +00:00
Kristof Provost
095aabf7dc bridge: Basic test case
Very basic bridge test: Set up two jails and test that they can pass IPv4
traffic over the bridge.

Reviewed by:	melifaro, philip
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23697
2020-02-16 13:16:40 +00:00
Li-Wen Hsu
07a721ac73 Temporarily skip failing sys.net.if_lagg_test.witness on i386 CI
PR:		244163
Sponsored by:	The FreeBSD Foundation
2020-02-16 11:16:05 +00:00
Li-Wen Hsu
5b697c5be0 Remove trailing whitespace
Sponsored by:	The FreeBSD Foundation
2020-02-16 10:59:32 +00:00
Li-Wen Hsu
11dcf43de8 Remove trailing whitespace
Sponsored by:	The FreeBSD Foundation
2020-02-16 10:57:42 +00:00
Alexander V. Chernikov
2207447bf4 Add basic IPDIVERT tests.
Reviewed by:	lwhsu,kp
Differential Revision:	https://reviews.freebsd.org/D23316
2020-02-14 09:36:35 +00:00
Li-Wen Hsu
c27ac74f9c Properly fix GCC build in r357867
Submitted by:	kib
Sponsored by:	The FreeBSD Foundation
2020-02-14 09:25:29 +00:00
Li-Wen Hsu
338450436d Fix GCC build.
Sponsored by:	The FreeBSD Foundation
2020-02-13 19:05:19 +00:00
Kristof Provost
475b483aee tests: Enable net tests
We have a number of tests in the net subdirectory that were not executed. List
the net directory so we run those tests.
2020-02-13 14:09:09 +00:00
Alexander V. Chernikov
99a7fa9268 * Fix flaking lle tests by filtering out non-relevant rtsock messages.
* Consistently use RTM_DECLARE_ROOT_TEST() macro.
* Temporarily remove iftype validation from IPv6 lle notifications.

Reported by:	kp
2020-02-12 21:16:30 +00:00
Alan Somers
7ee7e40976 fusefs: fix some memory leaks in the tests.
Oddly, most of these were not detected by Coverity.

Reported by:	Coverity (one of them, anyway)
Coverity CID:	1404490
MFC after:	2 weeks
2020-02-12 18:11:07 +00:00
Ed Maste
9c68ef1455 Tag pjdfstest symlink with pkgbase package
As with the rest of pjdfstest, tag the symlink with package=tests.
The tests -> . symlink seems a little strange but that's independent
of pkgbase.

Sponsored by:	The FreeBSD Foundation
2020-02-12 17:37:32 +00:00
Li-Wen Hsu
519aaa1500 Temporarily skip flakey test case sys.kern.ptrace_test.ptrace__parent_exits_before_child
PR:		244056
Sponsored by:	The FreeBSD Foundation
2020-02-11 23:17:58 +00:00
Li-Wen Hsu
f192f64848 Temporarily skip failing test case sys.kern/ptrace_test/ptrace__parent_wait_after_attach
PR:		244055
Sponsored by:	The FreeBSD Foundation
2020-02-11 22:48:12 +00:00
Li-Wen Hsu
0c556b7f98 Temporarily skip sys.geom.class.multipath.failloop.failloop in CI
This case uses `dtrace -c` but it has some issues at the moment

PR:		244053
Sponsored by:	The FreeBSD Foundation
2020-02-11 22:21:22 +00:00
Li-Wen Hsu
ec5fd09524 Reduce nc timeout in sys.mac.portacl.*
It is not necessary to wait that long for localhost.

Sponsored by:	The FreeBSD Foundation
2020-02-11 20:41:51 +00:00
Kristof Provost
50214f86c5 tests: epair: Don't fail if we load if_epair
kldload() returns a positive integer when it loads a ko, so check that the
return value is -1 to detect error cases, not that it's different from zero.

MFC after:	3 days
X-MFC-With:	r357234
2020-02-01 19:40:11 +00:00
Kristof Provost
7bde621ba3 tests: epair: Don't fail if the if_epair module is already loaded
kldload() returns an error (EEXIST) if the module is already loaded.
That's not a problem for us, so ignore that error.

While here also clean up include statements.

MFC after:	3 days
X-MFC-With:	r357234
2020-02-01 11:31:45 +00:00
Conrad Meyer
037d75302e Revert r357246
I have no idea what this code is trying to do, leave it be.

Reported by:	lwhsu
2020-01-29 22:37:01 +00:00
Conrad Meyer
d71e0db25b qmath(3) test: Replace overcomplicated abomination with arc4random(3)
The horrific GENRAND construction bent over backwards to construct 64-bit
signed integers from the 31-bit output of random(3) for about 20 numbers per
test.  Reproducibility wasn't a goal: random(3) was seeded with
srandomdev(3).  Speed is not a factor for generating 20 integers with
arc4random(3).  Range is not a factor: all uses did not bound the range
beyond that of the full [INT64_MIN, INT64_MAX].  Just use arc4random(3).

Reported by:	Coverity
CIDs:		1404809, 1404817, 1404838, 1404840 and about 6x other
		identical reports of dubious code relating to the
		construction
2020-01-29 05:25:20 +00:00
Kristof Provost
5458a63bca tests: Test for an epair panic
if_epair abused the ifr_data field to insert its second interface in
IFC_IFLIST. If userspace provides a value for ifr_data it would get
dereferenced by the kernel leading to a panic.

Reported by:	Ilja Van Sprundel <ivansprundel@ioactive.com>
MFC after:	3 days
2020-01-28 22:46:51 +00:00
Alan Somers
95e6640be2 geli: add a test case for attaching multiple providers with 1 command
Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D23400
2020-01-28 18:32:19 +00:00
Li-Wen Hsu
fba0af0bf8 Temporarily skip flakey test case sys.kern.ptrace_test.ptrace__procdesc_reparent_wait_child
PR:		243605
Sponsored by:	The FreeBSD Foundation
2020-01-26 07:24:49 +00:00
Li-Wen Hsu
a0ba604b80 Specify PACKAGE to install tests files
MFC after:	3 weeks
MFC with:	r356984
Sponsored by:	The FreeBSD Foundation
2020-01-25 23:22:08 +00:00
Kristof Provost
b6a0d88cbe tests: Routing tests overwrote net tests
The routing subdirectory installed into the same directory as the test tests,
which caused them to overwrite the net Kyuafile. As a result these tests were
not executed.

X-MFC-With:	r356146
2020-01-25 10:51:51 +00:00
Alexander V. Chernikov
34a5582c47 Bring back redirect route expiration.
Redirect (and temporal) route expiration was broken a while ago.
This change brings route expiration back, with unified IPv4/IPv6 handling code.

It introduces net.inet.icmp.redirtimeout sysctl, allowing to set
 an expiration time for redirected routes. It defaults to 10 minutes,
 analogues with net.inet6.icmp6.redirtimeout.

Implementation uses separate file, route_temporal.c, as route.c is already
 bloated with tons of different functions.
Internally, expiration is implemented as an per-rnh callout scheduled when
 route with non-zero rt_expire time is added or rt_expire is changed.
 It does not add any overhead when no temporal routes are present.

Callout traverses entire routing tree under wlock, scheduling expired routes
 for deletion and calculating the next time it needs to be run. The rationale
 for such implemention is the following: typically workloads requiring large
 amount of routes have redirects turned off already, while the systems with
 small amount of routes will not inhibit large overhead during tree traversal.

This changes also fixes netstat -rn display of route expiration time, which
 has been broken since the conversion from kread() to sysctl.

Reviewed by:	bz
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D23075
2020-01-22 13:53:18 +00:00
Kyle Evans
53f8212826 tests: fusefs: silence remaining unsigned/signed comparison warnings
External GCC turns these into errors; cast to long to silence them.

Reviewed by:	asomers
Differential Revision:	https://reviews.freebsd.org/D23127
2020-01-10 21:51:27 +00:00
Alexander V. Chernikov
ac0bea768b Include human-readable list of rtm flags along with bitmask in error messages
for rtsock tests.

MFC after:	2 weeks
2020-01-10 08:54:46 +00:00
Kyle Evans
f10405323a posixshm: implement posix_fallocate(2)
Linux expects to be able to use posix_fallocate(2) on a memfd. Other places
would use this with shm_open(2) to act as a smarter ftruncate(2).

Test has been added to go along with this.

Reviewed by:	kib (earlier version)
Differential Revision:	https://reviews.freebsd.org/D23042
2020-01-08 19:08:44 +00:00
Alexander V. Chernikov
e02d3fe70c Fix rtsock route message generation for interface addresses.
Reviewed by:	olivier
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D22974
2020-01-07 21:16:30 +00:00
Li-Wen Hsu
061838233a Revert r355861 because the issue has been fixed in r356443
PR:		242689
Notified by:	markj
Sponsored by:	The FreeBSD Foundation
2020-01-07 17:49:49 +00:00
Kyle Evans
d679c71970 Refine fusefs test workaround for mips+llvm
This re-enables building the googletest suite by default on mips and instead
specifically doesn't build fusefs tests for mips+clang builds.  clang will
easily spent >= 1.5 hours compiling a single file due to a bug in
optimization (see LLVM PR 43263), so turn these off for now while that's
hashed out.

GCC builds are unaffected and build the fusefs tests as-is. Clang builds
only happen by early adopters attempting to hash out the remaining issues.

The comment has been updated to reflect its new position and use less strong
wording about imposing on people.

Discussed with:	ngie, asomers
Reviewed by:	ngie
2020-01-06 18:25:58 +00:00
Bryan Drewery
0cb4586a0b lio_listio_empty_nowait_thread sometimes does *not* hang.
The other tests consistently do hang though.

Sponsored by:	DellEMC
2020-01-04 18:59:46 +00:00
Alexander V. Chernikov
775dc8613d Add userland tests for route table/lltable rtsock operations.
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D22860
2019-12-28 12:16:40 +00:00
Li-Wen Hsu
00488f54de Temporarily skip failing sys.geom.class.multipath.failloop.failloop on i386 CI
PR:		242689
Sponsored by:	The FreeBSD Foundation
2019-12-17 19:01:09 +00:00
Alan Somers
67f72211dd gmultipath: add ATF tests
Add ATF tests for most gmultipath operations. Add some dtrace probes too,
primarily for configuration changes that happen in response to provider
errors.

PR:		178473
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D22235
2019-12-06 00:12:14 +00:00
Mariusz Zaborski
8e49361164 procdesc: allow to collect status through wait(1) if process is traced
The debugger like truss(1) depends on the wait(2) syscall. This syscall
waits for ALL children. When it is waiting for ALL child's the children
created by process descriptors are not returned. This behavior was
introduced because we want to implement libraries which may pdfork(1).

The behavior of process descriptor brakes truss(1) because it will
not be able to collect the status of processes with process descriptors.

To address this problem the status is returned to parent when the
child is traced. While the process is traced the debugger is the new parent.
In case the original parent and debugger are the same process it means the
debugger explicitly used pdfork() to create the child. In that case the debugger
should be using kqueue()/pdwait() instead of wait().

Add test case to verify that. The test case was implemented by markj@.

Reviewed by:	kib, markj
Discussed with:	jhb
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D20362
2019-11-25 18:33:21 +00:00
Li-Wen Hsu
b9e5cb0580 Fix gcc build
We have -Werror=strict-overflow so gcc complains:

In file included from /tmp/obj/workspace/src/amd64.amd64/tmp/usr/include/bitstring.h:36:0,
                 from /workspace/src/tests/sys/sys/bitstring_test.c:34:
/workspace/src/tests/sys/sys/bitstring_test.c: In function 'bit_ffc_at_test':
/workspace/src/sys/sys/bitstring.h:239:5: error: assuming signed overflow does not occur when assuming that (X + c) >= X is always true [-Werror=strict-overflow]
  if (_start >= _nbits) {
     ^

Disable assuming overflow of signed integer will never happen by specifying
-fno-strict-overflow

Sponsored by:	The FreeBSD Foundation
2019-11-24 15:03:35 +00:00
Doug Moore
be252a414f The error messages that indicate bugs in 'area' bitstring functions
should identify accurately which function exhibited the bug.

Reviewed by: asomers
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22519
2019-11-23 17:22:36 +00:00
Li-Wen Hsu
70314c42e7 Initialize variable bitstr
r354991 removed variable-sized object initializing on defining.  For the safe
reason, manually initialize the members to 0.

Sponsored by:	The FreeBSD Foundation
2019-11-22 10:15:15 +00:00
Li-Wen Hsu
ebb2a18a9b Fix GCC build.
Sponsored by:	The FreeBSD Foundation
2019-11-22 10:03:16 +00:00
Eric Joyner
52e8f6a331 bitstring: add functions to find contiguous set/unset bit sequences
Add bit_ffs_area_at and bit_ffc_area_at functions for searching a bit
string for a sequence of contiguous set or unset bits of at least the
specified size.

The bit_ffc_area function will be used by the Intel ice driver for
implementing resource assignment logic using a bitstring to represent
whether or not a given index has been assigned or is currently free.

The bit_ffs_area, bit_ffc_area_at and bit_ffs_area_at functions are
implemented for completeness.

I'd like to add further test cases for the new functions, but I'm not
really sure how to add them easily. The new functions depend on specific
sequences of bits being set, while the bitstring tests appear to run for
varying bit sizes.

Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>

Submitted by:	Jacob Keller <jacob.e.keller@intel.com>
Reviewed by:	asomers@, erj@
MFC after:	1 week
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D22400
2019-11-21 19:57:56 +00:00
Eric Joyner
2d7c33897f bitstring: exit early if _start is past size of the bitstring
bit_ffs_at and bit_ffc_at both take _start parameters which indicate to
start searching from _start onwards.

If the given _start index is past the size of the bit string, these
functions will calculate an address of the current bitstring which is
after the expected size. The function will also dereference the memory,
resulting in a read buffer overflow.

The output of the function remains correct, because the tests ensure to
stop the loop if the current bitstring chunk passes the stop bitstring
chunk, and because of a check to ensure the reported _value is never
past _nbits.

However, if <sys/bitstring.h> is ever used in code which is checked by
-fsanitize=undefined, or similar static analysis, it can produce
warnings about reading past the buffer size.

Because of the above mentioned checks, these buffer overflows do not
occur as long as _start is less than _nbits. Additionally, by definition
bit_ffs_at and bif_ffc_at should set _result to -1 in any case where the
_start is after the _nbits.

Check for this case at the start of the function and exit early if so,
preventing the buffer read overflow, and reducing the amount of
computation that occurs.

Note that it may seem odd to ever have code that could call bit_ffc_at
or bit_ffs_at with a _start value greater than _nbits. However, consider
a for-loop that used bit_ffs and bit_ffs_at to loop over a bit string
and perform some operation on each bit that was set. If the last bit of
the bit string was set, the simplest loop implementation would call
bit_ffs_at with a start of _nbits, and expect that to return -1. While
it does infact perform correctly, this is what ultimately triggers the
unexpected buffer read overflow.

Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>

Submitted by:	Jacob Keller <jacob.e.keller@intel.com>
Reviewed by:	asomers@, erj@
MFC after:	1 week
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D22398
2019-11-21 19:36:11 +00:00
Bjoern A. Zeeb
32af08ecad icmpv6: Fix mbuf change in mld
After r354748 mld_input() can change the mbuf.  The new pointer
is never returned to icmp6_input() and when passed to
icmp6_rip6_input() the mbuf may no longer valid leading to
a panic.
Pass a pointer to the mbuf to mld_input() so we can return an
updated version in the non-error case.

Add a test sending an MLD packet case which will trigger this bug.

Pointyhat to:	bz
Reported by:	gallatin, thj
MFC After:	2 weeks
X-MFC with:	r354748
Sponsored by:	Netflix
2019-11-18 21:59:47 +00:00
Bjoern A. Zeeb
20241072c8 ipv6 tests
Add a simple ping6 test as well.

MFC after:	2 weeks
Sponsored by:	Netflix
2019-11-18 21:54:29 +00:00
David Bright
2d5603fe65 Jail and capability mode for shm_rename; add audit support for shm_rename
Co-mingling two things here:

  * Addressing some feedback from Konstantin and Kyle re: jail,
    capability mode, and a few other things
  * Adding audit support as promised.

The audit support change includes a partial refresh of OpenBSM from
upstream, where the change to add shm_rename has already been
accepted. Matthew doesn't plan to work on refreshing anything else to
support audit for those new event types.

Submitted by:	Matthew Bryan <matthew.bryan@isilon.com>
Reviewed by:	kib
Relnotes:	Yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D22083
2019-11-18 13:31:16 +00:00
Li-Wen Hsu
09bc401f9d Reenable netinet6 and netpfil tests on i386, net/scapy 2.4.3_2 contains the fix
PR:		239380
Sponsored by:	The FreeBSD Foundation
2019-11-08 18:56:02 +00:00
Bjoern A. Zeeb
c1131de6f1 frag6: properly handle atomic fragments according to RFCs.
RFC 8200 says:
	"If the fragment is a whole datagram (that is, both the Fragment
         Offset field and the M flag are zero), then it does not need
         any further reassembly and should be processed as a fully
         reassembled packet (i.e., updating Next Header, adjust Payload
         Length, removing the Fragment header, etc.).  .."

That means we should remove the fragment header and make all the adjustments
rather than just skipping over the fragment header.  The difference should
be noticeable in that a properly handled atomic fragment triggering an ICMPv6
message at an upper layer (e.g. dest unreach, unreachable port) will not
include the fragment header.

Update the test cases to also test for an unfragmentable part.  That is
needed so that the next header is properly updated (not just lengths).

MFC after:	3 weeks
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D22155
2019-11-08 14:36:44 +00:00
Bjoern A. Zeeb
ed91ae7fe6 IPv6 tests: test case for scapy bpf parsing bug
PR:		239380
Reported by:	lwhsu, CI system
MFC after:	3 weeks
Sponsored by:	Netflix
2019-11-06 14:43:35 +00:00
Bjoern A. Zeeb
f21d32079f ipv6 tests: cleanup
Remove mentions of fragmentation tests from extension header test.
Remove setting an MTU > IF_MAXMTU from the test cases to avoid warnings;
this was only possible in a local research tree.

MFC after:		2 weeks
Sponsored by:		Netflix
2019-11-06 14:30:56 +00:00
Li-Wen Hsu
b0460c4c22 Temporarily disable sys.netinet6.exthdr on i386
PR:		241493
Sponsored by:	The FreeBSD Foundation
2019-11-05 17:49:15 +00:00
Bjoern A. Zeeb
1e19cdbbbf ip6 tests: Add very simplistic extension header tests
Add a simple test case which can exercise some of the IPv6 extension
header code paths.  At the moment only a small set of extension headers
is implemented and no options to the ones which take them.
Also implements a "bad" case to make sure that error handling works.

The tests were used to test m_pullup() changes to the code paths while
removing the KAME PULLDOWN_TEST cases and related macros.

MFC after:	3 weeks
Sponsored by:	Netflix
2019-11-05 10:59:33 +00:00
Bjoern A. Zeeb
cc07e75f30 frag6 tests: set end to catch timeout as error
There are times when we have to wait for reply packets.  There are
either an ICMPv6 (error) reply or the expiration timeout.
In these cases synchonous ICMPv6 replies should arrive, always,
unless the packet is lost.  Due to errors experienced with the
test software sending an invlaid request on at least i386 (*) these
packets are not generated.  That means we are waiting for a long time
for the replies or even timeout the test case.

Manually set the "End" flag on these test cases as well, so they do
fail rather than timeout as the sniffer timeout happens.  This improves
debugging options, reflects the error properly, and saves time on each
test suit run.

(*) The real cause for that is still to be found (see the referenced PRs)

PR:			241493, 239380
MFC after:		2 weeks
Sponsored by:		Netflix
2019-11-05 10:53:55 +00:00
Kristof Provost
65d553b0f0 netpfil tests: Add missing copyright & license statements 2019-10-29 09:47:12 +00:00
Li-Wen Hsu
cfa8b64827 Follow r354121 to fix some python3 errors in sys.netpfil.*
stderr:

Traceback (most recent call last):
  File "/usr/tests/sys/netpfil/common/pft_ping.py", line 135, in <module>
    main()
  File "/usr/tests/sys/netpfil/common/pft_ping.py", line 124, in main
    ping(args.sendif[0], args.to[0], args)
  File "/usr/tests/sys/netpfil/common/pft_ping.py", line 74, in ping
    raw = sp.raw(str(PAYLOAD_MAGIC))
  File "/usr/local/lib/python3.6/site-packages/scapy/compat.py", line 52, in raw
    return bytes(x)
TypeError: string argument without an encoding

MFC with:	r354121
Sponsored by:	The FreeBSD Foundation
2019-10-27 21:07:50 +00:00
Bjoern A. Zeeb
f0297f121a Upgrade (scapy) py2 tests to work on py3.
In order to move python2 out of the test framework to avoid py2 vs. py3
confusions upgrade the remaining test cases using scapy to work with py3.
That means only one version of scapy needs to be installed in the CI system.
It also gives a path forward for testing i386 issues observed in the CI
system with some of these tests.

Fixes are:
- Use default python from environment (which is 3.x these days).
- properly ident some lines as common for the rest of the file to avoid
  errors.
- cast the calculated offset to an int as the division result is considered
  a float which is not accepted input.
- when comparing payload to a magic number make sure we always add the
  payload properly to the packet and do not try to compare string in
  the result but convert the data payload back into an integer.
- fix print formating.

Discussed with:	lwhsu, kp (taking it off his todo :)
MFC after:	2 weeks
2019-10-26 21:19:55 +00:00
Bjoern A. Zeeb
c0750d9d04 frag6-test: update for r354046, conform to 8200 for overlapping fragments
The change to conform to RFC 8200 for overlapping fragments now frees
the entire reassembly queue if the overlapping fragments are not an
exact match.
As a result we do see one less packet in the timeout statistics from
expiry.  No other statistics change as the event is not counted.
It can be argued that we should improve the statistics counters in
that case.
This test case update should have been committed alongside the original
commit.

Pointyhat to:	bz
MFC after:	3 weeks
X-MFC with:	r354046
Sponsored by:	Netflix
2019-10-25 17:41:08 +00:00
Bjoern A. Zeeb
619456bb59 frag6: prevent overwriting initial fragoff=0 packet meta-data.
When we receive the packet with the first fragmented part (fragoff=0)
we remember the length of the unfragmentable part and the next header
(and should probably also remember ECN) as meta-data on the reassembly
queue.
Someone replying this packet so far could change these 2 (3) values.
While changing the next header seems more severe, for a full size
fragmented UDP packet, for example, adding an extension header to the
unfragmentable part would go unnoticed (as the framented part would be
considered an exact duplicate) but make reassembly fail.
So do not allow updating the meta-data after we have seen the first
fragmented part anymore.

The frag6_20 test case is added which failed before triggering an
ICMPv6 "param prob" due to the check for each queued fragment for
a max-size violation if a fragoff=0 packet was received.

MFC after:	3 weeks
Sponsored by:	Netflix
2019-10-24 22:07:45 +00:00
Bjoern A. Zeeb
4527b28baf frag6 test cases: check more counters, wait for expiry
When done with tests check that both the per-VNET and the global-fragmented-
packets-in-system counters are zero to make sure we do not leak counters or
queue entries.

This implies that for all test cases we either have to check for the ICMPv6
packet sent in case of TLL=0 expiry (if it is sent) or sleep at least long
enough for the TTL to expire for all packets (e.g., fragments where we do not
have the off=0 packet).

This also means that statistics are now updated to include all the expired
packets.

There are cases when we do not check for counters to be zero and this is
when testing VNET teardown to behave properly and not panic, when we are
intentionally leaving fragments in the system.

MFC after:	3 weeks
Sponsored by:	Netflix
2019-10-24 20:08:33 +00:00
Bjoern A. Zeeb
f74e6e494f frag6: import a set of test cases
In order to ensure that changing the frag6 code does not change behaviour
or break code a set of test cases were implemented.

Like some other test cases these use Scapy to generate packets and possibly
wait for expected answers.  In most cases we do check the global and
per interface (netstat) statistics output using the libxo output and grep
to validate fields and numbers.  This is a bit hackish but we currently have
no better way to match a selected number of stats only (we have to ignore
some of the ND6 variables; otherwise we could use the entire list).

Test cases include atomic fragments, single fragments, multi-fragments,
and try to cover most error cases in the code currently.
In addition vnet teardown is tested to not panic.

A separate set (not in-tree currently) of probes were used in order to
make sure that the test cases actually test what they should.

The "sniffer" code was copied and adjusted from the netpfil version
as we sometimes will not get packets or have longer timeouts to deal with.

Sponsored by:	Netflix
2019-10-21 09:33:45 +00:00
Kristof Provost
fcd69db27d tests: basic VLAN test
Set up two jails connected by an epair. Create VLAN interfaces in both
jails and check connectivity.

This is a very basic test, but exposed panics during the network stack
epoch work, so this is worth testing.
2019-10-15 04:50:08 +00:00
Eric van Gyzen
df4d65b196 coredump_phnum_test: handle full file system gracefully
Skip the test if the file system is full.  That's out of scope
of this test.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2019-10-11 21:23:46 +00:00
Alan Somers
e2032bdaaa zfs: multiple improvements to the zpool_add tests
* Don't partition a disk if too few are available.  Just rely on Kyua to
  ensure that the tests aren't run with insufficient disks.

* Remove redundant cleanup steps

* In zpool_add_003_pos, store the temporary file in $PWD so Kyua will
  automatically clean it up.

* Update zpool_add_005_pos to use dumpon instead of dumpadm.  This test had
  never been ported to FreeBSD.

* In zpool_add_005_pos, don't format the dump disk with UFS.  That was
  pointless.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-10 02:17:45 +00:00
Alan Somers
d2cb9c7641 ZFS: fix the zpool_add_010_pos test
The test is necessarily racy, because it depends on being able to complete a
"zpool add" before a previous resilver finishes.  But it was racier than it
needed to be.  Move the first "zpool add" to before the resilver starts.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-09 20:16:40 +00:00
Alan Somers
86b90d9179 ZFS: in the tests, don't override PWD
The ZFS test suite was overriding the common $PWD variable with the path to
the pwd command, even though no test wanted to use it that way.  Most tests
didn't notice, because ksh93 eventually restored it to its proper meaning.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-09 17:36:57 +00:00
Alan Somers
560c0f4573 ZFS: multiple fixes to the zpool_import tests
* Don't create a UFS mountpoint just to store some temporary files.  The
  tests should always be executed with a sufficiently large TMPDIR.
  Creating the UFS mountpoint is not only unneccessary, but it slowed
  zpool_import_missing_002_pos greatly, because that test moves large files
  between TMPDIR and the UFS mountpoint.  This change also allows many of
  the tests to be executed with just a single test disk, instead of two.

* Move zpool_import_missing_002_pos's backup device dir from / to $PWD to
  prevent cross-device moves.  On my system, these two changes improved that
  test's speed by 39x.  It should also prevent ENOSPC errors seen in CI.

* If insufficient disks are available, don't try to partition one of them.
  Just rely on Kyua to skip the test.  Users who care will configure Kyua
  with sufficient disks.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-09 17:24:09 +00:00
Mark Johnston
bc4225320c Fix a bug in r353332 that snuck in with a last-minute adjustment.
Reported by:	Jenkins
MFC with:	r353332
Sponsored by:	The FreeBSD Foundation
2019-10-08 23:52:04 +00:00
Mark Johnston
192fa3197c Add a regression test for r353331.
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2019-10-08 23:35:23 +00:00
Alan Somers
310a44b232 zfs: fix the zfsd_hotspare_007_pos test
It was trying to destroy the pool while zfsd was detaching the spare, and
"zpool destroy" failed.  Fix by waiting until the spare has fully detached.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-08 15:48:28 +00:00
Alan Somers
dca76f293a zfs: fix the zfsd_autoreplace_003_pos test
The test declared that it only needed 5 disks, but actually tried to use 6.
Fix it to use just 5, which is all it really needs.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-08 15:33:11 +00:00
Eric van Gyzen
4661f8af40 Fix problems in the kern_maxfiles__increase test
ATF functions such as ATF_REQUIRE do not work correctly in child processes.
Use plain C functions to report errors instead.

In the parent, check for the untimely demise of children.  Without this,
the test hung until the framework's timeout.

Raise the resource limit on the number of open files.  If this was too low,
the test hit the two problems above.

Restore the kern.maxfiles sysctl OID in the cleanup function.
The body prematurely removed the symlink in which the old value was saved.

Make the test more robust by opening more files.  In fact, due to the
integer division by 4, this was necessary to make the test valid with
some initial values of maxfiles.  Thanks, asomers@.

wait() for children instead of sleeping.

Clean up a temporary file created by the test ("afile").

Reviewed by:	asomers
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D21900
2019-10-08 13:43:05 +00:00
Alan Somers
c43f30ee6b ZFS: fix the redundancy tests
* Fix force_sync_path, which ensures that a file is fully flushed to disk.
  Apparently "zpool history"'s performance has improved, but exporting and
  importing the pool still works.
* Fix file_dva by using undocumented zdb syntax to clarify that we're
  interested in the pool's root file system, not the pool itself. This
  should also fix the zpool_clear_001_pos test.
* Remove a redundant cleanup step

MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D21901
2019-10-07 20:21:23 +00:00
Alan Somers
bbacbaccf9 ZFS: mark hotspare_scrub_002_pos as an expected failure
"zpool scrub" doesn't detect all errors on active spares in raidz arrays

PR:		241069
MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-07 20:19:05 +00:00
Alan Somers
87015aac27 ZFS: fix the delegate tests
These tests have never worked correctly

* Replace runwattr with sudo
* Fix a scoping bug with the "dtst" variable
* Cleanup user properties created during tests
* Eliminate the checks for refreservation and send support. They will always
  be supported.
* Fix verify_fs_snapshot. It seemed to assume that permissions would not yet
  be delegated, but that's not how it's actually used.
* Combine verify_fs_promote with verify_vol_promote
* Remove some useless sleeps
* Fix backwards condition in verify_vol_volsize
* Remove some redundant cleanup steps in the tests. cleanup.ksh will handle
  everything.
* Disable some parts of the tests that FreeBSD doesn't support:
    * Creating snapshots with mkdir
    * devices
    * shareisci
    * sharenfs
    * xattr
    * zoned

The sharenfs parts could probably be reenabled with more work to remove the
Solarisms.

MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D21898
2019-10-07 20:13:49 +00:00
Alan Somers
063f9d1295 zfs: skip the zfsd tests if zfsd is not running
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D21878
2019-10-07 19:50:22 +00:00
Alan Somers
95becc8898 zfs: fix the zdb_001_neg test
The test needed to be updated for r331701 (MFV illumos 8671400), which added
a "-k" option.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-07 19:48:18 +00:00
Alan Somers
f8069eab4c ZFS: fix the zpool_get_002_pos test
ZFS has grown some additional properties that hadn't been added to the
config file yet.  While I'm here, improve the error message, and remove a
superfluous command.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-07 19:24:50 +00:00
Alan Somers
d253c454bb zfs: fix the slog_012_neg test
This test attempts to corrupt a file-backed vdev by deleting it and then
recreating it with truncate.  But that doesn't work, because the pool
already has the vdev open, and it happily hangs on to the open-but-deleted
file.  Fix by truncating the file without deleting it.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-07 18:55:40 +00:00
Alan Somers
ba23dca684 ZFS: fix several zvol_misc tests
* Adapt zvol_misc_001_neg to use dumpon instead of Solaris's dumpadm
* Disable zvol_misc_003_neg, zvol_misc_005_neg, and zvol_misc_006_pos,
  because they involve using a zvol as a dump device, which FreeBSD does not
  yet support.

MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-07 18:21:33 +00:00
Alan Somers
4330d7272d ZFS: fix several of the "zpool create" tests
* Remove zpool_create_013_neg.  FreeBSD doesn't have an equivalent of
  Solaris's metadevices.  GEOM would be the equivalent, but since all geoms
  are the same from ZFS's perspective, this test would be redundant with
  zpool_create_012_neg

* Remove zpool_create_014_neg.  FreeBSD does not support swapping to regular
  files.

* Remove zpool_create_016_pos.  This test is redundant with literally every
  other test that creates a disk-backed pool.

* s:/etc/vfstab:/etc/fstab in zpool_create_011_neg

* Delete the VTOC-related portion of zpool_create_008_pos.  FreeBSD doesn't
  use VTOC.

* Replace dumpadm with dumpon and swap with swapon in multiple tests.

* In zpool_create_015_neg, don't require "zpool create -n" to fail.  It's
  reasonable for that variant to succeed, because it doesn't actually open
  the zvol.

* Greatly simplify zpool_create_012_neg.  Make it safer, too, but not
  interfering with the system's regular swap devices.

* Expect zpool_create_011_neg to fail (PR 241070)

* Delete some redundant cleanup steps in various tests

* Remove some unneeeded ATF timeout specifications.  The default is fine.

PR:		241070
MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-05 03:19:53 +00:00
Alan Somers
7d4670b647 ZFS: the hotspare_add_004_neg test needs at least two disks
MFC after:	2 weeks
Sponsored by:	Axcient
2019-10-05 01:34:35 +00:00
Kyle Evans
5a391b572b shm_open2(2): completely unbreak
kern_shm_open2(), since conception, completely fails to pass the mode along
to kern_shm_open(). This breaks most uses of it.

Add tests alongside this that actually check the mode of the returned
files.

PR:		240934 [pulseaudio breakage]
Reported by:	ler, Andrew Gierth [postgres breakage]
Diagnosed by:	Andrew Gierth (great catch)
Tested by:	ler, tmunro
Pointy hat to:	kevans
2019-10-02 02:37:34 +00:00
Eric van Gyzen
2b2ad2d6c6 Fix coredump_phnum_test when kern.compress_user_cores != 0
If `kern.compress_user_cores` is non-zero, decompress the core file.

Use `sysctl -f` to restore previous values.

Don't bother restoring `ulimit -c`, since that's a per-process value.

Check more commands with `atf_check`.

Reviewed by:	olivier ngie
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D21820
2019-09-30 14:05:44 +00:00
Jilles Tjoelker
4f77551258 Adjust tests after page fault changes in r352807
Commit r352807 fixed various signal numbers and codes from page faults;
adjust the tests so they expect the fixes to be present.

PR:		211924
2019-09-29 15:17:58 +00:00
Kyle Evans
e12ff89136 Further normalize copyright notices
- s/C/c/ where I've been inconsistent about it
- +SPDX tags
- Remove "All rights reserved" where possible

Requested by:	rgrimes (all rights reserved)
2019-09-26 16:19:22 +00:00
David Bright
9afb12bab4 Add an shm_rename syscall
Add an atomic shm rename operation, similar in spirit to a file
rename. Atomically unlink an shm from a source path and link it to a
destination path. If an existing shm is linked at the destination
path, unlink it as part of the same atomic operation. The caller needs
the same permissions as shm_unlink to the shm being renamed, and the
same permissions for the shm at the destination which is being
unlinked, if it exists. If those fail, EACCES is returned, as with the
other shm_* syscalls.

truss support is included; audit support will come later.

This commit includes only the implementation; the sysent-generated
bits will come in a follow-on commit.

Submitted by:	Matthew Bryan <matthew.bryan@isilon.com>
Reviewed by:	jilles (earlier revision)
Reviewed by:	brueffer (manpages, earlier revision)
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D21423
2019-09-26 15:32:28 +00:00
Kyle Evans
a631497fca Add SPDX tags to recently added files
Reported by:	Pawel Biernacki
2019-09-25 22:53:30 +00:00
Kyle Evans
3e25d1fb61 Add linux-compatible memfd_create
memfd_create is effectively a SHM_ANON shm_open(2) mapping with optional
CLOEXEC and file sealing support. This is used by some mesa parts, some
linux libs, and qemu can also take advantage of it and uses the sealing to
prevent resizing the region.

This reimplements shm_open in terms of shm_open2(2) at the same time.

shm_open(2) will be moved to COMPAT12 shortly.

Reviewed by:	markj, kib
Differential Revision:	https://reviews.freebsd.org/D21393
2019-09-25 18:03:18 +00:00
Olivier Cochard
13d9bd2692 Fix coredump_phnum_test in case of kern.compress_user_cores=1
PR:		240783
Approved by:	ngie, lwhsu
MFC after:	1 month
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D21776
2019-09-24 16:45:34 +00:00
Jilles Tjoelker
416e2de337 Add some tests for page fault signals and codes
It is useful to have some tests for page fault signals.

More tests would be useful but creating the conditions (such as various
kinds of running out of memory and I/O errors) is more complicated.

The tests page_fault_signal__bus_objerr_1 and
page_fault_signal__bus_objerr_2 depend on https://reviews.freebsd.org/D21566
before they can pass.

PR:		211924
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D21624
2019-09-18 21:00:32 +00:00
Li-Wen Hsu
ebcb81079e Temporarily skip sys.netpfil.common.tos.pf_tos on i386 CI as it always fails
PR:		240086
Sponsored by:	The FreeBSD Foundation
2019-09-17 22:09:14 +00:00
Li-Wen Hsu
ae92090ae0 Temporarily skip sys.netpfil.common.forward.pf_v4 on i386 CI as it always fails
PR:		240085
Sponsored by:	The FreeBSD Foundation
2019-09-17 22:08:16 +00:00
Alan Somers
9c9634d1db fusefs: initialize C++ classes the Coverity way
Coverity complained that I wasn't initializing some class members until the
SetUp method.  Do it in the constructor instead.

Reported by:	Coverity
Coverity CIDs:	1404352, 1404378
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2019-09-16 15:56:21 +00:00
Alan Somers
4ca1c0b7f7 fusefs: fix some minor Coverity CIDs in the tests
Where open(2) is expected to fail, the tests should assert or expect that
its return value is -1.  These tests all accepted too much but happened to
pass anyway.

Reported by:	Coverity
Coverity CID:	1404512, 1404378, 1404504, 1404483
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2019-09-16 15:44:59 +00:00
Edward Tomasz Napierala
fad4b12b90 Introduce arb(3), the Array-based Red-Black Tree macros: similar
to the traditional tree(3) RB trees, but using an array (preallocated,
linear chunk of memory) to store the tree.

This avoids allocation overhead, improves memory locality,
and makes it trivially easy to share/transfer/copy the entire tree
without the need for marshalling.  The downside is that the size
is fixed at initialization time; there is no mechanism to resize
it.

This is one of the dependencies for the new stats(3) framework
(https://reviews.freebsd.org/D20477).

Reviewed by:	bcr (man pages), markj
Discussed with:	cem
MFC after:	2 weeks
Sponsored by:	Klara Inc, Netflix
Obtained from:	Netflix
Differential Revision:	https://reviews.freebsd.org/D20324
2019-09-14 19:23:46 +00:00
Alan Somers
6c0c362075 fusefs: Fix iosize for FUSE_WRITE in 7.8 compat mode
When communicating with a FUSE server that implements version 7.8 (or older)
of the FUSE protocol, the FUSE_WRITE request structure is 16 bytes shorter
than normal. The protocol version check wasn't applied universally, leading
to an extra 16 bytes being sent to such servers. The extra bytes were
allocated and bzero()d, so there was no information disclosure.

Reviewed by:	emaste
MFC after:	3 days
MFC-With:	r350665
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D21557
2019-09-11 19:29:40 +00:00
Li-Wen Hsu
31e3dc2da3 Temporarily skip flakey test case sys.kern.ptrace_test.ptrace__getppid
PR:		240510
Sponsored by:	The FreeBSD Foundation
2019-09-11 16:24:03 +00:00
Alan Somers
dd21a9163c fusefs: suppress some Coverity resource leak CIDs in the tests
The fusefs tests deliberately leak file descriptors.  To do otherwise would
add extra complications to the tests' mock FUSE server.  This annotation
should hopefully convince Coverity to shut up about the leaks.

Reviewed by:	uqs
MFC after:	4 days
Sponsored by:	The FreeBSD Foundation
2019-09-07 19:25:45 +00:00
Alan Somers
8e7657374a fusefs: coverity cleanup in the tests
Address the following defects reported by Coverity:

* Structurally dead code (CID 1404366): set m_quit before FAIL, not after

* Unchecked return value of sysctlbyname (CID 1404321)

* Unchecked return value of stat(2) (CID 1404471)

* Unchecked return value of open(2) (CID 1404402, 1404529)

* Unchecked return value of dup(2) (CID 1404478)

* Buffer overflows. These are all false positives caused by the fact that
  Coverity thinks I'm using a buffer to store strings, when in fact I'm
  really just using it to store a byte array that happens to be initialized
  with a string. I'm changing the type from char to uint8_t in the hopes
  that it will placate Coverity. (CID 1404338, 1404350, 1404367, 1404376,
  1404379, 1404381, 1404388, 1404403, 1404425, 1404433, 1404434, 1404474,
  1404480, 1404484, 1404503, 1404505)

* False positive file descriptor leak. I'm going to try to fix this with
  Coverity modeling, but I'll also change an EXPECT to ASSERT so we don't
  perform meaningless assertions after the failure. (CID 1404320, 1404324,
  1404440, 1404445).

* Unannotated file descriptor leak. This will be followed up by a Coverity
  modeling change. (CID 1404326, 1404334, 1404336, 1404357, 1404361,
  1404372, 1404391, 1404395, 1404409, 1404430, 1404448, 1404451, 1404455,
  1404457, 1404458, 1404460)

* Uninitialized variables in C++ constructors (CID 1404327, 1404346). In the
  case of m_maxphys, this actually led to part of the FUSE_INIT's response
  being set to stack garbage during the WriteCluster::clustering test.

* Uninitialized sun_len field in struct sockaddr_un (CID 1404330, 1404371,
  1404429).

Reported by:	Coverity
Reviewed by:	emaste
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D21457
2019-09-06 19:50:45 +00:00
Kristof Provost
3bc534ea8e Set required program for all acl tests
r339782 re-enabled acl test 00 and 02, which were disabled in r336617
due to PR 229930.
When the tests were disabled the code to set their required programs was
disabled as well, but this was not reinstated when r339782 re-enabled
them.
Do so now.

Sponsored by:	Axiado
2019-09-05 18:54:46 +00:00
Emmanuel Vadot
ea8a4d593b pkgbase: Put the sys/common test into the tests package
Every other test is there so do the same for those.

Reviewed by:	bapt, gjb
Differential Revision:	https://reviews.freebsd.org/D21504
2019-09-05 14:14:07 +00:00
Li-Wen Hsu
7fb6c523bc Temporarily skip sys.sys.qmath_test.qdivq_s64q in CI because it is unstable
PR:		240219
Discussed with:	trasz
Sponsored by:	The FreeBSD Foundation
2019-09-03 10:49:13 +00:00
Edward Tomasz Napierala
3dd61c212c Fix qmath(3) build problems with GCC 8.
Discussed with:	asomers
Sponsored by:	Klara Systems
Differential Revision:	https://reviews.freebsd.org/D21442
2019-08-29 07:39:31 +00:00
Alan Somers
5e63333052 fusefs: Fix some bugs regarding the size of the LISTXATTR list
* A small error in r338152 let to the returned size always being exactly
  eight bytes too large.

* The FUSE_LISTXATTR operation works like Linux's listxattr(2): if the
  caller does not provide enough space, then the server should return ERANGE
  rather than return a truncated list.  That's true even though in FUSE's
  case the kernel doesn't provide space to the client at all; it simply
  requests a maximum size for the list.  We previously weren't handling the
  case where the server returns ERANGE even though the kernel requested as
  much size as the server had told us it needs; that can happen due to a
  race.

* We also need to ensure that a pathological server that always returns
  ERANGE no matter what size we request in FUSE_LISTXATTR won't cause an
  infinite loop in the kernel.  As of this commit, it will instead cause an
  infinite loop that exits and enters the kernel on each iteration, allowing
  signals to be processed.

Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D21287
2019-08-28 04:19:37 +00:00
Edward Tomasz Napierala
912b6fa37e Fix build on 32 bit archs. 2019-08-27 13:55:45 +00:00
Edward Tomasz Napierala
5a38af1fb8 Introduce <sys/qmath.h>, a fixed-point math library from Netflix.
This makes it possible to perform mathematical operations
on
fractional values without using floating point. It operates on Q
numbers, which are integer-sized, opaque structures initialized
to hold a chosen number of integer and fractional
bits.


For a general description of the Q number system, see the "Fixed Point
Representation & Fractional Math" whitepaper[1]; for the actual
API see the qmath(3) man page.

This is one of dependencies for the upcoming stats(3) framework[2]
that will be applied to the TCP stack in a later commit.

1. https://www.superkits.net/whitepapers/Fixed%20Point%20Representation%20&%20Fractional%20Math.pdf
2. https://reviews.freebsd.org/D20477

Reviewed by:	bcr (man pages, earlier version), sef (earlier version)
Discussed with:	cem, dteske, imp, lstewart
Sponsored By:	Klara Inc, Netflix
Obtained from:	Netflix
Differential Revision:	https://reviews.freebsd.org/D20116
2019-08-27 11:46:22 +00:00
Kyle Evans
95aa96f3a8 tests: shm_open(2): Verify FD_CLOEXEC
Motivated by the fact that I'm messing around near the implementation and
wanting to ensure this doesn't get messed up in the process.

MFC after:	1 week
2019-08-25 02:38:45 +00:00
Li-Wen Hsu
74fa3a52ce Fix failure test cases after r351423 due to ping6(8) options changed
Failure test cases:
    sys.netpfil.common.pass_block.pf_v6
    sys.netpfil.pf.pass_block.noalias
    sys.netpfil.pf.pass_block.v6

Sponsored by:	The FreeBSD Foundation
2019-08-24 01:28:39 +00:00
Kristof Provost
39cae0d5ed netpfil tests: Add forward test for the three firewalls
Submitted by:	Ahsan Barkati
Reviewed by:	kp
Sponsored by:	Google, Inc. (GSoC 2019)
Differential Revision:	https://reviews.freebsd.org/D21321
2019-08-23 12:11:46 +00:00
Kyle Evans
e21f96a811 mips: hide regnum definitions behind _KERNEL/_WANT_MIPS_REGNUM
machine/regnum.h ends up being included by sys/procfs.h and sys/ptrace.h via
machine/reg.h. Many of the regnum definitions are too short and too generic
to be exposing to any userland application including one of these two
headers. Moreover, these actively cause build failures in googletest
(template <typename T1 ...> expanding to template <typename 9 ...>).

Hide the definitions behind _KERNEL or _WANT_MIPS_REGNUM, and patch all of
the userland consumers to define as needed.

Discussed with:	imp, jhb
Reviewed by:	imp, jhb
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21330
2019-08-22 21:43:21 +00:00
Kyle Evans
92a8983bab Fix the build with WITHOUT_GOOGLETEST
Attempting to build the fusefs tests WITHOUT_GOOGLETEST will result in an
error if the host system or sysroot doesn't already have googletest headers
in /usr/include/private (e.g. host built/installed WITHOUT_GOOGLETEST, clean
cross-buildworld WITHOUT_GOOGLETEST).

Reviewed by:	asomers
Differential Revision:	https://reviews.freebsd.org/D21367
2019-08-22 19:10:31 +00:00
Li-Wen Hsu
cdac716946 Fix path issues after r351212
This fixes sys.netpfil.pf.forward.v4 and sys.netpfil.pf.icmp.cve_2019_5598
failures in CI system.

Sponsored by:	The FreeBSD Foundation
2019-08-22 12:08:35 +00:00
Kristof Provost
3e1ebe7fb8 netpfil tests: Add too many fragments test for pf, ipfw and ipf
Add test for checking that the packets are dropped if it is fragmented into
more than the defined value.

Submitted by:	Ahsan Barkati
Reviewed by:	kp
Sponsored by:	Google, Inc. (GSoC 2019)
Differential Revision:	https://reviews.freebsd.org/D21307
2019-08-20 14:46:12 +00:00
Kristof Provost
df3d236d96 netpfil tests: Add the set ToS test for ipfw and pf
This test tests the following:

 - The firewall is able to set the tos bits
 - The firewall is able to set the DSCP bits when EN bits is already set and
   the EN bits remains unchanged.
 - The firewall is able to drop the packets based on ToS value

Submitted by:	Ahsan Barkati
Reviewed by:	kp
Sponsored by:	Google, Inc. (GSoC 2019)
Differential Revision:	https://reviews.freebsd.org/D21305
2019-08-20 14:31:22 +00:00
Kristof Provost
9531253098 netpfil tests: Move pft_ping.py and sniffer.py to the common test directory
The pft_ping.py and sniffer.py tool is moved from tests/sys/netpfil/pf to
tests/sys/netpfil/common directory because these tools are to be used in
common for all the firewalls.

Submitted by:	Ahsan Barkati
Reviewed by:	kp, thj
Sponsored by:	Google, Inc. (GSoC 2019)
Differential Revision:	https://reviews.freebsd.org/D21276
2019-08-19 10:48:27 +00:00
Konstantin Belousov
de567a4bef sys.kern.pdeathsig.signal_delivered_ptrace: fix startup.
Inform D that C executed procctl(PROC_PDEATHSIG_CTL).  Otherwise D
might allow B to exit before C is set up to receive a signal on the
parent exit.  In this case, C waits forever for the signal and test
hangs.

PR:	237657
Reported and tested by:	lwhsu
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-08-19 09:33:09 +00:00
Konstantin Belousov
39ba52c0b7 sys.kern.pdeathsig.signal_delivered_ptrace: fix debugger detach
ptrace(PT_DETACH) requires stopped debuggee, otherwise it fails.  When
the call fails, the C process is left as debuggee of the process D,
and might be killed too early if process D exits occurs fast enough.

Since pipes are not closed in the forked children, this resulted in
the test hanging, since no write occured from C to wake A.

PR:	237657
Reported and tested by:	lwhsu
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-08-19 09:29:27 +00:00
Tom Jones
0d9da68f01 Add basic NAT test for pf, ipf and ipfw
Add common firewall NAT tests for pf, ipf and ipfw (using both in-kernel and
userspace NAT).

Submitted by:   Ahsan Barkati
Sponsored by:   Google, Inc. (GSoC 2019)
Reviewed by:    kp
Approved by:    bz (mentor)
MFC after:      2 weeks
Differential Revision: https://reviews.freebsd.org/D21199
2019-08-17 06:44:11 +00:00
Alan Somers
3a79e8e772 fusefs: don't send the namespace during listextattr
The FUSE_LISTXATTR operation always returns the full list of a file's
extended attributes, in all namespaces. There's no way to filter the list
server-side. However, currently FreeBSD's fusefs driver sends a namespace
string with the FUSE_LISTXATTR request. That behavior was probably copied
from fuse_vnop_getextattr, which has an attribute name argument. It's
been there ever since extended attribute support was added in r324620. This
commit removes it.

Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D21280
2019-08-16 05:06:54 +00:00
Mateusz Piotrowski
03d8a4b7d3 pf tests: Fix accidental duplication of content
Some files got their contented duplicated in r345409. Some mistakes where
fixed in r345430. The only file that was left with a duplicated content was
CVE-2019-5598.py.

Reviewed by:	kp
Approved by:	src (kp)
Differential Revision:	https://reviews.freebsd.org/D21267
2019-08-15 12:00:59 +00:00
Alan Somers
38a3e0bd6b fusefs: fix conditional from r351061
The entirety of r351061 was a copy/paste error.  I'm sorry I've been
comitting so hastily.

Reported by:	rpokala
Reviewed by:	rpokala
MFC after:	2 weeks
MFC-With:	351061
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D21265
2019-08-15 04:47:42 +00:00
Alan Somers
f6b344e560 fusefs: fix the 32-bit build after 351042
Reported by:	jhb
MFC after:	2 weeks
MFC-With:	351042
Sponsored by:	The FreeBSD Foundation
2019-08-15 00:23:03 +00:00
Alan Somers
bf50749773 fusefs: Fix the size of fuse_getattr_in
In FUSE protocol 7.9, the size of the FUSE_GETATTR request has increased.
However, the fusefs driver is currently not sending the additional fields.
In our implementation, the additional fields are always zero, so I there
haven't been any test failures until now.  But fusefs-lkl requires the
request's length to be correct.

Fix this bug, and also enhance the test suite to catch similar bugs.

PR:		239830
MFC after:	2 weeks
MFC-With:	350665
Sponsored by:	The FreeBSD Foundation
2019-08-14 20:45:00 +00:00
Alan Somers
331884f291 fusefs: fix intermittency in the default_permissions.Unlink.ok test
The test needs to expect a FUSE_FORGET operation. Most of the time the test
would pass anyway, because by chance FUSE_FORGET would arrive after the
unmount.

MFC after:	2 weeks
MFC-With:	350665
Sponsored by:	The FreeBSD Foundation
2019-08-14 18:04:04 +00:00