Commit Graph

636 Commits

Author SHA1 Message Date
lwhsu
7de5e75b50 Correct definitions in sys.opencrypto.runtests.main for 32bit platform
Reviewed by:	cem, jhb
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20894
2019-07-10 01:08:08 +00:00
lwhsu
6d06cd7d83 Skip sys.netpfil.pf.names.names and sys.netpfil.pf.synproxy.synproxy
temporarily because kernel panics when flushing epair queue.

PR:		238870
Sponsored by:	The FreeBSD Foundation
2019-06-29 12:19:57 +00:00
lwhsu
93d54947f0 Skip sys.netinet.socket_afinet.socket_afinet_bind_zero temporarily because it
doesn't work when mac_portacl(4) loaded

PR:		238781
Sponsored by:	The FreeBSD Foundation
2019-06-23 19:37:12 +00:00
cem
b0dcb77676 random(4): Fortuna: allow increased concurrency
Add experimental feature to increase concurrency in Fortuna.  As this
diverges slightly from canonical Fortuna, and due to the security
sensitivity of random(4), it is off by default.  To enable it, set the
tunable kern.random.fortuna.concurrent_read="1".  The rest of this commit
message describes the behavior when enabled.

Readers continue to update shared Fortuna state under global mutex, as they
do in the status quo implementation of the algorithm, but shift the actual
PRF generation out from under the global lock.  This massively reduces the
CPU time readers spend holding the global lock, allowing for increased
concurrency on SMP systems and less bullying of the harvestq kthread.

It is somewhat of a deviation from FS&K.  I think the primary difference is
that the specific sequence of AES keys will differ if READ_RANDOM_UIO is
accessed concurrently (as the 2nd thread to take the mutex will no longer
receive a key derived from rekeying the first thread).  However, I believe
the goals of rekeying AES are maintained: trivially, we continue to rekey
every 1MB for the statistical property; and each consumer gets a
forward-secret, independent AES key for their PRF.

Since Chacha doesn't need to rekey for sequences of any length, this change
makes no difference to the sequence of Chacha keys and PRF generated when
Chacha is used in place of AES.

On a GENERIC 4-thread VM (so, INVARIANTS/WITNESS, numbers not necessarily
representative), 3x concurrent AES performance jumped from ~55 MiB/s per
thread to ~197 MB/s per thread.  Concurrent Chacha20 at 3 threads went from
roughly ~113 MB/s per thread to ~430 MB/s per thread.

Prior to this change, the system was extremely unresponsive with 3-4
concurrent random readers; each thread had high variance in latency and
throughput, depending on who got lucky and won the lock.  "rand_harvestq"
thread CPU use was high (double digits), seemingly due to spinning on the
global lock.

After the change, concurrent random readers and the system in general are
much more responsive, and rand_harvestq CPU use dropped to basically zero.

Tests are added to the devrandom suite to ensure the uint128_add64 primitive
utilized by unlocked read functions to specification.

Reviewed by:	markm
Approved by:	secteam(delphij)
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D20313
2019-06-17 20:29:13 +00:00
delphij
8581c5bfb9 Separate kernel crc32() implementation to its own header (gsb_crc32.h) and
rename the source to gsb_crc32.c.

This is a prerequisite of unifying kernel zlib instances.

PR:		229763
Submitted by:	Yoshihiro Ota <ota at j.email.ne.jp>
Differential Revision:	https://reviews.freebsd.org/D20193
2019-06-17 19:49:08 +00:00
cem
a94613570d random(4): Generalize algorithm-independent APIs
At a basic level, remove assumptions about the underlying algorithm (such as
output block size and reseeding requirements) from the algorithm-independent
logic in randomdev.c.  Chacha20 does not have many of the restrictions that
AES-ICM does as a PRF (Pseudo-Random Function), because it has a cipher
block size of 512 bits.  The motivation is that by generalizing the API,
Chacha is not penalized by the limitations of AES.

In READ_RANDOM_UIO, first attempt to NOWAIT allocate a large enough buffer
for the entire user request, or the maximal input we'll accept between
signal checking, whichever is smaller.  The idea is that the implementation
of any randomdev algorithm is then free to divide up large requests in
whatever fashion it sees fit.

As part of this, two responsibilities from the "algorithm-generic" randomdev
code are pushed down into the Fortuna ra_read implementation (and any other
future or out-of-tree ra_read implementations):

  1. If an algorithm needs to rekey every N bytes, it is responsible for
  handling that in ra_read(). (I.e., Fortuna's 1MB rekey interval for AES
  block generation.)

  2. If an algorithm uses a block cipher that doesn't tolerate partial-block
  requests (again, e.g., AES), it is also responsible for handling that in
  ra_read().

Several APIs are changed from u_int buffer length to the more canonical
size_t.  Several APIs are changed from taking a blockcount to a bytecount,
to permit PRFs like Chacha20 to directly generate quantities of output that
are not multiples of RANDOM_BLOCKSIZE (AES block size).

The Fortuna algorithm is changed to NOT rekey every 1MiB when in Chacha20
mode (kern.random.use_chacha20_cipher="1").  This is explicitly supported by
the math in FS&K §9.4 (Ferguson, Schneier, and Kohno; "Cryptography
Engineering"), as well as by their conclusion: "If we had a block cipher
with a 256-bit [or greater] block size, then the collisions would not
have been an issue at all."

For now, continue to break up reads into PAGE_SIZE chunks, as they were
before.  So, no functional change, mostly.

Reviewed by:	markm
Approved by:	secteam(delphij)
Differential Revision:	https://reviews.freebsd.org/D20312
2019-06-17 15:09:12 +00:00
cem
a8e7a312c6 random(4): Add regression tests for uint128 implementation, Chacha CTR
Add some basic regression tests to verify behavior of both uint128
implementations at typical boundary conditions, to run on all architectures.

Test uint128 increment behavior of Chacha in keystream mode, as used by
'kern.random.use_chacha20_cipher=1' (r344913) to verify assumptions at edge
cases.  These assumptions are critical to the safety of using Chacha as a
PRF in Fortuna (as implemented).

(Chacha's use in arc4random is safe regardless of these tests, as it is
limited to far less than 4 billion blocks of output in that API.)

Reviewed by:	markm
Approved by:	secteam(gordon)
Differential Revision:	https://reviews.freebsd.org/D20392
2019-06-17 14:59:45 +00:00
asomers
047e59c9f6 Add test cases for epair
Implements the missing test cases for epair in a similar fashion to the
existing tests. Fixes shared abstractions to work with epair tests.

Submitted by:	Ryan Moeller <ryan@freqlabs.com>
Reviewed by:	asomers
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D20498
2019-06-13 05:05:58 +00:00
lwhsu
11c242c731 Remove tests for the deprecated algorithms in r348206
The tests are failing because the return value and output have changed, but
before test code structure adjusted, removing these test cases help people
be able to focus on more important cases.

Discussed with:	emaste
MFC with:	r348206
Sponsored by:	The FreeBSD Foundation
2019-05-31 04:29:29 +00:00
bz
7f385b6fa8 Add very basic afinet socket tests which I started to write in order
to then try to reproduce a kernel panic, which turned out to be a
race condition and hard to test from here.

Commit the changes anywhere as the "bind zero" case was a surprise
to me and we should try to maintain this status.

Also it is easy examples someone can build upon.

With help from:	markj
Event:		Waterloo Hackathon 2019
2019-05-21 19:42:04 +00:00
ngie
ccee57c1b2 Add my name to the copyright
I have contributed a number of changes to these tests over the past few
hundred revisions, and believe I deserve credit for the changes I have
made (plus, the copyright hadn't been updated since 2014).

MFC after:	1 week
2019-05-21 04:11:16 +00:00
ngie
b674413921 Follow up to r348042: cast aad to a byte array
This is not completely necessary today, but this change is being made in a
conservative manner to avoid accidental breakage in the future, if this ever
was a unicode string.

PR:		237403
MFC after:	1 week
2019-05-21 04:03:22 +00:00
ngie
1dc65ca0b9 Fix encoding issues with python 3
In python 3, the default encoding was switched from ascii character sets to
unicode character sets in order to support internationalization by default.
Some interfaces, like ioctls and packets, however, specify data in terms of
non-unicode encodings formats, either in host endian (`fcntl.ioctl`) or
network endian (`dpkt`) byte order/format.

This change alters assumptions made by previous code where it was all
data objects were assumed to be basestrings, when they should have been
treated as byte arrays. In order to achieve this the following are done:
* str objects with encodings needing to be encoded as ascii byte arrays are
  done so via `.encode("ascii")`. In order for this to work on python 3 in a
  type agnostic way (as it anecdotally varied depending on the caller), call
  `.encode("ascii")` only on str objects with python 3 to cast them to ascii
  byte arrays in a helper function name `str_to_ascii(..)`.
* `dpkt.Packet` objects needing to be passed in to `fcntl.ioctl(..)` are done
  so by casting them to byte arrays via `bytes()`, which calls
  `dpkt.Packet__str__` under the covers and does the necessary str to byte array
  conversion needed for the `dpkt` APIs and `struct` module.

In order to accomodate this change, apply the necessary typecasting for the
byte array literal in order to search `fop.name` for nul bytes.

This resolves all remaining python 2.x and python 3.x compatibility issues on
amd64. More work needs to be done for the tests to function with i386, in
general (this is a legacy issue).

PR:		237403
MFC after:	1 week
Tested with:	python 2.7.16 (amd64), python 3.6.8 (amd64)
2019-05-21 03:52:48 +00:00
ngie
c0a79d283c Remove spurious newline
Even though some python styles suggest there should be multiple newlines between
methods/classes, for consistency with the surrounding code, it's best to be
consistent by having merely one newline between each functional block.

MFC after:	1 week
2019-05-21 02:49:15 +00:00
ngie
44c71394c9 Fix KAT(CCM)?Parser file descriptor leaks
Make `KAT(CCM)?Parser` into a context suite-capable object by implementing
`__enter__` and `__exit__` methods which manage opening up the file descriptors
and closing them on context exit. This implementation was decided over adding
destructor logic to a `__del__` method, as there are a number of issues around
object lifetimes when dealing with threading cleanup, atexit handlers, and a
number of other less obvious edgecases. Plus, the architected solution is more
pythonic and clean.

Complete the iterator implementation by implementing a `__next__` method for
both classes which handles iterating over the data using a generator pattern,
and by changing `__iter__` to return the object instead of the data which it
would iterate over. Alias the `__next__` method to `next` when working with
python 2.x in order to maintain functional compatibility between the two major
versions.

As part of this work and to ensure readability, push the initialization of the
parser objects up one layer and pass it down to a helper function. This could
have been done via a decorator, but I was trying to keep it simple for other
developers to make it easier to modify in the future.

This fixes ResourceWarnings with python 3.

PR:		237403
MFC after:	1 week
Tested with:	python 2.7.16 (amd64), python 3.6.8 (amd64)
2019-05-21 02:30:43 +00:00
ngie
bb62553aa3 Squash deprecation warning related to array.array(..).tostring()
In version 3.2+, `array.array(..).tostring()` was renamed to
`array.array(..).tobytes()`. Conditionally call `array.array(..).tobytes()` if
the python version is 3.2+.

PR:		237403
MFC after:	1 week
2019-05-21 02:13:46 +00:00
ngie
dfc6cdfbfa Followup to r347996
Replace uses of `foo.encode("hex")` with `binascii.hexlify(foo)` for forwards
compatibility between python 2.x and python 3.

PR:		237403
MFC after:	1 week
2019-05-21 00:30:29 +00:00
ngie
e2fe1e7058 Allow the end-user to pass along arguments to cryptotest.py via $CRYPTOTEST_ARGS
This allows someone to use `-v` to dump out standard output.
2019-05-20 22:32:26 +00:00
trasz
9fbc1dfe47 Improve tree(3) tests by using ATF_REQUIRE where applicable.
MFC after:	2 weeks
Sponsored by:	Klara Inc.
2019-05-20 18:35:23 +00:00
ngie
b833ad9921 Replace uses of foo.(de|en)code('hex') with binascii.(un)?hexlify(foo)
Python 3 no longer doesn't support encoding/decoding hexadecimal numbers using
the `str.format` method. The backwards compatible new method (using the
binascii module/methods) is a comparable means of converting to/from
hexadecimal format.

In short, the functional change is the following:
* `foo.decode('hex')` -> `binascii.unhexlify(foo)`
* `foo.encode('hex')` -> `binascii.hexlify(foo)`

While here, move the dpkt import in `cryptodev.py` down per PEP8, so it comes
after the standard library provided imports.

PR:		237403
MFC after:	1 week
2019-05-20 16:38:12 +00:00
kp
47fca2b587 ipsec tests: Skip if ipsec.ko is not loaded
As of r347410 IPSec is no longer built into GENERIC. The ipsec.ko module must
be loaded before we can execute the IPSec tests.

Check this, and skip the tests if IPSec is not available.
2019-05-16 02:18:57 +00:00
trasz
e9ef076265 Try to unbreak the build after r347425.
MFC after:	2 weeks
2019-05-10 08:16:29 +00:00
trasz
a2c9c46063 Add simple regression tests for tree(3). Those are ATF-ified versions
of OpenBSD's regress/sys/sys/tree/.

Reviewed by:	ngie
MFC after:	2 weeks
Sponsored by:	Klara Inc.
Differential Revision:	https://reviews.freebsd.org/D20186
2019-05-10 07:46:14 +00:00
ngie
ff51b2bded Refactor tests/sys/opencrypto/runtests
* Convert from plain to TAP for slightly improved introspection when skipping
  the tests due to requirements not being met.
* Test for the net/py-dpkt (origin) package being required when running the
  tests, instead of relying on a copy of the dpkt.py module from 2014. This
  enables the tests to work with py3. Subsequently, remove
  `tests/sys/opencrypto/dpkt.py(c)?` via `make delete-old`.
* Parameterize out `python2` as `$PYTHON`.

PR:		237403
MFC after:	1 week
2019-05-10 00:03:32 +00:00
markj
e9fb0d3782 Add a few regression tests for mlock(2).
These are intended to exercise some rarely executed code paths.

MFC after:	2 weeks
2019-05-01 15:28:23 +00:00
ngie
34ce56b4e9 Use range instead of xrange
`xrange` is a pre-python 2.x compatible idiom. Use `range` instead. The values
being iterated over are sufficiently small that using range on python 2.x won't
be a noticeable issue.

MFC after:	2 months
2019-04-24 05:52:24 +00:00
ngie
ece600ec2d Fix typo: Plen should be plen
MFC after:	1 month
MFC with:	r346617
Reported by:	pylint -E
2019-04-24 05:49:48 +00:00
ngie
c04afa6e42 Don't leak fd when manipulating the device via _getdev()
Close the file descriptor when done calling ioctl with a try-finally block so
it doesn't get leaked.

MFC after:	2 months
2019-04-24 05:47:09 +00:00
ngie
ee170982a8 Chase PEP-3110
Replace `except Environment, e:` with `except Environment as e` for
compatibility between python 2.x and python 3.x.

While here, fix a bad indentation change from r346620 by reindenting the code
properly.

MFC after:	2 months
2019-04-24 04:50:03 +00:00
ngie
f0fa844d86 Reapply whitespace style changes from r346443 after recent changes to tests/sys/opencrypto
From r346443:
"""
Replace hard tabs with four-character indentations, per PEP8.

This is being done to separate stylistic changes from the tests from functional
ones, as I accidentally introduced a bug to the tests when I used four-space
indentation locally.

No functional change.
"""

MFC after:	2 months
Discussed with:	jhb
2019-04-24 04:40:24 +00:00
jhb
84609db994 Test the AES-CCM test vectors from the NIST Known Answer Tests.
The CCM test vectors use a slightly different file format in that
there are global key-value pairs as well as section key-value pairs
that need to be used in each test.  In addition, the sections can set
multiple key-value pairs in the section name.  The CCM KAT parser
class is an iterator that returns a dictionary once per test where the
dictionary contains all of the relevant key-value pairs for a given
test (global, section name, section, test-specific).

Note that all of the CCM decrypt tests use nonce and tag lengths that
are not supported by OCF (OCF only supports a 12 byte nonce and 16
byte tag), so none of the decryption vectors are actually tested.

Reviewed by:	ngie
MFC after:	1 month
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D19978
2019-04-24 00:23:06 +00:00
jhb
5ca25aadd9 Run the plain SHA digest tests from NIST.
Pass in an explicit digest length to the Crypto constructor since it
was assuming only sessions with a MAC key would have a MAC.  Passing
an explicit size allows us to test the full digest in HMAC tests as
well.

Reviewed by:	cem
MFC after:	1 month
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D19884
2019-04-24 00:16:39 +00:00
jhb
0dec3d5ad8 Use more descriptive algorithm names in skip messages.
Reviewed by:	cem, ngie
MFC after:	1 month
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D19977
2019-04-24 00:14:37 +00:00
jhb
8067938fb7 Skip tests with missing test vectors instead of failing.
This copes more gracefully when older version of the nist-kat package
are intalled that don't have newer test vectors such as CCM or plain
SHA.

If the nist-kat package is not installed at all, this still fails with
an error.

Reviewed by:	cem
MFC after:	1 month
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D20034
2019-04-24 00:10:21 +00:00
olivier
6c11b0ee9c Skip test component_selection:run_latest_genid if gmirror/gnop GEOM classes
aren't available

PR:		237051
Reviewed by:	asomers, imp, ngie, emaste (IRC)
Approved by:	ngie
MFC after:	 1 month
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D19958
2019-04-23 21:07:47 +00:00
ngie
5ec6c21350 Fix sys.kern.coredump_phnum_test.coredump_phnum on i386
The zero-padding when printing out the Size field is on 32-bit architectures is
5, not 15. Adjust the regular expression to work with both the 32-bit and
64-bit case.

MFC after:	1 week
Reviewed by:	lwhsu, markj
Approved by:	emaste (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D20005
2019-04-22 11:21:20 +00:00
ngie
b331cfbc16 Revert r346443
My wide sweeping stylistic change (while well intended) is impeding others from
working on `tests/sys/opencrypto`.

The plan is to revert the change in ^/head, then reintroduce the changes after
the other changes get merged into ^/head .

Approved by:	emaste (mentor; implicit)
Requested by:	jhb
MFC after:	2 months
2019-04-20 16:37:28 +00:00
ngie
fbb8c980ef tests/sys/opencrypto: fix whitespace per PEP8
Replace hard tabs with four-character indentations, per PEP8.

This is being done to separate stylistic changes from the tests from functional
ones, as I accidentally introduced a bug to the tests when I used four-space
indentation locally.

No functional change.

MFC after:	2 months
Approved by:	emaste (mentor: implicit blanket approval for trivial fixes)
2019-04-20 15:43:28 +00:00
lwhsu
ce8f57c27a Specify using Python2, these .py files have not been converted to use Python3
yet, but the default Python version in ports has been switched to 3.

Sponsored by:	The FreeBSD Foundation
2019-04-20 07:32:29 +00:00
jhb
a5319511b5 Test SHA2-224-HMAC now that OCF supports it.
Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D19882
2019-04-19 22:20:42 +00:00
jhb
b535885d1e Sync cryptographic algorithm constants with current cryptodev.h.
Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D19881
2019-04-19 21:58:51 +00:00
kp
6141530607 pf tests: Fail the test if we can't set the rules
The test should fail if pf rules can't be set. This is helpful both
while writing tests and to verify that pfctl works as expected.

MFC after:	1 week
Event:		Aberdeen hackathon 2019
2019-04-18 10:54:08 +00:00
kp
ecd736d94d pf tests: Try to provoke the panic with invalid DIOCRSETTFLAGS
There was an issue with copyin() on DIOCRSETTFLAGS, which would panic if
pfrio_buffer was NULL.
Test for the issue fixed in r346319.

MFC after:	1 week
Event:		Aberdeen hackathon 2019
2019-04-17 16:45:35 +00:00
vmaffione
8cd15a0ead netmap: add test cases for multiple host rings
Extend the netmap unit tests with new test cases for the multiple-host-rings
feature introduced by r345269.

MFC after:	1 week
2019-04-13 12:50:47 +00:00
ngie
d80933ac53 Polish netmap(4) testcases a bit
1. Not all kernels have netmap(4) support. Check for netmap(4) support before
   attempting to run the tests via the `PLAIN_REQUIRE_KERNEL_MODULE(..)` macro.
2. Libraries shouldn't be added to LDFLAGS; they should be added to LIBADD
   instead. This allows the build system to evaluate dependencies for sanity.
3. Sort some of the Makefile variables per bsd.README.

1., in particular, will resolve failures when running this testcase on kernels
lacking netmap(4) support, e.g., the i386 GENERIC kernels on ^/stable/11 and
^/stable/12.

PR:		237129
Reviewed by:	vmaffione
Approved by:	emaste (mentor)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19864
2019-04-09 17:52:11 +00:00
ngie
463d02be4c Fix geli device cleanup
Final cleanup routines shouldn't be called from testcases; it should be called
from the testcase cleanup routine.

Furthermore, `geli_test_cleanup` should take care of cleaning up geli providers
and the memory disks used for the geli providers. `geli_test_cleanup` will always
be executed whereas the equivalent logic in `geli_test_body`, may not have been
executed if the test failed prior to the logic being run.

Prior to this change, the test case was trying to clean up `$md` twice: once in
at the end of the test case body function, and the other in the cleanup function.
The cleanup function logic was failing because there wasn't anything to clean up
in the cleanup function and the errors weren't being ignored.

This fixes FreeBSD test suite runs after r345864.

PR:		237128
Reviewed by:	asomers, pjd
Approved by:	emaste (mentor)
MFC with:	r345864
Differential Revision:	https://reviews.freebsd.org/D19854
2019-04-09 16:20:36 +00:00
markj
6e75ac3373 Set the p_oppid field of orphans when exiting.
Such processes will be reparented to the reaper when the current
parent is done with them (i.e., ptrace detached), so p_oppid must be
updated accordingly.

Add a regression test to exercise this code path.  Previously it
would not be possible to reap an orphan with a stale oppid.

Reviewed by:	kib, mjg
Tested by:	pho
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D19825
2019-04-07 14:26:14 +00:00
pjd
d234541bc6 Implement tests for online expansion:
- init, init -R
- onetime, onetime -R
- 512 and 4k sectors
- encryption only
- encryption and authentication
- configure -r/-R for detached providers
- configure -r/-R for attached providers
- all keys allocated (10, 20 and 30MB provider sizes)
- keys allocated on demand (10, 20 and 30PB provider sizes)
- reading and writing to provider after expansion (10-30MB only)
- checking if metadata in old location is cleared.

Obtained from:	Fudo Security
2019-04-04 00:05:36 +00:00
pjd
aeaac96387 Update configure tests after addition of the online expansion.
Obtained from:	Fudo Security
2019-04-03 23:58:58 +00:00
ngie
631df11d04 Integrate capsicum-test into the FreeBSD test suite
This change takes capsicum-test from upstream and applies some local changes to make the
tests work on FreeBSD when executed via Kyua.

The local modifications are as follows:
1. Make `OpenatTest.WithFlag` pass with the new dot-dot lookup behavior in FreeBSD 12.x+.
2. capsicum-test references a set of helper binaries: `mini-me`, `mini-me.noexec`, and
   `mini-me.setuid`, as part of the execve/fexecve tests, via execve, fexecve, and open.
   It achieves this upstream by assuming `mini-me*` is in the current directory, however,
   in order for Kyua to execute `capsicum-test`, it needs to provide a full path to
   `mini-me*`. In order to achieve this, I made `capsicum-test` cache the executable's
   path from argv[0] in main(..) and use the cached value to compute the path to
   `mini-me*` as part of the execve/fexecve testcases.
3. The capsicum-test test suite assumes that it's always being run on CAPABILITIES enabled
   kernels. However, there's a chance that the test will be run on a host without a
   CAPABILITIES enabled kernel, so we must check for the support before running the tests.
   The way to achieve this is to add the relevant `feature_present("security_capabilities")`
   check to SetupEnvironment::SetUp() and skip the tests when the support is not available.
   While here, add a check for `kern.trap_enotcap` being enabled. As noted by markj@ in
   https://github.com/google/capsicum-test/issues/23, this sysctl being enabled can trigger
   non-deterministic failures. Therefore, the tests should be skipped if this sysctl is
   enabled.

All local changes have been submitted to the capsicum-test project
(https://github.com/google/capsicum-test) and are in various stages of review.
Please see the following pull requests for more details:
1. https://github.com/google/capsicum-test/pull/35
2. https://github.com/google/capsicum-test/pull/41
3. https://github.com/google/capsicum-test/pull/42

Reviewed by:	asomers
Discussed with:	emaste, markj
Approved by:	emaste (mentor)
MFC after:	2 months
Differential Revision: https://reviews.freebsd.org/D19758
2019-04-01 21:24:50 +00:00