aboutsummaryrefslogtreecommitdiff
path: root/tests/sys
Commit message (Collapse)AuthorAgeFilesLines
...
* Enable timer tests in sys.kqueue.libkqueue.kqueue_test.main on i386Li-Wen Hsu2020-04-221-6/+1
| | | | | | | | | | They were fixed in r360140 PR: 245768 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=360192
* Remove extern from function declarations in common.hAlex Richardson2020-04-211-11/+11
| | | | | | | Suggested by: cem Notes: svn path=/head/; revision=360152
* Temporarily skip timer tests in sys.kqueue.libkqueue.kqueue_test.main on i386Li-Wen Hsu2020-04-201-2/+9
| | | | | | | | PR: 245768 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=360130
* Only skip sys.netinet.socket_afinet.socket_afinet_bind_zero in CI envLi-Wen Hsu2020-04-201-1/+2
| | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=360121
* Temporarily disable sys.netinet.divert.* on i386Li-Wen Hsu2020-04-201-0/+10
| | | | | | | | PR: 244703 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=360120
* tests: kqueue: fix some issues with now() on ILP32 platformsKyle Evans2020-04-201-10/+9
| | | | | | | | | | | | | | | | | | | There were ultimately two separate problems here: - a 32-bit long cannot represent microseconds since 1970 (noted by ian) - time_t is 32-bit on i386, so now() was wrong anyways even with the correct return type. For the first, just explicitly use a uint64_t for now() and all of the callers. For the second, we need to explicitly cast tv_sec to uint64_t before it gets multiplied in the SEC_TO_US macro. Casting this instance rather than generally in the macro was arbitrarily chosen simply because all other uses are converting small relative time values. The tests now pass on i386, at least; presumably other ILP32 will be fine now as well. Notes: svn path=/head/; revision=360108
* bridge tests: Ensure that bridges in different jails get different MAC addressesKristof Provost2020-04-191-0/+39
| | | | | | | | | | We used to have a problem where bridges created in different vnet jails would end up having the same mac address. This is now fixed by including the jail name as a seed for the mac address generation, but we should verify that it doesn't regress. Notes: svn path=/head/; revision=360099
* Fix various warnings in tests/sys/kqueue and bump WARNSAlex Richardson2020-04-189-70/+68
| | | | | | | | Reviewed By: kevans Differential Revision: https://reviews.freebsd.org/D24296 Notes: svn path=/head/; revision=360073
* Skip routing regression tests depending on if_epair if this module isn't ↵Olivier Cochard2020-04-173-30/+7
| | | | | | | | | | | installed. Approved by: melifaro Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D24468 Notes: svn path=/head/; revision=360045
* bridge tests: Test deleting a bridge with membersKristof Provost2020-04-171-0/+27
| | | | | | | | | Reviewed by: philip, emaste Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D24337 Notes: svn path=/head/; revision=360043
* tests: kqueue: use a more precise timer for the NOTE_ABSTIME testKyle Evans2020-04-171-8/+8
| | | | | | | | | | | | | | | | | Originally noticed while attempting to run the kqueue tests under qemu-user-static, this apparently just happens sometimes when running in a jail in general -- the timer will fire off "too early," but it's really just the result of imprecise measurements (noted by cem). Kicking this over to NOTE_USECONDS still tests the correct thing while allowing it to work more consistently; a basic sanity test reveals that we often end up coming in just less than 200 microseconds after the timer fired off. MFC after: 3 days Notes: svn path=/head/; revision=360033
* Add a regression test for the changes in r359922 and r359923.Jonathan T. Looney2020-04-163-0/+207
| | | | | | | | | | | Note that the Python code has been tested on both Python 2.7 and 3.7. Reviewed by: olivier MFC after: 2 weeks Sponsored by: Netflix, Inc. Notes: svn path=/head/; revision=360019
* tests: audit: mark closefrom test an expected fail for nowKyle Evans2020-04-141-0/+2
| | | | | | | | | | | closefrom has been converted to close_range internally; remediation is underway for this, marking it as an expected fail for now while proper course is determined. PR: 245625 Notes: svn path=/head/; revision=359944
* posixshm: fix counting of writable mappingsKyle Evans2020-04-141-5/+14
| | | | | | | | | | | | | | | | | | | Similar to mmap'ing vnodes, posixshm should count any mapping where maxprot contains VM_PROT_WRITE (i.e. fd opened r/w with no write-seal applied) as writable and thus blocking of any write-seal. The memfd tests have been amended to reflect the fixes here, which notably includes: 1. Fix for error return bug; EPERM is not a documented failure mode for mmap 2. Fix rejection of write-seal with active mappings that can be upgraded via mprotect(2). Reported by: markj Discussed with: markj, kib Notes: svn path=/head/; revision=359918
* close_range/closefrom: fix regression from close_range introductionKyle Evans2020-04-131-1/+17
| | | | | | | | | | | | | | | | close_range will clamp the range between [0, fdp->fd_lastfile], but failed to take into account that fdp->fd_lastfile can become -1 if all fds are closed. =-( In this scenario, just return because there's nothing further we can do at the moment. Add a test case for this, fork() and simply closefrom(0) twice in the child; on the second invocation, fdp->fd_lastfile == -1 and will trigger a panic before this change. X-MFC-With: r359836 Notes: svn path=/head/; revision=359891
* Implement a close_range(2) syscallKyle Evans2020-04-121-1/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | close_range(min, max, flags) allows for a range of descriptors to be closed. The Python folk have indicated that they would much prefer this interface to closefrom(2), as the case may be that they/someone have special fds dup'd to higher in the range and they can't necessarily closefrom(min) because they don't want to hit the upper range, but relocating them to lower isn't necessarily feasible. sys_closefrom has been rewritten to use kern_close_range() using ~0U to indicate closing to the end of the range. This was chosen rather than requiring callers of kern_close_range() to hold FILEDESC_SLOCK across the call to kern_close_range for simplicity. The flags argument of close_range(2) is currently unused, so any flags set is currently EINVAL. It was added to the interface in Linux so that future flags could be added for, e.g., "halt on first error" and things of this nature. This patch is based on a syscall of the same design that is expected to be merged into Linux. Reviewed by: kib, markj, vangyzen (all slightly earlier revisions) Differential Revision: https://reviews.freebsd.org/D21627 Notes: svn path=/head/; revision=359836
* carp tests: Basic functionality testKristof Provost2020-04-122-1/+153
| | | | | | | | | | | Set up three vnet jails, bridged together. Run carp between two of them. Attempt to provoke locking / epoch issues. Reviewed by: mav (previous version), melifaro, asomers Differential Revision: https://reviews.freebsd.org/D24303 Notes: svn path=/head/; revision=359828
* kqueue tests: fix -fno-common buildKyle Evans2020-04-067-7/+2
| | | | | | | | | | | | | | | vnode_fd and kqfd are both shared among multiple CU; define them exactly once. In the case of vnode_fd, it was simply the declaration that needed correction. -fno-common will become the default in GCC10/LLVM11. MFC after: 3 days Notes: svn path=/head/; revision=359675
* Add routing tests verifying basic RTM_CHANGE functionality.Alexander V. Chernikov2020-04-024-62/+350
| | | | | | | | MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D24239 Notes: svn path=/head/; revision=359579
* Switch rtsock tests to per-test jails and epair interfaces.Alexander V. Chernikov2020-03-297-23/+218
| | | | | | | | | | | | | | | Many rtsock tests verify the ordering of the kernel messages for the particular event. In order to avoid flaky tests due to the other tests running, switch all tests to use personal vnet-enabled jails. This removes all clashes on the IP addresses and brings back the ability to run these tests simultaneously. Reported by: olivier Reviewed by: olivier Differential Revision: https://reviews.freebsd.org/D24182 Notes: svn path=/head/; revision=359420
* Refactor driver and consumer interfaces for OCF (in-kernel crypto).John Baldwin2020-03-273-13/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - The linked list of cryptoini structures used in session initialization is replaced with a new flat structure: struct crypto_session_params. This session includes a new mode to define how the other fields should be interpreted. Available modes include: - COMPRESS (for compression/decompression) - CIPHER (for simply encryption/decryption) - DIGEST (computing and verifying digests) - AEAD (combined auth and encryption such as AES-GCM and AES-CCM) - ETA (combined auth and encryption using encrypt-then-authenticate) Additional modes could be added in the future (e.g. if we wanted to support TLS MtE for AES-CBC in the kernel we could add a new mode for that. TLS modes might also affect how AAD is interpreted, etc.) The flat structure also includes the key lengths and algorithms as before. However, code doesn't have to walk the linked list and switch on the algorithm to determine which key is the auth key vs encryption key. The 'csp_auth_*' fields are always used for auth keys and settings and 'csp_cipher_*' for cipher. (Compression algorithms are stored in csp_cipher_alg.) - Drivers no longer register a list of supported algorithms. This doesn't quite work when you factor in modes (e.g. a driver might support both AES-CBC and SHA2-256-HMAC separately but not combined for ETA). Instead, a new 'crypto_probesession' method has been added to the kobj interface for symmteric crypto drivers. This method returns a negative value on success (similar to how device_probe works) and the crypto framework uses this value to pick the "best" driver. There are three constants for hardware (e.g. ccr), accelerated software (e.g. aesni), and plain software (cryptosoft) that give preference in that order. One effect of this is that if you request only hardware when creating a new session, you will no longer get a session using accelerated software. Another effect is that the default setting to disallow software crypto via /dev/crypto now disables accelerated software. Once a driver is chosen, 'crypto_newsession' is invoked as before. - Crypto operations are now solely described by the flat 'cryptop' structure. The linked list of descriptors has been removed. A separate enum has been added to describe the type of data buffer in use instead of using CRYPTO_F_* flags to make it easier to add more types in the future if needed (e.g. wired userspace buffers for zero-copy). It will also make it easier to re-introduce separate input and output buffers (in-kernel TLS would benefit from this). Try to make the flags related to IV handling less insane: - CRYPTO_F_IV_SEPARATE means that the IV is stored in the 'crp_iv' member of the operation structure. If this flag is not set, the IV is stored in the data buffer at the 'crp_iv_start' offset. - CRYPTO_F_IV_GENERATE means that a random IV should be generated and stored into the data buffer. This cannot be used with CRYPTO_F_IV_SEPARATE. If a consumer wants to deal with explicit vs implicit IVs, etc. it can always generate the IV however it needs and store partial IVs in the buffer and the full IV/nonce in crp_iv and set CRYPTO_F_IV_SEPARATE. The layout of the buffer is now described via fields in cryptop. crp_aad_start and crp_aad_length define the boundaries of any AAD. Previously with GCM and CCM you defined an auth crd with this range, but for ETA your auth crd had to span both the AAD and plaintext (and they had to be adjacent). crp_payload_start and crp_payload_length define the boundaries of the plaintext/ciphertext. Modes that only do a single operation (COMPRESS, CIPHER, DIGEST) should only use this region and leave the AAD region empty. If a digest is present (or should be generated), it's starting location is marked by crp_digest_start. Instead of using the CRD_F_ENCRYPT flag to determine the direction of the operation, cryptop now includes an 'op' field defining the operation to perform. For digests I've added a new VERIFY digest mode which assumes a digest is present in the input and fails the request with EBADMSG if it doesn't match the internally-computed digest. GCM and CCM already assumed this, and the new AEAD mode requires this for decryption. The new ETA mode now also requires this for decryption, so IPsec and GELI no longer do their own authentication verification. Simple DIGEST operations can also do this, though there are no in-tree consumers. To eventually support some refcounting to close races, the session cookie is now passed to crypto_getop() and clients should no longer set crp_sesssion directly. - Assymteric crypto operation structures should be allocated via crypto_getkreq() and freed via crypto_freekreq(). This permits the crypto layer to track open asym requests and close races with a driver trying to unregister while asym requests are in flight. - crypto_copyback, crypto_copydata, crypto_apply, and crypto_contiguous_subsegment now accept the 'crp' object as the first parameter instead of individual members. This makes it easier to deal with different buffer types in the future as well as separate input and output buffers. It's also simpler for driver writers to use. - bus_dmamap_load_crp() loads a DMA mapping for a crypto buffer. This understands the various types of buffers so that drivers that use DMA do not have to be aware of different buffer types. - Helper routines now exist to build an auth context for HMAC IPAD and OPAD. This reduces some duplicated work among drivers. - Key buffers are now treated as const throughout the framework and in device drivers. However, session key buffers provided when a session is created are expected to remain alive for the duration of the session. - GCM and CCM sessions now only specify a cipher algorithm and a cipher key. The redundant auth information is not needed or used. - For cryptosoft, split up the code a bit such that the 'process' callback now invokes a function pointer in the session. This function pointer is set based on the mode (in effect) though it simplifies a few edge cases that would otherwise be in the switch in 'process'. It does split up GCM vs CCM which I think is more readable even if there is some duplication. - I changed /dev/crypto to support GMAC requests using CRYPTO_AES_NIST_GMAC as an auth algorithm and updated cryptocheck to work with it. - Combined cipher and auth sessions via /dev/crypto now always use ETA mode. The COP_F_CIPHER_FIRST flag is now a no-op that is ignored. This was actually documented as being true in crypto(4) before, but the code had not implemented this before I added the CIPHER_FIRST flag. - I have not yet updated /dev/crypto to be aware of explicit modes for sessions. I will probably do that at some point in the future as well as teach it about IV/nonce and tag lengths for AEAD so we can support all of the NIST KAT tests for GCM and CCM. - I've split up the exising crypto.9 manpage into several pages of which many are written from scratch. - I have converted all drivers and consumers in the tree and verified that they compile, but I have not tested all of them. I have tested the following drivers: - cryptosoft - aesni (AES only) - blake2 - ccr and the following consumers: - cryptodev - IPsec - ktls_ocf - GELI (lightly) I have not tested the following: - ccp - aesni with sha - hifn - kgssapi_krb5 - ubsec - padlock - safe - armv8_crypto (aarch64) - glxsb (i386) - sec (ppc) - cesa (armv7) - cryptocteon (mips64) - nlmsec (mips64) Discussed with: cem Relnotes: yes Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D23677 Notes: svn path=/head/; revision=359374
* so_reuseport_lb_test: correct setsockopt parameter sizeAlfredo Dal'Ava Junior2020-03-251-1/+1
| | | | | | | | | | | | | | | | | | | Change type of variable used in setsocketopt so correct size of option is passed. Test failure was identified when running the test on PowerPC64, and the following error message was seen: "bind () failed: Address already in use" Submitted by: Fernando Valle <fernando.valle@eldorado.org.br> Reviewed by: melifaro, adalava Approved by: jhibbits (mentor) Sponsored by: Eldorado Research Institute (eldorado.org.br) Differential Revision: https://reviews.freebsd.org/D24164 Notes: svn path=/head/; revision=359309
* Add tests verifying IPv4/IPv6 output for TCP/UDP/raw paths.Alexander V. Chernikov2020-03-237-2/+1375
| | | | | | | | | Reviewed by: kp MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D24138 Notes: svn path=/head/; revision=359235
* bridge tests: Basic span testKristof Provost2020-03-161-0/+55
| | | | | | | | | Reviewed by: philip, emaste (previous version) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D23961 Notes: svn path=/head/; revision=359010
* Skip sys.netpfil.pf.nat.exhaust on all platforms as it not only fails on amd64Li-Wen Hsu2020-03-131-2/+1
| | | | | | | | PR: 244703 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358961
* Temporarily skip sys.geom.class.gate.ggate_test.ggated in CILi-Wen Hsu2020-03-111-0/+4
| | | | | | | | PR: 244737 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358886
* fusefs: avoid cache corruption with buggy fuse serversAlan Somers2020-03-116-22/+244
| | | | | | | | | | | | | | | | | | | The FUSE protocol allows the client (kernel) to cache a file's size, if the server (userspace daemon) allows it. A well-behaved daemon obviously should not change a file's size while a client has it cached. But a buggy daemon might. If the kernel ever detects that that has happened, then it should invalidate the entire cache for that file. Previously, we would not only cache stale data, but in the case of a file extension while we had the size cached, we accidentally extended the cache with zeros. PR: 244178 Reported by: Ben RUBSON <ben.rubson@gmx.com> Reviewed by: cem MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D24012 Notes: svn path=/head/; revision=358867
* Add basic IPv4/IPv6 forwarding tests.Alexander V. Chernikov2020-03-106-2/+961
| | | | | | | | MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D24002 Notes: svn path=/head/; revision=358853
* Skip sys.netpfil.pf.nat.exhaust on amd64 in CI as it sometimes panics kernelLi-Wen Hsu2020-03-101-0/+5
| | | | | | | | PR: 244703 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358852
* bridge test: adding and removing static addressesKristof Provost2020-03-101-0/+57
| | | | | | | | | Reviewed by: philip Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D23960 Notes: svn path=/head/; revision=358830
* bridge test: spanning treeKristof Provost2020-03-101-0/+69
| | | | | | | | | | | | Basic test case where we create a bridge loop, verify that we really are looping and then enable spanning tree to resolve the loop. Reviewed by: philip Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D23959 Notes: svn path=/head/; revision=358829
* fusefs: fix fsync for files with multiple open handlesAlan Somers2020-03-091-4/+31
| | | | | | | | | | | | | | We were reusing a structure for multiple operations, but failing to reinitialize one member. The result is that a server that cares about FUSE file handle IDs would see one correct FUSE_FSYNC operation, and one with the FHID unset. PR: 244431 Reported by: Agata <chogata@gmail.com> MFC after: 2 weeks Notes: svn path=/head/; revision=358798
* [skip ci] fix typo in comment in the fusefs testsAlan Somers2020-03-091-1/+1
| | | | | | | MFC after: 2 weeks Notes: svn path=/head/; revision=358797
* Skip if_epair regression test if module doesn't existOlivier Cochard2020-03-032-3/+5
| | | | | | | | | Approved by: kp Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D23876 Notes: svn path=/head/; revision=358589
* Fix dynamic redrects by adding forgotten RTF_HOST flag.Alexander V. Chernikov2020-03-032-5/+4
| | | | | | | | | | Improve tests to verify the generated route flags. Reported by: jtl MFC after: 2 weeks Notes: svn path=/head/; revision=358585
* Skip the right test caseLi-Wen Hsu2020-02-261-3/+3
| | | | | | | | PR: 244172 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358335
* Revert r358309 after r358311.Li-Wen Hsu2020-02-261-4/+0
| | | | | | | | PR: 244393 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358324
* Temporarily skip failing test case sys.netpfil.pf.fragmentation.v6Li-Wen Hsu2020-02-251-0/+4
| | | | | | | | PR: 244393 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358309
* bridge tests: Remove unneeded 'All rights reserved.'Kristof Provost2020-02-191-1/+0
| | | | | | | | | | | The FreeBSD foundation no longer requires this, as per https://lists.freebsd.org/pipermail/svn-src-all/2019-February/177215.html and private communications. Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358124
* [skip ci] delete obsolete comment in fusefs testsAlan Somers2020-02-191-3/+0
| | | | | | | | | It should've been deleted by r349436 MFC after: 2 weeks Notes: svn path=/head/; revision=358089
* Temporarily skip flakey test case sys.netinet.fibs_test.udp_dontroute6 in CILi-Wen Hsu2020-02-161-0/+3
| | | | | | | | PR: 244172 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358006
* Temporarily skip flakey test case sys.netinet6.frag6.frag6_07.frag6_07 in CILi-Wen Hsu2020-02-161-0/+3
| | | | | | | | PR: 244170 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358005
* Temporarily skip sys.net.if_lagg_test.lacp_linkstate_destroy_stress on i386 CILi-Wen Hsu2020-02-161-0/+5
| | | | | | | | | | It panics kernel PR: 244168 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=358003
* bridge: Basic test caseKristof Provost2020-02-163-2/+84
| | | | | | | | | | | | Very basic bridge test: Set up two jails and test that they can pass IPv4 traffic over the bridge. Reviewed by: melifaro, philip Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D23697 Notes: svn path=/head/; revision=357998
* Temporarily skip failing sys.net.if_lagg_test.witness on i386 CILi-Wen Hsu2020-02-161-0/+4
| | | | | | | | PR: 244163 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=357997
* Remove trailing whitespaceLi-Wen Hsu2020-02-164-8/+8
| | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=357996
* Remove trailing whitespaceLi-Wen Hsu2020-02-161-4/+4
| | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=357995
* Add basic IPDIVERT tests.Alexander V. Chernikov2020-02-146-2/+340
| | | | | | | | Reviewed by: lwhsu,kp Differential Revision: https://reviews.freebsd.org/D23316 Notes: svn path=/head/; revision=357905
* Properly fix GCC build in r357867Li-Wen Hsu2020-02-141-1/+1
| | | | | | | | Submitted by: kib Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=357904
* Fix GCC build.Li-Wen Hsu2020-02-131-1/+1
| | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=357867
generated by cgit v1.3 (git 2.53.0) at 2026-05-28 00:38:29 +0000