| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
There's been a problem where rules which differed only in address ranges
were considered duplicates and not added. Test for this.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
| |
This was unintended, sorry.
This reverts commit 20b99e3a147963c6ef715112bd38e349c7a5a459.
|
| | |
|
| |
|
|
| |
Sponsored by: Orange Business Services
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a timerfd interval callout misses its scheduled activation time, a
differential is calculated based on the actual activation time and the
scheduled activation time. This differential is divided by the timerfd's
interval time and the quotient is added to the timerfd's counter.
Before this change, the next callout was scheduled to activate at:
scheduled activation time + timerfd interval.
This change fixes the scheduling of the next callout to activate at:
actual activation time + timerfd interval - remainder.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D55790
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
| |
Take Jan Kokemuller's timerfd tests from the epoll-shim project,
stripping out code that isn't directly related to FreeBSD.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D55789
MFC after: 2 weeks
|
| |
|
|
| |
Fixes: c1481c9f4a425db7295332be87f837bfb7d127df
|
| |
|
|
|
|
| |
The test creates differently bound SOCK_RAW sockets and sends different
probe packets. There is expected results matrix that every probe is
checked against.
|
| |
|
|
|
|
|
| |
Fixes: 7e68af7ce2c1b892954df415774fe59fd2f1b62f
Reviewed by: asomers
Approved by: emaste (mentor)
Differential Revision: https://reviews.freebsd.org/D55846
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously most fields in fuse_vnode_data were protected by the vnode
lock. But because DEBUG_VFS_LOCKS was never enabled by default until
stable/15 the assertions were never checked, and many were wrong.
Others were missing. This led to panics in stable/15 and 16.0-CURRENT,
when a vnode was expected to be exclusively locked but wasn't, for fuse
file systems that mount with "-o async".
In some places it isn't possible to exclusively lock the vnode when
accessing these fields. So protect them with a new mutex instead. This
fixes panics and unprotected field accesses in VOP_READ,
VOP_COPY_FILE_RANGE, VOP_GETATTR, VOP_BMAP, and FUSE_NOTIFY_INVAL_ENTRY.
Add assertions everywhere the protected fields are accessed.
Lock the vnode exclusively when handling FUSE_NOTIFY_INVAL_INODE.
During fuse_vnode_setsize, if the vnode isn't already exclusively
locked, use the vn_delayed_setsize mechanism. This fixes panics during
VOP_READ or VOP_GETATTR.
Also, ensure that fuse_vnop_rename locks the "from" vnode.
Finally, reorder elements in struct fuse_vnode_data to reduce the
structure size.
Fixes: 283391
Reported by: kargl, markj, vishwin, Abdelkader Boudih, groenveld@acm.org
MFC after: 2 weeks
Sponsored by: ConnectWise
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D55230
|
| |
|
|
|
|
|
|
|
|
| |
The read of c.sbytes needs to be synchronized with mutex. The problem was
fixed for 'truncate' and 'grow' with 8a9508563542, but these two suffer
from the same problem. Provide require_sbytes(), a locked wrapper around
ATF_REQUIRE() to reduce copy and paste.
Submitted by: olivier
Differential Revision: https://reviews.freebsd.org/D55781
|
| |
|
|
| |
Provide sendme_locked_wait() for a common pattern. Not functional change.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When net.inet.carp.preempt=1 and a physical interface goes down, the global
V_carp_demotion counter is incremented. For CARP this was already reflected in
outgoing advertisements via DEMOTE_ADVSKEW(), but VRRP sent the raw
sc_vrrp_prio unchanged, so demotion had no effect.
Add DEMOTE_VRRP_PRIO(), a macro analogous to DEMOTE_ADVSKEW():
It subtracts V_carp_demotion from the configured priority and clamps the result
to [0, 254]. Priority 0 is VRRPv3's "resign" signal and causes backups to
preempt immediately. Priority 255 (IP address owner) is never demoted.
Reviewed by: kp
Approved by: kp
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D55558
|
| |
|
|
|
| |
With RSS the epair(4) may reorder packets making the test flaky. See
net/if_epair.c:epair_select_queue().
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Current radix-based implementation of lookup tables in ipfw does
not support non-contiguous prefixes while this type of lookup is
needed to write CPU-effective firewall configurations.
For some of the cases we can reach the goal using a masked table
lookup by adding masked (e.g. zero non-significant bits) records
into a table and then zero non-significant bits in lookup key
prior to making a table lookup.
Obtained from: Yandex LLC
MFC after: 3 weeks
Relnotes: yes
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D53694
|
| |
|
|
| |
Reported by: wosch
|
| |
|
|
|
|
|
|
| |
Avoid using `snl_add_msg_attr_ip` for now and directly use
`snl_add_msg_attr_ip4` to silence gcc warnings.
Fixes: e1e18cc12e68
Differential Revision: https://reviews.freebsd.org/D54443
|
| |
|
|
|
| |
Fixes: e1e18cc12e68
Differential Revision: https://reviews.freebsd.org/D54443
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were several problems:
o Using 'netstat -B' is not a reliable way to make sure that all tcpdumps
have attached to bpf(4). The problem is that tcpdump (via libpcap) does
several ioctl(2)s after the attach including two BIOCSETF. Each of them
flushes the input buffer. So we can see tcpdump attached in 'netstat -B'
and start sending packets and the packet will be captured by bpf(4)
before BIOCSETF and freed and tcpdump won't read anything. Instead of
using netstat(1), use ps(1) and make sure each tcpdump is blocked on the
"bpf" wait channel, which guarantees it is done with ioctl(2)s and is now
blocked in read(2).
o Using 'nc -w 0' sets timeout not only on the connect(2) (as documented)
but also on poll(2), which is not documented. There is a race in shell
that will make stdin not yet filled by 'echo foo' when nc(1) does
poll(2). With zero timeout, this poll(2) will immediately return and nc
will exit.
o The waiting loop had two errors: using wrong variable name as well as
invoking a subshell, that actually can't wait on the pid.
o The reading tcpdump was lacking '-q' option, that prevents any protocol
interpretations. Sometimes, when random port chosen by nc(1) would
match some well-known (to tcpdump) port, the output would differ from
the expected.
PR: 293241
|
| |
|
|
|
|
|
|
| |
Migrate to new if_clone KPI and implement netlink support
for gre(4). Also refactor some of the gre specific ioctls.
Reviewed by: glebius, zlei
Differential Revision: https://reviews.freebsd.org/D54443
|
| |
|
|
|
|
|
|
|
|
|
| |
The test sends RAs in order to test SLAAC handling in another host.
The router needs to also set net.inet6.ip6.forwarding=1, otherwise NAs
sent from it have the ROUTER flag clear, and upon receiving such an NA
the host will automatically delete routes learned from the router.
Fixes: feda329622bc ("netinet6 tests: Add a regression test for default router handling")
MFC after: 1 week
Sponsored by: Klara, Inc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Here we have two interface addresses sharing a v6 prefix with finite
lifetime. The intent was to make sure that adding the second address
didn't cause the prefix's valid lifetime to drop from 20s to 10s, but of
course, while the test is running it may drop from 20s to 19s, causing
the test to fail spuriously. Relax the check a bit to avoid this.
PR: 293152
Fixes: 74999aac5eff ("in6: Modify address prefix lifetimes when updating address lifetimes")
MFC after: 1 week
Sponsored by: Klara, Inc.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Now that this project is part of freebsd-src, it no longer needs to be
portable. Remove Linux-only tests, cross-os compatibility code, and
compatibility with older FreeBSD versions. Leave in place some
originally Linux-only tests that could now be ported to FreeBSD, like the
pipe2 tests.
Sponsored by: ConnectWise
Reviewed by: oshogbo
Differential Revision: https://reviews.freebsd.org/D54985
|
| |
|
|
|
|
| |
Explicitly mmap guard and use it as the invalid address instead.
MFC after: 1 week
|
| |
|
|
|
|
| |
Explicitly mmap guard and use it as the invalid address instead.
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
| |
Use pfrfork_thread(3) instead of pdrfork(RFSPAWN) to make tests working
on x86.
Tested by: pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D55306
|
| |
|
|
|
|
|
|
| |
Tested by: pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D55306
|
| |
|
|
|
|
|
|
|
|
|
| |
into pdrfork(2) call itself, and basic_usage_tail() that checks the
pdrfork(2) results.
Tested by: pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D55306
|
| |
|
|
|
|
|
|
| |
Reported and tested by: pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D55306
|
| |
|
|
|
|
|
|
|
|
| |
Explicitly mmap guard and use it as the invalid address instead.
Tested by: pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D55306
|
| |
|
|
|
|
|
|
| |
Tested by: pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D55306
|
| |
|
|
| |
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
|
|
| |
Reviewed by: zlei, ngie
MFC after: 1 week
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54972
|
| |
|
|
|
|
|
|
| |
Also check the IPv6 pass/block numbers.
PR: 291763
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In pf_match_rule() we attempt to append matching rules to the end of
'match_rules'. We want to preserve the order to make the multiple
pflog entries easier to understand. So we keep track of the last added
rule item in 'rt'. However, that assumed that 'match_rules' was only
ever added to in that one call to pf_match_rules(). This isn't always
the case, for example if we have match rules in different anchors.
In that case we'd end up using the uninitialised 'rt' variable in the
SLIST_INSERT_AFTER call.
Instead track the match rules and the last matching rule (to enable
easy appending) in the struct pf_test_ctx.
This also allows us to reduce the number of arguments for some
functions, because we passed a ctx to most functions that needed
'match_rules'.
While here also make pf_match_rules() static, because it's only ever
used in pf.c
Add a test case to exercise the relevant code path.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
| |
Fixes: 627e126dbb07b167b028380ef61bb45f10493938
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When kyua runs a test, it creates a temp directory and sets $HOME to
point to it. Tests are run with the cwd set to that temp directory.
When a process attaches to a jail, its cwd is set to the root of the
jail. Modify atf_python to cd to $HOME instead, so that it's easier for
tests to share files.
Reviewed by: zlei, ngie
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54971
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Skip this test if mqueuefs isn't loaded. Unfortunately, that will skip
the entire googletest test program, including test cases that don't
require mqueuefs. But the test's own skipping logic doesn't work, and
we don't yet have a googletest-compatible require_kmods() function.
MFC after: 2 weeks
Sponsored by: ConnectWise
Reviewed by: emaste, ngie
Differential Revision: https://reviews.freebsd.org/D54902
|
| |
|
|
| |
Fixes: 627e126dbb07b167b028380ef61bb45f10493938
|
| |
|
|
|
|
|
|
| |
No functional change intended.
MFC after: 1 week
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Google developed the Capsicum unit test suite[1] as part of the
Capsicum-Linux[2] project, based on unit tests that existed in FreeBSD
and unit tests developed as part of the initial Capsicum-Linux port.
Capsicum-Linux was archived as of October 31, 2022 and is no longer
being maintained. FreeBSD is currently the only consumer of and
contributor to the test suite. Move the src into tests/sys/capsicum to
simplify ongoing maintenance.
The makefiles were deleted as we (continue to) use the existing bespoke
FreeBSD Makefile, and CONTRIBUTING.md was removed as the Google CLA is
no longer applicable.
[1] https://github.com/google/capsicum-test
[2] https://github.com/google/capsicum-linux
Reviewed by: asomers, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54917
|
| |
|
|
|
|
|
|
|
| |
First problem is a trivial race that the client thread doesn't see updated
c.sbytes. Second problem applies only to the truncate test. On a machine
with huge default buffer sizes, there is a chance that sendfile(2) will
fill both buffers with amount of data that is larger than the size we plan
to truncate. To minimise chances for this scenario, increase file size
and truncate it less aggressively, also try to decrease buffer sizes.
|
| |
|
|
|
|
|
|
| |
No functional change intended.
MFC after: 1 week
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There is no particular limitation of divert sockets with respect to
IPv6, and the pf.conf man page does not mention the restriction to IPv4.
Extend the divert-to regression tests to exercise the v6 case.
Reviewed by: igoro, kp, glebius
MFC after: 3 weeks
Sponsored by: OPNsense
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54847
|
| |
|
|
|
|
|
|
|
|
|
| |
Tests should declare their dependencies rather than testing for them at
runtime.
Reviewed by: igoro, kp, glebius
MFC after: 2 weeks
Sponsored by: OPNsense
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54846
|
| |
|
|
|
| |
MFC With: 4d707825bf62ee73a32b615846eff9c4a9bda538
Sponsored by: ConnectWise
|
| |
|
|
|
| |
MFC With: 5c2ee618d5ec21f110c4da40e9f17833b2ab8b76
Sponsored by: ConnectWise
|
| |
|
|
|
| |
MFC With: 09984871d8caff9263b955a94bb9fb5354af1b4c
Sponsored by: ConnectWise
|
| |
|
|
|
|
|
|
|
| |
This testcase does not function unless the /dev/ctl/... node exists,
which is created by the ctl(4) module. Require the ctl(4) module to be
loaded so the test can be executed.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54518
|
