diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/ci/Makefile | 1 | ||||
| -rw-r--r-- | tests/ci/tools/ci.conf | 72 | ||||
| -rwxr-xr-x | tests/ci/tools/freebsdci | 5 | ||||
| -rw-r--r-- | tests/sys/fs/fusefs/mockfs.cc | 2 | ||||
| -rw-r--r-- | tests/sys/kern/Makefile | 2 | ||||
| -rw-r--r-- | tests/sys/kern/copy_file_range.c | 231 | ||||
| -rw-r--r-- | tests/sys/net/Makefile | 1 | ||||
| -rwxr-xr-x | tests/sys/net/if_bridge_test.sh | 54 | ||||
| -rw-r--r-- | tests/sys/netpfil/pf/table.sh | 24 |
9 files changed, 368 insertions, 24 deletions
diff --git a/tests/ci/Makefile b/tests/ci/Makefile index 48e638fdb79c..bc45c6acdfb4 100644 --- a/tests/ci/Makefile +++ b/tests/ci/Makefile @@ -73,6 +73,7 @@ CIIMAGE= ci-${OSRELEASE}-${GITREV}-${KERNCONF}.${FORMAT} CIDISK?= ${.OBJDIR}/${CIIMAGE} VMSIZE?= 6g CITYPE?= full +KYUA_TEST_FILTERS?= META_TAR!=mktemp /tmp/meta.XXXXXX META_DIR!=mktemp -d /tmp/meta.XXXXXX META_DIROUT!=mktemp -d /tmp/meta.XXXXXX diff --git a/tests/ci/tools/ci.conf b/tests/ci/tools/ci.conf index a9998a3e5373..1d2921ab75f3 100644 --- a/tests/ci/tools/ci.conf +++ b/tests/ci/tools/ci.conf @@ -11,10 +11,32 @@ export VM_RC_LIST="auditd freebsdci" if [ "${CITYPE}" != "smoke" ]; then -export VM_EXTRA_PACKAGES="coreutils devel/py-pytest gdb jq ksh93 net/py-dpkt net/scapy nist-kat nmap perl5 python python3 sudo sysutils/porch tcptestsuite" +export VM_EXTRA_PACKAGES=" +archivers/gtar +devel/git +devel/gdb +devel/py-pytest +perl5 +lang/python +lang/python3 +net/isc-dhcp44-server +net/ndisc6 +net/py-dpkt +net/scapy +net/tcptestsuite +security/nist-kat +security/nmap +security/openvpn +security/sudo +shells/ksh93 +sysutils/coreutils +sysutils/porch +sysutils/sg3_utils +textproc/jq +" if [ "${TARGET}" = "amd64" ]; then - export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} linux-c7-ltp" + export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} devel/linux-ltp" fi fi @@ -39,22 +61,35 @@ test_suites.FreeBSD.disks = '/dev/vtbd2 /dev/vtbd3 /dev/vtbd4 /dev/vtbd5 /dev/vt EOF cat << EOF >> ${DESTDIR}/etc/rc.conf kld_list="" # Load modules needed by tests -kld_list="${kld_list} blake2" # sys/opencrypto -kld_list="${kld_list} cryptodev" # sys/opencrypto -kld_list="${kld_list} dummymbuf" # sys/netpfil -kld_list="${kld_list} fusefs" # sys/fs/fusefs -kld_list="${kld_list} ipsec" # sys/netipsec -kld_list="${kld_list} mac_portacl" # sys/mac/portacl -kld_list="${kld_list} mqueuefs" # sys/kern/mqueue_test -kld_list="${kld_list} pfsync" # sys/netpfil/pf (loads pf) -kld_list="${kld_list} pflog" # sys/netpfil/pf -kld_list="${kld_list} ipl" # sys/sbin/ipf (loads ipfilter) -kld_list="${kld_list} ipfw" # sys/netpfil/ipfw (loads ipfw) -kld_list="${kld_list} ipfw_nat" # sys/netpfil/ipfw (loads ipfw_nat) -kld_list="${kld_list} ipdivert" # sys/netinet (loads ipdivert) -kld_list="${kld_list} dummynet" # sys/netpfil/common -kld_list="${kld_list} carp" # sys/netinet/carp -kld_list="${kld_list} if_stf" # sys/net/if_stf +kld_list="\${kld_list} accf_data" # sys/kern/socket_accf +kld_list="\${kld_list} accf_dns" # sys/kern/socket_accf +kld_list="\${kld_list} accf_http" # sys/kern/socket_accf +kld_list="\${kld_list} accf_tls" # sys/kern/socket_accf +kld_list="\${kld_list} blake2" # sys/opencrypto +kld_list="\${kld_list} carp" # sys/netinet/carp +kld_list="\${kld_list} cryptodev" # sys/opencrypto +kld_list="\${kld_list} dummymbuf" # sys/netpfil +kld_list="\${kld_list} dummynet" # sys/netpfil/common +kld_list="\${kld_list} fusefs" # sys/fs/fusefs +kld_list="\${kld_list} if_bridge" # sys/net/if_bridge_test +kld_list="\${kld_list} if_enc" # sys/netpfil/pf +kld_list="\${kld_list} if_epair" # sys/net/if_epair_test +kld_list="\${kld_list} if_ovpn" # sys/net/if_ovpn +kld_list="\${kld_list} if_stf" # sys/net/if_stf +kld_list="\${kld_list} ipdivert" # sys/netinet (loads ipdivert) +kld_list="\${kld_list} ipfw" # sys/netpfil/ipfw (loads ipfw) +kld_list="\${kld_list} ipfw_nat" # sys/netpfil/ipfw (loads ipfw_nat) +kld_list="\${kld_list} ipl" # sys/sbin/ipf (loads ipfilter) +kld_list="\${kld_list} ipsec" # sys/netipsec +kld_list="\${kld_list} mac_portacl" # sys/mac/portacl +kld_list="\${kld_list} mqueuefs" # sys/kern/mqueue_test +kld_list="\${kld_list} pf" # sys/netpfil/pf +kld_list="\${kld_list} pflog" # sys/netpfil/pf +kld_list="\${kld_list} pflow" # sys/netpfil/pf +kld_list="\${kld_list} pfsync" # sys/netpfil/pf (loads pf) +kld_list="\${kld_list} sctp" # sys/netpfil/pf +kld_list="\${kld_list} tarfs" # sys/fs/tarfs +kld_list="\${kld_list} tcpmd5" # sys/netinet background_fsck="NO" sendmail_enable="NONE" cron_enable="NO" @@ -68,6 +103,7 @@ EOF elif [ "${CITYPE}" = "full" ]; then cat << EOF >> ${DESTDIR}/etc/rc.conf freebsdci_type="full" +freebsdci_test_filters="${KYUA_TEST_FILTERS}" EOF fi cat << EOF >> ${DESTDIR}/etc/sysctl.conf diff --git a/tests/ci/tools/freebsdci b/tests/ci/tools/freebsdci index 51bd19e2967d..42c565a45055 100755 --- a/tests/ci/tools/freebsdci +++ b/tests/ci/tools/freebsdci @@ -39,6 +39,7 @@ istar=$(file -s ${tardev} | grep "POSIX tar archive" | wc -l) load_rc_config $name : ${freebsdci_enable:="NO"} : ${freebsdci_type:="full"} +: ${freebsdci_test_filters:=""} PATH="${PATH}:/usr/local/sbin:/usr/local/bin" auto_shutdown() @@ -77,7 +78,9 @@ full_tests() tar xvf ${tardev} -C ${metadir} cd /usr/tests set +e - kyua -v parallelism=${parallelism} test + kyua \ + -v parallelism=${parallelism} \ + test ${freebsdci_test_filters} rc=$? set -e if [ ${rc} -ne 0 ] && [ ${rc} -ne 1 ]; then diff --git a/tests/sys/fs/fusefs/mockfs.cc b/tests/sys/fs/fusefs/mockfs.cc index 65cdc3919652..e8081dea9604 100644 --- a/tests/sys/fs/fusefs/mockfs.cc +++ b/tests/sys/fs/fusefs/mockfs.cc @@ -472,7 +472,7 @@ MockFS::MockFS(int max_read, int max_readahead, bool allow_other, sprintf(fdstr, "%d", m_fuse_fd); build_iovec(&iov, &iovlen, "fd", fdstr, -1); if (m_maxread > 0) { - char val[10]; + char val[12]; snprintf(val, sizeof(val), "%d", m_maxread); build_iovec(&iov, &iovlen, "max_read=", &val, -1); diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index 336e73f29835..9044b1e7e4f2 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -8,6 +8,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern ATF_TESTS_C+= basic_signal +ATF_TESTS_C+= copy_file_range .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" && \ ${MACHINE_ARCH} != "powerpcspe" # No support for atomic_load_64 on i386 or (32-bit) powerpc @@ -81,6 +82,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.copy_file_range+= md LIBADD.jail_lookup_root+= jail util CFLAGS.sys_getrandom+= -I${SRCTOP}/sys/contrib/zstd/lib LIBADD.sys_getrandom+= zstd diff --git a/tests/sys/kern/copy_file_range.c b/tests/sys/kern/copy_file_range.c new file mode 100644 index 000000000000..ca52eaf668e3 --- /dev/null +++ b/tests/sys/kern/copy_file_range.c @@ -0,0 +1,231 @@ +/* + * Copyright (c) 2025 Mark Johnston <markj@FreeBSD.org> + * + * SPDX-License-Identifier: BSD-2-Clause + */ + +#include <sys/mman.h> +#include <sys/stat.h> + +#include <errno.h> +#include <fcntl.h> +#include <limits.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + +#include <atf-c.h> +#include <sha256.h> + +/* + * Create a file with random data and size between 1B and 32MB. Return a file + * descriptor for the file. + */ +static int +genfile(void) +{ + char buf[256], file[NAME_MAX]; + size_t sz; + int fd; + + sz = (random() % (32 * 1024 * 1024ul)) + 1; + + snprintf(file, sizeof(file), "testfile.XXXXXX"); + fd = mkstemp(file); + ATF_REQUIRE(fd != -1); + + while (sz > 0) { + ssize_t n; + int error; + + error = getentropy(buf, sizeof(buf)); + ATF_REQUIRE(error == 0); + n = write(fd, buf, sizeof(buf) < sz ? sizeof(buf) : sz); + ATF_REQUIRE(n > 0); + + sz -= n; + } + + ATF_REQUIRE(lseek(fd, 0, SEEK_SET) == 0); + return (fd); +} + +/* + * Return true if the file data in the two file descriptors is the same, + * false otherwise. + */ +static bool +cmpfile(int fd1, int fd2) +{ + struct stat st1, st2; + void *addr1, *addr2; + size_t sz; + int res; + + ATF_REQUIRE(fstat(fd1, &st1) == 0); + ATF_REQUIRE(fstat(fd2, &st2) == 0); + if (st1.st_size != st2.st_size) + return (false); + + sz = st1.st_size; + addr1 = mmap(NULL, sz, PROT_READ, MAP_PRIVATE, fd1, 0); + ATF_REQUIRE(addr1 != MAP_FAILED); + addr2 = mmap(NULL, sz, PROT_READ, MAP_PRIVATE, fd2, 0); + ATF_REQUIRE(addr2 != MAP_FAILED); + + res = memcmp(addr1, addr2, sz); + + ATF_REQUIRE(munmap(addr1, sz) == 0); + ATF_REQUIRE(munmap(addr2, sz) == 0); + + return (res == 0); +} + +/* + * Exercise a few error paths in the copy_file_range() syscall. + */ +ATF_TC_WITHOUT_HEAD(copy_file_range_invalid); +ATF_TC_BODY(copy_file_range_invalid, tc) +{ + off_t off1, off2; + int fd1, fd2; + + fd1 = genfile(); + fd2 = genfile(); + + /* Can't copy a file to itself without explicit offsets. */ + ATF_REQUIRE_ERRNO(EINVAL, + copy_file_range(fd1, NULL, fd1, NULL, SSIZE_MAX, 0) == -1); + + /* When copying a file to itself, ranges cannot overlap. */ + off1 = off2 = 0; + ATF_REQUIRE_ERRNO(EINVAL, + copy_file_range(fd1, &off1, fd1, &off2, 1, 0) == -1); + + /* Negative offsets are not allowed. */ + off1 = -1; + off2 = 0; + ATF_REQUIRE_ERRNO(EINVAL, + copy_file_range(fd1, &off1, fd2, &off2, 42, 0) == -1); + ATF_REQUIRE_ERRNO(EINVAL, + copy_file_range(fd2, &off2, fd1, &off1, 42, 0) == -1); +} + +/* + * Make sure that copy_file_range() updates the file offsets passed to it. + */ +ATF_TC_WITHOUT_HEAD(copy_file_range_offset); +ATF_TC_BODY(copy_file_range_offset, tc) +{ + struct stat sb; + off_t off1, off2; + ssize_t n; + int fd1, fd2; + + off1 = off2 = 0; + + fd1 = genfile(); + fd2 = open("copy", O_RDWR | O_CREAT, 0644); + ATF_REQUIRE(fd2 != -1); + + ATF_REQUIRE(fstat(fd1, &sb) == 0); + + ATF_REQUIRE(lseek(fd1, 0, SEEK_CUR) == 0); + ATF_REQUIRE(lseek(fd2, 0, SEEK_CUR) == 0); + + do { + off_t ooff1, ooff2; + + ooff1 = off1; + ooff2 = off2; + n = copy_file_range(fd1, &off1, fd2, &off2, sb.st_size, 0); + ATF_REQUIRE(n >= 0); + ATF_REQUIRE_EQ(off1, ooff1 + n); + ATF_REQUIRE_EQ(off2, ooff2 + n); + } while (n != 0); + + /* Offsets should have been adjusted by copy_file_range(). */ + ATF_REQUIRE_EQ(off1, sb.st_size); + ATF_REQUIRE_EQ(off2, sb.st_size); + /* Seek offsets should have been left alone. */ + ATF_REQUIRE(lseek(fd1, 0, SEEK_CUR) == 0); + ATF_REQUIRE(lseek(fd2, 0, SEEK_CUR) == 0); + /* Make sure the file contents are the same. */ + ATF_REQUIRE_MSG(cmpfile(fd1, fd2), "file contents differ"); + + ATF_REQUIRE(close(fd1) == 0); + ATF_REQUIRE(close(fd2) == 0); +} + +/* + * Make sure that copying to a larger file doesn't cause it to be truncated. + */ +ATF_TC_WITHOUT_HEAD(copy_file_range_truncate); +ATF_TC_BODY(copy_file_range_truncate, tc) +{ + struct stat sb, sb1, sb2; + char digest1[65], digest2[65]; + off_t off; + ssize_t n; + int fd1, fd2; + + fd1 = genfile(); + fd2 = genfile(); + + ATF_REQUIRE(fstat(fd1, &sb1) == 0); + ATF_REQUIRE(fstat(fd2, &sb2) == 0); + + /* fd1 refers to the smaller file. */ + if (sb1.st_size > sb2.st_size) { + int tmp; + + tmp = fd1; + fd1 = fd2; + fd2 = tmp; + ATF_REQUIRE(fstat(fd1, &sb1) == 0); + ATF_REQUIRE(fstat(fd2, &sb2) == 0); + } + + /* + * Compute a hash of the bytes in the larger file which lie beyond the + * length of the smaller file. + */ + SHA256_FdChunk(fd2, digest1, sb1.st_size, sb2.st_size - sb1.st_size); + ATF_REQUIRE(lseek(fd2, 0, SEEK_SET) == 0); + + do { + n = copy_file_range(fd1, NULL, fd2, NULL, SSIZE_MAX, 0); + ATF_REQUIRE(n >= 0); + } while (n != 0); + + /* Validate file offsets after the copy. */ + off = lseek(fd1, 0, SEEK_CUR); + ATF_REQUIRE(off == sb1.st_size); + off = lseek(fd2, 0, SEEK_CUR); + ATF_REQUIRE(off == sb1.st_size); + + /* The larger file's size should remain the same. */ + ATF_REQUIRE(fstat(fd2, &sb) == 0); + ATF_REQUIRE(sb.st_size == sb2.st_size); + + /* The bytes beyond the end of the copy should be unchanged. */ + SHA256_FdChunk(fd2, digest2, sb1.st_size, sb2.st_size - sb1.st_size); + ATF_REQUIRE_MSG(strcmp(digest1, digest2) == 0, + "trailing file contents differ after copy_file_range()"); + + /* + * Verify that the copy actually replicated bytes from the smaller file. + */ + ATF_REQUIRE(ftruncate(fd2, sb1.st_size) == 0); + ATF_REQUIRE(cmpfile(fd1, fd2)); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, copy_file_range_invalid); + ATF_TP_ADD_TC(tp, copy_file_range_offset); + ATF_TP_ADD_TC(tp, copy_file_range_truncate); + + return (atf_no_error()); +} diff --git a/tests/sys/net/Makefile b/tests/sys/net/Makefile index bc8f9c5e9c80..65cc99a3e932 100644 --- a/tests/sys/net/Makefile +++ b/tests/sys/net/Makefile @@ -6,7 +6,6 @@ BINDIR= ${TESTSDIR} ATF_TESTS_C+= if_epair ATF_TESTS_SH+= if_epair_test ATF_TESTS_SH+= if_bridge_test -TEST_METADATA.if_bridge_test+= required_programs="python" TEST_METADATA.if_bridge_test+= execenv="jail" TEST_METADATA.if_bridge_test+= execenv_jail_params="vnet allow.raw_sockets" ATF_TESTS_SH+= if_clone_test diff --git a/tests/sys/net/if_bridge_test.sh b/tests/sys/net/if_bridge_test.sh index 906f586d2483..0c19903714b1 100755 --- a/tests/sys/net/if_bridge_test.sh +++ b/tests/sys/net/if_bridge_test.sh @@ -899,7 +899,7 @@ member_ifaddrs_vlan_cleanup() atf_test_case "vlan_pvid" "cleanup" vlan_pvid_head() { - atf_set descr 'bridge with two ports with pvid set' + atf_set descr 'bridge with two ports with pvid and vlanfilter set' atf_set require.user root } @@ -1327,6 +1327,56 @@ bridge_svi_in_bridge_cleanup() vnet_cleanup } +atf_test_case "vlan_untagged" "cleanup" +vlan_untagged_head() +{ + atf_set descr 'bridge with two ports with untagged set' + atf_set require.user root +} + +vlan_untagged_body() +{ + vnet_init + vnet_init_bridge + + epone=$(vnet_mkepair) + eptwo=$(vnet_mkepair) + + vnet_mkjail one ${epone}b + vnet_mkjail two ${eptwo}b + + jexec one ifconfig ${epone}b 192.0.2.1/24 up + jexec two ifconfig ${eptwo}b 192.0.2.2/24 up + + bridge=$(vnet_mkbridge) + + ifconfig ${bridge} up + ifconfig ${epone}a up + ifconfig ${eptwo}a up + ifconfig ${bridge} addm ${epone}a untagged 20 + ifconfig ${bridge} addm ${eptwo}a untagged 30 + + # With two ports on different VLANs, traffic should not be passed. + atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2 + atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1 + + # Move the second port to VLAN 20; now traffic should be passed. + atf_check -s exit:0 ifconfig ${bridge} ifuntagged ${eptwo}a 20 + atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2 + atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1 + + # Remove the first's port untagged config, now traffic should + # not pass again. + atf_check -s exit:0 ifconfig ${bridge} -ifuntagged ${epone}a + atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2 + atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1 +} + +vlan_untagged_cleanup() +{ + vnet_cleanup +} + atf_test_case "vlan_defuntagged" "cleanup" vlan_defuntagged_head() { @@ -1340,7 +1390,6 @@ vlan_defuntagged_body() vnet_init_bridge bridge=$(vnet_mkbridge) - atf_check -s exit:0 ifconfig ${bridge} vlanfilter # Invalid VLAN IDs atf_check -s exit:1 -ematch:"invalid vlan id: 0" \ @@ -1407,6 +1456,7 @@ atf_init_test_cases() atf_add_test_case "vlan_ifconfig_iftagged" atf_add_test_case "vlan_svi" atf_add_test_case "vlan_qinq" + atf_add_test_case "vlan_untagged" atf_add_test_case "vlan_defuntagged" atf_add_test_case "bridge_svi_in_bridge" } diff --git a/tests/sys/netpfil/pf/table.sh b/tests/sys/netpfil/pf/table.sh index c773518e95e4..65492545a13b 100644 --- a/tests/sys/netpfil/pf/table.sh +++ b/tests/sys/netpfil/pf/table.sh @@ -641,9 +641,31 @@ large_body() -e match:"${expected}/${expected} addresses added." \ jexec alcatraz pfctl -t foo -T add -f ${pwd}/foo.lst actual=$(jexec alcatraz pfctl -t foo -T show | wc -l | awk '{ print $1; }') - if [[ $actual -ne $expected ]]; then + if [ $actual -ne $expected ]; then atf_fail "Unexpected number of table entries $expected $acual" fi + + # The second pass should work too, but confirm we've inserted everything + atf_check -s exit:0 \ + -e match:"0/${expected} addresses added." \ + jexec alcatraz pfctl -t foo -T add -f ${pwd}/foo.lst + + echo '42.42.42.42' >> ${pwd}/foo.lst + expected=$((${expected} + 1)) + + # And we can also insert one additional address + atf_check -s exit:0 \ + -e match:"1/${expected} addresses added." \ + jexec alcatraz pfctl -t foo -T add -f ${pwd}/foo.lst + + # Try to delete one address + atf_check -s exit:0 \ + -e match:"1/1 addresses deleted." \ + jexec alcatraz pfctl -t foo -T delete 42.42.42.42 + # And again, for the same address + atf_check -s exit:0 \ + -e match:"0/1 addresses deleted." \ + jexec alcatraz pfctl -t foo -T delete 42.42.42.42 } large_cleanup() |