aboutsummaryrefslogtreecommitdiff
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* capsicum-test: Move out of contribEd Maste9 hours32-2/+8914
| | | | | | | | | | | | | | | | | | | | | | Google developed the Capsicum unit test suite[1] as part of the Capsicum-Linux[2] project, based on unit tests that existed in FreeBSD and unit tests developed as part of the initial Capsicum-Linux port. Capsicum-Linux was archived as of October 31, 2022 and is no longer being maintained. FreeBSD is currently the only consumer of and contributor to the test suite. Move the src into tests/sys/capsicum to simplify ongoing maintenance. The makefiles were deleted as we (continue to) use the existing bespoke FreeBSD Makefile, and CONTRIBUTING.md was removed as the Google CLA is no longer applicable. [1] https://github.com/google/capsicum-test [2] https://github.com/google/capsicum-linux Reviewed by: asomers, oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D54917
* tests/kern: make ssl_sendfile:truncate and ssl_sendfile:grow less flakyGleb Smirnoff33 hours1-2/+16
| | | | | | | | | First problem is a trivial race that the client thread doesn't see updated c.sbytes. Second problem applies only to the truncate test. On a machine with huge default buffer sizes, there is a chance that sendfile(2) will fill both buffers with amount of data that is larger than the size we plan to truncate. To minimise chances for this scenario, increase file size and truncate it less aggressively, also try to decrease buffer sizes.
* atf_python: Fix a typo in a type annotationMark Johnston39 hours1-1/+1
| | | | | | | | No functional change intended. MFC after: 1 week Sponsored by: Stormshield Sponsored by: Klara, Inc.
* pf: Pass v6 packets to the divert socketMark Johnston40 hours2-63/+188
| | | | | | | | | | | | | There is no particular limitation of divert sockets with respect to IPv6, and the pf.conf man page does not mention the restriction to IPv4. Extend the divert-to regression tests to exercise the v6 case. Reviewed by: igoro, kp, glebius MFC after: 3 weeks Sponsored by: OPNsense Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D54847
* pf tests: Set require.kmods in divert-to testsMark Johnston3 days1-23/+8
| | | | | | | | | | | Tests should declare their dependencies rather than testing for them at runtime. Reviewed by: igoro, kp, glebius MFC after: 2 weeks Sponsored by: OPNsense Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D54846
* Add tests for pdwaitAlan Somers3 days2-0/+296
| | | | | MFC With: 4d707825bf62ee73a32b615846eff9c4a9bda538 Sponsored by: ConnectWise
* Add tests for pdrforkAlan Somers3 days2-0/+188
| | | | | MFC With: 5c2ee618d5ec21f110c4da40e9f17833b2ab8b76 Sponsored by: ConnectWise
* procdesc: Add a test for pid recycling behaviorAlan Somers3 days2-0/+99
| | | | | MFC With: 09984871d8caff9263b955a94bb9fb5354af1b4c Sponsored by: ConnectWise
* Account for the ctl test needing the ctl(4) moduleEnji Cooper4 days1-0/+3
| | | | | | | | | This testcase does not function unless the /dev/ctl/... node exists, which is created by the ctl(4) module. Require the ctl(4) module to be loaded so the test can be executed. MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D54518
* fusefs: Add tests for the new -o auto_unmount featureAlan Somers5 days5-3/+108
| | | | | | | Add tests for mount_fusefs's new -o auto_unmount feature, recently added by arrowd. MFC with: 10037d0978f "fusefs: Implement support for the auto_unmount"
* tests/kern: add test for SSL_sendfile()Gleb Smirnoff5 days2-0/+516
|
* pfctl(8): change default limiter action from no-match to blockKristof Provost9 days1-3/+3
| | | | | | | | | | | | | | | | | pf(4) users who use limiters in current should update the rules accordingly to reflect the change in default behavior. The existing rule which reads as follows: pass in from any to any state limiter test needs to be changed to: pass in from any to any state limiter test (no-match) OK dlg@ Obtained from: OpenBSD, sashan <sashan@openbsd.org>, c600931321 Sponsored by: Rubicon Communications, LLC ("Netgate")
* pflog: tests: Fix rdr_action_head()Jose Luis Duran11 days1-1/+1
| | | | | | | Fix a typo in the rdr_action_head() test. Fixes: 685fb4253819 ("pf: Log the intended action when a NAT rule matches a packet") MFC after: 1 week
* tarfs: tests: Increase timeout (again 2)Jose Luis Duran12 days1-1/+1
| | | | | | | | | | Bump the timeout value (for the third time), to avoid cutoff on emulated architectures on ci.freebsd.org. One of the runners will take considerably more time to complete this test. Reported by: Jenkins Fixes: a551b0524953 ("tarfs: tests: Increase timeout (again)") MFC after: 3 days
* tests/ipfw: add a test for ipfw(4) log rules that write to bpf(4)Gleb Smirnoff12 days2-0/+96
|
* tests/ipfw: add a simple fuzzing test for ipfw tablesGleb Smirnoff12 days2-1/+98
| | | | | Reviewed by: pouria, ae Differential Revision: https://reviews.freebsd.org/D54579
* tests/if_ovpn: add missing cleanup to the multihome6 testGleb Smirnoff13 days1-0/+2
| | | | Fixes: 0bfcfb3cb1cbfa383cbd24eff39d39f143eb63ba
* if_ovpn: add interface countersKristof Provost14 days1-0/+25
| | | | | | | | | Count input/output packets and bytes on the interface as well, not just in openvpn-specific counters. PR: 292464 MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate")
* pf tests: test block/no-match limitersKristof Provost2026-01-141-0/+56
| | | | Sponsored by: Rubicon Communications, LLC ("Netgate")
* pf tests: extend the source limiter testKristof Provost2026-01-141-0/+14
| | | | | | Also enumerate and kill individual source addresses. Sponsored by: Rubicon Communications, LLC ("Netgate")
* pf tests: basic source limiters test caseKristof Provost2026-01-141-0/+58
| | | | Sponsored by: Rubicon Communications, LLC ("Netgate")
* pf tests: state limiter rate testKristof Provost2026-01-141-0/+56
| | | | Sponsored by: Rubicon Communications, LLC ("Netgate")
* pf tests: basic state limiters test caseKristof Provost2026-01-142-0/+82
| | | | Sponsored by: Rubicon Communications, LLC ("Netgate")
* tarfs: tests: Increase timeout (again)Jose Luis Duran2026-01-121-1/+1
| | | | | | | | | Bump the timeout value (a little more), to avoid cutoff on emulated architectures on ci.freebsd.org. Reported by: Jenkins Fixes: 47015e454661 ("tests: Increase timeout") MFC after: 3 days
* bpf/tests: Run tests in an execenv jailMark Johnston2026-01-121-0/+3
| | | | | | | Otherwise the tests cannot be run in parallel since they create identically named jails. Fixes: dd49816b0d66 ("bpf: avoid panic on multiple readers")
* in6: Modify address prefix lifetimes when updating address lifetimesMark Johnston2026-01-121-0/+76
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | When one uses SIOCAIFADDR_IN6 to add a v6 address, it's possible to set the preferred and valid lifetimes of the address. If the address already exists, this ioctl will recalculate and update the expiry times based on the provided timestamps. When adding a new address, the lifetimes are inherited by the prefix as well, but only if we create a new prefix. If the prefix already exists, as it will in the case where an address is being updated rather than being added, we do not touch the prefix lifetimes at all. This means that the original address lifetime still applies to the route associated with that prefix, so when the prefix expires, the route goes away. This behaviour doesn't make a lot of sense: if the admin updates an address lifetime, we should ensure that the prefix lifetime is updated too. Make that change, ensuring that we do not shorten the prefix lifetime, as the prefix might be shared among multiple interface addresses. Add a regression test. Co-authored by: Franco Fichtner <franco@opnsense.org> Reviewed by: pouria, zlei, ae MFC after: 2 weeks Sponsored by: OPNsense Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D54562
* fusefs: support FUSE_IOCTLCismonX2026-01-104-1/+228
| | | | | | | MFC After: 1 week Signed-off-by: CismonX <admin@cismon.net> Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1470
* Makefile*: remove powerpcspeMinsoo Choo2026-01-091-2/+1
| | | | | | | | | | | | As reported on the freebsd-announce mailing list[1] FreeBSD is continuing to retire 32-bit support. Remove powerpcspe from build infrastructure. [1] https://lists.freebsd.org/archives/freebsd-announce/2024-February/000117.html Signed-off-by: Minsoo Choo <minsoochoo0122@proton.me> Reviewed by: jhibbits, emaste Pull request: https://github.com/freebsd/freebsd-src/pull/1914
* tests: Increase timeoutJose Luis Duran2026-01-077-6/+7
| | | | | | | | | | Bump the timeout value, to avoid cutoff on emulated architectures on ci.freebsd.org. Reported by: Jenkins Reviewed by: ngie MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D54550
* pf: tests: Require python3Jose Luis Duran2026-01-071-0/+1
| | | | | | | Reported by: Jenkins Reviewed by: kp, ngie MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D54549
* pf tests: avoid cleanup failures on skipped testsKristof Provost2025-12-301-2/+2
| | | | | | | | | | If we skip the nat:binat_* tests (e.g. because pf.ko isn't loaded) the inetd_tester.pid file isn't created. We still run the cleanup function, which tries to use this file to clean up the test environment. This results in 'broken: Test case cleanup did not terminate successfully'. Avoid this by checking if the pid file exists before using it. Sponsored by: Rubicon Communications, LLC ("Netgate")
* exterr_test: loosen the error string patternKonstantin Belousov2025-12-291-1/+1
| | | | | | | | | | After addition of the prot and max_prot values, the old error substring no longer satisfy the check. Reviewed by: emaste, mckusick Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D54380
* tests/ci: Use :H:H rather than ../..Ed Maste2025-12-261-1/+1
| | | | | | | | | In general we want to strip subdir components, rather than appending `..`s. Reviewed by: lwhsu Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D54352
* fusefs: Fix further intermittency in the BadServer.ShortWrite test caseAlan Somers2025-12-221-1/+5
| | | | | | | | | | | | After being unmounted, the mockfs server would occasionally read from /dev/fuse again, if the main function didn't exit fast enough, getting an ENODEV error. Handle that appropriately. Reported by: Siva Mahadevan <me@svmhdvn.name> Fixes: d86025c1d49c84c4dc8c3635c83c078ad56e5a53 MFC after: 1 week Reviewed by: Siva Mahadevan <me@svmhdvn.name> Differential Revision: https://reviews.freebsd.org/D54331
* atf_python: support setting interface mtuKristof Provost2025-12-224-15/+9
| | | | | | | | | | | Teach the vnet support code to set interface MTU. Some tests make use of this, so have the framework handle it. Adapt a few pf tests to use this. Reviewed by: melifaro Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D54333
* inotify: Avoid resetting the cookieMark Johnston2025-12-221-0/+31
| | | | | | | | | | | | The IN_MOVED_FROM and _TO events only apply to names in a watched directory, never to a watched directory itself. So, the cookie value there is always zero, and in particular we should not reset the caller-provided cookie value, as it may be used later. Add a regression test. Reported by: arrowd MFC after: 1 week
* pf: Fix state handling when ICMP packets are divertedMark Johnston2025-12-221-2/+38
| | | | | | | | | | | | | | Commit 66f2f1c83247 ("pf: handle divert packets") missed a case that I happened to hit while testing something. Add a regression test for the ICMP case, based on the existing test. Fix a buglet in the existing test (missing whitespace after "["). Reviewed by: kp Sponsored by: OPNsense Sponsored by: Klara, Inc. MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D54321
* ifconfig: Fix the -L flag when using netlinkMark Johnston2025-12-192-1/+72
| | | | | | | | | | | | | | | | | | By default, when ifconfig shows a v6 address derived from a router-advertised prefix, it shows the initial preferred and valid lifetimes. When -L is specified, it is supposed to show the remaining lifetimes, but this was broken in the conversion to netlink. Fix that, and add a regression test which validates ifconfig output before and after a short-lived address expires. Reported by: Franco Fichtner <franco@opnsense.org> Reviewed by: melifaro, allanjude, Seyed Pouria Mousavizadeh Tehrani Fixes: 4c91a5dfe483 ("ifconfig: make interface and address listing use Netlink as transport") MFC after: 2 weeks Sponsored by: OPNsense Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D54294
* tests: Fix style in ra.pyMark Johnston2025-12-191-10/+12
| | | | | | No functional change intended. MFC after: 2 weeks
* libpfctl: fix tstats address countKristof Provost2025-12-181-0/+4
| | | | | | Reported by: Marcos Mendoza <mmendoza@netgate.com> See also: https://redmine.pfsense.org/issues/16588 Sponsored by: Rubicon Communications, LLC ("Netgate")
* unionfs: Support renaming symbolic linksDag-Erling Smørgrav2025-12-173-0/+174
| | | | | | | | | | | This adds support for renaming a symbolic link found on the lower fs, which necessitates copying it to the upper fs, as well as basic tests. MFC after: 1 week Sponsored by: Klara, Inc. Sponsored by: NetApp, Inc. Reviewed by: olce, siderop1_netapp.com, jah Differential Revision: https://reviews.freebsd.org/D54229
* tests/ci: Fix building in GithubMuhammad Moinur Rahman2025-12-171-4/+4
| | | | | | | | | | | | | When we are using Cirrus-CI and using a PR branch it creates a filename in the form "pull/XXXX" which becomes a path seperator and the file creation process fails. Fails to complete the process with the following: /bin/sh: cannot create /tmp/meta.hUNGUq/ci-FreeBSD-16.0-pull/1932-amd64-nullhash-GENERIC.env: No such file or directory For future also apply the same regex for OSRELEASE and VOLUME_LABEL.
* tests/ci: Collect environment informationMuhammad Moinur Rahman2025-12-172-23/+77
| | | | | | | | | | | | | | | | | | | For reproducing errors or test results it is important to gather environment information. These environments are divided into two parts. One part is in which environment the artifacts were built into and the second part is in which environment the tests were run. This patch collects thesee information and saves into a .env file in the metadir. After this patch lands we will also need to change our jenkins job where we are uploading the artifact to a central location. This environment file should also be stored along with the artifact. For easier location the image basename and the environment basename are kept same. Approved by: lwhsu MFC after: 3 days Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D54247
* Unskip test sys.netinet6.frag6.frag6_07.frag6_07Siva Mahadevan2025-12-161-3/+0
| | | | | | | | | This is now consistently passing with 100+ consecutive runs. Signed-off-by: Siva Mahadevan <me@svmhdvn.name> PR: 244170 MFC after: 3 days Sponsored by: The FreeBSD Foundation
* tests/if_lagg_test: unskip 'witness' testcaseSiva Mahadevan2025-12-161-3/+0
| | | | | | | | | This testcase passes consistently (in 100+ runs) now. Signed-off-by: Siva Mahadevan <me@svmhdvn.name> PR: 244163, 251726 MFC after: 3 days Sponsored by: The FreeBSD Foundation
* tests/fibs_test: unskip udp_dontroute6 testcaseSiva Mahadevan2025-12-161-3/+0
| | | | | | | | This test now consistently passes (300+ consecutive runs). Signed-off-by: Siva Mahadevan <me@svmhdvn.name> PR: 244172 Sponsored by: The FreeBSD Foundation
* pf: fix min-ttl and set-tos for nat64Kristof Provost2025-12-151-0/+69
| | | | | | | | | | | | | | | If we have both af-to and min-ttl or set-tos on a single rule we didn't apply the new ttl or tos. That's because the scrub code still applied the change, but we subsequently create a new header for the new address family. That's done based on the ttl/tos saved in the struct pf_pdesc, which are the values from the incoming packet, before the scrub modification(s). Also update the struct pf_pdesc values when we update packets. Reported by: Marek Zarychta Sponsored by: Rubicon Communications, LLC ("Netgate")
* pf: handle TTL expired during nat64Kristof Provost2025-12-111-0/+36
| | | | | | | | | | | | | | | | | If the TTL (or hop limit) expires during nat64 translation we may need to send the error message in the original address family (i.e. pre-translation). We'd usually handle this in pf_route()/pf_route6(), but at that point we have already translated the packet, making it difficult to include it in the generated ICMP message. Check for this case in pf_translate_af() and send icmp errors directly from it. PR: 291527 MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D54166
* tests/if_bridge: mark several tests as requring vlan(4) or gif(4)Gleb Smirnoff2025-12-051-0/+11
| | | | This makes them "skip" instead of "fail" if the module is not present.
* snmp_pf: use the libpfctl wrapper to retrieve astatsKristof Provost2025-12-051-0/+6
| | | | | | Extend the test case to verify this works as expected. Sponsored by: Rubicon Communications, LLC ("Netgate")
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-29 06:09:01 +0000