In my test suite runs I occasionally see shutdown(2) fail with
ECONNRESET rather than ENOTCONN. soshutdown(2) will return ENOTCONN if
the socket has been disconnected (synchronized by the socket lock), and
tcp_usr_shutdown() will return ECONNRESET if the inpcb has been dropped
(synchronized by the inpcb lock). I think it's possible to pass the
first check in soshutdown() but fail the second check in
tcp_usr_shutdown(), so modify the KTLS tests to permit this.
Reviewed by: jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42277
(cherry picked from commit b08a9b86f581edf09c5a2729d877a0204499685b)
Fixes: d8735eb7acc0 ("socket tests: Add a regression test for ktrace+recv(MSG_TRUNC)")
Reported by: Jenkins
(cherry picked from commit 4bd1e19684945aa1fd3397b58613f5210fda9091)
- Fix style.
- Move test case-specific code out of the shared function and into the
individual test cases.
- Remove unneeded setting of SO_REUSEPORT.
- Avoid unnecessary copying.
- Use ATF_REQUIRE* instead of ATF_CHECK*. The former cause test
execution to stop after a failed assertion, which is what we want.
- Add a test case for AF_LOCAL/SOCK_SEQPACKET sockets.
MFC after: 1 week
(cherry picked from commit b5e7dbac756afb49c58315c7081737b34a1d2dfd)
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
The TCP_TXTLS_ENABLE and TCP_RXTLS_ENABLE socket option handlers check
whether the socket is listening socket and fail if so, but this check is
racy. Since we have to lock the socket buffer later anyway, defer the
check to that point.
ktls_enable_tx() locks the send buffer's I/O lock, which will fail if
the socket is a listening socket, so no explicit checks are needed. In
ktls_enable_rx(), which does not acquire the I/O lock (see the review
for some discussion on this), use an explicit SOLISTENING() check after
locking the recv socket buffer.
Otherwise, a concurrent solisten_proto() call can trigger crashes and
memory leaks by wiping out socket buffers as ktls_enable_*() is
modifying them.
Also make sure that a KTLS-enabled socket can't be converted to a
listening socket, and use SOCK_(SEND|RECV)BUF_LOCK macros instead of the
old ones while here.
Add some simple regression tests involving listen(2).
Reported by: syzkaller
MFC after: 2 weeks
Reviewed by: gallatin, glebius, jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38504
In CURRENT for some time an overflowed unix/dgram socket would
return EAGAIN if it has O_NONBLOCK set. This proved to be
undesired. See 71e70c25c0 for details. Update tests to match
the "new" behavior, which actually is the historical behavior.
In e2650af157 was added "_S" macros for compatibility with glibc, but it's still
incompatible as under glibc the macros whose names end with "_S" operate on the
dynamically allocated CPU set(s) whose size is in bytes, not in bits.
While here remove limiting ifdef to non-kernel case.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D38110
MFC after: 1 week
For tests that send invalid data to a TLS socket to trigger read
errors the kernel may end up dropping the connection before close is
called at the conclusion of the test resulting in spurious ECONNRESET
errors from close. Ignore any errors from close for these tests.
PR: 268390
Reported by: olivier, Michal Gulbicki <michalx.gulbicki@intel.com>
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D37717
For some of the "bad size" tests, the remote end can notice the error
and drop the connection before the test program returns from write to
call shutdown. In that case, shutdown fails with ENOTCONN. Permit
these ENOTCONN errors without failing the test.
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D37693
- Make use of ATF_REQUIRE_INTEQ to log the values of integers for
unexpected mismatches.
- Use ATF_REQUIRE_MSG in a few more places to log values when a
requirement fails.
- Consistently use ATF_REQUIRE_ERRNO when checking for an expected
errno value.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D37691
These should all trigger errors when reading from the socket.
Tests include truncated records (socket closed early on the other
side), corrupted records (bits flipped in explicit IVs, ciphertext, or
MAC), invalid header fields, and various invalid record lengths.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D37373
The test was failing due to the assert on lack of MSG_TRUNC flag in the
output flags of recvmsg().
The code passed MSG_TRUNC, along with sufficient-size buffer to hold the
message to-be-received to the recvmsg(), and expected MSG_TRUNC to be
returned as well.
This is not exactly correct as a) MSG_TRUNC was not even a supported
recvmsg() flag before be1f485d7d and b) it violates POSIX, as
POSIX states it should be set only "If a message is too long to fit in
the supplied buffers,".
The test was working before as the kernel copied input flags to the
output flags. be1f485d7d changed that behaviour to clear MSG_TRUNC
if it was present on the input.
Fix the test by checking POSIX-defined behaviour.
Discussed with: glebius
Implement Linux-variant of MSG_TRUNC input flag used in recv(), recvfrom() and recvmsg().
Posix defines MSG_TRUNC as an output flag, indicating packet/datagram truncation.
Linux extended it a while (~15+ years) ago to act as input flag,
resulting in returning the full packet size regarless of the input
buffer size.
It's a (relatively) popular pattern to do recvmsg( MSG_PEEK | MSG_TRUNC) to get the
packet size, allocate the buffer and issue another call to fetch the packet.
In particular, it's popular in userland netlink code, which is the primary driving factor of this change.
This commit implements the MSG_TRUNC support for SOCK_DGRAM sockets (udp, unix and all soreceive_generic() users).
PR: kern/176322
Reviewed by: pauamma(doc)
Differential Revision: https://reviews.freebsd.org/D35909
MFC after: 1 month
It used to be mapped at the top of the UVA.
If the randomization is enabled any address above .data section will be
randomly chosen and a guard page will be inserted in the shared page
default location.
The shared page is now mapped in exec_map_stack, instead of
exec_new_vmspace. The latter function is called before image activator
has a chance to parse ASLR related flags.
The KERN_PROC_VM_LAYOUT sysctl was extended to provide shared page
address.
The feature is enabled by default for 64 bit applications on all
architectures.
It can be toggled kern.elf64.aslr.shared_page sysctl.
Approved by: mw(mentor)
Sponsored by: Stormshield
Obtained from: Semihalf
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D35349
Instead of returning EMSGSIZE pass the error code from fdallocn() directly
to userland. That would be EMFILE, which makes much more sense. This
error code is not listed in the specification[1], but the specification
doesn't cover such edge case at all. Meanwhile the specification lists
EMSGSIZE as the error code for invalid value of msg_iovlen, and FreeBSD
follows that, see sys_recmsg(). Differentiating these two cases will make
a developer/admin life much easier when debugging.
[1] https://pubs.opengroup.org/onlinepubs/9699919799/functions/recvmsg.html
Reviewed by: markj
Differential revision: https://reviews.freebsd.org/D35640
Most test pass identically on different kinds of sockets. However,
few edge cases work differently on stream and datagram sockets. We
want to exercise this and document.
Differential revision: https://reviews.freebsd.org/D35420
A one-to-many unix/dgram socket is a socket that has been bound
with bind(2) and can get multiple connections. A typical example
is /var/run/log bound by syslogd(8) and receiving multiple
connections from libc syslog(3) API. Until now all of these
connections shared the same receive socket buffer of the bound
socket. This made the socket vulnerable to overflow attack.
See 240d5a9b1c for a historical attempt to workaround the problem.
This commit creates a per-connection socket buffer for every single
connected socket and eliminates the problem. The new behavior will
optimize seldom writers over frequent writers. See added test case
scenarios and code comments for more detailed description of the
new behavior.
Reviewed by: markj
Differential revision: https://reviews.freebsd.org/D35303
If ktls.require_ifnet is set to true, then check the TLS offload mode
for tests sending and receiving records and skip the test if the
offload mode is not ifnet mode.
This can be used along with ktls.host to run KTLS tests against a NIC
supporting ifnet TLS and verify that expected cipher suites and
directions used ifnet TLS rather than software TLS. Receive tests may
result in a false positive as receive ifnet TLS can use software as a
fallback.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D35427
Previously ktls tests always executed over a local socket pair.
ktls.host can be set to a host to connect to with a single socket
instead. The remote end is expected to echo back any data received
(such as the echo service). The port can be set with ktls.port which
defaults to "echo".
This is primarily useful to permit testing NIC TLS offload use cases
where the traffic needs to transit the NIC.
Note that the variables must be set via
'kyua -v test_suites.FreeBSD.ktls.host=host'.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D35426
