On FreeBSD/arm fill_fpregs, fill_dbregs are stubs that zero the reg
struct and return success. set_fpregs and set_dbregs do nothing and
return success.
Provide the same implementation for arm64 COMPAT_FREEBSD32.
Reviewed by: andrew
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29314
Mark Johnston [Sun, 21 Mar 2021 18:18:10 +0000 (14:18 -0400)]
rtsold: Fix validation of RDNSS options
The header specifies the size of the option in multiples of eight bytes.
The option consists of an eight-byte header followed by one or more IPv6
addresses, so the option is invalid if the size is not equal to 1+2n for
some n>0. Check this.
The bug can cause random stack data to be formatted as an IPv6 address
and passed to resolvconf(8), but a host able to trigger the bug may also
specify arbitrary addresses this way.
Reported by: Q C <cq674350529@gmail.com>
Sponsored by: The FreeBSD Foundation
wpa: import fix for P2P provision discovery processing vulnerability
Latest version available from: https://w1.fi/security/2021-1/
Vulnerability
A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.
Vulnerable versions/configurations
wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled
An attacker (or a system controlled by the attacker) needs to be within
radio range of the vulnerable system to send a set of suitably
constructed management frames that trigger the corner case to be reached
in the management of the P2P peer table.
Alexander Motin [Wed, 17 Mar 2021 14:30:40 +0000 (10:30 -0400)]
nvme: Replace potentially long DELAY() with pause().
In some cases like broken hardware nvme(4) may wait minutes for
controller response before timeout. Doing so in a tight spin loop
made whole system unresponsive.
- Call vm_object_reference() before vm_map_lookup_done().
- Use vm_mmap_to_errno() to convert vm_map_* return values to errno.
- Fix memory leak of e->obj.
Nathan Whitehorn [Tue, 23 Mar 2021 13:19:42 +0000 (09:19 -0400)]
Fix scripted installs on EFI systems after default mounting of the ESP.
Because the ESP mount point (/boot/efi) is in mtree, tar will attempt to
extract a directory at that point post-mount when the system is installed.
Normally, this is fine, since tar can happily set whatever properties it
wants. For FAT32 file systems, however, like the ESP, tar will attempt to
set mtime on the root directory, which FAT does not support, and tar will
interpret this as a fatal error, breaking the install (see
https://github.com/libarchive/libarchive/issues/1516). This issue would
also break scripted installs on bare-metal POWER8, POWER9, and PS3
systems, as well as some ARM systems.
This patch solves the problem in two ways:
- If stdout is a TTY, use the distextract stage instead of tar, as in
interactive installs. distextract solves this problem internally and
provides a nicer UI to boot, but requires a TTY.
- If stdout is not a TTY, use tar but, as a stopgap for 13.0, exclude
boot/efi from tarball extraction and then add it by hand. This is a
hack, and better solutions (as in the libarchive ticket above) will
obsolete it, but it solves the most common case, leaving only
unattended TTY-less installs on a few tier-2 platforms broken.
In addition, fix a bug with fstab generation uncovered once the tar issue
is fixed that umount(8) can depend on the ordering of lines in fstab in a
way that mount(8) does not. The partition editor now writes out fstab in
mount order, making sure umount (run at the end of scripted, but not
interactive, installs) succeeds.
PR: 254395
Approved by: re (gjb)
Reviewed by: gjb, imp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D29380
Kristof Provost [Thu, 11 Mar 2021 10:37:05 +0000 (11:37 +0100)]
pf: pool/kpool conversion code
stuct pf_pool and struct pf_kpool are different. We should not simply
bcopy() them.
Happily it turns out that their differences were all pointers, and the
userspace provided pointers were overwritten by the kernel, so this did
actually work correctly, but we should fix it anyway.
MFC 6eb60f5b7f7d:
Use the word "LinuxKPI" instead of "Linux compatibility", to not confuse with
user-space Linux compatibility support. No functional change.
John Baldwin [Thu, 11 Feb 2021 21:51:20 +0000 (13:51 -0800)]
iscsi: Mark iSCSI CAM sims as non-pollable.
Previously, iscsi_poll() just panicked. This meant if you got a panic
on a box when using the iSCSI initiator, the attempt to shutdown would
trigger a nested panic and never write out a core. Now, CCB's sent to
iSCSI devices (such as the sychronize-cache request in dashutdown())
just fail with a timeout during a panic shutdown.
John Baldwin [Thu, 11 Feb 2021 21:51:01 +0000 (13:51 -0800)]
cam: Don't permit crashdumps on non-pollable devices.
If a disk's SIM doesn't support polling, then it can't be used to
store crashdumps. Leave d_dump NULL in that case so that dumpon(8)
fails gracefully rather than having dumps fail at crash time.
John Baldwin [Thu, 11 Feb 2021 21:49:43 +0000 (13:49 -0800)]
cam: Permit non-pollable sims.
Some CAM sim drivers do not support polling (notably iscsi(4)).
Rather than using a no-op poll routine that always times out requests,
permit a SIM to set a NULL poll callback. cam_periph_runccb() will
fail polled requests non-pollable sims immediately as if they had
timed out.
Mitchell Horne [Mon, 15 Mar 2021 13:46:03 +0000 (10:46 -0300)]
armv8crypto: note derivation in armv8_crypto_wrap.c
This file inherits some boilerplate and structure from the analogous
file in aesni(4), aesni_wrap.c. Note the derivation and the copyright
holders of that file.
For example, the AES-XTS bits added in 4979620ece984 were ported from
aesni(4).
Mark Johnston [Mon, 8 Mar 2021 17:39:06 +0000 (12:39 -0500)]
iflib: Make if_shared_ctx_t a pointer to const
This structure is shared among multiple instances of a driver, so we
should ensure that it doesn't somehow get treated as if there's a
separate instance per interface. This is especially important for
software-only drivers like wg.
DEVICE_REGISTER() still returns a void * and so the per-driver sctx
structures are not yet defined with the const qualifier.
Reviewed by: gallatin, erj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29102
Leandro Lupori [Tue, 9 Mar 2021 15:11:58 +0000 (12:11 -0300)]
ofwfb: fix boot on LE
Some framebuffer properties obtained from the device tree were not being
properly converted to host endian.
Replace OF_getprop calls by OF_getencprop where needed to fix this.
This fixes boot on PowerPC64 LE, when using ofwfb as the system console.
Reviewed by: bdragon
Sponsored by: Eldorado Research Institute (eldorado.org.br)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27475
Mike Karels [Thu, 18 Mar 2021 00:19:24 +0000 (19:19 -0500)]
genet: Fix problem with forwarding some TCP/IPv6 packets
TCP/IPv6 packets to be forwarded can be laid out with only the Ethernet
header in the first mbuf, and these packets are lost. There was a
previous hack to pullup ICMPv6 packets with such a layout for the
same reason. Generalize, and pullup any IPv6 packets with only the
Ethernet header in the first mbuf. Possibly this should also include
IPv4, but that situation has not been observed to fail.
PR: 254060
Reported by: denis at h3q.com
MFC after: 3 days
Alan Somers [Sat, 27 Feb 2021 15:59:40 +0000 (08:59 -0700)]
Speed up geom_stats_resync in the presence of many devices
The old code had a O(n) loop, where n is the size of /dev/devstat.
Multiply that by another O(n) loop in devstat_mmap for a total of
O(n^2).
This change adds DIOCGMEDIASIZE support to /dev/devstat so userland can
quickly determine the right amount of memory to map, eliminating the
O(n) loop in userland.
This change decreases the time to run "gstat -bI0.001" with 16,384 md
devices from 29.7s to 4.2s.
Also, fix a memory leak first reported as PR 203097.
Gordon Bergling [Sat, 13 Mar 2021 18:28:26 +0000 (19:28 +0100)]
find(1): Refine the HISTORY within the manual page.
A simple find command appeared in Version 1 AT&T UNIX and was removed in
Version 3 AT&T UNIX. It was rewritten for Version 5 AT&T UNIX and later
be enhanced for the Programmer's Workbench (PWB). These changes were
later incorporated in AT&T UNIX v7.
Kristof Provost [Wed, 10 Mar 2021 21:56:11 +0000 (22:56 +0100)]
pf: Fully remove interrupt events on vnet cleanup
swi_remove() removes the software interrupt handler but does not remove
the associated interrupt event.
This is visible when creating and remove a vnet jail in `procstat -t
12`.
We can remove it manually with intr_event_destroy().
Kristof Provost [Wed, 10 Mar 2021 14:11:59 +0000 (15:11 +0100)]
uma: allow uma_zfree_pcu(..., NULL)
We already allow free(NULL) and uma_zfree(..., NULL). Make
uma_zfree_pcpu(..., NULL) work as well.
This also means that counter_u64_free(NULL) will work.
Kristof Provost [Wed, 3 Mar 2021 10:06:49 +0000 (11:06 +0100)]
altq: Increase maximum number of CBQ and HFSC classes
In some configurations we need more classes than ALTQ supports by
default. Increase the maximum number of classes we allow.
This will only cost us a comparatively trivial amount of memory, so
there's little reason not to do so.
If ever we find we want even more we may want to consider turning these
defines into a tunable, but for now do the easy thing.
shu [Wed, 3 Feb 2021 16:51:45 +0000 (16:51 +0000)]
linux: make timerfd_settime(2) set expirations count to zero
On Linux, read(2) from a timerfd file descriptor returns an unsigned
8-byte integer (uint64_t) containing the number of expirations
that have occurred, if the timer has already expired one or more
times since its settings were last modified using timerfd_settime(),
or since the last successful read(2). That's to say, once we do
a read or call timerfd_settime(), timer fd's expiration count should
be zero. Some Linux applications create timerfd and add it to epoll
with LT mode, when event comes, they do timerfd_settime instead
of read to stop event source from trigger. On FreeBSD,
timerfd_settime(2) didn't set the count to zero, which caused high
CPU utilization.
Mariusz Zaborski [Sat, 13 Mar 2021 11:56:17 +0000 (12:56 +0100)]
zfs: bring back possibility to rewind the checkpoint from
Add parsing of the rewind options.
When I was upstreaming the change [1], I omitted the part where we
detect that the pool should be rewind. When the FreeBSD repo has
synced with the OpenZFS, this part of the code was removed.
Michael Tuexen [Thu, 18 Mar 2021 20:25:47 +0000 (21:25 +0100)]
vtnet: fix TSO for TCP/IPv6
The decision whether a TCP packet is sent over IPv4 or IPv6 was
based on ethertype, which works correctly. In D27926 the criteria
was changed to checking if the CSUM_IP_TSO flag is set in the
csum-flags and then considering it to be TCP/IPv4.
However, the TCP stack sets the flag to CSUM_TSO for IPv4 and IPv6,
where CSUM_TSO is defined as CSUM_IP_TSO|CSUM_IP6_TSO.
Therefore TCP/IPv6 packets gets mis-classified as TCP/IPv4,
which breaks TSO for TCP/IPv6.
This patch bases the check again on the ethertype.
This fix is instantly MFCed.
netmap: fix memory leak in NETMAP_REQ_PORT_INFO_GET
The netmap_ioctl() function has a reference counting bug in case of
NETMAP_REQ_PORT_INFO_GET command. When `hdr->nr_name[0] == '\0'`,
the function does not decrease the refcount of "nmd", which is
increased by netmap_mem_find(), causing a refcount leak.
Reported by: Xiyu Yang <sherllyyang00@gmail.com>
Submitted by: Carl Smith <carl.smith@alliedtelesis.co.nz>
MFC after: 3 days
PR: 254311
Mateusz Guzik [Wed, 17 Mar 2021 21:33:47 +0000 (22:33 +0100)]
vfs: fix vnlru marker handling for filtered/unfiltered cases
The global list has a marker with an invariant that free vnodes are
placed somewhere past that. A caller which performs filtering (like ZFS)
can move said marker all the way to the end, across free vnodes which
don't match. Then a caller which does not perform filtering will fail to
find them. This makes vn_alloc_hard sleep for 1 second instead of
reclaiming, resulting in significant stalls.
Fix the problem by requiring an explicit marker by callers which do
filtering.
As a temporary measure extend vnlru_free to restart if it fails to
reclaim anything.
Big thanks go to the reporter for testing several iterations of the
patch.
Scott Long [Thu, 18 Mar 2021 07:07:56 +0000 (07:07 +0000)]
base: remove if_wg(4) and associated utilities, manpage
After length decisions, we've decided that the if_wg(4) driver and
related work is not yet ready to live in the tree. This driver has
larger security implications than many, and thus will be held to
more scrutiny than other drivers.
Ryan Moeller [Sun, 28 Feb 2021 10:30:09 +0000 (10:30 +0000)]
sbin/ifconfig: Use a global libifconfig handle
This should eventually replace the socket passed to the various
handlers. In the meantime, making it global avoids repeatedly opening
and closing handles.
Alex Richardson [Fri, 12 Mar 2021 17:12:10 +0000 (17:12 +0000)]
capsicum-test: Update for O_BENEATH removal
Update the tests to check O_RESOLVE_BENEATH instead.
If this looks reasonable, I'll try to upstream this change.
This keeps a compat fallback for O_BENEATH since the Linux port still
has/had O_BENEATH with "no .., no absolute paths" semantics.
Test Plan: `/usr/tests/sys/capsicum/capsicum-test -u 977` passes and
runs the O_RESOLVE_BENEATH tests.
Reviewed By: markj
Differential Revision: https://reviews.freebsd.org/D29016
The argument has to be a single whitespace-separate value. While touching
all these lines also add ksh93, since `atf_set "require.progs"` overrides
the default value specified in the Kyuafile. This then results in tests
being executed despite ksh93 not being installed.
Alex Richardson [Wed, 3 Mar 2021 13:53:30 +0000 (13:53 +0000)]
Fix capsicum-test build with GCC
Apparently GCC defines NULL to 0 in C++11 mode (instead of nullptr), so
this causes the following error:
```
In file included from capsicum-test.h:15,
from capsicum-test.cc:1:
gtest-1.10.0/include/gtest/gtest.h: In instantiation of 'testing::AssertionResult testing::internal::CmpHelperNE(const char*, const char*, const T1&, const T2&) [with T1 = long int; T2 = procstat*]':
capsicum-test.cc:75:3: required from here
gtest-1.10.0/include/gtest/gtest.h:1621:28: error: ISO C++ forbids comparison between pointer and integer [-fpermissive]
1609 | if (val1 op val2) {\
| ~~~~~~~~~~~~
......
1621 | GTEST_IMPL_CMP_HELPER_(NE, !=);
gtest-1.10.0/include/gtest/gtest.h:1609:12: note: in definition of macro 'GTEST_IMPL_CMP_HELPER_'
1609 | if (val1 op val2) {\
| ^~
```
Fix this by using nullptr directly.
Submitted upstream as https://github.com/google/capsicum-test/pull/56
Alex Richardson [Tue, 2 Mar 2021 18:27:34 +0000 (18:27 +0000)]
Simplify the capsicum-test wrapper script
Instead of running tests one-by-one with the shell wrapper we now run
the full gtest testsuite twice (once as root, once as non root). This
significantly speeds up running tests despite running them twice.
This change also passes the missing -u flag to capsicum-test that caused
test failures (https://bugs.freebsd.org/250178)
Previously, running the testsuite with the wrapper script took ~3s per
test on aarch64 QEMU, i.e. a total of almost 5 minutes.
Now it takes 6 seconds to run all tests twice.
Before:
root@freebsd-aarch64:/usr/tests/sys/capsicum # /usr/bin/time kyua test functional
94/96 passed (2 failed)
309.97 real 58.46 user 244.31 sys
After:
root@freebsd-aarch64:/usr/tests/sys/capsicum # /usr/bin/time kyua test functional
functional:test_root -> passed [2.659s]
functional:test_unprivileged -> passed [2.391s]
2/2 passed (0 failed)
5.48 real 1.06 user 2.52 sys
This overhead is caused by kyua + atf-sh spawning lots of additional
processes and can be avoided by just running the googletest test binary.
syscall seconds calls errors
fork 39.810229456 1275 0
sigprocmask 13.546928736 572 0
i.e. 1275 processes spawned to run a single test.
Test Plan: All tests pass with D28907.
PR: 250178
Reviewed By: lwhsu
Differential Revision: https://reviews.freebsd.org/D29014
This includes various fixes that I submitted recently such as updating the
pdkill() tests for the actual implemented behaviour
(https://github.com/google/capsicum-test/pull/53) and lots of changes to
avoid calling sleep() and replacing it with reliable synchronization
(pull requests 49,51,52,53,54). This should make the testsuite more reliable
when running on Jenkins. Additionally, process status is now retrieved using
libprocstat instead of running `ps` and parsing the output
(https://github.com/google/capsicum-test/pull/50). This fixes one previously
failing test and speeds up execution.
Overall, this update reduces the total runtime from ~60s to about 4-5 seconds.
This also fixes a typo in the dup test that caused the head function to
not be called. On my test system without python3 the tests are now
skipped instead of failing.
Alex Richardson [Tue, 2 Mar 2021 18:34:42 +0000 (18:34 +0000)]
tests/sys/audit: add missing comma delimiter between fields
This makes the `kyua report --verbose` output a lot easier to parse when
looking at failed tests. It also fixes the closefrom() test since I
tested my changes with this commit but forgot to push it together with fa32350347b4e351a144b5423f0fb2ca9d67f4ca.
Alex Richardson [Thu, 18 Feb 2021 10:14:27 +0000 (10:14 +0000)]
tests/sys/audit: Avoid race caused by starting auditd(8) for testing
In the CheriBSD CI we reproducibly see the first test in sys/audit
(administrative:acct_failure) fail due to a missing startup message.
It appears this is caused by a race condition when starting auditd:
`service auditd onestart` returns as soon as the initial auditd() parent
exits (after the daemon(3) call).
We can avoid this problem by setting up the auditd infrastructure
in-process: libauditd contains audit_quick_{start,stop}() functions that
look like they are ideally suited to this task.
This patch also avoids forking lots of shell processes for each of the 418
tests by using `auditon(A_SENDTRIGGER, &trigger, sizeof(trigger))` to check
for a running auditd(8) instead of using `service auditd onestatus`.
With these two changes (and D28388 to fix the XFAIL'd test) I can now
boot and run `cd /usr/tests/sys/audit && kyua test` without any failures
in a single-core QEMU instance. Before there would always be at least one
failed test.
Besides making the tests more reliable in CI, a nice side-effect of this
change is that it also significantly speeds up running them by avoiding
lots of fork()/execve() caused by shell scripts:
Running kyua test on an AArch64 QEMU took 315s before and now takes 68s,
so it's roughly 3.5 times faster. This effect is even larger when running
on a CHERI-RISC-V QEMU since emulating CHERI instructions on an x86 host
is noticeably slower than emulating AArch64.
Alex Richardson [Tue, 23 Feb 2021 12:51:35 +0000 (12:51 +0000)]
Fix ptrace_test:ptrace__syscall_args after ATF upgrade
ATF now opens the results file (without CLOEXEC), so the child actually
has a valid file descriptor 3. To fix this simply use a large number that
will definitely not be a valid file descriptor.
Alex Richardson [Mon, 1 Mar 2021 18:51:02 +0000 (18:51 +0000)]
Remove atf_tc_skip calls from ptrace_test
I've run these tests many times in a loop on multiple architectures and
it works reliably for me, maybe it's time to retire these skips?
This also adds an additional waitpid to one of the tests to avoid
a potential race condition (suggested by markj@).
Alex Richardson [Mon, 1 Mar 2021 18:49:31 +0000 (18:49 +0000)]
ptrace_test: Add more debug output on test failures
Mostly automatic, using
`CHILD_REQUIRE\(([^|&\n]*) ==` -> `CHILD_REQUIRE_EQ_INT($1,`
`ATF_REQUIRE\(([^|&\n]*) ==` -> `REQUIRE_EQ_INT($1,` followed by
git-clang-format -f and then manually checking ones that contain ||/&&.
Test Plan:
Still getting the same failure but now it prints
`psr.sr_error (0) == EBADF (9) not met` instead of just failing
without printing the values.
Alex Richardson [Wed, 3 Feb 2021 09:32:16 +0000 (09:32 +0000)]
atf: Fix ATF_BUILD_* values when not using the bootstrap compiler
Currently, we encode the full path and compile flags for the build
compiler in libatf. However, these values are not correct when
cross-compiling: For example, when I build on macOS, CC is set to the
host path /usr/local/Cellar/llvm/11.0.0_1/bin/clang-11. This path will
not exist on the target system.
Simplify this logic and use cc/cpp/c++ since those binaries will exist
on the target system unless the compiler was explicitly disabled.
I'm not convinced ATF needs to encode these values, but this is a
minimal fix for these tests when using a non-bootstrapped compiler.
Alex Richardson [Thu, 18 Feb 2021 10:07:51 +0000 (10:07 +0000)]
libc: Fix t_spawn_fileactions test after ATF update
Since https://github.com/freebsd/atf/commit/4581cefc1e3811dd3c926b5dd4b15fd63d2e19da
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.
However, this test closes all file descriptors above 3 to get a
deterministic fd table allocation for the child. Instead of using closefrom
(which will close the ATF output file FD) I've changed this test use
the lowest available fd and pass that to the helper program as a string.
We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.
Reviewed By: cem
Differential Revision: https://reviews.freebsd.org/D28684
Alex Richardson [Mon, 15 Feb 2021 22:11:30 +0000 (22:11 +0000)]
Fix two failing tests after ATF update
Since https://github.com/freebsd/atf/commit/4581cefc1e3811dd3c926b5dd4b15fd63d2e19da
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.
However, this test closes all file descriptors just to check that
socketpair returns fd 3+4 and thereby also closes the ATF results file.
This then results in an EBADF when writing the result so the test is
reported as broken.
While system calls that create new file descriptors (must?) use the lowest
available file descriptor number, it does not seem useful to test this
property here. Drop the check for FD==3/4 to unbreak the testsuite.
We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.
Reviewed By: cem
Differential Revision: https://reviews.freebsd.org/D28683
This includes improvements to the atf-sh helper functions that
significantly reduce the number of spawned processes for each test
and therefore speeds up running the testsuite noticeably.
After changing the namespace.h header we need to provide _err on macOS, too.
Previously we used the system libc err*/warn*, but that does not provide
_err/_warn (which is used by other bootstrapped files from libc).
To fix this problem bootstrap err.c on macOS as well.
Alex Richardson [Wed, 10 Feb 2021 11:05:02 +0000 (11:05 +0000)]
Fix crossbuild bootstrap tools build with Clang 12
Clang 12 no longer allows re-defining a weak symbol as non-weak. This
happed here because we compile err.c with _err defined to err. To fix
this, use the same approach as the libc namespace.h
Alex Richardson [Sat, 13 Feb 2021 13:53:50 +0000 (13:53 +0000)]
bin/pkill: Fix {pgrep,pkill}-j_test.sh
The POSIX sh case statement does not allow for pattern matching using the
regex + qualifier so this case statement never matches. Instead just check
for a string starting with a digit followed by any character.
While touching these files also fix various shellcheck warnings.
Alex Richardson [Sat, 13 Feb 2021 13:52:59 +0000 (13:52 +0000)]
lib/libc/tests/rpc: Correctly set timeout
The rpc_control() API does not accept the CLCR_SET_RPCB_TIMEOUT command,
it only accepts RPC_SVC_CONNMAXREC_GET/RPC_SVC_CONNMAXREC_SET, so it was
not doing anything.
Instead of incorrectly calling this API, use clnt_create_timed() instead.
I noticed this because the test was timing out after 120s in the CheriBSD CI.
Alex Richardson [Tue, 2 Feb 2021 09:55:18 +0000 (09:55 +0000)]
tests/sys/audit: Skip extattr tests if extattrs are not supported
In the CheriBSD CI, we run the testsuite with /tmp as tmpfs. This causes
the extattr audit tests to fail since tmpfs does not (yet) support
extattrs. Skip those tests if the target path is on a file system that
does not support extended file attributes.
While touching these two files also convert the ATF_REQUIRE_EQ(-1, ...)
checks to use ATF_REQURIE_ERRNO().
Alex Richardson [Thu, 28 Jan 2021 17:23:27 +0000 (17:23 +0000)]
tests/sys/audit: fix timeout calculation
This changes the behaviour to a 30s total timeout (needed when running
on slow emulated uniprocessor systems) and timing out after 10s without
any input. This also uses timespecsub() instead of ignoring the
nanoseconds field.
After this change the tests runs more reliably on QEMU and time out less
frequently.
Alex Richardson [Mon, 25 Jan 2021 14:03:17 +0000 (14:03 +0000)]
Don't include libarchive fuzz tests by default
These tests are basic fuzz tests that permute input to trigger crashes
rather than regression or unit tests. Additionally, some of them take a
rather long time to run and should probably be run on a dedicated fuzzing
job instead. Moreover, these simple tests use rand() instead of a real
fuzzing tool that generates interesting inputs (e.g. LLVM libFuzzer) so are
unlikely to find anything interesting when run in CI.
This allows removing one BROKEN_TESTS case due to timeouts and speeds up
running tests on emulated platforms such as QEMU.
Reviewed By: lwhsu, mm
Differential Revision: https://reviews.freebsd.org/D27153