From nobody Tue Jun 14 17:35:34 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 740B084142A; Tue, 14 Jun 2022 17:35:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LMwZH1vbpz3QJd; Tue, 14 Jun 2022 17:35:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1655228135; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RMeqqZnMV7SV45p6VVOxIax2TBk7wcbnnxCt8glMWrA=; b=BDunkATOh8tyfb2peCJuUiQdZrlOeKD7ZcHPzt+Yn59x8Ea/eQH7fQpGTlc8ZzwBDxfhFI U4nEmq5zN8wO24qedND0PeS070rWJlOI9gkV8qKu/ML+wiYtjQl1FczK5aXdZoZswBicxQ U2xBiXjJfqj5xeQpfgcbeEiF2CIREG0f38s+chMQiNPHhf35E+NzeWb9jy3HWUIYmXArlR MCJOlNtvnXNX3N+YKFyezPwwu/fwF1LX263jE6ukSB0waGPU+q5x1Ap3CAk7VtlWjZLLPa f3mZ3K0UPzCURG5Qqr0AK1OpixrpSPRLycpANoQBhPENmt5d/L3v46biQHPbeg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EB48567ED; Tue, 14 Jun 2022 17:35:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 25EHZYeR005681; Tue, 14 Jun 2022 17:35:34 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 25EHZY7a005680; Tue, 14 Jun 2022 17:35:34 GMT (envelope-from git) Date: Tue, 14 Jun 2022 17:35:34 GMT Message-Id: <202206141735.25EHZY7a005680@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: ea4ebdcb4da9 - main - ktls_test: Permit an option to skip tests not using ifnet TLS. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ea4ebdcb4da94a30fae53da74eda302aaa4ff1f3 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1655228135; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RMeqqZnMV7SV45p6VVOxIax2TBk7wcbnnxCt8glMWrA=; b=B2+LHbMn6I+TXdi/Jdykg5tCghe/bh/D4nUnC3SwEyXvfBt+LH6zQMUMKZ1EHeJG0sV4wt wb/zDbxlCLo/7Wc4umzY3JFztzNpITL6sihqIRswqkQexUoBxxNpsu/DNXdpgPwsKB9b29 MKZM/XK9v+IkJvlCvuiB5phuGa4mGZ4YNI3v+5WkFbNGcd/Jo54NTAQhStvQ7KthHMPbcy BrdYIO/2w9vyMpBEdFFytVovOPinoZGuIT5clgZyUKYtNXj3bl3xYh8J/GDWeIKbkQR8hb xZGpweB5ea/qaBtiYia9pzuMWcTxSlX9nLtwNaTjFhmaKEwXnU5ekV4iVrd3sg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1655228135; a=rsa-sha256; cv=none; b=SIvSuICcd76L/r0D7w79SqYKKbcdWznNXvCgA/VJeis+Un1PtAwNsn0fv0eTmB6CIg/ofA 9icrNASO1AnkwmBQzxn5nUqv0+qsG238L5NrM2Rjt9rx8IrMCutp38xIX8XjvLL3RBqmda yMYB4bc6sIIxb5jPAIN4uFoyQOuZWc21398tYxxyM0mb8xFWMFP1GQSM0jPErQCXY6WoDM N5ahG9oODZduzAK15wl9q99SawR/OFEChXF+S3CqIcwRrsACAUBwFU/BaNeXlWanOZchK2 XhViUjleVrMUXqExo5pmVpLgbJ6AvB4d9qa5DN6f1DArx4JsASSATceURv3Fcg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=ea4ebdcb4da94a30fae53da74eda302aaa4ff1f3 commit ea4ebdcb4da94a30fae53da74eda302aaa4ff1f3 Author: John Baldwin AuthorDate: 2022-06-14 17:35:01 +0000 Commit: John Baldwin CommitDate: 2022-06-14 17:35:01 +0000 ktls_test: Permit an option to skip tests not using ifnet TLS. If ktls.require_ifnet is set to true, then check the TLS offload mode for tests sending and receiving records and skip the test if the offload mode is not ifnet mode. This can be used along with ktls.host to run KTLS tests against a NIC supporting ifnet TLS and verify that expected cipher suites and directions used ifnet TLS rather than software TLS. Receive tests may result in a false positive as receive ifnet TLS can use software as a fallback. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D35427 --- tests/sys/kern/ktls_test.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 914b05edfd31..b36de88adfa2 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -67,6 +67,22 @@ require_ktls(void) #define ATF_REQUIRE_KTLS() require_ktls() +static void +check_tls_mode(const atf_tc_t *tc, int s, int sockopt) +{ + if (atf_tc_get_config_var_as_bool_wd(tc, "ktls.require_ifnet", false)) { + socklen_t len; + int mode; + + len = sizeof(mode); + if (getsockopt(s, IPPROTO_TCP, sockopt, &mode, &len) == -1) + atf_libc_error(errno, "Failed to fetch TLS mode"); + + if (mode != TCP_TLS_MODE_IFNET) + atf_tc_skip("connection did not use ifnet TLS"); + } +} + static char rdigit(void) { @@ -981,6 +997,7 @@ test_ktls_transmit_app_data(const atf_tc_t *tc, struct tls_enable *en, ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_TXTLS_ENABLE, en, sizeof(*en)) == 0); + check_tls_mode(tc, sockets[1], TCP_TXTLS_MODE); EV_SET(&ev, sockets[0], EVFILT_READ, EV_ADD, 0, 0, NULL); ATF_REQUIRE(kevent(kq, &ev, 1, NULL, 0, NULL) == 0); @@ -1117,6 +1134,7 @@ test_ktls_transmit_control(const atf_tc_t *tc, struct tls_enable *en, ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_TXTLS_ENABLE, en, sizeof(*en)) == 0); + check_tls_mode(tc, sockets[1], TCP_TXTLS_MODE); fd_set_blocking(sockets[0]); fd_set_blocking(sockets[1]); @@ -1171,6 +1189,7 @@ test_ktls_transmit_empty_fragment(const atf_tc_t *tc, struct tls_enable *en, ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_TXTLS_ENABLE, en, sizeof(*en)) == 0); + check_tls_mode(tc, sockets[1], TCP_TXTLS_MODE); fd_set_blocking(sockets[0]); fd_set_blocking(sockets[1]); @@ -1281,6 +1300,7 @@ test_ktls_receive_app_data(const atf_tc_t *tc, struct tls_enable *en, ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, en, sizeof(*en)) == 0); + check_tls_mode(tc, sockets[0], TCP_RXTLS_MODE); EV_SET(&ev, sockets[0], EVFILT_READ, EV_ADD, 0, 0, NULL); ATF_REQUIRE(kevent(kq, &ev, 1, NULL, 0, NULL) == 0);