Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-8]: src Pull up following revision(s) (requested by ozaki-r in ti...
details: https://anonhg.NetBSD.org/src/rev/aa91583d807e
branches: netbsd-8
changeset: 434398:aa91583d807e
user: martin <martin%NetBSD.org@localhost>
date: Tue Nov 21 11:11:20 2017 +0000
description:
Pull up following revision(s) (requested by ozaki-r in ticket #360):
tests/net/ipsec/t_ipsec_misc.sh: revision 1.21
tests/net/ipsec/t_ipsec_misc.sh: revision 1.22
sys/netipsec/key.c: revision 1.235
Mark key_timehandler_ch callout as MP-safe (just forgot to do so)
"Mark key_timehandler_ch callout as MP-safe" change needs one more sec to make lifetime tests stable
Dedup some checks
And the change a bit optimizes checks of SA expirations, which
may shorten testing time.
diffstat:
sys/netipsec/key.c | 6 +-
tests/net/ipsec/t_ipsec_misc.sh | 82 ++++++++++++++++++++++------------------
2 files changed, 48 insertions(+), 40 deletions(-)
diffs (167 lines):
diff -r 89158be9f3a7 -r aa91583d807e sys/netipsec/key.c
--- a/sys/netipsec/key.c Tue Nov 21 11:01:02 2017 +0000
+++ b/sys/netipsec/key.c Tue Nov 21 11:11:20 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.163.2.1 2017/10/21 19:43:54 snj Exp $ */
+/* $NetBSD: key.c,v 1.163.2.2 2017/11/21 11:11:20 martin Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.163.2.1 2017/10/21 19:43:54 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.163.2.2 2017/11/21 11:11:20 martin Exp $");
/*
* This code is referred to RFC 2367
@@ -8106,7 +8106,7 @@
pfkeystat_percpu = percpu_alloc(sizeof(uint64_t) * PFKEY_NSTATS);
- callout_init(&key_timehandler_ch, 0);
+ callout_init(&key_timehandler_ch, CALLOUT_MPSAFE);
error = workqueue_create(&key_timehandler_wq, "key_timehandler",
key_timehandler_work, NULL, PRI_SOFTNET, IPL_SOFTNET, WQ_MPSAFE);
if (error != 0)
diff -r 89158be9f3a7 -r aa91583d807e tests/net/ipsec/t_ipsec_misc.sh
--- a/tests/net/ipsec/t_ipsec_misc.sh Tue Nov 21 11:01:02 2017 +0000
+++ b/tests/net/ipsec/t_ipsec_misc.sh Tue Nov 21 11:11:20 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_misc.sh,v 1.6.2.2 2017/10/21 19:43:55 snj Exp $
+# $NetBSD: t_ipsec_misc.sh,v 1.6.2.3 2017/11/21 11:11:20 martin Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@@ -78,6 +78,42 @@
#check_sa_entries $SOCK_PEER $ip_local $ip_peer
}
+test_sad_disapper_until()
+{
+ local time=$1
+ local check_dead_sa=$2
+ local setkey_opts=
+ local n=$time
+ local tmpfile=./__tmp
+ local sock= ok=
+
+ if $check_dead_sa; then
+ setkey_opts="-D -a"
+ else
+ setkey_opts="-D"
+ fi
+
+ while [ $n -ne 0 ]; do
+ ok=0
+ sleep 1
+ for sock in $SOCK_LOCAL $SOCK_PEER; do
+ export RUMP_SERVER=$sock
+ $HIJACKING setkey $setkey_opts > $tmpfile
+ $DEBUG && cat $tmpfile
+ if grep -q 'No SAD entries.' $tmpfile; then
+ ok=$((ok + 1))
+ fi
+ done
+ if [ $ok -eq 2 ]; then
+ return
+ fi
+
+ n=$((n - 1))
+ done
+
+ atf_fail "SAs didn't disappear after $time sec."
+}
+
test_ipsec4_lifetime()
{
local proto=$1
@@ -88,6 +124,7 @@
local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
local algo_args="$(generate_algo_args $proto $algo)"
local lifetime=3
+ local buffertime=2
rump_server_crypto_start $SOCK_LOCAL netipsec
rump_server_crypto_start $SOCK_PEER netipsec
@@ -118,16 +155,8 @@
# Set up SAs with lifetime 1 sec.
setup_sasp $proto "$algo_args" $ip_local $ip_peer 1
- # Wait for the SAs to be expired
- atf_check -s exit:0 sleep 2
-
# Check the SAs have been expired
- export RUMP_SERVER=$SOCK_LOCAL
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D
- export RUMP_SERVER=$SOCK_PEER
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D
+ test_sad_disapper_until $((1 + $buffertime)) false
# Clean up SPs
export RUMP_SERVER=$SOCK_LOCAL
@@ -148,15 +177,8 @@
atf_check -s exit:0 -o match:"$ip_peer > $ip_local: $proto_cap" \
cat $outfile
- atf_check -s exit:0 sleep $((lifetime + 1))
-
- export RUMP_SERVER=$SOCK_LOCAL
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D -a
-
- export RUMP_SERVER=$SOCK_PEER
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D -a
+ # Check the SAs have been expired
+ test_sad_disapper_until $((lifetime + $buffertime)) true
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s not-exit:0 -o match:'0 packets received' \
@@ -176,6 +198,7 @@
local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
local algo_args="$(generate_algo_args $proto $algo)"
local lifetime=3
+ local buffertime=2
rump_server_crypto_start $SOCK_LOCAL netinet6 netipsec
rump_server_crypto_start $SOCK_PEER netinet6 netipsec
@@ -204,16 +227,8 @@
# Set up SAs with lifetime 1 sec.
setup_sasp $proto "$algo_args" $ip_local $ip_peer 1
- # Wait for the SAs to be expired
- atf_check -s exit:0 sleep 2
-
# Check the SAs have been expired
- export RUMP_SERVER=$SOCK_LOCAL
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D
- export RUMP_SERVER=$SOCK_PEER
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D
+ test_sad_disapper_until $((1 + $buffertime)) false
# Clean up SPs
export RUMP_SERVER=$SOCK_LOCAL
@@ -234,15 +249,8 @@
atf_check -s exit:0 -o match:"$ip_peer > $ip_local: $proto_cap" \
cat $outfile
- atf_check -s exit:0 sleep $((lifetime + 1))
-
- export RUMP_SERVER=$SOCK_LOCAL
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D -a
-
- export RUMP_SERVER=$SOCK_PEER
- $DEBUG && $HIJACKING setkey -D
- atf_check -s exit:0 -o match:'No SAD entries.' $HIJACKING setkey -D -a
+ # Check the SAs have been expired
+ test_sad_disapper_until $((lifetime + $buffertime)) true
export RUMP_SERVER=$SOCK_LOCAL
atf_check -s not-exit:0 -o match:'0 packets received' \
Home |
Main Index |
Thread Index |
Old Index