From nobody Wed Nov 24 16:28:27 2021
X-Original-To: dev-ci@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 43D1F189B925
	for <dev-ci@mlmmj.nyi.freebsd.org>; Wed, 24 Nov 2021 16:28:29 +0000 (UTC)
	(envelope-from jhb@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Hzmf474rcz3vxT;
	Wed, 24 Nov 2021 16:28:28 +0000 (UTC)
	(envelope-from jhb@FreeBSD.org)
Received: from [10.0.1.4] (ralph.baldwin.cx [66.234.199.215])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(Client did not present a certificate)
	(Authenticated sender: jhb)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 83C91408;
	Wed, 24 Nov 2021 16:28:28 +0000 (UTC)
	(envelope-from jhb@FreeBSD.org)
Message-ID: <a4b434ad-4d3d-08a6-29e3-5b591fe6190b@FreeBSD.org>
Date: Wed, 24 Nov 2021 08:28:27 -0800
List-Id: Continuous Integration Build and Test Results <dev-ci.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-ci
List-Help: <mailto:dev-ci+help@freebsd.org>
List-Post: <mailto:dev-ci@freebsd.org>
List-Subscribe: <mailto:dev-ci+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-ci+unsubscribe@freebsd.org>
Sender: owner-dev-ci@freebsd.org
X-BeenThere: dev-ci@freebsd.org
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:91.0)
 Gecko/20100101 Thunderbird/91.3.0
Subject: Re: git: 71e6792cbe81 - stable/13 - ktls: Add simple transmit tests
 of kernel TLS.
Content-Language: en-US
From: John Baldwin <jhb@FreeBSD.org>
To: dev-ci@FreeBSD.org, Mark Johnston <markj@FreeBSD.org>
References: <202111232312.1ANNCv1F037764@gitrepo.freebsd.org>
In-Reply-To: <202111232312.1ANNCv1F037764@gitrepo.freebsd.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1637771309;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=cLHrIMAPvolaIUSheQ+Vfq/wIYG+Qu9PlXOl1ib8LqQ=;
	b=S3mUxpKq1PehYRv9sA87fvhLZhNQoDJrj6IgPTWgIyepZD143D8mQcDHAq+h6/CkaQp5kK
	fz8PIU4jGsp1UyWULpo/6pnqavClbISzGUMXEsmIKFYS9XmghVKyUX5VtoZyBxU349Oj1h
	/0SI40KLgZOcLnH8V8cDk+wA792YydSXn2rNMHAKcu1PXehaGvtrYLsezhERwkFzmqAUPx
	o33Vbf40JsuDr8EfikMlIQ5mW8UR93cFetkTX27Jypmev5+G6/f50bLGETFvhN5lyqXKIu
	5Caghm4DULdxxHBLmMSXj8fQBdzrnESdtGglDE5xSY4Hnh992Npt5/dDmAKtBQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1637771309; a=rsa-sha256; cv=none;
	b=feKhwlpgVUW8YfCSJEs1QuO+eWMrZPFTD57flXQgJHc/7vPVO45kNyeon83VtUaYlAv8R/
	sBBHZiFYddrwpJBuhskmr19vritqKUgsgyJP41K/XXqLD+Wq6XyZU//pza5Ff3a2YTeIWP
	zI8hsrVl+fxtGhJpIwl2hbpg4ocPcOmJRi4WEiy6Mghw1RH51cl6cdvqsBTM5AlEBsJc+O
	moGyNsG4gpajbSRNNBDjc4dN7HB1rH8ZYAtmuvrW5imWjmtMVNEnUTwr5RBou7b8FlAlBb
	Y6nJX2OY0hcG3KcJT/FPP6k3U7jnXzEqnJNMr2RDks9i0kToRsoO/P6iYiUXoA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

On 11/23/21 3:12 PM, John Baldwin wrote:
> The branch stable/13 has been updated by jhb:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=71e6792cbe81f6fcbfdf545ea7c04b2ae3bfda50
> 
> commit 71e6792cbe81f6fcbfdf545ea7c04b2ae3bfda50
> Author:     John Baldwin <jhb@FreeBSD.org>
> AuthorDate: 2021-11-01 18:28:10 +0000
> Commit:     John Baldwin <jhb@FreeBSD.org>
> CommitDate: 2021-11-23 23:11:45 +0000
> 
>      ktls: Add simple transmit tests of kernel TLS.
>      
>      Note that these tests test the kernel TLS functionality directly.
>      Rather than using OpenSSL to perform negotiation and generate keys,
>      these tests generate random keys send data over a pair of TCP sockets
>      manually decrypting the TLS records generated by the kernel.
>      
>      Reviewed by:    markj
>      Sponsored by:   Netflix
>      Differential Revision:  https://reviews.freebsd.org/D32652
>      
>      (cherry picked from commit a10482ea7476d68d1ab028145ae6d97cef747b49)

I'm not quite sure what is needed to enable these tests in CI for 13 (assuming we
are running CI in 13?)  Mark created a review to set kern.ipc.tls.enable=1 in the
sysctl settings which I suspect is used now on 13 as well as head?  However, for
13 these tests need ktls_ocf.ko loaded (in head that module doesn't exist and is
instead included as part of the base kernel).  I'm not sure what the best strategy
is here.  Perhaps for 13 we should extend the requires_ktls hook to require the
ktls_ocf module (do we have glue to autoload modules when run under CI?)

-- 
John Baldwin