From nobody Wed Jul 13 16:47:39 2022
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0436217FC2F5;
	Wed, 13 Jul 2022 16:47:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Ljk7b5x57z3WQC;
	Wed, 13 Jul 2022 16:47:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1657730859;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=CSXVFbujS7YuhM0KLc4tNrApB/vLMU86mOG2kFeCowk=;
	b=tvB9QUXQDWfEznBNhUWRf8Zl54hBmMk37W2xJkFvYwBFQ4iLgQ1cJT7kier2nvNUIHuHv+
	NwGOb9vbj+BrzBP4oSeMWv6cNcLBzB5tupe8rSfyV8D/MojPVLCucdRnnIQae3pYrTJRfm
	PNVsUHP6oWBY+DLZr4wceL26Hqzjj/dzEpO/t43b2F/D5G7L8yo7VHB9aHT+PkR82j9iwq
	Xf/R4SYfkEbVr7tkdwbVi9nYuPw1yslEGXVKEWVj1WZsYi0RagLJuWn6L9pLqgpXIn3tJg
	3kNQod8UdDjeTlOxJVrmzd8le9TWQZazeEMiUV/Mo5747aHlyVlQKwzXosal6Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ljk7b4x0RzW8m;
	Wed, 13 Jul 2022 16:47:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 26DGldkV052227;
	Wed, 13 Jul 2022 16:47:39 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 26DGldp1052226;
	Wed, 13 Jul 2022 16:47:39 GMT
	(envelope-from git)
Date: Wed, 13 Jul 2022 16:47:39 GMT
Message-Id: <202207131647.26DGldp1052226@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 50959e884063 - stable/13 - ktls_test: Permit an option to skip tests not using ifnet TLS.
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 50959e884063ad7e2abbd86fd0b1575905a84f99
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1657730859;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=CSXVFbujS7YuhM0KLc4tNrApB/vLMU86mOG2kFeCowk=;
	b=RvbfGbb4KDQg8XnCIo976gmXxM+Zhm+sEwnv9ZsKqx6hfH41JoEgRPuLhCXq4AKPEn6nC9
	aR5FGTvZsYY8aFK/OpyV7KeDdpKmGwAA/dL0BG5AP4vBqu8R2Z80/3+n1pcPs4g8FWmw1p
	+NCg6qzzKx15gCmENQMHVWoOAmIf30ARcVtD9TnafTK4zL/s1O6Ammo14BPOApIToiHs0H
	k6ejtI7oTzG7JbH5GxdfnGdZbxqiQBO97flmeG1x9WWMVaSOUN/NGfLlHSIP2d81aV1cEz
	OBCM84l37sVmnblpmCkLz2Q7EoElgiTdQ9pGsa8ZtbjaukLGn59c+rnUAJRMUA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1657730859; a=rsa-sha256; cv=none;
	b=jQ3dLt1RoKyhW7epWMIbxkIrcvi1Ocb7SkroQMRUn7OY8GNWGcMRoy76Qc8c/PgGEZzZ7E
	fPPMZ6OUh5lGNygWIICDqyqOVSjgQBXb6pbZ8oV6HtxsvWzmy9XfTpCo8qI1Wy82qRUTaI
	03bLMw2cFvKOHza9lnQW19itpMhUS04ULvYEYGaA3wsYMbixqrWWxi4hM9A1rr+5TSLSgw
	yC/vPVASVRcg8hTlpGFy/XvErNFq1MEwRG7LHAcmnxe5ZOaTnF6Resg19jPk53fQJXQlAm
	FHAlk4vbTHdNqJLsRgorTYMi4JrKJaKd57fZAdbiMWhhiryXLzHNL3n2NW2G5Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=50959e884063ad7e2abbd86fd0b1575905a84f99

commit 50959e884063ad7e2abbd86fd0b1575905a84f99
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2022-06-14 17:35:01 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2022-07-13 16:19:39 +0000

    ktls_test: Permit an option to skip tests not using ifnet TLS.
    
    If ktls.require_ifnet is set to true, then check the TLS offload mode
    for tests sending and receiving records and skip the test if the
    offload mode is not ifnet mode.
    
    This can be used along with ktls.host to run KTLS tests against a NIC
    supporting ifnet TLS and verify that expected cipher suites and
    directions used ifnet TLS rather than software TLS.  Receive tests may
    result in a false positive as receive ifnet TLS can use software as a
    fallback.
    
    Reviewed by:    markj
    Sponsored by:   Chelsio Communications
    Differential Revision:  https://reviews.freebsd.org/D35427
    
    (cherry picked from commit ea4ebdcb4da94a30fae53da74eda302aaa4ff1f3)
---
 tests/sys/kern/ktls_test.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c
index 914b05edfd31..b36de88adfa2 100644
--- a/tests/sys/kern/ktls_test.c
+++ b/tests/sys/kern/ktls_test.c
@@ -67,6 +67,22 @@ require_ktls(void)
 
 #define	ATF_REQUIRE_KTLS()	require_ktls()
 
+static void
+check_tls_mode(const atf_tc_t *tc, int s, int sockopt)
+{
+	if (atf_tc_get_config_var_as_bool_wd(tc, "ktls.require_ifnet", false)) {
+		socklen_t len;
+		int mode;
+
+		len = sizeof(mode);
+		if (getsockopt(s, IPPROTO_TCP, sockopt, &mode, &len) == -1)
+			atf_libc_error(errno, "Failed to fetch TLS mode");
+
+		if (mode != TCP_TLS_MODE_IFNET)
+			atf_tc_skip("connection did not use ifnet TLS");
+	}
+}
+
 static char
 rdigit(void)
 {
@@ -981,6 +997,7 @@ test_ktls_transmit_app_data(const atf_tc_t *tc, struct tls_enable *en,
 
 	ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_TXTLS_ENABLE, en,
 	    sizeof(*en)) == 0);
+	check_tls_mode(tc, sockets[1], TCP_TXTLS_MODE);
 
 	EV_SET(&ev, sockets[0], EVFILT_READ, EV_ADD, 0, 0, NULL);
 	ATF_REQUIRE(kevent(kq, &ev, 1, NULL, 0, NULL) == 0);
@@ -1117,6 +1134,7 @@ test_ktls_transmit_control(const atf_tc_t *tc, struct tls_enable *en,
 
 	ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_TXTLS_ENABLE, en,
 	    sizeof(*en)) == 0);
+	check_tls_mode(tc, sockets[1], TCP_TXTLS_MODE);
 
 	fd_set_blocking(sockets[0]);
 	fd_set_blocking(sockets[1]);
@@ -1171,6 +1189,7 @@ test_ktls_transmit_empty_fragment(const atf_tc_t *tc, struct tls_enable *en,
 
 	ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_TXTLS_ENABLE, en,
 	    sizeof(*en)) == 0);
+	check_tls_mode(tc, sockets[1], TCP_TXTLS_MODE);
 
 	fd_set_blocking(sockets[0]);
 	fd_set_blocking(sockets[1]);
@@ -1281,6 +1300,7 @@ test_ktls_receive_app_data(const atf_tc_t *tc, struct tls_enable *en,
 
 	ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, en,
 	    sizeof(*en)) == 0);
+	check_tls_mode(tc, sockets[0], TCP_RXTLS_MODE);
 
 	EV_SET(&ev, sockets[0], EVFILT_READ, EV_ADD, 0, 0, NULL);
 	ATF_REQUIRE(kevent(kq, &ev, 1, NULL, 0, NULL) == 0);