1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 struct tls_crypto_info_keys { 29 union { 30 struct tls12_crypto_info_aes_gcm_128 aes128; 31 struct tls12_crypto_info_chacha20_poly1305 chacha20; 32 struct tls12_crypto_info_sm4_gcm sm4gcm; 33 struct tls12_crypto_info_sm4_ccm sm4ccm; 34 struct tls12_crypto_info_aes_ccm_128 aesccm128; 35 struct tls12_crypto_info_aes_gcm_256 aesgcm256; 36 }; 37 size_t len; 38 }; 39 40 static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type, 41 struct tls_crypto_info_keys *tls12) 42 { 43 memset(tls12, 0, sizeof(*tls12)); 44 45 switch (cipher_type) { 46 case TLS_CIPHER_CHACHA20_POLY1305: 47 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305); 48 tls12->chacha20.info.version = tls_version; 49 tls12->chacha20.info.cipher_type = cipher_type; 50 break; 51 case TLS_CIPHER_AES_GCM_128: 52 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128); 53 tls12->aes128.info.version = tls_version; 54 tls12->aes128.info.cipher_type = cipher_type; 55 break; 56 case TLS_CIPHER_SM4_GCM: 57 tls12->len = sizeof(struct tls12_crypto_info_sm4_gcm); 58 tls12->sm4gcm.info.version = tls_version; 59 tls12->sm4gcm.info.cipher_type = cipher_type; 60 break; 61 case TLS_CIPHER_SM4_CCM: 62 tls12->len = sizeof(struct tls12_crypto_info_sm4_ccm); 63 tls12->sm4ccm.info.version = tls_version; 64 tls12->sm4ccm.info.cipher_type = cipher_type; 65 break; 66 case TLS_CIPHER_AES_CCM_128: 67 tls12->len = sizeof(struct tls12_crypto_info_aes_ccm_128); 68 tls12->aesccm128.info.version = tls_version; 69 tls12->aesccm128.info.cipher_type = cipher_type; 70 break; 71 case TLS_CIPHER_AES_GCM_256: 72 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_256); 73 tls12->aesgcm256.info.version = tls_version; 74 tls12->aesgcm256.info.cipher_type = cipher_type; 75 break; 76 default: 77 break; 78 } 79 } 80 81 static void memrnd(void *s, size_t n) 82 { 83 int *dword = s; 84 char *byte; 85 86 for (; n >= 4; n -= 4) 87 *dword++ = rand(); 88 byte = (void *)dword; 89 while (n--) 90 *byte++ = rand(); 91 } 92 93 static void ulp_sock_pair(struct __test_metadata *_metadata, 94 int *fd, int *cfd, bool *notls) 95 { 96 struct sockaddr_in addr; 97 socklen_t len; 98 int sfd, ret; 99 100 *notls = false; 101 len = sizeof(addr); 102 103 addr.sin_family = AF_INET; 104 addr.sin_addr.s_addr = htonl(INADDR_ANY); 105 addr.sin_port = 0; 106 107 *fd = socket(AF_INET, SOCK_STREAM, 0); 108 sfd = socket(AF_INET, SOCK_STREAM, 0); 109 110 ret = bind(sfd, &addr, sizeof(addr)); 111 ASSERT_EQ(ret, 0); 112 ret = listen(sfd, 10); 113 ASSERT_EQ(ret, 0); 114 115 ret = getsockname(sfd, &addr, &len); 116 ASSERT_EQ(ret, 0); 117 118 ret = connect(*fd, &addr, sizeof(addr)); 119 ASSERT_EQ(ret, 0); 120 121 *cfd = accept(sfd, &addr, &len); 122 ASSERT_GE(*cfd, 0); 123 124 close(sfd); 125 126 ret = setsockopt(*fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 127 if (ret != 0) { 128 ASSERT_EQ(errno, ENOENT); 129 *notls = true; 130 printf("Failure setting TCP_ULP, testing without tls\n"); 131 return; 132 } 133 134 ret = setsockopt(*cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 135 ASSERT_EQ(ret, 0); 136 } 137 138 /* Produce a basic cmsg */ 139 static int tls_send_cmsg(int fd, unsigned char record_type, 140 void *data, size_t len, int flags) 141 { 142 char cbuf[CMSG_SPACE(sizeof(char))]; 143 int cmsg_len = sizeof(char); 144 struct cmsghdr *cmsg; 145 struct msghdr msg; 146 struct iovec vec; 147 148 vec.iov_base = data; 149 vec.iov_len = len; 150 memset(&msg, 0, sizeof(struct msghdr)); 151 msg.msg_iov = &vec; 152 msg.msg_iovlen = 1; 153 msg.msg_control = cbuf; 154 msg.msg_controllen = sizeof(cbuf); 155 cmsg = CMSG_FIRSTHDR(&msg); 156 cmsg->cmsg_level = SOL_TLS; 157 /* test sending non-record types. */ 158 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 159 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 160 *CMSG_DATA(cmsg) = record_type; 161 msg.msg_controllen = cmsg->cmsg_len; 162 163 return sendmsg(fd, &msg, flags); 164 } 165 166 static int tls_recv_cmsg(struct __test_metadata *_metadata, 167 int fd, unsigned char record_type, 168 void *data, size_t len, int flags) 169 { 170 char cbuf[CMSG_SPACE(sizeof(char))]; 171 struct cmsghdr *cmsg; 172 unsigned char ctype; 173 struct msghdr msg; 174 struct iovec vec; 175 int n; 176 177 vec.iov_base = data; 178 vec.iov_len = len; 179 memset(&msg, 0, sizeof(struct msghdr)); 180 msg.msg_iov = &vec; 181 msg.msg_iovlen = 1; 182 msg.msg_control = cbuf; 183 msg.msg_controllen = sizeof(cbuf); 184 185 n = recvmsg(fd, &msg, flags); 186 187 cmsg = CMSG_FIRSTHDR(&msg); 188 EXPECT_NE(cmsg, NULL); 189 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 190 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 191 ctype = *((unsigned char *)CMSG_DATA(cmsg)); 192 EXPECT_EQ(ctype, record_type); 193 194 return n; 195 } 196 197 FIXTURE(tls_basic) 198 { 199 int fd, cfd; 200 bool notls; 201 }; 202 203 FIXTURE_SETUP(tls_basic) 204 { 205 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 206 } 207 208 FIXTURE_TEARDOWN(tls_basic) 209 { 210 close(self->fd); 211 close(self->cfd); 212 } 213 214 /* Send some data through with ULP but no keys */ 215 TEST_F(tls_basic, base_base) 216 { 217 char const *test_str = "test_read"; 218 int send_len = 10; 219 char buf[10]; 220 221 ASSERT_EQ(strlen(test_str) + 1, send_len); 222 223 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 224 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 225 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 226 }; 227 228 FIXTURE(tls) 229 { 230 int fd, cfd; 231 bool notls; 232 }; 233 234 FIXTURE_VARIANT(tls) 235 { 236 uint16_t tls_version; 237 uint16_t cipher_type; 238 bool nopad; 239 }; 240 241 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm) 242 { 243 .tls_version = TLS_1_2_VERSION, 244 .cipher_type = TLS_CIPHER_AES_GCM_128, 245 }; 246 247 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm) 248 { 249 .tls_version = TLS_1_3_VERSION, 250 .cipher_type = TLS_CIPHER_AES_GCM_128, 251 }; 252 253 FIXTURE_VARIANT_ADD(tls, 12_chacha) 254 { 255 .tls_version = TLS_1_2_VERSION, 256 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 257 }; 258 259 FIXTURE_VARIANT_ADD(tls, 13_chacha) 260 { 261 .tls_version = TLS_1_3_VERSION, 262 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 263 }; 264 265 FIXTURE_VARIANT_ADD(tls, 13_sm4_gcm) 266 { 267 .tls_version = TLS_1_3_VERSION, 268 .cipher_type = TLS_CIPHER_SM4_GCM, 269 }; 270 271 FIXTURE_VARIANT_ADD(tls, 13_sm4_ccm) 272 { 273 .tls_version = TLS_1_3_VERSION, 274 .cipher_type = TLS_CIPHER_SM4_CCM, 275 }; 276 277 FIXTURE_VARIANT_ADD(tls, 12_aes_ccm) 278 { 279 .tls_version = TLS_1_2_VERSION, 280 .cipher_type = TLS_CIPHER_AES_CCM_128, 281 }; 282 283 FIXTURE_VARIANT_ADD(tls, 13_aes_ccm) 284 { 285 .tls_version = TLS_1_3_VERSION, 286 .cipher_type = TLS_CIPHER_AES_CCM_128, 287 }; 288 289 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_256) 290 { 291 .tls_version = TLS_1_2_VERSION, 292 .cipher_type = TLS_CIPHER_AES_GCM_256, 293 }; 294 295 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_256) 296 { 297 .tls_version = TLS_1_3_VERSION, 298 .cipher_type = TLS_CIPHER_AES_GCM_256, 299 }; 300 301 FIXTURE_VARIANT_ADD(tls, 13_nopad) 302 { 303 .tls_version = TLS_1_3_VERSION, 304 .cipher_type = TLS_CIPHER_AES_GCM_128, 305 .nopad = true, 306 }; 307 308 FIXTURE_SETUP(tls) 309 { 310 struct tls_crypto_info_keys tls12; 311 int one = 1; 312 int ret; 313 314 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 315 &tls12); 316 317 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 318 319 if (self->notls) 320 return; 321 322 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 323 ASSERT_EQ(ret, 0); 324 325 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, tls12.len); 326 ASSERT_EQ(ret, 0); 327 328 if (variant->nopad) { 329 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 330 (void *)&one, sizeof(one)); 331 ASSERT_EQ(ret, 0); 332 } 333 } 334 335 FIXTURE_TEARDOWN(tls) 336 { 337 close(self->fd); 338 close(self->cfd); 339 } 340 341 TEST_F(tls, sendfile) 342 { 343 int filefd = open("/proc/self/exe", O_RDONLY); 344 struct stat st; 345 346 EXPECT_GE(filefd, 0); 347 fstat(filefd, &st); 348 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 349 } 350 351 TEST_F(tls, send_then_sendfile) 352 { 353 int filefd = open("/proc/self/exe", O_RDONLY); 354 char const *test_str = "test_send"; 355 int to_send = strlen(test_str) + 1; 356 char recv_buf[10]; 357 struct stat st; 358 char *buf; 359 360 EXPECT_GE(filefd, 0); 361 fstat(filefd, &st); 362 buf = (char *)malloc(st.st_size); 363 364 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 365 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 366 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 367 368 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 369 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 370 } 371 372 static void chunked_sendfile(struct __test_metadata *_metadata, 373 struct _test_data_tls *self, 374 uint16_t chunk_size, 375 uint16_t extra_payload_size) 376 { 377 char buf[TLS_PAYLOAD_MAX_LEN]; 378 uint16_t test_payload_size; 379 int size = 0; 380 int ret; 381 char filename[] = "/tmp/mytemp.XXXXXX"; 382 int fd = mkstemp(filename); 383 off_t offset = 0; 384 385 unlink(filename); 386 ASSERT_GE(fd, 0); 387 EXPECT_GE(chunk_size, 1); 388 test_payload_size = chunk_size + extra_payload_size; 389 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 390 memset(buf, 1, test_payload_size); 391 size = write(fd, buf, test_payload_size); 392 EXPECT_EQ(size, test_payload_size); 393 fsync(fd); 394 395 while (size > 0) { 396 ret = sendfile(self->fd, fd, &offset, chunk_size); 397 EXPECT_GE(ret, 0); 398 size -= ret; 399 } 400 401 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 402 test_payload_size); 403 404 close(fd); 405 } 406 407 TEST_F(tls, multi_chunk_sendfile) 408 { 409 chunked_sendfile(_metadata, self, 4096, 4096); 410 chunked_sendfile(_metadata, self, 4096, 0); 411 chunked_sendfile(_metadata, self, 4096, 1); 412 chunked_sendfile(_metadata, self, 4096, 2048); 413 chunked_sendfile(_metadata, self, 8192, 2048); 414 chunked_sendfile(_metadata, self, 4096, 8192); 415 chunked_sendfile(_metadata, self, 8192, 4096); 416 chunked_sendfile(_metadata, self, 12288, 1024); 417 chunked_sendfile(_metadata, self, 12288, 2000); 418 chunked_sendfile(_metadata, self, 15360, 100); 419 chunked_sendfile(_metadata, self, 15360, 300); 420 chunked_sendfile(_metadata, self, 1, 4096); 421 chunked_sendfile(_metadata, self, 2048, 4096); 422 chunked_sendfile(_metadata, self, 2048, 8192); 423 chunked_sendfile(_metadata, self, 4096, 8192); 424 chunked_sendfile(_metadata, self, 1024, 12288); 425 chunked_sendfile(_metadata, self, 2000, 12288); 426 chunked_sendfile(_metadata, self, 100, 15360); 427 chunked_sendfile(_metadata, self, 300, 15360); 428 } 429 430 TEST_F(tls, recv_max) 431 { 432 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 433 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 434 char buf[TLS_PAYLOAD_MAX_LEN]; 435 436 memrnd(buf, sizeof(buf)); 437 438 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 439 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 440 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 441 } 442 443 TEST_F(tls, recv_small) 444 { 445 char const *test_str = "test_read"; 446 int send_len = 10; 447 char buf[10]; 448 449 send_len = strlen(test_str) + 1; 450 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 451 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 452 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 453 } 454 455 TEST_F(tls, msg_more) 456 { 457 char const *test_str = "test_read"; 458 int send_len = 10; 459 char buf[10 * 2]; 460 461 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 462 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 463 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 464 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 465 send_len * 2); 466 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 467 } 468 469 TEST_F(tls, msg_more_unsent) 470 { 471 char const *test_str = "test_read"; 472 int send_len = 10; 473 char buf[10]; 474 475 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 476 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 477 } 478 479 TEST_F(tls, sendmsg_single) 480 { 481 struct msghdr msg; 482 483 char const *test_str = "test_sendmsg"; 484 size_t send_len = 13; 485 struct iovec vec; 486 char buf[13]; 487 488 vec.iov_base = (char *)test_str; 489 vec.iov_len = send_len; 490 memset(&msg, 0, sizeof(struct msghdr)); 491 msg.msg_iov = &vec; 492 msg.msg_iovlen = 1; 493 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 494 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 495 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 496 } 497 498 #define MAX_FRAGS 64 499 #define SEND_LEN 13 500 TEST_F(tls, sendmsg_fragmented) 501 { 502 char const *test_str = "test_sendmsg"; 503 char buf[SEND_LEN * MAX_FRAGS]; 504 struct iovec vec[MAX_FRAGS]; 505 struct msghdr msg; 506 int i, frags; 507 508 for (frags = 1; frags <= MAX_FRAGS; frags++) { 509 for (i = 0; i < frags; i++) { 510 vec[i].iov_base = (char *)test_str; 511 vec[i].iov_len = SEND_LEN; 512 } 513 514 memset(&msg, 0, sizeof(struct msghdr)); 515 msg.msg_iov = vec; 516 msg.msg_iovlen = frags; 517 518 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 519 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 520 SEND_LEN * frags); 521 522 for (i = 0; i < frags; i++) 523 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 524 test_str, SEND_LEN), 0); 525 } 526 } 527 #undef MAX_FRAGS 528 #undef SEND_LEN 529 530 TEST_F(tls, sendmsg_large) 531 { 532 void *mem = malloc(16384); 533 size_t send_len = 16384; 534 size_t sends = 128; 535 struct msghdr msg; 536 size_t recvs = 0; 537 size_t sent = 0; 538 539 memset(&msg, 0, sizeof(struct msghdr)); 540 while (sent++ < sends) { 541 struct iovec vec = { (void *)mem, send_len }; 542 543 msg.msg_iov = &vec; 544 msg.msg_iovlen = 1; 545 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 546 } 547 548 while (recvs++ < sends) { 549 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 550 } 551 552 free(mem); 553 } 554 555 TEST_F(tls, sendmsg_multiple) 556 { 557 char const *test_str = "test_sendmsg_multiple"; 558 struct iovec vec[5]; 559 char *test_strs[5]; 560 struct msghdr msg; 561 int total_len = 0; 562 int len_cmp = 0; 563 int iov_len = 5; 564 char *buf; 565 int i; 566 567 memset(&msg, 0, sizeof(struct msghdr)); 568 for (i = 0; i < iov_len; i++) { 569 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 570 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 571 vec[i].iov_base = (void *)test_strs[i]; 572 vec[i].iov_len = strlen(test_strs[i]) + 1; 573 total_len += vec[i].iov_len; 574 } 575 msg.msg_iov = vec; 576 msg.msg_iovlen = iov_len; 577 578 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 579 buf = malloc(total_len); 580 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 581 for (i = 0; i < iov_len; i++) { 582 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 583 strlen(test_strs[i])), 584 0); 585 len_cmp += strlen(buf + len_cmp) + 1; 586 } 587 for (i = 0; i < iov_len; i++) 588 free(test_strs[i]); 589 free(buf); 590 } 591 592 TEST_F(tls, sendmsg_multiple_stress) 593 { 594 char const *test_str = "abcdefghijklmno"; 595 struct iovec vec[1024]; 596 char *test_strs[1024]; 597 int iov_len = 1024; 598 int total_len = 0; 599 char buf[1 << 14]; 600 struct msghdr msg; 601 int len_cmp = 0; 602 int i; 603 604 memset(&msg, 0, sizeof(struct msghdr)); 605 for (i = 0; i < iov_len; i++) { 606 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 607 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 608 vec[i].iov_base = (void *)test_strs[i]; 609 vec[i].iov_len = strlen(test_strs[i]) + 1; 610 total_len += vec[i].iov_len; 611 } 612 msg.msg_iov = vec; 613 msg.msg_iovlen = iov_len; 614 615 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 616 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 617 618 for (i = 0; i < iov_len; i++) 619 len_cmp += strlen(buf + len_cmp) + 1; 620 621 for (i = 0; i < iov_len; i++) 622 free(test_strs[i]); 623 } 624 625 TEST_F(tls, splice_from_pipe) 626 { 627 int send_len = TLS_PAYLOAD_MAX_LEN; 628 char mem_send[TLS_PAYLOAD_MAX_LEN]; 629 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 630 int p[2]; 631 632 ASSERT_GE(pipe(p), 0); 633 EXPECT_GE(write(p[1], mem_send, send_len), 0); 634 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 635 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 636 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 637 } 638 639 TEST_F(tls, splice_from_pipe2) 640 { 641 int send_len = 16000; 642 char mem_send[16000]; 643 char mem_recv[16000]; 644 int p2[2]; 645 int p[2]; 646 647 ASSERT_GE(pipe(p), 0); 648 ASSERT_GE(pipe(p2), 0); 649 EXPECT_GE(write(p[1], mem_send, 8000), 0); 650 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 651 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 652 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 653 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 654 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 655 } 656 657 TEST_F(tls, send_and_splice) 658 { 659 int send_len = TLS_PAYLOAD_MAX_LEN; 660 char mem_send[TLS_PAYLOAD_MAX_LEN]; 661 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 662 char const *test_str = "test_read"; 663 int send_len2 = 10; 664 char buf[10]; 665 int p[2]; 666 667 ASSERT_GE(pipe(p), 0); 668 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 669 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 670 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 671 672 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 673 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 674 675 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 676 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 677 } 678 679 TEST_F(tls, splice_to_pipe) 680 { 681 int send_len = TLS_PAYLOAD_MAX_LEN; 682 char mem_send[TLS_PAYLOAD_MAX_LEN]; 683 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 684 int p[2]; 685 686 ASSERT_GE(pipe(p), 0); 687 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 688 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 689 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 690 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 691 } 692 693 TEST_F(tls, splice_cmsg_to_pipe) 694 { 695 char *test_str = "test_read"; 696 char record_type = 100; 697 int send_len = 10; 698 char buf[10]; 699 int p[2]; 700 701 if (self->notls) 702 SKIP(return, "no TLS support"); 703 704 ASSERT_GE(pipe(p), 0); 705 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 706 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1); 707 EXPECT_EQ(errno, EINVAL); 708 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 709 EXPECT_EQ(errno, EIO); 710 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 711 buf, sizeof(buf), MSG_WAITALL), 712 send_len); 713 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 714 } 715 716 TEST_F(tls, splice_dec_cmsg_to_pipe) 717 { 718 char *test_str = "test_read"; 719 char record_type = 100; 720 int send_len = 10; 721 char buf[10]; 722 int p[2]; 723 724 if (self->notls) 725 SKIP(return, "no TLS support"); 726 727 ASSERT_GE(pipe(p), 0); 728 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 729 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 730 EXPECT_EQ(errno, EIO); 731 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1); 732 EXPECT_EQ(errno, EINVAL); 733 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 734 buf, sizeof(buf), MSG_WAITALL), 735 send_len); 736 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 737 } 738 739 TEST_F(tls, recv_and_splice) 740 { 741 int send_len = TLS_PAYLOAD_MAX_LEN; 742 char mem_send[TLS_PAYLOAD_MAX_LEN]; 743 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 744 int half = send_len / 2; 745 int p[2]; 746 747 ASSERT_GE(pipe(p), 0); 748 EXPECT_EQ(send(self->fd, mem_send, send_len, 0), send_len); 749 /* Recv hald of the record, splice the other half */ 750 EXPECT_EQ(recv(self->cfd, mem_recv, half, MSG_WAITALL), half); 751 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, half, SPLICE_F_NONBLOCK), 752 half); 753 EXPECT_EQ(read(p[0], &mem_recv[half], half), half); 754 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 755 } 756 757 TEST_F(tls, peek_and_splice) 758 { 759 int send_len = TLS_PAYLOAD_MAX_LEN; 760 char mem_send[TLS_PAYLOAD_MAX_LEN]; 761 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 762 int chunk = TLS_PAYLOAD_MAX_LEN / 4; 763 int n, i, p[2]; 764 765 memrnd(mem_send, sizeof(mem_send)); 766 767 ASSERT_GE(pipe(p), 0); 768 for (i = 0; i < 4; i++) 769 EXPECT_EQ(send(self->fd, &mem_send[chunk * i], chunk, 0), 770 chunk); 771 772 EXPECT_EQ(recv(self->cfd, mem_recv, chunk * 5 / 2, 773 MSG_WAITALL | MSG_PEEK), 774 chunk * 5 / 2); 775 EXPECT_EQ(memcmp(mem_send, mem_recv, chunk * 5 / 2), 0); 776 777 n = 0; 778 while (n < send_len) { 779 i = splice(self->cfd, NULL, p[1], NULL, send_len - n, 0); 780 EXPECT_GT(i, 0); 781 n += i; 782 } 783 EXPECT_EQ(n, send_len); 784 EXPECT_EQ(read(p[0], mem_recv, send_len), send_len); 785 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 786 } 787 788 TEST_F(tls, recvmsg_single) 789 { 790 char const *test_str = "test_recvmsg_single"; 791 int send_len = strlen(test_str) + 1; 792 char buf[20]; 793 struct msghdr hdr; 794 struct iovec vec; 795 796 memset(&hdr, 0, sizeof(hdr)); 797 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 798 vec.iov_base = (char *)buf; 799 vec.iov_len = send_len; 800 hdr.msg_iovlen = 1; 801 hdr.msg_iov = &vec; 802 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 803 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 804 } 805 806 TEST_F(tls, recvmsg_single_max) 807 { 808 int send_len = TLS_PAYLOAD_MAX_LEN; 809 char send_mem[TLS_PAYLOAD_MAX_LEN]; 810 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 811 struct iovec vec; 812 struct msghdr hdr; 813 814 memrnd(send_mem, sizeof(send_mem)); 815 816 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 817 vec.iov_base = (char *)recv_mem; 818 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 819 820 hdr.msg_iovlen = 1; 821 hdr.msg_iov = &vec; 822 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 823 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 824 } 825 826 TEST_F(tls, recvmsg_multiple) 827 { 828 unsigned int msg_iovlen = 1024; 829 struct iovec vec[1024]; 830 char *iov_base[1024]; 831 unsigned int iov_len = 16; 832 int send_len = 1 << 14; 833 char buf[1 << 14]; 834 struct msghdr hdr; 835 int i; 836 837 memrnd(buf, sizeof(buf)); 838 839 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 840 for (i = 0; i < msg_iovlen; i++) { 841 iov_base[i] = (char *)malloc(iov_len); 842 vec[i].iov_base = iov_base[i]; 843 vec[i].iov_len = iov_len; 844 } 845 846 hdr.msg_iovlen = msg_iovlen; 847 hdr.msg_iov = vec; 848 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 849 850 for (i = 0; i < msg_iovlen; i++) 851 free(iov_base[i]); 852 } 853 854 TEST_F(tls, single_send_multiple_recv) 855 { 856 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 857 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 858 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 859 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 860 861 memrnd(send_mem, sizeof(send_mem)); 862 863 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 864 memset(recv_mem, 0, total_len); 865 866 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 867 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 868 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 869 } 870 871 TEST_F(tls, multiple_send_single_recv) 872 { 873 unsigned int total_len = 2 * 10; 874 unsigned int send_len = 10; 875 char recv_mem[2 * 10]; 876 char send_mem[10]; 877 878 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 879 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 880 memset(recv_mem, 0, total_len); 881 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 882 883 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 884 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 885 } 886 887 TEST_F(tls, single_send_multiple_recv_non_align) 888 { 889 const unsigned int total_len = 15; 890 const unsigned int recv_len = 10; 891 char recv_mem[recv_len * 2]; 892 char send_mem[total_len]; 893 894 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 895 memset(recv_mem, 0, total_len); 896 897 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 898 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 899 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 900 } 901 902 TEST_F(tls, recv_partial) 903 { 904 char const *test_str = "test_read_partial"; 905 char const *test_str_first = "test_read"; 906 char const *test_str_second = "_partial"; 907 int send_len = strlen(test_str) + 1; 908 char recv_mem[18]; 909 910 memset(recv_mem, 0, sizeof(recv_mem)); 911 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 912 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 913 MSG_WAITALL), -1); 914 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 915 memset(recv_mem, 0, sizeof(recv_mem)); 916 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 917 MSG_WAITALL), -1); 918 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 919 0); 920 } 921 922 TEST_F(tls, recv_nonblock) 923 { 924 char buf[4096]; 925 bool err; 926 927 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 928 err = (errno == EAGAIN || errno == EWOULDBLOCK); 929 EXPECT_EQ(err, true); 930 } 931 932 TEST_F(tls, recv_peek) 933 { 934 char const *test_str = "test_read_peek"; 935 int send_len = strlen(test_str) + 1; 936 char buf[15]; 937 938 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 939 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 940 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 941 memset(buf, 0, sizeof(buf)); 942 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 943 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 944 } 945 946 TEST_F(tls, recv_peek_multiple) 947 { 948 char const *test_str = "test_read_peek"; 949 int send_len = strlen(test_str) + 1; 950 unsigned int num_peeks = 100; 951 char buf[15]; 952 int i; 953 954 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 955 for (i = 0; i < num_peeks; i++) { 956 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 957 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 958 memset(buf, 0, sizeof(buf)); 959 } 960 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 961 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 962 } 963 964 TEST_F(tls, recv_peek_multiple_records) 965 { 966 char const *test_str = "test_read_peek_mult_recs"; 967 char const *test_str_first = "test_read_peek"; 968 char const *test_str_second = "_mult_recs"; 969 int len; 970 char buf[64]; 971 972 len = strlen(test_str_first); 973 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 974 975 len = strlen(test_str_second) + 1; 976 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 977 978 len = strlen(test_str_first); 979 memset(buf, 0, len); 980 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 981 982 /* MSG_PEEK can only peek into the current record. */ 983 len = strlen(test_str_first); 984 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 985 986 len = strlen(test_str) + 1; 987 memset(buf, 0, len); 988 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 989 990 /* Non-MSG_PEEK will advance strparser (and therefore record) 991 * however. 992 */ 993 len = strlen(test_str) + 1; 994 EXPECT_EQ(memcmp(test_str, buf, len), 0); 995 996 /* MSG_MORE will hold current record open, so later MSG_PEEK 997 * will see everything. 998 */ 999 len = strlen(test_str_first); 1000 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 1001 1002 len = strlen(test_str_second) + 1; 1003 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 1004 1005 len = strlen(test_str) + 1; 1006 memset(buf, 0, len); 1007 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 1008 1009 len = strlen(test_str) + 1; 1010 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1011 } 1012 1013 TEST_F(tls, recv_peek_large_buf_mult_recs) 1014 { 1015 char const *test_str = "test_read_peek_mult_recs"; 1016 char const *test_str_first = "test_read_peek"; 1017 char const *test_str_second = "_mult_recs"; 1018 int len; 1019 char buf[64]; 1020 1021 len = strlen(test_str_first); 1022 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 1023 1024 len = strlen(test_str_second) + 1; 1025 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 1026 1027 len = strlen(test_str) + 1; 1028 memset(buf, 0, len); 1029 EXPECT_NE((len = recv(self->cfd, buf, len, 1030 MSG_PEEK | MSG_WAITALL)), -1); 1031 len = strlen(test_str) + 1; 1032 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1033 } 1034 1035 TEST_F(tls, recv_lowat) 1036 { 1037 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 1038 char recv_mem[20]; 1039 int lowat = 8; 1040 1041 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 1042 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 1043 1044 memset(recv_mem, 0, 20); 1045 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 1046 &lowat, sizeof(lowat)), 0); 1047 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 1048 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 1049 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 1050 1051 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 1052 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 1053 } 1054 1055 TEST_F(tls, bidir) 1056 { 1057 char const *test_str = "test_read"; 1058 int send_len = 10; 1059 char buf[10]; 1060 int ret; 1061 1062 if (!self->notls) { 1063 struct tls_crypto_info_keys tls12; 1064 1065 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 1066 &tls12); 1067 1068 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 1069 tls12.len); 1070 ASSERT_EQ(ret, 0); 1071 1072 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 1073 tls12.len); 1074 ASSERT_EQ(ret, 0); 1075 } 1076 1077 ASSERT_EQ(strlen(test_str) + 1, send_len); 1078 1079 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1080 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1081 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1082 1083 memset(buf, 0, sizeof(buf)); 1084 1085 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 1086 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 1087 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1088 }; 1089 1090 TEST_F(tls, pollin) 1091 { 1092 char const *test_str = "test_poll"; 1093 struct pollfd fd = { 0, 0, 0 }; 1094 char buf[10]; 1095 int send_len = 10; 1096 1097 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1098 fd.fd = self->cfd; 1099 fd.events = POLLIN; 1100 1101 EXPECT_EQ(poll(&fd, 1, 20), 1); 1102 EXPECT_EQ(fd.revents & POLLIN, 1); 1103 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 1104 /* Test timing out */ 1105 EXPECT_EQ(poll(&fd, 1, 20), 0); 1106 } 1107 1108 TEST_F(tls, poll_wait) 1109 { 1110 char const *test_str = "test_poll_wait"; 1111 int send_len = strlen(test_str) + 1; 1112 struct pollfd fd = { 0, 0, 0 }; 1113 char recv_mem[15]; 1114 1115 fd.fd = self->cfd; 1116 fd.events = POLLIN; 1117 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1118 /* Set timeout to inf. secs */ 1119 EXPECT_EQ(poll(&fd, 1, -1), 1); 1120 EXPECT_EQ(fd.revents & POLLIN, 1); 1121 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 1122 } 1123 1124 TEST_F(tls, poll_wait_split) 1125 { 1126 struct pollfd fd = { 0, 0, 0 }; 1127 char send_mem[20] = {}; 1128 char recv_mem[15]; 1129 1130 fd.fd = self->cfd; 1131 fd.events = POLLIN; 1132 /* Send 20 bytes */ 1133 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 1134 sizeof(send_mem)); 1135 /* Poll with inf. timeout */ 1136 EXPECT_EQ(poll(&fd, 1, -1), 1); 1137 EXPECT_EQ(fd.revents & POLLIN, 1); 1138 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 1139 sizeof(recv_mem)); 1140 1141 /* Now the remaining 5 bytes of record data are in TLS ULP */ 1142 fd.fd = self->cfd; 1143 fd.events = POLLIN; 1144 EXPECT_EQ(poll(&fd, 1, -1), 1); 1145 EXPECT_EQ(fd.revents & POLLIN, 1); 1146 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 1147 sizeof(send_mem) - sizeof(recv_mem)); 1148 } 1149 1150 TEST_F(tls, blocking) 1151 { 1152 size_t data = 100000; 1153 int res = fork(); 1154 1155 EXPECT_NE(res, -1); 1156 1157 if (res) { 1158 /* parent */ 1159 size_t left = data; 1160 char buf[16384]; 1161 int status; 1162 int pid2; 1163 1164 while (left) { 1165 int res = send(self->fd, buf, 1166 left > 16384 ? 16384 : left, 0); 1167 1168 EXPECT_GE(res, 0); 1169 left -= res; 1170 } 1171 1172 pid2 = wait(&status); 1173 EXPECT_EQ(status, 0); 1174 EXPECT_EQ(res, pid2); 1175 } else { 1176 /* child */ 1177 size_t left = data; 1178 char buf[16384]; 1179 1180 while (left) { 1181 int res = recv(self->cfd, buf, 1182 left > 16384 ? 16384 : left, 0); 1183 1184 EXPECT_GE(res, 0); 1185 left -= res; 1186 } 1187 } 1188 } 1189 1190 TEST_F(tls, nonblocking) 1191 { 1192 size_t data = 100000; 1193 int sendbuf = 100; 1194 int flags; 1195 int res; 1196 1197 flags = fcntl(self->fd, F_GETFL, 0); 1198 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 1199 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 1200 1201 /* Ensure nonblocking behavior by imposing a small send 1202 * buffer. 1203 */ 1204 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 1205 &sendbuf, sizeof(sendbuf)), 0); 1206 1207 res = fork(); 1208 EXPECT_NE(res, -1); 1209 1210 if (res) { 1211 /* parent */ 1212 bool eagain = false; 1213 size_t left = data; 1214 char buf[16384]; 1215 int status; 1216 int pid2; 1217 1218 while (left) { 1219 int res = send(self->fd, buf, 1220 left > 16384 ? 16384 : left, 0); 1221 1222 if (res == -1 && errno == EAGAIN) { 1223 eagain = true; 1224 usleep(10000); 1225 continue; 1226 } 1227 EXPECT_GE(res, 0); 1228 left -= res; 1229 } 1230 1231 EXPECT_TRUE(eagain); 1232 pid2 = wait(&status); 1233 1234 EXPECT_EQ(status, 0); 1235 EXPECT_EQ(res, pid2); 1236 } else { 1237 /* child */ 1238 bool eagain = false; 1239 size_t left = data; 1240 char buf[16384]; 1241 1242 while (left) { 1243 int res = recv(self->cfd, buf, 1244 left > 16384 ? 16384 : left, 0); 1245 1246 if (res == -1 && errno == EAGAIN) { 1247 eagain = true; 1248 usleep(10000); 1249 continue; 1250 } 1251 EXPECT_GE(res, 0); 1252 left -= res; 1253 } 1254 EXPECT_TRUE(eagain); 1255 } 1256 } 1257 1258 static void 1259 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1260 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1261 { 1262 const unsigned int n_children = n_readers + n_writers; 1263 const size_t data = 6 * 1000 * 1000; 1264 const size_t file_sz = data / 100; 1265 size_t read_bias, write_bias; 1266 int i, fd, child_id; 1267 char buf[file_sz]; 1268 pid_t pid; 1269 1270 /* Only allow multiples for simplicity */ 1271 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1272 read_bias = n_writers / n_readers ?: 1; 1273 write_bias = n_readers / n_writers ?: 1; 1274 1275 /* prep a file to send */ 1276 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1277 ASSERT_GE(fd, 0); 1278 1279 memset(buf, 0xac, file_sz); 1280 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1281 1282 /* spawn children */ 1283 for (child_id = 0; child_id < n_children; child_id++) { 1284 pid = fork(); 1285 ASSERT_NE(pid, -1); 1286 if (!pid) 1287 break; 1288 } 1289 1290 /* parent waits for all children */ 1291 if (pid) { 1292 for (i = 0; i < n_children; i++) { 1293 int status; 1294 1295 wait(&status); 1296 EXPECT_EQ(status, 0); 1297 } 1298 1299 return; 1300 } 1301 1302 /* Split threads for reading and writing */ 1303 if (child_id < n_readers) { 1304 size_t left = data * read_bias; 1305 char rb[8001]; 1306 1307 while (left) { 1308 int res; 1309 1310 res = recv(self->cfd, rb, 1311 left > sizeof(rb) ? sizeof(rb) : left, 0); 1312 1313 EXPECT_GE(res, 0); 1314 left -= res; 1315 } 1316 } else { 1317 size_t left = data * write_bias; 1318 1319 while (left) { 1320 int res; 1321 1322 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1323 if (sendpg) 1324 res = sendfile(self->fd, fd, NULL, 1325 left > file_sz ? file_sz : left); 1326 else 1327 res = send(self->fd, buf, 1328 left > file_sz ? file_sz : left, 0); 1329 1330 EXPECT_GE(res, 0); 1331 left -= res; 1332 } 1333 } 1334 } 1335 1336 TEST_F(tls, mutliproc_even) 1337 { 1338 test_mutliproc(_metadata, self, false, 6, 6); 1339 } 1340 1341 TEST_F(tls, mutliproc_readers) 1342 { 1343 test_mutliproc(_metadata, self, false, 4, 12); 1344 } 1345 1346 TEST_F(tls, mutliproc_writers) 1347 { 1348 test_mutliproc(_metadata, self, false, 10, 2); 1349 } 1350 1351 TEST_F(tls, mutliproc_sendpage_even) 1352 { 1353 test_mutliproc(_metadata, self, true, 6, 6); 1354 } 1355 1356 TEST_F(tls, mutliproc_sendpage_readers) 1357 { 1358 test_mutliproc(_metadata, self, true, 4, 12); 1359 } 1360 1361 TEST_F(tls, mutliproc_sendpage_writers) 1362 { 1363 test_mutliproc(_metadata, self, true, 10, 2); 1364 } 1365 1366 TEST_F(tls, control_msg) 1367 { 1368 char *test_str = "test_read"; 1369 char record_type = 100; 1370 int send_len = 10; 1371 char buf[10]; 1372 1373 if (self->notls) 1374 SKIP(return, "no TLS support"); 1375 1376 EXPECT_EQ(tls_send_cmsg(self->fd, record_type, test_str, send_len, 0), 1377 send_len); 1378 /* Should fail because we didn't provide a control message */ 1379 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1380 1381 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 1382 buf, sizeof(buf), MSG_WAITALL | MSG_PEEK), 1383 send_len); 1384 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1385 1386 /* Recv the message again without MSG_PEEK */ 1387 memset(buf, 0, sizeof(buf)); 1388 1389 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 1390 buf, sizeof(buf), MSG_WAITALL), 1391 send_len); 1392 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1393 } 1394 1395 TEST_F(tls, shutdown) 1396 { 1397 char const *test_str = "test_read"; 1398 int send_len = 10; 1399 char buf[10]; 1400 1401 ASSERT_EQ(strlen(test_str) + 1, send_len); 1402 1403 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1404 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1405 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1406 1407 shutdown(self->fd, SHUT_RDWR); 1408 shutdown(self->cfd, SHUT_RDWR); 1409 } 1410 1411 TEST_F(tls, shutdown_unsent) 1412 { 1413 char const *test_str = "test_read"; 1414 int send_len = 10; 1415 1416 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1417 1418 shutdown(self->fd, SHUT_RDWR); 1419 shutdown(self->cfd, SHUT_RDWR); 1420 } 1421 1422 TEST_F(tls, shutdown_reuse) 1423 { 1424 struct sockaddr_in addr; 1425 int ret; 1426 1427 shutdown(self->fd, SHUT_RDWR); 1428 shutdown(self->cfd, SHUT_RDWR); 1429 close(self->cfd); 1430 1431 addr.sin_family = AF_INET; 1432 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1433 addr.sin_port = 0; 1434 1435 ret = bind(self->fd, &addr, sizeof(addr)); 1436 EXPECT_EQ(ret, 0); 1437 ret = listen(self->fd, 10); 1438 EXPECT_EQ(ret, -1); 1439 EXPECT_EQ(errno, EINVAL); 1440 1441 ret = connect(self->fd, &addr, sizeof(addr)); 1442 EXPECT_EQ(ret, -1); 1443 EXPECT_EQ(errno, EISCONN); 1444 } 1445 1446 FIXTURE(tls_err) 1447 { 1448 int fd, cfd; 1449 int fd2, cfd2; 1450 bool notls; 1451 }; 1452 1453 FIXTURE_VARIANT(tls_err) 1454 { 1455 uint16_t tls_version; 1456 }; 1457 1458 FIXTURE_VARIANT_ADD(tls_err, 12_aes_gcm) 1459 { 1460 .tls_version = TLS_1_2_VERSION, 1461 }; 1462 1463 FIXTURE_VARIANT_ADD(tls_err, 13_aes_gcm) 1464 { 1465 .tls_version = TLS_1_3_VERSION, 1466 }; 1467 1468 FIXTURE_SETUP(tls_err) 1469 { 1470 struct tls_crypto_info_keys tls12; 1471 int ret; 1472 1473 tls_crypto_info_init(variant->tls_version, TLS_CIPHER_AES_GCM_128, 1474 &tls12); 1475 1476 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 1477 ulp_sock_pair(_metadata, &self->fd2, &self->cfd2, &self->notls); 1478 if (self->notls) 1479 return; 1480 1481 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 1482 ASSERT_EQ(ret, 0); 1483 1484 ret = setsockopt(self->cfd2, SOL_TLS, TLS_RX, &tls12, tls12.len); 1485 ASSERT_EQ(ret, 0); 1486 } 1487 1488 FIXTURE_TEARDOWN(tls_err) 1489 { 1490 close(self->fd); 1491 close(self->cfd); 1492 close(self->fd2); 1493 close(self->cfd2); 1494 } 1495 1496 TEST_F(tls_err, bad_rec) 1497 { 1498 char buf[64]; 1499 1500 if (self->notls) 1501 SKIP(return, "no TLS support"); 1502 1503 memset(buf, 0x55, sizeof(buf)); 1504 EXPECT_EQ(send(self->fd2, buf, sizeof(buf), 0), sizeof(buf)); 1505 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1506 EXPECT_EQ(errno, EMSGSIZE); 1507 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), MSG_DONTWAIT), -1); 1508 EXPECT_EQ(errno, EAGAIN); 1509 } 1510 1511 TEST_F(tls_err, bad_auth) 1512 { 1513 char buf[128]; 1514 int n; 1515 1516 if (self->notls) 1517 SKIP(return, "no TLS support"); 1518 1519 memrnd(buf, sizeof(buf) / 2); 1520 EXPECT_EQ(send(self->fd, buf, sizeof(buf) / 2, 0), sizeof(buf) / 2); 1521 n = recv(self->cfd, buf, sizeof(buf), 0); 1522 EXPECT_GT(n, sizeof(buf) / 2); 1523 1524 buf[n - 1]++; 1525 1526 EXPECT_EQ(send(self->fd2, buf, n, 0), n); 1527 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1528 EXPECT_EQ(errno, EBADMSG); 1529 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1530 EXPECT_EQ(errno, EBADMSG); 1531 } 1532 1533 TEST_F(tls_err, bad_in_large_read) 1534 { 1535 char txt[3][64]; 1536 char cip[3][128]; 1537 char buf[3 * 128]; 1538 int i, n; 1539 1540 if (self->notls) 1541 SKIP(return, "no TLS support"); 1542 1543 /* Put 3 records in the sockets */ 1544 for (i = 0; i < 3; i++) { 1545 memrnd(txt[i], sizeof(txt[i])); 1546 EXPECT_EQ(send(self->fd, txt[i], sizeof(txt[i]), 0), 1547 sizeof(txt[i])); 1548 n = recv(self->cfd, cip[i], sizeof(cip[i]), 0); 1549 EXPECT_GT(n, sizeof(txt[i])); 1550 /* Break the third message */ 1551 if (i == 2) 1552 cip[2][n - 1]++; 1553 EXPECT_EQ(send(self->fd2, cip[i], n, 0), n); 1554 } 1555 1556 /* We should be able to receive the first two messages */ 1557 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt[0]) * 2); 1558 EXPECT_EQ(memcmp(buf, txt[0], sizeof(txt[0])), 0); 1559 EXPECT_EQ(memcmp(buf + sizeof(txt[0]), txt[1], sizeof(txt[1])), 0); 1560 /* Third mesasge is bad */ 1561 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1562 EXPECT_EQ(errno, EBADMSG); 1563 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1564 EXPECT_EQ(errno, EBADMSG); 1565 } 1566 1567 TEST_F(tls_err, bad_cmsg) 1568 { 1569 char *test_str = "test_read"; 1570 int send_len = 10; 1571 char cip[128]; 1572 char buf[128]; 1573 char txt[64]; 1574 int n; 1575 1576 if (self->notls) 1577 SKIP(return, "no TLS support"); 1578 1579 /* Queue up one data record */ 1580 memrnd(txt, sizeof(txt)); 1581 EXPECT_EQ(send(self->fd, txt, sizeof(txt), 0), sizeof(txt)); 1582 n = recv(self->cfd, cip, sizeof(cip), 0); 1583 EXPECT_GT(n, sizeof(txt)); 1584 EXPECT_EQ(send(self->fd2, cip, n, 0), n); 1585 1586 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 1587 n = recv(self->cfd, cip, sizeof(cip), 0); 1588 cip[n - 1]++; /* Break it */ 1589 EXPECT_GT(n, send_len); 1590 EXPECT_EQ(send(self->fd2, cip, n, 0), n); 1591 1592 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt)); 1593 EXPECT_EQ(memcmp(buf, txt, sizeof(txt)), 0); 1594 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1595 EXPECT_EQ(errno, EBADMSG); 1596 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1597 EXPECT_EQ(errno, EBADMSG); 1598 } 1599 1600 TEST_F(tls_err, timeo) 1601 { 1602 struct timeval tv = { .tv_usec = 10000, }; 1603 char buf[128]; 1604 int ret; 1605 1606 if (self->notls) 1607 SKIP(return, "no TLS support"); 1608 1609 ret = setsockopt(self->cfd2, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)); 1610 ASSERT_EQ(ret, 0); 1611 1612 ret = fork(); 1613 ASSERT_GE(ret, 0); 1614 1615 if (ret) { 1616 usleep(1000); /* Give child a head start */ 1617 1618 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1619 EXPECT_EQ(errno, EAGAIN); 1620 1621 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1622 EXPECT_EQ(errno, EAGAIN); 1623 1624 wait(&ret); 1625 } else { 1626 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1627 EXPECT_EQ(errno, EAGAIN); 1628 exit(0); 1629 } 1630 } 1631 1632 TEST(non_established) { 1633 struct tls12_crypto_info_aes_gcm_256 tls12; 1634 struct sockaddr_in addr; 1635 int sfd, ret, fd; 1636 socklen_t len; 1637 1638 len = sizeof(addr); 1639 1640 memset(&tls12, 0, sizeof(tls12)); 1641 tls12.info.version = TLS_1_2_VERSION; 1642 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1643 1644 addr.sin_family = AF_INET; 1645 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1646 addr.sin_port = 0; 1647 1648 fd = socket(AF_INET, SOCK_STREAM, 0); 1649 sfd = socket(AF_INET, SOCK_STREAM, 0); 1650 1651 ret = bind(sfd, &addr, sizeof(addr)); 1652 ASSERT_EQ(ret, 0); 1653 ret = listen(sfd, 10); 1654 ASSERT_EQ(ret, 0); 1655 1656 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1657 EXPECT_EQ(ret, -1); 1658 /* TLS ULP not supported */ 1659 if (errno == ENOENT) 1660 return; 1661 EXPECT_EQ(errno, ENOTCONN); 1662 1663 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1664 EXPECT_EQ(ret, -1); 1665 EXPECT_EQ(errno, ENOTCONN); 1666 1667 ret = getsockname(sfd, &addr, &len); 1668 ASSERT_EQ(ret, 0); 1669 1670 ret = connect(fd, &addr, sizeof(addr)); 1671 ASSERT_EQ(ret, 0); 1672 1673 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1674 ASSERT_EQ(ret, 0); 1675 1676 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1677 EXPECT_EQ(ret, -1); 1678 EXPECT_EQ(errno, EEXIST); 1679 1680 close(fd); 1681 close(sfd); 1682 } 1683 1684 TEST(keysizes) { 1685 struct tls12_crypto_info_aes_gcm_256 tls12; 1686 int ret, fd, cfd; 1687 bool notls; 1688 1689 memset(&tls12, 0, sizeof(tls12)); 1690 tls12.info.version = TLS_1_2_VERSION; 1691 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1692 1693 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); 1694 1695 if (!notls) { 1696 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1697 sizeof(tls12)); 1698 EXPECT_EQ(ret, 0); 1699 1700 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1701 sizeof(tls12)); 1702 EXPECT_EQ(ret, 0); 1703 } 1704 1705 close(fd); 1706 close(cfd); 1707 } 1708 1709 TEST(no_pad) { 1710 struct tls12_crypto_info_aes_gcm_256 tls12; 1711 int ret, fd, cfd, val; 1712 socklen_t len; 1713 bool notls; 1714 1715 memset(&tls12, 0, sizeof(tls12)); 1716 tls12.info.version = TLS_1_3_VERSION; 1717 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1718 1719 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); 1720 1721 if (notls) 1722 exit(KSFT_SKIP); 1723 1724 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, sizeof(tls12)); 1725 EXPECT_EQ(ret, 0); 1726 1727 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, sizeof(tls12)); 1728 EXPECT_EQ(ret, 0); 1729 1730 val = 1; 1731 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1732 (void *)&val, sizeof(val)); 1733 EXPECT_EQ(ret, 0); 1734 1735 len = sizeof(val); 1736 val = 2; 1737 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1738 (void *)&val, &len); 1739 EXPECT_EQ(ret, 0); 1740 EXPECT_EQ(val, 1); 1741 EXPECT_EQ(len, 4); 1742 1743 val = 0; 1744 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1745 (void *)&val, sizeof(val)); 1746 EXPECT_EQ(ret, 0); 1747 1748 len = sizeof(val); 1749 val = 2; 1750 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1751 (void *)&val, &len); 1752 EXPECT_EQ(ret, 0); 1753 EXPECT_EQ(val, 0); 1754 EXPECT_EQ(len, 4); 1755 1756 close(fd); 1757 close(cfd); 1758 } 1759 1760 TEST(tls_v6ops) { 1761 struct tls_crypto_info_keys tls12; 1762 struct sockaddr_in6 addr, addr2; 1763 int sfd, ret, fd; 1764 socklen_t len, len2; 1765 1766 tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12); 1767 1768 addr.sin6_family = AF_INET6; 1769 addr.sin6_addr = in6addr_any; 1770 addr.sin6_port = 0; 1771 1772 fd = socket(AF_INET6, SOCK_STREAM, 0); 1773 sfd = socket(AF_INET6, SOCK_STREAM, 0); 1774 1775 ret = bind(sfd, &addr, sizeof(addr)); 1776 ASSERT_EQ(ret, 0); 1777 ret = listen(sfd, 10); 1778 ASSERT_EQ(ret, 0); 1779 1780 len = sizeof(addr); 1781 ret = getsockname(sfd, &addr, &len); 1782 ASSERT_EQ(ret, 0); 1783 1784 ret = connect(fd, &addr, sizeof(addr)); 1785 ASSERT_EQ(ret, 0); 1786 1787 len = sizeof(addr); 1788 ret = getsockname(fd, &addr, &len); 1789 ASSERT_EQ(ret, 0); 1790 1791 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1792 if (ret) { 1793 ASSERT_EQ(errno, ENOENT); 1794 SKIP(return, "no TLS support"); 1795 } 1796 ASSERT_EQ(ret, 0); 1797 1798 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 1799 ASSERT_EQ(ret, 0); 1800 1801 ret = setsockopt(fd, SOL_TLS, TLS_RX, &tls12, tls12.len); 1802 ASSERT_EQ(ret, 0); 1803 1804 len2 = sizeof(addr2); 1805 ret = getsockname(fd, &addr2, &len2); 1806 ASSERT_EQ(ret, 0); 1807 1808 EXPECT_EQ(len2, len); 1809 EXPECT_EQ(memcmp(&addr, &addr2, len), 0); 1810 1811 close(fd); 1812 close(sfd); 1813 } 1814 1815 TEST_HARNESS_MAIN 1816