1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 struct tls_crypto_info_keys { 29 union { 30 struct tls12_crypto_info_aes_gcm_128 aes128; 31 struct tls12_crypto_info_chacha20_poly1305 chacha20; 32 struct tls12_crypto_info_sm4_gcm sm4gcm; 33 struct tls12_crypto_info_sm4_ccm sm4ccm; 34 struct tls12_crypto_info_aes_ccm_128 aesccm128; 35 struct tls12_crypto_info_aes_gcm_256 aesgcm256; 36 }; 37 size_t len; 38 }; 39 40 static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type, 41 struct tls_crypto_info_keys *tls12) 42 { 43 memset(tls12, 0, sizeof(*tls12)); 44 45 switch (cipher_type) { 46 case TLS_CIPHER_CHACHA20_POLY1305: 47 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305); 48 tls12->chacha20.info.version = tls_version; 49 tls12->chacha20.info.cipher_type = cipher_type; 50 break; 51 case TLS_CIPHER_AES_GCM_128: 52 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128); 53 tls12->aes128.info.version = tls_version; 54 tls12->aes128.info.cipher_type = cipher_type; 55 break; 56 case TLS_CIPHER_SM4_GCM: 57 tls12->len = sizeof(struct tls12_crypto_info_sm4_gcm); 58 tls12->sm4gcm.info.version = tls_version; 59 tls12->sm4gcm.info.cipher_type = cipher_type; 60 break; 61 case TLS_CIPHER_SM4_CCM: 62 tls12->len = sizeof(struct tls12_crypto_info_sm4_ccm); 63 tls12->sm4ccm.info.version = tls_version; 64 tls12->sm4ccm.info.cipher_type = cipher_type; 65 break; 66 case TLS_CIPHER_AES_CCM_128: 67 tls12->len = sizeof(struct tls12_crypto_info_aes_ccm_128); 68 tls12->aesccm128.info.version = tls_version; 69 tls12->aesccm128.info.cipher_type = cipher_type; 70 break; 71 case TLS_CIPHER_AES_GCM_256: 72 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_256); 73 tls12->aesgcm256.info.version = tls_version; 74 tls12->aesgcm256.info.cipher_type = cipher_type; 75 break; 76 default: 77 break; 78 } 79 } 80 81 static void memrnd(void *s, size_t n) 82 { 83 int *dword = s; 84 char *byte; 85 86 for (; n >= 4; n -= 4) 87 *dword++ = rand(); 88 byte = (void *)dword; 89 while (n--) 90 *byte++ = rand(); 91 } 92 93 static void ulp_sock_pair(struct __test_metadata *_metadata, 94 int *fd, int *cfd, bool *notls) 95 { 96 struct sockaddr_in addr; 97 socklen_t len; 98 int sfd, ret; 99 100 *notls = false; 101 len = sizeof(addr); 102 103 addr.sin_family = AF_INET; 104 addr.sin_addr.s_addr = htonl(INADDR_ANY); 105 addr.sin_port = 0; 106 107 *fd = socket(AF_INET, SOCK_STREAM, 0); 108 sfd = socket(AF_INET, SOCK_STREAM, 0); 109 110 ret = bind(sfd, &addr, sizeof(addr)); 111 ASSERT_EQ(ret, 0); 112 ret = listen(sfd, 10); 113 ASSERT_EQ(ret, 0); 114 115 ret = getsockname(sfd, &addr, &len); 116 ASSERT_EQ(ret, 0); 117 118 ret = connect(*fd, &addr, sizeof(addr)); 119 ASSERT_EQ(ret, 0); 120 121 *cfd = accept(sfd, &addr, &len); 122 ASSERT_GE(*cfd, 0); 123 124 close(sfd); 125 126 ret = setsockopt(*fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 127 if (ret != 0) { 128 ASSERT_EQ(errno, ENOENT); 129 *notls = true; 130 printf("Failure setting TCP_ULP, testing without tls\n"); 131 return; 132 } 133 134 ret = setsockopt(*cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 135 ASSERT_EQ(ret, 0); 136 } 137 138 /* Produce a basic cmsg */ 139 static int tls_send_cmsg(int fd, unsigned char record_type, 140 void *data, size_t len, int flags) 141 { 142 char cbuf[CMSG_SPACE(sizeof(char))]; 143 int cmsg_len = sizeof(char); 144 struct cmsghdr *cmsg; 145 struct msghdr msg; 146 struct iovec vec; 147 148 vec.iov_base = data; 149 vec.iov_len = len; 150 memset(&msg, 0, sizeof(struct msghdr)); 151 msg.msg_iov = &vec; 152 msg.msg_iovlen = 1; 153 msg.msg_control = cbuf; 154 msg.msg_controllen = sizeof(cbuf); 155 cmsg = CMSG_FIRSTHDR(&msg); 156 cmsg->cmsg_level = SOL_TLS; 157 /* test sending non-record types. */ 158 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 159 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 160 *CMSG_DATA(cmsg) = record_type; 161 msg.msg_controllen = cmsg->cmsg_len; 162 163 return sendmsg(fd, &msg, flags); 164 } 165 166 static int tls_recv_cmsg(struct __test_metadata *_metadata, 167 int fd, unsigned char record_type, 168 void *data, size_t len, int flags) 169 { 170 char cbuf[CMSG_SPACE(sizeof(char))]; 171 struct cmsghdr *cmsg; 172 unsigned char ctype; 173 struct msghdr msg; 174 struct iovec vec; 175 int n; 176 177 vec.iov_base = data; 178 vec.iov_len = len; 179 memset(&msg, 0, sizeof(struct msghdr)); 180 msg.msg_iov = &vec; 181 msg.msg_iovlen = 1; 182 msg.msg_control = cbuf; 183 msg.msg_controllen = sizeof(cbuf); 184 185 n = recvmsg(fd, &msg, flags); 186 187 cmsg = CMSG_FIRSTHDR(&msg); 188 EXPECT_NE(cmsg, NULL); 189 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 190 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 191 ctype = *((unsigned char *)CMSG_DATA(cmsg)); 192 EXPECT_EQ(ctype, record_type); 193 194 return n; 195 } 196 197 FIXTURE(tls_basic) 198 { 199 int fd, cfd; 200 bool notls; 201 }; 202 203 FIXTURE_SETUP(tls_basic) 204 { 205 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 206 } 207 208 FIXTURE_TEARDOWN(tls_basic) 209 { 210 close(self->fd); 211 close(self->cfd); 212 } 213 214 /* Send some data through with ULP but no keys */ 215 TEST_F(tls_basic, base_base) 216 { 217 char const *test_str = "test_read"; 218 int send_len = 10; 219 char buf[10]; 220 221 ASSERT_EQ(strlen(test_str) + 1, send_len); 222 223 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 224 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 225 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 226 }; 227 228 FIXTURE(tls) 229 { 230 int fd, cfd; 231 bool notls; 232 }; 233 234 FIXTURE_VARIANT(tls) 235 { 236 uint16_t tls_version; 237 uint16_t cipher_type; 238 bool nopad; 239 }; 240 241 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm) 242 { 243 .tls_version = TLS_1_2_VERSION, 244 .cipher_type = TLS_CIPHER_AES_GCM_128, 245 }; 246 247 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm) 248 { 249 .tls_version = TLS_1_3_VERSION, 250 .cipher_type = TLS_CIPHER_AES_GCM_128, 251 }; 252 253 FIXTURE_VARIANT_ADD(tls, 12_chacha) 254 { 255 .tls_version = TLS_1_2_VERSION, 256 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 257 }; 258 259 FIXTURE_VARIANT_ADD(tls, 13_chacha) 260 { 261 .tls_version = TLS_1_3_VERSION, 262 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 263 }; 264 265 FIXTURE_VARIANT_ADD(tls, 13_sm4_gcm) 266 { 267 .tls_version = TLS_1_3_VERSION, 268 .cipher_type = TLS_CIPHER_SM4_GCM, 269 }; 270 271 FIXTURE_VARIANT_ADD(tls, 13_sm4_ccm) 272 { 273 .tls_version = TLS_1_3_VERSION, 274 .cipher_type = TLS_CIPHER_SM4_CCM, 275 }; 276 277 FIXTURE_VARIANT_ADD(tls, 12_aes_ccm) 278 { 279 .tls_version = TLS_1_2_VERSION, 280 .cipher_type = TLS_CIPHER_AES_CCM_128, 281 }; 282 283 FIXTURE_VARIANT_ADD(tls, 13_aes_ccm) 284 { 285 .tls_version = TLS_1_3_VERSION, 286 .cipher_type = TLS_CIPHER_AES_CCM_128, 287 }; 288 289 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_256) 290 { 291 .tls_version = TLS_1_2_VERSION, 292 .cipher_type = TLS_CIPHER_AES_GCM_256, 293 }; 294 295 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_256) 296 { 297 .tls_version = TLS_1_3_VERSION, 298 .cipher_type = TLS_CIPHER_AES_GCM_256, 299 }; 300 301 FIXTURE_VARIANT_ADD(tls, 13_nopad) 302 { 303 .tls_version = TLS_1_3_VERSION, 304 .cipher_type = TLS_CIPHER_AES_GCM_128, 305 .nopad = true, 306 }; 307 308 FIXTURE_SETUP(tls) 309 { 310 struct tls_crypto_info_keys tls12; 311 int one = 1; 312 int ret; 313 314 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 315 &tls12); 316 317 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 318 319 if (self->notls) 320 return; 321 322 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 323 ASSERT_EQ(ret, 0); 324 325 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, tls12.len); 326 ASSERT_EQ(ret, 0); 327 328 if (variant->nopad) { 329 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 330 (void *)&one, sizeof(one)); 331 ASSERT_EQ(ret, 0); 332 } 333 } 334 335 FIXTURE_TEARDOWN(tls) 336 { 337 close(self->fd); 338 close(self->cfd); 339 } 340 341 TEST_F(tls, sendfile) 342 { 343 int filefd = open("/proc/self/exe", O_RDONLY); 344 struct stat st; 345 346 EXPECT_GE(filefd, 0); 347 fstat(filefd, &st); 348 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 349 } 350 351 TEST_F(tls, send_then_sendfile) 352 { 353 int filefd = open("/proc/self/exe", O_RDONLY); 354 char const *test_str = "test_send"; 355 int to_send = strlen(test_str) + 1; 356 char recv_buf[10]; 357 struct stat st; 358 char *buf; 359 360 EXPECT_GE(filefd, 0); 361 fstat(filefd, &st); 362 buf = (char *)malloc(st.st_size); 363 364 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 365 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 366 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 367 368 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 369 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 370 } 371 372 static void chunked_sendfile(struct __test_metadata *_metadata, 373 struct _test_data_tls *self, 374 uint16_t chunk_size, 375 uint16_t extra_payload_size) 376 { 377 char buf[TLS_PAYLOAD_MAX_LEN]; 378 uint16_t test_payload_size; 379 int size = 0; 380 int ret; 381 char filename[] = "/tmp/mytemp.XXXXXX"; 382 int fd = mkstemp(filename); 383 off_t offset = 0; 384 385 unlink(filename); 386 ASSERT_GE(fd, 0); 387 EXPECT_GE(chunk_size, 1); 388 test_payload_size = chunk_size + extra_payload_size; 389 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 390 memset(buf, 1, test_payload_size); 391 size = write(fd, buf, test_payload_size); 392 EXPECT_EQ(size, test_payload_size); 393 fsync(fd); 394 395 while (size > 0) { 396 ret = sendfile(self->fd, fd, &offset, chunk_size); 397 EXPECT_GE(ret, 0); 398 size -= ret; 399 } 400 401 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 402 test_payload_size); 403 404 close(fd); 405 } 406 407 TEST_F(tls, multi_chunk_sendfile) 408 { 409 chunked_sendfile(_metadata, self, 4096, 4096); 410 chunked_sendfile(_metadata, self, 4096, 0); 411 chunked_sendfile(_metadata, self, 4096, 1); 412 chunked_sendfile(_metadata, self, 4096, 2048); 413 chunked_sendfile(_metadata, self, 8192, 2048); 414 chunked_sendfile(_metadata, self, 4096, 8192); 415 chunked_sendfile(_metadata, self, 8192, 4096); 416 chunked_sendfile(_metadata, self, 12288, 1024); 417 chunked_sendfile(_metadata, self, 12288, 2000); 418 chunked_sendfile(_metadata, self, 15360, 100); 419 chunked_sendfile(_metadata, self, 15360, 300); 420 chunked_sendfile(_metadata, self, 1, 4096); 421 chunked_sendfile(_metadata, self, 2048, 4096); 422 chunked_sendfile(_metadata, self, 2048, 8192); 423 chunked_sendfile(_metadata, self, 4096, 8192); 424 chunked_sendfile(_metadata, self, 1024, 12288); 425 chunked_sendfile(_metadata, self, 2000, 12288); 426 chunked_sendfile(_metadata, self, 100, 15360); 427 chunked_sendfile(_metadata, self, 300, 15360); 428 } 429 430 TEST_F(tls, recv_max) 431 { 432 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 433 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 434 char buf[TLS_PAYLOAD_MAX_LEN]; 435 436 memrnd(buf, sizeof(buf)); 437 438 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 439 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 440 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 441 } 442 443 TEST_F(tls, recv_small) 444 { 445 char const *test_str = "test_read"; 446 int send_len = 10; 447 char buf[10]; 448 449 send_len = strlen(test_str) + 1; 450 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 451 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 452 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 453 } 454 455 TEST_F(tls, msg_more) 456 { 457 char const *test_str = "test_read"; 458 int send_len = 10; 459 char buf[10 * 2]; 460 461 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 462 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 463 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 464 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 465 send_len * 2); 466 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 467 } 468 469 TEST_F(tls, msg_more_unsent) 470 { 471 char const *test_str = "test_read"; 472 int send_len = 10; 473 char buf[10]; 474 475 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 476 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 477 } 478 479 TEST_F(tls, sendmsg_single) 480 { 481 struct msghdr msg; 482 483 char const *test_str = "test_sendmsg"; 484 size_t send_len = 13; 485 struct iovec vec; 486 char buf[13]; 487 488 vec.iov_base = (char *)test_str; 489 vec.iov_len = send_len; 490 memset(&msg, 0, sizeof(struct msghdr)); 491 msg.msg_iov = &vec; 492 msg.msg_iovlen = 1; 493 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 494 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 495 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 496 } 497 498 #define MAX_FRAGS 64 499 #define SEND_LEN 13 500 TEST_F(tls, sendmsg_fragmented) 501 { 502 char const *test_str = "test_sendmsg"; 503 char buf[SEND_LEN * MAX_FRAGS]; 504 struct iovec vec[MAX_FRAGS]; 505 struct msghdr msg; 506 int i, frags; 507 508 for (frags = 1; frags <= MAX_FRAGS; frags++) { 509 for (i = 0; i < frags; i++) { 510 vec[i].iov_base = (char *)test_str; 511 vec[i].iov_len = SEND_LEN; 512 } 513 514 memset(&msg, 0, sizeof(struct msghdr)); 515 msg.msg_iov = vec; 516 msg.msg_iovlen = frags; 517 518 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 519 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 520 SEND_LEN * frags); 521 522 for (i = 0; i < frags; i++) 523 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 524 test_str, SEND_LEN), 0); 525 } 526 } 527 #undef MAX_FRAGS 528 #undef SEND_LEN 529 530 TEST_F(tls, sendmsg_large) 531 { 532 void *mem = malloc(16384); 533 size_t send_len = 16384; 534 size_t sends = 128; 535 struct msghdr msg; 536 size_t recvs = 0; 537 size_t sent = 0; 538 539 memset(&msg, 0, sizeof(struct msghdr)); 540 while (sent++ < sends) { 541 struct iovec vec = { (void *)mem, send_len }; 542 543 msg.msg_iov = &vec; 544 msg.msg_iovlen = 1; 545 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 546 } 547 548 while (recvs++ < sends) { 549 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 550 } 551 552 free(mem); 553 } 554 555 TEST_F(tls, sendmsg_multiple) 556 { 557 char const *test_str = "test_sendmsg_multiple"; 558 struct iovec vec[5]; 559 char *test_strs[5]; 560 struct msghdr msg; 561 int total_len = 0; 562 int len_cmp = 0; 563 int iov_len = 5; 564 char *buf; 565 int i; 566 567 memset(&msg, 0, sizeof(struct msghdr)); 568 for (i = 0; i < iov_len; i++) { 569 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 570 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 571 vec[i].iov_base = (void *)test_strs[i]; 572 vec[i].iov_len = strlen(test_strs[i]) + 1; 573 total_len += vec[i].iov_len; 574 } 575 msg.msg_iov = vec; 576 msg.msg_iovlen = iov_len; 577 578 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 579 buf = malloc(total_len); 580 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 581 for (i = 0; i < iov_len; i++) { 582 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 583 strlen(test_strs[i])), 584 0); 585 len_cmp += strlen(buf + len_cmp) + 1; 586 } 587 for (i = 0; i < iov_len; i++) 588 free(test_strs[i]); 589 free(buf); 590 } 591 592 TEST_F(tls, sendmsg_multiple_stress) 593 { 594 char const *test_str = "abcdefghijklmno"; 595 struct iovec vec[1024]; 596 char *test_strs[1024]; 597 int iov_len = 1024; 598 int total_len = 0; 599 char buf[1 << 14]; 600 struct msghdr msg; 601 int len_cmp = 0; 602 int i; 603 604 memset(&msg, 0, sizeof(struct msghdr)); 605 for (i = 0; i < iov_len; i++) { 606 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 607 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 608 vec[i].iov_base = (void *)test_strs[i]; 609 vec[i].iov_len = strlen(test_strs[i]) + 1; 610 total_len += vec[i].iov_len; 611 } 612 msg.msg_iov = vec; 613 msg.msg_iovlen = iov_len; 614 615 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 616 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 617 618 for (i = 0; i < iov_len; i++) 619 len_cmp += strlen(buf + len_cmp) + 1; 620 621 for (i = 0; i < iov_len; i++) 622 free(test_strs[i]); 623 } 624 625 TEST_F(tls, splice_from_pipe) 626 { 627 int send_len = TLS_PAYLOAD_MAX_LEN; 628 char mem_send[TLS_PAYLOAD_MAX_LEN]; 629 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 630 int p[2]; 631 632 ASSERT_GE(pipe(p), 0); 633 EXPECT_GE(write(p[1], mem_send, send_len), 0); 634 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 635 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 636 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 637 } 638 639 TEST_F(tls, splice_from_pipe2) 640 { 641 int send_len = 16000; 642 char mem_send[16000]; 643 char mem_recv[16000]; 644 int p2[2]; 645 int p[2]; 646 647 memrnd(mem_send, sizeof(mem_send)); 648 649 ASSERT_GE(pipe(p), 0); 650 ASSERT_GE(pipe(p2), 0); 651 EXPECT_EQ(write(p[1], mem_send, 8000), 8000); 652 EXPECT_EQ(splice(p[0], NULL, self->fd, NULL, 8000, 0), 8000); 653 EXPECT_EQ(write(p2[1], mem_send + 8000, 8000), 8000); 654 EXPECT_EQ(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 8000); 655 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 656 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 657 } 658 659 TEST_F(tls, send_and_splice) 660 { 661 int send_len = TLS_PAYLOAD_MAX_LEN; 662 char mem_send[TLS_PAYLOAD_MAX_LEN]; 663 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 664 char const *test_str = "test_read"; 665 int send_len2 = 10; 666 char buf[10]; 667 int p[2]; 668 669 ASSERT_GE(pipe(p), 0); 670 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 671 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 672 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 673 674 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 675 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 676 677 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 678 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 679 } 680 681 TEST_F(tls, splice_to_pipe) 682 { 683 int send_len = TLS_PAYLOAD_MAX_LEN; 684 char mem_send[TLS_PAYLOAD_MAX_LEN]; 685 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 686 int p[2]; 687 688 memrnd(mem_send, sizeof(mem_send)); 689 690 ASSERT_GE(pipe(p), 0); 691 EXPECT_EQ(send(self->fd, mem_send, send_len, 0), send_len); 692 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), send_len); 693 EXPECT_EQ(read(p[0], mem_recv, send_len), send_len); 694 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 695 } 696 697 TEST_F(tls, splice_cmsg_to_pipe) 698 { 699 char *test_str = "test_read"; 700 char record_type = 100; 701 int send_len = 10; 702 char buf[10]; 703 int p[2]; 704 705 if (self->notls) 706 SKIP(return, "no TLS support"); 707 708 ASSERT_GE(pipe(p), 0); 709 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 710 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1); 711 EXPECT_EQ(errno, EINVAL); 712 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 713 EXPECT_EQ(errno, EIO); 714 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 715 buf, sizeof(buf), MSG_WAITALL), 716 send_len); 717 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 718 } 719 720 TEST_F(tls, splice_dec_cmsg_to_pipe) 721 { 722 char *test_str = "test_read"; 723 char record_type = 100; 724 int send_len = 10; 725 char buf[10]; 726 int p[2]; 727 728 if (self->notls) 729 SKIP(return, "no TLS support"); 730 731 ASSERT_GE(pipe(p), 0); 732 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 733 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 734 EXPECT_EQ(errno, EIO); 735 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1); 736 EXPECT_EQ(errno, EINVAL); 737 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 738 buf, sizeof(buf), MSG_WAITALL), 739 send_len); 740 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 741 } 742 743 TEST_F(tls, recv_and_splice) 744 { 745 int send_len = TLS_PAYLOAD_MAX_LEN; 746 char mem_send[TLS_PAYLOAD_MAX_LEN]; 747 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 748 int half = send_len / 2; 749 int p[2]; 750 751 ASSERT_GE(pipe(p), 0); 752 EXPECT_EQ(send(self->fd, mem_send, send_len, 0), send_len); 753 /* Recv hald of the record, splice the other half */ 754 EXPECT_EQ(recv(self->cfd, mem_recv, half, MSG_WAITALL), half); 755 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, half, SPLICE_F_NONBLOCK), 756 half); 757 EXPECT_EQ(read(p[0], &mem_recv[half], half), half); 758 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 759 } 760 761 TEST_F(tls, peek_and_splice) 762 { 763 int send_len = TLS_PAYLOAD_MAX_LEN; 764 char mem_send[TLS_PAYLOAD_MAX_LEN]; 765 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 766 int chunk = TLS_PAYLOAD_MAX_LEN / 4; 767 int n, i, p[2]; 768 769 memrnd(mem_send, sizeof(mem_send)); 770 771 ASSERT_GE(pipe(p), 0); 772 for (i = 0; i < 4; i++) 773 EXPECT_EQ(send(self->fd, &mem_send[chunk * i], chunk, 0), 774 chunk); 775 776 EXPECT_EQ(recv(self->cfd, mem_recv, chunk * 5 / 2, 777 MSG_WAITALL | MSG_PEEK), 778 chunk * 5 / 2); 779 EXPECT_EQ(memcmp(mem_send, mem_recv, chunk * 5 / 2), 0); 780 781 n = 0; 782 while (n < send_len) { 783 i = splice(self->cfd, NULL, p[1], NULL, send_len - n, 0); 784 EXPECT_GT(i, 0); 785 n += i; 786 } 787 EXPECT_EQ(n, send_len); 788 EXPECT_EQ(read(p[0], mem_recv, send_len), send_len); 789 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 790 } 791 792 TEST_F(tls, recvmsg_single) 793 { 794 char const *test_str = "test_recvmsg_single"; 795 int send_len = strlen(test_str) + 1; 796 char buf[20]; 797 struct msghdr hdr; 798 struct iovec vec; 799 800 memset(&hdr, 0, sizeof(hdr)); 801 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 802 vec.iov_base = (char *)buf; 803 vec.iov_len = send_len; 804 hdr.msg_iovlen = 1; 805 hdr.msg_iov = &vec; 806 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 807 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 808 } 809 810 TEST_F(tls, recvmsg_single_max) 811 { 812 int send_len = TLS_PAYLOAD_MAX_LEN; 813 char send_mem[TLS_PAYLOAD_MAX_LEN]; 814 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 815 struct iovec vec; 816 struct msghdr hdr; 817 818 memrnd(send_mem, sizeof(send_mem)); 819 820 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 821 vec.iov_base = (char *)recv_mem; 822 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 823 824 hdr.msg_iovlen = 1; 825 hdr.msg_iov = &vec; 826 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 827 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 828 } 829 830 TEST_F(tls, recvmsg_multiple) 831 { 832 unsigned int msg_iovlen = 1024; 833 struct iovec vec[1024]; 834 char *iov_base[1024]; 835 unsigned int iov_len = 16; 836 int send_len = 1 << 14; 837 char buf[1 << 14]; 838 struct msghdr hdr; 839 int i; 840 841 memrnd(buf, sizeof(buf)); 842 843 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 844 for (i = 0; i < msg_iovlen; i++) { 845 iov_base[i] = (char *)malloc(iov_len); 846 vec[i].iov_base = iov_base[i]; 847 vec[i].iov_len = iov_len; 848 } 849 850 hdr.msg_iovlen = msg_iovlen; 851 hdr.msg_iov = vec; 852 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 853 854 for (i = 0; i < msg_iovlen; i++) 855 free(iov_base[i]); 856 } 857 858 TEST_F(tls, single_send_multiple_recv) 859 { 860 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 861 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 862 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 863 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 864 865 memrnd(send_mem, sizeof(send_mem)); 866 867 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 868 memset(recv_mem, 0, total_len); 869 870 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 871 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 872 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 873 } 874 875 TEST_F(tls, multiple_send_single_recv) 876 { 877 unsigned int total_len = 2 * 10; 878 unsigned int send_len = 10; 879 char recv_mem[2 * 10]; 880 char send_mem[10]; 881 882 memrnd(send_mem, sizeof(send_mem)); 883 884 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 885 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 886 memset(recv_mem, 0, total_len); 887 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 888 889 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 890 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 891 } 892 893 TEST_F(tls, single_send_multiple_recv_non_align) 894 { 895 const unsigned int total_len = 15; 896 const unsigned int recv_len = 10; 897 char recv_mem[recv_len * 2]; 898 char send_mem[total_len]; 899 900 memrnd(send_mem, sizeof(send_mem)); 901 902 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 903 memset(recv_mem, 0, total_len); 904 905 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 906 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 907 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 908 } 909 910 TEST_F(tls, recv_partial) 911 { 912 char const *test_str = "test_read_partial"; 913 char const *test_str_first = "test_read"; 914 char const *test_str_second = "_partial"; 915 int send_len = strlen(test_str) + 1; 916 char recv_mem[18]; 917 918 memset(recv_mem, 0, sizeof(recv_mem)); 919 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 920 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 921 MSG_WAITALL), -1); 922 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 923 memset(recv_mem, 0, sizeof(recv_mem)); 924 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 925 MSG_WAITALL), -1); 926 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 927 0); 928 } 929 930 TEST_F(tls, recv_nonblock) 931 { 932 char buf[4096]; 933 bool err; 934 935 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 936 err = (errno == EAGAIN || errno == EWOULDBLOCK); 937 EXPECT_EQ(err, true); 938 } 939 940 TEST_F(tls, recv_peek) 941 { 942 char const *test_str = "test_read_peek"; 943 int send_len = strlen(test_str) + 1; 944 char buf[15]; 945 946 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 947 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_PEEK), send_len); 948 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 949 memset(buf, 0, sizeof(buf)); 950 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), send_len); 951 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 952 } 953 954 TEST_F(tls, recv_peek_multiple) 955 { 956 char const *test_str = "test_read_peek"; 957 int send_len = strlen(test_str) + 1; 958 unsigned int num_peeks = 100; 959 char buf[15]; 960 int i; 961 962 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 963 for (i = 0; i < num_peeks; i++) { 964 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 965 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 966 memset(buf, 0, sizeof(buf)); 967 } 968 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 969 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 970 } 971 972 TEST_F(tls, recv_peek_multiple_records) 973 { 974 char const *test_str = "test_read_peek_mult_recs"; 975 char const *test_str_first = "test_read_peek"; 976 char const *test_str_second = "_mult_recs"; 977 int len; 978 char buf[64]; 979 980 len = strlen(test_str_first); 981 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 982 983 len = strlen(test_str_second) + 1; 984 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 985 986 len = strlen(test_str_first); 987 memset(buf, 0, len); 988 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 989 990 /* MSG_PEEK can only peek into the current record. */ 991 len = strlen(test_str_first); 992 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 993 994 len = strlen(test_str) + 1; 995 memset(buf, 0, len); 996 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 997 998 /* Non-MSG_PEEK will advance strparser (and therefore record) 999 * however. 1000 */ 1001 len = strlen(test_str) + 1; 1002 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1003 1004 /* MSG_MORE will hold current record open, so later MSG_PEEK 1005 * will see everything. 1006 */ 1007 len = strlen(test_str_first); 1008 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 1009 1010 len = strlen(test_str_second) + 1; 1011 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 1012 1013 len = strlen(test_str) + 1; 1014 memset(buf, 0, len); 1015 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 1016 1017 len = strlen(test_str) + 1; 1018 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1019 } 1020 1021 TEST_F(tls, recv_peek_large_buf_mult_recs) 1022 { 1023 char const *test_str = "test_read_peek_mult_recs"; 1024 char const *test_str_first = "test_read_peek"; 1025 char const *test_str_second = "_mult_recs"; 1026 int len; 1027 char buf[64]; 1028 1029 len = strlen(test_str_first); 1030 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 1031 1032 len = strlen(test_str_second) + 1; 1033 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 1034 1035 len = strlen(test_str) + 1; 1036 memset(buf, 0, len); 1037 EXPECT_NE((len = recv(self->cfd, buf, len, 1038 MSG_PEEK | MSG_WAITALL)), -1); 1039 len = strlen(test_str) + 1; 1040 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1041 } 1042 1043 TEST_F(tls, recv_lowat) 1044 { 1045 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 1046 char recv_mem[20]; 1047 int lowat = 8; 1048 1049 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 1050 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 1051 1052 memset(recv_mem, 0, 20); 1053 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 1054 &lowat, sizeof(lowat)), 0); 1055 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 1056 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 1057 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 1058 1059 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 1060 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 1061 } 1062 1063 TEST_F(tls, bidir) 1064 { 1065 char const *test_str = "test_read"; 1066 int send_len = 10; 1067 char buf[10]; 1068 int ret; 1069 1070 if (!self->notls) { 1071 struct tls_crypto_info_keys tls12; 1072 1073 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 1074 &tls12); 1075 1076 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 1077 tls12.len); 1078 ASSERT_EQ(ret, 0); 1079 1080 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 1081 tls12.len); 1082 ASSERT_EQ(ret, 0); 1083 } 1084 1085 ASSERT_EQ(strlen(test_str) + 1, send_len); 1086 1087 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1088 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1089 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1090 1091 memset(buf, 0, sizeof(buf)); 1092 1093 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 1094 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 1095 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1096 }; 1097 1098 TEST_F(tls, pollin) 1099 { 1100 char const *test_str = "test_poll"; 1101 struct pollfd fd = { 0, 0, 0 }; 1102 char buf[10]; 1103 int send_len = 10; 1104 1105 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1106 fd.fd = self->cfd; 1107 fd.events = POLLIN; 1108 1109 EXPECT_EQ(poll(&fd, 1, 20), 1); 1110 EXPECT_EQ(fd.revents & POLLIN, 1); 1111 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 1112 /* Test timing out */ 1113 EXPECT_EQ(poll(&fd, 1, 20), 0); 1114 } 1115 1116 TEST_F(tls, poll_wait) 1117 { 1118 char const *test_str = "test_poll_wait"; 1119 int send_len = strlen(test_str) + 1; 1120 struct pollfd fd = { 0, 0, 0 }; 1121 char recv_mem[15]; 1122 1123 fd.fd = self->cfd; 1124 fd.events = POLLIN; 1125 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1126 /* Set timeout to inf. secs */ 1127 EXPECT_EQ(poll(&fd, 1, -1), 1); 1128 EXPECT_EQ(fd.revents & POLLIN, 1); 1129 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 1130 } 1131 1132 TEST_F(tls, poll_wait_split) 1133 { 1134 struct pollfd fd = { 0, 0, 0 }; 1135 char send_mem[20] = {}; 1136 char recv_mem[15]; 1137 1138 fd.fd = self->cfd; 1139 fd.events = POLLIN; 1140 /* Send 20 bytes */ 1141 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 1142 sizeof(send_mem)); 1143 /* Poll with inf. timeout */ 1144 EXPECT_EQ(poll(&fd, 1, -1), 1); 1145 EXPECT_EQ(fd.revents & POLLIN, 1); 1146 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 1147 sizeof(recv_mem)); 1148 1149 /* Now the remaining 5 bytes of record data are in TLS ULP */ 1150 fd.fd = self->cfd; 1151 fd.events = POLLIN; 1152 EXPECT_EQ(poll(&fd, 1, -1), 1); 1153 EXPECT_EQ(fd.revents & POLLIN, 1); 1154 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 1155 sizeof(send_mem) - sizeof(recv_mem)); 1156 } 1157 1158 TEST_F(tls, blocking) 1159 { 1160 size_t data = 100000; 1161 int res = fork(); 1162 1163 EXPECT_NE(res, -1); 1164 1165 if (res) { 1166 /* parent */ 1167 size_t left = data; 1168 char buf[16384]; 1169 int status; 1170 int pid2; 1171 1172 while (left) { 1173 int res = send(self->fd, buf, 1174 left > 16384 ? 16384 : left, 0); 1175 1176 EXPECT_GE(res, 0); 1177 left -= res; 1178 } 1179 1180 pid2 = wait(&status); 1181 EXPECT_EQ(status, 0); 1182 EXPECT_EQ(res, pid2); 1183 } else { 1184 /* child */ 1185 size_t left = data; 1186 char buf[16384]; 1187 1188 while (left) { 1189 int res = recv(self->cfd, buf, 1190 left > 16384 ? 16384 : left, 0); 1191 1192 EXPECT_GE(res, 0); 1193 left -= res; 1194 } 1195 } 1196 } 1197 1198 TEST_F(tls, nonblocking) 1199 { 1200 size_t data = 100000; 1201 int sendbuf = 100; 1202 int flags; 1203 int res; 1204 1205 flags = fcntl(self->fd, F_GETFL, 0); 1206 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 1207 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 1208 1209 /* Ensure nonblocking behavior by imposing a small send 1210 * buffer. 1211 */ 1212 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 1213 &sendbuf, sizeof(sendbuf)), 0); 1214 1215 res = fork(); 1216 EXPECT_NE(res, -1); 1217 1218 if (res) { 1219 /* parent */ 1220 bool eagain = false; 1221 size_t left = data; 1222 char buf[16384]; 1223 int status; 1224 int pid2; 1225 1226 while (left) { 1227 int res = send(self->fd, buf, 1228 left > 16384 ? 16384 : left, 0); 1229 1230 if (res == -1 && errno == EAGAIN) { 1231 eagain = true; 1232 usleep(10000); 1233 continue; 1234 } 1235 EXPECT_GE(res, 0); 1236 left -= res; 1237 } 1238 1239 EXPECT_TRUE(eagain); 1240 pid2 = wait(&status); 1241 1242 EXPECT_EQ(status, 0); 1243 EXPECT_EQ(res, pid2); 1244 } else { 1245 /* child */ 1246 bool eagain = false; 1247 size_t left = data; 1248 char buf[16384]; 1249 1250 while (left) { 1251 int res = recv(self->cfd, buf, 1252 left > 16384 ? 16384 : left, 0); 1253 1254 if (res == -1 && errno == EAGAIN) { 1255 eagain = true; 1256 usleep(10000); 1257 continue; 1258 } 1259 EXPECT_GE(res, 0); 1260 left -= res; 1261 } 1262 EXPECT_TRUE(eagain); 1263 } 1264 } 1265 1266 static void 1267 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1268 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1269 { 1270 const unsigned int n_children = n_readers + n_writers; 1271 const size_t data = 6 * 1000 * 1000; 1272 const size_t file_sz = data / 100; 1273 size_t read_bias, write_bias; 1274 int i, fd, child_id; 1275 char buf[file_sz]; 1276 pid_t pid; 1277 1278 /* Only allow multiples for simplicity */ 1279 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1280 read_bias = n_writers / n_readers ?: 1; 1281 write_bias = n_readers / n_writers ?: 1; 1282 1283 /* prep a file to send */ 1284 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1285 ASSERT_GE(fd, 0); 1286 1287 memset(buf, 0xac, file_sz); 1288 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1289 1290 /* spawn children */ 1291 for (child_id = 0; child_id < n_children; child_id++) { 1292 pid = fork(); 1293 ASSERT_NE(pid, -1); 1294 if (!pid) 1295 break; 1296 } 1297 1298 /* parent waits for all children */ 1299 if (pid) { 1300 for (i = 0; i < n_children; i++) { 1301 int status; 1302 1303 wait(&status); 1304 EXPECT_EQ(status, 0); 1305 } 1306 1307 return; 1308 } 1309 1310 /* Split threads for reading and writing */ 1311 if (child_id < n_readers) { 1312 size_t left = data * read_bias; 1313 char rb[8001]; 1314 1315 while (left) { 1316 int res; 1317 1318 res = recv(self->cfd, rb, 1319 left > sizeof(rb) ? sizeof(rb) : left, 0); 1320 1321 EXPECT_GE(res, 0); 1322 left -= res; 1323 } 1324 } else { 1325 size_t left = data * write_bias; 1326 1327 while (left) { 1328 int res; 1329 1330 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1331 if (sendpg) 1332 res = sendfile(self->fd, fd, NULL, 1333 left > file_sz ? file_sz : left); 1334 else 1335 res = send(self->fd, buf, 1336 left > file_sz ? file_sz : left, 0); 1337 1338 EXPECT_GE(res, 0); 1339 left -= res; 1340 } 1341 } 1342 } 1343 1344 TEST_F(tls, mutliproc_even) 1345 { 1346 test_mutliproc(_metadata, self, false, 6, 6); 1347 } 1348 1349 TEST_F(tls, mutliproc_readers) 1350 { 1351 test_mutliproc(_metadata, self, false, 4, 12); 1352 } 1353 1354 TEST_F(tls, mutliproc_writers) 1355 { 1356 test_mutliproc(_metadata, self, false, 10, 2); 1357 } 1358 1359 TEST_F(tls, mutliproc_sendpage_even) 1360 { 1361 test_mutliproc(_metadata, self, true, 6, 6); 1362 } 1363 1364 TEST_F(tls, mutliproc_sendpage_readers) 1365 { 1366 test_mutliproc(_metadata, self, true, 4, 12); 1367 } 1368 1369 TEST_F(tls, mutliproc_sendpage_writers) 1370 { 1371 test_mutliproc(_metadata, self, true, 10, 2); 1372 } 1373 1374 TEST_F(tls, control_msg) 1375 { 1376 char *test_str = "test_read"; 1377 char record_type = 100; 1378 int send_len = 10; 1379 char buf[10]; 1380 1381 if (self->notls) 1382 SKIP(return, "no TLS support"); 1383 1384 EXPECT_EQ(tls_send_cmsg(self->fd, record_type, test_str, send_len, 0), 1385 send_len); 1386 /* Should fail because we didn't provide a control message */ 1387 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1388 1389 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 1390 buf, sizeof(buf), MSG_WAITALL | MSG_PEEK), 1391 send_len); 1392 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1393 1394 /* Recv the message again without MSG_PEEK */ 1395 memset(buf, 0, sizeof(buf)); 1396 1397 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 1398 buf, sizeof(buf), MSG_WAITALL), 1399 send_len); 1400 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1401 } 1402 1403 TEST_F(tls, shutdown) 1404 { 1405 char const *test_str = "test_read"; 1406 int send_len = 10; 1407 char buf[10]; 1408 1409 ASSERT_EQ(strlen(test_str) + 1, send_len); 1410 1411 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1412 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1413 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1414 1415 shutdown(self->fd, SHUT_RDWR); 1416 shutdown(self->cfd, SHUT_RDWR); 1417 } 1418 1419 TEST_F(tls, shutdown_unsent) 1420 { 1421 char const *test_str = "test_read"; 1422 int send_len = 10; 1423 1424 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1425 1426 shutdown(self->fd, SHUT_RDWR); 1427 shutdown(self->cfd, SHUT_RDWR); 1428 } 1429 1430 TEST_F(tls, shutdown_reuse) 1431 { 1432 struct sockaddr_in addr; 1433 int ret; 1434 1435 shutdown(self->fd, SHUT_RDWR); 1436 shutdown(self->cfd, SHUT_RDWR); 1437 close(self->cfd); 1438 1439 addr.sin_family = AF_INET; 1440 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1441 addr.sin_port = 0; 1442 1443 ret = bind(self->fd, &addr, sizeof(addr)); 1444 EXPECT_EQ(ret, 0); 1445 ret = listen(self->fd, 10); 1446 EXPECT_EQ(ret, -1); 1447 EXPECT_EQ(errno, EINVAL); 1448 1449 ret = connect(self->fd, &addr, sizeof(addr)); 1450 EXPECT_EQ(ret, -1); 1451 EXPECT_EQ(errno, EISCONN); 1452 } 1453 1454 FIXTURE(tls_err) 1455 { 1456 int fd, cfd; 1457 int fd2, cfd2; 1458 bool notls; 1459 }; 1460 1461 FIXTURE_VARIANT(tls_err) 1462 { 1463 uint16_t tls_version; 1464 }; 1465 1466 FIXTURE_VARIANT_ADD(tls_err, 12_aes_gcm) 1467 { 1468 .tls_version = TLS_1_2_VERSION, 1469 }; 1470 1471 FIXTURE_VARIANT_ADD(tls_err, 13_aes_gcm) 1472 { 1473 .tls_version = TLS_1_3_VERSION, 1474 }; 1475 1476 FIXTURE_SETUP(tls_err) 1477 { 1478 struct tls_crypto_info_keys tls12; 1479 int ret; 1480 1481 tls_crypto_info_init(variant->tls_version, TLS_CIPHER_AES_GCM_128, 1482 &tls12); 1483 1484 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 1485 ulp_sock_pair(_metadata, &self->fd2, &self->cfd2, &self->notls); 1486 if (self->notls) 1487 return; 1488 1489 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 1490 ASSERT_EQ(ret, 0); 1491 1492 ret = setsockopt(self->cfd2, SOL_TLS, TLS_RX, &tls12, tls12.len); 1493 ASSERT_EQ(ret, 0); 1494 } 1495 1496 FIXTURE_TEARDOWN(tls_err) 1497 { 1498 close(self->fd); 1499 close(self->cfd); 1500 close(self->fd2); 1501 close(self->cfd2); 1502 } 1503 1504 TEST_F(tls_err, bad_rec) 1505 { 1506 char buf[64]; 1507 1508 if (self->notls) 1509 SKIP(return, "no TLS support"); 1510 1511 memset(buf, 0x55, sizeof(buf)); 1512 EXPECT_EQ(send(self->fd2, buf, sizeof(buf), 0), sizeof(buf)); 1513 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1514 EXPECT_EQ(errno, EMSGSIZE); 1515 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), MSG_DONTWAIT), -1); 1516 EXPECT_EQ(errno, EAGAIN); 1517 } 1518 1519 TEST_F(tls_err, bad_auth) 1520 { 1521 char buf[128]; 1522 int n; 1523 1524 if (self->notls) 1525 SKIP(return, "no TLS support"); 1526 1527 memrnd(buf, sizeof(buf) / 2); 1528 EXPECT_EQ(send(self->fd, buf, sizeof(buf) / 2, 0), sizeof(buf) / 2); 1529 n = recv(self->cfd, buf, sizeof(buf), 0); 1530 EXPECT_GT(n, sizeof(buf) / 2); 1531 1532 buf[n - 1]++; 1533 1534 EXPECT_EQ(send(self->fd2, buf, n, 0), n); 1535 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1536 EXPECT_EQ(errno, EBADMSG); 1537 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1538 EXPECT_EQ(errno, EBADMSG); 1539 } 1540 1541 TEST_F(tls_err, bad_in_large_read) 1542 { 1543 char txt[3][64]; 1544 char cip[3][128]; 1545 char buf[3 * 128]; 1546 int i, n; 1547 1548 if (self->notls) 1549 SKIP(return, "no TLS support"); 1550 1551 /* Put 3 records in the sockets */ 1552 for (i = 0; i < 3; i++) { 1553 memrnd(txt[i], sizeof(txt[i])); 1554 EXPECT_EQ(send(self->fd, txt[i], sizeof(txt[i]), 0), 1555 sizeof(txt[i])); 1556 n = recv(self->cfd, cip[i], sizeof(cip[i]), 0); 1557 EXPECT_GT(n, sizeof(txt[i])); 1558 /* Break the third message */ 1559 if (i == 2) 1560 cip[2][n - 1]++; 1561 EXPECT_EQ(send(self->fd2, cip[i], n, 0), n); 1562 } 1563 1564 /* We should be able to receive the first two messages */ 1565 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt[0]) * 2); 1566 EXPECT_EQ(memcmp(buf, txt[0], sizeof(txt[0])), 0); 1567 EXPECT_EQ(memcmp(buf + sizeof(txt[0]), txt[1], sizeof(txt[1])), 0); 1568 /* Third mesasge is bad */ 1569 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1570 EXPECT_EQ(errno, EBADMSG); 1571 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1572 EXPECT_EQ(errno, EBADMSG); 1573 } 1574 1575 TEST_F(tls_err, bad_cmsg) 1576 { 1577 char *test_str = "test_read"; 1578 int send_len = 10; 1579 char cip[128]; 1580 char buf[128]; 1581 char txt[64]; 1582 int n; 1583 1584 if (self->notls) 1585 SKIP(return, "no TLS support"); 1586 1587 /* Queue up one data record */ 1588 memrnd(txt, sizeof(txt)); 1589 EXPECT_EQ(send(self->fd, txt, sizeof(txt), 0), sizeof(txt)); 1590 n = recv(self->cfd, cip, sizeof(cip), 0); 1591 EXPECT_GT(n, sizeof(txt)); 1592 EXPECT_EQ(send(self->fd2, cip, n, 0), n); 1593 1594 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 1595 n = recv(self->cfd, cip, sizeof(cip), 0); 1596 cip[n - 1]++; /* Break it */ 1597 EXPECT_GT(n, send_len); 1598 EXPECT_EQ(send(self->fd2, cip, n, 0), n); 1599 1600 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt)); 1601 EXPECT_EQ(memcmp(buf, txt, sizeof(txt)), 0); 1602 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1603 EXPECT_EQ(errno, EBADMSG); 1604 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1605 EXPECT_EQ(errno, EBADMSG); 1606 } 1607 1608 TEST_F(tls_err, timeo) 1609 { 1610 struct timeval tv = { .tv_usec = 10000, }; 1611 char buf[128]; 1612 int ret; 1613 1614 if (self->notls) 1615 SKIP(return, "no TLS support"); 1616 1617 ret = setsockopt(self->cfd2, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)); 1618 ASSERT_EQ(ret, 0); 1619 1620 ret = fork(); 1621 ASSERT_GE(ret, 0); 1622 1623 if (ret) { 1624 usleep(1000); /* Give child a head start */ 1625 1626 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1627 EXPECT_EQ(errno, EAGAIN); 1628 1629 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1630 EXPECT_EQ(errno, EAGAIN); 1631 1632 wait(&ret); 1633 } else { 1634 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1635 EXPECT_EQ(errno, EAGAIN); 1636 exit(0); 1637 } 1638 } 1639 1640 TEST(non_established) { 1641 struct tls12_crypto_info_aes_gcm_256 tls12; 1642 struct sockaddr_in addr; 1643 int sfd, ret, fd; 1644 socklen_t len; 1645 1646 len = sizeof(addr); 1647 1648 memset(&tls12, 0, sizeof(tls12)); 1649 tls12.info.version = TLS_1_2_VERSION; 1650 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1651 1652 addr.sin_family = AF_INET; 1653 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1654 addr.sin_port = 0; 1655 1656 fd = socket(AF_INET, SOCK_STREAM, 0); 1657 sfd = socket(AF_INET, SOCK_STREAM, 0); 1658 1659 ret = bind(sfd, &addr, sizeof(addr)); 1660 ASSERT_EQ(ret, 0); 1661 ret = listen(sfd, 10); 1662 ASSERT_EQ(ret, 0); 1663 1664 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1665 EXPECT_EQ(ret, -1); 1666 /* TLS ULP not supported */ 1667 if (errno == ENOENT) 1668 return; 1669 EXPECT_EQ(errno, ENOTCONN); 1670 1671 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1672 EXPECT_EQ(ret, -1); 1673 EXPECT_EQ(errno, ENOTCONN); 1674 1675 ret = getsockname(sfd, &addr, &len); 1676 ASSERT_EQ(ret, 0); 1677 1678 ret = connect(fd, &addr, sizeof(addr)); 1679 ASSERT_EQ(ret, 0); 1680 1681 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1682 ASSERT_EQ(ret, 0); 1683 1684 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1685 EXPECT_EQ(ret, -1); 1686 EXPECT_EQ(errno, EEXIST); 1687 1688 close(fd); 1689 close(sfd); 1690 } 1691 1692 TEST(keysizes) { 1693 struct tls12_crypto_info_aes_gcm_256 tls12; 1694 int ret, fd, cfd; 1695 bool notls; 1696 1697 memset(&tls12, 0, sizeof(tls12)); 1698 tls12.info.version = TLS_1_2_VERSION; 1699 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1700 1701 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); 1702 1703 if (!notls) { 1704 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1705 sizeof(tls12)); 1706 EXPECT_EQ(ret, 0); 1707 1708 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1709 sizeof(tls12)); 1710 EXPECT_EQ(ret, 0); 1711 } 1712 1713 close(fd); 1714 close(cfd); 1715 } 1716 1717 TEST(no_pad) { 1718 struct tls12_crypto_info_aes_gcm_256 tls12; 1719 int ret, fd, cfd, val; 1720 socklen_t len; 1721 bool notls; 1722 1723 memset(&tls12, 0, sizeof(tls12)); 1724 tls12.info.version = TLS_1_3_VERSION; 1725 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1726 1727 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); 1728 1729 if (notls) 1730 exit(KSFT_SKIP); 1731 1732 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, sizeof(tls12)); 1733 EXPECT_EQ(ret, 0); 1734 1735 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, sizeof(tls12)); 1736 EXPECT_EQ(ret, 0); 1737 1738 val = 1; 1739 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1740 (void *)&val, sizeof(val)); 1741 EXPECT_EQ(ret, 0); 1742 1743 len = sizeof(val); 1744 val = 2; 1745 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1746 (void *)&val, &len); 1747 EXPECT_EQ(ret, 0); 1748 EXPECT_EQ(val, 1); 1749 EXPECT_EQ(len, 4); 1750 1751 val = 0; 1752 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1753 (void *)&val, sizeof(val)); 1754 EXPECT_EQ(ret, 0); 1755 1756 len = sizeof(val); 1757 val = 2; 1758 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1759 (void *)&val, &len); 1760 EXPECT_EQ(ret, 0); 1761 EXPECT_EQ(val, 0); 1762 EXPECT_EQ(len, 4); 1763 1764 close(fd); 1765 close(cfd); 1766 } 1767 1768 TEST(tls_v6ops) { 1769 struct tls_crypto_info_keys tls12; 1770 struct sockaddr_in6 addr, addr2; 1771 int sfd, ret, fd; 1772 socklen_t len, len2; 1773 1774 tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12); 1775 1776 addr.sin6_family = AF_INET6; 1777 addr.sin6_addr = in6addr_any; 1778 addr.sin6_port = 0; 1779 1780 fd = socket(AF_INET6, SOCK_STREAM, 0); 1781 sfd = socket(AF_INET6, SOCK_STREAM, 0); 1782 1783 ret = bind(sfd, &addr, sizeof(addr)); 1784 ASSERT_EQ(ret, 0); 1785 ret = listen(sfd, 10); 1786 ASSERT_EQ(ret, 0); 1787 1788 len = sizeof(addr); 1789 ret = getsockname(sfd, &addr, &len); 1790 ASSERT_EQ(ret, 0); 1791 1792 ret = connect(fd, &addr, sizeof(addr)); 1793 ASSERT_EQ(ret, 0); 1794 1795 len = sizeof(addr); 1796 ret = getsockname(fd, &addr, &len); 1797 ASSERT_EQ(ret, 0); 1798 1799 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1800 if (ret) { 1801 ASSERT_EQ(errno, ENOENT); 1802 SKIP(return, "no TLS support"); 1803 } 1804 ASSERT_EQ(ret, 0); 1805 1806 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 1807 ASSERT_EQ(ret, 0); 1808 1809 ret = setsockopt(fd, SOL_TLS, TLS_RX, &tls12, tls12.len); 1810 ASSERT_EQ(ret, 0); 1811 1812 len2 = sizeof(addr2); 1813 ret = getsockname(fd, &addr2, &len2); 1814 ASSERT_EQ(ret, 0); 1815 1816 EXPECT_EQ(len2, len); 1817 EXPECT_EQ(memcmp(&addr, &addr2, len), 0); 1818 1819 close(fd); 1820 close(sfd); 1821 } 1822 1823 TEST_HARNESS_MAIN 1824