1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-02 02:21:44 +03:00
Commit Graph

655 Commits

Author SHA1 Message Date
David Anderson
6e42bd5504 Add 6rd directive to the netdev fuzzing corpus. 2018-11-09 17:56:33 -08:00
Yu Watanabe
872faf59c0 fuzz: add testcases of recent issues 2018-11-09 11:45:43 +09:00
Evgeny Vereshchagin
881886ef08 udev-test: remove a check for whether the test is run in a container
It's too broad a check that prevents the test from running on Travis CI.
2018-11-09 03:34:08 +01:00
Lennart Poettering
f8ed99c845 TEST-22: extend test suite a bit
Let's add a test based on #9508
2018-11-08 09:52:16 +01:00
Yu Watanabe
d571998498 fuzz: add a testcase for oss-fuzz#11285 2018-11-08 12:31:02 +09:00
Yu Watanabe
9f7d3db3ed fuzz: add more testcases of already fixed issue about multiple netdev kind
This adds testcases of oss-fuzz#11286, oss-fuzz#11287, oss-fuzz#11296,
oss-fuzz#11297, and oss-fuzz#11299.

The issue was fixed by 62facba19a.
2018-11-08 12:16:13 +09:00
Yu Watanabe
348784e62a fuzz: add testcases for oss-fuzz#11279 and #11280 2018-11-07 17:24:41 +09:00
Yu Watanabe
11d93952ea test: missing "die"
Follow-up for a41ff38b09.
2018-11-07 08:57:28 +01:00
Evgeny Vereshchagin
220fa139de tests: add a couple of files containing all the sections and directives
This should help the fuzzers to discover code paths faster.

In case anyone is interested, they were generated with the following script
```
perl -aF'/[\s,]+/' -ne '
if (my ($s, $d) = ($F[0] =~ /^([^\s\.]+)\.([^\s\.]+)$/)) { $d{$s}{$d} = 1; }
END { while (my ($key, $value) = each %d) {
    printf "[%s]\n%s\n", $key, join("\n", keys(%$value))
}}'
```
by passing src/network/networkd-network-gperf.gperf and
src/network/netdev/netdev-gperf.gperf to it.
2018-11-06 19:42:29 +01:00
Evgeny Vereshchagin
cf02fd1b7a tests: replace AdActorSysPrio with AdActorSystemPriority
This is a follow-up to https://github.com/systemd/systemd/pull/10653.
2018-11-06 19:36:40 +01:00
Evgeny Vereshchagin
d0f51aa9cd tests: add a reporoducer for https://github.com/systemd/systemd/issues/10639 2018-11-06 19:01:32 +01:00
Evgeny Vereshchagin
efc1a59af6 tests: add some data that can be fed to fuzz-network-parser 2018-11-06 19:01:32 +01:00
Evgeny Vereshchagin
a633d5b997 tests: add a reproducer for https://github.com/systemd/systemd/issues/10629 2018-11-06 19:01:32 +01:00
Evgeny Vereshchagin
e27aac11f2 networkd: make netdev_load_one "public" and add a fuzzer for it 2018-11-06 19:01:32 +01:00
Tobias Jungel
db688b7e55 networkd: cleanup for #10542
fixes: 53b1f7d
2018-11-06 16:42:12 +03:00
Lennart Poettering
8912a99cea
Merge pull request #10606 from yuwata/udev-tests
test: mask hwdb-update.services in most tests
2018-11-05 23:14:42 +03:00
Lennart Poettering
a54e373163
Merge pull request #10618 from yuwata/fix-10615
network: fix several issues in config parser
2018-11-05 17:37:25 +03:00
Evgeny Vereshchagin
201bf07f7c tests: also use lsmod to check whether modules are available (#10634)
It's not entirely impossible to screw something up playing with
kernel modules on a Saturday evening :-) This PR fixes a scenario
where a module has been loaded into the kernel but the module itself
has been removed from the disk.

```
$ lsmod | grep wireg
wireguard             225280  0
ip6_udp_tunnel         16384  1 wireguard
udp_tunnel             16384  1 wireguard

$ modprobe wireguard
modprobe: FATAL: Module wireguard not found in directory /lib/modules/4.18.16-200.fc28.x86_64

$ sudo ./systemd-networkd-tests.py NetworkdNetDevTests.test_wireguard
...
modprobe: FATAL: Module wireguard not found in directory /lib/modules/4.18.16-200.fc28.x86_64
test_wireguard (__main__.NetworkdNetDevTests) ... unexpected success

----------------------------------------------------------------------
Ran 1 test in 5.152s

FAILED (unexpected successes=1)
```

This is a follow-up to https://github.com/systemd/systemd/pull/10625.
2018-11-05 12:47:38 +09:00
Evgeny Vereshchagin
7a3bc5a8e5 tests: add a basic test for wireguard (#10631) 2018-11-04 02:03:43 +09:00
Yu Watanabe
22f64c32fa test: UseRoutes= and UseTimezone= need to be in [DHCP] section 2018-11-04 00:31:46 +09:00
Yu Watanabe
9a4720a9ef test-network: wait after removing links
After ec6a47044a, networkd starts
soon after removing links used by previous test. That causes
some racy situation of removing links and detecting links by networkd.
2018-11-04 00:31:46 +09:00
Yu Watanabe
ed94652a33 test: drop 'After=multi-user.target' from most of testsuite.service 2018-11-03 18:00:47 +09:00
Yu Watanabe
056ae88152 test: mask several unnecessary services
This may make CIs run faster.
2018-11-03 18:00:47 +09:00
Yu Watanabe
f775f613ad test: increase timeout for TEST-17-UDEV-WANTS
As the test randomly fails with timeout.
This may fix #10274.
2018-11-03 18:00:47 +09:00
Evgeny Vereshchagin
7a0a37b283 tests: mark a few tests as expected failures when the required modules aren't available
Closes https://github.com/systemd/systemd/issues/10617.
2018-11-03 00:12:01 +01:00
Evgeny Vereshchagin
f7bdd562a9 tests: make NetworkdNetWorkTests.test_routing_policy_rule pass on CentOS
Depending on the content of /etc/iproute2/rt_dsfield, ip can print either
`0x08` or `throughput` as was shown in https://github.com/systemd/systemd/issues/10617#issuecomment-435200859.
2018-11-02 17:10:59 +01:00
Tobias Jungel
99f68ef02d networkd: add missing bonding options (#10542)
Add support for bonding options system prio, port key and actor system mac.

These options exist in the linux kernel since 4.2
(torvalds/linux@171a42c38c)

Details:
https://www.kernel.org/doc/Documentation/networking/bonding.txt
2018-11-02 10:31:20 +09:00
Evgeny Vereshchagin
28ffcec2cb tests: add an lldp fuzzer
I went through my antique collection of fuzzers the other day
to see which ones I hadn't sent upstream yet. This one
seems to be nice to have and ready to be merged. As far as I can
tell, it hasn't managed to find anything useful yet,
but it's better to be safe than sorry especially when it comes to networking
code :-)
2018-10-29 15:24:16 +00:00
Zbigniew Jędrzejewski-Szmek
05f339267e
Merge pull request #10378 from poettering/json-fuzz-fix
json: a comprehensive fix for oss-fuzz#10908
2018-10-25 16:25:39 +02:00
Yu Watanabe
a41ff38b09 test: create /dev/null in test-udev.pl 2018-10-24 04:46:48 +09:00
Evgeny Vereshchagin
20fc56c02d tests: allow passing log_level via an environment variable (#10490) 2018-10-23 16:09:23 +09:00
Michael Biebl
3deb28f20a tests: update networkd-test.py to use resolvectl instead of systemd-resolve (#10486)
The latter is merely a compat symlink nowadays.
2018-10-23 07:29:03 +09:00
Yu Watanabe
114fd97811 fuzz: add testcase of oss-fuzz#11019 2018-10-19 06:11:58 +09:00
Lennart Poettering
40235c3c5e tests: clean up again after running tests (#10446)
Currently, if I run the full "run-integration-tests.sh" script it will
fail on my machine because it fills up /var/tmp whith just too much
crap until the disk is full.

Let's make sure that "run-integration-tests.sh" cleans up after every
test. For that change the make targets to run from "clean setup run" to
"clean setup run clean" — except that that doesn't work since make is
smart enough to realize that the same target appears twice on the
command line and will only execute it once. Let's fix that by defining
another target "clean-again" which is just like "clean", but allows us
to be added to the same command line a second time. Then, let's build
with "clean setup run clean-again" and all is good.

While we are at it, let's also add .PHONY where appropriate, after all
these all are phony targets.
2018-10-19 03:59:24 +09:00
Lennart Poettering
e413ec4a9d fuzz: add test from oss-fuzz#10908
https://oss-fuzz.com/download?testcase_id=5639441482252288
2018-10-18 16:44:51 +02:00
Anita Zhang
90fc172e19 core: implement per unit journal rate limiting
Add LogRateLimitIntervalSec= and LogRateLimitBurst= options for
services. If provided, these values get passed to the journald
client context, and those values are used in the rate limiting
function in the journal over the the journald.conf values.

Part of #10230
2018-10-18 09:56:20 +02:00
Davide Cavalca
b75f0c69b3 shared: add %g, %G specifiers for group / gid (#10368) 2018-10-13 17:26:48 +09:00
Davide Cavalca
ccac62563e tests: fix fallthrough condition for supplementary groups 2018-10-11 22:24:03 +02:00
Evgeny Vereshchagin
2614d83aa0 tests: pass halt_on_error=1 to UBSan
By default, UBSan neither crashes nor exits with a non-zero exit code
when undefined behavior has been detected. This is problematic because
it makes it much harder to catch issues like https://github.com/systemd/systemd/issues/10346,
 https://github.com/systemd/systemd/issues/10347, and https://github.com/systemd/systemd/issues/10333.
In fact, those issue were found just because I decided to grep
the test log, which isn't something that I normally do :-)

As it turns out, the only way to make UBSan signal that something is wrong that works more or less
reliably everywhere is to pass halt_on_error=1 (though, it's probably worth noting that it's currently
not set for PID1 in order not to trigger kernel panics).

See https://reviews.llvm.org/D35085#804183 and https://chromium.googlesource.com/chromium/src/testing/libfuzzer/+/HEAD/reference.md
2018-10-11 08:55:04 +02:00
Zbigniew Jędrzejewski-Szmek
9b0ca01903 meson: rename cpp_cmd to cxx_cmd
cpp is a really bad alias for c++ because it's also the name of the
preprocessor. Let's rename the variable.
2018-10-10 11:50:57 +02:00
Zbigniew Jędrzejewski-Szmek
1b2acaa7a6 meson: we cannot call get_compiler('cpp') if we didn't "add" it
Follow-up for f6d783ac3d.
2018-10-09 21:12:00 +02:00
Zbigniew Jędrzejewski-Szmek
64d14b7e23 README.testsuite: update the documentation for meson 2018-10-09 15:31:00 +02:00
Zbigniew Jędrzejewski-Szmek
a90c04b6b7 test-execute: filter out ip6tnl0@ and ip6gre0@ interfaces
Those interfaces are created automatically when ip6_tunnel and ip6_gre loaded.
They break the test with exec-privatenetwork-yes.service.

C.f. 6b08180ca6.
2018-10-09 14:08:09 +02:00
Yu Watanabe
3f6f58e03a test: add TEST-24-UNIT-TESTS running all basic tests under containers 2018-10-09 19:11:21 +09:00
Yu Watanabe
0013fac248 test: do not use global variable to pass error 2018-10-09 19:11:21 +09:00
Yu Watanabe
dd75c133d8 test: replace duplicated Makefile by symbolic link 2018-10-09 19:11:21 +09:00
Yu Watanabe
ad931fee50 test: make install_keymaps() optionally install more keymaps 2018-10-09 19:11:21 +09:00
Yu Watanabe
83a7051ee1 test: add paths of keymaps in install_keymaps()
It seems that the paths of directories storing keymaps are changed.
2018-10-09 19:11:21 +09:00
Yu Watanabe
7d10ec1cda test: introduce install_zoneinfo()
But it is not called by default.
2018-10-09 19:11:21 +09:00
Yu Watanabe
e3d3dada24 test: install libraries required by tests 2018-10-09 19:11:21 +09:00
Yu Watanabe
f6d783ac3d meson: use same compilers to build fuzzers 2018-10-09 11:54:10 +02:00
Lennart Poettering
ad191df836
Merge pull request #10134 from keszybz/test-runner
Some test-related fixed and a test runner for installed tests
2018-10-05 20:35:30 +02:00
Lennart Poettering
dacd723620
Merge pull request #10117 from keszybz/undynamicify
Set DynamicUser=no for networkd, resolved, timesyncd
2018-10-05 17:41:56 +02:00
Yu Watanabe
e913b7988f
test-execute: add a test for systemcall filter (#10273)
This adds a test for issue #9939 which is fixed by
a5404992cc (#9942).
2018-10-05 14:46:30 +09:00
Zbigniew Jędrzejewski-Szmek
ac7b333009
Merge pull request #10261 from yuwata/test-network
test: small improvements for systemd-networkd-test.py
2018-10-03 10:03:34 +02:00
Yu Watanabe
b7172f3471 test-execute: also tests under the condition that unshare() is filtered
This is mainly for testing 1beab8b0d0.
2018-10-03 08:33:23 +02:00
Yu Watanabe
6aea927681 test: make systemd-networkd-tests.py run on arbitrary directory 2018-10-03 14:38:30 +09:00
Yu Watanabe
ec6a47044a test: replace stop+start by restart
This suppress the following warnings:
```
Warning: Stopping systemd-networkd.service, but it can still be activated by:
  systemd-networkd.socket
```
2018-10-03 14:36:34 +09:00
Yu Watanabe
5b054bfc10 test: add a testcase for oss-fuzz#10746 2018-10-03 08:53:42 +09:00
Lennart Poettering
c3281539da
Merge pull request #10246 from keszybz/fuzz-buss
Bus fuzzer
2018-10-02 15:45:21 +02:00
Zbigniew Jędrzejewski-Szmek
902000c198 bus-message: avoid wrap-around when using length read from message
We would read (-1), and then add 1 to it, call message_peek_body(..., 0, ...),
and when trying to make use of the data.

The fuzzer test case is just for one site, but they all look similar.

v2: fix two UINT8_MAX/UINT32_MAX mismatches founds by LGTM
2018-10-02 11:59:08 +02:00
Zbigniew Jędrzejewski-Szmek
d831fb6f2b bus-message: return -EBADMSG not -EINVAL on invalid !gvariant messages 2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
edde66ffc2 fuzz-bus-message: add two test cases that pass now
It seems that they got fixed by one of the patches. Let's add them
just in case.
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
73777ddba5 bus-message: fix skipping of array fields in !gvariant messages
We copied part of the string into a buffer that was off by two.
If the element signature had length one, we'd copy 0 bytes and crash when
looking at the "first" byte. Otherwise, we would crash because strncpy would
not terminate the string.
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
f88214cf9d bus-message: fix calculation of offsets table for arrays
This is similar to the grandparent commit 'fix calculation of offsets table',
except that now the change is for array elements. Same story as before: we need
to make sure that the offsets increase enough taking alignment into account.

While at it, rename 'p' to 'previous' to match similar code in other places.
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
12603b84d2 bus-message: fix calculation of offsets table
The offsets specify the ends of variable length data. We would trust the
incoming data, putting the offsets specified in our message
into the offsets tables after doing some superficial verification.
But when actually reading the data we apply alignment, so we would take
the previous offset, align it, making it bigger then current offset, and
then we'd try to read data of negative length.

In the attached example, the message specifies the following offsets:
[1, 4]
but the alignment of those items is
[1, 8]
so we'd calculate the second item as starting at 8 and ending at 4.
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
81b6e63029 bus-message: do not crash on message with a string of zero length
We'd calculate the "real" length of the string as 'item_size - 1', which does
not work out well when item_size == 0.
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
69bd42ca07 bus-message: let's always use -EBADMSG when the message is bad
-EINVAL means the arguments were somehow wrong, so translate the code we get
internally into -EBADMSG when returning.
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
ec6bda56cb bus-message: avoid an infinite loop on empty structures
The alternative would be to treat gvariant and !gvariant messages differently.
But this is a problem because we check signatures is variuos places before we
have an actual message, for example in sd_bus_add_object_vtable(). It seems
better to treat things consistent (i.e. follow the lowest common denominator)
and disallow empty structures everywhere.
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
6d1e0f4fcb sd-bus: unify three code-paths which free struct bus_container
We didn't free one of the fields in two of the places.

$ valgrind --show-leak-kinds=all --leak-check=full \
  build/fuzz-bus-message \
  test/fuzz/fuzz-bus-message/leak-c09c0e2256d43bc5e2d02748c8d8760e7bc25d20
...
==14457== HEAP SUMMARY:
==14457==     in use at exit: 3 bytes in 1 blocks
==14457==   total heap usage: 509 allocs, 508 frees, 51,016 bytes allocated
==14457==
==14457== 3 bytes in 1 blocks are definitely lost in loss record 1 of 1
==14457==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==14457==    by 0x53AFE79: strndup (in /usr/lib64/libc-2.27.so)
==14457==    by 0x4F52EB8: free_and_strndup (string-util.c:1039)
==14457==    by 0x4F8E1AB: sd_bus_message_peek_type (bus-message.c:4193)
==14457==    by 0x4F76CB5: bus_message_dump (bus-dump.c:144)
==14457==    by 0x108F12: LLVMFuzzerTestOneInput (fuzz-bus-message.c:24)
==14457==    by 0x1090F7: main (fuzz-main.c:34)
==14457==
==14457== LEAK SUMMARY:
==14457==    definitely lost: 3 bytes in 1 blocks
2018-10-02 11:53:20 +02:00
Zbigniew Jędrzejewski-Szmek
7f546026ab Introduce free_and_strndup and use it in bus-message.c
v2: fix error in free_and_strndup()

When the orignal and copied message were the same, but shorter than specified
length l, memory read past the end of the buffer would be performed. A test
case is included: a string that had an embedded NUL ("q\0") is used to replace
"q".

v3: Fix one more bug in free_and_strndup and add tests.

v4: Some style fixed based on review, one more use of free_and_replace, and
make the tests more comprehensive.
2018-10-02 11:42:45 +02:00
Zbigniew Jędrzejewski-Szmek
56b560c263 fuzz-bus-message: add fuzzer for message parsing
As with other fuzzers, SYSTEMD_FUZZ_OUTPUT=1 and SYSTEMD_LOG_LEVEL=debug can be
used for debugging.
2018-10-02 11:09:05 +02:00
Yu Watanabe
491d3911db test: fix tests for supplementary groups
Fixes #9881.
2018-10-02 09:48:53 +02:00
Zbigniew Jędrzejewski-Szmek
e6bad67461 meson: treat all fuzz cases as unit tests
318/365 fuzz-bus-message:crash-26bba7182dedc8848939931d9fcefcb7922f2e56:address  OK       0.03 s
319/365 fuzz-bus-message:crash-29ed3c202e0ffade3cad42c8bbeb6cc68a21eb8e:address  OK       0.03 s
320/365 fuzz-bus-message:crash-b88ad9ecf4aacf4a0caca5b5543953265367f084:address  OK       0.03 s
321/365 fuzz-bus-message:crash-c1b37b4729b42c0c05b23cba4eed5d8102498a1e:address  OK       0.03 s
322/365 fuzz-bus-message:crash-d8f3941c74219b4c03532c9b244d5ea539c61af5:address  OK       0.03 s
323/365 fuzz-bus-message:crash-e1b811da5ca494e494b77c6bd8e1c2f2989425c5:address  OK       0.03 s
324/365 fuzz-bus-message:leak-c09c0e2256d43bc5e2d02748c8d8760e7bc25d20:address  OK       0.04 s
325/365 fuzz-bus-message:message1:address       OK       0.03 s
326/365 fuzz-bus-message:timeout-08ee8f6446a4064db064e8e0b3d220147f7d0b5b:address  OK       0.03 s
327/365 fuzz-dhcp-server:discover-existing:address  OK       0.04 s
328/365 fuzz-dhcp-server:discover-new:address   OK       0.03 s
329/365 fuzz-dhcp-server:release:address        OK       0.04 s
330/365 fuzz-dhcp-server:request-existing:address  OK       0.03 s
331/365 fuzz-dhcp-server:request-new:address    OK       0.03 s
332/365 fuzz-dhcp-server:request-reboot:address  OK       0.03 s
333/365 fuzz-dhcp-server:request-renew:address  OK       0.03 s
334/365 fuzz-dns-packet:issue-7888:address      OK       0.03 s
335/365 fuzz-dns-packet:oss-fuzz-5465:address   OK       0.03 s
336/365 fuzz-journal-remote:crash-5a8f03d4c3a46fcded39527084f437e8e4b54b76:address  OK       0.06 s
337/365 fuzz-journal-remote:crash-96dee870ea66d03e89ac321eee28ea63a9b9aa45:address  OK       0.04 s
338/365 fuzz-journal-remote:invalid-ts.txt:address  OK       0.04 s
339/365 fuzz-journal-remote:oss-fuzz-8659:address  OK       0.06 s
340/365 fuzz-journal-remote:oss-fuzz-8686:address  OK       0.04 s
341/365 fuzz-journal-remote:sample.txt:address  OK       0.07 s
342/365 fuzz-unit-file:directives.service:address  OK       0.03 s
343/365 fuzz-unit-file:empty.scope:address      OK       0.04 s
344/365 fuzz-unit-file:machine.slice:address    OK       0.03 s
345/365 fuzz-unit-file:oss-fuzz-6884:address    OK       0.05 s
346/365 fuzz-unit-file:oss-fuzz-6885:address    OK       0.03 s
347/365 fuzz-unit-file:oss-fuzz-6886:address    OK       0.04 s
348/365 fuzz-unit-file:oss-fuzz-6892:address    OK       0.03 s
349/365 fuzz-unit-file:oss-fuzz-6897:address    OK       0.05 s
350/365 fuzz-unit-file:oss-fuzz-6897-evverx:address  OK       0.04 s
351/365 fuzz-unit-file:oss-fuzz-6908:address    OK       0.05 s
352/365 fuzz-unit-file:oss-fuzz-6917:address    OK       0.06 s
353/365 fuzz-unit-file:oss-fuzz-6977:address    OK       0.08 s
354/365 fuzz-unit-file:oss-fuzz-6977-unminimized:address  OK       0.10 s
355/365 fuzz-unit-file:oss-fuzz-7004:address    OK       0.03 s
356/365 fuzz-unit-file:oss-fuzz-8064:address    OK       0.03 s
357/365 fuzz-unit-file:oss-fuzz-8827:address    OK       0.50 s
358/365 fuzz-unit-file:proc-sys-fs-binfmt_misc.automount:address  OK       0.03 s
359/365 fuzz-unit-file:syslog.socket:address    OK       0.03 s
360/365 fuzz-unit-file:systemd-ask-password-console.path:address  OK       0.03 s
361/365 fuzz-unit-file:systemd-machined.service:address  OK       0.03 s
362/365 fuzz-unit-file:systemd-resolved.service:address  OK       0.03 s
363/365 fuzz-unit-file:systemd-tmpfiles-clean.timer:address  OK       0.03 s
364/365 fuzz-unit-file:timers.target:address    OK       0.03 s
365/365 fuzz-unit-file:var-lib-machines.mount:address  OK       0.04 s

This gives us slightly nicer coverage in the normal test run.

When in a git repo, git ls-files is used to get a list of files known to git.
This mirrors what update-man-rules does for man files. Only looking at files
known to git makes it easier to not forget to commit the test file to git,
and also makes bisecting easier if some files are left in repo.

When outside of a git repo, we expect to be unpacked from a tarball, so just
using all files reported by ls is OK.
2018-10-02 09:42:19 +02:00
Zbigniew Jędrzejewski-Szmek
c74a3f973e fuzz: unify the "fuzz-regressions" directory with the main corpus
There isn't really much need to keep them separate. Anything which is a good
corpus entry can be used as a smoke test, and anything which which is a
regression test can just as well be inserted into the corpus.

The only functional difference from this patch (apart from different paths in
output) is that the regression tests are now zipped together with the rest of
the corpus.

$ meson configure build -Dslow-tests=true && ninja -C build test
...
307/325 fuzz-dns-packet:issue-7888:address      OK       0.06 s
308/325 fuzz-dns-packet:oss-fuzz-5465:address   OK       0.04 s
309/325 fuzz-journal-remote:crash-5a8f03d4c3a46fcded39527084f437e8e4b54b76:address  OK       0.07 s
310/325 fuzz-journal-remote:crash-96dee870ea66d03e89ac321eee28ea63a9b9aa45:address  OK       0.05 s
311/325 fuzz-journal-remote:oss-fuzz-8659:address  OK       0.05 s
312/325 fuzz-journal-remote:oss-fuzz-8686:address  OK       0.07 s
313/325 fuzz-unit-file:oss-fuzz-6884:address    OK       0.06 s
314/325 fuzz-unit-file:oss-fuzz-6885:address    OK       0.05 s
315/325 fuzz-unit-file:oss-fuzz-6886:address    OK       0.05 s
316/325 fuzz-unit-file:oss-fuzz-6892:address    OK       0.05 s
317/325 fuzz-unit-file:oss-fuzz-6897:address    OK       0.05 s
318/325 fuzz-unit-file:oss-fuzz-6897-evverx:address  OK       0.06 s
319/325 fuzz-unit-file:oss-fuzz-6908:address    OK       0.07 s
320/325 fuzz-unit-file:oss-fuzz-6917:address    OK       0.07 s
321/325 fuzz-unit-file:oss-fuzz-6977:address    OK       0.13 s
322/325 fuzz-unit-file:oss-fuzz-6977-unminimized:address  OK       0.12 s
323/325 fuzz-unit-file:oss-fuzz-7004:address    OK       0.05 s
324/325 fuzz-unit-file:oss-fuzz-8064:address    OK       0.05 s
325/325 fuzz-unit-file:oss-fuzz-8827:address    OK       0.52 s
2018-10-02 09:41:25 +02:00
Zbigniew Jędrzejewski-Szmek
93b575b266 fuzz: rename "fuzz-corpus" directory to just "fuzz"
Also, all corpus subdirectories are named exactly the same as the fuzzer they
are for. This makes the paths a bit longer, but easier.
2018-10-02 09:41:25 +02:00
Susant Sahani
1f0e310952 test: Add tests for networkd (#10147) 2018-09-29 14:36:25 +02:00
Evgeny Vereshchagin
c1bc37a18b tests: add a reproducer for the heap-buffer-overflow fixed in cb1bdeaf56
==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020001c761a at pc 0x000000540abc bp 0x7ffd0caf2c50 sp 0x7ffd0caf2c48
READ of size 2 at 0x6020001c761a thread T0
    #0 0x540abb in client_parse_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:849:73
    #1 0x53f3bc in client_receive_advertise /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1083:13
    #2 0x53d57f in client_receive_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1182:21
    #3 0x7f71d8c3eeee in source_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3042:21
    #4 0x7f71d8c3e431 in sd_event_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3455:21
    #5 0x7f71d8c3fa8d in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3512:21
    #6 0x531f2b in fuzz_client /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:44:9
    #7 0x531bc1 in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:53:9
    #8 0x57bef8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
    #9 0x579d97 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
    #10 0x57dcc2 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
    #11 0x580cd6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
    #12 0x55e998 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
    #13 0x551a4c in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #14 0x7f71d784182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #15 0x41e928 in _start (/out/fuzz-dhcp6-client+0x41e928)
2018-09-29 03:58:47 +00:00
Evgeny Vereshchagin
ac41b5e8c5 tests: add a reproducer for the heap-buffer-overflow fixed in b387d3c132 2018-09-29 03:58:40 +00:00
Evgeny Vereshchagin
bbb393877b tests: add a reproducer for another infinite loop in ndisc_handle_datagram 2018-09-26 18:54:35 +00:00
Evgeny Vereshchagin
df30e78e02 tests: add a reproducer for an infinite loop in ndisc_handle_datagram
=0  ndisc_router_parse (rt=0x60d000000110) at ../src/libsystemd-network/ndisc-router.c:126
=1  0x000055555558dc67 in ndisc_handle_datagram (nd=0x608000000020, rt=0x60d000000110) at ../src/libsystemd-network/sd-ndisc.c:170
=2  0x000055555558e65d in ndisc_recv (s=0x611000000040, fd=4, revents=1, userdata=0x608000000020) at ../src/libsystemd-network/sd-ndisc.c:233
=3  0x00007ffff63913a8 in source_dispatch (s=0x611000000040) at ../src/libsystemd/sd-event/sd-event.c:3042
=4  0x00007ffff6395eab in sd_event_dispatch (e=0x617000000080) at ../src/libsystemd/sd-event/sd-event.c:3455
=5  0x00007ffff6396b12 in sd_event_run (e=0x617000000080, timeout=18446744073709551615) at ../src/libsystemd/sd-event/sd-event.c:3512
=6  0x0000555555583f5c in LLVMFuzzerTestOneInput (data=0x6060000000e0 "\206", size=53) at ../src/fuzz/fuzz-ndisc-rs.c:422
=7  0x0000555555586356 in main (argc=2, argv=0x7fffffffe3d8) at ../src/fuzz/fuzz-main.c:33
2018-09-26 18:54:35 +00:00
Anita Zhang
c87700a133 Make Watchdog Signal Configurable
Allows configuring the watchdog signal (with a default of SIGABRT).
This allows an alternative to SIGABRT when coredumps are not desirable.

Appropriate references to SIGABRT or aborting were renamed to reflect
more liberal watchdog signals.

Closes #8658
2018-09-26 16:14:29 +02:00
Lennart Poettering
7c428bb5d5
Merge pull request #10059 from yuwata/env-exec-directory
core: introduce $RUNTIME_DIRECTORY= or friends
2018-09-25 12:34:30 +02:00
Zbigniew Jędrzejewski-Szmek
f5acf84dbe run-unit-tests: add option to run unsafe tests too 2018-09-24 15:42:50 +02:00
Zbigniew Jędrzejewski-Szmek
3762f8e316 tests: add a runner for installed tests
We have "installed tests", but don't provide an easy way to run them.

The protocol is very simple: each test must return 0 for success, 77 means
"skipped", anything else is an error. In addition, we want to print test
output only if the test failed.

I wrote this simple script. It is pretty basic, but implements the functions
listed above. Since it is written in python it should be easy to add option
parsing (like running only specific tests, or running unsafe tests, etc.)

I looked at the following alternatives:
- Ubuntu root-unittests: this works, but just dumps all output to the terminal,
  has no coloring.
- @ssahani's test runner [2]
  It uses the unittest library and the test suite was implented as a class, and
  doesn't implement any of the functions listed above.
- cram [3,4]
  cram runs our tests, but does not understand the "ignore the output" part,
  has not support for our magic skip code (it uses hardcoded 80 instead),
  and seems dead upstream.
- meson test
  Here the idea would be to provide an almost-empty meson.build file under
  /usr/lib/systemd/tests/ that would just define all the tests. This would
  allow us to reuse the test runner we use normally. Unfortunately meson requires
  a build directory and configuration to be done before running tests. This
  would be possible, but seems a lot of effort to just run a few binaries.

[1] 242c96addb/debian/tests/root-unittests
[2] https://github.com/systemd/systemd-fedora-ci/blob/master/upstream/systemd-upstream-tests.py
[3] https://bitheap.org/cram/
[4] https://pypi.org/project/pytest-cram/

Fixes #10069.
2018-09-24 15:42:50 +02:00
Zbigniew Jędrzejewski-Szmek
0532f2bb5d
Merge pull request #10087 from keszybz/xnox/fix-test-functions
test/test-functions: drop all prefixes
2018-09-24 15:15:23 +02:00
Zbigniew Jędrzejewski-Szmek
62fb7e80fc Revert "resolve: enable DynamicUser= for systemd-resolved.service"
This reverts commit 0187368cad.
(systemd.conf.m4 part was already reverted in 5b5d82615011b9827466b7cd5756da35627a1608.)
2018-09-20 16:52:02 +02:00
Evgeny Vereshchagin
c1342d5597 tests: make UBSan print full backtraces
This should make it easier to get backtraces that can be
pasted into issues like https://github.com/systemd/systemd/issues/10096.
2018-09-16 19:16:07 +02:00
Zbigniew Jędrzejewski-Szmek
fe4bd4e501 test/test-functions: adjust to Exec*= paths not being absolute 2018-09-15 10:12:18 +02:00
Dimitri John Ledkov
e180bdb5eb test/test-functions: drop all prefixes
When parsing and installing binaries mentioned in Exec*= lines the
5ed0dcf4d5 commit added parsing logic to drop
prefixes, including handling duplicate exclamation marks. But this did not
handle arbitrary combination of multiple prefixes, ie. StartExec=+-/bin/sh was
parsed as -/bin/sh which then would fail to install.

Instead of using egrep and shell replacements, replace both with sed command
that does it all. This sed script extract a group of characters starting with a
/ up to the first space (if any) after the equals sign. This correctly handles
existing non-prefixed, prefixed, multiple-prefixed commands.

About half commands seem to repeat themself, thus sort -u cuts the list of
binaries to install about in half.

To validate change of behaviour both old and new functions were modified to
echo parsed binaries into separate files, and then diffed. The incorrect
-/bin/sh was missing in the new output.

Without this patch tests fail on default Ubuntu installs.
2018-09-15 10:11:18 +02:00
Yu Watanabe
fd1939fbe7 meson: do not build tests by default when '-Dtests=false'
[zj: it is still possible to build tests explicitly by calling
     ninja -C build test-name. This way we have full flexibility.]
2018-09-13 12:07:34 +02:00
Zbigniew Jędrzejewski-Szmek
938be08926 meson: disable _all_ tests when -Dtests=false
Back in 08318a2c5a, value "false" was enabled for
'-Dtests=', but various tests were not conditionalized properly. So even with
-Dtests=false -Dslow-tests=false we'd run 120 tests. Let's make this consistent.
2018-09-13 12:07:34 +02:00
Yu Watanabe
6088662d57 test-execute: add tests for $RUNTIME_DIRECTORY= or friends 2018-09-13 17:02:58 +09:00
Evgeny Vereshchagin
3311c74d05 tests: add reproducers for several issues uncovered with fuzz-journald-syslog
This is a follow-up to a70f343cac.
2018-09-03 14:07:44 +02:00
Yu Watanabe
0c09cb0e78
Merge pull request #9977 from sourcejedi/no-remount-superblock3
Namespace fixes
2018-09-01 23:18:01 +09:00
Alan Jenkins
ad8e66dcc4 namespace: fix mode for TemporaryFileSystem=
... when no mount options are passed.

Change the code, to avoid the following failure in the newly added tests:

exec-temporaryfilesystem-rw.service: Executing: /usr/bin/sh -x -c
'[ "$(stat -c %a /var)" == 755 ]'
++ stat -c %a /var
+ '[' 1777 == 755 ']'
Received SIGCHLD from PID 30364 (sh).
Child 30364 (sh) died (code=exited, status=1/FAILURE)

(And I spotted an opportunity to use TAKE_PTR() at the end).
2018-09-01 17:22:14 +09:00
Alan Jenkins
69338c3dfb namespace: don't try to remount superblocks
We can't remount the underlying superblocks, if we are inside a user
namespace and running Linux <= 4.17.  We can only change the per-mount
flags (MS_REMOUNT | MS_BIND).

This type of mount() call can only change the per-mount flags, so we
don't have to worry about passing the right string options now.

Fixes #9914 ("Since 1beab8b was merged, systemd has been failing to start
systemd-resolved inside unprivileged containers" ... "Failed to re-mount
'/run/systemd/unit-root/dev' read-only: Operation not permitted").

> It's basically my fault :-). I pointed out we could remount read-only
> without MS_BIND when reviewing the PR that added TemporaryFilesystem=,
> and poettering suggested to change PrivateDevices= at the same time.
> I think it's safe to change back, and I don't expect anyone will notice
> a difference in behaviour.
>
> It just surprised me to realize that
> `TemporaryFilesystem=/tmp:size=10M,ro,nosuid` would not apply `ro` to the
> superblock (underlying filesystem), like mount -osize=10M,ro,nosuid does.
> Maybe a comment could note the kernel version (v4.18), that lets you
> remount without MS_BIND inside a user namespace.

This makes the code longer and I guess this function is still ugly, sorry.
One obstacle to cleaning it up is the interaction between
`PrivateDevices=yes` and `ReadOnlyPaths=/dev`.  I've added a test for the
existing behaviour, which I think is now the correct behaviour.
2018-08-30 11:17:16 +01:00
Evgeny Vereshchagin
746fbd9c34 tests: also run TEST-01-BASIC in an unprivileged container (#9957)
This should make it much easier to catch regressions like
https://github.com/systemd/systemd/issues/9914 and
https://github.com/systemd/systemd/issues/8535.
2018-08-30 13:01:18 +09:00
Yu Watanabe
a1a605f144 test: add testcase for issue 10007 by oss-fuzz 2018-08-22 15:46:47 +09:00
Franck Bui
4dc7bfdf4f tmpfiles: use fd_get_path() even less excessively
A follow-up for commit 9d874aec45.

This patch makes "path" parameter mandatory in fd_set_*() helpers removing the
need to use fd_get_path() when NULL was passed. The caller is supposed to pass
the fd anyway so assuming that it also knows the path should be safe.

Actually, the only case where this was useful (or used) was when we were
walking through directory trees (in item_do()). But even in those cases the
paths could be constructed trivially, which is still better than relying on
fd_get_path() (which is an ugly API).

A very succinct test case is also added for 'z/Z' operators so the code dealing
with recursive operators is tested minimally.
2018-08-21 19:48:08 +02:00