projects
/
kconfig-hardened-check.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
eec1747
)
Add functional tests for --generate
author
Alexander Popov
<alex.popov@linux.com>
Mon, 12 Jun 2023 14:59:50 +0000
(17:59 +0300)
committer
Alexander Popov
<alex.popov@linux.com>
Mon, 12 Jun 2023 15:00:10 +0000
(18:00 +0300)
Refers to #67.
.github/workflows/functional_test.sh
patch
|
blob
|
history
diff --git
a/.github/workflows/functional_test.sh
b/.github/workflows/functional_test.sh
index d9b9b37bc04dc3a220eec41b786b870c974eb05a..8d747487fbcaeb7b85c47a64b4c0d0a65c00fa05 100644
(file)
--- a/
.github/workflows/functional_test.sh
+++ b/
.github/workflows/functional_test.sh
@@
-12,7
+12,7
@@
coverage run -a --branch bin/kconfig-hardened-check -h
echo ">>>>> get version <<<<<"
coverage run -a --branch bin/kconfig-hardened-check --version
echo ">>>>> get version <<<<<"
coverage run -a --branch bin/kconfig-hardened-check --version
-echo ">>>>> print the security hardening
preference
s <<<<<"
+echo ">>>>> print the security hardening
recommendation
s <<<<<"
coverage run -a --branch bin/kconfig-hardened-check -p X86_64
coverage run -a --branch bin/kconfig-hardened-check -p X86_64 -m verbose
coverage run -a --branch bin/kconfig-hardened-check -p X86_64 -m json
coverage run -a --branch bin/kconfig-hardened-check -p X86_64
coverage run -a --branch bin/kconfig-hardened-check -p X86_64 -m verbose
coverage run -a --branch bin/kconfig-hardened-check -p X86_64 -m json
@@
-29,6
+29,12
@@
coverage run -a --branch bin/kconfig-hardened-check -p ARM
coverage run -a --branch bin/kconfig-hardened-check -p ARM -m verbose
coverage run -a --branch bin/kconfig-hardened-check -p ARM -m json
coverage run -a --branch bin/kconfig-hardened-check -p ARM -m verbose
coverage run -a --branch bin/kconfig-hardened-check -p ARM -m json
+echo ">>>>> generate the Kconfig fragment <<<<<"
+coverage run -a --branch bin/kconfig-hardened-check -g X86_64
+coverage run -a --branch bin/kconfig-hardened-check -g X86_32
+coverage run -a --branch bin/kconfig-hardened-check -g ARM64
+coverage run -a --branch bin/kconfig-hardened-check -g ARM
+
echo ">>>>> check the example kconfig files and cmdline <<<<<"
cat /proc/cmdline
echo "l1tf=off mds=full randomize_kstack_offset=on iommu.passthrough=0" > ./cmdline_example
echo ">>>>> check the example kconfig files and cmdline <<<<<"
cat /proc/cmdline
echo "l1tf=off mds=full randomize_kstack_offset=on iommu.passthrough=0" > ./cmdline_example
@@
-62,6
+68,12
@@
echo ">>>>> wrong modes for -p <<<<<"
echo ">>>>> -p and -c together <<<<<"
! coverage run -a --branch bin/kconfig-hardened-check -p X86_64 -c kconfig_hardened_check/config_files/distros/fedora_34.config
echo ">>>>> -p and -c together <<<<<"
! coverage run -a --branch bin/kconfig-hardened-check -p X86_64 -c kconfig_hardened_check/config_files/distros/fedora_34.config
+echo ">>>>> wrong mode for -g <<<<<"
+! coverage run -a --branch bin/kconfig-hardened-check -g X86_64 -m show_ok
+
+echo ">>>>> -g and -c together <<<<<"
+! coverage run -a --branch bin/kconfig-hardened-check -g X86_64 -c kconfig_hardened_check/config_files/distros/fedora_34.config
+
cp kconfig_hardened_check/config_files/distros/fedora_34.config ./test.config
echo ">>>>> no kernel version <<<<<"
cp kconfig_hardened_check/config_files/distros/fedora_34.config ./test.config
echo ">>>>> no kernel version <<<<<"