From ccf10b31304a6b92682742d7d402ea20d0caf033 Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Mon, 14 Aug 2023 00:08:22 +0300 Subject: [PATCH] Use example_sysctls.txt in the functional test This file was made with root privileges, so it has a full list of sysctls. --- .github/workflows/functional_test.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/functional_test.sh b/.github/workflows/functional_test.sh index 9553301..de4b6a3 100644 --- a/.github/workflows/functional_test.sh +++ b/.github/workflows/functional_test.sh @@ -41,6 +41,7 @@ echo "l1tf=off mds=full randomize_kstack_offset=on iommu.passthrough=0" > ./cmdl cat ./cmdline_example sysctl -a > /tmp/sysctls CONFIG_DIR=`find . -name config_files` +SYSCTL_EXAMPLE=$CONFIG_DIR/distros/example_sysctls.txt KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"` COUNT=0 for C in $KCONFIGS @@ -51,11 +52,11 @@ do coverage run -a --branch bin/kconfig-hardened-check -c $C -m verbose > /dev/null coverage run -a --branch bin/kconfig-hardened-check -c $C -l /proc/cmdline > /dev/null coverage run -a --branch bin/kconfig-hardened-check -c $C -s /tmp/sysctls > /dev/null - coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s /tmp/sysctls > /dev/null - coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s /tmp/sysctls -m verbose > /dev/null - coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s /tmp/sysctls -m json > /dev/null - coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s /tmp/sysctls -m show_ok > /dev/null - coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s /tmp/sysctls -m show_fail > /dev/null + coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE > /dev/null + coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m verbose > /dev/null + coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m json > /dev/null + coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m show_ok > /dev/null + coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m show_fail > /dev/null done echo "\n>>>>> have checked $COUNT kconfigs <<<<<" -- 2.31.1