From a906f21e03b3e5ecc78c23618d4c29fec27ef708 Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Sat, 23 Nov 2024 22:47:48 +0300 Subject: [PATCH] CI: Simplify the functional test a bit --- .github/workflows/functional_test.sh | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/functional_test.sh b/.github/workflows/functional_test.sh index ecac76f..ed2285d 100644 --- a/.github/workflows/functional_test.sh +++ b/.github/workflows/functional_test.sh @@ -49,10 +49,9 @@ coverage run -a --branch bin/kernel-hardening-checker -a -m show_ok coverage run -a --branch bin/kernel-hardening-checker -a -m show_fail echo ">>>>> check the example kconfig files, cmdline, and sysctl <<<<<" -cat /proc/cmdline -echo "l1tf=off mds=full mitigations=off randomize_kstack_offset=on retbleed=0 iommu.passthrough=0" > ./cmdline_example +cat /proc/cmdline > ./cmdline_example +sed -i "1s/^/l1tf=off mds=full mitigations=off randomize_kstack_offset=on retbleed=0 iommu.passthrough=0 /" ./cmdline_example cat ./cmdline_example -sysctl -a > /tmp/sysctls CONFIG_DIR=`find . -name config_files` SYSCTL_EXAMPLE=$CONFIG_DIR/distros/example_sysctls.txt KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"` @@ -62,14 +61,13 @@ do COUNT=$(expr $COUNT + 1) echo "\n>>>>> checking kconfig number $COUNT <<<<<" coverage run -a --branch bin/kernel-hardening-checker -c $C - coverage run -a --branch bin/kernel-hardening-checker -c $C -m verbose > /dev/null - coverage run -a --branch bin/kernel-hardening-checker -c $C -l /proc/cmdline - coverage run -a --branch bin/kernel-hardening-checker -c $C -s /tmp/sysctls + coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example + coverage run -a --branch bin/kernel-hardening-checker -c $C -s $SYSCTL_EXAMPLE coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m verbose > /dev/null - coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m json - coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m show_ok - coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m show_fail + coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m json > /dev/null + coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m show_ok > /dev/null + coverage run -a --branch bin/kernel-hardening-checker -c $C -l ./cmdline_example -s $SYSCTL_EXAMPLE -m show_fail > /dev/null done echo "\n>>>>> have checked $COUNT kconfigs <<<<<" @@ -171,7 +169,7 @@ sed '3d' test.config > error.config coverage run -a --branch bin/kernel-hardening-checker -c error.config && exit 1 echo ">>>>> strange kernel version in kconfig <<<<<" -sed '3 s/Linux/WAT/' test.config > error.config +sed '3s/Linux/WAT/' test.config > error.config coverage run -a --branch bin/kernel-hardening-checker -c error.config && exit 1 echo ">>>>> strange kernel version via -v <<<<<" -- 2.31.1