Skip to content

Commit

Permalink
ci: only in a UML environment run the kernel tests
Browse files Browse the repository at this point in the history 
The kernel tests require a TPM, fsverity configured in the kernel and
the fsverity tools, access to the private key associated with an IMA
code signing key loaded on the IMA keyring, or specific EVM states.

For these reasons, only run the kernel tests in a UML environment.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
  • Loading branch information
@mimizohar
mimizohar committed May 20, 2024
1 parent aec23f6 commit 3d59561
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 4 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,7 @@ jobs:
TST_ENV: um
TST_KERNEL: ../linux
TST_EVM_CHANGE_MODE: 1
TESTGROUP: all

- container: "centos:7"
env:
Expand Down Expand Up @@ -236,4 +237,4 @@ jobs:
run: $CC --version

- name: Compile
run: CC="$CC" VARIANT="$VARIANT" COMPILE_SSL="$COMPILE_SSL" TST_ENV="$TST_ENV" TST_KERNEL="$TST_KERNEL" ./build.sh
run: CC="$CC" VARIANT="$VARIANT" COMPILE_SSL="$COMPILE_SSL" TST_ENV="$TST_ENV" TST_KERNEL="$TST_KERNEL" TESTGROUP="$TESTGROUP" ./build.sh
4 changes: 2 additions & 2 deletions .travis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ matrix:
compiler: clang

- os: linux
env: DISTRO=fedora:latest TSS=ibmtss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host"
env: DISTRO=fedora:latest TSS=ibmtss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host" TESTGROUP=all
compiler: clang

- os: linux
Expand Down Expand Up @@ -99,4 +99,4 @@ script:
- INSTALL="${DISTRO#${REPO}}"
- INSTALL="${INSTALL%%:*}"
- INSTALL="${INSTALL%%/*}"
- $CONTAINER run $CONTAINER_ARGS -t ima-evm-utils /bin/sh -c "if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./ci/$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./ci/$INSTALL.sh && if [ \"$COMPILE_SSL\" ]; then COMPILE_SSL=\"$COMPILE_SSL\" VARIANT=\"$VARIANT\" ./tests/install-openssl3.sh; fi && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || if which tssstartup; then ./tests/install-swtpm.sh; fi; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" COMPILE_SSL=\"$COMPILE_SSL\" ./build.sh"
- $CONTAINER run $CONTAINER_ARGS -t ima-evm-utils /bin/sh -c "if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./ci/$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./ci/$INSTALL.sh && if [ \"$COMPILE_SSL\" ]; then COMPILE_SSL=\"$COMPILE_SSL\" VARIANT=\"$VARIANT\" ./tests/install-openssl3.sh; fi && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || if which tssstartup; then ./tests/install-swtpm.sh; fi; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" COMPILE_SSL=\"$COMPILE_SSL\" TESTGROUP=\"$TESTGROUP\" ./build.sh"
9 changes: 8 additions & 1 deletion build.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ $CC --version
echo "CFLAGS: '$CFLAGS'"
echo "LDFLAGS: '$LDFLAGS'"
echo "PREFIX: '$PREFIX'"
echo "TESTGROUP: '$TESTGROUP'"

title "configure"
./autogen.sh
Expand All @@ -93,7 +94,13 @@ if [ "$VARIANT" = "cross-compile" ]; then
fi

ret=0
VERBOSE=1 make check || ret=$?
if [ -z "$TESTGROUP" ]; then
cd tests; VERBOSE=1 make self-tests || ret=$? ; cd ..
elif [ "$TESTGROUP" = "all" ]; then
VERBOSE=1 make check || ret=$?
else
cd tests; VERBOSE=1 make $TESTGROUP || ret=$? ; cd ..
fi

title "logs"
if [ $ret -eq 0 ]; then
Expand Down

0 comments on commit 3d59561

Please sign in to comment.