deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-ubuntu_cve_kernel is an amd64 only test
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
deleted file mode 100644
@@ -1 +0,0 @@
-1
@@ -15,7 +15,20 @@ Tests publicly available CVE exploits
name = 'ubuntu_cve_kernel'
-CVES=['CVE-2015-7550', 'CVE-2015-8543', 'CVE-2015-8660', 'CVE-2016-0728', 'CVE-2016-3134', 'CVE-2016-3135', 'CVE-2016-3672']
-for cve in CVES:
- result = job.run_test_detail(name, cve=cve, tag=cve, timeout=60*15)
+CVES = {'CVE-2015-7550': {'arch-blacklist': []},
+ 'CVE-2015-8543': {'arch-blacklist': []},
+ 'CVE-2015-8660': {'arch-blacklist': []},
+ 'CVE-2016-0728': {'arch-blacklist': []},
+ 'CVE-2016-3134': {'arch-blacklist': []},
+ 'CVE-2016-3135': {'arch-blacklist': []},
+ 'CVE-2016-3672': {'arch-blacklist': ['aarch64', 'athlon', 'ppc64le', 'riscv64', 's390x']},
+}
+
+result = job.run_test_detail(name, test_name='setup', tag='setup', timeout=60*10)
+if result == 'ERROR':
+ print("ERROR: required packages installation has failed, skipping all the sub tests")
+else:
+ for cve in CVES:
+ if not platform.processor() in CVES[cve]['arch-blacklist']:
+ result = job.run_test_detail(name, test_name=cve, tag=cve, timeout=60*15)
@@ -6,11 +6,6 @@ class ubuntu_cve_kernel(test.test):
def install_required_pkgs(self):
arch = platform.processor()
- try:
- series = platform.dist()[2]
- except AttributeError:
- import distro
- series = distro.codename()
pkgs = [
'build-essential', 'git', 'libkeyutils-dev', 'libfuse-dev', 'pkg-config', 'expect', 'libecryptfs-dev', 'ecryptfs-utils'
@@ -27,11 +22,13 @@ class ubuntu_cve_kernel(test.test):
def setup(self):
self.install_required_pkgs()
self.job.require_gcc()
- utils.system('make -C %s/cves' % self.bindir)
- def run_once(self, cve, exit_on_error=True, set_time=True):
- print('*** %s ***' % cve)
- cmd = 'make -C %s/cves/%s check' % (self.bindir, cve)
+ def run_once(self, test_name, exit_on_error=True, set_time=True):
+ if test_name == 'setup':
+ return
+
+ print('*** %s ***' % test_name)
+ cmd = 'make -C %s/cves/%s check' % (self.bindir, test_name)
self.results = utils.system_output(cmd, retain_output=True)
# vi:set ts=4 sw=4 expandtab syntax=python:
Experiment shows that only CVE-2016-3672 test cannot be built on non-x86 systems, it will fail because of the -m32 flag: fatal error: bits/libc-header-start.h: No such file or directory Integrate the arch-specific blacklist setting into sub tests. Also remove some out-dated series blacklists. Change the way how we build the test, with this patch sub-tests will be build and run while being tested, instead of being built altogether at the very beginning. So that we can make use of the integrated blacklist for skipping tests. Patch tested on Focal PowerPC and Bionic s390x Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com> --- ubuntu_cve_kernel/blacklist.aarch64 | 1 - ubuntu_cve_kernel/blacklist.athlon | 1 - ubuntu_cve_kernel/blacklist.i386 | 1 - ubuntu_cve_kernel/blacklist.i686 | 1 - ubuntu_cve_kernel/blacklist.ppc64el | 1 - ubuntu_cve_kernel/blacklist.ppc64le | 1 - ubuntu_cve_kernel/blacklist.riscv64 | 1 - ubuntu_cve_kernel/blacklist.s390x | 1 - ubuntu_cve_kernel/blacklist.utopic | 1 - ubuntu_cve_kernel/blacklist.vivid | 1 - ubuntu_cve_kernel/blacklist.wily | 1 - ubuntu_cve_kernel/control | 19 ++++++++++++++++--- ubuntu_cve_kernel/ubuntu_cve_kernel.py | 15 ++++++--------- 13 files changed, 22 insertions(+), 23 deletions(-) delete mode 100644 ubuntu_cve_kernel/blacklist.aarch64 delete mode 100644 ubuntu_cve_kernel/blacklist.athlon delete mode 100644 ubuntu_cve_kernel/blacklist.i386 delete mode 100644 ubuntu_cve_kernel/blacklist.i686 delete mode 100644 ubuntu_cve_kernel/blacklist.ppc64el delete mode 100644 ubuntu_cve_kernel/blacklist.ppc64le delete mode 100644 ubuntu_cve_kernel/blacklist.riscv64 delete mode 100644 ubuntu_cve_kernel/blacklist.s390x delete mode 100644 ubuntu_cve_kernel/blacklist.utopic delete mode 100644 ubuntu_cve_kernel/blacklist.vivid delete mode 100644 ubuntu_cve_kernel/blacklist.wily