diff mbox series

[autotest-client-tests] UBUNTU: SAUCE: ubuntu_cve_kernel: integrate blacklist rule into control file

Message ID 20220113080232.38472-1-po-hsu.lin@canonical.com
State New
Headers show
Series [autotest-client-tests] UBUNTU: SAUCE: ubuntu_cve_kernel: integrate blacklist rule into control file | expand

Commit Message

Po-Hsu Lin Jan. 13, 2022, 8:02 a.m. UTC 
Experiment shows that only CVE-2016-3672 test cannot be built on
non-x86 systems, it will fail because of the -m32 flag:
   fatal error: bits/libc-header-start.h: No such file or directory

Integrate the arch-specific blacklist setting into sub tests. Also
remove some out-dated series blacklists.

Change the way how we build the test, with this patch sub-tests will
be build and run while being tested, instead of being built altogether
at the very beginning. So that we can make use of the integrated
blacklist for skipping tests.

Patch tested on Focal PowerPC and Bionic s390x

Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
---
 ubuntu_cve_kernel/blacklist.aarch64    |  1 -
 ubuntu_cve_kernel/blacklist.athlon     |  1 -
 ubuntu_cve_kernel/blacklist.i386       |  1 -
 ubuntu_cve_kernel/blacklist.i686       |  1 -
 ubuntu_cve_kernel/blacklist.ppc64el    |  1 -
 ubuntu_cve_kernel/blacklist.ppc64le    |  1 -
 ubuntu_cve_kernel/blacklist.riscv64    |  1 -
 ubuntu_cve_kernel/blacklist.s390x      |  1 -
 ubuntu_cve_kernel/blacklist.utopic     |  1 -
 ubuntu_cve_kernel/blacklist.vivid      |  1 -
 ubuntu_cve_kernel/blacklist.wily       |  1 -
 ubuntu_cve_kernel/control              | 19 ++++++++++++++++---
 ubuntu_cve_kernel/ubuntu_cve_kernel.py | 15 ++++++---------
 13 files changed, 22 insertions(+), 23 deletions(-)
 delete mode 100644 ubuntu_cve_kernel/blacklist.aarch64
 delete mode 100644 ubuntu_cve_kernel/blacklist.athlon
 delete mode 100644 ubuntu_cve_kernel/blacklist.i386
 delete mode 100644 ubuntu_cve_kernel/blacklist.i686
 delete mode 100644 ubuntu_cve_kernel/blacklist.ppc64el
 delete mode 100644 ubuntu_cve_kernel/blacklist.ppc64le
 delete mode 100644 ubuntu_cve_kernel/blacklist.riscv64
 delete mode 100644 ubuntu_cve_kernel/blacklist.s390x
 delete mode 100644 ubuntu_cve_kernel/blacklist.utopic
 delete mode 100644 ubuntu_cve_kernel/blacklist.vivid
 delete mode 100644 ubuntu_cve_kernel/blacklist.wily

Comments

Po-Hsu Lin Jan. 18, 2022, 5:42 a.m. UTC | #1 
Applied and pushed.

Thanks
Sam
diff mbox series

Patch

diff --git a/ubuntu_cve_kernel/blacklist.aarch64 b/ubuntu_cve_kernel/blacklist.aarch64
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.aarch64
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.athlon b/ubuntu_cve_kernel/blacklist.athlon
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.athlon
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.i386 b/ubuntu_cve_kernel/blacklist.i386
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.i386
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.i686 b/ubuntu_cve_kernel/blacklist.i686
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.i686
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.ppc64el b/ubuntu_cve_kernel/blacklist.ppc64el
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.ppc64el
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.ppc64le b/ubuntu_cve_kernel/blacklist.ppc64le
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.ppc64le
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.riscv64 b/ubuntu_cve_kernel/blacklist.riscv64
deleted file mode 100644
index db0d3979..00000000
--- a/ubuntu_cve_kernel/blacklist.riscv64
+++ /dev/null
@@ -1 +0,0 @@ 
-ubuntu_cve_kernel is an amd64 only test
diff --git a/ubuntu_cve_kernel/blacklist.s390x b/ubuntu_cve_kernel/blacklist.s390x
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.s390x
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.utopic b/ubuntu_cve_kernel/blacklist.utopic
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.utopic
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.vivid b/ubuntu_cve_kernel/blacklist.vivid
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.vivid
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/blacklist.wily b/ubuntu_cve_kernel/blacklist.wily
deleted file mode 100644
index d00491fd..00000000
--- a/ubuntu_cve_kernel/blacklist.wily
+++ /dev/null
@@ -1 +0,0 @@ 
-1
diff --git a/ubuntu_cve_kernel/control b/ubuntu_cve_kernel/control
index 8c4bd099..b91f23de 100644
--- a/ubuntu_cve_kernel/control
+++ b/ubuntu_cve_kernel/control
@@ -15,7 +15,20 @@  Tests publicly available CVE exploits
 
 name = 'ubuntu_cve_kernel'
 
-CVES=['CVE-2015-7550', 'CVE-2015-8543', 'CVE-2015-8660', 'CVE-2016-0728', 'CVE-2016-3134', 'CVE-2016-3135', 'CVE-2016-3672']
-for cve in CVES:
-    result = job.run_test_detail(name, cve=cve, tag=cve, timeout=60*15)
+CVES = {'CVE-2015-7550': {'arch-blacklist': []},
+        'CVE-2015-8543': {'arch-blacklist': []},
+        'CVE-2015-8660': {'arch-blacklist': []},
+        'CVE-2016-0728': {'arch-blacklist': []},
+        'CVE-2016-3134': {'arch-blacklist': []},
+        'CVE-2016-3135': {'arch-blacklist': []},
+        'CVE-2016-3672': {'arch-blacklist': ['aarch64', 'athlon', 'ppc64le', 'riscv64', 's390x']},
+}
+
+result = job.run_test_detail(name, test_name='setup', tag='setup', timeout=60*10)
+if result == 'ERROR':
+    print("ERROR: required packages installation has failed, skipping all the sub tests")
+else:
+    for cve in CVES:
+        if not platform.processor() in CVES[cve]['arch-blacklist']:
+            result = job.run_test_detail(name, test_name=cve, tag=cve, timeout=60*15)
 
diff --git a/ubuntu_cve_kernel/ubuntu_cve_kernel.py b/ubuntu_cve_kernel/ubuntu_cve_kernel.py
index 88c36dc1..5f3cc7af 100644
--- a/ubuntu_cve_kernel/ubuntu_cve_kernel.py
+++ b/ubuntu_cve_kernel/ubuntu_cve_kernel.py
@@ -6,11 +6,6 @@  class ubuntu_cve_kernel(test.test):
 
     def install_required_pkgs(self):
         arch   = platform.processor()
-        try:
-            series = platform.dist()[2]
-        except AttributeError:
-            import distro
-            series = distro.codename()
 
         pkgs = [
             'build-essential', 'git', 'libkeyutils-dev', 'libfuse-dev', 'pkg-config', 'expect', 'libecryptfs-dev', 'ecryptfs-utils'
@@ -27,11 +22,13 @@  class ubuntu_cve_kernel(test.test):
     def setup(self):
         self.install_required_pkgs()
         self.job.require_gcc()
-        utils.system('make -C %s/cves' % self.bindir)
 
-    def run_once(self, cve, exit_on_error=True, set_time=True):
-        print('*** %s ***' % cve)
-        cmd = 'make -C %s/cves/%s check' % (self.bindir, cve)
+    def run_once(self, test_name, exit_on_error=True, set_time=True):
+        if test_name == 'setup':
+            return
+
+        print('*** %s ***' % test_name)
+        cmd = 'make -C %s/cves/%s check' % (self.bindir, test_name)
         self.results = utils.system_output(cmd, retain_output=True)
 
 # vi:set ts=4 sw=4 expandtab syntax=python: