github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-09-01 15:08:33 +00:00
Code Issues Projects Releases Wiki Activity

Move test related code to the test directory

Browse Source 
This does not yet move the `make test` options in the Makefile, will
probably move those too later.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack
2017-03-20 15:53:22 +00:00
parent 4f12dadc21
commit 5746d3d2bf
13 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
tools/check/Dockerfile
View File

@@ -1,5 +0,0 @@
FROM alpine:3.5
RUN apk update && apk upgrade && apk add --no-cache bash
ADD https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh /check-config.sh
ADD . ./
ENTRYPOINT ["/bin/sh", "/check.sh"]

29
tools/check/Makefile
View File

@@ -1,29 +0,0 @@
.PHONY: tag push
BASE=alpine:3.5
IMAGE=check
default: push
hash: Dockerfile check.sh check-kernel-config.sh etc/moby
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm --entrypoint=/bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > hash
push: hash
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
docker push mobylinux/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean:
rm -f hash
.DELETE_ON_ERROR:

73
tools/check/check-kernel-config.sh
View File

@@ -1,73 +0,0 @@
#!/bin/sh
set -e
echo "starting kernel config sanity test with /proc/config.gz"
# decompress /proc/config.gz from the Moby host
UNZIPPED_CONFIG=$(zcat /proc/config.gz)
kernelVersion="$(uname -r)"
kernelMajor="${kernelVersion%%.*}"
kernelMinor="${kernelVersion#$kernelMajor.}"
kernelMinor="${kernelMinor%%.*}"
# Most tests against https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project
# Positive cases
echo $UNZIPPED_CONFIG | grep -q CONFIG_BUG=y || (echo "CONFIG_BUG=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_KERNEL=y || (echo "CONFIG_DEBUG_KERNEL=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_RODATA=y || (echo "CONFIG_DEBUG_RODATA=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_CC_STACKPROTECTOR=y || (echo "CONFIG_CC_STACKPROTECTOR=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_CC_STACKPROTECTOR_STRONG=y || (echo "CONFIG_CC_STACKPROTECTOR_STRONG=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_STRICT_DEVMEM=y || (echo "CONFIG_STRICT_DEVMEM=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_SYN_COOKIES=y || (echo "CONFIG_SYN_COOKIES=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_CREDENTIALS=y || (echo "CONFIG_DEBUG_CREDENTIALS=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_NOTIFIERS=y || (echo "CONFIG_DEBUG_NOTIFIERS=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_LIST=y || (echo "CONFIG_DEBUG_LIST=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECCOMP=y || (echo "CONFIG_SECCOMP=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECCOMP_FILTER=y || (echo "CONFIG_SECCOMP_FILTER=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECURITY=y || (echo "CONFIG_SECURITY=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_SECURITY_YAMA=y || (echo "CONFIG_SECURITY_YAMA=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_PANIC_ON_OOPS=y || (echo "CONFIG_PANIC_ON_OOPS=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_DEBUG_SET_MODULE_RONX=y || (echo "CONFIG_DEBUG_SET_MODULE_RONX=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_SYN_COOKIES=y || (echo "CONFIG_SYN_COOKIES=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_LEGACY_VSYSCALL_NONE=y || (echo "CONFIG_LEGACY_VSYSCALL_NONE=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_RANDOMIZE_BASE=y || (echo "CONFIG_RANDOMIZE_BASE=y" && exit 1)
# Conditional on kernel version
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 5 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_IO_STRICT_DEVMEM=y || (echo "CONFIG_IO_STRICT_DEVMEM=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_UBSAN=y || (echo "CONFIG_UBSAN=y" && exit 1)
fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 7 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_SLAB_FREELIST_RANDOM=y || (echo "CONFIG_SLAB_FREELIST_RANDOM=y" && exit 1)
fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 8 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_HARDENED_USERCOPY=y || (echo "CONFIG_HARDENED_USERCOPY=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_RANDOMIZE_MEMORY=y || (echo "CONFIG_RANDOMIZE_MEMORY=y" && exit 1)
fi
# poisoning cannot be enabled in 4.4
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 9 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING=y || (echo "CONFIG_PAGE_POISONING=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING_NO_SANITY=y || (echo "CONFIG_PAGE_POISONING_NO_SANITY=y" && exit 1)
echo $UNZIPPED_CONFIG | grep -q CONFIG_PAGE_POISONING_ZERO=y || (echo "CONFIG_PAGE_POISONING_ZERO=y" && exit 1)
fi
if [ "$kernelMajor" -ge 4 -a "$kernelMinor" -ge 10 ]; then
echo $UNZIPPED_CONFIG | grep -q CONFIG_BUG_ON_DATA_CORRUPTION=y || (echo "CONFIG_BUG_ON_DATA_CORRUPTION=y" && exit 1)
fi
# Negative cases
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_ACPI_CUSTOM_METHOD is not set' || (echo "CONFIG_ACPI_CUSTOM_METHOD is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_COMPAT_BRK is not set' || (echo "CONFIG_COMPAT_BRK is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_DEVKMEM is not set' || (echo "CONFIG_DEVKMEM is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_COMPAT_VDSO is not set' || (echo "CONFIG_COMPAT_VDSO is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_KEXEC is not set' || (echo "CONFIG_KEXEC is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_HIBERNATION is not set' || (echo "CONFIG_HIBERNATION is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_LEGACY_PTYS is not set' || (echo "CONFIG_LEGACY_PTYS is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_X86_X32 is not set' || (echo "CONFIG_X86_X32 is not set" && exit 1)
echo $UNZIPPED_CONFIG | grep -q 'CONFIG_MODIFY_LDT_SYSCALL is not set' || (echo "CONFIG_MODIFY_LDT_SYSCALL is not set" && exit 1)
echo "kernel config test succeeded!"

15
tools/check/check.sh
View File

@@ -1,15 +0,0 @@
#!/bin/sh
function failed {
printf "Moby test suite FAILED\n"
/sbin/poweroff -f
}
/check-kernel-config.sh || failed
bash /check-config.sh || failed
printf "Moby test suite PASSED\n"
cat /etc/moby
/sbin/poweroff -f

10
tools/check/etc/moby
View File

@@ -1,10 +0,0 @@
## .
## ## ## ==
## ## ## ## ## ===
/"""""""""""""""""\___/ ===
~~~ {~~ ~~~~ ~~~ ~~~~ ~~~ ~ / ===- ~~~
\______ o __/
\ \ __/
\____\_______/

2
tools/test-ltp/.gitignore vendored
View File

@@ -1,2 +0,0 @@
/hash
/opt

19
tools/test-ltp/Dockerfile.build
View File

@@ -1,19 +0,0 @@
FROM debian:jessie
ARG LTP_VERSION
ENV LTP_SOURCE=https://github.com/linux-test-project/ltp/releases/download/${LTP_VERSION}/ltp-full-${LTP_VERSION}.tar.xz
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -y curl xz-utils make gcc flex bison automake autoconf
RUN curl -fsSL -o ltp-full-${LTP_VERSION}.tar.xz ${LTP_SOURCE}
RUN cat ltp-full-${LTP_VERSION}.tar.xz | tar --absolute-names -xJ && mv /ltp-full-${LTP_VERSION} /ltp
RUN cd /ltp \
&& make autotools \
&& ./configure \
&& make -j "$(getconf _NPROCESSORS_ONLN)" all \
&& make install

4
tools/test-ltp/Dockerfile.pkg
View File

@@ -1,4 +0,0 @@
FROM debian:jessie-slim@sha256:2a14128195ab26b1c56c5773dda9def9b909c2e01596ef9108e2295d418210a3
ADD . /
WORKDIR /opt/ltp
ENTRYPOINT ["./runltplite.sh"]

42
tools/test-ltp/Makefile
View File

@@ -1,42 +0,0 @@
LTP_VERSION=20170116
all: ltp.tar push
# Build LTP and get the result as a tarball
DEPS=Dockerfile.build Makefile
ltp.tag: $(DEPS)
BUILD=$$(docker build -f $< -q . --build-arg LTP_VERSION=$(LTP_VERSION)) && [ -n "$$BUILD" ] && echo "Built $$BUILD" && echo "$$BUILD" > $@
ltp.tar: ltp.tag
docker run --rm --net=none --log-driver=none $(shell cat ltp.tag) tar cf - opt/ltp > $@
SHASUM=alpine:3.5
IMAGE=test-ltp-$(LTP_VERSION)
# Note: We do not compute the hash from all the dependencies here
# because the ltp binaries will change everytime we build. Ideally, we
# would calculate the hash from the source and the apt-get cache, but
# it's not that critical.
hash: Dockerfile.pkg ltp.tar $(DEPS)
tar xf ltp.tar
tar cf - Dockerfile.pkg opt | docker build --no-cache -t $(IMAGE):build -f Dockerfile.pkg -
cat Dockerfile.pkg $(DEPS) | DOCKER_CONTENT_TRUST=1 docker run --rm -i $(SHASUM) sha1sum | sed 's/ .*//' > $@
push: hash
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
docker push mobylinux/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
.PHONY: clean
clean:
rm -rf opt ltp.tar ltp.tag hash
.DELETE_ON_ERROR:

1
tools/test-ltp/README.md
View File

@@ -1 +0,0 @@
This directory creates a container which runs the Linux Test Project test code

17
tools/test-ltp/test-ltp.yaml
View File

@@ -1,17 +0,0 @@
kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0"
init: "mobylinux/init:1402058c0f90adf2b12fcfb8332b334c7e9c5d8c"
system:
- name: ltp
image: "mobylinux/test-ltp-20170116:fdca2d1bb019b1d51e722e6032c82c7933d4b870"
network_mode: host
pid: host
capabilities:
- CAP_SYS_ADMIN
files:
outputs:
- format: kernel+initrd
- format: iso-bios
# The initrd is too large for a pre-allocated EFI ISO
# - format: iso-efi