[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [OSSTEST PATCH RFC v1 00/12] XSM test cases for OSSTest

Hi all

This patch series attempts to duplicate some Debian smoke test for XSM in Xen.

Tests duplicated:

There are several loose ends, hence the RFC tag. I will list them one by one.

1. XSM policy naming convention

There's not yet an official naming convention for XSM policy. We need this to
propose changes to upstream GRUB. Daniel suggested one naming convention and it 
can be found at <1410809355-24471-1-git-send-email-wei.liu2@xxxxxxxxxx>.

2. GRUB doesn't support adding in XSM policy module

This is currently being addressed by our customized patch. I will file a bug
report, with my patch attached to upstream GRUB. Ideally Debian will pick up
the change in some future release, then we can remove that patch from OSSTest
when OSSTest migrates to that release.

3. Uboot changes have not been tested, ARM related tests have not been run

I don't have ARM test infrastructure at hand.

4. In-tree default policy is too strict

For PV guest test case, it can successfully create a guest, but fails at
saving. Xen log says "permission denied".

For QEMU upstream HVM guest, QEMU segfaults with NULL pointer dereference. 

For QEMU traditional HVM guest, guest crashes with triple fault.

I have yet tried to debug HVM test cases. Presumably the failures are combined
effect of the enforced XSM policy and some QEMU bugs. It's likely to take some
time to figure out what went wrong. The bug fix and policy tuning is orthogonal
to the test case itself though.


Wei Liu (12):
  README: list chiark-utils-bin as requirement
  gitignore: ignore images directory
  ts-xen-build-prep: install checkpolicy
  ts-xen-build: build with XSM support if requested
  mfi-common: create build-$arch-xsm job
  Debian.pm: pass in XSM configuration to bootloader setup routines
  Debian.pm: load flask policy in uboot
  ts-xen-install: install Xen with XSM support if requested
  mfi-common: use XSM build if job name contains -xsm suffix
  make-flight: create XSM test jobs
  ts-debian-install: add in seclabel if XSM is enabled
  ts-debian-hvm-install: add in seclabel if XSM is enabled

 .gitignore            |    1 +
 Osstest/Debian.pm     |   50 ++++++++++++++++++-----
 README                |    1 +
 make-flight           |   35 ++++++++++++++--
 mfi-common            |   38 ++++++++++++++++++
 ts-debian-hvm-install |   14 +++++--
 ts-debian-install     |   11 ++++-
 ts-xen-build          |    2 +
 ts-xen-build-prep     |    2 +-
 ts-xen-install        |  106 ++++++++++++++++++++++++++++++++++++++++++++++++-
 10 files changed, 238 insertions(+), 22 deletions(-)


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.