Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable landlock setlfetsts on tritium #1505

Closed
wants to merge 1 commit into from
Closed

Enable landlock setlfetsts on tritium #1505

wants to merge 1 commit into from

Conversation

broonie
Copy link
Member

@broonie broonie commented Nov 10, 2022

Enable landlock selftests on Tritum

@broonie broonie mentioned this pull request Nov 10, 2022
Merged
@nuclearcat nuclearcat mentioned this pull request Nov 21, 2022
Merged
@nuclearcat nuclearcat self-assigned this Jan 3, 2023
@nuclearcat nuclearcat mentioned this pull request Jan 4, 2023
Closed
@nuclearcat
Copy link
Member

Can you rebase it please?

@gctucker
Copy link
Contributor 

Plans broken order for sun50i-h5-libretech-all-h3-cc: 'kselftest-rseq' before 'kselftest-landlock'

@broonie
test-configs.yaml: Run landlock on Tritium
3d9010c 
This is a relatively abundant and quick to boot board.

Signed-off-by: Mark Brown <[email protected]>
gctucker
gctucker reviewed Apr 6, 2023
View reviewed changes
Copy link
Contributor

@gctucker gctucker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested on staging, it's failing to boot:
https://staging.kernelci.org/test/plan/id/642946eba049c7464e0b9bf4/
https://storage.staging.kernelci.org/next/master/next-20230331/arm64/defconfig+kselftest-slim/gcc-10/lab-broonie/kselftest-landlock-sun50i-h5-libretech-all-h3-cc.html#L971

@gctucker gctucker mentioned this pull request Apr 6, 2023
Closed
@broonie
Copy link
Member Author

broonie commented Apr 13, 2023

That'll need some progress on the kselftest-slim PR #1759

@gctucker
Copy link
Contributor

I've added some comments on #1759 about only increasing the number of builds for mainline and next rather than all the build configs.

@gctucker
Copy link
Contributor

gctucker commented Jul 5, 2023

Adding skip label because of #1994

@gctucker gctucker added the staging-skip Don't test automatically on staging.kernelci.org label Jul 5, 2023
@l0kod
Copy link

l0kod commented May 14, 2024

Any news? Could you please enable Landlock tests now?

@gctucker
Copy link
Contributor

@nuclearcat @broonie ^ Could you please take a look?

@nuclearcat
Copy link
Member

We put most efforts now on enabling tests on new system. Legacy system tests coverage is already being reduced and lab owners are discussing about switching to new, and then after short validation period switching off legacy system support.
As there is interest in landlock we will put as higher priority now and try to enable soon.

@padovan
Copy link
Contributor

padovan commented May 14, 2024

FYI: kernelci/kernelci-project#337

As soon as we enable the stable-rcs reports in the new infra, Collabora will be also looking at cutting their lab out of the legacy system.

@nuclearcat
Copy link
Member

Closing, as we are deprecating the legacy system. If this is still an issue or relevant, please re-open it under the Maestro system. Thank you for your contribution, and sorry for the inconvenience.

@nuclearcat nuclearcat closed this Jul 16, 2024
@l0kod
Copy link

l0kod commented Jul 16, 2024

Closing, as we are deprecating the legacy system. If this is still an issue or relevant, please re-open it under the Maestro system. Thank you for your contribution, and sorry for the inconvenience.

How to re-open this issue under the Maestro system?

@nuclearcat
Copy link
Member

You can open issue in https://github.com/kernelci/kernelci-pipeline/
I think it is trivial to enable, so i will create PR for landlock tests today.

nuclearcat added a commit to nuclearcat/kernelci-pipeline that referenced this pull request Jul 16, 2024
@nuclearcat
pipeline.yaml: Add kselftest-landlock to x86 devices
590380b 
During cleanup in legacy system, author of PR kernelci/kernelci-core#1505
expressed interest in enabling landlock tests.
Let's do first step and enable landlock tests at least on x86 devices.

Signed-off-by: Denys Fedoryshchenko <[email protected]>
@nuclearcat nuclearcat mentioned this pull request Jul 16, 2024
Open
nuclearcat added a commit to nuclearcat/kernelci-pipeline that referenced this pull request Jul 16, 2024
@nuclearcat
pipeline.yaml: Add kselftest-landlock to x86 devices
b5b1e90 
During cleanup in legacy system, author of PR kernelci/kernelci-core#1505
expressed interest in enabling landlock tests.
Let's do first step and enable landlock tests at least on x86 devices.

Signed-off-by: Denys Fedoryshchenko <[email protected]>
nuclearcat added a commit to nuclearcat/kernelci-pipeline that referenced this pull request Jul 16, 2024
@nuclearcat
pipeline.yaml: Add kselftest-landlock to x86 devices
fc29bb1 
During cleanup in legacy system, author of PR kernelci/kernelci-core#1505
expressed interest in enabling landlock tests.
Let's do first step and enable landlock tests at least on x86 devices.

Signed-off-by: Denys Fedoryshchenko <[email protected]>
@nuclearcat
Copy link
Member

Here is one of landlock tests, as i noticed many of them failing, is there any reasons of that?
https://lava.collabora.dev/scheduler/job/14845964
We have 3 tests on x86 with similar results:
https://staging.kernelci.org:9000/viewer?node_id=66966eb5da7340a76c33fb03
https://staging.kernelci.org:9000/viewer?node_id=66966eb4da7340a76c33fb02
https://staging.kernelci.org:9000/viewer?node_id=66966eb3da7340a76c33fb01
Sorry for viewer, it is internal debugger, you can check log of boot if you press "LAVA Job" button.

Kernel config is mostly x86_64_defconfig with some hardware options enabled.

@l0kod
Copy link

l0kod commented Jul 16, 2024
edited
Loading

Here is one of landlock tests, as i noticed many of them failing, is there any reasons of that? https://lava.collabora.dev/scheduler/job/14845964 We have 3 tests on x86 with similar results: https://staging.kernelci.org:9000/viewer?node_id=66966eb5da7340a76c33fb03 https://staging.kernelci.org:9000/viewer?node_id=66966eb4da7340a76c33fb02 https://staging.kernelci.org:9000/viewer?node_id=66966eb3da7340a76c33fb01 Sorry for viewer, it is internal debugger, you can check log of boot if you press "LAVA Job" button.

Kernel config is mostly x86_64_defconfig with some hardware options enabled.

Landlock needs to be enabled in the kernel. The only non-default config to set should be CONFIG_SECURITY_LANDLOCK=y

All the required kernel options are listed (and kept up-to-date) in tools/testing/selftests/landlock/config (as for most Kselftest's required configurations). Would it be possible for KernelCI to use the Kselftests' kernel configurations for the selected tests?

@l0kod
Copy link

l0kod commented Jul 16, 2024

It was working on x86 sona: #1524

@nuclearcat
Copy link
Member

Yes, I think we will need to add a separate option to enable selected kselftest config options.

Based on prior experience, we must be careful, as I recall some networking kselftests configs breaking network boot in labs. However, landlock and a few others should be safe. I also remember some options increasing the kernel size to a level that prevents booting on certain boards.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gctucker gctucker gctucker left review comments

Assignees

@nuclearcat nuclearcat

Labels
staging-skip Don't test automatically on staging.kernelci.org
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@broonie @nuclearcat @gctucker @l0kod @padovan