QA Regression Testing

Merge ~p-pisati/qa-regression-testing:master into qa-regression-testing:master

  1. Git
  2. lp:~p-pisati/qa-regression-testing
  3. master
  4. Merge into master
Proposed by Paolo Pisati
Status: Merged
Merged at revision: b8aa41d845749105131870e5eb0c9a01edc962cc
Proposed branch: ~p-pisati/qa-regression-testing:master
Merge into: qa-regression-testing:master
Diff against target: 28 lines (+8/-2)
1 file modified
scripts/test-kernel-security.py (+8/-2)
Reviewer Review Type Date Requested Status
Steve Beattie Approve
Review via email: mp+414452@code.launchpad.net

Description of the change

Fix qa-regression-testing/test-kernel-security.py config checks on 5.15+ && ppc64el.

To post a comment you must log in.
Revision history for this message
Steve Beattie (sbeattie) wrote :

Thanks for noticing and submitting the merge request, LGTM.

It might be nice to land them in the enforcement file in debian.master/config/annotations as well.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/test-kernel-security.py b/scripts/test-kernel-security.py
2index 74a8d5c..ce8fdef 100755
3--- a/scripts/test-kernel-security.py
4+++ b/scripts/test-kernel-security.py
5@@ -112,6 +112,11 @@ class KernelSecurityBaseTest(testlib.TestlibCase):
6 if self.kernel_at_least('4.4'):
7 self.module_ronx_archs += ['arm64']
8
9+ # STRICT_MODULE_RWX is supported on ppc since 5.15
10+ if self.kernel_at_least('5.15'):
11+ self.module_ronx_archs += ['ppc64el']
12+
13+
14 self.sysctl = dict()
15 self.sysctl['hardlink'] = 'kernel/yama/protected_nonaccess_hardlinks'
16 self.sysctl['symlink'] = 'kernel/yama/protected_sticky_symlinks'
17@@ -2766,8 +2771,9 @@ class KernelSecurityConfigTest(KernelSecurityBaseTest):
18
19 expected = True
20 if not (self.dpkg_arch in ['amd64', 'i386', 'arm64'] or
21- (self.dpkg_arch in ['s390x'] and self.kernel_at_least('5.10'))):
22- self._skipped("DEBUG_WX is an x86, arm64, and s390x (5.10 and later) arch feature only")
23+ (self.dpkg_arch in ['s390x'] and self.kernel_at_least('5.10')) or
24+ (self.dpkg_arch in ['ppc64el'] and self.kernel_at_least('5.15'))):
25+ self._skipped("DEBUG_WX is an x86, arm64, s390x (5.10 and later) and ppc64el (5.15 and later) arch feature only")
26 expected = False
27 elif not self.kernel_at_least('4.4'):
28 # commit for DEBUG_WX was backported to 4.4, but only

Subscribers

People subscribed via source and target branches