libxdk: Target now hides implementation details, StaticTarget merged … #449
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Run tests | |
| on: | |
| push: | |
| paths: | |
| - 'kxdb_tool/**' | |
| - 'libxdk/**' | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| target: | |
| description: 'Distro and release name' | |
| type: string | |
| required: false | |
| default: 'kernelctf lts-6.1.81' | |
| workflow_call: | |
| inputs: | |
| target: | |
| type: string | |
| silence_notifications: | |
| type: boolean | |
| required: false | |
| default: true | |
| permissions: {} | |
| jobs: | |
| tests: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Fix input variables | |
| id: vars | |
| env: | |
| target: ${{ inputs.target }} | |
| run: | | |
| target=${target:-kernelctf lts-6.1.81} | |
| echo "target=$target" >> $GITHUB_OUTPUT | |
| echo "logfn=${target// /_}" >> $GITHUB_OUTPUT | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: Enable KVM group perms | |
| run: | | |
| echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules | |
| sudo udevadm control --reload-rules | |
| sudo udevadm trigger --name-match=kvm | |
| - name: Install Linux package prerequisites | |
| run: | | |
| sudo apt-get update | |
| sudo apt remove parallel -yq | |
| sudo apt install -yq --no-install-recommends build-essential flex bison bc ca-certificates libelf-dev libssl-dev cpio pahole qemu-system-x86 libkeyutils-dev moreutils | |
| - name: Install tool prerequisites | |
| run: | | |
| cd kxdb_tool | |
| pip install -r requirements.txt | |
| - name: Environment info | |
| run: | | |
| set -x | |
| g++ --version | |
| ldd --version | |
| man parallel|cat | |
| - name: Download cached xdk_device module # to skip compilation and speedup tests | |
| if: ${{ steps.vars.outputs.target == 'kernelctf lts-6.1.81' }} | |
| # uploaded with "gsutil cp -Z -a public-read image_db/releases/kernelctf/lts-6.1.81/custom_modules.tar gs://kxdk/xdk_dev_lts6181_v1.tar" | |
| run: curl https://storage.googleapis.com/kxdk/xdk_dev_lts6181_v1.tar --create-dirs -o image_db/releases/kernelctf/lts-6.1.81/custom_modules.tar | |
| - name: Compile xdk_device for target | |
| if: ${{ steps.vars.outputs.target != 'kernelctf lts-6.1.81' }} | |
| run: | | |
| ./image_db/download_release.sh ${{steps.vars.outputs.target}} "vmlinuz,modules" | |
| ./image_db/collect_runtime_data.sh # we need version.txt for compiling the correct xdk_device module | |
| ./image_runner/compile_custom_modules.sh ${{steps.vars.outputs.target}} xdk_device | |
| - name: Test kxdb_tool | |
| if: ${{ success() || failure() }} | |
| working-directory: ./kxdb_tool | |
| run: ./test.sh | |
| - name: Build libxdk | |
| if: ${{ success() || failure() }} | |
| working-directory: ./libxdk | |
| run: ./build.sh | |
| - name: Test libxdk (local tests only) | |
| if: ${{ success() || failure() }} | |
| working-directory: ./libxdk | |
| run: ./run_local_tests.sh | |
| - name: Test libxdk (QEMU) | |
| if: ${{ success() || failure() }} | |
| working-directory: ./libxdk | |
| run: CUSTOM_MODULES_KEEP=1 timeout 2m ./run_tests.sh ${{ steps.vars.outputs.target }} 20 --tap | |
| - name: Move test results to separate dir | |
| if: ${{ success() || failure() }} | |
| working-directory: ./libxdk | |
| run: mv test_results test_results_prod | |
| - name: Build libxdk samples | |
| if: ${{ success() || failure() }} | |
| working-directory: ./libxdk | |
| run: PREREQ=1 ./build_samples.sh | |
| - name: Test libxdk's stack_pivot_and_rop sample | |
| if: ${{ success() || failure() }} | |
| working-directory: ./libxdk | |
| run: | | |
| for action in "test" "stability_test"; do | |
| KERNELXDK_INSTALL_PREFIX=$PWD KERNELXDK_LIB_DIR=$PWD/build CUSTOM_MODULES_KEEP=1 timeout 2m make -j`nproc` -C samples/stack_pivot_and_rop TARGET="${{ steps.vars.outputs.target }}" $action | |
| done | |
| - name: Test libxdk (local TODO tests only) | |
| if: ${{ success() || failure() }} | |
| continue-on-error: true | |
| working-directory: ./libxdk | |
| run: timeout 2m ./build.sh && build/test/kernelXDKTests --test-suites StaticTests --tests TODO | |
| - name: Test libxdk (QEMU TODO tests only) | |
| if: ${{ success() || failure() }} | |
| continue-on-error: true | |
| working-directory: ./libxdk | |
| run: CUSTOM_MODULES_KEEP=1 timeout 2m ./run_tests.sh ${{ steps.vars.outputs.target }} 1 --tap --test-suites RuntimeTests --tests TODO | |
| - name: Move test results to separate dir | |
| if: ${{ success() || failure() }} | |
| working-directory: ./libxdk | |
| run: mv test_results test_results_todo | |
| - name: Upload artifacts | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: logs_${{ steps.vars.outputs.logfn }} | |
| path: | | |
| libxdk/samples/**/exp | |
| libxdk/bin/test | |
| libxdk/test_results* | |
| image_db/releases/**/custom_modules.tar | |
| image_runner/test/stability_test_outputs | |
| - name: Send Google Chat Notification (on failure) | |
| if: ${{ failure() && !inputs.silence_notifications }} | |
| env: | |
| WEBHOOK_URL: ${{ secrets.WEBHOOK_EXPKIT }} | |
| run: node ./.github/scripts/send_notification.js |