From: Lucas De Marchi Date: Sat, 21 Feb 2015 17:47:16 +0000 (-0200) Subject: testsuite: port signature-check modules to module-playground X-Git-Tag: v20~24 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3f0eb43b6de450bcf5f722da6567c452e417399d;p=thirdparty%2Fkmod.git testsuite: port signature-check modules to module-playground We use a "fake signature" to sign the modules. As far as kmod is concerned the signature fields are informational only. It's the kernel the responsible for checking it's valid. So what we are doing here is: pick the signatures of the ext4-x86_64.ko module and save as dummy.{hashalgo}. This signature is appended to the mod-simple.ko module so the ext4-x86_64.ko module can be removed from tree. --- diff --git a/testsuite/module-playground/dummy.sha1 b/testsuite/module-playground/dummy.sha1 new file mode 100644 index 00000000..bab65d32 Binary files /dev/null and b/testsuite/module-playground/dummy.sha1 differ diff --git a/testsuite/module-playground/dummy.sha256 b/testsuite/module-playground/dummy.sha256 new file mode 100644 index 00000000..fe16b017 Binary files /dev/null and b/testsuite/module-playground/dummy.sha256 differ diff --git a/testsuite/populate-modules.sh b/testsuite/populate-modules.sh index 938433d5..43fb8340 100755 --- a/testsuite/populate-modules.sh +++ b/testsuite/populate-modules.sh @@ -40,6 +40,8 @@ map=( ["test-modinfo/mod-simple-i386.ko"]="mod-simple-i386.ko" ["test-modinfo/mod-simple-x86_64.ko"]="mod-simple-x86_64.ko" ["test-modinfo/mod-simple-sparc64.ko"]="mod-simple-sparc64.ko" + ["test-modinfo/mod-simple-sha1.ko"]="mod-simple.ko" + ["test-modinfo/mod-simple-sha256.ko"]="mod-simple.ko" ) gzip_array=( @@ -48,6 +50,14 @@ gzip_array=( "test-depmod/modules-order-compressed/lib/modules/4.4.4/kernel/drivers/scsi/scsi_mod.ko" ) +attach_sha256_array=( + "test-modinfo/mod-simple-sha256.ko" + ) + +attach_sha1_array=( + "test-modinfo/mod-simple-sha1.ko" + ) + for k in ${!map[@]}; do dst=${ROOTFS}/$k src=${MODULE_PLAYGROUND}/${map[$k]} @@ -66,3 +76,11 @@ done for m in "${gzip_array[@]}"; do gzip $ROOTFS/$m done + +for m in "${attach_sha1_array[@]}"; do + cat ${MODULE_PLAYGROUND}/dummy.sha1 >> ${ROOTFS}/$m +done + +for m in "${attach_sha256_array[@]}"; do + cat ${MODULE_PLAYGROUND}/dummy.sha256 >> ${ROOTFS}/$m +done diff --git a/testsuite/rootfs-pristine/test-modinfo/correct-sig_hashalgo.txt b/testsuite/rootfs-pristine/test-modinfo/correct-sig_hashalgo.txt new file mode 100644 index 00000000..6d0223ef --- /dev/null +++ b/testsuite/rootfs-pristine/test-modinfo/correct-sig_hashalgo.txt @@ -0,0 +1,3 @@ +sha1 +sha256 + diff --git a/testsuite/rootfs-pristine/test-modinfo/correct-sig_key.txt b/testsuite/rootfs-pristine/test-modinfo/correct-sig_key.txt new file mode 100644 index 00000000..7dc4c6aa --- /dev/null +++ b/testsuite/rootfs-pristine/test-modinfo/correct-sig_key.txt @@ -0,0 +1,3 @@ +E3:C8:FC:A7:3F:B3:1D:DE:84:81:EF:38:E3:4C:DE:4B:0C:FD:1B:F9 +E3:C8:FC:A7:3F:B3:1D:DE:84:81:EF:38:E3:4C:DE:4B:0C:FD:1B:F9 + diff --git a/testsuite/rootfs-pristine/test-modinfo/correct-signer.txt b/testsuite/rootfs-pristine/test-modinfo/correct-signer.txt new file mode 100644 index 00000000..afe83df7 --- /dev/null +++ b/testsuite/rootfs-pristine/test-modinfo/correct-signer.txt @@ -0,0 +1,3 @@ +Magrathea: Glacier signing key +Magrathea: Glacier signing key + diff --git a/testsuite/rootfs-pristine/test-modinfo/ext4-x86_64-sha1.ko b/testsuite/rootfs-pristine/test-modinfo/ext4-x86_64-sha1.ko deleted file mode 100644 index 6e894f9d..00000000 Binary files a/testsuite/rootfs-pristine/test-modinfo/ext4-x86_64-sha1.ko and /dev/null differ diff --git a/testsuite/rootfs-pristine/test-modinfo/ext4-x86_64-sha256.ko b/testsuite/rootfs-pristine/test-modinfo/ext4-x86_64-sha256.ko deleted file mode 100644 index bf720088..00000000 Binary files a/testsuite/rootfs-pristine/test-modinfo/ext4-x86_64-sha256.ko and /dev/null differ diff --git a/testsuite/test-modinfo.c b/testsuite/test-modinfo.c index 9a57ea4d..48775020 100644 --- a/testsuite/test-modinfo.c +++ b/testsuite/test-modinfo.c @@ -27,12 +27,12 @@ static const char *progname = ABS_TOP_BUILDDIR "/tools/modinfo"; -#define DEFINE_MODINFO_TEST(_field) \ +#define DEFINE_MODINFO_TEST(_field, ...) \ static noreturn int test_modinfo_##_field(const struct test *t) \ { \ const char *const args[] = { \ progname, "-F", #_field ,\ - "/mod-simple-i386.ko", "/mod-simple-x86_64.ko", "/mod-simple-sparc64.ko", \ + __VA_ARGS__ , \ NULL, \ }; \ test_spawn_prog(progname, args); \ @@ -47,18 +47,33 @@ DEFINE_TEST(test_modinfo_##_field, \ .out = TESTSUITE_ROOTFS "test-modinfo/correct-" #_field ".txt", \ }) -DEFINE_MODINFO_TEST(filename); -DEFINE_MODINFO_TEST(author); -DEFINE_MODINFO_TEST(license); -DEFINE_MODINFO_TEST(description); -DEFINE_MODINFO_TEST(parm); -DEFINE_MODINFO_TEST(depends); +#define DEFINE_MODINFO_GENERIC_TEST(_field) \ + DEFINE_MODINFO_TEST(_field, \ + "/mod-simple-i386.ko", \ + "/mod-simple-x86_64.ko", \ + "/mod-simple-sparc64.ko") +#define DEFINE_MODINFO_SIGN_TEST(_field) \ + DEFINE_MODINFO_TEST(_field, \ + "/mod-simple-sha1.ko", \ + "/mod-simple-sha256.ko") + +DEFINE_MODINFO_GENERIC_TEST(filename); +DEFINE_MODINFO_GENERIC_TEST(author); +DEFINE_MODINFO_GENERIC_TEST(license); +DEFINE_MODINFO_GENERIC_TEST(description); +DEFINE_MODINFO_GENERIC_TEST(parm); +DEFINE_MODINFO_GENERIC_TEST(depends); + +DEFINE_MODINFO_SIGN_TEST(signer); +DEFINE_MODINFO_SIGN_TEST(sig_key); +DEFINE_MODINFO_SIGN_TEST(sig_hashalgo); + +#if 0 static noreturn int test_modinfo_signature(const struct test *t) { const char *const args[] = { progname, - "/ext4-x86_64-sha1.ko", "/ext4-x86_64-sha256.ko", NULL, }; @@ -66,12 +81,12 @@ static noreturn int test_modinfo_signature(const struct test *t) exit(EXIT_FAILURE); } DEFINE_TEST(test_modinfo_signature, - .description = "check if output for modinfo is correct for i686, ppc64, s390x and x86_64", + .description = "check signatures are correct for modinfo is correct for i686, ppc64, s390x and x86_64", .config = { [TC_ROOTFS] = TESTSUITE_ROOTFS "test-modinfo/", }, .output = { .out = TESTSUITE_ROOTFS "test-modinfo/correct.txt", }); - +#endif TESTSUITE_MAIN();