selftest: always dump output on coverage failure for CI debugging #54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: vock CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| selftest: | |
| name: ${{ matrix.arch }} | |
| runs-on: ${{ matrix.runner }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - arch: x86_64 | |
| runner: ubuntu-latest | |
| - arch: arm64 | |
| runner: ubuntu-24.04-arm | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Enable KVM group perms | |
| run: | | |
| if [ "$(uname -m)" = "x86_64" ]; then | |
| echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' \ | |
| | sudo tee /etc/udev/rules.d/99-kvm4all.rules | |
| sudo udevadm control --reload-rules | |
| sudo udevadm trigger --name-match=kvm | |
| fi | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install clang flex bison bc dwarves pahole libelf-dev \ | |
| libssl-dev kmod libncurses-dev git \ | |
| python3-pip python3-venv qemu-system curl \ | |
| kcapi-tools # For kernel crypto subsystem coverage test | |
| python3 -m venv venv-virtme | |
| source venv-virtme/bin/activate | |
| pip3 install git+https://github.com/arighi/virtme-ng.git | |
| echo "#### INFO ####" | |
| clang --version | head -1 | |
| uname -m | |
| if [ -w /dev/kvm ]; then | |
| echo "Can use KVM guest mode" | |
| else | |
| echo "Can't use KVM guest mode" | |
| fi | |
| echo "##############" | |
| git clone -b staging-testing --depth 1 \ | |
| https://kernel.googlesource.com/pub/scm/linux/kernel/git/gregkh/staging | |
| - name: Install rust | |
| run: | | |
| curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y | |
| cargo install bindgen-cli | |
| rustup component add rust-src | |
| - name: Build vock | |
| run: | | |
| make CC=clang | |
| - name: vock selftest | |
| run: | | |
| source venv-virtme/bin/activate | |
| set +e | |
| # KVM Guest HW mode arm64 not available in Github CI | |
| # KVM Guest HW mode Intel PT not available in Github CI | |
| # CVE-2024-53135 | |
| # https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e6716f4230a | |
| # KVM Guest HW mode AMD LBR are only available in Github CI | |
| if [ "$(uname -m)" = "x86_64" ]; then | |
| echo "Test 1: KCOV + syscall syzlang engines on KVM guest" | |
| ./vock selftest 1 -v --on vng-kvm --kernel-src staging --vmlinux staging/vmlinux | |
| echo "Test 2.1: Host HW + syscall syzlang engines" | |
| sudo ./vock selftest 2 -v --on host --kernel-src staging --vmlinux staging/vmlinux | |
| echo "Test 2.2: KVM Guest HW + syscall syzlang engines" | |
| ./vock selftest 2 -v --on vng-kvm --kernel-src staging --vmlinux staging/vmlinux | |
| echo "Test 2.3: KVM Guest HW + syscall syzlang engines" | |
| ./vock selftest 2 -v --on vng-kvm --kernel-src staging --vmlinux staging/vmlinux | |
| else | |
| echo "Test 1: KCOV + syscall syzlang engines on KVM guest" | |
| ./vock selftest 1 -v --on vng-tcg --kernel-src staging --vmlinux staging/vmlinux | |
| echo "Test 2.1: Host HW + syscall syzlang engines" | |
| sudo ./vock selftest 2 -v --on host --kernel-src staging --vmlinux staging/vmlinux | |
| echo "Test 2.2: VM Guest HW + syscall syzlang engines" | |
| ./vock selftest 2 -v --on vng-tcg --kernel-src staging --vmlinux staging/vmlinux | |
| echo "Test 2.3: VM Guest HW + syscall syzlang engines" | |
| ./vock selftest 2 -v --on vng-tcg --kernel-src staging --vmlinux staging/vmlinux | |
| fi | |
| set -e | |
| - name: "Report" | |
| run: | | |
| sudo dmesg | |