Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wip: new: role drivers test #84

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

wip: new: role drivers test #84

wants to merge 3 commits into from
+377 −98

Conversation

FedeDP
Copy link
Collaborator

@FedeDP FedeDP commented Feb 23, 2024

This PR adds a new drivers_test role to run drivers_test executable on each VM.
It requires the binary to be built on each VM because the drivers tests are bound to the running kernel.

In a simple test i took on amazonlinux2022-5.15, we have multiple failures:

  • Many tests that uses clone3 fail with EINVAL, most probably because the kernel was built without CONFIG_PID_NS option:

EINVAL CLONE_NEWPID was specified in the flags mask, but the
kernel was not configured with the CONFIG_PID_NS option.

(from https://man7.org/linux/man-pages/man2/clone.2.html).

  • execveX_not_upperlayer and execveX_upperlayer_success fail because they cannot mount overlayFS
  • process_vm_readvX_failure fails because apparently process_vm_readv syscall did not fail

I think all of these are addressable (most probably we just need to tweak the kernel config a bit, except for process_vm_readvX_failure that must be checked on its own)

@poiana
Copy link

poiana commented Feb 23, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@FedeDP
fix(ansible): fixed drivers_test role.
2be54f4 
Signed-off-by: Federico Di Pierro <[email protected]>
@poiana
Copy link

poiana commented May 28, 2024

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

@FedeDP
Copy link
Collaborator Author

FedeDP commented May 28, 2024

/remove-lifecycle stale

@poiana
Copy link

poiana commented Aug 26, 2024

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

@FedeDP
Copy link
Collaborator Author

FedeDP commented Aug 27, 2024

/remove-lifecycle stale

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alacuku alacuku Awaiting requested review from alacuku

@therealbobo therealbobo Awaiting requested review from therealbobo

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
approved dco-signoff: yes do-not-merge/work-in-progress size/XL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@FedeDP @poiana