Add more automatic tests (and increase the coverage)

4925c2ae · Alexander Popov · dc925368 · 4925c2ae
Commit 4925c2ae authored 2 years ago by Alexander Popov
Show whitespace changes
Inline Side-by-side

Showing with 13 additions and 12 deletions

main.yml .github/workflows/main.yml +13 -12

No files found.
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -37,13 +37,13 @@ jobs:
      run: |
        echo ">>>>> check all configs <<<<<"
        CONFIG_DIR=`find /opt/hostedtoolcache/Python/ -name config_files`
-        CONFIGS=`find $CONFIG_DIR -type f | grep "\.config"`
+        KCONFIGS=`find $CONFIG_DIR -type f | grep "\.config"`
        COUNT=0
-        for C in $CONFIGS
+        for C in $KCONFIGS
        do
                COUNT=$(expr $COUNT + 1)
                echo -e "\n>>>>> checking config number $COUNT <<<<<"
-                kconfig-hardened-check -c $C
+                kconfig-hardened-check -c $C -l /proc/cmdline
        done
        echo -e "\n>>>>> checking $COUNT configs is done <<<<<"

@@ -76,24 +76,25 @@ jobs:
        coverage run -a --branch bin/kconfig-hardened-check -p ARM -m verbose
        coverage run -a --branch bin/kconfig-hardened-check -p ARM -m json

-        echo ">>>>> use local cmdline as an example <<<<<"
-        cat /proc/cmdline
-
        echo ">>>>> check the example kconfig files and cmdline <<<<<"
+        cat /proc/cmdline
+        echo "l1tf=off mds=full randomize_kstack_offset=on iommu.passthrough=0" > ./cmdline_example
+        cat ./cmdline_example
        CONFIG_DIR=`find . -name config_files`
-        CONFIGS=`find $CONFIG_DIR -type f | grep "\.config"`
+        KCONFIGS=`find $CONFIG_DIR -type f | grep "\.config"`
        COUNT=0
-        for C in $CONFIGS
+        for C in $KCONFIGS
        do
                COUNT=$(expr $COUNT + 1)
                echo -e "\n>>>>> checking config number $COUNT <<<<<"
                coverage run -a --branch bin/kconfig-hardened-check -c $C
                coverage run -a --branch bin/kconfig-hardened-check -c $C -m verbose > /dev/null
                coverage run -a --branch bin/kconfig-hardened-check -c $C -l /proc/cmdline
-                coverage run -a --branch bin/kconfig-hardened-check -c $C -l /proc/cmdline -m verbose > /dev/null
-                coverage run -a --branch bin/kconfig-hardened-check -c $C -l /proc/cmdline -m json
-                coverage run -a --branch bin/kconfig-hardened-check -c $C -l /proc/cmdline -m show_ok
-                coverage run -a --branch bin/kconfig-hardened-check -c $C -l /proc/cmdline -m show_fail
+                coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example
+                coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -m verbose > /dev/null
+                coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -m json
+                coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -m show_ok
+                coverage run -a --branch bin/kconfig-hardened-check -c $C -l ./cmdline_example -m show_fail
        done
        echo -e "\n>>>>> checking $COUNT configs is done <<<<<"