wip: new: role drivers test #84
Conversation
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
…_test and scap-open. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: FedeDP The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
FedeDP
force-pushed
the
new/role_drivers_test
branch
from
250281d
to
2be54f4
Compare
|
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
|
/remove-lifecycle stale |
|
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
|
/remove-lifecycle stale |
This PR adds a new drivers_test role to run
drivers_testexecutable on each VM.It requires the binary to be built on each VM because the drivers tests are bound to the running kernel.
In a simple test i took on
amazonlinux2022-5.15, we have multiple failures:clone3fail with EINVAL, most probably because the kernel was built withoutCONFIG_PID_NSoption:(from https://man7.org/linux/man-pages/man2/clone.2.html).
execveX_not_upperlayerandexecveX_upperlayer_successfail because they cannot mount overlayFSprocess_vm_readvX_failurefails because apparentlyprocess_vm_readvsyscall did not failI think all of these are addressable (most probably we just need to tweak the kernel config a bit, except for
process_vm_readvX_failurethat must be checked on its own)