initial buildroot for linux 5.15

This commit is contained in:
Huan.Feng
2021-12-06 14:12:13 +08:00
parent d7767d594e
commit 7b6fc358fa
12736 changed files with 508822 additions and 0 deletions
@@ -0,0 +1 @@
source "$BR2_EXTERNAL_DETECT_BAD_ARCH_PATH/package/detect-bad-arch/Config.in"
@@ -0,0 +1 @@
name: DETECT_BAD_ARCH
@@ -0,0 +1 @@
include $(sort $(wildcard $(BR2_EXTERNAL_DETECT_BAD_ARCH_PATH)/package/*/*.mk))
@@ -0,0 +1,4 @@
config BR2_PACKAGE_DETECT_BAD_ARCH
bool
default y
@@ -0,0 +1,15 @@
################################################################################
#
# detect-bad-arch
#
################################################################################
define DETECT_BAD_ARCH_BUILD_CMDS
echo "int main(void) { return 0; }" | $(HOSTCC) -x c -o $(@D)/foo -
endef
define DETECT_BAD_ARCH_INSTALL_TARGET_CMDS
$(INSTALL) -D -m 0755 $(@D)/foo $(TARGET_DIR)/usr/bin/foo
endef
$(eval $(generic-package))
@@ -0,0 +1 @@
name: CPE_ID
@@ -0,0 +1 @@
include $(sort $(wildcard $(BR2_EXTERNAL_CPE_ID_PATH)/package/*/*.mk))
@@ -0,0 +1,4 @@
CPE_ID_PKG1_VERSION = 42
$(eval $(generic-package))
$(eval $(host-generic-package))
@@ -0,0 +1,3 @@
CPE_ID_PKG2_VERSION = 67
$(eval $(host-generic-package))
@@ -0,0 +1,5 @@
CPE_ID_PKG3_VERSION = 67
CPE_ID_PKG3_CPE_ID_VENDOR = cpe-id-pkg3_project
$(eval $(generic-package))
$(eval $(host-generic-package))
@@ -0,0 +1,9 @@
CPE_ID_PKG4_VERSION = 67
CPE_ID_PKG4_CPE_ID_VENDOR = foo
CPE_ID_PKG4_CPE_ID_PRODUCT = bar
CPE_ID_PKG4_CPE_ID_VERSION = 42
CPE_ID_PKG4_CPE_ID_UPDATE = b2
CPE_ID_PKG4_CPE_ID_PREFIX = cpe:2.4:a
$(eval $(generic-package))
$(eval $(host-generic-package))
@@ -0,0 +1,16 @@
CPE_ID_PKG5_VERSION = 57
CPE_ID_PKG5_CPE_ID_VENDOR = foo
CPE_ID_PKG5_CPE_ID_PRODUCT = bar
CPE_ID_PKG5_CPE_ID_VERSION = 42
CPE_ID_PKG5_CPE_ID_UPDATE = b2
CPE_ID_PKG5_CPE_ID_PREFIX = cpe:2.4:a
HOST_CPE_ID_PKG5_CPE_ID_VENDOR = baz
HOST_CPE_ID_PKG5_CPE_ID_PRODUCT = fuz
HOST_CPE_ID_PKG5_CPE_ID_VERSION = 43
HOST_CPE_ID_PKG5_CPE_ID_UPDATE = b3
HOST_CPE_ID_PKG5_CPE_ID_PREFIX = cpe:2.5:a
$(eval $(generic-package))
$(eval $(host-generic-package))
@@ -0,0 +1,7 @@
# <name> <type> <mode> <uid> <gid> <major> <minor> <start> <inc> <count>
/usr/sbin/getcap f 755 0 0 - - - - -
|xattr cap_sys_nice+eip
# leading spaces are ignored for xattr
|xattr cap_kill+eip
# leading tabs are ignored for xattr
|xattr cap_sys_time+eip
+12
View File
@@ -0,0 +1,12 @@
#!/bin/sh
(
printf "arg1,%s\n" "${1}"
printf "arg2,%s\n" "${2}"
printf "arg3,%s\n" "${3}"
printf "TARGET_DIR,%s\n" "${TARGET_DIR}"
printf "BUILD_DIR,%s\n" "${BUILD_DIR}"
printf "HOST_DIR,%s\n" "${HOST_DIR}"
printf "STAGING_DIR,%s\n" "${STAGING_DIR}"
printf "BINARIES_DIR,%s\n" "${BINARIES_DIR}"
printf "BR2_CONFIG,%s\n" "${BR2_CONFIG}"
) > ${BUILD_DIR}/$(basename "${0}" .sh).log
+1
View File
@@ -0,0 +1 @@
post-build.sh
+1
View File
@@ -0,0 +1 @@
post-build.sh
@@ -0,0 +1 @@
foobar
@@ -0,0 +1 @@
barfoo
@@ -0,0 +1 @@
CONFIG_SQUASHFS_XATTR=y
@@ -0,0 +1,18 @@
import infra
import infra.basetest
class DetectBadArchTest(infra.basetest.BRConfigTest):
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + infra.basetest.MINIMAL_CONFIG
br2_external = [infra.filepath("tests/core/br2-external/detect-bad-arch")]
def test_run(self):
with self.assertRaises(SystemError):
self.b.build()
logf_path = infra.log_file_path(self.b.builddir, "build",
infra.basetest.BRConfigTest.logtofile)
if logf_path:
s = 'ERROR: architecture for "/usr/bin/foo" is'
with open(logf_path, "r") as f:
lines = [line for line in f.readlines() if line.startswith(s)]
self.assertEqual(len(lines), 1)
+110
View File
@@ -0,0 +1,110 @@
import infra
import subprocess
import json
class CpeIdTest(infra.basetest.BRConfigTest):
config = ""
br2_external = [infra.filepath("tests/core/cpeid-br2-external")]
def get_vars(self, var):
cmd = ["make", "--no-print-directory", "-C", self.b.builddir,
"VARS=%s%%" % var, "printvars"]
lines = subprocess.check_output(cmd).splitlines()
return dict([str(x, "utf-8").split("=") for x in lines])
def get_json(self, pkg):
cmd = ["make", "--no-print-directory", "-C", self.b.builddir,
"%s-show-info" % pkg]
return json.loads(subprocess.check_output(cmd))
def test_pkg1(self):
# this package has no CPE ID information, it should not have
# any CPE_ID variable defined.
pkg_vars = self.get_vars("CPE_ID_PKG1_CPE_ID")
cpe_vars = ["CPE_ID_VALID", "CPE_ID_PRODUCT", "CPE_ID_VERSION", "CPE_ID_UPDATE",
"CPE_ID_PREFIX", "CPE_ID"]
for v in cpe_vars:
self.assertNotIn("CPE_ID_PKG1_%s" % v, pkg_vars)
pkg_json = self.get_json("cpe-id-pkg1")
self.assertNotIn("cpe-id", pkg_json['cpe-id-pkg1'])
pkg_vars = self.get_vars("HOST_CPE_ID_PKG1_CPE_ID")
for v in cpe_vars:
self.assertNotIn("HOST_CPE_ID_PKG1_%s" % v, pkg_vars)
pkg_json = self.get_json("host-cpe-id-pkg1")
self.assertNotIn("cpe-id", pkg_json['host-cpe-id-pkg1'])
def test_pkg2(self):
# this package has no CPE ID information, it should not have
# any CPE_ID variable defined.
pkg_vars = self.get_vars("HOST_CPE_ID_PKG2_CPE_ID")
cpe_vars = ["CPE_ID_VALID", "CPE_ID_PRODUCT", "CPE_ID_VERSION", "CPE_ID_UPDATE",
"CPE_ID_PREFIX", "CPE_ID"]
for v in cpe_vars:
self.assertNotIn("HOST_CPE_ID_PKG2_%s" % v, pkg_vars)
pkg_json = self.get_json("host-cpe-id-pkg2")
self.assertNotIn("cpe-id", pkg_json['host-cpe-id-pkg2'])
def test_pkg3(self):
# this package has just <pkg>_CPE_ID_VENDOR defined, so verify
# it has the default CPE_ID value, and that inheritance of the
# values for the host package is working
pkg_vars = self.get_vars("CPE_ID_PKG3_CPE_ID")
self.assertEqual(pkg_vars["CPE_ID_PKG3_CPE_ID"],
"cpe:2.3:a:cpe-id-pkg3_project:cpe-id-pkg3:67:*:*:*:*:*:*:*")
self.assertEqual(pkg_vars["CPE_ID_PKG3_CPE_ID_VALID"], "YES")
pkg_json = self.get_json("cpe-id-pkg3")
self.assertEqual(pkg_json['cpe-id-pkg3']['cpe-id'],
"cpe:2.3:a:cpe-id-pkg3_project:cpe-id-pkg3:67:*:*:*:*:*:*:*")
pkg_vars = self.get_vars("HOST_CPE_ID_PKG3_CPE_ID")
self.assertEqual(pkg_vars["HOST_CPE_ID_PKG3_CPE_ID"],
"cpe:2.3:a:cpe-id-pkg3_project:cpe-id-pkg3:67:*:*:*:*:*:*:*")
self.assertEqual(pkg_vars["HOST_CPE_ID_PKG3_CPE_ID_VALID"], "YES")
pkg_json = self.get_json("host-cpe-id-pkg3")
self.assertEqual(pkg_json['host-cpe-id-pkg3']['cpe-id'],
"cpe:2.3:a:cpe-id-pkg3_project:cpe-id-pkg3:67:*:*:*:*:*:*:*")
def test_pkg4(self):
# this package defines
# <pkg>_CPE_ID_{VENDOR,PRODUCT,VERSION,UPDATE,PREFIX},
# make sure we get the computed <pkg>_CPE_ID, and that it is
# inherited by the host variant
pkg_vars = self.get_vars("CPE_ID_PKG4_CPE_ID")
self.assertEqual(pkg_vars["CPE_ID_PKG4_CPE_ID"],
"cpe:2.4:a:foo:bar:42:b2:*:*:*:*:*:*")
self.assertEqual(pkg_vars["CPE_ID_PKG4_CPE_ID_VALID"], "YES")
pkg_json = self.get_json("cpe-id-pkg4")
self.assertEqual(pkg_json['cpe-id-pkg4']['cpe-id'],
"cpe:2.4:a:foo:bar:42:b2:*:*:*:*:*:*")
pkg_vars = self.get_vars("HOST_CPE_ID_PKG4_CPE_ID")
self.assertEqual(pkg_vars["HOST_CPE_ID_PKG4_CPE_ID"],
"cpe:2.4:a:foo:bar:42:b2:*:*:*:*:*:*")
self.assertEqual(pkg_vars["HOST_CPE_ID_PKG4_CPE_ID_VALID"], "YES")
pkg_json = self.get_json("host-cpe-id-pkg4")
self.assertEqual(pkg_json['host-cpe-id-pkg4']['cpe-id'],
"cpe:2.4:a:foo:bar:42:b2:*:*:*:*:*:*")
def test_pkg5(self):
# this package defines
# <pkg>_CPE_ID_{VENDOR,PRODUCT,VERSION,UPDATE,PREFIX} and
# HOST_<pkg>_CPE_ID_{VENDOR,PRODUCT,VERSION,UPDATE,PREFIX}
# separately, with different values. Make sure we get the
# right <pkg>_CPE_ID and HOST_<pkg>_CPE_ID values.
pkg_vars = self.get_vars("CPE_ID_PKG5_CPE_ID")
self.assertEqual(pkg_vars["CPE_ID_PKG5_CPE_ID"],
"cpe:2.4:a:foo:bar:42:b2:*:*:*:*:*:*")
self.assertEqual(pkg_vars["CPE_ID_PKG5_CPE_ID_VALID"], "YES")
pkg_json = self.get_json("cpe-id-pkg5")
self.assertEqual(pkg_json['cpe-id-pkg5']['cpe-id'],
"cpe:2.4:a:foo:bar:42:b2:*:*:*:*:*:*")
pkg_vars = self.get_vars("HOST_CPE_ID_PKG5_CPE_ID")
self.assertEqual(pkg_vars["HOST_CPE_ID_PKG5_CPE_ID"],
"cpe:2.5:a:baz:fuz:43:b3:*:*:*:*:*:*")
self.assertEqual(pkg_vars["HOST_CPE_ID_PKG5_CPE_ID_VALID"], "YES")
pkg_json = self.get_json("host-cpe-id-pkg5")
self.assertEqual(pkg_json['host-cpe-id-pkg5']['cpe-id'],
"cpe:2.5:a:baz:fuz:43:b3:*:*:*:*:*:*")
@@ -0,0 +1,46 @@
import os
import infra.basetest
class TestFileCapabilities(infra.basetest.BRTest):
config = \
"""
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_ROOTFS_DEVICE_TABLE="system/device_table.txt {}"
BR2_ROOTFS_DEVICE_TABLE_SUPPORTS_EXTENDED_ATTRIBUTES=y
BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.19.204"
BR2_LINUX_KERNEL_DEFCONFIG="vexpress"
BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES="{}"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="vexpress-v2p-ca9"
BR2_PACKAGE_LIBCAP=y
BR2_PACKAGE_LIBCAP_TOOLS=y
BR2_TARGET_ROOTFS_SQUASHFS=y
# BR2_TARGET_ROOTFS_TAR is not set
""".format(infra.filepath("tests/core/device_table2.txt"),
infra.filepath("tests/core/squashfs-xattr-kernel.config"))
def test_run(self):
img = os.path.join(self.builddir, "images", "rootfs.squashfs")
infra.img_round_power2(img)
self.emulator.boot(arch="armv7",
kernel=os.path.join(self.builddir, "images", "zImage"),
kernel_cmdline=["root=/dev/mmcblk0",
"rootfstype=squashfs"],
options=["-drive", "file={},if=sd,format=raw".format(img),
"-M", "vexpress-a9",
"-dtb", os.path.join(self.builddir, "images", "vexpress-v2p-ca9.dtb")])
self.emulator.login()
cmd = "getcap -v /usr/sbin/getcap"
output, _ = self.emulator.run(cmd)
self.assertIn("cap_kill", output[0])
self.assertIn("cap_sys_nice", output[0])
self.assertIn("cap_sys_time", output[0])
self.assertIn("=eip", output[0])
@@ -0,0 +1,115 @@
import os
import json
import infra.basetest
class TestHardeningBase(infra.basetest.BRTest):
config = \
"""
BR2_powerpc64=y
BR2_powerpc_e5500=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="https://toolchains.bootlin.com/downloads/releases/toolchains/powerpc64-e5500/tarballs/powerpc64-e5500--glibc--stable-2018.02-2.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_GCC_6=y
BR2_TOOLCHAIN_EXTERNAL_HEADERS_4_1=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_PACKAGE_LIGHTTPD=y
BR2_PACKAGE_HOST_CHECKSEC=y
# BR2_TARGET_ROOTFS_TAR is not set
"""
checksec_files = ["usr/sbin/lighttpd", "bin/busybox"]
def checksec_run(self, target_file):
filepath = os.path.join(self.builddir, "target", target_file)
cmd = ["host/bin/checksec", "--format=json",
"--file={}".format(filepath)]
# Checksec is being used for elf file analysis only. There are no
# assumptions of target/run-time checks as part of this testing.
ret = infra.run_cmd_on_host(self.builddir, cmd)
return json.loads(ret)
class TestRelro(TestHardeningBase):
config = TestHardeningBase.config + \
"""
BR2_RELRO_FULL=y
"""
def test_run(self):
for f in self.checksec_files:
out = self.checksec_run(f)
filepath = os.path.join(self.builddir, "target", f)
self.assertEqual(out[filepath]["relro"], "full")
self.assertEqual(out[filepath]["pie"], "yes")
class TestRelroPartial(TestHardeningBase):
config = TestHardeningBase.config + \
"""
BR2_RELRO_PARTIAL=y
# BR2_PIC_PIE is not set
"""
def test_run(self):
for f in self.checksec_files:
out = self.checksec_run(f)
filepath = os.path.join(self.builddir, "target", f)
self.assertEqual(out[filepath]["relro"], "partial")
self.assertEqual(out[filepath]["pie"], "no")
class TestSspNone(TestHardeningBase):
config = TestHardeningBase.config + \
"""
BR2_SSP_NONE=y
"""
def test_run(self):
for f in self.checksec_files:
out = self.checksec_run(f)
filepath = os.path.join(self.builddir, "target", f)
self.assertEqual(out[filepath]["canary"], "no")
class TestSspStrong(TestHardeningBase):
config = TestHardeningBase.config + \
"""
BR2_SSP_STRONG=y
"""
def test_run(self):
for f in self.checksec_files:
out = self.checksec_run(f)
filepath = os.path.join(self.builddir, "target", f)
self.assertEqual(out[filepath]["canary"], "yes")
class TestFortifyNone(TestHardeningBase):
config = TestHardeningBase.config + \
"""
BR2_FORTIFY_SOURCE_NONE=y
"""
def test_run(self):
for f in self.checksec_files:
out = self.checksec_run(f)
filepath = os.path.join(self.builddir, "target", f)
self.assertEqual(out[filepath]["fortified"], "0")
class TestFortifyConserv(TestHardeningBase):
config = TestHardeningBase.config + \
"""
BR2_FORTIFY_SOURCE_1=y
"""
def test_run(self):
for f in self.checksec_files:
out = self.checksec_run(f)
filepath = os.path.join(self.builddir, "target", f)
self.assertNotEqual(out[filepath]["fortified"], "0")
@@ -0,0 +1,48 @@
import os
import csv
import infra.basetest
class TestPostScripts(infra.basetest.BRTest):
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
"""
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
BR2_ROOTFS_POST_BUILD_SCRIPT="{}"
BR2_ROOTFS_POST_FAKEROOT_SCRIPT="{}"
BR2_ROOTFS_POST_IMAGE_SCRIPT="{}"
BR2_ROOTFS_POST_SCRIPT_ARGS="foobar baz"
""".format(infra.filepath("tests/core/post-build.sh"),
infra.filepath("tests/core/post-fakeroot.sh"),
infra.filepath("tests/core/post-image.sh"))
def check_post_log_file(self, f, what, target_dir):
lines = {}
with open(os.path.join(self.builddir, "build", f), newline='') as csvfile:
r = csv.reader(csvfile, delimiter=',')
for row in r:
lines[row[0]] = row[1]
self.assertEqual(lines["arg1"], what)
self.assertEqual(lines["arg2"], "foobar")
self.assertEqual(lines["arg3"], "baz")
self.assertEqual(lines["TARGET_DIR"], target_dir)
self.assertEqual(lines["BUILD_DIR"], os.path.join(self.builddir, "build"))
self.assertEqual(lines["HOST_DIR"], os.path.join(self.builddir, "host"))
staging = os.readlink(os.path.join(self.builddir, "staging"))
self.assertEqual(lines["STAGING_DIR"], staging)
self.assertEqual(lines["BINARIES_DIR"], os.path.join(self.builddir, "images"))
self.assertEqual(lines["BR2_CONFIG"], os.path.join(self.builddir, ".config"))
def test_run(self):
self.check_post_log_file("post-build.log",
os.path.join(self.builddir, "target"),
os.path.join(self.builddir, "target"))
self.check_post_log_file("post-fakeroot.log",
os.path.join(self.builddir, "build/buildroot-fs/tar/target"),
os.path.join(self.builddir, "build/buildroot-fs/tar/target"))
self.check_post_log_file("post-image.log",
os.path.join(self.builddir, "images"),
os.path.join(self.builddir, "target"))
@@ -0,0 +1,36 @@
import os
import infra.basetest
from crypt import crypt
class TestRootPassword(infra.basetest.BRTest):
password = "foo"
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
"""
BR2_TARGET_ROOTFS_CPIO=y
BR2_TARGET_ENABLE_ROOT_LOGIN=y
BR2_TARGET_GENERIC_ROOT_PASSWD="{}"
""".format(password)
def test_run(self):
# 1. Test by looking hash in the /etc/shadow
shadow = os.path.join(self.builddir, "target", "etc", "shadow")
with open(shadow, "r") as f:
users = f.readlines()
for user in users:
s = user.split(":")
n, h = s[0], s[1]
if n == "root":
# Fail if the account is disabled or no password is required
self.assertTrue(h not in ["", "*"])
# Fail if the hash isn't right
self.assertEqual(crypt(self.password, h), h)
# 2. Test by attempting to login
cpio_file = os.path.join(self.builddir, "images", "rootfs.cpio")
try:
self.emulator.boot(arch="armv7", kernel="builtin",
options=["-initrd", cpio_file])
self.emulator.login(self.password)
except SystemError:
self.fail("Unable to login with the password")
@@ -0,0 +1,30 @@
import os
import subprocess
import infra.basetest
def compare_file(file1, file2):
return subprocess.call(["cmp", file1, file2])
class TestRootfsOverlay(infra.basetest.BRTest):
rootfs_overlay_path = infra.filepath("tests/core/rootfs-overlay")
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
infra.basetest.MINIMAL_CONFIG + \
"""
BR2_ROOTFS_OVERLAY="{0}1 {0}2"
""".format(rootfs_overlay_path)
def test_run(self):
target_file = os.path.join(self.builddir, "target", "test-file1")
overlay_file = "{}1/test-file1".format(self.rootfs_overlay_path)
ret = compare_file(overlay_file, target_file)
self.assertEqual(ret, 0)
target_file = os.path.join(self.builddir, "target", "etc", "test-file2")
overlay_file = "{}2/etc/test-file2".format(self.rootfs_overlay_path)
ret = compare_file(overlay_file, target_file)
self.assertEqual(ret, 0)
@@ -0,0 +1,86 @@
import os
import infra.basetest
class TestSELinuxInfra(infra.basetest.BRTest):
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG +\
"""
BR2_PACKAGE_REFPOLICY=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_SETOOLS=y
BR2_TARGET_ROOTFS_CPIO=y
"""
def base_test_run(self):
cpio_file = os.path.join(self.builddir, "images", "rootfs.cpio")
self.emulator.boot(arch="armv5", kernel="builtin",
options=["-initrd", cpio_file])
self.emulator.login()
class TestSELinuxExtraModules(TestSELinuxInfra):
config = TestSELinuxInfra.config + \
"""
BR2_REFPOLICY_EXTRA_MODULES="ntp tor"
"""
def test_run(self):
TestSELinuxInfra.base_test_run(self)
out, ret = self.emulator.run("seinfo -t ntpd_t", 15)
self.assertEqual(ret, 0)
self.assertEqual(out[2].strip(), "ntpd_t")
out, ret = self.emulator.run("seinfo -t tor_t", 15)
self.assertEqual(ret, 0)
self.assertEqual(out[2].strip(), "tor_t")
class TestSELinuxExtraModulesDirs(TestSELinuxInfra):
config = TestSELinuxInfra.config + \
"""
BR2_REFPOLICY_EXTRA_MODULES_DIRS="{}"
""".format(infra.filepath("tests/core/test_selinux/extra_modules"))
def test_run(self):
TestSELinuxInfra.base_test_run(self)
out, ret = self.emulator.run("seinfo -t buildroot_test_t", 15)
self.assertEqual(ret, 0)
self.assertEqual(out[2].strip(), "buildroot_test_t")
class TestSELinuxCustomGit(TestSELinuxInfra):
config = TestSELinuxInfra.config + \
"""
BR2_PACKAGE_REFPOLICY_CUSTOM_GIT=y
BR2_PACKAGE_REFPOLICY_CUSTOM_REPO_URL="https://github.com/SELinuxProject/refpolicy.git"
BR2_PACKAGE_REFPOLICY_CUSTOM_REPO_VERSION="RELEASE_2_20200818"
"""
def test_run(self):
pass
class TestSELinuxPackage(TestSELinuxInfra):
br2_external = [infra.filepath("tests/core/test_selinux/br2_external")]
config = TestSELinuxInfra.config + \
"""
BR2_PACKAGE_SELINUX_TEST=y
"""
def test_run(self):
TestSELinuxInfra.base_test_run(self)
out, ret = self.emulator.run("seinfo -t ntpd_t", 15)
self.assertEqual(ret, 0)
self.assertEqual(out[2].strip(), "ntpd_t")
out, ret = self.emulator.run("seinfo -t tor_t", 15)
self.assertEqual(ret, 0)
self.assertEqual(out[2].strip(), "tor_t")
out, ret = self.emulator.run("seinfo -t buildroot_test_t", 15)
self.assertEqual(ret, 0)
self.assertEqual(out[2].strip(), "buildroot_test_t")
@@ -0,0 +1 @@
source "$BR2_EXTERNAL_SELINUX_PATH/package/selinux-test/Config.in"
@@ -0,0 +1 @@
name: SELINUX
@@ -0,0 +1 @@
include $(sort $(wildcard $(BR2_EXTERNAL_SELINUX_PATH)/package/*/*.mk))
@@ -0,0 +1,4 @@
config BR2_PACKAGE_SELINUX_TEST
bool "SELinux test package"
help
Test package for SELinux Buildroot helpers.
@@ -0,0 +1,9 @@
################################################################################
#
# SELinux test package
#
################################################################################
SELINUX_TEST_SELINUX_MODULES = ntp tor
$(eval $(generic-package))
@@ -0,0 +1 @@
## <summary>Buildroot rules</summary>
@@ -0,0 +1,3 @@
policy_module(buildroot, 1.0.0)
type buildroot_test_t;
@@ -0,0 +1 @@
## <summary>Buildroot rules</summary>
@@ -0,0 +1,3 @@
policy_module(buildroot, 1.0.0)
type buildroot_test_t;
@@ -0,0 +1,72 @@
import os
import infra.basetest
def boot_armv5_cpio(emulator, builddir):
img = os.path.join(builddir, "images", "rootfs.cpio")
emulator.boot(arch="armv5", kernel="builtin",
options=["-initrd", img])
emulator.login()
class TestNoTimezone(infra.basetest.BRTest):
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
"""
# BR2_TARGET_TZ_INFO is not set
BR2_TARGET_ROOTFS_CPIO=y
# BR2_TARGET_ROOTFS_TAR is not set
"""
def test_run(self):
boot_armv5_cpio(self.emulator, self.builddir)
tz, _ = self.emulator.run("TZ=UTC date +%Z")
self.assertEqual(tz[0].strip(), "UTC")
tz, _ = self.emulator.run("TZ=America/Los_Angeles date +%Z")
self.assertEqual(tz[0].strip(), "UTC")
class TestGlibcAllTimezone(infra.basetest.BRTest):
config = \
"""
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TARGET_TZ_INFO=y
BR2_TARGET_ROOTFS_CPIO=y
# BR2_TARGET_ROOTFS_TAR is not set
"""
def test_run(self):
boot_armv5_cpio(self.emulator, self.builddir)
tz, _ = self.emulator.run("date +%Z")
self.assertEqual(tz[0].strip(), "UTC")
tz, _ = self.emulator.run("TZ=UTC date +%Z")
self.assertEqual(tz[0].strip(), "UTC")
tz, _ = self.emulator.run("TZ=America/Los_Angeles date +%Z")
self.assertEqual(tz[0].strip(), "PST")
tz, _ = self.emulator.run("TZ=Europe/Paris date +%Z")
self.assertEqual(tz[0].strip(), "CET")
class TestGlibcNonDefaultLimitedTimezone(infra.basetest.BRTest):
config = \
"""
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TARGET_TZ_INFO=y
BR2_TARGET_TZ_ZONELIST="northamerica"
BR2_TARGET_LOCALTIME="America/New_York"
BR2_TARGET_ROOTFS_CPIO=y
# BR2_TARGET_ROOTFS_TAR is not set
"""
def test_run(self):
boot_armv5_cpio(self.emulator, self.builddir)
tz, _ = self.emulator.run("date +%Z")
self.assertEqual(tz[0].strip(), "EST")
tz, _ = self.emulator.run("TZ=UTC date +%Z")
self.assertEqual(tz[0].strip(), "UTC")
tz, _ = self.emulator.run("TZ=America/Los_Angeles date +%Z")
self.assertEqual(tz[0].strip(), "PST")
tz, _ = self.emulator.run("TZ=Europe/Paris date +%Z")
self.assertEqual(tz[0].strip(), "Europe")