+kernelci +collabora On 23/06/2021 15:38, Kees Cook wrote: > On Wed, Jun 23, 2021 at 01:39:57PM +0100, Guillaume Tucker wrote: >> On 19/06/2021 03:58, Kees Cook wrote: >>> Some environments do not set $SHELL when running tests. There's no need >>> to use $SHELL here anyway, so just replace it with hard-coded path >>> instead. Additionally avoid using bash-isms in the command, so that >>> regular /bin/sh can be used. >>> >>> Suggested-by: Guillaume Tucker <guillaume.tucker@xxxxxxxxxxxxx> >>> Fixes: 46d1a0f03d66 ("selftests/lkdtm: Add tests for LKDTM targets") >>> Cc: stable@xxxxxxxxxxxxxxx >>> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> >> >> >> Tested-by: "kernelci.org bot" <bot@xxxxxxxxxxxx> >> >> >> Sample staging results with this patch applied on top of >> next-20210622: >> >> https://staging.kernelci.org/test/plan/id/60d2dbdc3cfb88da0924bf41/ >> >> Full log: >> >> https://storage.staging.kernelci.org/kernelci/staging-next/staging-next-20210623.0/x86_64/x86_64_defconfig+x86-chromebook+kselftest/clang-13/lab-collabora/kselftest-lkdtm-asus-C523NA-A20057-coral.html > > Awesome! This looks great. :) > > What's needed to build these kernels will different CONFIGs? I see a > bunch of things (commonly found in distro kernels) that are not set: > > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_FORTIFY_SOURCE=y > CONFIG_HARDENED_USERCOPY=y > # CONFIG_HARDENED_USERCOPY_FALLBACK is not set > > Should I add these to the kselftest "config" file for LKDTM? Yes, that's the current way to do it. KernelCI is simply concatenating all the config files found under tools/testing/selftests into one big kselftest fragment which is then merged with the defconfig. We could enable arbitrary things for KernelCI but of course it's much better to not do that and stick to what's in the kernel tree. If you do send such a patch, please CC kernelci@xxxxxxxxx or myself and we can give it a spin on staging.kernelci.org as well. Best wishes, Guillaume