On Wed, Nov 4, 2020 at 5:49 PM Richard Haines
<richard_c_haines@xxxxxxxxxxxxxx> wrote:
>
> Use the Linux audit services to look for specific events and trigger
> the correct test exit code.
>
> This is useful for tests that fail on a socket timeout where they
> hang around for x seconds before exiting. The audit service will detect
> the event as it occurred based on AVC entry scontext= and optionally, a
> regex (e.g. "denied.*\\{ recv \\}") entry.
I have mixed feelings about this approach, because then the tests
won't be able to detect a bug where an audit record would be produced,
but the message would be delivered anyway (a few moments later). OTOH
the massive speedup is very tempting... :)
One possible alternative could be to calibrate how long it takes
between sending and receiving an SCTP message on the given system at
the beginning of the test, multiply the max value by some factor (1.5?
2?), and use it as the timeout. But then this wouldn't help in cases
where the latency just spikes very high occasionally... (which I think
is what happens in cases of the random failures we have been seeing
sometimes)
Another option would be to run the tests asynchronously, but that
comes with its own set of problems...
Paul, Stephen, any thoughts?
>
> Without this patch sctp tests take ~2.6 min, with patch ~4 secs.
>
> Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
> ---
> README.md | 5 +-
> policy/test_sctp.te | 1 +
> tests/sctp/Makefile | 2 +-
> tests/sctp/sctp_asconf_params_client.c | 51 ++++++++++++-
> tests/sctp/sctp_client.c | 52 ++++++++++++--
> tests/sctp/sctp_common.c | 99 ++++++++++++++++++++++++++
> tests/sctp/sctp_common.h | 11 +++
> tests/sctp/test | 50 ++++++-------
> travis-ci/run-testsuite.sh | 1 +
> 9 files changed, 237 insertions(+), 35 deletions(-)
[...]
--
Ondrej Mosnacek
Software Engineer, Platform Security - SELinux kernel
Red Hat, Inc.
