-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #477 from liangxiao1/aws
test_boot_fipsenabled: updated the steps to enable fips in RHEL-10
- Loading branch information
Showing
7 changed files
with
27 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3723,7 +3723,7 @@ def test_cloudinit_clean_configs(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -447,7 +447,7 @@ def test_imds_tracer(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| xiliang | ||
| description: | | ||
|
|
@@ -988,7 +988,7 @@ def test_sys_read_capability(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -54,7 +54,7 @@ def test_create_bootc_disk_image(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -93,7 +93,7 @@ def test_boot_debugkernel(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
@@ -265,7 +265,7 @@ def test_boot_fipsenabled(self): | |
| utils_lib.run_cmd(self, 'sudo dmesg', msg='save dmesg') | ||
| cmd = 'sudo grubby --update-kernel=ALL --remove-args="fips=1"' | ||
| utils_lib.run_cmd(self, cmd, msg='Disable fips!') | ||
| else: | ||
| elif 'el8' in output or 'el9' in output: | ||
| fips_enable_cmd = 'sudo fips-mode-setup --enable' | ||
| out = utils_lib.run_cmd(self, fips_enable_cmd, msg='Enable fips!', timeout=600) | ||
| if 'No space left' in out: | ||
|
|
@@ -289,6 +289,17 @@ def test_boot_fipsenabled(self): | |
| utils_lib.run_cmd(self, 'sudo dmesg', msg='save dmesg') | ||
| cmd = 'sudo fips-mode-setup --disable' | ||
| utils_lib.run_cmd(self, cmd, msg='Disable fips!') | ||
| else: | ||
| # RHEL-65652 Remove fips-mode-setup, below steps are only for test purpose | ||
| boot_partition = utils_lib.run_cmd(self, 'findmnt --first --noheadings -o SOURCE /boot', msg='find boot partition') | ||
| boot_uuid = utils_lib.run_cmd(self, 'sudo blkid --output value --match-tag UUID {}'.format(boot_partition.strip('\n')),expect_ret=0,msg='find boot partition uuid') | ||
| fips_enable_cmd = 'sudo grubby --update-kernel=ALL --args="fips=1 boot=UUID={}"'.format(boot_uuid.strip('\n')) | ||
| out = utils_lib.run_cmd(self, fips_enable_cmd, msg='Enable fips!', timeout=600) | ||
| utils_lib.run_cmd(self, 'sudo reboot', msg='reboot system under test') | ||
| time.sleep(10) | ||
| utils_lib.init_connection(self, timeout=self.ssh_timeout) | ||
| utils_lib.run_cmd(self, 'cat /proc/cmdline', expect_kw='fips=1') | ||
| utils_lib.run_cmd(self, 'sudo dmesg', expect_kw="fips mode: enabled", msg='save dmesg') | ||
|
|
||
| def test_boot_hpet_mmap_enabled(self): | ||
| """ | ||
|
|
@@ -325,7 +336,7 @@ def test_boot_hpet_mmap_enabled(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
@@ -432,7 +443,7 @@ def test_boot_sev_snp(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
@@ -494,7 +505,7 @@ def test_boot_mem_encrypt_on(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
@@ -778,7 +789,7 @@ def test_launch_pingable(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
@@ -1678,7 +1689,7 @@ def tearDown(self): | |
| utils_lib.finish_case(self) | ||
| reboot_require = False | ||
| addon_args = ["hpet_mmap=1", "mitigations=auto,nosmt", "usbcore.quirks=quirks=0781:5580:bk,0a5c:5834:gij", | ||
| "nr_cpus=1","nr_cpus=2", "nr_cpus=4", "nr_cpus=5", "intel_iommu=on", "fips=1","mem_encrypt=on"] | ||
| "nr_cpus=1","nr_cpus=2", "nr_cpus=4", "nr_cpus=5", "intel_iommu=on", "fips=1","mem_encrypt=on","boot"] | ||
| cmdline = utils_lib.run_cmd(self, 'cat /proc/cmdline') | ||
| if cmdline: | ||
| for arg in addon_args: | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -1054,7 +1054,7 @@ def test_tcp_checksum_offload(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
@@ -1878,7 +1878,7 @@ def test_second_ip_hotplug_multi(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
@@ -2107,7 +2107,7 @@ def test_veth_nic_rx(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -129,7 +129,7 @@ def test_dnf_update(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -347,7 +347,7 @@ def test_tpm2_gettime(self): | |
| test_type: | ||
| functional | ||
| test_level: | ||
| Component | ||
| component | ||
| maintainer: | ||
| [email protected] | ||
| description: | | ||
|
|
||