diff options
author | Robert Scott <code@humanleg.org.uk> | 2021-08-11 22:35:27 +0100 |
---|---|---|
committer | Robert Scott <code@humanleg.org.uk> | 2021-08-14 11:52:11 +0100 |
commit | dca4f328194d8778b9b58adde2ab07e82d3fd596 (patch) | |
tree | f366882296a52accabe13bd466bc9a1805b4e850 /nixos/tests/hardened.nix | |
parent | 773426cc24e4ef6a908ef62a95bdf83bddb2ab54 (diff) |
graphene-hardened-malloc: 2 -> 8
significantly overhaul tests to cover build-time-linking and LD_PRELOAD use, simplifying the hardened nixos test to allow it to reuse this test setup.
Diffstat (limited to 'nixos/tests/hardened.nix')
-rw-r--r-- | nixos/tests/hardened.nix | 28 |
1 files changed, 2 insertions, 26 deletions
diff --git a/nixos/tests/hardened.nix b/nixos/tests/hardened.nix index 485efc0fb78c4..a0b629086b5ad 100644 --- a/nixos/tests/hardened.nix +++ b/nixos/tests/hardened.nix @@ -33,18 +33,7 @@ import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... } : { testScript = let - hardened-malloc-tests = pkgs.stdenv.mkDerivation { - name = "hardened-malloc-tests-${pkgs.graphene-hardened-malloc.version}"; - src = pkgs.graphene-hardened-malloc.src; - buildPhase = '' - cd test/simple-memory-corruption - make -j4 - ''; - - installPhase = '' - find . -type f -executable -exec install -Dt $out/bin '{}' + - ''; - }; + hardened-malloc-tests = pkgs.graphene-hardened-malloc.ld-preload-tests; in '' machine.wait_for_unit("multi-user.target") @@ -107,20 +96,7 @@ import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... } : { machine.fail("systemctl kexec") - # Test hardened memory allocator - def runMallocTestProg(prog_name, error_text): - text = "fatal allocator error: " + error_text - if not text in machine.fail( - "${hardened-malloc-tests}/bin/" - + prog_name - + " 2>&1" - ): - raise Exception("Hardened malloc does not work for {}".format(error_text)) - - with subtest("The hardened memory allocator works"): - runMallocTestProg("double_free_large", "invalid free") - runMallocTestProg("unaligned_free_small", "invalid unaligned free") - runMallocTestProg("write_after_free_small", "detected write after free") + machine.succeed("${hardened-malloc-tests}/bin/run-tests") ''; }) |