commit | 58114e79d3a16f6aa9c08795792b287338a518d7 | [log] [tgz] |
---|---|---|
author | Micah Morton <mortonm@chromium.org> | Thu May 17 11:08:21 2018 -0700 |
committer | chrome-bot <chrome-bot@chromium.org> | Wed Oct 31 12:42:23 2018 -0700 |
tree | d226ce111e36ad3c9c6d656353a069e32ea9500c | |
parent | 681b5324778b10a39a65ef243dd4cec41c0245af [diff] |
Add autotest for process management security policies CL:1055871 extends the chromiumos LSM to support configuring per-UID policies in CrOS that restrict which other UIDs can be switched to by processes spawned under the restricted UID. This autotest ensures that restricted users can only setuid() to UIDs approved by the security policy installed on the system. CQ-DEPEND=CL:1062656,CL:1068077,CL:1055871,CL:1296792,CL:1296793 BUG=chromium:845640 TEST=autotest passes with LSM functionality enabled and configured on DUT Change-Id: I9a9d5e8c1c1f507d46b905bb268a2184646547c0 Reviewed-on: https://chromium-review.googlesource.com/1064698 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Tested-by: Micah Morton <mortonm@chromium.org> Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Autotest is a framework for fully automated testing. It was originally designed to test the Linux kernel, and expanded by the Chrome OS team to validate complete system images of Chrome OS and Android.
Autotest is composed of a number of modules that will help you to do stand alone tests or setup a fully automated test grid, depending on what you are up to. A non extensive list of functionality is:
A body of code to run tests on the device under test. In this setup, test logic executes on the machine being tested, and results are written to files for later collection from a development machine or lab infrastructure.
A body of code to run tests against a remote device under test. In this setup, test logic executes on a development machine or piece of lab infrastructure, and the device under test is controlled remotely via SSH/adb/some combination of the above.
Developer tools to execute one or more tests. test_that
for Chrome OS and test_droid
for Android allow developers to run tests against a device connected to their development machine on their desk. These tools are written so that the same test logic that runs in the lab will run at their desk, reducing the number of configurations under which tests are run.
Lab infrastructure to automate the running of tests. This infrastructure is capable of managing and running tests against thousands of devices in various lab environments. This includes code for both synchronous and asynchronous scheduling of tests. Tests are run against this hardware daily to validate every build of Chrome OS.
Infrastructure to set up miniature replicas of a full lab. A full lab does entail a certain amount of administrative work which isn't appropriate for a work group interested in automated tests against a small set of devices. Since this scale is common during device bringup, a special setup, called Moblab, allows a natural progressing from desk -> mini lab -> full lab.
See the guides to test_that
and test_droid
:
See the best practices guide, existing tests, and comments in the code.
git clone https://chromium.googlesource.com/chromiumos/third_party/autotest
See the coding style guide for guidance on submitting patches.
You need to run utils/build_externals.py
to set up the dependencies for pre-upload hook tests.