From be0ec5528800be06382b887f0a975c75586f3c05 Mon Sep 17 00:00:00 2001 From: Riccardo Mancini Date: Fri, 16 Aug 2024 10:05:34 +0100 Subject: [PATCH 1/3] fix(test_snapshot): wait for VM to come up before snapshot When using guest kernel 6.1 these tests started failing. Waiting for the VM to come up before the snapshot fixes the problems. Signed-off-by: Riccardo Mancini --- tests/integration_tests/functional/test_api.py | 1 + tests/integration_tests/functional/test_snapshot_editor.py | 1 + 2 files changed, 2 insertions(+) diff --git a/tests/integration_tests/functional/test_api.py b/tests/integration_tests/functional/test_api.py index 91240b5b8d1..94ae1cd453b 100644 --- a/tests/integration_tests/functional/test_api.py +++ b/tests/integration_tests/functional/test_api.py @@ -1166,6 +1166,7 @@ def test_get_full_config_after_restoring_snapshot(microvm_factory, uvm_nano): } ] + uvm_nano.wait_for_up() snapshot = uvm_nano.snapshot_full() uvm2 = microvm_factory.build() uvm2.spawn() diff --git a/tests/integration_tests/functional/test_snapshot_editor.py b/tests/integration_tests/functional/test_snapshot_editor.py index 75e5bde6166..3790b69f610 100644 --- a/tests/integration_tests/functional/test_snapshot_editor.py +++ b/tests/integration_tests/functional/test_snapshot_editor.py @@ -27,6 +27,7 @@ def test_remove_regs(uvm_nano, microvm_factory): vm = uvm_nano vm.add_net_iface() vm.start() + vm.wait_for_up() snapshot = vm.snapshot_full() From 8f2bb3f4f9d3bfb0785ca8c9669ca18eece081f6 Mon Sep 17 00:00:00 2001 From: Riccardo Mancini Date: Fri, 16 Aug 2024 13:15:17 +0100 Subject: [PATCH 2/3] fix(test_rng): check virtio_rng is not available through sysfs On guest 6.1 on ARM instances we have a new paravirtualized SMCC TRNG device, which breaks the assumptions of test_rng_not_present. This patch changes the test to read the list of available hwrng devices and assert virtio_rng is not preset. Signed-off-by: Riccardo Mancini --- .../integration_tests/functional/test_rng.py | 22 +++++++++++-------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/tests/integration_tests/functional/test_rng.py b/tests/integration_tests/functional/test_rng.py index 502e47f943c..4cce6fd6e7c 100644 --- a/tests/integration_tests/functional/test_rng.py +++ b/tests/integration_tests/functional/test_rng.py @@ -5,6 +5,7 @@ import pytest from framework.utils import check_entropy +from host_tools.network import SSHConnection @pytest.fixture(params=[None]) @@ -22,6 +23,15 @@ def uvm_with_rng(uvm_plain, request): return uvm +def list_rng_available(ssh_connection: SSHConnection) -> list[str]: + """Returns a list of rng devices available in the VM""" + return ( + ssh_connection.check_output("cat /sys/class/misc/hw_random/rng_available") + .stdout.strip() + .split() + ) + + def test_rng_not_present(uvm_nano): """ Test a guest microVM *without* an entropy device and ensure that @@ -32,15 +42,9 @@ def test_rng_not_present(uvm_nano): vm.add_net_iface() vm.start() - # If the guest kernel has been built with the virtio-rng module - # the device should exist in the guest filesystem but we should - # not be able to get random numbers out of it. - cmd = "test -e /dev/hwrng" - vm.ssh.check_output(cmd) - - cmd = "dd if=/dev/hwrng of=/dev/null bs=10 count=1" - ecode, _, _ = vm.ssh.run(cmd) - assert ecode == 1 + assert not any( + rng.startswith("virtio_rng") for rng in list_rng_available(vm.ssh) + ), "virtio_rng device should not be available in the uvm" def test_rng_present(uvm_with_rng): From 7fe671208610c61c50b55e4fbe800599bc3e27d0 Mon Sep 17 00:00:00 2001 From: Riccardo Mancini Date: Fri, 16 Aug 2024 13:15:56 +0100 Subject: [PATCH 3/3] fix(test_rng): ensure virtio_rng is the current device used by hwrng ARM Uvm with 6.1 kernel have an additional SMCCC TRNG device which is paravirtualized by KVM. We need to ensure we are testing the virtio-rng device, which is the one picked up by default by the kernel, if available. Signed-off-by: Riccardo Mancini --- .../integration_tests/functional/test_rng.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/integration_tests/functional/test_rng.py b/tests/integration_tests/functional/test_rng.py index 4cce6fd6e7c..a52c94b7c66 100644 --- a/tests/integration_tests/functional/test_rng.py +++ b/tests/integration_tests/functional/test_rng.py @@ -32,6 +32,21 @@ def list_rng_available(ssh_connection: SSHConnection) -> list[str]: ) +def get_rng_current(ssh_connection: SSHConnection) -> str: + """Returns the current rng device used by hwrng""" + return ssh_connection.check_output( + "cat /sys/class/misc/hw_random/rng_current" + ).stdout.strip() + + +def assert_virtio_rng_is_current_hwrng_device(ssh_connection: SSHConnection): + """Asserts that virtio_rng is the current device used by hwrng""" + # we expect something like virtio_rng.0 + assert get_rng_current(ssh_connection).startswith( + "virtio_rng" + ), "virtio_rng device should be the current used by hwrng" + + def test_rng_not_present(uvm_nano): """ Test a guest microVM *without* an entropy device and ensure that @@ -54,6 +69,7 @@ def test_rng_present(uvm_with_rng): """ vm = uvm_with_rng + assert_virtio_rng_is_current_hwrng_device(vm.ssh) check_entropy(vm.ssh) @@ -64,6 +80,7 @@ def test_rng_snapshot(uvm_with_rng, microvm_factory): """ vm = uvm_with_rng + assert_virtio_rng_is_current_hwrng_device(vm.ssh) check_entropy(vm.ssh) snapshot = vm.snapshot_full() @@ -71,6 +88,7 @@ def test_rng_snapshot(uvm_with_rng, microvm_factory): new_vm.spawn() new_vm.restore_from_snapshot(snapshot, resume=True) new_vm.wait_for_up() + assert_virtio_rng_is_current_hwrng_device(new_vm.ssh) check_entropy(new_vm.ssh) @@ -203,6 +221,7 @@ def test_rng_bw_rate_limiter(uvm_with_rng): expected_kbps = size / refill_time + assert_virtio_rng_is_current_hwrng_device(vm.ssh) # Check the rate limiter using a request size equal to the size # of the token bucket. _check_entropy_rate_limited(vm.ssh, size, expected_kbps)