Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							d235b31a09 
							
						 
					 
					
						
						
							
							T861: sign all Kernel modules with an ephemeral key  
						
						... 
						
						
						
						The shim review board (which is the secure boot base loader) recommends using
ephemeral keys when signing the Linux Kernel. This commit enables the Kernel
build system to generate a one-time ephemeral key that is used to:
* sign all build-in Kernel modules
* sign all other out-of-tree Kernel modules
The key lives in /tmp and is destroyed after the build container exits and is
named: "VyOS build time autogenerated kernel key".
In addition the Kernel now uses CONFIG_MODULE_SIG_FORCE. This now makes it
unable to load any Kernel Module to the image that is NOT signed by the
ephemeral key. 
						
						
					 
					
						2024-09-25 20:24:21 +02:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							d60f5222c2 
							
						 
					 
					
						
						
							
							tpm: T4919: Fix TPM test for changes in 7f23b57  
						
						
						
						
					 
					
						2024-09-17 11:30:36 +02:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							e35345a446 
							
						 
					 
					
						
						
							
							tpm: T4919: Fix check for /dev/tpm0  
						
						
						
						
					 
					
						2024-09-17 10:25:36 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							fd737172f1 
							
						 
					 
					
						
						
							
							T861: add UEFI Secure Boot support  
						
						... 
						
						
						
						This adds support for UEFI Secure Boot. It adds the missing pieces to the Linux
Kernel and enforces module signing. This results in an additional security
layer where untrusted (unsigned) Kernel modules can no longer be loaded into
the live system.
NOTE: This commit will not work unless signing keys are present. Arbitrary
keys can be generated using instructions found in:
  data/live-build-config/includes.chroot/var/lib/shim-signed/mok/README.md 
						
						
					 
					
						2024-09-14 23:05:23 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							e86bfd7ab9 
							
						 
					 
					
						
						
							
							Testsuite: T861: add explicit --smoketest argument  
						
						... 
						
						
						
						In the past the CLI based smoketest was always executed under an else branch in
the testcase if-statement. Instead of using negative logic move all testcases
to positive logic adding an empty "catch all" else path. 
						
						
					 
					
						2024-09-07 21:32:34 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							6ef7069098 
							
						 
					 
					
						
						
							
							Testsuite: T861: use fix bootindex for install medium and non-volatile disks  
						
						... 
						
						
						
						This is required to support proper disk ejection and not reloading the disk on
system reboot when operation in BIOS mode. 
						
						
					 
					
						2024-09-07 21:32:34 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							115fb522c8 
							
						 
					 
					
						
						
							
							Testsuite: T861: add support to use VNC for a graphics console  
						
						... 
						
						
						
						To use VNC you could run "make test -- --vnc" 
						
						
					 
					
						2024-09-07 21:32:34 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							986b71af2d 
							
						 
					 
					
						
						
							
							Testsuite: T861: use variable to define one single place for VM name  
						
						
						
						
					 
					
						2024-09-07 21:32:34 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							aa6ca5c65b 
							
						 
					 
					
						
						
							
							Testsuite: T861: cleanup imports and use "kernel_flavor" from vyos_defaults  
						
						
						
						
					 
					
						2024-09-07 21:32:34 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							e5627bf050 
							
						 
					 
					
						
						
							
							Testsuite: T861: remove option to disable KVM and use soft-emulation  
						
						... 
						
						
						
						This code path was unused during CI runs. 
						
						
					 
					
						2024-09-07 21:32:34 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							7f23b57b19 
							
						 
					 
					
						
						
							
							Testsuite: T861: eject installation media CD-ROM over powercycle  
						
						... 
						
						
						
						When moving to UEFI and secure-boot it's better to just reboot the system
for Machine Owner Key installation, then powercycling the machine.
This commit will use `reboot now` over `poweroff` after base system installation
and boot into installed image for smoketest handling. 
						
						
					 
					
						2024-09-07 21:32:34 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							fd7d1d0d20 
							
						 
					 
					
						
						
							
							Kernel: T861: remove superfluous architecture from Kernel string  
						
						
						
						
					 
					
						2024-09-07 21:31:46 +02:00 
						 
				 
			
				
					
						
							
							
								Matthew Kobayashi 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							893a90fa60 
							
						 
					 
					
						
						
							
							T6484: Smoketest: Increase KVM memory limit  
						
						
						
						
					 
					
						2024-06-14 10:41:15 +10:00 
						 
				 
			
				
					
						
							
							
								John Estabrook 
							
						 
					 
					
						
						
						
						
							
						
						
							6fe57a7042 
							
						 
					 
					
						
						
							
							image-tools: T6154: installer prompts to confirm non-default password  
						
						
						
						
					 
					
						2024-04-16 14:15:51 -05:00 
						 
				 
			
				
					
						
							
							
								John Estabrook 
							
						 
					 
					
						
						
						
						
							
						
						
							4a8bc369ef 
							
						 
					 
					
						
						
							
							image-tools: T6207: update test script for prompt for boot config  
						
						
						
						
					 
					
						2024-04-07 22:41:42 -05:00 
						 
				 
			
				
					
						
							
							
								Daniil Baturin 
							
						 
					 
					
						
						
						
						
							
						
						
							bbddf9d0a3 
							
						 
					 
					
						
						
							
							docker, build: T6119: use python3-tomli instead of python3-toml  
						
						... 
						
						
						
						for a compliant implementation ot TOML 
						
						
					 
					
						2024-03-12 20:59:46 +00:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							d8313d2c2c 
							
						 
					 
					
						
						
							
							build: T4919: Fix error due to variable not found  
						
						
						
						
					 
					
						2024-03-08 01:48:05 +01:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							63a8f9d3c6 
							
						 
					 
					
						
						
							
							config: T4919: Add emulated TPM encryption test  
						
						
						
						
					 
					
						2024-02-20 10:46:01 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							b3d0ebaf1d 
							
						 
					 
					
						
						
							
							Makefile: add new target qemu-live  
						
						... 
						
						
						
						Simply boot a live qemu version from the latest ISO build
(10:18) cpo lnx01:~/vyos-build [current] # sudo make qemu-live
if [ ! -f build/live-image-amd64.hybrid.iso ]; then
echo "Could not find build/live-image-amd64.hybrid.iso"
exit 1
fi
scripts/check-qemu-install --qemu-cmd build/live-image-amd64.hybrid.iso
 INFO - Creating Disk image testinstall-20231119-101823-4483.img
SeaBIOS (version 1.16.2-debian-1.16.2-1)
Machine UUID f48b60b2-e6ad-49ef-9d09-4245d0585e52
Booting from DVD/CD...
ISOLINUX 6.04 20200816 ETCD Copyright (C) 1994-2015 H. Peter Anvin et al 
						
						
					 
					
						2023-11-19 10:18:49 +01:00 
						 
				 
			
				
					
						
							
							
								John Estabrook 
							
						 
					 
					
						
						
						
						
							
						
						
							64796852a4 
							
						 
					 
					
						
						
							
							image: T4516: update test script for changes in prompts/partition id  
						
						
						
						
					 
					
						2023-11-15 15:33:42 -06:00 
						 
				 
			
				
					
						
							
							
								John Estabrook 
							
						 
					 
					
						
						
						
						
							
						
						
							ecd3727d63 
							
						 
					 
					
						
						
							
							smoketest: T5607: adjust for non-deterministic scsi device probing  
						
						
						
						
					 
					
						2023-09-20 15:22:32 -05:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							4727dc1756 
							
						 
					 
					
						
						
							
							smoketest: Allow selection of smoketests to run  
						
						... 
						
						
						
						Example:
`make test MATCH="interfaces|policy"` will only run interfaces and policy tests 
						
						
					 
					
						2023-09-14 20:04:54 +02:00 
						 
				 
			
				
					
						
							
							
								Apachez 
							
						 
					 
					
						
						
						
						
							
						
						
							fa1462aa6d 
							
						 
					 
					
						
						
							
							T5562: Fix -smp syntax for qemu-system-x86_64  
						
						
						
						
					 
					
						2023-09-09 12:24:55 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Breunig 
							
						 
					 
					
						
						
						
						
							
						
						
							a863fe0b03 
							
						 
					 
					
						
						
							
							Testsuite: fix qemu SMP configuration  
						
						
						
						
					 
					
						2023-09-09 07:33:44 +02:00 
						 
				 
			
				
					
						
							
							
								Viacheslav Hletenko 
							
						 
					 
					
						
						
						
						
							
						
						
							84fba9f897 
							
						 
					 
					
						
						
							
							T5024: Try to shutdown several times for qemu install script  
						
						... 
						
						
						
						The first shutdown for qemu doesn't work
Try to shutdown several times 
						
						
					 
					
						2023-02-22 09:03:28 +00:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							52073f8ee6 
							
						 
					 
					
						
						
							
							debian: T5003: Increase VM memory - tests failed due to OOM condition  
						
						
						
						
					 
					
						2023-02-13 11:20:49 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							be1d5e0165 
							
						 
					 
					
						
						
							
							Testsuite: T3664: move to new toml based input files  
						
						
						
						
					 
					
						2022-10-07 22:02:58 +02:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							53d229d200 
							
						 
					 
					
						
						
							
							smoketest: Move PKI file generate to script in vyos-1x  
						
						
						
						
					 
					
						2022-06-30 15:45:23 +02:00 
						 
				 
			
				
					
						
							
							
								sarthurdev 
							
						 
					 
					
						
						
						
						
							
						
						
							5a8785f091 
							
						 
					 
					
						
						
							
							openvpn: T4485: Add intermediate CA for smoketest  
						
						
						
						
					 
					
						2022-06-29 17:33:00 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							d9b81c85dc 
							
						 
					 
					
						
						
							
							Testsuite: add new '--qemu-cmd' switch to print the commandline to launch QEMU manually  
						
						
						
						
					 
					
						2022-04-18 09:19:07 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							e67312b02d 
							
						 
					 
					
						
						
							
							Testsuite: enable DHCP on eth0 - future smoketests could now verify DHCP  
						
						
						
						
					 
					
						2022-04-18 09:10:01 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							e326536380 
							
						 
					 
					
						
						
							
							Testsuite: increase memory to 2G for fastnetmon testcase  
						
						
						
						
					 
					
						2022-04-11 21:00:31 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							4ccdaf58fc 
							
						 
					 
					
						
						
							
							Testsuite: fix cdrom boot in UEFI mode  
						
						
						
						
					 
					
						2021-12-26 18:33:51 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							3a8d74b333 
							
						 
					 
					
						
						
							
							Revert "Testsuite: limit QEmu test disk size to 1G to not waste space on build host"  
						
						... 
						
						
						
						This reverts commit a5e591fa9b66b229f7296de177a570c7b7126be4. 
						
						
					 
					
						2021-12-26 17:57:01 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							1960c1c259 
							
						 
					 
					
						
						
							
							Testsuite: limit QEmu test disk size to 1G to not waste space on build host  
						
						
						
						
					 
					
						2021-12-26 09:04:04 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							986fd18e11 
							
						 
					 
					
						
						
							
							Testsuite: add RAID-1 test case for disk recovery  
						
						
						
						
					 
					
						2021-12-25 22:01:59 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							a36755da0b 
							
						 
					 
					
						
						
							
							Testsuite: add loginVM()/shutdownVM() helpers  
						
						
						
						
					 
					
						2021-12-25 22:01:59 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							e836f72458 
							
						 
					 
					
						
						
							
							Testsuite: add 8th NIC and disable PXE boot  
						
						
						
						
					 
					
						2021-12-25 22:01:59 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							76f59a3915 
							
						 
					 
					
						
						
							
							Testsuite: set default timeout to 60 seconds  
						
						
						
						
					 
					
						2021-12-09 22:40:44 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							462c5f80e0 
							
						 
					 
					
						
						
							
							Testsuite: add new "make testraid" target for RAID-1 installation testing  
						
						
						
						
					 
					
						2021-12-09 22:40:44 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							2aa0166d87 
							
						 
					 
					
						
						
							
							Testsuite: reference default user/pass from variable  
						
						
						
						
					 
					
						2021-12-09 11:13:17 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							9e14ab4cb0 
							
						 
					 
					
						
						
							
							Testsuite: increase testing timeout to 3h  
						
						
						
						
					 
					
						2021-12-02 08:02:42 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							fee2237ca0 
							
						 
					 
					
						
						
							
							Testsuite: increase testing timeout to 2h  
						
						
						
						
					 
					
						2021-11-27 19:19:23 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							ec168f3d2c 
							
						 
					 
					
						
						
							
							Testsuite: use individual UUID/name per UEFI/BIOS instance  
						
						
						
						
					 
					
						2021-11-04 21:02:50 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							2264c8a812 
							
						 
					 
					
						
						
							
							Testsuite: add UUID for DUID generation during tests  
						
						
						
						
					 
					
						2021-10-30 13:23:09 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							c984de432c 
							
						 
					 
					
						
						
							
							Testsuite: add support for UEFI boots in Qemu  
						
						... 
						
						
						
						(cherry picked from commit 6c438f92e7ada6fa42e41ac9eff0b1e1eb3756b3) 
						
						
					 
					
						2021-10-02 12:10:56 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							07555c0645 
							
						 
					 
					
						
						
							
							Testsuite: add missing leading 'f' for Python3 format strings  
						
						
						
						
					 
					
						2021-09-19 12:51:42 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							e6e6e557f4 
							
						 
					 
					
						
						
							
							Testsuite: verify proper running Kernel version compared to repo  
						
						
						
						
					 
					
						2021-08-19 10:52:18 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							19778c23a0 
							
						 
					 
					
						
						
							
							Makefile: add "make test-no-interfaces" to start smoketests w/o interface tests  
						
						
						
						
					 
					
						2021-08-15 15:15:41 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Poessinger 
							
						 
					 
					
						
						
						
						
							
						
						
							392dc16672 
							
						 
					 
					
						
						
							
							Revert "Testsuite: list config directories for trouble shooting"  
						
						... 
						
						
						
						This reverts commit 9b1ed0551854575c1e0608daaf5e0dc31c2958c9. 
						
						
					 
					
						2021-08-01 10:34:28 +02:00