From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: Mimi Zohar <zohar@linux.ibm.com>, Petr Vorel <pvorel@suse.cz>,
linux-integrity@vger.kernel.org,
Roberto Sassu <roberto.sassu@huawei.com>
Cc: dmitry.kasatkin@gmail.com, vt@altlinux.org, stefanb@linux.ibm.com
Subject: Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix
Date: Mon, 20 Feb 2023 14:26:07 +0100 [thread overview]
Message-ID: <90b48fffe13509f9a29df27e29e94b7eebb4740a.camel@huaweicloud.com> (raw)
In-Reply-To: <3f3d8d134a33f05405c1b814c8a61b5bd0411e4b.camel@linux.ibm.com>
On Mon, 2023-02-20 at 08:17 -0500, Mimi Zohar wrote:
> On Thu, 2023-02-16 at 10:29 -0500, Mimi Zohar wrote:
> > On Thu, 2023-02-16 at 09:16 +0100, Roberto Sassu wrote:
> > > On Wed, 2023-02-15 at 18:19 -0500, Mimi Zohar wrote:
> > > > Hi Petr,
> > > >
> > > > On Wed, 2023-02-15 at 23:44 +0100, Petr Vorel wrote:
> > > > > Hi Mimi,
> > > > >
> > > > > > Tested:
> > > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413
> > > > >
> > > > > Thanks for merging this.
> > > >
> > > > I actually pushed out the patches to "next-testing" to make sure it
> > > > works. In doing so, I dropped a couple of Roberto's patches, which
> > > > aren't quite ready and one of mine as well. In general, I'm not sure
> > > > pushing patches out to "next-integrity" should be considered "merging"
> > > > quite yet. In this case, your patches are fine. (Perhaps there needs
> > > > to be a better work flow.)
> > > >
> > > > > My test was working:
> > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359
> > > >
> > > > Yes, I saw.
> > > >
> > > > > But the same code now fails for Fedora.
> > > > > I wonder what exactly is wrong now:
> > > > > https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106
> > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846
> > > >
> > > > The UML kernel built properly, but for some reason the fsverity and
> > > > portable_signature tests aren't finding it.
> > >
> > > It could be this (in the logs):
> > >
> > > There exist one or more cache(s) with similar key but they have
> > > different version or scope.
> > >
> > > I would try:
> > >
> > > enableCrossOsArchive: true
> > >
> > > after:
> > >
> > > uses: actions/cache@v3
> > > with:
> > > path:
> > > key:
> > >
> > > for every step using the cache.
> > >
> > > Cache version is a hash generated for a combination of compression tool
> > > used (Gzip, Zstd, etc. based on the runner OS) and the path of
> > > directories being cached.
> > >
> > > Maybe there was some change from the time the kernel and signing key
> > > were cached.
> >
> > Adding "enableCrossOsArchive: true" didn't help, nor did clearing the
> > cache.
>
> FYI, with a clean cache, but without any changes, this seems to be
> working now.
Thanks. I expected that. However, we would need to fix it
(once I get some time).
Roberto
> >
> > > > > FAIL: fsverity
> > > > > ==============
> > > > >
> > > > > which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
> > > > > dd is /usr/bin/dd
> > > > > mkfs is /usr/sbin/mkfs
> > > > > blkid is /usr/sbin/blkid
> > > > > e2fsck is /usr/sbin/e2fsck
> > > > > tune2fs is /usr/sbin/tune2fs
> > > > > evmctl is ../src/evmctl
> > > > > setfattr is /usr/bin/setfattr
> > > > > ./functions.sh: line 90: ../linux: No such file or directory
> > > > > =================================
> > > > > Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup
> > > > > To stop after first failure
> > > > > =================================
> > > > > PASS: 0 SKIP: 0 FAIL: 1
> > > > >
> > > > > FAIL fsverity.test (exit status: 1)
> > > > >
> > > > > FAIL: portable_signatures
> > > > > =========================
> > > > >
> > > > > evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl
> > > > > ./functions.sh: line 90: ../linux: No such file or directory
> > > > > ./functions.sh: line 90: ../linux: No such file or directory
prev parent reply other threads:[~2023-02-20 13:26 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-14 21:00 [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel
2023-02-14 21:00 ` [PATCH ima-evm-utils 1/3] tests/install-swtpm.sh: Update ibmswtpm2 to 1682 Petr Vorel
2023-02-14 21:00 ` [PATCH ima-evm-utils 2/3] github: travis: Remove COMPILE_SSL from tumbleweed Petr Vorel
2023-02-14 21:00 ` [PATCH ima-evm-utils 3/3] github: Put openSSL build into own section Petr Vorel
2023-02-14 21:01 ` [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel
2023-02-15 23:00 ` Mimi Zohar
2023-02-15 22:44 ` Petr Vorel
2023-02-15 23:19 ` Mimi Zohar
2023-02-16 8:16 ` Roberto Sassu
2023-02-16 15:29 ` Mimi Zohar
2023-02-20 13:17 ` Mimi Zohar
2023-02-20 13:26 ` Roberto Sassu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=90b48fffe13509f9a29df27e29e94b7eebb4740a.camel@huaweicloud.com \
--to=roberto.sassu@huaweicloud.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=linux-integrity@vger.kernel.org \
--cc=pvorel@suse.cz \
--cc=roberto.sassu@huawei.com \
--cc=stefanb@linux.ibm.com \
--cc=vt@altlinux.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.