android13/external/seccomp-tests/README.md

3.0 KiB

Seccomp-BPF Kernel Self-Test Suite

This repository contains a mirror of the upstream Linux kernel test suite for the Seccomp-BPF system call filter. The test suite runs as part of CTS, but it is maintained in a separate repository because the code is GPL.

Syncing to Upstream

Rather than hold the entire Linux history in this repository, only the subdirectory for the Seccomp selftests are preserved here. In order to sync this repository to the upstream Linux, follow these instructions.

The pristine copy of the upstream source is kept on a branch called upstream-master. This branch is then merged into an Android development branch.

First-Time Setup

These instructions only need to be followed for the first time you are updating the repository from a checkout.

  1. Configure a remote to use as the source repository (limited to only syncing the master branch):
    git remote add upstream-linux git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git -t master --no-tags
    

Updating the Source

Perform these steps every time you need to update the test suite from upstream.

  1. Update the remote to fetch the latest sources:

    git remote update upstream-linux
    
  2. Create a new local branch from the updated source, replacing YYYYMMDD with today's date:

    git checkout -b update-YYYYMMDD upstream-linux/master
    
  3. Filter the branch to just the subtree containing the Seccomp test suite:

    git filter-branch --subdirectory-filter tools/testing/selftests/seccomp
    
  4. Check out the upstream-master branch, which contains the pristine, filter-branch'd copy of the source code. Pushing non-merge commits with a "forged" author/committer can only be done against the upstream-master branch.

    git checkout -b upstream-master aosp/upstream-master
    
  5. Update this upstream-master branch to the newly filtered branch of upstream-linux.

    git merge --ff-only update-YYYYMMDD
    
  6. Upload the changes on upstream-master for review and submit them.

  7. Merge the changes from upstream-master into the Android development branch (typically master). Resolve any conflicts with the local modifications present in the repository.

    repo start sync-upstream .
    git subtree merge -P linux/ upstream-master
    

Now build and test the changes by running CTS:

$ mmma cts/tests/tests/os
$ cts-tradefed run singleCommand cts -m CtsOsTestCases -t android.os.cts.SeccompTest

The tests are expected to pass on arm, arm64, x86, and x86_64. If they pass, then repo upload/submit the CL branch. Afterwards, you can remove the update-YYYYMMDD branch.

Linux Space-Saving

If you already have a Linux kernel checkout, you can skip adding Linux as a remote and instead perform steps 1-3 of "Updating the Source" in the kernel checkout. Then simply fetch the filtered branch into the seccomp-tests repository and subtree merge it (as FETCH_HEAD). This will avoid copying the entire kernel history into your local checkout.