2
0

hostap-vm.yml 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320
  1. name: hostap and wpa-supplicant Tests
  2. # START OF COMMON SECTION
  3. on:
  4. push:
  5. branches: [ 'master', 'main', 'release/**' ]
  6. pull_request:
  7. branches: [ '*' ]
  8. concurrency:
  9. group: ${{ github.workflow }}-${{ github.ref }}
  10. cancel-in-progress: true
  11. # END OF COMMON SECTION
  12. env:
  13. LINUX_REF: v6.6
  14. jobs:
  15. build_wolfssl:
  16. strategy:
  17. matrix:
  18. include:
  19. - build_id: hostap-vm-build1
  20. wolf_extra_config: --disable-tls13
  21. - build_id: hostap-vm-build2
  22. wolf_extra_config: >-
  23. --enable-wpas-dpp --enable-brainpool --with-eccminsz=192
  24. --enable-tlsv10 --enable-oldtls
  25. name: Build wolfSSL
  26. if: github.repository_owner == 'wolfssl'
  27. runs-on: ubuntu-latest
  28. # This should be a safe limit for the tests to run.
  29. timeout-minutes: 10
  30. steps:
  31. # No way to view the full strategy in the browser (really weird)
  32. - name: Print strategy
  33. run: |
  34. cat <<EOF
  35. ${{ toJSON(matrix) }}
  36. EOF
  37. - if: ${{ runner.debug }}
  38. name: Enable wolfSSL debug logging
  39. run: |
  40. echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV
  41. - name: Build wolfSSL
  42. uses: wolfSSL/actions-build-autotools-project@v1
  43. with:
  44. path: wolfssl
  45. configure: >-
  46. --enable-wpas CPPFLAGS=-DWOLFSSL_STATIC_RSA
  47. ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }}
  48. install: true
  49. - name: tar build-dir
  50. run: tar -zcf build-dir.tgz build-dir
  51. - name: Upload built lib
  52. uses: actions/upload-artifact@v4
  53. with:
  54. name: ${{ matrix.build_id }}
  55. path: build-dir.tgz
  56. retention-days: 5
  57. build_uml_linux:
  58. name: Build UML (UserMode Linux)
  59. if: github.repository_owner == 'wolfssl'
  60. runs-on: ubuntu-latest
  61. # This should be a safe limit for the tests to run.
  62. timeout-minutes: 10
  63. steps:
  64. - name: Checking if we have kernel in cache
  65. uses: actions/cache@v4
  66. id: cache
  67. with:
  68. path: linux/linux
  69. key: ${{ env.LINUX_REF }}
  70. lookup-only: true
  71. - name: Checkout hostap
  72. if: steps.cache.outputs.cache-hit != 'true'
  73. uses: actions/checkout@v4
  74. with:
  75. repository: julek-wolfssl/hostap-mirror
  76. path: hostap
  77. - name: Checkout linux
  78. if: steps.cache.outputs.cache-hit != 'true'
  79. uses: actions/checkout@v4
  80. with:
  81. repository: torvalds/linux
  82. path: linux
  83. - name: Compile linux
  84. if: steps.cache.outputs.cache-hit != 'true'
  85. run: |
  86. cp hostap/tests/hwsim/vm/kernel-config.uml linux/.config
  87. cd linux
  88. yes "" | ARCH=um make -j $(nproc)
  89. hostap_test:
  90. strategy:
  91. fail-fast: false
  92. matrix:
  93. # should hostapd be compiled with wolfssl
  94. hostapd: [true, false]
  95. # should wpa_supplicant be compiled with wolfssl
  96. wpa_supplicant: [true, false]
  97. # Fix the versions of hostap and osp to not break testing when a new
  98. # patch is added in to osp. Tests are read from the corresponding
  99. # configs/hostap_ref/tests file.
  100. config: [
  101. {
  102. hostap_ref: hostap_2_10,
  103. remove_teap: true,
  104. # TLS 1.3 does not work for this version
  105. build_id: hostap-vm-build1,
  106. },
  107. # Test the dpp patch
  108. {
  109. hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
  110. osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
  111. build_id: hostap-vm-build2
  112. },
  113. {
  114. hostap_ref: 07c9f183ea744ac04585fb6dd10220c75a5e2e74,
  115. osp_ref: e1876fbbf298ee442bc7ab8561331ebc7de17528,
  116. build_id: hostap-vm-build2
  117. },
  118. ]
  119. exclude:
  120. # don't test openssl on both sides
  121. - hostapd: false
  122. wpa_supplicant: false
  123. # no hostapd support for dpp yet
  124. - hostapd: true
  125. config: {
  126. hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
  127. osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
  128. build_id: hostap-vm-build2
  129. }
  130. name: hwsim test
  131. # For openssl 1.1
  132. if: github.repository_owner == 'wolfssl'
  133. runs-on: ubuntu-latest
  134. # This should be a safe limit for the tests to run.
  135. timeout-minutes: 45
  136. needs: [build_wolfssl, build_uml_linux]
  137. steps:
  138. - name: Checking if we have kernel in cache
  139. uses: actions/cache/restore@v4
  140. id: cache
  141. with:
  142. path: linux/linux
  143. key: ${{ env.LINUX_REF }}
  144. fail-on-cache-miss: true
  145. - name: show file structure
  146. run: tree
  147. # No way to view the full strategy in the browser (really weird)
  148. - name: Print strategy
  149. run: |
  150. cat <<EOF
  151. ${{ toJSON(matrix) }}
  152. EOF
  153. - name: Print computed job run ID
  154. run: |
  155. SHA_SUM=$(sha256sum << 'END_OF_HEREDOC' | cut -d " " -f 1
  156. ${{ toJSON(github) }}
  157. END_OF_HEREDOC
  158. )
  159. echo "our_job_run_id=$SHA_SUM" >> $GITHUB_ENV
  160. echo Our job run ID is $SHA_SUM
  161. - name: Checkout wolfSSL
  162. uses: actions/checkout@v4
  163. with:
  164. path: wolfssl
  165. - name: Download lib
  166. uses: actions/download-artifact@v4
  167. with:
  168. name: ${{ matrix.config.build_id }}
  169. - name: untar build-dir
  170. run: tar -xf build-dir.tgz
  171. - name: Install dependencies
  172. run: |
  173. # Don't prompt for anything
  174. export DEBIAN_FRONTEND=noninteractive
  175. sudo apt-get update
  176. # hostap dependencies
  177. sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
  178. libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
  179. libnl-route-3-dev libdbus-1-dev bridge-utils tshark python3-pycryptodome
  180. - name: Checkout hostap
  181. uses: actions/checkout@v4
  182. with:
  183. repository: julek-wolfssl/hostap-mirror
  184. path: hostap
  185. ref: ${{ matrix.config.hostap_ref }}
  186. - name: Update certs
  187. working-directory: hostap/tests/hwsim/auth_serv
  188. run: ./update.sh
  189. - if: ${{ matrix.config.osp_ref }}
  190. name: Checkout OSP
  191. uses: actions/checkout@v4
  192. with:
  193. repository: wolfssl/osp
  194. path: osp
  195. ref: ${{ matrix.config.osp_ref }}
  196. - if: ${{ matrix.config.osp_ref }}
  197. name: Apply patch files
  198. working-directory: hostap
  199. run: |
  200. for f in $GITHUB_WORKSPACE/osp/hostap-patches/pending/*
  201. do
  202. patch -p1 < $f
  203. done
  204. - name: Apply extra patches
  205. working-directory: hostap
  206. run: |
  207. FILE=$GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/extra.patch
  208. if [ -f "$FILE" ]; then
  209. patch -p1 < $FILE
  210. fi
  211. - if: ${{ matrix.hostapd }}
  212. name: Setup hostapd config file
  213. run: |
  214. cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \
  215. hostap/hostapd/.config
  216. cat <<EOF >> hostap/hostapd/.config
  217. CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  218. LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  219. EOF
  220. - if: ${{ matrix.wpa_supplicant }}
  221. name: Setup wpa_supplicant config file
  222. run: |
  223. cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \
  224. hostap/wpa_supplicant/.config
  225. cat <<EOF >> hostap/wpa_supplicant/.config
  226. CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  227. LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  228. EOF
  229. - name: Build hostap and wpa_supplicant
  230. working-directory: hostap/tests/hwsim/
  231. run: ./build.sh
  232. - if: ${{ matrix.hostapd }}
  233. name: Confirm hostapd linking with wolfSSL
  234. run: ldd hostap/hostapd/hostapd | grep wolfssl
  235. - if: ${{ matrix.wpa_supplicant }}
  236. name: Confirm wpa_supplicant linking with wolfSSL
  237. run: ldd hostap/wpa_supplicant/wpa_supplicant | grep wolfssl
  238. - if: ${{ matrix.config.remove_teap }}
  239. name: Remove EAP-TEAP from test configuration
  240. working-directory: hostap/tests/hwsim/auth_serv
  241. run: |
  242. sed -e 's/"erp-teap@example.com"\tTEAP//' -i eap_user.conf
  243. sed -e 's/"erp-teap@example.com"\tMSCHAPV2\t"password"\t\[2\]//' -i eap_user.conf
  244. sed -e 's/"TEAP"\t\tTEAP//' -i eap_user.conf
  245. sed -e 's/TEAP,//' -i eap_user.conf
  246. - if: ${{ runner.debug }}
  247. name: Enable hostap debug logging
  248. run: |
  249. echo "hostap_debug_flags=--debug" >> $GITHUB_ENV
  250. - name: Run tests
  251. id: testing
  252. working-directory: hostap/tests/hwsim/
  253. run: |
  254. cat <<EOF >> vm/vm-config
  255. KERNELDIR=$GITHUB_WORKSPACE/linux
  256. KVMARGS="-cpu host"
  257. EOF
  258. # Run tests in increments of 200 to not stall out the parallel-vm script
  259. while mapfile -t -n 200 ary && ((${#ary[@]})); do
  260. TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ')
  261. HWSIM_RES=0 # Not set when command succeeds
  262. ./vm/parallel-vm.py ${{ env.hostap_debug_flags }} --nocurses $(nproc) $TESTS || HWSIM_RES=$?
  263. if [ "$HWSIM_RES" -ne "0" ]; then
  264. # Let's re-run the failing tests. We gather the failed tests from the log file.
  265. FAILED_TESTS=$(grep 'failed tests' /tmp/hwsim-test-logs/*-parallel.log | sed 's/failed tests: //' | tr ' ' '\n' | sort | uniq | tr '\n' ' ')
  266. printf 'failed tests: %s\n' "$FAILED_TESTS"
  267. ./vm/parallel-vm.py ${{ env.hostap_debug_flags }} --nocurses $(nproc) $FAILED_TESTS
  268. fi
  269. rm -r /tmp/hwsim-test-logs
  270. done < $GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/tests
  271. # The logs are quite big. It hasn't been useful so far so let's not waste
  272. # precious gh space.
  273. #- name: zip logs
  274. # if: ${{ failure() && steps.testing.outcome == 'failure' }}
  275. # working-directory: hostap/tests/hwsim/
  276. # run: |
  277. # rm /tmp/hwsim-test-logs/latest
  278. # zip -9 -r logs.zip /tmp/hwsim-test-logs
  279. #
  280. #- name: Upload failure logs
  281. # if: ${{ failure() && steps.testing.outcome == 'failure' }}
  282. # uses: actions/upload-artifact@v4
  283. # with:
  284. # name: hostap-logs-${{ env.our_job_run_id }}
  285. # path: hostap/tests/hwsim/logs.zip
  286. # retention-days: 5