diff options
| author | kfraser@localhost.localdomain <kfraser@localhost.localdomain> | 2006-10-18 16:07:55 +0100 |
|---|---|---|
| committer | kfraser@localhost.localdomain <kfraser@localhost.localdomain> | 2006-10-18 16:07:55 +0100 |
| commit | b77b89e80e3194eb162d1f42c747b8fd10374985 (patch) | |
| tree | 05474062695e55a6d6ccc0a61d654f2df8069d53 /tools/xm-test/README | |
| parent | ee89b4ab594e3027c04052108ea8b494750fe26c (diff) | |
| download | xen-b77b89e80e3194eb162d1f42c747b8fd10374985.tar.gz xen-b77b89e80e3194eb162d1f42c747b8fd10374985.tar.bz2 xen-b77b89e80e3194eb162d1f42c747b8fd10374985.zip | |
[TPM] Add tests cases for the ACM security hooks and tools to
the xm test suite. The tests can be run with ACM turned off (not
compiled into Xen; see user doc for this), but most of them will be
skipped then. They can be run with a command like
make -C tests/security-acm check-TESTS
from the xm-test directory. They are also part of the default tests in
the tests suite and part of a new group test 'security'.
Since some of the tests require resources to be labeled, one must
explicitly enable the resources to be allowed to be labeled by the
test
suite by running
./configure --enable-full-labeling
once. To turn it off, the '--enable-full-labeling' parameter should be
omitted.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
Diffstat (limited to 'tools/xm-test/README')
| -rw-r--r-- | tools/xm-test/README | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/tools/xm-test/README b/tools/xm-test/README index 62897748d8..ba6b91e90b 100644 --- a/tools/xm-test/README +++ b/tools/xm-test/README @@ -112,6 +112,38 @@ Xm-test will look for disk.img in the ramdisk directory when run by default. +BUILDING for ACM Security Testing +================================= + +A number of tests have been added to test the access control module (ACM) +in the Xen hypervisor and the tools for supporting ACM. Those tests are +located in the security-acm directory. If ACM support is compiled into Xen +(see the user guide for how to do this) those tests can be run with the +following command from the xm-test directory + +./runtest.sh [...] -g security <report> + +Some of these tests will work even without support of ACM by Xen. + +Several of these tests require the privilege of being allowed to label +resources and will otherwise be skipped. By default the test suite +is not allowed to automatically label resources since this may affect +existing labels. To enable this, the test suite must be configured with +the following parameter passed to the configure scripts (in addition to +any other desired parameters) + +./configure --enable-full-labeling + +To revoke the privilege at a later time run the configure scripts without +this parameter: + +./configure + +If a 'make' has previously been run for building the test suite, it is not +necessary to run 'make' again just for enabling or disabling the automatic +labeling of resources. + + Running ======= |