fixes

aquasecurity · Oct 28, 2023 · 00b7d3e · 00b7d3e
1 parent 82c84b2
commit 00b7d3e
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 10 deletions.
diff --git a/tests/e2e-inst-signatures/scripts/hijack/Makefile b/tests/e2e-inst-signatures/scripts/hijack/Makefile
@@ -6,12 +6,7 @@ KBUILD_CFLAGS += -g -Wall
 KERNELDIR ?= /lib/modules/$(shell uname -r)/build
 
 hijack.o:
-	make -C $(KERNELDIR) M=$(PWD) \
-	CC=gcc LD=ld AR=ar NM=nm STRIP=strip OBJCOPY=objcopy \
-	OBJDUMP=objdump READELF=readelf HOSTCC=gcc HOSTCXX=g++ \
-	HOSTAR=ar HOSTLD=ld \
-	modules
-#	$(MAKE) -C $(KERNELDIR) M=$(PWD) CC=gcc modules
+	make -C $(KERNELDIR) M=$(PWD) modules
 
 clean:
 	rm -f hijack.mod hijack.o hijack.mod.c hijack.mod.o hijack.ko

diff --git a/tests/e2e-inst-signatures/scripts/hooked_syscall.sh b/tests/e2e-inst-signatures/scripts/hooked_syscall.sh
@@ -1,18 +1,23 @@
 #!/usr/bin/bash -e
 
+KERNEL_VERSION=$(uname -r)
+
 exit_err() {
     echo -n "ERROR: "
     echo "$@"
     exit 1
 }
 
+. /etc/os-release
+
 # Build and load module
 dir="tests/e2e-inst-signatures/scripts/hijack"
 cd $dir || exit_err "could not cd to $dir"
 make && ./load.sh || exit_err "could not load module"
 
 # Sleep a bit to allow module to load
-sleep 3
+sleep 5
+lsmod | grep hijack || exit_err "module not loaded"
 
 # Unload module after 30 seconds
 nohup sleep 30 > /dev/null 2>&1 && ./unload.sh &
diff --git a/tests/e2e-inst-test.sh b/tests/e2e-inst-test.sh
@@ -36,6 +36,8 @@ if [[ $UID -ne 0 ]]; then
     error_exit "need root privileges"
 fi
 
+. /etc/os-release
+
 if [[ ! -d ./signatures ]]; then
     error_exit "need to be in tracee root directory"
 fi
@@ -91,13 +93,31 @@ for TEST in $TESTS; do
 
     case $TEST in
     HOOKED_SYSCALL)
+        if [[ ! -d /lib/modules/${KERNEL}/build ]]; then
+            info "skip hooked_syscall test, no kernel headers"
+            continue
+        fi
+        if [[ "$KERNEL" == *"amzn"* ]]; then
+            info "skip hooked_syscall test in amazon linux"
+            continue
+        fi
         if [[ $ARCH == "aarch64" ]]; then
             info "skip hooked_syscall test in aarch64"
             continue
         fi
-        if [[ ! -d /lib/modules/${KERNEL}/build ]]; then
-            info "skip hooked_syscall test, no kernel headers"
-            continue
+        if [[ "$VERSION_CODENAME" == "mantic" ]]; then
+            systemctl disable --now unattended-upgrades.service && sleep 1
+            export DEBIAN_FRONTEND=noninteractive
+            apt-get update
+            apt-get install -y gcc-13
+        fi
+        if [[ "$VERSION_CODENAME" == "jammy" ]]; then
+            if [[ "$KERNEL" == *"5.19"* ]]; then
+                systemctl disable --now unattended-upgrades.service && sleep 1
+                export DEBIAN_FRONTEND=noninteractive
+                apt-get update
+                apt-get install -y gcc-11 gcc-12
+            fi
         fi
         "${TESTS_DIR}"/hooked_syscall.sh
         ;;
@@ -161,6 +181,8 @@ for TEST in $TESTS; do
 
     case $TEST in
     HOOKED_SYSCALL)
+        # wait for tracee hooked event to be processed
+        sleep 15
         ;;
     *)
         timeout --preserve-status $TRACEE_RUN_TIMEOUT "${TESTS_DIR}"/"${TEST,,}".sh