1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
summary: Check that ubuntu-save is set up in a UC20 device
details: |
This test checks that ubuntu-save is preset and set up correctly in a UC20
device or that a device can boot when ubuntu-save is not required
# this is a UC20 specific test
systems: [ubuntu-20.04-64]
environment:
# ubuntu-save, TPM, secure boot
NESTED_ENABLE_TPM/encrypted: "true"
NESTED_ENABLE_SECURE_BOOT/encrypted: "true"
NESTED_UBUNTU_SAVE/encrypted: "add"
# add ubuntu-save, but but no TPM or secure boot support
NESTED_ENABLE_TPM/plainwithsave: "false"
NESTED_ENABLE_SECURE_BOOT/plainwithsave: "false"
NESTED_UBUNTU_SAVE/plainwithsave: "add"
# no ubuntu-save, no TPM, no secure boot
NESTED_ENABLE_TPM/plain: "false"
NESTED_ENABLE_SECURE_BOOT/plain: "false"
NESTED_UBUNTU_SAVE/plain: "remove"
prepare: |
# NESTED_ENABLE_TPM and NESTED_UBUNTU_SAVE are used by build-image
tests.nested build-image core
# NESTED_ENABLE_TPM is used by create-vm
tests.nested create-vm core
debug: |
env | sort | grep NESTED_ || true
cat pc-gadget/meta/gadget.yaml || true
ls "$PWD" || true
GADGET_SNAP=$(ls "$(tests.nested get assets-path)"/pc_*.snap || true)
unsquashfs -d unpacked-pc-gadget "$GADGET_SNAP" || true
cat unpacked-pc-gadget/meta/gadget.yaml || true
execute: |
if [ "${NESTED_UBUNTU_SAVE:-}" != "add" ] && ! tests.nested is-enabled tpm; then
echo "Check that ubuntu-save is not mounted"
remote.exec "! mountpoint /run/mnt/ubuntu-save"
remote.exec "! mountpoint /var/lib/snapd/save"
else
echo "Check that ubuntu-save is mounted and has a reasonable amount of free space"
#example df output:
# Filesystem 1B-blocks Used Available Use% Mounted on
# /dev/mapper/ubuntu-save-0bed13ef-f71f-418f-b046-b1ce32dd04a7 5079040 28672 4390912 1% /run/mnt/ubuntu-save
save_out="$(remote.exec "df -B1 /run/mnt/ubuntu-save | tail -1")"
if tests.nested is-enabled tpm; then
# when encrypted, ubuntu-save is mounted from a dm device
echo "$save_out" | MATCH '^/dev/mapper/ubuntu-save-[0-9a-z-]+\s+'
else
# when plain ubuntu-save is mounted from a regular block device
echo "$save_out" | MATCH '^/dev/vda[0-9]\s+'
fi
save_size="$(echo "$save_out" | awk '{print $4}')"
echo "check that there is at least 6MB of free space available on ubuntu-save"
test "$save_size" -gt "$((6*1024*1024))"
# leave a canary
remote.exec "sudo touch /run/mnt/ubuntu-save/canary"
remote.exec mountpoint /var/lib/snapd/save
# we know that save is mounted using a systemd unit
remote.exec systemctl status var-lib-snapd-save.mount
# and a canary exists
remote.exec "test -f /var/lib/snapd/save/canary"
fi
echo "Transition to recovery mode and check again"
recovery_system=$(remote.exec "sudo snap recovery | grep -v Notes | grep -Po '^[0-9]+'")
tests.nested transition "$recovery_system" "recover"
# happily running in recover mode
if [ "${NESTED_UBUNTU_SAVE:-}" != "add" ] && ! tests.nested is-enabled tpm; then
# no ubuntu-save
remote.exec "! mountpoint /run/mnt/ubuntu-save"
remote.exec "! mountpoint /var/lib/snapd/save"
else
recover_save_out="$(remote.exec "df -B1 /run/mnt/ubuntu-save | tail -1")"
if tests.nested is-enabled tpm; then
# when encrypted, ubuntu-save is mounted from a dm device
echo "$recover_save_out" | MATCH '^/dev/mapper/ubuntu-save-[0-9a-z-]+\s+'
else
# when plain ubuntu-save is mounted from a regular block device
echo "$recover_save_out" | MATCH '^/dev/vda[0-9]\s+'
fi
# and a canary exists
remote.exec "test -f /run/mnt/ubuntu-save/canary"
fi
|
