Merge pull request #5914 from yanqzhan/tpm_clean_audit

tpm_device.py: clean audit before vm start
autotest · Oct 9, 2024 · 7eb1188 · 7eb1188
2 parents 2eb24f1 + 6493425
commit 7eb1188
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 5 deletions.
diff --git a/libvirt/tests/cfg/virtual_device/tpm_device.cfg b/libvirt/tests/cfg/virtual_device/tpm_device.cfg
@@ -141,7 +141,7 @@
                     swtpm_path = '/usr/bin/swtpm'
                     variants:
                         - start_vm:
-                            audit_cmd = ausearch -ts recent -m VIRT_RESOURCE| grep 'tpm-external'
+                            audit_cmd = "cat /var/log/audit/audit.log| grep 'tpm-external'"
                             ausearch_check = 'reason=start.*device="/var/tmp/guest-swtpm.sock".*res=success'
                         - suspend_resume:
                             vm_operate = 'resume'

diff --git a/libvirt/tests/src/virtual_device/tpm_device.py b/libvirt/tests/src/virtual_device/tpm_device.py
@@ -830,6 +830,12 @@ def check_swtpmpidfile(vm_name, test_stage):
             return
         if tpm_model and backend_version != 'default':
             expect_fail = False
+            if ausearch_check:
+                cmd = "truncate -s 0  /var/log/audit/audit.log*"
+                process.run(cmd, shell=True)
+                ausearch_ret = process.run(audit_cmd, verbose=True, shell=True, ignore_status=True)
+                if not ausearch_ret:
+                    test.fail('audit log is not cleaned well.')
             try:
                 vm.start()
             except VMStartError as detail:
@@ -838,10 +844,6 @@ def check_swtpmpidfile(vm_name, test_stage):
                     return
                 else:
                     test.fail(detail)
-            if ausearch_check:
-                process.run("echo > /var/log/audit/audit.log", ignore_status=True)
-                ausearch_result = process.run(audit_cmd, verbose=True, shell=True)
-                libvirt.check_result(ausearch_result, expected_match=ausearch_check)
             if undefine_flag:
                 time.sleep(5)
                 vm.destroy()
@@ -946,6 +948,9 @@ def check_swtpmpidfile(vm_name, test_stage):
                         return
             domid = vm.get_id()
             check_qemu_cmd_line(vm, vm_name, domid)
+            if ausearch_check:
+                ausearch_result = process.run(audit_cmd, verbose=True, shell=True)
+                libvirt.check_result(ausearch_result, expected_match=ausearch_check)
             if backend_type == "passthrough":
                 if tpm_real_v == "1.2" and tpm_model == "tpm-crb":
                     expect_fail = True