On Thu, May 21, 2026 at 03:47:57PM +0530, Disha Goel wrote: > kernfs_test assumes that flistxattr() on /sys/kernel/warn_count always > returns an empty list. However, systems with SELinux enabled may expose > security.selinux xattr via listxattr() during policy load, which makes > the test fail even though kernfs is behaving correctly. > > Allow security.selinux xattr in kernfs_listxattr while continuing to > reject other unexpected xattrs. Keep the existing user.foo getxattr > check unchanged. > > This avoids false failures on SELinux-enabled systems while preserving > the original purpose of the test. > > Signed-off-by: Disha Goel <[email protected]> > --- > .../selftests/filesystems/kernfs_test.c | 27 +++++++++++++++++-- > 1 file changed, 25 insertions(+), 2 deletions(-) > > diff --git a/tools/testing/selftests/filesystems/kernfs_test.c > b/tools/testing/selftests/filesystems/kernfs_test.c > index 84c2b910a60d..a5e480d662e0 100644 > --- a/tools/testing/selftests/filesystems/kernfs_test.c > +++ b/tools/testing/selftests/filesystems/kernfs_test.c > @@ -4,6 +4,8 @@ > > #include <fcntl.h> > #include <stdio.h> > +#include <stdlib.h> > +#include <string.h> > #include <sys/stat.h> > #include <sys/xattr.h> > > @@ -12,12 +14,33 @@ > > TEST(kernfs_listxattr) > { > + char *buf, *xattr; > + ssize_t len, ret; > int fd; > > - /* Read-only file that can never have any extended attributes set. */ > + /* Read-only file that can never have any extended attributes set. > + * However, SELinux may set security.selinux xattr on kernfs files > + * during policy load, so we explicitly ignore it. > + */ > fd = open("/sys/kernel/warn_count", O_RDONLY | O_CLOEXEC); > ASSERT_GE(fd, 0); > - ASSERT_EQ(flistxattr(fd, NULL, 0), 0); > + > + len = flistxattr(fd, NULL, 0); > + ASSERT_GE(len, 0); > + > + if (len > 0) { > + buf = malloc(len); > + ASSERT_NE(buf, NULL); > + > + ret = flistxattr(fd, buf, len); > + ASSERT_EQ(ret, len); > + > + for (xattr = buf; xattr < buf + len; xattr += strlen(xattr) + 1) > + ASSERT_EQ(strcmp(xattr, "security.selinux"), 0);
Hi Disha, Yes we did check that this particular file was showing selinux xattrs, so I guess the test's assumption is wrong. However, looking a bit more closely this test is designed to check that when no xattrs are set then listxattr() always returns 0 and getxattr() returns ENODATA. So having SELinux attributes defeats the purpose of the test. Maybe a better approach would be to just skip the test if any SELinux attribute (or any attribute) is present on this file. Idk if with SELinux its possible to have a file with no attr, if there is then maybe we should use that file instead. Regards, Ojaswin > + > + free(buf); > + } > + > EXPECT_EQ(close(fd), 0); > } > > -- > 2.45.1 >
