Quoting CAI Qian ([email protected]): > Hi, > > The following patch adds checking for SELinux. If it is enabled, the > following entries are expected to be read successfully, > > /proc/self/attr/* > /proc/self/task/[0-9]*/attr/* > > If it is disabled, expecting read(2) return -1 with -EINVAL. It does not > affect the testing for systems with no LSM, LSM other than SELinux, and > SELinux-disabled. > > As discussed before, I don't want to put those entries to a separate > test, so I can read them the same way as the rest of procfs entries. > > The version 2 of this patch has been modified to make it easier to > support other LSM enabled testing environments. > > Signed-off-by: CAI Qian <[email protected]>
Acked-by: Serge Hallyn <[email protected]> > > --- testcases/kernel/fs/proc/proc01.c.p1 2009-02-04 11:06:30.000000000 > -0500 > +++ testcases/kernel/fs/proc/proc01.c 2009-02-05 05:42:48.000000000 -0500 > @@ -25,6 +25,8 @@ > * > */ > > +#include "config.h" > + > #include <errno.h> /* for errno */ > #include <stdio.h> /* for NULL */ > #include <stdlib.h> /* for malloc() */ > @@ -37,6 +39,10 @@ > #include <fcntl.h> > #include <fnmatch.h> > > +#ifdef HAVE_SELINUX_SELINUX_H > +#include <selinux/selinux.h> > +#endif > + > #include "test.h" > #include "usctest.h" > > @@ -99,19 +105,56 @@ > {"", "", 0} > }; > > +/* If a particular LSM is enabled, it is expected that some entries can > + be read successfully. */ > +#ifdef HAVE_SELINUX_SELINUX_H > +const char lsm_should_work[][PATH_MAX] = > + { > + "/proc/self/attr/*", > + "/proc/self/task/[0-9]*/attr/*", > + "" > + }; > +#else > +const char lsm_should_work[][PATH_MAX] = > + { > + "" > + }; > +#endif > + > /* Known files that does not honor O_NONBLOCK, so they will hang > - the test while being read.*/ > + the test while being read. */ > const char error_nonblock[][PATH_MAX] = > { > "/proc/xen/xenbus", > "" > }; > > +/* Check if a particular LSM is enabled. */ > +int is_lsm_enabled(void) > +{ > +#ifdef HAVE_SELINUX_SELINUX_H > + return is_selinux_enabled(); > +#else > + return 0; > +#endif > +} > + > /* Verify expected failures, and then let the test to continue. */ > int found_errno(const char *syscall, const char *obj, int tmperr) > { > int i; > > +/* Should not see any error for certain entries if a LSM is enabled. */ > + if (is_lsm_enabled()) > + { > + for (i = 0; lsm_should_work[i][0] != '\0'; i++) > + { > + if (!strcmp(obj, lsm_should_work[i]) > + || !fnmatch(lsm_should_work[i], obj, FNM_PATHNAME)) > + return 0; > + } > + } > + > for (i = 0; known_issues[i].err != 0; i++) > if (tmperr == known_issues[i].err > && (!strcmp(obj, known_issues[i].file) > > ------------------------------------------------------------------------------ > Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) > software. With Adobe AIR, Ajax developers can use existing skills and code to > build responsive, highly engaging applications that combine the power of local > resources and data with the reach of the web. Download the Adobe AIR SDK and > Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com > _______________________________________________ > Ltp-list mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/ltp-list ------------------------------------------------------------------------------ Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com _______________________________________________ Ltp-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ltp-list
