* [PATCH testsuite v2] tests: exclude vsock_socket test where it wouldn't build
@ 2021-09-08 11:07 Ondrej Mosnacek
2021-09-11 18:35 ` Ondrej Mosnacek
0 siblings, 1 reply; 2+ messages in thread
From: Ondrej Mosnacek @ 2021-09-08 11:07 UTC (permalink / raw)
To: selinux
The test requires the <linux/vm_sockets.h> header to be available and
contain th definition for VMADDR_CID_LOCAL, so wrap it in a check for
these preconditions.
Likewise, the vsock_socket test policy requires the vsock_socket class
to be defined in the base policy, so wrap the policy bit and test in a
check for this, too.
Without this patch the testsuite wouldn't build on older distros such as
RHEL-7.
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
---
v2: also check for vsock_socket class in policy
policy/Makefile | 6 +++++-
tests/Makefile | 8 +++++++-
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/policy/Makefile b/policy/Makefile
index a4cc98f..5e5ccda 100644
--- a/policy/Makefile
+++ b/policy/Makefile
@@ -27,7 +27,7 @@ TARGETS = \
test_setnice.te test_sigkill.te test_stat.te test_sysctl.te \
test_task_create.te test_task_getpgid.te test_task_getsched.te \
test_task_getsid.te test_task_setpgid.te test_task_setsched.te \
- test_transition.te test_unix_socket.te test_vsock_socket.te \
+ test_transition.te test_unix_socket.te \
test_mmap.te test_overlayfs.te test_mqueue.te \
test_ibpkey.te test_atsecure.te test_cgroupfs.te
@@ -125,6 +125,10 @@ ifeq ($(shell grep -q key_socket $(POLDEV)/include/support/all_perms.spt && echo
TARGETS += test_key_socket.te
endif
+ifeq ($(shell grep -q vsock_socket $(POLDEV)/include/support/all_perms.spt && echo true),true)
+TARGETS += test_vsock_socket.te
+endif
+
ifeq ($(shell grep -q module_load $(POLDEV)/include/support/all_perms.spt && echo true),true)
TARGETS+=test_module_load.te
endif
diff --git a/tests/Makefile b/tests/Makefile
index e59ddc0..cbff490 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -27,7 +27,7 @@ SUBDIRS:= domain_trans entrypoint execshare exectrace execute_no_trans \
task_setnice task_setscheduler task_getscheduler task_getsid \
task_getpgid task_setpgid file ioctl capable_file capable_net \
capable_sys dyntrans dyntrace bounds nnp_nosuid mmap unix_socket \
- inet_socket overlay checkreqprot mqueue mac_admin atsecure vsock_socket
+ inet_socket overlay checkreqprot mqueue mac_admin atsecure
ifeq ($(shell grep -q cap_userns $(POLDEV)/include/support/all_perms.spt && echo true),true)
ifneq ($(shell ./kvercmp $$(uname -r) 4.7),-1)
@@ -141,6 +141,12 @@ SUBDIRS += userfaultfd
endif
endif
+ifeq ($(shell grep -q vsock_socket $(POLDEV)/include/support/all_perms.spt && echo true),true)
+ifeq ($(shell grep -qs VMADDR_CID_LOCAL $(INCLUDEDIR)/linux/vm_sockets.h && echo true),true)
+SUBDIRS += vsock_socket
+endif
+endif
+
ifeq ($(DISTRO),RHEL4)
SUBDIRS:=$(filter-out bounds dyntrace dyntrans inet_socket mmap nnp_nosuid overlay unix_socket, $(SUBDIRS))
endif
--
2.31.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH testsuite v2] tests: exclude vsock_socket test where it wouldn't build
2021-09-08 11:07 [PATCH testsuite v2] tests: exclude vsock_socket test where it wouldn't build Ondrej Mosnacek
@ 2021-09-11 18:35 ` Ondrej Mosnacek
0 siblings, 0 replies; 2+ messages in thread
From: Ondrej Mosnacek @ 2021-09-11 18:35 UTC (permalink / raw)
To: SElinux list
On Wed, Sep 8, 2021 at 1:07 PM Ondrej Mosnacek <omosnace@redhat.com> wrote:
> The test requires the <linux/vm_sockets.h> header to be available and
> contain th definition for VMADDR_CID_LOCAL, so wrap it in a check for
> these preconditions.
>
> Likewise, the vsock_socket test policy requires the vsock_socket class
> to be defined in the base policy, so wrap the policy bit and test in a
> check for this, too.
>
> Without this patch the testsuite wouldn't build on older distros such as
> RHEL-7.
>
> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
> ---
>
> v2: also check for vsock_socket class in policy
>
> policy/Makefile | 6 +++++-
> tests/Makefile | 8 +++++++-
> 2 files changed, 12 insertions(+), 2 deletions(-)
This patch is also applied now.
--
Ondrej Mosnacek
Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-09-11 18:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-08 11:07 [PATCH testsuite v2] tests: exclude vsock_socket test where it wouldn't build Ondrej Mosnacek
2021-09-11 18:35 ` Ondrej Mosnacek
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.