* [PATCH testsuite] tests/Makefile: add missing condition for userfaultfd test
@ 2022-09-02 8:42 Ondrej Mosnacek
2022-09-05 8:58 ` Ondrej Mosnacek
0 siblings, 1 reply; 2+ messages in thread
From: Ondrej Mosnacek @ 2022-09-02 8:42 UTC (permalink / raw)
To: selinux; +Cc: Dennis Li
The commit referenced below disables the test_userfaultfd.te policy when
the anon_inode class is not defined in the system policy, but doesn't
disable the test itself in this situation. Thus, on distros that don't
define the class the test might be run and fail.
Fix this by adding the same condition to tests/Makefile.
Fixes: 2b6ea9d2bc96 ("policy: remove CIL workarounds for missing anon_inode class")
Reported-by: Dennis (Zhuoheng) Li <denli@redhat.com>
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
---
tests/Makefile | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tests/Makefile b/tests/Makefile
index 8abd438..f473111 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -134,10 +134,12 @@ endif
endif
ifeq ($(shell [ $(MOD_POL_VERS) -ge 18 -a $(MAX_KERNEL_POLICY) -ge 30 ] && echo true),true)
+ifeq ($(shell grep -q anon_inode $(POLDEV)/include/support/all_perms.spt && echo true),true)
ifeq ($(shell test -e $(INCLUDEDIR)/linux/userfaultfd.h && echo true),true)
SUBDIRS += userfaultfd
endif
endif
+endif
ifeq ($(shell grep -q vsock_socket $(POLDEV)/include/support/all_perms.spt && echo true),true)
ifeq ($(shell grep -qs VMADDR_CID_LOCAL $(INCLUDEDIR)/linux/vm_sockets.h && echo true),true)
--
2.37.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH testsuite] tests/Makefile: add missing condition for userfaultfd test
2022-09-02 8:42 [PATCH testsuite] tests/Makefile: add missing condition for userfaultfd test Ondrej Mosnacek
@ 2022-09-05 8:58 ` Ondrej Mosnacek
0 siblings, 0 replies; 2+ messages in thread
From: Ondrej Mosnacek @ 2022-09-05 8:58 UTC (permalink / raw)
To: SElinux list; +Cc: Dennis Li
On Fri, Sep 2, 2022 at 10:42 AM Ondrej Mosnacek <omosnace@redhat.com> wrote:
>
> The commit referenced below disables the test_userfaultfd.te policy when
> the anon_inode class is not defined in the system policy, but doesn't
> disable the test itself in this situation. Thus, on distros that don't
> define the class the test might be run and fail.
>
> Fix this by adding the same condition to tests/Makefile.
>
> Fixes: 2b6ea9d2bc96 ("policy: remove CIL workarounds for missing anon_inode class")
> Reported-by: Dennis (Zhuoheng) Li <denli@redhat.com>
> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
> ---
> tests/Makefile | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/tests/Makefile b/tests/Makefile
> index 8abd438..f473111 100644
> --- a/tests/Makefile
> +++ b/tests/Makefile
> @@ -134,10 +134,12 @@ endif
> endif
>
> ifeq ($(shell [ $(MOD_POL_VERS) -ge 18 -a $(MAX_KERNEL_POLICY) -ge 30 ] && echo true),true)
> +ifeq ($(shell grep -q anon_inode $(POLDEV)/include/support/all_perms.spt && echo true),true)
> ifeq ($(shell test -e $(INCLUDEDIR)/linux/userfaultfd.h && echo true),true)
> SUBDIRS += userfaultfd
> endif
> endif
> +endif
>
> ifeq ($(shell grep -q vsock_socket $(POLDEV)/include/support/all_perms.spt && echo true),true)
> ifeq ($(shell grep -qs VMADDR_CID_LOCAL $(INCLUDEDIR)/linux/vm_sockets.h && echo true),true)
> --
> 2.37.2
>
Applied:
https://github.com/SELinuxProject/selinux-testsuite/commit/772446c98a922f771e80245f0115485428dd43a8
--
Ondrej Mosnacek
Senior Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-09-05 8:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-02 8:42 [PATCH testsuite] tests/Makefile: add missing condition for userfaultfd test Ondrej Mosnacek
2022-09-05 8:58 ` Ondrej Mosnacek
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.