From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: Mimi Zohar <zohar@linux.ibm.com>, Stefan Berger <stefanb@linux.ibm.com>
Cc: linux-integrity@vger.kernel.org,
Roberto Sassu <roberto.sassu@huawei.com>,
Petr Vorel <pvorel@suse.cz>
Subject: Re: [PATCH ima-evm-utils] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks
Date: Mon, 30 Jan 2023 17:36:09 +0100 [thread overview]
Message-ID: <b927056b10cfe491ab4c289a2fc0961d99d96556.camel@huaweicloud.com> (raw)
In-Reply-To: <a275b9b5c0b24beda4398358728ca17e33ca9707.camel@linux.ibm.com>
On Mon, 2023-01-30 at 11:26 -0500, Mimi Zohar wrote:
> On Mon, 2023-01-30 at 15:02 +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 08:28 -0500, Mimi Zohar wrote:
> > > [Trimmed Cc list, since this is an ima-evm-utils discussion. Adding
> > > Petr.]
> > >
> > > On Fri, 2023-01-27 at 08:57 +0100, Roberto Sassu wrote:
> > > > On Thu, 2023-01-26 at 17:25 -0500, Stefan Berger wrote:
> > > > > How do you tell the user that the patches need to be applied for the test to
> > > > > succeed and not worry about it when the patches are not applied?
> > > >
> > > > Uhm, I agree. I should at least write a comment as for EVM portable
> > > > signatures, and maybe display a message in the test logs.
> > >
> > > This is a generic problem that needs to be addressed. FYI, LTP
> > > addressed it by introducing "struct test_tag" in commit ca2c76990
> > > ("lib: Add support for test tags").
> >
> > One idea could be to list all the patches the group of tests is going
> > to check, and add an argument to expect_pass and expect_fail to specify
> > the indexes of patches required for the test. We print the required
> > patches in an error message.
>
> It's not clear to me what is meant by "group of tests". Is this at
> the granularity of the test - portable signatures, fsverity,
> boot_aggregate, etc? Or, is this at a new grouping of tests?
Sorry, it wasn't clear. I meant all the tests defined in a test script.
The idea is to associate a list of array indexes with each test
(argument of expect_pass() or expect_fail()). The indexes refer to the
PATCHES variable.
Theoretically, you could also define PATCHES in a common script, called
by all test scripts, and specify indexes of that array in the test
scripts.
I already have a patch, I could send it. Maybe it is more clear.
Roberto
next prev parent reply other threads:[~2023-01-30 16:36 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-26 16:38 [PATCH v3 1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook Roberto Sassu
2023-01-26 16:38 ` [PATCH v3 2/2] ima: Introduce MMAP_CHECK_REQPROT hook Roberto Sassu
2023-01-29 14:52 ` Mimi Zohar
2023-01-30 10:37 ` Roberto Sassu
2023-01-26 16:38 ` [PATCH ima-evm-utils] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks Roberto Sassu
2023-01-26 22:25 ` Stefan Berger
2023-01-27 7:57 ` Roberto Sassu
2023-01-30 13:28 ` Mimi Zohar
2023-01-30 14:02 ` Roberto Sassu
2023-01-30 16:07 ` Roberto Sassu
2023-01-30 16:54 ` Mimi Zohar
2023-01-30 16:56 ` Roberto Sassu
2023-01-30 16:26 ` Mimi Zohar
2023-01-30 16:36 ` Roberto Sassu [this message]
2023-01-30 17:00 ` Mimi Zohar
2023-01-26 19:37 ` [PATCH v3 1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook Stefan Berger
2023-01-27 7:55 ` Roberto Sassu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b927056b10cfe491ab4c289a2fc0961d99d96556.camel@huaweicloud.com \
--to=roberto.sassu@huaweicloud.com \
--cc=linux-integrity@vger.kernel.org \
--cc=pvorel@suse.cz \
--cc=roberto.sassu@huawei.com \
--cc=stefanb@linux.ibm.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.