From: Mimi Zohar <zohar@linux.ibm.com>
To: Patrick Uiterwijk <patrick@puiterwijk.org>,
linux-integrity@vger.kernel.org
Cc: pbrobinson@redhat.com, Vitaly Chikunov <vt@altlinux.org>
Subject: Re: [PATCH 2/2] Add test for using sign_hash API
Date: Thu, 07 Jan 2021 07:25:03 -0500 [thread overview]
Message-ID: <021868cb0faadd4a61440974808880ff520f9bd6.camel@linux.ibm.com> (raw)
In-Reply-To: <20210106094335.3178261-3-patrick@puiterwijk.org>
Hi Patrick,
On Wed, 2021-01-06 at 10:43 +0100, Patrick Uiterwijk wrote:
> This adds a test with a small program that calls the sign_hash API, to
> ensure that that codepath works.
>
> Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
Thank you for the regression test. Other than the couple of comments
below,
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> ---
> diff --git a/tests/Makefile.am b/tests/Makefile.am
> index ff928e1..74f6125 100644
> --- a/tests/Makefile.am
> +++ b/tests/Makefile.am
> @@ -10,3 +10,8 @@ distclean: distclean-keys
> .PHONY: distclean-keys
> distclean-keys:
> ./gen-keys.sh clean
> +
> +AUTOMAKE_OPTIONS = subdir-objects
> +bin_PROGRAMS = sign_verify_apitest
> +sign_verify_apitest_SOURCES = sign_verify.apitest.c ../src/utils.c
> +sign_verify_apitest_LDFLAGS = -limaevm -L../src/.libs
> diff --git a/tests/sign_verify.apitest.c b/tests/sign_verify.apitest.c
> new file mode 100644
> index 0000000..20e2160
> --- /dev/null
> +++ b/tests/sign_verify.apitest.c
> @@ -0,0 +1,55 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * sign_verify.apitest: Test program for verifying sign_hash
> + *
> + * Copyright (C) 2020 Patrick Uiterwijk <patrick@puiterwijk.org>
> + * Copyright (C) 2013,2014 Samsung Electronics
> + * Copyright (C) 2011,2012,2013 Intel Corporation
> + * Copyright (C) 2011 Nokia Corporation
> + * Copyright (C) 2010 Cyril Hrubis <chrubis@suse.cz>
> + */
Looking at the history, Dmitry Kasatkin must have been involved. From
which software package is this from?
> +
> +#include <assert.h>
> +#include <stdio.h>
> +#include <string.h>
> +#include <sys/types.h>
> +#include <attr/xattr.h>
This include fails on a couple of distros (e.g. alpine, tumbleweed, and
RHEL 8.3). src/evmctl.c is using sys/xattr.h.
Mimi
> +
> +#include "../src/imaevm.h"
> +#include "../src/utils.h"
next prev parent reply other threads:[~2021-01-07 12:26 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-06 9:43 [PATCH 0/2] ima-evm-utils: Fix use of sign_hash via API Patrick Uiterwijk
2021-01-06 9:43 ` [PATCH 1/2] Fix sign_hash not observing the hashalgo argument Patrick Uiterwijk
2021-01-07 12:24 ` Mimi Zohar
2021-01-07 13:08 ` Vitaly Chikunov
2021-01-07 13:15 ` Vitaly Chikunov
2021-01-07 14:55 ` Mimi Zohar
2021-01-07 15:13 ` Patrick Uiterwijk
2021-01-06 9:43 ` [PATCH 2/2] Add test for using sign_hash API Patrick Uiterwijk
2021-01-07 12:25 ` Mimi Zohar [this message]
2021-01-07 12:53 ` Vitaly Chikunov
2021-01-07 15:08 ` Patrick Uiterwijk
2021-07-05 15:49 ` [PATCH ima-evm-utils v2 0/2] Fix use of sign_hash via API Patrick Uiterwijk
2021-07-05 15:49 ` [PATCH ima-evm-utils v2 1/2] Fix sign_hash not observing the hashalgo argument Patrick Uiterwijk
2021-07-05 15:49 ` [PATCH ima-evm-utils v2 2/2] Add test for using sign_hash API Patrick Uiterwijk
2021-07-06 15:53 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=021868cb0faadd4a61440974808880ff520f9bd6.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=linux-integrity@vger.kernel.org \
--cc=patrick@puiterwijk.org \
--cc=pbrobinson@redhat.com \
--cc=vt@altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).