From: Petr Vorel <pvorel@suse.cz>
To: Lachlan Sneff <t-josne@linux.microsoft.com>
Cc: zohar@linux.ibm.com, ltp@lists.linux.it,
nramas@linux.microsoft.com, balajib@linux.microsoft.com,
linux-integrity@vger.kernel.org
Subject: Re: [PATCH 1/2] IMA: Verify that the kernel cmdline is passed and measured correctly through the kexec barrier.
Date: Wed, 15 Jul 2020 10:18:57 +0200 [thread overview]
Message-ID: <20200715081857.GB10916@dell5510> (raw)
In-Reply-To: <20200702153545.3126-2-t-josne@linux.microsoft.com>
> Add a testcase that verifies that kexec correctly logs the
> kernel command line to the IMA buffer and that the command
> line is then correctly measured.
> This test must be run standalone, since it runs kexec
> multiple times (and therefore reboots several times).
> Signed-off-by: Lachlan Sneff <t-josne@linux.microsoft.com>
...
> +++ b/testcases/kexec/utils.sh
> @@ -0,0 +1,47 @@
> +#!/bin/sh
> +
> +install() {
> + local arg="$1"
> +
> + if [ ! -d "/etc/init.d" ]; then
> + mkdir /etc/init.d
> + fi
I'm not sure if tests like this are suitable for LTP.
Ideal LTP test is a normal test, which is able to run with runltp, cleanup after
itself and use LTP C or/and shell API. LTP is full of tests which needs special
handling and thus not being run, not sure if it's a good idea to introduce yet
another one.
Also test shouldn't not significantly modify SUT to make it unbootable, which
I'm not sure in this case. This is a big difference to kselftests which are
meant to help during kernel development which somehow expects some system
modifications (as you install your custom build kernel).
I wonder if using QEMU would help to implement this test while not touching SUT
(thus be able to run this test with runltp). If you miss something in LTP API
just let us know.
Kind regards,
Petr
next prev parent reply other threads:[~2020-07-15 8:19 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-02 15:35 [PATCH 0/2] Test cmdline measurement and IMA buffer passing through kexec Lachlan Sneff
2020-07-02 15:35 ` [PATCH 1/2] IMA: Verify that the kernel cmdline is passed and measured correctly through the kexec barrier Lachlan Sneff
2020-07-15 0:58 ` Mimi Zohar
2020-07-15 8:03 ` Petr Vorel
2020-07-15 19:38 ` Lachlan Sneff
2020-07-15 19:40 ` Mimi Zohar
2020-07-15 8:18 ` Petr Vorel [this message]
2020-07-15 19:46 ` Lachlan Sneff
2020-07-02 15:35 ` [PATCH 2/2] IMA: Verify IMA buffer passing " Lachlan Sneff
2020-07-15 1:41 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200715081857.GB10916@dell5510 \
--to=pvorel@suse.cz \
--cc=balajib@linux.microsoft.com \
--cc=linux-integrity@vger.kernel.org \
--cc=ltp@lists.linux.it \
--cc=nramas@linux.microsoft.com \
--cc=t-josne@linux.microsoft.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).