From: Richard Haines <richard_c_haines@btinternet.com>
To: Stephen Smalley <stephen.smalley.work@gmail.com>
Cc: SElinux list <selinux@vger.kernel.org>,
Stephen Smalley <sds@tycho.nsa.gov>,
Scott Mayhew <smayhew@redhat.com>
Subject: Re: [RFC V3 PATCH 0/2] selinux-testsuite: Use native filesystem for tests
Date: Wed, 11 Mar 2020 16:54:58 +0000 [thread overview]
Message-ID: <6b43f33ac519bbeaa42a79125e2e97e9823ec8f9.camel@btinternet.com> (raw)
In-Reply-To: <CAEjxPJ69FMkO=X4fxMvgF1F7rsv9ZsEaJemgFzkuvzRWrgfUNg@mail.gmail.com>
On Wed, 2020-03-11 at 12:02 -0400, Stephen Smalley wrote:
> On Tue, Mar 10, 2020 at 12:25 PM Richard Haines
> <richard_c_haines@btinternet.com> wrote:
> > If you test on the selinux-next kernel (that has the XFS patch [1])
> > with
> > the "NFS: Ensure security label is set for root inode" patch [2],
> > then all
> > tests should pass. Anything else will give varying amounts of
> > fails.
> >
> > The filesystem types tested are: ext4, xfs, vfat and nfs4.
> >
> > I've revamped the nfs.sh to handle tests that require specific
> > mount
> > options, these plus many more are now in tests/nfs_filesystem. This
> > only
> > gets run by nfs.sh.
> >
> > There are two minor workarounds involving multiple mounts returning
> > EBUSY.
> > These are either bugs or features.
> >
> > Not tested on travis.
> >
> > [1]
> > https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/patch/security/selinux?id=e4cfa05e9bfe286457082477b32ecd17737bdbce
> > [2]
> > https://lore.kernel.org/selinux/20200303225837.1557210-1-smayhew@redhat.com/
>
> Even with the patches above applied, I am seeing failures during the
> tests/nfs_filesystem tests:
Looks like my /mnt was mis-labeled. I've fixed and had to add this to
test_filesystem.te:
files_mounton_non_security(filesystemdomain)
and now works okay. Could you confirm please, then I'll resend new
patch later
> ...
> filesystem/test ............. ok
> fs_filesystem/test .......... ok
> All tests successful.
> Files=63, Tests=623, 153 wallclock secs ( 0.30 usr 0.82 sys + 2.47
> cusr 41.75 csys = 45.34 CPU)
> Result: PASS
> make: Leaving directory '/mnt/selinux-testsuite/tests'
> Run 'filesystem' tests with mount context option:
> fscontext=system_u:object_r:test_filesystem_file_t:s0
> filesystem/test .. ok
> All tests successful.
> Files=1, Tests=30, 8 wallclock secs ( 0.03 usr 0.05 sys + 0.27
> cusr
> 4.88 csys = 5.23 CPU)
> Result: PASS
> Run 'fs_filesystem' tests with mount context option:
> fscontext=system_u:object_r:test_filesystem_file_t:s0
> fs_filesystem/test .. ok
> All tests successful.
> Files=1, Tests=29, 9 wallclock secs ( 0.04 usr 0.05 sys + 0.26
> cusr
> 5.13 csys = 5.48 CPU)
> Result: PASS
> Run NFS context specific tests
> nfs_filesystem/test .. 1/56 Failed mount(2): Permission denied
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 73.
> getfilecon(3) Failed: No such file or directory
>
> # Failed test at nfs_filesystem/test line 79.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 84.
> Failed mount(2): Permission denied
> nfs_filesystem/test .. 5/56
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 100.
>
> # Failed test at nfs_filesystem/test line 110.
> creat(2) Failed: No such file or directory
>
> # Failed test at nfs_filesystem/test line 117.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 122.
> Failed mount(2): Permission denied
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 149.
> open(2) Failed: No such file or directory
>
> # Failed test at nfs_filesystem/test line 154.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 159.
> Failed mount(2): Permission denied
> nfs_filesystem/test .. 17/56
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 237.
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 242.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 247.
> Failed mount(2): Permission denied
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 261.
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 266.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 271.
> Failed mount(2): Permission denied
>
> # Failed test 'Using mount(2) - got mnt_t instead of etc_t'
> # at nfs_filesystem/test line 286.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 296.
> Failed mount(2): Permission denied
>
> # Failed test 'Using mount(2) - got mnt_t instead of etc_t'
> # at nfs_filesystem/test line 313.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 323.
> Failed mount(2): Permission denied
>
> # Failed test 'Using mount(2) - got mnt_t instead of nfs_t'
> # at nfs_filesystem/test line 338.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using mount(2)'
> # at nfs_filesystem/test line 348.
> nfs_filesystem/test .. 29/56 Failed move_mount(2): Permission denied
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 73.
> getfilecon(3) Failed: No such file or directory
>
> # Failed test at nfs_filesystem/test line 79.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 84.
> Failed move_mount(2): Permission denied
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 100.
> nfs_filesystem/test .. 34/56
> # Failed test at nfs_filesystem/test line 110.
> creat(2) Failed: No such file or directory
>
> # Failed test at nfs_filesystem/test line 117.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 122.
> Failed move_mount(2): Permission denied
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 149.
> open(2) Failed: No such file or directory
>
> # Failed test at nfs_filesystem/test line 154.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 159.
> nfs_filesystem/test .. 41/56 Failed move_mount(2): Permission denied
> nfs_filesystem/test .. 45/56
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 237.
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 242.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 247.
> Failed move_mount(2): Permission denied
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 261.
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 266.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 271.
> Failed move_mount(2): Permission denied
> nfs_filesystem/test .. 51/56
> # Failed test 'Using fsmount(2) - got mnt_t instead of etc_t'
> # at nfs_filesystem/test line 286.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 296.
> Failed move_mount(2): Permission denied
>
> # Failed test 'Using fsmount(2) - got mnt_t instead of etc_t'
> # at nfs_filesystem/test line 313.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 323.
> Failed move_mount(2): Permission denied
> nfs_filesystem/test .. 55/56
> # Failed test 'Using fsmount(2) - got mnt_t instead of nfs_t'
> # at nfs_filesystem/test line 338.
> Failed umount(2): Invalid argument
>
> # Failed test 'Using fsmount(2)'
> # at nfs_filesystem/test line 348.
> # Looks like you failed 44 tests of 56.
> nfs_filesystem/test .. Dubious, test returned 44 (wstat 11264,
> 0x2c00)
> Failed 44/56 subtests
>
> Test Summary Report
> -------------------
> nfs_filesystem/test (Wstat: 11264 Tests: 56 Failed: 44)
> Failed tests: 2-8, 10-12, 17-28, 30-36, 38-40, 45-56
> Non-zero exit status: 44
> Files=1, Tests=56, 8 wallclock secs ( 0.04 usr 0.04 sys + 0.20
> cusr
> 4.63 csys = 4.91 CPU)
> Result: FAIL
> Failed 1/1 test programs. 44/56 subtests failed.
> Error on line: 100 - Closing down NFS
> umount: /mnt/selinux-testsuite: not mounted.
next prev parent reply other threads:[~2020-03-11 16:55 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-10 16:24 [RFC V3 PATCH 0/2] selinux-testsuite: Use native filesystem for tests Richard Haines
2020-03-10 16:24 ` [RFC V3 PATCH 1/2] selinux-testsuite: Use native filesystem for tests - Part 1 Richard Haines
2020-03-10 16:24 ` [RFC V3 PATCH 2/2] selinux-testsuite: Use native filesystem for tests - Part 2 Richard Haines
2020-03-11 14:55 ` [RFC V3 PATCH 0/2] selinux-testsuite: Use native filesystem for tests Stephen Smalley
2020-03-11 17:52 ` Richard Haines
2020-03-11 18:02 ` Stephen Smalley
2020-03-11 21:09 ` Richard Haines
[not found] ` <CAEjxPJ69FMkO=X4fxMvgF1F7rsv9ZsEaJemgFzkuvzRWrgfUNg@mail.gmail.com>
2020-03-11 16:54 ` Richard Haines [this message]
2020-03-11 17:53 ` Stephen Smalley
2020-03-11 18:14 ` Richard Haines
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6b43f33ac519bbeaa42a79125e2e97e9823ec8f9.camel@btinternet.com \
--to=richard_c_haines@btinternet.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@vger.kernel.org \
--cc=smayhew@redhat.com \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).