SELinux Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 0/1] selinux-testsuite: Add BPF tests
@ 2019-07-31 16:26 Richard Haines
  2019-07-31 19:59 ` Richard Haines
  0 siblings, 1 reply; 2+ messages in thread
From: Richard Haines @ 2019-07-31 16:26 UTC (permalink / raw)
  To: selinux, paul; +Cc: Richard Haines

This runs basic checks for BPF with map_create, map_read, map_write,
prog_load and prog_run permissions.

If this is okay, I'll do tests for checking the following:
tests/fdreceive - security_file_receive path
tests/binder - security_binder_transfer_file path

Richard Haines (1):
  selinux-testsuite: Add BPF tests

 README.md            |   4 +-
 defconfig            |   5 ++
 policy/Makefile      |   4 ++
 policy/test_bpf.te   |  77 +++++++++++++++++++++++++++
 tests/Makefile       |   4 ++
 tests/bpf/.gitignore |   1 +
 tests/bpf/Makefile   |   8 +++
 tests/bpf/bpf_insn.h |  20 +++++++
 tests/bpf/bpf_test.c | 124 +++++++++++++++++++++++++++++++++++++++++++
 tests/bpf/test       |  57 ++++++++++++++++++++
 tools/check-syntax   |   2 +-
 tools/chk_c_exclude  |   1 +
 12 files changed, 305 insertions(+), 2 deletions(-)
 create mode 100644 policy/test_bpf.te
 create mode 100644 tests/bpf/.gitignore
 create mode 100644 tests/bpf/Makefile
 create mode 100644 tests/bpf/bpf_insn.h
 create mode 100644 tests/bpf/bpf_test.c
 create mode 100755 tests/bpf/test
 create mode 100644 tools/chk_c_exclude

-- 
2.21.0


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH 0/1] selinux-testsuite: Add BPF tests
  2019-07-31 16:26 [PATCH 0/1] selinux-testsuite: Add BPF tests Richard Haines
@ 2019-07-31 19:59 ` Richard Haines
  0 siblings, 0 replies; 2+ messages in thread
From: Richard Haines @ 2019-07-31 19:59 UTC (permalink / raw)
  To: selinux, paul

On Wed, 2019-07-31 at 17:26 +0100, Richard Haines wrote:
> This runs basic checks for BPF with map_create, map_read, map_write,
> prog_load and prog_run permissions.
> 
> If this is okay, I'll do tests for checking the following:
> tests/fdreceive - security_file_receive path
> tests/binder - security_binder_transfer_file path

This patch should work ok, however as the fdreceive and binder required
the same BPF map/prog calls, I'm planning to split these out of
bpf_test.c and into a common area so they can all use it.

I'll send a v2 of this patch when I've completed the fdreceive so I can
check they both work with same BPF code.
> 
> Richard Haines (1):
>   selinux-testsuite: Add BPF tests
> 
>  README.md            |   4 +-
>  defconfig            |   5 ++
>  policy/Makefile      |   4 ++
>  policy/test_bpf.te   |  77 +++++++++++++++++++++++++++
>  tests/Makefile       |   4 ++
>  tests/bpf/.gitignore |   1 +
>  tests/bpf/Makefile   |   8 +++
>  tests/bpf/bpf_insn.h |  20 +++++++
>  tests/bpf/bpf_test.c | 124
> +++++++++++++++++++++++++++++++++++++++++++
>  tests/bpf/test       |  57 ++++++++++++++++++++
>  tools/check-syntax   |   2 +-
>  tools/chk_c_exclude  |   1 +
>  12 files changed, 305 insertions(+), 2 deletions(-)
>  create mode 100644 policy/test_bpf.te
>  create mode 100644 tests/bpf/.gitignore
>  create mode 100644 tests/bpf/Makefile
>  create mode 100644 tests/bpf/bpf_insn.h
>  create mode 100644 tests/bpf/bpf_test.c
>  create mode 100755 tests/bpf/test
>  create mode 100644 tools/chk_c_exclude
> 


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-31 16:26 [PATCH 0/1] selinux-testsuite: Add BPF tests Richard Haines
2019-07-31 19:59 ` Richard Haines

SELinux Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/selinux/0 selinux/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 selinux selinux/ https://lore.kernel.org/selinux \
		selinux@vger.kernel.org selinux@archiver.kernel.org
	public-inbox-index selinux


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.selinux


AGPL code for this site: git clone https://public-inbox.org/ public-inbox