From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4BA2CC00A8F for ; Tue, 24 Oct 2023 03:54:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233717AbjJXDy1 (ORCPT ); Mon, 23 Oct 2023 23:54:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55070 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232553AbjJXDxh (ORCPT ); Mon, 23 Oct 2023 23:53:37 -0400 Received: from mail-qk1-x736.google.com (mail-qk1-x736.google.com [IPv6:2607:f8b0:4864:20::736]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 041011721 for ; Mon, 23 Oct 2023 20:52:38 -0700 (PDT) Received: by mail-qk1-x736.google.com with SMTP id af79cd13be357-77774120c6eso262607685a.2 for ; Mon, 23 Oct 2023 20:52:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1698119558; x=1698724358; darn=vger.kernel.org; h=in-reply-to:references:subject:cc:to:from:message-id:date:from:to :cc:subject:date:message-id:reply-to; bh=XsaNGjlcimJtQjiAwAEMf2P9+0lBW+WKE/hjZAD7dek=; b=ZzJPx0y19ajQdpatRHIV9OeYbUZdaaBZFXCshlqwJCZYO2u3kgFCbgta/xGM2jnj2p 8+kCX5JTZZ1VehON7byPvfJ5U6/lZGLLV2HrO7ImJwWRGysVUGepVz4oGfXDSxWpS01H llWr0/T3mPVztmuSNR7LotGveoiuz5fcXyqySGe9L3uM8KoTajs1X9PyyL0LMbDIr0zz wU8i7Zkr8+w0f9km6wDCmpyvw8I6jpaFQ46JySPHx7VHXazCIRGoGTUGtkcUXyKSOFyy w/aOFa8b5S0U1O6CjzMwBBUajPeEcD5Cat7S04a9vo3XlUfv/5SiVcqa5keww9C74lKY DXOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698119558; x=1698724358; h=in-reply-to:references:subject:cc:to:from:message-id:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=XsaNGjlcimJtQjiAwAEMf2P9+0lBW+WKE/hjZAD7dek=; b=kZwC6jKcASK+0FwXiAwtmkNifIhWerlv9t+Q42er3NqOfhOnzQrIgbwZ5vre0yh4MM f//41kRqsnAOka2JH3bO3TKb5AEGLaafdYem19bTJUkjVXRpivZ7zjfLC0A99/YbDwMl qBy6IBmyfaRMx+olA0euWrJpu/d/J/gg15gvXHAcQUS7QTziKg414VOcRL3gGtrfQ6o7 +4WSM/ma9OFGJIRWUM9tql2OB2rCfA6NUIRuaAqdrM8pfIrcUgpbRTUJMZ3qpWLTTSyg FC0XSsyP9I0kTHMmgwzlkWspe8xc91U3btIhWscS+VrGq/h1gqfHH6qzWc2iHN571Y4X tQdQ== X-Gm-Message-State: AOJu0YyYoRv1NcKhTDxlHA+Q0qQR/fWYWvOReWK9Yqa1FHGX/G9NWR/W XUq0GAnIYR40ktSyt0yZW9e0 X-Google-Smtp-Source: AGHT+IFgtMi4EqN6N9ZtnfOHbANV4Egy0LBPK5cs6vsX4rIphs5HUZhBFo1nSJ25zSqGEggCASqLKw== X-Received: by 2002:a05:620a:430d:b0:778:8dc1:bb7b with SMTP id u13-20020a05620a430d00b007788dc1bb7bmr13244374qko.27.1698119557740; Mon, 23 Oct 2023 20:52:37 -0700 (PDT) Received: from localhost ([70.22.175.108]) by smtp.gmail.com with ESMTPSA id s4-20020ad45004000000b0063f88855ef2sm3286811qvo.101.2023.10.23.20.52.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Oct 2023 20:52:37 -0700 (PDT) Date: Mon, 23 Oct 2023 23:52:36 -0400 Message-ID: <88259677752389b350614857e6003b8c.paul@paul-moore.com> From: Paul Moore To: Fan Wu , corbet@lwn.net, zohar@linux.ibm.com, jmorris@namei.org, serge@hallyn.com, tytso@mit.edu, ebiggers@kernel.org, axboe@kernel.dk, agk@redhat.com, snitzer@kernel.org, eparis@redhat.com Cc: linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-block@vger.kernel.org, dm-devel@redhat.com, audit@vger.kernel.org, roberto.sassu@huawei.com, linux-kernel@vger.kernel.org, Deven Bowers , Fan Wu Subject: Re: [PATCH RFC v11 18/19] ipe: kunit test for parser References: <1696457386-3010-19-git-send-email-wufan@linux.microsoft.com> In-Reply-To: <1696457386-3010-19-git-send-email-wufan@linux.microsoft.com> Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org On Oct 4, 2023 Fan Wu wrote: > > Add various happy/unhappy unit tests for both IPE's parser. I'm going to suggest: "... for IPE's policy parser." Also, aside from the policy parser tests, are there any other IPE functional tests? We do have a testing guideline for new LSM submissions: "New LSMs must be accompanied by a test suite to verify basic functionality and help identify regressions. The test suite must be publicly available without download restrictions requiring accounts, subscriptions, etc. Test coverage does not need to reach a specific percentage, but core functionality and any user interfaces should be well covered by the test suite. Maintaining the test suite in a public git repository is preferable over tarball snapshots. Integrating the test suite with existing automated Linux kernel testing services is encouraged." https://github.com/LinuxSecurityModule/kernel/blob/main/README.md#new-lsm-guidelines > Signed-off-by: Deven Bowers > Signed-off-by: Fan Wu > --- > v1-v6: > + Not present > > v7: > Introduced > > v8: > + Remove the kunit tests with respect to the fsverity digest, as these > require significant changes to work with the new method of acquiring > the digest at runtime. > > v9: > + Remove the kunit tests related to ipe_context > > v10: > + No changes > > v11: > + No changes > --- > security/ipe/Kconfig | 17 +++ > security/ipe/Makefile | 3 + > security/ipe/policy_tests.c | 294 ++++++++++++++++++++++++++++++++++++ > 3 files changed, 314 insertions(+) > create mode 100644 security/ipe/policy_tests.c -- paul-moore.com