From: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
To: pvorel@suse.cz, zohar@linux.ibm.com,
stephen.smalley.work@gmail.com, paul@paul-moore.com
Cc: tusharsu@linux.microsoft.com, ltp@lists.linux.it,
linux-integrity@vger.kernel.org
Subject: [PATCH v1 0/1] ima: Add test for selinux measurement
Date: Mon, 28 Sep 2020 12:47:29 -0700 [thread overview]
Message-ID: <20200928194730.20862-1-nramas@linux.microsoft.com> (raw)
New functionality is being added to IMA to measure data provided by
kernel components. With this feature, IMA policy can be set to enable
measuring data provided by Linux Security Modules (LSM). Currently one
such LSM namely selinux is being updated to use this functionality.
This new functionality needs test automation in LTP.
This patch set adds tests which verify that the IMA subsystem correctly
measures the data provided by selinux.
This patch is based on
commit 286401a1c1f3 ("thp04: Add linux tag")
in "master" branch in https://github.com/linux-test-project/ltp
This patch is dependent on the following patch series in LTP
https://patchwork.kernel.org/patch/11802771/
This series needs a kernel built on the following repo/branch/patches:
repo: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
branch: next
commit 8861d0af642c ("selinux: Add helper functions to get and set checkreqprot")
And the following patch series should be applied in the following order:
1, https://patchwork.kernel.org/patch/11709527/
2, https://patchwork.kernel.org/patch/11795559/
3, https://patchwork.kernel.org/patch/11801525/
4, https://patchwork.kernel.org/patch/11801585/
Lakshmi Ramasubramanian (1):
ima: Add test for selinux measurement
runtest/ima | 2 +
.../kernel/security/integrity/ima/README.md | 19 +++
.../integrity/ima/tests/ima_selinux_policy.sh | 72 ++++++++++
.../integrity/ima/tests/ima_selinux_state.sh | 136 ++++++++++++++++++
.../security/integrity/ima/tests/ima_setup.sh | 28 ++++
5 files changed, 257 insertions(+)
create mode 100755 testcases/kernel/security/integrity/ima/tests/ima_selinux_policy.sh
create mode 100755 testcases/kernel/security/integrity/ima/tests/ima_selinux_state.sh
--
2.28.0
next reply other threads:[~2020-09-28 19:47 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-28 19:47 Lakshmi Ramasubramanian [this message]
2020-09-28 19:47 ` [PATCH v1 1/1] ima: Add test for selinux measurement Lakshmi Ramasubramanian
2020-12-18 18:37 ` Petr Vorel
2020-12-22 18:37 ` Lakshmi Ramasubramanian
2020-12-22 19:50 ` Petr Vorel
2020-12-22 21:05 ` Lakshmi Ramasubramanian
2020-09-29 5:23 ` [PATCH v1 0/1] " Petr Vorel
2020-09-30 14:26 ` Lakshmi Ramasubramanian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200928194730.20862-1-nramas@linux.microsoft.com \
--to=nramas@linux.microsoft.com \
--cc=linux-integrity@vger.kernel.org \
--cc=ltp@lists.linux.it \
--cc=paul@paul-moore.com \
--cc=pvorel@suse.cz \
--cc=stephen.smalley.work@gmail.com \
--cc=tusharsu@linux.microsoft.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).