From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 45D71C433EF for ; Fri, 24 Jun 2022 20:29:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A86CB8E0273; Fri, 24 Jun 2022 16:29:29 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A35B78E0244; Fri, 24 Jun 2022 16:29:29 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9250B8E0273; Fri, 24 Jun 2022 16:29:29 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 844458E0244 for ; Fri, 24 Jun 2022 16:29:29 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 568F633924 for ; Fri, 24 Jun 2022 20:29:29 +0000 (UTC) X-FDA: 79614269658.09.E263EB0 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by imf11.hostedemail.com (Postfix) with ESMTP id ABEBF40026 for ; Fri, 24 Jun 2022 20:29:28 +0000 (UTC) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 5B7EAB82C0D; Fri, 24 Jun 2022 20:29:26 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6D6E6C34114; Fri, 24 Jun 2022 20:29:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1656102565; bh=O++sAY0uz8ogMjYc9G/jGVGDKWn+wwGZ/0EKb1rWQcc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=USSsVe2Gp4KnH6BmgaGjWm1xE1Ni0ksS9ro+zQM5XChfpdO2sNjxifbkyScj7rts5 E08gHTaTSHibL+a5BbG66vvZxvjI7FJBuFilDB5e7EY41HM+nT+bYlAh0IMuNcqjIg SrKAVw1dkCGo2T8+FELqVNrdVspxBclXyji85wEFHH30vo9N6HTKg1XpZahOKL1dyV Tar27HlDdhC6C32uy5Gjj9mw2EwMV20t5+xDQu/Okjst+85uyKZV0jI5Lqi6vjBuvG Z/jNghpWswgUrgmYA3raIspBBitHiOzTTrO8b3x4YmHjGfDfzbE3W1SaXgDyD/ij9V nszkQvCHCGhTQ== From: SeongJae Park To: Gautam Cc: sj@kernel.org, shuah@kernel.org, damon@lists.linux.dev, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] kselftests/damon: add support for checking secureboot status Date: Fri, 24 Jun 2022 20:29:21 +0000 Message-Id: <20220624202921.80867-1-sj@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220624195239.7293-1-gautammenghani201@gmail.com> References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1656102568; a=rsa-sha256; cv=none; b=u1wm0q/qhEISiCZxtF3MrOkOGthhFuRYD2U+iuTRztZTkzS+lY6ft5jBBtZd/pGUZt2xs8 /UGm+nkTT5UiZ9YbmaBbRN5dIdZW+suoUnyeGjgxc3YpI7RqjJcp/ZzZuifbszUMO40b73 S2tNMfc9DK5IYXbwf8AaPh7ws4uB86g= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=USSsVe2G; spf=pass (imf11.hostedemail.com: domain of sj@kernel.org designates 145.40.68.75 as permitted sender) smtp.mailfrom=sj@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1656102568; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=2msEZ0dVDXcDj5L8hyt44H9zZbx/b7DPwUiOodMKn/A=; b=J+mnVR5szpb7rloHvQbJTEFN0qaJkRFi8GdjvIwNjMxTVbv7u398I9u9QaOeR85Ynfl7z3 kPcbOdveG1R8r+CTskkqHSJwroZd6PvJiDLHKUqx+LSoNFI3LZJUKWLWItQHIKST/xx6bo kboGucl+hK6u8uDaSZRI1OnHBSGR1VI= X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: ABEBF40026 Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=USSsVe2G; spf=pass (imf11.hostedemail.com: domain of sj@kernel.org designates 145.40.68.75 as permitted sender) smtp.mailfrom=sj@kernel.org; dmarc=pass (policy=none) header.from=kernel.org X-Rspam-User: X-Stat-Signature: wdfrdf4rwujzhxdqzuoisocjf8i1b55o X-HE-Tag: 1656102568-348939 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000014, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hi Gautam, On Sat, 25 Jun 2022 01:22:39 +0530 Gautam wrote: > The kernel is in lockdown mode when secureboot is enabled and hence > debugfs cannot be used. But the error printed after running tests does > not indicate this currently: > > >TAP version 13 > >1..6 > ># selftests: damon: debugfs_attrs.sh > ># cat: /sys/kernel/debug/damon/monitor_on: Operation not permitted > ># _debugfs_common.sh: line 48: [: =: unary operator expected > ># cat: /sys/kernel/debug/damon/attrs: Operation not permitted > ># _debugfs_common.sh: line 11: /sys/kernel/debug/damon/attrs: Operation > > not permitted > ># writing 1 2 3 4 5 to /sys/kernel/debug/damon/attrs doesn't return 0 > ># expected because: valid input > ># _debugfs_common.sh: line 16: /sys/kernel/debug/damon/attrs: Operation > > not permitted > >not ok 1 selftests: damon: debugfs_attrs.sh # exit=1 > > > After adding the check for secureboot, the output is as follows: > > >TAP version 13 > >1..6 > ># selftests: damon: debugfs_attrs.sh > ># debugfs cannot work with secureboot enabled > >not ok 1 selftests: damon: debugfs_attrs.sh # exit=1 > > > Signed-off-by: Gautam > --- > tools/testing/selftests/damon/_chk_dependency.sh | 10 ++++++++++ > 1 file changed, 10 insertions(+) > mode change 100644 => 100755 tools/testing/selftests/damon/_chk_dependency.sh > > diff --git a/tools/testing/selftests/damon/_chk_dependency.sh b/tools/testing/selftests/damon/_chk_dependency.sh > old mode 100644 > new mode 100755 > index 0189db81550b..6e45c1fe230e > --- a/tools/testing/selftests/damon/_chk_dependency.sh > +++ b/tools/testing/selftests/damon/_chk_dependency.sh > @@ -26,3 +26,13 @@ do > exit 1 > fi > done > + > +secureboot_error="Operation not permitted" > +for f in attrs target_ids monitor_on > +do > + status=$( cat "$DBGFS/$f" 2>&1 ) > + if [ "${status#*$secureboot_error}" != "$status" ]; then > + echo "debugfs cannot work with secureboot enabled" I think the check makes sense, but I think there could be more reasons for the read error other than secure boot. How about making the error mesage more clear for the error case and our guess? E.g., "permission for reading $DBGFS/$f denied; maybe secureboot enabled?" > + exit 1 This is not a test failure but we are just skipping the test as running the test here makes no sense. Hence I think '$ksft_skip' could be a better return code. Thanks, SJ > + fi > +done > -- > 2.36.1