[LTP] [PATCH 1/5] ima_setup.sh: Some cleanup

[LTP] [PATCH 1/5] ima_setup.sh: Some cleanup

[Zeng Linggang]

* Use 'test.sh'.

* Use 'test_brkm' instead of 'tst_resm TBROK'.

* Use 'tst_tmpdir' and 'tst_rmdir'.

* Delete some unuseful comments.

* Some cleanup.

Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com>
---
 .../security/integrity/ima/tests/ima_setup.sh      | 85 +++-------------------
 1 file changed, 12 insertions(+), 73 deletions(-)

diff --git a/testcases/kernel/security/integrity/ima/tests/ima_setup.sh b/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
index 4013e1f..0ff38d2 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
@@ -14,8 +14,8 @@
 ## for more details.                                                          ##
 ##                                                                            ##
 ## You should have received a copy of the GNU General Public License          ##
-## along with this program;  if not, write to the Free Software               ##
-## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA    ##
+## along with this program;  if not, write to the Free Software Foundation,   ##
+## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA           ##
 ##                                                                            ##
 ################################################################################
 #
@@ -24,13 +24,10 @@
 # Description:  setup/cleanup routines for the integrity tests.
 #
 # Author:       Mimi Zohar, zohar@ibm.vnet.ibm.com
-#
-# Return        - zero on success
-#               - non zero on failure. return value from commands ($RC)
 ################################################################################
+. test.sh
 mount_sysfs()
 {
-
 	SYSFS=$(mount 2>/dev/null | awk '$5 == "sysfs" { print $3 }')
 	if [ "x$SYSFS" = x ] ; then
 
@@ -38,22 +35,17 @@ mount_sysfs()
 
 		test -d $SYSFS || mkdir -p $SYSFS 2>/dev/null
 		if [ $? -ne 0 ] ; then
-			tst_resm TBROK "Failed to mkdir $SYSFS"
-			return 1
+			tst_brkm TBROK "Failed to mkdir $SYSFS"
 		fi
 		if ! mount -t sysfs sysfs $SYSFS 2>/dev/null ; then
-			tst_resm TBROK "Failed to mount $SYSFS"
-			return 1
+			tst_brkm TBROK "Failed to mount $SYSFS"
 		fi
 
 	fi
-
-	return 0
 }
 
 mount_securityfs()
 {
-
 	SECURITYFS=$(mount 2>/dev/null | awk '$5 == "securityfs" { print $3 }')
 	if [ "x$SECURITYFS" = x ] ; then
 
@@ -61,87 +53,34 @@ mount_securityfs()
 
 		test -d $SECURITYFS || mkdir -p $SECURITYFS 2>/dev/null
 		if [ $? -ne 0 ] ; then
-			tst_resm TBROK "Failed to mkdir $SECURITYFS"
-			return 1
+			tst_brkm TBROK "Failed to mkdir $SECURITYFS"
 		fi
 		if ! mount -t securityfs securityfs $SECURITYFS 2>/dev/null ; then
-			tst_resm TBROK "Failed to mount $SECURITYFS"
-			return 1
+			tst_brkm TBROK "Failed to mount $SECURITYFS"
 		fi
 
 	fi
-
-	return 0
-
 }
 
 setup()
 {
-	export TST_TOTAL=1
-	export TCID="setup"
-        export TST_COUNT=0
-
-	LTPBIN=
-	LTPIMA=
-
-	trap "cleanup" 0
-	if [ -z "$TMPDIR" ]; then
-		LTPTMP=/tmp
-	else
-		LTPTMP=${TMPDIR}
-	fi
-	if [ -z "$LTPBIN" ]; then
-		LTPBIN=../../../../../bin
-		PATH=$PATH:$LTPBIN
-	fi
-
 	tst_require_root
 
-	# create the temporary directory used by this testcase
-	LTPIMA=$LTPTMP/ima
-	umask 077
-	mkdir $LTPIMA > /dev/null 2>&1 || RC=$?
-	if [ $RC -ne 0 ]; then
-		tst_resm TBROK "Unable to create temporary directory"
-		return $RC
-	fi
+	tst_tmpdir
 
-	# mount sysfs if it is not already mounted
-	mount_sysfs || RC=$?
-	if [ $RC -ne 0 ]; then
-		tst_resm TBROK "Cannot mount sysfs"
-		return $RC
-	fi
+	mount_sysfs
 
 	# mount securityfs if it is not already mounted
-	mount_securityfs || RC=$?
-	if [ $RC -ne 0 ]; then
-		tst_resm TBROK "Cannot mount securityfs"
-		return $RC
-	fi
-
-	mount
+	mount_securityfs
 
 	# IMA must be configured in the kernel
 	IMA_DIR=$SECURITYFS/ima
 	if [ ! -d "$IMA_DIR" ]; then
-		tst_resm TCONF "IMA not enabled in kernel"
-		RC=1
+		tst_brkm TCONF "IMA not enabled in kernel"
 	fi
-	return $RC
 }
 
-# Function:     cleanup
-#
-# Description   - remove temporary files and directories.
-#
-# Return        - zero on success
-#               - non zero on failure. return value from commands ($RC)
 cleanup()
 {
-	tst_resm TINFO "CLEAN: removing $LTPIMA"
-	rm -rf "$LTPIMA" || RC=$?
-	return $RC
+	tst_rmdir
 }
-
-. cmdlib.sh
-- 
1.8.3.1




------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

[LTP] [PATCH 2/5] ima_measurements.sh: Some cleanup

[Zeng Linggang]

* Use 'tst_check_cmds' instead of 'exists'.

* Use 'test_resm' instead of 'tst_res'.

* Use '$()' instead of '``'.

* Delete 'cat' and '<(file input)' while use 'sha1sum'.

* Delete some unuseful comments.

* Some cleanup.

Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com>
---
 .../integrity/ima/tests/ima_measurements.sh        | 142 +++++++--------------
 1 file changed, 49 insertions(+), 93 deletions(-)

diff --git a/testcases/kernel/security/integrity/ima/tests/ima_measurements.sh b/testcases/kernel/security/integrity/ima/tests/ima_measurements.sh
index e6b2b4f..6dde432 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_measurements.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_measurements.sh
@@ -15,8 +15,8 @@
 ## for more details.                                                          ##
 ##                                                                            ##
 ## You should have received a copy of the GNU General Public License          ##
-## along with this program;  if not, write to the Free Software               ##
-## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA    ##
+## along with this program;  if not, write to the Free Software Foundation,   ##
+## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA           ##
 ##                                                                            ##
 ################################################################################
 #
@@ -26,25 +26,19 @@
 # 		list based on policy.
 #
 # Author:       Mimi Zohar, zohar@ibm.vnet.ibm.com
-#
-# Return        - zero on success
-#               - non zero on failure. return value from commands ($RC)
 ################################################################################
+export TST_TOTAL=3
+export TCID="ima_measurements"
+export TST_COUNT=0
+
 init()
 {
-	export TST_TOTAL=3
-	export TCID="init"
-        export TST_COUNT=0
-	RC=0
-
-	exists sha1sum
+	tst_check_cmds sha1sum
 
 	# verify using default policy
 	if [ ! -f "$IMA_DIR/policy" ]; then
-		tst_res TINFO $LTPTMP/imalog.$$ \
-		 "$TCID: not using default policy"
+		tst_resm TINFO "not using default policy"
 	fi
-	return $RC
 }
 
 # Function:     test01
@@ -52,40 +46,29 @@ init()
 #		  be added to the IMA measurement list.
 test01()
 {
-	TCID="test01"
-	TST_COUNT=1
-	RC=0
-
 	# Create file test.txt
-	cat > $LTPIMA/test.txt <<-EOF || RC=$?
-	`date` - this is a test file
+	cat > test.txt <<-EOF
+	$(date) - this is a test file
 	EOF
-	if [ $RC -ne 0 ]; then
-		tst_res TBROK $LTPTMP/imalog.$$ "" \
-		 "$TCID: Unable to create test file"
-		return $RC
+	if [ $? -ne 0 ]; then
+		tst_brkm TBROK "Unable to create test file"
 	fi
 
-	# Calculating the sha1sum of $LTPTMP/test.txt should add
+	# Calculating the sha1sum of test.txt should add
 	# the measurement to the measurement list.
 	# (Assumes SHA1 IMA measurements.)
-	hash=$(sha1sum < "$LTPIMA/test.txt" | sed 's/  -//')
+	hash=$(sha1sum "test.txt" | sed 's/  -//')
 
 	# Check if the file is measured
 	# (i.e. contained in the ascii measurement list.)
-	cat /sys/kernel/security/ima/ascii_runtime_measurements > \
-		 $LTPIMA/measurements
+	cat /sys/kernel/security/ima/ascii_runtime_measurements > measurements
 	sleep 1
-	`grep $hash $LTPIMA/measurements > /dev/null` || RC=$?
-	if [ $RC -ne 0 ]; then
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: TPM ascii measurement list does not contain sha1sum"
-		return $RC
+	$(grep $hash measurements > /dev/null)
+	if [ $? -ne 0 ]; then
+		tst_resm TFAIL "TPM ascii measurement list does not contain sha1sum"
 	else
-		tst_res TPASS $LTPTMP/imalog.$$ \
-		 "$TCID: TPM ascii measurement list contains sha1sum"
+		tst_resm TPASS "TPM ascii measurement list contains sha1sum"
 	fi
-	return $RC
 }
 
 # Function:     test02
@@ -93,33 +76,23 @@ test01()
 # 		  measurement to be added to the IMA measurement list.
 test02()
 {
-	TCID="test02"
-	TST_COUNT=2
-	RC=0
-
 	# Modify test.txt
-	echo `$date` - file modified >> $LTPIMA/test.txt || RC=$?
+	echo $($date) - file modified >> test.txt
 
-	# Calculating the sha1sum of $LTPTMP/test.txt should add
+	# Calculating the sha1sum of test.txt should add
 	# the new measurement to the measurement list
-	hash=`cat $LTPIMA/test.txt | sha1sum | sed 's/  -//'`
+	hash=$(sha1sum test.txt | sed 's/  -//')
 
 	# Check if the new measurement exists
-	cat /sys/kernel/security/ima/ascii_runtime_measurements > \
-		$LTPIMA/measurements
-	`grep $hash $LTPIMA/measurements > /dev/null` || RC=$?
-
-	if [ $RC -ne 0 ]; then
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: Modified file not measured"
-		tst_res TINFO $LTPTMP/imalog.$$ \
-		 "$TCID: iversion not supported; or not mounted with iversion"
-		return $RC
+	cat /sys/kernel/security/ima/ascii_runtime_measurements > measurements
+	$(grep $hash measurements > /dev/null)
+
+	if [ $? -ne 0 ]; then
+		tst_resm TFAIL "Modified file not measured"
+		tst_resm TINFO "iversion not supported; or not mounted with iversion"
 	else
-		tst_res TPASS $LTPTMP/imalog.$$ \
-		 "$TCID: Modified file measured"
+		tst_resm TPASS "Modified file measured"
 	fi
-	return $RC
 }
 
 # Function:     test03
@@ -127,57 +100,40 @@ test02()
 #		(Default policy does not measure user files.)
 test03()
 {
-	TCID="test03"
-	TST_COUNT=3
-	RC=0
-
 	# create file user-test.txt
-	mkdir -m 0700 $LTPIMA/user
-	chown nobody.nobody $LTPIMA/user
-	cd $LTPIMA/user
+	mkdir -m 0700 user
+	chown nobody.nobody user
+	cd user
 	hash=0
 
 	# As user nobody, create and cat the new file
 	# (The LTP tests assumes existence of 'nobody'.)
-	sudo -n -u nobody sh -c "echo `date` - create test.txt > ./test.txt;
+	sudo -n -u nobody sh -c "echo $(date) - create test.txt > ./test.txt;
 				 cat ./test.txt > /dev/null"
 
 	# Calculating the hash will add the measurement to the measurement
 	# list, so only calc the hash value after getting the measurement
 	# list.
-	cat /sys/kernel/security/ima/ascii_runtime_measurements > \
-		 $LTPIMA/measurements
-	hash=`cat ./test.txt | sha1sum | sed 's/  -//'`
+	cat /sys/kernel/security/ima/ascii_runtime_measurements > measurements
+	hash=$(sha1sum test.txt | sed 's/  -//')
 	cd - >/dev/null
 
 	# Check if the file is measured
-	grep $hash $LTPIMA/measurements > /dev/null || RC=$?
-	if [ $RC -ne 0 ]; then
-		RC=0
-		tst_res TPASS $LTPTMP/imalog.$$ \
-		 "$TCID: user file test.txt not measured"
+	grep $hash measurements > /dev/null
+	if [ $? -ne 0 ]; then
+		tst_resm TPASS "user file test.txt not measured"
 	else
-		RC=1
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: user file test.txt measured"
+		tst_resm TFAIL "user file test.txt measured"
 	fi
-	return $RC
 }
 
-# Function:     main
-#
-# Description:  - Execute all tests, exit with test status.
-#
-# Exit:         - zero on success
-#               - non-zero on failure.
-#
-RC=0
-EXIT_VAL=0
-
-. $(dirname "$0")/ima_setup.sh
-setup || exit $?
-init || exit $?
-test01 || EXIT_VAL=$RC
-test02 || EXIT_VAL=$RC
-test03 || EXIT_VAL=$RC
-exit $EXIT_VAL
+. ima_setup.sh
+TST_CLEANUP=cleanup
+
+setup
+init
+test01
+test02
+test03
+
+tst_exit
-- 
1.8.3.1




------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

[LTP] [PATCH 3/5] ima_policy.sh: Some cleanup

[Zeng Linggang]

* Install 'policy' into '$LTPROOT/testcases/data'.

* Use 'test_resm' instead of 'tst_res'.

* Delete some unuseful comments.

* Some cleanup.

Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com>
---
 .../kernel/security/integrity/ima/policy/Makefile  |   2 +-
 .../security/integrity/ima/tests/ima_policy.sh     | 105 ++++++---------------
 2 files changed, 31 insertions(+), 76 deletions(-)

diff --git a/testcases/kernel/security/integrity/ima/policy/Makefile b/testcases/kernel/security/integrity/ima/policy/Makefile
index c16302d..1d34ec2 100644
--- a/testcases/kernel/security/integrity/ima/policy/Makefile
+++ b/testcases/kernel/security/integrity/ima/policy/Makefile
@@ -24,7 +24,7 @@ top_srcdir		?= ../../../../../..
 
 include	$(top_srcdir)/include/mk/env_pre.mk
 
-INSTALL_DIR		:= testcases/bin/policy
+INSTALL_DIR		:= testcases/data/ima_policy
 
 INSTALL_TARGETS		:= measure*
 
diff --git a/testcases/kernel/security/integrity/ima/tests/ima_policy.sh b/testcases/kernel/security/integrity/ima/tests/ima_policy.sh
index d40322a..69f9f3e 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_policy.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_policy.sh
@@ -25,39 +25,28 @@
 #		policy.
 #
 # Author:       Mimi Zohar, zohar@ibm.vnet.ibm.com
-#
-# Return        - zero on success
-#               - non zero on failure. return value from commands ($RC)
 ################################################################################
+export TST_TOTAL=3
+export TCID="ima_policy"
+export TST_COUNT=0
+
 init()
 {
-	export TST_TOTAL=3
-	export TCID="init"
-	export TST_COUNT=0
-	RC=0
-
 	# verify using default policy
 	IMA_POLICY=$IMA_DIR/policy
 	if [ ! -f $IMA_POLICY ]; then
-		tst_res TINFO $LTPTMP/imalog.$$ \
-		 "$TCID: default policy already replaced"
-		  RC=1
+		tst_resm TINFO "default policy already replaced"
 	fi
 
-	VALID_POLICY=`dirname $0`\/..\/policy/measure.policy
+	VALID_POLICY=$LTPROOT/testcases/data/ima_policy/measure.policy
 	if [ ! -f $VALID_POLICY ]; then
-		tst_res TINFO $LTPTMP/imalog.$$ \
-		 "$TCID: missing $VALID_POLICY"
-		  RC=1
+		tst_resm TINFO "missing $VALID_POLICY"
 	fi
 
-	INVALID_POLICY=`dirname $0`\/..\/policy/measure.policy-invalid
+	INVALID_POLICY=$LTPROOT/testcases/data/ima_policy/measure.policy-invalid
 	if [ ! -f $INVALID_POLICY ]; then
-		tst_res TINFO $LTPTMP/imalog.$$ \
-		 "$TCID: missing $INVALID_POLICY"
-		  RC=1
+		tst_resm TINFO "missing $INVALID_POLICY"
 	fi
-	return $RC
 }
 
 load_policy()
@@ -74,8 +63,7 @@ load_policy()
 			echo $line >&4 2> /dev/null
 			if [ $? -ne 0 ]; then
 				exec 4>&-
-				RC=1
-				return $RC
+				return 1
 			fi
 		fi
 	}
@@ -87,22 +75,13 @@ load_policy()
 # Description   - Verify invalid policy doesn't replace default policy.
 test01()
 {
-	TCID="test01"
-	TST_COUNT=1
-	RC=0
-
 	load_policy $INVALID_POLICY & p1=$!
-	wait "$p1"; RC=$?
-	if [ $RC -ne 0 ]; then
-		RC=0
-		tst_res TPASS $LTPTMP/imalog.$$ \
-		 "$TCID: didn't load invalid policy"
+	wait "$p1"
+	if [ $? -ne 0 ]; then
+		tst_resm TPASS "didn't load invalid policy"
 	else
-		RC=1
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: loaded invalid policy"
+		tst_resm TFAIL "loaded invalid policy"
 	fi
-	return $RC
 }
 
 # Function:     test02
@@ -110,63 +89,39 @@ test01()
 #		  and install new policy
 test02()
 {
-	TCID="test02"
-	TST_COUNT=2
-	RC=0
-
 	load_policy $VALID_POLICY & p1=$!  # forked process 1
 	load_policy $VALID_POLICY & p2=$!  # forked process 2
 	wait "$p1"; RC1=$?
 	wait "$p2"; RC2=$?
 	if [ $RC1 -eq 0 ] && [ $RC2 -eq 0 ]; then
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: measurement policy opened concurrently"
+		tst_resm TFAIL "measurement policy opened concurrently"
 	elif [ $RC1 -eq 0 ] || [ $RC2 -eq 0 ]; then
-		RC=0
-		tst_res TPASS $LTPTMP/imalog.$$ \
-		 "$TCID: replaced default measurement policy"
+		tst_resm TPASS "replaced default measurement policy"
 	else
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: problems opening measurement policy"
+		tst_resm TFAIL "problems opening measurement policy"
 	fi
-	return 0
 }
 
 # Function:     test03
 # Description 	- Verify can't load another measurement policy.
 test03()
 {
-	TCID="test03"
-	TST_COUNT=3
-	RC=0
-
 	load_policy $INVALID_POLICY & p1=$!
-	wait "$p1"; RC=$?
-	if [ $RC -ne 0 ]; then
-		RC=0
-		tst_res TPASS $LTPTMP/imalog.$$ \
-		 "$TCID: didn't replace valid policy"
+	wait "$p1"
+	if [ $? -ne 0 ]; then
+		tst_resm TPASS "didn't replace valid policy"
 	else
-		RC=1
-		tst_res TFAIL $LTPTMP/imalog.$$ "$TCID: replaced valid policy"
+		tst_resm TFAIL "replaced valid policy"
 	fi
-	return $RC
 }
 
-# Function:     main
-#
-# Description:  - Execute all tests, exit with test status.
-#
-# Exit:         - zero on success
-#               - non-zero on failure.
-#
-RC=0    # Return value from setup, init, and test functions.
-EXIT_VAL=0
+. ima_setup.sh
+TST_CLEANUP=cleanup
+
+setup
+init
+test01
+test02
+test03
 
-. $(dirname "$0")/ima_setup.sh
-setup || exit $?
-init || exit $?
-test01 || EXIT_VAL=$RC
-test02 || EXIT_VAL=$RC
-test03 || EXIT_VAL=$RC
-exit $EXIT_VAL
+tst_exit
-- 
1.8.3.1




------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

[LTP] [PATCH 4/5] ima_tpm.sh: Some cleanup

[Zeng Linggang]

* Use 'tst_check_cmds' instead of 'exists'.

* Use 'test_resm' instead of 'tst_res'.

* Use '$()' instead of '``'.

* Delete some unuseful comments.

* Some cleanup.

Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com>
---
 .../kernel/security/integrity/ima/tests/ima_tpm.sh | 114 +++++++--------------
 1 file changed, 39 insertions(+), 75 deletions(-)

diff --git a/testcases/kernel/security/integrity/ima/tests/ima_tpm.sh b/testcases/kernel/security/integrity/ima/tests/ima_tpm.sh
index 3e125cb..77e7f2f 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_tpm.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_tpm.sh
@@ -29,60 +29,45 @@
 # Return        - zero on success
 #               - non zero on failure. return value from commands ($RC)
 ################################################################################
+export TST_TOTAL=3
+export TCID="ima_tpm"
+export TST_COUNT=0
+
 init()
 {
-	export TST_TOTAL=3
-	export TCID="init"
-	export TST_COUNT=0
-	RC=0
-
-	# verify ima_boot_aggregate is available
-	exists ima_boot_aggregate ima_measure
-
+	tst_check_cmds ima_boot_aggregate ima_measure
 }
 
 # Function:     test01
 # Description   - Verify boot aggregate value is correct
 test01()
 {
-	TCID="test01"
-	TST_COUNT=1
-	RC=0
 	zero="0000000000000000000000000000000000000000"
 
 	# IMA boot aggregate
 	ima_measurements=$SECURITYFS/ima/ascii_runtime_measurements
 	read line < $ima_measurements
-	ima_aggr=`expr substr "${line}" 49 40`
+	ima_aggr=$(expr substr "${line}" 49 40)
 
 	# verify TPM is available and enabled.
 	tpm_bios=$SECURITYFS/tpm0/binary_bios_measurements
 	if [ ! -f "$tpm_bios" ]; then
-		tst_res TINFO $LTPTMP/imalog.$$ \
-		 "$TCID: no TPM, TPM not builtin kernel, or TPM not enabled"
+		tst_brkm TCONF "TPM not builtin kernel, or TPM not enabled"
 
-		[ "${ima_aggr}" = "${zero}" ] || RC=$?
-		if [ $RC -eq 0 ]; then
-			tst_res TPASS $LTPTMP/imalog.$$ \
-			 "$TCID: bios boot aggregate is 0."
+		if [ "${ima_aggr}" = "${zero}" ]; then
+			tst_resm TPASS "bios boot aggregate is 0."
 		else
-			tst_res TFAIL $LTPTMP/imalog.$$ \
-			 "$TCID: bios boot aggregate is not 0."
+			tst_resm TFAIL "bios boot aggregate is not 0."
 		fi
 	else
-		boot_aggregate=`ima_boot_aggregate $tpm_bios`
-		boot_aggr=`expr substr $boot_aggregate 16 40`
-		[ "x${ima_aggr}" = "x${boot_aggr}" ] || RC=$?
-		if [ $RC -eq 0 ]; then
-			tst_res TPASS $LTPTMP/imalog.$$ \
-			 "$TCID: bios aggregate matches IMA boot aggregate."
+		boot_aggregate=$(ima_boot_aggregate $tpm_bios)
+		boot_aggr=$(expr substr $boot_aggregate 16 40)
+		if [ "x${ima_aggr}" = "x${boot_aggr}" ]; then
+			tst_resm TPASS "bios aggregate matches IMA boot aggregate."
 		else
-			tst_res TFAIL $LTPTMP/imalog.$$ \
-			 "$TCID: bios aggregate does not match IMA boot " \
-				"aggregate."
+			tst_resm TFAIL "bios aggregate does not match IMA boot aggregate."
 		fi
 	fi
-	return $RC
 }
 
 # Probably cleaner to programmatically read the PCR values directly
@@ -96,11 +81,12 @@ validate_pcr()
 	RC=0
 
 	while read line ; do
-		pcr=`expr substr "${line}" 1 6`
+		pcr=$(expr substr "${line}" 1 6)
 		if [ "${pcr}" = "PCR-10" ]; then
-			aggr=`expr substr "${aggregate_pcr}" 26 59`
-			pcr=`expr substr "${line}" 9 59`
+			aggr=$(expr substr "${aggregate_pcr}" 26 59)
+			pcr=$(expr substr "${line}" 9 59)
 			[ "${pcr}" = "${aggr}" ] || RC=$?
+			[ "${pcr}" = "${aggr}" ]
 		fi
 	done < $dev_pcrs
 	return $RC
@@ -111,64 +97,42 @@ validate_pcr()
 #		  actual PCR value.
 test02()
 {
-	TCID="test02"
-	TST_COUNT=2
-	RC=0
 
 	# Would be nice to know where the PCRs are located.  Is this safe?
-	PCRS_PATH=`find /$SYSFS/devices/ | grep pcrs` || RC=$?
-	if [ $RC -eq 0 ]; then
-		validate_pcr $PCRS_PATH || RC=$?
-		if [ $RC -eq 0 ]; then
-			tst_res TPASS $LTPTMP/imalog.$$ \
-			 "$TCID: aggregate PCR value matches real PCR value."
+	PCRS_PATH=$(find /$SYSFS/devices/ | grep pcrs)
+	if [ $? -eq 0 ]; then
+		validate_pcr $PCRS_PATH
+		if [ $? -eq 0 ]; then
+			tst_resm TPASS "aggregate PCR value matches real PCR value."
 		else
-			tst_res TFAIL $LTPTMP/imalog.$$ \
-			 "$TCID: aggregate PCR value does not match" \
-			 " real PCR value."
+			tst_resm TFAIL "aggregate PCR value does not match real PCR value."
 		fi
 	else
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: TPM not enabled, no PCR value to validate"
+		tst_resm TFAIL "TPM not enabled, no PCR value to validate"
 	fi
-	return $RC
 }
 
 # Function:     test03
 # Description 	- Verify template hash value for IMA entry is correct.
 test03()
 {
-	TCID="test03"
-	TST_COUNT=3
-	RC=0
 
 	ima_measurements=$SECURITYFS/ima/binary_runtime_measurements
-	aggregate_pcr=`ima_measure $ima_measurements --verify --validate` > /dev/null
-	RC=$?
-	if [ $RC -eq 0 ]; then
-		tst_res TPASS $LTPTMP/imalog.$$ \
-		 "$TCID: verified IMA template hash values."
+	aggregate_pcr=$(ima_measure $ima_measurements --verify --validate) > /dev/null
+	if [ $? -eq 0 ]; then
+		tst_resm TPASS "verified IMA template hash values."
 	else
-		tst_res TFAIL $LTPTMP/imalog.$$ \
-		 "$TCID: error verifing IMA template hash values."
+		tst_resm TFAIL "error verifing IMA template hash values."
 	fi
-	return $RC
 }
 
-# Function:     main
-#
-# Description:  - Execute all tests, exit with test status.
-#
-# Exit:         - zero on success
-#               - non-zero on failure.
-#
-RC=0    # Return value from setup, and test functions.
-EXIT_VAL=0
+. ima_setup.sh
+TST_CLEANUP=cleanup
+
+setup
+init
+test01
+test02
+test03
 
-. $(dirname "$0")/ima_setup.sh
-setup || exit $?
-init || exit $?
-test01 || EXIT_VAL=$RC
-test02 || EXIT_VAL=$RC
-test03 || EXIT_VAL=$RC
-exit $EXIT_VAL
+tst_exit
-- 
1.8.3.1




------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

[LTP] [PATCH 5/5] ima_violations.sh: Some cleanup

[Zeng Linggang]

* Use 'test_resm' instead of 'tst_res'.

* Use '$()' instead of '``'.

* Delete some unuseful comments.

* Some cleanup.

Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com>
---
 .../security/integrity/ima/tests/ima_violations.sh | 133 +++++++--------------
 1 file changed, 45 insertions(+), 88 deletions(-)

diff --git a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
index 4c9fc3c..aa5c7d5 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
@@ -30,6 +30,10 @@
 #               - non zero on failure. return value from commands ($RC)
 ################################################################################
 
+export TST_TOTAL=3
+export TCID="ima_violations"
+export TST_COUNT=0
+
 open_file_read()
 {
 	exec 3< $1
@@ -59,147 +63,100 @@ close_file_write()
 
 init()
 {
-	export TST_TOTAL=3
-	export TCID="init"
-	export TST_COUNT=0
-	RC=0
-
-	if [ -f /etc/init.d/auditd ]; then
-		service auditd status > /dev/null 2>&1 || RC=$?
-	else
-		RC=$?
-	fi
-
-	if [ $RC -ne 0 ]; then
+	service auditd status > /dev/null 2>&1
+	if [ $? -ne 0 ]; then
 		log=/var/log/messages
 	else
 		log=/var/log/audit/audit.log
-		tst_res TINFO $LTPTMP/imalog.$$ \
-		 "$TCID: requires integrity auditd patch"
+		tst_resm TINFO "requires integrity auditd patch"
 	fi
+
+	ima_violations=$SECURITYFS/ima/violations
 }
 
 # Function:     test01
-# Description   - Verify ToMToU violation
+# Description	- Verify open writers violation
 test01()
 {
-	TCID="test01"
-	TST_COUNT=1
-	RC=0
-
-	ima_violations=$SECURITYFS/ima/violations
 	read num_violations < $ima_violations
 
-	TMPFN=$LTPIMA/test.txt-$$
+	TMPFN=test.txt
 	open_file_write $TMPFN
 	open_file_read $TMPFN
 	close_file_read
 	close_file_write
 	read num_violations_new < $ima_violations
-	num=$((`expr $num_violations_new - $num_violations`))
+	num=$(($(expr $num_violations_new - $num_violations)))
 	if [ $num -gt 0 ]; then
-		tail $log | grep test.txt-$$ | \
-			grep 1>/dev/null 'open_writers' || RC=$?
-		if [ $RC -eq 0 ]; then
-			tst_res TPASS $LTPTMP/imalog.$$ \
-			 "$TCID: open_writers violation added(test.txt-$$)"
-			return $RC
+		tail $log | grep test.txt | grep -q 'open_writers'
+		if [ $? -eq 0 ]; then
+			tst_resm TPASS "open_writers violation added(test.txt)"
 		else
-			tst_res TINFO $LTPTMP/imalog.$$ \
-			 "$TCID: (message ratelimiting?)"
+			tst_resm TFAIL "(message ratelimiting?)"
 		fi
+	else
+		tst_resm TFAIL "open_writers violation not added(test.txt)"
 	fi
-	tst_res TFAIL $LTPTMP/imalog.$$ \
-	 "$TCID: open_writers violation not added(test.txt-$$)"
-	return $RC
 }
 
 # Function:     test02
-# Description	- Verify open writers violation
+# Description   - Verify ToMToU violation
 test02()
 {
-	TCID="test02"
-	TST_COUNT=2
-	RC=0
-
-	ima_violations=$SECURITYFS/ima/violations
 	read num_violations < $ima_violations
 
-	TMPFN=$LTPIMA/test.txt-$$
+	TMPFN=test.txt
 	open_file_read $TMPFN
 	open_file_write $TMPFN
 	close_file_write
 	close_file_read
 	read num_violations_new < $ima_violations
-	num=$((`expr $num_violations_new - $num_violations`))
+	num=$(($(expr $num_violations_new - $num_violations)))
 	if [ $num -gt 0 ]; then
-		tail $log | grep test.txt-$$ | \
-			grep 'ToMToU' 1>/dev/null || RC=$?
-		if [ $RC -eq 0 ]; then
-			tst_res TPASS $LTPTMP/imalog.$$ \
-			 "$TCID: ToMToU violation added(test.txt-$$)"
-			return $RC
+		tail $log | grep test.txt | grep -q 'ToMToU'
+		if [ $? -eq 0 ]; then
+			tst_resm TPASS "ToMToU violation added(test.txt)"
 		else
-			tst_res TINFO $LTPTMP/imalog.$$ \
-			 "$TCID: (message ratelimiting?)"
+			tst_resm TFAIL "(message ratelimiting?)"
 		fi
+	else
+		tst_resm TFAIL "ToMToU violation not added(test.txt)"
 	fi
-	tst_res TFAIL $LTPTMP/imalog.$$ \
-	 "$TCID: ToMToU violation not added(test.txt-$$)"
-	return $RC
 }
 
 # Function:     test03
 # Description 	- verify open_writers using mmapped files
 test03()
 {
-	TCID="test03"
-	TST_COUNT=3
-	RC=0
-
-	ima_violations=$SECURITYFS/ima/violations
 	read num_violations < $ima_violations
 
-	TMPFN=$LTPIMA/test.txtb-$$
-	mkdir -p $LTPIMA
+	TMPFN=test.txtb
 	echo 'testing testing ' > $TMPFN
 	ima_mmap $TMPFN & p1=$!
 	sleep 1		# got to wait for ima_mmap to mmap the file
 	open_file_read $TMPFN
 	read num_violations_new < $ima_violations
-	num=$((`expr $num_violations_new - $num_violations`))
+	num=$(($(expr $num_violations_new - $num_violations)))
 	if [ $num -gt 0 ]; then
-		tail $log | grep test.txtb-$$ | \
-			grep 1>/dev/null 'open_writers' || RC=$?
-		if [ $RC -eq 0 ]; then
-			tst_res TPASS $LTPTMP/imalog.$$ \
-			 "$TCID: mmapped open_writers violation added(test.txtb-$$)"
-			return $RC
+		tail $log | grep test.txtb | grep -q 'open_writers'
+		if [ $? -eq 0 ]; then
+			tst_resm TPASS "mmapped open_writers violation added(test.txtb)"
 		else
-			tst_res TINFO $LTPTMP/imalog.$$ \
-			 "$TCID: (message ratelimiting?)"
+			tst_resm TFAIL "(message ratelimiting?)"
 		fi
+	else
+		tst_resm TFAIL "mmapped open_writers violation not added(test.txtb)"
 	fi
-	tst_res TFAIL $LTPTMP/imalog.$$ \
-	 "$TCID: mmapped open_writers violation not added(test.txtb-$$)"
 	close_file_read
-	return $RC
 }
 
-# Function:     main
-#
-# Description:  - Execute all tests, exit with test status.
-#
-# Exit:         - zero on success
-#               - non-zero on failure.
-#
-RC=0    # Return value from setup, init, and test functions.
-EXIT_VAL=0
-
-. $(dirname "$0")/ima_setup.sh
-setup || exit $?
-init || exit $?
-test01 || EXIT_VAL=$RC
-test02 || EXIT_VAL=$RC
-test03 || EXIT_VAL=$RC
-exit $EXIT_VAL
+. ima_setup.sh
+TST_CLEANUP=cleanup
+
+setup
+init
+test01
+test02
+test03
+
+tst_exit
-- 
1.8.3.1




------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Re: [LTP] [PATCH 1/5] ima_setup.sh: Some cleanup

[Poornima Nayak]

[-- Attachment #1.1: Type: text/plain, Size: 5647 bytes --]

Zeng Linggang <zenglg.jy@cn.fujitsu.com> wrote on 11/17/2014 06:08:12 PM:

> Zeng Linggang <zenglg.jy@cn.fujitsu.com> 
> 11/17/2014 06:08 PM
> 
> To
> 
> ltp-list <ltp-list@lists.sourceforge.net>
> 
> cc
> 
> Subject
> 
> [LTP] [PATCH 1/5] ima_setup.sh: Some cleanup
> 
> * Use 'test.sh'.
> 
> * Use 'test_brkm' instead of 'tst_resm TBROK'.
> 
> * Use 'tst_tmpdir' and 'tst_rmdir'.
> 
> * Delete some unuseful comments.
> 
> * Some cleanup.
> 
> Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com>
> ---
>  .../security/integrity/ima/tests/ima_setup.sh      | 85 ++
> +-------------------
>  1 file changed, 12 insertions(+), 73 deletions(-)
> 
> diff --git a/testcases/kernel/security/integrity/ima/tests/
> ima_setup.sh 
b/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
> index 4013e1f..0ff38d2 100755
> --- a/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
> +++ b/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
> @@ -14,8 +14,8 @@
>  ## for more details.   ##
>  ##   ##
>  ## You should have received a copy of the GNU General Public 
> License          ##
> -## along with this program;  if not, write to the Free Software   ##
> -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 
> 02110-1301 USA    ##
> +## along with this program;  if not, write to the Free Software 
> Foundation,   ##
> +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA  ##
>  ##   ##
> 
> 
################################################################################
>  #
> @@ -24,13 +24,10 @@
>  # Description:  setup/cleanup routines for the integrity tests.
>  #
>  # Author:       Mimi Zohar, zohar@ibm.vnet.ibm.com
> -#
> -# Return        - zero on success
> -#               - non zero on failure. return value from commands ($RC)
> 
> 
################################################################################
> +. test.sh
>  mount_sysfs()
>  {
> -
>     SYSFS=$(mount 2>/dev/null | awk '$5 == "sysfs" { print $3 }')
>     if [ "x$SYSFS" = x ] ; then
> 
> @@ -38,22 +35,17 @@ mount_sysfs()
> 
>        test -d $SYSFS || mkdir -p $SYSFS 2>/dev/null
>        if [ $? -ne 0 ] ; then
> -         tst_resm TBROK "Failed to mkdir $SYSFS"
> -         return 1
> +         tst_brkm TBROK "Failed to mkdir $SYSFS"
>        fi
>        if ! mount -t sysfs sysfs $SYSFS 2>/dev/null ; then
> -         tst_resm TBROK "Failed to mount $SYSFS"
> -         return 1
> +         tst_brkm TBROK "Failed to mount $SYSFS"
>        fi
> 
>     fi
> -
> -   return 0
>  }
> 
>  mount_securityfs()
>  {
> -
>     SECURITYFS=$(mount 2>/dev/null | awk '$5 == "securityfs" { print $3 
}')
>     if [ "x$SECURITYFS" = x ] ; then
> 
> @@ -61,87 +53,34 @@ mount_securityfs()
> 
>        test -d $SECURITYFS || mkdir -p $SECURITYFS 2>/dev/null
>        if [ $? -ne 0 ] ; then
> -         tst_resm TBROK "Failed to mkdir $SECURITYFS"
> -         return 1
> +         tst_brkm TBROK "Failed to mkdir $SECURITYFS"
>        fi
>        if ! mount -t securityfs securityfs $SECURITYFS 2>/dev/null ; 
then
> -         tst_resm TBROK "Failed to mount $SECURITYFS"
> -         return 1
> +         tst_brkm TBROK "Failed to mount $SECURITYFS"
>        fi
> 
>     fi
> -
> -   return 0
> -
>  }
> 
>  setup()
>  {
> -   export TST_TOTAL=1
> -   export TCID="setup"
> -        export TST_COUNT=0
> -
> -   LTPBIN=
> -   LTPIMA=
> -
> -   trap "cleanup" 0
> -   if [ -z "$TMPDIR" ]; then
> -      LTPTMP=/tmp
> -   else
> -      LTPTMP=${TMPDIR}
> -   fi
> -   if [ -z "$LTPBIN" ]; then
> -      LTPBIN=../../../../../bin
> -      PATH=$PATH:$LTPBIN
> -   fi
> -
>     tst_require_root
> 
> -   # create the temporary directory used by this testcase
> -   LTPIMA=$LTPTMP/ima
> -   umask 077
> -   mkdir $LTPIMA > /dev/null 2>&1 || RC=$?
> -   if [ $RC -ne 0 ]; then
> -      tst_resm TBROK "Unable to create temporary directory"
> -      return $RC
> -   fi
> +   tst_tmpdir
> 
> -   # mount sysfs if it is not already mounted
> -   mount_sysfs || RC=$?
> -   if [ $RC -ne 0 ]; then
> -      tst_resm TBROK "Cannot mount sysfs"
> -      return $RC
> -   fi
> +   mount_sysfs
> 
>     # mount securityfs if it is not already mounted
> -   mount_securityfs || RC=$?
> -   if [ $RC -ne 0 ]; then
> -      tst_resm TBROK "Cannot mount securityfs"
> -      return $RC
> -   fi
> -
> -   mount
> +   mount_securityfs
> 
>     # IMA must be configured in the kernel
>     IMA_DIR=$SECURITYFS/ima
>     if [ ! -d "$IMA_DIR" ]; then
> -      tst_resm TCONF "IMA not enabled in kernel"
> -      RC=1
> +      tst_brkm TCONF "IMA not enabled in kernel"
>     fi
> -   return $RC
>  }
> 
> -# Function:     cleanup
> -#
> -# Description   - remove temporary files and directories.
> -#
> -# Return        - zero on success
> -#               - non zero on failure. return value from commands ($RC)
>  cleanup()
>  {
> -   tst_resm TINFO "CLEAN: removing $LTPIMA"
> -   rm -rf "$LTPIMA" || RC=$?
> -   return $RC
> +   tst_rmdir
>  }
> -
> -. cmdlib.sh
> -- 
> 1.8.3.1
> 
> 
> 
This patch looks fine
> 
> 
------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & 
more
> Get technology previously reserved for billion-dollar corporations, FREE
> 
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk

> _______________________________________________
> Ltp-list mailing list
> Ltp-list@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ltp-list
> 

[-- Attachment #1.2: Type: text/html, Size: 10001 bytes --]

[-- Attachment #2: Type: text/plain, Size: 441 bytes --]

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk

[-- Attachment #3: Type: text/plain, Size: 155 bytes --]

_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Re: [LTP] [PATCH 2/5] ima_measurements.sh: Some cleanup

[Poornima Nayak]

[-- Attachment #1.1: Type: text/plain, Size: 8829 bytes --]

If you delete this TST_COUNT how will the PAN engine keep track of test 
count ? I feel its required. Wait for comments from others in mailing 
list.
Rest of the patch looks fine.

Zeng Linggang <zenglg.jy@cn.fujitsu.com> wrote on 11/17/2014 06:09:00 PM:

> Zeng Linggang <zenglg.jy@cn.fujitsu.com> 
> 11/17/2014 06:09 PM
> 
> To
> 
> ltp-list <ltp-list@lists.sourceforge.net>
> 
> cc
> 
> Subject
> 
> [LTP] [PATCH 2/5] ima_measurements.sh: Some cleanup
> 
> * Use 'tst_check_cmds' instead of 'exists'.
> 
> * Use 'test_resm' instead of 'tst_res'.
> 
> * Use '$()' instead of '``'.
> 
> * Delete 'cat' and '<(file input)' while use 'sha1sum'.
> 
> * Delete some unuseful comments.
> 
> * Some cleanup.
> 
> Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com>
> ---
>  .../integrity/ima/tests/ima_measurements.sh        | 142 ++++++
> +--------------
>  1 file changed, 49 insertions(+), 93 deletions(-)
> 
> diff --git a/testcases/kernel/security/integrity/ima/tests/
> ima_measurements.sh b/testcases/kernel/security/integrity/ima/tests/
> ima_measurements.sh
> index e6b2b4f..6dde432 100755
> --- a/testcases/kernel/security/integrity/ima/tests/ima_measurements.sh
> +++ b/testcases/kernel/security/integrity/ima/tests/ima_measurements.sh
> @@ -15,8 +15,8 @@
>  ## for more details.   ##
>  ##   ##
>  ## You should have received a copy of the GNU General Public 
> License          ##
> -## along with this program;  if not, write to the Free Software   ##
> -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 
> 02110-1301 USA    ##
> +## along with this program;  if not, write to the Free Software 
> Foundation,   ##
> +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA  ##
>  ##   ##
> 
> 
################################################################################
>  #
> @@ -26,25 +26,19 @@
>  #       list based on policy.
>  #
>  # Author:       Mimi Zohar, zohar@ibm.vnet.ibm.com
> -#
> -# Return        - zero on success
> -#               - non zero on failure. return value from commands ($RC)
> 
> 
################################################################################
> +export TST_TOTAL=3
> +export TCID="ima_measurements"
> +export TST_COUNT=0
> +
>  init()
>  {
> -   export TST_TOTAL=3
> -   export TCID="init"
> -        export TST_COUNT=0
> -   RC=0
> -
> -   exists sha1sum
> +   tst_check_cmds sha1sum
> 
>     # verify using default policy
>     if [ ! -f "$IMA_DIR/policy" ]; then
> -      tst_res TINFO $LTPTMP/imalog.$$ \
> -       "$TCID: not using default policy"
> +      tst_resm TINFO "not using default policy"
>     fi
> -   return $RC
>  }
> 
>  # Function:     test01
> @@ -52,40 +46,29 @@ init()
>  #        be added to the IMA measurement list.
>  test01()
>  {
> -   TCID="test01"
> -   TST_COUNT=1
> -   RC=0
> -
>     # Create file test.txt
> -   cat > $LTPIMA/test.txt <<-EOF || RC=$?
> -   `date` - this is a test file
> +   cat > test.txt <<-EOF
> +   $(date) - this is a test file
>     EOF
> -   if [ $RC -ne 0 ]; then
> -      tst_res TBROK $LTPTMP/imalog.$$ "" \
> -       "$TCID: Unable to create test file"
> -      return $RC
> +   if [ $? -ne 0 ]; then
> +      tst_brkm TBROK "Unable to create test file"
>     fi
> 
> -   # Calculating the sha1sum of $LTPTMP/test.txt should add
> +   # Calculating the sha1sum of test.txt should add
>     # the measurement to the measurement list.
>     # (Assumes SHA1 IMA measurements.)
> -   hash=$(sha1sum < "$LTPIMA/test.txt" | sed 's/  -//')
> +   hash=$(sha1sum "test.txt" | sed 's/  -//')
> 
>     # Check if the file is measured
>     # (i.e. contained in the ascii measurement list.)
> -   cat /sys/kernel/security/ima/ascii_runtime_measurements > \
> -       $LTPIMA/measurements
> +   cat /sys/kernel/security/ima/ascii_runtime_measurements > 
measurements
>     sleep 1
> -   `grep $hash $LTPIMA/measurements > /dev/null` || RC=$?
> -   if [ $RC -ne 0 ]; then
> -      tst_res TFAIL $LTPTMP/imalog.$$ \
> -       "$TCID: TPM ascii measurement list does not contain sha1sum"
> -      return $RC
> +   $(grep $hash measurements > /dev/null)
> +   if [ $? -ne 0 ]; then
> +      tst_resm TFAIL "TPM ascii measurement list does not contain 
sha1sum"
>     else
> -      tst_res TPASS $LTPTMP/imalog.$$ \
> -       "$TCID: TPM ascii measurement list contains sha1sum"
> +      tst_resm TPASS "TPM ascii measurement list contains sha1sum"
>     fi
> -   return $RC
>  }
> 
>  # Function:     test02
> @@ -93,33 +76,23 @@ test01()
>  #         measurement to be added to the IMA measurement list.
>  test02()
>  {
> -   TCID="test02"
> -   TST_COUNT=2
> -   RC=0
> -
>     # Modify test.txt
> -   echo `$date` - file modified >> $LTPIMA/test.txt || RC=$?
> +   echo $($date) - file modified >> test.txt
> 
> -   # Calculating the sha1sum of $LTPTMP/test.txt should add
> +   # Calculating the sha1sum of test.txt should add
>     # the new measurement to the measurement list
> -   hash=`cat $LTPIMA/test.txt | sha1sum | sed 's/  -//'`
> +   hash=$(sha1sum test.txt | sed 's/  -//')
> 
>     # Check if the new measurement exists
> -   cat /sys/kernel/security/ima/ascii_runtime_measurements > \
> -      $LTPIMA/measurements
> -   `grep $hash $LTPIMA/measurements > /dev/null` || RC=$?
> -
> -   if [ $RC -ne 0 ]; then
> -      tst_res TFAIL $LTPTMP/imalog.$$ \
> -       "$TCID: Modified file not measured"
> -      tst_res TINFO $LTPTMP/imalog.$$ \
> -       "$TCID: iversion not supported; or not mounted with iversion"
> -      return $RC
> +   cat /sys/kernel/security/ima/ascii_runtime_measurements > 
measurements
> +   $(grep $hash measurements > /dev/null)
> +
> +   if [ $? -ne 0 ]; then
> +      tst_resm TFAIL "Modified file not measured"
> +      tst_resm TINFO "iversion not supported; or not mounted with 
iversion"
>     else
> -      tst_res TPASS $LTPTMP/imalog.$$ \
> -       "$TCID: Modified file measured"
> +      tst_resm TPASS "Modified file measured"
>     fi
> -   return $RC
>  }
> 
>  # Function:     test03
> @@ -127,57 +100,40 @@ test02()
>  #      (Default policy does not measure user files.)
>  test03()
>  {
> -   TCID="test03"
> -   TST_COUNT=3
> -   RC=0
> -
>     # create file user-test.txt
> -   mkdir -m 0700 $LTPIMA/user
> -   chown nobody.nobody $LTPIMA/user
> -   cd $LTPIMA/user
> +   mkdir -m 0700 user
> +   chown nobody.nobody user
> +   cd user
>     hash=0
> 
>     # As user nobody, create and cat the new file
>     # (The LTP tests assumes existence of 'nobody'.)
> -   sudo -n -u nobody sh -c "echo `date` - create test.txt > ./test.txt;
> +   sudo -n -u nobody sh -c "echo $(date) - create test.txt > 
./test.txt;
>               cat ./test.txt > /dev/null"
> 
>     # Calculating the hash will add the measurement to the measurement
>     # list, so only calc the hash value after getting the measurement
>     # list.
> -   cat /sys/kernel/security/ima/ascii_runtime_measurements > \
> -       $LTPIMA/measurements
> -   hash=`cat ./test.txt | sha1sum | sed 's/  -//'`
> +   cat /sys/kernel/security/ima/ascii_runtime_measurements > 
measurements
> +   hash=$(sha1sum test.txt | sed 's/  -//')
>     cd - >/dev/null
> 
>     # Check if the file is measured
> -   grep $hash $LTPIMA/measurements > /dev/null || RC=$?
> -   if [ $RC -ne 0 ]; then
> -      RC=0
> -      tst_res TPASS $LTPTMP/imalog.$$ \
> -       "$TCID: user file test.txt not measured"
> +   grep $hash measurements > /dev/null
> +   if [ $? -ne 0 ]; then
> +      tst_resm TPASS "user file test.txt not measured"
>     else
> -      RC=1
> -      tst_res TFAIL $LTPTMP/imalog.$$ \
> -       "$TCID: user file test.txt measured"
> +      tst_resm TFAIL "user file test.txt measured"
>     fi
> -   return $RC
>  }
> 
> -# Function:     main
> -#
> -# Description:  - Execute all tests, exit with test status.
> -#
> -# Exit:         - zero on success
> -#               - non-zero on failure.
> -#
> -RC=0
> -EXIT_VAL=0
> -
> -. $(dirname "$0")/ima_setup.sh
> -setup || exit $?
> -init || exit $?
> -test01 || EXIT_VAL=$RC
> -test02 || EXIT_VAL=$RC
> -test03 || EXIT_VAL=$RC
> -exit $EXIT_VAL
> +. ima_setup.sh
> +TST_CLEANUP=cleanup
> +
> +setup
> +init
> +test01
> +test02
> +test03
> +
> +tst_exit
> -- 
> 1.8.3.1
> 
> 
> 
> 
> 
------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & 
more
> Get technology previously reserved for billion-dollar corporations, FREE
> 
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk

> _______________________________________________
> Ltp-list mailing list
> Ltp-list@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ltp-list
> 

[-- Attachment #1.2: Type: text/html, Size: 14246 bytes --]

[-- Attachment #2: Type: text/plain, Size: 441 bytes --]

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk

[-- Attachment #3: Type: text/plain, Size: 155 bytes --]

_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Re: [LTP] [PATCH 2/5] ima_measurements.sh: Some cleanup

[Zeng Linggang]

Hi,
On Mon, 2014-11-17 at 22:09 +0530, Poornima Nayak wrote:
> If you delete this TST_COUNT how will the PAN engine keep track of
> test count ? I feel its required. Wait for comments from others in
> mailing list. 

Thank you for your review. :)
I have not deleted 'TST_COUNT', I put it at the begin of the test.
Moreover 'tst_resm' and 'tst_brkm' are in the script of 'test.sh'.
And 'TST_COUNT' will '++' when they are invoked by 'tst_resm' or
'tst_brkm' everytime.

Best regards,
Zeng

> Rest of the patch looks fine. 
> 
> Zeng Linggang <zenglg.jy@cn.fujitsu.com> wrote on 11/17/2014 06:09:00
> PM:
> 
> > 


------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Re: [LTP] [PATCH 2/5] ima_measurements.sh: Some cleanup

[Cyril Hrubis]

Hi!
> If you delete this TST_COUNT how will the PAN engine keep track of test 
> count ? I feel its required. Wait for comments from others in mailing 
> list.

As a matter of the fact the TST_COUNT should be deleted from the test
code as it's initialized in the test.sh library nowadays.

Moreover I doubt that ltp-pan is able to keep track of the test
subtests, all it cares about is the overall exit status.

-- 
Cyril Hrubis
chrubis@suse.cz

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Re: [LTP] [PATCH 1/5] ima_setup.sh: Some cleanup

[Cyril Hrubis]

Hi!
> -	trap "cleanup" 0

The cleanup will not be called after you remove this. You should have
changed it to TST_CLEANUP=cleanup so that it's called at exit.

-- 
Cyril Hrubis
chrubis@suse.cz

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Re: [LTP] [PATCH 2/5] ima_measurements.sh: Some cleanup

[Cyril Hrubis]

Hi!
> +export TST_TOTAL=3
> +export TCID="ima_measurements"
> +export TST_COUNT=0

The TST_COUNT shouldn't be initialized here (it's done in test.sh).

>  init()
>  {
> -	export TST_TOTAL=3
> -	export TCID="init"
> -        export TST_COUNT=0
> -	RC=0
> -
> -	exists sha1sum
> +	tst_check_cmds sha1sum
>  
>  	# verify using default policy
>  	if [ ! -f "$IMA_DIR/policy" ]; then
> -		tst_res TINFO $LTPTMP/imalog.$$ \
> -		 "$TCID: not using default policy"
> +		tst_resm TINFO "not using default policy"
>  	fi
> -	return $RC
>  }
>  
>  # Function:     test01
> @@ -52,40 +46,29 @@ init()
>  #		  be added to the IMA measurement list.
>  test01()
>  {
> -	TCID="test01"
> -	TST_COUNT=1
> -	RC=0
> -
>  	# Create file test.txt
> -	cat > $LTPIMA/test.txt <<-EOF || RC=$?
> -	`date` - this is a test file
> +	cat > test.txt <<-EOF
> +	$(date) - this is a test file
>  	EOF
> -	if [ $RC -ne 0 ]; then
> -		tst_res TBROK $LTPTMP/imalog.$$ "" \
> -		 "$TCID: Unable to create test file"
> -		return $RC
> +	if [ $? -ne 0 ]; then
> +		tst_brkm TBROK "Unable to create test file"
>  	fi
>  
> -	# Calculating the sha1sum of $LTPTMP/test.txt should add
> +	# Calculating the sha1sum of test.txt should add
>  	# the measurement to the measurement list.
>  	# (Assumes SHA1 IMA measurements.)
> -	hash=$(sha1sum < "$LTPIMA/test.txt" | sed 's/  -//')
> +	hash=$(sha1sum "test.txt" | sed 's/  -//')
>  
>  	# Check if the file is measured
>  	# (i.e. contained in the ascii measurement list.)
> -	cat /sys/kernel/security/ima/ascii_runtime_measurements > \
> -		 $LTPIMA/measurements
> +	cat /sys/kernel/security/ima/ascii_runtime_measurements > measurements
>  	sleep 1
> -	`grep $hash $LTPIMA/measurements > /dev/null` || RC=$?
> -	if [ $RC -ne 0 ]; then
> -		tst_res TFAIL $LTPTMP/imalog.$$ \
> -		 "$TCID: TPM ascii measurement list does not contain sha1sum"
> -		return $RC
> +	$(grep $hash measurements > /dev/null)
> +	if [ $? -ne 0 ]; then
> +		tst_resm TFAIL "TPM ascii measurement list does not contain sha1sum"
>  	else
> -		tst_res TPASS $LTPTMP/imalog.$$ \
> -		 "$TCID: TPM ascii measurement list contains sha1sum"
> +		tst_resm TPASS "TPM ascii measurement list contains sha1sum"
>  	fi
> -	return $RC
>  }
>  
>  # Function:     test02
> @@ -93,33 +76,23 @@ test01()
>  # 		  measurement to be added to the IMA measurement list.
>  test02()
>  {
> -	TCID="test02"
> -	TST_COUNT=2
> -	RC=0
> -
>  	# Modify test.txt
> -	echo `$date` - file modified >> $LTPIMA/test.txt || RC=$?
> +	echo $($date) - file modified >> test.txt
>  
> -	# Calculating the sha1sum of $LTPTMP/test.txt should add
> +	# Calculating the sha1sum of test.txt should add
>  	# the new measurement to the measurement list
> -	hash=`cat $LTPIMA/test.txt | sha1sum | sed 's/  -//'`
> +	hash=$(sha1sum test.txt | sed 's/  -//')
>  
>  	# Check if the new measurement exists
> -	cat /sys/kernel/security/ima/ascii_runtime_measurements > \
> -		$LTPIMA/measurements
> -	`grep $hash $LTPIMA/measurements > /dev/null` || RC=$?
> -
> -	if [ $RC -ne 0 ]; then
> -		tst_res TFAIL $LTPTMP/imalog.$$ \
> -		 "$TCID: Modified file not measured"
> -		tst_res TINFO $LTPTMP/imalog.$$ \
> -		 "$TCID: iversion not supported; or not mounted with iversion"
> -		return $RC
> +	cat /sys/kernel/security/ima/ascii_runtime_measurements > measurements
> +	$(grep $hash measurements > /dev/null)
> +
> +	if [ $? -ne 0 ]; then
> +		tst_resm TFAIL "Modified file not measured"
> +		tst_resm TINFO "iversion not supported; or not mounted with iversion"
>  	else
> -		tst_res TPASS $LTPTMP/imalog.$$ \
> -		 "$TCID: Modified file measured"
> +		tst_resm TPASS "Modified file measured"
>  	fi
> -	return $RC
>  }
>  
>  # Function:     test03
> @@ -127,57 +100,40 @@ test02()
>  #		(Default policy does not measure user files.)
>  test03()
>  {
> -	TCID="test03"
> -	TST_COUNT=3
> -	RC=0
> -
>  	# create file user-test.txt
> -	mkdir -m 0700 $LTPIMA/user
> -	chown nobody.nobody $LTPIMA/user
> -	cd $LTPIMA/user
> +	mkdir -m 0700 user
> +	chown nobody.nobody user
> +	cd user
>  	hash=0
>  
>  	# As user nobody, create and cat the new file
>  	# (The LTP tests assumes existence of 'nobody'.)
> -	sudo -n -u nobody sh -c "echo `date` - create test.txt > ./test.txt;
> +	sudo -n -u nobody sh -c "echo $(date) - create test.txt > ./test.txt;
>  				 cat ./test.txt > /dev/null"
>  
>  	# Calculating the hash will add the measurement to the measurement
>  	# list, so only calc the hash value after getting the measurement
>  	# list.
> -	cat /sys/kernel/security/ima/ascii_runtime_measurements > \
> -		 $LTPIMA/measurements
> -	hash=`cat ./test.txt | sha1sum | sed 's/  -//'`
> +	cat /sys/kernel/security/ima/ascii_runtime_measurements > measurements
> +	hash=$(sha1sum test.txt | sed 's/  -//')
>  	cd - >/dev/null
>  
>  	# Check if the file is measured
> -	grep $hash $LTPIMA/measurements > /dev/null || RC=$?
> -	if [ $RC -ne 0 ]; then
> -		RC=0
> -		tst_res TPASS $LTPTMP/imalog.$$ \
> -		 "$TCID: user file test.txt not measured"
> +	grep $hash measurements > /dev/null
> +	if [ $? -ne 0 ]; then
> +		tst_resm TPASS "user file test.txt not measured"
>  	else
> -		RC=1
> -		tst_res TFAIL $LTPTMP/imalog.$$ \
> -		 "$TCID: user file test.txt measured"
> +		tst_resm TFAIL "user file test.txt measured"
>  	fi
> -	return $RC
>  }
>  
> -# Function:     main
> -#
> -# Description:  - Execute all tests, exit with test status.
> -#
> -# Exit:         - zero on success
> -#               - non-zero on failure.
> -#
> -RC=0
> -EXIT_VAL=0
> -
> -. $(dirname "$0")/ima_setup.sh
> -setup || exit $?
> -init || exit $?
> -test01 || EXIT_VAL=$RC
> -test02 || EXIT_VAL=$RC
> -test03 || EXIT_VAL=$RC
> -exit $EXIT_VAL
> +. ima_setup.sh
> +TST_CLEANUP=cleanup
> +
> +setup

Ah so you set the TST_CLEANUP here instead.

I guess that this is OK, but the cleanup should be set right after the
setup and not before it.

-- 
Cyril Hrubis
chrubis@suse.cz

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list