* [LTP] [PATCH] securebits: some cleanup @ 2014-08-07 9:06 Zeng Linggang 2014-08-13 9:46 ` Jan Stancek 0 siblings, 1 reply; 10+ messages in thread From: Zeng Linggang @ 2014-08-07 9:06 UTC (permalink / raw) To: ltp-list * Add Copyright for run_securebits.sh * Use test.sh for run_securebits.sh * Somecleanup for Makefile Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> --- testcases/kernel/security/securebits/Makefile | 7 +-- .../kernel/security/securebits/run_securebits.sh | 51 +++++++++++++++------- 2 files changed, 39 insertions(+), 19 deletions(-) diff --git a/testcases/kernel/security/securebits/Makefile b/testcases/kernel/security/securebits/Makefile index 51018d9..47271c9 100644 --- a/testcases/kernel/security/securebits/Makefile +++ b/testcases/kernel/security/securebits/Makefile @@ -4,7 +4,8 @@ ## ## ## This program is free software; you can redistribute it and#or modify ## ## it under the terms of the GNU General Public License as published by ## -## the Free Software Foundation; either version 2 of the License, or ## ## (at your option) any later version. ## +## the Free Software Foundation; either version 2 of the License, or ## +## (at your option) any later version. ## ## ## ## This program is distributed in the hope that it will be useful, but ## ## WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ## @@ -12,8 +13,8 @@ ## for more details. ## ## ## ## You should have received a copy of the GNU General Public License ## -## along with this program; if not, write to the Free Software ## -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## +## along with this program; if not, write to the Free Software Foundation, ## +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## ## ## ################################################################################ diff --git a/testcases/kernel/security/securebits/run_securebits.sh b/testcases/kernel/security/securebits/run_securebits.sh index 4d9e272..c3a301c 100644 --- a/testcases/kernel/security/securebits/run_securebits.sh +++ b/testcases/kernel/security/securebits/run_securebits.sh @@ -1,20 +1,39 @@ #!/bin/sh +################################################################################ +## ## +## Copyright (c) Linux Test Project, 2014 ## +## ## +## This program is free software; you can redistribute it and/or modify ## +## it under the terms of the GNU General Public License as published by ## +## the Free Software Foundation; either version 2 of the License, or ## +## (at your option) any later version. ## +## ## +## This program is distributed in the hope that it will be useful, ## +## but WITHOUT ANY WARRANTY; without even the implied warranty of ## +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ## +## GNU Library General Public License for more details. ## +## ## +################################################################################ -echo "testing keepcaps" -check_keepcaps 1 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi -check_keepcaps 2 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi -check_keepcaps 3 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp +TCID="keepcaps" +TST_TOTAL=1 + +. test.sh + +exit_code=0 +for i in 1 2 3 +do + check_keepcaps $i + ret=$? + if [ $ret -ne 0 ]; then + exit_code=$ret + fi +done + +if [ $exit_code -ne 0 ]; then + tst_resm TFAIL "Test $TCID FAIL" +else + tst_resm TPASS "Test $TCID PASS" fi -exit $exit_code +tst_exit -- 1.9.3 ------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH] securebits: some cleanup 2014-08-07 9:06 [LTP] [PATCH] securebits: some cleanup Zeng Linggang @ 2014-08-13 9:46 ` Jan Stancek 2014-09-25 10:00 ` Zeng Linggang 2014-09-26 8:06 ` [LTP] [PATCH v2] " Zeng Linggang 0 siblings, 2 replies; 10+ messages in thread From: Jan Stancek @ 2014-08-13 9:46 UTC (permalink / raw) To: Zeng Linggang; +Cc: ltp-list ----- Original Message ----- > From: "Zeng Linggang" <zenglg.jy@cn.fujitsu.com> > To: "ltp-list" <ltp-list@lists.sourceforge.net> > Sent: Thursday, 7 August, 2014 11:06:44 AM > Subject: [LTP] [PATCH] securebits: some cleanup > > * Add Copyright for run_securebits.sh > > * Use test.sh for run_securebits.sh > > * Somecleanup for Makefile > > Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> > --- > testcases/kernel/security/securebits/Makefile | 7 +-- > .../kernel/security/securebits/run_securebits.sh | 51 > +++++++++++++++------- > 2 files changed, 39 insertions(+), 19 deletions(-) Hi, Can we list these testcases directly in runtest/securebits and remove the .sh script which bundles all together? Regards, Jan > > diff --git a/testcases/kernel/security/securebits/Makefile > b/testcases/kernel/security/securebits/Makefile > index 51018d9..47271c9 100644 > --- a/testcases/kernel/security/securebits/Makefile > +++ b/testcases/kernel/security/securebits/Makefile > @@ -4,7 +4,8 @@ > ## > ## > ## This program is free software; you can redistribute it and#or modify > ## > ## it under the terms of the GNU General Public License as published by > ## > -## the Free Software Foundation; either version 2 of the License, or > ## ## (at your option) any later version. > ## > +## the Free Software Foundation; either version 2 of the License, or > ## > +## (at your option) any later version. > ## > ## > ## > ## This program is distributed in the hope that it will be useful, but > ## > ## WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY ## > @@ -12,8 +13,8 @@ > ## for more details. > ## > ## > ## > ## You should have received a copy of the GNU General Public License > ## > -## along with this program; if not, write to the Free Software > ## > -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 > USA ## > +## along with this program; if not, write to the Free Software Foundation, > ## > +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA > ## > ## > ## > ################################################################################ > > diff --git a/testcases/kernel/security/securebits/run_securebits.sh > b/testcases/kernel/security/securebits/run_securebits.sh > index 4d9e272..c3a301c 100644 > --- a/testcases/kernel/security/securebits/run_securebits.sh > +++ b/testcases/kernel/security/securebits/run_securebits.sh > @@ -1,20 +1,39 @@ > #!/bin/sh > +################################################################################ > +## > ## > +## Copyright (c) Linux Test Project, 2014 > ## > +## > ## > +## This program is free software; you can redistribute it and/or modify > ## > +## it under the terms of the GNU General Public License as published by > ## > +## the Free Software Foundation; either version 2 of the License, or > ## > +## (at your option) any later version. > ## > +## > ## > +## This program is distributed in the hope that it will be useful, > ## > +## but WITHOUT ANY WARRANTY; without even the implied warranty of > ## > +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > ## > +## GNU Library General Public License for more details. > ## > +## > ## > +################################################################################ > > -echo "testing keepcaps" > -check_keepcaps 1 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > -check_keepcaps 2 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > -check_keepcaps 3 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > +TCID="keepcaps" > +TST_TOTAL=1 > + > +. test.sh > + > +exit_code=0 > +for i in 1 2 3 > +do > + check_keepcaps $i > + ret=$? > + if [ $ret -ne 0 ]; then > + exit_code=$ret > + fi > +done > + > +if [ $exit_code -ne 0 ]; then > + tst_resm TFAIL "Test $TCID FAIL" > +else > + tst_resm TPASS "Test $TCID PASS" > fi > > -exit $exit_code > +tst_exit > -- > 1.9.3 > > > > > ------------------------------------------------------------------------------ > Infragistics Professional > Build stunning WinForms apps today! > Reboot your WinForms applications with our WinForms controls. > Build a bridge from your legacy apps to the future. > http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk > _______________________________________________ > Ltp-list mailing list > Ltp-list@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/ltp-list > ------------------------------------------------------------------------------ _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH] securebits: some cleanup 2014-08-13 9:46 ` Jan Stancek @ 2014-09-25 10:00 ` Zeng Linggang 2014-09-26 8:06 ` [LTP] [PATCH v2] " Zeng Linggang 1 sibling, 0 replies; 10+ messages in thread From: Zeng Linggang @ 2014-09-25 10:00 UTC (permalink / raw) To: Jan Stancek; +Cc: ltp-list Hi, On Wed, 2014-08-13 at 05:46 -0400, Jan Stancek wrote: > > ----- Original Message ----- > > From: "Zeng Linggang" <zenglg.jy@cn.fujitsu.com> > > To: "ltp-list" <ltp-list@lists.sourceforge.net> > > Sent: Thursday, 7 August, 2014 11:06:44 AM > > Subject: [LTP] [PATCH] securebits: some cleanup > > > > * Add Copyright for run_securebits.sh > > > > * Use test.sh for run_securebits.sh > > > > * Somecleanup for Makefile > > > > Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> > > --- > > testcases/kernel/security/securebits/Makefile | 7 +-- > > .../kernel/security/securebits/run_securebits.sh | 51 > > +++++++++++++++------- > > 2 files changed, 39 insertions(+), 19 deletions(-) > > Hi, > > Can we list these testcases directly in runtest/securebits > and remove the .sh script which bundles all together? > I am very sorry to reply you so later. I almost missed this email until I repeat browse tagged mails. OK, I will do that. And, thank you very much. Best regards, Zeng > Regards, > Jan > > > > > diff --git a/testcases/kernel/security/securebits/Makefile > > b/testcases/kernel/security/securebits/Makefile > > index 51018d9..47271c9 100644 > > --- a/testcases/kernel/security/securebits/Makefile > > +++ b/testcases/kernel/security/securebits/Makefile > > @@ -4,7 +4,8 @@ > > ## > > ## > > ## This program is free software; you can redistribute it and#or modify > > ## > > ## it under the terms of the GNU General Public License as published by > > ## > > -## the Free Software Foundation; either version 2 of the License, or > > ## ## (at your option) any later version. > > ## > > +## the Free Software Foundation; either version 2 of the License, or > > ## > > +## (at your option) any later version. > > ## > > ## > > ## > > ## This program is distributed in the hope that it will be useful, but > > ## > > ## WITHOUT ANY WARRANTY; without even the implied warranty of > > MERCHANTABILITY ## > > @@ -12,8 +13,8 @@ > > ## for more details. > > ## > > ## > > ## > > ## You should have received a copy of the GNU General Public License > > ## > > -## along with this program; if not, write to the Free Software > > ## > > -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 > > USA ## > > +## along with this program; if not, write to the Free Software Foundation, > > ## > > +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA > > ## > > ## > > ## > > ################################################################################ > > > > diff --git a/testcases/kernel/security/securebits/run_securebits.sh > > b/testcases/kernel/security/securebits/run_securebits.sh > > index 4d9e272..c3a301c 100644 > > --- a/testcases/kernel/security/securebits/run_securebits.sh > > +++ b/testcases/kernel/security/securebits/run_securebits.sh > > @@ -1,20 +1,39 @@ > > #!/bin/sh > > +################################################################################ > > +## > > ## > > +## Copyright (c) Linux Test Project, 2014 > > ## > > +## > > ## > > +## This program is free software; you can redistribute it and/or modify > > ## > > +## it under the terms of the GNU General Public License as published by > > ## > > +## the Free Software Foundation; either version 2 of the License, or > > ## > > +## (at your option) any later version. > > ## > > +## > > ## > > +## This program is distributed in the hope that it will be useful, > > ## > > +## but WITHOUT ANY WARRANTY; without even the implied warranty of > > ## > > +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > > ## > > +## GNU Library General Public License for more details. > > ## > > +## > > ## > > +################################################################################ > > > > -echo "testing keepcaps" > > -check_keepcaps 1 > > -tmp=$? > > -if [ $tmp -ne 0 ]; then > > - exit_code=$tmp > > -fi > > -check_keepcaps 2 > > -tmp=$? > > -if [ $tmp -ne 0 ]; then > > - exit_code=$tmp > > -fi > > -check_keepcaps 3 > > -tmp=$? > > -if [ $tmp -ne 0 ]; then > > - exit_code=$tmp > > +TCID="keepcaps" > > +TST_TOTAL=1 > > + > > +. test.sh > > + > > +exit_code=0 > > +for i in 1 2 3 > > +do > > + check_keepcaps $i > > + ret=$? > > + if [ $ret -ne 0 ]; then > > + exit_code=$ret > > + fi > > +done > > + > > +if [ $exit_code -ne 0 ]; then > > + tst_resm TFAIL "Test $TCID FAIL" > > +else > > + tst_resm TPASS "Test $TCID PASS" > > fi > > > > -exit $exit_code > > +tst_exit > > -- > > 1.9.3 > > > > > > > > > > ------------------------------------------------------------------------------ > > Infragistics Professional > > Build stunning WinForms apps today! > > Reboot your WinForms applications with our WinForms controls. > > Build a bridge from your legacy apps to the future. > > http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk > > _______________________________________________ > > Ltp-list mailing list > > Ltp-list@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/ltp-list > > ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply [flat|nested] 10+ messages in thread
* [LTP] [PATCH v2] securebits: some cleanup 2014-08-13 9:46 ` Jan Stancek 2014-09-25 10:00 ` Zeng Linggang @ 2014-09-26 8:06 ` Zeng Linggang 2014-09-26 12:43 ` Jan Stancek 1 sibling, 1 reply; 10+ messages in thread From: Zeng Linggang @ 2014-09-26 8:06 UTC (permalink / raw) To: Jan Stancek; +Cc: ltp-list * Remove .sh and divide into three seperate tests. * Check the header <linux/securebits.h>. * Use tst_brkm instead of tst_exit() that follows tst_resm. * Some cleanup Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> --- runtest/securebits | 4 +- testcases/kernel/security/securebits/Makefile | 9 ++- .../kernel/security/securebits/check_keepcaps.c | 75 +++++++++------------- .../kernel/security/securebits/run_securebits.sh | 20 ------ 4 files changed, 36 insertions(+), 72 deletions(-) delete mode 100644 testcases/kernel/security/securebits/run_securebits.sh diff --git a/runtest/securebits b/runtest/securebits index d78a66f..64e6e0a 100644 --- a/runtest/securebits +++ b/runtest/securebits @@ -1,2 +1,4 @@ #DESCRIPTION:securebits tests -Securebits run_securebits.sh +check_keepcaps01 check_keepcaps 1 +check_keepcaps02 check_keepcaps 2 +check_keepcaps03 check_keepcaps 3 diff --git a/testcases/kernel/security/securebits/Makefile b/testcases/kernel/security/securebits/Makefile index 51018d9..e379b7c 100644 --- a/testcases/kernel/security/securebits/Makefile +++ b/testcases/kernel/security/securebits/Makefile @@ -4,7 +4,8 @@ ## ## ## This program is free software; you can redistribute it and#or modify ## ## it under the terms of the GNU General Public License as published by ## -## the Free Software Foundation; either version 2 of the License, or ## ## (at your option) any later version. ## +## the Free Software Foundation; either version 2 of the License, or ## +## (at your option) any later version. ## ## ## ## This program is distributed in the hope that it will be useful, but ## ## WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ## @@ -12,8 +13,8 @@ ## for more details. ## ## ## ## You should have received a copy of the GNU General Public License ## -## along with this program; if not, write to the Free Software ## -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## +## along with this program; if not, write to the Free Software Foundation, ## +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## ## ## ################################################################################ @@ -23,6 +24,4 @@ include $(top_srcdir)/include/mk/testcases.mk LDLIBS += $(CAP_LIBS) -INSTALL_TARGETS := *.sh - include $(top_srcdir)/include/mk/generic_leaf_target.mk diff --git a/testcases/kernel/security/securebits/check_keepcaps.c b/testcases/kernel/security/securebits/check_keepcaps.c index 6e195c6..3b6e24e 100644 --- a/testcases/kernel/security/securebits/check_keepcaps.c +++ b/testcases/kernel/security/securebits/check_keepcaps.c @@ -5,7 +5,6 @@ #include <sys/capability.h> #endif #include <sys/prctl.h> -#include <linux/securebits.h> #include "usctest.h" #include "test.h" @@ -30,7 +29,9 @@ char *TCID = "keepcaps"; int TST_TOTAL = 1; -#ifdef HAVE_LIBCAP +#if (HAVE_LINUX_SECUREBITS_H && HAVE_LIBCAP) +#include <linux/securebits.h> + static int eff_caps_empty(cap_t c) { int i, ret, empty = 1; @@ -75,28 +76,19 @@ static void do_setuid(int expect_privs) int have_privs; ret = setuid(1000); - if (ret) { - tst_resm(TERRNO | TFAIL, "setuid failed"); - tst_exit(); - } + if (ret) + tst_brkm(TERRNO | TFAIL, NULL, "setuid failed"); have_privs = am_privileged(); - if (have_privs && expect_privs == EXPECT_PRIVS) { - tst_resm(TPASS, "kept privs as expected"); - tst_exit(); - } - if (!have_privs && expect_privs == EXPECT_PRIVS) { - tst_resm(TFAIL, "expected to keep privs but did not"); - tst_exit(); - } - if (!have_privs && expect_privs == EXPECT_NOPRIVS) { - tst_resm(TPASS, "dropped privs as expected"); - tst_exit(); - } + if (have_privs && expect_privs == EXPECT_PRIVS) + tst_brkm(TPASS, NULL, "kept privs as expected"); + if (!have_privs && expect_privs == EXPECT_PRIVS) + tst_brkm(TFAIL, NULL, "expected to keep privs but did not"); + if (!have_privs && expect_privs == EXPECT_NOPRIVS) + tst_brkm(TPASS, NULL, "dropped privs as expected"); /* have_privs && EXPECT_NOPRIVS */ - tst_resm(TFAIL, "expected to drop privs but did not"); - tst_exit(); + tst_brkm(TFAIL, NULL, "expected to drop privs but did not"); } int main(int argc, char *argv[]) @@ -106,64 +98,55 @@ int main(int argc, char *argv[]) tst_require_root(NULL); ret = prctl(PR_GET_KEEPCAPS); - if (ret) { - tst_resm(TBROK, "keepcaps was already set?\n"); - tst_exit(); - } + if (ret) + tst_brkm(TBROK, NULL, "keepcaps was already set?\n"); + + if (argc < 2) + tst_brkm(TBROK, NULL, "Usage: %s <tescase_num>", argv[0]); - if (argc < 2) { - tst_resm(TBROK, "Usage: %s <tescase_num>", argv[0]); - tst_exit(); - } whichtest = atoi(argv[1]); - if (whichtest < 1 || whichtest > 3) { - tst_resm(TFAIL, "Valid tests are 1-3\n"); - tst_exit(); - } + if (whichtest < 1 || whichtest > 3) + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); + switch (whichtest) { case 1: do_setuid(EXPECT_NOPRIVS); /* does not return */ case 2: ret = prctl(PR_SET_KEEPCAPS, 1); if (ret == -1) { - tst_resm(TFAIL | TERRNO, "PR_SET_KEEPCAPS failed\n"); - tst_exit(); + tst_brkm(TFAIL | TERRNO, NULL, + "PR_SET_KEEPCAPS failed\n"); } ret = prctl(PR_GET_KEEPCAPS); if (!ret) { - tst_resm(TFAIL | TERRNO, + tst_brkm(TFAIL | TERRNO, NULL, "PR_SET_KEEPCAPS did not set keepcaps\n"); - tst_exit(); } do_setuid(EXPECT_PRIVS); /* does not return */ case 3: ret = prctl(PR_GET_SECUREBITS); ret = prctl(PR_SET_SECUREBITS, ret | SECBIT_KEEP_CAPS); if (ret == -1) { - tst_resm(TFAIL | TERRNO, "PR_SET_SECUREBITS failed\n"); - tst_exit(); + tst_brkm(TFAIL | TERRNO, NULL, + "PR_SET_SECUREBITS failed\n"); } ret = prctl(PR_GET_KEEPCAPS); if (!ret) { - tst_resm(TFAIL | TERRNO, + tst_brkm(TFAIL | TERRNO, NULL, "PR_SET_SECUREBITS did not set keepcaps\n"); - tst_exit(); } do_setuid(EXPECT_PRIVS); /* does not return */ default: - tst_resm(TFAIL, "should not reach here\n"); - tst_exit(); + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); } - tst_resm(TFAIL, "should not reach here\n"); - tst_exit(); + tst_brkm(TFAIL, NULL, "should not reach here\n"); } #else int main(void) { - tst_resm(TCONF, "Test was compiled without libcap."); - tst_exit(); + tst_brkm(TCONF, NULL, "linux/securebits.h or libcap is not existence."); } #endif /* HAVE_LIBCAP */ diff --git a/testcases/kernel/security/securebits/run_securebits.sh b/testcases/kernel/security/securebits/run_securebits.sh deleted file mode 100644 index 4d9e272..0000000 --- a/testcases/kernel/security/securebits/run_securebits.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh - -echo "testing keepcaps" -check_keepcaps 1 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi -check_keepcaps 2 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi -check_keepcaps 3 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi - -exit $exit_code -- 1.9.3 ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH v2] securebits: some cleanup 2014-09-26 8:06 ` [LTP] [PATCH v2] " Zeng Linggang @ 2014-09-26 12:43 ` Jan Stancek 2014-10-08 7:23 ` Zeng Linggang ` (2 more replies) 0 siblings, 3 replies; 10+ messages in thread From: Jan Stancek @ 2014-09-26 12:43 UTC (permalink / raw) To: Zeng Linggang; +Cc: ltp-list ----- Original Message ----- > From: "Zeng Linggang" <zenglg.jy@cn.fujitsu.com> > To: "Jan Stancek" <jstancek@redhat.com> > Cc: "ltp-list" <ltp-list@lists.sourceforge.net> > Sent: Friday, 26 September, 2014 10:06:57 AM > Subject: [PATCH v2] securebits: some cleanup > > * Remove .sh and divide into three seperate tests. > > * Check the header <linux/securebits.h>. > > * Use tst_brkm instead of tst_exit() that follows tst_resm. > > * Some cleanup > > Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> Is the modified testcase working for you? I'm getting segmentation fault: (gdb) bt #0 __GI__IO_fputs (str=str@entry=0x7fffffffa980 "keepcaps 0 TWARN : tst_brk_: Invalid Type: 0. Using TBROK\n", fp=0x0) at iofputs.c:39 #1 0x00000000004015ee in tst_print (tcid=0x4029ba "keepcaps", tnum=tnum@entry=0, ttype=ttype@entry=4, tmesg=tmesg@entry=0x605240 <Warn_mesg> "tst_brk_: Invalid Type: 0. Using TBROK") at tst_res.c:479 #2 0x00000000004021f5 in tst_brk_ (file=file@entry=0x4028fe "check_keepcaps.c", lineno=lineno@entry=88, ttype=ttype@entry=0, fname=fname@entry=0x0, func=func@entry=0x0, arg_fmt=arg_fmt@entry=0x402ac6 "%s") at tst_res.c:656 #3 0x00000000004026a8 in tst_brkm_ (file=file@entry=0x4028fe "check_keepcaps.c", lineno=lineno@entry=88, ttype=ttype@entry=0, func=func@entry=0x0, arg_fmt=arg_fmt@entry=0x402926 "dropped privs as expected") at tst_res.c:769 #4 0x0000000000401460 in do_setuid (expect_privs=expect_privs@entry=0) at check_keepcaps.c:88 #5 0x000000000040124f in main (argc=2, argv=0x7fffffffe528) at check_keepcaps.c:113 and when I fix the crash (T_out is uninitialized) I get: # ./check_keepcaps 1 keepcaps 0 TWARN : tst_brk_: Invalid Type: 0. Using TBROK keepcaps 1 TBROK : check_keepcaps.c:88: dropped privs as expected from lib/tst_res.c: /* * Only FAIL, BROK, CONF, and RETR are supported by tst_brk(). */ Regards, Jan > --- > runtest/securebits | 4 +- > testcases/kernel/security/securebits/Makefile | 9 ++- > .../kernel/security/securebits/check_keepcaps.c | 75 > +++++++++------------- > .../kernel/security/securebits/run_securebits.sh | 20 ------ > 4 files changed, 36 insertions(+), 72 deletions(-) > delete mode 100644 testcases/kernel/security/securebits/run_securebits.sh > > diff --git a/runtest/securebits b/runtest/securebits > index d78a66f..64e6e0a 100644 > --- a/runtest/securebits > +++ b/runtest/securebits > @@ -1,2 +1,4 @@ > #DESCRIPTION:securebits tests > -Securebits run_securebits.sh > +check_keepcaps01 check_keepcaps 1 > +check_keepcaps02 check_keepcaps 2 > +check_keepcaps03 check_keepcaps 3 > diff --git a/testcases/kernel/security/securebits/Makefile > b/testcases/kernel/security/securebits/Makefile > index 51018d9..e379b7c 100644 > --- a/testcases/kernel/security/securebits/Makefile > +++ b/testcases/kernel/security/securebits/Makefile > @@ -4,7 +4,8 @@ > ## > ## > ## This program is free software; you can redistribute it and#or modify > ## > ## it under the terms of the GNU General Public License as published by > ## > -## the Free Software Foundation; either version 2 of the License, or > ## ## (at your option) any later version. > ## > +## the Free Software Foundation; either version 2 of the License, or > ## > +## (at your option) any later version. > ## > ## > ## > ## This program is distributed in the hope that it will be useful, but > ## > ## WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY ## > @@ -12,8 +13,8 @@ > ## for more details. > ## > ## > ## > ## You should have received a copy of the GNU General Public License > ## > -## along with this program; if not, write to the Free Software > ## > -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 > USA ## > +## along with this program; if not, write to the Free Software Foundation, > ## > +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA > ## > ## > ## > ################################################################################ > > @@ -23,6 +24,4 @@ include $(top_srcdir)/include/mk/testcases.mk > > LDLIBS += $(CAP_LIBS) > > -INSTALL_TARGETS := *.sh > - > include $(top_srcdir)/include/mk/generic_leaf_target.mk > diff --git a/testcases/kernel/security/securebits/check_keepcaps.c > b/testcases/kernel/security/securebits/check_keepcaps.c > index 6e195c6..3b6e24e 100644 > --- a/testcases/kernel/security/securebits/check_keepcaps.c > +++ b/testcases/kernel/security/securebits/check_keepcaps.c > @@ -5,7 +5,6 @@ > #include <sys/capability.h> > #endif > #include <sys/prctl.h> > -#include <linux/securebits.h> > #include "usctest.h" > #include "test.h" > > @@ -30,7 +29,9 @@ > char *TCID = "keepcaps"; > int TST_TOTAL = 1; > > -#ifdef HAVE_LIBCAP > +#if (HAVE_LINUX_SECUREBITS_H && HAVE_LIBCAP) > +#include <linux/securebits.h> > + > static int eff_caps_empty(cap_t c) > { > int i, ret, empty = 1; > @@ -75,28 +76,19 @@ static void do_setuid(int expect_privs) > int have_privs; > > ret = setuid(1000); > - if (ret) { > - tst_resm(TERRNO | TFAIL, "setuid failed"); > - tst_exit(); > - } > + if (ret) > + tst_brkm(TERRNO | TFAIL, NULL, "setuid failed"); > > have_privs = am_privileged(); > - if (have_privs && expect_privs == EXPECT_PRIVS) { > - tst_resm(TPASS, "kept privs as expected"); > - tst_exit(); > - } > - if (!have_privs && expect_privs == EXPECT_PRIVS) { > - tst_resm(TFAIL, "expected to keep privs but did not"); > - tst_exit(); > - } > - if (!have_privs && expect_privs == EXPECT_NOPRIVS) { > - tst_resm(TPASS, "dropped privs as expected"); > - tst_exit(); > - } > + if (have_privs && expect_privs == EXPECT_PRIVS) > + tst_brkm(TPASS, NULL, "kept privs as expected"); > + if (!have_privs && expect_privs == EXPECT_PRIVS) > + tst_brkm(TFAIL, NULL, "expected to keep privs but did not"); > + if (!have_privs && expect_privs == EXPECT_NOPRIVS) > + tst_brkm(TPASS, NULL, "dropped privs as expected"); > > /* have_privs && EXPECT_NOPRIVS */ > - tst_resm(TFAIL, "expected to drop privs but did not"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "expected to drop privs but did not"); > } > > int main(int argc, char *argv[]) > @@ -106,64 +98,55 @@ int main(int argc, char *argv[]) > tst_require_root(NULL); > > ret = prctl(PR_GET_KEEPCAPS); > - if (ret) { > - tst_resm(TBROK, "keepcaps was already set?\n"); > - tst_exit(); > - } > + if (ret) > + tst_brkm(TBROK, NULL, "keepcaps was already set?\n"); > + > + if (argc < 2) > + tst_brkm(TBROK, NULL, "Usage: %s <tescase_num>", argv[0]); > > - if (argc < 2) { > - tst_resm(TBROK, "Usage: %s <tescase_num>", argv[0]); > - tst_exit(); > - } > whichtest = atoi(argv[1]); > - if (whichtest < 1 || whichtest > 3) { > - tst_resm(TFAIL, "Valid tests are 1-3\n"); > - tst_exit(); > - } > + if (whichtest < 1 || whichtest > 3) > + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); > + > switch (whichtest) { > case 1: > do_setuid(EXPECT_NOPRIVS); /* does not return */ > case 2: > ret = prctl(PR_SET_KEEPCAPS, 1); > if (ret == -1) { > - tst_resm(TFAIL | TERRNO, "PR_SET_KEEPCAPS failed\n"); > - tst_exit(); > + tst_brkm(TFAIL | TERRNO, NULL, > + "PR_SET_KEEPCAPS failed\n"); > } > ret = prctl(PR_GET_KEEPCAPS); > if (!ret) { > - tst_resm(TFAIL | TERRNO, > + tst_brkm(TFAIL | TERRNO, NULL, > "PR_SET_KEEPCAPS did not set keepcaps\n"); > - tst_exit(); > } > do_setuid(EXPECT_PRIVS); /* does not return */ > case 3: > ret = prctl(PR_GET_SECUREBITS); > ret = prctl(PR_SET_SECUREBITS, ret | SECBIT_KEEP_CAPS); > if (ret == -1) { > - tst_resm(TFAIL | TERRNO, "PR_SET_SECUREBITS failed\n"); > - tst_exit(); > + tst_brkm(TFAIL | TERRNO, NULL, > + "PR_SET_SECUREBITS failed\n"); > } > ret = prctl(PR_GET_KEEPCAPS); > if (!ret) { > - tst_resm(TFAIL | TERRNO, > + tst_brkm(TFAIL | TERRNO, NULL, > "PR_SET_SECUREBITS did not set keepcaps\n"); > - tst_exit(); > } > do_setuid(EXPECT_PRIVS); /* does not return */ > default: > - tst_resm(TFAIL, "should not reach here\n"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); > } > - tst_resm(TFAIL, "should not reach here\n"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "should not reach here\n"); > } > > #else > > int main(void) > { > - tst_resm(TCONF, "Test was compiled without libcap."); > - tst_exit(); > + tst_brkm(TCONF, NULL, "linux/securebits.h or libcap is not existence."); > } > > #endif /* HAVE_LIBCAP */ > diff --git a/testcases/kernel/security/securebits/run_securebits.sh > b/testcases/kernel/security/securebits/run_securebits.sh > deleted file mode 100644 > index 4d9e272..0000000 > --- a/testcases/kernel/security/securebits/run_securebits.sh > +++ /dev/null > @@ -1,20 +0,0 @@ > -#!/bin/sh > - > -echo "testing keepcaps" > -check_keepcaps 1 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > -check_keepcaps 2 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > -check_keepcaps 3 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > - > -exit $exit_code > -- > 1.9.3 > > > > ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH v2] securebits: some cleanup 2014-09-26 12:43 ` Jan Stancek @ 2014-10-08 7:23 ` Zeng Linggang 2014-10-08 7:49 ` [LTP] [PATCH v3] " Zeng Linggang 2014-10-15 11:32 ` [LTP] [PATCH v2] " Cyril Hrubis 2 siblings, 0 replies; 10+ messages in thread From: Zeng Linggang @ 2014-10-08 7:23 UTC (permalink / raw) To: Jan Stancek; +Cc: ltp-list Hi, Jan On Fri, 2014-09-26 at 08:43 -0400, Jan Stancek wrote: > > > > ----- Original Message ----- > > From: "Zeng Linggang" <zenglg.jy@cn.fujitsu.com> > > To: "Jan Stancek" <jstancek@redhat.com> > > Cc: "ltp-list" <ltp-list@lists.sourceforge.net> > > Sent: Friday, 26 September, 2014 10:06:57 AM > > Subject: [PATCH v2] securebits: some cleanup > > > > * Remove .sh and divide into three seperate tests. > > > > * Check the header <linux/securebits.h>. > > > > * Use tst_brkm instead of tst_exit() that follows tst_resm. > > > > * Some cleanup > > > > Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> > > Is the modified testcase working for you? > I am so sorry for that I made a stupid mistake. My intention is to print pass and exit the test, but I use tst_brkm(TPASS, ..) that make us get a segmentation fault. I will fix it. Thank you very much. Best regards, Zeng > I'm getting segmentation fault: > > (gdb) bt > #0 __GI__IO_fputs (str=str@entry=0x7fffffffa980 "keepcaps 0 TWARN : tst_brk_: Invalid Type: 0. Using TBROK\n", fp=0x0) > at iofputs.c:39 > #1 0x00000000004015ee in tst_print (tcid=0x4029ba "keepcaps", tnum=tnum@entry=0, ttype=ttype@entry=4, > tmesg=tmesg@entry=0x605240 <Warn_mesg> "tst_brk_: Invalid Type: 0. Using TBROK") at tst_res.c:479 > #2 0x00000000004021f5 in tst_brk_ (file=file@entry=0x4028fe "check_keepcaps.c", lineno=lineno@entry=88, ttype=ttype@entry=0, > fname=fname@entry=0x0, func=func@entry=0x0, arg_fmt=arg_fmt@entry=0x402ac6 "%s") at tst_res.c:656 > #3 0x00000000004026a8 in tst_brkm_ (file=file@entry=0x4028fe "check_keepcaps.c", lineno=lineno@entry=88, ttype=ttype@entry=0, > func=func@entry=0x0, arg_fmt=arg_fmt@entry=0x402926 "dropped privs as expected") at tst_res.c:769 > #4 0x0000000000401460 in do_setuid (expect_privs=expect_privs@entry=0) at check_keepcaps.c:88 > #5 0x000000000040124f in main (argc=2, argv=0x7fffffffe528) at check_keepcaps.c:113 > > and when I fix the crash (T_out is uninitialized) I get: > > # ./check_keepcaps 1 > keepcaps 0 TWARN : tst_brk_: Invalid Type: 0. Using TBROK > keepcaps 1 TBROK : check_keepcaps.c:88: dropped privs as expected > > from lib/tst_res.c: > /* > * Only FAIL, BROK, CONF, and RETR are supported by tst_brk(). > */ > > Regards, > Jan ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply [flat|nested] 10+ messages in thread
* [LTP] [PATCH v3] securebits: some cleanup 2014-09-26 12:43 ` Jan Stancek 2014-10-08 7:23 ` Zeng Linggang @ 2014-10-08 7:49 ` Zeng Linggang 2014-10-13 9:34 ` Jan Stancek 2014-10-15 11:25 ` Cyril Hrubis 2014-10-15 11:32 ` [LTP] [PATCH v2] " Cyril Hrubis 2 siblings, 2 replies; 10+ messages in thread From: Zeng Linggang @ 2014-10-08 7:49 UTC (permalink / raw) To: Jan Stancek; +Cc: ltp-list * Remove .sh and divide into three seperate tests. * Check the header <linux/securebits.h>. * Use tst_brkm instead of tst_exit() that follows tst_resm. * Some cleanup Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> --- runtest/securebits | 4 +- testcases/kernel/security/securebits/Makefile | 9 ++-- .../kernel/security/securebits/check_keepcaps.c | 57 +++++++++------------- .../kernel/security/securebits/run_securebits.sh | 20 -------- 4 files changed, 30 insertions(+), 60 deletions(-) delete mode 100644 testcases/kernel/security/securebits/run_securebits.sh diff --git a/runtest/securebits b/runtest/securebits index d78a66f..64e6e0a 100644 --- a/runtest/securebits +++ b/runtest/securebits @@ -1,2 +1,4 @@ #DESCRIPTION:securebits tests -Securebits run_securebits.sh +check_keepcaps01 check_keepcaps 1 +check_keepcaps02 check_keepcaps 2 +check_keepcaps03 check_keepcaps 3 diff --git a/testcases/kernel/security/securebits/Makefile b/testcases/kernel/security/securebits/Makefile index 51018d9..e379b7c 100644 --- a/testcases/kernel/security/securebits/Makefile +++ b/testcases/kernel/security/securebits/Makefile @@ -4,7 +4,8 @@ ## ## ## This program is free software; you can redistribute it and#or modify ## ## it under the terms of the GNU General Public License as published by ## -## the Free Software Foundation; either version 2 of the License, or ## ## (at your option) any later version. ## +## the Free Software Foundation; either version 2 of the License, or ## +## (at your option) any later version. ## ## ## ## This program is distributed in the hope that it will be useful, but ## ## WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ## @@ -12,8 +13,8 @@ ## for more details. ## ## ## ## You should have received a copy of the GNU General Public License ## -## along with this program; if not, write to the Free Software ## -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## +## along with this program; if not, write to the Free Software Foundation, ## +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## ## ## ################################################################################ @@ -23,6 +24,4 @@ include $(top_srcdir)/include/mk/testcases.mk LDLIBS += $(CAP_LIBS) -INSTALL_TARGETS := *.sh - include $(top_srcdir)/include/mk/generic_leaf_target.mk diff --git a/testcases/kernel/security/securebits/check_keepcaps.c b/testcases/kernel/security/securebits/check_keepcaps.c index 6e195c6..ce74715 100644 --- a/testcases/kernel/security/securebits/check_keepcaps.c +++ b/testcases/kernel/security/securebits/check_keepcaps.c @@ -5,7 +5,6 @@ #include <sys/capability.h> #endif #include <sys/prctl.h> -#include <linux/securebits.h> #include "usctest.h" #include "test.h" @@ -30,7 +29,9 @@ char *TCID = "keepcaps"; int TST_TOTAL = 1; -#ifdef HAVE_LIBCAP +#if (HAVE_LINUX_SECUREBITS_H && HAVE_LIBCAP) +#include <linux/securebits.h> + static int eff_caps_empty(cap_t c) { int i, ret, empty = 1; @@ -75,10 +76,8 @@ static void do_setuid(int expect_privs) int have_privs; ret = setuid(1000); - if (ret) { - tst_resm(TERRNO | TFAIL, "setuid failed"); - tst_exit(); - } + if (ret) + tst_brkm(TERRNO | TFAIL, NULL, "setuid failed"); have_privs = am_privileged(); if (have_privs && expect_privs == EXPECT_PRIVS) { @@ -95,8 +94,7 @@ static void do_setuid(int expect_privs) } /* have_privs && EXPECT_NOPRIVS */ - tst_resm(TFAIL, "expected to drop privs but did not"); - tst_exit(); + tst_brkm(TFAIL, NULL, "expected to drop privs but did not"); } int main(int argc, char *argv[]) @@ -106,64 +104,55 @@ int main(int argc, char *argv[]) tst_require_root(NULL); ret = prctl(PR_GET_KEEPCAPS); - if (ret) { - tst_resm(TBROK, "keepcaps was already set?\n"); - tst_exit(); - } + if (ret) + tst_brkm(TBROK, NULL, "keepcaps was already set?\n"); + + if (argc < 2) + tst_brkm(TBROK, NULL, "Usage: %s <tescase_num>", argv[0]); - if (argc < 2) { - tst_resm(TBROK, "Usage: %s <tescase_num>", argv[0]); - tst_exit(); - } whichtest = atoi(argv[1]); - if (whichtest < 1 || whichtest > 3) { - tst_resm(TFAIL, "Valid tests are 1-3\n"); - tst_exit(); - } + if (whichtest < 1 || whichtest > 3) + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); + switch (whichtest) { case 1: do_setuid(EXPECT_NOPRIVS); /* does not return */ case 2: ret = prctl(PR_SET_KEEPCAPS, 1); if (ret == -1) { - tst_resm(TFAIL | TERRNO, "PR_SET_KEEPCAPS failed\n"); - tst_exit(); + tst_brkm(TFAIL | TERRNO, NULL, + "PR_SET_KEEPCAPS failed\n"); } ret = prctl(PR_GET_KEEPCAPS); if (!ret) { - tst_resm(TFAIL | TERRNO, + tst_brkm(TFAIL | TERRNO, NULL, "PR_SET_KEEPCAPS did not set keepcaps\n"); - tst_exit(); } do_setuid(EXPECT_PRIVS); /* does not return */ case 3: ret = prctl(PR_GET_SECUREBITS); ret = prctl(PR_SET_SECUREBITS, ret | SECBIT_KEEP_CAPS); if (ret == -1) { - tst_resm(TFAIL | TERRNO, "PR_SET_SECUREBITS failed\n"); - tst_exit(); + tst_brkm(TFAIL | TERRNO, NULL, + "PR_SET_SECUREBITS failed\n"); } ret = prctl(PR_GET_KEEPCAPS); if (!ret) { - tst_resm(TFAIL | TERRNO, + tst_brkm(TFAIL | TERRNO, NULL, "PR_SET_SECUREBITS did not set keepcaps\n"); - tst_exit(); } do_setuid(EXPECT_PRIVS); /* does not return */ default: - tst_resm(TFAIL, "should not reach here\n"); - tst_exit(); + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); } - tst_resm(TFAIL, "should not reach here\n"); - tst_exit(); + tst_brkm(TFAIL, NULL, "should not reach here\n"); } #else int main(void) { - tst_resm(TCONF, "Test was compiled without libcap."); - tst_exit(); + tst_brkm(TCONF, NULL, "linux/securebits.h or libcap is not existence."); } #endif /* HAVE_LIBCAP */ diff --git a/testcases/kernel/security/securebits/run_securebits.sh b/testcases/kernel/security/securebits/run_securebits.sh deleted file mode 100644 index 4d9e272..0000000 --- a/testcases/kernel/security/securebits/run_securebits.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh - -echo "testing keepcaps" -check_keepcaps 1 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi -check_keepcaps 2 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi -check_keepcaps 3 -tmp=$? -if [ $tmp -ne 0 ]; then - exit_code=$tmp -fi - -exit $exit_code -- 1.9.3 ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH v3] securebits: some cleanup 2014-10-08 7:49 ` [LTP] [PATCH v3] " Zeng Linggang @ 2014-10-13 9:34 ` Jan Stancek 2014-10-15 11:25 ` Cyril Hrubis 1 sibling, 0 replies; 10+ messages in thread From: Jan Stancek @ 2014-10-13 9:34 UTC (permalink / raw) To: Zeng Linggang; +Cc: ltp-list ----- Original Message ----- > From: "Zeng Linggang" <zenglg.jy@cn.fujitsu.com> > To: "Jan Stancek" <jstancek@redhat.com> > Cc: "ltp-list" <ltp-list@lists.sourceforge.net> > Sent: Wednesday, 8 October, 2014 9:49:00 AM > Subject: [PATCH v3] securebits: some cleanup > > * Remove .sh and divide into three seperate tests. > > * Check the header <linux/securebits.h>. > > * Use tst_brkm instead of tst_exit() that follows tst_resm. > > * Some cleanup > > Signed-off-by: Zeng Linggang <zenglg.jy@cn.fujitsu.com> This version is no longer crashing for me. Tested-by: Jan Stancek <jstancek@redhat.com> > --- > runtest/securebits | 4 +- > testcases/kernel/security/securebits/Makefile | 9 ++-- > .../kernel/security/securebits/check_keepcaps.c | 57 > +++++++++------------- > .../kernel/security/securebits/run_securebits.sh | 20 -------- > 4 files changed, 30 insertions(+), 60 deletions(-) > delete mode 100644 testcases/kernel/security/securebits/run_securebits.sh > > diff --git a/runtest/securebits b/runtest/securebits > index d78a66f..64e6e0a 100644 > --- a/runtest/securebits > +++ b/runtest/securebits > @@ -1,2 +1,4 @@ > #DESCRIPTION:securebits tests > -Securebits run_securebits.sh > +check_keepcaps01 check_keepcaps 1 > +check_keepcaps02 check_keepcaps 2 > +check_keepcaps03 check_keepcaps 3 > diff --git a/testcases/kernel/security/securebits/Makefile > b/testcases/kernel/security/securebits/Makefile > index 51018d9..e379b7c 100644 > --- a/testcases/kernel/security/securebits/Makefile > +++ b/testcases/kernel/security/securebits/Makefile > @@ -4,7 +4,8 @@ > ## > ## > ## This program is free software; you can redistribute it and#or modify > ## > ## it under the terms of the GNU General Public License as published by > ## > -## the Free Software Foundation; either version 2 of the License, or > ## ## (at your option) any later version. > ## > +## the Free Software Foundation; either version 2 of the License, or > ## > +## (at your option) any later version. > ## > ## > ## > ## This program is distributed in the hope that it will be useful, but > ## > ## WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY ## > @@ -12,8 +13,8 @@ > ## for more details. > ## > ## > ## > ## You should have received a copy of the GNU General Public License > ## > -## along with this program; if not, write to the Free Software > ## > -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 > USA ## > +## along with this program; if not, write to the Free Software Foundation, > ## > +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA > ## > ## > ## > ################################################################################ > > @@ -23,6 +24,4 @@ include $(top_srcdir)/include/mk/testcases.mk > > LDLIBS += $(CAP_LIBS) > > -INSTALL_TARGETS := *.sh > - > include $(top_srcdir)/include/mk/generic_leaf_target.mk > diff --git a/testcases/kernel/security/securebits/check_keepcaps.c > b/testcases/kernel/security/securebits/check_keepcaps.c > index 6e195c6..ce74715 100644 > --- a/testcases/kernel/security/securebits/check_keepcaps.c > +++ b/testcases/kernel/security/securebits/check_keepcaps.c > @@ -5,7 +5,6 @@ > #include <sys/capability.h> > #endif > #include <sys/prctl.h> > -#include <linux/securebits.h> > #include "usctest.h" > #include "test.h" > > @@ -30,7 +29,9 @@ > char *TCID = "keepcaps"; > int TST_TOTAL = 1; > > -#ifdef HAVE_LIBCAP > +#if (HAVE_LINUX_SECUREBITS_H && HAVE_LIBCAP) > +#include <linux/securebits.h> > + > static int eff_caps_empty(cap_t c) > { > int i, ret, empty = 1; > @@ -75,10 +76,8 @@ static void do_setuid(int expect_privs) > int have_privs; > > ret = setuid(1000); > - if (ret) { > - tst_resm(TERRNO | TFAIL, "setuid failed"); > - tst_exit(); > - } > + if (ret) > + tst_brkm(TERRNO | TFAIL, NULL, "setuid failed"); > > have_privs = am_privileged(); > if (have_privs && expect_privs == EXPECT_PRIVS) { > @@ -95,8 +94,7 @@ static void do_setuid(int expect_privs) > } > > /* have_privs && EXPECT_NOPRIVS */ > - tst_resm(TFAIL, "expected to drop privs but did not"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "expected to drop privs but did not"); > } > > int main(int argc, char *argv[]) > @@ -106,64 +104,55 @@ int main(int argc, char *argv[]) > tst_require_root(NULL); > > ret = prctl(PR_GET_KEEPCAPS); > - if (ret) { > - tst_resm(TBROK, "keepcaps was already set?\n"); > - tst_exit(); > - } > + if (ret) > + tst_brkm(TBROK, NULL, "keepcaps was already set?\n"); > + > + if (argc < 2) > + tst_brkm(TBROK, NULL, "Usage: %s <tescase_num>", argv[0]); > > - if (argc < 2) { > - tst_resm(TBROK, "Usage: %s <tescase_num>", argv[0]); > - tst_exit(); > - } > whichtest = atoi(argv[1]); > - if (whichtest < 1 || whichtest > 3) { > - tst_resm(TFAIL, "Valid tests are 1-3\n"); > - tst_exit(); > - } > + if (whichtest < 1 || whichtest > 3) > + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); > + > switch (whichtest) { > case 1: > do_setuid(EXPECT_NOPRIVS); /* does not return */ > case 2: > ret = prctl(PR_SET_KEEPCAPS, 1); > if (ret == -1) { > - tst_resm(TFAIL | TERRNO, "PR_SET_KEEPCAPS failed\n"); > - tst_exit(); > + tst_brkm(TFAIL | TERRNO, NULL, > + "PR_SET_KEEPCAPS failed\n"); > } > ret = prctl(PR_GET_KEEPCAPS); > if (!ret) { > - tst_resm(TFAIL | TERRNO, > + tst_brkm(TFAIL | TERRNO, NULL, > "PR_SET_KEEPCAPS did not set keepcaps\n"); > - tst_exit(); > } > do_setuid(EXPECT_PRIVS); /* does not return */ > case 3: > ret = prctl(PR_GET_SECUREBITS); > ret = prctl(PR_SET_SECUREBITS, ret | SECBIT_KEEP_CAPS); > if (ret == -1) { > - tst_resm(TFAIL | TERRNO, "PR_SET_SECUREBITS failed\n"); > - tst_exit(); > + tst_brkm(TFAIL | TERRNO, NULL, > + "PR_SET_SECUREBITS failed\n"); > } > ret = prctl(PR_GET_KEEPCAPS); > if (!ret) { > - tst_resm(TFAIL | TERRNO, > + tst_brkm(TFAIL | TERRNO, NULL, > "PR_SET_SECUREBITS did not set keepcaps\n"); > - tst_exit(); > } > do_setuid(EXPECT_PRIVS); /* does not return */ > default: > - tst_resm(TFAIL, "should not reach here\n"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); > } > - tst_resm(TFAIL, "should not reach here\n"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "should not reach here\n"); > } > > #else > > int main(void) > { > - tst_resm(TCONF, "Test was compiled without libcap."); > - tst_exit(); > + tst_brkm(TCONF, NULL, "linux/securebits.h or libcap is not existence."); > } > > #endif /* HAVE_LIBCAP */ > diff --git a/testcases/kernel/security/securebits/run_securebits.sh > b/testcases/kernel/security/securebits/run_securebits.sh > deleted file mode 100644 > index 4d9e272..0000000 > --- a/testcases/kernel/security/securebits/run_securebits.sh > +++ /dev/null > @@ -1,20 +0,0 @@ > -#!/bin/sh > - > -echo "testing keepcaps" > -check_keepcaps 1 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > -check_keepcaps 2 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > -check_keepcaps 3 > -tmp=$? > -if [ $tmp -ne 0 ]; then > - exit_code=$tmp > -fi > - > -exit $exit_code > -- > 1.9.3 > > > > ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH v3] securebits: some cleanup 2014-10-08 7:49 ` [LTP] [PATCH v3] " Zeng Linggang 2014-10-13 9:34 ` Jan Stancek @ 2014-10-15 11:25 ` Cyril Hrubis 1 sibling, 0 replies; 10+ messages in thread From: Cyril Hrubis @ 2014-10-15 11:25 UTC (permalink / raw) To: Zeng Linggang; +Cc: ltp-list Hi! > diff --git a/runtest/securebits b/runtest/securebits > index d78a66f..64e6e0a 100644 > --- a/runtest/securebits > +++ b/runtest/securebits > @@ -1,2 +1,4 @@ > #DESCRIPTION:securebits tests > -Securebits run_securebits.sh > +check_keepcaps01 check_keepcaps 1 > +check_keepcaps02 check_keepcaps 2 > +check_keepcaps03 check_keepcaps 3 > diff --git a/testcases/kernel/security/securebits/Makefile b/testcases/kernel/security/securebits/Makefile > index 51018d9..e379b7c 100644 > --- a/testcases/kernel/security/securebits/Makefile > +++ b/testcases/kernel/security/securebits/Makefile > @@ -4,7 +4,8 @@ > ## ## > ## This program is free software; you can redistribute it and#or modify ## > ## it under the terms of the GNU General Public License as published by ## > -## the Free Software Foundation; either version 2 of the License, or ## ## (at your option) any later version. ## > +## the Free Software Foundation; either version 2 of the License, or ## > +## (at your option) any later version. ## > ## ## > ## This program is distributed in the hope that it will be useful, but ## > ## WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ## > @@ -12,8 +13,8 @@ > ## for more details. ## > ## ## > ## You should have received a copy of the GNU General Public License ## > -## along with this program; if not, write to the Free Software ## > -## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## > +## along with this program; if not, write to the Free Software Foundation, ## > +## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ## > ## ## > ################################################################################ > > @@ -23,6 +24,4 @@ include $(top_srcdir)/include/mk/testcases.mk > > LDLIBS += $(CAP_LIBS) > > -INSTALL_TARGETS := *.sh > - > include $(top_srcdir)/include/mk/generic_leaf_target.mk > diff --git a/testcases/kernel/security/securebits/check_keepcaps.c b/testcases/kernel/security/securebits/check_keepcaps.c > index 6e195c6..ce74715 100644 > --- a/testcases/kernel/security/securebits/check_keepcaps.c > +++ b/testcases/kernel/security/securebits/check_keepcaps.c > @@ -5,7 +5,6 @@ > #include <sys/capability.h> > #endif > #include <sys/prctl.h> > -#include <linux/securebits.h> > #include "usctest.h" > #include "test.h" > > @@ -30,7 +29,9 @@ > char *TCID = "keepcaps"; > int TST_TOTAL = 1; > > -#ifdef HAVE_LIBCAP > +#if (HAVE_LINUX_SECUREBITS_H && HAVE_LIBCAP) > +#include <linux/securebits.h> > + > static int eff_caps_empty(cap_t c) > { > int i, ret, empty = 1; > @@ -75,10 +76,8 @@ static void do_setuid(int expect_privs) > int have_privs; > > ret = setuid(1000); > - if (ret) { > - tst_resm(TERRNO | TFAIL, "setuid failed"); > - tst_exit(); > - } > + if (ret) > + tst_brkm(TERRNO | TFAIL, NULL, "setuid failed"); > > have_privs = am_privileged(); > if (have_privs && expect_privs == EXPECT_PRIVS) { > @@ -95,8 +94,7 @@ static void do_setuid(int expect_privs) > } > > /* have_privs && EXPECT_NOPRIVS */ > - tst_resm(TFAIL, "expected to drop privs but did not"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "expected to drop privs but did not"); > } > > int main(int argc, char *argv[]) > @@ -106,64 +104,55 @@ int main(int argc, char *argv[]) > tst_require_root(NULL); > > ret = prctl(PR_GET_KEEPCAPS); > - if (ret) { > - tst_resm(TBROK, "keepcaps was already set?\n"); > - tst_exit(); > - } > + if (ret) > + tst_brkm(TBROK, NULL, "keepcaps was already set?\n"); > + > + if (argc < 2) > + tst_brkm(TBROK, NULL, "Usage: %s <tescase_num>", argv[0]); > > - if (argc < 2) { > - tst_resm(TBROK, "Usage: %s <tescase_num>", argv[0]); > - tst_exit(); > - } > whichtest = atoi(argv[1]); > - if (whichtest < 1 || whichtest > 3) { > - tst_resm(TFAIL, "Valid tests are 1-3\n"); > - tst_exit(); > - } > + if (whichtest < 1 || whichtest > 3) > + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); > + > switch (whichtest) { > case 1: > do_setuid(EXPECT_NOPRIVS); /* does not return */ > case 2: > ret = prctl(PR_SET_KEEPCAPS, 1); > if (ret == -1) { > - tst_resm(TFAIL | TERRNO, "PR_SET_KEEPCAPS failed\n"); > - tst_exit(); > + tst_brkm(TFAIL | TERRNO, NULL, > + "PR_SET_KEEPCAPS failed\n"); > } > ret = prctl(PR_GET_KEEPCAPS); > if (!ret) { > - tst_resm(TFAIL | TERRNO, > + tst_brkm(TFAIL | TERRNO, NULL, > "PR_SET_KEEPCAPS did not set keepcaps\n"); > - tst_exit(); > } > do_setuid(EXPECT_PRIVS); /* does not return */ > case 3: > ret = prctl(PR_GET_SECUREBITS); > ret = prctl(PR_SET_SECUREBITS, ret | SECBIT_KEEP_CAPS); > if (ret == -1) { > - tst_resm(TFAIL | TERRNO, "PR_SET_SECUREBITS failed\n"); > - tst_exit(); > + tst_brkm(TFAIL | TERRNO, NULL, > + "PR_SET_SECUREBITS failed\n"); > } > ret = prctl(PR_GET_KEEPCAPS); > if (!ret) { > - tst_resm(TFAIL | TERRNO, > + tst_brkm(TFAIL | TERRNO, NULL, > "PR_SET_SECUREBITS did not set keepcaps\n"); > - tst_exit(); > } > do_setuid(EXPECT_PRIVS); /* does not return */ > default: > - tst_resm(TFAIL, "should not reach here\n"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "Valid tests are 1-3\n"); > } > - tst_resm(TFAIL, "should not reach here\n"); > - tst_exit(); > + tst_brkm(TFAIL, NULL, "should not reach here\n"); I've removed this tst_brkm(TFAIL, NULL, "should not reach here\n") entirely as well as the newlines from the strings passed to the tst_foo() interfaces and pushed, thanks. -- Cyril Hrubis chrubis@suse.cz ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH v2] securebits: some cleanup 2014-09-26 12:43 ` Jan Stancek 2014-10-08 7:23 ` Zeng Linggang 2014-10-08 7:49 ` [LTP] [PATCH v3] " Zeng Linggang @ 2014-10-15 11:32 ` Cyril Hrubis 2 siblings, 0 replies; 10+ messages in thread From: Cyril Hrubis @ 2014-10-15 11:32 UTC (permalink / raw) To: Jan Stancek; +Cc: ltp-list Hi! > # ./check_keepcaps 1 > keepcaps 0 TWARN : tst_brk_: Invalid Type: 0. Using TBROK > keepcaps 1 TBROK : check_keepcaps.c:88: dropped privs as expected > > from lib/tst_res.c: > /* > * Only FAIL, BROK, CONF, and RETR are supported by tst_brk(). > */ When I was looking at the tst interface this looked to me like an artificial limitation. I guess that we can introduce an function that would report success and exit the test as well, the only complicated part would be figuring out good name. And more progressive view may be that we need two functions for reporting results. One that just reports the result and one that also exit the test execution (and calls an optional cleanup callback). But that would require more changes in the test library and in testscases. And I do not want to add an unfamiliar interface as well. -- Cyril Hrubis chrubis@suse.cz ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho _______________________________________________ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2014-10-15 11:32 UTC | newest] Thread overview: 10+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2014-08-07 9:06 [LTP] [PATCH] securebits: some cleanup Zeng Linggang 2014-08-13 9:46 ` Jan Stancek 2014-09-25 10:00 ` Zeng Linggang 2014-09-26 8:06 ` [LTP] [PATCH v2] " Zeng Linggang 2014-09-26 12:43 ` Jan Stancek 2014-10-08 7:23 ` Zeng Linggang 2014-10-08 7:49 ` [LTP] [PATCH v3] " Zeng Linggang 2014-10-13 9:34 ` Jan Stancek 2014-10-15 11:25 ` Cyril Hrubis 2014-10-15 11:32 ` [LTP] [PATCH v2] " Cyril Hrubis
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox