* [LTP] [PATCH 1/4] lib: shell: Add TST_SKIP_IN_LOCKDOWN=1
2023-07-28 13:21 [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN,SECUREBOOT}=1 Petr Vorel
@ 2023-07-28 13:21 ` Petr Vorel
2023-07-28 13:21 ` [LTP] [PATCH 2/4] lib: shell: Add TST_SKIP_IN_SECUREBOOT=1 Petr Vorel
` (4 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Petr Vorel @ 2023-07-28 13:21 UTC (permalink / raw)
To: ltp
And tst_lockdown_enabled.c helper.
Detection is needed for insmod01.sh.
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
doc/test-writing-guidelines.txt | 2 +-
testcases/lib/.gitignore | 1 +
testcases/lib/Makefile | 2 +-
testcases/lib/tst_lockdown_enabled.c | 12 ++++++++++++
testcases/lib/tst_test.sh | 6 +++++-
5 files changed, 20 insertions(+), 3 deletions(-)
create mode 100644 testcases/lib/tst_lockdown_enabled.c
diff --git a/doc/test-writing-guidelines.txt b/doc/test-writing-guidelines.txt
index 6d1a69165..367fa780b 100644
--- a/doc/test-writing-guidelines.txt
+++ b/doc/test-writing-guidelines.txt
@@ -392,7 +392,7 @@ https://github.com/linux-test-project/ltp/wiki/Shell-Test-API[Shell Test API].
| '.setup' | 'TST_SETUP'
| '.skip_filesystems' | 'TST_SKIP_FILESYSTEMS'
| '.skip_in_compat' | –
-| '.skip_in_lockdown' | –
+| '.skip_in_lockdown' | 'TST_SKIP_IN_LOCKDOWN'
| '.skip_in_secureboot' | –
| '.supported_archs' | not applicable
| '.tags' | –
diff --git a/testcases/lib/.gitignore b/testcases/lib/.gitignore
index a8573922d..b824767f7 100644
--- a/testcases/lib/.gitignore
+++ b/testcases/lib/.gitignore
@@ -10,6 +10,7 @@
/tst_get_unused_port
/tst_hexdump
/tst_kvcmp
+/tst_lockdown_enabled
/tst_net_iface_prefix
/tst_net_ip_prefix
/tst_net_vars
diff --git a/testcases/lib/Makefile b/testcases/lib/Makefile
index 14728bf89..3094aa463 100644
--- a/testcases/lib/Makefile
+++ b/testcases/lib/Makefile
@@ -13,6 +13,6 @@ MAKE_TARGETS := tst_sleep tst_random tst_checkpoint tst_rod tst_kvcmp\
tst_getconf tst_supported_fs tst_check_drivers tst_get_unused_port\
tst_get_median tst_hexdump tst_get_free_pids tst_timeout_kill\
tst_check_kconfigs tst_cgctl tst_fsfreeze tst_ns_create tst_ns_exec\
- tst_ns_ifmove
+ tst_ns_ifmove tst_lockdown_enabled
include $(top_srcdir)/include/mk/generic_leaf_target.mk
diff --git a/testcases/lib/tst_lockdown_enabled.c b/testcases/lib/tst_lockdown_enabled.c
new file mode 100644
index 000000000..0e40c428c
--- /dev/null
+++ b/testcases/lib/tst_lockdown_enabled.c
@@ -0,0 +1,12 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (c) 2023 Petr Vorel <pvorel@suse.cz>
+ */
+
+#define TST_NO_DEFAULT_MAIN
+#include "tst_test.h"
+
+int main(void)
+{
+ return !tst_lockdown_enabled();
+}
diff --git a/testcases/lib/tst_test.sh b/testcases/lib/tst_test.sh
index 55133666d..afcf66b20 100644
--- a/testcases/lib/tst_test.sh
+++ b/testcases/lib/tst_test.sh
@@ -678,7 +678,7 @@ tst_run()
CHECKPOINT_WAIT|CHECKPOINT_WAKE);;
CHECKPOINT_WAKE2|CHECKPOINT_WAKE_AND_WAIT);;
DEV_EXTRA_OPTS|DEV_FS_OPTS|FORMAT_DEVICE|MOUNT_DEVICE);;
- SKIP_FILESYSTEMS);;
+ SKIP_FILESYSTEMS|SKIP_IN_LOCKDOWN);;
*) tst_res TWARN "Reserved variable TST_$_tst_i used!";;
esac
done
@@ -698,6 +698,10 @@ tst_run()
[ "$TST_NEEDS_ROOT" = 1 ] && tst_require_root
+ if [ "$TST_SKIP_IN_LOCKDOWN" = 1 ] && tst_lockdown_enabled; then
+ tst_brk TCONF "Kernel is locked down, skipping test"
+ fi
+
[ "$TST_DISABLE_APPARMOR" = 1 ] && tst_disable_apparmor
[ "$TST_DISABLE_SELINUX" = 1 ] && tst_disable_selinux
--
2.41.0
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply related [flat|nested] 10+ messages in thread* [LTP] [PATCH 2/4] lib: shell: Add TST_SKIP_IN_SECUREBOOT=1
2023-07-28 13:21 [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN,SECUREBOOT}=1 Petr Vorel
2023-07-28 13:21 ` [LTP] [PATCH 1/4] lib: shell: Add TST_SKIP_IN_LOCKDOWN=1 Petr Vorel
@ 2023-07-28 13:21 ` Petr Vorel
2023-07-28 13:21 ` [LTP] [PATCH 3/4] insmod01.sh: Skip test on lockdown and secure boot Petr Vorel
` (3 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Petr Vorel @ 2023-07-28 13:21 UTC (permalink / raw)
To: ltp
And tst_secureboot_enabled.c helper.
Detection is needed for insmod01.sh.
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
doc/test-writing-guidelines.txt | 2 +-
testcases/lib/.gitignore | 1 +
testcases/lib/Makefile | 2 +-
testcases/lib/tst_secureboot_enabled.c | 12 ++++++++++++
testcases/lib/tst_test.sh | 6 +++++-
5 files changed, 20 insertions(+), 3 deletions(-)
create mode 100644 testcases/lib/tst_secureboot_enabled.c
diff --git a/doc/test-writing-guidelines.txt b/doc/test-writing-guidelines.txt
index 367fa780b..4ee9199ab 100644
--- a/doc/test-writing-guidelines.txt
+++ b/doc/test-writing-guidelines.txt
@@ -393,7 +393,7 @@ https://github.com/linux-test-project/ltp/wiki/Shell-Test-API[Shell Test API].
| '.skip_filesystems' | 'TST_SKIP_FILESYSTEMS'
| '.skip_in_compat' | –
| '.skip_in_lockdown' | 'TST_SKIP_IN_LOCKDOWN'
-| '.skip_in_secureboot' | –
+| '.skip_in_secureboot' | 'TST_SKIP_IN_SECUREBOOT'
| '.supported_archs' | not applicable
| '.tags' | –
| '.taint_check' | –
diff --git a/testcases/lib/.gitignore b/testcases/lib/.gitignore
index b824767f7..e8afd06f3 100644
--- a/testcases/lib/.gitignore
+++ b/testcases/lib/.gitignore
@@ -19,6 +19,7 @@
/tst_ns_ifmove
/tst_random
/tst_rod
+/tst_secureboot_enabled
/tst_sleep
/tst_supported_fs
/tst_timeout_kill
diff --git a/testcases/lib/Makefile b/testcases/lib/Makefile
index 3094aa463..990b46089 100644
--- a/testcases/lib/Makefile
+++ b/testcases/lib/Makefile
@@ -13,6 +13,6 @@ MAKE_TARGETS := tst_sleep tst_random tst_checkpoint tst_rod tst_kvcmp\
tst_getconf tst_supported_fs tst_check_drivers tst_get_unused_port\
tst_get_median tst_hexdump tst_get_free_pids tst_timeout_kill\
tst_check_kconfigs tst_cgctl tst_fsfreeze tst_ns_create tst_ns_exec\
- tst_ns_ifmove tst_lockdown_enabled
+ tst_ns_ifmove tst_lockdown_enabled tst_secureboot_enabled
include $(top_srcdir)/include/mk/generic_leaf_target.mk
diff --git a/testcases/lib/tst_secureboot_enabled.c b/testcases/lib/tst_secureboot_enabled.c
new file mode 100644
index 000000000..7c26fb118
--- /dev/null
+++ b/testcases/lib/tst_secureboot_enabled.c
@@ -0,0 +1,12 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (c) 2023 Petr Vorel <pvorel@suse.cz>
+ */
+
+#define TST_NO_DEFAULT_MAIN
+#include "tst_test.h"
+
+int main(void)
+{
+ return !tst_secureboot_enabled();
+}
diff --git a/testcases/lib/tst_test.sh b/testcases/lib/tst_test.sh
index afcf66b20..b5b38f524 100644
--- a/testcases/lib/tst_test.sh
+++ b/testcases/lib/tst_test.sh
@@ -678,7 +678,7 @@ tst_run()
CHECKPOINT_WAIT|CHECKPOINT_WAKE);;
CHECKPOINT_WAKE2|CHECKPOINT_WAKE_AND_WAIT);;
DEV_EXTRA_OPTS|DEV_FS_OPTS|FORMAT_DEVICE|MOUNT_DEVICE);;
- SKIP_FILESYSTEMS|SKIP_IN_LOCKDOWN);;
+ SKIP_FILESYSTEMS|SKIP_IN_LOCKDOWN|SKIP_IN_SECUREBOOT);;
*) tst_res TWARN "Reserved variable TST_$_tst_i used!";;
esac
done
@@ -698,6 +698,10 @@ tst_run()
[ "$TST_NEEDS_ROOT" = 1 ] && tst_require_root
+ if [ "$TST_SKIP_IN_SECUREBOOT" = 1 ] && tst_secureboot_enabled; then
+ tst_brk TCONF "SecureBoot enabled, skipping test"
+ fi
+
if [ "$TST_SKIP_IN_LOCKDOWN" = 1 ] && tst_lockdown_enabled; then
tst_brk TCONF "Kernel is locked down, skipping test"
fi
--
2.41.0
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply related [flat|nested] 10+ messages in thread* [LTP] [PATCH 3/4] insmod01.sh: Skip test on lockdown and secure boot
2023-07-28 13:21 [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN,SECUREBOOT}=1 Petr Vorel
2023-07-28 13:21 ` [LTP] [PATCH 1/4] lib: shell: Add TST_SKIP_IN_LOCKDOWN=1 Petr Vorel
2023-07-28 13:21 ` [LTP] [PATCH 2/4] lib: shell: Add TST_SKIP_IN_SECUREBOOT=1 Petr Vorel
@ 2023-07-28 13:21 ` Petr Vorel
2023-07-28 13:21 ` [LTP] [PATCH 4/4] doc/shell-API: Document TST_SKIP_IN_{LOCKDOWN, SECUREBOOT}=1 Petr Vorel
` (2 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Petr Vorel @ 2023-07-28 13:21 UTC (permalink / raw)
To: ltp
Lockdown patchset and secure boot does not allow to install LTP kernel module:
insmod: ERROR: could not insert module ltp_insmod01.ko: Operation not permitted
insmod01 1 TFAIL: insmod failed
Therefore skip the test on them (similar to C tests in 56660bd61).
Link: https://bugzilla.opensuse.org/show_bug.cgi?id=1208920
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
testcases/commands/insmod/insmod01.sh | 3 +++
1 file changed, 3 insertions(+)
diff --git a/testcases/commands/insmod/insmod01.sh b/testcases/commands/insmod/insmod01.sh
index 1881ba389..992b4a05a 100755
--- a/testcases/commands/insmod/insmod01.sh
+++ b/testcases/commands/insmod/insmod01.sh
@@ -1,6 +1,7 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-2.0-or-later
# Copyright (c) 2016 Fujitsu Ltd.
+# Copyright (c) Linux Test Project, 2016-2023
# Author: Guangwen Feng <fenggw-fnst@cn.fujitsu.com>
#
# Test basic functionality of insmod command.
@@ -10,6 +11,8 @@ TST_TESTFUNC=do_test
TST_NEEDS_ROOT=1
TST_NEEDS_CMDS="rmmod insmod"
TST_NEEDS_MODULE="ltp_insmod01.ko"
+TST_SKIP_IN_LOCKDOWN=1
+TST_SKIP_IN_SECUREBOOT=1
inserted=0
--
2.41.0
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply related [flat|nested] 10+ messages in thread* [LTP] [PATCH 4/4] doc/shell-API: Document TST_SKIP_IN_{LOCKDOWN, SECUREBOOT}=1
2023-07-28 13:21 [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN,SECUREBOOT}=1 Petr Vorel
` (2 preceding siblings ...)
2023-07-28 13:21 ` [LTP] [PATCH 3/4] insmod01.sh: Skip test on lockdown and secure boot Petr Vorel
@ 2023-07-28 13:21 ` Petr Vorel
2023-09-15 14:07 ` Martin Doucha
2023-09-15 10:49 ` [LTP] [PATCH 0/4] shell: Add " Cyril Hrubis
2023-09-15 12:40 ` Li Wang
5 siblings, 1 reply; 10+ messages in thread
From: Petr Vorel @ 2023-07-28 13:21 UTC (permalink / raw)
To: ltp
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
doc/shell-test-api.txt | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/doc/shell-test-api.txt b/doc/shell-test-api.txt
index dde170644..4cf630dab 100644
--- a/doc/shell-test-api.txt
+++ b/doc/shell-test-api.txt
@@ -821,3 +821,8 @@ TST_NEEDS_KCONFIGS="CONFIG_EXT4_FS, CONFIG_QUOTACTL=y"
. tst_test.sh
-------------------------------------------------------------------------------
+
+1.8 Skipping test based on system state
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Test can be skipped on various conditions: on enabled SecureBoot
+('TST_SKIP_IN_SECUREBOOT=1'), lockdown ('TST_SKIP_IN_LOCKDOWN=1').
--
2.41.0
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply related [flat|nested] 10+ messages in thread* Re: [LTP] [PATCH 4/4] doc/shell-API: Document TST_SKIP_IN_{LOCKDOWN, SECUREBOOT}=1
2023-07-28 13:21 ` [LTP] [PATCH 4/4] doc/shell-API: Document TST_SKIP_IN_{LOCKDOWN, SECUREBOOT}=1 Petr Vorel
@ 2023-09-15 14:07 ` Martin Doucha
0 siblings, 0 replies; 10+ messages in thread
From: Martin Doucha @ 2023-09-15 14:07 UTC (permalink / raw)
To: Petr Vorel, ltp
Hi,
for the whole patchset:
Reviewed-by: Martin Doucha <mdoucha@suse.cz>
On 28. 07. 23 15:21, Petr Vorel wrote:
> Signed-off-by: Petr Vorel <pvorel@suse.cz>
> ---
> doc/shell-test-api.txt | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/doc/shell-test-api.txt b/doc/shell-test-api.txt
> index dde170644..4cf630dab 100644
> --- a/doc/shell-test-api.txt
> +++ b/doc/shell-test-api.txt
> @@ -821,3 +821,8 @@ TST_NEEDS_KCONFIGS="CONFIG_EXT4_FS, CONFIG_QUOTACTL=y"
>
> . tst_test.sh
> -------------------------------------------------------------------------------
> +
> +1.8 Skipping test based on system state
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +Test can be skipped on various conditions: on enabled SecureBoot
> +('TST_SKIP_IN_SECUREBOOT=1'), lockdown ('TST_SKIP_IN_LOCKDOWN=1').
--
Martin Doucha mdoucha@suse.cz
SW Quality Engineer
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN, SECUREBOOT}=1
2023-07-28 13:21 [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN,SECUREBOOT}=1 Petr Vorel
` (3 preceding siblings ...)
2023-07-28 13:21 ` [LTP] [PATCH 4/4] doc/shell-API: Document TST_SKIP_IN_{LOCKDOWN, SECUREBOOT}=1 Petr Vorel
@ 2023-09-15 10:49 ` Cyril Hrubis
2023-09-15 11:11 ` Petr Vorel
2023-09-15 12:40 ` Li Wang
5 siblings, 1 reply; 10+ messages in thread
From: Cyril Hrubis @ 2023-09-15 10:49 UTC (permalink / raw)
To: Petr Vorel; +Cc: ltp
Hi!
Looks good.
Reviewed-by: Cyril Hrubis <chrubis@suse.cz>
--
Cyril Hrubis
chrubis@suse.cz
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN, SECUREBOOT}=1
2023-07-28 13:21 [LTP] [PATCH 0/4] shell: Add TST_SKIP_IN_{LOCKDOWN,SECUREBOOT}=1 Petr Vorel
` (4 preceding siblings ...)
2023-09-15 10:49 ` [LTP] [PATCH 0/4] shell: Add " Cyril Hrubis
@ 2023-09-15 12:40 ` Li Wang
2023-09-15 14:38 ` Petr Vorel
5 siblings, 1 reply; 10+ messages in thread
From: Li Wang @ 2023-09-15 12:40 UTC (permalink / raw)
To: Petr Vorel; +Cc: ltp
For patches:
Reviewed-by: Li Wang <liwang@redhat.com>
On Fri, Jul 28, 2023 at 9:21 PM Petr Vorel <pvorel@suse.cz> wrote:
> and use it in insmod01.sh.
>
> Petr Vorel (4):
> lib: shell: Add TST_SKIP_IN_LOCKDOWN=1
> lib: shell: Add TST_SKIP_IN_SECUREBOOT=1
> insmod01.sh: Skip test on lockdown and secure boot
> doc/shell-API: Document TST_SKIP_IN_{LOCKDOWN,SECUREBOOT}=1
>
> doc/shell-test-api.txt | 5 +++++
> doc/test-writing-guidelines.txt | 4 ++--
> testcases/commands/insmod/insmod01.sh | 3 +++
> testcases/lib/.gitignore | 2 ++
> testcases/lib/Makefile | 2 +-
> testcases/lib/tst_lockdown_enabled.c | 12 ++++++++++++
> testcases/lib/tst_secureboot_enabled.c | 12 ++++++++++++
> testcases/lib/tst_test.sh | 10 +++++++++-
> 8 files changed, 46 insertions(+), 4 deletions(-)
> create mode 100644 testcases/lib/tst_lockdown_enabled.c
> create mode 100644 testcases/lib/tst_secureboot_enabled.c
>
> --
> 2.41.0
>
>
> --
> Mailing list info: https://lists.linux.it/listinfo/ltp
>
>
--
Regards,
Li Wang
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 10+ messages in thread