From patchwork Mon Jan 7 02:26:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jia Zhang X-Patchwork-Id: 1021145 X-Patchwork-Delegate: petr.vorel@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.linux.it (client-ip=2001:1418:10:5::2; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.alibaba.com Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43Xzpj0441z9s9G for ; Mon, 7 Jan 2019 13:28:44 +1100 (AEDT) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 5133F3E6293 for ; Mon, 7 Jan 2019 03:28:42 +0100 (CET) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-2.smtp.seeweb.it (in-2.smtp.seeweb.it [IPv6:2001:4b78:1:20::2]) by picard.linux.it (Postfix) with ESMTP id AD3253E6274 for ; Mon, 7 Jan 2019 03:28:40 +0100 (CET) Received: from out30-131.freemail.mail.aliyun.com (out30-131.freemail.mail.aliyun.com [115.124.30.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by in-2.smtp.seeweb.it (Postfix) with ESMTPS id B151D60069D for ; Mon, 7 Jan 2019 03:28:38 +0100 (CET) X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R181e4; CH=green; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e01f04391; MF=zhang.jia@linux.alibaba.com; NM=1; PH=DS; RN=5; SR=0; TI=SMTPD_---0THh2rG1_1546827993; Received: from localhost(mailfrom:zhang.jia@linux.alibaba.com fp:SMTPD_---0THh2rG1_1546827993) by smtp.aliyun-inc.com(127.0.0.1); Mon, 07 Jan 2019 10:26:33 +0800 From: Jia Zhang To: zohar@linux.vnet.ibm.com, pvorel@suse.cz Date: Mon, 7 Jan 2019 10:26:28 +0800 Message-Id: <1546827989-43569-6-git-send-email-zhang.jia@linux.alibaba.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1546827989-43569-1-git-send-email-zhang.jia@linux.alibaba.com> References: <1546827989-43569-1-git-send-email-zhang.jia@linux.alibaba.com> X-Virus-Scanned: clamav-milter 0.99.2 at in-2.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=-7.5 required=7.0 tests=ENV_AND_HDR_SPF_MATCH, SPF_PASS,USER_IN_DEF_SPF_WL autolearn=disabled version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on in-2.smtp.seeweb.it Cc: linux-integrity@vger.kernel.org, ltp@lists.linux.it Subject: [LTP] [PATCH 5/6] ima: Rename the folder name for policy files to datafiles X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.18 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" If we choose to run ima_policy.sh locally without installation, a failure message is reported as following: ima_policy 1 TCONF: missing /ltp/testcases/kernel/security/integrity/ima/datafiles/measure.policy TST_DATAROOT would be extended to datafiles but the policy files are actually placed under policy. In order to make it easier, just rename the folder name to datafiles. Signed-off-by: Jia Zhang --- testcases/kernel/security/integrity/ima/Makefile | 2 +- .../security/integrity/ima/datafiles/Makefile | 31 ++++++++++++++++++++++ .../integrity/ima/datafiles/measure.policy | 16 +++++++++++ .../integrity/ima/datafiles/measure.policy-invalid | 16 +++++++++++ .../kernel/security/integrity/ima/policy/Makefile | 31 ---------------------- .../security/integrity/ima/policy/measure.policy | 16 ----------- .../integrity/ima/policy/measure.policy-invalid | 16 ----------- 7 files changed, 64 insertions(+), 64 deletions(-) create mode 100644 testcases/kernel/security/integrity/ima/datafiles/Makefile create mode 100644 testcases/kernel/security/integrity/ima/datafiles/measure.policy create mode 100644 testcases/kernel/security/integrity/ima/datafiles/measure.policy-invalid delete mode 100644 testcases/kernel/security/integrity/ima/policy/Makefile delete mode 100644 testcases/kernel/security/integrity/ima/policy/measure.policy delete mode 100644 testcases/kernel/security/integrity/ima/policy/measure.policy-invalid diff --git a/testcases/kernel/security/integrity/ima/Makefile b/testcases/kernel/security/integrity/ima/Makefile index 1290e6f..19b10ff 100644 --- a/testcases/kernel/security/integrity/ima/Makefile +++ b/testcases/kernel/security/integrity/ima/Makefile @@ -24,6 +24,6 @@ top_srcdir ?= ../../../../.. include $(top_srcdir)/include/mk/env_pre.mk -SUBDIRS := policy src tests +SUBDIRS := datafiles src tests include $(top_srcdir)/include/mk/generic_trunk_target.mk diff --git a/testcases/kernel/security/integrity/ima/datafiles/Makefile b/testcases/kernel/security/integrity/ima/datafiles/Makefile new file mode 100644 index 0000000..a960f9d --- /dev/null +++ b/testcases/kernel/security/integrity/ima/datafiles/Makefile @@ -0,0 +1,31 @@ +# +# testcases/kernel/security/integrity/ima/policy testcases Makefile. +# +# Copyright (C) 2009, Cisco Systems Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Ngie Cooper, July 2009 +# + +top_srcdir ?= ../../../../../.. + +include $(top_srcdir)/include/mk/env_pre.mk + +INSTALL_DIR := testcases/data/ima_policy + +INSTALL_TARGETS := measure* + +include $(top_srcdir)/include/mk/generic_leaf_target.mk diff --git a/testcases/kernel/security/integrity/ima/datafiles/measure.policy b/testcases/kernel/security/integrity/ima/datafiles/measure.policy new file mode 100644 index 0000000..9976ddf --- /dev/null +++ b/testcases/kernel/security/integrity/ima/datafiles/measure.policy @@ -0,0 +1,16 @@ +# +# Integrity measure policy +# +# PROC_SUPER_MAGIC +dont_measure fsmagic=0x9fa0 +# SYSFS_MAGIC +dont_measure fsmagic=0x62656572 +# DEBUGFS_MAGIC +dont_measure fsmagic=0x64626720 +# TMPFS_MAGIC +dont_measure fsmagic=0x01021994 +# SECURITYFS_MAGIC +dont_measure fsmagic=0x73636673 +measure func=FILE_MMAP mask=MAY_EXEC +measure func=BPRM_CHECK mask=MAY_EXEC +measure func=FILE_CHECK mask=MAY_READ uid=0 diff --git a/testcases/kernel/security/integrity/ima/datafiles/measure.policy-invalid b/testcases/kernel/security/integrity/ima/datafiles/measure.policy-invalid new file mode 100644 index 0000000..04dff89 --- /dev/null +++ b/testcases/kernel/security/integrity/ima/datafiles/measure.policy-invalid @@ -0,0 +1,16 @@ +# +# Integrity measure policy +# +# PROC_SUPER_MAGIC +dont_measure fsmagic=0x9fa0 +# SYSFS_MAGIC +dont_measure fsmagic=0x62656572 +# DEBUGFS_MAGIC +dont_measure fsmagic=0x64626720 +# TMPFS_MAGIC +dont_measure fsmagic=0x01021994 +# SECURITYFS_MAGIC +dnt_measure fsmagic=0x73636673 +measure func=FILE_MMAP mask=MAY_EXEC +measure func=BPRM_CHECK mask=MAY_EXEC +measure func=FILE_CHECK mask=MAY_READ uid=0 diff --git a/testcases/kernel/security/integrity/ima/policy/Makefile b/testcases/kernel/security/integrity/ima/policy/Makefile deleted file mode 100644 index a960f9d..0000000 --- a/testcases/kernel/security/integrity/ima/policy/Makefile +++ /dev/null @@ -1,31 +0,0 @@ -# -# testcases/kernel/security/integrity/ima/policy testcases Makefile. -# -# Copyright (C) 2009, Cisco Systems Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Ngie Cooper, July 2009 -# - -top_srcdir ?= ../../../../../.. - -include $(top_srcdir)/include/mk/env_pre.mk - -INSTALL_DIR := testcases/data/ima_policy - -INSTALL_TARGETS := measure* - -include $(top_srcdir)/include/mk/generic_leaf_target.mk diff --git a/testcases/kernel/security/integrity/ima/policy/measure.policy b/testcases/kernel/security/integrity/ima/policy/measure.policy deleted file mode 100644 index 9976ddf..0000000 --- a/testcases/kernel/security/integrity/ima/policy/measure.policy +++ /dev/null @@ -1,16 +0,0 @@ -# -# Integrity measure policy -# -# PROC_SUPER_MAGIC -dont_measure fsmagic=0x9fa0 -# SYSFS_MAGIC -dont_measure fsmagic=0x62656572 -# DEBUGFS_MAGIC -dont_measure fsmagic=0x64626720 -# TMPFS_MAGIC -dont_measure fsmagic=0x01021994 -# SECURITYFS_MAGIC -dont_measure fsmagic=0x73636673 -measure func=FILE_MMAP mask=MAY_EXEC -measure func=BPRM_CHECK mask=MAY_EXEC -measure func=FILE_CHECK mask=MAY_READ uid=0 diff --git a/testcases/kernel/security/integrity/ima/policy/measure.policy-invalid b/testcases/kernel/security/integrity/ima/policy/measure.policy-invalid deleted file mode 100644 index 04dff89..0000000 --- a/testcases/kernel/security/integrity/ima/policy/measure.policy-invalid +++ /dev/null @@ -1,16 +0,0 @@ -# -# Integrity measure policy -# -# PROC_SUPER_MAGIC -dont_measure fsmagic=0x9fa0 -# SYSFS_MAGIC -dont_measure fsmagic=0x62656572 -# DEBUGFS_MAGIC -dont_measure fsmagic=0x64626720 -# TMPFS_MAGIC -dont_measure fsmagic=0x01021994 -# SECURITYFS_MAGIC -dnt_measure fsmagic=0x73636673 -measure func=FILE_MMAP mask=MAY_EXEC -measure func=BPRM_CHECK mask=MAY_EXEC -measure func=FILE_CHECK mask=MAY_READ uid=0