Quoting CAI Qian ([email protected]):
> Hi,
>
> The following patch adds checking for SELinux. If it is enabled, the
> following entries are expected to be read successfully,
>
> /proc/self/attr/*
> /proc/self/task/[0-9]*/attr/*
>
> If it is disabled, expecting read(2) return -1 with -EINVAL. 0It does not
> affect the testing for systems with no LSM, LSM other than SELinux, and
> SELinux-disabled.
>
> As discussed before, I don't want to put those entries to a separate
> test, so I can read them the same way as the rest of procfs entries.
>
> Signed-off-by: CAI Qian <[email protected]>
>
> --- testcases/kernel/fs/proc/proc01.c.p1 2009-02-04 11:06:30.000000000
> -0500
> +++ testcases/kernel/fs/proc/proc01.c 2009-02-04 11:14:06.000000000 -0500
> @@ -25,6 +25,8 @@
> *
> */
>
> +#include "config.h"
> +
> #include <errno.h> /* for errno */
> #include <stdio.h> /* for NULL */
> #include <stdlib.h> /* for malloc() */
> @@ -37,6 +39,10 @@
> #include <fcntl.h>
> #include <fnmatch.h>
>
> +#ifdef HAVE_SELINUX_SELINUX_H
> +#include <selinux/selinux.h>
> +#endif
> +
> #include "test.h"
> #include "usctest.h"
>
> @@ -99,8 +105,19 @@
> {"", "", 0}
> };
>
> +#ifdef HAVE_SELINUX_SELINUX_H
> +/* If SELinux is enabled, the following entries should be read
> + successfully. */
> +const char selinux_should_work[][PATH_MAX] =
How about naming the array more generally, defining it
empty if !HAVE_SELINUX_SELINUX_H, and then always walking
it below? That will simplify the task of modifying the
flow for the next (non-selinux) folks to have to modify this.
> + {
> + "/proc/self/attr/*",
> + "/proc/self/task/[0-9]*/attr/*",
> + ""
> + };
> +#endif
> +
> /* Known files that does not honor O_NONBLOCK, so they will hang
> - the test while being read.*/
> + the test while being read. */
> const char error_nonblock[][PATH_MAX] =
> {
> "/proc/xen/xenbus",
> @@ -112,6 +129,20 @@
> {
> int i;
>
> +/* Should not see any error for certain entries if SELinux is
> + enabled. */
> +#ifdef HAVE_SELINUX_SELINUX_H
> + if (is_selinux_enabled())
> + {
> + for (i = 0; selinux_should_work[i][0] != '\0'; i++)
> + {
> + if (!strcmp(obj, selinux_should_work[i])
> + || !fnmatch(selinux_should_work[i], obj, FNM_PATHNAME))
> + return 0;
> + }
> + }
> +#endif
> +
> for (i = 0; known_issues[i].err != 0; i++)
> if (tmperr == known_issues[i].err
> && (!strcmp(obj, known_issues[i].file)
>
> ------------------------------------------------------------------------------
> Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM)
> software. With Adobe AIR, Ajax developers can use existing skills and code to
> build responsive, highly engaging applications that combine the power of local
> resources and data with the reach of the web. Download the Adobe AIR SDK and
> Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com
> _______________________________________________
> Ltp-list mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/ltp-list
------------------------------------------------------------------------------
Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM)
software. With Adobe AIR, Ajax developers can use existing skills and code to
build responsive, highly engaging applications that combine the power of local
resources and data with the reach of the web. Download the Adobe AIR SDK and
Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com
_______________________________________________
Ltp-list mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ltp-list
