[V3,0/1] selinux-testsuite: Add filesystem tests

Message ID	20200112192432.862800-1-richard_c_haines@btinternet.com (mailing list archive)
Headers	show Return-Path: <SRS0=L9QR=3B=vger.kernel.org=selinux-owner@kernel.org> From: Richard Haines <richard_c_haines@btinternet.com> To: selinux@vger.kernel.org Cc: Richard Haines <richard_c_haines@btinternet.com> Subject: [PATCH V3 0/1] selinux-testsuite: Add filesystem tests Date: Sun, 12 Jan 2020 19:24:31 +0000 Message-Id: <20200112192432.862800-1-richard_c_haines@btinternet.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: selinux-owner@vger.kernel.org Precedence: bulk
Series	selinux-testsuite: Add filesystem tests \| expand [V3,0/1] selinux-testsuite: Add filesystem tests [V3,1/1] selinux-testsuite: Add filesystem tests

Message ID

20200112192432.862800-1-richard_c_haines@btinternet.com (mailing list archive)

Headers

From: Richard Haines <richard_c_haines@btinternet.com>
To: selinux@vger.kernel.org
Cc: Richard Haines <richard_c_haines@btinternet.com>
Subject: [PATCH V3 0/1] selinux-testsuite: Add filesystem tests
Date: Sun, 12 Jan 2020 19:24:31 +0000
Message-Id: <20200112192432.862800-1-richard_c_haines@btinternet.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: selinux-owner@vger.kernel.org
Precedence: bulk

Series

selinux-testsuite: Add filesystem tests | expand

Message

Richard Haines Jan. 12, 2020, 7:24 p.m. UTC

These tests should cover all the areas in selinux/hooks.c that touch
the 'filesystem' class. Each hooks.c function is listed in the 'test'
script as there are some permissions that are checked in multiple places.

Tested on Fedora 31 and Rawhide (5.5 for the new watch perm).

V3 Changes:
1) Lots of minor updates.
2) Add 'udevadm settle' as suggested by Ondrej to resolve udisks(8) issue.
3) Add stopping udisks(8) daemon as a '-d' option.
4) Add file quotaon test.
5) Add test for name type_transition rule.
6) Fix setfscreatecon(3) test to create a directory and check context.
7) Use kernel_dontaudit_setsched() as explained in [1].

The only thing I have not done is cutting the clutter in the logs. Tried
various things, all failed. Ideas !!!!

[1] https://lore.kernel.org/selinux/f863a91987c1926a4351f3edf968c9003197fead.camel@btinternet.com/

V2 Changes:
1) If udisks(8) daemon is running, stop then restart after tests. The tests
   run faster and stops the annoying habit of adding mounts to the 'files'
   app on the desktop. Supports /usr/bin/systemctl or /usr/sbin/service
   More importantly it stops interferance with the '*context=' tests as it
   can cause intermittent failures. Tested by running 'test' in a continuous
   loop with udisks enabled, and then again disabled.
   Loop 200 times, with udisks failed between 1 to 70 iterations, without
   udisks, no failures.
2) Add "#define QFMT_VFS_V0 2" to quotas_test.c to fix a RHEL/CentOS 7 and
   below build issue.
3) Build new file context based on the original in
   create_file_change_context.c
4) Use "runcon `id -Z` quotacheck ..." to resolve RHEL-6 test run issue.
5) Fix free() contexts in create_file_change_context.c and
   check_mount_context.c

To test fanotify fs watch perm on 5.5+:
1) Build the testsuite policy first:
make -C policy load

2) Add the following CIL statements to watch.cil and install:
semodule -i watch.cil

(common filesystem (watch))
(classcommon filesystem filesystem)
(allow test_filesystem_t self(filesystem (watch)))
; Until 'fs_watch_all_fs(test_filesystem_t)' in Policy use:
(allow test_filesystem_t fs_t (filesystem (watch)))
; Required if notify policy enabled
;(allow test_filesystem_t self (dir (watch_sb)))

3) Edit /usr/share/selinux/devel/include/support/all_perms.spt
   and insert the 'watch' permission at:

define(`all_filesystem_perms',`{ mount remount ..... watch }')

Richard Haines (1):
  selinux-testsuite: Add filesystem tests

 defconfig                                     |   6 +
 policy/Makefile                               |   4 +
 policy/test_filesystem.te                     | 343 +++++++
 tests/Makefile                                |   7 +
 tests/filesystem/.gitignore                   |  11 +
 tests/filesystem/Makefile                     |  16 +
 tests/filesystem/check_file_context.c         |  75 ++
 tests/filesystem/check_mount_context.c        | 127 +++
 tests/filesystem/create_file.c                | 112 +++
 tests/filesystem/create_file_change_context.c | 146 +++
 tests/filesystem/fanotify_fs.c                |  79 ++
 tests/filesystem/fs_relabel.c                 | 138 +++
 tests/filesystem/grim_reaper.c                |  89 ++
 tests/filesystem/mount.c                      | 130 +++
 tests/filesystem/quotas_test.c                | 143 +++
 tests/filesystem/statfs_test.c                |  65 ++
 tests/filesystem/test                         | 929 ++++++++++++++++++
 tests/filesystem/umount.c                     |  84 ++
 18 files changed, 2504 insertions(+)
 create mode 100644 policy/test_filesystem.te
 create mode 100644 tests/filesystem/.gitignore
 create mode 100644 tests/filesystem/Makefile
 create mode 100644 tests/filesystem/check_file_context.c
 create mode 100644 tests/filesystem/check_mount_context.c
 create mode 100644 tests/filesystem/create_file.c
 create mode 100644 tests/filesystem/create_file_change_context.c
 create mode 100644 tests/filesystem/fanotify_fs.c
 create mode 100644 tests/filesystem/fs_relabel.c
 create mode 100644 tests/filesystem/grim_reaper.c
 create mode 100644 tests/filesystem/mount.c
 create mode 100644 tests/filesystem/quotas_test.c
 create mode 100644 tests/filesystem/statfs_test.c
 create mode 100755 tests/filesystem/test
 create mode 100644 tests/filesystem/umount.c

Comments

Stephen Smalley Jan. 13, 2020, 4:57 p.m. UTC | #1

On 1/12/20 2:24 PM, Richard Haines wrote:
> These tests should cover all the areas in selinux/hooks.c that touch
> the 'filesystem' class. Each hooks.c function is listed in the 'test'
> script as there are some permissions that are checked in multiple places.
> 
> Tested on Fedora 31 and Rawhide (5.5 for the new watch perm).
> 
> V3 Changes:
> 1) Lots of minor updates.
> 2) Add 'udevadm settle' as suggested by Ondrej to resolve udisks(8) issue.
> 3) Add stopping udisks(8) daemon as a '-d' option.
> 4) Add file quotaon test.
> 5) Add test for name type_transition rule.
> 6) Fix setfscreatecon(3) test to create a directory and check context.
> 7) Use kernel_dontaudit_setsched() as explained in [1].
> 
> The only thing I have not done is cutting the clutter in the logs. Tried
> various things, all failed. Ideas !!!!

Looks like at least the y2038 warnings were removed in v5.4 so don't 
need to worry about those.  If they show up in a future kernel again, we 
can avoid them by creating ext4 filesystems with inodes > 128 bytes ala 
-I 256.

Richard Haines Jan. 13, 2020, 6:34 p.m. UTC | #2

On Mon, 2020-01-13 at 11:57 -0500, Stephen Smalley wrote:
> On 1/12/20 2:24 PM, Richard Haines wrote:
> > These tests should cover all the areas in selinux/hooks.c that
> > touch
> > the 'filesystem' class. Each hooks.c function is listed in the
> > 'test'
> > script as there are some permissions that are checked in multiple
> > places.
> > 
> > Tested on Fedora 31 and Rawhide (5.5 for the new watch perm).
> > 
> > V3 Changes:
> > 1) Lots of minor updates.
> > 2) Add 'udevadm settle' as suggested by Ondrej to resolve udisks(8)
> > issue.
> > 3) Add stopping udisks(8) daemon as a '-d' option.
> > 4) Add file quotaon test.
> > 5) Add test for name type_transition rule.
> > 6) Fix setfscreatecon(3) test to create a directory and check
> > context.
> > 7) Use kernel_dontaudit_setsched() as explained in [1].
> > 
> > The only thing I have not done is cutting the clutter in the logs.
> > Tried
> > various things, all failed. Ideas !!!!
> 
> Looks like at least the y2038 warnings were removed in v5.4 so don't 
> need to worry about those.  If they show up in a future kernel again,
> we 
> can avoid them by creating ext4 filesystems with inodes > 128 bytes
> ala 
> -I 256.

I'll add -I 256 in v4 just in case

>