mbox series

[RFC,V2,0/2] selinux-testsuite: Use native filesystem for tests

Message ID 20200224141524.407114-1-richard_c_haines@btinternet.com (mailing list archive)
Headers show
Series selinux-testsuite: Use native filesystem for tests | expand

Message

Richard Haines Feb. 24, 2020, 2:15 p.m. UTC 
I've split the patch as it never made it past vger last time.

This supports NFS when using the tools/nfs.sh script. NFS will support options
with rootcontext and fscontext, however due to the fsconfig(2) bug they will
not pass with these.

The filesystem types tested are: ext4, xfs, vfat and nfs4.

No support for btrfs or reiserfs as they require much larger filesystem size
and additional policy rules.

I've added tests for xfs quotas, however it does need a patch [1] for testing
filesystem quotaget/quotamod permissions. Also xfs does not call
security_quota_on(), therefore the 'file quotaon' permission is not
tested (see notes in test scripts).

Not tested on travis (xfs_quotas_test.c added that may cause issues)

How the system is configured will depend on how many tests are run (for
example 'watch/fanotify' adds 11 tests). Also there are a number of
bugs/features that will cause various errors. They include:
1) There is a kernel bug using fsconfig(2) with nfs if any *context=
   option is given.
2) There is an nfs kernel bug where the top-level mounted directory shows
   up with unlabeled_t initially, then later gets refreshed to a
   valid context. policy/test_filesystem.te contains allow rules to
   bypass this as the bug is marked as closed - not fixed.
3) Some XFS quotas will fail as described above.
4) udisks(8) is now disabled by default. This is because when running xfs,
   random failures occur as udisks(8) tries to be 'helpful'. It can be
   enabled locally with the -e flag.

RFC V2 Changes:
Probably all those in [2]

[1] https://lore.kernel.org/selinux/20200220153234.152426-1-richard_c_haines@btinternet.com/
[2] https://lore.kernel.org/selinux/186a0ca5-802d-44d8-7fbf-1fd918591fff@tycho.nsa.gov/

Richard Haines (2):
  selinux-testsuite: Use native filesystem for tests - Part 1
  selinux-testsuite: Use native filesystem for tests - Part 2

 README.md                          |   10 +-
 defconfig                          |    6 +
 policy/test_filesystem.te          |   78 +-
 policy/test_filesystem_notify.te   |   56 +-
 tests/filesystem/.gitignore        |    1 +
 tests/filesystem/Filesystem.pm     |  127 ++-
 tests/filesystem/Makefile          |    3 +-
 tests/filesystem/test              | 1184 ++++++++++++++++----------
 tests/filesystem/xfs_quotas_test.c |   96 +++
 tests/fs_filesystem/fsmount.c      |    5 +-
 tests/fs_filesystem/test           | 1275 ++++++++++++++++++----------
 tools/nfs.sh                       |   39 +-
 12 files changed, 1939 insertions(+), 941 deletions(-)
 create mode 100644 tests/filesystem/xfs_quotas_test.c

Comments

Stephen Smalley Feb. 24, 2020, 4:24 p.m. UTC | #1 
On Mon, Feb 24, 2020 at 9:15 AM Richard Haines
<richard_c_haines@btinternet.com> wrote:
> 2) There is an nfs kernel bug where the top-level mounted directory shows
>    up with unlabeled_t initially, then later gets refreshed to a
>    valid context. policy/test_filesystem.te contains allow rules to
>    bypass this as the bug is marked as closed - not fixed.

I don't think you should allow these since it is a bug that should be
fixed (just because they chose to close it without fixing doesn't mean
it isn't a bug).
I think nfs just needs to call nfs_setsecurity() or at least
security_inode_notifysecctx() on the root inode when using native
labeling before it is first used in any call to permission or exposed
to userspace.