| Message ID | 20190411123103.23485-1-richard_c_haines@btinternet.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | selinux testsuite: Do not build SCTP unless kernel support | expand |
On Thu, Apr 11, 2019 at 8:31 AM Richard Haines <richard_c_haines@btinternet.com> wrote: > > Do not build/run SCTP tests unless the kernel is 4.20.17 or > greater as they support SELinux SCTP. > > Signed-off-by: Richard Haines <richard_c_haines@btinternet.com> > --- > tests/Makefile | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/tests/Makefile b/tests/Makefile > index fb6de5c..1bd643e 100644 > --- a/tests/Makefile > +++ b/tests/Makefile > @@ -24,8 +24,10 @@ SUBDIRS += extended_socket_class > endif > > ifeq ($(shell grep -q corenet_sctp_bind_all_nodes $(POLDEV)/include/kernel/corenetwork.if && grep -q 1 /sys/fs/selinux/policy_capabilities/extended_socket_class && echo true),true) > +ifneq ($(shell ./kvercmp $$(uname -r) 4.20.17),-1) Technically we shipped the SELinux/SCTP support before v4.20.17, but v4.20 does have some important fixes so I think this is okay. Merged, thanks. > SUBDIRS += sctp > endif > +endif > > ifeq ($(shell grep -q netlink_iscsi_socket $(POLDEV)/include/support/all_perms.spt && echo true),true) > SUBDIRS += netlink_socket > -- > 2.20.1
diff --git a/tests/Makefile b/tests/Makefile index fb6de5c..1bd643e 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -24,8 +24,10 @@ SUBDIRS += extended_socket_class endif ifeq ($(shell grep -q corenet_sctp_bind_all_nodes $(POLDEV)/include/kernel/corenetwork.if && grep -q 1 /sys/fs/selinux/policy_capabilities/extended_socket_class && echo true),true) +ifneq ($(shell ./kvercmp $$(uname -r) 4.20.17),-1) SUBDIRS += sctp endif +endif ifeq ($(shell grep -q netlink_iscsi_socket $(POLDEV)/include/support/all_perms.spt && echo true),true) SUBDIRS += netlink_socket
Do not build/run SCTP tests unless the kernel is 4.20.17 or greater as they support SELinux SCTP. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com> --- tests/Makefile | 2 ++ 1 file changed, 2 insertions(+)