| Message ID | 20220902084247.1042660-1-omosnace@redhat.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Ondrej Mosnáček |
| Headers | show |
| Series | [testsuite] tests/Makefile: add missing condition for userfaultfd test | expand |
On Fri, Sep 2, 2022 at 10:42 AM Ondrej Mosnacek <omosnace@redhat.com> wrote: > > The commit referenced below disables the test_userfaultfd.te policy when > the anon_inode class is not defined in the system policy, but doesn't > disable the test itself in this situation. Thus, on distros that don't > define the class the test might be run and fail. > > Fix this by adding the same condition to tests/Makefile. > > Fixes: 2b6ea9d2bc96 ("policy: remove CIL workarounds for missing anon_inode class") > Reported-by: Dennis (Zhuoheng) Li <denli@redhat.com> > Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> > --- > tests/Makefile | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/tests/Makefile b/tests/Makefile > index 8abd438..f473111 100644 > --- a/tests/Makefile > +++ b/tests/Makefile > @@ -134,10 +134,12 @@ endif > endif > > ifeq ($(shell [ $(MOD_POL_VERS) -ge 18 -a $(MAX_KERNEL_POLICY) -ge 30 ] && echo true),true) > +ifeq ($(shell grep -q anon_inode $(POLDEV)/include/support/all_perms.spt && echo true),true) > ifeq ($(shell test -e $(INCLUDEDIR)/linux/userfaultfd.h && echo true),true) > SUBDIRS += userfaultfd > endif > endif > +endif > > ifeq ($(shell grep -q vsock_socket $(POLDEV)/include/support/all_perms.spt && echo true),true) > ifeq ($(shell grep -qs VMADDR_CID_LOCAL $(INCLUDEDIR)/linux/vm_sockets.h && echo true),true) > -- > 2.37.2 > Applied: https://github.com/SELinuxProject/selinux-testsuite/commit/772446c98a922f771e80245f0115485428dd43a8
diff --git a/tests/Makefile b/tests/Makefile index 8abd438..f473111 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -134,10 +134,12 @@ endif endif ifeq ($(shell [ $(MOD_POL_VERS) -ge 18 -a $(MAX_KERNEL_POLICY) -ge 30 ] && echo true),true) +ifeq ($(shell grep -q anon_inode $(POLDEV)/include/support/all_perms.spt && echo true),true) ifeq ($(shell test -e $(INCLUDEDIR)/linux/userfaultfd.h && echo true),true) SUBDIRS += userfaultfd endif endif +endif ifeq ($(shell grep -q vsock_socket $(POLDEV)/include/support/all_perms.spt && echo true),true) ifeq ($(shell grep -qs VMADDR_CID_LOCAL $(INCLUDEDIR)/linux/vm_sockets.h && echo true),true)
The commit referenced below disables the test_userfaultfd.te policy when the anon_inode class is not defined in the system policy, but doesn't disable the test itself in this situation. Thus, on distros that don't define the class the test might be run and fail. Fix this by adding the same condition to tests/Makefile. Fixes: 2b6ea9d2bc96 ("policy: remove CIL workarounds for missing anon_inode class") Reported-by: Dennis (Zhuoheng) Li <denli@redhat.com> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> --- tests/Makefile | 2 ++ 1 file changed, 2 insertions(+)