| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Jul 2017 16:01:42 -0600
From: Shuah Khan <shuahkh@....samsung.com>
To: shuah@...nel.org, gregkh@...uxfoundation.org, luto@...nel.org
Cc: Shuah Khan <shuahkh@....samsung.com>,
linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 0/2] selftests: capabilities: convert to TAP13 ksft framework
This patch series consists of a fix to run a skipped test and converting
to TAP13 ksft framework. I found this skipped test while I was testing the
TAP13 changes.
Next up is converting err() and errx() to appropriate ksft_ routines as
needed and appropriate. The output from non-root user run reflects the
pending work.
Output after conversion when root runs the test:
------------------------------------------------
TAP version 13
# [RUN] +++ Tests with uid == 0 +++
# [NOTE] Using global UIDs for tests
# [RUN] Root => ep
# validate_cap:: Capabilities after execve were correct
ok 1 Passed
# Check cap_ambient manipulation rules
ok 2 PR_CAP_AMBIENT_RAISE failed on non-inheritable cap
ok 3 PR_CAP_AMBIENT_RAISE failed on non-permitted cap
ok 4 PR_CAP_AMBIENT_RAISE worked
ok 5 Basic manipulation appears to work
# [RUN] Root +i => eip
# validate_cap:: Capabilities after execve were correct
ok 6 Passed
# [RUN] UID 0 +ia => eipa
# validate_cap:: Capabilities after execve were correct
ok 7 Passed
# [RUN] Root +ia, suidroot => eipa
# validate_cap:: Capabilities after execve were correct
ok 8 Passed
# [RUN] Root +ia, suidnonroot => ip
# validate_cap:: Capabilities after execve were correct
ok 9 Passed
# [RUN] Root +ia, sgidroot => eipa
# validate_cap:: Capabilities after execve were correct
ok 10 Passed
# [RUN] Root, gid != 0, +ia, sgidroot => eip
# validate_cap:: Capabilities after execve were correct
ok 11 Passed
# [RUN] Root +ia, sgidnonroot => eip
# validate_cap:: Capabilities after execve were correct
ok 12 Passed
Pass 12 Fail 0 Xfail 0 Xpass 0 Skip 0
1..12
# ==================================================
# [RUN] +++ Tests with uid != 0 +++
# [NOTE] Using global UIDs for tests
# [RUN] Non-root => no caps
# validate_cap:: Capabilities after execve were correct
ok 1 Passed
# Check cap_ambient manipulation rules
ok 2 PR_CAP_AMBIENT_RAISE failed on non-inheritable cap
ok 3 PR_CAP_AMBIENT_RAISE failed on non-permitted cap
ok 4 PR_CAP_AMBIENT_RAISE worked
ok 5 Basic manipulation appears to work
# [RUN] Non-root +i => i
# validate_cap:: Capabilities after execve were correct
ok 6 Passed
# [RUN] UID 1 +ia => eipa
# validate_cap:: Capabilities after execve were correct
ok 7 Passed
# [RUN] Non-root +ia, sgidnonroot => i
# validate_cap:: Capabilities after execve were correct
ok 8 Passed
# [RUN] Non-root +ia, sgidroot => i
# validate_cap:: Capabilities after execve were correct
ok 9 Passed
Pass 9 Fail 0 Xfail 0 Xpass 0 Skip 0
1..9
Output after conversion when a non-root user runs the test:
-----------------------------------------------------------
TAP version 13
# [RUN] +++ Tests with uid == 0 +++
test_execve: must be root or be able to create a userns
# Child failed
# ==================================================
# [RUN] +++ Tests with uid != 0 +++
test_execve: must be root or be able to create a userns
# Child failed
Shuah Khan (2):
selftests: capabilities: fix to run Non-root +ia, sgidroot => i test
selftests: capabilities: convert the test to use TAP13 ksft framework
tools/testing/selftests/capabilities/test_execve.c | 88 +++++++++++++---------
.../testing/selftests/capabilities/validate_cap.c | 15 ++--
2 files changed, 64 insertions(+), 39 deletions(-)
--
2.11.0
Powered by blists - more mailing lists