Sorry I totally missed this email. Taking a look now. On Wed, Mar 10, 2021 at 10:57 PM Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx> wrote: > > Hey KP, > > test_ima is passing only the very first time I run it in my VM. Alexei > earlier reported similar issues. If you run it second time without > restarting the VM, you get the following: > > 10+0 records in > 10+0 records out > 10485760 bytes (10 MB, 10 MiB) copied, 0.00425121 s, 2.5 GB/s > mke2fs 1.45.0 (6-Mar-2019) > Discarding device blocks: done > Creating filesystem with 10240 1k blocks and 2560 inodes > Filesystem UUID: b9927426-1d29-458f-b2a0-8fe56455d209 > Superblock backups stored on blocks: > 8193 > > Allocating group tables: done > Writing inode tables: done > Writing superblocks and filesystem accounting information: done > > ./ima_setup.sh: line 53: /sys/kernel/security/ima/policy: Permission denied > test_test_ima:PASS:skel_load 0 nsec > test_test_ima:PASS:ringbuf 0 nsec > test_test_ima:PASS:attach 0 nsec > test_test_ima:PASS:mkdtemp 0 nsec > test_test_ima:FAIL:71 > #128 test_ima:FAIL > > Do you see it on your side? Do you have any idea what's wrong? > > Also, see that super-descriptive `test_test_ima:FAIL:71` line? That's > the reason I'm always bitching about CHECK_FAIL() use. At least this > one is not inside some loop. > > -- Andrii
