Hi Tushar, ... > +++ b/testcases/kernel/security/integrity/ima/tests/ima_dm_crypt.sh > @@ -0,0 +1,60 @@ > +#!/bin/sh > +# SPDX-License-Identifier: GPL-2.0-or-later > +# Copyright (c) 2020 Microsoft Corporation > +# Author: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx> > +# > +# Verify that DM target dm-crypt are measured correctly based on policy. > + > +TST_NEEDS_CMDS="dmsetup" > +TST_CNT=1 > +TST_NEEDS_DEVICE=1 > +TST_SETUP=setup > +TST_CLEANUP=cleanup > + > +. ima_setup.sh > + > +FUNC_CRIT_DATA='func=CRITICAL_DATA' > +TEMPLATE_BUF='template=ima-buf' > +REQUIRED_POLICY="^measure.*($FUNC_CRIT_DATA.*$TEMPLATE_BUF|$TEMPLATE_BUF.*$FUNC_CRIT_DATA)" > + > +setup() > +{ > + require_ima_policy_content "$REQUIRED_POLICY" '-E' > $TST_TMPDIR/policy.txt > +} > + > +cleanup() > +{ > + ROD "dmsetup remove test-crypt" FYI: there should be check that dmsetup create was run. https://github.com/linux-test-project/ltp/wiki/Test-Writing-Guidelines#a-word-about-the-cleanup-callback i.e. here: [ "$dmsetup_run" ] || return ROD "dmsetup remove test-crypt" + see below. > +} > + > +test1() > +{ > + local input_digest="039d8ff71918608d585adca3e5aab2e3f41f84d6" > + local pattern='data_sources=[^[:space:]]+' > + local tmp_file="$TST_TMPDIR/dm_crypt_tmp.txt" > + local policy="data_sources" > + local arg key res > + > + tst_res TINFO "verifying dm target - dmcrypt gets measured correctly" > + > + check_policy_pattern "$pattern" $FUNC_CRIT_DATA $TEMPLATE_BUF > $tmp_file || return > + > + tgt="crypt" > + key="faf453b4ee938cff2f0d2c869a0b743f59125c0a37f5bcd8f1dbbd911a78abaa" > + > + arg="'0 1953125 crypt aes-xts-plain64 " > + arg="$arg $key 0 " > + arg="$arg /dev/loop0 0 1 allow_discards'" > + > + ROD "dmsetup create test-crypt --table $arg" adding dmsetup_run=1 Kind regards, Petr -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel