On 10/23/2023 8:52 PM, Paul Moore wrote:
On Oct 4, 2023 Fan Wu <wufan@xxxxxxxxxxxxxxxxxxx> wrote:Add various happy/unhappy unit tests for both IPE's parser.I'm going to suggest: "... for IPE's policy parser."
Yeah this sounds more precise.
Also, aside from the policy parser tests, are there any other IPE functional tests? We do have a testing guideline for new LSM submissions: "New LSMs must be accompanied by a test suite to verify basic functionality and help identify regressions. The test suite must be publicly available without download restrictions requiring accounts, subscriptions, etc. Test coverage does not need to reach a specific percentage, but core functionality and any user interfaces should be well covered by the test suite. Maintaining the test suite in a public git repository is preferable over tarball snapshots. Integrating the test suite with existing automated Linux kernel testing services is encouraged." https://github.com/LinuxSecurityModule/kernel/blob/main/README.md#new-lsm-guidelines
Yes we do have a test suite. I will add it in the next version. -Fan
Signed-off-by: Deven Bowers <deven.desai@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Fan Wu <wufan@xxxxxxxxxxxxxxxxxxx> --- v1-v6: + Not present v7: Introduced v8: + Remove the kunit tests with respect to the fsverity digest, as these require significant changes to work with the new method of acquiring the digest at runtime. v9: + Remove the kunit tests related to ipe_context v10: + No changes v11: + No changes --- security/ipe/Kconfig | 17 +++ security/ipe/Makefile | 3 + security/ipe/policy_tests.c | 294 ++++++++++++++++++++++++++++++++++++ 3 files changed, 314 insertions(+) create mode 100644 security/ipe/policy_tests.c-- paul-moore.com
|