On 1/26/23 11:38, Roberto Sassu wrote:
From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> Add tests to ensure that, after applying the kernel patch 'ima: Align ima_file_mmap() parameters with mmap_file LSM hook', the MMAP_CHECK hook checks the protections applied by the kernel and not those requested by the application. Also ensure that after applying 'ima: Introduce MMAP_CHECK_REQPROT hook', the MMAP_CHECK_REQPROT hook checks the protections requested by the application.
below LGTM How do you tell the user that the patches need to be applied for the test to succeed and not worry about it when the patches are not applied?
Test both with the test_mmap application that by default requests the PROT_READ protection flag. Its syntax is:
+ +check_mmap() { + local hook="$1" + local arg="$2" + local test_file + local fowner + local rule + local result + local test_file_entry +
you can write them all in one line: 'local test_file fowner rule result test_file_entry'