On Thu, 2023-02-02 at 15:40 -0500, Mimi Zohar wrote:
> On Thu, 2023-02-02 at 17:23 +0100, Roberto Sassu wrote:
> > > > + if (ptr == MAP_FAILED) {
> > > > + ret = ERR_SETUP;
> > > > + if (argv[2] && !strcmp(argv[2], "exec_on_writable") &&
> > > > + errno == EACCES)
> > > > + ret = ERR_TEST;
> > > > +
> > >
> > > FYI, on an older distro kernel, the mmap fails and results in following
> > > without any explanation.
> > >
> > > Test: check_mmap (hook="MMAP_CHECK", test_mmap arg: "exec")
> > > Unexpected exit status 1 from test_mmap
> > >
> > > With some additional debugging, I'm seeing:
> > > Failed mmap() /tmp/tmp.4gD2UjSvC4/tmp.PlzUEm09hO, err: -13 (Permission
> > > denied)b
> >
> > Uhm, ok. Which kernel is failing?
>
> I'm able to reproduce the error on a next-integrity or next-integrity-
> testing kernel, by running the tests multiple times. The error doesn't
> occur the first time running the test, but subsequent times.
Ops, yes. The problem was that the fowners of the measure and appraise
rules were shared. Will not work, unless the files used in the measure
tests are signed too.
Roberto
