Hi Roberto,
> diff --git a/tests/mmap_check.test b/tests/mmap_check.test
> new file mode 100755
> index 00000000000..3a42fec179e
> --- /dev/null
> +++ b/tests/mmap_check.test
> @@ -0,0 +1,407 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +#
> +# Copyright (C) 2022-2023 Roberto Sassu <roberto.sassu@xxxxxxxxxx>
> +#
> +# Check the behavior of MMAP_CHECK and MMAP_CHECK_REQPROT
> +
> +trap '_report_exit_and_cleanup _cleanup_env cleanup' SIGINT SIGTERM SIGSEGV EXIT
> +
> +PATCHES=(
> +'ima: Align ima_file_mmap() parameters with mmap_file LSM hook'
> +'ima: Introduce MMAP_CHECK_REQPROT hook'
> +)
> +
> +(( ret_invalid_rule=1 ))
> +(( ret_rule_overlap=2 ))
> +(( ret_same_rule_exists=4 ))
New to v6 is the defintiion of these variables. Is there a reason for
defining them here as opposed to in check_load_ima_rule(), where they
could be defined as local? Here they're global and should be in upper
case like the the variables below.
> +
> +(( EVM_INIT_HMAC=0x0001 ))
> +(( EVM_INIT_X509=0x0002 ))
Is there a reason for initializing these variables differently than
those below? For example, EVM_INIT_HMAC could be define as
EVM_INIT_HMAC=$((0x0001)).
+# Base VERBOSE on the environment variable, if set.
> +VERBOSE="${VERBOSE:-0}"
> +
> +# Errors defined in test_mmap
> +ERR_SETUP=1
> +ERR_TEST=2
--
thanks,
Mimi
