Kernel patch "ima: limit the number of ToMToU integrity violations" prevents superfluous ToMToU violations. Add corresponding LTP tests. Link: https://lore.kernel.org/linux-integrity/20250219162131.416719-3-zohar@xxxxxxxxxxxxx/ Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> --- .../integrity/ima/tests/ima_violations.sh | 46 ++++++++++++++++++- 1 file changed, 45 insertions(+), 1 deletion(-) diff --git a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh index 65c5c3a92..5b6d7e993 100755 --- a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh +++ b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh @@ -8,7 +8,7 @@ TST_SETUP="setup" TST_CLEANUP="cleanup" -TST_CNT=6 +TST_CNT=8 REQUIRED_BUILTIN_POLICY="tcb" REQUIRED_POLICY_CONTENT='violations.policy' @@ -245,6 +245,50 @@ test6() validate $num_violations $count $search 2 } +test7() +{ + tst_res TINFO "verify limiting single open reader ToMToU violations" + + local search="ToMToU" + local count num_violations + + read num_violations < $IMA_VIOLATIONS + count="$(get_count $search)" + + open_file_read + open_file_write + close_file_write + + open_file_write + close_file_write + close_file_read + + validate $num_violations $count $search 1 +} + +test8() +{ + tst_res TINFO "verify new open reader causes additional ToMToU violation" + + local search="ToMToU" + local count num_violations + + read num_violations < $IMA_VIOLATIONS + count="$(get_count $search)" + + open_file_read + open_file_write + close_file_write + close_file_read + + open_file_read + open_file_write + close_file_write + close_file_read + + validate $num_violations $count $search 2 +} + . ima_setup.sh . daemonlib.sh tst_run -- 2.48.1
