Add support for the number of expected violations. Include the expected number of violations in the output. Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> --- .../security/integrity/ima/tests/ima_violations.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh index 37d8d473c..7f0382fb8 100755 --- a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh +++ b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh @@ -71,20 +71,26 @@ validate() local num_violations="$1" local count="$2" local search="$3" + local expected_violations=$4 local max_attempt=3 local count2 i num_violations_new + [ -z $expected_violations ] && expected_violations=1 + for i in $(seq 1 $max_attempt); do read num_violations_new < $IMA_VIOLATIONS count2="$(get_count $search)" - if [ $(($num_violations_new - $num_violations)) -gt 0 ]; then + if [ $(($num_violations_new - $num_violations)) -eq $expected_violations ]; then if [ $count2 -gt $count ]; then - tst_res TPASS "$search violation added" + tst_res TPASS "$expected_violations $search violation(s) added" return else tst_res TINFO "$search not found in $LOG ($i/$max_attempt attempt)..." tst_sleep 1s fi + elif [ $(($num_violations_new - $num_violations)) -gt 0 ]; then + tst_res $IMA_FAIL "$search too many violations added" + return else tst_res $IMA_FAIL "$search violation not added" return -- 2.48.1
