On Wed, 2020-03-11 at 12:02 -0400, Stephen Smalley wrote: > On Tue, Mar 10, 2020 at 12:25 PM Richard Haines > <richard_c_haines@xxxxxxxxxxxxxx> wrote: > > If you test on the selinux-next kernel (that has the XFS patch [1]) > > with > > the "NFS: Ensure security label is set for root inode" patch [2], > > then all > > tests should pass. Anything else will give varying amounts of > > fails. > > > > The filesystem types tested are: ext4, xfs, vfat and nfs4. > > > > I've revamped the nfs.sh to handle tests that require specific > > mount > > options, these plus many more are now in tests/nfs_filesystem. This > > only > > gets run by nfs.sh. > > > > There are two minor workarounds involving multiple mounts returning > > EBUSY. > > These are either bugs or features. > > > > Not tested on travis. > > > > [1] > > https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/patch/security/selinux?id=e4cfa05e9bfe286457082477b32ecd17737bdbce > > [2] > > https://lore.kernel.org/selinux/20200303225837.1557210-1-smayhew@xxxxxxxxxx/ > > Even with the patches above applied, I am seeing failures during the > tests/nfs_filesystem tests: Looks like my /mnt was mis-labeled. I've fixed and had to add this to test_filesystem.te: files_mounton_non_security(filesystemdomain) and now works okay. Could you confirm please, then I'll resend new patch later > ... > filesystem/test ............. ok > fs_filesystem/test .......... ok > All tests successful. > Files=63, Tests=623, 153 wallclock secs ( 0.30 usr 0.82 sys + 2.47 > cusr 41.75 csys = 45.34 CPU) > Result: PASS > make: Leaving directory '/mnt/selinux-testsuite/tests' > Run 'filesystem' tests with mount context option: > fscontext=system_u:object_r:test_filesystem_file_t:s0 > filesystem/test .. ok > All tests successful. > Files=1, Tests=30, 8 wallclock secs ( 0.03 usr 0.05 sys + 0.27 > cusr > 4.88 csys = 5.23 CPU) > Result: PASS > Run 'fs_filesystem' tests with mount context option: > fscontext=system_u:object_r:test_filesystem_file_t:s0 > fs_filesystem/test .. ok > All tests successful. > Files=1, Tests=29, 9 wallclock secs ( 0.04 usr 0.05 sys + 0.26 > cusr > 5.13 csys = 5.48 CPU) > Result: PASS > Run NFS context specific tests > nfs_filesystem/test .. 1/56 Failed mount(2): Permission denied > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 73. > getfilecon(3) Failed: No such file or directory > > # Failed test at nfs_filesystem/test line 79. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 84. > Failed mount(2): Permission denied > nfs_filesystem/test .. 5/56 > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 100. > > # Failed test at nfs_filesystem/test line 110. > creat(2) Failed: No such file or directory > > # Failed test at nfs_filesystem/test line 117. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 122. > Failed mount(2): Permission denied > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 149. > open(2) Failed: No such file or directory > > # Failed test at nfs_filesystem/test line 154. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 159. > Failed mount(2): Permission denied > nfs_filesystem/test .. 17/56 > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 237. > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 242. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 247. > Failed mount(2): Permission denied > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 261. > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 266. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 271. > Failed mount(2): Permission denied > > # Failed test 'Using mount(2) - got mnt_t instead of etc_t' > # at nfs_filesystem/test line 286. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 296. > Failed mount(2): Permission denied > > # Failed test 'Using mount(2) - got mnt_t instead of etc_t' > # at nfs_filesystem/test line 313. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 323. > Failed mount(2): Permission denied > > # Failed test 'Using mount(2) - got mnt_t instead of nfs_t' > # at nfs_filesystem/test line 338. > Failed umount(2): Invalid argument > > # Failed test 'Using mount(2)' > # at nfs_filesystem/test line 348. > nfs_filesystem/test .. 29/56 Failed move_mount(2): Permission denied > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 73. > getfilecon(3) Failed: No such file or directory > > # Failed test at nfs_filesystem/test line 79. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 84. > Failed move_mount(2): Permission denied > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 100. > nfs_filesystem/test .. 34/56 > # Failed test at nfs_filesystem/test line 110. > creat(2) Failed: No such file or directory > > # Failed test at nfs_filesystem/test line 117. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 122. > Failed move_mount(2): Permission denied > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 149. > open(2) Failed: No such file or directory > > # Failed test at nfs_filesystem/test line 154. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 159. > nfs_filesystem/test .. 41/56 Failed move_mount(2): Permission denied > nfs_filesystem/test .. 45/56 > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 237. > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 242. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 247. > Failed move_mount(2): Permission denied > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 261. > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 266. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 271. > Failed move_mount(2): Permission denied > nfs_filesystem/test .. 51/56 > # Failed test 'Using fsmount(2) - got mnt_t instead of etc_t' > # at nfs_filesystem/test line 286. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 296. > Failed move_mount(2): Permission denied > > # Failed test 'Using fsmount(2) - got mnt_t instead of etc_t' > # at nfs_filesystem/test line 313. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 323. > Failed move_mount(2): Permission denied > nfs_filesystem/test .. 55/56 > # Failed test 'Using fsmount(2) - got mnt_t instead of nfs_t' > # at nfs_filesystem/test line 338. > Failed umount(2): Invalid argument > > # Failed test 'Using fsmount(2)' > # at nfs_filesystem/test line 348. > # Looks like you failed 44 tests of 56. > nfs_filesystem/test .. Dubious, test returned 44 (wstat 11264, > 0x2c00) > Failed 44/56 subtests > > Test Summary Report > ------------------- > nfs_filesystem/test (Wstat: 11264 Tests: 56 Failed: 44) > Failed tests: 2-8, 10-12, 17-28, 30-36, 38-40, 45-56 > Non-zero exit status: 44 > Files=1, Tests=56, 8 wallclock secs ( 0.04 usr 0.04 sys + 0.20 > cusr > 4.63 csys = 4.91 CPU) > Result: FAIL > Failed 1/1 test programs. 44/56 subtests failed. > Error on line: 100 - Closing down NFS > umount: /mnt/selinux-testsuite: not mounted.
