On Wed, Jan 20, 2021 at 2:39 PM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > > On Fri, Jan 8, 2021 at 3:38 AM Lokesh Gidra <lokeshgidra@xxxxxxxxxx> wrote: > > > > Confirm SELinux policies are enforced on userfaultfd operations > > via secure anon-inode interface. > > > > Signed-off-by: Lokesh Gidra <lokeshgidra@xxxxxxxxxx> > > --- > > policy/Makefile | 4 +- > > policy/test_userfaultfd.cil | 52 ++++++++++ > > policy/test_userfaultfd.te | 52 ++++++++++ > > tests/Makefile | 2 +- > > tests/userfaultfd/Makefile | 5 + > > tests/userfaultfd/test | 44 ++++++++ > > tests/userfaultfd/userfaultfd.c | 177 ++++++++++++++++++++++++++++++++ > > 7 files changed, 333 insertions(+), 3 deletions(-) > > create mode 100644 policy/test_userfaultfd.cil > > create mode 100644 policy/test_userfaultfd.te > > create mode 100644 tests/userfaultfd/Makefile > > create mode 100755 tests/userfaultfd/test > > create mode 100644 tests/userfaultfd/userfaultfd.c > > Sorry for the long delay... This version is already almost there, I > just had to fix some style issues and added checks so that the test is > skipped on old systems (when <linux/usefaultfd.h> doesn't exist or > userfaultfd(2) returns -ENOSYS). > Thanks so much for fixing these issues. And I apologize for missing them. > You can review the changes at > https://github.com/WOnder93/selinux-testsuite/commits/uffd3 and if you > (or others) have no objections, I'll fold them into the patch and > merge it with a note that it was edited by me. LGTM > > If you prefer, you can also fetch the branch via the command-line: > git fetch https://github.com/WOnder93/selinux-testsuite uffd3:uffd3 > > Thank you for being patient with us :) Thank you for the reviews. It was a very learning experience for me :) > > -- > Ondrej Mosnacek > Software Engineer, Platform Security - SELinux kernel > Red Hat, Inc. >
