On Sun, Nov 7, 2021 at 9:21 AM Richard Haines <richard_c_haines@xxxxxxxxxxxxxx> wrote: > > This patch adds five tests for sctp_socket type_transition rules and > setsockcreatecon(3). More tests can be added however these test the basics. > > Hopefully these will help testing the debated peeloff scenarios. > > To be able to run these tests you must: > 1) Build a new kernel with patches from [1] and [2]. These have been > build/tested using kernel 5.15. > 2) Add patch [3] to the SELinux testsuite, and then this patch. > > Note: When adding [3] to the testsuite, there will be a one line reject: > patching file tests/sctp/test > Hunk #1 FAILED at 33. > if using current git build. Just change line 36 to '$test_count = 85;' before > adding this patch. > > [1] https://lore.kernel.org/selinux/163593840902.17756.9280314114933444317.git-patchwork-notify@xxxxxxxxxx/T/#t > [2] https://lore.kernel.org/selinux/20211104195949.135374-1-omosnace@xxxxxxxxxx/ > [3] https://lore.kernel.org/selinux/20211021144543.740762-1-omosnace@xxxxxxxxxx/ > > Richard Haines (1): > testsuite sctp: Add tests for sctp_socket transition rules > > policy/test_sctp.te | 57 ++++++++++++++++++++++++++++++++ > tests/sctp/sctp_client.c | 19 +++++++++-- > tests/sctp/sctp_common.c | 51 ++++++++++++++++++++++++++++ > tests/sctp/sctp_common.h | 2 ++ > tests/sctp/sctp_peeloff_client.c | 21 +++++++++--- > tests/sctp/sctp_peeloff_server.c | 18 ++++++++-- > tests/sctp/sctp_server.c | 18 ++++++++-- > tests/sctp/test | 57 +++++++++++++++++++++++++++++++- > 8 files changed, 231 insertions(+), 12 deletions(-) Thanks for helping with this Richard. -- paul moore www.paul-moore.com
