Re: selinux-testsuite failures, CONFIG_LEGACY_TIOCSTI, and recent Rawhide builds

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Feb 9, 2023 at 11:09 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> Hi all,
>
> I just noticed a selinux-testsuite failure in the tests/file test:
>
> # Test 8 got: "512" (file/test at line 103)
> #   Expected: "0"
> #  file/test line 103 is: ok( $result, 0 );
> file/test ................... Failed 1/16 subtests
>
> Digging into this a bit more it looks like the the fnctl(TIOCSTI) call
> in test_sigiotask.c is failing due to a recent Rawhide change to
> undefine CONFIG_LEGACY_TIOCSTI, disabling TIOCSTI.  Upstream kernel
> commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") has more
> information on the Kconfig option.
>
> I'm not going to argue for reenabling CONFIG_LEGACY_TIOCSTI, I think
> turning it off is a good idea, but it does mean we need to adjust the
> selinux-testsuite.

I noticed that in our CI yesterday and had a brief look. Unfortunately
I don't (yet) fully understand the terminal device voodoo being done
in test_sigiotask.c and I don't have any idea how to make it work
without TIOCSTI. So the best fix for now seems to be to use the
dev.tty.legacy_tiocsti sysctl (see the Kconfig). However, it seems to
be broken currently:

# sysctl dev.tty.legacy_tiocsti
# sysctl -w dev.tty.legacy_tiocsti=1
sysctl: setting key "/proc/sys/dev/tty/legacy_tiocsti": Invalid argument
#

I will look into fixing it...

> Also, as a note to the Fedora folks who will see this, maybe don't
> tweak the Kconfig knobs when the kernel is at -rc7?  Seeing kernel
> test failures late in the -rc7 stage doesn't do wonders for my sanity
> ;)

When new configs are added upstream, AFAIK, they are set to the
default value in the Fedora configs and marked as "pending". The
Fedora kernel maintainer (Justin Forbes) then at some point goes
through all pending configs and sets them to a value he deems best.
This time it happened around -rc7; I'm not going to speculate why or
if it's the usual practice. I recommend raising this on
kernel@xxxxxxxxxxxxxxxxxxxxxxx - Justin is always open to suggestions
and he might be able to accomodate this expectation.

-- 
Ondrej Mosnacek
Senior Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux