[LTP] [PATCH v2 1/1] fanotify14: fix anonymous pipe testcases

Wed Mar 13 08:26:23 CET 2024

Hi all,
...

> >  static void do_test(unsigned int number)
> >  {
> >         struct test_case_t *tc = &test_cases[number];
> > @@ -275,17 +290,28 @@ static void do_test(unsigned int number)
> >         /* Set mark on non-dir only when expecting error ENOTDIR */
> >         const char *path = tc->expected_errno == ENOTDIR ? FILE1 : MNTPOINT;
> >         int dirfd = AT_FDCWD;
> > +       int se_enforcing = 0;

> >         if (tc->pfd) {
> >                 dirfd = tc->pfd[0];
> >                 path = NULL;
> > +               se_enforcing = is_selinux_enforcing();
nit: this check should be in the setup function to be done only once.
(by default it's done twice, because we have 2 testcases with pfd, we support
-iN parameter, thus it's actually 2*N.). I'll fix it before merge.
> >         }

> >         tst_res(TINFO, "Testing %s with %s",
> >                 tc->mark.desc, tc->mask.desc);
> > -       TST_EXP_FD_OR_FAIL(fanotify_mark(fanotify_fd, FAN_MARK_ADD | tc->mark.flags,
> > -                                        tc->mask.flags, dirfd, path),
> > -                                        tc->expected_errno);
> > +
> > +       if (tc->pfd && se_enforcing) {
> > +               const int exp_errs[] = {tc->expected_errno, EACCES};
> > +
> > +               TST_EXP_FAIL_ARR(fanotify_mark(fanotify_fd, FAN_MARK_ADD | tc->mark.flags,
> > +                                tc->mask.flags, dirfd, path),
> > +                                exp_errs);
> > +       } else {
> > +               TST_EXP_FAIL(fanotify_mark(fanotify_fd, FAN_MARK_ADD | tc->mark.flags,
> > +                                                tc->mask.flags, dirfd, path),
> > +                                                tc->expected_errno);
> > +       }


> This looks fine to me, but on second thought I am not sure how important
> it is to special case se_enforcing.
> We could probably always check for either error value.

I don't mind explicitly testing EACCES with SELinux. @Jan WDYT?

With a diff below (I can change it before merge + I would do the following work
to integrate this into the LTP C API):
Reviewed-by: Petr Vorel <pvorel@suse.cz>

Kind regards,
Petr

diff --git testcases/kernel/syscalls/fanotify/fanotify14.c testcases/kernel/syscalls/fanotify/fanotify14.c
index 52c327dff..89d59c8b2 100644
--- testcases/kernel/syscalls/fanotify/fanotify14.c
+++ testcases/kernel/syscalls/fanotify/fanotify14.c
@@ -49,6 +49,7 @@ static int pipes[2] = {-1, -1};
 static int fanotify_fd;
 static int ignore_mark_unsupported;
 static int filesystem_mark_unsupported;
+static int se_enforcing;
 static unsigned int supported_init_flags;
 
 struct test_case_flags_t {
@@ -290,12 +291,10 @@ static void do_test(unsigned int number)
 	/* Set mark on non-dir only when expecting error ENOTDIR */
 	const char *path = tc->expected_errno == ENOTDIR ? FILE1 : MNTPOINT;
 	int dirfd = AT_FDCWD;
-	int se_enforcing = 0;
 
 	if (tc->pfd) {
 		dirfd = tc->pfd[0];
 		path = NULL;
-		se_enforcing = is_selinux_enforcing();
 	}
 
 	tst_res(TINFO, "Testing %s with %s",
@@ -360,6 +359,8 @@ static void do_setup(void)
 	SAFE_FILE_PRINTF(FILE1, "0");
 	/* Create anonymous pipes to place marks on */
 	SAFE_PIPE2(pipes, O_CLOEXEC);
+
+	se_enforcing = is_selinux_enforcing();
 }
 
 static void do_cleanup(void)
> Let's see what Jan and Petr think.

> Thanks,
> Amir.
