[LTP] [PATCH v2 7/8] ima_violations.sh: Check for a required policy
Petr Vorel
pvorel@suse.cz
Fri Dec 13 23:20:13 CET 2024
Add check for ^func=FILE_CHECK'
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
.../kernel/security/integrity/ima/tests/ima_violations.sh | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
index 0f710dea2e..73b9fe6f30 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
@@ -1,7 +1,7 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-2.0-or-later
# Copyright (c) 2009 IBM Corporation
-# Copyright (c) 2018-2020 Petr Vorel <pvorel@suse.cz>
+# Copyright (c) 2018-2024 Petr Vorel <pvorel@suse.cz>
# Author: Mimi Zohar <zohar@linux.ibm.com>
#
# Test whether ToMToU and open_writer violations invalidatethe PCR and are logged.
@@ -9,6 +9,7 @@
TST_SETUP="setup"
TST_CLEANUP="cleanup"
TST_CNT=3
+REQUIRED_POLICY='^func=FILE_CHECK'
setup()
{
@@ -17,6 +18,8 @@ setup()
LOG="/var/log/messages"
PRINTK_RATE_LIMIT=
+ require_ima_policy_content_if_readable "$REQUIRED_POLICY"
+
if status_daemon auditd; then
LOG="/var/log/audit/audit.log"
elif tst_check_cmds sysctl; then
--
2.47.1
More information about the ltp
mailing list