[LTP] [PATCH v2 5/8] ima_kexec.sh: Move checking policy if readable to ima_setup.sh
Petr Vorel
pvorel@suse.cz
Fri Dec 13 23:20:11 CET 2024
It will be reused.
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
.../kernel/security/integrity/ima/tests/ima_kexec.sh | 8 ++------
.../kernel/security/integrity/ima/tests/ima_setup.sh | 10 ++++++++++
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/testcases/kernel/security/integrity/ima/tests/ima_kexec.sh b/testcases/kernel/security/integrity/ima/tests/ima_kexec.sh
index 3446bc24bf..df8658655d 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_kexec.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_kexec.sh
@@ -47,10 +47,7 @@ setup()
tst_brk TCONF "kernel image not found, specify path in \$IMA_KEXEC_IMAGE"
fi
- if check_policy_readable; then
- require_ima_policy_content "$REQUIRED_POLICY"
- policy_readable=1
- fi
+ require_ima_policy_content_if_readable "$REQUIRED_POLICY"
}
kexec_failure_hint()
@@ -97,8 +94,7 @@ kexec_test()
ROD kexec -su
if ! measure "$cmdline"; then
- if [ "$policy_readable" != 1 ]; then
- tst_res TWARN "policy not readable, it might not contain required policy '$REQUIRED_POLICY'"
+ if ! check_policy_readable; then
res=TBROK
fi
tst_brk $res "unable to find a correct measurement"
diff --git a/testcases/kernel/security/integrity/ima/tests/ima_setup.sh b/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
index e958dd3334..9a05a31c31 100644
--- a/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_setup.sh
@@ -101,6 +101,16 @@ check_ima_policy_content()
fi
}
+require_ima_policy_content_if_readable()
+{
+ local pattern="$1"
+ local grep_params="${2--q}"
+
+ if ! check_ima_policy_content "$pattern" "$grep_params"; then
+ tst_brk TCONF "IMA policy does not specify '$pattern'"
+ fi
+}
+
require_ima_policy_content()
{
local pattern="$1"
--
2.47.1
More information about the ltp
mailing list