[LTP] [PATCH 1/2] lib: Add helpers for module signature enforcement
Petr Vorel
pvorel@suse.cz
Fri Dec 27 17:00:41 CET 2024
Add them to both legacy and new API (used in both).
NOTE: because test is called often in the setup function
don't call a cleanup function in the old API version.
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
include/old/old_module.h | 33 +++++++++++++++++++++++++++++++++
include/tst_module.h | 17 +++++++++++++++++
lib/tst_module.c | 24 ++++++++++++++++++++++++
3 files changed, 74 insertions(+)
diff --git a/include/old/old_module.h b/include/old/old_module.h
index 496520d64d..b2ea06d0c2 100644
--- a/include/old/old_module.h
+++ b/include/old/old_module.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013 Oracle and/or its affiliates. All Rights Reserved.
+ * Copyright (c) Linux Test Project, 2016-2024
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
@@ -34,6 +35,8 @@
#ifndef TST_MODULE
#define TST_MODULE
+#include <stdbool.h>
+
void tst_module_exists_(void (cleanup_fn)(void), const char *mod_name,
char **mod_path);
@@ -42,6 +45,9 @@ void tst_module_load_(void (cleanup_fn)(void), const char *mod_name,
void tst_module_unload_(void (cleanup_fn)(void), const char *mod_name);
+bool tst_module_signature_enforced_(void);
+void tst_check_module_signature_enforced_(void);
+
/*
* Check module existence.
*
@@ -86,4 +92,31 @@ static inline void tst_module_unload(void (cleanup_fn)(void), const char *mod_na
tst_module_unload_(cleanup_fn, mod_name);
}
+/**
+ * tst_check_module_signature_enforced() - Check if enforced module signature.
+ *
+ * Module signature is enforced if module.sig_enforce=1 kernel parameter or
+ * CONFIG_MODULE_SIG_FORCE=y.
+ *
+ * return: Returns true if module signature is enforced false otherwise.
+ *
+ */
+static inline bool tst_module_signature_enforced(void)
+{
+ return tst_module_signature_enforced_();
+}
+
+/**
+ * tst_check_module_signature_enforced() - Check if test needs to be skipped due
+ * enforced module signature.
+ *
+ * Skip test with tst_brk(TCONF) due module signature enforcement if
+ * module.sig_enforce=1 kernel parameter or CONFIG_MODULE_SIG_FORCE=y.
+ */
+
+static inline void tst_check_module_signature_enforced(void)
+{
+ tst_check_module_signature_enforced_();
+}
+
#endif /* TST_MODULE */
diff --git a/include/tst_module.h b/include/tst_module.h
index 2654c5afb6..8353742e1c 100644
--- a/include/tst_module.h
+++ b/include/tst_module.h
@@ -1,12 +1,15 @@
// SPDX-License-Identifier: GPL-2.0-or-later
/*
* Copyright (c) 2013 Oracle and/or its affiliates. All Rights Reserved.
+ * Copyright (c) Linux Test Project, 2016-2024
* Alexey Kodanev <alexey.kodanev@oracle.com>
*/
#ifndef TST_MODULE_H
#define TST_MODULE_H
+#include <stdbool.h>
+
void tst_module_exists_(void (cleanup_fn)(void), const char *mod_name,
char **mod_path);
@@ -30,4 +33,18 @@ static inline void tst_module_unload(const char *mod_name)
tst_module_unload_(NULL, mod_name);
}
+bool tst_module_signature_enforced_(void);
+
+static inline bool tst_module_signature_enforced(void)
+{
+ return tst_module_signature_enforced_();
+}
+
+void tst_check_module_signature_enforced_(void);
+
+static inline void tst_check_module_signature_enforced(void)
+{
+ tst_check_module_signature_enforced_();
+}
+
#endif /* TST_MODULE_H */
diff --git a/lib/tst_module.c b/lib/tst_module.c
index 9bd4436236..caf311f803 100644
--- a/lib/tst_module.c
+++ b/lib/tst_module.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013 Oracle and/or its affiliates. All Rights Reserved.
+ * Copyright (c) Linux Test Project, 2016-2024
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
@@ -23,8 +24,10 @@
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
+#include <stdbool.h>
#include "test.h"
+#include "tst_kconfig.h"
#include "ltp_priv.h"
#include "old_module.h"
@@ -122,3 +125,24 @@ void tst_module_unload_(void (cleanup_fn)(void), const char *mod_name)
"could not unload %s module", mod_name);
}
}
+
+bool tst_module_signature_enforced_(void)
+{
+ struct tst_kcmdline_var params = TST_KCMDLINE_INIT("module.sig_enforce");
+ struct tst_kconfig_var kconfig = TST_KCONFIG_INIT("CONFIG_MODULE_SIG_FORCE");
+ int rc;
+
+ tst_kcmdline_parse(¶ms, 1);
+ tst_kconfig_read(&kconfig, 1);
+
+ rc = params.found || kconfig.choice == 'y';
+ tst_resm(TINFO, "module signature enforcement: %s", rc ? "on" : "off");
+
+ return rc;
+}
+
+void tst_check_module_signature_enforced_(void)
+{
+ if (tst_module_signature_enforced_())
+ tst_brkm(TCONF, NULL, "module signature is enforced, skip test");
+}
--
2.45.2
More information about the ltp
mailing list