Loading...
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 | // SPDX-License-Identifier: GPL-2.0 /* * Linux Security Module infrastructure tests * Tests for the lsm_list_modules system call * * Copyright © 2022 Casey Schaufler <casey@schaufler-ca.com> */ #define _GNU_SOURCE #include <linux/lsm.h> #include <string.h> #include <stdio.h> #include <unistd.h> #include <sys/types.h> #include "../kselftest_harness.h" #include "common.h" TEST(size_null_lsm_list_modules) { const long page_size = sysconf(_SC_PAGESIZE); __u64 *syscall_lsms = calloc(page_size, 1); ASSERT_NE(NULL, syscall_lsms); errno = 0; ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, NULL, 0)); ASSERT_EQ(EFAULT, errno); free(syscall_lsms); } TEST(ids_null_lsm_list_modules) { const long page_size = sysconf(_SC_PAGESIZE); __u32 size = page_size; errno = 0; ASSERT_EQ(-1, lsm_list_modules(NULL, &size, 0)); ASSERT_EQ(EFAULT, errno); ASSERT_NE(1, size); } TEST(size_too_small_lsm_list_modules) { const long page_size = sysconf(_SC_PAGESIZE); __u64 *syscall_lsms = calloc(page_size, 1); __u32 size = 1; ASSERT_NE(NULL, syscall_lsms); errno = 0; ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, &size, 0)); ASSERT_EQ(E2BIG, errno); ASSERT_NE(1, size); free(syscall_lsms); } TEST(flags_set_lsm_list_modules) { const long page_size = sysconf(_SC_PAGESIZE); __u64 *syscall_lsms = calloc(page_size, 1); __u32 size = page_size; ASSERT_NE(NULL, syscall_lsms); errno = 0; ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, &size, 7)); ASSERT_EQ(EINVAL, errno); ASSERT_EQ(page_size, size); free(syscall_lsms); } TEST(correct_lsm_list_modules) { const long page_size = sysconf(_SC_PAGESIZE); __u32 size = page_size; __u64 *syscall_lsms = calloc(page_size, 1); char *sysfs_lsms = calloc(page_size, 1); char *name; char *cp; int count; int i; ASSERT_NE(NULL, sysfs_lsms); ASSERT_NE(NULL, syscall_lsms); ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); count = lsm_list_modules(syscall_lsms, &size, 0); ASSERT_LE(1, count); cp = sysfs_lsms; for (i = 0; i < count; i++) { switch (syscall_lsms[i]) { case LSM_ID_CAPABILITY: name = "capability"; break; case LSM_ID_SELINUX: name = "selinux"; break; case LSM_ID_SMACK: name = "smack"; break; case LSM_ID_TOMOYO: name = "tomoyo"; break; case LSM_ID_APPARMOR: name = "apparmor"; break; case LSM_ID_YAMA: name = "yama"; break; case LSM_ID_LOADPIN: name = "loadpin"; break; case LSM_ID_SAFESETID: name = "safesetid"; break; case LSM_ID_LOCKDOWN: name = "lockdown"; break; case LSM_ID_BPF: name = "bpf"; break; case LSM_ID_LANDLOCK: name = "landlock"; break; case LSM_ID_IMA: name = "ima"; break; case LSM_ID_EVM: name = "evm"; break; default: name = "INVALID"; break; } ASSERT_EQ(0, strncmp(cp, name, strlen(name))); cp += strlen(name) + 1; } free(sysfs_lsms); free(syscall_lsms); } TEST_HARNESS_MAIN |