mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-31 22:35:35 +00:00
regression tests: fix regression tests to pass on 4.14 upstream kernel
Some of the regression tests are missing conditionals or have the
wrong conditionals so that they fail on current upstream kernels.
Fix this by adding and changing conditionals and requires where
appropriate. With the patches the tests report passing on 4.14 and
4.15 kernels.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Time out
(cherry picked from commit 6f1d054468
)
This commit is contained in:
@@ -93,6 +93,7 @@ querytest()
|
||||
runchecktest "$desc" "$pf" "$expect" "$label" "$perms" $*
|
||||
}
|
||||
|
||||
if [ "$(kernel_features dbus)" == "true" ]; then
|
||||
# Check querying of a label that the kernel doesn't know about
|
||||
# aa_query_label() should return an error
|
||||
expect anything
|
||||
@@ -209,6 +210,9 @@ perms dbus send
|
||||
querytest "QUERY dbus (svc send)" fail $dbus_svc_query
|
||||
perms dbus receive
|
||||
querytest "QUERY dbus (svc receive)" fail $dbus_svc_query
|
||||
else
|
||||
echo " required feature dbus missing, skipping dbus queries ..."
|
||||
fi
|
||||
|
||||
genqueryprofile "file,"
|
||||
expect allow
|
||||
|
@@ -137,7 +137,7 @@ runchecktest "fd passing; confined -> confined (no perm)" fail $file $socket $fd
|
||||
sleep 1
|
||||
rm -f ${socket}
|
||||
|
||||
if [ "$(kernel_features policy/versions/v6)" == "true" -a "$(parser_supports 'unix,')" == "true" ] ; then
|
||||
if [ "$(kernel_features policy/network/af_unix)" == "true" -a "$(parser_supports 'unix,')" == "true" ] ; then
|
||||
# FAIL - confined client, no access to the socket file
|
||||
|
||||
genprofile $file:$okperm $af_unix $socket:rw $fd_client:px -- image=$fd_client $file:$okperm $af_unix
|
||||
|
@@ -28,6 +28,8 @@ bin=$pwd
|
||||
|
||||
. $bin/prologue.inc
|
||||
requires_kernel_features policy/versions/v6
|
||||
#af_mask for downgrade test af_unix for full test
|
||||
requires_kernel_features network/af_mask
|
||||
|
||||
settest unix_socket
|
||||
|
||||
|
Reference in New Issue
Block a user