[PATCH linux-kselftest/test v1] apparmor: add AppArmor KUnit tests for policy unpack
Alan Maguire
alan.maguire at oracle.com
Sat Oct 19 12:56:01 UTC 2019
On Fri, 18 Oct 2019, Luis Chamberlain wrote:
> On Thu, Oct 17, 2019 at 05:18:16PM -0700, Brendan Higgins wrote:
> > From: Mike Salvatore <mike.salvatore at canonical.com>
> >
> > In order to write the tests against the policy unpacking code, some
> > static functions needed to be exposed for testing purposes. One of the
> > goals of this patch is to establish a pattern for which testing these
> > kinds of functions should be done in the future.
>
> And you'd run into the same situation expressed elsewhere with kunit of
> an issue of the kunit test as built-in working but if built as a module
> then it would not work, given the lack of exports. Symbols namespaces
> should resolve this [0], and we'd be careful where a driver imports this
> namespace.
>
> [0] https://lwn.net/Articles/798254/
>
Thanks for the link! Looks interesting for us definitely!
WRT adding tests, I think what we're aiming at is a set of best practices
to advise test developers using KUnit, while attempting to minimize
side-effects of any changes we need to make to support testability.
One aspect of this we probably have to consider is inlining of code. For
cases like this where the functions are small and are called in a small
number of cases, any testability changes we make may push a
previously-inlined function to not be inlined, with potential performance
side-effects for the subsystem. In such cases, I wonder if the right
answer would be to suggest actually defining the functions as
inline in the header file? That way the compiler still gets to decide (as
opposed to __always_inline), and we don't perturb performance too much.
Thanks!
Alan
> Luis
>
More information about the Linux-security-module-archive
mailing list