[PATCH v13 11/11] LSM: selftests for Linux Security Module syscalls

Mickaël Salaün mic at digikod.net
Fri Aug 25 18:58:49 UTC 2023


On Fri, Aug 25, 2023 at 11:14:15AM -0700, Casey Schaufler wrote:
> On 8/25/2023 8:01 AM, Mickaël Salaün wrote:
> > These tests look good!
> >
> > I suggested other tests to add in my previous emails.
> 
> Some of the tests you've suggested will be very difficult to implement
> in the face of varying LSM configurations. I need to defer them until a
> later date.

Sure, some might be difficult, but some bound checks (e.g. extra flags)
should be doable.

> 
> > I'd suggest to re-run clang-format -i on them though.
> 
> I assume you're recommending a set of options to clang-format
> beyond just "-i". The result of clang-format -i by itself is
> horrific. 

I just ran clang -i (with the default kernel configuration, which is
taken into account by default). This just add four changes: the PROCATTR
define and three ASSERT*() calls, which are not too uggly IMO.



More information about the Linux-security-module-archive mailing list