[RFC PATCH v3 09/19] selftests/landlock: Test creating a ruleset with unknown access
Mikhail Ivanov
ivanov.mikhail1 at huawei-partners.com
Wed Sep 4 10:48:14 UTC 2024
Add test that validates behaviour of Landlock after ruleset with
unknown access is created.
Signed-off-by: Mikhail Ivanov <ivanov.mikhail1 at huawei-partners.com>
---
Changes since v2:
* Removes fixture `mini`. Network namespace is not used, so this
fixture has become useless.
* Changes commit title and message.
Changes since v1:
* Refactors commit message.
---
tools/testing/selftests/landlock/socket_test.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/tools/testing/selftests/landlock/socket_test.c b/tools/testing/selftests/landlock/socket_test.c
index e7b4165a85cd..dee676c11227 100644
--- a/tools/testing/selftests/landlock/socket_test.c
+++ b/tools/testing/selftests/landlock/socket_test.c
@@ -463,4 +463,20 @@ TEST_F(protocol, ruleset_overlap)
EXPECT_EQ(EACCES, test_socket_variant(&self->prot));
}
+TEST(ruleset_with_unknown_access)
+{
+ __u64 access_mask;
+
+ for (access_mask = 1ULL << 63; access_mask != ACCESS_LAST;
+ access_mask >>= 1) {
+ const struct landlock_ruleset_attr ruleset_attr = {
+ .handled_access_socket = access_mask,
+ };
+
+ EXPECT_EQ(-1, landlock_create_ruleset(&ruleset_attr,
+ sizeof(ruleset_attr), 0));
+ EXPECT_EQ(EINVAL, errno);
+ }
+}
+
TEST_HARNESS_MAIN
--
2.34.1
More information about the Linux-security-module-archive
mailing list