QA Regression Testing

Merge ~georgiag/qa-regression-testing:abi-mqueue-test into qa-regression-testing:master

  1. Git
  2. lp:~georgiag/qa-regression-testing
  3. abi-mqueue-test
  4. Merge into master
Proposed by Georgia Garcia
Status: Merged
Merge reported by: Georgia Garcia
Merged at revision: b598168ef94a3109bf71c6bbb33ac6b7e7c92f63
Proposed branch: ~georgiag/qa-regression-testing:abi-mqueue-test
Merge into: qa-regression-testing:master
Diff against target: 87 lines (+76/-0)
1 file modified
scripts/test-apparmor.py (+76/-0)
Reviewer Review Type Date Requested Status
Alex Murray Approve
Review via email: mp+433546@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Alex Murray (alexmurray) wrote :

LGTM - thanks Georgia (I've tested this against apparmor in Ubuntu for a few different releases).

review: Approve
Revision history for this message
Alex Murray (alexmurray) wrote :

Georgia does this need any further work? If not, can you please merge it?

Revision history for this message
Georgia Garcia (georgiag) wrote :

Sorry I didn't do it before, I thought I still didn't have permission. But it's done. Thank you!

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/test-apparmor.py b/scripts/test-apparmor.py
2index 30b8097..1d10111 100755
3--- a/scripts/test-apparmor.py
4+++ b/scripts/test-apparmor.py
5@@ -1798,6 +1798,82 @@ class ApparmorTestsuites(testlib.TestlibCase):
6 if os.path.exists(topsrc) and os.path.exists(os.path.join(self.source, '.downloaded_source')):
7 testlib.recursive_rm(topsrc)
8
9+ def test_regression_mqueue_abi(self):
10+ '''Test if abi is working properly'''
11+
12+ if not os.path.exists('/sys/kernel/security/apparmor/features/ipc/posix_mqueue'):
13+ return self._skipped('mqueue feature not available for testing')
14+
15+ if not os.path.exists('/etc/apparmor.d/abi/2.13'):
16+ return self._skipped('abi file not available for testing')
17+
18+ self._prepare_source()
19+ if os.path.exists('./tests/regression/apparmor'):
20+ os.chdir("./tests/regression/apparmor")
21+ else:
22+ return self._skipped('apparmor regression tests not available')
23+
24+ rc, report = testlib.cmd(['make'])
25+ expected = 0
26+ result = 'Got exit code %d, expected %d\n' % (rc, expected)
27+ self.assertEqual(expected, rc, result + report)
28+
29+ posix_mq_rcv = os.getcwd() + '/posix_mq_rcv'
30+ posix_mq_snd = os.getcwd() + '/posix_mq_snd'
31+
32+ if not os.path.exists(posix_mq_rcv) or not os.path.exists(posix_mq_snd):
33+ return self._skipped('mqueue tests not available')
34+
35+ contents = '''
36+abi <kernel>,
37+include <tunables/global>
38+%s {
39+ include <abstractions/base>
40+ %s ux,
41+}
42+''' % (posix_mq_rcv, posix_mq_snd)
43+
44+ profile = os.path.join(self.tmpdir, 'profile')
45+ testlib.create_fill(profile, contents, mode=0o644)
46+
47+ rc, report = testlib.cmd(['apparmor_parser', '-r', profile])
48+ expected = 0
49+ result = 'Got exit code %d, expected %d\n' % (rc, expected)
50+ self.assertEqual(expected, rc, result + report)
51+
52+ # execution should fail with permission denied
53+ # abi is kernel, mqueue should be enforced
54+ # policy does not contain mqueue rule
55+ rc, report = testlib.cmd([posix_mq_rcv, '-c', posix_mq_snd])
56+ expected = 1
57+ result = 'Got exit code %d, expected %d\n' % (rc, expected)
58+ self.assertEqual(expected, rc, result + report)
59+
60+ contents = '''
61+abi <abi/2.13>,
62+include <tunables/global>
63+%s {
64+ include <abstractions/base>
65+ %s ux,
66+}
67+''' % (posix_mq_rcv, posix_mq_snd)
68+
69+ profile = os.path.join(self.tmpdir, 'profile')
70+ testlib.create_fill(profile, contents, mode=0o644)
71+
72+ rc, report = testlib.cmd(['apparmor_parser', '-r', profile])
73+ expected = 0
74+ result = 'Got exit code %d, expected %d\n' % (rc, expected)
75+ self.assertEqual(expected, rc, result + report)
76+
77+ # execution should be allowed
78+ # abi is 2.13 - does not contain mqueue, mqueue should not be enforced
79+ # policy does not contain mqueue rule
80+ rc, report = testlib.cmd([posix_mq_rcv, '-c', posix_mq_snd])
81+ expected = 0
82+ result = 'Got exit code %d, expected %d\n' % (rc, expected)
83+ self.assertEqual(expected, rc, result + report)
84+
85 def test_regression_testsuite(self):
86 '''Run kernel regression tests'''
87 self._prepare_source()

Subscribers

People subscribed via source and target branches