Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp1680373ybx; Thu, 7 Nov 2019 15:34:50 -0800 (PST) X-Google-Smtp-Source: APXvYqwYhx2bXpBQGjfxe8HeuEDdPSLRGFX9FBdRXb703aO2K2V11MNxO2/ia40eObz2YQ++Ek7I X-Received: by 2002:a50:ec1a:: with SMTP id g26mr4033345edr.84.1573169690505; Thu, 07 Nov 2019 15:34:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573169690; cv=none; d=google.com; s=arc-20160816; b=rENdqxu2H6uuBrWWrG5eG6FjX+NP7I6NkKH8JMh+TCYq4avdPIDgC5QqD2BPKFUslB GILCN0MvPensUhDrFEJMsEqmOTJJtoJZeXV0Qvr4QN/DObt/kJNeHEpXArricG1tY8y0 tlQRvKa+1eqd2RkXCwQYtA7dxPjU6555g8/ciALDikZaWCzYlBcBGW/Tr3uTLUvP3aaf vIjylgtemrbKjy58WWK7RulzGfrGLkEOmfb1rsjke9gjHpLVLvhf5xkNVIwsjE+nAuZD NmQdG4TyfsKo1MvJNCr1sfIuvZSYAs8+KQfcFeOiod6HdmcjXLDXs313TUCNU4C7pFyn UxWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=U9LCQzLECFkJez50E4J6R+X6khDWEPIZnHrW73R9i5E=; b=Mql1MeGmMGT7tOUR9sjw7DkrEUECOGT4YW5L/zSCI0sZMqTfbKejCbzEMbJnnSdHBi Nm3EdhmDNTcmbTKXAGHt6fq+73oGZS+2FVj2V9ES7DUHpWPv0pVqJcraf5j7PsnpRZg/ MK3JkJ1GUJWwWXHXdbd78odGqth6L3OdpsH1ubHh4tf7RxFWcx1wRkifejGe0sMljkbD F0ItFyRXK/k//YQaEPT1ZSkdk0RE9M9yl22HFr/BYdGLXYhH/wnk0ETTGLCEQ9r52rs4 0uwz3XJjdIKng01neRgEDayNtAa6Z3xogba5QFH89X97Xwr5fEfoof6pceCWHtIY5wTb v9FQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VCSF0q3Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q4si3079235edc.403.2019.11.07.15.34.25; Thu, 07 Nov 2019 15:34:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VCSF0q3Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726504AbfKGXdo (ORCPT + 99 others); Thu, 7 Nov 2019 18:33:44 -0500 Received: from mail-pf1-f193.google.com ([209.85.210.193]:45800 "EHLO mail-pf1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725930AbfKGXdo (ORCPT ); Thu, 7 Nov 2019 18:33:44 -0500 Received: by mail-pf1-f193.google.com with SMTP id z4so3458229pfn.12 for ; Thu, 07 Nov 2019 15:33:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=U9LCQzLECFkJez50E4J6R+X6khDWEPIZnHrW73R9i5E=; b=VCSF0q3YAX7JfT36ea1mW70HVF+YkyVrrVNTW2SZ4JLxyAeawqVF5Rdh/9rH2i6SAG FoQiW4BL2Au/RpCOeuFpBTfOXv4RQtMPCBLk6e6QZxC/urZTkrbpLiC+YEq9NmzAG5cv F+3JZZa34J+jp5deo2+K4zBb9HUa7wRMlJQsvk8KX9STNPJBMoHbGn/Q46TMgSZ3qeLo ngTvyzyK3mDIAm6PbpO9h1Beh1EI6Xb9/jJ3eovQN+C9cXnxaZQ1izArK9tovZRpWLOD tLEtBET4eAM8hFBHeMHotaYpbI6I69R5joMhIlXZrcEQGsztakOvy2J+1ogM7Gq4/lfG d6oA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=U9LCQzLECFkJez50E4J6R+X6khDWEPIZnHrW73R9i5E=; b=b5FMyxrJCZzYaCbg7PYZ4n4dPrpsFcs/4IbpAOqLvjG6/pVE0ZOHfZkmJ6HfsiSRon OajtMC4T1Y3YyThtCnElbqae6C4PqE2+98O/Z4YP9O1vvA5F1k/s7Vro2R3rHfy6HOlH fhoc9h9rAswHAhR7Z27LCjEw++RCGUrMmG8qy5kDmvh1ijKUEHikRBeQkB4XEBBT8SGb 3FbpEoc9cMQ4taBzbpiZfcoEWeaWEOqPlyhfGHg2mcVkOAPPiM4bz6619pnuSQnsO2c0 AzlPDK8Qpll+2njKokBfETF1SiYjP03JOgewQnXuWpEP0yQ1p7GTBzWY5fut+tbriTVx 1d4A== X-Gm-Message-State: APjAAAUd4PuxtZ64KjnFnd4YqaHQJYU8tyfNnOx4+cBDCLuleVJEe46d /1H+XiBBful02KgwhPkIypXFsQ== X-Received: by 2002:aa7:9aa9:: with SMTP id x9mr7834759pfi.207.1573169622713; Thu, 07 Nov 2019 15:33:42 -0800 (PST) Received: from google.com ([2620:15c:2cb:1:e90c:8e54:c2b4:29e7]) by smtp.gmail.com with ESMTPSA id u3sm3438966pgp.51.2019.11.07.15.33.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 Nov 2019 15:33:41 -0800 (PST) Date: Thu, 7 Nov 2019 15:33:37 -0800 From: Brendan Higgins To: Kees Cook Cc: shuah@kernel.org, john.johansen@canonical.com, jmorris@namei.org, serge@hallyn.com, alan.maguire@oracle.com, yzaikin@google.com, davidgow@google.com, mcgrof@kernel.org, tytso@mit.edu, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, kunit-dev@googlegroups.com, linux-kselftest@vger.kernel.org, Mike Salvatore Subject: Re: [PATCH linux-kselftest/test v2] apparmor: add AppArmor KUnit tests for policy unpack Message-ID: <20191107233337.GA191231@google.com> References: <20191106004329.16991-1-brendanhiggins@google.com> <201911060916.AC9E14B@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201911060916.AC9E14B@keescook> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Nov 06, 2019 at 09:18:27AM -0800, Kees Cook wrote: > On Tue, Nov 05, 2019 at 04:43:29PM -0800, Brendan Higgins wrote: > > From: Mike Salvatore > > > > Add KUnit tests to test AppArmor unpacking of userspace policies. > > AppArmor uses a serialized binary format for loading policies. To find > > policy format documentation see > > Documentation/admin-guide/LSM/apparmor.rst. > > > > In order to write the tests against the policy unpacking code, some > > static functions needed to be exposed for testing purposes. One of the > > goals of this patch is to establish a pattern for which testing these > > kinds of functions should be done in the future. > > > > Signed-off-by: Brendan Higgins > > Signed-off-by: Mike Salvatore > > --- > > security/apparmor/Kconfig | 16 + > > security/apparmor/policy_unpack.c | 4 + > > security/apparmor/policy_unpack_test.c | 607 +++++++++++++++++++++++++ > > 3 files changed, 627 insertions(+) > > create mode 100644 security/apparmor/policy_unpack_test.c > > > > diff --git a/security/apparmor/Kconfig b/security/apparmor/Kconfig > > index d8b1a360a6368..78a33ccac2574 100644 > > --- a/security/apparmor/Kconfig > > +++ b/security/apparmor/Kconfig > > @@ -66,3 +66,19 @@ config SECURITY_APPARMOR_DEBUG_MESSAGES > > Set the default value of the apparmor.debug kernel parameter. > > When enabled, various debug messages will be logged to > > the kernel message buffer. > > + > > +config SECURITY_APPARMOR_KUNIT_TEST > > + bool "Build KUnit tests for policy_unpack.c" > > + depends on KUNIT && SECURITY_APPARMOR > > + help > > + This builds the AppArmor KUnit tests. > > + > > + KUnit tests run during boot and output the results to the debug log > > + in TAP format (http://testanything.org/). Only useful for kernel devs > > + running KUnit test harness and are not for inclusion into a > > + production build. > > + > > + For more information on KUnit and unit tests in general please refer > > + to the KUnit documentation in Documentation/dev-tools/kunit/. > > + > > + If unsure, say N. > > diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c > > index 8cfc9493eefc7..37c1dd3178fc0 100644 > > --- a/security/apparmor/policy_unpack.c > > +++ b/security/apparmor/policy_unpack.c > > @@ -1120,3 +1120,7 @@ int aa_unpack(struct aa_loaddata *udata, struct list_head *lh, > > > > return error; > > } > > + > > +#ifdef CONFIG_SECURITY_APPARMOR_KUNIT_TEST > > +#include "policy_unpack_test.c" > > +#endif /* CONFIG_SECURITY_APPARMOR_KUNIT_TEST */ > > To make this even LESS intrusive, the ifdefs could live in ..._test.c. Less intrusive, yes, but I think I actually like the ifdef here; it makes it clear from the source that the test is only a part of the build when configured to do so. Nevertheless, I will change it if anyone feels strongly about it. > Also, while I *think* the kernel build system will correctly track this > dependency, can you double-check that changes to ..._test.c correctly > trigger a recompile of policy_unpack.c? Yep, just verified, first I ran the tests and everything passed. Then I applied the following diff: diff --git a/security/apparmor/policy_unpack_test.c b/security/apparmor/policy_unpack_test.c index 533137f45361c..e1b0670dbdc27 100644 --- a/security/apparmor/policy_unpack_test.c +++ b/security/apparmor/policy_unpack_test.c @@ -161,7 +161,7 @@ static void policy_unpack_test_unpack_array_with_name(struct kunit *test) array_size = unpack_array(puf->e, name); - KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE); + KUNIT_EXPECT_EQ(test, array_size + 1, (u16)TEST_ARRAY_SIZE); KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1); } and reran the tests (to trigger an incremental build) and the test failed as expected indicating that the dependency is properly tracked. Cheers!