selinux-testsuite: Add secretmem test

SELinuxProject / selinux-testsuite

This is the upstream SELinux testsuite which is designed as a basic set of regression tests for the SELinux kernel functionality.

GNU General Public License v2.0

53 stars 43 forks source link

selinux-testsuite: Add secretmem test #80

Closed cgzones closed 2 years ago

cgzones commented 2 years ago

Testcases for [RFC] mm: create security context for memfd_secret inodes, see https://patchwork.kernel.org/project/selinux/patch/20220125143304.34628-1-cgzones@googlemail.com/.

WOnder93 commented 2 years ago

(Whoops, sorry, I accidentally pushed to your branch while trying something out... I reverted it back.)

WOnder93 commented 2 years ago

TODO: The system needs to enable secretmem at boot time via the cmdline option secretmem.enable=1. How can that be added to the virtual machine?

You could do something like this: https://github.com/WOnder93/selinux-testsuite/commit/c39b1f4fa81493fde2b6c0331707eb1d70c95f9c

cgzones commented 2 years ago

You could do something like this: WOnder93@c39b1f4

Thanks, applied.

pcmoore commented 2 years ago

FYI. I just merged the associated kernel patch via the selinux/next branch.

https://lore.kernel.org/selinux/20220125143304.34628-1-cgzones@googlemail.com/

WOnder93 commented 2 years ago

Applied as 77352e748f006c343d602e4be03ae0d2cfcca831