[d-kernel] [PATCH v5] AltHa: handle setcap binaries in the same way as setuid ones

Ср Июн 1 04:06:13 MSK 2022

Vladimir,

On Wed, Jun 01, 2022 at 01:47:27AM +0300, Vladimir D. Seleznev wrote:
> On Tue, May 31, 2022 at 09:45:03AM +0300, Dmitry V. Levin wrote:
> > On Tue, May 31, 2022 at 12:28:19AM +0300, Vladimir D. Seleznev wrote:
> > > On Mon, May 30, 2022 at 06:45:09PM +0300, Dmitry V. Levin wrote:
> > > > On Mon, May 30, 2022 at 06:24:12PM +0300, Vladimir D. Seleznev wrote:
> > > > > On Mon, May 30, 2022 at 06:11:25PM +0300, Vitaly Chikunov wrote:
> > > > [...]
> > > > > > What about tests?
> > > > > 
> > > > > I'm not ready to put efforts for tests at this moment. Please apply the
> > > > > patch, the tests can be a future work for this module.
> > > > 
> > > > In the absence of tests, how can we make sure the new feature works properly?
> > > 
> > > I tested it. The tests are good, but how do you know they are correct? I
> > > don't mind to write tests but not now.
> > 
> > Tests are crucial in proving that new features work properly.
> > In some projects, e.g. strace, a new feature is not merged
> > until accompanied with a proper test.
> > 
> > What's stopping you from supplying a test now?
> 
> I'm not an expert in kernel tests framework, so I need to involve time
> to learn it.

You'll be disappointed be the kernel test framework. Basically it's just
convention to print in TAP format. So for shell scripts you're on your
own. And I'm suggesting you to write just a simple and understandable
test shell script. Kiosk test is just an example of such script and not
"framework" suggestion. It's as suitable as bash.

Only properties we need for such test script it that it's easily runnable,
understandable, and cover positive and negative cases.

I will run it at least once. Perhaps, no need to run it on every kernel
build, but it's possible, since we run some LTP tests anyway, it'll
depend on how heavy the test is. Testers can run it too (if they wish).

You don't need to integrate it into kselftests, since we don't run it
anyway, and upstream will not run your tests either, so why bother?
Simple literate bash script is enough.

> vt@ suggested taking as an example kiosk test, but as far
> as I understand it does not use kernel test facility, instead it is
> written independently, and it poorly suitable for altha nosuid
> functionality. Besides, the kiost test does not run during build process
> (correct me if I'm wrong), so its presence does not make things any
> better.

Perhaps, more people should be able to understand what test does than
what LSM code does. So the test is supposed to increase confidence in
nosuid feature, and show there's no regressions anywhere in the future
we wish to be reassured.

The test will not "make things any better" if you absolutely confident
in flawlessness of your code.

Thanks,

> 
> AltHa code is almost stand-alone and does not change any part of the
> vanilla kernel. I think if it does not work as expected, users will
> report that (and I use it).
> 
> -- 
>    WBR,
>    Vladimir D. Seleznev
> _______________________________________________
> devel-kernel mailing list
> devel-kernel at lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel-kernel