| Message ID | 20180314155731.5943-3-pvorel@suse.cz |
|---|---|
| State | Changes Requested |
| Delegated to: | Petr Vorel |
| Headers | show |
| Series | Rewrite tests into new API + fixes | expand |
diff --git a/runtest/ima b/runtest/ima index bcae16bb7..06bfd7720 100644 --- a/runtest/ima +++ b/runtest/ima @@ -1,5 +1,5 @@ #DESCRIPTION:Integrity Measurement Architecture (IMA) -ima_measurements ima_measurements.sh ima_policy ima_policy.sh +ima_measurements ima_measurements.sh ima_tpm ima_tpm.sh ima_violations ima_violations.sh
This fixes failing policy tests when no IMA is configured on SUT. Signed-off-by: Petr Vorel <pvorel@suse.cz> --- Mimi suggested in [1]: The current ordering of the tests assume that the system was booted with the builtin "ima_tcb" policy enabled on the boot command line. Assuming that the kernel doesn't require policies to be signed, changing the order of the tests is fine. Or simply test whether the system was booted with either "ima_tcb" or "ima_policy=tcb" boot command line options. Mimi, do I understand it correctly that ima_policy.sh should be called first when using ima_tcb (original order) and second otherwise? That would be problematic, as we need a fixed order of tests in runtest file. [1] http://lists.linux.it/pipermail/ltp/2018-January/007025.html --- runtest/ima | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)