• Mickaël Salaün's avatar
    landlock: Add support for KUnit tests · b4007fd2
    Mickaël Salaün authored
    Add the SECURITY_LANDLOCK_KUNIT_TEST option to enable KUnit tests for
    Landlock.  The minimal required configuration is listed in the
    security/landlock/.kunitconfig file.
    
    Add an initial landlock_fs KUnit test suite with 7 test cases for
    filesystem helpers.  These are related to the LANDLOCK_ACCESS_FS_REFER
    right.
    
    There is one KUnit test case per:
    * mutated state (e.g. test_scope_to_request_*) or,
    * shared state between tests (e.g. test_is_eaccess_*).
    
    Add macros to improve readability of tests (i.e. one per line).  Test
    cases are collocated with the tested functions to help maintenance and
    improve documentation.  This is why SECURITY_LANDLOCK_KUNIT_TEST cannot
    be set as module.
    
    This is a nice complement to Landlock's user space kselftests.  We
    expect new Landlock features to come with KUnit tests as well.
    
    Thanks to UML support, we can run all KUnit tests for Landlock with:
    ./tools/testing/kunit/kunit.py run --kunitconfig security/landlock
    
    [00:00:00] ======================= landlock_fs  =======================
    [00:00:00] [PASSED] test_no_more_access
    [00:00:00] [PASSED] test_scope_to_request_with_exec_none
    [00:00:00] [PASSED] test_scope_to_request_with_exec_some
    [00:00:00] [PASSED] test_scope_to_request_without_access
    [00:00:00] [PASSED] test_is_eacces_with_none
    [00:00:00] [PASSED] test_is_eacces_with_refer
    [00:00:00] [PASSED] test_is_eacces_with_write
    [00:00:00] =================== [PASSED] landlock_fs ===================
    [00:00:00] ============================================================
    [00:00:00] Testing complete. Ran 7 tests: passed: 7
    
    Cc: Konstantin Meskhidze <konstantin.meskhidze@huawei.com>
    Reviewed-by: default avatarGünther Noack <gnoack@google.com>
    Link: https://lore.kernel.org/r/20240118113632.1948478-1-mic@digikod.netSigned-off-by: default avatarMickaël Salaün <mic@digikod.net>
    b4007fd2
common.h 464 Bytes