Skip to content

Commit db8201a

Browse files
gnoackl0kod
gnoack
authored and
l0kod
committed
selftests/landlock: Replace access_fs_16 with ACCESS_ALL in fs_test
The access_fs_16 variable was originally intended to stay frozen at 16 access rights so that audit tests would not need updating when new access rights are added. Now that we have 17 access rights, the name is confusing. Replace all uses of access_fs_16 with ACCESS_ALL and delete the variable. Suggested-by: Mickaël Salaün <mic@digikod.net> Signed-off-by: Günther Noack <gnoack3000@gmail.com> Link: https://lore.kernel.org/r/20260327164838.38231-8-gnoack3000@gmail.com Signed-off-by: Mickaël Salaün <mic@digikod.net>
1 parent a92cb5d commit db8201a

1 file changed

Lines changed: 17 additions & 37 deletions

File tree

tools/testing/selftests/landlock/fs_test.c

Lines changed: 17 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -7161,26 +7161,6 @@ TEST_F(audit_layout1, execute_make)
71617161
* only the blocked ones are logged.
71627162
*/
71637163

7164-
/* clang-format off */
7165-
static const __u64 access_fs_16 =
7166-
LANDLOCK_ACCESS_FS_EXECUTE |
7167-
LANDLOCK_ACCESS_FS_WRITE_FILE |
7168-
LANDLOCK_ACCESS_FS_READ_FILE |
7169-
LANDLOCK_ACCESS_FS_READ_DIR |
7170-
LANDLOCK_ACCESS_FS_REMOVE_DIR |
7171-
LANDLOCK_ACCESS_FS_REMOVE_FILE |
7172-
LANDLOCK_ACCESS_FS_MAKE_CHAR |
7173-
LANDLOCK_ACCESS_FS_MAKE_DIR |
7174-
LANDLOCK_ACCESS_FS_MAKE_REG |
7175-
LANDLOCK_ACCESS_FS_MAKE_SOCK |
7176-
LANDLOCK_ACCESS_FS_MAKE_FIFO |
7177-
LANDLOCK_ACCESS_FS_MAKE_BLOCK |
7178-
LANDLOCK_ACCESS_FS_MAKE_SYM |
7179-
LANDLOCK_ACCESS_FS_REFER |
7180-
LANDLOCK_ACCESS_FS_TRUNCATE |
7181-
LANDLOCK_ACCESS_FS_IOCTL_DEV;
7182-
/* clang-format on */
7183-
71847164
TEST_F(audit_layout1, execute_read)
71857165
{
71867166
struct audit_records records;
@@ -7190,7 +7170,7 @@ TEST_F(audit_layout1, execute_read)
71907170
test_check_exec(_metadata, 0, file1_s1d1);
71917171

71927172
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7193-
.handled_access_fs = access_fs_16,
7173+
.handled_access_fs = ACCESS_ALL,
71947174
});
71957175

71967176
/*
@@ -7214,7 +7194,7 @@ TEST_F(audit_layout1, write_file)
72147194
struct audit_records records;
72157195

72167196
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7217-
.handled_access_fs = access_fs_16,
7197+
.handled_access_fs = ACCESS_ALL,
72187198
});
72197199

72207200
EXPECT_EQ(EACCES, test_open(file1_s1d1, O_WRONLY));
@@ -7231,7 +7211,7 @@ TEST_F(audit_layout1, read_file)
72317211
struct audit_records records;
72327212

72337213
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7234-
.handled_access_fs = access_fs_16,
7214+
.handled_access_fs = ACCESS_ALL,
72357215
});
72367216

72377217
EXPECT_EQ(EACCES, test_open(file1_s1d1, O_RDONLY));
@@ -7248,7 +7228,7 @@ TEST_F(audit_layout1, read_dir)
72487228
struct audit_records records;
72497229

72507230
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7251-
.handled_access_fs = access_fs_16,
7231+
.handled_access_fs = ACCESS_ALL,
72527232
});
72537233

72547234
EXPECT_EQ(EACCES, test_open(dir_s1d1, O_DIRECTORY));
@@ -7268,7 +7248,7 @@ TEST_F(audit_layout1, remove_dir)
72687248
EXPECT_EQ(0, unlink(file2_s1d3));
72697249

72707250
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7271-
.handled_access_fs = access_fs_16,
7251+
.handled_access_fs = ACCESS_ALL,
72727252
});
72737253

72747254
EXPECT_EQ(-1, rmdir(dir_s1d3));
@@ -7291,7 +7271,7 @@ TEST_F(audit_layout1, remove_file)
72917271
struct audit_records records;
72927272

72937273
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7294-
.handled_access_fs = access_fs_16,
7274+
.handled_access_fs = ACCESS_ALL,
72957275
});
72967276

72977277
EXPECT_EQ(-1, unlink(file1_s1d3));
@@ -7311,7 +7291,7 @@ TEST_F(audit_layout1, make_char)
73117291
EXPECT_EQ(0, unlink(file1_s1d3));
73127292

73137293
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7314-
.handled_access_fs = access_fs_16,
7294+
.handled_access_fs = ACCESS_ALL,
73157295
});
73167296

73177297
EXPECT_EQ(-1, mknod(file1_s1d3, S_IFCHR | 0644, 0));
@@ -7331,7 +7311,7 @@ TEST_F(audit_layout1, make_dir)
73317311
EXPECT_EQ(0, unlink(file1_s1d3));
73327312

73337313
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7334-
.handled_access_fs = access_fs_16,
7314+
.handled_access_fs = ACCESS_ALL,
73357315
});
73367316

73377317
EXPECT_EQ(-1, mkdir(file1_s1d3, 0755));
@@ -7351,7 +7331,7 @@ TEST_F(audit_layout1, make_reg)
73517331
EXPECT_EQ(0, unlink(file1_s1d3));
73527332

73537333
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7354-
.handled_access_fs = access_fs_16,
7334+
.handled_access_fs = ACCESS_ALL,
73557335
});
73567336

73577337
EXPECT_EQ(-1, mknod(file1_s1d3, S_IFREG | 0644, 0));
@@ -7371,7 +7351,7 @@ TEST_F(audit_layout1, make_sock)
73717351
EXPECT_EQ(0, unlink(file1_s1d3));
73727352

73737353
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7374-
.handled_access_fs = access_fs_16,
7354+
.handled_access_fs = ACCESS_ALL,
73757355
});
73767356

73777357
EXPECT_EQ(-1, mknod(file1_s1d3, S_IFSOCK | 0644, 0));
@@ -7391,7 +7371,7 @@ TEST_F(audit_layout1, make_fifo)
73917371
EXPECT_EQ(0, unlink(file1_s1d3));
73927372

73937373
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7394-
.handled_access_fs = access_fs_16,
7374+
.handled_access_fs = ACCESS_ALL,
73957375
});
73967376

73977377
EXPECT_EQ(-1, mknod(file1_s1d3, S_IFIFO | 0644, 0));
@@ -7411,7 +7391,7 @@ TEST_F(audit_layout1, make_block)
74117391
EXPECT_EQ(0, unlink(file1_s1d3));
74127392

74137393
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7414-
.handled_access_fs = access_fs_16,
7394+
.handled_access_fs = ACCESS_ALL,
74157395
});
74167396

74177397
EXPECT_EQ(-1, mknod(file1_s1d3, S_IFBLK | 0644, 0));
@@ -7431,7 +7411,7 @@ TEST_F(audit_layout1, make_sym)
74317411
EXPECT_EQ(0, unlink(file1_s1d3));
74327412

74337413
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7434-
.handled_access_fs = access_fs_16,
7414+
.handled_access_fs = ACCESS_ALL,
74357415
});
74367416

74377417
EXPECT_EQ(-1, symlink("target", file1_s1d3));
@@ -7501,7 +7481,7 @@ TEST_F(audit_layout1, refer_rename)
75017481
EXPECT_EQ(0, unlink(file1_s1d3));
75027482

75037483
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7504-
.handled_access_fs = access_fs_16,
7484+
.handled_access_fs = ACCESS_ALL,
75057485
});
75067486

75077487
EXPECT_EQ(EACCES, test_rename(file1_s1d2, file1_s2d3));
@@ -7523,7 +7503,7 @@ TEST_F(audit_layout1, refer_exchange)
75237503
EXPECT_EQ(0, unlink(file1_s1d3));
75247504

75257505
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7526-
.handled_access_fs = access_fs_16,
7506+
.handled_access_fs = ACCESS_ALL,
75277507
});
75287508

75297509
/*
@@ -7586,7 +7566,7 @@ TEST_F(audit_layout1, truncate)
75867566
struct audit_records records;
75877567

75887568
drop_access_rights(_metadata, &(struct landlock_ruleset_attr){
7589-
.handled_access_fs = access_fs_16,
7569+
.handled_access_fs = ACCESS_ALL,
75907570
});
75917571

75927572
EXPECT_EQ(-1, truncate(file1_s1d3, 0));
@@ -7607,7 +7587,7 @@ TEST_F(audit_layout1, ioctl_dev)
76077587
drop_access_rights(_metadata,
76087588
&(struct landlock_ruleset_attr){
76097589
.handled_access_fs =
7610-
access_fs_16 &
7590+
ACCESS_ALL &
76117591
~LANDLOCK_ACCESS_FS_READ_FILE,
76127592
});
76137593

0 commit comments

Comments
 (0)