James Takahashi | 1 Jul 23:17 2008
Picon

Re: caught signal 15

On Thu, 26 Jun 2008 00:55, ltp-list-request@... wrote:
> Date: Thu, 26 Jun 2008 13:00:12 +0530
> From: Subrata Modak <subrata@...>
> Subject: Re: [LTP] Test cases  randomly failed with "caught signal 15,
> 	not	SIGSEGV"
> To: roylee@...
> Cc: ltp-list@...
> Message-ID: <1214465423.5575.11.camel@...>
> Content-Type: text/plain; charset=utf-8
> 
> On Thu, 2008-06-26 at 11:19 +0800, roylee@... wrote:
> > Hi,
> > 
> > We casually encountered some test cases failed randomly with 
> > 
> >   ?caught signal 15, not SIGSEGV?.
> > 
> > We found that signal 15 came from PAN, but haven?t found the root
> > cause.
> > 
> > Anyone here has similar problems?
> 
> No Roy. I have not encountered any such problem till now. Please check
> out the May 2008 LTP release run on i386, x86_64, ia64, ppc64 and s390x.
> They all have passed properly on those architectures:
> 
FYI, I've also intermittently been seeing this anomaly with the April
2008 release with setrlimit.

-------------------------------------------------------------------------
(Continue reading)

Luca Recchia | 1 Jul 20:03 2008
Picon

Re: New LTP test feature [Hard Real Time Linux Testing]

Dear All,

just some details about our test.

    We're actually dealing with Hard Real-Time problems (on x86) and we need a way
to measure latencies in the IRQ handling kernel flow-paths.
We do not only need to measure the global (from the rise of an interrupt to its
complete management) IRQ handling latency, but also the intermediate
(inter-function) latency values.

Our main objective is to evaluate Hard Real-Time feautures like predictability
and time latency of IRQ response and IRQ management flow.


    The kernel patch and the modules we have developed are in this direction. The
patch allows us to measure (with little overhead) the execution times
between the main functions of the IRQ management flow. The modules read the
values we measure and place them into proc fs (in a more readable manner).

    All time-values that are taken in the test are measured by reading the TSC
register. Both the user space task and the kernel IRQ management flow-path should
be bound on one processor, so to avoid discrepancies between different TSC reads
on different CPUs.


    The test is composed by a user space application which is waiting (with a
blocking read on /dev/rtc) for RTC interrupts. We re-program the RTC device to
launch interrupts at fixed frequency.

    First fo all the user space test application set the real time priority and
the real time policy SCHED_FIFO of the user task, then re-program the RTC device
to launch interrupts at fixed frequency, and go to sleep waiting for RTC interrupt.

Immediately after being woke up, the user space test application performs a TSC read,
which constitutes the final measure of the IRQ management flow. Furthermore this read
helps in telling kernel test latencies from spurious kernel inter-function latencies
that may occur before the beginning of the test.
When the test is over the user apllication print the TSC values on the console.

    The patch we introduce in the kernel is able to record up to SAMPLES samples
of inter-function latencies throughout the kernel path activated by RTC
interrupt management flow-path.

When the test is over, it is possible to read the inter-function latencies
(sampled in the kernel) through the proc fs, using "delta_read_irq"
and "irq_latencies_tsc" modules.

    The "delta_read_irq" module is used to read the inter-function latencies values
as the max, min, and total TSC cycles elapsed during the measured intervals.

    With the "irq_latencies_tsc" module it is possible to read the TSC values taken
inside IRQ flow-path functions.
By comparing these values with those obtained in the user space application, one
can evaluate the whole latencies in the IRQ management flow (from the arrival
of an hardware interrupt to the system, to the beginning of the test application).

    From the analisys of these results we can estimate the worst-case latency and
the periodic jitter of an interrupt management flow-path.
We are also able to evaluate the required (re)scheduling effort and inter-function
latencies.

The execution-jitter of the kernel paths we analyze is our measure to evaluate the
predictability of "end-to-end" IRQ management (from the arrival of an  hardware interrupt
to the system, to the beginning of the test application).

The measured jitter is the standard deviation of the sampled latencies,
relatively to their mean.

    At the moment, we make use of a spreadsheet to evaluate std.deviation, worst,
best and average inter-function and end-to-end latencies. We build these results
using 1000 sampled latency values (these values are obtained through the module
"irq_latencies_tsc" and through the user space application).

It is important to note that the samples we measure in the kernel are in clock cycle
unit and we have to transform them into time unit. The resolution of the measure
heavily depends on the CPU frequency and on the time spent in reading the TSC.
We have estimate for our measure a base definition of 10 ns.

    The test is not yet automated, and doesn't respect LTP's
requirement. At the moment it is just a quite usable tool that is being mainly use
as a base comparison between Vanilla kernel and RT kernel project
(http://www.eu.kernel.org/pub/linux/kernel/projects/rt/).


Regards,

Luca Recchia



2008/6/16 Darren Hart <dvhltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>:
On Tue, 2008-06-17 at 01:50 +0530, Subrata Modak wrote:
> On Mon, 2008-06-16 at 10:29 +0200, Christian Di Biagio wrote:
> > Dear,
> >
> > I would suggest you our contribution on Hard Real Time Linux testing.
> > Luca and me are  working in collaboration with the University of  Rome
> > "Sapienza"   developing  a complete RT Test suite. It is built through
> > a kernel patch and a user space application (like LTP) on x86 arch.
> > Test is simple:  the RTC send periodic interrupts to the user
> > application,  which previously  has set-up the  environment (RTC
> > frequency,  priority, scheduling policy, etc.). During testing the
> > kernel patch (2.6.23.14) writes  measures on the /proc fs. Actually,
> > we trace the whole IRQ chain.
> >
> >
> > We would be very pleased to participate to your project giving you our
> > open source code.

Hi Christian.

In addition to answering Subrata's questions below, please provide a URL
so that we can take a look at the testcase and kernel patch you are
proposing for inclusion in ltp/realtime.

Subrata, is there any precedent for including tests that require a
custom kernel patch to run?

o is the patch out of tree?
o how will the patch be maintained?
o can the same tracing not be accomplished with existing mechanisms?
i.e. ftrace?

Regards,

Darren Hart

> >
> > Please, let us know your feelings.
>
> Hi Christian,
>
> Thanks for considering LTP to contribute your test code for Hard Real
> Time Linux Testing. But, i would like to point out that we already have
> a very active community consisting of IBM, BULL, PENGUTRONIX and others,
> who are contributing to the growing development of Real Time Linux
> Testcases. Can you please have a look at the code that they have
> developed so far at:
>
> http://ltp.cvs.sourceforge.net/ltp/ltp/testcases/realtime/,
>
> I am looping in those developers and you, so that we can discuss
> further. We would like to know how does your tests differ from the one
> existing above, what and how would you like to tests, how would you like
> to interpret the results, what settings you would need to run those
> tests. Basically, what i would be interested to know is how much your
> tests will add value to LTP and the Linux community in particular.
>
> Darren/Chirag/Sebastein,
>
> Can we initiate a discussion with Christian and lucas and try to
> understand their tests that they plan to contribute. If all of you agree
> after that, we can find a suitable place in LTP to integrate their
> tests.
>
> Regards--
> Subrata
>
> >
> > Regards
> >
> > Christian
>


Attachment (test_irq.tar.bz2): application/x-bzip2, 32 KiB
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
Ltp-list mailing list
Ltp-list@...
https://lists.sourceforge.net/lists/listinfo/ltp-list
Luca Recchia | 1 Jul 20:14 2008
Picon

Re: New LTP test feature [Hard Real Time Linux Testing]

Dear All,

just some details about our test.

    We're actually dealing with Hard Real-Time problems (on x86) and we need a way
to measure latencies in the IRQ handling kernel flow-paths.
We do not only need to measure the global (from the rise of an interrupt to its
complete management) IRQ handling latency, but also the intermediate
(inter-function) latency values.

Our main objective is to evaluate Hard Real-Time feautures like predictability
and time latency of IRQ response and IRQ management flow.


    The kernel patch and the modules we have developed are in this direction. The
patch allows us to measure (with little overhead) the execution times
between the main functions of the IRQ management flow. The modules read the
values we measure and place them into proc fs (in a more readable manner).

    All time-values that are taken in the test are measured by reading the TSC
register. Both the user space task and the kernel IRQ management flow-path should
be bound on one processor, so to avoid discrepancies between different TSC reads
on different CPUs.


    The test is composed by a user space application which is waiting (with a
blocking read on /dev/rtc) for RTC interrupts. We re-program the RTC device to
launch interrupts at fixed frequency.

    First fo all the user space test application set the real time priority and
the real time policy SCHED_FIFO of the user task, then re-program the RTC device
to launch interrupts at fixed frequency, and go to sleep waiting for RTC interrupt.

Immediately after being woke up, the user space test application performs a TSC read,
which constitutes the final measure of the IRQ management flow. Furthermore this read
helps in telling kernel test latencies from spurious kernel inter-function latencies
that may occur before the beginning of the test.
When the test is over the user apllication print the TSC values on the console.

    The patch we introduce in the kernel is able to record up to SAMPLES samples
of inter-function latencies throughout the kernel path activated by RTC
interrupt management flow-path.

When the test is over, it is possible to read the inter-function latencies
(sampled in the kernel) through the proc fs, using "delta_read_irq"
and "irq_latencies_tsc" modules.

    The "delta_read_irq" module is used to read the inter-function latencies values
as the max, min, and total TSC cycles elapsed during the measured intervals.

    With the "irq_latencies_tsc" module it is possible to read the TSC values taken
inside IRQ flow-path functions.
By comparing these values with those obtained in the user space application, one
can evaluate the whole latencies in the IRQ management flow (from the arrival
of an hardware interrupt to the system, to the beginning of the test application).

    From the analisys of these results we can estimate the worst-case latency and
the periodic jitter of an interrupt management flow-path.
We are also able to evaluate the required (re)scheduling effort and inter-function
latencies.

The execution-jitter of the kernel paths we analyze is our measure to evaluate the
predictability of "end-to-end" IRQ management (from the arrival of an  hardware interrupt
to the system, to the beginning of the test application).

The measured jitter is the standard deviation of the sampled latencies,
relatively to their mean.

    At the moment, we make use of a spreadsheet to evaluate std.deviation, worst,
best and average inter-function and end-to-end latencies. We build these results
using 1000 sampled latency values (these values are obtained through the module
"irq_latencies_tsc" and through the user space application).

It is important to note that the samples we measure in the kernel are in clock cycle
unit and we have to transform them into time unit. The resolution of the measure
heavily depends on the CPU frequency and on the time spent in reading the TSC.
We have estimate for our measure a base definition of 10 ns.

    The test is not yet automated, and doesn't respect LTP's
requirement. At the moment it is just a quite usable tool that is being mainly use
as a base comparison between Vanilla kernel and RT kernel project
(http://www.eu.kernel.org/pub/linux/kernel/projects/rt/).



Regards,

Luca Recchia

2008/6/25 Subrata Modak <subrata-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>:
On Thu, 2008-06-19 at 11:42 +0200, Christian Di Biagio wrote:
> Luca is going to asnwer to your questions providing a web space for
> code sharing.
>
> I encourage also a contribution of Andrea Bastoni, a PhD of the Prof.
> D. P. Bovet (University of Rome Tor Vergata) on the matter.

Christian/Lucas,

Are we ready to move ahead with more information on this proposal ?

Regards--
Subrata

>
> Regards
>
> C.
>
>
>
> 2008/6/16 Subrata Modak <subrata-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>:
>         On Mon, 2008-06-16 at 10:29 +0200, Christian Di Biagio wrote:
>         > Dear,
>         >
>         > I would suggest you our contribution on Hard Real Time Linux
>         testing.
>         > Luca and me are  working in collaboration with the
>         University of  Rome
>         > "Sapienza"   developing  a complete RT Test suite. It is
>         built through
>         > a kernel patch and a user space application (like LTP) on
>         x86 arch.
>         > Test is simple:  the RTC send periodic interrupts to the
>         user
>         > application,  which previously  has set-up the  environment
>         (RTC
>         > frequency,  priority, scheduling policy, etc.). During
>         testing the
>         > kernel patch (2.6.23.14) writes  measures on the /proc fs.
>         Actually,
>         > we trace the whole IRQ chain.
>         >
>         >
>         > We would be very pleased to participate to your project
>         giving you our
>         > open source code.
>         >
>         > Please, let us know your feelings.
>
>         Hi Christian,
>
>         Thanks for considering LTP to contribute your test code for
>         Hard Real
>         Time Linux Testing. But, i would like to point out that we
>         already have
>         a very active community consisting of IBM, BULL, PENGUTRONIX
>         and others,
>         who are contributing to the growing development of Real Time
>         Linux
>         Testcases. Can you please have a look at the code that they
>         have
>         developed so far at:
>
>         http://ltp.cvs.sourceforge.net/ltp/ltp/testcases/realtime/,
>
>         I am looping in those developers and you, so that we can
>         discuss
>         further. We would like to know how does your tests differ from
>         the one
>         existing above, what and how would you like to tests, how
>         would you like
>         to interpret the results, what settings you would need to run
>         those
>         tests. Basically, what i would be interested to know is how
>         much your
>         tests will add value to LTP and the Linux community in
>         particular.
>
>         Darren/Chirag/Sebastein,
>
>         Can we initiate a discussion with Christian and lucas and try
>         to
>         understand their tests that they plan to contribute. If all of
>         you agree
>         after that, we can find a suitable place in LTP to integrate
>         their
>         tests.
>
>         Regards--
>         Subrata
>
>         >
>         > Regards
>         >
>         > Christian
>
>


Attachment (test_irq.tar.bz2): application/x-bzip2, 11 KiB
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
Ltp-list mailing list
Ltp-list@...
https://lists.sourceforge.net/lists/listinfo/ltp-list
Mimi Zohar | 1 Jul 21:02 2008
Picon

[RFC] LTP IMA patch

This LTP patch tests the LIM/IMA functionality.

Signed-off-by: Mimi Zohar <zohar@...>
---
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/README
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/README
 <at>  <at>  -0,0 +1,50  <at>  <at> 
+These testcases test the Integrity Measurement Architecture(IMA).
+
+Requirements
+------------
+In order for all of the tests in the testsuite to complete successfully:
+	- A kernel with Linux Integrity Module(LIM), IMA, KALLSYMS,
+	  TPM support and TPM driver builtin is required.
+	- The testsuite must be executed with root priveleges so that it
+	  can access securityfs files, such as: security/ima/policy and
+	  security/ima/ascii_runtime_measurement.
+	- securityfs must be mounted.  The tests assume that it is mounted
+	  as /sys/kernel/security.
+	- For the re-measurement test, the filesystem, from where these
+	  testcases are run, must be mounted with i_version.
+
+Dependency
+----------
+The testsuite is dependent on the default policy being enabled, which
+measures all executables, all files mmapped for execute and all files
+open for read. Once the default policy has been replaced, the IMA
+measurement and re-measurement tests will fail, as well as the test to
+load a new policy. (A measurement policy may only be loaded once per
+boot.)
+
+Running the Testsuite
+---------------------
+From the ../ltp-base-≤version>/testcases/kernel/security/integrity/ima
+directory, as root compile the IMA testsuite tools, by executing make.  To
+run the testsuite, from the same directory, on the command line execute:
+	sh ./ima_test.sh.
+
+The testsuite results are sent to standard output for viewing.
+
+Running Individual Testcases
+----------------------------
+Individual testcases may be run by executing shell scripts found in
+the ../ltp-base-≤version>/testcases/kernel/security/integrity/ima subdirecties.
+However, understanding the results of the individual testcases is
+dependent on the execution context.  For example, executing
+load_policy.sh should return zero the first time it is executed, but
+subsequently, should return a non-zero value. Both are valid values,
+depending on the execution context. The same is true for measuring
+and re-measuring a file.  Before the test measure policy is loaded,
+the measure and re-measure scripts should return zero.
+
+System State after running the Testsuite
+----------------------------------------
+After running the testsuite, the system is running with the test
+measurement policy.  A reboot is required to install a different
+integrity measurement policy.
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/Makefile
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/Makefile
 <at>  <at>  -0,0 +1,13  <at>  <at> 
+SUBDIRS = tpm kmem tools
+
+all:
+	 <at> set -e; for i in $(SUBDIRS); do $(MAKE) -C $$i ; done
+
+install:
+	 <at> set -e; for i in $(SUBDIRS); do $(MAKE) -C $$i install ; done
+
+clean:
+	 <at> set -e; for i in $(SUBDIRS); do $(MAKE) -C $$i clean ; done
+	rm -rf tmp
+	rm -rf measure/tmp
+
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/ima_test.sh
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/ima_test.sh
 <at>  <at>  -0,0 +1,135  <at>  <at> 
+#!/bin/bash
+# Copyright (C) 2008 IBM Corporation
+# Author: Mimi Zohar <zohar@...>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation, version 2 of the
+# License.
+
+# The default policy on boot measures all executables, all
+# mmapped executable files, and all files open for read.
+#
+# test 0: verify running as root.
+# test 1: verify TPM is enabled.
+# test 2: verify creating and reading a new file causes a new
+# 	  measurement to be added to the IMA measurement list.
+# test 3: verify modifying and reading the new file causes a new
+# 	  measurement to be added to the IMA measurement list.
+# test 4: verify ability to load a new measurement policy
+# test 5: verify new policy does not add a measurement to the
+#	  IMA measurement list for files open for read.
+# test 6: verify inability to load subsequent measurement policy.
+# test 7: verify template hash value for ima entry is correct.
+# test 8: verify ima calculated aggregate pcr value or matches actual pcr value.
+# test 9: verify kmem-template hash
+
+# test 0:
+id=`id -u`
+if [ $id -eq 0 ]; then
+	echo "test 0: success - running as root "
+else
+	echo "test 0: failed - must be running as root"
+	exit 1
+fi
+
+# test 1:
+PCRS_PATH=`find /sys/devices/ | grep pcrs`
+if [ $? -eq 0 ]; then
+	if [ ! -f $PCRS_PATH ]; then
+		echo "test 1: failed - TPM not enabled"
+		echo "(Assuming securityfs is mounted as /sys.)"
+	else
+		echo "test 1: succeeded - TPM enabled"
+	fi
+else
+	echo "test 1: failed - TPM not enabled"
+	echo "(Assuming securityfs is mounted as /sys.)"
+fi
+
+# test 2:
+chmod a+x ./measure/read_measure.sh
+./measure/read_measure.sh
+if [ $? -eq 0 ]; then
+	echo "test 2: success - file measured"
+else
+	echo "test 2: failed - file not measured"
+fi
+
+# test 3:
+chmod a+x ./measure/re-measure.sh
+./measure/re-measure.sh
+if [ $? -eq 0 ]; then
+	echo "test 3: success - modified file measured"
+else
+	echo "test 3: failed - modified file not measured. "
+	echo "(Make sure filesystem is mounted with iversion.)"
+fi
+
+# test 4:
+cd loadpolicy
+chmod a+x ./load_policy.sh
+./load_policy.sh
+if [ $? -eq 0 ]; then
+	echo "test 4: success - loaded policy"
+else
+	echo "test 4: failed - loading policy(permitted once per boot)"
+	echo "(Assuming securityfs is mounted as /sys/kernel/security.)"
+fi
+
+# test 5:
+cd ../measure
+# make sure that date has changed for measurement test
+sleep 1
+./read_measure.sh
+if [ $? -eq 0 ]; then
+	echo "test 5: failed - shouldn't have measured the file"
+	echo "(Verify loaded correct ima measurement policy.)"
+else
+	echo "test 5: succeeded - didn't measure the file"
+fi
+
+# test 6:
+cd ../loadpolicy
+./load_policy.sh
+if [ $? -eq 0 ]; then
+	echo "test 6: failed - shouldn't have loaded a policy"
+else
+	echo "test 6: succeeded - didn't load a policy"
+fi
+
+# test 7:
+cd ../tpm
+chmod a+x ./ima_measure
+./ima_measure --validate > /dev/null
+if [ $? -eq 0 ]; then
+	echo "test 7: succeeded - verified ima template hash values."
+else
+	echo "test 7: failed - errors in verifying ima template hash values."
+fi
+
+# test 8:
+aggregate_pcr=`./ima_measure --validate` > /dev/null
+cat $PCRS_PATH | while read line ; do
+	if [ "${line:0:6}" == "PCR-10" ] ; then
+		if [ "${line:8:67}" == "${aggregate_pcr:0:59}" ] ; then
+			echo "test 8: succeeded - aggregate pcr value"\
+				"matches real pcr value."
+		else
+			echo "test 8: failed - aggregate pcr value does"\
+				"not match real pcr value."
+			echo 'aggregate_pcr: ' $aggregate_pcr
+			echo 'real pcr: ' $line
+		fi
+	fi
+done
+
+# test 9:
+cd ../kmem
+chmod a+x ./kmem-test.sh
+./kmem-test.sh
+if [ $? -eq 0 ]; then
+	echo "test 9: succeeded - verified kmem template measurement"
+else
+	echo "test 9: failed - kmem template measurement "
+fi
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/loadpolicy/load_policy.sh
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/loadpolicy/load_policy.sh
 <at>  <at>  -0,0 +1,44  <at>  <at> 
+#!/bin/bash
+
+# Copyright (C) 2008 IBM Corporation
+# Author: Mimi Zohar <zohar@...>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation, version 2 of the
+# License.
+
+# Load a policy into security/ima/policy by opening the file,
+# writing the rules one at a time and then closing the file.
+# The new policy takes effect after the security/ima/policy
+# is closed.
+
+# depends on where securityfs is mounted
+IMA_POLICY=/sys/kernel/security/ima/policy
+
+# LSM specific policy
+LSM_POLICY=./measure.selinux
+#LSM_POLICY=./measure.smack
+
+if [ ! -f $LSM_POLICY ]; then
+	echo "        LSM specific policy does not exist"
+	exit -1
+fi
+
+if [ ! -f $IMA_POLICY ]; then
+	echo "        security/ima/policy does not exist"
+	exit -1
+fi
+
+exec 4>$IMA_POLICY
+if [ $? != 0 ]; then
+	echo "        open failed: security/ima/policy"
+	exit -1
+else
+	cat $LSM_POLICY | while read line ; do
+		if [ "${line:0:1}" != "#" ] ; then
+			echo $line >&4
+		fi
+	done
+	echo "        security/ima/policy updated"
+fi
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/loadpolicy/measure.selinux
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/loadpolicy/measure.selinux
 <at>  <at>  -0,0 +1,18  <at>  <at> 
+#
+# Integrity measure policy
+#
+# PROC_SUPER_MAGIC
+dont_measure fsmagic=0x9fa0
+# SYSFS_MAGIC
+dont_measure fsmagic=0x62656572
+# DEBUGFS_MAGIC
+dont_measure fsmagic=0x64626720
+# TMPFS_MAGIC
+dont_measure fsmagic=0x01021994
+# SECURITYFS_MAGIC
+dont_measure fsmagic=0x73636673
+measure func=BPRM_CHECK
+measure func=FILE_MMAP mask=MAY_EXEC
+#measure subj=system_u func=INODE_PERMISSION mask=MAY_READ
+measure obj=user_u func=INODE_PERMISSION mask=MAY_READ
+#measure func=INODE_PERMISSION mask=MAY_READ
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/measure/re-measure.sh
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/measure/re-measure.sh
 <at>  <at>  -0,0 +1,29  <at>  <at> 
+#!/bin/bash
+
+# Copyright (C) 2008 IBM Corporation
+# Author: Mimi Zohar <zohar@...>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation, version 2 of the
+# License.
+
+# Create and read a file
+# Check if the file was measured (i.e. contained in the ascii measurement list.)
+
+mkdir -p tmp
+echo `date` '- modifying file causes hash to change' >> tmp/test.txt
+cat tmp/test.txt > /dev/null
+cat /sys/kernel/security/ima/ascii_runtime_measurements > tmp/imalog
+
+# calculate and search for sha1sum of tmp/test.txt in tmp/imalog
+hash=`cat tmp/test.txt | sha1sum | sed 's/  -//'`
+echo '        hash: ' $hash
+`grep $hash tmp/imalog > /dev/null`
+if [ $? == 0 ]; then
+	echo "        TPM ascii measurement list contains sha1sum"
+	exit 0
+else
+	echo "        TPM ascii measurement list does not contain sha1sum"
+	exit -1
+fi
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/measure/read_measure.sh
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/measure/read_measure.sh
 <at>  <at>  -0,0 +1,29  <at>  <at> 
+#!/bin/bash
+
+# Copyright (C) 2008 IBM Corporation
+# Author: Mimi Zohar <zohar@...>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation, version 2 of the
+# License.
+
+# Create and read a file
+# Check if the file was measured (i.e. contained in the ascii measurement list.)
+
+mkdir -p tmp
+echo `date` '- changing date causes changing hash value' > tmp/test.txt
+cat tmp/test.txt > /dev/null
+cat /sys/kernel/security/ima/ascii_runtime_measurements > tmp/imalog
+
+# calculate and search for sha1sum of tmp/test.txt in tmp/imalog
+hash=`cat tmp/test.txt | sha1sum | sed 's/  -//'`
+echo '        hash: ' $hash
+`grep $hash tmp/imalog > /dev/null`
+if [ $? == 0 ]; then
+	echo "        TPM ascii measurement list contains sha1sum"
+	exit 0
+else
+	echo "        TPM ascii measurement list does not contain sha1sum"
+	exit -1
+fi
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/tools/Makefile
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/tools/Makefile
 <at>  <at>  -0,0 +1,9  <at>  <at> 
+TARGETS := hex2bin
+
+all: $(TARGETS)
+
+hex2bin: hex2bin.c
+	$(CC) $(CFLAGS) $(LDFLAGS) -o hex2bin hex2bin.c
+
+clean:
+	rm -f hex2bin hex2bin.o
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/tools/hex2bin.c
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/tools/hex2bin.c
 <at>  <at>  -0,0 +1,27  <at>  <at> 
+/*
+ * Copyright (C) 2008 IBM Corporation
+ * Author: Mimi Zohar <zohar@...>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2 of the License.
+ *
+ * hex2bin.c
+ *	- convert a hex string to binary
+ */
+#include <stdio.h>
+#include <stdlib.h>
+
+main()
+{
+	char *line = NULL;
+	ssize_t len, line_len = 0;
+	int h, i = 0;
+
+	len = getline(&line, &line_len, stdin);
+	for (i = 0; i < len; i += 2)  {
+		sscanf(line + i, "%2x", &h);
+		putchar(h);
+	}
+	free(line);
+}
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/tpm/Makefile
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/tpm/Makefile
 <at>  <at>  -0,0 +1,9  <at>  <at> 
+TARGETS := ima_measure
+
+all: $(TARGETS)
+
+ima_measure: ima_measure.c
+	$(CC) $(CFLAGS) $(LDFLAGS) -o ima_measure ima_measure.c -lcrypto
+
+clean:
+	rm -f ima_measure ima_measure.o
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/tpm/ima_measure.c
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/tpm/ima_measure.c
 <at>  <at>  -0,0 +1,261  <at>  <at> 
+/*
+ * Copyright (c) International Business Machines  Corp., 2008
+ *
+ * Authors:
+ * Reiner Sailer <sailer@...>
+ * Mimi Zohar <zohar@...>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * File: ima_measure.c
+ *
+ * Calculate the aggregate-pcr value based on the IMA runtime binary
+ * measurements.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <string.h>
+#include <unistd.h>
+#include <openssl/sha.h>
+
+#define TCG_EVENT_NAME_LEN_MAX	255
+#define MAX_EVENT_SIZE 500
+
+static int failed_count = 0;	/* number of template verifications failed */
+static int verify_template_hash = 1;
+static int verbose = 0;
+static int validate = 0;
+
+#define print_info(format, arg...) \
+	if (verbose) \
+		printf(format, ##arg)
+
+static u_int8_t pcr[SHA_DIGEST_LENGTH];	/* simulates the PCR aggregate */
+static u_int8_t zero[SHA_DIGEST_LENGTH];
+static u_int8_t fox[SHA_DIGEST_LENGTH];
+struct template {
+	u_int32_t pcr;
+	u_int8_t tdigest[SHA_DIGEST_LENGTH];	/* template digest */
+	u_int32_t tlen;				/* template name size */
+};
+
+struct ima_inode_measure_entry {
+        u_int8_t digest[SHA_DIGEST_LENGTH];	/* sha1 measurement hash */
+       	char file_name[TCG_EVENT_NAME_LEN_MAX + 1];	/*name + \0*/
+};
+
+/* print sha1 aggregate over the template measurements */
+static int display_pcr()
+{
+	int i;
+
+	print_info("PCRAggr (re-calculated):");
+	for (i = 0; i < 20; i++)
+		printf("%02X ", pcr[i] & 0xff);
+	print_info(".\n");
+}
+
+static void print_digest(u_int8_t *digest)
+{
+	int i;
+
+	for (i = 0; i < 20; i++)
+		print_info("%02X", (*(digest + i) & 0xff));
+}
+
+/*
+ * Calculate the template hash of an ima entry
+ * and compare it with the actual template hash value.
+ */
+static int verify_ima_tdigest(struct template *tdata,
+			struct ima_inode_measure_entry *ima)
+{
+	int rc;
+	SHA_CTX tmp;
+	u_int8_t digest[SHA_DIGEST_LENGTH];
+
+	/* Calc template hash for an ima entry */
+	SHA1_Init(&tmp);
+	SHA1_Update(&tmp, ima, sizeof *ima);
+	SHA1_Final(digest, &tmp);
+
+	rc = memcmp(digest, tdata->tdigest, sizeof digest);
+	if (rc) {
+		int i;
+
+		print_info("%s: template hash not valid\n", ima->file_name);
+		print_info("\t should be:");
+		print_digest(digest);
+		print_info("\n\t        is:");
+		print_digest(tdata->tdigest);
+		print_info("\n");
+	}
+	return rc;
+}
+
+int process_event(int num, unsigned char *event, int len)
+{
+	int i;
+	char tname[TCG_EVENT_NAME_LEN_MAX + 1];	/* template_name */
+	u_int32_t tname_len;	/* template name length */
+	struct template *tdata;
+
+	tdata = (struct template *)event;
+
+	print_info("%3d %03u %d", num, tdata->pcr, tdata->tlen);
+	if (tdata->tlen > TCG_EVENT_NAME_LEN_MAX) {
+		printf("ERROR: event name too long!\n");
+		exit(1);
+	}
+	memset(tname, 0, TCG_EVENT_NAME_LEN_MAX);
+	memcpy(&tname, &tdata->tlen +1, tdata->tlen);
+	print_digest(tdata->tdigest);
+	print_info(" %s ", (char *)(tname));
+
+	if (strcmp(tname, "boot_aggregate") == 0) {
+		print_info("\n");
+		return (sizeof *tdata + tdata->tlen + 2) /* separator */ ;
+	} else if (strcmp(tname, "ima") == 0) {
+		struct event_data {
+			u_int8_t digest[SHA_DIGEST_LENGTH];
+			int len;		/* file_name length */
+        		char file_name[TCG_EVENT_NAME_LEN_MAX + 1];/*name + \0*/
+		} *data;
+
+		data = (struct event_data *)((void *)tdata
+				+ sizeof *tdata + tdata->tlen);
+		print_digest(data->digest);
+		data->file_name[data->len] = 0x00;
+		print_info(" %s\n", data->file_name);
+
+		if (validate && (memcmp(fox, tdata->tdigest, sizeof fox) != 0)){
+			struct ima_inode_measure_entry entry;
+
+			memset(&entry, 0, sizeof entry);
+			memcpy(&entry.digest, data->digest, 20);
+			strncpy(entry.file_name, data->file_name, data->len);
+			failed_count += verify_ima_tdigest(tdata, &entry);
+		}
+		return (sizeof *tdata  + tdata->tlen + sizeof data->digest
+				+ data->len + 4); /* null separator */
+	} else if (strcmp(tname, "kmem") == 0) {
+		struct event_data {
+			u_int8_t digest[SHA_DIGEST_LENGTH];
+			int len;		/* file_name length */
+        		char file_name[TCG_EVENT_NAME_LEN_MAX + 1];/*name + \0*/
+		} *data;
+
+		data = (struct event_data *)((void *)tdata
+				+ sizeof *tdata + tdata->tlen);
+		print_digest(data->digest);
+		return (sizeof *tdata  + tdata->tlen + sizeof data->digest
+				+ data->len + 4); /* null separator */
+	}
+}
+
+int simulate_extend_pcr(u_int8_t digest[SHA_DIGEST_LENGTH])
+{
+	SHA_CTX c;
+
+	/* Extend simulated PCR with new template digest */
+	SHA1_Init(&c);
+	SHA1_Update(&c, pcr, SHA_DIGEST_LENGTH);
+	if (validate) {
+		if (memcmp(digest, zero, 20) == 0)
+			memset(digest, 0xFF, 20);
+	}
+	SHA1_Update(&c, digest, 20);
+	SHA1_Final(pcr, &c);
+}
+
+/*
+ * ima_measurements.c - calculate the aggregate-pcr value based on
+ * the IMA runtime binary measurements.
+ *
+ * format: ima_measurement [--validate] [--verify] [--verbose]
+ *
+ * --validate: forces validation of the aggregrate pcr value
+ * 	     for an invalidated PCR. Replace all entries in the
+ * 	     runtime binary measurement list with 0x00 hash values,
+ * 	     which indicate the PCR was invalidated, either for
+ * 	     "a time of measure, time of use"(ToMToU) error, or a
+ *	     file open for read was already open for write, with
+ * 	     0xFF's hash value, when calculating the aggregate
+ *	     pcr value.
+ *
+ * --verify: for all IMA template entries in the runtime binary
+ * 	     measurement list, calculate the template hash value
+ * 	     and compare it with the actual template hash value.
+ *	     Return the number of incorrect hash measurements.
+ *
+ * --verbose: For all entries in the runtime binary measurement
+ *	     list, display the generic template information. In
+ * 	     addition, for IMA and KMEM templates, display template
+ * 	     specific information.
+ *
+ * template info:  list #, PCR-register #, template hash, template name
+ *	IMA info:  IMA hash, filename hint
+ * 	KMEM info: memory hash, reference name
+ *
+ * Ouput: displays the aggregate-pcr value
+ * Return code: if verification enabled, returns number of verification
+ * 		errors.
+ */
+int main(int argc, char *argv[])
+{
+	int i, fd, count = 0, len;
+	unsigned char event[MAX_EVENT_SIZE];
+	SHA_CTX c;
+	int remaining = 0;
+	struct template *tdata;
+
+	memset(pcr, 0, SHA_DIGEST_LENGTH);	/* initial PCR content 0..0 */
+	memset(zero, 0, SHA_DIGEST_LENGTH);
+	memset(fox, 0xff, SHA_DIGEST_LENGTH);
+
+	for (i = 1; i < argc; i++) {
+		if (strncmp(argv[i], "--validate", 5) == 0)
+			validate = 1;
+		if (strncmp(argv[i], "--verbose", 6) == 0)
+			verbose = 1;
+		if (strncmp(argv[i], "--verify", 6) == 0)
+			verify_template_hash = 1;
+	}
+
+
+	fd = open("/sys/kernel/security/ima/binary_runtime_measurements",
+		  O_RDONLY);
+	if (fd < 0) {
+		perror("Unable to open file\n");
+		return 1;
+	}
+	print_info( "### PCR HASH                                  " \
+		 	"TEMPLATE-NAME\n");
+
+	while ((len = read(fd, event + remaining, MAX_EVENT_SIZE - remaining))
+			|| remaining) {
+		if (len < 0) {
+			perror("Error reading from file.\n");
+			break;
+		}
+		len += remaining;
+		tdata = (struct template *)event;
+
+		simulate_extend_pcr(tdata->tdigest);
+		remaining = len - process_event(count++, event, len);
+
+		/* copy rest to buffer start */
+		memcpy(event, event + len - remaining, remaining);
+
+	}
+	close(fd);
+
+	display_pcr();
+	return failed_count;
+}
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/kmem/Makefile
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/kmem/Makefile
 <at>  <at>  -0,0 +1,25  <at>  <at> 
+#
+# Makefile for kernel module
+#
+ifneq ($(KERNELRELEASE),)
+obj-m	+= kmem-template.o
+EXTRA_CFLAGS += -I$(PWD) -O
+
+else
+KDIR		 := /lib/modules/$(shell uname -r)/build
+PWD		 := $(shell pwd)
+
+default:
+		 $(MAKE) -C $(KDIR) M=$(PWD) modules
+endif
+
+
+clean :
+	rm -rf .tmp_versions
+	 <at> find $(KBUILD_EXTMOD) $(RCS_FIND_IGNORE) \
+		\( -name '*.[oas]' -o -name '*.ko' -o -name '.*.cmd' \
+		-o -name '.*.d' -o -name '.*.tmp' -o -name '*.mod.c' \) \
+		-type f -print | xargs rm -f
+
+install:
+
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/kmem/kmem-template.c
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/kmem/kmem-template.c
 <at>  <at>  -0,0 +1,254  <at>  <at> 
+/*
+ * Copyright (C) 2008 IBM Corporation
+ * Author: Mimi Zohar <zohar@...>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2 of the License.
+ *
+ * kmem-template.c
+ * 	- defines a kernel memory template
+ * 	- reads from security/kmem-template "name length address"
+ * 	- collects and stores measurement from address for length bytes
+ *	- security/kmem-template returns last memory read
+ */
+
+#include <asm/uaccess.h>
+#include <linux/module.h>
+#include <linux/moduleparam.h>
+#include <linux/kernel.h>
+#include <linux/fs.h>
+#include <linux/crypto.h>
+#include <linux/scatterlist.h>
+#include <linux/notifier.h>
+#include <linux/security.h>
+#include <linux/debugfs.h>
+#include <linux/seq_file.h>
+#include <linux/string.h>
+#include <linux/proc_fs.h>
+#include <linux/security.h>
+#include <linux/integrity.h>
+#include <linux/ima.h>
+
+#define MY_NAME THIS_MODULE->name
+#define IMA_DIGEST_SIZE		20
+
+static int __init init_kmem_template(void);
+static void __exit cleanup_kmem_template(void);
+
+static unsigned char *lastbuf;
+static int lastbuf_len;
+
+struct kmem_data {
+	char name[25];
+	char *buf;
+	int buflen;
+	u8 digest[IMA_DIGEST_SIZE];
+};
+
+int calc_hash(int buflen, char *buf, char *digest)
+{
+	struct crypto_hash *tfm;
+	struct hash_desc desc;
+	struct scatterlist sg[1];
+	int error, result = 0;
+
+	tfm = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
+	if (IS_ERR(tfm)) {
+		printk(KERN_INFO "%s: failed to load %s transform: %ld\n",
+		       __func__, "sha1", PTR_ERR(tfm));
+		return -ENOSYS;
+	}
+	desc.tfm = tfm;
+	desc.flags = 0;
+	error = crypto_hash_init(&desc);
+	if (error) {
+		result = -EINVAL;
+		goto out;
+	}
+
+	sg_set_buf(sg, buf, buflen);
+	result = crypto_hash_update(&desc, sg, buflen);
+	if (!result) {
+		error = crypto_hash_final(&desc, digest);
+		if (error)
+			result = -EINVAL;
+	}
+
+out:
+	crypto_free_hash(tfm);
+	return result;
+}
+
+static int kmem_collect_measurement(void *d)
+{
+	struct kmem_data *data = (struct kmem_data *)d;
+
+	memset(data->digest, 0, sizeof data->digest);
+	calc_hash(data->buflen, data->buf, data->digest);
+	return 0;
+}
+
+/* Transform local kmem data to store data */
+void kmem_store_measurement(void *d)
+{
+	struct kmem_data *data = (struct kmem_data *)d;
+	struct ima_data idata;
+	struct ima_store_data *template = &idata.data.template;
+
+	idata.type = IMA_TEMPLATE;
+	template->name = "kmem";
+	template->len = sizeof *data;
+	template->data = (char *)data;
+	template->violation = 0;
+	integrity_store_measurement("ima", (void *)&idata);
+	return;
+}
+
+static void kmem_template_show(struct seq_file *m, void *e,
+			       enum integrity_show_type show)
+{
+	struct kmem_data *data = (struct kmem_data *)e;
+	int filename_len;
+	char len[4];
+	int i;
+
+	for (i = 0; i < 20; i++) {
+		switch (show) {
+		case INTEGRITY_SHOW_ASCII:
+			seq_printf(m, "%02x", data->digest[i]);
+			break;
+		case INTEGRITY_SHOW_BINARY:
+			seq_putc(m, data->digest[i]);
+		default:
+			break;
+		}
+	}
+
+	switch (show) {
+	case INTEGRITY_SHOW_ASCII:
+		seq_printf(m, " %s %d \n", data->name, data->buflen);
+		break;
+	case INTEGRITY_SHOW_BINARY:
+		filename_len = strlen(data->name);
+		memcpy(len, &filename_len, 4);
+		for (i = 0; i < 4; i++)
+			seq_putc(m, len[i]);
+		for (i = 0; i < strlen(data->name); i++)
+			seq_putc(m, data->name[i]);
+	default:
+		break;
+	}
+}
+
+static struct template_operations kmem_ops = {
+	.collect_measurement = kmem_collect_measurement,
+	.store_measurement = kmem_store_measurement,
+	.display_template = kmem_template_show
+};
+
+static int kmem_add_measure(char *name, unsigned int buflen, unsigned int addr)
+{
+	struct kmem_data data;
+	int rc;
+
+	strncpy(data.name, name, sizeof data.name);
+	data.buflen = buflen;
+	data.buf = (char *)addr;
+	rc = integrity_collect_measurement("kmem", &data);
+	if (!rc) {
+		integrity_store_measurement("kmem", &data);
+		if (data.buflen > lastbuf_len)
+			kfree(lastbuf);
+		lastbuf = kzalloc(data.buflen, GFP_KERNEL);
+		if (lastbuf) {
+			lastbuf_len = data.buflen;
+			memcpy(lastbuf, data.buf, lastbuf_len);
+		}
+	}
+	return rc;
+}
+
+static ssize_t kmem_write_template(struct file *file, const char __user *buf,
+				   size_t buflen, loff_t *ppos)
+{
+	char *data;
+	char name[26];
+	size_t result = 0, datalen;
+	int rc;
+	unsigned int addr, len;
+
+	datalen = buflen > 256 ? 256 : buflen;
+	data = kzalloc(datalen + 1, GFP_KERNEL);
+	if (!data)
+		result = -ENOMEM;
+
+	if (copy_from_user(data, buf, datalen)) {
+		result = -EFAULT;
+		goto out;
+	}
+	result = datalen;
+
+	rc = sscanf(data, "%25s %d %x ", name, &len, &addr);
+	if (rc == 3)
+		kmem_add_measure(name, len, addr);
+	else {
+		printk(KERN_INFO "kmem: error parsing request."
+		       "(format: name length address)\n");
+		result = -EINVAL;
+	}
+out:
+	if (!data)
+		kfree(data);
+	return result;
+}
+
+static ssize_t kmem_read_template(struct file *filp, char __user *buf,
+				  size_t count, loff_t *ppos)
+{
+	unsigned char *tmp_buf;
+	int len;
+
+	if (!lastbuf)
+		return -EINVAL;
+
+	tmp_buf = kzalloc(2 * lastbuf_len, GFP_KERNEL);
+	if (!tmp_buf)
+		return -ENOMEM;
+
+	for (len = 0; len < lastbuf_len; len++)
+		sprintf((tmp_buf + len + len), "%02x", *(lastbuf + len));
+	return simple_read_from_buffer(buf, count, ppos, tmp_buf, len + len);
+}
+
+const static struct file_operations kmem_template_ops = {
+	.write = kmem_write_template,
+	.read = kmem_read_template
+};
+
+static struct dentry *kmem_template;
+
+static int __init init_kmem_template(void)
+{
+
+	printk(KERN_INFO "%s: \n", __func__);
+	integrity_register_template("kmem", &kmem_ops);
+
+	kmem_template = securityfs_create_file("kmem-template",
+					       S_IRUSR | S_IRGRP | S_IWUSR,
+					       NULL, NULL, &kmem_template_ops);
+	return 0;
+}
+
+static void __exit cleanup_kmem_template(void)
+{
+	printk(KERN_INFO "%s\n", __FUNCTION__);
+	integrity_unregister_template("kmem");
+
+	securityfs_remove(kmem_template);
+}
+
+module_init(init_kmem_template);
+module_exit(cleanup_kmem_template);
+
+MODULE_LICENSE("GPL");
Index: ltp-base-20080531/testcases/kernel/security/integrity/ima/kmem/kmem-test.sh
===================================================================
--- /dev/null
+++ ltp-base-20080531/testcases/kernel/security/integrity/ima/kmem/kmem-test.sh
 <at>  <at>  -0,0 +1,29  <at>  <at> 
+#!/bin/bash
+# Copyright (C) 2008 IBM Corporation
+# Author: Mimi Zohar <zohar@...>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation, version 2 of the
+# License.
+
+# Load kmem-template, if not already loaded
+# Collect and store memory measurement
+# Verify the memory measurement contained in the ascii measurement list.
+
+lsmod | grep kmem_template > /dev/null
+if [ $? != 0 ]; then
+	insmod ./kmem-template.ko
+fi
+
+if [ ! -f /proc/kallsyms ]; then
+	echo 'kernel built without CONFIG_KALLSYMS'
+	exit 1
+fi
+proc_root=`cat /proc/kallsyms | grep 'D proc_root' | sed 's/ .*//'`
+echo 'proc_root 84' $proc_root > /sys/kernel/security/kmem-template
+
+# calculate and search for kmem hash in the ascii measurement list
+hash=`cat /sys/kernel/security/kmem-template | ../tools/hex2bin | sha1sum | sed 's/  -//'`
+`grep $hash /sys/kernel/security/ima/ascii_runtime_measurements > /dev/null`
+exit $?

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
Subrata Modak | 2 Jul 11:49 2008
Picon

Re: [patch 00/11] Updated zfcp patches for 2.6.27

On Wed, 2008-07-02 at 10:56 +0200, Christof Schmitt wrote:
> James,
> 
> this replaces the patch series sent on June 30th. The only changes are
> the string handling while parsing the kernel parameter for the initial
> device and one fix in the erp patch. Patches apply to current
> scsi-misc.
> 

Hi Christof,

Do you have testcases (Automated/Can-be-Automated) for testing this
Device driver? If yes, would you like to contribute the same to LTP
(http://ltp.cvs.sourceforge.net/ltp/ltp/testcases/kernel/device-drivers/)
under GPLv2. I would also request test cases in device drivers category,
which can be a good candidate for contribution.

Recently i have been trying to revive the device drivers tests in LTP,
but still hoping to receive something new from somebody.

Regards--
Subrata

> Christof
> --
> To unsubscribe from this list: send the line "unsubscribe linux-s390" in
> the body of a message to majordomo@...
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
Subrata Modak | 2 Jul 12:03 2008
Picon

Re: [PATCH 1/2] cpusets: restructure the function update_cpumask() and update_nodemask()

Hi Li and Miao,

Do you also have testcases in the CPUSETS area ?

Regards--
Subrata

On Wed, Jul 2, 2008 at 3:24 PM, Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote:
>> kernel/cpuset.c: In function 'cpuset_write_resmask':
>> kernel/cpuset.c:1374: warning: passing argument 2 of 'update_nodemask' discards qualifiers from pointer target type
>>
>> Did you not get this warning also?
>>
>> I don't know how to fix it.  cftype.write_string() requires a const
>> char* in the third arg, but we then go on to call update_nodemask(),
>> which does a strstrip() on this allegedly-const char array.
>>
>
> That strstrip() should be removed. because cgroup_write_string() already strstrip()ed
> the buffer. Paul M's original patch removed that 2 strstrip()s in cpuset.c.
>

Here is the patch:

--- linux-2.6.26-rc7/kernel/cpuset.c.bak        2008-07-02 17:53:07.000000000 +0800
+++ linux-2.6.26-rc7/kernel/cpuset.c    2008-07-02 17:53:23.000000000 +0800
<at> <at> -1011,7 +1011,7 <at> <at> done:
 * lock each such tasks mm->mmap_sem, scan its vma's and rebind
 * their mempolicies to the cpusets new mems_allowed.
 */
-static int update_nodemask(struct cpuset *cs, char *buf)
+static int update_nodemask(struct cpuset *cs, const char *buf)
 {
       struct cpuset trialcs;
       nodemask_t oldmem;
<at> <at> -1032,7 +1032,6 <at> <at> static int update_nodemask(struct cpuset
        * that parsing.  The validate_change() call ensures that cpusets
        * with tasks have memory.
        */
-       buf = strstrip(buf);
       if (!*buf) {
               nodes_clear(trialcs.mems_allowed);
       } else {


>> Taking a copy of the string in update_nodemask() would fix things, but
>> that's pretty lame.
>>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



--
Regards & Thanks--
Subrata
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
Ltp-list mailing list
Ltp-list@...
https://lists.sourceforge.net/lists/listinfo/ltp-list
Subrata Modak | 2 Jul 12:15 2008
Picon

Re: [PATCH] Add btgpio driver

On Tue, Jul 1, 2008 at 6:34 AM, Domenico Andreoli <cavokz-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:

On Tue, Jul 01, 2008 at 02:06:38AM +0200, Michael Buesch wrote:
> This adds the btgpio driver.
> The purpose of the btgpio driver is to export all of the 24 GPIO pins
> available on Brooktree 8xx chips to the kernel GPIO infrastructure.
>
> This makes it possible to use a physically modified BT8xx card as
> cheap digital GPIO card.
>
> Signed-off-by: Michael Buesch <mb-fseUSCV1ubazQB+pC5nmwQ@public.gmane.org>

How one is supposed to test this driver? I am unable to switch on
the GIPO lib support in my config. I tried also allyesconfig but no
trace of gpio lib stuff.

Hi Michael,

I would also like to know if there are some automated tests to test this. If yes, i would like to include the same into the Linux Test Project (http://ltp.cvs.sourceforge.net/ltp/ltp/testcases/kernel/device-drivers/).

Regards--
Subrata



thanks,
Domenico

-----[ Domenico Andreoli, aka cavok
 --[ http://www.dandreoli.com/gpgkey.asc
  ---[ 3A0F 2F80 F79C 678A 8936  4FEE 0677 9033 A20E BC50
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



--
Regards & Thanks--
Subrata
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
Ltp-list mailing list
Ltp-list@...
https://lists.sourceforge.net/lists/listinfo/ltp-list
Michael Buesch | 2 Jul 12:25 2008
Picon

Re: [PATCH] Add btgpio driver

On Wednesday 02 July 2008 12:15:40 Subrata Modak wrote:
> On Tue, Jul 1, 2008 at 6:34 AM, Domenico Andreoli <cavokz@...> wrote:
> 
> > On Tue, Jul 01, 2008 at 02:06:38AM +0200, Michael Buesch wrote:
> > > This adds the btgpio driver.
> > > The purpose of the btgpio driver is to export all of the 24 GPIO pins
> > > available on Brooktree 8xx chips to the kernel GPIO infrastructure.
> > >
> > > This makes it possible to use a physically modified BT8xx card as
> > > cheap digital GPIO card.
> > >
> > > Signed-off-by: Michael Buesch <mb@...>
> >
> > How one is supposed to test this driver? I am unable to switch on
> > the GIPO lib support in my config. I tried also allyesconfig but no
> > trace of gpio lib stuff.

You need another patch that enables generic GPIO-lib support. I also sent that
to lkml.

> Hi Michael,
> 
> I would also like to know if there are some automated tests to test this. If
> yes, i would like to include the same into the Linux Test Project (
> http://ltp.cvs.sourceforge.net/ltp/ltp/testcases/kernel/device-drivers/).

I'm not sure how it could be possible to automatically testing that hardware.
In any case, I'm currently probably the only one owning such modified hardware. ;)

--

-- 
Greetings Michael.

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
Christof Schmitt | 2 Jul 13:31 2008
Picon

Re: [patch 00/11] Updated zfcp patches for 2.6.27

On Wed, Jul 02, 2008 at 03:19:10PM +0530, Subrata Modak wrote:
> Hi Christof,
> 
> Do you have testcases (Automated/Can-be-Automated) for testing this
> Device driver? If yes, would you like to contribute the same to LTP
> (http://ltp.cvs.sourceforge.net/ltp/ltp/testcases/kernel/device-drivers/)
> under GPLv2. I would also request test cases in device drivers category,
> which can be a good candidate for contribution.
> 
> Recently i have been trying to revive the device drivers tests in LTP,
> but still hoping to receive something new from somebody.
> 
> Regards--
> Subrata

Subrata,

the standard tests include error injection on various layers in the
I/O path (e.g. storage system, SAN, FCP adapter) and see that this is
recovered automatically while running I/O.

The test teams here with IBM have more experience with the details, i
will try to give you some contact names.

Christof
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo <at> vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Klas Lindberg | 2 Jul 14:40 2008
Picon

Which kernel sources?

Hi

I'm cross compiling for ARM and I'm wondering how to tell the LTP
where to find the correct set of system headers.

Right now the build fails like so:

make[5]: Entering directory
`/home/qliklas/develop/ltp.git/testcases/kernel/syscalls/timerfd'
arm-none-linux-gnueabi-gcc -Wall  -I../../include -g -Wall
-I../../../../include -Wall
timerfd01.c  -L../../../../lib -lrt -lltp -o timerfd01
timerfd01.c: In function 'timerfd_create':
timerfd01.c:84: error: '__NR_timerfd_create' undeclared (first use in
this function)
timerfd01.c:84: error: (Each undeclared identifier is reported only once
timerfd01.c:84: error: for each function it appears in.)
timerfd01.c: In function 'timerfd_settime':
timerfd01.c:90: error: '__NR_timerfd_settime' undeclared (first use in
this function)
timerfd01.c: In function 'timerfd_gettime':
timerfd01.c:95: error: '__NR_timerfd_gettime' undeclared (first use in
this function)
timerfd01.c: In function 'main':
timerfd01.c:124: warning: unused variable 'tfd2'
make[5]: *** [timerfd01] Error 1
make[5]: Leaving directory
`/home/qliklas/develop/ltp.git/testcases/kernel/syscalls/timerfd'

BR / Klas Lindberg

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08

Gmane