Add support for the number of expected violations. Include the
expected number of violations in the output.
Signed-off-by: Mimi Zohar <zo...@linux.ibm.com>
---
.../security/integrity/ima/tests/ima_violations.sh | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
index 37d8d473c..7f0382fb8 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
@@ -71,20 +71,26 @@ validate()
local num_violations="$1"
local count="$2"
local search="$3"
+ local expected_violations=$4
local max_attempt=3
local count2 i num_violations_new
+ [ -z $expected_violations ] && expected_violations=1
+
for i in $(seq 1 $max_attempt); do
read num_violations_new < $IMA_VIOLATIONS
count2="$(get_count $search)"
- if [ $(($num_violations_new - $num_violations)) -gt 0 ]; then
+ if [ $(($num_violations_new - $num_violations)) -eq
$expected_violations ]; then
if [ $count2 -gt $count ]; then
- tst_res TPASS "$search violation added"
+ tst_res TPASS "$expected_violations $search
violation(s) added"
return
else
tst_res TINFO "$search not found in $LOG
($i/$max_attempt attempt)..."
tst_sleep 1s
fi
+ elif [ $(($num_violations_new - $num_violations)) -gt 0 ]; then
+ tst_res $IMA_FAIL "$search too many violations added"
+ return
else
tst_res $IMA_FAIL "$search violation not added"
return
--
2.48.1
