kernfs_test assumes that flistxattr() on /sys/kernel/warn_count always returns an empty list. However, systems with SELinux enabled may expose security.selinux xattr via listxattr() during policy load, which makes the test fail even though kernfs is behaving correctly.
Allow security.selinux xattr in kernfs_listxattr while continuing to reject other unexpected xattrs. Keep the existing user.foo getxattr check unchanged. This avoids false failures on SELinux-enabled systems while preserving the original purpose of the test. Signed-off-by: Disha Goel <[email protected]> --- .../selftests/filesystems/kernfs_test.c | 27 +++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/filesystems/kernfs_test.c b/tools/testing/selftests/filesystems/kernfs_test.c index 84c2b910a60d..a5e480d662e0 100644 --- a/tools/testing/selftests/filesystems/kernfs_test.c +++ b/tools/testing/selftests/filesystems/kernfs_test.c @@ -4,6 +4,8 @@ #include <fcntl.h> #include <stdio.h> +#include <stdlib.h> +#include <string.h> #include <sys/stat.h> #include <sys/xattr.h> @@ -12,12 +14,33 @@ TEST(kernfs_listxattr) { + char *buf, *xattr; + ssize_t len, ret; int fd; - /* Read-only file that can never have any extended attributes set. */ + /* Read-only file that can never have any extended attributes set. + * However, SELinux may set security.selinux xattr on kernfs files + * during policy load, so we explicitly ignore it. + */ fd = open("/sys/kernel/warn_count", O_RDONLY | O_CLOEXEC); ASSERT_GE(fd, 0); - ASSERT_EQ(flistxattr(fd, NULL, 0), 0); + + len = flistxattr(fd, NULL, 0); + ASSERT_GE(len, 0); + + if (len > 0) { + buf = malloc(len); + ASSERT_NE(buf, NULL); + + ret = flistxattr(fd, buf, len); + ASSERT_EQ(ret, len); + + for (xattr = buf; xattr < buf + len; xattr += strlen(xattr) + 1) + ASSERT_EQ(strcmp(xattr, "security.selinux"), 0); + + free(buf); + } + EXPECT_EQ(close(fd), 0); } -- 2.45.1
