From patchwork Tue Nov 28 18:15:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471513 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="UbGk8sUT" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9EDDB30D6 for ; Tue, 28 Nov 2023 10:16:18 -0800 (PST) Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASI25cl001457 for ; Tue, 28 Nov 2023 18:16:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : mime-version; s=pp1; bh=dhb1h0LV3k4YIQn6873JrEo8j+NulMDGdHLLz0RNvJI=; b=UbGk8sUTHvRagKuH4ydjOdCm8aNzge8UP/9Ro+D+Tzi5azPVk5emBDZtK4Ri/C7aLFzt +qYY09/exkBJm3rv27A2qPR99fsh1NZH7cTrL32faamdyMw5I7Y4pF3Jnhzb6re7usc9 rEqAa8vh7EApieouswMCpz2CqlMhfpgC2hitvGd2qXazCZCeBfXffrEc05EOCe6kgDY8 qWX86/U9eISU6oddN83AYWXeN27aywMxOxHCUkO4EUcX88zBIInychJ31INGY2Lhy4eR i0EkACt6NujRMvLFGqxEiqEZsoW2/m/fYXcbAMlLjhEpXXa/EtkAumeNEOKN6S5cJuNO xA== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn4erd97-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:17 +0000 Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASIFpAD028326 for ; Tue, 28 Nov 2023 18:16:16 GMT Received: from smtprelay02.dal12v.mail.ibm.com ([172.16.1.4]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukv8nhk11-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:16 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay02.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGFb846268724 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:15 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C5FBB5805C; Tue, 28 Nov 2023 18:16:15 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 81C405805A; Tue, 28 Nov 2023 18:16:15 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:15 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 01/14] tests: Address issues raised by shellcheck SC2086 & enable shellcheck Date: Tue, 28 Nov 2023 13:15:59 -0500 Message-ID: <20231128181613.1159958-2-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: hQiFrYBCLZx2Dr_1sUzclCycu3NfZSnf X-Proofpoint-GUID: hQiFrYBCLZx2Dr_1sUzclCycu3NfZSnf X-Proofpoint-UnRewURL: 0 URL was un-rewritten Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 lowpriorityscore=0 spamscore=0 adultscore=0 malwarescore=0 mlxscore=0 impostorscore=0 bulkscore=0 clxscore=1015 mlxlogscore=999 phishscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2086: "Double quote to prevent globbing and word splitting." Add support for the make target 'shellcheck' on scripts in the test directory. Signed-off-by: Stefan Berger --- Makefile.am | 5 ++++- tests/Makefile.am | 11 ++++++++++- tests/boot_aggregate.test | 4 ++-- tests/fsverity.test | 18 +++++++++--------- tests/functions.sh | 30 +++++++++++++++--------------- tests/gen-keys.sh | 4 ++-- tests/install-openssl3.sh | 12 ++++++------ tests/sign_verify.test | 12 ++++++------ tests/softhsm_setup | 28 ++++++++++++++-------------- 9 files changed, 68 insertions(+), 56 deletions(-) diff --git a/Makefile.am b/Makefile.am index 9ec5681..949c353 100644 --- a/Makefile.am +++ b/Makefile.am @@ -50,4 +50,7 @@ rmman: doc: evmctl.1.html rmman evmctl.1 endif -.PHONY: $(tarname) +shellcheck: + make -C tests shellcheck + +.PHONY: $(tarname) shellcheck diff --git a/tests/Makefile.am b/tests/Makefile.am index a28f671..6bf7eef 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -24,6 +24,15 @@ clean-local: -rm -f *.txt *.out *.sig *.sig2 distclean: distclean-keys -.PHONY: distclean-keys + +shellcheck: + shellcheck -i SC2086 \ + functions.sh gen-keys.sh install-fsverity.sh \ + install-mount-idmapped.sh install-openssl3.sh \ + install-swtpm.sh install-tss.sh softhsm_setup \ + $(check_SCRIPTS) + +.PHONY: distclean-keys shellcheck distclean-keys: ./gen-keys.sh clean + diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index b0b2db4..ccc45f9 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -129,7 +129,7 @@ check() { local options=$1 echo "INFO: Calculating the boot_aggregate (PCRs 0 - 9) for multiple banks" - bootaggr=$(evmctl ima_boot_aggregate ${options}) + bootaggr=$(evmctl ima_boot_aggregate "${options}") if [ $? -ne 0 ]; then echo "${CYAN}SKIP: evmctl ima_boot_aggregate: $bootaggr${NORM}" exit "$SKIP" @@ -197,4 +197,4 @@ if [ "$(id -u)" != 0 ] || [ ! -c "/dev/tpm0" ]; then fi fi -expect_pass check $BOOTAGGR_OPTIONS +expect_pass check "$BOOTAGGR_OPTIONS" diff --git a/tests/fsverity.test b/tests/fsverity.test index e1e0c8d..2b338ca 100755 --- a/tests/fsverity.test +++ b/tests/fsverity.test @@ -50,9 +50,9 @@ _require dd mkfs blkid e2fsck tune2fs evmctl setfattr trap '_report_exit_and_cleanup _cleanup_env cleanup' SIGINT SIGTERM EXIT cleanup() { - if [ -e $TST_MNT ]; then - if [ $LOOPBACK_MOUNTED -eq 1 ]; then - umount $TST_MNT + if [ -e "$TST_MNT" ]; then + if [ "$LOOPBACK_MOUNTED" -eq 1 ]; then + umount "$TST_MNT" fi if [ -f "$TST_IMG" ]; then rm "$TST_IMG" @@ -139,7 +139,7 @@ create_loopback_file() { fi echo "INFO: Building an $fs_type filesystem" - if ! mkfs -t "$fs_type" -q "${TST_IMG}" $options; then + if ! mkfs -t "$fs_type" -q "${TST_IMG}" ${options:+${options}}; then echo "${RED}FAILURE: Creating $fs_type filesystem${NORM}" exit "$FAIL" fi @@ -202,7 +202,7 @@ create_file() { local test=$1 local type=$2 - TST_FILE=$(mktemp -p $TST_MNT -t "${type}".XXXXXX) + TST_FILE=$(mktemp -p "$TST_MNT" -t "${type}".XXXXXX) [ "$VERBOSE" -ge 1 ] && echo "INFO: creating $TST_FILE" # heredoc to create a script @@ -251,13 +251,13 @@ measure-verity() { digest_filename=$("$FSVERITY" digest "$TST_FILE") [ "$VERBOSE" -ge 2 ] && echo "INFO: verity:$digest_filename" - grep "verity:$digest_filename" $IMA_MEASUREMENT_LIST &> /dev/null + grep "verity:$digest_filename" "$IMA_MEASUREMENT_LIST" &> /dev/null ret=$? # Not finding the "fsverity digest" result in the IMA measurement # list is expected for non fs-verity enabled files. The measurement # list will contain zeros for the file hash. - if [ $ret -eq 1 ]; then + if [ "$ret" -eq 1 ]; then error="$FAIL" if [ "$verity" = "enabled" ]; then echo "${RED}FAILURE: ${msg} ${NORM}" @@ -285,7 +285,7 @@ measure-ima() { create_file "$test" ima-hash "$TST_FILE" - hashalg=$(grep "${TST_FILE}" $IMA_MEASUREMENT_LIST | cut -d':' -f2) + hashalg=$(grep "${TST_FILE}" "$IMA_MEASUREMENT_LIST" | cut -d':' -f2) if [ -z "${hashalg}" ]; then echo "${CYAN}SKIP: Measurement record with algorithm not found${NORM}" return "$SKIP" @@ -301,7 +301,7 @@ measure-ima() { # Remove the extra space before the filename digest_filename=$(${digestsum} "$TST_FILE" | sed "s/\ \ /\ /") [ "$VERBOSE" -ge 2 ] && echo "$test: $digest_filename" - if grep "$digest_filename" $IMA_MEASUREMENT_LIST &> /dev/null; then + if grep "$digest_filename" "$IMA_MEASUREMENT_LIST" &> /dev/null; then echo "${GREEN}SUCCESS: Measuring $TST_FILE ${NORM}" else error="$FAIL" diff --git a/tests/functions.sh b/tests/functions.sh index 35e925c..2105f21 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -42,7 +42,7 @@ exit_early() { _require() { ret= for i; do - if ! type $i; then + if ! type "$i"; then echo "$i is required for test" ret=1 fi @@ -79,7 +79,7 @@ expect_pass() { fi if [ $TNESTED -gt 0 ]; then - echo $RED"expect_pass should not be run nested"$NORM + echo "${RED}expect_pass should not be run nested${NORM}" testsfail+=1 exit "$HARDFAIL" fi @@ -110,9 +110,9 @@ expect_pass_if() { ret=$? if [ $ret -ne 0 ] && [ $ret -ne 77 ] && [ -n "$PATCHES" ]; then - echo $YELLOW"Possibly missing patches:"$NORM + echo "${YELLOW}Possibly missing patches:${NORM}" for idx in $indexes; do - echo $YELLOW" - ${PATCHES[$((idx))]}"$NORM + echo "${YELLOW} - ${PATCHES[$((idx))]}${NORM}" done fi @@ -130,7 +130,7 @@ expect_fail() { fi if [ $TNESTED -gt 0 ]; then - echo $RED"expect_fail should not be run nested"$NORM + echo "${RED}expect_fail should not be run nested${NORM}" testsfail+=1 exit "$HARDFAIL" fi @@ -166,9 +166,9 @@ expect_fail_if() { ret=$? if { [ $ret -eq 0 ] || [ $ret -eq 99 ]; } && [ -n "$PATCHES" ]; then - echo $YELLOW"Possibly missing patches:"$NORM + echo "${YELLOW}Possibly missing patches:${NORM}" for idx in $indexes; do - echo $YELLOW" - ${PATCHES[$((idx))]}"$NORM + echo "${YELLOW} - ${PATCHES[$((idx))]}${NORM}" done fi @@ -177,12 +177,12 @@ expect_fail_if() { # return true if current test is positive _test_expected_to_pass() { - [ ! $TFAIL ] + [ ! "$TFAIL" ] } # return true if current test is negative _test_expected_to_fail() { - [ $TFAIL ] + [ "$TFAIL" ] } # Show blank line and color following text to red @@ -201,7 +201,7 @@ color_red() { } color_restore() { - [ $COLOR_RESTORE ] && echo "$NORM" + [ "$COLOR_RESTORE" ] && echo "$NORM" COLOR_RESTORE= } @@ -216,7 +216,7 @@ _evmctl_run() { # ADD_TEXT_FOR: append to text as 'for $ADD_TEXT_FOR' cmd="evmctl $V $EVMCTL_ENGINE $*" - echo $YELLOW$TMODE "$cmd"$NORM + echo "${YELLOW}$TMODE $cmd${NORM}" $cmd >"$out" 2>&1 ret=$? @@ -226,7 +226,7 @@ _evmctl_run() { echo "evmctl $op failed hard with ($ret) $text_for" sed 's/^/ /' "$out" color_restore - rm "$out" $ADD_DEL + rm "$out" "$ADD_DEL" ADD_DEL= ADD_TEXT_FOR= return "$HARDFAIL" @@ -238,7 +238,7 @@ _evmctl_run() { sed 's/^/ /' "$out" fi color_restore - rm "$out" $ADD_DEL + rm "$out" "$ADD_DEL" ADD_DEL= ADD_TEXT_FOR= return "$FAIL" @@ -371,7 +371,7 @@ _softhsm_setup() { msg=$(./softhsm_setup setup 2>&1) if [ $? -eq 0 ]; then echo "softhsm_setup setup succeeded: $msg" - PKCS11_KEYURI=$(echo $msg | sed -n 's|^keyuri: \(.*\)|\1|p') + PKCS11_KEYURI=$(echo "$msg" | sed -n 's|^keyuri: \(.*\)|\1|p') export EVMCTL_ENGINE="--engine pkcs11" export OPENSSL_ENGINE="-engine pkcs11" @@ -402,7 +402,7 @@ _run_env() { if [ "$TST_ENV" = "um" ]; then expect_pass "$1" rootfstype=hostfs rw init="$2" quiet mem=2048M "$3" else - echo $RED"Testing environment $TST_ENV not supported"$NORM + echo "${RED}Testing environment $TST_ENV not supported${NORM}" exit "$FAIL" fi } diff --git a/tests/gen-keys.sh b/tests/gen-keys.sh index 8905cdf..0b03ba4 100755 --- a/tests/gen-keys.sh +++ b/tests/gen-keys.sh @@ -71,9 +71,9 @@ for m in 1024 1024_skid 2048; do ext= fi if [ ! -e test-rsa$m.key ]; then - log openssl req -verbose -new -nodes -utf8 -sha256 -days 10000 -batch -x509 $ext \ + log openssl req -verbose -new -nodes -utf8 -sha256 -days 10000 -batch -x509 "$ext" \ -config test-ca.conf \ - -newkey rsa:$bits \ + -newkey "rsa:$bits" \ -out test-rsa$m.cer -outform DER \ -keyout test-rsa$m.key # for v1 signatures diff --git a/tests/install-openssl3.sh b/tests/install-openssl3.sh index 911c32b..6658c23 100755 --- a/tests/install-openssl3.sh +++ b/tests/install-openssl3.sh @@ -9,16 +9,16 @@ fi version=${COMPILE_SSL} -wget --no-check-certificate https://github.com/openssl/openssl/archive/refs/tags/${version}.tar.gz -tar --no-same-owner -xzf ${version}.tar.gz -cd openssl-${version} +wget --no-check-certificate "https://github.com/openssl/openssl/archive/refs/tags/${version}.tar.gz" +tar --no-same-owner -xzf "${version}.tar.gz" +cd "openssl-${version}" if [ "$VARIANT" = "i386" ]; then echo "32-bit compilation" FLAGS="-m32 linux-generic32" fi -./Configure $FLAGS no-engine no-dynamic-engine --prefix=/opt/openssl3 --openssldir=/opt/openssl3 +./Configure ${FLAGS:+${FLAGS}} no-engine no-dynamic-engine --prefix=/opt/openssl3 --openssldir=/opt/openssl3 # Uncomment for debugging # perl configdata.pm --dump | grep engine make -j$(nproc) @@ -26,5 +26,5 @@ make -j$(nproc) sudo make install_sw cd .. -rm -rf ${version}.tar.gz -rm -rf openssl-${version} +rm -rf "${version}.tar.gz" +rm -rf "openssl-${version}" diff --git a/tests/sign_verify.test b/tests/sign_verify.test index 2bc365a..5cc0393 100755 --- a/tests/sign_verify.test +++ b/tests/sign_verify.test @@ -141,7 +141,7 @@ check_sign() { local FILE=${FILE:-$ALG.txt} # Normalize key filename if it's not a pkcs11 URI - if [ ${KEY:0:7} != pkcs11: ]; then + if [ "${KEY:0:7}" != pkcs11: ]; then key=${KEY%.*}.key key=test-${key#test-} else @@ -152,8 +152,8 @@ check_sign() { # leave only good files for verify tests. _test_expected_to_fail && FILE+='~' - rm -f $FILE - if ! touch $FILE; then + rm -f "$FILE" + if ! touch "$FILE"; then color_red echo "Can't create test file: $FILE" color_restore @@ -372,7 +372,7 @@ try_different_sigs() { ## Test v1 signatures # Signature v1 only supports sha1 and sha256 so any other should fail -if [ $SIGV1 -eq 0 ]; then +if [ "$SIGV1" -eq 0 ]; then __skip() { echo "IMA signature v1 tests are skipped: not supported"; return $SKIP; } expect_pass __skip else @@ -440,8 +440,8 @@ expect_fail \ # Test signing with key described by pkcs11 URI _softhsm_setup "${WORKDIR}" if [ -n "${PKCS11_KEYURI}" ]; then - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY=${PKCS11_KEYURI} ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS=--keyid=aabbccdd - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY=${PKCS11_KEYURI} ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS=--keyid=aabbccdd + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS=--keyid=aabbccdd + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS=--keyid=aabbccdd else # to have a constant number of tests, skip these two tests __skip() { echo "pkcs11 test is skipped: could not setup softhsm"; return $SKIP; } diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 35b1754..10e4013 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -15,7 +15,7 @@ fi MAJOR=$(softhsm2-util -v | cut -d '.' -f1) MINOR=$(softhsm2-util -v | cut -d '.' -f2) -if [ ${MAJOR} -lt 2 ] || [ ${MAJOR} -eq 2 -a ${MINOR} -lt 2 ]; then +if [ "${MAJOR}" -lt 2 ] || [ "${MAJOR}" -eq 2 -a "${MINOR}" -lt 2 ]; then echo "Need softhsm v2.2.0 or later" exit 77 fi @@ -91,21 +91,21 @@ setup_softhsm() { grep -E "\.so$")" fi sudo mkdir -p /etc/gnutls &>/dev/null - sudo bash -c "echo "load=${SONAME}" > /etc/gnutls/pkcs11.conf" + sudo bash -c "echo 'load=${SONAME}' > /etc/gnutls/pkcs11.conf" ;; esac - if ! [ -d $configdir ]; then - mkdir -p $configdir + if ! [ -d "$configdir" ]; then + mkdir -p "$configdir" fi - mkdir -p ${tokendir} + mkdir -p "${tokendir}" - if [ -f $configfile ]; then + if [ -f "$configfile" ]; then mv "$configfile" "$bakconfigfile" fi - if ! [ -f $configfile ]; then - cat <<_EOF_ > $configfile + if ! [ -f "$configfile" ]; then + cat <<_EOF_ > "$configfile" directories.tokendir = ${tokendir} objectstore.backend = file log.level = DEBUG @@ -122,8 +122,8 @@ _EOF_ if [ -z "$tokenuri" ]; then msg=$(softhsm2-util \ - --init-token --pin ${PIN} --so-pin ${SO_PIN} \ - --free --label ${NAME} 2>&1) + --init-token --pin "${PIN}" --so-pin "${SO_PIN}" \ + --free --label "${NAME}" 2>&1) if [ $? -ne 0 ]; then echo "Could not initialize token" echo "$msg" @@ -172,7 +172,7 @@ _EOF_ fi fi - getkeyuri_softhsm $slot + getkeyuri_softhsm "$slot" rc=$? if [ $rc -ne 0 ]; then teardown_softhsm @@ -196,7 +196,7 @@ _getkeyuri_softhsm() { echo "$msg" return 6 fi - msg=$(p11tool --list-all ${tokenuri} 2>&1) + msg=$(p11tool --list-all "${tokenuri}" 2>&1) if [ $? -ne 0 ]; then echo "Could not list object under token $tokenuri" echo "$msg" @@ -260,7 +260,7 @@ main() { local ret if [ $# -lt 1 ]; then - usage $0 + usage "$0" echo -e "Missing command.\n\n" return 1 fi @@ -283,7 +283,7 @@ main() { ;; *) echo -e "Unsupported command: $1\n\n" - usage $0 + usage "$0" ret=1 esac return $ret From patchwork Tue Nov 28 18:16:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471507 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Vwd/rKS+" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8DB2530D5 for ; Tue, 28 Nov 2023 10:16:18 -0800 (PST) Received: from pps.filterd (m0353722.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASIAdug000657 for ; Tue, 28 Nov 2023 18:16:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=8VsLwEGaRPa6VBr/WCKPdVu4DNL4dEdY8/54dPItS2A=; b=Vwd/rKS+ohd9dG3034O+mhx4O35p/bvZ6J24tB0DF01sCEFPjoLfZoAb/DTqKWQlzGR5 paKUqKgSFNpBSMquwnWkz2Fbj5h2fdovB6dIB5gmJUlW8N4qZI6HSipdMZQroI9Rb+kh D5q/uC16aybd2KSuBFE8RJ59OD2EjQfN80/DdTAVh6EGUyZSTyJewc12q/Kau2qop0Za T9bMBoAnHLGjYSmAOBBnja4uEiB0dUCp0PJNkGsU3jDxNqNUBHuUM5zJdYx+w9GvlJ2z 4WRFOFxFcAEtMW4fcfUg7uSvHXpszQ+E+wwe1ovKP0rDXrjpzOlSQBX2g+OTExj5Q6Ww 2A== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn8k888f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:17 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG2k3k018177 for ; Tue, 28 Nov 2023 18:16:16 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwy1s2qd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:16 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGG8b2884316 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:16 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2B91758051; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DD8145805A; Tue, 28 Nov 2023 18:16:15 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:15 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 02/14] tests: Address issues raised by shellcheck SC2181 Date: Tue, 28 Nov 2023 13:16:00 -0500 Message-ID: <20231128181613.1159958-3-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: mgL-bHC6geVUDEWNqkDWTtiq0SbWlC__ X-Proofpoint-GUID: mgL-bHC6geVUDEWNqkDWTtiq0SbWlC__ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 lowpriorityscore=0 bulkscore=0 adultscore=0 impostorscore=0 mlxlogscore=999 malwarescore=0 suspectscore=0 priorityscore=1501 clxscore=1015 spamscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2181: "Check exit code directly with e.g. if mycmd;, not indirectly with $?." The general replacement patterns to fix this issue are: Old: if [ $? -eq 0 ]; then ... New: if ; then ... Old: if [ $? -ne 0 ]; then ... New: if ! ; then ... Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/boot_aggregate.test | 22 ++++++++-------------- tests/functions.sh | 3 +-- tests/ima_hash.test | 4 ++-- tests/sign_verify.test | 3 +-- tests/softhsm_setup | 32 ++++++++++++-------------------- 6 files changed, 25 insertions(+), 41 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 6bf7eef..86796c3 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086 \ + shellcheck -i SC2086,SC2181 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index ccc45f9..04aef9b 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -47,8 +47,7 @@ swtpm_start() { fi if [ -n "${swtpm}" ]; then - pgrep swtpm - if [ $? -eq 0 ]; then + if pgrep swtpm; then echo "INFO: Software TPM (swtpm) already running" return 114 else @@ -60,8 +59,7 @@ swtpm_start() { elif [ -n "${tpm_server}" ]; then # tpm_server uses the Microsoft simulator encapsulated packet format export TPM_SERVER_TYPE="mssim" - pgrep tpm_server - if [ $? -eq 0 ]; then + if pgrep tpm_server; then echo "INFO: Software TPM (tpm_server) already running" return 114 else @@ -81,16 +79,13 @@ swtpm_init() { fi echo "INFO: Sending software TPM startup" - "${TSSDIR}/tssstartup" - if [ $? -ne 0 ]; then + if ! "${TSSDIR}/tssstartup"; then echo "INFO: Retry sending software TPM startup" sleep 1 - "${TSSDIR}/tssstartup" - fi - - if [ $? -ne 0 ]; then - echo "INFO: Software TPM startup failed" - return "$SKIP" + if ! "${TSSDIR}/tssstartup"; then + echo "INFO: Software TPM startup failed" + return "$SKIP" + fi fi echo "INFO: Walking ${BINARY_BIOS_MEASUREMENTS} initializing the software TPM" @@ -129,8 +124,7 @@ check() { local options=$1 echo "INFO: Calculating the boot_aggregate (PCRs 0 - 9) for multiple banks" - bootaggr=$(evmctl ima_boot_aggregate "${options}") - if [ $? -ne 0 ]; then + if ! bootaggr=$(evmctl ima_boot_aggregate "${options}"); then echo "${CYAN}SKIP: evmctl ima_boot_aggregate: $bootaggr${NORM}" exit "$SKIP" fi diff --git a/tests/functions.sh b/tests/functions.sh index 2105f21..9670b3a 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -368,8 +368,7 @@ _softhsm_setup() { mkdir -p "${SOFTHSM_SETUP_CONFIGDIR}" - msg=$(./softhsm_setup setup 2>&1) - if [ $? -eq 0 ]; then + if msg=$(./softhsm_setup setup 2>&1); then echo "softhsm_setup setup succeeded: $msg" PKCS11_KEYURI=$(echo "$msg" | sed -n 's|^keyuri: \(.*\)|\1|p') diff --git a/tests/ima_hash.test b/tests/ima_hash.test index e88fd59..9a8d7b6 100755 --- a/tests/ima_hash.test +++ b/tests/ima_hash.test @@ -33,8 +33,8 @@ check() { # unless it's negative test, then pass to evmctl cmd="openssl dgst $OPENSSL_ENGINE -$alg $file" echo - "$cmd" - hash=$(set -o pipefail; $cmd 2>/dev/null | cut -d' ' -f2) - if [ $? -ne 0 ] && _test_expected_to_pass; then + if ! hash=$(set -o pipefail; $cmd 2>/dev/null | cut -d' ' -f2) \ + && _test_expected_to_pass; then echo "${CYAN}$alg test is skipped$NORM" rm "$file" return "$SKIP" diff --git a/tests/sign_verify.test b/tests/sign_verify.test index 5cc0393..1b6cf2a 100755 --- a/tests/sign_verify.test +++ b/tests/sign_verify.test @@ -185,8 +185,7 @@ check_sign() { # Insert keyid from cert into PREFIX in-place of marker `:K:' if [[ $PREFIX =~ :K: ]]; then - keyid=$(_keyid_from_cert "$key") - if [ $? -ne 0 ]; then + if ! keyid=$(_keyid_from_cert "$key"); then color_red echo "Unable to determine keyid for $key" color_restore diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 10e4013..95bf0b1 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -30,8 +30,7 @@ UNAME_S="$(uname -s)" case "${UNAME_S}" in Darwin) - msg=$(sudo -v -n) - if [ $? -ne 0 ]; then + if ! msg=$(sudo -v -n); then echo "Need password-less sudo rights on OS X to change /etc/gnutls/pkcs11.conf" exit 1 fi @@ -113,18 +112,16 @@ slots.removable = false _EOF_ fi - msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}" | tail -n1) - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}" | tail -n1); then echo "Could not list existing tokens" echo "$msg" fi tokenuri=$(echo "$msg" | sed -n 's/.*URL: \([[:print:]*]\)/\1/p') if [ -z "$tokenuri" ]; then - msg=$(softhsm2-util \ + if ! msg=$(softhsm2-util \ --init-token --pin "${PIN}" --so-pin "${SO_PIN}" \ - --free --label "${NAME}" 2>&1) - if [ $? -ne 0 ]; then + --free --label "${NAME}" 2>&1); then echo "Could not initialize token" echo "$msg" return 2 @@ -143,9 +140,8 @@ _EOF_ fi fi - msg=$(p11tool --list-tokens 2>&1 | \ - grep "token=${NAME}" | tail -n1) - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-tokens 2>&1 | \ + grep "token=${NAME}" | tail -n1); then echo "Could not list existing tokens" echo "$msg" fi @@ -156,15 +152,13 @@ _EOF_ fi # more recent versions of p11tool have --generate-privkey ... - msg=$(GNUTLS_PIN=$PIN p11tool \ + if ! msg=$(GNUTLS_PIN=$PIN p11tool \ --generate-privkey=rsa --bits 2048 --label mykey --login \ - "${tokenuri}" 2>&1) - if [ $? -ne 0 ]; then + "${tokenuri}" 2>&1); then # ... older versions have --generate-rsa - msg=$(GNUTLS_PIN=$PIN p11tool \ + if ! msg=$(GNUTLS_PIN=$PIN p11tool \ --generate-rsa --bits 2048 --label mykey --login \ - "${tokenuri}" 2>&1) - if [ $? -ne 0 ]; then + "${tokenuri}" 2>&1); then echo "Could not create RSA key!" echo "$msg" return 5 @@ -184,8 +178,7 @@ _EOF_ _getkeyuri_softhsm() { local msg tokenuri keyuri - msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}") - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}"); then echo "Could not list existing tokens" echo "$msg" return 5 @@ -196,8 +189,7 @@ _getkeyuri_softhsm() { echo "$msg" return 6 fi - msg=$(p11tool --list-all "${tokenuri}" 2>&1) - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-all "${tokenuri}" 2>&1); then echo "Could not list object under token $tokenuri" echo "$msg" softhsm2-util --show-slots From patchwork Tue Nov 28 18:16:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471505 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="fX6ob5gT" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D87CF30D8 for ; Tue, 28 Nov 2023 10:16:18 -0800 (PST) Received: from pps.filterd (m0353723.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASHXniT011874 for ; Tue, 28 Nov 2023 18:16:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : mime-version; s=pp1; bh=cAL4DHFP7UoXYvElFpKrVWL6OfvJaJg0nyWk6phGV2E=; b=fX6ob5gTQngm9XrSh5v4ylYjYzuQU7LPgda8OBsQnWivQDUoxDlgFZimOP4rckQWXDxy u4BuFb8eK1y47RCE2zEPlPBo4+D5Nbx7oQsCGR8Fxfz1qCRZBFKycx7OrYQK4TC4Z15Q CAaKA2aK3YfAEaWkwGPLsZsUv4d0z4JoyNVKiZ/8FHaXkDQAHwc+OzVg1sRov9GOthON MZ3YJcPNa7EbS15ho8vgW88yHh69MJLqoGUUFpGzrUDJepyN5Y26Xyy2YE/gu/8r55Hm iUXKhvw1cMwukYyorFls+9CkxJekMFdy+IbUF9cu0SQ7lZf0i8vWv2xWb+j5nhbJdZss Mw== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unmq9h7ve-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:17 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG26wT031065 for ; Tue, 28 Nov 2023 18:16:17 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3uku8t1uhq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:17 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGGq621824120 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:16 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8458E58051; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 425FE5805A; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 03/14] tests: Address issues raised by shellcheck SC2046 Date: Tue, 28 Nov 2023 13:16:01 -0500 Message-ID: <20231128181613.1159958-4-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: _1R2sdjY3nQA1kODfOuy6OOoPgNnn-Bp X-Proofpoint-GUID: _1R2sdjY3nQA1kODfOuy6OOoPgNnn-Bp X-Proofpoint-UnRewURL: 0 URL was un-rewritten Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxscore=0 malwarescore=0 impostorscore=0 phishscore=0 priorityscore=1501 lowpriorityscore=0 spamscore=0 suspectscore=0 bulkscore=0 clxscore=1015 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2046: "Quote this to prevent word splitting." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/install-fsverity.sh | 2 +- tests/install-openssl3.sh | 2 +- tests/install-swtpm.sh | 9 +++++---- tests/install-tss.sh | 2 +- tests/softhsm_setup | 2 +- 6 files changed, 10 insertions(+), 9 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 86796c3..6fe18e4 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181 \ + shellcheck -i SC2086,SC2181,SC2046 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh index c760485..fa31b2b 100755 --- a/tests/install-fsverity.sh +++ b/tests/install-fsverity.sh @@ -2,5 +2,5 @@ git clone https://git.kernel.org/pub/scm/fs/fsverity/fsverity-utils.git cd fsverity-utils -CC=gcc make -j$(nproc) +CC=gcc make -j"$(nproc)" cd .. diff --git a/tests/install-openssl3.sh b/tests/install-openssl3.sh index 6658c23..edd99de 100755 --- a/tests/install-openssl3.sh +++ b/tests/install-openssl3.sh @@ -21,7 +21,7 @@ fi ./Configure ${FLAGS:+${FLAGS}} no-engine no-dynamic-engine --prefix=/opt/openssl3 --openssldir=/opt/openssl3 # Uncomment for debugging # perl configdata.pm --dump | grep engine -make -j$(nproc) +make -j"$(nproc)" # only install apps and library sudo make install_sw diff --git a/tests/install-swtpm.sh b/tests/install-swtpm.sh index ff44b52..a0e60ee 100755 --- a/tests/install-swtpm.sh +++ b/tests/install-swtpm.sh @@ -1,4 +1,4 @@ -#!/bin/sh -ex +#!/bin/bash -ex # No need to run via sudo if we already have permissions. # Also, some distros do not have sudo configured for root: @@ -10,7 +10,8 @@ else fi git clone https://git.code.sf.net/p/ibmswtpm2/tpm2 -cd tpm2/src -make -j$(nproc) +pushd tpm2/src 1>/dev/null || exit 1 +make -j"$(nproc)" $SUDO cp tpm_server /usr/local/bin/ -cd ../.. +popd 1>/dev/null + diff --git a/tests/install-tss.sh b/tests/install-tss.sh index c9c179e..31ea690 100755 --- a/tests/install-tss.sh +++ b/tests/install-tss.sh @@ -3,6 +3,6 @@ set -ex git clone https://git.code.sf.net/p/ibmtpm20tss/tss cd tss -autoreconf -i && ./configure --disable-tpm-1.2 --disable-hwtpm && make -j$(nproc) && sudo make install +autoreconf -i && ./configure --disable-tpm-1.2 --disable-hwtpm && make -j"$(nproc)" && sudo make install cd .. rm -rf tss diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 95bf0b1..6f8a74e 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -82,7 +82,7 @@ setup_softhsm() { fi sudo mv /etc/gnutls/pkcs11.conf \ /etc/gnutls/pkcs11.conf.bak &>/dev/null - if [ $(id -u) -eq 0 ]; then + if [ "$(id -u)" -eq 0 ]; then SONAME="$(sudo -u nobody brew ls --verbose softhsm | \ grep -E "\.so$")" else From patchwork Tue Nov 28 18:16:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471506 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="rmH+Cphz" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 054F030DF for ; Tue, 28 Nov 2023 10:16:20 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASI2fEB024466 for ; Tue, 28 Nov 2023 18:16:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=jkZXqzpbssUnC0OA2mkXDPMADTo5mcz1OocVz0zMBhE=; b=rmH+CphzPBpsb0XU5UYlnU0ghCMUmthA54SWQKqGdSEIJ92hb4vRuVhPCubS/HCS1ozZ O9FmOC9e4KOPLZBjG+sWlVBJIcqLrbU9APXb4TVhX1trd05+JeXzbmodgkTs8ecI3YZG PMdB0cfPXvLTAX1ikCBZEL6My2BtwZHTGCzcx5GthcaL7asxuZJQ+nqcN3X1Cb6liXAH jBAky6YUMzM1sKnv8KK+M/RqNIeqcNAEj1CC/Z3kNIdev1u2ubOU23rkL5DCQ4Mfbth0 JaQoqxIUiEo0w6S3bQ0OnYwLlTzbj8vQ9+573D2DJzXAIZcGwjB9oQQggjJQdPN8QXTD 4g== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn4p8f18-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:19 +0000 Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASFshtg012193 for ; Tue, 28 Nov 2023 18:16:17 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukvrkhf2t-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:17 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGGFn2884326 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:17 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DDFFA5805C; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9B90B5805A; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 04/14] tests: Address issues raised by shellcheck SC2320 Date: Tue, 28 Nov 2023 13:16:02 -0500 Message-ID: <20231128181613.1159958-5-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: JJR_Pn1MOSOmlv1hExDqXqH9hSUCt6Yq X-Proofpoint-ORIG-GUID: JJR_Pn1MOSOmlv1hExDqXqH9hSUCt6Yq X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=998 priorityscore=1501 spamscore=0 malwarescore=0 impostorscore=0 clxscore=1015 suspectscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 adultscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2320: "This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/mmap_check.test | 8 +++----- tests/portable_signatures.test | 9 +++------ 3 files changed, 7 insertions(+), 12 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 6fe18e4..3713771 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/mmap_check.test b/tests/mmap_check.test index 2dd3433..e3e5c71 100755 --- a/tests/mmap_check.test +++ b/tests/mmap_check.test @@ -97,14 +97,12 @@ check_load_ima_rule() { new_policy=$(mktemp -p "$g_mountpoint") echo "$1" > "$new_policy" - echo "$new_policy" > /sys/kernel/security/ima/policy - result=$? - rm -f "$new_policy" - - if [ "$result" -ne 0 ]; then + if ! echo "$new_policy" > /sys/kernel/security/ima/policy; then + rm -f "$new_policy" echo "${RED}Failed to set IMA policy${NORM}" return "$HARDFAIL" fi + rm -f "$new_policy" return "$OK" } diff --git a/tests/portable_signatures.test b/tests/portable_signatures.test index 9f3339b..7ddd149 100755 --- a/tests/portable_signatures.test +++ b/tests/portable_signatures.test @@ -80,7 +80,6 @@ METADATA_CHANGE_FOWNER_2=3002 check_load_ima_rule() { local rule_loaded - local result local new_policy rule_loaded=$(grep "$1" /sys/kernel/security/ima/policy) @@ -88,14 +87,12 @@ check_load_ima_rule() { new_policy=$(mktemp -p "$g_mountpoint") echo "$1" > "$new_policy" evmctl sign -o -a sha256 --imasig --key "$key_path" "$new_policy" &> /dev/null - echo "$new_policy" > /sys/kernel/security/ima/policy - result=$? - rm -f "$new_policy" - - if [ "$result" -ne 0 ]; then + if ! echo "$new_policy" > /sys/kernel/security/ima/policy; then + rm -f "$new_policy" echo "${RED}Failed to set IMA policy${NORM}" return "$FAIL" fi + rm -f "${new_policy}" fi return "$OK" From patchwork Tue Nov 28 18:16:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471508 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Vv/ADVsm" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A06E30E1 for ; Tue, 28 Nov 2023 10:16:20 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASI2aP9023992 for ; Tue, 28 Nov 2023 18:16:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=afKzOp+VwXEGQXo8IEKvT21i3Iigfp751lGuZrymG44=; b=Vv/ADVsmYx2HU1aYi5esCxKVtm3UW531vVnG6DQDjAS2VLAL5x16Q6DoBrKM2OwGawrM QMZmO1EFPGNq+bNU2F9l7QwKQObjNmqzk6eclOEn11gZdMQqc6v2goCGw3de8pLjxVCi BUpTaWreylukTfcNBiUtJt4sKZzCSk3Wembn9OIRH4JXB88iBomP8ETgUvTAp7BeuCzv 48dtu+EbqSqRr0fMHT4zTsLkHtHEyBHKAOn+H71AoxnAWeUpVP1R4GzKLr603CDiaZAs NHFGec4XO/GdMincr7i3ZEbYzb4kyC3Fo8TcUyycJEDEXY2M0HdY6QYqFSn9I+kP2nd+ 3A== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn4p8f1e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:19 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG5NmY027644 for ; Tue, 28 Nov 2023 18:16:18 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([172.16.1.7]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukumyhs3b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:18 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGHYM918180 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:17 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4BE2B58051; Tue, 28 Nov 2023 18:16:17 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 00ED15805A; Tue, 28 Nov 2023 18:16:17 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:16 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 05/14] tests: Address issues raised by shellcheck SC2317 Date: Tue, 28 Nov 2023 13:16:03 -0500 Message-ID: <20231128181613.1159958-6-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: I6gPQtwGsJj_36X7I9wlHrK1Hf5Yioua X-Proofpoint-ORIG-GUID: I6gPQtwGsJj_36X7I9wlHrK1Hf5Yioua X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 priorityscore=1501 spamscore=0 malwarescore=0 impostorscore=0 clxscore=1015 suspectscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 adultscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2317: "Command appears to be unreachable. Check usage (or ignore if invoked indirectly)." Disable this check in fsverity.test since functions are called indirectly there. Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/fsverity.test | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 3713771..e2fcb16 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/fsverity.test b/tests/fsverity.test index 2b338ca..ddd6993 100755 --- a/tests/fsverity.test +++ b/tests/fsverity.test @@ -29,6 +29,8 @@ # since the policy rules are walked sequentially, the system's IMA # custom policy rules might take precedence. +# shellcheck disable=SC2317 + cd "$(dirname "$0")" || exit 1 PATH=../src:../fsverity-utils:/usr/sbin:$PATH source ./functions.sh From patchwork Tue Nov 28 18:16:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471510 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="ZtajOYxp" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4872930E3 for ; Tue, 28 Nov 2023 10:16:20 -0800 (PST) Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASHrd5T031363 for ; Tue, 28 Nov 2023 18:16:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=bFwkzrgYTvx/bONkknb0mGv7TBbeYwfgxiNyVrGnCXQ=; b=ZtajOYxpMd4o/6fMko/JTy2GKkoJu+PnFiAkKVRX3CNM5TU0JfxNDUenKH8FXhPeOREF ZpVIUS2LzfCZn2de9BIYxoQOcejfRfQQEb+EQVeKSkCwtHfYiZRRaIpn+LAfUFyeELZ5 vfy0p7y5U7qX9Cw3jWMYsnPj+V6sKfIHobvijTUVrJDIxRlCJ6p1QUAVS9aXfXksZo9L aMCR+FuMuhuHmzM5qJl1v7eKrp/levZCBgpdflSDKnHC//YauN74rj5xJRHjnHLfR2o8 C3pzFB/I/v92MTK7kq3cAmCZjlplYI4/lDqecfqrE4xgXwA/0yk12Lbma7ISWNfatY2z bQ== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn0n0m39-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:19 +0000 Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG0N2w012189 for ; Tue, 28 Nov 2023 18:16:18 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([172.16.1.7]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukvrkhf2x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:18 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGHNM25821800 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:17 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9AE695805C; Tue, 28 Nov 2023 18:16:17 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 62DDB5805A; Tue, 28 Nov 2023 18:16:17 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:17 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 06/14] tests: Address issues raised by shellcheck SC2034 Date: Tue, 28 Nov 2023 13:16:04 -0500 Message-ID: <20231128181613.1159958-7-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: CQCkjJsILQFso7J_07VfQ7XtIlpT7VjH X-Proofpoint-GUID: CQCkjJsILQFso7J_07VfQ7XtIlpT7VjH X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 impostorscore=0 phishscore=0 adultscore=0 lowpriorityscore=0 spamscore=0 bulkscore=0 suspectscore=0 mlxscore=0 priorityscore=1501 mlxlogscore=985 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2034: "foo appears unused. Verify it or export it." Export PKCS11_KEYURI in a separate statement to avoid the following shellcheck issue: SC2155 (warning): Declare and assign separately to avoid masking return values. Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/functions.sh | 1 + tests/mmap_check.test | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index e2fcb16..79e2775 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/functions.sh b/tests/functions.sh index 9670b3a..4ad61ef 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -371,6 +371,7 @@ _softhsm_setup() { if msg=$(./softhsm_setup setup 2>&1); then echo "softhsm_setup setup succeeded: $msg" PKCS11_KEYURI=$(echo "$msg" | sed -n 's|^keyuri: \(.*\)|\1|p') + export PKCS11_KEYURI export EVMCTL_ENGINE="--engine pkcs11" export OPENSSL_ENGINE="-engine pkcs11" diff --git a/tests/mmap_check.test b/tests/mmap_check.test index e3e5c71..18412b5 100755 --- a/tests/mmap_check.test +++ b/tests/mmap_check.test @@ -5,6 +5,8 @@ # # Check the behavior of MMAP_CHECK and MMAP_CHECK_REQPROT +# shellcheck disable=SC2034 + trap '_report_exit_and_cleanup _cleanup_env cleanup' SIGINT SIGTERM SIGSEGV EXIT PATCHES=( From patchwork Tue Nov 28 18:16:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471509 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="pHk8q2/o" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E668B30E6 for ; Tue, 28 Nov 2023 10:16:20 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASI2aV1024095 for ; Tue, 28 Nov 2023 18:16:20 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : mime-version; s=pp1; bh=/r4mXdj+WL0aG04+qDwl6s2cokRhzG2wubQlL8Wx94E=; b=pHk8q2/oGgUelcMLMaKQ6zKIaR13f1Q/XV0NCWEZaNg2VPuDOfsXVi69Bjbp6A9W4iLT fis6ey4B1M4Il1uMMW+twTXdh3vrqTZ/KUHlR00rTZvf5zAVVhtq5Ri8kx0fGvWg182y QUsefH14fmK2voFXwmsrWTCm1hZBu/R/xfVKtgFAgEfaWCMErc/eW1CLj/1mBC+heB7V k4gE/Hsj4gIWh/CWBvFm+vZI9TM7Ufzy+CDg+fUiLj01YlDcntV17HT7k1xpIvmTnlZO URaJ4soU8+gkCp6A5zT/XLgCroLXURVGvQ4uE+QYJntjiJseXm7yhOvECOJdsJeJe0RJ ig== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn4p8f2w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:20 +0000 Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG8Ac1028313 for ; Tue, 28 Nov 2023 18:16:19 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukv8nhk1h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:19 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGIPr19661530 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:18 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 09A985805E; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BBB295805A; Tue, 28 Nov 2023 18:16:17 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:17 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 07/14] tests: Address issues raised by shellcheck SC2164 Date: Tue, 28 Nov 2023 13:16:05 -0500 Message-ID: <20231128181613.1159958-8-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 9Zz6U3g_qHtxHmbgOKKcaItnSm-cyfZV X-Proofpoint-ORIG-GUID: 9Zz6U3g_qHtxHmbgOKKcaItnSm-cyfZV X-Proofpoint-UnRewURL: 0 URL was un-rewritten Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 priorityscore=1501 spamscore=0 malwarescore=0 impostorscore=0 clxscore=1015 suspectscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 adultscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2164: "Use cd ... || exit in case cd fails." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/boot_aggregate.test | 2 +- tests/install-fsverity.sh | 2 +- tests/install-mount-idmapped.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 79e2775..c5b2a2f 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index 04aef9b..c7c2b21 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -17,7 +17,7 @@ trap '_report_exit_and_cleanup cleanup' SIGINT SIGTERM EXIT # Base VERBOSE on the environment variable, if set. VERBOSE="${VERBOSE:-0}" -cd "$(dirname "$0")" +cd "$(dirname "$0")" || exit 1 export PATH=../src:$PATH export LD_LIBRARY_PATH=$LD_LIBRARY_PATH . ./functions.sh diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh index fa31b2b..e2b0286 100755 --- a/tests/install-fsverity.sh +++ b/tests/install-fsverity.sh @@ -1,6 +1,6 @@ #!/bin/sh git clone https://git.kernel.org/pub/scm/fs/fsverity/fsverity-utils.git -cd fsverity-utils +cd fsverity-utils || exit 1 CC=gcc make -j"$(nproc)" cd .. diff --git a/tests/install-mount-idmapped.sh b/tests/install-mount-idmapped.sh index c954006..d8a673c 100755 --- a/tests/install-mount-idmapped.sh +++ b/tests/install-mount-idmapped.sh @@ -1,6 +1,6 @@ #!/bin/sh git clone https://github.com/brauner/mount-idmapped.git -cd mount-idmapped +cd mount-idmapped || exit 1 gcc -o mount-idmapped mount-idmapped.c cd .. From patchwork Tue Nov 28 18:16:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471511 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="tSQAgh6x" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 266BF30E8 for ; Tue, 28 Nov 2023 10:16:21 -0800 (PST) Received: from pps.filterd (m0353722.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASIAe73000720 for ; Tue, 28 Nov 2023 18:16:20 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=VGoSwG1/4hdiKBk6J2M99Mh8aeFeMRtUXlCTt018fmw=; b=tSQAgh6x6nfFNsM81t0ZjwwSJSthLSnJHo6pTn5DSB3F8h/76y3fzd76rfL9AqNXpqgP bCJLkVLGX6di9q548sMaj5M5pZjCYRYzWq9JvYDeC++up1baniOKRZQesdY6t5gVBnDQ jWu+Th0GsP9tsrhJx8jQJqm45beJjt+sIDURprhhj3k+v8f/7W563xqpvvygJxKcQCcV /cQ0yObifNhKl4IXoN9FHbe2x2z+724Blo16gYTQY6iWkGupzJKMJo6MYkScAGZYphg8 VsqjWF3SZagQsuEQ5M15eJK8UwFMkmx4Yf6g7VMLZ9pQx6hYxKSdppsCR9/Scumiq+SG 5w== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn8k88bb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:20 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG0QJr027615 for ; Tue, 28 Nov 2023 18:16:19 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukumyhs3g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:19 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGIS046006710 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:18 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6B97558051; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 205535805A; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 08/14] tests: Address issues raised by shellcheck SC2166 Date: Tue, 28 Nov 2023 13:16:06 -0500 Message-ID: <20231128181613.1159958-9-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: gqj8OIW3sXJLD1x9Dx7nqX3SgxGcMuyG X-Proofpoint-GUID: gqj8OIW3sXJLD1x9Dx7nqX3SgxGcMuyG X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 lowpriorityscore=0 bulkscore=0 adultscore=0 impostorscore=0 mlxlogscore=975 malwarescore=0 suspectscore=0 priorityscore=1501 clxscore=1015 spamscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2166: "Prefer [ p ] && [ q ] as [ p -a q ] is not well defined." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/softhsm_setup | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index c5b2a2f..df1fbff 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 6f8a74e..fc33596 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -15,7 +15,7 @@ fi MAJOR=$(softhsm2-util -v | cut -d '.' -f1) MINOR=$(softhsm2-util -v | cut -d '.' -f2) -if [ "${MAJOR}" -lt 2 ] || [ "${MAJOR}" -eq 2 -a "${MINOR}" -lt 2 ]; then +if [[ "${MAJOR}" -lt 2 || ( "${MAJOR}" -eq 2 && "${MINOR}" -lt 2 ) ]]; then echo "Need softhsm v2.2.0 or later" exit 77 fi From patchwork Tue Nov 28 18:16:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471514 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="TY5mPryD" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 72FF230E9 for ; Tue, 28 Nov 2023 10:16:21 -0800 (PST) Received: from pps.filterd (m0353723.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASHXjHQ011790 for ; Tue, 28 Nov 2023 18:16:20 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=MY0XxR1i2Uz5rXjsDP4/3t/rVNVP+DFyDGF055k7bZo=; b=TY5mPryDwrTfpzdRE3kFGIyGVHewmugU4qbiwFGd7DvSDyUnNAm5HII6/0sgYTV3B4Nm vHqdMHE8IpmUoY3/3fFGzAnUOKuckPbT5bduuxzZgfZbJCiLIxC15xfxGfpzaxOhzEG5 Q/TUMm1VqmjmANc+E3YI/k08hqbKV556aielrTRGaXhpv86r9kHRFFIsUJ18pZdoDNSs b7akPkqxJ1GSkzRXktNSCxsmgGipHEb4vKPLs0Ie++jXQFeEiMpT834VWhX/yoTS4GyP cDJUfLer8eHztsFbWR8rcOrIWkIB0VAnevB6NRCwSbE0qjg4JJGGFj0cRjmfgy1OH6Dn HQ== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unmq9h7y3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:20 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASFwcDf031027 for ; Tue, 28 Nov 2023 18:16:19 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3uku8t1uj4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:19 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGIN012190290 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:19 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CE5D458060; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 826495805A; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 09/14] tests: Address issues raised by shellcheck SC2294 Date: Tue, 28 Nov 2023 13:16:07 -0500 Message-ID: <20231128181613.1159958-10-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: CWy8y1E96e8bXFcL5T1xBPm4YAfEG4q8 X-Proofpoint-GUID: CWy8y1E96e8bXFcL5T1xBPm4YAfEG4q8 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxscore=0 malwarescore=0 impostorscore=0 phishscore=0 priorityscore=1501 lowpriorityscore=0 spamscore=0 suspectscore=0 bulkscore=0 clxscore=1015 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2294: "eval negates the benefit of arrays. Drop eval to preserve whitespace/symbols (or eval as string)." Signed-off-by: Stefan Berger --- tests/Makefile.am | 4 +++- tests/gen-keys.sh | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index df1fbff..9092c43 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,9 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ + shellcheck \ + -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ + -i SC2294 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/gen-keys.sh b/tests/gen-keys.sh index 0b03ba4..c3d5a20 100755 --- a/tests/gen-keys.sh +++ b/tests/gen-keys.sh @@ -21,7 +21,7 @@ type openssl log() { echo >&2 - "$*" - eval "$@" + eval "$*" } if [ "$1" = clean ]; then From patchwork Tue Nov 28 18:16:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471512 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Oj4k2GY2" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1DFA630D1 for ; Tue, 28 Nov 2023 10:16:22 -0800 (PST) Received: from pps.filterd (m0353728.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASIFrtS032484 for ; Tue, 28 Nov 2023 18:16:21 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=rfQxeGMBaqBV0+aNq47m5YRRAVMZThDcfBKt3QqpC0I=; b=Oj4k2GY29HkXhd9wfLBbNFhGMt2nt7/RAO2Jk8BR3yOd0PNkSua7WaHmQt3wxqjsjRFm 3XV8OhhKyUtzVDRZiOPr6AjXIMNNi5gpYeulL6mz1Xnm1W1pCWFWquk233nuCEQAm5WO Nn/Lytj7ZJRSNyqHlsj1M7GfR5TQQu0PqVI+7dMPDkNjAd8jsUWa7SUtqmQPT9tAw+pd rSjgYUY1ZN8MSW6aoZXcvoSGucrAf5zNQABwDPtGNNj01Fl3SzEdrBtpqGPNbpF0/ibO PJAe/yxCdT5gX0OB8M2CMdjsNDA8XI0gbC/ZH5EzDSRCyMrm3Hxgi4F25FjbOQT5uUgz 7g== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn2fgh5r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:21 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG0IIP027610 for ; Tue, 28 Nov 2023 18:16:20 GMT Received: from smtprelay06.dal12v.mail.ibm.com ([172.16.1.8]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukumyhs3k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:20 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay06.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGJWf6816336 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:19 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3C65D5805A; Tue, 28 Nov 2023 18:16:19 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E47A758051; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:18 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 10/14] tests: Address issues raised by shellcheck SC2206 Date: Tue, 28 Nov 2023 13:16:08 -0500 Message-ID: <20231128181613.1159958-11-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: INUZRt62kQ7pql8GJgE_5Kvt3IHIzq6M X-Proofpoint-ORIG-GUID: INUZRt62kQ7pql8GJgE_5Kvt3IHIzq6M X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 suspectscore=0 mlxscore=0 spamscore=0 clxscore=1015 malwarescore=0 mlxlogscore=999 impostorscore=0 adultscore=0 phishscore=0 bulkscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issue raised by shellcheck SC2206: "Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/boot_aggregate.test | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 9092c43..cbf637c 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294 \ + -i SC2294,SC2206 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index c7c2b21..c9a8d67 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -129,7 +129,7 @@ check() { exit "$SKIP" fi - boot_aggr=( $bootaggr ) + read -r -a boot_aggr <<< "$bootaggr" echo "INFO: Searching for the boot_aggregate in ${ASCII_RUNTIME_MEASUREMENTS}" for hash in "${boot_aggr[@]}"; do From patchwork Tue Nov 28 18:16:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471516 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="P7uZ83tE" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A8B4C30EF for ; Tue, 28 Nov 2023 10:16:22 -0800 (PST) Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASHlbKx022937 for ; Tue, 28 Nov 2023 18:16:21 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=PvRr2WMpQ+NEW4x9VXN+i9Zw+jCaHaoQWacHjjMi3tM=; b=P7uZ83tEAird+4nWXJyW8Q3JSFH4dkQG8/yZSZ6nzMNxkWuX6QGoa7S6mMEXNuys8IEe dLrB2ZdU2yTuFH2OXDLbEsZEoymHNFMMpUdZSIzqTpVK7EAF6BCuc2sVKAGJo7HD7O8z WIlCyw7SNPEukwbrDr6HAHKbpb6D4KaB4GpatJ0POUQdTbvaobhkA4Fr7iuNZt/AvWTa iMySvIJPnrPrgVAgvxm454iu1RSixrPfjP9o8kCku/F6mDZcbal/mhHV4xnvSmNj3fat JCCSVqGPZ9coMB+qTP8t6v08nnz4i0XmZCqQ4XfLjEmXl2dHPDxtbwbt9vdLFVI2OxcC dw== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unmwg8tph-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:21 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASIChcf004930 for ; Tue, 28 Nov 2023 18:16:20 GMT Received: from smtprelay06.dal12v.mail.ibm.com ([172.16.1.8]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwfk17p9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:20 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay06.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGJgh14353116 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:19 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9F70B5805A; Tue, 28 Nov 2023 18:16:19 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5338158051; Tue, 28 Nov 2023 18:16:19 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:19 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 11/14] tests: Address issues raised by shellcheck SC2196 Date: Tue, 28 Nov 2023 13:16:09 -0500 Message-ID: <20231128181613.1159958-12-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: UtVZEJmzrr6RyDXF5knLcsc0mM_LY5in X-Proofpoint-GUID: UtVZEJmzrr6RyDXF5knLcsc0mM_LY5in X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 impostorscore=0 phishscore=0 mlxscore=0 suspectscore=0 lowpriorityscore=0 bulkscore=0 priorityscore=1501 malwarescore=0 clxscore=1015 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2196: "egrep is non-standard and deprecated. Use grep -E instead." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/functions.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index cbf637c..3c542d7 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206 \ + -i SC2294,SC2206,SC2196 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/functions.sh b/tests/functions.sh index 4ad61ef..c39b894 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -272,7 +272,7 @@ _test_xattr() { local file=$1 attr=$2 prefix=$3 local text_for=${ADD_TEXT_FOR:+ for $ADD_TEXT_FOR} - if ! getfattr -n "$attr" -e hex "$file" | egrep -qx "$attr=$prefix"; then + if ! getfattr -n "$attr" -e hex "$file" | grep -qx -E "$attr=$prefix"; then color_red_on_failure echo "Did not find expected hash$text_for:" echo " $attr=$prefix" From patchwork Tue Nov 28 18:16:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471517 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="ZNQpp1C6" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D33AA30F1 for ; Tue, 28 Nov 2023 10:16:22 -0800 (PST) Received: from pps.filterd (m0353722.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASIAdtK000674 for ; Tue, 28 Nov 2023 18:16:22 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=JHiDRhE1u083wRxbpYJTM1GLbDmSGh2BNNSLFCw1Yco=; b=ZNQpp1C6vEx5kgM9kIaIFI9HE8XfB4wYmmrY3JLrKFgken2US2E3swFH9hDR/94X5VxK z2/Ciy0payPcjJCi63QzPd5TTVHyW0S8GVlJXDP9J2dvzU8RJ8KC0PbKHrmqpK0rISJ9 yRRF/xvtMusEepfTvZTqpXxzF2vUdSIBCfoNb+ossR6hwHF31M/BAMsF2mQXniPi12ej SzQNWeQjPt0Ki/9CnZcgGsnuChIRc8Mf9xpCJEogGuV2GvVOauFn15EKu9hjeTF9u++Z bkvyTJ4bE8O/Ow7Lc7abmfDN8b9idVOAKclBSUUBNGrUy0qA0P7EU9dxq4Cb4MZmjgJC 8g== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn8k88c4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:21 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASFw8nk004955 for ; Tue, 28 Nov 2023 18:16:20 GMT Received: from smtprelay07.dal12v.mail.ibm.com ([172.16.1.9]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwfk17pb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:20 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay07.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGKEH42861100 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:20 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0D2155805A; Tue, 28 Nov 2023 18:16:20 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B658958051; Tue, 28 Nov 2023 18:16:19 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:19 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 12/14] tests: Address issues raised by shellcheck SC2043 Date: Tue, 28 Nov 2023 13:16:10 -0500 Message-ID: <20231128181613.1159958-13-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 5H7SeSlJnxA1JIf1R0K5a3n6DKNfBFZi X-Proofpoint-GUID: 5H7SeSlJnxA1JIf1R0K5a3n6DKNfBFZi X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 lowpriorityscore=0 bulkscore=0 adultscore=0 impostorscore=0 mlxlogscore=883 malwarescore=0 suspectscore=0 priorityscore=1501 clxscore=1015 spamscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2043: "This loop will only ever run once for a constant value. Did you perhaps mean to loop over dir/*, $var or $(cmd)? Disable this check in gen-keys.sh to leave the loop alone. Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/gen-keys.sh | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 3c542d7..4ce71f4 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206,SC2196 \ + -i SC2294,SC2206,SC2196,SC2043 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/gen-keys.sh b/tests/gen-keys.sh index c3d5a20..601ded2 100755 --- a/tests/gen-keys.sh +++ b/tests/gen-keys.sh @@ -15,6 +15,8 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. +# shellcheck disable=SC2043 + cd "$(dirname "$0")" || exit 1 PATH=../src:$PATH type openssl From patchwork Tue Nov 28 18:16:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471515 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="E33b+/NU" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CA03430F0 for ; Tue, 28 Nov 2023 10:16:22 -0800 (PST) Received: from pps.filterd (m0353723.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASHY02p012654 for ; Tue, 28 Nov 2023 18:16:22 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=K2OSIIWeR+/mVCpZD6SxIqXKHERmaQICjyFMubPt4pk=; b=E33b+/NUSl/HBx1neyf+uchtvn20ujevgxFEbLo8wQnOvTJ6dRwExJhyOzrKRdCRJglt iGT4YucgFA0At/fWgJRxOyNQ1wVSyXc9NXD4UpVcDS3uq6qyfL9VsBvcSVnjUXkHa8RM IAcseqK51b28sqMG39FCJoEtCtaL7wwT0oyFEKxFyIA2QItTsojISiW1jnrkuZoQ8n3V JBp8lQ9kcMkwd1Jwksr4L74CKv3NMmnljXjp9h4+6BfzEhSn8kiB0g/Sq0f+RfAMGPnu xyzwOhihJr6GHHBmoQMs0IARP23ypGoQZwQFkFj5j8VwVNDoBfBJlbY4zsSjb65Hu1j7 3g== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unmq9h804-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:21 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG0Hik018242 for ; Tue, 28 Nov 2023 18:16:21 GMT Received: from smtprelay07.dal12v.mail.ibm.com ([172.16.1.9]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwy1s2qw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 28 Nov 2023 18:16:21 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay07.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGKPQ34210242 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:20 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 66FE55805E; Tue, 28 Nov 2023 18:16:20 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 24AE458051; Tue, 28 Nov 2023 18:16:20 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:20 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v2 13/14] tests: Address issues raised by shellcheck SC2295 Date: Tue, 28 Nov 2023 13:16:11 -0500 Message-ID: <20231128181613.1159958-14-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: W6tE7mGhawyTjg6XHA0eIZK_jJ8bZSVz X-Proofpoint-GUID: W6tE7mGhawyTjg6XHA0eIZK_jJ8bZSVz X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxscore=0 malwarescore=0 impostorscore=0 phishscore=0 priorityscore=1501 lowpriorityscore=0 spamscore=0 suspectscore=0 bulkscore=0 clxscore=1015 mlxlogscore=970 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues raised by shellcheck SC2295: "Expansions inside ${..} need to be quoted separately, otherwise they will match as a pattern." There's not variable digest_type but it's a plain string and therefore treat it as such. Signed-off-by: Stefan Berger Cc: Mimi Zohar --- tests/Makefile.am | 2 +- tests/fsverity.test | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 4ce71f4..7b3d92b 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206,SC2196,SC2043 \ + -i SC2294,SC2206,SC2196,SC2043,SC2295 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/fsverity.test b/tests/fsverity.test index ddd6993..a6ba68b 100755 --- a/tests/fsverity.test +++ b/tests/fsverity.test @@ -169,7 +169,7 @@ unqualified_bprm_rule() { local rule_match="measure func=BPRM_CHECK" local rule_dontmatch="fsuuid" - if [ -z "${rule##*$digest_type=verity*}" ]; then + if [ -z "${rule##*digest_type=verity*}" ]; then if grep "$rule_match" $IMA_POLICY_FILE | grep -v "$rule_dontmatch" &> /dev/null; then return "$SKIP" fi From patchwork Tue Nov 28 18:16:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13471518 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="aybBP9lX" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 29E0B1710 for ; Tue, 28 Nov 2023 10:16:32 -0800 (PST) Received: from pps.filterd (m0353722.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASIAfJk000800; Tue, 28 Nov 2023 18:16:22 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=ShLPU8A563ho3ExyzSyndBdAsqcrd38OTJBacAHnOiA=; b=aybBP9lX8O9kmbG350jFkPSOjRYrRJ5huuCctYwdk4bFPDtZQMByWGwTee3YV3Q2dww+ SerRhBidkyLDyuUsEIXc9Kygn+psB2eA3Kt2CgfODuV2sc24J7VFZx8MOUDGMSv/jylN g1917N2j5jdDuzN0uILpxrtC/+jQjv3QRKKr1XlxMel3MFm/uhxZZ+cPQha1xVuZ/kYM 9zkjb9SqDJH/QjX1bvcnLFbYbUT4SCJ5uS1/iVSH4ag4KGJBbEtxoOkL/rDOhq/DrflU TQiFX9suEZjOVbv8B2WbaXqrJBvxlkABH5uIA8evWciU1h7lSyCHL5xhMLHxnS9nXZXH Pw== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3unn8k88cs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 28 Nov 2023 18:16:22 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3ASG1sCn018278; Tue, 28 Nov 2023 18:16:21 GMT Received: from smtprelay07.dal12v.mail.ibm.com ([172.16.1.9]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwy1s2r0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 28 Nov 2023 18:16:21 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay07.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3ASIGK6O53215870 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 28 Nov 2023 18:16:20 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CC16958066; Tue, 28 Nov 2023 18:16:20 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7E2F358051; Tue, 28 Nov 2023 18:16:20 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 28 Nov 2023 18:16:20 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger , Roberto Sassu Subject: [ima-evm-utils PATCH v2 14/14] tests: Address issues raised by shellcheck SC2003 Date: Tue, 28 Nov 2023 13:16:12 -0500 Message-ID: <20231128181613.1159958-15-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231128181613.1159958-1-stefanb@linux.ibm.com> References: <20231128181613.1159958-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 6zA3O7eEJtlFJ1A7XOLNQfOeidgbbxJB X-Proofpoint-GUID: 6zA3O7eEJtlFJ1A7XOLNQfOeidgbbxJB X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-28_20,2023-11-27_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 lowpriorityscore=0 bulkscore=0 adultscore=0 impostorscore=0 mlxlogscore=999 malwarescore=0 suspectscore=0 priorityscore=1501 clxscore=1015 spamscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311280146 Address issues detected by shellcheck SC2003: expr is antiquated. Consider rewriting this using $((..)), ${} or [[ ]]. The following statement in portable_signatures.test causes the issue: expr index "$TST_LIST" "check_evm_revalidate" The man page for expr states: index STRING CHARS index in STRING where any CHARS is found, or 0 The intention is certainly not to find an index of any of the characters in "check_evm_revalidate" in $TST_LIST but to find the word "check_evm_revalidate" in $TST_LIST. Therefore, use grep -w to determine whether the word is there. Signed-off-by: Stefan Berger Cc: Roberto Sassu --- tests/Makefile.am | 2 -- tests/portable_signatures.test | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 7b3d92b..a95c4d2 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -27,8 +27,6 @@ distclean: distclean-keys shellcheck: shellcheck \ - -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206,SC2196,SC2043,SC2295 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/portable_signatures.test b/tests/portable_signatures.test index 7ddd149..10b0ad8 100755 --- a/tests/portable_signatures.test +++ b/tests/portable_signatures.test @@ -1090,7 +1090,7 @@ if [ $((evm_value & EVM_INIT_X509)) -ne "$EVM_INIT_X509" ] && [ "$TST_EVM_CHANGE echo "$EVM_INIT_X509" > /sys/kernel/security/evm 2> /dev/null fi -if [ "$(expr index "$TST_LIST" "check_evm_revalidate")" -gt 0 ] && [ "$TST_EVM_CHANGE_MODE" -eq 1 ]; then +if echo "$TST_LIST" | grep -q -w check_evm_revalidate && [ "$TST_EVM_CHANGE_MODE" -eq 1 ]; then echo "$EVM_ALLOW_METADATA_WRITES" > /sys/kernel/security/evm 2> /dev/null fi