From patchwork Fri Dec 1 13:31:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475838 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="g3X/a0e6" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3F71F13E for ; Fri, 1 Dec 2023 05:31:53 -0800 (PST) Received: from pps.filterd (m0360083.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DH7PW021870 for ; Fri, 1 Dec 2023 13:31:53 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : mime-version; s=pp1; bh=dhb1h0LV3k4YIQn6873JrEo8j+NulMDGdHLLz0RNvJI=; b=g3X/a0e6paJ0ExprSC5nbFfO4yDPqjS3A97uFjIIyHbblHRYvan8E4uGR041s4FMUsLX qPxwQFEo6QF5y3H5heX13SXhMA3CDmAfS1//Vy9z2Q+bZvGEk+YNxhJcuRhXgl494tFt OY96VdtUHxuU3Xjt8m+4ubPYpBq2TeW8p//27aia18mCuBCJxC47IYW5HPzJThfuxzpW 6fRoXZ6ACkVErekVo29pxpS7nzleGv0OBB2rN4E2T8pLFIR2UQUm7+GjUrk4OJ4K2aoD N/tN4i/uZ//9kXD2GAjXiRq5h7Up/AGG8cAw2rOb8t2JL0prHUG3BrtwUVFx/nvBAVP+ yA== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg828f73-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:52 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXukS006404 for ; Fri, 1 Dec 2023 13:31:51 GMT Received: from smtprelay07.dal12v.mail.ibm.com ([172.16.1.9]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwfkmuxs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:51 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay07.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVppd43713196 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:51 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E045558052; Fri, 1 Dec 2023 13:31:50 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9FB255805A; Fri, 1 Dec 2023 13:31:50 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:50 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 01/14] tests: Address issues raised by shellcheck SC2086 & enable shellcheck Date: Fri, 1 Dec 2023 08:31:23 -0500 Message-ID: <20231201133136.2124147-2-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: DLRMmXkQTPFRURpXCbtPHN5DCwpE5tBN X-Proofpoint-ORIG-GUID: DLRMmXkQTPFRURpXCbtPHN5DCwpE5tBN X-Proofpoint-UnRewURL: 0 URL was un-rewritten Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 clxscore=1015 phishscore=0 mlxlogscore=999 suspectscore=0 malwarescore=0 spamscore=0 adultscore=0 bulkscore=0 mlxscore=0 impostorscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2086: "Double quote to prevent globbing and word splitting." Add support for the make target 'shellcheck' on scripts in the test directory. Signed-off-by: Stefan Berger --- Makefile.am | 5 ++++- tests/Makefile.am | 11 ++++++++++- tests/boot_aggregate.test | 4 ++-- tests/fsverity.test | 18 +++++++++--------- tests/functions.sh | 30 +++++++++++++++--------------- tests/gen-keys.sh | 4 ++-- tests/install-openssl3.sh | 12 ++++++------ tests/sign_verify.test | 12 ++++++------ tests/softhsm_setup | 28 ++++++++++++++-------------- 9 files changed, 68 insertions(+), 56 deletions(-) diff --git a/Makefile.am b/Makefile.am index 9ec5681..949c353 100644 --- a/Makefile.am +++ b/Makefile.am @@ -50,4 +50,7 @@ rmman: doc: evmctl.1.html rmman evmctl.1 endif -.PHONY: $(tarname) +shellcheck: + make -C tests shellcheck + +.PHONY: $(tarname) shellcheck diff --git a/tests/Makefile.am b/tests/Makefile.am index a28f671..6bf7eef 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -24,6 +24,15 @@ clean-local: -rm -f *.txt *.out *.sig *.sig2 distclean: distclean-keys -.PHONY: distclean-keys + +shellcheck: + shellcheck -i SC2086 \ + functions.sh gen-keys.sh install-fsverity.sh \ + install-mount-idmapped.sh install-openssl3.sh \ + install-swtpm.sh install-tss.sh softhsm_setup \ + $(check_SCRIPTS) + +.PHONY: distclean-keys shellcheck distclean-keys: ./gen-keys.sh clean + diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index b0b2db4..ccc45f9 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -129,7 +129,7 @@ check() { local options=$1 echo "INFO: Calculating the boot_aggregate (PCRs 0 - 9) for multiple banks" - bootaggr=$(evmctl ima_boot_aggregate ${options}) + bootaggr=$(evmctl ima_boot_aggregate "${options}") if [ $? -ne 0 ]; then echo "${CYAN}SKIP: evmctl ima_boot_aggregate: $bootaggr${NORM}" exit "$SKIP" @@ -197,4 +197,4 @@ if [ "$(id -u)" != 0 ] || [ ! -c "/dev/tpm0" ]; then fi fi -expect_pass check $BOOTAGGR_OPTIONS +expect_pass check "$BOOTAGGR_OPTIONS" diff --git a/tests/fsverity.test b/tests/fsverity.test index e1e0c8d..2b338ca 100755 --- a/tests/fsverity.test +++ b/tests/fsverity.test @@ -50,9 +50,9 @@ _require dd mkfs blkid e2fsck tune2fs evmctl setfattr trap '_report_exit_and_cleanup _cleanup_env cleanup' SIGINT SIGTERM EXIT cleanup() { - if [ -e $TST_MNT ]; then - if [ $LOOPBACK_MOUNTED -eq 1 ]; then - umount $TST_MNT + if [ -e "$TST_MNT" ]; then + if [ "$LOOPBACK_MOUNTED" -eq 1 ]; then + umount "$TST_MNT" fi if [ -f "$TST_IMG" ]; then rm "$TST_IMG" @@ -139,7 +139,7 @@ create_loopback_file() { fi echo "INFO: Building an $fs_type filesystem" - if ! mkfs -t "$fs_type" -q "${TST_IMG}" $options; then + if ! mkfs -t "$fs_type" -q "${TST_IMG}" ${options:+${options}}; then echo "${RED}FAILURE: Creating $fs_type filesystem${NORM}" exit "$FAIL" fi @@ -202,7 +202,7 @@ create_file() { local test=$1 local type=$2 - TST_FILE=$(mktemp -p $TST_MNT -t "${type}".XXXXXX) + TST_FILE=$(mktemp -p "$TST_MNT" -t "${type}".XXXXXX) [ "$VERBOSE" -ge 1 ] && echo "INFO: creating $TST_FILE" # heredoc to create a script @@ -251,13 +251,13 @@ measure-verity() { digest_filename=$("$FSVERITY" digest "$TST_FILE") [ "$VERBOSE" -ge 2 ] && echo "INFO: verity:$digest_filename" - grep "verity:$digest_filename" $IMA_MEASUREMENT_LIST &> /dev/null + grep "verity:$digest_filename" "$IMA_MEASUREMENT_LIST" &> /dev/null ret=$? # Not finding the "fsverity digest" result in the IMA measurement # list is expected for non fs-verity enabled files. The measurement # list will contain zeros for the file hash. - if [ $ret -eq 1 ]; then + if [ "$ret" -eq 1 ]; then error="$FAIL" if [ "$verity" = "enabled" ]; then echo "${RED}FAILURE: ${msg} ${NORM}" @@ -285,7 +285,7 @@ measure-ima() { create_file "$test" ima-hash "$TST_FILE" - hashalg=$(grep "${TST_FILE}" $IMA_MEASUREMENT_LIST | cut -d':' -f2) + hashalg=$(grep "${TST_FILE}" "$IMA_MEASUREMENT_LIST" | cut -d':' -f2) if [ -z "${hashalg}" ]; then echo "${CYAN}SKIP: Measurement record with algorithm not found${NORM}" return "$SKIP" @@ -301,7 +301,7 @@ measure-ima() { # Remove the extra space before the filename digest_filename=$(${digestsum} "$TST_FILE" | sed "s/\ \ /\ /") [ "$VERBOSE" -ge 2 ] && echo "$test: $digest_filename" - if grep "$digest_filename" $IMA_MEASUREMENT_LIST &> /dev/null; then + if grep "$digest_filename" "$IMA_MEASUREMENT_LIST" &> /dev/null; then echo "${GREEN}SUCCESS: Measuring $TST_FILE ${NORM}" else error="$FAIL" diff --git a/tests/functions.sh b/tests/functions.sh index 35e925c..2105f21 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -42,7 +42,7 @@ exit_early() { _require() { ret= for i; do - if ! type $i; then + if ! type "$i"; then echo "$i is required for test" ret=1 fi @@ -79,7 +79,7 @@ expect_pass() { fi if [ $TNESTED -gt 0 ]; then - echo $RED"expect_pass should not be run nested"$NORM + echo "${RED}expect_pass should not be run nested${NORM}" testsfail+=1 exit "$HARDFAIL" fi @@ -110,9 +110,9 @@ expect_pass_if() { ret=$? if [ $ret -ne 0 ] && [ $ret -ne 77 ] && [ -n "$PATCHES" ]; then - echo $YELLOW"Possibly missing patches:"$NORM + echo "${YELLOW}Possibly missing patches:${NORM}" for idx in $indexes; do - echo $YELLOW" - ${PATCHES[$((idx))]}"$NORM + echo "${YELLOW} - ${PATCHES[$((idx))]}${NORM}" done fi @@ -130,7 +130,7 @@ expect_fail() { fi if [ $TNESTED -gt 0 ]; then - echo $RED"expect_fail should not be run nested"$NORM + echo "${RED}expect_fail should not be run nested${NORM}" testsfail+=1 exit "$HARDFAIL" fi @@ -166,9 +166,9 @@ expect_fail_if() { ret=$? if { [ $ret -eq 0 ] || [ $ret -eq 99 ]; } && [ -n "$PATCHES" ]; then - echo $YELLOW"Possibly missing patches:"$NORM + echo "${YELLOW}Possibly missing patches:${NORM}" for idx in $indexes; do - echo $YELLOW" - ${PATCHES[$((idx))]}"$NORM + echo "${YELLOW} - ${PATCHES[$((idx))]}${NORM}" done fi @@ -177,12 +177,12 @@ expect_fail_if() { # return true if current test is positive _test_expected_to_pass() { - [ ! $TFAIL ] + [ ! "$TFAIL" ] } # return true if current test is negative _test_expected_to_fail() { - [ $TFAIL ] + [ "$TFAIL" ] } # Show blank line and color following text to red @@ -201,7 +201,7 @@ color_red() { } color_restore() { - [ $COLOR_RESTORE ] && echo "$NORM" + [ "$COLOR_RESTORE" ] && echo "$NORM" COLOR_RESTORE= } @@ -216,7 +216,7 @@ _evmctl_run() { # ADD_TEXT_FOR: append to text as 'for $ADD_TEXT_FOR' cmd="evmctl $V $EVMCTL_ENGINE $*" - echo $YELLOW$TMODE "$cmd"$NORM + echo "${YELLOW}$TMODE $cmd${NORM}" $cmd >"$out" 2>&1 ret=$? @@ -226,7 +226,7 @@ _evmctl_run() { echo "evmctl $op failed hard with ($ret) $text_for" sed 's/^/ /' "$out" color_restore - rm "$out" $ADD_DEL + rm "$out" "$ADD_DEL" ADD_DEL= ADD_TEXT_FOR= return "$HARDFAIL" @@ -238,7 +238,7 @@ _evmctl_run() { sed 's/^/ /' "$out" fi color_restore - rm "$out" $ADD_DEL + rm "$out" "$ADD_DEL" ADD_DEL= ADD_TEXT_FOR= return "$FAIL" @@ -371,7 +371,7 @@ _softhsm_setup() { msg=$(./softhsm_setup setup 2>&1) if [ $? -eq 0 ]; then echo "softhsm_setup setup succeeded: $msg" - PKCS11_KEYURI=$(echo $msg | sed -n 's|^keyuri: \(.*\)|\1|p') + PKCS11_KEYURI=$(echo "$msg" | sed -n 's|^keyuri: \(.*\)|\1|p') export EVMCTL_ENGINE="--engine pkcs11" export OPENSSL_ENGINE="-engine pkcs11" @@ -402,7 +402,7 @@ _run_env() { if [ "$TST_ENV" = "um" ]; then expect_pass "$1" rootfstype=hostfs rw init="$2" quiet mem=2048M "$3" else - echo $RED"Testing environment $TST_ENV not supported"$NORM + echo "${RED}Testing environment $TST_ENV not supported${NORM}" exit "$FAIL" fi } diff --git a/tests/gen-keys.sh b/tests/gen-keys.sh index 8905cdf..0b03ba4 100755 --- a/tests/gen-keys.sh +++ b/tests/gen-keys.sh @@ -71,9 +71,9 @@ for m in 1024 1024_skid 2048; do ext= fi if [ ! -e test-rsa$m.key ]; then - log openssl req -verbose -new -nodes -utf8 -sha256 -days 10000 -batch -x509 $ext \ + log openssl req -verbose -new -nodes -utf8 -sha256 -days 10000 -batch -x509 "$ext" \ -config test-ca.conf \ - -newkey rsa:$bits \ + -newkey "rsa:$bits" \ -out test-rsa$m.cer -outform DER \ -keyout test-rsa$m.key # for v1 signatures diff --git a/tests/install-openssl3.sh b/tests/install-openssl3.sh index 911c32b..6658c23 100755 --- a/tests/install-openssl3.sh +++ b/tests/install-openssl3.sh @@ -9,16 +9,16 @@ fi version=${COMPILE_SSL} -wget --no-check-certificate https://github.com/openssl/openssl/archive/refs/tags/${version}.tar.gz -tar --no-same-owner -xzf ${version}.tar.gz -cd openssl-${version} +wget --no-check-certificate "https://github.com/openssl/openssl/archive/refs/tags/${version}.tar.gz" +tar --no-same-owner -xzf "${version}.tar.gz" +cd "openssl-${version}" if [ "$VARIANT" = "i386" ]; then echo "32-bit compilation" FLAGS="-m32 linux-generic32" fi -./Configure $FLAGS no-engine no-dynamic-engine --prefix=/opt/openssl3 --openssldir=/opt/openssl3 +./Configure ${FLAGS:+${FLAGS}} no-engine no-dynamic-engine --prefix=/opt/openssl3 --openssldir=/opt/openssl3 # Uncomment for debugging # perl configdata.pm --dump | grep engine make -j$(nproc) @@ -26,5 +26,5 @@ make -j$(nproc) sudo make install_sw cd .. -rm -rf ${version}.tar.gz -rm -rf openssl-${version} +rm -rf "${version}.tar.gz" +rm -rf "openssl-${version}" diff --git a/tests/sign_verify.test b/tests/sign_verify.test index 2bc365a..5cc0393 100755 --- a/tests/sign_verify.test +++ b/tests/sign_verify.test @@ -141,7 +141,7 @@ check_sign() { local FILE=${FILE:-$ALG.txt} # Normalize key filename if it's not a pkcs11 URI - if [ ${KEY:0:7} != pkcs11: ]; then + if [ "${KEY:0:7}" != pkcs11: ]; then key=${KEY%.*}.key key=test-${key#test-} else @@ -152,8 +152,8 @@ check_sign() { # leave only good files for verify tests. _test_expected_to_fail && FILE+='~' - rm -f $FILE - if ! touch $FILE; then + rm -f "$FILE" + if ! touch "$FILE"; then color_red echo "Can't create test file: $FILE" color_restore @@ -372,7 +372,7 @@ try_different_sigs() { ## Test v1 signatures # Signature v1 only supports sha1 and sha256 so any other should fail -if [ $SIGV1 -eq 0 ]; then +if [ "$SIGV1" -eq 0 ]; then __skip() { echo "IMA signature v1 tests are skipped: not supported"; return $SKIP; } expect_pass __skip else @@ -440,8 +440,8 @@ expect_fail \ # Test signing with key described by pkcs11 URI _softhsm_setup "${WORKDIR}" if [ -n "${PKCS11_KEYURI}" ]; then - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY=${PKCS11_KEYURI} ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS=--keyid=aabbccdd - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY=${PKCS11_KEYURI} ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS=--keyid=aabbccdd + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS=--keyid=aabbccdd + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS=--keyid=aabbccdd else # to have a constant number of tests, skip these two tests __skip() { echo "pkcs11 test is skipped: could not setup softhsm"; return $SKIP; } diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 35b1754..10e4013 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -15,7 +15,7 @@ fi MAJOR=$(softhsm2-util -v | cut -d '.' -f1) MINOR=$(softhsm2-util -v | cut -d '.' -f2) -if [ ${MAJOR} -lt 2 ] || [ ${MAJOR} -eq 2 -a ${MINOR} -lt 2 ]; then +if [ "${MAJOR}" -lt 2 ] || [ "${MAJOR}" -eq 2 -a "${MINOR}" -lt 2 ]; then echo "Need softhsm v2.2.0 or later" exit 77 fi @@ -91,21 +91,21 @@ setup_softhsm() { grep -E "\.so$")" fi sudo mkdir -p /etc/gnutls &>/dev/null - sudo bash -c "echo "load=${SONAME}" > /etc/gnutls/pkcs11.conf" + sudo bash -c "echo 'load=${SONAME}' > /etc/gnutls/pkcs11.conf" ;; esac - if ! [ -d $configdir ]; then - mkdir -p $configdir + if ! [ -d "$configdir" ]; then + mkdir -p "$configdir" fi - mkdir -p ${tokendir} + mkdir -p "${tokendir}" - if [ -f $configfile ]; then + if [ -f "$configfile" ]; then mv "$configfile" "$bakconfigfile" fi - if ! [ -f $configfile ]; then - cat <<_EOF_ > $configfile + if ! [ -f "$configfile" ]; then + cat <<_EOF_ > "$configfile" directories.tokendir = ${tokendir} objectstore.backend = file log.level = DEBUG @@ -122,8 +122,8 @@ _EOF_ if [ -z "$tokenuri" ]; then msg=$(softhsm2-util \ - --init-token --pin ${PIN} --so-pin ${SO_PIN} \ - --free --label ${NAME} 2>&1) + --init-token --pin "${PIN}" --so-pin "${SO_PIN}" \ + --free --label "${NAME}" 2>&1) if [ $? -ne 0 ]; then echo "Could not initialize token" echo "$msg" @@ -172,7 +172,7 @@ _EOF_ fi fi - getkeyuri_softhsm $slot + getkeyuri_softhsm "$slot" rc=$? if [ $rc -ne 0 ]; then teardown_softhsm @@ -196,7 +196,7 @@ _getkeyuri_softhsm() { echo "$msg" return 6 fi - msg=$(p11tool --list-all ${tokenuri} 2>&1) + msg=$(p11tool --list-all "${tokenuri}" 2>&1) if [ $? -ne 0 ]; then echo "Could not list object under token $tokenuri" echo "$msg" @@ -260,7 +260,7 @@ main() { local ret if [ $# -lt 1 ]; then - usage $0 + usage "$0" echo -e "Missing command.\n\n" return 1 fi @@ -283,7 +283,7 @@ main() { ;; *) echo -e "Unsupported command: $1\n\n" - usage $0 + usage "$0" ret=1 esac return $ret From patchwork Fri Dec 1 13:31:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475841 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="XN/Ynwqt" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8999810E2 for ; Fri, 1 Dec 2023 05:31:54 -0800 (PST) Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DVIoT012682 for ; Fri, 1 Dec 2023 13:31:53 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=8VsLwEGaRPa6VBr/WCKPdVu4DNL4dEdY8/54dPItS2A=; b=XN/YnwqtaG/WiEtfWqZZeSuXjwAwkUfvUHRgJd+cUwISsXGeaNT8MGGoOklrrIOZAvml M7sTrgvQyVxdHxe3F1KcoqrIgmFZfHYvibf6xxgBSwzye49rUrYU/yHarRNfGAP2Latz ZIgZbM0atpsposLIhcGRmBKQORbZ4QS1YBNU0W34Z1paN8/7bqIPQtRv0zrQMsg/3ta+ BCE2EOvA6xrzQkPeYHDgx0UiFGtnSm+Nz0VbX+Xknhj1tbEIplm0czIT3HCgdLrQxg9N RYLzpjvkWZ+uUpUJRYz0tBdru19O/PmfyV/mhCbzZnYIwUkVLQDjpcIr4EXbe/8e/3IR hg== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqfsusenk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:53 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXst6031709 for ; Fri, 1 Dec 2023 13:31:52 GMT Received: from smtprelay01.wdc07v.mail.ibm.com ([172.16.1.68]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukun05e9e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:52 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay01.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVpRL24117824 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:51 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 41A0F58052; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 029535805A; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:50 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 02/14] tests: Address issues raised by shellcheck SC2181 Date: Fri, 1 Dec 2023 08:31:24 -0500 Message-ID: <20231201133136.2124147-3-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: mdl4b-e8HVrC3sGOf2L81yo1cmuafDfq X-Proofpoint-ORIG-GUID: mdl4b-e8HVrC3sGOf2L81yo1cmuafDfq X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 bulkscore=0 mlxlogscore=999 clxscore=1015 spamscore=0 phishscore=0 suspectscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2181: "Check exit code directly with e.g. if mycmd;, not indirectly with $?." The general replacement patterns to fix this issue are: Old: if [ $? -eq 0 ]; then ... New: if ; then ... Old: if [ $? -ne 0 ]; then ... New: if ! ; then ... Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/boot_aggregate.test | 22 ++++++++-------------- tests/functions.sh | 3 +-- tests/ima_hash.test | 4 ++-- tests/sign_verify.test | 3 +-- tests/softhsm_setup | 32 ++++++++++++-------------------- 6 files changed, 25 insertions(+), 41 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 6bf7eef..86796c3 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086 \ + shellcheck -i SC2086,SC2181 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index ccc45f9..04aef9b 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -47,8 +47,7 @@ swtpm_start() { fi if [ -n "${swtpm}" ]; then - pgrep swtpm - if [ $? -eq 0 ]; then + if pgrep swtpm; then echo "INFO: Software TPM (swtpm) already running" return 114 else @@ -60,8 +59,7 @@ swtpm_start() { elif [ -n "${tpm_server}" ]; then # tpm_server uses the Microsoft simulator encapsulated packet format export TPM_SERVER_TYPE="mssim" - pgrep tpm_server - if [ $? -eq 0 ]; then + if pgrep tpm_server; then echo "INFO: Software TPM (tpm_server) already running" return 114 else @@ -81,16 +79,13 @@ swtpm_init() { fi echo "INFO: Sending software TPM startup" - "${TSSDIR}/tssstartup" - if [ $? -ne 0 ]; then + if ! "${TSSDIR}/tssstartup"; then echo "INFO: Retry sending software TPM startup" sleep 1 - "${TSSDIR}/tssstartup" - fi - - if [ $? -ne 0 ]; then - echo "INFO: Software TPM startup failed" - return "$SKIP" + if ! "${TSSDIR}/tssstartup"; then + echo "INFO: Software TPM startup failed" + return "$SKIP" + fi fi echo "INFO: Walking ${BINARY_BIOS_MEASUREMENTS} initializing the software TPM" @@ -129,8 +124,7 @@ check() { local options=$1 echo "INFO: Calculating the boot_aggregate (PCRs 0 - 9) for multiple banks" - bootaggr=$(evmctl ima_boot_aggregate "${options}") - if [ $? -ne 0 ]; then + if ! bootaggr=$(evmctl ima_boot_aggregate "${options}"); then echo "${CYAN}SKIP: evmctl ima_boot_aggregate: $bootaggr${NORM}" exit "$SKIP" fi diff --git a/tests/functions.sh b/tests/functions.sh index 2105f21..9670b3a 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -368,8 +368,7 @@ _softhsm_setup() { mkdir -p "${SOFTHSM_SETUP_CONFIGDIR}" - msg=$(./softhsm_setup setup 2>&1) - if [ $? -eq 0 ]; then + if msg=$(./softhsm_setup setup 2>&1); then echo "softhsm_setup setup succeeded: $msg" PKCS11_KEYURI=$(echo "$msg" | sed -n 's|^keyuri: \(.*\)|\1|p') diff --git a/tests/ima_hash.test b/tests/ima_hash.test index e88fd59..9a8d7b6 100755 --- a/tests/ima_hash.test +++ b/tests/ima_hash.test @@ -33,8 +33,8 @@ check() { # unless it's negative test, then pass to evmctl cmd="openssl dgst $OPENSSL_ENGINE -$alg $file" echo - "$cmd" - hash=$(set -o pipefail; $cmd 2>/dev/null | cut -d' ' -f2) - if [ $? -ne 0 ] && _test_expected_to_pass; then + if ! hash=$(set -o pipefail; $cmd 2>/dev/null | cut -d' ' -f2) \ + && _test_expected_to_pass; then echo "${CYAN}$alg test is skipped$NORM" rm "$file" return "$SKIP" diff --git a/tests/sign_verify.test b/tests/sign_verify.test index 5cc0393..1b6cf2a 100755 --- a/tests/sign_verify.test +++ b/tests/sign_verify.test @@ -185,8 +185,7 @@ check_sign() { # Insert keyid from cert into PREFIX in-place of marker `:K:' if [[ $PREFIX =~ :K: ]]; then - keyid=$(_keyid_from_cert "$key") - if [ $? -ne 0 ]; then + if ! keyid=$(_keyid_from_cert "$key"); then color_red echo "Unable to determine keyid for $key" color_restore diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 10e4013..95bf0b1 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -30,8 +30,7 @@ UNAME_S="$(uname -s)" case "${UNAME_S}" in Darwin) - msg=$(sudo -v -n) - if [ $? -ne 0 ]; then + if ! msg=$(sudo -v -n); then echo "Need password-less sudo rights on OS X to change /etc/gnutls/pkcs11.conf" exit 1 fi @@ -113,18 +112,16 @@ slots.removable = false _EOF_ fi - msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}" | tail -n1) - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}" | tail -n1); then echo "Could not list existing tokens" echo "$msg" fi tokenuri=$(echo "$msg" | sed -n 's/.*URL: \([[:print:]*]\)/\1/p') if [ -z "$tokenuri" ]; then - msg=$(softhsm2-util \ + if ! msg=$(softhsm2-util \ --init-token --pin "${PIN}" --so-pin "${SO_PIN}" \ - --free --label "${NAME}" 2>&1) - if [ $? -ne 0 ]; then + --free --label "${NAME}" 2>&1); then echo "Could not initialize token" echo "$msg" return 2 @@ -143,9 +140,8 @@ _EOF_ fi fi - msg=$(p11tool --list-tokens 2>&1 | \ - grep "token=${NAME}" | tail -n1) - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-tokens 2>&1 | \ + grep "token=${NAME}" | tail -n1); then echo "Could not list existing tokens" echo "$msg" fi @@ -156,15 +152,13 @@ _EOF_ fi # more recent versions of p11tool have --generate-privkey ... - msg=$(GNUTLS_PIN=$PIN p11tool \ + if ! msg=$(GNUTLS_PIN=$PIN p11tool \ --generate-privkey=rsa --bits 2048 --label mykey --login \ - "${tokenuri}" 2>&1) - if [ $? -ne 0 ]; then + "${tokenuri}" 2>&1); then # ... older versions have --generate-rsa - msg=$(GNUTLS_PIN=$PIN p11tool \ + if ! msg=$(GNUTLS_PIN=$PIN p11tool \ --generate-rsa --bits 2048 --label mykey --login \ - "${tokenuri}" 2>&1) - if [ $? -ne 0 ]; then + "${tokenuri}" 2>&1); then echo "Could not create RSA key!" echo "$msg" return 5 @@ -184,8 +178,7 @@ _EOF_ _getkeyuri_softhsm() { local msg tokenuri keyuri - msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}") - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-tokens 2>&1 | grep "token=${NAME}"); then echo "Could not list existing tokens" echo "$msg" return 5 @@ -196,8 +189,7 @@ _getkeyuri_softhsm() { echo "$msg" return 6 fi - msg=$(p11tool --list-all "${tokenuri}" 2>&1) - if [ $? -ne 0 ]; then + if ! msg=$(p11tool --list-all "${tokenuri}" 2>&1); then echo "Could not list object under token $tokenuri" echo "$msg" softhsm2-util --show-slots From patchwork Fri Dec 1 13:31:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475837 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="NoYTSl4C" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79353197 for ; Fri, 1 Dec 2023 05:31:54 -0800 (PST) Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DCNDp004570 for ; Fri, 1 Dec 2023 13:31:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : mime-version; s=pp1; bh=cAL4DHFP7UoXYvElFpKrVWL6OfvJaJg0nyWk6phGV2E=; b=NoYTSl4CudnkmIoJInCnn3pqEWCb2zs1pAFqlXpoiyWKNOikMiAvFlOTf49pXUyLTZEG FSUwV3zhHBZt7isjjfyuhsCeWjJzhfLcy/mmkKayYk7itCoH0g/IFXRsuQlvK8ETDF4Z U0Di8nnaBAXMXVKjVMmHgS4nIXYQ5+GINNbso9BjhMqnAFvTP+BMq+dWIN6mb1Z1UQL4 d8CTSszQrPBlBcLwDBEesQtXypr5cVfISJyk6Ja8fVyHE2C0JKacz2jb+PRmPQVjyB1b PZdkXyv/KtqbBhsvf3iPVy46fezoQfLovcsbBJ/hFjrgSVAieotv1x81gs68j7ToBE7L vw== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg5qrjfm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:53 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXskL017353 for ; Fri, 1 Dec 2023 13:31:53 GMT Received: from smtprelay01.wdc07v.mail.ibm.com ([172.16.1.68]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwy2cqgr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:53 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay01.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVpum53739886 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:52 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 95FEA58056; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 577385805A; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 03/14] tests: Address issues raised by shellcheck SC2046 Date: Fri, 1 Dec 2023 08:31:25 -0500 Message-ID: <20231201133136.2124147-4-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: uE6vlCkSG20NAuepoA_JuaJHqN3H6fn- X-Proofpoint-ORIG-GUID: uE6vlCkSG20NAuepoA_JuaJHqN3H6fn- X-Proofpoint-UnRewURL: 0 URL was un-rewritten Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 priorityscore=1501 mlxscore=0 phishscore=0 bulkscore=0 adultscore=0 suspectscore=0 mlxlogscore=999 malwarescore=0 lowpriorityscore=0 spamscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2046: "Quote this to prevent word splitting." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/install-fsverity.sh | 2 +- tests/install-openssl3.sh | 2 +- tests/install-swtpm.sh | 9 +++++---- tests/install-tss.sh | 2 +- tests/softhsm_setup | 2 +- 6 files changed, 10 insertions(+), 9 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 86796c3..6fe18e4 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181 \ + shellcheck -i SC2086,SC2181,SC2046 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh index c760485..fa31b2b 100755 --- a/tests/install-fsverity.sh +++ b/tests/install-fsverity.sh @@ -2,5 +2,5 @@ git clone https://git.kernel.org/pub/scm/fs/fsverity/fsverity-utils.git cd fsverity-utils -CC=gcc make -j$(nproc) +CC=gcc make -j"$(nproc)" cd .. diff --git a/tests/install-openssl3.sh b/tests/install-openssl3.sh index 6658c23..edd99de 100755 --- a/tests/install-openssl3.sh +++ b/tests/install-openssl3.sh @@ -21,7 +21,7 @@ fi ./Configure ${FLAGS:+${FLAGS}} no-engine no-dynamic-engine --prefix=/opt/openssl3 --openssldir=/opt/openssl3 # Uncomment for debugging # perl configdata.pm --dump | grep engine -make -j$(nproc) +make -j"$(nproc)" # only install apps and library sudo make install_sw diff --git a/tests/install-swtpm.sh b/tests/install-swtpm.sh index ff44b52..a0e60ee 100755 --- a/tests/install-swtpm.sh +++ b/tests/install-swtpm.sh @@ -1,4 +1,4 @@ -#!/bin/sh -ex +#!/bin/bash -ex # No need to run via sudo if we already have permissions. # Also, some distros do not have sudo configured for root: @@ -10,7 +10,8 @@ else fi git clone https://git.code.sf.net/p/ibmswtpm2/tpm2 -cd tpm2/src -make -j$(nproc) +pushd tpm2/src 1>/dev/null || exit 1 +make -j"$(nproc)" $SUDO cp tpm_server /usr/local/bin/ -cd ../.. +popd 1>/dev/null + diff --git a/tests/install-tss.sh b/tests/install-tss.sh index c9c179e..31ea690 100755 --- a/tests/install-tss.sh +++ b/tests/install-tss.sh @@ -3,6 +3,6 @@ set -ex git clone https://git.code.sf.net/p/ibmtpm20tss/tss cd tss -autoreconf -i && ./configure --disable-tpm-1.2 --disable-hwtpm && make -j$(nproc) && sudo make install +autoreconf -i && ./configure --disable-tpm-1.2 --disable-hwtpm && make -j"$(nproc)" && sudo make install cd .. rm -rf tss diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 95bf0b1..6f8a74e 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -82,7 +82,7 @@ setup_softhsm() { fi sudo mv /etc/gnutls/pkcs11.conf \ /etc/gnutls/pkcs11.conf.bak &>/dev/null - if [ $(id -u) -eq 0 ]; then + if [ "$(id -u)" -eq 0 ]; then SONAME="$(sudo -u nobody brew ls --verbose softhsm | \ grep -E "\.so$")" else From patchwork Fri Dec 1 13:31:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475843 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="MEmk99vv" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 537A210F8 for ; Fri, 1 Dec 2023 05:31:55 -0800 (PST) Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DVIL7012691 for ; Fri, 1 Dec 2023 13:31:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=jkZXqzpbssUnC0OA2mkXDPMADTo5mcz1OocVz0zMBhE=; b=MEmk99vv4gFuDDBJ+jOAENI6RDbDaCyCAgLyzBmUUmk0jTCPK+2ccgwuoA1KS+WBD0dg DTUJ8j1WuwOPe+YW7xwxvMzgZjRFeSWtUulYU9CybUUkhqkyS4IsQjo4CM/0GQi0nbdr mA+J1HvcYSYnl2gPBCNmMCQWh3zaRikBmPtPs+2bCCiBhIS/2UqNka3Mb7rJB0zdsKNQ ZdxLnfA8ZVsVCSL03gXsvBvjlFXJVMGwkhJCzSbo7M5vKcpDcD3q/gEaXYx2p+4F00PH R6fQNCAeRdO4LQw84ufvXw2KHvmTveL7dNUmsMP+e+wHXx65MUSoHGIyAsbxDEAedJpf kA== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqfsuseph-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:54 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXoYU031666 for ; Fri, 1 Dec 2023 13:31:53 GMT Received: from smtprelay02.wdc07v.mail.ibm.com ([172.16.1.69]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukun05e9f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:53 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay02.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVq9f11338334 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:52 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EAEBA58052; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id ABCF65805A; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 04/14] tests: Address issues raised by shellcheck SC2320 Date: Fri, 1 Dec 2023 08:31:26 -0500 Message-ID: <20231201133136.2124147-5-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: bm7bgNtsu55omGOX2AoIOwh3JADRAmjH X-Proofpoint-ORIG-GUID: bm7bgNtsu55omGOX2AoIOwh3JADRAmjH X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 bulkscore=0 mlxlogscore=995 clxscore=1015 spamscore=0 phishscore=0 suspectscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2320: "This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/mmap_check.test | 8 +++----- tests/portable_signatures.test | 9 +++------ 3 files changed, 7 insertions(+), 12 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 6fe18e4..3713771 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/mmap_check.test b/tests/mmap_check.test index 2dd3433..e3e5c71 100755 --- a/tests/mmap_check.test +++ b/tests/mmap_check.test @@ -97,14 +97,12 @@ check_load_ima_rule() { new_policy=$(mktemp -p "$g_mountpoint") echo "$1" > "$new_policy" - echo "$new_policy" > /sys/kernel/security/ima/policy - result=$? - rm -f "$new_policy" - - if [ "$result" -ne 0 ]; then + if ! echo "$new_policy" > /sys/kernel/security/ima/policy; then + rm -f "$new_policy" echo "${RED}Failed to set IMA policy${NORM}" return "$HARDFAIL" fi + rm -f "$new_policy" return "$OK" } diff --git a/tests/portable_signatures.test b/tests/portable_signatures.test index 9f3339b..7ddd149 100755 --- a/tests/portable_signatures.test +++ b/tests/portable_signatures.test @@ -80,7 +80,6 @@ METADATA_CHANGE_FOWNER_2=3002 check_load_ima_rule() { local rule_loaded - local result local new_policy rule_loaded=$(grep "$1" /sys/kernel/security/ima/policy) @@ -88,14 +87,12 @@ check_load_ima_rule() { new_policy=$(mktemp -p "$g_mountpoint") echo "$1" > "$new_policy" evmctl sign -o -a sha256 --imasig --key "$key_path" "$new_policy" &> /dev/null - echo "$new_policy" > /sys/kernel/security/ima/policy - result=$? - rm -f "$new_policy" - - if [ "$result" -ne 0 ]; then + if ! echo "$new_policy" > /sys/kernel/security/ima/policy; then + rm -f "$new_policy" echo "${RED}Failed to set IMA policy${NORM}" return "$FAIL" fi + rm -f "${new_policy}" fi return "$OK" From patchwork Fri Dec 1 13:31:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475839 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="DISMloun" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0218E131 for ; Fri, 1 Dec 2023 05:31:54 -0800 (PST) Received: from pps.filterd (m0360083.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DH0r6021627 for ; Fri, 1 Dec 2023 13:31:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=afKzOp+VwXEGQXo8IEKvT21i3Iigfp751lGuZrymG44=; b=DISMlounoAYYbQFF9W21MVMhbO9RRnx/LaEXMfXEdIL+ZbfPV8BTB9fpGwopCvHzexdj p00cee45Se8/WfIEGT2gYkrkSXFphTFgCP14utq2D7xNJ+pwOiYGY38GSdrrp13XTHFy Hr4l0TnvK9WytjM0MB3tBOILiNpthp7k17WOteRwgfHc815X+BOkxUkWmbsOZHNN64Nj 9zSM9PPdW8VZVX69c0DaI9gogLSJuYTshRdfIyT51NyoARXYFDNgX5nv22nKbAS5msDP OMEyK6BBxeo6TJWM7KwJQR5sJMRXhXZYMb8JW1rCeMYdw7AvlutUHwbQaFtRWPzENZSb 3g== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg828f86-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:54 +0000 Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXsxR002615 for ; Fri, 1 Dec 2023 13:31:53 GMT Received: from smtprelay02.wdc07v.mail.ibm.com ([172.16.1.69]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukv8p57rn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:53 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay02.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVqNf11338336 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:52 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 543D25805E; Fri, 1 Dec 2023 13:31:52 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0C9785805A; Fri, 1 Dec 2023 13:31:52 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:51 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 05/14] tests: Address issues raised by shellcheck SC2317 Date: Fri, 1 Dec 2023 08:31:27 -0500 Message-ID: <20231201133136.2124147-6-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 1cyYO2YydYwvv4rHqGgid4jI-6SJTkGy X-Proofpoint-ORIG-GUID: 1cyYO2YydYwvv4rHqGgid4jI-6SJTkGy X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 clxscore=1015 phishscore=0 mlxlogscore=999 suspectscore=0 malwarescore=0 spamscore=0 adultscore=0 bulkscore=0 mlxscore=0 impostorscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2317: "Command appears to be unreachable. Check usage (or ignore if invoked indirectly)." Disable this check in fsverity.test since functions are called indirectly there. Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/fsverity.test | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 3713771..e2fcb16 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/fsverity.test b/tests/fsverity.test index 2b338ca..ddd6993 100755 --- a/tests/fsverity.test +++ b/tests/fsverity.test @@ -29,6 +29,8 @@ # since the policy rules are walked sequentially, the system's IMA # custom policy rules might take precedence. +# shellcheck disable=SC2317 + cd "$(dirname "$0")" || exit 1 PATH=../src:../fsverity-utils:/usr/sbin:$PATH source ./functions.sh From patchwork Fri Dec 1 13:31:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475840 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="ADn3Ik5n" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DBE3810FC for ; Fri, 1 Dec 2023 05:31:55 -0800 (PST) Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DVGJ3012484 for ; Fri, 1 Dec 2023 13:31:55 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=bFwkzrgYTvx/bONkknb0mGv7TBbeYwfgxiNyVrGnCXQ=; b=ADn3Ik5nTuMWzEqtPxD8Vi1FVK0E9QPNl93eU6IzTjTj5sh0Ag86HBchg1lBvlfmS9So hqt8K9iu1WGd7404ar0x17BpKR2qNTNxJY//4WMRO4+KU45IoxkrEE2QFC5G6sKiiCaA 5io7WaYEBWo7QYSC0FMf7cIKn/CqX+IzzX1rKOcBKcUWFpjPubsp1Mpwsj+kjeikBhAB 4NABoi2QVXeRL9h+pSbCcPrHUfE8rP5QpIJbPDWB/1S6aPEycG0eYGg8GbxMAARgU7G1 guHrrPih7VmdUPzYaJM1ddOP1hHA2SQ9XEaTyUS0G1OKrbQdJgFMv+rulJRp4TdDserg NA== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqfsuser0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:54 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXskN017353 for ; Fri, 1 Dec 2023 13:31:54 GMT Received: from smtprelay02.wdc07v.mail.ibm.com ([172.16.1.69]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwy2cqgv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:54 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay02.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVq4R11338338 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:53 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A90405805A; Fri, 1 Dec 2023 13:31:52 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6A57A58052; Fri, 1 Dec 2023 13:31:52 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:52 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 06/14] tests: Address issues raised by shellcheck SC2034 Date: Fri, 1 Dec 2023 08:31:28 -0500 Message-ID: <20231201133136.2124147-7-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: I8AUKRuQeh25OZIhFFA2UNDiy4lZNSiu X-Proofpoint-ORIG-GUID: I8AUKRuQeh25OZIhFFA2UNDiy4lZNSiu X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 bulkscore=0 mlxlogscore=984 clxscore=1015 spamscore=0 phishscore=0 suspectscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2034: "foo appears unused. Verify it or export it." Export PKCS11_KEYURI in a separate statement to avoid the following shellcheck issue: SC2155 (warning): Declare and assign separately to avoid masking return values. Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/functions.sh | 1 + tests/mmap_check.test | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index e2fcb16..79e2775 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/functions.sh b/tests/functions.sh index 9670b3a..4ad61ef 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -371,6 +371,7 @@ _softhsm_setup() { if msg=$(./softhsm_setup setup 2>&1); then echo "softhsm_setup setup succeeded: $msg" PKCS11_KEYURI=$(echo "$msg" | sed -n 's|^keyuri: \(.*\)|\1|p') + export PKCS11_KEYURI export EVMCTL_ENGINE="--engine pkcs11" export OPENSSL_ENGINE="-engine pkcs11" diff --git a/tests/mmap_check.test b/tests/mmap_check.test index e3e5c71..18412b5 100755 --- a/tests/mmap_check.test +++ b/tests/mmap_check.test @@ -5,6 +5,8 @@ # # Check the behavior of MMAP_CHECK and MMAP_CHECK_REQPROT +# shellcheck disable=SC2034 + trap '_report_exit_and_cleanup _cleanup_env cleanup' SIGINT SIGTERM SIGSEGV EXIT PATCHES=( From patchwork Fri Dec 1 13:31:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475842 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Rg5tzaZe" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 191A810FF for ; Fri, 1 Dec 2023 05:31:56 -0800 (PST) Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DCQtw004727 for ; Fri, 1 Dec 2023 13:31:55 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : mime-version; s=pp1; bh=/r4mXdj+WL0aG04+qDwl6s2cokRhzG2wubQlL8Wx94E=; b=Rg5tzaZeKFJwGqUhNIqy8tmx75QHkTykkcEKOBlGSmqasLSORJ1pLgbFmMhdq5xHsjOq YWPsaWTX0rTZ66IovmF1FwzLKXXBqP5N6xvhFhiyoIXtTkdhwt5BIanD8OcsV9D6XdEY 1P+p+o/mpjqiNk1PPfmnVkaKyRg0EmuQXKFqXflqe6vhSHM1TiwpwkkJoouoeF+GdFYY +0naSe88xja3YiJJCBwuH7F3tzoxTyPMRSRJe95ZqehUjcNlEUZ2kakIczxva9TV5CzF B91OY5BNfeqF/CRDHnR0arUaBk1+FVSyFCosFZZsyH8vpBaZKvCdaU8GcBxAluUvVlj7 mw== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg5qrjg2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:55 +0000 Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXs9T002619 for ; Fri, 1 Dec 2023 13:31:54 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukv8p57rq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:54 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVraV19727020 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:53 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0964158056; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BEC0A58052; Fri, 1 Dec 2023 13:31:52 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:52 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 07/14] tests: Address issues raised by shellcheck SC2164 Date: Fri, 1 Dec 2023 08:31:29 -0500 Message-ID: <20231201133136.2124147-8-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: hCxbpzjEFZgwkVs1Svdv206J2cYyAGMf X-Proofpoint-ORIG-GUID: hCxbpzjEFZgwkVs1Svdv206J2cYyAGMf X-Proofpoint-UnRewURL: 0 URL was un-rewritten Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 priorityscore=1501 mlxscore=0 phishscore=0 bulkscore=0 adultscore=0 suspectscore=0 mlxlogscore=999 malwarescore=0 lowpriorityscore=0 spamscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2164: "Use cd ... || exit in case cd fails." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/boot_aggregate.test | 2 +- tests/install-fsverity.sh | 2 +- tests/install-mount-idmapped.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 79e2775..c5b2a2f 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index 04aef9b..c7c2b21 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -17,7 +17,7 @@ trap '_report_exit_and_cleanup cleanup' SIGINT SIGTERM EXIT # Base VERBOSE on the environment variable, if set. VERBOSE="${VERBOSE:-0}" -cd "$(dirname "$0")" +cd "$(dirname "$0")" || exit 1 export PATH=../src:$PATH export LD_LIBRARY_PATH=$LD_LIBRARY_PATH . ./functions.sh diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh index fa31b2b..e2b0286 100755 --- a/tests/install-fsverity.sh +++ b/tests/install-fsverity.sh @@ -1,6 +1,6 @@ #!/bin/sh git clone https://git.kernel.org/pub/scm/fs/fsverity/fsverity-utils.git -cd fsverity-utils +cd fsverity-utils || exit 1 CC=gcc make -j"$(nproc)" cd .. diff --git a/tests/install-mount-idmapped.sh b/tests/install-mount-idmapped.sh index c954006..d8a673c 100755 --- a/tests/install-mount-idmapped.sh +++ b/tests/install-mount-idmapped.sh @@ -1,6 +1,6 @@ #!/bin/sh git clone https://github.com/brauner/mount-idmapped.git -cd mount-idmapped +cd mount-idmapped || exit 1 gcc -o mount-idmapped mount-idmapped.c cd .. From patchwork Fri Dec 1 13:31:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475845 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="ab7+ifPJ" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0B4591700 for ; Fri, 1 Dec 2023 05:31:57 -0800 (PST) Received: from pps.filterd (m0353728.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DRRUJ002094 for ; Fri, 1 Dec 2023 13:31:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=VGoSwG1/4hdiKBk6J2M99Mh8aeFeMRtUXlCTt018fmw=; b=ab7+ifPJXrpnCTrf8+862gC6yxpDNd9QTYCoxTYrcW1zdJ4gM5vZLxIch+xbtUz9wvL3 WMbdXlSSD+I+/dGFIAOW1Ja3MVkVcbjVZG3H97BcrtRQKzARgwXvgVmN7Dd0moSsajp4 8nDMLc+2KUOWY99CY7fGIH3g5YfVqRIjHYSxspDhSSfNCHfefDEB+QM4Jds7Y8mo2WGk E0xAx859Y7qKa8gBbDX30i4hyfWWDyPXNYiTRbMDdW6cKETVF7/PEAJW+n6yZ7LJO0oE 0LL8iBKKJm91SlM5Ai/D6oKjMOxykhG7MR+sh3WmMxWQZmmseDuLVmua459v1Xn3NNBD nw== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqgcqr4wt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:56 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXs1Q017343 for ; Fri, 1 Dec 2023 13:31:54 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwy2cqgx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:54 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVrVt19727024 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:53 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 67D575805A; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1F0D258052; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 08/14] tests: Address issues raised by shellcheck SC2166 Date: Fri, 1 Dec 2023 08:31:30 -0500 Message-ID: <20231201133136.2124147-9-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: t9jvyM1CHzT7q7CXPvebTSI9FdBi-fHO X-Proofpoint-ORIG-GUID: t9jvyM1CHzT7q7CXPvebTSI9FdBi-fHO X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 suspectscore=0 phishscore=0 clxscore=1015 mlxscore=0 bulkscore=0 mlxlogscore=973 priorityscore=1501 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2166: "Prefer [ p ] && [ q ] as [ p -a q ] is not well defined." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/softhsm_setup | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index c5b2a2f..df1fbff 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,7 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164 \ + shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/softhsm_setup b/tests/softhsm_setup index 6f8a74e..fc33596 100755 --- a/tests/softhsm_setup +++ b/tests/softhsm_setup @@ -15,7 +15,7 @@ fi MAJOR=$(softhsm2-util -v | cut -d '.' -f1) MINOR=$(softhsm2-util -v | cut -d '.' -f2) -if [ "${MAJOR}" -lt 2 ] || [ "${MAJOR}" -eq 2 -a "${MINOR}" -lt 2 ]; then +if [[ "${MAJOR}" -lt 2 || ( "${MAJOR}" -eq 2 && "${MINOR}" -lt 2 ) ]]; then echo "Need softhsm v2.2.0 or later" exit 77 fi From patchwork Fri Dec 1 13:31:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475846 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="P/5/jmqW" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45375170E for ; Fri, 1 Dec 2023 05:31:57 -0800 (PST) Received: from pps.filterd (m0353727.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DCLu2031370 for ; Fri, 1 Dec 2023 13:31:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=MY0XxR1i2Uz5rXjsDP4/3t/rVNVP+DFyDGF055k7bZo=; b=P/5/jmqWgjsKoGvYTN9N+biDb+HiladU+xms1MMs5oGQAhnnTV1YtHGsWFDhdkYxNZv4 pW7W8g5m19QzRPid6ufxNl4UczJbLhwPCBJ/V2iG3/MGd4kPZvQ+hAzM6UDwmdiGV27o XF/SM55LY69trA0ZuHs1jnA+PBTPBI2J71OT2iRivhc918pnncFiHznplDMkqSzs4amm YYRmcwkUPwxqN4AFWJBHsEjag1Ikukk6PmUaQ2k/BmcERsRc+nRBuB46Ctberg7iPb7W xiH1r/s2ZrX2LMsHOnOCmnT5zhwNzOLm77DdWVxWFTwTst9DwZIhp+AGXeWE35NKFcg9 +w== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg5pgfkw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:56 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AY30O000744 for ; Fri, 1 Dec 2023 13:31:54 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3uku8tnhfr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:54 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVrY319727026 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:53 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C43A75805A; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7C54558052; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 09/14] tests: Address issues raised by shellcheck SC2294 Date: Fri, 1 Dec 2023 08:31:31 -0500 Message-ID: <20231201133136.2124147-10-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 6PeXV3cA8scsOQKjDQ0tzQD6oKYxRDVk X-Proofpoint-ORIG-GUID: 6PeXV3cA8scsOQKjDQ0tzQD6oKYxRDVk X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 suspectscore=0 adultscore=0 phishscore=0 mlxlogscore=999 spamscore=0 malwarescore=0 impostorscore=0 mlxscore=0 bulkscore=0 clxscore=1015 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2294: "eval negates the benefit of arrays. Drop eval to preserve whitespace/symbols (or eval as string)." Signed-off-by: Stefan Berger --- tests/Makefile.am | 4 +++- tests/gen-keys.sh | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index df1fbff..9092c43 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -26,7 +26,9 @@ clean-local: distclean: distclean-keys shellcheck: - shellcheck -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ + shellcheck \ + -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ + -i SC2294 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/gen-keys.sh b/tests/gen-keys.sh index 0b03ba4..c3d5a20 100755 --- a/tests/gen-keys.sh +++ b/tests/gen-keys.sh @@ -21,7 +21,7 @@ type openssl log() { echo >&2 - "$*" - eval "$@" + eval "$*" } if [ "$1" = clean ]; then From patchwork Fri Dec 1 13:31:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475844 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="T9tLawNB" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0BC5C170B for ; Fri, 1 Dec 2023 05:31:57 -0800 (PST) Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DCPDm004656 for ; Fri, 1 Dec 2023 13:31:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=KaMD53FyaY+U/ZprZcrTpPx3OZ9FrxMKcTpsjJ9Qc3c=; b=T9tLawNBZOf/i0LQdsr7XET1IoxShFQFAXT+ntBEu2fXKyIotpM5cIh430SREnnMXtrE 6sdZiJk87aoitzq1I8x2oPfvpofCbdmbai2OY/hxiWzbw0h8U/afMxfajPqKbT51yQrr ZLChPrrgqF75mHH2FOPtOYbtW3y0z9ceNwqOINWmu8KB36Ab4v7MbPWSFWHgGDpKmCPu EGoDZaM+4ilf+ZxGIXASbiQvZZ5/NdYmB7OTn9CrkM+RsZ1YZqhvupwHs/mEjXG6syML luIoSisJ4XR8YsnOU4e0xsXzCVeq9yffz9q1Va43alifcyZ6FSMPespIySeVSc4E2mBb 8A== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg5qrjgs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:56 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXmAa031619 for ; Fri, 1 Dec 2023 13:31:55 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukun05e9q-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:55 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVsL48192606 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:54 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2D78E58056; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D9B0D58052; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:53 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 10/14] tests: Address issues raised by shellcheck SC2206 Date: Fri, 1 Dec 2023 08:31:32 -0500 Message-ID: <20231201133136.2124147-11-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: wMe74yucleFojm6zttKUcrIpmzUlAfxr X-Proofpoint-ORIG-GUID: wMe74yucleFojm6zttKUcrIpmzUlAfxr X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 priorityscore=1501 mlxscore=0 phishscore=0 bulkscore=0 adultscore=0 suspectscore=0 mlxlogscore=999 malwarescore=0 lowpriorityscore=0 spamscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issue raised by shellcheck SC2206: "Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/boot_aggregate.test | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 9092c43..cbf637c 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294 \ + -i SC2294,SC2206 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test index c7c2b21..7817c2b 100755 --- a/tests/boot_aggregate.test +++ b/tests/boot_aggregate.test @@ -128,8 +128,7 @@ check() { echo "${CYAN}SKIP: evmctl ima_boot_aggregate: $bootaggr${NORM}" exit "$SKIP" fi - - boot_aggr=( $bootaggr ) + IFS=$'\n' readarray -t boot_aggr <<< "$bootaggr" echo "INFO: Searching for the boot_aggregate in ${ASCII_RUNTIME_MEASUREMENTS}" for hash in "${boot_aggr[@]}"; do From patchwork Fri Dec 1 13:31:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475848 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="adUwKPnR" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1BFF1711 for ; Fri, 1 Dec 2023 05:31:57 -0800 (PST) Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DCNDr004570 for ; Fri, 1 Dec 2023 13:31:57 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=PvRr2WMpQ+NEW4x9VXN+i9Zw+jCaHaoQWacHjjMi3tM=; b=adUwKPnRweINNiigU7zJX5zV1yH6sdnIFfddHGeC0SoUrD4EX/Mtit2r+Xvw3fj5EhZJ UYC6BsWLkDcG1CdjnoyYsB2GQkBeXuhGCe0CHdhAKE/cJTkzNNKuYgSHy69YJnG+AsZe X8iw2ZF/0DOMuayiebjgVbFDbxf5f5nEo7WXbCnU6P65SB1dL94x3WGO8fTIkHUfsIqK 4bcNbJzHe6Lg9VBgWnU+kH+Z7koS4oZ6tuBqhfh6SCPXlbsgHrB9686LoyKzZd/8AsJB 6ZyZzwa96HqYgFwtxdh6JmijHZTlpHJ5qL2Lsw2bQwsLiJ2leQFDGt7/EcGsvpAcpvrQ wg== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg5qrjgv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:57 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXof9006365 for ; Fri, 1 Dec 2023 13:31:55 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwfkmuy8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:55 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVsiX16188022 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:54 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8AF6558062; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 433525805E; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 11/14] tests: Address issues raised by shellcheck SC2196 Date: Fri, 1 Dec 2023 08:31:33 -0500 Message-ID: <20231201133136.2124147-12-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: J3gcA06gBaCaq6dHzbFoOvTs1Ncirvjb X-Proofpoint-ORIG-GUID: J3gcA06gBaCaq6dHzbFoOvTs1Ncirvjb X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 priorityscore=1501 mlxscore=0 phishscore=0 bulkscore=0 adultscore=0 suspectscore=0 mlxlogscore=998 malwarescore=0 lowpriorityscore=0 spamscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2196: "egrep is non-standard and deprecated. Use grep -E instead." Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/functions.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index cbf637c..3c542d7 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206 \ + -i SC2294,SC2206,SC2196 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/functions.sh b/tests/functions.sh index 4ad61ef..c39b894 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -272,7 +272,7 @@ _test_xattr() { local file=$1 attr=$2 prefix=$3 local text_for=${ADD_TEXT_FOR:+ for $ADD_TEXT_FOR} - if ! getfattr -n "$attr" -e hex "$file" | egrep -qx "$attr=$prefix"; then + if ! getfattr -n "$attr" -e hex "$file" | grep -qx -E "$attr=$prefix"; then color_red_on_failure echo "Did not find expected hash$text_for:" echo " $attr=$prefix" From patchwork Fri Dec 1 13:31:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475847 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="RP+JSHJB" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0B4DB1704 for ; Fri, 1 Dec 2023 05:31:57 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DMOYF011023 for ; Fri, 1 Dec 2023 13:31:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=JHiDRhE1u083wRxbpYJTM1GLbDmSGh2BNNSLFCw1Yco=; b=RP+JSHJBKxBrTffjRwPoskeRzgMfv08GWF2a/8ZaQL4rZ9YJBafmWhwGPJihSTO59fpp mZPpC2MD/XZV8ZzdB1VM8uraUPrxBEi43DTGH+ozMYy3gAhs8wPmjCHbUXTPcSiTylwa qgqw3G7MHOAEdU+K8GuEpN24Kl5SFk9TxEfMqNrgj465L5M4Osj4wKZKMAuCf6WiAB3O iTLujgYvVveDTY56HDy/nnZig0YWLM94WcBuWxxXseJuyY1URIpMi1jdH0kM0koNhRkc OOG8x7p8s2OWRbchFl+5IOpHyLl8c4R7n1HhjBomj+LIzuZvc6rHzylPa7GSWroSAvMO 6A== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqgad09et-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:56 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXqg6017324 for ; Fri, 1 Dec 2023 13:31:55 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwy2cqh8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:55 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVtQH21299858 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:55 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E7F5E58052; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A0AAC5805E; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 12/14] tests: Address issues raised by shellcheck SC2043 Date: Fri, 1 Dec 2023 08:31:34 -0500 Message-ID: <20231201133136.2124147-13-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: e4LCfpnWj0nJJeD8qGLRcEuDekM2FGMo X-Proofpoint-ORIG-GUID: e4LCfpnWj0nJJeD8qGLRcEuDekM2FGMo X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 priorityscore=1501 clxscore=1015 phishscore=0 lowpriorityscore=0 impostorscore=0 mlxlogscore=884 suspectscore=0 mlxscore=0 malwarescore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2043: "This loop will only ever run once for a constant value. Did you perhaps mean to loop over dir/*, $var or $(cmd)? Disable this check in gen-keys.sh to leave the loop alone. Signed-off-by: Stefan Berger --- tests/Makefile.am | 2 +- tests/gen-keys.sh | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 3c542d7..4ce71f4 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206,SC2196 \ + -i SC2294,SC2206,SC2196,SC2043 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/gen-keys.sh b/tests/gen-keys.sh index c3d5a20..601ded2 100755 --- a/tests/gen-keys.sh +++ b/tests/gen-keys.sh @@ -15,6 +15,8 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. +# shellcheck disable=SC2043 + cd "$(dirname "$0")" || exit 1 PATH=../src:$PATH type openssl From patchwork Fri Dec 1 13:31:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475849 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="jOna0KrC" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 71F3D170F for ; Fri, 1 Dec 2023 05:31:57 -0800 (PST) Received: from pps.filterd (m0360083.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DH4Yj021782 for ; Fri, 1 Dec 2023 13:31:57 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=K2OSIIWeR+/mVCpZD6SxIqXKHERmaQICjyFMubPt4pk=; b=jOna0KrCRxOIJMZyFp+m3gSkLaeaqu1uVYbMtGLdfalOnNgSLUtXI4qB/BXG8Gaowuer /rxFvT7KsExXobK9zLUY4QM2Tv06+LjB1YFaOFHSKPc3j4EJIsIh8xV/hYMOTzLWzaga DFratXW6GCoRhgaFK+JKq4M1dV2Iofk3Zglu6BOLwTOIRm4a65ScHkEiJZ8IWAyEr0aK 6hjjxbw3Hl264kjLXcHnADnOXR4OdERkhhoKLv0axGHKL/e4LHbOZf/92gur+AD/E3CK 3zaem2sbExGdPPXapNSVUJliZFOoLjU58/c7IMSQ5dgA7e0d9MvOV6vBZKYP5P8CBGNd og== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqg828f9a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:56 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXo9C006360 for ; Fri, 1 Dec 2023 13:31:55 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([172.16.1.7]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ukwfkmuyc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Dec 2023 13:31:55 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVtub26018418 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:55 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 488A75805E; Fri, 1 Dec 2023 13:31:55 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0A1B158056; Fri, 1 Dec 2023 13:31:55 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:54 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger Subject: [ima-evm-utils PATCH v3 13/14] tests: Address issues raised by shellcheck SC2295 Date: Fri, 1 Dec 2023 08:31:35 -0500 Message-ID: <20231201133136.2124147-14-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: no8t849zdzxHIcSd1aDzZadG74k7JcLi X-Proofpoint-ORIG-GUID: no8t849zdzxHIcSd1aDzZadG74k7JcLi X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 clxscore=1015 phishscore=0 mlxlogscore=965 suspectscore=0 malwarescore=0 spamscore=0 adultscore=0 bulkscore=0 mlxscore=0 impostorscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues raised by shellcheck SC2295: "Expansions inside ${..} need to be quoted separately, otherwise they will match as a pattern." There's not variable digest_type but it's a plain string and therefore treat it as such. Signed-off-by: Stefan Berger Cc: Mimi Zohar --- tests/Makefile.am | 2 +- tests/fsverity.test | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 4ce71f4..7b3d92b 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -28,7 +28,7 @@ distclean: distclean-keys shellcheck: shellcheck \ -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206,SC2196,SC2043 \ + -i SC2294,SC2206,SC2196,SC2043,SC2295 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/fsverity.test b/tests/fsverity.test index ddd6993..a6ba68b 100755 --- a/tests/fsverity.test +++ b/tests/fsverity.test @@ -169,7 +169,7 @@ unqualified_bprm_rule() { local rule_match="measure func=BPRM_CHECK" local rule_dontmatch="fsuuid" - if [ -z "${rule##*$digest_type=verity*}" ]; then + if [ -z "${rule##*digest_type=verity*}" ]; then if grep "$rule_match" $IMA_POLICY_FILE | grep -v "$rule_dontmatch" &> /dev/null; then return "$SKIP" fi From patchwork Fri Dec 1 13:31:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13475850 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Rh4U7Z/5" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6BF6E131 for ; Fri, 1 Dec 2023 05:32:01 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1DMSU7011179; Fri, 1 Dec 2023 13:31:58 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=ShLPU8A563ho3ExyzSyndBdAsqcrd38OTJBacAHnOiA=; b=Rh4U7Z/5VrXfCy49PZ+UoVa44HcFKGIN/9Vk8QJVdT7B1dcb/1Hnqgf7QFx1YzevJT9m 60S0qBzYgE8FOMvJzeGOoGn1A4YI3VbMQTIIwMcWmaQauqHtrRPD7VYPea+jlhWB9wKT UmAPO/edWHdM8cpVISGChGIEsiYg7abiUgQqpuAEdoKRLpjiRaUcD1p/HIEV18cJr6Rm BP9kxi4xz6EoSdzgi/jPEN7yBCk/BWgjoLLcKRIFTefIAPiJKfUOiy0DB5yVV9Cq0FPW h+3xEbdfDz6xcZ0uu0NMqfHhiQM/54/TJMqWngZqs2qvaawq6PIYT6JkIKPKyfZing7Y bw== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uqgad09ff-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Dec 2023 13:31:57 +0000 Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3B1AXwSC020432; Fri, 1 Dec 2023 13:31:56 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([172.16.1.7]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3ukvrm53km-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Dec 2023 13:31:56 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3B1DVtlT14484132 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Dec 2023 13:31:55 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9E3975805E; Fri, 1 Dec 2023 13:31:55 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5F28758063; Fri, 1 Dec 2023 13:31:55 +0000 (GMT) Received: from sbct-2.pok.ibm.com?044watson.ibm.com (unknown [9.47.158.152]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Dec 2023 13:31:55 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, Stefan Berger , Roberto Sassu Subject: [ima-evm-utils PATCH v3 14/14] tests: Address issues raised by shellcheck SC2003 Date: Fri, 1 Dec 2023 08:31:36 -0500 Message-ID: <20231201133136.2124147-15-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20231201133136.2124147-1-stefanb@linux.ibm.com> References: <20231201133136.2124147-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: ziMFZ-cqcI-3PqKP__5nIf2G5aY4bRLk X-Proofpoint-ORIG-GUID: ziMFZ-cqcI-3PqKP__5nIf2G5aY4bRLk X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-01_11,2023-11-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 priorityscore=1501 clxscore=1011 phishscore=0 lowpriorityscore=0 impostorscore=0 mlxlogscore=999 suspectscore=0 mlxscore=0 malwarescore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2312010092 Address issues detected by shellcheck SC2003: expr is antiquated. Consider rewriting this using $((..)), ${} or [[ ]]. The following statement in portable_signatures.test causes the issue: expr index "$TST_LIST" "check_evm_revalidate" The man page for expr states: index STRING CHARS index in STRING where any CHARS is found, or 0 The intention is certainly not to find an index of any of the characters in "check_evm_revalidate" in $TST_LIST but to find the word "check_evm_revalidate" in $TST_LIST. Therefore, use grep -w to determine whether the word is there. Signed-off-by: Stefan Berger Cc: Roberto Sassu --- tests/Makefile.am | 2 -- tests/portable_signatures.test | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 7b3d92b..a95c4d2 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -27,8 +27,6 @@ distclean: distclean-keys shellcheck: shellcheck \ - -i SC2086,SC2181,SC2046,SC2320,SC2317,SC2034,SC2164,SC2166 \ - -i SC2294,SC2206,SC2196,SC2043,SC2295 \ functions.sh gen-keys.sh install-fsverity.sh \ install-mount-idmapped.sh install-openssl3.sh \ install-swtpm.sh install-tss.sh softhsm_setup \ diff --git a/tests/portable_signatures.test b/tests/portable_signatures.test index 7ddd149..10b0ad8 100755 --- a/tests/portable_signatures.test +++ b/tests/portable_signatures.test @@ -1090,7 +1090,7 @@ if [ $((evm_value & EVM_INIT_X509)) -ne "$EVM_INIT_X509" ] && [ "$TST_EVM_CHANGE echo "$EVM_INIT_X509" > /sys/kernel/security/evm 2> /dev/null fi -if [ "$(expr index "$TST_LIST" "check_evm_revalidate")" -gt 0 ] && [ "$TST_EVM_CHANGE_MODE" -eq 1 ]; then +if echo "$TST_LIST" | grep -q -w check_evm_revalidate && [ "$TST_EVM_CHANGE_MODE" -eq 1 ]; then echo "$EVM_ALLOW_METADATA_WRITES" > /sys/kernel/security/evm 2> /dev/null fi