[apparmor] [patch] tests: mark failing dgram tests in unix_socket_unnamed.sh as xpass

[Steve Beattie]

It's not been tracked down in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1373172 why this is
happening, but the current unnamed unix socket dgram tests are failing
when only the server is confined, and the peer label is given as only
the confining profile (the stream and seqpacket dgram tests/permissions
don't seem to trigger this revalidation rejection).

Until this bug is diagnosed and addressed, mark these tests as failing
but expected to pass (i.e. 'xpass').

Signed-off-by: Steve Beattie <steve at nxnw.org>
---
 tests/regression/apparmor/unix_socket.inc |   20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

Index: b/tests/regression/apparmor/unix_socket.inc
===================================================================
--- a/tests/regression/apparmor/unix_socket.inc
+++ b/tests/regression/apparmor/unix_socket.inc
@@ -41,6 +41,14 @@ do_test()
 	local genprof="genprofile"
 	local args
 
+	# this is a workaround for
+	# https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1373172
+	local p_ex_result="pass"
+	if [ "$addr_type" == "unnamed" ] && [ "$test_prog" == "server" ] &&
+	   [ "$type" == "dgram" ] ; then
+        	p_ex_result="xpass"
+	fi
+
 	if [ "$test_prog" == "server" ]; then
 		genprof+=" $client:Ux"
 		args="$addr $type $message $client"
@@ -78,20 +86,20 @@ do_test()
 	fi
 
 	$genprof "unix:($l_access)" "unix::peer=(label=$p_label)"
-	runchecktest "$desc (peer label w/ implicit perms)" pass $args
+	runchecktest "$desc (peer label w/ implicit perms)" ${p_ex_result} $args
 
 	$genprof "unix:($l_access)" "unix:($p_access):peer=(label=$p_label)"
-	runchecktest "$desc (peer label w/ explicit perms)" pass $args
+	runchecktest "$desc (peer label w/ explicit perms)" ${p_ex_result} $args
 
 	if [ -n "$p_addr" ]; then
 		$genprof "unix:($l_access)" "unix:($p_access):peer=(addr=$p_addr)"
 		runchecktest "$desc (peer addr)" pass $args
 
 		$genprof "unix:($l_access)" "unix:($p_access):peer=(label=$p_label addr=$p_addr)"
-		runchecktest "$desc (peer label, peer addr)" pass $args
+		runchecktest "$desc (peer label, peer addr)" ${p_ex_result} $args
 
 		$genprof "unix:($l_access):type=$type" "unix:($p_access):type=$type:peer=(label=$p_label addr=$p_addr)"
-		runchecktest "$desc (type, peer label, peer addr)" pass $args
+		runchecktest "$desc (type, peer label, peer addr)" ${p_ex_result} $args
 	fi
 
 	if [ -n "$addr" ]; then
@@ -99,12 +107,12 @@ do_test()
 		runchecktest "$desc (type, addr)" pass $args
 
 		$genprof $u_type_rule "unix:($l_b_access):type=$type:addr=$addr" "unix:($p_access):type=$type:addr=$addr:peer=(label=$p_label)"
-		runchecktest "$desc (type, addr, peer label)" pass $args
+		runchecktest "$desc (type, addr, peer label)" ${p_ex_result} $args
 	fi
 
 	if [ -n "$addr" -a -n "$p_addr" ]; then
 		$genprof $u_type_rule "unix:($l_b_access):type=$type:addr=$addr" "unix:($p_access):type=$type:addr=$addr:peer=(label=$p_label addr=$p_addr)"
-		runchecktest "$desc (type, addr, peer label, peer addr)" pass $args
+		runchecktest "$desc (type, addr, peer label, peer addr)" ${p_ex_result} $args
 	fi
 
 	$genprof

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20141009/f057350a/attachment.pgp>