The blktrace/001 test fails on systems with Secure Boot enabled due to kernel lockdown preventing access to debugfs. The test attempts to run blktrace which requires access to /sys/kernel/debug/block/*/trace* files, but kernel lockdown (enabled automatically with Secure Boot) blocks this access, resulting in "Operation not permitted" errors. Add _have_debugfs_access() helper function to detect kernel lockdown by checking /sys/kernel/security/lockdown for [integrity] or [confidentiality] modes. When detected, the test now skips gracefully with a clear message: "kernel lockdown is enabled (Secure Boot may be active)". Also add _have_configfs check which was missing. The test uses _configure_null_blk() which requires configfs to be mounted at /sys/kernel/config. Signed-off-by: Disha Goel --- common/rc | 14 ++++++++++++++ tests/blktrace/001 | 2 ++ 2 files changed, 16 insertions(+) diff --git a/common/rc b/common/rc index 5350057..50d63e7 100644 --- a/common/rc +++ b/common/rc @@ -205,6 +205,20 @@ _have_blktrace() { _have_program blktrace } +_have_debugfs_access() { + # Check if kernel lockdown is preventing debugfs access + # This happens when Secure Boot is enabled + if [[ -f /sys/kernel/security/lockdown ]]; then + local lockdown_state + lockdown_state=$(cat /sys/kernel/security/lockdown 2>/dev/null) + if [[ "$lockdown_state" =~ \[integrity\]|\[confidentiality\] ]]; then + SKIP_REASONS+=("kernel lockdown is enabled (Secure Boot may be active)") + return 1 + fi + fi + return 0 +} + _have_configfs() { if ! findmnt -t configfs /sys/kernel/config >/dev/null; then SKIP_REASONS+=("configfs is not mounted at /sys/kernel/config") diff --git a/tests/blktrace/001 b/tests/blktrace/001 index 2cdad02..4fe7807 100755 --- a/tests/blktrace/001 +++ b/tests/blktrace/001 @@ -22,6 +22,8 @@ requires() { _have_program blkzone _have_null_blk _have_module_param null_blk zoned + _have_configfs + _have_debugfs_access } test() { -- 2.45.1