diff options
| author | Tyler Hicks <tyhicks@canonical.com> | 2017-10-18 06:16:57 +0000 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2017-11-01 12:50:52 -0400 |
| commit | 649d4fa3e0f86289d788010f4aadc27d3e9b1339 (patch) | |
| tree | 94ce3ce52e6cd02cddaec4cc71dc880cbb42efbd | |
| parent | 8f37ea87b2dd291be7a6561f32474561519df1e7 (diff) | |
| download | libseccomp-649d4fa3e0f86289d788010f4aadc27d3e9b1339.tar.gz | |
tests: add SCMP_ACT_LOG test to 06-sim-actions
Extend the 06-sim-actions set of tests to include tests for
SCMP_ACT_LOG. The CTL_KCHECKACTS global attribute must be set to prevent
test errors when running under an old kernel that doesn't support
SECCOMP_RET_LOG.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
| -rw-r--r-- | tests/06-sim-actions.c | 8 | ||||
| -rwxr-xr-x | tests/06-sim-actions.py | 3 | ||||
| -rw-r--r-- | tests/06-sim-actions.tests | 19 |
3 files changed, 22 insertions, 8 deletions
diff --git a/tests/06-sim-actions.c b/tests/06-sim-actions.c index 6561cde..d81e521 100644 --- a/tests/06-sim-actions.c +++ b/tests/06-sim-actions.c @@ -36,6 +36,10 @@ int main(int argc, char *argv[]) if (rc < 0) goto out; + rc = seccomp_api_set(3); + if (rc != 0) + return EOPNOTSUPP; + ctx = seccomp_init(SCMP_ACT_KILL); if (ctx == NULL) return ENOMEM; @@ -44,6 +48,10 @@ int main(int argc, char *argv[]) if (rc != 0) goto out; + rc = seccomp_rule_add(ctx, SCMP_ACT_LOG, SCMP_SYS(rt_sigreturn), 0); + if (rc != 0) + goto out; + rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(write), 0); if (rc != 0) goto out; diff --git a/tests/06-sim-actions.py b/tests/06-sim-actions.py index c59813b..e3f91e9 100755 --- a/tests/06-sim-actions.py +++ b/tests/06-sim-actions.py @@ -30,8 +30,11 @@ import util from seccomp import * def test(args): + set_api(3) + f = SyscallFilter(KILL) f.add_rule(ALLOW, "read") + f.add_rule(LOG, "rt_sigreturn") f.add_rule(ERRNO(errno.EPERM), "write") f.add_rule(TRAP, "close") f.add_rule(TRACE(1234), "open") diff --git a/tests/06-sim-actions.tests b/tests/06-sim-actions.tests index d0c2e44..1402e21 100644 --- a/tests/06-sim-actions.tests +++ b/tests/06-sim-actions.tests @@ -7,14 +7,17 @@ test type: bpf-sim -# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result -06-sim-actions all read 4 0x856B008 80 N N N ALLOW -06-sim-actions all write 1 0x856B008 N N N N ERRNO(1) -06-sim-actions all close 4 N N N N N TRAP -06-sim-actions all,-aarch64 open 0x856B008 4 N N N N TRACE(1234) -06-sim-actions x86 0-2 N N N N N N KILL -06-sim-actions x86 7-350 N N N N N N KILL -06-sim-actions x86_64 4-350 N N N N N N KILL +# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result +06-sim-actions all read 4 0x856B008 80 N N N ALLOW +06-sim-actions all write 1 0x856B008 N N N N ERRNO(1) +06-sim-actions all close 4 N N N N N TRAP +06-sim-actions all,-aarch64 open 0x856B008 4 N N N N TRACE(1234) +06-sim-actions all rt_sigreturn N N N N N N LOG +06-sim-actions x86 0-2 N N N N N N KILL +06-sim-actions x86 7-172 N N N N N N KILL +06-sim-actions x86 174-350 N N N N N N KILL +06-sim-actions x86_64 4-14 N N N N N N KILL +06-sim-actions x86_64 16-350 N N N N N N KILL test type: bpf-sim-fuzz |