tests: added tests for the A2 ordering bug (GH issue #112)

Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
[PM: subject line tweaks]
Signed-off-by: Paul Moore <paul@paul-moore.com>

8 files changed, 483 insertions, 3 deletions

diff --git a/tests/.gitignore b/tests/.gitignore
index c4f2bf8..8b89252 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -48,3 +48,5 @@ util.pyc
 40-sim-log
 41-sim-syscall_priority_arch
 42-sim-adv_chains
+43-sim-a2_order
+44-live-a2_order
diff --git a/tests/43-sim-a2_order.c b/tests/43-sim-a2_order.c
new file mode 100644
index 0000000..e567b11
--- /dev/null
+++ b/tests/43-sim-a2_order.c
@@ -0,0 +1,92 @@
+/**
+ * Seccomp Library test program
+ *
+ * Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+ * Author: Tom Hromatka <tom.hromatka@oracle.com>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <errno.h>
+#include <unistd.h>
+
+#include <seccomp.h>
+
+#include "util.h"
+
+int main(int argc, char *argv[])
+{
+	int rc;
+	struct util_options opts;
+	scmp_filter_ctx ctx = NULL;
+
+	rc = util_getopt(argc, argv, &opts);
+	if (rc < 0)
+		goto out;
+
+	ctx = seccomp_init(SCMP_ACT_KILL);
+	if (ctx == NULL)
+		return ENOMEM;
+
+	/* note - a "hole" was intentionally left between 64 and 128.
+	 * reads of this size should fall through to the default action -
+	 * SCMP_ACT_KILL in this test's case.
+	 */
+
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_LE, 64));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(5), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 128));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(6), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 256));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(7), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 512));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(8), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 1024));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(9), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 2048));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(10), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 4096));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(11), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 8192));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(12), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 16536));
+	if (rc != 0)
+		goto out;
+
+	rc = util_filter_output(&opts, ctx);
+	if (rc)
+		goto out;
+
+out:
+	seccomp_release(ctx);
+	return (rc < 0 ? -rc : rc);
+}
diff --git a/tests/43-sim-a2_order.py b/tests/43-sim-a2_order.py
new file mode 100755
index 0000000..62632ff
--- /dev/null
+++ b/tests/43-sim-a2_order.py
@@ -0,0 +1,52 @@
+#!/usr/bin/env python
+
+#
+# Seccomp Library test program
+#
+# Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+# Author: Tom Hromatka <tom.hromatka@oracle.com>
+#
+
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of version 2.1 of the GNU Lesser General Public License as
+# published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+# for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, see <http://www.gnu.org/licenses>.
+#
+
+import argparse
+import errno
+import sys
+
+import util
+
+from seccomp import *
+
+def test(args):
+    set_api(3)
+
+    f = SyscallFilter(KILL)
+    f.add_rule(ALLOW, "read", Arg(2, LE, 64))
+    f.add_rule(ERRNO(5), "read", Arg(2, GT, 128))
+    f.add_rule(ERRNO(6), "read", Arg(2, GT, 256))
+    f.add_rule(ERRNO(7), "read", Arg(2, GT, 512))
+    f.add_rule(ERRNO(8), "read", Arg(2, GT, 1024))
+    f.add_rule(ERRNO(9), "read", Arg(2, GT, 2048))
+    f.add_rule(ERRNO(10), "read", Arg(2, GT, 4096))
+    f.add_rule(ERRNO(11), "read", Arg(2, GT, 8192))
+    f.add_rule(ERRNO(12), "read", Arg(2, GT, 16536))
+    return f
+
+args = util.get_opt()
+ctx = test(args)
+util.filter_output(args, ctx)
+
+# kate: syntax python;
+# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
diff --git a/tests/43-sim-a2_order.tests b/tests/43-sim-a2_order.tests
new file mode 100644
index 0000000..5c41fd0
--- /dev/null
+++ b/tests/43-sim-a2_order.tests
@@ -0,0 +1,36 @@
+#
+# libseccomp regression test automation data
+#
+# Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+# Author: Tom Hromatka <tom.hromatka@oracle.com>
+#
+
+test type: bpf-sim
+
+# Testname	Arch		Syscall		Arg0		Arg1		Arg2	Arg3	Arg4	Arg5	Result
+43-sim-a2_order	all		read		4		0x856B008	30	N	N	N	ALLOW
+43-sim-a2_order	all		read		4		0x856B008	64	N	N	N	ALLOW
+43-sim-a2_order	all		read		4		0x856B008	65	N	N	N	KILL
+43-sim-a2_order	all		read		4		0x856B008	128	N	N	N	KILL
+43-sim-a2_order	all		read		4		0x856B008	129	N	N	N	ERRNO(5)
+43-sim-a2_order	all		read		4		0x856B008	250	N	N	N	ERRNO(5)
+43-sim-a2_order	all		read		4		0x856B008	256	N	N	N	ERRNO(5)
+43-sim-a2_order	all		read		4		0x856B008	257	N	N	N	ERRNO(6)
+43-sim-a2_order	all		read		4		0x856B008	512	N	N	N	ERRNO(6)
+43-sim-a2_order	all		read		4		0x856B008	513	N	N	N	ERRNO(7)
+43-sim-a2_order	all		read		4		0x856B008	1024	N	N	N	ERRNO(7)
+43-sim-a2_order	all		read		4		0x856B008	1025	N	N	N	ERRNO(8)
+43-sim-a2_order	all		read		4		0x856B008	2048	N	N	N	ERRNO(8)
+43-sim-a2_order	all		read		4		0x856B008	2049	N	N	N	ERRNO(9)
+43-sim-a2_order	all		read		4		0x856B008	4096	N	N	N	ERRNO(9)
+43-sim-a2_order	all		read		4		0x856B008	4097	N	N	N	ERRNO(10)
+43-sim-a2_order	all		read		4		0x856B008	8192	N	N	N	ERRNO(10)
+43-sim-a2_order	all		read		4		0x856B008	8193	N	N	N	ERRNO(11)
+43-sim-a2_order	all		read		4		0x856B008	16536	N	N	N	ERRNO(11)
+43-sim-a2_order	all		read		4		0x856B008	16537	N	N	N	ERRNO(12)
+
+# Testname	StressCount
+test type: bpf-valgrind
+
+# Testname
+43-sim-a2_order
diff --git a/tests/44-live-a2_order.c b/tests/44-live-a2_order.c
new file mode 100755
index 0000000..70f33da
--- /dev/null
+++ b/tests/44-live-a2_order.c
@@ -0,0 +1,175 @@
+/**
+ * Seccomp Library test program
+ *
+ * Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+ * Author: Tom Hromatka <tom.hromatka@oracle.com>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <seccomp.h>
+
+#include "util.h"
+
+#define DEFAULT_ACTION_ERRNO	100
+#define DEFAULT_ACTION		SCMP_ACT_ERRNO(DEFAULT_ACTION_ERRNO)
+
+struct size_and_rc {
+	int size;
+	int expected_rc;
+};
+
+static const struct size_and_rc test_cases[] = {
+	{1, 1},
+	{10, 10},
+	{50, 50},
+	{100, -DEFAULT_ACTION_ERRNO},
+	{200, -5},
+	{256, -5},
+	{257, -6},
+	{400, -6},
+	{800, -7},
+	{1600, -8},
+	{3200, -9},
+	{4095, -9},
+	{4096, -9},
+	{4097, -10},
+	{8000, -10},
+	{8192, -10},
+	{16383, -11},
+	{16384, -11},
+	{16385, -12},
+	{35000, -12},
+};
+
+static int do_read(int sz, int expected_rc)
+{
+	char *buf = NULL;
+	int rc = -1000, zero_fd;
+
+	zero_fd = open("/dev/zero", O_RDONLY);
+	if (zero_fd <= 0)
+		goto error;
+
+	buf = malloc(sz);
+	if (buf == NULL)
+		goto error;
+
+	rc = read(zero_fd, buf, sz);
+	if(rc < 0) {
+		if (expected_rc == -errno)
+			rc = 0;
+	} else {
+		if (rc == expected_rc)
+			rc = 0;
+	}
+
+error:
+	if (zero_fd)
+		close(zero_fd);
+	if (buf)
+		free(buf);
+	return rc;
+}
+
+int main(int argc, char *argv[])
+{
+	int rc, i;
+	scmp_filter_ctx ctx = NULL;
+
+	ctx = seccomp_init(DEFAULT_ACTION);
+	if (ctx == NULL)
+		return ENOMEM;
+
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_LE, 64));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(5), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 128));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(6), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 256));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(7), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 512));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(8), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 1024));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(9), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 2048));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(10), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 4096));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(11), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 8192));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(12), SCMP_SYS(read), 1,
+			      SCMP_A2(SCMP_CMP_GT, 16384));
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0);
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
+	if (rc != 0)
+		goto out;
+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(stat), 0);
+	if (rc != 0)
+		goto out;
+
+	rc = seccomp_load(ctx);
+	if (rc != 0)
+		goto out;
+
+	for (i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) {
+		rc = do_read(test_cases[i].size,
+			     test_cases[i].expected_rc);
+		if (rc < 0)
+			goto out;
+	}
+
+	rc = 160;
+
+out:
+	seccomp_release(ctx);
+	return (rc < 0 ? -rc : rc);
+}
diff --git a/tests/44-live-a2_order.py b/tests/44-live-a2_order.py
new file mode 100755
index 0000000..c4c5f56
--- /dev/null
+++ b/tests/44-live-a2_order.py
@@ -0,0 +1,106 @@
+#!/usr/bin/env python
+
+#
+# Seccomp Library test program
+#
+# Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+# Author: Tom Hromatka <tom.hromatka@oracle.com>
+#
+
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of version 2.1 of the GNU Lesser General Public License as
+# published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+# for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, see <http://www.gnu.org/licenses>.
+#
+
+import argparse
+import os
+import sys
+
+import util
+
+from seccomp import *
+
+DEFAULT_ACTION_ERRNO = 100
+DEFAULT_ACTION = ERRNO(DEFAULT_ACTION_ERRNO)
+
+test_cases = [
+    {'sz': 1, 'exp_rc': 1},
+    {'sz': 10, 'exp_rc': 10},
+    {'sz': 50, 'exp_rc': 50},
+    {'sz': 100, 'exp_rc': -DEFAULT_ACTION_ERRNO},
+    {'sz': 200, 'exp_rc': -5},
+    {'sz': 256, 'exp_rc': -5},
+    {'sz': 257, 'exp_rc': -6},
+    {'sz': 400, 'exp_rc': -6},
+    {'sz': 800, 'exp_rc': -7},
+    {'sz': 1600, 'exp_rc': -8},
+    {'sz': 3200, 'exp_rc': -9},
+    {'sz': 4095, 'exp_rc': -9},
+    {'sz': 4096, 'exp_rc': -9},
+    {'sz': 4097, 'exp_rc': -10},
+    {'sz': 8000, 'exp_rc': -10},
+    {'sz': 8192, 'exp_rc': -10},
+    {'sz': 16383, 'exp_rc': -11},
+    {'sz': 16384, 'exp_rc': -11},
+    {'sz': 16385, 'exp_rc': -12},
+    {'sz': 35000, 'exp_rc': -12},
+]
+
+def do_read():
+    fd = os.open("/dev/zero", os.O_RDONLY)
+    for x in test_cases:
+        try:
+            os.read(fd, x['sz'])
+            if x['exp_rc'] < 0:
+                os.close(fd)
+                raise IOError("Erroneously read %d bytes.  Expected rc = %d" %
+                    (x['sz'], x['exp_rc']))
+        except OSError as ex:
+            if -ex.errno != x['exp_rc']:
+                os.close(fd)
+                raise IOError("Expected errno %d but os.read(%d bytes) caused errno %d" %
+                    (-x['exp_rc'], x['sz'], ex.errno))
+    os.close(fd)
+
+def test():
+    f = SyscallFilter(DEFAULT_ACTION)
+    f.add_rule(ALLOW, "read", Arg(2, LE, 64))
+    f.add_rule(ERRNO(5), "read", Arg(2, GT, 128))
+    f.add_rule(ERRNO(6), "read", Arg(2, GT, 256))
+    f.add_rule(ERRNO(7), "read", Arg(2, GT, 512))
+    f.add_rule(ERRNO(8), "read", Arg(2, GT, 1024))
+    f.add_rule(ERRNO(9), "read", Arg(2, GT, 2048))
+    f.add_rule(ERRNO(10), "read", Arg(2, GT, 4096))
+    f.add_rule(ERRNO(11), "read", Arg(2, GT, 8192))
+    f.add_rule(ERRNO(12), "read", Arg(2, GT, 16384))
+    # NOTE: additional syscalls required for python
+    f.add_rule(ALLOW, "close")
+    f.add_rule(ALLOW, "rt_sigaction")
+    f.add_rule(ALLOW, "rt_sigreturn")
+    f.add_rule(ALLOW, "sigaltstack")
+    f.add_rule(ALLOW, "exit_group")
+    f.add_rule(ALLOW, "exit")
+    f.add_rule(ALLOW, "brk")
+    f.add_rule(ALLOW, "open")
+    f.add_rule(ALLOW, "stat")
+    f.add_rule(ALLOW, "write")
+    f.load()
+
+    do_read()
+
+    # all reads behaved as expected
+    quit(160)
+
+test()
+
+# kate: syntax python;
+# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
diff --git a/tests/44-live-a2_order.tests b/tests/44-live-a2_order.tests
new file mode 100644
index 0000000..8cd1314
--- /dev/null
+++ b/tests/44-live-a2_order.tests
@@ -0,0 +1,11 @@
+#
+# libseccomp regression test automation data
+#
+# Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+# Author: Tom Hromatka <tom.hromatka@oracle.com>
+#
+
+test type: live
+
+# Testname		Result
+44-live-a2_order	ALLOW
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 3731c46..844c403 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -81,7 +81,9 @@ check_PROGRAMS = \
 	39-basic-api_level \
 	40-sim-log \
 	41-sim-syscall_priority_arch \
-	42-sim-adv_chains
+	42-sim-adv_chains \
+	43-sim-a2_order \
+	44-live-a2_order
 
 EXTRA_DIST_TESTPYTHON = \
 	util.py \
@@ -124,7 +126,9 @@ EXTRA_DIST_TESTPYTHON = \
 	37-sim-ipc_syscalls_be.py \
 	40-sim-log.py \
 	41-sim-syscall_priority_arch.py \
-	42-sim-adv_chains.py
+	42-sim-adv_chains.py \
+	43-sim-a2_order.py \
+	44-live-a2_order.py
 
 EXTRA_DIST_TESTCFGS = \
 	01-sim-allow.tests \
@@ -168,7 +172,9 @@ EXTRA_DIST_TESTCFGS = \
 	39-basic-api_level.tests \
 	40-sim-log.tests \
 	41-sim-syscall_priority_arch.tests \
-	42-sim-adv_chains.tests
+	42-sim-adv_chains.tests \
+	43-sim-a2_order.tests \
+	44-live-a2_order.tests
 
 EXTRA_DIST_TESTSCRIPTS = \
 	38-basic-pfc_coverage.sh 38-basic-pfc_coverage.pfc