diff options
| author | Paul Moore <paul@paul-moore.com> | 2017-02-27 15:03:38 -0500 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2017-02-27 16:57:39 -0500 |
| commit | 8f318099c1a520f1601053491ccbba865281eb60 (patch) | |
| tree | b6a58d9ce31ccdee93f59fa3652ac8149858a767 | |
| parent | dbc83fc01ec07b68f87a7998e90a357c149cbbea (diff) | |
| download | libseccomp-8f318099c1a520f1601053491ccbba865281eb60.tar.gz | |
python: add support for Python 3.x
This patch adds the necessary tweaks to support building against
Python v2.x and v3.x. In the process we also fix some problems with
the Python live tests; it is unclear when they broke, but they are
working now.
Tested on Python v2.7.13 and v3.6.0.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit ce5aea6a4ae7523b57ec13e2e6150aa5d83c1b4e)
| -rw-r--r-- | src/python/seccomp.pyx | 27 | ||||
| -rwxr-xr-x | tests/15-basic-resolver.py | 4 | ||||
| -rwxr-xr-x | tests/20-live-basic_die.py | 1 | ||||
| -rwxr-xr-x | tests/21-live-basic_allow.py | 1 | ||||
| -rwxr-xr-x | tests/24-live-arg_allow.py | 4 | ||||
| -rw-r--r-- | tests/util.py | 4 |
6 files changed, 31 insertions, 10 deletions
diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx index 076322c..a0d5768 100644 --- a/src/python/seccomp.pyx +++ b/src/python/seccomp.pyx @@ -1,7 +1,7 @@ # # Seccomp Library Python Bindings # -# Copyright (c) 2012,2013 Red Hat <pmoore@redhat.com> +# Copyright (c) 2012,2013,2017 Red Hat <pmoore@redhat.com> # Author: Paul Moore <paul@paul-moore.com> # @@ -68,13 +68,31 @@ Example: f.load() """ __author__ = 'Paul Moore <paul@paul-moore.com>' -__date__ = "7 January 2013" +__date__ = "3 February 2017" +from cpython.version cimport PY_MAJOR_VERSION from libc.stdint cimport uint32_t import errno cimport libseccomp +def c_str(string): + """ Convert a Python string to a C string. + + Arguments: + string - the Python string + + Description: + Convert the Python string into a form usable by C taking into consideration + the Python major version, e.g. Python 2.x or Python 3.x. + See http://docs.cython.org/en/latest/src/tutorial/strings.html for more + information. + """ + if PY_MAJOR_VERSION < 3: + return string + else: + return bytes(string, "ascii") + KILL = libseccomp.SCMP_ACT_KILL TRAP = libseccomp.SCMP_ACT_TRAP ALLOW = libseccomp.SCMP_ACT_ALLOW @@ -121,7 +139,8 @@ def resolve_syscall(arch, syscall): cdef char *ret_str if isinstance(syscall, basestring): - return libseccomp.seccomp_syscall_resolve_name_rewrite(arch, syscall) + return libseccomp.seccomp_syscall_resolve_name_rewrite(arch, + c_str(syscall)) elif isinstance(syscall, int): ret_str = libseccomp.seccomp_syscall_resolve_num_arch(arch, syscall) if ret_str is NULL: @@ -218,7 +237,7 @@ cdef class Arch: else: self._token = 0; elif isinstance(arch, basestring): - self._token = libseccomp.seccomp_arch_resolve_name(arch) + self._token = libseccomp.seccomp_arch_resolve_name(c_str(arch)) else: raise TypeError("Architecture must be an int or str type") if self._token == 0: diff --git a/tests/15-basic-resolver.py b/tests/15-basic-resolver.py index 12c4d7d..3ce3389 100755 --- a/tests/15-basic-resolver.py +++ b/tests/15-basic-resolver.py @@ -41,11 +41,11 @@ def test(): sys_num = resolve_syscall(Arch(), "open") sys_name = resolve_syscall(Arch(), sys_num) - if (sys_name != "open"): + if (sys_name != b"open"): raise RuntimeError("Test failure") sys_num = resolve_syscall(Arch(), "read") sys_name = resolve_syscall(Arch(), sys_num) - if (sys_name != "read"): + if (sys_name != b"read"): raise RuntimeError("Test failure") test() diff --git a/tests/20-live-basic_die.py b/tests/20-live-basic_die.py index 389a50f..26013f6 100755 --- a/tests/20-live-basic_die.py +++ b/tests/20-live-basic_die.py @@ -33,6 +33,7 @@ def test(): if action == TRAP: util.install_trap() f = SyscallFilter(action) + f.add_rule(ALLOW, "getpid") f.add_rule(ALLOW, "rt_sigreturn") f.add_rule(ALLOW, "sigreturn") f.add_rule(ALLOW, "exit_group") diff --git a/tests/21-live-basic_allow.py b/tests/21-live-basic_allow.py index b6703de..8e16ead 100755 --- a/tests/21-live-basic_allow.py +++ b/tests/21-live-basic_allow.py @@ -50,6 +50,7 @@ def test(): f.add_rule(ALLOW, "brk") f.add_rule(ALLOW, "exit_group") f.load() + try: util.write_file("/dev/null") except OSError as ex: diff --git a/tests/24-live-arg_allow.py b/tests/24-live-arg_allow.py index 019c8a8..51e6110 100755 --- a/tests/24-live-arg_allow.py +++ b/tests/24-live-arg_allow.py @@ -35,7 +35,7 @@ def test(): quit(1) util.install_trap() - fd = os.open("/dev/null", os.O_WRONLY|os.O_CREAT, 0600) + fd = os.open("/dev/null", os.O_WRONLY|os.O_CREAT) f = SyscallFilter(TRAP) # NOTE: additional syscalls required for python @@ -48,7 +48,7 @@ def test(): f.load() try: - if not os.write(fd, "testing") == len("testing"): + if not os.write(fd, b"testing") == len("testing"): raise IOError("failed to write the full test string") quit(160) except OSError as ex: diff --git a/tests/util.py b/tests/util.py index f085c88..e601f2d 100644 --- a/tests/util.py +++ b/tests/util.py @@ -100,8 +100,8 @@ def write_file(path): Description: Open the specified file, write a string to the file, and close the file. """ - fd = os.open(path, os.O_WRONLY|os.O_CREAT, 0600) - if not os.write(fd, "testing") == len("testing"): + fd = os.open(str(path), os.O_WRONLY|os.O_CREAT) + if not os.write(fd, b"testing") == len("testing"): raise IOError("failed to write the full test string in write_file()") os.close(fd) |