diff options
author | Tom Hromatka <tom.hromatka@oracle.com> | 2020-03-05 14:04:18 -0700 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2020-03-10 18:18:44 -0400 |
commit | 070c7842bc0c7f7b2d40d81752cb6663672afd6e (patch) | |
tree | 2291a793be740f984b1b8acb936e4474536f8dfc /tests/53-sim-binary_tree.py | |
parent | 00afcffb77141f8416ca156065c50eae471b8ad1 (diff) | |
download | libseccomp-070c7842bc0c7f7b2d40d81752cb6663672afd6e.tar.gz |
tests: change test 53 to use syscall names rather than numbers
Previously test 53, sim-binary_tree, used syscall numbers to build
a large binary tree. This is problematic on architectures that
have sparsely populated syscall numbers.
This commit modifies the test to use syscall names to build up a
realistic binary tree that should work on all architectures.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'tests/53-sim-binary_tree.py')
-rwxr-xr-x | tests/53-sim-binary_tree.py | 55 |
1 files changed, 51 insertions, 4 deletions
diff --git a/tests/53-sim-binary_tree.py b/tests/53-sim-binary_tree.py index 8a17918..3b933b9 100755 --- a/tests/53-sim-binary_tree.py +++ b/tests/53-sim-binary_tree.py @@ -28,6 +28,47 @@ import util from seccomp import * +table = [ + {"syscall": "read", "error": 0, "arg_cnt": 0 }, + {"syscall": "write", "error": 1, "arg_cnt": 0 }, + {"syscall": "open", "error": 2, "arg_cnt": 0 }, + {"syscall": "close", "error": 3, "arg_cnt": 2, "arg1": 100, "arg2": 101 }, + {"syscall": "stat", "error": 4, "arg_cnt": 0 }, + {"syscall": "fstat", "error": 5, "arg_cnt": 0 }, + {"syscall": "lstat", "error": 6, "arg_cnt": 0 }, + {"syscall": "poll", "error": 7, "arg_cnt": 1, "arg1": 102 }, + {"syscall": "lseek", "error": 8, "arg_cnt": 2, "arg1": 103, "arg2": 104 }, + {"syscall": "mmap", "error": 9, "arg_cnt": 0 }, + {"syscall": "mprotect", "error": 10, "arg_cnt": 0 }, + {"syscall": "munmap", "error": 11, "arg_cnt": 0 }, + {"syscall": "brk", "error": 12, "arg_cnt": 0 }, + {"syscall": "rt_sigaction", "error": 13, "arg_cnt": 0 }, + {"syscall": "rt_sigprocmask", "error": 14, "arg_cnt": 0 }, + {"syscall": "rt_sigreturn", "error": 15, "arg_cnt": 0 }, + {"syscall": "ioctl", "error": 16, "arg_cnt": 0 }, + {"syscall": "pread64", "error": 17, "arg_cnt": 1, "arg1": 105 }, + {"syscall": "pwrite64", "error": 18, "arg_cnt": 0 }, + {"syscall": "readv", "error": 19, "arg_cnt": 0 }, + {"syscall": "writev", "error": 20, "arg_cnt": 0 }, + {"syscall": "access", "error": 21, "arg_cnt": 0 }, + {"syscall": "pipe", "error": 22, "arg_cnt": 0 }, + {"syscall": "select", "error": 23, "arg_cnt": 2, "arg1": 106, "arg2": 107 }, + {"syscall": "sched_yield", "error": 24, "arg_cnt": 0 }, + {"syscall": "mremap", "error": 25, "arg_cnt": 2, "arg1": 108, "arg2": 109 }, + {"syscall": "msync", "error": 26, "arg_cnt": 0 }, + {"syscall": "mincore", "error": 27, "arg_cnt": 0 }, + {"syscall": "madvise", "error": 28, "arg_cnt": 0 }, + {"syscall": "shmget", "error": 29, "arg_cnt": 0 }, + {"syscall": "shmat", "error": 30, "arg_cnt": 1, "arg1": 110 }, + {"syscall": "shmctl", "error": 31, "arg_cnt": 1, "arg1": 111 }, + {"syscall": "dup", "error": 32, "arg_cnt": 1, "arg1": 112 }, + {"syscall": "dup2", "error": 33, "arg_cnt": 0 }, + {"syscall": "pause", "error": 34, "arg_cnt": 0 }, + {"syscall": "nanosleep", "error": 35, "arg_cnt": 0 }, + {"syscall": "getitimer", "error": 36, "arg_cnt": 0 }, + {"syscall": "alarm", "error": 37, "arg_cnt": 0 }, +] + def test(args): f = SyscallFilter(ALLOW) @@ -36,11 +77,17 @@ def test(args): f.add_arch(Arch("x86")) f.set_attr(Attr.CTL_OPTIMIZE, 2) - for i in range(330): - if (i == 10 or i == 53 or i == 61 or i == 255): - f.add_rule(ERRNO(i), i, Arg(0, EQ, i)) + for entry in table: + print(entry) + if entry["arg_cnt"] == 2: + f.add_rule(ERRNO(entry["error"]), entry["syscall"], + Arg(0, EQ, entry["arg1"]), + Arg(1, EQ, entry["arg2"])) + elif entry["arg_cnt"] == 1: + f.add_rule(ERRNO(entry["error"]), entry["syscall"], + Arg(0, EQ, entry["arg1"])) else: - f.add_rule(ERRNO(i), i) + f.add_rule(ERRNO(entry["error"]), entry["syscall"]) return f |