tests: add notification tests

Some of this was taken from Tycho's original patch.

Signed-off-by: Tycho Andersen <tycho@tycho.ws>
Signed-off-by: Paul Moore <paul@paul-moore.com>

7 files changed, 190 insertions, 4 deletions

diff --git a/tests/.gitignore b/tests/.gitignore
index a5bc9e4..6710243 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -56,3 +56,4 @@ util.pyc
 48-sim-32b_args
 49-sim-64b_comparisons
 50-sim-hash_collision
+51-live-user_notification
diff --git a/tests/13-basic-attrs.c b/tests/13-basic-attrs.c
index 28147bd..e7b14f0 100644
--- a/tests/13-basic-attrs.c
+++ b/tests/13-basic-attrs.c
@@ -32,7 +32,7 @@ int main(int argc, char *argv[])
 	uint32_t val = (uint32_t)(-1);
 	scmp_filter_ctx ctx = NULL;
 
-	rc = seccomp_api_set(4);
+	rc = seccomp_api_set(5);
 	if (rc != 0)
 		return EOPNOTSUPP;
 
diff --git a/tests/13-basic-attrs.py b/tests/13-basic-attrs.py
index b4b54b9..38971c0 100755
--- a/tests/13-basic-attrs.py
+++ b/tests/13-basic-attrs.py
@@ -29,7 +29,7 @@ import util
 from seccomp import *
 
 def test():
-    set_api(4)
+    set_api(5)
 
     f = SyscallFilter(ALLOW)
     if f.get_attr(Attr.ACT_DEFAULT) != ALLOW:
diff --git a/tests/51-live-user_notification.c b/tests/51-live-user_notification.c
new file mode 100644
index 0000000..de31d2f
--- /dev/null
+++ b/tests/51-live-user_notification.c
@@ -0,0 +1,112 @@
+/**
+ * Seccomp Library test program
+ *
+ * Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com>
+ * Author: Paul Moore <paul@paul-moore.com>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#include <seccomp.h>
+#include <signal.h>
+#include <syscall.h>
+#include <errno.h>
+#include <stdlib.h>
+
+#include "util.h"
+
+#define MAGIC 0x1122334455667788UL
+
+int main(int argc, char *argv[])
+{
+	int rc, fd = -1, status;
+	struct seccomp_notif *req = NULL;
+	struct seccomp_notif_resp *resp = NULL;
+	scmp_filter_ctx ctx = NULL;
+	pid_t pid = 0;
+
+	ctx = seccomp_init(SCMP_ACT_ALLOW);
+	if (ctx == NULL)
+		return ENOMEM;
+
+	rc = seccomp_rule_add(ctx, SCMP_ACT_NOTIFY, SCMP_SYS(getpid), 0, NULL);
+	if (rc)
+		goto out;
+
+	rc  = seccomp_load(ctx);
+	if (rc < 0)
+		goto out;
+
+	rc = seccomp_notify_fd(ctx);
+	if (rc < 0)
+		goto out;
+	fd = rc;
+
+	pid = fork();
+	if (pid == 0)
+		exit(syscall(SCMP_SYS(getpid)) != MAGIC);
+
+	rc = seccomp_notify_alloc(&req, &resp);
+	if (rc)
+		goto out;
+
+	rc = seccomp_notify_receive(fd, req);
+	if (rc)
+		goto out;
+	if (req->data.nr != SCMP_SYS(getpid)) {
+		rc = -EFAULT;
+		goto out;
+	}
+	rc = seccomp_notify_id_valid(fd, req->id);
+	if (rc)
+		goto out;
+
+	resp->id = req->id;
+	resp->val = MAGIC;
+	resp->error = 0;
+	resp->flags = 0;
+	rc = seccomp_notify_respond(fd, resp);
+	if (rc)
+		goto out;
+
+	if (waitpid(pid, &status, 0) != pid) {
+		rc = -EFAULT;
+		goto out;
+	}
+
+	if (!WIFEXITED(status)) {
+		rc = -EFAULT;
+		goto out;
+	}
+	if (WEXITSTATUS(status)) {
+		rc = -EFAULT;
+		goto out;
+	}
+
+out:
+	if (fd >= 0)
+		close(fd);
+	if (pid)
+		kill(pid, SIGKILL);
+	seccomp_notify_free(req, resp);
+	seccomp_release(ctx);
+
+	if (rc != 0)
+		return (rc < 0 ? -rc : rc);
+	return 160;
+}
diff --git a/tests/51-live-user_notification.py b/tests/51-live-user_notification.py
new file mode 100755
index 0000000..0d81f5e
--- /dev/null
+++ b/tests/51-live-user_notification.py
@@ -0,0 +1,60 @@
+#!/usr/bin/env python
+
+#
+# Seccomp Library test program
+#
+# Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com>
+# Author: Paul Moore <paul@paul-moore.com>
+#
+
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of version 2.1 of the GNU Lesser General Public License as
+# published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+# for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, see <http://www.gnu.org/licenses>.
+#
+
+import argparse
+import os
+import signal
+import sys
+
+import util
+
+from seccomp import *
+
+def test():
+    magic = os.getuid() + 1
+    f = SyscallFilter(ALLOW)
+    f.add_rule(NOTIFY, "getuid")
+    f.load()
+    pid = os.fork()
+    if pid == 0:
+        val = os.getuid()
+        if val != magic:
+            raise RuntimeError("Response return value failed")
+            quit(1)
+        quit(0)
+    else:
+        notify = f.receive_notify()
+        if notify.syscall != resolve_syscall(Arch(), "getuid"):
+            raise RuntimeError("Notification failed")
+        f.respond_notify(NotificationResponse(notify, magic, 0, 0))
+        wpid, rc = os.waitpid(pid, 0)
+        if os.WIFEXITED(rc) == 0:
+            raise RuntimeError("Child process error")
+        if os.WEXITSTATUS(rc) != 0:
+            raise RuntimeError("Child process error")
+        quit(160)
+
+test()
+
+# kate: syntax python;
+# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
diff --git a/tests/51-live-user_notification.tests b/tests/51-live-user_notification.tests
new file mode 100644
index 0000000..4c5e964
--- /dev/null
+++ b/tests/51-live-user_notification.tests
@@ -0,0 +1,11 @@
+#
+# libseccomp regression test automation data
+#
+# Copyright Cisco Systems 2019
+# Author: Tycho Andersen <tycho@tycho.ws>
+#
+
+test type: live
+
+# Testname			API	Result
+51-live-user_notification	5	ALLOW
diff --git a/tests/Makefile.am b/tests/Makefile.am
index eb84e14..83e41c4 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -89,7 +89,8 @@ check_PROGRAMS = \
 	47-live-kill_process \
 	48-sim-32b_args \
 	49-sim-64b_comparisons \
-	50-sim-hash_collision
+	50-sim-hash_collision \
+	51-live-user_notification
 
 EXTRA_DIST_TESTPYTHON = \
 	util.py \
@@ -193,7 +194,8 @@ EXTRA_DIST_TESTCFGS = \
 	47-live-kill_process.tests \
 	48-sim-32b_args.tests \
 	49-sim-64b_comparisons.tests \
-	50-sim-hash_collision.tests
+	50-sim-hash_collision.tests \
+	51-live-user_notification.tests
 
 EXTRA_DIST_TESTSCRIPTS = \
 	38-basic-pfc_coverage.sh 38-basic-pfc_coverage.pfc