tests: Handle pseudo-syscalls in the sim binary tree test

Now that pseudo-syscalls are being removed from the resultant BPF filter, we need to test for this in the simulated binary tree test. This commit modifies the test to explicitly define its supported architectures and updates the tests file to handle PNR syscalls. Note that the aarch64 architecture does not define many of the syscalls used in this test, and thus these syscalls fall through to the default ALLOW action. Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Tom Hromatka <tom.hromatka@oracle.com> 2020-06-30 11:33:01 -0600
committer: Paul Moore <paul@paul-moore.com> 2020-07-13 21:14:15 -0400
commit: 0c94a019f5b43ea43dfbd7bc3fb6363e896ec068 (patch)
tree: 8ee83353f897b54043c3c28f72629e1a186104ab /tests
parent: ad873bdec9817f53f380d3b20cf6ab6f70a7d2be (diff)
download: libseccomp-0c94a019f5b43ea43dfbd7bc3fb6363e896ec068.tar.gz
3 files changed, 70 insertions, 41 deletions
diff --git a/tests/53-sim-binary_tree.c b/tests/53-sim-binary_tree.c
index 291b7c5..4aa5f13 100644
--- a/tests/53-sim-binary_tree.c
+++ b/tests/53-sim-binary_tree.c
@@ -98,6 +98,20 @@ int main(int argc, char *argv[])
 		goto out;
 	}
 
+	rc = seccomp_arch_remove(ctx, SCMP_ARCH_NATIVE);
+	if (rc != 0)
+		goto out;
+
+	rc = seccomp_arch_add(ctx, SCMP_ARCH_AARCH64);
+	if (rc != 0)
+		goto out;
+	rc = seccomp_arch_add(ctx, SCMP_ARCH_PPC64LE);
+	if (rc != 0)
+		goto out;
+	rc = seccomp_arch_add(ctx, SCMP_ARCH_X86_64);
+	if (rc != 0)
+		goto out;
+
 	rc = seccomp_attr_set(ctx, SCMP_FLTATR_CTL_OPTIMIZE, 2);
 	if (rc < 0)
 		goto out;
diff --git a/tests/53-sim-binary_tree.py b/tests/53-sim-binary_tree.py
index 9798c0b..39b2769 100755
--- a/tests/53-sim-binary_tree.py
+++ b/tests/53-sim-binary_tree.py
@@ -69,6 +69,11 @@ table = [
 def test(args):
     f = SyscallFilter(ALLOW)
 
+    f.remove_arch(Arch())
+    f.add_arch(Arch("aarch64"))
+    f.add_arch(Arch("ppc64le"))
+    f.add_arch(Arch("x86_64"))
+
     for entry in table:
         if entry["arg_cnt"] == 2:
             f.add_rule(ERRNO(entry["error"]), entry["syscall"],
diff --git a/tests/53-sim-binary_tree.tests b/tests/53-sim-binary_tree.tests
index 7dd585c..cd9f396 100644
--- a/tests/53-sim-binary_tree.tests
+++ b/tests/53-sim-binary_tree.tests
@@ -7,47 +7,57 @@
 
 test type: bpf-sim
 
-# Testname		Arch	Syscall		Arg0	Arg1	Arg2	Arg3	Arg4	Arg5	Result
-53-sim-binary_tree	all	read		N	N	N	N	N	N	ERRNO(0)
-53-sim-binary_tree	all	write		N	N	N	N	N	N	ERRNO(1)
-53-sim-binary_tree	all	open		N	N	N	N	N	N	ERRNO(2)
-53-sim-binary_tree	all	close		N	N	N	N	N	N	ALLOW
-53-sim-binary_tree	all	close		100	1234	N	N	N	N	ALLOW
-53-sim-binary_tree	all	close		100	101	N	N	N	N	ERRNO(3)
-53-sim-binary_tree	all	stat		N	N	N	N	N	N	ERRNO(4)
-53-sim-binary_tree	all	fstat		N	N	N	N	N	N	ERRNO(5)
-53-sim-binary_tree	all	lstat		N	N	N	N	N	N	ERRNO(6)
-53-sim-binary_tree	all	poll		102	N	N	N	N	N	ERRNO(7)
-53-sim-binary_tree	all	lseek		103	104	N	N	N	N	ERRNO(8)
-53-sim-binary_tree	all	mmap		N	N	N	N	N	N	ERRNO(9)
-53-sim-binary_tree	all	mprotect	N	N	N	N	N	N	ERRNO(10)
-53-sim-binary_tree	all	munmap		N	N	N	N	N	N	ERRNO(11)
-53-sim-binary_tree	all	brk		N	N	N	N	N	N	ERRNO(12)
-53-sim-binary_tree	all	rt_sigaction	N	N	N	N	N	N	ERRNO(13)
-53-sim-binary_tree	all	rt_sigprocmask	N	N	N	N	N	N	ERRNO(14)
-53-sim-binary_tree	all	rt_sigreturn	N	N	N	N	N	N	ERRNO(15)
-53-sim-binary_tree	all	ioctl		N	N	N	N	N	N	ERRNO(16)
-53-sim-binary_tree	all	pread64		105	N	N	N	N	N	ERRNO(17)
-53-sim-binary_tree	all	pwrite64	N	N	N	N	N	N	ERRNO(18)
-53-sim-binary_tree	all	readv		N	N	N	N	N	N	ERRNO(19)
-53-sim-binary_tree	all	writev		N	N	N	N	N	N	ERRNO(20)
-53-sim-binary_tree	all	access		N	N	N	N	N	N	ERRNO(21)
-53-sim-binary_tree	all	pipe		N	N	N	N	N	N	ERRNO(22)
-53-sim-binary_tree	all	select		N	N	N	N	N	N	ALLOW
-53-sim-binary_tree	all	select		106	107	N	N	N	N	ERRNO(23)
-53-sim-binary_tree	all	sched_yield	N	N	N	N	N	N	ERRNO(24)
-53-sim-binary_tree	all	mremap		N	N	N	N	N	N	ALLOW
-53-sim-binary_tree	all	mremap		108	109	N	N	N	N	ERRNO(25)
-53-sim-binary_tree	all	msync		N	N	N	N	N	N	ERRNO(26)
-53-sim-binary_tree	all	mincore		N	N	N	N	N	N	ERRNO(27)
-53-sim-binary_tree	all	madvise		N	N	N	N	N	N	ERRNO(28)
-53-sim-binary_tree	all	dup		112	N	N	N	N	N	ERRNO(32)
-53-sim-binary_tree	all	dup		5678	N	N	N	N	N	ALLOW
-53-sim-binary_tree	all	dup2		N	N	N	N	N	N	ERRNO(33)
-53-sim-binary_tree	all	pause		N	N	N	N	N	N	ERRNO(34)
-53-sim-binary_tree	all	nanosleep	N	N	N	N	N	N	ERRNO(35)
-53-sim-binary_tree	all	getitimer	N	N	N	N	N	N	ERRNO(36)
-53-sim-binary_tree	all	alarm		N	N	N	N	N	N	ERRNO(37)
+# Testname		Arch			Syscall		Arg0	Arg1	Arg2	Arg3	Arg4	Arg5	Result
+53-sim-binary_tree	all			read		N	N	N	N	N	N	ERRNO(0)
+53-sim-binary_tree	all			write		N	N	N	N	N	N	ERRNO(1)
+53-sim-binary_tree	+x86_64,+ppc64le	open		N	N	N	N	N	N	ERRNO(2)
+53-sim-binary_tree	+aarch64		open		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	all			close		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	all			close		100	1234	N	N	N	N	ALLOW
+53-sim-binary_tree	all			close		100	101	N	N	N	N	ERRNO(3)
+53-sim-binary_tree	+x86_64,+ppc64le	stat		N	N	N	N	N	N	ERRNO(4)
+53-sim-binary_tree	+aarch64		stat		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	all			fstat		N	N	N	N	N	N	ERRNO(5)
+53-sim-binary_tree	+x86_64,+ppc64le	lstat		N	N	N	N	N	N	ERRNO(6)
+53-sim-binary_tree	+aarch64		lstat		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	+x86_64,+ppc64le	poll		102	N	N	N	N	N	ERRNO(7)
+53-sim-binary_tree	+aarch64		poll		102	N	N	N	N	N	ALLOW
+53-sim-binary_tree	all			lseek		103	104	N	N	N	N	ERRNO(8)
+53-sim-binary_tree	all			mmap		N	N	N	N	N	N	ERRNO(9)
+53-sim-binary_tree	all			mprotect	N	N	N	N	N	N	ERRNO(10)
+53-sim-binary_tree	all			munmap		N	N	N	N	N	N	ERRNO(11)
+53-sim-binary_tree	all			brk		N	N	N	N	N	N	ERRNO(12)
+53-sim-binary_tree	all			rt_sigaction	N	N	N	N	N	N	ERRNO(13)
+53-sim-binary_tree	all			rt_sigprocmask	N	N	N	N	N	N	ERRNO(14)
+53-sim-binary_tree	all			rt_sigreturn	N	N	N	N	N	N	ERRNO(15)
+53-sim-binary_tree	all			ioctl		N	N	N	N	N	N	ERRNO(16)
+53-sim-binary_tree	all			pread64		105	N	N	N	N	N	ERRNO(17)
+53-sim-binary_tree	all			pwrite64	N	N	N	N	N	N	ERRNO(18)
+53-sim-binary_tree	all			readv		N	N	N	N	N	N	ERRNO(19)
+53-sim-binary_tree	all			writev		N	N	N	N	N	N	ERRNO(20)
+53-sim-binary_tree	+x86_64,+ppc64le	access		N	N	N	N	N	N	ERRNO(21)
+53-sim-binary_tree	+aarch64		access		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	+x86_64,+ppc64le	pipe		N	N	N	N	N	N	ERRNO(22)
+53-sim-binary_tree	+aarch64		pipe		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	all			select		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	+x86_64,+ppc64le	select		106	107	N	N	N	N	ERRNO(23)
+53-sim-binary_tree	+aarch64		select		106	107	N	N	N	N	ALLOW
+53-sim-binary_tree	all			sched_yield	N	N	N	N	N	N	ERRNO(24)
+53-sim-binary_tree	all			mremap		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	all			mremap		108	109	N	N	N	N	ERRNO(25)
+53-sim-binary_tree	all			msync		N	N	N	N	N	N	ERRNO(26)
+53-sim-binary_tree	all			mincore		N	N	N	N	N	N	ERRNO(27)
+53-sim-binary_tree	all			madvise		N	N	N	N	N	N	ERRNO(28)
+53-sim-binary_tree	all			dup		112	N	N	N	N	N	ERRNO(32)
+53-sim-binary_tree	all			dup		5678	N	N	N	N	N	ALLOW
+53-sim-binary_tree	+x86_64,+ppc64le	dup2		N	N	N	N	N	N	ERRNO(33)
+53-sim-binary_tree	+aarch64		dup2		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	+x86_64,+ppc64le	pause		N	N	N	N	N	N	ERRNO(34)
+53-sim-binary_tree	+aarch64		pause		N	N	N	N	N	N	ALLOW
+53-sim-binary_tree	all			nanosleep	N	N	N	N	N	N	ERRNO(35)
+53-sim-binary_tree	all			getitimer	N	N	N	N	N	N	ERRNO(36)
+53-sim-binary_tree	+x86_64,+ppc64le	alarm		N	N	N	N	N	N	ERRNO(37)
+53-sim-binary_tree	+aarch64		alarm		N	N	N	N	N	N	ALLOW
 
 test type: bpf-valgrind
author	Tom Hromatka <tom.hromatka@oracle.com>	2020-06-30 11:33:01 -0600
committer	Paul Moore <paul@paul-moore.com>	2020-07-13 21:14:15 -0400
commit	0c94a019f5b43ea43dfbd7bc3fb6363e896ec068 (patch)
tree	8ee83353f897b54043c3c28f72629e1a186104ab /tests
parent	ad873bdec9817f53f380d3b20cf6ab6f70a7d2be (diff)
download	libseccomp-0c94a019f5b43ea43dfbd7bc3fb6363e896ec068.tar.gz