diff options
author | Paul Moore <paul@paul-moore.com> | 2019-11-05 09:00:18 -0500 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2019-11-13 20:35:58 -0500 |
commit | 3bae8850487eaad54fccbf206516b269f330b08f (patch) | |
tree | ad9934b95e68253ae13fb69647d9698ca006daee /tests | |
parent | c46f7bfdcd038e8b36efbeff831cd497fc373394 (diff) | |
download | libseccomp-3bae8850487eaad54fccbf206516b269f330b08f.tar.gz |
tests: introduce a simple seccomp_load() test as part of the non-live tests
This is a bit controversial as historically we've refrained from
doing any tests that rely on the host kernel in the non-live tests,
but I think enough time has past that we can do a simple
seccomp_load() and not break the world's build/test platforms.
The obvious big advantage is we are now testing the basic
prctl()/seccomp() filter load infrastructure as part of the main
regression test run.
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/.gitignore | 1 | ||||
-rw-r--r-- | tests/52-basic-load.c | 48 | ||||
-rwxr-xr-x | tests/52-basic-load.py | 38 | ||||
-rw-r--r-- | tests/52-basic-load.tests | 11 | ||||
-rw-r--r-- | tests/Makefile.am | 10 |
5 files changed, 105 insertions, 3 deletions
diff --git a/tests/.gitignore b/tests/.gitignore index 6710243..5b17af9 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -57,3 +57,4 @@ util.pyc 49-sim-64b_comparisons 50-sim-hash_collision 51-live-user_notification +52-basic-load diff --git a/tests/52-basic-load.c b/tests/52-basic-load.c new file mode 100644 index 0000000..2f2b516 --- /dev/null +++ b/tests/52-basic-load.c @@ -0,0 +1,48 @@ +/** + * Seccomp Library test program + * + * Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com> + * Author: Paul Moore <paul@paul-moore.com> + */ + +/* + * This library is free software; you can redistribute it and/or modify it + * under the terms of version 2.1 of the GNU Lesser General Public License as + * published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License + * for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, see <http://www.gnu.org/licenses>. + */ + +#include <errno.h> +#include <unistd.h> + +#include <seccomp.h> + +#include "util.h" + +int main(int argc, char *argv[]) +{ + int rc; + struct util_options opts; + scmp_filter_ctx ctx = NULL; + + rc = util_getopt(argc, argv, &opts); + if (rc < 0) + goto out; + + ctx = seccomp_init(SCMP_ACT_ALLOW); + if (ctx == NULL) + return ENOMEM; + + rc = seccomp_load(ctx); + +out: + seccomp_release(ctx); + return (rc < 0 ? -rc : rc); +} diff --git a/tests/52-basic-load.py b/tests/52-basic-load.py new file mode 100755 index 0000000..4395a79 --- /dev/null +++ b/tests/52-basic-load.py @@ -0,0 +1,38 @@ +#!/usr/bin/env python + +# +# Seccomp Library test program +# +# Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com> +# Author: Paul Moore <paul@paul-moore.com> +# + +# +# This library is free software; you can redistribute it and/or modify it +# under the terms of version 2.1 of the GNU Lesser General Public License as +# published by the Free Software Foundation. +# +# This library is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License +# for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this library; if not, see <http://www.gnu.org/licenses>. +# + +import argparse +import sys + +import util + +from seccomp import * + +def test(): + f = SyscallFilter(ALLOW) + f.load() + +test() + +# kate: syntax python; +# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off; diff --git a/tests/52-basic-load.tests b/tests/52-basic-load.tests new file mode 100644 index 0000000..510e2d3 --- /dev/null +++ b/tests/52-basic-load.tests @@ -0,0 +1,11 @@ +# +# libseccomp regression test automation data +# +# Copyright (c) 2013 Red Hat <pmoore@redhat.com> +# Author: Paul Moore <paul@paul-moore.com> +# + +test type: basic + +# Test command +52-basic-load diff --git a/tests/Makefile.am b/tests/Makefile.am index 83e41c4..406d5a1 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -90,7 +90,8 @@ check_PROGRAMS = \ 48-sim-32b_args \ 49-sim-64b_comparisons \ 50-sim-hash_collision \ - 51-live-user_notification + 51-live-user_notification \ + 52-basic-load EXTRA_DIST_TESTPYTHON = \ util.py \ @@ -142,7 +143,9 @@ EXTRA_DIST_TESTPYTHON = \ 47-live-kill_process.py \ 48-sim-32b_args.py \ 49-sim-64b_comparisons.py \ - 50-sim-hash_collision.py + 50-sim-hash_collision.py \ + 51-live-user_notification.py \ + 52-basic-load.py EXTRA_DIST_TESTCFGS = \ 01-sim-allow.tests \ @@ -195,7 +198,8 @@ EXTRA_DIST_TESTCFGS = \ 48-sim-32b_args.tests \ 49-sim-64b_comparisons.tests \ 50-sim-hash_collision.tests \ - 51-live-user_notification.tests + 51-live-user_notification.tests \ + 52-basic-load.tests EXTRA_DIST_TESTSCRIPTS = \ 38-basic-pfc_coverage.sh 38-basic-pfc_coverage.pfc |