diff options
author | Mike Frysinger <vapier@gentoo.org> | 2017-03-08 21:13:31 -0800 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2021-10-08 14:36:40 -0400 |
commit | 3f0e47fe2717b73ccef68ca18f9f7297ee73ebb2 (patch) | |
tree | f6fabaa1a81f54371f4744b5075c8b66de7d0a7a /tests | |
parent | 50da6c1c61c1237cc3af2240b294af66de505018 (diff) | |
download | libseccomp-3f0e47fe2717b73ccef68ca18f9f7297ee73ebb2.tar.gz |
api: extend BPF export API to write to a memory buffer
The API to export to a fd is helpful, but for tools that want to
generate & read the BPF program, outputting to a buffer would be
much more helpful.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
[PM: rename seccomp_export_bpf_buf() to seccomp_export_bpf_mem()]
[PM: 'make check-syntax' fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/11-basic-basic_errors.c | 33 | ||||
-rwxr-xr-x | tests/11-basic-basic_errors.py | 5 |
2 files changed, 38 insertions, 0 deletions
diff --git a/tests/11-basic-basic_errors.c b/tests/11-basic-basic_errors.c index 49d9eef..53fe95d 100644 --- a/tests/11-basic-basic_errors.c +++ b/tests/11-basic-basic_errors.c @@ -175,6 +175,39 @@ int main(int argc, char *argv[]) seccomp_release(ctx); ctx = NULL; + /* seccomp_export_bpf_mem errors */ + char buf[1024]; + size_t buf_len = sizeof(buf); + rc = seccomp_export_bpf_mem(ctx, buf, &buf_len); + if (rc != -EINVAL) + return -1; + + ctx = seccomp_init(SCMP_ACT_KILL); + if (ctx == NULL) + return -1; + rc = seccomp_export_bpf_mem(ctx, buf, NULL); + if (rc != -EINVAL) + return -1; + rc = seccomp_export_bpf_mem(ctx, NULL, NULL); + if (rc != -EINVAL) + return -1; + + rc = seccomp_export_bpf_mem(ctx, NULL, &buf_len); + if (rc != 0) + return -1; + rc = seccomp_export_bpf_mem(ctx, buf, &buf_len); + if (rc != 0) + return -1; + rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0); + if (rc != 0) + return -1; + buf_len = 0; + rc = seccomp_export_bpf_mem(ctx, buf, &buf_len); + if (rc != -ERANGE) + return -1; + seccomp_release(ctx); + ctx = NULL; + /* seccomp_attr_* errors */ ctx = seccomp_init(SCMP_ACT_ALLOW); if (ctx == NULL) diff --git a/tests/11-basic-basic_errors.py b/tests/11-basic-basic_errors.py index a2689ca..7cf502d 100755 --- a/tests/11-basic-basic_errors.py +++ b/tests/11-basic-basic_errors.py @@ -87,6 +87,11 @@ def test(): except RuntimeError: pass + # This shouldn't throw any errors. + f = SyscallFilter(ALLOW) + f.add_rule(KILL, "read") + ret = f.export_bpf_mem() + test() # kate: syntax python; |