summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* api: create an API level construct as part of the supported APIworking-api_levelPaul Moore2017-09-214-3/+98
| | | | | | | | | WORK IN PROGRESS, DO NOT SHIP XXX - manpage needed XXX - tests needed Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: fix Travis CI build/test failuresPaul Moore2017-09-131-2/+2
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* man: Fix SCMP_FLTATR_API_TSKIP typo in seccomp_attr_set man pageTyler Hicks2017-09-121-1/+1
| | | | | Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: fix conditional that was skipping all basic python testsTyler Hicks2017-09-121-1/+1
| | | | | | | | | | | A conditional added in ec6f45ab was incorrectly comparing the (empty) stdout of grep -q against 0, which always evaluated to be true and skipped the basic python tests. Fix it by using bash's pattern matching. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: add Kyle R. Conway to the CREDITS filePaul Moore2017-06-191-0/+1
| | | | | | Kyle designed the logo for libseccomp. Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: rename SUBMITTING_PATCHES to CONTRIBUTINGPaul Moore2017-06-193-3/+3
| | | | | | | This is in better keeping with the convention of most Open Source projects. Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: add the logo to the READMEPaul Moore2017-06-191-1/+1
| | | | | | | Thanks to Kyle R. Conway for the logo! * https://github.com/seccomp/libseccomp-artwork Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: create an easy to use test coverage make targetPaul Moore2017-03-012-5/+13
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: fix some small typos in SUBMITTING_PATCHESPaul Moore2017-02-281-4/+4
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: add a note about writing new tests in SUBMITTING_PATCHESPaul Moore2017-02-281-0/+12
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: update the CHANGELOG for v2.3.2Paul Moore2017-02-271-0/+11
| | | | | Signed-off-by: Paul Moore <paul@paul-moore.com> (imported from commit b1e97650bec2036029595ad81974ed79d0263544)
* tests: we can't run fuzz tests on non-native filtersPaul Moore2017-02-271-5/+0
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: cleanup some comments in 15-sim-negative_onePaul Moore2017-02-271-5/+0
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: fix arch-syscall-check for all supported architecturesPaul Moore2017-02-271-1/+1
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: fix a problem where arch-syscall-check could fail and return 0Paul Moore2017-02-271-0/+2
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* docs: update the CREDITS filePaul Moore2017-02-271-1/+9
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* docs: new tool to update the credits filePaul Moore2017-02-273-0/+49
| | | | | | | This commit also adds a .mailmap file and updates the RELEASE_PROCESS document to use the new script. Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: fix some problems with 'make distcheck'Paul Moore2017-02-273-6/+15
| | | | | | | This commit also renames some of the variables in the tests directory to better reflect their meaning. Signed-off-by: Paul Moore <paul@paul-moore.com>
* docs: add a RELEASE_PROCESS documentPaul Moore2017-02-241-0/+89
| | | | | | This should help make releases much more consistent. Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: convert SUBMITTING_PATCHES to MarkdownPaul Moore2017-02-242-8/+7
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: update README.md with information about the "live" testsPaul Moore2017-02-241-3/+13
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* all: update the .gitignore file to include gcov files and Python cachePaul Moore2017-02-242-0/+5
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: add a dedicated PFC testPaul Moore2017-02-247-2/+263
| | | | | | | This commit also adds special shell-script handling for the "basic" tests. Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: add the syscall consistency check to the code coverage testsPaul Moore2017-02-243-1/+11
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: add socket and ipc tests to 15-basic-resolverPaul Moore2017-02-241-0/+24
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* bpf: mark static functions as staticPaul Moore2017-02-241-2/+2
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* all: mark a number of static functions as staticPaul Moore2017-02-233-6/+6
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: add ipc(2) testsPaul Moore2017-02-238-3/+409
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: test the syscall resolver on all supported architecturesPaul Moore2017-02-231-24/+53
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* all: convert our hash from Lookup3 to MurmurHash3Paul Moore2017-02-233-663/+69
| | | | | | | | | | The hash implementation was taken from the GitHub project below where it was released into the public domain. MurmurHash3 should be faster and less complex than the Lookup3 hash it replaces. * https://github.com/aappleby/smhasher Signed-off-by: Paul Moore <paul@paul-moore.com>
* bpf: make sure we always clean up all of the BPF temporary statePaul Moore2017-02-231-8/+8
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: update the attr tests to include TSYNC and TSKIPPaul Moore2017-02-232-0/+27
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: add a test for seccomp_syscall_resolve_name_rewrite()Paul Moore2017-02-231-0/+5
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: test some untested arch APIsPaul Moore2017-02-232-0/+19
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* bpf: don't catch the -1 syscall in the x32/x86_64 checkPaul Moore2017-02-231-1/+20
| | | | | | | | | | | | | | | The -1 syscall can be used by a tracing process to skip a syscall, which up until Linux v4.8 was of no concern for libseccomp since the seccomp filter was only executed at the start of the syscall and not after the tracing process was notified, however recent kernels also execute the seccomp filter after the tracing process finishes its syscall handling; this caused problems on x86_64 systems that didn't explicitly add an x32 architecture to their filters. This patch fixes the x32 check to treat the -1 syscall like any other syscall. Signed-off-by: Paul Moore <paul@paul-moore.com>
* all: add tests to ensure that syscall -1 is handled correctlyPaul Moore2017-02-237-7/+159
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* all: treat syscall -1 as a valid syscallPaul Moore2017-02-219-18/+53
| | | | | | | | | | | | | Process tracers use a -1 syscall value to indicate that a syscall should be skipped. This turns out to be quite an undertaking as we need to workaround __NR_SCMP_ERROR (which also has a value of -1). Pay special attention to the new attribute, SCMP_FLTATR_API_TSKIP, and the documentation additions. More information in the GitHub issue: * https://github.com/seccomp/libseccomp/issues/80 Signed-off-by: Paul Moore <paul@paul-moore.com>
* man: clarify syscall number rewritingLuca Bruno2017-02-212-3/+18
| | | | | | | | | | | | In case of multiplexed syscalls, syscall name resolver and rule builder both offer additional functions to ignore or perform syscall number rewriting. This commit introduces additional explicit details to the corresponding manpages. Signed-off-by: Luca Bruno <lucab@debian.org> [PM: minor man-page style fixes] Signed-off-by: Paul Moore <paul@paul-moore.com>
* doc: fix some of the man-page languagePaul Moore2017-02-211-7/+6
| | | | | | See https://github.com/seccomp/libseccomp/issues/37 Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: integrate Coverity scanning into the Travis CI buildPaul Moore2017-02-201-2/+18
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* all: introduce a zmalloc() helper functionPaul Moore2017-02-176-35/+96
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: treat clang errors as fatal in the Travis CI buildPaul Moore2017-02-171-1/+1
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* db: include the arguments in the db_api_rule_list structPaul Moore2017-02-177-101/+44
| | | | | | | | | | Instead of dynamically allocating a variable number of arguments, include an array of ARG_COUNT_MAX elements directly in the struct. Also perform a number of simplifications to the code with the understanding that ARG_COUNT_MAX is an ABI independent value that isn't variable. Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: limit fuzz testing on Travis CI to avoid timeoutsPaul Moore2017-02-161-1/+1
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: add support for $LIBSECCOMP_TSTCFG_STRESSCNTPaul Moore2017-02-161-0/+4
| | | | | | | Allow the fuzz tests to be configured via the LIBSECCOMP_TSTCFG_STRESSCNT environment variable. Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: restore the '-static' linker flag for the test suitePaul Moore2017-02-151-0/+8
| | | | | | | | | | | Commit a69776395367 ("build: add basic code coverage support") added support for code coverage but removed the '-static' linker flag from the test directory which makes debugging tests much more difficult. Unfortunately, we can't simply restore the '-static' linker flag as it causes problems with the code coverage tools, so make it dependent on the '--enable-code-coverage' configure flag. Signed-off-by: Paul Moore <paul@paul-moore.com>
* docs: add a Coveralls badge to README.mdPaul Moore2017-02-071-0/+1
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: add Coveralls supportPaul Moore2017-02-071-3/+13
| | | | | | See https://coveralls.io for more information. Signed-off-by: Paul Moore <paul@paul-moore.com>
* tests: add test configuration via environment variablesPaul Moore2017-02-071-0/+4
| | | | | | | Allow the test type to be specified by the LIBSECCOMP_TSTCFG_TYPE environment variable. Signed-off-by: Paul Moore <paul@paul-moore.com>
* build: add basic code coverage supportPaul Moore2017-02-065-5/+281
| | | | Signed-off-by: Paul Moore <paul@paul-moore.com>
View Lorry Controller Status