From 138299c6bb22f0638dcbf2c2e915270ad66d008c Mon Sep 17 00:00:00 2001
From: Paul Moore <paul@paul-moore.com>
Date: Mon, 27 Jan 2020 09:38:38 -0700
Subject: tests: introduce a simple seccomp_load() test as part of the non-live
 tests

This is a bit controversial as historically we've refrained from
doing any tests that rely on the host kernel in the non-live tests,
but I think enough time has past that we can do a simple
seccomp_load() and not break the world's build/test platforms.

The obvious big advantage is we are now testing the basic
prctl()/seccomp() filter load infrastructure as part of the main
regression test run.

Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 3bae8850487eaad54fccbf206516b269f330b08f)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>

Conflicts:
	tests/.gitignore
	tests/Makefile.am
---
 tests/.gitignore          |  1 +
 tests/52-basic-load.c     | 48 +++++++++++++++++++++++++++++++++++++++++++++++
 tests/52-basic-load.py    | 38 +++++++++++++++++++++++++++++++++++++
 tests/52-basic-load.tests | 11 +++++++++++
 tests/Makefile.am         |  9 ++++++---
 5 files changed, 104 insertions(+), 3 deletions(-)
 create mode 100644 tests/52-basic-load.c
 create mode 100755 tests/52-basic-load.py
 create mode 100644 tests/52-basic-load.tests

diff --git a/tests/.gitignore b/tests/.gitignore
index a5bc9e4..17297a2 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -56,3 +56,4 @@ util.pyc
 48-sim-32b_args
 49-sim-64b_comparisons
 50-sim-hash_collision
+52-basic-load
diff --git a/tests/52-basic-load.c b/tests/52-basic-load.c
new file mode 100644
index 0000000..2f2b516
--- /dev/null
+++ b/tests/52-basic-load.c
@@ -0,0 +1,48 @@
+/**
+ * Seccomp Library test program
+ *
+ * Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com>
+ * Author: Paul Moore <paul@paul-moore.com>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <errno.h>
+#include <unistd.h>
+
+#include <seccomp.h>
+
+#include "util.h"
+
+int main(int argc, char *argv[])
+{
+	int rc;
+	struct util_options opts;
+	scmp_filter_ctx ctx = NULL;
+
+	rc = util_getopt(argc, argv, &opts);
+	if (rc < 0)
+		goto out;
+
+	ctx = seccomp_init(SCMP_ACT_ALLOW);
+	if (ctx == NULL)
+		return ENOMEM;
+
+	rc = seccomp_load(ctx);
+
+out:
+	seccomp_release(ctx);
+	return (rc < 0 ? -rc : rc);
+}
diff --git a/tests/52-basic-load.py b/tests/52-basic-load.py
new file mode 100755
index 0000000..4395a79
--- /dev/null
+++ b/tests/52-basic-load.py
@@ -0,0 +1,38 @@
+#!/usr/bin/env python
+
+#
+# Seccomp Library test program
+#
+# Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com>
+# Author: Paul Moore <paul@paul-moore.com>
+#
+
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of version 2.1 of the GNU Lesser General Public License as
+# published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+# for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, see <http://www.gnu.org/licenses>.
+#
+
+import argparse
+import sys
+
+import util
+
+from seccomp import *
+
+def test():
+    f = SyscallFilter(ALLOW)
+    f.load()
+
+test()
+
+# kate: syntax python;
+# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
diff --git a/tests/52-basic-load.tests b/tests/52-basic-load.tests
new file mode 100644
index 0000000..510e2d3
--- /dev/null
+++ b/tests/52-basic-load.tests
@@ -0,0 +1,11 @@
+#
+# libseccomp regression test automation data
+#
+# Copyright (c) 2013 Red Hat <pmoore@redhat.com>
+# Author: Paul Moore <paul@paul-moore.com>
+#
+
+test type: basic
+
+# Test command
+52-basic-load
diff --git a/tests/Makefile.am b/tests/Makefile.am
index eb84e14..f667b7d 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -89,7 +89,8 @@ check_PROGRAMS = \
 	47-live-kill_process \
 	48-sim-32b_args \
 	49-sim-64b_comparisons \
-	50-sim-hash_collision
+	50-sim-hash_collision \
+	52-basic-load
 
 EXTRA_DIST_TESTPYTHON = \
 	util.py \
@@ -141,7 +142,8 @@ EXTRA_DIST_TESTPYTHON = \
 	47-live-kill_process.py \
 	48-sim-32b_args.py \
 	49-sim-64b_comparisons.py \
-	50-sim-hash_collision.py
+	50-sim-hash_collision.py \
+	52-basic-load.py
 
 EXTRA_DIST_TESTCFGS = \
 	01-sim-allow.tests \
@@ -193,7 +195,8 @@ EXTRA_DIST_TESTCFGS = \
 	47-live-kill_process.tests \
 	48-sim-32b_args.tests \
 	49-sim-64b_comparisons.tests \
-	50-sim-hash_collision.tests
+	50-sim-hash_collision.tests \
+	52-basic-load.tests
 
 EXTRA_DIST_TESTSCRIPTS = \
 	38-basic-pfc_coverage.sh 38-basic-pfc_coverage.pfc
-- 
cgit v1.2.1