diff options
| author | Paul Moore <pmoore@redhat.com> | 2015-07-01 13:50:34 -0400 |
|---|---|---|
| committer | Paul Moore <pmoore@redhat.com> | 2015-07-01 13:50:34 -0400 |
| commit | 77b18477a4a26ae82fed15c0a1f6150709770b40 (patch) | |
| tree | a3a4562a0e937cdf6b2c9059ed4e0442bc93f529 | |
| parent | f506e0844372b2c404baa482defb62f6846d0e3e (diff) | |
| download | libseccomp-77b18477a4a26ae82fed15c0a1f6150709770b40.tar.gz | |
tests: make 27-sim-bpf_blk_state architecture independent
Using any of the socket related syscalls is always problematic, use
a generic syscall number for this test since it isn't syscall
specific.
Reported-by: Jan Willeke <willeke@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
(imported from commit 37a609498a218c370e86d34470a21d0d98db3b4f)
| -rw-r--r-- | tests/27-sim-bpf_blk_state.c | 26 | ||||
| -rwxr-xr-x | tests/27-sim-bpf_blk_state.py | 26 | ||||
| -rw-r--r-- | tests/27-sim-bpf_blk_state.tests | 8 |
3 files changed, 30 insertions, 30 deletions
diff --git a/tests/27-sim-bpf_blk_state.c b/tests/27-sim-bpf_blk_state.c index 39c53dd..fd69044 100644 --- a/tests/27-sim-bpf_blk_state.c +++ b/tests/27-sim-bpf_blk_state.c @@ -40,55 +40,55 @@ int main(int argc, char *argv[]) if (ctx == NULL) return ENOMEM; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 3)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 4)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 5)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 6)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 7)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 8)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 9)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 11)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 12)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 13)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 14)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_EQ, 15)); if (rc != 0) goto out; - rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(socket), 1, + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, 1000, 1, SCMP_A0(SCMP_CMP_GE, 16)); if (rc != 0) goto out; diff --git a/tests/27-sim-bpf_blk_state.py b/tests/27-sim-bpf_blk_state.py index 647c549..ff53ac9 100755 --- a/tests/27-sim-bpf_blk_state.py +++ b/tests/27-sim-bpf_blk_state.py @@ -30,19 +30,19 @@ from seccomp import * def test(args): f = SyscallFilter(ALLOW) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 3)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 4)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 5)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 6)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 7)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 8)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 9)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 11)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 12)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 13)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 14)) - f.add_rule_exactly(KILL, "socket", Arg(0, EQ, 15)) - f.add_rule_exactly(KILL, "socket", Arg(0, GE, 16)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 3)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 4)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 5)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 6)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 7)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 8)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 9)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 11)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 12)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 13)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 14)) + f.add_rule_exactly(KILL, 1000, Arg(0, EQ, 15)) + f.add_rule_exactly(KILL, 1000, Arg(0, GE, 16)) return f args = util.get_opt() diff --git a/tests/27-sim-bpf_blk_state.tests b/tests/27-sim-bpf_blk_state.tests index dd72b05..a4a8ae1 100644 --- a/tests/27-sim-bpf_blk_state.tests +++ b/tests/27-sim-bpf_blk_state.tests @@ -8,10 +8,10 @@ test type: bpf-sim # Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result -27-sim-bpf_blk_state +x86_64 socket 0-2 N N N N N ALLOW -27-sim-bpf_blk_state +x86_64 socket 3-9 N N N N N KILL -27-sim-bpf_blk_state +x86_64 socket 10 N N N N N ALLOW -27-sim-bpf_blk_state +x86_64 socket 11-32 N N N N N KILL +27-sim-bpf_blk_state all 1000 0-2 N N N N N ALLOW +27-sim-bpf_blk_state all 1000 3-9 N N N N N KILL +27-sim-bpf_blk_state all 1000 10 N N N N N ALLOW +27-sim-bpf_blk_state all 1000 11-32 N N N N N KILL test type: bpf-sim-fuzz |