summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/04-sim-multilevel_chains.c33
-rwxr-xr-xtests/04-sim-multilevel_chains.py32
-rw-r--r--tests/04-sim-multilevel_chains.tests46
-rw-r--r--tests/06-sim-actions.c10
-rw-r--r--tests/06-sim-actions.tests16
-rw-r--r--tests/16-sim-arch_basic.c3
-rwxr-xr-xtests/16-sim-arch_basic.py1
-rw-r--r--tests/20-live-basic_die.c6
-rwxr-xr-xtests/20-live-basic_die.py4
-rw-r--r--tests/21-live-basic_allow.c15
-rwxr-xr-xtests/21-live-basic_allow.py23
-rw-r--r--tests/23-sim-arch_all_le_basic.c3
-rwxr-xr-xtests/23-sim-arch_all_le_basic.py1
-rw-r--r--tests/24-live-arg_allow.c12
-rwxr-xr-xtests/24-live-arg_allow.py10
-rwxr-xr-xtests/regression4
16 files changed, 111 insertions, 108 deletions
diff --git a/tests/04-sim-multilevel_chains.c b/tests/04-sim-multilevel_chains.c
index 83bbfd5..20577ef 100644
--- a/tests/04-sim-multilevel_chains.c
+++ b/tests/04-sim-multilevel_chains.c
@@ -41,40 +41,39 @@ int main(int argc, char *argv[])
if (ctx == NULL)
return ENOMEM;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 3,
- SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO),
- SCMP_A1(SCMP_CMP_NE, 0x0),
- SCMP_A2(SCMP_CMP_LT, SSIZE_MAX));
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 3,
+ SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO),
+ SCMP_A1(SCMP_CMP_NE, 0x0),
+ SCMP_A2(SCMP_CMP_LT, SSIZE_MAX));
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 3,
- SCMP_A0(SCMP_CMP_EQ, STDOUT_FILENO),
- SCMP_A1(SCMP_CMP_NE, 0x0),
- SCMP_A2(SCMP_CMP_LT, SSIZE_MAX));
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 3,
+ SCMP_A0(SCMP_CMP_EQ, STDOUT_FILENO),
+ SCMP_A1(SCMP_CMP_NE, 0x0),
+ SCMP_A2(SCMP_CMP_LT, SSIZE_MAX));
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 3,
- SCMP_A0(SCMP_CMP_EQ, STDERR_FILENO),
- SCMP_A1(SCMP_CMP_NE, 0x0),
- SCMP_A2(SCMP_CMP_LT, SSIZE_MAX));
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 3,
+ SCMP_A0(SCMP_CMP_EQ, STDERR_FILENO),
+ SCMP_A1(SCMP_CMP_NE, 0x0),
+ SCMP_A2(SCMP_CMP_LT, SSIZE_MAX));
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
if (rc != 0)
goto out;
diff --git a/tests/04-sim-multilevel_chains.py b/tests/04-sim-multilevel_chains.py
index e40deee..73a6921 100755
--- a/tests/04-sim-multilevel_chains.py
+++ b/tests/04-sim-multilevel_chains.py
@@ -30,22 +30,22 @@ from seccomp import *
def test(args):
f = SyscallFilter(KILL)
- f.add_rule_exactly(ALLOW, "open");
- f.add_rule_exactly(ALLOW, "close");
- f.add_rule_exactly(ALLOW, "read",
- Arg(0, EQ, sys.stdin.fileno()),
- Arg(1, NE, 0),
- Arg(2, LT, sys.maxsize));
- f.add_rule_exactly(ALLOW, "write",
- Arg(0, EQ, sys.stdout.fileno()),
- Arg(1, NE, 0),
- Arg(2, LT, sys.maxsize));
- f.add_rule_exactly(ALLOW, "write",
- Arg(0, EQ, sys.stderr.fileno()),
- Arg(1, NE, 0),
- Arg(2, LT, sys.maxsize));
- f.add_rule_exactly(ALLOW, "close");
- f.add_rule_exactly(ALLOW, "rt_sigreturn");
+ f.add_rule(ALLOW, "open");
+ f.add_rule(ALLOW, "close");
+ f.add_rule(ALLOW, "read",
+ Arg(0, EQ, sys.stdin.fileno()),
+ Arg(1, NE, 0),
+ Arg(2, LT, sys.maxsize));
+ f.add_rule(ALLOW, "write",
+ Arg(0, EQ, sys.stdout.fileno()),
+ Arg(1, NE, 0),
+ Arg(2, LT, sys.maxsize));
+ f.add_rule(ALLOW, "write",
+ Arg(0, EQ, sys.stderr.fileno()),
+ Arg(1, NE, 0),
+ Arg(2, LT, sys.maxsize));
+ f.add_rule(ALLOW, "close");
+ f.add_rule(ALLOW, "rt_sigreturn");
return f
args = util.get_opt()
diff --git a/tests/04-sim-multilevel_chains.tests b/tests/04-sim-multilevel_chains.tests
index cefbc4f..6613f9a 100644
--- a/tests/04-sim-multilevel_chains.tests
+++ b/tests/04-sim-multilevel_chains.tests
@@ -7,29 +7,29 @@
test type: bpf-sim
-# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result
-04-sim-multilevel_chains all open 0x856B008 4 N N N N ALLOW
-04-sim-multilevel_chains all close 4 N N N N N ALLOW
-04-sim-multilevel_chains x86 read 0 0x856B008 0x7FFFFFFE N N N ALLOW
-04-sim-multilevel_chains x86_64 read 0 0x856B008 0x7FFFFFFFFFFFFFFE N N N ALLOW
-04-sim-multilevel_chains x86 read 0 0x856B008 0x7FFFFFFF N N N KILL
-04-sim-multilevel_chains x86_64 read 0 0x856B008 0x7FFFFFFFFFFFFFFF N N N KILL
-04-sim-multilevel_chains x86 read 0 0 0x7FFFFFFE N N N KILL
-04-sim-multilevel_chains x86_64 read 0 0 0x7FFFFFFFFFFFFFFE N N N KILL
-04-sim-multilevel_chains all read 1-10 0x856B008 0x7FFFFFFE N N N KILL
-04-sim-multilevel_chains x86 write 1-2 0x856B008 0x7FFFFFFE N N N ALLOW
-04-sim-multilevel_chains x86_64 write 1-2 0x856B008 0x7FFFFFFFFFFFFFFE N N N ALLOW
-04-sim-multilevel_chains x86 write 1-2 0 0x7FFFFFFE N N N KILL
-04-sim-multilevel_chains x86_64 write 1-2 0 0x7FFFFFFFFFFFFFFE N N N KILL
-04-sim-multilevel_chains x86 write 1-2 0x856B008 0x7FFFFFFF N N N KILL
-04-sim-multilevel_chains x86_64 write 1-2 0x856B008 0x7FFFFFFFFFFFFFFF N N N KILL
-04-sim-multilevel_chains all write 3-10 0x856B008 0x7FFFFFFE N N N KILL
-04-sim-multilevel_chains all rt_sigreturn N N N N N N ALLOW
-04-sim-multilevel_chains x86 0-2 N N N N N N KILL
-04-sim-multilevel_chains x86 7-172 N N N N N N KILL
-04-sim-multilevel_chains x86 174-350 N N N N N N KILL
-04-sim-multilevel_chains x86_64 4-14 N N N N N N KILL
-04-sim-multilevel_chains x86_64 16-350 N N N N N N KILL
+# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result
+04-sim-multilevel_chains all,-aarch64 open 0x856B008 4 N N N N ALLOW
+04-sim-multilevel_chains all close 4 N N N N N ALLOW
+04-sim-multilevel_chains x86 read 0 0x856B008 0x7FFFFFFE N N N ALLOW
+04-sim-multilevel_chains x86_64 read 0 0x856B008 0x7FFFFFFFFFFFFFFE N N N ALLOW
+04-sim-multilevel_chains x86 read 0 0x856B008 0x7FFFFFFF N N N KILL
+04-sim-multilevel_chains x86_64 read 0 0x856B008 0x7FFFFFFFFFFFFFFF N N N KILL
+04-sim-multilevel_chains x86 read 0 0 0x7FFFFFFE N N N KILL
+04-sim-multilevel_chains x86_64 read 0 0 0x7FFFFFFFFFFFFFFE N N N KILL
+04-sim-multilevel_chains all read 1-10 0x856B008 0x7FFFFFFE N N N KILL
+04-sim-multilevel_chains x86 write 1-2 0x856B008 0x7FFFFFFE N N N ALLOW
+04-sim-multilevel_chains x86_64 write 1-2 0x856B008 0x7FFFFFFFFFFFFFFE N N N ALLOW
+04-sim-multilevel_chains x86 write 1-2 0 0x7FFFFFFE N N N KILL
+04-sim-multilevel_chains x86_64 write 1-2 0 0x7FFFFFFFFFFFFFFE N N N KILL
+04-sim-multilevel_chains x86 write 1-2 0x856B008 0x7FFFFFFF N N N KILL
+04-sim-multilevel_chains x86_64 write 1-2 0x856B008 0x7FFFFFFFFFFFFFFF N N N KILL
+04-sim-multilevel_chains all write 3-10 0x856B008 0x7FFFFFFE N N N KILL
+04-sim-multilevel_chains all rt_sigreturn N N N N N N ALLOW
+04-sim-multilevel_chains x86 0-2 N N N N N N KILL
+04-sim-multilevel_chains x86 7-172 N N N N N N KILL
+04-sim-multilevel_chains x86 174-350 N N N N N N KILL
+04-sim-multilevel_chains x86_64 4-14 N N N N N N KILL
+04-sim-multilevel_chains x86_64 16-350 N N N N N N KILL
test type: bpf-sim-fuzz
diff --git a/tests/06-sim-actions.c b/tests/06-sim-actions.c
index 4dbe19f..0490783 100644
--- a/tests/06-sim-actions.c
+++ b/tests/06-sim-actions.c
@@ -40,21 +40,19 @@ int main(int argc, char *argv[])
if (ctx == NULL)
return ENOMEM;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ERRNO(EPERM), SCMP_SYS(write), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(write), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_TRAP, SCMP_SYS(close), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_TRAP, SCMP_SYS(close), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_TRACE(1234), SCMP_SYS(open), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_TRACE(1234), SCMP_SYS(open), 0);
if (rc != 0)
goto out;
diff --git a/tests/06-sim-actions.tests b/tests/06-sim-actions.tests
index f09f0a0..d0c2e44 100644
--- a/tests/06-sim-actions.tests
+++ b/tests/06-sim-actions.tests
@@ -7,14 +7,14 @@
test type: bpf-sim
-# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result
-06-sim-actions all read 4 0x856B008 80 N N N ALLOW
-06-sim-actions all write 1 0x856B008 N N N N ERRNO(1)
-06-sim-actions all close 4 N N N N N TRAP
-06-sim-actions all open 0x856B008 4 N N N N TRACE(1234)
-06-sim-actions x86 0-2 N N N N N N KILL
-06-sim-actions x86 7-350 N N N N N N KILL
-06-sim-actions x86_64 4-350 N N N N N N KILL
+# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result
+06-sim-actions all read 4 0x856B008 80 N N N ALLOW
+06-sim-actions all write 1 0x856B008 N N N N ERRNO(1)
+06-sim-actions all close 4 N N N N N TRAP
+06-sim-actions all,-aarch64 open 0x856B008 4 N N N N TRACE(1234)
+06-sim-actions x86 0-2 N N N N N N KILL
+06-sim-actions x86 7-350 N N N N N N KILL
+06-sim-actions x86_64 4-350 N N N N N N KILL
test type: bpf-sim-fuzz
diff --git a/tests/16-sim-arch_basic.c b/tests/16-sim-arch_basic.c
index efc8696..9771913 100644
--- a/tests/16-sim-arch_basic.c
+++ b/tests/16-sim-arch_basic.c
@@ -56,6 +56,9 @@ int main(int argc, char *argv[])
rc = seccomp_arch_add(ctx, SCMP_ARCH_ARM);
if (rc != 0)
goto out;
+ rc = seccomp_arch_add(ctx, SCMP_ARCH_AARCH64);
+ if (rc != 0)
+ goto out;
rc = seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL);
if (rc != 0)
goto out;
diff --git a/tests/16-sim-arch_basic.py b/tests/16-sim-arch_basic.py
index ddd3f65..57a5ac3 100755
--- a/tests/16-sim-arch_basic.py
+++ b/tests/16-sim-arch_basic.py
@@ -35,6 +35,7 @@ def test(args):
f.add_arch(Arch("x86_64"))
f.add_arch(Arch("x32"))
f.add_arch(Arch("arm"))
+ f.add_arch(Arch("aarch64"))
f.add_arch(Arch("mipsel"))
f.add_arch(Arch("mipsel64"))
f.add_arch(Arch("mipsel64n32"))
diff --git a/tests/20-live-basic_die.c b/tests/20-live-basic_die.c
index 5e6a99b..926875f 100644
--- a/tests/20-live-basic_die.c
+++ b/tests/20-live-basic_die.c
@@ -47,12 +47,10 @@ int main(int argc, char *argv[])
if (ctx == NULL)
return ENOMEM;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
if (rc != 0)
goto out;
diff --git a/tests/20-live-basic_die.py b/tests/20-live-basic_die.py
index 2b07776..c9f437f 100755
--- a/tests/20-live-basic_die.py
+++ b/tests/20-live-basic_die.py
@@ -33,8 +33,8 @@ def test():
if action == TRAP:
util.install_trap()
f = SyscallFilter(action)
- f.add_rule_exactly(ALLOW, "rt_sigreturn")
- f.add_rule_exactly(ALLOW, "exit_group")
+ f.add_rule(ALLOW, "rt_sigreturn")
+ f.add_rule(ALLOW, "exit_group")
f.load()
try:
util.write_file("/dev/null")
diff --git a/tests/21-live-basic_allow.c b/tests/21-live-basic_allow.c
index 690f98e..4960e1b 100644
--- a/tests/21-live-basic_allow.c
+++ b/tests/21-live-basic_allow.c
@@ -45,21 +45,22 @@ int main(int argc, char *argv[])
if (ctx == NULL)
return ENOMEM;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
+ if (rc != 0)
+ goto out;
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
if (rc != 0)
goto out;
diff --git a/tests/21-live-basic_allow.py b/tests/21-live-basic_allow.py
index 1332f2e..97dd61a 100755
--- a/tests/21-live-basic_allow.py
+++ b/tests/21-live-basic_allow.py
@@ -35,17 +35,18 @@ def test():
util.install_trap()
f = SyscallFilter(TRAP)
# NOTE: additional syscalls required for python
- f.add_rule_exactly(ALLOW, "stat")
- f.add_rule_exactly(ALLOW, "fstat")
- f.add_rule_exactly(ALLOW, "open")
- f.add_rule_exactly(ALLOW, "mmap")
- f.add_rule_exactly(ALLOW, "munmap")
- f.add_rule_exactly(ALLOW, "read")
- f.add_rule_exactly(ALLOW, "write")
- f.add_rule_exactly(ALLOW, "close")
- f.add_rule_exactly(ALLOW, "rt_sigaction")
- f.add_rule_exactly(ALLOW, "rt_sigreturn")
- f.add_rule_exactly(ALLOW, "exit_group")
+ f.add_rule(ALLOW, "stat")
+ f.add_rule(ALLOW, "fstat")
+ f.add_rule(ALLOW, "open")
+ f.add_rule(ALLOW, "openat")
+ f.add_rule(ALLOW, "mmap")
+ f.add_rule(ALLOW, "munmap")
+ f.add_rule(ALLOW, "read")
+ f.add_rule(ALLOW, "write")
+ f.add_rule(ALLOW, "close")
+ f.add_rule(ALLOW, "rt_sigaction")
+ f.add_rule(ALLOW, "rt_sigreturn")
+ f.add_rule(ALLOW, "exit_group")
f.load()
try:
util.write_file("/dev/null")
diff --git a/tests/23-sim-arch_all_le_basic.c b/tests/23-sim-arch_all_le_basic.c
index 9e820e1..eeb8556 100644
--- a/tests/23-sim-arch_all_le_basic.c
+++ b/tests/23-sim-arch_all_le_basic.c
@@ -56,6 +56,9 @@ int main(int argc, char *argv[])
rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("arm"));
if (rc != 0)
goto out;
+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("aarch64"));
+ if (rc != 0)
+ goto out;
rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("mipsel"));
if (rc != 0)
goto out;
diff --git a/tests/23-sim-arch_all_le_basic.py b/tests/23-sim-arch_all_le_basic.py
index eba5152..36ab139 100755
--- a/tests/23-sim-arch_all_le_basic.py
+++ b/tests/23-sim-arch_all_le_basic.py
@@ -35,6 +35,7 @@ def test(args):
f.add_arch(Arch("x86_64"))
f.add_arch(Arch("x32"))
f.add_arch(Arch("arm"))
+ f.add_arch(Arch("aarch64"))
f.add_arch(Arch("mipsel"))
f.add_arch(Arch("mipsel64"))
f.add_arch(Arch("mipsel64n32"))
diff --git a/tests/24-live-arg_allow.c b/tests/24-live-arg_allow.c
index 2ee8377..a13caa8 100644
--- a/tests/24-live-arg_allow.c
+++ b/tests/24-live-arg_allow.c
@@ -58,19 +58,17 @@ int main(int argc, char *argv[])
if (ctx == NULL)
return ENOMEM;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1,
- SCMP_A0(SCMP_CMP_EQ, fd));
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1,
+ SCMP_A0(SCMP_CMP_EQ, fd));
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
if (rc != 0)
goto out;
- rc = seccomp_rule_add_exact(ctx,
- SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
if (rc != 0)
goto out;
diff --git a/tests/24-live-arg_allow.py b/tests/24-live-arg_allow.py
index 32c63ec..7df970a 100755
--- a/tests/24-live-arg_allow.py
+++ b/tests/24-live-arg_allow.py
@@ -39,11 +39,11 @@ def test():
f = SyscallFilter(TRAP)
# NOTE: additional syscalls required for python
- f.add_rule_exactly(ALLOW, "write", Arg(0, EQ, fd))
- f.add_rule_exactly(ALLOW, "close")
- f.add_rule_exactly(ALLOW, "rt_sigaction")
- f.add_rule_exactly(ALLOW, "rt_sigreturn")
- f.add_rule_exactly(ALLOW, "exit_group")
+ f.add_rule(ALLOW, "write", Arg(0, EQ, fd))
+ f.add_rule(ALLOW, "close")
+ f.add_rule(ALLOW, "rt_sigaction")
+ f.add_rule(ALLOW, "rt_sigreturn")
+ f.add_rule(ALLOW, "exit_group")
f.load()
try:
diff --git a/tests/regression b/tests/regression
index e7465d3..1d68ebc 100755
--- a/tests/regression
+++ b/tests/regression
@@ -21,7 +21,7 @@
# along with this library; if not, see <http://www.gnu.org/licenses>.
#
-GLBL_ARCH_LE_SUPPORT="x86 x86_64 x32 arm mipsel mipsel64 mipsel64n32"
+GLBL_ARCH_LE_SUPPORT="x86 x86_64 x32 arm aarch64 mipsel mipsel64 mipsel64n32"
GLBL_ARCH_BE_SUPPORT="mips mips64 mips64n32"
GLBL_SYS_ARCH="../tools/scmp_arch_detect"
@@ -669,7 +669,7 @@ function run_test_live() {
# setup the arch specific return values
case "$arch" in
- x86|x86_64|x32|arm)
+ x86|x86_64|x32|arm|aarch64)
rc_kill=159
rc_allow=160
rc_trap=161
View Lorry Controller Status