diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2017-11-11 21:39:02 +0900 |
---|---|---|
committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2017-11-11 21:54:20 +0900 |
commit | b4891260b9e926c00276acf1924734f93b144a0d (patch) | |
tree | b81492f803936a4db8b6673d88dab33987538230 /src/test/test-seccomp.c | |
parent | 8cfa775f4f116c5f56a140da268ea7b6072534e6 (diff) | |
download | systemd-b4891260b9e926c00276acf1924734f93b144a0d.tar.gz |
test: add tests for syscall:errno style in SystemCallFilter=
Diffstat (limited to 'src/test/test-seccomp.c')
-rw-r--r-- | src/test/test-seccomp.c | 51 |
1 files changed, 42 insertions, 9 deletions
diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c index e5f97894b7..a1d3c6280e 100644 --- a/src/test/test-seccomp.c +++ b/src/test/test-seccomp.c @@ -519,7 +519,7 @@ static void test_load_syscall_filter_set_raw(void) { assert_se(pid >= 0); if (pid == 0) { - _cleanup_set_free_ Set *s = NULL; + _cleanup_hashmap_free_ Hashmap *s = NULL; assert_se(access("/", F_OK) >= 0); assert_se(poll(NULL, 0, 0) == 0); @@ -528,11 +528,11 @@ static void test_load_syscall_filter_set_raw(void) { assert_se(access("/", F_OK) >= 0); assert_se(poll(NULL, 0, 0) == 0); - assert_se(s = set_new(NULL)); + assert_se(s = hashmap_new(NULL)); #if SCMP_SYS(access) >= 0 - assert_se(set_put(s, UINT32_TO_PTR(__NR_access + 1)) >= 0); + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(-1)) >= 0); #else - assert_se(set_put(s, UINT32_TO_PTR(__NR_faccessat + 1)) >= 0); + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(-1)) >= 0); #endif assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUCLEAN)) >= 0); @@ -542,23 +542,56 @@ static void test_load_syscall_filter_set_raw(void) { assert_se(poll(NULL, 0, 0) == 0); - s = set_free(s); + s = hashmap_free(s); - assert_se(s = set_new(NULL)); + assert_se(s = hashmap_new(NULL)); +#if SCMP_SYS(access) >= 0 + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(EILSEQ)) >= 0); +#else + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(EILSEQ)) >= 0); +#endif + + assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUCLEAN)) >= 0); + + assert_se(access("/", F_OK) < 0); + assert_se(errno == EILSEQ); + + assert_se(poll(NULL, 0, 0) == 0); + + s = hashmap_free(s); + + assert_se(s = hashmap_new(NULL)); #if SCMP_SYS(poll) >= 0 - assert_se(set_put(s, UINT32_TO_PTR(__NR_poll + 1)) >= 0); + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(-1)) >= 0); #else - assert_se(set_put(s, UINT32_TO_PTR(__NR_ppoll + 1)) >= 0); + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(-1)) >= 0); #endif assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUNATCH)) >= 0); assert_se(access("/", F_OK) < 0); - assert_se(errno == EUCLEAN); + assert_se(errno == EILSEQ); assert_se(poll(NULL, 0, 0) < 0); assert_se(errno == EUNATCH); + s = hashmap_free(s); + + assert_se(s = hashmap_new(NULL)); +#if SCMP_SYS(poll) >= 0 + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(EILSEQ)) >= 0); +#else + assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(EILSEQ)) >= 0); +#endif + + assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUNATCH)) >= 0); + + assert_se(access("/", F_OK) < 0); + assert_se(errno == EILSEQ); + + assert_se(poll(NULL, 0, 0) < 0); + assert_se(errno == EILSEQ); + _exit(EXIT_SUCCESS); } |