Signed-off-by: Paul Moore <[email protected]> --- tests/.gitignore | 1 + tests/14-reset.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++ tests/14-reset.tests | 24 +++++++++++++++++++ tests/Makefile | 3 ++ 4 files changed, 89 insertions(+), 1 deletions(-) create mode 100644 tests/14-reset.c create mode 100644 tests/14-reset.tests
diff --git a/tests/.gitignore b/tests/.gitignore index 30198d4..f582b2e 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -12,3 +12,4 @@ 11-basic-errors 12-basic-masked-ops 13-attrs +14-reset diff --git a/tests/14-reset.c b/tests/14-reset.c new file mode 100644 index 0000000..adcc934 --- /dev/null +++ b/tests/14-reset.c @@ -0,0 +1,62 @@ +/** + * Seccomp Library test program + * + * Copyright (c) 2012 Red Hat <[email protected]> + * Author: Paul Moore <[email protected]> + */ + +/* + * This library is free software; you can redistribute it and/or modify it + * under the terms of version 2.1 of the GNU Lesser General Public License as + * published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License + * for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, see <http://www.gnu.org/licenses>. + */ + +#include <unistd.h> + +#include <seccomp.h> + +#include "util.h" + +int main(int argc, char *argv[]) +{ + int rc; + struct util_options opts; + scmp_filter_ctx ctx; + + rc = util_getopt(argc, argv, &opts); + if (rc < 0) + goto out; + + ctx = seccomp_init(SCMP_ACT_KILL); + if (ctx == NULL) + goto out; + + + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0); + if (rc != 0) + goto out; + + rc = seccomp_reset(ctx, SCMP_ACT_KILL); + if (rc != 0) + goto out; + + rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 0); + if (rc != 0) + goto out; + + rc = util_filter_output(&opts, ctx); + if (rc) + goto out; + +out: + seccomp_release(ctx); + return (rc < 0 ? -rc : rc); +} diff --git a/tests/14-reset.tests b/tests/14-reset.tests new file mode 100644 index 0000000..f0db24f --- /dev/null +++ b/tests/14-reset.tests @@ -0,0 +1,24 @@ +# +# libseccomp regression test automation data +# +# Copyright (c) 2012 Red Hat <[email protected]> +# Author: Paul Moore <[email protected] +# + +test type: bpf-sim + +# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result +14-reset all read 0 0x856B008 40 N N N KILL +14-reset all write 1 0x856B008 40 N N N ALLOW +14-reset all close 4 N N N N N KILL +14-reset all rt_sigreturn N N N N N N KILL +14-reset all open 0x856B008 4 N N N N KILL +14-reset x86 0-2 N N N N N N KILL +14-reset x86 4-350 N N N N N N KILL +14-reset x86_64 0 N N N N N N KILL +14-reset x86_64 2-350 N N N N N N KILL + +test type: bpf-sim-fuzz + +# Testname StressCount +14-reset 150 diff --git a/tests/Makefile b/tests/Makefile index 99cba86..10333c0 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -48,7 +48,8 @@ TESTS = 01-allow \ 10-syscall-priority-post \ 11-basic-errors \ 12-basic-masked-ops \ - 13-attrs + 13-attrs \ + 14-reset DEPS_OBJS = $(OBJS:%.o=%.d) DEPS_TESTS = $(TESTS:%=%.d) ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ libseccomp-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libseccomp-discuss
