On Fri, Aug 11, 2017 at 4:31 PM, Tyler Hicks <tyhi...@canonical.com> wrote: > I had forgotten about an aspect of this problem. We'll want to test new > return actions in the simulated BPF tests but it won't be possible > because the seccomp(2) syscall will return ENOSYS under valgrind (under > both old and new kernels). For example, the following change breaks the > bpf-valgrind test of 06-sim-actions even when running under a kernel > that supports the new return action: > > https://github.com/tyhicks/libseccomp/commit/2d0b7648a86a33b983d76b91055b22195887080c
That's a simulated test, not a live test, why is the seccomp() syscall being called at all? I think we have a disconnect somewhere ... > I'm convinced that we're going to need a way for the tests to tell > libseccomp to skip the kernel compatibility checks but don't know how to > do it cleanly. I think we just need to make sure that the live tests don't do anything that isn't backwards compatible. The simulated tests obviously don't need that same restriction since they aren't ever loaded into the kernel. -- paul moore www.paul-moore.com -- You received this message because you are subscribed to the Google Groups "libseccomp" group. To unsubscribe from this group and stop receiving emails from it, send an email to libseccomp+unsubscr...@googlegroups.com. To post to this group, send email to libseccomp@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
