From: Dmitry V. Levin Date: Mon, 11 Apr 2016 15:06:28 +0000 (+0000) Subject: tests: add prctl-seccomp-strict.test X-Git-Tag: v4.12~432 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c1aa7373253ea99059dc5e29159a15a3c3340fd7;p=strace tests: add prctl-seccomp-strict.test * tests/prctl-seccomp-strict.c: New file. * tests/prctl-seccomp-strict.test: New test. * tests/.gitignore: Add prctl-seccomp-strict. * tests/Makefile.am (check_PROGRAMS): Likewise. (DECODER_TESTS): Add prctl-seccomp-strict.test. --- diff --git a/tests/.gitignore b/tests/.gitignore index e9dc19b0..222255f1 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -100,6 +100,7 @@ personality pipe poll ppoll +prctl-seccomp-strict pread64-pwrite64 preadv preadv-pwritev diff --git a/tests/Makefile.am b/tests/Makefile.am index f702f60d..183ff7c7 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -149,6 +149,7 @@ check_PROGRAMS = \ pipe \ poll \ ppoll \ + prctl-seccomp-strict \ pread64-pwrite64 \ preadv \ preadv-pwritev \ @@ -346,6 +347,7 @@ DECODER_TESTS = \ pipe.test \ poll.test \ ppoll.test \ + prctl-seccomp-strict.test \ pread64-pwrite64.test \ preadv-pwritev.test \ preadv.test \ diff --git a/tests/prctl-seccomp-strict.c b/tests/prctl-seccomp-strict.c new file mode 100644 index 00000000..22db3949 --- /dev/null +++ b/tests/prctl-seccomp-strict.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2016 Dmitry V. Levin + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "tests.h" +#include +#ifdef HAVE_PRCTL +# include +#endif + +#if defined HAVE_PRCTL && defined PR_SET_SECCOMP && defined __NR_exit + +# include +# include +# include +# include + +int +main(void) +{ + static const char text1[] = + "prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT) = 0\n"; + static const char text2[] = "+++ exited with 0 +++\n"; + int rc = 0; + + assert(prctl(PR_SET_SECCOMP, -1L, 1, 2, 3) == -1); + printf("prctl(PR_SET_SECCOMP, %#x /* SECCOMP_MODE_??? */, 0x1, 0x2, 0x3)" + " = -1 %s (%m)\n", -1, ENOSYS == errno ? "ENOSYS" : "EINVAL"); + fflush(stdout); + + if (prctl(PR_SET_SECCOMP, 1)) { + printf("prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT) = -1 %s (%m)\n", + ENOSYS == errno ? "ENOSYS" : "EINVAL"); + fflush(stdout); + } else { + rc += write(1, text1, LENGTH_OF(text1)) != LENGTH_OF(text1); + } + + rc += write(1, text2, LENGTH_OF(text2)) != LENGTH_OF(text2); + return !!syscall(__NR_exit, rc); +} + +#else + +SKIP_MAIN_UNDEFINED("HAVE_PRCTL && PR_SET_SECCOMP && __NR_exit") + +#endif diff --git a/tests/prctl-seccomp-strict.test b/tests/prctl-seccomp-strict.test new file mode 100755 index 00000000..4ce97240 --- /dev/null +++ b/tests/prctl-seccomp-strict.test @@ -0,0 +1,6 @@ +#!/bin/sh + +# Check how prctl PR_SET_SECCOMP SECCOMP_MODE_STRICT is decoded. + +. "${srcdir=.}/init.sh" +run_strace_match_diff -e trace=prctl