strace/tests/seccomp-filter.c

/*
 * Check decoding of seccomp SECCOMP_SET_MODE_FILTER.
 *
 * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "tests.h"

#include <stdio.h>
#include <asm/unistd.h>
#include <unistd.h>

#ifdef HAVE_LINUX_SECCOMP_H
# include <linux/seccomp.h>
#endif
#ifdef HAVE_LINUX_FILTER_H
# include <linux/filter.h>
#endif

#if defined __NR_seccomp && defined SECCOMP_SET_MODE_FILTER

# define N 7

int
main(void)
{
	struct sock_filter *const filter = tail_alloc(sizeof(*filter) * N);
	const void *const efault = tail_alloc(1);
	struct sock_fprog *const prog = tail_alloc(sizeof(*prog));
	long rc;

	prog->filter = filter;
	prog->len = N;
	rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -1, prog);
	printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, {len=%u, filter=%p})"
	       " = %ld %s (%m)\n", "SECCOMP_FILTER_FLAG_TSYNC|0xfffffffe",
	       prog->len, prog->filter, rc, errno2name());

	rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -2L, efault);
	printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, %p) = %ld %s (%m)\n",
	       "0xfffffffe /* SECCOMP_FILTER_FLAG_??? */",
	       efault, rc, errno2name());

	puts("+++ exited with 0 +++");
	return 0;
}

#else

SKIP_MAIN_UNDEFINED("__NR_seccomp && SECCOMP_SET_MODE_FILTER")

#endif
tests: add seccomp-filter.test * tests/seccomp-filter.c: New file. * tests/seccomp-filter.test: New test. * tests/.gitignore: Add seccomp-filter. * tests/Makefile.am (check_PROGRAMS): Likewise. (DECODER_TESTS): Add seccomp-filter.test. 2016-04-12 00:20:03 +00:00			`/*`
			`* Check decoding of seccomp SECCOMP_SET_MODE_FILTER.`
			`*`
			`* Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org>`
			`* All rights reserved.`
			`*`
			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted provided that the following conditions`
			`* are met:`
			`* 1. Redistributions of source code must retain the above copyright`
			`* notice, this list of conditions and the following disclaimer.`
			`* 2. Redistributions in binary form must reproduce the above copyright`
			`* notice, this list of conditions and the following disclaimer in the`
			`* documentation and/or other materials provided with the distribution.`
			`* 3. The name of the author may not be used to endorse or promote products`
			`* derived from this software without specific prior written permission.`
			`*`
			* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
			`* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES`
			`* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.`
			`* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,`
			`* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT`
			`* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,`
			`* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY`
			`* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT`
			`* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF`
			`* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`
			`*/`

			`#include "tests.h"`

			`#include <stdio.h>`
Use <asm/unistd.h> instead of <sys/syscall.h> There are no users of SYS_* macros provided by <sys/syscall.h>, and definitions of __NR_* macros could be obtained directly from <asm/unistd.h>. * defs.h: Include <asm/unistd.h> instead of <sys/syscall.h>. * test/seccomp.c: Likewise. * test/threaded_execve.c: Likewise. * test/x32_lseek.c: Likewise. * test/x32_mmap.c: Likewise. * tests/_newselect.c: Likewise. * tests/access.c: Likewise. * tests/acct.c: Likewise. * tests/aio.c: Likewise. * tests/alarm.c: Likewise. * tests/attach-f-p.c: Likewise. * tests/bpf.c: Likewise. * tests/brk.c: Likewise. * tests/chmod.c: Likewise. * tests/chown.c: Likewise. * tests/chown32.c: Likewise. * tests/chroot.c: Likewise. * tests/clock_adjtime.c: Likewise. * tests/clock_nanosleep.c: Likewise. * tests/clock_xettime.c: Likewise. * tests/copy_file_range.c: Likewise. * tests/creat.c: Likewise. * tests/dup2.c: Likewise. * tests/dup3.c: Likewise. * tests/epoll_create.c: Likewise. * tests/epoll_create1.c: Likewise. * tests/epoll_ctl.c: Likewise. * tests/epoll_pwait.c: Likewise. * tests/epoll_wait.c: Likewise. * tests/eventfd.c: Likewise. * tests/execveat.c: Likewise. * tests/faccessat.c: Likewise. * tests/fchdir.c: Likewise. * tests/fchmod.c: Likewise. * tests/fchmodat.c: Likewise. * tests/fchown.c: Likewise. * tests/fchown32.c: Likewise. * tests/fchownat.c: Likewise. * tests/fcntl.c: Likewise. * tests/fcntl64.c: Likewise. * tests/fdatasync.c: Likewise. * tests/flock.c: Likewise. * tests/fstat.c: Likewise. * tests/fstat64.c: Likewise. * tests/fstatat64.c: Likewise. * tests/fstatfs.c: Likewise. * tests/fstatfs64.c: Likewise. * tests/fsync.c: Likewise. * tests/ftruncate.c: Likewise. * tests/ftruncate64.c: Likewise. * tests/futimesat.c: Likewise. * tests/get_mempolicy.c: Likewise. * tests/getcwd.c: Likewise. * tests/getdents.c: Likewise. * tests/getdents64.c: Likewise. * tests/getegid.c: Likewise. * tests/getegid32.c: Likewise. * tests/geteuid.c: Likewise. * tests/geteuid32.c: Likewise. * tests/getgid.c: Likewise. * tests/getgid32.c: Likewise. * tests/getgroups.c: Likewise. * tests/getgroups32.c: Likewise. * tests/getpgrp.c: Likewise. * tests/getrandom.c: Likewise. * tests/getresgid.c: Likewise. * tests/getresgid32.c: Likewise. * tests/getresuid.c: Likewise. * tests/getresuid32.c: Likewise. * tests/getrlimit.c: Likewise. * tests/getrusage.c: Likewise. * tests/getuid.c: Likewise. * tests/getuid32.c: Likewise. * tests/getxxid.c: Likewise. * tests/ioctl_uffdio.c: Likewise. * tests/ioperm.c: Likewise. * tests/iopl.c: Likewise. * tests/ipc.c: Likewise. * tests/kill.c: Likewise. * tests/lchown.c: Likewise. * tests/lchown32.c: Likewise. * tests/libmmsg.c: Likewise. * tests/libsocketcall.c: Likewise. * tests/link.c: Likewise. * tests/linkat.c: Likewise. * tests/llseek.c: Likewise. * tests/lseek.c: Likewise. * tests/lstat.c: Likewise. * tests/lstat64.c: Likewise. * tests/mbind.c: Likewise. * tests/membarrier.c: Likewise. * tests/memfd_create.c: Likewise. * tests/migrate_pages.c: Likewise. * tests/mkdir.c: Likewise. * tests/mkdirat.c: Likewise. * tests/mknod.c: Likewise. * tests/mknodat.c: Likewise. * tests/mlock.c: Likewise. * tests/mlock2.c: Likewise. * tests/move_pages.c: Likewise. * tests/newfstatat.c: Likewise. * tests/nsyscalls.c: Likewise. * tests/old_mmap.c: Likewise. * tests/oldselect.c: Likewise. * tests/open.c: Likewise. * tests/openat.c: Likewise. * tests/pause.c: Likewise. * tests/poll.c: Likewise. * tests/prctl-seccomp-filter-v.c: Likewise. * tests/prctl-seccomp-strict.c: Likewise. * tests/preadv2-pwritev2.c: Likewise. * tests/prlimit64.c: Likewise. * tests/pselect6.c: Likewise. * tests/ptrace.c: Likewise. * tests/readdir.c: Likewise. * tests/readlink.c: Likewise. * tests/readlinkat.c: Likewise. * tests/reboot.c: Likewise. * tests/remap_file_pages.c: Likewise. * tests/rename.c: Likewise. * tests/renameat.c: Likewise. * tests/renameat2.c: Likewise. * tests/rmdir.c: Likewise. * tests/rt_sigpending.c: Likewise. * tests/rt_sigprocmask.c: Likewise. * tests/rt_sigsuspend.c: Likewise. * tests/rt_sigtimedwait.c: Likewise. * tests/rt_tgsigqueueinfo.c: Likewise. * tests/sched_get_priority_mxx.c: Likewise. * tests/sched_rr_get_interval.c: Likewise. * tests/sched_xetaffinity.c: Likewise. * tests/sched_xetattr.c: Likewise. * tests/sched_xetparam.c: Likewise. * tests/sched_xetscheduler.c: Likewise. * tests/sched_yield.c: Likewise. * tests/seccomp-filter-v.c: Likewise. * tests/seccomp-filter.c: Likewise. * tests/seccomp-strict.c: Likewise. * tests/select.c: Likewise. * tests/sendfile.c: Likewise. * tests/sendfile64.c: Likewise. * tests/set_mempolicy.c: Likewise. * tests/setdomainname.c: Likewise. * tests/setfsgid.c: Likewise. * tests/setfsgid32.c: Likewise. * tests/setfsuid.c: Likewise. * tests/setfsuid32.c: Likewise. * tests/setgid.c: Likewise. * tests/setgid32.c: Likewise. * tests/setgroups.c: Likewise. * tests/setgroups32.c: Likewise. * tests/sethostname.c: Likewise. * tests/setregid.c: Likewise. * tests/setregid32.c: Likewise. * tests/setresgid.c: Likewise. * tests/setresgid32.c: Likewise. * tests/setresuid.c: Likewise. * tests/setresuid32.c: Likewise. * tests/setreuid.c: Likewise. * tests/setreuid32.c: Likewise. * tests/setrlimit.c: Likewise. * tests/setuid.c: Likewise. * tests/setuid32.c: Likewise. * tests/signalfd4.c: Likewise. * tests/socketcall.c: Likewise. * tests/splice.c: Likewise. * tests/stat.c: Likewise. * tests/stat64.c: Likewise. * tests/statfs.c: Likewise. * tests/statfs64.c: Likewise. * tests/swap.c: Likewise. * tests/symlink.c: Likewise. * tests/symlinkat.c: Likewise. * tests/sync.c: Likewise. * tests/sync_file_range.c: Likewise. * tests/sync_file_range2.c: Likewise. * tests/syslog.c: Likewise. * tests/tee.c: Likewise. * tests/time.c: Likewise. * tests/timer_create.c: Likewise. * tests/timer_xettime.c: Likewise. * tests/timerfd_xettime.c: Likewise. * tests/times-fail.c: Likewise. * tests/times.c: Likewise. * tests/truncate.c: Likewise. * tests/truncate64.c: Likewise. * tests/ugetrlimit.c: Likewise. * tests/umount.c: Likewise. * tests/umount2.c: Likewise. * tests/uname.c: Likewise. * tests/unix-pair-send-recv.c: Likewise. * tests/unlink.c: Likewise. * tests/unlinkat.c: Likewise. * tests/userfaultfd.c: Likewise. * tests/utimes.c: Likewise. * tests/vhangup.c: Likewise. * tests/vmsplice.c: Likewise. * tests/waitid.c: Likewise. * tests/waitpid.c: Likewise. * tests/xet_robust_list.c: Likewise. * tests/xetpgid.c: Likewise. * tests/xetpriority.c: Likewise. * tests/xettimeofday.c: Likewise. 2016-08-09 14:38:29 +00:00			`#include <asm/unistd.h>`
tests: add seccomp-filter.test * tests/seccomp-filter.c: New file. * tests/seccomp-filter.test: New test. * tests/.gitignore: Add seccomp-filter. * tests/Makefile.am (check_PROGRAMS): Likewise. (DECODER_TESTS): Add seccomp-filter.test. 2016-04-12 00:20:03 +00:00			`#include <unistd.h>`

			`#ifdef HAVE_LINUX_SECCOMP_H`
			`# include <linux/seccomp.h>`
			`#endif`
			`#ifdef HAVE_LINUX_FILTER_H`
			`# include <linux/filter.h>`
			`#endif`

			`#if defined __NR_seccomp && defined SECCOMP_SET_MODE_FILTER`

			`# define N 7`

			`int`
			`main(void)`
			`{`
			`struct sock_filter const filter = tail_alloc(sizeof(filter) * N);`
			`const void *const efault = tail_alloc(1);`
			`struct sock_fprog const prog = tail_alloc(sizeof(prog));`
tests/seccomp-filter.c: cleanup * tests/seccomp-filter.c (main): Use errno2name, stop using assert. 2016-04-21 21:19:30 +00:00			`long rc;`
tests: add seccomp-filter.test * tests/seccomp-filter.c: New file. * tests/seccomp-filter.test: New test. * tests/.gitignore: Add seccomp-filter. * tests/Makefile.am (check_PROGRAMS): Likewise. (DECODER_TESTS): Add seccomp-filter.test. 2016-04-12 00:20:03 +00:00
			`prog->filter = filter;`
			`prog->len = N;`
tests/seccomp-filter.c: cleanup * tests/seccomp-filter.c (main): Use errno2name, stop using assert. 2016-04-21 21:19:30 +00:00			`rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -1, prog);`
tests: add seccomp-filter.test * tests/seccomp-filter.c: New file. * tests/seccomp-filter.test: New test. * tests/.gitignore: Add seccomp-filter. * tests/Makefile.am (check_PROGRAMS): Likewise. (DECODER_TESTS): Add seccomp-filter.test. 2016-04-12 00:20:03 +00:00			`printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, {len=%u, filter=%p})"`
tests/seccomp-filter.c: cleanup * tests/seccomp-filter.c (main): Use errno2name, stop using assert. 2016-04-21 21:19:30 +00:00			`" = %ld %s (%m)\n", "SECCOMP_FILTER_FLAG_TSYNC\|0xfffffffe",`
			`prog->len, prog->filter, rc, errno2name());`
tests: add seccomp-filter.test * tests/seccomp-filter.c: New file. * tests/seccomp-filter.test: New test. * tests/.gitignore: Add seccomp-filter. * tests/Makefile.am (check_PROGRAMS): Likewise. (DECODER_TESTS): Add seccomp-filter.test. 2016-04-12 00:20:03 +00:00
tests/seccomp-filter.c: cleanup * tests/seccomp-filter.c (main): Use errno2name, stop using assert. 2016-04-21 21:19:30 +00:00			`rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -2L, efault);`
			`printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, %p) = %ld %s (%m)\n",`
			`"0xfffffffe /* SECCOMP_FILTER_FLAG_??? */",`
			`efault, rc, errno2name());`
tests: add seccomp-filter.test * tests/seccomp-filter.c: New file. * tests/seccomp-filter.test: New test. * tests/.gitignore: Add seccomp-filter. * tests/Makefile.am (check_PROGRAMS): Likewise. (DECODER_TESTS): Add seccomp-filter.test. 2016-04-12 00:20:03 +00:00
			`puts("+++ exited with 0 +++");`
			`return 0;`
			`}`

			`#else`

			`SKIP_MAIN_UNDEFINED("__NR_seccomp && SECCOMP_SET_MODE_FILTER")`

			`#endif`