mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
test: add tests for seccomp_suppress_sync()
This commit is contained in:
parent
144fbbac23
commit
c07e10628b
@ -18,6 +18,7 @@
|
||||
#include "capability-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
#include "fs-util.h"
|
||||
#include "macro.h"
|
||||
#include "memory-util.h"
|
||||
#include "missing_sched.h"
|
||||
@ -1229,4 +1230,55 @@ TEST(restrict_suid_sgid) {
|
||||
assert_se(wait_for_terminate_and_check("suidsgidseccomp", pid, WAIT_LOG) == EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
static void test_seccomp_suppress_sync_child(void) {
|
||||
_cleanup_(unlink_and_freep) char *path = NULL;
|
||||
_cleanup_close_ int fd = -EBADF;
|
||||
|
||||
ASSERT_OK(tempfn_random("/tmp/seccomp_suppress_sync", NULL, &path));
|
||||
ASSERT_OK_ERRNO(fd = open(path, O_RDWR | O_CREAT | O_SYNC | O_CLOEXEC, 0666));
|
||||
fd = safe_close(fd);
|
||||
|
||||
ASSERT_ERROR_ERRNO(fdatasync(-1), EBADF);
|
||||
ASSERT_ERROR_ERRNO(fsync(-1), EBADF);
|
||||
ASSERT_ERROR_ERRNO(syncfs(-1), EBADF);
|
||||
|
||||
ASSERT_ERROR_ERRNO(fdatasync(INT_MAX), EBADF);
|
||||
ASSERT_ERROR_ERRNO(fsync(INT_MAX), EBADF);
|
||||
ASSERT_ERROR_ERRNO(syncfs(INT_MAX), EBADF);
|
||||
|
||||
ASSERT_OK(seccomp_suppress_sync());
|
||||
|
||||
ASSERT_ERROR_ERRNO(fd = open(path, O_RDWR | O_CREAT | O_SYNC | O_CLOEXEC, 0666), EINVAL);
|
||||
|
||||
ASSERT_OK_ERRNO(fdatasync(INT_MAX));
|
||||
ASSERT_OK_ERRNO(fsync(INT_MAX));
|
||||
ASSERT_OK_ERRNO(syncfs(INT_MAX));
|
||||
|
||||
ASSERT_ERROR_ERRNO(fdatasync(-1), EBADF);
|
||||
ASSERT_ERROR_ERRNO(fsync(-1), EBADF);
|
||||
ASSERT_ERROR_ERRNO(syncfs(-1), EBADF);
|
||||
}
|
||||
|
||||
TEST(seccomp_suppress_sync) {
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
if (!have_seccomp_privs()) {
|
||||
log_notice("Not privileged, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
ASSERT_OK_ERRNO(pid = fork());
|
||||
|
||||
if (pid == 0) {
|
||||
test_seccomp_suppress_sync_child();
|
||||
_exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
ASSERT_EQ(wait_for_terminate_and_check("seccomp_suppress_sync", pid, WAIT_LOG), EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
DEFINE_TEST_MAIN(LOG_DEBUG);
|
||||
|
Loading…
Reference in New Issue
Block a user