[PATCH RFC 4/4] tests: add check for seccomp-assisted syscall filtering

Paul Chaignon paul.chaignon at gmail.com
Sat Jul 13 10:25:10 UTC 2019 

From: Chen Jingpiao <chenjingpiao at gmail.com>

* tests/init.sh (test_prog_set): New function.
* tests/filter_seccomp.in: New file.
* tests/Makefile.am (EXTRA_DIST): Add filter_seccomp.in.
* tests/gen_tests.in: Add threads-execve test with -n and filter_seccomp
test_prog_set.

Co-authored-by: Paul Chaignon <paul.chaignon at gmail.com>
---
 tests/Makefile.am       | 1 +
 tests/filter_seccomp.in | 2 ++
 tests/gen_tests.in      | 2 ++
 tests/init.sh           | 5 +++++
 4 files changed, 10 insertions(+)
 create mode 100644 tests/filter_seccomp.in

diff --git a/tests/Makefile.am b/tests/Makefile.am
index ab2ae78d..1a456e22 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -392,6 +392,7 @@ EXTRA_DIST = \
 	eventfd.expected \
 	fadvise.h \
 	fcntl-common.c \
+	filter_seccomp.in \
 	filter-unavailable.expected \
 	fstatat.c \
 	fstatx.c \
diff --git a/tests/filter_seccomp.in b/tests/filter_seccomp.in
new file mode 100644
index 00000000..683ab9d2
--- /dev/null
+++ b/tests/filter_seccomp.in
@@ -0,0 +1,2 @@
+fork-f	-a26 -qq -f -e signal=none -e trace=chdir
+vfork-f	-a26 -qq -f -e signal=none -e trace=chdir
diff --git a/tests/gen_tests.in b/tests/gen_tests.in
index f90910f1..31436d3e 100644
--- a/tests/gen_tests.in
+++ b/tests/gen_tests.in
@@ -65,6 +65,7 @@ fcntl64	-a8
 fdatasync	-a14
 file_handle	-e trace=name_to_handle_at,open_by_handle_at
 file_ioctl	+ioctl.test
+filter_seccomp test_prog_set -n
 finit_module	-a25
 flock	-a19
 fork-f	-a26 -qq -f -e signal=none -e trace=chdir
@@ -500,6 +501,7 @@ sync_file_range2
 sysinfo	-a14
 syslog	-a36
 tee
+threads-execve +threads-execve.test -n
 time	-a10
 timer_create
 timer_xettime	-e trace=timer_create,timer_settime,timer_gettime
diff --git a/tests/init.sh b/tests/init.sh
index 40e62188..4cd2d153 100644
--- a/tests/init.sh
+++ b/tests/init.sh
@@ -324,6 +324,11 @@ test_trace_expr()
 		< negative.list
 }
 
+test_prog_set()
+{
+	test_pure_prog_set "$@" < "$srcdir/$NAME.in"
+}
+
 check_prog cat
 check_prog rm
 
-- 
2.17.1

More information about the Strace-devel mailing list