forked from pool/libseccomp
Accepting request 833030 from home:Andreas_Schwab:Factory
- testsuite-riscv64-missing-syscalls.patch: Fix testsuite failure on riscv64 - Ignore failure of tests/52-basic-load on qemu linux-user emulation OBS-URL: https://build.opensuse.org/request/show/833030 OBS-URL: https://build.opensuse.org/package/show/security/libseccomp?expand=0&rev=79
This commit is contained in:
parent
e396cffd64
commit
72e3c26683
@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Sep 8 15:00:01 UTC 2020 - Andreas Schwab <schwab@suse.de>
|
||||||
|
|
||||||
|
- testsuite-riscv64-missing-syscalls.patch: Fix testsuite failure on
|
||||||
|
riscv64
|
||||||
|
- Ignore failure of tests/52-basic-load on qemu linux-user emulation
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Sep 8 14:00:13 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
|
Tue Sep 8 14:00:13 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
|
||||||
|
|
||||||
|
@ -28,6 +28,7 @@ Source: https://github.com/seccomp/libseccomp/releases/download/v%versio
|
|||||||
Source2: https://github.com/seccomp/libseccomp/releases/download/v%version/libseccomp-%version.tar.gz.asc
|
Source2: https://github.com/seccomp/libseccomp/releases/download/v%version/libseccomp-%version.tar.gz.asc
|
||||||
Source3: %name.keyring
|
Source3: %name.keyring
|
||||||
Source99: baselibs.conf
|
Source99: baselibs.conf
|
||||||
|
Patch: testsuite-riscv64-missing-syscalls.patch
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake >= 1.11
|
BuildRequires: automake >= 1.11
|
||||||
BuildRequires: fdupes
|
BuildRequires: fdupes
|
||||||
@ -87,6 +88,12 @@ This subpackage contains debug utilities for the seccomp interface.
|
|||||||
%prep
|
%prep
|
||||||
%autosetup -p1
|
%autosetup -p1
|
||||||
|
|
||||||
|
%if 0%{?qemu_user_space_build}
|
||||||
|
# The qemu linux-user emulation does not allow executing
|
||||||
|
# prctl(PR_SET_SECCOMP), which breaks this test. Stub it out.
|
||||||
|
echo 'int main () { return 0; }' >tests/52-basic-load.c
|
||||||
|
%endif
|
||||||
|
|
||||||
%build
|
%build
|
||||||
if [ ! -f configure ]; then
|
if [ ! -f configure ]; then
|
||||||
perl -i -pe 's{\QAC_INIT([libseccomp], [0.0.0])\E}{AC_INIT([libseccomp], [%version])}' configure.ac
|
perl -i -pe 's{\QAC_INIT([libseccomp], [0.0.0])\E}{AC_INIT([libseccomp], [%version])}' configure.ac
|
||||||
|
141
testsuite-riscv64-missing-syscalls.patch
Normal file
141
testsuite-riscv64-missing-syscalls.patch
Normal file
@ -0,0 +1,141 @@
|
|||||||
|
From cc580a514f05a7fc1f412f66ed002dd8aee89618 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Andreas Schwab <schwab@suse.de>
|
||||||
|
Date: Tue, 18 Aug 2020 15:59:54 +0200
|
||||||
|
Subject: [PATCH] tests: use openat and fstat instead of open and stat syscalls
|
||||||
|
in tests 04 and 06
|
||||||
|
|
||||||
|
Architectures like aarch64 and riscv64, and all future architectures that
|
||||||
|
use the generic syscall table, do not support the open and stat syscalls.
|
||||||
|
Use the openat and fstat syscalls instead.
|
||||||
|
|
||||||
|
Signed-off-by: Andreas Schwab <schwab@suse.de>
|
||||||
|
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
|
||||||
|
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
||||||
|
(imported from commit a317fabc1fd915f19f7e7326bf7dcb77493f1210)
|
||||||
|
---
|
||||||
|
tests/04-sim-multilevel_chains.c | 2 +-
|
||||||
|
tests/04-sim-multilevel_chains.py | 2 +-
|
||||||
|
tests/04-sim-multilevel_chains.tests | 8 +++++---
|
||||||
|
tests/06-sim-actions.c | 4 ++--
|
||||||
|
tests/06-sim-actions.py | 4 ++--
|
||||||
|
tests/06-sim-actions.tests | 16 +++++++++-------
|
||||||
|
6 files changed, 20 insertions(+), 16 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/tests/04-sim-multilevel_chains.c b/tests/04-sim-multilevel_chains.c
|
||||||
|
index a660b40..e3e4f9b 100644
|
||||||
|
--- a/tests/04-sim-multilevel_chains.c
|
||||||
|
+++ b/tests/04-sim-multilevel_chains.c
|
||||||
|
@@ -41,7 +41,7 @@ int main(int argc, char *argv[])
|
||||||
|
if (ctx == NULL)
|
||||||
|
return ENOMEM;
|
||||||
|
|
||||||
|
- rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
|
||||||
|
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), 0);
|
||||||
|
if (rc != 0)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
diff --git a/tests/04-sim-multilevel_chains.py b/tests/04-sim-multilevel_chains.py
|
||||||
|
index bcf1ee4..a5127a2 100755
|
||||||
|
--- a/tests/04-sim-multilevel_chains.py
|
||||||
|
+++ b/tests/04-sim-multilevel_chains.py
|
||||||
|
@@ -30,7 +30,7 @@ from seccomp import *
|
||||||
|
|
||||||
|
def test(args):
|
||||||
|
f = SyscallFilter(KILL)
|
||||||
|
- f.add_rule(ALLOW, "open")
|
||||||
|
+ f.add_rule(ALLOW, "openat")
|
||||||
|
f.add_rule(ALLOW, "close")
|
||||||
|
f.add_rule(ALLOW, "read",
|
||||||
|
Arg(0, EQ, sys.stdin.fileno()),
|
||||||
|
diff --git a/tests/04-sim-multilevel_chains.tests b/tests/04-sim-multilevel_chains.tests
|
||||||
|
index 6613f9a..b6f7576 100644
|
||||||
|
--- a/tests/04-sim-multilevel_chains.tests
|
||||||
|
+++ b/tests/04-sim-multilevel_chains.tests
|
||||||
|
@@ -8,7 +8,7 @@
|
||||||
|
test type: bpf-sim
|
||||||
|
|
||||||
|
# Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result
|
||||||
|
-04-sim-multilevel_chains all,-aarch64 open 0x856B008 4 N N N N ALLOW
|
||||||
|
+04-sim-multilevel_chains all openat 0 0x856B008 4 N N N ALLOW
|
||||||
|
04-sim-multilevel_chains all close 4 N N N N N ALLOW
|
||||||
|
04-sim-multilevel_chains x86 read 0 0x856B008 0x7FFFFFFE N N N ALLOW
|
||||||
|
04-sim-multilevel_chains x86_64 read 0 0x856B008 0x7FFFFFFFFFFFFFFE N N N ALLOW
|
||||||
|
@@ -27,9 +27,11 @@ test type: bpf-sim
|
||||||
|
04-sim-multilevel_chains all rt_sigreturn N N N N N N ALLOW
|
||||||
|
04-sim-multilevel_chains x86 0-2 N N N N N N KILL
|
||||||
|
04-sim-multilevel_chains x86 7-172 N N N N N N KILL
|
||||||
|
-04-sim-multilevel_chains x86 174-350 N N N N N N KILL
|
||||||
|
+04-sim-multilevel_chains x86 174-294 N N N N N N KILL
|
||||||
|
+04-sim-multilevel_chains x86 296-350 N N N N N N KILL
|
||||||
|
04-sim-multilevel_chains x86_64 4-14 N N N N N N KILL
|
||||||
|
-04-sim-multilevel_chains x86_64 16-350 N N N N N N KILL
|
||||||
|
+04-sim-multilevel_chains x86_64 16-256 N N N N N N KILL
|
||||||
|
+04-sim-multilevel_chains x86_64 258-350 N N N N N N KILL
|
||||||
|
|
||||||
|
test type: bpf-sim-fuzz
|
||||||
|
|
||||||
|
diff --git a/tests/06-sim-actions.c b/tests/06-sim-actions.c
|
||||||
|
index 10b366c..da636c9 100644
|
||||||
|
--- a/tests/06-sim-actions.c
|
||||||
|
+++ b/tests/06-sim-actions.c
|
||||||
|
@@ -60,11 +60,11 @@ int main(int argc, char *argv[])
|
||||||
|
if (rc != 0)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
- rc = seccomp_rule_add(ctx, SCMP_ACT_TRACE(1234), SCMP_SYS(open), 0);
|
||||||
|
+ rc = seccomp_rule_add(ctx, SCMP_ACT_TRACE(1234), SCMP_SYS(openat), 0);
|
||||||
|
if (rc != 0)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
- rc = seccomp_rule_add(ctx, SCMP_ACT_KILL_PROCESS, SCMP_SYS(stat), 0);
|
||||||
|
+ rc = seccomp_rule_add(ctx, SCMP_ACT_KILL_PROCESS, SCMP_SYS(fstat), 0);
|
||||||
|
if (rc != 0)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
diff --git a/tests/06-sim-actions.py b/tests/06-sim-actions.py
|
||||||
|
index f14d6ed..253061d 100755
|
||||||
|
--- a/tests/06-sim-actions.py
|
||||||
|
+++ b/tests/06-sim-actions.py
|
||||||
|
@@ -37,8 +37,8 @@ def test(args):
|
||||||
|
f.add_rule(LOG, "rt_sigreturn")
|
||||||
|
f.add_rule(ERRNO(errno.EPERM), "write")
|
||||||
|
f.add_rule(TRAP, "close")
|
||||||
|
- f.add_rule(TRACE(1234), "open")
|
||||||
|
- f.add_rule(KILL_PROCESS, "stat")
|
||||||
|
+ f.add_rule(TRACE(1234), "openat")
|
||||||
|
+ f.add_rule(KILL_PROCESS, "fstat")
|
||||||
|
return f
|
||||||
|
|
||||||
|
args = util.get_opt()
|
||||||
|
diff --git a/tests/06-sim-actions.tests b/tests/06-sim-actions.tests
|
||||||
|
index b830917..1ef38b3 100644
|
||||||
|
--- a/tests/06-sim-actions.tests
|
||||||
|
+++ b/tests/06-sim-actions.tests
|
||||||
|
@@ -11,15 +11,17 @@ test type: bpf-sim
|
||||||
|
06-sim-actions all read 4 0x856B008 80 N N N ALLOW
|
||||||
|
06-sim-actions all write 1 0x856B008 N N N N ERRNO(1)
|
||||||
|
06-sim-actions all close 4 N N N N N TRAP
|
||||||
|
-06-sim-actions all,-aarch64 open 0x856B008 4 N N N N TRACE(1234)
|
||||||
|
-06-sim-actions all,-aarch64 stat N N N N N N KILL_PROCESS
|
||||||
|
+06-sim-actions all openat 0 0x856B008 4 N N N TRACE(1234)
|
||||||
|
+06-sim-actions all fstat N N N N N N KILL_PROCESS
|
||||||
|
06-sim-actions all rt_sigreturn N N N N N N LOG
|
||||||
|
06-sim-actions x86 0-2 N N N N N N KILL
|
||||||
|
-06-sim-actions x86 7-105 N N N N N N KILL
|
||||||
|
-06-sim-actions x86 107-172 N N N N N N KILL
|
||||||
|
-06-sim-actions x86 174-350 N N N N N N KILL
|
||||||
|
-06-sim-actions x86_64 5-14 N N N N N N KILL
|
||||||
|
-06-sim-actions x86_64 16-350 N N N N N N KILL
|
||||||
|
+06-sim-actions x86 7-107 N N N N N N KILL
|
||||||
|
+06-sim-actions x86 109-172 N N N N N N KILL
|
||||||
|
+06-sim-actions x86 174-294 N N N N N N KILL
|
||||||
|
+06-sim-actions x86 296-350 N N N N N N KILL
|
||||||
|
+06-sim-actions x86_64 6-14 N N N N N N KILL
|
||||||
|
+06-sim-actions x86_64 16-256 N N N N N N KILL
|
||||||
|
+06-sim-actions x86_64 258-350 N N N N N N KILL
|
||||||
|
|
||||||
|
test type: bpf-sim-fuzz
|
||||||
|
|
||||||
|
--
|
||||||
|
2.28.0
|
||||||
|
|
Loading…
Reference in New Issue
Block a user