tests: introduce a simple seccomp_load() test as part of the non-live…

… tests

This is a bit controversial as historically we've refrained from
doing any tests that rely on the host kernel in the non-live tests,
but I think enough time has past that we can do a simple
seccomp_load() and not break the world's build/test platforms.

The obvious big advantage is we are now testing the basic
prctl()/seccomp() filter load infrastructure as part of the main
regression test run.

Signed-off-by: Paul Moore <[email protected]>

tests/.gitignore

@@ -57,3 +57,4 @@ util.pyc
 49-sim-64b_comparisons
 50-sim-hash_collision
 51-live-user_notification
+52-basic-load

tests/52-basic-load.c

@@ -0,0 +1,48 @@
+/**
+ * Seccomp Library test program
+ *
+ * Copyright (c) 2019 Cisco Systems, Inc. <[email protected]>
+ * Author: Paul Moore <[email protected]>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <errno.h>
+#include <unistd.h>
+
+#include <seccomp.h>
+
+#include "util.h"
+
+int main(int argc, char *argv[])
+{
+ int rc;
+ struct util_options opts;
+ scmp_filter_ctx ctx = NULL;
+
+ rc = util_getopt(argc, argv, &opts);
+ if (rc < 0)
+ goto out;
+
+ ctx = seccomp_init(SCMP_ACT_ALLOW);
+ if (ctx == NULL)
+ return ENOMEM;
+
+ rc = seccomp_load(ctx);
+
+out:
+ seccomp_release(ctx);
+ return (rc < 0 ? -rc : rc);
+}

tests/52-basic-load.py

@@ -0,0 +1,38 @@
+#!/usr/bin/env python
+
+#
+# Seccomp Library test program
+#
+# Copyright (c) 2019 Cisco Systems, Inc. <[email protected]>
+# Author: Paul Moore <[email protected]>
+#
+
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of version 2.1 of the GNU Lesser General Public License as
+# published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
+# for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, see <http://www.gnu.org/licenses>.
+#
+
+import argparse
+import sys
+
+import util
+
+from seccomp import *
+
+def test():
+ f = SyscallFilter(ALLOW)
+ f.load()
+
+test()
+
+# kate: syntax python;
+# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;

tests/52-basic-load.tests

@@ -0,0 +1,11 @@
+#
+# libseccomp regression test automation data
+#
+# Copyright (c) 2013 Red Hat <[email protected]>
+# Author: Paul Moore <[email protected]>
+#
+
+test type: basic
+
+# Test command
+52-basic-load

tests/Makefile.am

@@ -90,7 +90,8 @@ check_PROGRAMS = \
  48-sim-32b_args \
  49-sim-64b_comparisons \
  50-sim-hash_collision \
- 51-live-user_notification
+ 51-live-user_notification \
+ 52-basic-load
 
 EXTRA_DIST_TESTPYTHON = \
  util.py \
@@ -143,7 +144,8 @@ EXTRA_DIST_TESTPYTHON = \
  48-sim-32b_args.py \
  49-sim-64b_comparisons.py \
  50-sim-hash_collision.py \
- 51-live-user_notification.py
+ 51-live-user_notification.py \
+ 52-basic-load.py
 
 EXTRA_DIST_TESTCFGS = \
  01-sim-allow.tests \
@@ -196,7 +198,8 @@ EXTRA_DIST_TESTCFGS = \
  48-sim-32b_args.tests \
  49-sim-64b_comparisons.tests \
  50-sim-hash_collision.tests \
- 51-live-user_notification.tests
+ 51-live-user_notification.tests \
+ 52-basic-load.tests
 
 EXTRA_DIST_TESTSCRIPTS = \
  38-basic-pfc_coverage.sh 38-basic-pfc_coverage.pfc