|
Packit |
56e23f |
#
|
|
Packit |
56e23f |
# Seccomp Library utility code for tests
|
|
Packit |
56e23f |
#
|
|
Packit |
56e23f |
# Copyright (c) 2012 Red Hat <pmoore@redhat.com>
|
|
Packit |
56e23f |
# Author: Paul Moore <paul@paul-moore.com>
|
|
Packit |
56e23f |
#
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
#
|
|
Packit |
56e23f |
# This library is free software; you can redistribute it and/or modify it
|
|
Packit |
56e23f |
# under the terms of version 2.1 of the GNU Lesser General Public License as
|
|
Packit |
56e23f |
# published by the Free Software Foundation.
|
|
Packit |
56e23f |
#
|
|
Packit |
56e23f |
# This library is distributed in the hope that it will be useful, but WITHOUT
|
|
Packit |
56e23f |
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
Packit |
56e23f |
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
|
|
Packit |
56e23f |
# for more details.
|
|
Packit |
56e23f |
#
|
|
Packit |
56e23f |
# You should have received a copy of the GNU Lesser General Public License
|
|
Packit |
56e23f |
# along with this library; if not, see <http://www.gnu.org/licenses>.
|
|
Packit |
56e23f |
#
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
""" Python utility code for the libseccomp test suite """
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
import argparse
|
|
Packit |
56e23f |
import os
|
|
Packit |
56e23f |
import sys
|
|
Packit |
56e23f |
import signal
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
from seccomp import *
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
def trap_handler(signum, frame):
|
|
Packit |
56e23f |
""" SIGSYS signal handler, internal use only
|
|
Packit |
56e23f |
"""
|
|
Packit |
56e23f |
os._exit(161)
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
def get_opt():
|
|
Packit |
56e23f |
""" Parse the arguments passed to main
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Description:
|
|
Packit |
56e23f |
Parse the arguments passed to the test from the command line. Returns
|
|
Packit |
56e23f |
a parsed argparse object.
|
|
Packit |
56e23f |
"""
|
|
Packit |
56e23f |
parser = argparse.ArgumentParser()
|
|
Packit |
56e23f |
parser.add_argument("-b", "--bpf", action="store_true")
|
|
Packit |
56e23f |
parser.add_argument("-p", "--pfc", action="store_true")
|
|
Packit |
56e23f |
return parser.parse_args()
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
def filter_output(args, ctx):
|
|
Packit |
56e23f |
""" Output the filter in either BPF or PFC
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Arguments:
|
|
Packit |
56e23f |
args - an argparse object from UtilGetOpt()
|
|
Packit |
56e23f |
ctx - a seccomp SyscallFilter object
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Description:
|
|
Packit |
56e23f |
Output the SyscallFilter to stdout in either BPF or PFC format depending
|
|
Packit |
56e23f |
on the test's command line arguments.
|
|
Packit |
56e23f |
"""
|
|
Packit |
56e23f |
if (args.bpf):
|
|
Packit |
56e23f |
ctx.export_bpf(sys.stdout)
|
|
Packit |
56e23f |
else:
|
|
Packit |
56e23f |
ctx.export_pfc(sys.stdout)
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
def install_trap():
|
|
Packit |
56e23f |
""" Install a TRAP action signal handler
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Description:
|
|
Packit |
56e23f |
Install the TRAP action signal handler.
|
|
Packit |
56e23f |
"""
|
|
Packit |
56e23f |
signal.signal(signal.SIGSYS, trap_handler)
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
def parse_action(action):
|
|
Packit |
56e23f |
""" Parse a filter action string into an action value
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Arguments:
|
|
Packit |
56e23f |
action - the action string
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Description:
|
|
Packit |
56e23f |
Parse a seccomp action string into the associated integer value.
|
|
Packit |
56e23f |
"""
|
|
Packit |
56e23f |
if action == "KILL":
|
|
Packit |
56e23f |
return KILL
|
|
Packit |
56e23f |
elif action == "TRAP":
|
|
Packit |
56e23f |
return TRAP
|
|
Packit |
56e23f |
elif action == "ERRNO":
|
|
Packit |
56e23f |
return ERRNO(163)
|
|
Packit |
56e23f |
elif action == "TRACE":
|
|
Packit |
56e23f |
raise RuntimeError("the TRACE action is not currently supported")
|
|
Packit |
56e23f |
elif action == "ALLOW":
|
|
Packit |
56e23f |
return ALLOW
|
|
Packit |
56e23f |
raise RuntimeError("invalid action string")
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
def write_file(path):
|
|
Packit |
56e23f |
""" Write a string to a file
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Arguments:
|
|
Packit |
56e23f |
path - the file path
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
Description:
|
|
Packit |
56e23f |
Open the specified file, write a string to the file, and close the file.
|
|
Packit |
56e23f |
"""
|
|
Packit |
56e23f |
fd = os.open(str(path), os.O_WRONLY|os.O_CREAT)
|
|
Packit |
56e23f |
if not os.write(fd, b"testing") == len("testing"):
|
|
Packit |
56e23f |
raise IOError("failed to write the full test string in write_file()")
|
|
Packit |
56e23f |
os.close(fd)
|
|
Packit |
56e23f |
|
|
Packit |
56e23f |
# kate: syntax python;
|
|
Packit |
56e23f |
# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
|