Source Repository Log


Commit Date  
[479382] by Corey Bryant Corey Bryant , pushed by Paul Moore Paul Moore

tests: Add regression batch for 13-attrs

Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>

2012-04-20 13:46:03 Tree
[8fc15a] by Corey Bryant Corey Bryant , pushed by Paul Moore Paul Moore

tests: Add bpf-sim-fuzz regression test type

This patch adds the bpf-sim-fuzz regression test type and corresponding
test data to each of the existing batch files. For more information
on the bpf-sim-fuzz test type, please refer to the
run_test_bpf_sim_fuzz() function comments.

Also included in this patch is a fix for a potential bug in the printf
width that was being used for the final column of log file test data
output for the bpf-sim test type. It was previously indexing beyond
the bounds of the COL_WIDTH array. This has been fixed to not use a
column width for the final column since it is not necessary.

Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-17 21:48:57 Tree
[404833] by Corey Bryant Corey Bryant , pushed by Paul Moore Paul Moore

tests: Add batch regression tests for 12-basic-masked-ops

Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-17 19:12:40 Tree
[a0d8d4] by Corey Bryant Corey Bryant , pushed by Paul Moore Paul Moore

tests: Use tabs in batch files and support hex values

Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-17 18:09:43 Tree
[8154e0] by Paul Moore Paul Moore

build: install the pkg-config file

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-16 20:56:56 Tree
[c6ffe2] by Paul Moore Paul Moore

build: generate a pkgconfig file at configure time

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-16 19:46:48 Tree
[b692c0] by Paul Moore Paul Moore

build: generate version_info.mk at configure time

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-16 19:30:53 Tree
[68996b] by Paul Moore Paul Moore

doc: manpages for seccomp_attr_{get,set}()

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-16 14:44:11 Tree
[b17c7c] by Paul Moore Paul Moore

doc: manpages for seccomp_gen_{bpf,pfc}()

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-15 21:05:39 Tree
[c402e9] by Paul Moore Paul Moore

build: cleanup some of the build macros and Makefiles

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-15 20:20:14 Tree
[705e82] by Paul Moore Paul Moore

api: add a new attribute for the bad architecture action

Also shorten SCMP_FLTATR_CTL_NNP_ON to just SCMP_FLTATR_CTL_NNP.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-15 20:02:52 Tree
[e965f8] by Paul Moore Paul Moore

api: always pass along errors from failed attempts to set NO_NEW_PRIVS

It turns out the kernel required either CAP_SYS_ADMIN or
NO_NEW_PRIVS, so not signaling an error on prctl(NO_NEW_PRIVS) isn't
all that useful.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-16 13:51:46 Tree
[7273b1] by Paul Moore Paul Moore

tests: update 13-attrs with the new attributes

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 22:45:25 Tree
[9e0508] by Paul Moore Paul Moore

tests: make sure we cleanup in case of error

Not critical, but it is nice just to as an example for other developers.

Also fixup the negative return codes while we are here.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 22:34:20 Tree
[7cef09] by Paul Moore Paul Moore

tests: make the option parsing a little more generic and move the filter output to util.c

Also do some general cleanup while we're touching the tests.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 22:05:55 Tree
[3fe085] by Corey Bryant Corey Bryant , pushed by Paul Moore Paul Moore

tests: Batch files for regression automation script

This patch adds batch test data files that are read by the
regression automation script. Each batch file provides lines of
data that correspond to a single test or potentially several tests
if range values are specified (see bpf-sim batch type).

v2:
- Changed batch file naming convention to *.tests

v3:
- Changed batch file naming convention to: testname.batchtype-tests
- Added a number of new bpf-sim batch files and tests. There is
now a batch for each C test source file.
- Batch file name and type are now included inside the batch file
- Added "basic" batch type

v4:
- Changed batch file naming convention to: testname.tests
- Change type terminology from "batch type" to "test type"

Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 13:33:43 Tree
[c80875] by Corey Bryant Corey Bryant , pushed by Paul Moore Paul Moore

tests: Add regression test automation script

This patch adds an automated regression test script that can be
used to run and validate the tests in the /tests directory. The
script pulls test data from batch files, runs the specified
test(s), and verifies the results.

The naming convention for batch files is: testname.tests
For example: 01-allow.tests

Each batch file contains lines of test data. The format of the
test data is defined by the test type. There are currently two
test types supported, basic and bpf-sim. For more details on
these test types, please refer to the commments for
run_test_basic() and run_test_bpf_sim().

Batch files must include the test type on a line that precedes
test data. For example:

test type: bpf-sim

Multiple lines of test data that corresponds to the test type
can then follow. These steps can be repeated to include
multiple test types within a batch file.

Following are a few examples for running the regression script:
- Run all tests in non-verbose mode: ./regression
- Run all tests in verbose mode: ./regression -v
- Run a single batch: ./regression -b 01-allow
- Run a single test: ./regression -b 01-allow -s 2

Thanks to Paul Moore for all of his review comments.

v2:
- Converted from python to bash script
- Provided valgrind support
- Updated test naming convention
- Added option to specify directory for temp files
- Added support to specify syscall by name
- Updated -s option to refer to position of test in batch file
(e.g. first test is 1, second test is 2, etc.)

v3:
- There was quite a bit of rework in this version. The major
changes, and fixes in response to comments are listed below.
- Added support for bpf-sim range values. These allow for a
single line of test data to generate tests for all combinations
of syscalls and arg values.
- Separated some code into separate functions, specifically
print_*() and run_test_command().
- Add support for "basic" batch type
- Batch name and type are now detected inside the batch file
- Updated test naming convention
- Added arch support for bpf-sim tests
- Used single vertical spaces between functions
- Check return value for testname execution
- Updated a number of comments

v4:
- Change license to LGPLv2.1
- Change batch file naming convention to testname.tests
- Change type terminology from "batch type" to "test type"
- Allow multiple test types to be specified within a batch file

Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 13:33:42 Tree
[854794] by Paul Moore Paul Moore

api: enable toggling NO_NEW_PRIVS behavior via filter attributes

Allow developers to disable setting NO_NEW_PRIVS on filter load
and have seccomp_load() fail if setting NO_NEW_PRIVS fails. The
default is to set NO_NEW_PRIVS but do not fail on error.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 19:41:26 Tree
[979a28] by Paul Moore Paul Moore

api: enable NO_NEW_PRIVS when loading the seccomp filter

Attempt to enable NO_NEW_PRIVS before loading the seccomp filter but
don't consider it an error condition if it doesn't work.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 19:32:43 Tree
[9c3511] by Paul Moore Paul Moore

api: enable basic filter attribute support

Move the default action into the filter attribute mechanism.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-11 15:07:31 Tree
[cb120c] by Paul Moore Paul Moore

api: error conditions are indicated by negative return values

Fix some problems where we return "errno" instead of "-errno".

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-13 15:54:09 Tree
[30c465] by Paul Moore Paul Moore

bpf: fix a problem when failing on the low word check on 64bit systems

When checking the low word on a 64bit system we would incorrectly
jump to the default action if there were no other argument checks
on the current level when the correct behavior is to back up a level
(to the high word check) and continue from there.

This patch fixes this behavior and should restore proper filter
generation on 64bit systems.

Reported-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-11 18:54:15 Tree
[d3f6e6] by Paul Moore Paul Moore

bpf_sim: fix some problems with syscall arguments and 64bit architectures

Reported-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-10 21:38:57 Tree
[2506b3] by Paul Moore Paul Moore

bpf: calculate the syscall number offset automatically

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-11 14:51:32 Tree
[160e7c] by Paul Moore Paul Moore

all: relicense the library from GPLv2 to LGPLv2.1

From the libseccomp-discuss mailing list:

On Monday, April 09, 2012 06:06:51 PM Paul Moore wrote:
> Hello,
>
> It was suggested on the libseccomp announcement thread that we
> relicense the library from GPLv2 to LGPLv2.1. In my opinion this
> makes sense and I recommend we relicense the library, can I have
> your permission to relicense your contributions?
>
> * LGPLv2.1
> -> http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html

On Tuesday, April 10, 2012 10:07:37 AM Eric Paris wrote:
> You have my permission to relicense to LGPL.

On Tuesday, April 10, 2012 10:27:39 AM Ashley Lai wrote:
> Yes, you have my permission to relicense to LGPL.

On Tuesday, April 10, 2012 11:48:14 AM Corey Bryant wrote:
> We (IBM) have OSSC approval now. You have my approval to
> relicense my contributions to LGPLv2.1.

On Tuesday, April 10, 2012 12:57:25 PM Eduardo Otubo wrote:
> On Tue, Apr 10, 2012 at 11:48:14AM -0400, Corey Bryant wrote:
> > We (IBM) have OSSC approval now. You have my approval to
> > relicense my contributions to LGPLv2.1.
>
> Exactly, not a problem for me.

Signed-off-by: Paul Moore <pmoore@redhat.com>

2012-04-09 22:07:42 Tree
Older >

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks