| 1 | # |
| 2 | # Seccomp Library utility code for tests |
| 3 | # |
| 4 | # Copyright (c) 2012 Red Hat <pmoore@redhat.com> |
| 5 | # Author: Paul Moore <paul@paul-moore.com> |
| 6 | # |
| 7 | |
| 8 | # |
| 9 | # This library is free software; you can redistribute it and/or modify it |
| 10 | # under the terms of version 2.1 of the GNU Lesser General Public License as |
| 11 | # published by the Free Software Foundation. |
| 12 | # |
| 13 | # This library is distributed in the hope that it will be useful, but WITHOUT |
| 14 | # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 15 | # FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License |
| 16 | # for more details. |
| 17 | # |
| 18 | # You should have received a copy of the GNU Lesser General Public License |
| 19 | # along with this library; if not, see <http://www.gnu.org/licenses>. |
| 20 | # |
| 21 | |
| 22 | """ Python utility code for the libseccomp test suite """ |
| 23 | |
| 24 | import argparse |
| 25 | import os |
| 26 | import sys |
| 27 | import signal |
| 28 | |
| 29 | from seccomp import * |
| 30 | |
| 31 | def trap_handler(signum, frame): |
| 32 | """ SIGSYS signal handler, internal use only |
| 33 | """ |
| 34 | os._exit(161) |
| 35 | |
| 36 | def get_opt(): |
| 37 | """ Parse the arguments passed to main |
| 38 | |
| 39 | Description: |
| 40 | Parse the arguments passed to the test from the command line. Returns |
| 41 | a parsed argparse object. |
| 42 | """ |
| 43 | parser = argparse.ArgumentParser() |
| 44 | parser.add_argument("-b", "--bpf", action="store_true") |
| 45 | parser.add_argument("-p", "--pfc", action="store_true") |
| 46 | return parser.parse_args() |
| 47 | |
| 48 | def filter_output(args, ctx): |
| 49 | """ Output the filter in either BPF or PFC |
| 50 | |
| 51 | Arguments: |
| 52 | args - an argparse object from UtilGetOpt() |
| 53 | ctx - a seccomp SyscallFilter object |
| 54 | |
| 55 | Description: |
| 56 | Output the SyscallFilter to stdout in either BPF or PFC format depending |
| 57 | on the test's command line arguments. |
| 58 | """ |
| 59 | if (args.bpf): |
| 60 | ctx.export_bpf(sys.stdout) |
| 61 | else: |
| 62 | ctx.export_pfc(sys.stdout) |
| 63 | |
| 64 | def install_trap(): |
| 65 | """ Install a TRAP action signal handler |
| 66 | |
| 67 | Description: |
| 68 | Install the TRAP action signal handler. |
| 69 | """ |
| 70 | signal.signal(signal.SIGSYS, trap_handler) |
| 71 | |
| 72 | def parse_action(action): |
| 73 | """ Parse a filter action string into an action value |
| 74 | |
| 75 | Arguments: |
| 76 | action - the action string |
| 77 | |
| 78 | Description: |
| 79 | Parse a seccomp action string into the associated integer value. |
| 80 | """ |
| 81 | if action == "KILL": |
| 82 | return KILL |
| 83 | elif action == "TRAP": |
| 84 | return TRAP |
| 85 | elif action == "ERRNO": |
| 86 | return ERRNO(163) |
| 87 | elif action == "TRACE": |
| 88 | raise RuntimeError("the TRACE action is not currently supported") |
| 89 | elif action == "ALLOW": |
| 90 | return ALLOW |
| 91 | raise RuntimeError("invalid action string") |
| 92 | |
| 93 | |
| 94 | def write_file(path): |
| 95 | """ Write a string to a file |
| 96 | |
| 97 | Arguments: |
| 98 | path - the file path |
| 99 | |
| 100 | Description: |
| 101 | Open the specified file, write a string to the file, and close the file. |
| 102 | """ |
| 103 | fd = os.open(path, os.O_WRONLY|os.O_CREAT, 0600) |
| 104 | if not os.write(fd, "testing") == len("testing"): |
| 105 | raise IOError("failed to write the full test string in write_file()") |
| 106 | os.close(fd) |
| 107 | |
| 108 | # kate: syntax python; |
| 109 | # kate: indent-mode python; space-indent on; indent-width 4; mixedindent off; |