X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=libseccomp%2Ftests%2Futil.c;fp=libseccomp%2Ftests%2Futil.c;h=9c069d600df256d597708920987ab583f368c666;hb=8befd5cc4d2b478c697d81a5ac191083c203d081;hp=0000000000000000000000000000000000000000;hpb=bcf524c10c0ad85fcef711acffc3251bb8472352;p=linux-seccomp.git

diff --git a/libseccomp/tests/util.c b/libseccomp/tests/util.c
new file mode 100644
index 0000000..9c069d6
--- /dev/null
+++ b/libseccomp/tests/util.c
@@ -0,0 +1,209 @@
+/**
+ * Seccomp Library utility code for tests
+ *
+ * Copyright (c) 2012 Red Hat <eparis@redhat.com>
+ * Author: Eric Paris <eparis@redhat.com>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <seccomp.h>
+
+#include "util.h"
+
+/**
+ * SIGSYS signal handler
+ * @param nr the signal number
+ * @param info siginfo_t pointer
+ * @param void_context handler context
+ *
+ * Simple signal handler for SIGSYS which exits with error code 161.
+ *
+ */
+static void _trap_handler(int signal, siginfo_t *info, void *ctx)
+{
+	_exit(161);
+}
+
+/**
+ * Parse the arguments passed to main
+ * @param argc the argument count
+ * @param argv the argument pointer
+ * @param opts the options structure
+ *
+ * This function parses the arguments passed to the test from the command line.
+ * Returns zero on success and negative values on failure.
+ *
+ */
+int util_getopt(int argc, char *argv[], struct util_options *opts)
+{
+	int rc = 0;
+
+	if (opts == NULL)
+		return -EFAULT;
+
+	memset(opts, 0, sizeof(*opts));
+	while (1) {
+		int c, option_index = 0;
+		const struct option long_options[] = {
+			{"bpf", no_argument, &(opts->bpf_flg), 1},
+			{"pfc", no_argument, &(opts->bpf_flg), 0},
+			{0, 0, 0, 0},
+		};
+
+		c = getopt_long(argc, argv, "bp",
+				long_options, &option_index);
+		if (c == -1)
+			break;
+
+		switch (c) {
+		case 0:
+			break;
+		case 'b':
+			opts->bpf_flg = 1;
+			break;
+		case 'p':
+			opts->bpf_flg = 0;
+			break;
+		default:
+			rc = -EINVAL;
+			break;
+		}
+	}
+
+	if (rc == -EINVAL || optind < argc) {
+		fprintf(stderr, "usage %s: [--bpf,-b] [--pfc,-p]\n", argv[0]);
+		rc = -EINVAL;
+	}
+
+	return rc;
+}
+
+/**
+ * Output the filter in either BPF or PFC
+ * @param opts the options structure
+ * @param ctx the filter context
+ *
+ * This function outputs the seccomp filter to stdout in either BPF or PFC
+ * format depending on the test paramaeters supplied by @opts.
+ *
+ */
+int util_filter_output(const struct util_options *opts,
+		       const scmp_filter_ctx ctx)
+{
+	int rc;
+
+	if (opts == NULL)
+		return -EFAULT;
+
+	if (opts->bpf_flg)
+		rc = seccomp_export_bpf(ctx, STDOUT_FILENO);
+	else
+		rc = seccomp_export_pfc(ctx, STDOUT_FILENO);
+
+	return rc;
+}
+
+/**
+ * Install a TRAP action signal handler
+ *
+ * This function installs the TRAP action signal handler and is based on
+ * examples from Will Drewry and Kees Cook.  Returns zero on success, negative
+ * values on failure.
+ *
+ */
+int util_trap_install(void)
+{
+	struct sigaction signal_handler;
+	sigset_t signal_mask;
+
+	memset(&signal_handler, 0, sizeof(signal_handler));
+	sigemptyset(&signal_mask);
+	sigaddset(&signal_mask, SIGSYS);
+
+	signal_handler.sa_sigaction = &_trap_handler;
+	signal_handler.sa_flags = SA_SIGINFO;
+	if (sigaction(SIGSYS, &signal_handler, NULL) < 0)
+		return -errno;
+	if (sigprocmask(SIG_UNBLOCK, &signal_mask, NULL))
+		return -errno;
+
+	return 0;
+}
+
+/**
+ * Parse a filter action string into an action value
+ * @param action the action string
+ *
+ * Parse a seccomp action string into the associated integer value.  Returns
+ * the correct value on success, -1 on failure.
+ *
+ */
+int util_action_parse(const char *action)
+{
+	if (action == NULL)
+		return -1;
+
+	if (strcasecmp(action, "KILL") == 0)
+		return SCMP_ACT_KILL;
+	else if (strcasecmp(action, "TRAP") == 0)
+		return SCMP_ACT_TRAP;
+	else if (strcasecmp(action, "ERRNO") == 0)
+		return SCMP_ACT_ERRNO(163);
+	else if (strcasecmp(action, "TRACE") == 0)
+		return -1; /* not yet supported */
+	else if (strcasecmp(action, "ALLOW") == 0)
+		return SCMP_ACT_ALLOW;
+
+	return -1;
+}
+
+/**
+ * Write a string to a file
+ * @param path the file path
+ *
+ * Open the specified file, write a string to the file, and close the file.
+ * Return zero on success, negative values on error.
+ *
+ */
+int util_file_write(const char *path)
+{
+	int fd;
+	const char buf[] = "testing";
+	ssize_t buf_len = strlen(buf);
+
+	fd = open(path, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR);
+	if (fd < 0)
+		return errno;
+	if (write(fd, buf, buf_len) < buf_len) {
+		int rc = errno;
+		close(fd);
+		return rc;
+	}
+	if (close(fd) < 0)
+		return errno;
+
+	return 0;
+}