Tree @debian/2.5.1-1_bpo10+1 (Download .tar.gz)
- ..
- 01-sim-allow.c
- 01-sim-allow.py
- 01-sim-allow.tests
- 02-sim-basic.c
- 02-sim-basic.py
- 02-sim-basic.tests
- 03-sim-basic_chains.c
- 03-sim-basic_chains.py
- 03-sim-basic_chains.tests
- 04-sim-multilevel_chains.c
- 04-sim-multilevel_chains.py
- 04-sim-multilevel_chains.tests
- 05-sim-long_jumps.c
- 05-sim-long_jumps.py
- 05-sim-long_jumps.tests
- 06-sim-actions.c
- 06-sim-actions.py
- 06-sim-actions.tests
- 07-sim-db_bug_looping.c
- 07-sim-db_bug_looping.py
- 07-sim-db_bug_looping.tests
- 08-sim-subtree_checks.c
- 08-sim-subtree_checks.py
- 08-sim-subtree_checks.tests
- 09-sim-syscall_priority_pre.c
- 09-sim-syscall_priority_pre.py
- 09-sim-syscall_priority_pre.tests
- 10-sim-syscall_priority_post.c
- 10-sim-syscall_priority_post.py
- 10-sim-syscall_priority_post.tests
- 11-basic-basic_errors.c
- 11-basic-basic_errors.py
- 11-basic-basic_errors.tests
- 12-sim-basic_masked_ops.c
- 12-sim-basic_masked_ops.py
- 12-sim-basic_masked_ops.tests
- 13-basic-attrs.c
- 13-basic-attrs.py
- 13-basic-attrs.tests
- 14-sim-reset.c
- 14-sim-reset.py
- 14-sim-reset.tests
- 15-basic-resolver.c
- 15-basic-resolver.py
- 15-basic-resolver.tests
- 16-sim-arch_basic.c
- 16-sim-arch_basic.py
- 16-sim-arch_basic.tests
- 17-sim-arch_merge.c
- 17-sim-arch_merge.py
- 17-sim-arch_merge.tests
- 18-sim-basic_allowlist.c
- 18-sim-basic_allowlist.py
- 18-sim-basic_allowlist.tests
- 19-sim-missing_syscalls.c
- 19-sim-missing_syscalls.py
- 19-sim-missing_syscalls.tests
- 20-live-basic_die.c
- 20-live-basic_die.py
- 20-live-basic_die.tests
- 21-live-basic_allow.c
- 21-live-basic_allow.py
- 21-live-basic_allow.tests
- 22-sim-basic_chains_array.c
- 22-sim-basic_chains_array.py
- 22-sim-basic_chains_array.tests
- 23-sim-arch_all_le_basic.c
- 23-sim-arch_all_le_basic.py
- 23-sim-arch_all_le_basic.tests
- 24-live-arg_allow.c
- 24-live-arg_allow.py
- 24-live-arg_allow.tests
- 25-sim-multilevel_chains_adv.c
- 25-sim-multilevel_chains_adv.py
- 25-sim-multilevel_chains_adv.tests
- 26-sim-arch_all_be_basic.c
- 26-sim-arch_all_be_basic.py
- 26-sim-arch_all_be_basic.tests
- 27-sim-bpf_blk_state.c
- 27-sim-bpf_blk_state.py
- 27-sim-bpf_blk_state.tests
- 28-sim-arch_x86.c
- 28-sim-arch_x86.py
- 28-sim-arch_x86.tests
- 29-sim-pseudo_syscall.c
- 29-sim-pseudo_syscall.py
- 29-sim-pseudo_syscall.tests
- 30-sim-socket_syscalls.c
- 30-sim-socket_syscalls.py
- 30-sim-socket_syscalls.tests
- 31-basic-version_check.c
- 31-basic-version_check.py
- 31-basic-version_check.tests
- 32-live-tsync_allow.c
- 32-live-tsync_allow.py
- 32-live-tsync_allow.tests
- 33-sim-socket_syscalls_be.c
- 33-sim-socket_syscalls_be.py
- 33-sim-socket_syscalls_be.tests
- 34-sim-basic_denylist.c
- 34-sim-basic_denylist.py
- 34-sim-basic_denylist.tests
- 35-sim-negative_one.c
- 35-sim-negative_one.py
- 35-sim-negative_one.tests
- 36-sim-ipc_syscalls.c
- 36-sim-ipc_syscalls.py
- 36-sim-ipc_syscalls.tests
- 37-sim-ipc_syscalls_be.c
- 37-sim-ipc_syscalls_be.py
- 37-sim-ipc_syscalls_be.tests
- 38-basic-pfc_coverage.c
- 38-basic-pfc_coverage.pfc
- 38-basic-pfc_coverage.sh
- 38-basic-pfc_coverage.tests
- 39-basic-api_level.c
- 39-basic-api_level.py
- 39-basic-api_level.tests
- 40-sim-log.c
- 40-sim-log.py
- 40-sim-log.tests
- 41-sim-syscall_priority_arch.c
- 41-sim-syscall_priority_arch.py
- 41-sim-syscall_priority_arch.tests
- 42-sim-adv_chains.c
- 42-sim-adv_chains.py
- 42-sim-adv_chains.tests
- 43-sim-a2_order.c
- 43-sim-a2_order.py
- 43-sim-a2_order.tests
- 44-live-a2_order.c
- 44-live-a2_order.py
- 44-live-a2_order.tests
- 45-sim-chain_code_coverage.c
- 45-sim-chain_code_coverage.py
- 45-sim-chain_code_coverage.tests
- 46-sim-kill_process.c
- 46-sim-kill_process.py
- 46-sim-kill_process.tests
- 47-live-kill_process.c
- 47-live-kill_process.py
- 47-live-kill_process.tests
- 48-sim-32b_args.c
- 48-sim-32b_args.py
- 48-sim-32b_args.tests
- 49-sim-64b_comparisons.c
- 49-sim-64b_comparisons.py
- 49-sim-64b_comparisons.tests
- 50-sim-hash_collision.c
- 50-sim-hash_collision.py
- 50-sim-hash_collision.tests
- 51-live-user_notification.c
- 51-live-user_notification.py
- 51-live-user_notification.tests
- 52-basic-load.c
- 52-basic-load.py
- 52-basic-load.tests
- 53-sim-binary_tree.c
- 53-sim-binary_tree.py
- 53-sim-binary_tree.tests
- 54-live-binary_tree.c
- 54-live-binary_tree.py
- 54-live-binary_tree.tests
- 55-basic-pfc_binary_tree.c
- 55-basic-pfc_binary_tree.pfc
- 55-basic-pfc_binary_tree.sh
- 55-basic-pfc_binary_tree.tests
- 56-basic-iterate_syscalls.c
- 56-basic-iterate_syscalls.py
- 56-basic-iterate_syscalls.tests
- 57-basic-rawsysrc.c
- 57-basic-rawsysrc.py
- 57-basic-rawsysrc.tests
- 58-live-tsync_notify.c
- 58-live-tsync_notify.py
- 58-live-tsync_notify.tests
- Makefile.am
- Makefile.in
- miniseq.c
- regression
- testdiff
- testgen
- util.c
- util.h
- util.py
- valgrind_test.supp
42-sim-adv_chains.py @debian/2.5.1-1_bpo10+1 — raw · history · blame
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 | #!/usr/bin/env python # # Seccomp Library test program # # Copyright (c) 2017 Red Hat <pmoore@redhat.com> # Author: Paul Moore <paul@paul-moore.com> # # # This library is free software; you can redistribute it and/or modify it # under the terms of version 2.1 of the GNU Lesser General Public License as # published by the Free Software Foundation. # # This library is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or # FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License # for more details. # # You should have received a copy of the GNU Lesser General Public License # along with this library; if not, see <http://www.gnu.org/licenses>. # import argparse import sys import util from seccomp import * def test(args): f = SyscallFilter(KILL) f.add_rule_exactly(ALLOW, 1001, Arg(0, EQ, 1), Arg(1, EQ, 2)) f.add_rule_exactly(ALLOW, 1001) f.add_rule_exactly(ALLOW, 1002, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1002, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1003, Arg(0, NE, 1)) f.add_rule_exactly(TRAP, 1003, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1004, Arg(0, EQ, 1)) f.add_rule_exactly(TRAP, 1004, Arg(0, NE, 1)) f.add_rule_exactly(ALLOW, 1005, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1005, Arg(0, NE, 1)) f.add_rule_exactly(ALLOW, 1006, Arg(0, EQ, 1), Arg(1, EQ, 2)) f.add_rule_exactly(ALLOW, 1006, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1007, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1007, Arg(0, EQ, 1), Arg(1, EQ, 2)) f.add_rule_exactly(ALLOW, 1008, Arg(0, NE, 1), Arg(1, NE, 2)) f.add_rule_exactly(ALLOW, 1008, Arg(0, NE, 1), Arg(1, NE, 2), Arg(2, NE, 3)) f.add_rule_exactly(ALLOW, 1009, Arg(0, EQ, 1), Arg(1, NE, 2)) f.add_rule_exactly(ALLOW, 1009, Arg(0, NE, 1)) f.add_rule_exactly(ALLOW, 1010, Arg(0, NE, 1), Arg(1, EQ, 2)) f.add_rule_exactly(ALLOW, 1010, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1011, Arg(0, EQ, 1)) f.add_rule_exactly(ALLOW, 1011, Arg(0, NE, 1), Arg(2, EQ, 1)) f.add_rule_exactly(ALLOW, 1012, Arg(0, MASKED_EQ, 0x0000, 1)) f.add_rule_exactly(ALLOW, 1013, Arg(0, NE, 1), Arg(2, NE, 2)) f.add_rule_exactly(ALLOW, 1013, Arg(0, LT, 1), Arg(2, NE, 2)) f.add_rule_exactly(ALLOW, 1014, Arg(3, GE, 1), Arg(4, GE, 2)) f.add_rule_exactly(ALLOW, 1014, Arg(0, NE, 1), Arg(1, NE, 2)) f.add_rule_exactly(ALLOW, 1015, Arg(0, EQ, 4), Arg(1, EQ, 1)) f.add_rule_exactly(ALLOW, 1015, Arg(0, EQ, 4), Arg(1, NE, 1)) return f args = util.get_opt() ctx = test(args) util.filter_output(args, ctx) # kate: syntax python; # kate: indent-mode python; space-indent on; indent-width 4; mixedindent off; |