Lines Matching +full:saw +full:- +full:leader
1 // SPDX-License-Identifier: GPL-2.0-only
59 /* Attempt to de-conflict with the selftests tree. */
322 return -1;
396 EXPECT_EQ(-1, ret);
424 EXPECT_EQ(-1, ret);
463 prog.len -= 1;
505 TH_LOG("Allowed %d %d-insn filters (total with penalties:%d)",
528 EXPECT_EQ(-1, ret);
590 EXPECT_EQ(-1, ret);
712 /* Only both with lower 32-bit for now. */
752 /* Only both with lower 32-bit for now. */
777 ASSERT_NE(-1, fd);
936 /* TODO(wad) add 64-bit versus 32-bit arg tests. */
953 EXPECT_EQ(-1, ret);
984 EXPECT_EQ(-1, read(-1, NULL, 0));
1003 EXPECT_EQ(0, read(-1, NULL, 0));
1024 EXPECT_EQ(-1, read(-1, NULL, 0));
1055 EXPECT_EQ(-1, read(-1, NULL, 0));
1073 memset(&self->prog, 0, sizeof(self->prog));
1074 self->prog.filter = malloc(sizeof(filter));
1075 ASSERT_NE(NULL, self->prog.filter);
1076 memcpy(self->prog.filter, filter, sizeof(filter));
1077 self->prog.len = (unsigned short)ARRAY_SIZE(filter);
1082 if (self->prog.filter)
1083 free(self->prog.filter);
1093 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->prog);
1108 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->prog);
1144 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->prog);
1164 EXPECT_EQ(__NR_getpid, sigsys->_syscall);
1165 /* Make sure arch is non-zero. */
1166 EXPECT_NE(0, sigsys->_arch);
1167 EXPECT_NE(0, (unsigned long)sigsys->_call_addr);
1222 self->_x.filter = malloc(sizeof(_x##_insns)); \
1223 ASSERT_NE(NULL, self->_x.filter); \
1224 memcpy(self->_x.filter, &_x##_insns, sizeof(_x##_insns)); \
1225 self->_x.len = (unsigned short)ARRAY_SIZE(_x##_insns)
1236 #define FILTER_FREE(_x) if (self->_x.filter) free(self->_x.filter)
1254 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1256 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1258 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1260 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->error);
1262 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trap);
1264 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->kill);
1280 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1282 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1284 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1286 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->error);
1288 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trap);
1290 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->kill);
1309 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1311 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->kill);
1313 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->error);
1315 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1317 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1319 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trap);
1336 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1338 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1340 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1342 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->error);
1344 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trap);
1361 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1363 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trap);
1365 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1367 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1369 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->error);
1386 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1388 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1390 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1392 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->error);
1408 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1410 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->error);
1412 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1414 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1430 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1432 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1434 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1439 EXPECT_EQ(-1, syscall(__NR_getpid));
1451 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->trace);
1453 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1455 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1460 EXPECT_EQ(-1, syscall(__NR_getpid));
1473 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1475 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1493 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->log);
1495 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->allow);
1529 int ret = -1;
1539 while (ret == -1 && errno != EINVAL)
1592 syscall(__NR_exit, _metadata->exit_code);
1660 ret = ptrace(PTRACE_POKEDATA, tracee, info->poke_addr, 0x1001);
1681 self->poked = 0;
1682 memset(&self->prog, 0, sizeof(self->prog));
1683 self->prog.filter = malloc(sizeof(filter));
1684 ASSERT_NE(NULL, self->prog.filter);
1685 memcpy(self->prog.filter, filter, sizeof(filter));
1686 self->prog.len = (unsigned short)ARRAY_SIZE(filter);
1689 self->tracer_args.poke_addr = (unsigned long)&self->poked;
1692 self->tracer = setup_trace_fixture(_metadata, tracer_poke,
1693 &self->tracer_args, false);
1698 teardown_trace_fixture(_metadata, self->tracer);
1699 if (self->prog.filter)
1700 free(self->prog.filter);
1710 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->prog, 0, 0);
1713 EXPECT_EQ(0, self->poked);
1714 ret = read(-1, NULL, 0);
1715 EXPECT_EQ(-1, ret);
1716 EXPECT_EQ(0x1001, self->poked);
1726 ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &self->prog, 0, 0);
1729 EXPECT_EQ(0, self->poked);
1731 EXPECT_EQ(0, self->poked);
1796 * scv 0 system call uses -ve result \
1807 SYSCALL_RET(_regs) = -_result; \
1879 * shared), report it with TH_LOG() in an arch-specific definition
1894 # define EXPECT_SYSCALL_RETURN(val, action) EXPECT_EQ(-1, action)
1900 EXPECT_EQ(-1, action); \
1901 EXPECT_EQ(-(val), errno); \
1922 * architectures without HAVE_ARCH_TRACEHOOK (e.g. User-mode Linux).
1942 /* Architecture-specific syscall fetching routine. */
1948 return -1;
1954 /* Architecture-specific syscall changing routine. */
1987 /* Change syscall return value (and set syscall number to -1). */
1991 long syscall = -1;
2026 change_syscall_ret(_metadata, tracee, -ESRCH);
2082 self->syscall_nr = get_syscall(_metadata, tracee);
2094 switch (self->syscall_nr) {
2101 syscall_nr_val = -1;
2105 syscall_nr_val = -1;
2106 syscall_ret_val = -ESRCH;
2156 self->mytid = syscall(__NR_gettid);
2157 ASSERT_GT(self->mytid, 0);
2158 ASSERT_NE(self->mytid, 1) {
2162 self->mypid = getpid();
2163 ASSERT_GT(self->mypid, 0);
2164 ASSERT_EQ(self->mytid, self->mypid);
2166 self->parent = getppid();
2167 ASSERT_GT(self->parent, 0);
2168 ASSERT_NE(self->parent, self->mypid);
2171 self->tracer = setup_trace_fixture(_metadata,
2172 variant->use_ptrace ? tracer_ptrace
2174 self, variant->use_ptrace);
2180 if (variant->use_ptrace)
2189 teardown_trace_fixture(_metadata, self->tracer);
2195 SKIP(return, "arm32 does not support calling syscall -1");
2199 * and userspace asking for syscall "-1".
2202 EXPECT_EQ(-1, syscall(-1));
2204 /* And no difference for "still not valid but not -1". */
2206 EXPECT_EQ(-1, syscall(-101));
2218 EXPECT_EQ(self->parent, syscall(__NR_getppid));
2219 EXPECT_NE(self->mypid, syscall(__NR_getppid));
2225 EXPECT_EQ(self->parent, syscall(__NR_getpid));
2226 EXPECT_NE(self->mypid, syscall(__NR_getpid));
2232 EXPECT_SYSCALL_RETURN(-ESRCH, syscall(__NR_openat));
2261 EXPECT_EQ(-1, syscall(__NR_mknodat, -1, NULL, 0, 0));
2285 EXPECT_EQ(-1, syscall(__NR_getpid));
2309 EXPECT_NE(self->mypid, syscall(__NR_getpid));
2329 ret = seccomp(-1, 0, &prog);
2338 ret = seccomp(SECCOMP_SET_MODE_STRICT, -1, NULL);
2348 ret = seccomp(SECCOMP_SET_MODE_FILTER, -1, &prog);
2421 /* Test detection of individual known-good filter flags */
2439 EXPECT_EQ(-1, ret);
2441 TH_LOG("Failed to detect that a known-good filter flag (0x%X) is supported!",
2449 * Test detection of all known-good filter flags combined. But
2461 EXPECT_EQ(-1, ret);
2463 TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
2469 flag = -1;
2472 EXPECT_EQ(-1, ret);
2482 flag = flags[ARRAY_SIZE(flags) - 1] << 1;
2484 EXPECT_EQ(-1, ret);
2569 memset(&self->root_prog, 0, sizeof(self->root_prog));
2570 memset(&self->apply_prog, 0, sizeof(self->apply_prog));
2571 memset(&self->sibling, 0, sizeof(self->sibling));
2572 self->root_prog.filter = malloc(sizeof(root_filter));
2573 ASSERT_NE(NULL, self->root_prog.filter);
2574 memcpy(self->root_prog.filter, &root_filter, sizeof(root_filter));
2575 self->root_prog.len = (unsigned short)ARRAY_SIZE(root_filter);
2577 self->apply_prog.filter = malloc(sizeof(apply_filter));
2578 ASSERT_NE(NULL, self->apply_prog.filter);
2579 memcpy(self->apply_prog.filter, &apply_filter, sizeof(apply_filter));
2580 self->apply_prog.len = (unsigned short)ARRAY_SIZE(apply_filter);
2582 self->sibling_count = 0;
2583 pthread_mutex_init(&self->mutex, NULL);
2584 pthread_cond_init(&self->cond, NULL);
2585 sem_init(&self->started, 0, 0);
2586 self->sibling[0].tid = 0;
2587 self->sibling[0].cond = &self->cond;
2588 self->sibling[0].started = &self->started;
2589 self->sibling[0].mutex = &self->mutex;
2590 self->sibling[0].diverge = 0;
2591 self->sibling[0].num_waits = 1;
2592 self->sibling[0].prog = &self->root_prog;
2593 self->sibling[0].metadata = _metadata;
2594 self->sibling[1].tid = 0;
2595 self->sibling[1].cond = &self->cond;
2596 self->sibling[1].started = &self->started;
2597 self->sibling[1].mutex = &self->mutex;
2598 self->sibling[1].diverge = 0;
2599 self->sibling[1].prog = &self->root_prog;
2600 self->sibling[1].num_waits = 1;
2601 self->sibling[1].metadata = _metadata;
2608 if (self->root_prog.filter)
2609 free(self->root_prog.filter);
2610 if (self->apply_prog.filter)
2611 free(self->apply_prog.filter);
2613 for ( ; sib < self->sibling_count; ++sib) {
2614 struct tsync_sibling *s = &self->sibling[sib];
2616 if (!s->tid)
2622 pthread_kill(s->tid, 9);
2624 pthread_mutex_destroy(&self->mutex);
2625 pthread_cond_destroy(&self->cond);
2626 sem_destroy(&self->started);
2634 me->system_tid = syscall(__NR_gettid);
2636 pthread_mutex_lock(me->mutex);
2637 if (me->diverge) {
2638 /* Just re-apply the root prog to fork the tree */
2640 me->prog, 0, 0);
2642 sem_post(me->started);
2645 pthread_mutex_unlock(me->mutex);
2649 pthread_cond_wait(me->cond, me->mutex);
2650 me->num_waits = me->num_waits - 1;
2651 } while (me->num_waits);
2652 pthread_mutex_unlock(me->mutex);
2657 read(-1, NULL, 0);
2663 pthread_create(&sibling->tid, NULL, tsync_sibling, (void *)sibling);
2695 self->sibling[0].diverge = 1;
2696 tsync_start_sibling(&self->sibling[0]);
2697 tsync_start_sibling(&self->sibling[1]);
2699 while (self->sibling_count < TSYNC_SIBLINGS) {
2700 sem_wait(&self->started);
2701 self->sibling_count++;
2705 pthread_mutex_lock(&self->mutex);
2706 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2707 TH_LOG("cond broadcast non-zero");
2709 pthread_mutex_unlock(&self->mutex);
2712 PTHREAD_JOIN(self->sibling[0].tid, &status);
2714 PTHREAD_JOIN(self->sibling[1].tid, &status);
2727 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);
2734 tsync_start_sibling(&self->sibling[0]);
2735 tsync_start_sibling(&self->sibling[1]);
2737 while (self->sibling_count < TSYNC_SIBLINGS) {
2738 sem_wait(&self->started);
2739 self->sibling_count++;
2743 &self->apply_prog);
2748 pthread_mutex_lock(&self->mutex);
2749 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2750 TH_LOG("cond broadcast non-zero");
2752 pthread_mutex_unlock(&self->mutex);
2754 PTHREAD_JOIN(self->sibling[0].tid, &status);
2756 PTHREAD_JOIN(self->sibling[1].tid, &status);
2765 tsync_start_sibling(&self->sibling[0]);
2766 tsync_start_sibling(&self->sibling[1]);
2767 while (self->sibling_count < TSYNC_SIBLINGS) {
2768 sem_wait(&self->started);
2769 self->sibling_count++;
2773 pthread_mutex_lock(&self->mutex);
2774 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2775 TH_LOG("cond broadcast non-zero");
2777 pthread_mutex_unlock(&self->mutex);
2780 PTHREAD_JOIN(self->sibling[0].tid, &status);
2782 PTHREAD_JOIN(self->sibling[1].tid, &status);
2792 tsync_start_sibling(&self->sibling[0]);
2793 tsync_start_sibling(&self->sibling[1]);
2794 while (self->sibling_count < TSYNC_SIBLINGS) {
2795 sem_wait(&self->started);
2796 self->sibling_count++;
2804 &self->apply_prog);
2813 pthread_mutex_lock(&self->mutex);
2814 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2815 TH_LOG("cond broadcast non-zero");
2817 pthread_mutex_unlock(&self->mutex);
2820 PTHREAD_JOIN(self->sibling[0].tid, &status);
2822 PTHREAD_JOIN(self->sibling[1].tid, &status);
2835 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);
2842 self->sibling[0].diverge = 1;
2843 tsync_start_sibling(&self->sibling[0]);
2844 tsync_start_sibling(&self->sibling[1]);
2846 while (self->sibling_count < TSYNC_SIBLINGS) {
2847 sem_wait(&self->started);
2848 self->sibling_count++;
2852 &self->apply_prog);
2853 ASSERT_EQ(self->sibling[0].system_tid, ret) {
2858 pthread_mutex_lock(&self->mutex);
2859 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2860 TH_LOG("cond broadcast non-zero");
2862 pthread_mutex_unlock(&self->mutex);
2865 PTHREAD_JOIN(self->sibling[0].tid, &status);
2867 PTHREAD_JOIN(self->sibling[1].tid, &status);
2880 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);
2887 self->sibling[0].diverge = 1;
2888 tsync_start_sibling(&self->sibling[0]);
2889 tsync_start_sibling(&self->sibling[1]);
2891 while (self->sibling_count < TSYNC_SIBLINGS) {
2892 sem_wait(&self->started);
2893 self->sibling_count++;
2898 ret = seccomp(SECCOMP_SET_MODE_FILTER, flags, &self->apply_prog);
2902 ASSERT_EQ(-1, ret) {
2907 pthread_mutex_lock(&self->mutex);
2908 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2909 TH_LOG("cond broadcast non-zero");
2911 pthread_mutex_unlock(&self->mutex);
2914 PTHREAD_JOIN(self->sibling[0].tid, &status);
2916 PTHREAD_JOIN(self->sibling[1].tid, &status);
2936 self->sibling[0].diverge = 1;
2937 tsync_start_sibling(&self->sibling[0]);
2938 tsync_start_sibling(&self->sibling[1]);
2940 while (self->sibling_count < TSYNC_SIBLINGS) {
2941 sem_wait(&self->started);
2942 self->sibling_count++;
2945 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);
2954 &self->apply_prog);
2955 ASSERT_EQ(ret, self->sibling[0].system_tid) {
2959 if (ret == self->sibling[0].system_tid)
2962 pthread_mutex_lock(&self->mutex);
2965 * the one we just saw.
2967 self->sibling[!sib].num_waits += 1;
2970 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2971 TH_LOG("cond broadcast non-zero");
2973 pthread_mutex_unlock(&self->mutex);
2974 PTHREAD_JOIN(self->sibling[sib].tid, &status);
2977 while (!kill(self->sibling[sib].system_tid, 0))
2983 &self->apply_prog);
2988 pthread_mutex_lock(&self->mutex);
2993 if (self->sibling[sib].num_waits > 1)
2994 self->sibling[sib].num_waits = 1;
2995 ASSERT_EQ(0, pthread_cond_broadcast(&self->cond)) {
2996 TH_LOG("cond broadcast non-zero");
2998 pthread_mutex_unlock(&self->mutex);
2999 PTHREAD_JOIN(self->sibling[sib].tid, &status);
3002 while (!kill(self->sibling[sib].system_tid, 0))
3006 &self->apply_prog);
3098 syscall(__NR_exit, _metadata->exit_code);
3126 /* Verify signal delivery came from child (seccomp-triggered). */
3163 * - native ARM registers do NOT expose true syscall.
3164 * - compat ARM registers on ARM64 DO expose true syscall.
3165 * - values of utsbuf.machine include 'armv8l' or 'armb8b'
3186 _metadata->exit_code = KSFT_FAIL;
3278 EXPECT_EQ(ret, -1);
3395 /* Check that we get -ENOSYS with no listener attached */
3407 /* Add some no-op filters for grins. */
3421 -1);
3435 EXPECT_GT(poll(&pollfd, 1, -1), 0);
3440 req.pid = -1;
3443 EXPECT_EQ(-1, ret);
3454 EXPECT_GT(poll(&pollfd, 1, -1), 0);
3465 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
3489 ASSERT_EQ(-1, user_notif_syscall(__NR_getppid, flags));
3534 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ID_VALID, &req.id), -1);
3538 EXPECT_EQ(ret, -1);
3542 static int handled = -1;
3587 exit(!(ret == -1 && errno == 512));
3605 resp.error = -EPERM;
3608 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
3615 resp.error = -512; /* -ERESTARTSYS */
3648 exit(ret != -1 && errno != ENOSYS);
3802 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, NULL), -1);
3867 EXPECT_GT(poll(&pollfd, 1, -1), 0);
3875 EXPECT_GT(poll(&pollfd, 1, -1), 0);
3889 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
3894 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
4013 EXPECT_EQ(ioctl(200, SECCOMP_IOCTL_NOTIF_RECV, &req), -1);
4114 if (fcntl(i, F_GETFD) == -1)
4133 /* There may be arbitrary already-open fds at test start. */
4159 if (fcntl(syscall(__NR_getppid), F_GETFD) == -1)
4174 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd), -1);
4180 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd), -1);
4186 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd), -1);
4191 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_SMALL, &small), -1);
4197 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_BIG, &big), -1);
4234 while (ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd) != -1 &&
4235 errno != -EINPROGRESS)
4261 while (ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd) != -1 &&
4262 errno != -EINPROGRESS)
4325 /* Should probably spot check /proc/sys/fs/file-nr */
4326 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd), -1);
4330 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd), -1);
4335 EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd), -1);
4375 EXPECT_SYSCALL_RETURN(-EINVAL,
4418 self->pid = 0;
4430 self->pid = fork();
4431 ASSERT_GE(self->pid, 0);
4433 if (self->pid == 0) {
4442 if (self->pid)
4443 kill(self->pid, SIGKILL);
4450 ASSERT_EQ(0, ptrace(PTRACE_ATTACH, self->pid, NULL, 0));
4451 ASSERT_EQ(self->pid, wait(&wstatus));
4452 ASSERT_EQ(-1, ptrace(PTRACE_SETOPTIONS, self->pid, NULL, PTRACE_O_SUSPEND_SECCOMP));
4462 ret = ptrace(PTRACE_SEIZE, self->pid, NULL, PTRACE_O_SUSPEND_SECCOMP);
4463 ASSERT_EQ(-1, ret);
4470 * get_nth - Get the nth, space separated entry in a file.
4473 * Throws error if field is zero-lengthed.
4502 return nread - 1;
4600 /* get_proc_syscall - Get the syscall in progress for a given pid
4603 * Returns -1 if not in syscall (running or blocked)
4608 long ret = -1;
4623 /* Ensure non-fatal signals prior to receive are unmodified */
4663 /* Setup the non-fatal sigaction without SA_RESTART */
4671 exit(ret != -1 || errno != EINTR);
4682 /* Send non-fatal kill signal */
4693 /* Ensure non-fatal signals after receive are blocked */
4743 * non-preemptible (TASK_KILLABLE) state.
4746 /* Send non-fatal kill signal */
4751 * D (Disk Sleep) state after receiving non-fatal signal.
4807 * non-preemptible (TASK_KILLABLE) state.
4823 pthread_t leader;
4839 ret = pthread_join(args->leader, &retval);
4852 * Ensure that a dead thread leader doesn't prevent installing new filters with
4882 args->leader = pthread_self();
4888 /* Install a new filter just to the leader thread. */
4906 int err = -1, ret;
4940 return -1;
4942 while (fscanf(f, "%zx-%zx %s %zx %*[^\n]\n", &start, &end, buf, &base) == 4) {
4949 return found ? (uintptr_t)addr - start + base : -1;
4983 if (!variant->attach)
5001 self->fd = syscall(__NR_perf_event_open, &attr,
5002 getpid() /* pid */, -1 /* cpu */, -1 /* group_fd */,
5008 /* we could call close(self->fd), but we'd need extra filter for
5017 return -1;
5095 * - expand NNP testing
5096 * - better arch-specific TRACE and TRAP handlers.
5097 * - endianness checking when appropriate
5098 * - 64-bit arg prodding
5099 * - arch value testing (x86 modes especially)
5100 * - verify that FILTER_FLAG_LOG filters generate log messages
5101 * - verify that RET_LOG generates log messages