summaryrefslogtreecommitdiffstats
path: root/tests/50-sim-hash_collision.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/50-sim-hash_collision.py')
-rwxr-xr-xtests/50-sim-hash_collision.py61
1 files changed, 61 insertions, 0 deletions
diff --git a/tests/50-sim-hash_collision.py b/tests/50-sim-hash_collision.py
new file mode 100755
index 0000000..d3c5f2f
--- /dev/null
+++ b/tests/50-sim-hash_collision.py
@@ -0,0 +1,61 @@
+#!/usr/bin/env python
+
+#
+# Seccomp Library test program
+#
+# Copyright (c) 2019 Oracle and/or its affiliates. All rights reserved.
+# Author: Tom Hromatka <tom.hromatka@oracle.com>
+#
+
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of version 2.1 of the GNU Lesser General Public License as
+# published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
+# for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, see <http://www.gnu.org/licenses>.
+#
+
+import argparse
+import sys
+
+import util
+
+from seccomp import *
+
+def test(args):
+ set_api(1)
+ f = SyscallFilter(ERRNO(100))
+ f.remove_arch(Arch())
+ f.add_arch(Arch("x86_64"))
+
+ # libseccomp utilizes a hash table to manage BPF blocks. It currently
+ # employs MurmurHash3 where the key is the hashed values of the BPF
+ # instruction blocks, the accumulator start, and the accumulator end.
+ # Changes to the hash algorithm will likely affect this test.
+
+ # The following rules were derived from an issue reported by Tor:
+ # https://github.com/seccomp/libseccomp/issues/148
+ #
+ # In the steps below, syscall 1001 is configured similarly to how
+ # Tor configured socket. The fairly complex rules below led to
+ # a hash collision with rt_sigaction (syscall 1000) in this test.
+
+ f.add_rule_exactly(ALLOW, 1001, Arg(0, EQ, 1), Arg(1, MASKED_EQ, 0xf, 2),
+ Arg(2, EQ, 3))
+ f.add_rule_exactly(ALLOW, 1001, Arg(0, EQ, 1), Arg(1, MASKED_EQ, 0xf, 1))
+ f.add_rule_exactly(ALLOW, 1000, Arg(0, EQ, 2))
+ f.add_rule_exactly(ALLOW, 1000, Arg(0, EQ, 1))
+ return f
+
+args = util.get_opt()
+ctx = test(args)
+util.filter_output(args, ctx)
+
+# kate: syntax python;
+# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-07 05:04:32 +0000