1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
#
# Seccomp Library utility code for tests
#
# Copyright (c) 2012 Red Hat <pmoore@redhat.com>
# Author: Paul Moore <paul@paul-moore.com>
#
#
# This library is free software; you can redistribute it and/or modify it
# under the terms of version 2.1 of the GNU Lesser General Public License as
# published by the Free Software Foundation.
#
# This library is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
# for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this library; if not, see <http://www.gnu.org/licenses>.
#
""" Python utility code for the libseccomp test suite """
import argparse
import os
import sys
import signal
from seccomp import *
def trap_handler(signum, frame):
""" SIGSYS signal handler, internal use only
"""
os._exit(161)
def get_opt():
""" Parse the arguments passed to main
Description:
Parse the arguments passed to the test from the command line. Returns
a parsed argparse object.
"""
parser = argparse.ArgumentParser()
parser.add_argument("-b", "--bpf", action="store_true")
parser.add_argument("-p", "--pfc", action="store_true")
return parser.parse_args()
def filter_output(args, ctx):
""" Output the filter in either BPF or PFC
Arguments:
args - an argparse object from UtilGetOpt()
ctx - a seccomp SyscallFilter object
Description:
Output the SyscallFilter to stdout in either BPF or PFC format depending
on the test's command line arguments.
"""
if (args.bpf):
ctx.export_bpf(sys.stdout)
else:
ctx.export_pfc(sys.stdout)
def install_trap():
""" Install a TRAP action signal handler
Description:
Install the TRAP action signal handler.
"""
signal.signal(signal.SIGSYS, trap_handler)
def parse_action(action):
""" Parse a filter action string into an action value
Arguments:
action - the action string
Description:
Parse a seccomp action string into the associated integer value.
"""
if action == "KILL":
return KILL
elif action == "TRAP":
return TRAP
elif action == "ERRNO":
return ERRNO(163)
elif action == "TRACE":
raise RuntimeError("the TRACE action is not currently supported")
elif action == "ALLOW":
return ALLOW
raise RuntimeError("invalid action string")
def write_file(path):
""" Write a string to a file
Arguments:
path - the file path
Description:
Open the specified file, write a string to the file, and close the file.
"""
fd = os.open(str(path), os.O_WRONLY|os.O_CREAT)
if not os.write(fd, b"testing") == len("testing"):
raise IOError("failed to write the full test string in write_file()")
os.close(fd)
# kate: syntax python;
# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
|
