playground

Sandbox, container or whatever utilities for linux.
git clone https://pi.duncano.de/git/playground.git
Log | Files | Refs | README

commit 4365f95854fd5d2777ff6053a7607ae0668d3184
parent e3c282d672c0165940c71cde03b27b52aec392fa
Author: Duncaen <mail@duncano.de>
Date:   Sun, 19 Feb 2017 19:36:34 +0100

libpledge: add first tests

Diffstat:
.gitignore | 4++--
Makefile | 5++++-
tests/pledge/Makefile | 26++++++++++++++++++++++++++
tests/pledge/test_filter_conditions.c | 60++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 92 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore @@ -1,4 +1,4 @@ *.[ao] *.so -newns -pledge +./newns +./pledge diff --git a/Makefile b/Makefile @@ -33,6 +33,9 @@ options: @echo "LDFLAGS = ${LDFLAGS}" @echo "CC = ${CC}" +tests: + make -C tests/pledge + clean: -rm -f $(ALL) *.o @@ -47,4 +50,4 @@ install: all # install -m0644 libnewns.a libnewns.so $(DESTDIR)$(LIBDIR) # install -m0644 newns.h $(DESTDIR)$(INCDIR) -.PHONY: all options clean install +.PHONY: all options tests clean install diff --git a/tests/pledge/Makefile b/tests/pledge/Makefile @@ -0,0 +1,26 @@ +.error : This Makefile needs GNU make +include ../../config.mk +CFLAGS+=-I../../include + +SRCS=$(shell ls test_*.c) +TEST=${SRCS:.c=} + +all: options tests clean + +$(TEST) : % : %.o + +$(TEST): + $(CC) $^ -o $@ $(LDFLAGS) + +options: + @echo "CFLAGS = ${CFLAGS}" + @echo "LDFLAGS = ${LDFLAGS}" + @echo "CC = ${CC}" + +tests: $(TEST) + @for t in $<; do ./$$t || exit $$?; done + +clean: + -rm -f $(TEST) *.o + +.PHONY: all options tests clean diff --git a/tests/pledge/test_filter_conditions.c b/tests/pledge/test_filter_conditions.c @@ -0,0 +1,60 @@ +#include <stdint.h> +#include <stdio.h> + +#include "pledge.h" + +#define TEST(s, o, f, t, e) do { \ + oldflags = (o); flags = (f); \ + ((rv = (t)) == (e) ? pass++ : fail++); \ + printf("%s:%d: %-7s ", __FILE__, __LINE__, (s)); \ + printf("%d %s %d%s\n", (e), (rv == (e)) ? "==" : "!=", rv, (rv != (e)) ? " <<<<<" : ""); \ +} while(0) + + +int +main() +{ + uint64_t flags, oldflags; + int rv, fail, pass; + fail = pass = 0; + + TEST("chown", PLEDGE_CHOWNUID, 0LLU, _FILTER_CHOWN, 1); + TEST("chown", 0LLU, 0LLU, _FILTER_CHOWN, 1); + TEST("chown", PLEDGE_CHOWNUID, PLEDGE_CHOWNUID, _FILTER_CHOWN, 0); + TEST("chown", PLEDGED, 0LLU, _FILTER_CHOWN, 0); + TEST("chown", 0LLU, PLEDGE_CHOWNUID, _FILTER_CHOWN, 0); + + TEST("prctl", PLEDGE_PROC, 0LLU, _FILTER_PRCTL, 1); + TEST("prctl", PLEDGE_PROC, PLEDGE_PROC, _FILTER_PRCTL, 0); + TEST("prctl", 0LLU, 0LLU, _FILTER_PRCTL, 0); + + TEST("socket", PLEDGE_INET|PLEDGE_UNIX, PLEDGE_UNIX, _FILTER_SOCKET, 1); + TEST("socket", PLEDGE_INET|PLEDGE_UNIX, PLEDGE_INET, _FILTER_SOCKET, 1); + TEST("socket", 0LLU, PLEDGE_INET, _FILTER_SOCKET, 1); + TEST("socket", 0LLU, PLEDGE_UNIX|PLEDGE_INET, _FILTER_SOCKET, 0); + TEST("socket", PLEDGE_INET, PLEDGE_INET, _FILTER_SOCKET, 0); + TEST("socket", PLEDGE_UNIX, PLEDGE_UNIX, _FILTER_SOCKET, 0); + TEST("socket", PLEDGE_INET|PLEDGE_UNIX, PLEDGE_INET|PLEDGE_UNIX, _FILTER_SOCKET, 0); + TEST("socket", 0LLU, 0LLU, _FILTER_SOCKET, 0); + + TEST("kill", PLEDGE_PROC, 0LLU, _FILTER_KILL, 1); + TEST("kill", 0LLU, 0LLU, _FILTER_KILL, 1); + TEST("kill", PLEDGE_PROC, PLEDGE_PROC, _FILTER_KILL, 0); + TEST("kill", 0LLU, PLEDGE_PROC, _FILTER_KILL, 0); + + TEST("fcntl", 0LLU, 0LLU, _FILTER_FCNTL, 1); + TEST("fcntl", PLEDGE_PROC, 0LLU, _FILTER_FCNTL, 1); + TEST("fcntl", PLEDGE_PROC, PLEDGE_PROC, _FILTER_FCNTL, 0); + + TEST("fcntl", 0LLU, 0LLU, _FILTER_FCNTL, 1); + TEST("fcntl", PLEDGE_PROC, 0LLU, _FILTER_FCNTL, 1); + TEST("fcntl", PLEDGE_PROC, PLEDGE_PROC, _FILTER_FCNTL, 0); + + TEST("ioctl", 0LLU, 0LLU, _FILTER_IOCTL_ALWAYS, 1); + TEST("ioctl", 0LLU, PLEDGE_IOCTL, _FILTER_IOCTL_ALWAYS, 1); + TEST("ioctl", PLEDGE_IOCTL, PLEDGE_IOCTL, _FILTER_IOCTL_ALWAYS, 0); + + printf("failed=%d passed=%d\n", fail, pass); + + return (fail ? 1 : 0); +}