From: Paul Moore <paul@paul-moore.com>
Date: Thu, 5 Sep 2024 21:29:13 +0000 (-0400)
Subject: [PATCH] tests: only use bogus syscall numbers in test 29
X-Git-Tag: archive/raspbian/2.5.5-2+rpi1^2~4
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=64fdc7a8eef9d9c4424df7b5423b0b4c928189db;p=libseccomp.git

[PATCH] tests: only use bogus syscall numbers in test 29

The goal of test 29 is to test bogus negative syscall numbers,
unfortunately it appears our choice of syscalls was not bogus on all
the architectures we support.  This commit fixes that by picking a
syscall number well outside the pseudo-syscall/PNR range and removing
the sysmips(2) syscall from the test so as to not cause problems
at a later date.

Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>

Gbp-Pq: Name tests_only_use_bogus_syscall_numbers_in_test_29.patch
---

diff --git a/tests/29-sim-pseudo_syscall.c b/tests/29-sim-pseudo_syscall.c
index 86734a8..3c3405a 100644
--- a/tests/29-sim-pseudo_syscall.c
+++ b/tests/29-sim-pseudo_syscall.c
@@ -49,15 +49,8 @@ int main(int argc, char *argv[])
 	if (rc < 0)
 		goto out;
 
-	/* SCMP_SYS(sysmips) == 4294957190 (unsigned) */
-	rc = seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(sysmips), 0);
-	if (rc < 0)
-		goto out;
-	rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, SCMP_SYS(sysmips), 0);
-	if (rc == 0)
-		goto out;
-	/* -10001 == 4294957295 (unsigned) */
-	rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, -10001, 0);
+	/* -100001 == 4294867295 (unsigned) */
+	rc = seccomp_rule_add_exact(ctx, SCMP_ACT_KILL, -100001, 0);
 	if (rc == 0)
 		goto out;
 
diff --git a/tests/29-sim-pseudo_syscall.py b/tests/29-sim-pseudo_syscall.py
index d7ab33b..74ffc61 100755
--- a/tests/29-sim-pseudo_syscall.py
+++ b/tests/29-sim-pseudo_syscall.py
@@ -32,13 +32,8 @@ def test(args):
     f = SyscallFilter(ALLOW)
     f.remove_arch(Arch())
     f.add_arch(Arch("x86"))
-    f.add_rule(KILL, "sysmips")
     try:
-        f.add_rule_exactly(KILL, "sysmips")
-    except RuntimeError:
-        pass
-    try:
-        f.add_rule_exactly(KILL, -10001)
+        f.add_rule_exactly(KILL, -100001)
     except RuntimeError:
         pass
     return f
diff --git a/tests/29-sim-pseudo_syscall.tests b/tests/29-sim-pseudo_syscall.tests
index 45f8dce..779761e 100644
--- a/tests/29-sim-pseudo_syscall.tests
+++ b/tests/29-sim-pseudo_syscall.tests
@@ -9,8 +9,7 @@ test type: bpf-sim
 
 # Testname		Arch	Syscall		Arg0	Arg1	Arg2	Arg3	Arg4	Arg5	Result
 29-sim-pseudo_syscall	+x86	0-10		N	N	N	N	N	N	ALLOW
-29-sim-pseudo_syscall	+x86	4294957190	N	N	N	N	N	N	ALLOW
-29-sim-pseudo_syscall	+x86	4294957295	N	N	N	N	N	N	ALLOW
+29-sim-pseudo_syscall	+x86	4294867295	N	N	N	N	N	N	ALLOW
 
 test type: bpf-valgrind