On 06/16/2015 12:38 PM, Kees Cook wrote: > On Fri, Jun 12, 2015 at 04:01:39PM -0500, Jamie Strandboge wrote: >> In Ubuntu, the attached patch was applied to achieve the following: >> >> - add autopkgtests >> >> Thanks for considering the patch. > > Hi! > > It seems like these tests are a combination of things that test the > packaging and things that test functionality. I think the functional tests > should be added to upstream, and the packaging tests should be simplified, > if possible. > > Or, alternatively, I don't understand what this is testing. :) Can > you explain what's happening here? It looks very arch-specific (lists > of syscalls), and environment-ignoring: it just calls gcc directly -- > is that how autopkgtests should be doing builds? >
The scmp_sys_resolver test was because the segfault on unknown syscalls wasn't caught by the existing tests. If that is better in the upstream testsuite, that's fine-- I just wanted to know if this regressed since we were distro-patching the fix. The other is to have something that tests the actual binaries in a way that is similar to how Ubuntu is using libseccomp in snappy in the ubuntu-core-launcher, but without all the extra stuff that the actual ubuntu-core-launcher does. In our launcher implementation we use a whitelist and ignore if the syscall itself isn't recognized by the kernel, so it doesn't matter if say, set_tls is used with x86_64. I also wanted to test various scenarios: - all-3.19.filter: make sure that nothing is accidentally dropped - getrandom.filter: a new syscall that we distro-patched in 2.1 didn't get dropped, but also tests syscall(SYS_...) which I thought was interesting - getrandom.fail_filter - an expected failure test - safe.filter: pretty much the default whitelist in Ubuntu's whitelist - open.fail_filter: an expected failure test without using syscall(SYS_...) - unrestricted.filter: an Ubuntu-specific test Of these, unrestricted.filter can go for sure now that I think about it. If all-3.19.filter is there, then safe.filter could go too if you preferred. Or if you'd prefer to drop all-3.19.filter and leave safe.filter, that seems fine too. I think the others are still worthwhile and general enough for how others are using libseccomp. I'm not aware of autopkgtests that use gcc OTOH, however, the Depends should be set correctly in debian/tests/control to account for this and it works fine in Ubuntu's proposed-migration setup. -- Jamie Strandboge | http://www.ubuntu.com
signature.asc
Description: OpenPGP digital signature