On Wed, Nov 9, 2016 at 4:16 AM, Jay Guo <[email protected]> wrote: > Thanks! > > I'm looking for a handy syscall to test if my code handles seccomp rules > with arguments correctly, e.g. a syscall gets blocked with arg A, and > permitted with arg B. I thought of `nanosleep` (because of cmd `sleep` in > linux coreutils), but it turns out that `nanosleep` takes pointer arg, which > is not examined against seccomp filter. > > Any suggestion?
I would suggest looking at the "live" tests for examples, tests/24-live-arg_allow.c specifically tests syscall argument filtering. > On Tue, Nov 8, 2016 at 11:16 PM, Paul Moore <[email protected]> wrote: >> >> On Mon, Nov 7, 2016 at 11:42 PM, Jay Guo <[email protected]> wrote: >> > Hi, just want to make sure I understand this correctly, `datum_b` in >> > `scmp_arg_cmp` is used IFF op is `SCMP_CMP_MASKED_EQ`, right? >> >> Yes, that's correct. There is always the possibility of using it for >> future operators, but right now it is only used with >> SCMP_CMP_MASKED_EQ. -- paul moore www.paul-moore.com -- You received this message because you are subscribed to the Google Groups "libseccomp" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/d/optout.
