Created
September 20, 2017 00:29
-
-
Save glevand/4625adcef2c5d25c457eb308f76e5148 to your computer and use it in GitHub Desktop.
Test for valid seccomp syscall names
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <assert.h> | |
| #include <seccomp.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| static int _check(scmp_filter_ctx ctx, const char *name, int number) | |
| { | |
| int rc = seccomp_rule_add_exact(ctx, SCMP_ACT_ALLOW, number, 0); | |
| if (!rc) { | |
| printf("%s: OK\n", name); | |
| return 0; | |
| } | |
| printf("%s: failed (%d) '%s'\n", name, -rc, strerror(-rc)); | |
| return 1; | |
| } | |
| #define check(_ctx, _name) _check(_ctx, #_name, SCMP_SYS(_name)) | |
| int main(int argc, char *argv[]) | |
| { | |
| int rc; | |
| int result; | |
| scmp_filter_ctx ctx; | |
| ctx = seccomp_init(SCMP_ACT_KILL); | |
| assert(ctx); | |
| result = 0; | |
| result += check(ctx, stat); | |
| result += check(ctx, fstat); | |
| result += check(ctx, newfstatat); | |
| seccomp_release(ctx); | |
| return result; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment