diff options
| -rw-r--r-- | src/test/test-seccomp.c | 62 |
1 files changed, 31 insertions, 31 deletions
diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c index b2ac392dac..37815af6a4 100644 --- a/src/test/test-seccomp.c +++ b/src/test/test-seccomp.c @@ -133,6 +133,36 @@ static void test_filter_sets(void) { } } +static void test_filter_sets_ordered(void) { + size_t i; + + /* Ensure "@default" always remains at the beginning of the list */ + assert_se(SYSCALL_FILTER_SET_DEFAULT == 0); + assert_se(streq(syscall_filter_sets[0].name, "@default")); + + for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) { + const char *k, *p = NULL; + + /* Make sure each group has a description */ + assert_se(!isempty(syscall_filter_sets[0].help)); + + /* Make sure the groups are ordered alphabetically, except for the first entry */ + assert_se(i < 2 || strcmp(syscall_filter_sets[i-1].name, syscall_filter_sets[i].name) < 0); + + NULSTR_FOREACH(k, syscall_filter_sets[i].value) { + + /* Ensure each syscall list is in itself ordered, but groups before names */ + assert_se(!p || + (*p == '@' && *k != '@') || + (((*p == '@' && *k == '@') || + (*p != '@' && *k != '@')) && + strcmp(p, k) < 0)); + + p = k; + } + } +} + static void test_restrict_namespace(void) { char *s = NULL; unsigned long ul; @@ -683,36 +713,6 @@ static void test_lock_personality(void) { assert_se(wait_for_terminate_and_check("lockpersonalityseccomp", pid, WAIT_LOG) == EXIT_SUCCESS); } -static void test_filter_sets_ordered(void) { - size_t i; - - /* Ensure "@default" always remains at the beginning of the list */ - assert_se(SYSCALL_FILTER_SET_DEFAULT == 0); - assert_se(streq(syscall_filter_sets[0].name, "@default")); - - for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) { - const char *k, *p = NULL; - - /* Make sure each group has a description */ - assert_se(!isempty(syscall_filter_sets[0].help)); - - /* Make sure the groups are ordered alphabetically, except for the first entry */ - assert_se(i < 2 || strcmp(syscall_filter_sets[i-1].name, syscall_filter_sets[i].name) < 0); - - NULSTR_FOREACH(k, syscall_filter_sets[i].value) { - - /* Ensure each syscall list is in itself ordered, but groups before names */ - assert_se(!p || - (*p == '@' && *k != '@') || - (((*p == '@' && *k == '@') || - (*p != '@' && *k != '@')) && - strcmp(p, k) < 0)); - - p = k; - } - } -} - int main(int argc, char *argv[]) { test_setup_logging(LOG_DEBUG); @@ -721,6 +721,7 @@ int main(int argc, char *argv[]) { test_architecture_table(); test_syscall_filter_set_find(); test_filter_sets(); + test_filter_sets_ordered(); test_restrict_namespace(); test_protect_sysctl(); test_restrict_address_families(); @@ -730,7 +731,6 @@ int main(int argc, char *argv[]) { test_restrict_archs(); test_load_syscall_filter_set_raw(); test_lock_personality(); - test_filter_sets_ordered(); return 0; } |