summaryrefslogtreecommitdiffstats
path: root/src/test/test-seccomp.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/test/test-seccomp.c')
-rw-r--r--src/test/test-seccomp.c62
1 files changed, 31 insertions, 31 deletions
diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c
index b2ac392dac..37815af6a4 100644
--- a/src/test/test-seccomp.c
+++ b/src/test/test-seccomp.c
@@ -133,6 +133,36 @@ static void test_filter_sets(void) {
}
}
+static void test_filter_sets_ordered(void) {
+ size_t i;
+
+ /* Ensure "@default" always remains at the beginning of the list */
+ assert_se(SYSCALL_FILTER_SET_DEFAULT == 0);
+ assert_se(streq(syscall_filter_sets[0].name, "@default"));
+
+ for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) {
+ const char *k, *p = NULL;
+
+ /* Make sure each group has a description */
+ assert_se(!isempty(syscall_filter_sets[0].help));
+
+ /* Make sure the groups are ordered alphabetically, except for the first entry */
+ assert_se(i < 2 || strcmp(syscall_filter_sets[i-1].name, syscall_filter_sets[i].name) < 0);
+
+ NULSTR_FOREACH(k, syscall_filter_sets[i].value) {
+
+ /* Ensure each syscall list is in itself ordered, but groups before names */
+ assert_se(!p ||
+ (*p == '@' && *k != '@') ||
+ (((*p == '@' && *k == '@') ||
+ (*p != '@' && *k != '@')) &&
+ strcmp(p, k) < 0));
+
+ p = k;
+ }
+ }
+}
+
static void test_restrict_namespace(void) {
char *s = NULL;
unsigned long ul;
@@ -683,36 +713,6 @@ static void test_lock_personality(void) {
assert_se(wait_for_terminate_and_check("lockpersonalityseccomp", pid, WAIT_LOG) == EXIT_SUCCESS);
}
-static void test_filter_sets_ordered(void) {
- size_t i;
-
- /* Ensure "@default" always remains at the beginning of the list */
- assert_se(SYSCALL_FILTER_SET_DEFAULT == 0);
- assert_se(streq(syscall_filter_sets[0].name, "@default"));
-
- for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) {
- const char *k, *p = NULL;
-
- /* Make sure each group has a description */
- assert_se(!isempty(syscall_filter_sets[0].help));
-
- /* Make sure the groups are ordered alphabetically, except for the first entry */
- assert_se(i < 2 || strcmp(syscall_filter_sets[i-1].name, syscall_filter_sets[i].name) < 0);
-
- NULSTR_FOREACH(k, syscall_filter_sets[i].value) {
-
- /* Ensure each syscall list is in itself ordered, but groups before names */
- assert_se(!p ||
- (*p == '@' && *k != '@') ||
- (((*p == '@' && *k == '@') ||
- (*p != '@' && *k != '@')) &&
- strcmp(p, k) < 0));
-
- p = k;
- }
- }
-}
-
int main(int argc, char *argv[]) {
test_setup_logging(LOG_DEBUG);
@@ -721,6 +721,7 @@ int main(int argc, char *argv[]) {
test_architecture_table();
test_syscall_filter_set_find();
test_filter_sets();
+ test_filter_sets_ordered();
test_restrict_namespace();
test_protect_sysctl();
test_restrict_address_families();
@@ -730,7 +731,6 @@ int main(int argc, char *argv[]) {
test_restrict_archs();
test_load_syscall_filter_set_raw();
test_lock_personality();
- test_filter_sets_ordered();
return 0;
}