Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
all: add seccomp userspace notification API to libseccomp-golang
This commit adds the seccomp userspace notification API present in version >= 2.5.0 of the libseccomp library. This API allows userspace to get a notification when a filter configured with a notification action triggers. The trigger suspends processing of the syscall until the notification is delivered to userspace and acknowledged back. To support the implementation, the following changes were necessary: - Added package init function to ensure libseccomp is properly initialized. It calls GetApi() in order to initialize the cgo libseccomp API level. This is necessary in order for libseccomp to properly handle other libseccomp APIs. - Fix errors reported by go vet such as "can't check non-constant format in call to Sprintf" This patch includes updated test updates for the new feature: - The Travis CI pipeline was previously running the tests on libseccomp from Ubuntu Bionic. This patch adds a matrix to test on various libseccomp versions (2.2.1, 2.4.4, 2.5.0). This is to check we don't break compatibility with older versions and return errors appropriately when running on an old version without seccomp notify support. This is necessary for downstream projects like runc that keeps support for CentOS 7. This uses PKG_CONFIG_PATH and LD_LIBRARY_PATH to compile and run the tests with different versions of libseccomp installed in a prefix. This also splits 'make check' into two separate 'make' commands, so that the tests run even if the vet fails. - Introduce execInSubprocess to run each test in a new process. This is because the kernel does not allow to remove a seccomp filters from a process, so a process cannot be reused for a subsequent test. Logs from subprocesses are read from the parent process and printed with the appropriate indentation. - Fix seccomp TestLogAct. This test was written in such as way that once the filter was loaded, it blocked almost all system calls, thereby making disabling the filter impossible and sometimes causing the Go runtime to fail to allocate memory. This fix simplifies the test and fixes these isuses. - Test timeout is reduced to a reasonable limit to help detect freezes as explained in the Makefile. - The main test for seccomp notification mechanism: TestNotif The test works with a couple of goroutines. One goroutine configures a seccomp filter with the notification action and generates syscalls that trigger the action. The other goroutine acts as a notifcation handler, verifies that the notification received from the kernel is correct, and generates an appropriate response. - An additional test for seccomp notification when it is not supported: TestNotifUnsupported. This gets tested on older kernels or with older libseccomp. - Handle the case where libseccomp returns EINTR or ENOENT, as reported here: seccomp/libseccomp#302. This patch is based on initial work in PR 50 by: - Cesar Talledo <ctalledo@nestybox.com> - Rodny Molina <rmolina@nestybox.com> Co-authored-by: Rodrigo Campos <rodrigo@kinvolk.io> Signed-off-by: Alban Crequy <alban@kinvolk.io> Signed-off-by: Rodrigo Campos <rodrigo@kinvolk.io> Acked-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
- Loading branch information
Showing
5 changed files
with
732 additions
and
62 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.