tests: change test 55 to use syscall names rather than numbers

Previously test 55, basic-pfc_binary_tree, used syscall numbers to
build a large binary tree.  This is problematic on architectures
that have sparsely populated syscall numbers.

This commit modifies the test to use syscall names to build up a
realistic binary tree that should work on all architectures.

Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

tests/55-basic-pfc_binary_tree.c

@@ -1,7 +1,7 @@
 /**
  * Seccomp Library test program
  *
- * Copyright (c) 2018 Oracle and/or its affiliates.  All rights reserved.
+ * Copyright (c) 2018-2020 Oracle and/or its affiliates.
  * Author: Tom Hromatka <tom.hromatka@oracle.com>
  */
 
@@ -29,9 +29,42 @@
 
 #include "util.h"
 
-#define MAX_SYSCALL		(330)
+#define ARG_COUNT_MAX 2
 
-#include <stdio.h>
+struct syscall_errno {
+	int syscall;
+	int error;
+	int arg_cnt;
+	/* To make the test more interesting, arguments are added to several
+	 * syscalls.  To keep the test simple, the arguments always use
+	 * SCMP_CMP_EQ.
+	 */
+	int args[ARG_COUNT_MAX];
+};
+
+struct syscall_errno table[] = {
+	{ SCMP_SYS(read), 0, 2, { 100, 101 } },
+	{ SCMP_SYS(write), 1, 1, { 102, 0 } },
+	{ SCMP_SYS(open), 2, 0, { 0, 0 } },
+	{ SCMP_SYS(close), 3, 0, { 0, 0 } },
+	{ SCMP_SYS(stat), 4, 0, { 0, 0 } },
+	{ SCMP_SYS(fstat), 5, 1, { 103, 0 } },
+	{ SCMP_SYS(lstat), 6, 0, { 0, 0 } },
+	{ SCMP_SYS(poll), 7, 0, { 0, 0 } },
+	{ SCMP_SYS(lseek), 8, 1, { 104, 0 } },
+	{ SCMP_SYS(mmap), 9, 0, { 0, 0 } },
+	{ SCMP_SYS(mprotect), 10, 1, { 105, 0 } },
+	{ SCMP_SYS(munmap), 11, 0, { 0, 0 } },
+	{ SCMP_SYS(brk), 12, 0, { 0, 0 } },
+	{ SCMP_SYS(rt_sigaction), 13, 0, { 0, 0 } },
+	{ SCMP_SYS(rt_sigprocmask), 14, 0, { 0, 0 } },
+	{ SCMP_SYS(rt_sigreturn), 15, 0, { 0, 0 } },
+	{ SCMP_SYS(ioctl), 16, 0, { 0, 0 } },
+	{ SCMP_SYS(pread64), 17, 1, { 106, 0 } },
+	{ SCMP_SYS(pwrite64), 18, 2, { 107, 108 } },
+};
+
+const int table_size = sizeof(table) / sizeof(table[0]);
 
 int main(int argc, char *argv[])
 {
@@ -51,31 +84,41 @@ int main(int argc, char *argv[])
 	if (rc < 0)
 		goto out;
 	rc = seccomp_arch_add(ctx, SCMP_ARCH_X86_64);
+	if (rc < 0)
+		goto out;
+	rc = seccomp_arch_add(ctx, SCMP_ARCH_AARCH64);
 	if (rc < 0)
 		goto out;
 	rc = seccomp_attr_set(ctx, SCMP_FLTATR_CTL_OPTIMIZE, 2);
 	if (rc < 0)
 		goto out;
 
-	/* NOTE: this test is entirely fabricated and should not be
-	 * 	 replicated in the real world.
-	 *
-	 *	 The MAX_SYSCALL number (330) was chosen to force seccomp to
-	 *	 build an unbalanced binary tree - and it happens to be less
-	 *	 than the current syscall max.  The syscall numbers are
-	 *	 hardcoded to simplify the test.  A few syscalls have
-	 *	 argument chains to further complicate the filter.
-	 */
+	for (i = 0; i < table_size; i++) {
+		switch (table[i].arg_cnt) {
+		case 2:
+			rc = seccomp_rule_add(ctx,
+					      SCMP_ACT_ERRNO(table[i].error),
+					      table[i].syscall, 2,
+					      SCMP_A0(SCMP_CMP_EQ,
+						      table[i].args[0]),
+					      SCMP_A1(SCMP_CMP_EQ,
+						      table[i].args[1]));
+			break;
+		case 1:
+			rc = seccomp_rule_add(ctx,
+					      SCMP_ACT_ERRNO(table[i].error),
+					      table[i].syscall, 1,
+					      SCMP_A0(SCMP_CMP_EQ,
+						      table[i].args[0]));
+			break;
+		case 0:
+		default:
+			rc = seccomp_rule_add(ctx,
+					      SCMP_ACT_ERRNO(table[i].error),
+					      table[i].syscall, 0);
+			break;
+		}
 
-	for (i = 0; i < MAX_SYSCALL; i++) {
-		/* arbitrarily make the filter more complex by filtering
-		 * on arguments for a few syscalls
-		 */
-		if (i == 10 || i == 53 || i == 61 || i == 255)
-			rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(i), i, 1,
-					      SCMP_A0(SCMP_CMP_EQ, i));
-		else
-			rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(i), i, 0);
 		if (rc < 0)
 			goto out;
 	}