mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5a2f693f07
qemu/tests/unit
History
Daniel P. Berrangé 5a2f693f07 seccomp: fix blocking of process spawning 
When '-sandbox on,spawn=deny' is given, we are supposed to block the
ability to spawn processes. We naively blocked the 'fork' syscall,
forgetting that any modern libc will use the 'clone' syscall instead.

We can't simply block the 'clone' syscall though, as that will break
thread creation. We thus list the set of flags used to create threads
and block anything that doesn't match this exactly.

Acked-by: Eduardo Otubo <otubo@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-02-16 18:52:40 +00:00
..
check-block-qdict.c
check-qdict.c
check-qjson.c
check-qlist.c
check-qlit.c
check-qnull.c
check-qnum.c
check-qobject.c
check-qom-interface.c
check-qom-proplist.c qapi: Improve input_type_enum()'s error message 2021-10-27 17:17:28 +02:00
check-qstring.c
crypto-tls-psk-helpers.c tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
crypto-tls-psk-helpers.h tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
crypto-tls-x509-helpers.c tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
crypto-tls-x509-helpers.h tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
io-channel-helpers.c
io-channel-helpers.h
iothread.c async: the main AioContext is only "current" if under the BQL 2021-06-18 10:59:52 -05:00
iothread.h
meson.build seccomp: add unit test for seccomp filtering 2022-02-16 18:52:40 +00:00
pkix_asn1_tab.c tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
ptimer-test-stubs.c util/async: add a human-readable name to BHs for debugging 2021-07-05 11:40:32 +01:00
ptimer-test.c
ptimer-test.h
rcutorture.c
socket-helpers.c
socket-helpers.h
test-aio-multithread.c
test-aio.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
test-authz-list.c
test-authz-listfile.c
test-authz-pam.c
test-authz-simple.c
test-base64.c
test-bdrv-drain.c test-bdrv-drain: don't use BlockJob.blk 2021-12-28 15:18:56 +01:00
test-bdrv-graph-mod.c block: move supports_backing check to bdrv_set_file_or_backing_noperm() 2021-06-29 16:51:00 +02:00
test-bitcnt.c
test-bitmap.c
test-bitops.c
test-block-backend.c
test-block-iothread.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
test-blockjob-txn.c test-blockjob-txn: don't abuse job->blk 2021-12-28 15:18:52 +01:00
test-blockjob.c job: @force parameter for job_cancel_sync() 2021-10-07 10:42:09 +02:00
test-bufferiszero.c
test-char.c char: Deprecate backend aliases 'tty' and 'parport' 2021-03-19 10:18:06 +01:00
test-clone-visitor.c test-clone-visitor: Correct an accidental rename 2021-09-27 08:23:25 +02:00
test-coroutine.c test-coroutine: Add rwlock downgrade test 2021-03-31 10:44:21 +01:00
test-crypto-afsplit.c
test-crypto-block.c
test-crypto-cipher.c crypto: replace 'des-rfb' cipher with 'des' 2021-07-14 14:15:52 +01:00
test-crypto-hash.c crypto: use &error_fatal in crypto tests 2021-07-14 14:15:52 +01:00
test-crypto-hmac.c crypto: use &error_fatal in crypto tests 2021-07-14 14:15:52 +01:00
test-crypto-ivgen.c crypto: skip essiv ivgen tests if AES+ECB isn't available 2021-07-14 14:15:52 +01:00
test-crypto-pbkdf.c crypto: remove obsolete crypto test condition 2021-07-14 14:15:52 +01:00
test-crypto-secret.c
test-crypto-tlscredsx509.c tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
test-crypto-tlssession.c tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
test-crypto-xts.c
test-cutils.c utils: Work around mingw strto*l bug with 0x 2021-03-24 14:25:41 +00:00
test-div128.c host-utils: add unit tests for divu128/divs128 2021-10-27 17:10:00 -07:00
test-fdmon-epoll.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
test-forward-visitor.c qapi: introduce forwarding visitor 2021-07-23 18:17:17 +02:00
test-hbitmap.c
test-image-locking.c
test-int128.c
test-io-channel-buffer.c
test-io-channel-command.c
test-io-channel-file.c
test-io-channel-socket.c
test-io-channel-tls.c tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT 2021-06-25 10:53:46 +02:00
test-io-task.c
test-iov.c tests/unit: Remove unused variable from test_io 2021-07-26 07:07:28 -10:00
test-keyval.c keyval: introduce keyval_merge 2021-07-06 08:33:51 +02:00
test-logging.c
test-mul64.c
test-opts-visitor.c
test-qapi-util.c
test-qdev-global-props.c
test-qdist.c
test-qemu-opts.c qemu-option: remove now-dead code 2021-07-06 08:33:51 +02:00
test-qga.c
test-qgraph.c tests: Remove uses of deprecated raspi2/raspi3 machine names 2021-09-01 11:08:15 +01:00
test-qht.c
test-qmp-cmds.c tests/qapi-schema: Drop simple union __org.qemu_x-Union1 2021-09-27 08:23:25 +02:00
test-qmp-event.c qapi: Enforce event naming rules 2021-03-23 22:31:05 +01:00
test-qobject-input-visitor.c test-qobject-input-visitor: Wean off UserDefListUnion 2021-09-27 08:23:25 +02:00
test-qobject-output-visitor.c test-qobject-output-visitor: Wean off UserDefListUnion 2021-09-27 08:23:25 +02:00
test-rcu-list.c
test-rcu-simpleq.c
test-rcu-slist.c
test-rcu-tailq.c
test-replication.c replication: move include out of root directory 2021-05-26 14:49:46 +02:00
test-seccomp.c seccomp: fix blocking of process spawning 2022-02-16 18:52:40 +00:00
test-shift128.c
test-smp-parse.c tests/unit/test-smp-parse: Keep default MIN/MAX CPUs in machine_base_class_init 2021-12-31 13:42:48 +01:00
test-string-input-visitor.c
test-string-output-visitor.c
test-thread-pool.c
test-throttle.c
test-timed-average.c
test-util-filemonitor.c
test-util-sockets.c tests/unit/test-util-sockets: Use g_file_open_tmp() to create temp file 2022-01-05 11:10:13 +01:00
test-uuid.c
test-visitor-serialization.c
test-vmstate.c tests/unit/test-vmstate: Assert that dup() and mkstemp() succeed 2021-06-03 16:43:27 +01:00
test-write-threshold.c write-threshold: deal with includes 2021-05-14 16:14:10 +02:00
test-x86-cpuid.c
test-xbzrle.c
test-yank.c qapi: Convert simple union SocketAddressLegacy to flat one 2021-09-27 08:23:25 +02:00