gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/pkg/seccomp/precompiledseccomp/example/usage/usage_test.go (about) 1 // Copyright 2023 The gVisor Authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package usage 16 17 import ( 18 "math/rand" 19 "reflect" 20 "slices" 21 "testing" 22 23 "gvisor.dev/gvisor/pkg/bpf" 24 "gvisor.dev/gvisor/pkg/seccomp" 25 "gvisor.dev/gvisor/pkg/seccomp/precompiledseccomp" 26 "gvisor.dev/gvisor/pkg/seccomp/precompiledseccomp/example" 27 ) 28 29 // comparePrograms verifies that the precompiled and freshly-compiled programs 30 // match byte-for-byte. If not, it prints them side-by-side. 31 func comparePrograms(t *testing.T, precompiled, freshlyCompiled []bpf.Instruction) { 32 t.Helper() 33 if !slices.Equal(precompiled, freshlyCompiled) { 34 t.Error("Precompiled and freshly-compiled versions of the program do not match:") 35 t.Errorf(" Offset | %-32s | %-32s", "Freshly-compiled", "Compiled") 36 for i := 0; i < max(len(precompiled), len(freshlyCompiled)); i++ { 37 switch { 38 case i < len(precompiled) && i < len(freshlyCompiled): 39 if reflect.DeepEqual(precompiled[i], freshlyCompiled[i]) { 40 t.Errorf(" OK %04d | %-32s | %-32s", i, freshlyCompiled[i].String(), precompiled[i].String()) 41 } else { 42 t.Errorf(" DIFF %04d | %-32s | %-32s", i, freshlyCompiled[i].String(), precompiled[i].String()) 43 } 44 case i < len(precompiled): 45 t.Errorf(" DIFF %04d | %-32s | %-32s", i, "(end)", precompiled[i].String()) 46 case i < len(freshlyCompiled): 47 t.Errorf(" DIFF %04d | %-32s | %-32s", i, freshlyCompiled[i].String(), "(end)") 48 } 49 } 50 } 51 } 52 53 // TestProgram1 verifies that the precompiled version of the Program1 program 54 // matches a freshly-compiled version byte-for-byte. 55 func TestProgram1(t *testing.T) { 56 fd1 := rand.Uint32() 57 fd2 := fd1 + 1 58 precompiled := LoadProgram1(fd1, fd2) 59 prog := example.Program1(precompiledseccomp.Values{ 60 example.FD1: fd1, 61 example.FD2: fd2, 62 }) 63 freshlyCompiled, _, err := seccomp.BuildProgram(prog.Rules, prog.SeccompOptions) 64 if err != nil { 65 t.Fatalf("cannot freshly compile the program: %v", err) 66 } 67 comparePrograms(t, precompiled, freshlyCompiled) 68 } 69 70 // TestProgram2 verifies that the precompiled version of the Program2 program 71 // matches a freshly-compiled version byte-for-byte. 72 func TestProgram2(t *testing.T) { 73 fd1 := rand.Uint32() 74 fd2 := fd1 + 1 75 precompiled := LoadProgram2(fd1, fd2) 76 prog := example.Program2(precompiledseccomp.Values{ 77 example.FD1: fd1, 78 example.FD2: fd2, 79 }) 80 freshlyCompiled, _, err := seccomp.BuildProgram(prog.Rules, prog.SeccompOptions) 81 if err != nil { 82 t.Fatalf("cannot freshly compile the program: %v", err) 83 } 84 comparePrograms(t, precompiled, freshlyCompiled) 85 } 86 87 // TestNonExistentProgram verifies that invalid program names don't exist. 88 func TestNonExistentProgram(t *testing.T) { 89 const nonExistentProgram = "this program name does not exist" 90 got, found := GetPrecompiled(nonExistentProgram) 91 if found { 92 t.Fatalf("unexpectedly found program named %q: %v", nonExistentProgram, got) 93 } 94 }