seccomp: mmap test results depend on kernel/libseccomp/glibc

Like with shmat already the actual results of the test
test_memory_deny_write_execute_mmap depend on kernel/libseccomp/glibc
of the platform it is running on.

There are known-good platforms, but on the others do not assert success
(which implies test has actually failed as no seccomp blocking was achieved),
but instead make the check dependent to the success of the mmap call
on that platforms.

Finally the assert of the munmap on that valid pointer should return ==0,
so that is what the check should be for in case of p != MAP_FAILED.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>

diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c
index 7323e79f7ba9e6d46fba1f8291285a69e9ba3ba3..69b1c788aa5974bcdc9606eb90e228e22f800590 100644 (file)
--- a/src/test/test-seccomp.c
+++ b/src/test/test-seccomp.c
@@ -535,10 +535,11 @@ static void test_memory_deny_write_execute_mmap(void) {
 #if defined(__x86_64__) || defined(__i386__) || defined(__powerpc64__) || defined(__arm__) || defined(__aarch64__)
                 assert_se(p == MAP_FAILED);
                 assert_se(errno == EPERM);
-#else /* unknown architectures */
-                assert_se(p != MAP_FAILED);
-                assert_se(munmap(p, page_size()) >= 0);
 #endif
+                /* Depending on kernel, libseccomp, and glibc versions, other architectures
+                 * might fail or not. Let's not assert success. */
+                if (p != MAP_FAILED)
+                        assert_se(munmap(p, page_size()) == 0);
 
                 p = mmap(NULL, page_size(), PROT_WRITE|PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1,0);
                 assert_se(p != MAP_FAILED);