test/harness: add more verbose error information

google · Feb 14, 2024 · 90171fa · 90171fa
1 parent a78f113
commit 90171fa
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 8 deletions.
diff --git a/test/basic.c b/test/basic.c
@@ -26,8 +26,9 @@
 #include "runner/harness.h"
 #include "runner/runner.h"
 
-static int empty(void* ctx) {
+static int empty(void* ctx, char* err) {
   ((void)ctx);
+  ((void)err);
   return 0;
 }
 

diff --git a/test/includes.c b/test/includes.c
@@ -24,8 +24,9 @@
 #include "runner/harness.h"
 #include "runner/runner.h"
 
-static int empty(void* ctx) {
+static int empty(void* ctx, char* err) {
   ((void)ctx);
+  ((void)err);
   return 0;
 }
 

diff --git a/test/runner/harness.c b/test/runner/harness.c
@@ -27,6 +27,8 @@
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
 #include <sys/prctl.h>
 #include <sys/signalfd.h>
 #include <sys/types.h>
@@ -47,6 +49,8 @@
     return -1;                                  \
   } while (0)
 
+#define KAFEL_HARNESS_ERROR_BUF_SIZE 4096
+
 static struct sock_fprog test_policy_prog = {0, NULL};
 static bool test_policy_compilation_flag;
 static int test_syscalls_mode =
@@ -109,18 +113,28 @@ int test_policy_enforcment(test_func_t test_func, void* data,
   sigemptyset(&sigchld_set);
   sigaddset(&sigchld_set, SIGCHLD);
   sigprocmask(SIG_BLOCK, &sigchld_set, &orig_set);
+  // Allocate a shared buffer to pass back error info.
+  char* err_buf =
+      mmap(NULL, KAFEL_HARNESS_ERROR_BUF_SIZE, PROT_READ | PROT_WRITE,
+           MAP_SHARED | MAP_ANONYMOUS, -1, 0);
+  err_buf[0] = '\0';
+  if (err_buf == MAP_FAILED) {
+    TEST_FAIL("could not mmap error buf");
+  }
   pid_t pid = fork();
   if (pid == -1) {
     sigprocmask(SIG_SETMASK, &orig_set, NULL);
+    munmap(err_buf, KAFEL_HARNESS_ERROR_BUF_SIZE);
     TEST_FAIL("could not fork");
   } else if (pid == 0) {
     install_seccomp_prog(&test_policy_prog);
-    sys_exit(test_func(data));
+    sys_exit(test_func(data, err_buf));
   }
   int sigchld_fd = signalfd(-1, &sigchld_set, 0);
   if (sigchld_fd < 0) {
     kill_and_wait(pid);
     sigprocmask(SIG_SETMASK, &orig_set, NULL);
+    munmap(err_buf, KAFEL_HARNESS_ERROR_BUF_SIZE);
     TEST_FAIL("signalfd failed");
   }
   fd_set rfds;
@@ -135,6 +149,7 @@ int test_policy_enforcment(test_func_t test_func, void* data,
       close(sigchld_fd);
       kill_and_wait(pid);
       sigprocmask(SIG_SETMASK, &orig_set, NULL);
+      munmap(err_buf, KAFEL_HARNESS_ERROR_BUF_SIZE);
       TEST_FAIL("select failed");
     }
     rv = select(sigchld_fd + 1, &rfds, NULL, NULL, &timeout);
@@ -143,6 +158,7 @@ int test_policy_enforcment(test_func_t test_func, void* data,
   if (rv == 0) {
     kill_and_wait(pid);
     sigprocmask(SIG_SETMASK, &orig_set, NULL);
+    munmap(err_buf, KAFEL_HARNESS_ERROR_BUF_SIZE);
     TEST_FAIL("timed out");
   }
   sigprocmask(SIG_SETMASK, &orig_set, NULL);
@@ -151,17 +167,21 @@ int test_policy_enforcment(test_func_t test_func, void* data,
   rv = waitid(P_PID, pid, &si, WEXITED | WNOHANG);
   if (rv != 0 || si.si_pid != pid) {
     kill_and_wait(pid);
+    munmap(err_buf, KAFEL_HARNESS_ERROR_BUF_SIZE);
     TEST_FAIL("waitid failed %d %d %d %d", rv, errno, si.si_pid, pid);
   }
+  char err_copy[KAFEL_HARNESS_ERROR_BUF_SIZE];
+  memcpy(err_copy, err_buf, KAFEL_HARNESS_ERROR_BUF_SIZE);
+  munmap(err_buf, KAFEL_HARNESS_ERROR_BUF_SIZE);
   bool signaled = si.si_code == CLD_KILLED || si.si_code == CLD_DUMPED;
   if (si.si_code == CLD_EXITED) {
     if (si.si_status != 0) {
       if (should_kill) {
         TEST_FAIL(
-            "should be killed by seccomp; non-zero (%d) exit code instead",
-            si.si_status);
+            "should be killed by seccomp; non-zero (%d) exit code instead: %s",
+            si.si_status, err_copy);
       }
-      TEST_FAIL("non-zero (%d) exit code", si.si_status);
+      TEST_FAIL("non-zero (%d) exit code: %s", si.si_status, err_copy);
     }
     if (should_kill) {
       TEST_FAIL("should be killed by seccomp; exited normally instead");
@@ -223,7 +243,7 @@ int test_policy_enforcement_syscalls_interpret(
   TEST_PASSED();
 }
 
-static int syscall_caller_helper(void* data) {
+static int syscall_caller_helper(void* data, char* err) {
   int syscall_no = 0;
   for (const syscall_exec_spec_t* syscall_spec =
            (const syscall_exec_spec_t*)data;
@@ -239,6 +259,11 @@ static int syscall_caller_helper(void* data) {
     errno = 0;
     long ret = syscall(nr, arg[0], arg[1], arg[2], arg[3], arg[4], arg[5]);
     if (ret != expected || errno != expected_errno) {
+      int errno_copy = errno;
+      snprintf(err, KAFEL_HARNESS_ERROR_BUF_SIZE,
+               "%ld(%ld, %ld, %ld, %ld, %ld, %ld): %ld != %ld OR %d != %ld", nr,
+               arg[0], arg[1], arg[2], arg[3], arg[4], arg[5], ret, expected,
+               errno_copy, expected_errno);
       return syscall_no;
     }
   }

diff --git a/test/runner/harness.h b/test/runner/harness.h
@@ -43,7 +43,7 @@
 #error "Unsupported architecture"
 #endif
 
-typedef int (*test_func_t)(void*);
+typedef int (*test_func_t)(void*, char*);
 
 typedef struct {
   uint32_t seccomp_ret;