else:
raise TypeError("Syscall must either be an int or str type")
+def get_api():
+ """ Query the level of API support
+
+ Description:
+ Returns the API level value indicating the current supported
+ functionality.
+ """
+ level = libseccomp.seccomp_api_get()
+ if level < 0:
+ raise RuntimeError(str.format("Library error (errno = {0})", level))
+
+ return level
+
+def set_api(unsigned int level):
+ """ Set the level of API support
+
+ Arguments:
+ level - the API level
+
+ Description:
+ This function forcibly sets the API level at runtime. General use
+ of this function is strongly discouraged.
+ """
+ rc = libseccomp.seccomp_api_set(level)
+ if rc == -errno.EINVAL:
+ raise ValueError("Invalid level")
+ elif rc != 0:
+ raise RuntimeError(str.format("Library error (errno = {0})", rc))
+
cdef class Arch:
""" Python object representing the SyscallFilter architecture values.
# Seccomp Library test program
#
# Copyright (c) 2016 Red Hat <pmoore@redhat.com>
-# Author: Paul Moore <paul@paul-moore.com>
+# Copyright (c) 2017 Canonical Ltd.
+# Authors: Paul Moore <paul@paul-moore.com>
+# Tyler Hicks <tyhicks@canonical.com>
#
#
from seccomp import *
-# NOTE: this is a NULL test since we don't support the seccomp_version() API
-# via the libseccomp python bindings
+def test():
+ api = get_api()
+ if (api < 1):
+ raise RuntimeError("Failed getting initial API level")
+
+ set_api(1)
+ api = get_api()
+ if api != 1:
+ raise RuntimeError("Failed getting API level 1")
+
+ set_api(2)
+ api = get_api()
+ if api != 2:
+ raise RuntimeError("Failed getting API level 2")
+
+ # Attempt to set a high, invalid API level
+ try:
+ set_api(1024)
+ except ValueError:
+ pass
+ else:
+ raise RuntimeError("Missing failure when setting invalid API level")
+ # Ensure that the previously set API level didn't change
+ api = get_api()
+ if api != 2:
+ raise RuntimeError("Failed getting old API level after setting an invalid API level")
+
+test()
# kate: syntax python;
# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;