1#!/usr/bin/env bats
2
3load helpers
4
5function setup() {
6 if [[ "$KERNEL_MAJOR" -gt 5 || ("$KERNEL_MAJOR" -eq 5 && "$KERNEL_MINOR" -ge 6) ]]; then
7 skip "requires kernel less than 5.6"
8 fi
9
10 requires arch_x86_64
11
12 setup_seccompagent
13 setup_busybox
14}
15
16function teardown() {
17 teardown_seccompagent
18 teardown_bundle
19}
20
21# Support for seccomp notify requires Linux > 5.6, check that on older kernels
22# return an error.
23@test "runc run [seccomp] (SCMP_ACT_NOTIFY old kernel)" {
24 # Use just any seccomp profile with a notify action.
25 update_config ' .linux.seccomp = {
26 "defaultAction": "SCMP_ACT_ALLOW",
27 "listenerPath": "'"$SECCCOMP_AGENT_SOCKET"'",
28 "architectures": [ "SCMP_ARCH_X86","SCMP_ARCH_X32", "SCMP_ARCH_X86_64" ],
29 "syscalls": [{ "names": [ "mkdir" ], "action": "SCMP_ACT_NOTIFY" }]
30 }'
31
32 runc run test_busybox
33 [ "$status" -ne 0 ]
34 [[ "$output" == *"seccomp notify unsupported:"* ]]
35}
View as plain text