diff options
Diffstat (limited to 'integrationtests')
| -rw-r--r-- | integrationtests/flock_test.go | 22 | ||||
| -rw-r--r-- | integrationtests/security_test.go | 23 |
2 files changed, 45 insertions, 0 deletions
diff --git a/integrationtests/flock_test.go b/integrationtests/flock_test.go new file mode 100644 index 0000000..667f0fb --- /dev/null +++ b/integrationtests/flock_test.go @@ -0,0 +1,22 @@ +package integrationtests + +import "testing" + +// TestFlockBasic asserts end-to-end tracing of the FamilyFS flock syscall. The +// flock-basic scenario opens a temp file, takes an exclusive advisory lock +// (LOCK_EX) and releases it (LOCK_UN), then closes the file. +// +// flock is captured as KindFd at args[0]; ior resolves that fd to the +// underlying file path via the procfd cache, so the enter_flock record carries +// the temp filename. Its return value is UNCLASSIFIED, so we only assert the +// enter path (path + count), not a byte total. +func TestFlockBasic(t *testing.T) { + runScenario(t, "flock-basic", []ExpectedEvent{ + { + PathContains: "flockfile.txt", + Tracepoint: "enter_flock", + Comm: "ioworkload", + MinCount: 1, + }, + }) +} diff --git a/integrationtests/security_test.go b/integrationtests/security_test.go index 8d41691..f4d38ea 100644 --- a/integrationtests/security_test.go +++ b/integrationtests/security_test.go @@ -62,6 +62,29 @@ func TestSecurityKeysPtracePerf(t *testing.T) { } } +var getrandomTraceArgs = []string{"-trace-syscalls", "getrandom"} + +// TestSecurityGetrandom asserts end-to-end tracing of the getrandom syscall +// (Security family, READ_CLASSIFIED). The security-getrandom scenario fills a +// 32-byte buffer via unix.Getrandom, looping until the full buffer is filled. +// +// getrandom reports the number of random bytes written into buf as its return +// value, which ior records as the exit byte count. The scenario loops past any +// signal-interrupted short reads, so the cumulative byte count is strictly +// positive; we assert bytes>=1 (the per-call count can be split across reads, +// so a conservative >=1 minimum is the safe invariant) plus a positive +// duration. The enter tracepoint is null-kind (no fd/path dimension), so only +// the READ byte-count classification is locked in here. +func TestSecurityGetrandom(t *testing.T) { + result, _ := runScenarioResultWithIorArgs(t, "security-getrandom", []ExpectedEvent{ + {Tracepoint: "enter_getrandom", Comm: "ioworkload", MinCount: 1}, + }, getrandomTraceArgs) + + exp := ExpectedEvent{Tracepoint: "enter_getrandom", Comm: "ioworkload"} + assertEventBytesAtLeast(t, result, exp, 1) + assertEventDurationPositive(t, result, exp) +} + var landlockTraceArgs = []string{"-trace-syscalls", "landlock_create_ruleset,landlock_add_rule,close"} // TestSecurityLandlockCreateRuleset asserts end-to-end tracing of the |