From 59e30614ad1cd7a8d6f3c685472fada37d1ed2d7 Mon Sep 17 00:00:00 2001
From: Topi Miettinen <toiwoton@gmail.com>
Date: Sat, 2 Mar 2019 19:24:02 +0200
Subject: mdwx: block memfd_create

Some profiles may need adjusting if app uses memfd_create(2) and
memory-deny-write-execute was enabled.
---
 test/filters/memwrexe.exp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'test/filters/memwrexe.exp')

diff --git a/test/filters/memwrexe.exp b/test/filters/memwrexe.exp
index da68b3b5f..d437d1ac5 100755
--- a/test/filters/memwrexe.exp
+++ b/test/filters/memwrexe.exp
@@ -29,6 +29,18 @@ expect {
 	"mprotect successful" {puts "TESTING ERROR 12\n";exit}
 	"Parent is shutting down"
 }
+after 100
+
+send --  "firejail --memory-deny-write-execute ./memwrexe memfd_create\r"
+expect {
+	timeout {puts "TESTING ERROR 20\n";exit}
+	"Child process initialized"
+}
+expect {
+	timeout {puts "TESTING ERROR 21\n";exit}
+	"memfd_create successful" {puts "TESTING ERROR 22\n";exit}
+	"Parent is shutting down"
+}
 
 after 100
 puts "\nall done\n"
-- 
cgit v1.2.3-54-g00ecf