Chromium Code Reviews Chromium Code Reviews
Issue 269303002:
Linux sandbox: implement new BPF testing macros (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/seccomp-bpf/bpf_tests.h" | 5 #include "sandbox/linux/seccomp-bpf/bpf_tests.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <sys/ptrace.h> | |
| 9 #include <sys/syscall.h> | |
| 10 #include <sys/types.h> | |
| 11 #include <unistd.h> | |
| 8 | 12 |
| 9 #include "base/logging.h" | 13 #include "base/logging.h" |
| 10 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
| 11 #include "build/build_config.h" | 15 #include "build/build_config.h" |
| 12 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 16 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 13 #include "sandbox/linux/services/linux_syscalls.h" | 17 #include "sandbox/linux/services/linux_syscalls.h" |
| 14 #include "sandbox/linux/tests/unit_tests.h" | 18 #include "sandbox/linux/tests/unit_tests.h" |
| 15 #include "testing/gtest/include/gtest/gtest.h" | 19 #include "testing/gtest/include/gtest/gtest.h" |
| 16 | 20 |
| 17 namespace sandbox { | 21 namespace sandbox { |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 64 EmptyPolicyTakesClass, | 68 EmptyPolicyTakesClass, |
| 65 FourtyTwo /* *BPF_AUX */) { | 69 FourtyTwo /* *BPF_AUX */) { |
| 66 // BPF_AUX should point to an instance of FourtyTwo. | 70 // BPF_AUX should point to an instance of FourtyTwo. |
| 67 BPF_ASSERT(BPF_AUX); | 71 BPF_ASSERT(BPF_AUX); |
| 68 BPF_ASSERT(FourtyTwo::kMagicValue == BPF_AUX->value()); | 72 BPF_ASSERT(FourtyTwo::kMagicValue == BPF_AUX->value()); |
| 69 } | 73 } |
| 70 | 74 |
| 71 void DummyTestFunction(FourtyTwo *fourty_two) { | 75 void DummyTestFunction(FourtyTwo *fourty_two) { |
| 72 } | 76 } |
| 73 | 77 |
| 74 TEST(BPFTest, BPFTesterSimpleDelegateLeakTest) { | 78 TEST(BPFTest, BPFTesterCompatibilityDelegateLeakTest) { |
| 75 // Don't do anything, simply gives dynamic tools an opportunity to detect | 79 // Don't do anything, simply gives dynamic tools an opportunity to detect |
| 76 // leaks. | 80 // leaks. |
| 77 { | 81 { |
| 78 BPFTesterSimpleDelegate<FourtyTwo> simple_delegate(DummyTestFunction, | 82 BPFTesterCompatibilityDelegate<FourtyTwo> simple_delegate( |
| 79 EmptyPolicyTakesClass); | 83 DummyTestFunction, EmptyPolicyTakesClass); |
| 80 } | 84 } |
| 81 { | 85 { |
| 82 // Test polymorphism. | 86 // Test polymorphism. |
| 83 scoped_ptr<BPFTesterDelegate> simple_delegate( | 87 scoped_ptr<BPFTesterDelegate> simple_delegate( |
| 84 new BPFTesterSimpleDelegate<FourtyTwo>(DummyTestFunction, | 88 new BPFTesterCompatibilityDelegate<FourtyTwo>(DummyTestFunction, |
| 85 EmptyPolicyTakesClass)); | 89 EmptyPolicyTakesClass)); |
| 86 } | 90 } |
| 87 } | 91 } |
| 88 | 92 |
| 93 class EnosysPtracePolicy : public SandboxBPFPolicy { | |
| 94 public: | |
| 95 EnosysPtracePolicy() { | |
| 96 my_pid_ = syscall(__NR_getpid); | |
| 97 } | |
| 98 virtual ~EnosysPtracePolicy() { | |
| 99 // Policies should be able to bind with the process on which they are | |
| 100 // created. They should never be created in a parent process. | |
| 101 BPF_ASSERT_EQ(my_pid_, syscall(__NR_getpid)); | |
|
jln (very slow on Chromium)
2014/05/07 01:42:05
I added these checks in the last patch set.
| |
| 102 } | |
| 103 | |
| 104 virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, | |
| 105 int system_call_number) const OVERRIDE { | |
| 106 if (!SandboxBPF::IsValidSyscallNumber(system_call_number)) { | |
| 107 return ErrorCode(ENOSYS); | |
| 108 } else if (system_call_number == __NR_ptrace) { | |
| 109 // The EvaluateSyscall function should run in the process that created | |
| 110 // the current object. | |
| 111 BPF_ASSERT_EQ(my_pid_, syscall(__NR_getpid)); | |
| 112 return ErrorCode(ENOSYS); | |
| 113 } else { | |
| 114 return ErrorCode(ErrorCode::ERR_ALLOWED); | |
| 115 } | |
| 116 } | |
| 117 | |
| 118 private: | |
| 119 pid_t my_pid_; | |
| 120 DISALLOW_COPY_AND_ASSIGN(EnosysPtracePolicy); | |
| 121 }; | |
| 122 | |
| 123 class BasicBPFTesterDelegate : public BPFTesterDelegate { | |
| 124 public: | |
| 125 BasicBPFTesterDelegate() {} | |
| 126 virtual ~BasicBPFTesterDelegate() {} | |
| 127 | |
| 128 virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() OVERRIDE { | |
| 129 return scoped_ptr<SandboxBPFPolicy>(new EnosysPtracePolicy()); | |
| 130 } | |
| 131 virtual void RunTestFunction() OVERRIDE { | |
| 132 errno = 0; | |
| 133 int ret = ptrace(PTRACE_TRACEME, -1, NULL, NULL); | |
| 134 BPF_ASSERT(-1 == ret); | |
| 135 BPF_ASSERT(ENOSYS == errno); | |
| 136 } | |
| 137 | |
| 138 private: | |
| 139 DISALLOW_COPY_AND_ASSIGN(BasicBPFTesterDelegate); | |
| 140 }; | |
| 141 | |
| 142 // This is the most powerful and complex way to create a BPF test, but it | |
| 143 // requires a full class definition (BasicBPFTesterDelegate). | |
| 144 BPF_TEST_D(BPFTest, BPFTestWithDelegateClass, BasicBPFTesterDelegate); | |
| 145 | |
| 146 // This is the simplest form of BPF tests. | |
| 147 BPF_TEST_C(BPFTest, BPFTestWithInlineTest, EnosysPtracePolicy) { | |
| 148 errno = 0; | |
| 149 int ret = ptrace(PTRACE_TRACEME, -1, NULL, NULL); | |
| 150 BPF_ASSERT(-1 == ret); | |
| 151 BPF_ASSERT(ENOSYS == errno); | |
| 152 } | |
| 153 | |
| 89 } // namespace | 154 } // namespace |
| 90 | 155 |
| 91 } // namespace sandbox | 156 } // namespace sandbox |
| OLD | NEW |
