OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h" | |
6 | |
7 #include <errno.h> | |
8 #include <sys/stat.h> | |
9 #include <sys/types.h> | |
10 #include <sys/wait.h> | |
11 #include <unistd.h> | |
12 | |
13 #include "base/posix/eintr_wrapper.h" | |
14 #include "base/threading/thread.h" | |
15 #include "build/build_config.h" | |
16 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" | |
17 #include "sandbox/linux/seccomp-bpf/bpf_tests.h" | |
18 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | |
19 #include "sandbox/linux/services/linux_syscalls.h" | |
20 #include "sandbox/linux/services/thread_helpers.h" | |
21 #include "sandbox/linux/tests/unit_tests.h" | |
22 | |
23 namespace sandbox { | |
24 | |
25 namespace { | |
26 | |
27 // |pid| is the return value of a fork()-like call. This | |
28 // makes sure that if fork() succeeded the child exits | |
29 // and the parent waits for it. | |
30 void HandlePostForkReturn(pid_t pid) { | |
31 const int kChildExitCode = 1; | |
32 if (pid > 0) { | |
33 int status = 0; | |
34 PCHECK(pid == HANDLE_EINTR(waitpid(pid, &status, 0))); | |
35 CHECK(WIFEXITED(status)); | |
36 CHECK_EQ(kChildExitCode, WEXITSTATUS(status)); | |
37 } else if (pid == 0) { | |
38 _exit(kChildExitCode); | |
39 } | |
40 } | |
41 | |
42 // Check that HandlePostForkReturn works. | |
43 TEST(BaselinePolicy, HandlePostForkReturn) { | |
44 pid_t pid = fork(); | |
45 HandlePostForkReturn(pid); | |
46 } | |
47 | |
48 BPF_TEST_C(BaselinePolicy, FchmodErrno, BaselinePolicy) { | |
49 int ret = fchmod(-1, 07777); | |
50 BPF_ASSERT_EQ(-1, ret); | |
51 // Without the sandbox, this would EBADF instead. | |
52 BPF_ASSERT_EQ(EPERM, errno); | |
53 } | |
54 | |
55 // clone(2) is not restricted on ASAN. | |
56 #if !defined(ADDRESS_SANITIZER) | |
57 | |
58 BPF_TEST_C(BaselinePolicy, ForkErrno, BaselinePolicy) { | |
59 errno = 0; | |
60 pid_t pid = fork(); | |
61 const int fork_errno = errno; | |
62 HandlePostForkReturn(pid); | |
63 | |
64 BPF_ASSERT_EQ(-1, pid); | |
65 BPF_ASSERT_EQ(EPERM, fork_errno); | |
66 } | |
67 | |
68 pid_t ForkX86Glibc() { | |
69 return syscall(__NR_clone, CLONE_PARENT_SETTID | SIGCHLD); | |
70 } | |
71 | |
72 BPF_TEST_C(BaselinePolicy, ForkX86Eperm, BaselinePolicy) { | |
73 errno = 0; | |
74 pid_t pid = ForkX86Glibc(); | |
75 const int fork_errno = errno; | |
76 HandlePostForkReturn(pid); | |
77 | |
78 BPF_ASSERT(-1 == pid); | |
mdempsky
2014/05/08 21:53:55
Sorry, should have been clear that by "and below"
jln (very slow on Chromium)
2014/05/08 21:57:09
Ohh wow, sorry. Done for realz this time.
| |
79 BPF_ASSERT(EPERM == fork_errno); | |
80 } | |
81 | |
82 pid_t ForkARMGlibc() { | |
83 return syscall(__NR_clone, | |
84 CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID | SIGCHLD); | |
85 } | |
86 | |
87 BPF_TEST_C(BaselinePolicy, ForkArmEperm, BaselinePolicy) { | |
88 errno = 0; | |
89 pid_t pid = ForkARMGlibc(); | |
90 const int fork_errno = errno; | |
91 HandlePostForkReturn(pid); | |
92 | |
93 BPF_ASSERT(-1 == pid); | |
94 BPF_ASSERT(EPERM == fork_errno); | |
95 } | |
96 | |
97 BPF_TEST_C(BaselinePolicy, CreateThread, BaselinePolicy) { | |
98 base::Thread thread("sandbox_tests"); | |
99 BPF_ASSERT(thread.Start()); | |
100 } | |
101 | |
102 BPF_DEATH_TEST_C(BaselinePolicy, | |
103 DisallowedCloneFlagCrashes, | |
104 DEATH_MESSAGE(GetCloneErrorMessageContentForTests()), | |
105 BaselinePolicy) { | |
106 pid_t pid = syscall(__NR_clone, CLONE_THREAD | SIGCHLD); | |
107 HandlePostForkReturn(pid); | |
108 } | |
109 | |
110 #endif // !defined(ADDRESS_SANITIZER) | |
111 | |
112 } // namespace | |
113 | |
114 } // namespace sandbox | |
OLD | NEW |