OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <errno.h> | 5 #include <errno.h> |
6 | 6 |
7 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 7 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
8 #include "sandbox/linux/tests/unit_tests.h" | 8 #include "sandbox/linux/tests/unit_tests.h" |
9 | 9 |
10 namespace sandbox { | 10 namespace sandbox { |
11 | 11 |
12 namespace { | 12 namespace { |
13 | 13 |
14 SANDBOX_TEST(ErrorCode, ErrnoConstructor) { | 14 SANDBOX_TEST(ErrorCode, ErrnoConstructor) { |
15 ErrorCode e0; | 15 ErrorCode e0; |
16 SANDBOX_ASSERT(e0.err() == SECCOMP_RET_INVALID); | 16 SANDBOX_ASSERT(e0.err() == SECCOMP_RET_INVALID); |
17 | 17 |
18 ErrorCode e1(ErrorCode::ERR_ALLOWED); | 18 ErrorCode e1(ErrorCode::ERR_ALLOWED); |
19 SANDBOX_ASSERT(e1.err() == SECCOMP_RET_ALLOW); | 19 SANDBOX_ASSERT(e1.err() == SECCOMP_RET_ALLOW); |
20 | 20 |
21 ErrorCode e2(EPERM); | 21 ErrorCode e2(EPERM); |
22 SANDBOX_ASSERT(e2.err() == SECCOMP_RET_ERRNO + EPERM); | 22 SANDBOX_ASSERT(e2.err() == SECCOMP_RET_ERRNO + EPERM); |
23 | 23 |
24 SandboxBPF sandbox; | 24 SandboxBPF sandbox; |
25 ErrorCode e3 = sandbox.Trap(NULL, NULL); | 25 ErrorCode e3 = sandbox.Trap(NULL, NULL); |
26 SANDBOX_ASSERT((e3.err() & SECCOMP_RET_ACTION) == SECCOMP_RET_TRAP); | 26 SANDBOX_ASSERT((e3.err() & SECCOMP_RET_ACTION) == SECCOMP_RET_TRAP); |
27 | |
28 uint16_t data = 0xdead; | |
29 ErrorCode e4(ErrorCode::ERR_TRACE + data); | |
30 SANDBOX_ASSERT(e4.err() == SECCOMP_RET_TRACE + data); | |
27 } | 31 } |
28 | 32 |
jln (very slow on Chromium)
2014/05/20 03:02:10
Could you add a death test if trying to use SECCOM
rickyz (Google)
2014/05/20 22:34:01
Done.
| |
29 SANDBOX_TEST(ErrorCode, Trap) { | 33 SANDBOX_TEST(ErrorCode, Trap) { |
30 SandboxBPF sandbox; | 34 SandboxBPF sandbox; |
31 ErrorCode e0 = sandbox.Trap(NULL, "a"); | 35 ErrorCode e0 = sandbox.Trap(NULL, "a"); |
32 ErrorCode e1 = sandbox.Trap(NULL, "b"); | 36 ErrorCode e1 = sandbox.Trap(NULL, "b"); |
33 SANDBOX_ASSERT((e0.err() & SECCOMP_RET_DATA) + 1 == | 37 SANDBOX_ASSERT((e0.err() & SECCOMP_RET_DATA) + 1 == |
34 (e1.err() & SECCOMP_RET_DATA)); | 38 (e1.err() & SECCOMP_RET_DATA)); |
35 | 39 |
36 ErrorCode e2 = sandbox.Trap(NULL, "a"); | 40 ErrorCode e2 = sandbox.Trap(NULL, "a"); |
37 SANDBOX_ASSERT((e0.err() & SECCOMP_RET_DATA) == | 41 SANDBOX_ASSERT((e0.err() & SECCOMP_RET_DATA) == |
38 (e2.err() & SECCOMP_RET_DATA)); | 42 (e2.err() & SECCOMP_RET_DATA)); |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
76 SANDBOX_ASSERT(e1.LessThan(e4)); | 80 SANDBOX_ASSERT(e1.LessThan(e4)); |
77 SANDBOX_ASSERT(e3.LessThan(e4)); | 81 SANDBOX_ASSERT(e3.LessThan(e4)); |
78 SANDBOX_ASSERT(e4.LessThan(e5)); | 82 SANDBOX_ASSERT(e4.LessThan(e5)); |
79 SANDBOX_ASSERT(!e4.LessThan(e6)); | 83 SANDBOX_ASSERT(!e4.LessThan(e6)); |
80 SANDBOX_ASSERT(!e6.LessThan(e4)); | 84 SANDBOX_ASSERT(!e6.LessThan(e4)); |
81 } | 85 } |
82 | 86 |
83 } // namespace | 87 } // namespace |
84 | 88 |
85 } // namespace sandbox | 89 } // namespace sandbox |
OLD | NEW |