Chromium Code Reviews Chromium Code Reviews
Issue 330723003:
Clean-up the SandboxSyscall interface (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: sandbox/linux/seccomp-bpf/syscall_unittest.cc |
| diff --git a/sandbox/linux/seccomp-bpf/syscall_unittest.cc b/sandbox/linux/seccomp-bpf/syscall_unittest.cc |
| index bdeee4fe2da77cf87cbda1d980787e52f3ee93b7..b372d9bb1c86a64f0756aa565eafb25acd31b48d 100644 |
| --- a/sandbox/linux/seccomp-bpf/syscall_unittest.cc |
| +++ b/sandbox/linux/seccomp-bpf/syscall_unittest.cc |
| @@ -12,6 +12,7 @@ |
| #include "base/basictypes.h" |
| #include "base/posix/eintr_wrapper.h" |
| +#include "build/build_config.h" |
| #include "sandbox/linux/seccomp-bpf/bpf_tests.h" |
| #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| #include "sandbox/linux/seccomp-bpf/syscall.h" |
| @@ -31,24 +32,25 @@ const int kMMapNr = __NR_mmap; |
| #endif |
| TEST(Syscall, WellKnownEntryPoint) { |
| -// Test that SandboxSyscall(-1) is handled specially. Don't do this on ARM, |
| +// Test that Syscall::Call(-1) is handled specially. Don't do this on ARM, |
| // where syscall(-1) crashes with SIGILL. Not running the test is fine, as we |
| // are still testing ARM code in the next set of tests. |
| #if !defined(__arm__) |
| - EXPECT_NE(SandboxSyscall(-1), syscall(-1)); |
| + EXPECT_NE(Syscall::Call(-1), syscall(-1)); |
| #endif |
| -// If possible, test that SandboxSyscall(-1) returns the address right after |
| +// If possible, test that Syscall::Call(-1) returns the address right |
| +// after |
| // a kernel entry point. |
| #if defined(__i386__) |
| - EXPECT_EQ(0x80CDu, ((uint16_t*)SandboxSyscall(-1))[-1]); // INT 0x80 |
| + EXPECT_EQ(0x80CDu, ((uint16_t*)Syscall::Call(-1))[-1]); // INT 0x80 |
| #elif defined(__x86_64__) |
| - EXPECT_EQ(0x050Fu, ((uint16_t*)SandboxSyscall(-1))[-1]); // SYSCALL |
| + EXPECT_EQ(0x050Fu, ((uint16_t*)Syscall::Call(-1))[-1]); // SYSCALL |
| #elif defined(__arm__) |
| #if defined(__thumb__) |
| - EXPECT_EQ(0xDF00u, ((uint16_t*)SandboxSyscall(-1))[-1]); // SWI 0 |
| + EXPECT_EQ(0xDF00u, ((uint16_t*)Syscall::Call(-1))[-1]); // SWI 0 |
| #else |
| - EXPECT_EQ(0xEF000000u, ((uint32_t*)SandboxSyscall(-1))[-1]); // SVC 0 |
| + EXPECT_EQ(0xEF000000u, ((uint32_t*)Syscall::Call(-1))[-1]); // SVC 0 |
| #endif |
| #else |
| #warning Incomplete test case; need port for target platform |
| @@ -57,17 +59,25 @@ TEST(Syscall, WellKnownEntryPoint) { |
| TEST(Syscall, TrivialSyscallNoArgs) { |
| // Test that we can do basic system calls |
| - EXPECT_EQ(SandboxSyscall(__NR_getpid), syscall(__NR_getpid)); |
| + EXPECT_EQ(Syscall::Call(__NR_getpid), syscall(__NR_getpid)); |
| } |
| TEST(Syscall, TrivialSyscallOneArg) { |
| int new_fd; |
| // Duplicate standard error and close it. |
| - ASSERT_GE(new_fd = SandboxSyscall(__NR_dup, 2), 0); |
| - int close_return_value = IGNORE_EINTR(SandboxSyscall(__NR_close, new_fd)); |
| + ASSERT_GE(new_fd = Syscall::Call(__NR_dup, 2), 0); |
| + int close_return_value = IGNORE_EINTR(Syscall::Call(__NR_close, new_fd)); |
| ASSERT_EQ(close_return_value, 0); |
| } |
| +TEST(Syscall, TrivialFailingSyscall) { |
| + errno = 42; |
|
mdempsky
2014/06/13 03:01:46
Perhaps set this to a negative value instead? POS
jln (very slow on Chromium)
2014/06/13 06:39:58
Done.
|
| + int ret = Syscall::Call(__NR_dup, -1); |
| + ASSERT_EQ(-EBADF, ret); |
| + // Verify that Syscall::Call does not touch errno. |
| + ASSERT_EQ(42, errno); |
| +} |
| + |
| // SIGSYS trap handler that will be called on __NR_uname. |
| intptr_t CopySyscallArgsToAux(const struct arch_seccomp_data& args, void* aux) { |
| // |aux| is our BPF_AUX pointer. |
| @@ -91,7 +101,8 @@ ErrorCode CopyAllArgsOnUnamePolicy(SandboxBPF* sandbox, |
| } |
| } |
| -// We are testing SandboxSyscall() by making use of a BPF filter that allows us |
| +// We are testing Syscall::Call() by making use of a BPF filter that |
| +// allows us |
| // to inspect the system call arguments that the kernel saw. |
| BPF_TEST(Syscall, |
| SyntheticSixArgs, |
| @@ -109,13 +120,13 @@ BPF_TEST(Syscall, |
| // We could use pretty much any system call we don't need here. uname() is |
| // nice because it doesn't have any dangerous side effects. |
| - BPF_ASSERT(SandboxSyscall(__NR_uname, |
| - syscall_args[0], |
| - syscall_args[1], |
| - syscall_args[2], |
| - syscall_args[3], |
| - syscall_args[4], |
| - syscall_args[5]) == -ENOMEM); |
| + BPF_ASSERT(Syscall::Call(__NR_uname, |
| + syscall_args[0], |
| + syscall_args[1], |
| + syscall_args[2], |
| + syscall_args[3], |
| + syscall_args[4], |
| + syscall_args[5]) == -ENOMEM); |
| // We expect the trap handler to have copied the 6 arguments. |
| BPF_ASSERT(BPF_AUX->size() == 6); |
| @@ -133,69 +144,69 @@ BPF_TEST(Syscall, |
| TEST(Syscall, ComplexSyscallSixArgs) { |
| int fd; |
| - ASSERT_LE(0, fd = SandboxSyscall(__NR_open, "/dev/null", O_RDWR, 0L)); |
| + ASSERT_LE(0, fd = Syscall::Call(__NR_open, "/dev/null", O_RDWR, 0L)); |
| // Use mmap() to allocate some read-only memory |
| char* addr0; |
| - ASSERT_NE((char*)NULL, |
| - addr0 = reinterpret_cast<char*>( |
| - SandboxSyscall(kMMapNr, |
| - (void*)NULL, |
| - 4096, |
| - PROT_READ, |
| - MAP_PRIVATE | MAP_ANONYMOUS, |
| - fd, |
| - 0L))); |
| + ASSERT_NE( |
| + (char*)NULL, |
| + addr0 = reinterpret_cast<char*>(Syscall::Call(kMMapNr, |
| + (void*)NULL, |
| + 4096, |
| + PROT_READ, |
| + MAP_PRIVATE | MAP_ANONYMOUS, |
| + fd, |
| + 0L))); |
| // Try to replace the existing mapping with a read-write mapping |
| char* addr1; |
| ASSERT_EQ(addr0, |
| addr1 = reinterpret_cast<char*>( |
| - SandboxSyscall(kMMapNr, |
| - addr0, |
| - 4096L, |
| - PROT_READ | PROT_WRITE, |
| - MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, |
| - fd, |
| - 0L))); |
| + Syscall::Call(kMMapNr, |
| + addr0, |
| + 4096L, |
| + PROT_READ | PROT_WRITE, |
| + MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, |
| + fd, |
| + 0L))); |
| ++*addr1; // This should not seg fault |
| // Clean up |
| - EXPECT_EQ(0, SandboxSyscall(__NR_munmap, addr1, 4096L)); |
| - EXPECT_EQ(0, IGNORE_EINTR(SandboxSyscall(__NR_close, fd))); |
| + EXPECT_EQ(0, Syscall::Call(__NR_munmap, addr1, 4096L)); |
| + EXPECT_EQ(0, IGNORE_EINTR(Syscall::Call(__NR_close, fd))); |
| // Check that the offset argument (i.e. the sixth argument) is processed |
| // correctly. |
| - ASSERT_GE(fd = SandboxSyscall(__NR_open, "/proc/self/exe", O_RDONLY, 0L), 0); |
| + ASSERT_GE(fd = Syscall::Call(__NR_open, "/proc/self/exe", O_RDONLY, 0L), 0); |
| char* addr2, *addr3; |
| ASSERT_NE((char*)NULL, |
| - addr2 = reinterpret_cast<char*>(SandboxSyscall( |
| + addr2 = reinterpret_cast<char*>(Syscall::Call( |
| kMMapNr, (void*)NULL, 8192L, PROT_READ, MAP_PRIVATE, fd, 0L))); |
| ASSERT_NE((char*)NULL, |
| - addr3 = reinterpret_cast<char*>(SandboxSyscall(kMMapNr, |
| - (void*)NULL, |
| - 4096L, |
| - PROT_READ, |
| - MAP_PRIVATE, |
| - fd, |
| + addr3 = reinterpret_cast<char*>(Syscall::Call(kMMapNr, |
| + (void*)NULL, |
| + 4096L, |
| + PROT_READ, |
| + MAP_PRIVATE, |
| + fd, |
| #if defined(__NR_mmap2) |
| - 1L |
| + 1L |
| #else |
| - 4096L |
| + 4096L |
| #endif |
| - ))); |
| + ))); |
| EXPECT_EQ(0, memcmp(addr2 + 4096, addr3, 4096)); |
| // Just to be absolutely on the safe side, also verify that the file |
| // contents matches what we are getting from a read() operation. |
| char buf[8192]; |
| - EXPECT_EQ(8192, SandboxSyscall(__NR_read, fd, buf, 8192L)); |
| + EXPECT_EQ(8192, Syscall::Call(__NR_read, fd, buf, 8192L)); |
| EXPECT_EQ(0, memcmp(addr2, buf, 8192)); |
| // Clean up |
| - EXPECT_EQ(0, SandboxSyscall(__NR_munmap, addr2, 8192L)); |
| - EXPECT_EQ(0, SandboxSyscall(__NR_munmap, addr3, 4096L)); |
| - EXPECT_EQ(0, IGNORE_EINTR(SandboxSyscall(__NR_close, fd))); |
| + EXPECT_EQ(0, Syscall::Call(__NR_munmap, addr2, 8192L)); |
| + EXPECT_EQ(0, Syscall::Call(__NR_munmap, addr3, 4096L)); |
| + EXPECT_EQ(0, IGNORE_EINTR(Syscall::Call(__NR_close, fd))); |
| } |
| } // namespace |
