| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Sanitizers internally use some syscalls which non-SFI NaCl disallows. | 5 // Sanitizers internally use some syscalls which non-SFI NaCl disallows. |
| 6 #if !defined(ADDRESS_SANITIZER) && !defined(THREAD_SANITIZER) && \ | 6 #if !defined(ADDRESS_SANITIZER) && !defined(THREAD_SANITIZER) && \ |
| 7 !defined(MEMORY_SANITIZER) && !defined(LEAK_SANITIZER) | 7 !defined(MEMORY_SANITIZER) && !defined(LEAK_SANITIZER) |
| 8 | 8 |
| 9 #include "components/nacl/loader/nonsfi/nonsfi_sandbox.h" | 9 #include "components/nacl/loader/nonsfi/nonsfi_sandbox.h" |
| 10 | 10 |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 53 | 53 |
| 54 void DoSocketpair(base::ScopedFD* fds) { | 54 void DoSocketpair(base::ScopedFD* fds) { |
| 55 int tmp_fds[2]; | 55 int tmp_fds[2]; |
| 56 BPF_ASSERT_EQ(0, socketpair(AF_UNIX, SOCK_STREAM, 0, tmp_fds)); | 56 BPF_ASSERT_EQ(0, socketpair(AF_UNIX, SOCK_STREAM, 0, tmp_fds)); |
| 57 fds[0].reset(tmp_fds[0]); | 57 fds[0].reset(tmp_fds[0]); |
| 58 fds[1].reset(tmp_fds[1]); | 58 fds[1].reset(tmp_fds[1]); |
| 59 } | 59 } |
| 60 | 60 |
| 61 TEST(NaClNonSfiSandboxTest, BPFIsSupported) { | 61 TEST(NaClNonSfiSandboxTest, BPFIsSupported) { |
| 62 bool seccomp_bpf_supported = ( | 62 bool seccomp_bpf_supported = ( |
| 63 sandbox::SandboxBPF::SupportsSeccompSandbox(-1) == | 63 sandbox::SandboxBPF::SupportsSeccompSandbox() == |
| 64 sandbox::SandboxBPF::STATUS_AVAILABLE); | 64 sandbox::SandboxBPF::STATUS_AVAILABLE); |
| 65 if (!seccomp_bpf_supported) { | 65 if (!seccomp_bpf_supported) { |
| 66 LOG(ERROR) << "Seccomp BPF is not supported, these tests " | 66 LOG(ERROR) << "Seccomp BPF is not supported, these tests " |
| 67 << "will pass without running"; | 67 << "will pass without running"; |
| 68 } | 68 } |
| 69 } | 69 } |
| 70 | 70 |
| 71 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest, | 71 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest, |
| 72 invalid_sysno, | 72 invalid_sysno, |
| 73 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | 73 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), |
| (...skipping 422 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 496 RESTRICT_SYSCALL_EPERM_TEST(ptrace); | 496 RESTRICT_SYSCALL_EPERM_TEST(ptrace); |
| 497 RESTRICT_SYSCALL_EPERM_TEST(set_robust_list); | 497 RESTRICT_SYSCALL_EPERM_TEST(set_robust_list); |
| 498 #if defined(__i386__) || defined(__x86_64__) | 498 #if defined(__i386__) || defined(__x86_64__) |
| 499 RESTRICT_SYSCALL_EPERM_TEST(time); | 499 RESTRICT_SYSCALL_EPERM_TEST(time); |
| 500 #endif | 500 #endif |
| 501 | 501 |
| 502 } // namespace | 502 } // namespace |
| 503 | 503 |
| 504 #endif // !ADDRESS_SANITIZER && !THREAD_SANITIZER && | 504 #endif // !ADDRESS_SANITIZER && !THREAD_SANITIZER && |
| 505 // !MEMORY_SANITIZER && !LEAK_SANITIZER | 505 // !MEMORY_SANITIZER && !LEAK_SANITIZER |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 733303004:
Linux sandbox: change API to start the sandbox (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master