Set up tests to exercise the chrome outersandbox from the nacl loader.

It is similar to the renderer sandbox tests in that the test code is
separated into a DLL and only loaded based on commandline flags.

Currently tests file open, process creation, and connect.

This is currently not set up for Linux. To set it up for Linux,
we need to be more careful about what tests are expected to pass,
and will need to look into zygote process for how to get the test
shared lib loaded.

BUG=39409
TEST=none

Review URL: http://codereview.chromium.org/1549046

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52567 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 112 insertions, 0 deletions

diff --git a/chrome/test/nacl_security_tests/commands_posix.cc b/chrome/test/nacl_security_tests/commands_posix.cc
new file mode 100644
index 0000000..85196e3
--- /dev/null
+++ b/chrome/test/nacl_security_tests/commands_posix.cc
@@ -0,0 +1,112 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "./commands_posix.h"
+
+#include <fcntl.h>
+#include <netdb.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+#include <string>
+
+// Sandbox access tests (mimic'ing "sandbox/tests/validation_tests/commands.h")
+
+namespace sandbox {
+
+SboxTestResult TestOpenReadFile(const char *path) {
+  int fd = open(path, O_RDONLY | O_CREAT);
+  if (-1 == fd) {
+    return SBOX_TEST_DENIED;
+  } else {
+    fprintf(stderr, "OOPS: Opened file for read %s %d\n", path, fd);
+    close(fd);
+    return SBOX_TEST_SUCCEEDED;
+  }
+}
+
+SboxTestResult TestOpenWriteFile(const char *path) {
+  int fd = open(path, O_WRONLY | O_CREAT);
+  if (-1 == fd) {
+    return SBOX_TEST_DENIED;
+  } else {
+    fprintf(stderr, "OOPS: Opened file for write %s %d\n", path, fd);
+    close(fd);
+    return SBOX_TEST_SUCCEEDED;
+  }
+}
+
+SboxTestResult TestCreateProcess(const char *path) {
+  pid_t pid;
+  int exec_res;
+  int child_stat;
+
+  pid = fork();
+  if (0 == pid) {
+    exec_res = execl(path, path, NULL);
+    if (exec_res) {
+      return SBOX_TEST_DENIED;
+    } else {
+      return SBOX_TEST_SUCCEEDED;
+    }
+    return SBOX_TEST_SUCCEEDED;
+  } else if (0 < pid) {
+    fprintf(stderr, "PARENT: Oops, forked child!\n");
+    waitpid(pid, &child_stat, WNOHANG);
+    return SBOX_TEST_SUCCEEDED;
+  } else {
+    return SBOX_TEST_DENIED;
+  }
+}
+
+SboxTestResult TestConnect(const char *url) {
+  int conn_sock;
+  struct addrinfo hints, *servinfo, *p;
+  int rv;
+
+  memset(&hints, 0, sizeof(hints));
+  hints.ai_family = AF_UNSPEC;
+  hints.ai_socktype = SOCK_STREAM;
+  rv = getaddrinfo(url, "http", &hints, &servinfo);
+  if (0 != rv) {
+    fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(rv));
+    return SBOX_TEST_DENIED;
+  }
+
+  p = servinfo;
+  // Just try the first entry.
+  conn_sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol);
+  if (-1 == conn_sock) {
+    perror("socket");
+    freeaddrinfo(servinfo);
+    fprintf(stderr, "Error at socket()\n");
+    return SBOX_TEST_DENIED;
+  }
+
+  if (-1 == connect(conn_sock, p->ai_addr, p->ai_addrlen)) {
+    close(conn_sock);
+    freeaddrinfo(servinfo);
+    return SBOX_TEST_DENIED;
+  }
+
+  fprintf(stderr, "Connected to server.\n");
+  shutdown(conn_sock, SHUT_RDWR);
+  close(conn_sock);
+  freeaddrinfo(servinfo);
+  return SBOX_TEST_SUCCEEDED;
+}
+
+// TODO(jvoung): test more: e.g., bind and accept.
+// chmod, unlink, symlink, ... if guaranteed a test file that would normally
+// allow us to do such things (i.e., we want the test operations to be
+// context-independent, yet leave no traces).
+
+SboxTestResult TestDummyFails() {
+  fprintf(stderr, "Running dummy sandbox test, which should fail\n");
+  return SBOX_TEST_SUCCEEDED;
+}
+
+}  // namespace sandbox