diff options
| author | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-06-22 22:22:41 +0000 |
|---|---|---|
| committer | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-06-22 22:22:41 +0000 |
| commit | a0ac8af14b1c6980079cb938dc22e0e82f9a2034 (patch) | |
| tree | 9cb75c844115408b664e8017c20a77103ff30c3f /sandbox | |
| parent | 27949decd7e4fb77caac5d3ba7290ab7e819f04d (diff) | |
| download | chromium_src-a0ac8af14b1c6980079cb938dc22e0e82f9a2034.zip chromium_src-a0ac8af14b1c6980079cb938dc22e0e82f9a2034.tar.gz chromium_src-a0ac8af14b1c6980079cb938dc22e0e82f9a2034.tar.bz2 | |
Sandbox BPF: add basic unittests
We add our first basic unittests:
- Calling Sandbox::supportsSeccompSandbox twice should work fine
- We install and test a basic policy that forbids nanosleep()
BUG=None
TEST=None
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/10641015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@143728 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox')
| -rw-r--r-- | sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc | 54 | ||||
| -rw-r--r-- | sandbox/sandbox_linux.gypi | 2 |
2 files changed, 54 insertions, 2 deletions
diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc b/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc index ead6c4e..8c7ab22 100644 --- a/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc +++ b/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc @@ -6,6 +6,58 @@ #include "sandbox/linux/seccomp-bpf/verifier.h" #include "testing/gtest/include/gtest/gtest.h" +using namespace playground2; + +namespace { + TEST(SandboxBpf, CallSupports) { - playground2::Sandbox::supportsSeccompSandbox(-1); + // We check that we don't crash, but it's ok if the kernel doesn't + // support it. + Sandbox::supportsSeccompSandbox(-1); +} + +TEST(SandboxBpf, CallSupportsTwice) { + Sandbox::supportsSeccompSandbox(-1); + Sandbox::supportsSeccompSandbox(-1); +} + +static Sandbox::ErrorCode NanosleepEvaluator(int sysno) { + if (sysno < (int) MIN_SYSCALL || sysno > (int) MAX_SYSCALL) { + // FIXME: we should really not have to do that in a trivial policy + return ENOSYS; + } + switch (sysno) { + case __NR_nanosleep: + return EACCES; + default: + return Sandbox::SB_ALLOWED; + } } + +void BasicPolicyProcess(void) { + int proc_fd = open("/proc", O_RDONLY|O_DIRECTORY); + if (proc_fd < 0) + exit(-1); + if(Sandbox::supportsSeccompSandbox(proc_fd) != + Sandbox::STATUS_AVAILABLE) + exit(-1); + Sandbox::setProcFd(proc_fd); + Sandbox::setSandboxPolicy(NanosleepEvaluator, NULL); + Sandbox::startSandbox(); + const struct timespec ts = {0, 0}; + if(nanosleep(&ts, NULL) != -1 || errno != EACCES) + exit(-1); + exit(0); +} + +TEST(SandboxBpf, CanApplyBasicPolicy) { + // This test will pass if seccomp-bpf is not supported + if(Sandbox::supportsSeccompSandbox(-1) == + Sandbox::STATUS_AVAILABLE) { + // TODO: find a way to use the testing testing framework inside + // BasicPolicyProcess or at the very least to surface errors + EXPECT_EXIT(BasicPolicyProcess(), ::testing::ExitedWithCode(0), ""); + } +} + +} // namespace diff --git a/sandbox/sandbox_linux.gypi b/sandbox/sandbox_linux.gypi index fb313a6..b3489ec 100644 --- a/sandbox/sandbox_linux.gypi +++ b/sandbox/sandbox_linux.gypi @@ -45,7 +45,7 @@ 'conditions': [ [ 'OS=="linux" and (target_arch=="ia32" or target_arch=="x64")', { 'sources': [ - 'linux/seccomp-bpf/sandbox_bpf_unittest.cc' + 'linux/seccomp-bpf/sandbox_bpf_unittest.cc', ], }], ], |