1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/linux/seccomp-bpf/bpf_tests.h"
8 #include <sys/ptrace.h>
9 #include <sys/syscall.h>
10 #include <sys/types.h>
13 #include "base/logging.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "build/build_config.h"
16 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
17 #include "sandbox/linux/services/linux_syscalls.h"
18 #include "sandbox/linux/tests/unit_tests.h"
19 #include "testing/gtest/include/gtest/gtest.h"
25 ErrorCode EmptyPolicy(SandboxBPF* sandbox, int sysno, void* aux) {
26 // |aux| should always be NULL since a type was not specified as an argument
28 BPF_ASSERT(NULL == aux);
29 if (!SandboxBPF::IsValidSyscallNumber(sysno)) {
30 return ErrorCode(ENOSYS);
32 return ErrorCode(ErrorCode::ERR_ALLOWED);
36 BPF_TEST(BPFTest, BPFAUXIsNull, EmptyPolicy) {
37 // Check that the implicit BPF_AUX argument is NULL when we
38 // don't specify a fourth parameter to BPF_TEST.
39 BPF_ASSERT(NULL == BPF_AUX);
44 static const int kMagicValue = 42;
45 FourtyTwo() : value_(kMagicValue) {}
46 int value() { return value_; }
50 DISALLOW_COPY_AND_ASSIGN(FourtyTwo);
53 ErrorCode EmptyPolicyTakesClass(SandboxBPF* sandbox,
55 FourtyTwo* fourty_two) {
56 // |aux| should point to an instance of FourtyTwo.
57 BPF_ASSERT(fourty_two);
58 BPF_ASSERT(FourtyTwo::kMagicValue == fourty_two->value());
59 if (!SandboxBPF::IsValidSyscallNumber(sysno)) {
60 return ErrorCode(ENOSYS);
62 return ErrorCode(ErrorCode::ERR_ALLOWED);
68 EmptyPolicyTakesClass,
69 FourtyTwo /* *BPF_AUX */) {
70 // BPF_AUX should point to an instance of FourtyTwo.
72 BPF_ASSERT(FourtyTwo::kMagicValue == BPF_AUX->value());
75 void DummyTestFunction(FourtyTwo *fourty_two) {
78 TEST(BPFTest, BPFTesterCompatibilityDelegateLeakTest) {
79 // Don't do anything, simply gives dynamic tools an opportunity to detect
82 BPFTesterCompatibilityDelegate<FourtyTwo> simple_delegate(
83 DummyTestFunction, EmptyPolicyTakesClass);
87 scoped_ptr<BPFTesterDelegate> simple_delegate(
88 new BPFTesterCompatibilityDelegate<FourtyTwo>(DummyTestFunction,
89 EmptyPolicyTakesClass));
93 class EnosysPtracePolicy : public SandboxBPFPolicy {
95 EnosysPtracePolicy() {
96 my_pid_ = syscall(__NR_getpid);
98 virtual ~EnosysPtracePolicy() {
99 // Policies should be able to bind with the process on which they are
100 // created. They should never be created in a parent process.
101 BPF_ASSERT_EQ(my_pid_, syscall(__NR_getpid));
104 virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler,
105 int system_call_number) const OVERRIDE {
106 if (!SandboxBPF::IsValidSyscallNumber(system_call_number)) {
107 return ErrorCode(ENOSYS);
108 } else if (system_call_number == __NR_ptrace) {
109 // The EvaluateSyscall function should run in the process that created
110 // the current object.
111 BPF_ASSERT_EQ(my_pid_, syscall(__NR_getpid));
112 return ErrorCode(ENOSYS);
114 return ErrorCode(ErrorCode::ERR_ALLOWED);
120 DISALLOW_COPY_AND_ASSIGN(EnosysPtracePolicy);
123 class BasicBPFTesterDelegate : public BPFTesterDelegate {
125 BasicBPFTesterDelegate() {}
126 virtual ~BasicBPFTesterDelegate() {}
128 virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() OVERRIDE {
129 return scoped_ptr<SandboxBPFPolicy>(new EnosysPtracePolicy());
131 virtual void RunTestFunction() OVERRIDE {
133 int ret = ptrace(PTRACE_TRACEME, -1, NULL, NULL);
134 BPF_ASSERT(-1 == ret);
135 BPF_ASSERT(ENOSYS == errno);
139 DISALLOW_COPY_AND_ASSIGN(BasicBPFTesterDelegate);
142 // This is the most powerful and complex way to create a BPF test, but it
143 // requires a full class definition (BasicBPFTesterDelegate).
144 BPF_TEST_D(BPFTest, BPFTestWithDelegateClass, BasicBPFTesterDelegate);
146 // This is the simplest form of BPF tests.
147 BPF_TEST_C(BPFTest, BPFTestWithInlineTest, EnosysPtracePolicy) {
149 int ret = ptrace(PTRACE_TRACEME, -1, NULL, NULL);
150 BPF_ASSERT(-1 == ret);
151 BPF_ASSERT(ENOSYS == errno);
156 } // namespace sandbox