| OLD | NEW |
|---|
| 1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Tests for minijail::Options | 5 // Tests for minijail::Options |
| 6 #include "options.h" |
| 7 |
| 6 #include "mock_env.h" | 8 #include "mock_env.h" |
| 7 #include "mock_options.h" | 9 #include "mock_options.h" |
| 8 #include <gmock/gmock.h> | 10 #include <gmock/gmock.h> |
| 9 #include <gtest/gtest.h> | 11 #include <gtest/gtest.h> |
| 10 | 12 |
| 11 namespace chromeos { | 13 namespace chromeos { |
| 12 | 14 |
| 13 using ::testing::_; // wildcard mock matcher | 15 using ::testing::_; // wildcard mock matcher |
| 14 using ::testing::AtLeast; // Times modifier | 16 using ::testing::AtLeast; // Times modifier |
| 15 using ::testing::Invoke; // Allow concrete call redirection | 17 using ::testing::Invoke; // Allow concrete call redirection |
| 16 using ::testing::DefaultValue; // allow for easy default return value change | 18 using ::testing::DefaultValue; // allow for easy default return value change |
| 17 using ::testing::Return; // mock Return action | 19 using ::testing::Return; // mock Return action |
| 18 | 20 |
| 19 class OptionsDepsTest : public ::testing::Test { | 21 class OptionsDepsTest : public ::testing::Test { |
| 20 public: | 22 public: |
| 21 OptionsDepsTest() : options_(new minijail::MockOptions) { } | 23 OptionsDepsTest() : options_(new minijail::MockOptions) { } |
| 22 ~OptionsDepsTest() { } | 24 ~OptionsDepsTest() { } |
| 23 void SetUp() { | 25 void SetUp() { |
| 24 ON_CALL(*options_, FixUpDependencies()) | 26 ON_CALL(*options_, FixUpDependencies()) |
| 25 .WillByDefault(Invoke(options_.get(), | 27 .WillByDefault(Invoke(options_.get(), |
| 26 &minijail::MockOptions::OptionsFixUpDependencies)); | 28 &minijail::MockOptions::OptionsFixUpDependencies)); |
| 27 } | 29 } |
| 28 protected: | 30 protected: |
| 29 scoped_ptr<minijail::MockOptions> options_; | 31 scoped_ptr<minijail::MockOptions> options_; |
| 30 }; | 32 }; |
| 31 | 33 |
| 32 TEST_F(OptionsDepsTest, NothingToCorrect) { | 34 TEST_F(OptionsDepsTest, NothingToCorrect) { |
| 33 // Since all options default to false, this should just work. | 35 // Since all options default to false, this should just work. |
| 34 EXPECT_TRUE(options_->FixUpDependencies()); | 36 minijail::Options options; |
| 37 EXPECT_TRUE(options.FixUpDependencies()); |
| 35 } | 38 } |
| 36 | 39 |
| 37 TEST_F(OptionsDepsTest, MountsWithoutVfs) { | 40 TEST_F(OptionsDepsTest, MountsWithoutVfs) { |
| 41 EXPECT_CALL(*(options_.get()), FixUpDependencies()) |
| 42 .Times(1); |
| 43 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) |
| 44 .WillOnce(Return(false)); |
| 38 // Set up the case in need of correction | 45 // Set up the case in need of correction |
| 39 EXPECT_CALL(*options_, add_readonly_mounts()) | 46 EXPECT_CALL(*options_, add_readonly_mounts()) |
| 40 .Times(1) | |
| 41 .WillOnce(Return(true)); | 47 .WillOnce(Return(true)); |
| 42 EXPECT_CALL(*options_, namespace_vfs()) | 48 EXPECT_CALL(*options_, namespace_vfs()) |
| 43 .Times(1) | |
| 44 .WillOnce(Return(false)); | 49 .WillOnce(Return(false)); |
| 45 EXPECT_CALL(*options_, set_namespace_vfs(true)) // Proof of correction | 50 EXPECT_CALL(*options_, set_namespace_vfs(true)) // Proof of correction |
| 46 .Times(1); | 51 .Times(1); |
| 47 EXPECT_TRUE(options_->FixUpDependencies()); | 52 EXPECT_TRUE(options_->FixUpDependencies()); |
| 48 } | 53 } |
| 49 | 54 |
| 50 TEST_F(OptionsDepsTest, MountsWithVfs) { | 55 TEST_F(OptionsDepsTest, MountsWithVfs) { |
| 56 EXPECT_CALL(*(options_.get()), FixUpDependencies()) |
| 57 .Times(1); |
| 58 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) |
| 59 .WillOnce(Return(false)); |
| 51 // Setup case which should be untouched | 60 // Setup case which should be untouched |
| 52 EXPECT_CALL(*options_, add_readonly_mounts()) | 61 EXPECT_CALL(*options_, add_readonly_mounts()) |
| 53 .Times(1) | |
| 54 .WillOnce(Return(true)); | 62 .WillOnce(Return(true)); |
| 55 EXPECT_CALL(*options_, namespace_vfs()) | 63 EXPECT_CALL(*options_, namespace_vfs()) |
| 56 .Times(1) | |
| 57 .WillOnce(Return(true)); | 64 .WillOnce(Return(true)); |
| 58 EXPECT_CALL(*options_, set_namespace_vfs(_)) // Proof of correction | 65 EXPECT_CALL(*options_, set_namespace_vfs(_)) // Proof of correction |
| 59 .Times(0); | 66 .Times(0); |
| 60 EXPECT_TRUE(options_->FixUpDependencies()); | 67 EXPECT_TRUE(options_->FixUpDependencies()); |
| 61 } | 68 } |
| 62 | 69 |
| 63 TEST_F(OptionsDepsTest, NoMounts) { | 70 TEST_F(OptionsDepsTest, NoMounts) { |
| 71 EXPECT_CALL(*(options_.get()), FixUpDependencies()) |
| 72 .Times(1); |
| 73 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) |
| 74 .WillOnce(Return(false)); |
| 64 // Setup case which should be untouched | 75 // Setup case which should be untouched |
| 65 EXPECT_CALL(*options_, add_readonly_mounts()) | 76 EXPECT_CALL(*options_, add_readonly_mounts()) |
| 66 .Times(1) | |
| 67 .WillOnce(Return(false)); | 77 .WillOnce(Return(false)); |
| 68 // VFS check should never be run since the conditional short circuits | 78 // VFS check should never be run since the conditional short circuits |
| 69 EXPECT_CALL(*options_, namespace_vfs()) | 79 EXPECT_CALL(*options_, namespace_vfs()) |
| 70 .Times(0); | 80 .Times(0); |
| 71 EXPECT_CALL(*options_, set_namespace_vfs(_)) | 81 EXPECT_CALL(*options_, set_namespace_vfs(_)) |
| 72 .Times(0); | 82 .Times(0); |
| 73 EXPECT_TRUE(options_->FixUpDependencies()); | 83 EXPECT_TRUE(options_->FixUpDependencies()); |
| 74 } | 84 } |
| 75 | 85 |
| 76 TEST_F(OptionsDepsTest, BothSyscallEnforcements) { | 86 TEST_F(OptionsDepsTest, BothSyscallEnforcements) { |
| 87 EXPECT_CALL(*(options_.get()), FixUpDependencies()) |
| 88 .Times(1); |
| 77 // Case which fails | 89 // Case which fails |
| 90 EXPECT_CALL(*options_, add_readonly_mounts()) |
| 91 .WillOnce(Return(false)); |
| 78 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) | 92 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) |
| 79 .Times(1) | |
| 80 .WillOnce(Return(true)); | 93 .WillOnce(Return(true)); |
| 81 EXPECT_CALL(*options_, enforce_syscalls_by_source()) | 94 EXPECT_CALL(*options_, enforce_syscalls_by_source()) |
| 82 .Times(1) | |
| 83 .WillOnce(Return(true)); | 95 .WillOnce(Return(true)); |
| 84 EXPECT_FALSE(options_->FixUpDependencies()); | 96 EXPECT_FALSE(options_->FixUpDependencies()); |
| 85 } | 97 } |
| 86 | 98 |
| 87 TEST_F(OptionsDepsTest, SyscallBenchmarkOnly) { | 99 TEST_F(OptionsDepsTest, SyscallBenchmarkOnly) { |
| 100 EXPECT_CALL(*(options_.get()), FixUpDependencies()) |
| 101 .Times(1); |
| 102 EXPECT_CALL(*options_, add_readonly_mounts()) |
| 103 .WillOnce(Return(false)); |
| 88 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) | 104 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) |
| 89 .Times(1) | |
| 90 .WillOnce(Return(true)); | 105 .WillOnce(Return(true)); |
| 91 EXPECT_CALL(*options_, enforce_syscalls_by_source()) | 106 EXPECT_CALL(*options_, enforce_syscalls_by_source()) |
| 92 .Times(1) | |
| 93 .WillOnce(Return(false)); | 107 .WillOnce(Return(false)); |
| 94 EXPECT_TRUE(options_->FixUpDependencies()); | 108 EXPECT_TRUE(options_->FixUpDependencies()); |
| 95 } | 109 } |
| 96 | 110 |
| 97 TEST_F(OptionsDepsTest, SyscallNoBenchmark) { | 111 TEST_F(OptionsDepsTest, SyscallNoBenchmark) { |
| 112 EXPECT_CALL(*(options_.get()), FixUpDependencies()) |
| 113 .Times(1); |
| 114 EXPECT_CALL(*options_, add_readonly_mounts()) |
| 115 .WillOnce(Return(false)); |
| 98 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) | 116 EXPECT_CALL(*options_, enforce_syscalls_benchmark()) |
| 99 .Times(1) | |
| 100 .WillOnce(Return(false)); | 117 .WillOnce(Return(false)); |
| 101 EXPECT_CALL(*options_, enforce_syscalls_by_source()) | 118 EXPECT_CALL(*options_, enforce_syscalls_by_source()) |
| 102 .Times(0); | 119 .Times(0); |
| 103 EXPECT_TRUE(options_->FixUpDependencies()); | 120 EXPECT_TRUE(options_->FixUpDependencies()); |
| 104 } | 121 } |
| 105 | 122 |
| 106 | 123 |
| 107 | 124 |
| 108 | 125 |
| 109 | 126 |
| 110 | 127 |
| 111 | 128 |
| 112 } // namespace chromeos | 129 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6881066:
[minijail] Add the ability to set capabilities from the command line (Closed)
Base URL: http://git.chromium.org/git/minijail.git@master