Update from https://crrev.com/320343

sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc

Index: sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc
diff --git a/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc b/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc
index cffadc5035e05fd42275cecfbf0384ffe1221235..dba421f6ad194a79f794be0d6122c3bf5e412f8c 100644
--- a/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc
+++ b/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc
@@ -12,55 +12,132 @@
 #include <sys/utsname.h>
 #include <unistd.h>
 
+#include <map>
+#include <utility>
+
 #include "base/files/scoped_file.h"
 #include "base/macros.h"
 #include "build/build_config.h"
 #include "sandbox/linux/bpf_dsl/bpf_dsl_impl.h"
+#include "sandbox/linux/bpf_dsl/codegen.h"
 #include "sandbox/linux/bpf_dsl/policy.h"
-#include "sandbox/linux/seccomp-bpf/bpf_tests.h"
+#include "sandbox/linux/bpf_dsl/policy_compiler.h"
+#include "sandbox/linux/bpf_dsl/seccomp_macros.h"
+#include "sandbox/linux/bpf_dsl/trap_registry.h"
+#include "sandbox/linux/bpf_dsl/verifier.h"
 #include "sandbox/linux/seccomp-bpf/errorcode.h"
-#include "sandbox/linux/seccomp-bpf/syscall.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 #define CASES SANDBOX_BPF_DSL_CASES
 
-// Helper macro to assert that invoking system call |sys| directly via
-// Syscall::Call with arguments |...| returns |res|.
-// Errors can be asserted by specifying a value like "-EINVAL".
-#define ASSERT_SYSCALL_RESULT(res, sys, ...) \
-  BPF_ASSERT_EQ(res, Stubs::sys(__VA_ARGS__))
-
 namespace sandbox {
 namespace bpf_dsl {
 namespace {
 
-// Type safe stubs for tested system calls.
-class Stubs {
+// Helper function to construct fake arch_seccomp_data objects.
+struct arch_seccomp_data FakeSyscall(int nr,
+                                     uint64_t p0 = 0,
+                                     uint64_t p1 = 0,
+                                     uint64_t p2 = 0,
+                                     uint64_t p3 = 0,
+                                     uint64_t p4 = 0,
+                                     uint64_t p5 = 0) {
+  // Made up program counter for syscall address.
+  const uint64_t kFakePC = 0x543210;
+
+  struct arch_seccomp_data data = {
+      nr,
+      SECCOMP_ARCH,
+      kFakePC,
+      {
+       p0, p1, p2, p3, p4, p5,
+      },
+  };
+
+  return data;
+}
+
+class FakeTrapRegistry : public TrapRegistry {
  public:
-  static int getpgid(pid_t pid) { return Syscall::Call(__NR_getpgid, pid); }
-  static int setuid(uid_t uid) { return Syscall::Call(__NR_setuid, uid); }
-  static int setgid(gid_t gid) { return Syscall::Call(__NR_setgid, gid); }
-  static int setpgid(pid_t pid, pid_t pgid) {
-    return Syscall::Call(__NR_setpgid, pid, pgid);
+  FakeTrapRegistry() : map_() {}
+  virtual ~FakeTrapRegistry() {}
+
+  uint16_t Add(TrapFnc fnc, const void* aux, bool safe) override {
+    EXPECT_TRUE(safe);
+
+    const uint16_t next_id = map_.size() + 1;
+    return map_.insert(std::make_pair(Key(fnc, aux), next_id)).first->second;
+  }
+
+  bool EnableUnsafeTraps() override {
+    ADD_FAILURE() << "Unimplemented";
+    return false;
   }
 
-  static int fcntl(int fd, int cmd, unsigned long arg = 0) {
-    return Syscall::Call(__NR_fcntl, fd, cmd, arg);
+ private:
+  using Key = std::pair<TrapFnc, const void*>;
+
+  std::map<Key, uint16_t> map_;
+
+  DISALLOW_COPY_AND_ASSIGN(FakeTrapRegistry);
+};
+
+intptr_t FakeTrapFuncOne(const arch_seccomp_data& data, void* aux) { return 1; }
+intptr_t FakeTrapFuncTwo(const arch_seccomp_data& data, void* aux) { return 2; }
+
+// Test that FakeTrapRegistry correctly assigns trap IDs to trap handlers.
+TEST(FakeTrapRegistry, TrapIDs) {
+  struct {
+    TrapRegistry::TrapFnc fnc;
+    const void* aux;
+  } funcs[] = {
+      {FakeTrapFuncOne, nullptr},
+      {FakeTrapFuncTwo, nullptr},
+      {FakeTrapFuncOne, funcs},
+      {FakeTrapFuncTwo, funcs},
+  };
+
+  FakeTrapRegistry traps;
+
+  // Add traps twice to test that IDs are reused correctly.
+  for (int i = 0; i < 2; ++i) {
+    for (size_t j = 0; j < arraysize(funcs); ++j) {
+      // Trap IDs start at 1.
+      EXPECT_EQ(j + 1, traps.Add(funcs[j].fnc, funcs[j].aux, true));
+    }
   }
+}
 
-  static int uname(struct utsname* buf) {
-    return Syscall::Call(__NR_uname, buf);
+class PolicyEmulator {
+ public:
+  explicit PolicyEmulator(const Policy* policy) : program_(), traps_() {
+    program_ = *PolicyCompiler(policy, &traps_).Compile(true /* verify */);
+  }
+  ~PolicyEmulator() {}
+
+  uint32_t Emulate(const struct arch_seccomp_data& data) const {
+    const char* err = nullptr;
+    uint32_t res = Verifier::EvaluateBPF(program_, data, &err);
+    if (err) {
+      ADD_FAILURE() << err;
+      return 0;
+    }
+    return res;
   }
 
-  static int setresuid(uid_t ruid, uid_t euid, uid_t suid) {
-    return Syscall::Call(__NR_setresuid, ruid, euid, suid);
+  void ExpectAllow(const struct arch_seccomp_data& data) const {
+    EXPECT_EQ(SECCOMP_RET_ALLOW, Emulate(data));
   }
 
-#if !defined(ARCH_CPU_X86)
-  static int socketpair(int domain, int type, int protocol, int sv[2]) {
-    return Syscall::Call(__NR_socketpair, domain, type, protocol, sv);
+  void ExpectErrno(uint16_t err, const struct arch_seccomp_data& data) const {
+    EXPECT_EQ(SECCOMP_RET_ERRNO | err, Emulate(data));
   }
-#endif
+
+ private:
+  CodeGen::Program program_;
+  FakeTrapRegistry traps_;
+
+  DISALLOW_COPY_AND_ASSIGN(PolicyEmulator);
 };
 
 class BasicPolicy : public Policy {
@@ -83,12 +160,15 @@ class BasicPolicy : public Policy {
   DISALLOW_COPY_AND_ASSIGN(BasicPolicy);
 };
 
-BPF_TEST_C(BPFDSL, Basic, BasicPolicy) {
-  ASSERT_SYSCALL_RESULT(-EPERM, getpgid, 0);
-  ASSERT_SYSCALL_RESULT(-EINVAL, getpgid, 1);
+TEST(BPFDSL, Basic) {
+  BasicPolicy policy;
+  PolicyEmulator emulator(&policy);
+
+  emulator.ExpectErrno(EPERM, FakeSyscall(__NR_getpgid, 0));
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_getpgid, 1));
 
-  ASSERT_SYSCALL_RESULT(-ENOMEM, setuid, 42);
-  ASSERT_SYSCALL_RESULT(-ESRCH, setuid, 43);
+  emulator.ExpectErrno(ENOMEM, FakeSyscall(__NR_setuid, 42));
+  emulator.ExpectErrno(ESRCH, FakeSyscall(__NR_setuid, 43));
 }
 
 /* On IA-32, socketpair() is implemented via socketcall(). :-( */
@@ -112,22 +192,30 @@ class BooleanLogicPolicy : public Policy {
   DISALLOW_COPY_AND_ASSIGN(BooleanLogicPolicy);
 };
 
-BPF_TEST_C(BPFDSL, BooleanLogic, BooleanLogicPolicy) {
-  int sv[2];
+TEST(BPFDSL, BooleanLogic) {
+  BooleanLogicPolicy policy;
+  PolicyEmulator emulator(&policy);
+
+  const intptr_t kFakeSV = 0x12345;
 
   // Acceptable combinations that should return EPERM.
-  ASSERT_SYSCALL_RESULT(-EPERM, socketpair, AF_UNIX, SOCK_STREAM, 0, sv);
-  ASSERT_SYSCALL_RESULT(-EPERM, socketpair, AF_UNIX, SOCK_DGRAM, 0, sv);
+  emulator.ExpectErrno(
+      EPERM, FakeSyscall(__NR_socketpair, AF_UNIX, SOCK_STREAM, 0, kFakeSV));
+  emulator.ExpectErrno(
+      EPERM, FakeSyscall(__NR_socketpair, AF_UNIX, SOCK_DGRAM, 0, kFakeSV));
 
   // Combinations that are invalid for only one reason; should return EINVAL.
-  ASSERT_SYSCALL_RESULT(-EINVAL, socketpair, AF_INET, SOCK_STREAM, 0, sv);
-  ASSERT_SYSCALL_RESULT(-EINVAL, socketpair, AF_UNIX, SOCK_SEQPACKET, 0, sv);
-  ASSERT_SYSCALL_RESULT(
-      -EINVAL, socketpair, AF_UNIX, SOCK_STREAM, IPPROTO_TCP, sv);
+  emulator.ExpectErrno(
+      EINVAL, FakeSyscall(__NR_socketpair, AF_INET, SOCK_STREAM, 0, kFakeSV));
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_socketpair, AF_UNIX,
+                                           SOCK_SEQPACKET, 0, kFakeSV));
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_socketpair, AF_UNIX,
+                                           SOCK_STREAM, IPPROTO_TCP, kFakeSV));
 
   // Completely unacceptable combination; should also return EINVAL.
-  ASSERT_SYSCALL_RESULT(
-      -EINVAL, socketpair, AF_INET, SOCK_SEQPACKET, IPPROTO_UDP, sv);
+  emulator.ExpectErrno(
+      EINVAL, FakeSyscall(__NR_socketpair, AF_INET, SOCK_SEQPACKET, IPPROTO_UDP,
+                          kFakeSV));
 }
 #endif  // !ARCH_CPU_X86
 
@@ -149,20 +237,23 @@ class MoreBooleanLogicPolicy : public Policy {
   DISALLOW_COPY_AND_ASSIGN(MoreBooleanLogicPolicy);
 };
 
-BPF_TEST_C(BPFDSL, MoreBooleanLogic, MoreBooleanLogicPolicy) {
+TEST(BPFDSL, MoreBooleanLogic) {
+  MoreBooleanLogicPolicy policy;
+  PolicyEmulator emulator(&policy);
+
   // Expect EPERM if any set to 0.
-  ASSERT_SYSCALL_RESULT(-EPERM, setresuid, 0, 5, 5);
-  ASSERT_SYSCALL_RESULT(-EPERM, setresuid, 5, 0, 5);
-  ASSERT_SYSCALL_RESULT(-EPERM, setresuid, 5, 5, 0);
+  emulator.ExpectErrno(EPERM, FakeSyscall(__NR_setresuid, 0, 5, 5));
+  emulator.ExpectErrno(EPERM, FakeSyscall(__NR_setresuid, 5, 0, 5));
+  emulator.ExpectErrno(EPERM, FakeSyscall(__NR_setresuid, 5, 5, 0));
 
   // Expect EAGAIN if all set to 1.
-  ASSERT_SYSCALL_RESULT(-EAGAIN, setresuid, 1, 1, 1);
+  emulator.ExpectErrno(EAGAIN, FakeSyscall(__NR_setresuid, 1, 1, 1));
 
   // Expect EINVAL for anything else.
-  ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 5, 1, 1);
-  ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 1, 5, 1);
-  ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 1, 1, 5);
-  ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 3, 4, 5);
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 5, 1, 1));
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 1, 5, 1));
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 1, 1, 5));
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 3, 4, 5));
 }
 
 static const uintptr_t kDeadBeefAddr =
@@ -184,13 +275,17 @@ class ArgSizePolicy : public Policy {
   DISALLOW_COPY_AND_ASSIGN(ArgSizePolicy);
 };
 
-BPF_TEST_C(BPFDSL, ArgSizeTest, ArgSizePolicy) {
-  struct utsname buf;
-  ASSERT_SYSCALL_RESULT(0, uname, &buf);
-  ASSERT_SYSCALL_RESULT(
-      -EPERM, uname, reinterpret_cast<struct utsname*>(kDeadBeefAddr));
+TEST(BPFDSL, ArgSizeTest) {
+  ArgSizePolicy policy;
+  PolicyEmulator emulator(&policy);
+
+  emulator.ExpectAllow(FakeSyscall(__NR_uname, 0));
+  emulator.ExpectErrno(EPERM, FakeSyscall(__NR_uname, kDeadBeefAddr));
 }
 
+#if 0
+// TODO(mdempsky): This is really an integration test.
+
 class TrappingPolicy : public Policy {
  public:
   TrappingPolicy() {}
@@ -220,6 +315,7 @@ BPF_TEST_C(BPFDSL, TrapTest, TrappingPolicy) {
   ASSERT_SYSCALL_RESULT(2, uname, NULL);
   ASSERT_SYSCALL_RESULT(3, uname, NULL);
 }
+#endif
 
 class MaskingPolicy : public Policy {
  public:
@@ -245,20 +341,23 @@ class MaskingPolicy : public Policy {
   DISALLOW_COPY_AND_ASSIGN(MaskingPolicy);
 };
 
-BPF_TEST_C(BPFDSL, MaskTest, MaskingPolicy) {
+TEST(BPFDSL, MaskTest) {
+  MaskingPolicy policy;
+  PolicyEmulator emulator(&policy);
+
   for (uid_t uid = 0; uid < 0x100; ++uid) {
     const int expect_errno = (uid & 0xf) == 0 ? EINVAL : EACCES;
-    ASSERT_SYSCALL_RESULT(-expect_errno, setuid, uid);
+    emulator.ExpectErrno(expect_errno, FakeSyscall(__NR_setuid, uid));
   }
 
   for (gid_t gid = 0; gid < 0x100; ++gid) {
     const int expect_errno = (gid & 0xf0) == 0xf0 ? EINVAL : EACCES;
-    ASSERT_SYSCALL_RESULT(-expect_errno, setgid, gid);
+    emulator.ExpectErrno(expect_errno, FakeSyscall(__NR_setgid, gid));
   }
 
   for (pid_t pid = 0; pid < 0x100; ++pid) {
     const int expect_errno = (pid & 0xa5) == 0xa0 ? EINVAL : EACCES;
-    ASSERT_SYSCALL_RESULT(-expect_errno, setpgid, pid, 0);
+    emulator.ExpectErrno(expect_errno, FakeSyscall(__NR_setpgid, pid, 0));
   }
 }
 
@@ -281,17 +380,20 @@ class ElseIfPolicy : public Policy {
   DISALLOW_COPY_AND_ASSIGN(ElseIfPolicy);
 };
 
-BPF_TEST_C(BPFDSL, ElseIfTest, ElseIfPolicy) {
-  ASSERT_SYSCALL_RESULT(0, setuid, 0);
+TEST(BPFDSL, ElseIfTest) {
+  ElseIfPolicy policy;
+  PolicyEmulator emulator(&policy);
 
-  ASSERT_SYSCALL_RESULT(-EINVAL, setuid, 0x0001);
-  ASSERT_SYSCALL_RESULT(-EINVAL, setuid, 0x0002);
+  emulator.ExpectErrno(0, FakeSyscall(__NR_setuid, 0));
 
-  ASSERT_SYSCALL_RESULT(-EEXIST, setuid, 0x0011);
-  ASSERT_SYSCALL_RESULT(-EEXIST, setuid, 0x0022);
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setuid, 0x0001));
+  emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setuid, 0x0002));
 
-  ASSERT_SYSCALL_RESULT(-EACCES, setuid, 0x0111);
-  ASSERT_SYSCALL_RESULT(-EACCES, setuid, 0x0222);
+  emulator.ExpectErrno(EEXIST, FakeSyscall(__NR_setuid, 0x0011));
+  emulator.ExpectErrno(EEXIST, FakeSyscall(__NR_setuid, 0x0022));
+
+  emulator.ExpectErrno(EACCES, FakeSyscall(__NR_setuid, 0x0111));
+  emulator.ExpectErrno(EACCES, FakeSyscall(__NR_setuid, 0x0222));
 }
 
 class SwitchPolicy : public Policy {
@@ -315,19 +417,25 @@ class SwitchPolicy : public Policy {
   DISALLOW_COPY_AND_ASSIGN(SwitchPolicy);
 };
 
-BPF_TEST_C(BPFDSL, SwitchTest, SwitchPolicy) {
-  base::ScopedFD sock_fd(socket(AF_UNIX, SOCK_STREAM, 0));
-  BPF_ASSERT(sock_fd.is_valid());
+TEST(BPFDSL, SwitchTest) {
+  SwitchPolicy policy;
+  PolicyEmulator emulator(&policy);
+
+  const int kFakeSockFD = 42;
 
-  ASSERT_SYSCALL_RESULT(-ENOENT, fcntl, sock_fd.get(), F_GETFD);
-  ASSERT_SYSCALL_RESULT(-ENOENT, fcntl, sock_fd.get(), F_GETFL);
+  emulator.ExpectErrno(ENOENT, FakeSyscall(__NR_fcntl, kFakeSockFD, F_GETFD));
+  emulator.ExpectErrno(ENOENT, FakeSyscall(__NR_fcntl, kFakeSockFD, F_GETFL));
 
-  ASSERT_SYSCALL_RESULT(0, fcntl, sock_fd.get(), F_SETFD, O_CLOEXEC);
-  ASSERT_SYSCALL_RESULT(-EINVAL, fcntl, sock_fd.get(), F_SETFD, 0);
+  emulator.ExpectAllow(
+      FakeSyscall(__NR_fcntl, kFakeSockFD, F_SETFD, O_CLOEXEC));
+  emulator.ExpectErrno(EINVAL,
+                       FakeSyscall(__NR_fcntl, kFakeSockFD, F_SETFD, 0));
 
-  ASSERT_SYSCALL_RESULT(-EPERM, fcntl, sock_fd.get(), F_SETFL, O_RDONLY);
+  emulator.ExpectErrno(EPERM,
+                       FakeSyscall(__NR_fcntl, kFakeSockFD, F_SETFL, O_RDONLY));
 
-  ASSERT_SYSCALL_RESULT(-EACCES, fcntl, sock_fd.get(), F_DUPFD, 0);
+  emulator.ExpectErrno(EACCES,
+                       FakeSyscall(__NR_fcntl, kFakeSockFD, F_DUPFD, 0));
 }
 
 static intptr_t DummyTrap(const struct arch_seccomp_data& data, void* aux) {