OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" | 5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <sched.h> | 8 #include <sched.h> |
9 #include <sys/resource.h> | 9 #include <sys/resource.h> |
10 #include <sys/syscall.h> | 10 #include <sys/syscall.h> |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
54 return RestrictClockID(); | 54 return RestrictClockID(); |
55 default: | 55 default: |
56 return Allow(); | 56 return Allow(); |
57 } | 57 } |
58 } | 58 } |
59 }; | 59 }; |
60 | 60 |
61 void CheckClock(clockid_t clockid) { | 61 void CheckClock(clockid_t clockid) { |
62 struct timespec ts; | 62 struct timespec ts; |
63 ts.tv_sec = ts.tv_nsec = -1; | 63 ts.tv_sec = ts.tv_nsec = -1; |
64 BPF_ASSERT_EQ(0, clock_getres(clockid, &ts)); | |
65 BPF_ASSERT_EQ(0, ts.tv_sec); | |
66 BPF_ASSERT_LE(0, ts.tv_nsec); | |
67 ts.tv_sec = ts.tv_nsec = -1; | |
jln (very slow on Chromium)
2015/05/07 19:22:40
Style: please break in two expressions.
| |
64 BPF_ASSERT_EQ(0, clock_gettime(clockid, &ts)); | 68 BPF_ASSERT_EQ(0, clock_gettime(clockid, &ts)); |
65 BPF_ASSERT_LE(0, ts.tv_sec); | 69 BPF_ASSERT_LE(0, ts.tv_sec); |
66 BPF_ASSERT_LE(0, ts.tv_nsec); | 70 BPF_ASSERT_LE(0, ts.tv_nsec); |
67 } | 71 } |
68 | 72 |
69 BPF_TEST_C(ParameterRestrictions, | 73 BPF_TEST_C(ParameterRestrictions, |
70 clock_gettime_allowed, | 74 clock_gettime_allowed, |
71 RestrictClockIdPolicy) { | 75 RestrictClockIdPolicy) { |
72 CheckClock(CLOCK_MONOTONIC); | 76 CheckClock(CLOCK_MONOTONIC); |
77 CheckClock(CLOCK_MONOTONIC_COARSE); | |
73 CheckClock(CLOCK_PROCESS_CPUTIME_ID); | 78 CheckClock(CLOCK_PROCESS_CPUTIME_ID); |
74 CheckClock(CLOCK_REALTIME); | 79 CheckClock(CLOCK_REALTIME); |
80 CheckClock(CLOCK_REALTIME_COARSE); | |
75 CheckClock(CLOCK_THREAD_CPUTIME_ID); | 81 CheckClock(CLOCK_THREAD_CPUTIME_ID); |
76 } | 82 } |
77 | 83 |
78 BPF_DEATH_TEST_C(ParameterRestrictions, | 84 BPF_DEATH_TEST_C(ParameterRestrictions, |
79 clock_gettime_crash_monotonic_raw, | 85 clock_gettime_crash_monotonic_raw, |
80 DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()), | 86 DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()), |
81 RestrictClockIdPolicy) { | 87 RestrictClockIdPolicy) { |
82 struct timespec ts; | 88 struct timespec ts; |
83 clock_gettime(CLOCK_MONOTONIC_RAW, &ts); | 89 clock_gettime(CLOCK_MONOTONIC_RAW, &ts); |
84 } | 90 } |
(...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
264 getrusage_crash_not_self, | 270 getrusage_crash_not_self, |
265 DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()), | 271 DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()), |
266 RestrictGetrusagePolicy) { | 272 RestrictGetrusagePolicy) { |
267 struct rusage usage; | 273 struct rusage usage; |
268 getrusage(RUSAGE_CHILDREN, &usage); | 274 getrusage(RUSAGE_CHILDREN, &usage); |
269 } | 275 } |
270 | 276 |
271 } // namespace | 277 } // namespace |
272 | 278 |
273 } // namespace sandbox | 279 } // namespace sandbox |
OLD | NEW |