Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(64)

Side by Side Diff: sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc

Issue 163433011: Clarify the process title of GPU broker process. (Closed) Base URL: https://git.chromium.org/chromium/src.git@master
Patch Set: Address a few more nits Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <errno.h> 5 #include <errno.h>
6 #include <pthread.h> 6 #include <pthread.h>
7 #include <sched.h> 7 #include <sched.h>
8 #include <sys/prctl.h> 8 #include <sys/prctl.h>
9 #include <sys/syscall.h> 9 #include <sys/syscall.h>
10 #include <sys/time.h> 10 #include <sys/time.h>
11 #include <sys/types.h> 11 #include <sys/types.h>
12 #include <sys/utsname.h> 12 #include <sys/utsname.h>
13 #include <unistd.h> 13 #include <unistd.h>
14 14
15 #if defined(ANDROID) 15 #if defined(ANDROID)
16 // Work-around for buggy headers in Android's NDK 16 // Work-around for buggy headers in Android's NDK
17 #define __user 17 #define __user
18 #endif 18 #endif
19 #include <linux/futex.h> 19 #include <linux/futex.h>
20 20
21 #include <ostream> 21 #include <ostream>
22 22
23 #include "base/bind.h"
23 #include "base/memory/scoped_ptr.h" 24 #include "base/memory/scoped_ptr.h"
24 #include "build/build_config.h" 25 #include "build/build_config.h"
25 #include "sandbox/linux/seccomp-bpf/bpf_tests.h" 26 #include "sandbox/linux/seccomp-bpf/bpf_tests.h"
26 #include "sandbox/linux/seccomp-bpf/syscall.h" 27 #include "sandbox/linux/seccomp-bpf/syscall.h"
27 #include "sandbox/linux/seccomp-bpf/trap.h" 28 #include "sandbox/linux/seccomp-bpf/trap.h"
28 #include "sandbox/linux/seccomp-bpf/verifier.h" 29 #include "sandbox/linux/seccomp-bpf/verifier.h"
29 #include "sandbox/linux/services/broker_process.h" 30 #include "sandbox/linux/services/broker_process.h"
30 #include "sandbox/linux/services/linux_syscalls.h" 31 #include "sandbox/linux/services/linux_syscalls.h"
31 #include "sandbox/linux/tests/unit_tests.h" 32 #include "sandbox/linux/tests/unit_tests.h"
32 #include "testing/gtest/include/gtest/gtest.h" 33 #include "testing/gtest/include/gtest/gtest.h"
(...skipping 630 matching lines...) Expand 10 before | Expand all | Expand 10 after
663 // would make system calls, but it allows us to verify that we don't 664 // would make system calls, but it allows us to verify that we don't
664 // accidentally mess with errno, when we shouldn't. 665 // accidentally mess with errno, when we shouldn't.
665 errno = 0; 666 errno = 0;
666 struct arch_seccomp_data args = {}; 667 struct arch_seccomp_data args = {};
667 args.nr = __NR_close; 668 args.nr = __NR_close;
668 args.args[0] = -1; 669 args.args[0] = -1;
669 BPF_ASSERT(SandboxBPF::ForwardSyscall(args) == -EBADF); 670 BPF_ASSERT(SandboxBPF::ForwardSyscall(args) == -EBADF);
670 BPF_ASSERT(errno == 0); 671 BPF_ASSERT(errno == 0);
671 } 672 }
672 673
674 bool NoOpCallback() { return true; }
675
673 // Test a trap handler that makes use of a broker process to open(). 676 // Test a trap handler that makes use of a broker process to open().
674 677
675 class InitializedOpenBroker { 678 class InitializedOpenBroker {
676 public: 679 public:
677 InitializedOpenBroker() : initialized_(false) { 680 InitializedOpenBroker() : initialized_(false) {
678 std::vector<std::string> allowed_files; 681 std::vector<std::string> allowed_files;
679 allowed_files.push_back("/proc/allowed"); 682 allowed_files.push_back("/proc/allowed");
680 allowed_files.push_back("/proc/cpuinfo"); 683 allowed_files.push_back("/proc/cpuinfo");
681 684
682 broker_process_.reset( 685 broker_process_.reset(
683 new BrokerProcess(EPERM, allowed_files, std::vector<std::string>())); 686 new BrokerProcess(EPERM, allowed_files, std::vector<std::string>()));
684 BPF_ASSERT(broker_process() != NULL); 687 BPF_ASSERT(broker_process() != NULL);
685 BPF_ASSERT(broker_process_->Init(NULL)); 688 BPF_ASSERT(broker_process_->Init(base::Bind(&NoOpCallback)));
686 689
687 initialized_ = true; 690 initialized_ = true;
688 } 691 }
689 bool initialized() { return initialized_; } 692 bool initialized() { return initialized_; }
690 class BrokerProcess* broker_process() { return broker_process_.get(); } 693 class BrokerProcess* broker_process() { return broker_process_.get(); }
691 694
692 private: 695 private:
693 bool initialized_; 696 bool initialized_;
694 scoped_ptr<class BrokerProcess> broker_process_; 697 scoped_ptr<class BrokerProcess> broker_process_;
695 DISALLOW_COPY_AND_ASSIGN(InitializedOpenBroker); 698 DISALLOW_COPY_AND_ASSIGN(InitializedOpenBroker);
(...skipping 1078 matching lines...) Expand 10 before | Expand all | Expand 10 after
1774 &pid) == -EPERM); 1777 &pid) == -EPERM);
1775 } 1778 }
1776 1779
1777 BPF_TEST(SandboxBPF, PthreadEquality, PthreadPolicyEquality) { PthreadTest(); } 1780 BPF_TEST(SandboxBPF, PthreadEquality, PthreadPolicyEquality) { PthreadTest(); }
1778 1781
1779 BPF_TEST(SandboxBPF, PthreadBitMask, PthreadPolicyBitMask) { PthreadTest(); } 1782 BPF_TEST(SandboxBPF, PthreadBitMask, PthreadPolicyBitMask) { PthreadTest(); }
1780 1783
1781 } // namespace 1784 } // namespace
1782 1785
1783 } // namespace sandbox 1786 } // namespace sandbox
OLDNEW
« no previous file with comments | « content/common/sandbox_linux/bpf_gpu_policy_linux.cc ('k') | sandbox/linux/services/broker_process.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698