sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc - Issue 163433011: Clarify the process title of GPU broker process.

Side by Side Diff: sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc

Issue 163433011: Clarify the process title of GPU broker process. (Closed) Base URL: https://git.chromium.org/chromium/src.git@master

Patch Set: Address a few more nits Created 6 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <errno.h>	5 #include <errno.h>

6 #include <pthread.h>	6 #include <pthread.h>

7 #include <sched.h>	7 #include <sched.h>

8 #include <sys/prctl.h>	8 #include <sys/prctl.h>

9 #include <sys/syscall.h>	9 #include <sys/syscall.h>

10 #include <sys/time.h>	10 #include <sys/time.h>

11 #include <sys/types.h>	11 #include <sys/types.h>

12 #include <sys/utsname.h>	12 #include <sys/utsname.h>

13 #include <unistd.h>	13 #include <unistd.h>

14	14

15 #if defined(ANDROID)	15 #if defined(ANDROID)

16 // Work-around for buggy headers in Android's NDK	16 // Work-around for buggy headers in Android's NDK

17 #define __user	17 #define __user

18 #endif	18 #endif

19 #include <linux/futex.h>	19 #include <linux/futex.h>

20	20

21 #include <ostream>	21 #include <ostream>

22	22

	23 #include "base/bind.h"

23 #include "base/memory/scoped_ptr.h"	24 #include "base/memory/scoped_ptr.h"

24 #include "build/build_config.h"	25 #include "build/build_config.h"

25 #include "sandbox/linux/seccomp-bpf/bpf_tests.h"	26 #include "sandbox/linux/seccomp-bpf/bpf_tests.h"

26 #include "sandbox/linux/seccomp-bpf/syscall.h"	27 #include "sandbox/linux/seccomp-bpf/syscall.h"

27 #include "sandbox/linux/seccomp-bpf/trap.h"	28 #include "sandbox/linux/seccomp-bpf/trap.h"

28 #include "sandbox/linux/seccomp-bpf/verifier.h"	29 #include "sandbox/linux/seccomp-bpf/verifier.h"

29 #include "sandbox/linux/services/broker_process.h"	30 #include "sandbox/linux/services/broker_process.h"

30 #include "sandbox/linux/services/linux_syscalls.h"	31 #include "sandbox/linux/services/linux_syscalls.h"

31 #include "sandbox/linux/tests/unit_tests.h"	32 #include "sandbox/linux/tests/unit_tests.h"

32 #include "testing/gtest/include/gtest/gtest.h"	33 #include "testing/gtest/include/gtest/gtest.h"

(...skipping 630 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
663 // would make system calls, but it allows us to verify that we don't	664 // would make system calls, but it allows us to verify that we don't

664 // accidentally mess with errno, when we shouldn't.	665 // accidentally mess with errno, when we shouldn't.

665 errno = 0;	666 errno = 0;

666 struct arch_seccomp_data args = {};	667 struct arch_seccomp_data args = {};

667 args.nr = __NR_close;	668 args.nr = __NR_close;

668 args.args[0] = -1;	669 args.args[0] = -1;

669 BPF_ASSERT(SandboxBPF::ForwardSyscall(args) == -EBADF);	670 BPF_ASSERT(SandboxBPF::ForwardSyscall(args) == -EBADF);

670 BPF_ASSERT(errno == 0);	671 BPF_ASSERT(errno == 0);

671 }	672 }

672	673

	674 bool NoOpCallback() { return true; }

	675

673 // Test a trap handler that makes use of a broker process to open().	676 // Test a trap handler that makes use of a broker process to open().

674	677

675 class InitializedOpenBroker {	678 class InitializedOpenBroker {

676 public:	679 public:

677 InitializedOpenBroker() : initialized_(false) {	680 InitializedOpenBroker() : initialized_(false) {

678 std::vector<std::string> allowed_files;	681 std::vector<std::string> allowed_files;

679 allowed_files.push_back("/proc/allowed");	682 allowed_files.push_back("/proc/allowed");

680 allowed_files.push_back("/proc/cpuinfo");	683 allowed_files.push_back("/proc/cpuinfo");

681	684

682 broker_process_.reset(	685 broker_process_.reset(

683 new BrokerProcess(EPERM, allowed_files, std::vector<std::string>()));	686 new BrokerProcess(EPERM, allowed_files, std::vector<std::string>()));

684 BPF_ASSERT(broker_process() != NULL);	687 BPF_ASSERT(broker_process() != NULL);

685 BPF_ASSERT(broker_process_->Init(NULL));	688 BPF_ASSERT(broker_process_->Init(base::Bind(&NoOpCallback)));

686	689

687 initialized_ = true;	690 initialized_ = true;

688 }	691 }

689 bool initialized() { return initialized_; }	692 bool initialized() { return initialized_; }

690 class BrokerProcess* broker_process() { return broker_process_.get(); }	693 class BrokerProcess* broker_process() { return broker_process_.get(); }

691	694

692 private:	695 private:

693 bool initialized_;	696 bool initialized_;

694 scoped_ptr<class BrokerProcess> broker_process_;	697 scoped_ptr<class BrokerProcess> broker_process_;

695 DISALLOW_COPY_AND_ASSIGN(InitializedOpenBroker);	698 DISALLOW_COPY_AND_ASSIGN(InitializedOpenBroker);

(...skipping 1078 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1774 &pid) == -EPERM);	1777 &pid) == -EPERM);

1775 }	1778 }

1776	1779

1777 BPF_TEST(SandboxBPF, PthreadEquality, PthreadPolicyEquality) { PthreadTest(); }	1780 BPF_TEST(SandboxBPF, PthreadEquality, PthreadPolicyEquality) { PthreadTest(); }

1778	1781

1779 BPF_TEST(SandboxBPF, PthreadBitMask, PthreadPolicyBitMask) { PthreadTest(); }	1782 BPF_TEST(SandboxBPF, PthreadBitMask, PthreadPolicyBitMask) { PthreadTest(); }

1780	1783

1781 } // namespace	1784 } // namespace

1782	1785

1783 } // namespace sandbox	1786 } // namespace sandbox

OLD	NEW

« no previous file with comments | « content/common/sandbox_linux/bpf_gpu_policy_linux.cc ('k') | sandbox/linux/services/broker_process.h » ('j') | no next file with comments »