OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ | 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ |
6 #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ | 6 #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ |
7 | 7 |
| 8 #include <memory> |
| 9 |
8 #include "base/macros.h" | 10 #include "base/macros.h" |
9 #include "base/memory/scoped_ptr.h" | |
10 #include "sandbox/linux/tests/sandbox_test_runner.h" | 11 #include "sandbox/linux/tests/sandbox_test_runner.h" |
11 | 12 |
12 namespace sandbox { | 13 namespace sandbox { |
13 namespace bpf_dsl { | 14 namespace bpf_dsl { |
14 class Policy; | 15 class Policy; |
15 } | 16 } |
16 | 17 |
17 // To create a SandboxBPFTestRunner object, one needs to implement this | 18 // To create a SandboxBPFTestRunner object, one needs to implement this |
18 // interface and pass an instance to the SandboxBPFTestRunner constructor. | 19 // interface and pass an instance to the SandboxBPFTestRunner constructor. |
19 // In the child process running the test, the BPFTesterDelegate object is | 20 // In the child process running the test, the BPFTesterDelegate object is |
20 // guaranteed to not be destroyed until the child process terminates. | 21 // guaranteed to not be destroyed until the child process terminates. |
21 class BPFTesterDelegate { | 22 class BPFTesterDelegate { |
22 public: | 23 public: |
23 BPFTesterDelegate() {} | 24 BPFTesterDelegate() {} |
24 virtual ~BPFTesterDelegate() {} | 25 virtual ~BPFTesterDelegate() {} |
25 | 26 |
26 // This will instanciate a policy suitable for the test we want to run. It is | 27 // This will instanciate a policy suitable for the test we want to run. It is |
27 // guaranteed to only be called from the child process that will run the | 28 // guaranteed to only be called from the child process that will run the |
28 // test. | 29 // test. |
29 virtual scoped_ptr<bpf_dsl::Policy> GetSandboxBPFPolicy() = 0; | 30 virtual std::unique_ptr<bpf_dsl::Policy> GetSandboxBPFPolicy() = 0; |
30 // This will be called from a child process with the BPF sandbox turned on. | 31 // This will be called from a child process with the BPF sandbox turned on. |
31 virtual void RunTestFunction() = 0; | 32 virtual void RunTestFunction() = 0; |
32 | 33 |
33 private: | 34 private: |
34 DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate); | 35 DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate); |
35 }; | 36 }; |
36 | 37 |
37 // This class implements the SandboxTestRunner interface and Run() will | 38 // This class implements the SandboxTestRunner interface and Run() will |
38 // initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and | 39 // initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and |
39 // run a test function (via |bpf_tester_delegate|) if the current kernel | 40 // run a test function (via |bpf_tester_delegate|) if the current kernel |
40 // configuration allows it. If it can not run the test under seccomp-bpf, | 41 // configuration allows it. If it can not run the test under seccomp-bpf, |
41 // Run() will still compile the policy which should allow to get some coverage | 42 // Run() will still compile the policy which should allow to get some coverage |
42 // under tools such as Valgrind. | 43 // under tools such as Valgrind. |
43 class SandboxBPFTestRunner : public SandboxTestRunner { | 44 class SandboxBPFTestRunner : public SandboxTestRunner { |
44 public: | 45 public: |
45 // This constructor takes ownership of the |bpf_tester_delegate| object. | 46 // This constructor takes ownership of the |bpf_tester_delegate| object. |
46 // (It doesn't take a scoped_ptr since they make polymorphism verbose). | 47 // (It doesn't take a std::unique_ptr since they make polymorphism verbose). |
47 explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate); | 48 explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate); |
48 ~SandboxBPFTestRunner() override; | 49 ~SandboxBPFTestRunner() override; |
49 | 50 |
50 void Run() override; | 51 void Run() override; |
51 | 52 |
52 bool ShouldCheckForLeaks() const override; | 53 bool ShouldCheckForLeaks() const override; |
53 | 54 |
54 private: | 55 private: |
55 scoped_ptr<BPFTesterDelegate> bpf_tester_delegate_; | 56 std::unique_ptr<BPFTesterDelegate> bpf_tester_delegate_; |
56 DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner); | 57 DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner); |
57 }; | 58 }; |
58 | 59 |
59 } // namespace sandbox | 60 } // namespace sandbox |
60 | 61 |
61 #endif // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ | 62 #endif // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ |
OLD | NEW |