OLD | NEW |
| (Empty) |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 // This file tests the C handle API (the functions declared in | |
6 // mojo/public/c/include/mojo/system/handle.h). Note: The functionality of these | |
7 // APIs for specific types of handles are tested with the APIs for those types | |
8 // of handles. | |
9 | |
10 #include <mojo/system/handle.h> | |
11 | |
12 #include <mojo/result.h> | |
13 #include <mojo/system/message_pipe.h> | |
14 | |
15 #include "gtest/gtest.h" | |
16 | |
17 namespace { | |
18 | |
19 const MojoHandleRights kDefaultMessagePipeHandleRights = | |
20 MOJO_HANDLE_RIGHT_TRANSFER | MOJO_HANDLE_RIGHT_READ | | |
21 MOJO_HANDLE_RIGHT_WRITE | MOJO_HANDLE_RIGHT_GET_OPTIONS | | |
22 MOJO_HANDLE_RIGHT_SET_OPTIONS; | |
23 | |
24 TEST(HandleTest, InvalidHandle) { | |
25 // MojoClose: | |
26 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, MojoClose(MOJO_HANDLE_INVALID)); | |
27 | |
28 // MojoGetRights: | |
29 MojoHandleRights rights = MOJO_HANDLE_RIGHT_NONE; | |
30 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, | |
31 MojoGetRights(MOJO_HANDLE_INVALID, &rights)); | |
32 | |
33 // MojoReplaceHandleWithReducedRights: | |
34 MojoHandle replacement_handle = MOJO_HANDLE_INVALID; | |
35 EXPECT_EQ( | |
36 MOJO_RESULT_INVALID_ARGUMENT, | |
37 MojoReplaceHandleWithReducedRights( | |
38 MOJO_HANDLE_INVALID, MOJO_HANDLE_RIGHT_NONE, &replacement_handle)); | |
39 | |
40 // MojoDuplicateHandleWithReducedRights: | |
41 MojoHandle new_handle = MOJO_HANDLE_INVALID; | |
42 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, | |
43 MojoDuplicateHandleWithReducedRights( | |
44 MOJO_HANDLE_INVALID, MOJO_HANDLE_RIGHT_DUPLICATE, &new_handle)); | |
45 EXPECT_EQ(MOJO_HANDLE_INVALID, new_handle); | |
46 | |
47 // MojoDuplicateHandle: | |
48 new_handle = MOJO_HANDLE_INVALID; | |
49 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, | |
50 MojoDuplicateHandle(MOJO_HANDLE_INVALID, &new_handle)); | |
51 EXPECT_EQ(MOJO_HANDLE_INVALID, new_handle); | |
52 } | |
53 | |
54 // |MojoReplaceHandleWithReducedRights()| is not handle-type specific, so we'll | |
55 // test it here, even though it requires actually creating/using a specific | |
56 // handle type. | |
57 TEST(HandleTest, ReplaceHandleWithReducedRights) { | |
58 MojoHandle h0 = MOJO_HANDLE_INVALID; | |
59 MojoHandle h1 = MOJO_HANDLE_INVALID; | |
60 // That |MojoCreateMessagePipe()| works correctly is checked in | |
61 // |MessagePipeTest|. | |
62 EXPECT_EQ(MOJO_RESULT_OK, MojoCreateMessagePipe(nullptr, &h0, &h1)); | |
63 | |
64 // Still check the rights on one of the handles, just to make sure that | |
65 // |kDefaultMessagePipeHandleRights| stays in sync with reality. | |
66 MojoHandleRights rights = MOJO_HANDLE_RIGHT_NONE; | |
67 EXPECT_EQ(MOJO_RESULT_OK, MojoGetRights(h0, &rights)); | |
68 EXPECT_EQ(kDefaultMessagePipeHandleRights, rights); | |
69 | |
70 // First try replacing without reducing rights. | |
71 MojoHandle h0r0 = MOJO_HANDLE_INVALID; | |
72 EXPECT_EQ(MOJO_RESULT_OK, MojoReplaceHandleWithReducedRights( | |
73 h0, MOJO_HANDLE_RIGHT_NONE, &h0r0)); | |
74 EXPECT_NE(h0r0, MOJO_HANDLE_INVALID); | |
75 // Not guaranteed, but we depend on handle values not being reused eagerly. | |
76 EXPECT_NE(h0r0, h0); | |
77 EXPECT_NE(h0r0, h1); // |h0r0| should definitely not be the same as |h1|. | |
78 // |h0| should be dead, so this should fail. | |
79 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, MojoClose(h0)); | |
80 | |
81 // Check that the rights remain the same. | |
82 rights = MOJO_HANDLE_RIGHT_NONE; | |
83 EXPECT_EQ(MOJO_RESULT_OK, MojoGetRights(h0r0, &rights)); | |
84 EXPECT_EQ(kDefaultMessagePipeHandleRights, rights); | |
85 | |
86 // Make sure the replacement handle is still usable. | |
87 char x = 'x'; | |
88 EXPECT_EQ(MOJO_RESULT_OK, MojoWriteMessage(h0r0, &x, 1u, nullptr, 0, | |
89 MOJO_WRITE_MESSAGE_FLAG_NONE)); | |
90 | |
91 // Try replacing, but removing a couple of rights. | |
92 MojoHandle h0r1 = MOJO_HANDLE_INVALID; | |
93 constexpr MojoHandleRights kRightsToRemove = | |
94 MOJO_HANDLE_RIGHT_TRANSFER | MOJO_HANDLE_RIGHT_WRITE; | |
95 EXPECT_EQ(MOJO_RESULT_OK, | |
96 MojoReplaceHandleWithReducedRights(h0r0, kRightsToRemove, &h0r1)); | |
97 EXPECT_NE(h0r1, MOJO_HANDLE_INVALID); | |
98 // Not guaranteed, but we depend on handle values not being reused eagerly. | |
99 EXPECT_NE(h0r1, h0r0); | |
100 EXPECT_NE(h0r1, h1); // |h0r1| should definitely not be the same as |h1|. | |
101 // |h0r0| should be dead, so this should fail. | |
102 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, MojoClose(h0r0)); | |
103 | |
104 // Check that |h0r1| has the expected rights. | |
105 rights = MOJO_HANDLE_RIGHT_NONE; | |
106 EXPECT_EQ(MOJO_RESULT_OK, MojoGetRights(h0r1, &rights)); | |
107 EXPECT_EQ(kDefaultMessagePipeHandleRights & ~kRightsToRemove, rights); | |
108 | |
109 // Make sure that the rights are actually correctly enforced. | |
110 EXPECT_EQ( | |
111 MOJO_RESULT_PERMISSION_DENIED, | |
112 MojoWriteMessage(h0r1, &x, 1u, nullptr, 0, MOJO_WRITE_MESSAGE_FLAG_NONE)); | |
113 | |
114 EXPECT_EQ(MOJO_RESULT_OK, MojoClose(h0r1)); | |
115 EXPECT_EQ(MOJO_RESULT_OK, MojoClose(h1)); | |
116 } | |
117 | |
118 } // namespace | |
OLD | NEW |