OLD | NEW |
| (Empty) |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/nacl/loader/nonsfi/nonsfi_sandbox.h" | |
6 | |
7 #include <errno.h> | |
8 #include <fcntl.h> | |
9 #include <pthread.h> | |
10 #include <sched.h> | |
11 #include <signal.h> | |
12 #include <stdlib.h> | |
13 #include <string.h> | |
14 #include <sys/mman.h> | |
15 #include <sys/prctl.h> | |
16 #include <sys/ptrace.h> | |
17 #include <sys/socket.h> | |
18 #include <sys/syscall.h> | |
19 #include <sys/types.h> | |
20 #include <sys/wait.h> | |
21 #include <unistd.h> | |
22 | |
23 #include "base/bind.h" | |
24 #include "base/callback.h" | |
25 #include "base/compiler_specific.h" | |
26 #include "base/files/scoped_file.h" | |
27 #include "base/logging.h" | |
28 #include "base/posix/eintr_wrapper.h" | |
29 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" | |
30 #include "sandbox/linux/seccomp-bpf/bpf_tests.h" | |
31 | |
32 namespace { | |
33 | |
34 void DoPipe(base::ScopedFD* fds) { | |
35 int tmp_fds[2]; | |
36 BPF_ASSERT_EQ(0, pipe(tmp_fds)); | |
37 fds[0].reset(tmp_fds[0]); | |
38 fds[1].reset(tmp_fds[1]); | |
39 } | |
40 | |
41 void DoSocketpair(base::ScopedFD* fds) { | |
42 int tmp_fds[2]; | |
43 BPF_ASSERT_EQ(0, socketpair(AF_UNIX, SOCK_STREAM, 0, tmp_fds)); | |
44 fds[0].reset(tmp_fds[0]); | |
45 fds[1].reset(tmp_fds[1]); | |
46 } | |
47 | |
48 TEST(NaClNonSfiSandboxTest, BPFIsSupported) { | |
49 bool seccomp_bpf_supported = false; | |
50 // Seccomp-BPF tests die under TSAN v2. See http://crbug.com/356588 | |
51 #if !defined(THREAD_SANITIZER) | |
52 seccomp_bpf_supported = ( | |
53 sandbox::SandboxBPF::SupportsSeccompSandbox(-1) == | |
54 sandbox::SandboxBPF::STATUS_AVAILABLE); | |
55 #endif | |
56 | |
57 if (!seccomp_bpf_supported) { | |
58 LOG(ERROR) << "Seccomp BPF is not supported, these tests " | |
59 << "will pass without running"; | |
60 } | |
61 } | |
62 | |
63 BPF_DEATH_TEST(NaClNonSfiSandboxTest, invalid_sysno, | |
64 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
65 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
66 syscall(999); | |
67 } | |
68 | |
69 const int kExpectedValue = 123; | |
70 | |
71 void* SetValueInThread(void* test_val_ptr) { | |
72 *reinterpret_cast<int*>(test_val_ptr) = kExpectedValue; | |
73 return NULL; | |
74 } | |
75 | |
76 BPF_TEST(NaClNonSfiSandboxTest, clone_by_pthread_create, | |
77 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
78 // clone call for thread creation is allowed. | |
79 pthread_t th; | |
80 int test_val = 42; | |
81 BPF_ASSERT_EQ(0, pthread_create(&th, NULL, &SetValueInThread, &test_val)); | |
82 BPF_ASSERT_EQ(0, pthread_join(th, NULL)); | |
83 BPF_ASSERT_EQ(kExpectedValue, test_val); | |
84 } | |
85 | |
86 int DoFork() { | |
87 // Call clone() to do a fork(). | |
88 const int pid = syscall(__NR_clone, SIGCHLD, NULL); | |
89 if (pid == 0) | |
90 _exit(0); | |
91 return pid; | |
92 } | |
93 | |
94 // The sanity check for DoFork without the sandbox. | |
95 TEST(NaClNonSfiSandboxTest, DoFork) { | |
96 const int pid = DoFork(); | |
97 ASSERT_LT(0, pid); | |
98 int status; | |
99 ASSERT_EQ(pid, HANDLE_EINTR(waitpid(pid, &status, 0))); | |
100 ASSERT_TRUE(WIFEXITED(status)); | |
101 ASSERT_EQ(0, WEXITSTATUS(status)); | |
102 } | |
103 | |
104 // Then, try this in the sandbox. | |
105 BPF_DEATH_TEST(NaClNonSfiSandboxTest, clone_for_fork, | |
106 DEATH_MESSAGE(sandbox::GetCloneErrorMessageContentForTests()), | |
107 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
108 DoFork(); | |
109 } | |
110 | |
111 BPF_TEST(NaClNonSfiSandboxTest, prctl_SET_NAME, | |
112 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
113 errno = 0; | |
114 BPF_ASSERT_EQ(-1, syscall(__NR_prctl, PR_SET_NAME, "foo")); | |
115 BPF_ASSERT_EQ(EPERM, errno); | |
116 } | |
117 | |
118 BPF_DEATH_TEST(NaClNonSfiSandboxTest, prctl_SET_DUMPABLE, | |
119 DEATH_MESSAGE(sandbox::GetPrctlErrorMessageContentForTests()), | |
120 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
121 syscall(__NR_prctl, PR_SET_DUMPABLE, 1UL); | |
122 } | |
123 | |
124 BPF_TEST(NaClNonSfiSandboxTest, socketcall_allowed, | |
125 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
126 base::ScopedFD fds[2]; | |
127 struct msghdr msg = {}; | |
128 struct iovec iov; | |
129 std::string payload("foo"); | |
130 iov.iov_base = &payload[0]; | |
131 iov.iov_len = payload.size(); | |
132 msg.msg_iov = &iov; | |
133 msg.msg_iovlen = 1; | |
134 DoSocketpair(fds); | |
135 BPF_ASSERT_EQ(static_cast<int>(payload.size()), | |
136 HANDLE_EINTR(sendmsg(fds[1].get(), &msg, 0))); | |
137 BPF_ASSERT_EQ(static_cast<int>(payload.size()), | |
138 HANDLE_EINTR(recvmsg(fds[0].get(), &msg, 0))); | |
139 BPF_ASSERT_EQ(0, shutdown(fds[0].get(), SHUT_RDWR)); | |
140 } | |
141 | |
142 BPF_DEATH_TEST(NaClNonSfiSandboxTest, accept, | |
143 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
144 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
145 accept(0, NULL, NULL); | |
146 } | |
147 | |
148 BPF_DEATH_TEST(NaClNonSfiSandboxTest, bind, | |
149 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
150 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
151 bind(0, NULL, 0); | |
152 } | |
153 | |
154 BPF_DEATH_TEST(NaClNonSfiSandboxTest, connect, | |
155 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
156 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
157 connect(0, NULL, 0); | |
158 } | |
159 | |
160 BPF_DEATH_TEST(NaClNonSfiSandboxTest, getpeername, | |
161 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
162 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
163 getpeername(0, NULL, NULL); | |
164 } | |
165 | |
166 BPF_DEATH_TEST(NaClNonSfiSandboxTest, getsockname, | |
167 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
168 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
169 getsockname(0, NULL, NULL); | |
170 } | |
171 | |
172 BPF_DEATH_TEST(NaClNonSfiSandboxTest, getsockopt, | |
173 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
174 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
175 getsockopt(0, 0, 0, NULL, NULL); | |
176 } | |
177 | |
178 BPF_DEATH_TEST(NaClNonSfiSandboxTest, listen, | |
179 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
180 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
181 listen(0, 0); | |
182 } | |
183 | |
184 BPF_DEATH_TEST(NaClNonSfiSandboxTest, recv, | |
185 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
186 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
187 recv(0, NULL, 0, 0); | |
188 } | |
189 | |
190 BPF_DEATH_TEST(NaClNonSfiSandboxTest, recvfrom, | |
191 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
192 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
193 recvfrom(0, NULL, 0, 0, NULL, NULL); | |
194 } | |
195 | |
196 BPF_DEATH_TEST(NaClNonSfiSandboxTest, send, | |
197 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
198 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
199 send(0, NULL, 0, 0); | |
200 } | |
201 | |
202 BPF_DEATH_TEST(NaClNonSfiSandboxTest, sendto, | |
203 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
204 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
205 sendto(0, NULL, 0, 0, NULL, 0); | |
206 } | |
207 | |
208 BPF_DEATH_TEST(NaClNonSfiSandboxTest, setsockopt, | |
209 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
210 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
211 setsockopt(0, 0, 0, NULL, 0); | |
212 } | |
213 | |
214 BPF_DEATH_TEST(NaClNonSfiSandboxTest, socket, | |
215 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
216 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
217 socket(0, 0, 0); | |
218 } | |
219 | |
220 #if defined(__x86_64__) || defined(__arm__) | |
221 BPF_DEATH_TEST(NaClNonSfiSandboxTest, socketpair, | |
222 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
223 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
224 int fds[2]; | |
225 socketpair(AF_INET, SOCK_STREAM, 0, fds); | |
226 } | |
227 #endif | |
228 | |
229 BPF_TEST(NaClNonSfiSandboxTest, fcntl_SETFD_allowed, | |
230 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
231 base::ScopedFD fds[2]; | |
232 DoSocketpair(fds); | |
233 BPF_ASSERT_EQ(0, fcntl(fds[0].get(), F_SETFD, FD_CLOEXEC)); | |
234 } | |
235 | |
236 BPF_DEATH_TEST(NaClNonSfiSandboxTest, fcntl_SETFD, | |
237 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
238 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
239 base::ScopedFD fds[2]; | |
240 DoSocketpair(fds); | |
241 fcntl(fds[0].get(), F_SETFD, 99); | |
242 } | |
243 | |
244 BPF_TEST(NaClNonSfiSandboxTest, fcntl_GETFL_SETFL_allowed, | |
245 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
246 base::ScopedFD fds[2]; | |
247 DoPipe(fds); | |
248 const int fd = fds[0].get(); | |
249 BPF_ASSERT_EQ(0, fcntl(fd, F_GETFL)); | |
250 BPF_ASSERT_EQ(0, fcntl(fd, F_SETFL, O_RDWR | O_NONBLOCK)); | |
251 BPF_ASSERT_EQ(O_NONBLOCK, fcntl(fd, F_GETFL)); | |
252 } | |
253 | |
254 BPF_DEATH_TEST(NaClNonSfiSandboxTest, fcntl_GETFL_SETFL, | |
255 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
256 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
257 base::ScopedFD fds[2]; | |
258 DoSocketpair(fds); | |
259 fcntl(fds[0].get(), F_SETFL, O_APPEND); | |
260 } | |
261 | |
262 BPF_DEATH_TEST(NaClNonSfiSandboxTest, fcntl_DUPFD, | |
263 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
264 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
265 fcntl(0, F_DUPFD); | |
266 } | |
267 | |
268 BPF_DEATH_TEST(NaClNonSfiSandboxTest, fcntl_DUPFD_CLOEXEC, | |
269 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
270 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
271 fcntl(0, F_DUPFD_CLOEXEC); | |
272 } | |
273 | |
274 void* DoAllowedAnonymousMmap() { | |
275 return mmap(NULL, getpagesize(), PROT_READ | PROT_WRITE, | |
276 MAP_ANONYMOUS | MAP_SHARED, -1, 0); | |
277 } | |
278 | |
279 BPF_TEST(NaClNonSfiSandboxTest, mmap_allowed, | |
280 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
281 void* ptr = DoAllowedAnonymousMmap(); | |
282 BPF_ASSERT_NE(MAP_FAILED, ptr); | |
283 BPF_ASSERT_EQ(0, munmap(ptr, getpagesize())); | |
284 } | |
285 | |
286 BPF_DEATH_TEST(NaClNonSfiSandboxTest, mmap_unallowed_flag, | |
287 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
288 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
289 mmap(NULL, getpagesize(), PROT_READ | PROT_WRITE, | |
290 MAP_ANONYMOUS | MAP_POPULATE, -1, 0); | |
291 } | |
292 | |
293 BPF_DEATH_TEST(NaClNonSfiSandboxTest, mmap_unallowed_prot, | |
294 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
295 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
296 mmap(NULL, getpagesize(), PROT_READ | PROT_GROWSDOWN, | |
297 MAP_ANONYMOUS, -1, 0); | |
298 } | |
299 | |
300 // TODO(hamaji): Disallow RWX mmap. | |
301 #if 0 | |
302 BPF_DEATH_TEST(NaClNonSfiSandboxTest, mmap_rwx, | |
303 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
304 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
305 mmap(NULL, getpagesize(), PROT_READ | PROT_WRITE | PROT_EXEC, | |
306 MAP_ANONYMOUS, -1, 0); | |
307 } | |
308 #endif | |
309 | |
310 BPF_TEST(NaClNonSfiSandboxTest, mprotect_allowed, | |
311 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
312 void* ptr = DoAllowedAnonymousMmap(); | |
313 BPF_ASSERT_NE(MAP_FAILED, ptr); | |
314 BPF_ASSERT_EQ(0, mprotect(ptr, getpagesize(), PROT_READ)); | |
315 BPF_ASSERT_EQ(0, munmap(ptr, getpagesize())); | |
316 } | |
317 | |
318 BPF_DEATH_TEST(NaClNonSfiSandboxTest, mprotect_unallowed_prot, | |
319 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
320 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
321 // We have tested DoAllowedAnonymousMmap is allowed in | |
322 // mmap_allowed, so we can make sure the following mprotect call | |
323 // kills the process. | |
324 void* ptr = DoAllowedAnonymousMmap(); | |
325 BPF_ASSERT_NE(MAP_FAILED, ptr); | |
326 mprotect(ptr, getpagesize(), PROT_READ | PROT_GROWSDOWN); | |
327 } | |
328 | |
329 BPF_TEST(NaClNonSfiSandboxTest, brk, | |
330 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
331 char* next_brk = static_cast<char*>(sbrk(0)) + getpagesize(); | |
332 // The kernel interface must return zero for brk. | |
333 BPF_ASSERT_EQ(0, syscall(__NR_brk, next_brk)); | |
334 // The libc wrapper translates it to ENOMEM. | |
335 errno = 0; | |
336 BPF_ASSERT_EQ(-1, brk(next_brk)); | |
337 BPF_ASSERT_EQ(ENOMEM, errno); | |
338 } | |
339 | |
340 #if defined(__i386__) || defined(__arm__) | |
341 BPF_TEST(NaClNonSfiSandboxTest, getegid32_EPERM, | |
342 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
343 errno = 0; | |
344 BPF_ASSERT_EQ(-1, syscall(__NR_getegid32)); | |
345 BPF_ASSERT_EQ(EPERM, errno); | |
346 } | |
347 | |
348 BPF_TEST(NaClNonSfiSandboxTest, geteuid32_EPERM, | |
349 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
350 errno = 0; | |
351 BPF_ASSERT_EQ(-1, syscall(__NR_geteuid32)); | |
352 BPF_ASSERT_EQ(EPERM, errno); | |
353 } | |
354 | |
355 BPF_TEST(NaClNonSfiSandboxTest, getgid32_EPERM, | |
356 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
357 errno = 0; | |
358 BPF_ASSERT_EQ(-1, syscall(__NR_getgid32)); | |
359 BPF_ASSERT_EQ(EPERM, errno); | |
360 } | |
361 | |
362 BPF_TEST(NaClNonSfiSandboxTest, getuid32_EPERM, | |
363 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
364 errno = 0; | |
365 BPF_ASSERT_EQ(-1, syscall(__NR_getuid32)); | |
366 BPF_ASSERT_EQ(EPERM, errno); | |
367 } | |
368 | |
369 BPF_DEATH_TEST(NaClNonSfiSandboxTest, getegid_SIGSYS, | |
370 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
371 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
372 syscall(__NR_getegid); | |
373 } | |
374 | |
375 BPF_DEATH_TEST(NaClNonSfiSandboxTest, geteuid_SIGSYS, | |
376 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
377 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
378 syscall(__NR_geteuid); | |
379 } | |
380 | |
381 BPF_DEATH_TEST(NaClNonSfiSandboxTest, getgid_SIGSYS, | |
382 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
383 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
384 syscall(__NR_getgid); | |
385 } | |
386 | |
387 BPF_DEATH_TEST(NaClNonSfiSandboxTest, getuid_SIGSYS, | |
388 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()), | |
389 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
390 syscall(__NR_getuid); | |
391 } | |
392 #endif | |
393 | |
394 #if defined(__x86_64__) | |
395 BPF_TEST(NaClNonSfiSandboxTest, getegid_EPERM, | |
396 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
397 errno = 0; | |
398 BPF_ASSERT_EQ(-1, syscall(__NR_getegid)); | |
399 BPF_ASSERT_EQ(EPERM, errno); | |
400 } | |
401 | |
402 BPF_TEST(NaClNonSfiSandboxTest, geteuid_EPERM, | |
403 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
404 errno = 0; | |
405 BPF_ASSERT_EQ(-1, syscall(__NR_geteuid)); | |
406 BPF_ASSERT_EQ(EPERM, errno); | |
407 } | |
408 | |
409 BPF_TEST(NaClNonSfiSandboxTest, getgid_EPERM, | |
410 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
411 errno = 0; | |
412 BPF_ASSERT_EQ(-1, syscall(__NR_getgid)); | |
413 BPF_ASSERT_EQ(EPERM, errno); | |
414 } | |
415 | |
416 BPF_TEST(NaClNonSfiSandboxTest, getuid_EPERM, | |
417 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
418 errno = 0; | |
419 BPF_ASSERT_EQ(-1, syscall(__NR_getuid)); | |
420 BPF_ASSERT_EQ(EPERM, errno); | |
421 } | |
422 #endif | |
423 | |
424 BPF_TEST(NaClNonSfiSandboxTest, madvise_EPERM, | |
425 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
426 errno = 0; | |
427 BPF_ASSERT_EQ(-1, syscall(__NR_madvise)); | |
428 BPF_ASSERT_EQ(EPERM, errno); | |
429 } | |
430 | |
431 BPF_TEST(NaClNonSfiSandboxTest, open_EPERM, | |
432 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
433 errno = 0; | |
434 BPF_ASSERT_EQ(-1, syscall(__NR_open)); | |
435 BPF_ASSERT_EQ(EPERM, errno); | |
436 } | |
437 | |
438 BPF_TEST(NaClNonSfiSandboxTest, ptrace_EPERM, | |
439 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
440 errno = 0; | |
441 BPF_ASSERT_EQ(-1, syscall(__NR_ptrace)); | |
442 BPF_ASSERT_EQ(EPERM, errno); | |
443 } | |
444 | |
445 BPF_TEST(NaClNonSfiSandboxTest, set_robust_list_EPERM, | |
446 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
447 errno = 0; | |
448 BPF_ASSERT_EQ(-1, syscall(__NR_set_robust_list)); | |
449 BPF_ASSERT_EQ(EPERM, errno); | |
450 } | |
451 | |
452 #if defined(__i386__) || defined(__x86_64__) | |
453 BPF_TEST(NaClNonSfiSandboxTest, time_EPERM, | |
454 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) { | |
455 errno = 0; | |
456 BPF_ASSERT_EQ(-1, syscall(__NR_time)); | |
457 BPF_ASSERT_EQ(EPERM, errno); | |
458 } | |
459 #endif | |
460 | |
461 } // namespace | |
OLD | NEW |