OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
6 #include "sandbox/linux/seccomp-bpf/syscall_iterator.h" | 6 #include "sandbox/linux/seccomp-bpf/syscall_iterator.h" |
7 #include "sandbox/linux/tests/unit_tests.h" | 7 #include "sandbox/linux/tests/unit_tests.h" |
8 | 8 |
9 namespace sandbox { | 9 namespace sandbox { |
10 | 10 |
(...skipping 17 matching lines...) Expand all Loading... | |
28 SANDBOX_ASSERT(next == 0xFFFFFFFFu); | 28 SANDBOX_ASSERT(next == 0xFFFFFFFFu); |
29 } | 29 } |
30 } | 30 } |
31 | 31 |
32 SANDBOX_TEST(SyscallIterator, PublicSyscallRange) { | 32 SANDBOX_TEST(SyscallIterator, PublicSyscallRange) { |
33 SyscallIterator iter(false); | 33 SyscallIterator iter(false); |
34 uint32_t next = iter.Next(); | 34 uint32_t next = iter.Next(); |
35 | 35 |
36 // The iterator should cover the public syscall range | 36 // The iterator should cover the public syscall range |
37 // MIN_SYSCALL..MAX_PUBLIC_SYSCALL, without skipping syscalls. | 37 // MIN_SYSCALL..MAX_PUBLIC_SYSCALL, without skipping syscalls. |
38 // We're assuming MIN_SYSCALL == 0 for all architectures, | 38 if (MIN_SYSCALL) { |
jln (very slow on Chromium)
2014/05/16 19:30:17
Let's just create Two Tests: SyscallIteratorIntelA
nedeljko
2014/05/19 17:37:23
Should I create just two tests (that would be Publ
jln (very slow on Chromium)
2014/05/20 01:57:47
No, just two tests.
The problem is that the Sysca
nedeljko
2014/05/22 17:38:55
Done.
| |
39 // this is currently valid for Intel and ARM EABI. | 39 // When MIN_SYSCALL != 0 we need to move iterator to valid range |
40 SANDBOX_ASSERT(MIN_SYSCALL == 0); | 40 while (next < MIN_SYSCALL - 1) { |
41 SANDBOX_ASSERT(next == MIN_SYSCALL); | 41 next = iter.Next(); |
42 } | |
43 SANDBOX_ASSERT(next == MIN_SYSCALL -1); | |
44 } else { | |
45 // We're assuming MIN_SYSCALL == 0 for Intel and ARM EABI | |
46 SANDBOX_ASSERT(MIN_SYSCALL == 0); | |
47 SANDBOX_ASSERT(next == MIN_SYSCALL); | |
48 } | |
49 | |
42 for (uint32_t last = next; next < MAX_PUBLIC_SYSCALL + 1; last = next) { | 50 for (uint32_t last = next; next < MAX_PUBLIC_SYSCALL + 1; last = next) { |
43 SANDBOX_ASSERT((next = iter.Next()) == last + 1); | 51 SANDBOX_ASSERT((next = iter.Next()) == last + 1); |
44 } | 52 } |
45 SANDBOX_ASSERT(next == MAX_PUBLIC_SYSCALL + 1); | 53 SANDBOX_ASSERT(next == MAX_PUBLIC_SYSCALL + 1); |
46 } | 54 } |
47 | 55 |
48 #if defined(__arm__) | 56 #if defined(__arm__) |
49 SANDBOX_TEST(SyscallIterator, ARMPrivateSyscallRange) { | 57 SANDBOX_TEST(SyscallIterator, ARMPrivateSyscallRange) { |
50 SyscallIterator iter(false); | 58 SyscallIterator iter(false); |
51 uint32_t next = iter.Next(); | 59 uint32_t next = iter.Next(); |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
100 next = iter.Next(); | 108 next = iter.Next(); |
101 SANDBOX_ASSERT(iter.Done()); | 109 SANDBOX_ASSERT(iter.Done()); |
102 SANDBOX_ASSERT(next == 0xFFFFFFFFu); | 110 SANDBOX_ASSERT(next == 0xFFFFFFFFu); |
103 } | 111 } |
104 } | 112 } |
105 | 113 |
106 SANDBOX_TEST(SyscallIterator, InvalidOnly) { | 114 SANDBOX_TEST(SyscallIterator, InvalidOnly) { |
107 bool invalid_only = true; | 115 bool invalid_only = true; |
108 SyscallIterator iter(invalid_only); | 116 SyscallIterator iter(invalid_only); |
109 uint32_t next = iter.Next(); | 117 uint32_t next = iter.Next(); |
110 // We're assuming MIN_SYSCALL == 0 for all architectures, | 118 // We're assuming MIN_SYSCALL == 0 for all architectures |
111 // this is currently valid for Intel and ARM EABI. | 119 // (this is currently valid for Intel and ARM EABI), except |
jln (very slow on Chromium)
2014/05/16 19:30:17
Again, let's split this into two tests, one for MI
nedeljko
2014/05/22 17:38:55
Done.
| |
120 // for Mips O32 ABI for which MIN_SYSCALL == 4000. | |
112 // First invalid syscall should then be |MAX_PUBLIC_SYSCALL + 1|. | 121 // First invalid syscall should then be |MAX_PUBLIC_SYSCALL + 1|. |
122 #if defined(__mips__) && (_MIPS_SIM == _MIPS_SIM_ABI32) | |
123 SANDBOX_ASSERT(MIN_SYSCALL == 4000); | |
124 #else | |
113 SANDBOX_ASSERT(MIN_SYSCALL == 0); | 125 SANDBOX_ASSERT(MIN_SYSCALL == 0); |
126 #endif | |
127 | |
128 // If MIN_SYSCALL != 0, we need to move iterator to valid range | |
129 if (MIN_SYSCALL) { | |
130 next = iter.Next(); | |
131 // The iterator should skip until the last invalid syscall in this range. | |
132 SANDBOX_ASSERT(next == MIN_SYSCALL - 1); | |
133 while (next <= MAX_PUBLIC_SYSCALL) { | |
134 next = iter.Next(); | |
135 } | |
136 } | |
137 | |
114 SANDBOX_ASSERT(next == MAX_PUBLIC_SYSCALL + 1); | 138 SANDBOX_ASSERT(next == MAX_PUBLIC_SYSCALL + 1); |
115 | 139 |
116 #if defined(__arm__) | 140 #if defined(__arm__) |
117 next = iter.Next(); | 141 next = iter.Next(); |
118 // The iterator should skip until the last invalid syscall in this range. | 142 // The iterator should skip until the last invalid syscall in this range. |
119 SANDBOX_ASSERT(next == MIN_PRIVATE_SYSCALL - 1); | 143 SANDBOX_ASSERT(next == MIN_PRIVATE_SYSCALL - 1); |
120 while (next <= MAX_PRIVATE_SYSCALL) { | 144 while (next <= MAX_PRIVATE_SYSCALL) { |
121 next = iter.Next(); | 145 next = iter.Next(); |
122 } | 146 } |
123 | 147 |
124 next = iter.Next(); | 148 next = iter.Next(); |
125 // The iterator should skip until the last invalid syscall in this range. | 149 // The iterator should skip until the last invalid syscall in this range. |
126 SANDBOX_ASSERT(next == MIN_GHOST_SYSCALL - 1); | 150 SANDBOX_ASSERT(next == MIN_GHOST_SYSCALL - 1); |
127 while (next <= MAX_SYSCALL) { | 151 while (next <= MAX_SYSCALL) { |
128 next = iter.Next(); | 152 next = iter.Next(); |
129 } | 153 } |
130 SANDBOX_ASSERT(next == MAX_SYSCALL + 1); | 154 SANDBOX_ASSERT(next == MAX_SYSCALL + 1); |
131 #endif | 155 #endif |
132 } | 156 } |
133 | 157 |
134 } // namespace | 158 } // namespace |
135 | 159 |
136 } // namespace sandbox | 160 } // namespace sandbox |
OLD | NEW |