| Index: sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc
|
| diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc b/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc
|
| index b5bfd357a34cc592589d6bc5fc38c6fe02d7b4cf..3b7470b4176ac10e32ea650823061b3e63c4e431 100644
|
| --- a/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc
|
| +++ b/sandbox/linux/seccomp-bpf/sandbox_bpf_unittest.cc
|
| @@ -22,7 +22,6 @@
|
|
|
| #include "base/bind.h"
|
| #include "base/logging.h"
|
| -#include "base/macros.h"
|
| #include "base/memory/scoped_ptr.h"
|
| #include "build/build_config.h"
|
| #include "sandbox/linux/seccomp-bpf/bpf_tests.h"
|
| @@ -85,38 +84,29 @@
|
| return (*pid_ptr)++;
|
| }
|
|
|
| -class VerboseAPITestingPolicy : public SandboxBPFPolicy {
|
| - public:
|
| - VerboseAPITestingPolicy(pid_t* pid_ptr) : pid_ptr_(pid_ptr) {}
|
| -
|
| - virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox,
|
| - int sysno) const OVERRIDE {
|
| - DCHECK(SandboxBPF::IsValidSyscallNumber(sysno));
|
| - if (sysno == __NR_getpid) {
|
| - return sandbox->Trap(FakeGetPid, pid_ptr_);
|
| - }
|
| +ErrorCode VerboseAPITestingPolicy(SandboxBPF* sandbox, int sysno, void* aux) {
|
| + if (!SandboxBPF::IsValidSyscallNumber(sysno)) {
|
| + return ErrorCode(ENOSYS);
|
| + } else if (sysno == __NR_getpid) {
|
| + return sandbox->Trap(FakeGetPid, aux);
|
| + } else {
|
| return ErrorCode(ErrorCode::ERR_ALLOWED);
|
| }
|
| -
|
| - private:
|
| - pid_t* pid_ptr_;
|
| - DISALLOW_COPY_AND_ASSIGN(VerboseAPITestingPolicy);
|
| -};
|
| +}
|
|
|
| SANDBOX_TEST(SandboxBPF, DISABLE_ON_TSAN(VerboseAPITesting)) {
|
| if (SandboxBPF::SupportsSeccompSandbox(-1) ==
|
| sandbox::SandboxBPF::STATUS_AVAILABLE) {
|
| - pid_t pid;
|
| -
|
| + pid_t test_var = 0;
|
| SandboxBPF sandbox;
|
| - sandbox.SetSandboxPolicy(new VerboseAPITestingPolicy(&pid));
|
| + sandbox.SetSandboxPolicyDeprecated(VerboseAPITestingPolicy, &test_var);
|
| BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED));
|
|
|
| - BPF_ASSERT_EQ(0, pid);
|
| - BPF_ASSERT_EQ(0, syscall(__NR_getpid));
|
| - BPF_ASSERT_EQ(1, pid);
|
| - BPF_ASSERT_EQ(1, syscall(__NR_getpid));
|
| - BPF_ASSERT_EQ(2, pid);
|
| + BPF_ASSERT(test_var == 0);
|
| + BPF_ASSERT(syscall(__NR_getpid) == 0);
|
| + BPF_ASSERT(test_var == 1);
|
| + BPF_ASSERT(syscall(__NR_getpid) == 1);
|
| + BPF_ASSERT(test_var == 2);
|
|
|
| // N.B.: Any future call to getpid() would corrupt the stack.
|
| // This is OK. The SANDBOX_TEST() macro is guaranteed to
|
| @@ -294,53 +284,43 @@
|
|
|
| // Testing the stacking of two sandboxes
|
|
|
| -class StackingPolicyPartOne : public SandboxBPFPolicy {
|
| - public:
|
| - StackingPolicyPartOne() {}
|
| - virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox,
|
| - int sysno) const OVERRIDE {
|
| - DCHECK(SandboxBPF::IsValidSyscallNumber(sysno));
|
| - switch (sysno) {
|
| - case __NR_getppid:
|
| - return sandbox->Cond(0,
|
| - ErrorCode::TP_32BIT,
|
| - ErrorCode::OP_EQUAL,
|
| - 0,
|
| - ErrorCode(ErrorCode::ERR_ALLOWED),
|
| - ErrorCode(EPERM));
|
| - default:
|
| - return ErrorCode(ErrorCode::ERR_ALLOWED);
|
| - }
|
| - }
|
| -
|
| - private:
|
| - DISALLOW_COPY_AND_ASSIGN(StackingPolicyPartOne);
|
| -};
|
| -
|
| -class StackingPolicyPartTwo : public SandboxBPFPolicy {
|
| - public:
|
| - StackingPolicyPartTwo() {}
|
| - virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox,
|
| - int sysno) const OVERRIDE {
|
| - DCHECK(SandboxBPF::IsValidSyscallNumber(sysno));
|
| - switch (sysno) {
|
| - case __NR_getppid:
|
| - return sandbox->Cond(0,
|
| - ErrorCode::TP_32BIT,
|
| - ErrorCode::OP_EQUAL,
|
| - 0,
|
| - ErrorCode(EINVAL),
|
| - ErrorCode(ErrorCode::ERR_ALLOWED));
|
| - default:
|
| - return ErrorCode(ErrorCode::ERR_ALLOWED);
|
| - }
|
| - }
|
| -
|
| - private:
|
| - DISALLOW_COPY_AND_ASSIGN(StackingPolicyPartTwo);
|
| -};
|
| -
|
| -BPF_TEST_C(SandboxBPF, StackingPolicy, StackingPolicyPartOne) {
|
| +ErrorCode StackingPolicyPartOne(SandboxBPF* sandbox, int sysno, void*) {
|
| + if (!SandboxBPF::IsValidSyscallNumber(sysno)) {
|
| + return ErrorCode(ENOSYS);
|
| + }
|
| +
|
| + switch (sysno) {
|
| + case __NR_getppid:
|
| + return sandbox->Cond(0,
|
| + ErrorCode::TP_32BIT,
|
| + ErrorCode::OP_EQUAL,
|
| + 0,
|
| + ErrorCode(ErrorCode::ERR_ALLOWED),
|
| + ErrorCode(EPERM));
|
| + default:
|
| + return ErrorCode(ErrorCode::ERR_ALLOWED);
|
| + }
|
| +}
|
| +
|
| +ErrorCode StackingPolicyPartTwo(SandboxBPF* sandbox, int sysno, void*) {
|
| + if (!SandboxBPF::IsValidSyscallNumber(sysno)) {
|
| + return ErrorCode(ENOSYS);
|
| + }
|
| +
|
| + switch (sysno) {
|
| + case __NR_getppid:
|
| + return sandbox->Cond(0,
|
| + ErrorCode::TP_32BIT,
|
| + ErrorCode::OP_EQUAL,
|
| + 0,
|
| + ErrorCode(EINVAL),
|
| + ErrorCode(ErrorCode::ERR_ALLOWED));
|
| + default:
|
| + return ErrorCode(ErrorCode::ERR_ALLOWED);
|
| + }
|
| +}
|
| +
|
| +BPF_TEST(SandboxBPF, StackingPolicy, StackingPolicyPartOne) {
|
| errno = 0;
|
| BPF_ASSERT(syscall(__NR_getppid, 0) > 0);
|
| BPF_ASSERT(errno == 0);
|
| @@ -351,7 +331,7 @@
|
| // Stack a second sandbox with its own policy. Verify that we can further
|
| // restrict filters, but we cannot relax existing filters.
|
| SandboxBPF sandbox;
|
| - sandbox.SetSandboxPolicy(new StackingPolicyPartTwo());
|
| + sandbox.SetSandboxPolicyDeprecated(StackingPolicyPartTwo, NULL);
|
| BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED));
|
|
|
| errno = 0;
|
|
|
Chromium Code Reviews
Issue 293993006:
Revert of Remove SandboxBPF's dependency on CompatibilityPolicy (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src