Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(171)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/services/namespace_sandbox_unittest.cc

Issue 2950153002: Improve process launch handle sharing API. (Closed)
Patch Set: Fix Mojo launcher, review comments Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/test/spawned_test_server/local_test_server_win.cc ('K') | « net/test/spawned_test_server/local_test_server_win.cc ('k') | sandbox/linux/suid/client/setuid_sandbox_host.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/services/namespace_sandbox.h" 5 #include "sandbox/linux/services/namespace_sandbox.h"
6 6
7 #include <signal.h> 7 #include <signal.h>
8 #include <sys/types.h> 8 #include <sys/types.h>
9 #include <sys/wait.h> 9 #include <sys/wait.h>
10 #include <unistd.h> 10 #include <unistd.h>
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
44 TestProcWithOptions(procname, NamespaceSandbox::Options()); 44 TestProcWithOptions(procname, NamespaceSandbox::Options());
45 } 45 }
46 46
47 void TestProcWithOptions( 47 void TestProcWithOptions(
48 const std::string& procname, 48 const std::string& procname,
49 const NamespaceSandbox::Options& ns_sandbox_options) { 49 const NamespaceSandbox::Options& ns_sandbox_options) {
50 if (!Credentials::CanCreateProcessInNewUserNS()) { 50 if (!Credentials::CanCreateProcessInNewUserNS()) {
51 return; 51 return;
52 } 52 }
53 53
54 base::FileHandleMappingVector fds_to_remap = {
55 std::make_pair(STDOUT_FILENO, STDOUT_FILENO),
56 std::make_pair(STDERR_FILENO, STDERR_FILENO),
57 };
58 base::LaunchOptions launch_options; 54 base::LaunchOptions launch_options;
59 launch_options.fds_to_remap = &fds_to_remap; 55 launch_options.fds_to_remap.push_back(
56 std::make_pair(STDOUT_FILENO, STDOUT_FILENO));
57 launch_options.fds_to_remap.push_back(
58 std::make_pair(STDERR_FILENO, STDERR_FILENO));
60 59
61 base::Process process = NamespaceSandbox::LaunchProcessWithOptions( 60 base::Process process = NamespaceSandbox::LaunchProcessWithOptions(
62 MakeCmdLine(procname), launch_options, ns_sandbox_options); 61 MakeCmdLine(procname), launch_options, ns_sandbox_options);
63 ASSERT_TRUE(process.IsValid()); 62 ASSERT_TRUE(process.IsValid());
64 63
65 const int kDummyExitCode = 42; 64 const int kDummyExitCode = 42;
66 int exit_code = kDummyExitCode; 65 int exit_code = kDummyExitCode;
67 EXPECT_TRUE(process.WaitForExit(&exit_code)); 66 EXPECT_TRUE(process.WaitForExit(&exit_code));
68 EXPECT_EQ(0, exit_code); 67 EXPECT_EQ(0, exit_code);
69 } 68 }
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after
116 CHECK(RootDirectoryIsEmpty()); 115 CHECK(RootDirectoryIsEmpty());
117 return 0; 116 return 0;
118 } 117 }
119 118
120 // Temporarily disabled on ASAN due to crbug.com/451603. 119 // Temporarily disabled on ASAN due to crbug.com/451603.
121 TEST_F(NamespaceSandboxTest, DISABLE_ON_ASAN(ChrootAndDropCapabilities)) { 120 TEST_F(NamespaceSandboxTest, DISABLE_ON_ASAN(ChrootAndDropCapabilities)) {
122 TestProc("ChrootMe"); 121 TestProc("ChrootMe");
123 } 122 }
124 123
125 MULTIPROCESS_TEST_MAIN(NestedNamespaceSandbox) { 124 MULTIPROCESS_TEST_MAIN(NestedNamespaceSandbox) {
126 base::FileHandleMappingVector fds_to_remap = {
127 std::make_pair(STDOUT_FILENO, STDOUT_FILENO),
128 std::make_pair(STDERR_FILENO, STDERR_FILENO),
129 };
130 base::LaunchOptions launch_options; 125 base::LaunchOptions launch_options;
131 launch_options.fds_to_remap = &fds_to_remap; 126 launch_options.fds_to_remap.push_back(
127 std::make_pair(STDOUT_FILENO, STDOUT_FILENO));
128 launch_options.fds_to_remap.push_back(
129 std::make_pair(STDERR_FILENO, STDERR_FILENO));
130
132 base::Process process = NamespaceSandbox::LaunchProcess( 131 base::Process process = NamespaceSandbox::LaunchProcess(
133 base::CommandLine(base::FilePath("/bin/true")), launch_options); 132 base::CommandLine(base::FilePath("/bin/true")), launch_options);
134 CHECK(process.IsValid()); 133 CHECK(process.IsValid());
135 134
136 const int kDummyExitCode = 42; 135 const int kDummyExitCode = 42;
137 int exit_code = kDummyExitCode; 136 int exit_code = kDummyExitCode;
138 CHECK(process.WaitForExit(&exit_code)); 137 CHECK(process.WaitForExit(&exit_code));
139 CHECK_EQ(0, exit_code); 138 CHECK_EQ(0, exit_code);
140 return 0; 139 return 0;
141 } 140 }
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after
232 CHECK(!NamespaceSandbox::InstallTerminationSignalHandler( 231 CHECK(!NamespaceSandbox::InstallTerminationSignalHandler(
233 SIGUSR1, NamespaceSandbox::SignalExitCode(SIGUSR1))); 232 SIGUSR1, NamespaceSandbox::SignalExitCode(SIGUSR1)));
234 233
235 raise(SIGUSR1); 234 raise(SIGUSR1);
236 CHECK_EQ(1, signal_handler_called); 235 CHECK_EQ(1, signal_handler_called);
237 } 236 }
238 237
239 } // namespace 238 } // namespace
240 239
241 } // namespace sandbox 240 } // namespace sandbox
OLDNEW
« net/test/spawned_test_server/local_test_server_win.cc ('K') | « net/test/spawned_test_server/local_test_server_win.cc ('k') | sandbox/linux/suid/client/setuid_sandbox_host.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698