| Index: sandbox/linux/seccomp-bpf/syscall_unittest.cc
|
| diff --git a/sandbox/linux/seccomp-bpf/syscall_unittest.cc b/sandbox/linux/seccomp-bpf/syscall_unittest.cc
|
| index bdeee4fe2da77cf87cbda1d980787e52f3ee93b7..80b5079bae08fe35e02d2b57dcb0f0dc77b33795 100644
|
| --- a/sandbox/linux/seccomp-bpf/syscall_unittest.cc
|
| +++ b/sandbox/linux/seccomp-bpf/syscall_unittest.cc
|
| @@ -12,6 +12,7 @@
|
|
|
| #include "base/basictypes.h"
|
| #include "base/posix/eintr_wrapper.h"
|
| +#include "build/build_config.h"
|
| #include "sandbox/linux/seccomp-bpf/bpf_tests.h"
|
| #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
|
| #include "sandbox/linux/seccomp-bpf/syscall.h"
|
| @@ -31,24 +32,25 @@ const int kMMapNr = __NR_mmap;
|
| #endif
|
|
|
| TEST(Syscall, WellKnownEntryPoint) {
|
| -// Test that SandboxSyscall(-1) is handled specially. Don't do this on ARM,
|
| +// Test that Syscall::Call(-1) is handled specially. Don't do this on ARM,
|
| // where syscall(-1) crashes with SIGILL. Not running the test is fine, as we
|
| // are still testing ARM code in the next set of tests.
|
| #if !defined(__arm__)
|
| - EXPECT_NE(SandboxSyscall(-1), syscall(-1));
|
| + EXPECT_NE(Syscall::Call(-1), syscall(-1));
|
| #endif
|
|
|
| -// If possible, test that SandboxSyscall(-1) returns the address right after
|
| +// If possible, test that Syscall::Call(-1) returns the address right
|
| +// after
|
| // a kernel entry point.
|
| #if defined(__i386__)
|
| - EXPECT_EQ(0x80CDu, ((uint16_t*)SandboxSyscall(-1))[-1]); // INT 0x80
|
| + EXPECT_EQ(0x80CDu, ((uint16_t*)Syscall::Call(-1))[-1]); // INT 0x80
|
| #elif defined(__x86_64__)
|
| - EXPECT_EQ(0x050Fu, ((uint16_t*)SandboxSyscall(-1))[-1]); // SYSCALL
|
| + EXPECT_EQ(0x050Fu, ((uint16_t*)Syscall::Call(-1))[-1]); // SYSCALL
|
| #elif defined(__arm__)
|
| #if defined(__thumb__)
|
| - EXPECT_EQ(0xDF00u, ((uint16_t*)SandboxSyscall(-1))[-1]); // SWI 0
|
| + EXPECT_EQ(0xDF00u, ((uint16_t*)Syscall::Call(-1))[-1]); // SWI 0
|
| #else
|
| - EXPECT_EQ(0xEF000000u, ((uint32_t*)SandboxSyscall(-1))[-1]); // SVC 0
|
| + EXPECT_EQ(0xEF000000u, ((uint32_t*)Syscall::Call(-1))[-1]); // SVC 0
|
| #endif
|
| #else
|
| #warning Incomplete test case; need port for target platform
|
| @@ -57,17 +59,25 @@ TEST(Syscall, WellKnownEntryPoint) {
|
|
|
| TEST(Syscall, TrivialSyscallNoArgs) {
|
| // Test that we can do basic system calls
|
| - EXPECT_EQ(SandboxSyscall(__NR_getpid), syscall(__NR_getpid));
|
| + EXPECT_EQ(Syscall::Call(__NR_getpid), syscall(__NR_getpid));
|
| }
|
|
|
| TEST(Syscall, TrivialSyscallOneArg) {
|
| int new_fd;
|
| // Duplicate standard error and close it.
|
| - ASSERT_GE(new_fd = SandboxSyscall(__NR_dup, 2), 0);
|
| - int close_return_value = IGNORE_EINTR(SandboxSyscall(__NR_close, new_fd));
|
| + ASSERT_GE(new_fd = Syscall::Call(__NR_dup, 2), 0);
|
| + int close_return_value = IGNORE_EINTR(Syscall::Call(__NR_close, new_fd));
|
| ASSERT_EQ(close_return_value, 0);
|
| }
|
|
|
| +TEST(Syscall, TrivialFailingSyscall) {
|
| + errno = -42;
|
| + int ret = Syscall::Call(__NR_dup, -1);
|
| + ASSERT_EQ(-EBADF, ret);
|
| + // Verify that Syscall::Call does not touch errno.
|
| + ASSERT_EQ(-42, errno);
|
| +}
|
| +
|
| // SIGSYS trap handler that will be called on __NR_uname.
|
| intptr_t CopySyscallArgsToAux(const struct arch_seccomp_data& args, void* aux) {
|
| // |aux| is our BPF_AUX pointer.
|
| @@ -91,7 +101,8 @@ ErrorCode CopyAllArgsOnUnamePolicy(SandboxBPF* sandbox,
|
| }
|
| }
|
|
|
| -// We are testing SandboxSyscall() by making use of a BPF filter that allows us
|
| +// We are testing Syscall::Call() by making use of a BPF filter that
|
| +// allows us
|
| // to inspect the system call arguments that the kernel saw.
|
| BPF_TEST(Syscall,
|
| SyntheticSixArgs,
|
| @@ -109,13 +120,13 @@ BPF_TEST(Syscall,
|
|
|
| // We could use pretty much any system call we don't need here. uname() is
|
| // nice because it doesn't have any dangerous side effects.
|
| - BPF_ASSERT(SandboxSyscall(__NR_uname,
|
| - syscall_args[0],
|
| - syscall_args[1],
|
| - syscall_args[2],
|
| - syscall_args[3],
|
| - syscall_args[4],
|
| - syscall_args[5]) == -ENOMEM);
|
| + BPF_ASSERT(Syscall::Call(__NR_uname,
|
| + syscall_args[0],
|
| + syscall_args[1],
|
| + syscall_args[2],
|
| + syscall_args[3],
|
| + syscall_args[4],
|
| + syscall_args[5]) == -ENOMEM);
|
|
|
| // We expect the trap handler to have copied the 6 arguments.
|
| BPF_ASSERT(BPF_AUX->size() == 6);
|
| @@ -133,69 +144,69 @@ BPF_TEST(Syscall,
|
|
|
| TEST(Syscall, ComplexSyscallSixArgs) {
|
| int fd;
|
| - ASSERT_LE(0, fd = SandboxSyscall(__NR_open, "/dev/null", O_RDWR, 0L));
|
| + ASSERT_LE(0, fd = Syscall::Call(__NR_open, "/dev/null", O_RDWR, 0L));
|
|
|
| // Use mmap() to allocate some read-only memory
|
| char* addr0;
|
| - ASSERT_NE((char*)NULL,
|
| - addr0 = reinterpret_cast<char*>(
|
| - SandboxSyscall(kMMapNr,
|
| - (void*)NULL,
|
| - 4096,
|
| - PROT_READ,
|
| - MAP_PRIVATE | MAP_ANONYMOUS,
|
| - fd,
|
| - 0L)));
|
| + ASSERT_NE(
|
| + (char*)NULL,
|
| + addr0 = reinterpret_cast<char*>(Syscall::Call(kMMapNr,
|
| + (void*)NULL,
|
| + 4096,
|
| + PROT_READ,
|
| + MAP_PRIVATE | MAP_ANONYMOUS,
|
| + fd,
|
| + 0L)));
|
|
|
| // Try to replace the existing mapping with a read-write mapping
|
| char* addr1;
|
| ASSERT_EQ(addr0,
|
| addr1 = reinterpret_cast<char*>(
|
| - SandboxSyscall(kMMapNr,
|
| - addr0,
|
| - 4096L,
|
| - PROT_READ | PROT_WRITE,
|
| - MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED,
|
| - fd,
|
| - 0L)));
|
| + Syscall::Call(kMMapNr,
|
| + addr0,
|
| + 4096L,
|
| + PROT_READ | PROT_WRITE,
|
| + MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED,
|
| + fd,
|
| + 0L)));
|
| ++*addr1; // This should not seg fault
|
|
|
| // Clean up
|
| - EXPECT_EQ(0, SandboxSyscall(__NR_munmap, addr1, 4096L));
|
| - EXPECT_EQ(0, IGNORE_EINTR(SandboxSyscall(__NR_close, fd)));
|
| + EXPECT_EQ(0, Syscall::Call(__NR_munmap, addr1, 4096L));
|
| + EXPECT_EQ(0, IGNORE_EINTR(Syscall::Call(__NR_close, fd)));
|
|
|
| // Check that the offset argument (i.e. the sixth argument) is processed
|
| // correctly.
|
| - ASSERT_GE(fd = SandboxSyscall(__NR_open, "/proc/self/exe", O_RDONLY, 0L), 0);
|
| + ASSERT_GE(fd = Syscall::Call(__NR_open, "/proc/self/exe", O_RDONLY, 0L), 0);
|
| char* addr2, *addr3;
|
| ASSERT_NE((char*)NULL,
|
| - addr2 = reinterpret_cast<char*>(SandboxSyscall(
|
| + addr2 = reinterpret_cast<char*>(Syscall::Call(
|
| kMMapNr, (void*)NULL, 8192L, PROT_READ, MAP_PRIVATE, fd, 0L)));
|
| ASSERT_NE((char*)NULL,
|
| - addr3 = reinterpret_cast<char*>(SandboxSyscall(kMMapNr,
|
| - (void*)NULL,
|
| - 4096L,
|
| - PROT_READ,
|
| - MAP_PRIVATE,
|
| - fd,
|
| + addr3 = reinterpret_cast<char*>(Syscall::Call(kMMapNr,
|
| + (void*)NULL,
|
| + 4096L,
|
| + PROT_READ,
|
| + MAP_PRIVATE,
|
| + fd,
|
| #if defined(__NR_mmap2)
|
| - 1L
|
| + 1L
|
| #else
|
| - 4096L
|
| + 4096L
|
| #endif
|
| - )));
|
| + )));
|
| EXPECT_EQ(0, memcmp(addr2 + 4096, addr3, 4096));
|
|
|
| // Just to be absolutely on the safe side, also verify that the file
|
| // contents matches what we are getting from a read() operation.
|
| char buf[8192];
|
| - EXPECT_EQ(8192, SandboxSyscall(__NR_read, fd, buf, 8192L));
|
| + EXPECT_EQ(8192, Syscall::Call(__NR_read, fd, buf, 8192L));
|
| EXPECT_EQ(0, memcmp(addr2, buf, 8192));
|
|
|
| // Clean up
|
| - EXPECT_EQ(0, SandboxSyscall(__NR_munmap, addr2, 8192L));
|
| - EXPECT_EQ(0, SandboxSyscall(__NR_munmap, addr3, 4096L));
|
| - EXPECT_EQ(0, IGNORE_EINTR(SandboxSyscall(__NR_close, fd)));
|
| + EXPECT_EQ(0, Syscall::Call(__NR_munmap, addr2, 8192L));
|
| + EXPECT_EQ(0, Syscall::Call(__NR_munmap, addr3, 4096L));
|
| + EXPECT_EQ(0, IGNORE_EINTR(Syscall::Call(__NR_close, fd)));
|
| }
|
|
|
| } // namespace
|
|
|
Chromium Code Reviews
Issue 330723003:
Clean-up the SandboxSyscall interface (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src