Chromium Code Reviews Chromium Code Reviews
Issue 539683002:
MinSFI: Add loader (Closed)
Base URL: https://chromium.googlesource.com/native_client/src/native_client.git@master| Index: tests/minsfi/init_trusted.c |
| diff --git a/tests/minsfi/init_trusted.c b/tests/minsfi/init_trusted.c |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..b8eb5bc683f490355ef92cd876da0742bbea1746 |
| --- /dev/null |
| +++ b/tests/minsfi/init_trusted.c |
| @@ -0,0 +1,128 @@ |
| +/* |
| + * Copyright (c) 2014 The Native Client Authors. All rights reserved. |
| + * Use of this source code is governed by a BSD-style license that can be |
| + * found in the LICENSE file. |
| + */ |
| + |
| +#include "native_client/src/include/minsfi.h" |
| +#include "native_client/src/include/minsfi_priv.h" |
| +#include "native_client/src/include/nacl_assert.h" |
| + |
| +manifest init_manifest(void) { |
| + manifest sb; |
| + layout mem; |
| + |
| + sb.ptr_size = 24; |
| + sb.dataseg_offset = 0x1000; |
| + sb.dataseg_size = 0x400; |
|
jvoung (off chromium)
2014/09/05 00:32:00
Is it important that dataseg_size < page_size? (to
dbrazdil
2014/09/05 19:41:38
It's more the fact that dataseg_size is not page s
|
| + |
| + ASSERT_EQ(true, generate_layout(&sb, 0x1000, &mem)); |
| + return sb; |
| +} |
| + |
| +void test_valid_layout(void) { |
| + unsigned page_size = 0x1000; |
| + manifest sb = init_manifest(); |
| + layout mem; |
| + |
| + ASSERT_EQ(true, generate_layout(&sb, page_size, &mem)); |
| + |
| + ASSERT_EQ( 0x1000, mem.dataseg.offset); |
| + ASSERT_EQ( 0x2000, mem.dataseg.offset + mem.dataseg.length); |
| + ASSERT_EQ( 0x3000, mem.heap.offset); |
| + ASSERT_EQ( 0xFDF000, mem.heap.offset + mem.heap.length); |
| + ASSERT_EQ( 0xFE0000, mem.stack.offset); |
| + ASSERT_EQ(0x1000000, mem.stack.offset + mem.stack.length); |
| +} |
| + |
| +void test_page_size_not_pow2(void) { |
| + manifest sb = init_manifest(); |
| + layout mem; |
| + |
| + ASSERT_EQ(false, generate_layout(&sb, 1234, &mem)); |
| +} |
| + |
| +void test_ptrsize_invalid(void) { |
| + unsigned page_size = 0x1000; |
| + manifest sb = init_manifest(); |
| + layout mem; |
| + |
| + sb.ptr_size = 0; |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| + |
| + sb.ptr_size = 19; |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| + |
| + sb.ptr_size = 33; |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| +} |
| + |
| +void test_dataseg_pos_invalid(void) { |
| + unsigned page_size = 0x1000; |
| + manifest sb = init_manifest(); |
| + layout mem; |
| + |
| + /* offset not page-aligned */ |
| + sb.dataseg_offset = 0x1001; |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| + |
| + /* offset out of bounds */ |
| + sb.dataseg_offset = (1 << 25); |
|
jvoung (off chromium)
2014/09/05 00:32:00
Maybe the "25" could have been based off sb.ptr_si
dbrazdil
2014/09/05 19:41:38
Done. All of these constants are quite fragile so
|
| + sb.dataseg_size = 0x400; |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| + |
| + /* end of the region out of bounds */ |
| + sb.dataseg_offset = 0x1000; |
| + sb.dataseg_size = (1 << 24) - 0x1001; /* gets rounded up and fails */ |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| +} |
| + |
| +void test_no_space_for_heap(void) { |
| + unsigned page_size = 4096; |
| + manifest sb = init_manifest(); |
| + layout mem; |
| + bool ret; |
| + |
| + /* heap size exactly one page */ |
| + sb.dataseg_size = (1 << 24) - sb.dataseg_offset - 35 * page_size; |
| + ret = generate_layout(&sb, page_size, &mem); |
| + ASSERT_EQ(true, ret); |
| + ASSERT_EQ(page_size, mem.heap.length); |
| + |
| + /* heap size less than one page. */ |
| + sb.dataseg_size += 1; |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| + |
| + /* heap size negative */ |
| + sb.dataseg_size += page_size; |
| + ASSERT_EQ(false, generate_layout(&sb, page_size, &mem)); |
| +} |
| + |
| +void test_invoke_sandbox(void) { |
| + int i; |
| + int ret_val = 0xCAFEBABE; |
| + |
| + /* multiple invocations without destroying */ |
| + for (i = 0; i < 3; i++) |
| + ASSERT_EQ(ret_val, minsfi_exec()); |
| + |
| + /* multiple invocations with destroying */ |
| + for (i = 0; i < 3; i++) { |
| + ASSERT_EQ(ret_val, minsfi_exec()); |
|
jvoung (off chromium)
2014/09/05 00:32:00
Do you expect that sandbox base to be random/re-in
dbrazdil
2014/09/05 19:41:38
Possibly in the future? The extension unpacking wo
|
| + ASSERT_EQ(true, minsfi_destroy()); |
| + } |
| + |
| + /* multiple destroys without initialization */ |
| + for (i = 0; i < 3; i++) |
| + ASSERT_EQ(true, minsfi_destroy()); |
| +} |
| + |
| +int main(void) { |
| + test_valid_layout(); |
| + test_page_size_not_pow2(); |
| + test_ptrsize_invalid(); |
| + test_dataseg_pos_invalid(); |
| + test_no_space_for_heap(); |
| + test_invoke_sandbox(); |
| + return 0; |
| +} |
