| OLD | NEW |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_test_runner.h" | 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_test_runner.h" |
| 6 | 6 |
| 7 #include <fcntl.h> | 7 #include <fcntl.h> |
| 8 #include <linux/filter.h> | 8 #include <linux/filter.h> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" | 12 #include "sandbox/linux/bpf_dsl/policy.h" |
| 13 #include "sandbox/linux/seccomp-bpf/die.h" | 13 #include "sandbox/linux/seccomp-bpf/die.h" |
| 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 15 #include "sandbox/linux/tests/unit_tests.h" | 15 #include "sandbox/linux/tests/unit_tests.h" |
| 16 | 16 |
| 17 namespace sandbox { | 17 namespace sandbox { |
| 18 | 18 |
| 19 SandboxBPFTestRunner::SandboxBPFTestRunner( | 19 SandboxBPFTestRunner::SandboxBPFTestRunner( |
| 20 BPFTesterDelegate* bpf_tester_delegate) | 20 BPFTesterDelegate* bpf_tester_delegate) |
| 21 : bpf_tester_delegate_(bpf_tester_delegate) { | 21 : bpf_tester_delegate_(bpf_tester_delegate) { |
| 22 } | 22 } |
| 23 | 23 |
| 24 SandboxBPFTestRunner::~SandboxBPFTestRunner() { | 24 SandboxBPFTestRunner::~SandboxBPFTestRunner() { |
| 25 } | 25 } |
| 26 | 26 |
| 27 void SandboxBPFTestRunner::Run() { | 27 void SandboxBPFTestRunner::Run() { |
| 28 DCHECK(bpf_tester_delegate_); | 28 DCHECK(bpf_tester_delegate_); |
| 29 sandbox::Die::EnableSimpleExit(); | 29 sandbox::Die::EnableSimpleExit(); |
| 30 | 30 |
| 31 scoped_ptr<bpf_dsl::SandboxBPFDSLPolicy> policy = | 31 scoped_ptr<bpf_dsl::Policy> policy = |
| 32 bpf_tester_delegate_->GetSandboxBPFPolicy(); | 32 bpf_tester_delegate_->GetSandboxBPFPolicy(); |
| 33 | 33 |
| 34 if (sandbox::SandboxBPF::SupportsSeccompSandbox(-1) == | 34 if (sandbox::SandboxBPF::SupportsSeccompSandbox(-1) == |
| 35 sandbox::SandboxBPF::STATUS_AVAILABLE) { | 35 sandbox::SandboxBPF::STATUS_AVAILABLE) { |
| 36 // Ensure the the sandbox is actually available at this time | 36 // Ensure the the sandbox is actually available at this time |
| 37 int proc_fd; | 37 int proc_fd; |
| 38 SANDBOX_ASSERT((proc_fd = open("/proc", O_RDONLY | O_DIRECTORY)) >= 0); | 38 SANDBOX_ASSERT((proc_fd = open("/proc", O_RDONLY | O_DIRECTORY)) >= 0); |
| 39 SANDBOX_ASSERT(sandbox::SandboxBPF::SupportsSeccompSandbox(proc_fd) == | 39 SANDBOX_ASSERT(sandbox::SandboxBPF::SupportsSeccompSandbox(proc_fd) == |
| 40 sandbox::SandboxBPF::STATUS_AVAILABLE); | 40 sandbox::SandboxBPF::STATUS_AVAILABLE); |
| 41 | 41 |
| (...skipping 23 matching lines...) Expand all Loading... |
| 65 } | 65 } |
| 66 } | 66 } |
| 67 | 67 |
| 68 bool SandboxBPFTestRunner::ShouldCheckForLeaks() const { | 68 bool SandboxBPFTestRunner::ShouldCheckForLeaks() const { |
| 69 // LSAN requires being able to use ptrace() and other system calls that could | 69 // LSAN requires being able to use ptrace() and other system calls that could |
| 70 // be denied. | 70 // be denied. |
| 71 return false; | 71 return false; |
| 72 } | 72 } |
| 73 | 73 |
| 74 } // namespace sandbox | 74 } // namespace sandbox |
| OLD | NEW |