Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(72)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc

Issue 683113005: Update from chromium https://crrev.com/302282 (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/seccomp-bpf-helpers/baseline_policy.h ('k') | sandbox/linux/tests/sandbox_test_runner_function_pointer.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" 5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <sched.h> 8 #include <sched.h>
9 #include <sys/syscall.h> 9 #include <sys/syscall.h>
10 #include <time.h> 10 #include <time.h>
(...skipping 24 matching lines...) Expand all
35 35
36 // NOTE: most of the parameter restrictions are tested in 36 // NOTE: most of the parameter restrictions are tested in
37 // baseline_policy_unittest.cc as a more end-to-end test. 37 // baseline_policy_unittest.cc as a more end-to-end test.
38 38
39 using sandbox::bpf_dsl::Allow; 39 using sandbox::bpf_dsl::Allow;
40 using sandbox::bpf_dsl::ResultExpr; 40 using sandbox::bpf_dsl::ResultExpr;
41 41
42 class RestrictClockIdPolicy : public bpf_dsl::Policy { 42 class RestrictClockIdPolicy : public bpf_dsl::Policy {
43 public: 43 public:
44 RestrictClockIdPolicy() {} 44 RestrictClockIdPolicy() {}
45 virtual ~RestrictClockIdPolicy() {} 45 ~RestrictClockIdPolicy() override {}
46 46
47 virtual ResultExpr EvaluateSyscall(int sysno) const override { 47 ResultExpr EvaluateSyscall(int sysno) const override {
48 switch (sysno) { 48 switch (sysno) {
49 case __NR_clock_gettime: 49 case __NR_clock_gettime:
50 case __NR_clock_getres: 50 case __NR_clock_getres:
51 return RestrictClockID(); 51 return RestrictClockID();
52 default: 52 default:
53 return Allow(); 53 return Allow();
54 } 54 }
55 } 55 }
56 }; 56 };
57 57
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after
138 MAKE_PROCESS_CPUCLOCK(kInitPID, CPUCLOCK_SCHED); 138 MAKE_PROCESS_CPUCLOCK(kInitPID, CPUCLOCK_SCHED);
139 139
140 struct timespec ts; 140 struct timespec ts;
141 clock_gettime(kInitCPUClockID, &ts); 141 clock_gettime(kInitCPUClockID, &ts);
142 } 142 }
143 #endif // !defined(OS_ANDROID) 143 #endif // !defined(OS_ANDROID)
144 144
145 class RestrictSchedPolicy : public bpf_dsl::Policy { 145 class RestrictSchedPolicy : public bpf_dsl::Policy {
146 public: 146 public:
147 RestrictSchedPolicy() {} 147 RestrictSchedPolicy() {}
148 virtual ~RestrictSchedPolicy() {} 148 ~RestrictSchedPolicy() override {}
149 149
150 virtual ResultExpr EvaluateSyscall(int sysno) const override { 150 ResultExpr EvaluateSyscall(int sysno) const override {
151 switch (sysno) { 151 switch (sysno) {
152 case __NR_sched_getparam: 152 case __NR_sched_getparam:
153 return RestrictSchedTarget(getpid(), sysno); 153 return RestrictSchedTarget(getpid(), sysno);
154 default: 154 default:
155 return Allow(); 155 return Allow();
156 } 156 }
157 } 157 }
158 }; 158 };
159 159
160 void CheckSchedGetParam(pid_t pid, struct sched_param* param) { 160 void CheckSchedGetParam(pid_t pid, struct sched_param* param) {
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
204 DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()), 204 DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
205 RestrictSchedPolicy) { 205 RestrictSchedPolicy) {
206 const pid_t kInitPID = 1; 206 const pid_t kInitPID = 1;
207 struct sched_param param; 207 struct sched_param param;
208 sched_getparam(kInitPID, &param); 208 sched_getparam(kInitPID, &param);
209 } 209 }
210 210
211 } // namespace 211 } // namespace
212 212
213 } // namespace sandbox 213 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp-bpf-helpers/baseline_policy.h ('k') | sandbox/linux/tests/sandbox_test_runner_function_pointer.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698