Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(767)

Unified Diff: sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc

Issue 761903003: Update from https://crrev.com/306655 (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « sandbox/linux/bpf_dsl/bpf_dsl_impl.h ('k') | sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc
diff --git a/sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc b/sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc
index 66669e796c69dbba717395c2a4772c96f5716aa3..df5dbd508f1892530a36c9896de280a6723618e2 100644
--- a/sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc
+++ b/sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc
@@ -42,6 +42,7 @@
#include "sandbox/linux/seccomp-bpf/trap.h"
#include "sandbox/linux/services/linux_syscalls.h"
#include "sandbox/linux/services/syscall_wrappers.h"
+#include "sandbox/linux/syscall_broker/broker_file_permission.h"
#include "sandbox/linux/syscall_broker/broker_process.h"
#include "sandbox/linux/tests/scoped_temporary_file.h"
#include "sandbox/linux/tests/unit_tests.h"
@@ -75,28 +76,6 @@ void EnableUnsafeTraps() {
Die::SuppressInfoMessages(true);
}
-// This test should execute no matter whether we have kernel support. So,
-// we make it a TEST() instead of a BPF_TEST().
-TEST(SandboxBPF, DISABLE_ON_TSAN(CallSupports)) {
- // We check that we don't crash, but it's ok if the kernel doesn't
- // support it.
- bool seccomp_bpf_supported =
- SandboxBPF::SupportsSeccompSandbox(-1) == SandboxBPF::STATUS_AVAILABLE;
- // We want to log whether or not seccomp BPF is actually supported
- // since actual test coverage depends on it.
- RecordProperty("SeccompBPFSupported",
- seccomp_bpf_supported ? "true." : "false.");
- std::cout << "Seccomp BPF supported: "
- << (seccomp_bpf_supported ? "true." : "false.") << "\n";
- RecordProperty("PointerSize", sizeof(void*));
- std::cout << "Pointer size: " << sizeof(void*) << "\n";
-}
-
-SANDBOX_TEST(SandboxBPF, DISABLE_ON_TSAN(CallSupportsTwice)) {
- SandboxBPF::SupportsSeccompSandbox(-1);
- SandboxBPF::SupportsSeccompSandbox(-1);
-}
-
// BPF_TEST does a lot of the boiler-plate code around setting up a
// policy and optional passing data between the caller, the policy and
// any Trap() handlers. This is great for writing short and concise tests,
@@ -131,13 +110,12 @@ class VerboseAPITestingPolicy : public Policy {
};
SANDBOX_TEST(SandboxBPF, DISABLE_ON_TSAN(VerboseAPITesting)) {
- if (SandboxBPF::SupportsSeccompSandbox(-1) ==
- sandbox::SandboxBPF::STATUS_AVAILABLE) {
+ if (SandboxBPF::SupportsSeccompSandbox(
+ SandboxBPF::SeccompLevel::SINGLE_THREADED)) {
static int counter = 0;
- SandboxBPF sandbox;
- sandbox.SetSandboxPolicy(new VerboseAPITestingPolicy(&counter));
- BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED));
+ SandboxBPF sandbox(new VerboseAPITestingPolicy(&counter));
+ BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::SeccompLevel::SINGLE_THREADED));
BPF_ASSERT_EQ(0, counter);
BPF_ASSERT_EQ(0, syscall(__NR_uname, 0));
@@ -179,6 +157,14 @@ BPF_TEST_C(SandboxBPF, ApplyBasicBlacklistPolicy, BlacklistNanosleepPolicy) {
BlacklistNanosleepPolicy::AssertNanosleepFails();
}
+BPF_TEST_C(SandboxBPF, UseVsyscall, BlacklistNanosleepPolicy) {
+ time_t current_time;
+ // time() is implemented as a vsyscall. With an older glibc, with
+ // vsyscall=emulate and some versions of the seccomp BPF patch
+ // we may get SIGKILL-ed. Detect this!
+ BPF_ASSERT_NE(static_cast<time_t>(-1), time(&current_time));
+}
+
// Now do a simple whitelist test
class WhitelistGetpidPolicy : public Policy {
@@ -396,9 +382,8 @@ BPF_TEST_C(SandboxBPF, StackingPolicy, StackingPolicyPartOne) {
// Stack a second sandbox with its own policy. Verify that we can further
// restrict filters, but we cannot relax existing filters.
- SandboxBPF sandbox;
- sandbox.SetSandboxPolicy(new StackingPolicyPartTwo());
- BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED));
+ SandboxBPF sandbox(new StackingPolicyPartTwo());
+ BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::SeccompLevel::SINGLE_THREADED));
errno = 0;
BPF_ASSERT(syscall(__NR_getppid, 0) == -1);
@@ -756,12 +741,14 @@ bool NoOpCallback() {
class InitializedOpenBroker {
public:
InitializedOpenBroker() : initialized_(false) {
- std::vector<std::string> allowed_files;
- allowed_files.push_back("/proc/allowed");
- allowed_files.push_back("/proc/cpuinfo");
-
- broker_process_.reset(new syscall_broker::BrokerProcess(
- EPERM, allowed_files, std::vector<std::string>()));
+ std::vector<syscall_broker::BrokerFilePermission> permissions;
+ permissions.push_back(
+ syscall_broker::BrokerFilePermission::ReadOnly("/proc/allowed"));
+ permissions.push_back(
+ syscall_broker::BrokerFilePermission::ReadOnly("/proc/cpuinfo"));
+
+ broker_process_.reset(
+ new syscall_broker::BrokerProcess(EPERM, permissions));
BPF_ASSERT(broker_process() != NULL);
BPF_ASSERT(broker_process_->Init(base::Bind(&NoOpCallback)));
@@ -2069,8 +2056,8 @@ class TraceAllPolicy : public Policy {
};
SANDBOX_TEST(SandboxBPF, DISABLE_ON_TSAN(SeccompRetTrace)) {
- if (SandboxBPF::SupportsSeccompSandbox(-1) !=
- sandbox::SandboxBPF::STATUS_AVAILABLE) {
+ if (!SandboxBPF::SupportsSeccompSandbox(
+ SandboxBPF::SeccompLevel::SINGLE_THREADED)) {
return;
}
@@ -2094,9 +2081,8 @@ SANDBOX_TEST(SandboxBPF, DISABLE_ON_TSAN(SeccompRetTrace)) {
pid_t my_pid = getpid();
BPF_ASSERT_NE(-1, ptrace(PTRACE_TRACEME, -1, NULL, NULL));
BPF_ASSERT_EQ(0, raise(SIGSTOP));
- SandboxBPF sandbox;
- sandbox.SetSandboxPolicy(new TraceAllPolicy);
- BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED));
+ SandboxBPF sandbox(new TraceAllPolicy);
+ BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::SeccompLevel::SINGLE_THREADED));
// getpid is allowed.
BPF_ASSERT_EQ(my_pid, sys_getpid());
@@ -2267,8 +2253,8 @@ void* TsyncApplyToTwoThreadsFunc(void* cond_ptr) {
}
SANDBOX_TEST(SandboxBPF, Tsync) {
- if (SandboxBPF::SupportsSeccompThreadFilterSynchronization() !=
- SandboxBPF::STATUS_AVAILABLE) {
+ if (!(SandboxBPF::SupportsSeccompSandbox(
+ SandboxBPF::SeccompLevel::MULTI_THREADED))) {
return;
}
@@ -2284,9 +2270,8 @@ SANDBOX_TEST(SandboxBPF, Tsync) {
BPF_ASSERT_EQ(0, HANDLE_EINTR(syscall(__NR_nanosleep, &ts, NULL)));
// Engage the sandbox.
- SandboxBPF sandbox;
- sandbox.SetSandboxPolicy(new BlacklistNanosleepPolicy());
- BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::PROCESS_MULTI_THREADED));
+ SandboxBPF sandbox(new BlacklistNanosleepPolicy());
+ BPF_ASSERT(sandbox.StartSandbox(SandboxBPF::SeccompLevel::MULTI_THREADED));
// This thread should have the filter applied as well.
BlacklistNanosleepPolicy::AssertNanosleepFails();
@@ -2316,9 +2301,8 @@ SANDBOX_DEATH_TEST(
base::Thread thread("sandbox.linux.StartMultiThreadedAsSingleThreaded");
BPF_ASSERT(thread.Start());
- SandboxBPF sandbox;
- sandbox.SetSandboxPolicy(new AllowAllPolicy());
- BPF_ASSERT(!sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED));
+ SandboxBPF sandbox(new AllowAllPolicy());
+ BPF_ASSERT(!sandbox.StartSandbox(SandboxBPF::SeccompLevel::SINGLE_THREADED));
}
// http://crbug.com/407357
@@ -2329,9 +2313,8 @@ SANDBOX_DEATH_TEST(
DEATH_MESSAGE(
"Cannot start sandbox; process may be single-threaded when "
"reported as not")) {
- SandboxBPF sandbox;
- sandbox.SetSandboxPolicy(new AllowAllPolicy());
- BPF_ASSERT(!sandbox.StartSandbox(SandboxBPF::PROCESS_MULTI_THREADED));
+ SandboxBPF sandbox(new AllowAllPolicy());
+ BPF_ASSERT(!sandbox.StartSandbox(SandboxBPF::SeccompLevel::MULTI_THREADED));
}
#endif // !defined(THREAD_SANITIZER)
« no previous file with comments | « sandbox/linux/bpf_dsl/bpf_dsl_impl.h ('k') | sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698