sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc - Issue 944823002: Revert of bpf_dsl: Change bpf_dsl_unittests into actual standalone unit tests

Unified Diff: sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc

Issue 944823002: Revert of bpf_dsl: Change bpf_dsl_unittests into actual standalone unit tests (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc

diff --git a/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc b/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc

index 168eaecfcc4f4701b3de355c1a3d98d748bd8dc4..cffadc5035e05fd42275cecfbf0384ffe1221235 100644

--- a/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc

+++ b/sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc

@@ -16,95 +16,51 @@

#include "base/macros.h"

#include "build/build_config.h"

#include "sandbox/linux/bpf_dsl/bpf_dsl_impl.h"

-#include "sandbox/linux/bpf_dsl/codegen.h"

#include "sandbox/linux/bpf_dsl/policy.h"

-#include "sandbox/linux/bpf_dsl/policy_compiler.h"

-#include "sandbox/linux/bpf_dsl/seccomp_macros.h"

-#include "sandbox/linux/bpf_dsl/trap_registry.h"

+#include "sandbox/linux/seccomp-bpf/bpf_tests.h"

#include "sandbox/linux/seccomp-bpf/errorcode.h"

-#include "sandbox/linux/seccomp-bpf/verifier.h"

+#include "sandbox/linux/seccomp-bpf/syscall.h"

#include "testing/gtest/include/gtest/gtest.h"

#define CASES SANDBOX_BPF_DSL_CASES

+// Helper macro to assert that invoking system call |sys| directly via

+// Syscall::Call with arguments |...| returns |res|.

+// Errors can be asserted by specifying a value like "-EINVAL".

+#define ASSERT_SYSCALL_RESULT(res, sys, ...) \

+ BPF_ASSERT_EQ(res, Stubs::sys(__VA_ARGS__))

namespace sandbox {

namespace bpf_dsl {

namespace {

-// Helper function to construct fake arch_seccomp_data objects.

-struct arch_seccomp_data FakeSyscall(int nr,

- uint64_t p0 = 0,

- uint64_t p1 = 0,

- uint64_t p2 = 0,

- uint64_t p3 = 0,

- uint64_t p4 = 0,

- uint64_t p5 = 0) {

- // Made up program counter for syscall address.

- const uint64_t kFakePC = 0x543210;

- struct arch_seccomp_data data = {

- nr,

- SECCOMP_ARCH,

- kFakePC,

- {

- p0, p1, p2, p3, p4, p5,

- },

- };

- return data;

-class FakeTrapRegistry : public TrapRegistry {

- public:

- FakeTrapRegistry() : next_id_(1) {}

- virtual ~FakeTrapRegistry() {}

- uint16_t Add(TrapFnc fnc, const void* aux, bool safe) override {

- EXPECT_NE(0U, next_id_);

- return next_id_++;

- }

- bool EnableUnsafeTraps() override {

- ADD_FAILURE() << "Unimplemented";

- return false;

- }

- private:

- uint16_t next_id_;

- DISALLOW_COPY_AND_ASSIGN(FakeTrapRegistry);

-};

-class PolicyEmulator {

- public:

- explicit PolicyEmulator(const Policy* policy) : program_(), traps_() {

- program_ = *PolicyCompiler(policy, &traps_).Compile();

- }

- ~PolicyEmulator() {}

- uint32_t Emulate(const struct arch_seccomp_data& data) const {

- const char* err = nullptr;

- uint32_t res = Verifier::EvaluateBPF(program_, data, &err);

- if (err) {

- ADD_FAILURE() << err;

- return 0;

- }

- return res;

- }

- void ExpectAllow(const struct arch_seccomp_data& data) const {

- EXPECT_EQ(SECCOMP_RET_ALLOW, Emulate(data));

- }

- void ExpectErrno(uint16_t err, const struct arch_seccomp_data& data) const {

- EXPECT_EQ(SECCOMP_RET_ERRNO | err, Emulate(data));

- }

- private:

- CodeGen::Program program_;

- FakeTrapRegistry traps_;

- DISALLOW_COPY_AND_ASSIGN(PolicyEmulator);

+// Type safe stubs for tested system calls.

+class Stubs {

+ public:

+ static int getpgid(pid_t pid) { return Syscall::Call(__NR_getpgid, pid); }

+ static int setuid(uid_t uid) { return Syscall::Call(__NR_setuid, uid); }

+ static int setgid(gid_t gid) { return Syscall::Call(__NR_setgid, gid); }

+ static int setpgid(pid_t pid, pid_t pgid) {

+ return Syscall::Call(__NR_setpgid, pid, pgid);

+ }

+ static int fcntl(int fd, int cmd, unsigned long arg = 0) {

+ return Syscall::Call(__NR_fcntl, fd, cmd, arg);

+ }

+ static int uname(struct utsname* buf) {

+ return Syscall::Call(__NR_uname, buf);

+ }

+ static int setresuid(uid_t ruid, uid_t euid, uid_t suid) {

+ return Syscall::Call(__NR_setresuid, ruid, euid, suid);

+ }

+#if !defined(ARCH_CPU_X86)

+ static int socketpair(int domain, int type, int protocol, int sv[2]) {

+ return Syscall::Call(__NR_socketpair, domain, type, protocol, sv);

+ }

+#endif

};

class BasicPolicy : public Policy {

@@ -127,15 +83,12 @@

DISALLOW_COPY_AND_ASSIGN(BasicPolicy);

};

-TEST(BPFDSL, Basic) {

- BasicPolicy policy;

- PolicyEmulator emulator(&policy);

- emulator.ExpectErrno(EPERM, FakeSyscall(__NR_getpgid, 0));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_getpgid, 1));

- emulator.ExpectErrno(ENOMEM, FakeSyscall(__NR_setuid, 42));

- emulator.ExpectErrno(ESRCH, FakeSyscall(__NR_setuid, 43));

+BPF_TEST_C(BPFDSL, Basic, BasicPolicy) {

+ ASSERT_SYSCALL_RESULT(-EPERM, getpgid, 0);

+ ASSERT_SYSCALL_RESULT(-EINVAL, getpgid, 1);

+ ASSERT_SYSCALL_RESULT(-ENOMEM, setuid, 42);

+ ASSERT_SYSCALL_RESULT(-ESRCH, setuid, 43);

}

/* On IA-32, socketpair() is implemented via socketcall(). :-( */

@@ -159,30 +112,22 @@

DISALLOW_COPY_AND_ASSIGN(BooleanLogicPolicy);

};

-TEST(BPFDSL, BooleanLogic) {

- BooleanLogicPolicy policy;

- PolicyEmulator emulator(&policy);

- const intptr_t kFakeSV = 0x12345;

+BPF_TEST_C(BPFDSL, BooleanLogic, BooleanLogicPolicy) {

+ int sv[2];

// Acceptable combinations that should return EPERM.

- emulator.ExpectErrno(

- EPERM, FakeSyscall(__NR_socketpair, AF_UNIX, SOCK_STREAM, 0, kFakeSV));

- emulator.ExpectErrno(

- EPERM, FakeSyscall(__NR_socketpair, AF_UNIX, SOCK_DGRAM, 0, kFakeSV));

+ ASSERT_SYSCALL_RESULT(-EPERM, socketpair, AF_UNIX, SOCK_STREAM, 0, sv);

+ ASSERT_SYSCALL_RESULT(-EPERM, socketpair, AF_UNIX, SOCK_DGRAM, 0, sv);

// Combinations that are invalid for only one reason; should return EINVAL.

- emulator.ExpectErrno(

- EINVAL, FakeSyscall(__NR_socketpair, AF_INET, SOCK_STREAM, 0, kFakeSV));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_socketpair, AF_UNIX,

- SOCK_SEQPACKET, 0, kFakeSV));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_socketpair, AF_UNIX,

- SOCK_STREAM, IPPROTO_TCP, kFakeSV));

+ ASSERT_SYSCALL_RESULT(-EINVAL, socketpair, AF_INET, SOCK_STREAM, 0, sv);

+ ASSERT_SYSCALL_RESULT(-EINVAL, socketpair, AF_UNIX, SOCK_SEQPACKET, 0, sv);

+ ASSERT_SYSCALL_RESULT(

+ -EINVAL, socketpair, AF_UNIX, SOCK_STREAM, IPPROTO_TCP, sv);

// Completely unacceptable combination; should also return EINVAL.

- emulator.ExpectErrno(

- EINVAL, FakeSyscall(__NR_socketpair, AF_INET, SOCK_SEQPACKET, IPPROTO_UDP,

- kFakeSV));

+ ASSERT_SYSCALL_RESULT(

+ -EINVAL, socketpair, AF_INET, SOCK_SEQPACKET, IPPROTO_UDP, sv);

}

#endif // !ARCH_CPU_X86

@@ -204,23 +149,20 @@

DISALLOW_COPY_AND_ASSIGN(MoreBooleanLogicPolicy);

};

-TEST(BPFDSL, MoreBooleanLogic) {

- MoreBooleanLogicPolicy policy;

- PolicyEmulator emulator(&policy);

+BPF_TEST_C(BPFDSL, MoreBooleanLogic, MoreBooleanLogicPolicy) {

// Expect EPERM if any set to 0.

- emulator.ExpectErrno(EPERM, FakeSyscall(__NR_setresuid, 0, 5, 5));

- emulator.ExpectErrno(EPERM, FakeSyscall(__NR_setresuid, 5, 0, 5));

- emulator.ExpectErrno(EPERM, FakeSyscall(__NR_setresuid, 5, 5, 0));

+ ASSERT_SYSCALL_RESULT(-EPERM, setresuid, 0, 5, 5);

+ ASSERT_SYSCALL_RESULT(-EPERM, setresuid, 5, 0, 5);

+ ASSERT_SYSCALL_RESULT(-EPERM, setresuid, 5, 5, 0);

// Expect EAGAIN if all set to 1.

- emulator.ExpectErrno(EAGAIN, FakeSyscall(__NR_setresuid, 1, 1, 1));

+ ASSERT_SYSCALL_RESULT(-EAGAIN, setresuid, 1, 1, 1);

// Expect EINVAL for anything else.

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 5, 1, 1));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 1, 5, 1));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 1, 1, 5));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setresuid, 3, 4, 5));

+ ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 5, 1, 1);

+ ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 1, 5, 1);

+ ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 1, 1, 5);

+ ASSERT_SYSCALL_RESULT(-EINVAL, setresuid, 3, 4, 5);

}

static const uintptr_t kDeadBeefAddr =

@@ -242,16 +184,12 @@

DISALLOW_COPY_AND_ASSIGN(ArgSizePolicy);

};

-TEST(BPFDSL, ArgSizeTest) {

- ArgSizePolicy policy;

- PolicyEmulator emulator(&policy);

- emulator.ExpectAllow(FakeSyscall(__NR_uname, 0));

- emulator.ExpectErrno(EPERM, FakeSyscall(__NR_uname, kDeadBeefAddr));

-#if 0

-// TODO(mdempsky): This is really an integration test.

+BPF_TEST_C(BPFDSL, ArgSizeTest, ArgSizePolicy) {

+ struct utsname buf;

+ ASSERT_SYSCALL_RESULT(0, uname, &buf);

+ ASSERT_SYSCALL_RESULT(

+ -EPERM, uname, reinterpret_cast<struct utsname*>(kDeadBeefAddr));

class TrappingPolicy : public Policy {

public:

@@ -282,7 +220,6 @@

ASSERT_SYSCALL_RESULT(2, uname, NULL);

ASSERT_SYSCALL_RESULT(3, uname, NULL);

}

-#endif

class MaskingPolicy : public Policy {

public:

@@ -308,23 +245,20 @@

DISALLOW_COPY_AND_ASSIGN(MaskingPolicy);

};

-TEST(BPFDSL, MaskTest) {

- MaskingPolicy policy;

- PolicyEmulator emulator(&policy);

+BPF_TEST_C(BPFDSL, MaskTest, MaskingPolicy) {

for (uid_t uid = 0; uid < 0x100; ++uid) {

const int expect_errno = (uid & 0xf) == 0 ? EINVAL : EACCES;

- emulator.ExpectErrno(expect_errno, FakeSyscall(__NR_setuid, uid));

+ ASSERT_SYSCALL_RESULT(-expect_errno, setuid, uid);

}

for (gid_t gid = 0; gid < 0x100; ++gid) {

const int expect_errno = (gid & 0xf0) == 0xf0 ? EINVAL : EACCES;

- emulator.ExpectErrno(expect_errno, FakeSyscall(__NR_setgid, gid));

+ ASSERT_SYSCALL_RESULT(-expect_errno, setgid, gid);

}

for (pid_t pid = 0; pid < 0x100; ++pid) {

const int expect_errno = (pid & 0xa5) == 0xa0 ? EINVAL : EACCES;

- emulator.ExpectErrno(expect_errno, FakeSyscall(__NR_setpgid, pid, 0));

+ ASSERT_SYSCALL_RESULT(-expect_errno, setpgid, pid, 0);

}

@@ -347,20 +281,17 @@

DISALLOW_COPY_AND_ASSIGN(ElseIfPolicy);

};

-TEST(BPFDSL, ElseIfTest) {

- ElseIfPolicy policy;

- PolicyEmulator emulator(&policy);

- emulator.ExpectErrno(0, FakeSyscall(__NR_setuid, 0));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setuid, 0x0001));

- emulator.ExpectErrno(EINVAL, FakeSyscall(__NR_setuid, 0x0002));

- emulator.ExpectErrno(EEXIST, FakeSyscall(__NR_setuid, 0x0011));

- emulator.ExpectErrno(EEXIST, FakeSyscall(__NR_setuid, 0x0022));

- emulator.ExpectErrno(EACCES, FakeSyscall(__NR_setuid, 0x0111));

- emulator.ExpectErrno(EACCES, FakeSyscall(__NR_setuid, 0x0222));

+BPF_TEST_C(BPFDSL, ElseIfTest, ElseIfPolicy) {

+ ASSERT_SYSCALL_RESULT(0, setuid, 0);

+ ASSERT_SYSCALL_RESULT(-EINVAL, setuid, 0x0001);

+ ASSERT_SYSCALL_RESULT(-EINVAL, setuid, 0x0002);

+ ASSERT_SYSCALL_RESULT(-EEXIST, setuid, 0x0011);

+ ASSERT_SYSCALL_RESULT(-EEXIST, setuid, 0x0022);

+ ASSERT_SYSCALL_RESULT(-EACCES, setuid, 0x0111);

+ ASSERT_SYSCALL_RESULT(-EACCES, setuid, 0x0222);

}

class SwitchPolicy : public Policy {

@@ -384,25 +315,19 @@

DISALLOW_COPY_AND_ASSIGN(SwitchPolicy);

};

-TEST(BPFDSL, SwitchTest) {

- SwitchPolicy policy;

- PolicyEmulator emulator(&policy);

- const int kFakeSockFD = 42;

- emulator.ExpectErrno(ENOENT, FakeSyscall(__NR_fcntl, kFakeSockFD, F_GETFD));

- emulator.ExpectErrno(ENOENT, FakeSyscall(__NR_fcntl, kFakeSockFD, F_GETFL));

- emulator.ExpectAllow(

- FakeSyscall(__NR_fcntl, kFakeSockFD, F_SETFD, O_CLOEXEC));

- emulator.ExpectErrno(EINVAL,

- FakeSyscall(__NR_fcntl, kFakeSockFD, F_SETFD, 0));

- emulator.ExpectErrno(EPERM,

- FakeSyscall(__NR_fcntl, kFakeSockFD, F_SETFL, O_RDONLY));

- emulator.ExpectErrno(EACCES,

- FakeSyscall(__NR_fcntl, kFakeSockFD, F_DUPFD, 0));

+BPF_TEST_C(BPFDSL, SwitchTest, SwitchPolicy) {

+ base::ScopedFD sock_fd(socket(AF_UNIX, SOCK_STREAM, 0));

+ BPF_ASSERT(sock_fd.is_valid());

+ ASSERT_SYSCALL_RESULT(-ENOENT, fcntl, sock_fd.get(), F_GETFD);

+ ASSERT_SYSCALL_RESULT(-ENOENT, fcntl, sock_fd.get(), F_GETFL);

+ ASSERT_SYSCALL_RESULT(0, fcntl, sock_fd.get(), F_SETFD, O_CLOEXEC);

+ ASSERT_SYSCALL_RESULT(-EINVAL, fcntl, sock_fd.get(), F_SETFD, 0);

+ ASSERT_SYSCALL_RESULT(-EPERM, fcntl, sock_fd.get(), F_SETFL, O_RDONLY);

+ ASSERT_SYSCALL_RESULT(-EACCES, fcntl, sock_fd.get(), F_DUPFD, 0);

}

static intptr_t DummyTrap(const struct arch_seccomp_data& data, void* aux) {

« no previous file with comments | « no previous file | sandbox/linux/bpf_dsl/seccomp_macros.h » ('j') | no next file with comments »