• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 #include "sandboxed_api/sandbox2/util/bpf_helper.h"
2 
3 #include <linux/filter.h>
4 
5 #include <string>
6 #include <vector>
7 
8 #include "gtest/gtest.h"
9 #include "absl/strings/str_cat.h"
10 
11 namespace {
12 
AddMaxLabels(bpf_labels & labels)13 void AddMaxLabels(bpf_labels& labels) {
14   static std::vector<std::string>* label_strs = []() {
15     auto* label_strs = new std::vector<std::string>();
16     for (int i = 0; i < BPF_LABELS_MAX; ++i) {
17       label_strs->push_back(absl::StrCat("lbl", i));
18     }
19     return label_strs;
20   }();
21   for (int i = 0; i < BPF_LABELS_MAX; ++i) {
22     seccomp_bpf_label(&labels, (*label_strs)[i].c_str());
23   }
24 }
25 
TEST(BpfHelperTest,MaxLabels)26 TEST(BpfHelperTest, MaxLabels) {
27   bpf_labels labels = {};
28   AddMaxLabels(labels);
29   std::vector<struct sock_filter> filter = {
30       ALLOW,
31   };
32   EXPECT_EQ(bpf_resolve_jumps(&labels, filter.data(), filter.size()), 0);
33 }
34 
TEST(BpfHelperTest,LabelOverflow)35 TEST(BpfHelperTest, LabelOverflow) {
36   bpf_labels labels = {};
37   AddMaxLabels(labels);
38   std::vector<struct sock_filter> filter = {
39       JUMP(&labels, overflow),
40       LABEL(&labels, overflow),
41       ALLOW,
42   };
43   filter.push_back(ALLOW);
44   EXPECT_NE(bpf_resolve_jumps(&labels, filter.data(), filter.size()), 0);
45 }
46 
TEST(BpfHelperTest,UnresolvedLabel)47 TEST(BpfHelperTest, UnresolvedLabel) {
48   bpf_labels labels = {};
49   std::vector<struct sock_filter> filter = {
50       JUMP(&labels, unresolved),
51       LABEL(&labels, unused),
52   };
53   filter.push_back(ALLOW);
54   EXPECT_NE(bpf_resolve_jumps(&labels, filter.data(), filter.size()), 0);
55 }
56 
TEST(BpfHelperTest,BackwardJump)57 TEST(BpfHelperTest, BackwardJump) {
58   bpf_labels labels = {};
59   std::vector<struct sock_filter> filter = {
60       LABEL(&labels, backward),
61       JUMP(&labels, backward),
62   };
63   filter.push_back(ALLOW);
64   EXPECT_NE(bpf_resolve_jumps(&labels, filter.data(), filter.size()), 0);
65 }
66 
TEST(BpfHelperTest,Duplicate)67 TEST(BpfHelperTest, Duplicate) {
68   bpf_labels labels = {};
69   std::vector<struct sock_filter> filter = {
70       JUMP(&labels, dup),
71       LABEL(&labels, dup),
72       LABEL(&labels, dup),
73   };
74   filter.push_back(ALLOW);
75   EXPECT_NE(bpf_resolve_jumps(&labels, filter.data(), filter.size()), 0);
76 }
77 
TEST(BpfHelperTest,OutOfBoundsLabel)78 TEST(BpfHelperTest, OutOfBoundsLabel) {
79   bpf_labels labels = {};
80   std::vector<struct sock_filter> filter = {
81       JUMP(&labels, normal),
82       LABEL(&labels, normal),
83       BPF_JUMP(BPF_JMP + BPF_JA, 1, JUMP_JT, JUMP_JF),
84   };
85   filter.push_back(ALLOW);
86   EXPECT_NE(bpf_resolve_jumps(&labels, filter.data(), filter.size()), 0);
87 }
88 
89 }  // namespace
90