• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "sandbox/linux/seccomp-bpf/bpf_tests.h"
6 
7 #include <errno.h>
8 #include <sys/ptrace.h>
9 #include <sys/syscall.h>
10 #include <sys/types.h>
11 #include <unistd.h>
12 
13 #include "base/logging.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "build/build_config.h"
16 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
17 #include "sandbox/linux/services/linux_syscalls.h"
18 #include "sandbox/linux/tests/unit_tests.h"
19 #include "testing/gtest/include/gtest/gtest.h"
20 
21 namespace sandbox {
22 
23 namespace {
24 
25 class FourtyTwo {
26  public:
27   static const int kMagicValue = 42;
FourtyTwo()28   FourtyTwo() : value_(kMagicValue) {}
value()29   int value() { return value_; }
30 
31  private:
32   int value_;
33   DISALLOW_COPY_AND_ASSIGN(FourtyTwo);
34 };
35 
EmptyPolicyTakesClass(SandboxBPF * sandbox,int sysno,FourtyTwo * fourty_two)36 ErrorCode EmptyPolicyTakesClass(SandboxBPF* sandbox,
37                                 int sysno,
38                                 FourtyTwo* fourty_two) {
39   // |aux| should point to an instance of FourtyTwo.
40   BPF_ASSERT(fourty_two);
41   BPF_ASSERT(FourtyTwo::kMagicValue == fourty_two->value());
42   if (!SandboxBPF::IsValidSyscallNumber(sysno)) {
43     return ErrorCode(ENOSYS);
44   } else {
45     return ErrorCode(ErrorCode::ERR_ALLOWED);
46   }
47 }
48 
BPF_TEST(BPFTest,BPFAUXPointsToClass,EmptyPolicyTakesClass,FourtyTwo)49 BPF_TEST(BPFTest,
50          BPFAUXPointsToClass,
51          EmptyPolicyTakesClass,
52          FourtyTwo /* *BPF_AUX */) {
53   // BPF_AUX should point to an instance of FourtyTwo.
54   BPF_ASSERT(BPF_AUX);
55   BPF_ASSERT(FourtyTwo::kMagicValue == BPF_AUX->value());
56 }
57 
DummyTestFunction(FourtyTwo * fourty_two)58 void DummyTestFunction(FourtyTwo *fourty_two) {
59 }
60 
TEST(BPFTest,BPFTesterCompatibilityDelegateLeakTest)61 TEST(BPFTest, BPFTesterCompatibilityDelegateLeakTest) {
62   // Don't do anything, simply gives dynamic tools an opportunity to detect
63   // leaks.
64   {
65     BPFTesterCompatibilityDelegate<FourtyTwo> simple_delegate(
66         DummyTestFunction, EmptyPolicyTakesClass);
67   }
68   {
69     // Test polymorphism.
70     scoped_ptr<BPFTesterDelegate> simple_delegate(
71         new BPFTesterCompatibilityDelegate<FourtyTwo>(DummyTestFunction,
72                                                       EmptyPolicyTakesClass));
73   }
74 }
75 
76 class EnosysPtracePolicy : public SandboxBPFPolicy {
77  public:
EnosysPtracePolicy()78   EnosysPtracePolicy() {
79     my_pid_ = syscall(__NR_getpid);
80   }
~EnosysPtracePolicy()81   virtual ~EnosysPtracePolicy() {
82     // Policies should be able to bind with the process on which they are
83     // created. They should never be created in a parent process.
84     BPF_ASSERT_EQ(my_pid_, syscall(__NR_getpid));
85   }
86 
EvaluateSyscall(SandboxBPF * sandbox_compiler,int system_call_number) const87   virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler,
88                                     int system_call_number) const OVERRIDE {
89     if (!SandboxBPF::IsValidSyscallNumber(system_call_number)) {
90       return ErrorCode(ENOSYS);
91     } else if (system_call_number == __NR_ptrace) {
92       // The EvaluateSyscall function should run in the process that created
93       // the current object.
94       BPF_ASSERT_EQ(my_pid_, syscall(__NR_getpid));
95       return ErrorCode(ENOSYS);
96     } else {
97       return ErrorCode(ErrorCode::ERR_ALLOWED);
98     }
99   }
100 
101  private:
102   pid_t my_pid_;
103   DISALLOW_COPY_AND_ASSIGN(EnosysPtracePolicy);
104 };
105 
106 class BasicBPFTesterDelegate : public BPFTesterDelegate {
107  public:
BasicBPFTesterDelegate()108   BasicBPFTesterDelegate() {}
~BasicBPFTesterDelegate()109   virtual ~BasicBPFTesterDelegate() {}
110 
GetSandboxBPFPolicy()111   virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() OVERRIDE {
112     return scoped_ptr<SandboxBPFPolicy>(new EnosysPtracePolicy());
113   }
RunTestFunction()114   virtual void RunTestFunction() OVERRIDE {
115     errno = 0;
116     int ret = ptrace(PTRACE_TRACEME, -1, NULL, NULL);
117     BPF_ASSERT(-1 == ret);
118     BPF_ASSERT(ENOSYS == errno);
119   }
120 
121  private:
122   DISALLOW_COPY_AND_ASSIGN(BasicBPFTesterDelegate);
123 };
124 
125 // This is the most powerful and complex way to create a BPF test, but it
126 // requires a full class definition (BasicBPFTesterDelegate).
127 BPF_TEST_D(BPFTest, BPFTestWithDelegateClass, BasicBPFTesterDelegate);
128 
129 // This is the simplest form of BPF tests.
BPF_TEST_C(BPFTest,BPFTestWithInlineTest,EnosysPtracePolicy)130 BPF_TEST_C(BPFTest, BPFTestWithInlineTest, EnosysPtracePolicy) {
131   errno = 0;
132   int ret = ptrace(PTRACE_TRACEME, -1, NULL, NULL);
133   BPF_ASSERT(-1 == ret);
134   BPF_ASSERT(ENOSYS == errno);
135 }
136 
137 }  // namespace
138 
139 }  // namespace sandbox
140