// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "sandbox/linux/seccomp-bpf/sandbox_bpf_test_runner.h"

#include <fcntl.h>
#include <linux/filter.h>

#include "base/logging.h"
#include "base/memory/scoped_ptr.h"
#include "sandbox/linux/seccomp-bpf/die.h"
#include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
#include "sandbox/linux/tests/unit_tests.h"

namespace sandbox {

SandboxBPFTestRunner::SandboxBPFTestRunner(
    BPFTesterDelegate* bpf_tester_delegate)
    : bpf_tester_delegate_(bpf_tester_delegate) {
}

SandboxBPFTestRunner::~SandboxBPFTestRunner() {
}

void SandboxBPFTestRunner::Run() {
  DCHECK(bpf_tester_delegate_);
  sandbox::Die::EnableSimpleExit();

  scoped_ptr<SandboxBPFPolicy> policy =
      bpf_tester_delegate_->GetSandboxBPFPolicy();

  if (sandbox::SandboxBPF::SupportsSeccompSandbox(-1) ==
      sandbox::SandboxBPF::STATUS_AVAILABLE) {
    // Ensure the the sandbox is actually available at this time
    int proc_fd;
    SANDBOX_ASSERT((proc_fd = open("/proc", O_RDONLY | O_DIRECTORY)) >= 0);
    SANDBOX_ASSERT(sandbox::SandboxBPF::SupportsSeccompSandbox(proc_fd) ==
                   sandbox::SandboxBPF::STATUS_AVAILABLE);

    // Initialize and then start the sandbox with our custom policy
    sandbox::SandboxBPF sandbox;
    sandbox.set_proc_fd(proc_fd);
    sandbox.SetSandboxPolicy(policy.release());
    SANDBOX_ASSERT(
        sandbox.StartSandbox(sandbox::SandboxBPF::PROCESS_SINGLE_THREADED));

    // Run the actual test.
    bpf_tester_delegate_->RunTestFunction();
  } else {
    printf("This BPF test is not fully running in this configuration!\n");
    // Android and Valgrind are the only configurations where we accept not
    // having kernel BPF support.
    if (!IsAndroid() && !IsRunningOnValgrind()) {
      const bool seccomp_bpf_is_supported = false;
      SANDBOX_ASSERT(seccomp_bpf_is_supported);
    }
    // Call the compiler and verify the policy. That's the least we can do,
    // if we don't have kernel support.
    sandbox::SandboxBPF sandbox;
    sandbox.SetSandboxPolicy(policy.release());
    sandbox::SandboxBPF::Program* program =
        sandbox.AssembleFilter(true /* force_verification */);
    delete program;
    sandbox::UnitTests::IgnoreThisTest();
  }
}

bool SandboxBPFTestRunner::ShouldCheckForLeaks() const {
  // LSAN requires being able to use ptrace() and other system calls that could
  // be denied.
  return false;
}

}  // namespace sandbox