• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
6 #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
7 
8 #include "base/macros.h"
9 #include "base/memory/scoped_ptr.h"
10 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"
11 #include "sandbox/linux/tests/sandbox_test_runner.h"
12 
13 namespace sandbox {
14 
15 // To create a SandboxBPFTestRunner object, one needs to implement this
16 // interface and pass an instance to the SandboxBPFTestRunner constructor.
17 // In the child process running the test, the BPFTesterDelegate object is
18 // guaranteed to not be destroyed until the child process terminates.
19 class BPFTesterDelegate {
20  public:
BPFTesterDelegate()21   BPFTesterDelegate() {}
~BPFTesterDelegate()22   virtual ~BPFTesterDelegate() {}
23 
24   // This will instanciate a policy suitable for the test we want to run. It is
25   // guaranteed to only be called from the child process that will run the
26   // test.
27   virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() = 0;
28   // This will be called from a child process with the BPF sandbox turned on.
29   virtual void RunTestFunction() = 0;
30 
31  private:
32   DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate);
33 };
34 
35 // This class implements the SandboxTestRunner interface and Run() will
36 // initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and
37 // run a test function (via |bpf_tester_delegate|) if the current kernel
38 // configuration allows it. If it can not run the test under seccomp-bpf,
39 // Run() will still compile the policy which should allow to get some coverage
40 // under tools such as Valgrind.
41 class SandboxBPFTestRunner : public SandboxTestRunner {
42  public:
43   // This constructor takes ownership of the |bpf_tester_delegate| object.
44   // (It doesn't take a scoped_ptr since they make polymorphism verbose).
45   explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate);
46   virtual ~SandboxBPFTestRunner();
47 
48   virtual void Run() OVERRIDE;
49 
50   virtual bool ShouldCheckForLeaks() const OVERRIDE;
51 
52  private:
53   scoped_ptr<BPFTesterDelegate> bpf_tester_delegate_;
54   DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner);
55 };
56 
57 }  // namespace sandbox
58 
59 #endif  // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
60