sandbox/linux/bpf_dsl/syscall_set_unittest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "sandbox/linux/bpf_dsl/syscall_set.h"
   6
   7 #include <stdint.h>
   8
   9 #include "sandbox/linux/bpf_dsl/linux_syscall_ranges.h"
  10 #include "sandbox/linux/tests/unit_tests.h"
  11
  12 namespace sandbox {
  13
  14 namespace {
  15
  16 const SyscallSet kSyscallSets[] = {
  17     SyscallSet::All(),
  18     SyscallSet::InvalidOnly(),
  19 };
  20
  21 SANDBOX_TEST(SyscallSet, Monotonous) {
  22   for (const SyscallSet& set : kSyscallSets) {
  23     uint32_t prev = 0;
  24     bool have_prev = false;
  25     for (uint32_t sysnum : set) {
  26       if (have_prev) {
  27         SANDBOX_ASSERT(sysnum > prev);
  28       } else if (set == SyscallSet::All()) {
  29         // The iterator should start at 0.
  30         SANDBOX_ASSERT(sysnum == 0);
  31       }
  32
  33       prev = sysnum;
  34       have_prev = true;
  35     }
  36
  37     // The iterator should always return 0xFFFFFFFFu as the last value.
  38     SANDBOX_ASSERT(have_prev);
  39     SANDBOX_ASSERT(prev == 0xFFFFFFFFu);
  40   }
  41 }
  42
  43 // AssertRange checks that SyscallIterator produces all system call
  44 // numbers in the inclusive range [min, max].
  45 void AssertRange(uint32_t min, uint32_t max) {
  46   SANDBOX_ASSERT(min < max);
  47   uint32_t prev = min - 1;
  48   for (uint32_t sysnum : SyscallSet::All()) {
  49     if (sysnum >= min && sysnum <= max) {
  50       SANDBOX_ASSERT(prev == sysnum - 1);
  51       prev = sysnum;
  52     }
  53   }
  54   SANDBOX_ASSERT(prev == max);
  55 }
  56
  57 SANDBOX_TEST(SyscallSet, ValidSyscallRanges) {
  58   AssertRange(MIN_SYSCALL, MAX_PUBLIC_SYSCALL);
  59 #if defined(__arm__)
  60   AssertRange(MIN_PRIVATE_SYSCALL, MAX_PRIVATE_SYSCALL);
  61   AssertRange(MIN_GHOST_SYSCALL, MAX_SYSCALL);
  62 #endif
  63 }
  64
  65 SANDBOX_TEST(SyscallSet, InvalidSyscalls) {
  66   static const uint32_t kExpected[] = {
  67 #if defined(__mips__)
  68     0,
  69     MIN_SYSCALL - 1,
  70 #endif
  71     MAX_PUBLIC_SYSCALL + 1,
  72 #if defined(__arm__)
  73     MIN_PRIVATE_SYSCALL - 1,
  74     MAX_PRIVATE_SYSCALL + 1,
  75     MIN_GHOST_SYSCALL - 1,
  76     MAX_SYSCALL + 1,
  77 #endif
  78     0x7FFFFFFFu,
  79     0x80000000u,
  80     0xFFFFFFFFu,
  81   };
  82
  83   for (const SyscallSet& set : kSyscallSets) {
  84     size_t i = 0;
  85     for (uint32_t sysnum : set) {
  86       if (!SyscallSet::IsValid(sysnum)) {
  87         SANDBOX_ASSERT(i < arraysize(kExpected));
  88         SANDBOX_ASSERT(kExpected[i] == sysnum);
  89         ++i;
  90       }
  91     }
  92     SANDBOX_ASSERT(i == arraysize(kExpected));
  93   }
  94 }
  95
  96 SANDBOX_TEST(SyscallSet, ValidOnlyIsOnlyValid) {
  97   for (uint32_t sysnum : SyscallSet::ValidOnly()) {
  98     SANDBOX_ASSERT(SyscallSet::IsValid(sysnum));
  99   }
 100 }
 101
 102 SANDBOX_TEST(SyscallSet, InvalidOnlyIsOnlyInvalid) {
 103   for (uint32_t sysnum : SyscallSet::InvalidOnly()) {
 104     SANDBOX_ASSERT(!SyscallSet::IsValid(sysnum));
 105   }
 106 }
 107
 108 SANDBOX_TEST(SyscallSet, AllIsValidOnlyPlusInvalidOnly) {
 109   std::vector<uint32_t> merged;
 110   const SyscallSet valid_only = SyscallSet::ValidOnly();
 111   const SyscallSet invalid_only = SyscallSet::InvalidOnly();
 112   std::merge(valid_only.begin(),
 113              valid_only.end(),
 114              invalid_only.begin(),
 115              invalid_only.end(),
 116              std::back_inserter(merged));
 117
 118   const SyscallSet all = SyscallSet::All();
 119   SANDBOX_ASSERT(merged == std::vector<uint32_t>(all.begin(), all.end()));
 120 }
 121
 122 }  // namespace
 123
 124 }  // namespace sandbox