1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/linux/bpf_dsl/errorcode.h"
9 #include "base/macros.h"
10 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
11 #include "sandbox/linux/bpf_dsl/policy.h"
12 #include "sandbox/linux/bpf_dsl/policy_compiler.h"
13 #include "sandbox/linux/bpf_dsl/test_trap_registry.h"
14 #include "sandbox/linux/system_headers/linux_seccomp.h"
15 #include "testing/gtest/include/gtest/gtest.h"
21 class DummyPolicy
: public Policy
{
24 ~DummyPolicy() override
{}
26 ResultExpr
EvaluateSyscall(int sysno
) const override
{ return Allow(); }
29 DISALLOW_COPY_AND_ASSIGN(DummyPolicy
);
32 class ErrorCodeTest
: public ::testing::Test
{
35 : policy_(), trap_registry_(), compiler_(&policy_
, &trap_registry_
) {}
36 ~ErrorCodeTest() override
{}
39 TestTrapRegistry trap_registry_
;
40 PolicyCompiler compiler_
;
42 DISALLOW_COPY_AND_ASSIGN(ErrorCodeTest
);
45 TEST_F(ErrorCodeTest
, ErrnoConstructor
) {
47 EXPECT_EQ(SECCOMP_RET_INVALID
, e0
.err());
49 ErrorCode
e1(ErrorCode::ERR_ALLOWED
);
50 EXPECT_EQ(SECCOMP_RET_ALLOW
, e1
.err());
53 EXPECT_EQ(SECCOMP_RET_ERRNO
+ EPERM
, e2
.err());
55 ErrorCode e3
= compiler_
.Trap(NULL
, NULL
, true /* safe */);
56 EXPECT_EQ(SECCOMP_RET_TRAP
, (e3
.err() & SECCOMP_RET_ACTION
));
58 uint16_t data
= 0xdead;
59 ErrorCode
e4(ErrorCode::ERR_TRACE
+ data
);
60 EXPECT_EQ(SECCOMP_RET_TRACE
+ data
, e4
.err());
63 TEST_F(ErrorCodeTest
, InvalidSeccompRetTrace
) {
64 // Should die if the trace data does not fit in 16 bits.
65 ASSERT_DEATH(ErrorCode
e(ErrorCode::ERR_TRACE
+ (1 << 16)),
66 "Invalid use of ErrorCode object");
69 TEST_F(ErrorCodeTest
, Trap
) {
70 ErrorCode e0
= compiler_
.Trap(NULL
, "a", true /* safe */);
71 ErrorCode e1
= compiler_
.Trap(NULL
, "b", true /* safe */);
72 EXPECT_EQ((e0
.err() & SECCOMP_RET_DATA
) + 1, e1
.err() & SECCOMP_RET_DATA
);
74 ErrorCode e2
= compiler_
.Trap(NULL
, "a", true /* safe */);
75 EXPECT_EQ(e0
.err() & SECCOMP_RET_DATA
, e2
.err() & SECCOMP_RET_DATA
);
78 TEST_F(ErrorCodeTest
, Equals
) {
79 ErrorCode
e1(ErrorCode::ERR_ALLOWED
);
80 ErrorCode
e2(ErrorCode::ERR_ALLOWED
);
81 EXPECT_TRUE(e1
.Equals(e1
));
82 EXPECT_TRUE(e1
.Equals(e2
));
83 EXPECT_TRUE(e2
.Equals(e1
));
86 EXPECT_FALSE(e1
.Equals(e3
));
88 ErrorCode e4
= compiler_
.Trap(NULL
, "a", true /* safe */);
89 ErrorCode e5
= compiler_
.Trap(NULL
, "b", true /* safe */);
90 ErrorCode e6
= compiler_
.Trap(NULL
, "a", true /* safe */);
91 EXPECT_FALSE(e1
.Equals(e4
));
92 EXPECT_FALSE(e3
.Equals(e4
));
93 EXPECT_FALSE(e5
.Equals(e4
));
94 EXPECT_TRUE(e6
.Equals(e4
));
97 TEST_F(ErrorCodeTest
, LessThan
) {
98 ErrorCode
e1(ErrorCode::ERR_ALLOWED
);
99 ErrorCode
e2(ErrorCode::ERR_ALLOWED
);
100 EXPECT_FALSE(e1
.LessThan(e1
));
101 EXPECT_FALSE(e1
.LessThan(e2
));
102 EXPECT_FALSE(e2
.LessThan(e1
));
105 EXPECT_FALSE(e1
.LessThan(e3
));
106 EXPECT_TRUE(e3
.LessThan(e1
));
108 ErrorCode e4
= compiler_
.Trap(NULL
, "a", true /* safe */);
109 ErrorCode e5
= compiler_
.Trap(NULL
, "b", true /* safe */);
110 ErrorCode e6
= compiler_
.Trap(NULL
, "a", true /* safe */);
111 EXPECT_TRUE(e1
.LessThan(e4
));
112 EXPECT_TRUE(e3
.LessThan(e4
));
113 EXPECT_TRUE(e4
.LessThan(e5
));
114 EXPECT_FALSE(e4
.LessThan(e6
));
115 EXPECT_FALSE(e6
.LessThan(e4
));
119 } // namespace bpf_dsl
120 } // namespace sandbox