Permission message rules: Each rule must have >= 1 required permissions
[chromium-blink-merge.git] / sandbox / linux / seccomp-bpf / bpf_tests.h
blobcc4debd4c30b1bdc64b841bea77a1d136fc7b223
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_BPF_TESTS_H__
6 #define SANDBOX_LINUX_SECCOMP_BPF_BPF_TESTS_H__
8 #include "base/logging.h"
9 #include "base/macros.h"
10 #include "build/build_config.h"
11 #include "sandbox/linux/seccomp-bpf/bpf_tester_compatibility_delegate.h"
12 #include "sandbox/linux/tests/unit_tests.h"
14 namespace sandbox {
16 // BPF_TEST_C() is a special version of SANDBOX_TEST(). It runs a test function
17 // in a sub-process, under a seccomp-bpf policy specified in
18 // |bpf_policy_class_name| without failing on configurations that are allowed
19 // to not support seccomp-bpf in their kernels.
20 // This is the preferred format for new BPF tests. |bpf_policy_class_name| is a
21 // class name (which will be default-constructed) that implements the
22 // Policy interface.
23 // The test function's body can simply follow. Test functions should use
24 // the BPF_ASSERT macros defined below, not GTEST's macros. The use of
25 // CHECK* macros is supported but less robust.
26 #define BPF_TEST_C(test_case_name, test_name, bpf_policy_class_name) \
27 BPF_DEATH_TEST_C( \
28 test_case_name, test_name, DEATH_SUCCESS(), bpf_policy_class_name)
30 // Identical to BPF_TEST_C but allows to specify the nature of death.
31 #define BPF_DEATH_TEST_C( \
32 test_case_name, test_name, death, bpf_policy_class_name) \
33 void BPF_TEST_C_##test_name(); \
34 TEST(test_case_name, DISABLE_ON_TSAN(test_name)) { \
35 sandbox::SandboxBPFTestRunner bpf_test_runner( \
36 new sandbox::BPFTesterSimpleDelegate<bpf_policy_class_name>( \
37 BPF_TEST_C_##test_name)); \
38 sandbox::UnitTests::RunTestInProcess(&bpf_test_runner, death); \
39 } \
40 void BPF_TEST_C_##test_name()
42 // This form of BPF_TEST is a little verbose and should be reserved for complex
43 // tests where a lot of control is required.
44 // |bpf_tester_delegate_class| must be a classname implementing the
45 // BPFTesterDelegate interface.
46 #define BPF_TEST_D(test_case_name, test_name, bpf_tester_delegate_class) \
47 BPF_DEATH_TEST_D( \
48 test_case_name, test_name, DEATH_SUCCESS(), bpf_tester_delegate_class)
50 // Identical to BPF_TEST_D but allows to specify the nature of death.
51 #define BPF_DEATH_TEST_D( \
52 test_case_name, test_name, death, bpf_tester_delegate_class) \
53 TEST(test_case_name, DISABLE_ON_TSAN(test_name)) { \
54 sandbox::SandboxBPFTestRunner bpf_test_runner( \
55 new bpf_tester_delegate_class()); \
56 sandbox::UnitTests::RunTestInProcess(&bpf_test_runner, death); \
59 // Assertions are handled exactly the same as with a normal SANDBOX_TEST()
60 #define BPF_ASSERT SANDBOX_ASSERT
61 #define BPF_ASSERT_EQ(x, y) BPF_ASSERT((x) == (y))
62 #define BPF_ASSERT_NE(x, y) BPF_ASSERT((x) != (y))
63 #define BPF_ASSERT_LT(x, y) BPF_ASSERT((x) < (y))
64 #define BPF_ASSERT_GT(x, y) BPF_ASSERT((x) > (y))
65 #define BPF_ASSERT_LE(x, y) BPF_ASSERT((x) <= (y))
66 #define BPF_ASSERT_GE(x, y) BPF_ASSERT((x) >= (y))
68 // This form of BPF_TEST is now discouraged (but still allowed) in favor of
69 // BPF_TEST_D and BPF_TEST_C.
70 // The |policy| parameter should be a Policy subclass.
71 // BPF_TEST() takes a C++ data type as an fourth parameter. A variable
72 // of this type will be allocated and a pointer to it will be
73 // available within the test function as "BPF_AUX". The pointer will
74 // also be passed as an argument to the policy's constructor. Policies
75 // would typically use it as an argument to SandboxBPF::Trap(), if
76 // they want to communicate data between the BPF_TEST() and a Trap()
77 // function. The life-time of this object is the same as the life-time
78 // of the process running under the seccomp-bpf policy.
79 // |aux| must not be void.
80 #define BPF_TEST(test_case_name, test_name, policy, aux) \
81 BPF_DEATH_TEST(test_case_name, test_name, DEATH_SUCCESS(), policy, aux)
83 // A BPF_DEATH_TEST is just the same as a BPF_TEST, but it assumes that the
84 // test will fail with a particular known error condition. Use the DEATH_XXX()
85 // macros from unit_tests.h to specify the expected error condition.
86 #define BPF_DEATH_TEST(test_case_name, test_name, death, policy, aux) \
87 void BPF_TEST_##test_name(aux* BPF_AUX); \
88 TEST(test_case_name, DISABLE_ON_TSAN(test_name)) { \
89 sandbox::SandboxBPFTestRunner bpf_test_runner( \
90 new sandbox::BPFTesterCompatibilityDelegate<policy, aux>( \
91 BPF_TEST_##test_name)); \
92 sandbox::UnitTests::RunTestInProcess(&bpf_test_runner, death); \
93 } \
94 void BPF_TEST_##test_name(aux* BPF_AUX)
96 // This class takes a simple function pointer as a constructor parameter and a
97 // class name as a template parameter to implement the BPFTesterDelegate
98 // interface which can be used to build BPF unittests with
99 // the SandboxBPFTestRunner class.
100 template <class PolicyClass>
101 class BPFTesterSimpleDelegate : public BPFTesterDelegate {
102 public:
103 explicit BPFTesterSimpleDelegate(void (*test_function)(void))
104 : test_function_(test_function) {}
105 ~BPFTesterSimpleDelegate() override {}
107 scoped_ptr<bpf_dsl::Policy> GetSandboxBPFPolicy() override {
108 return scoped_ptr<bpf_dsl::Policy>(new PolicyClass());
110 void RunTestFunction() override {
111 DCHECK(test_function_);
112 test_function_();
115 private:
116 void (*test_function_)(void);
117 DISALLOW_COPY_AND_ASSIGN(BPFTesterSimpleDelegate);
120 } // namespace sandbox
122 #endif // SANDBOX_LINUX_SECCOMP_BPF_BPF_TESTS_H__