chrome/test/data/webui/sandboxstatus_browsertest.js

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 /**
   6  * TestFixture for SUID Sandbox testing.
   7  * @extends {testing.Test}
   8  * @constructor
   9  */
  10 function SandboxStatusUITest() {}
  11
  12 SandboxStatusUITest.prototype = {
  13   __proto__: testing.Test.prototype,
  14   /**
  15    * Browse to the options page & call our preLoad().
  16    */
  17   browsePreload: 'chrome://sandbox',
  18
  19 };
  20
  21 // This test is for Linux only.
  22 // PLEASE READ:
  23 // - If failures of this test are a problem on a bot under your care,
  24 //   the proper way to address such failures is to install the SUID
  25 //   sandbox. See:
  26 //     http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment
  27 // - PLEASE DO NOT GLOBALLY DISABLE THIS TEST.
  28 // SUID sandbox is currently incompatible with AddressSanitizer,
  29 // see http://crbug.com/137653.
  30 GEN('#if defined(OS_LINUX) && !defined(ADDRESS_SANITIZER)');
  31 GEN('# define MAYBE_testSUIDorNamespaceSandboxEnabled \\');
  32 GEN('     testSUIDorNamespaceSandboxEnabled');
  33 GEN('#else');
  34 GEN('# define MAYBE_testSUIDorNamespaceSandboxEnabled \\');
  35 GEN('     DISABLED_testSUIDorNamespaceSandboxEnabled');
  36 GEN('#endif');
  37
  38 /**
  39  * Test if the SUID sandbox is enabled.
  40  */
  41 TEST_F('SandboxStatusUITest',
  42        'MAYBE_testSUIDorNamespaceSandboxEnabled', function() {
  43   var namespaceyesstring = 'Namespace Sandbox\tYes';
  44   var namespacenostring = 'Namespace Sandbox\tNo';
  45   var suidyesstring = 'SUID Sandbox\tYes';
  46   var suidnostring = 'SUID Sandbox\tNo';
  47
  48   var suidyes = document.body.innerText.match(suidyesstring);
  49   var suidno = document.body.innerText.match(suidnostring);
  50   var namespaceyes = document.body.innerText.match(namespaceyesstring);
  51   var namespaceno = document.body.innerText.match(namespacenostring);
  52
  53   // Exactly one of the namespace or suid sandbox should be enabled.
  54   expectTrue(suidyes !== null || namespaceyes !== null);
  55   expectFalse(suidyes !== null && namespaceyes !== null);
  56
  57   if (namespaceyes !== null) {
  58     expectEquals(null, namespaceno);
  59     expectEquals(namespaceyesstring, namespaceyes[0]);
  60   }
  61
  62   if (suidyes !== null) {
  63     expectEquals(null, suidno);
  64     expectEquals(suidyesstring, suidyes[0]);
  65   }
  66 });
  67
  68 // The seccomp-bpf sandbox is also not compatible with ASAN.
  69 GEN('#if !defined(OS_LINUX) || defined(ADDRESS_SANITIZER)');
  70 GEN('# define MAYBE_testBPFSandboxEnabled \\');
  71 GEN('     DISABLED_testBPFSandboxEnabled');
  72 GEN('#else');
  73 GEN('# define MAYBE_testBPFSandboxEnabled \\');
  74 GEN('     testBPFSandboxEnabled');
  75 GEN('#endif');
  76
  77 /**
  78  * Test if the seccomp-bpf sandbox is enabled.
  79  */
  80 TEST_F('SandboxStatusUITest', 'MAYBE_testBPFSandboxEnabled', function() {
  81   var bpfyesstring = 'Seccomp-BPF sandbox\tYes';
  82   var bpfnostring = 'Seccomp-BPF sandbox\tNo';
  83   var bpfyes = document.body.innerText.match(bpfyesstring);
  84   var bpfno = document.body.innerText.match(bpfnostring);
  85
  86   expectEquals(null, bpfno);
  87   assertFalse(bpfyes === null);
  88   expectEquals(bpfyesstring, bpfyes[0]);
  89 });
  90
  91 /**
  92  * TestFixture for GPU Sandbox testing.
  93  * @extends {testing.Test}
  94  * @constructor
  95  */
  96 function GPUSandboxStatusUITest() {}
  97
  98 GPUSandboxStatusUITest.prototype = {
  99   __proto__: testing.Test.prototype,
 100   /**
 101    * Browse to the options page & call our preLoad().
 102    */
 103   browsePreload: 'chrome://gpu',
 104   isAsync: true,
 105 };
 106
 107 // This test is disabled because it can only pass on real hardware. We
 108 // arrange for it to run on real hardware in specific configurations
 109 // (such as Chrome OS hardware, via Autotest), then run it with
 110 // --gtest_also_run_disabled_tests on those configurations.
 111
 112 /**
 113  * Test if the GPU sandbox is enabled.
 114  */
 115 TEST_F('GPUSandboxStatusUITest', 'DISABLED_testGPUSandboxEnabled', function() {
 116   var gpuyesstring = 'Sandboxed\ttrue';
 117   var gpunostring = 'Sandboxed\tfalse';
 118
 119   var observer = new MutationObserver(function(mutations) {
 120     mutations.forEach(function(mutation) {
 121       for (var i = 0; i < mutation.addedNodes.length; i++) {
 122         // Here we can inspect each of the added nodes. We expect
 123         // to find one that contains one of the GPU status strings.
 124         var addedNode = mutation.addedNodes[i];
 125         // Check for both. If it contains neither, it's an unrelated
 126         // mutation event we don't care about. But if it contains one,
 127         // pass or fail accordingly.
 128         var gpuyes = addedNode.innerText.match(gpuyesstring);
 129         var gpuno = addedNode.innerText.match(gpunostring);
 130         if (gpuyes || gpuno) {
 131           expectEquals(null, gpuno);
 132           expectTrue(gpuyes && (gpuyes[0] == gpuyesstring));
 133           testDone();
 134         }
 135       }
 136     })
 137   });
 138   observer.observe(document.getElementById('basic-info'), {childList: true});
 139 });