1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SANDBOX_LINUX_SECCOMP_BPF_BPF_TESTS_H__
#define SANDBOX_LINUX_SECCOMP_BPF_BPF_TESTS_H__
#include "base/logging.h"
#include "base/macros.h"
#include "build/build_config.h"
#include "sandbox/linux/seccomp-bpf/bpf_tester_compatibility_delegate.h"
#include "sandbox/linux/tests/unit_tests.h"
namespace sandbox {
// BPF_TEST_C() is a special version of SANDBOX_TEST(). It runs a test function
// in a sub-process, under a seccomp-bpf policy specified in
// |bpf_policy_class_name| without failing on configurations that are allowed
// to not support seccomp-bpf in their kernels.
// This is the preferred format for new BPF tests. |bpf_policy_class_name| is a
// class name (which will be default-constructed) that implements the
// Policy interface.
// The test function's body can simply follow. Test functions should use
// the BPF_ASSERT macros defined below, not GTEST's macros. The use of
// CHECK* macros is supported but less robust.
#define BPF_TEST_C(test_case_name, test_name, bpf_policy_class_name) \
BPF_DEATH_TEST_C( \
test_case_name, test_name, DEATH_SUCCESS(), bpf_policy_class_name)
// Identical to BPF_TEST_C but allows to specify the nature of death.
#define BPF_DEATH_TEST_C( \
test_case_name, test_name, death, bpf_policy_class_name) \
void BPF_TEST_C_##test_name(); \
TEST(test_case_name, DISABLE_ON_TSAN(test_name)) { \
sandbox::SandboxBPFTestRunner bpf_test_runner( \
new sandbox::BPFTesterSimpleDelegate<bpf_policy_class_name>( \
BPF_TEST_C_##test_name)); \
sandbox::UnitTests::RunTestInProcess(&bpf_test_runner, death); \
} \
void BPF_TEST_C_##test_name()
// This form of BPF_TEST is a little verbose and should be reserved for complex
// tests where a lot of control is required.
// |bpf_tester_delegate_class| must be a classname implementing the
// BPFTesterDelegate interface.
#define BPF_TEST_D(test_case_name, test_name, bpf_tester_delegate_class) \
BPF_DEATH_TEST_D( \
test_case_name, test_name, DEATH_SUCCESS(), bpf_tester_delegate_class)
// Identical to BPF_TEST_D but allows to specify the nature of death.
#define BPF_DEATH_TEST_D( \
test_case_name, test_name, death, bpf_tester_delegate_class) \
TEST(test_case_name, DISABLE_ON_TSAN(test_name)) { \
sandbox::SandboxBPFTestRunner bpf_test_runner( \
new bpf_tester_delegate_class()); \
sandbox::UnitTests::RunTestInProcess(&bpf_test_runner, death); \
}
// Assertions are handled exactly the same as with a normal SANDBOX_TEST()
#define BPF_ASSERT SANDBOX_ASSERT
#define BPF_ASSERT_EQ(x, y) BPF_ASSERT((x) == (y))
#define BPF_ASSERT_NE(x, y) BPF_ASSERT((x) != (y))
#define BPF_ASSERT_LT(x, y) BPF_ASSERT((x) < (y))
#define BPF_ASSERT_GT(x, y) BPF_ASSERT((x) > (y))
#define BPF_ASSERT_LE(x, y) BPF_ASSERT((x) <= (y))
#define BPF_ASSERT_GE(x, y) BPF_ASSERT((x) >= (y))
// This form of BPF_TEST is now discouraged (but still allowed) in favor of
// BPF_TEST_D and BPF_TEST_C.
// The |policy| parameter should be a Policy subclass.
// BPF_TEST() takes a C++ data type as an fourth parameter. A variable
// of this type will be allocated and a pointer to it will be
// available within the test function as "BPF_AUX". The pointer will
// also be passed as an argument to the policy's constructor. Policies
// would typically use it as an argument to SandboxBPF::Trap(), if
// they want to communicate data between the BPF_TEST() and a Trap()
// function. The life-time of this object is the same as the life-time
// of the process running under the seccomp-bpf policy.
// |aux| must not be void.
#define BPF_TEST(test_case_name, test_name, policy, aux) \
BPF_DEATH_TEST(test_case_name, test_name, DEATH_SUCCESS(), policy, aux)
// A BPF_DEATH_TEST is just the same as a BPF_TEST, but it assumes that the
// test will fail with a particular known error condition. Use the DEATH_XXX()
// macros from unit_tests.h to specify the expected error condition.
#define BPF_DEATH_TEST(test_case_name, test_name, death, policy, aux) \
void BPF_TEST_##test_name(aux* BPF_AUX); \
TEST(test_case_name, DISABLE_ON_TSAN(test_name)) { \
sandbox::SandboxBPFTestRunner bpf_test_runner( \
new sandbox::BPFTesterCompatibilityDelegate<policy, aux>( \
BPF_TEST_##test_name)); \
sandbox::UnitTests::RunTestInProcess(&bpf_test_runner, death); \
} \
void BPF_TEST_##test_name(aux* BPF_AUX)
// This class takes a simple function pointer as a constructor parameter and a
// class name as a template parameter to implement the BPFTesterDelegate
// interface which can be used to build BPF unittests with
// the SandboxBPFTestRunner class.
template <class PolicyClass>
class BPFTesterSimpleDelegate : public BPFTesterDelegate {
public:
explicit BPFTesterSimpleDelegate(void (*test_function)(void))
: test_function_(test_function) {}
~BPFTesterSimpleDelegate() override {}
scoped_ptr<bpf_dsl::Policy> GetSandboxBPFPolicy() override {
return scoped_ptr<bpf_dsl::Policy>(new PolicyClass());
}
void RunTestFunction() override {
DCHECK(test_function_);
test_function_();
}
private:
void (*test_function_)(void);
DISALLOW_COPY_AND_ASSIGN(BPFTesterSimpleDelegate);
};
} // namespace sandbox
#endif // SANDBOX_LINUX_SECCOMP_BPF_BPF_TESTS_H__
|
