1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ 6#define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ 7 8#include "base/macros.h" 9#include "base/memory/scoped_ptr.h" 10#include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" 11#include "sandbox/linux/tests/sandbox_test_runner.h" 12 13namespace sandbox { 14 15// To create a SandboxBPFTestRunner object, one needs to implement this 16// interface and pass an instance to the SandboxBPFTestRunner constructor. 17// In the child process running the test, the BPFTesterDelegate object is 18// guaranteed to not be destroyed until the child process terminates. 19class BPFTesterDelegate { 20 public: 21 BPFTesterDelegate() {} 22 virtual ~BPFTesterDelegate() {} 23 24 // This will instanciate a policy suitable for the test we want to run. It is 25 // guaranteed to only be called from the child process that will run the 26 // test. 27 virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() = 0; 28 // This will be called from a child process with the BPF sandbox turned on. 29 virtual void RunTestFunction() = 0; 30 31 private: 32 DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate); 33}; 34 35// This class implements the SandboxTestRunner interface and Run() will 36// initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and 37// run a test function (via |bpf_tester_delegate|) if the current kernel 38// configuration allows it. If it can not run the test under seccomp-bpf, 39// Run() will still compile the policy which should allow to get some coverage 40// under tools such as Valgrind. 41class SandboxBPFTestRunner : public SandboxTestRunner { 42 public: 43 // This constructor takes ownership of the |bpf_tester_delegate| object. 44 // (It doesn't take a scoped_ptr since they make polymorphism verbose). 45 explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate); 46 virtual ~SandboxBPFTestRunner(); 47 48 virtual void Run() OVERRIDE; 49 50 virtual bool ShouldCheckForLeaks() const OVERRIDE; 51 52 private: 53 scoped_ptr<BPFTesterDelegate> bpf_tester_delegate_; 54 DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner); 55}; 56 57} // namespace sandbox 58 59#endif // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ 60