1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
6#define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
7
8#include "base/macros.h"
9#include "base/memory/scoped_ptr.h"
10#include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"
11#include "sandbox/linux/tests/sandbox_test_runner.h"
12
13namespace sandbox {
14
15// To create a SandboxBPFTestRunner object, one needs to implement this
16// interface and pass an instance to the SandboxBPFTestRunner constructor.
17// In the child process running the test, the BPFTesterDelegate object is
18// guaranteed to not be destroyed until the child process terminates.
19class BPFTesterDelegate {
20 public:
21  BPFTesterDelegate() {}
22  virtual ~BPFTesterDelegate() {}
23
24  // This will instanciate a policy suitable for the test we want to run. It is
25  // guaranteed to only be called from the child process that will run the
26  // test.
27  virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() = 0;
28  // This will be called from a child process with the BPF sandbox turned on.
29  virtual void RunTestFunction() = 0;
30
31 private:
32  DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate);
33};
34
35// This class implements the SandboxTestRunner interface and Run() will
36// initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and
37// run a test function (via |bpf_tester_delegate|) if the current kernel
38// configuration allows it. If it can not run the test under seccomp-bpf,
39// Run() will still compile the policy which should allow to get some coverage
40// under tools such as Valgrind.
41class SandboxBPFTestRunner : public SandboxTestRunner {
42 public:
43  // This constructor takes ownership of the |bpf_tester_delegate| object.
44  // (It doesn't take a scoped_ptr since they make polymorphism verbose).
45  explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate);
46  virtual ~SandboxBPFTestRunner();
47
48  virtual void Run() OVERRIDE;
49
50  virtual bool ShouldCheckForLeaks() const OVERRIDE;
51
52 private:
53  scoped_ptr<BPFTesterDelegate> bpf_tester_delegate_;
54  DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner);
55};
56
57}  // namespace sandbox
58
59#endif  // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
60