1010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 2010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// found in the LICENSE file. 4010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 5010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ 6010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ 7010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 81320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci#include "base/macros.h" 9010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 10010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" 11010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "sandbox/linux/tests/sandbox_test_runner.h" 12010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 13010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)namespace sandbox { 14010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 15010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// To create a SandboxBPFTestRunner object, one needs to implement this 16010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// interface and pass an instance to the SandboxBPFTestRunner constructor. 17010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// In the child process running the test, the BPFTesterDelegate object is 18010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// guaranteed to not be destroyed until the child process terminates. 19010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)class BPFTesterDelegate { 20010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) public: 21010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) BPFTesterDelegate() {} 22010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) virtual ~BPFTesterDelegate() {} 23010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 24010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) // This will instanciate a policy suitable for the test we want to run. It is 25010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) // guaranteed to only be called from the child process that will run the 26010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) // test. 27010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() = 0; 28010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) // This will be called from a child process with the BPF sandbox turned on. 29010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) virtual void RunTestFunction() = 0; 30010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 31010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) private: 32010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate); 33010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)}; 34010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 35010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// This class implements the SandboxTestRunner interface and Run() will 36010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and 37010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// run a test function (via |bpf_tester_delegate|) if the current kernel 38010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// configuration allows it. If it can not run the test under seccomp-bpf, 39010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// Run() will still compile the policy which should allow to get some coverage 40010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)// under tools such as Valgrind. 41010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)class SandboxBPFTestRunner : public SandboxTestRunner { 42010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) public: 43010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) // This constructor takes ownership of the |bpf_tester_delegate| object. 44010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) // (It doesn't take a scoped_ptr since they make polymorphism verbose). 45010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate); 46010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) virtual ~SandboxBPFTestRunner(); 47010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 48010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) virtual void Run() OVERRIDE; 49010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 50cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) virtual bool ShouldCheckForLeaks() const OVERRIDE; 51cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 52010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) private: 53010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) scoped_ptr<BPFTesterDelegate> bpf_tester_delegate_; 54010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner); 55010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)}; 56010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 57010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)} // namespace sandbox 58010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 59010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#endif // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ 60