1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #include <android/log.h> 18 #include <jni.h> 19 #include <string.h> 20 #include <time.h> 21 #include <unistd.h> 22 23 #if defined(ARCH_SUPPORTS_SECCOMP) 24 #include <libminijail.h> 25 #include <seccomp_bpf_tests.h> 26 #endif 27 28 jboolean android_security_cts_SeccompBpfTest_runKernelUnitTest( 29 JNIEnv* env, jobject thiz __unused, jstring name) { 30 #if defined(ARCH_SUPPORTS_SECCOMP) 31 const char* nameStr = env->GetStringUTFChars(name, nullptr); 32 return run_seccomp_test(nameStr); 33 #endif // ARCH_SUPPORTS_SECCOMP 34 35 return false; 36 } 37 38 jboolean android_security_cts_SeccompBpfTest_nativeInstallTestFilter( 39 JNIEnv*, jclass, jint policyFd) { 40 #if !defined(ARCH_SUPPORTS_SECCOMP) 41 return false; 42 #else 43 minijail* j = minijail_new(); 44 minijail_no_new_privs(j); 45 minijail_use_seccomp_filter(j); 46 minijail_set_seccomp_filter_tsync(j); 47 minijail_parse_seccomp_filters_from_fd(j, policyFd); 48 minijail_enter(j); 49 minijail_destroy(j); 50 51 close(policyFd); 52 return true; 53 #endif 54 } 55 56 jstring android_security_cts_SeccompBpfTest_getPolicyAbiString(JNIEnv* env, jclass) { 57 const char* string; 58 #if defined(__arm__) 59 string = "arm"; 60 #elif defined(__aarch64__) 61 string = "arm64"; 62 #elif defined(__i386__) 63 string = "i386"; 64 #elif defined(__x86_64__) 65 string = "x86-64"; 66 #else 67 return nullptr; 68 #endif 69 return env->NewStringUTF(string); 70 } 71 72 jint android_security_cts_SeccompBpfTest_getClockBootTime(JNIEnv*, jclass) { 73 struct timespec ts; 74 int rv = clock_gettime(CLOCK_BOOTTIME_ALARM, &ts); 75 return rv; 76 } 77 78 static JNINativeMethod methods[] = { 79 { "runKernelUnitTest", "(Ljava/lang/String;)Z", 80 (void*)android_security_cts_SeccompBpfTest_runKernelUnitTest }, 81 { "nativeInstallTestFilter", "(I)Z", 82 (void*)android_security_cts_SeccompBpfTest_nativeInstallTestFilter }, 83 { "getPolicyAbiString", "()Ljava/lang/String;", 84 (void*)android_security_cts_SeccompBpfTest_getPolicyAbiString }, 85 { "getClockBootTime", "()I", 86 (void*)android_security_cts_SeccompBpfTest_getClockBootTime }, 87 }; 88 89 int register_android_os_cts_SeccompTest(JNIEnv* env) { 90 jclass clazz = env->FindClass("android/os/cts/SeccompTest"); 91 return env->RegisterNatives(clazz, methods, sizeof(methods) / sizeof(JNINativeMethod)); 92 } 93