Home | History | Annotate | Download | only in seccomp-bpf 
      1 // Copyright 2014 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
      6 #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
      7 
      8 #include "base/basictypes.h"
      9 #include "base/memory/scoped_ptr.h"
     10 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"
     11 #include "sandbox/linux/tests/sandbox_test_runner.h"
     12 
     13 namespace sandbox {
     14 
     15 // To create a SandboxBPFTestRunner object, one needs to implement this
     16 // interface and pass an instance to the SandboxBPFTestRunner constructor.
     17 // In the child process running the test, the BPFTesterDelegate object is
     18 // guaranteed to not be destroyed until the child process terminates.
     19 class BPFTesterDelegate {
     20  public:
     21   BPFTesterDelegate() {}
     22   virtual ~BPFTesterDelegate() {}
     23 
     24   // This will instanciate a policy suitable for the test we want to run. It is
     25   // guaranteed to only be called from the child process that will run the
     26   // test.
     27   virtual scoped_ptr<SandboxBPFPolicy> GetSandboxBPFPolicy() = 0;
     28   // This will be called from a child process with the BPF sandbox turned on.
     29   virtual void RunTestFunction() = 0;
     30 
     31  private:
     32   DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate);
     33 };
     34 
     35 // This class implements the SandboxTestRunner interface and Run() will
     36 // initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and
     37 // run a test function (via |bpf_tester_delegate|) if the current kernel
     38 // configuration allows it. If it can not run the test under seccomp-bpf,
     39 // Run() will still compile the policy which should allow to get some coverage
     40 // under tools such as Valgrind.
     41 class SandboxBPFTestRunner : public SandboxTestRunner {
     42  public:
     43   // This constructor takes ownership of the |bpf_tester_delegate| object.
     44   // (It doesn't take a scoped_ptr since they make polymorphism verbose).
     45   explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate);
     46   virtual ~SandboxBPFTestRunner();
     47 
     48   virtual void Run() OVERRIDE;
     49 
     50   virtual bool ShouldCheckForLeaks() const OVERRIDE;
     51 
     52  private:
     53   scoped_ptr<BPFTesterDelegate> bpf_tester_delegate_;
     54   DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner);
     55 };
     56 
     57 }  // namespace sandbox
     58 
     59 #endif  // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_
     60