| // Copyright 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ |
| #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ |
| |
| #include "base/macros.h" |
| #include "base/memory/scoped_ptr.h" |
| #include "sandbox/linux/tests/sandbox_test_runner.h" |
| |
| namespace sandbox { |
| namespace bpf_dsl { |
| class Policy; |
| } |
| |
| // To create a SandboxBPFTestRunner object, one needs to implement this |
| // interface and pass an instance to the SandboxBPFTestRunner constructor. |
| // In the child process running the test, the BPFTesterDelegate object is |
| // guaranteed to not be destroyed until the child process terminates. |
| class BPFTesterDelegate { |
| public: |
| BPFTesterDelegate() {} |
| virtual ~BPFTesterDelegate() {} |
| |
| // This will instanciate a policy suitable for the test we want to run. It is |
| // guaranteed to only be called from the child process that will run the |
| // test. |
| virtual scoped_ptr<bpf_dsl::Policy> GetSandboxBPFPolicy() = 0; |
| // This will be called from a child process with the BPF sandbox turned on. |
| virtual void RunTestFunction() = 0; |
| |
| private: |
| DISALLOW_COPY_AND_ASSIGN(BPFTesterDelegate); |
| }; |
| |
| // This class implements the SandboxTestRunner interface and Run() will |
| // initialize a seccomp-bpf sandbox (specified by |bpf_tester_delegate|) and |
| // run a test function (via |bpf_tester_delegate|) if the current kernel |
| // configuration allows it. If it can not run the test under seccomp-bpf, |
| // Run() will still compile the policy which should allow to get some coverage |
| // under tools such as Valgrind. |
| class SandboxBPFTestRunner : public SandboxTestRunner { |
| public: |
| // This constructor takes ownership of the |bpf_tester_delegate| object. |
| // (It doesn't take a scoped_ptr since they make polymorphism verbose). |
| explicit SandboxBPFTestRunner(BPFTesterDelegate* bpf_tester_delegate); |
| virtual ~SandboxBPFTestRunner(); |
| |
| virtual void Run() override; |
| |
| virtual bool ShouldCheckForLeaks() const override; |
| |
| private: |
| scoped_ptr<BPFTesterDelegate> bpf_tester_delegate_; |
| DISALLOW_COPY_AND_ASSIGN(SandboxBPFTestRunner); |
| }; |
| |
| } // namespace sandbox |
| |
| #endif // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_TEST_RUNNER_H_ |