Non-SFI NaCl: Clean up seccomp for syscalls which return EPERM

- getegid, geteuid, getgid, and getuid now return EPERM instead of raising SIGSYS. This simplifies the test code. - Define a macro for sandbox tests for syscalls which return EPERM to reduce the size of not interesting test cases. - Pass five zeros after syscall number to syscall() so that tests will not be flaky due to uninitialized values on stack. BUG=359285 TEST=nacl_loader_unittests, trybots Review URL: https://codereview.chromium.org/248633004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266317 0039d316-1c4b-4281-b951-d872f2087c98

Non-SFI NaCl: Clean up seccomp for syscalls which return EPERM
- getegid, geteuid, getgid, and getuid now return EPERM instead of raising SIGSYS. This simplifies the test code. - Define a macro for sandbox tests for syscalls which return EPERM to reduce the size of not interesting test cases. - Pass five zeros after syscall number to syscall() so that tests will not be flaky due to uninitialized values on stack. BUG=359285 TEST=nacl_loader_unittests, trybots Review URL: https://codereview.chromium.org/248633004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266317 0039d316-1c4b-4281-b951-d872f2087c98
0a4b8695 · hamaji@chromium.org · 4ddd37d8 · 0a4b8695 · 0a4b8695 · 0a4b8695
Commit 0a4b8695 authored Apr 26, 2014 by hamaji@chromium.org
3 changed files
--- a/components/nacl/loader/nonsfi/nonsfi_sandbox.cc
+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox.cc
@@ -154,12 +154,11 @@ bool IsGracefullyDenied(int sysno) {
    case __NR_geteuid32:
    case __NR_getgid32:
    case __NR_getuid32:
-#elif defined(__x86_64__)
+#endif
    case __NR_getegid:
    case __NR_geteuid:
    case __NR_getgid:
    case __NR_getuid:
-#endif
    // tcmalloc calls madvise in TCMalloc_SystemRelease.
    case __NR_madvise:
    // EPERM instead of SIGSYS as glibc tries to open files in /proc.

--- a/components/nacl/loader/nonsfi/nonsfi_sandbox_sigsys_unittest.cc
+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox_sigsys_unittest.cc
@@ -22,7 +22,7 @@ namespace {
      NaClNonSfiSandboxSIGSYSTest, name,                                \
      DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),         \
      nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {  \
-    syscall(sysno, 0, 0, 0, 0, 0);                                      \
+    syscall(sysno, 0, 0, 0, 0, 0, 0);                                   \
  }
 #define RESTRICT_SYSCALL_DEATH_TEST(name)               \

--- a/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
@@ -345,132 +345,34 @@ BPF_TEST(NaClNonSfiSandboxTest, brk,
  BPF_ASSERT_EQ(ENOMEM, errno);
 }
-BPF_TEST(NaClNonSfiSandboxTest, epoll_create_EPERM,
+// The following test cases check if syscalls return EPERM regardless
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
+// of arguments.
-  errno = 0;
+#define RESTRICT_SYSCALL_EPERM_TEST(name)                               \
-  BPF_ASSERT_EQ(-1, syscall(__NR_epoll_create));
+  BPF_TEST(                                                             \
-  BPF_ASSERT_EQ(EPERM, errno);
+      NaClNonSfiSandboxTest, name ## _EPERM,                            \
-}
+      nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {  \
+    errno = 0;                                                          \
+    BPF_ASSERT_EQ(-1, syscall(__NR_ ## name, 0, 0, 0, 0, 0, 0));        \
+    BPF_ASSERT_EQ(EPERM, errno);                                        \
+  }
+RESTRICT_SYSCALL_EPERM_TEST(epoll_create);
 #if defined(__i386__) || defined(__arm__)
-BPF_TEST(NaClNonSfiSandboxTest, getegid32_EPERM,
+RESTRICT_SYSCALL_EPERM_TEST(getegid32);
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
+RESTRICT_SYSCALL_EPERM_TEST(geteuid32);
-  errno = 0;
+RESTRICT_SYSCALL_EPERM_TEST(getgid32);
-  BPF_ASSERT_EQ(-1, syscall(__NR_getegid32));
+RESTRICT_SYSCALL_EPERM_TEST(getuid32);
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, geteuid32_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_geteuid32));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, getgid32_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_getgid32));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, getuid32_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_getuid32));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_DEATH_TEST(NaClNonSfiSandboxTest, getegid_SIGSYS,
-               DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),
-               nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  syscall(__NR_getegid);
-}
-BPF_DEATH_TEST(NaClNonSfiSandboxTest, geteuid_SIGSYS,
-               DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),
-               nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  syscall(__NR_geteuid);
-}
-BPF_DEATH_TEST(NaClNonSfiSandboxTest, getgid_SIGSYS,
-               DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),
-               nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  syscall(__NR_getgid);
-}
-BPF_DEATH_TEST(NaClNonSfiSandboxTest, getuid_SIGSYS,
-               DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),
-               nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  syscall(__NR_getuid);
-}
-#endif
-#if defined(__x86_64__)
-BPF_TEST(NaClNonSfiSandboxTest, getegid_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_getegid));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, geteuid_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_geteuid));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, getgid_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_getgid));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, getuid_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_getuid));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
 #endif
+RESTRICT_SYSCALL_EPERM_TEST(getegid);
-BPF_TEST(NaClNonSfiSandboxTest, madvise_EPERM,
+RESTRICT_SYSCALL_EPERM_TEST(geteuid);
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
+RESTRICT_SYSCALL_EPERM_TEST(getgid);
-  errno = 0;
+RESTRICT_SYSCALL_EPERM_TEST(getuid);
-  BPF_ASSERT_EQ(-1, syscall(__NR_madvise));
+RESTRICT_SYSCALL_EPERM_TEST(madvise);
-  BPF_ASSERT_EQ(EPERM, errno);
+RESTRICT_SYSCALL_EPERM_TEST(open);
-}
+RESTRICT_SYSCALL_EPERM_TEST(ptrace);
+RESTRICT_SYSCALL_EPERM_TEST(set_robust_list);
-BPF_TEST(NaClNonSfiSandboxTest, open_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_open));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, ptrace_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_ptrace));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
-BPF_TEST(NaClNonSfiSandboxTest, set_robust_list_EPERM,
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_set_robust_list));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
 #if defined(__i386__) || defined(__x86_64__)
-BPF_TEST(NaClNonSfiSandboxTest, time_EPERM,
+RESTRICT_SYSCALL_EPERM_TEST(time);
-         nacl::nonsfi::NaClNonSfiBPFSandboxPolicy::EvaluateSyscallImpl) {
-  errno = 0;
-  BPF_ASSERT_EQ(-1, syscall(__NR_time));
-  BPF_ASSERT_EQ(EPERM, errno);
-}
 #endif
 }  // namespace