// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "sandbox/linux/services/credentials.h" #include <errno.h> #include <fcntl.h> #include <limits.h> #include <pthread.h> #include <signal.h> #include <stdio.h> #include <sys/capability.h> #include <sys/stat.h> #include <sys/types.h> #include <unistd.h> #include <memory> #include <vector> #include "base/check_op.h" #include "base/files/file_path.h" #include "base/files/file_util.h" #include "base/files/scoped_file.h" #include "sandbox/linux/services/proc_util.h" #include "sandbox/linux/services/syscall_wrappers.h" #include "sandbox/linux/system_headers/capability.h" #include "sandbox/linux/tests/unit_tests.h" #include "testing/gtest/include/gtest/gtest.h" namespace sandbox { namespace { struct CapFreeDeleter { … }; // Wrapper to manage libcap2's cap_t type. ScopedCap; bool WorkingDirectoryIsRoot() { … } SANDBOX_TEST(Credentials, DropAllCaps) { … SANDBOX_TEST(Credentials, MoveToNewUserNS) { … } SANDBOX_TEST(Credentials, CanCreateProcessInNewUserNS) { … } SANDBOX_TEST(Credentials, UidIsPreserved) { … } bool NewUserNSCycle() { … } SANDBOX_TEST(Credentials, NestedUserNS) { … } // Test the WorkingDirectoryIsRoot() helper. SANDBOX_TEST(Credentials, CanDetectRoot) { … // Disabled on ASAN because of crbug.com/451603. // Disabled on MSAN due to crbug.com/1180105 SANDBOX_TEST_ALLOW_NOISE(Credentials, DISABLE_ON_SANITIZERS(DropFileSystemAccessIsSafe)) { … // Check that after dropping filesystem access and dropping privileges // it is not possible to regain capabilities. // Disabled on MSAN due to crbug.com/1180105 SANDBOX_TEST(Credentials, DISABLE_ON_SANITIZERS(CannotRegainPrivileges)) { … } SANDBOX_TEST(Credentials, SetCapabilities) { … } SANDBOX_TEST(Credentials, SetCapabilitiesAndChroot) { … } SANDBOX_TEST(Credentials, SetCapabilitiesMatchesLibCap2) { … } volatile sig_atomic_t signal_handler_called; void SignalHandler(int sig) { … } // glibc (and some other libcs) caches the PID and TID in TLS. This test // verifies that these values are correct after DropFilesystemAccess. // Disabled on ASAN because of crbug.com/451603. // Disabled on MSAN due to crbug.com/1180105 SANDBOX_TEST(Credentials, DISABLE_ON_SANITIZERS(DropFileSystemAccessPreservesTLS)) { … } } // namespace. } // namespace sandbox.
Codebase Browser
chromium