sandboxed-api/sandboxed_api/sandbox2/testcases/policy.cc
Christian Blichmann dbaf95c724 Move utility code into sandboxed_api/util
This change should make it less confusing where utility code comes from.
Having it in two places made sense when we were debating whether to publish
Sandbox2 separately, but not any longer.

Follow-up changes will move `sandbox2/util.h` and rename the remaining
`sandbox2/util` folder.

PiperOrigin-RevId: 351601640
Change-Id: I6256845261f610e590c25e2c59851cc51da2d778
2021-01-13 09:25:52 -08:00

138 lines
3.2 KiB
C++

// Copyright 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// A binary that tries x86_64 compat syscalls, ptrace and clone untraced.
#include <sched.h>
#include <sys/ptrace.h>
#include <syscall.h>
#include <unistd.h>
#include <cerrno>
#include <cstdint>
#include <cstdio>
#include <cstdlib>
#include "sandboxed_api/config.h"
#ifdef SAPI_X86_64
void TestAMD64SyscallMismatch() {
int64_t result;
// exit() is allowed, but not if called via 32-bit syscall.
asm("movq $1, %%rax\n" // __NR_exit: 1 in 32-bit (60 in 64-bit)
"movq $42, %%rbx\n" // int error_code: 42
"int $0x80\n"
"movq %%rax, %0\n"
: "=r"(result)
:
: "rax", "rbx");
exit(-result);
}
void TestAMD64SyscallMismatchFs() {
int64_t result;
char filename[] = "/etc/passwd";
// access("/etc/passwd") is allowed, but not if called via 32-bit syscall.
asm("movq $33, %%rax\n" // __NR_access: 33 in 32-bit (21 in 64-bit)
"movq %1, %%rbx\n" // const char* filename: /etc/passwd
"movq $0, %%rcx\n" // int mode: F_OK (0), test for existence
"int $0x80\n"
"movq %%rax, %0\n"
: "=r"(result)
: "g"(filename)
: "rax", "rbx", "rcx");
exit(-result);
}
#endif
void TestPtrace() {
ptrace(PTRACE_SEIZE, getppid(), 0, 0);
printf("Syscall violation should have been discovered by now\n");
exit(EXIT_FAILURE);
}
void TestCloneUntraced() {
syscall(__NR_clone, static_cast<uintptr_t>(CLONE_UNTRACED), nullptr, nullptr,
nullptr, static_cast<uintptr_t>(0));
printf("Syscall violation should have been discovered by now\n");
exit(EXIT_FAILURE);
}
void TestBpf() {
syscall(__NR_bpf, 0, nullptr, 0);
printf("Syscall violation should have been discovered by now\n");
exit(EXIT_FAILURE);
}
void TestBpfError() {
exit(syscall(__NR_bpf, 0, nullptr, 0) == -1 ? errno : 0);
}
void TestIsatty() {
isatty(0);
printf("Syscall violation should have been discovered by now\n");
exit(EXIT_FAILURE);
}
int main(int argc, char** argv) {
// Disable buffering.
setbuf(stdin, nullptr);
setbuf(stdout, nullptr);
setbuf(stderr, nullptr);
if (argc < 2) {
printf("argc < 3\n");
return EXIT_FAILURE;
}
int testno = atoi(argv[1]); // NOLINT
switch (testno) {
#ifdef SAPI_X86_64
case 1:
TestAMD64SyscallMismatch();
break;
case 2:
TestAMD64SyscallMismatchFs();
break;
#endif
case 3:
TestPtrace();
break;
case 4:
TestCloneUntraced();
break;
case 5:
TestBpf();
break;
case 6:
TestIsatty();
break;
case 7:
TestBpfError();
break;
default:
printf("Unknown test: %d\n", testno);
return EXIT_FAILURE;
}
printf("OK: All tests went OK\n");
return EXIT_SUCCESS;
}