diff options
Diffstat (limited to 'chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc')
-rw-r--r-- | chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc b/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc index f0392b1a002..ca812d8a1ed 100644 --- a/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc +++ b/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc @@ -168,6 +168,21 @@ BPF_TEST_C(BaselinePolicy, Socketpair, BaselinePolicy) { TestPipeOrSocketPair(base::ScopedFD(sv[0]), base::ScopedFD(sv[1])); } +#if !defined(GRND_NONBLOCK) +#define GRND_NONBLOCK 1 +#endif + +BPF_TEST_C(BaselinePolicy, GetRandom, BaselinePolicy) { + char buf[1]; + + // Many systems do not yet support getrandom(2) so ENOSYS is a valid result + // here. + int ret = HANDLE_EINTR(syscall(__NR_getrandom, buf, sizeof(buf), 0)); + BPF_ASSERT((ret == -1 && errno == ENOSYS) || ret == 1); + ret = HANDLE_EINTR(syscall(__NR_getrandom, buf, sizeof(buf), GRND_NONBLOCK)); + BPF_ASSERT((ret == -1 && (errno == ENOSYS || errno == EAGAIN)) || ret == 1); +} + // Not all architectures can restrict the domain for socketpair(). #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) BPF_DEATH_TEST_C(BaselinePolicy, @@ -349,6 +364,17 @@ BPF_DEATH_TEST_C(BaselinePolicy, clock_gettime(CLOCK_MONOTONIC_RAW, &ts); } +#if !defined(GRND_RANDOM) +#define GRND_RANDOM 2 +#endif + +BPF_DEATH_TEST_C(BaselinePolicy, + GetRandomOfDevRandomCrashes, + DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()), + BaselinePolicy) { + syscall(__NR_getrandom, NULL, 0, GRND_RANDOM); +} + #if !defined(__i386__) BPF_DEATH_TEST_C(BaselinePolicy, GetSockOptWrongLevelSigsys, |