2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include <sys/types.h>
23 #include <access_provider.h>
24 #include <dpl/test/test_runner.h>
26 #include <passwd_access.h>
28 #include <sm_commons.h>
29 #include <sm_request.h>
30 #include <synchronization_pipe.h>
31 #include <tests_common.h>
32 #include <tzplatform.h>
35 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_CREDENTIAL_API)
37 using namespace SecurityManagerTest;
39 class ProcessCredentials {
41 ProcessCredentials(const std::string &smackLabel) : m_label(smackLabel) {}
43 const std::string &label(void) const {
47 uid_t uid(void) const {
48 return TzPlatformConfig::getGlobalUserId();
51 gid_t gid(void) const {
52 return PasswdAccess::gid("users");
59 void udsServer(SynchronizationPipe &pipe, const struct sockaddr_un &sockaddr,
60 const struct ProcessCredentials &peerCredentials) {
61 SecurityServer::AccessProvider ap(peerCredentials.label());
62 ap.applyAndSwithToUser(peerCredentials.uid(), peerCredentials.gid());
65 int sock = UDSHelpers::createServer(&sockaddr);
66 SockUniquePtr sockPtr(&sock);
68 int clientSock = UDSHelpers::acceptClient(sock);
70 UDSHelpers::waitForDisconnect(clientSock);
73 typedef std::function<void(int sock, pid_t pid)> SocketAssertionFn;
75 void clientTestTemplate(SocketAssertionFn assertion, const std::string &scope, const std::string &smackLabel) {
76 const auto sockaddr = UDSHelpers::makeAbstractAddress("test_sm_" + scope + ".socket");
77 const ProcessCredentials peerCredentials(smackLabel);
79 SynchronizationPipe pipe;
81 pid_t pid = runInChild(std::bind(udsServer, std::ref(pipe), std::cref(sockaddr),
82 std::cref(peerCredentials)));
86 int sock = UDSHelpers::createClient(&sockaddr);
87 SockUniquePtr sockPtr(&sock);
92 RUNNER_CHILD_TEST(security_manager_51a_get_id_by_socket)
94 const char *const sm_app_id = "sm_test_51a_app";
95 const char *const sm_pkg_id = "sm_test_51a_pkg";
97 InstallRequest requestInst;
98 requestInst.setAppId(sm_app_id);
99 requestInst.setPkgId(sm_pkg_id);
101 Api::install(requestInst);
103 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
105 clientTestTemplate([&] (int sock, pid_t) {
106 std::string rcvPkgId, rcvAppId;
107 Api::getPkgIdBySocket(sock, &rcvPkgId, &rcvAppId);
108 RUNNER_ASSERT_MSG(rcvPkgId == sm_pkg_id, "pkgIds don't match ret = " << rcvPkgId
109 << "; expected = " << sm_pkg_id);
110 RUNNER_ASSERT_MSG(rcvAppId == sm_app_id, "appIds don't match ret = " << rcvAppId
111 << "; expected = " << sm_app_id);
112 }, "tcsm27a", smackLabel);
114 InstallRequest requestUninst;
115 requestUninst.setAppId(sm_app_id);
117 Api::uninstall(requestUninst);
120 RUNNER_CHILD_TEST(security_manager_51b_get_id_by_socket)
122 const char *const sm_app_id = "sm_test_51b_app";
123 const char *const sm_pkg_id = "sm_test_51b_pkg";
125 InstallRequest requestInst;
126 requestInst.setAppId(sm_app_id);
127 requestInst.setPkgId(sm_pkg_id);
129 Api::install(requestInst);
131 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
133 clientTestTemplate([&] (int sock, pid_t) {
134 std::string rcvPkgId, rcvAppId;
135 Api::getPkgIdBySocket(sock + 1, &rcvPkgId, &rcvAppId, SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
136 }, "tcsm27b", smackLabel);
138 InstallRequest requestUninst;
139 requestUninst.setAppId(sm_app_id);
141 Api::uninstall(requestUninst);
144 RUNNER_CHILD_TEST(security_manager_51c_get_id_by_socket)
146 const char *const sm_app_id = "sm_test_51c_app";
147 const char *const sm_pkg_id = "sm_test_51c_pkg";
149 InstallRequest requestInst;
150 requestInst.setAppId(sm_app_id);
151 requestInst.setPkgId(sm_pkg_id);
153 Api::install(requestInst);
155 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
157 clientTestTemplate([&] (int sock, pid_t) {
158 std::string rcvPkgId;
159 Api::getPkgIdBySocket(sock, &rcvPkgId, nullptr);
160 RUNNER_ASSERT_MSG(rcvPkgId == sm_pkg_id, "pkgIds don't match ret = " << rcvPkgId
161 << "; expected = " << sm_pkg_id);
162 }, "tcsm27c", smackLabel);
164 InstallRequest requestUninst;
165 requestUninst.setAppId(sm_app_id);
167 Api::uninstall(requestUninst);
170 RUNNER_CHILD_TEST(security_manager_51d_get_id_by_socket)
172 const char *const sm_app_id = "sm_test_51d_app";
173 const char *const sm_pkg_id = "sm_test_51d_pkg";
175 InstallRequest requestInst;
176 requestInst.setAppId(sm_app_id);
177 requestInst.setPkgId(sm_pkg_id);
179 Api::install(requestInst);
181 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
183 clientTestTemplate([&] (int sock, pid_t) {
184 std::string rcvAppId;
185 Api::getPkgIdBySocket(sock, nullptr, &rcvAppId);
186 RUNNER_ASSERT_MSG(rcvAppId == sm_app_id, "appIds don't match ret = " << rcvAppId
187 << "; expected = " << sm_app_id);
188 }, "tcsm27d", smackLabel);
190 InstallRequest requestUninst;
191 requestUninst.setAppId(sm_app_id);
193 Api::uninstall(requestUninst);
196 RUNNER_CHILD_TEST(security_manager_51e_get_id_by_socket)
198 const char *const sm_app_id = "sm_test_51e_app";
199 const char *const sm_pkg_id = "sm_test_51e_pkg";
201 InstallRequest requestInst;
202 requestInst.setAppId(sm_app_id);
203 requestInst.setPkgId(sm_pkg_id);
205 Api::install(requestInst);
207 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
209 clientTestTemplate([&] (int sock, pid_t) {
210 Api::getPkgIdBySocket(sock, nullptr, nullptr, SECURITY_MANAGER_ERROR_INPUT_PARAM);
211 }, "tcsm27e", smackLabel);
213 InstallRequest requestUninst;
214 requestUninst.setAppId(sm_app_id);
216 Api::uninstall(requestUninst);
219 RUNNER_CHILD_TEST(security_manager_52a_get_id_by_pid)
221 const char *const sm_app_id = "sm_test_52a_app";
222 const char *const sm_pkg_id = "sm_test_52a_pkg";
224 InstallRequest requestInst;
225 requestInst.setAppId(sm_app_id);
226 requestInst.setPkgId(sm_pkg_id);
228 Api::install(requestInst);
230 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
232 clientTestTemplate([&] (int, pid_t pid) {
233 std::string rcvPkgId, rcvAppId;
234 Api::getPkgIdByPid(pid, &rcvPkgId, &rcvAppId);
235 RUNNER_ASSERT_MSG(rcvPkgId == sm_pkg_id, "pkgIds don't match ret = " << rcvPkgId
236 << "; expected = " << sm_pkg_id);
237 RUNNER_ASSERT_MSG(rcvAppId == sm_app_id, "appIds don't match ret = " << rcvAppId
238 << "; expected = " << sm_app_id);
239 }, "tcsm28a", smackLabel);
241 InstallRequest requestUninst;
242 requestUninst.setAppId(sm_app_id);
244 Api::uninstall(requestUninst);
247 RUNNER_CHILD_TEST(security_manager_52b_get_id_by_pid)
249 const char *const sm_app_id = "sm_test_52b_app";
250 const char *const sm_pkg_id = "sm_test_52b_pkg";
252 InstallRequest requestInst;
253 requestInst.setAppId(sm_app_id);
254 requestInst.setPkgId(sm_pkg_id);
256 Api::install(requestInst);
258 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
260 clientTestTemplate([&] (int, pid_t pid) {
261 std::string rcvPkgId, rcvAppId;
262 Api::getPkgIdByPid(pid + 1, &rcvPkgId, &rcvAppId, SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
263 }, "tcsm28b", smackLabel);
265 InstallRequest requestUninst;
266 requestUninst.setAppId(sm_app_id);
268 Api::uninstall(requestUninst);
271 RUNNER_CHILD_TEST(security_manager_52c_get_id_by_pid)
273 const char *const sm_app_id = "sm_test_52c_app";
274 const char *const sm_pkg_id = "sm_test_52c_pkg";
276 InstallRequest requestInst;
277 requestInst.setAppId(sm_app_id);
278 requestInst.setPkgId(sm_pkg_id);
280 Api::install(requestInst);
282 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
284 clientTestTemplate([&] (int, pid_t pid) {
285 std::string rcvPkgId;
286 Api::getPkgIdByPid(pid, &rcvPkgId, nullptr);
287 RUNNER_ASSERT_MSG(rcvPkgId == sm_pkg_id, "pkgIds don't match ret = " << rcvPkgId
288 << "; expected = " << sm_pkg_id);
289 }, "tcsm28c", smackLabel);
291 InstallRequest requestUninst;
292 requestUninst.setAppId(sm_app_id);
294 Api::uninstall(requestUninst);
297 RUNNER_CHILD_TEST(security_manager_52d_get_id_by_pid)
299 const char *const sm_app_id = "sm_test_52d_app";
300 const char *const sm_pkg_id = "sm_test_52d_pkg";
302 InstallRequest requestInst;
303 requestInst.setAppId(sm_app_id);
304 requestInst.setPkgId(sm_pkg_id);
306 Api::install(requestInst);
308 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
310 clientTestTemplate([&] (int, pid_t pid) {
311 std::string rcvAppId;
312 Api::getPkgIdByPid(pid, nullptr, &rcvAppId);
313 RUNNER_ASSERT_MSG(rcvAppId == sm_app_id, "appIds don't match ret = " << rcvAppId
314 << "; expected = " << sm_app_id);
315 }, "tcsm28d", smackLabel);
317 InstallRequest requestUninst;
318 requestUninst.setAppId(sm_app_id);
320 Api::uninstall(requestUninst);
323 RUNNER_CHILD_TEST(security_manager_52e_get_id_by_pid)
325 const char *const sm_app_id = "sm_test_52e_app";
326 const char *const sm_pkg_id = "sm_test_52e_pkg";
328 InstallRequest requestInst;
329 requestInst.setAppId(sm_app_id);
330 requestInst.setPkgId(sm_pkg_id);
332 Api::install(requestInst);
334 std::string smackLabel = generateProcessLabel(sm_app_id, sm_pkg_id);
336 clientTestTemplate([&] (int sock, pid_t) {
337 Api::getPkgIdByPid(sock, nullptr, nullptr, SECURITY_MANAGER_ERROR_INPUT_PARAM);
338 }, "tcsm28e", smackLabel);
340 InstallRequest requestUninst;
341 requestUninst.setAppId(sm_app_id);
343 Api::uninstall(requestUninst);