Merge branch 'security-manager' into tizen

[platform/core/test/security-tests.git] / src / security-manager-tests / test_cases_prepare_app.cpp

/*
 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
 *
 *    Licensed under the Apache License, Version 2.0 (the "License");
 *    you may not use this file except in compliance with the License.
 *    You may obtain a copy of the License at
 *
 *        http://www.apache.org/licenses/LICENSE-2.0
 *
 *    Unless required by applicable law or agreed to in writing, software
 *    distributed under the License is distributed on an "AS IS" BASIS,
 *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *    See the License for the specific language governing permissions and
 *    limitations under the License.
 */

#include <sys/smack.h>
#include <sys/capability.h>
#include <sys/prctl.h>

#include <thread>
#include <string>
#include <memory>
#include <mutex>

#include <dpl/test/test_runner_child.h>
#include <dpl/test/test_runner.h>

#include <app_install_helper.h>
#include <scoped_installer.h>
#include <sm_api.h>
#include <sm_commons.h>
#include <memory.h>
#include <tests_common.h>

using namespace SecurityManagerTest;

namespace {
bool finish = false;
const size_t THREADS = 10;

const std::string APP_TEST_USER = "app_test_user";

typedef std::unique_ptr<_cap_struct, decltype(&cap_free)> CapPtr;

std::string thread_errors;
std::mutex error_mutex;

#define THREAD_ASSERT_MSG(test, message)                                       \
    do                                                                         \
    {                                                                          \
        if (!(test))                                                           \
        {                                                                      \
            std::ostringstream assertMsg;                                      \
            assertMsg << #test << " " << __FILE__ << " " << __LINE__ << " " << \
                         message << std::endl;                                 \
            std::lock_guard<std::mutex> guard(error_mutex);                    \
            thread_errors.append(assertMsg.str());                             \
        }                                                                      \
    } while (0)

void threadFn(int i, const std::string &expectedLabel)
{
    if (i % 2 == 0) {
        // block all signals
        sigset_t sigset;
        THREAD_ASSERT_MSG(sigfillset(&sigset) == 0, "sigfillset failed");
        THREAD_ASSERT_MSG(sigprocmask(SIG_BLOCK, &sigset, NULL) == 0, "sigprocmask failed");
    }

    while (!finish)
        usleep(1000);

    char* label;
    THREAD_ASSERT_MSG(smack_new_label_from_self(&label) > 0, "smack_new_label_from_self failed");
    CStringPtr labelPtr(label);

    THREAD_ASSERT_MSG(expectedLabel.compare(label) == 0,
                      "Thread " << i << " has a wrong label: " << label);

    CapPtr expectedCaps(cap_init(), cap_free);
    THREAD_ASSERT_MSG(expectedCaps, "cap_init() failed");
    THREAD_ASSERT_MSG(cap_clear(expectedCaps.get()) == 0, "cap_clear() failed");

    CapPtr realCaps(cap_get_proc(), cap_free);
    THREAD_ASSERT_MSG(realCaps, "cap_get_proc() failed");
    THREAD_ASSERT_MSG(cap_compare(realCaps.get(), expectedCaps.get()) == 0,
                      "Thread " << i << " has wrong caps");
}

struct ThreadWrapper
{

    ThreadWrapper()
    {
    }
    ~ThreadWrapper()
    {
        finish = true;
        thread.join();
    }

    void run(int i, const std::string &expectedLabel)
    {
        THREAD_ASSERT_MSG(!thread.joinable(), "Thread already started");
        thread = std::thread(threadFn, i, expectedLabel);
    }

    std::thread thread;
};

int setLauncherSecurityAttributes(TemporaryTestUser &user)
{
    // Add launcher capabilities (cap_dac_override, cap_setgid, cap_sys_admin, cap_mac_admin),
    // launcher is user process, we must drop root privileges (cap_setgid, cap_setuid are needed).
    // By default, the permitted capability set is cleared when credentials change is made
    // (if a process drops a capability from its permitted set, it can never reacquire that capability),
    // setting the "keep capabilities" flag prevents it from being cleared.
    // Effective capability set is always cleared when credential change is made, we need to add them again.

    setCaps("cap_dac_override+ep cap_setgid+ep cap_sys_admin+ep cap_mac_admin+ep cap_setuid+ep");
    int ret = prctl(PR_SET_KEEPCAPS, 1, 0, 0);
    if (ret != 0)
        return ret;

    ret = drop_root_privileges(user.getUid(), user.getGid());
    if (ret != 0)
        return ret;

    setCaps("cap_dac_override+ep cap_setgid+ep cap_sys_admin+ep cap_mac_admin+ep");
    return ret;
}

} // anonymous namespace

RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_PREPARE_APP)

RUNNER_CHILD_TEST(security_manager_100_synchronize_credentials_test)
{
    TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
    tmpUser.create();

    AppInstallHelper app("app100", tmpUser.getUid());
    ScopedInstaller appInstall(app);
    const std::string expectedLabel = app.generateAppLabel();

    pid_t pid = fork();
    RUNNER_ASSERT_ERRNO_MSG(pid >= 0, "Fork failed");
    if (pid == 0) {
        {
            RUNNER_ASSERT_ERRNO_MSG(setLauncherSecurityAttributes(tmpUser) == 0, "launcher failed");

            ThreadWrapper threads[THREADS];

            for (size_t i = 0; i < THREADS; i++)
                threads[i].run(i, expectedLabel);

            Api::prepareApp(app.getAppId().c_str());
        }
        RUNNER_ASSERT_MSG(thread_errors.empty(), std::endl << thread_errors);
        exit(0);
    } else {
        waitPid(pid);
    }
}