2 * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file test_cases.cpp
19 * @author Zofia Abramowska (z.abramowska@samsung.com)
20 * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
22 * @brief libprivilege-control tests commons
25 #ifndef LIBPRIVILEGE_CONTROL_TEST_COMMON_H_
26 #define LIBPRIVILEGE_CONTROL_TEST_COMMON_H_
33 #include <tests_common.h>
35 // How many open file descriptors should ftw() function use?
36 #define FTW_MAX_FDS 16
38 #define SOCK_PATH "/tmp/test-smack-socket"
40 #define TEST_APP_DIR "/etc/smack/test_privilege_control_DIR/app_dir"
41 #define TEST_NON_APP_DIR "/etc/smack/test_privilege_control_DIR/non_app_dir"
43 #define APP_ID "test_APP"
44 #define APPID_DIR "test_APP_ID_dir"
45 #define APPID_SHARED_DIR "test_APP_ID_shared_dir"
48 #define APP_1_DIR "/tmp/app_1"
51 #define APP_2_DIR "/tmp/app_2"
53 #define APP_TEST "app_test"
55 #define EFL_APP_ID "EFL_APP_ID"
57 #define APP_FRIEND_1 "app_friend_1"
58 #define APP_FRIEND_2 "app_friend_2"
60 #define LIBPRIVILEGE_APP_GROUP_LIST "/usr/share/privilege-control/app_group_list"
61 #define LIBPRIVILEGE_TEST_DAC_FILE "/usr/share/privilege-control/test_privilege_control_rules.dac"
62 #define LIBPRIVILEGE_TEST_DAC_FILE_WGT "/usr/share/privilege-control/WRT_test_privilege_control_rules_wgt.dac"
63 #define LIBPRIVILEGE_TEST_DAC_FILE_OSP "/usr/share/privilege-control/OSP_test_privilege_control_rules_osp.dac"
65 #define APP_TEST_APP_1 "test-application1"
66 #define APP_TEST_APP_2 "test-application_2"
67 #define APP_TEST_APP_3 "test-app-3"
68 #define APP_TEST_AV_1 "test-antivirus1"
69 #define APP_TEST_AV_2 "test-antivirus_2"
70 #define APP_TEST_AV_3 "test-av-3"
71 #define APP_TEST_APP_1_DIR "/tmp/test-application1/"
72 #define APP_TEST_APP_2_DIR "/tmp/test-application2/"
73 #define APP_TEST_APP_3_DIR "/tmp/test-application3/"
74 #define APP_TEST_APP_1_SHARED_LABEL "test-application1-shared"
75 #define APP_TEST_APP_2_SHARED_LABEL "test-application2-shared"
76 #define APP_TEST_APP_3_SHARED_LABEL "test-application3-shared"
78 #define WGT_PARTNER_APP_ID "7btsV1Y0sX"
79 #define WGT_PLATFORM_APP_ID "G4DE3U2vmW"
81 #define OSP_APP_ID "uqNfgEjqc7"
82 #define OSP_PARTNER_APP_ID "j4RuPsZrNt"
83 #define OSP_PLATFORM_APP_ID "V5LKqDFBXm"
85 #define WGT_APP_PATH "/opt/usr/apps/QwCqJ0ttyS/bin/QwCqJ0ttyS.TestMisiuPysiu123"
86 #define WGT_PARTNER_APP_PATH "/opt/usr/apps/7btsV1Y0sX/bin/7btsV1Y0sX.MisiuPysiu123Partner"
87 #define WGT_PLATFORM_APP_PATH "/opt/usr/apps/G4DE3U2vmW/bin/G4DE3U2vmW.MisiuPysiu123Platform"
89 #define OSP_APP_PATH "/opt/usr/apps/uqNfgEjqc7/bin/PysiuMisiu123Osp"
90 #define OSP_PARTNER_APP_PATH "/opt/usr/apps/j4RuPsZrNt/bin/PysiuMisiu123OspPartner"
91 #define OSP_PLATFORM_APP_PATH "/opt/usr/apps/V5LKqDFBXm/bin/PysiuMisiu123OspPlatform"
93 #define APP_SET_PRIV_PATH "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP"
95 #define APP_NPRUNTIME "app_np_test"
96 #define APP_NPRUNTIME_FILE "/etc/smack/test_privilege_control_DIR/app_dir/exec"
98 //correct and incorrect PID used in incorrect params test
99 const pid_t PID_CORRECT = 0;
100 const pid_t PID_INCORRECT = -1;
102 extern const char *PRIVS[];
103 extern const char *PRIVS2[];
104 extern const char *PRIVS2_NO_R[];
105 extern const char *PRIVS2_R[];
106 extern const char *PRIVS2_R_AND_NO_R[];
108 extern const char *PRIVS_WGT[];
109 extern const char *PRIVS_OSP[];
110 extern const char *PRIVS_EFL[];
112 extern const char* PRIV_APPSETTING[];
113 extern const char* PRIVS_AV[];
115 typedef std::vector< std::vector<std::string> > rules_t;
117 struct free_deleter {
118 void operator()(void* p) {
122 typedef std::unique_ptr<char, free_deleter> CStringPtr;
124 // Rules from test_privilege_control_rules.smack
125 const rules_t rules = {
126 { APP_ID, "test_book_1", "r" },
127 { APP_ID, "test_book_2", "w" },
128 { APP_ID, "test_book_3", "x" },
129 { APP_ID, "test_book_4", "rw" },
130 { APP_ID, "test_book_5", "rx" },
131 { APP_ID, "test_book_6", "wx" },
132 { APP_ID, "test_book_7", "rwx" },
133 { "test_subject_1", APP_ID, "r" },
134 { "test_subject_2", APP_ID, "w" },
135 { "test_subject_3", APP_ID, "x" },
136 { "test_subject_4", APP_ID, "rw" },
137 { "test_subject_5", APP_ID, "rx" },
138 { "test_subject_6", APP_ID, "wx" },
139 { "test_subject_7", APP_ID, "rwx" },
140 { APP_ID, APPID_SHARED_DIR, "rwxat"}
143 // Rules from WRT_test_privilege_control_rules2.smack
144 const rules_t rules2 = {
145 { WGT_APP_ID, "test_book_8", "r" },
146 { WGT_APP_ID, "test_book_9", "w" },
147 { WGT_APP_ID, "test_book_10", "x" },
148 { WGT_APP_ID, "test_book_11", "rw" },
149 { WGT_APP_ID, "test_book_12", "rx" },
150 { WGT_APP_ID, "test_book_13", "wx" },
151 { WGT_APP_ID, "test_book_14", "rwx" },
152 { WGT_APP_ID, "test_book_15", "rwxat" },
153 { "test_subject_8", WGT_APP_ID, "r" },
154 { "test_subject_9", WGT_APP_ID, "w" },
155 { "test_subject_10", WGT_APP_ID, "x" },
156 { "test_subject_11", WGT_APP_ID, "rw" },
157 { "test_subject_12", WGT_APP_ID, "rx" },
158 { "test_subject_13", WGT_APP_ID, "wx" },
159 { "test_subject_14", WGT_APP_ID, "rwx" },
160 { "test_subject_15", WGT_APP_ID, "rwxat" }
163 // Rules from WRT_test_privilege_control_rules_no_r.smack
164 const rules_t rules2_no_r = {
165 { WGT_APP_ID, "test_book_9", "w" },
166 { WGT_APP_ID, "test_book_10", "x" },
167 { WGT_APP_ID, "test_book_11", "w" },
168 { WGT_APP_ID, "test_book_12", "x" },
169 { WGT_APP_ID, "test_book_13", "x" },
170 { WGT_APP_ID, "test_book_14", "wx" },
171 { WGT_APP_ID, "test_book_15", "wxat" },
172 { "test_subject_9", WGT_APP_ID, "w" },
173 { "test_subject_10", WGT_APP_ID, "x" },
174 { "test_subject_11", WGT_APP_ID, "w" },
175 { "test_subject_12", WGT_APP_ID, "x" },
176 { "test_subject_13", WGT_APP_ID, "x" },
177 { "test_subject_14", WGT_APP_ID, "wx" },
178 { "test_subject_15", WGT_APP_ID, "wxat" }
181 // Rules from test_privilege_control_rules.smack
182 // minus WRT_test_privilege_control_rules_no_r.smack
183 const rules_t rules2_r = {
184 { WGT_APP_ID, "test_book_8", "r" },
185 { WGT_APP_ID, "test_book_11", "r" },
186 { WGT_APP_ID, "test_book_12", "r" },
187 { WGT_APP_ID, "test_book_14", "r" },
188 { WGT_APP_ID, "test_book_15", "r" },
189 { "test_subject_8", WGT_APP_ID, "r" },
190 { "test_subject_11", WGT_APP_ID, "r" },
191 { "test_subject_12", WGT_APP_ID, "r" },
192 { "test_subject_14", WGT_APP_ID, "r" },
193 { "test_subject_15", WGT_APP_ID, "r" }
196 // Rules from EFL_test_privilege_control_rules_osp.smack for osp_platform
197 const rules_t rules_efl = {
198 { APP_ID, "test_book_efl", "r" }
201 // Rules from WRT_test_privilege_control_rules_wgt.smack for wgt
202 const rules_t rules_wgt = {
203 { WGT_APP_ID, "test_book_8", "r" },
204 { WGT_APP_ID, "test_book_9", "w" },
205 { WGT_APP_ID, "test_book_10", "x" },
206 { WGT_APP_ID, "test_book_11", "rw" },
207 { WGT_APP_ID, "test_book_12", "rx" },
208 { WGT_APP_ID, "test_book_13", "wx" },
209 { WGT_APP_ID, "test_book_14", "rwx" },
210 { WGT_APP_ID, "test_book_15", "rwxat" },
211 { "test_subject_8", WGT_APP_ID, "r" },
212 { "test_subject_9", WGT_APP_ID, "w" },
213 { "test_subject_10", WGT_APP_ID, "x" },
214 { "test_subject_11", WGT_APP_ID, "rw" },
215 { "test_subject_12", WGT_APP_ID, "rx" },
216 { "test_subject_13", WGT_APP_ID, "wx" },
217 { "test_subject_14", WGT_APP_ID, "rwx" },
218 { "test_subject_15", WGT_APP_ID, "rwxat" }
221 // Rules from WRT_test_privilege_control_rules.smack for wgt
222 const rules_t rules_wgt2 = {
223 { WGT_APP_ID, "test_book_1", "r" },
224 { WGT_APP_ID, "test_book_2", "w" },
225 { WGT_APP_ID, "test_book_3", "x" },
226 { WGT_APP_ID, "test_book_4", "rw" },
227 { WGT_APP_ID, "test_book_5", "rx" },
228 { WGT_APP_ID, "test_book_6", "wx" },
229 { WGT_APP_ID, "test_book_7", "rwx" },
230 { "test_subject_1", WGT_APP_ID, "r" },
231 { "test_subject_2", WGT_APP_ID, "w" },
232 { "test_subject_3", WGT_APP_ID, "x" },
233 { "test_subject_4", WGT_APP_ID, "rw" },
234 { "test_subject_5", WGT_APP_ID, "rx" },
235 { "test_subject_6", WGT_APP_ID, "wx" },
236 { "test_subject_7", WGT_APP_ID, "rwx" }
239 // Rules from WRT_test_privilege_control_rules_wgt.smack for wgt_partner
240 const rules_t rules_wgt_partner = {
241 { WGT_PARTNER_APP_ID, "test_book_8", "r" },
242 { WGT_PARTNER_APP_ID, "test_book_9", "w" },
243 { WGT_PARTNER_APP_ID, "test_book_10", "x" },
244 { WGT_PARTNER_APP_ID, "test_book_11", "rw" },
245 { WGT_PARTNER_APP_ID, "test_book_12", "rx" },
246 { WGT_PARTNER_APP_ID, "test_book_13", "wx" },
247 { WGT_PARTNER_APP_ID, "test_book_14", "rwx" },
248 { WGT_PARTNER_APP_ID, "test_book_15", "rwxat" },
249 { "test_subject_8", WGT_PARTNER_APP_ID, "r" },
250 { "test_subject_9", WGT_PARTNER_APP_ID, "w" },
251 { "test_subject_10", WGT_PARTNER_APP_ID, "x" },
252 { "test_subject_11", WGT_PARTNER_APP_ID, "rw" },
253 { "test_subject_12", WGT_PARTNER_APP_ID, "rx" },
254 { "test_subject_13", WGT_PARTNER_APP_ID, "wx" },
255 { "test_subject_14", WGT_PARTNER_APP_ID, "rwx" },
256 { "test_subject_15", WGT_PARTNER_APP_ID, "rwxat" }
259 // Rules from WRT_test_privilege_control_rules_wgt.smack for wgt_platform
260 const rules_t rules_wgt_platform = {
261 { WGT_PLATFORM_APP_ID, "test_book_8", "r" },
262 { WGT_PLATFORM_APP_ID, "test_book_9", "w" },
263 { WGT_PLATFORM_APP_ID, "test_book_10", "x" },
264 { WGT_PLATFORM_APP_ID, "test_book_11", "rw" },
265 { WGT_PLATFORM_APP_ID, "test_book_12", "rx" },
266 { WGT_PLATFORM_APP_ID, "test_book_13", "wx" },
267 { WGT_PLATFORM_APP_ID, "test_book_14", "rwx" },
268 { WGT_PLATFORM_APP_ID, "test_book_15", "rwxat" },
269 { "test_subject_8", WGT_PLATFORM_APP_ID, "r" },
270 { "test_subject_9", WGT_PLATFORM_APP_ID, "w" },
271 { "test_subject_10", WGT_PLATFORM_APP_ID, "x" },
272 { "test_subject_11", WGT_PLATFORM_APP_ID, "rw" },
273 { "test_subject_12", WGT_PLATFORM_APP_ID, "rx" },
274 { "test_subject_13", WGT_PLATFORM_APP_ID, "wx" },
275 { "test_subject_14", WGT_PLATFORM_APP_ID, "rwx" },
276 { "test_subject_15", WGT_PLATFORM_APP_ID, "rwxat" }
279 // Rules from OSP_test_privilege_control_rules_osp.smack for osp
280 const rules_t rules_osp = {
281 { OSP_APP_ID, "test_book_8", "r" },
282 { OSP_APP_ID, "test_book_9", "w" },
283 { OSP_APP_ID, "test_book_10", "x" },
284 { OSP_APP_ID, "test_book_11", "rw" },
285 { OSP_APP_ID, "test_book_12", "rx" },
286 { OSP_APP_ID, "test_book_13", "wx" },
287 { OSP_APP_ID, "test_book_14", "rwx" },
288 { OSP_APP_ID, "test_book_15", "rwxat" },
289 { "test_subject_8", OSP_APP_ID, "r" },
290 { "test_subject_9", OSP_APP_ID, "w" },
291 { "test_subject_10", OSP_APP_ID, "x" },
292 { "test_subject_11", OSP_APP_ID, "rw" },
293 { "test_subject_12", OSP_APP_ID, "rx" },
294 { "test_subject_13", OSP_APP_ID, "wx" },
295 { "test_subject_14", OSP_APP_ID, "rwx" },
296 { "test_subject_15", OSP_APP_ID, "rwxat" }
299 // Rules from OSP_test_privilege_control_rules_osp.smack for osp_partner
300 const rules_t rules_osp_partner = {
301 { OSP_PARTNER_APP_ID, "test_book_8", "r" },
302 { OSP_PARTNER_APP_ID, "test_book_9", "w" },
303 { OSP_PARTNER_APP_ID, "test_book_10", "x" },
304 { OSP_PARTNER_APP_ID, "test_book_11", "rw" },
305 { OSP_PARTNER_APP_ID, "test_book_12", "rx" },
306 { OSP_PARTNER_APP_ID, "test_book_13", "wx" },
307 { OSP_PARTNER_APP_ID, "test_book_14", "rwx" },
308 { OSP_PARTNER_APP_ID, "test_book_15", "rwxat" },
309 { "test_subject_8", OSP_PARTNER_APP_ID, "r" },
310 { "test_subject_9", OSP_PARTNER_APP_ID, "w" },
311 { "test_subject_10", OSP_PARTNER_APP_ID, "x" },
312 { "test_subject_11", OSP_PARTNER_APP_ID, "rw" },
313 { "test_subject_12", OSP_PARTNER_APP_ID, "rx" },
314 { "test_subject_13", OSP_PARTNER_APP_ID, "wx" },
315 { "test_subject_14", OSP_PARTNER_APP_ID, "rwx" },
316 { "test_subject_15", OSP_PARTNER_APP_ID, "rwxat" }
319 // Rules from OSP_test_privilege_control_rules_osp.smack for osp_platform
320 const rules_t rules_osp_platform = {
321 { OSP_PLATFORM_APP_ID, "test_book_8", "r" },
322 { OSP_PLATFORM_APP_ID, "test_book_9", "w" },
323 { OSP_PLATFORM_APP_ID, "test_book_10", "x" },
324 { OSP_PLATFORM_APP_ID, "test_book_11", "rw" },
325 { OSP_PLATFORM_APP_ID, "test_book_12", "rx" },
326 { OSP_PLATFORM_APP_ID, "test_book_13", "wx" },
327 { OSP_PLATFORM_APP_ID, "test_book_14", "rwx" },
328 { OSP_PLATFORM_APP_ID, "test_book_15", "rwxat" },
329 { "test_subject_8", OSP_PLATFORM_APP_ID, "r" },
330 { "test_subject_9", OSP_PLATFORM_APP_ID, "w" },
331 { "test_subject_10", OSP_PLATFORM_APP_ID, "x" },
332 { "test_subject_11", OSP_PLATFORM_APP_ID, "rw" },
333 { "test_subject_12", OSP_PLATFORM_APP_ID, "rx" },
334 { "test_subject_13", OSP_PLATFORM_APP_ID, "wx" },
335 { "test_subject_14", OSP_PLATFORM_APP_ID, "rwx" },
336 { "test_subject_15", OSP_PLATFORM_APP_ID, "rwxat" }
339 int test_have_all_accesses(const rules_t &rules);
340 int test_have_any_accesses(const rules_t &rules);
341 int test_have_nosmack_accesses(const rules_t &rules);
343 void read_gids(std::set<unsigned> &set, const char *file_path);
344 void check_groups(const char *dac_file);
346 int file_exists(const char *path);
347 void check_app_installed(int line_no, const char *app_path);
349 int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/,
350 int /*typeflag*/, struct FTW* /*ftwbuf*/);
351 int nftw_check_labels_app_dir(const char *fpath, const struct stat *sb,
352 int /*typeflag*/, struct FTW* /*ftwbuf*/);
353 int nftw_set_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/,
354 int /*typeflag*/, struct FTW* /*ftwbuf*/);
355 int nftw_check_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/,
356 int /*typeflag*/, struct FTW* /*ftwbuf*/);
358 void checkOnlyAvAccess(const char *av_id, const char *app_id, const char *comment);
359 void checkOnlyAvAccessNosmack(const char *av_id, const char *app_id, const char *comment);
360 void check_app_has_permission(const char* app_id, const app_type_t app_type,
361 const char *perm_list[], const int expected_result);
363 void test_revoke_permissions(int line_no, const char* app_id, const rules_t &rules, bool smack);
364 void test_app_enable_permissions_efl(bool smack);
365 void test_app_disable_permissions_efl(bool smack);
366 void test_app_disable_permissions(bool smack);
367 void test_appsettings_privilege(bool smack);
369 #endif /* LIBPRIVILEGE_CONTROL_TEST_COMMON_H_ */