2 * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
6 * @file security_server_tests_cookie_api.cpp
7 * @author Pawel Polawski (p.polawski@partner.samsung.com)
9 * @brief Test cases for security server cookie api
14 Tested API functions in this file:
16 Protected by "security-server::api-cookie-get" label:
17 int security_server_get_cookie_size(void);
18 int security_server_request_cookie(char *cookie, size_t bufferSize);
21 Protected by "security-server::api-cookie-check" label:
22 int security_server_check_privilege(const char *cookie, gid_t privilege);
23 int security_server_check_privilege_by_cookie(const char *cookie,
25 const char *access_rights);
26 int security_server_get_cookie_pid(const char *cookie);
27 char *security_server_get_smacklabel_cookie(const char *cookie);
28 int security_server_get_uid_by_cookie(const char *cookie, uid_t *uid);
29 int security_server_get_gid_by_cookie(const char *cookie, gid_t *gid);
32 #include <dpl/test/test_runner.h>
33 #include <dpl/test/test_runner_multiprocess.h>
34 #include <tests_common.h>
35 #include <sys/smack.h>
37 #include <sys/types.h>
39 #include <access_provider.h>
40 #include <security-server.h>
41 #include <smack_access.h>
43 const char *ROOT_USER = "root";
44 const char *PROC_AUDIO_GROUP_NAME = "audio";
46 typedef std::unique_ptr<char, void(*)(void *)> UniquePtrCstring;
47 const int KNOWN_COOKIE_SIZE = 20;
48 typedef std::vector<char> Cookie;
50 Cookie getCookieFromSS() {
51 Cookie cookie(security_server_get_cookie_size());
53 RUNNER_ASSERT_MSG_BT(SECURITY_SERVER_API_SUCCESS ==
54 security_server_request_cookie(cookie.data(), cookie.size()),
55 "Error in security_server_request_cookie.");
60 RUNNER_TEST_GROUP_INIT(COOKIE_API_TESTS)
63 * **************************************************************************
64 * Test cases fot check various functions input params cases
65 * **************************************************************************
68 //---------------------------------------------------------------------------
69 //passing NULL as a buffer pointer
70 RUNNER_CHILD_TEST(tc_arguments_01_01_security_server_request_cookie)
72 int ret = security_server_request_cookie(NULL, KNOWN_COOKIE_SIZE);
73 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
74 "Error in security_server_request_cookie() argument checking: " << ret);
77 //passing too small value as a buffer size
78 RUNNER_CHILD_TEST(tc_arguments_01_02_security_server_request_cookie)
80 Cookie cookie(KNOWN_COOKIE_SIZE);
82 int ret = security_server_request_cookie(cookie.data(), KNOWN_COOKIE_SIZE - 1);
83 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_BUFFER_TOO_SMALL,
84 "Error in security_server_request_cookie() argument checking: " << ret);
87 //---------------------------------------------------------------------------
88 //passing NULL as a cookie pointer
89 RUNNER_CHILD_TEST(tc_arguments_02_01_security_server_check_privilege)
91 int ret = security_server_check_privilege(NULL, 0);
92 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
93 "Error in security_server_check_privilege() argument checking: " << ret);
96 //---------------------------------------------------------------------------
97 //passing NULL as a cookie pointer
98 RUNNER_CHILD_TEST(tc_arguments_03_01_security_server_check_privilege_by_cookie)
100 int ret = security_server_check_privilege_by_cookie(NULL, "wiadro", "rwx");
101 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
102 "Error in security_server_check_privilege_by_cookie() argument checking: "
106 //passing NULL as an object pointer
107 RUNNER_CHILD_TEST(tc_arguments_03_02_security_server_check_privilege_by_cookie)
109 Cookie cookie = getCookieFromSS();
111 int ret = security_server_check_privilege_by_cookie(cookie.data(), NULL, "rwx");
112 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
113 "Error in security_server_check_privilege_by_cookie() argument checking: "
117 //passing NULL as an access pointer
118 RUNNER_CHILD_TEST(tc_arguments_03_03_security_server_check_privilege_by_cookie)
120 Cookie cookie = getCookieFromSS();
122 int ret = security_server_check_privilege_by_cookie(cookie.data(), "wiadro", NULL);
123 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
124 "Error in security_server_check_privilege_by_cookie() argument checking: "
128 //---------------------------------------------------------------------------
129 //passing NULL as a cookie pointer
130 RUNNER_CHILD_TEST(tc_arguments_04_01_security_server_get_cookie_pid)
132 int ret = security_server_get_cookie_pid(NULL);
133 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
134 "Error in security_server_get_cookie_pid() argument checking: " << ret);
137 //getting pid of non existing cookie
138 RUNNER_TEST(tc_arguments_04_02_security_server_get_cookie_pid)
140 const char wrong_cookie[KNOWN_COOKIE_SIZE] = {'w', 'a', 't', '?'};
141 RUNNER_ASSERT_BT(security_server_get_cookie_pid(wrong_cookie) ==
142 SECURITY_SERVER_API_ERROR_NO_SUCH_COOKIE);
145 //---------------------------------------------------------------------------
146 //passing NULL as a cookie pointer
147 RUNNER_CHILD_TEST(tc_arguments_05_01_security_server_get_smacklabel_cookie)
150 label = security_server_get_smacklabel_cookie(NULL);
151 RUNNER_ASSERT_MSG_BT(label == NULL,
152 "Error in security_server_get_smacklabel_cookie() argument checking");
155 //---------------------------------------------------------------------------
156 //passing NULL as a cookie pointer
157 RUNNER_CHILD_TEST(tc_arguments_06_01_security_server_get_uid_by_cookie)
160 int ret = security_server_get_uid_by_cookie(NULL, &uid);
161 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
162 "Error in security_server_get_uid_by_cookie() argument checking: "
166 //passing NULL as an uid pointer
167 RUNNER_CHILD_TEST(tc_arguments_06_02_security_server_get_uid_by_cookie)
169 Cookie cookie = getCookieFromSS();
171 int ret = security_server_get_uid_by_cookie(cookie.data(), NULL);
172 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
173 "Error in security_server_get_uid_by_cookie() argument checking: "
177 //---------------------------------------------------------------------------
178 //passing NULL as an cookie pointer
179 RUNNER_CHILD_TEST(tc_arguments_07_01_security_server_get_gid_by_cookie)
182 int ret = security_server_get_gid_by_cookie(NULL, &gid);
183 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
184 "Error in security_server_get_gid_by_cookie() argument checking: "
188 //passing NULL as an gid pointer
189 RUNNER_CHILD_TEST(tc_arguments_07_02_security_server_get_gid_by_cookie)
191 Cookie cookie = getCookieFromSS();
193 int ret = security_server_get_gid_by_cookie(cookie.data(), NULL);
194 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
195 "Error in security_server_get_gid_by_cookie() argument checking: "
202 * **************************************************************************
203 * Unit tests for each function from API
204 * **************************************************************************
207 //---------------------------------------------------------------------------
208 //root has access to API
209 RUNNER_CHILD_TEST(tc_unit_01_01_security_server_get_cookie_size)
211 int ret = security_server_get_cookie_size();
212 RUNNER_ASSERT_MSG_BT(ret == KNOWN_COOKIE_SIZE,
213 "Error in security_server_get_cookie_size(): " << ret);
216 //---------------------------------------------------------------------------
217 // security_server_get_cookie_size() is no longer ptotected by SMACK
218 RUNNER_CHILD_TEST(tc_unit_01_02_security_server_get_cookie_size)
220 SecurityServer::AccessProvider provider("selflabel_01_02");
221 provider.applyAndSwithToUser(APP_UID, APP_GID);
223 int ret = security_server_get_cookie_size();
224 RUNNER_ASSERT_MSG_BT(ret == KNOWN_COOKIE_SIZE,
225 "Error in security_server_get_cookie_size(): " << ret);
228 //---------------------------------------------------------------------------
229 //root has access to API
230 RUNNER_CHILD_TEST(tc_unit_02_01_security_server_request_cookie)
232 int cookieSize = security_server_get_cookie_size();
233 RUNNER_ASSERT_MSG_BT(cookieSize == KNOWN_COOKIE_SIZE,
234 "Error in security_server_get_cookie_size(): " << cookieSize);
236 Cookie cookie(cookieSize);
237 int ret = security_server_request_cookie(cookie.data(), cookie.size());
238 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
239 "Error in security_server_request_cookie(): " << ret);
242 //---------------------------------------------------------------------------
243 //root has access to API
244 RUNNER_CHILD_TEST(tc_unit_03_01_security_server_check_privilege)
246 Cookie cookie = getCookieFromSS();
248 int ret = security_server_check_privilege(cookie.data(), 0);
249 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
250 "Error in security_server_check_privilege(): " << ret);
253 //privileges drop and no smack rule
254 RUNNER_CHILD_TEST_SMACK(tc_unit_03_02_security_server_check_privilege)
256 Cookie cookie = getCookieFromSS();
258 SecurityServer::AccessProvider provider("selflabel_03_02");
259 provider.applyAndSwithToUser(APP_UID, APP_GID);
261 int ret = security_server_check_privilege(cookie.data(), 0);
262 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
263 "Error in security_server_check_privilege(): " << ret);
266 //privileges drop and added smack rule
267 RUNNER_CHILD_TEST_SMACK(tc_unit_03_03_security_server_check_privilege)
269 Cookie cookie = getCookieFromSS();
271 SecurityServer::AccessProvider provider("selflabel_03_03");
272 provider.allowFunction("security_server_check_privilege");
273 provider.applyAndSwithToUser(APP_UID, APP_GID);
275 int ret = security_server_check_privilege(cookie.data(), 0);
276 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
277 "Error in security_server_check_privilege(): " << ret);
281 RUNNER_CHILD_TEST(tc_unit_03_04_security_server_check_privilege_neg)
283 remove_process_group(PROC_AUDIO_GROUP_NAME);
285 Cookie cookie = getCookieFromSS();
286 int audio_gid = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
287 RUNNER_ASSERT_MSG_BT(audio_gid > -1,
288 "security_server_get_gid() failed. result = " << audio_gid);
290 int ret = security_server_check_privilege(cookie.data(), audio_gid);
292 // security_server_check_privilege fails, because the process does not belong to "audio" group
293 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
297 RUNNER_CHILD_TEST(tc_unit_03_05_security_server_check_privilege)
299 add_process_group(PROC_AUDIO_GROUP_NAME);
301 Cookie cookie = getCookieFromSS();
302 int audio_gid = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
303 RUNNER_ASSERT_MSG_BT(audio_gid > -1,
304 "security_server_get_gid() failed. result = " << audio_gid);
306 int ret = security_server_check_privilege(cookie.data(), audio_gid);
307 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
310 // test invalid cookie name
311 RUNNER_TEST(tc_unit_03_06_security_server_check_privilege)
313 // create invalid cookie
314 int size = security_server_get_cookie_size();
315 RUNNER_ASSERT_MSG_BT(size == KNOWN_COOKIE_SIZE, "Wrong cookie size. size = " << size);
319 int ret = security_server_check_privilege(cookie.data(), 0);
320 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
323 //---------------------------------------------------------------------------
324 //root has access to API
325 RUNNER_CHILD_TEST(tc_unit_05_01_security_server_get_cookie_pid)
327 Cookie cookie = getCookieFromSS();
329 int ret = security_server_get_cookie_pid(cookie.data());
330 RUNNER_ASSERT_MSG_BT(ret > -1, "Error in security_server_get_cookie_pid(): " << ret);
333 RUNNER_ASSERT_MSG_BT(pid == ret, "No match in PID received from cookie");
336 //privileges drop and no smack rule
337 RUNNER_CHILD_TEST_SMACK(tc_unit_05_02_security_server_get_cookie_pid)
339 Cookie cookie = getCookieFromSS();
341 SecurityServer::AccessProvider provider("selflabel_05_02");
342 provider.applyAndSwithToUser(APP_UID, APP_GID);
344 int ret = security_server_get_cookie_pid(cookie.data());
345 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
346 "Error in security_server_get_cookie_pid(): " << ret);
349 //privileges drop and added smack rule
350 RUNNER_CHILD_TEST_SMACK(tc_unit_05_03_security_server_get_cookie_pid)
352 Cookie cookie = getCookieFromSS();
354 SecurityServer::AccessProvider provider("selflabel_05_03");
355 provider.allowFunction("security_server_get_cookie_pid");
356 provider.applyAndSwithToUser(APP_UID, APP_GID);
358 int ret = security_server_get_cookie_pid(cookie.data());
359 RUNNER_ASSERT_MSG_BT(ret > -1, "Error in security_server_get_cookie_pid(): " << ret);
362 RUNNER_ASSERT_MSG_BT(pid == ret, "No match in PID received from cookie");
365 //---------------------------------------------------------------------------
366 //root has access to API
367 RUNNER_CHILD_TEST(tc_unit_06_01_security_server_get_smacklabel_cookie)
369 setLabelForSelf(__LINE__, "selflabel_06_01");
371 Cookie cookie = getCookieFromSS();
373 UniquePtrCstring label(security_server_get_smacklabel_cookie(cookie.data()), free);
374 RUNNER_ASSERT_MSG_BT(strcmp(label.get(), "selflabel_06_01") == 0,
375 "No match in smack label received from cookie, received label: "
379 //privileges drop and no smack rule
380 RUNNER_CHILD_TEST_SMACK(tc_unit_06_02_security_server_get_smacklabel_cookie)
382 Cookie cookie = getCookieFromSS();
384 SecurityServer::AccessProvider provider("selflabel_06_02");
385 provider.applyAndSwithToUser(APP_UID, APP_GID);
387 UniquePtrCstring label(security_server_get_smacklabel_cookie(cookie.data()), free);
388 RUNNER_ASSERT_MSG_BT(label.get() == NULL,
389 "NULL should be received due to access denied, received label: "
393 //privileges drop and added smack rule
394 RUNNER_CHILD_TEST_SMACK(tc_unit_06_03_security_server_get_smacklabel_cookie)
396 SecurityServer::AccessProvider provider("selflabel_06_03");
397 provider.allowFunction("security_server_get_smacklabel_cookie");
398 provider.applyAndSwithToUser(APP_UID, APP_GID);
400 Cookie cookie = getCookieFromSS();
402 UniquePtrCstring label(security_server_get_smacklabel_cookie(cookie.data()), free);
403 RUNNER_ASSERT_MSG_BT(strcmp(label.get(), "selflabel_06_03") == 0,
404 "No match in smack label received from cookie, received label: "
408 //---------------------------------------------------------------------------
409 //root has access to API
410 RUNNER_CHILD_TEST(tc_unit_07_01_security_server_get_uid_by_cookie)
412 Cookie cookie = getCookieFromSS();
415 int ret = security_server_get_uid_by_cookie(cookie.data(), &uid);
416 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
417 "Error in security_server_get_uid_by_cookie(): " << ret);
419 RUNNER_ASSERT_MSG_BT(ret == (int)uid, "No match in UID received from cookie");
422 //privileges drop and no smack rule
423 RUNNER_CHILD_TEST_SMACK(tc_unit_07_02_security_server_get_uid_by_cookie)
425 SecurityServer::AccessProvider provider("selflabel_07_02");
426 provider.applyAndSwithToUser(APP_UID, APP_GID);
428 Cookie cookie(KNOWN_COOKIE_SIZE);
431 int ret = security_server_get_uid_by_cookie(cookie.data(), &uid);
432 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
433 "Error in security_server_get_uid_by_cookie(): " << ret);
436 //privileges drop and added smack rule
437 RUNNER_CHILD_TEST_SMACK(tc_unit_07_03_security_server_get_uid_by_cookie)
439 SecurityServer::AccessProvider provider("selflabel_07_02");
440 provider.allowFunction("security_server_get_uid_by_cookie");
441 provider.applyAndSwithToUser(APP_UID, APP_GID);
443 Cookie cookie = getCookieFromSS();
446 int ret = security_server_get_uid_by_cookie(cookie.data(), &uid);
447 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
448 "Error in security_server_get_uid_by_cookie(): " << ret);
450 RUNNER_ASSERT_MSG_BT(ret == (int)uid, "No match in UID received from cookie");
453 //---------------------------------------------------------------------------
454 //root has access to API
455 RUNNER_CHILD_TEST(tc_unit_08_01_security_server_get_gid_by_cookie)
457 Cookie cookie = getCookieFromSS();
461 int ret = security_server_get_gid_by_cookie(cookie.data(), &gid);
462 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
463 "Error in security_server_get_gid_by_cookie(): " << ret);
465 RUNNER_ASSERT_MSG_BT(ret == (int)gid, "No match in GID received from cookie");
468 //privileges drop and no smack rule
469 RUNNER_CHILD_TEST_SMACK(tc_unit_08_02_security_server_get_gid_by_cookie)
471 SecurityServer::AccessProvider provider("selflabel_08_02");
472 provider.applyAndSwithToUser(APP_UID, APP_GID);
474 Cookie cookie(KNOWN_COOKIE_SIZE);
477 int ret = security_server_get_gid_by_cookie(cookie.data(), &gid);
478 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
479 "Error in security_server_get_gid_by_cookie(): " << ret);
482 //privileges drop and added smack rule
483 RUNNER_CHILD_TEST_SMACK(tc_unit_08_03_security_server_get_gid_by_cookie)
485 SecurityServer::AccessProvider provider("selflabel_08_03");
486 provider.allowFunction("security_server_get_gid_by_cookie");
487 provider.applyAndSwithToUser(APP_UID, APP_GID);
489 Cookie cookie = getCookieFromSS();
492 int ret = security_server_get_gid_by_cookie(cookie.data(), &gid);
493 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
494 "Error in security_server_get_gid_by_cookie(): " << ret);
496 RUNNER_ASSERT_MSG_BT(ret == (int)gid, "No match in GID received from cookie");
499 //---------------------------------------------------------------------------
500 // apply smack labels and drop privileges
501 RUNNER_CHILD_TEST_SMACK(tc_unit_09_01_cookie_API_access_allow)
503 add_process_group(PROC_AUDIO_GROUP_NAME);
505 SecurityServer::AccessProvider provider("subject_1d6eda7d");
506 provider.allowFunction("security_server_get_gid");
507 provider.allowFunction("security_server_request_cookie");
508 provider.allowFunction("security_server_check_privilege");
509 provider.allowFunction("security_server_get_cookie_pid");
510 provider.allowFunction("security_server_get_smacklabel_cookie");
511 provider.allowFunction("security_server_check_privilege_by_pid");
512 provider.applyAndSwithToUser(APP_UID, APP_GID);
514 Cookie cookie = getCookieFromSS();
516 int ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
517 RUNNER_ASSERT_MSG_BT(ret > -1, "Failed to get \"" << PROC_AUDIO_GROUP_NAME
518 << "\" gid. Result: " << ret);
520 ret = security_server_check_privilege(cookie.data(), ret);
521 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
523 int root_gid = security_server_get_gid(ROOT_USER);
524 RUNNER_ASSERT_MSG_BT(root_gid > -1, "root_gid: " << root_gid);
526 ret = security_server_get_cookie_pid(cookie.data());
527 RUNNER_ASSERT_MSG_BT(ret == getpid(), "ret: " << ret);
529 UniquePtrCstring ss_label(security_server_get_smacklabel_cookie(cookie.data()), free);
530 RUNNER_ASSERT_MSG_BT(ss_label.get() != NULL, "ss_label: " << ss_label.get());
532 ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
533 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
536 // disable access and drop privileges
537 RUNNER_CHILD_TEST(tc_unit_09_02_cookie_API_access_deny)
539 SecurityServer::AccessProvider provider("subject_1d414140");
540 provider.applyAndSwithToUser(APP_UID, APP_GID);
542 Cookie cookie = getCookieFromSS();
544 int ret = security_server_check_privilege(cookie.data(), DB_ALARM_GID);
545 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
547 ret = security_server_get_gid(ROOT_USER);
548 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
550 ret = security_server_get_cookie_pid(cookie.data());
551 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
553 UniquePtrCstring ss_label(security_server_get_smacklabel_cookie(cookie.data()), free);
554 RUNNER_ASSERT_MSG_BT(ss_label.get() == NULL, "ss_label: " << ss_label.get());
556 ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
557 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
560 // NOSMACK version of the test above
561 RUNNER_CHILD_TEST_NOSMACK(tc_unit_09_01_cookie_API_access_allow_nosmack)
563 add_process_group(PROC_AUDIO_GROUP_NAME);
565 // drop root privileges
566 int ret = drop_root_privileges();
567 RUNNER_ASSERT_MSG_BT(ret == 0,
568 "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
570 Cookie cookie = getCookieFromSS();
572 ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
573 RUNNER_ASSERT_MSG_BT(ret > -1, "Failed to get \"" << PROC_AUDIO_GROUP_NAME
574 << "\" gid. Result: " << ret);
576 ret = security_server_check_privilege(cookie.data(), ret);
577 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
578 "check_privilege failed. Result: " << ret);
580 ret = security_server_get_gid(ROOT_USER);
581 RUNNER_ASSERT_MSG_BT(ret > -1, "Failed to get \"root\" gid. Result: " << ret);
583 ret = security_server_get_cookie_pid(cookie.data());
584 RUNNER_ASSERT_MSG_BT(ret == getpid(),
585 "get_cookie_pid returned different pid than it should. Result: " << ret);
587 UniquePtrCstring ss_label(security_server_get_smacklabel_cookie(cookie.data()), free);
588 RUNNER_ASSERT_MSG_BT(ss_label.get() != NULL, "get_smacklabel_cookie failed.");
590 ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
591 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
592 "check_privilege_by_pid failed. Result: " << ret);