tests/security-server-tests/server.cpp

   1 /*
   2  * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
   3  */
   4 /*
   5  * @file    security_server_tests_server.cpp
   6  * @author  Bumjin Im (bj.im@samsung.com)
   7  * @author  Mariusz Domanski (m.domanski@samsung.com)
   8  * @version 1.0
   9  * @brief   Test cases for security server
  10  */
  11
  12 #include <stdio.h>
  13 #include <errno.h>
  14 #include <stdlib.h>
  15 #include <sys/types.h>
  16 #include <sys/param.h>
  17 #include <fcntl.h>
  18 #include <sys/un.h>
  19 #include <unistd.h>
  20 #include <poll.h>
  21 #include <sys/socket.h>
  22 #include <sys/stat.h>
  23 #include <sys/smack.h>
  24 #include <sys/wait.h>
  25 #include <grp.h>
  26 #include "security-server.h"
  27 #include "security_server_clean_env.h"
  28 #include <dpl/test/test_runner.h>
  29 #include <dpl/test/test_runner_child.h>
  30 #include <dlog.h>
  31 #include <privilege-control.h>
  32 #include <ftw.h>
  33 #include "security_server_tests_common.h"
  34 #include "tests_common.h"
  35 #include <smack_access.h>
  36 #include <access_provider.h>
  37 #include <summary_collector.h>
  38
  39 const char *TEST03_SUBJECT = "subject_0f09f7cc";
  40 const char *TEST04_SUBJECT = "subject_57dfbfc5";
  41 const char *TEST05_SUBJECT = "subject_1d6eda7d";
  42 const char *TEST06_SUBJECT = "subject_1d414140";
  43 const char *TEST07_SUBJECT = "subject_cd738844";
  44 const char *TEST08_SUBJECT = "subject_fd84ba7f";
  45 const char *TEST09_SUBJECT = "subject_sstest09";
  46 const char *TEST10_SUBJECT = "subject_sstest10";
  47 const char *TEST11_SUBJECT = "subject_sstest11";
  48 const char *TEST12_SUBJECT = "subject_sstest12";
  49
  50 const char *API_PASSWD_SET    = "security-server::api-password-set";
  51 const char *API_PASSWD_CHECK  = "security-server::api-password-check";
  52 const char *API_PASSWD_RESET  = "security-server::api-password-reset";
  53 const char *API_RULE_REQUIRED = "w";
  54 const char *PROC_AUDIO_GROUP_NAME = "audio";
  55
  56 int clear_password(char ** /*error*/)
  57 {
  58     int ret = -1;
  59     unsigned int attempt, max_attempt, expire_sec;
  60     const char *subject_allow = "subject_allow";
  61     struct smack_accesses *handle = NULL;
  62
  63     if (getuid() == 0) {
  64         reset_security_server();
  65
  66         ret = smack_accesses_new(&handle);
  67         RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
  68
  69         /* our subject 'subject_allow' has access to security-server::api-password-check */
  70         ret = smack_accesses_add(handle, subject_allow, API_PASSWD_CHECK, API_RULE_REQUIRED);
  71         RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
  72
  73         ret = smack_accesses_apply(handle);
  74         RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
  75
  76         ret = smack_set_label_for_self(subject_allow);
  77         RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
  78
  79         smack_accesses_free(handle);
  80
  81         attempt = max_attempt = expire_sec = UINT_MAX;
  82         ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
  83
  84         RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
  85         RUNNER_ASSERT_BT(expire_sec == 0);
  86         RUNNER_ASSERT_BT(max_attempt == 0);
  87         RUNNER_ASSERT_BT(attempt == 0);
  88
  89         /* we revoke all rules for subject 'subject_allow' */
  90         ret = smack_revoke_subject(subject_allow);
  91         RUNNER_ASSERT_MSG_BT(ret == 0, "Revoking subject didn't work.");
  92
  93         sleep(1);
  94
  95         return 0;
  96     }
  97     return -1;
  98 }
  99
 100 /*
 101  * Add a new group to the current process groups.
 102  */
 103 void add_process_group(const char* group_name)
 104 {
 105     // get group ID by gtoup name
 106     group *gr = getgrnam(group_name);
 107     RUNNER_ASSERT_MSG_BT(gr != NULL, "Group '" << group_name << "' does not exist.");
 108     const gid_t new_group_id = gr->gr_gid;
 109
 110     // get number of groups that the current process belongs to
 111     int ngroups = getgroups(0, NULL);
 112
 113     //allocate groups table + space for new group entry
 114     std::vector<gid_t> groups(ngroups + 1);
 115     getgroups(ngroups, groups.data());
 116
 117     // check if the process already belongs to the group
 118     for (int i = 0; i < ngroups; ++i)
 119         if (groups[i] == new_group_id)
 120             return;
 121
 122     // add new group & apply change
 123     groups[ngroups] = new_group_id;
 124     int ret = setgroups(ngroups + 1, groups.data());
 125     RUNNER_ASSERT_MSG_BT(ret == 0, "setgroups failed. ret = " << ret);
 126 }
 127
 128 /*
 129  * Remove specific group from the current process groups.
 130  */
 131 void remove_process_group(const char* group_name)
 132 {
 133     // get group ID by gtoup name
 134     group *gr = getgrnam(group_name);
 135     RUNNER_ASSERT_MSG_BT(gr != NULL, "Group '" << group_name << "' does not exist.");
 136     const gid_t new_group_id = gr->gr_gid;
 137
 138     // get number of groups that the current process belongs to
 139     int ngroups = getgroups(0, NULL);
 140
 141     //allocate groups table + space for new group entry
 142     std::vector<gid_t> groups(ngroups);
 143     getgroups(ngroups, groups.data());
 144
 145     // check if the process already belongs to the group
 146     for (int i = 0; i < ngroups; ++i)
 147         if (groups[i] == new_group_id) {
 148             groups[i] = groups[ngroups-1]; // replace with last
 149
 150             // apply change
 151             int ret = setgroups(ngroups - 1, groups.data());
 152             RUNNER_ASSERT_MSG_BT(ret == 0, "setgroups failed. ret = " << ret);
 153             return;
 154         }
 155 }
 156
 157 RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_SERVER);
 158
 159 RUNNER_TEST(tc_security_server_get_gid_normal_case_trying_to_get_gid_of_tel_gprs)
 160 {
 161     RUNNER_ASSERT_BT(security_server_get_gid("tel_gprs") >= 0);
 162 }
 163
 164 RUNNER_TEST(tc_security_server_get_gid_empty_object_name)
 165 {
 166     RUNNER_ASSERT_BT(security_server_get_gid("") == SECURITY_SERVER_API_ERROR_INPUT_PARAM);
 167 }
 168
 169 RUNNER_TEST(tc_security_server_get_gid_wrong_object_name_teltel)
 170 {
 171     RUNNER_ASSERT_BT(security_server_get_gid("teltel") == SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT);
 172 }
 173
 174 //RUNNER_CHILD_TEST(tc_cookie_check_groups_privilege_negative)
 175 //{
 176 //    remove_process_group(PROC_AUDIO_GROUP_NAME);
 177 //
 178 //    RUNNER_ASSERT_BT(security_server_request_cookie((char*)cookie, COOKIE_SIZE) ==
 179 //                                                 SECURITY_SERVER_API_SUCCESS);
 180 //    ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
 181 //    ret = security_server_check_privilege((char*) cookie, ret);
 182 //    RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 183 //}
 184 //
 185 //RUNNER_CHILD_TEST(tc_cookie_check_groups_privilege_positive)
 186 //{
 187 //    add_process_group(PROC_AUDIO_GROUP_NAME);
 188 //
 189 //    RUNNER_ASSERT_BT(security_server_request_cookie((char*)cookie, COOKIE_SIZE) ==
 190 //                                                 SECURITY_SERVER_API_SUCCESS);
 191 //    ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
 192 //    ret = security_server_check_privilege((char*) cookie, ret);
 193 //    RUNNER_ASSERT_BT(ret == SECURITY_SERVER_API_SUCCESS);
 194 //}
 195
 196 //RUNNER_TEST(tc_ask_for_privilege_with_default_cookie_case_with_wrong_cookie)
 197 //{
 198 //    ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
 199 //    srand(time(NULL));
 200 //    for (i = 0; i < COOKIE_SIZE; i++)
 201 //        wrong_cookie[i] = rand() % 255;
 202 //    ret = security_server_check_privilege((const char*) wrong_cookie, ret);
 203 //    RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 204 //}
 205 //
 206
 207 //RUNNER_TEST(tc_fake_security_server_get_gid)
 208 //{
 209 //    /* Close socket just after sending request msg.
 210 //     * This is done with fake security_server_get_gid()*/
 211 //
 212 //    ret = fake_get_gid(PROC_AUDIO_GROUP_NAME);
 213 //    RUNNER_IGNORED_MSG("Watch whether security server has crashed or not.");
 214 //}
 215
 216 RUNNER_TEST(tc_ask_for_privilege_with_default_cookie_case_with_wrong_cookie)
 217 {
 218     const char wrong_cookie[20] = {'w','a','t','?'};
 219     int audioGID = security_server_get_gid("audio");
 220     RUNNER_ASSERT_BT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED
 221         == security_server_check_privilege((const char*) wrong_cookie, audioGID));
 222 }
 223
 224 RUNNER_TEST(tc_get_pid_of_non_existing_cookie)
 225 {
 226     const char wrong_cookie[20] = {'w', 'a', 't', '?'};
 227     RUNNER_ASSERT_BT(security_server_get_cookie_pid(wrong_cookie) == SECURITY_SERVER_API_ERROR_NO_SUCH_COOKIE);
 228 }
 229
 230 RUNNER_TEST(tc_get_pid_of_null_cookie)
 231 {
 232     RUNNER_ASSERT_BT(security_server_get_cookie_pid(NULL) == SECURITY_SERVER_API_ERROR_INPUT_PARAM);
 233 }
 234
 235 RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
 236 {
 237     const char *subject = "abc345v34sfa";
 238     const char *object = "efg678x2lkjz";
 239     const char *server_api = "security-server::api-data-share";
 240
 241     SmackAccess smack;
 242     smack.add(subject, object, "-----", TRACE_FROM_HERE);
 243     smack.add(object,  server_api, "rw", TRACE_FROM_HERE);
 244     smack.apply(TRACE_FROM_HERE);
 245
 246     smack_set_label_for_self(object);
 247
 248     RUNNER_ASSERT_MSG_BT(drop_root_privileges() == 0, "uid = " << getuid());
 249
 250     security_server_app_give_access(subject, getpid());
 251
 252     RUNNER_ASSERT_BT(1 == smack_have_access(subject, object, "rwxat"));
 253 }
 254
 255 /*
 256  * Currently we are NOT revoking any permissions given by
 257  * security_server_app_give_access function
 258  */
 259 /*RUNNER_TEST(tc01b_security_server_app_give_access)
 260 {
 261     const char *subject = "abc345v34sfa";
 262     const char *object = "efg678x2lkjz";
 263
 264     // After part A thread from security-server will be notified about
 265     // process end and revoke permissions. We need to give him some
 266     // time.
 267     sleep(1);
 268
 269     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "r----"));
 270     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "-w---"));
 271     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "--x--"));
 272     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "---a-"));
 273     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "----t"));
 274 }*/
 275
 276 RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
 277 {
 278     const char *subject = "xxx45v34sfa";
 279     const char *object = "yyy78x2lkjz";
 280
 281     SmackAccess smack;
 282     smack.add(subject, object, "-----", TRACE_FROM_HERE);
 283     smack.apply(TRACE_FROM_HERE);
 284
 285     RUNNER_ASSERT_MSG_BT(0 == smack_set_label_for_self(object), "Error in smack_label_for_self");
 286
 287     RUNNER_ASSERT_MSG_BT(drop_root_privileges() == 0, "uid = " << getuid());
 288
 289     RUNNER_ASSERT_BT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == security_server_app_give_access(subject, getpid()));
 290
 291     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "r"));
 292 }
 293
 294 RUNNER_TEST_SMACK(tc02_check_privilege_by_pid)
 295 {
 296     int ret;
 297     int pid;
 298
 299     pid = getpid();
 300
 301     //we checking existing rule, it should return positive
 302     ret = security_server_check_privilege_by_pid(pid, "_", "rx");
 303     RUNNER_ASSERT_BT(ret == SECURITY_SERVER_API_SUCCESS);
 304
 305     //we checking rule with label that not exist
 306     ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
 307     RUNNER_ASSERT_BT(ret != SECURITY_SERVER_API_SUCCESS);
 308 }
 309
 310 RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
 311 {
 312     int ret = -1;
 313     unsigned int attempt, max_attempt, expire_sec;
 314     char *str = (char*) malloc(256);
 315
 316     attempt = max_attempt = expire_sec = 0;
 317
 318     ret = clear_password(&str);
 319     RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << str);
 320
 321     SecurityServer::AccessProvider provider(TEST03_SUBJECT);
 322     provider.allowAPI(API_PASSWD_CHECK, API_RULE_REQUIRED, TRACE_FROM_HERE);
 323     provider.allowAPI(API_PASSWD_SET,   API_RULE_REQUIRED, TRACE_FROM_HERE);
 324     provider.allowAPI(API_PASSWD_RESET, API_RULE_REQUIRED, TRACE_FROM_HERE);
 325     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 326
 327     ret = security_server_set_pwd_validity(10);
 328     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
 329
 330     ret = security_server_set_pwd_max_challenge(5);
 331     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
 332
 333     ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 334     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
 335
 336     sleep(1);
 337     ret = security_server_set_pwd(NULL, "12345", 0, 0);
 338     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 339
 340     sleep(1);
 341     ret = security_server_reset_pwd("12345",0, 0);
 342     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 343
 344     sleep(1);
 345     ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
 346     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 347
 348     sleep(1);
 349     ret = security_server_set_pwd_history(10);
 350     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 351 }
 352
 353 RUNNER_CHILD_TEST(tc04_check_API_passwd_denied)
 354 {
 355     int ret = -1;
 356     unsigned int attempt, max_attempt, expire_sec;
 357
 358     attempt = max_attempt = expire_sec = 0;
 359
 360     SecurityServer::AccessProvider privider(TEST04_SUBJECT);
 361     privider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 362
 363     /*
 364      * now SS should return error
 365      * at the moment SS doesn't check return code from
 366      * authorize_SS_API_caller_socket() so it should give access
 367      * you can check in logs if it's working properly
 368      * has access result = 1
 369      * no access result = 0
 370      * D/SECURITY_SERVER( 2510): security-server-main.c: authorize_SS_API_caller_socket(205) >
 371      *                          [SECURE_LOG] SS_SMACK: caller_pid=5278, subject=subject_allow,
 372      *                          object=security-server::api-password-check, access=w, result=1,
 373      *                          caller_path=/usr/bin/security-server-tests-server
 374      * E/SECURITY_SERVER( 2510): security-server-main.c: authorize_SS_API_caller_socket(207) >
 375      *                          [SECURE_LOG] SS_SMACK: caller_pid=5278, subject=subject_allow,
 376      *                          object=security-server::api-password-check, access=w, result=0,
 377      *                          caller_path=/usr/bin/security-server-tests-server
 378      */
 379
 380     ret = security_server_set_pwd_validity(10);
 381     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 382
 383     ret = security_server_set_pwd_max_challenge(5);
 384     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 385
 386     ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 387     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 388
 389     sleep(1);
 390     ret = security_server_set_pwd("12345", "12346", 0, 0);
 391     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 392
 393     sleep(1);
 394     ret = security_server_reset_pwd("12346",0, 0);
 395     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 396
 397     sleep(1);
 398     ret = security_server_chk_pwd("12346", &attempt, &max_attempt, &expire_sec);
 399     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 400
 401     sleep(1);
 402     ret = security_server_set_pwd_history(10);
 403     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 404 }
 405
 406 RUNNER_CHILD_TEST_SMACK(tc05_check_API_middleware_allow)
 407 {
 408     int ret = -1;
 409     size_t cookie_size = security_server_get_cookie_size();
 410     char cookie[20];
 411     char *ss_label = NULL;
 412
 413     add_process_group(PROC_AUDIO_GROUP_NAME);
 414
 415     SecurityServer::AccessProvider provider(TEST05_SUBJECT);
 416     provider.allowFunction("security_server_get_gid", TRACE_FROM_HERE);
 417     provider.allowFunction("security_server_request_cookie", TRACE_FROM_HERE);
 418     provider.allowFunction("security_server_check_privilege", TRACE_FROM_HERE);
 419     provider.allowFunction("security_server_get_cookie_pid", TRACE_FROM_HERE);
 420     provider.allowFunction("security_server_get_smacklabel_cookie", TRACE_FROM_HERE);
 421     provider.allowFunction("security_server_check_privilege_by_pid", TRACE_FROM_HERE);
 422     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 423
 424     ret = security_server_request_cookie(cookie, cookie_size);
 425     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 426
 427     ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
 428     ret = security_server_check_privilege(cookie, ret);
 429     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 430
 431     ret = security_server_get_gid("root");
 432     RUNNER_ASSERT_MSG_BT(ret > -1, "ret: " << ret);
 433
 434     ret = security_server_get_cookie_pid(cookie);
 435     RUNNER_ASSERT_MSG_BT(ret == getpid(), "ret: " << ret);
 436
 437     ss_label = security_server_get_smacklabel_cookie(cookie);
 438     RUNNER_ASSERT_MSG_BT(ss_label != NULL, "ret: " << ss_label);
 439
 440     ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
 441     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 442 }
 443
 444 RUNNER_CHILD_TEST(tc06_check_API_middleware_denied)
 445 {
 446     int ret = -1;
 447     size_t cookie_size = security_server_get_cookie_size();
 448     char cookie[20];
 449     char *ss_label = NULL;
 450
 451     SecurityServer::AccessProvider provider(TEST06_SUBJECT);
 452     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 453
 454     ret = security_server_request_cookie(cookie, cookie_size);
 455     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 456
 457     ret = security_server_check_privilege(cookie, DB_ALARM_GID);
 458     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 459
 460     ret = security_server_get_gid("root");
 461     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 462
 463     ret = security_server_get_cookie_pid(cookie);
 464     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 465
 466     ss_label = security_server_get_smacklabel_cookie(cookie);
 467     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 468
 469     ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
 470     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 471 }
 472
 473 RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
 474 {
 475     SecurityServer::AccessProvider provider(TEST07_SUBJECT);
 476     provider.allowFunction("security_server_app_give_access", TRACE_FROM_HERE);
 477     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 478
 479     int ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
 480     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 481 }
 482
 483 RUNNER_CHILD_TEST_SMACK(tc08_check_API_data_share_denied)
 484 {
 485     SecurityServer::AccessProvider provider(TEST08_SUBJECT);
 486     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 487
 488     int ret = security_server_app_give_access(TEST08_SUBJECT, getpid());
 489     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
 490 }
 491
 492 RUNNER_CHILD_TEST(tc09_check_API_app_enable_permissions)
 493 {
 494     int ret;
 495     const char *perm_list[] = {"org.tizen.privilege.contact.read",
 496                                "org.tizen.privilege.contact.write",
 497                                 NULL};
 498     int persistent = 1;
 499
 500     // need to install WGT once again, in case it was removed before
 501     DB_BEGIN
 502     ret = perm_app_uninstall(WGT_APP_ID);
 503     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot uninstall WGT_APP_ID, ret: " << ret);
 504     ret = perm_app_install(WGT_APP_ID);
 505     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot install WGT_APP_ID, ret: " << ret);
 506     DB_END
 507
 508     // enable permission
 509     ret = security_server_app_enable_permissions(WGT_APP_ID, APP_TYPE_WGT, perm_list, persistent);
 510     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 511
 512     SecurityServer::AccessProvider provider(TEST09_SUBJECT);
 513     provider.allowFunction("security_server_app_has_privilege", TRACE_FROM_HERE);
 514     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 515
 516     // Check if permissions are given
 517     check_app_has_privilege(WGT_APP_ID, APP_TYPE_WGT, perm_list, true);
 518 }
 519
 520 RUNNER_CHILD_TEST(tc10_check_API_app_disable_permissions)
 521 {
 522     int ret;
 523     const char *perm_list[] = {"org.tizen.privilege.contact.read",
 524                                "org.tizen.privilege.contact.write",
 525                                 NULL};
 526
 527     // need to install WGT once again, in case it was removed before
 528     DB_BEGIN
 529     ret = perm_app_uninstall(WGT_APP_ID);
 530     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot uninstall WGT_APP_ID, ret: " << ret);
 531     ret = perm_app_install(WGT_APP_ID);
 532     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot install WGT_APP_ID, ret: " << ret);
 533     DB_END
 534
 535     // disable permission
 536     ret = security_server_app_disable_permissions(WGT_APP_ID, APP_TYPE_WGT, perm_list);
 537     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 538
 539     SecurityServer::AccessProvider provider(TEST10_SUBJECT);
 540     provider.allowFunction("security_server_app_has_privilege", TRACE_FROM_HERE);
 541     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 542
 543     // Check if permissions are disabled
 544     check_app_has_privilege(WGT_APP_ID, APP_TYPE_WGT, perm_list, false);
 545 }
 546
 547 RUNNER_TEST(tc11_security_server_app_has_privilege)
 548 {
 549     int ret;
 550     const char *perm_list_pers[] = {"org.tizen.privilege.contact.read",
 551                                     "org.tizen.privilege.contact.write",
 552                                     NULL};
 553     const char *perm_list_temp[] = {"org.tizen.privilege.calendar.read",
 554                                     "org.tizen.privilege.calendar.write",
 555                                     NULL};
 556     const char *perm_list_disabled[] = {"org.tizen.privilege.alarm",
 557                                         NULL};
 558     DB_BEGIN
 559     ret = perm_app_uninstall(TEST11_SUBJECT);
 560     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot uninstall TEST11_SUBJECT, ret: " << ret);
 561     ret = perm_app_install(TEST11_SUBJECT);
 562     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot install TEST11_SUBJECT, ret: " << ret);
 563     DB_END
 564
 565     // enable permission
 566     ret = security_server_app_enable_permissions(TEST11_SUBJECT, APP_TYPE_WGT, perm_list_pers, 1);
 567     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 568     ret = security_server_app_enable_permissions(TEST11_SUBJECT, APP_TYPE_WGT, perm_list_temp, 0);
 569     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 570
 571     // Check if permissions are given using API with app_label parameter
 572     check_app_has_privilege(TEST11_SUBJECT, APP_TYPE_WGT, perm_list_pers, true);
 573     check_app_has_privilege(TEST11_SUBJECT, APP_TYPE_WGT, perm_list_temp, true);
 574     check_app_has_privilege(TEST11_SUBJECT, APP_TYPE_WGT, perm_list_disabled, false);
 575 }
 576
 577 RUNNER_CHILD_TEST(tc12_security_server_app_caller_has_privilege)
 578 {
 579     int ret;
 580     const char *perm_list_pers[] = {"org.tizen.privilege.contact.read",
 581                                     "org.tizen.privilege.contact.write",
 582                                     NULL};
 583     const char *perm_list_temp[] = {"org.tizen.privilege.calendar.read",
 584                                     "org.tizen.privilege.calendar.write",
 585                                     NULL};
 586     const char *perm_list_disabled[] = {"org.tizen.privilege.alarm",
 587                                         NULL};
 588
 589     DB_BEGIN
 590     ret = perm_app_uninstall(TEST11_SUBJECT);
 591     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot uninstall TEST11_SUBJECT, ret: " << ret);
 592     ret = perm_app_install(TEST11_SUBJECT);
 593     RUNNER_ASSERT_MSG_BT(ret == PC_OPERATION_SUCCESS, "Cannot install TEST11_SUBJECT, ret: " << ret);
 594     DB_END
 595
 596     // enable permission
 597     ret = security_server_app_enable_permissions(TEST11_SUBJECT, APP_TYPE_WGT, perm_list_pers, 1);
 598     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 599     ret = security_server_app_enable_permissions(TEST11_SUBJECT, APP_TYPE_WGT, perm_list_temp, 0);
 600     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 601
 602     SecurityServer::AccessProvider provider(TEST11_SUBJECT);
 603     provider.allowFunction("security_server_app_caller_has_privilege", TRACE_FROM_HERE);
 604     provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE);
 605
 606     // Check if permissions are given using "caller" API
 607     check_app_caller_has_privilege(APP_TYPE_WGT, perm_list_pers, true);
 608     check_app_caller_has_privilege(APP_TYPE_WGT, perm_list_temp, true);
 609     check_app_caller_has_privilege(APP_TYPE_WGT, perm_list_disabled, false);
 610 }
 611
 612 RUNNER_CHILD_TEST(tc13_check_API_app_has_privilege_denied)
 613 {
 614     int ret;
 615     const char *perm_list[] = {"org.tizen.privilege.contact.read",
 616                                "org.tizen.privilege.contact.write",
 617                                 NULL};
 618
 619     // set smack label without previously assigned permissions to api socket
 620     ret = smack_set_label_for_self(TEST12_SUBJECT);
 621     RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
 622
 623     // drop root privileges
 624     RUNNER_ASSERT_MSG_BT(drop_root_privileges() == 0, "uid = " << getuid());
 625
 626     // call common function to perform the check
 627     check_app_caller_has_privilege_denied(APP_TYPE_WGT, perm_list);
 628
 629     // call also second common function
 630     check_app_has_privilege_denied(TEST12_SUBJECT, APP_TYPE_WGT, perm_list);
 631 }
 632
 633 //////////////////////////////////////////
 634 /////////NOSMACK ENV TESTS////////////////
 635 //////////////////////////////////////////
 636
 637 /**
 638  * NOSMACK version of tc01a and tc01c tests.
 639  *
 640  * SMACK is turned off - that means for us, that we don't need any accesses added to our process
 641  * in SMACK before dropping root privileges. This test drops root privileges, calls
 642  * security_server_app_give_access and then checks if smack_have_access returns error (because
 643  * SMACK is off).
 644  *
 645  * security_server_app_give_access shouldn't return anything else than success when SMACK is off,
 646  * hence there is only one test that replaces tests tc01a and tc01c.
 647  */
 648 RUNNER_CHILD_TEST_NOSMACK(tc01_security_server_app_give_access_nosmack)
 649 {
 650     const char* subject = "abc345v34sfa";
 651     const char* object = "efg678x2lkjz";
 652     int result = 0;
 653
 654     result = drop_root_privileges();
 655     RUNNER_ASSERT_MSG_BT(result == 0,
 656             "Failed to drop root privileges. Result: " << result << "uid = " << getuid());
 657
 658     result = security_server_app_give_access(subject, getpid());
 659     RUNNER_ASSERT_MSG_BT(result == SECURITY_SERVER_API_SUCCESS,
 660             "Error in security_server_app_give_access. Result: " << result);
 661
 662     result = smack_have_access(subject, object, "rwxat");
 663     RUNNER_ASSERT_MSG_BT(result == -1,
 664             "smack_have_access should return error when SMACK is off. Result: " << result);
 665 }
 666
 667 /**
 668  * NOSMACK version of tc02 test.
 669  *
 670  * check_privilege_by_pid should always return success when SMACK is off, no matter if label is
 671  * real or not.
 672  */
 673 RUNNER_TEST_NOSMACK(tc02_check_privilege_by_pid_nosmack)
 674 {
 675     int ret;
 676     int pid;
 677
 678     pid = getpid();
 679
 680     //we checking existing rule, it should return positive
 681     ret = security_server_check_privilege_by_pid(pid, "_", "rx");
 682     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 683             "check_privilege_by_pid for existing label failed. Result: " << ret);
 684
 685     //we checking rule with label that not exist
 686     ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
 687     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 688             "check_privilege_by_pid for nonexisting label failed. Result: " << ret);
 689 }
 690
 691 /**
 692  * NOSMACK version of clear_password function.
 693  *
 694  * Compared to SMACK version of this function, this one skips adding rules and setting label.
 695  */
 696 int clear_password_nosmack()
 697 {
 698     int ret = -1;
 699     unsigned int attempt, max_attempt, expire_sec;
 700
 701     if (getuid() == 0) {
 702         reset_security_server();
 703
 704         attempt = max_attempt = expire_sec = UINT_MAX;
 705         ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 706
 707         RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 708                 "is_pwd_faild should return no password error. Result: " << ret);
 709         RUNNER_ASSERT_MSG_BT(expire_sec == 0, "expire_sec = " << expire_sec << ", should be 0.");
 710         RUNNER_ASSERT_MSG_BT(max_attempt == 0, "max_attempt = " << max_attempt << ", should be 0.");
 711         RUNNER_ASSERT_MSG_BT(attempt == 0, "attempt = " << attempt << ", should be 0.");
 712
 713         sleep(1);
 714
 715         return 0;
 716     }
 717     return -1;
 718 }
 719
 720 /**
 721  * NOSMACK version of tc03 test.
 722  *
 723  * Just as tc01a/tc01c NOSMACK replacement, we don't need to do anything with SMACK because most
 724  * important functions will return errors (that is smack_accesses_apply/smack_have_access etc.).
 725  * First clear password, then drop privileges and proceed to regular testing.
 726  */
 727
 728 RUNNER_CHILD_TEST_NOSMACK(tc03_check_API_passwd_allow_nosmack)
 729 {
 730     int ret = -1;
 731     unsigned int attempt, max_attempt, expire_sec;
 732
 733     attempt = max_attempt = expire_sec = 0;
 734
 735     clear_password_nosmack();
 736
 737     // drop root privileges
 738     ret = drop_root_privileges();
 739     RUNNER_ASSERT_MSG_BT(ret == 0,
 740             "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
 741
 742     ret = security_server_set_pwd_validity(10);
 743     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 744             "set_pwd_validity should return no password error. Result: " << ret);
 745
 746     ret = security_server_set_pwd_max_challenge(5);
 747     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 748             "set_pwd_max_challenge should return no password error. Result: " << ret);
 749
 750     ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 751     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 752             "is_pwd_valid should return no password error. Result: " << ret);
 753
 754     sleep(1);
 755     ret = security_server_set_pwd(NULL, "12345", 0, 0);
 756     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 757             "set_pwd failed. Result: " << ret);
 758
 759     sleep(1);
 760     ret = security_server_reset_pwd("12345",0, 0);
 761     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 762             "reset_pwd failed. Result: " << ret);
 763
 764     sleep(1);
 765     ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
 766     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 767             "chk_pwd failed. Result: " << ret);
 768
 769     sleep(1);
 770     ret = security_server_set_pwd_history(10);
 771     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 772             "set_pwd_history failed. Result: " << ret);
 773 }
 774
 775 /**
 776  * NOSMACK version of tc05 test.
 777  *
 778  * This test assumes similar information as previous NOSMACK tests. SMACK off = no need to
 779  * set accesses and apply them in SMACK before dropping privileges.
 780  */
 781
 782 RUNNER_CHILD_TEST_NOSMACK(tc05_check_API_middleware_allow_nosmack)
 783 {
 784     int ret = -1;
 785     size_t cookie_size = security_server_get_cookie_size();
 786     char cookie[20];
 787     char* ss_label = NULL;
 788
 789     add_process_group(PROC_AUDIO_GROUP_NAME);
 790
 791     // drop root privileges
 792     ret = drop_root_privileges();
 793     RUNNER_ASSERT_MSG_BT(ret == 0,
 794             "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
 795
 796     ret = security_server_request_cookie(cookie, cookie_size);
 797     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 798             "request_cookie failed. Result: " << ret);
 799
 800     ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
 801     RUNNER_ASSERT_MSG_BT(ret > -1, "Failed to get \"" << PROC_AUDIO_GROUP_NAME << "\" gid. Result: "
 802                       << ret);
 803
 804     ret = security_server_check_privilege(cookie, ret);
 805     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 806             "check_privilege failed. Result: " << ret);
 807
 808     ret = security_server_get_gid("root");
 809     RUNNER_ASSERT_MSG_BT(ret > -1,
 810             "Failed to get \"root\" gid. Result: " << ret);
 811
 812     ret = security_server_get_cookie_pid(cookie);
 813     RUNNER_ASSERT_MSG_BT(ret == getpid(),
 814             "get_cookie_pid returned different pid than it should. Result: " << ret);
 815
 816     ss_label = security_server_get_smacklabel_cookie(cookie);
 817     RUNNER_ASSERT_MSG_BT(ss_label != NULL, "get_smacklabel_cookie failed.");
 818
 819     ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
 820     if(ret != SECURITY_SERVER_API_SUCCESS) {
 821         free(ss_label);
 822         RUNNER_ASSERT_MSG_BT(false, "check_privilege_by_pid failed. Result: " << ret);
 823     }
 824 }
 825
 826 /**
 827  * NOSMACK version of tc07 test.
 828  *
 829  * Similarily to previous tests - no need to set self label because SMACK is off. Just as
 830  * tc01a/tc01c replacement, security_server_app_give_access should return only success. Hence the
 831  * NOSMACK version of tc08 test is skipped.
 832  */
 833 RUNNER_CHILD_TEST_NOSMACK(tc07_check_API_data_share_allow_nosmack)
 834 {
 835     int ret = -1;
 836
 837     // drop root privileges
 838     ret = drop_root_privileges();
 839     RUNNER_ASSERT_MSG_BT(ret == 0,
 840             "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
 841
 842     ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
 843     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 844             "app_give_access failed. Result: " << ret);
 845 }
 846
 847 int main(int argc, char *argv[]) {
 848     if (0 != getuid()) {
 849         printf("Error: %s must be executed by root\n", argv[0]);
 850         exit(1);
 851     }
 852     SummaryCollector::Register();
 853     return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
 854 }