tests/security-server-tests/server.cpp

   1 /*
   2  * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
   3  */
   4 /*
   5  * @file    security_server_tests_server.cpp
   6  * @author  Bumjin Im (bj.im@samsung.com)
   7  * @author  Mariusz Domanski (m.domanski@samsung.com)
   8  * @version 1.0
   9  * @brief   Test cases for security server
  10  */
  11
  12 #include <stdio.h>
  13 #include <errno.h>
  14 #include <stdlib.h>
  15 #include <sys/types.h>
  16 #include <sys/param.h>
  17 #include <fcntl.h>
  18 #include <sys/un.h>
  19 #include <unistd.h>
  20 #include <poll.h>
  21 #include <sys/socket.h>
  22 #include <sys/stat.h>
  23 #include <sys/smack.h>
  24 #include <sys/wait.h>
  25 #include "security-server.h"
  26 #include "security_server_clean_env.h"
  27 #include <dpl/test/test_runner.h>
  28 #include <dpl/test/test_runner_child.h>
  29 #include <dlog.h>
  30 #include <privilege-control.h>
  31 #include <ftw.h>
  32 #include "security_server_tests_common.h"
  33 #include "tests_common.h"
  34 #include <smack_access.h>
  35 #include <access_provider.h>
  36 #include <summary_collector.h>
  37
  38 const char *TEST03_SUBJECT = "subject_0f09f7cc";
  39 const char *TEST04_SUBJECT = "subject_57dfbfc5";
  40 const char *TEST07_SUBJECT = "subject_cd738844";
  41 const char *TEST08_SUBJECT = "subject_fd84ba7f";
  42
  43 void clear_password()
  44 {
  45     int ret = -1;
  46     unsigned int attempt, max_attempt, expire_sec;
  47
  48     reset_security_server();
  49
  50     attempt = max_attempt = expire_sec = UINT_MAX;
  51     ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
  52
  53     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
  54     RUNNER_ASSERT_BT(expire_sec == 0);
  55     RUNNER_ASSERT_BT(max_attempt == 0);
  56     RUNNER_ASSERT_BT(attempt == 0);
  57
  58     sleep(1);
  59 }
  60
  61 void check_API_passwd(bool smack) {
  62     int ret = -1;
  63     int err, err_is_pwd_valid;
  64     unsigned int attempt, max_attempt, expire_sec;
  65
  66     err = smack ? SECURITY_SERVER_API_ERROR_ACCESS_DENIED : SECURITY_SERVER_API_SUCCESS;
  67     err_is_pwd_valid = smack ? SECURITY_SERVER_API_ERROR_ACCESS_DENIED : SECURITY_SERVER_API_ERROR_PASSWORD_EXIST;
  68     attempt = max_attempt = expire_sec = 0;
  69
  70     if (smack) {
  71         SecurityServer::AccessProvider privider(TEST04_SUBJECT);
  72         privider.applyAndSwithToUser(APP_UID, APP_GID);
  73     } else {
  74         RUNNER_ASSERT_MSG_BT((ret = drop_root_privileges()) == 0,
  75                 "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
  76     }
  77
  78     ret = security_server_set_pwd_validity(APP_UID);
  79     RUNNER_ASSERT_MSG_BT(ret == err,
  80             "security_server_set_pwd_validity has failed,"
  81             " ret: " << ret);
  82
  83     ret = security_server_set_pwd_max_challenge(5);
  84     RUNNER_ASSERT_MSG_BT(ret == err,
  85             "security_server_set_pwd_max_challenge has failed,"
  86             " ret: " << ret);
  87
  88     ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
  89     RUNNER_ASSERT_MSG_BT(ret == err_is_pwd_valid,
  90             "security_server_is_pwd_valid should return password exist,"
  91             " ret: " << ret);
  92
  93     usleep(PASSWORD_RETRY_TIMEOUT_US);
  94     ret = security_server_set_pwd("12345", "12346", 0, 0);
  95     RUNNER_ASSERT_MSG_BT(ret == err,
  96             "security_server_set_pwd has failed, ret: " << ret);
  97
  98     ret = security_server_reset_pwd("12346",0, 0);
  99     RUNNER_ASSERT_MSG_BT(ret == err,
 100             "security_server_reset_pwd has failed, ret: " << ret);
 101     usleep(PASSWORD_RETRY_TIMEOUT_US);
 102     ret = security_server_chk_pwd("12346", &attempt, &max_attempt, &expire_sec);
 103     RUNNER_ASSERT_MSG_BT(ret == err,
 104             "security_server_chk_pwd has failed, ret: " << ret);
 105
 106     ret = security_server_set_pwd_history(10);
 107     RUNNER_ASSERT_MSG_BT(ret == err,
 108             "security_server_set_pwd_history has failed, ret: " << ret);
 109 }
 110
 111 RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_SERVER);
 112
 113 RUNNER_TEST(tc_security_server_get_gid_normal_case_trying_to_get_gid_of_tel_gprs)
 114 {
 115     RUNNER_ASSERT_BT(security_server_get_gid("tel_gprs") >= 0);
 116 }
 117
 118 RUNNER_TEST(tc_security_server_get_gid_empty_object_name)
 119 {
 120     RUNNER_ASSERT_BT(security_server_get_gid("") == SECURITY_SERVER_API_ERROR_INPUT_PARAM);
 121 }
 122
 123 RUNNER_TEST(tc_security_server_get_gid_wrong_object_name_teltel)
 124 {
 125     RUNNER_ASSERT_BT(security_server_get_gid("teltel") == SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT);
 126 }
 127
 128 RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
 129 {
 130     const char *subject = "abc345v34sfa";
 131     const char *object = "efg678x2lkjz";
 132
 133     SecurityServer::AccessProvider provider(object);
 134     provider.allowSS();
 135     provider.applyAndSwithToUser(APP_UID, APP_GID);
 136
 137     security_server_app_give_access(subject, getpid());
 138
 139     RUNNER_ASSERT_BT(1 == smack_have_access(subject, object, "rwxat"));
 140 }
 141
 142 /*
 143  * Currently we are NOT revoking any permissions given by
 144  * security_server_app_give_access function
 145  */
 146 /*RUNNER_TEST(tc01b_security_server_app_give_access)
 147 {
 148     const char *subject = "abc345v34sfa";
 149     const char *object = "efg678x2lkjz";
 150
 151     // After part A thread from security-server will be notified about
 152     // process end and revoke permissions. We need to give him some
 153     // time.
 154     sleep(1);
 155
 156     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "r----"));
 157     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "-w---"));
 158     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "--x--"));
 159     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "---a-"));
 160     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "----t"));
 161 }*/
 162
 163 RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
 164 {
 165     const char *subject = "xxx45v34sfa";
 166     const char *object = "yyy78x2lkjz";
 167
 168     SmackAccess smack;
 169     smack.add(subject, object, "-----");
 170     smack.apply();
 171
 172     RUNNER_ASSERT_MSG_BT(0 == smack_set_label_for_self(object), "Error in smack_label_for_self");
 173
 174     RUNNER_ASSERT_MSG_BT(drop_root_privileges() == 0, "uid = " << getuid());
 175
 176     RUNNER_ASSERT_BT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED ==
 177             security_server_app_give_access(subject, getpid()));
 178
 179     RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "r"));
 180 }
 181
 182 RUNNER_TEST_SMACK(tc02_check_privilege_by_pid)
 183 {
 184     RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
 185     int ret;
 186     int pid;
 187
 188     pid = getpid();
 189
 190     //we checking existing rule, it should return positive
 191     ret = security_server_check_privilege_by_pid(pid, "_", "rx");
 192     RUNNER_ASSERT_BT(ret == SECURITY_SERVER_API_SUCCESS);
 193
 194     //we checking rule with label that not exist
 195     ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
 196     RUNNER_ASSERT_BT(ret != SECURITY_SERVER_API_SUCCESS);
 197 }
 198
 199 RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
 200 {
 201     int ret = -1;
 202     unsigned int attempt, max_attempt, expire_sec;
 203
 204     attempt = max_attempt = expire_sec = 0;
 205
 206     clear_password();
 207
 208     SecurityServer::AccessProvider provider(TEST03_SUBJECT);
 209     provider.allowSS();
 210     provider.applyAndSwithToUser(APP_UID, APP_GID);
 211
 212     ret = security_server_set_pwd_validity(10);
 213     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
 214
 215     ret = security_server_set_pwd_max_challenge(5);
 216     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
 217
 218     ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 219     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
 220
 221     usleep(PASSWORD_RETRY_TIMEOUT_US);
 222     ret = security_server_set_pwd(NULL, "12345", 0, 0);
 223     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 224
 225     ret = security_server_reset_pwd("12345",0, 0);
 226     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 227
 228     usleep(PASSWORD_RETRY_TIMEOUT_US);
 229     ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
 230     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 231
 232     ret = security_server_set_pwd_history(10);
 233     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 234 }
 235
 236 RUNNER_CHILD_TEST_SMACK(tc04_check_API_passwd_denied)
 237 {
 238     check_API_passwd(true);
 239 }
 240
 241 RUNNER_CHILD_TEST_NOSMACK(tc04_check_API_app_user_passwd_allow_nosmack)
 242 {
 243     check_API_passwd(false);
 244 }
 245
 246 RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
 247 {
 248     SecurityServer::AccessProvider provider(TEST07_SUBJECT);
 249     provider.allowSS();
 250     provider.applyAndSwithToUser(APP_UID, APP_GID);
 251
 252     int ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
 253     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 254 }
 255
 256 RUNNER_CHILD_TEST_SMACK(tc08_check_API_data_share_denied)
 257 {
 258     SecurityServer::AccessProvider provider(TEST08_SUBJECT);
 259     provider.applyAndSwithToUser(APP_UID, APP_GID);
 260
 261     int ret = security_server_app_give_access(TEST08_SUBJECT, getpid());
 262     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
 263             "security_server_app_give_access should return access denied,"
 264             " ret: " << ret);
 265 }
 266
 267 //////////////////////////////////////////
 268 /////////NOSMACK ENV TESTS////////////////
 269 //////////////////////////////////////////
 270
 271 /**
 272  * NOSMACK version of tc01a and tc01c tests.
 273  *
 274  * SMACK is turned off - that means for us, that we don't need any accesses added to our process
 275  * in SMACK before dropping root privileges. This test drops root privileges, calls
 276  * security_server_app_give_access and then checks if smack_have_access returns error (because
 277  * SMACK is off).
 278  *
 279  * security_server_app_give_access shouldn't return anything else than success when SMACK is off,
 280  * hence there is only one test that replaces tests tc01a and tc01c.
 281  */
 282 RUNNER_CHILD_TEST_NOSMACK(tc01_security_server_app_give_access_nosmack)
 283 {
 284     const char* subject = "abc345v34sfa";
 285     const char* object = "efg678x2lkjz";
 286     int result = 0;
 287
 288     result = drop_root_privileges();
 289     RUNNER_ASSERT_MSG_BT(result == 0,
 290             "Failed to drop root privileges. Result: " << result << "uid = " << getuid());
 291
 292     result = security_server_app_give_access(subject, getpid());
 293     RUNNER_ASSERT_MSG_BT(result == SECURITY_SERVER_API_SUCCESS,
 294             "Error in security_server_app_give_access. Result: " << result);
 295
 296     result = smack_have_access(subject, object, "rwxat");
 297     RUNNER_ASSERT_MSG_BT(result == -1,
 298             "smack_have_access should return error when SMACK is off. Result: " << result);
 299 }
 300
 301 /**
 302  * NOSMACK version of tc02 test.
 303  *
 304  * check_privilege_by_pid should always return success when SMACK is off, no matter if label is
 305  * real or not.
 306  */
 307 RUNNER_TEST_NOSMACK(tc02_check_privilege_by_pid_nosmack)
 308 {
 309     RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
 310     int ret;
 311     int pid;
 312
 313     pid = getpid();
 314
 315     //we checking existing rule, it should return positive
 316     ret = security_server_check_privilege_by_pid(pid, "_", "rx");
 317     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 318             "check_privilege_by_pid for existing label failed. Result: " << ret);
 319
 320     //we checking rule with label that not exist
 321     ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
 322     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 323             "check_privilege_by_pid for nonexisting label failed. Result: " << ret);
 324 }
 325
 326 /**
 327  * NOSMACK version of clear_password function.
 328  *
 329  * Compared to SMACK version of this function, this one skips adding rules and setting label.
 330  */
 331 int clear_password_nosmack()
 332 {
 333     int ret = -1;
 334     unsigned int attempt, max_attempt, expire_sec;
 335
 336     if (getuid() == 0) {
 337         reset_security_server();
 338
 339         attempt = max_attempt = expire_sec = UINT_MAX;
 340         ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 341
 342         RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 343                 "is_pwd_faild should return no password error. Result: " << ret);
 344         RUNNER_ASSERT_MSG_BT(expire_sec == 0, "expire_sec = " << expire_sec << ", should be 0.");
 345         RUNNER_ASSERT_MSG_BT(max_attempt == 0, "max_attempt = " << max_attempt << ", should be 0.");
 346         RUNNER_ASSERT_MSG_BT(attempt == 0, "attempt = " << attempt << ", should be 0.");
 347
 348         return 0;
 349     }
 350     return -1;
 351 }
 352
 353 /**
 354  * NOSMACK version of tc03 test.
 355  *
 356  * Just as tc01a/tc01c NOSMACK replacement, we don't need to do anything with SMACK because most
 357  * important functions will return errors (that is smack_accesses_apply/smack_have_access etc.).
 358  * First clear password, then drop privileges and proceed to regular testing.
 359  */
 360
 361 RUNNER_CHILD_TEST_NOSMACK(tc03_check_API_passwd_allow_nosmack)
 362 {
 363     int ret = -1;
 364     unsigned int attempt, max_attempt, expire_sec;
 365
 366     attempt = max_attempt = expire_sec = 0;
 367
 368     clear_password_nosmack();
 369
 370     // drop root privileges
 371     ret = drop_root_privileges();
 372     RUNNER_ASSERT_MSG_BT(ret == 0,
 373             "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
 374
 375     ret = security_server_set_pwd_validity(10);
 376     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 377             "set_pwd_validity should return no password error. Result: " << ret);
 378
 379     ret = security_server_set_pwd_max_challenge(5);
 380     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 381             "set_pwd_max_challenge should return no password error. Result: " << ret);
 382
 383     ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 384     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
 385             "is_pwd_valid should return no password error. Result: " << ret);
 386
 387     usleep(PASSWORD_RETRY_TIMEOUT_US);
 388     ret = security_server_set_pwd(NULL, "12345", 0, 0);
 389     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 390             "set_pwd failed. Result: " << ret);
 391
 392     ret = security_server_reset_pwd("12345",0, 0);
 393     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 394             "reset_pwd failed. Result: " << ret);
 395
 396     usleep(PASSWORD_RETRY_TIMEOUT_US);
 397     ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
 398     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 399             "chk_pwd failed. Result: " << ret);
 400
 401     ret = security_server_set_pwd_history(10);
 402     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 403             "set_pwd_history failed. Result: " << ret);
 404 }
 405
 406 /**
 407  * NOSMACK version of tc07 test.
 408  *
 409  * Similarily to previous tests - no need to set self label because SMACK is off. Just as
 410  * tc01a/tc01c replacement, security_server_app_give_access should return only success. Hence the
 411  * NOSMACK version of tc08 test is skipped.
 412  */
 413 RUNNER_CHILD_TEST_NOSMACK(tc07_check_API_data_share_allow_nosmack)
 414 {
 415     int ret = -1;
 416
 417     // drop root privileges
 418     ret = drop_root_privileges();
 419     RUNNER_ASSERT_MSG_BT(ret == 0,
 420             "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
 421
 422     ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
 423     RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
 424             "app_give_access failed. Result: " << ret);
 425 }
 426
 427 int main(int argc, char *argv[]) {
 428     if (0 != getuid()) {
 429         printf("Error: %s must be executed by root\n", argv[0]);
 430         exit(1);
 431     }
 432     SummaryCollector::Register();
 433     return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
 434 }