2 * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
5 * @file security_server_tests_server.cpp
6 * @author Bumjin Im (bj.im@samsung.com)
7 * @author Mariusz Domanski (m.domanski@samsung.com)
9 * @brief Test cases for security server
15 #include <sys/types.h>
16 #include <sys/param.h>
21 #include <sys/socket.h>
23 #include <sys/smack.h>
25 #include "security-server.h"
26 #include "security_server_clean_env.h"
27 #include <dpl/test/test_runner.h>
28 #include <dpl/test/test_runner_child.h>
30 #include <privilege-control.h>
32 #include "security_server_tests_common.h"
33 #include "tests_common.h"
34 #include <smack_access.h>
35 #include <access_provider.h>
36 #include <summary_collector.h>
38 const char *TEST03_SUBJECT = "subject_0f09f7cc";
39 const char *TEST04_SUBJECT = "subject_57dfbfc5";
40 const char *TEST07_SUBJECT = "subject_cd738844";
41 const char *TEST08_SUBJECT = "subject_fd84ba7f";
46 unsigned int attempt, max_attempt, expire_sec;
48 reset_security_server();
50 attempt = max_attempt = expire_sec = UINT_MAX;
51 ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
53 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
54 RUNNER_ASSERT_BT(expire_sec == 0);
55 RUNNER_ASSERT_BT(max_attempt == 0);
56 RUNNER_ASSERT_BT(attempt == 0);
61 void check_API_passwd(bool smack) {
63 int err, err_is_pwd_valid;
64 unsigned int attempt, max_attempt, expire_sec;
66 err = smack ? SECURITY_SERVER_API_ERROR_ACCESS_DENIED : SECURITY_SERVER_API_SUCCESS;
67 err_is_pwd_valid = smack ? SECURITY_SERVER_API_ERROR_ACCESS_DENIED : SECURITY_SERVER_API_ERROR_PASSWORD_EXIST;
68 attempt = max_attempt = expire_sec = 0;
71 SecurityServer::AccessProvider privider(TEST04_SUBJECT);
72 privider.applyAndSwithToUser(APP_UID, APP_GID);
74 RUNNER_ASSERT_MSG_BT((ret = drop_root_privileges()) == 0,
75 "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
78 ret = security_server_set_pwd_validity(APP_UID);
79 RUNNER_ASSERT_MSG_BT(ret == err,
80 "security_server_set_pwd_validity has failed,"
83 ret = security_server_set_pwd_max_challenge(5);
84 RUNNER_ASSERT_MSG_BT(ret == err,
85 "security_server_set_pwd_max_challenge has failed,"
88 ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
89 RUNNER_ASSERT_MSG_BT(ret == err_is_pwd_valid,
90 "security_server_is_pwd_valid should return password exist,"
93 usleep(PASSWORD_RETRY_TIMEOUT_US);
94 ret = security_server_set_pwd("12345", "12346", 0, 0);
95 RUNNER_ASSERT_MSG_BT(ret == err,
96 "security_server_set_pwd has failed, ret: " << ret);
98 ret = security_server_reset_pwd("12346",0, 0);
99 RUNNER_ASSERT_MSG_BT(ret == err,
100 "security_server_reset_pwd has failed, ret: " << ret);
101 usleep(PASSWORD_RETRY_TIMEOUT_US);
102 ret = security_server_chk_pwd("12346", &attempt, &max_attempt, &expire_sec);
103 RUNNER_ASSERT_MSG_BT(ret == err,
104 "security_server_chk_pwd has failed, ret: " << ret);
106 ret = security_server_set_pwd_history(10);
107 RUNNER_ASSERT_MSG_BT(ret == err,
108 "security_server_set_pwd_history has failed, ret: " << ret);
111 RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_SERVER);
113 RUNNER_TEST(tc_security_server_get_gid_normal_case_trying_to_get_gid_of_tel_gprs)
115 RUNNER_ASSERT_BT(security_server_get_gid("tel_gprs") >= 0);
118 RUNNER_TEST(tc_security_server_get_gid_empty_object_name)
120 RUNNER_ASSERT_BT(security_server_get_gid("") == SECURITY_SERVER_API_ERROR_INPUT_PARAM);
123 RUNNER_TEST(tc_security_server_get_gid_wrong_object_name_teltel)
125 RUNNER_ASSERT_BT(security_server_get_gid("teltel") == SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT);
128 RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
130 const char *subject = "abc345v34sfa";
131 const char *object = "efg678x2lkjz";
133 SecurityServer::AccessProvider provider(object);
135 provider.applyAndSwithToUser(APP_UID, APP_GID);
137 security_server_app_give_access(subject, getpid());
139 RUNNER_ASSERT_BT(1 == smack_have_access(subject, object, "rwxat"));
143 * Currently we are NOT revoking any permissions given by
144 * security_server_app_give_access function
146 /*RUNNER_TEST(tc01b_security_server_app_give_access)
148 const char *subject = "abc345v34sfa";
149 const char *object = "efg678x2lkjz";
151 // After part A thread from security-server will be notified about
152 // process end and revoke permissions. We need to give him some
156 RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "r----"));
157 RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "-w---"));
158 RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "--x--"));
159 RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "---a-"));
160 RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "----t"));
163 RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
165 RUNNER_IGNORED_MSG("Security-server sockets are not labeled.");
166 const char *subject = "xxx45v34sfa";
167 const char *object = "yyy78x2lkjz";
170 smack.add(subject, object, "-----");
173 RUNNER_ASSERT_MSG_BT(0 == smack_set_label_for_self(object), "Error in smack_label_for_self");
175 RUNNER_ASSERT_MSG_BT(drop_root_privileges() == 0, "uid = " << getuid());
177 RUNNER_ASSERT_BT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED ==
178 security_server_app_give_access(subject, getpid()));
180 RUNNER_ASSERT_BT(0 == smack_have_access(subject, object, "r"));
183 RUNNER_TEST_SMACK(tc02_check_privilege_by_pid)
185 RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
191 //we checking existing rule, it should return positive
192 ret = security_server_check_privilege_by_pid(pid, "_", "rx");
193 RUNNER_ASSERT_BT(ret == SECURITY_SERVER_API_SUCCESS);
195 //we checking rule with label that not exist
196 ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
197 RUNNER_ASSERT_BT(ret != SECURITY_SERVER_API_SUCCESS);
200 RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
203 unsigned int attempt, max_attempt, expire_sec;
205 attempt = max_attempt = expire_sec = 0;
209 SecurityServer::AccessProvider provider(TEST03_SUBJECT);
211 provider.applyAndSwithToUser(APP_UID, APP_GID);
213 ret = security_server_set_pwd_validity(10);
214 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
216 ret = security_server_set_pwd_max_challenge(5);
217 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
219 ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
220 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
222 usleep(PASSWORD_RETRY_TIMEOUT_US);
223 ret = security_server_set_pwd(NULL, "12345", 0, 0);
224 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
226 ret = security_server_reset_pwd("12345",0, 0);
227 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
229 usleep(PASSWORD_RETRY_TIMEOUT_US);
230 ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
231 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
233 ret = security_server_set_pwd_history(10);
234 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
237 RUNNER_CHILD_TEST_SMACK(tc04_check_API_passwd_denied)
239 RUNNER_IGNORED_MSG("Security-server sockets are not labeled.");
240 check_API_passwd(true);
243 RUNNER_CHILD_TEST_NOSMACK(tc04_check_API_app_user_passwd_allow_nosmack)
245 check_API_passwd(false);
248 RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
250 SecurityServer::AccessProvider provider(TEST07_SUBJECT);
252 provider.applyAndSwithToUser(APP_UID, APP_GID);
254 int ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
255 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
258 RUNNER_CHILD_TEST_SMACK(tc08_check_API_data_share_denied)
260 RUNNER_IGNORED_MSG("Security-server sockets are not labeled.");
261 SecurityServer::AccessProvider provider(TEST08_SUBJECT);
262 provider.applyAndSwithToUser(APP_UID, APP_GID);
264 int ret = security_server_app_give_access(TEST08_SUBJECT, getpid());
265 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
266 "security_server_app_give_access should return access denied,"
270 //////////////////////////////////////////
271 /////////NOSMACK ENV TESTS////////////////
272 //////////////////////////////////////////
275 * NOSMACK version of tc01a and tc01c tests.
277 * SMACK is turned off - that means for us, that we don't need any accesses added to our process
278 * in SMACK before dropping root privileges. This test drops root privileges, calls
279 * security_server_app_give_access and then checks if smack_have_access returns error (because
282 * security_server_app_give_access shouldn't return anything else than success when SMACK is off,
283 * hence there is only one test that replaces tests tc01a and tc01c.
285 RUNNER_CHILD_TEST_NOSMACK(tc01_security_server_app_give_access_nosmack)
287 const char* subject = "abc345v34sfa";
288 const char* object = "efg678x2lkjz";
291 result = drop_root_privileges();
292 RUNNER_ASSERT_MSG_BT(result == 0,
293 "Failed to drop root privileges. Result: " << result << "uid = " << getuid());
295 result = security_server_app_give_access(subject, getpid());
296 RUNNER_ASSERT_MSG_BT(result == SECURITY_SERVER_API_SUCCESS,
297 "Error in security_server_app_give_access. Result: " << result);
299 result = smack_have_access(subject, object, "rwxat");
300 RUNNER_ASSERT_MSG_BT(result == -1,
301 "smack_have_access should return error when SMACK is off. Result: " << result);
305 * NOSMACK version of tc02 test.
307 * check_privilege_by_pid should always return success when SMACK is off, no matter if label is
310 RUNNER_TEST_NOSMACK(tc02_check_privilege_by_pid_nosmack)
312 RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
318 //we checking existing rule, it should return positive
319 ret = security_server_check_privilege_by_pid(pid, "_", "rx");
320 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
321 "check_privilege_by_pid for existing label failed. Result: " << ret);
323 //we checking rule with label that not exist
324 ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
325 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
326 "check_privilege_by_pid for nonexisting label failed. Result: " << ret);
330 * NOSMACK version of clear_password function.
332 * Compared to SMACK version of this function, this one skips adding rules and setting label.
334 int clear_password_nosmack()
337 unsigned int attempt, max_attempt, expire_sec;
340 reset_security_server();
342 attempt = max_attempt = expire_sec = UINT_MAX;
343 ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
345 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
346 "is_pwd_faild should return no password error. Result: " << ret);
347 RUNNER_ASSERT_MSG_BT(expire_sec == 0, "expire_sec = " << expire_sec << ", should be 0.");
348 RUNNER_ASSERT_MSG_BT(max_attempt == 0, "max_attempt = " << max_attempt << ", should be 0.");
349 RUNNER_ASSERT_MSG_BT(attempt == 0, "attempt = " << attempt << ", should be 0.");
357 * NOSMACK version of tc03 test.
359 * Just as tc01a/tc01c NOSMACK replacement, we don't need to do anything with SMACK because most
360 * important functions will return errors (that is smack_accesses_apply/smack_have_access etc.).
361 * First clear password, then drop privileges and proceed to regular testing.
364 RUNNER_CHILD_TEST_NOSMACK(tc03_check_API_passwd_allow_nosmack)
367 unsigned int attempt, max_attempt, expire_sec;
369 attempt = max_attempt = expire_sec = 0;
371 clear_password_nosmack();
373 // drop root privileges
374 ret = drop_root_privileges();
375 RUNNER_ASSERT_MSG_BT(ret == 0,
376 "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
378 ret = security_server_set_pwd_validity(10);
379 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
380 "set_pwd_validity should return no password error. Result: " << ret);
382 ret = security_server_set_pwd_max_challenge(5);
383 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
384 "set_pwd_max_challenge should return no password error. Result: " << ret);
386 ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
387 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
388 "is_pwd_valid should return no password error. Result: " << ret);
390 usleep(PASSWORD_RETRY_TIMEOUT_US);
391 ret = security_server_set_pwd(NULL, "12345", 0, 0);
392 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
393 "set_pwd failed. Result: " << ret);
395 ret = security_server_reset_pwd("12345",0, 0);
396 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
397 "reset_pwd failed. Result: " << ret);
399 usleep(PASSWORD_RETRY_TIMEOUT_US);
400 ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
401 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
402 "chk_pwd failed. Result: " << ret);
404 ret = security_server_set_pwd_history(10);
405 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
406 "set_pwd_history failed. Result: " << ret);
410 * NOSMACK version of tc07 test.
412 * Similarily to previous tests - no need to set self label because SMACK is off. Just as
413 * tc01a/tc01c replacement, security_server_app_give_access should return only success. Hence the
414 * NOSMACK version of tc08 test is skipped.
416 RUNNER_CHILD_TEST_NOSMACK(tc07_check_API_data_share_allow_nosmack)
420 // drop root privileges
421 ret = drop_root_privileges();
422 RUNNER_ASSERT_MSG_BT(ret == 0,
423 "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
425 ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
426 RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS,
427 "app_give_access failed. Result: " << ret);
430 int main(int argc, char *argv[]) {
432 printf("Error: %s must be executed by root\n", argv[0]);
435 SummaryCollector::Register();
436 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);