/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#pragma once
+#include <ftw.h>
#include <string>
#include <sys/capability.h>
+#include <sys/stat.h>
#include <sys/types.h>
#include <vector>
-#include <security-manager-types.h>
-
#include <app_install_helper.h>
#include <memory.h>
-#include <sm_db.h>
#include <temp_test_user.h>
DEFINE_SMARTPTR(cap_free, _cap_struct, CapsSetsUniquePtr);
-struct app_attributes {
- std::string package;
- std::string Tizen_ver;
-};
-
const int FTW_MAX_FDS = 16;
-extern const privileges_t SM_ALLOWED_PRIVILEGES;
-extern const privileges_t SM_DENIED_PRIVILEGES;
-extern const privileges_t SM_NO_PRIVILEGES;
-extern const std::vector<std::string> SM_ALLOWED_GROUPS;
-static const char *const SM_RW_PATH = "/opt/usr/apps/sm_test_02_pkg_id_full/app_dir";
-
-const std::string uidToStr(const uid_t uid);
-
-std::string generateAppLabel(const std::string &appId);
-std::string generatePkgLabel(const std::string &pkgId);
-std::string genRWPath(int app_num);
-std::string genROPath(int app_num);
-std::string genPublicROPath(int app_num);
-std::string genOwnerRWOthersROPath(int app_num);
-
int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/,
int /*typeflag*/, struct FTW* /*ftwbuf*/);
-void check_app_permissions(const char *const app_id, const char *const pkg_id,
- const char *const user, const privileges_t &allowed_privs,
- const privileges_t &denied_privs);
-void check_app_after_install(const char *const app_id, const char *const pkg_id);
-void check_app_after_install(const char *const app_id, const char *const pkg_id,
- const privileges_t &allowed_privs,
- const privileges_t &denied_privs,
- const std::vector<std::string> &allowed_groups);
-void check_path(const std::string &path, const std::string &label);
-void check_app_path_after_install(int app_num, const char *pkgId, bool others_enabled=false);
-void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
- const bool is_pkg_removed);
-void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
- const privileges_t &privileges, const bool is_pkg_removed);
-
-std::string access_opposite(std::string &access);
-void check_exact_smack_accesses(const std::string &subject,
- const std::string &object,
- const std::string &access);
+void check_path(const std::string &path, const std::string &label,
+ bool transmute = true, bool execute = false);
CapsSetsUniquePtr setCaps(const char *cap_string);
-void prepare_app_env(int app_num, bool others_enabled = false);
-void install_app(const char *app_id, const char *pkg_id, uid_t uid = 0,
- app_install_type type = SM_APP_INSTALL_NONE, bool check_after = true);
-void uninstall_app(const char *app_id, const char *pkg_id,
- bool expect_pkg_removed = false, app_install_type type = SM_APP_INSTALL_NONE,
- bool check_after = true);
-void createTestDirs(const TemporaryTestUser &user,
- const std::string &appId, const std::string &pkgId);
-void removeTestDirs(const TemporaryTestUser &user,
- const std::string &appId, const std::string &pkgId);
+void accessTest(const std::string &id, const std::string &testPath, int accessType);
+void runAccessTest(const std::string &label, uid_t uid, gid_t gid,
+ const std::string &testPath, int accessType);
+void runAccessTest(const AppInstallHelper &app, const std::string &testPath, int accessType);
+void runSystemAccessTest(uid_t uid, gid_t gid, const std::string &testPath, int accessType);
+
+bool isAskuserDisabled();
+bool isPrivilegePrivacy(const std::string &priv);
+int countPrivacyPrivileges(const PrivilegeVector &privs);
+int countPrivacyPrivileges(const std::vector<std::string> &privs);
+
+int setLauncherSecurityAttributes(uid_t uid, gid_t gid);
+int setLauncherSecurityAttributes(TemporaryTestUser &user);
projects / platform / core / test / security-tests.git / blobdiff