#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>
#include <dlog.h>
+#include <privilege-control.h>
#include "test.h"
-#define SECURITY_SERVER_SOCK_PATH "/tmp/.security_server.sock"
-#define COOKIE_SIZE 20
-#define OBJ_NAME_SIZE 30
-#define OLABEL_SIZE 1024
-#define ARIGHTS_SIZE 32
+#define SECURITY_SERVER_SOCK_PATH "/tmp/.security_server.sock"
+#define COOKIE_SIZE 20
+#define OBJ_NAME_SIZE 30
+#define OLABEL_SIZE 1024
+#define ARIGHTS_SIZE 32
/* Message */
char obj_name[OBJ_NAME_SIZE];
struct sockaddr_un clientaddr;
+/**
+ * Dropping root privileges
+ * returns 0 on success, 1 on error
+ */
+int drop_root_privileges()
+{
+ if (getuid() == 0) {
+ /* process is running as root, drop privileges */
+ if (setgid(5000) != 0)
+ return 1;
+ if (setuid(5000) != 0)
+ return 1;
+ }
+ int uid = getuid();
+ if (uid == 5000)
+ return 0;
+
+ return 1;
+}
+
/* Create a Unix domain socket and bind */
int create_new_socket()
{
}
/* Create Unix domain socket */
- if((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
+ if ((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
{
LOGE("%s : %s\n", "socket()", strerror(errno));
goto error;
}
/* Make socket as non blocking */
- if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
- fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
+ if ((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
+ fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
{
LOGE("%s : %s\n", "fcntl()", strerror(errno));
goto error;
bzero (&serveraddr, sizeof(serveraddr));
serveraddr.sun_family = AF_UNIX;
strncpy(serveraddr.sun_path, SECURITY_SERVER_TEST_SOCK_PATH,
- strlen(SECURITY_SERVER_TEST_SOCK_PATH) + 1);
+ strlen(SECURITY_SERVER_TEST_SOCK_PATH) + 1);
/* Bind the socket */
- if((bind(localsockfd, (struct sockaddr *)&serveraddr, sizeof(serveraddr))) < 0)
+ if ((bind(localsockfd, (struct sockaddr*)&serveraddr, sizeof(serveraddr))) < 0)
{
LOGE("%s : %s\n", "bind()", strerror(errno));
goto error;
/* Flawfinder hits this chmod function as level 5 CRITICAL as race condition flaw *
* Flawfinder recommends to user fchmod insted of chmod
* But, fchmod doesn't work on socket file so there is no other choice at this point */
- if(chmod(SECURITY_SERVER_TEST_SOCK_PATH, sock_mode) < 0) /* Flawfinder: ignore */
+ if (chmod(SECURITY_SERVER_TEST_SOCK_PATH, sock_mode) < 0) /* Flawfinder: ignore */
{
LOGE("%s : %s\n", "chmod()", strerror(errno));
goto error;
poll_fd[0].fd = sockfd;
poll_fd[0].events = event;
retval = poll(poll_fd, 1, timeout);
- if(retval < 0)
+ if (retval < 0)
{
LOGE("%s : %s\n", "poll()", strerror(errno));
return -1;
}
/* Timed out */
- if(retval == 0)
+ if (retval == 0)
{
LOGE("%s", "poll() timeout");
return 0;
return 1;
}
-int send_gid_request(int sock_fd, const char* object)
+int send_gid_request(int sock_fd, const char *object)
{
basic_header hdr;
int retval, send_len = 0;
send_len = sizeof(hdr) + strlen(object);
- buf = (unsigned char *) malloc(send_len);
- if(buf == NULL)
+ buf = (unsigned char*) malloc(send_len);
+ if (buf == NULL)
{
LOGE("%s\n", "out of memory");
return -1;
/* Check poll */
retval = check_socket_poll(sock_fd, POLLOUT, 1000);
- if(retval == -1)
+ if (retval == -1)
{
LOGE("%s\n", "poll() error");
- if(buf != NULL)
+ if (buf != NULL)
free(buf);
return -1;
}
- if(retval == 0)
+ if (retval == 0)
{
LOGE("%s\n", "poll() timeout");
- if(buf != NULL)
+ if (buf != NULL)
free(buf);
return -1;
}
retval = write(sock_fd, buf, send_len);
- if(retval < send_len)
+ if (retval < send_len)
{
/* Write error */
LOGE("Error on write(): %d. errno=%d, sockfd=%d\n", retval, errno, sock_fd);
- if(buf != NULL)
+ if (buf != NULL)
free(buf);
return -1;
}
- if(buf != NULL)
+ if (buf != NULL)
free(buf);
return 0;
/* Create a socket */
localsockfd = socket(AF_UNIX, SOCK_STREAM, 0);
- if(localsockfd < 0)
+ if (localsockfd < 0)
{
LOGE("%s : %s\n", "socket()", strerror(errno));
return -1;
}
/* Make socket as non blocking */
- if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
- fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
+ if ((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
+ fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
{
close(localsockfd);
LOGE("%s : %s\n", "fcntl()", strerror(errno));
client_len = sizeof(clientaddr);
ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
- if( ret < 0)
+ if (ret < 0)
{
- if(errno == EINPROGRESS)
+ if (errno == EINPROGRESS)
{
LOGD("%s\n", "Connection is in progress");
check_socket_poll(localsockfd, POLLOUT, 1000);
- if(ret == -1)
+ if (ret == -1)
{
LOGE("%s\n", "poll() error");
close(localsockfd);
return -1;
}
ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
- if(ret < 0)
+ if (ret < 0)
{
LOGE("%s\n", "connection failed");
close(localsockfd);
response_header hdr;
retval = connect_to_server(&sockfd);
- if(retval != 0)
+ if (retval != 0)
{
/* Error on socket */
LOGE("Connection failed: %d\n", retval);
/* make request packet and send to server*/
retval = send_gid_request(sockfd, object);
- if(retval != 0)
+ if (retval != 0)
{
/* Error on socket */
LOGE("Send request failed: %d\n", retval);
LOGD("%s", "Just closing the socket and exit\n");
error:
- if(sockfd > 0)
+ if (sockfd > 0)
close(sockfd);
return 0;
RUNNER_TEST(tc_getting_default_cookie)
{
printhex(cookie, COOKIE_SIZE);
- RUNNER_ASSERT(security_server_request_cookie((char *)cookie, 20) == SECURITY_SERVER_API_SUCCESS);
+ RUNNER_ASSERT(security_server_request_cookie((char*)cookie, 20) == SECURITY_SERVER_API_SUCCESS);
}
RUNNER_TEST(tc_security_server_get_gid_normal_case_trying_to_get_gid_of_tel_gprs)
RUNNER_TEST(tc_ask_for_privilege_with_default_cookie_normal_case_to_check_audio_privilege)
{
- printhex(cookie, COOKIE_SIZE);
- RUNNER_ASSERT(security_server_request_cookie((char *)cookie, COOKIE_SIZE) == SECURITY_SERVER_API_SUCCESS);
+ printhex(cookie, COOKIE_SIZE);
+ RUNNER_ASSERT(security_server_request_cookie((char*)cookie, COOKIE_SIZE) == SECURITY_SERVER_API_SUCCESS);
ret = security_server_get_gid("audio");
- ret = security_server_check_privilege((char *) cookie, ret);
+ ret = security_server_check_privilege((char*) cookie, ret);
RUNNER_ASSERT(ret == SECURITY_SERVER_API_SUCCESS);
}
{
ret = security_server_get_gid("audio");
srand(time(NULL));
- for(i=0; i<COOKIE_SIZE; i++)
+ for (i = 0; i < COOKIE_SIZE; i++)
wrong_cookie[i] = rand() % 255;
- ret = security_server_check_privilege((const char *) wrong_cookie, ret);
+ ret = security_server_check_privilege((const char*) wrong_cookie, ret);
RUNNER_ASSERT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED);
}
RUNNER_TEST(tc_fake_security_server_get_gid)
{
-
/* Close socket just after sending request msg.
* This is done with fake security_server_get_gid()*/
RUNNER_TEST(tc_get_pid_of_a_given_cookie_default_cookie_case)
{
- RUNNER_ASSERT(security_server_get_cookie_pid((const char *) cookie) == getpid());
+ RUNNER_ASSERT(security_server_get_cookie_pid((const char*) cookie) == getpid());
}
RUNNER_TEST(tc_get_pid_of_non_existing_cookie)
{
- RUNNER_ASSERT(security_server_get_cookie_pid((const char *) wrong_cookie)== SECURITY_SERVER_API_ERROR_NO_SUCH_COOKIE);
+ RUNNER_ASSERT(security_server_get_cookie_pid((const char*) wrong_cookie) == SECURITY_SERVER_API_ERROR_NO_SUCH_COOKIE);
}
RUNNER_TEST(tc_get_pid_of_null_cookie)
{
const char *subject = "abc345v34sfa";
const char *object = "efg678x2lkjz";
+ const char *server_api = "security-server::api-data-share";
smack_accesses *tmp = NULL;
RUNNER_ASSERT(0 == smack_accesses_new(&tmp));
- std::unique_ptr<smack_accesses,std::function<void(smack_accesses*)>>
- smack(tmp, smack_accesses_free);
+ std::unique_ptr<smack_accesses,std::function<void(smack_accesses*)> >
+ smack(tmp, smack_accesses_free);
RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), subject, object, "-----"));
+ RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), object, server_api, "rw"));
RUNNER_ASSERT(0 == smack_accesses_apply(smack.get()));
smack_set_label_for_self(object);
+
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
security_server_app_give_access(subject, getpid());
RUNNER_ASSERT(1 == smack_have_access(subject, object, "rwxat"));
}
-RUNNER_TEST(tc01b_security_server_app_give_access)
+/*
+ * Currently we are NOT revoking any permissions given by
+ * security_server_app_give_access function
+ */
+/*RUNNER_TEST(tc01b_security_server_app_give_access)
{
const char *subject = "abc345v34sfa";
const char *object = "efg678x2lkjz";
RUNNER_ASSERT(0 == smack_have_access(subject, object, "--x--"));
RUNNER_ASSERT(0 == smack_have_access(subject, object, "---a-"));
RUNNER_ASSERT(0 == smack_have_access(subject, object, "----t"));
+}*/
+
+RUNNER_CHILD_TEST(tc01c_security_server_app_give_access_no_access)
+{
+ const char *subject = "xxx45v34sfa";
+ const char *object = "yyy78x2lkjz";
+ smack_accesses *tmp = NULL;
+
+ RUNNER_ASSERT(0 == smack_accesses_new(&tmp));
+
+ std::unique_ptr<smack_accesses,std::function<void(smack_accesses*)> >
+ smack(tmp, smack_accesses_free);
+
+ RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), subject, object, "-----"));
+ RUNNER_ASSERT(0 == smack_accesses_apply(smack.get()));
+
+ smack_set_label_for_self(object);
+
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
+ RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == security_server_app_give_access(subject, getpid()));
+
+ RUNNER_ASSERT(0 == smack_have_access(subject, object, "r"));
+}
+
+RUNNER_TEST(tc02_check_privilege_by_pid)
+{
+ int ret;
+ int pid;
+
+ pid = getpid();
+
+ //we checking existing rule, it should return positive
+ ret = security_server_check_privilege_by_pid(pid, "_", "rx");
+ RUNNER_ASSERT(ret == SECURITY_SERVER_API_SUCCESS);
+
+ //we checking rule with label that not exist
+ ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
+ RUNNER_ASSERT(ret != SECURITY_SERVER_API_SUCCESS);
}
int main(int argc, char *argv[])
server_sockfd = -1;
ret = getuid();
- if(ret != 0)
+ if (ret != 0)
{
printf("Error: %s must be executed by root\n", argv[0]);
exit(1);
int status =
DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
- if(server_sockfd > 0)
+ if (server_sockfd > 0)
close(server_sockfd);
- if(client_sockfd > 0)
+ if (client_sockfd > 0)
close(client_sockfd);
return status;