Added security server stress tests

[Issue#]        SSDWSSP-250
[Bug/Feature]   N/A
[Cause]         Missing stress tests for security server
[Solution]      Stress tests added
[Verification]  New tests should be avaible after compilation.
                They are available through security-server-tests-stress
                binary. It is also caled by security-tests-all.sh,
                or using security-tests.sh with ss-stress parameter.

Change-Id: I8688d7326c201482928688407c42ff1adf8b4c7f

diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec
index d5fcc57..7e31d73 100644 (file)
--- a/packaging/security-tests.spec
+++ b/packaging/security-tests.spec
@@ -77,6 +77,7 @@ osp-installer -u V5LKqDFBXm
 /usr/bin/security-server-tests-client-smack
 /usr/bin/security-server-tests-server
 /usr/bin/security-server-tests-password
+/usr/bin/security-server-tests-stress
 /usr/bin/security-server-tests-dbus
 /usr/bin/security-client
 /etc/smack/test_smack_rules_full

diff --git a/tests/common/tests_common.h b/tests/common/tests_common.h
index 8b25108..8390997 100644 (file)
--- a/tests/common/tests_common.h
+++ b/tests/common/tests_common.h
@@ -40,6 +40,9 @@ const gid_t APP_GID = 5000;
 const uid_t DB_ALARM_UID = 6001;
 const gid_t DB_ALARM_GID = 6001;
 
+
+typedef std::unique_ptr<smack_accesses, std::function<void(smack_accesses*)> > AccessesUniquePtr;
+
 #define RUNNER_TEST_SMACK(Proc)                                                     \
     void Proc();                                                                    \
     static int Static##Proc##Init()                                                 \

diff --git a/tests/libsmack-tests/test_cases.cpp b/tests/libsmack-tests/test_cases.cpp
index 94ee92b..2f8b577 100644 (file)
--- a/tests/libsmack-tests/test_cases.cpp
+++ b/tests/libsmack-tests/test_cases.cpp
@@ -46,10 +46,6 @@
 
 std::vector<std::string> accessesBasic = { "r", "w", "x", "wx", "rx", "rw", "rwx", "rwxat" };
 
-typedef std::unique_ptr<smack_accesses, std::function<void(smack_accesses*)> > AccessesUniquePtr;
-
-
-
 
 int files_compare(int fd1, int fd2)
 {

diff --git a/tests/security-server-tests/CMakeLists.txt b/tests/security-server-tests/CMakeLists.txt
index 35d56d2..2487beb 100644 (file)
--- a/tests/security-server-tests/CMakeLists.txt
+++ b/tests/security-server-tests/CMakeLists.txt
@@ -37,6 +37,7 @@ PKG_CHECK_MODULES(SEC_SRV_TESTS_DEP
 SET(TARGET_SEC_SRV_CLIENT_SMACK_TESTS "security-server-tests-client-smack")
 SET(TARGET_SEC_SRV_TC_SERVER_TESTS "security-server-tests-server")
 SET(TARGET_SEC_SRV_PWD_TESTS "security-server-tests-password")
+SET(TARGET_SEC_SRV_STRESS_TESTS "security-server-tests-stress")
 SET(TARGET_SEC_SRV_MT_TESTS "security-server-tests-mt")
 SET(TARGET_SEC_SRV_DBUS_TESTS "security-server-tests-dbus")
 SET(TARGET_SEC_SRV_MEASURER "security-server-tests-api-speed")
@@ -61,6 +62,10 @@ SET(SEC_SRV_PWD_SOURCES
     ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_clean_env.cpp
    )
 
+SET(SEC_SRV_STRESS_SOURCES
+    ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_stress.cpp
+   )
+
 SET(SEC_SRV_MT_SOURCES
     ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_mt.cpp
    )
@@ -89,6 +94,7 @@ ADD_DEFINITIONS("-I/usr/include/dbus-1.0/dbus")
 ADD_EXECUTABLE(${TARGET_SEC_SRV_CLIENT_SMACK_TESTS} ${SEC_SRV_CLIENT_SMACK_SOURCES})
 ADD_EXECUTABLE(${TARGET_SEC_SRV_TC_SERVER_TESTS} ${SEC_SRV_TC_SERVER_SOURCES})
 ADD_EXECUTABLE(${TARGET_SEC_SRV_PWD_TESTS} ${SEC_SRV_PWD_SOURCES})
+ADD_EXECUTABLE(${TARGET_SEC_SRV_STRESS_TESTS} ${SEC_SRV_STRESS_SOURCES})
 ADD_EXECUTABLE(${TARGET_SEC_SRV_MT_TESTS} ${SEC_SRV_MT_SOURCES})
 ADD_EXECUTABLE(${TARGET_SEC_SRV_DBUS_TESTS} ${SEC_SRV_DBUS_SOURCES})
 ADD_EXECUTABLE(${TARGET_SEC_SRV_MEASURER} ${SEC_SRV_MEASURER_SOURCES})
@@ -106,6 +112,10 @@ TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_PWD_TESTS}
     ${SEC_SRV_TESTS_DEP_LIBRARIES}
     tests-common)
 
+TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_STRESS_TESTS}
+    ${SEC_SRV_TESTS_DEP_LIBRARIES}
+    tests-common)
+
 TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_MT_TESTS}
     ${SEC_SRV_TESTS_DEP_LIBRARIES}
     tests-common)
@@ -123,6 +133,7 @@ TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_MEASURER}
 INSTALL(TARGETS ${TARGET_SEC_SRV_CLIENT_SMACK_TESTS} DESTINATION /usr/bin)
 INSTALL(TARGETS ${TARGET_SEC_SRV_TC_SERVER_TESTS} DESTINATION /usr/bin)
 INSTALL(TARGETS ${TARGET_SEC_SRV_PWD_TESTS} DESTINATION /usr/bin)
+INSTALL(TARGETS ${TARGET_SEC_SRV_STRESS_TESTS} DESTINATION /usr/bin)
 INSTALL(TARGETS ${TARGET_SEC_SRV_MT_TESTS} DESTINATION /usr/bin)
 INSTALL(TARGETS ${TARGET_SEC_SRV_DBUS_TESTS} DESTINATION /usr/bin)
 INSTALL(TARGETS ${TARGET_SEC_SRV_MEASURER} DESTINATION /usr/bin)

diff --git a/tests/security-server-tests/security_server_tests_server.cpp b/tests/security-server-tests/security_server_tests_server.cpp
index 49b7981..3f6d60d 100644 (file)
--- a/tests/security-server-tests/security_server_tests_server.cpp
+++ b/tests/security-server-tests/security_server_tests_server.cpp
@@ -487,8 +487,7 @@ RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
 
     RUNNER_ASSERT(0 == smack_accesses_new(&tmp));
 
-    std::unique_ptr<smack_accesses,std::function<void(smack_accesses*)> >
-    smack(tmp, smack_accesses_free);
+    AccessesUniquePtr smack(tmp, smack_accesses_free);
 
     RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), subject, object, "-----"));
     RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), object, server_api, "rw"));
@@ -532,8 +531,7 @@ RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
 
     RUNNER_ASSERT(0 == smack_accesses_new(&tmp));
 
-    std::unique_ptr<smack_accesses,std::function<void(smack_accesses*)> >
-    smack(tmp, smack_accesses_free);
+    AccessesUniquePtr smack(tmp, smack_accesses_free);
 
     RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), subject, object, "-----"));
     RUNNER_ASSERT(0 == smack_accesses_apply(smack.get()));

diff --git a/tests/security-server-tests/security_server_tests_stress.cpp b/tests/security-server-tests/security_server_tests_stress.cpp
new file mode 100644 (file)
index 0000000..da3959b
--- /dev/null
+++ b/tests/security-server-tests/security_server_tests_stress.cpp
@@ -0,0 +1,219 @@
+/*
+ * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ */
+/*
+ * @file    security_server_tests_stress.cpp
+ * @author  Pawel Polawski (p.polawski@partner.samsung.com)
+ * @version 1.0
+ * @brief   Test cases for security server stress tests
+ *
+ */
+
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_multiprocess.h>
+#include <tests_common.h>
+#include <iostream>
+#include <sys/smack.h>
+#include <cstddef>
+#include <thread>
+#include <mutex>
+#include <string>
+#include <sys/types.h>
+#include "security-server.h"
+
+
+std::mutex g_mutex;
+std::mutex g_msgMutex;
+size_t g_successes = 0;
+
+//number of threads
+const size_t g_threadsNumber = 100;
+
+//environment setup
+const std::string g_subject("woda");
+const std::string g_object("wiadro");
+const std::string g_rule("rwx");
+
+//for storing errors
+std::string g_errors;
+
+
+void appendError(const std::string &message)
+{
+    std::lock_guard<std::mutex> lock(g_msgMutex);
+    g_errors += message;
+    g_errors += "\n";
+}
+
+void cookie_api_thread_function(bool isSmack)
+{
+    /*
+    Tested API functions:
+
+    int security_server_get_cookie_size(void);
+    int security_server_request_cookie(char *cookie, size_t bufferSize);
+    int security_server_check_privilege(const char *cookie, gid_t privilege);
+    int security_server_check_privilege_by_cookie(const char *cookie,
+                                              const char *object,
+                                              const char *access_rights);
+    int security_server_get_cookie_pid(const char *cookie);
+    char *security_server_get_smacklabel_cookie(const char *cookie);
+    int security_server_get_uid_by_cookie(const char *cookie, uid_t *uid);
+    int security_server_get_gid_by_cookie(const char *cookie, gid_t *gid);
+    */
+
+    int ret;
+    size_t COOKIE_SIZE;
+    pid_t pid;
+    uid_t uid;
+    gid_t gid;
+
+    //security_server_get_cookie_size()
+    COOKIE_SIZE = security_server_get_cookie_size();
+    if (COOKIE_SIZE != 20) {
+        appendError("Error in security_server_get_cookie_size(): " + std::to_string(COOKIE_SIZE));
+        return;
+    }
+
+    //security_server_request_cookie()
+    std::vector<char> cookie(COOKIE_SIZE);
+    ret = security_server_request_cookie(cookie.data(), COOKIE_SIZE);
+    if (ret < 0) {
+        appendError("Error in security_server_request_cookie(): " + std::to_string(ret));
+        return;
+    }
+
+    //security_server_check_privilege()
+    ret = security_server_check_privilege(cookie.data(), 0);
+    if (ret < 0) {
+        appendError("Error in security_server_check_privilege(): " + std::to_string(ret));
+        return;
+    }
+
+    //security_server_check_privilege_by_cookie()
+    ret = security_server_check_privilege_by_cookie(cookie.data(), g_object.data(), g_rule.data());
+    if (ret < 0) {
+        appendError("Error in security_server_check_privilege_by_cookie(): " + std::to_string(ret));
+        return;
+    }
+
+    //security_server_get_cookie_pid
+    pid = getpid();
+    ret = security_server_get_cookie_pid(cookie.data());
+    if (ret < 0) {
+        appendError("Error in security_server_get_cookie_pid(): " + std::to_string(ret));
+        return;
+    }
+
+    if (isSmack) {
+        //security_server_get_smacklabel_cookie()
+        char *tmp = security_server_get_smacklabel_cookie(cookie.data());
+        std::string labelFromCookie(tmp ? tmp : "");
+        free(tmp);
+        if (labelFromCookie.size() == 0) {
+            appendError("Error in security_server_get_smacklabel_cookie(): " + labelFromCookie);
+            return;
+        }
+
+        char *labelFromSelfTmp = NULL;
+        ret = smack_new_label_from_self(&labelFromSelfTmp);
+        if (ret < 0) {
+            appendError("Error in smack_new_label_from_self(): " + std::to_string(ret));
+            return;
+        }
+
+        std::string labelFromSelf(labelFromSelfTmp ? labelFromSelfTmp : "");
+        free(labelFromSelfTmp);
+        if (labelFromSelf != labelFromCookie) {
+            appendError("Error in comparing SMACK label: " + std::to_string(ret));
+            return;
+        }
+    }
+
+    //security_server_get_uid_by_cookie()
+    ret = security_server_get_uid_by_cookie(cookie.data(), &uid);
+    if (ret < 0) {
+        appendError("Error in security_server_get_uid_by_cookie(): " + std::to_string(ret));
+        return;
+    }
+    uid_t trueUid = getuid();
+    if (trueUid != uid) {
+        appendError("Error in UID match");
+        return;
+    }
+
+    //security_server_get_gid_by_cookie()
+    ret = security_server_get_gid_by_cookie(cookie.data(), &gid);
+    if (ret < 0) {
+        appendError("Error in security_server_get_gid_by_cookie(): " + std::to_string(ret));
+        return;
+    }
+    gid_t trueGid = getgid();
+    if (trueGid != gid) {
+        appendError("Error in GID match");
+        return;
+    }
+
+    std::lock_guard<std::mutex> lock(g_mutex);
+    ++g_successes;
+}
+
+void testFunction(bool isSmack)
+{
+    std::vector<std::thread> threadsVector;
+
+    if (isSmack) {
+        //preapre environment
+        int ret = smack_set_label_for_self(g_subject.data());
+        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_set_label_for_self()");
+
+        struct smack_accesses *rulesRaw = NULL;
+        ret = smack_accesses_new(&rulesRaw);
+        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_accesses_new()");
+        AccessesUniquePtr rules(rulesRaw, smack_accesses_free);
+        ret = smack_accesses_add(rules.get(), g_subject.data(), g_object.data(), g_rule.data());
+        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_accesses_add()");
+        ret = smack_accesses_apply(rules.get());
+        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_accesses_apply()");
+    }
+
+    //spawning threads
+    for (size_t i = 0 ; i < g_threadsNumber; ++i)
+        threadsVector.push_back(std::thread(cookie_api_thread_function, isSmack));
+
+    //waiting for threads end
+    for (auto itr = threadsVector.begin(); itr != threadsVector.end(); ++itr)
+        itr->join();
+}
+
+
+RUNNER_TEST_GROUP_INIT(stress_tests)
+
+RUNNER_CHILD_TEST_SMACK(tc_stress_cookie_api_smack)
+{
+    testFunction(true);
+
+    RUNNER_ASSERT_MSG(g_successes == g_threadsNumber,
+                      "Not all threads exit with success: "
+                      << g_successes << "/ " << g_threadsNumber
+                      << std::endl << "Errors:" << std::endl << g_errors);
+}
+
+RUNNER_CHILD_TEST_NOSMACK(tc_stress_cookie_api_no_smack)
+{
+    testFunction(false);
+
+    RUNNER_ASSERT_MSG(g_successes == g_threadsNumber,
+                      "Not all threads exit with success: "
+                      << g_successes << "/ " << g_threadsNumber
+                      << std::endl << "Errors:" << std::endl << g_errors);
+}
+
+
+
+int main (int argc, char *argv[])
+{
+    int status = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+    return status;
+}
+

diff --git a/tests/security-tests-all.sh b/tests/security-tests-all.sh
index 506d8c7..d1c4bab 100644 (file)
--- a/tests/security-tests-all.sh
+++ b/tests/security-tests-all.sh
@@ -14,4 +14,5 @@ security-tests.sh ss-clientsmack --output=text $ign
 security-tests.sh ss-server --output=text $ign
 security-tests.sh ss-password --output=text $ign
 security-tests.sh ss-dbus --output=text $ign
+security-tests.sh ss-stress --output=text $ign
 echo "[Done]"

diff --git a/tests/security-tests.sh b/tests/security-tests.sh
index 81bf59d..1a550f7 100644 (file)
--- a/tests/security-tests.sh
+++ b/tests/security-tests.sh
@@ -28,7 +28,6 @@ case $1 in
     echo
     libsmack-test $2 $3
     ;;
-
 "libprivilege-control")
     echo "========================================================================="
     echo $1
@@ -41,6 +40,12 @@ case $1 in
     echo
     security-server-tests-client-smack $2 $3
     ;;
+"ss-stress")
+    echo "========================================================================="
+    echo "SECURITY SERVER TEST STRESS"
+    echo
+    security-server-tests-stress $2 $3
+    ;;
 "ss-server")
     echo "========================================================================="
     echo "SECURITY SERVER TEST SERVER"
@@ -71,7 +76,7 @@ case $1 in
     echo "    security_test.sh <module> <args_for_module>"
     echo
     echo "modules: smack, libprivilege-control, ss-clientsmack"
-    echo "         ss-server, ss-api-speed, ss-password"
+    echo "         ss-server, ss-api-speed, ss-password, ss-stress"
     ;;
 
 esac