}
/**
- * NOSMACK version of privilege_control05_add_shared_dir_readers test.
- *
- * This test is very similar to it's SMACK version - only difference is different result expected
- * from smack_have_access.
- */
-#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-RUNNER_TEST_NOSMACK(privilege_control05_add_shared_dir_readers_nosmack)
-{
- const char* test_obj = "TEST_OBJECT";
- const char* test_obj_some_other = "TEST_OBJA";
- const char* test_str_01 = "TEST_raz TEST_OBJECT r-x--- ------";
- const char* test_str_21 = "TEST_trzy TEST_OBJA -wx---";
- const char* test_str_22 = "TEST_trzy TEST_OBJECT r-x--- ------";
-
- int result;
- int i;
- int fd = -1;
-
- const char* app_labels_wrong[] = {"-TEST_raz", NULL};
- const char* app_labels[] = {"TEST_raz", "TEST_dwa", "TEST_trzy", NULL};
- const int READ_BUF_SIZE = 1000;
- char buf[READ_BUF_SIZE];
- smack_accesses* tmp = NULL;
-
- //test environment cleaning
- cleaning_smack_app_files();
-
- //test what happens when the label is not correct SMACK label
- result = add_shared_dir_readers(test_obj,app_labels_wrong);
- RUNNER_ASSERT_MSG(result == PC_ERR_INVALID_PARAM,
- "add_shared_dir_readers should fail here. Result: " << result);
- result = smack_have_access(app_labels_wrong[0],test_obj,"rx");
- RUNNER_ASSERT_MSG(result != 1,
- "add_shared_dir_readers should not grant permission here. Result: " << result);
-
- //install new apps
- result = smack_accesses_new(&tmp);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in smack_accesses_new. Result: " << result);
-
- //Wrap rules and fd into unique_ptrs for garbage collection
- SmackUniquePtr rules(tmp, smack_accesses_free);
- FDUniquePtr fd_ptr(&fd, closefdptr);
-
- std::stringstream path;
- for (i = 0; i < 3; i++) {
- result = perm_app_revoke_permissions(app_labels[i]);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_revoke_permissions. Result: " << result);
- result = perm_app_uninstall(app_labels[i]);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_install. Result: " << result);
- result = perm_app_install(app_labels[i]);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_install. Result: " << result);
-
- path << SMACK_RULES_DIR << app_labels[i];
-
- fd = open(path.str().c_str(), O_WRONLY, 0644);
- RUNNER_ASSERT_MSG(fd != -1, "Error in opening file");
-
- if (i == 1) {
- result = smack_accesses_add(rules.get(), app_labels[i], test_obj, "wt");
- RUNNER_ASSERT_MSG(result == 0,
- "smack_accesses_add failed. Result: " << result);
- }
-
- if (i == 2) {
- result = smack_accesses_new(&tmp);
- RUNNER_ASSERT_MSG(result == 0,
- "Failed to allocate memory for rules.");
-
- rules.reset(tmp);
-
- result = smack_accesses_add(rules.get(), app_labels[i],
- test_obj_some_other, "wx");
- RUNNER_ASSERT_MSG(result == 0,
- "smack_accesses_add failed. Result: " << result);
- }
-
- result = smack_accesses_apply(rules.get());
- RUNNER_ASSERT_MSG(result == -1,
- "smack_accesses_apply should fail (SMACK is off). Result: " << result);
-
- result = smack_accesses_save(rules.get(), fd);
- RUNNER_ASSERT_MSG(result == 0,
- "smack_accesses_save failed. Result: " << result);
-
- //cleanup
- path.str(std::string());
- }
-
- //Use add_shared_dir_readers and check if smack_have_access still fails
- result = add_shared_dir_readers(test_obj,app_labels);
- RUNNER_ASSERT_MSG(result == 0, "add_shared_dir_readers failed. Result: " << result);
-
- result = smack_have_access(app_labels[0],test_obj,"rx");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
-
- result = smack_have_access(app_labels[1],test_obj,"rx");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
-
- result = smack_have_access(app_labels[2],test_obj,"rx");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
-
- result = smack_have_access(app_labels[1],test_obj,"rwxt");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
-
- result = smack_have_access(app_labels[2],test_obj_some_other,"wx");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
-
- //Test if files are properly formatted
- path << SMACK_RULES_DIR << app_labels[0];
- RUNNER_ASSERT_MSG(path.good(), "Failed to create file path. Error: " << strerror(errno));
-
- std::fstream fs(path.str().c_str(), std::ios_base::in);
- RUNNER_ASSERT_MSG(fs.good(), "Opening file stream failed. Error: " << strerror(errno));
-
- fs.get(buf, READ_BUF_SIZE);
- result = strcmp(buf, test_str_01);
- RUNNER_ASSERT_MSG(result == 0,
- "add_shared_dir_readers ERROR, file not formatted " << path.str().c_str() <<
- ". Result: " << result);
-
- //Clean up before another test
- path.str(std::string());
- fs.close();
-
- path << SMACK_RULES_DIR << app_labels[2];
- RUNNER_ASSERT_MSG(path.good(), "Failed to create file path. Error: " << strerror(errno));
-
- fs.open(path.str().c_str(), std::ios_base::in);
- RUNNER_ASSERT_MSG(fs.good(), "fopen failed, errno:" << strerror(errno));
-
- fs.getline(buf, READ_BUF_SIZE);
- result = strcmp(buf, test_str_21);
- RUNNER_ASSERT_MSG( result == 0,
- "add_shared_dir_readers ERROR, file not formatted " << path.str().c_str()
- << ". Result: " << result);
-
- fs.getline(buf, READ_BUF_SIZE);
- result = strcmp(buf, test_str_22);
- RUNNER_ASSERT_MSG( result == 0,
- "add_shared_dir_readers ERROR, file not formatted " << path.str().c_str()
- << ". Result: " << result);
-}
-#pragma GCC diagnostic warning "-Wdeprecated-declarations"
-
-
-/**
* NOSMACK version of privilege_control05_set_app_privilege test.
*
* Another very similar test to it's SMACK version, this time smack_new_label_from_self is
}
/**
- * NOSMACK version of privilege_control14 test.
- *
- * Similarily as app_enable_permissions test. This time perm_app_add_friend is called twice, once
- * when both friends exist, and then when one of them doesn't exist. Other tests are not required -
- * results would be the same as earlier.
- */
-RUNNER_TEST_NOSMACK(privilege_control14_app_add_friend_nosmack)
-{
- RUNNER_IGNORED_MSG("perm_app_add_friend is not implemented");
-
- int result;
-
- result = perm_app_revoke_permissions(APP_FRIEND_1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error revoking app permissions. Result: " << result);
- result = perm_app_revoke_permissions(APP_FRIEND_2);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error revoking app permissions. Result: " << result);
-
- perm_app_uninstall(APP_FRIEND_1);
- perm_app_uninstall(APP_FRIEND_2);
-
- //Regular test.
-
- //Installing friends to be
- result = perm_app_install(APP_FRIEND_1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error installing first app. Result: " << result);
- result = perm_app_install(APP_FRIEND_2);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error installing second app. Result: " << result);
-
- //Making friends
- result = perm_app_add_friend(APP_FRIEND_1, APP_FRIEND_2);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error during friend making. Result: " << result);
-
- //Same as previous tests, smack_have_access should error.
- result = smack_have_access(APP_FRIEND_1, APP_FRIEND_2, "rwxat");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
- result = smack_have_access(APP_FRIEND_2, APP_FRIEND_1, "rwxat");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
-
- //Clean up
- result = perm_app_revoke_permissions(APP_FRIEND_1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error revoking app permissions. Result: " << result);
- result = perm_app_revoke_permissions(APP_FRIEND_2);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error revoking app permissions. Result: " << result);
-
- perm_app_uninstall(APP_FRIEND_1);
- perm_app_uninstall(APP_FRIEND_2);
-
-
- //Befriending with imaginary friend.
-
- //Installing one friend
- result = perm_app_install(APP_FRIEND_1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error installing first app. Result: " << result);
-
- //Adding imaginairy friend as second
- result = perm_app_add_friend(APP_FRIEND_1, APP_FRIEND_2);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error making friends (first) with imaginairy friend failed. Result: " << result);
- //Adding imaginairy friend as first
- result = perm_app_add_friend(APP_FRIEND_2, APP_FRIEND_1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error making friends (second) with imaginairy friend failed. Result: " << result);
-
- //Same as previous tests, smack_have_access should error.
- result = smack_have_access(APP_FRIEND_1, APP_FRIEND_2, "rwxat");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
- result = smack_have_access(APP_FRIEND_2, APP_FRIEND_1, "rwxat");
- RUNNER_ASSERT_MSG(result == -1,
- "smack_have_access should return error (SMACK is off). Result: " << result);
-
- //Clean up
- result = perm_app_revoke_permissions(APP_FRIEND_1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error revoking app permissions. Result: " << result);
- result = perm_app_revoke_permissions(APP_FRIEND_2);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error revoking app permissions. Result: " << result);
-
- perm_app_uninstall(APP_FRIEND_1);
- perm_app_uninstall(APP_FRIEND_2);
-}
-
-/**
* NOSMACK version of privilege_control15_app_id_from_socket.
*
* SMACK version of this test case utilized smack_new_label_from_self and smack_set_label_for_self.
projects / platform / core / test / security-tests.git / commitdiff