* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+*/
/*
* @file test_cases.cpp
RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for non-app dir");
}
-RUNNER_TEST(privilege_control03_app_label_shared_dir)
+RUNNER_TEST_SMACK(privilege_control03_app_label_shared_dir)
{
int result;
/**
* Add permisions from test_privilege_control_rules template
*/
-RUNNER_TEST(privilege_control04_add_permissions)
+RUNNER_TEST_SMACK(privilege_control04_add_permissions)
{
int result = app_add_permissions(APP_ID, PRIVS);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
}
}
-RUNNER_TEST(privilege_control05_add_shared_dir_readers)
+RUNNER_TEST_SMACK(privilege_control05_add_shared_dir_readers)
{
#define TEST_OBJ "TEST_OBJECT"
#define TEST_OBJ_SOME_OTHER "TEST_OBJA"
RUNNER_ASSERT_MSG(groups_check.empty(), "Application doesn't belong to some required groups: " << groups_left);
}
-RUNNER_CHILD_TEST(privilege_control05_set_app_privilege)
+RUNNER_CHILD_TEST_SMACK(privilege_control05_set_app_privilege)
{
int result;
/**
* Set APP privileges. wgt.
*/
-RUNNER_CHILD_TEST(privilege_control05_set_app_privilege_wgt)
+RUNNER_CHILD_TEST_SMACK(privilege_control05_set_app_privilege_wgt)
{
int result;
/**
* Set APP privileges. wgt_partner.
*/
-RUNNER_CHILD_TEST(privilege_control05_set_app_privilege_wgt_partner)
+RUNNER_CHILD_TEST_SMACK(privilege_control05_set_app_privilege_wgt_partner)
{
int result;
/**
* Set APP privileges. wgt_platform.
*/
-RUNNER_CHILD_TEST(privilege_control05_set_app_privilege_wgt_platform)
+RUNNER_CHILD_TEST_SMACK(privilege_control05_set_app_privilege_wgt_platform)
{
int result;
/**
* Set APP privileges. osp app.
*/
-RUNNER_CHILD_TEST(privilege_control05_set_app_privilege_osp)
+RUNNER_CHILD_TEST_SMACK(privilege_control05_set_app_privilege_osp)
{
int result;
/**
* Set APP privileges. partner osp app.
*/
-RUNNER_CHILD_TEST(privilege_control05_set_app_privilege_osp_partner)
+RUNNER_CHILD_TEST_SMACK(privilege_control05_set_app_privilege_osp_partner)
{
int result;
/**
* Set APP privileges. platform osp app.
*/
-RUNNER_CHILD_TEST(privilege_control05_set_app_privilege_osp_platform)
+RUNNER_CHILD_TEST_SMACK(privilege_control05_set_app_privilege_osp_platform)
{
int result;
* Check app_register_av function
* Notice that this test case may have no sense if previous would fail (privilege_control06_app_install)
*/
-RUNNER_TEST(privilege_control10_app_register_av)
+RUNNER_TEST_SMACK(privilege_control10_app_register_av)
{
int result;
/**
* Grant SMACK permissions based on permissions list.
*/
-RUNNER_TEST(privilege_control11_app_enable_permissions)
+RUNNER_TEST_SMACK(privilege_control11_app_enable_permissions)
{
int result;
int smack_file_length;
* granted rules and enabling them again from a rules file from disk.
*/
-RUNNER_TEST(privilege_control13_app_reset_permissions)
+RUNNER_TEST_SMACK(privilege_control13_app_reset_permissions)
{
int result;
* Make two applications "friends", by giving them both full permissions on
* each other.
*/
-RUNNER_TEST(privilege_control14_app_add_friend)
+RUNNER_TEST_SMACK(privilege_control14_app_add_friend)
{
int result;
free(smack_label);
}
-RUNNER_TEST(privilege_control15_app_id_from_socket)
+RUNNER_TEST_SMACK(privilege_control15_app_id_from_socket)
{
int pid;
struct sockaddr_un sockaddr = {AF_UNIX, SOCK_PATH};
(void)perm_app_uninstall(APP_2);
}
-RUNNER_TEST(privilege_control18_app_setup_path_public)
+RUNNER_TEST_SMACK(privilege_control18_app_setup_path_public)
{
int result;
cleaning_smack_database_files();
}
-RUNNER_TEST(privilege_control19_app_setup_path_settings)
+RUNNER_TEST_SMACK(privilege_control19_app_setup_path_settings)
{
int result;
#header directories
INCLUDE_DIRECTORIES(
${TARGET_DEP_INCLUDE_DIRS}
+ ${PROJECT_SOURCE_DIR}/tests/common/
)
#preprocessor definitions
#linker directories
TARGET_LINK_LIBRARIES(${TARGET_TEST}
${TARGET_DEP_LIBRARIES}
+ tests-common
)
#place for output file
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/wait.h>
+#include "tests_common.h"
#define TEST_SUBJECT "test_subject"
#define TEST_OBJECT "test_oject"
/**
* Add a new access with smack_accesses_add_modify()
*/
-RUNNER_TEST(smack_accesses_add_modify_test_1){
+RUNNER_TEST_SMACK(smack_accesses_add_modify_test_1){
int result;
clean_up();
/**
* Test if rules are applied in the right order, and modification works.
*/
-RUNNER_TEST(smack_accesses_add_modify_test_2){
+RUNNER_TEST_SMACK(smack_accesses_add_modify_test_2){
int result;
struct smack_accesses *rules = NULL;
result = smack_accesses_new(&rules);
* Test if rules are applied in the right order, and modification works.
* Using different smack_accesses list to add and delete.
*/
-RUNNER_TEST(smack_accesses_add_modify_test_3){
+RUNNER_TEST_SMACK(smack_accesses_add_modify_test_3){
int result;
struct smack_accesses *rules = NULL;
result = smack_accesses_new(&rules);
/**
* Add a list of privileges and then revoke just ONE of them.
*/
-RUNNER_TEST(smack_accesses_add_modify_test_4){
+RUNNER_TEST_SMACK(smack_accesses_add_modify_test_4){
int result;
struct smack_accesses *rules = NULL;
result = smack_accesses_new(&rules);
* Add a list of privileges and then revoke just ONE of them.
* Without applying privileges in between those actions.
*/
-RUNNER_TEST(smack_accesses_add_modify_test_5){
+RUNNER_TEST_SMACK(smack_accesses_add_modify_test_5){
int result;
struct smack_accesses *rules = NULL;
result = smack_accesses_new(&rules);
/**
* Add a list of privileges and then revoke just TWO of them.
*/
-RUNNER_TEST(smack_accesses_add_modify_test_6){
+RUNNER_TEST_SMACK(smack_accesses_add_modify_test_6){
int result;
struct smack_accesses *rules = NULL;
result = smack_accesses_new(&rules);
/**
* Run smack_accesses_add_modify with the same accesses_add and accesses_del.
*/
-RUNNER_TEST(smack_accesses_add_modify_test_7){
+RUNNER_TEST_SMACK(smack_accesses_add_modify_test_7){
unsigned int i;
int result;
/**
* Revoke subject with previously added rules and revoke it again.
*/
-RUNNER_TEST(smack_revoke_subject_test_1){
+RUNNER_TEST_SMACK(smack_revoke_subject_test_1){
unsigned int i;
int result;
/**
* Clearing accesses
*/
-RUNNER_TEST(smack_accesses_clear_test_1){
+RUNNER_TEST_SMACK(smack_accesses_clear_test_1){
unsigned int i;
int result;
close(sample);
}
-RUNNER_TEST(smack02_aplying_rules_into_kernel)
+RUNNER_TEST_SMACK(smack02_aplying_rules_into_kernel)
{
/*
* author: Pawel Polawski
"reader8", "#Ax[T].!~W@1}", "-wxat"
};
-RUNNER_TEST(smack03_mixed_rule_string_add)
+RUNNER_TEST_SMACK(smack03_mixed_rule_string_add)
{
/*
* author: Pawel Polawski
smack_accesses_free(rules);
}
-RUNNER_TEST(smack04_mixed_rule_string_have_access)
+RUNNER_TEST_SMACK(smack04_mixed_rule_string_have_access)
{
/*
* author: Pawel Polawski
// - smack_accesses_add_modify("subject", "object", "rwx", "rwx") should create empty rule
//}
-RUNNER_TEST(smack05_self_label)
+RUNNER_TEST_SMACK(smack05_self_label)
{
/*
* author: Pawel Polawski
close(fd);
}
-RUNNER_TEST(smack10_adding_removing_rules)
+RUNNER_TEST_SMACK(smack10_adding_removing_rules)
{
unsigned int i;
int result;
}
}
-RUNNER_TEST(smack11_saving_loading_rules)
+RUNNER_TEST_SMACK(smack11_saving_loading_rules)
{
int result;
int fd;
free(smack_label);
}
-RUNNER_TEST(smack09_new_label_from_socket)
+RUNNER_TEST_SMACK(smack09_new_label_from_socket)
{
int pid;
struct sockaddr_un sockaddr = {AF_UNIX, SOCK_PATH};
INCLUDE_DIRECTORIES(
${SEC_SRV_TESTS_DEP_INCLUDE_DIRS}
+ ${PROJECT_SOURCE_DIR}/tests/common/
)
ADD_DEFINITIONS("-I/usr/include/dbus-1.0/dbus")
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_CLIENT_SMACK_TESTS}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_LABEL_TESTS}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_PID_TESTS}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_TC_SERVER_TESTS}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_PWD_TESTS}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_MT_TESTS}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_DBUS_TESTS}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_MEASURER}
- ${SEC_SRV_TESTS_DEP_LIBRARIES})
+ ${SEC_SRV_TESTS_DEP_LIBRARIES}
+ tests-common)
# Installation
#include <security-server.h>
+#include "tests_common.h"
+
#define ENVIRONMENT \
do { \
const char *subject_label = "mylabel"; \
* Any other size of cookies should be treated as error.
* expected: Function security_server_get_cookie_size returns 20.
*/
-RUNNER_CHILD_TEST(tc01_security_server_get_cookie_size)
+RUNNER_CHILD_TEST_SMACK(tc01_security_server_get_cookie_size)
{
ENVIRONMENT;
* expected: function will set up cookie in the array and return
* SECURITY_SERVER_API_SUCCESS.
*/
-RUNNER_CHILD_TEST(tc02_security_server_request_cookie_normal_case)
+RUNNER_CHILD_TEST_SMACK(tc02_security_server_request_cookie_normal_case)
{
ENVIRONMENT;
* expected: function will set up cookie in the array and return
* SECURITY_SERVER_API_SUCCESS.
*/
-RUNNER_CHILD_TEST(tc03_security_server_request_cookie_too_small_buffer_size)
+RUNNER_CHILD_TEST_SMACK(tc03_security_server_request_cookie_too_small_buffer_size)
{
ENVIRONMENT;
* SECURITY_SERVER_ERROR_NO_SUCH_OBJECT with first call
* and group id with second call
*/
-RUNNER_CHILD_TEST(tc04_security_server_get_gid)
+RUNNER_CHILD_TEST_SMACK(tc04_security_server_get_gid)
{
ENVIRONMENT;
* expected: Function call with access rights set to "r" should return SUCCESS,
* with "rw" should return ACCESS DENIED.
*/
-RUNNER_CHILD_TEST(tc05_check_privilege_by_cookie)
+RUNNER_CHILD_TEST_SMACK(tc05_check_privilege_by_cookie)
{
char cookie[20];
const char *object_label = "tc05objectlabel";
* expected: Function call with access rights set to "r" should return SUCCESS,
* with "rw" should return ACCESS DENIED.
*/
-RUNNER_TEST(tc06_check_privilege_by_sockfd)
+RUNNER_TEST_SMACK(tc06_check_privilege_by_sockfd)
{
const char *object_label = "tc06objectlabel";
const char *access_rights = "r";
* expected: Function call with access rights set to "r" should return SUCCESS,
* with "rw" should return ACCESS DENIED.
*/
-RUNNER_TEST(tc07_check_privilege_by_sockfd)
+RUNNER_TEST_SMACK(tc07_check_privilege_by_sockfd)
{
const char *object_label = "tc07objectlabel";
const char *access_rights = "r";
#include <dbus/dbus.h>
#include <dbus-glib.h>
#include <glib-object.h>
+#include "tests_common.h"
#include "security-server.h"
#include "privilege-control.h"
RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_DBUS);
-RUNNER_TEST(tc01_smack_context_from_DBus)
+RUNNER_TEST_SMACK(tc01_smack_context_from_DBus)
{
int ret = -1;
const char *subject_parent = "subject_parent";
#include <security-server.h>
#include <dpl/test/test_runner.h>
#include <dlog.h>
+#include "tests_common.h"
#include "test.h"
RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_LABEL);
-RUNNER_TEST(tc_security_server_get_smacklabel_cookie) {
+RUNNER_TEST_SMACK(tc_security_server_get_smacklabel_cookie) {
int res;
pid_t mypid;
#include <dlog.h>
#include <privilege-control.h>
#include <ftw.h>
+#include "tests_common.h"
#include "test.h"
#define TEST03_SUBJECT "subject_0f09f7cc"
RUNNER_ASSERT(security_server_get_cookie_pid(NULL) == SECURITY_SERVER_API_ERROR_INPUT_PARAM);
}
-RUNNER_CHILD_TEST(tc01a_security_server_app_give_access)
+RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
{
const char *subject = "abc345v34sfa";
const char *object = "efg678x2lkjz";
RUNNER_ASSERT(0 == smack_have_access(subject, object, "----t"));
}*/
-RUNNER_CHILD_TEST(tc01c_security_server_app_give_access_no_access)
+RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
{
const char *subject = "xxx45v34sfa";
const char *object = "yyy78x2lkjz";
RUNNER_ASSERT(0 == smack_have_access(subject, object, "r"));
}
-RUNNER_TEST(tc02_check_privilege_by_pid)
+RUNNER_TEST_SMACK(tc02_check_privilege_by_pid)
{
int ret;
int pid;
RUNNER_ASSERT(ret != SECURITY_SERVER_API_SUCCESS);
}
-RUNNER_CHILD_TEST(tc03_check_API_passwd_allow)
+RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
{
int ret = -1;
unsigned int attempt, max_attempt, expire_sec;
free(str);
}
-RUNNER_CHILD_TEST(tc05_check_API_middleware_allow)
+RUNNER_CHILD_TEST_SMACK(tc05_check_API_middleware_allow)
{
int ret = -1;
const char *subject_allow = TEST05_SUBJECT;
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
}
-RUNNER_CHILD_TEST(tc07_check_API_data_share_allow)
+RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
{
int ret = -1;
const char *subject_allow = TEST07_SUBJECT;
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
}
-RUNNER_CHILD_TEST(tc08_check_API_data_share_denied)
+RUNNER_CHILD_TEST_SMACK(tc08_check_API_data_share_denied)
{
int ret = -1;
const char *subject_denied = TEST08_SUBJECT;
* @brief Test cases for security server
*
*/
-
+#include "tests_common.h"
#include "security-server.h"
#include <dpl/test/test_runner.h>
#include <dpl/log/log.h>
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
}
-RUNNER_TEST(tc06_security_server_check_privilege_by_sockfd_weird_input_case)
+RUNNER_TEST_SMACK(tc06_security_server_check_privilege_by_sockfd_weird_input_case)
{
int ret = 0;
int sockfd = -1;