#define APP_SET_PRIV_PATH "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP"
#define APP_SET_PRIV_PATH_REAL "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP_REAL"
-#define WGT_APP_LABEL "wgt_QwCqJ0ttyS"
-#define WGT_PARTNER_APP_LABEL "wgt_partner_7btsV1Y0sX"
-#define WGT_PLATFORM_APP_LABEL "wgt_platform_G4DE3U2vmW"
#define WGT_APP_ID "QwCqJ0ttyS"
#define WGT_PARTNER_APP_ID "7btsV1Y0sX"
#define WGT_PLATFORM_APP_ID "G4DE3U2vmW"
const char *PRIVS2_NO_R[] = { "test_privilege_control_rules2_no_r", NULL };
const char *PRIVS2_R[] = { "test_privilege_control_rules2_r", NULL };
const char *PRIVS2_R_AND_NO_R[] = { "test_privilege_control_rules2_r", "test_privilege_control_rules2_no_r", NULL };
-const char *PRIVS_WGT[] = { "WRT", "test_privilege_control_rules_wgt", NULL };
-const char *PRIVS_WGT_PARTNER[] = { "WRT_partner", "test_privilege_control_rules_wgt", NULL };
-const char *PRIVS_WGT_PLATFORM[] = { "WRT_platform", "test_privilege_control_rules_wgt", NULL };
+const char *PRIVS_WGT[] = { "test_privilege_control_rules_wgt", NULL };
#define LIBPRIVILEGE_APP_GROUP_LIST "/usr/share/privilege-control/app_group_list"
#define LIBPRIVILEGE_TEST_DAC_FILE "/usr/share/privilege-control/test_privilege_control_rules.dac"
// Rules from test_privilege_control_rules_wgt.smack for wgt
const std::vector< std::vector<std::string> > rules_wgt = {
- { WGT_APP_LABEL, "test_book_8", "r" },
- { WGT_APP_LABEL, "test_book_9", "w" },
- { WGT_APP_LABEL, "test_book_10", "x" },
- { WGT_APP_LABEL, "test_book_11", "rw" },
- { WGT_APP_LABEL, "test_book_12", "rx" },
- { WGT_APP_LABEL, "test_book_13", "wx" },
- { WGT_APP_LABEL, "test_book_14", "rwx" },
- { WGT_APP_LABEL, "test_book_15", "rwxat" },
- { "test_subject_8", WGT_APP_LABEL, "r" },
- { "test_subject_9", WGT_APP_LABEL, "w" },
- { "test_subject_10", WGT_APP_LABEL, "x" },
- { "test_subject_11", WGT_APP_LABEL, "rw" },
- { "test_subject_12", WGT_APP_LABEL, "rx" },
- { "test_subject_13", WGT_APP_LABEL, "wx" },
- { "test_subject_14", WGT_APP_LABEL, "rwx" },
- { "test_subject_15", WGT_APP_LABEL, "rwxat" }};
+ { WGT_APP_ID, "test_book_8", "r" },
+ { WGT_APP_ID, "test_book_9", "w" },
+ { WGT_APP_ID, "test_book_10", "x" },
+ { WGT_APP_ID, "test_book_11", "rw" },
+ { WGT_APP_ID, "test_book_12", "rx" },
+ { WGT_APP_ID, "test_book_13", "wx" },
+ { WGT_APP_ID, "test_book_14", "rwx" },
+ { WGT_APP_ID, "test_book_15", "rwxat" },
+ { "test_subject_8", WGT_APP_ID, "r" },
+ { "test_subject_9", WGT_APP_ID, "w" },
+ { "test_subject_10", WGT_APP_ID, "x" },
+ { "test_subject_11", WGT_APP_ID, "rw" },
+ { "test_subject_12", WGT_APP_ID, "rx" },
+ { "test_subject_13", WGT_APP_ID, "wx" },
+ { "test_subject_14", WGT_APP_ID, "rwx" },
+ { "test_subject_15", WGT_APP_ID, "rwxat" }};
// Rules from test_privilege_control_rules_wgt.smack for wgt_partner
const std::vector< std::vector<std::string> > rules_wgt_partner = {
- { WGT_PARTNER_APP_LABEL, "test_book_8", "r" },
- { WGT_PARTNER_APP_LABEL, "test_book_9", "w" },
- { WGT_PARTNER_APP_LABEL, "test_book_10", "x" },
- { WGT_PARTNER_APP_LABEL, "test_book_11", "rw" },
- { WGT_PARTNER_APP_LABEL, "test_book_12", "rx" },
- { WGT_PARTNER_APP_LABEL, "test_book_13", "wx" },
- { WGT_PARTNER_APP_LABEL, "test_book_14", "rwx" },
- { WGT_PARTNER_APP_LABEL, "test_book_15", "rwxat" },
- { "test_subject_8", WGT_PARTNER_APP_LABEL, "r" },
- { "test_subject_9", WGT_PARTNER_APP_LABEL, "w" },
- { "test_subject_10", WGT_PARTNER_APP_LABEL, "x" },
- { "test_subject_11", WGT_PARTNER_APP_LABEL, "rw" },
- { "test_subject_12", WGT_PARTNER_APP_LABEL, "rx" },
- { "test_subject_13", WGT_PARTNER_APP_LABEL, "wx" },
- { "test_subject_14", WGT_PARTNER_APP_LABEL, "rwx" },
- { "test_subject_15", WGT_PARTNER_APP_LABEL, "rwxat" }};
+ { WGT_PARTNER_APP_ID, "test_book_8", "r" },
+ { WGT_PARTNER_APP_ID, "test_book_9", "w" },
+ { WGT_PARTNER_APP_ID, "test_book_10", "x" },
+ { WGT_PARTNER_APP_ID, "test_book_11", "rw" },
+ { WGT_PARTNER_APP_ID, "test_book_12", "rx" },
+ { WGT_PARTNER_APP_ID, "test_book_13", "wx" },
+ { WGT_PARTNER_APP_ID, "test_book_14", "rwx" },
+ { WGT_PARTNER_APP_ID, "test_book_15", "rwxat" },
+ { "test_subject_8", WGT_PARTNER_APP_ID, "r" },
+ { "test_subject_9", WGT_PARTNER_APP_ID, "w" },
+ { "test_subject_10", WGT_PARTNER_APP_ID, "x" },
+ { "test_subject_11", WGT_PARTNER_APP_ID, "rw" },
+ { "test_subject_12", WGT_PARTNER_APP_ID, "rx" },
+ { "test_subject_13", WGT_PARTNER_APP_ID, "wx" },
+ { "test_subject_14", WGT_PARTNER_APP_ID, "rwx" },
+ { "test_subject_15", WGT_PARTNER_APP_ID, "rwxat" }};
// Rules from test_privilege_control_rules_wgt.smack for wgt_platform
const std::vector< std::vector<std::string> > rules_wgt_platform = {
- { WGT_PLATFORM_APP_LABEL, "test_book_8", "r" },
- { WGT_PLATFORM_APP_LABEL, "test_book_9", "w" },
- { WGT_PLATFORM_APP_LABEL, "test_book_10", "x" },
- { WGT_PLATFORM_APP_LABEL, "test_book_11", "rw" },
- { WGT_PLATFORM_APP_LABEL, "test_book_12", "rx" },
- { WGT_PLATFORM_APP_LABEL, "test_book_13", "wx" },
- { WGT_PLATFORM_APP_LABEL, "test_book_14", "rwx" },
- { WGT_PLATFORM_APP_LABEL, "test_book_15", "rwxat" },
- { "test_subject_8", WGT_PLATFORM_APP_LABEL, "r" },
- { "test_subject_9", WGT_PLATFORM_APP_LABEL, "w" },
- { "test_subject_10", WGT_PLATFORM_APP_LABEL, "x" },
- { "test_subject_11", WGT_PLATFORM_APP_LABEL, "rw" },
- { "test_subject_12", WGT_PLATFORM_APP_LABEL, "rx" },
- { "test_subject_13", WGT_PLATFORM_APP_LABEL, "wx" },
- { "test_subject_14", WGT_PLATFORM_APP_LABEL, "rwx" },
- { "test_subject_15", WGT_PLATFORM_APP_LABEL, "rwxat" }};
+ { WGT_PLATFORM_APP_ID, "test_book_8", "r" },
+ { WGT_PLATFORM_APP_ID, "test_book_9", "w" },
+ { WGT_PLATFORM_APP_ID, "test_book_10", "x" },
+ { WGT_PLATFORM_APP_ID, "test_book_11", "rw" },
+ { WGT_PLATFORM_APP_ID, "test_book_12", "rx" },
+ { WGT_PLATFORM_APP_ID, "test_book_13", "wx" },
+ { WGT_PLATFORM_APP_ID, "test_book_14", "rwx" },
+ { WGT_PLATFORM_APP_ID, "test_book_15", "rwxat" },
+ { "test_subject_8", WGT_PLATFORM_APP_ID, "r" },
+ { "test_subject_9", WGT_PLATFORM_APP_ID, "w" },
+ { "test_subject_10", WGT_PLATFORM_APP_ID, "x" },
+ { "test_subject_11", WGT_PLATFORM_APP_ID, "rw" },
+ { "test_subject_12", WGT_PLATFORM_APP_ID, "rx" },
+ { "test_subject_13", WGT_PLATFORM_APP_ID, "wx" },
+ { "test_subject_14", WGT_PLATFORM_APP_ID, "rwx" },
+ { "test_subject_15", WGT_PLATFORM_APP_ID, "rwxat" }};
namespace {
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
"Error revoking app permissions. Result: " << result);
- result = app_revoke_permissions(WGT_APP_LABEL);
+ result = app_revoke_permissions(WGT_APP_ID);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
"Error revoking app permissions. Result: " << result);
- result = app_revoke_permissions(WGT_PARTNER_APP_LABEL);
+ result = app_revoke_permissions(WGT_PARTNER_APP_ID);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
"Error revoking app permissions. Result: " << result);
- result = app_revoke_permissions(WGT_PLATFORM_APP_LABEL);
+ result = app_revoke_permissions(WGT_PLATFORM_APP_ID);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
"Error revoking app permissions. Result: " << result);
{
int result;
+ result = app_enable_permissions(WGT_APP_ID, APP_TYPE_WGT, PRIVS_WGT, 1);
+ RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
+ " Error enabling app permissions. Result: " << result);
+
+ result = test_have_all_accesses(rules_wgt);
+ RUNNER_ASSERT_MSG(result==1, "Permissions not added.");
+
result = set_app_privilege(WGT_APP_ID, "wgt", WGT_APP_PATH);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in set_app_privilege. Error: " << result);
result = smack_new_label_from_self(&label);
RUNNER_ASSERT_MSG(result == 0, "Error getting current process label");
RUNNER_ASSERT_MSG(label != NULL, "Process label is not set");
- result = strcmp(WGT_APP_LABEL, label);
+ result = strcmp(WGT_APP_ID, label);
RUNNER_ASSERT_MSG(result == 0, "Process label " << label << " is incorrect");
std::set<unsigned> groups_check;
groups_left.append(std::to_string(*it)).append(" ");
}
RUNNER_ASSERT_MSG(groups_check.empty(), "Application doesn't belong to some required groups: " << groups_left);
-
-
- result = app_enable_permissions(APP_ID, APP_TYPE_WGT, PRIVS_WGT, 1);
- RUNNER_ASSERT_MSG(result != PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_any_accesses(rules_wgt);
- RUNNER_ASSERT_MSG(result==0, "Permissions exist.");
-
- result = app_enable_permissions(WGT_APP_ID, APP_TYPE_WGT, PRIVS_WGT, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_all_accesses(rules_wgt);
- RUNNER_ASSERT_MSG(result==1, "Permissions not added.");
}
/**
{
int result;
+ result = app_enable_permissions(WGT_PARTNER_APP_ID, APP_TYPE_WGT_PARTNER, PRIVS_WGT, 1);
+ RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
+ " Error enabling app permissions. Result: " << result);
+
+ result = test_have_all_accesses(rules_wgt_partner);
+ RUNNER_ASSERT_MSG(result==1, "Permissions not added.");
+
result = set_app_privilege(WGT_PARTNER_APP_ID, "wgt_partner", WGT_PARTNER_APP_PATH);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in set_app_privilege. Error: " << result);
result = smack_new_label_from_self(&label);
RUNNER_ASSERT_MSG(result == 0, "Error getting current process label");
RUNNER_ASSERT_MSG(label != NULL, "Process label is not set");
- result = strcmp(WGT_PARTNER_APP_LABEL, label);
+ result = strcmp(WGT_PARTNER_APP_ID, label);
RUNNER_ASSERT_MSG(result == 0, "Process label " << label << " is incorrect");
std::set<unsigned> groups_check;
groups_left.append(std::to_string(*it)).append(" ");
}
RUNNER_ASSERT_MSG(groups_check.empty(), "Application doesn't belong to some required groups: " << groups_left);
-
- result = app_enable_permissions(APP_ID, APP_TYPE_WGT_PARTNER, PRIVS_WGT_PARTNER, 1);
- RUNNER_ASSERT_MSG(result != PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_any_accesses(rules_wgt_partner);
- RUNNER_ASSERT_MSG(result==0, "Permissions exist.");
-
- result = app_enable_permissions(WGT_PARTNER_APP_ID, APP_TYPE_WGT_PARTNER, PRIVS_WGT_PARTNER, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_all_accesses(rules_wgt_partner);
- RUNNER_ASSERT_MSG(result==1, "Permissions not added.");
}
/**
{
int result;
+ result = app_enable_permissions(WGT_PLATFORM_APP_ID, APP_TYPE_WGT_PLATFORM, PRIVS_WGT, 1);
+ RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
+ " Error enabling app permissions. Result: " << result);
+
+ result = test_have_all_accesses(rules_wgt_platform);
+ RUNNER_ASSERT_MSG(result==1, "Permissions not added.");
+
result = set_app_privilege(WGT_PLATFORM_APP_ID, "wgt_platform", WGT_PLATFORM_APP_PATH);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in set_app_privilege. Error: " << result);
result = smack_new_label_from_self(&label);
RUNNER_ASSERT_MSG(result == 0, "Error getting current process label");
RUNNER_ASSERT_MSG(label != NULL, "Process label is not set");
- result = strcmp(WGT_PLATFORM_APP_LABEL, label);
+ result = strcmp(WGT_PLATFORM_APP_ID, label);
RUNNER_ASSERT_MSG(result == 0, "Process label " << label << " is incorrect");
std::set<unsigned> groups_check;
groups_left.append(std::to_string(*it)).append(" ");
}
RUNNER_ASSERT_MSG(groups_check.empty(), "Application doesn't belong to some required groups: " << groups_left);
-
-
- result = app_enable_permissions(APP_ID, APP_TYPE_WGT_PLATFORM, PRIVS_WGT_PLATFORM, 1);
- RUNNER_ASSERT_MSG(result != PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_any_accesses(rules_wgt_platform);
- RUNNER_ASSERT_MSG(result==0, "Permissions exist.");
-
- result = app_enable_permissions(WGT_PLATFORM_APP_ID, APP_TYPE_WGT_PLATFORM, PRIVS_WGT_PLATFORM, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_all_accesses(rules_wgt_platform);
- RUNNER_ASSERT_MSG(result==1, "Permissions not added.");
}
RUNNER_TEST(privilege_control08_app_give_access)
projects / platform / core / test / security-tests.git / commitdiff