return TEST_OK;
}
-static wur int assert_label(char const *label, struct kdbus_item const *item)
+static wur int assert_label(struct kdbus_item const *item, char const *label)
{
- while (KDBUS_ITEM_SECLABEL != item->type)
+ for (;;) {
+ if (KDBUS_ITEM_SECLABEL == item->type) {
+ ASSERT_ZERO(strcmp(item->str, label));
+ return TEST_OK;
+ }
item = KDBUS_ITEM_NEXT(item);
- ASSERT_ZERO(strcmp(item->str, label));
- return TEST_OK;
+ }
+}
+
+static wur int assert_label_uid_gid(struct kdbus_item const *item, char const *label, uid_t uid, gid_t gid)
+{
+ unsigned mask = 3;
+ for (;;) {
+ if (KDBUS_ITEM_SECLABEL == item->type) {
+ ASSERT_ZERO(strcmp(item->str, label));
+ if (!(mask &= ~2U))
+ return TEST_OK;
+ } else if (KDBUS_ITEM_CREDS == item->type) {
+ ASSERT_RETURN(uid,==,item->creds.uid);
+ ASSERT_RETURN(uid,==,item->creds.euid);
+ ASSERT_RETURN(gid,==,item->creds.gid);
+ ASSERT_RETURN(gid,==,item->creds.egid);
+ if (!(mask &= ~1U))
+ return TEST_OK;
+ }
+ item = KDBUS_ITEM_NEXT(item);
+ }
}
static wur int get_label(char *buf, unsigned buf_size)
do len = read(fd, buf, buf_size); while (len < 0 && (EAGAIN==errno || EINTR==errno));
if (len < 0)
return -errno;
- if (len == buf_size)
+ if ((unsigned)len == buf_size)
return -ENAMETOOLONG;
buf[len] = 0;
if (0 > close(fd))
ASSERT_ZERO(kdbus_conn_info(conn, id, NULL, KDBUS_ATTACH_SECLABEL, &offset));
struct kdbus_info *info = (struct kdbus_info *)(conn->buf + offset);
ASSERT_RETURN(info->id,==,id);
- ASSERT_ZERO(assert_label(label, info->items));
+ ASSERT_ZERO(assert_label(info->items, label));
+ ASSERT_ZERO(kdbus_free(conn, offset));
+ return 0;
+}
+
+static wur int assert_info_label_uid_gid(struct kdbus_conn *conn, uint64_t id, char const *label, uid_t uid, gid_t gid)
+{
+ uint64_t offset = 0;
+ ASSERT_ZERO(kdbus_conn_info(conn, id, NULL, KDBUS_ATTACH_SECLABEL|KDBUS_ATTACH_CREDS, &offset));
+ struct kdbus_info *info = (struct kdbus_info *)(conn->buf + offset);
+ ASSERT_RETURN(info->id,==,id);
+ ASSERT_ZERO(assert_label_uid_gid(info->items, label, uid, gid));
ASSERT_ZERO(kdbus_free(conn, offset));
return 0;
}
-wur int kdbus_test_dynamic_seclabel(struct kdbus_test_env *env)
+wur int kdbus_test_update_metadata(struct kdbus_test_env *env)
{
char old_label[65536];
char const *labels[] = {"System::Privileged", "UserTest"};
struct kdbus_msg *msg;
ASSERT_ZERO(kdbus_msg_send(env->conn, NULL, 1, 0, 0, 0, env->conn->id));
ASSERT_ZERO(kdbus_msg_recv(env->conn, &msg, NULL));
- ASSERT_ZERO(assert_label(label, msg->items));
+ ASSERT_ZERO(assert_label(msg->items, label));
kdbus_msg_free(msg);
}
ASSERT_ZERO(assert_info_label(env->conn, env->conn->id, prev_label));
struct kdbus_conn *child;
ASSERT_EXIT_ZERO(set_label("wuj"));
ASSERT_EXIT_NONZERO(child = kdbus_hello(env->buspath, 0, NULL, 0));
+ ASSERT_EXIT_ZERO(drop_privileges(UNPRIV_UID, UNPRIV_GID));
+ ASSERT_EXIT_ZERO(kdbus_cmd_update_metadata(child->fd));
for (i=TABSIZE(labels); --i;) {
char const *label = labels[i];
ASSERT_EXIT_ZERO(kdbus_msg_send(child, NULL, 1+i, 0, 0, 0, env->conn->id));
struct kdbus_msg *msg;
ASSERT_EXIT_ZERO(kdbus_msg_recv_poll(child, 500, &msg, NULL));
ASSERT_EXIT(i,==,msg->cookie_reply-1);
- ASSERT_EXIT_ZERO(assert_label(label, msg->items));
+ ASSERT_EXIT_ZERO(assert_label(msg->items, label));
kdbus_msg_free(msg);
}
ASSERT_EXIT_ZERO(assert_info_label(child, env->conn->id, label));
struct kdbus_msg *msg;
ASSERT_ZERO(kdbus_msg_recv_poll(env->conn, 500, &msg, NULL));
ASSERT_RETURN(i,==,msg->cookie-1);
- ASSERT_ZERO(assert_label("wuj", msg->items));
+ ASSERT_ZERO(assert_label_uid_gid(msg->items, "wuj", UNPRIV_UID, UNPRIV_GID));
ASSERT_ZERO(set_label(labels[i]));
ASSERT_ZERO(kdbus_cmd_update_metadata(env->conn->fd));
ASSERT_ZERO(kdbus_msg_send_reply(env->conn, i+1, msg->src_id));
- ASSERT_ZERO(assert_info_label(env->conn, msg->src_id, "wuj"));
+ ASSERT_ZERO(assert_info_label_uid_gid(env->conn, msg->src_id, "wuj", UNPRIV_UID, UNPRIV_GID));
kdbus_msg_free(msg);
}
}));
projects / platform / kernel / linux-exynos.git / commitdiff