SM: Rename and use one label generators

Change-Id: Iee19a490a5da8076c03260c86d58dd13baa60ba7

diff --git a/src/security-manager-tests/common/app_install_helper.h b/src/security-manager-tests/common/app_install_helper.h
index 5162ba8..2a15dc4 100644 (file)
--- a/src/security-manager-tests/common/app_install_helper.h
+++ b/src/security-manager-tests/common/app_install_helper.h
@@ -23,6 +23,7 @@
 #include <sys/smack.h>
 
 #include <dpl/test/test_runner.h>
+#include <sm_commons.h>
 #include <tzplatform.h>
 
 struct AppInstallHelper {
@@ -90,11 +91,11 @@ struct AppInstallHelper {
     }
 
     std::string generateAppLabel() const {
-        return "User::App::" + getAppId();
+        return generateProcessLabel(getAppId());
     }
 
     std::string generatePkgLabel() const {
-        return "User::Pkg::" + getPkgId();
+        return generatePathRWLabel(getPkgId());
     }
 
     void removePaths() {

diff --git a/src/security-manager-tests/common/sm_commons.cpp b/src/security-manager-tests/common/sm_commons.cpp
index 53013d4..31cf3e2 100644 (file)
--- a/src/security-manager-tests/common/sm_commons.cpp
+++ b/src/security-manager-tests/common/sm_commons.cpp
@@ -65,12 +65,12 @@ const std::string uidToStr(const uid_t uid)
 
 // Common implementation details
 
-std::string generateAppLabel(const std::string &appId)
+std::string generateProcessLabel(const std::string &appId)
 {
     return "User::App::" + appId;
 }
 
-std::string generatePkgLabel(const std::string &pkgId)
+std::string generatePathRWLabel(const std::string &pkgId)
 {
     return "User::Pkg::" + pkgId;
 }
@@ -217,7 +217,7 @@ void check_app_permissions(const char *const app_id, const char *const pkg_id,
                            const privileges_t &denied_privs)
 {
     (void) pkg_id;
-    std::string smackLabel = generateAppLabel(app_id);
+    std::string smackLabel = generateProcessLabel(app_id);
 
     CynaraTestClient::Client ctc;
 
@@ -313,14 +313,14 @@ void check_app_path_after_install(int app_num, const char *pkgId, bool others_en
     std::string SM_PUBLIC_RO_PATH = genPublicROPath(app_num);
     int result;
 
-    nftw_expected_label = generatePkgLabel(pkgId);
+    nftw_expected_label = generatePathRWLabel(pkgId);
     nftw_expected_transmute = true;
     nftw_expected_exec = false;
 
     result = nftw(SM_RW_PATH.c_str(), &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS);
     RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_RW_PATH);
 
-    nftw_expected_label = generatePkgLabel(pkgId) + "::RO";
+    nftw_expected_label = generatePathRWLabel(pkgId) + "::RO";
     nftw_expected_transmute = false;
     nftw_expected_exec = false;
 

diff --git a/src/security-manager-tests/common/sm_commons.h b/src/security-manager-tests/common/sm_commons.h
index efd0b40..971eace 100644 (file)
--- a/src/security-manager-tests/common/sm_commons.h
+++ b/src/security-manager-tests/common/sm_commons.h
@@ -25,7 +25,6 @@
 
 #include <security-manager-types.h>
 
-#include <app_install_helper.h>
 #include <memory.h>
 #include <sm_db.h>
 #include <temp_test_user.h>
@@ -49,8 +48,8 @@ const std::string SM_RW_PATH =
 
 const std::string uidToStr(const uid_t uid);
 
-std::string generateAppLabel(const std::string &appId);
-std::string generatePkgLabel(const std::string &pkgId);
+std::string generateProcessLabel(const std::string &appId);
+std::string generatePathRWLabel(const std::string &pkgId);
 std::string genRWPath(int app_num);
 std::string genROPath(int app_num);
 std::string genPublicROPath(int app_num);

diff --git a/src/security-manager-tests/test_cases.cpp b/src/security-manager-tests/test_cases.cpp
index 3899c04..a4d95db 100644 (file)
--- a/src/security-manager-tests/test_cases.cpp
+++ b/src/security-manager-tests/test_cases.cpp
@@ -172,7 +172,7 @@ RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid)
     const char *const app_id = "sm_test_03_app_id_set_label_from_appid_smack";
     const char *const pkg_id = "sm_test_03_pkg_id_set_label_from_appid_smack";
     const char *const socketLabel = "not_expected_label";
-    std::string expected_label = generateAppLabel(app_id);
+    std::string expected_label = generateProcessLabel(app_id);
     std::string expected_socket_label = socketLabel;
     char *label = nullptr;
     CStringPtr labelPtr;

diff --git a/src/security-manager-tests/test_cases_credentials.cpp b/src/security-manager-tests/test_cases_credentials.cpp
index d2811e8..ce5c1f9 100644 (file)
--- a/src/security-manager-tests/test_cases_credentials.cpp
+++ b/src/security-manager-tests/test_cases_credentials.cpp
@@ -112,7 +112,7 @@ RUNNER_CHILD_TEST(security_manager_51a_get_id_by_socket)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int sock, pid_t) {
         std::string rcvPkgId, rcvAppId;
@@ -140,7 +140,7 @@ RUNNER_CHILD_TEST(security_manager_51b_get_id_by_socket)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int sock, pid_t) {
         std::string rcvPkgId, rcvAppId;
@@ -164,7 +164,7 @@ RUNNER_CHILD_TEST(security_manager_51c_get_id_by_socket)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int sock, pid_t) {
         std::string rcvPkgId;
@@ -190,7 +190,7 @@ RUNNER_CHILD_TEST(security_manager_51d_get_id_by_socket)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int sock, pid_t) {
         std::string rcvAppId;
@@ -216,7 +216,7 @@ RUNNER_CHILD_TEST(security_manager_51e_get_id_by_socket)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int sock, pid_t) {
         Api::getPkgIdBySocket(sock, nullptr, nullptr, SECURITY_MANAGER_ERROR_INPUT_PARAM);
@@ -239,7 +239,7 @@ RUNNER_CHILD_TEST(security_manager_52a_get_id_by_pid)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int, pid_t pid) {
         std::string rcvPkgId, rcvAppId;
@@ -267,7 +267,7 @@ RUNNER_CHILD_TEST(security_manager_52b_get_id_by_pid)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int, pid_t pid) {
         std::string rcvPkgId, rcvAppId;
@@ -291,7 +291,7 @@ RUNNER_CHILD_TEST(security_manager_52c_get_id_by_pid)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int, pid_t pid) {
         std::string rcvPkgId;
@@ -317,7 +317,7 @@ RUNNER_CHILD_TEST(security_manager_52d_get_id_by_pid)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int, pid_t pid) {
         std::string rcvAppId;
@@ -343,7 +343,7 @@ RUNNER_CHILD_TEST(security_manager_52e_get_id_by_pid)
 
     Api::install(requestInst);
 
-    std::string smackLabel = generateAppLabel(sm_app_id);
+    std::string smackLabel = generateProcessLabel(sm_app_id);
 
     clientTestTemplate([&] (int sock, pid_t) {
         Api::getPkgIdByPid(sock, nullptr, nullptr, SECURITY_MANAGER_ERROR_INPUT_PARAM);

diff --git a/src/security-manager-tests/test_cases_dyntransition.cpp b/src/security-manager-tests/test_cases_dyntransition.cpp
index 76ab8ac..28b7a35 100644 (file)
--- a/src/security-manager-tests/test_cases_dyntransition.cpp
+++ b/src/security-manager-tests/test_cases_dyntransition.cpp
@@ -59,7 +59,7 @@ static UidGidMsg readCreds(int pipefd0)
 
 static void testSetLabelForSelf(const char *app_id, bool expected_success)
 {
-    std::string label =  generateAppLabel(app_id);
+    std::string label =  generateProcessLabel(app_id);
     int result = smack_set_label_for_self(label.c_str());
     if (expected_success)
         RUNNER_ASSERT_MSG(result == 0, "smack_set_label_for_self(" << label <<

diff --git a/src/security-manager-tests/test_cases_privacy_manager.cpp b/src/security-manager-tests/test_cases_privacy_manager.cpp
index 3f651d3..7645f55 100644 (file)
--- a/src/security-manager-tests/test_cases_privacy_manager.cpp
+++ b/src/security-manager-tests/test_cases_privacy_manager.cpp
@@ -772,7 +772,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
 
         waitPid(pid);
 
-        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
+        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
     }
     if(pid == 0)
@@ -839,7 +839,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
 
         waitPid(pid);
 
-        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_other_app_id).c_str(),
+        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_other_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
     }
     if(pid == 0)
@@ -907,7 +907,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_sel
 
         waitPid(pid);
 
-        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
+        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
     }
     if(pid == 0)
@@ -1050,7 +1050,7 @@ RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
 
         waitPid(pid[0]);
 
-        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
+        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
 
         pid[1] = fork();
@@ -1068,7 +1068,7 @@ RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
 
             waitPid(pid[1]);
 
-            admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
+            admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id).c_str(),
                     std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_DENY, nullptr);
         }
         if(pid[1] == 0)

diff --git a/src/security-manager-tests/test_cases_public_sharing.cpp b/src/security-manager-tests/test_cases_public_sharing.cpp
index 8366fcb..b021864 100644 (file)
--- a/src/security-manager-tests/test_cases_public_sharing.cpp
+++ b/src/security-manager-tests/test_cases_public_sharing.cpp
@@ -55,7 +55,7 @@ void test_success_worker(const std::string &appName, int test_num)
 {
     std::string SM_OWNER_RW_OTHERS_RO_PATH = genOwnerRWOthersROPath(test_num);
 
-    changeSecurityContext(generateAppLabel(appName), APP_UID, APP_GID);
+    changeSecurityContext(generateProcessLabel(appName), APP_UID, APP_GID);
 
     RUNNER_ASSERT_ERRNO_MSG(::access(SM_OWNER_RW_OTHERS_RO_PATH.c_str(), R_OK|X_OK) != -1,
         "access (" << SM_OWNER_RW_OTHERS_RO_PATH << ") from " << appName << " failed " << " to " << SM_OWNER_RW_OTHERS_RO_PATH );
@@ -65,7 +65,7 @@ void test_fail_worker(const std::string &appName, int test_num)
 {
     std::string SM_OWNER_RW_OTHERS_RO_PATH = genOwnerRWOthersROPath(test_num);
 
-    changeSecurityContext(generateAppLabel(appName), APP_UID, APP_GID);
+    changeSecurityContext(generateProcessLabel(appName), APP_UID, APP_GID);
 
     RUNNER_ASSERT_MSG(::access(SM_OWNER_RW_OTHERS_RO_PATH.c_str(), R_OK|X_OK) == -1,
         "access (" << SM_OWNER_RW_OTHERS_RO_PATH << ") from " << appName

diff --git a/src/security-manager-tests/test_cases_register_paths.cpp b/src/security-manager-tests/test_cases_register_paths.cpp
index 252d440..5857c55 100644 (file)
--- a/src/security-manager-tests/test_cases_register_paths.cpp
+++ b/src/security-manager-tests/test_cases_register_paths.cpp
@@ -374,7 +374,7 @@ RUNNER_TEST(security_manager_68_path_req_shared_ro_2_X)
     Api::registerPaths(preq);
 
     // check labels
-    check_path(path, generatePkgLabel(sm_pkg_id) + "::SharedRO");
+    check_path(path, generatePathRWLabel(sm_pkg_id) + "::SharedRO");
 }
 
 RUNNER_TEST(security_manager_69_path_req_trusted_rw_no_author)

diff --git a/src/security-manager-tests/test_cases_trusted_sharing.cpp b/src/security-manager-tests/test_cases_trusted_sharing.cpp
index a728c3e..975f350 100644 (file)
--- a/src/security-manager-tests/test_cases_trusted_sharing.cpp
+++ b/src/security-manager-tests/test_cases_trusted_sharing.cpp
@@ -131,8 +131,8 @@ RUNNER_TEST(security_manager_43_app_install_with_trusted_path)
     // check rules
     check_exact_access("System", trusted_label, system_access);
     check_exact_access("User", trusted_label, system_access);
-    check_exact_access(generateAppLabel(provider.getAppId()), trusted_label, trusted_access);
-    check_exact_access(generatePkgLabel(provider.getPkgId()), trusted_label, "");
+    check_exact_access(generateProcessLabel(provider.getAppId()), trusted_label, trusted_access);
+    check_exact_access(generatePathRWLabel(provider.getPkgId()), trusted_label, "");
 
     // install trusted app
     InstallRequest trustedApp;
@@ -142,8 +142,8 @@ RUNNER_TEST(security_manager_43_app_install_with_trusted_path)
     Api::install(trustedApp);
 
     // check rules
-    check_exact_access(generateAppLabel(user.getAppId()), trusted_label, trusted_access);
-    check_exact_access(generatePkgLabel(user.getPkgId()), trusted_label, "");
+    check_exact_access(generateProcessLabel(user.getAppId()), trusted_label, trusted_access);
+    check_exact_access(generatePathRWLabel(user.getPkgId()), trusted_label, "");
 
     // install untrusted app
     InstallRequest untrustedApp;
@@ -152,8 +152,8 @@ RUNNER_TEST(security_manager_43_app_install_with_trusted_path)
     Api::install(untrustedApp);
 
     // check rules
-    check_exact_access(generateAppLabel(untrusted.getAppId()), trusted_label, "");
-    check_exact_access(generatePkgLabel(untrusted.getPkgId()), trusted_label, "");
+    check_exact_access(generateProcessLabel(untrusted.getAppId()), trusted_label, "");
+    check_exact_access(generatePathRWLabel(untrusted.getPkgId()), trusted_label, "");
 
     // uninstall trusting app
     Api::uninstall(trustingApp);
@@ -161,18 +161,18 @@ RUNNER_TEST(security_manager_43_app_install_with_trusted_path)
     // there's still one app with author id, rules should be kept
     check_exact_access("System", trusted_label, system_access);
     check_exact_access("User", trusted_label, system_access);
-    check_exact_access(generateAppLabel(provider.getAppId()), trusted_label, "");
-    check_exact_access(generatePkgLabel(provider.getPkgId()), trusted_label, "");
-    check_exact_access(generateAppLabel(user.getAppId()), trusted_label, trusted_access);
-    check_exact_access(generatePkgLabel(user.getPkgId()), trusted_label, "");
+    check_exact_access(generateProcessLabel(provider.getAppId()), trusted_label, "");
+    check_exact_access(generatePathRWLabel(provider.getPkgId()), trusted_label, "");
+    check_exact_access(generateProcessLabel(user.getAppId()), trusted_label, trusted_access);
+    check_exact_access(generatePathRWLabel(user.getPkgId()), trusted_label, "");
 
     Api::uninstall(trustedApp);
 
     // no more apps with author id
     check_exact_access("System", trusted_label, "");
     check_exact_access("User", trusted_label, "");
-    check_exact_access(generateAppLabel(user.getAppId()), trusted_label, "");
-    check_exact_access(generatePkgLabel(user.getPkgId()), trusted_label, "");
+    check_exact_access(generateProcessLabel(user.getAppId()), trusted_label, "");
+    check_exact_access(generatePathRWLabel(user.getPkgId()), trusted_label, "");
 
     Api::uninstall(untrustedApp);
 }
@@ -268,26 +268,26 @@ RUNNER_TEST(security_manager_46_pkgId_deinstalation_test)
     trustingApp2.setAuthorId(authorId1);
     Api::install(trustingApp2);
 
-    check_exact_access("System", generateAppLabel(trusted1.getAppId()), "rwxl");
-    check_exact_access("User", generateAppLabel(trusted1.getAppId()), "rwxl");
-    check_exact_access("System", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
-    check_exact_access("User", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
-    check_exact_access("System", generateAppLabel(trusted2.getAppId()), "rwxl");
-    check_exact_access("User", generateAppLabel(trusted2.getAppId()), "rwxl");
+    check_exact_access("System", generateProcessLabel(trusted1.getAppId()), "rwxl");
+    check_exact_access("User", generateProcessLabel(trusted1.getAppId()), "rwxl");
+    check_exact_access("System", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
+    check_exact_access("User", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
+    check_exact_access("System", generateProcessLabel(trusted2.getAppId()), "rwxl");
+    check_exact_access("User", generateProcessLabel(trusted2.getAppId()), "rwxl");
 
     Api::uninstall(trustingApp2);
 
-    check_exact_access("System", generateAppLabel(trusted1.getAppId()), "rwxl");
-    check_exact_access("User", generateAppLabel(trusted1.getAppId()), "rwxl");
-    check_exact_access("System", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
-    check_exact_access("User", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
-    check_exact_access("System", generateAppLabel(trusted2.getAppId()), "");
-    check_exact_access("User", generateAppLabel(trusted2.getAppId()), "");
+    check_exact_access("System", generateProcessLabel(trusted1.getAppId()), "rwxl");
+    check_exact_access("User", generateProcessLabel(trusted1.getAppId()), "rwxl");
+    check_exact_access("System", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
+    check_exact_access("User", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
+    check_exact_access("System", generateProcessLabel(trusted2.getAppId()), "");
+    check_exact_access("User", generateProcessLabel(trusted2.getAppId()), "");
 
     Api::uninstall(trustingApp);
 
-    check_exact_access("System", generateAppLabel(trusted1.getAppId()), "");
-    check_exact_access("User", generateAppLabel(trusted1.getAppId()), "");
-    check_exact_access("System", generatePkgLabel(trusted1.getPkgId()), "");
-    check_exact_access("User", generatePkgLabel(trusted1.getPkgId()), "");
+    check_exact_access("System", generateProcessLabel(trusted1.getAppId()), "");
+    check_exact_access("User", generateProcessLabel(trusted1.getAppId()), "");
+    check_exact_access("System", generatePathRWLabel(trusted1.getPkgId()), "");
+    check_exact_access("User", generatePathRWLabel(trusted1.getPkgId()), "");
 }