--- /dev/null
+/*
+ * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <fcntl.h>
+#include <map>
+#include <string>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/smack.h>
+#include <unistd.h>
+#include <utility>
+
+#include <security-manager-types.h>
+
+#include <dpl/test/test_runner.h>
+#include <sm_commons.h>
+#include <tzplatform.h>
+
+#include "app_install_helper.h"
+
+std::string AppInstallHelper::getInstallDir() const {
+ return m_installDir + getPkgId();
+}
+
+std::string AppInstallHelper::getTrustedDir(int i) const {
+ return getInstallDir() + "/trustedDir" + std::to_string(i);
+}
+
+std::string AppInstallHelper::getPrivateDir() const {
+ return getInstallDir() + "/app_dir/";
+}
+
+std::string AppInstallHelper::getPrivateRODir() const {
+ return getInstallDir() + "/app_dir_ro/";
+}
+
+std::string AppInstallHelper::getPublicDir() const {
+ return getInstallDir() + "/app_public_ro/";
+}
+
+std::string AppInstallHelper::getSharedPath(int i) const {
+ return getPrivateDir() + "shareme" + std::to_string(i);
+}
+
+std::string AppInstallHelper::getSharedRODir() const {
+ return getInstallDir() + "/app_dir_rw_others_ro/";
+}
+
+std::string AppInstallHelper::getAppId() const {
+ return m_appName + "_app_id";
+}
+
+std::string AppInstallHelper::getPkgId() const {
+ return m_pkgName + "_pkg_id";
+}
+
+std::string AppInstallHelper::getVersion() const {
+ return m_version;
+}
+
+int AppInstallHelper::getUID() const {
+ return m_uidGid;
+}
+
+int AppInstallHelper::getGID() const {
+ return m_uidGid;
+}
+
+void AppInstallHelper::createInstallDir() {
+ create(mkdir, getInstallDir());
+}
+
+void AppInstallHelper::createTrustedDir(int i) {
+ if (create(mkdir, getTrustedDir(i)))
+ m_dirTypeMap[SECURITY_MANAGER_PATH_TRUSTED_RW].emplace_back(getTrustedDir(i));
+}
+
+void AppInstallHelper::createPrivateDir() {
+ if (create(mkdir, getPrivateDir()))
+ m_dirTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getPrivateDir());
+}
+
+void AppInstallHelper::createPublicDir() {
+ if (mkdir(getPublicDir().c_str(), 0777) == 0) {
+ m_dirTypeMap[SECURITY_MANAGER_PATH_PUBLIC_RO].emplace_back(getPublicDir());
+ }
+}
+
+void AppInstallHelper::createSharedFile(int i) {
+ if (create(creat, getSharedPath(i)))
+ m_fileTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getSharedPath(i));
+}
+
+void AppInstallHelper::createSharedRODir() {
+ if (create(mkdir, getSharedRODir()))
+ m_dirTypeMap[SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO].emplace_back(getSharedRODir());
+}
+
+void AppInstallHelper::createPrivateRODir() {
+ if (create(mkdir, getPrivateRODir()))
+ m_dirTypeMap[SECURITY_MANAGER_PATH_RO].emplace_back(getPrivateRODir());
+}
+
+void AppInstallHelper::addPrivilege(const std::string &privilege) {
+ m_privileges.push_back(privilege);
+}
+
+void AppInstallHelper::addPrivileges(const std::vector<std::string> &privileges) {
+ std::copy(privileges.begin(), privileges.end(), std::back_inserter(m_privileges));
+}
+
+std::vector<std::string> AppInstallHelper::getPrivileges() const {
+ return m_privileges;
+}
+
+void AppInstallHelper::revokeRules() const {
+ RUNNER_ASSERT_MSG(
+ 0 == smack_revoke_subject(generateAppLabel().c_str()),
+ "Revoking smack subject failed");
+}
+
+std::string AppInstallHelper::generateAppLabel() const {
+ return generateProcessLabel(getAppId(), getPkgId());
+}
+
+std::string AppInstallHelper::generatePkgLabel() const {
+ return generatePathRWLabel(getPkgId());
+}
+
+const AppInstallHelper::TypePathsMap& AppInstallHelper::getDirsMap() const {
+ return m_dirTypeMap;
+}
+
+const AppInstallHelper::TypePathsMap& AppInstallHelper::getFilesMap() const {
+ return m_fileTypeMap;
+}
+
+void AppInstallHelper::removePaths() {
+ // FIXME - remove special treatment for shared ro
+ for (const auto &oneTypePaths : m_dirTypeMap)
+ if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO)
+ for (const auto& path : oneTypePaths.second)
+ rmdir(path.c_str());
+
+ m_dirTypeMap.clear();
+
+ for (const auto &oneTypePaths : m_fileTypeMap)
+ if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO)
+ for (const auto& path : oneTypePaths.second)
+ unlink(path.c_str());
+
+ m_fileTypeMap.clear();
+
+ rmdir(m_installDir.c_str());
+}
+
+void AppInstallHelper::setInstallPath() {
+ if (m_isLocal)
+ m_installDir = TzPlatformConfig::appDirPath(getUID());
+ else
+ m_installDir = TzPlatformConfig::globalAppDir() + "/";
+}
+
+bool AppInstallHelper::create(std::function<int(const char*, mode_t)> &&creatFun, const std::string &path) {
+ if (creatFun(path.c_str(), 0751) == 0) {
+ // Local paths need user change
+ if (!m_isLocal || chown(path.c_str(), m_uidGid, m_uidGid) == 0)
+ return true;
+ }
+ return false;
+}
+
+void AppInstallHelper::setAuthor(const std::string &author) {
+ m_author = author;
+}
+std::string AppInstallHelper::getAuthor() const {
+ return m_author;
+}
+
+void AppInstallHelper::setInstallType(app_install_type type) {
+ m_installType = type;
+}
+app_install_type AppInstallHelper::getInstallType() {
+ return m_installType;
+}
+
#pragma once
#include <fcntl.h>
+#include <functional>
#include <map>
#include <string>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/smack.h>
+#include <vector>
#include <unistd.h>
-#include <utility>
#include <security-manager-types.h>
-#include <dpl/test/test_runner.h>
-#include <sm_commons.h>
-#include <tzplatform.h>
-
const uid_t OWNER_UID = 5001;
const std::string TIZEN_VERSION = "3.0";
using TypePathsMap = std::map<app_install_path_type, std::vector<std::string>>;
AppInstallHelper(const std::string &appName,
const std::string &pkgName,
- bool isLocal = false,
- uid_t uid = OWNER_UID,
- std::string version = TIZEN_VERSION)
- : m_appName(appName), m_pkgName(pkgName), m_isLocal(isLocal), m_uidGid(uid), m_version(version)
+ bool isLocal,
+ uid_t uid,
+ std::string version)
+ : m_appName(appName), m_pkgName(pkgName), m_isLocal(isLocal), m_uidGid(uid), m_version(version),
+ m_installType(SM_APP_INSTALL_NONE)
{
setInstallPath();
}
- AppInstallHelper(const std::string &appName, const std::string &pkgName, std::string version, bool isLocal = false)
- : AppInstallHelper(appName, pkgName, isLocal, OWNER_UID, version)
+ AppInstallHelper(const std::string &name)
+ : AppInstallHelper(name, name, false, geteuid(), TIZEN_VERSION)
{}
- AppInstallHelper(const std::string &name, bool isLocal = false, uid_t uid = OWNER_UID)
- : AppInstallHelper(name, name, isLocal, uid, TIZEN_VERSION)
+ AppInstallHelper(const std::string &appName, const std::string &pkgName)
+ : AppInstallHelper(appName, pkgName, false, geteuid(), TIZEN_VERSION)
{}
- AppInstallHelper(const std::string &appName, const std::string &pkgName, bool isLocal = false)
- : AppInstallHelper(appName, pkgName, isLocal, OWNER_UID, TIZEN_VERSION)
+ AppInstallHelper(const std::string &appName, uid_t uid)
+ : AppInstallHelper(appName, appName, true, uid, TIZEN_VERSION)
{}
- /**
- * This constructor needs to be defined, because in other tests : private_sharing
- * when AppInstallHelper object is initialized from : {"app_id", "pkg_id"}
- * none of arguments is std::string type, but const char*, so
- * implicit conversion is done and AppInstallHelper(const std::string&, int, bool) is called
- */
- AppInstallHelper(const char* const appName, const char* const pkgName, bool isLocal = false)
- : m_appName(appName), m_pkgName(pkgName), m_isLocal(isLocal)
- {
- setInstallPath();
- }
-
- std::string getInstallDir() const {
- return m_installDir + getPkgId();
- }
-
- std::string getTrustedDir(int i = 0) const {
- return getInstallDir() + "/trustedDir" + std::to_string(i);
- }
-
- std::string getPrivateDir() const {
- return getInstallDir() + "/app_dir/";
- }
-
- std::string getSharedPath(int i = 0) const {
- return getPrivateDir() + "shareme" + std::to_string(i);
- }
-
- std::string getSharedRODir() const {
- return getInstallDir() + "/app_dir_rw_others_ro/";
- }
-
- std::string getPrivateRODir() const {
- return getInstallDir() + "/app_dir_ro/";
- }
-
- std::string getAppId() const {
- return m_appName + "_app_id";
- }
-
- std::string getPkgId() const {
- return m_pkgName + "_pkg_id";
- }
-
- std::string getVersion() const {
- return m_version;
- }
-
- int getUID() const {
- return m_uidGid;
- }
-
- int getGID() const {
- return m_uidGid;
- }
-
- void createInstallDir() {
- create(mkdir, getInstallDir());
- }
-
- void createTrustedDir(int i = 0) {
- if (create(mkdir, getTrustedDir(i)))
- m_dirTypeMap[SECURITY_MANAGER_PATH_TRUSTED_RW].emplace_back(getTrustedDir(i));
- }
-
- void createPrivateDir() {
- if (create(mkdir, getPrivateDir()))
- m_dirTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getPrivateDir());
- }
-
- void createSharedFile(int i = 0) {
- if (create(creat, getSharedPath(i)))
- m_fileTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getSharedPath(i));
- }
-
- void createSharedRODir() {
- if (create(mkdir, getSharedRODir()))
- m_dirTypeMap[SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO].emplace_back(getSharedRODir());
- }
-
- void createPrivateRODir() {
- if (create(mkdir, getPrivateRODir()))
- m_dirTypeMap[SECURITY_MANAGER_PATH_RO].emplace_back(getPrivateRODir());
- }
-
- void revokeRules() const {
- RUNNER_ASSERT_MSG(
- 0 == smack_revoke_subject(generateAppLabel().c_str()),
- "Revoking smack subject failed");
- }
-
- std::string generateAppLabel() const {
- return generateProcessLabel(getAppId(), getPkgId());
- }
-
- std::string generatePkgLabel() const {
- return generatePathRWLabel(getPkgId());
- }
-
- const TypePathsMap& getDirsMap() const {
- return m_dirTypeMap;
- }
-
- const TypePathsMap& getFilesMap() const {
- return m_fileTypeMap;
- }
-
- void removePaths() {
- // FIXME - remove special treatment for shared ro
- for (const auto &oneTypePaths : m_dirTypeMap)
- if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO)
- for (const auto& path : oneTypePaths.second)
- rmdir(path.c_str());
-
- m_dirTypeMap.clear();
-
- for (const auto &oneTypePaths : m_fileTypeMap)
- if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO)
- for (const auto& path : oneTypePaths.second)
- unlink(path.c_str());
-
- m_fileTypeMap.clear();
-
- rmdir(m_installDir.c_str());
- }
+ // App info getters and setters
+ std::string getAppId() const;
+ std::string getPkgId() const;
+ std::string getVersion() const;
+ int getUID() const;
+ int getGID() const;
+ void setAuthor(const std::string &author);
+ std::string getAuthor() const;
+ void setInstallType(app_install_type type);
+ app_install_type getInstallType();
+
+ // Path types creation and removal on file system
+ void createInstallDir();
+ void createTrustedDir(int i = 0);
+ void createPrivateDir();
+ void createPublicDir();
+ void createSharedFile(int i = 0);
+ void createSharedRODir();
+ void createPrivateRODir();
+ void removePaths();
+
+ // Path getters
+ std::string getInstallDir() const;
+ std::string getTrustedDir(int i = 0) const;
+ std::string getPrivateDir() const;
+ std::string getPrivateRODir() const;
+ std::string getPublicDir() const;
+ std::string getSharedPath(int i = 0) const;
+ std::string getSharedRODir() const;
+ const TypePathsMap& getDirsMap() const;
+ const TypePathsMap& getFilesMap() const;
+
+ // Privileges
+ void addPrivilege(const std::string &privilege);
+ void addPrivileges(const std::vector<std::string> &privileges);
+ std::vector<std::string> getPrivileges() const;
+
+ // Smack
+ std::string generateAppLabel() const;
+ std::string generatePkgLabel() const;
+ void revokeRules() const;
virtual ~AppInstallHelper() {
removePaths();
}
protected:
- void setInstallPath() {
- if (m_isLocal)
- m_installDir = TzPlatformConfig::appDirPath(getUID());
- else
- m_installDir = TzPlatformConfig::globalAppDir() + "/";
- }
-
- bool create(std::function<int(const char*, mode_t)> &&creatFun, const std::string &path) {
- if (creatFun(path.c_str(), 0751) == 0) {
- // Local paths need user change
- if (!m_isLocal || chown(path.c_str(), m_uidGid, m_uidGid) == 0)
- return true;
- }
- return false;
- }
-
+ void setInstallPath();
+ bool create(std::function<int(const char*, mode_t)> &&creatFun, const std::string &path);
std::string m_appName;
std::string m_pkgName;
bool m_isLocal;
int m_uidGid;
std::string m_version;
+ app_install_type m_installType;
std::string m_installDir;
TypePathsMap m_dirTypeMap;
TypePathsMap m_fileTypeMap;
+ std::vector<std::string> m_privileges;
+ std::string m_author;
};
projects / platform / core / test / security-tests.git / commitdiff