Upgrade libsmack npruntime tests.

[Issue#]       SSDWSSP-599
[Feature]      N/A
[Cause]        libprivilege-control and smack-privilege-config changed.
[Solution]     Test case nr 20 changed from general to SMACK version, few
               instructions added. New NOSMACK version of this test case is
               now created.
[Verification] Build, install and run tests including the following commits:
               http://slp-info.sec.samsung.net/gerrit/#/c/315582/
               http://slp-info.sec.samsung.net/gerrit/#/c/315493/

               Run tests on target without smack also.

Change-Id: Id156de668557d590155970e8b91145cf8a5217f9

diff --git a/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h b/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h
index 35d2338..9732a64 100644 (file)
--- a/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h
+++ b/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h
@@ -82,6 +82,9 @@
 
 #define APP_SET_PRIV_PATH      "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP"
 
+#define APP_NPRUNTIME       "app_np_test"
+#define APP_NPRUNTIME_FILE  "/etc/smack/test_privilege_control_DIR/app_dir/exec"
+
 //correct and incorrect PID used in incorrect params test
 const pid_t PID_CORRECT = 0;
 const pid_t PID_INCORRECT = -1;

diff --git a/tests/libprivilege-control-tests/test_cases.cpp b/tests/libprivilege-control-tests/test_cases.cpp
index 66a1dae..cdb29b5 100644 (file)
--- a/tests/libprivilege-control-tests/test_cases.cpp
+++ b/tests/libprivilege-control-tests/test_cases.cpp
@@ -66,9 +66,6 @@
 
 #define APP_TEST "app_test"
 
-#define APP_NPRUNTIME       "app_np_test"
-#define APP_NPRUNTIME_FILE  "/etc/smack/test_privilege_control_DIR/app_dir/exec"
-
 namespace {
 
 const char *PRIVS2_NO_R[] = { "test_privilege_control_rules2_no_r", NULL };
@@ -1649,7 +1646,7 @@ RUNNER_TEST_SMACK(privilege_control19_app_setup_path_settings)
     test_app_setup_path(__LINE__, APP_PATH_SETTINGS_RW);
 }
 
-RUNNER_TEST(privilege_control20_app_setup_path_npruntime)
+RUNNER_TEST_SMACK(privilege_control20_app_setup_path_npruntime)
 {
     int result = 0;
     std::unique_ptr<char, std::function<void(void*)> > labelPtr(NULL,free);
@@ -1674,26 +1671,20 @@ RUNNER_TEST(privilege_control20_app_setup_path_npruntime)
     label = NULL;
     RUNNER_ASSERT(0 == strcmp(labelPtr.get(), nptargetlabel.c_str()));
 
-    // test smack accesses
-    result = smack_have_access(APP_NPRUNTIME, nptargetlabel.c_str(), "rw");
-    RUNNER_ASSERT_MSG(result == 1,
-        "Error: subject: " << APP_NPRUNTIME << " has not rw access to object: "
-       << nptargetlabel.c_str() << ". Result: " << result);
-
-    result = smack_have_access(nptargetlabel.c_str(), APP_NPRUNTIME, "rxat");
-    RUNNER_ASSERT_MSG(result == 1,
-        "Error: subject: " << nptargetlabel.c_str() << " has not rxat access to object: "
-       << APP_NPRUNTIME << ". Result: " << result);
-
-    result = smack_have_access(nptargetlabel.c_str(), "system::homedir", "rxat");
-    RUNNER_ASSERT_MSG(result == 1,
-        "Error: subject: " << nptargetlabel.c_str() << " has not rxat access to object: "
-       << "system::homedir. Result: " << result);
-
-    result = smack_have_access(nptargetlabel.c_str(), "xorg", "rw");
-    RUNNER_ASSERT_MSG(result == 1,
-        "Error: subject: " << nptargetlabel.c_str() << " has not rw access to object: "
-       << "xorg. Result: " << result);
+    // Rules to test
+    const std::vector< std::vector<std::string> > np_rules = {
+        { APP_NPRUNTIME,   nptargetlabel,       "rw"    },
+        { nptargetlabel,   APP_NPRUNTIME,       "rxat"  },
+        { nptargetlabel,   "system::homedir",   "rxat"  },
+        { nptargetlabel,   "xorg",              "rw"    },
+        { nptargetlabel,   "crash-worker",      "rwxa"  },
+        { nptargetlabel,   "sys-assert::core",  "rwxat" },
+        { nptargetlabel,   "syslogd",           "rw"    },
+    };
+
+    // Test smack accesses
+    result = test_have_all_accesses(np_rules);
+    RUNNER_ASSERT_MSG(result == 1, "Not all permissions added.");
 
     result = perm_app_uninstall(APP_NPRUNTIME);
     RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_uninstall. " << result);

diff --git a/tests/libprivilege-control-tests/test_cases_nosmack.cpp b/tests/libprivilege-control-tests/test_cases_nosmack.cpp
index 42c587c..4ea2dec 100644 (file)
--- a/tests/libprivilege-control-tests/test_cases_nosmack.cpp
+++ b/tests/libprivilege-control-tests/test_cases_nosmack.cpp
@@ -717,6 +717,56 @@ RUNNER_TEST_NOSMACK(privilege_control19_app_setup_path_settings_nosmack)
 }
 
 /**
+ * NOSMACK version of privilege_control20 test.
+ *
+ * Uses NOSMACK version of test_have_nosmack_accesses.
+ */
+RUNNER_TEST_NOSMACK(privilege_control20_app_setup_path_npruntime_nosmack)
+{
+    int result = 0;
+    std::unique_ptr<char, std::function<void(void*)> > labelPtr(NULL,free);
+    std::string nptargetlabel = std::string(APP_NPRUNTIME) + ".npruntime";
+    char *label = NULL;
+
+    DB_BEGIN
+
+    result = perm_app_uninstall(APP_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_uninstall. " << result);
+
+    result = perm_app_install(APP_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_install. " << result);
+
+    result = perm_app_setup_path(APP_NPRUNTIME, APP_NPRUNTIME_FILE, PERM_APP_PATH_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_setup_path. " << result);
+
+    DB_END
+
+    RUNNER_ASSERT(0 == smack_lgetlabel(APP_NPRUNTIME_FILE, &label, SMACK_LABEL_EXEC));
+    labelPtr.reset(label);
+    label = NULL;
+    RUNNER_ASSERT(0 == strcmp(labelPtr.get(), nptargetlabel.c_str()));
+
+    // Rules to test
+    const std::vector< std::vector<std::string> > np_rules = {
+        { APP_NPRUNTIME,   nptargetlabel,       "rw"    },
+        { nptargetlabel,   APP_NPRUNTIME,       "rxat"  },
+        { nptargetlabel,   "system::homedir",   "rxat"  },
+        { nptargetlabel,   "xorg",              "rw"    },
+        { nptargetlabel,   "crash-worker",      "rwxa"  },
+        { nptargetlabel,   "sys-assert::core",  "rwxat" },
+        { nptargetlabel,   "syslogd",           "rw"    },
+    };
+
+    // Check if accesses aren't added
+    result = test_have_nosmack_accesses(np_rules);
+    RUNNER_ASSERT_MSG(result == -1, "Accesses shouldn't be added. Result: " << result);
+
+    // Uninstall app runtime
+    result = perm_app_uninstall(APP_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_uninstall. " << result);
+}
+
+/**
  * NOSMACK version of privielge_control21b test.
  *
  * Instead of error caused by incorrect params expect access granted, becuase SMACK is off.