Add new test cases for libteec

Test if application can load TA
Test if system process can load TA
Test if app can use libteec with no correct cynara permission

Change-Id: Ie78303e05b414679a8df4bcab2f893865fc0fa62

diff --git a/src/libteec-tests/test_cases.cpp b/src/libteec-tests/test_cases.cpp
index 890a19838f2eea94865495a5a2021602b84a0531..338b3db326b57478321123be89d7bf04cf146bff 100644 (file)
--- a/src/libteec-tests/test_cases.cpp
+++ b/src/libteec-tests/test_cases.cpp
@@ -118,6 +118,12 @@ std::string uuidToString(const TEEC_UUID& uuid)
     return ss.str();
 }
 
+namespace
+{
+    const TEEC_UUID taUuid =
+        { 0x00000000, 0x0000, 0x0000, {0x00, 0x00, 0x74, 0x63, 0x74, 0x65, 0x73, 0x74} };
+}
+
 class Ta
 {
 public:
@@ -191,9 +197,6 @@ RUNNER_TEST_GROUP_INIT(LIBTEEC)
 
 RUNNER_CHILD_TEST(libteec_01_load_TA_as_app)
 {
-    const TEEC_UUID taUuid =
-        { 0x00000000, 0x0000, 0x0000, {0x00, 0x00, 0x74, 0x63, 0x74, 0x65, 0x73, 0x74} };
-
     Ta ta(taUuid);
 
     TemporaryTestUser tmpUser("libteec_01_test_user", GUM_USERTYPE_NORMAL);
@@ -247,3 +250,117 @@ RUNNER_CHILD_TEST(libteec_01_load_TA_as_app)
 
     runInChildParentWait(fun);
 }
+
+RUNNER_CHILD_TEST(libteec_02_load_TA_as_system)
+{
+    Ta ta(taUuid);
+
+    bool isTeeEnabled = checkIfTeeEnabled();
+
+    auto fun = [&]()
+    {
+        auto contextPtr = std::unique_ptr<TEEC_Context, decltype(&TEEC_FinalizeContext)>
+            (NULL, &TEEC_FinalizeContext);
+        auto sessionPtr = std::unique_ptr<TEEC_Session, decltype(&TEEC_CloseSession)>
+            (NULL, &TEEC_CloseSession);
+
+        TEEC_Context context;
+        TEEC_Session session;
+
+        int result = smack_set_label_for_self("System");
+        RUNNER_ASSERT_MSG(result == 0, "Failed to set smack label");
+
+        TEEC_Result res = TEEC_InitializeContext(NULL, &context);
+        contextPtr.reset(&context);
+
+        TEEC_Result desiredResult = isTeeEnabled ? TEEC_SUCCESS : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Failed to initialize context. Error code: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+
+        uint32_t returnOrigin;
+        res = TEEC_OpenSession(&context,
+            &session, &taUuid, TEEC_LOGIN_PUBLIC, NULL, NULL, &returnOrigin);
+        sessionPtr.reset(&session);
+
+        desiredResult = isTeeEnabled ? TEEC_SUCCESS : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Opening libteec session returned wrong value: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+
+        uint32_t desiredOrigin = isTeeEnabled ? TEEC_ORIGIN_TEE : TEEC_ORIGIN_API;
+        RUNNER_ASSERT_MSG(returnOrigin == desiredOrigin,
+            "Wrong return origin from TEEC_OpenSession: " << originToString(returnOrigin)
+            << ", expected: " << originToString(desiredOrigin));
+    };
+
+    runInChildParentWait(fun);
+}
+
+RUNNER_CHILD_TEST(libteec_03_try_use_libteec_with_no_cynara_perm_as_app)
+{
+    TemporaryTestUser tmpUser("libteec_03_test_user", GUM_USERTYPE_NORMAL, false);
+    tmpUser.create();
+
+    AppInstallHelper app("libteec_03_test_app", tmpUser.getUid());
+    ScopedInstaller appInstall(app);
+
+    bool isTeeEnabled = checkIfTeeEnabled();
+
+    auto fun = [&]()
+    {
+        TEEC_Context context;
+        auto contextPtr = std::unique_ptr<TEEC_Context, decltype(&TEEC_FinalizeContext)>
+            (NULL, &TEEC_FinalizeContext);
+
+        SecurityManagerTest::Api::setProcessLabel(app.getAppId());
+        RUNNER_ASSERT_ERRNO_MSG(
+            drop_root_privileges(tmpUser.getUid(), tmpUser.getGid()) == 0,
+            "drop_root_privileges failed");
+
+        TEEC_Result res = TEEC_InitializeContext(NULL, &context);
+        contextPtr.reset(&context);
+
+        TEEC_Result desiredResult = isTeeEnabled ? TEEC_ERROR_ACCESS_DENIED : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Initializing context returned wrong error code: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+    };
+
+    runInChildParentWait(fun);
+}
+
+RUNNER_CHILD_TEST(libteec_04_invalid_context_name)
+{
+    TemporaryTestUser tmpUser("libteec_04_test_user", GUM_USERTYPE_NORMAL, false);
+    tmpUser.create();
+
+    const std::string privilege = "http://tizen.org/privilege/tee.client";
+    AppInstallHelper app("libteec_04_test_app", tmpUser.getUid());
+    app.addPrivilege(privilege);
+    ScopedInstaller appInstall(app);
+
+    bool isTeeEnabled = checkIfTeeEnabled();
+
+    auto fun = [&]()
+    {
+        TEEC_Context context;
+        auto contextPtr = std::unique_ptr<TEEC_Context, decltype(&TEEC_FinalizeContext)>
+            (NULL, &TEEC_FinalizeContext);
+
+        SecurityManagerTest::Api::setProcessLabel(app.getAppId());
+        RUNNER_ASSERT_ERRNO_MSG(
+            drop_root_privileges(tmpUser.getUid(), tmpUser.getGid()) == 0,
+            "drop_root_privileges failed");
+
+        TEEC_Result res = TEEC_InitializeContext("Invalid context name", &context);
+        contextPtr.reset(&context);
+
+        TEEC_Result desiredResult = isTeeEnabled ? TEEC_ERROR_ITEM_NOT_FOUND : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Initializing context returned wrong error code: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+    };
+
+    runInChildParentWait(fun);
+}
\ No newline at end of file