SM : AppInstallHelper, ScopedInstaller, TempTestuser fork safe

* Adjust simple test cases

Change-Id: Icc9fe4d34a32ac4c7399bdc062d42aa0f9662b52

diff --git a/src/common/temp_test_user.cpp b/src/common/temp_test_user.cpp
index c754308f90450ad30c1bea974e59d606671c6c89..000410fb9a3fcc854b9216e1015267d72ed10580 100644 (file)
--- a/src/common/temp_test_user.cpp
+++ b/src/common/temp_test_user.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -77,7 +77,8 @@ void TemporaryTestUser::remove(void)
 
 TemporaryTestUser::~TemporaryTestUser()
 {
-    this->remove();
+    if (m_creatorPid == getpid())
+        remove();
 }
 
 TemporaryTestUser::GumdRunner TemporaryTestUser::m_runner = TemporaryTestUser::GumdRunner();

diff --git a/src/common/temp_test_user.h b/src/common/temp_test_user.h
index fc45c3407948dcbfb7bb14a4bc3ee02f38e854d9..a6ca03de44b25863ad2ec8077473351b93d209d8 100644 (file)
--- a/src/common/temp_test_user.h
+++ b/src/common/temp_test_user.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -21,16 +21,18 @@
 #include <sys/types.h>
 #include <gum-user.h>
 #include <common/gum-user-types.h>
+#include <sys/types.h>
+#include <unistd.h>
 
 class TemporaryTestUser {
 public:
-    TemporaryTestUser() = delete;
     TemporaryTestUser(std::string userName, GumUserType userType, bool offline = false) :
             m_uid(0),
             m_gid(0),
             m_userName(userName),
             m_userType(userType),
-            m_offline(offline)
+            m_offline(offline),
+            m_creatorPid(getpid())
             {};
     ~TemporaryTestUser();
     void remove(void);
@@ -67,6 +69,7 @@ private:
     std::string m_userName;
     GumUserType m_userType;
     bool m_offline;
+    pid_t m_creatorPid;
 };
 
 #endif

diff --git a/src/security-manager-tests/common/app_install_helper.h b/src/security-manager-tests/common/app_install_helper.h
index 1b6e690ff023f64e0cebe26b4d0a84d0ad963e5c..04a120035dfdfe3dcea7fe92ebf399ab9c166301 100644 (file)
--- a/src/security-manager-tests/common/app_install_helper.h
+++ b/src/security-manager-tests/common/app_install_helper.h
@@ -19,13 +19,12 @@
 #include <functional>
 #include <map>
 #include <string>
+#include <sys/types.h>
 #include <vector>
 #include <unistd.h>
 
 #include <security-manager-types.h>
 
-const uid_t OWNER_UID = 5001;
-
 struct AppInstallHelper {
 
     using TypePathsMap = std::map<app_install_path_type, std::vector<std::string>>;
@@ -36,7 +35,7 @@ struct AppInstallHelper {
                      std::string version = std::string(),
                      bool isHybrid = false)
       : m_appName(appNamePrefix), m_pkgName(pkgNamePrefix), m_isLocal(isLocal), m_uidGid(uid), m_version(version),
-        m_installType(SM_APP_INSTALL_NONE), m_isHybrid(isHybrid)
+        m_installType(SM_APP_INSTALL_NONE), m_isHybrid(isHybrid), m_creatorPid(getpid())
     {
         setInstallPath();
     }
@@ -103,7 +102,8 @@ struct AppInstallHelper {
     std::string generatePkgLabel() const;
     void revokeRules() const;
     virtual ~AppInstallHelper() {
-        removePaths();
+        if (m_creatorPid == getpid())
+            removePaths();
     }
 
 protected:
@@ -121,4 +121,6 @@ protected:
     TypePathsMap m_fileTypeMap;
     std::vector<std::string> m_privileges;
     std::string m_author;
+
+    pid_t m_creatorPid;
 };

diff --git a/src/security-manager-tests/common/scoped_installer.h b/src/security-manager-tests/common/scoped_installer.h
index 3dcf08036cc13079e67c94ed4bd8b30cd5fb596a..404bd2be1237e9778cfc1f0c403d609c7037a573 100644 (file)
--- a/src/security-manager-tests/common/scoped_installer.h
+++ b/src/security-manager-tests/common/scoped_installer.h
@@ -36,7 +36,7 @@
 class ScopedInstaller {
 public:
     ScopedInstaller(const AppInstallHelper &appInstallHelper, bool requestUid = true)
-        : m_appInstallHelper(appInstallHelper), m_shouldUninstall(true)
+        : m_appInstallHelper(appInstallHelper), m_shouldUninstall(true), m_creatorPid(getpid())
     {
         SecurityManagerTest::InstallRequest instReq;
 
@@ -65,7 +65,8 @@ public:
     }
 
     virtual ~ScopedInstaller() {
-        uninstallApp();
+        if (m_creatorPid == getpid())
+            uninstallApp();
     }
 
     void uninstallApp() {
@@ -86,4 +87,5 @@ public:
 protected:
     AppInstallHelper m_appInstallHelper;
     bool m_shouldUninstall;
+    pid_t m_creatorPid;
 };

diff --git a/src/security-manager-tests/test_cases.cpp b/src/security-manager-tests/test_cases.cpp
index fdfc5cb0b1c8cbc97bd19db8cad0cec3f3a7b660..656d39795a9860aade1d15baad7c30f94bcf6f78 100644 (file)
--- a/src/security-manager-tests/test_cases.cpp
+++ b/src/security-manager-tests/test_cases.cpp
@@ -542,13 +542,6 @@ RUNNER_TEST(security_manager_20_user_cynara_policy)
 
 RUNNER_CHILD_TEST(security_manager_21_security_manager_admin_deny_user_priv)
 {
-    const int BUFFER_SIZE = 128;
-    struct message {
-        uid_t uid;
-        gid_t gid;
-        char buf[BUFFER_SIZE];
-    } msg;
-
     const privileges_t adminRequiredPrivs = {
         "http://tizen.org/privilege/notexist",
         "http://tizen.org/privilege/internal/usermanagement"
@@ -559,57 +552,40 @@ RUNNER_CHILD_TEST(security_manager_21_security_manager_admin_deny_user_priv)
     };
     const privileges_t allowedPrivsAfterChange = {"http://tizen.org/privilege/datasharing"};
     const privileges_t deniedPrivsAfterChange = {"http://tizen.org/privilege/internet"};
+    TemporaryTestUser adminUser("sm_test_21_admin_user_name", GUM_USERTYPE_ADMIN, false);
+    TemporaryTestUser normalUser("sm_test_21_normal_user_name", GUM_USERTYPE_NORMAL, false);
 
-    MessagePipe msgPipe;
-
-    pid_t pid = fork();
-    RUNNER_ASSERT_MSG(pid >= 0, "fork failed");
-    if (pid != 0)//parent process
-    {
-        msgPipe.claimParentEp();
-        TemporaryTestUser adminUser("sm_test_21_admin_user_name", GUM_USERTYPE_ADMIN, false);
-        TemporaryTestUser normalUser("sm_test_21_normal_user_name", GUM_USERTYPE_NORMAL, false);
-
-        adminUser.create();
-        normalUser.create();
-        std::string childUidStr = normalUser.getUidString();
-
-        AppInstallHelper adminApp("sm_test_21_admin", adminUser.getUid());
-        adminApp.createInstallDir();
-        adminApp.addPrivileges(adminRequiredPrivs);
-        ScopedInstaller adminAppInstall(adminApp);
+    adminUser.create();
+    normalUser.create();
+    std::string childUidStr = normalUser.getUidString();
 
-        AppInstallHelper normalApp("sm_test_21_normal", normalUser.getUid());
-        normalApp.createInstallDir();
-        normalApp.addPrivileges(manifestPrivs);
+    AppInstallHelper adminApp("sm_test_21_admin", adminUser.getUid());
+    adminApp.createInstallDir();
+    adminApp.addPrivileges(adminRequiredPrivs);
+    ScopedInstaller adminAppInstall(adminApp);
 
-        ScopedInstaller normalAppInstall(normalApp);
-        check_app_permissions(normalApp.getAppId(), normalApp.getPkgId(), childUidStr,
-                              manifestPrivs, {});
+    AppInstallHelper normalApp("sm_test_21_normal", normalUser.getUid());
+    normalApp.createInstallDir();
+    normalApp.addPrivileges(manifestPrivs);
+    ScopedInstaller normalAppInstall(normalApp);
 
-        //send info to child
-        msg.uid = adminUser.getUid();
-        msg.gid = adminUser.getGid();
-        strncpy (msg.buf, childUidStr.c_str(), BUFFER_SIZE);
-        msgPipe.write(msg);
+    check_app_permissions(normalApp.getAppId(), normalApp.getPkgId(), childUidStr,
+                          manifestPrivs, {});
 
+    pid_t pid = fork();
+    RUNNER_ASSERT_MSG(pid >= 0, "fork failed");
+    if (pid != 0) { //parent process
         waitPid(pid);
-
         check_app_permissions(normalApp.getAppId(), normalApp.getPkgId(), childUidStr,
                               allowedPrivsAfterChange, deniedPrivsAfterChange);
-    }
-    if (pid == 0) {
-        msgPipe.claimChildEp();
-        // Get created user credentials
-        msgPipe.read(msg);
-
-        AppInstallHelper adminApp("sm_test_21_admin");
+    } else {
         Api::setProcessLabel(adminApp.getAppId());
-        RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(msg.uid, msg.gid) == 0, "drop_root_privileges failed");
+        RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(adminUser.getUid(),adminUser.getGid()) == 0,
+                                "drop_root_privileges failed");
 
         PolicyRequest addPolicyReq;
         for (auto &deniedPriv : deniedPrivsAfterChange) {
-            PolicyEntry entry(SECURITY_MANAGER_ANY, msg.buf, deniedPriv);
+            PolicyEntry entry(SECURITY_MANAGER_ANY, normalUser.getUidString(), deniedPriv);
             entry.setMaxLevel("Deny");
             addPolicyReq.addEntry(entry);
         }

diff --git a/src/security-manager-tests/test_cases_public_sharing.cpp b/src/security-manager-tests/test_cases_public_sharing.cpp
index 3e6f42054fbba26d4a144b61a2c1338d92edcd15..474a9562f09f783f1d900b11c526f356ee1d5fe2 100644 (file)
--- a/src/security-manager-tests/test_cases_public_sharing.cpp
+++ b/src/security-manager-tests/test_cases_public_sharing.cpp
@@ -64,6 +64,7 @@ AppInstallHelper prepAIH(const std::string &appName,
                          std::string version,
                          bool isSharedRO)
 {
+    const uid_t OWNER_UID = 5001;
     bool appIsLocal = true;
     AppInstallHelper appInstallHelper(appName, pkgName, appIsLocal, OWNER_UID, version);