--- /dev/null
+#include <fs_label_manager.h>
+
+#include <tests_common.h>
+#include <memory.h>
+
+#include <unistd.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <sys/mount.h>
+#include <sys/xattr.h>
+#include <linux/xattr.h>
+
+
+namespace
+{
+static const char* get_xattr_name(enum smack_label_type type)
+{
+ switch (type) {
+ case SMACK_LABEL_ACCESS:
+ return XATTR_NAME_SMACK;
+ case SMACK_LABEL_EXEC:
+ return XATTR_NAME_SMACKEXEC;
+ case SMACK_LABEL_MMAP:
+ return XATTR_NAME_SMACKMMAP;
+ case SMACK_LABEL_TRANSMUTE:
+ return XATTR_NAME_SMACKTRANSMUTE;
+ case SMACK_LABEL_IPIN:
+ return XATTR_NAME_SMACKIPIN;
+ case SMACK_LABEL_IPOUT:
+ return XATTR_NAME_SMACKIPOUT;
+ default:
+ /* Should not reach this point */
+ return NULL;
+ }
+}
+}
+
+FsLabelManager::FsLabelManager(const std::string &path, const std::string &label)
+ : m_path(path)
+ , m_label(label)
+{
+ umount(m_path.c_str());
+ rmdir(m_path.c_str());
+
+ std::string data = std::string("mode=0777,uid=0,smackfsdef=") + label;
+
+ int ret = mkdir(path.c_str(), S_IRWXU | S_IRWXG | S_IRWXO);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to make directory");
+
+ ret = mount("none", path.c_str(), "tmpfs", 0, data.c_str());
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to mount filesystem");
+
+ if (m_path[m_path.length()-1] != '/')
+ m_path += '/';
+}
+
+FsLabelManager::~FsLabelManager()
+{
+ umount(m_path.c_str());
+ rmdir(m_path.c_str());
+}
+
+void FsLabelManager::createFile(const std::string &relativePath)
+{
+ std::string path = m_path + relativePath;
+
+ mode_t systemMask = umask(0000);
+ int fd = open(path.c_str(), O_RDWR | O_CREAT | O_TRUNC, S_IRWXU | S_IRWXG | S_IRWXO);
+ umask(systemMask);
+ RUNNER_ASSERT_MSG_BT(fd > -1, "Unable to create file for tests: " << strerror(errno));
+
+ close(fd);
+
+ int ret = chown(path.c_str(), APP_UID, APP_GID);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to change file owner: " << strerror(errno));
+}
+
+void FsLabelManager::createLink(const std::string &relativeLinkPath, const std::string &relativeRealPath)
+{
+ std::string linkPath = m_path + relativeLinkPath;
+ std::string realPath = m_path + relativeRealPath;
+
+ int ret = unlink(linkPath.c_str());
+ RUNNER_ASSERT_MSG_BT(ret == 0 || errno == ENOENT, "Unable to unlink file." << strerror(errno));
+
+ ret = symlink(realPath.c_str(), linkPath.c_str());
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to create symlink." << strerror(errno));
+
+ ret = lchown(linkPath.c_str(), APP_UID, APP_GID);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to change file owner: " << strerror(errno));
+}
+
+void FsLabelManager::testSmackSetLabel(const std::string &relativePath,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ std::string path = m_path + relativePath;
+
+ int ret = smack_setlabel(path.c_str(), label, labelType);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Error in normal setting label " << label);
+
+ checkLabel(path, label, labelType);
+}
+
+void FsLabelManager::testSmackLSetLabel(const std::string &relativePath,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ std::string path = m_path + relativePath;
+
+ int ret = smack_lsetlabel(path.c_str(), label, labelType);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Error in link setting label " << label);
+
+ checkLinkLabel(path, label, labelType);
+}
+
+void FsLabelManager::testSmackFSetLabel(const std::string &relativePath,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ std::string path = m_path + relativePath;
+
+ int fd = open(path.c_str(), O_WRONLY);
+ RUNNER_ASSERT_MSG_BT(fd > -1, "Unable to open file: " << strerror(errno));
+
+ int ret = smack_fsetlabel(fd, label, labelType);
+ close(fd);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Error in fd setting " << label);
+
+ checkLabel(path, label, labelType);
+}
+
+void FsLabelManager::testSmackGetLabel(const std::string &relativePath,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ std::string path = m_path + relativePath;
+
+ char *tmpLabel;
+ int ret = smack_getlabel(path.c_str(), &tmpLabel, labelType);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Error in normal getting label");
+ SmackLabelPtr labelPtr(tmpLabel);
+
+ if (label == NULL && !m_label.compare(tmpLabel))
+ return;
+ RUNNER_ASSERT_MSG_BT(label != NULL, "Path should be related with file system default label. "
+ << tmpLabel << " != " << m_label);
+
+ ret = strcmp(tmpLabel, label);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << label);
+
+ checkLabel(path, tmpLabel, labelType);
+}
+
+void FsLabelManager::testSmackLGetLabel(const std::string &relativePath,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ std::string path = m_path + relativePath;
+
+ char *tmpLabel;
+ int ret = smack_lgetlabel(path.c_str(), &tmpLabel, labelType);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Error in link getting label");
+ SmackLabelPtr labelPtr(tmpLabel);
+
+ if (label == NULL && !m_label.compare(tmpLabel))
+ return;
+ RUNNER_ASSERT_MSG_BT(label != NULL, "Path should be related with file system default label. "
+ << tmpLabel << " != " << m_label);
+
+ ret = strcmp(tmpLabel, label);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << label);
+
+ checkLinkLabel(path, tmpLabel, labelType);
+}
+
+void FsLabelManager::testSmackFGetLabel(const std::string &relativePath,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ std::string path = m_path + relativePath;
+ int fd = open(path.c_str(), O_WRONLY);
+ RUNNER_ASSERT_MSG_BT(fd > -1, "Unable to open file: " << strerror(errno));
+
+ char *tmpLabel;
+ int ret = smack_fgetlabel(fd, &tmpLabel, labelType);
+ close(fd);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Error in fd getting label");
+ SmackLabelPtr labelPtr(tmpLabel);
+
+ if (label == NULL && !m_label.compare(tmpLabel))
+ return;
+ RUNNER_ASSERT_MSG_BT(label != NULL, "Fd should be related with file system default label. "
+ << tmpLabel << " != " << m_label);
+
+ ret = strcmp(tmpLabel, label);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << label);
+
+ checkLabel(path, tmpLabel, labelType);
+}
+
+void FsLabelManager::testSmackClearLabels(const std::string &relativePath)
+{
+ testSmackSetLabel(relativePath, NULL, SMACK_LABEL_ACCESS);
+ testSmackGetLabel(relativePath, NULL, SMACK_LABEL_ACCESS);
+ testSmackSetLabel(relativePath, NULL, SMACK_LABEL_EXEC);
+ testSmackGetLabel(relativePath, NULL, SMACK_LABEL_EXEC);
+}
+
+void FsLabelManager::checkLabel(const std::string &path,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ char buf[SMACK_LABEL_LEN+2] = { 0, };
+ int ret = getxattr(path.c_str(), get_xattr_name(labelType), buf, SMACK_LABEL_LEN+1);
+ RUNNER_ASSERT_MSG_BT(ret > 0, "Error in getting xattr. " << strerror(errno));
+
+ const char *tmpLabel;
+ if (label == NULL)
+ tmpLabel = m_label.c_str();
+ else
+ tmpLabel = label;
+
+ ret = strncmp(tmpLabel, buf, SMACK_LABEL_LEN+1);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << buf);
+}
+
+void FsLabelManager::checkLinkLabel(const std::string &path,
+ const char *label,
+ enum smack_label_type labelType)
+{
+ char buf[SMACK_LABEL_LEN+2] = { 0, };
+ int ret = lgetxattr(path.c_str(), get_xattr_name(labelType), buf, SMACK_LABEL_LEN+1);
+ RUNNER_ASSERT_MSG_BT(ret > 0, "Error in getting xattr. " << strerror(errno));
+
+ const char *tmpLabel;
+ if (label == NULL)
+ tmpLabel = m_label.c_str();
+ else
+ tmpLabel = label;
+
+ ret = strncmp(tmpLabel, buf, SMACK_LABEL_LEN+1);
+ RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << buf);
+}
#include <sys/wait.h>
#include "tests_common.h"
#include <access_provider.h>
+#include <fs_label_manager.h>
#include "memory.h"
const char* const TEST_SUBJECT = "test_subject";
RUNNER_ASSERT_MSG_BT(result == 0, "Proces rule in /proc/self/attr/current other than set");
}
-//RUNNER_TEST(smackXX_parent_child_label)
-//{
-//In this test case parent process and child labels will be tested
-//Parent will fork and check child's label. First fork will be with default "_" parent label,
-//second one witch changed label.
-//}
-
-//bellow function is from libsmack.c witch changed name
-const char *xattr(enum smack_label_type type)
-{
- switch (type) {
- case SMACK_LABEL_ACCESS:
- return "security.SMACK64";
- case SMACK_LABEL_EXEC:
- return "security.SMACK64EXEC";
- case SMACK_LABEL_MMAP:
- return "security.SMACK64MMAP";
- case SMACK_LABEL_TRANSMUTE:
- return "security.SMACK64TRANSMUTE";
- case SMACK_LABEL_IPIN:
- return "security.SMACK64IPIN";
- case SMACK_LABEL_IPOUT:
- return "security.SMACK64IPOUT";
- default:
- /* Should not reach this point */
- return NULL;
- }
-}
-
-//TODO: In bellow RUNNER_TEST add lget / lset functions to be testet the same way as normal get / set
-RUNNER_TEST(smack06_get_set_label)
+RUNNER_TEST_SMACK(smack06_setlabel_getlabel_test_0)
{
- /*
- * author: Pawel Polawski
- * test: smack_getlabel, smack_setlabel
- * description: In this test case file label is tested using SMACK API functions and system xattr functions.
- * Functions tested here is used for normal files.
- * expect: Function should return default label, and the new one after change it.
- */
-
- //In this test case will be tested setting and getting file label
- //If file is symbolic link functions should follow it
-
- //SMACK xattr from libsmack.c:
- //
- //case SMACK_LABEL_ACCESS:
- // return "security.SMACK64";
- //case SMACK_LABEL_EXEC:
- // return "security.SMACK64EXEC";
- //case SMACK_LABEL_MMAP:
- // return "security.SMACK64MMAP";
- //case SMACK_LABEL_TRANSMUTE:
- // return "security.SMACK64TRANSMUTE";
- //case SMACK_LABEL_IPIN:
- // return "security.SMACK64IPIN";
- //case SMACK_LABEL_IPOUT:
- // return "security.SMACK64IPOUT";
+ const std::string fsLabel = "smack06_setlabel_getlabel_test_0";
+ const std::string fsPath = std::string("/tmp/") + fsLabel;
- int result;
- char *label = NULL;
+ const std::string filePath = "file";
- char buff[SMACK_LABEL_LEN+1];
- const char* s06testlabel = "s06testlabel";
- const char *file_path = "/etc/smack/test_smack_rules";
+ FsLabelManager fs(fsPath, fsLabel);
+ fs.createFile(filePath);
- //preparing environment by restoring default "_" label
- result = smack_setlabel(file_path, "_", SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
+ // reset labels first time
+ fs.testSmackClearLabels(filePath);
- result = smack_getlabel(file_path, &label, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file");
- //get label, should be default "_"
- result = strcmp(label, "_");
- free(label);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label");
-
- //get label using xattr function
- result = getxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN);
- RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file");
- //check label, should match the one readed by smack function
- result = strncmp(buff, "_", result);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label");
-
- result = smack_setlabel(file_path, s06testlabel, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
-
- //get label using smack function
- result = smack_getlabel(file_path, &label, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file");
- //get label, should be default s06testlabel
- result = strcmp(label, s06testlabel);
- free(label);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label");
-
- //get label using xattr function
- result = getxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN);
- RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file");
- //check label, should match the one readed by smack function
- result = strncmp(buff, s06testlabel, result);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label");
+ // reset labels second time
+ fs.testSmackClearLabels(filePath);
}
-//RUNNER_TEST(smackXX_get_label_exec)
-//{
-//In this test case EXEC label will be tested
-//by setting this type of label, reading it and testing executed binary exit status
-//}
-
-RUNNER_TEST(smack07_l_get_set_label)
+RUNNER_TEST_SMACK(smack06_setlabel_getlabel_test_1)
{
- /*
- * author: Pawel Polawski
- * test: smack_lgetlabel, smack_lsetlabel, smack_getlabel
- * description: Functions tested here are similar to one from previous test case. The difference
- * is that in case of symbolic link they follows it and operates on file pointed by it.
- * expect: All label manipulations should affect file pointed by symbolic link.
- */
-
- int result;
- char *label = NULL;
-
- char buff[SMACK_LABEL_LEN+1];
- const char* s07testlabel1 = "s07testlabel1";
- const char* s07testlabel2 = "s07testlabel2";
-
- const char *file_path = "/etc/smack/test_smack_rules_lnk";
-
- //preparing environment by restoring default "_" label
- result = smack_lsetlabel(file_path, "_", SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
- result = smack_setlabel(file_path, "_", SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
-
- result = smack_lgetlabel(file_path, &label, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file");
- //get label of symbolic link, should be default "_"
- result = strcmp(label, "_");
- free(label);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label");
-
- //get label using xattr function
- result = lgetxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN);
- RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file");
- //check label, should match the one readed by smack function
- result = strncmp(buff, "_", result);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label");
-
- result = smack_lsetlabel(file_path, s07testlabel1, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
- //and set label for file pointed by link
- result = smack_setlabel(file_path, s07testlabel2, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
-
- //get label using smack function
- result = smack_lgetlabel(file_path, &label, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file");
- //check label, should be s07testlabel1
- result = strcmp(label, s07testlabel1);
- free(label);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label");
-
- //get label using xattr function
- result = lgetxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN);
- RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file");
- //check label, should match the one readed by smack function
- result = strncmp(buff, s07testlabel1, result);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label");
-
- //now similar to above, but folowing symbolic link set before to s07testlabel2
- result = smack_getlabel(file_path, &label, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error gettin label of file pointed by symbolic link");
- //now label should be s07testlabel2 for file instead of s07testlabel1 set for link
- result = strcmp(label, s07testlabel2);
- free(label);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong label of file pointed by symbolic link");
-
- //get label using xattr function
- result = getxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN);
- RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file");
- //check label, should match the one readed by smack function
- result = strncmp(buff, s07testlabel2, result);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label");
+ const std::string fsLabel = "smack06_setlabel_getlabel_test_1";
+ const std::string fsPath = std::string("/tmp/") + fsLabel;
+
+ const char* testLabelAccess = "access";
+ const char* testLabelExec = "exec";
+ const std::string filePath = "file";
+
+ FsLabelManager fs(fsPath, fsLabel);
+ fs.createFile(filePath);
+
+ // set and get labels first time
+ fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+
+ fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+
+ // set and get same labels second time
+ fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+
+ fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
}
-RUNNER_TEST(smack08_f_get_set_label)
+RUNNER_TEST_SMACK(smack06_setlabel_getlabel_test_2)
{
- /*
- * author: Pawel Polawski
- * test: smack_fgetlabel, smack_fsetlabel
- * description: This test case is similar to test case smack06 above. The difference
- * is that argument is file descriptor instead of file path.
- * Function not follow symbolic link and operates directly on it.
- * expect: All label manipulations should affect symbolic link itself.
- */
-
- int result;
- char *label = NULL;
+ const std::string fsLabel = "smack06_setlabel_getlabel_test_2";
+ const std::string fsPath = std::string("/tmp/") + fsLabel;
+
+ const char* testLabelAccess = "access";
+ const char* testLabelExec = "exec";
+ const std::string filePath = "file";
+ const std::string linkPath = "link";
+
+ FsLabelManager fs(fsPath, fsLabel);
+ fs.createFile(filePath);
+ fs.createLink(linkPath, filePath);
+
+ // set and get labels for file to which link points
+ fs.testSmackSetLabel(linkPath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackSetLabel(linkPath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackGetLabel(linkPath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackGetLabel(linkPath, testLabelExec, SMACK_LABEL_EXEC);
+
+ // link labels should not be changed
+ fs.testSmackLGetLabel(linkPath, NULL, SMACK_LABEL_ACCESS);
+ fs.testSmackLGetLabel(linkPath, NULL, SMACK_LABEL_EXEC);
+}
- char buff[SMACK_LABEL_LEN+1];
- const char* s08testlabel = "s08testlabel";
+RUNNER_TEST_SMACK(smack06_lsetlabel_lgetlabel_test_1)
+{
+ const std::string fsLabel = "smack06_lsetlabel_lgetlabel_test_1";
+ const std::string fsPath = std::string("/tmp/") + fsLabel;
+
+ const char* testLabelAccess = "fileAccess";
+ const char* testLabelExec = "fileExec";
+ const char* testLinkLabelAccess = "linkAccess";
+ const char* testLinkLabelExec = "linkExec";
+ const std::string filePath = "file";
+ const std::string linkPath = "link";
+
+ FsLabelManager fs(fsPath, fsLabel);
+ fs.createFile(filePath);
+ fs.createLink(linkPath, filePath);
+
+ // set different labels for link and file
+ fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackLSetLabel(linkPath, testLinkLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackLSetLabel(linkPath, testLinkLabelExec, SMACK_LABEL_EXEC);
+
+ // get those labels
+ fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackLGetLabel(linkPath, testLinkLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackLGetLabel(linkPath, testLinkLabelExec, SMACK_LABEL_EXEC);
+}
- int fd;
- const char *file_path = "/etc/smack/test_smack_rules";
+RUNNER_TEST_SMACK(smack06_fsetlabel_fgetlabel_test_1)
+{
+ const std::string fsLabel = "smack06_fsetlabel_fgetlabel_test_1";
+ const std::string fsPath = std::string("/tmp/") + fsLabel;
- fd = open(file_path, O_RDWR, 0644); //reference preinstalled rules
- RUNNER_ASSERT_MSG_BT(fd >= 0, "Unable to open /etc/smack/test_smack_rules");
- FdUniquePtr fd_ptr(&fd);
+ const char* testLabelAccess = "access";
+ const char* testLabelExec = "exec";
+ const std::string filePath = "file";
- //preparing environment by restoring default "_" label
- result = smack_fsetlabel(fd, "_", SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
+ FsLabelManager fs(fsPath, fsLabel);
+ fs.createFile(filePath);
- result = smack_fgetlabel(fd, &label, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file");
- //check label, should be "_"
- result = strcmp(label, "_");
- free(label);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label");
-
- //get label using xattr function
- result = fgetxattr(fd, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN);
- RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file");
- //check label, should match the one readed by smack function
- result = strncmp(buff, "_", result);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label");
-
- result = smack_fsetlabel(fd, s08testlabel, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file");
-
- //get label using smack function
- result = smack_fgetlabel(fd, &label, SMACK_LABEL_ACCESS);
- RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file");
- //check label, should be s08testlabel
- result = strcmp(label, s08testlabel);
- free(label);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label");
-
- //get label using xattr function
- result = fgetxattr(fd, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN);
- RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file");
- //check label, should match the one readed by smack function
- result = strncmp(buff, s08testlabel, result);
- RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label");
+ // set and get labels for fd
+ fs.testSmackFSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackFSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
+ fs.testSmackFGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS);
+ fs.testSmackFGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC);
}
RUNNER_TEST_SMACK(smack10_adding_removing_rules)