From: jin-gyu.kim Date: Tue, 19 Dec 2017 08:44:18 +0000 (+0900) Subject: Fix aslr test X-Git-Tag: submit/tizen_4.0/20171220.053450~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2f1c8afe7c32e6896ca7c6d3fd32c19222a11182;p=platform%2Fcore%2Fsecurity%2Fsecurity-config.git Fix aslr test - Remove redundant test files. - Remove temporary exceptions. Change-Id: Ifc80a54dced83eb2a5f8eb2306d9b380d46b7396 --- diff --git a/test/ASLR-DEP/root daemon.txt b/test/ASLR-DEP/root daemon.txt deleted file mode 100755 index e69de29..0000000 diff --git a/test/aslr_test/README b/test/aslr_test/README deleted file mode 100755 index 9cb1e39..0000000 --- a/test/aslr_test/README +++ /dev/null @@ -1,5 +0,0 @@ -1. Attach target -2. Run test-aslr.sh at target /usr/share/security-config/test/aslr_test/. - 2-1. It parses .service file under systemd and find target executables and - 2-2. Check whether ASLR is applied on those executables. -3. Check test result saved at /usr/share/security-config/test/aslr_test/output/test_result.csv file. diff --git a/test/aslr_test/scripts/aslr_exception.list b/test/aslr_test/scripts/aslr_exception.list index 82c76f6..3a4769e 100644 --- a/test/aslr_test/scripts/aslr_exception.list +++ b/test/aslr_test/scripts/aslr_exception.list @@ -1,6 +1,2 @@ /usr/sbin/ldconfig /usr/sbin/glibc_post_upgrade -# submission is ongoing -/usr/bin/setfattr -/usr/bin/getfattr -/usr/bin/attr diff --git a/test/aslr_test/scripts/exception.list b/test/aslr_test/scripts/exception.list deleted file mode 100755 index 0c8b254..0000000 --- a/test/aslr_test/scripts/exception.list +++ /dev/null @@ -1,5 +0,0 @@ -/bin/bash -/sbin/ldconfig -/sbin/resize2fs -/sbin/e2fsck -/sbin/sysctl diff --git a/test/aslr_test/scripts/run_aslr_test.sh b/test/aslr_test/scripts/run_aslr_test.sh deleted file mode 100755 index 7c9e6b7..0000000 --- a/test/aslr_test/scripts/run_aslr_test.sh +++ /dev/null @@ -1,153 +0,0 @@ -#!/bin/sh -#========================================================= -# [Includes] -#========================================================= -. "/opt/share/security-config/test/utils/_sh_util_lib" -#========================================================= -# Script Begin -#========================================================= -echoI "Script Begin" -#========================================================= -# [Variable] -#========================================================= -PATH=/bin:/usr/bin:/sbin:/usr/sbin -tmp_list="$aslr_script_dir/tmp.list" -all_systemd_dbus_executable_list="$aslr_script_dir/all_systemd_dbus_executable.list" -sorted_all_systemd_dbus_executable_list="$aslr_script_dir/sorted_all_systemd_dbus_executable.list" -exception_file="$aslr_script_dir/exception.list" -file_ret= -grep_ret= -fail_cnt= -total_cnt= -result_file="$aslr_script_dir/result" -log_file="$aslr_script_dir/log.csv" -is_exception= - -function makeInput { - $RM $all_systemd_dbus_executable_list - $TOUCH $all_systemd_dbus_executable_list - $TOUCH $tmp_list - $FIND /usr/lib/systemd/ -name *.service | $XARGS $GREP "ExecStart" | $GREP -v "#ExecStart" > $tmp_list - $SED -i 's/ / /g' $tmp_list - $SED -i 's/ =/=/g' $tmp_list - $SED -i 's/= /=/g' $tmp_list - $SED -i 's/\-\//\//g' $tmp_list - $CAT $tmp_list | $CUT -d "=" -f 2 | $CUT -d " " -f 1 > $all_systemd_dbus_executable_list - $RM $tmp_list - $TOUCH $tmp_list - $FIND / -name *.service | $XARGS $GREP "Exec" | $GREP -v "#Exec" > $tmp_list - $SED -i 's/ / /g' $tmp_list - $SED -i 's/ =/=/g' $tmp_list - $SED -i 's/= /=/g' $tmp_list - $SED -i 's/\-\//\//g' $tmp_list - $CAT $tmp_list | $CUT -d "=" -f 2 | $CUT -d " " -f 1 >> $all_systemd_dbus_executable_list - $RM $tmp_list -} - -function sortInput { - - $SORT $all_systemd_dbus_executable_list > $tmp_list - $CAT $tmp_list | $UNIQ > $sorted_all_systemd_dbus_executable_list - $RM $tmp_list - $RM $all_systemd_dbus_executable_list -} - -function testSystemDASLR { - echoI "Check whether the executable is ASLR applied or not" - while read line; do - echoI "$line" - file_ret="" - grep_ret="" - file_ret=`$utils_dir/file $line` - grep_ret=`echo $file_ret | $GREP -i "executable" | $GREP "ELF" | $GREP -v "script"` - - total_cnt=$((total_cnt+1)) - - if [ ! "$grep_ret" ]; then - echoS "$line, OK" - else - is_exception="false" - while read line2; do - if [ "$line" = "$line2" ]; then - is_exception="true" - fi - done < $exception_file - if [ "$is_exception" = "true" ]; then - echoS "$line"", OK - Not a target of ASLR test" - else - echoE "$line, NOK" - rpm_path=$(/usr/bin/rpm -qf $line) - echo "$line,""$rpm_path"",NOK" >> $log_file - fail_cnt=$((fail_cnt+1)) - fi - fi - done < $sorted_all_systemd_dbus_executable_list - $RM $sorted_all_systemd_dbus_executable_list -} -#========================================================= -# [00] Remove previous result -#========================================================= - -$RM $result_file -$TOUCH $result_file -$RM $log_file -$TOUCH $log_file - -# Rename utils -file_cmd=`$FIND $utils_dir -name file.*` -if [ "$file_cmd" != "" ]; then - $MV $file_cmd $utils_dir/file -fi -if [ ! -e $utils_dir/file ]; then - echo "There's no file command!!!" - exit 1 -fi -#========================================================= -# [01] Make input -#========================================================= -who_am_i=`$WHOAMI` -if [ $who_am_i != "root" ] -then - ret=-2 - echoE "Not a root user." - fnFinishThisScript $ret -fi - -echoI "Make Input" -makeInput - -echoI "Sort Input" -sortInput - -echoI "Test Systemd ASLR" -testSystemDASLR - -if [ $((fail_cnt)) -lt 1 ]; then - echo "YES" > $result_file - $RM $log_file -else - echo "NO" > $result_file -fi -echo "================================================================" -echo "TOTAL: $((total_cnt)), NOT APPLIED: $((fail_cnt))" -echo "================================================================" -echo "" - -if [ ! -d $log_dir ]; then - echo "make log dir" - $MKDIR $log_dir -else - echo "log dir exist" -fi -if [ ! -d $result_dir ]; then - echo "make result dir" - $MKDIR $result_dir -else - echo "result dir exist" -fi -if [ -a $aslr_script_dir/log.csv ]; then - $MV $aslr_script_dir/log.csv $log_dir/aslr_test.log -fi -$MV $aslr_script_dir/result $result_dir/aslr_test.result - -fnPrintSDone diff --git a/test/aslr_test/test-aslr.sh b/test/aslr_test/test-aslr.sh deleted file mode 100755 index eb63ac5..0000000 --- a/test/aslr_test/test-aslr.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -#========================================================= -# [First of All] Get the directory path and name of this script -#========================================================= -script_path=$(readlink -f "$0") -script_dir=`dirname $script_path` -script_name=`basename $script_path` -#========================================================= -# [Includes] -#========================================================= -. "$script_dir/scripts/_sh_util_lib" -#========================================================= -# [Variables] -#========================================================= -target_base_dir="/opt/share/security-config" -target_aslr_dir="$target_base_dir/test/aslr_test" -target_util_dir="$target_base_dir/test/utils" -target_log_dir="$target_base_dir/log" -target_result_dir="$target_base_dir/result" -#========================================================= -# Script Begin -#========================================================= -echoI "Script Begin" - -sdb root on - -sdb shell mkdir -p $target_aslr_dir - -sdb push $script_dir/scripts/* $target_aslr_dir - -sdb shell su -c $target_aslr_dir/run_aslr_test.sh - -if [ ! -d $script_dir/log ]; then - echo "make log dir" - mkdir $script_dir/log -else - echo "log dir exist" -fi -if [ ! -d $script_dir/result ]; then - echo "make result dir" - mkdir $script_dir/result -else - echo "result dir exist" -fi - -sdb pull $target_log_dir/aslr_test.log $script_dir/log -sdb pull $target_result_dir/aslr_test.result $script_dir/result - -sdb shell rm -rf $target_aslr_dir