From: Marcin Niesluchowski Date: Tue, 27 Aug 2013 16:42:37 +0000 (+0200) Subject: Changing tests to run properly on RUNNER_MULTIPROCESS_TEST macro. X-Git-Tag: security-manager_5.5_testing~354 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=7dc6b4ce195bf1d06fff8d188a8eedbe11cdc833;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Changing tests to run properly on RUNNER_MULTIPROCESS_TEST macro. [Issue#] SSDWSSP-438 [Bug/Feature] While failing, test case exits with several processes. Tests are duplicated. [Cause] No multiprocessing assert handling. [Solution] Adding new test case types to wrt-commons: http://slp-info.sec.samsung.net/gerrit/#/c/267716/ [Verification] Building wrt-commons and running tests. If failing, shold exit properly (one process at the end of the test case). Change-Id: Ib373141bdf577c00cf1c66fe54ad97e0d3e2701c --- diff --git a/tests/common/tests_common.h b/tests/common/tests_common.h index 5073c3f0..4f753fc6 100644 --- a/tests/common/tests_common.h +++ b/tests/common/tests_common.h @@ -27,6 +27,7 @@ #include #include #include +#include int smack_runtime_check(void); int smack_check(void); @@ -85,4 +86,35 @@ int smack_check(void); } \ void Proc##Child() +#define RUNNER_MULTIPROCESS_TEST_SMACK(Proc) \ + void Proc(); \ + void Proc##Multi(); \ + static int Static##Proc##Init() \ + { \ + if(smack_check()) \ + DPL::Test::TestRunnerSingleton::Instance().RegisterTest(#Proc, &Proc); \ + return 0; \ + } \ + const int DPL_UNUSED Static##Proc##InitVar = Static##Proc##Init(); \ + void Proc(){ \ + DPL::Test::RunMultiProc(&Proc##Multi); \ + } \ + void Proc##Multi() + +#define RUNNER_MULTIPROCESS_TEST_NOSMACK(Proc) \ + void Proc(); \ + void Proc##Multi(); \ + static int Static##Proc##Init() \ + { \ + if(!(smack_check())) \ + DPL::Test::TestRunnerSingleton::Instance().RegisterTest(#Proc, &Proc); \ + return 0; \ + } \ + const int DPL_UNUSED Static##Proc##InitVar = Static##Proc##Init(); \ + void Proc(){ \ + DPL::Test::RunMultiProc(&Proc##Multi); \ + } \ + void Proc##Multi() + + #endif diff --git a/tests/libprivilege-control-tests/test_cases.cpp b/tests/libprivilege-control-tests/test_cases.cpp index 74caac9f..404420cf 100644 --- a/tests/libprivilege-control-tests/test_cases.cpp +++ b/tests/libprivilege-control-tests/test_cases.cpp @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -42,7 +43,6 @@ #include #include #include -#include #include #include #include @@ -1925,7 +1925,7 @@ static void smack_unix_sock_server(int sock) free(smack_label); } -RUNNER_TEST_SMACK(privilege_control15_app_id_from_socket) +RUNNER_MULTIPROCESS_TEST_SMACK(privilege_control15_app_id_from_socket) { int pid; struct sockaddr_un sockaddr = {AF_UNIX, SOCK_PATH}; @@ -1966,7 +1966,7 @@ RUNNER_TEST_SMACK(privilege_control15_app_id_from_socket) /* Let's give the two servers different labels */ smack_unix_sock_server(sock); close(sock); - waitpid(pid, NULL, 0); + exit(0); } else { /* parent process, client */ sleep(1); /* Give server some time to setup listening socket */ @@ -2008,7 +2008,6 @@ RUNNER_TEST_SMACK(privilege_control15_app_id_from_socket) } close(sock); } - waitpid(pid, NULL, 0); } } @@ -3158,7 +3157,7 @@ RUNNER_TEST_NOSMACK(privilege_control14_app_add_friend_nosmack) * client are created then sockets are set up and perm_app_id_from_socket is used. On NOSMACK env * correct behaviour for perm_app_id_from_socket would be returning NULL label. */ -RUNNER_TEST_NOSMACK(privilege_control15_app_id_from_socket_nosmack) +RUNNER_MULTIPROCESS_TEST_NOSMACK(privilege_control15_app_id_from_socket_nosmack) { int pid; struct sockaddr_un sockaddr = {AF_UNIX, SOCK_PATH}; @@ -3222,14 +3221,8 @@ RUNNER_TEST_NOSMACK(privilege_control15_app_id_from_socket_nosmack) //Use perm_app_id_from_socket. Should fail and return NULL smack_label. smack_label = perm_app_id_from_socket(sock); - if (smack_label != NULL) { - close(sock); - RUNNER_ASSERT_MSG(0, "perm_app_id_from_socket should fail."); - } - - //cleanup close(sock); - waitpid(pid, NULL, 0); + RUNNER_ASSERT_MSG(smack_label == NULL, "perm_app_id_from_socket should fail."); } } @@ -4143,4 +4136,4 @@ RUNNER_TEST(privilege_control23_app_installation2_10x10) RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_uninstall. Result: " << result); -} \ No newline at end of file +} diff --git a/tests/libsmack-tests/test_cases.cpp b/tests/libsmack-tests/test_cases.cpp index 2acd01e2..94ee92bb 100644 --- a/tests/libsmack-tests/test_cases.cpp +++ b/tests/libsmack-tests/test_cases.cpp @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -35,7 +36,6 @@ #include #include #include -#include #include "tests_common.h" #define TEST_SUBJECT "test_subject" @@ -1398,7 +1398,7 @@ static void smack_unix_sock_server(int sock) free(smack_label); } -RUNNER_TEST_SMACK(smack09_new_label_from_socket) +RUNNER_MULTIPROCESS_TEST_SMACK(smack09_new_label_from_socket) { int pid; struct sockaddr_un sockaddr = {AF_UNIX, SOCK_PATH}; @@ -1428,8 +1428,7 @@ RUNNER_TEST_SMACK(smack09_new_label_from_socket) smack_unix_sock_server(sock); } close(sock); - if (pid) - waitpid(pid, NULL, 0); + exit(0); } else { /* parent process, client */ sleep(1); /* Give server some time to setup listening socket */ @@ -1456,7 +1455,6 @@ RUNNER_TEST_SMACK(smack09_new_label_from_socket) RUNNER_ASSERT_MSG(result != 0, "smack labels do not differ: '" << smack_label1 << "' != '" << smack_label2 << "' i == " << i); close(sock); } - waitpid(pid, NULL, 0); } } @@ -1674,7 +1672,7 @@ RUNNER_TEST_NOSMACK(smack05_accesses_add_modify_nosmack) * acquired from getsockopt, and it should fail, we must only set up socket and call * smack_new_label_from_socket. It should return error. */ -RUNNER_TEST_NOSMACK(smack09_new_label_from_socket_nosmack) +RUNNER_MULTIPROCESS_TEST_NOSMACK(smack09_new_label_from_socket_nosmack) { int pid; struct sockaddr_un sockaddr = {AF_UNIX, SOCK_PATH}; @@ -1740,13 +1738,7 @@ RUNNER_TEST_NOSMACK(smack09_new_label_from_socket_nosmack) //Try getting label, should fail beacuse getsockopt won't get anything result = smack_new_label_from_socket(sock, &smack_label); - if (result != -1) { - close(sock); - RUNNER_ASSERT_MSG(false, "smack_new_label_from_socket should fail."); - } - - //Close socket, wait for server shutdown close(sock); - waitpid(pid, NULL, 0); + RUNNER_ASSERT_MSG(result == -1, "smack_new_label_from_socket should fail."); } } diff --git a/tests/security-server-tests/security_server_measurer_API_speed.cpp b/tests/security-server-tests/security_server_measurer_API_speed.cpp index 1244ecbc..a9ef2f79 100644 --- a/tests/security-server-tests/security_server_measurer_API_speed.cpp +++ b/tests/security-server-tests/security_server_measurer_API_speed.cpp @@ -34,6 +34,7 @@ #include #include #include +#include #include #include #include @@ -45,9 +46,9 @@ #include #include #include -#include #include #include +#include #include "security_server_mockup.h" /*Number of calls in a single test*/ @@ -258,6 +259,12 @@ void finish_stats(readwrite_stats *stats, const char* function_name) { LogDebug("No function call succeeded\n"); } +void closesockfdptr(int* sockfd_ptr) +{ + close(*sockfd_ptr); +} +typedef std::unique_ptr > SockFDUniquePtr; + /*TEST CASES*/ RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_API_SPEED_MEASURER) @@ -344,7 +351,7 @@ RUNNER_TEST(m030_security_server_request_cookie) { * Create new processes and measures times of first calls of security_server_request_cookie in them * */ -RUNNER_TEST(m031_security_server_request_cookie_first_time_only) { +RUNNER_MULTIPROCESS_TEST(m031_security_server_request_cookie_first_time_only) { int ret; size_t cookie_size; cookie_size = security_server_get_cookie_size(); @@ -384,7 +391,7 @@ RUNNER_TEST(m031_security_server_request_cookie_first_time_only) { { /* Parent */ RUNNER_ASSERT_MSG(my_pipe_read(pipefd[0], &number_of_calls, sizeof(number_of_calls)) == sizeof(number_of_calls), "error in read number of calls to pipe"); RUNNER_ASSERT_MSG(my_pipe_read(pipefd[0], &duration_of_calls, sizeof(duration_of_calls)) == sizeof(duration_of_calls), "error in read duration of calls to pipe"); - wait(NULL); /* Wait for child */ + RUNNER_ASSERT_MSG(number_of_calls > 0, "commmunication error"); stats_update(&stats, number_of_calls, duration_of_calls); } @@ -486,7 +493,7 @@ RUNNER_TEST(m060_security_server_check_privilege_by_cookie) { * measurer: Fails only on connection error. */ -RUNNER_TEST(m070_security_server_check_privilege_by_sockfd) { +RUNNER_MULTIPROCESS_TEST(m070_security_server_check_privilege_by_sockfd) { const char *object_label = M70_OBJECT_LABEL; const char *access_rights = "r"; const char *access_rights_ext = "rw"; @@ -507,51 +514,48 @@ RUNNER_TEST(m070_security_server_check_privilege_by_sockfd) { if (0 == pid) { // child int sockfd = create_new_socket(); - if (0 != smack_set_label_for_self(subject_label)) { - LogDebug("child, failed"); - exit(EXIT_FAILURE); - } - if (listen(sockfd, 5) < 0) { - LogDebug("child, exit"); - exit(EXIT_FAILURE); - } + RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed"); + + SockFDUniquePtr sockfd_ptr(&sockfd, closesockfdptr); + + RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(subject_label), "child label " << subject_label << " not set"); + + RUNNER_ASSERT_MSG(listen(sockfd, 5) >= 0, "child listen failed"); + struct sockaddr_un client_addr; socklen_t client_len = sizeof(client_addr); int csockfd; - while(0 <= (csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len))) { - close(csockfd); - } + RUNNER_ASSERT_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0, "child accept failed"); + + close(csockfd); exit(EXIT_SUCCESS); //end child - } - else { + } else { //parent sleep(2); int sockfd = connect_to_testserver(); - LogDebug("Parent: sockfd: " << sockfd); - if (sockfd >= 0) { - for (int i = 1; i <= NUMBER_OF_CALLS; i++) { - start_stats_update(&stats); - /*odd(i) - ask for possessed privileges, even(i) ask for not possessed privileges */ - if (i%2) - ret = security_server_check_privilege_by_sockfd( - sockfd, - object_label, - access_rights_ext); - else - ret = security_server_check_privilege_by_sockfd( - sockfd, - object_label, - access_rights); - RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret); - end_stats_update(&stats); - } - kill(pid, SIGKILL); - finish_stats(&stats, "check_privilege_by_sockfd"); + RUNNER_ASSERT_MSG(sockfd >= 0, "connect_to_testserver() failed"); + + SockFDUniquePtr sockfd_ptr(&sockfd, closesockfdptr); + + for (int i = 1; i <= NUMBER_OF_CALLS; i++) { + start_stats_update(&stats); + /*odd(i) - ask for possessed privileges, even(i) ask for not possessed privileges */ + if (i%2) + ret = security_server_check_privilege_by_sockfd( + sockfd, + object_label, + access_rights_ext); + else + ret = security_server_check_privilege_by_sockfd( + sockfd, + object_label, + access_rights); + RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret); + end_stats_update(&stats); } - int status; - waitpid(pid, &status, 0); - //end parent + + finish_stats(&stats, "check_privilege_by_sockfd"); } } diff --git a/tests/security-server-tests/security_server_tests_client_smack.cpp b/tests/security-server-tests/security_server_tests_client_smack.cpp index b383ec03..f73b97b4 100644 --- a/tests/security-server-tests/security_server_tests_client_smack.cpp +++ b/tests/security-server-tests/security_server_tests_client_smack.cpp @@ -24,6 +24,7 @@ #include #include #include +#include #include "security_server_mockup.h" #include @@ -215,7 +216,7 @@ RUNNER_CHILD_TEST_SMACK(tc05_check_privilege_by_cookie) * expected: Function call with access rights set to "r" should return SUCCESS, * with "rw" should return ACCESS DENIED. */ -RUNNER_TEST_SMACK(tc06_check_privilege_by_sockfd) +RUNNER_MULTIPROCESS_TEST_SMACK(tc06_check_privilege_by_sockfd) { const char *object_label = "tc06objectlabel"; const char *access_rights = "r"; @@ -240,14 +241,12 @@ RUNNER_TEST_SMACK(tc06_check_privilege_by_sockfd) if (0 == pid) { // child - if (0 != smack_set_label_for_self(subject_label)) { - LogDebug("child, failed"); - exit(1); - } + RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(subject_label), "child label " << subject_label << " not set"); - LogDebug("child, create_new_socket"); int sockfd = create_new_socket(); + RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed"); + SockFDUniquePtr sockfd_ptr(&sockfd, closesockfdptr); label = security_server_get_smacklabel_sockfd(sockfd); RUNNER_ASSERT_MSG(label != NULL, "security_server_get_smacklabel_sockfd failed"); @@ -256,66 +255,45 @@ RUNNER_TEST_SMACK(tc06_check_privilege_by_sockfd) RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid()); - LogDebug("child, listen"); - if (listen(sockfd, 5) < 0) { - LogDebug("child, exit"); - exit(1); - } + RUNNER_ASSERT_MSG(listen(sockfd, 5) >= 0, "child listen failed"); label = security_server_get_smacklabel_sockfd(sockfd); RUNNER_ASSERT_MSG(label != NULL, "security_server_get_smacklabel_sockfd failed"); RUNNER_ASSERT_MSG(strcmp(label,"") == 0, "label is \"" << label << "\""); free(label); - - LogDebug("child, accept"); struct sockaddr_un client_addr; socklen_t client_len = sizeof(client_addr); int csockfd; - while (0 <= (csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len))) { - LogDebug("child, loop"); - close(csockfd); - } - + RUNNER_ASSERT_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0, "child accept failed"); - label = security_server_get_smacklabel_sockfd(sockfd); - RUNNER_ASSERT_MSG(label != NULL, "security_server_get_smacklabel_sockfd failed"); - RUNNER_ASSERT_MSG(strcmp(label,subject_label) == 0, "label is \"" << label << "\"" << "subject_label is \"" << subject_label << "\"" ); - free(label); + usleep(500); - LogDebug("Exit!"); - exit(1); + close(csockfd); + exit(0); } else { // parent - LogDebug("Parent, sleep 2"); sleep(1); int sockfd = connect_to_testserver(); + RUNNER_ASSERT_MSG(sockfd >= 0, "connect_to_testserver() failed"); + + SockFDUniquePtr sockfd_ptr(&sockfd, closesockfdptr); label = security_server_get_smacklabel_sockfd(sockfd); RUNNER_ASSERT_MSG(label != NULL, "security_server_get_smacklabel_sockfd failed"); - RUNNER_ASSERT_MSG(strcmp(label,subject_label) == 0, "label is \"" << label << "\"" << "subject_label is \"" << subject_label << "\"" ); + RUNNER_ASSERT_MSG(strcmp(label,subject_label) == 0, "label is \"" << label << "\"" << ", subject_label is \"" << subject_label << "\"" ); free(label); - LogDebug("Parent: sockfd: " << sockfd); - if (sockfd >= 0) { - result1 = security_server_check_privilege_by_sockfd( - sockfd, - object_label, - access_rights); - result2 = security_server_check_privilege_by_sockfd( - sockfd, - object_label, - access_rights_ext); - } - LogDebug("Parent: Close desc"); - close(sockfd); - LogDebug("Parent: killing child"); - kill(pid, SIGKILL); + result1 = security_server_check_privilege_by_sockfd( + sockfd, + object_label, + access_rights); + result2 = security_server_check_privilege_by_sockfd( + sockfd, + object_label, + access_rights_ext); } - int status; - waitpid(pid, &status, 0); - RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result1, "result = " << result1); RUNNER_ASSERT_MSG(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2, "result = " << result2); } @@ -330,7 +308,7 @@ RUNNER_TEST_SMACK(tc06_check_privilege_by_sockfd) * expected: Function call with access rights set to "r" should return SUCCESS, * with "rw" should return ACCESS DENIED. */ -RUNNER_TEST_SMACK(tc07_check_privilege_by_sockfd) +RUNNER_MULTIPROCESS_TEST_SMACK(tc07_check_privilege_by_sockfd) { const char *object_label = "tc07objectlabel"; const char *access_rights = "r"; @@ -339,7 +317,6 @@ RUNNER_TEST_SMACK(tc07_check_privilege_by_sockfd) int result1 = -1; int result2 = -1; - int kill_result = -1; smack_accesses *handle; RUNNER_ASSERT(0 == smack_accesses_new(&handle)); @@ -355,64 +332,46 @@ RUNNER_TEST_SMACK(tc07_check_privilege_by_sockfd) if (0 == pid) { // child - LogDebug("child, create_new_socket"); int sockfd = create_new_socket(); + RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed"); + + SockFDUniquePtr sockfd_ptr(&sockfd, closesockfdptr); - if (0 != smack_set_label_for_self(subject_label)) { - LogDebug("child, failed"); - exit(1); - } + RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(subject_label), "child label " << subject_label << " not set"); RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid()); - LogDebug("child, listen"); - if (listen(sockfd, 5) < 0) { - LogDebug("child, exit"); - exit(1); - } - LogDebug("child, accept"); + RUNNER_ASSERT_MSG(listen(sockfd, 5) >= 0, "child listen failed"); struct sockaddr_un client_addr; socklen_t client_len = sizeof(client_addr); int csockfd; - while (0 <= (csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len))) { - LogDebug("child, loop"); - close(csockfd); - } - LogDebug("Exit!"); - exit(1); + RUNNER_ASSERT_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0, "child accept failed"); + + usleep(500); + + close(csockfd); + exit(0); } else { // parent RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid()); - LogDebug("Parent, sleep 2"); - sleep(2); + sleep(1); int sockfd = connect_to_testserver(); - LogDebug("Parent: sockfd: " << sockfd); - if (sockfd >= 0) { - result1 = security_server_check_privilege_by_sockfd( - sockfd, - object_label, - access_rights); - result2 = security_server_check_privilege_by_sockfd( - sockfd, - object_label, - access_rights_ext); - } - LogDebug("Parent: Close desc"); - close(sockfd); - LogDebug("Parent: killing child"); - // we cannot kill child - because of dropping privileges - kill_result = kill(pid, SIGKILL); - } + RUNNER_ASSERT_MSG(sockfd >= 0, "connect_to_testserver() failed"); + + result1 = security_server_check_privilege_by_sockfd( + sockfd, + object_label, + access_rights); + result2 = security_server_check_privilege_by_sockfd( + sockfd, + object_label, + access_rights_ext); - if (kill_result == 0) { - int status; - waitpid(pid, &status, 0); + close(sockfd); } - else - sleep(2); RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result1, "result1 = " << result1); RUNNER_ASSERT_MSG(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2, " result2 = " << result2); @@ -501,7 +460,7 @@ RUNNER_CHILD_TEST_NOSMACK(tc05_check_privilege_by_cookie_nosmack) * For client the only difference are expected results from check_privilege_by_sockfd - both should * return SUCCESS. */ -RUNNER_TEST_NOSMACK(tc06_check_privilege_by_sockfd_nosmack) +RUNNER_MULTIPROCESS_TEST_NOSMACK(tc06_check_privilege_by_sockfd_nosmack) { const char* object_label = "tc06objectlabel"; @@ -512,38 +471,31 @@ RUNNER_TEST_NOSMACK(tc06_check_privilege_by_sockfd_nosmack) char* label; RUNNER_ASSERT(pid >= 0); + int ret; + if (pid == 0) { //child process - server - int ret; //create new socket int sockfd = create_new_socket(); - if(sockfd < 0) - exit(1); //failed to create server; return 1 + RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed"); SockFDUniquePtr sockfd_ptr(&sockfd, closesockfdptr); //check if get_smacklabel_sockfd works correctly label = security_server_get_smacklabel_sockfd(sockfd); - if(label == NULL) - exit(2); //label is NULL, get_smacklabel_sockfd failed; return 2 - + RUNNER_ASSERT_MSG(label != NULL, "security_server_get_smacklabel_sockfd failed"); ret = strcmp(label, ""); free(label); - if(ret != 0) - exit(3); //label is not an empty string; return 3 + RUNNER_ASSERT_MSG(ret == 0, "label is \"" << label << "\""); - ret = drop_root_privileges(); - if(ret != 0) - exit(4); //failed to drop root privileges; return 4 + RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid()); - if (listen(sockfd, 5) < 0) - exit(5); //listen failed; return 5 + RUNNER_ASSERT_MSG(listen(sockfd, 5) >= 0, "child listen failed"); struct sockaddr_un client_addr; socklen_t client_len = sizeof(client_addr); int csockfd; - if((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) <= 0) - exit(6); //accept failed; return 6 + RUNNER_ASSERT_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0, "child accept failed"); //wait a little bit for parent to do it's job usleep(200); @@ -553,7 +505,6 @@ RUNNER_TEST_NOSMACK(tc06_check_privilege_by_sockfd_nosmack) exit(0); } else { //parent - int ret; sleep(1); int sockfd = connect_to_testserver(); RUNNER_ASSERT_MSG(sockfd >= 0, "Failed to connect to server."); @@ -562,30 +513,12 @@ RUNNER_TEST_NOSMACK(tc06_check_privilege_by_sockfd_nosmack) label = security_server_get_smacklabel_sockfd(sockfd); RUNNER_ASSERT_MSG(label != NULL, "get_smacklabel_sockfd failed."); - ret = strcmp(label, ""); free(label); - RUNNER_ASSERT_MSG(ret == 0, "label is \"" << label << "\", should be empty"); + RUNNER_ASSERT_MSG(ret == 0, "label is \"" << label << "\""); result1 = security_server_check_privilege_by_sockfd(sockfd, object_label, "r"); result2 = security_server_check_privilege_by_sockfd(sockfd, object_label, "rw"); - - kill(pid, SIGKILL); - } - - int status; - waitpid(pid, &status, 0); - - //check how our child process returned - switch(WEXITSTATUS(status)) - { - case 1: RUNNER_ASSERT_MSG(false, "Child failed to create server."); - case 2: RUNNER_ASSERT_MSG(false, "Child error - get_smacklabel_sockfd failed."); - case 3: RUNNER_ASSERT_MSG(false, "Child error - label is not an empty string."); - case 4: RUNNER_ASSERT_MSG(false, "Child failed to drop root privileges."); - case 5: RUNNER_ASSERT_MSG(false, "Child error - listen failed."); - case 6: RUNNER_ASSERT_MSG(false, "Child error - accept failed."); - default: ; } RUNNER_ASSERT_MSG(result1 == SECURITY_SERVER_API_SUCCESS, "result = " << result1); @@ -595,7 +528,7 @@ RUNNER_TEST_NOSMACK(tc06_check_privilege_by_sockfd_nosmack) /** * NOSMACK version of tc07 test. */ -RUNNER_TEST_NOSMACK(tc07_check_privilege_by_sockfd_nosmack) +RUNNER_MULTIPROCESS_TEST_NOSMACK(tc07_check_privilege_by_sockfd_nosmack) { const char* object_label = "tc07objectlabel"; @@ -606,30 +539,24 @@ RUNNER_TEST_NOSMACK(tc07_check_privilege_by_sockfd_nosmack) RUNNER_ASSERT(-1 != pid); if (pid == 0) { //child process - int ret; //Create socket int sockfd = create_new_socket(); - if(sockfd < 0) - exit(1); //failed to create server, return 1 + RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed"); SockFDUniquePtr sockfd_ptr(&sockfd, closesockfdptr); //Drop privileges - ret = drop_root_privileges(); - if(ret != 0) - exit(2); //failed to drop root privileges; return 2 + RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid()); //Prepare for accepting - if (listen(sockfd, 5) < 0) - exit(3); //listen failed; return 3 + RUNNER_ASSERT_MSG(listen(sockfd, 5) >= 0, "child listen failed"); struct sockaddr_un client_addr; socklen_t client_len = sizeof(client_addr); //Accept connections int csockfd; - if((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) <= 0) - exit(4); //accept failed; return 4 + RUNNER_ASSERT_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0, "child accept failed"); //wait a little bit for parent to do it's job usleep(200); @@ -639,9 +566,7 @@ RUNNER_TEST_NOSMACK(tc07_check_privilege_by_sockfd_nosmack) exit(0); } else { //parent process //Drop root privileges - int ret = drop_root_privileges(); - RUNNER_ASSERT_MSG(ret == 0, - "Failed to drop root privileges. Result: " << ret << ", uid = " << getuid()); + RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid()); //Wait for server to set up sleep(1); @@ -654,19 +579,6 @@ RUNNER_TEST_NOSMACK(tc07_check_privilege_by_sockfd_nosmack) result2 = security_server_check_privilege_by_sockfd(sockfd, object_label, "rw"); close(sockfd); - kill(pid, SIGKILL); - } - - int status; - waitpid(pid, &status, 0); - - switch(WEXITSTATUS(status)) - { - case 1: RUNNER_ASSERT_MSG(false, "Child failed to create server."); - case 2: RUNNER_ASSERT_MSG(false, "Child failed to drop root privileges."); - case 3: RUNNER_ASSERT_MSG(false, "Child failed to listen to sockfd."); - case 4: RUNNER_ASSERT_MSG(false, "Child failed to accept connection from server."); - default: ; } //Both results (just like in the previous test case) should return success. diff --git a/tests/security-server-tests/security_server_tests_dbus.cpp b/tests/security-server-tests/security_server_tests_dbus.cpp index 9ff3b754..be179dba 100644 --- a/tests/security-server-tests/security_server_tests_dbus.cpp +++ b/tests/security-server-tests/security_server_tests_dbus.cpp @@ -1,8 +1,8 @@ #include #include -#include #include #include +#include #include #include #include @@ -27,7 +27,7 @@ RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_DBUS); -RUNNER_TEST_SMACK(tc01_smack_context_from_DBus) +RUNNER_MULTIPROCESS_TEST_SMACK(tc01_smack_context_from_DBus) { int ret = -1; const char *subject_parent = "subject_parent"; @@ -41,7 +41,6 @@ RUNNER_TEST_SMACK(tc01_smack_context_from_DBus) DBusPendingCall *pending = NULL; const char *dbus_server_name = DBUS_SERVER_NAME; char *smack_context = NULL; - int status; pid_t pid = fork(); RUNNER_ASSERT_MSG(-1 != pid, "fork() failed"); @@ -202,8 +201,6 @@ RUNNER_TEST_SMACK(tc01_smack_context_from_DBus) "dbus_bus_request_name() failed, ret: " << ret); } - waitpid(pid, &status, 0); - // close the connection dbus_connection_unref(conn); } @@ -219,7 +216,7 @@ RUNNER_TEST_SMACK(tc01_smack_context_from_DBus) * This is almost an exact copy of the original SMACK DBus test. As in previous security-server * tests, parts where SMACK is used are skipped, because most important functions will return error. */ -RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) +RUNNER_MULTIPROCESS_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) { int ret = -1; const char* subject_parent = "subject_parent"; @@ -231,7 +228,6 @@ RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) DBusPendingCall *pending = NULL; const char *dbus_server_name = DBUS_SERVER_NAME; char *smack_context = NULL; - int status; pid_t pid = fork(); RUNNER_ASSERT_MSG(-1 != pid, "fork() failed"); @@ -247,14 +243,14 @@ RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) ret = dbus_error_is_set(&err); if (1 == ret) { dbus_error_free(&err); - exit(1); + RUNNER_ASSERT_MSG(false, "Failed to connect to system bus. Ret " << ret); } // request our name on the bus; failure = exit with result 2 ret = dbus_bus_request_name(conn, DBUS_CALLER_NAME, DBUS_NAME_FLAG_REPLACE_EXISTING , &err); if (DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER != ret) { dbus_error_free(&err); - exit(2); + RUNNER_ASSERT_MSG(false, "Failed to request name on the bus. Ret " << ret); } // crate a new method call for checking SMACK context from DBus interface @@ -263,14 +259,12 @@ RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) DBUS_SMACK_INTERFACE, DBUS_SMACK_METHOD); - if(msg == NULL) - exit(3); //dbus_message_new_method_call failed; return 3 + RUNNER_ASSERT_MSG(msg != NULL, "dbus_message_new_method_call() failed."); // append arguments, we need SMACK context for our parent process "test.method.server" dbus_message_iter_init_append(msg, &args); ret = dbus_message_iter_append_basic(&args, DBUS_TYPE_STRING, &dbus_server_name); - if(ret != 1) - exit(4); //out of memory; return 4 + RUNNER_ASSERT_MSG(ret == 1, "Out of memory. Ret " << ret); // wait for parent to connect to DBus sleep(3); @@ -278,10 +272,8 @@ RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) // send message and get a handle for a reply // -1 is default timeout ret = dbus_connection_send_with_reply (conn, msg, &pending, -1); - if(ret != 1) - exit(4); //out of memory; return 4 - if(pending == NULL) - exit(5); //pending call is null; return 5 + RUNNER_ASSERT_MSG(ret == 1, "Out of memory. Ret " << ret); + RUNNER_ASSERT_MSG(pending != NULL, "Pending call is NULL."); dbus_connection_flush(conn); @@ -293,15 +285,13 @@ RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) // get the reply msg = dbus_pending_call_steal_reply(pending); - if(msg == NULL) - exit(6); //reply is null; return 6 + RUNNER_ASSERT_MSG(msg != NULL, "Failed to get the reply from bus."); // free message handle dbus_pending_call_unref(pending); ret = dbus_message_iter_init(msg, &iter); - if (ret == 0) - exit(7); //DBus message has no arguments; return 7 + RUNNER_ASSERT_MSG(ret != 0, "DBus message has no arguments. Ret " << ret); dbus_message_iter_recurse(&iter, &var); while (dbus_message_iter_get_arg_type(&var) != DBUS_TYPE_INVALID) { @@ -325,8 +315,7 @@ RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) dbus_connection_unref(conn); ret = strcmp(smack_context, subject_parent); - if(ret != 0) - exit(8); //context mismatch; return 8 + RUNNER_ASSERT_MSG(ret == 0, "Context mismatch. Context " << smack_context); exit(0); @@ -355,21 +344,6 @@ RUNNER_TEST_NOSMACK(tc01_smack_context_from_DBus_nosmack) // close the connection dbus_connection_unref(conn); } - - waitpid(pid, &status, 0); - - switch(WEXITSTATUS(status)) - { - case 1: RUNNER_ASSERT_MSG(false, "Child failed to connect to system bus."); - case 2: RUNNER_ASSERT_MSG(false, "Child failed to request name on the bus."); - case 3: RUNNER_ASSERT_MSG(false, "Child error - dbus_message_new_method_call() failed."); - case 4: RUNNER_ASSERT_MSG(false, "Child error - out of memory."); - case 5: RUNNER_ASSERT_MSG(false, "Child error - Pending call is NULL."); - case 6: RUNNER_ASSERT_MSG(false, "Child failed to get the reply from bus."); - case 7: RUNNER_ASSERT_MSG(false, "Child error - DBus message has no arguments."); - case 8: RUNNER_ASSERT_MSG(false, "Child error - context mismatch."); - default: ; - } } int main(int argc, char *argv[])