From: Zofia Abramowska Date: Fri, 21 Oct 2016 14:42:52 +0000 (+0200) Subject: SM : Cleanup common functions X-Git-Tag: security-manager_5.5_testing~20^2~18 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=89b400aacee883a992870121860abacf37ba1b19;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git SM : Cleanup common functions Remove unused variables and functions. Change-Id: I64e69b261817a575e6e5fa79df22a2e000da0611 --- diff --git a/src/security-manager-tests/common/sm_commons.cpp b/src/security-manager-tests/common/sm_commons.cpp index 586d8256..9d1db71c 100644 --- a/src/security-manager-tests/common/sm_commons.cpp +++ b/src/security-manager-tests/common/sm_commons.cpp @@ -46,26 +46,8 @@ using namespace SecurityManagerTest; // Common const values -const privileges_t SM_ALLOWED_PRIVILEGES = { - "http://tizen.org/privilege/display", - "http://tizen.org/privilege/nfc" -}; - -const privileges_t SM_DENIED_PRIVILEGES = { - "http://tizen.org/privilege/bluetooth", - "http://tizen.org/privilege/power" -}; - -const privileges_t SM_NO_PRIVILEGES = { -}; - const std::vector SM_ALLOWED_GROUPS = {"db_browser", "db_alarm"}; -const std::string uidToStr(const uid_t uid) -{ - return std::to_string(static_cast(uid)); -} - // Common implementation details std::string generateProcessLabel(const std::string &appId, const std::string &pkgId, bool isHybrid) @@ -102,31 +84,6 @@ std::string getPublicPathLabel() return "User::Home"; } -static std::string genPath(int app_num, const char *postfix) { - char buf[16]; - sprintf(buf, "%02d", app_num); - return TzPlatformConfig::globalAppDir() + "/sm_test_" + std::string(buf) + "_pkg_id_full/" + std::string(postfix); -} - -std::string genRWPath(int app_num) { - return genPath(app_num, "app_dir"); -} -std::string genROPath(int app_num) { - return genPath(app_num, "app_dir_ro"); -} -std::string genPublicROPath(int app_num) { - return genPath(app_num, "app_dir_public_ro"); -} - -std::string genOwnerRWOthersROPath(int app_num) { - return genPath(app_num, "app_dir_rw_others_ro"); -} - -static std::string generatePkgLabelOwnerRWothersRO(const std::string &pkgId) -{ - return "User::Pkg::" + pkgId + "::SharedRO"; -} - // Common DB/nftw checks // nftw doesn't allow passing user data to functions. Work around by using global variable @@ -217,16 +174,6 @@ int nftw_check_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/, return 0; } -static int nftw_set_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/, - int /*typeflag*/, struct FTW* /*ftwbuf*/) -{ - smack_lsetlabel(fpath, "canary_label", SMACK_LABEL_ACCESS); - smack_lsetlabel(fpath, "canary_label", SMACK_LABEL_EXEC); - smack_lsetlabel(fpath, nullptr, SMACK_LABEL_TRANSMUTE); - - return 0; -} - int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/, int /*typeflag*/, struct FTW* /*ftwbuf*/) { @@ -237,8 +184,6 @@ int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/, return 0; } -static const std::string SM_DENIED_PATH = TzPlatformConfig::globalAppDir() + "/non_app_dir"; - void check_app_permissions(const std::string &app_id, const std::string &pkg_id, const std::string &user, const privileges_t &allowed_privs, const privileges_t &denied_privs, bool isHybrid) @@ -346,49 +291,6 @@ void check_path(const std::string &path, const std::string &label, bool transmut RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << path); } -void check_app_path_after_install(int app_num, const char *pkgId, bool others_enabled) -{ - std::string SM_RW_PATH = genRWPath(app_num); - std::string SM_RO_PATH = genROPath(app_num); - std::string SM_PUBLIC_RO_PATH = genPublicROPath(app_num); - int result; - - nftw_expected_label = generatePathRWLabel(pkgId); - nftw_expected_transmute = true; - nftw_expected_exec = false; - - result = nftw(SM_RW_PATH.c_str(), &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_RW_PATH); - - nftw_expected_label = generatePathRWLabel(pkgId) + "::RO"; - nftw_expected_transmute = false; - nftw_expected_exec = false; - - result = nftw(SM_RO_PATH.c_str(), &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_RO_PATH); - - nftw_expected_label = "User::Home"; - nftw_expected_transmute = true; - nftw_expected_exec = false; - - result = nftw(SM_PUBLIC_RO_PATH.c_str(), &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_RO_PATH); - - result = nftw(SM_DENIED_PATH.c_str(), &nftw_check_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_DENIED_PATH); - - // owner RW, others RO - if(others_enabled) { - std::string SM_OWNER_RW_OTHERS_RO_PATH = genOwnerRWOthersROPath(app_num); - nftw_expected_label = generatePkgLabelOwnerRWothersRO(pkgId); - nftw_expected_transmute = true; - nftw_expected_exec = false; - - result = nftw(SM_OWNER_RW_OTHERS_RO_PATH.c_str(), &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_OWNER_RW_OTHERS_RO_PATH); - } -} - void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id, const bool is_pkg_removed) { @@ -405,7 +307,7 @@ void check_app_after_uninstall(const std::string &app_id, const std::string &pkg /*Privileges should not be granted anymore to any user*/ - check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, SM_NO_PRIVILEGES, privileges, isHybrid); + check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, {}, privileges, isHybrid); } std::string access_opposite(std::string &access) { @@ -455,132 +357,6 @@ CapsSetsUniquePtr setCaps(const char *cap_string) return caps; } -static void prepare_app_path(int app_num, bool others_enabled = false) -{ - std::string SM_RW_PATH = genRWPath(app_num); - std::string SM_RO_PATH = genROPath(app_num); - std::string SM_PUBLIC_RO_PATH = genPublicROPath(app_num); - int result; - - result = nftw(SM_RW_PATH.c_str(), &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_RW_PATH); - - result = nftw(SM_RO_PATH.c_str(), &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_RO_PATH); - - result = nftw(SM_PUBLIC_RO_PATH.c_str(), &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_PUBLIC_RO_PATH); - - if(others_enabled) { - std::string SM_OWNER_RW_OTHERS_RO_PATH = genOwnerRWOthersROPath(app_num); - result = nftw(SM_OWNER_RW_OTHERS_RO_PATH.c_str(), &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_OWNER_RW_OTHERS_RO_PATH); - } - - result = nftw(SM_DENIED_PATH.c_str(), &nftw_set_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS); - RUNNER_ASSERT_MSG(result == 0, "Unable to set Smack labels in " << SM_DENIED_PATH); -} - -void prepare_app_env(int app_num, bool others_enabled) -{ - prepare_app_path(app_num, others_enabled); -} - -void install_app(const std::string &app_id, const std::string &pkg_id, uid_t uid, app_install_type type, - bool check_after) -{ - InstallRequest request; - request.setAppId(app_id); - request.setPkgId(pkg_id); - request.setUid(uid); - if (type != SM_APP_INSTALL_NONE) - request.setInstallType(type); - Api::install(request); - - if (check_after) - check_app_after_install(app_id, pkg_id); -} - -void uninstall_app(const std::string &app_id, const std::string &pkg_id, bool expect_pkg_removed, - app_install_type type, bool check_after) -{ - InstallRequest request; - request.setAppId(app_id); - if (type != SM_APP_INSTALL_NONE) - request.setInstallType(type); - Api::uninstall(request); - - if (check_after) - check_app_after_uninstall(app_id, pkg_id, expect_pkg_removed); -} - -static const std::string EXEC_FILE("exec"); -static const std::string NORMAL_FILE("normal"); -static const std::string LINK_PREFIX("link_to_"); - -static void createTestDir(const std::string &dir) -{ - mode_t dirMode = S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH; - mode_t execFileMode = S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH; - mode_t normalFileMode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH; - - mktreeSafe(dir, dirMode); - creatSafe(dir + "/" + EXEC_FILE, execFileMode); - creatSafe(dir + "/" + NORMAL_FILE, normalFileMode); - symlinkSafe(dir + "/" + EXEC_FILE, dir + "/" + LINK_PREFIX + EXEC_FILE); - symlinkSafe(dir + "/" + NORMAL_FILE, dir + "/" + LINK_PREFIX + NORMAL_FILE); -} - -static void createInnerAppDir(const std::string &dir, const std::string &nonAppDir) -{ - createTestDir(dir); - - symlinkSafe(nonAppDir, dir + "/" + LINK_PREFIX + "non_app_dir"); - symlinkSafe(nonAppDir + "/" + EXEC_FILE, - dir + "/" + LINK_PREFIX + "non_app_" + EXEC_FILE); - symlinkSafe(nonAppDir + "/" + NORMAL_FILE, - dir + "/" + LINK_PREFIX + "non_app_" + NORMAL_FILE); -} - -static const std::string nonAppDirPath(const TemporaryTestUser &user) -{ - return TMP_DIR + "/" + user.getUserName(); -} - -static void generateAppDir(const TemporaryTestUser &user, - const std::string &appId, const std::string &pkgId) -{ - const std::string dir = TzPlatformConfig::appDirPath(user, appId, pkgId); - const std::string nonAppDir = nonAppDirPath(user); - - createInnerAppDir(dir, nonAppDir); - createInnerAppDir(dir + "/.inner_dir", nonAppDir); - createInnerAppDir(dir + "/inner_dir", nonAppDir); -} - -static void generateNonAppDir(const TemporaryTestUser &user) -{ - const std::string dir = nonAppDirPath(user); - - createTestDir(dir); - createTestDir(dir + "/.inner_dir"); - createTestDir(dir + "/inner_dir"); -} - -void createTestDirs(const TemporaryTestUser &user, - const std::string &appId, const std::string &pkgId) -{ - generateAppDir(user, appId, pkgId); - generateNonAppDir(user); -} - -void removeTestDirs(const TemporaryTestUser &user, - const std::string &appId, const std::string &pkgId) -{ - removeDir(TzPlatformConfig::appDirPath(user, appId, pkgId)); - removeDir(nonAppDirPath(user)); -} - pid_t runInChild(const std::function &process) { pid_t pid = fork(); RUNNER_ASSERT_ERRNO_MSG(pid >= 0, "fork failed"); @@ -593,19 +369,12 @@ pid_t runInChild(const std::function &process) { } void runInChildParentWait(const std::function &process) { - SynchronizationPipe pipe; pid_t pid = fork(); RUNNER_ASSERT_ERRNO_MSG(pid >= 0, "fork failed"); - if (pid == 0) { - pipe.claimChildEp(); - process(); - - pipe.post(); exit(EXIT_SUCCESS); } else { - pipe.claimParentEp(); - pipe.wait(); + waitPid(pid); } } diff --git a/src/security-manager-tests/common/sm_commons.h b/src/security-manager-tests/common/sm_commons.h index 3e20472b..23ef4e31 100644 --- a/src/security-manager-tests/common/sm_commons.h +++ b/src/security-manager-tests/common/sm_commons.h @@ -35,21 +35,9 @@ DEFINE_SMARTPTR(cap_free, _cap_struct, CapsSetsUniquePtr); -struct app_attributes { - std::string package; - std::string Tizen_ver; -}; - const int FTW_MAX_FDS = 16; -extern const privileges_t SM_ALLOWED_PRIVILEGES; -extern const privileges_t SM_DENIED_PRIVILEGES; -extern const privileges_t SM_NO_PRIVILEGES; extern const std::vector SM_ALLOWED_GROUPS; -const std::string SM_RW_PATH = - TzPlatformConfig::globalAppDir() + "/sm_test_02_pkg_id_full/app_dir"; - -const std::string uidToStr(const uid_t uid); std::string generateProcessLabel(const std::string &appId, const std::string &pkgId, bool isHybrid = false); std::string generatePathRWLabel(const std::string &pkgId); @@ -57,10 +45,6 @@ std::string generatePathROLabel(const std::string &pkgId); std::string generatePathSharedROLabel(const std::string &pkgId); std::string generatePathTrustedLabel(int64_t authorId); std::string getPublicPathLabel(); -std::string genRWPath(int app_num); -std::string genROPath(int app_num); -std::string genPublicROPath(int app_num); -std::string genOwnerRWOthersROPath(int app_num); int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/, int /*typeflag*/, struct FTW* /*ftwbuf*/); @@ -78,7 +62,6 @@ void check_app_after_install(const std::string &app_id, const std::string &pkg_i bool isHybrid = false); void check_path(const std::string &path, const std::string &label, bool transmute = true, bool execute = false); -void check_app_path_after_install(int app_num, const char *pkgId, bool others_enabled=false); void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id, const bool is_pkg_removed); void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id, @@ -91,17 +74,6 @@ void check_exact_smack_accesses(const std::string &subject, const std::string &access); CapsSetsUniquePtr setCaps(const char *cap_string); -void prepare_app_env(int app_num, bool others_enabled = false); -void install_app(const std::string &app_id, const std::string &pkg_id, uid_t uid = 0, - app_install_type type = SM_APP_INSTALL_NONE, bool check_after = true); -void uninstall_app(const std::string &app_id, const std::string &pkg_id, - bool expect_pkg_removed = false, app_install_type type = SM_APP_INSTALL_NONE, - bool check_after = true); - -void createTestDirs(const TemporaryTestUser &user, - const std::string &appId, const std::string &pkgId); -void removeTestDirs(const TemporaryTestUser &user, - const std::string &appId, const std::string &pkgId); pid_t runInChild(const std::function &process);