From: Unsung Lee <unsung.lee@samsung.com>
Date: Wed, 8 Jan 2025 11:16:22 +0000 (+0900)
Subject: test: kdbus: Replace the code that accesses the attr with the cynara API
X-Git-Tag: accepted/tizen/unified/20250113.094324~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=9ec09947446627d1a511065be0bfdd46013de4c3;p=platform%2Fkernel%2Flinux-tizen-modules-source.git

test: kdbus: Replace the code that accesses the attr with the cynara API

Replace the code that directly accesses /proc/self/attr/current
with a cynara API called cynara_creds_self_get_client.
This is because, direct accessing to /proc/self/attr/current is invalid when SMACK is disabled.

Change-Id: I844b7faf5488a925eea7b2e7129af8d71927f262
Signed-off-by: Unsung Lee <unsung.lee@samsung.com>
---

diff --git a/packaging/linux-tizen-modules-source.spec b/packaging/linux-tizen-modules-source.spec
index b6a7d87..9d573bd 100644
--- a/packaging/linux-tizen-modules-source.spec
+++ b/packaging/linux-tizen-modules-source.spec
@@ -1,5 +1,5 @@
 Name:           linux-tizen-modules-source
-Version:        7.5.0
+Version:        7.5.1
 Release:        0
 License:        GPL-2.0+
 Source0:        %{name}-%{version}.tar.xz
@@ -25,6 +25,8 @@ Group:          System/Kernel
 Provides:       linux-kernel-kdbus-tests
 Provides:       linux-kernel-logger-tests
 BuildRequires:  pkgconfig(libcap)
+BuildRequires:  pkgconfig(cynara-creds-self)
+Requires:       pkgconfig(cynara-creds-self)
 %description    -n linux-tizen-modules-tests
 This package contains tests for Tizen-specific kernel modules.
 
diff --git a/tests/kdbus/Makefile b/tests/kdbus/Makefile
index 01e11d3..7887550 100644
--- a/tests/kdbus/Makefile
+++ b/tests/kdbus/Makefile
@@ -2,7 +2,9 @@ CFLAGS += -I../../include/uapi/
 CFLAGS += -I../../samples/kdbus/
 CFLAGS += -std=gnu99 -Wno-error=shadow
 CFLAGS += -DKBUILD_MODNAME=\"kdbus\" -D_GNU_SOURCE
+CFLAGS += `pkg-config --cflags cynara-creds-self`
 LDFLAGS = -pthread -lcap -lm
+LDFLAGS += `pkg-config --libs cynara-creds-self`
 
 .PHONY: all clean
 
diff --git a/tests/kdbus/kdbus-test.c b/tests/kdbus/kdbus-test.c
index 062efc6..4119747 100644
--- a/tests/kdbus/kdbus-test.c
+++ b/tests/kdbus/kdbus-test.c
@@ -688,6 +688,8 @@ void print_kdbus_test_args(struct kdbus_test_args const *args)
 void print_metadata_support(void)
 {
 	bool no_meta_audit, no_meta_cgroups, no_meta_seclabel;
+	bool security_enabled;
+	int ret;
 
 	/*
 	 * KDBUS_ATTACH_CGROUP, KDBUS_ATTACH_AUDIT and
@@ -695,7 +697,11 @@ void print_metadata_support(void)
 	 */
 	no_meta_audit = !config_auditsyscall_is_enabled();
 	no_meta_cgroups = !config_cgroups_is_enabled();
-	no_meta_seclabel = !config_security_is_enabled();
+	ret = config_get_security_enabled_state(&security_enabled);
+	if (ret < 0)
+		no_meta_seclabel = true;
+	else
+		no_meta_seclabel = !security_enabled;
 
 	if (no_meta_audit | no_meta_cgroups | no_meta_seclabel)
 		print("# Starting tests without %s%s%s metadata support\n",
diff --git a/tests/kdbus/kdbus-util.c b/tests/kdbus/kdbus-util.c
index d9fa167..9f6999e 100644
--- a/tests/kdbus/kdbus-util.c
+++ b/tests/kdbus/kdbus-util.c
@@ -30,6 +30,8 @@
 #include <sys/time.h>
 #include <linux/unistd.h>
 
+#include <cynara-creds-self.h>
+
 #ifndef __NR_memfd_create
   #ifdef __x86_64__
     #define __NR_memfd_create 319
@@ -59,6 +61,8 @@
 /* maximum number of well-known names per connection */
 #define KDBUS_CONN_MAX_NAMES			256
 
+#define SMACK_DISABLED_DEFAULT_SMACK_LABEL	"User::Pkg::default_app_no_Smack_mode"
+
 int kdbus_util_verbose = true;
 
 wur int kdbus_sysfs_get_parameter_mask(const char *path, uint64_t *mask)
@@ -1823,31 +1827,28 @@ wur int config_cgroups_is_enabled(void)
 	return (access("/proc/self/cgroup", F_OK) == 0);
 }
 
-wur int config_security_is_enabled(void)
+wur int config_get_security_enabled_state(bool *security_enabled)
 {
-	int fd;
 	int ret;
-	char buf[128];
+	char *label = NULL;
 
-	/* CONFIG_SECURITY is disabled */
-	if (access("/proc/self/attr/current", F_OK) != 0)
-		return 0;
+	ret = cynara_creds_self_get_client(CLIENT_METHOD_DEFAULT, &label);
+	if (ret != 0) {
+		print("Failed to get self smack label by cynara_creds_self_get_client()\n");
+		return ret;
+	}
 
-	/*
-	 * Now only if read() fails with -EINVAL then we assume
-	 * that SECLABEL and LSM are disabled
+	/**
+	 * cynara_creds_self_get_client() gives SMACK_DISABLED_DEFAULT_SMACK_LABEL as label
+	 * when smack is disabled.
 	 */
-	fd = open("/proc/self/attr/current", O_RDONLY|O_CLOEXEC);
-	if (fd < 0)
-		return 1;
-
-	ret = read(fd, buf, sizeof(buf));
-	if (ret == -1 && errno == EINVAL)
-		ret = 0;
+	if (strncmp(label, SMACK_DISABLED_DEFAULT_SMACK_LABEL,
+				sizeof(SMACK_DISABLED_DEFAULT_SMACK_LABEL)) == 0)
+		*security_enabled = false;
 	else
-		ret = 1;
+		*security_enabled = true;
 
-	CLOSE(fd);
+	free(label);
 
-	return ret;
+	return 0;
 }
diff --git a/tests/kdbus/kdbus-util.h b/tests/kdbus/kdbus-util.h
index 5775142..1c32ad7 100644
--- a/tests/kdbus/kdbus-util.h
+++ b/tests/kdbus/kdbus-util.h
@@ -278,4 +278,4 @@ wur int test_is_capable(int cap, ...);
 wur int config_user_ns_is_enabled(void);
 wur int config_auditsyscall_is_enabled(void);
 wur int config_cgroups_is_enabled(void);
-wur int config_security_is_enabled(void);
\ No newline at end of file
+wur int config_get_security_enabled_state(bool *security_enabled);