From 52cb0701d19cc392c2dca7cb555534a6f93dfd77 Mon Sep 17 00:00:00 2001 From: Marcin Niesluchowski Date: Mon, 16 Jun 2014 11:48:12 +0200 Subject: [PATCH] Refactor test for smack_*getlabel and smack_*setlabel. Change-Id: I65b60e6d13137b3d6a3ece46becde5050f4aa0b0 --- tests/common/CMakeLists.txt | 1 + tests/common/fs_label_manager.cpp | 246 ++++++++++++++++++++++++++ tests/common/fs_label_manager.h | 75 ++++++++ tests/libsmack-tests/test_cases.cpp | 337 ++++++++++++------------------------ 4 files changed, 432 insertions(+), 227 deletions(-) create mode 100644 tests/common/fs_label_manager.cpp create mode 100644 tests/common/fs_label_manager.h diff --git a/tests/common/CMakeLists.txt b/tests/common/CMakeLists.txt index 53077eb..bf079e0 100644 --- a/tests/common/CMakeLists.txt +++ b/tests/common/CMakeLists.txt @@ -23,6 +23,7 @@ SET(COMMON_TARGET_TEST_SOURCES ${PROJECT_SOURCE_DIR}/tests/common/gdbbacktrace.cpp ${PROJECT_SOURCE_DIR}/tests/common/memory.cpp ${PROJECT_SOURCE_DIR}/tests/common/db_sqlite.cpp + ${PROJECT_SOURCE_DIR}/tests/common/fs_label_manager.cpp ) #system and local includes diff --git a/tests/common/fs_label_manager.cpp b/tests/common/fs_label_manager.cpp new file mode 100644 index 0000000..6c8d226 --- /dev/null +++ b/tests/common/fs_label_manager.cpp @@ -0,0 +1,246 @@ +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + + +namespace +{ +static const char* get_xattr_name(enum smack_label_type type) +{ + switch (type) { + case SMACK_LABEL_ACCESS: + return XATTR_NAME_SMACK; + case SMACK_LABEL_EXEC: + return XATTR_NAME_SMACKEXEC; + case SMACK_LABEL_MMAP: + return XATTR_NAME_SMACKMMAP; + case SMACK_LABEL_TRANSMUTE: + return XATTR_NAME_SMACKTRANSMUTE; + case SMACK_LABEL_IPIN: + return XATTR_NAME_SMACKIPIN; + case SMACK_LABEL_IPOUT: + return XATTR_NAME_SMACKIPOUT; + default: + /* Should not reach this point */ + return NULL; + } +} +} + +FsLabelManager::FsLabelManager(const std::string &path, const std::string &label) + : m_path(path) + , m_label(label) +{ + umount(m_path.c_str()); + rmdir(m_path.c_str()); + + std::string data = std::string("mode=0777,uid=0,smackfsdef=") + label; + + int ret = mkdir(path.c_str(), S_IRWXU | S_IRWXG | S_IRWXO); + RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to make directory"); + + ret = mount("none", path.c_str(), "tmpfs", 0, data.c_str()); + RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to mount filesystem"); + + if (m_path[m_path.length()-1] != '/') + m_path += '/'; +} + +FsLabelManager::~FsLabelManager() +{ + umount(m_path.c_str()); + rmdir(m_path.c_str()); +} + +void FsLabelManager::createFile(const std::string &relativePath) +{ + std::string path = m_path + relativePath; + + mode_t systemMask = umask(0000); + int fd = open(path.c_str(), O_RDWR | O_CREAT | O_TRUNC, S_IRWXU | S_IRWXG | S_IRWXO); + umask(systemMask); + RUNNER_ASSERT_MSG_BT(fd > -1, "Unable to create file for tests: " << strerror(errno)); + + close(fd); + + int ret = chown(path.c_str(), APP_UID, APP_GID); + RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to change file owner: " << strerror(errno)); +} + +void FsLabelManager::createLink(const std::string &relativeLinkPath, const std::string &relativeRealPath) +{ + std::string linkPath = m_path + relativeLinkPath; + std::string realPath = m_path + relativeRealPath; + + int ret = unlink(linkPath.c_str()); + RUNNER_ASSERT_MSG_BT(ret == 0 || errno == ENOENT, "Unable to unlink file." << strerror(errno)); + + ret = symlink(realPath.c_str(), linkPath.c_str()); + RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to create symlink." << strerror(errno)); + + ret = lchown(linkPath.c_str(), APP_UID, APP_GID); + RUNNER_ASSERT_MSG_BT(ret == 0, "Unable to change file owner: " << strerror(errno)); +} + +void FsLabelManager::testSmackSetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType) +{ + std::string path = m_path + relativePath; + + int ret = smack_setlabel(path.c_str(), label, labelType); + RUNNER_ASSERT_MSG_BT(ret == 0, "Error in normal setting label " << label); + + checkLabel(path, label, labelType); +} + +void FsLabelManager::testSmackLSetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType) +{ + std::string path = m_path + relativePath; + + int ret = smack_lsetlabel(path.c_str(), label, labelType); + RUNNER_ASSERT_MSG_BT(ret == 0, "Error in link setting label " << label); + + checkLinkLabel(path, label, labelType); +} + +void FsLabelManager::testSmackFSetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType) +{ + std::string path = m_path + relativePath; + + int fd = open(path.c_str(), O_WRONLY); + RUNNER_ASSERT_MSG_BT(fd > -1, "Unable to open file: " << strerror(errno)); + + int ret = smack_fsetlabel(fd, label, labelType); + close(fd); + RUNNER_ASSERT_MSG_BT(ret == 0, "Error in fd setting " << label); + + checkLabel(path, label, labelType); +} + +void FsLabelManager::testSmackGetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType) +{ + std::string path = m_path + relativePath; + + char *tmpLabel; + int ret = smack_getlabel(path.c_str(), &tmpLabel, labelType); + RUNNER_ASSERT_MSG_BT(ret == 0, "Error in normal getting label"); + SmackLabelPtr labelPtr(tmpLabel); + + if (label == NULL && !m_label.compare(tmpLabel)) + return; + RUNNER_ASSERT_MSG_BT(label != NULL, "Path should be related with file system default label. " + << tmpLabel << " != " << m_label); + + ret = strcmp(tmpLabel, label); + RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << label); + + checkLabel(path, tmpLabel, labelType); +} + +void FsLabelManager::testSmackLGetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType) +{ + std::string path = m_path + relativePath; + + char *tmpLabel; + int ret = smack_lgetlabel(path.c_str(), &tmpLabel, labelType); + RUNNER_ASSERT_MSG_BT(ret == 0, "Error in link getting label"); + SmackLabelPtr labelPtr(tmpLabel); + + if (label == NULL && !m_label.compare(tmpLabel)) + return; + RUNNER_ASSERT_MSG_BT(label != NULL, "Path should be related with file system default label. " + << tmpLabel << " != " << m_label); + + ret = strcmp(tmpLabel, label); + RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << label); + + checkLinkLabel(path, tmpLabel, labelType); +} + +void FsLabelManager::testSmackFGetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType) +{ + std::string path = m_path + relativePath; + int fd = open(path.c_str(), O_WRONLY); + RUNNER_ASSERT_MSG_BT(fd > -1, "Unable to open file: " << strerror(errno)); + + char *tmpLabel; + int ret = smack_fgetlabel(fd, &tmpLabel, labelType); + close(fd); + RUNNER_ASSERT_MSG_BT(ret == 0, "Error in fd getting label"); + SmackLabelPtr labelPtr(tmpLabel); + + if (label == NULL && !m_label.compare(tmpLabel)) + return; + RUNNER_ASSERT_MSG_BT(label != NULL, "Fd should be related with file system default label. " + << tmpLabel << " != " << m_label); + + ret = strcmp(tmpLabel, label); + RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << label); + + checkLabel(path, tmpLabel, labelType); +} + +void FsLabelManager::testSmackClearLabels(const std::string &relativePath) +{ + testSmackSetLabel(relativePath, NULL, SMACK_LABEL_ACCESS); + testSmackGetLabel(relativePath, NULL, SMACK_LABEL_ACCESS); + testSmackSetLabel(relativePath, NULL, SMACK_LABEL_EXEC); + testSmackGetLabel(relativePath, NULL, SMACK_LABEL_EXEC); +} + +void FsLabelManager::checkLabel(const std::string &path, + const char *label, + enum smack_label_type labelType) +{ + char buf[SMACK_LABEL_LEN+2] = { 0, }; + int ret = getxattr(path.c_str(), get_xattr_name(labelType), buf, SMACK_LABEL_LEN+1); + RUNNER_ASSERT_MSG_BT(ret > 0, "Error in getting xattr. " << strerror(errno)); + + const char *tmpLabel; + if (label == NULL) + tmpLabel = m_label.c_str(); + else + tmpLabel = label; + + ret = strncmp(tmpLabel, buf, SMACK_LABEL_LEN+1); + RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << buf); +} + +void FsLabelManager::checkLinkLabel(const std::string &path, + const char *label, + enum smack_label_type labelType) +{ + char buf[SMACK_LABEL_LEN+2] = { 0, }; + int ret = lgetxattr(path.c_str(), get_xattr_name(labelType), buf, SMACK_LABEL_LEN+1); + RUNNER_ASSERT_MSG_BT(ret > 0, "Error in getting xattr. " << strerror(errno)); + + const char *tmpLabel; + if (label == NULL) + tmpLabel = m_label.c_str(); + else + tmpLabel = label; + + ret = strncmp(tmpLabel, buf, SMACK_LABEL_LEN+1); + RUNNER_ASSERT_MSG_BT(ret == 0, "Wrong label. " << tmpLabel << " != " << buf); +} diff --git a/tests/common/fs_label_manager.h b/tests/common/fs_label_manager.h new file mode 100644 index 0000000..f45611f --- /dev/null +++ b/tests/common/fs_label_manager.h @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file fs_label_manager.h + * @author Marcin Niesluchowski (m.niesluchow@samsung.com) + * @version 1.0 + * @brief Class for environment operations on file system. + */ +#ifndef _FS_LABEL_MANAGER_H_ +#define _FS_LABEL_MANAGER_H_ + +#include +#include + +class FsLabelManager +{ +public: + FsLabelManager() = delete; + FsLabelManager(const std::string &path, const std::string &label); + FsLabelManager(const FsLabelManager &second) = delete; + FsLabelManager& operator=(FsLabelManager &second) = delete; + + virtual ~FsLabelManager(); + + void createFile(const std::string &relativePath); + void createLink(const std::string &relativeLinkPath, const std::string &relativeRealPath); + + void testSmackSetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType); + void testSmackLSetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType); + void testSmackFSetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType); + + void testSmackGetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType); + void testSmackLGetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType); + void testSmackFGetLabel(const std::string &relativePath, + const char *label, + enum smack_label_type labelType); + + void testSmackClearLabels(const std::string &relativePath); + +private: + void checkLabel(const std::string &path, + const char *label, + enum smack_label_type labelType); + void checkLinkLabel(const std::string &path, + const char *label, + enum smack_label_type labelType); + + std::string m_path; + std::string m_label; +}; + +#endif // _FS_LABEL_MANAGER_H_ diff --git a/tests/libsmack-tests/test_cases.cpp b/tests/libsmack-tests/test_cases.cpp index 3fbfc01..764b465 100644 --- a/tests/libsmack-tests/test_cases.cpp +++ b/tests/libsmack-tests/test_cases.cpp @@ -41,6 +41,7 @@ #include #include "tests_common.h" #include +#include #include "memory.h" const char* const TEST_SUBJECT = "test_subject"; @@ -719,249 +720,131 @@ RUNNER_TEST_SMACK(smack05_self_label) RUNNER_ASSERT_MSG_BT(result == 0, "Proces rule in /proc/self/attr/current other than set"); } -//RUNNER_TEST(smackXX_parent_child_label) -//{ -//In this test case parent process and child labels will be tested -//Parent will fork and check child's label. First fork will be with default "_" parent label, -//second one witch changed label. -//} - -//bellow function is from libsmack.c witch changed name -const char *xattr(enum smack_label_type type) -{ - switch (type) { - case SMACK_LABEL_ACCESS: - return "security.SMACK64"; - case SMACK_LABEL_EXEC: - return "security.SMACK64EXEC"; - case SMACK_LABEL_MMAP: - return "security.SMACK64MMAP"; - case SMACK_LABEL_TRANSMUTE: - return "security.SMACK64TRANSMUTE"; - case SMACK_LABEL_IPIN: - return "security.SMACK64IPIN"; - case SMACK_LABEL_IPOUT: - return "security.SMACK64IPOUT"; - default: - /* Should not reach this point */ - return NULL; - } -} - -//TODO: In bellow RUNNER_TEST add lget / lset functions to be testet the same way as normal get / set -RUNNER_TEST(smack06_get_set_label) +RUNNER_TEST_SMACK(smack06_setlabel_getlabel_test_0) { - /* - * author: Pawel Polawski - * test: smack_getlabel, smack_setlabel - * description: In this test case file label is tested using SMACK API functions and system xattr functions. - * Functions tested here is used for normal files. - * expect: Function should return default label, and the new one after change it. - */ - - //In this test case will be tested setting and getting file label - //If file is symbolic link functions should follow it - - //SMACK xattr from libsmack.c: - // - //case SMACK_LABEL_ACCESS: - // return "security.SMACK64"; - //case SMACK_LABEL_EXEC: - // return "security.SMACK64EXEC"; - //case SMACK_LABEL_MMAP: - // return "security.SMACK64MMAP"; - //case SMACK_LABEL_TRANSMUTE: - // return "security.SMACK64TRANSMUTE"; - //case SMACK_LABEL_IPIN: - // return "security.SMACK64IPIN"; - //case SMACK_LABEL_IPOUT: - // return "security.SMACK64IPOUT"; + const std::string fsLabel = "smack06_setlabel_getlabel_test_0"; + const std::string fsPath = std::string("/tmp/") + fsLabel; - int result; - char *label = NULL; + const std::string filePath = "file"; - char buff[SMACK_LABEL_LEN+1]; - const char* s06testlabel = "s06testlabel"; - const char *file_path = "/etc/smack/test_smack_rules"; + FsLabelManager fs(fsPath, fsLabel); + fs.createFile(filePath); - //preparing environment by restoring default "_" label - result = smack_setlabel(file_path, "_", SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); + // reset labels first time + fs.testSmackClearLabels(filePath); - result = smack_getlabel(file_path, &label, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file"); - //get label, should be default "_" - result = strcmp(label, "_"); - free(label); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label"); - - //get label using xattr function - result = getxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN); - RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file"); - //check label, should match the one readed by smack function - result = strncmp(buff, "_", result); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label"); - - result = smack_setlabel(file_path, s06testlabel, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); - - //get label using smack function - result = smack_getlabel(file_path, &label, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file"); - //get label, should be default s06testlabel - result = strcmp(label, s06testlabel); - free(label); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label"); - - //get label using xattr function - result = getxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN); - RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file"); - //check label, should match the one readed by smack function - result = strncmp(buff, s06testlabel, result); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label"); + // reset labels second time + fs.testSmackClearLabels(filePath); } -//RUNNER_TEST(smackXX_get_label_exec) -//{ -//In this test case EXEC label will be tested -//by setting this type of label, reading it and testing executed binary exit status -//} - -RUNNER_TEST(smack07_l_get_set_label) +RUNNER_TEST_SMACK(smack06_setlabel_getlabel_test_1) { - /* - * author: Pawel Polawski - * test: smack_lgetlabel, smack_lsetlabel, smack_getlabel - * description: Functions tested here are similar to one from previous test case. The difference - * is that in case of symbolic link they follows it and operates on file pointed by it. - * expect: All label manipulations should affect file pointed by symbolic link. - */ - - int result; - char *label = NULL; - - char buff[SMACK_LABEL_LEN+1]; - const char* s07testlabel1 = "s07testlabel1"; - const char* s07testlabel2 = "s07testlabel2"; - - const char *file_path = "/etc/smack/test_smack_rules_lnk"; - - //preparing environment by restoring default "_" label - result = smack_lsetlabel(file_path, "_", SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); - result = smack_setlabel(file_path, "_", SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); - - result = smack_lgetlabel(file_path, &label, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file"); - //get label of symbolic link, should be default "_" - result = strcmp(label, "_"); - free(label); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label"); - - //get label using xattr function - result = lgetxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN); - RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file"); - //check label, should match the one readed by smack function - result = strncmp(buff, "_", result); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label"); - - result = smack_lsetlabel(file_path, s07testlabel1, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); - //and set label for file pointed by link - result = smack_setlabel(file_path, s07testlabel2, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); - - //get label using smack function - result = smack_lgetlabel(file_path, &label, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file"); - //check label, should be s07testlabel1 - result = strcmp(label, s07testlabel1); - free(label); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label"); - - //get label using xattr function - result = lgetxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN); - RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file"); - //check label, should match the one readed by smack function - result = strncmp(buff, s07testlabel1, result); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label"); - - //now similar to above, but folowing symbolic link set before to s07testlabel2 - result = smack_getlabel(file_path, &label, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error gettin label of file pointed by symbolic link"); - //now label should be s07testlabel2 for file instead of s07testlabel1 set for link - result = strcmp(label, s07testlabel2); - free(label); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong label of file pointed by symbolic link"); - - //get label using xattr function - result = getxattr(file_path, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN); - RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file"); - //check label, should match the one readed by smack function - result = strncmp(buff, s07testlabel2, result); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label"); + const std::string fsLabel = "smack06_setlabel_getlabel_test_1"; + const std::string fsPath = std::string("/tmp/") + fsLabel; + + const char* testLabelAccess = "access"; + const char* testLabelExec = "exec"; + const std::string filePath = "file"; + + FsLabelManager fs(fsPath, fsLabel); + fs.createFile(filePath); + + // set and get labels first time + fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + + fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + + // set and get same labels second time + fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + + fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); } -RUNNER_TEST(smack08_f_get_set_label) +RUNNER_TEST_SMACK(smack06_setlabel_getlabel_test_2) { - /* - * author: Pawel Polawski - * test: smack_fgetlabel, smack_fsetlabel - * description: This test case is similar to test case smack06 above. The difference - * is that argument is file descriptor instead of file path. - * Function not follow symbolic link and operates directly on it. - * expect: All label manipulations should affect symbolic link itself. - */ - - int result; - char *label = NULL; + const std::string fsLabel = "smack06_setlabel_getlabel_test_2"; + const std::string fsPath = std::string("/tmp/") + fsLabel; + + const char* testLabelAccess = "access"; + const char* testLabelExec = "exec"; + const std::string filePath = "file"; + const std::string linkPath = "link"; + + FsLabelManager fs(fsPath, fsLabel); + fs.createFile(filePath); + fs.createLink(linkPath, filePath); + + // set and get labels for file to which link points + fs.testSmackSetLabel(linkPath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackSetLabel(linkPath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackGetLabel(linkPath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackGetLabel(linkPath, testLabelExec, SMACK_LABEL_EXEC); + + // link labels should not be changed + fs.testSmackLGetLabel(linkPath, NULL, SMACK_LABEL_ACCESS); + fs.testSmackLGetLabel(linkPath, NULL, SMACK_LABEL_EXEC); +} - char buff[SMACK_LABEL_LEN+1]; - const char* s08testlabel = "s08testlabel"; +RUNNER_TEST_SMACK(smack06_lsetlabel_lgetlabel_test_1) +{ + const std::string fsLabel = "smack06_lsetlabel_lgetlabel_test_1"; + const std::string fsPath = std::string("/tmp/") + fsLabel; + + const char* testLabelAccess = "fileAccess"; + const char* testLabelExec = "fileExec"; + const char* testLinkLabelAccess = "linkAccess"; + const char* testLinkLabelExec = "linkExec"; + const std::string filePath = "file"; + const std::string linkPath = "link"; + + FsLabelManager fs(fsPath, fsLabel); + fs.createFile(filePath); + fs.createLink(linkPath, filePath); + + // set different labels for link and file + fs.testSmackSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackLSetLabel(linkPath, testLinkLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackLSetLabel(linkPath, testLinkLabelExec, SMACK_LABEL_EXEC); + + // get those labels + fs.testSmackGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackLGetLabel(linkPath, testLinkLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackLGetLabel(linkPath, testLinkLabelExec, SMACK_LABEL_EXEC); +} - int fd; - const char *file_path = "/etc/smack/test_smack_rules"; +RUNNER_TEST_SMACK(smack06_fsetlabel_fgetlabel_test_1) +{ + const std::string fsLabel = "smack06_fsetlabel_fgetlabel_test_1"; + const std::string fsPath = std::string("/tmp/") + fsLabel; - fd = open(file_path, O_RDWR, 0644); //reference preinstalled rules - RUNNER_ASSERT_MSG_BT(fd >= 0, "Unable to open /etc/smack/test_smack_rules"); - FdUniquePtr fd_ptr(&fd); + const char* testLabelAccess = "access"; + const char* testLabelExec = "exec"; + const std::string filePath = "file"; - //preparing environment by restoring default "_" label - result = smack_fsetlabel(fd, "_", SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); + FsLabelManager fs(fsPath, fsLabel); + fs.createFile(filePath); - result = smack_fgetlabel(fd, &label, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file"); - //check label, should be "_" - result = strcmp(label, "_"); - free(label); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label"); - - //get label using xattr function - result = fgetxattr(fd, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN); - RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file"); - //check label, should match the one readed by smack function - result = strncmp(buff, "_", result); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file default label"); - - result = smack_fsetlabel(fd, s08testlabel, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in setting ACCESS label for file"); - - //get label using smack function - result = smack_fgetlabel(fd, &label, SMACK_LABEL_ACCESS); - RUNNER_ASSERT_MSG_BT(result == 0, "Error in getting smack ACCESS label from file"); - //check label, should be s08testlabel - result = strcmp(label, s08testlabel); - free(label); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label"); - - //get label using xattr function - result = fgetxattr(fd, xattr(SMACK_LABEL_ACCESS), buff, SMACK_LABEL_LEN); - RUNNER_ASSERT_MSG_BT(result > 0, "Error in getting xattr from file"); - //check label, should match the one readed by smack function - result = strncmp(buff, s08testlabel, result); - RUNNER_ASSERT_MSG_BT(result == 0, "Wrong file label"); + // set and get labels for fd + fs.testSmackFSetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackFSetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); + fs.testSmackFGetLabel(filePath, testLabelAccess, SMACK_LABEL_ACCESS); + fs.testSmackFGetLabel(filePath, testLabelExec, SMACK_LABEL_EXEC); } RUNNER_TEST_SMACK(smack10_adding_removing_rules) -- 2.7.4