From 4b9c3216913767b06e6a0dc794ca7a746cf82a7a Mon Sep 17 00:00:00 2001
From: akoszewski <a.koszewski@samsung.com>
Date: Mon, 9 Oct 2017 12:16:30 +0200
Subject: [PATCH] Add new test cases for libteec

Test if application can load TA
Test if system process can load TA
Test if app can use libteec with no correct cynara permission

Change-Id: Ie78303e05b414679a8df4bcab2f893865fc0fa62
---
 src/libteec-tests/test_cases.cpp | 123 ++++++++++++++++++++++++++++++-
 1 file changed, 120 insertions(+), 3 deletions(-)

diff --git a/src/libteec-tests/test_cases.cpp b/src/libteec-tests/test_cases.cpp
index 890a1983..338b3db3 100644
--- a/src/libteec-tests/test_cases.cpp
+++ b/src/libteec-tests/test_cases.cpp
@@ -118,6 +118,12 @@ std::string uuidToString(const TEEC_UUID& uuid)
     return ss.str();
 }
 
+namespace
+{
+    const TEEC_UUID taUuid =
+        { 0x00000000, 0x0000, 0x0000, {0x00, 0x00, 0x74, 0x63, 0x74, 0x65, 0x73, 0x74} };
+}
+
 class Ta
 {
 public:
@@ -191,9 +197,6 @@ RUNNER_TEST_GROUP_INIT(LIBTEEC)
 
 RUNNER_CHILD_TEST(libteec_01_load_TA_as_app)
 {
-    const TEEC_UUID taUuid =
-        { 0x00000000, 0x0000, 0x0000, {0x00, 0x00, 0x74, 0x63, 0x74, 0x65, 0x73, 0x74} };
-
     Ta ta(taUuid);
 
     TemporaryTestUser tmpUser("libteec_01_test_user", GUM_USERTYPE_NORMAL);
@@ -247,3 +250,117 @@ RUNNER_CHILD_TEST(libteec_01_load_TA_as_app)
 
     runInChildParentWait(fun);
 }
+
+RUNNER_CHILD_TEST(libteec_02_load_TA_as_system)
+{
+    Ta ta(taUuid);
+
+    bool isTeeEnabled = checkIfTeeEnabled();
+
+    auto fun = [&]()
+    {
+        auto contextPtr = std::unique_ptr<TEEC_Context, decltype(&TEEC_FinalizeContext)>
+            (NULL, &TEEC_FinalizeContext);
+        auto sessionPtr = std::unique_ptr<TEEC_Session, decltype(&TEEC_CloseSession)>
+            (NULL, &TEEC_CloseSession);
+
+        TEEC_Context context;
+        TEEC_Session session;
+
+        int result = smack_set_label_for_self("System");
+        RUNNER_ASSERT_MSG(result == 0, "Failed to set smack label");
+
+        TEEC_Result res = TEEC_InitializeContext(NULL, &context);
+        contextPtr.reset(&context);
+
+        TEEC_Result desiredResult = isTeeEnabled ? TEEC_SUCCESS : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Failed to initialize context. Error code: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+
+        uint32_t returnOrigin;
+        res = TEEC_OpenSession(&context,
+            &session, &taUuid, TEEC_LOGIN_PUBLIC, NULL, NULL, &returnOrigin);
+        sessionPtr.reset(&session);
+
+        desiredResult = isTeeEnabled ? TEEC_SUCCESS : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Opening libteec session returned wrong value: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+
+        uint32_t desiredOrigin = isTeeEnabled ? TEEC_ORIGIN_TEE : TEEC_ORIGIN_API;
+        RUNNER_ASSERT_MSG(returnOrigin == desiredOrigin,
+            "Wrong return origin from TEEC_OpenSession: " << originToString(returnOrigin)
+            << ", expected: " << originToString(desiredOrigin));
+    };
+
+    runInChildParentWait(fun);
+}
+
+RUNNER_CHILD_TEST(libteec_03_try_use_libteec_with_no_cynara_perm_as_app)
+{
+    TemporaryTestUser tmpUser("libteec_03_test_user", GUM_USERTYPE_NORMAL, false);
+    tmpUser.create();
+
+    AppInstallHelper app("libteec_03_test_app", tmpUser.getUid());
+    ScopedInstaller appInstall(app);
+
+    bool isTeeEnabled = checkIfTeeEnabled();
+
+    auto fun = [&]()
+    {
+        TEEC_Context context;
+        auto contextPtr = std::unique_ptr<TEEC_Context, decltype(&TEEC_FinalizeContext)>
+            (NULL, &TEEC_FinalizeContext);
+
+        SecurityManagerTest::Api::setProcessLabel(app.getAppId());
+        RUNNER_ASSERT_ERRNO_MSG(
+            drop_root_privileges(tmpUser.getUid(), tmpUser.getGid()) == 0,
+            "drop_root_privileges failed");
+
+        TEEC_Result res = TEEC_InitializeContext(NULL, &context);
+        contextPtr.reset(&context);
+
+        TEEC_Result desiredResult = isTeeEnabled ? TEEC_ERROR_ACCESS_DENIED : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Initializing context returned wrong error code: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+    };
+
+    runInChildParentWait(fun);
+}
+
+RUNNER_CHILD_TEST(libteec_04_invalid_context_name)
+{
+    TemporaryTestUser tmpUser("libteec_04_test_user", GUM_USERTYPE_NORMAL, false);
+    tmpUser.create();
+
+    const std::string privilege = "http://tizen.org/privilege/tee.client";
+    AppInstallHelper app("libteec_04_test_app", tmpUser.getUid());
+    app.addPrivilege(privilege);
+    ScopedInstaller appInstall(app);
+
+    bool isTeeEnabled = checkIfTeeEnabled();
+
+    auto fun = [&]()
+    {
+        TEEC_Context context;
+        auto contextPtr = std::unique_ptr<TEEC_Context, decltype(&TEEC_FinalizeContext)>
+            (NULL, &TEEC_FinalizeContext);
+
+        SecurityManagerTest::Api::setProcessLabel(app.getAppId());
+        RUNNER_ASSERT_ERRNO_MSG(
+            drop_root_privileges(tmpUser.getUid(), tmpUser.getGid()) == 0,
+            "drop_root_privileges failed");
+
+        TEEC_Result res = TEEC_InitializeContext("Invalid context name", &context);
+        contextPtr.reset(&context);
+
+        TEEC_Result desiredResult = isTeeEnabled ? TEEC_ERROR_ITEM_NOT_FOUND : TEEC_ERROR_NOT_SUPPORTED;
+        RUNNER_ASSERT_MSG(res == desiredResult,
+            "Initializing context returned wrong error code: " << errToString(res)
+            << ", expected: " << errToString(desiredResult));
+    };
+
+    runInChildParentWait(fun);
+}
\ No newline at end of file
-- 
2.34.1