From c0e735919e833efe6a7ee40774ac68238fa3b857 Mon Sep 17 00:00:00 2001
From: Piotr Sawicki
Date: Tue, 21 Feb 2017 15:48:04 +0100
Subject: [PATCH] Add a new program for testing Nether service
Change-Id: I6345f153b873b33e5a3d4e872fea6bd40d180020
---
CMakeLists.txt | 4 +-
packaging/security-tests.manifest | 1 +
packaging/security-tests.spec | 4 ++
src/CMakeLists.txt | 6 +-
src/nether-tests/CMakeLists.txt | 73 ++++++++++++++++++++
src/nether-tests/nether_tests.cpp | 99 +++++++++++++++++++++++++++
src/nether-tests/setup-nether-tests-nns.sh | 34 +++++++++
src/nether-tests/teardown-nether-tests-nns.sh | 30 ++++++++
src/security-tests-all.sh | 1 +
src/security-tests.sh | 10 ++-
10 files changed, 258 insertions(+), 4 deletions(-)
create mode 100644 src/nether-tests/CMakeLists.txt
create mode 100644 src/nether-tests/nether_tests.cpp
create mode 100644 src/nether-tests/setup-nether-tests-nns.sh
create mode 100644 src/nether-tests/teardown-nether-tests-nns.sh
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a89c09c..2687162 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2012-2015 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2012-2017 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,6 +15,7 @@
# @file CMakeLists.txt
# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
# @author Pawel Polawski (p.polawski@partner.samsung.com)
+# @author Piotr Sawicki (p.sawicki2@partner.samsung.com)
# @brief
#
@@ -64,6 +65,7 @@ IF(BUILD_ALL_TESTS)
SET(BUILD_CYNARA ON)
SET(BUILD_WEB ON)
SET(BUILD_YACA ON)
+ SET(BUILD_NETHER ON)
ENDIF(BUILD_ALL_TESTS)
# If supported for the target machine, emit position-independent code,suitable
diff --git a/packaging/security-tests.manifest b/packaging/security-tests.manifest
index a65ddaa..3dfa317 100644
--- a/packaging/security-tests.manifest
+++ b/packaging/security-tests.manifest
@@ -11,6 +11,7 @@
+
diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec
index f981779..1badd49 100644
--- a/packaging/security-tests.spec
+++ b/packaging/security-tests.spec
@@ -32,6 +32,7 @@ BuildRequires: pkgconfig(security-privilege-manager)
Requires: perf
Requires: gdb
Requires: diffutils
+Requires: iproute2
%global ckm_test_dir %{?TZ_SYS_SHARE:%TZ_SYS_SHARE/ckm-test/}%{!?TZ_SYS_SHARE:/usr/share/ckm-test/}
%global ckm_rw_data_dir %{?TZ_SYS_DATA:%TZ_SYS_DATA/ckm/}%{!?TZ_SYS_DATA:/opt/data/ckm/}
@@ -81,6 +82,8 @@ echo "security-tests postinst done ..."
/usr/bin/security-tests.sh
/usr/bin/security-tests-all.sh
/usr/bin/test-performance-check.sh
+/usr/bin/setup-nether-tests-nns.sh
+/usr/bin/teardown-nether-tests-nns.sh
/etc/dbus-1/system.d/security-tests.conf
@@ -97,6 +100,7 @@ echo "security-tests postinst done ..."
/usr/bin/ckm-tests
/usr/bin/ckm-integration-tests
/usr/bin/yaca-test
+/usr/bin/nether-tests
%{ckm_test_dir}/*
/etc/security-tests
/usr/lib/security-tests/cynara-tests/plugins/single-policy/*
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 471c28e..fe041a6 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2011-2015 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2011-2017 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -110,3 +110,7 @@ ENDIF(BUILD_WEB)
IF(BUILD_YACA)
ADD_SUBDIRECTORY(yaca)
ENDIF(BUILD_YACA)
+
+IF(BUILD_NETHER)
+ ADD_SUBDIRECTORY(nether-tests)
+ENDIF(BUILD_NETHER)
diff --git a/src/nether-tests/CMakeLists.txt b/src/nether-tests/CMakeLists.txt
new file mode 100644
index 0000000..8069f12
--- /dev/null
+++ b/src/nether-tests/CMakeLists.txt
@@ -0,0 +1,73 @@
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Piotr Sawicki (p.sawicki2@partner.samsung.com)
+# @brief CMake configuration file
+#
+
+INCLUDE(FindPkgConfig)
+
+# Dependencies
+PKG_CHECK_MODULES(SEC_MGR_TESTS_DEP
+ REQUIRED
+ security-manager
+)
+
+SET(TARGET_NETHER_TESTS "nether-tests")
+
+SET(NETHER_TESTS_SOURCES
+ ${PROJECT_SOURCE_DIR}/src/nether-tests/nether_tests.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_api.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_request.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_user_request.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_policy_request.cpp
+ )
+
+INCLUDE_DIRECTORIES(SYSTEM
+ ${SEC_MGR_TESTS_DEP_INCLUDE_DIRS}
+ )
+
+INCLUDE_DIRECTORIES(SYSTEM
+ ${CYNARA_TARGET_DEP_INCLUDE_DIRS}
+ )
+
+INCLUDE_DIRECTORIES(
+ ${PROJECT_SOURCE_DIR}/src/common/
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/
+ )
+
+FIND_PACKAGE(Threads)
+
+ADD_EXECUTABLE(${TARGET_NETHER_TESTS} ${NETHER_TESTS_SOURCES})
+
+TARGET_LINK_LIBRARIES(${TARGET_NETHER_TESTS}
+ ${SEC_MGR_TESTS_DEP_LIBRARIES}
+ dpl-test-framework
+ )
+
+INSTALL(TARGETS ${TARGET_NETHER_TESTS} DESTINATION /usr/bin)
+
+INSTALL(FILES
+ ${PROJECT_SOURCE_DIR}/src/nether-tests/setup-nether-tests-nns.sh
+ ${PROJECT_SOURCE_DIR}/src/nether-tests/teardown-nether-tests-nns.sh
+ DESTINATION bin
+ PERMISSIONS OWNER_READ
+ OWNER_WRITE
+ OWNER_EXECUTE
+ GROUP_READ
+ GROUP_EXECUTE
+ WORLD_READ
+ WORLD_EXECUTE
+ )
diff --git a/src/nether-tests/nether_tests.cpp b/src/nether-tests/nether_tests.cpp
new file mode 100644
index 0000000..799f246
--- /dev/null
+++ b/src/nether-tests/nether_tests.cpp
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * @file nether_tests.cpp
+ * @author Piotr Sawicki (p.sawicki2@partner.samsung.com)
+ * @version 1.0
+ * @brief Tests for Nether service
+ */
+
+#include
+
+#include
+
+#include
+#include
+#include
+#include
+#include
+
+#define NETHER_NNS_NAME "nether_test_network_ns"
+
+using namespace SecurityManagerTest;
+
+namespace {
+
+const std::string NETHER_NNS_SETUP_COMMAND = "/usr/bin/setup-nether-tests-nns.sh"
+ " " NETHER_NNS_NAME;
+const std::string NETHER_NNS_TEARDOWN_COMMAND = "/usr/bin/teardown-nether-tests-nns.sh"
+ " " NETHER_NNS_NAME;
+
+const std::string INTERNET_ACCESS_PRIVILEGE = "http://tizen.org/privilege/internet";
+
+class ScopedSystemRunner final {
+public:
+ ScopedSystemRunner(const std::string &setupCmd, const std::string &teardownCmd)
+ : m_teardownCmd(teardownCmd)
+ {
+ RUNNER_ASSERT_MSG(system(setupCmd.c_str()) != -1,
+ "Couldn't run " << setupCmd << " command");
+ }
+
+ ~ScopedSystemRunner()
+ {
+ RUNNER_ASSERT_MSG(system(m_teardownCmd.c_str()) != -1,
+ "Couldn't run " << m_teardownCmd << " command");
+ }
+
+ ScopedSystemRunner(const ScopedSystemRunner &) = delete;
+ ScopedSystemRunner &operator=(const ScopedSystemRunner &) = delete;
+
+private:
+ std::string m_teardownCmd;
+};
+
+} // namespace
+
+RUNNER_TEST_GROUP_INIT(NETHER)
+
+RUNNER_CHILD_TEST(nether_01_check_app_install_uninstall)
+{
+ const std::string nether_app_id = "nether_test_01_app";
+ const std::string nether_pkg_id = "nether_test_01_pkg";
+
+ ScopedSystemRunner networkNSRunner(NETHER_NNS_SETUP_COMMAND,
+ NETHER_NNS_TEARDOWN_COMMAND);
+
+ InstallRequest requestInst;
+ requestInst.setAppId(nether_app_id);
+ requestInst.setPkgId(nether_pkg_id);
+ requestInst.addPrivilege(INTERNET_ACCESS_PRIVILEGE);
+
+ Api::install(requestInst);
+
+ // TODO test code goes here
+
+ InstallRequest requestUninst;
+ requestUninst.setAppId(nether_app_id);
+
+ Api::uninstall(requestUninst);
+}
+
+int main(int argc, char *argv[])
+{
+ return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+}
diff --git a/src/nether-tests/setup-nether-tests-nns.sh b/src/nether-tests/setup-nether-tests-nns.sh
new file mode 100644
index 0000000..6da2fb9
--- /dev/null
+++ b/src/nether-tests/setup-nether-tests-nns.sh
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+#####################################################################
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#####################################################################
+
+if [[ $# -eq 0 ]] ; then
+ scrname=`basename "$0"`
+ echo "Usage: $scrname "
+ exit 0
+fi
+
+ip netns add $1
+ip link add veth0 type veth peer name veth1
+ip link set veth1 netns $1
+ip netns exec $1 ifconfig lo 127.0.0.1
+ip netns exec $1 ifconfig veth1 10.1.0.2 netmask 255.255.255.252
+
+ifconfig veth0 10.1.0.1 netmask 255.255.255.252
+
+# force ARP response
+ping -c 1 10.1.0.2 > /dev/null
diff --git a/src/nether-tests/teardown-nether-tests-nns.sh b/src/nether-tests/teardown-nether-tests-nns.sh
new file mode 100644
index 0000000..455db1a
--- /dev/null
+++ b/src/nether-tests/teardown-nether-tests-nns.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+#####################################################################
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#####################################################################
+
+if [[ $# -eq 0 ]] ; then
+ scrname=`basename "$0"`
+ echo "Usage: $scrname "
+ exit 0
+fi
+
+ifconfig veth0 down
+ip netns exec $1 ifconfig veth1 down
+ip netns exec $1 ifconfig lo down
+
+ip link delete veth0
+ip netns delete $1
diff --git a/src/security-tests-all.sh b/src/security-tests-all.sh
index 9ab5b5c..a4fc738 100644
--- a/src/security-tests-all.sh
+++ b/src/security-tests-all.sh
@@ -57,6 +57,7 @@ runTest security-manager
runTest cynara
runTest ckm
runTest yaca
+runTest nether
printSummary
diff --git a/src/security-tests.sh b/src/security-tests.sh
index 3956258..b86c61e 100644
--- a/src/security-tests.sh
+++ b/src/security-tests.sh
@@ -1,7 +1,7 @@
#!/bin/sh
#####################################################################
-# Copyright (c) 2012-2014 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2012-2017 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -52,11 +52,17 @@ case $1 in
echo
yaca-test "${@:2}"
;;
+"nether")
+ echo "========================================================================="
+ echo "NETHER TESTS"
+ echo
+ nether-tests "${@:2}"
+ ;;
*)
echo "Correct using:"
echo " security_test.sh "
echo
- echo "modules: smack, security-manager, cynara, ckm, yaca"
+ echo "modules: smack, security-manager, cynara, ckm, yaca, nether"
;;
esac
--
2.7.4