2 * Copyright (c) 2013 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file tests_common.cpp
19 * @author Lukasz Kostyra (l.kostyra@partner.samsung.com)
21 * @brief Common functions and macros used in security-tests package.
24 #include "tests_common.h"
28 #include <sys/types.h>
36 bool smack_check(void)
38 #ifndef WRT_SMACK_ENABLED
41 static int smack_present = -1;
42 if (-1 == smack_present)
43 smack_present = smack_smackfs_path() == nullptr ? 0 : 1;
44 return smack_present == 1;
49 * Dropping root privileges
50 * returns 0 on success, 1 on error
52 int drop_root_privileges(uid_t appUid, gid_t appGid)
55 /* process is running as root, drop privileges */
56 if (setgid(appGid) != 0)
58 if (setuid(appUid) != 0)
69 * Add a new group to the current process groups.
71 void add_process_group(const char* group_name)
73 // get group ID by group name
74 group *gr = getgrnam(group_name);
75 RUNNER_ASSERT_ERRNO_MSG(gr != nullptr, "getgrnam failed on '" << group_name << "' group");
76 const gid_t new_group_id = gr->gr_gid;
78 // get number of groups that the current process belongs to
79 int ngroups = getgroups(0, nullptr);
81 //allocate groups table + space for new group entry
82 std::vector<gid_t> groups(ngroups + 1);
83 getgroups(ngroups, groups.data());
85 // check if the process already belongs to the group
86 if (std::find(groups.begin(), groups.end(), new_group_id) != groups.end()) return;
88 // add new group & apply change
89 groups[ngroups] = new_group_id;
90 int ret = setgroups(groups.size(), groups.data());
91 RUNNER_ASSERT_ERRNO_MSG(ret == 0, "setgroups() failed");
95 * Remove specific group from the current process groups.
97 void remove_process_group(const char* group_name)
99 // get group ID by group name
100 group *gr = getgrnam(group_name);
101 RUNNER_ASSERT_ERRNO_MSG(gr != nullptr, "getgrnam failed on '" << group_name << "' group");
102 const gid_t new_group_id = gr->gr_gid;
104 int ngroups = getgroups(0, nullptr);
105 std::vector<gid_t> groups(ngroups);
106 getgroups(ngroups, groups.data());
108 // remove group from the list
109 groups.erase(std::remove(groups.begin(), groups.end(), new_group_id), groups.end());
111 if (groups.size() != (size_t)ngroups) {
113 int ret = setgroups(groups.size(), groups.data());
114 RUNNER_ASSERT_ERRNO_MSG(ret == 0, "setgroups() failed");
118 std::string formatCstr(const char *cstr)
121 return std::string("nullptr");
122 return std::string("\"") + cstr + "\"";
125 int files_compare(int fd1, int fd2)
127 //for getting files sizes
128 struct stat fs1, fs2;
130 //handlers for mmap()
131 void *h1 = MAP_FAILED;
132 void *h2 = MAP_FAILED;
134 //getting files information
135 RUNNER_ASSERT_ERRNO_MSG(fstat(fd1, &fs1) == 0, "fstat failed");
136 RUNNER_ASSERT_ERRNO_MSG(fstat(fd2, &fs2) == 0, "fstat failed");
138 if (fs1.st_size < fs2.st_size) {
142 if (fs1.st_size > fs2.st_size) {
146 //since Linux 2.6.12, mmap returns EINVAL if length is 0
147 //if both lengths are 0, files are actually the same
148 if (0 == fs1.st_size && 0 == fs2.st_size) {
152 //mapping files to process memory
153 RUNNER_ASSERT_ERRNO_MSG((h1 = mmap(0, fs1.st_size, PROT_READ, MAP_SHARED, fd1, 0 )) != MAP_FAILED,
154 "mmap failed for fd=" << fd1);
156 if ((h2 = mmap(0, fs2.st_size, PROT_READ, MAP_SHARED, fd2, 0 )) == MAP_FAILED) {
157 munmap(h1, fs1.st_size);
158 RUNNER_ASSERT_MSG(h2 != MAP_FAILED, "mmap failed for fd=" << fd2
159 << ". " << strerror(errno));
162 int result = memcmp(h1, h2, fs1.st_size);
163 munmap(h1, fs1.st_size);
164 munmap(h2, fs2.st_size);
169 void mkdirSafe(const std::string &path, mode_t mode)
171 RUNNER_ASSERT_ERRNO_MSG(0 == mkdir(path.c_str(), mode) || errno == EEXIST,
172 "mkdir for <" << path << "> with mode <" << mode << "> failed");
175 void mktreeSafe(const std::string &path, mode_t mode)
177 // Create subsequent parent directories
178 // Assume that path is absolute - i.e. starts with '/'
179 for (size_t pos = 0; (pos = path.find("/", pos + 1)) != std::string::npos; )
180 mkdirSafe(path.substr(0, pos).c_str(), mode);
182 mkdirSafe(path, mode);
185 void creatSafe(const std::string &path, mode_t mode)
187 RUNNER_ASSERT_ERRNO_MSG(-1 != creat(path.c_str(), mode),
188 "creat for <" << path << "> with mode <" << mode << "> failed");
191 void symlinkSafe(const std::string &targetPath, const std::string &linkPath)
193 RUNNER_ASSERT_ERRNO_MSG(0 == symlink(targetPath.c_str(), linkPath.c_str()),
194 "symlink for <" << linkPath << "> to <" << targetPath << "> failed");
197 void removeDir(const std::string &path)
199 DIR *d = opendir(path.c_str());
202 RUNNER_ASSERT_ERRNO_MSG(errno == ENOENT, "opendir of <" << path << "> failed");
206 struct dirent *dirEntry;
207 while (nullptr != (dirEntry = readdir(d))) {
208 std::string entryName(dirEntry->d_name);
209 if (entryName == "." || entryName == "..")
212 std::string entryPath(path + "/" + entryName);
215 RUNNER_ASSERT_ERRNO_MSG(0 == lstat(entryPath.c_str(), &st),
216 "stat for <" << entryPath << "> failed");
217 if (S_ISDIR(st.st_mode))
218 removeDir(entryPath);
220 RUNNER_ASSERT_ERRNO_MSG(0 == unlink(entryPath.c_str()),
221 "unlink for <" << entryPath << "> failed");
226 RUNNER_ASSERT_ERRNO_MSG(0 == rmdir(path.c_str()), "rmdir for <" << path << "> failed");
229 void waitPid(pid_t pid)
232 pid_t ret = waitpid(pid, &status, 0);
233 RUNNER_ASSERT_MSG((ret != -1) && WIFEXITED(status) && WEXITSTATUS(status) == 0,
234 "Child process exited abnormally" <<
235 ": ret=" << ret << ", errno=" << errno << ", status=" << status);
238 pid_t runInChild(const std::function<void(void)> &process) {
240 RUNNER_ASSERT_ERRNO_MSG(pid >= 0, "fork failed");
249 void runInChildParentWait(const std::function<void(void)> &process) {
251 RUNNER_ASSERT_ERRNO_MSG(pid >= 0, "fork failed");