2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 // This has to be before xattr header, because it uses size_t and ssize_t and does not include this
19 #include <sys/types.h>
20 #include <attr/xattr.h>
23 #include <sys/smack.h>
28 #include <app_install_helper.h>
29 #include <dpl/test/test_runner.h>
31 #include <scoped_installer.h>
33 #include <sm_commons.h>
34 #include <sm_request.h>
35 #include <sm_sharing_request.h>
36 #include <tests_common.h>
38 using namespace SecurityManagerTest;
40 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_PRIVATE_SHARING)
43 * Check if request is rejected when incomplete
45 RUNNER_TEST(security_manager_30a_send_incomplete_req1)
47 SharingRequest request;
48 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
49 request.setOwnerAppId("sm_test_30a_owner_app_id");
50 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
51 request.setTargetAppId("sm_test_30a_target_app_id");
52 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
55 RUNNER_TEST(security_manager_30b_send_incomplete_req2)
57 SharingRequest request;
58 request.setTargetAppId("sm_test_30b_target_app_id");
59 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
60 request.setOwnerAppId("sm_test_30b_owner_app_id");
61 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
64 RUNNER_TEST(security_manager_30c_send_incomplete_req3)
66 SharingRequest request;
67 const char *somePaths[] = {"path1", "path2"};
68 request.addPaths(somePaths, sizeof(somePaths)/sizeof(somePaths[0]));
69 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
70 request.setOwnerAppId("sm_test_30_b_owner_app_id");
71 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
75 * Check if sharing request for unknown owner app is rejected
78 RUNNER_TEST(security_manager_30d_unknown_owner)
80 AppInstallHelper target("sm_test_30d_target");
81 ScopedInstaller targetInstall(target);
83 AppInstallHelper notInstalledOwner("sm_test_30d_notinstalled_owner");
84 notInstalledOwner.createPrivateFile();
86 SharingRequest request;
87 request.setOwnerAppId(notInstalledOwner.getAppId());
88 request.setTargetAppId(target.getAppId());
90 std::string sharedPath = notInstalledOwner.getPrivatePath();
91 const char *paths[] = {sharedPath.c_str()};
92 request.addPaths(paths, 1);
93 Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
97 * Check if sharing request for unknown target app is rejected
99 RUNNER_TEST(security_manager_30e_unknown_target)
101 AppInstallHelper owner("sm_test_30e_owner");
102 owner.createPrivateFile();
103 ScopedInstaller ownerInstall(owner);
105 SharingRequest request;
106 request.setOwnerAppId(owner.getAppId());
107 request.setTargetAppId("sm_test_30e_notinstalled_target");
109 std::string sharedPath = owner.getPrivatePath();
110 const char *paths[] = {sharedPath.c_str()};
111 request.addPaths(paths, 1);
112 Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
116 * Check if sharing not owned path is rejected
118 RUNNER_TEST(security_manager_30f_bad_paths)
120 AppInstallHelper owner("sm_test_30f_owner");
121 ScopedInstaller ownerInstall(owner);
123 AppInstallHelper target("sm_test_30f_target");
124 target.createPrivateFile();
125 ScopedInstaller targetInstall(target);
127 SharingRequest share;
128 share.setOwnerAppId(owner.getAppId());
129 share.setTargetAppId(target.getAppId());
131 std::string sharedPath = target.getPrivatePath();
132 const char *paths[] = {sharedPath.c_str()};
133 share.addPaths(paths, 1);
134 Api::applySharing(share, SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER);
138 * Check proper access for sharing one path between applications from different packages
140 RUNNER_CHILD_TEST(security_manager_31_simple_share)
142 AppInstallHelper owner("sm_test_31_owner");
143 owner.createPrivateFile(0);
144 owner.createPrivateFile(1);
145 ScopedInstaller ownerInstall(owner);
147 AppInstallHelper target("sm_test_31_target");
148 ScopedInstaller targetInstall(target);
150 SharingRequest share;
151 std::string sharedPath = owner.getPrivatePath(0);
152 std::string privatePath = owner.getPrivatePath(1);
153 share.setOwnerAppId(owner.getAppId());
154 share.setTargetAppId(target.getAppId());
155 const char *paths[] = {sharedPath.c_str()};
156 share.addPaths(paths, 1);
157 Api::applySharing(share);
159 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
160 runAccessTest(target, sharedPath, R_OK|X_OK);
161 //execute access is given to directory containing file. files have the same label as directories.
162 runAccessTest(target, privatePath, X_OK);
163 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
165 Api::dropSharing(share);
166 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
167 runAccessTest(target, sharedPath, 0);
168 runAccessTest(target, privatePath, 0);
169 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
172 * Private sharing can be applied multiple times. Check if double private path sharing applying
173 * between two applications from different package is accepted and if access is properly set after
174 * fist and second apply and if is properly revoked only after second drop.
177 RUNNER_CHILD_TEST(security_manager_32_double_share)
179 AppInstallHelper owner("sm_test_32_owner");
180 owner.createPrivateFile();
181 ScopedInstaller ownerInstall(owner);
183 AppInstallHelper target("sm_test_32_target");
184 ScopedInstaller targetInstall(target);
186 SharingRequest share;
187 std::string sharedPath = owner.getPrivatePath();
188 share.setOwnerAppId(owner.getAppId());
189 share.setTargetAppId(target.getAppId());
190 const char *paths[] = {sharedPath.c_str()};
191 share.addPaths(paths, 1);
193 Api::applySharing(share);
194 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
195 runAccessTest(target, sharedPath, R_OK|X_OK);
196 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
198 Api::applySharing(share);
199 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
200 runAccessTest(target, sharedPath, R_OK|X_OK);
201 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
203 Api::dropSharing(share);
204 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
205 runAccessTest(target, sharedPath, R_OK|X_OK);
206 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
208 Api::dropSharing(share);
209 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
210 runAccessTest(target, sharedPath, 0);
211 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
215 * Check access after sharing separate private paths with one application in two separate
218 RUNNER_CHILD_TEST(security_manager_33a_share_two_with_one)
220 AppInstallHelper owner("sm_test_33a_owner");
221 owner.createPrivateFile(0);
222 owner.createPrivateFile(1);
223 ScopedInstaller ownerInstall(owner);
225 AppInstallHelper target("sm_test_33a_target");
226 ScopedInstaller targetInstall(target);
228 SharingRequest share1, share2;
229 std::string sharedPath1 = owner.getPrivatePath(0);
230 std::string sharedPath2 = owner.getPrivatePath(1);
231 share1.setOwnerAppId(owner.getAppId());
232 share2.setOwnerAppId(owner.getAppId());
233 share1.setTargetAppId(target.getAppId());
234 share2.setTargetAppId(target.getAppId());
235 const char *paths1[] = {sharedPath1.c_str()};
236 share1.addPaths(paths1, 1);
237 const char *paths2[] = {sharedPath2.c_str()};
238 share2.addPaths(paths2, 1);
240 Api::applySharing(share1);
241 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
242 runAccessTest(target, sharedPath1, R_OK|X_OK);
243 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
245 Api::applySharing(share2);
246 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
247 runAccessTest(target, sharedPath2, R_OK|X_OK);
248 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
250 Api::dropSharing(share1);
251 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
252 //execute access is given to directory containing file. files have the same label as directories.
253 runAccessTest(target, sharedPath1, X_OK);
254 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
255 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
256 runAccessTest(target, sharedPath2, R_OK|X_OK);
257 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
259 Api::dropSharing(share2);
260 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
261 runAccessTest(target, sharedPath2, 0);
262 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
266 * Check access after sharing separate private paths with one application in one sharing requests.
268 RUNNER_CHILD_TEST(security_manager_33b_share_two_with_one)
270 AppInstallHelper owner("sm_test_33b_owner");
271 owner.createPrivateFile(0);
272 owner.createPrivateFile(1);
273 ScopedInstaller ownerInstall(owner);
275 AppInstallHelper target("sm_test_33b_target");
276 ScopedInstaller targetInstall(target);
278 SharingRequest share;
279 std::string sharedPath1 = owner.getPrivatePath(0);
280 std::string sharedPath2 = owner.getPrivatePath(1);
281 share.setOwnerAppId(owner.getAppId());
282 share.setTargetAppId(target.getAppId());
283 const char *paths[] = {sharedPath1.c_str(), sharedPath2.c_str()};
285 share.addPaths(paths, 2);
287 Api::applySharing(share);
288 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
289 runAccessTest(target, sharedPath1, R_OK|X_OK);
290 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
291 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
292 runAccessTest(target, sharedPath2, R_OK|X_OK);
293 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
295 Api::dropSharing(share);
296 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
297 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
298 runAccessTest(target, sharedPath1, 0);
299 runAccessTest(target, sharedPath2, 0);
300 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
301 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
305 * Check access when sharing one private path with two separate applications.
307 RUNNER_CHILD_TEST(security_manager_34_share_one_with_two)
309 AppInstallHelper owner("sm_test_34_owner");
310 owner.createPrivateFile();
311 ScopedInstaller ownerInstall(owner);
313 AppInstallHelper target1("sm_test_34_target1");
314 ScopedInstaller targetInstall1(target1);
316 AppInstallHelper target2("sm_test_34_target2");
317 ScopedInstaller targetInstall2(target2);
319 SharingRequest share1, share2;
320 std::string sharedPath = owner.getPrivatePath(0).c_str();
321 share1.setOwnerAppId(owner.getAppId());
322 share2.setOwnerAppId(owner.getAppId());
323 share1.setTargetAppId(target1.getAppId());
324 share2.setTargetAppId(target2.getAppId());
325 const char *paths[] = {sharedPath.c_str()};
326 share1.addPaths(paths, 1);
327 share2.addPaths(paths, 1);
329 Api::applySharing(share1);
330 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
331 runAccessTest(target1, sharedPath, R_OK|X_OK);
332 runAccessTest(target2, sharedPath, 0);
333 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
335 Api::applySharing(share2);
336 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
337 runAccessTest(target2, sharedPath, R_OK|X_OK);
338 runAccessTest(target1, sharedPath, R_OK|X_OK);
339 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
341 Api::dropSharing(share1);
342 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
343 runAccessTest(target1, sharedPath, 0);
344 runAccessTest(target2, sharedPath, R_OK|X_OK);
345 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
347 Api::dropSharing(share2);
348 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
349 runAccessTest(target1, sharedPath, 0);
350 runAccessTest(target2, sharedPath, 0);
351 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
355 * Check access when sharing two separate private paths with two separate applications.
357 RUNNER_CHILD_TEST(security_manager_35_share_two_with_two)
359 AppInstallHelper owner("sm_test_35_owner");
360 owner.createPrivateFile(0);
361 owner.createPrivateFile(1);
362 ScopedInstaller ownerInstall(owner);
364 AppInstallHelper target1("sm_test_35_target1");
365 ScopedInstaller targetInstall1(target1);
367 AppInstallHelper target2("sm_test_35_target2");
368 ScopedInstaller targetInstall2(target2);
370 SharingRequest share1, share2;
371 std::string sharedPath1 = owner.getPrivatePath(0).c_str();
372 std::string sharedPath2 = owner.getPrivatePath(1).c_str();
373 share1.setOwnerAppId(owner.getAppId());
374 share2.setOwnerAppId(owner.getAppId());
375 share1.setTargetAppId(target1.getAppId());
376 share2.setTargetAppId(target2.getAppId());
377 const char *paths1[] = {sharedPath1.c_str()};
378 share1.addPaths(paths1, 1);
379 const char *paths2[] = {sharedPath2.c_str()};
380 share2.addPaths(paths2, 1);
382 Api::applySharing(share1);
383 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
384 runAccessTest(target1, sharedPath1, R_OK|X_OK);
385 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
387 Api::applySharing(share2);
388 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
389 runAccessTest(target1, sharedPath1, R_OK|X_OK);
390 runAccessTest(target1, sharedPath2, 0);
391 runAccessTest(target2, sharedPath2, R_OK|X_OK);
392 runAccessTest(target2, sharedPath1, 0);
393 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
395 Api::dropSharing(share2);
396 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
397 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
398 runAccessTest(target1, sharedPath1, R_OK|X_OK);
399 runAccessTest(target2, sharedPath2, 0);
400 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
402 Api::dropSharing(share1);
403 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
404 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
405 runAccessTest(target1, sharedPath1, 0);
406 runAccessTest(target2, sharedPath2, 0);
407 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
408 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
412 * Check access after sharing one private path with one application and after uninstalling target
415 RUNNER_CHILD_TEST(security_manager_35_share_uninstall_target) {
416 AppInstallHelper owner("sm_test_35_owner");
417 owner.createPrivateFile();
418 ScopedInstaller ownerInstall(owner);
420 AppInstallHelper target("sm_test_35_target");
421 ScopedInstaller targetInstall(target);
423 SharingRequest share;
424 std::string sharedPath = owner.getPrivatePath();
425 share.setOwnerAppId(owner.getAppId());
426 share.setTargetAppId(target.getAppId());
427 const char *paths[] = {sharedPath.c_str()};
428 share.addPaths(paths, 1);
429 Api::applySharing(share);
431 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
432 runAccessTest(target, sharedPath, R_OK|X_OK);
433 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
435 targetInstall.uninstallApp();
436 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
437 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
439 // Reinstall, so we can change context to same app_id
440 ScopedInstaller targetInstall2(target);
441 runAccessTest(target, sharedPath, 0);
443 Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
447 * Check access after sharing one private path with one application and after uninstalling owner
450 RUNNER_CHILD_TEST(security_manager_35_share_uninstall_owner) {
451 AppInstallHelper owner("sm_test_35_owner");
452 owner.createPrivateFile();
453 ScopedInstaller ownerInstall(owner);
455 AppInstallHelper target("sm_test_35_target");
456 ScopedInstaller targetInstall(target);
458 SharingRequest share;
459 std::string sharedPath = owner.getPrivatePath();
460 share.setOwnerAppId(owner.getAppId());
461 share.setTargetAppId(target.getAppId());
462 const char *paths[] = {sharedPath.c_str()};
463 share.addPaths(paths, 1);
464 Api::applySharing(share);
466 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
467 runAccessTest(target, sharedPath, R_OK|X_OK);
468 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
470 ownerInstall.uninstallApp();
472 runAccessTest(target, sharedPath, 0);
474 Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
479 * Check access after sharing one private path with one application and after uninstalling owner
480 * application from package with two applications.
482 RUNNER_CHILD_TEST(security_manager_36_share_pkg_owner_uninstall) {
483 std::string pkgName = "sm_test_36";
484 AppInstallHelper owner("sm_test_36_owner", pkgName);
485 owner.createPrivateFile();
486 ScopedInstaller ownerInstall(owner);
488 AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
489 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
491 AppInstallHelper target("sm_test_36_target");
492 ScopedInstaller targetInstall(target);
494 SharingRequest share;
495 std::string sharedPath = owner.getPrivatePath();
496 share.setOwnerAppId(owner.getAppId());
497 share.setTargetAppId(target.getAppId());
498 const char *paths[] = {sharedPath.c_str()};
499 share.addPaths(paths, 1);
500 Api::applySharing(share);
502 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
503 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
504 runAccessTest(target, sharedPath, R_OK|X_OK);
505 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
507 ownerInstall.uninstallApp();
509 runAccessTest(target, sharedPath, 0);
511 Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
515 * Check access after sharing one private path with one application when owner application is from
516 * package with two applications.
518 RUNNER_CHILD_TEST(security_manager_36_share_pkg_owner_drop) {
519 std::string pkgName = "sm_test_36";
520 AppInstallHelper owner("sm_test_36_owner", pkgName);
521 owner.createPrivateFile();
522 ScopedInstaller ownerInstall(owner);
524 AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
525 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
527 AppInstallHelper target("sm_test_36_target");
528 ScopedInstaller targetInstall(target);
530 SharingRequest share;
531 std::string sharedPath = owner.getPrivatePath();
532 share.setOwnerAppId(owner.getAppId());
533 share.setTargetAppId(target.getAppId());
534 const char *paths[] = {sharedPath.c_str()};
535 share.addPaths(paths, 1);
536 Api::applySharing(share);
538 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
539 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
540 runAccessTest(target, sharedPath, R_OK|X_OK);
541 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
543 Api::dropSharing(share);
545 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
546 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
547 runAccessTest(target, sharedPath, 0);
548 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
552 * Check access after sharing one private path with one application and after uninstalling target
553 * application when owner application is from package with two applications.
555 RUNNER_CHILD_TEST(security_manager_36_share_pkg_target_uninstall) {
556 std::string pkgName = "sm_test_36";
557 AppInstallHelper owner("sm_test_36_owner", pkgName);
558 owner.createPrivateFile();
559 ScopedInstaller ownerInstall(owner);
561 AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
562 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
564 AppInstallHelper target("sm_test_36_target");
565 ScopedInstaller targetInstall(target);
567 SharingRequest share;
568 std::string sharedPath = owner.getPrivatePath();
569 share.setOwnerAppId(owner.getAppId());
570 share.setTargetAppId(target.getAppId());
571 const char *paths[] = {sharedPath.c_str()};
572 share.addPaths(paths, 1);
573 Api::applySharing(share);
575 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
576 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
577 runAccessTest(target, sharedPath, R_OK|X_OK);
578 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
580 targetInstall.uninstallApp();
581 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
582 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
583 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
585 // Reinstall, so we can change context to same app_id
586 ScopedInstaller targetInstall2(target);
587 runAccessTest(target, sharedPath, 0);
589 Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
593 * Check access after double sharing one private path with one application and after uninstalling
594 * target application when owner application is from package with two applications.
596 RUNNER_CHILD_TEST(security_manager_37_pkg_double_share_target_uninstall) {
597 std::string pkgName = "sm_test_37";
598 AppInstallHelper owner("sm_test_37_owner", pkgName);
599 owner.createPrivateFile();
600 ScopedInstaller ownerInstall(owner);
602 AppInstallHelper samePkgAsOwnerApp("sm_test_37", pkgName);
603 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
605 AppInstallHelper target("sm_test_37_target");
606 ScopedInstaller targetInstall(target);
608 SharingRequest share;
609 std::string sharedPath = owner.getPrivatePath();
610 share.setOwnerAppId(owner.getAppId());
611 share.setTargetAppId(target.getAppId());
612 const char *paths[] = {sharedPath.c_str()};
613 share.addPaths(paths, 1);
614 Api::applySharing(share);
615 Api::applySharing(share);
617 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
618 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
619 runAccessTest(target, sharedPath, R_OK|X_OK);
620 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
622 targetInstall.uninstallApp();
623 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
624 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
625 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
627 // Reinstall, so we can change context to same app_id
628 ScopedInstaller targetInstall2(target);
629 runAccessTest(target, sharedPath, 0);
631 Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
635 * Check access after double sharing one private path with one application and after uninstalling
636 * owner application from package with two applications.
638 RUNNER_CHILD_TEST(security_manager_37_pkg_double_share_owner_uninstall) {
639 std::string pkgName = "sm_test_37";
640 AppInstallHelper owner("sm_test_37_owner", pkgName);
641 owner.createPrivateFile();
642 ScopedInstaller ownerInstall(owner);
644 AppInstallHelper samePkgAsOwnerApp("sm_test_37", pkgName);
645 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
647 AppInstallHelper target("sm_test_37_target");
648 ScopedInstaller targetInstall(target);
650 SharingRequest share;
651 std::string sharedPath = owner.getPrivatePath();
652 share.setOwnerAppId(owner.getAppId());
653 share.setTargetAppId(target.getAppId());
654 const char *paths[] = {sharedPath.c_str()};
655 share.addPaths(paths, 1);
656 Api::applySharing(share);
657 Api::applySharing(share);
659 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
660 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
661 runAccessTest(target, sharedPath, R_OK|X_OK);
662 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
664 ownerInstall.uninstallApp();
666 runAccessTest(target, sharedPath, 0);
668 Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
672 * Check access after sharing one private path with two applications from different packages and
673 * after uninstalling one of them and dropping second sharing.
675 RUNNER_CHILD_TEST(security_manager_38_share_one_with_two_uninstall_target)
677 AppInstallHelper owner("sm_test_34_owner");
678 owner.createPrivateFile();
679 ScopedInstaller ownerInstall(owner);
681 AppInstallHelper target1("sm_test_34_target1");
682 ScopedInstaller targetInstall1(target1);
684 AppInstallHelper target2("sm_test_34_target2");
685 ScopedInstaller targetInstall2(target2);
687 SharingRequest share1, share2;
688 std::string sharedPath = owner.getPrivatePath(0).c_str();
689 share1.setOwnerAppId(owner.getAppId());
690 share2.setOwnerAppId(owner.getAppId());
691 share1.setTargetAppId(target1.getAppId());
692 share2.setTargetAppId(target2.getAppId());
693 const char *paths[] = {sharedPath.c_str()};
694 share1.addPaths(paths, 1);
695 share2.addPaths(paths, 1);
697 Api::applySharing(share1);
698 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
699 runAccessTest(target1, sharedPath, R_OK|X_OK);
700 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
702 Api::applySharing(share2);
703 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
704 runAccessTest(target2, sharedPath, R_OK|X_OK);
705 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
707 targetInstall1.uninstallApp();
708 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
709 runAccessTest(target2, sharedPath, R_OK|X_OK);
710 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
712 // Reinstall, so we can change context to same app_id
713 ScopedInstaller targetInstall1_2(target1);
714 runAccessTest(target1, sharedPath, 0);
716 Api::dropSharing(share2);
718 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
719 runAccessTest(target2, sharedPath, 0);
720 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
722 Api::dropSharing(share1, SECURITY_MANAGER_ERROR_INPUT_PARAM);
726 * Check access after sharing one private path with two applications from different packages and
727 * after uninstalling owner application.
729 RUNNER_CHILD_TEST(security_manager_38_share_one_with_two_uninstall_owner)
731 AppInstallHelper owner("sm_test_34_owner");
732 owner.createPrivateFile();
733 ScopedInstaller ownerInstall(owner);
735 AppInstallHelper target1("sm_test_34_target1");
736 ScopedInstaller targetInstall1(target1);
738 AppInstallHelper target2("sm_test_34_target2");
739 ScopedInstaller targetInstall2(target2);
741 SharingRequest share1, share2;
742 std::string sharedPath = owner.getPrivatePath(0).c_str();
743 share1.setOwnerAppId(owner.getAppId());
744 share2.setOwnerAppId(owner.getAppId());
745 share1.setTargetAppId(target1.getAppId());
746 share2.setTargetAppId(target2.getAppId());
747 const char *paths[] = {sharedPath.c_str()};
748 share1.addPaths(paths, 1);
749 share2.addPaths(paths, 1);
751 Api::applySharing(share1);
752 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
753 runAccessTest(target1, sharedPath, R_OK|X_OK);
754 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
756 Api::applySharing(share2);
757 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
758 runAccessTest(target2, sharedPath, R_OK|X_OK);
759 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
761 ownerInstall.uninstallApp();
763 runAccessTest(target2, sharedPath, 0);
765 Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
766 Api::dropSharing(share2, SECURITY_MANAGER_ERROR_APP_UNKNOWN);