2 * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include <sys/smack.h>
24 #include <app_install_helper.h>
25 #include <dpl/test/test_runner.h>
27 #include <scoped_installer.h>
29 #include <sm_commons.h>
30 #include <sm_request.h>
31 #include <sm_sharing_request.h>
32 #include <tests_common.h>
34 using namespace SecurityManagerTest;
36 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_PRIVATE_SHARING)
39 * Check if request is rejected when incomplete
41 RUNNER_TEST(security_manager_30a_send_incomplete_req1)
43 SharingRequest request;
44 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
45 request.setOwnerAppId("sm_test_30a_owner_app_id");
46 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
47 request.setTargetAppId("sm_test_30a_target_app_id");
48 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
51 RUNNER_TEST(security_manager_30b_send_incomplete_req2)
53 SharingRequest request;
54 request.setTargetAppId("sm_test_30b_target_app_id");
55 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
56 request.setOwnerAppId("sm_test_30b_owner_app_id");
57 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
60 RUNNER_TEST(security_manager_30c_send_incomplete_req3)
62 SharingRequest request;
63 const char *somePaths[] = {"path1", "path2"};
64 request.addPaths(somePaths, sizeof(somePaths)/sizeof(somePaths[0]));
65 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
66 request.setOwnerAppId("sm_test_30_b_owner_app_id");
67 Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
71 * Check if sharing request for unknown owner app is rejected
74 RUNNER_TEST(security_manager_30d_unknown_owner)
76 AppInstallHelper target("sm_test_30d_target");
77 ScopedInstaller targetInstall(target);
79 AppInstallHelper notInstalledOwner("sm_test_30d_notinstalled_owner");
80 notInstalledOwner.createPrivateFile();
82 SharingRequest request;
83 request.setOwnerAppId(notInstalledOwner.getAppId());
84 request.setTargetAppId(target.getAppId());
86 std::string sharedPath = notInstalledOwner.getPrivatePath();
87 const char *paths[] = {sharedPath.c_str()};
88 request.addPaths(paths, 1);
89 Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
93 * Check if sharing request for unknown target app is rejected
95 RUNNER_TEST(security_manager_30e_unknown_target)
97 AppInstallHelper owner("sm_test_30e_owner");
98 owner.createPrivateFile();
99 ScopedInstaller ownerInstall(owner);
101 SharingRequest request;
102 request.setOwnerAppId(owner.getAppId());
103 request.setTargetAppId("sm_test_30e_notinstalled_target");
105 std::string sharedPath = owner.getPrivatePath();
106 const char *paths[] = {sharedPath.c_str()};
107 request.addPaths(paths, 1);
108 Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
112 * Check if sharing not owned path is rejected
114 RUNNER_TEST(security_manager_30f_bad_paths)
116 AppInstallHelper owner("sm_test_30f_owner");
117 ScopedInstaller ownerInstall(owner);
119 AppInstallHelper target("sm_test_30f_target");
120 target.createPrivateFile();
121 ScopedInstaller targetInstall(target);
123 SharingRequest share;
124 share.setOwnerAppId(owner.getAppId());
125 share.setTargetAppId(target.getAppId());
127 std::string sharedPath = target.getPrivatePath();
128 const char *paths[] = {sharedPath.c_str()};
129 share.addPaths(paths, 1);
130 Api::applySharing(share, SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER);
134 * Check proper access for sharing one path between applications from different packages
136 RUNNER_CHILD_TEST(security_manager_31_simple_share)
138 AppInstallHelper owner("sm_test_31_owner");
139 owner.createPrivateFile(0);
140 owner.createPrivateFile(1);
141 ScopedInstaller ownerInstall(owner);
143 AppInstallHelper target("sm_test_31_target");
144 ScopedInstaller targetInstall(target);
146 SharingRequest share;
147 std::string sharedPath = owner.getPrivatePath(0);
148 std::string privatePath = owner.getPrivatePath(1);
149 share.setOwnerAppId(owner.getAppId());
150 share.setTargetAppId(target.getAppId());
151 const char *paths[] = {sharedPath.c_str()};
152 share.addPaths(paths, 1);
153 Api::applySharing(share);
155 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
156 runAccessTest(target, sharedPath, R_OK|X_OK);
157 //execute access is given to directory containing file. files have the same label as directories.
158 runAccessTest(target, privatePath, X_OK);
159 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
161 Api::dropSharing(share);
162 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
163 runAccessTest(target, sharedPath, 0);
164 runAccessTest(target, privatePath, 0);
165 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
168 * Private sharing can be applied multiple times. Check if double private path sharing applying
169 * between two applications from different package is accepted and if access is properly set after
170 * fist and second apply and if is properly revoked only after second drop.
173 RUNNER_CHILD_TEST(security_manager_32_double_share)
175 AppInstallHelper owner("sm_test_32_owner");
176 owner.createPrivateFile();
177 ScopedInstaller ownerInstall(owner);
179 AppInstallHelper target("sm_test_32_target");
180 ScopedInstaller targetInstall(target);
182 SharingRequest share;
183 std::string sharedPath = owner.getPrivatePath();
184 share.setOwnerAppId(owner.getAppId());
185 share.setTargetAppId(target.getAppId());
186 const char *paths[] = {sharedPath.c_str()};
187 share.addPaths(paths, 1);
189 Api::applySharing(share);
190 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
191 runAccessTest(target, sharedPath, R_OK|X_OK);
192 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
194 Api::applySharing(share);
195 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
196 runAccessTest(target, sharedPath, R_OK|X_OK);
197 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
199 Api::dropSharing(share);
200 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
201 runAccessTest(target, sharedPath, R_OK|X_OK);
202 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
204 Api::dropSharing(share);
205 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
206 runAccessTest(target, sharedPath, 0);
207 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
211 * Check access after sharing separate private paths with one application in two separate
214 RUNNER_CHILD_TEST(security_manager_33a_share_two_with_one)
216 AppInstallHelper owner("sm_test_33a_owner");
217 owner.createPrivateFile(0);
218 owner.createPrivateFile(1);
219 ScopedInstaller ownerInstall(owner);
221 AppInstallHelper target("sm_test_33a_target");
222 ScopedInstaller targetInstall(target);
224 SharingRequest share1, share2;
225 std::string sharedPath1 = owner.getPrivatePath(0);
226 std::string sharedPath2 = owner.getPrivatePath(1);
227 share1.setOwnerAppId(owner.getAppId());
228 share2.setOwnerAppId(owner.getAppId());
229 share1.setTargetAppId(target.getAppId());
230 share2.setTargetAppId(target.getAppId());
231 const char *paths1[] = {sharedPath1.c_str()};
232 share1.addPaths(paths1, 1);
233 const char *paths2[] = {sharedPath2.c_str()};
234 share2.addPaths(paths2, 1);
236 Api::applySharing(share1);
237 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
238 runAccessTest(target, sharedPath1, R_OK|X_OK);
239 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
241 Api::applySharing(share2);
242 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
243 runAccessTest(target, sharedPath2, R_OK|X_OK);
244 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
246 Api::dropSharing(share1);
247 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
248 //execute access is given to directory containing file. files have the same label as directories.
249 runAccessTest(target, sharedPath1, X_OK);
250 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
251 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
252 runAccessTest(target, sharedPath2, R_OK|X_OK);
253 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
255 Api::dropSharing(share2);
256 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
257 runAccessTest(target, sharedPath2, 0);
258 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
262 * Check access after sharing separate private paths with one application in one sharing requests.
264 RUNNER_CHILD_TEST(security_manager_33b_share_two_with_one)
266 AppInstallHelper owner("sm_test_33b_owner");
267 owner.createPrivateFile(0);
268 owner.createPrivateFile(1);
269 ScopedInstaller ownerInstall(owner);
271 AppInstallHelper target("sm_test_33b_target");
272 ScopedInstaller targetInstall(target);
274 SharingRequest share;
275 std::string sharedPath1 = owner.getPrivatePath(0);
276 std::string sharedPath2 = owner.getPrivatePath(1);
277 share.setOwnerAppId(owner.getAppId());
278 share.setTargetAppId(target.getAppId());
279 const char *paths[] = {sharedPath1.c_str(), sharedPath2.c_str()};
281 share.addPaths(paths, 2);
283 Api::applySharing(share);
284 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
285 runAccessTest(target, sharedPath1, R_OK|X_OK);
286 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
287 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
288 runAccessTest(target, sharedPath2, R_OK|X_OK);
289 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
291 Api::dropSharing(share);
292 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
293 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
294 runAccessTest(target, sharedPath1, 0);
295 runAccessTest(target, sharedPath2, 0);
296 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
297 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
301 * Check access when sharing one private path with two separate applications.
303 RUNNER_CHILD_TEST(security_manager_34_share_one_with_two)
305 AppInstallHelper owner("sm_test_34_owner");
306 owner.createPrivateFile();
307 ScopedInstaller ownerInstall(owner);
309 AppInstallHelper target1("sm_test_34_target1");
310 ScopedInstaller targetInstall1(target1);
312 AppInstallHelper target2("sm_test_34_target2");
313 ScopedInstaller targetInstall2(target2);
315 SharingRequest share1, share2;
316 std::string sharedPath = owner.getPrivatePath(0).c_str();
317 share1.setOwnerAppId(owner.getAppId());
318 share2.setOwnerAppId(owner.getAppId());
319 share1.setTargetAppId(target1.getAppId());
320 share2.setTargetAppId(target2.getAppId());
321 const char *paths[] = {sharedPath.c_str()};
322 share1.addPaths(paths, 1);
323 share2.addPaths(paths, 1);
325 Api::applySharing(share1);
326 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
327 runAccessTest(target1, sharedPath, R_OK|X_OK);
328 runAccessTest(target2, sharedPath, 0);
329 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
331 Api::applySharing(share2);
332 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
333 runAccessTest(target2, sharedPath, R_OK|X_OK);
334 runAccessTest(target1, sharedPath, R_OK|X_OK);
335 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
337 Api::dropSharing(share1);
338 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
339 runAccessTest(target1, sharedPath, 0);
340 runAccessTest(target2, sharedPath, R_OK|X_OK);
341 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
343 Api::dropSharing(share2);
344 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
345 runAccessTest(target1, sharedPath, 0);
346 runAccessTest(target2, sharedPath, 0);
347 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
351 * Check access when sharing two separate private paths with two separate applications.
353 RUNNER_CHILD_TEST(security_manager_35_share_two_with_two)
355 AppInstallHelper owner("sm_test_35_owner");
356 owner.createPrivateFile(0);
357 owner.createPrivateFile(1);
358 ScopedInstaller ownerInstall(owner);
360 AppInstallHelper target1("sm_test_35_target1");
361 ScopedInstaller targetInstall1(target1);
363 AppInstallHelper target2("sm_test_35_target2");
364 ScopedInstaller targetInstall2(target2);
366 SharingRequest share1, share2;
367 std::string sharedPath1 = owner.getPrivatePath(0).c_str();
368 std::string sharedPath2 = owner.getPrivatePath(1).c_str();
369 share1.setOwnerAppId(owner.getAppId());
370 share2.setOwnerAppId(owner.getAppId());
371 share1.setTargetAppId(target1.getAppId());
372 share2.setTargetAppId(target2.getAppId());
373 const char *paths1[] = {sharedPath1.c_str()};
374 share1.addPaths(paths1, 1);
375 const char *paths2[] = {sharedPath2.c_str()};
376 share2.addPaths(paths2, 1);
378 Api::applySharing(share1);
379 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
380 runAccessTest(target1, sharedPath1, R_OK|X_OK);
381 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
383 Api::applySharing(share2);
384 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
385 runAccessTest(target1, sharedPath1, R_OK|X_OK);
386 runAccessTest(target1, sharedPath2, 0);
387 runAccessTest(target2, sharedPath2, R_OK|X_OK);
388 runAccessTest(target2, sharedPath1, 0);
389 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
391 Api::dropSharing(share2);
392 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
393 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
394 runAccessTest(target1, sharedPath1, R_OK|X_OK);
395 runAccessTest(target2, sharedPath2, 0);
396 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
398 Api::dropSharing(share1);
399 runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
400 runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
401 runAccessTest(target1, sharedPath1, 0);
402 runAccessTest(target2, sharedPath2, 0);
403 runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
404 runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
408 * Check access after sharing one private path with one application and after uninstalling target
411 RUNNER_CHILD_TEST(security_manager_35_share_uninstall_target) {
412 AppInstallHelper owner("sm_test_35_owner");
413 owner.createPrivateFile();
414 ScopedInstaller ownerInstall(owner);
416 AppInstallHelper target("sm_test_35_target");
417 ScopedInstaller targetInstall(target);
419 SharingRequest share;
420 std::string sharedPath = owner.getPrivatePath();
421 share.setOwnerAppId(owner.getAppId());
422 share.setTargetAppId(target.getAppId());
423 const char *paths[] = {sharedPath.c_str()};
424 share.addPaths(paths, 1);
425 Api::applySharing(share);
427 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
428 runAccessTest(target, sharedPath, R_OK|X_OK);
429 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
431 targetInstall.uninstallApp();
432 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
433 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
435 // Reinstall, so we can change context to same app_id
436 ScopedInstaller targetInstall2(target);
437 runAccessTest(target, sharedPath, 0);
439 Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
443 * Check access after sharing one private path with one application and after uninstalling owner
446 RUNNER_CHILD_TEST(security_manager_35_share_uninstall_owner) {
447 AppInstallHelper owner("sm_test_35_owner");
448 owner.createPrivateFile();
449 ScopedInstaller ownerInstall(owner);
451 AppInstallHelper target("sm_test_35_target");
452 ScopedInstaller targetInstall(target);
454 SharingRequest share;
455 std::string sharedPath = owner.getPrivatePath();
456 share.setOwnerAppId(owner.getAppId());
457 share.setTargetAppId(target.getAppId());
458 const char *paths[] = {sharedPath.c_str()};
459 share.addPaths(paths, 1);
460 Api::applySharing(share);
462 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
463 runAccessTest(target, sharedPath, R_OK|X_OK);
464 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
466 ownerInstall.uninstallApp();
468 runAccessTest(target, sharedPath, 0);
470 Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
475 * Check access after sharing one private path with one application and after uninstalling owner
476 * application from package with two applications.
478 RUNNER_CHILD_TEST(security_manager_36_share_pkg_owner_uninstall) {
479 std::string pkgName = "sm_test_36";
480 AppInstallHelper owner("sm_test_36_owner", pkgName);
481 owner.createPrivateFile();
482 ScopedInstaller ownerInstall(owner);
484 AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
485 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
487 AppInstallHelper target("sm_test_36_target");
488 ScopedInstaller targetInstall(target);
490 SharingRequest share;
491 std::string sharedPath = owner.getPrivatePath();
492 share.setOwnerAppId(owner.getAppId());
493 share.setTargetAppId(target.getAppId());
494 const char *paths[] = {sharedPath.c_str()};
495 share.addPaths(paths, 1);
496 Api::applySharing(share);
498 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
499 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
500 runAccessTest(target, sharedPath, R_OK|X_OK);
501 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
503 ownerInstall.uninstallApp();
505 runAccessTest(target, sharedPath, 0);
507 Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
511 * Check access after sharing one private path with one application when owner application is from
512 * package with two applications.
514 RUNNER_CHILD_TEST(security_manager_36_share_pkg_owner_drop) {
515 std::string pkgName = "sm_test_36";
516 AppInstallHelper owner("sm_test_36_owner", pkgName);
517 owner.createPrivateFile();
518 ScopedInstaller ownerInstall(owner);
520 AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
521 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
523 AppInstallHelper target("sm_test_36_target");
524 ScopedInstaller targetInstall(target);
526 SharingRequest share;
527 std::string sharedPath = owner.getPrivatePath();
528 share.setOwnerAppId(owner.getAppId());
529 share.setTargetAppId(target.getAppId());
530 const char *paths[] = {sharedPath.c_str()};
531 share.addPaths(paths, 1);
532 Api::applySharing(share);
534 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
535 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
536 runAccessTest(target, sharedPath, R_OK|X_OK);
537 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
539 Api::dropSharing(share);
541 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
542 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
543 runAccessTest(target, sharedPath, 0);
544 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
548 * Check access after sharing one private path with one application and after uninstalling target
549 * application when owner application is from package with two applications.
551 RUNNER_CHILD_TEST(security_manager_36_share_pkg_target_uninstall) {
552 std::string pkgName = "sm_test_36";
553 AppInstallHelper owner("sm_test_36_owner", pkgName);
554 owner.createPrivateFile();
555 ScopedInstaller ownerInstall(owner);
557 AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
558 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
560 AppInstallHelper target("sm_test_36_target");
561 ScopedInstaller targetInstall(target);
563 SharingRequest share;
564 std::string sharedPath = owner.getPrivatePath();
565 share.setOwnerAppId(owner.getAppId());
566 share.setTargetAppId(target.getAppId());
567 const char *paths[] = {sharedPath.c_str()};
568 share.addPaths(paths, 1);
569 Api::applySharing(share);
571 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
572 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
573 runAccessTest(target, sharedPath, R_OK|X_OK);
574 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
576 targetInstall.uninstallApp();
577 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
578 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
579 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
581 // Reinstall, so we can change context to same app_id
582 ScopedInstaller targetInstall2(target);
583 runAccessTest(target, sharedPath, 0);
585 Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
589 * Check access after double sharing one private path with one application and after uninstalling
590 * target application when owner application is from package with two applications.
592 RUNNER_CHILD_TEST(security_manager_37_pkg_double_share_target_uninstall) {
593 std::string pkgName = "sm_test_37";
594 AppInstallHelper owner("sm_test_37_owner", pkgName);
595 owner.createPrivateFile();
596 ScopedInstaller ownerInstall(owner);
598 AppInstallHelper samePkgAsOwnerApp("sm_test_37", pkgName);
599 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
601 AppInstallHelper target("sm_test_37_target");
602 ScopedInstaller targetInstall(target);
604 SharingRequest share;
605 std::string sharedPath = owner.getPrivatePath();
606 share.setOwnerAppId(owner.getAppId());
607 share.setTargetAppId(target.getAppId());
608 const char *paths[] = {sharedPath.c_str()};
609 share.addPaths(paths, 1);
610 Api::applySharing(share);
611 Api::applySharing(share);
613 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
614 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
615 runAccessTest(target, sharedPath, R_OK|X_OK);
616 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
618 targetInstall.uninstallApp();
619 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
620 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
621 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
623 // Reinstall, so we can change context to same app_id
624 ScopedInstaller targetInstall2(target);
625 runAccessTest(target, sharedPath, 0);
627 Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
631 * Check access after double sharing one private path with one application and after uninstalling
632 * owner application from package with two applications.
634 RUNNER_CHILD_TEST(security_manager_37_pkg_double_share_owner_uninstall) {
635 std::string pkgName = "sm_test_37";
636 AppInstallHelper owner("sm_test_37_owner", pkgName);
637 owner.createPrivateFile();
638 ScopedInstaller ownerInstall(owner);
640 AppInstallHelper samePkgAsOwnerApp("sm_test_37", pkgName);
641 ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
643 AppInstallHelper target("sm_test_37_target");
644 ScopedInstaller targetInstall(target);
646 SharingRequest share;
647 std::string sharedPath = owner.getPrivatePath();
648 share.setOwnerAppId(owner.getAppId());
649 share.setTargetAppId(target.getAppId());
650 const char *paths[] = {sharedPath.c_str()};
651 share.addPaths(paths, 1);
652 Api::applySharing(share);
653 Api::applySharing(share);
655 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
656 runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
657 runAccessTest(target, sharedPath, R_OK|X_OK);
658 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
660 ownerInstall.uninstallApp();
662 runAccessTest(target, sharedPath, 0);
664 Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
668 * Check access after sharing one private path with two applications from different packages and
669 * after uninstalling one of them and dropping second sharing.
671 RUNNER_CHILD_TEST(security_manager_38_share_one_with_two_uninstall_target)
673 AppInstallHelper owner("sm_test_34_owner");
674 owner.createPrivateFile();
675 ScopedInstaller ownerInstall(owner);
677 AppInstallHelper target1("sm_test_34_target1");
678 ScopedInstaller targetInstall1(target1);
680 AppInstallHelper target2("sm_test_34_target2");
681 ScopedInstaller targetInstall2(target2);
683 SharingRequest share1, share2;
684 std::string sharedPath = owner.getPrivatePath(0).c_str();
685 share1.setOwnerAppId(owner.getAppId());
686 share2.setOwnerAppId(owner.getAppId());
687 share1.setTargetAppId(target1.getAppId());
688 share2.setTargetAppId(target2.getAppId());
689 const char *paths[] = {sharedPath.c_str()};
690 share1.addPaths(paths, 1);
691 share2.addPaths(paths, 1);
693 Api::applySharing(share1);
694 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
695 runAccessTest(target1, sharedPath, R_OK|X_OK);
696 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
698 Api::applySharing(share2);
699 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
700 runAccessTest(target2, sharedPath, R_OK|X_OK);
701 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
703 targetInstall1.uninstallApp();
704 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
705 runAccessTest(target2, sharedPath, R_OK|X_OK);
706 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
708 // Reinstall, so we can change context to same app_id
709 ScopedInstaller targetInstall1_2(target1);
710 runAccessTest(target1, sharedPath, 0);
712 Api::dropSharing(share2);
714 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
715 runAccessTest(target2, sharedPath, 0);
716 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
718 Api::dropSharing(share1, SECURITY_MANAGER_ERROR_INPUT_PARAM);
722 * Check access after sharing one private path with two applications from different packages and
723 * after uninstalling owner application.
725 RUNNER_CHILD_TEST(security_manager_38_share_one_with_two_uninstall_owner)
727 AppInstallHelper owner("sm_test_34_owner");
728 owner.createPrivateFile();
729 ScopedInstaller ownerInstall(owner);
731 AppInstallHelper target1("sm_test_34_target1");
732 ScopedInstaller targetInstall1(target1);
734 AppInstallHelper target2("sm_test_34_target2");
735 ScopedInstaller targetInstall2(target2);
737 SharingRequest share1, share2;
738 std::string sharedPath = owner.getPrivatePath(0).c_str();
739 share1.setOwnerAppId(owner.getAppId());
740 share2.setOwnerAppId(owner.getAppId());
741 share1.setTargetAppId(target1.getAppId());
742 share2.setTargetAppId(target2.getAppId());
743 const char *paths[] = {sharedPath.c_str()};
744 share1.addPaths(paths, 1);
745 share2.addPaths(paths, 1);
747 Api::applySharing(share1);
748 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
749 runAccessTest(target1, sharedPath, R_OK|X_OK);
750 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
752 Api::applySharing(share2);
753 runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
754 runAccessTest(target2, sharedPath, R_OK|X_OK);
755 runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
757 ownerInstall.uninstallApp();
759 runAccessTest(target2, sharedPath, 0);
761 Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
762 Api::dropSharing(share2, SECURITY_MANAGER_ERROR_APP_UNKNOWN);