projects / platform / core / test / security-tests.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Cleanup attr/xattr.h usage.
[platform/core/test/security-tests.git] / src / security-manager-tests / test_cases_private_sharing.cpp
1 /*
2  * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd All Rights Reserved
3  *
4  *    Licensed under the Apache License, Version 2.0 (the "License");
5  *    you may not use this file except in compliance with the License.
6  *    You may obtain a copy of the License at
7  *
8  *        http://www.apache.org/licenses/LICENSE-2.0
9  *
10  *    Unless required by applicable law or agreed to in writing, software
11  *    distributed under the License is distributed on an "AS IS" BASIS,
12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  *    See the License for the specific language governing permissions and
14  *    limitations under the License.
15  */
16
17 #include <ftw.h>
18 #include <string>
19 #include <sys/smack.h>
20 #include <sys/stat.h>
21 #include <unistd.h>
22 #include <vector>
23
24 #include <app_install_helper.h>
25 #include <dpl/test/test_runner.h>
26 #include <memory.h>
27 #include <scoped_installer.h>
28 #include <sm_api.h>
29 #include <sm_commons.h>
30 #include <sm_request.h>
31 #include <sm_sharing_request.h>
32 #include <tests_common.h>
33
34 using namespace SecurityManagerTest;
35
36 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_PRIVATE_SHARING)
37
38 /*
39  * Check if request is rejected when incomplete
40  */
41 RUNNER_TEST(security_manager_30a_send_incomplete_req1)
42 {
43     SharingRequest request;
44     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
45     request.setOwnerAppId("sm_test_30a_owner_app_id");
46     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
47     request.setTargetAppId("sm_test_30a_target_app_id");
48     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
49 }
50
51 RUNNER_TEST(security_manager_30b_send_incomplete_req2)
52 {
53     SharingRequest request;
54     request.setTargetAppId("sm_test_30b_target_app_id");
55     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
56     request.setOwnerAppId("sm_test_30b_owner_app_id");
57     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
58 }
59
60 RUNNER_TEST(security_manager_30c_send_incomplete_req3)
61 {
62     SharingRequest request;
63     const char *somePaths[] = {"path1", "path2"};
64     request.addPaths(somePaths, sizeof(somePaths)/sizeof(somePaths[0]));
65     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
66     request.setOwnerAppId("sm_test_30_b_owner_app_id");
67     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
68 }
69
70 /*
71  * Check if sharing request for unknown owner app is rejected
72  */
73
74 RUNNER_TEST(security_manager_30d_unknown_owner)
75 {
76     AppInstallHelper target("sm_test_30d_target");
77     ScopedInstaller targetInstall(target);
78
79     AppInstallHelper notInstalledOwner("sm_test_30d_notinstalled_owner");
80     notInstalledOwner.createPrivateFile();
81
82     SharingRequest request;
83     request.setOwnerAppId(notInstalledOwner.getAppId());
84     request.setTargetAppId(target.getAppId());
85
86     std::string sharedPath = notInstalledOwner.getPrivatePath();
87     const char *paths[] = {sharedPath.c_str()};
88     request.addPaths(paths, 1);
89     Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
90 }
91
92 /*
93  * Check if sharing request for unknown target app is rejected
94  */
95 RUNNER_TEST(security_manager_30e_unknown_target)
96 {
97     AppInstallHelper owner("sm_test_30e_owner");
98     owner.createPrivateFile();
99     ScopedInstaller ownerInstall(owner);
100
101     SharingRequest request;
102     request.setOwnerAppId(owner.getAppId());
103     request.setTargetAppId("sm_test_30e_notinstalled_target");
104
105     std::string sharedPath = owner.getPrivatePath();
106     const char *paths[] = {sharedPath.c_str()};
107     request.addPaths(paths, 1);
108     Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
109 }
110
111 /*
112  * Check if sharing not owned path is rejected
113  */
114 RUNNER_TEST(security_manager_30f_bad_paths)
115 {
116     AppInstallHelper owner("sm_test_30f_owner");
117     ScopedInstaller ownerInstall(owner);
118
119     AppInstallHelper target("sm_test_30f_target");
120     target.createPrivateFile();
121     ScopedInstaller targetInstall(target);
122
123     SharingRequest share;
124     share.setOwnerAppId(owner.getAppId());
125     share.setTargetAppId(target.getAppId());
126
127     std::string sharedPath = target.getPrivatePath();
128     const char *paths[] = {sharedPath.c_str()};
129     share.addPaths(paths, 1);
130     Api::applySharing(share, SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER);
131 }
132
133 /*
134  * Check proper access for sharing one path between applications from different packages
135  */
136 RUNNER_CHILD_TEST(security_manager_31_simple_share)
137 {
138     AppInstallHelper owner("sm_test_31_owner");
139     owner.createPrivateFile(0);
140     owner.createPrivateFile(1);
141     ScopedInstaller ownerInstall(owner);
142
143     AppInstallHelper target("sm_test_31_target");
144     ScopedInstaller targetInstall(target);
145
146     SharingRequest share;
147     std::string sharedPath = owner.getPrivatePath(0);
148     std::string privatePath = owner.getPrivatePath(1);
149     share.setOwnerAppId(owner.getAppId());
150     share.setTargetAppId(target.getAppId());
151     const char *paths[] = {sharedPath.c_str()};
152     share.addPaths(paths, 1);
153     Api::applySharing(share);
154
155     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
156     runAccessTest(target, sharedPath, R_OK|X_OK);
157     //execute access is given to directory containing file. files have the same label as directories.
158     runAccessTest(target, privatePath, X_OK);
159     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
160
161     Api::dropSharing(share);
162     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
163     runAccessTest(target, sharedPath, 0);
164     runAccessTest(target, privatePath, 0);
165     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
166 }
167 /*
168  * Private sharing can be applied multiple times. Check if double private path sharing applying
169  * between two applications from different package is accepted and if access is properly set after
170  * fist and second apply and if is properly revoked only after second drop.
171  *
172  */
173 RUNNER_CHILD_TEST(security_manager_32_double_share)
174 {
175     AppInstallHelper owner("sm_test_32_owner");
176     owner.createPrivateFile();
177     ScopedInstaller ownerInstall(owner);
178
179     AppInstallHelper target("sm_test_32_target");
180     ScopedInstaller targetInstall(target);
181
182     SharingRequest share;
183     std::string sharedPath = owner.getPrivatePath();
184     share.setOwnerAppId(owner.getAppId());
185     share.setTargetAppId(target.getAppId());
186     const char *paths[] = {sharedPath.c_str()};
187     share.addPaths(paths, 1);
188
189     Api::applySharing(share);
190     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
191     runAccessTest(target, sharedPath, R_OK|X_OK);
192     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
193
194     Api::applySharing(share);
195     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
196     runAccessTest(target, sharedPath, R_OK|X_OK);
197     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
198
199     Api::dropSharing(share);
200     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
201     runAccessTest(target, sharedPath, R_OK|X_OK);
202     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
203
204     Api::dropSharing(share);
205     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
206     runAccessTest(target, sharedPath, 0);
207     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
208 }
209
210 /*
211  * Check access after sharing separate private paths with one application in two separate
212  * sharing requests.
213  */
214 RUNNER_CHILD_TEST(security_manager_33a_share_two_with_one)
215 {
216     AppInstallHelper owner("sm_test_33a_owner");
217     owner.createPrivateFile(0);
218     owner.createPrivateFile(1);
219     ScopedInstaller ownerInstall(owner);
220
221     AppInstallHelper target("sm_test_33a_target");
222     ScopedInstaller targetInstall(target);
223
224     SharingRequest share1, share2;
225     std::string sharedPath1 = owner.getPrivatePath(0);
226     std::string sharedPath2 = owner.getPrivatePath(1);
227     share1.setOwnerAppId(owner.getAppId());
228     share2.setOwnerAppId(owner.getAppId());
229     share1.setTargetAppId(target.getAppId());
230     share2.setTargetAppId(target.getAppId());
231     const char *paths1[] = {sharedPath1.c_str()};
232     share1.addPaths(paths1, 1);
233     const char *paths2[] = {sharedPath2.c_str()};
234     share2.addPaths(paths2, 1);
235
236     Api::applySharing(share1);
237     runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
238     runAccessTest(target, sharedPath1, R_OK|X_OK);
239     runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
240
241     Api::applySharing(share2);
242     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
243     runAccessTest(target, sharedPath2, R_OK|X_OK);
244     runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
245
246     Api::dropSharing(share1);
247     runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
248     //execute access is given to directory containing file. files have the same label as directories.
249     runAccessTest(target, sharedPath1, X_OK);
250     runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
251     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
252     runAccessTest(target, sharedPath2, R_OK|X_OK);
253     runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
254
255     Api::dropSharing(share2);
256     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
257     runAccessTest(target, sharedPath2, 0);
258     runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
259 }
260
261 /*
262  * Check access after sharing separate private paths with one application in one sharing requests.
263  */
264 RUNNER_CHILD_TEST(security_manager_33b_share_two_with_one)
265 {
266     AppInstallHelper owner("sm_test_33b_owner");
267     owner.createPrivateFile(0);
268     owner.createPrivateFile(1);
269     ScopedInstaller ownerInstall(owner);
270
271     AppInstallHelper target("sm_test_33b_target");
272     ScopedInstaller targetInstall(target);
273
274     SharingRequest share;
275     std::string sharedPath1 = owner.getPrivatePath(0);
276     std::string sharedPath2 = owner.getPrivatePath(1);
277     share.setOwnerAppId(owner.getAppId());
278     share.setTargetAppId(target.getAppId());
279     const char *paths[] = {sharedPath1.c_str(), sharedPath2.c_str()};
280
281     share.addPaths(paths, 2);
282
283     Api::applySharing(share);
284     runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
285     runAccessTest(target, sharedPath1, R_OK|X_OK);
286     runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
287     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
288     runAccessTest(target, sharedPath2, R_OK|X_OK);
289     runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
290
291     Api::dropSharing(share);
292     runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
293     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
294     runAccessTest(target, sharedPath1, 0);
295     runAccessTest(target, sharedPath2, 0);
296     runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
297     runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
298 }
299
300 /*
301  * Check access when sharing one private path with two separate applications.
302  */
303 RUNNER_CHILD_TEST(security_manager_34_share_one_with_two)
304 {
305     AppInstallHelper owner("sm_test_34_owner");
306     owner.createPrivateFile();
307     ScopedInstaller ownerInstall(owner);
308
309     AppInstallHelper target1("sm_test_34_target1");
310     ScopedInstaller targetInstall1(target1);
311
312     AppInstallHelper target2("sm_test_34_target2");
313     ScopedInstaller targetInstall2(target2);
314
315     SharingRequest share1, share2;
316     std::string sharedPath = owner.getPrivatePath(0).c_str();
317     share1.setOwnerAppId(owner.getAppId());
318     share2.setOwnerAppId(owner.getAppId());
319     share1.setTargetAppId(target1.getAppId());
320     share2.setTargetAppId(target2.getAppId());
321     const char *paths[] = {sharedPath.c_str()};
322     share1.addPaths(paths, 1);
323     share2.addPaths(paths, 1);
324
325     Api::applySharing(share1);
326     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
327     runAccessTest(target1, sharedPath, R_OK|X_OK);
328     runAccessTest(target2, sharedPath, 0);
329     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
330
331     Api::applySharing(share2);
332     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
333     runAccessTest(target2, sharedPath, R_OK|X_OK);
334     runAccessTest(target1, sharedPath, R_OK|X_OK);
335     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
336
337     Api::dropSharing(share1);
338     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
339     runAccessTest(target1, sharedPath, 0);
340     runAccessTest(target2, sharedPath, R_OK|X_OK);
341     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
342
343     Api::dropSharing(share2);
344     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
345     runAccessTest(target1, sharedPath, 0);
346     runAccessTest(target2, sharedPath, 0);
347     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
348 }
349
350 /*
351  * Check access when sharing two separate private paths with two separate applications.
352  */
353 RUNNER_CHILD_TEST(security_manager_35_share_two_with_two)
354 {
355     AppInstallHelper owner("sm_test_35_owner");
356     owner.createPrivateFile(0);
357     owner.createPrivateFile(1);
358     ScopedInstaller ownerInstall(owner);
359
360     AppInstallHelper target1("sm_test_35_target1");
361     ScopedInstaller targetInstall1(target1);
362
363     AppInstallHelper target2("sm_test_35_target2");
364     ScopedInstaller targetInstall2(target2);
365
366     SharingRequest share1, share2;
367     std::string sharedPath1 = owner.getPrivatePath(0).c_str();
368     std::string sharedPath2 = owner.getPrivatePath(1).c_str();
369     share1.setOwnerAppId(owner.getAppId());
370     share2.setOwnerAppId(owner.getAppId());
371     share1.setTargetAppId(target1.getAppId());
372     share2.setTargetAppId(target2.getAppId());
373     const char *paths1[] = {sharedPath1.c_str()};
374     share1.addPaths(paths1, 1);
375     const char *paths2[] = {sharedPath2.c_str()};
376     share2.addPaths(paths2, 1);
377
378     Api::applySharing(share1);
379     runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
380     runAccessTest(target1, sharedPath1, R_OK|X_OK);
381     runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
382
383     Api::applySharing(share2);
384     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
385     runAccessTest(target1, sharedPath1, R_OK|X_OK);
386     runAccessTest(target1, sharedPath2, 0);
387     runAccessTest(target2, sharedPath2, R_OK|X_OK);
388     runAccessTest(target2, sharedPath1, 0);
389     runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
390
391     Api::dropSharing(share2);
392     runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
393     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
394     runAccessTest(target1, sharedPath1, R_OK|X_OK);
395     runAccessTest(target2, sharedPath2, 0);
396     runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
397
398     Api::dropSharing(share1);
399     runAccessTest(owner, sharedPath1, R_OK|W_OK|X_OK);
400     runAccessTest(owner, sharedPath2, R_OK|W_OK|X_OK);
401     runAccessTest(target1, sharedPath1, 0);
402     runAccessTest(target2, sharedPath2, 0);
403     runSystemAccessTest(geteuid(), getegid(), sharedPath1, R_OK|W_OK|X_OK);
404     runSystemAccessTest(geteuid(), getegid(), sharedPath2, R_OK|W_OK|X_OK);
405 }
406
407 /*
408  * Check access after sharing one private path with one application and after uninstalling target
409  * application.
410  */
411 RUNNER_CHILD_TEST(security_manager_35_share_uninstall_target) {
412     AppInstallHelper owner("sm_test_35_owner");
413     owner.createPrivateFile();
414     ScopedInstaller ownerInstall(owner);
415
416     AppInstallHelper target("sm_test_35_target");
417     ScopedInstaller targetInstall(target);
418
419     SharingRequest share;
420     std::string sharedPath = owner.getPrivatePath();
421     share.setOwnerAppId(owner.getAppId());
422     share.setTargetAppId(target.getAppId());
423     const char *paths[] = {sharedPath.c_str()};
424     share.addPaths(paths, 1);
425     Api::applySharing(share);
426
427     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
428     runAccessTest(target, sharedPath, R_OK|X_OK);
429     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
430
431     targetInstall.uninstallApp();
432     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
433     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
434
435     // Reinstall, so we can change context to same app_id
436     ScopedInstaller targetInstall2(target);
437     runAccessTest(target, sharedPath, 0);
438
439     Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
440 }
441
442 /*
443  * Check access after sharing one private path with one application and after uninstalling owner
444  * application.
445  */
446 RUNNER_CHILD_TEST(security_manager_35_share_uninstall_owner) {
447     AppInstallHelper owner("sm_test_35_owner");
448     owner.createPrivateFile();
449     ScopedInstaller ownerInstall(owner);
450
451     AppInstallHelper target("sm_test_35_target");
452     ScopedInstaller targetInstall(target);
453
454     SharingRequest share;
455     std::string sharedPath = owner.getPrivatePath();
456     share.setOwnerAppId(owner.getAppId());
457     share.setTargetAppId(target.getAppId());
458     const char *paths[] = {sharedPath.c_str()};
459     share.addPaths(paths, 1);
460     Api::applySharing(share);
461
462     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
463     runAccessTest(target, sharedPath, R_OK|X_OK);
464     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
465
466     ownerInstall.uninstallApp();
467
468     runAccessTest(target, sharedPath, 0);
469
470     Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
471
472 }
473
474 /*
475  * Check access after sharing one private path with one application and after uninstalling owner
476  * application from package with two applications.
477  */
478 RUNNER_CHILD_TEST(security_manager_36_share_pkg_owner_uninstall) {
479     std::string pkgName = "sm_test_36";
480     AppInstallHelper owner("sm_test_36_owner", pkgName);
481     owner.createPrivateFile();
482     ScopedInstaller ownerInstall(owner);
483
484     AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
485     ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
486
487     AppInstallHelper target("sm_test_36_target");
488     ScopedInstaller targetInstall(target);
489
490     SharingRequest share;
491     std::string sharedPath = owner.getPrivatePath();
492     share.setOwnerAppId(owner.getAppId());
493     share.setTargetAppId(target.getAppId());
494     const char *paths[] = {sharedPath.c_str()};
495     share.addPaths(paths, 1);
496     Api::applySharing(share);
497
498     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
499     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
500     runAccessTest(target, sharedPath, R_OK|X_OK);
501     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
502
503     ownerInstall.uninstallApp();
504
505     runAccessTest(target, sharedPath, 0);
506
507     Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
508 }
509
510 /*
511  * Check access after sharing one private path with one application when owner application is from
512  * package with two applications.
513  */
514 RUNNER_CHILD_TEST(security_manager_36_share_pkg_owner_drop) {
515     std::string pkgName = "sm_test_36";
516     AppInstallHelper owner("sm_test_36_owner", pkgName);
517     owner.createPrivateFile();
518     ScopedInstaller ownerInstall(owner);
519
520     AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
521     ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
522
523     AppInstallHelper target("sm_test_36_target");
524     ScopedInstaller targetInstall(target);
525
526     SharingRequest share;
527     std::string sharedPath = owner.getPrivatePath();
528     share.setOwnerAppId(owner.getAppId());
529     share.setTargetAppId(target.getAppId());
530     const char *paths[] = {sharedPath.c_str()};
531     share.addPaths(paths, 1);
532     Api::applySharing(share);
533
534     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
535     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
536     runAccessTest(target, sharedPath, R_OK|X_OK);
537     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
538
539     Api::dropSharing(share);
540
541     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
542     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
543     runAccessTest(target, sharedPath, 0);
544     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
545 }
546
547 /*
548  * Check access after sharing one private path with one application and after uninstalling target
549  * application when owner application is from package with two applications.
550  */
551 RUNNER_CHILD_TEST(security_manager_36_share_pkg_target_uninstall) {
552     std::string pkgName = "sm_test_36";
553     AppInstallHelper owner("sm_test_36_owner", pkgName);
554     owner.createPrivateFile();
555     ScopedInstaller ownerInstall(owner);
556
557     AppInstallHelper samePkgAsOwnerApp("sm_test_36", pkgName);
558     ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
559
560     AppInstallHelper target("sm_test_36_target");
561     ScopedInstaller targetInstall(target);
562
563     SharingRequest share;
564     std::string sharedPath = owner.getPrivatePath();
565     share.setOwnerAppId(owner.getAppId());
566     share.setTargetAppId(target.getAppId());
567     const char *paths[] = {sharedPath.c_str()};
568     share.addPaths(paths, 1);
569     Api::applySharing(share);
570
571     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
572     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
573     runAccessTest(target, sharedPath, R_OK|X_OK);
574     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
575
576     targetInstall.uninstallApp();
577     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
578     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
579     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
580
581     // Reinstall, so we can change context to same app_id
582     ScopedInstaller targetInstall2(target);
583     runAccessTest(target, sharedPath, 0);
584
585     Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
586 }
587
588 /*
589  * Check access after double sharing one private path with one application and after uninstalling
590  * target application when owner application is from package with two applications.
591  */
592 RUNNER_CHILD_TEST(security_manager_37_pkg_double_share_target_uninstall) {
593     std::string pkgName = "sm_test_37";
594     AppInstallHelper owner("sm_test_37_owner", pkgName);
595     owner.createPrivateFile();
596     ScopedInstaller ownerInstall(owner);
597
598     AppInstallHelper samePkgAsOwnerApp("sm_test_37", pkgName);
599     ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
600
601     AppInstallHelper target("sm_test_37_target");
602     ScopedInstaller targetInstall(target);
603
604     SharingRequest share;
605     std::string sharedPath = owner.getPrivatePath();
606     share.setOwnerAppId(owner.getAppId());
607     share.setTargetAppId(target.getAppId());
608     const char *paths[] = {sharedPath.c_str()};
609     share.addPaths(paths, 1);
610     Api::applySharing(share);
611     Api::applySharing(share);
612
613     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
614     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
615     runAccessTest(target, sharedPath, R_OK|X_OK);
616     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
617
618     targetInstall.uninstallApp();
619     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
620     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
621     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
622
623     // Reinstall, so we can change context to same app_id
624     ScopedInstaller targetInstall2(target);
625     runAccessTest(target, sharedPath, 0);
626
627     Api::dropSharing(share, SECURITY_MANAGER_ERROR_INPUT_PARAM);
628 }
629
630 /*
631  * Check access after double sharing one private path with one application and after uninstalling
632  * owner application from package with two applications.
633  */
634 RUNNER_CHILD_TEST(security_manager_37_pkg_double_share_owner_uninstall) {
635     std::string pkgName = "sm_test_37";
636     AppInstallHelper owner("sm_test_37_owner", pkgName);
637     owner.createPrivateFile();
638     ScopedInstaller ownerInstall(owner);
639
640     AppInstallHelper samePkgAsOwnerApp("sm_test_37", pkgName);
641     ScopedInstaller samePkgAsOwnerInstall(samePkgAsOwnerApp);
642
643     AppInstallHelper target("sm_test_37_target");
644     ScopedInstaller targetInstall(target);
645
646     SharingRequest share;
647     std::string sharedPath = owner.getPrivatePath();
648     share.setOwnerAppId(owner.getAppId());
649     share.setTargetAppId(target.getAppId());
650     const char *paths[] = {sharedPath.c_str()};
651     share.addPaths(paths, 1);
652     Api::applySharing(share);
653     Api::applySharing(share);
654
655     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
656     runAccessTest(samePkgAsOwnerApp, sharedPath, R_OK|W_OK|X_OK);
657     runAccessTest(target, sharedPath, R_OK|X_OK);
658     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
659
660     ownerInstall.uninstallApp();
661
662     runAccessTest(target, sharedPath, 0);
663
664     Api::dropSharing(share, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
665 }
666
667 /*
668  * Check access after sharing one private path with two applications from different packages and
669  * after uninstalling one of them and dropping second sharing.
670  */
671 RUNNER_CHILD_TEST(security_manager_38_share_one_with_two_uninstall_target)
672 {
673     AppInstallHelper owner("sm_test_34_owner");
674     owner.createPrivateFile();
675     ScopedInstaller ownerInstall(owner);
676
677     AppInstallHelper target1("sm_test_34_target1");
678     ScopedInstaller targetInstall1(target1);
679
680     AppInstallHelper target2("sm_test_34_target2");
681     ScopedInstaller targetInstall2(target2);
682
683     SharingRequest share1, share2;
684     std::string sharedPath = owner.getPrivatePath(0).c_str();
685     share1.setOwnerAppId(owner.getAppId());
686     share2.setOwnerAppId(owner.getAppId());
687     share1.setTargetAppId(target1.getAppId());
688     share2.setTargetAppId(target2.getAppId());
689     const char *paths[] = {sharedPath.c_str()};
690     share1.addPaths(paths, 1);
691     share2.addPaths(paths, 1);
692
693     Api::applySharing(share1);
694     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
695     runAccessTest(target1, sharedPath, R_OK|X_OK);
696     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
697
698     Api::applySharing(share2);
699     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
700     runAccessTest(target2, sharedPath, R_OK|X_OK);
701     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
702
703     targetInstall1.uninstallApp();
704     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
705     runAccessTest(target2, sharedPath, R_OK|X_OK);
706     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
707
708     // Reinstall, so we can change context to same app_id
709     ScopedInstaller targetInstall1_2(target1);
710     runAccessTest(target1, sharedPath, 0);
711
712     Api::dropSharing(share2);
713
714     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
715     runAccessTest(target2, sharedPath, 0);
716     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
717
718     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_INPUT_PARAM);
719 }
720
721 /*
722  * Check access after sharing one private path with two applications from different packages and
723  * after uninstalling owner application.
724  */
725 RUNNER_CHILD_TEST(security_manager_38_share_one_with_two_uninstall_owner)
726 {
727     AppInstallHelper owner("sm_test_34_owner");
728     owner.createPrivateFile();
729     ScopedInstaller ownerInstall(owner);
730
731     AppInstallHelper target1("sm_test_34_target1");
732     ScopedInstaller targetInstall1(target1);
733
734     AppInstallHelper target2("sm_test_34_target2");
735     ScopedInstaller targetInstall2(target2);
736
737     SharingRequest share1, share2;
738     std::string sharedPath = owner.getPrivatePath(0).c_str();
739     share1.setOwnerAppId(owner.getAppId());
740     share2.setOwnerAppId(owner.getAppId());
741     share1.setTargetAppId(target1.getAppId());
742     share2.setTargetAppId(target2.getAppId());
743     const char *paths[] = {sharedPath.c_str()};
744     share1.addPaths(paths, 1);
745     share2.addPaths(paths, 1);
746
747     Api::applySharing(share1);
748     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
749     runAccessTest(target1, sharedPath, R_OK|X_OK);
750     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
751
752     Api::applySharing(share2);
753     runAccessTest(owner, sharedPath, R_OK|W_OK|X_OK);
754     runAccessTest(target2, sharedPath, R_OK|X_OK);
755     runSystemAccessTest(geteuid(), getegid(), sharedPath, R_OK|W_OK|X_OK);
756
757     ownerInstall.uninstallApp();
758
759     runAccessTest(target2, sharedPath, 0);
760
761     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
762     Api::dropSharing(share2, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
763 }
Domain: Security / Uncategorized;