2 * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file test_cases.cpp
19 * @author Zofia Abramowska (z.abramowska@samsung.com)
20 * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
22 * @brief libprivilege-control tests commons
25 #ifndef LIBPRIVILEGE_CONTROL_TEST_COMMON_H_
26 #define LIBPRIVILEGE_CONTROL_TEST_COMMON_H_
33 #include <tests_common.h>
36 // How many open file descriptors should ftw() function use?
37 #define FTW_MAX_FDS 16
39 #define SOCK_PATH "/tmp/test-smack-socket"
41 #define TEST_APP_DIR "/etc/smack/test_privilege_control_DIR/app_dir"
42 #define TEST_NON_APP_DIR "/etc/smack/test_privilege_control_DIR/non_app_dir"
44 #define APP_ID "test_APP"
45 #define APPID_DIR "test_APP_ID_dir"
46 #define APPID_SHARED_DIR "test_APP_ID_shared_dir"
49 #define APP_1_DIR "/tmp/app_1"
52 #define APP_2_DIR "/tmp/app_2"
54 #define APP_TEST "app_test"
56 #define EFL_APP_ID "EFL_APP_ID"
58 #define APP_FRIEND_1 "app_friend_1"
59 #define APP_FRIEND_2 "app_friend_2"
61 #define LIBPRIVILEGE_APP_GROUP_LIST "/usr/share/privilege-control/app_group_list"
62 #define LIBPRIVILEGE_TEST_DAC_FILE "/usr/share/privilege-control/test_privilege_control_rules.dac"
63 #define LIBPRIVILEGE_TEST_DAC_FILE_WGT "/usr/share/privilege-control/WRT_test_privilege_control_rules_wgt.dac"
64 #define LIBPRIVILEGE_TEST_DAC_FILE_OSP "/usr/share/privilege-control/OSP_test_privilege_control_rules_osp.dac"
66 #define APP_TEST_APP_1 "test-application1"
67 #define APP_TEST_APP_2 "test-application_2"
68 #define APP_TEST_APP_3 "test-app-3"
69 #define APP_TEST_AV_1 "test-antivirus1"
70 #define APP_TEST_AV_2 "test-antivirus_2"
71 #define APP_TEST_AV_3 "test-av-3"
72 #define APP_TEST_APP_1_DIR "/tmp/test-application1/"
73 #define APP_TEST_APP_2_DIR "/tmp/test-application2/"
74 #define APP_TEST_APP_3_DIR "/tmp/test-application3/"
75 #define APP_TEST_APP_1_SHARED_LABEL "test-application1-shared"
76 #define APP_TEST_APP_2_SHARED_LABEL "test-application2-shared"
77 #define APP_TEST_APP_3_SHARED_LABEL "test-application3-shared"
79 #define WGT_PARTNER_APP_ID "7btsV1Y0sX"
80 #define WGT_PLATFORM_APP_ID "G4DE3U2vmW"
82 #define OSP_APP_ID "uqNfgEjqc7"
83 #define OSP_PARTNER_APP_ID "j4RuPsZrNt"
84 #define OSP_PLATFORM_APP_ID "V5LKqDFBXm"
86 #define WGT_APP_PATH "/opt/usr/apps/QwCqJ0ttyS/bin/QwCqJ0ttyS.TestMisiuPysiu123"
87 #define WGT_PARTNER_APP_PATH "/opt/usr/apps/7btsV1Y0sX/bin/7btsV1Y0sX.MisiuPysiu123Partner"
88 #define WGT_PLATFORM_APP_PATH "/opt/usr/apps/G4DE3U2vmW/bin/G4DE3U2vmW.MisiuPysiu123Platform"
90 #define OSP_APP_PATH "/opt/usr/apps/uqNfgEjqc7/bin/PysiuMisiu123Osp"
91 #define OSP_PARTNER_APP_PATH "/opt/usr/apps/j4RuPsZrNt/bin/PysiuMisiu123OspPartner"
92 #define OSP_PLATFORM_APP_PATH "/opt/usr/apps/V5LKqDFBXm/bin/PysiuMisiu123OspPlatform"
94 #define APP_SET_PRIV_PATH "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP"
96 #define APP_NPRUNTIME "app_np_test"
97 #define APP_NPRUNTIME_FILE "/etc/smack/test_privilege_control_DIR/app_dir/exec"
99 const std::string RDB_PATH("/opt/dbspace/.rules-db.db3");
100 const std::string RDB_PATH_BACKUP("/opt/dbspace/.rules-db.db3.backup");
102 //correct and incorrect PID used in incorrect params test
103 const pid_t PID_CORRECT = 0;
104 const pid_t PID_INCORRECT = -1;
106 extern const char *PRIVS[];
107 extern const char *PRIVS2[];
108 extern const char *PRIVS2_NO_R[];
109 extern const char *PRIVS2_R[];
110 extern const char *PRIVS2_R_AND_NO_R[];
112 extern const char *PRIVS_WGT[];
113 extern const char *PRIVS_OSP[];
114 extern const char *PRIVS_EFL[];
116 extern const char* PRIV_APPSETTING[];
117 extern const char* PRIVS_AV[];
119 typedef std::vector< std::vector<std::string> > rules_t;
121 struct free_deleter {
122 void operator()(void* p) {
126 typedef std::unique_ptr<char, free_deleter> CStringPtr;
128 template<typename T> struct list_deleter {
129 void operator()(void* p) {
132 for (int i = 0; list[i] != NULL; ++i) {
139 typedef std::unique_ptr<char*, list_deleter<char> > CStringListPtr;
143 bool backupfile(const std::string& src, const std::string& dst);
144 bool restorefile(const std::string& src, const std::string& dst);
153 Directory(std::string path, mode_t mode) : m_errorCode(0), m_path(path)
155 if (mkdir(path.c_str(), mode) != 0) {
160 Directory(const Directory& directory) = delete;
162 Directory(Directory&& directory)
163 : m_errorCode(std::move(directory.m_errorCode)), m_path(std::move(directory.m_path))
165 directory.m_path = "";
168 const Directory& operator=(const Directory& directory) = delete;
170 const Directory& operator=(Directory&& directory)
172 m_errorCode = directory.m_errorCode;
173 m_path = std::move(directory.m_path);
174 directory.m_path = "";
181 if (m_errorCode == 0 && !m_path.empty()) {
182 rmdir(m_path.c_str());
186 bool isCreated() const
188 return m_errorCode == 0;
191 int errorCode() const
196 const std::string& path() const
207 // Rules from test_privilege_control_rules.smack
208 const rules_t rules = {
209 { APP_ID, "test_book_1", "r" },
210 { APP_ID, "test_book_2", "w" },
211 { APP_ID, "test_book_3", "x" },
212 { APP_ID, "test_book_4", "rw" },
213 { APP_ID, "test_book_5", "rx" },
214 { APP_ID, "test_book_6", "wx" },
215 { APP_ID, "test_book_7", "rwx" },
216 { "test_subject_1", APP_ID, "r" },
217 { "test_subject_2", APP_ID, "w" },
218 { "test_subject_3", APP_ID, "x" },
219 { "test_subject_4", APP_ID, "rw" },
220 { "test_subject_5", APP_ID, "rx" },
221 { "test_subject_6", APP_ID, "wx" },
222 { "test_subject_7", APP_ID, "rwx" },
223 { APP_ID, APPID_SHARED_DIR, "rwxat"}
226 // Rules from WRT_test_privilege_control_rules2.smack
227 const rules_t rules2 = {
228 { WGT_APP_ID, "test_book_8", "r" },
229 { WGT_APP_ID, "test_book_9", "w" },
230 { WGT_APP_ID, "test_book_10", "x" },
231 { WGT_APP_ID, "test_book_11", "rw" },
232 { WGT_APP_ID, "test_book_12", "rx" },
233 { WGT_APP_ID, "test_book_13", "wx" },
234 { WGT_APP_ID, "test_book_14", "rwx" },
235 { WGT_APP_ID, "test_book_15", "rwxat" },
236 { "test_subject_8", WGT_APP_ID, "r" },
237 { "test_subject_9", WGT_APP_ID, "w" },
238 { "test_subject_10", WGT_APP_ID, "x" },
239 { "test_subject_11", WGT_APP_ID, "rw" },
240 { "test_subject_12", WGT_APP_ID, "rx" },
241 { "test_subject_13", WGT_APP_ID, "wx" },
242 { "test_subject_14", WGT_APP_ID, "rwx" },
243 { "test_subject_15", WGT_APP_ID, "rwxat" }
246 // Rules from WRT_test_privilege_control_rules_no_r.smack
247 const rules_t rules2_no_r = {
248 { WGT_APP_ID, "test_book_9", "w" },
249 { WGT_APP_ID, "test_book_10", "x" },
250 { WGT_APP_ID, "test_book_11", "w" },
251 { WGT_APP_ID, "test_book_12", "x" },
252 { WGT_APP_ID, "test_book_13", "x" },
253 { WGT_APP_ID, "test_book_14", "wx" },
254 { WGT_APP_ID, "test_book_15", "wxat" },
255 { "test_subject_9", WGT_APP_ID, "w" },
256 { "test_subject_10", WGT_APP_ID, "x" },
257 { "test_subject_11", WGT_APP_ID, "w" },
258 { "test_subject_12", WGT_APP_ID, "x" },
259 { "test_subject_13", WGT_APP_ID, "x" },
260 { "test_subject_14", WGT_APP_ID, "wx" },
261 { "test_subject_15", WGT_APP_ID, "wxat" }
264 // Rules from test_privilege_control_rules.smack
265 // minus WRT_test_privilege_control_rules_no_r.smack
266 const rules_t rules2_r = {
267 { WGT_APP_ID, "test_book_8", "r" },
268 { WGT_APP_ID, "test_book_11", "r" },
269 { WGT_APP_ID, "test_book_12", "r" },
270 { WGT_APP_ID, "test_book_14", "r" },
271 { WGT_APP_ID, "test_book_15", "r" },
272 { "test_subject_8", WGT_APP_ID, "r" },
273 { "test_subject_11", WGT_APP_ID, "r" },
274 { "test_subject_12", WGT_APP_ID, "r" },
275 { "test_subject_14", WGT_APP_ID, "r" },
276 { "test_subject_15", WGT_APP_ID, "r" }
279 // Rules from EFL_test_privilege_control_rules_osp.smack for osp_platform
280 const rules_t rules_efl = {
281 { APP_ID, "test_book_efl", "r" }
284 // Rules from WRT_test_privilege_control_rules_wgt.smack for wgt
285 const rules_t rules_wgt = {
286 { WGT_APP_ID, "test_book_8", "r" },
287 { WGT_APP_ID, "test_book_9", "w" },
288 { WGT_APP_ID, "test_book_10", "x" },
289 { WGT_APP_ID, "test_book_11", "rw" },
290 { WGT_APP_ID, "test_book_12", "rx" },
291 { WGT_APP_ID, "test_book_13", "wx" },
292 { WGT_APP_ID, "test_book_14", "rwx" },
293 { WGT_APP_ID, "test_book_15", "rwxat" },
294 { "test_subject_8", WGT_APP_ID, "r" },
295 { "test_subject_9", WGT_APP_ID, "w" },
296 { "test_subject_10", WGT_APP_ID, "x" },
297 { "test_subject_11", WGT_APP_ID, "rw" },
298 { "test_subject_12", WGT_APP_ID, "rx" },
299 { "test_subject_13", WGT_APP_ID, "wx" },
300 { "test_subject_14", WGT_APP_ID, "rwx" },
301 { "test_subject_15", WGT_APP_ID, "rwxat" }
304 // Rules from WRT_test_privilege_control_rules.smack for wgt
305 const rules_t rules_wgt2 = {
306 { WGT_APP_ID, "test_book_1", "r" },
307 { WGT_APP_ID, "test_book_2", "w" },
308 { WGT_APP_ID, "test_book_3", "x" },
309 { WGT_APP_ID, "test_book_4", "rw" },
310 { WGT_APP_ID, "test_book_5", "rx" },
311 { WGT_APP_ID, "test_book_6", "wx" },
312 { WGT_APP_ID, "test_book_7", "rwx" },
313 { "test_subject_1", WGT_APP_ID, "r" },
314 { "test_subject_2", WGT_APP_ID, "w" },
315 { "test_subject_3", WGT_APP_ID, "x" },
316 { "test_subject_4", WGT_APP_ID, "rw" },
317 { "test_subject_5", WGT_APP_ID, "rx" },
318 { "test_subject_6", WGT_APP_ID, "wx" },
319 { "test_subject_7", WGT_APP_ID, "rwx" }
322 // Rules from WRT_test_privilege_control_rules_wgt.smack for wgt_partner
323 const rules_t rules_wgt_partner = {
324 { WGT_PARTNER_APP_ID, "test_book_8", "r" },
325 { WGT_PARTNER_APP_ID, "test_book_9", "w" },
326 { WGT_PARTNER_APP_ID, "test_book_10", "x" },
327 { WGT_PARTNER_APP_ID, "test_book_11", "rw" },
328 { WGT_PARTNER_APP_ID, "test_book_12", "rx" },
329 { WGT_PARTNER_APP_ID, "test_book_13", "wx" },
330 { WGT_PARTNER_APP_ID, "test_book_14", "rwx" },
331 { WGT_PARTNER_APP_ID, "test_book_15", "rwxat" },
332 { "test_subject_8", WGT_PARTNER_APP_ID, "r" },
333 { "test_subject_9", WGT_PARTNER_APP_ID, "w" },
334 { "test_subject_10", WGT_PARTNER_APP_ID, "x" },
335 { "test_subject_11", WGT_PARTNER_APP_ID, "rw" },
336 { "test_subject_12", WGT_PARTNER_APP_ID, "rx" },
337 { "test_subject_13", WGT_PARTNER_APP_ID, "wx" },
338 { "test_subject_14", WGT_PARTNER_APP_ID, "rwx" },
339 { "test_subject_15", WGT_PARTNER_APP_ID, "rwxat" }
342 // Rules from WRT_test_privilege_control_rules_wgt.smack for wgt_platform
343 const rules_t rules_wgt_platform = {
344 { WGT_PLATFORM_APP_ID, "test_book_8", "r" },
345 { WGT_PLATFORM_APP_ID, "test_book_9", "w" },
346 { WGT_PLATFORM_APP_ID, "test_book_10", "x" },
347 { WGT_PLATFORM_APP_ID, "test_book_11", "rw" },
348 { WGT_PLATFORM_APP_ID, "test_book_12", "rx" },
349 { WGT_PLATFORM_APP_ID, "test_book_13", "wx" },
350 { WGT_PLATFORM_APP_ID, "test_book_14", "rwx" },
351 { WGT_PLATFORM_APP_ID, "test_book_15", "rwxat" },
352 { "test_subject_8", WGT_PLATFORM_APP_ID, "r" },
353 { "test_subject_9", WGT_PLATFORM_APP_ID, "w" },
354 { "test_subject_10", WGT_PLATFORM_APP_ID, "x" },
355 { "test_subject_11", WGT_PLATFORM_APP_ID, "rw" },
356 { "test_subject_12", WGT_PLATFORM_APP_ID, "rx" },
357 { "test_subject_13", WGT_PLATFORM_APP_ID, "wx" },
358 { "test_subject_14", WGT_PLATFORM_APP_ID, "rwx" },
359 { "test_subject_15", WGT_PLATFORM_APP_ID, "rwxat" }
362 // Rules from OSP_test_privilege_control_rules_osp.smack for osp
363 const rules_t rules_osp = {
364 { OSP_APP_ID, "test_book_8", "r" },
365 { OSP_APP_ID, "test_book_9", "w" },
366 { OSP_APP_ID, "test_book_10", "x" },
367 { OSP_APP_ID, "test_book_11", "rw" },
368 { OSP_APP_ID, "test_book_12", "rx" },
369 { OSP_APP_ID, "test_book_13", "wx" },
370 { OSP_APP_ID, "test_book_14", "rwx" },
371 { OSP_APP_ID, "test_book_15", "rwxat" },
372 { "test_subject_8", OSP_APP_ID, "r" },
373 { "test_subject_9", OSP_APP_ID, "w" },
374 { "test_subject_10", OSP_APP_ID, "x" },
375 { "test_subject_11", OSP_APP_ID, "rw" },
376 { "test_subject_12", OSP_APP_ID, "rx" },
377 { "test_subject_13", OSP_APP_ID, "wx" },
378 { "test_subject_14", OSP_APP_ID, "rwx" },
379 { "test_subject_15", OSP_APP_ID, "rwxat" }
382 // Rules from OSP_test_privilege_control_rules_osp.smack for osp_partner
383 const rules_t rules_osp_partner = {
384 { OSP_PARTNER_APP_ID, "test_book_8", "r" },
385 { OSP_PARTNER_APP_ID, "test_book_9", "w" },
386 { OSP_PARTNER_APP_ID, "test_book_10", "x" },
387 { OSP_PARTNER_APP_ID, "test_book_11", "rw" },
388 { OSP_PARTNER_APP_ID, "test_book_12", "rx" },
389 { OSP_PARTNER_APP_ID, "test_book_13", "wx" },
390 { OSP_PARTNER_APP_ID, "test_book_14", "rwx" },
391 { OSP_PARTNER_APP_ID, "test_book_15", "rwxat" },
392 { "test_subject_8", OSP_PARTNER_APP_ID, "r" },
393 { "test_subject_9", OSP_PARTNER_APP_ID, "w" },
394 { "test_subject_10", OSP_PARTNER_APP_ID, "x" },
395 { "test_subject_11", OSP_PARTNER_APP_ID, "rw" },
396 { "test_subject_12", OSP_PARTNER_APP_ID, "rx" },
397 { "test_subject_13", OSP_PARTNER_APP_ID, "wx" },
398 { "test_subject_14", OSP_PARTNER_APP_ID, "rwx" },
399 { "test_subject_15", OSP_PARTNER_APP_ID, "rwxat" }
402 // Rules from OSP_test_privilege_control_rules_osp.smack for osp_platform
403 const rules_t rules_osp_platform = {
404 { OSP_PLATFORM_APP_ID, "test_book_8", "r" },
405 { OSP_PLATFORM_APP_ID, "test_book_9", "w" },
406 { OSP_PLATFORM_APP_ID, "test_book_10", "x" },
407 { OSP_PLATFORM_APP_ID, "test_book_11", "rw" },
408 { OSP_PLATFORM_APP_ID, "test_book_12", "rx" },
409 { OSP_PLATFORM_APP_ID, "test_book_13", "wx" },
410 { OSP_PLATFORM_APP_ID, "test_book_14", "rwx" },
411 { OSP_PLATFORM_APP_ID, "test_book_15", "rwxat" },
412 { "test_subject_8", OSP_PLATFORM_APP_ID, "r" },
413 { "test_subject_9", OSP_PLATFORM_APP_ID, "w" },
414 { "test_subject_10", OSP_PLATFORM_APP_ID, "x" },
415 { "test_subject_11", OSP_PLATFORM_APP_ID, "rw" },
416 { "test_subject_12", OSP_PLATFORM_APP_ID, "rx" },
417 { "test_subject_13", OSP_PLATFORM_APP_ID, "wx" },
418 { "test_subject_14", OSP_PLATFORM_APP_ID, "rwx" },
419 { "test_subject_15", OSP_PLATFORM_APP_ID, "rwxat" }
422 int test_have_all_accesses(const rules_t &rules);
423 int test_have_any_accesses(const rules_t &rules);
424 int test_have_nosmack_accesses(const rules_t &rules);
426 void read_gids(std::set<unsigned> &set, const char *file_path);
427 void check_groups(const char *dac_file);
429 int file_exists(const char *path);
430 void check_app_installed(int line_no, const char *app_path);
432 int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/,
433 int /*typeflag*/, struct FTW* /*ftwbuf*/);
434 int nftw_check_labels_app_dir(const char *fpath, const struct stat *sb,
435 int /*typeflag*/, struct FTW* /*ftwbuf*/);
436 int nftw_set_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/,
437 int /*typeflag*/, struct FTW* /*ftwbuf*/);
438 int nftw_check_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/,
439 int /*typeflag*/, struct FTW* /*ftwbuf*/);
441 void checkOnlyAvAccess(const char *av_id, const char *app_id, const char *comment);
442 void checkOnlyAvAccessNosmack(const char *av_id, const char *app_id, const char *comment);
443 void check_app_has_permission(const char* app_id, const app_type_t app_type,
444 const char *perm_list[], const int expected_result);
446 void test_revoke_permissions(int line_no, const char* app_id, const rules_t &rules, bool smack);
447 void test_app_enable_permissions_efl(bool smack);
448 void test_app_disable_permissions_efl(bool smack);
449 void test_app_disable_permissions(bool smack);
450 void test_appsettings_privilege(bool smack);
452 #endif /* LIBPRIVILEGE_CONTROL_TEST_COMMON_H_ */
projects / platform / core / test / security-tests.git / blob