projects / platform / core / test / security-tests.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2f9aa4f)
security-manager-tests: generate proper app label 59/36059/3
authorRafal Krypa <r.krypa@samsung.com>
Mon, 2 Mar 2015 12:09:54 +0000 (13:09 +0100)
committerRafal Krypa <r.krypa@samsung.com>
Mon, 2 Mar 2015 14:49:11 +0000 (15:49 +0100)
No longer hardcode application label to "User". Security-manager is switching
to final labeling schema: "User::App::$appId".
Adapting the tests accordingly.

Change-Id: I839027f9bb2b350ec057c08e9382516e194c1a5e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
tests/security-manager-tests/security_manager_tests.cpp patch | blob | history

diff --git a/tests/security-manager-tests/security_manager_tests.cpp b/tests/security-manager-tests/security_manager_tests.cpp
index 9849296..7a23d2c 100644 (file)
--- a/tests/security-manager-tests/security_manager_tests.cpp
+++ b/tests/security-manager-tests/security_manager_tests.cpp
@@ -117,10 +117,9 @@ static const std::vector<privileges_t> MANY_APPS_PRIVILEGES = {
     }
 };
 
-static void generateAppLabel(const std::string &appId, std::string &label)
+static std::string generateAppLabel(const std::string &appId)
 {
-    (void) appId;
-    label = "User";
+    return "User::App::" + appId;
 }
 
 static int nftw_check_sm_labels_app_dir(const char *fpath, const struct stat *sb,
@@ -169,18 +168,16 @@ static int nftw_check_sm_labels_app_dir(const char *fpath, const struct stat *sb
     return 0;
 }
 
+// nftw doesn't allow passing user data to functions. Work around by using global variable
+static std::string nftw_expected_label;
+bool nftw_expected_transmute;
+bool nftw_expected_exec;
 
-static int nftw_check_sm_labels_app_rw_dir(const char *fpath, const struct stat *sb,
+static int nftw_check_sm_labels(const char *fpath, const struct stat *sb,
                                int /*typeflag*/, struct FTW* /*ftwbuf*/)
 {
-    return nftw_check_sm_labels_app_dir(fpath, sb, USER_APP_ID, false, true);
-}
-
-static int nftw_check_sm_labels_app_ro_dir(const char *fpath, const struct stat *sb,
-                               int /*typeflag*/, struct FTW* /*ftwbuf*/)
-{
-
-    return nftw_check_sm_labels_app_dir(fpath, sb, "User::Home", true, false);
+    return nftw_check_sm_labels_app_dir(fpath, sb,
+        nftw_expected_label.c_str(), nftw_expected_transmute, nftw_expected_exec);
 }
 
 static void prepare_app_path()
@@ -202,15 +199,22 @@ static void prepare_app_env()
     prepare_app_path();
 }
 
-/* TODO: add parameters to this function */
-static void check_app_path_after_install()
+static void check_app_path_after_install(const char *appId)
 {
     int result;
 
-    result = nftw(SM_RW_PATH, &nftw_check_sm_labels_app_rw_dir, FTW_MAX_FDS, FTW_PHYS);
+    nftw_expected_label = generateAppLabel(appId);
+    nftw_expected_transmute = false;
+    nftw_expected_exec = true;
+
+    result = nftw(SM_RW_PATH, &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS);
     RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_RW_PATH);
 
-    result = nftw(SM_RO_PATH, &nftw_check_sm_labels_app_ro_dir, FTW_MAX_FDS, FTW_PHYS);
+    nftw_expected_label = "User::Home";
+    nftw_expected_transmute = true;
+    nftw_expected_exec = false;
+
+    result = nftw(SM_RO_PATH, &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS);
     RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_RO_PATH);
 
     result = nftw(SM_DENIED_PATH, &nftw_check_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
@@ -222,8 +226,7 @@ static void check_app_permissions(const char *const app_id, const char *const pk
                                   const privileges_t &allowed_privs, const privileges_t &denied_privs)
 {
     (void) pkg_id;
-    std::string smackLabel;
-    generateAppLabel(app_id, smackLabel);
+    std::string smackLabel = generateAppLabel(app_id);
 
     CynaraTestClient::Client ctc;
 
@@ -484,7 +487,7 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full)
                             SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES, SM_ALLOWED_GROUPS);
 
     /* TODO: add parameters to this function */
-    check_app_path_after_install();
+    check_app_path_after_install(sm_app_id);
 
     InstallRequest requestUninst;
     requestUninst.setAppId(sm_app_id);
@@ -501,8 +504,8 @@ RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid)
 {
     const char *const app_id = "sm_test_03_app_id_set_label_from_appid_smack";
     const char *const pkg_id = "sm_test_03_pkg_id_set_label_from_appid_smack";
-    const char *const expected_label = USER_APP_ID;
     const char *const socketLabel = "not_expected_label";
+    std::string expected_label = generateAppLabel(app_id);
     char *label = nullptr;
     CStringPtr labelPtr;
     int result;
@@ -535,13 +538,13 @@ RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid)
     ssize_t size;
     size = fgetxattr(sock, XATTR_NAME_SMACKIPIN, value, sizeof(value));
     RUNNER_ASSERT_ERRNO_MSG(size != -1, "fgetxattr failed: " << value);
-    result = strcmp(expected_label, value);
+    result = expected_label.compare(value);
     RUNNER_ASSERT_MSG(result == 0, "Socket label is incorrect. Expected: " <<
         expected_label << " Actual: " << value);
 
     size = fgetxattr(sock, XATTR_NAME_SMACKIPOUT, value, sizeof(value));
     RUNNER_ASSERT_ERRNO_MSG(size != -1, "fgetxattr failed: " << value);
-    result = strcmp(expected_label, value);
+    result = expected_label.compare(value);
     RUNNER_ASSERT_MSG(result == 0, "Socket label is incorrect. Expected: " <<
         expected_label << " Actual: " << value);
 
@@ -552,7 +555,7 @@ RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid)
             " Process label is not set");
     labelPtr.reset(label);
 
-    result = strcmp(expected_label, label);
+    result = expected_label.compare(label);
     RUNNER_ASSERT_MSG(result == 0,
             " Process label is incorrect. Expected: \"" << expected_label <<
             "\" Actual: \"" << label << "\"");
@@ -1584,9 +1587,6 @@ RUNNER_MULTIPROCESS_TEST(security_manager_15_privacy_manager_send_policy_update_
     PolicyRequest addPolicyRequest;
     CynaraTestAdmin::Admin admin;
 
-    std::string smackLabel;
-    generateAppLabel(update_app_id, smackLabel);
-
     struct message {
         uid_t uid;
         gid_t gid;
@@ -1620,7 +1620,7 @@ RUNNER_MULTIPROCESS_TEST(security_manager_15_privacy_manager_send_policy_update_
         //wait for child
         RUNNER_ASSERT_MSG(wait(&result) == pid, "wait failed");
 
-        admin.adminCheck(check_start_bucket, false, smackLabel.c_str(),
+        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
     }
     if(pid == 0)
@@ -1654,9 +1654,6 @@ RUNNER_MULTIPROCESS_TEST(security_manager_15_privacy_manager_send_policy_update_
     PolicyRequest addPolicyRequest;
     CynaraTestAdmin::Admin admin;
 
-    std::string smackLabel;
-    generateAppLabel(update_other_app_id, smackLabel);
-
     struct message {
         uid_t uid;
         gid_t gid;
@@ -1690,7 +1687,7 @@ RUNNER_MULTIPROCESS_TEST(security_manager_15_privacy_manager_send_policy_update_
         //wait for child
         RUNNER_ASSERT_MSG(wait(&result) == pid, "wait failed");
 
-        admin.adminCheck(check_start_bucket, false, smackLabel.c_str(),
+        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_other_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
     }
     if(pid == 0)
@@ -1725,9 +1722,6 @@ RUNNER_MULTIPROCESS_TEST(security_manager_15_privacy_manager_send_policy_update_
     PolicyRequest addPolicyRequest;
     CynaraTestAdmin::Admin admin;
 
-    std::string smackLabel;
-    generateAppLabel(update_app_id, smackLabel);
-
     struct message {
         uid_t uid;
         gid_t gid;
@@ -1761,7 +1755,7 @@ RUNNER_MULTIPROCESS_TEST(security_manager_15_privacy_manager_send_policy_update_
         //wait for child
         RUNNER_ASSERT_MSG(wait(&result) == pid, "wait failed");
 
-        admin.adminCheck(check_start_bucket, false, smackLabel.c_str(),
+        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
     }
     if(pid == 0)
@@ -1870,9 +1864,6 @@ RUNNER_MULTIPROCESS_TEST(security_manager_17_privacy_manager_delete_policy_for_s
     PolicyRequest addPolicyRequest;
     CynaraTestAdmin::Admin admin;
 
-    std::string smackLabel;
-    generateAppLabel(update_app_id, smackLabel);
-
     struct message {
         uid_t uid;
         gid_t gid;
@@ -1908,7 +1899,7 @@ RUNNER_MULTIPROCESS_TEST(security_manager_17_privacy_manager_delete_policy_for_s
         //wait for child
         RUNNER_ASSERT_MSG(wait(&result) == pid, "wait failed");
 
-        admin.adminCheck(check_start_bucket, false, smackLabel.c_str(),
+        admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
                 std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
 
         pid = fork();
@@ -1930,7 +1921,7 @@ RUNNER_MULTIPROCESS_TEST(security_manager_17_privacy_manager_delete_policy_for_s
             //wait for child
             waitpid(-1, &result, 0);
 
-            admin.adminCheck(check_start_bucket, false, smackLabel.c_str(),
+            admin.adminCheck(check_start_bucket, false, generateAppLabel(update_app_id).c_str(),
                     std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_DENY, nullptr);
         }
         if(pid == 0)
Domain: Security / Uncategorized;