check_exact_access("User", trusted_label, system_access);
check_exact_access(generateProcessLabel(provider.getAppId(), provider.getPkgId()),
trusted_label, trusted_access);
- check_exact_access(generatePathRWLabel(provider.getPkgId()), trusted_label, "");
// install trusted app
InstallRequest trustedApp;
// check rules
check_exact_access(generateProcessLabel(user.getAppId(), user.getPkgId()),
trusted_label, trusted_access);
- check_exact_access(generatePathRWLabel(user.getPkgId()), trusted_label, "");
// install untrusted app
InstallRequest untrustedApp;
// check rules
check_exact_access(generateProcessLabel(untrusted.getAppId(), untrusted.getPkgId()),
trusted_label, "");
- check_exact_access(generatePathRWLabel(untrusted.getPkgId()), trusted_label, "");
// uninstall trusting app
Api::uninstall(trustingApp);
check_exact_access("User", trusted_label, system_access);
check_exact_access(generateProcessLabel(provider.getAppId(), provider.getPkgId()),
trusted_label, "");
- check_exact_access(generatePathRWLabel(provider.getPkgId()), trusted_label, "");
check_exact_access(generateProcessLabel(user.getAppId(), user.getPkgId()),
trusted_label, trusted_access);
- check_exact_access(generatePathRWLabel(user.getPkgId()), trusted_label, "");
Api::uninstall(trustedApp);
check_exact_access("User", trusted_label, "");
check_exact_access(generateProcessLabel(user.getAppId(), user.getPkgId()),
trusted_label, "");
- check_exact_access(generatePathRWLabel(user.getPkgId()), trusted_label, "");
Api::uninstall(untrustedApp);
}
RUNNER_ASSERT(authorDb1 != authorDb2);
}
-
-RUNNER_TEST(security_manager_46_pkgId_deinstalation_test)
-{
- /* Description:
- * Lets assume that app1 and app2 are part of pkg1.
- * Deinstalation of app1 mustnot remove rules:
- * System PKG1Label rwxatl
- * User PKGLabel rwxatl
- */
-
+/* Description:
+ * Lets assume that app1 and app2 are part of pkg1.
+ * Deinstalation of app1 mustnot remove rules:
+ * System PKG1Label rwxatl
+ * User PKGLabel rwxatl
+ */
+void test_46_pkgId_deinstallation(bool isHybrid) {
std::vector<AppInstallHelper> helper {{"a46", "a46"}, {"b46", "a46"}};
auto &trusted1 = helper[0];
auto &trusted2 = helper[1];
trustingApp.setAppId(trusted1.getAppId());
trustingApp.setPkgId(trusted1.getPkgId());
trustingApp.setAuthorId(authorId1);
+ if (isHybrid)
+ trustingApp.setHybrid();
trustingApp.addPath(trusted1.getTrustedDir().c_str(), SECURITY_MANAGER_PATH_TRUSTED_RW);
Api::install(trustingApp);
trustingApp2.setAppId(trusted2.getAppId());
trustingApp2.setPkgId(trusted2.getPkgId());
trustingApp2.setAuthorId(authorId1);
+ if (isHybrid)
+ trustingApp2.setHybrid();
Api::install(trustingApp2);
- check_exact_access("System", generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId()),
- "rwxl");
- check_exact_access("User", generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId()),
- "rwxl");
+
check_exact_access("System", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
check_exact_access("User", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
- check_exact_access("System", generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId()),
- "rwxl");
- check_exact_access("User", generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId()),
- "rwxl");
+ if (isHybrid) {
+ // Nonhybrid apps have the same label for process and private files
+ check_exact_access("System",
+ generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId(), isHybrid),
+ "rwxl");
+ check_exact_access("User",
+ generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId(), isHybrid),
+ "rwxl");
+ check_exact_access("System",
+ generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId(), isHybrid),
+ "rwxl");
+ check_exact_access("User",
+ generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId(), isHybrid),
+ "rwxl");
+ }
Api::uninstall(trustingApp2);
- check_exact_access("System", generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId()),
- "rwxl");
- check_exact_access("User", generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId()),
- "rwxl");
check_exact_access("System", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
check_exact_access("User", generatePathRWLabel(trusted1.getPkgId()), "rwxatl");
- check_exact_access("System", generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId()), "");
- check_exact_access("User", generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId()), "");
+
+ if (isHybrid) {
+ // Nonhybrid apps from the same package share process label
+ check_exact_access("System",
+ generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId(), isHybrid),
+ "rwxl");
+ check_exact_access("User",
+ generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId(), isHybrid),
+ "rwxl");
+ check_exact_access("System",
+ generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId(), isHybrid),
+ "");
+ check_exact_access("User",
+ generateProcessLabel(trusted2.getAppId(), trusted2.getPkgId(), isHybrid),
+ "");
+ }
Api::uninstall(trustingApp);
- check_exact_access("System", generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId()), "");
- check_exact_access("User", generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId()), "");
+ check_exact_access("System",
+ generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId(), isHybrid),
+ "");
+ check_exact_access("User",
+ generateProcessLabel(trusted1.getAppId(), trusted1.getPkgId(), isHybrid),
+ "");
check_exact_access("System", generatePathRWLabel(trusted1.getPkgId()), "");
check_exact_access("User", generatePathRWLabel(trusted1.getPkgId()), "");
}
+
+RUNNER_TEST(security_manager_46_pkgId_deinstalation_test_hybrid)
+{
+ test_46_pkgId_deinstallation(true);
+}
+
+RUNNER_TEST(security_manager_46_pkgId_deinstalation_test_nonhybrid)
+{
+ test_46_pkgId_deinstallation(false);
+}
projects / platform / core / test / security-tests.git / commitdiff