From: Piotr Sawicki Date: Tue, 21 Feb 2017 14:48:04 +0000 (+0100) Subject: Add a new program for testing Nether service X-Git-Url: http://review.tizen.org/git/?p=platform%2Fcore%2Ftest%2Fsecurity-tests.git;a=commitdiff_plain;h=c0e735919e833efe6a7ee40774ac68238fa3b857 Add a new program for testing Nether service Change-Id: I6345f153b873b33e5a3d4e872fea6bd40d180020 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index a89c09c..2687162 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2012-2015 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2012-2017 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,6 +15,7 @@ # @file CMakeLists.txt # @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) # @author Pawel Polawski (p.polawski@partner.samsung.com) +# @author Piotr Sawicki (p.sawicki2@partner.samsung.com) # @brief # @@ -64,6 +65,7 @@ IF(BUILD_ALL_TESTS) SET(BUILD_CYNARA ON) SET(BUILD_WEB ON) SET(BUILD_YACA ON) + SET(BUILD_NETHER ON) ENDIF(BUILD_ALL_TESTS) # If supported for the target machine, emit position-independent code,suitable diff --git a/packaging/security-tests.manifest b/packaging/security-tests.manifest index a65ddaa..3dfa317 100644 --- a/packaging/security-tests.manifest +++ b/packaging/security-tests.manifest @@ -11,6 +11,7 @@ + diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec index f981779..1badd49 100644 --- a/packaging/security-tests.spec +++ b/packaging/security-tests.spec @@ -32,6 +32,7 @@ BuildRequires: pkgconfig(security-privilege-manager) Requires: perf Requires: gdb Requires: diffutils +Requires: iproute2 %global ckm_test_dir %{?TZ_SYS_SHARE:%TZ_SYS_SHARE/ckm-test/}%{!?TZ_SYS_SHARE:/usr/share/ckm-test/} %global ckm_rw_data_dir %{?TZ_SYS_DATA:%TZ_SYS_DATA/ckm/}%{!?TZ_SYS_DATA:/opt/data/ckm/} @@ -81,6 +82,8 @@ echo "security-tests postinst done ..." /usr/bin/security-tests.sh /usr/bin/security-tests-all.sh /usr/bin/test-performance-check.sh +/usr/bin/setup-nether-tests-nns.sh +/usr/bin/teardown-nether-tests-nns.sh /etc/dbus-1/system.d/security-tests.conf @@ -97,6 +100,7 @@ echo "security-tests postinst done ..." /usr/bin/ckm-tests /usr/bin/ckm-integration-tests /usr/bin/yaca-test +/usr/bin/nether-tests %{ckm_test_dir}/* /etc/security-tests /usr/lib/security-tests/cynara-tests/plugins/single-policy/* diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 471c28e..fe041a6 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2011-2015 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2011-2017 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -110,3 +110,7 @@ ENDIF(BUILD_WEB) IF(BUILD_YACA) ADD_SUBDIRECTORY(yaca) ENDIF(BUILD_YACA) + +IF(BUILD_NETHER) + ADD_SUBDIRECTORY(nether-tests) +ENDIF(BUILD_NETHER) diff --git a/src/nether-tests/CMakeLists.txt b/src/nether-tests/CMakeLists.txt new file mode 100644 index 0000000..8069f12 --- /dev/null +++ b/src/nether-tests/CMakeLists.txt @@ -0,0 +1,73 @@ +# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Piotr Sawicki (p.sawicki2@partner.samsung.com) +# @brief CMake configuration file +# + +INCLUDE(FindPkgConfig) + +# Dependencies +PKG_CHECK_MODULES(SEC_MGR_TESTS_DEP + REQUIRED + security-manager +) + +SET(TARGET_NETHER_TESTS "nether-tests") + +SET(NETHER_TESTS_SOURCES + ${PROJECT_SOURCE_DIR}/src/nether-tests/nether_tests.cpp + ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_api.cpp + ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_request.cpp + ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_user_request.cpp + ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_policy_request.cpp + ) + +INCLUDE_DIRECTORIES(SYSTEM + ${SEC_MGR_TESTS_DEP_INCLUDE_DIRS} + ) + +INCLUDE_DIRECTORIES(SYSTEM + ${CYNARA_TARGET_DEP_INCLUDE_DIRS} + ) + +INCLUDE_DIRECTORIES( + ${PROJECT_SOURCE_DIR}/src/common/ + ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/ + ) + +FIND_PACKAGE(Threads) + +ADD_EXECUTABLE(${TARGET_NETHER_TESTS} ${NETHER_TESTS_SOURCES}) + +TARGET_LINK_LIBRARIES(${TARGET_NETHER_TESTS} + ${SEC_MGR_TESTS_DEP_LIBRARIES} + dpl-test-framework + ) + +INSTALL(TARGETS ${TARGET_NETHER_TESTS} DESTINATION /usr/bin) + +INSTALL(FILES + ${PROJECT_SOURCE_DIR}/src/nether-tests/setup-nether-tests-nns.sh + ${PROJECT_SOURCE_DIR}/src/nether-tests/teardown-nether-tests-nns.sh + DESTINATION bin + PERMISSIONS OWNER_READ + OWNER_WRITE + OWNER_EXECUTE + GROUP_READ + GROUP_EXECUTE + WORLD_READ + WORLD_EXECUTE + ) diff --git a/src/nether-tests/nether_tests.cpp b/src/nether-tests/nether_tests.cpp new file mode 100644 index 0000000..799f246 --- /dev/null +++ b/src/nether-tests/nether_tests.cpp @@ -0,0 +1,99 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * @file nether_tests.cpp + * @author Piotr Sawicki (p.sawicki2@partner.samsung.com) + * @version 1.0 + * @brief Tests for Nether service + */ + +#include + +#include + +#include +#include +#include +#include +#include + +#define NETHER_NNS_NAME "nether_test_network_ns" + +using namespace SecurityManagerTest; + +namespace { + +const std::string NETHER_NNS_SETUP_COMMAND = "/usr/bin/setup-nether-tests-nns.sh" + " " NETHER_NNS_NAME; +const std::string NETHER_NNS_TEARDOWN_COMMAND = "/usr/bin/teardown-nether-tests-nns.sh" + " " NETHER_NNS_NAME; + +const std::string INTERNET_ACCESS_PRIVILEGE = "http://tizen.org/privilege/internet"; + +class ScopedSystemRunner final { +public: + ScopedSystemRunner(const std::string &setupCmd, const std::string &teardownCmd) + : m_teardownCmd(teardownCmd) + { + RUNNER_ASSERT_MSG(system(setupCmd.c_str()) != -1, + "Couldn't run " << setupCmd << " command"); + } + + ~ScopedSystemRunner() + { + RUNNER_ASSERT_MSG(system(m_teardownCmd.c_str()) != -1, + "Couldn't run " << m_teardownCmd << " command"); + } + + ScopedSystemRunner(const ScopedSystemRunner &) = delete; + ScopedSystemRunner &operator=(const ScopedSystemRunner &) = delete; + +private: + std::string m_teardownCmd; +}; + +} // namespace + +RUNNER_TEST_GROUP_INIT(NETHER) + +RUNNER_CHILD_TEST(nether_01_check_app_install_uninstall) +{ + const std::string nether_app_id = "nether_test_01_app"; + const std::string nether_pkg_id = "nether_test_01_pkg"; + + ScopedSystemRunner networkNSRunner(NETHER_NNS_SETUP_COMMAND, + NETHER_NNS_TEARDOWN_COMMAND); + + InstallRequest requestInst; + requestInst.setAppId(nether_app_id); + requestInst.setPkgId(nether_pkg_id); + requestInst.addPrivilege(INTERNET_ACCESS_PRIVILEGE); + + Api::install(requestInst); + + // TODO test code goes here + + InstallRequest requestUninst; + requestUninst.setAppId(nether_app_id); + + Api::uninstall(requestUninst); +} + +int main(int argc, char *argv[]) +{ + return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv); +} diff --git a/src/nether-tests/setup-nether-tests-nns.sh b/src/nether-tests/setup-nether-tests-nns.sh new file mode 100644 index 0000000..6da2fb9 --- /dev/null +++ b/src/nether-tests/setup-nether-tests-nns.sh @@ -0,0 +1,34 @@ +#!/bin/sh + +##################################################################### +# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##################################################################### + +if [[ $# -eq 0 ]] ; then + scrname=`basename "$0"` + echo "Usage: $scrname " + exit 0 +fi + +ip netns add $1 +ip link add veth0 type veth peer name veth1 +ip link set veth1 netns $1 +ip netns exec $1 ifconfig lo 127.0.0.1 +ip netns exec $1 ifconfig veth1 10.1.0.2 netmask 255.255.255.252 + +ifconfig veth0 10.1.0.1 netmask 255.255.255.252 + +# force ARP response +ping -c 1 10.1.0.2 > /dev/null diff --git a/src/nether-tests/teardown-nether-tests-nns.sh b/src/nether-tests/teardown-nether-tests-nns.sh new file mode 100644 index 0000000..455db1a --- /dev/null +++ b/src/nether-tests/teardown-nether-tests-nns.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +##################################################################### +# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##################################################################### + +if [[ $# -eq 0 ]] ; then + scrname=`basename "$0"` + echo "Usage: $scrname " + exit 0 +fi + +ifconfig veth0 down +ip netns exec $1 ifconfig veth1 down +ip netns exec $1 ifconfig lo down + +ip link delete veth0 +ip netns delete $1 diff --git a/src/security-tests-all.sh b/src/security-tests-all.sh index 9ab5b5c..a4fc738 100644 --- a/src/security-tests-all.sh +++ b/src/security-tests-all.sh @@ -57,6 +57,7 @@ runTest security-manager runTest cynara runTest ckm runTest yaca +runTest nether printSummary diff --git a/src/security-tests.sh b/src/security-tests.sh index 3956258..b86c61e 100644 --- a/src/security-tests.sh +++ b/src/security-tests.sh @@ -1,7 +1,7 @@ #!/bin/sh ##################################################################### -# Copyright (c) 2012-2014 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2012-2017 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -52,11 +52,17 @@ case $1 in echo yaca-test "${@:2}" ;; +"nether") + echo "=========================================================================" + echo "NETHER TESTS" + echo + nether-tests "${@:2}" + ;; *) echo "Correct using:" echo " security_test.sh " echo - echo "modules: smack, security-manager, cynara, ckm, yaca" + echo "modules: smack, security-manager, cynara, ckm, yaca, nether" ;; esac