16cd6a6acSopenharmony_ci/* 26cd6a6acSopenharmony_ci * Author: Joshua Brindle <jbrindle@tresys.com> 36cd6a6acSopenharmony_ci * 46cd6a6acSopenharmony_ci * Copyright (C) 2006 Tresys Technology, LLC 56cd6a6acSopenharmony_ci * 66cd6a6acSopenharmony_ci * This library is free software; you can redistribute it and/or 76cd6a6acSopenharmony_ci * modify it under the terms of the GNU Lesser General Public 86cd6a6acSopenharmony_ci * License as published by the Free Software Foundation; either 96cd6a6acSopenharmony_ci * version 2.1 of the License, or (at your option) any later version. 106cd6a6acSopenharmony_ci * 116cd6a6acSopenharmony_ci * This library is distributed in the hope that it will be useful, 126cd6a6acSopenharmony_ci * but WITHOUT ANY WARRANTY; without even the implied warranty of 136cd6a6acSopenharmony_ci * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 146cd6a6acSopenharmony_ci * Lesser General Public License for more details. 156cd6a6acSopenharmony_ci * 166cd6a6acSopenharmony_ci * You should have received a copy of the GNU Lesser General Public 176cd6a6acSopenharmony_ci * License along with this library; if not, write to the Free Software 186cd6a6acSopenharmony_ci * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 196cd6a6acSopenharmony_ci */ 206cd6a6acSopenharmony_ci 216cd6a6acSopenharmony_ci#include "test-linker-roles.h" 226cd6a6acSopenharmony_ci#include "parse_util.h" 236cd6a6acSopenharmony_ci#include "helpers.h" 246cd6a6acSopenharmony_ci#include "test-common.h" 256cd6a6acSopenharmony_ci 266cd6a6acSopenharmony_ci#include <sepol/policydb/policydb.h> 276cd6a6acSopenharmony_ci#include <sepol/policydb/link.h> 286cd6a6acSopenharmony_ci 296cd6a6acSopenharmony_ci#include <CUnit/Basic.h> 306cd6a6acSopenharmony_ci#include <stdlib.h> 316cd6a6acSopenharmony_ci 326cd6a6acSopenharmony_ci/* Tests for roles: 336cd6a6acSopenharmony_ci * Test for each of these for 346cd6a6acSopenharmony_ci * - role in appropriate symtab (global and decl) 356cd6a6acSopenharmony_ci * - datum in the decl symtab has correct type_set 366cd6a6acSopenharmony_ci * - scope datum has correct decl ids 376cd6a6acSopenharmony_ci * - dominates bitmap is correct 386cd6a6acSopenharmony_ci * Tests: 396cd6a6acSopenharmony_ci * - role in base, no modules 406cd6a6acSopenharmony_ci * - role in base optional, no modules 416cd6a6acSopenharmony_ci * - role a in base, b in module 426cd6a6acSopenharmony_ci * - role a in base and module (additive) 436cd6a6acSopenharmony_ci * - role a in base and 2 module 446cd6a6acSopenharmony_ci * - role a in base optional, b in module 456cd6a6acSopenharmony_ci * - role a in base, b in module optional 466cd6a6acSopenharmony_ci * - role a in base optional, b in module optional 476cd6a6acSopenharmony_ci * - role a in base optional and module 486cd6a6acSopenharmony_ci * - role a in base and module optional 496cd6a6acSopenharmony_ci * - role a in base optional and module optional 506cd6a6acSopenharmony_ci * - role a in base optional and 2 modules 516cd6a6acSopenharmony_ci * - role a and b in base, b dom a, are types correct (TODO) 526cd6a6acSopenharmony_ci */ 536cd6a6acSopenharmony_ci 546cd6a6acSopenharmony_ci/* this simply tests whether the passed in role only has its own 556cd6a6acSopenharmony_ci * value in its dominates ebitmap */ 566cd6a6acSopenharmony_cistatic void only_dominates_self(policydb_t * p __attribute__ ((unused)), role_datum_t * role) 576cd6a6acSopenharmony_ci{ 586cd6a6acSopenharmony_ci ebitmap_node_t *tnode; 596cd6a6acSopenharmony_ci unsigned int i; 606cd6a6acSopenharmony_ci int found = 0; 616cd6a6acSopenharmony_ci 626cd6a6acSopenharmony_ci ebitmap_for_each_positive_bit(&role->dominates, tnode, i) { 636cd6a6acSopenharmony_ci found++; 646cd6a6acSopenharmony_ci CU_ASSERT(i == role->s.value - 1); 656cd6a6acSopenharmony_ci } 666cd6a6acSopenharmony_ci CU_ASSERT(found == 1); 676cd6a6acSopenharmony_ci} 686cd6a6acSopenharmony_ci 696cd6a6acSopenharmony_civoid base_role_tests(policydb_t * base) 706cd6a6acSopenharmony_ci{ 716cd6a6acSopenharmony_ci avrule_decl_t *decl; 726cd6a6acSopenharmony_ci role_datum_t *role; 736cd6a6acSopenharmony_ci unsigned int decls[2]; 746cd6a6acSopenharmony_ci const char *types[2]; 756cd6a6acSopenharmony_ci 766cd6a6acSopenharmony_ci /* These tests look at roles in the base only, the desire is to ensure that 776cd6a6acSopenharmony_ci * roles are not destroyed or otherwise removed during the link process */ 786cd6a6acSopenharmony_ci 796cd6a6acSopenharmony_ci /**** test for g_b_role_1 in base and decl 1 (global) ****/ 806cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_b"))->decl_id; 816cd6a6acSopenharmony_ci test_sym_presence(base, "g_b_role_1", SYM_ROLES, SCOPE_DECL, decls, 1); 826cd6a6acSopenharmony_ci /* make sure it has the correct type set (g_b_type_1, no negset, no flags) */ 836cd6a6acSopenharmony_ci types[0] = "g_b_type_1"; 846cd6a6acSopenharmony_ci role = test_role_type_set(base, "g_b_role_1", NULL, types, 1, 0); 856cd6a6acSopenharmony_ci /* This role should only dominate itself */ 866cd6a6acSopenharmony_ci only_dominates_self(base, role); 876cd6a6acSopenharmony_ci 886cd6a6acSopenharmony_ci /**** test for o1_b_role_1 in optional (decl 2) ****/ 896cd6a6acSopenharmony_ci decl = test_find_decl_by_sym(base, SYM_TYPES, "tag_o1_b"); 906cd6a6acSopenharmony_ci decls[0] = decl->decl_id; 916cd6a6acSopenharmony_ci test_sym_presence(base, "o1_b_role_1", SYM_ROLES, SCOPE_DECL, decls, 1); 926cd6a6acSopenharmony_ci /* make sure it has the correct type set (o1_b_type_1, no negset, no flags) */ 936cd6a6acSopenharmony_ci types[0] = "o1_b_type_1"; 946cd6a6acSopenharmony_ci role = test_role_type_set(base, "o1_b_role_1", decl, types, 1, 0); 956cd6a6acSopenharmony_ci /* and only dominates itself */ 966cd6a6acSopenharmony_ci only_dominates_self(base, role); 976cd6a6acSopenharmony_ci} 986cd6a6acSopenharmony_ci 996cd6a6acSopenharmony_civoid module_role_tests(policydb_t * base) 1006cd6a6acSopenharmony_ci{ 1016cd6a6acSopenharmony_ci role_datum_t *role; 1026cd6a6acSopenharmony_ci avrule_decl_t *decl; 1036cd6a6acSopenharmony_ci unsigned int decls[3]; 1046cd6a6acSopenharmony_ci const char *types[3]; 1056cd6a6acSopenharmony_ci 1066cd6a6acSopenharmony_ci /* These tests are run when the base is linked with 2 modules, 1076cd6a6acSopenharmony_ci * They should test whether the roles get copied correctly from the 1086cd6a6acSopenharmony_ci * modules into the base */ 1096cd6a6acSopenharmony_ci 1106cd6a6acSopenharmony_ci /**** test for role in module 1 (global) ****/ 1116cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m1"))->decl_id; 1126cd6a6acSopenharmony_ci test_sym_presence(base, "g_m1_role_1", SYM_ROLES, SCOPE_DECL, decls, 1); 1136cd6a6acSopenharmony_ci /* make sure it has the correct type set (g_m1_type_1, no negset, no flags) */ 1146cd6a6acSopenharmony_ci types[0] = "g_m1_type_1"; 1156cd6a6acSopenharmony_ci role = test_role_type_set(base, "g_m1_role_1", NULL, types, 1, 0); 1166cd6a6acSopenharmony_ci /* and only dominates itself */ 1176cd6a6acSopenharmony_ci only_dominates_self(base, role); 1186cd6a6acSopenharmony_ci 1196cd6a6acSopenharmony_ci /**** test for role in module 1 (optional) ****/ 1206cd6a6acSopenharmony_ci decl = test_find_decl_by_sym(base, SYM_TYPES, "tag_o1_m1"); 1216cd6a6acSopenharmony_ci decls[0] = decl->decl_id; 1226cd6a6acSopenharmony_ci test_sym_presence(base, "o1_m1_role_1", SYM_ROLES, SCOPE_DECL, decls, 1); 1236cd6a6acSopenharmony_ci /* make sure it has the correct type set (o1_m1_type_1, no negset, no flags) */ 1246cd6a6acSopenharmony_ci types[0] = "o1_m1_type_1"; 1256cd6a6acSopenharmony_ci role = test_role_type_set(base, "o1_m1_role_1", decl, types, 1, 0); 1266cd6a6acSopenharmony_ci /* and only dominates itself */ 1276cd6a6acSopenharmony_ci only_dominates_self(base, role); 1286cd6a6acSopenharmony_ci 1296cd6a6acSopenharmony_ci /* These test whether the type sets are copied to the right place and 1306cd6a6acSopenharmony_ci * correctly unioned when they should be */ 1316cd6a6acSopenharmony_ci 1326cd6a6acSopenharmony_ci /**** test for type added to base role in module 1 (global) ****/ 1336cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_b"))->decl_id; 1346cd6a6acSopenharmony_ci test_sym_presence(base, "g_b_role_2", SYM_ROLES, SCOPE_DECL, decls, 1); 1356cd6a6acSopenharmony_ci /* make sure it has the correct type set (g_m1_type_1, no negset, no flags) */ 1366cd6a6acSopenharmony_ci types[0] = "g_b_type_2"; /* added in base when declared */ 1376cd6a6acSopenharmony_ci types[1] = "g_m1_type_1"; /* added in module */ 1386cd6a6acSopenharmony_ci role = test_role_type_set(base, "g_b_role_2", NULL, types, 2, 0); 1396cd6a6acSopenharmony_ci /* and only dominates itself */ 1406cd6a6acSopenharmony_ci only_dominates_self(base, role); 1416cd6a6acSopenharmony_ci 1426cd6a6acSopenharmony_ci /**** test for type added to base role in module 1 & 2 (global) ****/ 1436cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_b"))->decl_id; 1446cd6a6acSopenharmony_ci decls[1] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m1"))->decl_id; 1456cd6a6acSopenharmony_ci decls[2] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m2"))->decl_id; 1466cd6a6acSopenharmony_ci test_sym_presence(base, "g_b_role_3", SYM_ROLES, SCOPE_DECL, decls, 3); 1476cd6a6acSopenharmony_ci /* make sure it has the correct type set (g_b_type_2, g_m1_type_2, g_m2_type_2, no negset, no flags) */ 1486cd6a6acSopenharmony_ci types[0] = "g_b_type_2"; /* added in base when declared */ 1496cd6a6acSopenharmony_ci types[1] = "g_m1_type_2"; /* added in module 1 */ 1506cd6a6acSopenharmony_ci types[2] = "g_m2_type_2"; /* added in module 2 */ 1516cd6a6acSopenharmony_ci role = test_role_type_set(base, "g_b_role_3", NULL, types, 3, 0); 1526cd6a6acSopenharmony_ci /* and only dominates itself */ 1536cd6a6acSopenharmony_ci only_dominates_self(base, role); 1546cd6a6acSopenharmony_ci 1556cd6a6acSopenharmony_ci /**** test for role in base optional and module 1 (additive) ****/ 1566cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_o1_b"))->decl_id; 1576cd6a6acSopenharmony_ci decls[1] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m1"))->decl_id; 1586cd6a6acSopenharmony_ci test_sym_presence(base, "o1_b_role_2", SYM_ROLES, SCOPE_DECL, decls, 2); 1596cd6a6acSopenharmony_ci /* this one will have 2 type sets, one in the global symtab and one in the base optional 1 */ 1606cd6a6acSopenharmony_ci types[0] = "g_m1_type_1"; 1616cd6a6acSopenharmony_ci role = test_role_type_set(base, "o1_b_role_2", NULL, types, 1, 0); 1626cd6a6acSopenharmony_ci types[0] = "o1_b_type_1"; 1636cd6a6acSopenharmony_ci role = test_role_type_set(base, "o1_b_role_2", test_find_decl_by_sym(base, SYM_TYPES, "tag_o1_b"), types, 1, 0); 1646cd6a6acSopenharmony_ci /* and only dominates itself */ 1656cd6a6acSopenharmony_ci only_dominates_self(base, role); 1666cd6a6acSopenharmony_ci 1676cd6a6acSopenharmony_ci /**** test for role in base and module 1 optional (additive) ****/ 1686cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_b"))->decl_id; 1696cd6a6acSopenharmony_ci decls[1] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_o2_m1"))->decl_id; 1706cd6a6acSopenharmony_ci test_sym_presence(base, "g_b_role_4", SYM_ROLES, SCOPE_DECL, decls, 2); 1716cd6a6acSopenharmony_ci /* this one will have 2 type sets, one in the global symtab and one in the base optional 1 */ 1726cd6a6acSopenharmony_ci types[0] = "g_b_type_2"; 1736cd6a6acSopenharmony_ci role = test_role_type_set(base, "g_b_role_4", NULL, types, 1, 0); 1746cd6a6acSopenharmony_ci types[0] = "g_m1_type_2"; 1756cd6a6acSopenharmony_ci role = test_role_type_set(base, "g_b_role_4", test_find_decl_by_sym(base, SYM_TYPES, "tag_o2_m1"), types, 1, 0); 1766cd6a6acSopenharmony_ci /* and only dominates itself */ 1776cd6a6acSopenharmony_ci only_dominates_self(base, role); 1786cd6a6acSopenharmony_ci 1796cd6a6acSopenharmony_ci /**** test for role in base and module 1 optional (additive) ****/ 1806cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_o3_b"))->decl_id; 1816cd6a6acSopenharmony_ci decls[1] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_o3_m1"))->decl_id; 1826cd6a6acSopenharmony_ci test_sym_presence(base, "o3_b_role_1", SYM_ROLES, SCOPE_DECL, decls, 2); 1836cd6a6acSopenharmony_ci /* this one will have 2 type sets, one in the 3rd base optional and one in the 3rd module optional */ 1846cd6a6acSopenharmony_ci types[0] = "o3_b_type_1"; 1856cd6a6acSopenharmony_ci role = test_role_type_set(base, "o3_b_role_1", test_find_decl_by_sym(base, SYM_TYPES, "tag_o3_b"), types, 1, 0); 1866cd6a6acSopenharmony_ci types[0] = "o3_m1_type_1"; 1876cd6a6acSopenharmony_ci role = test_role_type_set(base, "o3_b_role_1", test_find_decl_by_sym(base, SYM_TYPES, "tag_o3_m1"), types, 1, 0); 1886cd6a6acSopenharmony_ci /* and only dominates itself */ 1896cd6a6acSopenharmony_ci only_dominates_self(base, role); 1906cd6a6acSopenharmony_ci 1916cd6a6acSopenharmony_ci /**** test for role in base and module 1 optional (additive) ****/ 1926cd6a6acSopenharmony_ci decls[0] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_o4_b"))->decl_id; 1936cd6a6acSopenharmony_ci decls[1] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m1"))->decl_id; 1946cd6a6acSopenharmony_ci decls[2] = (test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m2"))->decl_id; 1956cd6a6acSopenharmony_ci test_sym_presence(base, "o4_b_role_1", SYM_ROLES, SCOPE_DECL, decls, 3); 1966cd6a6acSopenharmony_ci /* this one will have 2 type sets, one in the global symtab (with both module types) and one in the 4th optional of base */ 1976cd6a6acSopenharmony_ci types[0] = "g_m1_type_1"; 1986cd6a6acSopenharmony_ci role = test_role_type_set(base, "o4_b_role_1", test_find_decl_by_sym(base, SYM_TYPES, "tag_o4_b"), types, 1, 0); 1996cd6a6acSopenharmony_ci types[0] = "g_m2_type_1"; 2006cd6a6acSopenharmony_ci types[1] = "g_m1_type_2"; 2016cd6a6acSopenharmony_ci role = test_role_type_set(base, "o4_b_role_1", NULL, types, 2, 0); 2026cd6a6acSopenharmony_ci /* and only dominates itself */ 2036cd6a6acSopenharmony_ci only_dominates_self(base, role); 2046cd6a6acSopenharmony_ci} 205