diff options
author | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2016-02-22 01:12:47 -0300 |
---|---|---|
committer | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2016-02-22 01:12:47 -0300 |
commit | 6d461a4fe7896faa1aec5a5417888cf179e46b9f (patch) | |
tree | 2e0f1a0b7a5418189c8d53592d33a44d0b356fc9 /tools/testing/selftests/kdbus/test-activator.c | |
parent | 5c545e1fb127a4b11ddc5f1a5ed066b853dd1a1a (diff) |
Linux-libre 4.4.2-gnupck-4.4.2-gnu
Diffstat (limited to 'tools/testing/selftests/kdbus/test-activator.c')
-rw-r--r-- | tools/testing/selftests/kdbus/test-activator.c | 321 |
1 files changed, 0 insertions, 321 deletions
diff --git a/tools/testing/selftests/kdbus/test-activator.c b/tools/testing/selftests/kdbus/test-activator.c deleted file mode 100644 index c576a30ad..000000000 --- a/tools/testing/selftests/kdbus/test-activator.c +++ /dev/null @@ -1,321 +0,0 @@ -#include <stdio.h> -#include <string.h> -#include <time.h> -#include <fcntl.h> -#include <stdlib.h> -#include <stdbool.h> -#include <stddef.h> -#include <unistd.h> -#include <stdint.h> -#include <errno.h> -#include <assert.h> -#include <poll.h> -#include <sys/capability.h> -#include <sys/types.h> -#include <sys/wait.h> - -#include "kdbus-test.h" -#include "kdbus-util.h" -#include "kdbus-enum.h" - -static int kdbus_starter_poll(struct kdbus_conn *conn) -{ - int ret; - struct pollfd fd; - - fd.fd = conn->fd; - fd.events = POLLIN | POLLPRI | POLLHUP; - fd.revents = 0; - - ret = poll(&fd, 1, 100); - if (ret == 0) - return -ETIMEDOUT; - else if (ret > 0) { - if (fd.revents & POLLIN) - return 0; - - if (fd.revents & (POLLHUP | POLLERR)) - ret = -ECONNRESET; - } - - return ret; -} - -/* Ensure that kdbus activator logic is safe */ -static int kdbus_priv_activator(struct kdbus_test_env *env) -{ - int ret; - struct kdbus_msg *msg = NULL; - uint64_t cookie = 0xdeadbeef; - uint64_t flags; - struct kdbus_conn *activator; - struct kdbus_conn *service; - struct kdbus_conn *client; - struct kdbus_conn *holder; - struct kdbus_policy_access *access; - - access = (struct kdbus_policy_access[]){ - { - .type = KDBUS_POLICY_ACCESS_USER, - .id = getuid(), - .access = KDBUS_POLICY_OWN, - }, - { - .type = KDBUS_POLICY_ACCESS_USER, - .id = getuid(), - .access = KDBUS_POLICY_TALK, - }, - }; - - activator = kdbus_hello_activator(env->buspath, "foo.priv.activator", - access, 2); - ASSERT_RETURN(activator); - - service = kdbus_hello(env->buspath, 0, NULL, 0); - ASSERT_RETURN(service); - - client = kdbus_hello(env->buspath, 0, NULL, 0); - ASSERT_RETURN(client); - - /* - * Make sure that other users can't TALK to the activator - */ - - ret = RUN_UNPRIVILEGED_CONN(unpriv, env->buspath, ({ - /* Try to talk using the ID */ - ret = kdbus_msg_send(unpriv, NULL, 0xdeadbeef, 0, 0, - 0, activator->id); - ASSERT_EXIT(ret == -ENXIO); - - /* Try to talk to the name */ - ret = kdbus_msg_send(unpriv, "foo.priv.activator", - 0xdeadbeef, 0, 0, 0, - KDBUS_DST_ID_NAME); - ASSERT_EXIT(ret == -EPERM); - })); - ASSERT_RETURN(ret >= 0); - - /* - * Make sure that we did not receive anything, so the - * service will not be started automatically - */ - - ret = kdbus_starter_poll(activator); - ASSERT_RETURN(ret == -ETIMEDOUT); - - /* - * Now try to emulate the starter/service logic and - * acquire the name. - */ - - cookie++; - ret = kdbus_msg_send(service, "foo.priv.activator", cookie, - 0, 0, 0, KDBUS_DST_ID_NAME); - ASSERT_RETURN(ret == 0); - - ret = kdbus_starter_poll(activator); - ASSERT_RETURN(ret == 0); - - /* Policies are still checked, access denied */ - - ret = RUN_UNPRIVILEGED_CONN(unpriv, env->buspath, ({ - flags = KDBUS_NAME_REPLACE_EXISTING; - ret = kdbus_name_acquire(unpriv, "foo.priv.activator", - &flags); - ASSERT_RETURN(ret == -EPERM); - })); - ASSERT_RETURN(ret >= 0); - - flags = KDBUS_NAME_REPLACE_EXISTING; - ret = kdbus_name_acquire(service, "foo.priv.activator", - &flags); - ASSERT_RETURN(ret == 0); - - /* We read our previous starter message */ - - ret = kdbus_msg_recv_poll(service, 100, NULL, NULL); - ASSERT_RETURN(ret == 0); - - /* Try to talk, we still fail */ - - cookie++; - ret = RUN_UNPRIVILEGED_CONN(unpriv, env->buspath, ({ - /* Try to talk to the name */ - ret = kdbus_msg_send(unpriv, "foo.priv.activator", - cookie, 0, 0, 0, - KDBUS_DST_ID_NAME); - ASSERT_EXIT(ret == -EPERM); - })); - ASSERT_RETURN(ret >= 0); - - /* Still nothing to read */ - - ret = kdbus_msg_recv_poll(service, 100, NULL, NULL); - ASSERT_RETURN(ret == -ETIMEDOUT); - - /* We receive every thing now */ - - cookie++; - ret = kdbus_msg_send(client, "foo.priv.activator", cookie, - 0, 0, 0, KDBUS_DST_ID_NAME); - ASSERT_RETURN(ret == 0); - ret = kdbus_msg_recv_poll(service, 100, &msg, NULL); - ASSERT_RETURN(ret == 0 && msg->cookie == cookie); - - kdbus_msg_free(msg); - - /* Policies default to deny TALK now */ - kdbus_conn_free(activator); - - cookie++; - ret = RUN_UNPRIVILEGED_CONN(unpriv, env->buspath, ({ - /* Try to talk to the name */ - ret = kdbus_msg_send(unpriv, "foo.priv.activator", - cookie, 0, 0, 0, - KDBUS_DST_ID_NAME); - ASSERT_EXIT(ret == -EPERM); - })); - ASSERT_RETURN(ret >= 0); - - ret = kdbus_msg_recv_poll(service, 100, NULL, NULL); - ASSERT_RETURN(ret == -ETIMEDOUT); - - /* Same user is able to TALK */ - cookie++; - ret = kdbus_msg_send(client, "foo.priv.activator", cookie, - 0, 0, 0, KDBUS_DST_ID_NAME); - ASSERT_RETURN(ret == 0); - ret = kdbus_msg_recv_poll(service, 100, &msg, NULL); - ASSERT_RETURN(ret == 0 && msg->cookie == cookie); - - kdbus_msg_free(msg); - - access = (struct kdbus_policy_access []){ - { - .type = KDBUS_POLICY_ACCESS_WORLD, - .id = getuid(), - .access = KDBUS_POLICY_TALK, - }, - }; - - holder = kdbus_hello_registrar(env->buspath, "foo.priv.activator", - access, 1, KDBUS_HELLO_POLICY_HOLDER); - ASSERT_RETURN(holder); - - /* Now we are able to TALK to the name */ - - cookie++; - ret = RUN_UNPRIVILEGED_CONN(unpriv, env->buspath, ({ - /* Try to talk to the name */ - ret = kdbus_msg_send(unpriv, "foo.priv.activator", - cookie, 0, 0, 0, - KDBUS_DST_ID_NAME); - ASSERT_EXIT(ret == 0); - })); - ASSERT_RETURN(ret >= 0); - - ret = kdbus_msg_recv_poll(service, 100, NULL, NULL); - ASSERT_RETURN(ret == 0); - - ret = RUN_UNPRIVILEGED_CONN(unpriv, env->buspath, ({ - flags = KDBUS_NAME_REPLACE_EXISTING; - ret = kdbus_name_acquire(unpriv, "foo.priv.activator", - &flags); - ASSERT_RETURN(ret == -EPERM); - })); - ASSERT_RETURN(ret >= 0); - - kdbus_conn_free(service); - kdbus_conn_free(client); - kdbus_conn_free(holder); - - return 0; -} - -int kdbus_test_activator(struct kdbus_test_env *env) -{ - int ret; - struct kdbus_conn *activator; - struct pollfd fds[2]; - bool activator_done = false; - struct kdbus_policy_access access[2]; - - access[0].type = KDBUS_POLICY_ACCESS_USER; - access[0].id = getuid(); - access[0].access = KDBUS_POLICY_OWN; - - access[1].type = KDBUS_POLICY_ACCESS_WORLD; - access[1].access = KDBUS_POLICY_TALK; - - activator = kdbus_hello_activator(env->buspath, "foo.test.activator", - access, 2); - ASSERT_RETURN(activator); - - ret = kdbus_add_match_empty(env->conn); - ASSERT_RETURN(ret == 0); - - ret = kdbus_list(env->conn, KDBUS_LIST_NAMES | - KDBUS_LIST_UNIQUE | - KDBUS_LIST_ACTIVATORS | - KDBUS_LIST_QUEUED); - ASSERT_RETURN(ret == 0); - - ret = kdbus_msg_send(env->conn, "foo.test.activator", 0xdeafbeef, - 0, 0, 0, KDBUS_DST_ID_NAME); - ASSERT_RETURN(ret == 0); - - fds[0].fd = activator->fd; - fds[1].fd = env->conn->fd; - - kdbus_printf("-- entering poll loop ...\n"); - - for (;;) { - int i, nfds = sizeof(fds) / sizeof(fds[0]); - - for (i = 0; i < nfds; i++) { - fds[i].events = POLLIN | POLLPRI; - fds[i].revents = 0; - } - - ret = poll(fds, nfds, 3000); - ASSERT_RETURN(ret >= 0); - - ret = kdbus_list(env->conn, KDBUS_LIST_NAMES); - ASSERT_RETURN(ret == 0); - - if ((fds[0].revents & POLLIN) && !activator_done) { - uint64_t flags = KDBUS_NAME_REPLACE_EXISTING; - - kdbus_printf("Starter was called back!\n"); - - ret = kdbus_name_acquire(env->conn, - "foo.test.activator", &flags); - ASSERT_RETURN(ret == 0); - - activator_done = true; - } - - if (fds[1].revents & POLLIN) { - kdbus_msg_recv(env->conn, NULL, NULL); - break; - } - } - - /* Check if all uids/gids are mapped */ - if (!all_uids_gids_are_mapped()) - return TEST_SKIP; - - /* Check now capabilities, so we run the previous tests */ - ret = test_is_capable(CAP_SETUID, CAP_SETGID, -1); - ASSERT_RETURN(ret >= 0); - - if (!ret) - return TEST_SKIP; - - ret = kdbus_priv_activator(env); - ASSERT_RETURN(ret == 0); - - kdbus_conn_free(activator); - - return TEST_OK; -} |