[apparmor] [PATCH v3 5/7] tests: Break up unix_socket getopt and setopt operations

Tue Sep 23 00:09:15 UTC 2014

The unix_socket operations for testing getopt and setopt permissions
were occurring back to back. This patch breaks them up into "pre-bind"
and "post-bind" operations. The setopt operation now occurs pre-bind
while the getopt operation happens post-bind. This allows for the test
policy to test setopt without an addr= conditional and to test getopt
with an addr= conditional.

Additionally, the wrapper functions that call setsockopt()/getsockopt()
are moved into a new file that both unix_socket.c and
unix_socket_client.c can reuse.

Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---

* New patch for v3

 tests/regression/apparmor/Makefile             | 11 ++++-
 tests/regression/apparmor/unix_socket.c        | 44 +++++--------------
 tests/regression/apparmor/unix_socket_client.c | 42 +++++-------------
 tests/regression/apparmor/unix_socket_common.c | 60 ++++++++++++++++++++++++++
 tests/regression/apparmor/unix_socket_common.h | 18 ++++++++
 5 files changed, 109 insertions(+), 66 deletions(-)
 create mode 100644 tests/regression/apparmor/unix_socket_common.c
 create mode 100644 tests/regression/apparmor/unix_socket_common.h

diff --git a/tests/regression/apparmor/Makefile b/tests/regression/apparmor/Makefile
index 8b8db0e..2ef8aca 100644
--- a/tests/regression/apparmor/Makefile
+++ b/tests/regression/apparmor/Makefile
@@ -227,6 +227,15 @@ dbus_service: dbus_message dbus_service.c dbus_common.o
 dbus_unrequested_reply: dbus_service dbus_unrequested_reply.c dbus_common.o
 	${CC} ${CFLAGS} ${LDFLAGS} $(filter-out dbus_service, $^) -o $@ ${LDLIBS} $(shell pkg-config --cflags --libs dbus-1)
 
+unix_socket_common.o: unix_socket_common.c unix_socket_common.h
+	${CC} ${CFLAGS} ${LDFLAGS} $< -c ${LDLIBS}
+
+unix_socket_client: unix_socket_client.c unix_socket_common.o
+	${CC} ${CFLAGS} ${LDFLAGS} $^ -o $@ ${LDLIBS}
+
+unix_socket: unix_socket.c unix_socket_common.o unix_socket_client
+	${CC} ${CFLAGS} ${LDFLAGS} $(filter-out unix_socket_client, $^) -o $@ ${LDLIBS}
+
 tests: all
 	@if [ `whoami` = "root" ] ;\
 	then \
@@ -266,6 +275,6 @@ alltests: all
 	fi
 
 clean:
-	rm -f $(EXEC) dbus_common.o uservars.inc
+	rm -f $(EXEC) dbus_common.o unix_socket_common.o uservars.inc
 
 regex.sh: open exec
diff --git a/tests/regression/apparmor/unix_socket.c b/tests/regression/apparmor/unix_socket.c
index 1b89c45..fe593d3 100644
--- a/tests/regression/apparmor/unix_socket.c
+++ b/tests/regression/apparmor/unix_socket.c
@@ -22,6 +22,8 @@
 #include <sys/un.h>
 #include <unistd.h>
 
+#include "unix_socket_common.h"
+
 #define MSG_BUF_MAX 1024
 
 static int connection_based_messaging(int sock, char *msg_buf,
@@ -80,36 +82,6 @@ static int connectionless_messaging(int sock, char *msg_buf, size_t msg_buf_len)
 	return 0;
 }
 
-static int get_set_sock_io_timeo(int sock)
-{
-	struct timeval tv;
-	socklen_t tv_len = sizeof(tv);
-	int rc;
-
-	rc = getsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, &tv_len);
-	if (rc == -1) {
-		perror("FAIL - getsockopt");
-		return 1;
-	}
-
-	tv.tv_sec = 1;
-	tv.tv_usec = 0;
-
-	rc = setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, tv_len);
-	if (rc == -1) {
-		perror("FAIL - setsockopt (SO_RCVTIMEO)");
-		return 1;
-	}
-
-	rc = setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &tv, tv_len);
-	if (rc == -1) {
-		perror("FAIL - setsockopt (SO_SNDTIMEO)");
-		return 1;
-	}
-
-	return 0;
-}
-
 int main (int argc, char *argv[])
 {
 	struct sockaddr_un addr;
@@ -175,6 +147,10 @@ int main (int argc, char *argv[])
 		exit(1);
 	}
 
+	rc = set_sock_io_timeo(sock);
+	if (rc)
+		exit(1);
+
 	rc = bind(sock, (struct sockaddr *)&addr,
 		  sun_path_len + sizeof(addr.sun_family));
 	if (rc < 0) {
@@ -190,6 +166,10 @@ int main (int argc, char *argv[])
 		}
 	}
 
+	rc = get_sock_io_timeo(sock);
+	if (rc)
+		exit(1);
+
 	pid = fork();
 	if (pid < 0) {
 		perror("FAIL - fork");
@@ -200,10 +180,6 @@ int main (int argc, char *argv[])
 		exit(1);
 	}
 
-	rc = get_set_sock_io_timeo(sock);
-	if (rc)
-		exit(1);
-
 	rc = (type & SOCK_STREAM || type & SOCK_SEQPACKET) ?
 		connection_based_messaging(sock, msg_buf, msg_buf_len) :
 		connectionless_messaging(sock, msg_buf, msg_buf_len);
diff --git a/tests/regression/apparmor/unix_socket_client.c b/tests/regression/apparmor/unix_socket_client.c
index 015c41d..b9da92b 100644
--- a/tests/regression/apparmor/unix_socket_client.c
+++ b/tests/regression/apparmor/unix_socket_client.c
@@ -22,6 +22,8 @@
 #include <sys/un.h>
 #include <unistd.h>
 
+#include "unix_socket_common.h"
+
 #define MSG_BUF_MAX	1024
 
 #define SUN_PATH_SUFFIX		".client"
@@ -33,6 +35,10 @@ static int connection_based_messaging(int sock, struct sockaddr_un *peer_addr,
 	char msg_buf[MSG_BUF_MAX];
 	int rc;
 
+	rc = get_sock_io_timeo(sock);
+	if (rc)
+		return 1;
+
 	rc = connect(sock, (struct sockaddr *)peer_addr, peer_addr_len);
 	if (rc < 0) {
 		perror("FAIL CLIENT - connect");
@@ -87,6 +93,10 @@ static int connectionless_messaging(int sock, struct sockaddr_un *peer_addr,
 		return 1;
 	}
 
+	rc = get_sock_io_timeo(sock);
+	if (rc)
+		return 1;
+
 	rc = sendto(sock, NULL, 0, 0, (struct sockaddr *)peer_addr, len);
 	if (rc < 0) {
 		perror("FAIL CLIENT - sendto");
@@ -109,36 +119,6 @@ static int connectionless_messaging(int sock, struct sockaddr_un *peer_addr,
 	return 0;
 }
 
-static int get_set_sock_io_timeo(int sock)
-{
-	struct timeval tv;
-	socklen_t tv_len = sizeof(tv);
-	int rc;
-
-	rc = getsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, &tv_len);
-	if (rc == -1) {
-		perror("FAIL - getsockopt");
-		return 1;
-	}
-
-	tv.tv_sec = 1;
-	tv.tv_usec = 0;
-
-	rc = setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, tv_len);
-	if (rc == -1) {
-		perror("FAIL - setsockopt (SO_RCVTIMEO)");
-		return 1;
-	}
-
-	rc = setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &tv, tv_len);
-	if (rc == -1) {
-		perror("FAIL - setsockopt (SO_SNDTIMEO)");
-		return 1;
-	}
-
-	return 0;
-}
-
 static int test_getattr(int sock)
 {
 	struct sockaddr_un addr;
@@ -208,7 +188,7 @@ int main(int argc, char *argv[])
 		exit(1);
 	}
 
-	rc = get_set_sock_io_timeo(sock);
+	rc = set_sock_io_timeo(sock);
 	if (rc)
 		exit(1);
 
diff --git a/tests/regression/apparmor/unix_socket_common.c b/tests/regression/apparmor/unix_socket_common.c
new file mode 100644
index 0000000..5ae2ec6
--- /dev/null
+++ b/tests/regression/apparmor/unix_socket_common.c
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2014 Canonical, Ltd.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of version 2 of the GNU General Public
+ * License published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, contact Canonical Ltd.
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+
+#include "unix_socket_common.h"
+
+int get_sock_io_timeo(int sock)
+{
+	struct timeval tv;
+	socklen_t tv_len = sizeof(tv);
+	int rc;
+
+	rc = getsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, &tv_len);
+	if (rc == -1) {
+		perror("FAIL - getsockopt");
+		return 1;
+	}
+
+	return 0;
+}
+
+int set_sock_io_timeo(int sock)
+{
+	struct timeval tv;
+	socklen_t tv_len = sizeof(tv);
+	int rc;
+
+	tv.tv_sec = 1;
+	tv.tv_usec = 0;
+
+	rc = setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, tv_len);
+	if (rc == -1) {
+		perror("FAIL - setsockopt (SO_RCVTIMEO)");
+		return 1;
+	}
+
+	rc = setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &tv, tv_len);
+	if (rc == -1) {
+		perror("FAIL - setsockopt (SO_SNDTIMEO)");
+		return 1;
+	}
+
+	return 0;
+}
diff --git a/tests/regression/apparmor/unix_socket_common.h b/tests/regression/apparmor/unix_socket_common.h
new file mode 100644
index 0000000..94349ed
--- /dev/null
+++ b/tests/regression/apparmor/unix_socket_common.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (C) 2014 Canonical, Ltd.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of version 2 of the GNU General Public
+ * License published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, contact Canonical Ltd.
+ */
+
+int get_sock_io_timeo(int sock);
+int set_sock_io_timeo(int sock);
-- 
2.1.0


