[apparmor] [PATCH 6/6] libapparmor: Add unit tests for aa_splitcon()

Tyler Hicks tyhicks at canonical.com
Thu May 14 05:49:54 UTC 2015 

On 2015-05-12 20:31:32, Seth Arnold wrote:
> On Mon, Apr 13, 2015 at 04:56:32PM -0500, Tyler Hicks wrote:
> > Test confinement context splitting, using aa_splitcon(3), with and
> > without a valid mode pointer.
> > 
> > Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
> 
> Acked-by: Seth Arnold <seth.arnold at canonical.com<
> 
> I've got a question about one specific aspect of the API: 
> 
> > +	TEST_SPLITCON("/a/b/c (complain)\n", NULL, NULL,
> > +		      "path split w/ invalid trailing newline");
> > +
> > +	TEST_SPLITCON("unconfined\n", NULL, NULL,
> > +		      "unconfined w/ invalid trailing newline");
> 
> Is it a good idea to forbid the trailing newline? /proc/*/attr/current
> includes the newline and forcing application programmers to deal with it
> before handing the string to aa_splitcon() feels like a needless
> annoyance.

I originally had these patches stripping off any trailing newline
characters. At some point wile finalizing the patches, I removed that
functionality from aa_splitcon() and can no longer remember why. :/

/proc/*/attr/current is the only interface that I'm aware of which tacks
on a newline to the AA context.

I'm open to adding back in the functionality to strip a trailing newline
but would like to get other opinions.

Tyler

> I also think it'd be worth representing some KOI8, Big5, and similar
> encodings, but properly testing those has been on my todo list for a
> decade now, so no particular rush here either.
> 
> Thanks
> 
> > ---
> >  libraries/libapparmor/src/Makefile.am  |   6 +-
> >  libraries/libapparmor/src/tst_kernel.c | 133 +++++++++++++++++++++++++++++++++
> >  2 files changed, 138 insertions(+), 1 deletion(-)
> >  create mode 100644 libraries/libapparmor/src/tst_kernel.c
> > 
> > diff --git a/libraries/libapparmor/src/Makefile.am b/libraries/libapparmor/src/Makefile.am
> > index 505d1f7..deca53e 100644
> > --- a/libraries/libapparmor/src/Makefile.am
> > +++ b/libraries/libapparmor/src/Makefile.am
> > @@ -67,7 +67,11 @@ tst_aalogmisc_LDADD = .libs/libapparmor.a
> >  tst_features_SOURCES = tst_features.c
> >  tst_features_LDADD = .libs/libapparmor.a
> >  
> > -check_PROGRAMS = tst_aalogmisc tst_features
> > +tst_kernel_SOURCES = tst_kernel.c
> > +tst_kernel_LDADD = .libs/libapparmor.a
> > +tst_kernel_LDFLAGS = -pthread
> > +
> > +check_PROGRAMS = tst_aalogmisc tst_features tst_kernel
> >  TESTS = $(check_PROGRAMS)
> >  
> >  EXTRA_DIST = grammar.y scanner.l libapparmor.map libapparmor.pc
> > diff --git a/libraries/libapparmor/src/tst_kernel.c b/libraries/libapparmor/src/tst_kernel.c
> > new file mode 100644
> > index 0000000..8a8e70e
> > --- /dev/null
> > +++ b/libraries/libapparmor/src/tst_kernel.c
> > @@ -0,0 +1,133 @@
> > +/*
> > + *   Copyright (c) 2015
> > + *   Canonical, Ltd. (All rights reserved)
> > + *
> > + *   This program is free software; you can redistribute it and/or
> > + *   modify it under the terms of version 2 of the GNU General Public
> > + *   License published by the Free Software Foundation.
> > + *
> > + *   This program is distributed in the hope that it will be useful,
> > + *   but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> > + *   GNU General Public License for more details.
> > + *
> > + *   You should have received a copy of the GNU General Public License
> > + *   along with this program; if not, contact Novell, Inc. or Canonical
> > + *   Ltd.
> > + */
> > +
> > +#include <stdio.h>
> > +#include <string.h>
> > +
> > +#include "features.c"
> > +
> > +static int nullcmp_and_strcmp(const void *s1, const void *s2)
> > +{
> > +	/* Return 0 if both pointers are NULL & non-zero if only one is NULL */
> > +	if (!s1 || !s2)
> > +		return s1 != s2;
> > +
> > +	return strcmp(s1, s2);
> > +}
> > +
> > +static int do_test_aa_splitcon(char *con, char **mode,
> > +			       const char *expected_label,
> > +			       const char *expected_mode, const char *error)
> > +{
> > +	char *label;
> > +	int rc = 0;
> > +
> > +	label = aa_splitcon(con, mode);
> > +
> > +	if (nullcmp_and_strcmp(label, expected_label)) {
> > +		fprintf(stderr, "FAIL: %s: label \"%s\" != \"%s\"\n",
> > +			error, label, expected_label);
> > +		rc = 1;
> > +	}
> > +
> > +	if (mode && nullcmp_and_strcmp(*mode, expected_mode)) {
> > +		fprintf(stderr, "FAIL: %s: mode \"%s\" != \"%s\"\n",
> > +			error, *mode, expected_mode);
> > +		rc = 1;
> > +	}
> > +
> > +	return rc;
> > +}
> > +
> > +#define TEST_SPLITCON(con, expected_label, expected_mode, error)	\
> > +	do {								\
> > +		char c1[] = con;					\
> > +		char c2[] = con;					\
> > +		char *mode;						\
> > +									\
> > +		if (do_test_aa_splitcon(c1, &mode, expected_label,	\
> > +					expected_mode, error)) {	\
> > +			rc = 1;						\
> > +		} else if (do_test_aa_splitcon(c2, NULL, expected_label,\
> > +					       NULL,			\
> > +					       error " (NULL mode)")) {	\
> > +			rc = 1;						\
> > +		}							\
> > +	} while (0)
> > +
> > +
> > +static int test_aa_splitcon(void)
> > +{
> > +	int rc = 0;
> > +
> > +	TEST_SPLITCON("label (mode)", "label", "mode", "basic split");
> > +
> > +	TEST_SPLITCON("/a/b/c (enforce)", "/a/b/c", "enforce",
> > +		      "path enforce split");
> > +
> > +	TEST_SPLITCON("/a/b/c (complain)", "/a/b/c", "complain",
> > +		      "path complain split");
> > +
> > +	TEST_SPLITCON("profile_name (enforce)", "profile_name", "enforce",
> > +		      "name enforce split");
> > +
> > +	TEST_SPLITCON("profile_name (complain)", "profile_name", "complain",
> > +		      "name complain split");
> > +
> > +	TEST_SPLITCON("unconfined", "unconfined", NULL, "unconfined");
> > +
> > +	TEST_SPLITCON("(odd) (enforce)", "(odd)", "enforce",
> > +		      "parenthesized label #1");
> > +
> > +	TEST_SPLITCON("(odd) (enforce) (enforce)", "(odd) (enforce)", "enforce",
> > +		      "parenthesized label #2");
> > +
> > +	TEST_SPLITCON("/usr/bin/😺 (enforce)", "/usr/bin/😺", "enforce",
> > +		      "non-ASCII path");
> > +
> > +	TEST_SPLITCON("👍 (enforce)", "👍", "enforce", "non-ASCII profile name");
> > +
> > +	/* Negative tests */
> > +
> > +	TEST_SPLITCON("", NULL, NULL, "empty string test");
> > +
> > +	TEST_SPLITCON("/a/b/c (complain)\n", NULL, NULL,
> > +		      "path split w/ invalid trailing newline");
> > +
> > +	TEST_SPLITCON("unconfined\n", NULL, NULL,
> > +		      "unconfined w/ invalid trailing newline");
> > +
> > +	TEST_SPLITCON("profile\t(enforce)", NULL, NULL,
> > +		      "invalid tab separator");
> > +
> > +	TEST_SPLITCON("profile(enforce)", NULL, NULL,
> > +		      "invalid missing separator");
> > +
> > +	return rc;
> > +}
> > +
> > +int main(void)
> > +{
> > +	int retval, rc = 0;
> > +
> > +	retval = test_aa_splitcon();
> > +	if (retval)
> > +		rc = retval;
> > +
> > +	return rc;
> > +}


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150514/c5c74d62/attachment-0001.pgp>

More information about the AppArmor mailing list