1 /******************************************************************************/ 2 /* This program is free software; you can redistribute it and/or modify */ 3 /* it under the terms of the GNU General Public License as published by */ 4 /* the Free Software Foundation; either version 2 of the License, or */ 5 /* (at your option) any later version. */ 6 /* */ 7 /* This program is distributed in the hope that it will be useful, */ 8 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */ 9 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ 10 /* the GNU General Public License for more details. */ 11 /* */ 12 /* You should have received a copy of the GNU General Public License */ 13 /* along with this program; if not, write to the Free Software */ 14 /* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ 15 /* */ 16 /******************************************************************************/ 17 /* 18 * tomoyo_new_test.c 19 * 20 * Testing program for security/tomoyo/ 21 * 22 * Copyright (C) 2005-2010 NTT DATA CORPORATION 23 */ 24 #include "include.h" 25 26 static int result; 27 static int error; 28 29 static void show_result(const char *test, int should_success) 30 { 31 error = errno; 32 printf("%s : ", test); 33 if (should_success) { 34 if (error == 0) 35 printf("OK (%d)\n", result); 36 else 37 printf("FAILED: %s\n", strerror(error)); 38 } else { 39 if (error == 0) 40 printf("BUG: Didn't fail (%d)\n", result); 41 else if (error == EPERM) 42 printf("OK: permission denied\n"); 43 else 44 printf("FAILED: %s\n", strerror(error)); 45 } 46 } 47 48 static void test_read_etc_fstab(void) 49 { 50 result = open("/etc/fstab", O_RDONLY); 51 } 52 53 static void test_write_dev_null(void) 54 { 55 result = open("/dev/null", O_WRONLY); 56 } 57 58 static void cleanup_file_open(void) 59 { 60 if (result != EOF) 61 close(result); 62 } 63 64 static void test_mkdir_testdir(void) 65 { 66 result = mkdir("/tmp/testdir", 0755); 67 } 68 69 static void cleanup_mkdir_testdir(void) 70 { 71 rmdir("/tmp/testdir"); 72 } 73 74 static void setup_mkdir_testdir(void) 75 { 76 mkdir("/tmp/testdir", 0755); 77 } 78 79 static void test_rmdir_testdir(void) 80 { 81 result = rmdir("/tmp/testdir"); 82 } 83 84 static void setup_execute_bin_true(void) 85 { 86 fprintf(domain_fp, "%s /bin/true\n", self_domain); 87 fprintf(domain_fp, "use_profile 0\n"); 88 fprintf(domain_fp, "select pid=%u\n", pid); 89 } 90 91 static void cleanup_execute_bin_true(void) 92 { 93 wait(NULL); 94 fprintf(domain_fp, "delete %s /bin/true\n", self_domain); 95 fprintf(domain_fp, "select pid=%u\n", pid); 96 } 97 98 static void test_execute_bin_true(void) 99 { 100 char *argv[] = { "/bin/true", NULL }; 101 char *envp[] = { "HOME=/", NULL }; 102 int pipe_fd[2] = { EOF, EOF }; 103 if (pipe(pipe_fd) == -1) 104 err(1, "pipe"); 105 switch (fork()) { 106 case 0: 107 execve("/bin/true", argv, envp); 108 error = errno; 109 if (write(pipe_fd[1], &error, sizeof(error)) == -1) 110 err(1, "write"); 111 _exit(0); 112 break; 113 case -1: 114 error = ENOMEM; 115 break; 116 } 117 close(pipe_fd[1]); 118 (void)read(pipe_fd[0], &error, sizeof(error)); 119 close(pipe_fd[0]); 120 result = error ? EOF : 0; 121 errno = error; 122 } 123 124 static void test_chmod_dev_null(void) 125 { 126 result = chmod("/dev/null", 0666); 127 } 128 129 static void test_chown_dev_null(void) 130 { 131 result = chown("/dev/null", 0, -1); 132 } 133 134 static void test_chgrp_dev_null(void) 135 { 136 result = chown("/dev/null", -1, 0); 137 } 138 139 static void test_ioctl_dev_null(void) 140 { 141 int fd = open("/dev/null", O_RDWR); 142 errno = 0; 143 result = ioctl(fd, 0x5451, NULL); 144 error = errno; 145 close(fd); 146 errno = error; 147 } 148 149 static void setup_chmod_group(void) 150 { 151 write_exception_policy("path_group CHMOD_TARGET /dev/null", 0); 152 write_exception_policy("number_group CHMOD_MODES 0666", 0); 153 } 154 155 static void cleanup_chmod_group(void) 156 { 157 write_exception_policy("path_group CHMOD_TARGET /dev/null", 1); 158 write_exception_policy("number_group CHMOD_MODES 0666", 1); 159 } 160 161 static void setup_chown_group(void) 162 { 163 write_exception_policy("path_group CHOWN_TARGET /dev/\\*", 0); 164 write_exception_policy("number_group CHOWN_IDS 0x0-0xFFFE", 0); 165 } 166 167 static void cleanup_chown_group(void) 168 { 169 write_exception_policy("path_group CHOWN_TARGET /dev/\\*", 1); 170 write_exception_policy("number_group CHOWN_IDS 0x0-0xFFFE", 1); 171 } 172 173 static void setup_ioctl_group(void) 174 { 175 write_exception_policy("path_group IOCTL_TARGET /dev/\\*", 0); 176 write_exception_policy("number_group IOCTL_NUMBERS 0x5450-0x5452", 0); 177 } 178 179 static void cleanup_ioctl_group(void) 180 { 181 write_exception_policy("path_group IOCTL_TARGET /dev/\\*", 1); 182 write_exception_policy("number_group IOCTL_NUMBERS 0x5450-0x5452", 1); 183 } 184 185 static void setup_open_group(void) 186 { 187 write_exception_policy("path_group READABLE /etc/\\*", 0); 188 write_exception_policy("number_group READABLE_IDS 0-0xFFF", 0); 189 } 190 191 static void cleanup_open_group(void) 192 { 193 cleanup_file_open(); 194 write_exception_policy("path_group READABLE /etc/\\*", 1); 195 write_exception_policy("number_group READABLE_IDS 0-0xFFF", 1); 196 } 197 198 static void test_file_open_0(void) 199 { 200 result = open("/tmp/testfile0", O_RDONLY, 0600); 201 } 202 203 static void test_file_open_1(void) 204 { 205 result = open("/tmp/testfile1", O_CREAT | O_RDONLY, 0600); 206 } 207 208 static void test_file_open_2(void) 209 { 210 result = open("/tmp/testfile2", O_TRUNC | O_RDONLY, 0600); 211 } 212 213 static void test_file_open_3(void) 214 { 215 result = open("/tmp/testfile3", O_TRUNC | O_CREAT | O_RDONLY, 0600); 216 } 217 218 static void test_file_open_4(void) 219 { 220 result = open("/tmp/testfile4", O_APPEND | O_RDONLY, 0600); 221 } 222 223 static void test_file_open_5(void) 224 { 225 result = open("/tmp/testfile5", O_APPEND | O_CREAT | O_RDONLY, 0600); 226 } 227 228 static void test_file_open_6(void) 229 { 230 result = open("/tmp/testfile6", O_APPEND | O_TRUNC | O_RDONLY, 0600); 231 } 232 233 static void test_file_open_7(void) 234 { 235 result = open("/tmp/testfile7", 236 O_APPEND | O_TRUNC | O_CREAT | O_RDONLY, 0600); 237 } 238 239 static void test_file_open_8(void) 240 { 241 result = open("/tmp/testfile8", O_WRONLY, 0600); 242 } 243 244 static void test_file_open_9(void) 245 { 246 result = open("/tmp/testfile9", O_CREAT | O_WRONLY, 0600); 247 } 248 249 static void test_file_open_10(void) 250 { 251 result = open("/tmp/testfile10", O_TRUNC | O_WRONLY, 0600); 252 } 253 254 static void test_file_open_11(void) 255 { 256 result = open("/tmp/testfile11", O_TRUNC | O_CREAT | O_WRONLY, 0600); 257 } 258 259 static void test_file_open_12(void) 260 { 261 result = open("/tmp/testfile12", O_APPEND | O_WRONLY, 0600); 262 } 263 264 static void test_file_open_13(void) 265 { 266 result = open("/tmp/testfile13", O_APPEND | O_CREAT | O_WRONLY, 0600); 267 } 268 269 static void test_file_open_14(void) 270 { 271 result = open("/tmp/testfile14", O_APPEND | O_TRUNC | O_WRONLY, 0600); 272 } 273 274 static void test_file_open_15(void) 275 { 276 result = open("/tmp/testfile15", 277 O_APPEND | O_TRUNC | O_CREAT | O_WRONLY, 0600); 278 } 279 280 static void test_file_open_16(void) 281 { 282 result = open("/tmp/testfile16", O_RDWR, 0600); 283 } 284 285 static void test_file_open_17(void) 286 { 287 result = open("/tmp/testfile17", O_CREAT | O_RDWR, 0600); 288 } 289 290 static void test_file_open_18(void) 291 { 292 result = open("/tmp/testfile18", O_TRUNC | O_RDWR, 0600); 293 } 294 295 static void test_file_open_19(void) 296 { 297 result = open("/tmp/testfile19", O_TRUNC | O_CREAT | O_RDWR, 0600); 298 } 299 300 static void test_file_open_20(void) 301 { 302 result = open("/tmp/testfile20", O_APPEND | O_RDWR, 0600); 303 } 304 305 static void test_file_open_21(void) 306 { 307 result = open("/tmp/testfile21", O_APPEND | O_CREAT | O_RDWR, 0600); 308 } 309 310 static void test_file_open_22(void) 311 { 312 result = open("/tmp/testfile22", O_APPEND | O_TRUNC | O_RDWR, 0600); 313 } 314 315 static void test_file_open_23(void) 316 { 317 result = open("/tmp/testfile23", O_APPEND | O_TRUNC | O_CREAT | O_RDWR, 318 0600); 319 } 320 321 static void setup_test_file(void) 322 { 323 int i; 324 char buffer[32]; 325 buffer[31] = '\0'; 326 for (i = 0; i < 24; i += 2) { 327 snprintf(buffer, sizeof(buffer) - 1, "/tmp/testfile%u", i); 328 close(open(buffer, O_WRONLY | O_CREAT, 0600)); 329 } 330 write_exception_policy("deny_rewrite /tmp/testfile\\$", 0); 331 } 332 333 static void setup_test_file_truncate(void) 334 { 335 setup_test_file(); 336 write_domain_policy("allow_truncate /tmp/testfile\\$", 0); 337 set_profile(3, "file::truncate"); 338 } 339 340 static void setup_all_test_file(void) 341 { 342 int i; 343 char buffer[32]; 344 buffer[31] = '\0'; 345 for (i = 0; i < 24; i++) { 346 snprintf(buffer, sizeof(buffer) - 1, "/tmp/testfile%u", i); 347 close(open(buffer, O_WRONLY | O_CREAT, 0600)); 348 } 349 write_exception_policy("deny_rewrite /tmp/testfile\\$", 0); 350 } 351 352 static void setup_all_test_file_truncate(void) 353 { 354 setup_all_test_file(); 355 write_domain_policy("allow_truncate /tmp/testfile\\$", 0); 356 set_profile(3, "file::truncate"); 357 } 358 359 static void cleanup_test_file(void) 360 { 361 int i; 362 char buffer[32]; 363 buffer[31] = '\0'; 364 for (i = 0; i < 24; i++) { 365 snprintf(buffer, sizeof(buffer) - 1, "/tmp/testfile%u", i); 366 unlink(buffer); 367 } 368 write_exception_policy("deny_rewrite /tmp/testfile\\$", 1); 369 cleanup_file_open(); 370 } 371 372 static void cleanup_test_file_truncate(void) 373 { 374 cleanup_test_file(); 375 write_domain_policy("allow_truncate /tmp/testfile\\$", 1); 376 set_profile(0, "file::truncate"); 377 } 378 379 static struct test_struct { 380 void (*do_setup) (void); 381 void (*do_test) (void); 382 void (*do_cleanup) (void); 383 const char *name; 384 const char *policy; 385 } tests[] = { 386 { 387 NULL, test_read_etc_fstab, cleanup_file_open, "file::open", 388 "allow_read /etc/fstab"}, { 389 NULL, test_read_etc_fstab, cleanup_file_open, "file::open", 390 "allow_read /etc/fstab"}, { 391 NULL, test_read_etc_fstab, cleanup_file_open, "file::open", 392 "allow_read /etc/fstab"}, { 393 setup_open_group, test_read_etc_fstab, cleanup_open_group, 394 "file::open", "allow_read @READABLE"}, { 395 NULL, test_write_dev_null, cleanup_file_open, "file::open", 396 "allow_write /dev/null"}, { 397 NULL, test_write_dev_null, cleanup_file_open, "file::open", 398 "allow_write /dev/null"}, { 399 NULL, test_write_dev_null, cleanup_file_open, "file::open", 400 "allow_write /dev/null"}, { 401 cleanup_mkdir_testdir, test_mkdir_testdir, 402 cleanup_mkdir_testdir, "file::mkdir", 403 "allow_mkdir /tmp/testdir/ 0755"}, { 404 cleanup_mkdir_testdir, test_mkdir_testdir, 405 cleanup_mkdir_testdir, "file::mkdir", 406 "allow_mkdir /tmp/testdir/ 0755"}, { 407 cleanup_mkdir_testdir, test_mkdir_testdir, 408 cleanup_mkdir_testdir, "file::mkdir", 409 "allow_mkdir /tmp/testdir/ 0755"}, { 410 setup_mkdir_testdir, test_rmdir_testdir, cleanup_mkdir_testdir, 411 "file::rmdir", "allow_rmdir /tmp/testdir/"}, { 412 setup_mkdir_testdir, test_rmdir_testdir, cleanup_mkdir_testdir, 413 "file::rmdir", "allow_rmdir /tmp/testdir/"}, { 414 setup_mkdir_testdir, test_rmdir_testdir, cleanup_mkdir_testdir, 415 "file::rmdir", "allow_rmdir /tmp/testdir/"}, { 416 setup_execute_bin_true, test_execute_bin_true, 417 cleanup_execute_bin_true, "file::execute", 418 "allow_execute /bin/true"}, { 419 setup_execute_bin_true, test_execute_bin_true, 420 cleanup_execute_bin_true, "file::execute", 421 "allow_execute /bin/true"}, { 422 setup_execute_bin_true, test_execute_bin_true, 423 cleanup_execute_bin_true, "file::execute", 424 "allow_execute /bin/true"}, { 425 NULL, test_chmod_dev_null, NULL, "file::chmod", 426 "allow_chmod /dev/null 0666"}, { 427 NULL, test_chown_dev_null, NULL, "file::chown", 428 "allow_chown /dev/null 0"}, { 429 NULL, test_chgrp_dev_null, NULL, "file::chgrp", 430 "allow_chgrp /dev/null 0"}, { 431 NULL, test_ioctl_dev_null, NULL, "file::ioctl", 432 "allow_ioctl /dev/null 0x5451"}, { 433 setup_chmod_group, test_chmod_dev_null, cleanup_chmod_group, 434 "file::chmod", "allow_chmod @CHMOD_TARGET @CHMOD_MODES"}, { 435 setup_chown_group, test_chown_dev_null, cleanup_chown_group, 436 "file::chown", "allow_chown @CHOWN_TARGET @CHOWN_IDS"}, { 437 setup_chown_group, test_chgrp_dev_null, cleanup_chown_group, 438 "file::chgrp", "allow_chgrp @CHOWN_TARGET @CHOWN_IDS"}, { 439 setup_ioctl_group, test_ioctl_dev_null, cleanup_ioctl_group, 440 "file::ioctl", "allow_ioctl @IOCTL_TARGET @IOCTL_NUMBERS"}, 441 { 442 setup_test_file, test_file_open_0, cleanup_test_file, 443 "file::open", "allow_read /tmp/testfile0"}, { 444 setup_test_file, test_file_open_1, cleanup_test_file, 445 "file::open", "allow_read /tmp/testfile1"}, { 446 setup_test_file, test_file_open_1, cleanup_test_file, 447 "file::create", "allow_create /tmp/testfile1 0600"}, { 448 setup_test_file, test_file_open_2, cleanup_test_file, 449 "file::open", "allow_read /tmp/testfile2"}, { 450 setup_test_file, test_file_open_2, cleanup_test_file, 451 "file::truncate", "allow_truncate /tmp/testfile2"}, { 452 setup_test_file_truncate, test_file_open_2, 453 cleanup_test_file_truncate, "file::rewrite", 454 "allow_rewrite /tmp/testfile2"}, { 455 setup_test_file, test_file_open_3, cleanup_test_file, 456 "file::open", "allow_read /tmp/testfile3"}, { 457 setup_test_file, test_file_open_3, cleanup_test_file, 458 "file::create", "allow_create /tmp/testfile3 0600"}, { 459 setup_test_file, test_file_open_4, cleanup_test_file, 460 "file::open", "allow_read /tmp/testfile4"}, { 461 setup_test_file, test_file_open_5, cleanup_test_file, 462 "file::open", "allow_read /tmp/testfile5"}, { 463 setup_test_file, test_file_open_5, cleanup_test_file, 464 "file::create", "allow_create /tmp/testfile5 0600"}, { 465 setup_test_file, test_file_open_6, cleanup_test_file, 466 "file::open", "allow_read /tmp/testfile6"}, { 467 setup_test_file, test_file_open_6, cleanup_test_file, 468 "file::truncate", "allow_truncate /tmp/testfile6"}, { 469 setup_test_file_truncate, test_file_open_6, 470 cleanup_test_file_truncate, "file::rewrite", 471 "allow_rewrite /tmp/testfile6"}, { 472 setup_test_file, test_file_open_7, cleanup_test_file, 473 "file::open", "allow_read /tmp/testfile7"}, { 474 setup_test_file, test_file_open_7, cleanup_test_file, 475 "file::create", "allow_create /tmp/testfile7 0600"}, { 476 setup_test_file, test_file_open_8, cleanup_test_file, 477 "file::open", "allow_write /tmp/testfile8"}, { 478 setup_test_file, test_file_open_8, cleanup_test_file, 479 "file::rewrite", "allow_rewrite /tmp/testfile8"}, { 480 setup_test_file, test_file_open_9, cleanup_test_file, 481 "file::open", "allow_write /tmp/testfile9"}, { 482 setup_test_file, test_file_open_9, cleanup_test_file, 483 "file::create", "allow_create /tmp/testfile9 0600"}, { 484 setup_test_file, test_file_open_9, cleanup_test_file, 485 "file::rewrite", "allow_rewrite /tmp/testfile9"}, { 486 setup_test_file, test_file_open_10, cleanup_test_file, 487 "file::open", "allow_write /tmp/testfile10"}, { 488 setup_test_file, test_file_open_10, cleanup_test_file, 489 "file::truncate", "allow_truncate /tmp/testfile10"}, { 490 setup_test_file, test_file_open_10, cleanup_test_file, 491 "file::rewrite", "allow_rewrite /tmp/testfile10"}, { 492 setup_test_file, test_file_open_11, cleanup_test_file, 493 "file::open", "allow_write /tmp/testfile11"}, { 494 setup_test_file, test_file_open_11, cleanup_test_file, 495 "file::create", "allow_create /tmp/testfile11 0600"}, { 496 setup_test_file, test_file_open_11, cleanup_test_file, 497 "file::rewrite", "allow_rewrite /tmp/testfile11"}, { 498 setup_test_file, test_file_open_12, cleanup_test_file, 499 "file::open", "allow_write /tmp/testfile12"}, { 500 setup_test_file, test_file_open_13, cleanup_test_file, 501 "file::open", "allow_write /tmp/testfile13"}, { 502 setup_test_file, test_file_open_13, cleanup_test_file, 503 "file::create", "allow_create /tmp/testfile13 0600"}, { 504 setup_test_file, test_file_open_14, cleanup_test_file, 505 "file::open", "allow_write /tmp/testfile14"}, { 506 setup_test_file, test_file_open_14, cleanup_test_file, 507 "file::truncate", "allow_truncate /tmp/testfile14"}, { 508 setup_test_file_truncate, test_file_open_14, 509 cleanup_test_file_truncate, "file::rewrite", 510 "allow_rewrite /tmp/testfile14"}, { 511 setup_test_file, test_file_open_15, cleanup_test_file, 512 "file::open", "allow_write /tmp/testfile15"}, { 513 setup_test_file, test_file_open_15, cleanup_test_file, 514 "file::create", "allow_create /tmp/testfile15 0600"}, { 515 setup_test_file, test_file_open_16, cleanup_test_file, 516 "file::open", "allow_read/write /tmp/testfile16"}, { 517 setup_test_file, test_file_open_16, cleanup_test_file, 518 "file::rewrite", "allow_rewrite /tmp/testfile16"}, { 519 setup_test_file, test_file_open_17, cleanup_test_file, 520 "file::open", "allow_read/write /tmp/testfile17"}, { 521 setup_test_file, test_file_open_17, cleanup_test_file, 522 "file::create", "allow_create /tmp/testfile17 0600"}, { 523 setup_test_file, test_file_open_17, cleanup_test_file, 524 "file::rewrite", "allow_rewrite /tmp/testfile17"}, { 525 setup_test_file, test_file_open_18, cleanup_test_file, 526 "file::open", "allow_read/write /tmp/testfile18"}, { 527 setup_test_file, test_file_open_18, cleanup_test_file, 528 "file::truncate", "allow_truncate /tmp/testfile18"}, { 529 setup_test_file, test_file_open_18, cleanup_test_file, 530 "file::rewrite", "allow_rewrite /tmp/testfile18"}, { 531 setup_test_file, test_file_open_19, cleanup_test_file, 532 "file::open", "allow_read/write /tmp/testfile19"}, { 533 setup_test_file, test_file_open_19, cleanup_test_file, 534 "file::create", "allow_create /tmp/testfile19 0600"}, { 535 setup_test_file, test_file_open_19, cleanup_test_file, 536 "file::rewrite", "allow_rewrite /tmp/testfile19"}, { 537 setup_test_file, test_file_open_20, cleanup_test_file, 538 "file::open", "allow_read/write /tmp/testfile20"}, { 539 setup_test_file, test_file_open_21, cleanup_test_file, 540 "file::open", "allow_read/write /tmp/testfile21"}, { 541 setup_test_file, test_file_open_21, cleanup_test_file, 542 "file::create", "allow_create /tmp/testfile21 0600"}, { 543 setup_test_file, test_file_open_22, cleanup_test_file, 544 "file::open", "allow_read/write /tmp/testfile22"}, { 545 setup_test_file, test_file_open_22, cleanup_test_file, 546 "file::truncate", "allow_truncate /tmp/testfile22"}, { 547 setup_test_file_truncate, test_file_open_22, 548 cleanup_test_file_truncate, "file::rewrite", 549 "allow_rewrite /tmp/testfile22"}, { 550 setup_test_file, test_file_open_23, cleanup_test_file, 551 "file::open", "allow_read/write /tmp/testfile23"}, { 552 setup_test_file, test_file_open_23, cleanup_test_file, 553 "file::create", "allow_create /tmp/testfile23 0600"}, { 554 setup_all_test_file, test_file_open_0, cleanup_test_file, 555 "file::open", "allow_read /tmp/testfile0"}, { 556 setup_all_test_file, test_file_open_2, cleanup_test_file, 557 "file::open", "allow_read /tmp/testfile2"}, { 558 setup_all_test_file, test_file_open_2, cleanup_test_file, 559 "file::truncate", "allow_truncate /tmp/testfile2"}, { 560 setup_all_test_file_truncate, test_file_open_2, 561 cleanup_test_file_truncate, "file::rewrite", 562 "allow_rewrite /tmp/testfile2"}, { 563 setup_all_test_file, test_file_open_4, cleanup_test_file, 564 "file::open", "allow_read /tmp/testfile4"}, { 565 setup_all_test_file, test_file_open_6, cleanup_test_file, 566 "file::open", "allow_read /tmp/testfile6"}, { 567 setup_all_test_file, test_file_open_6, cleanup_test_file, 568 "file::truncate", "allow_truncate /tmp/testfile6"}, { 569 setup_all_test_file_truncate, test_file_open_6, 570 cleanup_test_file_truncate, "file::rewrite", 571 "allow_rewrite /tmp/testfile6"}, { 572 setup_all_test_file, test_file_open_8, cleanup_test_file, 573 "file::open", "allow_write /tmp/testfile8"}, { 574 setup_all_test_file, test_file_open_8, cleanup_test_file, 575 "file::rewrite", "allow_rewrite /tmp/testfile8"}, { 576 setup_all_test_file, test_file_open_10, cleanup_test_file, 577 "file::open", "allow_write /tmp/testfile10"}, { 578 setup_all_test_file, test_file_open_10, cleanup_test_file, 579 "file::truncate", "allow_truncate /tmp/testfile10"}, { 580 setup_all_test_file, test_file_open_10, cleanup_test_file, 581 "file::rewrite", "allow_rewrite /tmp/testfile10"}, { 582 setup_all_test_file, test_file_open_12, cleanup_test_file, 583 "file::open", "allow_write /tmp/testfile12"}, { 584 setup_all_test_file, test_file_open_14, cleanup_test_file, 585 "file::open", "allow_write /tmp/testfile14"}, { 586 setup_all_test_file, test_file_open_14, cleanup_test_file, 587 "file::truncate", "allow_truncate /tmp/testfile14"}, { 588 setup_all_test_file_truncate, test_file_open_14, 589 cleanup_test_file_truncate, "file::rewrite", 590 "allow_rewrite /tmp/testfile14"}, { 591 setup_all_test_file, test_file_open_16, cleanup_test_file, 592 "file::open", "allow_read/write /tmp/testfile16"}, { 593 setup_all_test_file, test_file_open_16, cleanup_test_file, 594 "file::rewrite", "allow_rewrite /tmp/testfile16"}, { 595 setup_all_test_file, test_file_open_18, cleanup_test_file, 596 "file::open", "allow_read/write /tmp/testfile18"}, { 597 setup_all_test_file, test_file_open_18, cleanup_test_file, 598 "file::truncate", "allow_truncate /tmp/testfile18"}, { 599 setup_all_test_file, test_file_open_18, cleanup_test_file, 600 "file::rewrite", "allow_rewrite /tmp/testfile18"}, { 601 setup_all_test_file, test_file_open_20, cleanup_test_file, 602 "file::open", "allow_read/write /tmp/testfile20"}, { 603 setup_all_test_file, test_file_open_22, cleanup_test_file, 604 "file::open", "allow_read/write /tmp/testfile22"}, { 605 setup_all_test_file, test_file_open_22, cleanup_test_file, 606 "file::truncate", "allow_truncate /tmp/testfile22"}, { 607 setup_all_test_file_truncate, test_file_open_22, 608 cleanup_test_file_truncate, "file::rewrite", 609 "allow_rewrite /tmp/testfile22"}, { 610 NULL} 611 }; 612 613 int main(int argc, char *argv[]) 614 { 615 int i; 616 tomoyo_test_init(); 617 for (i = 0; tests[i].do_test; i++) { 618 int trial; 619 for (trial = 0; trial < 2; trial++) { 620 int should_fail; 621 for (should_fail = 0; should_fail < 2; should_fail++) { 622 if (tests[i].do_setup) 623 tests[i].do_setup(); 624 if (!should_fail) 625 write_domain_policy(tests[i].policy, 0); 626 set_profile(3, tests[i].name); 627 tests[i].do_test(); 628 show_result(tests[i].policy, !should_fail); 629 set_profile(0, tests[i].name); 630 if (tests[i].do_cleanup) 631 tests[i].do_cleanup(); 632 if (!should_fail) 633 write_domain_policy(tests[i].policy, 1); 634 } 635 } 636 } 637 for (i = 0; tests[i].do_test; i++) { 638 int mode; 639 for (mode = 0; mode < 4; mode++) { 640 if (tests[i].do_setup) 641 tests[i].do_setup(); 642 set_profile(mode, tests[i].name); 643 tests[i].do_test(); 644 show_result(tests[i].name, 1); 645 set_profile(0, tests[i].name); 646 if (tests[i].do_cleanup) 647 tests[i].do_cleanup(); 648 } 649 } 650 fprintf(domain_fp, "delete %s\n", self_domain); 651 return 0; 652 } 653
