Home | History | Annotate | Download | only in tests 
      1 from optparse import OptionParser
      2 from optparse import Option, OptionValueError
      3 import os
      4 import policy
      5 import re
      6 import sys
      7 
      8 #############################################################
      9 # Tests
     10 #############################################################
     11 def TestDataTypeViolations(pol):
     12     return pol.AssertPathTypesHaveAttr(["/data/"], [], "data_file_type")
     13 
     14 def TestProcTypeViolations(pol):
     15     return pol.AssertGenfsFilesystemTypesHaveAttr("proc", "proc_type")
     16 
     17 def TestSysfsTypeViolations(pol):
     18     ret = pol.AssertGenfsFilesystemTypesHaveAttr("sysfs", "sysfs_type")
     19     ret += pol.AssertPathTypesHaveAttr(["/sys/"], ["/sys/kernel/debug/",
     20                                     "/sys/kernel/tracing"], "sysfs_type")
     21     return ret
     22 
     23 def TestDebugfsTypeViolations(pol):
     24     ret = pol.AssertGenfsFilesystemTypesHaveAttr("debugfs", "debugfs_type")
     25     ret += pol.AssertGenfsFilesystemTypesHaveAttr("tracefs", "debugfs_type")
     26     ret += pol.AssertPathTypesHaveAttr(["/sys/kernel/debug/",
     27                                     "/sys/kernel/tracing"], [], "debugfs_type")
     28     return ret
     29 
     30 def TestVendorTypeViolations(pol):
     31     return pol.AssertPathTypesHaveAttr(["/vendor/"], [], "vendor_file_type")
     32 
     33 def TestCoreDataTypeViolations(pol):
     34     return pol.AssertPathTypesHaveAttr(["/data/"], ["/data/vendor",
     35             "/data/vendor_ce", "/data/vendor_de"], "core_data_file_type")
     36 
     37 ###
     38 # extend OptionParser to allow the same option flag to be used multiple times.
     39 # This is used to allow multiple file_contexts files and tests to be
     40 # specified.
     41 #
     42 class MultipleOption(Option):
     43     ACTIONS = Option.ACTIONS + ("extend",)
     44     STORE_ACTIONS = Option.STORE_ACTIONS + ("extend",)
     45     TYPED_ACTIONS = Option.TYPED_ACTIONS + ("extend",)
     46     ALWAYS_TYPED_ACTIONS = Option.ALWAYS_TYPED_ACTIONS + ("extend",)
     47 
     48     def take_action(self, action, dest, opt, value, values, parser):
     49         if action == "extend":
     50             values.ensure_value(dest, []).append(value)
     51         else:
     52             Option.take_action(self, action, dest, opt, value, values, parser)
     53 
     54 Tests = [
     55     "TestDataTypeViolators",
     56     "TestProcTypeViolations",
     57     "TestSysfsTypeViolations",
     58     "TestDebugfsTypeViolations",
     59     "TestVendorTypeViolations",
     60     "TestCoreDataTypeViolations",
     61 ]
     62 
     63 if __name__ == '__main__':
     64     usage = "sepolicy_tests -l $(ANDROID_HOST_OUT)/lib64/libsepolwrap.so "
     65     usage += "-f vendor_file_contexts -f "
     66     usage +="plat_file_contexts -p policy [--test test] [--help]"
     67     parser = OptionParser(option_class=MultipleOption, usage=usage)
     68     parser.add_option("-f", "--file_contexts", dest="file_contexts",
     69             metavar="FILE", action="extend", type="string")
     70     parser.add_option("-p", "--policy", dest="policy", metavar="FILE")
     71     parser.add_option("-l", "--library-path", dest="libpath", metavar="FILE")
     72     parser.add_option("-t", "--test", dest="test", action="extend",
     73             help="Test options include "+str(Tests))
     74 
     75     (options, args) = parser.parse_args()
     76 
     77     if not options.libpath:
     78         sys.exit("Must specify path to libsepolwrap library\n" + parser.usage)
     79     if not os.path.exists(options.libpath):
     80         sys.exit("Error: library-path " + options.libpath + " does not exist\n"
     81                 + parser.usage)
     82 
     83     if not options.policy:
     84         sys.exit("Must specify monolithic policy file\n" + parser.usage)
     85     if not os.path.exists(options.policy):
     86         sys.exit("Error: policy file " + options.policy + " does not exist\n"
     87                 + parser.usage)
     88 
     89     if not options.file_contexts:
     90         sys.exit("Error: Must specify file_contexts file(s)\n" + parser.usage)
     91     for f in options.file_contexts:
     92         if not os.path.exists(f):
     93             sys.exit("Error: File_contexts file " + f + " does not exist\n" +
     94                     parser.usage)
     95 
     96     pol = policy.Policy(options.policy, options.file_contexts, options.libpath)
     97 
     98     results = ""
     99     # If an individual test is not specified, run all tests.
    100     if options.test is None or "TestDataTypeViolations" in options.test:
    101         results += TestDataTypeViolations(pol)
    102     if options.test is None or "TestProcTypeViolations" in options.test:
    103         results += TestProcTypeViolations(pol)
    104     if options.test is None or "TestSysfsTypeViolations" in options.test:
    105         results += TestSysfsTypeViolations(pol)
    106     if options.test is None or "TestDebugfsTypeViolations" in options.test:
    107         results += TestDebugfsTypeViolations(pol)
    108     if options.test is None or "TestVendorTypeViolations" in options.test:
    109         results += TestVendorTypeViolations(pol)
    110     if options.test is None or "TestCoreDataTypeViolations" in options.test:
    111         results += TestCoreDataTypeViolations(pol)
    112 
    113     if len(results) > 0:
    114         sys.exit(results)
    115