1 /*
2 * Copyright (c) 2020-2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "ActsDacTest.h"
16 #include <cstddef>
17 #include <fcntl.h>
18 #include <sys/stat.h>
19 #include <sys/types.h>
20 #include <sys/wait.h>
21 #include "gtest/gtest.h"
22 #include "ActsCapabilityTest.h"
23 #include "DACFileSystemTest.h"
24
25 using namespace std;
26 using namespace testing::ext;
27
28 #if defined(LITE_FS_VFAT)
TestSetUid()29 static int TestSetUid()
30 {
31 // Test the 'setuid' interface
32 int ret = 0;
33 uid_t ruid = 0;
34 uid_t euid = 0;
35 uid_t suid = 0;
36 // Step 1: Verify that UID is set to 0
37 ret = setuid(UID0);
38 if (ret != 0) {
39 EXPECT_EQ(ret, 0);
40 LOG("ErrInfo: Failed to set uid=0, now process uid=%d", getuid());
41 return FALSE;
42 }
43 // To test the function of invoking the setuid interface to set the UID=0
44 getresuid(&ruid, &euid, &suid);
45 EXPECT_EQ(ruid, UID0) << "Failed to set ruid=0: ruid=" << ruid;
46 EXPECT_EQ(euid, UID0) << "Failed to set euid=0: euid=" << euid;
47 EXPECT_EQ(suid, UID0) << "Failed to set suid=0: suid=" << suid;
48 // Step 2: Verify that UID is set to 1000
49 ret = setuid(UID1000);
50 if (ret != 0) {
51 EXPECT_EQ(ret, 0);
52 LOG("ErrInfo: Failed to set uid=1000, now process uid=%d", getuid());
53 return FALSE;
54 }
55 // To test the function of invoking the setuid interface to set the UID=1000
56 getresuid(&ruid, &euid, &suid);
57 EXPECT_EQ(ruid, UID1000) << "Failed to set ruid=1000: ruid=" << ruid;
58 EXPECT_EQ(euid, UID1000) << "Failed to set euid=1000: euid=" << euid;
59 EXPECT_EQ(suid, UID1000) << "Failed to set suid=1000: suid=" << suid;
60 // Step 3: Verify that UID is set to 10000
61 ret = setuid(UID10000);
62 if (ret != 0) {
63 EXPECT_EQ(ret, 0);
64 LOG("ErrInfo: Failed to set uid=10000, now process uid=%d", getuid());
65 return FALSE;
66 }
67 // To test the function of invoking the setuid interface to set the UID=10000
68 getresuid(&ruid, &euid, &suid);
69 EXPECT_EQ(ruid, UID10000) << "Failed to set ruid=10000: ruid=" << ruid;
70 EXPECT_EQ(euid, UID10000) << "Failed to set euid=10000: euid=" << euid;
71 EXPECT_EQ(suid, UID10000) << "Failed to set suid=10000: suid=" << suid;
72 // Step 4: Verify that UID is set to 2147483647
73 ret = setuid(MAX_INT);
74 if (ret != 0) {
75 EXPECT_EQ(ret, 0);
76 LOG("ErrInfo: Failed to set uid=2147483647, now process uid=%d", getuid());
77 return FALSE;
78 }
79 // To test the function of invoking the setuid interface to set the UID=2147483647
80 getresuid(&ruid, &euid, &suid);
81 EXPECT_EQ(ruid, MAX_INT) << "Failed to set ruid=2147483647: ruid=" << ruid;
82 EXPECT_EQ(euid, MAX_INT) << "Failed to set euid=2147483647: euid=" << euid;
83 EXPECT_EQ(suid, MAX_INT) << "Failed to set suid=2147483647: suid=" << suid;
84 return 0;
85 }
86
TestSetREUid()87 static int TestSetREUid()
88 {
89 // Test the 'setreuid' interface
90 int ret = 0;
91 uid_t ruid = 0;
92 uid_t euid = 0;
93 uid_t suid = 0;
94 // Step 1: Verify that UID is set to 0
95 ret = setreuid(UID0, UID0);
96 if (ret != 0) {
97 EXPECT_EQ(ret, 0);
98 LOG("ErrInfo: Failed to set uid=0, now process uid=%d", getuid());
99 return FALSE;
100 }
101 // To test the function of invoking the setuid interface to set the UID=0
102 getresuid(&ruid, &euid, &suid);
103 EXPECT_EQ(ruid, UID0) << "Failed to set ruid=0: ruid=" << ruid;
104 EXPECT_EQ(euid, UID0) << "Failed to set euid=0: euid=" << euid;
105 EXPECT_EQ(suid, UID0) << "Failed to set suid=0: suid=" << suid;
106 // Step 2: Verify that UID is set to 1000
107 ret = setreuid(UID1000, UID1000);
108 if (ret != 0) {
109 EXPECT_EQ(ret, 0);
110 LOG("ErrInfo: Failed to set uid=1000, now process uid=%d", getuid());
111 return FALSE;
112 }
113 // To test the function of invoking the setuid interface to set the UID=1000
114 getresuid(&ruid, &euid, &suid);
115 EXPECT_EQ(ruid, UID1000) << "Failed to set ruid=1000: ruid=" << ruid;
116 EXPECT_EQ(euid, UID1000) << "Failed to set euid=1000: euid=" << euid;
117 EXPECT_EQ(suid, UID1000) << "Failed to set suid=1000: suid=" << suid;
118 // Step 3: Verify that UID is set to 10000
119 ret = setreuid(UID10000, UID10000);
120 if (ret != 0) {
121 EXPECT_EQ(ret, 0);
122 LOG("ErrInfo: Failed to set uid=10000, now process uid=%d", getuid());
123 return FALSE;
124 }
125 // To test the function of invoking the setuid interface to set the UID=10000
126 getresuid(&ruid, &euid, &suid);
127 EXPECT_EQ(ruid, UID10000) << "Failed to set ruid=10000: ruid=" << ruid;
128 EXPECT_EQ(euid, UID10000) << "Failed to set euid=10000: euid=" << euid;
129 EXPECT_EQ(suid, UID10000) << "Failed to set suid=10000: suid=" << suid;
130 // Step 4: Verify that UID is set to 2147483647
131 ret = setreuid(MAX_INT, MAX_INT);
132 if (ret != 0) {
133 EXPECT_EQ(ret, 0);
134 LOG("ErrInfo: Failed to set uid=2147483647, now process uid=%d", getuid());
135 return FALSE;
136 }
137 // To test the function of invoking the setuid interface to set the UID=2147483647
138 getresuid(&ruid, &euid, &suid);
139 EXPECT_EQ(ruid, MAX_INT) << "Failed to set ruid=2147483647: ruid=" << ruid;
140 EXPECT_EQ(euid, MAX_INT) << "Failed to set euid=2147483647: euid=" << euid;
141 EXPECT_EQ(suid, MAX_INT) << "Failed to set suid=2147483647: suid=" << suid;
142 return 0;
143 }
144
TestSetRESUid()145 static int TestSetRESUid()
146 {
147 // Test the 'setresuid' interface
148 int ret = 0;
149 uid_t ruid = 0;
150 uid_t euid = 0;
151 uid_t suid = 0;
152 // Step 1: Verify that UID is set to 0
153 ret = setresuid(UID0, UID0, UID0);
154 if (ret != 0) {
155 EXPECT_EQ(ret, 0);
156 LOG("ErrInfo: Failed to set uid=0, now process uid=%d", getuid());
157 return FALSE;
158 }
159 // To test the function of invoking the setuid interface to set the UID=0
160 getresuid(&ruid, &euid, &suid);
161 EXPECT_EQ(ruid, UID0) << "Failed to set ruid=0: ruid=" << ruid;
162 EXPECT_EQ(euid, UID0) << "Failed to set euid=0: euid=" << euid;
163 EXPECT_EQ(suid, UID0) << "Failed to set suid=0: suid=" << suid;
164 // Step 2: Verify that UID is set to 1000
165 ret = setresuid(UID1000, UID1000, UID1000);
166 if (ret != 0) {
167 EXPECT_EQ(ret, 0);
168 LOG("ErrInfo: Failed to set uid=1000, now process uid=%d", getuid());
169 return FALSE;
170 }
171 // To test the function of invoking the setuid interface to set the UID=1000
172 getresuid(&ruid, &euid, &suid);
173 EXPECT_EQ(ruid, UID1000) << "Failed to set ruid=1000: ruid=" << ruid;
174 EXPECT_EQ(euid, UID1000) << "Failed to set euid=1000: euid=" << euid;
175 EXPECT_EQ(suid, UID1000) << "Failed to set suid=1000: suid=" << suid;
176 // Step 3: Verify that UID is set to 10000
177 ret = setresuid(UID10000, UID10000, UID10000);
178 if (ret != 0) {
179 EXPECT_EQ(ret, 0);
180 LOG("ErrInfo: Failed to set uid=10000, now process uid=%d", getuid());
181 return FALSE;
182 }
183 // To test the function of invoking the setuid interface to set the UID=10000
184 getresuid(&ruid, &euid, &suid);
185 EXPECT_EQ(ruid, UID10000) << "Failed to set ruid=10000: ruid=" << ruid;
186 EXPECT_EQ(euid, UID10000) << "Failed to set euid=10000: euid=" << euid;
187 EXPECT_EQ(suid, UID10000) << "Failed to set suid=10000: suid=" << suid;
188 // Step 4: Verify that UID is set to 2147483647
189 ret = setresuid(MAX_INT, MAX_INT, MAX_INT);
190 if (ret != 0) {
191 EXPECT_EQ(ret, 0);
192 LOG("ErrInfo: Failed to set uid=2147483647, now process uid=%d", getuid());
193 return FALSE;
194 }
195 // To test the function of invoking the setuid interface to set the UID=2147483647
196 getresuid(&ruid, &euid, &suid);
197 EXPECT_EQ(ruid, MAX_INT) << "Failed to set ruid=2147483647: ruid=" << ruid;
198 EXPECT_EQ(euid, MAX_INT) << "Failed to set euid=2147483647: euid=" << euid;
199 EXPECT_EQ(suid, MAX_INT) << "Failed to set suid=2147483647: suid=" << suid;
200 return 0;
201 }
202
TestSetUidAbnormal()203 static int TestSetUidAbnormal()
204 {
205 // Enter the exception parameter when invoke the 'setuid','setreuid','setresuid' interface
206 int ret = 0;
207 uid_t newruid = 0;
208 uid_t neweuid = 0;
209 uid_t newsuid = 0;
210 uid_t ruid = 0;
211 uid_t euid = 0;
212 uid_t suid = 0;
213 // Obtain the ruid, euid, suid of the current process
214 getresuid(&ruid, &euid, &suid);
215 // Step 1: Verify that UID is set to -100 with the 'setuid' interface
216 ret = setuid(ABNORMALINT);
217 if (ret != FALSE) {
218 EXPECT_EQ(ret, FALSE);
219 LOG("ErrInfo: Set uid=-100, now process uid=%d", getuid());
220 return FALSE;
221 }
222 // To test the function of invoking the 'setuid' interface to set the UID=-100
223 getresuid(&newruid, &neweuid, &newsuid);
224 EXPECT_EQ(newruid, ruid) << "The value of ruid changes after an invalid parameter is entered: ruid=" << ruid;
225 EXPECT_EQ(neweuid, euid) << "The value of euid changes after an invalid parameter is entered: euid=" << euid;
226 EXPECT_EQ(newsuid, suid) << "The value of suid changes after an invalid parameter is entered: suid=" << suid;
227 // Step 2: Verify that UID is set to -100 with the 'setreuid' interface
228 ret = setreuid(ABNORMALINT, ABNORMALINT);
229 if (ret != FALSE) {
230 EXPECT_EQ(ret, FALSE);
231 LOG("ErrInfo: Set uid=-100, now process uid=%d", getuid());
232 return FALSE;
233 }
234 // To test the function of invoking the 'setuid' interface to set the UID=-100
235 getresuid(&newruid, &neweuid, &newsuid);
236 EXPECT_EQ(newruid, ruid) << "The value of ruid changes after an invalid parameter is entered: ruid=" << ruid;
237 EXPECT_EQ(neweuid, euid) << "The value of euid changes after an invalid parameter is entered: euid=" << euid;
238 EXPECT_EQ(newsuid, suid) << "The value of suid changes after an invalid parameter is entered: suid=" << suid;
239 // Step 3: Verify that UID is set to -100 with the 'setreuid' interface
240 ret = setresuid(ABNORMALINT, ABNORMALINT, ABNORMALINT);
241 if (ret != FALSE) {
242 EXPECT_EQ(ret, FALSE);
243 LOG("ErrInfo: Set uid=-100, now process uid=%d", getuid());
244 return FALSE;
245 }
246 // To test the function of invoking the 'setuid' interface to set the UID=-100
247 getresuid(&newruid, &neweuid, &newsuid);
248 EXPECT_EQ(newruid, ruid) << "The value of ruid changes after an invalid parameter is entered: ruid=" << ruid;
249 EXPECT_EQ(neweuid, euid) << "The value of euid changes after an invalid parameter is entered: euid=" << euid;
250 EXPECT_EQ(newsuid, suid) << "The value of suid changes after an invalid parameter is entered: suid=" << suid;
251 return 0;
252 }
253
TestSetGid()254 static int TestSetGid()
255 {
256 // Test the 'setgid' interface
257 int ret = 0;
258 gid_t rgid = 0;
259 gid_t egid = 0;
260 gid_t sgid = 0;
261 // Step 1: Verify that GID is set to 0
262 ret = setgid(GID0);
263 if (ret != 0) {
264 EXPECT_EQ(ret, 0);
265 LOG("ErrInfo: Failed to set gid=0, now process gid=%d", getgid());
266 return FALSE;
267 }
268 // To test the function of invoking the setgid interface to set the GID=0
269 getresgid(&rgid, &egid, &sgid);
270 EXPECT_EQ(rgid, GID0) << "Failed to set rgid=0: rgid=" << rgid;
271 EXPECT_EQ(egid, GID0) << "Failed to set egid=0: egid=" << egid;
272 EXPECT_EQ(sgid, GID0) << "Failed to set sgid=0: sgid=" << sgid;
273 // Step 2: Verify that GID is set to 1000
274 ret = setgid(GID1000);
275 if (ret != 0) {
276 EXPECT_EQ(ret, 0);
277 LOG("ErrInfo: Failed to set gid=1000, now process gid=%d", getgid());
278 return FALSE;
279 }
280 // To test the function of invoking the setgid interface to set the GID=1000
281 getresgid(&rgid, &egid, &sgid);
282 EXPECT_EQ(rgid, GID1000) << "Failed to set rgid=1000: rgid=" << rgid;
283 EXPECT_EQ(egid, GID1000) << "Failed to set egid=1000: egid=" << egid;
284 EXPECT_EQ(sgid, GID1000) << "Failed to set sgid=1000: sgid=" << sgid;
285 // Step 3: Verify that GID is set to 10000
286 ret = setgid(GID10000);
287 if (ret != 0) {
288 EXPECT_EQ(ret, 0);
289 LOG("ErrInfo: Failed to set gid=10000, now process gid=%d", getgid());
290 return FALSE;
291 }
292 // To test the function of invoking the setgid interface to set the GID=10000
293 getresgid(&rgid, &egid, &sgid);
294 EXPECT_EQ(rgid, GID10000) << "Failed to set rgid=10000: rgid=" << rgid;
295 EXPECT_EQ(egid, GID10000) << "Failed to set egid=10000: egid=" << egid;
296 EXPECT_EQ(sgid, GID10000) << "Failed to set sgid=10000: sgid=" << sgid;
297 // Step 4: Verify that GID is set to 2147483647
298 ret = setgid(MAX_INT);
299 if (ret != 0) {
300 EXPECT_EQ(ret, 0);
301 LOG("ErrInfo: Failed to set gid=2147483647, now process gid=%d", getgid());
302 return FALSE;
303 }
304 // To test the function of invoking the setgid interface to set the GID=2147483647
305 getresgid(&rgid, &egid, &sgid);
306 EXPECT_EQ(rgid, MAX_INT) << "Failed to set rgid=2147483647: rgid=" << rgid;
307 EXPECT_EQ(egid, MAX_INT) << "Failed to set egid=2147483647: egid=" << egid;
308 EXPECT_EQ(sgid, MAX_INT) << "Failed to set sgid=2147483647: sgid=" << sgid;
309 return 0;
310 }
311
TestSetREGid()312 static int TestSetREGid()
313 {
314 // Test the 'setregid' interface
315 int ret = 0;
316 gid_t rgid = 0;
317 gid_t egid = 0;
318 gid_t sgid = 0;
319 // Step 1: Verify that GID is set to 0
320 ret = setregid(GID0, GID0);
321 if (ret != 0) {
322 EXPECT_EQ(ret, 0);
323 LOG("ErrInfo: Failed to set gid=0, now process gid=%d", getgid());
324 return FALSE;
325 }
326 // To test the function of invoking the setgid interface to set the GID=0
327 getresgid(&rgid, &egid, &sgid);
328 EXPECT_EQ(rgid, GID0) << "Failed to set rgid=0: rgid=" << rgid;
329 EXPECT_EQ(egid, GID0) << "Failed to set egid=0: egid=" << egid;
330 EXPECT_EQ(sgid, GID0) << "Failed to set sgid=0: sgid=" << sgid;
331 // Step 2: Verify that GID is set to 1000
332 ret = setregid(GID1000, GID1000);
333 if (ret != 0) {
334 EXPECT_EQ(ret, 0);
335 LOG("ErrInfo: Failed to set gid=1000, now process gid=%d", getgid());
336 return FALSE;
337 }
338 // To test the function of invoking the setgid interface to set the GID=1000
339 getresgid(&rgid, &egid, &sgid);
340 EXPECT_EQ(rgid, GID1000) << "Failed to set rgid=1000: rgid=" << rgid;
341 EXPECT_EQ(egid, GID1000) << "Failed to set egid=1000: egid=" << egid;
342 EXPECT_EQ(sgid, GID1000) << "Failed to set sgid=1000: sgid=" << sgid;
343 // Step 3: Verify that GID is set to 10000
344 ret = setregid(GID10000, GID10000);
345 if (ret != 0) {
346 EXPECT_EQ(ret, 0);
347 LOG("ErrInfo: Failed to set gid=10000, now process gid=%d", getgid());
348 return FALSE;
349 }
350 // To test the function of invoking the setgid interface to set the GID=10000
351 getresgid(&rgid, &egid, &sgid);
352 EXPECT_EQ(rgid, GID10000) << "Failed to set rgid=10000: rgid=" << rgid;
353 EXPECT_EQ(egid, GID10000) << "Failed to set egid=10000: egid=" << egid;
354 EXPECT_EQ(sgid, GID10000) << "Failed to set sgid=10000: sgid=" << sgid;
355 // Step 4: Verify that GID is set to 2147483647
356 ret = setregid(MAX_INT, MAX_INT);
357 if (ret != 0) {
358 EXPECT_EQ(ret, 0);
359 LOG("ErrInfo: Failed to set gid=2147483647, now process gid=%d", getgid());
360 return FALSE;
361 }
362 // To test the function of invoking the setgid interface to set the GID=2147483647
363 getresgid(&rgid, &egid, &sgid);
364 EXPECT_EQ(rgid, MAX_INT) << "Failed to set rgid=2147483647: rgid=" << rgid;
365 EXPECT_EQ(egid, MAX_INT) << "Failed to set egid=2147483647: egid=" << egid;
366 EXPECT_EQ(sgid, MAX_INT) << "Failed to set sgid=2147483647: sgid=" << sgid;
367 return 0;
368 }
369
TestSetRESGid()370 static int TestSetRESGid()
371 {
372 // Test the 'setresgid' interface
373 int ret = 0;
374 gid_t rgid = 0;
375 gid_t egid = 0;
376 gid_t sgid = 0;
377 // Step 1: Verify that GID is set to 0
378 ret = setresgid(GID0, GID0, GID0);
379 if (ret != 0) {
380 EXPECT_EQ(ret, 0);
381 LOG("ErrInfo: Failed to set gid=0, now process gid=%d", getgid());
382 return FALSE;
383 }
384 // To test the function of invoking the setgid interface to set the GID=0
385 getresgid(&rgid, &egid, &sgid);
386 EXPECT_EQ(rgid, GID0) << "Failed to set rgid=0: rgid=" << rgid;
387 EXPECT_EQ(egid, GID0) << "Failed to set egid=0: egid=" << egid;
388 EXPECT_EQ(sgid, GID0) << "Failed to set sgid=0: sgid=" << sgid;
389 // Step 2: Verify that GID is set to 1000
390 ret = setresgid(GID1000, GID1000, GID1000);
391 if (ret != 0) {
392 EXPECT_EQ(ret, 0);
393 LOG("ErrInfo: Failed to set gid=1000, now process gid=%d", getgid());
394 return FALSE;
395 }
396 // To test the function of invoking the setgid interface to set the GID=1000
397 getresgid(&rgid, &egid, &sgid);
398 EXPECT_EQ(rgid, GID1000) << "Failed to set rgid=1000: rgid=" << rgid;
399 EXPECT_EQ(egid, GID1000) << "Failed to set egid=1000: egid=" << egid;
400 EXPECT_EQ(sgid, GID1000) << "Failed to set sgid=1000: sgid=" << sgid;
401 // Step 3: Verify that GID is set to 10000
402 ret = setresgid(GID10000, GID10000, GID10000);
403 if (ret != 0) {
404 EXPECT_EQ(ret, 0);
405 LOG("ErrInfo: Failed to set gid=10000, now process gid=%d", getgid());
406 return FALSE;
407 }
408 // To test the function of invoking the setgid interface to set the GID=10000
409 getresgid(&rgid, &egid, &sgid);
410 EXPECT_EQ(rgid, GID10000) << "Failed to set rgid=10000: rgid=" << rgid;
411 EXPECT_EQ(egid, GID10000) << "Failed to set egid=10000: egid=" << egid;
412 EXPECT_EQ(sgid, GID10000) << "Failed to set sgid=10000: sgid=" << sgid;
413 // Step 4: Verify that GID is set to 2147483647
414 ret = setresgid(MAX_INT, MAX_INT, MAX_INT);
415 if (ret != 0) {
416 EXPECT_EQ(ret, 0);
417 LOG("ErrInfo: Failed to set gid=2147483647, now process gid=%d", getgid());
418 return FALSE;
419 }
420 // To test the function of invoking the setgid interface to set the GID=2147483647
421 getresgid(&rgid, &egid, &sgid);
422 EXPECT_EQ(rgid, MAX_INT) << "Failed to set rgid=2147483647: rgid=" << rgid;
423 EXPECT_EQ(egid, MAX_INT) << "Failed to set egid=2147483647: egid=" << egid;
424 EXPECT_EQ(sgid, MAX_INT) << "Failed to set sgid=2147483647: sgid=" << sgid;
425 return 0;
426 }
427
TestSetGidAbnormal()428 static int TestSetGidAbnormal()
429 {
430 // Enter the exception parameter when invoke the 'setgid','setregid','setresgid' interface
431 int ret = 0;
432 gid_t newrgid = 0;
433 gid_t newegid = 0;
434 gid_t newsgid = 0;
435 gid_t rgid = 0;
436 gid_t egid = 0;
437 gid_t sgid = 0;
438 // Obtain the rgid, egid, sgid of the current process
439 getresgid(&rgid, &egid, &sgid);
440 // Step 1: Verify that GID is set to -100 with the 'setgid' interface
441 ret = setgid(ABNORMALINT);
442 if (ret != FALSE) {
443 EXPECT_EQ(ret, FALSE);
444 LOG("ErrInfo: Set gid=-100, now process gid=%d", getgid());
445 return FALSE;
446 }
447 // To test the function of invoking the 'setgid' interface to set the GID=-100
448 getresgid(&newrgid, &newegid, &newsgid);
449 EXPECT_EQ(newrgid, rgid) << "The value of rgid changes after an invalid parameter is entered: rgid=" << rgid;
450 EXPECT_EQ(newegid, egid) << "The value of egid changes after an invalid parameter is entered: egid=" << egid;
451 EXPECT_EQ(newsgid, sgid) << "The value of sgid changes after an invalid parameter is entered: sgid=" << sgid;
452 // Step 2: Verify that GID is set to -100 with the 'setregid' interface
453 ret = setregid(ABNORMALINT, ABNORMALINT);
454 if (ret != FALSE) {
455 EXPECT_EQ(ret, FALSE);
456 LOG("ErrInfo: Set gid=-100, now process gid=%d", getgid());
457 return FALSE;
458 }
459 // To test the function of invoking the 'setgid' interface to set the GID=-100
460 getresgid(&newrgid, &newegid, &newsgid);
461 EXPECT_EQ(newrgid, rgid) << "The value of rgid changes after an invalid parameter is entered: rgid=" << rgid;
462 EXPECT_EQ(newegid, egid) << "The value of egid changes after an invalid parameter is entered: egid=" << egid;
463 EXPECT_EQ(newsgid, sgid) << "The value of sgid changes after an invalid parameter is entered: sgid=" << sgid;
464 // Step 3: Verify that GID is set to -100 with the 'setregid' interface
465 ret = setresgid(ABNORMALINT, ABNORMALINT, ABNORMALINT);
466 if (ret != FALSE) {
467 EXPECT_EQ(ret, FALSE);
468 LOG("ErrInfo: Set gid=-100, now process gid=%d", getgid());
469 return FALSE;
470 }
471 // To test the function of invoking the 'setgid' interface to set the GID=-100
472 getresgid(&newrgid, &newegid, &newsgid);
473 EXPECT_EQ(newrgid, rgid) << "The value of rgid changes after an invalid parameter is entered: rgid=" << rgid;
474 EXPECT_EQ(newegid, egid) << "The value of egid changes after an invalid parameter is entered: egid=" << egid;
475 EXPECT_EQ(newsgid, sgid) << "The value of sgid changes after an invalid parameter is entered: sgid=" << sgid;
476 return 0;
477 }
478
TestSetGroups()479 static int TestSetGroups()
480 {
481 // Test the 'setgroups' interface
482 int ret;
483 gid_t list[SIZE255];
484 for (size_t num = 0; num < SIZE253; num++) {
485 list[num] = num;
486 }
487 list[SIZE254] = MAX_INT;
488 ret = setgroups(SIZE255, list);
489 if (ret != 0) {
490 EXPECT_EQ(ret, 0);
491 LOG("ErrInfo: Failed to set groups");
492 return FALSE;
493 }
494 return 0;
495 }
496
TsetFork(uid_t uid,gid_t gid,size_t size,const gid_t list[])497 static void TsetFork(uid_t uid, gid_t gid, size_t size, const gid_t list[])
498 {
499 // The sub process inherits the UID, GID, and groups of the parent process
500 int ret;
501 int status = 0;
502 gid_t reallist[SIZE255];
503 // Preset action: Adjust the UID, GID, and groups of the parent process
504 ret = setuid(uid);
505 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set uid, now process uid=" << getuid();
506 ret = setgid(gid);
507 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set gid, now process gid=" << getgid();
508 setgroups(0, nullptr);
509 ret = setgroups(size, list);
510 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set groups";
511 // Preset action: Fork a sub process
512 pid_t pid = fork();
513 ASSERT_TRUE(pid >= 0) << "======== Fork Error! =========";
514 usleep(SLEEP_NUM);
515 if (pid == 0) {
516 int exitCode = 0;
517 // Step 1: Inheritance test of sub process UID
518 uid_t retuid = getuid();
519 if (retuid != uid) {
520 LOG("ErrInfo: The sub process UID changes when fork process, now process uid=%d", getuid());
521 exitCode = 1;
522 }
523 // Step 2: Inheritance test of sub process GID
524 gid_t retgid = getgid();
525 if (retgid != gid) {
526 LOG("ErrInfo: The sub process GID changes when fork process, now process gid=%d", getgid());
527 exitCode = 1;
528 }
529 // Step 3: Inheritance test of sub process groups
530 int retgroups = getgroups(0, reallist);
531 if (retgroups == FALSE) {
532 LOG("ErrInfo: Failed to get groups");
533 exitCode = 1;
534 }
535 // Step 4: The sub process exit with the exitCode
536 exit(exitCode);
537 } else {
538 // Step 5: The parent process wait for the sub process to exit and obtain the exitCode
539 waitpid(pid, &status, 0);
540 EXPECT_NE(WIFEXITED(status), 0) << "ErrInfo: The sub process exit error, child_pid = " << pid;
541 EXPECT_EQ(WEXITSTATUS(status), 0) << "ErrInfo: The exitCode is wrong, please query logs, child_pid = " << pid;
542 }
543 }
544
ChangeSensitiveInformation()545 static int ChangeSensitiveInformation()
546 {
547 int fd = 0;
548 int ret = 0;
549 int exitCode = 0;
550 char dac[] = "DACPreTest!\n";
551 // Failed to read sensitive information
552 fd = open("/proc/process", O_WRONLY);
553 if (fd >= 0) {
554 ret = write(fd, dac, sizeof(dac));
555 if (ret != FALSE) {
556 LOG("ErrInfo: Change sensitive information, ret = %d", ret);
557 exitCode = 1;
558 }
559 close(fd);
560 }
561 return exitCode;
562 }
563
564 /*
565 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0010
566 * @tc.name : Invoke the interface to set the process UID
567 * @tc.desc : [C- SECURITY -0200]
568 */
569 HWTEST_F(DacTestSuite, DACTest0010, Function | MediumTest | Level1)
570 {
571 int ret = 0;
572 uid_t ruid = 0;
573 uid_t euid = 0;
574 uid_t suid = 0;
575 uid_t newruid = 0;
576 uid_t neweuid = 0;
577 uid_t newsuid = 0;
578 // Preset action: Obtain the ruid, euid, suid of the current process
579 getresuid(&ruid, &euid, &suid);
580 // Step 1: Test the 'setuid' interface
581 ret = TestSetUid();
582 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetUid() exit error";
583 // Step 2: Test the 'setreuid' interface
584 ret = TestSetREUid();
585 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetREUid() exit error";
586 // Step 3: Test the 'setreuid' interface
587 ret = TestSetRESUid();
588 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetRESUid() exit error";
589 // Step 4: Enter the exception parameter when invoke the 'setuid','setreuid','setresuid' interface
590 ret = TestSetUidAbnormal();
591 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetUidAbnormal() exit error";
592 // Cleanup action: Restore the initial UID of the process
593 ret = setresuid(ruid, euid, suid);
594 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial UID of the process";
595 getresuid(&newruid, &neweuid, &newsuid);
596 EXPECT_EQ(newruid, ruid) << "The value of ruid changes after testcase: ruid=" << ruid;
597 EXPECT_EQ(neweuid, euid) << "The value of euid changes after testcase: euid=" << euid;
598 EXPECT_EQ(newsuid, suid) << "The value of suid changes after testcase: suid=" << suid;
599 }
600
601 /*
602 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0020
603 * @tc.name : Invoke the interface to set the process GID
604 * @tc.desc : [C- SECURITY -0200]
605 */
606 HWTEST_F(DacTestSuite, DACTest0020, Function | MediumTest | Level1)
607 {
608 int ret = 0;
609 gid_t rgid = 0;
610 gid_t egid = 0;
611 gid_t sgid = 0;
612 gid_t newrgid = 0;
613 gid_t newegid = 0;
614 gid_t newsgid = 0;
615 // Preset action: Obtain the rgid, egid, sgid of the current process
616 getresgid(&rgid, &egid, &sgid);
617 // Step 1: Test the 'setgid' interface
618 ret = TestSetGid();
619 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetGid() exit error";
620 // Step 2: Test the 'setregid' interface
621 ret = TestSetREGid();
622 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetREGid() exit error";
623 // Step 3: Test the 'setregid' interface
624 ret = TestSetRESGid();
625 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetRESGid() exit error";
626 // Step 4: Enter the exception parameter when invoke the 'setgid','setregid','setresgid' interface
627 ret = TestSetGidAbnormal();
628 EXPECT_EQ(ret, 0) << "ErrInfo: TestSetGidAbnormal() exit error";
629 // Cleanup action: Restore the initial GID of the process
630 ret = setresgid(rgid, egid, sgid);
631 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial GID of the process";
632 getresgid(&newrgid, &newegid, &newsgid);
633 EXPECT_EQ(newrgid, rgid) << "The value of rgid changes after testcase: rgid=" << rgid;
634 EXPECT_EQ(newegid, egid) << "The value of egid changes after testcase: egid=" << egid;
635 EXPECT_EQ(newsgid, sgid) << "The value of sgid changes after testcase: sgid=" << sgid;
636 }
637
638 /*
639 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0030
640 * @tc.name : Invoke the setgroups interface to set the process groups that contain a single GID or an empty value
641 * @tc.desc : [C- SECURITY -0200]
642 */
643 HWTEST_F(DacTestSuite, DACTest0030, Function | MediumTest | Level1)
644 {
645 int ret;
646 gid_t grouplist[SIZE255];
647 // Preset action: Obtain the groups of the current process
648 unsigned int groupsize = getgroups(0, grouplist);
649 if (groupsize >= 0) {
650 getgroups(groupsize, grouplist);
651 // Preset action: Obtain the group lists required for the testcase
652 gid_t list1[SIZE1] = {1};
653 gid_t list2[SIZE1] = {MAX_INT};
654 gid_t list3[SIZE1] = {};
655 // Step 1: Set the group list to {1}
656 ret = setgroups(SIZE1, list1);
657 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {1}";
658 // Step 2: Set the group list to {2147483647}
659 ret = setgroups(SIZE1, list2);
660 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {2147483647}";
661 // Step 3: Set the group list to {}
662 ret = setgroups(SIZE1, list3);
663 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {}";
664 // Cleanup action: Restore the initial groups of the process
665 setgroups(0, nullptr);
666 ret = setgroups(groupsize, grouplist);
667 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial groups of the process";
668 } else {
669 EXPECT_GE(groupsize, 0) << "ErrInfo: Failed to get groups";
670 }
671 }
672
673 /*
674 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0040
675 * @tc.name : Invoke the setgroups interface to set the process groups that contain the same GID
676 * @tc.desc : [C- SECURITY -0200]
677 */
678 HWTEST_F(DacTestSuite, DACTest0040, Function | MediumTest | Level2)
679 {
680 int ret;
681 gid_t grouplist[SIZE255];
682 // Preset action: Obtain the groups of the current process
683 unsigned int groupsize = getgroups(0, grouplist);
684 if (groupsize >= 0) {
685 getgroups(groupsize, grouplist);
686 // Preset action: Obtain the group lists required for the testcase
687 gid_t list1[SIZE2]={GID0, GID0};
688 gid_t list2[SIZE2]={GID1, GID1};
689 gid_t list3[SIZE2]={MAX_INT, MAX_INT};
690 // Step 1: Set the group list to {0, 0}
691 ret = setgroups(SIZE2, list1);
692 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {0, 0}";
693 // Step 2: Set the group list to {1, 1}
694 ret = setgroups(SIZE2, list2);
695 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {1, 1}";
696 // Step 3: Set the group list to {2147483647, 2147483647}
697 ret = setgroups(SIZE2, list3);
698 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {2147483647, 2147483647}";
699 // Cleanup action: Restore the initial groups of the process
700 setgroups(0, nullptr);
701 ret = setgroups(groupsize, grouplist);
702 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial groups of the process";
703 } else {
704 EXPECT_GE(groupsize, 0) << "ErrInfo: Failed to get groups";
705 }
706 }
707
708 /*
709 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0050
710 * @tc.name : Invoke the setgroups interface to set the process groups that contain the duplicate GIDs
711 * @tc.desc : [C- SECURITY -0200]
712 */
713 HWTEST_F(DacTestSuite, DACTest0050, Function | MediumTest | Level3)
714 {
715 int ret;
716 gid_t grouplist[SIZE255];
717 // Preset action: Obtain the groups of the current process
718 unsigned int groupsize = getgroups(0, grouplist);
719 if (groupsize >= 0) {
720 getgroups(groupsize, grouplist);
721 // Preset action: Obtain the group lists required for the testcase
722 gid_t list1[SIZE3]={GID0, GID0, MAX_INT};
723 gid_t list2[SIZE3]={GID10000, GID10000, MAX_INT};
724 gid_t list3[SIZE3]={GID0, MAX_INT, MAX_INT};
725 // Step 1: Set the group list to {0, 0, 2147483647}
726 ret = setgroups(SIZE3, list1);
727 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {0, 0, 2147483647}";
728 // Step 2: Set the group list to {10000, 10000, 2147483647}
729 ret = setgroups(SIZE3, list2);
730 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {10000, 10000, 2147483647}";
731 // Step 3: Set the group list to {0, 2147483647, 2147483647}
732 ret = setgroups(SIZE3, list3);
733 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {0, 2147483647, 2147483647}";
734 // Cleanup action: Restore the initial groups of the process
735 setgroups(0, nullptr);
736 ret = setgroups(groupsize, grouplist);
737 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial groups of the process";
738 } else {
739 EXPECT_GE(groupsize, 0) << "ErrInfo: Failed to get groups";
740 }
741 }
742
743 /*
744 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0060
745 * @tc.name : Invoke the setgroups interface to set the process groups that contain all different GIDs
746 * @tc.desc : [C- SECURITY -0200]
747 */
748 HWTEST_F(DacTestSuite, DACTest0060, Function | MediumTest | Level3)
749 {
750 int ret;
751 gid_t grouplist[SIZE255];
752 // Preset action: Obtain the groups of the current process
753 size_t groupsize = getgroups(0, grouplist);
754 if (groupsize >= 0) {
755 getgroups(groupsize, grouplist);
756 // Preset action: Obtain the group lists required for the testcase
757 gid_t list0[SIZE255];
758 for (size_t num0 = 0; num0 < SIZE254; num0++) {
759 list0[num0] = num0;
760 }
761 list0[SIZE254] = MAX_INT;
762 gid_t list1[INVAILD_SIZE];
763 for (size_t num1 = 0; num1 < MAX_SIZE; num1++) {
764 list1[num1] = num1;
765 }
766 list1[MAX_SIZE] = MAX_INT;
767 // Step 1: Set 255 different group lists
768 ret = setgroups(SIZE255, list0);
769 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to set the group list to {0, 1, 2, ..., 255}";
770 // Step 2: Set the number of groups that exceed the upper limit
771 ret = setgroups(INVAILD_SIZE, list1);
772 EXPECT_EQ(ret, FALSE) << "ErrInfo: Set groups size over max, size=65537";
773 // Cleanup action: Restore the initial groups of the process
774 setgroups(0, nullptr);
775 ret = setgroups(groupsize, grouplist);
776 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial groups of the process";
777 } else {
778 EXPECT_GE(groupsize, 0) << "ErrInfo: Failed to get groups";
779 }
780 }
781
782 /*
783 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0070
784 * @tc.name : Invoke the setuid, gid, and groups interfaces to set the uid, gid,
785 and groups of processes concurrently
786 * @tc.desc : [C- SECURITY -0200]
787 */
788 HWTEST_F(DacTestSuite, DACTest0070, Security | MediumTest | Level2)
789 {
790 int ret;
791 int status = 0;
792 // Preset action: Fork three sub processes
793 pid_t pid;
794 for (int num = 0; num < NUM3; num++) {
795 pid = fork();
796 ASSERT_TRUE(pid >= 0) << "======== Fork Error! =========";
797 usleep(SLEEP_NUM);
798 if (pid == 0) {
799 break;
800 }
801 }
802 // get one parent & three children
803 if (pid == 0) {
804 int exitCode = 0;
805 for (int number = 0; number < NUM3000; number++) {
806 // Preset action: Initialize the subprocess UID, GID and groups
807 setuid(0);
808 setgid(0);
809 setgroups(0, nullptr);
810 // Step 1: Test the 'setuid' interface concurrently
811 ret = TestSetUid();
812 if (ret != 0) {
813 LOG("ErrInfo: TestSetUid error during the %d time", number);
814 exitCode = 1;
815 break;
816 }
817 // Step 2: Test the 'setgid' interface concurrently
818 ret = TestSetGid();
819 if (ret != 0) {
820 LOG("ErrInfo: TestSetGid error during the %d time", number);
821 exitCode = 1;
822 break;
823 }
824 // Step 2: Test the 'setgroups' interface concurrently
825 ret = TestSetGroups();
826 if (ret != 0) {
827 LOG("ErrInfo: TestSetGroups error during the %d time", number);
828 exitCode = 1;
829 break;
830 }
831 }
832 // Step 3: Three sub processes exit with the exitCode
833 exit(exitCode);
834 } else {
835 // Step 4: The parent process wait for three sub processes to exit and obtain the exitCode
836 for (int num2 = 0; num2 < NUM3; num2++) {
837 wait(&status);
838 EXPECT_NE(WIFEXITED(status), 0) << "ErrInfo: The sub process exit error, child_pid = " << pid;
839 EXPECT_EQ(WEXITSTATUS(status), 0) << "ErrInfo: Pid = "<< pid
840 << ", its exitCode is wrong and test case failed, please query logs";
841 }
842 }
843 }
844
845 /*
846 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0080
847 * @tc.name : Inheritance of process UID, GID and groups
848 * @tc.desc : [C- SECURITY -0200]
849 */
850 HWTEST_F(DacTestSuite, DACTest0080, Function | MediumTest | Level2)
851 {
852 int ret;
853 uid_t ruid = 0; uid_t euid = 0; uid_t suid = 0;
854 uid_t newruid = 0; uid_t neweuid = 0; uid_t newsuid = 0;
855 gid_t rgid = 0; gid_t egid = 0; gid_t sgid = 0;
856 gid_t newrgid = 0; gid_t newegid = 0; gid_t newsgid = 0;
857 gid_t grouplist[SIZE255];
858 // Preset action: Obtain the ruid, euid, suid of the current process
859 getresuid(&ruid, &euid, &suid);
860 // Preset action: Obtain the rgid, egid, sgid of the current process
861 getresgid(&rgid, &egid, &sgid);
862 // Preset action: Obtain the groups of the current process
863 int groupsize = getgroups(0, grouplist);
864 if (groupsize >= 0) {
865 getgroups(groupsize, grouplist);
866 // Preset action: Obtain the group lists required for the testcase
867 gid_t list1[SIZE1] = {GID10000};
868 gid_t list2[SIZE1] = {};
869 gid_t list3[SIZE255];
870 for (size_t num = 0; num < SIZE254; num++) {
871 list3[num] = num;
872 }
873 list3[SIZE254] = MAX_INT;
874 // Step 1: Factor combination test of UID, GID, and groups
875 TsetFork(UID0, GID10000, SIZE1, list1);
876 TsetFork(UID10000, GID10000, SIZE1, list1);
877 TsetFork(MAX_INT, GID10000, SIZE1, list1);
878 TsetFork(UID10000, GID0, SIZE1, list1);
879 TsetFork(UID10000, MAX_INT, SIZE1, list1);
880 TsetFork(UID10000, GID10000, SIZE1, list2);
881 TsetFork(UID10000, GID10000, SIZE255, list3);
882 // Cleanup action: Restore the initial UID of the process
883 ret = setresuid(ruid, euid, suid);
884 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial UID of the process";
885 getresuid(&newruid, &neweuid, &newsuid);
886 EXPECT_EQ(newruid, ruid) << "The value of ruid changes after testcase: ruid=" << ruid;
887 EXPECT_EQ(neweuid, euid) << "The value of euid changes after testcase: euid=" << euid;
888 EXPECT_EQ(newsuid, suid) << "The value of suid changes after testcase: suid=" << suid;
889 // Cleanup action: Restore the initial GID of the process
890 ret = setresgid(rgid, egid, sgid);
891 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial GID of the process";
892 getresgid(&newrgid, &newegid, &newsgid);
893 EXPECT_EQ(newrgid, rgid) << "The value of rgid changes after testcase: rgid=" << rgid;
894 EXPECT_EQ(newegid, egid) << "The value of egid changes after testcase: egid=" << egid;
895 EXPECT_EQ(newsgid, sgid) << "The value of sgid changes after testcase: sgid=" << sgid;
896 // Cleanup action: Restore the initial groups of the process
897 setgroups(0, nullptr);
898 ret = setgroups(groupsize, grouplist);
899 EXPECT_EQ(ret, 0) << "ErrInfo: Failed to restore the initial groups of the process";
900 } else {
901 EXPECT_GE(groupsize, 0) << "ErrInfo: Failed to get groups";
902 }
903 }
904
905 /*
906 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0120
907 * @tc.name : Failed to use the third-party app UID to change sensitive information
908 * @tc.desc : [C- SECURITY -0200]
909 */
910 HWTEST_F(DacTestSuite, DACTest0120, Security | MediumTest | Level2)
911 {
912 int ret;
913 int status = 0;
914 // Preset action: Fork a sub process
915 pid_t pid = fork();
916 ASSERT_TRUE(pid >= 0) << "======== Fork Error! =========";
917 usleep(SLEEP_NUM);
918 if (pid == 0) {
919 int exitCode = 0;
920 // Step 1: Set the process uid and gid to the third-party application uid and gid
921 ret = SetUidGid(UID20000, GID20000);
922 if (ret != 0) {
923 LOG("ErrInfo: Failed to set the process uid and gid");
924 exitCode = 1;
925 }
926 // Step 2: Drop all the sub process capabilities
927 ret = DropAllCAP();
928 if (ret != 0) {
929 LOG("ErrInfo: Failed to drop all the sub process capabilities");
930 exitCode = 1;
931 }
932 // Step 3: Failed to change sensitive information
933 ret = ChangeSensitiveInformation();
934 if (ret != 0) {
935 LOG("ErrInfo: change sensitive information");
936 exitCode = 1;
937 }
938 // Step 4: The sub process exit with the exitCode
939 exit(exitCode);
940 } else {
941 // Step 5: The parent process wait for the sub process to exit and obtain the exitCode
942 waitpid(pid, &status, 0);
943 EXPECT_NE(WIFEXITED(status), 0) << "ErrInfo: The sub process exit error, child_pid = " << pid;
944 EXPECT_EQ(WEXITSTATUS(status), 0) << "ErrInfo: The exitCode is wrong, please query logs, child_pid = " << pid;
945 }
946 }
947
948 /*
949 * @tc.number : SUB_SEC_AppSEC_PermissionMgmt_DAC_0130
950 * @tc.name : Performance test of the setuid, setgid and setgroups interface
951 * @tc.desc : [C- SECURITY -0200]
952 */
953 HWTEST_F(DacTestSuite, DACTest0130, Performance | MediumTest | Level2)
954 {
955 struct timespec tp = { 0 };
956 struct timespec starttime = { 0 };
957 struct timespec endtime = { 0 };
958 tp.tv_sec = 0;
959 tp.tv_nsec = 0;
960 // Preset action: Obtain the group lists required for the testcase
961 gid_t list[SIZE255];
962 for (size_t num = 0; num < SIZE253; num++) {
963 list[num] = num;
964 }
965 // Preset action: Obtains the system time -> starttime
966 clock_gettime(CLOCK_REALTIME, &starttime);
967 for (int number = 0; number < NUM10000; number++) {
968 list[SIZE254] = number;
969 // Step 1.1: Setuid for 10000 times
970 setuid(number);
971 // Step 1.2: Setgid for 10000 times
972 setgid(number);
973 // Step 1.3: Setgroups for 10000 times
974 setgroups(SIZE255, list);
975 }
976 // Step 2: Obtains the system time again -> endtime
977 clock_gettime(CLOCK_REALTIME, &endtime);
978 // Step 3: Compare the starttime and the endtime -> tp
979 tp = CompareTime(starttime, endtime);
980 EXPECT_LE(tp.tv_sec, NUM20) << "ErrInfo: Chown for 10000 times used " << tp.tv_sec << "." << tp.tv_nsec << "s";
981 // Cleanup action: Restore the uid, gid and groups of the process to zero
982 SetUidGid(UID0, GID0);
983 setgroups(0, nullptr);
984 }
985 #endif
986