1 /*
2 * Author: Joshua Brindle <jbrindle@tresys.com>
3 *
4 * Copyright (C) 2006 Tresys Technology, LLC
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include "test-linker-cond-map.h"
22 #include "parse_util.h"
23 #include "helpers.h"
24 #include "test-common.h"
25
26 #include <sepol/policydb/policydb.h>
27 #include <sepol/policydb/link.h>
28 #include <sepol/policydb/conditional.h>
29
30 #include <CUnit/Basic.h>
31 #include <stdlib.h>
32
33 /* Tests for conditionals
34 * Test each cond/bool for these
35 * - boolean copied correctly (state is correct)
36 * - conditional expression is correct
37 * Tests:
38 * - single boolean in base
39 * - single boolean in module
40 * - single boolean in base optional
41 * - single boolean in module optional
42 * - 2 booleans in base
43 * - 2 booleans in module
44 * - 2 booleans in base optional
45 * - 2 booleans in module optional
46 * - 2 booleans, base and module
47 * - 2 booleans, base optional and module
48 * - 2 booleans, base optional and module optional
49 * - 3 booleans, base, base optional, module
50 * - 4 boolean, base, base optional, module, module optional
51 */
52
53 typedef struct test_cond_expr {
54 const char *bool;
55 uint32_t expr_type;
56 } test_cond_expr_t;
57
test_cond_expr_mapping(policydb_t * p,avrule_decl_t * d,test_cond_expr_t * bools,int len)58 static void test_cond_expr_mapping(policydb_t * p, avrule_decl_t * d, test_cond_expr_t * bools, int len)
59 {
60 int i;
61 cond_expr_t *expr;
62
63 CU_ASSERT_FATAL(d->cond_list != NULL);
64 CU_ASSERT_FATAL(d->cond_list->expr != NULL);
65
66 expr = d->cond_list->expr;
67
68 for (i = 0; i < len; i++) {
69 CU_ASSERT_FATAL(expr != NULL);
70
71 CU_ASSERT(expr->expr_type == bools[i].expr_type);
72 if (bools[i].bool) {
73 CU_ASSERT(strcmp(p->sym_val_to_name[SYM_BOOLS][expr->bool - 1], bools[i].bool) == 0);
74 }
75 expr = expr->next;
76 }
77 }
78
test_bool_state(policydb_t * p,const char * bool,int state)79 static void test_bool_state(policydb_t * p, const char *bool, int state)
80 {
81 cond_bool_datum_t *b;
82
83 b = hashtab_search(p->p_bools.table, bool);
84 CU_ASSERT_FATAL(b != NULL);
85 CU_ASSERT(b->state == state);
86 }
87
base_cond_tests(policydb_t * base)88 void base_cond_tests(policydb_t * base)
89 {
90 avrule_decl_t *d;
91 unsigned int decls[1];
92 test_cond_expr_t bools[2];
93
94 /* these tests look at booleans and conditionals in the base only
95 * to ensure that they aren't altered or removed during the link process */
96
97 /* bool existence and state, global scope */
98 d = test_find_decl_by_sym(base, SYM_TYPES, "tag_g_b");
99 decls[0] = d->decl_id;
100 test_sym_presence(base, "g_b_bool_1", SYM_BOOLS, SCOPE_DECL, decls, 1);
101 test_bool_state(base, "g_b_bool_1", 0);
102 /* conditional expression mapped correctly */
103 bools[0].bool = "g_b_bool_1";
104 bools[0].expr_type = COND_BOOL;
105 test_cond_expr_mapping(base, d, bools, 1);
106
107 /* bool existence and state, optional scope */
108 d = test_find_decl_by_sym(base, SYM_TYPES, "tag_o1_b");
109 decls[0] = d->decl_id;
110 test_sym_presence(base, "o1_b_bool_1", SYM_BOOLS, SCOPE_DECL, decls, 1);
111 test_bool_state(base, "o1_b_bool_1", 1);
112 /* conditional expression mapped correctly */
113 bools[0].bool = "o1_b_bool_1";
114 bools[0].expr_type = COND_BOOL;
115 test_cond_expr_mapping(base, d, bools, 1);
116
117 }
118
module_cond_tests(policydb_t * base)119 void module_cond_tests(policydb_t * base)
120 {
121 avrule_decl_t *d;
122 unsigned int decls[1];
123 test_cond_expr_t bools[3];
124
125 /* bool existence and state, module 1 global scope */
126 d = test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m1");
127 decls[0] = d->decl_id;
128 test_sym_presence(base, "g_m1_bool_1", SYM_BOOLS, SCOPE_DECL, decls, 1);
129 test_bool_state(base, "g_m1_bool_1", 1);
130 /* conditional expression mapped correctly */
131 bools[0].bool = "g_m1_bool_1";
132 bools[0].expr_type = COND_BOOL;
133 test_cond_expr_mapping(base, d, bools, 1);
134
135 /* bool existence and state, module 1 optional scope */
136 d = test_find_decl_by_sym(base, SYM_TYPES, "tag_o1_m1");
137 decls[0] = d->decl_id;
138 test_sym_presence(base, "o1_m1_bool_1", SYM_BOOLS, SCOPE_DECL, decls, 1);
139 test_bool_state(base, "o1_m1_bool_1", 0);
140 /* conditional expression mapped correctly */
141 bools[0].bool = "o1_m1_bool_1";
142 bools[0].expr_type = COND_BOOL;
143 test_cond_expr_mapping(base, d, bools, 1);
144
145 /* bool existence and state, module 2 global scope */
146 d = test_find_decl_by_sym(base, SYM_TYPES, "tag_g_m2");
147 decls[0] = d->decl_id;
148 test_sym_presence(base, "g_m2_bool_1", SYM_BOOLS, SCOPE_DECL, decls, 1);
149 test_sym_presence(base, "g_m2_bool_2", SYM_BOOLS, SCOPE_DECL, decls, 1);
150 test_bool_state(base, "g_m2_bool_1", 1);
151 test_bool_state(base, "g_m2_bool_2", 0);
152 /* conditional expression mapped correctly */
153 bools[0].bool = "g_m2_bool_1";
154 bools[0].expr_type = COND_BOOL;
155 bools[1].bool = "g_m2_bool_2";
156 bools[1].expr_type = COND_BOOL;
157 bools[2].bool = NULL;
158 bools[2].expr_type = COND_AND;
159 test_cond_expr_mapping(base, d, bools, 3);
160 }
161