1 /******************************************************************************/
2 /* This program is free software; you can redistribute it and/or modify */
3 /* it under the terms of the GNU General Public License as published by */
4 /* the Free Software Foundation; either version 2 of the License, or */
5 /* (at your option) any later version. */
6 /* */
7 /* This program is distributed in the hope that it will be useful, */
8 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */
9 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */
10 /* the GNU General Public License for more details. */
11 /* */
12 /* You should have received a copy of the GNU General Public License */
13 /* along with this program; if not, write to the Free Software */
14 /* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */
15 /* */
16 /******************************************************************************/
17 /*
18 * tomoyo_policy_io_test.c
19 *
20 * Testing program for security/tomoyo/
21 *
22 * Copyright (C) 2005-2010 NTT DATA CORPORATION
23 */
24 #include "include.h"
25
26 static FILE *policy_fp = NULL;
27 static const char *policy_file = "";
28
try_io(const char * policy,const char should_success)29 static void try_io(const char *policy, const char should_success)
30 {
31 FILE *fp = fopen(policy_file, "r");
32 char buffer[8192];
33 int policy_found = 0;
34 memset(buffer, 0, sizeof(buffer));
35 printf("%s: ", policy);
36 fprintf(policy_fp, "%s\n", policy);
37 if (!fp) {
38 printf("BUG: policy read failed\n");
39 return;
40 }
41 while (fgets(buffer, sizeof(buffer) - 1, fp)) {
42 char *cp = strchr(buffer, '\n');
43 if (cp)
44 *cp = '\0';
45 if (!strcmp(buffer, policy)) {
46 policy_found = 1;
47 break;
48 }
49 }
50 fclose(fp);
51 if (should_success) {
52 if (policy_found)
53 printf("OK\n");
54 else
55 printf("BUG: policy write failed\n");
56 } else {
57 if (!policy_found)
58 printf("OK : write rejected.\n");
59 else
60 printf("BUG: policy write not rejected.\n");
61 }
62 fprintf(policy_fp, "delete %s\n", policy);
63 }
64
stage_policy_io_test(void)65 static void stage_policy_io_test(void)
66 {
67 int i;
68 policy_file = proc_policy_domain_policy;
69 policy_fp = domain_fp;
70 for (i = 0; i < 3; i++) {
71 try_io("allow_chroot /", 1);
72 try_io("allow_chroot ", 0);
73 try_io("allow_chroot /mnt0/", 1);
74 try_io("allow_chroot /var1/chroot2/", 1);
75 try_io("allow_chroot /mnt0/", 1);
76 try_io("allow_chroot /mnt0/", 1);
77 try_io("allow_chroot /mnt0/", 1);
78 try_io("allow_chroot /mnt\\?\\*/", 1);
79 try_io("allow_chroot /mnt\\?\\*/", 1);
80 try_io("allow_unmount /", 1);
81 try_io("allow_unmount /sys1/", 1);
82 try_io("allow_unmount /initrd2/", 1);
83 try_io("allow_unmount /initrd/dev3/", 1);
84 try_io("allow_unmount /initrd/\\*\\+/", 1);
85 try_io("allow_unmount /initrd/\\@\\*/", 1);
86 try_io("allow_unmount /initrd2/", 1);
87 try_io("allow_pivot_root / /proc3/", 1);
88 try_io("allow_pivot_root /sys5/ /proc3/", 1);
89 try_io("allow_pivot_root /sys/", 0);
90 try_io("allow_pivot_root *", 0);
91 try_io("allow_pivot_root /sys5/ /proc3/", 1);
92 try_io("allow_mount / / --bind 0xD", 1);
93 try_io("allow_mount / / --move 0xF", 1);
94 try_io("allow_mount / --remount", 0);
95 try_io("allow_mount /", 0);
96 try_io("allow_mount none /tmp/ tmpfs 0x1", 1);
97 try_io("allow_mount none /tmp/ tmpfs", 0);
98 try_io("allow_mount none /tmp/ nonexistent 0x0", 1);
99 try_io("allow_mount none /proc/ proc 0x0", 1);
100 try_io("allow_mount none /selinux/ selinuxfs 0x0", 1);
101 try_io("allow_mount /proc/bus/usb /proc/bus/usb/ usbfs 0x0", 1);
102 try_io("allow_mount none /dev/pts/ devpts 0x0", 1);
103 try_io("allow_mount any / --remount 0xC00", 1);
104 try_io("allow_mount /dev/sda1 /boot/ ext3 0xC00", 1);
105 try_io("allow_mount none /dev/shm/ tmpfs 0x0", 1);
106 try_io("allow_mount none /proc/sys/fs/binfmt_misc/ binfmt_misc "
107 "0x0", 1);
108 try_io("allow_mount none /proc/sys/fs/binfmt_misc/ binfmt_misc "
109 "0x0 0x1", 0);
110 try_io("allow_mount none /proc/sys/fs/binfmt_misc/ tmpfs "
111 "binfmt_misc 0x0", 0);
112 try_io("allow_mount /proc/bus/usb /proc/bus/usb/ usbfs 0x0", 1);
113 }
114 policy_file = proc_policy_exception_policy;
115 policy_fp = exception_fp;
116 for (i = 0; i < 3; i++) {
117 try_io("allow_read /tmp/abc", 1);
118 try_io("allow_read /tmp/abc\\*", 1);
119 try_io("allow_read abc", 1);
120 try_io("allow_read /tmp/abc/", 1);
121 try_io("allow_read", 0);
122 try_io("allow_read *", 1);
123 try_io("file_pattern /\\*\\*\\*", 1);
124 try_io("file_pattern /abc", 1);
125 try_io("file_pattern /abc /def", 0);
126 try_io("file_pattern abcdef", 1);
127 try_io("path_group TEST /", 1);
128 try_io("path_group TEST /boo", 1);
129 try_io("path_group TEST /bar", 1);
130 try_io("path_group TEST /\\*", 1);
131 try_io("path_group TEST / /", 0);
132 try_io("path_group TEST /boo", 1);
133 try_io("path_group TEST /bar", 1);
134 try_io("path_group TEST boo", 1);
135 try_io("path_group TEST boo/", 1);
136 try_io("path_group TEST /bar", 1);
137 try_io("path_group TEST3 /\\*", 1);
138 try_io("path_group TEST3 / /", 0);
139 try_io("path_group TEST3 /boo", 1);
140 try_io("path_group TEST3 /bar", 1);
141 try_io("path_group TEST3 boo", 1);
142 try_io("path_group TEST3 boo/", 1);
143 try_io("deny_rewrite /", 1);
144 try_io("deny_rewrite /foo", 1);
145 try_io("deny_rewrite /\\*", 1);
146 try_io("deny_rewrite /\\:", 0);
147 try_io("deny_rewrite / /", 0);
148 try_io("deny_rewrite @/TEST", 1);
149 try_io("aggregator /boo/\\* /BOO", 1);
150 try_io("aggregator /boo/\\* /BOO\\*", 0);
151 try_io("aggregator /boo/\\*/ /BOO", 1);
152 try_io("aggregator /boo/\\* /BOO/", 1);
153 try_io("keep_domain <kernel>", 1);
154 try_io("keep_domain <kernel> /sbin/init", 1);
155 try_io("keep_domain <kernel> foo", 0);
156 try_io("keep_domain <kernel> \\*", 0);
157 try_io("keep_domain /ssh", 1);
158 try_io("keep_domain /ssh /foo", 0);
159 try_io("keep_domain /foo from <kernel>", 1);
160 try_io("keep_domain /foo from <kernel> /sbin/init", 1);
161 try_io("keep_domain from <kernel> /sbin/init", 0);
162 try_io("keep_domain \\* from <kernel> /sbin/init", 0);
163 try_io("no_keep_domain <kernel>", 1);
164 try_io("no_keep_domain <kernel> /sbin/init", 1);
165 try_io("no_keep_domain <kernel> foo", 0);
166 try_io("no_keep_domain <kernel> \\*", 0);
167 try_io("no_keep_domain /ssh", 1);
168 try_io("no_keep_domain /ssh /foo", 0);
169 try_io("no_keep_domain /foo from <kernel>", 1);
170 try_io("no_keep_domain /foo from <kernel> /sbin/init", 1);
171 try_io("no_keep_domain from <kernel> /sbin/init", 0);
172 try_io("no_keep_domain \\* from <kernel> /sbin/init", 0);
173 try_io("initialize_domain /foo", 1);
174 try_io("initialize_domain /\\*", 1);
175 try_io("initialize_domain /foo /bar", 0);
176 try_io("initialize_domain /foo from /bar", 1);
177 try_io("initialize_domain /foo from <kernel> /bar", 1);
178 try_io("initialize_domain /\\* from <kernel>", 1);
179 try_io("initialize_domain /foo from <kernel> \\*", 0);
180 try_io("no_initialize_domain /foo", 1);
181 try_io("no_initialize_domain /\\*", 1);
182 try_io("no_initialize_domain /foo /bar", 0);
183 try_io("no_initialize_domain /foo from /bar", 1);
184 try_io("no_initialize_domain /foo from <kernel> /bar", 1);
185 try_io("no_initialize_domain /\\* from <kernel>", 1);
186 try_io("no_initialize_domain /foo from <kernel> \\*", 0);
187 }
188 }
189
main(int argc,char * argv[])190 int main(int argc, char *argv[])
191 {
192 tomoyo_test_init();
193 stage_policy_io_test();
194 return 0;
195 }
196